【漏洞处理】freemarker模板注入漏洞——升级仪表盘

jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/drag/api/IDragBaseApi.java

@@ -1,40 +0,0 @@
-package org.jeecg.common.drag.api;
-
-import org.jeecg.common.constant.ServiceNameConstants;
-import org.jeecg.common.drag.api.fallbak.DragBaseApiFallback;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
-import org.springframework.cloud.openfeign.FeignClient;
-import org.springframework.stereotype.Component;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-
-
-/**
- * 仪表盘API接口
- *
- * @author lsq
- * @date 2023/01/09
- */
-@Component
-@FeignClient(contextId = "dragBaseRemoteApi", value = ServiceNameConstants.SERVICE_SYSTEM, fallbackFactory = DragBaseApiFallback.class)
-@ConditionalOnMissingClass("org.jeecg.modules.drag.service.impl.OnlDragBaseApiImpl")
-public interface IDragBaseApi {
-
-    /**
-     * 通过id赋值仪表盘数据
-     *
-     * @param id
-     * @return
-     */
-    @GetMapping(value = "/drag/api/copyDragPage")
-    String copyDragPage( @RequestParam("id") String id);
-
-    /**
-     * 删除表单
-     * @param id
-     */
-    @DeleteMapping(value = "/drag/api/deleteDragPage")
-    void deleteDragPage(@RequestParam("id") String id);
-
-}

jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/drag/api/factory/DragBaseApiFallbackFactory.java

@@ -1,23 +0,0 @@
-package org.jeecg.common.drag.api.factory;
-
-import org.jeecg.common.drag.api.IDragBaseApi;
-import org.jeecg.common.drag.api.fallbak.DragBaseApiFallback;
-import org.springframework.cloud.openfeign.FallbackFactory;
-import org.springframework.stereotype.Component;
-
-/**
- * DragBaseApiFallbackFactory
- * @author: lsq
- * @date 2023/01/09
- */
-@Component
-public class DragBaseApiFallbackFactory implements FallbackFactory<IDragBaseApi> {
-
-
-    @Override
-    public IDragBaseApi create(Throwable throwable) {
-        DragBaseApiFallback fallback = new DragBaseApiFallback();
-        fallback.setCause(throwable);
-        return fallback;
-    }
-}

jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/drag/api/fallbak/DragBaseApiFallback.java

@@ -1,26 +0,0 @@
-package org.jeecg.common.drag.api.fallbak;
-
-import lombok.Setter;
-import lombok.extern.slf4j.Slf4j;
-import org.jeecg.common.drag.api.IDragBaseApi;
-
-/**
- * IDragBaseApi fallback
- * @author LSQ
- * @date 2023/01/09
- */
-@Slf4j
-public class DragBaseApiFallback implements IDragBaseApi {
-
-    @Setter
-    private Throwable cause;
-
-
-    @Override
-    public void deleteDragPage(String id) {}
-
-    @Override
-    public String copyDragPage(String id) {
-        return null;
-    }
-}

jeecg-module-system/jeecg-system-api/jeecg-system-local-api/src/main/java/org/jeecg/common/drag/api/IDragBaseApi.java

@@ -1,27 +0,0 @@
-package org.jeecg.common.drag.api;
-
-/**
- * 仪表盘API接口
- * @date 2023/1/9
- * @author lsq
- */
-public interface IDragBaseApi {
-
-
-    /**
-     * 通过id删除仪表盘
-     *
-     * @param id
-     * @return
-     */
-    void deleteDragPage(String id);
-
-    /**
-     * 通过id复制仪表盘
-     *
-     * @param id
-     * @return id
-     */
-    String copyDragPage(String id);
-
-}

jeecg-module-system/jeecg-system-biz/pom.xml

@@ -37,7 +37,7 @@
 		<dependency>
 			<groupId>org.jeecgframework.boot</groupId>
 			<artifactId>drag-free</artifactId>
-			<version>1.0.1</version>
+			<version>1.0.2</version>
 		</dependency>
 		<!-- 积木报表 mongo redis 支持包 
 		<dependency>