|
@@ -7,6 +7,7 @@ import org.jeecg.common.constant.CommonConstant;
|
|
import org.jeecg.common.system.query.QueryGenerator;
|
|
import org.jeecg.common.system.query.QueryGenerator;
|
|
import org.jeecg.common.system.vo.LoginUser;
|
|
import org.jeecg.common.system.vo.LoginUser;
|
|
import org.jeecg.common.util.RedisUtil;
|
|
import org.jeecg.common.util.RedisUtil;
|
|
|
|
+import org.jeecg.common.util.oConvertUtils;
|
|
import org.jeecg.modules.base.service.BaseCommonService;
|
|
import org.jeecg.modules.base.service.BaseCommonService;
|
|
import org.jeecg.modules.system.controller.SysUserController;
|
|
import org.jeecg.modules.system.controller.SysUserController;
|
|
import org.jeecg.modules.system.entity.AppmanageEntity.*;
|
|
import org.jeecg.modules.system.entity.AppmanageEntity.*;
|
|
@@ -652,18 +653,24 @@ public class AppmanageServiceImpl implements AppmanageService {
|
|
@Override
|
|
@Override
|
|
public List<AppBaseInfo> appList() {
|
|
public List<AppBaseInfo> appList() {
|
|
String sql = QueryGenerator.installAuthJdbc(AppBaseInfo.class);
|
|
String sql = QueryGenerator.installAuthJdbc(AppBaseInfo.class);
|
|
- //对sql进行处理避免注入
|
|
|
|
- if (sql.startsWith(" and id in (")&& sql.endsWith(")")){
|
|
|
|
- StringBuilder inSql = new StringBuilder("AND id IN (");
|
|
|
|
- String inClause = sql.substring(" and id in (".length(), sql.length() - 1);
|
|
|
|
- List<String> ids = Arrays.asList(inClause.split(","));
|
|
|
|
- if (!ids.isEmpty()){
|
|
|
|
- ids.forEach(id -> inSql.append(id).append(","));
|
|
|
|
- inSql.deleteCharAt(inSql.length() - 1);
|
|
|
|
- }else inSql.append(inClause);
|
|
|
|
- inSql .append(") ");
|
|
|
|
- return baseInfoMapper.appList(inSql.toString());
|
|
|
|
|
|
+ if (oConvertUtils.isNotEmpty(sql)){
|
|
|
|
+ //对sql进行处理避免注入
|
|
|
|
+ if (sql.startsWith(" and id in (")&& sql.endsWith(")")){
|
|
|
|
+ StringBuilder inSql = new StringBuilder("AND id IN (");
|
|
|
|
+ String inClause = sql.substring(" and id in (".length(), sql.length() - 1);
|
|
|
|
+ List<String> ids = Arrays.asList(inClause.split(","));
|
|
|
|
+ if (!ids.isEmpty()){
|
|
|
|
+ ids.forEach(id -> inSql.append(id).append(","));
|
|
|
|
+ inSql.deleteCharAt(inSql.length() - 1);
|
|
|
|
+ }else inSql.append(inClause);
|
|
|
|
+ inSql .append(") ");
|
|
|
|
+ return baseInfoMapper.appList(inSql.toString());
|
|
|
|
+ }
|
|
|
|
+ }else {
|
|
|
|
+ LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
|
|
|
+ Boolean isAdmin = loginUser.getUsername().equals("admin");
|
|
|
|
+ if (isAdmin) return baseInfoMapper.appList("");
|
|
}
|
|
}
|
|
- return baseInfoMapper.appList("");
|
|
|
|
|
|
+ return new ArrayList<>();
|
|
}
|
|
}
|
|
}
|
|
}
|