blame | history | patch | commit | commitdiff | ignore whitespace
xin
2025-05-30 347909bae241fff128b628ea6d12992d7e5b4b10 
 oying-system/src/main/java/com/oying/modules/quartz/rest/QuartzJobController.java


@@ -3,6 +3,7 @@


import com.baomidou.mybatisplus.extension.plugins.pagination.Page;


import com.oying.modules.quartz.domain.QuartzJob;


import com.oying.modules.quartz.domain.QuartzLog;


import com.oying.utils.R;


import io.swagger.annotations.Api;


import io.swagger.annotations.ApiOperation;


import lombok.RequiredArgsConstructor;


@@ -18,6 +19,7 @@


import org.springframework.security.access.prepost.PreAuthorize;


import org.springframework.validation.annotation.Validated;


import org.springframework.web.bind.annotation.*;




import javax.servlet.http.HttpServletResponse;


import java.io.IOException;


import java.util.Set;


@@ -39,9 +41,9 @@


    @ApiOperation("查询定时任务")


    @GetMapping


    @PreAuthorize("@el.check('timing:list')")


    public ResponseEntity<PageResult<QuartzJob>> queryQuartzJob(QuartzJobQueryCriteria criteria){


    public ResponseEntity<Object> queryQuartzJob(QuartzJobQueryCriteria criteria) {


        Page<Object> page = new Page<>(criteria.getPage(), criteria.getSize());


        return new ResponseEntity<>(quartzJobService.queryAll(criteria,page), HttpStatus.OK);


        return new ResponseEntity<>(R.success(quartzJobService.queryAll(criteria, page)), HttpStatus.OK);


    }




    @ApiOperation("导出任务数据")


@@ -61,71 +63,72 @@


    @ApiOperation("查询任务执行日志")


    @GetMapping(value = "/logs")


    @PreAuthorize("@el.check('timing:list')")


    public ResponseEntity<PageResult<QuartzLog>> queryQuartzJobLog(QuartzJobQueryCriteria criteria){


    public ResponseEntity<Object> queryQuartzJobLog(QuartzJobQueryCriteria criteria) {


        Page<Object> page = new Page<>(criteria.getPage(), criteria.getSize());


        return new ResponseEntity<>(quartzJobService.queryAllLog(criteria,page), HttpStatus.OK);


        return new ResponseEntity<>(R.success(quartzJobService.queryAllLog(criteria, page)), HttpStatus.OK);


    }




    @Log("新增定时任务")


    @ApiOperation("新增定时任务")


    @PostMapping


    @PreAuthorize("@el.check('timing:add')")


    public ResponseEntity<Object> createQuartzJob(@Validated @RequestBody QuartzJob resources){


    public ResponseEntity<Object> createQuartzJob(@Validated @RequestBody QuartzJob resources) {


        if (resources.getId() != null) {


            throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");


            throw new BadRequestException("A new " + ENTITY_NAME + " cannot already have an ID");


        }


        // 验证Bean是不是合法的,合法的定时任务 Bean 需要用 @Service 定义


        checkBean(resources.getBeanName());


        quartzJobService.create(resources);


        return new ResponseEntity<>(HttpStatus.CREATED);


        return new ResponseEntity<>(R.success(), HttpStatus.CREATED);


    }




    @Log("修改定时任务")


    @ApiOperation("修改定时任务")


    @PutMapping


    @PreAuthorize("@el.check('timing:edit')")


    public ResponseEntity<Object> updateQuartzJob(@Validated(QuartzJob.Update.class) @RequestBody QuartzJob resources){


    public ResponseEntity<Object> updateQuartzJob(@Validated(QuartzJob.Update.class) @RequestBody QuartzJob resources) {


        // 验证Bean是不是合法的,合法的定时任务 Bean 需要用 @Service 定义


        checkBean(resources.getBeanName());


        quartzJobService.update(resources);


        return new ResponseEntity<>(HttpStatus.NO_CONTENT);


        return new ResponseEntity<>(R.success(), HttpStatus.NO_CONTENT);


    }




    @Log("更改定时任务状态")


    @ApiOperation("更改定时任务状态")


    @PutMapping(value = "/{id}")


    @PreAuthorize("@el.check('timing:edit')")


    public ResponseEntity<Object> updateQuartzJobStatus(@PathVariable Long id){


    public ResponseEntity<Object> updateQuartzJobStatus(@PathVariable Long id) {


        quartzJobService.updateIsPause(quartzJobService.getById(id));


        return new ResponseEntity<>(HttpStatus.NO_CONTENT);


        return new ResponseEntity<>(R.success(), HttpStatus.NO_CONTENT);


    }




    @Log("执行定时任务")


    @ApiOperation("执行定时任务")


    @PutMapping(value = "/exec/{id}")


    @PreAuthorize("@el.check('timing:edit')")


    public ResponseEntity<Object> executionQuartzJob(@PathVariable Long id){


    public ResponseEntity<Object> executionQuartzJob(@PathVariable Long id) {


        quartzJobService.execution(quartzJobService.getById(id));


        return new ResponseEntity<>(HttpStatus.NO_CONTENT);


        return new ResponseEntity<>(R.success(), HttpStatus.NO_CONTENT);


    }




    @Log("删除定时任务")


    @ApiOperation("删除定时任务")


    @DeleteMapping


    @PreAuthorize("@el.check('timing:del')")


    public ResponseEntity<Object> deleteQuartzJob(@RequestBody Set<Long> ids){


    public ResponseEntity<Object> deleteQuartzJob(@RequestBody Set<Long> ids) {


        quartzJobService.delete(ids);


        return new ResponseEntity<>(HttpStatus.OK);


        return new ResponseEntity<>(R.success(),HttpStatus.OK);


    }




    /**


     * 验证Bean是不是合法的,合法的定时任务 Bean 需要用 @Service 定义


     *


     * @param beanName Bean名称


     */


    private void checkBean(String beanName){


    private void checkBean(String beanName) {


        // 避免调用攻击者可以从SpringContextHolder获得控制jdbcTemplate类


        // 并使用getDeclaredMethod调用jdbcTemplate的queryForMap函数,执行任意sql命令。


        if(!SpringBeanHolder.getAllServiceBeanName().contains(beanName)){


        if (!SpringBeanHolder.getAllServiceBeanName().contains(beanName)) {


            throw new BadRequestException("非法的 Bean,请重新输入!");


        }


    }