升级

Author: yujunhao8831

goblin-basic-config/pom.xml

@@ -121,13 +121,7 @@
 
         <dependency>
             <groupId>com.baomidou</groupId>
-            <artifactId>mybatisplus-spring-boot-starter</artifactId>
-            <scope>provided</scope>
-        </dependency>
-
-        <dependency>
-            <groupId>com.baomidou</groupId>
-            <artifactId>mybatis-plus</artifactId>
+            <artifactId>mybatis-plus-boot-starter</artifactId>
             <scope>provided</scope>
         </dependency>
 

goblin-basic-config/src/main/java/com/goblin/config/MybatisPlusConfig.java

@@ -1,6 +1,7 @@
 package com.goblin.config;
 
-import com.baomidou.mybatisplus.plugins.PerformanceInterceptor;
+import com.baomidou.mybatisplus.extension.injector.LogicSqlInjector;
+import com.baomidou.mybatisplus.extension.plugins.PerformanceInterceptor;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
 import org.springframework.context.annotation.Bean;
@@ -25,6 +26,14 @@ public PerformanceInterceptor performanceInterceptor () {
 		return new PerformanceInterceptor();
 	}
 
+
+	@Bean
+	public LogicSqlInjector logicSqlInjector () {
+		return new LogicSqlInjector();
+	}
+
+
+
 	@MapperScan( { "com.goblin.manage.mapper" } )
 	@Configuration
 	public class MybatisPlusMapperScan {

goblin-basic-config/src/main/java/com/goblin/config/SpringConfig.java

@@ -23,7 +23,6 @@
 import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.converter.StringHttpMessageConverter;
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
-import org.springframework.web.filter.CharacterEncodingFilter;
 import org.springframework.web.method.support.HandlerMethodReturnValueHandler;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
@@ -43,110 +42,114 @@
 public class SpringConfig implements WebMvcConfigurer, ErrorPageRegistrar {
 
 
-	@Autowired(required = false)
-	private InjectionAttackInterceptor injectionAttackInterceptor;
-
-	/**
-	 * <pre>
-	 *      aidijing:
-	 *        filter:
-	 *          injection-attack-interceptor:
-	 *            enabled: true
-	 *
-	 * </pre>
-	 */
-	@Bean
-	@Order( Ordered.HIGHEST_PRECEDENCE )
-	@ConditionalOnProperty( prefix = "aidijing.filter.injection-attack-interceptor", name = "enabled", havingValue = "true" )
-	public InjectionAttackInterceptor injectionAttackInterceptor () {
-		return new InjectionAttackInterceptor();
-	}
-
-
-	/**
-	 * 添加过滤器
-	 *
-	 * @return
-	 */
-	@Bean
-	public FilterRegistrationBean filterRegistrationBean () {
-		// 日志处理过滤器
-		return new FilterRegistrationBean<>( new RequestLoggingFilter() );
-	}
-
-	/**
-	 * 添加转换器
-	 *
-	 * @param registry
-	 */
-	@Override
-	public void addFormatters ( FormatterRegistry registry ) {
-		// 从前台过来的数据转换成对应类型的转换器,但是对 @RequestBody 注解的参数无效
-		registry.addConverter( new StringToDateConverter() );
-	}
-
-	@Bean
-	public MappingJackson2HttpMessageConverter mappingJackson2HttpMessageConverter () {
-		ObjectMapper customizationMapper = JsonUtils.buildCustomizationMapper()
-													// 设置格式化解析,支持多种,针对 @RequestBody 参数解析时,前端传入不同种类时间格式(以字符串形式)时能够正常解析.
-													// 解析失败时会抛 HttpMessageNotReadableException 异常
-													.setDateFormat( new SimpleDateFormatPro( DateFormatStyle.getDateFormatStyles() ) );
-		return new MappingJackson2HttpMessageConverter( customizationMapper );
-	}
-
-	/**
-	 * 消息转换
-	 *
-	 * @param converters
-	 */
-	@Override
-	public void extendMessageConverters ( List< HttpMessageConverter< ? > > converters ) {
-		// 默认转换器注册后, 插入自定义的请求响应转换器
-		converters.add( new StringHttpMessageConverter( StandardCharsets.UTF_8 ) );
-		converters.add( this.mappingJackson2HttpMessageConverter() );
-
-	}
-
-
-	@Override
-	public void addReturnValueHandlers ( List< HandlerMethodReturnValueHandler > returnValueHandlers ) {
-		// 返回值的处理,可以用来处理敏感数据的显示
-	}
-
-	@Override
-	public void addInterceptors ( InterceptorRegistry registry ) {
-		if ( Objects.nonNull( injectionAttackInterceptor ) ) {
-			registry.addInterceptor( injectionAttackInterceptor ).addPathPatterns( "/**" );
-		}
-	}
-
-	/**
-	 * cors跨域处理
-	 *
-	 * @param registry
-	 */
-	@Override
-	public void addCorsMappings ( CorsRegistry registry ) {
-		registry.addMapping( "/**" )
-				.allowedMethods(
-					HttpMethod.HEAD.name() ,
-					HttpMethod.GET.name() ,
-					HttpMethod.POST.name() ,
-					HttpMethod.PUT.name() ,
-					HttpMethod.DELETE.name() ,
-					HttpMethod.OPTIONS.name() ,
-					HttpMethod.PATCH.name() ,
-					HttpMethod.TRACE.name()
-				)
-				// 允许的域名
-				.allowedOrigins( "*" );
-	}
-
-
-	@Override
-	public void registerErrorPages ( ErrorPageRegistry registry ) {
-		registry.addErrorPages( new ErrorPage( HttpStatus.NOT_FOUND , "/404" ) );
-		registry.addErrorPages( new ErrorPage( HttpStatus.UNAUTHORIZED , "/401" ) );
-		registry.addErrorPages( new ErrorPage( Throwable.class , "/500" ) );
-	}
+    @Autowired( required = false )
+    private InjectionAttackInterceptor injectionAttackInterceptor;
+
+    /**
+     * <pre>
+     *      goblin:
+     *        filter:
+     *          injection-attack-interceptor:
+     *            enabled: true
+     *
+     * </pre>
+     */
+    @Bean
+    @Order( Ordered.HIGHEST_PRECEDENCE )
+    @ConditionalOnProperty( prefix = "goblin.filter.injection-attack-interceptor", name = "enabled", havingValue = "true" )
+    public InjectionAttackInterceptor injectionAttackInterceptor () {
+        return new InjectionAttackInterceptor();
+    }
+
+
+    /**
+     * 添加过滤器
+     *
+     * @return
+     */
+    @Bean
+    public FilterRegistrationBean filterRegistrationBean () {
+        String[] excludeUrlPatterns = { "*.js" , "*.jpg" , "*.png" , "*.css" , "*.html" , "*.gif" };
+        // 日志处理过滤器
+        return new FilterRegistrationBean<>( new RequestLoggingFilter().setExcludeUrlPatterns( excludeUrlPatterns ) );
+    }
+
+    /**
+     * 添加转换器
+     *
+     * @param registry
+     */
+    @Override
+    public void addFormatters ( FormatterRegistry registry ) {
+        // 从前台过来的数据转换成对应类型的转换器,但是对 @RequestBody 注解的参数无效
+        registry.addConverter( new StringToDateConverter() );
+    }
+
+    @Bean
+    public MappingJackson2HttpMessageConverter mappingJackson2HttpMessageConverter () {
+        ObjectMapper customizationMapper = JsonUtils.buildCustomizationMapper()
+                                                    // 设置格式化解析,支持多种,针对 @RequestBody 参数解析时,前端传入不同种类时间格式(以字符串形式)时能够正常解析.
+                                                    // 解析失败时会抛 HttpMessageNotReadableException 异常
+                                                    .setDateFormat( new SimpleDateFormatPro( DateFormatStyle.getDateFormatStyles() ) );
+        return new MappingJackson2HttpMessageConverter( customizationMapper );
+    }
+
+    /**
+     * 消息转换
+     *
+     * @param converters
+     */
+    @Override
+    public void extendMessageConverters ( List< HttpMessageConverter< ? > > converters ) {
+        // 默认转换器注册后, 插入自定义的请求响应转换器
+        converters.add( new StringHttpMessageConverter( StandardCharsets.UTF_8 ) );
+        converters.add( this.mappingJackson2HttpMessageConverter() );
+
+    }
+
+
+    @Override
+    public void addReturnValueHandlers ( List< HandlerMethodReturnValueHandler > returnValueHandlers ) {
+        // 返回值的处理,可以用来处理敏感数据的显示
+    }
+
+    @Override
+    public void addInterceptors ( InterceptorRegistry registry ) {
+        if ( Objects.nonNull( injectionAttackInterceptor ) ) {
+            registry.addInterceptor( injectionAttackInterceptor ).addPathPatterns( "/**" );
+        }
+    }
+
+    /**
+     * cors跨域处理
+     *
+     * @param registry
+     */
+    @Override
+    public void addCorsMappings ( CorsRegistry registry ) {
+        registry.addMapping( "/**" )
+                .allowedMethods(
+                        HttpMethod.HEAD.name() ,
+                        HttpMethod.GET.name() ,
+                        HttpMethod.POST.name() ,
+                        HttpMethod.PUT.name() ,
+                        HttpMethod.DELETE.name() ,
+                        HttpMethod.OPTIONS.name() ,
+                        HttpMethod.PATCH.name() ,
+                        HttpMethod.TRACE.name()
+                )
+                // 允许的域名
+                .allowedOrigins( "*" );
+    }
+
+
+    @Override
+    public void registerErrorPages ( ErrorPageRegistry registry ) {
+        registry.addErrorPages( new ErrorPage( HttpStatus.NOT_FOUND , "/404" ) );
+        registry.addErrorPages( new ErrorPage( HttpStatus.UNAUTHORIZED , "/401" ) );
+        registry.addErrorPages( new ErrorPage( Throwable.class , "/500" ) );
+    }
+
+
+
 }

goblin-cache/pom.xml

@@ -111,7 +111,7 @@
 
 		<dependency>
 			<groupId>com.baomidou</groupId>
-			<artifactId>mybatisplus-spring-boot-starter</artifactId>
+			<artifactId>mybatis-plus-boot-starter</artifactId>
 			<scope>provided</scope>
 		</dependency>
 

goblin-common/pom.xml

@@ -221,6 +221,21 @@
 			<version>4.6</version>
 		</dependency>
 
+		<dependency>
+			<groupId>org.jodd</groupId>
+			<artifactId>jodd-core</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.jodd</groupId>
+			<artifactId>jodd-bean</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.jodd</groupId>
+			<artifactId>jodd-props</artifactId>
+		</dependency>
+
 
 		<dependency>
 			<groupId>org.kie</groupId>
@@ -249,6 +264,7 @@
 		</dependency>
 
 
+
 	</dependencies>
 
 </project>

goblin-common/src/main/java/com/goblin/common/filter/RequestLoggingFilter.java

@@ -4,6 +4,7 @@
 import com.goblin.common.util.LogUtils;
 import com.goblin.common.util.RequestUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.util.PatternMatchUtils;
 
 import javax.servlet.*;
 import javax.servlet.http.HttpServletRequest;
@@ -17,28 +18,40 @@
  */
 public class RequestLoggingFilter implements Filter {
 
-    private static final String PASSWORD_FILTER_REGEX =
+    private static final String   PASSWORD_FILTER_REGEX =
             "(password=\\[([\\S\\s])*\\])|(\"password\":\"([\\S\\s])*\")";
+    private              String[] excludeUrlPatterns;
 
 
     @Override
-    public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain)
+    public void doFilter ( ServletRequest request , ServletResponse response , FilterChain chain )
             throws IOException, ServletException {
-        final BodyReaderWrapper wrapper = new BodyReaderWrapper((HttpServletRequest ) request);
-        String requestMessage = RequestUtils.getRequestMessage(wrapper);
-        if (!LogUtils.getLogger().isDebugEnabled()) {
-            requestMessage = StringUtils.replaceAll( requestMessage, PASSWORD_FILTER_REGEX,
-                                                     "enable password protection, if not debug so do not see");
+
+        if ( PatternMatchUtils.simpleMatch( excludeUrlPatterns , ( ( HttpServletRequest ) request ).getRequestURI() ) ) {
+            chain.doFilter( request , response );
+            return;
+        }
+
+
+        final BodyReaderWrapper wrapper        = new BodyReaderWrapper( ( HttpServletRequest ) request );
+        String                  requestMessage = RequestUtils.getRequestMessage( wrapper );
+        if ( ! LogUtils.getLogger().isDebugEnabled() ) {
+            requestMessage = StringUtils.replaceAll( requestMessage , PASSWORD_FILTER_REGEX ,
+                                                     "enable password protection, if not debug so do not see"
+            );
         }
-        LogUtils.getLogger().info(requestMessage);
-        chain.doFilter(wrapper, response);
+        LogUtils.getLogger().info( requestMessage );
+        chain.doFilter( wrapper , response );
     }
 
     @Override
-    public void init(FilterConfig filterConfig) {}
+    public void init ( FilterConfig filterConfig ) { }
 
     @Override
-    public void destroy() {}
-
+    public void destroy () { }
 
+    public RequestLoggingFilter setExcludeUrlPatterns ( String[] excludeUrlPatterns ) {
+        this.excludeUrlPatterns = excludeUrlPatterns;
+        return this;
+    }
 }

goblin-generator/pom.xml

@@ -31,7 +31,7 @@
 
 		<dependency>
 			<groupId>com.baomidou</groupId>
-			<artifactId>mybatisplus-spring-boot-starter</artifactId>
+			<artifactId>mybatis-plus-boot-starter</artifactId>
 		</dependency>
 
 		<dependency>
@@ -49,11 +49,6 @@
 			<artifactId>spring-boot-starter-test</artifactId>
 			<scope>test</scope>
 		</dependency>
-		<dependency>
-			<groupId>com.baomidou</groupId>
-			<artifactId>mybatis-plus</artifactId>
-			<scope>test</scope>
-		</dependency>
 
 
 	</dependencies>