From 6242ecc35e328ca462d9faa22f82422b94ef3d99 Mon Sep 17 00:00:00 2001 From: Junling Bu Date: Wed, 17 Oct 2018 17:55:27 +0800 Subject: [PATCH] =?UTF-8?q?fix[litemall-admin-api]:=20=E5=AF=B9=E4=BA=8E?= =?UTF-8?q?=E4=B8=8A=E4=BC=A0=E7=9A=84request=20body=E4=B8=AD=E7=9A=84json?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E8=BF=9B=E8=A1=8C=E6=A0=A1=E9=AA=8C=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../litemall/admin/web/AdminAdController.java | 28 +++++- .../admin/web/AdminAdminController.java | 42 +++++++-- .../admin/web/AdminBrandController.java | 35 +++++++- .../admin/web/AdminCategoryController.java | 38 ++++++++- .../admin/web/AdminCommentController.java | 6 +- .../admin/web/AdminGoodsController.java | 85 +++++++++++++++++++ .../admin/web/AdminGrouponController.java | 71 +++++++++------- .../admin/web/AdminIssueController.java | 27 +++++- .../admin/web/AdminKeywordController.java | 29 ++++++- .../admin/web/AdminRegionController.java | 7 +- .../admin/web/AdminStorageController.java | 9 +- .../admin/web/AdminTopicController.java | 26 ++++++ .../admin/web/AdminUserController.java | 47 ++++++++-- 13 files changed, 391 insertions(+), 59 deletions(-) diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdController.java index 4b09557e..2373ab4c 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdController.java @@ -9,6 +9,7 @@ import org.linlinjava.litemall.db.domain.LitemallAd; import org.linlinjava.litemall.db.service.LitemallAdService; import org.linlinjava.litemall.core.util.ResponseUtil; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @@ -47,11 +48,27 @@ public class AdminAdController { return ResponseUtil.ok(data); } + private Object validate(LitemallAd ad) { + String name = ad.getName(); + if(StringUtils.isEmpty(name)){ + return ResponseUtil.badArgument(); + } + String content = ad.getName(); + if(StringUtils.isEmpty(content)){ + return ResponseUtil.badArgument(); + } + return null; + } + @PostMapping("/create") public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallAd ad){ if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(ad); + if(error != null){ + return error; + } ad.setAddTime(LocalDateTime.now()); adService.add(ad); return ResponseUtil.ok(ad); @@ -72,7 +89,10 @@ public class AdminAdController { if(adminId == null){ return ResponseUtil.unlogin(); } - + Object error = validate(ad); + if(error != null){ + return error; + } if(adService.updateById(ad) == 0){ return ResponseUtil.updatedDateExpired(); } @@ -85,7 +105,11 @@ public class AdminAdController { if(adminId == null){ return ResponseUtil.unlogin(); } - adService.deleteById(ad.getId()); + Integer id = ad.getId(); + if(id == null){ + return ResponseUtil.badArgument(); + } + adService.deleteById(id); return ResponseUtil.ok(); } diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdminController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdminController.java index b340035b..f6cd2950 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdminController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdminController.java @@ -2,6 +2,7 @@ package org.linlinjava.litemall.admin.web; import org.linlinjava.litemall.admin.annotation.LoginAdmin; import org.linlinjava.litemall.admin.service.AdminTokenManager; +import org.linlinjava.litemall.core.util.RegexUtil; import org.linlinjava.litemall.core.util.ResponseUtil; import org.linlinjava.litemall.core.util.bcrypt.BCryptPasswordEncoder; import org.linlinjava.litemall.core.validator.Order; @@ -10,6 +11,7 @@ import org.linlinjava.litemall.db.domain.LitemallAdmin; import org.linlinjava.litemall.db.service.LitemallAdminService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.util.Assert; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @@ -70,25 +72,38 @@ public class AdminAdminController { return ResponseUtil.ok(data); } + private Object validate(LitemallAdmin admin) { + String name = admin.getUsername(); + if(StringUtils.isEmpty(name)){ + return ResponseUtil.badArgument(); + } + if(RegexUtil.isUsername(name)){ + return ResponseUtil.fail(402, "管理员名称不符合规定"); + } + String password = admin.getPassword(); + if(StringUtils.isEmpty(password) || password.length() < 6){ + return ResponseUtil.fail(402, "管理员密码长度不能小于6"); + } + return null; + } + @PostMapping("/create") public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallAdmin admin){ if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(admin); + if(error != null){ + return error; + } String username = admin.getUsername(); - if(username == null){ - return ResponseUtil.badArgument(); - } List adminList = adminService.findAdmin(username); if(adminList.size() > 0){ return ResponseUtil.fail(402, "管理员已经存在"); } String rawPassword = admin.getPassword(); - if(rawPassword == null || rawPassword.length() < 6){ - return ResponseUtil.fail(402, "管理员密码长度不能小于6"); - } BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); String encodedPassword = encoder.encode(rawPassword); admin.setPassword(encodedPassword); @@ -113,8 +128,17 @@ public class AdminAdminController { if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(admin); + if(error != null){ + return error; + } Integer anotherAdminId = admin.getId(); + if(anotherAdminId == null){ + return ResponseUtil.badArgument(); + } + // TODO 这里开发者需要删除以下检验代码 + // 目前这里不允许修改超级管理员是防止演示平台上他人修改管理员密码而导致登录失败 if(anotherAdminId == 1){ return ResponseUtil.fail(403, "超级管理员不能修改"); } @@ -138,9 +162,15 @@ public class AdminAdminController { } Integer anotherAdminId = admin.getId(); + if(anotherAdminId == null){ + return ResponseUtil.badArgument(); + } + // TODO 这里开发者需要删除以下检验代码 + // 目前这里不允许删除超级管理员是防止演示平台上他人删除管理员账号而导致登录失败 if(anotherAdminId == 1){ return ResponseUtil.fail(403, "超级管理员不能删除"); } + adminService.deleteById(anotherAdminId); return ResponseUtil.ok(); } diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminBrandController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminBrandController.java index 42b2f20d..96da2e90 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminBrandController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminBrandController.java @@ -9,10 +9,12 @@ import org.linlinjava.litemall.db.domain.LitemallBrand; import org.linlinjava.litemall.db.service.LitemallBrandService; import org.linlinjava.litemall.core.util.ResponseUtil; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.validation.constraints.NotNull; +import java.math.BigDecimal; import java.time.LocalDateTime; import java.util.HashMap; import java.util.List; @@ -47,11 +49,34 @@ public class AdminBrandController { return ResponseUtil.ok(data); } + private Object validate(LitemallBrand brand) { + String name = brand.getName(); + if(StringUtils.isEmpty(name)){ + return ResponseUtil.badArgument(); + } + + String desc = brand.getDesc(); + if(StringUtils.isEmpty(desc)){ + return ResponseUtil.badArgument(); + } + + BigDecimal price = brand.getFloorPrice(); + if(price == null){ + return ResponseUtil.badArgument(); + } + return null; + } + @PostMapping("/create") public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallBrand brand){ if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(brand); + if(error != null){ + return error; + } + brand.setAddTime(LocalDateTime.now()); brandService.add(brand); return ResponseUtil.ok(brand); @@ -72,6 +97,10 @@ public class AdminBrandController { if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(brand); + if(error != null){ + return error; + } if(brandService.updateById(brand) == 0){ return ResponseUtil.updatedDateExpired(); } @@ -83,7 +112,11 @@ public class AdminBrandController { if(adminId == null){ return ResponseUtil.unlogin(); } - brandService.deleteById(brand.getId()); + Integer id = brand.getId(); + if(id == null){ + return ResponseUtil.badArgument(); + } + brandService.deleteById(id); return ResponseUtil.ok(); } diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCategoryController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCategoryController.java index a8da9e53..be35fce3 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCategoryController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCategoryController.java @@ -10,6 +10,7 @@ import org.linlinjava.litemall.db.domain.LitemallCategory; import org.linlinjava.litemall.db.service.LitemallCategoryService; import org.linlinjava.litemall.core.util.ResponseUtil; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @@ -49,11 +50,37 @@ public class AdminCategoryController { return ResponseUtil.ok(data); } + private Object validate(LitemallCategory category) { + String name = category.getName(); + if(StringUtils.isEmpty(name)){ + return ResponseUtil.badArgument(); + } + + String level = category.getLevel(); + if(StringUtils.isEmpty(level)){ + return ResponseUtil.badArgument(); + } + if(!level.equals("L1") && !level.equals("L2")){ + return ResponseUtil.badArgumentValue(); + } + + Integer pid = category.getPid(); + if(pid == null){ + return ResponseUtil.badArgument(); + } + + return null; + } + @PostMapping("/create") public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallCategory category){ if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(category); + if(error != null){ + return error; + } category.setAddTime(LocalDateTime.now()); categoryService.add(category); return ResponseUtil.ok(); @@ -74,6 +101,11 @@ public class AdminCategoryController { if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(category); + if(error != null){ + return error; + } + if(categoryService.updateById(category) == 0){ return ResponseUtil.updatedDateExpired(); } @@ -85,7 +117,11 @@ public class AdminCategoryController { if(adminId == null){ return ResponseUtil.unlogin(); } - categoryService.deleteById(category.getId()); + Integer id = category.getId(); + if(id == null){ + return ResponseUtil.badArgument(); + } + categoryService.deleteById(id); return ResponseUtil.ok(); } diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCommentController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCommentController.java index aa1b1ed7..98568529 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCommentController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCommentController.java @@ -52,7 +52,11 @@ public class AdminCommentController { if(adminId == null){ return ResponseUtil.unlogin(); } - commentService.deleteById(comment.getId()); + Integer id = comment.getId(); + if(id == null){ + return ResponseUtil.badArgument(); + } + commentService.deleteById(id); return ResponseUtil.ok(); } diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java index 81660f6c..56caeba2 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java @@ -21,6 +21,7 @@ import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.validation.constraints.NotNull; +import java.math.BigDecimal; import java.time.LocalDateTime; import java.util.*; @@ -69,6 +70,76 @@ public class AdminGoodsController { return ResponseUtil.ok(data); } + private Object validate(GoodsAllinone goodsAllinone) { + LitemallGoods goods = goodsAllinone.getGoods(); + String name = goods.getName(); + if(StringUtils.isEmpty(name)){ + return ResponseUtil.badArgument(); + } + String goodsSn = goods.getGoodsSn(); + if(StringUtils.isEmpty(goodsSn)){ + return ResponseUtil.badArgument(); + } + Integer brandId = goods.getBrandId(); + if(brandId == null){ + return ResponseUtil.badArgument(); + } + if(brandService.findById(brandId) == null) { + return ResponseUtil.badArgumentValue(); + } + Integer categoryId = goods.getCategoryId(); + if(categoryId == null){ + return ResponseUtil.badArgument(); + } + if(categoryService.findById(categoryId) == null){ + return ResponseUtil.badArgumentValue(); + } + + LitemallGoodsAttribute[] attributes = goodsAllinone.getAttributes(); + for(LitemallGoodsAttribute attribute : attributes){ + String attr = attribute.getAttribute(); + if(StringUtils.isEmpty(attr)){ + return ResponseUtil.badArgument(); + } + String value = attribute.getValue(); + if(StringUtils.isEmpty(value)){ + return ResponseUtil.badArgument(); + } + } + + LitemallGoodsSpecification[] specifications = goodsAllinone.getSpecifications(); + for(LitemallGoodsSpecification specification : specifications){ + String spec = specification.getSpecification(); + if(StringUtils.isEmpty(spec)){ + return ResponseUtil.badArgument(); + } + String value = specification.getValue(); + if(StringUtils.isEmpty(value)){ + return ResponseUtil.badArgument(); + } + } + + LitemallProduct[] products = goodsAllinone.getProducts(); + for(LitemallProduct product : products){ + Integer number = product.getNumber(); + if(number == null || number < 0){ + return ResponseUtil.badArgument(); + } + + BigDecimal price = product.getPrice(); + if(price == null){ + return ResponseUtil.badArgument(); + } + + String[] productSpecifications = product.getSpecifications(); + if(productSpecifications.length == 0){ + return ResponseUtil.badArgument(); + } + } + + return null; + } + /* * TODO * 目前商品修改的逻辑是 @@ -86,6 +157,11 @@ public class AdminGoodsController { return ResponseUtil.unlogin(); } + Object error = validate(goodsAllinone); + if(error != null){ + return error; + } + LitemallGoods goods = goodsAllinone.getGoods(); LitemallGoodsAttribute[] attributes = goodsAllinone.getAttributes(); LitemallGoodsSpecification[] specifications = goodsAllinone.getSpecifications(); @@ -148,6 +224,10 @@ public class AdminGoodsController { if (adminId == null) { return ResponseUtil.unlogin(); } + Integer id = goods.getId(); + if(id == null){ + return ResponseUtil.badArgument(); + } // 开启事务管理 DefaultTransactionDefinition def = new DefaultTransactionDefinition(); @@ -175,6 +255,11 @@ public class AdminGoodsController { return ResponseUtil.unlogin(); } + Object error = validate(goodsAllinone); + if(error != null){ + return error; + } + LitemallGoods goods = goodsAllinone.getGoods(); LitemallGoodsAttribute[] attributes = goodsAllinone.getAttributes(); LitemallGoodsSpecification[] specifications = goodsAllinone.getSpecifications(); diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGrouponController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGrouponController.java index 5f7f9db7..a7b1bd83 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGrouponController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGrouponController.java @@ -94,36 +94,45 @@ public class AdminGrouponController { return ResponseUtil.ok(data); } + private Object validate(LitemallGrouponRules grouponRules) { + Integer goodsId = grouponRules.getGoodsId(); + if(goodsId == null){ + return ResponseUtil.badArgument(); + } + BigDecimal discount = grouponRules.getDiscount(); + if(discount == null){ + return ResponseUtil.badArgument(); + } + Integer discountMember = grouponRules.getDiscountMember(); + if(discountMember == null){ + return ResponseUtil.badArgument(); + } + LocalDateTime expireTime = grouponRules.getExpireTime(); + if(expireTime == null){ + return ResponseUtil.badArgument(); + } + + return null; + } + @PostMapping("/update") - public Object update(@LoginAdmin Integer adminId, @RequestBody String grouponRulesBody) { + public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallGrouponRules grouponRules) { if (adminId == null) { return ResponseUtil.unlogin(); } - Integer id = JacksonUtil.parseInteger(grouponRulesBody, "id"); - Integer goodsId = JacksonUtil.parseInteger(grouponRulesBody, "goodsId"); - String discount = JacksonUtil.parseString(grouponRulesBody, "discount"); - Integer discountMember = JacksonUtil.parseInteger(grouponRulesBody, "discountMember"); - String expireTimeString = JacksonUtil.parseString(grouponRulesBody, "expireTime"); - - DateTimeFormatter df = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"); - LocalDateTime expireTime = LocalDateTime.parse(expireTimeString, df); + Object error = validate(grouponRules); + if(error != null){ + return error; + } + Integer goodsId = grouponRules.getGoodsId(); LitemallGoods goods = goodsService.findById(goodsId); if (goods == null) { return ResponseUtil.badArgumentValue(); } - LitemallGrouponRules grouponRules = rulesService.queryById(id); - if (grouponRules == null) { - return ResponseUtil.badArgumentValue(); - } - - grouponRules.setGoodsId(goodsId); - grouponRules.setDiscount(new BigDecimal(discount)); - grouponRules.setDiscountMember(discountMember); grouponRules.setGoodsName(goods.getName()); - grouponRules.setExpireTime(expireTime); grouponRules.setPicUrl(goods.getPicUrl()); if(rulesService.updateById(grouponRules) == 0){ @@ -135,31 +144,24 @@ public class AdminGrouponController { @PostMapping("/create") - public Object create(@LoginAdmin Integer adminId, @RequestBody String grouponRulesBody) { + public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallGrouponRules grouponRules) { if (adminId == null) { return ResponseUtil.unlogin(); } - Integer goodsId = JacksonUtil.parseInteger(grouponRulesBody, "goodsId"); - String discount = JacksonUtil.parseString(grouponRulesBody, "discount"); - Integer discountMember = JacksonUtil.parseInteger(grouponRulesBody, "discountMember"); - String expireTimeString = JacksonUtil.parseString(grouponRulesBody, "expireTime"); - - DateTimeFormatter df = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"); - LocalDateTime expireTime = LocalDateTime.parse(expireTimeString, df); + Object error = validate(grouponRules); + if(error != null){ + return error; + } + Integer goodsId = grouponRules.getGoodsId(); LitemallGoods goods = goodsService.findById(goodsId); if (goods == null) { return ResponseUtil.badArgumentValue(); } - LitemallGrouponRules grouponRules = new LitemallGrouponRules(); - grouponRules.setGoodsId(goodsId); - grouponRules.setDiscount(new BigDecimal(discount)); - grouponRules.setDiscountMember(discountMember); grouponRules.setAddTime(LocalDateTime.now()); grouponRules.setGoodsName(goods.getName()); - grouponRules.setExpireTime(expireTime); grouponRules.setPicUrl(goods.getPicUrl()); rulesService.createRules(grouponRules); @@ -169,12 +171,15 @@ public class AdminGrouponController { @PostMapping("/delete") - public Object delete(@LoginAdmin Integer adminId, @RequestBody String body) { + public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallGrouponRules grouponRules) { if (adminId == null) { return ResponseUtil.unlogin(); } - Integer id = JacksonUtil.parseInteger(body, "id"); + Integer id = grouponRules.getId(); + if(id == null){ + return ResponseUtil.badArgument(); + } rulesService.delete(id); return ResponseUtil.ok(); diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java index 9e7beaa2..dc8f8581 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java @@ -9,6 +9,7 @@ import org.linlinjava.litemall.db.domain.LitemallIssue; import org.linlinjava.litemall.db.service.LitemallIssueService; import org.linlinjava.litemall.core.util.ResponseUtil; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @@ -47,11 +48,27 @@ public class AdminIssueController { return ResponseUtil.ok(data); } + private Object validate(LitemallIssue issue) { + String question = issue.getQuestion(); + if(StringUtils.isEmpty(question)){ + return ResponseUtil.badArgument(); + } + String answer = issue.getAnswer(); + if(StringUtils.isEmpty(answer)){ + return ResponseUtil.badArgument(); + } + return null; + } + @PostMapping("/create") public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallIssue issue){ if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(issue); + if(error != null){ + return error; + } issue.setAddTime(LocalDateTime.now()); issueService.add(issue); return ResponseUtil.ok(issue); @@ -72,6 +89,10 @@ public class AdminIssueController { if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(issue); + if(error != null){ + return error; + } if(issueService.updateById(issue) == 0){ return ResponseUtil.updatedDateExpired(); } @@ -84,7 +105,11 @@ public class AdminIssueController { if(adminId == null){ return ResponseUtil.unlogin(); } - issueService.deleteById(issue.getId()); + Integer id = issue.getId(); + if(id == null){ + return ResponseUtil.badArgument(); + } + issueService.deleteById(id); return ResponseUtil.ok(); } diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java index b3b68752..985acf06 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java @@ -9,6 +9,7 @@ import org.linlinjava.litemall.db.domain.LitemallKeyword; import org.linlinjava.litemall.db.service.LitemallKeywordService; import org.linlinjava.litemall.core.util.ResponseUtil; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @@ -47,11 +48,27 @@ public class AdminKeywordController { return ResponseUtil.ok(data); } + private Object validate(LitemallKeyword keywords) { + String keyword = keywords.getKeyword(); + if (StringUtils.isEmpty(keyword)) { + return ResponseUtil.badArgument(); + } + String url = keywords.getUrl(); + if (StringUtils.isEmpty(url)) { + return ResponseUtil.badArgument(); + } + return null; + } + @PostMapping("/create") public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallKeyword keywords){ if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(keywords); + if(error != null){ + return error; + } keywords.setAddTime(LocalDateTime.now()); keywordService.add(keywords); return ResponseUtil.ok(keywords); @@ -72,6 +89,10 @@ public class AdminKeywordController { if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(keywords); + if(error != null){ + return error; + } if(keywordService.updateById(keywords) == 0){ return ResponseUtil.updatedDateExpired(); } @@ -79,11 +100,15 @@ public class AdminKeywordController { } @PostMapping("/delete") - public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallKeyword brand){ + public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallKeyword keyword){ if(adminId == null){ return ResponseUtil.unlogin(); } - keywordService.deleteById(brand.getId()); + Integer id = keyword.getId(); + if(id == null){ + return ResponseUtil.badArgument(); + } + keywordService.deleteById(id); return ResponseUtil.ok(); } diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRegionController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRegionController.java index 9961b6e4..446a43b9 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRegionController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRegionController.java @@ -15,6 +15,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; +import javax.validation.constraints.NotNull; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -29,9 +30,9 @@ public class AdminRegionController { private LitemallRegionService regionService; @GetMapping("/clist") - public Object clist(@LoginAdmin Integer adminId, Integer id) { - if (id == null) { - return ResponseUtil.badArgument(); + public Object clist(@LoginAdmin Integer adminId, @NotNull Integer id) { + if(adminId == null){ + return ResponseUtil.unlogin(); } List regionList = regionService.queryByPid(id); diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java index 8ff62656..1e81403c 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java @@ -8,6 +8,7 @@ import org.linlinjava.litemall.core.validator.Sort; import org.linlinjava.litemall.db.domain.LitemallStorage; import org.linlinjava.litemall.db.service.LitemallStorageService; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; @@ -84,8 +85,12 @@ public class AdminStorageController { if (adminId == null) { return ResponseUtil.unlogin(); } - litemallStorageService.deleteByKey(litemallStorage.getKey()); - storageService.delete(litemallStorage.getKey()); + String key = litemallStorage.getKey(); + if(StringUtils.isEmpty(key)){ + return ResponseUtil.badArgument(); + } + litemallStorageService.deleteByKey(key); + storageService.delete(key); return ResponseUtil.ok(); } } diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminTopicController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminTopicController.java index 123712cb..c45744f7 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminTopicController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminTopicController.java @@ -9,10 +9,12 @@ import org.linlinjava.litemall.db.domain.LitemallTopic; import org.linlinjava.litemall.db.service.LitemallTopicService; import org.linlinjava.litemall.core.util.ResponseUtil; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.validation.constraints.NotNull; +import java.math.BigDecimal; import java.time.LocalDateTime; import java.util.HashMap; import java.util.List; @@ -47,11 +49,31 @@ public class AdminTopicController { return ResponseUtil.ok(data); } + private Object validate(LitemallTopic topic) { + String title = topic.getTitle(); + if (StringUtils.isEmpty(title)) { + return ResponseUtil.badArgument(); + } + String content = topic.getContent(); + if (StringUtils.isEmpty(content)) { + return ResponseUtil.badArgument(); + } + BigDecimal price = topic.getPrice(); + if (price == null) { + return ResponseUtil.badArgument(); + } + return null; + } + @PostMapping("/create") public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallTopic topic){ if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(topic); + if(error != null){ + return error; + } topic.setAddTime(LocalDateTime.now()); topicService.add(topic); return ResponseUtil.ok(topic); @@ -72,6 +94,10 @@ public class AdminTopicController { if(adminId == null){ return ResponseUtil.unlogin(); } + Object error = validate(topic); + if(error != null){ + return error; + } if(topicService.updateById(topic) == 0){ return ResponseUtil.updatedDateExpired(); } diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java index 6100d966..fd3f3981 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java @@ -12,9 +12,11 @@ import org.linlinjava.litemall.db.domain.LitemallUser; import org.linlinjava.litemall.db.service.LitemallUserService; import org.linlinjava.litemall.core.util.ResponseUtil; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; +import javax.validation.constraints.NotEmpty; import java.time.LocalDateTime; import java.util.HashMap; import java.util.List; @@ -49,9 +51,9 @@ public class AdminUserController { } @GetMapping("/username") - public Object username(String username){ - if(StringUtil.isEmpty(username)){ - return ResponseUtil.badArgument(); + public Object username(@LoginAdmin Integer adminId, @NotEmpty String username){ + if(adminId == null){ + return ResponseUtil.unlogin(); } int total = userService.countSeletive(username, null, null, null, null, null); @@ -61,11 +63,37 @@ public class AdminUserController { return ResponseUtil.ok("已存在"); } + private Object validate(LitemallUser user) { + String username = user.getUsername(); + if(StringUtils.isEmpty(user)){ + return ResponseUtil.badArgument(); + } + if(RegexUtil.isUsername(username)){ + return ResponseUtil.fail(402, "用户名不符合规定"); + } + String password = user.getPassword(); + if(StringUtils.isEmpty(password) || password.length() < 6){ + return ResponseUtil.fail(402, "用户密码长度不能小于6"); + } + String mobile = user.getMobile(); + if(StringUtils.isEmpty(mobile)){ + return ResponseUtil.badArgument(); + } + if(RegexUtil.isMobileExact(mobile)){ + return ResponseUtil.fail(402, "用户手机号码格式不正确"); + } + return null; + } @PostMapping("/create") public Object create(@LoginAdmin Integer adminId, @RequestBody LitemallUser user){ - logger.debug(user); - + if(adminId == null){ + return ResponseUtil.unlogin(); + } + Object error = validate(user); + if(error != null){ + return error; + } String username = user.getUsername(); String mobile = user.getMobile(); List userList = userService.queryByUsername(username); @@ -92,8 +120,13 @@ public class AdminUserController { @PostMapping("/update") public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallUser user){ - logger.debug(user); - + if(adminId == null){ + return ResponseUtil.unlogin(); + } + Object error = validate(user); + if(error != null){ + return error; + } // 用户密码加密存储 String password = user.getPassword(); BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();