refac[litemall-admin-api]: 对管理后台的GET参数进行校验。

2072babd · Junling Bu · bc6f8747 · 2072babd · 2072babd · 2072babd
Commit 2072babd authored Jul 31, 2018 by Junling Bu
--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdController.java
@@ -3,12 +3,16 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallAd;
 import org.linlinjava.litemall.db.service.LitemallAdService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.HashMap;
 import java.util.List;
@@ -16,6 +20,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/ad")
+@Validated
 public class AdminAdController {
    private final Log logger = LogFactory.getLog(AdminAdController.class);
@@ -25,9 +30,10 @@ public class AdminAdController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String name, String content,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -52,15 +58,11 @@ public class AdminAdController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
-        if(id == null){
-            return ResponseUtil.badArgument();
-        }
        LitemallAd brand = adService.findById(id);
        return ResponseUtil.ok(brand);
    }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAddressController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAddressController.java
@@ -4,13 +4,17 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
 import org.linlinjava.litemall.core.util.RegexUtil;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallAddress;
 import org.linlinjava.litemall.db.service.LitemallAddressService;
 import org.linlinjava.litemall.db.service.LitemallRegionService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -19,6 +23,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/address")
+@Validated
 public class AdminAddressController {
    private final Log logger = LogFactory.getLog(AdminAddressController.class);
@@ -50,9 +55,10 @@ public class AdminAddressController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       Integer userId, String name,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -92,12 +98,12 @@ public class AdminAddressController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer addressId){
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
-        LitemallAddress address = addressService.findById(addressId);
+        LitemallAddress address = addressService.findById(id);
        Map<String, Object> addressVo = toVo(address);
        return ResponseUtil.ok(addressVo);
    }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdminController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAdminController.java
@@ -4,11 +4,15 @@ import org.linlinjava.litemall.admin.annotation.LoginAdmin;
 import org.linlinjava.litemall.admin.service.AdminTokenManager;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.linlinjava.litemall.core.util.bcrypt.BCryptPasswordEncoder;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallAdmin;
 import org.linlinjava.litemall.db.service.LitemallAdminService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -17,6 +21,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/admin")
+@Validated
 public class AdminAdminController {
    @Autowired
    private LitemallAdminService adminService;
@@ -47,9 +52,10 @@ public class AdminAdminController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String username,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -80,15 +86,11 @@ public class AdminAdminController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
-        if(id == null){
-            return ResponseUtil.badArgument();
-        }
        LitemallAdmin admin = adminService.findById(id);
        return ResponseUtil.ok(admin);
    }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAuthController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminAuthController.java
@@ -2,6 +2,7 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.hibernate.validator.constraints.NotEmpty;
 import org.linlinjava.litemall.admin.dao.AdminToken;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
 import org.linlinjava.litemall.admin.service.AdminTokenManager;
@@ -13,15 +14,18 @@ import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+import javax.validation.constraints.NotNull;
 import java.util.List;
 @RestController
 @RequestMapping("/admin/login")
+@Validated
 public class AdminAuthController {
    private final Log logger = LogFactory.getLog(AdminAuthController.class);

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminBrandController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminBrandController.java
@@ -3,12 +3,16 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallBrand;
 import org.linlinjava.litemall.db.service.LitemallBrandService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.HashMap;
 import java.util.List;
@@ -16,6 +20,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/brand")
+@Validated
 public class AdminBrandController {
    private final Log logger = LogFactory.getLog(AdminBrandController.class);
@@ -25,9 +30,10 @@ public class AdminBrandController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String id, String name,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -52,15 +58,11 @@ public class AdminBrandController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
-        if(id == null){
-            return ResponseUtil.badArgument();
-        }
        LitemallBrand brand = brandService.findById(id);
        return ResponseUtil.ok(brand);
    }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCategoryController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCategoryController.java
@@ -4,12 +4,16 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
 import org.linlinjava.litemall.admin.util.CatVo;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallCategory;
 import org.linlinjava.litemall.db.service.LitemallCategoryService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -18,6 +22,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/category")
+@Validated
 public class AdminCategoryController {
    private final Log logger = LogFactory.getLog(AdminCategoryController.class);
@@ -27,9 +32,10 @@ public class AdminCategoryController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String id, String name,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -54,15 +60,11 @@ public class AdminCategoryController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
-        if(id == null){
-            return ResponseUtil.badArgument();
-        }
        LitemallCategory category = categoryService.findById(id);
        return ResponseUtil.ok(category);
    }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCollectController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCollectController.java
@@ -3,18 +3,23 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallCollect;
 import org.linlinjava.litemall.db.service.LitemallCollectService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 @RestController
 @RequestMapping("/admin/collect")
+@Validated
 public class AdminCollectController {
    private final Log logger = LogFactory.getLog(AdminCollectController.class);
@@ -24,9 +29,10 @@ public class AdminCollectController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String userId, String valueId,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -49,7 +55,7 @@ public class AdminCollectController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCommentController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCommentController.java
@@ -3,12 +3,16 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallComment;
 import org.linlinjava.litemall.db.service.LitemallCommentService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.HashMap;
 import java.util.List;
@@ -16,6 +20,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/comment")
+@Validated
 public class AdminCommentController {
    private final Log logger = LogFactory.getLog(AdminCommentController.class);
@@ -25,9 +30,10 @@ public class AdminCommentController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String userId, String valueId,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -52,7 +58,7 @@ public class AdminCommentController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId,  @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminDashbordController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminDashbordController.java
@@ -9,6 +9,7 @@ import org.linlinjava.litemall.db.service.LitemallProductService;
 import org.linlinjava.litemall.db.service.LitemallUserService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import java.util.HashMap;
@@ -16,6 +17,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/dashboard")
+@Validated
 public class AdminDashbordController {
    private final Log logger = LogFactory.getLog(AdminDashbordController.class);

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminFootprintController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminFootprintController.java
@@ -3,18 +3,23 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallFootprint;
 import org.linlinjava.litemall.db.service.LitemallFootprintService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 @RestController
 @RequestMapping("/admin/footprint")
+@Validated
 public class AdminFootprintController {
    private final Log logger = LogFactory.getLog(AdminFootprintController.class);
@@ -24,9 +29,10 @@ public class AdminFootprintController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String userId, String goodsId,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -49,15 +55,11 @@ public class AdminFootprintController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId,  @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
-        if(id == null){
-            return ResponseUtil.badArgument();
-        }
        LitemallFootprint footprint = footprintService.findById(id);
        return ResponseUtil.ok(footprint);
    }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java
@@ -6,6 +6,8 @@ import org.linlinjava.litemall.admin.annotation.LoginAdmin;
 import org.linlinjava.litemall.admin.dao.GoodsAllinone;
 import org.linlinjava.litemall.admin.util.CatVo;
 import org.linlinjava.litemall.core.qcode.QCodeService;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.*;
 import org.linlinjava.litemall.db.service.*;
 import org.linlinjava.litemall.core.util.ResponseUtil;
@@ -14,13 +16,16 @@ import org.springframework.transaction.PlatformTransactionManager;
 import org.springframework.transaction.TransactionDefinition;
 import org.springframework.transaction.TransactionStatus;
 import org.springframework.transaction.support.DefaultTransactionDefinition;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.*;
 @RestController
 @RequestMapping("/admin/goods")
+@Validated
 public class AdminGoodsController {
    private final Log logger = LogFactory.getLog(AdminGoodsController.class);
@@ -46,9 +51,10 @@ public class AdminGoodsController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String goodsSn, String name,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order) {
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if (adminId == null) {
            return ResponseUtil.unlogin();
        }
@@ -270,15 +276,11 @@ public class AdminGoodsController {
    }
    @GetMapping("/detail")
-    public Object detail(@LoginAdmin Integer adminId, Integer id) {
+    public Object detail(@LoginAdmin Integer adminId,  @NotNull Integer id){
        if (adminId == null) {
            return ResponseUtil.unlogin();
        }
-        if (id == null) {
-            return ResponseUtil.badArgument();
-        }
        LitemallGoods goods = goodsService.findById(id);
        List<LitemallProduct> products = productService.queryByGid(id);
        List<LitemallGoodsSpecification> specifications = specificationService.queryByGid(id);

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminHistoryController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminHistoryController.java
@@ -3,6 +3,8 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallSearchHistory;
 import org.linlinjava.litemall.db.service.LitemallSearchHistoryService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
@@ -24,9 +26,10 @@ public class AdminHistoryController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String userId, String keyword,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java
@@ -3,12 +3,16 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallIssue;
 import org.linlinjava.litemall.db.service.LitemallIssueService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.HashMap;
 import java.util.List;
@@ -16,6 +20,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/issue")
+@Validated
 public class AdminIssueController {
    private final Log logger = LogFactory.getLog(AdminIssueController.class);
@@ -25,9 +30,10 @@ public class AdminIssueController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String question,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -52,15 +58,11 @@ public class AdminIssueController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
-        if(id == null){
-            return ResponseUtil.badArgument();
-        }
        LitemallIssue issue = issueService.findById(id);
        return ResponseUtil.ok(issue);
    }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java
@@ -3,12 +3,16 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallKeyword;
 import org.linlinjava.litemall.db.service.LitemallKeywordService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.HashMap;
 import java.util.List;
@@ -16,6 +20,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/keyword")
+@Validated
 public class AdminKeywordController {
    private final Log logger = LogFactory.getLog(AdminKeywordController.class);
@@ -25,9 +30,10 @@ public class AdminKeywordController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String keyword, String url,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -52,15 +58,11 @@ public class AdminKeywordController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
-        if(id == null){
-            return ResponseUtil.badArgument();
-        }
        LitemallKeyword brand = keywordService.findById(id);
        return ResponseUtil.ok(brand);
    }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminOrderController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminOrderController.java
@@ -6,6 +6,8 @@ import org.linlinjava.litemall.admin.annotation.LoginAdmin;
 import org.linlinjava.litemall.core.notify.NotifyService;
 import org.linlinjava.litemall.core.notify.NotifyType;
 import org.linlinjava.litemall.core.util.JacksonUtil;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.*;
 import org.linlinjava.litemall.db.service.LitemallOrderGoodsService;
 import org.linlinjava.litemall.db.service.LitemallOrderService;
@@ -19,6 +21,7 @@ import org.springframework.transaction.PlatformTransactionManager;
 import org.springframework.transaction.TransactionDefinition;
 import org.springframework.transaction.TransactionStatus;
 import org.springframework.transaction.support.DefaultTransactionDefinition;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import java.math.BigDecimal;
@@ -29,6 +32,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/order")
+@Validated
 public class AdminOrderController {
    private final Log logger = LogFactory.getLog(AdminOrderController.class);
@@ -50,9 +54,10 @@ public class AdminOrderController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       Integer userId, String orderSn, @RequestParam(required = false, value = "orderStatusArray[]") List<Short> orderStatusArray,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order) {
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if (adminId == null) {
            return ResponseUtil.unlogin();
        }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRegionController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRegionController.java
@@ -3,10 +3,13 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallRegion;
 import org.linlinjava.litemall.db.service.LitemallRegionService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -18,6 +21,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/region")
+@Validated
 public class AdminRegionController {
    private final Log logger = LogFactory.getLog(AdminRegionController.class);
@@ -38,9 +42,10 @@ public class AdminRegionController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String name, Integer code,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStatController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStatController.java
@@ -9,6 +9,7 @@ import org.linlinjava.litemall.db.dao.StatMapper;
 import org.linlinjava.litemall.db.service.LitemallOrderService;
 import org.linlinjava.litemall.db.service.StatService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import java.util.HashMap;
@@ -17,6 +18,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/stat")
+@Validated
 public class AdminStatController {
    private final Log logger = LogFactory.getLog(AdminStatController.class);

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java
 package org.linlinjava.litemall.admin.web;
+import org.linlinjava.litemall.admin.annotation.LoginAdmin;
 import org.linlinjava.litemall.core.storage.StorageService;
 import org.linlinjava.litemall.core.util.CharUtil;
 import org.linlinjava.litemall.core.util.ResponseUtil;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallStorage;
 import org.linlinjava.litemall.db.service.LitemallStorageService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -10,9 +13,11 @@ import org.springframework.core.io.Resource;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
+import javax.validation.constraints.NotNull;
 import java.io.IOException;
 import java.io.InputStream;
 import java.time.LocalDateTime;
@@ -22,6 +27,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/storage")
+@Validated
 public class AdminStorageController {
    @Autowired
@@ -46,10 +52,12 @@ public class AdminStorageController {
    }
    @GetMapping("/list")
-    public Object list(String key, String name,
+    public Object list(@LoginAdmin Integer adminId,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       String key, String name,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       String sort, String order){
+                       @RequestParam(defaultValue = "10") Integer limit,
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        List<LitemallStorage> storageList = litemallStorageService.querySelective(key, name, page, limit, sort, order);
        int total = litemallStorageService.countSelective(key, name, page, limit, sort, order);
        Map<String, Object> data = new HashMap<>();
@@ -60,7 +68,10 @@ public class AdminStorageController {
    }
    @PostMapping("/create")
-    public Object create(@RequestParam("file") MultipartFile file) {
+    public Object create(@LoginAdmin Integer adminId, @RequestParam("file") MultipartFile file) {
+        if(adminId == null){
+            return ResponseUtil.unlogin();
+        }
        String originalFilename = file.getOriginalFilename();
        InputStream inputStream = null;
        try {
@@ -86,9 +97,9 @@ public class AdminStorageController {
    }
    @PostMapping("/read")
-    public Object read(Integer id) {
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id) {
-        if(id == null){
+        if(adminId == null){
-            return ResponseUtil.badArgument();
+            return ResponseUtil.unlogin();
        }
        LitemallStorage storageInfo = litemallStorageService.findById(id);
        if(storageInfo == null){
@@ -98,14 +109,19 @@ public class AdminStorageController {
    }
    @PostMapping("/update")
-    public Object update(@RequestBody LitemallStorage litemallStorage) {
+    public Object update(@LoginAdmin Integer adminId, @RequestBody LitemallStorage litemallStorage) {
+        if(adminId == null){
+            return ResponseUtil.unlogin();
+        }
        litemallStorageService.update(litemallStorage);
        return ResponseUtil.ok(litemallStorage);
    }
    @PostMapping("/delete")
-    public Object delete(@RequestBody LitemallStorage litemallStorage) {
+    public Object delete(@LoginAdmin Integer adminId, @RequestBody LitemallStorage litemallStorage) {
+        if(adminId == null){
+            return ResponseUtil.unlogin();
+        }
        litemallStorageService.deleteByKey(litemallStorage.getKey());
        storageService.delete(litemallStorage.getKey());
        return ResponseUtil.ok();

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminTopicController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminTopicController.java
@@ -3,12 +3,16 @@ package org.linlinjava.litemall.admin.web;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallTopic;
 import org.linlinjava.litemall.db.service.LitemallTopicService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import javax.validation.constraints.NotNull;
 import java.time.LocalDateTime;
 import java.util.HashMap;
 import java.util.List;
@@ -16,6 +20,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/topic")
+@Validated
 public class AdminTopicController {
    private final Log logger = LogFactory.getLog(AdminTopicController.class);
@@ -25,9 +30,10 @@ public class AdminTopicController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String title, String subtitle,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
@@ -52,15 +58,11 @@ public class AdminTopicController {
    }
    @GetMapping("/read")
-    public Object read(@LoginAdmin Integer adminId, Integer id){
+    public Object read(@LoginAdmin Integer adminId, @NotNull Integer id){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }
-        if(id == null){
-            return ResponseUtil.badArgument();
-        }
        LitemallTopic brand = topicService.findById(id);
        return ResponseUtil.ok(brand);
    }

--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java
@@ -6,10 +6,13 @@ import org.apache.commons.logging.LogFactory;
 import org.linlinjava.litemall.admin.annotation.LoginAdmin;
 import org.linlinjava.litemall.core.util.RegexUtil;
 import org.linlinjava.litemall.core.util.bcrypt.BCryptPasswordEncoder;
+import org.linlinjava.litemall.core.validator.Order;
+import org.linlinjava.litemall.core.validator.Sort;
 import org.linlinjava.litemall.db.domain.LitemallUser;
 import org.linlinjava.litemall.db.service.LitemallUserService;
 import org.linlinjava.litemall.core.util.ResponseUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import java.time.LocalDateTime;
@@ -19,6 +22,7 @@ import java.util.Map;
 @RestController
 @RequestMapping("/admin/user")
+@Validated
 public class AdminUserController {
    private final Log logger = LogFactory.getLog(AdminUserController.class);
@@ -28,9 +32,10 @@ public class AdminUserController {
    @GetMapping("/list")
    public Object list(@LoginAdmin Integer adminId,
                       String username, String mobile,
-                       @RequestParam(value = "page", defaultValue = "1") Integer page,
+                       @RequestParam(defaultValue = "1") Integer page,
-                       @RequestParam(value = "limit", defaultValue = "10") Integer limit,
+                       @RequestParam(defaultValue = "10") Integer limit,
-                       String sort, String order){
+                       @Sort @RequestParam(defaultValue = "add_time") String sort,
+                       @Order @RequestParam(defaultValue = "desc") String order){
        if(adminId == null){
            return ResponseUtil.unlogin();
        }