From 5b485e7934825eb8d513ae45534f4fe68b86976e Mon Sep 17 00:00:00 2001 From: RuoYi Date: Tue, 5 Nov 2024 12:50:12 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=E6=A0=A1=E6=A3=80=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E5=90=8D=E6=98=AF=E5=90=A6=E5=8C=85=E5=90=AB=E7=89=B9=E6=AE=8A?= =?UTF-8?q?=E5=AD=97=E7=AC=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ruoyi-ui/src/components/FileUpload/index.vue | 7 ++++++- ruoyi-ui/src/components/ImageUpload/index.vue | 4 ++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/ruoyi-ui/src/components/FileUpload/index.vue b/ruoyi-ui/src/components/FileUpload/index.vue index 1fab17327..7db68b51a 100644 --- a/ruoyi-ui/src/components/FileUpload/index.vue +++ b/ruoyi-ui/src/components/FileUpload/index.vue @@ -118,10 +118,15 @@ export default { const fileExt = fileName[fileName.length - 1]; const isTypeOk = this.fileType.indexOf(fileExt) >= 0; if (!isTypeOk) { - this.$modal.msgError(`文件格式不正确, 请上传${this.fileType.join("/")}格式文件!`); + this.$modal.msgError(`文件格式不正确,请上传${this.fileType.join("/")}格式文件!`); return false; } } + // 校检文件名是否包含特殊字符 + if (file.name.includes(',')) { + this.$modal.msgError('文件名不正确,不能包含英文逗号!'); + return false; + } // 校检文件大小 if (this.fileSize) { const isLt = file.size / 1024 / 1024 < this.fileSize; diff --git a/ruoyi-ui/src/components/ImageUpload/index.vue b/ruoyi-ui/src/components/ImageUpload/index.vue index f3370dfb9..5308677c2 100644 --- a/ruoyi-ui/src/components/ImageUpload/index.vue +++ b/ruoyi-ui/src/components/ImageUpload/index.vue @@ -133,6 +133,10 @@ export default { this.$modal.msgError(`文件格式不正确, 请上传${this.fileType.join("/")}图片格式文件!`); return false; } + if (file.name.includes(',')) { + this.$modal.msgError('文件名不正确,不能包含英文逗号!'); + return false; + } if (this.fileSize) { const isLt = file.size / 1024 / 1024 < this.fileSize; if (!isLt) { From bec5600f1666267dd9eb897f11564059c6c009c4 Mon Sep 17 00:00:00 2001 From: RuoYi Date: Tue, 5 Nov 2024 16:30:15 +0800 Subject: [PATCH 2/3] =?UTF-8?q?=E4=BC=98=E5=8C=96=E6=97=A0=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E7=BC=96=E5=8F=B7=E4=B8=8D=E6=A0=A1=E9=AA=8C=E6=95=B0?= =?UTF-8?q?=E6=8D=AE=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/ruoyi/system/controller/SysUserController.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java index c7c4ca79d..0df2a4e85 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java @@ -196,18 +196,18 @@ public class SysUserController extends BaseController @GetMapping(value = { "/", "/{userId}" }) public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) { - userService.checkUserDataScope(userId); AjaxResult ajax = AjaxResult.success(); - List roles = roleService.selectRoleAll(); - ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList())); - ajax.put("posts", postService.selectPostAll()); if (StringUtils.isNotNull(userId)) { + userService.checkUserDataScope(userId); SysUser sysUser = userService.selectUserById(userId); ajax.put(AjaxResult.DATA_TAG, sysUser); ajax.put("postIds", postService.selectPostListByUserId(userId)); ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList())); } + List roles = roleService.selectRoleAll(); + ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList())); + ajax.put("posts", postService.selectPostAll()); return ajax; } From 856c471472ce60abea2f0b5487e9edf2514516ec Mon Sep 17 00:00:00 2001 From: RuoYi Date: Wed, 6 Nov 2024 10:20:18 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=E4=BC=98=E5=8C=96=E4=BB=A3=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/ruoyi/common/core/constant/SecurityConstants.java | 2 +- .../java/com/ruoyi/common/core/constant/TokenConstants.java | 5 ----- .../java/com/ruoyi/common/security/utils/SecurityUtils.java | 2 +- .../src/main/java/com/ruoyi/gateway/filter/AuthFilter.java | 2 +- ruoyi-ui/src/components/ImageUpload/index.vue | 2 +- 5 files changed, 4 insertions(+), 9 deletions(-) diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java index d02baeb05..7e790ff96 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java @@ -20,7 +20,7 @@ public class SecurityConstants /** * 授权信息字段 */ - public static final String AUTHORIZATION_HEADER = "authorization"; + public static final String AUTHORIZATION_HEADER = "Authorization"; /** * 请求来源 diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/TokenConstants.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/TokenConstants.java index f6c6b8d45..a373028e4 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/TokenConstants.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/TokenConstants.java @@ -7,11 +7,6 @@ package com.ruoyi.common.core.constant; */ public class TokenConstants { - /** - * 令牌自定义标识 - */ - public static final String AUTHENTICATION = "Authorization"; - /** * 令牌前缀 */ diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java index 78a53932d..149dd8a2d 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java @@ -62,7 +62,7 @@ public class SecurityUtils public static String getToken(HttpServletRequest request) { // 从header获取token标识 - String token = request.getHeader(TokenConstants.AUTHENTICATION); + String token = request.getHeader(SecurityConstants.AUTHORIZATION_HEADER); return replaceTokenPrefix(token); } diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java index 9582f8af0..51d39ef9f 100644 --- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java +++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java @@ -118,7 +118,7 @@ public class AuthFilter implements GlobalFilter, Ordered */ private String getToken(ServerHttpRequest request) { - String token = request.getHeaders().getFirst(TokenConstants.AUTHENTICATION); + String token = request.getHeaders().getFirst(SecurityConstants.AUTHORIZATION_HEADER); // 如果前端设置了令牌前缀,则裁剪掉前缀 if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) { diff --git a/ruoyi-ui/src/components/ImageUpload/index.vue b/ruoyi-ui/src/components/ImageUpload/index.vue index 5308677c2..7da56eb07 100644 --- a/ruoyi-ui/src/components/ImageUpload/index.vue +++ b/ruoyi-ui/src/components/ImageUpload/index.vue @@ -130,7 +130,7 @@ export default { } if (!isImg) { - this.$modal.msgError(`文件格式不正确, 请上传${this.fileType.join("/")}图片格式文件!`); + this.$modal.msgError(`文件格式不正确,请上传${this.fileType.join("/")}图片格式文件!`); return false; } if (file.name.includes(',')) {