From 6d66941df83594f9549d22d29cda8681f77747af Mon Sep 17 00:00:00 2001 From: ether Date: Thu, 2 Jul 2026 17:49:18 +0800 Subject: [PATCH] =?UTF-8?q?fix(pms-base):=20ce-code-review=20=E4=BF=AE?= =?UTF-8?q?=E5=A4=8D=20V13=20=E6=95=B0=E6=8D=AE=E7=B2=BE=E5=BA=A6=20+=20ro?= =?UTF-8?q?omIds=20=E9=95=BF=E5=BA=A6=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit P1 数据精度 bug:V13 迁移原顺序为 ALTER(DECIMAL→BIGINT) 先于 UPDATE(×100),MySQL 在 ALTER 时对 DECIMAL→BIGINT 四舍五入会丢失 分位,再 ×100 放大误差(如 1000.50 → 1001 → 100100,应为 100050)。 修复:调整为 UPDATE 先(×100 时仍为 DECIMAL 无精度损失),ALTER 后 (值为整数,BIGINT 转换无舍入)。 P2 安全发现:EnterpriseSaveRequest.roomIds 缺少 @Size 约束,补充 max=500 限制避免超长字符串攻击。 Tests: BUILD SUCCESSFUL, 357 tests, 0 failures. --- .../com/pms/base/dto/EnterpriseSaveRequest.java | 1 + .../V13__migrate_amount_to_long_fen.sql | 17 +++++++++-------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/backend/pms-base/src/main/java/com/pms/base/dto/EnterpriseSaveRequest.java b/backend/pms-base/src/main/java/com/pms/base/dto/EnterpriseSaveRequest.java index 14c618b..a18a992 100644 --- a/backend/pms-base/src/main/java/com/pms/base/dto/EnterpriseSaveRequest.java +++ b/backend/pms-base/src/main/java/com/pms/base/dto/EnterpriseSaveRequest.java @@ -40,6 +40,7 @@ public class EnterpriseSaveRequest implements Serializable { @Size(max = 255, message = "经营范围长度不能超过255") private String businessScope; + @Size(max = 500, message = "承租房间ID列表长度不能超过500") private String roomIds; private Integer status; diff --git a/backend/pms-base/src/main/resources/db/migration/V13__migrate_amount_to_long_fen.sql b/backend/pms-base/src/main/resources/db/migration/V13__migrate_amount_to_long_fen.sql index 57c7f31..b39dbba 100644 --- a/backend/pms-base/src/main/resources/db/migration/V13__migrate_amount_to_long_fen.sql +++ b/backend/pms-base/src/main/resources/db/migration/V13__migrate_amount_to_long_fen.sql @@ -1,38 +1,39 @@ -- V13: BigDecimal 金额字段迁移到 Long(分) -- 仅迁移金额字段,非金额 BigDecimal(面积/比例/经纬度/仪表读数)保持不变 -- 值转换:DECIMAL(15,2) 元 → BIGINT 分(× 100,四舍五入) +-- 注意:UPDATE 必须在 ALTER 之前执行,否则 DECIMAL→BIGINT 转换会先四舍五入丢失分位 -- t_contract: amount, deposit +UPDATE t_contract SET amount = ROUND(amount * 100, 0), deposit = ROUND(deposit * 100, 0); ALTER TABLE t_contract MODIFY COLUMN amount BIGINT NOT NULL DEFAULT 0 COMMENT '合同金额(分)'; ALTER TABLE t_contract MODIFY COLUMN deposit BIGINT NOT NULL DEFAULT 0 COMMENT '押金(分)'; -UPDATE t_contract SET amount = ROUND(amount * 100, 0), deposit = ROUND(deposit * 100, 0); -- t_lease_contract: rent_amount, deposit +UPDATE t_lease_contract SET rent_amount = ROUND(rent_amount * 100, 0), deposit = ROUND(deposit * 100, 0); ALTER TABLE t_lease_contract MODIFY COLUMN rent_amount BIGINT NOT NULL DEFAULT 0 COMMENT '月租金(分)'; ALTER TABLE t_lease_contract MODIFY COLUMN deposit BIGINT NOT NULL DEFAULT 0 COMMENT '押金(分)'; -UPDATE t_lease_contract SET rent_amount = ROUND(rent_amount * 100, 0), deposit = ROUND(deposit * 100, 0); -- t_workshop_lease: rent_amount -ALTER TABLE t_workshop_lease MODIFY COLUMN rent_amount BIGINT NOT NULL DEFAULT 0 COMMENT '租金金额(分)'; UPDATE t_workshop_lease SET rent_amount = ROUND(rent_amount * 100, 0); +ALTER TABLE t_workshop_lease MODIFY COLUMN rent_amount BIGINT NOT NULL DEFAULT 0 COMMENT '租金金额(分)'; -- t_public_revenue: amount -ALTER TABLE t_public_revenue MODIFY COLUMN amount BIGINT NOT NULL DEFAULT 0 COMMENT '收益金额(分)'; UPDATE t_public_revenue SET amount = ROUND(amount * 100, 0); +ALTER TABLE t_public_revenue MODIFY COLUMN amount BIGINT NOT NULL DEFAULT 0 COMMENT '收益金额(分)'; -- t_cam_charge: total_amount, allocated_amount +UPDATE t_cam_charge SET total_amount = ROUND(total_amount * 100, 0), allocated_amount = ROUND(allocated_amount * 100, 0); ALTER TABLE t_cam_charge MODIFY COLUMN total_amount BIGINT NOT NULL DEFAULT 0 COMMENT '本期公共费用总额(分)'; ALTER TABLE t_cam_charge MODIFY COLUMN allocated_amount BIGINT NOT NULL DEFAULT 0 COMMENT '分摊金额(分)'; -UPDATE t_cam_charge SET total_amount = ROUND(total_amount * 100, 0), allocated_amount = ROUND(allocated_amount * 100, 0); -- t_device: price -ALTER TABLE t_device MODIFY COLUMN price BIGINT NOT NULL DEFAULT 0 COMMENT '采购价格(分)'; UPDATE t_device SET price = ROUND(price * 100, 0); +ALTER TABLE t_device MODIFY COLUMN price BIGINT NOT NULL DEFAULT 0 COMMENT '采购价格(分)'; -- t_device_maintenance: cost -ALTER TABLE t_device_maintenance MODIFY COLUMN cost BIGINT NOT NULL DEFAULT 0 COMMENT '维保费用(分)'; UPDATE t_device_maintenance SET cost = ROUND(cost * 100, 0); +ALTER TABLE t_device_maintenance MODIFY COLUMN cost BIGINT NOT NULL DEFAULT 0 COMMENT '维保费用(分)'; -- t_renovation: deposit_amount -ALTER TABLE t_renovation MODIFY COLUMN deposit_amount BIGINT NOT NULL DEFAULT 0 COMMENT '装修押金(分)'; UPDATE t_renovation SET deposit_amount = ROUND(deposit_amount * 100, 0); +ALTER TABLE t_renovation MODIFY COLUMN deposit_amount BIGINT NOT NULL DEFAULT 0 COMMENT '装修押金(分)';