github
/
RuoYi
mirror of https://gitee.com/y_project/RuoYi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

定时任务屏蔽rmi远程调用

pull/299/head
RuoYi 2021-06-15 09:22:55 +08:00
parent 26dbf4f6a0
commit 75b7f01723
2 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
View File

@ -96,4 +96,9 @@ public class Constants
*
*/
public static final String RESOURCE_PREFIX = "/profile";
/**
* RMI
*/
public static final String LOOKUP_RMI = "rmi://";
}

14
ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobController.java
View File

@ -13,11 +13,13 @@ import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.exception.job.TaskException;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.poi.ExcelUtil;
import com.ruoyi.quartz.domain.SysJob;
import com.ruoyi.quartz.service.ISysJobService;
@ -131,7 +133,11 @@ public class SysJobController extends BaseController
{
if (!CronUtils.isValid(job.getCronExpression()))
{
return AjaxResult.error("cron表达式不正确");
return AjaxResult.error("新增任务'" + job.getJobName() + "'失败Cron表达式不正确");
}
else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI))
{
return AjaxResult.error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi://'调用");
}
return toAjax(jobService.insertJob(job));
}
@ -157,7 +163,11 @@ public class SysJobController extends BaseController
{
if (!CronUtils.isValid(job.getCronExpression()))
{
return AjaxResult.error("cron表达式不正确");
return AjaxResult.error("修改任务'" + job.getJobName() + "'失败Cron表达式不正确");
}
else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI))
{
return AjaxResult.error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi://'调用");
}
return toAjax(jobService.updateJob(job));
}