mirror of
https://gitee.com/log4j/pig.git
synced 2025-01-03 23:42:22 +08:00
Merge branch 'dev'
This commit is contained in:
commit
9d09bb470a
@ -42,7 +42,7 @@
|
|||||||
|-----------------------------|------------|
|
|-----------------------------|------------|
|
||||||
| Spring Boot | 2.7.18 |
|
| Spring Boot | 2.7.18 |
|
||||||
| Spring Cloud | 2021.0.8 |
|
| Spring Cloud | 2021.0.8 |
|
||||||
| Spring Cloud Alibaba | 2021.0.5.0 |
|
| Spring Cloud Alibaba | 2021.0.6.0 |
|
||||||
| Spring Authorization Server | 0.4.4 |
|
| Spring Authorization Server | 0.4.4 |
|
||||||
| Mybatis Plus | 3.5.5 |
|
| Mybatis Plus | 3.5.5 |
|
||||||
| hutool | 5.8.22 |
|
| hutool | 5.8.22 |
|
||||||
|
@ -34,7 +34,7 @@
|
|||||||
<oss.version>1.0.5</oss.version>
|
<oss.version>1.0.5</oss.version>
|
||||||
<sms.version>2.0.2</sms.version>
|
<sms.version>2.0.2</sms.version>
|
||||||
<jaxb.version>2.3.5</jaxb.version>
|
<jaxb.version>2.3.5</jaxb.version>
|
||||||
<hutool.version>5.8.23</hutool.version>
|
<hutool.version>5.8.26</hutool.version>
|
||||||
<mica.version>2.7.4</mica.version>
|
<mica.version>2.7.4</mica.version>
|
||||||
<sentinel.version>1.8.4</sentinel.version>
|
<sentinel.version>1.8.4</sentinel.version>
|
||||||
<git.commit.plugin>4.9.9</git.commit.plugin>
|
<git.commit.plugin>4.9.9</git.commit.plugin>
|
||||||
|
@ -20,6 +20,7 @@ package com.pig4cloud.pig.common.mybatis.resolver;
|
|||||||
|
|
||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import com.baomidou.mybatisplus.core.metadata.OrderItem;
|
import com.baomidou.mybatisplus.core.metadata.OrderItem;
|
||||||
|
import com.baomidou.mybatisplus.core.toolkit.sql.SqlInjectionUtils;
|
||||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
@ -45,9 +46,6 @@ import java.util.stream.Collectors;
|
|||||||
@Slf4j
|
@Slf4j
|
||||||
public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver {
|
public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver {
|
||||||
|
|
||||||
private final static String[] KEYWORDS = { "master", "truncate", "insert", "select", "delete", "update", "declare",
|
|
||||||
"alter", "drop", "sleep", "extractvalue", "concat" };
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 判断Controller是否包含page 参数
|
* 判断Controller是否包含page 参数
|
||||||
* @param parameter 参数
|
* @param parameter 参数
|
||||||
@ -90,21 +88,12 @@ public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver
|
|||||||
List<OrderItem> orderItemList = new ArrayList<>();
|
List<OrderItem> orderItemList = new ArrayList<>();
|
||||||
Optional.ofNullable(ascs)
|
Optional.ofNullable(ascs)
|
||||||
.ifPresent(s -> orderItemList.addAll(
|
.ifPresent(s -> orderItemList.addAll(
|
||||||
Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::asc).collect(Collectors.toList())));
|
Arrays.stream(s).filter(SqlInjectionUtils::check).map(OrderItem::asc).collect(Collectors.toList())));
|
||||||
Optional.ofNullable(descs)
|
Optional.ofNullable(descs)
|
||||||
.ifPresent(s -> orderItemList.addAll(
|
.ifPresent(s -> orderItemList.addAll(
|
||||||
Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::desc).collect(Collectors.toList())));
|
Arrays.stream(s).filter(SqlInjectionUtils::check).map(OrderItem::desc).collect(Collectors.toList())));
|
||||||
page.addOrder(orderItemList);
|
page.addOrder(orderItemList);
|
||||||
|
|
||||||
return page;
|
return page;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* 判断用户输入里面有没有关键字
|
|
||||||
* @return Predicate
|
|
||||||
*/
|
|
||||||
private Predicate<String> sqlInjectPredicate() {
|
|
||||||
return sql -> Arrays.stream(KEYWORDS).noneMatch(keyword -> StrUtil.containsIgnoreCase(sql, keyword));
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -55,7 +55,7 @@ public class OssEndpoint {
|
|||||||
*/
|
*/
|
||||||
@SneakyThrows
|
@SneakyThrows
|
||||||
@PostMapping("/bucket/{bucketName}")
|
@PostMapping("/bucket/{bucketName}")
|
||||||
public Bucket createBucker(@PathVariable String bucketName) {
|
public Bucket createBucket(@PathVariable String bucketName) {
|
||||||
|
|
||||||
template.createBucket(bucketName);
|
template.createBucket(bucketName);
|
||||||
return template.getBucket(bucketName).get();
|
return template.getBucket(bucketName).get();
|
||||||
|
4
pom.xml
4
pom.xml
@ -31,11 +31,11 @@
|
|||||||
<revision>3.7.4-JDK8</revision>
|
<revision>3.7.4-JDK8</revision>
|
||||||
<spring-boot.version>2.7.18</spring-boot.version>
|
<spring-boot.version>2.7.18</spring-boot.version>
|
||||||
<spring-cloud.version>2021.0.8</spring-cloud.version>
|
<spring-cloud.version>2021.0.8</spring-cloud.version>
|
||||||
<spring-cloud-alibaba.version>2021.0.5.0</spring-cloud-alibaba.version>
|
<spring-cloud-alibaba.version>2021.0.6.0</spring-cloud-alibaba.version>
|
||||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||||
<maven.compiler.source>1.8</maven.compiler.source>
|
<maven.compiler.source>1.8</maven.compiler.source>
|
||||||
<maven.compiler.target>1.8</maven.compiler.target>
|
<maven.compiler.target>1.8</maven.compiler.target>
|
||||||
<spring-boot-admin.version>2.7.10</spring-boot-admin.version>
|
<spring-boot-admin.version>2.7.15</spring-boot-admin.version>
|
||||||
<spring.authorization.version>0.4.5</spring.authorization.version>
|
<spring.authorization.version>0.4.5</spring.authorization.version>
|
||||||
<captcha.version>2.2.3</captcha.version>
|
<captcha.version>2.2.3</captcha.version>
|
||||||
<screw.version>0.0.1</screw.version>
|
<screw.version>0.0.1</screw.version>
|
||||||
|
Loading…
Reference in New Issue
Block a user