Mqy
/
yubb-saas-master
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Attività
云链智安
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commit
1 Ramo (Branch)
Albero (Tree): 5c19fe5d83
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da '5c19fe5d83'
${ noResults }
yubb-saas-master/CLAUDE.md

CLAUDE.md 3.2KB
Cronologia Originale

CLAUDE.md

This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.

Build & Run Commands

# Build (from yubb-saas-master directory)
mvn clean package -Dmaven.test.skip=true

# Run a single test
mvn test -Dtest=TestClassName -pl yubb-module

# Run (from yubb-saas-master/yubb-admin/target)
java -jar -Xms256m -Xmx1024m yubb-admin.jar

# Linux startup script (from yubb-saas-master)
./yb.sh {start|stop|restart|status}
  • Profile is controlled via application-{dev,test,prod}.yml (activated by Maven profile -Pdev, -Ptest, -Pprod)
  • Main application class: com.yubb.YuBbApplication
  • Swagger UI: http://host/swagger-ui.html

Architecture

Multi-Module Structure

  • yubb-admin — Web entry point. Controllers, Swagger config, MinIO, WeChat MP, MQTT integrations
  • yubb-framework — Shiro security (ShiroConfig, realms, session management, filters), multi-tenancy filter (YubbTenantLineHandler), data-source routing, exception handling, async manager
  • yubb-system — Domain/mapper/service for platform (multi-tenant) and saas (per-tenant) entities. Each has DTO, VO, Entity, Mapper, Service layers
  • yubb-quartz — Scheduled job support
  • yubb-generator — Code generation from database tables
  • yubb-common — Annotations (@Log, @DataScope, @PlatformDataScope, @Excel, @RepeatSubmit), exceptions, page utilities (TableDataInfo), JSON helpers

Multi-Tenancy

Tenancy is implemented via a tenant_id column. The tenantFilter in application.yml lists tables that must be filtered. YubbTenantLineHandler (MyBatis-plus interceptor) automatically injects tenant condition into queries. Two realms exist: UserRealm (saas per-tenant) and PlatformUserRealm (platform-level).

Data Model Conventions

  • domain/ — Entity classes
  • domain/dto/ — Data transfer objects
  • domain/vo/ — View objects
  • mapper/ — MyBatis-plus mappers
  • service/ + service/impl/ — Service interface + implementation

Key Technologies

  • Java 8 / Spring Boot 2.5.6
  • Shiro 1.7.1 for authentication/authorization
  • MyBatis-plus 3.5.3 for data access
  • Druid for connection pooling
  • Redis for caching/sessions
  • EhCache for Shiro session caching (ehcache-shiro.xml)
  • MinIO for file storage
  • TDengine for time-series data
  • MQTT (Eclipse Paho) for messaging
  • WeChat MP (wx-java) for official account integration
  • Dozer for object mapping

Security

  • Shiro realms handle login (SysLoginService) and permission (PermissionService)
  • KickoutSessionFilter prevents duplicate sessions
  • PlatformLogoutFilter / LogoutFilter handle logout
  • XSS filtering via xss.enabled config (currently false — IMPROVEMENTS.md documents this as P1 issue)

Web Layer

Controllers live under com.yubb.web.controller with sub-packages: platform/ (tenant-aware), system/ (saas), monitor/, tool/, demo/.

Known Issues (see IMPROVEMENTS.md for full details)

  • P0 Security: Multi-tenant isolation gaps, SQL injection risk in DynamicSqlProvider, hardcoded secrets
  • P1: Admin bypass, XSS protection disabled, HttpOnly cookie not set
  • No unit tests currently exist

SQL Scripts

SQL migration files are in sql/ directory.