From 9fa3eac3aae9d29558c48acd0396b3f655706fb1 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期四, 26 五月 2022 09:02:32 +0800
Subject: [PATCH] 升级fastjson到最新版2.0.4
---
ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelUtil.java | 258 +++++++++++++++++++++++++++++----------------------
1 files changed, 148 insertions(+), 110 deletions(-)
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelUtil.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelUtil.java
index fa95291..e868511 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelUtil.java
@@ -9,6 +9,8 @@
import java.lang.reflect.Method;
import java.math.BigDecimal;
import java.text.DecimalFormat;
+import java.time.LocalDate;
+import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Comparator;
@@ -20,6 +22,7 @@
import java.util.UUID;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.RegExUtils;
import org.apache.poi.hssf.usermodel.HSSFClientAnchor;
import org.apache.poi.hssf.usermodel.HSSFPicture;
import org.apache.poi.hssf.usermodel.HSSFPictureData;
@@ -86,6 +89,10 @@
{
private static final Logger log = LoggerFactory.getLogger(ExcelUtil.class);
+ public static final String FORMULA_REGEX_STR = "=|-|\\+|@";
+
+ public static final String[] FORMULA_STR = { "=", "-", "+", "@" };
+
/**
* Excel sheet最大行数,默认65536
*/
@@ -130,7 +137,7 @@
* 当前行号
*/
private int rownum;
-
+
/**
* 标题
*/
@@ -268,22 +275,15 @@
}
}
// 有数据时才处理 得到类的所有field.
- Field[] allFields = clazz.getDeclaredFields();
- // 定义一个map用于存放列的序号和field.
- Map<Integer, Field> fieldsMap = new HashMap<Integer, Field>();
- for (int col = 0; col < allFields.length; col++)
+ List<Object[]> fields = this.getFields();
+ Map<Integer, Object[]> fieldsMap = new HashMap<Integer, Object[]>();
+ for (Object[] objects : fields)
{
- Field field = allFields[col];
- Excel attr = field.getAnnotation(Excel.class);
- if (attr != null && (attr.type() == Type.ALL || attr.type() == type))
+ Excel attr = (Excel) objects[1];
+ Integer column = cellMap.get(attr.name());
+ if (column != null)
{
- // 设置类的私有字段属性可访问.
- field.setAccessible(true);
- Integer column = cellMap.get(attr.name());
- if (column != null)
- {
- fieldsMap.put(column, field);
- }
+ fieldsMap.put(column, objects);
}
}
for (int i = titleNum + 1; i <= rows; i++)
@@ -296,14 +296,15 @@
continue;
}
T entity = null;
- for (Map.Entry<Integer, Field> entry : fieldsMap.entrySet())
+ for (Map.Entry<Integer, Object[]> entry : fieldsMap.entrySet())
{
Object val = this.getCellValue(row, entry.getKey());
// 如果不存在实例则新建.
entity = (entity == null ? clazz.newInstance() : entity);
// 从map中得到对应列的field.
- Field field = fieldsMap.get(entry.getKey());
+ Field field = (Field) entry.getValue()[0];
+ Excel attr = (Excel) entry.getValue()[1];
// 取得类型,并根据对象类型设置值.
Class<?> fieldType = field.getType();
if (String.class == fieldType)
@@ -318,7 +319,7 @@
String dateFormat = field.getAnnotation(Excel.class).dateFormat();
if (StringUtils.isNotEmpty(dateFormat))
{
- val = DateUtils.parseDateToStr(dateFormat, (Date) val);
+ val = parseDateToStr(dateFormat, val);
}
else
{
@@ -330,7 +331,7 @@
{
val = Convert.toInt(val);
}
- else if (Long.TYPE == fieldType || Long.class == fieldType)
+ else if ((Long.TYPE == fieldType || Long.class == fieldType) && StringUtils.isNumeric(Convert.toStr(val)))
{
val = Convert.toLong(val);
}
@@ -363,7 +364,6 @@
}
if (StringUtils.isNotNull(fieldType))
{
- Excel attr = field.getAnnotation(Excel.class);
String propertyName = field.getName();
if (StringUtils.isNotEmpty(attr.targetAttr()))
{
@@ -414,7 +414,7 @@
{
return exportExcel(list, sheetName, StringUtils.EMPTY);
}
-
+
/**
* 对list数据源将其里面的数据导入到excel表单
*
@@ -436,9 +436,8 @@
* @param list 导出数据集合
* @param sheetName 工作表的名称
* @return 结果
- * @throws IOException
*/
- public void exportExcel(HttpServletResponse response, List<T> list, String sheetName)throws IOException
+ public void exportExcel(HttpServletResponse response, List<T> list, String sheetName)
{
exportExcel(response, list, sheetName, StringUtils.EMPTY);
}
@@ -451,14 +450,13 @@
* @param sheetName 工作表的名称
* @param title 标题
* @return 结果
- * @throws IOException
*/
- public void exportExcel(HttpServletResponse response, List<T> list, String sheetName, String title) throws IOException
+ public void exportExcel(HttpServletResponse response, List<T> list, String sheetName, String title)
{
response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
response.setCharacterEncoding("utf-8");
this.init(list, sheetName, title, Type.EXPORT);
- exportExcel(response.getOutputStream());
+ exportExcel(response);
}
/**
@@ -491,7 +489,7 @@
* @param sheetName 工作表的名称
* @return 结果
*/
- public void importTemplateExcel(HttpServletResponse response, String sheetName) throws IOException
+ public void importTemplateExcel(HttpServletResponse response, String sheetName)
{
importTemplateExcel(response, sheetName, StringUtils.EMPTY);
}
@@ -503,12 +501,12 @@
* @param title 标题
* @return 结果
*/
- public void importTemplateExcel(HttpServletResponse response, String sheetName, String title) throws IOException
+ public void importTemplateExcel(HttpServletResponse response, String sheetName, String title)
{
response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
response.setCharacterEncoding("utf-8");
this.init(null, sheetName, title, Type.IMPORT);
- exportExcel(response.getOutputStream());
+ exportExcel(response);
}
/**
@@ -516,12 +514,12 @@
*
* @return 结果
*/
- public void exportExcel(OutputStream out)
+ public void exportExcel(HttpServletResponse response)
{
try
{
writeSheet();
- wb.write(out);
+ wb.write(response.getOutputStream());
}
catch (Exception e)
{
@@ -530,7 +528,6 @@
finally
{
IOUtils.closeQuietly(wb);
- IOUtils.closeQuietly(out);
}
}
@@ -610,8 +607,6 @@
{
Field field = (Field) os[0];
Excel excel = (Excel) os[1];
- // 设置实体类私有属性可访问
- field.setAccessible(true);
this.addCell(excel, row, vo, field, column++);
}
}
@@ -677,21 +672,46 @@
style.setFont(totalFont);
styles.put("total", style);
- style = wb.createCellStyle();
- style.cloneStyleFrom(styles.get("data"));
- style.setAlignment(HorizontalAlignment.LEFT);
- styles.put("data1", style);
+ styles.putAll(annotationStyles(wb));
- style = wb.createCellStyle();
- style.cloneStyleFrom(styles.get("data"));
- style.setAlignment(HorizontalAlignment.CENTER);
- styles.put("data2", style);
+ return styles;
+ }
- style = wb.createCellStyle();
- style.cloneStyleFrom(styles.get("data"));
- style.setAlignment(HorizontalAlignment.RIGHT);
- styles.put("data3", style);
-
+ /**
+ * 根据Excel注解创建表格样式
+ *
+ * @param wb 工作薄对象
+ * @return 自定义样式列表
+ */
+ private Map<String, CellStyle> annotationStyles(Workbook wb)
+ {
+ Map<String, CellStyle> styles = new HashMap<String, CellStyle>();
+ for (Object[] os : fields)
+ {
+ Excel excel = (Excel) os[1];
+ String key = "data_" + excel.align() + "_" + excel.color();
+ if (!styles.containsKey(key))
+ {
+ CellStyle style = wb.createCellStyle();
+ style = wb.createCellStyle();
+ style.setAlignment(excel.align());
+ style.setVerticalAlignment(VerticalAlignment.CENTER);
+ style.setBorderRight(BorderStyle.THIN);
+ style.setRightBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setBorderLeft(BorderStyle.THIN);
+ style.setLeftBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setBorderTop(BorderStyle.THIN);
+ style.setTopBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ style.setBorderBottom(BorderStyle.THIN);
+ style.setBottomBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
+ Font dataFont = wb.createFont();
+ dataFont.setFontName("Arial");
+ dataFont.setFontHeightInPoints((short) 10);
+ dataFont.setColor(excel.color().index);
+ style.setFont(dataFont);
+ styles.put(key, style);
+ }
+ }
return styles;
}
@@ -720,7 +740,13 @@
{
if (ColumnType.STRING == attr.cellType())
{
- cell.setCellValue(StringUtils.isNull(value) ? attr.defaultValue() : value + attr.suffix());
+ String cellValue = Convert.toStr(value);
+ // 对于任何以表达式触发字符 =-+@开头的单元格,直接使用tab字符作为前缀,防止CSV注入。
+ if (StringUtils.startsWithAny(cellValue, FORMULA_STR))
+ {
+ cellValue = RegExUtils.replaceFirst(cellValue, FORMULA_REGEX_STR, "\t$0");
+ }
+ cell.setCellValue(StringUtils.isNull(cellValue) ? attr.defaultValue() : cellValue + attr.suffix());
}
else if (ColumnType.NUMERIC == attr.cellType())
{
@@ -785,17 +811,10 @@
// 设置列宽
sheet.setColumnWidth(column, (int) ((attr.width() + 0.72) * 256));
}
- // 如果设置了提示信息则鼠标放上去提示.
- if (StringUtils.isNotEmpty(attr.prompt()))
+ if (StringUtils.isNotEmpty(attr.prompt()) || attr.combo().length > 0)
{
- // 这里默认设了2-101列提示.
- setXSSFPrompt(sheet, "", attr.prompt(), 1, 100, column, column);
- }
- // 如果设置了combo属性则本列只能选择不能输入
- if (attr.combo().length > 0)
- {
- // 这里默认设了2-101列只能选择不能输入.
- setXSSFValidation(sheet, attr.combo(), 1, 100, column, column);
+ // 提示信息或只能选择不能输入的列内容.
+ setPromptOrValidation(sheet, attr.combo(), attr.prompt(), 1, 100, column, column);
}
}
@@ -814,8 +833,7 @@
{
// 创建cell
cell = row.createCell(column);
- int align = attr.align().value();
- cell.setCellStyle(styles.get("data" + (align >= 1 && align <= 3 ? align : "")));
+ cell.setCellStyle(styles.get("data_" + attr.align() + "_" + attr.color()));
// 用于读取对象中的属性
Object value = getTargetValue(vo, field, attr);
@@ -825,7 +843,7 @@
String dictType = attr.dictType();
if (StringUtils.isNotEmpty(dateFormat) && StringUtils.isNotNull(value))
{
- cell.setCellValue(DateUtils.parseDateToStr(dateFormat, (Date) value));
+ cell.setCellValue(parseDateToStr(dateFormat, value));
}
else if (StringUtils.isNotEmpty(readConverterExp) && StringUtils.isNotNull(value))
{
@@ -859,48 +877,29 @@
}
/**
- * 设置 POI XSSFSheet 单元格提示
+ * 设置 POI XSSFSheet 单元格提示或选择框
*
* @param sheet 表单
- * @param promptTitle 提示标题
+ * @param textlist 下拉框显示的内容
* @param promptContent 提示内容
* @param firstRow 开始行
* @param endRow 结束行
* @param firstCol 开始列
* @param endCol 结束列
*/
- public void setXSSFPrompt(Sheet sheet, String promptTitle, String promptContent, int firstRow, int endRow,
+ public void setPromptOrValidation(Sheet sheet, String[] textlist, String promptContent, int firstRow, int endRow,
int firstCol, int endCol)
{
DataValidationHelper helper = sheet.getDataValidationHelper();
- DataValidationConstraint constraint = helper.createCustomConstraint("DD1");
+ DataValidationConstraint constraint = textlist.length > 0 ? helper.createExplicitListConstraint(textlist) : helper.createCustomConstraint("DD1");
CellRangeAddressList regions = new CellRangeAddressList(firstRow, endRow, firstCol, endCol);
DataValidation dataValidation = helper.createValidation(constraint, regions);
- dataValidation.createPromptBox(promptTitle, promptContent);
- dataValidation.setShowPromptBox(true);
- sheet.addValidationData(dataValidation);
- }
-
- /**
- * 设置某些列的值只能输入预制的数据,显示下拉框.
- *
- * @param sheet 要设置的sheet.
- * @param textlist 下拉框显示的内容
- * @param firstRow 开始行
- * @param endRow 结束行
- * @param firstCol 开始列
- * @param endCol 结束列
- * @return 设置好的sheet.
- */
- public void setXSSFValidation(Sheet sheet, String[] textlist, int firstRow, int endRow, int firstCol, int endCol)
- {
- DataValidationHelper helper = sheet.getDataValidationHelper();
- // 加载下拉列表内容
- DataValidationConstraint constraint = helper.createExplicitListConstraint(textlist);
- // 设置数据有效性加载在哪个单元格上,四个参数分别是:起始行、终止行、起始列、终止列
- CellRangeAddressList regions = new CellRangeAddressList(firstRow, endRow, firstCol, endCol);
- // 数据有效性对象
- DataValidation dataValidation = helper.createValidation(constraint, regions);
+ if (StringUtils.isNotEmpty(promptContent))
+ {
+ // 如果设置了提示信息则鼠标放上去提示
+ dataValidation.createPromptBox("", promptContent);
+ dataValidation.setShowPromptBox(true);
+ }
// 处理Excel兼容性问题
if (dataValidation instanceof XSSFDataValidation)
{
@@ -911,7 +910,6 @@
{
dataValidation.setSuppressDropDownArrow(false);
}
-
sheet.addValidationData(dataValidation);
}
@@ -1123,7 +1121,7 @@
if (StringUtils.isNotEmpty(excel.targetAttr()))
{
String target = excel.targetAttr();
- if (target.indexOf(".") > -1)
+ if (target.contains("."))
{
String[] targets = target.split("[.]");
for (String name : targets)
@@ -1164,7 +1162,17 @@
*/
private void createExcelField()
{
- this.fields = new ArrayList<Object[]>();
+ this.fields = getFields();
+ this.fields = this.fields.stream().sorted(Comparator.comparing(objects -> ((Excel) objects[1]).sort())).collect(Collectors.toList());
+ this.maxHeight = getRowHeight();
+ }
+
+ /**
+ * 获取字段注解信息
+ */
+ public List<Object[]> getFields()
+ {
+ List<Object[]> fields = new ArrayList<Object[]>();
List<Field> tempFields = new ArrayList<>();
tempFields.addAll(Arrays.asList(clazz.getSuperclass().getDeclaredFields()));
tempFields.addAll(Arrays.asList(clazz.getDeclaredFields()));
@@ -1173,7 +1181,12 @@
// 单注解
if (field.isAnnotationPresent(Excel.class))
{
- putToField(field, field.getAnnotation(Excel.class));
+ Excel attr = field.getAnnotation(Excel.class);
+ if (attr != null && (attr.type() == Type.ALL || attr.type() == type))
+ {
+ field.setAccessible(true);
+ fields.add(new Object[] { field, attr });
+ }
}
// 多注解
@@ -1181,14 +1194,17 @@
{
Excels attrs = field.getAnnotation(Excels.class);
Excel[] excels = attrs.value();
- for (Excel excel : excels)
+ for (Excel attr : excels)
{
- putToField(field, excel);
+ if (attr != null && (attr.type() == Type.ALL || attr.type() == type))
+ {
+ field.setAccessible(true);
+ fields.add(new Object[] { field, attr });
+ }
}
}
}
- this.fields = this.fields.stream().sorted(Comparator.comparing(objects -> ((Excel) objects[1]).sort())).collect(Collectors.toList());
- this.maxHeight = getRowHeight();
+ return fields;
}
/**
@@ -1200,20 +1216,9 @@
for (Object[] os : this.fields)
{
Excel excel = (Excel) os[1];
- maxHeight = maxHeight > excel.height() ? maxHeight : excel.height();
+ maxHeight = Math.max(maxHeight, excel.height());
}
return (short) (maxHeight * 20);
- }
-
- /**
- * 放到字段集合中
- */
- private void putToField(Field field, Excel attr)
- {
- if (attr != null && (attr.type() == Type.ALL || attr.type() == type))
- {
- this.fields.add(new Object[] { field, attr });
- }
}
/**
@@ -1391,4 +1396,37 @@
}
return sheetIndexPicMap;
}
+
+ /**
+ * 格式化不同类型的日期对象
+ *
+ * @param dateFormat 日期格式
+ * @param val 被格式化的日期对象
+ * @return 格式化后的日期字符
+ */
+ public String parseDateToStr(String dateFormat, Object val)
+ {
+ if (val == null)
+ {
+ return "";
+ }
+ String str;
+ if (val instanceof Date)
+ {
+ str = DateUtils.parseDateToStr(dateFormat, (Date) val);
+ }
+ else if (val instanceof LocalDateTime)
+ {
+ str = DateUtils.parseDateToStr(dateFormat, DateUtils.toDate((LocalDateTime) val));
+ }
+ else if (val instanceof LocalDate)
+ {
+ str = DateUtils.parseDateToStr(dateFormat, DateUtils.toDate((LocalDate) val));
+ }
+ else
+ {
+ str = val.toString();
+ }
+ return str;
+ }
}
--
Gitblit v1.9.2