bonus
/
YnRealNameWeb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修改路径

This commit is contained in:
haozq 2025-08-21 18:22:55 +08:00
parent 0645f96c9f
commit 7617c68f12
28 changed files with 87 additions and 578 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
auth/src/main/java/com/bonus/auth/controller/TokenController.java
View File

@ -22,7 +22,6 @@ import javax.servlet.http.HttpServletRequest;
*
* @author zys
*/
@CrossOrigin
@RestController
public class TokenController
{

60
gateway/src/main/java/com/bonus/gateway/config/CorsConfig.java
View File

@ -1,30 +1,30 @@
package com.bonus.gateway.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsWebFilter;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
import org.springframework.web.util.pattern.PathPatternParser;
/**
* 跨域处理请求配置
* @author 黑子
*/
@Configuration
public class CorsConfig {
@Bean
public CorsWebFilter corsFilter() {
CorsConfiguration config = new CorsConfiguration();
// 是什么请求方法比如GET POST PUT DELATE ...
config.addAllowedMethod("*");
// 来自哪个域名的请求*号表示所有
config.addAllowedOrigin("*");
// 来自哪个域名的请求*号表示所有
config.addAllowedOriginPattern("*");
// 是什么请求头部
config.addAllowedHeader("*");
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());
source.registerCorsConfiguration("/**", config);
return new CorsWebFilter(source);
}
}
//package com.bonus.gateway.config;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.web.cors.CorsConfiguration;
//import org.springframework.web.cors.reactive.CorsWebFilter;
//import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
//import org.springframework.web.util.pattern.PathPatternParser;
//
///**
// * 跨域处理请求配置
// * @author 黑子
// */
//@Configuration
//public class CorsConfig {
//
// @Bean
// public CorsWebFilter corsWebFilter() {
// CorsConfiguration config = new CorsConfiguration();
// config.addAllowedOrigin("*");
// config.addAllowedMethod("*");
// config.addAllowedHeader("*");
// config.addAllowedOriginPattern("*");
// config.setAllowCredentials(false);
// config.setMaxAge(3600L);
//
// UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
// source.registerCorsConfiguration("/**", config);
// return new CorsWebFilter(source);
// }
//}

61
gateway/src/main/java/com/bonus/gateway/xss/CacheBodyGlobalFilter.java
View File

@ -1,61 +0,0 @@
package com.bonus.gateway.xss;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
/**
* @Author:
* @Description: 这个过滤器解决body不能重复读的问题为后续的XssRequestGlobalFilter重写post|put请求的body做准备
* @Date:
* <p>
* 没把body的内容放到attribute中去因为从attribute取出body内容还是需要强转成 Flux<DataBuffer>,然后转换成String,和直接读取body没有什么区别
*/
@Component
public class CacheBodyGlobalFilter implements Ordered, GlobalFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
HttpMethod method = exchange.getRequest().getMethod();
String contentType = exchange.getRequest().getHeaders().getFirst(HttpHeaders.CONTENT_TYPE);
if (method == HttpMethod.POST || method == HttpMethod.PUT) {
if (MediaType.APPLICATION_FORM_URLENCODED_VALUE.equalsIgnoreCase(contentType)
|| MediaType.APPLICATION_JSON_VALUE.equalsIgnoreCase(contentType)
|| MediaType.APPLICATION_JSON_UTF8_VALUE.equals(contentType)) {
return DataBufferUtils.join(exchange.getRequest().getBody())
.flatMap(dataBuffer -> {
DataBufferUtils.retain(dataBuffer);
Flux<DataBuffer> cachedFlux = Flux
.defer(() -> Flux.just(dataBuffer.slice(0, dataBuffer.readableByteCount())));
ServerHttpRequest mutatedRequest = new ServerHttpRequestDecorator(
exchange.getRequest()) {
@Override
public Flux<DataBuffer> getBody() {
return cachedFlux;
}
};
return chain.filter(exchange.mutate().request(mutatedRequest).build());
});
}
}
return chain.filter(exchange);
}
@Override
public int getOrder() {
return Ordered.HIGHEST_PRECEDENCE;
}
}

124
gateway/src/main/java/com/bonus/gateway/xss/XssCleanRuleUtils.java
View File

@ -1,124 +0,0 @@
package com.bonus.gateway.xss;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.jsoup.safety.Whitelist;
import org.springframework.core.io.ClassPathResource;
import java.io.IOException;
import java.io.InputStream;
import java.util.Iterator;
import java.util.regex.Pattern;
/**
* @Author:
* @Description: xss过滤工具
* @Date:
*/
public class XssCleanRuleUtils {
//xss过滤规则(对于scriptsrc及加载事件和弹窗事件的代码块)
private final static Pattern[] scriptPatterns = {
Pattern.compile("<script>(.*?)</script>", Pattern.CASE_INSENSITIVE),
Pattern.compile("src[\r\n]*=[\r\n]*\\\'(.*?)\\\'", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL),
Pattern.compile("</script>", Pattern.CASE_INSENSITIVE),
Pattern.compile("<script(.*?)>", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL),
Pattern.compile("eval\\((.*?)\\)", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL),
Pattern.compile("expression\\((.*?)\\)", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL),
Pattern.compile("javascript:", Pattern.CASE_INSENSITIVE),
Pattern.compile("vbscript:", Pattern.CASE_INSENSITIVE),
Pattern.compile("onload(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL)
};
//非富文本的
public static String xssClean(String value) {
if (value != null) {
value = value.replaceAll("\0|\n|\r", "");
for (Pattern pattern : scriptPatterns) {
value = pattern.matcher(value).replaceAll("");
}
value = value.replaceAll("<", "&lt;").replaceAll(">", "&gt;");
}
return value;
}
//富文本的
public static String xssClean2(String value) {
if (value != null) {
value = value.replaceAll("\0|\n|\r", "");
for (Pattern pattern : scriptPatterns) {
value = pattern.matcher(value).replaceAll("");
}
}
return value;
}
//自定义的json白名单
private static final ClassPathResource jsoupWhiteListPathRes = new ClassPathResource("/json/xssWhiteList.json");
//配置过滤化参数, 不对代码进行格式化
private static final Document.OutputSettings outputSettings = new Document.OutputSettings().prettyPrint(false);
//富文本的使用了Jsoup
public static String xssRichTextClean(String value) {
// 创建一个自定义的白名单基于Jsoup的默认白名单
Whitelist customWhitelist = Whitelist.basic();
InputStream whiteConfig = null;
try {
whiteConfig = jsoupWhiteListPathRes.getInputStream();
} catch (IOException e) {
e.printStackTrace();
}
if (whiteConfig == null) {
throw new RuntimeException("读取jsoup xss 白名单文件失败");
} else {
try {
JSONObject whiteListJson = JSON.parseObject(whiteConfig, JSONObject.class);
//添加标签 addTags
JSONArray addTagsJsonArr = whiteListJson.getJSONArray("addTags");
String[] addTagsArr = addTagsJsonArr.toArray(new String[0]);
customWhitelist.addTags(addTagsArr);
//添加属性 addAttributes
JSONArray addAttrJsonArr = whiteListJson.getJSONArray("addAttributes");
Iterator<Object> iter = addAttrJsonArr.iterator();
while (iter.hasNext()) {
JSONObject attrJsonObj = (JSONObject) iter.next();
String tag = attrJsonObj.getString("tag");
JSONArray attrJsonArr = attrJsonObj.getJSONArray("attributes");
String[] attrArr = attrJsonArr.toArray(new String[0]);
customWhitelist.addAttributes(tag, attrArr);
}
//添加 addProtocols
JSONArray addProtoJsonArr = whiteListJson.getJSONArray("addProtocols");
iter = addProtoJsonArr.iterator();
while (iter.hasNext()) {
JSONObject attrJsonObj = (JSONObject) iter.next();
String tag = attrJsonObj.getString("tag");
String attribute = attrJsonObj.getString("attribute");
JSONArray protoJsonArr = attrJsonObj.getJSONArray("protocols");
String[] protocolArr = protoJsonArr.toArray(new String[0]);
customWhitelist.addProtocols(tag, attribute, protocolArr);
}
} catch (IOException e) {
e.printStackTrace();
}
}
value =Jsoup.clean(value, "", customWhitelist, outputSettings);
return value;
}
}

201
gateway/src/main/java/com/bonus/gateway/xss/XssRequestGlobalFilter.java
View File

@ -1,201 +0,0 @@
package com.bonus.gateway.xss;
import com.bonus.common.core.utils.StringUtils;
import com.bonus.gateway.config.properties.XssProperties;
import io.netty.buffer.ByteBufAllocator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.core.io.buffer.NettyDataBufferFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.util.UriComponentsBuilder;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import java.net.URI;
import java.nio.CharBuffer;
import java.nio.charset.StandardCharsets;
import java.util.concurrent.atomic.AtomicReference;
/**
* @Author:
* @Description: 自定义防XSS攻击网关全局过滤器
* @Date:
*/
@Component
public class XssRequestGlobalFilter implements GlobalFilter, Ordered {
@Autowired
private XssProperties xss;
private Logger logger = LoggerFactory.getLogger(XssRequestGlobalFilter.class);
/**
*
* @param exchange
* @param chain
* @return
*
* get请求参考spring cloud gateway自带过滤器
* @see org.springframework.cloud.gateway.filter.factory.AddRequestParameterGatewayFilterFactory
*
* post请求参考spring cloud gateway自带过滤器
* @see org.springframework.cloud.gateway.filter.factory.rewrite.ModifyRequestBodyGatewayFilterFactory
*/
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain){
// grab configuration from Config object
logger.info("----自定义防XSS攻击网关全局过滤器生效----");
String path = exchange.getRequest().getPath().toString();
ServerHttpRequest serverHttpRequest = exchange.getRequest();
HttpMethod method = serverHttpRequest.getMethod();
String contentType = serverHttpRequest.getHeaders().getFirst(HttpHeaders.CONTENT_TYPE);
Boolean postFlag = (method == HttpMethod.POST || method == HttpMethod.PUT) &&
(MediaType.APPLICATION_FORM_URLENCODED_VALUE.equalsIgnoreCase(contentType) || MediaType.APPLICATION_JSON_VALUE.equals(contentType) || MediaType.APPLICATION_JSON_UTF8_VALUE.equals(contentType));
// get 请求 参考的是 org.springframework.cloud.gateway.filter.factory.AddRequestParameterGatewayFilterFactory
if (method == HttpMethod.GET) {
URI uri = exchange.getRequest().getURI();
String rawQuery = uri.getRawQuery();
if (StringUtils.isBlank(rawQuery)){
return chain.filter(exchange);
}
rawQuery = XssCleanRuleUtils.xssClean(rawQuery);
try {
URI newUri = UriComponentsBuilder.fromUri(uri)
.replaceQuery(rawQuery)
.build(true)
.toUri();
ServerHttpRequest request = exchange.getRequest().mutate()
.uri(newUri).build();
return chain.filter(exchange.mutate().request(request).build());
} catch (Exception e) {
logger.error("get请求清理xss攻击异常", e);
throw new IllegalStateException("Invalid URI query: \"" + rawQuery + "\"");
}
}
//post请求时如果是文件上传之类的请求不修改请求消息体
else if (postFlag){
// 参考的是 org.springframework.cloud.gateway.filter.factory.AddRequestParameterGatewayFilterFactory
//从请求里获取Post请求体
String bodyStr = resolveBodyFromRequest(serverHttpRequest);
// 这种处理方式必须保证post请求时原始post表单必须有数据过来不然会报错
if (StringUtils.isBlank(bodyStr)) {
logger.error("请求异常:{} POST请求必须传递参数", serverHttpRequest.getURI().getRawPath());
ServerHttpResponse response = exchange.getResponse();
response.setStatusCode(HttpStatus.BAD_REQUEST);
byte[] bytes = "{\"code\":400,\"msg\":\"post data error\"}".getBytes(StandardCharsets.UTF_8);
DataBuffer buffer = response.bufferFactory().wrap(bytes);
return response.writeWith(Mono.just(buffer));
}
//白名单处理看业务需求
String url = exchange.getRequest().getURI().getPath();
boolean containsTarget =StringUtils.matches(url, xss.getExcludeUrls());
if (containsTarget) {
//bodyStr = XssCleanRuleUtils.xssRichTextClean(bodyStr);
bodyStr = XssCleanRuleUtils.xssClean2(bodyStr);
} else {
bodyStr = XssCleanRuleUtils.xssClean(bodyStr);
}
URI uri = serverHttpRequest.getURI();
URI newUri = UriComponentsBuilder.fromUri(uri).build(true).toUri();
ServerHttpRequest request = exchange.getRequest().mutate().uri(newUri).build();
DataBuffer bodyDataBuffer = stringBuffer(bodyStr);
Flux<DataBuffer> bodyFlux = Flux.just(bodyDataBuffer);
// 定义新的消息头
HttpHeaders headers = new HttpHeaders();
headers.putAll(exchange.getRequest().getHeaders());
// 由于修改了传递参数需要重新设置CONTENT_LENGTH长度是字节长度不是字符串长度
int length = bodyStr.getBytes().length;
headers.remove(HttpHeaders.CONTENT_LENGTH);
headers.setContentLength(length);
// 设置CONTENT_TYPE
if (StringUtils.isNotBlank(contentType)) {
headers.set(HttpHeaders.CONTENT_TYPE, contentType);
}
// 由于post的body只能订阅一次由于上面代码中已经订阅过一次body所以要再次封装请求到request才行不然会报错请求已经订阅过
request = new ServerHttpRequestDecorator(request) {
@Override
public HttpHeaders getHeaders() {
long contentLength = headers.getContentLength();
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.putAll(super.getHeaders());
if (contentLength > 0) {
httpHeaders.setContentLength(contentLength);
} else {
// this causes a 'HTTP/1.1 411 Length Required' on httpbin.org
httpHeaders.set(HttpHeaders.TRANSFER_ENCODING, "chunked");
}
return httpHeaders;
}
@Override
public Flux<DataBuffer> getBody() {
return bodyFlux;
}
};
//封装request传给下一级
request.mutate().header(HttpHeaders.CONTENT_LENGTH, Integer.toString(bodyStr.length()));
return chain.filter(exchange.mutate().request(request).build());
} else {
return chain.filter(exchange);
}
}
@Override
public int getOrder() {
return -90;
}
/**
* 从Flux<DataBuffer>中获取字符串的方法
* @return 请求体
*/
private String resolveBodyFromRequest(ServerHttpRequest serverHttpRequest) {
//获取请求体
Flux<DataBuffer> body = serverHttpRequest.getBody();
AtomicReference<String> bodyRef = new AtomicReference<>();
body.subscribe(buffer -> {
CharBuffer charBuffer = StandardCharsets.UTF_8.decode(buffer.asByteBuffer());
DataBufferUtils.release(buffer);
bodyRef.set(charBuffer.toString());
});
//获取request body
return bodyRef.get();
}
/**
* 字符串转DataBuffer
* @param value
* @return
*/
private DataBuffer stringBuffer(String value) {
byte[] bytes = value.getBytes(StandardCharsets.UTF_8);
NettyDataBufferFactory nettyDataBufferFactory = new NettyDataBufferFactory(ByteBufAllocator.DEFAULT);
DataBuffer buffer = nettyDataBufferFactory.allocateBuffer(bytes.length);
buffer.write(bytes);
return buffer;
}
}

104
gateway/src/main/java/com/bonus/gateway/xss/XssResponseGlobalFilter.java
View File

@ -1,104 +0,0 @@
package com.bonus.gateway.xss;
import com.bonus.common.core.utils.StringUtils;
import com.bonus.gateway.config.properties.XssProperties;
import lombok.extern.slf4j.Slf4j;
import org.reactivestreams.Publisher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferFactory;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.core.io.buffer.DefaultDataBufferFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.http.server.reactive.ServerHttpResponseDecorator;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import java.nio.charset.Charset;
/**
* @Author:
* @Description: 重写Response防止xss攻击
* @Date:
*/
@Component
@Slf4j
public class XssResponseGlobalFilter implements Ordered, GlobalFilter {
@Autowired
private XssProperties xss;
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
//获取请求url
String path = exchange.getRequest().getPath().toString();
ServerHttpResponse originalResponse = exchange.getResponse();
DataBufferFactory bufferFactory = originalResponse.bufferFactory();
ServerHttpResponseDecorator decoratedResponse = new ServerHttpResponseDecorator(originalResponse) {
@Override
public Mono<Void> writeWith(Publisher<? extends DataBuffer> body) {
String contentType = getDelegate().getHeaders().getFirst(HttpHeaders.CONTENT_TYPE);
Boolean flag = MediaType.APPLICATION_JSON_VALUE.equals(contentType) || MediaType.APPLICATION_JSON_UTF8_VALUE.equals(contentType);
if (body instanceof Flux && flag) {
Flux<? extends DataBuffer> fluxBody = (Flux<? extends DataBuffer>) body;
return super.writeWith(fluxBody.buffer().map(dataBuffer -> {
//如果响应过大会进行截断出现乱码
//然后看api DefaultDataBufferFactory有个join方法可以合并所有的流乱码的问题解决
DataBufferFactory dataBufferFactory = new DefaultDataBufferFactory();
DataBuffer join = null;
try {
join = dataBufferFactory.join(dataBuffer);
byte[] content = new byte[join.readableByteCount()];
join.read(content);
//释放掉内存
DataBufferUtils.release(join);
String result = new String(content, Charset.forName("UTF-8"));
//logger.info("result:"+result);
//若为带有富文本的接口走富文本xss过滤
String url = exchange.getRequest().getURI().getPath();
boolean containsTarget = StringUtils.matches(url, xss.getExcludeUrls());
if (containsTarget) {
//result = XssCleanRuleUtils.xssRichTextClean(result);
result = XssCleanRuleUtils.xssClean2(result);
} else {
//result就是response的值对result进行去XSS
result = XssCleanRuleUtils.xssClean(result);
}
byte[] uppedContent = new String(result.getBytes(), Charset.forName("UTF-8")).getBytes();
return bufferFactory.wrap(uppedContent);
} catch (Exception e) {
// 处理异常记录日志等
throw e;
} finally {
if (join != null) {
//释放掉内存
DataBufferUtils.release(join);
}
}
}));
}
// if body is not a flux. never got there.
return super.writeWith(body);
}
};
// replace response with decorator
return chain.filter(exchange.mutate().response(decoratedResponse).build());
}
@Override
public int getOrder() {
return -50;
}
}

2
modules/bmw/src/main/java/com/bonus/bmw/planAndRealName/controller/PlanAndRealNameController.java
View File

@ -37,7 +37,7 @@ import java.util.stream.Collectors;
@RestController
@RequestMapping("/planAndRealName")
@Slf4j
@CrossOrigin
//@CrossOrigin
public class PlanAndRealNameController {
@Resource(name = "planAndRealNameService")

6
modules/file/src/main/java/com/bonus/file/upload/controller/UploadController.java
View File

@ -32,7 +32,7 @@ import java.util.*;
* 文件上传
* @author zys
*/
@CrossOrigin
//@CrossOrigin
@RestController
@RequestMapping("/file")
public class UploadController {
@ -46,7 +46,7 @@ public class UploadController {
* 文件上传请求
*/
@PostMapping("/upload")
@CrossOrigin
//@CrossOrigin
public R<SysFile> upload(HttpServletRequest request) {
try {
// 上传并返回访问地址
@ -224,7 +224,7 @@ public class UploadController {
* @return
*/
@PostMapping("uploadmake")
@CrossOrigin
//@CrossOrigin
@Log(title = "文件上传请求", businessType = BusinessType.IMPORT)
public R<SysFile> uploadmake(HttpServletRequest request) {
try {

2
modules/lineProtector/src/main/java/com/bonus/lineProtector/homepage/controller/HomePageController.java
View File

@ -16,7 +16,7 @@ import javax.annotation.Resource;
* 后端首页
* @author admin
*/
@CrossOrigin
//@CrossOrigin
@RestController
@RequestMapping("/lineProjectHomePage")
public class HomePageController {

2
modules/lineProtector/src/main/java/com/bonus/lineProtector/inspectionPlan/controller/InspectionPlanController.java
View File

@ -33,7 +33,7 @@ import java.util.Map;
* @date 2024/8/14
* @description 巡视计划
*/
@CrossOrigin
//@CrossOrigin
@RestController
@RequestMapping("/inspectionPlan")
public class InspectionPlanController extends ResultController {

2
modules/lineProtector/src/main/java/com/bonus/lineProtector/project/controller/LineProjectController.java
View File

@ -37,7 +37,7 @@ import java.util.Objects;
*
* @author admin
*/
@CrossOrigin
//@CrossOrigin
@RestController
@RequestMapping("/lineProject")
public class LineProjectController extends ResultController {

2
modules/mw/src/main/java/com/bonus/mw/home/controller/PerAttendanceController.java
View File

@ -19,7 +19,7 @@ import java.util.Map;
* 人员考勤统计
*/
@RestController
@CrossOrigin
//@CrossOrigin
@RequestMapping("/perAttendance")
public class PerAttendanceController {
@Resource(name = "perAttendanceService")

2
modules/mw/src/main/java/com/bonus/mw/home/controller/PlanRiskPlanController.java
View File

@ -16,7 +16,7 @@ import java.util.Map;
* 作业计划
*/
@RestController
@CrossOrigin
//@CrossOrigin
@RequestMapping("/planRiskPlan")
public class PlanRiskPlanController {
@Resource(name = "planRiskPlanService")

2
modules/mw/src/main/java/com/bonus/mw/home/controller/ProBranchAnalyseController.java
View File

@ -15,7 +15,7 @@ import java.util.Map;
* 工程分布分析
*/
@RestController
@CrossOrigin
//@CrossOrigin
@RequestMapping("/proBranch")
public class ProBranchAnalyseController {
@Resource(name = "proBranchAnalyseService")

2
modules/mw/src/main/java/com/bonus/mw/home/controller/SubTypeController.java
View File

@ -17,7 +17,7 @@ import java.util.*;
* 人员评价统计
*/
@RestController
@CrossOrigin
//@CrossOrigin
@RequestMapping("/subType")
public class SubTypeController {
@Resource(name = "subTypeService")

2
modules/mw/src/main/java/com/bonus/mw/home/controller/ToolController.java
View File

@ -18,7 +18,7 @@ import java.util.List;
* 工具类
*/
@RestController
@CrossOrigin
//@CrossOrigin
@RequestMapping("/tool")
public class ToolController {
@Resource(name = "toolService")

2
modules/mw/src/main/java/com/bonus/mw/home/controller/UserController.java
View File

@ -16,7 +16,7 @@ import java.util.List;
import java.util.Map;
@RestController
@CrossOrigin
//@CrossOrigin
@RequestMapping("/user")
public class UserController {
@Resource(name = "userService")

2
modules/mw/src/main/java/com/bonus/mw/home/controller/WorkPeopleController.java
View File

@ -18,7 +18,7 @@ import java.util.List;
* 施工人员统计
*/
@RestController
@CrossOrigin
//@CrossOrigin
@RequestMapping("/workPeople")
public class WorkPeopleController {
@Resource(name = "workPeopleService")

2
modules/mw/src/main/java/com/bonus/mw/home/controller/proInAnalyseController.java
View File

@ -18,7 +18,7 @@ import java.util.Map;
* 工程投入分析
*/
@RestController
@CrossOrigin
//@CrossOrigin
@RequestMapping("/proIn")
public class proInAnalyseController {
@Resource(name = "proInAnalyseService")

4
modules/oiPlan/src/main/java/com/bonus/oiplan/planStatistics/controller/DayPlanStatisticsController.java
View File

@ -130,7 +130,7 @@ public class DayPlanStatisticsController {
}
@GetMapping("getProduceName")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取作业类别", businessType = BusinessType.SELECT)
public R getProduceName(DayPlanStatisticsBean bean){
try {
@ -315,7 +315,7 @@ public class DayPlanStatisticsController {
}
@GetMapping("getType")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取类型", businessType = BusinessType.SELECT)
public R getType(){
try {

2
modules/oiPlan/src/main/java/com/bonus/oiplan/planStatistics/controller/MonthlyPlanStatisticsController.java
View File

@ -126,7 +126,7 @@ public class MonthlyPlanStatisticsController {
}
@GetMapping("getTaskSource")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取运检站", businessType = BusinessType.SELECT)
public R getTaskSource(MonthlyPlanStatisticsBean bean){
try {

2
modules/oiPlan/src/main/java/com/bonus/oiplan/planSubmission/controller/MonthlyPlanSubmissionController.java
View File

@ -81,7 +81,7 @@ public class MonthlyPlanSubmissionController {
}
@GetMapping("getTaskSource")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取任务来源", businessType = BusinessType.SELECT)
public R getTaskSource() {
try {

2
modules/system/src/main/java/com/bonus/system/basic/controller/DictController.java
View File

@ -10,7 +10,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@CrossOrigin
//@CrossOrigin
@RestController
@RequestMapping("/dicts")
@Slf4j

66
modules/system/src/main/java/com/bonus/system/basic/controller/SelectController.java
View File

@ -31,7 +31,7 @@ public class SelectController {
private SelectService service;
@GetMapping("getCompany")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询公司", businessType = BusinessType.SELECT)
public R getCompany(SelectBean o){
if(StringUtils.isEmpty(o.getCompanyId())){
@ -42,7 +42,7 @@ public class SelectController {
}
@GetMapping("getPro")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询工程-companyId", businessType = BusinessType.SELECT)
public R getPro(SelectBean o){
if(StringUtils.isEmpty(o.getCompanyId())) {
@ -53,7 +53,7 @@ public class SelectController {
}
@GetMapping("getNoticeType")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取公告类型", businessType = BusinessType.SELECT)
public R getNoticeType(SelectBean o){
@ -61,7 +61,7 @@ public class SelectController {
}
@GetMapping("getProByOrgId")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询工程-orgId", businessType = BusinessType.SELECT)
public R getProByOrgId(SelectBean o){
SelfPermissionSettingUtils.getSelfPermissionByOrgId(o);
@ -69,14 +69,14 @@ public class SelectController {
}
@GetMapping("getProByTeamId")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询工程-teamId", businessType = BusinessType.SELECT)
public R getProByTeamId(SelectBean o){
return service.getProByTeamId(o);
}
@GetMapping("getTeamByProId")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询班组-proId", businessType = BusinessType.SELECT)
public R getTeamByProId(SelectBean o){
SelfPermissionSettingUtils.getSelfPermissionByOrgId(o);
@ -84,14 +84,14 @@ public class SelectController {
}
@GetMapping("getTeamBySubId")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询班组-subId", businessType = BusinessType.SELECT)
public R getTeamBySubId(SelectBean o){
return service.getTeamBySubId(o);
}
@GetMapping("getProBuildByOrgId")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询在建工程-orgId", businessType = BusinessType.SELECT)
public R getProBuildByOrgId(SelectBean o){
SelfPermissionSettingUtils.getSelfPermissionByOrgId(o);
@ -99,7 +99,7 @@ public class SelectController {
}
@GetMapping("getRole")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询角色", businessType = BusinessType.SELECT)
public R getRole(SelectBean o){
if(StringUtils.isEmpty(o.getCompanyId())) {
@ -110,14 +110,14 @@ public class SelectController {
}
@GetMapping("getRoleByLevel")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询角色根据等级", businessType = BusinessType.SELECT)
public R getRoleByLevel(SelectBean o){
return service.getRoleByLevel(o);
}
@GetMapping("getSub")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询分包商", businessType = BusinessType.SELECT)
public R getSub(SelectBean o){
return service.getSub(o);
@ -125,7 +125,7 @@ public class SelectController {
@GetMapping("getCerSub")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询证件模块分包商", businessType = BusinessType.SELECT)
public R getCerSub(SelectBean o){
String roleLevel = SecurityUtils.getLoginUser().getSysUser().getRoleLevel();
@ -137,28 +137,28 @@ public class SelectController {
}
@GetMapping("getProBySubId")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询分包商下的工程", businessType = BusinessType.SELECT)
public R getProBySubId(SelectBean o){
return service.getProBySubId(o);
}
@GetMapping("getAttendanceMachineByProId")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询工程下的考勤机", businessType = BusinessType.SELECT)
public R getAttendanceMachineByProId(SelectBean o){
return service.getAttendanceMachineByProId(o);
}
@GetMapping("getSubByProId")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询分包商根据工程id", businessType = BusinessType.SELECT)
public R getSubByProId(SelectBean o){
return service.getSubByProId(o);
}
@GetMapping("getCompanyAndSubCompany")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询公司和子公司", businessType = BusinessType.SELECT)
public R getCompanyAndSubCompany(SelectBean o){
SelfPermissionSettingUtils.getSelfPermissionByOrgId(o);
@ -166,7 +166,7 @@ public class SelectController {
}
@GetMapping("getSubCompany")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询分公司", businessType = BusinessType.SELECT)
public R getSubCompany(SelectBean o){
String subComId = SecurityUtils.getLoginUser().getSysUser().getSubComId();
@ -175,21 +175,21 @@ public class SelectController {
}
@GetMapping("getSubCompanyNoAuth")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询分公司-无权限限制", businessType = BusinessType.SELECT)
public R getSubCompanyNoAuth(SelectBean o){
return service.getSubCompanyNoAuth(o);
}
@GetMapping("getPrincipal")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询现场负责人", businessType = BusinessType.SELECT)
public R getPrincipal(SelectBean o){
return service.getPrincipal(o);
}
@GetMapping("getProListByOrg")
@CrossOrigin
//@CrossOrigin
@Log(title = "用户所在组织及其组织下级所绑定的所有工程", businessType = BusinessType.SELECT)
public R getProListByOrg(SelectBean o){
o.setOrgId(SecurityUtils.getLoginUser().getSysUser().getOrgId());
@ -197,14 +197,14 @@ public class SelectController {
}
@GetMapping("getRiskLevelLists")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取风险等级", businessType = BusinessType.SELECT)
public R getRiskLevelLists(){
return service.getRiskLevelLists();
}
@GetMapping("getOrg")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取组织", businessType = BusinessType.SELECT)
public R getOrg(SelectBean o){
SelfPermissionSettingUtils.getSelfPermissionByOrgId(o);
@ -212,7 +212,7 @@ public class SelectController {
}
@GetMapping("getPlanAuditor")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取分公司计划审核人", businessType = BusinessType.SELECT)
public R getPlanAuditor(SelectBean o){
String ownOrgId = SecurityUtils.getLoginUser().getSysUser().getOrgId();
@ -228,56 +228,56 @@ public class SelectController {
* type = produceCompanyAuditor 生产审核人
*/
@GetMapping("getCompanyPlanAuditor")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取总公司计划审核人", businessType = BusinessType.SELECT)
public R getCompanyPlanAuditor(SelectBean o){
return service.getCompanyPlanAuditor(o);
}
@GetMapping("getControlLevelLists")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取管控级别", businessType = BusinessType.SELECT)
public R getControlLevelLists(){
return service.getControlLevelLists();
}
@GetMapping("getControlMethodLists")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取管控方式", businessType = BusinessType.SELECT)
public R getControlMethodLists(){
return service.getControlMethodLists();
}
@GetMapping("getJobTypeLists")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取作业类型", businessType = BusinessType.SELECT)
public R getJobTypeLists(){
return service.getJobTypeLists();
}
@GetMapping("getCertificate")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取证件", businessType = BusinessType.SELECT)
public R getCertificate(){
return service.getCertificate();
}
@GetMapping("getCertificateSub")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取证件", businessType = BusinessType.SELECT)
public R getCertificateSub(){
return service.getCertificateSub();
}
@GetMapping("getSubContract")
@CrossOrigin
//@CrossOrigin
@Log(title = "查询分包商合同", businessType = BusinessType.SELECT)
public R getSubContract(SelectBean o){
return service.getSubContract(o);
}
@GetMapping("getProBySubContract")
@CrossOrigin
//@CrossOrigin
@Log(title = "根据分包商合同查工程", businessType = BusinessType.SELECT)
public R getProBySubContract(SelectBean o){
return service.getProBySubContract(o);
@ -285,14 +285,14 @@ public class SelectController {
@GetMapping("getQuestionBank")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取题库", businessType = BusinessType.SELECT)
public R getQuestionBank(SelectBean o){
return service.getQuestionBank(o);
}
@GetMapping("getTDict")
@CrossOrigin
//@CrossOrigin
@Log(title = "获取字典", businessType = BusinessType.SELECT)
public R getTDict(SelectBean o){
return service.getTDict(o);

2
modules/system/src/main/java/com/bonus/system/exam/controller/ExamController.java
View File

@ -18,7 +18,7 @@ import javax.annotation.Resource;
@RestController
@RequestMapping("/exam")
@Slf4j
@CrossOrigin
//@CrossOrigin
public class ExamController {
@Resource(name = "examPagerService")

2
modules/system/src/main/java/com/bonus/system/exam/controller/MergeTrainingExamController.java
View File

@ -18,7 +18,7 @@ import javax.annotation.Resource;
@RestController
@RequestMapping("/mergeTrainExam")
@Slf4j
@CrossOrigin
//@CrossOrigin
public class MergeTrainingExamController {
@Resource(name = "mergeTrainingExamService")

2
modules/system/src/main/java/com/bonus/system/exam/controller/TrainController.java
View File

@ -17,7 +17,7 @@ import javax.annotation.Resource;
@RestController
@RequestMapping("/train")
@Slf4j
@CrossOrigin
//@CrossOrigin
public class TrainController {
@Resource(name = "trainService")

2
modules/system/src/main/java/com/bonus/system/logs/controller/SysOperlogController.java
View File

@ -41,7 +41,7 @@ public class SysOperlogController extends BaseController
}
@CrossOrigin
//@CrossOrigin
@PostMapping("/getAllList")
@Log(title = "系统管理-操作日志", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:operlog:query")