From 8007b22b8569dc8036df95adb58f6ca53c8eb04c Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期四, 27 一月 2022 12:04:40 +0800
Subject: [PATCH] 导出Excel时屏蔽公式,防止CSV注入风险
---
ruoyi-ui/src/views/monitor/operlog/index.vue | 89 +++++++++++++++-----------------------------
1 files changed, 30 insertions(+), 59 deletions(-)
diff --git a/ruoyi-ui/src/views/monitor/operlog/index.vue b/ruoyi-ui/src/views/monitor/operlog/index.vue
index 783908b..9b8b785 100644
--- a/ruoyi-ui/src/views/monitor/operlog/index.vue
+++ b/ruoyi-ui/src/views/monitor/operlog/index.vue
@@ -6,8 +6,8 @@
v-model="queryParams.title"
placeholder="璇疯緭鍏ョ郴缁熸ā鍧�"
clearable
- style="width: 240px;"
size="small"
+ style="width: 240px;"
@keyup.enter.native="handleQuery"
/>
</el-form-item>
@@ -16,8 +16,8 @@
v-model="queryParams.operName"
placeholder="璇疯緭鍏ユ搷浣滀汉鍛�"
clearable
- style="width: 240px;"
size="small"
+ style="width: 240px;"
@keyup.enter.native="handleQuery"
/>
</el-form-item>
@@ -30,10 +30,10 @@
style="width: 240px"
>
<el-option
- v-for="dict in typeOptions"
- :key="dict.dictValue"
- :label="dict.dictLabel"
- :value="dict.dictValue"
+ v-for="dict in dict.type.sys_oper_type"
+ :key="dict.value"
+ :label="dict.label"
+ :value="dict.value"
/>
</el-select>
</el-form-item>
@@ -46,10 +46,10 @@
style="width: 240px"
>
<el-option
- v-for="dict in statusOptions"
- :key="dict.dictValue"
- :label="dict.dictLabel"
- :value="dict.dictValue"
+ v-for="dict in dict.type.sys_common_status"
+ :key="dict.value"
+ :label="dict.label"
+ :value="dict.value"
/>
</el-select>
</el-form-item>
@@ -99,7 +99,6 @@
plain
icon="el-icon-download"
size="mini"
- :loading="exportLoading"
@click="handleExport"
v-hasPermi="['monitor:operlog:export']"
>瀵煎嚭</el-button>
@@ -113,7 +112,7 @@
<el-table-column label="绯荤粺妯″潡" align="center" prop="title" />
<el-table-column label="鎿嶄綔绫诲瀷" align="center" prop="businessType">
<template slot-scope="scope">
- <dict-tag :options="typeOptions" :value="scope.row.businessType"/>
+ <dict-tag :options="dict.type.sys_oper_type" :value="scope.row.businessType"/>
</template>
</el-table-column>
<el-table-column label="璇锋眰鏂瑰紡" align="center" prop="requestMethod" />
@@ -122,7 +121,7 @@
<el-table-column label="鎿嶄綔鍦扮偣" align="center" prop="operLocation" :show-overflow-tooltip="true" />
<el-table-column label="鎿嶄綔鐘舵��" align="center" prop="status">
<template slot-scope="scope">
- <dict-tag :options="statusOptions" :value="scope.row.status"/>
+ <dict-tag :options="dict.type.sys_common_status" :value="scope.row.status"/>
</template>
</el-table-column>
<el-table-column label="鎿嶄綔鏃ユ湡" align="center" prop="operTime" sortable="custom" :sort-orders="['descending', 'ascending']" width="180">
@@ -196,16 +195,15 @@
</template>
<script>
-import { list, delOperlog, cleanOperlog, exportOperlog } from "@/api/monitor/operlog";
+import { list, delOperlog, cleanOperlog } from "@/api/monitor/operlog";
export default {
name: "Operlog",
+ dicts: ['sys_oper_type', 'sys_common_status'],
data() {
return {
// 閬僵灞�
loading: true,
- // 瀵煎嚭閬僵灞�
- exportLoading: false,
// 閫変腑鏁扮粍
ids: [],
// 闈炲涓鐢�
@@ -218,10 +216,6 @@
list: [],
// 鏄惁鏄剧ず寮瑰嚭灞�
open: false,
- // 绫诲瀷鏁版嵁瀛楀吀
- typeOptions: [],
- // 绫诲瀷鏁版嵁瀛楀吀
- statusOptions: [],
// 鏃ユ湡鑼冨洿
dateRange: [],
// 榛樿鎺掑簭
@@ -241,12 +235,6 @@
},
created() {
this.getList();
- this.getDicts("sys_oper_type").then(response => {
- this.typeOptions = response.data;
- });
- this.getDicts("sys_common_status").then(response => {
- this.statusOptions = response.data;
- });
},
methods: {
/** 鏌ヨ鐧诲綍鏃ュ織 */
@@ -261,7 +249,7 @@
},
// 鎿嶄綔鏃ュ織绫诲瀷瀛楀吀缈昏瘧
typeFormat(row, column) {
- return this.selectDictLabel(this.typeOptions, row.businessType);
+ return this.selectDictLabel(this.dict.type.sys_oper_type, row.businessType);
},
/** 鎼滅储鎸夐挳鎿嶄綔 */
handleQuery() {
@@ -294,44 +282,27 @@
/** 鍒犻櫎鎸夐挳鎿嶄綔 */
handleDelete(row) {
const operIds = row.operId || this.ids;
- this.$confirm('鏄惁纭鍒犻櫎鏃ュ織缂栧彿涓�"' + operIds + '"鐨勬暟鎹」?', "璀﹀憡", {
- confirmButtonText: "纭畾",
- cancelButtonText: "鍙栨秷",
- type: "warning"
- }).then(function() {
- return delOperlog(operIds);
- }).then(() => {
- this.getList();
- this.msgSuccess("鍒犻櫎鎴愬姛");
- }).catch(() => {});
+ this.$modal.confirm('鏄惁纭鍒犻櫎鏃ュ織缂栧彿涓�"' + operIds + '"鐨勬暟鎹」锛�').then(function() {
+ return delOperlog(operIds);
+ }).then(() => {
+ this.getList();
+ this.$modal.msgSuccess("鍒犻櫎鎴愬姛");
+ }).catch(() => {});
},
/** 娓呯┖鎸夐挳鎿嶄綔 */
handleClean() {
- this.$confirm('鏄惁纭娓呯┖鎵�鏈夋搷浣滄棩蹇楁暟鎹」?', "璀﹀憡", {
- confirmButtonText: "纭畾",
- cancelButtonText: "鍙栨秷",
- type: "warning"
- }).then(function() {
- return cleanOperlog();
- }).then(() => {
- this.getList();
- this.msgSuccess("娓呯┖鎴愬姛");
- }).catch(() => {});
+ this.$modal.confirm('鏄惁纭娓呯┖鎵�鏈夋搷浣滄棩蹇楁暟鎹」锛�').then(function() {
+ return cleanOperlog();
+ }).then(() => {
+ this.getList();
+ this.$modal.msgSuccess("娓呯┖鎴愬姛");
+ }).catch(() => {});
},
/** 瀵煎嚭鎸夐挳鎿嶄綔 */
handleExport() {
- const queryParams = this.queryParams;
- this.$confirm('鏄惁纭瀵煎嚭鎵�鏈夋搷浣滄棩蹇楁暟鎹」?', "璀﹀憡", {
- confirmButtonText: "纭畾",
- cancelButtonText: "鍙栨秷",
- type: "warning"
- }).then(() => {
- this.exportLoading = true;
- return exportOperlog(queryParams);
- }).then(response => {
- this.download(response.msg);
- this.exportLoading = false;
- }).catch(() => {});
+ this.download('monitor/operlog/export', {
+ ...this.queryParams
+ }, `operlog_${new Date().getTime()}.xlsx`)
}
}
};
--
Gitblit v1.9.3