From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-modules/ruoyi-workflow/src/main/java/org/dromara/workflow/service/impl/ActModelServiceImpl.java | 145 +++++++++++++++++++++++++++++++++++++----------
1 files changed, 113 insertions(+), 32 deletions(-)
diff --git a/ruoyi-modules/ruoyi-workflow/src/main/java/org/dromara/workflow/service/impl/ActModelServiceImpl.java b/ruoyi-modules/ruoyi-workflow/src/main/java/org/dromara/workflow/service/impl/ActModelServiceImpl.java
index 62a4a09..217538e 100644
--- a/ruoyi-modules/ruoyi-workflow/src/main/java/org/dromara/workflow/service/impl/ActModelServiceImpl.java
+++ b/ruoyi-modules/ruoyi-workflow/src/main/java/org/dromara/workflow/service/impl/ActModelServiceImpl.java
@@ -7,30 +7,39 @@
import cn.hutool.core.util.StrUtil;
import cn.hutool.core.util.ZipUtil;
import cn.hutool.json.JSONUtil;
+import com.alibaba.excel.util.StringUtils;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
import org.apache.batik.transcoder.TranscoderInput;
import org.apache.batik.transcoder.TranscoderOutput;
import org.apache.batik.transcoder.image.PNGTranscoder;
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang3.StringUtils;
import org.dromara.common.core.exception.ServiceException;
import org.dromara.common.mybatis.core.page.PageQuery;
import org.dromara.common.mybatis.core.page.TableDataInfo;
import org.dromara.common.tenant.helper.TenantHelper;
import org.dromara.workflow.common.constant.FlowConstant;
+import org.dromara.workflow.domain.WfNodeConfig;
import org.dromara.workflow.domain.bo.ModelBo;
-import org.dromara.workflow.domain.bo.WfFormDefinitionBo;
+import org.dromara.workflow.domain.bo.WfDefinitionConfigBo;
import org.dromara.workflow.domain.vo.ModelVo;
-import org.dromara.workflow.domain.vo.WfFormDefinitionVo;
+import org.dromara.workflow.domain.vo.WfDefinitionConfigVo;
import org.dromara.workflow.service.IActModelService;
-import org.dromara.workflow.service.IWfFormDefinitionService;
+import org.dromara.workflow.service.IWfDefinitionConfigService;
+import org.dromara.workflow.service.IWfNodeConfigService;
import org.dromara.workflow.utils.ModelUtils;
import org.dromara.workflow.utils.QueryUtils;
+import org.flowable.bpmn.converter.BpmnXMLConverter;
import org.flowable.bpmn.model.BpmnModel;
+import org.flowable.bpmn.model.Process;
+import org.flowable.bpmn.model.UserTask;
import org.flowable.engine.RepositoryService;
-import org.flowable.engine.repository.*;
+import org.flowable.engine.repository.Deployment;
+import org.flowable.engine.repository.Model;
+import org.flowable.engine.repository.ModelQuery;
+import org.flowable.engine.repository.ProcessDefinition;
import org.flowable.validation.ValidationError;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@@ -40,6 +49,8 @@
import java.io.InputStream;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
import java.util.zip.ZipEntry;
@@ -50,12 +61,15 @@
*
* @author may
*/
+@Slf4j
@RequiredArgsConstructor
@Service
public class ActModelServiceImpl implements IActModelService {
- private final RepositoryService repositoryService;
- private final IWfFormDefinitionService iWfFormDefinitionService;
+ @Autowired(required = false)
+ private RepositoryService repositoryService;
+ private final IWfNodeConfigService wfNodeConfigService;
+ private final IWfDefinitionConfigService wfDefinitionConfigService;
/**
* 鍒嗛〉鏌ヨ妯″瀷
@@ -66,13 +80,13 @@
@Override
public TableDataInfo<Model> page(ModelBo modelBo, PageQuery pageQuery) {
ModelQuery query = QueryUtils.modelQuery();
- if (StringUtils.isNotEmpty(modelBo.getName())) {
+ if (StringUtils.isNotBlank(modelBo.getName())) {
query.modelNameLike("%" + modelBo.getName() + "%");
}
- if (StringUtils.isNotEmpty(modelBo.getKey())) {
+ if (StringUtils.isNotBlank(modelBo.getKey())) {
query.modelKey(modelBo.getKey());
}
- if (StringUtils.isNotEmpty(modelBo.getCategoryCode())) {
+ if (StringUtils.isNotBlank(modelBo.getCategoryCode())) {
query.modelCategory(modelBo.getCategoryCode());
}
query.orderByLastUpdateTime().desc();
@@ -82,7 +96,10 @@
List<Model> modelList = query.listPage(pageQuery.getFirstNum(), pageQuery.getPageSize());
// 鎬昏褰曟暟
long total = query.count();
- return new TableDataInfo<>(modelList, total);
+ TableDataInfo<Model> build = TableDataInfo.build();
+ build.setRows(modelList);
+ build.setTotal(total);
+ return build;
}
/**
@@ -118,7 +135,7 @@
repositoryService.addModelEditorSource(model.getId(), StrUtil.utf8Bytes(xml));
return true;
} catch (Exception e) {
- e.printStackTrace();
+ log.error(e.getMessage(), e);
throw new ServiceException(e.getMessage());
}
}
@@ -144,6 +161,7 @@
modelVo.setDescription(model.getMetaInfo());
return modelVo;
} catch (Exception e) {
+ log.error(e.getMessage(), e);
throw new ServiceException(e.getMessage());
}
}
@@ -168,6 +186,7 @@
model.setMetaInfo(modelBo.getDescription());
repositoryService.saveModel(model);
} catch (Exception e) {
+ log.error(e.getMessage(), e);
throw new ServiceException(e.getMessage());
}
return true;
@@ -217,7 +236,7 @@
repositoryService.addModelEditorSourceExtra(model.getId(), result);
return true;
} catch (Exception e) {
- e.printStackTrace();
+ log.error(e.getMessage(), e);
throw new ServiceException(e.getMessage());
}
}
@@ -237,7 +256,7 @@
if (ArrayUtil.isEmpty(xmlBytes)) {
throw new ServiceException("妯″瀷鏁版嵁涓虹┖锛岃鍏堣璁℃祦绋嬪畾涔夋ā鍨嬶紝鍐嶈繘琛岄儴缃诧紒");
}
- if (JSONUtil.isTypeJSON(IOUtils.toString(xmlBytes, StandardCharsets.UTF_8.toString()))) {
+ if (JSONUtil.isTypeJSON(new String(xmlBytes, StandardCharsets.UTF_8))) {
byte[] bytes = ModelUtils.bpmnJsonToXmlBytes(xmlBytes);
if (ArrayUtil.isEmpty(bytes)) {
throw new ServiceException("妯″瀷涓嶈兘涓虹┖锛岃鑷冲皯璁捐涓�鏉′富绾挎祦绋嬶紒");
@@ -276,20 +295,43 @@
// 鏇存柊鍒嗙被
ProcessDefinition definition = QueryUtils.definitionQuery().deploymentId(deployment.getId()).singleResult();
repositoryService.setProcessDefinitionCategory(definition.getId(), model.getCategory());
+ //鏇存柊娴佺▼瀹氫箟閰嶇疆
if (processDefinition != null) {
- WfFormDefinitionVo definitionVo = iWfFormDefinitionService.getByDefId(processDefinition.getId());
+ WfDefinitionConfigVo definitionVo = wfDefinitionConfigService.getByDefId(processDefinition.getId());
if (definitionVo != null) {
- WfFormDefinitionBo wfFormDefinition = new WfFormDefinitionBo();
+ wfDefinitionConfigService.deleteByDefIds(Collections.singletonList(processDefinition.getId()));
+ WfDefinitionConfigBo wfFormDefinition = new WfDefinitionConfigBo();
wfFormDefinition.setDefinitionId(definition.getId());
wfFormDefinition.setProcessKey(definition.getKey());
- wfFormDefinition.setPath(definitionVo.getPath());
+ wfFormDefinition.setTableName(definitionVo.getTableName());
+ wfFormDefinition.setVersion(definition.getVersion());
wfFormDefinition.setRemark(definitionVo.getRemark());
- iWfFormDefinitionService.saveOrUpdate(wfFormDefinition);
+ wfDefinitionConfigService.saveOrUpdate(wfFormDefinition);
}
+ }
+ //鏇存柊娴佺▼鑺傜偣閰嶇疆琛ㄥ崟
+ List<UserTask> userTasks = ModelUtils.getUserTaskFlowElements(definition.getId());
+ UserTask applyUserTask = ModelUtils.getApplyUserTask(definition.getId());
+ List<WfNodeConfig> wfNodeConfigList = new ArrayList<>();
+ for (UserTask userTask : userTasks) {
+ if (StringUtils.isNotBlank(userTask.getFormKey()) && userTask.getFormKey().contains(StrUtil.COLON)) {
+ WfNodeConfig wfNodeConfig = new WfNodeConfig();
+ wfNodeConfig.setNodeId(userTask.getId());
+ wfNodeConfig.setNodeName(userTask.getName());
+ wfNodeConfig.setDefinitionId(definition.getId());
+ String[] split = userTask.getFormKey().split(StrUtil.COLON);
+ wfNodeConfig.setFormType(split[0]);
+ wfNodeConfig.setFormId(Long.valueOf(split[1]));
+ wfNodeConfig.setApplyUserTask(applyUserTask.getId().equals(userTask.getId()) ? FlowConstant.TRUE : FlowConstant.FALSE);
+ wfNodeConfigList.add(wfNodeConfig);
+ }
+ }
+ if (CollUtil.isNotEmpty(wfNodeConfigList)) {
+ wfNodeConfigService.saveOrUpdate(wfNodeConfigList);
}
return true;
} catch (Exception e) {
- e.printStackTrace();
+ log.error(e.getMessage(), e);
throw new ServiceException(e.getMessage());
}
}
@@ -302,9 +344,7 @@
*/
@Override
public void exportZip(List<String> modelIds, HttpServletResponse response) {
- ZipOutputStream zos = null;
- try {
- zos = ZipUtil.getZipOutputStream(response.getOutputStream(), StandardCharsets.UTF_8);
+ try (ZipOutputStream zos = ZipUtil.getZipOutputStream(response.getOutputStream(), StandardCharsets.UTF_8)) {
// 鍘嬬缉鍖呮枃浠跺悕
String zipName = "妯″瀷涓嶅瓨鍦�";
// 鏌ヨ妯″瀷鍩烘湰淇℃伅
@@ -312,7 +352,7 @@
Model model = repositoryService.getModel(modelId);
byte[] xmlBytes = repositoryService.getModelEditorSource(modelId);
if (ObjectUtil.isNotNull(model)) {
- if (JSONUtil.isTypeJSON(IOUtils.toString(xmlBytes, StandardCharsets.UTF_8.toString())) && ArrayUtil.isEmpty(ModelUtils.bpmnJsonToXmlBytes(xmlBytes))) {
+ if (JSONUtil.isTypeJSON(new String(xmlBytes, StandardCharsets.UTF_8)) && ArrayUtil.isEmpty(ModelUtils.bpmnJsonToXmlBytes(xmlBytes))) {
zipName = "妯″瀷涓嶈兘涓虹┖锛岃鑷冲皯璁捐涓�鏉′富绾挎祦绋嬶紒";
zos.putNextEntry(new ZipEntry(zipName + ".txt"));
zos.write(zipName.getBytes(StandardCharsets.UTF_8));
@@ -332,19 +372,60 @@
}
response.setHeader("Content-Disposition",
"attachment; filename=" + URLEncoder.encode(zipName, StandardCharsets.UTF_8) + ".zip");
+ response.addHeader("Access-Control-Expose-Headers", "Content-Disposition");
// 鍒峰嚭鍝嶅簲娴�
response.flushBuffer();
} catch (IOException e) {
- e.printStackTrace();
- } finally {
- if (zos != null) {
- try {
- zos.closeEntry();
- zos.close();
- } catch (IOException e) {
- e.printStackTrace();
+ log.error(e.getMessage(), e);
+ }
+ }
+
+ /**
+ * 澶嶅埗妯″瀷
+ *
+ * @param modelBo 妯″瀷鏁版嵁
+ * @return 缁撴灉
+ */
+ @Override
+ @Transactional(rollbackFor = Exception.class)
+ public boolean copyModel(ModelBo modelBo) {
+ try {
+ String key = modelBo.getKey();
+ if (StringUtils.isNotBlank(key)) {
+ // 鏌ヨ妯″瀷
+ Model model = repositoryService.createModelQuery().modelId(modelBo.getId()).singleResult();
+ if (ObjectUtil.isNotNull(model)) {
+ byte[] modelEditorSource = repositoryService.getModelEditorSource(model.getId());
+ List<Model> list = QueryUtils.modelQuery().modelKey(key).list();
+ if (CollUtil.isNotEmpty(list)) {
+ throw new ServiceException("妯″瀷KEY宸插瓨鍦紒");
+ }
+ // 鏍¢獙key鍛藉悕瑙勮寖
+ if (!Validator.isMatchRegex(FlowConstant.MODEL_KEY_PATTERN, key)) {
+ throw new ServiceException("妯″瀷鏍囪瘑KEY鍙兘瀛楃鎴栬�呬笅鍒掔嚎寮�澶达紒");
+ }
+ // 澶嶅埗妯″瀷鏁版嵁
+ Model newModel = repositoryService.newModel();
+ newModel.setKey(modelBo.getKey());
+ newModel.setName(modelBo.getName());
+ newModel.setCategory(modelBo.getCategoryCode());
+ newModel.setVersion(1);
+ newModel.setMetaInfo(modelBo.getDescription());
+ newModel.setTenantId(TenantHelper.getTenantId());
+ String xml = StrUtil.utf8Str(modelEditorSource);
+ BpmnModel bpmnModel = ModelUtils.xmlToBpmnModel(xml);
+ Process mainProcess = bpmnModel.getMainProcess();
+ mainProcess.setId(modelBo.getKey());
+ mainProcess.setName(modelBo.getName());
+ byte[] xmlBytes = new BpmnXMLConverter().convertToXML(bpmnModel);
+ repositoryService.saveModel(newModel);
+ repositoryService.addModelEditorSource(newModel.getId(), xmlBytes);
}
}
+ } catch (Exception e) {
+ log.error(e.getMessage(), e);
+ throw new ServiceException(e.getMessage());
}
+ return true;
}
}
--
Gitblit v1.9.3