diff --git a/common/src/main/java/com/jeesite/common/codec/EncodeUtils.java b/common/src/main/java/com/jeesite/common/codec/EncodeUtils.java index b8a946d3..c799a160 100644 --- a/common/src/main/java/com/jeesite/common/codec/EncodeUtils.java +++ b/common/src/main/java/com/jeesite/common/codec/EncodeUtils.java @@ -255,7 +255,7 @@ public class EncodeUtils { // 预编译SQL过滤正则表达式 private static Pattern sqlPattern = Pattern.compile("(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|(\\b(select|update|and|or|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)", Pattern.CASE_INSENSITIVE); - + /** * SQL过滤,防止注入,传入参数输入有select相关代码,替换空。 * @author ThinkGem @@ -263,7 +263,7 @@ public class EncodeUtils { public static String sqlFilter(String text){ if (text != null){ String value = text; - Matcher matcher = sqlPattern.matcher(text); + Matcher matcher = sqlPattern.matcher(value); if (matcher.find()) { value = matcher.replaceAll(StringUtils.EMPTY); } diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/service/EmployeeOfficeService.java b/modules/core/src/main/java/com/jeesite/modules/sys/service/EmployeeOfficeService.java deleted file mode 100644 index 3746694f..00000000 --- a/modules/core/src/main/java/com/jeesite/modules/sys/service/EmployeeOfficeService.java +++ /dev/null @@ -1,74 +0,0 @@ -/** - * Copyright (c) 2013-Now http://jeesite.com All rights reserved. - */ -package com.jeesite.modules.sys.service; - -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; - -import com.jeesite.common.entity.Page; -import com.jeesite.common.service.CrudService; -import com.jeesite.modules.sys.dao.EmployeeOfficeDao; -import com.jeesite.modules.sys.entity.EmployeeOffice; - -/** - * 附属机构Service - * @author ThinkGem - * @version 2019-05-05 - */ -@Service -@Transactional(readOnly=true) -public class EmployeeOfficeService extends CrudService { - - /** - * 获取单条数据 - * @param employeeOffice - * @return - */ - @Override - public EmployeeOffice get(EmployeeOffice employeeOffice) { - return super.get(employeeOffice); - } - - /** - * 查询分页数据 - * @param employeeOffice 查询条件 - * @param employeeOffice.page 分页对象 - * @return - */ - @Override - public Page findPage(EmployeeOffice employeeOffice) { - return super.findPage(employeeOffice); - } - - /** - * 保存数据(插入或更新) - * @param employeeOffice - */ - @Override - @Transactional(readOnly=false) - public void save(EmployeeOffice employeeOffice) { - super.save(employeeOffice); - } - - /** - * 更新状态 - * @param employeeOffice - */ - @Override - @Transactional(readOnly=false) - public void updateStatus(EmployeeOffice employeeOffice) { - super.updateStatus(employeeOffice); - } - - /** - * 删除数据 - * @param employeeOffice - */ - @Override - @Transactional(readOnly=false) - public void delete(EmployeeOffice employeeOffice) { - super.delete(employeeOffice); - } - -} \ No newline at end of file diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/utils/EmpUtils.java b/modules/core/src/main/java/com/jeesite/modules/sys/utils/EmpUtils.java index 9a28453d..30076e89 100644 --- a/modules/core/src/main/java/com/jeesite/modules/sys/utils/EmpUtils.java +++ b/modules/core/src/main/java/com/jeesite/modules/sys/utils/EmpUtils.java @@ -14,7 +14,7 @@ import com.jeesite.modules.sys.entity.EmployeeOffice; import com.jeesite.modules.sys.entity.Office; import com.jeesite.modules.sys.entity.User; import com.jeesite.modules.sys.service.CompanyService; -import com.jeesite.modules.sys.service.EmployeeOfficeService; +import com.jeesite.modules.sys.service.EmployeeService; import com.jeesite.modules.sys.service.OfficeService; /** @@ -31,6 +31,7 @@ public class EmpUtils { // 部门和公司缓存常量 public static final String CACHE_OFFICE_ALL_LIST = "officeAllList"; public static final String CACHE_COMPANY_ALL_LIST = "companyAllList"; + public static final String CACHE_COMPANY_OFFICE_LIST = "employeeOfficeList"; /** * 静态内部类,延迟加载,懒汉式,线程安全的单例模式 @@ -38,7 +39,7 @@ public class EmpUtils { private static final class Static { private static OfficeService officeService = SpringUtils.getBean(OfficeService.class); private static CompanyService companyService = SpringUtils.getBean(CompanyService.class); - private static EmployeeOfficeService employeeOfficeService = SpringUtils.getBean(EmployeeOfficeService.class); + private static EmployeeService employeeService = SpringUtils.getBean(EmployeeService.class); } /** @@ -61,12 +62,10 @@ public class EmpUtils { * 获取当前附属部门对象列表 */ public static List getEmployeeOfficeList(){ - List list = UserUtils.getCache("employeeOfficeList"); + List list = UserUtils.getCache(CACHE_COMPANY_OFFICE_LIST); if (list == null){ - EmployeeOffice where = new EmployeeOffice(); - where.setEmpCode(getEmployee().getEmpCode()); - list = Static.employeeOfficeService.findList(where); - UserUtils.putCache("employeeOfficeList", list); + list = Static.employeeService.findEmployeeOfficeList(getEmployee()); + UserUtils.putCache(CACHE_COMPANY_OFFICE_LIST, list); } return list; } diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/user/EmpOfficeController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/user/EmpOfficeController.java deleted file mode 100644 index 9106b897..00000000 --- a/modules/core/src/main/java/com/jeesite/modules/sys/web/user/EmpOfficeController.java +++ /dev/null @@ -1,107 +0,0 @@ -/** - * Copyright (c) 2013-Now http://jeesite.com All rights reserved. - */ -package com.jeesite.modules.sys.web.user; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.validation.annotation.Validated; -import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.ResponseBody; - -import com.jeesite.common.config.Global; -import com.jeesite.common.entity.Page; -import com.jeesite.common.web.BaseController; -import com.jeesite.modules.sys.entity.EmployeeOffice; -import com.jeesite.modules.sys.entity.Post; -import com.jeesite.modules.sys.service.EmployeeOfficeService; -import com.jeesite.modules.sys.service.PostService; - -/** - * 附属机构Controller - * @author ThinkGem - * @version 2019-05-05 - */ -@Controller -@RequestMapping(value = "${adminPath}/sys/empOffice") -public class EmpOfficeController extends BaseController { - - @Autowired - private EmployeeOfficeService employeeOfficeService; - @Autowired - private PostService postService; - - /** - * 获取数据 - */ - @ModelAttribute - public EmployeeOffice get(String empCode, String officeCode, boolean isNewRecord) { - return employeeOfficeService.get(new Class[]{String.class, String.class}, - new Object[]{empCode, officeCode}, isNewRecord); - } - - /** - * 查询列表 - */ - @RequiresPermissions("sys:empUser:view") - @RequestMapping(value = {"list", ""}) - public String list(EmployeeOffice employeeOffice, Model model) { - model.addAttribute("employeeOffice", employeeOffice); - return "modules/sys/user/empOfficeList"; - } - - /** - * 查询列表数据 - */ - @RequiresPermissions("sys:empUser:view") - @RequestMapping(value = "listData") - @ResponseBody - public Page listData(EmployeeOffice employeeOffice, HttpServletRequest request, HttpServletResponse response) { - employeeOffice.setPage(new Page<>(request, response)); - Page page = employeeOfficeService.findPage(employeeOffice); - return page; - } - - /** - * 查看编辑表单 - */ - @RequiresPermissions("sys:empUser:view") - @RequestMapping(value = "form") - public String form(EmployeeOffice employeeOffice, Model model) { - // 获取岗位列表 - Post post = new Post(); - model.addAttribute("postList", postService.findList(post)); - model.addAttribute("employeeOffice", employeeOffice); - return "modules/sys/user/empOfficeForm"; - } - - /** - * 保存附属机构 - */ - @RequiresPermissions("sys:empUser:edit") - @PostMapping(value = "save") - @ResponseBody - public String save(@Validated EmployeeOffice employeeOffice) { - employeeOfficeService.save(employeeOffice); - return renderResult(Global.TRUE, text("保存附属机构成功!")); - } - - /** - * 删除附属机构 - */ - @RequiresPermissions("sys:empUser:edit") - @RequestMapping(value = "delete") - @ResponseBody - public String delete(EmployeeOffice employeeOffice) { - employeeOfficeService.delete(employeeOffice); - return renderResult(Global.TRUE, text("删除附属机构成功!")); - } - -} \ No newline at end of file diff --git a/modules/core/src/main/resources/views/modules/sys/user/empOfficeForm.html b/modules/core/src/main/resources/views/modules/sys/user/empOfficeForm.html deleted file mode 100644 index c1be2e94..00000000 --- a/modules/core/src/main/resources/views/modules/sys/user/empOfficeForm.html +++ /dev/null @@ -1,69 +0,0 @@ -<% layout('/layouts/default.html', {title: '附属机构管理', libs: ['validate']}){ %> -
-
-
-
- ${text(employeeOffice.isNewRecord ? '新增附属机构' : '编辑附属机构')} -
-
- -
-
- <#form:form id="inputForm" model="${employeeOffice}" action="${ctx}/sys/empOffice/save" method="post" class="form-horizontal"> - <#form:hidden path="empCode"/> - <#form:hidden path="isNewRecord"/> -

-
-
-
- -
- <#form:treeselect id="office" title="${text('机构选择')}" - path="officeCode" labelPath="officeName" readonly="${!employeeOffice.isNewRecord}" - url="${ctx}/sys/office/treeData?ctrlPermi=${@Global.getConfig('user.adminCtrlPermi', '2')}" class="required" allowClear="false"/> -
-
-
-
-
-
-
- -
- <#form:select name="postCode" items="${postList}" - itemLabel="postName" itemValue="postCode" class="form-control"/> -
-
-
-
-
-
-
-
- <% if (hasPermi('sys:empUser:view')){ %> -   - <% } %> - -
-
-
- -
-
-<% } %> - \ No newline at end of file diff --git a/modules/core/src/main/resources/views/modules/sys/user/empOfficeList.html b/modules/core/src/main/resources/views/modules/sys/user/empOfficeList.html deleted file mode 100644 index 9666c880..00000000 --- a/modules/core/src/main/resources/views/modules/sys/user/empOfficeList.html +++ /dev/null @@ -1,53 +0,0 @@ -<% layout('/layouts/default.html', {title: '附属机构管理', libs: ['dataGrid']}){ %> -
-
-
-
- ${text('附属机构管理')} -
-
- ${text('查询')} - <% if(hasPermi('sys:empUser:view')){ %> - ${text('新增')} - <% } %> -
-
-
- <#form:form id="searchForm" model="${employeeOffice}" action="${ctx}/sys/empOffice/listData" method="post" class="form-inline hide" - data-page-no="${parameter.pageNo}" data-page-size="${parameter.pageSize}" data-order-by="${parameter.orderBy}"> - <#form:hidden path="empCode"/> -
- - -
- -
-
-
-
-
-<% } %> - \ No newline at end of file