Pre Merge pull request !451 from 张宪新/hotfix/fix-scheduleUtils_NPE

2025-02-27 02:57:21 +00:00 · 2025-02-27 02:57:21 +00:00 · 31cd77f8d7
parent 9f1089ff71 8539c5b40a
commit 31cd77f8d7
2 changed files with 20 additions and 6 deletions
--- a/ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobController.java
+++ b/ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobController.java
@ -4,6 +4,7 @@ import java.util.List;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.quartz.SchedulerException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.ModelMap;
 import org.springframework.validation.annotation.Validated;
@ -38,6 +39,9 @@ public class SysJobController extends BaseController
 {
    private String prefix = "monitor/job";
    @Value("${job.whiteList:}")
    private List<String> whiteList;
    @Autowired
    private ISysJobService jobService;
@ -154,7 +158,7 @@ public class SysJobController extends BaseController
        {
            return error("新增任务'" + job.getJobName() + "'失败，目标字符串存在违规");
        }
-        else if (!ScheduleUtils.whiteList(job.getInvokeTarget()))
+        else if (!ScheduleUtils.whiteList(job.getInvokeTarget(), whiteList.toArray(new String[whiteList.size()])))
        {
            return error("新增任务'" + job.getJobName() + "'失败，目标字符串不在白名单内");
        }
@ -202,7 +206,7 @@ public class SysJobController extends BaseController
        {
            return error("修改任务'" + job.getJobName() + "'失败，目标字符串存在违规");
        }
-        else if (!ScheduleUtils.whiteList(job.getInvokeTarget()))
+        else if (!ScheduleUtils.whiteList(job.getInvokeTarget(), whiteList.toArray(new String[whiteList.size()])))
        {
            return error("修改任务'" + job.getJobName() + "'失败，目标字符串不在白名单内");
        }
--- a/ruoyi-quartz/src/main/java/com/ruoyi/quartz/util/ScheduleUtils.java
+++ b/ruoyi-quartz/src/main/java/com/ruoyi/quartz/util/ScheduleUtils.java
@ -1,5 +1,6 @@
 package com.ruoyi.quartz.util;
 import org.apache.commons.lang3.ArrayUtils;
 import org.quartz.CronScheduleBuilder;
 import org.quartz.CronTrigger;
 import org.quartz.Job;
@ -10,6 +11,8 @@ import org.quartz.Scheduler;
 import org.quartz.SchedulerException;
 import org.quartz.TriggerBuilder;
 import org.quartz.TriggerKey;
 import org.springframework.aop.support.AopUtils;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.constant.ScheduleConstants;
 import com.ruoyi.common.exception.job.TaskException;
@ -123,19 +126,26 @@ public class ScheduleUtils
     * 检查包名是否为白名单配置
     * 
     * @param invokeTarget 目标字符串
     * @param extendedWhiteList 扩展的名单单
     * @return 结果
     */
-    public static boolean whiteList(String invokeTarget)
+    public static boolean whiteList(String invokeTarget, String... extendedWhiteList)
 	{
 		String[] whiteList = StringUtils.isEmpty(extendedWhiteList) ? Constants.JOB_WHITELIST_STR
 				: ArrayUtils.addAll(extendedWhiteList, Constants.JOB_WHITELIST_STR);
        String packageName = StringUtils.substringBefore(invokeTarget, "(");
        int count = StringUtils.countMatches(packageName, ".");
        if (count > 1)
        {
-            return StringUtils.containsAnyIgnoreCase(invokeTarget, Constants.JOB_WHITELIST_STR);
+            return StringUtils.containsAnyIgnoreCase(invokeTarget, whiteList);
        }
        Object obj = SpringUtils.getBean(StringUtils.split(invokeTarget, ".")[0]);
        if (AopUtils.isAopProxy(obj)) {
        	obj = AopUtils.getTargetClass(obj);
        }
        String beanPackageName = obj.getClass().getPackage().getName();
-        return StringUtils.containsAnyIgnoreCase(beanPackageName, Constants.JOB_WHITELIST_STR)
+        return StringUtils.containsAnyIgnoreCase(beanPackageName, whiteList)
                && !StringUtils.containsAnyIgnoreCase(beanPackageName, Constants.JOB_ERROR_STR);
    }
 }