采用Spring、MyBatis、Shiro框架,开发的一套权限系统,极低门槛,拿来即用。设计之初,就非常注重安全性,为企业系统保驾护航,让一切都变得如此简单。【QQ群:324780204、145799952】
Home Page: https://www.renren.io/community
License: Apache License 2.0
[ERROR][2017-12-11 14:40:14] io.renren.common.exception.RRExceptionHandler.handleException(RRExceptionHandler.java:48) syntax error, unexpect token error
com.alibaba.fastjson.JSONException: syntax error, unexpect token error
at com.alibaba.fastjson.parser.deserializer.JavaBeanDeserializer.deserialze(JavaBeanDeserializer.java:656)
at com.alibaba.fastjson.parser.deserializer.JavaBeanDeserializer.parseRest(JavaBeanDeserializer.java:1070)
at com.alibaba.fastjson.parser.deserializer.FastjsonASMDeserializer_2_ActivityNews.deserialze(Unknown Source)
at com.alibaba.fastjson.parser.deserializer.JavaBeanDeserializer.deserialze(JavaBeanDeserializer.java:211)
at com.alibaba.fastjson.parser.DefaultJSONParser.parseObject(DefaultJSONParser.java:642)
at com.alibaba.fastjson.JSON.parseObject(JSON.java:354)
at com.alibaba.fastjson.JSON.parseObject(JSON.java:322)
at com.alibaba.fastjson.JSON.parseObject(JSON.java:285)
at com.alibaba.fastjson.JSON.parseObject(JSON.java:385)
at com.alibaba.fastjson.JSON.parseObject(JSON.java:467)
at com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter.read(FastJsonHttpMessageConverter.java:211)
at org.springframework.web.servlet.mvc.method.annotation.AbstractMessageConverterMethodArgumentResolver.readWithMessageConverters(AbstractMessageConverterMethodArgumentResolver.java:201)
at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.readWithMessageConverters(RequestResponseBodyMethodProcessor.java:150)
at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.resolveArgument(RequestResponseBodyMethodProcessor.java:128)
at org.springframework.web.method.support.HandlerMethodArgumentResolverComposite.resolveArgument(HandlerMethodArgumentResolverComposite.java:121)
at org.springframework.web.method.support.InvocableHandlerMethod.getMethodArgumentValues(InvocableHandlerMethod.java:158)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:128)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at io.renren.common.xss.XssFilter.doFilter(XssFilter.java:23)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
[ERROR][2017-12-11 14:41:56] io.renren.common.exception.RRExceptionHandler.handleException(RRExceptionHandler.java:48) syntax error, unexpect token error
怎么样在这个项目中设置whitelist,来避免过滤器对富文本的input,进行过滤。
菜单遍历查询/select * 等这些都很影响性能.
尽量缓存一下必要的数据.
登录后台,点击浏览器的后退键还停留在本页面,但是连续点击两次,则可以返回上一页。
如图,使用源码maven方式运行,原数据,打开菜单管理,对定时任务的修改菜单进行编辑时,在打开的编辑界面出现的上级菜单为以及菜单,应当为定时任务,偶尔出现此情况,并不局限于此菜单,怀疑为前端展示bug,使用chrome 56.0.2924.87
在模块页面gen下增加一个文件夹,在文件夹下增加一个html文件,这个文件不能访问报404错误,但是文件放到gen目录下就可以访问,这个是为什么呢
这是我修改后的代码,还望作者采纳
/**
* 获取配置信息
*/
public static Configuration getConfig(){
try {
PropertiesConfiguration propertiesConfiguration = new PropertiesConfiguration();
propertiesConfiguration.setEncoding("UTF-8");
propertiesConfiguration.load("generator.properties");
return propertiesConfiguration;
} catch (ConfigurationException e) {
throw new RRException("获取配置文件失败,", e);
}
}
btn1 btn2 [查询框]btn3
btn4 btn5
btn6
两个div 样式都是class="grid-btn"
想把它放两行的,结果变成上述
想这样:
btn1 btn2 [......]btn3
btn4 btn5 btn6
首页->系统日志页面
查询功能,显示根据用户名和用户操作查询,实际只能根据用户名查询。
需要在io.renren.modules.sys.service.impl.SysLogServiceImpl
line:32-35
IPage page = this.page(
new Query().getPage(params),
new QueryWrapper().like(StringUtils.isNotBlank(key),"username", key)
);
修改为
IPage page = this.page(
new Query().getPage(params),
new QueryWrapper().like(StringUtils.isNotBlank(key),"username", key)
.or()
.like(StringUtils.isNotBlank(key), "operation", key)
);
一般springboot项目都能直接断点调试,为什么renren-security项目点了debug没用。。。
我公司团队正好用了你们的框架,大大提高了开发效率,但是因为CrudService,代码生成器生成的代码里查询语句都是用map作为参数的,导致代码里充斥大量用map作为参数的方法调用,map传参虽然方便,但是带来一系列问题,最大问题就是导致参数不可知,类型也无法确认,弊大于利。还有BaseService这个基础类方法太少,建议直接继承mybatisplus的基础类,提供更多的公共方法。
代码中出现了过多的ValidateEntity方法的调用
The type org.quartz.Scheduler cannot be resolved. It is indirectly referenced from required .class files ScheduleJobServiceImpl.java /renren-security/renren-admin/src/main/java/io/renren/modules/job/service/impl line 1 Java Problem
请问,例如:角色管理的新增按钮 授权标记是sys:role:save,sys:menu:perms, 对应的Java 方法注解是@RequestMapping("/save") @RequiresPermissions("sys:role:save") , 如果授权标记去除了"sys:role:save",那不就是没有通过权限验证,而不能再新增角色了吗?
curl -d "mobile=1234&password=123" http://localhost:8080/api/login error :No such instance field: 'handler'
增加按钮有错误啊
eclipse 引入 exist maven project 就报这个错
The import org.springframework.beans.factory.annotation.Autowired cannot be resolved
新增定时任务 schedule_job表中的status为null,导致项目重启时初始化定时任务
ScheduleUtils中
//暂停任务
if(scheduleJob.getStatus() == Constant.ScheduleStatus.PAUSE.getValue()){
pauseJob(scheduler, scheduleJob.getJobId());
}
报空指针
代码里的sql执行报错,导致项目启动不了。
-- quartz相关表结构
CREATE TABLE QRTZ_JOB_DETAILS(
SCHED_NAME VARCHAR(120) NOT NULL,
JOB_NAME VARCHAR(200) NOT NULL,
JOB_GROUP VARCHAR(200) NOT NULL,
DESCRIPTION VARCHAR(250) NULL,
JOB_CLASS_NAME VARCHAR(250) NOT NULL,
IS_DURABLE VARCHAR(1) NOT NULL,
IS_NONCONCURRENT VARCHAR(1) NOT NULL,
IS_UPDATE_DATA VARCHAR(1) NOT NULL,
REQUESTS_RECOVERY VARCHAR(1) NOT NULL,
JOB_DATA BLOB NULL,
PRIMARY KEY (SCHED_NAME,JOB_NAME,JOB_GROUP))
ENGINE=InnoDB;
[Err] 1071 - Specified key was too long; max key length is 767 bytes
请问下,怎么把table上的操作按行放到table中?例如对每一行数据的删除或者修改都有一个删除,修改按钮。查了下好像需要用支持vue的表格才行,要么不用jqGrid,或者直接用jquery来操作,不知道楼主有没有比较好的方式?
,我想请问您说的jdk8.5是指?
下面代码 copy 自 ScheduleJob,删除了不相干的代码。
这里每次执行 job 的时候,都会单独开个线程,有什么说法吗?
public class ScheduleJob extends QuartzJobBean {
private ExecutorService service = Executors.newSingleThreadExecutor();
@Override
protected void executeInternal(JobExecutionContext context) throws JobExecutionException {
//....
try {
ScheduleRunnable task = new ScheduleRunnable(scheduleJob.getBeanName(),
scheduleJob.getMethodName(), scheduleJob.getParams());
Future<?> future = service.submit(task);
future.get();
// ....
} catch (Exception e) {
// ...
}finally {
// ...
}
}
}我的理解 quartz 框架在处理这些 job 的时候已经是单独的线程了,没有必要在开一个线程。
伪代码如下
public class ScheduleJob extends QuartzJobBean {
@Override
protected void executeInternal(JobExecutionContext context) throws JobExecutionException {
//....
try {
Object target = SpringContextUtils.getBean(context.getBeanName());
Method method = context.getBeanName().getClass().getDeclaredMethod(scheduleJob.getMethodName());
method.invoke(target);
} catch (Exception e) {
// ...
}finally {
// ...
}
}
}加了XSS过滤后 生成代码的时候 转换JSON 双引号之类的被转义后不能解析
确定这里配置是 正确的吗?我这么用报错了。。
老哥数据库没有
[ERROR][2017-04-08 02:11:09] com.alibaba.druid.pool.DruidDataSource$CreateConnectionThread.run(DruidDataSource.java:2083) create connection error, url: jdbc:mysql://localhost:3306/renren-security?allowMultiQueries=true&useUnicode=true&characterEncoding=UTF-8, errorCode 1045, state 28000
java.sql.SQLException: Access denied for user 'root '@'localhost' (using password: YES)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:957)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3878)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3814)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:871)
at com.mysql.jdbc.MysqlIO.proceedHandshakeWithPluggableAuthentication(MysqlIO.java:1694)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1215)
at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2255)
at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2286)
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2085)
at com.mysql.jdbc.ConnectionImpl.(ConnectionImpl.java:795)
at com.mysql.jdbc.JDBC4Connection.(JDBC4Connection.java:44)
at sun.reflect.GeneratedConstructorAccessor21.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:400)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:327)
at com.alibaba.druid.filter.FilterChainImpl.connection_connect(FilterChainImpl.java:148)
at com.alibaba.druid.filter.FilterAdapter.connection_connect(FilterAdapter.java:785)
at com.alibaba.druid.filter.FilterChainImpl.connection_connect(FilterChainImpl.java:142)
at com.alibaba.druid.filter.stat.StatFilter.connection_connect(StatFilter.java:211)
at com.alibaba.druid.filter.FilterChainImpl.connection_connect(FilterChainImpl.java:142)
at com.alibaba.druid.pool.DruidAbstractDataSource.createPhysicalConnection(DruidAbstractDataSource.java:1454)
at com.alibaba.druid.pool.DruidAbstractDataSource.createPhysicalConnection(DruidAbstractDataSource.java:1516)
at com.alibaba.druid.pool.DruidDataSource$CreateConnectionThread.run(DruidDataSource.java:2080)
spring-boot版的swagger是在哪里配置的呢?
quartz下的c3p0依赖排除,groupId填写错误
内容如下:
<exclusion>
<artifactId>c3p0</artifactId>
<groupId>c3p0</groupId>
</exclusion>正确写法:
<exclusion>
<artifactId>c3p0</artifactId>
<groupId>com.mchange</groupId>
</exclusion>如这个包不需要,请修正
顺便还有,slf4j-api依赖引入太多,且版本不同,shiro中为1.6.4过于老旧,quartz的hikariCP中为1.7.10,quartz中为1.7.7,引入的版本为1.7.25,有可能产生不必要的麻烦,望更新相应依赖,修正这个问题。
spring家族的引入混乱,很多依赖排除没有做好,希望能仔细检查
shiro目前有了1.4.0,可以考虑升级
您好,请问一下,你这个api 模块有考虑集成shiro吗?我看shiro的权限是和menu绑定的,当初是怎么考虑得呢,把两者分开是不是更好一点
登陆时候验证码保存的时候永远都是一个key 另一个登陆页面打开会覆盖前一个打开的验证码
when you visit some link of this, and then if you click the back button of the web browser,you will find you can't get the right menu item and url address,but the content displayed is right. And,you need back again, then you are able to watch the right URL and actived menu item.
请问前端代码vue能提供吗
jCasbin 是一个用 Java 语言打造的轻量级开源访问控制框架( https://github.com/casbin/jcasbin ),目前在 GitHub 开源。jCasbin 采用了元模型的设计**,支持多种经典的访问控制方案,如基于角色的访问控制 RBAC、基于属性的访问控制 ABAC 等。
我看到咱们项目采用了Shiro,不过Shiro的复杂度比较高,灵活性也不足,不易于将来扩展。建议替换为jcasbin,可否考虑,谢谢!
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.