diff --git a/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java b/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java index de03fc9..7dbba2f 100644 --- a/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java +++ b/data-center-business-controller/src/main/java/com/techsor/datacenter/business/configurator/CrosXssFilter.java @@ -61,8 +61,8 @@ public class CrosXssFilter implements Filter { httpServletResponse.setHeader("Cache-Control", "no-store, no-cache, must-revalidate, max-age=0"); httpServletResponse.setHeader("Pragma", "no-cache"); httpServletResponse.setDateHeader("Expires", 0); - - httpServletResponse.setHeader("X-Frame-Options", "deny"); + + httpServletResponse.setHeader("X-Frame-Options", "SAMEORIGIN"); String nonce = UUID.randomUUID().toString().replace("-", "").substring(0, 16); // 生成随机 nonce httpServletResponse.setHeader("Content-Security-Policy", diff --git a/data-center-business-model/src/main/java/com/techsor/datacenter/business/entity/RedisAlarmDTO.java b/data-center-business-model/src/main/java/com/techsor/datacenter/business/entity/RedisAlarmDTO.java index 4055f69..f704358 100644 --- a/data-center-business-model/src/main/java/com/techsor/datacenter/business/entity/RedisAlarmDTO.java +++ b/data-center-business-model/src/main/java/com/techsor/datacenter/business/entity/RedisAlarmDTO.java @@ -13,6 +13,8 @@ import lombok.NoArgsConstructor; @AllArgsConstructor @NoArgsConstructor public class RedisAlarmDTO{ + + private String deviceId; @Schema(description ="roid接口返回的id",example = "1") private Long problemReportId; diff --git a/data-center-business-service/src/main/java/com/techsor/datacenter/business/service/impl/CommonServiceImpl.java b/data-center-business-service/src/main/java/com/techsor/datacenter/business/service/impl/CommonServiceImpl.java index 89e58f5..34301e9 100644 --- a/data-center-business-service/src/main/java/com/techsor/datacenter/business/service/impl/CommonServiceImpl.java +++ b/data-center-business-service/src/main/java/com/techsor/datacenter/business/service/impl/CommonServiceImpl.java @@ -439,11 +439,13 @@ public class CommonServiceImpl implements CommonService { DESUtil.decrypt(apikeyInfo.getAuroraPassword(), Constants.DES_SALT))) { for (ApiDeviceInfoVO apiDeviceInfoVO : deviceInfos) { - String sql = " select rawData, receive_ts from rawData_realtime where deviceId = '" + apiDeviceInfoVO.getDeviceId() + "' limit 1" ; - logger.info("queryAssetInfo aurora sql:" + sql); - - try (PreparedStatement preparedStatement = conn.prepareStatement(sql)) { - ResultSet retult = preparedStatement.executeQuery(sql); + String sql = "select rawData, receive_ts from rawData_realtime where deviceId = ? limit 1"; + logger.info("queryAssetInfo aurora sql:" + sql); + + try (PreparedStatement preparedStatement = conn.prepareStatement(sql)) { + preparedStatement.setString(1, apiDeviceInfoVO.getDeviceId()); + + ResultSet retult = preparedStatement.executeQuery(); while (retult.next()) { String rawData = retult.getString("rawData"); @@ -970,11 +972,13 @@ public class CommonServiceImpl implements CommonService { for (ApiAlarmDeviceInfoVO apiAlarmDeviceInfoVO : deviceInfoVOs) { // String sql = " select rawData, receive_ts, alertTitle, alertLevel,alertLevelName,alertTypeName from "+formatRawDataWithDate()+" where deviceId = '" + apiAlarmDeviceInfoVO.getDeviceId() + "' order by receive_ts desc limit 1" ; // String sql = " select rawData, receive_ts, alertTitle, alertLevel, alertTypeName from "+formatRawDataWithDate()+" where deviceId = '" + apiAlarmDeviceInfoVO.getDeviceId() + "' order by receive_ts desc limit 1" ; - String sql = " select rawData, receive_ts, alertTitle, alertLevel,alertLevelName, alertTypeName from alertData where deviceId = '" + apiAlarmDeviceInfoVO.getDeviceId() + "' order by receive_ts desc limit 1" ; - logger.info("queryAlarmDevice aurora sql:" + sql); - - try (PreparedStatement preparedStatement = conn.prepareStatement(sql)) { - ResultSet retult = preparedStatement.executeQuery(sql); + String sql = "select rawData, receive_ts, alertTitle, alertLevel, alertLevelName, alertTypeName from alertData where deviceId = ? order by receive_ts desc limit 1"; + logger.info("queryAlarmDevice aurora sql:" + sql); + + try (PreparedStatement preparedStatement = conn.prepareStatement(sql)) { + preparedStatement.setString(1, apiAlarmDeviceInfoVO.getDeviceId()); + + ResultSet retult = preparedStatement.executeQuery(); while (retult.next()) { String rawData = retult.getString("rawData"); @@ -2069,11 +2073,13 @@ public class CommonServiceImpl implements CommonService { for (ApiCancelAlarmDeviceInfoVO apiCancelAlarmDeviceInfoVO : deviceInfoVOs) { // String sql = " select rawData, receive_ts, alertTitle, alertLevel,alertLevelName,alertTypeName from "+formatRawDataWithDate()+" where deviceId = '" + apiAlarmDeviceInfoVO.getDeviceId() + "' order by receive_ts desc limit 1" ; // String sql = " select rawData, receive_ts, alertTitle, alertLevel, alertTypeName from "+formatRawDataWithDate()+" where deviceId = '" + apiAlarmDeviceInfoVO.getDeviceId() + "' order by receive_ts desc limit 1" ; - String sql = " select rawData, receive_ts, alertCancelTitle, alertLevel,alertLevelName, alertTypeName from rawData_realtime where deviceId = '" + apiCancelAlarmDeviceInfoVO.getDeviceId() + "' limit 1" ; - logger.info("queryAlarmDevice aurora sql:" + sql); - - try (PreparedStatement preparedStatement = conn.prepareStatement(sql)) { - ResultSet retult = preparedStatement.executeQuery(sql); + String sql = "select rawData, receive_ts, alertCancelTitle, alertLevel, alertLevelName, alertTypeName from rawData_realtime where deviceId = ? limit 1"; + logger.info("queryAlarmDevice aurora sql: " + sql); + + try (PreparedStatement preparedStatement = conn.prepareStatement(sql)) { + preparedStatement.setString(1, apiCancelAlarmDeviceInfoVO.getDeviceId()); + + ResultSet retult = preparedStatement.executeQuery(); while (retult.next()) { String rawData = retult.getString("rawData"); diff --git a/data-center-business-service/src/main/java/com/techsor/datacenter/business/service/impl/DeviceServiceImpl.java b/data-center-business-service/src/main/java/com/techsor/datacenter/business/service/impl/DeviceServiceImpl.java index db300af..75a4842 100644 --- a/data-center-business-service/src/main/java/com/techsor/datacenter/business/service/impl/DeviceServiceImpl.java +++ b/data-center-business-service/src/main/java/com/techsor/datacenter/business/service/impl/DeviceServiceImpl.java @@ -2434,11 +2434,13 @@ public class DeviceServiceImpl implements IDeviceService { Class.forName("com.mysql.cj.jdbc.Driver"); try (Connection conn = DriverManager.getConnection(MessageFormat.format(Constants.AURORA_URL_FORMAT, apikeyInfo.getAuroraUrl()), apikeyInfo.getAuroraUsername(), apikeyInfo.getAuroraPassword())) { - String sql = "select * from " + table + " where deviceId = '" + auroraDataParam.getDeviceId() +"' and " + - auroraDataParam.getStartTime() + " <= receive_ts and receive_ts <= " + auroraDataParam.getEndTime() + " order by receive_ts desc, hashId desc "; - logger.info("getAuroraData sql:{}", sql); - try (PreparedStatement preparedStatement = conn.prepareStatement(sql)) { - ResultSet retult = preparedStatement.executeQuery(sql); + String sql = "select * from " + table + " where deviceId = ? and ? <= receive_ts and receive_ts <= ? order by receive_ts desc, hashId desc "; + logger.info("getAuroraData sql:{}", sql); + try (PreparedStatement preparedStatement = conn.prepareStatement(sql)) { + preparedStatement.setString(1, auroraDataParam.getDeviceId()); // 绑定 deviceId 参数 + preparedStatement.setLong(2, auroraDataParam.getStartTime()); // 绑定 startTime 参数 + preparedStatement.setLong(3, auroraDataParam.getEndTime()); // 绑定 endTime 参数 + ResultSet retult = preparedStatement.executeQuery(); // 遍历结果集 while (retult.next()) {