center/dataease-dm
center/dataease-dm
13
0
Fork 0
forked from github/dataease
Code Pull Requests Activity

fix: 组织列表接口sql-inject

Browse Source
This commit is contained in:
fit2cloud-chenyw 2023-09-11 12:10:19 +08:00
parent 197473bb36
commit 6ca92d239a
3 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
core/backend/src/main/java/io/dataease/plugins/server/XDeptServer.java
View File

@ -64,17 +64,16 @@ public class XDeptServer {
@ApiOperation("搜索组织树")
@PostMapping("/search")
public List<DeptNodeResponse> search(@RequestBody XpackGridRequest request){
public List<DeptNodeResponse> search(@RequestBody XpackDeptGridRequest request){
DeptXpackService deptService = SpringContextUtil.getBean(DeptXpackService.class);
List<XpackSysDept> nodes = deptService.nodesTreeByCondition(request);
List<DeptNodeResponse> nodeResponses = nodes.stream().map(node -> {
return nodes.stream().map(node -> {
DeptNodeResponse deptNodeResponse = BeanUtils.copyBean(new DeptNodeResponse(), node);
deptNodeResponse.setHasChildren(node.getSubCount() > 0);
deptNodeResponse.setLeaf(node.getSubCount() == 0);
deptNodeResponse.setTop(node.getPid() == 0L);
return deptNodeResponse;
}).collect(Collectors.toList());
return nodeResponses;
}
@ApiIgnore

10
sdk/dataease-plugin-interface/src/main/java/io/dataease/plugins/xpack/dept/dto/request/XpackDeptGridRequest.java Normal file
View File

@ -0,0 +1,10 @@
package io.dataease.plugins.xpack.dept.dto.request;
import io.dataease.plugins.common.request.KeywordRequest;
import lombok.Data;
@Data
public class XpackDeptGridRequest extends KeywordRequest {
private Long pid = 0L;
}

7
sdk/dataease-plugin-interface/src/main/java/io/dataease/plugins/xpack/dept/service/DeptXpackService.java
View File

@ -1,18 +1,18 @@
package io.dataease.plugins.xpack.dept.service;
import io.dataease.plugins.common.entity.XpackGridRequest;
import io.dataease.plugins.common.service.PluginMenuService;
import io.dataease.plugins.xpack.dept.dto.request.*;
import io.dataease.plugins.xpack.dept.dto.response.DeptUserItemDTO;
import io.dataease.plugins.xpack.dept.dto.response.XpackDeptTreeNode;
import io.dataease.plugins.xpack.dept.dto.response.XpackSysDept;
import java.util.List;
public abstract class DeptXpackService extends PluginMenuService {
public abstract List<XpackSysDept> nodesByPid(Long pid);
public abstract List<XpackSysDept> nodesTreeByCondition(XpackGridRequest request);
public abstract List<XpackSysDept> nodesTreeByCondition(XpackDeptGridRequest request);
public abstract List<XpackDeptTreeNode> searchTree(Long deptId);
@ -23,8 +23,11 @@ public abstract class DeptXpackService extends PluginMenuService {
public abstract int batchDelete(List<XpackDeleteDept> requests);
public abstract void move(XpackMoveDept xpackMoveDept);
public abstract void bindUser(XpackDeptBindRequest request);
public abstract void unBindUsers(XpackDeptBindRequest request);
public abstract List<DeptUserItemDTO> queryBinded(XpackDeptUserRequest request, boolean isPage);