From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/InjectionMetaObjectHandler.java | 68 ++++++++++++++++++++++------------
1 files changed, 44 insertions(+), 24 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/InjectionMetaObjectHandler.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/InjectionMetaObjectHandler.java
index a66908f..7d44d26 100644
--- a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/InjectionMetaObjectHandler.java
+++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/InjectionMetaObjectHandler.java
@@ -3,12 +3,12 @@
import cn.hutool.core.util.ObjectUtil;
import cn.hutool.http.HttpStatus;
import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.ibatis.reflection.MetaObject;
import org.dromara.common.core.domain.model.LoginUser;
import org.dromara.common.core.exception.ServiceException;
import org.dromara.common.mybatis.core.domain.BaseEntity;
import org.dromara.common.satoken.utils.LoginHelper;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.ibatis.reflection.MetaObject;
import java.util.Date;
@@ -21,45 +21,37 @@
@Slf4j
public class InjectionMetaObjectHandler implements MetaObjectHandler {
+ /**
+ * 鎻掑叆濉厖鏂规硶锛岀敤浜庡湪鎻掑叆鏁版嵁鏃惰嚜鍔ㄥ~鍏呭疄浣撳璞′腑鐨勫垱寤烘椂闂淬�佹洿鏂版椂闂淬�佸垱寤轰汉銆佹洿鏂颁汉绛変俊鎭�
+ *
+ * @param metaObject 鍏冨璞★紝鐢ㄤ簬鑾峰彇鍘熷瀵硅薄骞惰繘琛屽~鍏�
+ */
@Override
public void insertFill(MetaObject metaObject) {
try {
if (ObjectUtil.isNotNull(metaObject) && metaObject.getOriginalObject() instanceof BaseEntity baseEntity) {
+ // 鑾峰彇褰撳墠鏃堕棿浣滀负鍒涘缓鏃堕棿鍜屾洿鏂版椂闂达紝濡傛灉鍒涘缓鏃堕棿涓嶄负绌猴紝鍒欎娇鐢ㄥ垱寤烘椂闂达紝鍚﹀垯浣跨敤褰撳墠鏃堕棿
Date current = ObjectUtil.isNotNull(baseEntity.getCreateTime())
? baseEntity.getCreateTime() : new Date();
baseEntity.setCreateTime(current);
baseEntity.setUpdateTime(current);
+
+ // 濡傛灉鍒涘缓浜轰负绌猴紝鍒欏~鍏呭綋鍓嶇櫥褰曠敤鎴风殑淇℃伅
if (ObjectUtil.isNull(baseEntity.getCreateBy())) {
LoginUser loginUser = getLoginUser();
if (ObjectUtil.isNotNull(loginUser)) {
Long userId = loginUser.getUserId();
- // 褰撳墠宸茬櫥褰� 涓� 鍒涘缓浜轰负绌� 鍒欏~鍏�
+ // 濉厖鍒涘缓浜恒�佹洿鏂颁汉鍜屽垱寤洪儴闂ㄤ俊鎭�
baseEntity.setCreateBy(userId);
- // 褰撳墠宸茬櫥褰� 涓� 鏇存柊浜轰负绌� 鍒欏~鍏�
baseEntity.setUpdateBy(userId);
baseEntity.setCreateDept(ObjectUtil.isNotNull(baseEntity.getCreateDept())
? baseEntity.getCreateDept() : loginUser.getDeptId());
}
}
- }
- } catch (Exception e) {
- throw new ServiceException("鑷姩娉ㄥ叆寮傚父 => " + e.getMessage(), HttpStatus.HTTP_UNAUTHORIZED);
- }
- }
-
- @Override
- public void updateFill(MetaObject metaObject) {
- try {
- if (ObjectUtil.isNotNull(metaObject) && metaObject.getOriginalObject() instanceof BaseEntity baseEntity) {
- Date current = new Date();
- // 鏇存柊鏃堕棿濉厖(涓嶇涓轰笉涓虹┖)
- baseEntity.setUpdateTime(current);
- // 褰撳墠宸茬櫥褰� 鏇存柊浜哄~鍏�(涓嶇涓轰笉涓虹┖)
- Long userId = LoginHelper.getUserId();
- if (ObjectUtil.isNotNull(userId)) {
- baseEntity.setUpdateBy(userId);
- }
-
+ } else {
+ Date date = new Date();
+ this.strictInsertFill(metaObject, "createTime", Date.class, date);
+ this.strictInsertFill(metaObject, "updateTime", Date.class, date);
}
} catch (Exception e) {
throw new ServiceException("鑷姩娉ㄥ叆寮傚父 => " + e.getMessage(), HttpStatus.HTTP_UNAUTHORIZED);
@@ -67,7 +59,35 @@
}
/**
- * 鑾峰彇鐧诲綍鐢ㄦ埛鍚�
+ * 鏇存柊濉厖鏂规硶锛岀敤浜庡湪鏇存柊鏁版嵁鏃惰嚜鍔ㄥ~鍏呭疄浣撳璞′腑鐨勬洿鏂版椂闂村拰鏇存柊浜轰俊鎭�
+ *
+ * @param metaObject 鍏冨璞★紝鐢ㄤ簬鑾峰彇鍘熷瀵硅薄骞惰繘琛屽~鍏�
+ */
+ @Override
+ public void updateFill(MetaObject metaObject) {
+ try {
+ if (ObjectUtil.isNotNull(metaObject) && metaObject.getOriginalObject() instanceof BaseEntity baseEntity) {
+ // 鑾峰彇褰撳墠鏃堕棿浣滀负鏇存柊鏃堕棿锛屾棤璁哄師濮嬪璞′腑鐨勬洿鏂版椂闂存槸鍚︿负绌洪兘濉厖
+ Date current = new Date();
+ baseEntity.setUpdateTime(current);
+
+ // 鑾峰彇褰撳墠鐧诲綍鐢ㄦ埛鐨処D锛屽苟濉厖鏇存柊浜轰俊鎭�
+ Long userId = LoginHelper.getUserId();
+ if (ObjectUtil.isNotNull(userId)) {
+ baseEntity.setUpdateBy(userId);
+ }
+ } else {
+ this.strictUpdateFill(metaObject, "updateTime", Date.class, new Date());
+ }
+ } catch (Exception e) {
+ throw new ServiceException("鑷姩娉ㄥ叆寮傚父 => " + e.getMessage(), HttpStatus.HTTP_UNAUTHORIZED);
+ }
+ }
+
+ /**
+ * 鑾峰彇褰撳墠鐧诲綍鐢ㄦ埛淇℃伅
+ *
+ * @return 褰撳墠鐧诲綍鐢ㄦ埛鐨勪俊鎭紝濡傛灉鐢ㄦ埛鏈櫥褰曞垯杩斿洖 null
*/
private LoginUser getLoginUser() {
LoginUser loginUser;
--
Gitblit v1.9.3