public/dataease
1
0
Fork 0
mirror of https://github.com/dataease/dataease.git synced 2026-05-21 04:08:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: 删除不必要依赖 禁用alibaba-fastjson 重大安全漏洞

Browse Source
This commit is contained in:
fit2cloud-chenyw
2021-02-25 12:28:55 +08:00
parent 9085de668f
commit 38df90d341
5 changed files with 36 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/src/main/java/io/dataease/datasource/service/DatasourceService.java
View File

@@ -6,7 +6,7 @@ import io.dataease.commons.exception.DEException;
import io.dataease.datasource.provider.DatasourceProvider;
import io.dataease.datasource.provider.ProviderFactory;
import io.dataease.datasource.request.DatasourceRequest;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

6
backend/src/main/java/io/dataease/service/dataset/DataSetGroupService.java
View File

@@ -1,19 +1,19 @@
package io.dataease.service.dataset;
import com.alibaba.nacos.common.util.UuidUtils;
import io.dataease.base.domain.DatasetGroup;
import io.dataease.base.domain.DatasetGroupExample;
import io.dataease.base.mapper.DatasetGroupMapper;
import io.dataease.commons.utils.BeanUtils;
import io.dataease.controller.request.dataset.DataSetGroupRequest;
import io.dataease.dto.dataset.DataSetGroupDTO;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;
import java.util.stream.Collectors;
/**
@@ -27,7 +27,7 @@ public class DataSetGroupService {
public DataSetGroupDTO save(DatasetGroup datasetGroup) {
if (StringUtils.isEmpty(datasetGroup.getId())) {
datasetGroup.setId(UuidUtils.generateUuid());
datasetGroup.setId(UUID.randomUUID().toString());
datasetGroup.setCreateTime(System.currentTimeMillis());
datasetGroupMapper.insert(datasetGroup);
} else {

4
backend/src/main/java/io/dataease/service/dataset/DataSetTableFieldsService.java
View File

@@ -1,6 +1,5 @@
package io.dataease.service.dataset;
import com.alibaba.nacos.common.util.UuidUtils;
import io.dataease.base.domain.DatasetTableField;
import io.dataease.base.domain.DatasetTableFieldExample;
import io.dataease.base.mapper.DatasetTableFieldMapper;
@@ -10,6 +9,7 @@ import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.util.List;
import java.util.UUID;
/**
* @Author gin
@@ -28,7 +28,7 @@ public class DataSetTableFieldsService {
public DatasetTableField save(DatasetTableField datasetTableField) {
if (StringUtils.isEmpty(datasetTableField.getId())) {
datasetTableField.setId(UuidUtils.generateUuid());
datasetTableField.setId(UUID.randomUUID().toString());
datasetTableFieldMapper.insert(datasetTableField);
} else {
datasetTableFieldMapper.updateByPrimaryKey(datasetTableField);

26
backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java
View File

@@ -1,8 +1,6 @@
package io.dataease.service.dataset;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.nacos.common.util.UuidUtils;
import com.google.gson.Gson;
import io.dataease.base.domain.DatasetTable;
import io.dataease.base.domain.DatasetTableExample;
@@ -11,7 +9,6 @@ import io.dataease.base.domain.Datasource;
import io.dataease.base.mapper.DatasetTableMapper;
import io.dataease.base.mapper.DatasourceMapper;
import io.dataease.commons.utils.BeanUtils;
import io.dataease.commons.utils.SessionUtils;
import io.dataease.controller.request.dataset.DataSetTableRequest;
import io.dataease.datasource.constants.DatasourceTypes;
import io.dataease.datasource.dto.TableFiled;
@@ -19,12 +16,9 @@ import io.dataease.datasource.provider.DatasourceProvider;
import io.dataease.datasource.provider.ProviderFactory;
import io.dataease.datasource.request.DatasourceRequest;
import io.dataease.dto.dataset.DataTableInfoDTO;
import jnr.ffi.Struct;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.python.apache.xerces.xs.StringList;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.text.MessageFormat;
import java.util.*;
@@ -51,7 +45,7 @@ public class DataSetTableService {
public DatasetTable save(DatasetTable datasetTable) throws Exception {
if (StringUtils.isEmpty(datasetTable.getId())) {
datasetTable.setId(UuidUtils.generateUuid());
datasetTable.setId(UUID.randomUUID().toString());
datasetTable.setCreateTime(System.currentTimeMillis());
DataTableInfoDTO dataTableInfoDTO = new DataTableInfoDTO();
if (StringUtils.equalsIgnoreCase("db", datasetTable.getType())) {
@@ -136,7 +130,8 @@ public class DataSetTableService {
} catch (Exception e) {
}
JSONArray jsonArray = new JSONArray();
/*JSONArray jsonArray = new JSONArray();
if (CollectionUtils.isNotEmpty(data)) {
data.forEach(ele -> {
JSONObject jsonObject = new JSONObject();
@@ -145,8 +140,19 @@ public class DataSetTableService {
}
jsonArray.add(jsonObject);
});
}*/
List<Map<String, Object>> jsonArray = new ArrayList<>();
if (CollectionUtils.isNotEmpty(data)) {
jsonArray = data.stream().map(ele -> {
Map<String, Object> map = new HashMap<>();
for (int i = 0; i < ele.length; i++) {
map.put(fieldArray[i], ele[i]);
}
return map;
}).collect(Collectors.toList());
}
Map<String, Object> map = new HashMap<>();
map.put("fields", fields);
map.put("data", jsonArray);