fix: SCA扫描漏洞处理(Access Control: Database)

配置文件新增配置：auth-key-auth-enabled，若未设置则不进行权限拦截判断。若影响业务，可以直接将其删除。 Access Control: Database(访问控制：数据库) Links https://docs.qq.com/sheet/DTkRSaWhSZXBlaldN?tab=000008&_t=1711087563249 (No.1)

fix: SCA扫描漏洞处理(Access Control: Database)
d198539f · 李秀明 · c40af046 · d198539f · d198539f · d198539f
Commit d198539f authored Mar 27, 2024 by 李秀明
21 changed files
--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/annotations/DataAuth.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/annotations/DataAuth.java
+package com.yeejoin.amos.fas.annotations;
+import java.lang.annotation.*;
+/**
+ * @author DELL
+ *
+ * 注解需要数据权限过滤的mapper。
+ * interfacePath对应为平台菜单管理中菜单组件（全局唯一）。
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface DataAuth {
+	/**
+	 * 菜单组件
+	 * @return
+	 */
+	String interfacePath();
+}
--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/AlarmServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/AlarmServiceImpl.java
@@ -3,6 +3,7 @@ package com.yeejoin.amos.fas.business.service.impl;
 import java.util.HashMap;
 import java.util.List;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageImpl;
@@ -15,12 +16,12 @@ import com.yeejoin.amos.fas.core.util.StringUtil;
 @Service("alarmService")
 public class AlarmServiceImpl implements IAlarmService {
 	@Autowired
 	AlarmMapper alarmMapper;
 	@Override
-	public Page<HashMap<String, Object>> queryAlarmPage(CommonPageInfoParam param) {		
+	public Page<HashMap<String, Object>> queryAlarmPage(CommonPageInfoParam param) {
 		long total = alarmMapper.countAlarmData(param);
 		List<HashMap<String, Object>> content = alarmMapper.getAlarmSingleMapperPage(param);
 		Page<HashMap<String, Object>> result = new PageImpl<>(content, param, total);

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/ContingencyInstanceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/ContingencyInstanceImpl.java
@@ -30,6 +30,7 @@ import com.yeejoin.amos.fas.dao.entity.ContingencyOriginalData;
 import com.yeejoin.amos.fas.dao.entity.ContingencyPlanInstance;
 import com.yeejoin.amos.fas.dao.entity.Equipment;
 import com.yeejoin.amos.fas.datasync.bo.ContingencyOriginalDataSyncBo;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import com.yeejoin.amos.feign.privilege.Privilege;
 import com.yeejoin.amos.feign.privilege.model.AgencyUserModel;
 import org.apache.commons.lang3.ArrayUtils;
@@ -123,6 +124,8 @@ public class ContingencyInstanceImpl implements IContingencyInstance {
    @Value("${plan.instance.personImg}")
    private String personImg;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    @Autowired
    ContingencyAction contingencyAction;
@@ -537,6 +540,8 @@ public class ContingencyInstanceImpl implements IContingencyInstance {
            return true;
        }
        EmergencyTaskContentVo vo = mustTasks.get(0);
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        Integer count = contingencyPlanInstanceMapper.getPlanInstanceByRunState(vo.getStepCode(), batchNo);
        if (0 == count) {
            return true;
@@ -694,6 +699,8 @@ public class ContingencyInstanceImpl implements IContingencyInstance {
    @Override
    public String getInstanceIdByBatchNOAndCategory(String type, String name, String batchNo) {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        return contingencyPlanInstanceMapper.getInstanceIdByBatchNOAndCategory(type, name, batchNo);
    }

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/ContingencyInstanceInfoServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/ContingencyInstanceInfoServiceImpl.java
@@ -7,8 +7,10 @@ import com.yeejoin.amos.fas.business.vo.ContingencyInstanceInfoVO;
 import com.yeejoin.amos.fas.business.vo.ContingencyPlanInstanceVO;
 import com.yeejoin.amos.fas.core.util.DateUtil;
 import com.yeejoin.amos.fas.dao.entity.ContingencyInstanceInfo;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 import org.springframework.util.ObjectUtils;
@@ -21,6 +23,8 @@ public class ContingencyInstanceInfoServiceImpl implements ContingencyInstanceIn
    @Autowired
    private ContingencyInstanceInfoMapper contingencyInstanceInfoMapper;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    @Override
@@ -62,6 +66,8 @@ public class ContingencyInstanceInfoServiceImpl implements ContingencyInstanceIn
    public Boolean addDisposalDetails(ContingencyInstanceInfo contingencyInstanceInfo) {
        contingencyInstanceInfo.setIsDelete(false);
        contingencyInstanceInfo.setCreateDate(DateUtil.getDateNow());
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        return contingencyInstanceInfoMapper.addDisposalDetails(contingencyInstanceInfo);
    }

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/ContingencyPlanServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/ContingencyPlanServiceImpl.java
@@ -24,6 +24,7 @@ import com.yeejoin.amos.fas.dao.entity.*;
 import com.yeejoin.amos.fas.datasync.bo.PlanDetailSyncBo;
 import com.yeejoin.amos.fas.datasync.bo.PlanOperationRecordSyncBo;
 import com.yeejoin.amos.fas.exception.YeeException;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import com.yeejoin.amos.feign.privilege.model.RoleModel;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.logging.log4j.LogManager;
@@ -92,6 +93,8 @@ public class ContingencyPlanServiceImpl implements IContingencyPlanService {
    @Value("${spring.application.name}")
    private String serviceName;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    @Autowired
    private ContingencyInstanceInfoMapper contingencyInstanceInfoMapper;
@@ -243,7 +246,7 @@ public class ContingencyPlanServiceImpl implements IContingencyPlanService {
            instanceInfo.setName(detail.getPlanName());
            instanceInfo.setOrgCode(detail.getOrgCode());
            instanceInfo.setPosition(equipmentSpecific.getPosition());
            contingencyInstanceInfoService.addDisposalDetails(instanceInfo);
            result.setMessage(ReserveEnum.RUN.getText());
            result.setBatchNo(batchNo);
@@ -336,6 +339,8 @@ public class ContingencyPlanServiceImpl implements IContingencyPlanService {
    @Override
    public List<HashMap<String, Object>> getBatchNoByCode(String code) {
        List<HashMap<String, Object>> list = new ArrayList<>();
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        String idByCode = equipmentSpecificMapper.getIdByCode(code);
        if (StringUtils.isEmpty(idByCode)) {
            return list;
@@ -879,6 +884,8 @@ public class ContingencyPlanServiceImpl implements IContingencyPlanService {
                page.setCurrent(1);
                start = 0;
            }
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            List<ContingencyPlanInstanceVO> list = contingencyInstanceInfoMapper.getTaskActionPage((int) start, size, batchNo, type, runState, updateDate, roleList);
            list.stream().forEach(e->{
                if(ObjectUtils.isEmpty(e.getCreateUser())) {

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/EmergencyTaskServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/EmergencyTaskServiceImpl.java
@@ -21,6 +21,7 @@ import com.yeejoin.amos.fas.dao.entity.ContingencyPlanInstance;
 import com.yeejoin.amos.fas.dao.entity.EmergencyRelation;
 import com.yeejoin.amos.fas.dao.entity.EmergencyRelationTree;
 import com.yeejoin.amos.fas.dao.entity.EmergencyTaskContent;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.time.DateFormatUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -72,6 +73,8 @@ public class EmergencyTaskServiceImpl implements IEmergencyTaskService {
    @Value("${station.name}")
    private String stationName;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    @Override
    public Page<EmergencyTaskContent> list(Long obligationId, CommonPageable pageable) {
@@ -99,6 +102,8 @@ public class EmergencyTaskServiceImpl implements IEmergencyTaskService {
    @Override
    public String getRolesByUserId(String userId) {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        List<String> list = emergencyTaskMapper.roleCodes(userId);
        String roleCodes = String.join(",", list);
        return roleCodes;
@@ -195,6 +200,8 @@ public class EmergencyTaskServiceImpl implements IEmergencyTaskService {
    @Override
    public List<EmergencyTaskContentVo> getMustTaskList(String stepCode) {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        return emergencyTaskMapper.getMustTaskList(stepCode);
    }
 }
--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/EquipmentFireEquipmentServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/EquipmentFireEquipmentServiceImpl.java
@@ -18,6 +18,7 @@ import com.yeejoin.amos.fas.common.enums.SqlKeyWordEnum;
 import com.yeejoin.amos.fas.dao.entity.Equipment;
 import com.yeejoin.amos.fas.dao.entity.EquipmentFireEquipment;
 import com.yeejoin.amos.fas.dao.entity.PlanMessage;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
@@ -54,6 +55,8 @@ public class EquipmentFireEquipmentServiceImpl implements IEquipmentFireEquipmen
    private static final String TYPE = "or";
    private static final String VALUE = "true";
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    // 停运本极对端换流器
    private static final int stepIndex = 9;
@@ -114,7 +117,7 @@ public class EquipmentFireEquipmentServiceImpl implements IEquipmentFireEquipmen
    @Override
    public Object automaticExecute(String equipmentId, String equipCode, String equipSpeCode, String type, String indexKeys, String value) {
        Map<String, Object> map = null;
        if(StringUtils.isBlank(equipCode)){
        	return false;
        }
@@ -186,6 +189,8 @@ public class EquipmentFireEquipmentServiceImpl implements IEquipmentFireEquipmen
        }
        List<PlanStepJsonVO> result = JSONObject.parseArray(json, PlanStepJsonVO.class);
        if (!CollectionUtils.isEmpty(result)) {
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            // 获取电力设备id及batchNo
            Map<String, Object> map = planOperationRecordMapper.getLatestFireEquipId();
            String fireEquipId = String.valueOf(map.get("fireEquipId"));
@@ -225,6 +230,8 @@ public class EquipmentFireEquipmentServiceImpl implements IEquipmentFireEquipmen
                        return planMessage;
                    }).collect(Collectors.toList());
                    for (PlanMessage message : messages) {
+                        // 权限处理
+                        PermissionInterceptorContext.setDataAuthRule(authKey);
                        int count = planMessageMapper.getPlanMessageCount(String.valueOf(map.get("batchNo")), index, message.getIndexCreateTime());
                        if (0 <count) {
                            continue;

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/EquipmentServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/EquipmentServiceImpl.java
@@ -20,6 +20,7 @@ import com.yeejoin.amos.fas.core.util.query.BaseQuerySpecification;
 import com.yeejoin.amos.fas.dao.dto.EquipmentDTO;
 import com.yeejoin.amos.fas.dao.entity.*;
 import com.yeejoin.amos.fas.exception.YeeException;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import com.yeejoin.amos.feign.privilege.model.AgencyUserModel;
 import com.yeejoin.amos.feign.privilege.model.CompanyModel;
 import com.yeejoin.amos.feign.privilege.model.DepartmentModel;
@@ -94,6 +95,8 @@ public class EquipmentServiceImpl implements IEquipmentService {
    @Value("${server.servlet.context-path}")
    private String fireAutoSys;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
 	@Autowired
 	private RemoteSecurityService remoteSecurityService;
@@ -189,6 +192,8 @@ public class EquipmentServiceImpl implements IEquipmentService {
    public List<Map<String, Object>> bindFireEqumt(Long equipmentId, List<EquipmentFireEquipment> list) throws Exception {
        List<Map<String, Object>> resultList = new ArrayList<>();
        for (EquipmentFireEquipment equipmentFireEquipment : list) {
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            EquipmentSpecific equip  = equipmentSpecificMapper.getSpecificById(equipmentFireEquipment.getFireEquipmentId());
            int num = equipmentSpecificMapper.getOneByQrcode(equip.getQrCode());
            if (0 < num) {

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/EquipmentSpecificServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/EquipmentSpecificServiceImpl.java
@@ -16,7 +16,9 @@ import com.yeejoin.amos.fas.dao.entity.EquipmentCategory;
 import com.yeejoin.amos.fas.dao.entity.EquipmentSpecific;
 import com.yeejoin.amos.fas.dao.entity.Fmea;
 import com.yeejoin.amos.fas.dao.entity.FmeaEquipmentPoint;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
@@ -37,6 +39,8 @@ public class EquipmentSpecificServiceImpl implements EquipmentSpecificService {
    IEquipmentCategoryService categoryService;
    @Autowired
    FmeaEquipmentPointMapper equipmentPointMapper;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    @Override
    public List<FmeaEquipmentPoint> upDateEquimentPoint(FmeaBindParam fmeaBindParam) {
@@ -61,6 +65,8 @@ public class EquipmentSpecificServiceImpl implements EquipmentSpecificService {
    public Map<String, Object> getAssoEquips(Long fmeaId, int pageNumber, int pageSize) {
        Map<String, Object> map = new HashMap<>();
        pageNumber = pageNumber*pageSize;
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        List<FmeaEquipmentPoint> fmeas = equipmentPointMapper.getOneByFmeaId(fmeaId);
        List<Long> indexIds = new ArrayList<>();
        if (0 < fmeas.size()) {

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/FireEquipServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/FireEquipServiceImpl.java
@@ -14,7 +14,9 @@ import com.yeejoin.amos.fas.business.vo.FireStationVo;
 import com.yeejoin.amos.fas.common.enums.EquipClassifyEnum;
 import com.yeejoin.amos.fas.core.common.request.CommonPageable;
 import com.yeejoin.amos.fas.core.common.response.CommonPage;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageImpl;
 import org.springframework.stereotype.Service;
@@ -43,6 +45,8 @@ public class FireEquipServiceImpl implements IFireEquipService {
    @Autowired
    private IEquipManageFeign equipManageFeign;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    public String[] delete(String[] idArray) throws Exception {
 //        for (String id : idArray) {
@@ -128,6 +132,8 @@ public class FireEquipServiceImpl implements IFireEquipService {
        Object returnEntity = null;
        FireEquipmentType fireEquipmentType = FireEquipmentType.valueOf(type);
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        switch (fireEquipmentType) {
            case pool:
                Object obj = equipManageFeign.findByInstanceId(id).get("result");

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/HandlerMqttMessageImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/HandlerMqttMessageImpl.java
@@ -28,6 +28,7 @@ import com.yeejoin.amos.fas.common.enums.EquipmentRiskTypeEnum;
 import com.yeejoin.amos.fas.core.util.StringUtil;
 import com.yeejoin.amos.fas.dao.entity.*;
 import com.yeejoin.amos.fas.datasync.bo.ContingencyOriginalDataSyncBo;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import org.apache.commons.lang3.ArrayUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -79,7 +80,7 @@ public class HandlerMqttMessageImpl implements IEquipmentHandlerService {
    @Value("${integrated3Dtype}")
    private String integrated3Dtype;
    @Value("${plan.dynamic.execut.topic}")
    private String planDynamicExecutTopic;
@@ -142,7 +143,7 @@ public class HandlerMqttMessageImpl implements IEquipmentHandlerService {
    @Value("${autoSys.fire.pool.index_key}")
    private String firePoolIndexKey;
    @Value("${plan.index}")
    private String planIndex;
@@ -161,6 +162,8 @@ public class HandlerMqttMessageImpl implements IEquipmentHandlerService {
    @Value("${rocket-plan-topic}")
    private String rocketTopic;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    @Override
    public void handlerMqttMessage(String topic, String data) {
@@ -171,6 +174,8 @@ public class HandlerMqttMessageImpl implements IEquipmentHandlerService {
        log.info("========data==========： " + JSON.toJSONString(data));
        EquipmentSpecificIndexVo equipmentSpecificIndex = JSONObject.parseObject(topicEntity.getMessage(), EquipmentSpecificIndexVo.class);
        Long eqSpecId = equipmentSpecificIndex.getEquipmentSpecificId();
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        EquipmentSpecificForRiskVo equipmentSpecific = equipmentSpecificMapper.getOneById(eqSpecId);
        log.info("========equipmentSpecific==========： " + JSON.toJSONString(equipmentSpecific));
        if (ObjectUtils.isEmpty(equipmentSpecific)) {
@@ -206,9 +211,11 @@ public class HandlerMqttMessageImpl implements IEquipmentHandlerService {
                String title = String.format("/%s/%s", serviceName, "data/refresh/indexStatus");
                webMqttComponent.publish(title, msg);
             }
        }
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        Equipment equipment = topicEntity.getEquipment() == null ? impAndFireEquipMapper.queryImpEqumtByFireEquipmt(eqSpecId) : topicEntity.getEquipment();
        Toke toke = remoteSecurityService.getServerToken();
@@ -266,7 +273,7 @@ public class HandlerMqttMessageImpl implements IEquipmentHandlerService {
            refreshFireSafety(equipmentSpecific.getOrgCode());
            String monitorData = String.format("/%s/%s/%s", serviceName, stationName, "data/refresh/monitorData");
            webMqttComponent.publish(monitorData, JSON.toJSONString(view3dService.getEquipStatusList(equipmentSpecific.getOrgCode())));
        } else {
            // 监测数据逻辑
            log.info("(监测)Message type is: " + specificIndexType);
@@ -339,6 +346,8 @@ public class HandlerMqttMessageImpl implements IEquipmentHandlerService {
    private void startPlan(Equipment equipment, Toke toke, Long fireEquipmentId) {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        PlanDetailVo planDetailVo = planDetailMapper.getPlanDetailByEquipmentId(equipment.getId());
        //3d页面打开且存在预案，套用之前数字源码启动逻辑 进行预案的启动
@@ -382,47 +391,6 @@ public class HandlerMqttMessageImpl implements IEquipmentHandlerService {
        return true;
    }
-    /**
-     * <pre>
-     * @Description: rpn, rpni值修改
-     * </pre>
-     *
-     * @MethodName:
-     * @Param: [fmeaId]
-     * @Return: void
-     * @Throws
-     * @Author keyong
-     * @Date 2020/11/16 18:26
-     */
-    public void updateFmeaRpn(long fmeaId) {
-        Fmea fmea = fmeaMapper.getById(fmeaId);
-        BigDecimal oidValue = new BigDecimal(fmea.getOidValue());
-        BigDecimal sidValue = new BigDecimal(fmea.getSidValue());
-        BigDecimal didValue = new BigDecimal(fmea.getDidValue());
-        // 计算rpni
-        BigDecimal rpni = oidValue.multiply(sidValue).multiply(didValue).setScale(2, BigDecimal.ROUND_HALF_UP);
-        BigDecimal rpn;
-        if (fmea.getNewEvaluationOid() == null) {
-            EvaluationModel evaluationModel = this.getEvaluationModel(fmeaId);
-            if (evaluationModel != null) { // 已经绑定点位或者巡检点项且匹配到风险模型，则更新为计算后的结果
-                BigDecimal newOidValue = new BigDecimal(evaluationModel.getCoefficient());
-                rpn = newOidValue.multiply(sidValue).multiply(didValue).setScale(2, BigDecimal.ROUND_HALF_UP);
-                fmea.setNewEvaluationOid(evaluationModel.getId());
-            } else { // 未绑定点位或者巡检点项或者匹配不到风险模型，则更新为rpn与rpni一致
-                fmea.setNewEvaluationOid(fmea.getEvaluationOid());
-                rpn = rpni;
-            }
-        } else {
-            BigDecimal newOidValue = new BigDecimal(fmea.getNewOidValue());
-            rpn = newOidValue.multiply(sidValue).multiply(didValue).setScale(2, BigDecimal.ROUND_HALF_UP);
-        }
-        fmea.setRpni(rpni);
-        fmea.setRpn(rpn);
-        // 更新fmea
-        fmeaMapper.updateRpn(fmea);
-    }
    @Override
    public void subscribeTopic() {
        // 若登录系统则订阅装备数据

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/PlanVisual3dServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/PlanVisual3dServiceImpl.java
@@ -25,6 +25,7 @@ import com.yeejoin.amos.fas.core.util.CommonResponse;
 import com.yeejoin.amos.fas.core.util.CommonResponseUtil;
 import com.yeejoin.amos.fas.core.util.ResponseModel;
 import com.yeejoin.amos.fas.dao.entity.*;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import com.yeejoin.amos.feign.privilege.model.AgencyUserModel;
 import com.yeejoin.amos.feign.privilege.model.RoleModel;
 import com.yeejoin.amos.feign.systemctl.Systemctl;
@@ -119,6 +120,9 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
    @Value("${aurora.push.switch}")
    private Boolean auroraPushSwitch;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    @Autowired
    JcsFeign jcsFeign;
@@ -239,6 +243,8 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
    @Override
    public String getNewestBatchNo() {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        return planOperationRecordMapper.getNewestBatchNo();
    }
@@ -284,6 +290,8 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
        if (!ObjectUtils.isEmpty(instancesList)) {
            Map<String, Object> msgContext = new HashMap<>(1);
            msgContext.put("content", instancesList);
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            ContingencyOriginalData contingencyOriginalData = contingencyOriginalDataDao.findByBatchNo(batchNo);
            ContingencyInstanceInfoVO infoVO = contingencyInstanceInfoMapper.selectDisposalDetails(batchNo);
            if (!ObjectUtils.isEmpty(infoVO.getPosition())) {
@@ -578,6 +586,8 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
            status = "1";
        }
        int total = 0;
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        if (ObjectUtils.isEmpty(status)) {
            total = contingencyInstanceInfoMapper.selectCountTaskActionPage(type, null, roleModelList, disposalId);
        } else {
@@ -592,6 +602,8 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
                page.setCurrent(1);
                start = 0;
            }
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            List<ContingencyPlanInstanceVO> list = contingencyInstanceInfoMapper.selectTaskActionPage((int) start, size, type, status, roleModelList, disposalId);
            page.setRecords(list);
            page.setTotal(total);
@@ -607,6 +619,8 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
            // 根据当前用户预案角色、未执行动作 (dataType = 2 查询所有)
            status = "1";
        }
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        return contingencyInstanceInfoMapper.getTaskActionList(type, status, batchNo);
    }
@@ -691,6 +705,8 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
    @Override
    public boolean updateStatusById(String id, Boolean runStatus) {
        if (runStatus) {
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            // 按钮去除
            ContingencyPlanInstance instance = contingencyPlanInstanceMapper.getMessageById(id);
            ContingencyPlanInstance contingencyPlanInstance = deleteButton(instance);
@@ -721,8 +737,12 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
        if (runStatus) {
            ContingencyPlanInstance instance = contingencyPlanInstanceMapper.getMessageById(id);
            ContingencyPlanInstance contingencyPlanInstance = deleteButton(instance);
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            bool = contingencyPlanInstanceMapper.updateTaskStatusById(id, contingencyPlanInstance.getContent(), runStatus, userName, userId, img, PlanReplyMessageEnum.TEXT.getCode(), roleNames);
        } else {
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            bool = contingencyPlanInstanceMapper.updateTaskStatusById(id, null, runStatus, userName, userId, img, PlanReplyMessageEnum.TEXT.getCode(), roleNames);
        }
@@ -730,6 +750,8 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
            if (redisTemplate.hasKey("planTask")) {
                redisTemplate.delete("planTask");
                String planTask = "";
+                // 权限处理
+                PermissionInterceptorContext.setDataAuthRule(authKey);
                ContingencyPlanInstance instance = contingencyPlanInstanceMapper.getMessageById(id);
                List<ContingencyPlanInstanceVO> list = this.getTaskActionList(instance.getBatchNo(), 1);
                if (0 < list.size()) {
@@ -769,7 +791,8 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
    }
    private List<String> getUserIds(String roleCode) {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        return planOperationRecordMapper.getArraysUserIds(roleCode);
    }
@@ -780,6 +803,8 @@ public class PlanVisual3dServiceImpl implements IPlanVisual3dService {
    @Override
    public String getLastBatchNo() {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        return planOperationRecordMapper.getLastBatchNo();
    }

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/RiskSourceServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/RiskSourceServiceImpl.java
@@ -42,6 +42,7 @@ import com.yeejoin.amos.fas.core.util.StringUtil;
 import com.yeejoin.amos.fas.dao.entity.*;
 import com.yeejoin.amos.fas.datasync.bo.ContingencyOriginalDataSyncBo;
 import com.yeejoin.amos.fas.exception.YeeException;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import com.yeejoin.amos.feign.privilege.model.AgencyUserModel;
 import org.apache.commons.lang3.ArrayUtils;
 import org.slf4j.Logger;
@@ -180,6 +181,9 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
    @Autowired
    private PlanDetailMapper planDetailMapper;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    public static String cacheKeyForCanBeRunning() {
        return Redis.genKey(CacheType.ERASABLE.name(), "CONTINGENCYRUNING");
    }
@@ -468,6 +472,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
    public List<FmeaEquipmentPoint> bindFireEquiment(FmeaBindParam fmeaBindParam) {
        Long fmeaId = fmeaBindParam.getFmeaId();
        Long importantEquipId = fmeaBindParam.getImportantEquipmentId();
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        List<Long> equipmentPointIds = fmeaEquipmentPointMapper.listEquipmentPointIdsByEquipmentId(fmeaBindParam.getEquipmentId());
        if (!CollectionUtils.isEmpty(equipmentPointIds)) {
            fmeaEquipmentPointMapper.deleteByFmeaIdAndEquipmentPointIds(fmeaId, importantEquipId, equipmentPointIds);
@@ -495,6 +501,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
    @Transactional(rollbackFor = Exception.class)
    public List<FmeaPointInputitem> bindPointInputitem(FmeaBindParam fmeaBindParam) {
        Long fmeaId = fmeaBindParam.getFmeaId();
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        List<Long> pointInputitemIds = fmeaPointInputitemMapper.listPointInputitemIdsByPointId(fmeaBindParam.getPointId());
        List<FmeaPointInputitem> fmeaList =  fmeaPointInputitemMapper.listFmeaByFmeaId(fmeaId);
        if (!CollectionUtils.isEmpty(pointInputitemIds)) {
@@ -561,6 +569,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
        contingencyRo.setEquipmentCode(equipment.getCode());
        contingencyRo.setEquipmentOrgCode(equipment.getOrgCode());
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        Map cameraInfo = impAndFireEquipMapper.queryForCamera(String.valueOf(equipment.getId()));//查询重点设备关联视频点位，暂不处理
        if (cameraInfo != null) {
@@ -589,6 +599,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
            }
        }
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        // 获取遥信指标,暂不处理  ---20201111    code = 设备编码iot_code-指标项name_key
        List<Map> points = fireEquipPointMapper.getPointsByEquipmentIdAndType(equipment.getId(), "SWITCH");//物联属性指标 and 为true或false
        HashMap<String, Integer> telesignallingMap = new HashMap<>();
@@ -1088,6 +1100,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
        Equipment equipment = null;
        if (fireEquipment != null) {
            deviceData.setCode(fireEquipment.getCode());
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            equipment = impAndFireEquipMapper.queryImpEqumtByFireEquipmt(deviceData.getFireEquimentId());
            if (equipment != null) {
                deviceData.setMonitor(equipment.getName());
@@ -1446,6 +1460,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
     */
    @Override
    public void notifyFmeaFromUpdate(String toke, String product, String appKey, Long fmeaId, String nofityType, String userName) {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        Fmea fmea = fmeaMapper.getById(fmeaId);
        if (fmea == null) {
            return;
@@ -1490,6 +1506,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
                msgParamBo.setNotifyType(nofityType);
                jpushMsgBo = this.getJushMessageInfo(msgParamBo);
            }
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            //1.3更新fmea
            fmeaMapper.updateRpn(fmea);
            //2.计算上级风险值（风险点及父节点）
@@ -1557,6 +1575,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
    public void notifyFmeaFromAbnormal(
            String toke, String product, String appKey,
            Long fmeaId, String notifyType, String userName, String relationName, String checkStatus) {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        Fmea fmea = fmeaMapper.getById(fmeaId);
        if (fmea == null) {
            return;
@@ -1643,6 +1663,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
        } else {
            return;
        }
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        List<Fmea> fmeas = fmeaMapper.listByRiskSourceId(riskSourceId);
        if (CollectionUtils.isEmpty(fmeas)) {//fema全部删除
            BigDecimal resetValue = new BigDecimal("0");
@@ -1664,6 +1686,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
            if (rpnValueBo.isEmpty()) {
                return;
            }
+            // 权限处理
+            PermissionInterceptorContext.setDataAuthRule(authKey);
            Fmea caluFmea = fmeaMapper.getById(fmeaId);
            Integer rpnDiffer = 0;
            if (caluFmea != null) {
@@ -1684,6 +1708,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
                riskSource.setRiskLevelId(newRiskLevel.getId());
                String changeType = RpnUtils.calChangeTypeByLevel(oldRiskLevel.getLevel(), newRiskLevel.getLevel());
                riskSource.setFlickerFrequency(RpnUtils.calRiskPointFrequency(rpn, rpni, changeType));
+                // 权限处理
+                PermissionInterceptorContext.setDataAuthRule(authKey);
                //1.更新fmea对应风险点rpn、rpni、level
                riskSourceMapper.updateRpn(riskSource);
                //2.记录风险点rpn变化流水
@@ -1814,6 +1840,8 @@ public class RiskSourceServiceImpl implements IRiskSourceService {
                riskSource.setRpni(null);
                riskSource.setRiskLevelId(null);
            } else {
+                // 权限处理
+                PermissionInterceptorContext.setDataAuthRule(authKey);
                List<Fmea> fmeas = fmeaMapper.listByRiskSourceIds(ids);
                RpnCalculationBo rpnValueBo = RpnUtils.calRpnAndRpni(fmeas);
                if (rpnValueBo.isEmpty()) {

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/View3dServiceImpl.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/impl/View3dServiceImpl.java
@@ -37,6 +37,7 @@ import com.yeejoin.amos.fas.dao.entity.RiskLevel;
 import com.yeejoin.amos.fas.dao.entity.RiskSource;
 import com.yeejoin.amos.fas.dao.entity.SafetyIndexChangeLog;
 import com.yeejoin.amos.fas.exception.YeeException;
+import com.yeejoin.amos.fas.interceptors.PermissionInterceptorContext;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -84,6 +85,8 @@ public class View3dServiceImpl implements IView3dService {
    @Value("${param.system.online.date}")
    private String onLineDate;
+    @Value("${auth-key-auth-enabled:}")
+    private String authKey;
    @Autowired
    private IDataRefreshService iDataRefreshService;
@@ -501,6 +504,8 @@ public class View3dServiceImpl implements IView3dService {
    @Override
    public List<SafetyExecuteBo> getEquipStatusList(String orgCode) {
+        // 权限处理
+        PermissionInterceptorContext.setDataAuthRule(authKey);
        return view3dMapper.getEquipStatusTop5(orgCode);
    }

--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/util/CommonUtils.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/util/CommonUtils.java
+package com.yeejoin.amos.fas.business.util;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.util.Objects;
+import java.util.function.BiConsumer;
+public class CommonUtils {
+    /**
+     * 带索引foreach
+     *
+     * @param <T>
+     * @param startIndex 开始遍历的索引
+     * @param elements   集合
+     * @param action
+     */
+    public static <T> void forEach(int startIndex, Iterable<? extends T> elements, BiConsumer<Integer, ? super T> action) {
+        Objects.requireNonNull(elements);
+        Objects.requireNonNull(action);
+        if (startIndex < 0) {
+            startIndex = 0;
+        }
+        int index = 0;
+        for (T element : elements) {
+            index++;
+            if (index <= startIndex) {
+                continue;
+            }
+            action.accept(index - 1, element);
+        }
+    }
+    public static Object getFiledValueByName(String filedName, Object o) throws InvocationTargetException, IllegalAccessException, NoSuchMethodException {
+        String firstLetter = filedName.substring(0, 1).toUpperCase();
+        String getterName = "get" + firstLetter + filedName.substring(1);
+        Method method;
+        method = o.getClass().getMethod(getterName, new Class[]{});
+        Object value = method.invoke(o, new Object[]{});
+        return value;
+    }
+}
--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/interceptors/PermissionInterceptor.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/interceptors/PermissionInterceptor.java
--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/interceptors/PermissionInterceptorContext.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/interceptors/PermissionInterceptorContext.java
+package com.yeejoin.amos.fas.interceptors;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+public class PermissionInterceptorContext {
+    private static final Logger logger = LoggerFactory.getLogger(PermissionInterceptorContext.class);
+    private static ThreadLocal<PermissionInterceptorContextModel> requestContext = ThreadLocal.withInitial(PermissionInterceptorContextModel::new);
+    private static PermissionInterceptorContextModel getPermissionInterceptorContext() {
+        return requestContext.get();
+    }
+    public static String getDataAuthRule() {
+        return getPermissionInterceptorContext().getDataAuthRule();
+    }
+    public static void setDataAuthRule(String dataAuthRule) {
+        getPermissionInterceptorContext().setDataAuthRule(dataAuthRule);
+    }
+    public static void clean() {
+        if (requestContext != null) {
+            logger.info("PermissionInterceptorContext clean RestThreadLocal......Begin");
+            requestContext.remove();
+            logger.info("PermissionInterceptorContext clean RestThreadLocal......Done");
+        }
+    }
+    public static void clean(String info) {
+        if (requestContext != null) {
+            logger.info("......" + info + "......PermissionInterceptorContext clean RestThreadLocal......Begin");
+            requestContext.remove();
+            logger.info("......" + info + "......PermissionInterceptorContext clean RestThreadLocal......Done");
+        }
+    }
+}
--- a/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/interceptors/PermissionInterceptorContextModel.java
+++ b/YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/interceptors/PermissionInterceptorContextModel.java
+package com.yeejoin.amos.fas.interceptors;
+import java.io.Serializable;
+/**
+ *
+ */
+public class PermissionInterceptorContextModel implements Serializable {
+	private static final long serialVersionUID = 1L;
+	private String dataAuthRule;
+	public String getDataAuthRule() {
+		return dataAuthRule;
+	}
+	public void setDataAuthRule(String dataAuthRule) {
+		this.dataAuthRule = dataAuthRule;
+	}
+	public void clean() {
+		this.dataAuthRule = null;
+	}
+}
--- a/YeeAmosFireAutoSysStart/src/main/resources/application-dev.properties
+++ b/YeeAmosFireAutoSysStart/src/main/resources/application-dev.properties
@@ -112,3 +112,9 @@ sso.client.secret=6t5oDDKhEODXa++UNUxxLHSF5kVqECq6j+wahtCbv8c=
 sso.login.type=server_auth
 sso.login.client=dce
 sso.client.url=https://198.87.103.88:30443/oauth2/oauth/rest_token
+# MyBatis \u914D\u7F6E
+mybatis.interceptor.enabled=true
+mybatis.configuration.log-impl=org.apache.ibatis.logging.stdout.StdOutImpl
+# \u542F\u7528\u8BA4\u8BC1
+auth-key-auth-enabled=auth-enabled
--- a/YeeAmosFireAutoSysStart/src/main/resources/db/mapper/dbTemplate_alarm.xml
+++ b/YeeAmosFireAutoSysStart/src/main/resources/db/mapper/dbTemplate_alarm.xml
@@ -6,19 +6,19 @@
 	<select id="countPageData" resultType="long">
 		<!-- SELECT
 		count(a.id) AS total_num
-		FROM `f_alarm` a 
+		FROM `f_alarm` a
-		inner join 
+		inner join
 		(
 		select
 			b.fire_equipment_id,c.`name` as protectObj,d.*
-		from 
+		from
 			f_equipment_fire_equipment b,f_equipment c, f_fire_equipment d
-		where  
+		where
 			c.id = b.equipment_id and d.id = b.fire_equipment_id
 			<if test="productArea!=null"> and d.production_area = #{productArea} </if>
 			<if test="protectObj!=null"> and c.id = #{protectObj} </if>
 			<if test="name!=null"> and d.name like concat(concat("%",#{name}),"%")</if>
-		) sa on sa.id = a.fire_equipment_id 
+		) sa on sa.id = a.fire_equipment_id
 		<trim prefix="WHERE" prefixOverrides="AND ">
 			<if test="beginDate!=null"> and a.alarm_time >= #{beginDate} </if>
 			<if test="endDate!=null"> and a.alarm_time <![CDATA[<=]]> #{endDate} </if>
@@ -39,7 +39,7 @@
 	<!--分页查询 -->
 	<select id="getAlarmMapperPage" resultType="java.util.HashMap">
 		<!-- SELECT
-			a.id, 
+			a.id,
 			sa.code,
 			sa.equip_code as equipCode,
 			sa.name,
@@ -52,19 +52,19 @@
 			a.status AS status,
 			a.recovery_date AS recoveryDate
-		FROM `f_alarm` a 
+		FROM `f_alarm` a
 		inner join
 		(
 		select
 			b.fire_equipment_id,c.`name` as protectObj,d.production_area as prodArea,d.*
-		from 
+		from
 			f_equipment_fire_equipment b,f_equipment c, f_fire_equipment d
-		where  
+		where
 			c.id = b.equipment_id and d.id = b.fire_equipment_id
 			<if test="productArea!=null"> and d.production_area = #{productArea} </if>
 			<if test="protectObj!=null"> and c.id = #{protectObj} </if>
 			<if test="name!=null"> and d.name like concat(concat("%",#{name}),"%")</if>
-		) sa on sa.id = a.fire_equipment_id 
+		) sa on sa.id = a.fire_equipment_id
 		<trim prefix="WHERE" prefixOverrides="AND ">
 			<if test="beginDate!=null"> and a.alarm_time >= #{beginDate} </if>
 			<if test="endDate!=null"> and a.alarm_time <![CDATA[<=]]> #{endDate} </if>
@@ -72,7 +72,7 @@
 		order by a.id
 		<choose>
 	     <when test="pageSize==-1"></when>
-	     <when test="pageSize!=-1">limit #{offset},#{pageSize}</when>  
+	     <when test="pageSize!=-1">limit #{offset},#{pageSize}</when>
 	    </choose> -->
 	</select>
@@ -120,8 +120,8 @@
 		left join wl_warehouse_structure wws on wlsd.warehouse_structure_id = wws.source_id
 		left join wl_equipment_detail wled on wles.equipment_detail_id = wled.id
 		) d
-		WHERE 1=1
+		WHERE
-		AND d.fireEquipmentName IS NOT NULL
+			d.fireEquipmentName IS NOT NULL
 			<if test="protectObj !=null and protectObj != '' "> and d.fireEquipmentName like concat(concat("%",#{protectObj}),"%") </if>
 			<if test="beginDate!=null"> and d.createDate >= #{beginDate} </if>
 			<if test="endDate!=null"> and d.createDate <![CDATA[<=]]> #{endDate} </if>

--- a/YeeAmosFireAutoSysStart/src/main/resources/logback.xml
+++ b/YeeAmosFireAutoSysStart/src/main/resources/logback.xml
@@ -32,15 +32,15 @@
    <logger name="org.hibernate.engine.query.HQLQueryPlan" level="DEBUG" />
    -->
    <!--myibatis log configure-->
-    <logger name="com.apache.ibatis" level="DEBUG"/>
+    <logger name="com.apache.ibatis" level="INFO"/>
-    <logger name="org.mybatis" level="DEBUG" />
+    <logger name="org.mybatis" level="INFO" />
-    <logger name="java.sql.Connection" level="DEBUG"/>
+    <logger name="java.sql.Connection" level="INFO"/>
-    <logger name="java.sql.Statement" level="DEBUG"/>
+    <logger name="java.sql.Statement" level="INFO"/>
-    <logger name="java.sql.PreparedStatement" level="DEBUG"/>
+    <logger name="java.sql.PreparedStatement" level="INFO"/>
-    <logger name="org.springframework" level="DEBUG"/>
+    <logger name="org.springframework" level="INFO"/>
    <!-- 日志输出级别 -->
-    <root level="DEBUG">
+    <root level="INFO">
        <appender-ref ref="FILE" />
        <appender-ref ref="STDOUT" />
    </root>