diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/AccessTokenController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/AccessTokenController.java index 27ac1772a0..103709c502 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/AccessTokenController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/AccessTokenController.java @@ -22,6 +22,7 @@ import cn.escheduler.api.service.AccessTokenService; import cn.escheduler.api.service.UsersService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -113,6 +114,7 @@ public class AccessTokenController extends BaseController{ if(result.get(Constants.STATUS) != Status.SUCCESS){ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = accessTokenService.queryAccessTokenList(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/AlertGroupController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/AlertGroupController.java index 759f9009e2..bf61cf76e3 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/AlertGroupController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/AlertGroupController.java @@ -20,6 +20,7 @@ import cn.escheduler.api.service.AlertGroupService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.AlertType; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -109,6 +110,7 @@ public class AlertGroupController extends BaseController{ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = alertGroupService.listPaging(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/DataSourceController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/DataSourceController.java index be8149b18a..fcaf2beae9 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/DataSourceController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/DataSourceController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.service.DataSourceService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.DbType; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -182,6 +183,7 @@ public class DataSourceController extends BaseController { if (result.get(Constants.STATUS) != Status.SUCCESS) { return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = dataSourceService.queryDataSourceListPaging(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); } catch (Exception e) { diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessDefinitionController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessDefinitionController.java index ec1f38b0ce..4678425e30 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessDefinitionController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessDefinitionController.java @@ -20,6 +20,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.ProcessDefinitionService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -235,6 +236,7 @@ public class ProcessDefinitionController extends BaseController{ if(result.get(Constants.STATUS) != Status.SUCCESS){ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = processDefinitionService.queryProcessDefinitionListPaging(loginUser, projectName, searchVal, pageNo, pageSize, userId); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessInstanceController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessInstanceController.java index 323e240d79..2ae21ffb89 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessInstanceController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessInstanceController.java @@ -22,6 +22,7 @@ import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.ExecutionStatus; import cn.escheduler.common.enums.Flag; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -72,6 +73,7 @@ public class ProcessInstanceController extends BaseController{ "search value:{},state type:{},host:{},start time:{}, end time:{},page number:{}, page size:{}", loginUser.getUserName(), projectName, processDefinitionId, searchVal, stateType,host, startTime, endTime, pageNo, pageSize); + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = processInstanceService.queryProcessInstanceList( loginUser, projectName, processDefinitionId, startTime, endTime, searchVal, stateType, host, pageNo, pageSize); return returnDataListPaging(result); diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProjectController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProjectController.java index b6ca222adc..1a4b30c889 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProjectController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProjectController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.ProjectService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -134,6 +135,7 @@ public class ProjectController extends BaseController { try { logger.info("login user {}, query project list paging", loginUser.getUserName()); + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = projectService.queryProjectListPaging(loginUser, pageSize, pageNo, searchVal); return returnDataListPaging(result); } catch (Exception e) { diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/QueueController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/QueueController.java index 29c01a1483..89ac8f05c1 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/QueueController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/QueueController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.QueueService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -82,6 +83,7 @@ public class QueueController extends BaseController{ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = queueService.queryList(loginUser,searchVal,pageNo,pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/ResourcesController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/ResourcesController.java index 12a03ca319..1574012d19 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/ResourcesController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/ResourcesController.java @@ -23,6 +23,7 @@ import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.ResourceType; import cn.escheduler.common.enums.UdfType; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; @@ -146,6 +147,7 @@ public class ResourcesController extends BaseController{ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = resourceService.queryResourceListPaging(loginUser,type,searchVal,pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/SchedulerController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/SchedulerController.java index 8449bd1d38..5433ff0467 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/SchedulerController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/SchedulerController.java @@ -24,6 +24,7 @@ import cn.escheduler.common.enums.FailureStrategy; import cn.escheduler.common.enums.Priority; import cn.escheduler.common.enums.ReleaseState; import cn.escheduler.common.enums.WarningType; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -201,6 +202,7 @@ public class SchedulerController extends BaseController{ logger.info("login user {}, query schedule, project name: {}, process definition id: {}", loginUser.getUserName(), projectName, processDefinitionId); try { + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = schedulerService.querySchedule(loginUser, projectName, processDefinitionId, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/TaskInstanceController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/TaskInstanceController.java index d9d18923e0..401f5e8f0a 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/TaskInstanceController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/TaskInstanceController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.service.TaskInstanceService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.ExecutionStatus; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -68,6 +69,7 @@ public class TaskInstanceController extends BaseController{ try{ logger.info("query task instance list, project name:{},process instance:{}, search value:{},task name:{}, state type:{}, host:{}, start:{}, end:{}", projectName, processInstanceId, searchVal, taskName, stateType, host, startTime, endTime); + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = taskInstanceService.queryTaskListPaging( loginUser, projectName, processInstanceId, taskName, startTime, endTime, searchVal, stateType, host, pageNo, pageSize); return returnDataListPaging(result); diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/TenantController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/TenantController.java index 2feb68783d..46e5b2961d 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/TenantController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/TenantController.java @@ -21,7 +21,9 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.TenantService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -98,6 +100,7 @@ public class TenantController extends BaseController{ if(result.get(Constants.STATUS) != Status.SUCCESS){ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = tenantService.queryTenantList(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/UsersController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/UsersController.java index 72f2eb31c2..524ac73faa 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/UsersController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/UsersController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.UsersService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -101,6 +102,7 @@ public class UsersController extends BaseController{ if(result.get(Constants.STATUS) != Status.SUCCESS){ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = usersService.queryUserList(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/WorkerGroupController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/WorkerGroupController.java index 4843a8083e..93ca2dfa3c 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/WorkerGroupController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/WorkerGroupController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.WorkerGroupService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -90,6 +91,7 @@ public class WorkerGroupController extends BaseController{ loginUser.getUserName() , pageNo, pageSize, searchVal); try { + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = workerGroupService.queryAllGroupPaging(pageNo, pageSize, searchVal); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-common/src/main/java/cn/escheduler/common/utils/ParameterUtils.java b/escheduler-common/src/main/java/cn/escheduler/common/utils/ParameterUtils.java index 055a774051..50f4040ee6 100644 --- a/escheduler-common/src/main/java/cn/escheduler/common/utils/ParameterUtils.java +++ b/escheduler-common/src/main/java/cn/escheduler/common/utils/ParameterUtils.java @@ -159,4 +159,18 @@ public class ParameterUtils { } return null; } + + + /** + * handle escapes + * @param inputString + * @return + */ + public static String handleEscapes(String inputString){ + + if(StringUtils.isNotEmpty(inputString)){ + return inputString.replace("%", "////%"); + } + return inputString; + } }