部分代码审计

yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/mail/MailTemplateController.java

@@ -137,7 +137,7 @@ public class MailTemplateController {
     @Operation(summary = "发送Excel给导师")
     public void sendExcelMailToTeacher() throws IOException {
         // 获取导师
-        Set<Long> collegeIdList =  permissionService.getUserListByRoleId(114L);
+        Set<Long> collegeIdList =  permissionService.getUserListByRoleId(113L);
         List<AdminUserDO> TeacherList = adminUserService.getUserList(collegeIdList);
 
         StudentAttendancePageReqVO pageReqVO = new StudentAttendancePageReqVO();
@@ -145,27 +145,23 @@ public class MailTemplateController {
 
         // 获取前一天
         LocalDate yesterday = LocalDate.now().minusDays(1);
-        //        // 检查昨天是否是周日
-//        if (yesterday.getDayOfWeek() == DayOfWeek.SUNDAY) {
-//            return; // 直接返回，不推送周日的
-//        }
+
         if (TeacherList != null && !TeacherList.isEmpty()) {
             for (AdminUserDO teacher : TeacherList) {
-                if (teacher.getDeptId() == null || teacher.getDeptId() == 0) {
-                    return;
+                if (!(teacher.getDeptId() == null || teacher.getDeptId() == 0)) {
+                    pageReqVO.setDeptId(teacher.getDeptId());
                 }
                 pageReqVO.setDate(yesterday);
-                pageReqVO.setDeptId(teacher.getDeptId());
                 List<StudentAttendanceSupervisorTemplateVO> normalList = BeanUtils.toBean(
-                        studentAttendanceService.getStudentAttendanceListForTeacher(pageReqVO),
+                        studentAttendanceService.getStudentAttendanceListForTeacher(pageReqVO.setSupervisorId(getLoginUserId())),
                         StudentAttendanceSupervisorTemplateVO.class
                 );
                 List<StudentAttendanceSupervisorTemplateVO> errorList = BeanUtils.toBean(
-                        studentAttendanceService.getStudentAttendanceErrorListForTeacher(pageReqVO),
+                        studentAttendanceService.getStudentAttendanceErrorListForTeacher(pageReqVO.setSupervisorId(getLoginUserId())),
                         StudentAttendanceSupervisorTemplateVO.class
                 );
                 List<StudentAttendanceSupervisorTemplateVO> excusedList = BeanUtils.toBean(
-                        studentAttendanceService.getStudentAttendanceExcusedListForTeacher(pageReqVO),
+                        studentAttendanceService.getStudentAttendanceExcusedListForTeacher(pageReqVO.setSupervisorId(getLoginUserId())),
                         StudentAttendanceSupervisorTemplateVO.class
                 );
                 // 创建 ByteArrayOutputStream 用来存储 Excel 文件数据
@@ -186,7 +182,7 @@ public class MailTemplateController {
                 // 创建附件 Map
                 Map<String, InputStream> attachments = new HashMap<>();
                 // 使用 ByteArrayInputStream 来创建附件
-                attachments.put(yesterday+"_"+teacher.getDeptName()+"考勤信息.xlsx", new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
+                attachments.put(teacher.getDeptName() + "_"  + yesterday + "_" + "工作间考勤信息.xlsx", new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
 
                 // 发送邮件，包含附件
                 if (teacher.getEmail() != null) {

yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/dal/mysql/studentAttendance/StudentAttendanceMapper.java

@@ -158,6 +158,7 @@ public interface StudentAttendanceMapper extends BaseMapperX<StudentAttendanceDO
                 .likeIfExists(StudentAttendanceDO::getUserNumber, reqVO.getUserNumber())//按学号查
                 .eqIfExists(StudentAttendanceDO::getSupervisorId,reqVO.getSupervisorId())//导师
                 .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
+                .isNotNull(StudentAttendanceDO::getDeptId)
                 .eqIfExists(StudentAttendanceDO::getClockInStatus, reqVO.getClockInStatus())
                 .eqIfExists(StudentAttendanceDO::getRemark, reqVO.getRemark())
 
@@ -184,6 +185,7 @@ public interface StudentAttendanceMapper extends BaseMapperX<StudentAttendanceDO
                 .eqIfExists(StudentAttendanceDO::getSupervisorId,reqVO.getSupervisorId())//导师
                 .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
                 .eqIfExists(StudentAttendanceDO::getClockInStatus, reqVO.getClockInStatus())
+                .isNotNull(StudentAttendanceDO::getDeptId)
                 //1未打卡
                 .eqIfExists(StudentAttendanceDO::getClockInStatus,"1")
                 .orderByDesc(StudentAttendanceDO::getDate);//未打卡
@@ -221,6 +223,7 @@ public interface StudentAttendanceMapper extends BaseMapperX<StudentAttendanceDO
                 .eqIfExists(StudentAttendanceDO::getSupervisorId,reqVO.getSupervisorId())//导师查
                 .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
                 .eqIfExists(StudentAttendanceDO::getClockInStatus, reqVO.getClockInStatus())
+                .isNotNull(StudentAttendanceDO::getDeptId)
                 //1未打卡
                 .eqIfExists(StudentAttendanceDO::getClockInStatus,"1")
                 .orderByDesc(StudentAttendanceDO::getDate);//未打卡
@@ -254,6 +257,7 @@ public interface StudentAttendanceMapper extends BaseMapperX<StudentAttendanceDO
                 .likeIfExists(DeptDO::getName,reqVO.getDeptName())//工作间名称
                 .eqIfExists(StudentAttendanceDO::getSupervisorId,reqVO.getSupervisorId())//导师查
                 .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
+                .isNotNull(StudentAttendanceDO::getDeptId)
                 //1未打卡
                 .eqIfExists(StudentAttendanceDO::getClockInStatus,"1")
                 .orderByDesc(StudentAttendanceDO::getDate);//未打卡
@@ -280,6 +284,7 @@ public interface StudentAttendanceMapper extends BaseMapperX<StudentAttendanceDO
                 .eqIfExists(StudentAttendanceDO::getClockInStatus,"2")//请假
                 .eqIfExists(StudentAttendanceDO::getStudentId, reqVO.getStudentId())
                 .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
+                .isNotNull(StudentAttendanceDO::getDeptId)
                 .eqIfExists(StudentAttendanceDO::getClockInStatus, reqVO.getClockInStatus())
                 .eqIfExists(StudentAttendanceDO::getRemark, reqVO.getRemark())
                 .eqIfExists(StudentAttendanceDO::getSupervisorId,reqVO.getSupervisorId())//导师查
@@ -320,6 +325,7 @@ public interface StudentAttendanceMapper extends BaseMapperX<StudentAttendanceDO
                 .eqIfExists(StudentAttendanceDO::getClockInStatus,"2")//请假
                 .eqIfExists(StudentAttendanceDO::getStudentId, reqVO.getStudentId())
                 .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
+                .isNotNull(StudentAttendanceDO::getDeptId)
                 .eqIfExists(StudentAttendanceDO::getClockInStatus, reqVO.getClockInStatus())
                 .eqIfExists(StudentAttendanceDO::getRemark, reqVO.getRemark())
                 .eqIfExists(StudentAttendanceDO::getSupervisorId,reqVO.getSupervisorId())//导师查
@@ -355,6 +361,7 @@ public interface StudentAttendanceMapper extends BaseMapperX<StudentAttendanceDO
                 .likeIfExists(DeptDO::getName,reqVO.getDeptName())//工作间名称
                 .eqIfExists(StudentAttendanceDO::getSupervisorId,reqVO.getSupervisorId())//导师查
                 .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
+                .isNotNull(StudentAttendanceDO::getDeptId)
                 .eqIfExists(StudentAttendanceDO::getClockInStatus, reqVO.getClockInStatus())
                 .eqIfExists(StudentAttendanceDO::getDeptId, reqVO.getDeptId())
                 //1未打卡