github
/
RuoYi
mirror of https://gitee.com/y_project/RuoYi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

用户导入响应消息对名称安全处理

Browse Source
pull/523/head
RuoYi 2 months ago
parent c34d9f0c09
commit 9b68013b2a
2 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File

28
ruoyi-common/src/main/java/com/ruoyi/common/utils/ExceptionUtil.java
Unescape View File

@ -36,4 +36,32 @@ public class ExceptionUtil
} }
return StringUtils.defaultString(msg); return StringUtils.defaultString(msg);
} }
/**
* ecause
*
* @param e
* @param cause
* @return ecausetruefalse
*/
public static boolean isCausedBy(final Throwable e, final Class<? extends Throwable> cause)
{
if (cause.isAssignableFrom(e.getClass()))
{
return true;
}
else
{
Throwable t = e.getCause();
while (t != null && t != e)
{
if (cause.isAssignableFrom(t.getClass()))
{
return true;
}
t = t.getCause();
}
return false;
}
}
} }

10
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
Unescape View File

@ -3,6 +3,7 @@ package com.ruoyi.system.service.impl;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import javax.validation.ConstraintViolationException;
import javax.validation.Validator; import javax.validation.Validator;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -16,9 +17,11 @@ import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.text.Convert; import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.exception.ServiceException; import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.utils.ExceptionUtil;
import com.ruoyi.common.utils.ShiroUtils; import com.ruoyi.common.utils.ShiroUtils;
import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.bean.BeanValidators; import com.ruoyi.common.utils.bean.BeanValidators;
import com.ruoyi.common.utils.html.EscapeUtil;
import com.ruoyi.common.utils.security.Md5Utils; import com.ruoyi.common.utils.security.Md5Utils;
import com.ruoyi.common.utils.spring.SpringUtils; import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.system.domain.SysPost; import com.ruoyi.system.domain.SysPost;
@ -529,7 +532,12 @@ public class SysUserServiceImpl implements ISysUserService
catch (Exception e) catch (Exception e)
{ {
failureNum++; failureNum++;
String msg = "<br/>" + failureNum + "、账号 " + user.getLoginName() + " 导入失败:"; String loginName = user.getLoginName();
if (ExceptionUtil.isCausedBy(e, ConstraintViolationException.class))
{
loginName = EscapeUtil.clean(loginName);
}
String msg = "<br/>" + failureNum + "、账号 " + loginName + " 导入失败:";
failureMsg.append(msg + e.getMessage()); failureMsg.append(msg + e.getMessage());
log.error(msg, e); log.error(msg, e);
} }

Write Preview
Loading…
Cancel
Save