package org.jeecg.modules.api.controller;
|
|
import com.alibaba.fastjson.JSONObject;
|
import lombok.extern.slf4j.Slf4j;
|
import org.apache.tomcat.util.http.fileupload.IOUtils;
|
import org.jeecg.common.api.dto.DataLogDTO;
|
import org.jeecg.common.api.dto.OnlineAuthDTO;
|
import org.jeecg.common.api.dto.message.*;
|
import org.jeecg.common.api.vo.Result;
|
import org.jeecg.common.system.vo.*;
|
import org.jeecg.common.util.SqlInjectionUtil;
|
import org.jeecg.modules.system.entity.MdcPassLog;
|
import org.jeecg.modules.system.security.DictQueryBlackListHandler;
|
import org.jeecg.modules.system.service.IMdcPassLogService;
|
import org.jeecg.modules.system.service.ISysUserService;
|
import org.jeecg.modules.system.service.impl.SysBaseApiImpl;
|
import org.jeecg.modules.system.util.JwTUtil;
|
import org.jeecg.modules.system.util.SM3Util;
|
import org.jeecg.modules.system.vo.*;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.web.bind.annotation.*;
|
|
import javax.annotation.Resource;
|
import javax.servlet.ServletInputStream;
|
import javax.servlet.http.HttpServletRequest;
|
import java.io.File;
|
import java.io.FileOutputStream;
|
import java.io.IOException;
|
import java.io.UnsupportedEncodingException;
|
import java.net.URLDecoder;
|
import java.util.List;
|
import java.util.Map;
|
import java.util.Set;
|
|
|
/**
|
* 服务化 system模块 对外接口请求类
|
*
|
* @author: jeecg-boot
|
*/
|
@Slf4j
|
@RestController
|
@RequestMapping("/sys/api")
|
public class SystemApiController {
|
|
@Value("${fileService.username}")
|
private String username;
|
|
@Value("${fileService.pwd}")
|
private String pwd;
|
|
@Autowired
|
private SysBaseApiImpl sysBaseApi;
|
@Autowired
|
private ISysUserService sysUserService;
|
|
@Autowired
|
private DictQueryBlackListHandler dictQueryBlackListHandler;
|
|
@Resource
|
private IMdcPassLogService mdcPassLogService;
|
|
|
/**
|
* 发送系统消息
|
*
|
* @param message 使用构造器赋值参数 如果不设置category(消息类型)则默认为2 发送系统消息
|
*/
|
@PostMapping("/sendSysAnnouncement")
|
public void sendSysAnnouncement(@RequestBody MessageDTO message) {
|
sysBaseApi.sendSysAnnouncement(message);
|
}
|
|
/**
|
* 发送消息 附带业务参数
|
*
|
* @param message 使用构造器赋值参数
|
*/
|
@PostMapping("/sendBusAnnouncement")
|
public void sendBusAnnouncement(@RequestBody BusMessageDTO message) {
|
sysBaseApi.sendBusAnnouncement(message);
|
}
|
|
/**
|
* 通过模板发送消息
|
*
|
* @param message 使用构造器赋值参数
|
*/
|
@PostMapping("/sendTemplateAnnouncement")
|
public void sendTemplateAnnouncement(@RequestBody TemplateMessageDTO message) {
|
sysBaseApi.sendTemplateAnnouncement(message);
|
}
|
|
/**
|
* 通过模板发送消息 附带业务参数
|
*
|
* @param message 使用构造器赋值参数
|
*/
|
@PostMapping("/sendBusTemplateAnnouncement")
|
public void sendBusTemplateAnnouncement(@RequestBody BusTemplateMessageDTO message) {
|
sysBaseApi.sendBusTemplateAnnouncement(message);
|
}
|
|
/**
|
* 通过消息中心模板,生成推送内容
|
*
|
* @param templateDTO 使用构造器赋值参数
|
* @return
|
*/
|
@PostMapping("/parseTemplateByCode")
|
public String parseTemplateByCode(@RequestBody TemplateDTO templateDTO) {
|
return sysBaseApi.parseTemplateByCode(templateDTO);
|
}
|
|
/**
|
* 根据业务类型busType及业务busId修改消息已读
|
*/
|
@GetMapping("/updateSysAnnounReadFlag")
|
public void updateSysAnnounReadFlag(@RequestParam("busType") String busType, @RequestParam("busId") String busId) {
|
sysBaseApi.updateSysAnnounReadFlag(busType, busId);
|
}
|
|
/**
|
* 根据用户账号查询用户信息
|
*
|
* @param username
|
* @return
|
*/
|
@GetMapping("/getUserByName")
|
public LoginUser getUserByName(@RequestParam("username") String username) {
|
return sysBaseApi.getUserByName(username);
|
}
|
|
/**
|
* 根据用户id查询用户信息
|
*
|
* @param id
|
* @return
|
*/
|
@GetMapping("/getUserById")
|
LoginUser getUserById(@RequestParam("id") String id) {
|
return sysBaseApi.getUserById(id);
|
}
|
|
/**
|
* 通过用户账号查询角色集合
|
*
|
* @param username
|
* @return
|
*/
|
@GetMapping("/getRolesByUsername")
|
List<String> getRolesByUsername(@RequestParam("username") String username) {
|
return sysBaseApi.getRolesByUsername(username);
|
}
|
|
/**
|
* 通过用户账号查询部门集合
|
*
|
* @param username
|
* @return 部门 id
|
*/
|
@GetMapping("/getDepartIdsByUsername")
|
List<String> getDepartIdsByUsername(@RequestParam("username") String username) {
|
return sysBaseApi.getDepartIdsByUsername(username);
|
}
|
|
/**
|
* 通过用户账号查询部门 name
|
*
|
* @param username
|
* @return 部门 name
|
*/
|
@GetMapping("/getDepartNamesByUsername")
|
List<String> getDepartNamesByUsername(@RequestParam("username") String username) {
|
return sysBaseApi.getDepartNamesByUsername(username);
|
}
|
|
|
/**
|
* 获取数据字典
|
*
|
* @param code
|
* @return
|
*/
|
@GetMapping("/queryDictItemsByCode")
|
List<DictModel> queryDictItemsByCode(@RequestParam("code") String code) {
|
return sysBaseApi.queryDictItemsByCode(code);
|
}
|
|
/**
|
* 获取有效的数据字典
|
*
|
* @param code
|
* @return
|
*/
|
@GetMapping("/queryEnableDictItemsByCode")
|
List<DictModel> queryEnableDictItemsByCode(@RequestParam("code") String code) {
|
return sysBaseApi.queryEnableDictItemsByCode(code);
|
}
|
|
|
/**
|
* 查询所有的父级字典,按照create_time排序
|
*/
|
@GetMapping("/queryAllDict")
|
List<DictModel> queryAllDict() {
|
// try{
|
// //睡10秒,gateway网关5秒超时,会触发熔断降级操作
|
// Thread.sleep(10000);
|
// }catch (Exception e){
|
// e.printStackTrace();
|
// }
|
|
log.info("--我是jeecg-system服务节点,微服务接口queryAllDict被调用--");
|
return sysBaseApi.queryAllDict();
|
}
|
|
/**
|
* 查询所有分类字典
|
*
|
* @return
|
*/
|
@GetMapping("/queryAllSysCategory")
|
List<SysCategoryModel> queryAllSysCategory() {
|
return sysBaseApi.queryAllSysCategory();
|
}
|
|
|
/**
|
* 查询所有部门 作为字典信息 id -->value,departName -->text
|
*
|
* @return
|
*/
|
@GetMapping("/queryAllDepartBackDictModel")
|
List<DictModel> queryAllDepartBackDictModel() {
|
return sysBaseApi.queryAllDepartBackDictModel();
|
}
|
|
/**
|
* 获取所有角色 带参
|
* roleIds 默认选中角色
|
*
|
* @return
|
*/
|
@GetMapping("/queryAllRole")
|
public List<ComboModel> queryAllRole(@RequestParam(name = "roleIds", required = false) String[] roleIds) {
|
if (roleIds == null || roleIds.length == 0) {
|
return sysBaseApi.queryAllRole();
|
} else {
|
return sysBaseApi.queryAllRole(roleIds);
|
}
|
}
|
|
/**
|
* 通过用户账号查询角色Id集合
|
*
|
* @param username
|
* @return
|
*/
|
@GetMapping("/getRoleIdsByUsername")
|
public List<String> getRoleIdsByUsername(@RequestParam("username") String username) {
|
return sysBaseApi.getRoleIdsByUsername(username);
|
}
|
|
/**
|
* 通过部门编号查询部门id
|
*
|
* @param orgCode
|
* @return
|
*/
|
@GetMapping("/getDepartIdsByOrgCode")
|
public String getDepartIdsByOrgCode(@RequestParam("orgCode") String orgCode) {
|
return sysBaseApi.getDepartIdsByOrgCode(orgCode);
|
}
|
|
/**
|
* 查询所有部门
|
*
|
* @return
|
*/
|
@GetMapping("/getAllSysDepart")
|
public List<SysDepartModel> getAllSysDepart() {
|
return sysBaseApi.getAllSysDepart();
|
}
|
|
/**
|
* 根据 id 查询数据库中存储的 DynamicDataSourceModel
|
*
|
* @param dbSourceId
|
* @return
|
*/
|
@GetMapping("/getDynamicDbSourceById")
|
DynamicDataSourceModel getDynamicDbSourceById(@RequestParam("dbSourceId") String dbSourceId) {
|
return sysBaseApi.getDynamicDbSourceById(dbSourceId);
|
}
|
|
|
/**
|
* 根据部门Id获取部门负责人
|
*
|
* @param deptId
|
* @return
|
*/
|
@GetMapping("/getDeptHeadByDepId")
|
public List<String> getDeptHeadByDepId(@RequestParam("deptId") String deptId) {
|
return sysBaseApi.getDeptHeadByDepId(deptId);
|
}
|
|
/**
|
* 查找父级部门
|
*
|
* @param departId
|
* @return
|
*/
|
@GetMapping("/getParentDepartId")
|
public DictModel getParentDepartId(@RequestParam("departId") String departId) {
|
return sysBaseApi.getParentDepartId(departId);
|
}
|
|
/**
|
* 根据 code 查询数据库中存储的 DynamicDataSourceModel
|
*
|
* @param dbSourceCode
|
* @return
|
*/
|
@GetMapping("/getDynamicDbSourceByCode")
|
public DynamicDataSourceModel getDynamicDbSourceByCode(@RequestParam("dbSourceCode") String dbSourceCode) {
|
return sysBaseApi.getDynamicDbSourceByCode(dbSourceCode);
|
}
|
|
/**
|
* 给指定用户发消息
|
*
|
* @param userIds
|
* @param cmd
|
*/
|
@GetMapping("/sendWebSocketMsg")
|
public void sendWebSocketMsg(String[] userIds, String cmd) {
|
sysBaseApi.sendWebSocketMsg(userIds, cmd);
|
}
|
|
|
/**
|
* 根据id获取所有参与用户
|
* userIds
|
*
|
* @return
|
*/
|
@GetMapping("/queryAllUserByIds")
|
public List<LoginUser> queryAllUserByIds(@RequestParam("userIds") String[] userIds) {
|
return sysBaseApi.queryAllUserByIds(userIds);
|
}
|
|
/**
|
* 查询所有用户 返回ComboModel
|
*
|
* @return
|
*/
|
@GetMapping("/queryAllUserBackCombo")
|
public List<ComboModel> queryAllUserBackCombo() {
|
return sysBaseApi.queryAllUserBackCombo();
|
}
|
|
/**
|
* 分页查询用户 返回JSONObject
|
*
|
* @return
|
*/
|
@GetMapping("/queryAllUser")
|
public JSONObject queryAllUser(@RequestParam(name = "userIds", required = false) String userIds, @RequestParam(name = "pageNo", required = false) Integer pageNo, @RequestParam(name = "pageSize", required = false) int pageSize) {
|
return sysBaseApi.queryAllUser(userIds, pageNo, pageSize);
|
}
|
|
|
/**
|
* 将会议签到信息推动到预览
|
* userIds
|
*
|
* @param userId
|
* @return
|
*/
|
@GetMapping("/meetingSignWebsocket")
|
public void meetingSignWebsocket(@RequestParam("userId") String userId) {
|
sysBaseApi.meetingSignWebsocket(userId);
|
}
|
|
/**
|
* 根据name获取所有参与用户
|
* userNames
|
*
|
* @return
|
*/
|
@GetMapping("/queryUserByNames")
|
public List<LoginUser> queryUserByNames(@RequestParam("userNames") String[] userNames) {
|
return sysBaseApi.queryUserByNames(userNames);
|
}
|
|
/**
|
* 获取用户的角色集合
|
*
|
* @param username
|
* @return
|
*/
|
@GetMapping("/getUserRoleSet")
|
public Set<String> getUserRoleSet(@RequestParam("username") String username) {
|
return sysBaseApi.getUserRoleSet(username);
|
}
|
|
/**
|
* 获取用户的权限集合
|
*
|
* @param username
|
* @return
|
*/
|
@GetMapping("/getUserPermissionSet")
|
public Set<String> getUserPermissionSet(@RequestParam("username") String username) {
|
return sysBaseApi.getUserPermissionSet(username);
|
}
|
|
//-----
|
|
/**
|
* 判断是否有online访问的权限
|
*
|
* @param onlineAuthDTO
|
* @return
|
*/
|
@PostMapping("/hasOnlineAuth")
|
public boolean hasOnlineAuth(@RequestBody OnlineAuthDTO onlineAuthDTO) {
|
return sysBaseApi.hasOnlineAuth(onlineAuthDTO);
|
}
|
|
/**
|
* 查询用户角色信息
|
*
|
* @param username
|
* @return
|
*/
|
@GetMapping("/queryUserRoles")
|
public Set<String> queryUserRoles(@RequestParam("username") String username) {
|
return sysUserService.getUserRolesSet(username);
|
}
|
|
|
/**
|
* 查询用户权限信息
|
*
|
* @param username
|
* @return
|
*/
|
@GetMapping("/queryUserAuths")
|
public Set<String> queryUserAuths(@RequestParam("username") String username) {
|
return sysUserService.getUserPermissionsSet(username);
|
}
|
|
/**
|
* 通过部门id获取部门全部信息
|
*/
|
@GetMapping("/selectAllById")
|
public SysDepartModel selectAllById(@RequestParam("id") String id) {
|
return sysBaseApi.selectAllById(id);
|
}
|
|
/**
|
* 根据用户id查询用户所属公司下所有用户ids
|
*
|
* @param userId
|
* @return
|
*/
|
@GetMapping("/queryDeptUsersByUserId")
|
public List<String> queryDeptUsersByUserId(@RequestParam("userId") String userId) {
|
return sysBaseApi.queryDeptUsersByUserId(userId);
|
}
|
|
|
/**
|
* 查询数据权限
|
*
|
* @return
|
*/
|
@GetMapping("/queryPermissionDataRule")
|
public List<SysPermissionDataRuleModel> queryPermissionDataRule(@RequestParam("component") String component, @RequestParam("requestPath") String requestPath, @RequestParam("username") String username) {
|
return sysBaseApi.queryPermissionDataRule(component, requestPath, username);
|
}
|
|
/**
|
* 查询用户信息
|
*
|
* @param username
|
* @return
|
*/
|
@GetMapping("/getCacheUser")
|
public SysUserCacheInfo getCacheUser(@RequestParam("username") String username) {
|
return sysBaseApi.getCacheUser(username);
|
}
|
|
/**
|
* 普通字典的翻译
|
*
|
* @param code
|
* @param key
|
* @return
|
*/
|
@GetMapping("/translateDict")
|
public String translateDict(@RequestParam("code") String code, @RequestParam("key") String key) {
|
return sysBaseApi.translateDict(code, key);
|
}
|
|
|
/**
|
* 36根据多个用户账号(逗号分隔),查询返回多个用户信息
|
*
|
* @param usernames
|
* @return
|
*/
|
@RequestMapping("/queryUsersByUsernames")
|
List<JSONObject> queryUsersByUsernames(@RequestParam("usernames") String usernames) {
|
return this.sysBaseApi.queryUsersByUsernames(usernames);
|
}
|
|
/**
|
* 37根据多个用户id(逗号分隔),查询返回多个用户信息
|
*
|
* @param ids
|
* @return
|
*/
|
@RequestMapping("/queryUsersByIds")
|
List<JSONObject> queryUsersByIds(@RequestParam("ids") String ids) {
|
return this.sysBaseApi.queryUsersByIds(ids);
|
}
|
|
/**
|
* 38根据多个部门编码(逗号分隔),查询返回多个部门信息
|
*
|
* @param orgCodes
|
* @return
|
*/
|
@GetMapping("/queryDepartsByOrgcodes")
|
List<JSONObject> queryDepartsByOrgcodes(@RequestParam("orgCodes") String orgCodes) {
|
return this.sysBaseApi.queryDepartsByOrgcodes(orgCodes);
|
}
|
|
/**
|
* 39根据多个部门ID(逗号分隔),查询返回多个部门信息
|
*
|
* @param ids
|
* @return
|
*/
|
@GetMapping("/queryDepartsByIds")
|
List<JSONObject> queryDepartsByIds(@RequestParam("ids") String ids) {
|
return this.sysBaseApi.queryDepartsByIds(ids);
|
}
|
|
/**
|
* 40发送邮件消息
|
*
|
* @param email
|
* @param title
|
* @param content
|
*/
|
@GetMapping("/sendEmailMsg")
|
public void sendEmailMsg(@RequestParam("email") String email, @RequestParam("title") String title, @RequestParam("content") String content) {
|
this.sysBaseApi.sendEmailMsg(email, title, content);
|
}
|
|
;
|
|
/**
|
* 41 获取公司下级部门和公司下所有用户信息
|
*
|
* @param orgCode
|
*/
|
@GetMapping("/getDeptUserByOrgCode")
|
List<Map> getDeptUserByOrgCode(@RequestParam("orgCode") String orgCode) {
|
return this.sysBaseApi.getDeptUserByOrgCode(orgCode);
|
}
|
|
/**
|
* 查询分类字典翻译
|
*
|
* @param ids 分类字典表id
|
* @return
|
*/
|
@GetMapping("/loadCategoryDictItem")
|
public List<String> loadCategoryDictItem(@RequestParam("ids") String ids) {
|
return sysBaseApi.loadCategoryDictItem(ids);
|
}
|
|
/**
|
* 根据字典code加载字典text
|
*
|
* @param dictCode 顺序:tableName,text,code
|
* @param keys 要查询的key
|
* @return
|
*/
|
@GetMapping("/loadDictItem")
|
public List<String> loadDictItem(@RequestParam("dictCode") String dictCode, @RequestParam("keys") String keys) {
|
if (!dictQueryBlackListHandler.isPass(dictCode)) {
|
log.error(dictQueryBlackListHandler.getError());
|
return null;
|
}
|
return sysBaseApi.loadDictItem(dictCode, keys);
|
}
|
|
/**
|
* 根据字典code查询字典项
|
*
|
* @param dictCode 顺序:tableName,text,code
|
* @param dictCode 要查询的key
|
* @return
|
*/
|
@GetMapping("/getDictItems")
|
public List<DictModel> getDictItems(@RequestParam("dictCode") String dictCode) {
|
if (!dictQueryBlackListHandler.isPass(dictCode)) {
|
log.error(dictQueryBlackListHandler.getError());
|
return null;
|
}
|
return sysBaseApi.getDictItems(dictCode);
|
}
|
|
/**
|
* 根据多个字典code查询多个字典项
|
*
|
* @param dictCodeList
|
* @return key = dictCode ; value=对应的字典项
|
*/
|
@RequestMapping("/getManyDictItems")
|
public Map<String, List<DictModel>> getManyDictItems(@RequestParam("dictCodeList") List<String> dictCodeList) {
|
return sysBaseApi.getManyDictItems(dictCodeList);
|
}
|
|
/**
|
* 【下拉搜索】
|
* 大数据量的字典表 走异步加载,即前端输入内容过滤数据
|
*
|
* @param dictCode 字典code格式:table,text,code
|
* @param keyword 过滤关键字
|
* @return
|
*/
|
@GetMapping("/loadDictItemByKeyword")
|
public List<DictModel> loadDictItemByKeyword(@RequestParam("dictCode") String dictCode, @RequestParam("keyword") String keyword, @RequestParam(value = "pageSize", required = false) Integer pageSize) {
|
if (!dictQueryBlackListHandler.isPass(dictCode)) {
|
log.error(dictQueryBlackListHandler.getError());
|
return null;
|
}
|
return sysBaseApi.loadDictItemByKeyword(dictCode, keyword, pageSize);
|
}
|
|
/**
|
* 48 普通字典的翻译,根据多个dictCode和多条数据,多个以逗号分割
|
*
|
* @param dictCodes
|
* @param keys
|
* @return
|
*/
|
@GetMapping("/translateManyDict")
|
public Map<String, List<DictModel>> translateManyDict(@RequestParam("dictCodes") String dictCodes, @RequestParam("keys") String keys) {
|
return this.sysBaseApi.translateManyDict(dictCodes, keys);
|
}
|
|
|
/**
|
* 获取表数据字典 【接口签名验证】
|
*
|
* @param table
|
* @param text
|
* @param code
|
* @return
|
*/
|
@GetMapping("/queryTableDictItemsByCode")
|
List<DictModel> queryTableDictItemsByCode(@RequestParam("table") String table, @RequestParam("text") String text, @RequestParam("code") String code) {
|
String str = table + "," + text + "," + code;
|
if (!dictQueryBlackListHandler.isPass(str)) {
|
log.error(dictQueryBlackListHandler.getError());
|
return null;
|
}
|
return sysBaseApi.queryTableDictItemsByCode(table, text, code);
|
}
|
|
/**
|
* 查询表字典 支持过滤数据 【接口签名验证】
|
*
|
* @param table
|
* @param text
|
* @param code
|
* @param filterSql
|
* @return
|
*/
|
@GetMapping("/queryFilterTableDictInfo")
|
List<DictModel> queryFilterTableDictInfo(@RequestParam("table") String table, @RequestParam("text") String text, @RequestParam("code") String code, @RequestParam("filterSql") String filterSql) {
|
String str = table + "," + text + "," + code;
|
if (!dictQueryBlackListHandler.isPass(str)) {
|
log.error(dictQueryBlackListHandler.getError());
|
return null;
|
}
|
String[] arr = new String[]{table, text, code};
|
SqlInjectionUtil.filterContent(arr);
|
SqlInjectionUtil.specialFilterContentForDictSql(filterSql);
|
return sysBaseApi.queryFilterTableDictInfo(table, text, code, filterSql);
|
}
|
|
/**
|
* 【接口签名验证】
|
* 查询指定table的 text code 获取字典,包含text和value
|
*
|
* @param table
|
* @param text
|
* @param code
|
* @param keyArray
|
* @return
|
*/
|
@Deprecated
|
@GetMapping("/queryTableDictByKeys")
|
public List<String> queryTableDictByKeys(@RequestParam("table") String table, @RequestParam("text") String text, @RequestParam("code") String code, @RequestParam("keyArray") String[] keyArray) {
|
String str = table + "," + text + "," + code;
|
if (!dictQueryBlackListHandler.isPass(str)) {
|
log.error(dictQueryBlackListHandler.getError());
|
return null;
|
}
|
return sysBaseApi.queryTableDictByKeys(table, text, code, keyArray);
|
}
|
|
|
/**
|
* 字典表的 翻译【接口签名验证】
|
*
|
* @param table
|
* @param text
|
* @param code
|
* @param key
|
* @return
|
*/
|
@GetMapping("/translateDictFromTable")
|
public String translateDictFromTable(@RequestParam("table") String table, @RequestParam("text") String text, @RequestParam("code") String code, @RequestParam("key") String key) {
|
String str = table + "," + text + "," + code;
|
if (!dictQueryBlackListHandler.isPass(str)) {
|
log.error(dictQueryBlackListHandler.getError());
|
return null;
|
}
|
String[] arr = new String[]{table, text, code, key};
|
SqlInjectionUtil.filterContent(arr);
|
return sysBaseApi.translateDictFromTable(table, text, code, key);
|
}
|
|
|
/**
|
* 【接口签名验证】
|
* 49 字典表的 翻译,可批量
|
*
|
* @param table
|
* @param text
|
* @param code
|
* @param keys 多个用逗号分割
|
* @return
|
*/
|
@GetMapping("/translateDictFromTableByKeys")
|
public List<DictModel> translateDictFromTableByKeys(@RequestParam("table") String table, @RequestParam("text") String text, @RequestParam("code") String code, @RequestParam("keys") String keys) {
|
String str = table + "," + text + "," + code;
|
if (!dictQueryBlackListHandler.isPass(str)) {
|
log.error(dictQueryBlackListHandler.getError());
|
return null;
|
}
|
return this.sysBaseApi.translateDictFromTableByKeys(table, text, code, keys);
|
}
|
|
/**
|
* 发送模板信息
|
*
|
* @param message
|
*/
|
@PostMapping("/sendTemplateMessage")
|
public void sendTemplateMessage(@RequestBody MessageDTO message) {
|
sysBaseApi.sendTemplateMessage(message);
|
}
|
|
/**
|
* 获取消息模板内容
|
*
|
* @param code
|
* @return
|
*/
|
@GetMapping("/getTemplateContent")
|
public String getTemplateContent(@RequestParam("code") String code) {
|
return this.sysBaseApi.getTemplateContent(code);
|
}
|
|
/**
|
* 保存数据日志
|
*
|
* @param dataLogDto
|
*/
|
@PostMapping("/saveDataLog")
|
public void saveDataLog(@RequestBody DataLogDTO dataLogDto) {
|
this.sysBaseApi.saveDataLog(dataLogDto);
|
}
|
|
@PostMapping("/addSysFiles")
|
public void addSysFiles(@RequestBody SysFilesModel sysFilesModel) {
|
this.sysBaseApi.addSysFiles(sysFilesModel);
|
}
|
|
@GetMapping("/getFileUrl")
|
public String getFileUrl(@RequestParam(name = "fileId") String fileId) {
|
return this.sysBaseApi.getFileUrl(fileId);
|
}
|
|
/**
|
* 更新头像
|
*
|
* @param loginUser
|
* @return
|
*/
|
@PutMapping("/updateAvatar")
|
public void updateAvatar(@RequestBody LoginUser loginUser) {
|
this.sysBaseApi.updateAvatar(loginUser);
|
}
|
|
/**
|
* 向app端 websocket推送聊天刷新消息
|
*
|
* @param userId
|
* @return
|
*/
|
@GetMapping("/sendAppChatSocket")
|
public void sendAppChatSocket(@RequestParam(name = "userId") String userId) {
|
this.sysBaseApi.sendAppChatSocket(userId);
|
}
|
|
|
/**
|
* VUEN-2584【issue】平台sql注入漏洞几个问题
|
* 部分特殊函数 可以将查询结果混夹在错误信息中,导致数据库的信息暴露
|
*
|
* @param e
|
* @return
|
*/
|
@ExceptionHandler(java.sql.SQLException.class)
|
public Result<?> handleSQLException(Exception e) {
|
String msg = e.getMessage();
|
String extractvalue = "extractvalue";
|
String updatexml = "updatexml";
|
if (msg != null && (msg.toLowerCase().indexOf(extractvalue) >= 0 || msg.toLowerCase().indexOf(updatexml) >= 0)) {
|
return Result.error("校验失败,sql解析异常!");
|
}
|
return Result.error("校验失败,sql解析异常!" + msg);
|
}
|
|
/**
|
* 网闸认证
|
*
|
* @param postParams
|
* @return
|
*/
|
@PostMapping(value = "/appAuth")
|
public TokenResp getToken(@RequestBody PostParams postParams) {
|
//获取请求头中传入的appId和password
|
String appId = postParams.getAppId();
|
String password = postParams.getPassword();
|
|
//用于校验的正确的appId和password(根据业务调整)
|
|
//校验appId和paaword,由于测试用的明文密码,SM3Util.verify()先将铭文密码SM3加密后再与传入password对比
|
if (username.equals(appId)) {
|
//校验通过,生成token签名
|
if (SM3Util.verify(pwd, password)) {
|
String token = JwTUtil.sign(appId, pwd);
|
return new TokenResp("200", "认证成功", token);
|
} else {
|
return new TokenResp("101", "密码错误", null);
|
}
|
} else {
|
return new TokenResp("101", "账号错误", null);
|
}
|
}
|
|
@PostMapping(value = "/fileUpload")
|
public RespData uploadFiles(HttpServletRequest request) {
|
log.info("上传接口调用开始");
|
FileDetail fileDetail = new FileDetail();
|
try {
|
request.setCharacterEncoding("UTF-8");
|
} catch (UnsupportedEncodingException e) {
|
e.printStackTrace();
|
}
|
//获取FileName
|
if (request.getHeader("FileName") != null) {
|
try {
|
fileDetail.setFileName(URLDecoder.decode(request.getHeader("FileName"), "utf-8"));
|
} catch (UnsupportedEncodingException e) {
|
e.printStackTrace();
|
}
|
}
|
//获取Content-Length
|
if (request.getHeader("Content-Length") != null) {
|
try {
|
fileDetail.setContentLength(URLDecoder.decode(request.getHeader("Content-Length"), "utf-8"));
|
} catch (UnsupportedEncodingException e) {
|
e.printStackTrace();
|
}
|
}
|
//获取文件流
|
ServletInputStream inputStream = null;
|
try {
|
inputStream = request.getInputStream();
|
} catch (IOException e) {
|
e.printStackTrace();
|
}
|
//操作文件流,上传文件
|
FileOutputStream fileOut = null;
|
try {
|
fileOut = new FileOutputStream(fileDetail.getFileName()); // 这里可以改路径
|
IOUtils.copy(inputStream, fileOut);
|
fileOut.flush();
|
//不记录数据量
|
MdcPassLog mdcPassLog = new MdcPassLog();
|
File file = new File(fileDetail.getFileName());
|
String fileName = file.getName();
|
String sequenceOrder = fileName.substring(fileName.length() - 10, fileName.length() - 4);
|
String dayTime = fileName.substring(fileName.length() - 18, fileName.length() - 10);
|
mdcPassLog.setPassLogFileName(file.getAbsolutePath());
|
int sequenceNum = Integer.parseInt(sequenceOrder);
|
mdcPassLog.setPassName(fileName);
|
mdcPassLog.setDayTime(dayTime);
|
mdcPassLog.setSequenceNumber(sequenceNum);
|
mdcPassLog.setSequenceOrder(sequenceOrder);
|
mdcPassLogService.save(mdcPassLog);
|
|
} catch (Exception e) {
|
e.printStackTrace();
|
} finally {
|
try {
|
if (inputStream != null) {
|
inputStream.close();
|
}
|
if (fileOut != null) {
|
fileOut.close();
|
}
|
} catch (IOException e) {
|
e.printStackTrace();
|
}
|
}
|
log.info("上传接口调用结束");
|
return new RespData("200", "文件上传成功");
|
}
|
|
}
|
