Merge branch 'dev' of http://gitlab.91isoft.com:90/wangfei/vehicle-quality-review into wangdingyi

264abdef · wdy · 97fd58c1 · 3541d4f4 · 264abdef · 264abdef
Commit 264abdef authored Mar 07, 2024 by wdy
4 changed files
--- a/quality-review/src/main/resources/mapper/AutomobileEnterpriseMapper.xml
+++ b/quality-review/src/main/resources/mapper/AutomobileEnterpriseMapper.xml
@@ -33,9 +33,25 @@
        from t_automobile_enterprise
    </sql>
+    <sql id="selectAutomobileEnterpriseListSQL">
+        select ae.id,
+               ae.enterprise_name,
+               ae.address,
+               ae.postcode,
+               ae.enterprise_contact,
+               ae.contact_number,
+               su.nick_name create_by,
+               ae.create_time,
+               ae.update_by,
+               ae.update_time,
+               ae.deleted
+        from t_automobile_enterprise ae
+        left join sys_user su on ae.create_by = su.user_id
+    </sql>
    <select id="selectAutomobileEnterpriseList" parameterType="com.ruoyi.domain.AutomobileEnterprise"
            resultMap="AutomobileEnterpriseResult">
-        <include refid="selectAutomobileEnterpriseVo"/>
+        <include refid="selectAutomobileEnterpriseListSQL"/>
        <where>
            deleted = 0
            <if test="enterpriseName != null  and enterpriseName != ''">and enterprise_name like concat('%',

--- a/ruoyi-admin/src/main/resources/logback.xml
+++ b/ruoyi-admin/src/main/resources/logback.xml
@@ -89,16 +89,16 @@
    </appender>
    <!-- 系统模块日志级别控制  -->
-    <logger name="com.ruoyi" level="debug" />
+    <logger name="com.ruoyi" level="INFO" />
    <!-- Spring日志级别控制  -->
    <logger name="org.springframework" level="warn" />
-    <root level="debug">
+    <root level="INFO">
        <appender-ref ref="console" />
    </root>
    <!--系统操作日志-->
-    <root level="debug">
+    <root level="INFO">
        <appender-ref ref="file_info" />
        <appender-ref ref="file_error" />
        <appender-ref ref="console"/>
@@ -106,7 +106,7 @@
    </root>
    <!--系统用户操作日志-->
-    <logger name="sys-user" level="debug">
+    <logger name="sys-user" level="INFO">
        <appender-ref ref="sys-user"/>
        <appender-ref ref="console" />
    </logger>

--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/MybatisPlusConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/MybatisPlusConfig.java
@@ -26,6 +26,9 @@ public class MybatisPlusConfig
        interceptor.addInnerInterceptor(optimisticLockerInnerInterceptor());
        // 阻断插件
        interceptor.addInnerInterceptor(blockAttackInnerInterceptor());
+        // %转意
+        interceptor.addInnerInterceptor(percentEscapeInterceptor());
        return interceptor;
    }
@@ -57,4 +60,14 @@ public class MybatisPlusConfig
    {
        return new BlockAttackInnerInterceptor();
    }
+    /**
+     * %转意
+     * @return
+     */
+    public PercentEscapeInterceptor percentEscapeInterceptor() {
+        return new PercentEscapeInterceptor();
+    }
 }
\ No newline at end of file
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/PercentEscapeInterceptor.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/PercentEscapeInterceptor.java
+package com.ruoyi.framework.config;
+import com.baomidou.mybatisplus.extension.plugins.inner.InnerInterceptor;
+import com.ruoyi.common.utils.StringUtils;
+import org.apache.ibatis.executor.Executor;
+import org.apache.ibatis.mapping.BoundSql;
+import org.apache.ibatis.mapping.MappedStatement;
+import org.apache.ibatis.reflection.MetaObject;
+import org.apache.ibatis.session.ResultHandler;
+import org.apache.ibatis.session.RowBounds;
+import java.sql.SQLException;
+import java.util.HashSet;
+import java.util.Set;
+public class PercentEscapeInterceptor implements InnerInterceptor {
+    @Override
+    public void beforeQuery(Executor executor, MappedStatement ms, Object parameter, RowBounds rowBounds, ResultHandler resultHandler, BoundSql boundSql) throws SQLException {
+        String sql = boundSql.getSql().toLowerCase();
+        //  判断是否包含 参数 及 like 查询
+        if (!sql.contains(" like ") || !sql.contains("?")) {
+            return;
+        }
+        // 获取关键字的个数（去重）,获取 到 like 查询 的 key
+        String[] strList = sql.split("\\?");
+        Set<String> keyNames = new HashSet<>();
+        for (int i = 0; i < strList.length; i++) {
+            if (strList[i].toLowerCase().contains(" like ")) {
+                String keyName = boundSql.getParameterMappings().get(i).getProperty();
+                keyNames.add(keyName);
+            }
+        }
+        MetaObject metaObject = ms.getConfiguration().newMetaObject(parameter);
+        for (String keyName : keyNames) {
+            Object value = metaObject.getValue(keyName);
+            if (value instanceof String) {
+                if (isconvert((String) value)) {
+                    metaObject.setValue(keyName, convert((String) value));
+                }
+            }
+        }
+    }
+    private String convert(String before) {
+        if (StringUtils.isNotBlank(before)) {
+            before = before.replaceAll("\\\\", "");
+            before = before.replaceAll("_", "\\\\_");
+            before = before.replaceAll("%", "\\\\%");
+        }
+        return before;
+    }
+    private boolean isconvert(String str) {
+        return str.contains("\\") || str.contains("_") || str.contains("%");
+    }
+}
\ No newline at end of file