# Conflicts:
#	yudao-module-bpm/yudao-module-bpm-biz/src/main/java/cn/iocoder/yudao/module/bpm/service/task/BpmProcessInstanceServiceImpl.java
#	yudao-module-member/yudao-module-member-biz/src/main/java/cn/iocoder/yudao/module/member/service/level/MemberLevelServiceImpl.java
#	yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/controller/admin/user/vo/MpUserPageReqVO.java
#	yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/controller/admin/user/vo/MpUserRespVO.java
#	yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/controller/admin/user/vo/MpUserUpdateReqVO.java
#	yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/convert/user/MpUserConvert.java
This commit is contained in:
YunaiV 2024-03-30 20:13:54 +08:00
commit d82df8154a
18 changed files with 90 additions and 43 deletions

View File

@ -522,6 +522,29 @@ id,name,type,parentId
441931,凤岗镇,4,441900
441932,长安镇,4,441900
442000,中山市,3,440000
442001,石岐街道,4,442000
442002,东区街道,4,442000
442003,中山港街道,4,442000
442004,西区街道,4,442000
442005,南区街道,4,442000
442006,五桂山街道,4,442000
442007,民众街道,4,442000
442008,南朗街道,4,442000
442009,黄圃镇,4,442000
442010,东凤镇,4,442000
442011,古镇镇,4,442000
442012,沙溪镇,4,442000
442013,坦洲镇,4,442000
442014,港口镇,4,442000
442015,三角镇,4,442000
442016,横栏镇,4,442000
442017,南头镇,4,442000
442018,阜沙镇,4,442000
442019,三乡镇,4,442000
442020,板芙镇,4,442000
442021,大涌镇,4,442000
442022,神湾镇,4,442000
442023,小榄镇,4,442000
445100,潮州市,3,440000
445200,揭阳市,3,440000
445300,云浮市,3,440000

1 id name type parentId
522 441931 凤岗镇 4 441900
523 441932 长安镇 4 441900
524 442000 中山市 3 440000
525 442001 石岐街道 4 442000
526 442002 东区街道 4 442000
527 442003 中山港街道 4 442000
528 442004 西区街道 4 442000
529 442005 南区街道 4 442000
530 442006 五桂山街道 4 442000
531 442007 民众街道 4 442000
532 442008 南朗街道 4 442000
533 442009 黄圃镇 4 442000
534 442010 东凤镇 4 442000
535 442011 古镇镇 4 442000
536 442012 沙溪镇 4 442000
537 442013 坦洲镇 4 442000
538 442014 港口镇 4 442000
539 442015 三角镇 4 442000
540 442016 横栏镇 4 442000
541 442017 南头镇 4 442000
542 442018 阜沙镇 4 442000
543 442019 三乡镇 4 442000
544 442020 板芙镇 4 442000
545 442021 大涌镇 4 442000
546 442022 神湾镇 4 442000
547 442023 小榄镇 4 442000
548 445100 潮州市 3 440000
549 445200 揭阳市 3 440000
550 445300 云浮市 3 440000

View File

@ -30,16 +30,6 @@ public class TenantContextHolder {
return TENANT_ID.get();
}
/**
* 获得租户编号 String
*
* @return 租户编号
*/
public static String getTenantIdStr() {
Long tenantId = getTenantId();
return StrUtil.toStringOrNull(tenantId);
}
/**
* 获得租户编号如果不存在则抛出 NullPointerException 异常
*

View File

@ -44,9 +44,11 @@ public class YudaoXssAutoConfiguration implements WebMvcConfigurer {
@ConditionalOnMissingBean(name = "xssJacksonCustomizer")
@ConditionalOnBean(ObjectMapper.class)
@ConditionalOnProperty(value = "yudao.xss.enable", havingValue = "true")
public Jackson2ObjectMapperBuilderCustomizer xssJacksonCustomizer(XssCleaner xssCleaner) {
public Jackson2ObjectMapperBuilderCustomizer xssJacksonCustomizer(XssProperties properties,
PathMatcher pathMatcher,
XssCleaner xssCleaner) {
// 在反序列化时进行 xss 过滤可以替换使用 XssStringJsonSerializer在序列化时进行处理
return builder -> builder.deserializerByType(String.class, new XssStringJsonDeserializer(xssCleaner));
return builder -> builder.deserializerByType(String.class, new XssStringJsonDeserializer(properties, pathMatcher, xssCleaner));
}
/**

View File

@ -1,12 +1,16 @@
package cn.iocoder.yudao.framework.xss.core.json;
import cn.iocoder.yudao.framework.common.util.servlet.ServletUtils;
import cn.iocoder.yudao.framework.xss.config.XssProperties;
import cn.iocoder.yudao.framework.xss.core.clean.XssCleaner;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonToken;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.deser.std.StringDeserializer;
import jakarta.servlet.http.HttpServletRequest;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.PathMatcher;
import java.io.IOException;
@ -20,10 +24,29 @@ import java.io.IOException;
@AllArgsConstructor
public class XssStringJsonDeserializer extends StringDeserializer {
/**
* 属性
*/
private final XssProperties properties;
/**
* 路径匹配器
*/
private final PathMatcher pathMatcher;
private final XssCleaner xssCleaner;
@Override
public String deserialize(JsonParser p, DeserializationContext ctxt) throws IOException {
// 1. 白名单 URL 的处理
HttpServletRequest request = ServletUtils.getRequest();
if (request != null) {
String uri = ServletUtils.getRequest().getRequestURI();
if (properties.getExcludeUrls().stream().anyMatch(excludeUrl -> pathMatcher.match(excludeUrl, uri))) {
return p.getText();
}
}
// 2. 真正使用 xssCleaner 进行过滤
if (p.hasToken(JsonToken.VALUE_STRING)) {
return xssCleaner.clean(p.getText());
}

View File

@ -53,8 +53,10 @@ public interface BpmProcessInstanceConvert {
// user
if (userMap != null) {
AdminUserRespDTO startUser = userMap.get(NumberUtils.parseLong(pageResult.getList().get(i).getStartUserId()));
respVO.setStartUser(BeanUtils.toBean(startUser, BpmProcessInstanceRespVO.User.class));
MapUtils.findAndThen(deptMap, startUser.getDeptId(), dept -> respVO.getStartUser().setDeptName(dept.getName()));
if (startUser != null) {
respVO.setStartUser(BeanUtils.toBean(startUser, BpmProcessInstanceRespVO.User.class));
MapUtils.findAndThen(deptMap, startUser.getDeptId(), dept -> respVO.getStartUser().setDeptName(dept.getName()));
}
}
}
return vpPageResult;
@ -105,10 +107,10 @@ public interface BpmProcessInstanceConvert {
default BpmMessageSendWhenProcessInstanceRejectReqDTO buildProcessInstanceRejectMessage(ProcessInstance instance, String reason) {
return new BpmMessageSendWhenProcessInstanceRejectReqDTO()
.setProcessInstanceName(instance.getName())
.setProcessInstanceId(instance.getId())
.setReason(reason)
.setStartUserId(NumberUtils.parseLong(instance.getStartUserId()));
.setProcessInstanceName(instance.getName())
.setProcessInstanceId(instance.getId())
.setReason(reason)
.setStartUserId(NumberUtils.parseLong(instance.getStartUserId()));
}
}

View File

@ -1,10 +1,12 @@
package cn.iocoder.yudao.module.bpm.framework.flowable.core.util;
import cn.iocoder.yudao.framework.tenant.core.context.TenantContextHolder;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.enums.BpmConstants;
import org.flowable.common.engine.api.delegate.Expression;
import org.flowable.common.engine.api.variable.VariableContainer;
import org.flowable.common.engine.impl.el.ExpressionManager;
import org.flowable.common.engine.impl.identity.Authentication;
import org.flowable.engine.ProcessEngineConfiguration;
import org.flowable.engine.history.HistoricProcessInstance;
import org.flowable.engine.impl.cfg.ProcessEngineConfigurationImpl;
import org.flowable.engine.impl.util.CommandContextUtil;
@ -32,6 +34,11 @@ public class FlowableUtils {
Authentication.setAuthenticatedUserId(null);
}
public static String getTenantId() {
Long tenantId = TenantContextHolder.getTenantId();
return tenantId != null ? String.valueOf(tenantId) : ProcessEngineConfiguration.NO_TENANT_ID;
}
// ========== Execution 相关的工具方法 ==========
/**

View File

@ -5,7 +5,6 @@ import cn.iocoder.yudao.framework.common.pojo.PageResult;
import cn.iocoder.yudao.framework.common.util.json.JsonUtils;
import cn.iocoder.yudao.framework.common.util.object.PageUtils;
import cn.iocoder.yudao.framework.common.util.validation.ValidationUtils;
import cn.iocoder.yudao.framework.tenant.core.context.TenantContextHolder;
import cn.iocoder.yudao.module.bpm.controller.admin.definition.vo.model.BpmModelCreateReqVO;
import cn.iocoder.yudao.module.bpm.controller.admin.definition.vo.model.BpmModelPageReqVO;
import cn.iocoder.yudao.module.bpm.controller.admin.definition.vo.model.BpmModelUpdateReqVO;
@ -14,6 +13,7 @@ import cn.iocoder.yudao.module.bpm.dal.dataobject.definition.BpmFormDO;
import cn.iocoder.yudao.module.bpm.enums.definition.BpmModelFormTypeEnum;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.candidate.BpmTaskCandidateInvoker;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.util.BpmnModelUtils;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.util.FlowableUtils;
import cn.iocoder.yudao.module.bpm.service.definition.dto.BpmModelMetaInfoRespDTO;
import lombok.extern.slf4j.Slf4j;
import org.flowable.bpmn.model.BpmnModel;
@ -78,7 +78,7 @@ public class BpmModelServiceImpl implements BpmModelService {
return PageResult.empty(count);
}
List<Model> models = modelQuery
.modelTenantId(TenantContextHolder.getTenantIdStr())
.modelTenantId(FlowableUtils.getTenantId())
.orderByCreateTime().desc()
.listPage(PageUtils.getStart(pageVO), pageVO.getPageSize());
return new PageResult<>(models, count);
@ -99,7 +99,7 @@ public class BpmModelServiceImpl implements BpmModelService {
// 创建流程定义
Model model = repositoryService.newModel();
BpmModelConvert.INSTANCE.copyToCreateModel(model, createReqVO);
model.setTenantId(TenantContextHolder.getTenantIdStr());
model.setTenantId(FlowableUtils.getTenantId());
// 保存流程定义
repositoryService.saveModel(model);
// 保存 BPMN XML

View File

@ -5,12 +5,12 @@ import cn.hutool.core.util.StrUtil;
import cn.iocoder.yudao.framework.common.pojo.PageResult;
import cn.iocoder.yudao.framework.common.util.object.BeanUtils;
import cn.iocoder.yudao.framework.common.util.object.PageUtils;
import cn.iocoder.yudao.framework.tenant.core.context.TenantContextHolder;
import cn.iocoder.yudao.module.bpm.controller.admin.definition.vo.process.BpmProcessDefinitionPageReqVO;
import cn.iocoder.yudao.module.bpm.dal.dataobject.definition.BpmFormDO;
import cn.iocoder.yudao.module.bpm.dal.dataobject.definition.BpmProcessDefinitionInfoDO;
import cn.iocoder.yudao.module.bpm.dal.mysql.definition.BpmProcessDefinitionInfoMapper;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.enums.BpmnModelConstants;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.util.FlowableUtils;
import cn.iocoder.yudao.module.bpm.service.definition.dto.BpmModelMetaInfoRespDTO;
import lombok.extern.slf4j.Slf4j;
import org.flowable.bpmn.model.BpmnModel;
@ -109,7 +109,7 @@ public class BpmProcessDefinitionServiceImpl implements BpmProcessDefinitionServ
Deployment deploy = repositoryService.createDeployment()
.key(model.getKey()).name(model.getName()).category(model.getCategory())
.addBytes(model.getKey() + BpmnModelConstants.BPMN_FILE_SUFFIX, bpmnBytes)
.tenantId(TenantContextHolder.getTenantIdStr())
.tenantId(FlowableUtils.getTenantId())
.disableSchemaValidation() // 禁用 XML Schema 验证因为有自定义的属性
.deploy();
@ -195,7 +195,7 @@ public class BpmProcessDefinitionServiceImpl implements BpmProcessDefinitionServ
query.active();
}
// 执行查询
query.processDefinitionTenantId(TenantContextHolder.getTenantIdStr());
query.processDefinitionTenantId(FlowableUtils.getTenantId());
return query.list();
}

View File

@ -9,6 +9,8 @@ import cn.iocoder.yudao.framework.common.pojo.PageResult;
import cn.iocoder.yudao.framework.common.util.date.DateUtils;
import cn.iocoder.yudao.framework.common.util.number.NumberUtils;
import cn.iocoder.yudao.framework.common.util.object.PageUtils;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.util.BpmnModelUtils;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.util.FlowableUtils;
import cn.iocoder.yudao.framework.web.core.util.WebFrameworkUtils;
import cn.iocoder.yudao.module.bpm.controller.admin.task.vo.task.*;
import cn.iocoder.yudao.module.bpm.convert.task.BpmTaskConvert;
@ -17,8 +19,6 @@ import cn.iocoder.yudao.module.bpm.enums.task.BpmDeleteReasonEnum;
import cn.iocoder.yudao.module.bpm.enums.task.BpmTaskSignTypeEnum;
import cn.iocoder.yudao.module.bpm.enums.task.BpmTaskStatusEnum;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.enums.BpmConstants;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.util.BpmnModelUtils;
import cn.iocoder.yudao.module.bpm.framework.flowable.core.util.FlowableUtils;
import cn.iocoder.yudao.module.bpm.service.definition.BpmModelService;
import cn.iocoder.yudao.module.bpm.service.message.BpmMessageService;
import cn.iocoder.yudao.module.system.api.user.AdminUserApi;
@ -134,6 +134,7 @@ public class BpmTaskServiceImpl implements BpmTaskService {
public PageResult<HistoricTaskInstance> getTaskPage(Long userId, BpmTaskPageReqVO pageVO) {
HistoricTaskInstanceQuery taskQuery = historyService.createHistoricTaskInstanceQuery()
.includeTaskLocalVariables()
.taskTenantId(FlowableUtils.getTenantId())
.orderByHistoricTaskInstanceEndTime().desc(); // 审批时间倒序
if (StrUtil.isNotBlank(pageVO.getName())) {
taskQuery.taskNameLike("%" + pageVO.getName() + "%");

View File

@ -289,7 +289,7 @@ public class CrmCustomerController {
@PostMapping("/import")
@Operation(summary = "导入客户")
@PreAuthorize("@ss.hasPermission('system:customer:import')")
public CommonResult<CrmCustomerImportRespVO> importExcel(@Valid @RequestBody CrmCustomerImportReqVO importReqVO)
public CommonResult<CrmCustomerImportRespVO> importExcel(@Valid CrmCustomerImportReqVO importReqVO)
throws Exception {
List<CrmCustomerImportExcelVO> list = ExcelUtils.read(importReqVO.getFile(), CrmCustomerImportExcelVO.class);
return success(customerService.importCustomerList(list, importReqVO));

View File

@ -22,7 +22,7 @@ import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.annotation.Validated;
import javax.annotation.Resource;
import jakarta.annotation.Resource;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
@ -241,11 +241,8 @@ public class MemberLevelServiceImpl implements MemberLevelService {
MemberUserDO user = memberUserService.getUser(userId);
Integer userExperience = ObjUtil.defaultIfNull(user.getExperience(), 0);
userExperience = NumberUtil.max(userExperience + experience, 0); // 防止扣出负数
MemberLevelRecordDO levelRecord = new MemberLevelRecordDO()
.setUserId(user.getId())
.setExperience(experience)
.setUserExperience(userExperience)
.setLevelId(user.getLevelId());
MemberLevelRecordDO levelRecord = new MemberLevelRecordDO().setUserId(user.getId())
.setExperience(experience).setUserExperience(userExperience).setLevelId(user.getLevelId());
memberExperienceRecordService.createExperienceRecord(userId, experience, userExperience,
bizType, bizId);

View File

@ -2,12 +2,11 @@ package cn.iocoder.yudao.module.mp.controller.admin.user.vo;
import cn.iocoder.yudao.framework.common.pojo.PageParam;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.ToString;
import javax.validation.constraints.NotNull;
@Schema(description = "管理后台 - 公众号粉丝分页 Request VO")
@Data
@EqualsAndHashCode(callSuper = true)
@ -22,7 +21,7 @@ public class MpUserPageReqVO extends PageParam {
private String openid;
@Schema(description = "微信生态唯一标识,模糊匹配", example = "o6_bmjrPTlm6_2sgVt7hMZOPfL2M")
private String unionid;
private String unionId;
@Schema(description = "公众号粉丝昵称,模糊匹配", example = "芋艿")
private String nickname;

View File

@ -4,7 +4,6 @@ import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import java.time.LocalDateTime;
import java.util.Date;
import java.util.List;
@Schema(description = "管理后台 - 公众号粉丝 Response VO")
@ -17,8 +16,8 @@ public class MpUserRespVO {
@Schema(description = "公众号粉丝标识", requiredMode = Schema.RequiredMode.REQUIRED, example = "o6_bmjrPTlm6_2sgVt7hMZOPfL2M")
private String openid;
@Schema(description = "微信生态唯一标识", requiredMode = Schema.RequiredMode.REQUIRED, example = "o6_bmjrPTlm6_2sgVt7hMZOPfL2M")
private String unionid;
@Schema(description = "微信生态唯一标识", requiredMode = Schema.RequiredMode.REQUIRED, example = "o6_bmjrPTlm6_2sgVt7hMZOPfL2M")
private String unionId;
@Schema(description = "关注状态 参见 CommonStatusEnum 枚举", requiredMode = Schema.RequiredMode.REQUIRED, example = "1")
private Integer subscribeStatus;

View File

@ -1,9 +1,9 @@
package cn.iocoder.yudao.module.mp.controller.admin.user.vo;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
import lombok.Data;
import javax.validation.constraints.NotNull;
import java.util.List;
@Schema(description = "管理后台 - 公众号粉丝更新 Request VO")

View File

@ -29,7 +29,7 @@ public interface MpUserConvert {
@Mappings(value = {
@Mapping(source = "openId", target = "openid"),
@Mapping(source = "unionId", target = "unionid"),
@Mapping(source = "unionId", target = "unionId"),
@Mapping(source = "headImgUrl", target = "headImageUrl"),
@Mapping(target = "subscribeTime", ignore = true), // 单独转换
})

View File

@ -43,6 +43,10 @@ public class MpUserDO extends BaseDO {
* 微信生态唯一标识
*/
private String unionid;
/**
* 微信生态唯一标识
*/
private String unionId;
/**
* 关注状态
*

View File

@ -125,7 +125,7 @@ public interface ErrorCodeConstants {
ErrorCode SOCIAL_CLIENT_WEIXIN_MINI_APP_PHONE_CODE_ERROR = new ErrorCode(1_002_018_200, "获得手机号失败");
ErrorCode SOCIAL_CLIENT_NOT_EXISTS = new ErrorCode(1_002_018_201, "社交客户端不存在");
ErrorCode SOCIAL_CLIENT_UNIQUE = new ErrorCode(1_002_018_201, "社交客户端已存在配置");
ErrorCode SOCIAL_CLIENT_UNIQUE = new ErrorCode(1_002_018_202, "社交客户端已存在配置");
// ========== 系统敏感词 1-002-019-000 =========
ErrorCode SENSITIVE_WORD_NOT_EXISTS = new ErrorCode(1_002_019_000, "系统敏感词在所有标签中都不存在");