提交参数校验支持

src/main/java/org/sss/presentation/noui/api/response/ErrorCodes.java

@@ -29,8 +29,12 @@ public class ErrorCodes {
 	public static final String UNKNOEW_TRANS = "R0017";
 	public static final String FORBIDDEN_TRANS = "R0018";
 
+
+
 	public static final String GT_MAX_CURR_NUM = "R9990";
 
+	public static final String ILLEGAL_ARGS = "R9991";
+
 	public static final String INTERRUPTED_ERROR = "R9997";
 	public static final String REDIS_CONNECTION_ERROR = "R9998";
 	public static final String ERROR = "R9999";
@@ -38,4 +42,6 @@ public class ErrorCodes {
 	public static final String BUSINESS_ERROR = "E0001";
 
 
+
+
 }

src/main/java/org/sss/presentation/noui/controller/AbstractCommonController.java

@@ -19,6 +19,7 @@ import org.sss.presentation.noui.context.NoUiContext;
 import org.sss.presentation.noui.context.NoUiContextManager;
 import org.sss.presentation.noui.context.NoUiPresentation;
 import org.sss.presentation.noui.jwt.RedisLoginInfo;
+import org.sss.presentation.noui.util.BizKeySetManager;
 import org.sss.presentation.noui.util.NoUiPresentationUtil;
 import org.sss.presentation.noui.util.RedisUtil;
 import org.sss.presentation.noui.util.StringUtil;
@@ -54,11 +55,19 @@ public abstract class  AbstractCommonController {
 
 		try {
 			NoUiRequest noUiRequest = new NoUiRequest(request, mappingUrl, dataMap);
-			context = NoUiContextManager.createNoUiContext(noUiRequest);
+
 			Alias alias = new Alias(mappingUrl);
 			String trnName = alias.getTrnName();
-			// 交易参数赋值
+			//判断参数是否合法
 			Map<String, ?> paramsMap = noUiRequest.getParamsMap();
+
+			if(!BizKeySetManager.validateParasMap(eventType,trnName,paramsMap))
+			{
+				return ResultUtil.result(ErrorCodes.ILLEGAL_ARGS, "不合法的参数", "", noUiVersion.getVersion());
+			}
+			context = NoUiContextManager.createNoUiContext(noUiRequest);
+			// 交易参数赋值
+
 			for (String key : paramsMap.keySet()) {
 				context.getSession().storeData(key, paramsMap.get(key));
 			}

src/main/java/org/sss/presentation/noui/redis/RedisKeyExpirationListener.java

@@ -11,6 +11,7 @@ import org.springframework.data.redis.listener.RedisMessageListenerContainer;
 import org.springframework.stereotype.Service;
 import org.sss.module.hibernate.HibernateUtils;
 import org.sss.presentation.noui.common.Constants;
+import org.sss.presentation.noui.util.BizKeySetManager;
 import org.sss.presentation.noui.util.NoUiPresentationUtil;
 import org.sss.presentation.noui.util.RedisUtil;
 
@@ -41,7 +42,7 @@ public class RedisKeyExpirationListener extends KeyExpirationEventMessageListene
                 log.info("clear expire user " + userId + " session success");
                 //清理缓存set
                 try {
-                    RedisUtil.delete(NoUiPresentationUtil.getCacheSetKey(userId));
+                    RedisUtil.delete(BizKeySetManager.getCacheSetKey(userId));
                 }catch (Exception e)
                 {
                     log.error(e.getMessage());

src/main/java/org/sss/presentation/noui/util/BizKeySetManager.java

+package org.sss.presentation.noui.util;
+
+import log.Log;
+import log.LogFactory;
+import org.apache.commons.collections.map.HashedMap;
+import org.sss.common.model.IModule;
+import org.sss.common.model.IModuleList;
+import org.sss.presentation.noui.common.Constants;
+
+import java.util.*;
+
+public class BizKeySetManager {
+    protected static final Log log = LogFactory.getLog(BizKeySetManager.class);
+
+    static final String storeinr = "storeinr.properties";
+    static final String checkinr = "checkinr.properties";
+    protected static String INIT = "INIT";
+
+    //key :transName
+    static Map<String,StoreInrItem> storeConfig = new HashMap<>();
+    //key:trnsName+'.'+paramKey
+    static Map<String,CheckInrItem> checkConfig = new HashMap<>();
+
+    static{
+        try{
+            Properties storeProps = new Properties();
+            Properties checkProps = new Properties();
+            storeProps.load(BizKeySetManager.class.getClassLoader().getResourceAsStream(storeinr));
+            checkProps.load(BizKeySetManager.class.getClassLoader().getResourceAsStream(checkinr));
+            //构建配置
+            for(Map.Entry entry: storeProps.entrySet())
+            {
+                String key = (String)entry.getKey();
+                String val = (String)entry.getValue();
+                String[] arr = val.split(",");
+                StoreInrItem item = new StoreInrItem(key);
+                for(String str:arr)
+                    item.lstSet.add(str);
+            }
+            for(Map.Entry entry: checkProps.entrySet())
+            {
+                String key = (String)entry.getKey();
+                String val = (String)entry.getValue();
+                String[] arr = val.split(",");
+
+                String objtyp = "";
+                if(arr.length > 0)
+                    objtyp = arr[0];
+                boolean isKeepInSotre = false;
+                if(arr.length > 1)
+                    isKeepInSotre = "X".equals(arr[1]);
+                CheckInrItem item = new CheckInrItem(objtyp,isKeepInSotre);
+            }
+        }catch (Exception e)
+        {
+            log.error(e.getMessage());
+        }
+    }
+
+    public static boolean isModueListNeedCache(String transName,String listPath )
+    {
+        StoreInrItem item = storeConfig.get(transName);
+        if(item == null)
+            return false;
+        if(!item.lstSet.contains(listPath))
+            return false;
+        return true;
+    }
+
+    public static String[] getParamKeys(IModuleList moduleList)
+    {
+        String[] paramsKey = (String[])moduleList.getAttribute("KEY_PARAMS");
+        //TODO 考虑后续读取配置文件
+        if(paramsKey!=null)
+            paramsKey = new String[]{"inr","$objtyp"};
+
+        return paramsKey;
+    }
+
+    public static boolean validateParasMap(String eventType,String transName,Map<String, ?> paramsMap )
+    {
+        boolean needKeep = false;
+        String dataKey = null;
+        for(Map.Entry<String,?> entry:paramsMap.entrySet() )
+        {
+            CheckInrItem item = getCheckItem(transName,entry.getKey());
+            if(item == null)
+                continue;
+            String inr = entry.getValue().toString(); //现在默认参数即INR，如果后续需要灵活配置，待改进
+            String objtyp = entry.getValue().toString();
+            dataKey = String.format("%s,%s",inr,objtyp);
+            if(!isKeyAllowed(dataKey))
+                return false;
+            if(!needKeep)
+                needKeep = item.isKeepInSotre;
+            break;
+        }
+        try{
+            RedisUtil.delete(getCacheSetKey()); //清除列表
+            if(eventType.equals(INIT) &&  needKeep)
+                cacheDataKeys(new String[]{dataKey}); //缓存该数据
+        }
+        catch (Exception e)
+        {
+
+        }
+        return  false;
+    }
+
+    //根据交易名和参数名，返回check item
+    public static CheckInrItem getCheckItem(String transName,String paramKey)
+    {
+        String key = String.format("%s.%s",transName,paramKey);
+        return checkConfig.get(key);
+    }
+
+    public static String getCacheSetKey()
+    {
+        String setKey = Constants.SESSION+"."+NoUiUtils.getUserId()+".CACHE_SET";
+        return setKey;
+    }
+
+    public static String getCacheSetKey(String userId)
+    {
+        String setKey = Constants.SESSION+"."+userId+".CACHE_SET";
+        return setKey;
+    }
+
+    public static void cacheDataKeys(String[] keys)
+    {
+        String setKey = getCacheSetKey();
+        try{
+            RedisUtil.addMembers(setKey,keys);
+        }catch (Exception e){
+            log.error(e.getMessage());
+        }
+
+    }
+    //检查key是否在set中存在
+    public static boolean isKeyAllowed(String key)
+    {
+        try {
+            return RedisUtil.isMembers(getCacheSetKey(),key);
+        } catch (Exception e) {
+            log.error(e.getMessage());
+            return false;
+        }
+    }
+    //添加值进入set
+    public static boolean putKeyToAllowedCache(String[] keys)
+    {
+        try {
+            RedisUtil.addMembers(getCacheSetKey(),keys);
+        } catch (Exception e) {
+            log.error(e.getMessage());
+            return false;
+        }
+        return true;
+    }
+
+    public static class CheckInrItem{
+
+        public String objtyp;
+        public boolean isKeepInSotre;
+        public CheckInrItem(String objtyp,boolean isKeepInSotre)
+        {
+            this.objtyp = objtyp;
+            this.isKeepInSotre = isKeepInSotre;
+        }
+    }
+    public static class StoreInrItem{
+        public Set lstSet;
+        public String transName;
+        public StoreInrItem(String transName)
+        {
+            this.transName = transName;
+            this.lstSet = new HashSet();
+        }
+    }
+}
+

src/main/java/org/sss/presentation/noui/util/NoUiPresentationUtil.java

@@ -240,17 +240,32 @@ public class NoUiPresentationUtil {
 			List<Map<String, Object>> list = new ArrayList<>();
 			IModuleList<?> moduleList = (IModuleList<?>) val;
 			List<String> cacheRecord = new ArrayList<>();
-			String paramsKey[] = getParamKeys(moduleList);
+			String paramsKey[] = BizKeySetManager.getParamKeys(moduleList);
+			String params[] = new String[paramsKey.length];
+			//是否需要缓存
+			boolean needCache = BizKeySetManager.isModueListNeedCache(context.getSession().getTransName(),path);
+
 			for (int index = 0; index < moduleList.size(); index++) {
 				Map<String, Object> map = new HashMap<>();
 				IModule module = moduleList.get(index);
 				Collection<IDatafield> datafields = module.getDatafields();
 
 				for (IDatafield<Object> datafield : datafields) {
-					map.put(changeForELCS(datafield.getName()), handle(datafield.getValue(), datafield));
+					String value = handle(datafield.getValue(), datafield);
+					String colName = datafield.getName();
+					map.put(changeForELCS(colName), value);
+					if(needCache) { //拷贝值进入params
+						copyValueToParamsArr(paramsKey,params,colName,value);
+					}
+				}
+				if(needCache)
+				{
+					cacheRecord.add(transParamsToString(params));
 				}
 				list.add(map);
 			}
+			if(needCache) //进入redis缓存
+				BizKeySetManager.cacheDataKeys(cacheRecord.toArray(new String[0]));
 			return list;
 		} else if (val instanceof IModule) {
 			val = context.getSession().getBaseObject(context.getRoot(), path);
@@ -382,57 +397,26 @@ public class NoUiPresentationUtil {
 		return String.valueOf(ch);
 	}
 
-	public static String getCacheSetKey()
+	public static String transParamsToString(String[] params)
 	{
-		String setKey = Constants.SESSION+"."+NoUiUtils.getUserId()+".CACHE_SET";
-		return setKey;
+		StringBuilder sb = new StringBuilder();
+		for(String str:params)
+		{
+			sb.append(str);
+			sb.append(',');
+		}
+		if(sb.charAt(sb.length() - 1) == ',')
+			sb.deleteCharAt(sb.length() - 1);
+		return sb.toString();
 	}
-
-	public static String getCacheSetKey(String userId)
+	public static void copyValueToParamsArr(String[] paramsKey,String[] params,String key,String value)
 	{
-		String setKey = Constants.SESSION+"."+userId+".CACHE_SET";
-		return setKey;
-	}
-
-	public static void cacheDataKeys(String[] keys)
-	{
-		String setKey = getCacheSetKey();
-		try{
-			RedisUtil.addMembers(setKey,keys);
-		}catch (Exception e){
-			log.error(e.getMessage());
+		for (int i = 0; i < paramsKey.length; i++) {
+			if (paramsKey[i].equals(key)) {
+				params[i] = value;
+				break;
+			}
 		}
-
 	}
 
-	public static String[] getParamKeys(IModuleList moduleList)
-	{
-		String[] paramsKey = (String[])moduleList.getAttribute("KEY_PARAMS");
-		//TODO 考虑后续读取配置文件
-		if(paramsKey!=null)
-			paramsKey = new String[]{"inr","$objtyp"};
-
-		return paramsKey;
-	}
-	//检查key是否在set中存在
-	public static boolean isKeyAllowed(String key)
-	{
-		try {
-			return RedisUtil.isMembers(getCacheSetKey(),key);
-		} catch (Exception e) {
-			log.error(e.getMessage());
-			return false;
-		}
-	}
-	//添加值进入set
-	public static boolean putKeyToAllowedCache(String[] keys)
-	{
-		try {
-			RedisUtil.addMembers(getCacheSetKey(),keys);
-		} catch (Exception e) {
-			log.error(e.getMessage());
-			return false;
-		}
-		return true;
-	}
 }

src/main/resources/checkinr.properties

+xxxopn.selinr=xxx,X
+xxxopn.oldinr=xxx
\ No newline at end of file

src/main/resources/storeinr.properties

+xxxsel=\xxxgrp\xxxlst1,\xxxgrp\xxxlst2
\ No newline at end of file