关联表单填充规则主表填充效果实现

1 year ago · 6de4071178
3 changed files with 35 additions and 4 deletions
--- a/src/main/java/com/hxgk/lowcode/controller/AssociatedFormsController.java
+++ b/src/main/java/com/hxgk/lowcode/controller/AssociatedFormsController.java
@ -118,6 +118,7 @@ public class AssociatedFormsController {
        if(StringUtils.isBlank(key)||StringUtils.isBlank(token)){
            return JsonData.buildError("非法请求");
        }
        String glbbddbd = requestBody.get("glbbddbd");
        String formId = requestBody.get("formId");
        String dataTitle = requestBody.get("dataTitle");
        String rangeFormula = requestBody.get("rangeFormula");
@ -130,7 +131,7 @@ public class AssociatedFormsController {
        System.out.println(fillFieldsChild);
        com.alibaba.fastjson2.JSONArray fillFieldsChildJsonObject = JSON.parseArray(fillFieldsChild);
-        ArrayList<CustomerFormTableSingleFieldValue> dataTitles = customerFormService.getAsfDataTitles(key,token,formId,dataTitle,rangeFormula,rangeString,hideFormula,hideString,masterOnField,fillFieldsMaster,fillFieldsChildJsonObject);
+        ArrayList<CustomerFormTableSingleFieldValue> dataTitles = customerFormService.getAsfDataTitles(key,token,glbbddbd,formId,dataTitle,rangeFormula,rangeString,hideFormula,hideString,masterOnField,fillFieldsMaster,fillFieldsChildJsonObject);
        return JsonData.buildSuccess(dataTitles);
--- a/src/main/java/com/hxgk/lowcode/service/CustomerFormService.java
+++ b/src/main/java/com/hxgk/lowcode/service/CustomerFormService.java
@ -17,7 +17,7 @@ public interface CustomerFormService {
    ArrayList<CustomerFormTableSingleFieldValue> getFieldRecord(String key, String token, String[] optionsValue3FieldArray);
-    ArrayList<CustomerFormTableSingleFieldValue> getAsfDataTitles(String key, String token, String formId, String dataTitle, String rangeFormula, String rangeString, String hideFormula, String hideString, String masterOnField, String fillFieldsMaster, JSONArray fillFieldsChild);
+    ArrayList<CustomerFormTableSingleFieldValue> getAsfDataTitles(String key, String token,String glbbddbd, String formId, String dataTitle, String rangeFormula, String rangeString, String hideFormula, String hideString, String masterOnField, String fillFieldsMaster, JSONArray fillFieldsChild);
    ArrayList<CustomerFormTableSingleFieldValue> getAsfDataTitlesByIds(String AsfFormId,ArrayList<HashMap<String,String>> ids);
    Boolean queryIfOrgOrPersonContainsCurrentUser(String key, String token, String targetOrgOrPerson, String condition, String currentUser);
--- a/src/main/java/com/hxgk/lowcode/service/impl/CustomerFormServiceImpl.java
+++ b/src/main/java/com/hxgk/lowcode/service/impl/CustomerFormServiceImpl.java
@ -664,7 +664,7 @@ public class CustomerFormServiceImpl implements CustomerFormService {
    */
    @Override
-    public ArrayList<CustomerFormTableSingleFieldValue> getAsfDataTitles(String key, String token,String formId, String dataTitle,String rangeFormula, String rangeString, String hideFormula, String hideString,String masterOnField, String fillFieldsMaster, JSONArray fillFieldsChild) {
+    public ArrayList<CustomerFormTableSingleFieldValue> getAsfDataTitles(String key, String token,String glbbddbd,String formId, String dataTitle,String rangeFormula, String rangeString, String hideFormula, String hideString,String masterOnField, String fillFieldsMaster, JSONArray fillFieldsChild) {
        //关联表单的id
        String AsfFormId = formId;
        //根据formId(cfid)查询关联表单表名
@ -720,7 +720,7 @@ public class CustomerFormServiceImpl implements CustomerFormService {
                    keytokenmap.put("usertoken",token);
                    UserDetail userDetail = userService.getUserDetailFromRedis(keytokenmap);
-                    logger.error("用户进行了SQL注入攻击:key--"+userDetail.getWmKey()+"姓名--"+userDetail.getName()+"输入的条件"+rangeFormula);
+                    logger.error("条件含有非法字符,主表单->"+glbbddbd+"###关联表单->"+asfFormName+"###非法条件->"+rangeFormula);
                    dataTitleMapList = new ArrayList<>();//直接返回空数据标题列表
                }else{
                    if(operator.equals("包含")){
@ -1570,6 +1570,36 @@ public class CustomerFormServiceImpl implements CustomerFormService {
        //数据填充规则数据字段准备 start
        System.out.println(fillFieldsChild);
        if(fillFieldsChild.size()>0){
            for(int i = 0; i<fillFieldsChild.size();i++){
                System.out.println(fillFieldsChild.get(i));
                com.alibaba.fastjson2.JSONObject singleAsfChildTableFillRoleObject = (com.alibaba.fastjson2.JSONObject)fillFieldsChild.get(i);
                com.alibaba.fastjson2.JSONObject filterCondition = (com.alibaba.fastjson2.JSONObject)singleAsfChildTableFillRoleObject.get("filterCondition");
                System.out.println(1);
                String singleAsfChildTableConditionHtml = filterCondition.get("conditionHtml").toString();
                if(!StringUtils.isBlank(singleAsfChildTableConditionHtml)){
                    if(containsDangerousWords(filterCondition.get("conditionHtml").toString())){//子表条件带有非法字符
                        logger.error("子表条件带有非法字符");
                    }else{
                        String singleAsfChildTableFormulaHtml = ((com.alibaba.fastjson2.JSONObject) filterCondition.get("gongShi")).get("formulaHtml").toString();
                        String singleAsfChildTableMathsFormula = ((com.alibaba.fastjson2.JSONObject) filterCondition.get("gongShi")).get("mathsFormula").toString();
                        String singleAsfChildTableMathsString = ((com.alibaba.fastjson2.JSONObject) filterCondition.get("gongShi")).get("mathsString").toString();
                        System.out.println(1);
                    }
                }
            }
        }
        ArrayList<String> masterFillRoleFields = new ArrayList<>();
        if(fillFieldsMaster.length()>0){
            fillFieldsMaster = fillFieldsMaster.substring(0, fillFieldsMaster.length() - 1);