201206030/novel-plus
1
0
Fork 0
mirror of https://github.com/201206030/novel-plus.git synced 2025-07-19 07:36:39 +00:00
Code Issues Packages Releases Wiki Activity

perf: 优化排序参数校验

Browse Source
This commit is contained in:
xiongxiaoyang
2025-07-18 16:21:35 +08:00
parent 773ce159f7
commit 1cd8a49fd4
7 changed files with 29 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
novel-admin/src/main/java/com/java2nb/common/aspect/SortOrderValidationAspect.java
View File

@ -25,10 +25,10 @@ import java.util.Map;
public class SortOrderValidationAspect { public class SortOrderValidationAspect {
/** /**
* 拦截所有的mapper方法 * 拦截mapper的所有list方法
*/ */
@SneakyThrows @SneakyThrows
@Around("execution(* com.java2nb.*.dao.*Dao.*(..))") @Around("execution(* com.java2nb.*.dao.*Dao.list*(..))")
public Object validateSortAndOrder(ProceedingJoinPoint joinPoint) { public Object validateSortAndOrder(ProceedingJoinPoint joinPoint) {
Object[] args = joinPoint.getArgs(); Object[] args = joinPoint.getArgs();
MethodSignature signature = (MethodSignature) joinPoint.getSignature(); MethodSignature signature = (MethodSignature) joinPoint.getSignature();

3
novel-admin/src/main/java/com/java2nb/common/utils/SortWhitelistUtil.java
View File

@ -14,8 +14,7 @@ import java.util.Set;
public class SortWhitelistUtil { public class SortWhitelistUtil {
private final Set<String> allowedColumns = new HashSet<>( private final Set<String> allowedColumns = new HashSet<>(
Arrays.asList("id", "name", "create_time", "update_time", "order_num", "last_index_update_time", "word_count", Arrays.asList("id", "name", "order_num"));
"visit_count"));
private final Set<String> allowedOrders = new HashSet<>(Arrays.asList("asc", "desc")); private final Set<String> allowedOrders = new HashSet<>(Arrays.asList("asc", "desc"));
public String sanitizeColumn(String input) { public String sanitizeColumn(String input) {

35
novel-admin/src/main/java/com/java2nb/system/dao/SysUserDao.java
View File

@ -11,7 +11,6 @@ import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param; import org.apache.ibatis.annotations.Param;
/** /**
*
* @author xiongxy * @author xiongxy
* @email 1179705413@qq.com * @email 1179705413@qq.com
* @date 2019-10-03 09:45:11 * @date 2019-10-03 09:45:11
@ -19,23 +18,23 @@ import org.apache.ibatis.annotations.Param;
@Mapper @Mapper
public interface SysUserDao { public interface SysUserDao {
UserDO get(Long userId); UserDO get(Long userId);
List<UserDO> list(@ValidateSortOrder Map<String,Object> map);
int count(Map<String,Object> map);
int save(UserDO user);
int update(UserDO user);
int remove(Long userId);
int batchRemove(Long[] userIds);
Long[] listAllDept();
List<UserDO> listByPerm(Map<String, Object> map); List<UserDO> list(@ValidateSortOrder Map<String, Object> map);
int countByPerm(Map<String,Object> map); int count(Map<String, Object> map);
int save(UserDO user);
int update(UserDO user);
int remove(Long userId);
int batchRemove(Long[] userIds);
Long[] listAllDept();
List<UserDO> listByPerm(@ValidateSortOrder Map<String, Object> map);
int countByPerm(Map<String, Object> map);
} }

2
novel-common/src/main/java/com/java2nb/novel/core/aspect/SortOrderValidationAspect.java
View File

@ -21,7 +21,7 @@ import java.util.*;
* @date 2025/7/17 * @date 2025/7/17
*/ */
@Aspect @Aspect
@Component //@Component
@RequiredArgsConstructor @RequiredArgsConstructor
public class SortOrderValidationAspect { public class SortOrderValidationAspect {

3
novel-front/src/main/java/com/java2nb/novel/controller/BookController.java
View File

@ -15,6 +15,7 @@ import io.github.xxyopen.model.resp.RestResult;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import java.util.HashMap; import java.util.HashMap;
@ -82,7 +83,7 @@ public class BookController extends BaseController {
* 分页搜索 * 分页搜索
*/ */
@GetMapping("searchByPage") @GetMapping("searchByPage")
public RestResult<?> searchByPage(BookSpVO bookSP, @RequestParam(value = "curr", defaultValue = "1") int page, public RestResult<?> searchByPage(@Validated BookSpVO bookSP, @RequestParam(value = "curr", defaultValue = "1") int page,
@RequestParam(value = "limit", defaultValue = "20") int pageSize) { @RequestParam(value = "limit", defaultValue = "20") int pageSize) {
return RestResult.ok(bookService.searchByPage(bookSP, page, pageSize)); return RestResult.ok(bookService.searchByPage(bookSP, page, pageSize));
} }

2
novel-front/src/main/java/com/java2nb/novel/mapper/FrontBookMapper.java
View File

@ -14,7 +14,7 @@ import java.util.List;
public interface FrontBookMapper extends BookMapper { public interface FrontBookMapper extends BookMapper {
List<BookVO> searchByPage(@ValidateSortOrder BookSpVO params); List<BookVO> searchByPage(BookSpVO params);
void addVisitCount(@Param("bookId") Long bookId, @Param("visitCount") Integer visitCount); void addVisitCount(@Param("bookId") Long bookId, @Param("visitCount") Integer visitCount);

6
novel-front/src/main/java/com/java2nb/novel/vo/BookSpVO.java
View File

@ -1,6 +1,7 @@
package com.java2nb.novel.vo; package com.java2nb.novel.vo;
import com.java2nb.novel.core.vo.SortOrderVO; import com.java2nb.novel.core.vo.SortOrderVO;
import jakarta.validation.constraints.Pattern;
import lombok.Data; import lombok.Data;
import java.util.Date; import java.util.Date;
@ -10,7 +11,7 @@ import java.util.Date;
* @author 11797 * @author 11797
*/ */
@Data @Data
public class BookSpVO extends SortOrderVO { public class BookSpVO {
private String keyword; private String keyword;
@ -30,5 +31,8 @@ public class BookSpVO extends SortOrderVO {
private Long updatePeriod; private Long updatePeriod;
@Pattern(regexp = "^(last_index_update_time|word_count|visit_count)$")
private String sort;
} }