From c24cd14fd700b2846623d0c3e9683adb30c7062b Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期四, 27 五月 2021 17:55:05 +0800
Subject: [PATCH] 修复两处存在SQL注入漏洞问题
---
src/main/java/com/ruoyi/project/tool/gen/controller/GenController.java | 38 ++++++++++++++++++++++++++++++++------
1 files changed, 32 insertions(+), 6 deletions(-)
diff --git a/src/main/java/com/ruoyi/project/tool/gen/controller/GenController.java b/src/main/java/com/ruoyi/project/tool/gen/controller/GenController.java
index 179d7ff..151d93e 100644
--- a/src/main/java/com/ruoyi/project/tool/gen/controller/GenController.java
+++ b/src/main/java/com/ruoyi/project/tool/gen/controller/GenController.java
@@ -63,10 +63,12 @@
public AjaxResult getInfo(@PathVariable Long talbleId)
{
GenTable table = genTableService.selectGenTableById(talbleId);
+ List<GenTable> tables = genTableService.selectGenTableAll();
List<GenTableColumn> list = genTableColumnService.selectGenTableColumnListByTableId(talbleId);
Map<String, Object> map = new HashMap<String, Object>();
map.put("info", table);
map.put("rows", list);
+ map.put("tables", tables);
return AjaxResult.success(map);
}
@@ -99,7 +101,7 @@
/**
* 瀵煎叆琛ㄧ粨鏋勶紙淇濆瓨锛�
*/
- @PreAuthorize("@ss.hasPermi('tool:gen:list')")
+ @PreAuthorize("@ss.hasPermi('tool:gen:import')")
@Log(title = "浠g爜鐢熸垚", businessType = BusinessType.IMPORT)
@PostMapping("/importTable")
public AjaxResult importTableSave(String tables)
@@ -148,15 +150,39 @@
}
/**
- * 鐢熸垚浠g爜
+ * 鐢熸垚浠g爜锛堜笅杞芥柟寮忥級
+ */
+ @PreAuthorize("@ss.hasPermi('tool:gen:code')")
+ @Log(title = "浠g爜鐢熸垚", businessType = BusinessType.GENCODE)
+ @GetMapping("/download/{tableName}")
+ public void download(HttpServletResponse response, @PathVariable("tableName") String tableName) throws IOException
+ {
+ byte[] data = genTableService.downloadCode(tableName);
+ genCode(response, data);
+ }
+
+ /**
+ * 鐢熸垚浠g爜锛堣嚜瀹氫箟璺緞锛�
*/
@PreAuthorize("@ss.hasPermi('tool:gen:code')")
@Log(title = "浠g爜鐢熸垚", businessType = BusinessType.GENCODE)
@GetMapping("/genCode/{tableName}")
- public void genCode(HttpServletResponse response, @PathVariable("tableName") String tableName) throws IOException
+ public AjaxResult genCode(@PathVariable("tableName") String tableName)
{
- byte[] data = genTableService.generatorCode(tableName);
- genCode(response, data);
+ genTableService.generatorCode(tableName);
+ return AjaxResult.success();
+ }
+
+ /**
+ * 鍚屾鏁版嵁搴�
+ */
+ @PreAuthorize("@ss.hasPermi('tool:gen:edit')")
+ @Log(title = "浠g爜鐢熸垚", businessType = BusinessType.UPDATE)
+ @GetMapping("/synchDb/{tableName}")
+ public AjaxResult synchDb(@PathVariable("tableName") String tableName)
+ {
+ genTableService.synchDb(tableName);
+ return AjaxResult.success();
}
/**
@@ -168,7 +194,7 @@
public void batchGenCode(HttpServletResponse response, String tables) throws IOException
{
String[] tableNames = Convert.toStrArray(tables);
- byte[] data = genTableService.generatorCode(tableNames);
+ byte[] data = genTableService.downloadCode(tableNames);
genCode(response, data);
}
--
Gitblit v1.9.3