 humanleft
|
7a2edf5fa2
|
fix(mapper): 修复 SysControllerMapper XML id 与接口方法名不一致
selectjingweidu → selectCoordinates,与 Java 接口定义保持一致。
|
hace 3 semanas |
|
humanleft
|
9ef8ad942c
|
refactor: 全面规范化项目命名
变量名:
- weather → faultData(消除误导性命名)
- jingdu/weidu → longitude/latitude(消除中文拼音)
- jingduValue/weiduValue → longitudeValue/latitudeValue
- tdEngineshuju → tdEngineData(消除中文拼音)
- companyid → companyId
- controllername → controllerName
- tablename → tableNames
方法名(camelCase 规范化):
- selectall → selectAll
- insertfault → insertFault, updatefault → updateFault
- insertalarm → insertAlarm
- createmessage → createMessage
- selecttables → selectTables, inserttables → insertTables
- selectjingweidu → selectCoordinates(消除中文拼音)
- triggermethod → triggerMethod
- 等 40+ 个 mapper/service 方法名
类名:
- Sysrealtime → SysRealtime
- SysrealtimeMapper → SysRealtimeMapper
- SysrealtimeService → SysRealtimeService
- 所有引用同步更新
|
hace 3 semanas |
|
humanleft
|
280890b8dc
|
fix(security): 修复 CRITICAL/HIGH 安全漏洞并全面优化代码质量
安全修复:
- MqttFaultConsumer: 修复 SSRF 漏洞,使用 UriComponentsBuilder + controllerId 白名单
- TdEngineService: 修复 SQL 注入,information_schema 查询改用 PreparedStatement
- TdEngineService: 收紧 ALLOWED_COLUMNS 正则,仅允许 ASCII 字母数字下划线
- TdEngineService: 修复静默数据丢失,超长字符串截断存储而非返回 NULL
- TdEngineAlarm: SQL 查询参数化,防止注入
- MqttFaultConsumer/MqttDynamicConsumer: topic/controllerId/dbName 白名单校验
- SysDeviceService: 添加表名校验
代码质量:
- 统一使用 Fastjson2 替代 Jackson ObjectMapper
- Domain 类字段全部改为 private(13 个类)
- topics.java 重命名为 Topics.java
- SimpleDateFormat 替换为线程安全的 DateTimeFormatter
- 提取魔法数字为常量(DEFAULT_BATCH_SIZE 等)
- SysWorkorderMapper.xml 修复 SQL 逻辑错误(AND/OR 括号)
- SysIndicatorsMapper.xml 修正字段名 createtime -> createdata
- SysControllerService 移除 Service 层 @Param 注解
- MqttGenericConsumer 提取过长方法
- NumericIdGenerator 支持 @Value 注入 workerId/dataCenterId
- 空 catch 块补充日志
日志级别优化:
- WARN 31 -> 9 (-71%),数据校验/格式问题降级为 INFO
- INFO 28 -> 50 (+79%),正常业务流使用 INFO
- ERROR 37 -> 33 (-11%),仅最终失败使用 ERROR
|
hace 3 semanas |
 lenovo
|
e03f53003c
|
docs: update CLAUDE.md with security, MQTT, and lock improvements
|
hace 4 semanas |
|
lenovo
|
3785254b58
|
docs: update CLAUDE.md with security, MQTT, and lock improvements
|
hace 4 semanas |
|
humanleft
|
0fd6162ee1
|
refactor: CRITICAL/HIGH fixes — security, concurrency, resource leaks, input validation
Security:
- Remove hardcoded password fallbacks from application-druid.yml
- Add table name whitelist validation to SysFaultService & SysAlarmService
- Externalize VehicleSyncTask webhook URL to IotProperties config
Concurrency & Resource Management:
- Fix AbstractMqttConsumer reconnect/disconnect race (synchronized)
- Fix MqttClient resource leaks in disconnect() with separate try blocks
- Fix AbstractDynamicMqttConsumer broken-state MqttClient reuse
- Fix TDengineService stableColumnCache unbounded growth (MAX_CACHE_SIZE=1000)
Input Validation:
- Add null/empty checks to MqttGenericConsumer (controllerId, path, timestamp)
- Add null/empty checks to MqttFaultConsumer (controllerId, deviceId, type, desc)
- Guard against ArrayIndexOutOfBoundsException on topic path split
Tests:
- Update VehicleSyncTaskTest for new IotProperties constructor param
- All 79 tests pass, build succeeds
|
hace 4 semanas |
|
humanleft
|
992ee7540f
|
refactor: strip RuoYi, create standalone iot-platform module
- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
- Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
- Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
- Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers
|
hace 1 mes |
|
humanleft
|
c3c35ae204
|
refactor: P0-P2 security, quality, deployment overhaul
Security (P0):
- Remove hardcoded MySQL password from SysrealtimeService
- Add table name whitelist validation (regex + length limit)
- Validate ${tableName} in SysrealtimeMapper.xml
- Externalize all credentials to .env file
- Fix unbounded thread pools in MQTT consumers
- Fix mysqlWritePool leak in MqttFaultConsumer
Quality (P1):
- Extract AbstractMqttConsumer base class (-500+ duplicate lines)
- Refactor VehicleSyncTask: SCAN instead of KEYS, batch ops,
RestTemplate timeout, loop-invariant extraction
- Add unit tests (RedisKeys, SysrealtimeService, MqttConsumer)
Architecture (P2):
- Add Spring Boot Actuator (/actuator/health)
- Create RedisKeys constants class for key namespace
- Add .env.example and start.sh for local development
Deployment:
- Add systemd service (iot-platform.service)
- Add deploy.sh with build, upload, backup, health check, rollback
- Add setup-server.sh for server initialization
- Add health-check.sh (Actuator + TCP port fallback)
Docs:
- Update CLAUDE.md for standalone iot-platform architecture
- Update README.md with build/deploy instructions
- Add deploy/README.md
|
hace 4 semanas |
|
humanleft
|
af91b4c759
|
refactor: strip RuoYi, create standalone iot-platform module
- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
- Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
- Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
- Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers
|
hace 1 mes |
|
humanleft
|
9a4dca84c5
|
refactor: strip RuoYi, create standalone iot-platform module
- Delete 6 legacy RuoYi modules (ruoyi-admin/framework/system/common/quartz/generator)
- Create new iot-platform Spring Boot 2.5.15 module with all IoT business
- Migrate 5 MQTT consumers, VehicleSyncTask, 14 services, 15 domains/mappers
- P0 security fixes:
- Replace string-concat SQL with field whitelist + escapeValue in TDengineService, DynamicSqlProvider, TDegnineAlarm
- Externalize hardcoded MQTT/TDengine credentials to application.yml via IotProperties
- Fix thread-unsafe static shared Connection/Statement in TDegnineAlarm (use per-method connections)
- Logging normalization: replace 148 System.out/err.println with SLF4J, add logback-spring.xml (100MB rolling, 30d retention)
- Dead code cleanup: NumericIdGenerator (238→65 lines), merge TDengineConnecting into TDengineService
- Verified: mvn clean package passes, app boots with all 5 MQTT consumers
|
hace 1 mes |
