> constraintViolations = validator.validate(object, groups);
+ if (!constraintViolations.isEmpty())
+ {
+ throw new ConstraintViolationException(constraintViolations);
+ }
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/file/FileTypeUtils.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/file/FileTypeUtils.java
new file mode 100644
index 0000000..07a436e
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/file/FileTypeUtils.java
@@ -0,0 +1,95 @@
+package com.bwie.common.core.utils.file;
+
+import java.io.File;
+import java.util.Objects;
+import org.apache.commons.io.FilenameUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.web.multipart.MultipartFile;
+
+/**
+ * 文件类型工具类
+ *
+ * @author bwie
+ */
+public class FileTypeUtils
+{
+ /**
+ * 获取文件类型
+ *
+ * 例如: bwie.txt, 返回: txt
+ *
+ * @param file 文件名
+ * @return 后缀(不含".")
+ */
+ public static String getFileType(File file)
+ {
+ if (null == file)
+ {
+ return StringUtils.EMPTY;
+ }
+ return getFileType(file.getName());
+ }
+
+ /**
+ * 获取文件类型
+ *
+ * 例如: bwie.txt, 返回: txt
+ *
+ * @param fileName 文件名
+ * @return 后缀(不含".")
+ */
+ public static String getFileType(String fileName)
+ {
+ int separatorIndex = fileName.lastIndexOf(".");
+ if (separatorIndex < 0)
+ {
+ return "";
+ }
+ return fileName.substring(separatorIndex + 1).toLowerCase();
+ }
+
+ /**
+ * 获取文件名的后缀
+ *
+ * @param file 表单文件
+ * @return 后缀名
+ */
+ public static final String getExtension(MultipartFile file)
+ {
+ String extension = FilenameUtils.getExtension(file.getOriginalFilename());
+ if (StringUtils.isEmpty(extension))
+ {
+ extension = MimeTypeUtils.getExtension(Objects.requireNonNull(file.getContentType()));
+ }
+ return extension;
+ }
+
+ /**
+ * 获取文件类型
+ *
+ * @param photoByte 文件字节码
+ * @return 后缀(不含".")
+ */
+ public static String getFileExtendName(byte[] photoByte)
+ {
+ String strFileExtendName = "JPG";
+ if ((photoByte[0] == 71) && (photoByte[1] == 73) && (photoByte[2] == 70) && (photoByte[3] == 56)
+ && ((photoByte[4] == 55) || (photoByte[4] == 57)) && (photoByte[5] == 97))
+ {
+ strFileExtendName = "GIF";
+ }
+ else if ((photoByte[6] == 74) && (photoByte[7] == 70) && (photoByte[8] == 73) && (photoByte[9] == 70))
+ {
+ strFileExtendName = "JPG";
+ }
+ else if ((photoByte[0] == 66) && (photoByte[1] == 77))
+ {
+ strFileExtendName = "BMP";
+ }
+ else if ((photoByte[1] == 80) && (photoByte[2] == 78) && (photoByte[3] == 71))
+ {
+ strFileExtendName = "PNG";
+ }
+ return strFileExtendName;
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/file/FileUtils.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/file/FileUtils.java
new file mode 100644
index 0000000..9fdaf5b
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/file/FileUtils.java
@@ -0,0 +1,253 @@
+package com.bwie.common.core.utils.file;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.ArrayUtils;
+import com.bwie.common.core.utils.StringUtils;
+
+/**
+ * 文件处理工具类
+ *
+ * @author bwie
+ */
+public class FileUtils
+{
+ /** 字符常量:斜杠 {@code '/'} */
+ public static final char SLASH = '/';
+
+ /** 字符常量:反斜杠 {@code '\\'} */
+ public static final char BACKSLASH = '\\';
+
+ public static String FILENAME_PATTERN = "[a-zA-Z0-9_\\-\\|\\.\\u4e00-\\u9fa5]+";
+
+ /**
+ * 输出指定文件的byte数组
+ *
+ * @param filePath 文件路径
+ * @param os 输出流
+ * @return
+ */
+ public static void writeBytes(String filePath, OutputStream os) throws IOException
+ {
+ FileInputStream fis = null;
+ try
+ {
+ File file = new File(filePath);
+ if (!file.exists())
+ {
+ throw new FileNotFoundException(filePath);
+ }
+ fis = new FileInputStream(file);
+ byte[] b = new byte[1024];
+ int length;
+ while ((length = fis.read(b)) > 0)
+ {
+ os.write(b, 0, length);
+ }
+ }
+ catch (IOException e)
+ {
+ throw e;
+ }
+ finally
+ {
+ if (os != null)
+ {
+ try
+ {
+ os.close();
+ }
+ catch (IOException e1)
+ {
+ e1.printStackTrace();
+ }
+ }
+ if (fis != null)
+ {
+ try
+ {
+ fis.close();
+ }
+ catch (IOException e1)
+ {
+ e1.printStackTrace();
+ }
+ }
+ }
+ }
+
+ /**
+ * 删除文件
+ *
+ * @param filePath 文件
+ * @return
+ */
+ public static boolean deleteFile(String filePath)
+ {
+ boolean flag = false;
+ File file = new File(filePath);
+ // 路径为文件且不为空则进行删除
+ if (file.isFile() && file.exists())
+ {
+ flag = file.delete();
+ }
+ return flag;
+ }
+
+ /**
+ * 文件名称验证
+ *
+ * @param filename 文件名称
+ * @return true 正常 false 非法
+ */
+ public static boolean isValidFilename(String filename)
+ {
+ return filename.matches(FILENAME_PATTERN);
+ }
+
+ /**
+ * 检查文件是否可下载
+ *
+ * @param resource 需要下载的文件
+ * @return true 正常 false 非法
+ */
+ public static boolean checkAllowDownload(String resource)
+ {
+ // 禁止目录上跳级别
+ if (StringUtils.contains(resource, ".."))
+ {
+ return false;
+ }
+ // 判断是否在允许下载的文件规则内
+ return ArrayUtils.contains(MimeTypeUtils.DEFAULT_ALLOWED_EXTENSION, FileTypeUtils.getFileType(resource));
+ }
+
+ /**
+ * 下载文件名重新编码
+ *
+ * @param request 请求对象
+ * @param fileName 文件名
+ * @return 编码后的文件名
+ */
+ public static String setFileDownloadHeader(HttpServletRequest request, String fileName) throws UnsupportedEncodingException
+ {
+ final String agent = request.getHeader("USER-AGENT");
+ String filename = fileName;
+ if (agent.contains("MSIE"))
+ {
+ // IE浏览器
+ filename = URLEncoder.encode(filename, "utf-8");
+ filename = filename.replace("+", " ");
+ }
+ else if (agent.contains("Firefox"))
+ {
+ // 火狐浏览器
+ filename = new String(fileName.getBytes(), "ISO8859-1");
+ }
+ else if (agent.contains("Chrome"))
+ {
+ // google浏览器
+ filename = URLEncoder.encode(filename, "utf-8");
+ }
+ else
+ {
+ // 其它浏览器
+ filename = URLEncoder.encode(filename, "utf-8");
+ }
+ return filename;
+ }
+
+ /**
+ * 返回文件名
+ *
+ * @param filePath 文件
+ * @return 文件名
+ */
+ public static String getName(String filePath)
+ {
+ if (null == filePath)
+ {
+ return null;
+ }
+ int len = filePath.length();
+ if (0 == len)
+ {
+ return filePath;
+ }
+ if (isFileSeparator(filePath.charAt(len - 1)))
+ {
+ // 以分隔符结尾的去掉结尾分隔符
+ len--;
+ }
+
+ int begin = 0;
+ char c;
+ for (int i = len - 1; i > -1; i--)
+ {
+ c = filePath.charAt(i);
+ if (isFileSeparator(c))
+ {
+ // 查找最后一个路径分隔符(/或者\)
+ begin = i + 1;
+ break;
+ }
+ }
+
+ return filePath.substring(begin, len);
+ }
+
+ /**
+ * 是否为Windows或者Linux(Unix)文件分隔符ipt>alert(\"XSS\") ipt>";
+ // String html = "<123";
+ // String html = "123>";
+ System.out.println("clean: " + EscapeUtil.clean(html));
+ System.out.println("escape: " + escape);
+ System.out.println("unescape: " + EscapeUtil.unescape(escape));
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/html/HTMLFilter.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/html/HTMLFilter.java
new file mode 100644
index 0000000..ae63db3
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/html/HTMLFilter.java
@@ -0,0 +1,570 @@
+package com.bwie.common.core.utils.html;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+/**
+ * HTML过滤器,用于去除XSS漏洞隐患。
+ *
+ * @author bwie
+ */
+public final class HTMLFilter
+{
+ /**
+ * regex flag union representing /si modifiers in php
+ **/
+ private static final int REGEX_FLAGS_SI = Pattern.CASE_INSENSITIVE | Pattern.DOTALL;
+ private static final Pattern P_COMMENTS = Pattern.compile("", Pattern.DOTALL);
+ private static final Pattern P_COMMENT = Pattern.compile("^!--(.*)--$", REGEX_FLAGS_SI);
+ private static final Pattern P_TAGS = Pattern.compile("<(.*?)>", Pattern.DOTALL);
+ private static final Pattern P_END_TAG = Pattern.compile("^/([a-z0-9]+)", REGEX_FLAGS_SI);
+ private static final Pattern P_START_TAG = Pattern.compile("^([a-z0-9]+)(.*?)(/?)$", REGEX_FLAGS_SI);
+ private static final Pattern P_QUOTED_ATTRIBUTES = Pattern.compile("([a-z0-9]+)=([\"'])(.*?)\\2", REGEX_FLAGS_SI);
+ private static final Pattern P_UNQUOTED_ATTRIBUTES = Pattern.compile("([a-z0-9]+)(=)([^\"\\s']+)", REGEX_FLAGS_SI);
+ private static final Pattern P_PROTOCOL = Pattern.compile("^([^:]+):", REGEX_FLAGS_SI);
+ private static final Pattern P_ENTITY = Pattern.compile("&#(\\d+);?");
+ private static final Pattern P_ENTITY_UNICODE = Pattern.compile("&#x([0-9a-f]+);?");
+ private static final Pattern P_ENCODE = Pattern.compile("%([0-9a-f]{2});?");
+ private static final Pattern P_VALID_ENTITIES = Pattern.compile("&([^&;]*)(?=(;|&|$))");
+ private static final Pattern P_VALID_QUOTES = Pattern.compile("(>|^)([^<]+?)(<|$)", Pattern.DOTALL);
+ private static final Pattern P_END_ARROW = Pattern.compile("^>");
+ private static final Pattern P_BODY_TO_END = Pattern.compile("<([^>]*?)(?=<|$)");
+ private static final Pattern P_XML_CONTENT = Pattern.compile("(^|>)([^<]*?)(?=>)");
+ private static final Pattern P_STRAY_LEFT_ARROW = Pattern.compile("<([^>]*?)(?=<|$)");
+ private static final Pattern P_STRAY_RIGHT_ARROW = Pattern.compile("(^|>)([^<]*?)(?=>)");
+ private static final Pattern P_AMP = Pattern.compile("&");
+ private static final Pattern P_QUOTE = Pattern.compile("\"");
+ private static final Pattern P_LEFT_ARROW = Pattern.compile("<");
+ private static final Pattern P_RIGHT_ARROW = Pattern.compile(">");
+ private static final Pattern P_BOTH_ARROWS = Pattern.compile("<>");
+
+ // @xxx could grow large... maybe use sesat's ReferenceMap
+ private static final ConcurrentMap P_REMOVE_PAIR_BLANKS = new ConcurrentHashMap<>();
+ private static final ConcurrentMap P_REMOVE_SELF_BLANKS = new ConcurrentHashMap<>();
+
+ /**
+ * set of allowed html elements, along with allowed attributes for each element
+ **/
+ private final Map> vAllowed;
+ /**
+ * counts of open tags for each (allowable) html element
+ **/
+ private final Map vTagCounts = new HashMap<>();
+
+ /**
+ * html elements which must always be self-closing (e.g. ""
+ * becomes " text "). If set to false, unbalanced angle brackets will be html escaped.
+ */
+ private final boolean alwaysMakeTags;
+
+ /**
+ * Default constructor.
+ */
+ public HTMLFilter()
+ {
+ vAllowed = new HashMap<>();
+
+ final ArrayList a_atts = new ArrayList<>();
+ a_atts.add("href");
+ a_atts.add("target");
+ vAllowed.put("a", a_atts);
+
+ final ArrayList img_atts = new ArrayList<>();
+ img_atts.add("src");
+ img_atts.add("width");
+ img_atts.add("height");
+ img_atts.add("alt");
+ vAllowed.put("img", img_atts);
+
+ final ArrayList no_atts = new ArrayList<>();
+ vAllowed.put("b", no_atts);
+ vAllowed.put("strong", no_atts);
+ vAllowed.put("i", no_atts);
+ vAllowed.put("em", no_atts);
+
+ vSelfClosingTags = new String[] { "img" };
+ vNeedClosingTags = new String[] { "a", "b", "strong", "i", "em" };
+ vDisallowed = new String[] {};
+ vAllowedProtocols = new String[] { "http", "mailto", "https" }; // no ftp.
+ vProtocolAtts = new String[] { "src", "href" };
+ vRemoveBlanks = new String[] { "a", "b", "strong", "i", "em" };
+ vAllowedEntities = new String[] { "amp", "gt", "lt", "quot" };
+ stripComment = true;
+ encodeQuotes = true;
+ alwaysMakeTags = false;
+ }
+
+ /**
+ * Map-parameter configurable constructor.
+ *
+ * @param conf map containing configuration. keys match field names.
+ */
+ @SuppressWarnings("unchecked")
+ public HTMLFilter(final Map conf)
+ {
+
+ assert conf.containsKey("vAllowed") : "configuration requires vAllowed";
+ assert conf.containsKey("vSelfClosingTags") : "configuration requires vSelfClosingTags";
+ assert conf.containsKey("vNeedClosingTags") : "configuration requires vNeedClosingTags";
+ assert conf.containsKey("vDisallowed") : "configuration requires vDisallowed";
+ assert conf.containsKey("vAllowedProtocols") : "configuration requires vAllowedProtocols";
+ assert conf.containsKey("vProtocolAtts") : "configuration requires vProtocolAtts";
+ assert conf.containsKey("vRemoveBlanks") : "configuration requires vRemoveBlanks";
+ assert conf.containsKey("vAllowedEntities") : "configuration requires vAllowedEntities";
+
+ vAllowed = Collections.unmodifiableMap((HashMap>) conf.get("vAllowed"));
+ vSelfClosingTags = (String[]) conf.get("vSelfClosingTags");
+ vNeedClosingTags = (String[]) conf.get("vNeedClosingTags");
+ vDisallowed = (String[]) conf.get("vDisallowed");
+ vAllowedProtocols = (String[]) conf.get("vAllowedProtocols");
+ vProtocolAtts = (String[]) conf.get("vProtocolAtts");
+ vRemoveBlanks = (String[]) conf.get("vRemoveBlanks");
+ vAllowedEntities = (String[]) conf.get("vAllowedEntities");
+ stripComment = conf.containsKey("stripComment") ? (Boolean) conf.get("stripComment") : true;
+ encodeQuotes = conf.containsKey("encodeQuotes") ? (Boolean) conf.get("encodeQuotes") : true;
+ alwaysMakeTags = conf.containsKey("alwaysMakeTags") ? (Boolean) conf.get("alwaysMakeTags") : true;
+ }
+
+ private void reset()
+ {
+ vTagCounts.clear();
+ }
+
+ // ---------------------------------------------------------------
+ // my versions of some PHP library functions
+ public static String chr(final int decimal)
+ {
+ return String.valueOf((char) decimal);
+ }
+
+ public static String htmlSpecialChars(final String s)
+ {
+ String result = s;
+ result = regexReplace(P_AMP, "&", result);
+ result = regexReplace(P_QUOTE, """, result);
+ result = regexReplace(P_LEFT_ARROW, "<", result);
+ result = regexReplace(P_RIGHT_ARROW, ">", result);
+ return result;
+ }
+
+ // ---------------------------------------------------------------
+
+ /**
+ * given a user submitted input String, filter out any invalid or restricted html.
+ *
+ * @param input text (i.e. submitted by a user) than may contain html
+ * @return "clean" version of input, with only valid, whitelisted html elements allowed
+ */
+ public String filter(final String input)
+ {
+ reset();
+ String s = input;
+
+ s = escapeComments(s);
+
+ s = balanceHTML(s);
+
+ s = checkTags(s);
+
+ s = processRemoveBlanks(s);
+
+ // s = validateEntities(s);
+
+ return s;
+ }
+
+ public boolean isAlwaysMakeTags()
+ {
+ return alwaysMakeTags;
+ }
+
+ public boolean isStripComments()
+ {
+ return stripComment;
+ }
+
+ private String escapeComments(final String s)
+ {
+ final Matcher m = P_COMMENTS.matcher(s);
+ final StringBuffer buf = new StringBuffer();
+ if (m.find())
+ {
+ final String match = m.group(1); // (.*?)
+ m.appendReplacement(buf, Matcher.quoteReplacement(""));
+ }
+ m.appendTail(buf);
+
+ return buf.toString();
+ }
+
+ private String balanceHTML(String s)
+ {
+ if (alwaysMakeTags)
+ {
+ //
+ // try and form html
+ //
+ s = regexReplace(P_END_ARROW, "", s);
+ // 不追加结束标签
+ s = regexReplace(P_BODY_TO_END, "<$1>", s);
+ s = regexReplace(P_XML_CONTENT, "$1<$2", s);
+
+ }
+ else
+ {
+ //
+ // escape stray brackets
+ //
+ s = regexReplace(P_STRAY_LEFT_ARROW, "<$1", s);
+ s = regexReplace(P_STRAY_RIGHT_ARROW, "$1$2><", s);
+
+ //
+ // the last regexp causes '<>' entities to appear
+ // (we need to do a lookahead assertion so that the last bracket can
+ // be used in the next pass of the regexp)
+ //
+ s = regexReplace(P_BOTH_ARROWS, "", s);
+ }
+
+ return s;
+ }
+
+ private String checkTags(String s)
+ {
+ Matcher m = P_TAGS.matcher(s);
+
+ final StringBuffer buf = new StringBuffer();
+ while (m.find())
+ {
+ String replaceStr = m.group(1);
+ replaceStr = processTag(replaceStr);
+ m.appendReplacement(buf, Matcher.quoteReplacement(replaceStr));
+ }
+ m.appendTail(buf);
+
+ // these get tallied in processTag
+ // (remember to reset before subsequent calls to filter method)
+ final StringBuilder sBuilder = new StringBuilder(buf.toString());
+ for (String key : vTagCounts.keySet())
+ {
+ for (int ii = 0; ii < vTagCounts.get(key); ii++)
+ {
+ sBuilder.append("");
+ }
+ }
+ s = sBuilder.toString();
+
+ return s;
+ }
+
+ private String processRemoveBlanks(final String s)
+ {
+ String result = s;
+ for (String tag : vRemoveBlanks)
+ {
+ if (!P_REMOVE_PAIR_BLANKS.containsKey(tag))
+ {
+ P_REMOVE_PAIR_BLANKS.putIfAbsent(tag, Pattern.compile("<" + tag + "(\\s[^>]*)?>"));
+ }
+ result = regexReplace(P_REMOVE_PAIR_BLANKS.get(tag), "", result);
+ if (!P_REMOVE_SELF_BLANKS.containsKey(tag))
+ {
+ P_REMOVE_SELF_BLANKS.putIfAbsent(tag, Pattern.compile("<" + tag + "(\\s[^>]*)?/>"));
+ }
+ result = regexReplace(P_REMOVE_SELF_BLANKS.get(tag), "", result);
+ }
+
+ return result;
+ }
+
+ private static String regexReplace(final Pattern regex_pattern, final String replacement, final String s)
+ {
+ Matcher m = regex_pattern.matcher(s);
+ return m.replaceAll(replacement);
+ }
+
+ private String processTag(final String s)
+ {
+ // ending tags
+ Matcher m = P_END_TAG.matcher(s);
+ if (m.find())
+ {
+ final String name = m.group(1).toLowerCase();
+ if (allowed(name))
+ {
+ if (!inArray(name, vSelfClosingTags))
+ {
+ if (vTagCounts.containsKey(name))
+ {
+ vTagCounts.put(name, vTagCounts.get(name) - 1);
+ return "";
+ }
+ }
+ }
+ }
+
+ // starting tags
+ m = P_START_TAG.matcher(s);
+ if (m.find())
+ {
+ final String name = m.group(1).toLowerCase();
+ final String body = m.group(2);
+ String ending = m.group(3);
+
+ // debug( "in a starting tag, name='" + name + "'; body='" + body + "'; ending='" + ending + "'" );
+ if (allowed(name))
+ {
+ final StringBuilder params = new StringBuilder();
+
+ final Matcher m2 = P_QUOTED_ATTRIBUTES.matcher(body);
+ final Matcher m3 = P_UNQUOTED_ATTRIBUTES.matcher(body);
+ final List paramNames = new ArrayList<>();
+ final List paramValues = new ArrayList<>();
+ while (m2.find())
+ {
+ paramNames.add(m2.group(1)); // ([a-z0-9]+)
+ paramValues.add(m2.group(3)); // (.*?)
+ }
+ while (m3.find())
+ {
+ paramNames.add(m3.group(1)); // ([a-z0-9]+)
+ paramValues.add(m3.group(3)); // ([^\"\\s']+)
+ }
+
+ String paramName, paramValue;
+ for (int ii = 0; ii < paramNames.size(); ii++)
+ {
+ paramName = paramNames.get(ii).toLowerCase();
+ paramValue = paramValues.get(ii);
+
+ // debug( "paramName='" + paramName + "'" );
+ // debug( "paramValue='" + paramValue + "'" );
+ // debug( "allowed? " + vAllowed.get( name ).contains( paramName ) );
+
+ if (allowedAttribute(name, paramName))
+ {
+ if (inArray(paramName, vProtocolAtts))
+ {
+ paramValue = processParamProtocol(paramValue);
+ }
+ params.append(' ').append(paramName).append("=\\\"").append(paramValue).append("\\\"");
+ }
+ }
+
+ if (inArray(name, vSelfClosingTags))
+ {
+ ending = " /";
+ }
+
+ if (inArray(name, vNeedClosingTags))
+ {
+ ending = "";
+ }
+
+ if (ending == null || ending.length() < 1)
+ {
+ if (vTagCounts.containsKey(name))
+ {
+ vTagCounts.put(name, vTagCounts.get(name) + 1);
+ }
+ else
+ {
+ vTagCounts.put(name, 1);
+ }
+ }
+ else
+ {
+ ending = " /";
+ }
+ return "<" + name + params + ending + ">";
+ }
+ else
+ {
+ return "";
+ }
+ }
+
+ // comments
+ m = P_COMMENT.matcher(s);
+ if (!stripComment && m.find())
+ {
+ return "<" + m.group() + ">";
+ }
+
+ return "";
+ }
+
+ private String processParamProtocol(String s)
+ {
+ s = decodeEntities(s);
+ final Matcher m = P_PROTOCOL.matcher(s);
+ if (m.find())
+ {
+ final String protocol = m.group(1);
+ if (!inArray(protocol, vAllowedProtocols))
+ {
+ // bad protocol, turn into local anchor link instead
+ s = "#" + s.substring(protocol.length() + 1);
+ if (s.startsWith("#//"))
+ {
+ s = "#" + s.substring(3);
+ }
+ }
+ }
+
+ return s;
+ }
+
+ private String decodeEntities(String s)
+ {
+ StringBuffer buf = new StringBuffer();
+
+ Matcher m = P_ENTITY.matcher(s);
+ while (m.find())
+ {
+ final String match = m.group(1);
+ final int decimal = Integer.decode(match).intValue();
+ m.appendReplacement(buf, Matcher.quoteReplacement(chr(decimal)));
+ }
+ m.appendTail(buf);
+ s = buf.toString();
+
+ buf = new StringBuffer();
+ m = P_ENTITY_UNICODE.matcher(s);
+ while (m.find())
+ {
+ final String match = m.group(1);
+ final int decimal = Integer.valueOf(match, 16).intValue();
+ m.appendReplacement(buf, Matcher.quoteReplacement(chr(decimal)));
+ }
+ m.appendTail(buf);
+ s = buf.toString();
+
+ buf = new StringBuffer();
+ m = P_ENCODE.matcher(s);
+ while (m.find())
+ {
+ final String match = m.group(1);
+ final int decimal = Integer.valueOf(match, 16).intValue();
+ m.appendReplacement(buf, Matcher.quoteReplacement(chr(decimal)));
+ }
+ m.appendTail(buf);
+ s = buf.toString();
+
+ s = validateEntities(s);
+ return s;
+ }
+
+ private String validateEntities(final String s)
+ {
+ StringBuffer buf = new StringBuffer();
+
+ // validate entities throughout the string
+ Matcher m = P_VALID_ENTITIES.matcher(s);
+ while (m.find())
+ {
+ final String one = m.group(1); // ([^&;]*)
+ final String two = m.group(2); // (?=(;|&|$))
+ m.appendReplacement(buf, Matcher.quoteReplacement(checkEntity(one, two)));
+ }
+ m.appendTail(buf);
+
+ return encodeQuotes(buf.toString());
+ }
+
+ private String encodeQuotes(final String s)
+ {
+ if (encodeQuotes)
+ {
+ StringBuffer buf = new StringBuffer();
+ Matcher m = P_VALID_QUOTES.matcher(s);
+ while (m.find())
+ {
+ final String one = m.group(1); // (>|^)
+ final String two = m.group(2); // ([^<]+?)
+ final String three = m.group(3); // (<|$)
+ // 不替换双引号为",防止json格式无效 regexReplace(P_QUOTE, """, two)
+ m.appendReplacement(buf, Matcher.quoteReplacement(one + two + three));
+ }
+ m.appendTail(buf);
+ return buf.toString();
+ }
+ else
+ {
+ return s;
+ }
+ }
+
+ private String checkEntity(final String preamble, final String term)
+ {
+
+ return ";".equals(term) && isValidEntity(preamble) ? '&' + preamble : "&" + preamble;
+ }
+
+ private boolean isValidEntity(final String entity)
+ {
+ return inArray(entity, vAllowedEntities);
+ }
+
+ private static boolean inArray(final String s, final String[] array)
+ {
+ for (String item : array)
+ {
+ if (item != null && item.equals(s))
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ private boolean allowed(final String name)
+ {
+ return (vAllowed.isEmpty() || vAllowed.containsKey(name)) && !inArray(name, vDisallowed);
+ }
+
+ private boolean allowedAttribute(final String name, final String paramName)
+ {
+ return allowed(name) && (vAllowed.isEmpty() || vAllowed.get(name).contains(paramName));
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/ip/IpUtils.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/ip/IpUtils.java
new file mode 100644
index 0000000..4b01d11
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/ip/IpUtils.java
@@ -0,0 +1,382 @@
+package com.bwie.common.core.utils.ip;
+
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import javax.servlet.http.HttpServletRequest;
+import com.bwie.common.core.utils.ServletUtils;
+import com.bwie.common.core.utils.StringUtils;
+
+/**
+ * 获取IP方法
+ *
+ * @author bwie
+ */
+public class IpUtils
+{
+ public final static String REGX_0_255 = "(25[0-5]|2[0-4]\\d|1\\d{2}|[1-9]\\d|\\d)";
+ // 匹配 ip
+ public final static String REGX_IP = "((" + REGX_0_255 + "\\.){3}" + REGX_0_255 + ")";
+ public final static String REGX_IP_WILDCARD = "(((\\*\\.){3}\\*)|(" + REGX_0_255 + "(\\.\\*){3})|(" + REGX_0_255 + "\\." + REGX_0_255 + ")(\\.\\*){2}" + "|((" + REGX_0_255 + "\\.){3}\\*))";
+ // 匹配网段
+ public final static String REGX_IP_SEG = "(" + REGX_IP + "\\-" + REGX_IP + ")";
+
+ /**
+ * 获取客户端IP
+ *
+ * @return IP地址
+ */
+ public static String getIpAddr()
+ {
+ return getIpAddr(ServletUtils.getRequest());
+ }
+
+ /**
+ * 获取客户端IP
+ *
+ * @param request 请求对象
+ * @return IP地址
+ */
+ public static String getIpAddr(HttpServletRequest request)
+ {
+ if (request == null)
+ {
+ return "unknown";
+ }
+ String ip = request.getHeader("x-forwarded-for");
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+ {
+ ip = request.getHeader("Proxy-Client-IP");
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+ {
+ ip = request.getHeader("X-Forwarded-For");
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+ {
+ ip = request.getHeader("WL-Proxy-Client-IP");
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+ {
+ ip = request.getHeader("X-Real-IP");
+ }
+
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+ {
+ ip = request.getRemoteAddr();
+ }
+
+ return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : getMultistageReverseProxyIp(ip);
+ }
+
+ /**
+ * 检查是否为内部IP地址
+ *
+ * @param ip IP地址
+ * @return 结果
+ */
+ public static boolean internalIp(String ip)
+ {
+ byte[] addr = textToNumericFormatV4(ip);
+ return internalIp(addr) || "127.0.0.1".equals(ip);
+ }
+
+ /**
+ * 检查是否为内部IP地址
+ *
+ * @param addr byte地址
+ * @return 结果
+ */
+ private static boolean internalIp(byte[] addr)
+ {
+ if (StringUtils.isNull(addr) || addr.length < 2)
+ {
+ return true;
+ }
+ final byte b0 = addr[0];
+ final byte b1 = addr[1];
+ // 10.x.x.x/8
+ final byte SECTION_1 = 0x0A;
+ // 172.16.x.x/12
+ final byte SECTION_2 = (byte) 0xAC;
+ final byte SECTION_3 = (byte) 0x10;
+ final byte SECTION_4 = (byte) 0x1F;
+ // 192.168.x.x/16
+ final byte SECTION_5 = (byte) 0xC0;
+ final byte SECTION_6 = (byte) 0xA8;
+ switch (b0)
+ {
+ case SECTION_1:
+ return true;
+ case SECTION_2:
+ if (b1 >= SECTION_3 && b1 <= SECTION_4)
+ {
+ return true;
+ }
+ case SECTION_5:
+ switch (b1)
+ {
+ case SECTION_6:
+ return true;
+ }
+ default:
+ return false;
+ }
+ }
+
+ /**
+ * 将IPv4地址转换成字节
+ *
+ * @param text IPv4地址
+ * @return byte 字节
+ */
+ public static byte[] textToNumericFormatV4(String text)
+ {
+ if (text.length() == 0)
+ {
+ return null;
+ }
+
+ byte[] bytes = new byte[4];
+ String[] elements = text.split("\\.", -1);
+ try
+ {
+ long l;
+ int i;
+ switch (elements.length)
+ {
+ case 1:
+ l = Long.parseLong(elements[0]);
+ if ((l < 0L) || (l > 4294967295L))
+ {
+ return null;
+ }
+ bytes[0] = (byte) (int) (l >> 24 & 0xFF);
+ bytes[1] = (byte) (int) ((l & 0xFFFFFF) >> 16 & 0xFF);
+ bytes[2] = (byte) (int) ((l & 0xFFFF) >> 8 & 0xFF);
+ bytes[3] = (byte) (int) (l & 0xFF);
+ break;
+ case 2:
+ l = Integer.parseInt(elements[0]);
+ if ((l < 0L) || (l > 255L))
+ {
+ return null;
+ }
+ bytes[0] = (byte) (int) (l & 0xFF);
+ l = Integer.parseInt(elements[1]);
+ if ((l < 0L) || (l > 16777215L))
+ {
+ return null;
+ }
+ bytes[1] = (byte) (int) (l >> 16 & 0xFF);
+ bytes[2] = (byte) (int) ((l & 0xFFFF) >> 8 & 0xFF);
+ bytes[3] = (byte) (int) (l & 0xFF);
+ break;
+ case 3:
+ for (i = 0; i < 2; ++i)
+ {
+ l = Integer.parseInt(elements[i]);
+ if ((l < 0L) || (l > 255L))
+ {
+ return null;
+ }
+ bytes[i] = (byte) (int) (l & 0xFF);
+ }
+ l = Integer.parseInt(elements[2]);
+ if ((l < 0L) || (l > 65535L))
+ {
+ return null;
+ }
+ bytes[2] = (byte) (int) (l >> 8 & 0xFF);
+ bytes[3] = (byte) (int) (l & 0xFF);
+ break;
+ case 4:
+ for (i = 0; i < 4; ++i)
+ {
+ l = Integer.parseInt(elements[i]);
+ if ((l < 0L) || (l > 255L))
+ {
+ return null;
+ }
+ bytes[i] = (byte) (int) (l & 0xFF);
+ }
+ break;
+ default:
+ return null;
+ }
+ }
+ catch (NumberFormatException e)
+ {
+ return null;
+ }
+ return bytes;
+ }
+
+ /**
+ * 获取IP地址
+ *
+ * @return 本地IP地址
+ */
+ public static String getHostIp()
+ {
+ try
+ {
+ return InetAddress.getLocalHost().getHostAddress();
+ }
+ catch (UnknownHostException e)
+ {
+ }
+ return "127.0.0.1";
+ }
+
+ /**
+ * 获取主机名
+ *
+ * @return 本地主机名
+ */
+ public static String getHostName()
+ {
+ try
+ {
+ return InetAddress.getLocalHost().getHostName();
+ }
+ catch (UnknownHostException e)
+ {
+ }
+ return "未知";
+ }
+
+ /**
+ * 从多级反向代理中获得第一个非unknown IP地址
+ *
+ * @param ip 获得的IP地址
+ * @return 第一个非unknown IP地址
+ */
+ public static String getMultistageReverseProxyIp(String ip)
+ {
+ // 多级反向代理检测
+ if (ip != null && ip.indexOf(",") > 0)
+ {
+ final String[] ips = ip.trim().split(",");
+ for (String subIp : ips)
+ {
+ if (false == isUnknown(subIp))
+ {
+ ip = subIp;
+ break;
+ }
+ }
+ }
+ return StringUtils.substring(ip, 0, 255);
+ }
+
+ /**
+ * 检测给定字符串是否为未知,多用于检测HTTP请求相关
+ *
+ * @param checkString 被检测的字符串
+ * @return 是否未知
+ */
+ public static boolean isUnknown(String checkString)
+ {
+ return StringUtils.isBlank(checkString) || "unknown".equalsIgnoreCase(checkString);
+ }
+
+ /**
+ * 是否为IP
+ */
+ public static boolean isIP(String ip)
+ {
+ return StringUtils.isNotBlank(ip) && ip.matches(REGX_IP);
+ }
+
+ /**
+ * 是否为IP,或 *为间隔的通配符地址
+ */
+ public static boolean isIpWildCard(String ip)
+ {
+ return StringUtils.isNotBlank(ip) && ip.matches(REGX_IP_WILDCARD);
+ }
+
+ /**
+ * 检测参数是否在ip通配符里
+ */
+ public static boolean ipIsInWildCardNoCheck(String ipWildCard, String ip)
+ {
+ String[] s1 = ipWildCard.split("\\.");
+ String[] s2 = ip.split("\\.");
+ boolean isMatchedSeg = true;
+ for (int i = 0; i < s1.length && !s1[i].equals("*"); i++)
+ {
+ if (!s1[i].equals(s2[i]))
+ {
+ isMatchedSeg = false;
+ break;
+ }
+ }
+ return isMatchedSeg;
+ }
+
+ /**
+ * 是否为特定格式如:“10.10.10.1-10.10.10.99”的ip段字符串
+ */
+ public static boolean isIPSegment(String ipSeg)
+ {
+ return StringUtils.isNotBlank(ipSeg) && ipSeg.matches(REGX_IP_SEG);
+ }
+
+ /**
+ * 判断ip是否在指定网段中
+ */
+ public static boolean ipIsInNetNoCheck(String iparea, String ip)
+ {
+ int idx = iparea.indexOf('-');
+ String[] sips = iparea.substring(0, idx).split("\\.");
+ String[] sipe = iparea.substring(idx + 1).split("\\.");
+ String[] sipt = ip.split("\\.");
+ long ips = 0L, ipe = 0L, ipt = 0L;
+ for (int i = 0; i < 4; ++i)
+ {
+ ips = ips << 8 | Integer.parseInt(sips[i]);
+ ipe = ipe << 8 | Integer.parseInt(sipe[i]);
+ ipt = ipt << 8 | Integer.parseInt(sipt[i]);
+ }
+ if (ips > ipe)
+ {
+ long t = ips;
+ ips = ipe;
+ ipe = t;
+ }
+ return ips <= ipt && ipt <= ipe;
+ }
+
+ /**
+ * 校验ip是否符合过滤串规则
+ *
+ * @param filter 过滤IP列表,支持后缀'*'通配,支持网段如:`10.10.10.1-10.10.10.99`
+ * @param ip 校验IP地址
+ * @return boolean 结果
+ */
+ public static boolean isMatchedIp(String filter, String ip)
+ {
+ if (StringUtils.isEmpty(filter) || StringUtils.isEmpty(ip))
+ {
+ return false;
+ }
+ String[] ips = filter.split(";");
+ for (String iStr : ips)
+ {
+ if (isIP(iStr) && iStr.equals(ip))
+ {
+ return true;
+ }
+ else if (isIpWildCard(iStr) && ipIsInWildCardNoCheck(iStr, ip))
+ {
+ return true;
+ }
+ else if (isIPSegment(iStr) && ipIsInNetNoCheck(iStr, ip))
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/poi/ExcelHandlerAdapter.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/poi/ExcelHandlerAdapter.java
new file mode 100644
index 0000000..c9e3bb6
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/poi/ExcelHandlerAdapter.java
@@ -0,0 +1,24 @@
+package com.bwie.common.core.utils.poi;
+
+import org.apache.poi.ss.usermodel.Cell;
+import org.apache.poi.ss.usermodel.Workbook;
+
+/**
+ * Excel数据格式处理适配器
+ *
+ * @author bwie
+ */
+public interface ExcelHandlerAdapter
+{
+ /**
+ * 格式化
+ *
+ * @param value 单元格数据值
+ * @param args excel注解args参数组
+ * @param cell 单元格对象
+ * @param wb 工作簿对象
+ *
+ * @return 处理后的值
+ */
+ Object format(Object value, String[] args, Cell cell, Workbook wb);
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/poi/ExcelUtil.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/poi/ExcelUtil.java
new file mode 100644
index 0000000..7984915
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/poi/ExcelUtil.java
@@ -0,0 +1,1501 @@
+package com.bwie.common.core.utils.poi;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.lang.reflect.ParameterizedType;
+import java.math.BigDecimal;
+import java.text.DecimalFormat;
+import java.time.LocalDate;
+import java.time.LocalDateTime;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Comparator;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.RegExUtils;
+import org.apache.commons.lang3.reflect.FieldUtils;
+import org.apache.poi.ss.usermodel.BorderStyle;
+import org.apache.poi.ss.usermodel.Cell;
+import org.apache.poi.ss.usermodel.CellStyle;
+import org.apache.poi.ss.usermodel.CellType;
+import org.apache.poi.ss.usermodel.ClientAnchor;
+import org.apache.poi.ss.usermodel.DataValidation;
+import org.apache.poi.ss.usermodel.DataValidationConstraint;
+import org.apache.poi.ss.usermodel.DataValidationHelper;
+import org.apache.poi.ss.usermodel.DateUtil;
+import org.apache.poi.ss.usermodel.Drawing;
+import org.apache.poi.ss.usermodel.FillPatternType;
+import org.apache.poi.ss.usermodel.Font;
+import org.apache.poi.ss.usermodel.HorizontalAlignment;
+import org.apache.poi.ss.usermodel.IndexedColors;
+import org.apache.poi.ss.usermodel.Name;
+import org.apache.poi.ss.usermodel.Row;
+import org.apache.poi.ss.usermodel.Sheet;
+import org.apache.poi.ss.usermodel.VerticalAlignment;
+import org.apache.poi.ss.usermodel.Workbook;
+import org.apache.poi.ss.usermodel.WorkbookFactory;
+import org.apache.poi.ss.util.CellRangeAddress;
+import org.apache.poi.ss.util.CellRangeAddressList;
+import org.apache.poi.util.IOUtils;
+import org.apache.poi.xssf.streaming.SXSSFWorkbook;
+import org.apache.poi.xssf.usermodel.XSSFClientAnchor;
+import org.apache.poi.xssf.usermodel.XSSFDataValidation;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import com.bwie.common.core.annotation.Excel;
+import com.bwie.common.core.annotation.Excel.ColumnType;
+import com.bwie.common.core.annotation.Excel.Type;
+import com.bwie.common.core.annotation.Excels;
+import com.bwie.common.core.exception.UtilException;
+import com.bwie.common.core.text.Convert;
+import com.bwie.common.core.utils.DateUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.core.utils.file.FileTypeUtils;
+import com.bwie.common.core.utils.file.ImageUtils;
+import com.bwie.common.core.utils.reflect.ReflectUtils;
+
+/**
+ * Excel相关处理
+ *
+ * @author bwie
+ */
+public class ExcelUtil
+{
+ private static final Logger log = LoggerFactory.getLogger(ExcelUtil.class);
+
+ public static final String FORMULA_REGEX_STR = "=|-|\\+|@";
+
+ public static final String[] FORMULA_STR = { "=", "-", "+", "@" };
+
+ /**
+ * Excel sheet最大行数,默认65536
+ */
+ public static final int sheetSize = 65536;
+
+ /**
+ * 工作表名称
+ */
+ private String sheetName;
+
+ /**
+ * 导出类型(EXPORT:导出数据;IMPORT:导入模板)
+ */
+ private Type type;
+
+ /**
+ * 工作薄对象
+ */
+ private Workbook wb;
+
+ /**
+ * 工作表对象
+ */
+ private Sheet sheet;
+
+ /**
+ * 样式列表
+ */
+ private Map styles;
+
+ /**
+ * 导入导出数据列表
+ */
+ private List list;
+
+ /**
+ * 注解列表
+ */
+ private List fields;
+
+ /**
+ * 当前行号
+ */
+ private int rownum;
+
+ /**
+ * 标题
+ */
+ private String title;
+
+ /**
+ * 最大高度
+ */
+ private short maxHeight;
+
+ /**
+ * 合并后最后行数
+ */
+ private int subMergedLastRowNum = 0;
+
+ /**
+ * 合并后开始行数
+ */
+ private int subMergedFirstRowNum = 1;
+
+ /**
+ * 对象的子列表方法
+ */
+ private Method subMethod;
+
+ /**
+ * 对象的子列表属性
+ */
+ private List subFields;
+
+ /**
+ * 统计列表
+ */
+ private Map statistics = new HashMap();
+
+ /**
+ * 数字格式
+ */
+ private static final DecimalFormat DOUBLE_FORMAT = new DecimalFormat("######0.00");
+
+ /**
+ * 实体对象
+ */
+ public Class clazz;
+
+ /**
+ * 需要排除列属性
+ */
+ public String[] excludeFields;
+
+ public ExcelUtil(Class clazz)
+ {
+ this.clazz = clazz;
+ }
+
+ /**
+ * 隐藏Excel中列属性
+ *
+ * @param fields 列属性名 示例[单个"name"/多个"id","name"]
+ * @throws Exception
+ */
+ public void hideColumn(String... fields)
+ {
+ this.excludeFields = fields;
+ }
+
+ public void init(List list, String sheetName, String title, Type type)
+ {
+ if (list == null)
+ {
+ list = new ArrayList();
+ }
+ this.list = list;
+ this.sheetName = sheetName;
+ this.type = type;
+ this.title = title;
+ createExcelField();
+ createWorkbook();
+ createTitle();
+ createSubHead();
+ }
+
+ /**
+ * 创建excel第一行标题
+ */
+ public void createTitle()
+ {
+ if (StringUtils.isNotEmpty(title))
+ {
+ subMergedFirstRowNum++;
+ subMergedLastRowNum++;
+ int titleLastCol = this.fields.size() - 1;
+ if (isSubList())
+ {
+ titleLastCol = titleLastCol + subFields.size() - 1;
+ }
+ Row titleRow = sheet.createRow(rownum == 0 ? rownum++ : 0);
+ titleRow.setHeightInPoints(30);
+ Cell titleCell = titleRow.createCell(0);
+ titleCell.setCellStyle(styles.get("title"));
+ titleCell.setCellValue(title);
+ sheet.addMergedRegion(new CellRangeAddress(titleRow.getRowNum(), titleRow.getRowNum(), titleRow.getRowNum(), titleLastCol));
+ }
+ }
+
+ /**
+ * 创建对象的子列表名称
+ */
+ public void createSubHead()
+ {
+ if (isSubList())
+ {
+ subMergedFirstRowNum++;
+ subMergedLastRowNum++;
+ Row subRow = sheet.createRow(rownum);
+ int excelNum = 0;
+ for (Object[] objects : fields)
+ {
+ Excel attr = (Excel) objects[1];
+ Cell headCell1 = subRow.createCell(excelNum);
+ headCell1.setCellValue(attr.name());
+ headCell1.setCellStyle(styles.get(StringUtils.format("header_{}_{}", attr.headerColor(), attr.headerBackgroundColor())));
+ excelNum++;
+ }
+ int headFirstRow = excelNum - 1;
+ int headLastRow = headFirstRow + subFields.size() - 1;
+ if (headLastRow > headFirstRow)
+ {
+ sheet.addMergedRegion(new CellRangeAddress(rownum, rownum, headFirstRow, headLastRow));
+ }
+ rownum++;
+ }
+ }
+
+ /**
+ * 对excel表单默认第一个索引名转换成list
+ *
+ * @param is 输入流
+ * @return 转换后集合
+ */
+ public List importExcel(InputStream is)
+ {
+ List list = null;
+ try
+ {
+ list = importExcel(is, 0);
+ }
+ catch (Exception e)
+ {
+ log.error("导入Excel异常{}", e.getMessage());
+ throw new UtilException(e.getMessage());
+ }
+ finally
+ {
+ IOUtils.closeQuietly(is);
+ }
+ return list;
+ }
+
+ /**
+ * 对excel表单默认第一个索引名转换成list
+ *
+ * @param is 输入流
+ * @param titleNum 标题占用行数
+ * @return 转换后集合
+ */
+ public List importExcel(InputStream is, int titleNum) throws Exception
+ {
+ return importExcel(StringUtils.EMPTY, is, titleNum);
+ }
+
+ /**
+ * 对excel表单指定表格索引名转换成list
+ *
+ * @param sheetName 表格索引名
+ * @param titleNum 标题占用行数
+ * @param is 输入流
+ * @return 转换后集合
+ */
+ public List importExcel(String sheetName, InputStream is, int titleNum) throws Exception
+ {
+ this.type = Type.IMPORT;
+ this.wb = WorkbookFactory.create(is);
+ List list = new ArrayList();
+ // 如果指定sheet名,则取指定sheet中的内容 否则默认指向第1个sheet
+ Sheet sheet = StringUtils.isNotEmpty(sheetName) ? wb.getSheet(sheetName) : wb.getSheetAt(0);
+ if (sheet == null)
+ {
+ throw new IOException("文件sheet不存在");
+ }
+
+ // 获取最后一个非空行的行下标,比如总行数为n,则返回的为n-1
+ int rows = sheet.getLastRowNum();
+ if (rows > 0)
+ {
+ // 定义一个map用于存放excel列的序号和field.
+ Map cellMap = new HashMap();
+ // 获取表头
+ Row heard = sheet.getRow(titleNum);
+ for (int i = 0; i < heard.getPhysicalNumberOfCells(); i++)
+ {
+ Cell cell = heard.getCell(i);
+ if (StringUtils.isNotNull(cell))
+ {
+ String value = this.getCellValue(heard, i).toString();
+ cellMap.put(value, i);
+ }
+ else
+ {
+ cellMap.put(null, i);
+ }
+ }
+ // 有数据时才处理 得到类的所有field.
+ List fields = this.getFields();
+ Map fieldsMap = new HashMap();
+ for (Object[] objects : fields)
+ {
+ Excel attr = (Excel) objects[1];
+ Integer column = cellMap.get(attr.name());
+ if (column != null)
+ {
+ fieldsMap.put(column, objects);
+ }
+ }
+ for (int i = titleNum + 1; i <= rows; i++)
+ {
+ // 从第2行开始取数据,默认第一行是表头.
+ Row row = sheet.getRow(i);
+ // 判断当前行是否是空行
+ if (isRowEmpty(row))
+ {
+ continue;
+ }
+ T entity = null;
+ for (Map.Entry entry : fieldsMap.entrySet())
+ {
+ Object val = this.getCellValue(row, entry.getKey());
+
+ // 如果不存在实例则新建.
+ entity = (entity == null ? clazz.newInstance() : entity);
+ // 从map中得到对应列的field.
+ Field field = (Field) entry.getValue()[0];
+ Excel attr = (Excel) entry.getValue()[1];
+ // 取得类型,并根据对象类型设置值.
+ Class fieldType = field.getType();
+ if (String.class == fieldType)
+ {
+ String s = Convert.toStr(val);
+ if (StringUtils.endsWith(s, ".0"))
+ {
+ val = StringUtils.substringBefore(s, ".0");
+ }
+ else
+ {
+ String dateFormat = field.getAnnotation(Excel.class).dateFormat();
+ if (StringUtils.isNotEmpty(dateFormat))
+ {
+ val = parseDateToStr(dateFormat, val);
+ }
+ else
+ {
+ val = Convert.toStr(val);
+ }
+ }
+ }
+ else if ((Integer.TYPE == fieldType || Integer.class == fieldType) && StringUtils.isNumeric(Convert.toStr(val)))
+ {
+ val = Convert.toInt(val);
+ }
+ else if ((Long.TYPE == fieldType || Long.class == fieldType) && StringUtils.isNumeric(Convert.toStr(val)))
+ {
+ val = Convert.toLong(val);
+ }
+ else if (Double.TYPE == fieldType || Double.class == fieldType)
+ {
+ val = Convert.toDouble(val);
+ }
+ else if (Float.TYPE == fieldType || Float.class == fieldType)
+ {
+ val = Convert.toFloat(val);
+ }
+ else if (BigDecimal.class == fieldType)
+ {
+ val = Convert.toBigDecimal(val);
+ }
+ else if (Date.class == fieldType)
+ {
+ if (val instanceof String)
+ {
+ val = DateUtils.parseDate(val);
+ }
+ else if (val instanceof Double)
+ {
+ val = DateUtil.getJavaDate((Double) val);
+ }
+ }
+ else if (Boolean.TYPE == fieldType || Boolean.class == fieldType)
+ {
+ val = Convert.toBool(val, false);
+ }
+ if (StringUtils.isNotNull(fieldType))
+ {
+ String propertyName = field.getName();
+ if (StringUtils.isNotEmpty(attr.targetAttr()))
+ {
+ propertyName = field.getName() + "." + attr.targetAttr();
+ }
+ if (StringUtils.isNotEmpty(attr.readConverterExp()))
+ {
+ val = reverseByExp(Convert.toStr(val), attr.readConverterExp(), attr.separator());
+ }
+ else if (!attr.handler().equals(ExcelHandlerAdapter.class))
+ {
+ val = dataFormatHandlerAdapter(val, attr, null);
+ }
+ ReflectUtils.invokeSetter(entity, propertyName, val);
+ }
+ }
+ list.add(entity);
+ }
+ }
+ return list;
+ }
+
+ /**
+ * 对list数据源将其里面的数据导入到excel表单
+ *
+ * @param response 返回数据
+ * @param list 导出数据集合
+ * @param sheetName 工作表的名称
+ * @return 结果
+ */
+ public void exportExcel(HttpServletResponse response, List list, String sheetName)
+ {
+ exportExcel(response, list, sheetName, StringUtils.EMPTY);
+ }
+
+ /**
+ * 对list数据源将其里面的数据导入到excel表单
+ *
+ * @param response 返回数据
+ * @param list 导出数据集合
+ * @param sheetName 工作表的名称
+ * @param title 标题
+ * @return 结果
+ */
+ public void exportExcel(HttpServletResponse response, List list, String sheetName, String title)
+ {
+ response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
+ response.setCharacterEncoding("utf-8");
+ this.init(list, sheetName, title, Type.EXPORT);
+ exportExcel(response);
+ }
+
+ /**
+ * 对list数据源将其里面的数据导入到excel表单
+ *
+ * @param sheetName 工作表的名称
+ * @return 结果
+ */
+ public void importTemplateExcel(HttpServletResponse response, String sheetName)
+ {
+ importTemplateExcel(response, sheetName, StringUtils.EMPTY);
+ }
+
+ /**
+ * 对list数据源将其里面的数据导入到excel表单
+ *
+ * @param sheetName 工作表的名称
+ * @param title 标题
+ * @return 结果
+ */
+ public void importTemplateExcel(HttpServletResponse response, String sheetName, String title)
+ {
+ response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
+ response.setCharacterEncoding("utf-8");
+ this.init(null, sheetName, title, Type.IMPORT);
+ exportExcel(response);
+ }
+
+ /**
+ * 对list数据源将其里面的数据导入到excel表单
+ *
+ * @return 结果
+ */
+ public void exportExcel(HttpServletResponse response)
+ {
+ try
+ {
+ writeSheet();
+ wb.write(response.getOutputStream());
+ }
+ catch (Exception e)
+ {
+ log.error("导出Excel异常{}", e.getMessage());
+ }
+ finally
+ {
+ IOUtils.closeQuietly(wb);
+ }
+ }
+
+ /**
+ * 创建写入数据到Sheet
+ */
+ public void writeSheet()
+ {
+ // 取出一共有多少个sheet.
+ int sheetNo = Math.max(1, (int) Math.ceil(list.size() * 1.0 / sheetSize));
+ for (int index = 0; index < sheetNo; index++)
+ {
+ createSheet(sheetNo, index);
+
+ // 产生一行
+ Row row = sheet.createRow(rownum);
+ int column = 0;
+ // 写入各个字段的列头名称
+ for (Object[] os : fields)
+ {
+ Field field = (Field) os[0];
+ Excel excel = (Excel) os[1];
+ if (Collection.class.isAssignableFrom(field.getType()))
+ {
+ for (Field subField : subFields)
+ {
+ Excel subExcel = subField.getAnnotation(Excel.class);
+ this.createHeadCell(subExcel, row, column++);
+ }
+ }
+ else
+ {
+ this.createHeadCell(excel, row, column++);
+ }
+ }
+ if (Type.EXPORT.equals(type))
+ {
+ fillExcelData(index, row);
+ addStatisticsRow();
+ }
+ }
+ }
+
+ /**
+ * 填充excel数据
+ *
+ * @param index 序号
+ * @param row 单元格行
+ */
+ @SuppressWarnings("unchecked")
+ public void fillExcelData(int index, Row row)
+ {
+ int startNo = index * sheetSize;
+ int endNo = Math.min(startNo + sheetSize, list.size());
+ int rowNo = (1 + rownum) - startNo;
+ for (int i = startNo; i < endNo; i++)
+ {
+ rowNo = isSubList() ? (i > 1 ? rowNo + 1 : rowNo + i) : i + 1 + rownum - startNo;
+ row = sheet.createRow(rowNo);
+ // 得到导出对象.
+ T vo = (T) list.get(i);
+ Collection subList = null;
+ if (isSubList())
+ {
+ if (isSubListValue(vo))
+ {
+ subList = getListCellValue(vo);
+ subMergedLastRowNum = subMergedLastRowNum + subList.size();
+ }
+ else
+ {
+ subMergedFirstRowNum++;
+ subMergedLastRowNum++;
+ }
+ }
+ int column = 0;
+ for (Object[] os : fields)
+ {
+ Field field = (Field) os[0];
+ Excel excel = (Excel) os[1];
+ if (Collection.class.isAssignableFrom(field.getType()) && StringUtils.isNotNull(subList))
+ {
+ boolean subFirst = false;
+ for (Object obj : subList)
+ {
+ if (subFirst)
+ {
+ rowNo++;
+ row = sheet.createRow(rowNo);
+ }
+ List subFields = FieldUtils.getFieldsListWithAnnotation(obj.getClass(), Excel.class);
+ int subIndex = 0;
+ for (Field subField : subFields)
+ {
+ if (subField.isAnnotationPresent(Excel.class))
+ {
+ subField.setAccessible(true);
+ Excel attr = subField.getAnnotation(Excel.class);
+ this.addCell(attr, row, (T) obj, subField, column + subIndex);
+ }
+ subIndex++;
+ }
+ subFirst = true;
+ }
+ this.subMergedFirstRowNum = this.subMergedFirstRowNum + subList.size();
+ }
+ else
+ {
+ this.addCell(excel, row, vo, field, column++);
+ }
+ }
+ }
+ }
+
+ /**
+ * 创建表格样式
+ *
+ * @param wb 工作薄对象
+ * @return 样式列表
+ */
+ private Map createStyles(Workbook wb)
+ {
+ // 写入各条记录,每条记录对应excel表中的一行
+ Map styles = new HashMap();
+ CellStyle style = wb.createCellStyle();
+ style.setAlignment(HorizontalAlignment.CENTER);
+ style.setVerticalAlignment(VerticalAlignment.CENTER);
+ Font titleFont = wb.createFont();
+ titleFont.setFontName("Arial");
+ titleFont.setFontHeightInPoints((short) 16);
+ titleFont.setBold(true);
+ style.setFont(titleFont);
+ styles.put("title", style);
+
+ style = wb.createCellStyle();
+ style.setAlignment(HorizontalAlignment.CENTER);
+ style.setVerticalAlignment(VerticalAlignment.CENTER);
+ style.setBorderRight(BorderStyle.THIN);
+ style.setRightBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setBorderLeft(BorderStyle.THIN);
+ style.setLeftBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setBorderTop(BorderStyle.THIN);
+ style.setTopBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setBorderBottom(BorderStyle.THIN);
+ style.setBottomBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ Font dataFont = wb.createFont();
+ dataFont.setFontName("Arial");
+ dataFont.setFontHeightInPoints((short) 10);
+ style.setFont(dataFont);
+ styles.put("data", style);
+
+ style = wb.createCellStyle();
+ style.setAlignment(HorizontalAlignment.CENTER);
+ style.setVerticalAlignment(VerticalAlignment.CENTER);
+ Font totalFont = wb.createFont();
+ totalFont.setFontName("Arial");
+ totalFont.setFontHeightInPoints((short) 10);
+ style.setFont(totalFont);
+ styles.put("total", style);
+
+ styles.putAll(annotationHeaderStyles(wb, styles));
+
+ styles.putAll(annotationDataStyles(wb));
+
+ return styles;
+ }
+
+ /**
+ * 根据Excel注解创建表格头样式
+ *
+ * @param wb 工作薄对象
+ * @return 自定义样式列表
+ */
+ private Map annotationHeaderStyles(Workbook wb, Map styles)
+ {
+ Map headerStyles = new HashMap();
+ for (Object[] os : fields)
+ {
+ Excel excel = (Excel) os[1];
+ String key = StringUtils.format("header_{}_{}", excel.headerColor(), excel.headerBackgroundColor());
+ if (!headerStyles.containsKey(key))
+ {
+ CellStyle style = wb.createCellStyle();
+ style.cloneStyleFrom(styles.get("data"));
+ style.setAlignment(HorizontalAlignment.CENTER);
+ style.setVerticalAlignment(VerticalAlignment.CENTER);
+ style.setFillForegroundColor(excel.headerBackgroundColor().index);
+ style.setFillPattern(FillPatternType.SOLID_FOREGROUND);
+ Font headerFont = wb.createFont();
+ headerFont.setFontName("Arial");
+ headerFont.setFontHeightInPoints((short) 10);
+ headerFont.setBold(true);
+ headerFont.setColor(excel.headerColor().index);
+ style.setFont(headerFont);
+ headerStyles.put(key, style);
+ }
+ }
+ return headerStyles;
+ }
+
+ /**
+ * 根据Excel注解创建表格列样式
+ *
+ * @param wb 工作薄对象
+ * @return 自定义样式列表
+ */
+ private Map annotationDataStyles(Workbook wb)
+ {
+ Map styles = new HashMap();
+ for (Object[] os : fields)
+ {
+ Excel excel = (Excel) os[1];
+ String key = StringUtils.format("data_{}_{}_{}", excel.align(), excel.color(), excel.backgroundColor());
+ if (!styles.containsKey(key))
+ {
+ CellStyle style = wb.createCellStyle();
+ style.setAlignment(excel.align());
+ style.setVerticalAlignment(VerticalAlignment.CENTER);
+ style.setBorderRight(BorderStyle.THIN);
+ style.setRightBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setBorderLeft(BorderStyle.THIN);
+ style.setLeftBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setBorderTop(BorderStyle.THIN);
+ style.setTopBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setBorderBottom(BorderStyle.THIN);
+ style.setBottomBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setFillPattern(FillPatternType.SOLID_FOREGROUND);
+ style.setFillForegroundColor(excel.backgroundColor().getIndex());
+ Font dataFont = wb.createFont();
+ dataFont.setFontName("Arial");
+ dataFont.setFontHeightInPoints((short) 10);
+ dataFont.setColor(excel.color().index);
+ style.setFont(dataFont);
+ styles.put(key, style);
+ }
+ }
+ return styles;
+ }
+
+ /**
+ * 创建单元格
+ */
+ public Cell createHeadCell(Excel attr, Row row, int column)
+ {
+ // 创建列
+ Cell cell = row.createCell(column);
+ // 写入列信息
+ cell.setCellValue(attr.name());
+ setDataValidation(attr, row, column);
+ cell.setCellStyle(styles.get(StringUtils.format("header_{}_{}", attr.headerColor(), attr.headerBackgroundColor())));
+ if (isSubList())
+ {
+ // 填充默认样式,防止合并单元格样式失效
+ sheet.setDefaultColumnStyle(column, styles.get(StringUtils.format("data_{}_{}_{}", attr.align(), attr.color(), attr.backgroundColor())));
+ if (attr.needMerge())
+ {
+ sheet.addMergedRegion(new CellRangeAddress(rownum - 1, rownum, column, column));
+ }
+ }
+ return cell;
+ }
+
+ /**
+ * 设置单元格信息
+ *
+ * @param value 单元格值
+ * @param attr 注解相关
+ * @param cell 单元格信息
+ */
+ public void setCellVo(Object value, Excel attr, Cell cell)
+ {
+ if (ColumnType.STRING == attr.cellType())
+ {
+ String cellValue = Convert.toStr(value);
+ // 对于任何以表达式触发字符 =-+@开头的单元格,直接使用tab字符作为前缀,防止CSV注入。
+ if (StringUtils.startsWithAny(cellValue, FORMULA_STR))
+ {
+ cellValue = RegExUtils.replaceFirst(cellValue, FORMULA_REGEX_STR, "\t$0");
+ }
+ if (value instanceof Collection && StringUtils.equals("[]", cellValue))
+ {
+ cellValue = StringUtils.EMPTY;
+ }
+ cell.setCellValue(StringUtils.isNull(cellValue) ? attr.defaultValue() : cellValue + attr.suffix());
+ }
+ else if (ColumnType.NUMERIC == attr.cellType())
+ {
+ if (StringUtils.isNotNull(value))
+ {
+ cell.setCellValue(StringUtils.contains(Convert.toStr(value), ".") ? Convert.toDouble(value) : Convert.toInt(value));
+ }
+ }
+ else if (ColumnType.IMAGE == attr.cellType())
+ {
+ ClientAnchor anchor = new XSSFClientAnchor(0, 0, 0, 0, (short) cell.getColumnIndex(), cell.getRow().getRowNum(), (short) (cell.getColumnIndex() + 1), cell.getRow().getRowNum() + 1);
+ String imagePath = Convert.toStr(value);
+ if (StringUtils.isNotEmpty(imagePath))
+ {
+ byte[] data = ImageUtils.getImage(imagePath);
+ getDrawingPatriarch(cell.getSheet()).createPicture(anchor,
+ cell.getSheet().getWorkbook().addPicture(data, getImageType(data)));
+ }
+ }
+ }
+
+ /**
+ * 获取画布
+ */
+ public static Drawing getDrawingPatriarch(Sheet sheet)
+ {
+ if (sheet.getDrawingPatriarch() == null)
+ {
+ sheet.createDrawingPatriarch();
+ }
+ return sheet.getDrawingPatriarch();
+ }
+
+ /**
+ * 获取图片类型,设置图片插入类型
+ */
+ public int getImageType(byte[] value)
+ {
+ String type = FileTypeUtils.getFileExtendName(value);
+ if ("JPG".equalsIgnoreCase(type))
+ {
+ return Workbook.PICTURE_TYPE_JPEG;
+ }
+ else if ("PNG".equalsIgnoreCase(type))
+ {
+ return Workbook.PICTURE_TYPE_PNG;
+ }
+ return Workbook.PICTURE_TYPE_JPEG;
+ }
+
+ /**
+ * 创建表格样式
+ */
+ public void setDataValidation(Excel attr, Row row, int column)
+ {
+ if (attr.name().indexOf("注:") >= 0)
+ {
+ sheet.setColumnWidth(column, 6000);
+ }
+ else
+ {
+ // 设置列宽
+ sheet.setColumnWidth(column, (int) ((attr.width() + 0.72) * 256));
+ }
+ if (StringUtils.isNotEmpty(attr.prompt()) || attr.combo().length > 0)
+ {
+ if (attr.combo().length > 15 || StringUtils.join(attr.combo()).length() > 255)
+ {
+ // 如果下拉数大于15或字符串长度大于255,则使用一个新sheet存储,避免生成的模板下拉值获取不到
+ setXSSFValidationWithHidden(sheet, attr.combo(), attr.prompt(), 1, 100, column, column);
+ }
+ else
+ {
+ // 提示信息或只能选择不能输入的列内容.
+ setPromptOrValidation(sheet, attr.combo(), attr.prompt(), 1, 100, column, column);
+ }
+ }
+ }
+
+ /**
+ * 添加单元格
+ */
+ public Cell addCell(Excel attr, Row row, T vo, Field field, int column)
+ {
+ Cell cell = null;
+ try
+ {
+ // 设置行高
+ row.setHeight(maxHeight);
+ // 根据Excel中设置情况决定是否导出,有些情况需要保持为空,希望用户填写这一列.
+ if (attr.isExport())
+ {
+ // 创建cell
+ cell = row.createCell(column);
+ if (isSubListValue(vo) && getListCellValue(vo).size() > 1 && attr.needMerge())
+ {
+ CellRangeAddress cellAddress = new CellRangeAddress(subMergedFirstRowNum, subMergedLastRowNum, column, column);
+ sheet.addMergedRegion(cellAddress);
+ }
+ cell.setCellStyle(styles.get(StringUtils.format("data_{}_{}_{}", attr.align(), attr.color(), attr.backgroundColor())));
+
+ // 用于读取对象中的属性
+ Object value = getTargetValue(vo, field, attr);
+ String dateFormat = attr.dateFormat();
+ String readConverterExp = attr.readConverterExp();
+ String separator = attr.separator();
+ if (StringUtils.isNotEmpty(dateFormat) && StringUtils.isNotNull(value))
+ {
+ cell.setCellValue(parseDateToStr(dateFormat, value));
+ }
+ else if (StringUtils.isNotEmpty(readConverterExp) && StringUtils.isNotNull(value))
+ {
+ cell.setCellValue(convertByExp(Convert.toStr(value), readConverterExp, separator));
+ }
+ else if (value instanceof BigDecimal && -1 != attr.scale())
+ {
+ cell.setCellValue((((BigDecimal) value).setScale(attr.scale(), attr.roundingMode())).doubleValue());
+ }
+ else if (!attr.handler().equals(ExcelHandlerAdapter.class))
+ {
+ cell.setCellValue(dataFormatHandlerAdapter(value, attr, cell));
+ }
+ else
+ {
+ // 设置列类型
+ setCellVo(value, attr, cell);
+ }
+ addStatisticsData(column, Convert.toStr(value), attr);
+ }
+ }
+ catch (Exception e)
+ {
+ log.error("导出Excel失败{}", e);
+ }
+ return cell;
+ }
+
+ /**
+ * 设置 POI XSSFSheet 单元格提示或选择框
+ *
+ * @param sheet 表单
+ * @param textlist 下拉框显示的内容
+ * @param promptContent 提示内容
+ * @param firstRow 开始行
+ * @param endRow 结束行
+ * @param firstCol 开始列
+ * @param endCol 结束列
+ */
+ public void setPromptOrValidation(Sheet sheet, String[] textlist, String promptContent, int firstRow, int endRow,
+ int firstCol, int endCol)
+ {
+ DataValidationHelper helper = sheet.getDataValidationHelper();
+ DataValidationConstraint constraint = textlist.length > 0 ? helper.createExplicitListConstraint(textlist) : helper.createCustomConstraint("DD1");
+ CellRangeAddressList regions = new CellRangeAddressList(firstRow, endRow, firstCol, endCol);
+ DataValidation dataValidation = helper.createValidation(constraint, regions);
+ if (StringUtils.isNotEmpty(promptContent))
+ {
+ // 如果设置了提示信息则鼠标放上去提示
+ dataValidation.createPromptBox("", promptContent);
+ dataValidation.setShowPromptBox(true);
+ }
+ // 处理Excel兼容性问题
+ if (dataValidation instanceof XSSFDataValidation)
+ {
+ dataValidation.setSuppressDropDownArrow(true);
+ dataValidation.setShowErrorBox(true);
+ }
+ else
+ {
+ dataValidation.setSuppressDropDownArrow(false);
+ }
+ sheet.addValidationData(dataValidation);
+ }
+
+ /**
+ * 设置某些列的值只能输入预制的数据,显示下拉框(兼容超出一定数量的下拉框).
+ *
+ * @param sheet 要设置的sheet.
+ * @param textlist 下拉框显示的内容
+ * @param promptContent 提示内容
+ * @param firstRow 开始行
+ * @param endRow 结束行
+ * @param firstCol 开始列
+ * @param endCol 结束列
+ */
+ public void setXSSFValidationWithHidden(Sheet sheet, String[] textlist, String promptContent, int firstRow, int endRow, int firstCol, int endCol)
+ {
+ String hideSheetName = "combo_" + firstCol + "_" + endCol;
+ Sheet hideSheet = wb.createSheet(hideSheetName); // 用于存储 下拉菜单数据
+ for (int i = 0; i < textlist.length; i++)
+ {
+ hideSheet.createRow(i).createCell(0).setCellValue(textlist[i]);
+ }
+ // 创建名称,可被其他单元格引用
+ Name name = wb.createName();
+ name.setNameName(hideSheetName + "_data");
+ name.setRefersToFormula(hideSheetName + "!$A$1:$A$" + textlist.length);
+ DataValidationHelper helper = sheet.getDataValidationHelper();
+ // 加载下拉列表内容
+ DataValidationConstraint constraint = helper.createFormulaListConstraint(hideSheetName + "_data");
+ // 设置数据有效性加载在哪个单元格上,四个参数分别是:起始行、终止行、起始列、终止列
+ CellRangeAddressList regions = new CellRangeAddressList(firstRow, endRow, firstCol, endCol);
+ // 数据有效性对象
+ DataValidation dataValidation = helper.createValidation(constraint, regions);
+ if (StringUtils.isNotEmpty(promptContent))
+ {
+ // 如果设置了提示信息则鼠标放上去提示
+ dataValidation.createPromptBox("", promptContent);
+ dataValidation.setShowPromptBox(true);
+ }
+ // 处理Excel兼容性问题
+ if (dataValidation instanceof XSSFDataValidation)
+ {
+ dataValidation.setSuppressDropDownArrow(true);
+ dataValidation.setShowErrorBox(true);
+ }
+ else
+ {
+ dataValidation.setSuppressDropDownArrow(false);
+ }
+
+ sheet.addValidationData(dataValidation);
+ // 设置hiddenSheet隐藏
+ wb.setSheetHidden(wb.getSheetIndex(hideSheet), true);
+ }
+
+ /**
+ * 解析导出值 0=男,1=女,2=未知
+ *
+ * @param propertyValue 参数值
+ * @param converterExp 翻译注解
+ * @param separator 分隔符
+ * @return 解析后值
+ */
+ public static String convertByExp(String propertyValue, String converterExp, String separator)
+ {
+ StringBuilder propertyString = new StringBuilder();
+ String[] convertSource = converterExp.split(",");
+ for (String item : convertSource)
+ {
+ String[] itemArray = item.split("=");
+ if (StringUtils.containsAny(propertyValue, separator))
+ {
+ for (String value : propertyValue.split(separator))
+ {
+ if (itemArray[0].equals(value))
+ {
+ propertyString.append(itemArray[1] + separator);
+ break;
+ }
+ }
+ }
+ else
+ {
+ if (itemArray[0].equals(propertyValue))
+ {
+ return itemArray[1];
+ }
+ }
+ }
+ return StringUtils.stripEnd(propertyString.toString(), separator);
+ }
+
+ /**
+ * 反向解析值 男=0,女=1,未知=2
+ *
+ * @param propertyValue 参数值
+ * @param converterExp 翻译注解
+ * @param separator 分隔符
+ * @return 解析后值
+ */
+ public static String reverseByExp(String propertyValue, String converterExp, String separator)
+ {
+ StringBuilder propertyString = new StringBuilder();
+ String[] convertSource = converterExp.split(",");
+ for (String item : convertSource)
+ {
+ String[] itemArray = item.split("=");
+ if (StringUtils.containsAny(propertyValue, separator))
+ {
+ for (String value : propertyValue.split(separator))
+ {
+ if (itemArray[1].equals(value))
+ {
+ propertyString.append(itemArray[0] + separator);
+ break;
+ }
+ }
+ }
+ else
+ {
+ if (itemArray[1].equals(propertyValue))
+ {
+ return itemArray[0];
+ }
+ }
+ }
+ return StringUtils.stripEnd(propertyString.toString(), separator);
+ }
+
+ /**
+ * 数据处理器
+ *
+ * @param value 数据值
+ * @param excel 数据注解
+ * @return
+ */
+ public String dataFormatHandlerAdapter(Object value, Excel excel, Cell cell)
+ {
+ try
+ {
+ Object instance = excel.handler().newInstance();
+ Method formatMethod = excel.handler().getMethod("format", new Class[] { Object.class, String[].class, Cell.class, Workbook.class });
+ value = formatMethod.invoke(instance, value, excel.args(), cell, this.wb);
+ }
+ catch (Exception e)
+ {
+ log.error("不能格式化数据 " + excel.handler(), e.getMessage());
+ }
+ return Convert.toStr(value);
+ }
+
+ /**
+ * 合计统计信息
+ */
+ private void addStatisticsData(Integer index, String text, Excel entity)
+ {
+ if (entity != null && entity.isStatistics())
+ {
+ Double temp = 0D;
+ if (!statistics.containsKey(index))
+ {
+ statistics.put(index, temp);
+ }
+ try
+ {
+ temp = Double.valueOf(text);
+ }
+ catch (NumberFormatException e)
+ {
+ }
+ statistics.put(index, statistics.get(index) + temp);
+ }
+ }
+
+ /**
+ * 创建统计行
+ */
+ public void addStatisticsRow()
+ {
+ if (statistics.size() > 0)
+ {
+ Row row = sheet.createRow(sheet.getLastRowNum() + 1);
+ Set keys = statistics.keySet();
+ Cell cell = row.createCell(0);
+ cell.setCellStyle(styles.get("total"));
+ cell.setCellValue("合计");
+
+ for (Integer key : keys)
+ {
+ cell = row.createCell(key);
+ cell.setCellStyle(styles.get("total"));
+ cell.setCellValue(DOUBLE_FORMAT.format(statistics.get(key)));
+ }
+ statistics.clear();
+ }
+ }
+
+ /**
+ * 获取bean中的属性值
+ *
+ * @param vo 实体对象
+ * @param field 字段
+ * @param excel 注解
+ * @return 最终的属性值
+ * @throws Exception
+ */
+ private Object getTargetValue(T vo, Field field, Excel excel) throws Exception
+ {
+ Object o = field.get(vo);
+ if (StringUtils.isNotEmpty(excel.targetAttr()))
+ {
+ String target = excel.targetAttr();
+ if (target.contains("."))
+ {
+ String[] targets = target.split("[.]");
+ for (String name : targets)
+ {
+ o = getValue(o, name);
+ }
+ }
+ else
+ {
+ o = getValue(o, target);
+ }
+ }
+ return o;
+ }
+
+ /**
+ * 以类的属性的get方法方法形式获取值
+ *
+ * @param o
+ * @param name
+ * @return value
+ * @throws Exception
+ */
+ private Object getValue(Object o, String name) throws Exception
+ {
+ if (StringUtils.isNotNull(o) && StringUtils.isNotEmpty(name))
+ {
+ Class clazz = o.getClass();
+ Field field = clazz.getDeclaredField(name);
+ field.setAccessible(true);
+ o = field.get(o);
+ }
+ return o;
+ }
+
+ /**
+ * 得到所有定义字段
+ */
+ private void createExcelField()
+ {
+ this.fields = getFields();
+ this.fields = this.fields.stream().sorted(Comparator.comparing(objects -> ((Excel) objects[1]).sort())).collect(Collectors.toList());
+ this.maxHeight = getRowHeight();
+ }
+
+ /**
+ * 获取字段注解信息
+ */
+ public List getFields()
+ {
+ List fields = new ArrayList();
+ List tempFields = new ArrayList<>();
+ tempFields.addAll(Arrays.asList(clazz.getSuperclass().getDeclaredFields()));
+ tempFields.addAll(Arrays.asList(clazz.getDeclaredFields()));
+ for (Field field : tempFields)
+ {
+ if (!ArrayUtils.contains(this.excludeFields, field.getName()))
+ {
+ // 单注解
+ if (field.isAnnotationPresent(Excel.class))
+ {
+ Excel attr = field.getAnnotation(Excel.class);
+ if (attr != null && (attr.type() == Type.ALL || attr.type() == type))
+ {
+ field.setAccessible(true);
+ fields.add(new Object[] { field, attr });
+ }
+ if (Collection.class.isAssignableFrom(field.getType()))
+ {
+ subMethod = getSubMethod(field.getName(), clazz);
+ ParameterizedType pt = (ParameterizedType) field.getGenericType();
+ Class subClass = (Class) pt.getActualTypeArguments()[0];
+ this.subFields = FieldUtils.getFieldsListWithAnnotation(subClass, Excel.class);
+ }
+ }
+
+ // 多注解
+ if (field.isAnnotationPresent(Excels.class))
+ {
+ Excels attrs = field.getAnnotation(Excels.class);
+ Excel[] excels = attrs.value();
+ for (Excel attr : excels)
+ {
+ if (!ArrayUtils.contains(this.excludeFields, field.getName() + "." + attr.targetAttr())
+ && (attr != null && (attr.type() == Type.ALL || attr.type() == type)))
+ {
+ field.setAccessible(true);
+ fields.add(new Object[] { field, attr });
+ }
+ }
+ }
+ }
+ }
+ return fields;
+ }
+
+ /**
+ * 根据注解获取最大行高
+ */
+ public short getRowHeight()
+ {
+ double maxHeight = 0;
+ for (Object[] os : this.fields)
+ {
+ Excel excel = (Excel) os[1];
+ maxHeight = Math.max(maxHeight, excel.height());
+ }
+ return (short) (maxHeight * 20);
+ }
+
+ /**
+ * 创建一个工作簿
+ */
+ public void createWorkbook()
+ {
+ this.wb = new SXSSFWorkbook(500);
+ this.sheet = wb.createSheet();
+ wb.setSheetName(0, sheetName);
+ this.styles = createStyles(wb);
+ }
+
+ /**
+ * 创建工作表
+ *
+ * @param sheetNo sheet数量
+ * @param index 序号
+ */
+ public void createSheet(int sheetNo, int index)
+ {
+ // 设置工作表的名称.
+ if (sheetNo > 1 && index > 0)
+ {
+ this.sheet = wb.createSheet();
+ this.createTitle();
+ wb.setSheetName(index, sheetName + index);
+ }
+ }
+
+ /**
+ * 获取单元格值
+ *
+ * @param row 获取的行
+ * @param column 获取单元格列号
+ * @return 单元格值
+ */
+ public Object getCellValue(Row row, int column)
+ {
+ if (row == null)
+ {
+ return row;
+ }
+ Object val = "";
+ try
+ {
+ Cell cell = row.getCell(column);
+ if (StringUtils.isNotNull(cell))
+ {
+ if (cell.getCellType() == CellType.NUMERIC || cell.getCellType() == CellType.FORMULA)
+ {
+ val = cell.getNumericCellValue();
+ if (DateUtil.isCellDateFormatted(cell))
+ {
+ val = DateUtil.getJavaDate((Double) val); // POI Excel 日期格式转换
+ }
+ else
+ {
+ if ((Double) val % 1 != 0)
+ {
+ val = new BigDecimal(val.toString());
+ }
+ else
+ {
+ val = new DecimalFormat("0").format(val);
+ }
+ }
+ }
+ else if (cell.getCellType() == CellType.STRING)
+ {
+ val = cell.getStringCellValue();
+ }
+ else if (cell.getCellType() == CellType.BOOLEAN)
+ {
+ val = cell.getBooleanCellValue();
+ }
+ else if (cell.getCellType() == CellType.ERROR)
+ {
+ val = cell.getErrorCellValue();
+ }
+
+ }
+ }
+ catch (Exception e)
+ {
+ return val;
+ }
+ return val;
+ }
+
+ /**
+ * 判断是否是空行
+ *
+ * @param row 判断的行
+ * @return
+ */
+ private boolean isRowEmpty(Row row)
+ {
+ if (row == null)
+ {
+ return true;
+ }
+ for (int i = row.getFirstCellNum(); i < row.getLastCellNum(); i++)
+ {
+ Cell cell = row.getCell(i);
+ if (cell != null && cell.getCellType() != CellType.BLANK)
+ {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ /**
+ * 格式化不同类型的日期对象
+ *
+ * @param dateFormat 日期格式
+ * @param val 被格式化的日期对象
+ * @return 格式化后的日期字符
+ */
+ public String parseDateToStr(String dateFormat, Object val)
+ {
+ if (val == null)
+ {
+ return "";
+ }
+ String str;
+ if (val instanceof Date)
+ {
+ str = DateUtils.parseDateToStr(dateFormat, (Date) val);
+ }
+ else if (val instanceof LocalDateTime)
+ {
+ str = DateUtils.parseDateToStr(dateFormat, DateUtils.toDate((LocalDateTime) val));
+ }
+ else if (val instanceof LocalDate)
+ {
+ str = DateUtils.parseDateToStr(dateFormat, DateUtils.toDate((LocalDate) val));
+ }
+ else
+ {
+ str = val.toString();
+ }
+ return str;
+ }
+
+ /**
+ * 是否有对象的子列表
+ */
+ public boolean isSubList()
+ {
+ return StringUtils.isNotNull(subFields) && subFields.size() > 0;
+ }
+
+ /**
+ * 是否有对象的子列表,集合不为空
+ */
+ public boolean isSubListValue(T vo)
+ {
+ return StringUtils.isNotNull(subFields) && subFields.size() > 0 && StringUtils.isNotNull(getListCellValue(vo)) && getListCellValue(vo).size() > 0;
+ }
+
+ /**
+ * 获取集合的值
+ */
+ public Collection getListCellValue(Object obj)
+ {
+ Object value;
+ try
+ {
+ value = subMethod.invoke(obj, new Object[] {});
+ }
+ catch (Exception e)
+ {
+ return new ArrayList();
+ }
+ return (Collection) value;
+ }
+
+ /**
+ * 获取对象的子列表方法
+ *
+ * @param name 名称
+ * @param pojoClass 类对象
+ * @return 子列表方法
+ */
+ public Method getSubMethod(String name, Class pojoClass)
+ {
+ StringBuffer getMethodName = new StringBuffer("get");
+ getMethodName.append(name.substring(0, 1).toUpperCase());
+ getMethodName.append(name.substring(1));
+ Method method = null;
+ try
+ {
+ method = pojoClass.getMethod(getMethodName.toString(), new Class[] {});
+ }
+ catch (Exception e)
+ {
+ log.error("获取对象异常{}", e.getMessage());
+ }
+ return method;
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/reflect/ReflectUtils.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/reflect/ReflectUtils.java
new file mode 100644
index 0000000..c971b3e
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/reflect/ReflectUtils.java
@@ -0,0 +1,410 @@
+package com.bwie.common.core.utils.reflect;
+
+import java.lang.reflect.Field;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.lang.reflect.Modifier;
+import java.lang.reflect.ParameterizedType;
+import java.lang.reflect.Type;
+import java.util.Date;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.Validate;
+import org.apache.poi.ss.usermodel.DateUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import com.bwie.common.core.text.Convert;
+import com.bwie.common.core.utils.DateUtils;
+
+/**
+ * 反射工具类. 提供调用getter/setter方法, 访问私有变量, 调用私有方法, 获取泛型类型Class, 被AOP过的真实类等工具函数.
+ *
+ * @author bwie
+ */
+@SuppressWarnings("rawtypes")
+public class ReflectUtils
+{
+ private static final String SETTER_PREFIX = "set";
+
+ private static final String GETTER_PREFIX = "get";
+
+ private static final String CGLIB_CLASS_SEPARATOR = "$$";
+
+ private static Logger logger = LoggerFactory.getLogger(ReflectUtils.class);
+
+ /**
+ * 调用Getter方法.
+ * 支持多级,如:对象名.对象名.方法
+ */
+ @SuppressWarnings("unchecked")
+ public static E invokeGetter(Object obj, String propertyName)
+ {
+ Object object = obj;
+ for (String name : StringUtils.split(propertyName, "."))
+ {
+ String getterMethodName = GETTER_PREFIX + StringUtils.capitalize(name);
+ object = invokeMethod(object, getterMethodName, new Class[] {}, new Object[] {});
+ }
+ return (E) object;
+ }
+
+ /**
+ * 调用Setter方法, 仅匹配方法名。
+ * 支持多级,如:对象名.对象名.方法
+ */
+ public static void invokeSetter(Object obj, String propertyName, E value)
+ {
+ Object object = obj;
+ String[] names = StringUtils.split(propertyName, ".");
+ for (int i = 0; i < names.length; i++)
+ {
+ if (i < names.length - 1)
+ {
+ String getterMethodName = GETTER_PREFIX + StringUtils.capitalize(names[i]);
+ object = invokeMethod(object, getterMethodName, new Class[] {}, new Object[] {});
+ }
+ else
+ {
+ String setterMethodName = SETTER_PREFIX + StringUtils.capitalize(names[i]);
+ invokeMethodByName(object, setterMethodName, new Object[] { value });
+ }
+ }
+ }
+
+ /**
+ * 直接读取对象属性值, 无视private/protected修饰符, 不经过getter函数.
+ */
+ @SuppressWarnings("unchecked")
+ public static E getFieldValue(final Object obj, final String fieldName)
+ {
+ Field field = getAccessibleField(obj, fieldName);
+ if (field == null)
+ {
+ logger.debug("在 [" + obj.getClass() + "] 中,没有找到 [" + fieldName + "] 字段 ");
+ return null;
+ }
+ E result = null;
+ try
+ {
+ result = (E) field.get(obj);
+ }
+ catch (IllegalAccessException e)
+ {
+ logger.error("不可能抛出的异常{}", e.getMessage());
+ }
+ return result;
+ }
+
+ /**
+ * 直接设置对象属性值, 无视private/protected修饰符, 不经过setter函数.
+ */
+ public static void setFieldValue(final Object obj, final String fieldName, final E value)
+ {
+ Field field = getAccessibleField(obj, fieldName);
+ if (field == null)
+ {
+ // throw new IllegalArgumentException("在 [" + obj.getClass() + "] 中,没有找到 [" + fieldName + "] 字段 ");
+ logger.debug("在 [" + obj.getClass() + "] 中,没有找到 [" + fieldName + "] 字段 ");
+ return;
+ }
+ try
+ {
+ field.set(obj, value);
+ }
+ catch (IllegalAccessException e)
+ {
+ logger.error("不可能抛出的异常: {}", e.getMessage());
+ }
+ }
+
+ /**
+ * 直接调用对象方法, 无视private/protected修饰符.
+ * 用于一次性调用的情况,否则应使用getAccessibleMethod()函数获得Method后反复调用.
+ * 同时匹配方法名+参数类型,
+ */
+ @SuppressWarnings("unchecked")
+ public static E invokeMethod(final Object obj, final String methodName, final Class[] parameterTypes,
+ final Object[] args)
+ {
+ if (obj == null || methodName == null)
+ {
+ return null;
+ }
+ Method method = getAccessibleMethod(obj, methodName, parameterTypes);
+ if (method == null)
+ {
+ logger.debug("在 [" + obj.getClass() + "] 中,没有找到 [" + methodName + "] 方法 ");
+ return null;
+ }
+ try
+ {
+ return (E) method.invoke(obj, args);
+ }
+ catch (Exception e)
+ {
+ String msg = "method: " + method + ", obj: " + obj + ", args: " + args + "";
+ throw convertReflectionExceptionToUnchecked(msg, e);
+ }
+ }
+
+ /**
+ * 直接调用对象方法, 无视private/protected修饰符,
+ * 用于一次性调用的情况,否则应使用getAccessibleMethodByName()函数获得Method后反复调用.
+ * 只匹配函数名,如果有多个同名函数调用第一个。
+ */
+ @SuppressWarnings("unchecked")
+ public static E invokeMethodByName(final Object obj, final String methodName, final Object[] args)
+ {
+ Method method = getAccessibleMethodByName(obj, methodName, args.length);
+ if (method == null)
+ {
+ // 如果为空不报错,直接返回空。
+ logger.debug("在 [" + obj.getClass() + "] 中,没有找到 [" + methodName + "] 方法 ");
+ return null;
+ }
+ try
+ {
+ // 类型转换(将参数数据类型转换为目标方法参数类型)
+ Class[] cs = method.getParameterTypes();
+ for (int i = 0; i < cs.length; i++)
+ {
+ if (args[i] != null && !args[i].getClass().equals(cs[i]))
+ {
+ if (cs[i] == String.class)
+ {
+ args[i] = Convert.toStr(args[i]);
+ if (StringUtils.endsWith((String) args[i], ".0"))
+ {
+ args[i] = StringUtils.substringBefore((String) args[i], ".0");
+ }
+ }
+ else if (cs[i] == Integer.class)
+ {
+ args[i] = Convert.toInt(args[i]);
+ }
+ else if (cs[i] == Long.class)
+ {
+ args[i] = Convert.toLong(args[i]);
+ }
+ else if (cs[i] == Double.class)
+ {
+ args[i] = Convert.toDouble(args[i]);
+ }
+ else if (cs[i] == Float.class)
+ {
+ args[i] = Convert.toFloat(args[i]);
+ }
+ else if (cs[i] == Date.class)
+ {
+ if (args[i] instanceof String)
+ {
+ args[i] = DateUtils.parseDate(args[i]);
+ }
+ else
+ {
+ args[i] = DateUtil.getJavaDate((Double) args[i]);
+ }
+ }
+ else if (cs[i] == boolean.class || cs[i] == Boolean.class)
+ {
+ args[i] = Convert.toBool(args[i]);
+ }
+ }
+ }
+ return (E) method.invoke(obj, args);
+ }
+ catch (Exception e)
+ {
+ String msg = "method: " + method + ", obj: " + obj + ", args: " + args + "";
+ throw convertReflectionExceptionToUnchecked(msg, e);
+ }
+ }
+
+ /**
+ * 循环向上转型, 获取对象的DeclaredField, 并强制设置为可访问.
+ * 如向上转型到Object仍无法找到, 返回null.
+ */
+ public static Field getAccessibleField(final Object obj, final String fieldName)
+ {
+ // 为空不报错。直接返回 null
+ if (obj == null)
+ {
+ return null;
+ }
+ Validate.notBlank(fieldName, "fieldName can't be blank");
+ for (Class superClass = obj.getClass(); superClass != Object.class; superClass = superClass.getSuperclass())
+ {
+ try
+ {
+ Field field = superClass.getDeclaredField(fieldName);
+ makeAccessible(field);
+ return field;
+ }
+ catch (NoSuchFieldException e)
+ {
+ continue;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * 循环向上转型, 获取对象的DeclaredMethod,并强制设置为可访问.
+ * 如向上转型到Object仍无法找到, 返回null.
+ * 匹配函数名+参数类型。
+ * 用于方法需要被多次调用的情况. 先使用本函数先取得Method,然后调用Method.invoke(Object obj, Object... args)
+ */
+ public static Method getAccessibleMethod(final Object obj, final String methodName,
+ final Class... parameterTypes)
+ {
+ // 为空不报错。直接返回 null
+ if (obj == null)
+ {
+ return null;
+ }
+ Validate.notBlank(methodName, "methodName can't be blank");
+ for (Class searchType = obj.getClass(); searchType != Object.class; searchType = searchType.getSuperclass())
+ {
+ try
+ {
+ Method method = searchType.getDeclaredMethod(methodName, parameterTypes);
+ makeAccessible(method);
+ return method;
+ }
+ catch (NoSuchMethodException e)
+ {
+ continue;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * 循环向上转型, 获取对象的DeclaredMethod,并强制设置为可访问.
+ * 如向上转型到Object仍无法找到, 返回null.
+ * 只匹配函数名。
+ * 用于方法需要被多次调用的情况. 先使用本函数先取得Method,然后调用Method.invoke(Object obj, Object... args)
+ */
+ public static Method getAccessibleMethodByName(final Object obj, final String methodName, int argsNum)
+ {
+ // 为空不报错。直接返回 null
+ if (obj == null)
+ {
+ return null;
+ }
+ Validate.notBlank(methodName, "methodName can't be blank");
+ for (Class searchType = obj.getClass(); searchType != Object.class; searchType = searchType.getSuperclass())
+ {
+ Method[] methods = searchType.getDeclaredMethods();
+ for (Method method : methods)
+ {
+ if (method.getName().equals(methodName) && method.getParameterTypes().length == argsNum)
+ {
+ makeAccessible(method);
+ return method;
+ }
+ }
+ }
+ return null;
+ }
+
+ /**
+ * 改变private/protected的方法为public,尽量不调用实际改动的语句,避免JDK的SecurityManager抱怨。
+ */
+ public static void makeAccessible(Method method)
+ {
+ if ((!Modifier.isPublic(method.getModifiers()) || !Modifier.isPublic(method.getDeclaringClass().getModifiers()))
+ && !method.isAccessible())
+ {
+ method.setAccessible(true);
+ }
+ }
+
+ /**
+ * 改变private/protected的成员变量为public,尽量不调用实际改动的语句,避免JDK的SecurityManager抱怨。
+ */
+ public static void makeAccessible(Field field)
+ {
+ if ((!Modifier.isPublic(field.getModifiers()) || !Modifier.isPublic(field.getDeclaringClass().getModifiers())
+ || Modifier.isFinal(field.getModifiers())) && !field.isAccessible())
+ {
+ field.setAccessible(true);
+ }
+ }
+
+ /**
+ * 通过反射, 获得Class定义中声明的泛型参数的类型, 注意泛型必须定义在父类处
+ * 如无法找到, 返回Object.class.
+ */
+ @SuppressWarnings("unchecked")
+ public static Class getClassGenricType(final Class clazz)
+ {
+ return getClassGenricType(clazz, 0);
+ }
+
+ /**
+ * 通过反射, 获得Class定义中声明的父类的泛型参数的类型.
+ * 如无法找到, 返回Object.class.
+ */
+ public static Class getClassGenricType(final Class clazz, final int index)
+ {
+ Type genType = clazz.getGenericSuperclass();
+
+ if (!(genType instanceof ParameterizedType))
+ {
+ logger.debug(clazz.getSimpleName() + "'s superclass not ParameterizedType");
+ return Object.class;
+ }
+
+ Type[] params = ((ParameterizedType) genType).getActualTypeArguments();
+
+ if (index >= params.length || index < 0)
+ {
+ logger.debug("Index: " + index + ", Size of " + clazz.getSimpleName() + "'s Parameterized Type: "
+ + params.length);
+ return Object.class;
+ }
+ if (!(params[index] instanceof Class))
+ {
+ logger.debug(clazz.getSimpleName() + " not set the actual class on superclass generic parameter");
+ return Object.class;
+ }
+
+ return (Class) params[index];
+ }
+
+ public static Class getUserClass(Object instance)
+ {
+ if (instance == null)
+ {
+ throw new RuntimeException("Instance must not be null");
+ }
+ Class clazz = instance.getClass();
+ if (clazz != null && clazz.getName().contains(CGLIB_CLASS_SEPARATOR))
+ {
+ Class superClass = clazz.getSuperclass();
+ if (superClass != null && !Object.class.equals(superClass))
+ {
+ return superClass;
+ }
+ }
+ return clazz;
+
+ }
+
+ /**
+ * 将反射时的checked exception转换为unchecked exception.
+ */
+ public static RuntimeException convertReflectionExceptionToUnchecked(String msg, Exception e)
+ {
+ if (e instanceof IllegalAccessException || e instanceof IllegalArgumentException
+ || e instanceof NoSuchMethodException)
+ {
+ return new IllegalArgumentException(msg, e);
+ }
+ else if (e instanceof InvocationTargetException)
+ {
+ return new RuntimeException(msg, ((InvocationTargetException) e).getTargetException());
+ }
+ return new RuntimeException(msg, e);
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/sign/Base64.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/sign/Base64.java
new file mode 100644
index 0000000..d5b6ced
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/sign/Base64.java
@@ -0,0 +1,291 @@
+package com.bwie.common.core.utils.sign;
+
+/**
+ * Base64工具类
+ *
+ * @author bwie
+ */
+public final class Base64
+{
+ static private final int BASELENGTH = 128;
+ static private final int LOOKUPLENGTH = 64;
+ static private final int TWENTYFOURBITGROUP = 24;
+ static private final int EIGHTBIT = 8;
+ static private final int SIXTEENBIT = 16;
+ static private final int FOURBYTE = 4;
+ static private final int SIGN = -128;
+ static private final char PAD = '=';
+ static final private byte[] base64Alphabet = new byte[BASELENGTH];
+ static final private char[] lookUpBase64Alphabet = new char[LOOKUPLENGTH];
+
+ static
+ {
+ for (int i = 0; i < BASELENGTH; ++i)
+ {
+ base64Alphabet[i] = -1;
+ }
+ for (int i = 'Z'; i >= 'A'; i--)
+ {
+ base64Alphabet[i] = (byte) (i - 'A');
+ }
+ for (int i = 'z'; i >= 'a'; i--)
+ {
+ base64Alphabet[i] = (byte) (i - 'a' + 26);
+ }
+
+ for (int i = '9'; i >= '0'; i--)
+ {
+ base64Alphabet[i] = (byte) (i - '0' + 52);
+ }
+
+ base64Alphabet['+'] = 62;
+ base64Alphabet['/'] = 63;
+
+ for (int i = 0; i <= 25; i++)
+ {
+ lookUpBase64Alphabet[i] = (char) ('A' + i);
+ }
+
+ for (int i = 26, j = 0; i <= 51; i++, j++)
+ {
+ lookUpBase64Alphabet[i] = (char) ('a' + j);
+ }
+
+ for (int i = 52, j = 0; i <= 61; i++, j++)
+ {
+ lookUpBase64Alphabet[i] = (char) ('0' + j);
+ }
+ lookUpBase64Alphabet[62] = (char) '+';
+ lookUpBase64Alphabet[63] = (char) '/';
+ }
+
+ private static boolean isWhiteSpace(char octect)
+ {
+ return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9);
+ }
+
+ private static boolean isPad(char octect)
+ {
+ return (octect == PAD);
+ }
+
+ private static boolean isData(char octect)
+ {
+ return (octect < BASELENGTH && base64Alphabet[octect] != -1);
+ }
+
+ /**
+ * Encodes hex octects into Base64
+ *
+ * @param binaryData Array containing binaryData
+ * @return Encoded Base64 array
+ */
+ public static String encode(byte[] binaryData)
+ {
+ if (binaryData == null)
+ {
+ return null;
+ }
+
+ int lengthDataBits = binaryData.length * EIGHTBIT;
+ if (lengthDataBits == 0)
+ {
+ return "";
+ }
+
+ int fewerThan24bits = lengthDataBits % TWENTYFOURBITGROUP;
+ int numberTriplets = lengthDataBits / TWENTYFOURBITGROUP;
+ int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1 : numberTriplets;
+ char encodedData[] = null;
+
+ encodedData = new char[numberQuartet * 4];
+
+ byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0;
+
+ int encodedIndex = 0;
+ int dataIndex = 0;
+
+ for (int i = 0; i < numberTriplets; i++)
+ {
+ b1 = binaryData[dataIndex++];
+ b2 = binaryData[dataIndex++];
+ b3 = binaryData[dataIndex++];
+
+ l = (byte) (b2 & 0x0f);
+ k = (byte) (b1 & 0x03);
+
+ byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
+ byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
+ byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc);
+
+ encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
+ encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
+ encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3];
+ encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f];
+ }
+
+ // form integral number of 6-bit groups
+ if (fewerThan24bits == EIGHTBIT)
+ {
+ b1 = binaryData[dataIndex];
+ k = (byte) (b1 & 0x03);
+ byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
+ encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
+ encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4];
+ encodedData[encodedIndex++] = PAD;
+ encodedData[encodedIndex++] = PAD;
+ }
+ else if (fewerThan24bits == SIXTEENBIT)
+ {
+ b1 = binaryData[dataIndex];
+ b2 = binaryData[dataIndex + 1];
+ l = (byte) (b2 & 0x0f);
+ k = (byte) (b1 & 0x03);
+
+ byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
+ byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
+
+ encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
+ encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
+ encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2];
+ encodedData[encodedIndex++] = PAD;
+ }
+ return new String(encodedData);
+ }
+
+ /**
+ * Decodes Base64 data into octects
+ *
+ * @param encoded string containing Base64 data
+ * @return Array containind decoded data.
+ */
+ public static byte[] decode(String encoded)
+ {
+ if (encoded == null)
+ {
+ return null;
+ }
+
+ char[] base64Data = encoded.toCharArray();
+ // remove white spaces
+ int len = removeWhiteSpace(base64Data);
+
+ if (len % FOURBYTE != 0)
+ {
+ return null;// should be divisible by four
+ }
+
+ int numberQuadruple = (len / FOURBYTE);
+
+ if (numberQuadruple == 0)
+ {
+ return new byte[0];
+ }
+
+ byte decodedData[] = null;
+ byte b1 = 0, b2 = 0, b3 = 0, b4 = 0;
+ char d1 = 0, d2 = 0, d3 = 0, d4 = 0;
+
+ int i = 0;
+ int encodedIndex = 0;
+ int dataIndex = 0;
+ decodedData = new byte[(numberQuadruple) * 3];
+
+ for (; i < numberQuadruple - 1; i++)
+ {
+
+ if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))
+ || !isData((d3 = base64Data[dataIndex++])) || !isData((d4 = base64Data[dataIndex++])))
+ {
+ return null;
+ } // if found "no data" just return null
+
+ b1 = base64Alphabet[d1];
+ b2 = base64Alphabet[d2];
+ b3 = base64Alphabet[d3];
+ b4 = base64Alphabet[d4];
+
+ decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
+ decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
+ decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
+ }
+
+ if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++])))
+ {
+ return null;// if found "no data" just return null
+ }
+
+ b1 = base64Alphabet[d1];
+ b2 = base64Alphabet[d2];
+
+ d3 = base64Data[dataIndex++];
+ d4 = base64Data[dataIndex++];
+ if (!isData((d3)) || !isData((d4)))
+ {// Check if they are PAD characters
+ if (isPad(d3) && isPad(d4))
+ {
+ if ((b2 & 0xf) != 0)// last 4 bits should be zero
+ {
+ return null;
+ }
+ byte[] tmp = new byte[i * 3 + 1];
+ System.arraycopy(decodedData, 0, tmp, 0, i * 3);
+ tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4);
+ return tmp;
+ }
+ else if (!isPad(d3) && isPad(d4))
+ {
+ b3 = base64Alphabet[d3];
+ if ((b3 & 0x3) != 0)// last 2 bits should be zero
+ {
+ return null;
+ }
+ byte[] tmp = new byte[i * 3 + 2];
+ System.arraycopy(decodedData, 0, tmp, 0, i * 3);
+ tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
+ tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
+ return tmp;
+ }
+ else
+ {
+ return null;
+ }
+ }
+ else
+ { // No PAD e.g 3cQl
+ b3 = base64Alphabet[d3];
+ b4 = base64Alphabet[d4];
+ decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
+ decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
+ decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
+
+ }
+ return decodedData;
+ }
+
+ /**
+ * remove WhiteSpace from MIME containing encoded Base64 data.
+ *
+ * @param data the byte array of base64 data (with WS)
+ * @return the new length
+ */
+ private static int removeWhiteSpace(char[] data)
+ {
+ if (data == null)
+ {
+ return 0;
+ }
+
+ // count characters that's not whitespace
+ int newSize = 0;
+ int len = data.length;
+ for (int i = 0; i < len; i++)
+ {
+ if (!isWhiteSpace(data[i]))
+ {
+ data[newSize++] = data[i];
+ }
+ }
+ return newSize;
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/sql/SqlUtil.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/sql/SqlUtil.java
new file mode 100644
index 0000000..d96694a
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/sql/SqlUtil.java
@@ -0,0 +1,70 @@
+package com.bwie.common.core.utils.sql;
+
+import com.bwie.common.core.exception.UtilException;
+import com.bwie.common.core.utils.StringUtils;
+
+/**
+ * sql操作工具类
+ *
+ * @author bwie
+ */
+public class SqlUtil
+{
+ /**
+ * 定义常用的 sql关键字
+ */
+ public static String SQL_REGEX = "and |extractvalue|updatexml|exec |insert |select |delete |update |drop |count |chr |mid |master |truncate |char |declare |or |+|user()";
+
+ /**
+ * 仅支持字母、数字、下划线、空格、逗号、小数点(支持多个字段排序)
+ */
+ public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,\\.]+";
+
+ /**
+ * 限制orderBy最大长度
+ */
+ private static final int ORDER_BY_MAX_LENGTH = 500;
+
+ /**
+ * 检查字符,防止注入绕过
+ */
+ public static String escapeOrderBySql(String value)
+ {
+ if (StringUtils.isNotEmpty(value) && !isValidOrderBySql(value))
+ {
+ throw new UtilException("参数不符合规范,不能进行查询");
+ }
+ if (StringUtils.length(value) > ORDER_BY_MAX_LENGTH)
+ {
+ throw new UtilException("参数已超过最大限制,不能进行查询");
+ }
+ return value;
+ }
+
+ /**
+ * 验证 order by 语法是否符合规范
+ */
+ public static boolean isValidOrderBySql(String value)
+ {
+ return value.matches(SQL_PATTERN);
+ }
+
+ /**
+ * SQL关键字检查
+ */
+ public static void filterKeyword(String value)
+ {
+ if (StringUtils.isEmpty(value))
+ {
+ return;
+ }
+ String[] sqlKeywords = StringUtils.split(SQL_REGEX, "\\|");
+ for (String sqlKeyword : sqlKeywords)
+ {
+ if (StringUtils.indexOfIgnoreCase(value, sqlKeyword) > -1)
+ {
+ throw new UtilException("参数存在SQL注入风险");
+ }
+ }
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/uuid/IdUtils.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/uuid/IdUtils.java
new file mode 100644
index 0000000..e922813
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/uuid/IdUtils.java
@@ -0,0 +1,49 @@
+package com.bwie.common.core.utils.uuid;
+
+/**
+ * ID生成器工具类
+ *
+ * @author bwie
+ */
+public class IdUtils
+{
+ /**
+ * 获取随机UUID
+ *
+ * @return 随机UUID
+ */
+ public static String randomUUID()
+ {
+ return UUID.randomUUID().toString();
+ }
+
+ /**
+ * 简化的UUID,去掉了横线
+ *
+ * @return 简化的UUID,去掉了横线
+ */
+ public static String simpleUUID()
+ {
+ return UUID.randomUUID().toString(true);
+ }
+
+ /**
+ * 获取随机UUID,使用性能更好的ThreadLocalRandom生成UUID
+ *
+ * @return 随机UUID
+ */
+ public static String fastUUID()
+ {
+ return UUID.fastUUID().toString();
+ }
+
+ /**
+ * 简化的UUID,去掉了横线,使用性能更好的ThreadLocalRandom生成UUID
+ *
+ * @return 简化的UUID,去掉了横线
+ */
+ public static String fastSimpleUUID()
+ {
+ return UUID.fastUUID().toString(true);
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/uuid/Seq.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/uuid/Seq.java
new file mode 100644
index 0000000..f5db4af
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/uuid/Seq.java
@@ -0,0 +1,86 @@
+package com.bwie.common.core.utils.uuid;
+
+import java.util.concurrent.atomic.AtomicInteger;
+import com.bwie.common.core.utils.DateUtils;
+import com.bwie.common.core.utils.StringUtils;
+
+/**
+ * @author bwie 序列生成类
+ */
+public class Seq
+{
+ // 通用序列类型
+ public static final String commSeqType = "COMMON";
+
+ // 上传序列类型
+ public static final String uploadSeqType = "UPLOAD";
+
+ // 通用接口序列数
+ private static AtomicInteger commSeq = new AtomicInteger(1);
+
+ // 上传接口序列数
+ private static AtomicInteger uploadSeq = new AtomicInteger(1);
+
+ // 机器标识
+ private static final String machineCode = "A";
+
+ /**
+ * 获取通用序列号
+ *
+ * @return 序列值
+ */
+ public static String getId()
+ {
+ return getId(commSeqType);
+ }
+
+ /**
+ * 默认16位序列号 yyMMddHHmmss + 一位机器标识 + 3长度循环递增字符串
+ *
+ * @return 序列值
+ */
+ public static String getId(String type)
+ {
+ AtomicInteger atomicInt = commSeq;
+ if (uploadSeqType.equals(type))
+ {
+ atomicInt = uploadSeq;
+ }
+ return getId(atomicInt, 3);
+ }
+
+ /**
+ * 通用接口序列号 yyMMddHHmmss + 一位机器标识 + length长度循环递增字符串
+ *
+ * @param atomicInt 序列数
+ * @param length 数值长度
+ * @return 序列值
+ */
+ public static String getId(AtomicInteger atomicInt, int length)
+ {
+ String result = DateUtils.dateTimeNow();
+ result += machineCode;
+ result += getSeq(atomicInt, length);
+ return result;
+ }
+
+ /**
+ * 序列循环递增字符串[1, 10 的 (length)幂次方), 用0左补齐length位数
+ *
+ * @return 序列值
+ */
+ private synchronized static String getSeq(AtomicInteger atomicInt, int length)
+ {
+ // 先取值再+1
+ int value = atomicInt.getAndIncrement();
+
+ // 如果更新后值>=10 的 (length)幂次方则重置为1
+ int maxSeq = (int) Math.pow(10, length);
+ if (atomicInt.get() >= maxSeq)
+ {
+ atomicInt.set(1);
+ }
+ // 转字符串,用0左补齐
+ return StringUtils.padl(value, length);
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/uuid/UUID.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/uuid/UUID.java
new file mode 100644
index 0000000..fb2d776
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/utils/uuid/UUID.java
@@ -0,0 +1,484 @@
+package com.bwie.common.core.utils.uuid;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.util.Random;
+import java.util.concurrent.ThreadLocalRandom;
+import com.bwie.common.core.exception.UtilException;
+
+/**
+ * 提供通用唯一识别码(universally unique identifier)(UUID)实现
+ *
+ * @author bwie
+ */
+public final class UUID implements java.io.Serializable, Comparable
+{
+ private static final long serialVersionUID = -1185015143654744140L;
+
+ /**
+ * SecureRandom 的单例
+ *
+ */
+ private static class Holder
+ {
+ static final SecureRandom numberGenerator = getSecureRandom();
+ }
+
+ /** 此UUID的最高64有效位 */
+ private final long mostSigBits;
+
+ /** 此UUID的最低64有效位 */
+ private final long leastSigBits;
+
+ /**
+ * 私有构造
+ *
+ * @param data 数据
+ */
+ private UUID(byte[] data)
+ {
+ long msb = 0;
+ long lsb = 0;
+ assert data.length == 16 : "data must be 16 bytes in length";
+ for (int i = 0; i < 8; i++)
+ {
+ msb = (msb << 8) | (data[i] & 0xff);
+ }
+ for (int i = 8; i < 16; i++)
+ {
+ lsb = (lsb << 8) | (data[i] & 0xff);
+ }
+ this.mostSigBits = msb;
+ this.leastSigBits = lsb;
+ }
+
+ /**
+ * 使用指定的数据构造新的 UUID。
+ *
+ * @param mostSigBits 用于 {@code UUID} 的最高有效 64 位
+ * @param leastSigBits 用于 {@code UUID} 的最低有效 64 位
+ */
+ public UUID(long mostSigBits, long leastSigBits)
+ {
+ this.mostSigBits = mostSigBits;
+ this.leastSigBits = leastSigBits;
+ }
+
+ /**
+ * 获取类型 4(伪随机生成的)UUID 的静态工厂。
+ *
+ * @return 随机生成的 {@code UUID}
+ */
+ public static UUID fastUUID()
+ {
+ return randomUUID(false);
+ }
+
+ /**
+ * 获取类型 4(伪随机生成的)UUID 的静态工厂。 使用加密的强伪随机数生成器生成该 UUID。
+ *
+ * @return 随机生成的 {@code UUID}
+ */
+ public static UUID randomUUID()
+ {
+ return randomUUID(true);
+ }
+
+ /**
+ * 获取类型 4(伪随机生成的)UUID 的静态工厂。 使用加密的强伪随机数生成器生成该 UUID。
+ *
+ * @param isSecure 是否使用{@link SecureRandom}如果是可以获得更安全的随机码,否则可以得到更好的性能
+ * @return 随机生成的 {@code UUID}
+ */
+ public static UUID randomUUID(boolean isSecure)
+ {
+ final Random ng = isSecure ? Holder.numberGenerator : getRandom();
+
+ byte[] randomBytes = new byte[16];
+ ng.nextBytes(randomBytes);
+ randomBytes[6] &= 0x0f; /* clear version */
+ randomBytes[6] |= 0x40; /* set to version 4 */
+ randomBytes[8] &= 0x3f; /* clear variant */
+ randomBytes[8] |= 0x80; /* set to IETF variant */
+ return new UUID(randomBytes);
+ }
+
+ /**
+ * 根据指定的字节数组获取类型 3(基于名称的)UUID 的静态工厂。
+ *
+ * @param name 用于构造 UUID 的字节数组。
+ *
+ * @return 根据指定数组生成的 {@code UUID}
+ */
+ public static UUID nameUUIDFromBytes(byte[] name)
+ {
+ MessageDigest md;
+ try
+ {
+ md = MessageDigest.getInstance("MD5");
+ }
+ catch (NoSuchAlgorithmException nsae)
+ {
+ throw new InternalError("MD5 not supported");
+ }
+ byte[] md5Bytes = md.digest(name);
+ md5Bytes[6] &= 0x0f; /* clear version */
+ md5Bytes[6] |= 0x30; /* set to version 3 */
+ md5Bytes[8] &= 0x3f; /* clear variant */
+ md5Bytes[8] |= 0x80; /* set to IETF variant */
+ return new UUID(md5Bytes);
+ }
+
+ /**
+ * 根据 {@link #toString()} 方法中描述的字符串标准表示形式创建{@code UUID}。
+ *
+ * @param name 指定 {@code UUID} 字符串
+ * @return 具有指定值的 {@code UUID}
+ * @throws IllegalArgumentException 如果 name 与 {@link #toString} 中描述的字符串表示形式不符抛出此异常
+ *
+ */
+ public static UUID fromString(String name)
+ {
+ String[] components = name.split("-");
+ if (components.length != 5)
+ {
+ throw new IllegalArgumentException("Invalid UUID string: " + name);
+ }
+ for (int i = 0; i < 5; i++)
+ {
+ components[i] = "0x" + components[i];
+ }
+
+ long mostSigBits = Long.decode(components[0]).longValue();
+ mostSigBits <<= 16;
+ mostSigBits |= Long.decode(components[1]).longValue();
+ mostSigBits <<= 16;
+ mostSigBits |= Long.decode(components[2]).longValue();
+
+ long leastSigBits = Long.decode(components[3]).longValue();
+ leastSigBits <<= 48;
+ leastSigBits |= Long.decode(components[4]).longValue();
+
+ return new UUID(mostSigBits, leastSigBits);
+ }
+
+ /**
+ * 返回此 UUID 的 128 位值中的最低有效 64 位。
+ *
+ * @return 此 UUID 的 128 位值中的最低有效 64 位。
+ */
+ public long getLeastSignificantBits()
+ {
+ return leastSigBits;
+ }
+
+ /**
+ * 返回此 UUID 的 128 位值中的最高有效 64 位。
+ *
+ * @return 此 UUID 的 128 位值中最高有效 64 位。
+ */
+ public long getMostSignificantBits()
+ {
+ return mostSigBits;
+ }
+
+ /**
+ * 与此 {@code UUID} 相关联的版本号. 版本号描述此 {@code UUID} 是如何生成的。
+ *
+ * 版本号具有以下含意:
+ *
+ * 1 基于时间的 UUID
+ * 2 DCE 安全 UUID
+ * 3 基于名称的 UUID
+ * 4 随机生成的 UUID
+ *
+ *
+ * @return 此 {@code UUID} 的版本号
+ */
+ public int version()
+ {
+ // Version is bits masked by 0x000000000000F000 in MS long
+ return (int) ((mostSigBits >> 12) & 0x0f);
+ }
+
+ /**
+ * 与此 {@code UUID} 相关联的变体号。变体号描述 {@code UUID} 的布局。
+ *
+ * 变体号具有以下含意:
+ *
+ * 0 为 NCS 向后兼容保留
+ * 2 IETF RFC 4122 (Leach-Salz), 用于此类
+ * 6 保留,微软向后兼容
+ * 7 保留供以后定义使用
+ *
+ *
+ * @return 此 {@code UUID} 相关联的变体号
+ */
+ public int variant()
+ {
+ // This field is composed of a varying number of bits.
+ // 0 - - Reserved for NCS backward compatibility
+ // 1 0 - The IETF aka Leach-Salz variant (used by this class)
+ // 1 1 0 Reserved, Microsoft backward compatibility
+ // 1 1 1 Reserved for future definition.
+ return (int) ((leastSigBits >>> (64 - (leastSigBits >>> 62))) & (leastSigBits >> 63));
+ }
+
+ /**
+ * 与此 UUID 相关联的时间戳值。
+ *
+ *
+ * 60 位的时间戳值根据此 {@code UUID} 的 time_low、time_mid 和 time_hi 字段构造。
+ * 时间戳值仅在在基于时间的 UUID(其 version 类型为 1)中才有意义。
+ * 14 位的时钟序列值根据此 UUID 的 clock_seq 字段构造。clock_seq 字段用于保证在基于时间的 UUID 中的时间唯一性。
+ *
+ * {@code clockSequence} 值仅在基于时间的 UUID(其 version 类型为 1)中才有意义。 如果此 UUID 不是基于时间的 UUID,则此方法抛出
+ * UnsupportedOperationException。
+ *
+ * @return 此 {@code UUID} 的时钟序列
+ *
+ * @throws UnsupportedOperationException 如果此 UUID 的 version 不为 1
+ */
+ public int clockSequence() throws UnsupportedOperationException
+ {
+ checkTimeBase();
+ return (int) ((leastSigBits & 0x3FFF000000000000L) >>> 48);
+ }
+
+ /**
+ * 与此 UUID 相关的节点值。
+ *
+ *
+ * 48 位的节点值根据此 UUID 的 node 字段构造。此字段旨在用于保存机器的 IEEE 802 地址,该地址用于生成此 UUID 以保证空间唯一性。
+ *
+ * 节点值仅在基于时间的 UUID(其 version 类型为 1)中才有意义。
+ * UUID 的字符串表示形式由此 BNF 描述:
+ *
+ *
+ * {@code
+ * UUID = ----
+ * time_low = 4*
+ * time_mid = 2*
+ * time_high_and_version = 2*
+ * variant_and_sequence = 2*
+ * node = 6*
+ * hexOctet =
+ * hexDigit = [0-9a-fA-F]
+ * }
+ *
+ *
+ *
+ *
+ * @return 此{@code UUID} 的字符串表现形式
+ * @see #toString(boolean)
+ */
+ @Override
+ public String toString()
+ {
+ return toString(false);
+ }
+
+ /**
+ * 返回此{@code UUID} 的字符串表现形式。
+ *
+ *
+ * UUID 的字符串表示形式由此 BNF 描述:
+ *
+ *
+ * {@code
+ * UUID = ----
+ * time_low = 4*
+ * time_mid = 2*
+ * time_high_and_version = 2*
+ * variant_and_sequence = 2*
+ * node = 6*
+ * hexOctet =
+ * hexDigit = [0-9a-fA-F]
+ * }
+ *
+ *
+ *
+ *
+ * @param isSimple 是否简单模式,简单模式为不带'-'的UUID字符串
+ * @return 此{@code UUID} 的字符串表现形式
+ */
+ public String toString(boolean isSimple)
+ {
+ final StringBuilder builder = new StringBuilder(isSimple ? 32 : 36);
+ // time_low
+ builder.append(digits(mostSigBits >> 32, 8));
+ if (false == isSimple)
+ {
+ builder.append('-');
+ }
+ // time_mid
+ builder.append(digits(mostSigBits >> 16, 4));
+ if (false == isSimple)
+ {
+ builder.append('-');
+ }
+ // time_high_and_version
+ builder.append(digits(mostSigBits, 4));
+ if (false == isSimple)
+ {
+ builder.append('-');
+ }
+ // variant_and_sequence
+ builder.append(digits(leastSigBits >> 48, 4));
+ if (false == isSimple)
+ {
+ builder.append('-');
+ }
+ // node
+ builder.append(digits(leastSigBits, 12));
+
+ return builder.toString();
+ }
+
+ /**
+ * 返回此 UUID 的哈希码。
+ *
+ * @return UUID 的哈希码值。
+ */
+ @Override
+ public int hashCode()
+ {
+ long hilo = mostSigBits ^ leastSigBits;
+ return ((int) (hilo >> 32)) ^ (int) hilo;
+ }
+
+ /**
+ * 将此对象与指定对象比较。
+ *
+ * 当且仅当参数不为 {@code null}、而是一个 UUID 对象、具有与此 UUID 相同的 varriant、包含相同的值(每一位均相同)时,结果才为 {@code true}。
+ *
+ * @param obj 要与之比较的对象
+ *
+ * @return 如果对象相同,则返回 {@code true};否则返回 {@code false}
+ */
+ @Override
+ public boolean equals(Object obj)
+ {
+ if ((null == obj) || (obj.getClass() != UUID.class))
+ {
+ return false;
+ }
+ UUID id = (UUID) obj;
+ return (mostSigBits == id.mostSigBits && leastSigBits == id.leastSigBits);
+ }
+
+ // Comparison Operations
+
+ /**
+ * 将此 UUID 与指定的 UUID 比较。
+ *
+ *
+ * 如果两个 UUID 不同,且第一个 UUID 的最高有效字段大于第二个 UUID 的对应字段,则第一个 UUID 大于第二个 UUID。
+ *
+ * @param val 与此 UUID 比较的 UUID
+ *
+ * @return 在此 UUID 小于、等于或大于 val 时,分别返回 -1、0 或 1。
+ *
+ */
+ @Override
+ public int compareTo(UUID val)
+ {
+ // The ordering is intentionally set up so that the UUIDs
+ // can simply be numerically compared as two numbers
+ return (this.mostSigBits < val.mostSigBits ? -1 : //
+ (this.mostSigBits > val.mostSigBits ? 1 : //
+ (this.leastSigBits < val.leastSigBits ? -1 : //
+ (this.leastSigBits > val.leastSigBits ? 1 : //
+ 0))));
+ }
+
+ // -------------------------------------------------------------------------------------------------------------------
+ // Private method start
+ /**
+ * 返回指定数字对应的hex值
+ *
+ * @param val 值
+ * @param digits 位
+ * @return 值
+ */
+ private static String digits(long val, int digits)
+ {
+ long hi = 1L << (digits * 4);
+ return Long.toHexString(hi | (val & (hi - 1))).substring(1);
+ }
+
+ /**
+ * 检查是否为time-based版本UUID
+ */
+ private void checkTimeBase()
+ {
+ if (version() != 1)
+ {
+ throw new UnsupportedOperationException("Not a time-based UUID");
+ }
+ }
+
+ /**
+ * 获取{@link SecureRandom},类提供加密的强随机数生成器 (RNG)
+ *
+ * @return {@link SecureRandom}
+ */
+ public static SecureRandom getSecureRandom()
+ {
+ try
+ {
+ return SecureRandom.getInstance("SHA1PRNG");
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ throw new UtilException(e);
+ }
+ }
+
+ /**
+ * 获取随机数生成器对象 getDataTable(List list)
+ {
+ Result result = new Result<>();
+ TableDataInfo rspData = new TableDataInfo();
+ result.setCode(HttpStatus.SUCCESS);
+ rspData.setRows(list);
+ result.setMsg("查询成功");
+ rspData.setTotal(new PageInfo(list).getTotal());
+
+ result.setData(rspData);
+ return result;
+ }
+
+ /**
+ * 返回成功
+ */
+ public Result success()
+ {
+ return Result.success();
+ }
+
+ /**
+ * 返回成功消息
+ */
+ public Result success(String message)
+ {
+ return Result.success(message);
+ }
+
+ /**
+ * 返回成功消息
+ */
+ public Result success(Object data)
+ {
+ return Result.success(data);
+ }
+
+ /**
+ * 返回失败消息
+ */
+ public Result error()
+ {
+ return Result.error();
+ }
+
+ /**
+ * 返回失败消息
+ */
+ public Result error(String message)
+ {
+ return Result.error(message);
+ }
+
+
+ /**
+ * 响应返回结果
+ *
+ * @param rows 影响行数
+ * @return 操作结果
+ */
+ protected Result toAjax(int rows)
+ {
+ return rows > 0 ? Result.success() : Result.error();
+ }
+
+ /**
+ * 响应返回结果
+ *
+ * @param result 结果
+ * @return 操作结果
+ */
+ protected Result toAjax(boolean result)
+ {
+ return result ? success() : error();
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/domain/BaseEntity.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/domain/BaseEntity.java
new file mode 100644
index 0000000..9d69722
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/domain/BaseEntity.java
@@ -0,0 +1,118 @@
+package com.bwie.common.core.web.domain;
+
+import java.io.Serializable;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonInclude;
+
+/**
+ * Entity基类
+ *
+ * @author bwie
+ */
+public class BaseEntity implements Serializable
+{
+ private static final long serialVersionUID = 1L;
+
+ /** 搜索值 */
+ @JsonIgnore
+ private String searchValue;
+
+ /** 创建者 */
+ private String createBy;
+
+ /** 创建时间 */
+ @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+ private Date createTime;
+
+ /** 更新者 */
+ private String updateBy;
+
+ /** 更新时间 */
+ @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+ private Date updateTime;
+
+ /** 备注 */
+ private String remark;
+
+ /** 请求参数 */
+ @JsonInclude(JsonInclude.Include.NON_EMPTY)
+ private Map params;
+
+ public String getSearchValue()
+ {
+ return searchValue;
+ }
+
+ public void setSearchValue(String searchValue)
+ {
+ this.searchValue = searchValue;
+ }
+
+ public String getCreateBy()
+ {
+ return createBy;
+ }
+
+ public void setCreateBy(String createBy)
+ {
+ this.createBy = createBy;
+ }
+
+ public Date getCreateTime()
+ {
+ return createTime;
+ }
+
+ public void setCreateTime(Date createTime)
+ {
+ this.createTime = createTime;
+ }
+
+ public String getUpdateBy()
+ {
+ return updateBy;
+ }
+
+ public void setUpdateBy(String updateBy)
+ {
+ this.updateBy = updateBy;
+ }
+
+ public Date getUpdateTime()
+ {
+ return updateTime;
+ }
+
+ public void setUpdateTime(Date updateTime)
+ {
+ this.updateTime = updateTime;
+ }
+
+ public String getRemark()
+ {
+ return remark;
+ }
+
+ public void setRemark(String remark)
+ {
+ this.remark = remark;
+ }
+
+ public Map getParams()
+ {
+ if (params == null)
+ {
+ params = new HashMap<>();
+ }
+ return params;
+ }
+
+ public void setParams(Map params)
+ {
+ this.params = params;
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/domain/TreeEntity.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/domain/TreeEntity.java
new file mode 100644
index 0000000..5059ba6
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/domain/TreeEntity.java
@@ -0,0 +1,79 @@
+package com.bwie.common.core.web.domain;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Tree基类
+ *
+ * @author bwie
+ */
+public class TreeEntity extends BaseEntity
+{
+ private static final long serialVersionUID = 1L;
+
+ /** 父菜单名称 */
+ private String parentName;
+
+ /** 父菜单ID */
+ private Long parentId;
+
+ /** 显示顺序 */
+ private Integer orderNum;
+
+ /** 祖级列表 */
+ private String ancestors;
+
+ /** 子部门 */
+ private List children = new ArrayList<>();
+
+ public String getParentName()
+ {
+ return parentName;
+ }
+
+ public void setParentName(String parentName)
+ {
+ this.parentName = parentName;
+ }
+
+ public Long getParentId()
+ {
+ return parentId;
+ }
+
+ public void setParentId(Long parentId)
+ {
+ this.parentId = parentId;
+ }
+
+ public Integer getOrderNum()
+ {
+ return orderNum;
+ }
+
+ public void setOrderNum(Integer orderNum)
+ {
+ this.orderNum = orderNum;
+ }
+
+ public String getAncestors()
+ {
+ return ancestors;
+ }
+
+ public void setAncestors(String ancestors)
+ {
+ this.ancestors = ancestors;
+ }
+
+ public List getChildren()
+ {
+ return children;
+ }
+
+ public void setChildren(List children)
+ {
+ this.children = children;
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/page/PageDomain.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/page/PageDomain.java
new file mode 100644
index 0000000..b836403
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/page/PageDomain.java
@@ -0,0 +1,101 @@
+package com.bwie.common.core.web.page;
+
+import com.bwie.common.core.utils.StringUtils;
+
+/**
+ * 分页数据
+ *
+ * @author bwie
+ */
+public class PageDomain
+{
+ /** 当前记录起始索引 */
+ private Integer pageNum;
+
+ /** 每页显示记录数 */
+ private Integer pageSize;
+
+ /** 排序列 */
+ private String orderByColumn;
+
+ /** 排序的方向desc或者asc */
+ private String isAsc = "asc";
+
+ /** 分页参数合理化 */
+ private Boolean reasonable = true;
+
+ public String getOrderBy()
+ {
+ if (StringUtils.isEmpty(orderByColumn))
+ {
+ return "";
+ }
+ return StringUtils.toUnderScoreCase(orderByColumn) + " " + isAsc;
+ }
+
+ public Integer getPageNum()
+ {
+ return pageNum;
+ }
+
+ public void setPageNum(Integer pageNum)
+ {
+ this.pageNum = pageNum;
+ }
+
+ public Integer getPageSize()
+ {
+ return pageSize;
+ }
+
+ public void setPageSize(Integer pageSize)
+ {
+ this.pageSize = pageSize;
+ }
+
+ public String getOrderByColumn()
+ {
+ return orderByColumn;
+ }
+
+ public void setOrderByColumn(String orderByColumn)
+ {
+ this.orderByColumn = orderByColumn;
+ }
+
+ public String getIsAsc()
+ {
+ return isAsc;
+ }
+
+ public void setIsAsc(String isAsc)
+ {
+ if (StringUtils.isNotEmpty(isAsc))
+ {
+ // 兼容前端排序类型
+ if ("ascending".equals(isAsc))
+ {
+ isAsc = "asc";
+ }
+ else if ("descending".equals(isAsc))
+ {
+ isAsc = "desc";
+ }
+ this.isAsc = isAsc;
+ }
+ }
+
+ public Boolean getReasonable()
+ {
+ if (StringUtils.isNull(reasonable))
+ {
+ return Boolean.TRUE;
+ }
+ return reasonable;
+ }
+
+ public void setReasonable(Boolean reasonable)
+ {
+ this.reasonable = reasonable;
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/page/TableDataInfo.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/page/TableDataInfo.java
new file mode 100644
index 0000000..2ee6b01
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/page/TableDataInfo.java
@@ -0,0 +1,61 @@
+package com.bwie.common.core.web.page;
+
+import java.io.Serializable;
+import java.util.List;
+
+/**
+ * 表格分页数据对象
+ *
+ * @author bwie
+ */
+public class TableDataInfo implements Serializable
+{
+ private static final long serialVersionUID = 1L;
+
+ /** 总记录数 */
+ private long total;
+
+ /** 列表数据 */
+ private List rows;
+
+
+ /**
+ * 表格数据对象
+ */
+ public TableDataInfo()
+ {
+ }
+
+ /**
+ * 分页
+ *
+ * @param list 列表数据
+ * @param total 总记录数
+ */
+ public TableDataInfo(List list, int total)
+ {
+ this.rows = list;
+ this.total = total;
+ }
+
+ public long getTotal()
+ {
+ return total;
+ }
+
+ public void setTotal(long total)
+ {
+ this.total = total;
+ }
+
+ public List getRows()
+ {
+ return rows;
+ }
+
+ public void setRows(List rows)
+ {
+ this.rows = rows;
+ }
+
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/page/TableSupport.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/page/TableSupport.java
new file mode 100644
index 0000000..220a7ca
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/web/page/TableSupport.java
@@ -0,0 +1,56 @@
+package com.bwie.common.core.web.page;
+
+import com.bwie.common.core.text.Convert;
+import com.bwie.common.core.utils.ServletUtils;
+
+/**
+ * 表格数据处理
+ *
+ * @author bwie
+ */
+public class TableSupport
+{
+ /**
+ * 当前记录起始索引
+ */
+ public static final String PAGE_NUM = "pageNum";
+
+ /**
+ * 每页显示记录数
+ */
+ public static final String PAGE_SIZE = "pageSize";
+
+ /**
+ * 排序列
+ */
+ public static final String ORDER_BY_COLUMN = "orderByColumn";
+
+ /**
+ * 排序的方向 "desc" 或者 "asc".
+ */
+ public static final String IS_ASC = "isAsc";
+
+ /**
+ * 分页参数合理化
+ */
+ public static final String REASONABLE = "reasonable";
+
+ /**
+ * 封装分页对象
+ */
+ public static PageDomain getPageDomain()
+ {
+ PageDomain pageDomain = new PageDomain();
+ pageDomain.setPageNum(Convert.toInt(ServletUtils.getParameter(PAGE_NUM), 1));
+ pageDomain.setPageSize(Convert.toInt(ServletUtils.getParameter(PAGE_SIZE), 10));
+ pageDomain.setOrderByColumn(ServletUtils.getParameter(ORDER_BY_COLUMN));
+ pageDomain.setIsAsc(ServletUtils.getParameter(IS_ASC));
+ pageDomain.setReasonable(ServletUtils.getParameterToBool(REASONABLE));
+ return pageDomain;
+ }
+
+ public static PageDomain buildPageRequest()
+ {
+ return getPageDomain();
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/xss/Xss.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/xss/Xss.java
new file mode 100644
index 0000000..915b377
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/xss/Xss.java
@@ -0,0 +1,27 @@
+package com.bwie.common.core.xss;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 自定义xss校验注解
+ *
+ * @author bwie
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target(value = { ElementType.METHOD, ElementType.FIELD, ElementType.CONSTRUCTOR, ElementType.PARAMETER })
+@Constraint(validatedBy = { XssValidator.class })
+public @interface Xss
+{
+ String message()
+
+ default "不允许任何脚本运行";
+
+ Class[] groups() default {};
+
+ Class[] payload() default {};
+}
diff --git a/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/xss/XssValidator.java b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/xss/XssValidator.java
new file mode 100644
index 0000000..20a78dc
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/java/com/bwie/common/core/xss/XssValidator.java
@@ -0,0 +1,34 @@
+package com.bwie.common.core.xss;
+
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+import javax.validation.ConstraintValidator;
+import javax.validation.ConstraintValidatorContext;
+import com.bwie.common.core.utils.StringUtils;
+
+/**
+ * 自定义xss校验注解实现
+ *
+ * @author bwie
+ */
+public class XssValidator implements ConstraintValidator
+{
+ private static final String HTML_PATTERN = "<(\\S*?)[^>]*>.*?|<.*? />";
+
+ @Override
+ public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext)
+ {
+ if (StringUtils.isBlank(value))
+ {
+ return true;
+ }
+ return !containsHtml(value);
+ }
+
+ public static boolean containsHtml(String value)
+ {
+ Pattern pattern = Pattern.compile(HTML_PATTERN);
+ Matcher matcher = pattern.matcher(value);
+ return matcher.matches();
+ }
+}
diff --git a/bwie-common/bwie-common-core/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/bwie-common/bwie-common-core/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
new file mode 100644
index 0000000..0e3fb07
--- /dev/null
+++ b/bwie-common/bwie-common-core/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
@@ -0,0 +1 @@
+com.bwie.common.core.utils.SpringUtils
diff --git a/bwie-common/bwie-common-datascope/pom.xml b/bwie-common/bwie-common-datascope/pom.xml
new file mode 100644
index 0000000..5d5a6ba
--- /dev/null
+++ b/bwie-common/bwie-common-datascope/pom.xml
@@ -0,0 +1,27 @@
+
+
+
+ com.bwie
+ bwie-common
+ 3.6.3
+
+ 4.0.0
+
+ bwie-common-datascope
+
+
+ bwie-common-datascope权限范围
+
+
+
+
+
+
+ com.bwie
+ bwie-common-security
+
+
+
+
diff --git a/bwie-common/bwie-common-datascope/src/main/java/com/bwie/common/datascope/annotation/DataScope.java b/bwie-common/bwie-common-datascope/src/main/java/com/bwie/common/datascope/annotation/DataScope.java
new file mode 100644
index 0000000..46e7e05
--- /dev/null
+++ b/bwie-common/bwie-common-datascope/src/main/java/com/bwie/common/datascope/annotation/DataScope.java
@@ -0,0 +1,33 @@
+package com.bwie.common.datascope.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 数据权限过滤注解
+ *
+ * @author bwie
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface DataScope
+{
+ /**
+ * 部门表的别名
+ */
+ public String deptAlias() default "";
+
+ /**
+ * 用户表的别名
+ */
+ public String userAlias() default "";
+
+ /**
+ * 权限字符(用于多个角色匹配符合要求的权限)默认根据权限注解@RequiresPermissions获取,多个权限用逗号分隔开来
+ */
+ public String permission() default "";
+}
diff --git a/bwie-common/bwie-common-datascope/src/main/java/com/bwie/common/datascope/aspect/DataScopeAspect.java b/bwie-common/bwie-common-datascope/src/main/java/com/bwie/common/datascope/aspect/DataScopeAspect.java
new file mode 100644
index 0000000..11bb5b4
--- /dev/null
+++ b/bwie-common/bwie-common-datascope/src/main/java/com/bwie/common/datascope/aspect/DataScopeAspect.java
@@ -0,0 +1,174 @@
+package com.bwie.common.datascope.aspect;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.stereotype.Component;
+import com.bwie.common.core.context.SecurityContextHolder;
+import com.bwie.common.core.text.Convert;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.core.web.domain.BaseEntity;
+import com.bwie.common.datascope.annotation.DataScope;
+import com.bwie.common.security.utils.SecurityUtils;
+import com.bwie.system.common.domain.SysRole;
+import com.bwie.system.common.domain.SysUser;
+import com.bwie.system.common.model.LoginUser;
+
+/**
+ * 数据过滤处理
+ *
+ * @author bwie
+ */
+@Aspect
+@Component
+public class DataScopeAspect
+{
+ /**
+ * 全部数据权限
+ */
+ public static final String DATA_SCOPE_ALL = "1";
+
+ /**
+ * 自定数据权限
+ */
+ public static final String DATA_SCOPE_CUSTOM = "2";
+
+ /**
+ * 部门数据权限
+ */
+ public static final String DATA_SCOPE_DEPT = "3";
+
+ /**
+ * 部门及以下数据权限
+ */
+ public static final String DATA_SCOPE_DEPT_AND_CHILD = "4";
+
+ /**
+ * 仅本人数据权限
+ */
+ public static final String DATA_SCOPE_SELF = "5";
+
+ /**
+ * 数据权限过滤关键字
+ */
+ public static final String DATA_SCOPE = "dataScope";
+
+ @Before("@annotation(controllerDataScope)")
+ public void doBefore(JoinPoint point, DataScope controllerDataScope) throws Throwable
+ {
+ clearDataScope(point);
+ handleDataScope(point, controllerDataScope);
+ }
+
+ protected void handleDataScope(final JoinPoint joinPoint, DataScope controllerDataScope)
+ {
+ // 获取当前的用户
+ LoginUser loginUser = SecurityUtils.getLoginUser();
+ if (StringUtils.isNotNull(loginUser))
+ {
+ SysUser currentUser = loginUser.getSysUser();
+ // 如果是超级管理员,则不过滤数据
+ if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin())
+ {
+ String permission = StringUtils.defaultIfEmpty(controllerDataScope.permission(), SecurityContextHolder.getPermission());
+ dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
+ controllerDataScope.userAlias(), permission);
+ }
+ }
+ }
+
+ /**
+ * 数据范围过滤
+ *
+ * @param joinPoint 切点
+ * @param user 用户
+ * @param deptAlias 部门别名
+ * @param userAlias 用户别名
+ * @param permission 权限字符
+ */
+ public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, String permission)
+ {
+ StringBuilder sqlString = new StringBuilder();
+ List conditions = new ArrayList();
+
+ for (SysRole role : user.getRoles())
+ {
+ String dataScope = role.getDataScope();
+ if (!DATA_SCOPE_CUSTOM.equals(dataScope) && conditions.contains(dataScope))
+ {
+ continue;
+ }
+ if (StringUtils.isNotEmpty(permission) && StringUtils.isNotEmpty(role.getPermissions())
+ && !StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission)))
+ {
+ continue;
+ }
+ if (DATA_SCOPE_ALL.equals(dataScope))
+ {
+ sqlString = new StringBuilder();
+ conditions.add(dataScope);
+ break;
+ }
+ else if (DATA_SCOPE_CUSTOM.equals(dataScope))
+ {
+ sqlString.append(StringUtils.format(
+ " OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias,
+ role.getRoleId()));
+ }
+ else if (DATA_SCOPE_DEPT.equals(dataScope))
+ {
+ sqlString.append(StringUtils.format(" OR {}.dept_id = {} ", deptAlias, user.getDeptId()));
+ }
+ else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope))
+ {
+ sqlString.append(StringUtils.format(
+ " OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )",
+ deptAlias, user.getDeptId(), user.getDeptId()));
+ }
+ else if (DATA_SCOPE_SELF.equals(dataScope))
+ {
+ if (StringUtils.isNotBlank(userAlias))
+ {
+ sqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, user.getUserId()));
+ }
+ else
+ {
+ // 数据权限为仅本人且没有userAlias别名不查询任何数据
+ sqlString.append(StringUtils.format(" OR {}.dept_id = 0 ", deptAlias));
+ }
+ }
+ conditions.add(dataScope);
+ }
+
+ // 多角色情况下,所有角色都不包含传递过来的权限字符,这个时候sqlString也会为空,所以要限制一下,不查询任何数据
+ if (StringUtils.isEmpty(conditions))
+ {
+ sqlString.append(StringUtils.format(" OR {}.dept_id = 0 ", deptAlias));
+ }
+
+ if (StringUtils.isNotBlank(sqlString.toString()))
+ {
+ Object params = joinPoint.getArgs()[0];
+ if (StringUtils.isNotNull(params) && params instanceof BaseEntity)
+ {
+ BaseEntity baseEntity = (BaseEntity) params;
+ baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")");
+ }
+ }
+ }
+
+ /**
+ * 拼接权限sql前先清空params.dataScope参数防止注入
+ */
+ private void clearDataScope(final JoinPoint joinPoint)
+ {
+ Object params = joinPoint.getArgs()[0];
+ if (StringUtils.isNotNull(params) && params instanceof BaseEntity)
+ {
+ BaseEntity baseEntity = (BaseEntity) params;
+ baseEntity.getParams().put(DATA_SCOPE, "");
+ }
+ }
+}
diff --git a/bwie-common/bwie-common-datascope/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/bwie-common/bwie-common-datascope/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
new file mode 100644
index 0000000..ca841de
--- /dev/null
+++ b/bwie-common/bwie-common-datascope/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
@@ -0,0 +1 @@
+com.bwie.common.datascope.aspect.DataScopeAspect
diff --git a/bwie-common/bwie-common-datasource/pom.xml b/bwie-common/bwie-common-datasource/pom.xml
new file mode 100644
index 0000000..a5a79d7
--- /dev/null
+++ b/bwie-common/bwie-common-datasource/pom.xml
@@ -0,0 +1,35 @@
+
+
+
+ com.bwie
+ bwie-common
+ 3.6.3
+
+ 4.0.0
+
+ bwie-common-datasource
+
+
+ bwie-common-datasource多数据源
+
+
+
+
+
+
+ com.alibaba
+ druid-spring-boot-starter
+ ${druid.version}
+
+
+
+
+ com.baomidou
+ dynamic-datasource-spring-boot-starter
+ ${dynamic-ds.version}
+
+
+
+
diff --git a/bwie-common/bwie-common-datasource/src/main/java/com/bwie/common/datasource/annotation/Master.java b/bwie-common/bwie-common-datasource/src/main/java/com/bwie/common/datasource/annotation/Master.java
new file mode 100644
index 0000000..351f837
--- /dev/null
+++ b/bwie-common/bwie-common-datasource/src/main/java/com/bwie/common/datasource/annotation/Master.java
@@ -0,0 +1,22 @@
+package com.bwie.common.datasource.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import com.baomidou.dynamic.datasource.annotation.DS;
+
+/**
+ * 主库数据源
+ *
+ * @author bwie
+ */
+@Target({ ElementType.TYPE, ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@DS("master")
+public @interface Master
+{
+
+}
diff --git a/bwie-common/bwie-common-datasource/src/main/java/com/bwie/common/datasource/annotation/Slave.java b/bwie-common/bwie-common-datasource/src/main/java/com/bwie/common/datasource/annotation/Slave.java
new file mode 100644
index 0000000..c8ad37d
--- /dev/null
+++ b/bwie-common/bwie-common-datasource/src/main/java/com/bwie/common/datasource/annotation/Slave.java
@@ -0,0 +1,22 @@
+package com.bwie.common.datasource.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import com.baomidou.dynamic.datasource.annotation.DS;
+
+/**
+ * 从库数据源
+ *
+ * @author bwie
+ */
+@Target({ ElementType.TYPE, ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@DS("slave")
+public @interface Slave
+{
+
+}
diff --git a/bwie-common/bwie-common-log/pom.xml b/bwie-common/bwie-common-log/pom.xml
new file mode 100644
index 0000000..58c991e
--- /dev/null
+++ b/bwie-common/bwie-common-log/pom.xml
@@ -0,0 +1,27 @@
+
+
+
+ com.bwie
+ bwie-common
+ 3.6.3
+
+ 4.0.0
+
+ bwie-common-log
+
+
+ bwie-common-log日志记录
+
+
+
+
+
+
+ com.bwie
+ bwie-common-security
+
+
+
+
diff --git a/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/annotation/Log.java b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/annotation/Log.java
new file mode 100644
index 0000000..9ceabed
--- /dev/null
+++ b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/annotation/Log.java
@@ -0,0 +1,51 @@
+package com.bwie.common.log.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import com.bwie.common.log.enums.BusinessType;
+import com.bwie.common.log.enums.OperatorType;
+
+/**
+ * 自定义操作日志记录注解
+ *
+ * @author bwie
+ *
+ */
+@Target({ ElementType.PARAMETER, ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface Log
+{
+ /**
+ * 模块
+ */
+ public String title() default "";
+
+ /**
+ * 功能
+ */
+ public BusinessType businessType() default BusinessType.OTHER;
+
+ /**
+ * 操作人类别
+ */
+ public OperatorType operatorType() default OperatorType.MANAGE;
+
+ /**
+ * 是否保存请求的参数
+ */
+ public boolean isSaveRequestData() default true;
+
+ /**
+ * 是否保存响应的参数
+ */
+ public boolean isSaveResponseData() default true;
+
+ /**
+ * 排除指定的请求参数
+ */
+ public String[] excludeParamNames() default {};
+}
diff --git a/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/aspect/LogAspect.java b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/aspect/LogAspect.java
new file mode 100644
index 0000000..6aa2341
--- /dev/null
+++ b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/aspect/LogAspect.java
@@ -0,0 +1,251 @@
+package com.bwie.common.log.aspect;
+
+import java.util.Collection;
+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import com.bwie.system.common.domain.SysOperLog;
+import org.apache.commons.lang3.ArrayUtils;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.AfterReturning;
+import org.aspectj.lang.annotation.AfterThrowing;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.NamedThreadLocal;
+import org.springframework.http.HttpMethod;
+import org.springframework.stereotype.Component;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.multipart.MultipartFile;
+import com.alibaba.fastjson2.JSON;
+import com.bwie.common.core.utils.ServletUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.core.utils.ip.IpUtils;
+import com.bwie.common.log.annotation.Log;
+import com.bwie.common.log.enums.BusinessStatus;
+import com.bwie.common.log.filter.PropertyPreExcludeFilter;
+import com.bwie.common.log.service.AsyncLogService;
+import com.bwie.common.security.utils.SecurityUtils;
+
+
+/**
+ * 操作日志记录处理
+ *
+ * @author bwie
+ */
+@Aspect
+@Component
+public class LogAspect
+{
+ private static final Logger log = LoggerFactory.getLogger(LogAspect.class);
+
+ /** 排除敏感属性字段 */
+ public static final String[] EXCLUDE_PROPERTIES = { "password", "oldPassword", "newPassword", "confirmPassword" };
+
+ /** 计算操作消耗时间 */
+ private static final ThreadLocal TIME_THREADLOCAL = new NamedThreadLocal("Cost Time");
+
+ @Autowired
+ private AsyncLogService asyncLogService;
+
+ /**
+ * 处理请求前执行
+ */
+ @Before(value = "@annotation(controllerLog)")
+ public void boBefore(JoinPoint joinPoint, Log controllerLog)
+ {
+ TIME_THREADLOCAL.set(System.currentTimeMillis());
+ }
+
+ /**
+ * 处理完请求后执行
+ *
+ * @param joinPoint 切点
+ */
+ @AfterReturning(pointcut = "@annotation(controllerLog)", returning = "jsonResult")
+ public void doAfterReturning(JoinPoint joinPoint, Log controllerLog, Object jsonResult)
+ {
+ handleLog(joinPoint, controllerLog, null, jsonResult);
+ }
+
+ /**
+ * 拦截异常操作
+ *
+ * @param joinPoint 切点
+ * @param e 异常
+ */
+ @AfterThrowing(value = "@annotation(controllerLog)", throwing = "e")
+ public void doAfterThrowing(JoinPoint joinPoint, Log controllerLog, Exception e)
+ {
+ handleLog(joinPoint, controllerLog, e, null);
+ }
+
+ protected void handleLog(final JoinPoint joinPoint, Log controllerLog, final Exception e, Object jsonResult)
+ {
+ try
+ {
+ // *========数据库日志=========*//
+ SysOperLog operLog = new SysOperLog();
+ operLog.setStatus(BusinessStatus.SUCCESS.ordinal());
+ // 请求的地址
+ String ip = IpUtils.getIpAddr();
+ operLog.setOperIp(ip);
+ operLog.setOperUrl(StringUtils.substring(ServletUtils.getRequest().getRequestURI(), 0, 255));
+ String username = SecurityUtils.getUsername();
+ if (StringUtils.isNotBlank(username))
+ {
+ operLog.setOperName(username);
+ }
+
+ if (e != null)
+ {
+ operLog.setStatus(BusinessStatus.FAIL.ordinal());
+ operLog.setErrorMsg(StringUtils.substring(e.getMessage(), 0, 2000));
+ }
+ // 设置方法名称
+ String className = joinPoint.getTarget().getClass().getName();
+ String methodName = joinPoint.getSignature().getName();
+ operLog.setMethod(className + "." + methodName + "()");
+ // 设置请求方式
+ operLog.setRequestMethod(ServletUtils.getRequest().getMethod());
+ // 处理设置注解上的参数
+ getControllerMethodDescription(joinPoint, controllerLog, operLog, jsonResult);
+ // 设置消耗时间
+ operLog.setCostTime(System.currentTimeMillis() - TIME_THREADLOCAL.get());
+ // 保存数据库
+ asyncLogService.saveSysLog(operLog);
+ }
+ catch (Exception exp)
+ {
+ // 记录本地异常日志
+ log.error("异常信息:{}", exp.getMessage());
+ exp.printStackTrace();
+ }
+ finally
+ {
+ TIME_THREADLOCAL.remove();
+ }
+ }
+
+ /**
+ * 获取注解中对方法的描述信息 用于Controller层注解
+ *
+ * @param log 日志
+ * @param operLog 操作日志
+ * @throws Exception
+ */
+ public void getControllerMethodDescription(JoinPoint joinPoint, Log log, SysOperLog operLog, Object jsonResult) throws Exception
+ {
+ // 设置action动作
+ operLog.setBusinessType(log.businessType().ordinal());
+ // 设置标题
+ operLog.setTitle(log.title());
+ // 设置操作人类别
+ operLog.setOperatorType(log.operatorType().ordinal());
+ // 是否需要保存request,参数和值
+ if (log.isSaveRequestData())
+ {
+ // 获取参数的信息,传入到数据库中。
+ setRequestValue(joinPoint, operLog, log.excludeParamNames());
+ }
+ // 是否需要保存response,参数和值
+ if (log.isSaveResponseData() && StringUtils.isNotNull(jsonResult))
+ {
+ operLog.setJsonResult(StringUtils.substring(JSON.toJSONString(jsonResult), 0, 2000));
+ }
+ }
+
+ /**
+ * 获取请求的参数,放到log中
+ *
+ * @param operLog 操作日志
+ * @throws Exception 异常
+ */
+ private void setRequestValue(JoinPoint joinPoint, SysOperLog operLog, String[] excludeParamNames) throws Exception
+ {
+ String requestMethod = operLog.getRequestMethod();
+ Map paramsMap = ServletUtils.getParamMap(ServletUtils.getRequest());
+ if (StringUtils.isEmpty(paramsMap)
+ && (HttpMethod.PUT.name().equals(requestMethod) || HttpMethod.POST.name().equals(requestMethod)))
+ {
+ String params = argsArrayToString(joinPoint.getArgs(), excludeParamNames);
+ operLog.setOperParam(StringUtils.substring(params, 0, 2000));
+ }
+ else
+ {
+ operLog.setOperParam(StringUtils.substring(JSON.toJSONString(paramsMap, excludePropertyPreFilter(excludeParamNames)), 0, 2000));
+ }
+ }
+
+ /**
+ * 参数拼装
+ */
+ private String argsArrayToString(Object[] paramsArray, String[] excludeParamNames)
+ {
+ String params = "";
+ if (paramsArray != null && paramsArray.length > 0)
+ {
+ for (Object o : paramsArray)
+ {
+ if (StringUtils.isNotNull(o) && !isFilterObject(o))
+ {
+ try
+ {
+ String jsonObj = JSON.toJSONString(o, excludePropertyPreFilter(excludeParamNames));
+ params += jsonObj.toString() + " ";
+ }
+ catch (Exception e)
+ {
+ }
+ }
+ }
+ }
+ return params.trim();
+ }
+
+ /**
+ * 忽略敏感属性
+ */
+ public PropertyPreExcludeFilter excludePropertyPreFilter(String[] excludeParamNames)
+ {
+ return new PropertyPreExcludeFilter().addExcludes(ArrayUtils.addAll(EXCLUDE_PROPERTIES, excludeParamNames));
+ }
+
+ /**
+ * 判断是否需要过滤的对象。
+ *
+ * @param o 对象信息。
+ * @return 如果是需要过滤的对象,则返回true;否则返回false。
+ */
+ @SuppressWarnings("rawtypes")
+ public boolean isFilterObject(final Object o)
+ {
+ Class clazz = o.getClass();
+ if (clazz.isArray())
+ {
+ return clazz.getComponentType().isAssignableFrom(MultipartFile.class);
+ }
+ else if (Collection.class.isAssignableFrom(clazz))
+ {
+ Collection collection = (Collection) o;
+ for (Object value : collection)
+ {
+ return value instanceof MultipartFile;
+ }
+ }
+ else if (Map.class.isAssignableFrom(clazz))
+ {
+ Map map = (Map) o;
+ for (Object value : map.entrySet())
+ {
+ Map.Entry entry = (Map.Entry) value;
+ return entry.getValue() instanceof MultipartFile;
+ }
+ }
+ return o instanceof MultipartFile || o instanceof HttpServletRequest || o instanceof HttpServletResponse
+ || o instanceof BindingResult;
+ }
+}
diff --git a/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/enums/BusinessStatus.java b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/enums/BusinessStatus.java
new file mode 100644
index 0000000..f3389b8
--- /dev/null
+++ b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/enums/BusinessStatus.java
@@ -0,0 +1,20 @@
+package com.bwie.common.log.enums;
+
+/**
+ * 操作状态
+ *
+ * @author bwie
+ *
+ */
+public enum BusinessStatus
+{
+ /**
+ * 成功
+ */
+ SUCCESS,
+
+ /**
+ * 失败
+ */
+ FAIL,
+}
diff --git a/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/enums/BusinessType.java b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/enums/BusinessType.java
new file mode 100644
index 0000000..c918626
--- /dev/null
+++ b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/enums/BusinessType.java
@@ -0,0 +1,59 @@
+package com.bwie.common.log.enums;
+
+/**
+ * 业务操作类型
+ *
+ * @author bwie
+ */
+public enum BusinessType
+{
+ /**
+ * 其它
+ */
+ OTHER,
+
+ /**
+ * 新增
+ */
+ INSERT,
+
+ /**
+ * 修改
+ */
+ UPDATE,
+
+ /**
+ * 删除
+ */
+ DELETE,
+
+ /**
+ * 授权
+ */
+ GRANT,
+
+ /**
+ * 导出
+ */
+ EXPORT,
+
+ /**
+ * 导入
+ */
+ IMPORT,
+
+ /**
+ * 强退
+ */
+ FORCE,
+
+ /**
+ * 生成代码
+ */
+ GENCODE,
+
+ /**
+ * 清空数据
+ */
+ CLEAN,
+}
diff --git a/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/enums/OperatorType.java b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/enums/OperatorType.java
new file mode 100644
index 0000000..f799fa7
--- /dev/null
+++ b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/enums/OperatorType.java
@@ -0,0 +1,24 @@
+package com.bwie.common.log.enums;
+
+/**
+ * 操作人类别
+ *
+ * @author bwie
+ */
+public enum OperatorType
+{
+ /**
+ * 其它
+ */
+ OTHER,
+
+ /**
+ * 后台用户
+ */
+ MANAGE,
+
+ /**
+ * 手机端用户
+ */
+ MOBILE
+}
diff --git a/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/filter/PropertyPreExcludeFilter.java b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/filter/PropertyPreExcludeFilter.java
new file mode 100644
index 0000000..6012b58
--- /dev/null
+++ b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/filter/PropertyPreExcludeFilter.java
@@ -0,0 +1,24 @@
+package com.bwie.common.log.filter;
+
+import com.alibaba.fastjson2.filter.SimplePropertyPreFilter;
+
+/**
+ * 排除JSON敏感属性
+ *
+ * @author bwie
+ */
+public class PropertyPreExcludeFilter extends SimplePropertyPreFilter
+{
+ public PropertyPreExcludeFilter()
+ {
+ }
+
+ public PropertyPreExcludeFilter addExcludes(String... filters)
+ {
+ for (int i = 0; i < filters.length; i++)
+ {
+ this.getExcludes().add(filters[i]);
+ }
+ return this;
+ }
+}
diff --git a/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/service/AsyncLogService.java b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/service/AsyncLogService.java
new file mode 100644
index 0000000..dcf48df
--- /dev/null
+++ b/bwie-common/bwie-common-log/src/main/java/com/bwie/common/log/service/AsyncLogService.java
@@ -0,0 +1,30 @@
+package com.bwie.common.log.service;
+
+import com.bwie.system.common.domain.SysOperLog;
+import com.bwie.system.remote.RemoteLogService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.scheduling.annotation.Async;
+import org.springframework.stereotype.Service;
+import com.bwie.common.core.constant.SecurityConstants;
+
+
+/**
+ * 异步调用日志服务
+ *
+ * @author bwie
+ */
+@Service
+public class AsyncLogService
+{
+ @Autowired
+ private RemoteLogService remoteLogService;
+
+ /**
+ * 保存系统日志记录
+ */
+ @Async
+ public void saveSysLog(SysOperLog sysOperLog) throws Exception
+ {
+ remoteLogService.saveLog(sysOperLog, SecurityConstants.INNER);
+ }
+}
diff --git a/bwie-common/bwie-common-log/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/bwie-common/bwie-common-log/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
new file mode 100644
index 0000000..fdce53c
--- /dev/null
+++ b/bwie-common/bwie-common-log/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
@@ -0,0 +1,2 @@
+com.bwie.common.log.service.AsyncLogService
+com.bwie.common.log.aspect.LogAspect
diff --git a/bwie-common/bwie-common-redis/pom.xml b/bwie-common/bwie-common-redis/pom.xml
new file mode 100644
index 0000000..1bc2516
--- /dev/null
+++ b/bwie-common/bwie-common-redis/pom.xml
@@ -0,0 +1,33 @@
+
+
+
+ com.bwie
+ bwie-common
+ 3.6.3
+
+ 4.0.0
+
+ bwie-common-redis
+
+
+ bwie-common-redis缓存服务
+
+
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-data-redis
+
+
+
+
+ com.bwie
+ bwie-common-core
+
+
+
+
diff --git a/bwie-common/bwie-common-redis/src/main/java/com/bwie/common/redis/configure/FastJson2JsonRedisSerializer.java b/bwie-common/bwie-common-redis/src/main/java/com/bwie/common/redis/configure/FastJson2JsonRedisSerializer.java
new file mode 100644
index 0000000..b4d7823
--- /dev/null
+++ b/bwie-common/bwie-common-redis/src/main/java/com/bwie/common/redis/configure/FastJson2JsonRedisSerializer.java
@@ -0,0 +1,52 @@
+package com.bwie.common.redis.configure;
+
+import java.nio.charset.Charset;
+import org.springframework.data.redis.serializer.RedisSerializer;
+import org.springframework.data.redis.serializer.SerializationException;
+import com.alibaba.fastjson2.JSON;
+import com.alibaba.fastjson2.JSONReader;
+import com.alibaba.fastjson2.JSONWriter;
+import com.alibaba.fastjson2.filter.Filter;
+import com.bwie.common.core.constant.Constants;
+
+/**
+ * Redis使用FastJson序列化
+ *
+ * @author bwie
+ */
+public class FastJson2JsonRedisSerializer implements RedisSerializer
+{
+ public static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");
+
+ static final Filter AUTO_TYPE_FILTER = JSONReader.autoTypeFilter(Constants.JSON_WHITELIST_STR);
+
+ private Class clazz;
+
+ public FastJson2JsonRedisSerializer(Class clazz)
+ {
+ super();
+ this.clazz = clazz;
+ }
+
+ @Override
+ public byte[] serialize(T t) throws SerializationException
+ {
+ if (t == null)
+ {
+ return new byte[0];
+ }
+ return JSON.toJSONString(t, JSONWriter.Feature.WriteClassName).getBytes(DEFAULT_CHARSET);
+ }
+
+ @Override
+ public T deserialize(byte[] bytes) throws SerializationException
+ {
+ if (bytes == null || bytes.length <= 0)
+ {
+ return null;
+ }
+ String str = new String(bytes, DEFAULT_CHARSET);
+
+ return JSON.parseObject(str, clazz, AUTO_TYPE_FILTER);
+ }
+}
diff --git a/bwie-common/bwie-common-redis/src/main/java/com/bwie/common/redis/configure/RedisConfig.java b/bwie-common/bwie-common-redis/src/main/java/com/bwie/common/redis/configure/RedisConfig.java
new file mode 100644
index 0000000..6262798
--- /dev/null
+++ b/bwie-common/bwie-common-redis/src/main/java/com/bwie/common/redis/configure/RedisConfig.java
@@ -0,0 +1,43 @@
+package com.bwie.common.redis.configure;
+
+import org.springframework.boot.autoconfigure.AutoConfigureBefore;
+import org.springframework.boot.autoconfigure.data.redis.RedisAutoConfiguration;
+import org.springframework.cache.annotation.CachingConfigurerSupport;
+import org.springframework.cache.annotation.EnableCaching;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
+
+/**
+ * redis配置
+ *
+ * @author bwie
+ */
+@Configuration
+@EnableCaching
+@AutoConfigureBefore(RedisAutoConfiguration.class)
+public class RedisConfig extends CachingConfigurerSupport
+{
+ @Bean
+ @SuppressWarnings(value = { "unchecked", "rawtypes" })
+ public RedisTemplate redisTemplate(RedisConnectionFactory connectionFactory)
+ {
+ RedisTemplate template = new RedisTemplate<>();
+ template.setConnectionFactory(connectionFactory);
+
+ FastJson2JsonRedisSerializer serializer = new FastJson2JsonRedisSerializer(Object.class);
+
+ // 使用StringRedisSerializer来序列化和反序列化redis的key值
+ template.setKeySerializer(new StringRedisSerializer());
+ template.setValueSerializer(serializer);
+
+ // Hash的key也采用StringRedisSerializer的序列化方式
+ template.setHashKeySerializer(new StringRedisSerializer());
+ template.setHashValueSerializer(serializer);
+
+ template.afterPropertiesSet();
+ return template;
+ }
+}
diff --git a/bwie-common/bwie-common-redis/src/main/java/com/bwie/common/redis/service/RedisService.java b/bwie-common/bwie-common-redis/src/main/java/com/bwie/common/redis/service/RedisService.java
new file mode 100644
index 0000000..204cb45
--- /dev/null
+++ b/bwie-common/bwie-common-redis/src/main/java/com/bwie/common/redis/service/RedisService.java
@@ -0,0 +1,268 @@
+package com.bwie.common.redis.service;
+
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.TimeUnit;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.BoundSetOperations;
+import org.springframework.data.redis.core.HashOperations;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.ValueOperations;
+import org.springframework.stereotype.Component;
+
+/**
+ * spring redis 工具类
+ *
+ * @author bwie
+ **/
+@SuppressWarnings(value = { "unchecked", "rawtypes" })
+@Component
+public class RedisService
+{
+ @Autowired
+ public RedisTemplate redisTemplate;
+
+ /**
+ * 缓存基本的对象,Integer、String、实体类等
+ *
+ * @param key 缓存的键值
+ * @param value 缓存的值
+ */
+ public void setCacheObject(final String key, final T value)
+ {
+ redisTemplate.opsForValue().set(key, value);
+ }
+
+ /**
+ * 缓存基本的对象,Integer、String、实体类等
+ *
+ * @param key 缓存的键值
+ * @param value 缓存的值
+ * @param timeout 时间
+ * @param timeUnit 时间颗粒度
+ */
+ public void setCacheObject(final String key, final T value, final Long timeout, final TimeUnit timeUnit)
+ {
+ redisTemplate.opsForValue().set(key, value, timeout, timeUnit);
+ }
+
+ /**
+ * 设置有效时间
+ *
+ * @param key Redis键
+ * @param timeout 超时时间
+ * @return true=设置成功;false=设置失败
+ */
+ public boolean expire(final String key, final long timeout)
+ {
+ return expire(key, timeout, TimeUnit.SECONDS);
+ }
+
+ /**
+ * 设置有效时间
+ *
+ * @param key Redis键
+ * @param timeout 超时时间
+ * @param unit 时间单位
+ * @return true=设置成功;false=设置失败
+ */
+ public boolean expire(final String key, final long timeout, final TimeUnit unit)
+ {
+ return redisTemplate.expire(key, timeout, unit);
+ }
+
+ /**
+ * 获取有效时间
+ *
+ * @param key Redis键
+ * @return 有效时间
+ */
+ public long getExpire(final String key)
+ {
+ return redisTemplate.getExpire(key);
+ }
+
+ /**
+ * 判断 key是否存在
+ *
+ * @param key 键
+ * @return true 存在 false不存在
+ */
+ public Boolean hasKey(String key)
+ {
+ return redisTemplate.hasKey(key);
+ }
+
+ /**
+ * 获得缓存的基本对象。
+ *
+ * @param key 缓存键值
+ * @return 缓存键值对应的数据
+ */
+ public T getCacheObject(final String key)
+ {
+ ValueOperations operation = redisTemplate.opsForValue();
+ return operation.get(key);
+ }
+
+ /**
+ * 删除单个对象
+ *
+ * @param key
+ */
+ public boolean deleteObject(final String key)
+ {
+ return redisTemplate.delete(key);
+ }
+
+ /**
+ * 删除集合对象
+ *
+ * @param collection 多个对象
+ * @return
+ */
+ public boolean deleteObject(final Collection collection)
+ {
+ return redisTemplate.delete(collection) > 0;
+ }
+
+ /**
+ * 缓存List数据
+ *
+ * @param key 缓存的键值
+ * @param dataList 待缓存的List数据
+ * @return 缓存的对象
+ */
+ public long setCacheList(final String key, final List dataList)
+ {
+ Long count = redisTemplate.opsForList().rightPushAll(key, dataList);
+ return count == null ? 0 : count;
+ }
+
+ /**
+ * 获得缓存的list对象
+ *
+ * @param key 缓存的键值
+ * @return 缓存键值对应的数据
+ */
+ public List getCacheList(final String key)
+ {
+ return redisTemplate.opsForList().range(key, 0, -1);
+ }
+
+ /**
+ * 缓存Set
+ *
+ * @param key 缓存键值
+ * @param dataSet 缓存的数据
+ * @return 缓存数据的对象
+ */
+ public BoundSetOperations setCacheSet(final String key, final Set dataSet)
+ {
+ BoundSetOperations setOperation = redisTemplate.boundSetOps(key);
+ Iterator it = dataSet.iterator();
+ while (it.hasNext())
+ {
+ setOperation.add(it.next());
+ }
+ return setOperation;
+ }
+
+ /**
+ * 获得缓存的set
+ *
+ * @param key
+ * @return
+ */
+ public Set getCacheSet(final String key)
+ {
+ return redisTemplate.opsForSet().members(key);
+ }
+
+ /**
+ * 缓存Map
+ *
+ * @param key
+ * @param dataMap
+ */
+ public void setCacheMap(final String key, final Map dataMap)
+ {
+ if (dataMap != null) {
+ redisTemplate.opsForHash().putAll(key, dataMap);
+ }
+ }
+
+ /**
+ * 获得缓存的Map
+ *
+ * @param key
+ * @return
+ */
+ public Map getCacheMap(final String key)
+ {
+ return redisTemplate.opsForHash().entries(key);
+ }
+
+ /**
+ * 往Hash中存入数据
+ *
+ * @param key Redis键
+ * @param hKey Hash键
+ * @param value 值
+ */
+ public void setCacheMapValue(final String key, final String hKey, final T value)
+ {
+ redisTemplate.opsForHash().put(key, hKey, value);
+ }
+
+ /**
+ * 获取Hash中的数据
+ *
+ * @param key Redis键
+ * @param hKey Hash键
+ * @return Hash中的对象
+ */
+ public T getCacheMapValue(final String key, final String hKey)
+ {
+ HashOperations opsForHash = redisTemplate.opsForHash();
+ return opsForHash.get(key, hKey);
+ }
+
+ /**
+ * 获取多个Hash中的数据
+ *
+ * @param key Redis键
+ * @param hKeys Hash键集合
+ * @return Hash对象集合
+ */
+ public List getMultiCacheMapValue(final String key, final Collection hKeys)
+ {
+ return redisTemplate.opsForHash().multiGet(key, hKeys);
+ }
+
+ /**
+ * 删除Hash中的某条数据
+ *
+ * @param key Redis键
+ * @param hKey Hash键
+ * @return 是否成功
+ */
+ public boolean deleteCacheMapValue(final String key, final String hKey)
+ {
+ return redisTemplate.opsForHash().delete(key, hKey) > 0;
+ }
+
+ /**
+ * 获得缓存的基本对象列表
+ *
+ * @param pattern 字符串前缀
+ * @return 对象列表
+ */
+ public Collection keys(final String pattern)
+ {
+ return redisTemplate.keys(pattern);
+ }
+}
diff --git a/bwie-common/bwie-common-redis/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/bwie-common/bwie-common-redis/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
new file mode 100644
index 0000000..d697b68
--- /dev/null
+++ b/bwie-common/bwie-common-redis/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
@@ -0,0 +1,2 @@
+com.bwie.common.redis.configure.RedisConfig
+com.bwie.common.redis.service.RedisService
diff --git a/bwie-common/bwie-common-seata/pom.xml b/bwie-common/bwie-common-seata/pom.xml
new file mode 100644
index 0000000..6847b33
--- /dev/null
+++ b/bwie-common/bwie-common-seata/pom.xml
@@ -0,0 +1,27 @@
+
+
+
+ com.bwie
+ bwie-common
+ 3.6.3
+
+ 4.0.0
+
+ bwie-common-seata
+
+
+ bwie-common-seata分布式事务
+
+
+
+
+
+
+ com.alibaba.cloud
+ spring-cloud-starter-alibaba-seata
+
+
+
+
diff --git a/bwie-common/bwie-common-security/pom.xml b/bwie-common/bwie-common-security/pom.xml
new file mode 100644
index 0000000..0dc8001
--- /dev/null
+++ b/bwie-common/bwie-common-security/pom.xml
@@ -0,0 +1,37 @@
+
+
+
+ com.bwie
+ bwie-common
+ 3.6.3
+
+ 4.0.0
+
+ bwie-common-security
+
+
+ bwie-common-security安全模块
+
+
+
+
+
+
+ org.springframework
+ spring-webmvc
+
+
+
+
+ com.bwie
+ bwie-common-redis
+
+
+
+ com.bwie
+ bwie-system-remote
+
+
+
+
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/EnableCustomConfig.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/EnableCustomConfig.java
new file mode 100644
index 0000000..e241c7f
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/EnableCustomConfig.java
@@ -0,0 +1,31 @@
+package com.bwie.common.security.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import org.mybatis.spring.annotation.MapperScan;
+import org.springframework.context.annotation.EnableAspectJAutoProxy;
+import org.springframework.context.annotation.Import;
+import org.springframework.scheduling.annotation.EnableAsync;
+import com.bwie.common.security.config.ApplicationConfig;
+import com.bwie.common.security.feign.FeignAutoConfiguration;
+
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@Inherited
+// 表示通过aop框架暴露该代理对象,AopContext能够访问
+@EnableAspectJAutoProxy(exposeProxy = true)
+// 指定要扫描的Mapper类的包的路径
+@MapperScan("com.bwie.**.mapper")
+// 开启线程异步执行
+@EnableAsync
+// 自动加载类
+@Import({ ApplicationConfig.class, FeignAutoConfiguration.class })
+public @interface EnableCustomConfig
+{
+
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/EnableRyFeignClients.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/EnableRyFeignClients.java
new file mode 100644
index 0000000..68a0baf
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/EnableRyFeignClients.java
@@ -0,0 +1,27 @@
+package com.bwie.common.security.annotation;
+
+import org.springframework.cloud.openfeign.EnableFeignClients;
+import java.lang.annotation.*;
+
+/**
+ * 自定义feign注解
+ * 添加basePackages路径
+ *
+ * @author bwie
+ */
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@EnableFeignClients
+public @interface EnableRyFeignClients
+{
+ String[] value() default {};
+
+ String[] basePackages() default { "com.bwie" };
+
+ Class[] basePackageClasses() default {};
+
+ Class[] defaultConfiguration() default {};
+
+ Class[] clients() default {};
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/InnerAuth.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/InnerAuth.java
new file mode 100644
index 0000000..dd96f14
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/InnerAuth.java
@@ -0,0 +1,19 @@
+package com.bwie.common.security.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * 内部认证注解
+ *
+ * @author bwie
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface InnerAuth
+{
+ /**
+ * 是否校验用户信息
+ */
+ boolean isUser() default false;
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/Logical.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/Logical.java
new file mode 100644
index 0000000..d3e8114
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/Logical.java
@@ -0,0 +1,20 @@
+package com.bwie.common.security.annotation;
+
+/**
+ * 权限注解的验证模式
+ *
+ * @author bwie
+ *
+ */
+public enum Logical
+{
+ /**
+ * 必须具有所有的元素
+ */
+ AND,
+
+ /**
+ * 只需具有其中一个元素
+ */
+ OR
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/RequiresLogin.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/RequiresLogin.java
new file mode 100644
index 0000000..70ba714
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/RequiresLogin.java
@@ -0,0 +1,18 @@
+package com.bwie.common.security.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 登录认证:只有登录之后才能进入该方法
+ *
+ * @author bwie
+ *
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ ElementType.METHOD, ElementType.TYPE })
+public @interface RequiresLogin
+{
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/RequiresPermissions.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/RequiresPermissions.java
new file mode 100644
index 0000000..67ae033
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/RequiresPermissions.java
@@ -0,0 +1,27 @@
+package com.bwie.common.security.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 权限认证:必须具有指定权限才能进入该方法
+ *
+ * @author bwie
+ *
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ ElementType.METHOD, ElementType.TYPE })
+public @interface RequiresPermissions
+{
+ /**
+ * 需要校验的权限码
+ */
+ String[] value() default {};
+
+ /**
+ * 验证模式:AND | OR,默认AND
+ */
+ Logical logical() default Logical.AND;
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/RequiresRoles.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/RequiresRoles.java
new file mode 100644
index 0000000..d065c0d
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/annotation/RequiresRoles.java
@@ -0,0 +1,26 @@
+package com.bwie.common.security.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 角色认证:必须具有指定角色标识才能进入该方法
+ *
+ * @author bwie
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ ElementType.METHOD, ElementType.TYPE })
+public @interface RequiresRoles
+{
+ /**
+ * 需要校验的角色标识
+ */
+ String[] value() default {};
+
+ /**
+ * 验证逻辑:AND | OR,默认AND
+ */
+ Logical logical() default Logical.AND;
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/aspect/InnerAuthAspect.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/aspect/InnerAuthAspect.java
new file mode 100644
index 0000000..62f4930
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/aspect/InnerAuthAspect.java
@@ -0,0 +1,51 @@
+package com.bwie.common.security.aspect;
+
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.springframework.core.Ordered;
+import org.springframework.stereotype.Component;
+import com.bwie.common.core.constant.SecurityConstants;
+import com.bwie.common.core.exception.InnerAuthException;
+import com.bwie.common.core.utils.ServletUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.security.annotation.InnerAuth;
+
+/**
+ * 内部服务调用验证处理
+ *
+ * @author bwie
+ */
+@Aspect
+@Component
+public class InnerAuthAspect implements Ordered
+{
+ @Around("@annotation(innerAuth)")
+ public Object innerAround(ProceedingJoinPoint point, InnerAuth innerAuth) throws Throwable
+ {
+ String source = ServletUtils.getRequest().getHeader(SecurityConstants.FROM_SOURCE);
+ // 内部请求验证
+ if (!StringUtils.equals(SecurityConstants.INNER, source))
+ {
+ throw new InnerAuthException("没有内部访问权限,不允许访问");
+ }
+
+ String userid = ServletUtils.getRequest().getHeader(SecurityConstants.DETAILS_USER_ID);
+ String username = ServletUtils.getRequest().getHeader(SecurityConstants.DETAILS_USERNAME);
+ // 用户信息验证
+ if (innerAuth.isUser() && (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)))
+ {
+ throw new InnerAuthException("没有设置用户信息,不允许访问 ");
+ }
+ return point.proceed();
+ }
+
+ /**
+ * 确保在权限认证aop执行前执行
+ */
+ @Override
+ public int getOrder()
+ {
+ return Ordered.HIGHEST_PRECEDENCE + 1;
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/aspect/PreAuthorizeAspect.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/aspect/PreAuthorizeAspect.java
new file mode 100644
index 0000000..ed8bae0
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/aspect/PreAuthorizeAspect.java
@@ -0,0 +1,97 @@
+package com.bwie.common.security.aspect;
+
+import java.lang.reflect.Method;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.stereotype.Component;
+import com.bwie.common.security.annotation.RequiresLogin;
+import com.bwie.common.security.annotation.RequiresPermissions;
+import com.bwie.common.security.annotation.RequiresRoles;
+import com.bwie.common.security.auth.AuthUtil;
+
+/**
+ * 基于 Spring Aop 的注解鉴权
+ *
+ * @author kong
+ */
+@Aspect
+@Component
+public class PreAuthorizeAspect
+{
+ /**
+ * 构建
+ */
+ public PreAuthorizeAspect()
+ {
+ }
+
+ /**
+ * 定义AOP签名 (切入所有使用鉴权注解的方法)
+ */
+ public static final String POINTCUT_SIGN = " @annotation(com.bwie.common.security.annotation.RequiresLogin) || "
+ + "@annotation(com.bwie.common.security.annotation.RequiresPermissions) || "
+ + "@annotation(com.bwie.common.security.annotation.RequiresRoles)";
+
+ /**
+ * 声明AOP签名
+ */
+ @Pointcut(POINTCUT_SIGN)
+ public void pointcut()
+ {
+ }
+
+ /**
+ * 环绕切入
+ *
+ * @param joinPoint 切面对象
+ * @return 底层方法执行后的返回值
+ * @throws Throwable 底层方法抛出的异常
+ */
+ @Around("pointcut()")
+ public Object around(ProceedingJoinPoint joinPoint) throws Throwable
+ {
+ // 注解鉴权
+ MethodSignature signature = (MethodSignature) joinPoint.getSignature();
+ checkMethodAnnotation(signature.getMethod());
+ try
+ {
+ // 执行原有逻辑
+ Object obj = joinPoint.proceed();
+ return obj;
+ }
+ catch (Throwable e)
+ {
+ throw e;
+ }
+ }
+
+ /**
+ * 对一个Method对象进行注解检查
+ */
+ public void checkMethodAnnotation(Method method)
+ {
+ // 校验 @RequiresLogin 注解
+ RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class);
+ if (requiresLogin != null)
+ {
+ AuthUtil.checkLogin();
+ }
+
+ // 校验 @RequiresRoles 注解
+ RequiresRoles requiresRoles = method.getAnnotation(RequiresRoles.class);
+ if (requiresRoles != null)
+ {
+ AuthUtil.checkRole(requiresRoles);
+ }
+
+ // 校验 @RequiresPermissions 注解
+ RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
+ if (requiresPermissions != null)
+ {
+ AuthUtil.checkPermi(requiresPermissions);
+ }
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/auth/AuthLogic.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/auth/AuthLogic.java
new file mode 100644
index 0000000..bccdb60
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/auth/AuthLogic.java
@@ -0,0 +1,373 @@
+package com.bwie.common.security.auth;
+
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Set;
+import org.springframework.util.PatternMatchUtils;
+import com.bwie.common.core.context.SecurityContextHolder;
+import com.bwie.common.core.exception.auth.NotLoginException;
+import com.bwie.common.core.exception.auth.NotPermissionException;
+import com.bwie.common.core.exception.auth.NotRoleException;
+import com.bwie.common.core.utils.SpringUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.security.annotation.Logical;
+import com.bwie.common.security.annotation.RequiresLogin;
+import com.bwie.common.security.annotation.RequiresPermissions;
+import com.bwie.common.security.annotation.RequiresRoles;
+import com.bwie.common.security.service.TokenService;
+import com.bwie.common.security.utils.SecurityUtils;
+import com.bwie.system.common.model.LoginUser;
+
+/**
+ * Token 权限验证,逻辑实现类
+ *
+ * @author bwie
+ */
+public class AuthLogic
+{
+ /** 所有权限标识 */
+ private static final String ALL_PERMISSION = "*:*:*";
+
+ /** 管理员角色权限标识 */
+ private static final String SUPER_ADMIN = "admin";
+
+ public TokenService tokenService = SpringUtils.getBean(TokenService.class);
+
+ /**
+ * 会话注销
+ */
+ public void logout()
+ {
+ String token = SecurityUtils.getToken();
+ if (token == null)
+ {
+ return;
+ }
+ logoutByToken(token);
+ }
+
+ /**
+ * 会话注销,根据指定Token
+ */
+ public void logoutByToken(String token)
+ {
+ tokenService.delLoginUser(token);
+ }
+
+ /**
+ * 检验用户是否已经登录,如未登录,则抛出异常
+ */
+ public void checkLogin()
+ {
+ getLoginUser();
+ }
+
+ /**
+ * 获取当前用户缓存信息, 如果未登录,则抛出异常
+ *
+ * @return 用户缓存信息
+ */
+ public LoginUser getLoginUser()
+ {
+ String token = SecurityUtils.getToken();
+ if (token == null)
+ {
+ throw new NotLoginException("未提供token");
+ }
+ LoginUser loginUser = SecurityUtils.getLoginUser();
+ if (loginUser == null)
+ {
+ throw new NotLoginException("无效的token");
+ }
+ return loginUser;
+ }
+
+ /**
+ * 获取当前用户缓存信息, 如果未登录,则抛出异常
+ *
+ * @param token 前端传递的认证信息
+ * @return 用户缓存信息
+ */
+ public LoginUser getLoginUser(String token)
+ {
+ return tokenService.getLoginUser(token);
+ }
+
+ /**
+ * 验证当前用户有效期, 如果相差不足120分钟,自动刷新缓存
+ *
+ * @param loginUser 当前用户信息
+ */
+ public void verifyLoginUserExpire(LoginUser loginUser)
+ {
+ tokenService.verifyToken(loginUser);
+ }
+
+ /**
+ * 验证用户是否具备某权限
+ *
+ * @param permission 权限字符串
+ * @return 用户是否具备某权限
+ */
+ public boolean hasPermi(String permission)
+ {
+ return hasPermi(getPermiList(), permission);
+ }
+
+ /**
+ * 验证用户是否具备某权限, 如果验证未通过,则抛出异常: NotPermissionException
+ *
+ * @param permission 权限字符串
+ * @return 用户是否具备某权限
+ */
+ public void checkPermi(String permission)
+ {
+ if (!hasPermi(getPermiList(), permission))
+ {
+ throw new NotPermissionException(permission);
+ }
+ }
+
+ /**
+ * 根据注解(@RequiresPermissions)鉴权, 如果验证未通过,则抛出异常: NotPermissionException
+ *
+ * @param requiresPermissions 注解对象
+ */
+ public void checkPermi(RequiresPermissions requiresPermissions)
+ {
+ SecurityContextHolder.setPermission(StringUtils.join(requiresPermissions.value(), ","));
+ if (requiresPermissions.logical() == Logical.AND)
+ {
+ checkPermiAnd(requiresPermissions.value());
+ }
+ else
+ {
+ checkPermiOr(requiresPermissions.value());
+ }
+ }
+
+ /**
+ * 验证用户是否含有指定权限,必须全部拥有
+ *
+ * @param permissions 权限列表
+ */
+ public void checkPermiAnd(String... permissions)
+ {
+ Set permissionList = getPermiList();
+ for (String permission : permissions)
+ {
+ if (!hasPermi(permissionList, permission))
+ {
+ throw new NotPermissionException(permission);
+ }
+ }
+ }
+
+ /**
+ * 验证用户是否含有指定权限,只需包含其中一个
+ *
+ * @param permissions 权限码数组
+ */
+ public void checkPermiOr(String... permissions)
+ {
+ Set permissionList = getPermiList();
+ for (String permission : permissions)
+ {
+ if (hasPermi(permissionList, permission))
+ {
+ return;
+ }
+ }
+ if (permissions.length > 0)
+ {
+ throw new NotPermissionException(permissions);
+ }
+ }
+
+ /**
+ * 判断用户是否拥有某个角色
+ *
+ * @param role 角色标识
+ * @return 用户是否具备某角色
+ */
+ public boolean hasRole(String role)
+ {
+ return hasRole(getRoleList(), role);
+ }
+
+ /**
+ * 判断用户是否拥有某个角色, 如果验证未通过,则抛出异常: NotRoleException
+ *
+ * @param role 角色标识
+ */
+ public void checkRole(String role)
+ {
+ if (!hasRole(role))
+ {
+ throw new NotRoleException(role);
+ }
+ }
+
+ /**
+ * 根据注解(@RequiresRoles)鉴权
+ *
+ * @param requiresRoles 注解对象
+ */
+ public void checkRole(RequiresRoles requiresRoles)
+ {
+ if (requiresRoles.logical() == Logical.AND)
+ {
+ checkRoleAnd(requiresRoles.value());
+ }
+ else
+ {
+ checkRoleOr(requiresRoles.value());
+ }
+ }
+
+ /**
+ * 验证用户是否含有指定角色,必须全部拥有
+ *
+ * @param roles 角色标识数组
+ */
+ public void checkRoleAnd(String... roles)
+ {
+ Set roleList = getRoleList();
+ for (String role : roles)
+ {
+ if (!hasRole(roleList, role))
+ {
+ throw new NotRoleException(role);
+ }
+ }
+ }
+
+ /**
+ * 验证用户是否含有指定角色,只需包含其中一个
+ *
+ * @param roles 角色标识数组
+ */
+ public void checkRoleOr(String... roles)
+ {
+ Set roleList = getRoleList();
+ for (String role : roles)
+ {
+ if (hasRole(roleList, role))
+ {
+ return;
+ }
+ }
+ if (roles.length > 0)
+ {
+ throw new NotRoleException(roles);
+ }
+ }
+
+ /**
+ * 根据注解(@RequiresLogin)鉴权
+ *
+ * @param at 注解对象
+ */
+ public void checkByAnnotation(RequiresLogin at)
+ {
+ this.checkLogin();
+ }
+
+ /**
+ * 根据注解(@RequiresRoles)鉴权
+ *
+ * @param at 注解对象
+ */
+ public void checkByAnnotation(RequiresRoles at)
+ {
+ String[] roleArray = at.value();
+ if (at.logical() == Logical.AND)
+ {
+ this.checkRoleAnd(roleArray);
+ }
+ else
+ {
+ this.checkRoleOr(roleArray);
+ }
+ }
+
+ /**
+ * 根据注解(@RequiresPermissions)鉴权
+ *
+ * @param at 注解对象
+ */
+ public void checkByAnnotation(RequiresPermissions at)
+ {
+ String[] permissionArray = at.value();
+ if (at.logical() == Logical.AND)
+ {
+ this.checkPermiAnd(permissionArray);
+ }
+ else
+ {
+ this.checkPermiOr(permissionArray);
+ }
+ }
+
+ /**
+ * 获取当前账号的角色列表
+ *
+ * @return 角色列表
+ */
+ public Set getRoleList()
+ {
+ try
+ {
+ LoginUser loginUser = getLoginUser();
+ return loginUser.getRoles();
+ }
+ catch (Exception e)
+ {
+ return new HashSet<>();
+ }
+ }
+
+ /**
+ * 获取当前账号的权限列表
+ *
+ * @return 权限列表
+ */
+ public Set getPermiList()
+ {
+ try
+ {
+ LoginUser loginUser = getLoginUser();
+ return loginUser.getPermissions();
+ }
+ catch (Exception e)
+ {
+ return new HashSet<>();
+ }
+ }
+
+ /**
+ * 判断是否包含权限
+ *
+ * @param authorities 权限列表
+ * @param permission 权限字符串
+ * @return 用户是否具备某权限
+ */
+ public boolean hasPermi(Collection authorities, String permission)
+ {
+ return authorities.stream().filter(StringUtils::hasText)
+ .anyMatch(x -> ALL_PERMISSION.equals(x) || PatternMatchUtils.simpleMatch(x, permission));
+ }
+
+ /**
+ * 判断是否包含角色
+ *
+ * @param roles 角色列表
+ * @param role 角色
+ * @return 用户是否具备某角色权限
+ */
+ public boolean hasRole(Collection roles, String role)
+ {
+ return roles.stream().filter(StringUtils::hasText)
+ .anyMatch(x -> SUPER_ADMIN.equals(x) || PatternMatchUtils.simpleMatch(x, role));
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/auth/AuthUtil.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/auth/AuthUtil.java
new file mode 100644
index 0000000..55017b4
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/auth/AuthUtil.java
@@ -0,0 +1,167 @@
+package com.bwie.common.security.auth;
+
+import com.bwie.common.security.annotation.RequiresPermissions;
+import com.bwie.common.security.annotation.RequiresRoles;
+import com.bwie.system.common.model.LoginUser;
+
+/**
+ * Token 权限验证工具类
+ *
+ * @author bwie
+ */
+public class AuthUtil
+{
+ /**
+ * 底层的 AuthLogic 对象
+ */
+ public static AuthLogic authLogic = new AuthLogic();
+
+ /**
+ * 会话注销
+ */
+ public static void logout()
+ {
+ authLogic.logout();
+ }
+
+ /**
+ * 会话注销,根据指定Token
+ *
+ * @param token 指定token
+ */
+ public static void logoutByToken(String token)
+ {
+ authLogic.logoutByToken(token);
+ }
+
+ /**
+ * 检验当前会话是否已经登录,如未登录,则抛出异常
+ */
+ public static void checkLogin()
+ {
+ authLogic.checkLogin();
+ }
+
+ /**
+ * 获取当前登录用户信息
+ *
+ * @param token 指定token
+ * @return 用户信息
+ */
+ public static LoginUser getLoginUser(String token)
+ {
+ return authLogic.getLoginUser(token);
+ }
+
+ /**
+ * 验证当前用户有效期
+ *
+ * @param loginUser 用户信息
+ */
+ public static void verifyLoginUserExpire(LoginUser loginUser)
+ {
+ authLogic.verifyLoginUserExpire(loginUser);
+ }
+
+ /**
+ * 当前账号是否含有指定角色标识, 返回true或false
+ *
+ * @param role 角色标识
+ * @return 是否含有指定角色标识
+ */
+ public static boolean hasRole(String role)
+ {
+ return authLogic.hasRole(role);
+ }
+
+ /**
+ * 当前账号是否含有指定角色标识, 如果验证未通过,则抛出异常: NotRoleException
+ *
+ * @param role 角色标识
+ */
+ public static void checkRole(String role)
+ {
+ authLogic.checkRole(role);
+ }
+
+ /**
+ * 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotRoleException
+ *
+ * @param requiresRoles 角色权限注解
+ */
+ public static void checkRole(RequiresRoles requiresRoles)
+ {
+ authLogic.checkRole(requiresRoles);
+ }
+
+ /**
+ * 当前账号是否含有指定角色标识 [指定多个,必须全部验证通过]
+ *
+ * @param roles 角色标识数组
+ */
+ public static void checkRoleAnd(String... roles)
+ {
+ authLogic.checkRoleAnd(roles);
+ }
+
+ /**
+ * 当前账号是否含有指定角色标识 [指定多个,只要其一验证通过即可]
+ *
+ * @param roles 角色标识数组
+ */
+ public static void checkRoleOr(String... roles)
+ {
+ authLogic.checkRoleOr(roles);
+ }
+
+ /**
+ * 当前账号是否含有指定权限, 返回true或false
+ *
+ * @param permission 权限码
+ * @return 是否含有指定权限
+ */
+ public static boolean hasPermi(String permission)
+ {
+ return authLogic.hasPermi(permission);
+ }
+
+ /**
+ * 当前账号是否含有指定权限, 如果验证未通过,则抛出异常: NotPermissionException
+ *
+ * @param permission 权限码
+ */
+ public static void checkPermi(String permission)
+ {
+ authLogic.checkPermi(permission);
+ }
+
+ /**
+ * 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotPermissionException
+ *
+ * @param requiresPermissions 权限注解
+ */
+ public static void checkPermi(RequiresPermissions requiresPermissions)
+ {
+ authLogic.checkPermi(requiresPermissions);
+ }
+
+ /**
+ * 当前账号是否含有指定权限 [指定多个,必须全部验证通过]
+ *
+ * @param permissions 权限码数组
+ */
+ public static void checkPermiAnd(String... permissions)
+ {
+ authLogic.checkPermiAnd(permissions);
+ }
+
+ /**
+ * 当前账号是否含有指定权限 [指定多个,只要其一验证通过即可]
+ *
+ * @param permissions 权限码数组
+ */
+ public static void checkPermiOr(String... permissions)
+ {
+ authLogic.checkPermiOr(permissions);
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/config/ApplicationConfig.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/config/ApplicationConfig.java
new file mode 100644
index 0000000..8b05062
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/config/ApplicationConfig.java
@@ -0,0 +1,22 @@
+package com.bwie.common.security.config;
+
+import java.util.TimeZone;
+import org.springframework.boot.autoconfigure.jackson.Jackson2ObjectMapperBuilderCustomizer;
+import org.springframework.context.annotation.Bean;
+
+/**
+ * 系统配置
+ *
+ * @author bwie
+ */
+public class ApplicationConfig
+{
+ /**
+ * 时区配置
+ */
+ @Bean
+ public Jackson2ObjectMapperBuilderCustomizer jacksonObjectMapperCustomization()
+ {
+ return jacksonObjectMapperBuilder -> jacksonObjectMapperBuilder.timeZone(TimeZone.getDefault());
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/config/WebMvcConfig.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/config/WebMvcConfig.java
new file mode 100644
index 0000000..35db6d0
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/config/WebMvcConfig.java
@@ -0,0 +1,33 @@
+package com.bwie.common.security.config;
+
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import com.bwie.common.security.interceptor.HeaderInterceptor;
+
+/**
+ * 拦截器配置
+ *
+ * @author bwie
+ */
+public class WebMvcConfig implements WebMvcConfigurer
+{
+ /** 不需要拦截地址 */
+ public static final String[] excludeUrls = { "/login", "/logout", "/refresh" };
+
+ @Override
+ public void addInterceptors(InterceptorRegistry registry)
+ {
+ registry.addInterceptor(getHeaderInterceptor())
+ .addPathPatterns("/**")
+ .excludePathPatterns(excludeUrls)
+ .order(-10);
+ }
+
+ /**
+ * 自定义请求头拦截器
+ */
+ public HeaderInterceptor getHeaderInterceptor()
+ {
+ return new HeaderInterceptor();
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/feign/FeignAutoConfiguration.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/feign/FeignAutoConfiguration.java
new file mode 100644
index 0000000..824ebb7
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/feign/FeignAutoConfiguration.java
@@ -0,0 +1,20 @@
+package com.bwie.common.security.feign;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import feign.RequestInterceptor;
+
+/**
+ * Feign 配置注册
+ *
+ * @author bwie
+ **/
+@Configuration
+public class FeignAutoConfiguration
+{
+ @Bean
+ public RequestInterceptor requestInterceptor()
+ {
+ return new FeignRequestInterceptor();
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/feign/FeignRequestInterceptor.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/feign/FeignRequestInterceptor.java
new file mode 100644
index 0000000..cd1a706
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/feign/FeignRequestInterceptor.java
@@ -0,0 +1,54 @@
+package com.bwie.common.security.feign;
+
+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import org.springframework.stereotype.Component;
+import com.bwie.common.core.constant.SecurityConstants;
+import com.bwie.common.core.utils.ServletUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.core.utils.ip.IpUtils;
+import feign.RequestInterceptor;
+import feign.RequestTemplate;
+
+/**
+ * feign 请求拦截器
+ *
+ * @author bwie
+ */
+@Component
+public class FeignRequestInterceptor implements RequestInterceptor
+{
+ @Override
+ public void apply(RequestTemplate requestTemplate)
+ {
+ HttpServletRequest httpServletRequest = ServletUtils.getRequest();
+ if (StringUtils.isNotNull(httpServletRequest))
+ {
+ Map headers = ServletUtils.getHeaders(httpServletRequest);
+ // 传递用户信息请求头,防止丢失
+ String userId = headers.get(SecurityConstants.DETAILS_USER_ID);
+ if (StringUtils.isNotEmpty(userId))
+ {
+ requestTemplate.header(SecurityConstants.DETAILS_USER_ID, userId);
+ }
+ String userKey = headers.get(SecurityConstants.USER_KEY);
+ if (StringUtils.isNotEmpty(userKey))
+ {
+ requestTemplate.header(SecurityConstants.USER_KEY, userKey);
+ }
+ String userName = headers.get(SecurityConstants.DETAILS_USERNAME);
+ if (StringUtils.isNotEmpty(userName))
+ {
+ requestTemplate.header(SecurityConstants.DETAILS_USERNAME, userName);
+ }
+ String authentication = headers.get(SecurityConstants.AUTHORIZATION_HEADER);
+ if (StringUtils.isNotEmpty(authentication))
+ {
+ requestTemplate.header(SecurityConstants.AUTHORIZATION_HEADER, authentication);
+ }
+
+ // 配置客户端IP
+ requestTemplate.header("X-Forwarded-For", IpUtils.getIpAddr());
+ }
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/handler/GlobalExceptionHandler.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/handler/GlobalExceptionHandler.java
new file mode 100644
index 0000000..4e754e4
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/handler/GlobalExceptionHandler.java
@@ -0,0 +1,159 @@
+package com.bwie.common.security.handler;
+
+import com.bwie.common.core.constant.HttpStatus;
+import com.bwie.common.core.domain.Result;
+import com.bwie.common.core.exception.DemoModeException;
+import com.bwie.common.core.exception.InnerAuthException;
+import com.bwie.common.core.exception.ServiceException;
+import com.bwie.common.core.exception.auth.NotPermissionException;
+import com.bwie.common.core.exception.auth.NotRoleException;
+import com.bwie.common.core.utils.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.validation.BindException;
+import org.springframework.web.HttpRequestMethodNotSupportedException;
+import org.springframework.web.bind.MethodArgumentNotValidException;
+import org.springframework.web.bind.MissingPathVariableException;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * 全局异常处理器
+ *
+ * @author bwie
+ */
+@RestControllerAdvice
+public class GlobalExceptionHandler
+{
+ private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
+
+ /**
+ * 权限码异常
+ */
+ @ExceptionHandler(NotPermissionException.class)
+ public Result handleNotPermissionException(NotPermissionException e, HttpServletRequest request)
+ {
+ String requestURI = request.getRequestURI();
+ log.error("请求地址'{}',权限码校验失败'{}'", requestURI, e.getMessage());
+ return Result.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权");
+ }
+
+ /**
+ * 角色权限异常
+ */
+ @ExceptionHandler(NotRoleException.class)
+ public Result handleNotRoleException(NotRoleException e, HttpServletRequest request)
+ {
+ String requestURI = request.getRequestURI();
+ log.error("请求地址'{}',角色权限校验失败'{}'", requestURI, e.getMessage());
+ return Result.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权");
+ }
+
+ /**
+ * 请求方式不支持
+ */
+ @ExceptionHandler(HttpRequestMethodNotSupportedException.class)
+ public Result handleHttpRequestMethodNotSupported(HttpRequestMethodNotSupportedException e, HttpServletRequest request)
+ {
+ String requestURI = request.getRequestURI();
+ log.error("请求地址'{}',不支持'{}'请求", requestURI, e.getMethod());
+ return Result.error(e.getMessage());
+ }
+
+ /**
+ * 业务异常
+ */
+ @ExceptionHandler(ServiceException.class)
+ public Result handleServiceException(ServiceException e, HttpServletRequest request)
+ {
+ log.error(e.getMessage(), e);
+ Integer code = e.getCode();
+ return StringUtils.isNotNull(code) ? Result.error(code, e.getMessage()) : Result.error(e.getMessage());
+ }
+
+ /**
+ * 请求路径中缺少必需的路径变量
+ */
+ @ExceptionHandler(MissingPathVariableException.class)
+ public Result handleMissingPathVariableException(MissingPathVariableException e, HttpServletRequest request)
+ {
+ String requestURI = request.getRequestURI();
+ log.error("请求路径中缺少必需的路径变量'{}',发生系统异常.", requestURI, e);
+ return Result.error(String.format("请求路径中缺少必需的路径变量[%s]", e.getVariableName()));
+ }
+
+ /**
+ * 请求参数类型不匹配
+ */
+ @ExceptionHandler(MethodArgumentTypeMismatchException.class)
+ public Result handleMethodArgumentTypeMismatchException(MethodArgumentTypeMismatchException e, HttpServletRequest request)
+ {
+ String requestURI = request.getRequestURI();
+ log.error("请求参数类型不匹配'{}',发生系统异常.", requestURI, e);
+ return Result.error(String.format("请求参数类型不匹配,参数[%s]要求类型为:'%s',但输入值为:'%s'", e.getName(), e.getRequiredType().getName(), e.getValue()));
+ }
+
+ /**
+ * 拦截未知的运行时异常
+ */
+ @ExceptionHandler(RuntimeException.class)
+ public Result handleRuntimeException(RuntimeException e, HttpServletRequest request)
+ {
+ String requestURI = request.getRequestURI();
+ log.error("请求地址'{}',发生未知异常.", requestURI, e);
+ return Result.error(e.getMessage());
+ }
+
+ /**
+ * 系统异常
+ */
+ @ExceptionHandler(Exception.class)
+ public Result handleException(Exception e, HttpServletRequest request)
+ {
+ String requestURI = request.getRequestURI();
+ log.error("请求地址'{}',发生系统异常.", requestURI, e);
+ return Result.error(e.getMessage());
+ }
+
+ /**
+ * 自定义验证异常
+ */
+ @ExceptionHandler(BindException.class)
+ public Result handleBindException(BindException e)
+ {
+ log.error(e.getMessage(), e);
+ String message = e.getAllErrors().get(0).getDefaultMessage();
+ return Result.error(message);
+ }
+
+ /**
+ * 自定义验证异常
+ */
+ @ExceptionHandler(MethodArgumentNotValidException.class)
+ public Object handleMethodArgumentNotValidException(MethodArgumentNotValidException e)
+ {
+ log.error(e.getMessage(), e);
+ String message = e.getBindingResult().getFieldError().getDefaultMessage();
+ return Result.error(message);
+ }
+
+ /**
+ * 内部认证异常
+ */
+ @ExceptionHandler(InnerAuthException.class)
+ public Result handleInnerAuthException(InnerAuthException e)
+ {
+ return Result.error(e.getMessage());
+ }
+
+ /**
+ * 演示模式异常
+ */
+ @ExceptionHandler(DemoModeException.class)
+ public Result handleDemoModeException(DemoModeException e)
+ {
+ return Result.error("演示模式,不允许操作");
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/interceptor/HeaderInterceptor.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/interceptor/HeaderInterceptor.java
new file mode 100644
index 0000000..8dc92f4
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/interceptor/HeaderInterceptor.java
@@ -0,0 +1,54 @@
+package com.bwie.common.security.interceptor;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.AsyncHandlerInterceptor;
+import com.bwie.common.core.constant.SecurityConstants;
+import com.bwie.common.core.context.SecurityContextHolder;
+import com.bwie.common.core.utils.ServletUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.security.auth.AuthUtil;
+import com.bwie.common.security.utils.SecurityUtils;
+import com.bwie.system.common.model.LoginUser;
+
+/**
+ * 自定义请求头拦截器,将Header数据封装到线程变量中方便获取
+ * 注意:此拦截器会同时验证当前用户有效期自动刷新有效期
+ *
+ * @author bwie
+ */
+public class HeaderInterceptor implements AsyncHandlerInterceptor
+{
+ @Override
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception
+ {
+ if (!(handler instanceof HandlerMethod))
+ {
+ return true;
+ }
+
+ SecurityContextHolder.setUserId(ServletUtils.getHeader(request, SecurityConstants.DETAILS_USER_ID));
+ SecurityContextHolder.setUserName(ServletUtils.getHeader(request, SecurityConstants.DETAILS_USERNAME));
+ SecurityContextHolder.setUserKey(ServletUtils.getHeader(request, SecurityConstants.USER_KEY));
+
+ String token = SecurityUtils.getToken();
+ if (StringUtils.isNotEmpty(token))
+ {
+ LoginUser loginUser = AuthUtil.getLoginUser(token);
+ if (StringUtils.isNotNull(loginUser))
+ {
+ AuthUtil.verifyLoginUserExpire(loginUser);
+ SecurityContextHolder.set(SecurityConstants.LOGIN_USER, loginUser);
+ }
+ }
+ return true;
+ }
+
+ @Override
+ public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
+ throws Exception
+ {
+ SecurityContextHolder.remove();
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/service/TokenService.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/service/TokenService.java
new file mode 100644
index 0000000..da7602b
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/service/TokenService.java
@@ -0,0 +1,174 @@
+package com.bwie.common.security.service;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+import javax.servlet.http.HttpServletRequest;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import com.bwie.common.core.constant.CacheConstants;
+import com.bwie.common.core.constant.SecurityConstants;
+import com.bwie.common.core.utils.JwtUtils;
+import com.bwie.common.core.utils.ServletUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.core.utils.ip.IpUtils;
+import com.bwie.common.core.utils.uuid.IdUtils;
+import com.bwie.common.redis.service.RedisService;
+import com.bwie.common.security.utils.SecurityUtils;
+import com.bwie.system.common.model.LoginUser;
+
+/**
+ * token验证处理
+ *
+ * @author bwie
+ */
+@Component
+public class TokenService
+{
+ private static final Logger log = LoggerFactory.getLogger(TokenService.class);
+
+ @Autowired
+ private RedisService redisService;
+
+ protected static final long MILLIS_SECOND = 1000;
+
+ protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
+
+ private final static long expireTime = CacheConstants.EXPIRATION;
+
+ private final static String ACCESS_TOKEN = CacheConstants.LOGIN_TOKEN_KEY;
+
+ private final static Long MILLIS_MINUTE_TEN = CacheConstants.REFRESH_TIME * MILLIS_MINUTE;
+
+ /**
+ * 创建令牌
+ */
+ public Map createToken(LoginUser loginUser)
+ {
+ String token = IdUtils.fastUUID();
+ Long userId = loginUser.getSysUser().getUserId();
+ String userName = loginUser.getSysUser().getUserName();
+ loginUser.setToken(token);
+ loginUser.setUserid(userId);
+ loginUser.setUsername(userName);
+ loginUser.setIpaddr(IpUtils.getIpAddr());
+ refreshToken(loginUser);
+
+ // Jwt存储信息
+ Map claimsMap = new HashMap();
+ claimsMap.put(SecurityConstants.USER_KEY, token);
+ claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId);
+ claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName);
+
+ // 接口返回信息
+ Map rspMap = new HashMap();
+ rspMap.put("access_token", JwtUtils.createToken(claimsMap));
+ rspMap.put("expires_in", expireTime);
+ return rspMap;
+ }
+
+ /**
+ * 获取用户身份信息
+ *
+ * @return 用户信息
+ */
+ public LoginUser getLoginUser()
+ {
+ return getLoginUser(ServletUtils.getRequest());
+ }
+
+ /**
+ * 获取用户身份信息
+ *
+ * @return 用户信息
+ */
+ public LoginUser getLoginUser(HttpServletRequest request)
+ {
+ // 获取请求携带的令牌
+ String token = SecurityUtils.getToken(request);
+ return getLoginUser(token);
+ }
+
+ /**
+ * 获取用户身份信息
+ *
+ * @return 用户信息
+ */
+ public LoginUser getLoginUser(String token)
+ {
+ LoginUser user = null;
+ try
+ {
+ if (StringUtils.isNotEmpty(token))
+ {
+ String userkey = JwtUtils.getUserKey(token);
+ user = redisService.getCacheObject(getTokenKey(userkey));
+ return user;
+ }
+ }
+ catch (Exception e)
+ {
+ log.error("获取用户信息异常'{}'", e.getMessage());
+ }
+ return user;
+ }
+
+ /**
+ * 设置用户身份信息
+ */
+ public void setLoginUser(LoginUser loginUser)
+ {
+ if (StringUtils.isNotNull(loginUser) && StringUtils.isNotEmpty(loginUser.getToken()))
+ {
+ refreshToken(loginUser);
+ }
+ }
+
+ /**
+ * 删除用户缓存信息
+ */
+ public void delLoginUser(String token)
+ {
+ if (StringUtils.isNotEmpty(token))
+ {
+ String userkey = JwtUtils.getUserKey(token);
+ redisService.deleteObject(getTokenKey(userkey));
+ }
+ }
+
+ /**
+ * 验证令牌有效期,相差不足120分钟,自动刷新缓存
+ *
+ * @param loginUser
+ */
+ public void verifyToken(LoginUser loginUser)
+ {
+ long expireTime = loginUser.getExpireTime();
+ long currentTime = System.currentTimeMillis();
+ if (expireTime - currentTime <= MILLIS_MINUTE_TEN)
+ {
+ refreshToken(loginUser);
+ }
+ }
+
+ /**
+ * 刷新令牌有效期
+ *
+ * @param loginUser 登录信息
+ */
+ public void refreshToken(LoginUser loginUser)
+ {
+ loginUser.setLoginTime(System.currentTimeMillis());
+ loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE);
+ // 根据uuid将loginUser缓存
+ String userKey = getTokenKey(loginUser.getToken());
+ redisService.setCacheObject(userKey, loginUser, expireTime, TimeUnit.MINUTES);
+ }
+
+ private String getTokenKey(String token)
+ {
+ return ACCESS_TOKEN + token;
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/utils/DictUtils.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/utils/DictUtils.java
new file mode 100644
index 0000000..a9dd8f0
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/utils/DictUtils.java
@@ -0,0 +1,75 @@
+package com.bwie.common.security.utils;
+
+import java.util.Collection;
+import java.util.List;
+import com.alibaba.fastjson2.JSONArray;
+import com.bwie.common.core.constant.CacheConstants;
+import com.bwie.common.core.utils.SpringUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.redis.service.RedisService;
+import com.bwie.system.common.domain.SysDictData;
+
+/**
+ * 字典工具类
+ *
+ * @author bwie
+ */
+public class DictUtils
+{
+ /**
+ * 设置字典缓存
+ *
+ * @param key 参数键
+ * @param dictDatas 字典数据列表
+ */
+ public static void setDictCache(String key, List dictDatas)
+ {
+ SpringUtils.getBean(RedisService.class).setCacheObject(getCacheKey(key), dictDatas);
+ }
+
+ /**
+ * 获取字典缓存
+ *
+ * @param key 参数键
+ * @return dictDatas 字典数据列表
+ */
+ public static List getDictCache(String key)
+ {
+ JSONArray arrayCache = SpringUtils.getBean(RedisService.class).getCacheObject(getCacheKey(key));
+ if (StringUtils.isNotNull(arrayCache))
+ {
+ return arrayCache.toList(SysDictData.class);
+ }
+ return null;
+ }
+
+ /**
+ * 删除指定字典缓存
+ *
+ * @param key 字典键
+ */
+ public static void removeDictCache(String key)
+ {
+ SpringUtils.getBean(RedisService.class).deleteObject(getCacheKey(key));
+ }
+
+ /**
+ * 清空字典缓存
+ */
+ public static void clearDictCache()
+ {
+ Collection keys = SpringUtils.getBean(RedisService.class).keys(CacheConstants.SYS_DICT_KEY + "*");
+ SpringUtils.getBean(RedisService.class).deleteObject(keys);
+ }
+
+ /**
+ * 设置cache key
+ *
+ * @param configKey 参数键
+ * @return 缓存键key
+ */
+ public static String getCacheKey(String configKey)
+ {
+ return CacheConstants.SYS_DICT_KEY + configKey;
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/utils/SecurityUtils.java b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/utils/SecurityUtils.java
new file mode 100644
index 0000000..9f6ea2b
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/java/com/bwie/common/security/utils/SecurityUtils.java
@@ -0,0 +1,117 @@
+package com.bwie.common.security.utils;
+
+import javax.servlet.http.HttpServletRequest;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import com.bwie.common.core.constant.SecurityConstants;
+import com.bwie.common.core.constant.TokenConstants;
+import com.bwie.common.core.context.SecurityContextHolder;
+import com.bwie.common.core.utils.ServletUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.system.common.model.LoginUser;
+
+/**
+ * 权限获取工具类
+ *
+ * @author bwie
+ */
+public class SecurityUtils
+{
+ /**
+ * 获取用户ID
+ */
+ public static Long getUserId()
+ {
+ return SecurityContextHolder.getUserId();
+ }
+
+ /**
+ * 获取用户名称
+ */
+ public static String getUsername()
+ {
+ return SecurityContextHolder.getUserName();
+ }
+
+ /**
+ * 获取用户key
+ */
+ public static String getUserKey()
+ {
+ return SecurityContextHolder.getUserKey();
+ }
+
+ /**
+ * 获取登录用户信息
+ */
+ public static LoginUser getLoginUser()
+ {
+ return SecurityContextHolder.get(SecurityConstants.LOGIN_USER, LoginUser.class);
+ }
+
+ /**
+ * 获取请求token
+ */
+ public static String getToken()
+ {
+ return getToken(ServletUtils.getRequest());
+ }
+
+ /**
+ * 根据request获取请求token
+ */
+ public static String getToken(HttpServletRequest request)
+ {
+ // 从header获取token标识
+ String token = request.getHeader(TokenConstants.AUTHENTICATION);
+ return replaceTokenPrefix(token);
+ }
+
+ /**
+ * 裁剪token前缀
+ */
+ public static String replaceTokenPrefix(String token)
+ {
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
+ {
+ token = token.replaceFirst(TokenConstants.PREFIX, "");
+ }
+ return token;
+ }
+
+ /**
+ * 是否为管理员
+ *
+ * @param userId 用户ID
+ * @return 结果
+ */
+ public static boolean isAdmin(Long userId)
+ {
+ return userId != null && 1L == userId;
+ }
+
+ /**
+ * 生成BCryptPasswordEncoder密码
+ *
+ * @param password 密码
+ * @return 加密字符串
+ */
+ public static String encryptPassword(String password)
+ {
+ BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+ return passwordEncoder.encode(password);
+ }
+
+ /**
+ * 判断密码是否相同
+ *
+ * @param rawPassword 真实密码
+ * @param encodedPassword 加密后字符
+ * @return 结果
+ */
+ public static boolean matchesPassword(String rawPassword, String encodedPassword)
+ {
+ BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+ return passwordEncoder.matches(rawPassword, encodedPassword);
+ }
+}
diff --git a/bwie-common/bwie-common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/bwie-common/bwie-common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
new file mode 100644
index 0000000..e1c92e9
--- /dev/null
+++ b/bwie-common/bwie-common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
@@ -0,0 +1,5 @@
+com.bwie.common.security.config.WebMvcConfig
+com.bwie.common.security.service.TokenService
+com.bwie.common.security.aspect.PreAuthorizeAspect
+com.bwie.common.security.aspect.InnerAuthAspect
+com.bwie.common.security.handler.GlobalExceptionHandler
diff --git a/bwie-common/bwie-common-swagger/pom.xml b/bwie-common/bwie-common-swagger/pom.xml
new file mode 100644
index 0000000..023e03b
--- /dev/null
+++ b/bwie-common/bwie-common-swagger/pom.xml
@@ -0,0 +1,34 @@
+
+
+
+ com.bwie
+ bwie-common
+ 3.6.3
+
+ 4.0.0
+
+ bwie-common-swagger
+
+
+ bwie-common-swagger系统接口
+
+
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+
+
+ io.springfox
+ springfox-swagger2
+ ${swagger.fox.version}
+
+
+
+
diff --git a/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/annotation/EnableCustomSwagger2.java b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/annotation/EnableCustomSwagger2.java
new file mode 100644
index 0000000..e488a30
--- /dev/null
+++ b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/annotation/EnableCustomSwagger2.java
@@ -0,0 +1,20 @@
+package com.bwie.common.swagger.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import org.springframework.context.annotation.Import;
+import com.bwie.common.swagger.config.SwaggerAutoConfiguration;
+
+@Target({ ElementType.TYPE })
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@Inherited
+@Import({ SwaggerAutoConfiguration.class })
+public @interface EnableCustomSwagger2
+{
+
+}
diff --git a/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerAutoConfiguration.java b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerAutoConfiguration.java
new file mode 100644
index 0000000..4006386
--- /dev/null
+++ b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerAutoConfiguration.java
@@ -0,0 +1,123 @@
+package com.bwie.common.swagger.config;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.function.Predicate;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import springfox.documentation.builders.ApiInfoBuilder;
+import springfox.documentation.builders.PathSelectors;
+import springfox.documentation.builders.RequestHandlerSelectors;
+import springfox.documentation.service.ApiInfo;
+import springfox.documentation.service.ApiKey;
+import springfox.documentation.service.AuthorizationScope;
+import springfox.documentation.service.Contact;
+import springfox.documentation.service.SecurityReference;
+import springfox.documentation.service.SecurityScheme;
+import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spi.service.contexts.SecurityContext;
+import springfox.documentation.spring.web.plugins.ApiSelectorBuilder;
+import springfox.documentation.spring.web.plugins.Docket;
+import springfox.documentation.swagger2.annotations.EnableSwagger2;
+
+@Configuration
+@EnableSwagger2
+@EnableConfigurationProperties(SwaggerProperties.class)
+@ConditionalOnProperty(name = "swagger.enabled", matchIfMissing = true)
+@Import({SwaggerBeanPostProcessor.class, SwaggerWebConfiguration.class})
+public class SwaggerAutoConfiguration
+{
+ /**
+ * 默认的排除路径,排除Spring Boot默认的错误处理路径和端点
+ */
+ private static final List DEFAULT_EXCLUDE_PATH = Arrays.asList("/error", "/actuator/**");
+
+ private static final String BASE_PATH = "/**";
+
+ @Bean
+ public Docket api(SwaggerProperties swaggerProperties)
+ {
+ // base-path处理
+ if (swaggerProperties.getBasePath().isEmpty())
+ {
+ swaggerProperties.getBasePath().add(BASE_PATH);
+ }
+ // noinspection unchecked
+ List> basePath = new ArrayList>();
+ swaggerProperties.getBasePath().forEach(path -> basePath.add(PathSelectors.ant(path)));
+
+ // exclude-path处理
+ if (swaggerProperties.getExcludePath().isEmpty())
+ {
+ swaggerProperties.getExcludePath().addAll(DEFAULT_EXCLUDE_PATH);
+ }
+
+ List> excludePath = new ArrayList<>();
+ swaggerProperties.getExcludePath().forEach(path -> excludePath.add(PathSelectors.ant(path)));
+
+ ApiSelectorBuilder builder = new Docket(DocumentationType.SWAGGER_2).host(swaggerProperties.getHost())
+ .apiInfo(apiInfo(swaggerProperties)).select()
+ .apis(RequestHandlerSelectors.basePackage(swaggerProperties.getBasePackage()));
+
+ swaggerProperties.getBasePath().forEach(p -> builder.paths(PathSelectors.ant(p)));
+ swaggerProperties.getExcludePath().forEach(p -> builder.paths(PathSelectors.ant(p).negate()));
+
+ return builder.build().securitySchemes(securitySchemes()).securityContexts(securityContexts()).pathMapping("/");
+ }
+
+ /**
+ * 安全模式,这里指定token通过Authorization头请求头传递
+ */
+ private List securitySchemes()
+ {
+ List apiKeyList = new ArrayList();
+ apiKeyList.add(new ApiKey("Authorization", "Authorization", "header"));
+ return apiKeyList;
+ }
+
+ /**
+ * 安全上下文
+ */
+ private List securityContexts()
+ {
+ List securityContexts = new ArrayList<>();
+ securityContexts.add(
+ SecurityContext.builder()
+ .securityReferences(defaultAuth())
+ .operationSelector(o -> o.requestMappingPattern().matches("/.*"))
+ .build());
+ return securityContexts;
+ }
+
+ /**
+ * 默认的全局鉴权策略
+ *
+ * @return
+ */
+ private List defaultAuth()
+ {
+ AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
+ AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
+ authorizationScopes[0] = authorizationScope;
+ List securityReferences = new ArrayList<>();
+ securityReferences.add(new SecurityReference("Authorization", authorizationScopes));
+ return securityReferences;
+ }
+
+ private ApiInfo apiInfo(SwaggerProperties swaggerProperties)
+ {
+ return new ApiInfoBuilder()
+ .title(swaggerProperties.getTitle())
+ .description(swaggerProperties.getDescription())
+ .license(swaggerProperties.getLicense())
+ .licenseUrl(swaggerProperties.getLicenseUrl())
+ .termsOfServiceUrl(swaggerProperties.getTermsOfServiceUrl())
+ .contact(new Contact(swaggerProperties.getContact().getName(), swaggerProperties.getContact().getUrl(), swaggerProperties.getContact().getEmail()))
+ .version(swaggerProperties.getVersion())
+ .build();
+ }
+}
diff --git a/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerBeanPostProcessor.java b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerBeanPostProcessor.java
new file mode 100644
index 0000000..21b3f70
--- /dev/null
+++ b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerBeanPostProcessor.java
@@ -0,0 +1,52 @@
+package com.bwie.common.swagger.config;
+
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.config.BeanPostProcessor;
+import org.springframework.util.ReflectionUtils;
+import org.springframework.web.servlet.mvc.method.RequestMappingInfoHandlerMapping;
+import springfox.documentation.spring.web.plugins.WebFluxRequestHandlerProvider;
+import springfox.documentation.spring.web.plugins.WebMvcRequestHandlerProvider;
+import java.lang.reflect.Field;
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * swagger 在 springboot 2.6.x 不兼容问题的处理
+ *
+ * @author bwie
+ */
+public class SwaggerBeanPostProcessor implements BeanPostProcessor
+{
+ @Override
+ public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException
+ {
+ if (bean instanceof WebMvcRequestHandlerProvider || bean instanceof WebFluxRequestHandlerProvider)
+ {
+ customizeSpringfoxHandlerMappings(getHandlerMappings(bean));
+ }
+ return bean;
+ }
+
+ private void customizeSpringfoxHandlerMappings(List mappings)
+ {
+ List copy = mappings.stream().filter(mapping -> mapping.getPatternParser() == null)
+ .collect(Collectors.toList());
+ mappings.clear();
+ mappings.addAll(copy);
+ }
+
+ @SuppressWarnings("unchecked")
+ private List getHandlerMappings(Object bean)
+ {
+ try
+ {
+ Field field = ReflectionUtils.findField(bean.getClass(), "handlerMappings");
+ field.setAccessible(true);
+ return (List) field.get(bean);
+ }
+ catch (IllegalArgumentException | IllegalAccessException e)
+ {
+ throw new IllegalStateException(e);
+ }
+ }
+}
diff --git a/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerProperties.java b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerProperties.java
new file mode 100644
index 0000000..44bbe43
--- /dev/null
+++ b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerProperties.java
@@ -0,0 +1,343 @@
+package com.bwie.common.swagger.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties("swagger")
+public class SwaggerProperties
+{
+ /**
+ * 是否开启swagger
+ */
+ private Boolean enabled;
+
+ /**
+ * swagger会解析的包路径
+ **/
+ private String basePackage = "";
+
+ /**
+ * swagger会解析的url规则
+ **/
+ private List basePath = new ArrayList<>();
+
+ /**
+ * 在basePath基础上需要排除的url规则
+ **/
+ private List excludePath = new ArrayList<>();
+
+ /**
+ * 标题
+ **/
+ private String title = "";
+
+ /**
+ * 描述
+ **/
+ private String description = "";
+
+ /**
+ * 版本
+ **/
+ private String version = "";
+
+ /**
+ * 许可证
+ **/
+ private String license = "";
+
+ /**
+ * 许可证URL
+ **/
+ private String licenseUrl = "";
+
+ /**
+ * 服务条款URL
+ **/
+ private String termsOfServiceUrl = "";
+
+ /**
+ * host信息
+ **/
+ private String host = "";
+
+ /**
+ * 联系人信息
+ */
+ private Contact contact = new Contact();
+
+ /**
+ * 全局统一鉴权配置
+ **/
+ private Authorization authorization = new Authorization();
+
+ public Boolean getEnabled()
+ {
+ return enabled;
+ }
+
+ public void setEnabled(Boolean enabled)
+ {
+ this.enabled = enabled;
+ }
+
+ public String getBasePackage()
+ {
+ return basePackage;
+ }
+
+ public void setBasePackage(String basePackage)
+ {
+ this.basePackage = basePackage;
+ }
+
+ public List getBasePath()
+ {
+ return basePath;
+ }
+
+ public void setBasePath(List basePath)
+ {
+ this.basePath = basePath;
+ }
+
+ public List getExcludePath()
+ {
+ return excludePath;
+ }
+
+ public void setExcludePath(List excludePath)
+ {
+ this.excludePath = excludePath;
+ }
+
+ public String getTitle()
+ {
+ return title;
+ }
+
+ public void setTitle(String title)
+ {
+ this.title = title;
+ }
+
+ public String getDescription()
+ {
+ return description;
+ }
+
+ public void setDescription(String description)
+ {
+ this.description = description;
+ }
+
+ public String getVersion()
+ {
+ return version;
+ }
+
+ public void setVersion(String version)
+ {
+ this.version = version;
+ }
+
+ public String getLicense()
+ {
+ return license;
+ }
+
+ public void setLicense(String license)
+ {
+ this.license = license;
+ }
+
+ public String getLicenseUrl()
+ {
+ return licenseUrl;
+ }
+
+ public void setLicenseUrl(String licenseUrl)
+ {
+ this.licenseUrl = licenseUrl;
+ }
+
+ public String getTermsOfServiceUrl()
+ {
+ return termsOfServiceUrl;
+ }
+
+ public void setTermsOfServiceUrl(String termsOfServiceUrl)
+ {
+ this.termsOfServiceUrl = termsOfServiceUrl;
+ }
+
+ public String getHost()
+ {
+ return host;
+ }
+
+ public void setHost(String host)
+ {
+ this.host = host;
+ }
+
+ public Contact getContact()
+ {
+ return contact;
+ }
+
+ public void setContact(Contact contact)
+ {
+ this.contact = contact;
+ }
+
+ public Authorization getAuthorization()
+ {
+ return authorization;
+ }
+
+ public void setAuthorization(Authorization authorization)
+ {
+ this.authorization = authorization;
+ }
+
+ public static class Contact
+ {
+ /**
+ * 联系人
+ **/
+ private String name = "";
+ /**
+ * 联系人url
+ **/
+ private String url = "";
+ /**
+ * 联系人email
+ **/
+ private String email = "";
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public void setName(String name)
+ {
+ this.name = name;
+ }
+
+ public String getUrl()
+ {
+ return url;
+ }
+
+ public void setUrl(String url)
+ {
+ this.url = url;
+ }
+
+ public String getEmail()
+ {
+ return email;
+ }
+
+ public void setEmail(String email)
+ {
+ this.email = email;
+ }
+ }
+
+ public static class Authorization
+ {
+ /**
+ * 鉴权策略ID,需要和SecurityReferences ID保持一致
+ */
+ private String name = "";
+
+ /**
+ * 需要开启鉴权URL的正则
+ */
+ private String authRegex = "^.*$";
+
+ /**
+ * 鉴权作用域列表
+ */
+ private List authorizationScopeList = new ArrayList<>();
+
+ private List tokenUrlList = new ArrayList<>();
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public void setName(String name)
+ {
+ this.name = name;
+ }
+
+ public String getAuthRegex()
+ {
+ return authRegex;
+ }
+
+ public void setAuthRegex(String authRegex)
+ {
+ this.authRegex = authRegex;
+ }
+
+ public List getAuthorizationScopeList()
+ {
+ return authorizationScopeList;
+ }
+
+ public void setAuthorizationScopeList(List authorizationScopeList)
+ {
+ this.authorizationScopeList = authorizationScopeList;
+ }
+
+ public List getTokenUrlList()
+ {
+ return tokenUrlList;
+ }
+
+ public void setTokenUrlList(List tokenUrlList)
+ {
+ this.tokenUrlList = tokenUrlList;
+ }
+ }
+
+ public static class AuthorizationScope
+ {
+ /**
+ * 作用域名称
+ */
+ private String scope = "";
+
+ /**
+ * 作用域描述
+ */
+ private String description = "";
+
+ public String getScope()
+ {
+ return scope;
+ }
+
+ public void setScope(String scope)
+ {
+ this.scope = scope;
+ }
+
+ public String getDescription()
+ {
+ return description;
+ }
+
+ public void setDescription(String description)
+ {
+ this.description = description;
+ }
+ }
+}
diff --git a/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerWebConfiguration.java b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerWebConfiguration.java
new file mode 100644
index 0000000..a4fb25a
--- /dev/null
+++ b/bwie-common/bwie-common-swagger/src/main/java/com/bwie/common/swagger/config/SwaggerWebConfiguration.java
@@ -0,0 +1,20 @@
+package com.bwie.common.swagger.config;
+
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * swagger 资源映射路径
+ *
+ * @author bwie
+ */
+public class SwaggerWebConfiguration implements WebMvcConfigurer
+{
+ @Override
+ public void addResourceHandlers(ResourceHandlerRegistry registry)
+ {
+ /** swagger-ui 地址 */
+ registry.addResourceHandler("/swagger-ui/**")
+ .addResourceLocations("classpath:/META-INF/resources/webjars/springfox-swagger-ui/");
+ }
+}
diff --git a/bwie-common/bwie-common-swagger/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/bwie-common/bwie-common-swagger/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
new file mode 100644
index 0000000..6db1e6e
--- /dev/null
+++ b/bwie-common/bwie-common-swagger/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
@@ -0,0 +1,3 @@
+# com.bwie.common.swagger.config.SwaggerAutoConfiguration
+# com.bwie.common.swagger.config.SwaggerWebConfiguration
+# com.bwie.common.swagger.config.SwaggerBeanPostProcessor
diff --git a/bwie-common/pom.xml b/bwie-common/pom.xml
new file mode 100644
index 0000000..758213e
--- /dev/null
+++ b/bwie-common/pom.xml
@@ -0,0 +1,29 @@
+
+
+
+ com.bwie
+ bwie
+ 3.6.3
+
+ 4.0.0
+
+
+ bwie-common-log
+ bwie-common-core
+ bwie-common-redis
+ bwie-common-seata
+ bwie-common-swagger
+ bwie-common-security
+ bwie-common-datascope
+ bwie-common-datasource
+
+
+ bwie-common
+ pom
+
+
+ bwie-common通用模块
+
+
+
diff --git a/bwie-gateway/pom.xml b/bwie-gateway/pom.xml
new file mode 100644
index 0000000..a41c75e
--- /dev/null
+++ b/bwie-gateway/pom.xml
@@ -0,0 +1,114 @@
+
+
+ com.bwie
+ bwie
+ 3.6.3
+
+ 4.0.0
+
+ bwie-gateway
+
+
+ bwie-gateway网关模块
+
+
+
+
+
+
+ org.springframework.cloud
+ spring-cloud-starter-gateway
+
+
+
+
+ com.alibaba.cloud
+ spring-cloud-starter-alibaba-nacos-discovery
+
+
+
+
+ com.alibaba.cloud
+ spring-cloud-starter-alibaba-nacos-config
+
+
+
+
+ com.alibaba.cloud
+ spring-cloud-starter-alibaba-sentinel
+
+
+
+
+ com.alibaba.cloud
+ spring-cloud-alibaba-sentinel-gateway
+
+
+
+
+ com.alibaba.csp
+ sentinel-datasource-nacos
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-actuator
+
+
+
+
+ org.springframework.cloud
+ spring-cloud-loadbalancer
+
+
+
+
+ pro.fessional
+ kaptcha
+
+
+
+
+ com.bwie
+ bwie-common-redis
+
+
+ com.bwie
+ bwie-common-core
+
+
+
+
+ io.springfox
+ springfox-swagger-ui
+ ${swagger.fox.version}
+
+
+ io.springfox
+ springfox-swagger2
+ ${swagger.fox.version}
+
+
+
+
+
+ ${project.artifactId}
+
+
+ org.springframework.boot
+ spring-boot-maven-plugin
+
+
+
+ repackage
+
+
+
+
+
+
+
+
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/BwieGatewayApplication.java b/bwie-gateway/src/main/java/com/bwie/gateway/BwieGatewayApplication.java
new file mode 100644
index 0000000..bec2faa
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/BwieGatewayApplication.java
@@ -0,0 +1,29 @@
+package com.bwie.gateway;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
+
+/**
+ * 网关启动程序
+ *
+ * @author bwie
+ */
+@SpringBootApplication(exclude = {DataSourceAutoConfiguration.class })
+public class BwieGatewayApplication
+{
+ public static void main(String[] args)
+ {
+ SpringApplication.run(BwieGatewayApplication.class, args);
+ System.out.println("(♥◠‿◠)ノ゙ 若依网关启动成功 ლ(´ڡ`ლ)゙ \n" +
+ " .-------. ____ __ \n" +
+ " | _ _ \\ \\ \\ / / \n" +
+ " | ( ' ) | \\ _. / ' \n" +
+ " |(_ o _) / _( )_ .' \n" +
+ " | (_,_).' __ ___(_ o _)' \n" +
+ " | |\\ \\ | || |(_,_)' \n" +
+ " | | \\ `' /| `-' / \n" +
+ " | | \\ / \\ / \n" +
+ " ''-' `'-' `-..-' ");
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/config/CaptchaConfig.java b/bwie-gateway/src/main/java/com/bwie/gateway/config/CaptchaConfig.java
new file mode 100644
index 0000000..cfcef7f
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/config/CaptchaConfig.java
@@ -0,0 +1,83 @@
+package com.bwie.gateway.config;
+
+import java.util.Properties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import com.google.code.kaptcha.impl.DefaultKaptcha;
+import com.google.code.kaptcha.util.Config;
+import static com.google.code.kaptcha.Constants.*;
+
+/**
+ * 验证码配置
+ *
+ * @author bwie
+ */
+@Configuration
+public class CaptchaConfig
+{
+ @Bean(name = "captchaProducer")
+ public DefaultKaptcha getKaptchaBean()
+ {
+ DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
+ Properties properties = new Properties();
+ // 是否有边框 默认为true 我们可以自己设置yes,no
+ properties.setProperty(KAPTCHA_BORDER, "yes");
+ // 验证码文本字符颜色 默认为Color.BLACK
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_COLOR, "black");
+ // 验证码图片宽度 默认为200
+ properties.setProperty(KAPTCHA_IMAGE_WIDTH, "160");
+ // 验证码图片高度 默认为50
+ properties.setProperty(KAPTCHA_IMAGE_HEIGHT, "60");
+ // 验证码文本字符大小 默认为40
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_SIZE, "38");
+ // KAPTCHA_SESSION_KEY
+ properties.setProperty(KAPTCHA_SESSION_CONFIG_KEY, "kaptchaCode");
+ // 验证码文本字符长度 默认为5
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_CHAR_LENGTH, "4");
+ // 验证码文本字体样式 默认为new Font("Arial", 1, fontSize), new Font("Courier", 1, fontSize)
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_NAMES, "Arial,Courier");
+ // 图片样式 水纹com.google.code.kaptcha.impl.WaterRipple 鱼眼com.google.code.kaptcha.impl.FishEyeGimpy 阴影com.google.code.kaptcha.impl.ShadowGimpy
+ properties.setProperty(KAPTCHA_OBSCURIFICATOR_IMPL, "com.google.code.kaptcha.impl.ShadowGimpy");
+ Config config = new Config(properties);
+ defaultKaptcha.setConfig(config);
+ return defaultKaptcha;
+ }
+
+ @Bean(name = "captchaProducerMath")
+ public DefaultKaptcha getKaptchaBeanMath()
+ {
+ DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
+ Properties properties = new Properties();
+ // 是否有边框 默认为true 我们可以自己设置yes,no
+ properties.setProperty(KAPTCHA_BORDER, "yes");
+ // 边框颜色 默认为Color.BLACK
+ properties.setProperty(KAPTCHA_BORDER_COLOR, "105,179,90");
+ // 验证码文本字符颜色 默认为Color.BLACK
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_COLOR, "blue");
+ // 验证码图片宽度 默认为200
+ properties.setProperty(KAPTCHA_IMAGE_WIDTH, "160");
+ // 验证码图片高度 默认为50
+ properties.setProperty(KAPTCHA_IMAGE_HEIGHT, "60");
+ // 验证码文本字符大小 默认为40
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_SIZE, "35");
+ // KAPTCHA_SESSION_KEY
+ properties.setProperty(KAPTCHA_SESSION_CONFIG_KEY, "kaptchaCodeMath");
+ // 验证码文本生成器
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_IMPL, "com.bwie.gateway.config.KaptchaTextCreator");
+ // 验证码文本字符间距 默认为2
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_CHAR_SPACE, "3");
+ // 验证码文本字符长度 默认为5
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_CHAR_LENGTH, "6");
+ // 验证码文本字体样式 默认为new Font("Arial", 1, fontSize), new Font("Courier", 1, fontSize)
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_NAMES, "Arial,Courier");
+ // 验证码噪点颜色 默认为Color.BLACK
+ properties.setProperty(KAPTCHA_NOISE_COLOR, "white");
+ // 干扰实现类
+ properties.setProperty(KAPTCHA_NOISE_IMPL, "com.google.code.kaptcha.impl.NoNoise");
+ // 图片样式 水纹com.google.code.kaptcha.impl.WaterRipple 鱼眼com.google.code.kaptcha.impl.FishEyeGimpy 阴影com.google.code.kaptcha.impl.ShadowGimpy
+ properties.setProperty(KAPTCHA_OBSCURIFICATOR_IMPL, "com.google.code.kaptcha.impl.ShadowGimpy");
+ Config config = new Config(properties);
+ defaultKaptcha.setConfig(config);
+ return defaultKaptcha;
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/config/GatewayConfig.java b/bwie-gateway/src/main/java/com/bwie/gateway/config/GatewayConfig.java
new file mode 100644
index 0000000..a25453d
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/config/GatewayConfig.java
@@ -0,0 +1,23 @@
+package com.bwie.gateway.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
+import com.bwie.gateway.handler.SentinelFallbackHandler;
+
+/**
+ * 网关限流配置
+ *
+ * @author bwie
+ */
+@Configuration
+public class GatewayConfig
+{
+ @Bean
+ @Order(Ordered.HIGHEST_PRECEDENCE)
+ public SentinelFallbackHandler sentinelGatewayExceptionHandler()
+ {
+ return new SentinelFallbackHandler();
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/config/KaptchaTextCreator.java b/bwie-gateway/src/main/java/com/bwie/gateway/config/KaptchaTextCreator.java
new file mode 100644
index 0000000..84226d5
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/config/KaptchaTextCreator.java
@@ -0,0 +1,75 @@
+package com.bwie.gateway.config;
+
+import java.util.Random;
+import com.google.code.kaptcha.text.impl.DefaultTextCreator;
+
+/**
+ * 验证码文本生成器
+ *
+ * @author bwie
+ */
+public class KaptchaTextCreator extends DefaultTextCreator
+{
+ private static final String[] CNUMBERS = "0,1,2,3,4,5,6,7,8,9,10".split(",");
+
+ @Override
+ public String getText()
+ {
+ Integer result = 0;
+ Random random = new Random();
+ int x = random.nextInt(10);
+ int y = random.nextInt(10);
+ StringBuilder suChinese = new StringBuilder();
+ int randomoperands = random.nextInt(3);
+ if (randomoperands == 0)
+ {
+ result = x * y;
+ suChinese.append(CNUMBERS[x]);
+ suChinese.append("*");
+ suChinese.append(CNUMBERS[y]);
+ }
+ else if (randomoperands == 1)
+ {
+ if ((x != 0) && y % x == 0)
+ {
+ result = y / x;
+ suChinese.append(CNUMBERS[y]);
+ suChinese.append("/");
+ suChinese.append(CNUMBERS[x]);
+ }
+ else
+ {
+ result = x + y;
+ suChinese.append(CNUMBERS[x]);
+ suChinese.append("+");
+ suChinese.append(CNUMBERS[y]);
+ }
+ }
+ else if (randomoperands == 2)
+ {
+ if (x >= y)
+ {
+ result = x - y;
+ suChinese.append(CNUMBERS[x]);
+ suChinese.append("-");
+ suChinese.append(CNUMBERS[y]);
+ }
+ else
+ {
+ result = y - x;
+ suChinese.append(CNUMBERS[y]);
+ suChinese.append("-");
+ suChinese.append(CNUMBERS[x]);
+ }
+ }
+ else
+ {
+ result = x + y;
+ suChinese.append(CNUMBERS[x]);
+ suChinese.append("+");
+ suChinese.append(CNUMBERS[y]);
+ }
+ suChinese.append("=?@" + result);
+ return suChinese.toString();
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/config/RouterFunctionConfiguration.java b/bwie-gateway/src/main/java/com/bwie/gateway/config/RouterFunctionConfiguration.java
new file mode 100644
index 0000000..d05b490
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/config/RouterFunctionConfiguration.java
@@ -0,0 +1,31 @@
+package com.bwie.gateway.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.MediaType;
+import org.springframework.web.reactive.function.server.RequestPredicates;
+import org.springframework.web.reactive.function.server.RouterFunction;
+import org.springframework.web.reactive.function.server.RouterFunctions;
+import com.bwie.gateway.handler.ValidateCodeHandler;
+
+/**
+ * 路由配置信息
+ *
+ * @author bwie
+ */
+@Configuration
+public class RouterFunctionConfiguration
+{
+ @Autowired
+ private ValidateCodeHandler validateCodeHandler;
+
+ @SuppressWarnings("rawtypes")
+ @Bean
+ public RouterFunction routerFunction()
+ {
+ return RouterFunctions.route(
+ RequestPredicates.GET("/code").and(RequestPredicates.accept(MediaType.TEXT_PLAIN)),
+ validateCodeHandler);
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/config/SwaggerProvider.java b/bwie-gateway/src/main/java/com/bwie/gateway/config/SwaggerProvider.java
new file mode 100644
index 0000000..a511b4f
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/config/SwaggerProvider.java
@@ -0,0 +1,79 @@
+package com.bwie.gateway.config;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cloud.gateway.config.GatewayProperties;
+import org.springframework.cloud.gateway.route.RouteLocator;
+import org.springframework.cloud.gateway.support.NameUtils;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.stereotype.Component;
+import org.springframework.web.reactive.config.ResourceHandlerRegistry;
+import org.springframework.web.reactive.config.WebFluxConfigurer;
+import springfox.documentation.swagger.web.SwaggerResource;
+import springfox.documentation.swagger.web.SwaggerResourcesProvider;
+
+/**
+ * 聚合系统接口
+ *
+ * @author bwie
+ */
+@Component
+public class SwaggerProvider implements SwaggerResourcesProvider, WebFluxConfigurer
+{
+ /**
+ * Swagger2默认的url后缀
+ */
+ public static final String SWAGGER2URL = "/v2/api-docs";
+
+ /**
+ * 网关路由
+ */
+ @Lazy
+ @Autowired
+ private RouteLocator routeLocator;
+
+ @Autowired
+ private GatewayProperties gatewayProperties;
+
+ /**
+ * 聚合其他服务接口
+ *
+ * @return
+ */
+ @Override
+ public List get()
+ {
+ List resourceList = new ArrayList<>();
+ List routes = new ArrayList<>();
+ // 获取网关中配置的route
+ routeLocator.getRoutes().subscribe(route -> routes.add(route.getId()));
+ gatewayProperties.getRoutes().stream()
+ .filter(routeDefinition -> routes
+ .contains(routeDefinition.getId()))
+ .forEach(routeDefinition -> routeDefinition.getPredicates().stream()
+ .filter(predicateDefinition -> "Path".equalsIgnoreCase(predicateDefinition.getName()))
+ .filter(predicateDefinition -> !"bwie-auth".equalsIgnoreCase(routeDefinition.getId()))
+ .forEach(predicateDefinition -> resourceList
+ .add(swaggerResource(routeDefinition.getId(), predicateDefinition.getArgs()
+ .get(NameUtils.GENERATED_NAME_PREFIX + "0").replace("/**", SWAGGER2URL)))));
+ return resourceList;
+ }
+
+ private SwaggerResource swaggerResource(String name, String location)
+ {
+ SwaggerResource swaggerResource = new SwaggerResource();
+ swaggerResource.setName(name);
+ swaggerResource.setLocation(location);
+ swaggerResource.setSwaggerVersion("2.0");
+ return swaggerResource;
+ }
+
+ @Override
+ public void addResourceHandlers(ResourceHandlerRegistry registry)
+ {
+ /** swagger-ui 地址 */
+ registry.addResourceHandler("/swagger-ui/**")
+ .addResourceLocations("classpath:/META-INF/resources/webjars/springfox-swagger-ui/");
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/config/properties/CaptchaProperties.java b/bwie-gateway/src/main/java/com/bwie/gateway/config/properties/CaptchaProperties.java
new file mode 100644
index 0000000..73afb08
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/config/properties/CaptchaProperties.java
@@ -0,0 +1,46 @@
+package com.bwie.gateway.config.properties;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.cloud.context.config.annotation.RefreshScope;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 验证码配置
+ *
+ * @author bwie
+ */
+@Configuration
+@RefreshScope
+@ConfigurationProperties(prefix = "security.captcha")
+public class CaptchaProperties
+{
+ /**
+ * 验证码开关
+ */
+ private Boolean enabled;
+
+ /**
+ * 验证码类型(math 数组计算 char 字符)
+ */
+ private String type;
+
+ public Boolean getEnabled()
+ {
+ return enabled;
+ }
+
+ public void setEnabled(Boolean enabled)
+ {
+ this.enabled = enabled;
+ }
+
+ public String getType()
+ {
+ return type;
+ }
+
+ public void setType(String type)
+ {
+ this.type = type;
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/config/properties/IgnoreWhiteProperties.java b/bwie-gateway/src/main/java/com/bwie/gateway/config/properties/IgnoreWhiteProperties.java
new file mode 100644
index 0000000..4fec810
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/config/properties/IgnoreWhiteProperties.java
@@ -0,0 +1,33 @@
+package com.bwie.gateway.config.properties;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.cloud.context.config.annotation.RefreshScope;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 放行白名单配置
+ *
+ * @author bwie
+ */
+@Configuration
+@RefreshScope
+@ConfigurationProperties(prefix = "security.ignore")
+public class IgnoreWhiteProperties
+{
+ /**
+ * 放行白名单配置,网关不校验此处的白名单
+ */
+ private List whites = new ArrayList<>();
+
+ public List getWhites()
+ {
+ return whites;
+ }
+
+ public void setWhites(List whites)
+ {
+ this.whites = whites;
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/config/properties/XssProperties.java b/bwie-gateway/src/main/java/com/bwie/gateway/config/properties/XssProperties.java
new file mode 100644
index 0000000..20333b5
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/config/properties/XssProperties.java
@@ -0,0 +1,48 @@
+package com.bwie.gateway.config.properties;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.cloud.context.config.annotation.RefreshScope;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * XSS跨站脚本配置
+ *
+ * @author bwie
+ */
+@Configuration
+@RefreshScope
+@ConfigurationProperties(prefix = "security.xss")
+public class XssProperties
+{
+ /**
+ * Xss开关
+ */
+ private Boolean enabled;
+
+ /**
+ * 排除路径
+ */
+ private List excludeUrls = new ArrayList<>();
+
+ public Boolean getEnabled()
+ {
+ return enabled;
+ }
+
+ public void setEnabled(Boolean enabled)
+ {
+ this.enabled = enabled;
+ }
+
+ public List getExcludeUrls()
+ {
+ return excludeUrls;
+ }
+
+ public void setExcludeUrls(List excludeUrls)
+ {
+ this.excludeUrls = excludeUrls;
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/filter/AuthFilter.java b/bwie-gateway/src/main/java/com/bwie/gateway/filter/AuthFilter.java
new file mode 100644
index 0000000..e2a0938
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/filter/AuthFilter.java
@@ -0,0 +1,135 @@
+package com.bwie.gateway.filter;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.GlobalFilter;
+import org.springframework.core.Ordered;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import com.bwie.common.core.constant.CacheConstants;
+import com.bwie.common.core.constant.HttpStatus;
+import com.bwie.common.core.constant.SecurityConstants;
+import com.bwie.common.core.constant.TokenConstants;
+import com.bwie.common.core.utils.JwtUtils;
+import com.bwie.common.core.utils.ServletUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.redis.service.RedisService;
+import com.bwie.gateway.config.properties.IgnoreWhiteProperties;
+import io.jsonwebtoken.Claims;
+import reactor.core.publisher.Mono;
+
+/**
+ * 网关鉴权
+ *
+ * @author bwie
+ */
+@Component
+public class AuthFilter implements GlobalFilter, Ordered
+{
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ // 排除过滤的 uri 地址,nacos自行添加
+ @Autowired
+ private IgnoreWhiteProperties ignoreWhite;
+
+ @Autowired
+ private RedisService redisService;
+
+
+ @Override
+ public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain)
+ {
+ ServerHttpRequest request = exchange.getRequest();
+ ServerHttpRequest.Builder mutate = request.mutate();
+
+ String url = request.getURI().getPath();
+ // 跳过不需要验证的路径
+ if (StringUtils.matches(url, ignoreWhite.getWhites()))
+ {
+ return chain.filter(exchange);
+ }
+ String token = getToken(request);
+ if (StringUtils.isEmpty(token))
+ {
+ return unauthorizedResponse(exchange, "令牌不能为空");
+ }
+ Claims claims = JwtUtils.parseToken(token);
+ if (claims == null)
+ {
+ return unauthorizedResponse(exchange, "令牌已过期或验证不正确!");
+ }
+ String userkey = JwtUtils.getUserKey(claims);
+ boolean islogin = redisService.hasKey(getTokenKey(userkey));
+ if (!islogin)
+ {
+ return unauthorizedResponse(exchange, "登录状态已过期");
+ }
+ String userid = JwtUtils.getUserId(claims);
+ String username = JwtUtils.getUserName(claims);
+ if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username))
+ {
+ return unauthorizedResponse(exchange, "令牌验证失败");
+ }
+
+ // 设置用户信息到请求
+ addHeader(mutate, SecurityConstants.USER_KEY, userkey);
+ addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
+ addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
+ // 内部请求来源参数清除
+ removeHeader(mutate, SecurityConstants.FROM_SOURCE);
+ return chain.filter(exchange.mutate().request(mutate.build()).build());
+ }
+
+ private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value)
+ {
+ if (value == null)
+ {
+ return;
+ }
+ String valueStr = value.toString();
+ String valueEncode = ServletUtils.urlEncode(valueStr);
+ mutate.header(name, valueEncode);
+ }
+
+ private void removeHeader(ServerHttpRequest.Builder mutate, String name)
+ {
+ mutate.headers(httpHeaders -> httpHeaders.remove(name)).build();
+ }
+
+ private Mono unauthorizedResponse(ServerWebExchange exchange, String msg)
+ {
+ log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath());
+ return ServletUtils.webFluxResponseWriter(exchange.getResponse(), msg, HttpStatus.UNAUTHORIZED);
+ }
+
+ /**
+ * 获取缓存key
+ */
+ private String getTokenKey(String token)
+ {
+ return CacheConstants.LOGIN_TOKEN_KEY + token;
+ }
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(ServerHttpRequest request)
+ {
+ String token = request.getHeaders().getFirst(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
+ {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+ @Override
+ public int getOrder()
+ {
+ return -200;
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/filter/BlackListUrlFilter.java b/bwie-gateway/src/main/java/com/bwie/gateway/filter/BlackListUrlFilter.java
new file mode 100644
index 0000000..1e0dbac
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/filter/BlackListUrlFilter.java
@@ -0,0 +1,65 @@
+package com.bwie.gateway.filter;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.regex.Pattern;
+import org.springframework.cloud.gateway.filter.GatewayFilter;
+import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
+import org.springframework.stereotype.Component;
+import com.bwie.common.core.utils.ServletUtils;
+
+/**
+ * 黑名单过滤器
+ *
+ * @author bwie
+ */
+@Component
+public class BlackListUrlFilter extends AbstractGatewayFilterFactory
+{
+ @Override
+ public GatewayFilter apply(Config config)
+ {
+ return (exchange, chain) -> {
+
+ String url = exchange.getRequest().getURI().getPath();
+ if (config.matchBlacklist(url))
+ {
+ return ServletUtils.webFluxResponseWriter(exchange.getResponse(), "请求地址不允许访问");
+ }
+
+ return chain.filter(exchange);
+ };
+ }
+
+ public BlackListUrlFilter()
+ {
+ super(Config.class);
+ }
+
+ public static class Config
+ {
+ private List blacklistUrl;
+
+ private List blacklistUrlPattern = new ArrayList<>();
+
+ public boolean matchBlacklist(String url)
+ {
+ return !blacklistUrlPattern.isEmpty() && blacklistUrlPattern.stream().anyMatch(p -> p.matcher(url).find());
+ }
+
+ public List getBlacklistUrl()
+ {
+ return blacklistUrl;
+ }
+
+ public void setBlacklistUrl(List blacklistUrl)
+ {
+ this.blacklistUrl = blacklistUrl;
+ this.blacklistUrlPattern.clear();
+ this.blacklistUrl.forEach(url -> {
+ this.blacklistUrlPattern.add(Pattern.compile(url.replaceAll("\\*\\*", "(.*?)"), Pattern.CASE_INSENSITIVE));
+ });
+ }
+ }
+
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/filter/CacheRequestFilter.java b/bwie-gateway/src/main/java/com/bwie/gateway/filter/CacheRequestFilter.java
new file mode 100644
index 0000000..1d3d6a1
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/filter/CacheRequestFilter.java
@@ -0,0 +1,87 @@
+package com.bwie.gateway.filter;
+
+import java.util.Collections;
+import java.util.List;
+import org.springframework.cloud.gateway.filter.GatewayFilter;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.OrderedGatewayFilter;
+import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
+import org.springframework.cloud.gateway.support.ServerWebExchangeUtils;
+import org.springframework.http.HttpMethod;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+/**
+ * 获取body请求数据(解决流不能重复读取问题)
+ *
+ * @author bwie
+ */
+@Component
+public class CacheRequestFilter extends AbstractGatewayFilterFactory
+{
+ public CacheRequestFilter()
+ {
+ super(Config.class);
+ }
+
+ @Override
+ public String name()
+ {
+ return "CacheRequestFilter";
+ }
+
+ @Override
+ public GatewayFilter apply(Config config)
+ {
+ CacheRequestGatewayFilter cacheRequestGatewayFilter = new CacheRequestGatewayFilter();
+ Integer order = config.getOrder();
+ if (order == null)
+ {
+ return cacheRequestGatewayFilter;
+ }
+ return new OrderedGatewayFilter(cacheRequestGatewayFilter, order);
+ }
+
+ public static class CacheRequestGatewayFilter implements GatewayFilter
+ {
+ @Override
+ public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain)
+ {
+ // GET DELETE 不过滤
+ HttpMethod method = exchange.getRequest().getMethod();
+ if (method == null || method == HttpMethod.GET || method == HttpMethod.DELETE)
+ {
+ return chain.filter(exchange);
+ }
+ return ServerWebExchangeUtils.cacheRequestBodyAndRequest(exchange, (serverHttpRequest) -> {
+ if (serverHttpRequest == exchange.getRequest())
+ {
+ return chain.filter(exchange);
+ }
+ return chain.filter(exchange.mutate().request(serverHttpRequest).build());
+ });
+ }
+ }
+
+ @Override
+ public List shortcutFieldOrder()
+ {
+ return Collections.singletonList("order");
+ }
+
+ static class Config
+ {
+ private Integer order;
+
+ public Integer getOrder()
+ {
+ return order;
+ }
+
+ public void setOrder(Integer order)
+ {
+ this.order = order;
+ }
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/filter/ValidateCodeFilter.java b/bwie-gateway/src/main/java/com/bwie/gateway/filter/ValidateCodeFilter.java
new file mode 100644
index 0000000..768b668
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/filter/ValidateCodeFilter.java
@@ -0,0 +1,79 @@
+package com.bwie.gateway.filter;
+
+import java.nio.CharBuffer;
+import java.nio.charset.StandardCharsets;
+import java.util.concurrent.atomic.AtomicReference;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cloud.gateway.filter.GatewayFilter;
+import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.core.io.buffer.DataBufferUtils;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.stereotype.Component;
+import com.alibaba.fastjson2.JSON;
+import com.alibaba.fastjson2.JSONObject;
+import com.bwie.common.core.utils.ServletUtils;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.gateway.config.properties.CaptchaProperties;
+import com.bwie.gateway.service.ValidateCodeService;
+import reactor.core.publisher.Flux;
+
+/**
+ * 验证码过滤器
+ *
+ * @author bwie
+ */
+@Component
+public class ValidateCodeFilter extends AbstractGatewayFilterFactory
+{
+ private final static String[] VALIDATE_URL = new String[] { "/auth/login", "/auth/register" };
+
+ @Autowired
+ private ValidateCodeService validateCodeService;
+
+ @Autowired
+ private CaptchaProperties captchaProperties;
+
+ private static final String CODE = "code";
+
+ private static final String UUID = "uuid";
+
+ @Override
+ public GatewayFilter apply(Object config)
+ {
+ return (exchange, chain) -> {
+ ServerHttpRequest request = exchange.getRequest();
+
+ // 非登录/注册请求或验证码关闭,不处理
+ if (!StringUtils.equalsAnyIgnoreCase(request.getURI().getPath(), VALIDATE_URL) || !captchaProperties.getEnabled())
+ {
+ return chain.filter(exchange);
+ }
+
+ try
+ {
+ String rspStr = resolveBodyFromRequest(request);
+ JSONObject obj = JSON.parseObject(rspStr);
+ validateCodeService.checkCaptcha(obj.getString(CODE), obj.getString(UUID));
+ }
+ catch (Exception e)
+ {
+ return ServletUtils.webFluxResponseWriter(exchange.getResponse(), e.getMessage());
+ }
+ return chain.filter(exchange);
+ };
+ }
+
+ private String resolveBodyFromRequest(ServerHttpRequest serverHttpRequest)
+ {
+ // 获取请求体
+ Flux body = serverHttpRequest.getBody();
+ AtomicReference bodyRef = new AtomicReference<>();
+ body.subscribe(buffer -> {
+ CharBuffer charBuffer = StandardCharsets.UTF_8.decode(buffer.asByteBuffer());
+ DataBufferUtils.release(buffer);
+ bodyRef.set(charBuffer.toString());
+ });
+ return bodyRef.get();
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/filter/XssFilter.java b/bwie-gateway/src/main/java/com/bwie/gateway/filter/XssFilter.java
new file mode 100644
index 0000000..920e825
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/filter/XssFilter.java
@@ -0,0 +1,129 @@
+package com.bwie.gateway.filter;
+
+import java.nio.charset.StandardCharsets;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.GlobalFilter;
+import org.springframework.core.Ordered;
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.core.io.buffer.DataBufferFactory;
+import org.springframework.core.io.buffer.DataBufferUtils;
+import org.springframework.core.io.buffer.DefaultDataBufferFactory;
+import org.springframework.core.io.buffer.NettyDataBufferFactory;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.MediaType;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import com.bwie.common.core.utils.StringUtils;
+import com.bwie.common.core.utils.html.EscapeUtil;
+import com.bwie.gateway.config.properties.XssProperties;
+import io.netty.buffer.ByteBufAllocator;
+import reactor.core.publisher.Flux;
+import reactor.core.publisher.Mono;
+
+/**
+ * 跨站脚本过滤器
+ *
+ * @author bwie
+ */
+@Component
+@ConditionalOnProperty(value = "security.xss.enabled", havingValue = "true")
+public class XssFilter implements GlobalFilter, Ordered
+{
+ // 跨站脚本的 xss 配置,nacos自行添加
+ @Autowired
+ private XssProperties xss;
+
+ @Override
+ public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain)
+ {
+ ServerHttpRequest request = exchange.getRequest();
+ // xss开关未开启 或 通过nacos关闭,不过滤
+ if (!xss.getEnabled())
+ {
+ return chain.filter(exchange);
+ }
+ // GET DELETE 不过滤
+ HttpMethod method = request.getMethod();
+ if (method == null || method == HttpMethod.GET || method == HttpMethod.DELETE)
+ {
+ return chain.filter(exchange);
+ }
+ // 非json类型,不过滤
+ if (!isJsonRequest(exchange))
+ {
+ return chain.filter(exchange);
+ }
+ // excludeUrls 不过滤
+ String url = request.getURI().getPath();
+ if (StringUtils.matches(url, xss.getExcludeUrls()))
+ {
+ return chain.filter(exchange);
+ }
+ ServerHttpRequestDecorator httpRequestDecorator = requestDecorator(exchange);
+ return chain.filter(exchange.mutate().request(httpRequestDecorator).build());
+
+ }
+
+ private ServerHttpRequestDecorator requestDecorator(ServerWebExchange exchange)
+ {
+ ServerHttpRequestDecorator serverHttpRequestDecorator = new ServerHttpRequestDecorator(exchange.getRequest())
+ {
+ @Override
+ public Flux getBody()
+ {
+ Flux body = super.getBody();
+ return body.buffer().map(dataBuffers -> {
+ DataBufferFactory dataBufferFactory = new DefaultDataBufferFactory();
+ DataBuffer join = dataBufferFactory.join(dataBuffers);
+ byte[] content = new byte[join.readableByteCount()];
+ join.read(content);
+ DataBufferUtils.release(join);
+ String bodyStr = new String(content, StandardCharsets.UTF_8);
+ // 防xss攻击过滤
+ bodyStr = EscapeUtil.clean(bodyStr);
+ // 转成字节
+ byte[] bytes = bodyStr.getBytes(StandardCharsets.UTF_8);
+ NettyDataBufferFactory nettyDataBufferFactory = new NettyDataBufferFactory(ByteBufAllocator.DEFAULT);
+ DataBuffer buffer = nettyDataBufferFactory.allocateBuffer(bytes.length);
+ buffer.write(bytes);
+ return buffer;
+ });
+ }
+
+ @Override
+ public HttpHeaders getHeaders()
+ {
+ HttpHeaders httpHeaders = new HttpHeaders();
+ httpHeaders.putAll(super.getHeaders());
+ // 由于修改了请求体的body,导致content-length长度不确定,因此需要删除原先的content-length
+ httpHeaders.remove(HttpHeaders.CONTENT_LENGTH);
+ httpHeaders.set(HttpHeaders.TRANSFER_ENCODING, "chunked");
+ return httpHeaders;
+ }
+
+ };
+ return serverHttpRequestDecorator;
+ }
+
+ /**
+ * 是否是Json请求
+ *
+ * @param exchange HTTP请求
+ */
+ public boolean isJsonRequest(ServerWebExchange exchange)
+ {
+ String header = exchange.getRequest().getHeaders().getFirst(HttpHeaders.CONTENT_TYPE);
+ return StringUtils.startsWithIgnoreCase(header, MediaType.APPLICATION_JSON_VALUE);
+ }
+
+ @Override
+ public int getOrder()
+ {
+ return -100;
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/handler/GatewayExceptionHandler.java b/bwie-gateway/src/main/java/com/bwie/gateway/handler/GatewayExceptionHandler.java
new file mode 100644
index 0000000..183dc51
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/handler/GatewayExceptionHandler.java
@@ -0,0 +1,56 @@
+package com.bwie.gateway.handler;
+
+import org.springframework.cloud.gateway.support.NotFoundException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.web.reactive.error.ErrorWebExceptionHandler;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.web.server.ResponseStatusException;
+import org.springframework.web.server.ServerWebExchange;
+import com.bwie.common.core.utils.ServletUtils;
+import reactor.core.publisher.Mono;
+
+/**
+ * 网关统一异常处理
+ *
+ * @author bwie
+ */
+@Order(-1)
+@Configuration
+public class GatewayExceptionHandler implements ErrorWebExceptionHandler
+{
+ private static final Logger log = LoggerFactory.getLogger(GatewayExceptionHandler.class);
+
+ @Override
+ public Mono handle(ServerWebExchange exchange, Throwable ex)
+ {
+ ServerHttpResponse response = exchange.getResponse();
+
+ if (exchange.getResponse().isCommitted())
+ {
+ return Mono.error(ex);
+ }
+
+ String msg;
+
+ if (ex instanceof NotFoundException)
+ {
+ msg = "服务未找到";
+ }
+ else if (ex instanceof ResponseStatusException)
+ {
+ ResponseStatusException responseStatusException = (ResponseStatusException) ex;
+ msg = responseStatusException.getMessage();
+ }
+ else
+ {
+ msg = "内部服务器错误";
+ }
+
+ log.error("[网关异常处理]请求路径:{},异常信息:{}", exchange.getRequest().getPath(), ex.getMessage());
+
+ return ServletUtils.webFluxResponseWriter(response, msg);
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/handler/SentinelFallbackHandler.java b/bwie-gateway/src/main/java/com/bwie/gateway/handler/SentinelFallbackHandler.java
new file mode 100644
index 0000000..07f666a
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/handler/SentinelFallbackHandler.java
@@ -0,0 +1,41 @@
+package com.bwie.gateway.handler;
+
+import com.alibaba.csp.sentinel.adapter.gateway.sc.callback.GatewayCallbackManager;
+import com.alibaba.csp.sentinel.slots.block.BlockException;
+import com.bwie.common.core.utils.ServletUtils;
+import org.springframework.web.reactive.function.server.ServerResponse;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebExceptionHandler;
+import reactor.core.publisher.Mono;
+
+/**
+ * 自定义限流异常处理
+ *
+ * @author bwie
+ */
+public class SentinelFallbackHandler implements WebExceptionHandler
+{
+ private Mono writeResponse(ServerResponse response, ServerWebExchange exchange)
+ {
+ return ServletUtils.webFluxResponseWriter(exchange.getResponse(), "请求超过最大数,请稍候再试");
+ }
+
+ @Override
+ public Mono handle(ServerWebExchange exchange, Throwable ex)
+ {
+ if (exchange.getResponse().isCommitted())
+ {
+ return Mono.error(ex);
+ }
+ if (!BlockException.isBlockException(ex))
+ {
+ return Mono.error(ex);
+ }
+ return handleBlockedRequest(exchange, ex).flatMap(response -> writeResponse(response, exchange));
+ }
+
+ private Mono handleBlockedRequest(ServerWebExchange exchange, Throwable throwable)
+ {
+ return GatewayCallbackManager.getBlockHandler().handleRequest(exchange, throwable);
+ }
+}
diff --git a/bwie-gateway/src/main/java/com/bwie/gateway/handler/SwaggerHandler.java b/bwie-gateway/src/main/java/com/bwie/gateway/handler/SwaggerHandler.java
new file mode 100644
index 0000000..708872c
--- /dev/null
+++ b/bwie-gateway/src/main/java/com/bwie/gateway/handler/SwaggerHandler.java
@@ -0,0 +1,56 @@
+package com.bwie.gateway.handler;
+
+import java.util.Optional;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import reactor.core.publisher.Mono;
+import springfox.documentation.swagger.web.SecurityConfiguration;
+import springfox.documentation.swagger.web.SecurityConfigurationBuilder;
+import springfox.documentation.swagger.web.SwaggerResourcesProvider;
+import springfox.documentation.swagger.web.UiConfiguration;
+import springfox.documentation.swagger.web.UiConfigurationBuilder;
+
+@RestController
+@RequestMapping("/swagger-resources")
+public class SwaggerHandler
+{
+ @Autowired(required = false)
+ private SecurityConfiguration securityConfiguration;
+
+ @Autowired(required = false)
+ private UiConfiguration uiConfiguration;
+
+ private final SwaggerResourcesProvider swaggerResources;
+
+ @Autowired
+ public SwaggerHandler(SwaggerResourcesProvider swaggerResources)
+ {
+ this.swaggerResources = swaggerResources;
+ }
+
+ @GetMapping("/configuration/security")
+ public Mono> securityConfiguration()
+ {
+ return Mono.just(new ResponseEntity<>(
+ Optional.ofNullable(securityConfiguration).orElse(SecurityConfigurationBuilder.builder().build()),
+ HttpStatus.OK));
+ }
+
+ @GetMapping("/configuration/ui")
+ public Mono
+
+ 
+ 
+
+
+## 内置功能
+
+1. 用户管理:用户是系统操作者,该功能主要完成系统用户配置。
+2. 部门管理:配置系统组织机构(公司、部门、小组),树结构展现支持数据权限。
+3. 岗位管理:配置系统用户所属担任职务。
+4. 菜单管理:配置系统菜单,操作权限,按钮权限标识等。
+5. 角色管理:角色菜单权限分配、设置角色按机构进行数据范围权限划分。
+6. 字典管理:对系统中经常使用的一些较为固定的数据进行维护。
+7. 参数管理:对系统动态配置常用参数。
+8. 通知公告:系统通知公告信息发布维护。
+9. 操作日志:系统正常操作日志记录和查询;系统异常信息日志记录和查询。
+10. 登录日志:系统登录日志记录查询包含登录异常。
+11. 在线用户:当前系统中活跃用户状态监控。
+12. 定时任务:在线(添加、修改、删除)任务调度包含执行结果日志。
+13. 代码生成:前后端代码的生成(java、html、xml、sql)支持CRUD下载 。
+14. 系统接口:根据业务代码自动生成相关的api接口文档。
+15. 服务监控:监视当前系统CPU、内存、磁盘、堆栈等相关信息。
+16. 在线构建器:拖动表单元素生成相应的HTML代码。
+17. 连接池监视:监视当前系统数据库连接池状态,可进行分析SQL找出系统性能瓶颈。
+
+## 在线体验
+
+- admin/admin123
+- 陆陆续续收到一些打赏,为了更好的体验已用于演示服务器升级。谢谢各位小伙伴。
+
+演示地址:http://bwie.vip
+文档地址:http://doc.bwie.vip
+
+## 演示图
+
+
