Example 26 with UpdateWrapper
use of com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper in project tutorials-java by Artister.
the class WrapperTest method tests.
@Test
public void tests() {
System.out.println("----- 普通查询 ------");
List<User> plainUsers = userMapper.selectList(new QueryWrapper<User>().eq("role_id", 2L));
List<User> lambdaUsers = userMapper.selectList(new QueryWrapper<User>().lambda().eq(User::getRoleId, 2L));
Assert.assertEquals(plainUsers.size(), lambdaUsers.size());
print(plainUsers);
System.out.println("----- 带子查询(sql注入) ------");
List<User> plainUsers2 = userMapper.selectList(new QueryWrapper<User>().inSql("role_id", "select id from role where id = 2"));
List<User> lambdaUsers2 = userMapper.selectList(new QueryWrapper<User>().lambda().inSql(User::getRoleId, "select id from role where id = 2"));
Assert.assertEquals(plainUsers2.size(), lambdaUsers2.size());
print(plainUsers2);
System.out.println("----- 带嵌套查询 ------");
List<User> plainUsers3 = userMapper.selectList(new QueryWrapper<User>().nested(i -> i.eq("role_id", 2L).or().eq("role_id", 3L)).and(i -> i.ge("age", 20)));
List<User> lambdaUsers3 = userMapper.selectList(new QueryWrapper<User>().lambda().nested(i -> i.eq(User::getRoleId, 2L).or().eq(User::getRoleId, 3L)).and(i -> i.ge(User::getAge, 20)));
Assert.assertEquals(plainUsers3.size(), lambdaUsers3.size());
print(plainUsers3);
System.out.println("----- 自定义(sql注入) ------");
List<User> plainUsers4 = userMapper.selectList(new QueryWrapper<User>().apply("role_id = 2"));
print(plainUsers4);
UpdateWrapper<User> uw = new UpdateWrapper<>();
uw.set("email", null);
uw.eq("id", 4);
userMapper.update(new User(), uw);
User u4 = userMapper.selectById(4);
Assert.assertNull(u4.getEmail());
}
Also used :
QueryWrapper(com.baomidou.mybatisplus.core.conditions.query.QueryWrapper)
UpdateWrapper(com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper)
RoleMapper(com.baomidou.mybatisplus.samples.wrapper.mapper.RoleMapper)
Resource(javax.annotation.Resource)
RunWith(org.junit.runner.RunWith)
Test(org.junit.Test)
LambdaQueryWrapper(com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper)
UserMapper(com.baomidou.mybatisplus.samples.wrapper.mapper.UserMapper)
List(java.util.List)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
User(com.baomidou.mybatisplus.samples.wrapper.entity.User)
CollectionUtils(org.springframework.util.CollectionUtils)
SpringRunner(org.springframework.test.context.junit4.SpringRunner)
Assert(org.junit.Assert)
User(com.baomidou.mybatisplus.samples.wrapper.entity.User)
UpdateWrapper(com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper)
QueryWrapper(com.baomidou.mybatisplus.core.conditions.query.QueryWrapper)
LambdaQueryWrapper(com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 27 with UpdateWrapper
use of com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper in project mybatis-plus-samples by baomidou.
the class UpdateWrapperTest method tests.
/**
* UPDATE user SET age=?, email=? WHERE (name = ?)
*/
@Test
public void tests() {
// 方式一:
User user = new User();
user.setAge(29);
user.setEmail("test3update@baomidou.com");
userMapper.update(user, new UpdateWrapper<User>().eq("name", "Tom"));
// 方式二:
// 不创建User对象
userMapper.update(null, new UpdateWrapper<User>().set("age", 29).set("email", "test3update@baomidou.com").eq("name", "Tom"));
}
Also used :
User(com.baomidou.mybatisplus.samples.wrapper.entity.User)
UpdateWrapper(com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper)
LambdaUpdateWrapper(com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper)
Test(org.junit.jupiter.api.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 28 with UpdateWrapper
use of com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper in project HOJ by HimitZH.
the class AccountManager method changePassword.
/**
* @MethodName changePassword
* @Description 修改密码的操作,连续半小时内修改密码错误5次,则需要半个小时后才可以再次尝试修改密码
* @Return
* @Since 2021/1/8
*/
public ChangeAccountVo changePassword(ChangePasswordDto changePasswordDto) throws StatusSystemErrorException, StatusFailException {
String oldPassword = changePasswordDto.getOldPassword();
String newPassword = changePasswordDto.getNewPassword();
// 数据可用性判断
if (StringUtils.isEmpty(oldPassword) || StringUtils.isEmpty(newPassword)) {
throw new StatusFailException("错误:原始密码或新密码不能为空!");
}
if (newPassword.length() < 6 || newPassword.length() > 20) {
throw new StatusFailException("新密码长度应该为6~20位!");
}
// 获取当前登录的用户
org.apache.shiro.session.Session session = SecurityUtils.getSubject().getSession();
UserRolesVo userRolesVo = (UserRolesVo) session.getAttribute("userInfo");
// 如果已经被锁定半小时不能修改
String lockKey = Constants.Account.CODE_CHANGE_PASSWORD_LOCK + userRolesVo.getUid();
// 统计失败的key
String countKey = Constants.Account.CODE_CHANGE_PASSWORD_FAIL + userRolesVo.getUid();
ChangeAccountVo resp = new ChangeAccountVo();
if (redisUtils.hasKey(lockKey)) {
long expire = redisUtils.getExpire(lockKey);
Date now = new Date();
long minute = expire / 60;
long second = expire % 60;
SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
resp.setCode(403);
Date afterDate = new Date(now.getTime() + expire * 1000);
String msg = "由于您多次修改密码失败,修改密码功能已锁定,请在" + minute + "分" + second + "秒后(" + formatter.format(afterDate) + ")再进行尝试!";
resp.setMsg(msg);
return resp;
}
// 与当前登录用户的密码进行比较判断
if (userRolesVo.getPassword().equals(SecureUtil.md5(oldPassword))) {
// 如果相同,则进行修改密码操作
UpdateWrapper<UserInfo> updateWrapper = new UpdateWrapper<>();
// 数据库用户密码全部用md5加密
updateWrapper.set("password", SecureUtil.md5(newPassword)).eq("uuid", userRolesVo.getUid());
boolean isOk = userInfoEntityService.update(updateWrapper);
if (isOk) {
resp.setCode(200);
resp.setMsg("修改密码成功!您将于5秒钟后退出进行重新登录操作!");
// 清空记录
redisUtils.del(countKey);
// 更新session
userRolesVo.setPassword(SecureUtil.md5(newPassword));
session.setAttribute("userInfo", userRolesVo);
return resp;
} else {
throw new StatusSystemErrorException("系统错误:修改密码失败!");
}
} else {
// 如果不同,则进行记录,当失败次数达到5次,半个小时后才可重试
Integer count = (Integer) redisUtils.get(countKey);
if (count == null) {
// 三十分钟不尝试,该限制会自动清空消失
redisUtils.set(countKey, 1, 60 * 30);
count = 0;
} else if (count < 5) {
redisUtils.incr(countKey, 1);
}
count++;
if (count == 5) {
// 清空统计
redisUtils.del(countKey);
// 设置锁定更改
redisUtils.set(lockKey, "lock", 60 * 30);
}
resp.setCode(400);
resp.setMsg("原始密码错误!您已累计修改密码失败" + count + "次...");
return resp;
}
}
Also used :
UpdateWrapper(com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper)
StatusFailException(top.hcode.hoj.common.exception.StatusFailException)
StatusSystemErrorException(top.hcode.hoj.common.exception.StatusSystemErrorException)
SimpleDateFormat(java.text.SimpleDateFormat)
Example 29 with UpdateWrapper
use of com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper in project HOJ by HimitZH.
the class AccountManager method changeEmail.
/**
* @MethodName changeEmail
* @Description 修改邮箱的操作,连续半小时内密码错误5次,则需要半个小时后才可以再次尝试修改
* @Return
* @Since 2021/1/9
*/
public ChangeAccountVo changeEmail(ChangeEmailDto changeEmailDto) throws StatusSystemErrorException, StatusFailException {
String password = changeEmailDto.getPassword();
String newEmail = changeEmailDto.getNewEmail();
// 数据可用性判断
if (StringUtils.isEmpty(password) || StringUtils.isEmpty(newEmail)) {
throw new StatusFailException("错误:密码或新邮箱不能为空!");
}
if (!Validator.isEmail(newEmail)) {
throw new StatusFailException("邮箱格式错误!");
}
// 获取当前登录的用户
org.apache.shiro.session.Session session = SecurityUtils.getSubject().getSession();
UserRolesVo userRolesVo = (UserRolesVo) session.getAttribute("userInfo");
// 如果已经被锁定半小时不能修改
String lockKey = Constants.Account.CODE_CHANGE_EMAIL_LOCK + userRolesVo.getUid();
// 统计失败的key
String countKey = Constants.Account.CODE_CHANGE_EMAIL_FAIL + userRolesVo.getUid();
ChangeAccountVo resp = new ChangeAccountVo();
if (redisUtils.hasKey(lockKey)) {
long expire = redisUtils.getExpire(lockKey);
Date now = new Date();
long minute = expire / 60;
long second = expire % 60;
SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
resp.setCode(403);
Date afterDate = new Date(now.getTime() + expire * 1000);
String msg = "由于您多次修改邮箱失败,修改邮箱功能已锁定,请在" + minute + "分" + second + "秒后(" + formatter.format(afterDate) + ")再进行尝试!";
resp.setMsg(msg);
return resp;
}
// 与当前登录用户的密码进行比较判断
if (userRolesVo.getPassword().equals(SecureUtil.md5(password))) {
// 如果相同,则进行修改操作
UpdateWrapper<UserInfo> updateWrapper = new UpdateWrapper<>();
updateWrapper.set("email", newEmail).eq("uuid", userRolesVo.getUid());
boolean isOk = userInfoEntityService.update(updateWrapper);
if (isOk) {
UserInfoVo userInfoVo = new UserInfoVo();
BeanUtil.copyProperties(userRolesVo, userInfoVo, "roles");
userInfoVo.setRoleList(userRolesVo.getRoles().stream().map(Role::getRole).collect(Collectors.toList()));
resp.setCode(200);
resp.setMsg("修改邮箱成功!");
resp.setUserInfo(userInfoVo);
// 清空记录
redisUtils.del(countKey);
// 更新session
userRolesVo.setEmail(newEmail);
session.setAttribute("userInfo", userRolesVo);
return resp;
} else {
throw new StatusSystemErrorException("系统错误:修改邮箱失败!");
}
} else {
// 如果不同,则进行记录,当失败次数达到5次,半个小时后才可重试
Integer count = (Integer) redisUtils.get(countKey);
if (count == null) {
// 三十分钟不尝试,该限制会自动清空消失
redisUtils.set(countKey, 1, 60 * 30);
count = 0;
} else if (count < 5) {
redisUtils.incr(countKey, 1);
}
count++;
if (count == 5) {
// 清空统计
redisUtils.del(countKey);
// 设置锁定更改
redisUtils.set(lockKey, "lock", 60 * 30);
}
resp.setCode(400);
resp.setMsg("密码错误!您已累计修改邮箱失败" + count + "次...");
return resp;
}
}
Also used :
UpdateWrapper(com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper)
StatusFailException(top.hcode.hoj.common.exception.StatusFailException)
StatusSystemErrorException(top.hcode.hoj.common.exception.StatusSystemErrorException)
SimpleDateFormat(java.text.SimpleDateFormat)
Example 30 with UpdateWrapper
use of com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper in project HOJ by HimitZH.
the class CommentManager method deleteComment.
@Transactional(rollbackFor = Exception.class)
public void deleteComment(Comment comment) throws StatusForbiddenException, StatusFailException, AccessException {
// 获取当前登录的用户
Session session = SecurityUtils.getSubject().getSession();
UserRolesVo userRolesVo = (UserRolesVo) session.getAttribute("userInfo");
boolean isRoot = SecurityUtils.getSubject().hasRole("root");
boolean isProblemAdmin = SecurityUtils.getSubject().hasRole("problem_admin");
boolean isAdmin = SecurityUtils.getSubject().hasRole("admin");
// 如果不是评论本人 或者不是管理员 无权限删除该评论
Long cid = comment.getCid();
if (cid == null) {
QueryWrapper<Discussion> discussionQueryWrapper = new QueryWrapper<>();
discussionQueryWrapper.select("id", "gid").eq("id", comment.getDid());
Discussion discussion = discussionEntityService.getOne(discussionQueryWrapper);
Long gid = discussion.getGid();
if (gid == null) {
accessValidator.validateAccess(HOJAccessEnum.PUBLIC_DISCUSSION);
if (!comment.getFromUid().equals(userRolesVo.getUid()) && !isRoot && !isProblemAdmin && !isAdmin) {
throw new StatusForbiddenException("无权删除该评论");
}
} else {
accessValidator.validateAccess(HOJAccessEnum.GROUP_DISCUSSION);
if (!groupValidator.isGroupAdmin(userRolesVo.getUid(), gid) && !comment.getFromUid().equals(userRolesVo.getUid()) && !isRoot) {
throw new StatusForbiddenException("无权删除该评论");
}
}
} else {
accessValidator.validateAccess(HOJAccessEnum.CONTEST_COMMENT);
Contest contest = contestEntityService.getById(cid);
Long gid = contest.getGid();
if (!comment.getFromUid().equals(userRolesVo.getUid()) && !isRoot && !contest.getUid().equals(userRolesVo.getUid()) && !(contest.getIsGroup() && groupValidator.isGroupRoot(userRolesVo.getUid(), gid))) {
throw new StatusForbiddenException("无权删除该评论");
}
}
// 获取需要删除该评论的回复数
int replyNum = replyEntityService.count(new QueryWrapper<Reply>().eq("comment_id", comment.getId()));
// 删除该数据 包括关联外键的reply表数据
boolean isDeleteComment = commentEntityService.removeById(comment.getId());
// 同时需要删除该评论的回复表数据
replyEntityService.remove(new UpdateWrapper<Reply>().eq("comment_id", comment.getId()));
if (isDeleteComment) {
// 如果是讨论区的回复,删除成功需要减少统计该讨论的回复数
if (comment.getDid() != null) {
UpdateWrapper<Discussion> discussionUpdateWrapper = new UpdateWrapper<>();
discussionUpdateWrapper.eq("id", comment.getDid()).setSql("comment_num=comment_num-" + (replyNum + 1));
discussionEntityService.update(discussionUpdateWrapper);
}
} else {
throw new StatusFailException("删除失败,请重新尝试");
}
}
Also used :
StatusForbiddenException(top.hcode.hoj.common.exception.StatusForbiddenException)
UpdateWrapper(com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper)
QueryWrapper(com.baomidou.mybatisplus.core.conditions.query.QueryWrapper)
StatusFailException(top.hcode.hoj.common.exception.StatusFailException)
Contest(top.hcode.hoj.pojo.entity.contest.Contest)
Discussion(top.hcode.hoj.pojo.entity.discussion.Discussion)
Session(org.apache.shiro.session.Session)
Transactional(org.springframework.transaction.annotation.Transactional)
Aggregations
UpdateWrapper (com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper)97
Transactional (org.springframework.transaction.annotation.Transactional)41
QueryWrapper (com.baomidou.mybatisplus.core.conditions.query.QueryWrapper)40
UserRolesVo (top.hcode.hoj.pojo.vo.UserRolesVo)34
StatusFailException (top.hcode.hoj.common.exception.StatusFailException)28
Session (org.apache.shiro.session.Session)24
StatusForbiddenException (top.hcode.hoj.common.exception.StatusForbiddenException)21
Judge (top.hcode.hoj.pojo.entity.judge.Judge)17
LambdaUpdateWrapper (com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper)16
HttpSession (javax.servlet.http.HttpSession)14
Problem (top.hcode.hoj.pojo.entity.problem.Problem)14
RequiresAuthentication (org.apache.shiro.authz.annotation.RequiresAuthentication)13
StatusNotFoundException (top.hcode.hoj.common.exception.StatusNotFoundException)11
Group (top.hcode.hoj.pojo.entity.group.Group)11
Date (java.util.Date)10
Discussion (top.hcode.hoj.pojo.entity.discussion.Discussion)10
Contest (top.hcode.hoj.pojo.entity.contest.Contest)8
User (com.baomidou.mybatisplus.samples.wrapper.entity.User)5
Result (org.jeecg.common.api.vo.Result)5
LoginUser (org.jeecg.common.system.vo.LoginUser)5
