防止sql注入%

bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/kitchen/controller/KitchenSettingController.java

@@ -13,6 +13,7 @@ import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 import javax.servlet.http.HttpServletResponse;
+import javax.validation.Valid;
 import java.util.List;
 
 /**
@@ -34,7 +35,7 @@ public class KitchenSettingController extends BaseController {
     @ApiOperation(value = "查询功能参数配置列表")
     //@RequiresPermissions("kitchen:setting:list")
     @GetMapping("/list")
-    public TableDataInfo list(KitchenSetting kitchenSetting) {
+    public TableDataInfo list(@Valid KitchenSetting kitchenSetting) {
         startPage();
         List<KitchenSetting> list = kitchenSettingService.selectKitchenSettingList(kitchenSetting);
         return getDataTable(list);

bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/kitchen/domain/KitchenSetting.java

@@ -2,6 +2,7 @@ package com.bonus.canteen.core.kitchen.domain;
 
 import com.bonus.common.core.annotation.Excel;
 import com.bonus.common.core.web.domain.BaseEntity;
+import com.bonus.common.security.annotation.NoPercent;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import lombok.ToString;
@@ -25,6 +26,7 @@ public class KitchenSetting extends BaseEntity {
     /** 参数键名 */
     @Excel(name = "参数键名")
     @ApiModelProperty(value = "参数键名")
+    @NoPercent
     private String itemName;
 
     /** 参数主键 */