From a8ba678a3fe5a39da2c732014cebbb66e408e97c Mon Sep 17 00:00:00 2001
From: WangHan <wwh_work@126,com>
Date: 星期三, 02 四月 2025 18:45:12 +0800
Subject: [PATCH] 问题与漏洞修改
---
consum-base/src/main/java/com/consum/base/controller/LWhFormTransferController.java | 86 +++++++++++++++++++-----------------------
1 files changed, 39 insertions(+), 47 deletions(-)
diff --git a/consum-base/src/main/java/com/consum/base/controller/LWhFormTransferController.java b/consum-base/src/main/java/com/consum/base/controller/LWhFormTransferController.java
index dd2a671..a0ca7c2 100644
--- a/consum-base/src/main/java/com/consum/base/controller/LWhFormTransferController.java
+++ b/consum-base/src/main/java/com/consum/base/controller/LWhFormTransferController.java
@@ -1,7 +1,6 @@
package com.consum.base.controller;
import java.lang.reflect.Field;
-import java.math.BigDecimal;
import java.util.ArrayList;
import java.util.Comparator;
import java.util.HashMap;
@@ -10,9 +9,6 @@
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
-import javax.servlet.http.HttpServletResponse;
-
-import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.StrUtil;
import com.alibaba.excel.EasyExcelFactory;
@@ -22,13 +18,13 @@
import com.alibaba.excel.exception.ExcelDataConvertException;
import com.alibaba.fastjson.JSONObject;
import com.consum.base.pojo.*;
-import com.consum.base.pojo.excel.ImportProcureOrderTemplate;
import com.consum.base.pojo.excel.LWhFormTransferTemplate;
import com.consum.base.pojo.query.WarehouseQry;
import com.consum.base.service.*;
import com.consum.base.util.DateUtil;
import com.consum.base.util.ExcelStyleUtil;
import com.consum.model.po.*;
+import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.compress.utils.Lists;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.poi.ss.usermodel.Workbook;
@@ -62,10 +58,6 @@
import cn.afterturn.easypoi.excel.ExcelExportUtil;
import cn.afterturn.easypoi.excel.entity.TemplateExportParams;
import cn.hutool.core.util.ReflectUtil;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiImplicitParam;
-import io.swagger.annotations.ApiImplicitParams;
-import io.swagger.annotations.ApiOperation;
import org.springframework.web.multipart.MultipartFile;
/**
@@ -75,7 +67,7 @@
*/
@RestController
@RequestMapping("/pc/l/wh/form/transfer")
-@Api(value = "璋冩嫧鍒嗗彂绠$悊", tags = "璋冩嫧鍒嗗彂绠$悊")
+// @Api(value = "璋冩嫧鍒嗗彂绠$悊", tags = "璋冩嫧鍒嗗彂绠$悊")
public class LWhFormTransferController extends BaseController {
@Autowired
@@ -106,8 +98,8 @@
/**
* @Description 鏂板
*/
- @ApiOperation(value = "鍗曟嵁鏂板", notes = "鍗曟嵁鏂板")
- @ApiImplicitParam(name = "param", value = "鍗曟嵁鏂板", required = true, dataType = "LWhFormTransferParam")
+ // @ApiOperation(value = "鍗曟嵁鏂板", notes = "鍗曟嵁鏂板")
+ // @ApiImplicitParam(name = "param", value = "鍗曟嵁鏂板", required = true, dataType = "LWhFormTransferParam")
@PostMapping("/add")
@Transactional(rollbackFor = Exception.class)
public ResponseValue add() throws Exception {
@@ -237,7 +229,7 @@
* @return
* @throws Exception
*/
- @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
+ // @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
@Transactional(rollbackFor = Exception.class)
@PostMapping("import")
public ResponseValue upload(@RequestBody String idStr) throws Exception {
@@ -310,10 +302,10 @@
* <p>
* 2.鏌ヨ鐗╁搧鍨嬪彿
*/
- @ApiOperation(value = "鍗曟嵁鍒楄〃鏌ヨ", notes = "鍗曟嵁鍒楄〃鏌ヨ")
- @ApiImplicitParams({@ApiImplicitParam(name = "page", value = "椤电爜", required = true, dataType = "int"),
- @ApiImplicitParam(name = "size", value = "姣忛〉鏉℃暟", required = true, dataType = "int"),
- @ApiImplicitParam(name = "param", value = "鏉′欢鍙傛暟", required = true, dataType = "TransferQry"),})
+ // @ApiOperation(value = "鍗曟嵁鍒楄〃鏌ヨ", notes = "鍗曟嵁鍒楄〃鏌ヨ")
+// @ApiImplicitParams({@ApiImplicitParam(name = "page", value = "椤电爜", required = true, dataType = "int"),
+// @ApiImplicitParam(name = "size", value = "姣忛〉鏉℃暟", required = true, dataType = "int"),
+// @ApiImplicitParam(name = "param", value = "鏉′欢鍙傛暟", required = true, dataType = "TransferQry"),})
@GetMapping("/list")
public ResponseValue queryFormTransferList() {
TransferQry param = CommonUtil.getObjFromReq(TransferQry.class);
@@ -359,8 +351,8 @@
* @Author 鍗㈠簡闃�
* @Date 2023/10/30
*/
- @ApiOperation(value = "鏍规嵁id鏌ヨ璇︽儏", notes = "鏍规嵁id鏌ヨ璇︽儏")
- @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
+ // @ApiOperation(value = "鏍规嵁id鏌ヨ璇︽儏", notes = "鏍规嵁id鏌ヨ璇︽儏")
+ // @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
@GetMapping("/detail")
public ResponseValue getById(Long id) {
if (id == null) {
@@ -370,8 +362,8 @@
return ResponseValue.success(vo);
}
- @ApiOperation(value = "璋冩嫧鏄庣粏鍒楄〃", notes = "璋冩嫧鏄庣粏鍒楄〃")
- @ApiImplicitParams({@ApiImplicitParam(name = "param", value = "鏉′欢", required = true, dataType = "TransferQry"),})
+ // @ApiOperation(value = "璋冩嫧鏄庣粏鍒楄〃", notes = "璋冩嫧鏄庣粏鍒楄〃")
+ // @ApiImplicitParams({@ApiImplicitParam(name = "param", value = "鏉′欢", required = true, dataType = "TransferQry"),})
@GetMapping("/detail/list")
public ResponseValue queryFormTransferDetailList() {
TransferQry param = CommonUtil.getObjFromReq(TransferQry.class);
@@ -398,8 +390,8 @@
* @author 鍗㈠簡闃�
* @date 2023/10/31
*/
- @ApiOperation(value = "鎾ら攢", notes = "鎾ら攢")
- @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
+ // @ApiOperation(value = "鎾ら攢", notes = "鎾ら攢")
+ // @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
@PostMapping("/updStatus")
public ResponseValue updateStatus(Long id) {
if (id == null) {
@@ -419,8 +411,8 @@
* @Author 鍗㈠簡闃�
* @Date 2023/10/31
*/
- @ApiOperation(value = "璋冩嫧鍏ュ簱", notes = "璋冩嫧鍏ュ簱")
- @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
+ // @ApiOperation(value = "璋冩嫧鍏ュ簱", notes = "璋冩嫧鍏ュ簱")
+ // @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
@PostMapping("/income")
public ResponseValue income(Long id) throws Exception {
lWhFormTransferCoreService.doTransferInPut(id, getCurrentUser(), null);
@@ -432,8 +424,8 @@
* @Author 鍗㈠簡闃�
* @Date 2023/10/31
*/
- @ApiOperation(value = "璋冩嫧鍑哄簱", notes = "璋冩嫧鍑哄簱")
- @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
+ // @ApiOperation(value = "璋冩嫧鍑哄簱", notes = "璋冩嫧鍑哄簱")
+ // @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),})
@PostMapping("/output")
public ResponseValue output(Long id) throws Exception {
@@ -464,9 +456,9 @@
return ResponseValue.success();
}
- @ApiOperation(value = "璋冩嫧鍗曞鍑�", notes = "璋冩嫧鍗曞鍑�")
- @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),
- @ApiImplicitParam(name = "type", value = "瀵煎嚭绫诲瀷 1 鍏ュ簱 2 鍑哄簱", required = true, dataType = "Integer"),})
+ // @ApiOperation(value = "璋冩嫧鍗曞鍑�", notes = "璋冩嫧鍗曞鍑�")
+// @ApiImplicitParams({@ApiImplicitParam(name = "id", value = "璋冩嫧鍗昳d", required = true, dataType = "Long"),
+// @ApiImplicitParam(name = "type", value = "瀵煎嚭绫诲瀷 1 鍏ュ簱 2 鍑哄簱", required = true, dataType = "Integer"),})
@GetMapping("/list/export")
public ResponseValue<String> export(Long id, Integer type, HttpServletResponse response) throws Exception {
@@ -517,8 +509,8 @@
* @param
* @return
*/
- @ApiOperation(value = "閮ㄩ棬鐗╁搧鍒嗗彂鍒楄〃鏄庣粏", notes = "閮ㄩ棬鐗╁搧鍒嗗彂鍒楄〃鏄庣粏")
- @ApiImplicitParams({@ApiImplicitParam(name = "transferQryDto", value = "璋冩嫧鍗曟煡璇㈡潯浠�", required = true)})
+ // @ApiOperation(value = "閮ㄩ棬鐗╁搧鍒嗗彂鍒楄〃鏄庣粏", notes = "閮ㄩ棬鐗╁搧鍒嗗彂鍒楄〃鏄庣粏")
+ // @ApiImplicitParams({@ApiImplicitParam(name = "transferQryDto", value = "璋冩嫧鍗曟煡璇㈡潯浠�", required = true)})
@GetMapping("/department/list")
public ResponseValue departmentTransferList() {
TransferQry param = CommonUtil.getObjFromReq(TransferQry.class);
@@ -539,8 +531,8 @@
return ResponseValue.success(transferInfoDetailsVoGenericPager);
}
- @ApiOperation(value = "浣跨敤浜轰慨鏀�", notes = "浣跨敤浜轰慨鏀�")
- @ApiImplicitParams({@ApiImplicitParam(name = "procureModelInfoDto", value = "浣跨敤淇℃伅", required = true)})
+ // @ApiOperation(value = "浣跨敤浜轰慨鏀�", notes = "浣跨敤浜轰慨鏀�")
+ // @ApiImplicitParams({@ApiImplicitParam(name = "procureModelInfoDto", value = "浣跨敤淇℃伅", required = true)})
@PostMapping("/useInfo/update")
public ResponseValue infoUpdate() {
@@ -611,8 +603,8 @@
* @param transferOrderId
* @return
*/
- @ApiOperation(value = "閮ㄩ棬鐗╁搧浣跨敤浜鸿褰�", notes = "閮ㄩ棬鐗╁搧浣跨敤浜鸿褰�")
- @ApiImplicitParams({@ApiImplicitParam(name = "transferOrderId", value = "璋冩嫧鍗昳d", required = true)})
+ // @ApiOperation(value = "閮ㄩ棬鐗╁搧浣跨敤浜鸿褰�", notes = "閮ㄩ棬鐗╁搧浣跨敤浜鸿褰�")
+ // @ApiImplicitParams({@ApiImplicitParam(name = "transferOrderId", value = "璋冩嫧鍗昳d", required = true)})
@GetMapping("/use/record")
public ResponseValue useRecord(Long transferOrderId) {
S_user_core currentUser = this.getCurrentUser();
@@ -669,9 +661,9 @@
return ResponseValue.success(goodsUseRecordList);
}
- @ApiOperation(value = "鏌ヨ閮ㄩ棬涓嬬殑鍒嗗彂鍗�", notes = "鏌ヨ閮ㄩ棬涓嬬殑鍒嗗彂鍗�")
- @ApiImplicitParams({
- @ApiImplicitParam(name = "agencyId", value = "鏈烘瀯id", required = true, dataType = "Long", paramType = "query")})
+ // @ApiOperation(value = "鏌ヨ閮ㄩ棬涓嬬殑鍒嗗彂鍗�", notes = "鏌ヨ閮ㄩ棬涓嬬殑鍒嗗彂鍗�")
+// @ApiImplicitParams({
+// @ApiImplicitParam(name = "agencyId", value = "鏈烘瀯id", required = true, dataType = "Long", paramType = "query")})
@GetMapping("/query/transfList")
public ResponseValue queryDepartmentTransferOrderList() {
@@ -687,7 +679,7 @@
* @param file
* @return
*/
- @ApiOperation(value = "鍒嗗彂鍗曞鍏�", notes = "鍒嗗彂鍗曞鍏�")
+ // @ApiOperation(value = "鍒嗗彂鍗曞鍏�", notes = "鍒嗗彂鍗曞鍏�")
@PostMapping("/import2")
public ResponseValue import2(MultipartFile file) {
String originalFilename = file.getOriginalFilename();
@@ -845,7 +837,7 @@
LWhProcureModelUserParam lWhProcureModelUserParam = new LWhProcureModelUserParam();
lWhProcureModelUserParam.setGoodsNum(Integer.valueOf(num));
lWhProcureModelUserParam.setNowUserName(user);
- lWhProcureModelUserParam.setNowUserPhone(new Long(userContactPhone));
+ lWhProcureModelUserParam.setNowUserPhone(Convert.toLong(userContactPhone));
Integer counts1 = optional3.get().getCounts();
Integer num1 = optional3.get().getNum();
optional3.get().setCounts(Integer.valueOf(num) + counts1);
@@ -879,11 +871,11 @@
// 鏌ヨ搴撳瓨鏁伴噺
Integer nowNum = selectAllNumber(lWhFormTransferParam.getOutAgencyId(), selByModelNameAndGoodsTemplatesId.getId());
- if(nowNum<new Integer(num)){
+ if(nowNum< Convert.toInt(num)){
throw new ExcelAnalysisException("绗�" + index + "鏉℃暟鎹�" + "鍝佸悕锛歔" + goodsName + "] 瑙勬牸鍨嬪彿锛歔" + goodModelName + "] 搴撳瓨鏁伴噺涓嶈冻锛歔"+nowNum+"]");
}
lWhProcureModelUserParam.setNowUserName(user);
- lWhProcureModelUserParam.setNowUserPhone(new Long(userContactPhone));
+ lWhProcureModelUserParam.setNowUserPhone(Convert.toLong(userContactPhone));
addLWhProcureModelUserParam.add(lWhProcureModelUserParam);
lWhTransferModelParam.setProcureModelUserList(addLWhProcureModelUserParam);
optional.get().getModels().add(lWhTransferModelParam);
@@ -909,20 +901,20 @@
// 瑙勬牸id
lWhTransferModelParam.setBaseGoodsModelsId(selByModelNameAndGoodsTemplatesId.getId());
// 鏂板鐨勬椂鍊欓粯璁や竴鏉�
- lWhTransferModelParam.setCounts(new Integer(num));
- lWhTransferModelParam.setNum(new Integer(num));
+ lWhTransferModelParam.setCounts(Convert.toInt(num));
+ lWhTransferModelParam.setNum(Convert.toInt(num));
List<LWhProcureModelUserParam> lWhFormProcureGoodsInfoParam = new ArrayList<>();
LWhProcureModelUserParam lWhProcureModelUserParam = new LWhProcureModelUserParam();
lWhProcureModelUserParam.setGoodsNum(Integer.valueOf(num));
// 鏌ヨ搴撳瓨鏁伴噺
Integer nowNum = selectAllNumber(lWhFormTransferParam.getOutAgencyId(), selByModelNameAndGoodsTemplatesId.getId());
- if(nowNum<new Integer(num)){
+ if(nowNum<Convert.toInt(num)){
throw new ExcelAnalysisException("绗�" + index + "鏉℃暟鎹� " + "鍝佸悕锛歔" + goodsName + "] 瑙勬牸鍨嬪彿锛歔" + goodModelName + "] 搴撳瓨鏁伴噺涓嶈冻锛歔"+nowNum+"]");
}
lWhProcureModelUserParam.setNowUserName(user);
- lWhProcureModelUserParam.setNowUserPhone(new Long(userContactPhone));
+ lWhProcureModelUserParam.setNowUserPhone(Convert.toLong(userContactPhone));
lWhFormProcureGoodsInfoParam.add(lWhProcureModelUserParam);
lWhTransferModelParam.setProcureModelUserList(lWhFormProcureGoodsInfoParam);
lWhTransferModelParam.setBaseGoodsModelsName(goodModelName);
--
Gitblit v1.9.1