| src/main/java/com/ruoyi/common/utils/bean/BeanValidators.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 | |
| src/main/java/com/ruoyi/common/xss/Xss.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 | |
| src/main/java/com/ruoyi/common/xss/XssValidator.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 | |
| src/main/java/com/ruoyi/project/system/domain/SysNotice.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 | |
| src/main/java/com/ruoyi/project/system/domain/SysUser.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 | |
| src/main/java/com/ruoyi/project/system/service/impl/SysUserServiceImpl.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 |
src/main/java/com/ruoyi/common/utils/bean/BeanValidators.java
¶Ô±ÈÐÂÎļþ @@ -0,0 +1,24 @@ package com.ruoyi.common.utils.bean; import java.util.Set; import javax.validation.ConstraintViolation; import javax.validation.ConstraintViolationException; import javax.validation.Validator; /** * bean对象å±æ§éªè¯ * * @author ruoyi */ public class BeanValidators { public static void validateWithException(Validator validator, Object object, Class<?>... groups) throws ConstraintViolationException { Set<ConstraintViolation<Object>> constraintViolations = validator.validate(object, groups); if (!constraintViolations.isEmpty()) { throw new ConstraintViolationException(constraintViolations); } } } src/main/java/com/ruoyi/common/xss/Xss.java
¶Ô±ÈÐÂÎļþ @@ -0,0 +1,27 @@ package com.ruoyi.common.xss; import javax.validation.Constraint; import javax.validation.Payload; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** * èªå®ä¹xssæ ¡éªæ³¨è§£ * * @author ruoyi */ @Retention(RetentionPolicy.RUNTIME) @Target(value = { ElementType.METHOD, ElementType.FIELD, ElementType.CONSTRUCTOR, ElementType.PARAMETER }) @Constraint(validatedBy = { XssValidator.class }) public @interface Xss { String message() default "ä¸å 许任ä½èæ¬è¿è¡"; Class<?>[] groups() default {}; Class<? extends Payload>[] payload() default {}; } src/main/java/com/ruoyi/common/xss/XssValidator.java
¶Ô±ÈÐÂÎļþ @@ -0,0 +1,29 @@ package com.ruoyi.common.xss; import javax.validation.ConstraintValidator; import javax.validation.ConstraintValidatorContext; import java.util.regex.Matcher; import java.util.regex.Pattern; /** * èªå®ä¹xssæ ¡éªæ³¨è§£å®ç° * * @author ruoyi */ public class XssValidator implements ConstraintValidator<Xss, String> { private final String HTML_PATTERN = "<(\\S*?)[^>]*>.*?|<.*? />"; @Override public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext) { return !containsHtml(value); } public boolean containsHtml(String value) { Pattern pattern = Pattern.compile(HTML_PATTERN); Matcher matcher = pattern.matcher(value); return matcher.matches(); } } src/main/java/com/ruoyi/project/system/domain/SysNotice.java
@@ -4,6 +4,7 @@ import javax.validation.constraints.Size; import org.apache.commons.lang3.builder.ToStringBuilder; import org.apache.commons.lang3.builder.ToStringStyle; import com.ruoyi.common.xss.Xss; import com.ruoyi.framework.web.domain.BaseEntity; /** @@ -45,6 +46,7 @@ this.noticeTitle = noticeTitle; } @Xss(message = "å ¬åæ é¢ä¸è½å å«èæ¬å符") @NotBlank(message = "å ¬åæ é¢ä¸è½ä¸ºç©º") @Size(min = 0, max = 50, message = "å ¬åæ é¢ä¸è½è¶ è¿50个å符") public String getNoticeTitle() src/main/java/com/ruoyi/project/system/domain/SysUser.java
@@ -2,13 +2,12 @@ import java.util.Date; import java.util.List; import javax.validation.constraints.Email; import javax.validation.constraints.NotBlank; import javax.validation.constraints.Size; import javax.validation.constraints.*; import org.apache.commons.lang3.builder.ToStringBuilder; import org.apache.commons.lang3.builder.ToStringStyle; import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonProperty; import com.ruoyi.common.xss.Xss; import com.ruoyi.framework.aspectj.lang.annotation.Excel; import com.ruoyi.framework.aspectj.lang.annotation.Excel.ColumnType; import com.ruoyi.framework.aspectj.lang.annotation.Excel.Type; @@ -132,6 +131,7 @@ this.deptId = deptId; } @Xss(message = "ç¨æ·æµç§°ä¸è½å å«èæ¬å符") @Size(min = 0, max = 30, message = "ç¨æ·æµç§°é¿åº¦ä¸è½è¶ è¿30个å符") public String getNickName() { @@ -143,6 +143,7 @@ this.nickName = nickName; } @Xss(message = "ç¨æ·è´¦å·ä¸è½å å«èæ¬å符") @NotBlank(message = "ç¨æ·è´¦å·ä¸è½ä¸ºç©º") @Size(min = 0, max = 30, message = "ç¨æ·è´¦å·é¿åº¦ä¸è½è¶ è¿30个å符") public String getUserName() src/main/java/com/ruoyi/project/system/service/impl/SysUserServiceImpl.java
@@ -3,6 +3,7 @@ import java.util.ArrayList; import java.util.List; import java.util.stream.Collectors; import javax.validation.Validator; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -13,6 +14,7 @@ import com.ruoyi.common.exception.ServiceException; import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.bean.BeanValidators; import com.ruoyi.common.utils.spring.SpringUtils; import com.ruoyi.framework.aspectj.lang.annotation.DataScope; import com.ruoyi.project.system.domain.SysPost; @@ -55,6 +57,9 @@ @Autowired private ISysConfigService configService; @Autowired protected Validator validator; /** * æ ¹æ®æ¡ä»¶å页æ¥è¯¢ç¨æ·å表 @@ -513,6 +518,7 @@ SysUser u = userMapper.selectUserByUserName(user.getUserName()); if (StringUtils.isNull(u)) { BeanValidators.validateWithException(validator, user); user.setPassword(SecurityUtils.encryptPassword(password)); user.setCreateBy(operName); this.insertUser(user); @@ -521,6 +527,7 @@ } else if (isUpdateSupport) { BeanValidators.validateWithException(validator, user); user.setUpdateBy(operName); this.updateUser(user); successNum++;
