diff --git a/src/main/java/com/huoran/iasf/common/exception/code/BaseResponseCode.java b/src/main/java/com/huoran/iasf/common/exception/code/BaseResponseCode.java index 0e22f2f..eb21fe8 100644 --- a/src/main/java/com/huoran/iasf/common/exception/code/BaseResponseCode.java +++ b/src/main/java/com/huoran/iasf/common/exception/code/BaseResponseCode.java @@ -24,7 +24,7 @@ public enum BaseResponseCode implements ResponseCodeInterface { KEY_OR_TOMEUNIT(10009, "key or TomeUnit 不能为空!"), DICTIONARY_DATA_FAILED(10010, "获取字典数据失败"), UPLOAD_EMPTY(10011, "上传内容为空"), - UPLOAD_FAILED(10012, "文件格式上传有误"), + UPLOAD_FAILED(10012, "上传失败,上传格式不支持!"), VERIFICATION_CODE_ERROR(10007, "验证码错误!"), VERIFICATION_CODE_EXPIRED(10006, "验证码已过期!"), CANNOT_SAME(10005, "新密码不能与旧密码相同!"), diff --git a/src/main/java/com/huoran/iasf/controller/DeptController.java b/src/main/java/com/huoran/iasf/controller/DeptController.java index 2088e07..b9bde82 100644 --- a/src/main/java/com/huoran/iasf/controller/DeptController.java +++ b/src/main/java/com/huoran/iasf/controller/DeptController.java @@ -44,6 +44,9 @@ public class DeptController { //中文转码 String name = URLDecoder.decode(vo.getName(), StandardCharsets.UTF_8.toString()); vo.setName(name); + + String pidName = URLDecoder.decode(vo.getPidName(), StandardCharsets.UTF_8.toString()); + vo.setPidName(pidName); boolean ok = deptService.checkDeptRepeat(vo); if (ok) { return R.fail("同级下已存在相同的名称:" + vo.getName()); @@ -74,6 +77,9 @@ public class DeptController { //中文转码 String name = URLDecoder.decode(vo.getName(), StandardCharsets.UTF_8.toString()); vo.setName(name); + + String pidName = URLDecoder.decode(vo.getPidName(), StandardCharsets.UTF_8.toString()); + vo.setPidName(pidName); boolean ok = deptService.checkDeptRepeat(vo); if (ok) { return R.fail("同级下已存在相同的名称:" + vo.getName()); diff --git a/src/main/java/com/huoran/iasf/controller/RoleController.java b/src/main/java/com/huoran/iasf/controller/RoleController.java index d29dbac..ad1653d 100644 --- a/src/main/java/com/huoran/iasf/controller/RoleController.java +++ b/src/main/java/com/huoran/iasf/controller/RoleController.java @@ -125,9 +125,11 @@ public class RoleController { @RequiresPermissions("sys:role:list") @SuppressWarnings("unchecked") public R pageInfo(@RequestBody SysRole vo) throws UnsupportedEncodingException { - //中文转码 - String name = URLDecoder.decode(vo.getName(), StandardCharsets.UTF_8.toString()); - vo.setName(name); + if (!StringUtils.isEmpty(vo.getName())) { + //中文转码 + String name = URLDecoder.decode(vo.getName(), StandardCharsets.UTF_8.toString()); + vo.setName(name); + } LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery(); if (!StringUtils.isEmpty(vo.getName())) { queryWrapper.like(SysRole::getName, vo.getName()); diff --git a/src/main/java/com/huoran/iasf/controller/SysColumnController.java b/src/main/java/com/huoran/iasf/controller/SysColumnController.java index 00f095d..7b51fa6 100644 --- a/src/main/java/com/huoran/iasf/controller/SysColumnController.java +++ b/src/main/java/com/huoran/iasf/controller/SysColumnController.java @@ -19,6 +19,7 @@ import com.huoran.iasf.common.utils.R; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.PostMapping; @@ -30,7 +31,10 @@ import io.swagger.annotations.ApiOperation; import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; +import java.io.UnsupportedEncodingException; import java.lang.reflect.InvocationTargetException; +import java.net.URLDecoder; +import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.HashSet; import java.util.List; @@ -71,7 +75,11 @@ public class SysColumnController { @PostMapping("/listWithTree") @Decrypt @ApiOperation(value = "栏目树结构", response = SysColumn.class) - public R listWithTree(@RequestBody @Valid PaginationColumnReqVO sysColumn) { + public R listWithTree(@RequestBody @Valid PaginationColumnReqVO sysColumn) throws UnsupportedEncodingException { + if (!StringUtils.isEmpty(sysColumn.getColumnName())) { + String columnName = URLDecoder.decode(sysColumn.getColumnName(), StandardCharsets.UTF_8.toString()); + sysColumn.setColumnName(columnName); + } return R.success(service.listWithTree(sysColumn)); } diff --git a/src/main/java/com/huoran/iasf/controller/SysContentController.java b/src/main/java/com/huoran/iasf/controller/SysContentController.java index 8581d45..c4140f9 100644 --- a/src/main/java/com/huoran/iasf/controller/SysContentController.java +++ b/src/main/java/com/huoran/iasf/controller/SysContentController.java @@ -19,6 +19,7 @@ import com.huoran.iasf.vo.req.*; import com.huoran.iasf.vo.resp.PageContentRespVO; import io.swagger.annotations.*; import com.huoran.iasf.common.utils.R; +import org.apache.commons.lang.StringUtils; import org.apache.ibatis.annotations.Update; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.beans.factory.annotation.Autowired; @@ -67,7 +68,31 @@ public class SysContentController { @PostMapping("/pagingQuery") @Decrypt @ApiOperation(value = "分页查询文章列表", response = PageContentRespVO.class) - public R pagingQuery(@RequestBody @Valid @ApiParam(name = "分页查询参数", value = "传入json格式", required = true) PageContentReqVO sysContent) { + public R pagingQuery(@RequestBody @Valid @ApiParam(name = "分页查询参数", value = "传入json格式", required = true) PageContentReqVO sysContent) throws UnsupportedEncodingException { + if (!StringUtils.isEmpty(sysContent.getTitle())) { + //中文转码 + String title = URLDecoder.decode(sysContent.getTitle(), StandardCharsets.UTF_8.toString()); + sysContent.setTitle(title); + + } + if (!StringUtils.isEmpty(sysContent.getFounder())) { + //中文转码 + String founder = URLDecoder.decode(sysContent.getFounder(), StandardCharsets.UTF_8.toString()); + sysContent.setFounder(founder); + + } + if (!StringUtils.isEmpty(sysContent.getColumn())) { + //中文转码 + String column = URLDecoder.decode(sysContent.getColumn(), StandardCharsets.UTF_8.toString()); + sysContent.setColumn(column); + + } + if (!StringUtils.isEmpty(sysContent.getEditor())) { + //中文转码 + String editor = URLDecoder.decode(sysContent.getEditor(), StandardCharsets.UTF_8.toString()); + sysContent.setEditor(editor); + + } return service.articlePaginationList(sysContent); } @@ -173,8 +198,10 @@ public class SysContentController { @ApiOperation(value = "站点最新发布的文章", response = PageContentReqVO.class) public R newlyPublishedArticles(@Valid @RequestBody PageContentReqVO content) throws UnsupportedEncodingException { //中文转码 - String title = URLDecoder.decode(content.getTitle(), StandardCharsets.UTF_8.toString()); - content.setTitle(title); + if (!StringUtils.isEmpty(content.getTitle())) { + String title = URLDecoder.decode(content.getTitle(), StandardCharsets.UTF_8.toString()); + content.setTitle(title); + } return service.newlyPublishedArticles(content); } @@ -271,8 +298,11 @@ public class SysContentController { @PostMapping("/queryArticleColumnParent") + @Decrypt @ApiOperation(value = "查询文章的栏目父级", response = PageContentReqVO.class) - public R queryArticleColumnParent(@ApiParam(name = "articleId", value = "文章id", required = true) @RequestParam Integer articleId) { + public R queryArticleColumnParent( + @ApiParam(name = "articleId", value = "文章id", required = true) + @RequestBody Integer articleId) { return service.queryArticleColumnParent(articleId); } diff --git a/src/main/java/com/huoran/iasf/controller/SysFilesController.java b/src/main/java/com/huoran/iasf/controller/SysFilesController.java index 6bd2a71..5aef0b0 100644 --- a/src/main/java/com/huoran/iasf/controller/SysFilesController.java +++ b/src/main/java/com/huoran/iasf/controller/SysFilesController.java @@ -21,9 +21,9 @@ import com.huoran.iasf.vo.req.FileParameters; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; +import org.apache.commons.lang.StringUtils; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; import org.springframework.web.servlet.resource.ResourceHttpRequestHandler; @@ -33,11 +33,14 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URLDecoder; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.util.List; +import java.util.regex.Pattern; /** @@ -86,11 +89,17 @@ public class SysFilesController { uEditorResult.setState("error"); return uEditorResult; } - String[] allowedExtension = new String[]{"jpg", "png", "gif", "doc", "xls", "xlsx", "docx", "pdf", "mov","mp4","MP3"}; - fileUploadUtils.assertAllowed(file,allowedExtension); + + String pattern = ".*\\.(mp4|MP3|MP4|jpg|png|gif|doc|xls|xlsx|docx|pdf|mp3)$"; + boolean hasExtension = Pattern.matches(pattern, file.getOriginalFilename()); + if (!hasExtension){ + String[] allowedExtension = new String[]{"jpg", "png", "gif", "doc", "xls", "xlsx", "docx", "pdf", "mov","mp4","MP3"}; + fileUploadUtils.assertAllowed(file,allowedExtension); + } return sysFilesService.saveFile(file,fileParameters); } + @ApiOperation(value = "更新文件信息") @PostMapping("/update") public R update(@RequestBody FileParameters fileParameters) { @@ -128,7 +137,27 @@ public class SysFilesController { @ApiOperation(value = "查询分页数据",response = SysFilesEntity.class) @PostMapping("/listByPage") @RequiresPermissions("sysFiles:list") - public R findListByPage(@RequestBody SysFilesEntity sysFiles) { + public R findListByPage(@RequestBody SysFilesEntity sysFiles) throws UnsupportedEncodingException { + if (!StringUtils.isEmpty(sysFiles.getQuote())) { + //中文转码 + String title = URLDecoder.decode(sysFiles.getQuote(), StandardCharsets.UTF_8.toString()); + sysFiles.setQuote(title); + } + if (!StringUtils.isEmpty(sysFiles.getFileName())) { + //中文转码 + String title = URLDecoder.decode(sysFiles.getFileName(), StandardCharsets.UTF_8.toString()); + sysFiles.setFileName(title); + } + if (!StringUtils.isEmpty(sysFiles.getUploader())) { + //中文转码 + String title = URLDecoder.decode(sysFiles.getUploader(), StandardCharsets.UTF_8.toString()); + sysFiles.setUploader(title); + } + if (!StringUtils.isEmpty(sysFiles.getType())) { + //中文转码 + String title = URLDecoder.decode(sysFiles.getType(), StandardCharsets.UTF_8.toString()); + sysFiles.setType(title); + } return sysFilesService.getPage(sysFiles); /*LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery(); diff --git a/src/main/java/com/huoran/iasf/controller/UserController.java b/src/main/java/com/huoran/iasf/controller/UserController.java index 0e1f76f..753546c 100644 --- a/src/main/java/com/huoran/iasf/controller/UserController.java +++ b/src/main/java/com/huoran/iasf/controller/UserController.java @@ -39,6 +39,7 @@ import java.net.URLDecoder; import java.nio.charset.StandardCharsets; import java.util.List; import java.util.Map; +import java.util.regex.Pattern; /** * 用户管理 @@ -82,8 +83,14 @@ public class UserController { @RequiresPermissions("sys:user:update") public R updateUserInfo(@RequestBody SysUser vo) throws UnsupportedEncodingException { //中文转码 - String username = URLDecoder.decode(vo.getUsername(), StandardCharsets.UTF_8.toString()); - vo.setUsername(username); + if (!StringUtils.isEmpty(vo.getRealName())) { + String realName = URLDecoder.decode(vo.getRealName(), StandardCharsets.UTF_8.toString()); + vo.setRealName(realName); + } + if (!StringUtils.isEmpty(vo.getUsername())) { + String realName = URLDecoder.decode(vo.getUsername(), StandardCharsets.UTF_8.toString()); + vo.setUsername(realName); + } if (StringUtils.isEmpty(vo.getId())) { return R.fail("id不能为空"); @@ -254,8 +261,13 @@ public class UserController { @ApiOperation(value = "修改用户头像") @PostMapping("/updateUserAvatars") public R updateUserAvatars(MultipartFile file) throws Exception { - String[] allowedExtension = new String[]{"jpg", "png", "gif"}; - fileUploadUtils.assertAllowed(file,allowedExtension); + + String pattern = ".*\\.(jpg|png|gif)$"; + boolean hasExtension = Pattern.matches(pattern, file.getOriginalFilename()); + if (!hasExtension){ + String[] allowedExtension = new String[]{"jpg", "png", "gif"}; + fileUploadUtils.assertAllowed(file,allowedExtension); + } Integer currentUserId = httpSessionService.getCurrentUserId(); return userService.updateUserAvatars(currentUserId.toString(), file); } diff --git a/src/main/java/com/huoran/iasf/controller/UserGroupController.java b/src/main/java/com/huoran/iasf/controller/UserGroupController.java index 33a6c6a..ebf87ca 100644 --- a/src/main/java/com/huoran/iasf/controller/UserGroupController.java +++ b/src/main/java/com/huoran/iasf/controller/UserGroupController.java @@ -51,6 +51,8 @@ public class UserGroupController { //中文转码 String groupName = URLDecoder.decode(userGroup.getGroupName(), StandardCharsets.UTF_8.toString()); userGroup.setGroupName(groupName); + String description = URLDecoder.decode(userGroup.getDescription(), StandardCharsets.UTF_8.toString()); + userGroup.setDescription(description); UserGroup one = userGroupService.getOne(new QueryWrapper(). eq("group_name", userGroup.getGroupName())); if (ObjectUtil.isNotNull(one)){ @@ -82,6 +84,8 @@ public class UserGroupController { //中文转码 String groupName = URLDecoder.decode(userGroup.getGroupName(), StandardCharsets.UTF_8.toString()); userGroup.setGroupName(groupName); + String description = URLDecoder.decode(userGroup.getDescription(), StandardCharsets.UTF_8.toString()); + userGroup.setDescription(description); QueryWrapper queryWrapper = new QueryWrapper<>(); queryWrapper.eq("group_name", userGroup.getGroupName()); queryWrapper.last(" and id != " + userGroup.getId()); @@ -108,11 +112,14 @@ public class UserGroupController { @LogAnnotation(title = "用户组管理", action = "获取所有用户组机构") @RequiresPermissions("sys:userGroup:list") public R getUserGroupAll(@RequestBody UserGroup userGroup) throws UnsupportedEncodingException { - //中文转码 - String groupName = URLDecoder.decode(userGroup.getGroupName(), StandardCharsets.UTF_8.toString()); + if (!StringUtils.isEmpty(userGroup.getGroupName())) { + //中文转码 + String groupName = URLDecoder.decode(userGroup.getGroupName(), StandardCharsets.UTF_8.toString()); + userGroup.setGroupName(groupName); + } LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery(); - if (!StringUtils.isEmpty(groupName)) { - queryWrapper.like(UserGroup::getGroupName, groupName); + if (!StringUtils.isEmpty(userGroup.getGroupName())) { + queryWrapper.like(UserGroup::getGroupName, userGroup.getGroupName()); } queryWrapper.orderByDesc(UserGroup::getCreateTime); IPage iPage = userGroupService.page(userGroup.getQueryPage(),queryWrapper);