diff --git a/pom.xml b/pom.xml
index 3433458..a202be4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,7 +22,7 @@
2.3.2
2.1.4
1.3.1
- 1.2.78
+ 2.0.43
5.8.0
5.8.0
2.11.0
diff --git a/ruoyi-admin/src/test/java/com/fjp/lc/test/common/CommonTest.java b/ruoyi-admin/src/test/java/com/fjp/lc/test/common/CommonTest.java
index fd6d4c8..1d2b384 100644
--- a/ruoyi-admin/src/test/java/com/fjp/lc/test/common/CommonTest.java
+++ b/ruoyi-admin/src/test/java/com/fjp/lc/test/common/CommonTest.java
@@ -14,12 +14,8 @@ import org.springframework.web.client.RestTemplate;
import java.io.File;
import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
-import java.security.Timestamp;
import java.time.Instant;
-import java.util.Date;
import java.util.HashMap;
import java.util.Map;
@@ -36,6 +32,21 @@ public class CommonTest {
log.info("end {}", System.currentTimeMillis() - start);
}*/
+ @Test
+ public void testEquals(){
+ Integer num1 = 100;
+ Integer num2 = 100;
+
+ System.out.println(num1 == num2); // true,因为对于 Integer 类型,-128 到 127 之间的值会被缓存
+ System.out.println(num1.equals(num2)); // true,因为它们的值相同
+
+ Integer num3 = 200;
+ Integer num4 = 200;
+
+ System.out.println(num3 == num4); // false,因为超出了缓存范围,会创建新的对象实例
+ System.out.println(num3.equals(num4)); // true,因为它们的值相同
+ }
+
@Test
public void test4() throws IOException {
String f1 = "D:/build/tt.jpg";
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java b/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
index 96727be..8330134 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
@@ -255,4 +255,10 @@ public class Constants
public static final Integer REFUSE = 2;
public static final Integer GIVING = 3;
}
+
+ /**
+ * 自动识别json对象白名单配置(仅允许解析的包名,范围越小越安全)
+ */
+ public static final String[] JSON_WHITELIST_STR = { "org.springframework", "com.ruoyi","com.cyl" };
+
}
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FastJson2JsonRedisSerializer.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FastJson2JsonRedisSerializer.java
index 59812ea..b87e452 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FastJson2JsonRedisSerializer.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FastJson2JsonRedisSerializer.java
@@ -1,34 +1,27 @@
package com.ruoyi.framework.config;
-import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson.serializer.SerializerFeature;
-import com.fasterxml.jackson.databind.JavaType;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.type.TypeFactory;
+import com.alibaba.fastjson2.JSON;
+import com.alibaba.fastjson2.JSONReader;
+import com.alibaba.fastjson2.JSONWriter;
+import com.alibaba.fastjson2.filter.Filter;
+import com.ruoyi.common.constant.Constants;
import org.springframework.data.redis.serializer.RedisSerializer;
import org.springframework.data.redis.serializer.SerializationException;
-import com.alibaba.fastjson.parser.ParserConfig;
-import org.springframework.util.Assert;
+
import java.nio.charset.Charset;
/**
* Redis使用FastJson序列化
- *
+ *
* @author ruoyi
*/
public class FastJson2JsonRedisSerializer implements RedisSerializer
{
- @SuppressWarnings("unused")
- private ObjectMapper objectMapper = new ObjectMapper();
-
public static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");
- private Class clazz;
+ static final Filter AUTO_TYPE_FILTER = JSONReader.autoTypeFilter(Constants.JSON_WHITELIST_STR);
- static
- {
- ParserConfig.getGlobalInstance().setAutoTypeSupport(true);
- }
+ private Class clazz;
public FastJson2JsonRedisSerializer(Class clazz)
{
@@ -43,7 +36,7 @@ public class FastJson2JsonRedisSerializer implements RedisSerializer
{
return new byte[0];
}
- return JSON.toJSONString(t, SerializerFeature.WriteClassName).getBytes(DEFAULT_CHARSET);
+ return JSON.toJSONString(t, JSONWriter.Feature.WriteClassName).getBytes(DEFAULT_CHARSET);
}
@Override
@@ -55,17 +48,6 @@ public class FastJson2JsonRedisSerializer implements RedisSerializer
}
String str = new String(bytes, DEFAULT_CHARSET);
- return JSON.parseObject(str, clazz);
- }
-
- public void setObjectMapper(ObjectMapper objectMapper)
- {
- Assert.notNull(objectMapper, "'objectMapper' must not be null");
- this.objectMapper = objectMapper;
- }
-
- protected JavaType getJavaType(Class clazz)
- {
- return TypeFactory.defaultInstance().constructType(clazz);
+ return JSON.parseObject(str, clazz, AUTO_TYPE_FILTER);
}
}
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/RedisConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/RedisConfig.java
index 833f219..151be1b 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/RedisConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/RedisConfig.java
@@ -8,15 +8,10 @@ import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.script.DefaultRedisScript;
import org.springframework.data.redis.serializer.StringRedisSerializer;
-import com.fasterxml.jackson.annotation.JsonAutoDetect;
-import com.fasterxml.jackson.annotation.JsonTypeInfo;
-import com.fasterxml.jackson.annotation.PropertyAccessor;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.jsontype.impl.LaissezFaireSubTypeValidator;
/**
* redis配置
- *
+ *
* @author ruoyi
*/
@Configuration
@@ -32,11 +27,6 @@ public class RedisConfig extends CachingConfigurerSupport
FastJson2JsonRedisSerializer serializer = new FastJson2JsonRedisSerializer(Object.class);
- ObjectMapper mapper = new ObjectMapper();
- mapper.setVisibility(PropertyAccessor.ALL, JsonAutoDetect.Visibility.ANY);
- mapper.activateDefaultTyping(LaissezFaireSubTypeValidator.instance, ObjectMapper.DefaultTyping.NON_FINAL, JsonTypeInfo.As.PROPERTY);
- serializer.setObjectMapper(mapper);
-
// 使用StringRedisSerializer来序列化和反序列化redis的key值
template.setKeySerializer(new StringRedisSerializer());
template.setValueSerializer(serializer);