From d93e2b9df0c2585d099ad65c77b2030837145146 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: Mon, 11 Mar 2024 11:07:29 +0800
Subject: [PATCH] 定时任务白名单配置范围缩小
---
ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java | 31 ++++++++++++++++++++++++++++---
1 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java b/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
index f4ba293..7acadb9 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
@@ -63,7 +63,27 @@
* 登录失败
*/
public static final String LOGIN_FAIL = "Error";
-
+
+ /**
+ * 所有权限标识
+ */
+ public static final String ALL_PERMISSION = "*:*:*";
+
+ /**
+ * 管理员角色权限标识
+ */
+ public static final String SUPER_ADMIN = "admin";
+
+ /**
+ * 角色权限分隔符
+ */
+ public static final String ROLE_DELIMETER = ",";
+
+ /**
+ * 权限标识分隔符
+ */
+ public static final String PERMISSION_DELIMETER = ",";
+
/**
* 验证码有效期(分钟)
*/
@@ -130,13 +150,18 @@
public static final String LOOKUP_LDAPS = "ldaps:";
/**
+ * 自动识别json对象白名单配置(仅允许解析的包名,范围越小越安全)
+ */
+ public static final String[] JSON_WHITELIST_STR = { "org.springframework", "com.ruoyi" };
+
+ /**
* 定时任务白名单配置(仅允许访问的包名,如其他需要可以自行添加)
*/
- public static final String[] JOB_WHITELIST_STR = { "com.ruoyi" };
+ public static final String[] JOB_WHITELIST_STR = { "com.ruoyi.quartz.task" };
/**
* 定时任务违规的字符
*/
public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml",
- "org.springframework", "org.apache", "com.ruoyi.common.utils.file", "com.ruoyi.common.config" };
+ "org.springframework", "org.apache", "com.ruoyi.common.utils.file", "com.ruoyi.common.config", "com.ruoyi.generator" };
}
--
Gitblit v1.9.2