201206030/novel-plus
1
0
Fork 0
mirror of https://github.com/201206030/novel-plus.git synced 2025-07-19 07:36:39 +00:00
Code Issues Packages Releases Wiki Activity

refactor: 重构sort和order参数校验功能

Browse Source
This commit is contained in:
xiongxiaoyang
2025-07-17 20:53:41 +08:00
parent 3db8828384
commit 91e7d2712b
5 changed files with 52 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
novel-admin/src/main/java/com/java2nb/common/aspect/SortOrderValidationAspect.java
View File

@ -11,7 +11,6 @@ import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import java.lang.annotation.Annotation; import java.lang.annotation.Annotation;
import java.lang.reflect.Field;
import java.lang.reflect.Method; import java.lang.reflect.Method;
import java.util.Arrays; import java.util.Arrays;
import java.util.Map; import java.util.Map;
@ -41,50 +40,17 @@ public class SortOrderValidationAspect {
boolean hasAnnotation = Arrays.stream(parameterAnnotations[i]) boolean hasAnnotation = Arrays.stream(parameterAnnotations[i])
.anyMatch(a -> a.annotationType().equals(ValidateSortOrder.class)); .anyMatch(a -> a.annotationType().equals(ValidateSortOrder.class));
if (hasAnnotation && args[i] != null) { if (hasAnnotation && args[i] instanceof Map map) {
processArgument(args[i]); if (map.get("sort") instanceof String sortStr) {
map.put("sort", SortWhitelistUtil.sanitizeColumn(sortStr));
}
if (map.get("order") instanceof String orderStr) {
map.put("order", SortWhitelistUtil.sanitizeOrder(orderStr));
}
} }
} }
return joinPoint.proceed(args); return joinPoint.proceed(args);
} }
@SneakyThrows
private void processArgument(Object obj) {
if (obj instanceof Map<?,?> map) {
processMap(map);
} else {
traverseAndSanitize(obj);
}
}
@SneakyThrows
private void traverseAndSanitize(Object obj) {
for (Field field : obj.getClass().getDeclaredFields()) {
switch (field.getName()) {
case "sort", "order" -> {
field.setAccessible(true);
Object value = field.get(obj);
if (value instanceof String strValue) {
String sanitized = "sort".equals(field.getName())
? SortWhitelistUtil.sanitizeColumn(strValue)
: SortWhitelistUtil.sanitizeOrder(strValue);
field.set(obj, sanitized);
}
}
default -> {
}
}
}
}
private void processMap(Map map) {
if (map.get("sort") instanceof String sortStr) {
map.put("sort", SortWhitelistUtil.sanitizeColumn(sortStr));
}
if (map.get("order") instanceof String orderStr) {
map.put("order", SortWhitelistUtil.sanitizeOrder(orderStr));
}
}
} }

42
novel-common/src/main/java/com/java2nb/novel/core/aspect/SortOrderValidationAspect.java
View File

@ -2,6 +2,7 @@ package com.java2nb.novel.core.aspect;
import com.java2nb.novel.core.annotation.ValidateSortOrder; import com.java2nb.novel.core.annotation.ValidateSortOrder;
import com.java2nb.novel.core.utils.SortWhitelistUtil; import com.java2nb.novel.core.utils.SortWhitelistUtil;
import com.java2nb.novel.core.vo.SortOrderVO;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.SneakyThrows; import lombok.SneakyThrows;
import org.aspectj.lang.ProceedingJoinPoint; import org.aspectj.lang.ProceedingJoinPoint;
@ -29,7 +30,7 @@ public class SortOrderValidationAspect {
*/ */
@SneakyThrows @SneakyThrows
@Around("execution(* com.java2nb.novel.mapper.*Mapper.*(..))") @Around("execution(* com.java2nb.novel.mapper.*Mapper.*(..))")
public Object validateSortAndOrder(ProceedingJoinPoint joinPoint) { public Object processSortOrderFields(ProceedingJoinPoint joinPoint) {
Object[] args = joinPoint.getArgs(); Object[] args = joinPoint.getArgs();
MethodSignature signature = (MethodSignature) joinPoint.getSignature(); MethodSignature signature = (MethodSignature) joinPoint.getSignature();
Method method = signature.getMethod(); Method method = signature.getMethod();
@ -41,7 +42,7 @@ public class SortOrderValidationAspect {
.anyMatch(a -> a.annotationType().equals(ValidateSortOrder.class)); .anyMatch(a -> a.annotationType().equals(ValidateSortOrder.class));
if (hasAnnotation && args[i] != null) { if (hasAnnotation && args[i] != null) {
processArgument(args[i]); handleAnnotatedParameter(args[i]);
} }
} }
@ -49,16 +50,36 @@ public class SortOrderValidationAspect {
} }
@SneakyThrows @SneakyThrows
private void processArgument(Object obj) { private void handleAnnotatedParameter(Object obj) {
if (obj instanceof Map<?,?> map) { if (obj instanceof SortOrderVO sortOrderVO){
processSortOrderVO(sortOrderVO);
} else if (obj instanceof Map<?, ?> map) {
processMap(map); processMap(map);
} else { } else {
traverseAndSanitize(obj); processGenericObject(obj);
}
}
private void processSortOrderVO(SortOrderVO sortOrderVO) {
if(sortOrderVO.getSort() != null){
sortOrderVO.setSort(SortWhitelistUtil.sanitizeColumn(sortOrderVO.getSort()));
}
if(sortOrderVO.getOrder() != null){
sortOrderVO.setOrder(SortWhitelistUtil.sanitizeOrder(sortOrderVO.getOrder()));
}
}
private void processMap(Map map) {
if (map.get("sort") instanceof String sortStr) {
map.put("sort", SortWhitelistUtil.sanitizeColumn(sortStr));
}
if (map.get("order") instanceof String orderStr) {
map.put("order", SortWhitelistUtil.sanitizeOrder(orderStr));
} }
} }
@SneakyThrows @SneakyThrows
private void traverseAndSanitize(Object obj) { private void processGenericObject(Object obj) {
for (Field field : obj.getClass().getDeclaredFields()) { for (Field field : obj.getClass().getDeclaredFields()) {
switch (field.getName()) { switch (field.getName()) {
case "sort", "order" -> { case "sort", "order" -> {
@ -77,13 +98,4 @@ public class SortOrderValidationAspect {
} }
} }
private void processMap(Map map) {
if (map.get("sort") instanceof String sortStr) {
map.put("sort", SortWhitelistUtil.sanitizeColumn(sortStr));
}
if (map.get("order") instanceof String orderStr) {
map.put("order", SortWhitelistUtil.sanitizeOrder(orderStr));
}
}
} }

16
novel-common/src/main/java/com/java2nb/novel/core/vo/SortOrderVO.java Normal file
View File

@ -0,0 +1,16 @@
package com.java2nb.novel.core.vo;
import lombok.Data;
/**
* @author xiongxiaoyang
* @date 2025/7/17
*/
@Data
public class SortOrderVO {
private String sort;
private String order;
}

5
novel-front/src/main/java/com/java2nb/novel/mapper/FrontNewsMapper.java
View File

@ -1,12 +1,7 @@
package com.java2nb.novel.mapper; package com.java2nb.novel.mapper;
import com.java2nb.novel.entity.Book;
import com.java2nb.novel.vo.BookSpVO;
import com.java2nb.novel.vo.BookVO;
import org.apache.ibatis.annotations.Param; import org.apache.ibatis.annotations.Param;
import java.util.List;
/** /**
* @author Administrator * @author Administrator
*/ */

7
novel-front/src/main/java/com/java2nb/novel/vo/BookSpVO.java
View File

@ -1,5 +1,6 @@
package com.java2nb.novel.vo; package com.java2nb.novel.vo;
import com.java2nb.novel.core.vo.SortOrderVO;
import lombok.Data; import lombok.Data;
import java.util.Date; import java.util.Date;
@ -9,7 +10,7 @@ import java.util.Date;
* @author 11797 * @author 11797
*/ */
@Data @Data
public class BookSpVO { public class BookSpVO extends SortOrderVO {
private String keyword; private String keyword;
@ -29,9 +30,5 @@ public class BookSpVO {
private Long updatePeriod; private Long updatePeriod;
private String sort;
} }