Java接口漏洞修复:参数验证、异常处理和代码优化
@PostMapping({"/startArchive3"}) public JsonResult startArchive3(@RequestBody Map map ){ try { if (map == null || map.isEmpty()) { return JsonResult.getFailResult("参数不能为空"); }
String workId = map.get("workId").toString();
Object instId2 = map.get("instId");
JsonResult handoverBasic = organizationClient.getHandoverBasicByNameOrWorkId(workId);
List data1 = (List) handoverBasic.getData();
Map data2 = null;
if (data1.size() > 0) {
for (int i = 0; i < data1.size(); i++) {
Map data = (Map) data1.get(i);
if (data.containsKey("instId") && data.get("instId") != null) {
if (BeanUtil.isNotEmpty(instId2)) {
if (instId2.equals(data.get("instId").toString())) {
data2 = data;
break;
}
} else {
data2 = data;
break;
}
}
}
} else {
map.put("error","error");
organizationClient.addBasicLog(map);
return JsonResult.getFailResult("查不到数据" + workId);
}
String instId = data2.get("instId").toString();
List<BpmInstData> bpmInstDatas = bpmInstDataService.getByInstId(instId);
if (bpmInstDatas.isEmpty()) {
map.put("error","error");
organizationClient.addBasicLog(map);
return JsonResult.getFailResult("查不到流程数据:" + workId);
}
BpmInstData bpmInstData = bpmInstDatas.get(0);
JsonResult result = formClient.getByAlias(bpmInstData.getBodefAlias(), bpmInstData.getPk(), true);
JSONObject formData = new JSONObject(result.getData());
BpmInstDetail detail = bpmInstService.getInstDetail(instId, "NO", false, "");
List<BpmCheckHistory> history = bpmCheckHistoryService.getByInstId(instId);
String interView = "";
if (data2.get("leaveInterviewId") != null) {
interView = data2.get("leaveInterviewId").toString();
Map<String,Object> params2 = new HashMap<>();
params2.put("id",interView);
JsonResult jsonResult = organizationClient.queryInterview2(params2);
params3.put("interview",jsonResult.getData());
}
Map<String,Object> params3 = new HashMap<>();
params3.put("detail",detail);
params3.put("history",history);
params3.put("formData",result.getData());
organizationClient.addBasicLog(params3);
JsonResult jsonResult1 = archiveClient.addFirst(params3);
if (jsonResult1.getCode() == 500) {
map.put("error","error");
organizationClient.addBasicLog(map);
}
return jsonResult1;
} catch (Exception e) {
map.put("error","error");
organizationClient.addBasicLog(map);
e.printStackTrace();
return JsonResult.getFailResult("归档错误");
}
}
原文地址: https://www.cveoy.top/t/topic/myM1 著作权归作者所有。请勿转载和采集!