diff --git a/pom.xml b/pom.xml
index 183a2bb3..66a98587 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
com.ruoyi
RuoYi
- 1.1.5
+ 1.1.6
jar
RuoYi
@@ -39,6 +39,7 @@
2.3.0
2.3.2
2.7.0
+ 1.11.3
@@ -82,6 +83,13 @@
spring-boot-starter-thymeleaf
+
+
+ org.springframework.boot
+ spring-boot-devtools
+ true
+
+
net.sourceforge.nekohtml
@@ -230,6 +238,13 @@
springfox-swagger-ui
${swagger.version}
+
+
+
+ org.jsoup
+ jsoup
+ ${jsoup.version}
+
@@ -240,7 +255,7 @@
org.springframework.boot
spring-boot-maven-plugin
- true
+ true
diff --git a/sql/ry_20180531.sql b/sql/ry_20180604.sql
similarity index 93%
rename from sql/ry_20180531.sql
rename to sql/ry_20180604.sql
index 6dd0350e..61e05976 100644
--- a/sql/ry_20180531.sql
+++ b/sql/ry_20180604.sql
@@ -432,21 +432,17 @@ create table sys_dict_data
primary key (dict_code)
) engine=innodb auto_increment=100 default charset=utf8 comment = '字典数据表';
-insert into sys_dict_data values(1, 1, '男', '0', 'sys_user_sex', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(2, 2, '女', '1', 'sys_user_sex', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(3, 3, '未知', '2', 'sys_user_sex', 'radio radio-warning radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(4, 1, '显示', '0', 'sys_menu_visible', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(5, 2, '隐藏', '1', 'sys_menu_visible', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(6, 1, '正常', '0', 'sys_dept_status', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(7, 2, '停用', '1', 'sys_dept_status', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(8, 1, '正常', '0', 'sys_dict_status', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(9, 2, '停用', '1', 'sys_dict_status', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(10, 1, '正常', '0', 'sys_post_status', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(11, 2, '停用', '1', 'sys_post_status', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(12, 1, '正常', '0', 'sys_job_status', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(13, 2, '暂停', '1', 'sys_job_status', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(14, 1, '是', 'Y', 'sys_yes_no', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-insert into sys_dict_data values(15, 2, '否', 'N', 'sys_yes_no', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(1, 1, '男', '0', 'sys_user_sex', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(2, 2, '女', '1', 'sys_user_sex', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(3, 3, '未知', '2', 'sys_user_sex', 'radio radio-warning radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(4, 1, '显示', '0', 'sys_show_hide', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(5, 2, '隐藏', '1', 'sys_show_hide', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(6, 1, '正常', '0', 'sys_normal_disable', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(7, 2, '停用', '1', 'sys_normal_disable', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(8, 1, '正常', '0', 'sys_job_status', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(9, 2, '暂停', '1', 'sys_job_status', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(10, 1, '是', 'Y', 'sys_yes_no', 'radio radio-info radio-inline', 'Y', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
+insert into sys_dict_data values(11, 2, '否', 'N', 'sys_yes_no', 'radio radio-danger radio-inline', 'N', 0, 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '');
-- ----------------------------
-- 12、参数配置表
diff --git a/src/main/java/com/ruoyi/common/xss/XssFilter.java b/src/main/java/com/ruoyi/common/xss/XssFilter.java
new file mode 100644
index 00000000..14cb5cda
--- /dev/null
+++ b/src/main/java/com/ruoyi/common/xss/XssFilter.java
@@ -0,0 +1,42 @@
+package com.ruoyi.common.xss;
+
+import java.io.IOException;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * 防止XSS攻击的过滤器
+ *
+ * @author ruoyi
+ */
+@WebFilter(filterName = "xssFilter", urlPatterns = "/system/*")
+public class XssFilter implements Filter
+{
+
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException
+ {
+
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+ throws IOException, ServletException
+ {
+ XssHttpServletRequestWrapper xssRequest = new XssHttpServletRequestWrapper((HttpServletRequest) request);
+ chain.doFilter(xssRequest, response);
+ }
+
+ @Override
+ public void destroy()
+ {
+
+ }
+
+}
\ No newline at end of file
diff --git a/src/main/java/com/ruoyi/common/xss/XssHttpServletRequestWrapper.java b/src/main/java/com/ruoyi/common/xss/XssHttpServletRequestWrapper.java
new file mode 100644
index 00000000..da1f3cc1
--- /dev/null
+++ b/src/main/java/com/ruoyi/common/xss/XssHttpServletRequestWrapper.java
@@ -0,0 +1,41 @@
+package com.ruoyi.common.xss;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import org.jsoup.Jsoup;
+import org.jsoup.safety.Whitelist;
+
+/**
+ * XSS过滤处理
+ *
+ * @author ruoyi
+ */
+public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper
+{
+
+ /**
+ * @param request
+ */
+ public XssHttpServletRequestWrapper(HttpServletRequest request)
+ {
+ super(request);
+ }
+
+ @Override
+ public String[] getParameterValues(String name)
+ {
+ String[] values = super.getParameterValues(name);
+ if (values != null)
+ {
+ int length = values.length;
+ String[] escapseValues = new String[length];
+ for (int i = 0; i < length; i++)
+ {
+ // 防xss攻击和过滤前后空格
+ escapseValues[i] = Jsoup.clean(values[i], Whitelist.relaxed()).trim();
+ }
+ return escapseValues;
+ }
+ return super.getParameterValues(name);
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java b/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
index 0e75c4e9..e1330fda 100644
--- a/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
+++ b/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
@@ -2,7 +2,6 @@ package com.ruoyi.framework.aspectj;
import java.lang.reflect.Method;
import java.util.Map;
-
import com.ruoyi.common.utils.AddressUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.Signature;
@@ -17,7 +16,6 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.scheduling.annotation.Async;
import org.springframework.scheduling.annotation.EnableAsync;
import org.springframework.stereotype.Component;
-
import com.alibaba.fastjson.JSONObject;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.utils.ServletUtils;
diff --git a/src/main/java/com/ruoyi/framework/config/FilterConfig.java b/src/main/java/com/ruoyi/framework/config/FilterConfig.java
new file mode 100644
index 00000000..f81fdc78
--- /dev/null
+++ b/src/main/java/com/ruoyi/framework/config/FilterConfig.java
@@ -0,0 +1,28 @@
+package com.ruoyi.framework.config;
+
+import javax.servlet.DispatcherType;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import com.ruoyi.common.xss.XssFilter;
+
+/**
+ * Filter配置
+ *
+ * @author ruoyi
+ */
+@Configuration
+public class FilterConfig
+{
+ @Bean
+ public FilterRegistrationBean xssFilterRegistration()
+ {
+ FilterRegistrationBean registration = new FilterRegistrationBean();
+ registration.setDispatcherTypes(DispatcherType.REQUEST);
+ registration.setFilter(new XssFilter());
+ registration.addUrlPatterns("/*");
+ registration.setName("xssFilter");
+ registration.setOrder(Integer.MAX_VALUE);
+ return registration;
+ }
+}
diff --git a/src/main/java/com/ruoyi/project/system/role/controller/RoleController.java b/src/main/java/com/ruoyi/project/system/role/controller/RoleController.java
index 23eced43..b25aa662 100644
--- a/src/main/java/com/ruoyi/project/system/role/controller/RoleController.java
+++ b/src/main/java/com/ruoyi/project/system/role/controller/RoleController.java
@@ -42,7 +42,7 @@ public class RoleController extends BaseController
}
@RequiresPermissions("system:role:list")
- @GetMapping("/list")
+ @PostMapping("/list")
@ResponseBody
public TableDataInfo list(Role role)
{
diff --git a/src/main/java/com/ruoyi/project/system/role/domain/Role.java b/src/main/java/com/ruoyi/project/system/role/domain/Role.java
index 9d92e184..f711db3e 100644
--- a/src/main/java/com/ruoyi/project/system/role/domain/Role.java
+++ b/src/main/java/com/ruoyi/project/system/role/domain/Role.java
@@ -20,7 +20,7 @@ public class Role extends BaseEntity
/** 角色排序 */
private String roleSort;
/** 角色状态:0正常,1禁用 */
- private int status;
+ private Integer status;
/** 用户是否存在此角色标识 默认不存在 */
private boolean flag = false;
/** 菜单组 */
@@ -66,12 +66,12 @@ public class Role extends BaseEntity
this.roleSort = roleSort;
}
- public int getStatus()
+ public Integer getStatus()
{
return status;
}
- public void setStatus(int status)
+ public void setStatus(Integer status)
{
this.status = status;
}
diff --git a/src/main/resources/mybatis/system/RoleMapper.xml b/src/main/resources/mybatis/system/RoleMapper.xml
index 77f0dcb5..7259ae60 100644
--- a/src/main/resources/mybatis/system/RoleMapper.xml
+++ b/src/main/resources/mybatis/system/RoleMapper.xml
@@ -20,8 +20,14 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
diff --git a/src/main/resources/static/css/style.css b/src/main/resources/static/css/style.css
index eabf51be..a70f4e57 100644
--- a/src/main/resources/static/css/style.css
+++ b/src/main/resources/static/css/style.css
@@ -3631,11 +3631,11 @@ code {
-o-border-image: none;
border-image: none;
border-style: solid solid none;
- border-width: 4px 0px 0;
+ border-width: 0px 0px 0;
color: inherit;
margin-bottom: 0;
padding: 14px 15px 7px;
- min-height: 48px;
+ min-height: 40px;
}
.ibox-content {
@@ -3719,7 +3719,7 @@ table.table-mail tr td {
.ibox-tools a {
cursor: pointer;
margin-left: 5px;
- color: #c4c4c4;
+ color: #676a6c;
}
.ibox-tools a.btn-primary {
diff --git a/src/main/resources/static/ruoyi/js/ry-table.js b/src/main/resources/static/ruoyi/js/ry-table.js
new file mode 100644
index 00000000..5a51a630
--- /dev/null
+++ b/src/main/resources/static/ruoyi/js/ry-table.js
@@ -0,0 +1,59 @@
+/**
+ * 表格通用方法封装处理
+ * Copyright (c) 2018 ruoyi
+ */
+(function($) {
+ $.extend({
+ ryTable: {
+ _option: {},
+ _params: {},
+ init: function(options) {
+ $.ryTable._option = options;
+ $.ryTable._params = options.queryParams == null ? $.ryTable.queryParams : options.queryParams;
+ $('.bootstrap-table').bootstrapTable({
+ url: options.url, // 请求后台的URL(*)
+ contentType: "application/x-www-form-urlencoded", // 编码类型
+ method: 'post', // 请求方式(*)
+ toolbar: '#toolbar', // 工具按钮用哪个容器
+ cache: false, // 是否使用缓存
+ sortable: false, // 是否启用排序
+ sortOrder: "asc", // 排序方式
+ sortStable: true, // 设置为 true 将获得稳定的排序
+ pagination: true, // 是否显示分页(*)
+ sidePagination: "server", // 启用服务端分页
+ pageNumber: 1, // 初始化加载第一页,默认第一页
+ pageSize: 10, // 每页的记录行数(*)
+ pageList: [10, 25, 50], // 可供选择的每页的行数(*)
+ queryParams: $.ryTable._params, // 传递参数(*)
+ columns: options.columns // 显示列信息(*)
+ });
+ },
+ queryParams: function(params) {
+ return {
+ // 传递参数查询参数
+ pageSize: params.limit,
+ pageNum: params.offset / params.limit + 1,
+ searchValue: params.search,
+ orderByColumn: params.sort,
+ isAsc: params.order
+ };
+ },
+ refresh: function() {
+ $(".bootstrap-table").bootstrapTable('refresh', {
+ url: $.ryTable._option.url
+ });
+ }
+ }
+ });
+})(jQuery);
+
+function default_params(params) {
+ return {
+ // 传递参数查询参数
+ pageSize: params.limit,
+ pageNum: params.offset / params.limit + 1,
+ searchValue: params.search,
+ orderByColumn: params.sort,
+ isAsc: params.order
+ };
+}
\ No newline at end of file
diff --git a/src/main/resources/static/ruoyi/system/role/role.js b/src/main/resources/static/ruoyi/system/role/role.js
index b2d86362..986d130b 100644
--- a/src/main/resources/static/ruoyi/system/role/role.js
+++ b/src/main/resources/static/ruoyi/system/role/role.js
@@ -1,55 +1,77 @@
var prefix = ctx + "system/role"
$(function() {
- var columns = [{
- checkbox: true
- },
- {
- field: 'roleId',
- title: '角色编号'
- },
- {
- field: 'roleName',
- title: '角色名称'
- },
- {
- field: 'roleKey',
- title: '权限字符'
- },
- {
- field: 'roleSort',
- title: '显示顺序'
- },
- {
- field: 'status',
- title: '状态',
- align: 'center',
- formatter: function(value, row, index) {
- if (value == 0) {
- return '正常';
- } else if (value == 1) {
- return '禁用';
- }
- }
- },
- {
- field: 'createDateTimeStr',
- title: '创建时间'
- },
- {
- title: '操作',
- align: 'center',
- formatter: function(value, row, index) {
- var actions = [];
- actions.push('编辑 ');
- actions.push('删除');
- return actions.join('');
- }
- }];
- var url = prefix + "/list";
- $.initTable(columns, url);
+ var options = {
+ url: prefix + "/list",
+ queryParams: queryParams,
+ columns: [{
+ checkbox: true
+ },
+ {
+ field: 'roleId',
+ title: '角色编号'
+ },
+ {
+ field: 'roleName',
+ title: '角色名称'
+ },
+ {
+ field: 'roleKey',
+ title: '权限字符'
+ },
+ {
+ field: 'roleSort',
+ title: '显示顺序'
+ },
+ {
+ field: 'status',
+ title: '状态',
+ align: 'center',
+ formatter: function(value, row, index) {
+ if (value == 0) {
+ return '正常';
+ } else if (value == 1) {
+ return '禁用';
+ }
+ }
+ },
+ {
+ field: 'createDateTimeStr',
+ title: '创建时间'
+ },
+ {
+ title: '操作',
+ align: 'center',
+ formatter: function(value, row, index) {
+ var actions = [];
+ actions.push('编辑 ');
+ actions.push('删除');
+ return actions.join('');
+ }
+ }]
+ };
+ $.ryTable.init(options);
});
+/*角色管理-搜索*/
+function search() {
+ $('.bootstrap-table').bootstrapTable('refresh', queryParams);
+}
+
+function queryParams(params) {
+ return {
+ // 传递参数查询参数
+ pageSize: params.limit,
+ pageNum: params.offset / params.limit + 1,
+ searchValue: params.search,
+ orderByColumn: params.sort,
+ isAsc: params.order,
+ roleName: $("#roleName").val(),
+ roleKey: $("#roleKey").val(),
+ status: $("#status option:selected").val()
+ };
+}
+
/*角色管理-新增*/
function add() {
var url = prefix + '/add';
diff --git a/src/main/resources/templates/include.html b/src/main/resources/templates/include.html
index 9aad3b5c..9258d07b 100644
--- a/src/main/resources/templates/include.html
+++ b/src/main/resources/templates/include.html
@@ -34,8 +34,8 @@
-
-
+
+
diff --git a/src/main/resources/templates/main.html b/src/main/resources/templates/main.html
index e078f81d..d995948a 100644
--- a/src/main/resources/templates/main.html
+++ b/src/main/resources/templates/main.html
@@ -94,13 +94,35 @@
+
+
+
+
+
+ - 新增用户列表部门列
+ - 新增登录地点
+ - 新增swagger
+ - 修复排序数字校验
+ - 优化头像上传文件类型限定为图片
+ - 新增XSS过滤
+ - 新增热部署提高开发效率
+ - 修复treegrid居中无效
+ - 角色多条件查询
+
+
+
+
-
+
- 优化登录失败刷新验证码
diff --git a/src/main/resources/templates/system/dept/add.html b/src/main/resources/templates/system/dept/add.html
index dc7d50f1..3e8abd23 100644
--- a/src/main/resources/templates/system/dept/add.html
+++ b/src/main/resources/templates/system/dept/add.html
@@ -44,7 +44,7 @@