6 changed files with 285 additions and 5 deletions
@ -0,0 +1,107 @@ |
|||||
|
package com.qs.serve.common.util; |
||||
|
|
||||
|
import lombok.extern.slf4j.Slf4j; |
||||
|
import org.springframework.util.StringUtils; |
||||
|
|
||||
|
import java.sql.*; |
||||
|
import java.util.ArrayList; |
||||
|
import java.util.HashMap; |
||||
|
import java.util.List; |
||||
|
import java.util.Map; |
||||
|
|
||||
|
/** |
||||
|
* 原生JDBC工具类 |
||||
|
* @Author JcYen |
||||
|
* @Date 2021/6/4 |
||||
|
*/ |
||||
|
@Slf4j |
||||
|
public class JdbcUtil { |
||||
|
|
||||
|
private static final String[] FILTER_WORD = new String[]{"truncate","create","alter","eval","delete","sp_password"}; |
||||
|
|
||||
|
/** |
||||
|
* 执行SQL(为安全,拦截delete语句) |
||||
|
* @param username |
||||
|
* @param password |
||||
|
* @param url |
||||
|
* @param driverName |
||||
|
* @param sql |
||||
|
* @return |
||||
|
*/ |
||||
|
public static List<Map<String,Object>> query(String username, String password, String url, String driverName, String sql) { |
||||
|
//检查SQL,防止SQL执行DDL语句
|
||||
|
doSqlFilter(sql); |
||||
|
List<Map<String,Object>> list = new ArrayList(); |
||||
|
Connection conn = null; |
||||
|
Statement stmt = null; |
||||
|
ResultSet rs = null; |
||||
|
try { |
||||
|
Class.forName(driverName); |
||||
|
conn = DriverManager.getConnection(url, username, password); |
||||
|
stmt = conn.createStatement(); |
||||
|
log.debug("JDBC工具类 Preparing SQL: {}",url); |
||||
|
rs = stmt.executeQuery(sql); |
||||
|
ResultSetMetaData md = rs.getMetaData(); |
||||
|
int columnCount = md.getColumnCount(); |
||||
|
while (rs.next()) { |
||||
|
Map<String,Object> rowData = new HashMap<>(); |
||||
|
for (int i = 1; i <= columnCount; i++) { |
||||
|
rowData.put(md.getColumnName(i), rs.getObject(i)); |
||||
|
} |
||||
|
list.add(rowData); |
||||
|
} |
||||
|
} catch (ClassNotFoundException e) { |
||||
|
log.warn(e.getMessage()); |
||||
|
} catch (SQLException throwables) { |
||||
|
log.error(throwables.getMessage()); |
||||
|
}finally { |
||||
|
if(rs!=null){ |
||||
|
try { |
||||
|
rs.close(); |
||||
|
} catch (SQLException e) { |
||||
|
e.printStackTrace(); |
||||
|
} |
||||
|
} |
||||
|
if (stmt!=null){ |
||||
|
try { |
||||
|
stmt.close(); |
||||
|
} catch (SQLException e) { |
||||
|
e.printStackTrace(); |
||||
|
} |
||||
|
} |
||||
|
if(conn!=null){ |
||||
|
try { |
||||
|
conn.close(); |
||||
|
} catch (SQLException e) { |
||||
|
e.printStackTrace(); |
||||
|
} |
||||
|
} |
||||
|
rs = null; |
||||
|
stmt = null; |
||||
|
conn = null; |
||||
|
} |
||||
|
return list; |
||||
|
} |
||||
|
|
||||
|
private static void doSqlFilter(String sql){ |
||||
|
boolean unsafe = false; |
||||
|
String[] parts = sql.split(" "); |
||||
|
for (String part : parts) { |
||||
|
if(unsafe){ break; } |
||||
|
if(StringUtils.isEmpty(part)){ |
||||
|
continue; |
||||
|
} |
||||
|
part = part.trim(); |
||||
|
for (String filterWord : FILTER_WORD) { |
||||
|
if(part.equalsIgnoreCase(filterWord)){ |
||||
|
unsafe = true; |
||||
|
break; |
||||
|
} |
||||
|
} |
||||
|
} |
||||
|
if(unsafe){ |
||||
|
//AssertUtil.("非法SQL被拦截 ==> "+sql);
|
||||
|
} |
||||
|
} |
||||
|
|
||||
|
} |
||||
@ -0,0 +1,50 @@ |
|||||
|
package com.qs.serve.modules.erp.controller; |
||||
|
|
||||
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; |
||||
|
import com.qs.serve.common.model.dto.PageVo; |
||||
|
import com.qs.serve.common.model.dto.R; |
||||
|
import com.qs.serve.common.util.PageUtil; |
||||
|
import com.qs.serve.modules.bms.entity.BmsSupplier; |
||||
|
import com.qs.serve.modules.bms.service.BmsSupplierService; |
||||
|
import com.qs.serve.modules.erp.entity.dto.ErpCustomerAmountResult; |
||||
|
import com.qs.serve.modules.erp.service.ErpCustomerService; |
||||
|
import com.qs.serve.modules.goods.entity.GoodsBrand; |
||||
|
import lombok.AllArgsConstructor; |
||||
|
import lombok.extern.slf4j.Slf4j; |
||||
|
import org.springframework.security.access.prepost.PreAuthorize; |
||||
|
import org.springframework.web.bind.annotation.GetMapping; |
||||
|
import org.springframework.web.bind.annotation.PathVariable; |
||||
|
import org.springframework.web.bind.annotation.RequestMapping; |
||||
|
import org.springframework.web.bind.annotation.RestController; |
||||
|
|
||||
|
|
||||
|
/** |
||||
|
* ERP客户 |
||||
|
* @author YenHex |
||||
|
* @since 2023/9/5 |
||||
|
*/ |
||||
|
@Slf4j |
||||
|
@AllArgsConstructor |
||||
|
@RestController |
||||
|
@RequestMapping("erp/customer") |
||||
|
public class ErpCustomerController { |
||||
|
|
||||
|
private final ErpCustomerService erpCustomerService; |
||||
|
private final BmsSupplierService supplierService; |
||||
|
|
||||
|
/** |
||||
|
* 获取客户帐余 |
||||
|
* @param code |
||||
|
* @return |
||||
|
*/ |
||||
|
@GetMapping("/getAmount/{code}") |
||||
|
public R<ErpCustomerAmountResult> getAmount(@PathVariable String code){ |
||||
|
BmsSupplier supplier = supplierService.getByCode(code,null); |
||||
|
if(supplier!=null){ |
||||
|
ErpCustomerAmountResult amountResult = erpCustomerService.getCustomerAmount(code); |
||||
|
return R.ok(amountResult); |
||||
|
} |
||||
|
return R.error(); |
||||
|
} |
||||
|
|
||||
|
} |
||||
@ -0,0 +1,19 @@ |
|||||
|
package com.qs.serve.modules.erp.entity.dto; |
||||
|
|
||||
|
import lombok.Data; |
||||
|
|
||||
|
import java.math.BigDecimal; |
||||
|
|
||||
|
/** |
||||
|
* @author YenHex |
||||
|
* @since 2023/9/5 |
||||
|
*/ |
||||
|
@Data |
||||
|
public class ErpCustomerAmountResult { |
||||
|
|
||||
|
/** |
||||
|
* 余额 |
||||
|
*/ |
||||
|
BigDecimal amount; |
||||
|
|
||||
|
} |
||||
@ -0,0 +1,18 @@ |
|||||
|
package com.qs.serve.modules.erp.service; |
||||
|
|
||||
|
import com.qs.serve.modules.erp.entity.dto.ErpCustomerAmountResult; |
||||
|
|
||||
|
/** |
||||
|
* @author YenHex |
||||
|
* @since 2023/9/5 |
||||
|
*/ |
||||
|
public interface ErpCustomerService { |
||||
|
|
||||
|
/** |
||||
|
* 获取客户帐余额 |
||||
|
* @param supplierCode |
||||
|
* @return |
||||
|
*/ |
||||
|
ErpCustomerAmountResult getCustomerAmount(String supplierCode); |
||||
|
|
||||
|
} |
||||
@ -0,0 +1,86 @@ |
|||||
|
package com.qs.serve.modules.erp.service.impl; |
||||
|
|
||||
|
import cn.hutool.core.collection.CollectionUtil; |
||||
|
import cn.hutool.crypto.Mode; |
||||
|
import cn.hutool.crypto.Padding; |
||||
|
import cn.hutool.crypto.symmetric.AES; |
||||
|
import com.qs.serve.common.util.JdbcUtil; |
||||
|
import com.qs.serve.modules.erp.entity.dto.ErpCustomerAmountResult; |
||||
|
import com.qs.serve.modules.erp.service.ErpCustomerService; |
||||
|
import lombok.AllArgsConstructor; |
||||
|
import lombok.extern.slf4j.Slf4j; |
||||
|
import org.springframework.stereotype.Service; |
||||
|
|
||||
|
import java.math.BigDecimal; |
||||
|
import java.util.List; |
||||
|
import java.util.Map; |
||||
|
|
||||
|
/** |
||||
|
* @author YenHex |
||||
|
* @since 2023/9/5 |
||||
|
*/ |
||||
|
@Slf4j |
||||
|
@Service |
||||
|
@AllArgsConstructor |
||||
|
public class ErpCustomerServiceImpl implements ErpCustomerService { |
||||
|
|
||||
|
@Override |
||||
|
public ErpCustomerAmountResult getCustomerAmount(String supplierCode) { |
||||
|
String iv = "1234567812345678"; |
||||
|
AES aes = new AES(Mode.CBC, Padding.PKCS5Padding, iv.getBytes(), iv.getBytes()); |
||||
|
String driverName = "com.microsoft.sqlserver.jdbc.SQLServerDriver"; |
||||
|
String url = "jdbc:sqlserver://59.37.164.96:14333;DatabaseName=UFDATA_001_2020"; |
||||
|
String username = "sa"; |
||||
|
String password = aes.decryptStr("h7wNWH4mf7mzmLZmkYgIdA=="); |
||||
|
String tmpTableName = "z_qs_cus_"+supplierCode; |
||||
|
ErpCustomerAmountResult amountResult = new ErpCustomerAmountResult(); |
||||
|
String sql = "DECLARE @return_value int " + |
||||
|
" EXEC @return_value = [dbo].[Sa_saleCreReport] " + |
||||
|
" @tmptableName = '"+tmpTableName+"'," + |
||||
|
" @repStytle = 1, " + |
||||
|
" @chrWhereDate = NULL, " + |
||||
|
" @chrWhereCus = \"and ccuscode = '"+supplierCode+"'\"," + |
||||
|
" @chrWhereDep = NULL, " + |
||||
|
" @chrWherePer = NULL, " + |
||||
|
" @chrCreSys = N'SA', " + |
||||
|
" @chrWhereOth = NULL " + |
||||
|
" SELECT 'Return Value' = @return_value"; |
||||
|
List<Map<String,Object>> result = JdbcUtil.query(username,password,url,driverName,sql); |
||||
|
int rsNum = -1; |
||||
|
if(CollectionUtil.isNotEmpty(result)){ |
||||
|
for (Map<String, Object> objectMap : result) { |
||||
|
for (String key : objectMap.keySet()) { |
||||
|
Object obj = objectMap.get(key); |
||||
|
if(obj!=null&&obj.toString().equals("0")){ |
||||
|
rsNum = 0; |
||||
|
break; |
||||
|
} |
||||
|
} |
||||
|
} |
||||
|
} |
||||
|
if(rsNum==0){ |
||||
|
String sql4Data = "Select * from tempdb.."+tmpTableName+" order by '单据日期' desc"; |
||||
|
List<Map<String,Object>> resultList = JdbcUtil.query(username,password,url,driverName,sql4Data); |
||||
|
if(CollectionUtil.isNotEmpty(resultList)){ |
||||
|
BigDecimal sumBalance = BigDecimal.ZERO; |
||||
|
for (Map<String, Object> objectMap : resultList) { |
||||
|
Object obj = objectMap.get("信用余额"); |
||||
|
if(obj!=null){ |
||||
|
BigDecimal objBal = new BigDecimal(obj.toString().trim()); |
||||
|
sumBalance = sumBalance.add(objBal); |
||||
|
} |
||||
|
} |
||||
|
dropTmpTable(tmpTableName,username,password,url,driverName); |
||||
|
amountResult.setAmount(sumBalance); |
||||
|
} |
||||
|
dropTmpTable(tmpTableName,username,password,url,driverName); |
||||
|
} |
||||
|
return amountResult; |
||||
|
} |
||||
|
|
||||
|
|
||||
|
private void dropTmpTable(String tmpTable,String username,String password,String url,String driverName){ |
||||
|
String sql = "drop table tempdb.."+tmpTable; |
||||
|
JdbcUtil.query(username,password,url,driverName,sql); |
||||
|
} |
||||
|
} |
||||
Loading…
Reference in new issue