菜单增删改查前后端加验证

backend/src/main/java/com/jiayue/ssi/controller/SysMenuController.java

@@ -1,15 +1,13 @@
 package com.jiayue.ssi.controller;
 
-import java.util.Date;
 import java.util.List;
 
+import cn.hutool.core.util.NumberUtil;
 import com.jiayue.ssi.constant.UserConstants;
 import com.jiayue.ssi.entity.SysMenu;
-import com.jiayue.ssi.entity.SysParameter;
 import com.jiayue.ssi.service.SysMenuService;
-import com.jiayue.ssi.util.StringUtils;
+import com.jiayue.ssi.util.RyStringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 import com.jiayue.ssi.annotation.InterfaceLimit;
 import com.jiayue.ssi.util.ResponseVO;
@@ -52,9 +50,40 @@ public class SysMenuController {
     @PostMapping
     @InterfaceLimit
     public ResponseVO add(@RequestBody SysMenu menu) {
+        if (RyStringUtils.isEmpty(menu.getMenuName())) {
+            return ResponseVO.fail("菜单名称不能为空！");
+        } else if (menu.getMenuName().length() > 50) {
+            return ResponseVO.fail("菜单名长度不能超过50个字符！");
+        }
+        if (RyStringUtils.isEmpty(menu.getPath())) {
+            return ResponseVO.fail("路由地址不能为空！");
+        } else if (menu.getPath().length() > 200) {
+            return ResponseVO.fail("路由地址长度不能超过200个字符！");
+        }
+        if (menu.getOrderNum() == null) {
+            return ResponseVO.fail("排序不能为空！");
+        } else if (!NumberUtil.isInteger(menu.getOrderNum() + "")) {
+            return ResponseVO.fail("排序不是整型数值！");
+        }
+        if (RyStringUtils.isNotEmpty(menu.getComponent())) {
+            if (menu.getComponent().length() > 200) {
+                return ResponseVO.fail("组件路径长度不能超过200个字符！");
+            }
+        }
+        if (RyStringUtils.isNotEmpty(menu.getQuery())) {
+            if (menu.getQuery().length() > 200) {
+                return ResponseVO.fail("路由参数长度不能超过200个字符！");
+            }
+        }
+        if (RyStringUtils.isNotEmpty(menu.getPerms())) {
+            if (menu.getPerms().length() > 100) {
+                return ResponseVO.fail("权限字符长度不能超过100个字符！");
+            }
+        }
         if (UserConstants.NOT_UNIQUE.equals(sysMenuService.checkMenuNameUnique(menu))) {
             return ResponseVO.fail(menu.getMenuName() + "'失败，菜单名称已存在！");
-        } else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath())) {
+        }
+        if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !RyStringUtils.ishttp(menu.getPath())) {
             return ResponseVO.fail(menu.getMenuName() + "'失败，地址必须以http(s)://开头！");
         }
 
@@ -81,17 +110,50 @@ public class SysMenuController {
      */
     @PutMapping
     public ResponseVO update(@RequestBody SysMenu menu) {
-        if (UserConstants.NOT_UNIQUE.equals(sysMenuService.checkMenuNameUnique(menu)))
-        {
-            return ResponseVO.fail("修改菜单'" + menu.getMenuName() + "'失败，菜单名称已存在！");
-
+        if (menu.getMenuId() == null) {
+            return ResponseVO.fail("主键为空不能修改!");
         }
-        else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath()))
-        {
-            return ResponseVO.fail("修改菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
+        if (RyStringUtils.isEmpty(menu.getMenuName())){
+            return ResponseVO.fail("菜单名称不能为空！");
+        }
+        else if (menu.getMenuName().length()> 50){
+            return ResponseVO.fail("菜单名长度不能超过50个字符！");
+        }
+        if (RyStringUtils.isEmpty(menu.getPath())){
+            return ResponseVO.fail("路由地址不能为空！");
         }
-        else if (menu.getMenuId().equals(menu.getParentId()))
-        {
+        else if (menu.getPath().length()> 200){
+            return ResponseVO.fail("路由地址长度不能超过200个字符！");
+        }
+        if (menu.getOrderNum()==null){
+            return ResponseVO.fail("排序不能为空！");
+        }
+        else if (!NumberUtil.isInteger(menu.getOrderNum()+"")){
+            return ResponseVO.fail("排序不是整型数值！");
+        }
+        if (RyStringUtils.isNotEmpty(menu.getComponent())){
+            if (menu.getComponent().length()> 200){
+                return ResponseVO.fail("组件路径长度不能超过200个字符！");
+            }
+        }
+        if (RyStringUtils.isNotEmpty(menu.getQuery())){
+            if (menu.getQuery().length()> 200){
+                return ResponseVO.fail("路由参数长度不能超过200个字符！");
+            }
+        }
+        if (RyStringUtils.isNotEmpty(menu.getPerms())){
+            if (menu.getPerms().length()> 100){
+                return ResponseVO.fail("权限字符长度不能超过100个字符！");
+            }
+        }
+        if (sysMenuService.selectMenuById(menu.getMenuId())==null){
+            return ResponseVO.fail("非法访问不能修改！");
+        }
+        if (UserConstants.NOT_UNIQUE.equals(sysMenuService.checkMenuNameUnique(menu))) {
+            return ResponseVO.fail("修改菜单'" + menu.getMenuName() + "'失败，菜单名称已存在！");
+        } else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !RyStringUtils.ishttp(menu.getPath())) {
+            return ResponseVO.fail("修改菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
+        } else if (menu.getMenuId().equals(menu.getParentId())) {
             return ResponseVO.fail("修改菜单'" + menu.getMenuName() + "'失败，上级菜单不能选择自己");
         }
 
@@ -125,6 +187,7 @@ public class SysMenuController {
             return ResponseVO.error(null);
         }
     }
+
     /**
      * 删除菜单信息
      */
@@ -134,15 +197,14 @@ public class SysMenuController {
         if (org.apache.commons.lang3.StringUtils.isEmpty(menuId)) {
             return ResponseVO.fail("删除菜单的id不能为空!");
         }
-        if (sysMenuService.hasChildByMenuId(Long.parseLong(menuId)))
-        {
+        if (sysMenuService.hasChildByMenuId(Long.parseLong(menuId))) {
             return ResponseVO.fail("存在子菜单,不允许删除");
         }
-        ////////////////角色创建后再补这个逻辑
-//        if (sysMenuService.checkMenuExistRole(menuId))
-//        {
-//            return ResponseVO.fail("菜单已分配,不允许删除");
-//        }
+        //////////////// 角色创建后再补这个逻辑
+        // if (sysMenuService.checkMenuExistRole(menuId))
+        // {
+        // return ResponseVO.fail("菜单已分配,不允许删除");
+        // }
         try {
             int bo = sysMenuService.deleteMenuById(Long.parseLong(menuId));
             if (bo == 1) {

backend/src/main/java/com/jiayue/ssi/entity/vo/MetaVo.java

@@ -1,6 +1,6 @@
 package com.jiayue.ssi.entity.vo;
 
-import com.jiayue.ssi.util.StringUtils;
+import com.jiayue.ssi.util.RyStringUtils;
 
 /**
  * 路由显示信息
@@ -58,7 +58,7 @@ public class MetaVo
         this.title = title;
         this.icon = icon;
         this.noCache = noCache;
-        if (StringUtils.ishttp(link))
+        if (RyStringUtils.ishttp(link))
         {
             this.link = link;
         }

backend/src/main/java/com/jiayue/ssi/service/impl/SysMenuServiceImpl.java

@@ -6,15 +6,12 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.jiayue.ssi.constant.Constants;
 import com.jiayue.ssi.constant.UserConstants;
 import com.jiayue.ssi.entity.SysMenu;
-import com.jiayue.ssi.entity.SysParameter;
 import com.jiayue.ssi.entity.vo.MetaVo;
 import com.jiayue.ssi.entity.vo.RouterVo;
 import com.jiayue.ssi.mapper.SysMenuMapper;
-import com.jiayue.ssi.mapper.SysParameterMapper;
 import com.jiayue.ssi.service.SysMenuService;
-import com.jiayue.ssi.service.SysParameterService;
 import com.jiayue.ssi.util.SecurityContextUtil;
-import com.jiayue.ssi.util.StringUtils;
+import com.jiayue.ssi.util.RyStringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -46,7 +43,7 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
             router.setPath(getRouterPath(menu));
             router.setComponent(getComponent(menu));
             router.setQuery(menu.getQuery());
-            router.setMeta(new MetaVo(menu.getMenuName(), menu.getIcon(), StringUtils.equals("1", menu.getIsCache()),
+            router.setMeta(new MetaVo(menu.getMenuName(), menu.getIcon(), RyStringUtils.equals("1", menu.getIsCache()),
                 menu.getPath()));
             List<SysMenu> cMenus = menu.getChildren();
             if (!cMenus.isEmpty() && cMenus.size() > 0 && UserConstants.TYPE_DIR.equals(menu.getMenuType())) {
@@ -59,9 +56,9 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
                 RouterVo children = new RouterVo();
                 children.setPath(menu.getPath());
                 children.setComponent(menu.getComponent());
-                children.setName(StringUtils.capitalize(menu.getPath()));
+                children.setName(RyStringUtils.capitalize(menu.getPath()));
                 children.setMeta(new MetaVo(menu.getMenuName(), menu.getIcon(),
-                    StringUtils.equals("1", menu.getIsCache()), menu.getPath()));
+                    RyStringUtils.equals("1", menu.getIsCache()), menu.getPath()));
                 children.setQuery(menu.getQuery());
                 childrenList.add(children);
                 router.setChildren(childrenList);
@@ -73,7 +70,7 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
                 String routerPath = innerLinkReplaceEach(menu.getPath());
                 children.setPath(routerPath);
                 children.setComponent(UserConstants.INNER_LINK);
-                children.setName(StringUtils.capitalize(routerPath));
+                children.setName(RyStringUtils.capitalize(routerPath));
                 children.setMeta(new MetaVo(menu.getMenuName(), menu.getIcon(), menu.getPath()));
                 childrenList.add(children);
                 router.setChildren(childrenList);
@@ -144,12 +141,12 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
      */
     public String getComponent(SysMenu menu) {
         String component = UserConstants.LAYOUT;
-        if (StringUtils.isNotEmpty(menu.getComponent()) && !isMenuFrame(menu)) {
+        if (RyStringUtils.isNotEmpty(menu.getComponent()) && !isMenuFrame(menu)) {
             component = menu.getComponent();
-        } else if (StringUtils.isEmpty(menu.getComponent()) && menu.getParentId().intValue() != 0
+        } else if (RyStringUtils.isEmpty(menu.getComponent()) && menu.getParentId().intValue() != 0
             && isInnerLink(menu)) {
             component = UserConstants.INNER_LINK;
-        } else if (StringUtils.isEmpty(menu.getComponent()) && isParentView(menu)) {
+        } else if (RyStringUtils.isEmpty(menu.getComponent()) && isParentView(menu)) {
             component = UserConstants.PARENT_VIEW;
         }
         return component;
@@ -172,7 +169,7 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
      * @return 结果
      */
     public boolean isInnerLink(SysMenu menu) {
-        return menu.getIsFrame().equals(UserConstants.NO_FRAME) && StringUtils.ishttp(menu.getPath());
+        return menu.getIsFrame().equals(UserConstants.NO_FRAME) && RyStringUtils.ishttp(menu.getPath());
     }
 
     /**
@@ -193,10 +190,10 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
      * @return 路由名称
      */
     public String getRouteName(SysMenu menu) {
-        String routerName = StringUtils.capitalize(menu.getPath());
+        String routerName = RyStringUtils.capitalize(menu.getPath());
         // 非外链并且是一级目录（类型为目录）
         if (isMenuFrame(menu)) {
-            routerName = StringUtils.EMPTY;
+            routerName = RyStringUtils.EMPTY;
         }
         return routerName;
     }
@@ -266,7 +263,7 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
      * @return 替换后的内链域名
      */
     public String innerLinkReplaceEach(String path) {
-        return StringUtils.replaceEach(path, new String[] {Constants.HTTP, Constants.HTTPS, Constants.WWW, "."},
+        return RyStringUtils.replaceEach(path, new String[] {Constants.HTTP, Constants.HTTPS, Constants.WWW, "."},
             new String[] {"", "", "", "/"});
     }
 
@@ -278,9 +275,9 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
      */
     @Override
     public String checkMenuNameUnique(SysMenu menu) {
-        Long menuId = StringUtils.isNull(menu.getMenuId()) ? -1L : menu.getMenuId();
+        Long menuId = RyStringUtils.isNull(menu.getMenuId()) ? -1L : menu.getMenuId();
         SysMenu info = menuMapper.checkMenuNameUnique(menu.getMenuName(), menu.getParentId());
-        if (StringUtils.isNotNull(info) && info.getMenuId().longValue() != menuId.longValue()) {
+        if (RyStringUtils.isNotNull(info) && info.getMenuId().longValue() != menuId.longValue()) {
             return UserConstants.NOT_UNIQUE;
         }
         return UserConstants.UNIQUE;

backend/src/main/java/com/jiayue/ssi/util/StringUtils.java → backend/src/main/java/com/jiayue/ssi/util/RyStringUtils.java

@@ -12,7 +12,7 @@ import org.springframework.util.AntPathMatcher;
  *
  * @author ruoyi
  */
-public class StringUtils extends org.apache.commons.lang3.StringUtils
+public class RyStringUtils extends org.apache.commons.lang3.StringUtils
 {
     /** 空字符串 */
     private static final String NULLSTR = "";
@@ -267,7 +267,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
      */
     public static boolean ishttp(String link)
     {
-        return StringUtils.startsWithAny(link, Constants.HTTP, Constants.HTTPS);
+        return RyStringUtils.startsWithAny(link, Constants.HTTP, Constants.HTTPS);
     }
 
     /**
@@ -294,20 +294,20 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
     public static final List<String> str2List(String str, String sep, boolean filterBlank, boolean trim)
     {
         List<String> list = new ArrayList<String>();
-        if (StringUtils.isEmpty(str))
+        if (RyStringUtils.isEmpty(str))
         {
             return list;
         }
 
         // 过滤空白字符串
-        if (filterBlank && StringUtils.isBlank(str))
+        if (filterBlank && RyStringUtils.isBlank(str))
         {
             return list;
         }
         String[] split = str.split(sep);
         for (String string : split)
         {
-            if (filterBlank && StringUtils.isBlank(string))
+            if (filterBlank && RyStringUtils.isBlank(string))
             {
                 continue;
             }

ui/src/views/sysManager/sysMenu/index.vue

@@ -145,7 +145,7 @@
           </el-col>
           <el-col :span="12">
             <el-form-item label="菜单名称" prop="menuName">
-              <el-input v-model="form.menuName" placeholder="请输入菜单名称" />
+              <el-input v-model="form.menuName" placeholder="请输入菜单名称" maxlength="50"/>
             </el-form-item>
           </el-col>
           <el-col :span="12">
@@ -175,7 +175,7 @@
                 </el-tooltip>
                 路由地址
               </span>
-              <el-input v-model="form.path" placeholder="请输入路由地址" />
+              <el-input v-model="form.path" placeholder="请输入路由地址" maxlength="200"/>
             </el-form-item>
           </el-col>
           <el-col :span="12" v-if="form.menuType == 'C'">
@@ -186,7 +186,7 @@
                 </el-tooltip>
                 组件路径
               </span>
-              <el-input v-model="form.component" placeholder="请输入组件路径" />
+              <el-input v-model="form.component" placeholder="请输入组件路径" maxlength="200"/>
             </el-form-item>
           </el-col>
           <el-col :span="12" v-if="form.menuType != 'M'">
@@ -202,7 +202,7 @@
           </el-col>
           <el-col :span="12" v-if="form.menuType == 'C'">
             <el-form-item prop="query">
-              <el-input v-model="form.query" placeholder="请输入路由参数" maxlength="255" />
+              <el-input v-model="form.query" placeholder="请输入路由参数" maxlength="200" />
               <span slot="label">
                 <el-tooltip content='访问路由的默认传递参数，如：`{"id": 1, "name": "ry"}`' placement="top">
                 <i class="el-icon-question"></i>
@@ -347,7 +347,7 @@ export default {
       this.form.icon = name
     },
     /** 查询菜单列表 */
-    getList:debounce(function(){
+    getList(){
       this.loading = true;
       this.$axios.get('/sysMenuController/list',{params: this.queryParams}).then((res) => {
         this.menuList = this.handleTree(res.data, "menuId")
@@ -355,7 +355,7 @@ export default {
         console.log(error)
       })
       this.loading = false;
-    },1000),
+    },
     /** 转换菜单数据结构 */
     normalizer(node) {
       if (node.children && !node.children.length) {
@@ -398,9 +398,9 @@ export default {
       this.resetForm("form")
     },
     /** 搜索按钮操作 */
-    handleQuery() {
+    handleQuery:debounce(function(){
       this.getList()
-    },
+    },1000),
     /** 重置按钮操作 */
     resetQuery() {
       this.resetForm("queryForm")