diff --git a/opsli-base-support/opsli-core/pom.xml b/opsli-base-support/opsli-core/pom.xml
index 53d2ae18..91dd1cc5 100644
--- a/opsli-base-support/opsli-core/pom.xml
+++ b/opsli-base-support/opsli-core/pom.xml
@@ -111,6 +111,12 @@
mybatis-plus-spring-boot3-starter
+
+
+ com.baomidou
+ mybatis-plus-jsqlparser
+
+
com.github.pagehelper
pagehelper-spring-boot-starter
diff --git a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/autoconfigure/conf/MyBatisPlusConfig.java b/opsli-base-support/opsli-core/src/main/java/org/opsli/core/autoconfigure/conf/MyBatisPlusConfig.java
index 3b6c9491..19f9cdd1 100644
--- a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/autoconfigure/conf/MyBatisPlusConfig.java
+++ b/opsli-base-support/opsli-core/src/main/java/org/opsli/core/autoconfigure/conf/MyBatisPlusConfig.java
@@ -16,6 +16,7 @@
package org.opsli.core.autoconfigure.conf;
import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
+import com.baomidou.mybatisplus.extension.plugins.inner.BlockAttackInnerInterceptor;
import com.baomidou.mybatisplus.extension.plugins.inner.OptimisticLockerInnerInterceptor;
import lombok.extern.slf4j.Slf4j;
import org.apache.ibatis.session.SqlSessionFactory;
@@ -49,8 +50,9 @@ public class MyBatisPlusConfig {
// 乐观锁
mybatisPlusInterceptor.addInnerInterceptor(new OptimisticLockerInnerInterceptor());
- // 防止全表更新与删除插件
- //mybatisPlusInterceptor.addInnerInterceptor(new BlockAttackInnerInterceptor());
+ // 防止全表更新与删除插件 - 安全加固
+ // 拦截无 WHERE 条件的 UPDATE/DELETE,避免因业务 bug 或 SQL 注入导致整表数据被清空
+ mybatisPlusInterceptor.addInnerInterceptor(new BlockAttackInnerInterceptor());
return mybatisPlusInterceptor;
}
diff --git a/pom.xml b/pom.xml
index 41e2498d..77f11573 100644
--- a/pom.xml
+++ b/pom.xml
@@ -148,6 +148,13 @@
${mybatis-plus.version}
+
+
+ com.baomidou
+ mybatis-plus-jsqlparser
+ ${mybatis-plus.version}
+
+
com.github.pagehelper
pagehelper-spring-boot-starter