From b99f64c3524459aa6925d95ab58a969c04989842 Mon Sep 17 00:00:00 2001 From: taojinlong Date: Wed, 27 Nov 2024 15:10:31 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=20fix:=20=E9=99=90=E5=88=B6=20mysql=20?= =?UTF-8?q?=E9=9D=9E=E6=B3=95=E5=8F=82=E6=95=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/java/io/dataease/datasource/type/Mysql.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java b/core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java index 91f77f9a5f..4f53448899 100644 --- a/core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java +++ b/core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java @@ -20,6 +20,11 @@ public class Mysql extends DatasourceConfiguration { public String getJdbc() { if(StringUtils.isNoneEmpty(getUrlType()) && !getUrlType().equalsIgnoreCase("hostName")){ + for (String illegalParameter : illegalParameters) { + if (getJdbcUrl().toLowerCase().contains(illegalParameter.toLowerCase()) || URLDecoder.decode(getExtraParams()).contains(illegalParameter.toLowerCase())) { + DEException.throwException("Illegal parameter: " + illegalParameter); + } + } return getJdbcUrl(); } if (StringUtils.isEmpty(extraParams.trim())) { From 1b636717e0cc9a1af429b06dd072654cc851ad99 Mon Sep 17 00:00:00 2001 From: taojinlong Date: Wed, 27 Nov 2024 15:13:23 +0800 Subject: [PATCH 2/3] =?UTF-8?q?=20fix:=20=E4=BF=AE=E5=A4=8D=E6=B8=97?= =?UTF-8?q?=E9=80=8F=E6=B5=8B=E8=AF=95=E7=A7=8D=E5=8F=91=E7=8E=B0=E7=9A=84?= =?UTF-8?q?=20SQL=20=E6=B3=A8=E5=85=A5=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../io/dataease/datasource/server/DatasourceServer.java | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/core/core-backend/src/main/java/io/dataease/datasource/server/DatasourceServer.java b/core/core-backend/src/main/java/io/dataease/datasource/server/DatasourceServer.java index 7019a45686..04493c2f74 100644 --- a/core/core-backend/src/main/java/io/dataease/datasource/server/DatasourceServer.java +++ b/core/core-backend/src/main/java/io/dataease/datasource/server/DatasourceServer.java @@ -672,6 +672,9 @@ public class DatasourceServer implements DatasourceApi { @Override public List getTables(DatasetTableDTO datasetTableDTO) throws DEException { CoreDatasource coreDatasource = datasourceMapper.selectById(datasetTableDTO.getDatasourceId()); + if (coreDatasource == null) { + DEException.throwException("无效数据源!"); + } DatasourceDTO datasourceDTO = new DatasourceDTO(); BeanUtils.copyBean(datasourceDTO, coreDatasource); DatasourceRequest datasourceRequest = new DatasourceRequest(); @@ -698,6 +701,11 @@ public class DatasourceServer implements DatasourceApi { public List getTableField(Map req) throws DEException { String tableName = req.get("tableName"); String datasourceId = req.get("datasourceId"); + DatasetTableDTO datasetTableDTO = new DatasetTableDTO(); + datasetTableDTO.setDatasourceId(Long.valueOf(datasourceId)); + if (!getTables(datasetTableDTO).stream().map(DatasetTableDTO::getTableName).collect(Collectors.toList()).contains("tableName")) { + DEException.throwException("无效的表名!"); + } CoreDatasource coreDatasource = datasourceMapper.selectById(datasourceId); DatasourceRequest datasourceRequest = new DatasourceRequest(); datasourceRequest.setDatasource(transDTO(coreDatasource)); From 616f6efb36f599f7bcc5b01133c8d8bfab7ee026 Mon Sep 17 00:00:00 2001 From: taojinlong Date: Wed, 27 Nov 2024 15:53:53 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=20fix:=20=E3=80=90=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E6=BA=90=E3=80=91=E6=95=B0=E6=8D=AE=E6=BA=90=E6=A0=A1=E9=AA=8C?= =?UTF-8?q?=E9=80=9A=E8=BF=87=E4=BF=9D=E5=AD=98=E5=90=8E=E6=8F=90=E7=A4=BA?= =?UTF-8?q?=E6=97=A0=E6=B3=95=E9=93=BE=E6=8E=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../visualized/data/datasource/index.vue | 34 +++++++++++-------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/core/core-frontend/src/views/visualized/data/datasource/index.vue b/core/core-frontend/src/views/visualized/data/datasource/index.vue index 607522ce79..cf41e7ae30 100644 --- a/core/core-frontend/src/views/visualized/data/datasource/index.vue +++ b/core/core-frontend/src/views/visualized/data/datasource/index.vue @@ -919,25 +919,29 @@ const handleClick = (tabName: TabPaneName) => { switch (tabName) { case 'config': tableData.value = [] - listDatasourceTables({ datasourceId: nodeInfo.id }).then(res => { - tabList.value = res.data.map(ele => { - const { name, tableName } = ele - return { - value: name, - label: tableName - } - }) - if (!!tabList.value.length && !activeTab.value) { - activeTab.value = tabList.value[0].value - if (nodeInfo.type === 'Excel') { + if (nodeInfo.type === 'Excel') { + listDatasourceTables({ datasourceId: nodeInfo.id }).then(res => { + tabList.value = res.data.map(ele => { + const { name, tableName } = ele + return { + value: name, + label: tableName + } + }) + if (!!tabList.value.length && !activeTab.value) { + activeTab.value = tabList.value[0].value handleTabClick(activeTab) } - } - tableData.value = res.data - }) + tableData.value = res.data + }) + } break case 'table': - initSearch() + tableData.value = [] + listDatasourceTables({ datasourceId: nodeInfo.id }).then(res => { + tableData.value = res.data + initSearch() + }) break default: break