Browse Source

部分代码审计

yzx 7 months ago
parent
commit
2465e8bc3c

+ 5 - 5
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/mail/MailTemplateController.java

@@ -67,11 +67,11 @@ public class MailTemplateController {
         for (AdminUserDO teacher : TeacherList) {
             pageReqVO.setDate(today);
             List<StudentAttendanceEmailVO> normalList = BeanUtils.toBean(
-                    studentAttendanceService.getStudentAttendanceList(pageReqVO.setDeptId(String.valueOf(teacher.getDeptId()))),
+                    studentAttendanceService.getStudentAttendanceListForTeacher(pageReqVO.setDeptId(String.valueOf(teacher.getDeptId()))),
                     StudentAttendanceEmailVO.class
             );
             List<StudentAttendanceEmailVO> errorList = BeanUtils.toBean(
-                    studentAttendanceService.getStudentAttendanceErrorList(pageReqVO.setDeptId(String.valueOf(teacher.getDeptId()))),
+                    studentAttendanceService.getStudentAttendanceErrorListForTeacher(pageReqVO.setDeptId(String.valueOf(teacher.getDeptId()))),
                     StudentAttendanceEmailVO.class
             );
 
@@ -179,11 +179,11 @@ public class MailTemplateController {
         for (AdminUserDO teacher : TeacherList) {
             pageReqVO.setDate(today);
             List<StudentAttendanceEmailVO> normalList = BeanUtils.toBean(
-                    studentAttendanceService.getStudentAttendancePage(pageReqVO.setDeptId(String.valueOf(teacher.getDeptId()))).getList(),
+                    studentAttendanceService.getStudentAttendanceListForTeacher(pageReqVO.setDeptId(String.valueOf(teacher.getDeptId()))),
                     StudentAttendanceEmailVO.class
             );
             List<StudentAttendanceEmailVO> errorList = BeanUtils.toBean(
-                    studentAttendanceService.getStudentAttendanceErrorPage(pageReqVO.setDeptId(String.valueOf(teacher.getDeptId()))).getList(),
+                    studentAttendanceService.getStudentAttendanceErrorListForTeacher(pageReqVO.setDeptId(String.valueOf(teacher.getDeptId()))),
                     StudentAttendanceEmailVO.class
             );
 
@@ -210,7 +210,7 @@ public class MailTemplateController {
             templateParams.put("normalList", normalListBuilder.toString());
             templateParams.put("errorList", errorListBuilder.toString());
             if (teacher.getEmail()!=null) {
-                mailSendService.sendSingleMailToMember("2653015384@qq.com", teacher.getId(), "attendance-list", templateParams);
+                mailSendService.sendSingleMailToMember(teacher.getEmail(), teacher.getId(), "attendance-list", templateParams);
             }
         }
     }

+ 2 - 2
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/sms/SmsTemplateController.java

@@ -66,7 +66,7 @@ public class SmsTemplateController {
         for (AdminUserDO student :studentList) {
             if (student.getUserNumber()!=null) {
                 attendanceReqVO.setUserNumber(student.getUserNumber());
-                List<StudentAttendanceDO> attendanceList = studentAttendanceService.getStudentAttendanceErrorList(attendanceReqVO);
+                List<StudentAttendanceDO> attendanceList = studentAttendanceService.getStudentAttendanceErrorListForTeacher(attendanceReqVO);
                 Map<String, Object> templateParams = new HashMap<>();
                 templateParams.put("studentName", student.getNickname());
                 if (attendanceList.size() > 2 && student.getParentMobile()!=null) {
@@ -154,7 +154,7 @@ public class SmsTemplateController {
         for (AdminUserDO student :studentList) {
             if (student.getUserNumber()!=null) {
                 attendanceReqVO.setUserNumber(student.getUserNumber());
-                List<StudentAttendanceDO> attendanceList = studentAttendanceService.getStudentAttendanceErrorList(attendanceReqVO);
+                List<StudentAttendanceDO> attendanceList = studentAttendanceService.getStudentAttendanceErrorListForTeacher(attendanceReqVO);
                 Map<String, Object> templateParams = new HashMap<>();
                 templateParams.put("studentName", student.getNickname());
                 if (attendanceList.size()==2) {

+ 14 - 4
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/studentAttendance/StudentAttendanceController.java

@@ -2,6 +2,7 @@ package cn.iocoder.yudao.module.system.controller.admin.studentAttendance;
 
 import cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils;
 import cn.iocoder.yudao.module.system.controller.admin.user.vo.user.UserPageReqVO;
+import cn.iocoder.yudao.module.system.dal.dataobject.dept.DeptDO;
 import cn.iocoder.yudao.module.system.dal.dataobject.user.AdminUserDO;
 import cn.iocoder.yudao.module.system.service.dept.DeptService;
 import cn.iocoder.yudao.module.system.service.user.AdminUserService;
@@ -71,7 +72,7 @@ public class StudentAttendanceController {
 //        checkAttendanceFirst();
 //    }
 
-    @GetMapping("/test")
+    @GetMapping("")
     public void checkAttendanceFirst() {
             UserPageReqVO reqVO =new UserPageReqVO();
             StudentAttendancePageReqVO attendanceReqVO =new StudentAttendancePageReqVO();
@@ -290,7 +291,10 @@ public class StudentAttendanceController {
         for (int i = 0; i < limit; i++) {
             StudentAttendanceDO attendance = attendanceList.get(i);
             if (attendance.getSupervisorId()!=null){
-            attendance.setSupervisor(adminUserService.getUser(attendance.getSupervisorId()).getNickname());
+                AdminUserDO userDO = adminUserService.getUser(attendance.getSupervisorId());
+                if(userDO != null){
+                    attendance.setSupervisor(userDO.getNickname());
+                }
             }
             if (attendance.getDeptId()!=null) {
                 if (attendance.getDeptId()==0){
@@ -321,13 +325,19 @@ public class StudentAttendanceController {
                         .limit(20)
                         .peek(attendance -> {
                             if (attendance.getSupervisorId() != null) {
-                                attendance.setSupervisor(adminUserService.getUser(attendance.getSupervisorId()).getNickname());
+                                AdminUserDO supervisorUser = adminUserService.getUser(attendance.getSupervisorId());
+                                if(supervisorUser != null){
+                                    attendance.setSupervisor(supervisorUser.getNickname());
+                                }
                             }
                             if (attendance.getDeptId() != null) {
                                 if (attendance.getDeptId()==0){
                                     attendance.setDeptName("测绘学院");
                                 }else {
-                                    attendance.setDeptName(deptService.getDept(attendance.getDeptId()).getName());
+                                    DeptDO dept = deptService.getDept(attendance.getDeptId());
+                                    if(dept != null){
+                                        attendance.setDeptName(dept.getName());
+                                    }
                                 }
                             }
                         })

+ 1 - 1
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/user/UserController.java

@@ -100,8 +100,8 @@ public class UserController {
     @Parameter(name = "id", description = "编号", required = true, example = "1024")
     @PreAuthorize("@ss.hasPermission('system:user:delete')")
     public CommonResult<Boolean> deleteUser(@RequestParam("id") Long id) {
-        userService.deleteUser(id);
         AdminUserDO user =userService.getUser(id);
+        userService.deleteUser(id);
         if ("3".equals(user.getUserType())) {//是导师删除其工作间负责人id
             DeptDO originDept = deptService.getDept(user.getDeptId());
             DeptSaveReqVO originNewDept = BeanUtils.toBean(originDept, DeptSaveReqVO.class);

+ 47 - 0
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/dal/mysql/studentAttendance/StudentAttendanceMapper.java

@@ -136,6 +136,30 @@ public interface StudentAttendanceMapper extends BaseMapperX<StudentAttendanceDO
         return selectList(queryWrapper);
     }
 
+    default List<StudentAttendanceDO> selectListForTeacher(StudentAttendancePageReqVO reqVO) {
+         // 创建查询包装器
+        MPJLambdaWrapperX<StudentAttendanceDO> queryWrapper = new MPJLambdaWrapperX<>();
+        // 添加查询条件
+        queryWrapper.betweenIfPresent(StudentAttendanceDO::getClockInTime,reqVO.getCreateTime())
+                .eqIfPresent(StudentAttendanceDO::getDate,reqVO.getDate())
+                .selectAll(StudentAttendanceDO.class)
+                .selectAs(DeptDO::getName, StudentAttendanceDO::getDeptName)
+                .selectAs(AdminUserDO::getUserNumber, StudentAttendanceDO::getUserNumber)
+                .leftJoin(DeptDO.class, DeptDO::getId, StudentAttendanceDO::getDeptId)
+                .leftJoin(AdminUserDO.class, AdminUserDO::getId, StudentAttendanceDO::getStudentId)
+                .eqIfExists(StudentAttendanceDO::getClockInStatus,"0")//正常
+                .eqIfExists(StudentAttendanceDO::getStudentId, reqVO.getStudentId())
+                .likeIfExists(StudentAttendanceDO::getStudentName, reqVO.getStudentName())
+                .likeIfExists(StudentAttendanceDO::getUserNumber, reqVO.getUserNumber())//按学号查
+                .eqIfExists(StudentAttendanceDO::getSupervisorId,reqVO.getSupervisorId())//导师
+                .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
+                .eqIfExists(StudentAttendanceDO::getClockInStatus, reqVO.getClockInStatus())
+                .eqIfExists(StudentAttendanceDO::getRemark, reqVO.getRemark())
+
+                .orderByDesc(StudentAttendanceDO::getClockInTime);
+        return selectList(queryWrapper);
+    }
+
     //全部异常的异常考勤记录
     default PageResult<StudentAttendanceDO> selectErrorPage(StudentAttendancePageReqVO reqVO, Set<Long> roleIds,Long loginId) {
         Long dept_id = SecurityFrameworkUtils.getLoginUserDeptId();
@@ -205,7 +229,30 @@ public interface StudentAttendanceMapper extends BaseMapperX<StudentAttendanceDO
         }
         return selectList(queryWrapperX);
     }
+    //全部异常的异常考勤记录
+    default List<StudentAttendanceDO> selectErrorListForTeacher(StudentAttendancePageReqVO reqVO) {
+
+        MPJLambdaWrapperX<StudentAttendanceDO> queryWrapperX =new MPJLambdaWrapperX<>();
+        queryWrapperX.betweenIfPresent(StudentAttendanceDO::getCreateTime,reqVO.getCreateTime())
+                .eqIfPresent(StudentAttendanceDO::getDate,reqVO.getDate())
+                .selectAll(StudentAttendanceDO.class)
+                .selectAs(DeptDO::getName, StudentAttendanceDO::getDeptName)
+                .selectAs(AdminUserDO::getUserNumber, StudentAttendanceDO::getUserNumber)
+                .leftJoin(DeptDO.class, DeptDO::getId, StudentAttendanceDO::getDeptId)
+                .leftJoin(AdminUserDO.class, AdminUserDO::getId, StudentAttendanceDO::getStudentId)
+                .likeIfExists(StudentAttendanceDO::getStudentName, reqVO.getStudentName())
+                .likeIfExists(StudentAttendanceDO::getUserNumber, reqVO.getUserNumber())//按学号查
+                .likeIfExists(DeptDO::getName,reqVO.getDeptName())//工作间名称
+                .eqIfExists(StudentAttendanceDO::getSupervisorId,reqVO.getSupervisorId())//导师查
+                .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
+                .eqIfExists(StudentAttendanceDO::getClockInStatus, reqVO.getClockInStatus())
+                .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
+                //1未打卡
+                .eqIfExists(StudentAttendanceDO::getClockInStatus,"1")
+                .orderByDesc(StudentAttendanceDO::getDate);//未打卡
 
+        return selectList(queryWrapperX);
+    }
     //根据登录人员不同显示全部请假的考勤记录
     default PageResult<StudentAttendanceDO> selectExcusedPage(StudentAttendancePageReqVO reqVO, Set<Long> roleIds,Long loginId) {
         Long dept_id = SecurityFrameworkUtils.getLoginUserDeptId();

+ 4 - 0
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/studentAttendance/StudentAttendanceService.java

@@ -60,10 +60,14 @@ public interface StudentAttendanceService {
     PageResult<StudentAttendanceDO> getStudentAttendancePage(StudentAttendancePageReqVO pageReqVO);//
     List<StudentAttendanceDO> getStudentAttendanceList(StudentAttendancePageReqVO pageReqVO);//
 
+    List<StudentAttendanceDO> getStudentAttendanceListForTeacher(StudentAttendancePageReqVO pageReqVO);
+
     //异常
     PageResult<StudentAttendanceDO> getStudentAttendanceErrorPage(StudentAttendancePageReqVO pageReqVO);
     List<StudentAttendanceDO> getStudentAttendanceErrorList(StudentAttendancePageReqVO pageReqVO);//
 
+    List<StudentAttendanceDO> getStudentAttendanceErrorListForTeacher(StudentAttendancePageReqVO pageReqVO);
+
     PageResult<StudentAttendanceDO> getStudentAttendanceExcusedPage(StudentAttendancePageReqVO pageReqVO);
     List<StudentAttendanceDO> getStudentAttendanceExcusedList(StudentAttendancePageReqVO pageReqVO);
 

+ 50 - 7
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/studentAttendance/StudentAttendanceServiceImpl.java

@@ -1,20 +1,18 @@
 package cn.iocoder.yudao.module.system.service.studentAttendance;
 
 import cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils;
+import cn.iocoder.yudao.module.system.dal.dataobject.user.AdminUserDO;
 import cn.iocoder.yudao.module.system.service.permission.PermissionService;
 import cn.iocoder.yudao.module.system.service.user.AdminUserService;
 import org.springframework.stereotype.Service;
 import javax.annotation.Resource;
 import org.springframework.validation.annotation.Validated;
-import org.springframework.transaction.annotation.Transactional;
 
-import java.time.LocalDate;
 import java.time.LocalDateTime;
 import java.util.*;
 import cn.iocoder.yudao.module.system.controller.admin.studentAttendance.vo.*;
 import cn.iocoder.yudao.module.system.dal.dataobject.studentAttendance.StudentAttendanceDO;
 import cn.iocoder.yudao.framework.common.pojo.PageResult;
-import cn.iocoder.yudao.framework.common.pojo.PageParam;
 import cn.iocoder.yudao.framework.common.util.object.BeanUtils;
 
 import cn.iocoder.yudao.module.system.dal.mysql.studentAttendance.StudentAttendanceMapper;
@@ -90,7 +88,10 @@ public class StudentAttendanceServiceImpl implements StudentAttendanceService {
         PageResult<StudentAttendanceDO> result = studentAttendanceMapper.selectPage(pageReqVO,roleIds,loginId);
         result.getList().stream().forEach(attendanceDO-> {
             if (attendanceDO.getSupervisorId()!=null){
-                attendanceDO.setSupervisor(adminUserService.getUser(attendanceDO.getSupervisorId()).getNickname());
+                AdminUserDO userDO = adminUserService.getUser(attendanceDO.getSupervisorId());
+                if(userDO != null){
+                    attendanceDO.setSupervisor(userDO.getNickname());
+                }
             }
             if (attendanceDO.getDeptId()==null||attendanceDO.getDeptId()==0L){
                 attendanceDO.setDeptName("测绘学院");
@@ -107,7 +108,28 @@ public class StudentAttendanceServiceImpl implements StudentAttendanceService {
         List<StudentAttendanceDO> result = studentAttendanceMapper.selectList(pageReqVO,roleIds,loginId);
         result.stream().forEach(attendanceDO-> {
             if (attendanceDO.getSupervisorId()!=null){
-                attendanceDO.setSupervisor(adminUserService.getUser(attendanceDO.getSupervisorId()).getNickname());
+                AdminUserDO userDO = adminUserService.getUser(attendanceDO.getSupervisorId());
+                if(userDO != null){
+                    attendanceDO.setSupervisor(userDO.getNickname());
+                }
+            }
+            if (attendanceDO.getDeptId()==null||attendanceDO.getDeptId()==0L){
+                attendanceDO.setDeptName("测绘学院");
+            }
+        });
+        return result;
+    }
+
+    @Override
+    public List<StudentAttendanceDO> getStudentAttendanceListForTeacher(StudentAttendancePageReqVO pageReqVO) {
+
+        List<StudentAttendanceDO> result = studentAttendanceMapper.selectListForTeacher(pageReqVO);
+        result.stream().forEach(attendanceDO-> {
+            if (attendanceDO.getSupervisorId()!=null){
+                AdminUserDO userDO = adminUserService.getUser(attendanceDO.getSupervisorId());
+                if(userDO != null){
+                    attendanceDO.setSupervisor(userDO.getNickname());
+                }
             }
             if (attendanceDO.getDeptId()==null||attendanceDO.getDeptId()==0L){
                 attendanceDO.setDeptName("测绘学院");
@@ -116,6 +138,7 @@ public class StudentAttendanceServiceImpl implements StudentAttendanceService {
         return result;
     }
 
+
     @Override
     public PageResult<StudentAttendanceDO> getStudentAttendanceErrorPage(StudentAttendancePageReqVO pageReqVO) {
         Long loginId = SecurityFrameworkUtils.getLoginUserId();
@@ -133,6 +156,24 @@ public class StudentAttendanceServiceImpl implements StudentAttendanceService {
         return result;
     }
 
+    @Override
+    public List<StudentAttendanceDO> getStudentAttendanceErrorListForTeacher(StudentAttendancePageReqVO pageReqVO) {
+
+        List<StudentAttendanceDO> result =studentAttendanceMapper.selectErrorListForTeacher(pageReqVO);
+
+        result.stream().forEach(attendanceDO-> {
+            if (attendanceDO.getSupervisorId()!=null){
+                AdminUserDO supervisorUser = adminUserService.getUser(attendanceDO.getSupervisorId());
+                if(supervisorUser != null){
+                    attendanceDO.setSupervisor(supervisorUser.getNickname());
+                }
+             }
+            if (attendanceDO.getDeptId()==null||attendanceDO.getDeptId()==0L){
+                attendanceDO.setDeptName("测绘学院");
+            }
+        });
+        return result;
+    }
     @Override
     public List<StudentAttendanceDO> getStudentAttendanceErrorList(StudentAttendancePageReqVO pageReqVO) {
         Long loginId = SecurityFrameworkUtils.getLoginUserId();
@@ -142,7 +183,10 @@ public class StudentAttendanceServiceImpl implements StudentAttendanceService {
 
         result.stream().forEach(attendanceDO-> {
             if (attendanceDO.getSupervisorId()!=null){
-                attendanceDO.setSupervisor(adminUserService.getUser(attendanceDO.getSupervisorId()).getNickname());
+                AdminUserDO supervisorUser = adminUserService.getUser(attendanceDO.getSupervisorId());
+                if(supervisorUser != null){
+                    attendanceDO.setSupervisor(supervisorUser.getNickname());
+                }
             }
             if (attendanceDO.getDeptId()==null||attendanceDO.getDeptId()==0L){
                 attendanceDO.setDeptName("测绘学院");
@@ -150,7 +194,6 @@ public class StudentAttendanceServiceImpl implements StudentAttendanceService {
         });
         return result;
     }
-
     @Override
     public PageResult<StudentAttendanceDO> getStudentAttendanceExcusedPage(StudentAttendancePageReqVO pageReqVO){
         Long loginId = SecurityFrameworkUtils.getLoginUserId();

+ 7 - 5
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/user/AdminUserServiceImpl.java

@@ -363,11 +363,13 @@ public class AdminUserServiceImpl implements AdminUserService {
             if ("1".equals(student.getUserType()) ||"2".equals(student.getUserType())) {
                 if (student.getSupervisorId() != null) {
                     AdminUserDO supervisorUser = getUser(student.getSupervisorId());
-                    String supervisor = supervisorUser.getNickname();
-                    String mobile = supervisorUser.getMobile();
-                    // 赋值给 对应 字段
-                    student.setSupervisor(supervisor);
-                    student.setSupervisorMobile(mobile);
+                    if(supervisorUser != null){
+                        String supervisor = supervisorUser.getNickname();
+                        String mobile = supervisorUser.getMobile();
+                        // 赋值给 对应 字段
+                        student.setSupervisor(supervisor);
+                        student.setSupervisorMobile(mobile);
+                    }
                 }
             }
         }

+ 5 - 0
yudao-module-system/yudao-module-system-biz/src/main/resources/Mapper/AdminUserMapper/AdminUserMapper.xml

@@ -98,6 +98,7 @@
                 AND a.photo_url IS NOT NULL AND a.photo_url != ''
             </if>
         </if>
+        AND a.deleted = 0
         GROUP BY
         a.id
         ORDER BY
@@ -186,6 +187,7 @@
                 AND a.photo_url IS NOT NULL AND a.photo_url != ''
             </if>
         </if>
+        AND a.deleted = 0
         GROUP BY a.id
         ) AS subquery;
     </select>
@@ -288,6 +290,8 @@
                 AND a.photo_url IS NOT NULL AND a.photo_url != ''
             </if>
         </if>
+        AND a.deleted = 0
+
         GROUP BY
         a.id
         ORDER BY
@@ -381,6 +385,7 @@
                 AND a.photo_url IS NOT NULL AND a.photo_url != ''
             </if>
         </if>
+        AND a.deleted = 0
         GROUP BY
         a.id
         ORDER BY