Merge branch 'master' of https://gitee.com/y_project/RuoYi-Cloud

Conflicts: pom.xml
2025-09-29 06:53:10 +00:00 · 2021-11-14 10:51:04 +08:00
parent 449a1bab44 6adc583c38
commit 0a8c581a8b
70 changed files with 1644 additions and 545 deletions
--- a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java
+++ b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java
@@ -15,7 +15,6 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.ruoyi.common.core.constant.Constants;
 import com.ruoyi.common.core.exception.job.TaskException;
-import com.ruoyi.common.core.utils.SecurityUtils;
 import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.common.core.utils.poi.ExcelUtil;
 import com.ruoyi.common.core.web.controller.BaseController;
@@ -23,7 +22,8 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
 import com.ruoyi.common.core.web.page.TableDataInfo;
 import com.ruoyi.common.log.annotation.Log;
 import com.ruoyi.common.log.enums.BusinessType;
-import com.ruoyi.common.security.annotation.PreAuthorize;
+import com.ruoyi.common.security.annotation.RequiresPermissions;
+import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.job.domain.SysJob;
 import com.ruoyi.job.service.ISysJobService;
 import com.ruoyi.job.util.CronUtils;
@@ -43,7 +43,7 @@ public class SysJobController extends BaseController
    /**
     * 查询定时任务列表
     */
-    @PreAuthorize(hasPermi = "monitor:job:list")
+    @RequiresPermissions("monitor:job:list")
    @GetMapping("/list")
    public TableDataInfo list(SysJob sysJob)
    {
@@ -55,7 +55,7 @@ public class SysJobController extends BaseController
    /**
     * 导出定时任务列表
     */
-    @PreAuthorize(hasPermi = "monitor:job:export")
+    @RequiresPermissions("monitor:job:export")
    @Log(title = "定时任务", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SysJob sysJob) throws IOException
@@ -68,7 +68,7 @@ public class SysJobController extends BaseController
    /**
     * 获取定时任务详细信息
     */
-    @PreAuthorize(hasPermi = "monitor:job:query")
+    @RequiresPermissions("monitor:job:query")
    @GetMapping(value = "/{jobId}")
    public AjaxResult getInfo(@PathVariable("jobId") Long jobId)
    {
@@ -78,7 +78,7 @@ public class SysJobController extends BaseController
    /**
     * 新增定时任务
     */
-    @PreAuthorize(hasPermi = "monitor:job:add")
+    @RequiresPermissions("monitor:job:add")
    @Log(title = "定时任务", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@RequestBody SysJob job) throws SchedulerException, TaskException
@@ -99,6 +99,10 @@ public class SysJobController extends BaseController
        {
            return error("新增任务'" + job.getJobName() + "'失败，目标字符串不允许'http(s)//'调用");
        }
+        else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), Constants.JOB_ERROR_STR))
+        {
+            return error("新增任务'" + job.getJobName() + "'失败，目标字符串存在违规");
+        }
        job.setCreateBy(SecurityUtils.getUsername());
        return toAjax(jobService.insertJob(job));
    }
@@ -106,7 +110,7 @@ public class SysJobController extends BaseController
    /**
     * 修改定时任务
     */
-    @PreAuthorize(hasPermi = "monitor:job:edit")
+    @RequiresPermissions("monitor:job:edit")
    @Log(title = "定时任务", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@RequestBody SysJob job) throws SchedulerException, TaskException
@@ -127,6 +131,10 @@ public class SysJobController extends BaseController
        {
            return error("修改任务'" + job.getJobName() + "'失败，目标字符串不允许'http(s)//'调用");
        }
+        else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), Constants.JOB_ERROR_STR))
+        {
+            return error("修改任务'" + job.getJobName() + "'失败，目标字符串存在违规");
+        }
        job.setUpdateBy(SecurityUtils.getUsername());
        return toAjax(jobService.updateJob(job));
    }
@@ -134,7 +142,7 @@ public class SysJobController extends BaseController
    /**
     * 定时任务状态修改
     */
-    @PreAuthorize(hasPermi = "monitor:job:changeStatus")
+    @RequiresPermissions("monitor:job:changeStatus")
    @Log(title = "定时任务", businessType = BusinessType.UPDATE)
    @PutMapping("/changeStatus")
    public AjaxResult changeStatus(@RequestBody SysJob job) throws SchedulerException
@@ -147,7 +155,7 @@ public class SysJobController extends BaseController
    /**
     * 定时任务立即执行一次
     */
-    @PreAuthorize(hasPermi = "monitor:job:changeStatus")
+    @RequiresPermissions("monitor:job:changeStatus")
    @Log(title = "定时任务", businessType = BusinessType.UPDATE)
    @PutMapping("/run")
    public AjaxResult run(@RequestBody SysJob job) throws SchedulerException
@@ -159,7 +167,7 @@ public class SysJobController extends BaseController
    /**
     * 删除定时任务
     */
-    @PreAuthorize(hasPermi = "monitor:job:remove")
+    @RequiresPermissions("monitor:job:remove")
    @Log(title = "定时任务", businessType = BusinessType.DELETE)
    @DeleteMapping("/{jobIds}")
    public AjaxResult remove(@PathVariable Long[] jobIds) throws SchedulerException, TaskException
--- a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java
+++ b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java
@@ -16,7 +16,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
 import com.ruoyi.common.core.web.page.TableDataInfo;
 import com.ruoyi.common.log.annotation.Log;
 import com.ruoyi.common.log.enums.BusinessType;
-import com.ruoyi.common.security.annotation.PreAuthorize;
+import com.ruoyi.common.security.annotation.RequiresPermissions;
 import com.ruoyi.job.domain.SysJobLog;
 import com.ruoyi.job.service.ISysJobLogService;

@@ -35,7 +35,7 @@ public class SysJobLogController extends BaseController
    /**
     * 查询定时任务调度日志列表
     */
-    @PreAuthorize(hasPermi = "monitor:job:list")
+    @RequiresPermissions("monitor:job:list")
    @GetMapping("/list")
    public TableDataInfo list(SysJobLog sysJobLog)
    {
@@ -47,7 +47,7 @@ public class SysJobLogController extends BaseController
    /**
     * 导出定时任务调度日志列表
     */
-    @PreAuthorize(hasPermi = "monitor:job:export")
+    @RequiresPermissions("monitor:job:export")
    @Log(title = "任务调度日志", businessType = BusinessType.EXPORT)
    @PostMapping("/export")
    public void export(HttpServletResponse response, SysJobLog sysJobLog) throws IOException
@@ -60,7 +60,7 @@ public class SysJobLogController extends BaseController
    /**
     * 根据调度编号获取详细信息
     */
-    @PreAuthorize(hasPermi = "monitor:job:query")
+    @RequiresPermissions("monitor:job:query")
    @GetMapping(value = "/{configId}")
    public AjaxResult getInfo(@PathVariable Long jobLogId)
    {
@@ -70,7 +70,7 @@ public class SysJobLogController extends BaseController
    /**
     * 删除定时任务调度日志
     */
-    @PreAuthorize(hasPermi = "monitor:job:remove")
+    @RequiresPermissions("monitor:job:remove")
    @Log(title = "定时任务调度日志", businessType = BusinessType.DELETE)
    @DeleteMapping("/{jobLogIds}")
    public AjaxResult remove(@PathVariable Long[] jobLogIds)
@@ -81,7 +81,7 @@ public class SysJobLogController extends BaseController
    /**
     * 清空定时任务调度日志
     */
-    @PreAuthorize(hasPermi = "monitor:job:remove")
+    @RequiresPermissions("monitor:job:remove")
    @Log(title = "调度日志", businessType = BusinessType.CLEAN)
    @DeleteMapping("/clean")
    public AjaxResult clean()