提交报告漏洞代码

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/action/ContingencyAction.java

@@ -228,7 +228,7 @@ public class ContingencyAction implements CustomerAction {
         try {
             constructor = Class.forName(PACKAGEURL + result.getClass().getSimpleName() + "Message").getConstructor(ActionResult.class);
             AbstractActionResultMessage<?> action = (AbstractActionResultMessage<?>) constructor.newInstance(result);
-            if ("mqtt".equals(pushType.toLowerCase())) {
+            if ("mqtt".equals(pushType.toLowerCase(Locale.ENGLISH))) {
                 ToipResponse toipResponse = action.buildResponse(msgType, contingency, result.toJson());
                 String topic = String.format("/%s/%s/%s", serviceName, stationName, "plan");
                 log.info(String.format("mqtt[%s]:【 %s 】", topic, toipResponse.toJsonStr()));
@@ -252,7 +252,7 @@ public class ContingencyAction implements CustomerAction {
                     }
 
                 }
-            } else if ("websocket".equals(pushType.toLowerCase())) {
+            } else if ("websocket".equals(pushType.toLowerCase(Locale.ENGLISH))) {
                 action.execute(msgType, contingency);
             }
 
@@ -862,7 +862,7 @@ public class ContingencyAction implements CustomerAction {
         try {
             constructor = Class.forName(PACKAGEURL + result.getClass().getSimpleName() + "Message").getConstructor(ActionResult.class);
             AbstractActionResultMessage<?> action = (AbstractActionResultMessage<?>) constructor.newInstance(result);
-            if ("mqtt".equals(pushType.toLowerCase())) {
+            if ("mqtt".equals(pushType.toLowerCase(Locale.ENGLISH))) {
                 ToipResponse toipResponse = action.buildResponse(msgType, null, result.toJson());
                 String topic = String.format("/%s/%s/%s", serviceName, stationName, "plan");
                 log.info(String.format("mqtt[%s]:【 %s 】", topic, toipResponse.toJsonStr()));

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/action/RiskSituationAction.java

@@ -14,6 +14,7 @@ import org.springframework.stereotype.Component;
 
 import java.lang.reflect.Constructor;
 import java.util.HashMap;
+import java.util.Locale;
 import java.util.Map;
 /**
  *
@@ -68,7 +69,7 @@ public class RiskSituationAction implements CustomerAction
 					.getConstructor(ActionResult.class);
 			 AbstractActionResultMessage<?> action = (AbstractActionResultMessage<?>) constructor.newInstance(result);
 			String msgType = "bubbleTip";
-			if ("mqtt".equals(pushType.toLowerCase())) {
+			if ("mqtt".equals(pushType.toLowerCase(Locale.ENGLISH))) {
             	ToipResponse toipResponse = action.buildResponse(msgType, bizobj, result);
             	String topic = String.format("/%s/%s/%s", serviceName, stationName,"rule");
                 webMqttComponent.publish(topic, toipResponse.toJsonStr());
@@ -102,7 +103,7 @@ public class RiskSituationAction implements CustomerAction
 					.getConstructor(ActionResult.class);
 			 AbstractActionResultMessage<?> action = (AbstractActionResultMessage<?>) constructor.newInstance(result);
 				String msgType = "changeColor";
-				if ("mqtt".equals(pushType.toLowerCase())) {
+				if ("mqtt".equals(pushType.toLowerCase(Locale.ENGLISH))) {
 	            	ToipResponse toipResponse = action.buildResponse(msgType, bizobj, result);
 	                webMqttComponent.publish("", toipResponse.toJsonStr());
 	            } else {
@@ -136,7 +137,7 @@ public class RiskSituationAction implements CustomerAction
 					.getConstructor(ActionResult.class);
 			 AbstractActionResultMessage<?> action = (AbstractActionResultMessage<?>) constructor.newInstance(result);
 			String msgType = "message";
-			if ("mqtt".equals(pushType.toLowerCase())) {
+			if ("mqtt".equals(pushType.toLowerCase(Locale.ENGLISH))) {
             	ToipResponse toipResponse = action.buildResponse(msgType, bizobj, result);
                 webMqttComponent.publish("", toipResponse.toJsonStr());
             } else {

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/action/SimpleTipAction.java

@@ -14,6 +14,7 @@ import org.springframework.stereotype.Component;
 
 import java.lang.reflect.Constructor;
 import java.util.HashMap;
+import java.util.Locale;
 import java.util.Map;
 
 /**
@@ -68,7 +69,7 @@ public class SimpleTipAction implements CustomerAction
 					.getConstructor(ActionResult.class);
 			 AbstractActionResultMessage<?> action = (AbstractActionResultMessage<?>) constructor.newInstance(result);
 			String msgType = "message";
-			if ("mqtt".equals(pushType.toLowerCase())) {
+			if ("mqtt".equals(pushType.toLowerCase(Locale.ENGLISH))) {
             	ToipResponse toipResponse = action.buildResponse(msgType, bizobj, result);
             	String topic = String.format("/%s/%s/%s", serviceName, stationName,"rule");
                 webMqttComponent.publish(topic, toipResponse.toJsonStr());

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/action/util/ReflectUtil.java

@@ -10,6 +10,7 @@ import java.util.List;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.util.ReflectionUtils;
 
 /**
  * 
@@ -70,7 +71,8 @@ public class ReflectUtil
 				Field field = clazz.getDeclaredField(fname); // 获取定义的类属性
 				if (!Modifier.isPublic(field.getModifiers()))
 				{ // 设置非共有类属性权限
-					field.setAccessible(true);
+//					field.setAccessible(true);
+					ReflectionUtils.makeAccessible(field);
 				}
 				field.set(target, fvalue); // 设置类属性值
 
@@ -130,7 +132,8 @@ public class ReflectUtil
 				Field field = clazz.getDeclaredField(fname); // 获取定义的类属性
 				if (!Modifier.isPublic(field.getModifiers()))
 				{ // 设置非共有类属性权限
-					field.setAccessible(true);
+//					field.setAccessible(true);
+					ReflectionUtils.makeAccessible(field);
 				}
 				return field.get(target);// 返回类属性值
 			}

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/controller/BaseController.java

 package com.yeejoin.amos.fas.business.controller;
 
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.List;
+import java.util.*;
 import java.util.stream.Collectors;
 
 import javax.servlet.http.Cookie;
@@ -269,7 +266,7 @@ public class BaseController {
 					criteria.setPropertyName(query.getName());
 					String column = criteria.getPropertyName();
 					if (!(query.getValue() instanceof Collection<?>) 
-							&& column.substring(column.length()-2,column.length()).toUpperCase().equals("ID")) {
+							&& column.substring(column.length()-2,column.length()).toUpperCase(Locale.ENGLISH).equals("ID")) {
 						criteria.setValue(Long.valueOf(query.getValue().toString()));
 					} else {
 						criteria.setValue(query.getValue());

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/controller/FireRectificationController.java

-package com.yeejoin.amos.fas.business.controller;
-
-import com.yeejoin.amos.fas.business.bo.FireParamBo;
-import com.yeejoin.amos.fas.business.service.intfc.FireRectificationService;
-import com.yeejoin.amos.fas.config.Permission;
-import com.yeejoin.amos.fas.core.util.CommonResponse;
-import com.yeejoin.amos.fas.core.util.CommonResponseUtil;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiOperation;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.RestController;
-
-import javax.servlet.http.HttpServletResponse;
-import java.util.List;
-
-
-/**
- * 安全执行-消防整改 控制器
- *
- * @author 郑嘉伟
- */
-@RestController
-@RequestMapping(value = "/api/fireRectification")
-@Api(tags = "消防整改")
-public class FireRectificationController extends BaseController {
-
-    @Autowired
-    private  FireRectificationService fireRectificationService;
-
-    @Permission
-    @ApiOperation(httpMethod = "GET", value = "按条件查询消防整改列表信息", notes = "按条件查询消防整改列表信息")
-    @GetMapping(value = "/list")
-    public CommonResponse queryFireList(
-            @RequestParam(value = "nameLike") String nameLike,
-            @RequestParam(value = "sDate") String sDate,
-            @RequestParam(value = "eDate") String eDate,
-            @RequestParam(value = "states") int states,
-            @RequestParam(value = "pageNum") int pageNum,
-            @RequestParam(value = "pageSize") int pageSize) {
-        return CommonResponseUtil.success(fireRectificationService.queryFiresAndCount(nameLike,sDate,eDate,states,pageNum,pageSize));
-    }
-
-    @Permission
-    @ApiOperation(httpMethod = "GET", value = "获取单个单据详细数据", notes = "获取单个单据详细数据")
-    @GetMapping(value = "/getMoreData")
-    public CommonResponse seleteOne(@RequestParam(value = "billNo") String billNo){
-        return CommonResponseUtil.success(fireRectificationService.selectOneById(billNo));
-    }
-
-    @Permission
-    @ApiOperation(httpMethod = "POST", value = "下载附件", notes = "下载附件")
-    @PostMapping(value = "/downLoad")
-    public void downLoad(@RequestBody List<String> path, HttpServletResponse response){
-        fireRectificationService.downLoadFilesByUrll(path.get(0),response);
-    }
-
-    @Permission
-    @ApiOperation(httpMethod = "POST", value = "修改表单数据", notes = "修改表单数据")
-    @PostMapping(value = "/update")
-    public CommonResponse update(@RequestBody FireParamBo paramBo){
-        return CommonResponseUtil.success(fireRectificationService.updateByid(paramBo));
-    }
-}
+//package com.yeejoin.amos.fas.business.controller;
+//
+//import com.yeejoin.amos.fas.business.bo.FireParamBo;
+//import com.yeejoin.amos.fas.business.service.intfc.FireRectificationService;
+//import com.yeejoin.amos.fas.config.Permission;
+//import com.yeejoin.amos.fas.core.util.CommonResponse;
+//import com.yeejoin.amos.fas.core.util.CommonResponseUtil;
+//import io.swagger.annotations.Api;
+//import io.swagger.annotations.ApiOperation;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.web.bind.annotation.GetMapping;
+//import org.springframework.web.bind.annotation.PostMapping;
+//import org.springframework.web.bind.annotation.RequestBody;
+//import org.springframework.web.bind.annotation.RequestMapping;
+//import org.springframework.web.bind.annotation.RequestParam;
+//import org.springframework.web.bind.annotation.RestController;
+//
+//import javax.servlet.http.HttpServletResponse;
+//import java.util.List;
+//
+//
+///**
+// * 安全执行-消防整改 控制器
+// *
+// * @author 郑嘉伟
+// */
+//@RestController
+//@RequestMapping(value = "/api/fireRectification")
+//@Api(tags = "消防整改")
+//public class FireRectificationController extends BaseController {
+//
+//    @Autowired
+//    private  FireRectificationService fireRectificationService;
+//
+//    @Permission
+//    @ApiOperation(httpMethod = "GET", value = "按条件查询消防整改列表信息", notes = "按条件查询消防整改列表信息")
+//    @GetMapping(value = "/list")
+//    public CommonResponse queryFireList(
+//            @RequestParam(value = "nameLike") String nameLike,
+//            @RequestParam(value = "sDate") String sDate,
+//            @RequestParam(value = "eDate") String eDate,
+//            @RequestParam(value = "states") int states,
+//            @RequestParam(value = "pageNum") int pageNum,
+//            @RequestParam(value = "pageSize") int pageSize) {
+//        return CommonResponseUtil.success(fireRectificationService.queryFiresAndCount(nameLike,sDate,eDate,states,pageNum,pageSize));
+//    }
+//
+//    @Permission
+//    @ApiOperation(httpMethod = "GET", value = "获取单个单据详细数据", notes = "获取单个单据详细数据")
+//    @GetMapping(value = "/getMoreData")
+//    public CommonResponse seleteOne(@RequestParam(value = "billNo") String billNo){
+//        return CommonResponseUtil.success(fireRectificationService.selectOneById(billNo));
+//    }
+//
+//    @Permission
+//    @ApiOperation(httpMethod = "POST", value = "下载附件", notes = "下载附件")
+//    @PostMapping(value = "/downLoad")
+//    public void downLoad(@RequestBody List<String> path, HttpServletResponse response){
+//        fireRectificationService.downLoadFilesByUrll(path.get(0),response);
+//    }
+//
+//    @Permission
+//    @ApiOperation(httpMethod = "POST", value = "修改表单数据", notes = "修改表单数据")
+//    @PostMapping(value = "/update")
+//    public CommonResponse update(@RequestBody FireParamBo paramBo){
+//        return CommonResponseUtil.success(fireRectificationService.updateByid(paramBo));
+//    }
+//}

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/dao/mapper/FireRectificationMapper.java

-package com.yeejoin.amos.fas.business.dao.mapper;
-
-import com.yeejoin.amos.fas.business.bo.FireInfoBo;
-import com.yeejoin.amos.fas.business.bo.FireMoreDataBo;
-import com.yeejoin.amos.fas.business.bo.FireRectificationBo;
-
-import java.util.List;
-import java.util.Map;
-
-public interface FireRectificationMapper extends BaseMapper{
-    /**
-     * 查询当前页数据和数量
-     * @param param
-     * @return
-     */
-    List<FireRectificationBo>  queryFiresAndCount(Map<String,Object> param);
-    long countQueryFireList(Map<String,Object> param);
-
-    /**
-     * 查询详细信息
-     * @param billNo
-     * @return
-     */
-    FireRectificationBo selectOneForBase(String billNo);
-    List<FireMoreDataBo>  selectOneForEmergency(String billNo);
-    List<FireMoreDataBo> selectOneForDanger(String billNo);
-    List<FireMoreDataBo> selectOneForHidden (String billNo);
-    FireInfoBo selectOneForfire(String billNo, int id);
-
-    /**
-     * 修改单据及其相关信息
-     * @param param
-     * @return
-     */
-    int updateBill(Map<String,String > param);
-    int updateWarnning(FireMoreDataBo param);
-    int updateHidden(FireMoreDataBo param);
-    int updateDanger(FireMoreDataBo param);
-
-}
+//package com.yeejoin.amos.fas.business.dao.mapper;
+//
+//import com.yeejoin.amos.fas.business.bo.FireInfoBo;
+//import com.yeejoin.amos.fas.business.bo.FireMoreDataBo;
+//import com.yeejoin.amos.fas.business.bo.FireRectificationBo;
+//
+//import java.util.List;
+//import java.util.Map;
+//
+//public interface FireRectificationMapper extends BaseMapper{
+//    /**
+//     * 查询当前页数据和数量
+//     * @param param
+//     * @return
+//     */
+//    List<FireRectificationBo>  queryFiresAndCount(Map<String,Object> param);
+//    long countQueryFireList(Map<String,Object> param);
+//
+//    /**
+//     * 查询详细信息
+//     * @param billNo
+//     * @return
+//     */
+//    FireRectificationBo selectOneForBase(String billNo);
+//    List<FireMoreDataBo>  selectOneForEmergency(String billNo);
+//    List<FireMoreDataBo> selectOneForDanger(String billNo);
+//    List<FireMoreDataBo> selectOneForHidden (String billNo);
+//    FireInfoBo selectOneForfire(String billNo, int id);
+//
+//    /**
+//     * 修改单据及其相关信息
+//     * @param param
+//     * @return
+//     */
+//    int updateBill(Map<String,String > param);
+//    int updateWarnning(FireMoreDataBo param);
+//    int updateHidden(FireMoreDataBo param);
+//    int updateDanger(FireMoreDataBo param);
+//
+//}

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/service/intfc/FireRectificationService.java

-package com.yeejoin.amos.fas.business.service.intfc;
-
-import com.yeejoin.amos.fas.business.bo.FireParamBo;
-
-import javax.servlet.http.HttpServletResponse;
-import java.util.Map;
-
-/**
- * 安全监管-单据管理 服务类
- *
- * @author 郑嘉伟
- */
-public interface FireRectificationService {
-
-    /**
-     * 按条件查询消防整改列表信息
-     * @param nameLike 单据模糊查询
-     * @param sDate 起始日
-     * @param eDate 终止日
-     * @param states 状态
-     * @param pageNum 页码
-     * @return
-     */
-    Map<String, Object> queryFiresAndCount(String nameLike, String sDate, String eDate, int states, int pageNum ,int pageSize);
-
-    /**
-     * 查询详细单据信息
-     * @param billNo
-     * @return
-     */
-    Map<String ,Object> selectOneById(String  billNo);
-
-    /**
-     * 下载文件
-     * @param path
-     * @param response
-     */
-    void downLoadFilesByUrll(String  path, HttpServletResponse response );
-
-    /**
-     * 修改单据相关信息
-     * @param paramBo
-     * @return
-     */
-    Map<String, String>  updateByid(FireParamBo paramBo);
-}
+//package com.yeejoin.amos.fas.business.service.intfc;
+//
+//import com.yeejoin.amos.fas.business.bo.FireParamBo;
+//
+//import javax.servlet.http.HttpServletResponse;
+//import java.util.Map;
+//
+///**
+// * 安全监管-单据管理 服务类
+// *
+// * @author 郑嘉伟
+// */
+//public interface FireRectificationService {
+//
+//    /**
+//     * 按条件查询消防整改列表信息
+//     * @param nameLike 单据模糊查询
+//     * @param sDate 起始日
+//     * @param eDate 终止日
+//     * @param states 状态
+//     * @param pageNum 页码
+//     * @return
+//     */
+//    Map<String, Object> queryFiresAndCount(String nameLike, String sDate, String eDate, int states, int pageNum ,int pageSize);
+//
+//    /**
+//     * 查询详细单据信息
+//     * @param billNo
+//     * @return
+//     */
+//    Map<String ,Object> selectOneById(String  billNo);
+//
+//    /**
+//     * 下载文件
+//     * @param path
+//     * @param response
+//     */
+//    void downLoadFilesByUrll(String  path, HttpServletResponse response );
+//
+//    /**
+//     * 修改单据相关信息
+//     * @param paramBo
+//     * @return
+//     */
+//    Map<String, String>  updateByid(FireParamBo paramBo);
+//}

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/business/util/FileUtils.java

-package com.yeejoin.amos.fas.business.util;
-
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
-
-import javax.servlet.http.HttpServletResponse;
-import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.net.HttpURLConnection;
-import java.net.URL;
-import java.util.List;
-import java.util.zip.ZipEntry;
-import java.util.zip.ZipOutputStream;
-
-/**
- * 文件下载 工具类
- *
- * @author 郑嘉伟
- * @since 2020-08-05
- */
-public class FileUtils {
-
-    private static final Logger logger = LogManager.getLogger(FileUtils.class);
-
-    /**
-     * 获取压缩好zip——>设置消息头——>输出
-     * @param response
-     * @param list
-     * @param ipUrl
-     * @throws IOException
-     */
-    public static void downloadZIP(HttpServletResponse response, List<String> list, String ipUrl) throws IOException {
-        //构建zip
-        String zipname = "单据相关附件.zip";
-        String zippath = fileToZip(list, zipname, ipUrl);
-
-        OutputStream out = null;
-        BufferedInputStream br = null;
-        try {
-            String fileName = new String(zipname.getBytes("UTF-8"), "iso-8859-1");
-            br = new BufferedInputStream(new FileInputStream(zippath));
-            byte[] buf = new byte[1024];
-            int len = 0;
-            response.reset();
-            response.setHeader("Content-Type", "application/octet-stream;charset=utf-8");
-            response.setHeader("Content-Disposition", "attachment; filename=" + fileName);
-            response.setHeader("Access-Control-Expose-Headers", "access_token");
-            response.setHeader("Access-Control-Allow-Origin", "*");
-            response.setContentType("application/zip");
-            out = response.getOutputStream();
-            while ((len = br.read(buf)) > 0) {
-                out.write(buf, 0, len);
-                out.flush();
-            }
-        } catch (Exception ex) {
-            ex.printStackTrace();
-        } finally {
-            br.close();
-            out.close();
-        }
-    }
-
-    /**
-     * 通过文件服务器——>获取流——>输出——>压缩
-     *
-     * @param list
-     * @param fileName
-     * @return
-     */
-    public static String fileToZip(List<String> list, String fileName, String ipUrl) {
-        InputStream fis = null;
-        BufferedInputStream bis = null;
-        FileOutputStream fos = null;
-        ZipOutputStream zos = null;
-
-        // 临时目录
-        String path = System.getProperty("java.io.tmpdir") + fileName;
-        try {
-            File zipFile = new File(path);
-            zipFile.deleteOnExit();
-            zipFile.createNewFile();
-
-            fos = new FileOutputStream(zipFile);
-            zos = new ZipOutputStream(new BufferedOutputStream(fos));
-            byte[] bufs = new byte[1024 * 10];
-            for (String a : list) {
-                fis = getInputStreamFromURL(ipUrl + a);
-
-                String subFileName = new File(ipUrl + a).getName();
-                //创建ZIP实体，并添加进压缩包
-                ZipEntry zipEntry = new ZipEntry(subFileName);
-                zos.putNextEntry(zipEntry);
-
-                bis = new BufferedInputStream(fis, 1024 * 10);
-                int read = 0;
-                while ((read = bis.read(bufs, 0, 1024 * 10)) != -1) {
-                    zos.write(bufs, 0, read);
-                }
-            }
-            System.out.println("压缩成功");
-        } catch (FileNotFoundException e) {
-            e.printStackTrace();
-            throw new RuntimeException(e);
-        } catch (IOException e) {
-            e.printStackTrace();
-            throw new RuntimeException(e);
-        } finally {
-            try {
-                if (null != bis) {
-                    bis.close();
-                }
-                if (null != zos) {
-                    zos.close();
-                }
-            } catch (IOException e) {
-                e.printStackTrace();
-                throw new RuntimeException(e);
-            }
-        }
-        return path;
-    }
-
-
-    /**
-     * 从URL中读取图片,转换成流形式.
-     *
-     * @param destUrl
-     * @return
-     */
-    public static InputStream getInputStreamFromURL(String destUrl) {
-
-        HttpURLConnection httpUrl = null;
-        URL url = null;
-        InputStream in = null;
-        try {
-            url = new URL(destUrl);
-            httpUrl = (HttpURLConnection) url.openConnection();
-            httpUrl.connect();
-            in = httpUrl.getInputStream();
-            return in;
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-        return null;
-    }
-}
\ No newline at end of file

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/config/LogFilter.java

+package com.yeejoin.amos.fas.config;
+
+import ch.qos.logback.classic.pattern.ClassicConverter;
+import ch.qos.logback.classic.spi.ILoggingEvent;
+
+import java.text.Normalizer;
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * @author keyong
+ * @title: LogFilter
+ * <pre>
+ * @description: TODO
+ * </pre>
+ * @date 2024/3/25 15:04
+ */
+public class LogFilter extends ClassicConverter {
+
+    private static final List<String> LOG_VALID_LIST = Arrays.asList("%0d", "%0a", "%0A", "%0D", "\r", "\n");
+
+    @Override
+    public String convert(ILoggingEvent event) {
+        if (event.getLoggerName().startsWith("com.yeejoin")) { //根据package启用规则
+            return validLog(event.getFormattedMessage());
+        } else {
+            return event.getFormattedMessage();
+        }
+    }
+
+    public static String validLog(String logs) {
+        String normalize = Normalizer.normalize(logs, Normalizer.Form.NFKC);
+        for (String str : LOG_VALID_LIST) {
+            normalize = normalize.replace(str, "");
+        }
+        return normalize;
+    }
+
+}

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/threadpool/AmosThreadPool.java

@@ -18,6 +18,8 @@ public class AmosThreadPool {
      */
     private static final Logger logger = LoggerFactory.getLogger(AmosThreadPool.class);
 
+    private static volatile AmosThreadPool amosThreadPool = null;
+
     /**
      * 单例
      */
@@ -34,14 +36,14 @@ public class AmosThreadPool {
      * @return
      */
     public static AmosThreadPool getInstance() {
-        if (instance == null) {
+        if (amosThreadPool == null) {
             synchronized (AmosThreadPool.class) {
-                if (instance == null) {
-                    instance = new AmosThreadPool();
+                if (amosThreadPool == null) {
+                    amosThreadPool = new AmosThreadPool();
                 }
             }
         }
-        return instance;
+        return amosThreadPool;
     }
 
     static {

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/FileUtil.java

@@ -78,7 +78,7 @@ public class FileUtil {
         fileName = new Date().getTime() + "_" + name;
 
         // 获取文件的后缀名
-        String suffixName = fileName.substring(fileName.lastIndexOf(".")).toLowerCase();// 例如:.jpg
+        String suffixName = fileName.substring(fileName.lastIndexOf(".")).toLowerCase(Locale.ENGLISH);// 例如:.jpg
         // 文件上传后的路径
         String filePath = getFilePath(suffixName);// 1.images 2.musics 3.videos
         // 4.docs

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/ResponseUtils.java

@@ -168,7 +168,7 @@ public final class ResponseUtils {
 	public static Object getGetMethod(Object ob , String name)throws Exception{
 		Method[] m = ob.getClass().getMethods();
 		for(int i = 0;i < m.length;i++){
-			if(("get"+name).toLowerCase().equals(m[i].getName().toLowerCase())){
+			if(("get"+name).equalsIgnoreCase(m[i].getName())){
 				return m[i].invoke(ob);
 			}
 		}

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/WordConverterUtils.java

@@ -6,6 +6,7 @@ import org.apache.poi.xwpf.converter.xhtml.XHTMLConverter;
 import org.apache.poi.xwpf.converter.xhtml.XHTMLOptions;
 import org.apache.poi.xwpf.usermodel.XWPFDocument;
 
+import javax.xml.XMLConstants;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.transform.OutputKeys;
 import javax.xml.transform.Transformer;
@@ -104,6 +105,7 @@ public class WordConverterUtils {
 			DOMSource domSource = new DOMSource(htmlDocument);
 			StreamResult streamResult = new StreamResult(targetFile);
 			TransformerFactory tf = TransformerFactory.newInstance();
+			tf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 			Transformer serializer = tf.newTransformer();
 			serializer.setOutputProperty(OutputKeys.ENCODING, "utf-8");
 			serializer.setOutputProperty(OutputKeys.INDENT, "yes");
@@ -150,6 +152,7 @@ public class WordConverterUtils {
 			StringWriter stringWriter = new StringWriter();
 			StreamResult streamResult = new StreamResult(stringWriter);
 			TransformerFactory tf = TransformerFactory.newInstance();
+			tf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 			Transformer serializer = tf.newTransformer();
 			serializer.setOutputProperty(OutputKeys.ENCODING, "utf-8");
 			serializer.setOutputProperty(OutputKeys.INDENT, "yes");

YeeAmosFireAutoSysService/src/main/java/com/yeejoin/amos/fas/core/util/query/BaseQuerySpecification.java

@@ -77,11 +77,11 @@ public class BaseQuerySpecification<T> implements Specification<T> {
 
 		List<Order> orders = new ArrayList<>();
 		orderbys.keySet().forEach(key -> {
-			if (key.toLowerCase().equals("asc") && !orderbys.get(key).isEmpty()) {
+			if ("asc".equalsIgnoreCase(key) && !orderbys.get(key).isEmpty()) {
 				orderbys.get(key).forEach(propertyName -> {
 					orders.add(builder.asc(root.get(propertyName)));
 				});
-			} else if (key.toLowerCase().equals("desc") && !orderbys.get(key).isEmpty()) {
+			} else if ("desc".equalsIgnoreCase(key) && !orderbys.get(key).isEmpty()) {
 				orderbys.get(key).forEach(propertyName -> {
 					orders.add(builder.desc(root.get(propertyName)));
 				});

YeeAmosFireAutoSysStart/src/main/resources/logback.xml

@@ -2,6 +2,7 @@
 <configuration debug="false">
     <!--定义日志文件的存储地址 勿在 LogBack 的配置中使用相对路径-->
     <property name="LOG_HOME" value="log" />
+    <conversionRule conversionWord="msg" converterClass="com.yeejoin.amos.fas.config.LogFilter" />
     <!-- 按照每天生成日志文件 -->
     <appender name="FILE"  class="ch.qos.logback.core.rolling.RollingFileAppender">
         <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">