From 619626ae7ef85afc60c720fb309efb08b58b0cb7 Mon Sep 17 00:00:00 2001
From: 潘志宝 <979469083@qq.com>
Date: 星期一, 20 一月 2025 09:43:26 +0800
Subject: [PATCH] sqlInject2

---
 iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/value/service/impl/IndItemValueServiceImpl.java |   26 ++++++++++++++++++++++++++
 1 files changed, 26 insertions(+), 0 deletions(-)

diff --git a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/value/service/impl/IndItemValueServiceImpl.java b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/value/service/impl/IndItemValueServiceImpl.java
index 5efbb4c..ed1c49d 100644
--- a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/value/service/impl/IndItemValueServiceImpl.java
+++ b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/value/service/impl/IndItemValueServiceImpl.java
@@ -3,13 +3,19 @@
 import com.iailab.framework.common.pojo.PageResult;
 import com.iailab.framework.common.service.impl.BaseServiceImpl;
 import com.iailab.framework.common.util.object.BeanUtils;
+import com.iailab.framework.tenant.core.context.DataContextHolder;
+import com.iailab.module.data.common.xss.SQLFilter;
+import com.iailab.module.data.ind.item.vo.IndItemValueVO;
 import com.iailab.module.data.ind.value.dao.IndItemValueDao;
+import com.iailab.module.data.ind.value.dto.QuerySourceValueDTO;
 import com.iailab.module.data.ind.value.entity.IndItemValueEntity;
 import com.iailab.module.data.ind.value.service.IndItemValueService;
 import com.iailab.module.data.ind.value.vo.IndItemValuePageReqVO;
 import com.iailab.module.data.ind.value.vo.IndItemValueSaveReqVO;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.stereotype.Service;
 
+import java.util.List;
 import java.util.UUID;
 
 /**
@@ -47,4 +53,24 @@
     public void delete(String id) {
         baseDao.deleteById(id);
     }
+
+    /**
+     * 根据配置的数据源动态查询
+     * @param dto
+     * @return
+     */
+    @Override
+    public List<IndItemValueVO> getSourceValue(QuerySourceValueDTO dto) {
+        if (StringUtils.isEmpty(dto.getDataSource())) {
+            log.warn("数据源不能为空");
+            return null;
+        }
+        SQLFilter.sqlInject2(dto.getSelectSql());
+        SQLFilter.sqlInject2(dto.getViewSql());
+        SQLFilter.sqlInject2(dto.getWhereSql());
+        SQLFilter.sqlInject2(dto.getGroupSql());
+        SQLFilter.sqlInject2(dto.getGroupSql());
+        DataContextHolder.setDataSourceId(Long.valueOf(dto.getDataSource()));
+        return baseDao.getSourceValue(dto);
+    }
 }
\ No newline at end of file

--
Gitblit v1.9.3