"CVE-2022-36157"授权漏洞修复。
This commit is contained in:
xuxueli
parent
4cd8636b7d
commit
730c1066b8
|
|
@ -2303,11 +2303,9 @@ public void execute() {
|
||||||
|
|
||||||
### 7.33 版本 v2.4.0 Release Notes[规划中]
|
### 7.33 版本 v2.4.0 Release Notes[规划中]
|
||||||
- 1、【优化】执行器任务Bean扫描逻辑优化:解决懒加载注解失效问题。
|
- 1、【优化】执行器任务Bean扫描逻辑优化:解决懒加载注解失效问题。
|
||||||
- 2、【优化】[规划中]任务日志重构:一次调度只记录一条主任务,维护起止时间和状态。
|
- 2、【优化】多个项目依赖升级至较新稳定版本,涉及netty、groovy、spring、springboot、mybatis等;
|
||||||
- 普通任务:只记录一条主任务;
|
- 3、【修复】"CVE-2022-36157"授权漏洞修复。
|
||||||
- 广播任务:记录一条主任务,每个分片任务记录一条次任务,关联在主任务上;
|
|
||||||
- 重试任务:失败时,新增主任务。所有调度记录,包括入口调度和重试调度,均挂载主任务上。
|
|
||||||
- 3、【优化】[规划中]分片任务:全部完成后才会出发后置节点;
|
|
||||||
|
|
||||||
### 7.34 新版本规划 [规划中]
|
### 7.34 新版本规划 [规划中]
|
||||||
- 1、[规划中]DAG流程任务
|
- 1、[规划中]DAG流程任务
|
||||||
|
|
@ -2317,6 +2315,11 @@ public void execute() {
|
||||||
- 3、[规划中]告警增强:邮件告警 + webhook告警;
|
- 3、[规划中]告警增强:邮件告警 + webhook告警;
|
||||||
- 4、[规划中]安全强化:AccessToken动态生成、动态启停;控制调度、回调;
|
- 4、[规划中]安全强化:AccessToken动态生成、动态启停;控制调度、回调;
|
||||||
- 5、[规划中]任务导入导出工具,灵活支持版本升级、迁移等场景。
|
- 5、[规划中]任务导入导出工具,灵活支持版本升级、迁移等场景。
|
||||||
|
- 6、【优化】[规划中]任务日志重构:一次调度只记录一条主任务,维护起止时间和状态。
|
||||||
|
- 普通任务:只记录一条主任务;
|
||||||
|
- 广播任务:记录一条主任务,每个分片任务记录一条次任务,关联在主任务上;
|
||||||
|
- 重试任务:失败时,新增主任务。所有调度记录,包括入口调度和重试调度,均挂载主任务上。
|
||||||
|
- 7、【优化】[规划中]分片任务:全部完成后才会出发后置节点;
|
||||||
|
|
||||||
### TODO LIST
|
### TODO LIST
|
||||||
- 1、任务分片路由:分片采用一致性Hash算法计算出尽量稳定的分片顺序,即使注册机器存在波动也不会引起分批分片顺序大的波动;目前采用IP自然排序,可以满足需求,待定;
|
- 1、任务分片路由:分片采用一致性Hash算法计算出尽量稳定的分片顺序,即使注册机器存在波动也不会引起分批分片顺序大的波动;目前采用IP自然排序,可以满足需求,待定;
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
package com.xxl.job.admin.controller;
|
package com.xxl.job.admin.controller;
|
||||||
|
|
||||||
|
import com.xxl.job.admin.controller.annotation.PermissionLimit;
|
||||||
import com.xxl.job.admin.core.model.XxlJobGroup;
|
import com.xxl.job.admin.core.model.XxlJobGroup;
|
||||||
import com.xxl.job.admin.core.model.XxlJobRegistry;
|
import com.xxl.job.admin.core.model.XxlJobRegistry;
|
||||||
import com.xxl.job.admin.core.util.I18nUtil;
|
import com.xxl.job.admin.core.util.I18nUtil;
|
||||||
|
|
@ -34,12 +35,14 @@ public class JobGroupController {
|
||||||
private XxlJobRegistryDao xxlJobRegistryDao;
|
private XxlJobRegistryDao xxlJobRegistryDao;
|
||||||
|
|
||||||
@RequestMapping
|
@RequestMapping
|
||||||
|
@PermissionLimit(adminuser = true)
|
||||||
public String index(Model model) {
|
public String index(Model model) {
|
||||||
return "jobgroup/jobgroup.index";
|
return "jobgroup/jobgroup.index";
|
||||||
}
|
}
|
||||||
|
|
||||||
@RequestMapping("/pageList")
|
@RequestMapping("/pageList")
|
||||||
@ResponseBody
|
@ResponseBody
|
||||||
|
@PermissionLimit(adminuser = true)
|
||||||
public Map<String, Object> pageList(HttpServletRequest request,
|
public Map<String, Object> pageList(HttpServletRequest request,
|
||||||
@RequestParam(required = false, defaultValue = "0") int start,
|
@RequestParam(required = false, defaultValue = "0") int start,
|
||||||
@RequestParam(required = false, defaultValue = "10") int length,
|
@RequestParam(required = false, defaultValue = "10") int length,
|
||||||
|
|
@ -59,6 +62,7 @@ public class JobGroupController {
|
||||||
|
|
||||||
@RequestMapping("/save")
|
@RequestMapping("/save")
|
||||||
@ResponseBody
|
@ResponseBody
|
||||||
|
@PermissionLimit(adminuser = true)
|
||||||
public ReturnT<String> save(XxlJobGroup xxlJobGroup){
|
public ReturnT<String> save(XxlJobGroup xxlJobGroup){
|
||||||
|
|
||||||
// valid
|
// valid
|
||||||
|
|
@ -102,6 +106,7 @@ public class JobGroupController {
|
||||||
|
|
||||||
@RequestMapping("/update")
|
@RequestMapping("/update")
|
||||||
@ResponseBody
|
@ResponseBody
|
||||||
|
@PermissionLimit(adminuser = true)
|
||||||
public ReturnT<String> update(XxlJobGroup xxlJobGroup){
|
public ReturnT<String> update(XxlJobGroup xxlJobGroup){
|
||||||
// valid
|
// valid
|
||||||
if (xxlJobGroup.getAppname()==null || xxlJobGroup.getAppname().trim().length()==0) {
|
if (xxlJobGroup.getAppname()==null || xxlJobGroup.getAppname().trim().length()==0) {
|
||||||
|
|
@ -170,6 +175,7 @@ public class JobGroupController {
|
||||||
|
|
||||||
@RequestMapping("/remove")
|
@RequestMapping("/remove")
|
||||||
@ResponseBody
|
@ResponseBody
|
||||||
|
@PermissionLimit(adminuser = true)
|
||||||
public ReturnT<String> remove(int id){
|
public ReturnT<String> remove(int id){
|
||||||
|
|
||||||
// valid
|
// valid
|
||||||
|
|
@ -189,6 +195,7 @@ public class JobGroupController {
|
||||||
|
|
||||||
@RequestMapping("/loadById")
|
@RequestMapping("/loadById")
|
||||||
@ResponseBody
|
@ResponseBody
|
||||||
|
@PermissionLimit(adminuser = true)
|
||||||
public ReturnT<XxlJobGroup> loadById(int id){
|
public ReturnT<XxlJobGroup> loadById(int id){
|
||||||
XxlJobGroup jobGroup = xxlJobGroupDao.load(id);
|
XxlJobGroup jobGroup = xxlJobGroupDao.load(id);
|
||||||
return jobGroup!=null?new ReturnT<XxlJobGroup>(jobGroup):new ReturnT<XxlJobGroup>(ReturnT.FAIL_CODE, null);
|
return jobGroup!=null?new ReturnT<XxlJobGroup>(jobGroup):new ReturnT<XxlJobGroup>(ReturnT.FAIL_CODE, null);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue