| | |
| | | |
| | | import com.alibaba.fastjson.JSONObject; |
| | | import lombok.extern.slf4j.Slf4j; |
| | | import org.apache.tomcat.util.http.fileupload.IOUtils; |
| | | import org.jeecg.common.api.dto.DataLogDTO; |
| | | import org.jeecg.common.api.dto.OnlineAuthDTO; |
| | | import org.jeecg.common.api.dto.message.*; |
| | | import org.jeecg.common.api.vo.Result; |
| | | import org.jeecg.common.system.vo.*; |
| | | import org.jeecg.common.util.SqlInjectionUtil; |
| | | import org.jeecg.modules.system.entity.MdcPassLog; |
| | | import org.jeecg.modules.system.security.DictQueryBlackListHandler; |
| | | import org.jeecg.modules.system.service.IMdcPassLogService; |
| | | import org.jeecg.modules.system.service.ISysUserService; |
| | | import org.jeecg.modules.system.service.impl.SysBaseApiImpl; |
| | | import org.jeecg.modules.system.util.JwTUtil; |
| | | import org.jeecg.modules.system.util.SM3Util; |
| | | import org.jeecg.modules.system.vo.*; |
| | | import org.springframework.beans.factory.annotation.Autowired; |
| | | import org.springframework.beans.factory.annotation.Value; |
| | | import org.springframework.web.bind.annotation.*; |
| | | |
| | | import javax.annotation.Resource; |
| | | import javax.servlet.ServletInputStream; |
| | | import javax.servlet.http.HttpServletRequest; |
| | | import java.io.File; |
| | | import java.io.FileOutputStream; |
| | | import java.io.IOException; |
| | | import java.io.UnsupportedEncodingException; |
| | | import java.net.URLDecoder; |
| | | import java.util.List; |
| | | import java.util.Map; |
| | | import java.util.Set; |
| | |
| | | |
| | | /** |
| | | * 服务化 system模块 对外接口请求类 |
| | | * |
| | | * @author: jeecg-boot |
| | | */ |
| | | @Slf4j |
| | | @RestController |
| | | @RequestMapping("/sys/api") |
| | | public class SystemApiController { |
| | | |
| | | @Value("${fileService.username}") |
| | | private String username; |
| | | |
| | | @Value("${fileService.pwd}") |
| | | private String pwd; |
| | | |
| | | @Autowired |
| | | private SysBaseApiImpl sysBaseApi; |
| | |
| | | @Autowired |
| | | private DictQueryBlackListHandler dictQueryBlackListHandler; |
| | | |
| | | @Resource |
| | | private IMdcPassLogService mdcPassLogService; |
| | | |
| | | |
| | | /** |
| | | * 发送系统消息 |
| | | * |
| | | * @param message 使用构造器赋值参数 如果不设置category(消息类型)则默认为2 发送系统消息 |
| | | */ |
| | | @PostMapping("/sendSysAnnouncement") |
| | |
| | | |
| | | /** |
| | | * 发送消息 附带业务参数 |
| | | * |
| | | * @param message 使用构造器赋值参数 |
| | | */ |
| | | @PostMapping("/sendBusAnnouncement") |
| | |
| | | |
| | | /** |
| | | * 通过模板发送消息 |
| | | * |
| | | * @param message 使用构造器赋值参数 |
| | | */ |
| | | @PostMapping("/sendTemplateAnnouncement") |
| | |
| | | |
| | | /** |
| | | * 通过模板发送消息 附带业务参数 |
| | | * |
| | | * @param message 使用构造器赋值参数 |
| | | */ |
| | | @PostMapping("/sendBusTemplateAnnouncement") |
| | |
| | | |
| | | /** |
| | | * 通过消息中心模板,生成推送内容 |
| | | * |
| | | * @param templateDTO 使用构造器赋值参数 |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 根据用户账号查询用户信息 |
| | | * |
| | | * @param username |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 根据用户id查询用户信息 |
| | | * |
| | | * @param id |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 通过用户账号查询角色集合 |
| | | * |
| | | * @param username |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 通过用户账号查询部门集合 |
| | | * |
| | | * @param username |
| | | * @return 部门 id |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 通过用户账号查询部门 name |
| | | * |
| | | * @param username |
| | | * @return 部门 name |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 获取数据字典 |
| | | * |
| | | * @param code |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 获取有效的数据字典 |
| | | * |
| | | * @param code |
| | | * @return |
| | | */ |
| | |
| | | } |
| | | |
| | | |
| | | /** 查询所有的父级字典,按照create_time排序 */ |
| | | /** |
| | | * 查询所有的父级字典,按照create_time排序 |
| | | */ |
| | | @GetMapping("/queryAllDict") |
| | | List<DictModel> queryAllDict(){ |
| | | // try{ |
| | |
| | | |
| | | /** |
| | | * 查询所有分类字典 |
| | | * |
| | | * @return |
| | | */ |
| | | @GetMapping("/queryAllSysCategory") |
| | |
| | | |
| | | /** |
| | | * 查询所有部门 作为字典信息 id -->value,departName -->text |
| | | * |
| | | * @return |
| | | */ |
| | | @GetMapping("/queryAllDepartBackDictModel") |
| | |
| | | /** |
| | | * 获取所有角色 带参 |
| | | * roleIds 默认选中角色 |
| | | * |
| | | * @return |
| | | */ |
| | | @GetMapping("/queryAllRole") |
| | |
| | | |
| | | /** |
| | | * 通过用户账号查询角色Id集合 |
| | | * |
| | | * @param username |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 通过部门编号查询部门id |
| | | * |
| | | * @param orgCode |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 查询所有部门 |
| | | * |
| | | * @return |
| | | */ |
| | | @GetMapping("/getAllSysDepart") |
| | |
| | | } |
| | | |
| | | |
| | | |
| | | /** |
| | | * 根据部门Id获取部门负责人 |
| | | * |
| | | * @param deptId |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 查找父级部门 |
| | | * |
| | | * @param departId |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 给指定用户发消息 |
| | | * |
| | | * @param userIds |
| | | * @param cmd |
| | | */ |
| | |
| | | /** |
| | | * 根据id获取所有参与用户 |
| | | * userIds |
| | | * |
| | | * @return |
| | | */ |
| | | @GetMapping("/queryAllUserByIds") |
| | |
| | | |
| | | /** |
| | | * 查询所有用户 返回ComboModel |
| | | * |
| | | * @return |
| | | */ |
| | | @GetMapping("/queryAllUserBackCombo") |
| | |
| | | |
| | | /** |
| | | * 分页查询用户 返回JSONObject |
| | | * |
| | | * @return |
| | | */ |
| | | @GetMapping("/queryAllUser") |
| | |
| | | } |
| | | |
| | | |
| | | |
| | | /** |
| | | * 将会议签到信息推动到预览 |
| | | * userIds |
| | | * @return |
| | | * |
| | | * @param userId |
| | | * @return |
| | | */ |
| | | @GetMapping("/meetingSignWebsocket") |
| | | public void meetingSignWebsocket(@RequestParam("userId")String userId){ |
| | |
| | | /** |
| | | * 根据name获取所有参与用户 |
| | | * userNames |
| | | * |
| | | * @return |
| | | */ |
| | | @GetMapping("/queryUserByNames") |
| | |
| | | |
| | | /** |
| | | * 获取用户的角色集合 |
| | | * |
| | | * @param username |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 获取用户的权限集合 |
| | | * |
| | | * @param username |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 判断是否有online访问的权限 |
| | | * |
| | | * @param onlineAuthDTO |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 查询用户角色信息 |
| | | * |
| | | * @param username |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 查询用户权限信息 |
| | | * |
| | | * @param username |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 根据用户id查询用户所属公司下所有用户ids |
| | | * |
| | | * @param userId |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 查询数据权限 |
| | | * |
| | | * @return |
| | | */ |
| | | @GetMapping("/queryPermissionDataRule") |
| | |
| | | |
| | | /** |
| | | * 查询用户信息 |
| | | * |
| | | * @param username |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 普通字典的翻译 |
| | | * |
| | | * @param code |
| | | * @param key |
| | | * @return |
| | |
| | | |
| | | /** |
| | | * 36根据多个用户账号(逗号分隔),查询返回多个用户信息 |
| | | * |
| | | * @param usernames |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 37根据多个用户id(逗号分隔),查询返回多个用户信息 |
| | | * |
| | | * @param ids |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 38根据多个部门编码(逗号分隔),查询返回多个部门信息 |
| | | * |
| | | * @param orgCodes |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 39根据多个部门ID(逗号分隔),查询返回多个部门信息 |
| | | * |
| | | * @param ids |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 40发送邮件消息 |
| | | * |
| | | * @param email |
| | | * @param title |
| | | * @param content |
| | |
| | | @GetMapping("/sendEmailMsg") |
| | | public void sendEmailMsg(@RequestParam("email")String email,@RequestParam("title")String title,@RequestParam("content")String content){ |
| | | this.sysBaseApi.sendEmailMsg(email,title,content); |
| | | }; |
| | | } |
| | | |
| | | ; |
| | | |
| | | /** |
| | | * 41 获取公司下级部门和公司下所有用户信息 |
| | | * |
| | | * @param orgCode |
| | | */ |
| | | @GetMapping("/getDeptUserByOrgCode") |
| | |
| | | |
| | | /** |
| | | * 48 普通字典的翻译,根据多个dictCode和多条数据,多个以逗号分割 |
| | | * |
| | | * @param dictCodes |
| | | * @param keys |
| | | * @return |
| | |
| | | |
| | | /** |
| | | * 获取表数据字典 【接口签名验证】 |
| | | * |
| | | * @param table |
| | | * @param text |
| | | * @param code |
| | |
| | | |
| | | /** |
| | | * 查询表字典 支持过滤数据 【接口签名验证】 |
| | | * |
| | | * @param table |
| | | * @param text |
| | | * @param code |
| | |
| | | /** |
| | | * 【接口签名验证】 |
| | | * 查询指定table的 text code 获取字典,包含text和value |
| | | * |
| | | * @param table |
| | | * @param text |
| | | * @param code |
| | |
| | | |
| | | /** |
| | | * 字典表的 翻译【接口签名验证】 |
| | | * |
| | | * @param table |
| | | * @param text |
| | | * @param code |
| | |
| | | |
| | | /** |
| | | * 发送模板信息 |
| | | * |
| | | * @param message |
| | | */ |
| | | @PostMapping("/sendTemplateMessage") |
| | |
| | | |
| | | /** |
| | | * 获取消息模板内容 |
| | | * |
| | | * @param code |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 保存数据日志 |
| | | * |
| | | * @param dataLogDto |
| | | */ |
| | | @PostMapping("/saveDataLog") |
| | |
| | | } |
| | | |
| | | @PostMapping("/addSysFiles") |
| | | public void addSysFiles(@RequestBody SysFilesModel sysFilesModel){this.sysBaseApi.addSysFiles(sysFilesModel);} |
| | | public void addSysFiles(@RequestBody SysFilesModel sysFilesModel) { |
| | | this.sysBaseApi.addSysFiles(sysFilesModel); |
| | | } |
| | | |
| | | @GetMapping("/getFileUrl") |
| | | public String getFileUrl(@RequestParam(name="fileId") String fileId){ |
| | |
| | | |
| | | /** |
| | | * 更新头像 |
| | | * |
| | | * @param loginUser |
| | | * @return |
| | | */ |
| | |
| | | |
| | | /** |
| | | * 向app端 websocket推送聊天刷新消息 |
| | | * |
| | | * @param userId |
| | | * @return |
| | | */ |
| | |
| | | /** |
| | | * VUEN-2584【issue】平台sql注入漏洞几个问题 |
| | | * 部分特殊函数 可以将查询结果混夹在错误信息中,导致数据库的信息暴露 |
| | | * |
| | | * @param e |
| | | * @return |
| | | */ |
| | |
| | | return Result.error("校验失败,sql解析异常!" + msg); |
| | | } |
| | | |
| | | /** |
| | | * 网闸认证 |
| | | * |
| | | * @param postParams |
| | | * @return |
| | | */ |
| | | @PostMapping(value = "/appAuth") |
| | | public TokenResp getToken(@RequestBody PostParams postParams) { |
| | | //获取请求头中传入的appId和password |
| | | String appId = postParams.getAppId(); |
| | | String password = postParams.getPassword(); |
| | | |
| | | //用于校验的正确的appId和password(根据业务调整) |
| | | |
| | | //校验appId和paaword,由于测试用的明文密码,SM3Util.verify()先将铭文密码SM3加密后再与传入password对比 |
| | | if (username.equals(appId)) { |
| | | //校验通过,生成token签名 |
| | | if (SM3Util.verify(pwd, password)) { |
| | | String token = JwTUtil.sign(appId, pwd); |
| | | return new TokenResp("200", "认证成功", token); |
| | | } else { |
| | | return new TokenResp("", "密码错误", null); |
| | | } |
| | | } else { |
| | | return new TokenResp("", "账号错误", null); |
| | | } |
| | | } |
| | | |
| | | @PostMapping(value = "/fileUpload") |
| | | public RespData uploadFiles(HttpServletRequest request) { |
| | | |
| | | FileDetail fileDetail = new FileDetail(); |
| | | try { |
| | | request.setCharacterEncoding("UTF-8"); |
| | | } catch (UnsupportedEncodingException e) { |
| | | e.printStackTrace(); |
| | | } |
| | | //获取FileName |
| | | if (request.getHeader("FileName") != null) { |
| | | try { |
| | | fileDetail.setFileName(URLDecoder.decode(request.getHeader("FileName"), "utf-8")); |
| | | } catch (UnsupportedEncodingException e) { |
| | | e.printStackTrace(); |
| | | } |
| | | } |
| | | //获取Content-Length |
| | | if (request.getHeader("Content-Length") != null) { |
| | | try { |
| | | fileDetail.setContentLength(URLDecoder.decode(request.getHeader("Content-Length"), "utf-8")); |
| | | } catch (UnsupportedEncodingException e) { |
| | | e.printStackTrace(); |
| | | } |
| | | } |
| | | //获取文件流 |
| | | ServletInputStream inputStream = null; |
| | | try { |
| | | inputStream = request.getInputStream(); |
| | | } catch (IOException e) { |
| | | e.printStackTrace(); |
| | | } |
| | | //操作文件流,上传文件 |
| | | FileOutputStream fileOut = null; |
| | | try { |
| | | fileOut = new FileOutputStream(fileDetail.getFileName()); // 这里可以改路径 |
| | | IOUtils.copy(inputStream, fileOut); |
| | | fileOut.flush(); |
| | | //不记录数据量 |
| | | MdcPassLog mdcPassLog = new MdcPassLog(); |
| | | File file = new File(fileDetail.getFileName()); |
| | | String fileName = file.getName(); |
| | | String sequenceOrder = fileName.substring(fileName.length() - 10, fileName.length() - 4); |
| | | String dayTime = fileName.substring(fileName.length() - 18, fileName.length() - 10); |
| | | mdcPassLog.setPassLogFileName(file.getAbsolutePath()); |
| | | int sequenceNum = Integer.parseInt(sequenceOrder); |
| | | mdcPassLog.setPassName(fileName); |
| | | mdcPassLog.setDayTime(dayTime); |
| | | mdcPassLog.setSequenceNumber(sequenceNum); |
| | | mdcPassLog.setSequenceOrder(sequenceOrder); |
| | | mdcPassLogService.save(mdcPassLog); |
| | | |
| | | } catch (Exception e) { |
| | | e.printStackTrace(); |
| | | } finally { |
| | | try { |
| | | if (inputStream != null) { |
| | | inputStream.close(); |
| | | } |
| | | if (fileOut != null) { |
| | | fileOut.close(); |
| | | } |
| | | } catch (IOException e) { |
| | | e.printStackTrace(); |
| | | } |
| | | } |
| | | return new RespData("200", "文件上传成功"); |
| | | } |
| | | |
| | | } |