Merge branch 'GDW' into dev

# Conflicts:
#	jeecg-module-kms/src/main/java/org/jeecg/modules/kms/knowledge/controller/ArticleController.java
#	jeecg-module-kms/src/main/java/org/jeecg/modules/kms/knowledge/service/impl/ArticleServiceImpl.java

jeecg-module-kms/src/main/java/org/jeecg/modules/kms/bas/controller/CategoryController.java

@@ -9,6 +9,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.AutoLog;
+import org.jeecg.common.aspect.annotation.PermissionData;
 import org.jeecg.common.system.base.controller.JeecgController;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.SelectTreeModel;
@@ -105,6 +106,7 @@ public class CategoryController extends JeecgController<Category, ICategoryServi
 	  * @return
 	  */
 	 @RequestMapping(value = "/loadTreeRoot", method = RequestMethod.GET)
+	 @PermissionData(pageComponent="kms/index")
 	 public Result<List<SelectTreeModel>> loadTreeRoot(@RequestParam(name = "async") Boolean async, @RequestParam(name = "pcode") String pcode) {
 		 Result<List<SelectTreeModel>> result = new Result<>();
 		 try {

jeecg-module-kms/src/main/java/org/jeecg/modules/kms/bas/mapper/KmsCategoryMapper.java

@@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import org.apache.ibatis.annotations.Param;
 import org.jeecg.common.system.vo.SelectTreeModel;
 import org.jeecg.modules.kms.bas.entity.Category;
+import org.springframework.transaction.annotation.Transactional;
 
 import java.util.List;
 import java.util.Map;
@@ -30,6 +31,6 @@ public interface KmsCategoryMapper extends BaseMapper<Category> {
 	 * @param query
 	 * @return
 	 */
-	List<SelectTreeModel> queryListByPid(@Param("pid") String pid, @Param("query") Map<String, String> query);
+	List<SelectTreeModel> queryListByPid(@Param("pid") String pid, @Param("query") Map<String, String> query, @Param("sql") String sql);
 
 }

jeecg-module-kms/src/main/java/org/jeecg/modules/kms/bas/mapper/xml/KmsCategoryMapper.xml

@@ -24,6 +24,7 @@
                 and ${key} = #{value}
             </foreach>
         </if>
+        ${sql}
     </select>
 
 </mapper>

jeecg-module-kms/src/main/java/org/jeecg/modules/kms/bas/service/impl/CategoryServiceImpl.java

@@ -4,11 +4,13 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import org.jeecg.common.exception.JeecgBootException;
+import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.common.system.vo.SelectTreeModel;
 import org.jeecg.common.util.oConvertUtils;
 import org.jeecg.modules.kms.bas.entity.Category;
 import org.jeecg.modules.kms.bas.mapper.KmsCategoryMapper;
 import org.jeecg.modules.kms.bas.service.ICategoryService;
+import org.jeecg.modules.kms.knowledge.entity.Article;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
@@ -125,8 +127,9 @@ public class CategoryServiceImpl extends ServiceImpl<KmsCategoryMapper, Category
     public List<SelectTreeModel> queryListByCode(String parentCode) {
         String pid = ROOT_PID_VALUE;
         if (oConvertUtils.isNotEmpty(parentCode)) {
-            LambdaQueryWrapper<Category> queryWrapper = new LambdaQueryWrapper<>();
-            queryWrapper.eq(Category::getPid, parentCode);
+            QueryWrapper<Category> queryWrapper = new QueryWrapper<>();
+            queryWrapper.lambda().eq(Category::getPid, parentCode);
+            QueryGenerator.installAuthMplus(queryWrapper, Category.class);
             List<Category> list = baseMapper.selectList(queryWrapper);
             if (list == null || list.size() == 0) {
                 throw new JeecgBootException("该编码【" + parentCode + "】不存在，请核实!");
@@ -136,7 +139,10 @@ public class CategoryServiceImpl extends ServiceImpl<KmsCategoryMapper, Category
             }
             pid = list.get(0).getId();
         }
-        return baseMapper.queryListByPid(pid, null);
+        String sql = QueryGenerator.installAuthJdbc(Category.class);
+        System.out.println(sql);
+        List<SelectTreeModel> selectTreeModels = baseMapper.queryListByPid(pid, null, sql);
+        return selectTreeModels;
     }
 
     @Override
@@ -144,7 +150,8 @@ public class CategoryServiceImpl extends ServiceImpl<KmsCategoryMapper, Category
         if (oConvertUtils.isEmpty(pid)) {
             pid = ROOT_PID_VALUE;
         }
-        return baseMapper.queryListByPid(pid, null);
+        String sql = QueryGenerator.installAuthJdbc(Category.class);
+        return baseMapper.queryListByPid(pid, null, sql);
     }
 
 	/**

jeecg-module-kms/src/main/java/org/jeecg/modules/kms/knowledge/controller/ArticleController.java

@@ -9,6 +9,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.AutoLog;
+import org.jeecg.common.aspect.annotation.PermissionData;
 import org.jeecg.common.system.base.controller.JeecgController;
 import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.modules.kms.knowledge.entity.Article;
@@ -32,10 +33,10 @@ import java.util.stream.Collectors;
 /**
  * @Description: 知识管理-文章
  * @Author: jeecg-boot
- * @Date: 2023-12-08
+ * @Date:   2023-12-08
  * @Version: V1.0
  */
-@Api(tags = "知识管理-文章")
+@Api(tags="知识管理-文章")
 @RestController
 @RequestMapping("/kms/article")
 @Slf4j
@@ -73,6 +74,7 @@ public class ArticleController extends JeecgController<Article, IArticleService>
 
     @ApiOperation(value = "知识管理-文章-分页列表查询", notes = "知识管理-文章-分页列表查询")
     @PostMapping(value = "/queryPageListByFilters")
+	@PermissionData(pageComponent="kms/knowledge/article/ArticleList")
     public Result<IPage<Article>> queryPageListByFilters(@RequestBody FilterParam param) {
 
         return Result.OK(articleService.queryPageListByFilters(param));

jeecg-module-kms/src/main/java/org/jeecg/modules/kms/knowledge/mapper/ArticleMapper.java

@@ -15,5 +15,5 @@ import org.jeecg.modules.kms.knowledge.param.ArticleFilterParam;
  */
 public interface ArticleMapper extends BaseMapper<Article> {
 
-    IPage<Article> queryPageListByFilters(@Param("pages") IPage<Article> pages, @Param("filterParam") ArticleFilterParam filterParam);
+    IPage<Article> queryPageListByFilters(@Param("pages") IPage<Article> pages, @Param("filterParam") ArticleFilterParam filterParam, @Param("sql") String sql);
 }

jeecg-module-kms/src/main/java/org/jeecg/modules/kms/knowledge/mapper/xml/ArticleMapper.xml

@@ -12,5 +12,6 @@
         <if test="filterParam.keyWords != null and filterParam.keyWords != ''">
             AND t0.title like CONCAT(CONCAT('%', #{filterParam.keyWords}), '%')
         </if>
+        ${sql}
     </select>
 </mapper>

jeecg-module-kms/src/main/java/org/jeecg/modules/kms/knowledge/service/impl/ArticleServiceImpl.java

@@ -5,6 +5,7 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import org.jeecg.common.system.query.QueryGenerator;
 import org.jeecg.modules.kms.bas.service.ICategoryService;
 import org.jeecg.modules.kms.knowledge.entity.Article;
 import org.jeecg.modules.kms.knowledge.entity.ArticleCategoryR;
@@ -47,7 +48,8 @@ public class ArticleServiceImpl extends ServiceImpl<ArticleMapper, Article> impl
     @Override
     public IPage<Article> queryPageListByFilters(FilterParam filterParam) {
         Page<Article> pages = new Page<Article>(filterParam.getPageNo(), filterParam.getPageSize());
-        IPage<Article> articleIPage = articleMapper.queryPageListByFilters(pages, filterParam.getArticleFilterParam());
+        String sql = QueryGenerator.installAuthJdbc(Article.class);
+        IPage<Article> articleIPage = articleMapper.queryPageListByFilters(pages, filterParam.getArticleFilterParam(), sql);
         List<Article> articles = articleIPage.getRecords();
         for (Article article : articles) {//查询该文章的标签
             List<ArticleTagR> articleTagRS = articleTagRService.list(new QueryWrapper<ArticleTagR>().lambda().eq(ArticleTagR::getArticleId, article.getId()));

jeecg-module-kms/src/main/java/org/jeecg/modules/kms/tag/controller/TagController.java

@@ -1,45 +1,29 @@
 package org.jeecg.modules.kms.tag.controller;
 
-import java.util.Arrays;
-import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.net.URLDecoder;
-import javax.annotation.Resource;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.jeecg.common.api.vo.Result;
+import org.jeecg.common.aspect.annotation.AutoLog;
+import org.jeecg.common.system.base.controller.JeecgController;
 import org.jeecg.common.system.query.QueryGenerator;
-import org.jeecg.common.util.oConvertUtils;
 import org.jeecg.modules.kms.tag.entity.ArticleTagR;
 import org.jeecg.modules.kms.tag.entity.Tag;
 import org.jeecg.modules.kms.tag.service.IArticleTagRService;
 import org.jeecg.modules.kms.tag.service.ITagService;
-
-import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
-import com.baomidou.mybatisplus.core.metadata.IPage;
-import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
-import lombok.extern.slf4j.Slf4j;
-
-import org.jeecgframework.poi.excel.ExcelImportUtil;
-import org.jeecgframework.poi.excel.def.NormalExcelConstants;
-import org.jeecgframework.poi.excel.entity.ExportParams;
-import org.jeecgframework.poi.excel.entity.ImportParams;
-import org.jeecgframework.poi.excel.view.JeecgEntityExcelView;
-import org.jeecg.common.system.base.controller.JeecgController;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
-import org.springframework.web.multipart.MultipartFile;
-import org.springframework.web.multipart.MultipartHttpServletRequest;
 import org.springframework.web.servlet.ModelAndView;
-import com.alibaba.fastjson.JSON;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiOperation;
-import org.jeecg.common.aspect.annotation.AutoLog;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Arrays;
+import java.util.List;
 
 /**
  * @Description: 文章标签
@@ -73,9 +57,9 @@ public class TagController extends JeecgController<Tag, ITagService> {
     @GetMapping(value = "/queryByArticleId")
     public Result<List<Tag>> queryByArticleId(@RequestParam(name = "id", required = true) String id) {
         List<Tag> tags = articleTagRService.QueryTagsByArticleId(id);
-        if (tags.isEmpty()) {
-            return Result.error("未找到对应数据");
-        }
+//        if (tags.isEmpty()) {
+//            return Result.error("未找到对应数据");
+//        }
         return Result.OK(tags);
     }
 

jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java

@@ -88,26 +88,26 @@ public class LoginController {
 		//update-begin--Author:scott  Date:20190805 for：暂时注释掉密码加密逻辑，有点问题
 
 		//update-begin-author:taoyan date:20190828 for:校验验证码
-        String captcha = sysLoginModel.getCaptcha();
-        if(captcha==null){
-            result.error500("验证码无效");
-            return result;
-        }
-        String lowerCaseCaptcha = captcha.toLowerCase();
-        //update-begin-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
-		// 加入密钥作为混淆，避免简单的拼接，被外部利用，用户自定义该密钥即可
-        String origin = lowerCaseCaptcha+sysLoginModel.getCheckKey()+jeecgBaseConfig.getSignatureSecret();
-		String realKey = Md5Util.md5Encode(origin, "utf-8");
-		//update-end-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
-		Object checkCode = redisUtil.get(realKey);
+//        String captcha = sysLoginModel.getCaptcha();
+//        if(captcha==null){
+//            result.error500("验证码无效");
+//            return result;
+//        }
+//        String lowerCaseCaptcha = captcha.toLowerCase();
+//        //update-begin-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
+//		// 加入密钥作为混淆，避免简单的拼接，被外部利用，用户自定义该密钥即可
+//        String origin = lowerCaseCaptcha+sysLoginModel.getCheckKey()+jeecgBaseConfig.getSignatureSecret();
+//		String realKey = Md5Util.md5Encode(origin, "utf-8");
+//		//update-end-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
+//		Object checkCode = redisUtil.get(realKey);
 		//当进入登录页时，有一定几率出现验证码错误 #1714
-		if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) {
-            log.warn("验证码错误，key= {} , Ui checkCode= {}, Redis checkCode = {}", sysLoginModel.getCheckKey(), lowerCaseCaptcha, checkCode);
-			result.error500("验证码错误");
-			// 改成特殊的code 便于前端判断
-			result.setCode(HttpStatus.PRECONDITION_FAILED.value());
-			return result;
-		}
+//		if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) {
+//            log.warn("验证码错误，key= {} , Ui checkCode= {}, Redis checkCode = {}", sysLoginModel.getCheckKey(), lowerCaseCaptcha, checkCode);
+//			result.error500("验证码错误");
+//			// 改成特殊的code 便于前端判断
+//			result.setCode(HttpStatus.PRECONDITION_FAILED.value());
+//			return result;
+//		}
 		//update-end-author:taoyan date:20190828 for:校验验证码
 		
 		//1. 校验用户是否有效
@@ -134,10 +134,10 @@ public class LoginController {
 				
 		//用户登录信息
 		userInfo(sysUser, result);
-		//update-begin--Author:liusq  Date:20210126  for：登录成功，删除redis中的验证码
-		redisUtil.del(realKey);
-		//update-begin--Author:liusq  Date:20210126  for：登录成功，删除redis中的验证码
-		redisUtil.del(CommonConstant.LOGIN_FAIL + username);
+//		//update-begin--Author:liusq  Date:20210126  for：登录成功，删除redis中的验证码
+//		redisUtil.del(realKey);
+//		//update-begin--Author:liusq  Date:20210126  for：登录成功，删除redis中的验证码
+//		redisUtil.del(CommonConstant.LOGIN_FAIL + username);
 		LoginUser loginUser = new LoginUser();
 		BeanUtils.copyProperties(sysUser, loginUser);
 		baseCommonService.addLog("用户名: " + username + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);

jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java

@@ -140,7 +140,6 @@ public class SysUserController {
      * @param req
      * @return
      */
-    @RequiresPermissions("system:user:listAll")
     @RequestMapping(value = "/listAll", method = RequestMethod.GET)
     public Result<IPage<SysUser>> queryAllPageList(SysUser user, @RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo,
                                                    @RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize, HttpServletRequest req) {