diff --git a/novel-admin/src/main/java/com/java2nb/common/aspect/SortOrderValidationAspect.java b/novel-admin/src/main/java/com/java2nb/common/aspect/SortOrderValidationAspect.java index 01da149..846681c 100644 --- a/novel-admin/src/main/java/com/java2nb/common/aspect/SortOrderValidationAspect.java +++ b/novel-admin/src/main/java/com/java2nb/common/aspect/SortOrderValidationAspect.java @@ -25,10 +25,10 @@ import java.util.Map; public class SortOrderValidationAspect { /** - * 拦截所有的mapper方法 + * 拦截mapper的所有list方法 */ @SneakyThrows - @Around("execution(* com.java2nb.*.dao.*Dao.*(..))") + @Around("execution(* com.java2nb.*.dao.*Dao.list*(..))") public Object validateSortAndOrder(ProceedingJoinPoint joinPoint) { Object[] args = joinPoint.getArgs(); MethodSignature signature = (MethodSignature) joinPoint.getSignature(); diff --git a/novel-admin/src/main/java/com/java2nb/common/utils/SortWhitelistUtil.java b/novel-admin/src/main/java/com/java2nb/common/utils/SortWhitelistUtil.java index 2ca8300..d878312 100644 --- a/novel-admin/src/main/java/com/java2nb/common/utils/SortWhitelistUtil.java +++ b/novel-admin/src/main/java/com/java2nb/common/utils/SortWhitelistUtil.java @@ -14,8 +14,7 @@ import java.util.Set; public class SortWhitelistUtil { private final Set allowedColumns = new HashSet<>( - Arrays.asList("id", "name", "create_time", "update_time", "order_num", "last_index_update_time", "word_count", - "visit_count")); + Arrays.asList("id", "name", "order_num")); private final Set allowedOrders = new HashSet<>(Arrays.asList("asc", "desc")); public String sanitizeColumn(String input) { diff --git a/novel-admin/src/main/java/com/java2nb/system/dao/SysUserDao.java b/novel-admin/src/main/java/com/java2nb/system/dao/SysUserDao.java index 1bef4be..92a32ba 100644 --- a/novel-admin/src/main/java/com/java2nb/system/dao/SysUserDao.java +++ b/novel-admin/src/main/java/com/java2nb/system/dao/SysUserDao.java @@ -11,7 +11,6 @@ import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Param; /** - * * @author xiongxy * @email 1179705413@qq.com * @date 2019-10-03 09:45:11 @@ -19,23 +18,23 @@ import org.apache.ibatis.annotations.Param; @Mapper public interface SysUserDao { - UserDO get(Long userId); - - List list(@ValidateSortOrder Map map); - - int count(Map map); - - int save(UserDO user); - - int update(UserDO user); - - int remove(Long userId); - - int batchRemove(Long[] userIds); - - Long[] listAllDept(); + UserDO get(Long userId); - List listByPerm(Map map); + List list(@ValidateSortOrder Map map); - int countByPerm(Map map); + int count(Map map); + + int save(UserDO user); + + int update(UserDO user); + + int remove(Long userId); + + int batchRemove(Long[] userIds); + + Long[] listAllDept(); + + List listByPerm(@ValidateSortOrder Map map); + + int countByPerm(Map map); } diff --git a/novel-common/src/main/java/com/java2nb/novel/core/aspect/SortOrderValidationAspect.java b/novel-common/src/main/java/com/java2nb/novel/core/aspect/SortOrderValidationAspect.java index 41cb33a..d939471 100644 --- a/novel-common/src/main/java/com/java2nb/novel/core/aspect/SortOrderValidationAspect.java +++ b/novel-common/src/main/java/com/java2nb/novel/core/aspect/SortOrderValidationAspect.java @@ -21,7 +21,7 @@ import java.util.*; * @date 2025/7/17 */ @Aspect -@Component +//@Component @RequiredArgsConstructor public class SortOrderValidationAspect { diff --git a/novel-front/src/main/java/com/java2nb/novel/controller/BookController.java b/novel-front/src/main/java/com/java2nb/novel/controller/BookController.java index 1be8dc3..3d86237 100644 --- a/novel-front/src/main/java/com/java2nb/novel/controller/BookController.java +++ b/novel-front/src/main/java/com/java2nb/novel/controller/BookController.java @@ -15,6 +15,7 @@ import io.github.xxyopen.model.resp.RestResult; import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import java.util.HashMap; @@ -82,7 +83,7 @@ public class BookController extends BaseController { * 分页搜索 */ @GetMapping("searchByPage") - public RestResult searchByPage(BookSpVO bookSP, @RequestParam(value = "curr", defaultValue = "1") int page, + public RestResult searchByPage(@Validated BookSpVO bookSP, @RequestParam(value = "curr", defaultValue = "1") int page, @RequestParam(value = "limit", defaultValue = "20") int pageSize) { return RestResult.ok(bookService.searchByPage(bookSP, page, pageSize)); } diff --git a/novel-front/src/main/java/com/java2nb/novel/mapper/FrontBookMapper.java b/novel-front/src/main/java/com/java2nb/novel/mapper/FrontBookMapper.java index 28762b0..e1af572 100644 --- a/novel-front/src/main/java/com/java2nb/novel/mapper/FrontBookMapper.java +++ b/novel-front/src/main/java/com/java2nb/novel/mapper/FrontBookMapper.java @@ -14,7 +14,7 @@ import java.util.List; public interface FrontBookMapper extends BookMapper { - List searchByPage(@ValidateSortOrder BookSpVO params); + List searchByPage(BookSpVO params); void addVisitCount(@Param("bookId") Long bookId, @Param("visitCount") Integer visitCount); diff --git a/novel-front/src/main/java/com/java2nb/novel/vo/BookSpVO.java b/novel-front/src/main/java/com/java2nb/novel/vo/BookSpVO.java index f1a691e..8a7bcc4 100644 --- a/novel-front/src/main/java/com/java2nb/novel/vo/BookSpVO.java +++ b/novel-front/src/main/java/com/java2nb/novel/vo/BookSpVO.java @@ -1,6 +1,7 @@ package com.java2nb.novel.vo; import com.java2nb.novel.core.vo.SortOrderVO; +import jakarta.validation.constraints.Pattern; import lombok.Data; import java.util.Date; @@ -10,7 +11,7 @@ import java.util.Date; * @author 11797 */ @Data -public class BookSpVO extends SortOrderVO { +public class BookSpVO { private String keyword; @@ -30,5 +31,8 @@ public class BookSpVO extends SortOrderVO { private Long updatePeriod; + @Pattern(regexp = "^(last_index_update_time|word_count|visit_count)$") + private String sort; + }