From c29479a57db73c4dd379788d1b819e716ff7e1c1 Mon Sep 17 00:00:00 2001
From: futian.liu <liufutianyoo@163.com>
Date: 星期二, 28 十一月 2023 10:39:39 +0800
Subject: [PATCH] 参数赋值,漏洞修复
---
consum-base/src/main/java/com/consum/base/controller/LWhFormInventoryController.java | 235 +++++++++++++++++++++++++++++++++++++++++++++++++---------
1 files changed, 198 insertions(+), 37 deletions(-)
diff --git a/consum-base/src/main/java/com/consum/base/controller/LWhFormInventoryController.java b/consum-base/src/main/java/com/consum/base/controller/LWhFormInventoryController.java
index 3aff362..aa8da03 100644
--- a/consum-base/src/main/java/com/consum/base/controller/LWhFormInventoryController.java
+++ b/consum-base/src/main/java/com/consum/base/controller/LWhFormInventoryController.java
@@ -1,46 +1,85 @@
package com.consum.base.controller;
import com.consum.base.BaseController;
-import com.consum.base.pojo.LWhFormInventoryDto;
-import com.consum.base.pojo.LWhFormInventoryParam;
+import com.consum.base.core.utils.CommonUtil;
+import com.consum.base.core.utils.PageUtil;
+import com.consum.base.pojo.query.LWhFormInventoryQry;
+import com.consum.base.pojo.request.FormInventoryParam;
+import com.consum.base.pojo.request.LWhFormInventoryParam;
+import com.consum.base.pojo.response.FormInventoryDetailVO;
+import com.consum.base.pojo.response.FormInventoryGoodsVO;
+import com.consum.base.pojo.response.FormInventoryVO;
+import com.consum.base.service.FinSysTenantUserServiceImpl;
import com.consum.base.service.LWhFormInventoryServiceImpl;
-import com.consum.model.po.BaseCategory;
import com.consum.model.po.FinSysTenantUser;
import com.consum.model.po.LWhFormInventory;
import com.iplatform.model.po.S_user_core;
import com.walker.db.page.GenericPager;
import com.walker.web.ResponseValue;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.util.CollectionUtils;
-import org.springframework.web.bind.annotation.*;
-
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiImplicitParam;
+import io.swagger.annotations.ApiImplicitParams;
+import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.ApiResponse;
import java.util.List;
+import java.util.Objects;
+import org.springframework.beans.BeanUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
/**
* @Description 鐩樼偣
* @Author 鍗㈠簡闃�
* @Date 2023/10/23
*/
+@Api(value = "鐩樼偣", tags = "鐩樼偣")
@RestController
@RequestMapping("/pc/l/wh/form/inventory")
public class LWhFormInventoryController extends BaseController {
@Autowired
private LWhFormInventoryServiceImpl lWhFormInventoryService;
+ @Autowired
+ private FinSysTenantUserServiceImpl finSysTenantUserService;
+
/**
* @Description 鏂板
* @Author 鍗㈠簡闃�
* @Date 2023/10/31
*/
+ @ApiOperation(value = "鏂板鐩樼偣", notes = "鏂板鐩樼偣")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "param", value = "鐩樼偣鍗曚俊鎭�", dataType = "FormInventoryParam")
+ })
@PostMapping("/add")
- public ResponseValue add(@RequestBody LWhFormInventoryParam param) {
+ public ResponseValue add() {
+
+ FormInventoryParam param = CommonUtil.getObjFromReqBody(FormInventoryParam.class);
+ FormInventoryParam formInventoryParam = new FormInventoryParam();
+ CommonUtil.copyProperties(param, formInventoryParam);
+ param = formInventoryParam;
+
+ FinSysTenantUser sysInfo = this.getSysInfo();
+ if (sysInfo == null) {
+ return ResponseValue.error("鐧诲綍鐢ㄦ埛淇℃伅涓嶅瓨鍦�");
+ }
//鏍规嵁鐩樼偣浜篿d鏌ヨ鐩樼偣浜�
- S_user_core operatorUser = this.getUser(param.getOperatorId());
+ FinSysTenantUser finSysTenantUser = new FinSysTenantUser();
+ finSysTenantUser.setId(param.getOperatorUserId());
+ FinSysTenantUser operatorUser = finSysTenantUserService.get(finSysTenantUser);
//鏍规嵁鐩戠洏浜篿d鏌ヨ鐩戠洏浜�
- S_user_core operatorUser2 = this.getUser(param.getOperatorId2());
- int result = this.lWhFormInventoryService.add(param, this.getSysInfo(),operatorUser,operatorUser2);
- if (result > 0) return ResponseValue.success(1);
+ FinSysTenantUser monitorUserInfo = new FinSysTenantUser();
+ monitorUserInfo.setId(param.getMonitorUserId());
+ FinSysTenantUser monitorUser = finSysTenantUserService.get(monitorUserInfo);
+ int result = this.lWhFormInventoryService.add(param, this.getSysInfo(), operatorUser, monitorUser);
+ if (result > 0) {
+ return ResponseValue.success();
+ }
return ResponseValue.error("鏂板澶辫触锛�");
}
@@ -49,14 +88,43 @@
* @Author 鍗㈠簡闃�
* @Date 2023/10/31
*/
+ @ApiOperation(value = "鐩樼偣鍗曞垪琛ㄦ煡璇�", notes = "鐩樼偣鍗曞垪琛ㄦ煡璇�")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "param", value = "鐩樼偣鏉′欢", dataType = "LWhFormInventoryParam", required = true, paramType = "query")
+ })
@GetMapping("/list")
- public ResponseValue queryList(LWhFormInventoryParam param) {
+ public ResponseValue queryList() {
+ LWhFormInventoryQry param = CommonUtil.getObjFromReq(LWhFormInventoryQry.class);
+ LWhFormInventoryQry param2 = new LWhFormInventoryQry();
+ CommonUtil.copyProperties(param, param2);
+ param = param2;
+
FinSysTenantUser sysInfo = this.getSysInfo();
if (sysInfo == null) {
return ResponseValue.error("鐧诲綍鐢ㄦ埛淇℃伅涓嶅瓨鍦�");
}
- GenericPager<LWhFormInventory> pager = this.lWhFormInventoryService.queryList(param,sysInfo);
+ GenericPager<LWhFormInventory> pager = this.lWhFormInventoryService.queryList(param, sysInfo);
return ResponseValue.success(pager);
+ }
+
+ @ApiOperation(value = "鐩樼偣鍗曠墿鍝佸垪琛ㄦ煡璇�", notes = "鐩樼偣鍗曠墿鍝佸垪琛ㄦ煡璇�", response = FormInventoryVO.class)
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "id", value = "鐩樼偣鍗昳d", dataType = "Long", required = true, paramType = "query")
+ })
+ @ApiResponse(code = 200, message = "鎴愬姛", response = FormInventoryVO.class)
+ @GetMapping("/query")
+ public ResponseValue queryInventBaseGoodTemplate(Long id) {
+ FinSysTenantUser sysInfo = this.getSysInfo();
+ if (sysInfo == null) {
+ return ResponseValue.error("鐧诲綍鐢ㄦ埛淇℃伅涓嶅瓨鍦�");
+ }
+ if (id == null) {
+ return ResponseValue.error("鍙傛暟涓嶈兘涓虹┖");
+ }
+ FormInventoryVO formInventoryVO = this.lWhFormInventoryService.queryInventBaseGoodTemplate(id);
+
+ this.lWhFormInventoryService.saveInventory(formInventoryVO, id);
+ return ResponseValue.success(formInventoryVO);
}
/**
@@ -64,8 +132,17 @@
* @Author 鍗㈠簡闃�
* @Date 2023/10/31
*/
+ @ApiOperation(value = "缂栬緫鐩樼偣", notes = "缂栬緫鐩樼偣")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "param", value = "鐩樼偣鍗曚俊鎭�", dataType = "FormInventoryParam")
+ })
@PostMapping("/edit")
- public ResponseValue edit(@RequestBody LWhFormInventoryParam param) {
+ public ResponseValue edit() {
+ FormInventoryParam param = CommonUtil.getObjFromReqBody(FormInventoryParam.class);
+ FormInventoryParam formInventoryParam = new FormInventoryParam();
+ CommonUtil.copyProperties(param, formInventoryParam);
+ param = formInventoryParam;
+
LWhFormInventory lWhFormInventory = lWhFormInventoryService.get(new LWhFormInventory(param.getId()));
if (lWhFormInventory == null) {
return ResponseValue.error("缂栬緫澶辫触锛�");
@@ -77,9 +154,19 @@
if (num == 0) {
return ResponseValue.error("缂栬緫澶辫触锛�");
}
- ResponseValue add = this.add(param);
- if (add.getCode() == ResponseValue.CODE_SUCCESS) {
- return ResponseValue.success(1);
+
+ //鏍规嵁鐩樼偣浜篿d鏌ヨ鐩樼偣浜�
+ FinSysTenantUser finSysTenantUser = new FinSysTenantUser();
+ finSysTenantUser.setId(param.getOperatorUserId());
+ FinSysTenantUser operatorUser = finSysTenantUserService.get(finSysTenantUser);
+ //鏍规嵁鐩戠洏浜篿d鏌ヨ鐩戠洏浜�
+ FinSysTenantUser monitorUserInfo = new FinSysTenantUser();
+ monitorUserInfo.setId(param.getMonitorUserId());
+ FinSysTenantUser monitorUser = finSysTenantUserService.get(monitorUserInfo);
+ int result = this.lWhFormInventoryService.add(param, this.getSysInfo(), operatorUser, monitorUser);
+
+ if (result > 0) {
+ return ResponseValue.success();
}
return ResponseValue.error("缂栬緫澶辫触锛�");
@@ -88,6 +175,10 @@
/**
* @Description 鏍规嵁id鍒犻櫎
*/
+ @ApiOperation(value = "鏍规嵁id鍒犻櫎鐩樼偣", notes = "鏍规嵁id鍒犻櫎鐩樼偣")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "id", value = "鐩樼偣鍗昳d", dataType = "Long", required = true, paramType = "query")
+ })
@DeleteMapping("/del")
public ResponseValue delById(Long id) {
if (id == null) {
@@ -108,36 +199,106 @@
return ResponseValue.success(1);
}
- /**
- * @Description 鐩樼偣
- * @Author 鍗㈠簡闃�
- * @Date 2023/10/31
- */
- @GetMapping("/select/pdList")
- public ResponseValue queryPdList(Long id) {
- if (id == null) {
- return ResponseValue.error("鐩樼偣澶辫触锛�");
- }
-
- List list = this.lWhFormInventoryService.queryPdList(id);
- return ResponseValue.success(list);
- }
/**
* 鏆傚瓨
+ *
* @author 鍗㈠簡闃�
* @date 2023/10/31
*/
- @PostMapping("/temporaryStorage")
- public ResponseValue temporaryStorage(@RequestBody LWhFormInventoryDto dto) {
- if (dto == null) {
+ @ApiOperation(value = "鐩樼偣鏆傚瓨", notes = "鐩樼偣鏆傚瓨")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "param", value = "鐩樼偣鍗曚俊鎭�", dataType = "LWhFormInventoryDto")
+ })
+ @PostMapping("/temporary/storage")
+ public ResponseValue updateTemporaryStorage() {
+ LWhFormInventoryParam param = CommonUtil.getObjFromReqBody(LWhFormInventoryParam.class);
+ LWhFormInventoryParam formInventoryParam = new LWhFormInventoryParam();
+ CommonUtil.copyProperties(param, formInventoryParam);
+ param = formInventoryParam;
+
+ if (param == null) {
return ResponseValue.error("鍙傛暟閿欒");
}
- int num = this.lWhFormInventoryService.temporaryStorage(dto);
- return num > 0 ? ResponseValue.success(1) : ResponseValue.error("淇敼澶辫触锛�");
+ int num = this.lWhFormInventoryService.updateInventoryInfo(param, 1, null, null);
+ return num > 0 ? ResponseValue.success(1) : ResponseValue.error("鏆傚瓨澶辫触锛�");
}
+ /**
+ * 瀹屾垚鐩樼偣
+ *
+ * @author 鍗㈠簡闃�
+ * @date 2023/10/31
+ */
+ @ApiOperation(value = "瀹屾垚鐩樼偣", notes = "瀹屾垚鐩樼偣")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "param", value = "鐩樼偣鍗曚俊鎭�", dataType = "LWhFormInventoryDto")
+ })
+ @PostMapping("/finish")
+ public ResponseValue updateFinishPd() {
+ LWhFormInventoryParam param = CommonUtil.getObjFromReqBody(LWhFormInventoryParam.class);
+ LWhFormInventoryParam formInventoryParam = new LWhFormInventoryParam();
+ CommonUtil.copyProperties(param, formInventoryParam);
+ param = formInventoryParam;
+
+ if (param == null) {
+ return ResponseValue.error("鍙傛暟閿欒");
+ }
+ S_user_core currentUser = this.getCurrentUser();
+ FinSysTenantUser sysInfo = this.getSysInfo();
+ int num = this.lWhFormInventoryService.updateInventoryInfo(param, 2, currentUser, sysInfo);
+
+ return num > 0 ? ResponseValue.success(1) : ResponseValue.error("鐩樼偣澶辫触锛�");
+ }
+
+ /**
+ * @Description 寮傚父鏄庣粏鍒楄〃鏌ヨ
+ * @Author 鍗㈠簡闃�
+ * @Date 2023/11/1
+ */
+ @ApiOperation(value = "寮傚父鏄庣粏鍒楄〃鏌ヨ", notes = "寮傚父鏄庣粏鍒楄〃鏌ヨ")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "param", value = "鐩樼偣鏉′欢", dataType = "LWhFormInventoryParam", paramType = "query")
+ })
+ @GetMapping("/list/PdDetail")
+ public ResponseValue queryPdDetailList() {
+ LWhFormInventoryQry param = CommonUtil.getObjFromReq(LWhFormInventoryQry.class);
+ LWhFormInventoryQry param2 = new LWhFormInventoryQry();
+ CommonUtil.copyProperties(param, param2);
+ param = param2;
+
+ FinSysTenantUser sysInfo = this.getSysInfo();
+ if (sysInfo == null) {
+ return ResponseValue.error("鐧诲綍鐢ㄦ埛淇℃伅涓嶅瓨鍦�");
+ }
+ PageUtil<FormInventoryDetailVO> result = this.lWhFormInventoryService.queryPdDetailList(param, sysInfo);
+ return ResponseValue.success(result);
+ }
+
+ @ApiOperation(value = "鏍规嵁id鏌ヨ鐩樼偣鐗╁搧璇︾粏淇℃伅", notes = "鏍规嵁id鏌ヨ鐩樼偣鐗╁搧璇︾粏淇℃伅")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "id", value = "鐩樼偣id", dataType = "Long", required = true, paramType = "query")
+ })
+ @GetMapping("/detail")
+ public ResponseValue selectDetailById(Long id) {
+ FinSysTenantUser sysInfo = this.getSysInfo();
+ if (sysInfo == null) {
+ return ResponseValue.error("鐧诲綍鐢ㄦ埛淇℃伅涓嶅瓨鍦�");
+ }
+ FormInventoryVO formInventoryVO = new FormInventoryVO();
+
+ LWhFormInventory lWhFormInventory = new LWhFormInventory();
+ lWhFormInventory.setId(id);
+ LWhFormInventory item = this.lWhFormInventoryService.get(lWhFormInventory);
+ if (Objects.isNull(item)) {
+ return ResponseValue.error("鐩樼偣鍗曚笉瀛樺湪");
+ }
+ BeanUtils.copyProperties(item, formInventoryVO);
+ List<FormInventoryGoodsVO> formInventoryGoodsVOS = this.lWhFormInventoryService.selectDetailById(id);
+ formInventoryVO.setFormInventoryGoodsList(formInventoryGoodsVOS);
+ return ResponseValue.success(formInventoryVO);
+ }
}
--
Gitblit v1.9.1