From 9364e5b1b9f843706e16b28763d16c483c1154d0 Mon Sep 17 00:00:00 2001 From: devezhao Date: Mon, 22 Jun 2020 20:03:03 +0800 Subject: [PATCH] Fix v1.10.0 (#187) * fix: secure and dbver #186 * fix #184 --- pom.xml | 2 +- .../java/com/rebuild/server/Application.java | 4 ++-- .../helper/AesPreferencesConfigurer.java | 3 ++- .../server/helper/setup/UpgradeDatabase.java | 2 +- src/main/java/com/rebuild/utils/AES.java | 2 +- .../rebuild/web/user/signin/LoginControll.java | 7 +++---- src/main/resources/application.properties | 18 ++---------------- src/main/resources/scripts/db-init.sql | 10 +++++----- src/main/resources/scripts/db-upgrade.sql | 2 +- src/main/webapp/user/login.jsp | 2 +- 10 files changed, 19 insertions(+), 33 deletions(-) diff --git a/pom.xml b/pom.xml index 9985f81de..c7c9d6e4d 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.rebuild rebuild war - 1.10.0 + 1.10.1 rebuild Building your business-systems freely! https://getrebuild.com/ diff --git a/src/main/java/com/rebuild/server/Application.java b/src/main/java/com/rebuild/server/Application.java index 57f854a8f..8a17c9fcc 100644 --- a/src/main/java/com/rebuild/server/Application.java +++ b/src/main/java/com/rebuild/server/Application.java @@ -68,10 +68,10 @@ public final class Application { /** Rebuild Version */ - public static final String VER = "1.10.0"; + public static final String VER = "1.10.1"; /** Rebuild Build */ - public static final int BUILD = 11000; + public static final int BUILD = 11001; /** Logging for Global */ diff --git a/src/main/java/com/rebuild/server/helper/AesPreferencesConfigurer.java b/src/main/java/com/rebuild/server/helper/AesPreferencesConfigurer.java index 8c0375b3a..9c56ab4f4 100644 --- a/src/main/java/com/rebuild/server/helper/AesPreferencesConfigurer.java +++ b/src/main/java/com/rebuild/server/helper/AesPreferencesConfigurer.java @@ -7,6 +7,7 @@ package com.rebuild.server.helper; +import com.rebuild.server.Application; import com.rebuild.server.helper.setup.InstallState; import com.rebuild.server.helper.setup.SetupException; import com.rebuild.utils.AES; @@ -42,7 +43,7 @@ protected void loadProperties(Properties props) throws IOException { props.putAll(fromInstallFile()); this.afterLoad(props); - LOG.info("Application properties : " + props); + if (Application.devMode()) LOG.info("Application properties : " + props); setNullValue(StringUtils.EMPTY); } diff --git a/src/main/java/com/rebuild/server/helper/setup/UpgradeDatabase.java b/src/main/java/com/rebuild/server/helper/setup/UpgradeDatabase.java index 4e193ef30..34dd6cf3d 100644 --- a/src/main/java/com/rebuild/server/helper/setup/UpgradeDatabase.java +++ b/src/main/java/com/rebuild/server/helper/setup/UpgradeDatabase.java @@ -81,7 +81,7 @@ public void upgradeQuietly() { * @return */ public int getDbVer() { - String dbVer = SysConfiguration.get(ConfigurableItem.DBVer); + String dbVer = SysConfiguration.get(ConfigurableItem.DBVer, true); return ObjectUtils.toInt(dbVer, 0); } diff --git a/src/main/java/com/rebuild/utils/AES.java b/src/main/java/com/rebuild/utils/AES.java index d249dfafe..e90e5f068 100644 --- a/src/main/java/com/rebuild/utils/AES.java +++ b/src/main/java/com/rebuild/utils/AES.java @@ -75,7 +75,7 @@ public static String decryptQuietly(String input) { try { return decrypt(input); } catch (RebuildException ex) { - LOG.debug("Decrypting error (Use blank input) : " + input); + LOG.warn("Decrypting error (Use blank input) : " + input); return StringUtils.EMPTY; } } diff --git a/src/main/java/com/rebuild/web/user/signin/LoginControll.java b/src/main/java/com/rebuild/web/user/signin/LoginControll.java index 42b717eae..da878da7a 100644 --- a/src/main/java/com/rebuild/web/user/signin/LoginControll.java +++ b/src/main/java/com/rebuild/web/user/signin/LoginControll.java @@ -15,10 +15,9 @@ import cn.devezhao.commons.web.WebUtils; import cn.devezhao.persist4j.Record; import cn.devezhao.persist4j.engine.ID; -import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; -import com.rebuild.api.LoginToken; import com.rebuild.api.AuthTokenManager; +import com.rebuild.api.LoginToken; import com.rebuild.server.Application; import com.rebuild.server.helper.ConfigurableItem; import com.rebuild.server.helper.License; @@ -315,11 +314,11 @@ public void getLiveWallpaper(HttpServletResponse response) throws IOException { return; } - JSON ret = License.siteApi("api/misc/bgimg", true); + JSONObject ret = License.siteApi("api/misc/bgimg", true); if (ret == null) { writeFailure(response); } else { - writeSuccess(response, ((JSONObject) ret).getString("url")); + writeSuccess(response, ret.getString("url")); } } } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index dd39b309a..7bc7f6885 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,6 +1,6 @@ -# for initial +# !!! THIS FILE ONLY FOR DEV MODE !!! # More configurable items see `ConfigurableItem.java` -# You can remove/add the `.aes` suffix to use texts of plain/encrypted +# You can remove/add the `.aes` suffix to use value of plain/encrypted # Cloud Storage - Use https://www.qiniu.com/ StorageURL=//qn-cdn.getrebuild.com/ @@ -24,17 +24,3 @@ MailName=REBUILD CacheHost=127.0.0.1 CachePort=16379 CachePassword.aes=vXwBKYUosMpJRO9jeG9+IA== - -# System General -HomeURL= -DataDirectory= -EnableRecentlyUsed= -OpenSignUp= -LiveWallpaper= -FileSharable= -MarkWatermark= -PasswordPolicy= -RevisionHistoryKeepingDays= -RecycleBinKeepingDays= -DBBackupsEnable= -DBBackupsKeepingDays= \ No newline at end of file diff --git a/src/main/resources/scripts/db-init.sql b/src/main/resources/scripts/db-init.sql index c7ff67280..cbd163ce6 100644 --- a/src/main/resources/scripts/db-init.sql +++ b/src/main/resources/scripts/db-init.sql @@ -1,8 +1,8 @@ -- !!! MYSQL VERSION NOTICE !!! --- IN 5.7 OR ABOVE, YOU SHOULD REMOVED THESE SQL_MODES IN my.cnf/my.ini FIRST. --- ONLY_FULL_GROUP_BY --- IN 8.0 OR ABOVE, ONLY SUPPORTS mysql_native_password AUTHENTICATION MODE --- default_authentication_plugin=mysql_native_password +-- IN 5.7 OR ABOVE : +-- YOU SHOULD REMOVE `ONLY_FULL_GROUP_BY` SQL_MODES IN my.cnf/my.ini +-- IN 8.0 OR ABOVE : +-- ONLY SUPPORT mysql_native_password AUTHENTICATION MODE. Add `default_authentication_plugin=mysql_native_password` TO my.cnf/my.ini -- #1 database/user -- 首次使用请移除以下注释以创建数据库和用户 @@ -607,6 +607,6 @@ insert into `classification` (`DATA_ID`, `NAME`, `DESCRIPTION`, `OPEN_LEVEL`, `I ('018-0000000000000001', '地区', NULL, 2, 'F', CURRENT_TIMESTAMP, '001-0000000000000001', CURRENT_TIMESTAMP, '001-0000000000000001'), ('018-0000000000000002', '行业', NULL, 1, 'F', CURRENT_TIMESTAMP, '001-0000000000000001', CURRENT_TIMESTAMP, '001-0000000000000001'); --- DB Version +-- DB Version (see `db-upgrade.sql`) insert into `system_config` (`CONFIG_ID`, `ITEM`, `VALUE`) values ('021-9000000000000001', 'DBVer', 25); diff --git a/src/main/resources/scripts/db-upgrade.sql b/src/main/resources/scripts/db-upgrade.sql index 972fb7c89..ddfd91086 100644 --- a/src/main/resources/scripts/db-upgrade.sql +++ b/src/main/resources/scripts/db-upgrade.sql @@ -361,4 +361,4 @@ create table if not exists `login_log` ( index IX0_login_log (`USER`, `LOGIN_TIME`) )Engine=InnoDB; insert into `layout_config` (`CONFIG_ID`, `BELONG_ENTITY`, `CONFIG`, `APPLY_TYPE`, `SHARE_TO`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`) - values ('013-9000000000000005', 'LoginLog', '[{"field":"user"},{"field":"loginTime"},{"field":"userAgent"},{"field":"ipAddr"},{"field":"logoutTime"}]', 'DATALIST', 'ALL', CURRENT_TIMESTAMP, '001-0000000000000001', CURRENT_TIMESTAMP, '001-0000000000000001'); \ No newline at end of file + values ('013-9000000000000005', 'LoginLog', '[{"field":"user"},{"field":"loginTime"},{"field":"userAgent"},{"field":"ipAddr"},{"field":"logoutTime"}]', 'DATALIST', 'ALL', CURRENT_TIMESTAMP, '001-0000000000000001', CURRENT_TIMESTAMP, '001-0000000000000001'); diff --git a/src/main/webapp/user/login.jsp b/src/main/webapp/user/login.jsp index 458ace18b..f7d591e20 100644 --- a/src/main/webapp/user/login.jsp +++ b/src/main/webapp/user/login.jsp @@ -145,7 +145,7 @@ $(document).ready(function() { let btn = $('.login-submit button').button('loading') let url = '/user/user-login?user=' + $encode(user) + '&passwd=******&autoLogin=' + $val('#autoLogin') if (!!vcode) url += '&vcode=' + vcode - $.post(url, $encode(passwd), function(res) { + $.post(url, passwd, function(res) { if (res.error_code == 0){ location.replace($decode($urlp('nexturl') || '../dashboard/home')) } else if (res.error_msg == 'VCODE') {