From caf93da26aa4f5bcc3ed2686da6895735623ce1f Mon Sep 17 00:00:00 2001
From: Yjoioooo <i.zhujie.cn@gmail.com>
Date: Thu, 23 Dec 2021 23:07:54 +0800
Subject: [PATCH] =?UTF-8?q?add=20=E6=96=B0=E5=A2=9E=E6=95=B0=E6=8D=AE?=
 =?UTF-8?q?=E8=84=B1=E6=95=8F=E6=B3=A8=E8=A7=A3=EF=BC=8C=E5=8F=AF=E6=A0=B9?=
 =?UTF-8?q?=E6=8D=AE=E8=8F=9C=E5=8D=95=E6=9D=83=E9=99=90=E5=AD=97=E7=AC=A6?=
 =?UTF-8?q?=E6=8E=A7=E5=88=B6=E6=98=AF=E5=90=A6=E8=84=B1=E6=95=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../ruoyi/common/annotation/Sensitive.java    | 23 +++++++
 .../ruoyi/common/enums/SensitiveStrategy.java | 32 +++++++++
 .../jackson/SensitiveJsonSerializer.java      | 43 ++++++++++++
 .../controller/TestSensitiveController.java   | 68 +++++++++++++++++++
 .../com/ruoyi/demo/domain/TestSensitive.java  | 35 ++++++++++
 5 files changed, 201 insertions(+)
 create mode 100644 ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
 create mode 100644 ruoyi-common/src/main/java/com/ruoyi/common/enums/SensitiveStrategy.java
 create mode 100644 ruoyi-common/src/main/java/com/ruoyi/common/jackson/SensitiveJsonSerializer.java
 create mode 100644 ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestSensitiveController.java
 create mode 100644 ruoyi-demo/src/main/java/com/ruoyi/demo/domain/TestSensitive.java

diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
new file mode 100644
index 000000000..ff17b09d7
--- /dev/null
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
@@ -0,0 +1,23 @@
+package com.ruoyi.common.annotation;
+
+import com.fasterxml.jackson.annotation.JacksonAnnotationsInside;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.ruoyi.common.enums.SensitiveStrategy;
+import com.ruoyi.common.jackson.SensitiveJsonSerializer;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 数据脱敏注解
+ * @author zhujie
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.FIELD)
+@JacksonAnnotationsInside
+@JsonSerialize(using = SensitiveJsonSerializer.class)
+public @interface Sensitive {
+    SensitiveStrategy strategy();
+}
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/enums/SensitiveStrategy.java b/ruoyi-common/src/main/java/com/ruoyi/common/enums/SensitiveStrategy.java
new file mode 100644
index 000000000..5f9bf72f8
--- /dev/null
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/SensitiveStrategy.java
@@ -0,0 +1,32 @@
+package com.ruoyi.common.enums;
+
+import cn.hutool.core.util.DesensitizedUtil;
+import java.util.function.Function;
+
+/**
+ * 脱敏策略
+ *  @author Yjoioooo
+ */
+public enum SensitiveStrategy {
+
+    /** 身份证脱敏 */
+    ID_CARD(s -> DesensitizedUtil.idCardNum(s, 3, 4)),
+
+    /** 手机号脱敏 */
+    PHONE(DesensitizedUtil::mobilePhone),
+
+    /**  地址脱敏 */
+    ADDRESS(s -> DesensitizedUtil.address(s, 8));
+
+    //可自行添加其他脱敏策略
+
+    private final Function<String, String> desensitizer;
+
+    SensitiveStrategy(Function<String, String> desensitizer) {
+        this.desensitizer = desensitizer;
+    }
+
+    public Function<String, String> desensitizer() {
+        return desensitizer;
+    }
+}
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/jackson/SensitiveJsonSerializer.java b/ruoyi-common/src/main/java/com/ruoyi/common/jackson/SensitiveJsonSerializer.java
new file mode 100644
index 000000000..2b4fef4f1
--- /dev/null
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/jackson/SensitiveJsonSerializer.java
@@ -0,0 +1,43 @@
+package com.ruoyi.common.jackson;
+
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanProperty;
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.ser.ContextualSerializer;
+import com.ruoyi.common.annotation.Sensitive;
+import com.ruoyi.common.enums.SensitiveStrategy;
+import com.ruoyi.common.utils.SecurityUtils;
+
+import java.io.IOException;
+import java.util.Objects;
+
+/**
+ * 数据脱敏json序列化工具
+ * @author Yjoioooo
+ */
+public class SensitiveJsonSerializer extends JsonSerializer<String> implements ContextualSerializer {
+
+    private SensitiveStrategy strategy;
+
+    @Override
+    public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException {
+        if (SecurityUtils.isAdmin(SecurityUtils.getLoginUser().getUserId()) || SecurityUtils.getLoginUser().getMenuPermissions().contains("Sensitive")){
+            gen.writeString(value);
+        } else {
+            gen.writeString(strategy.desensitizer().apply(value));
+        }
+
+    }
+
+    @Override
+    public JsonSerializer<?> createContextual(SerializerProvider prov, BeanProperty property) throws JsonMappingException {
+        Sensitive annotation = property.getAnnotation(Sensitive.class);
+        if (Objects.nonNull(annotation)&&Objects.equals(String.class, property.getType().getRawClass())) {
+            this.strategy = annotation.strategy();
+            return this;
+        }
+        return prov.findValueSerializer(property.getType(), property);
+    }
+}
diff --git a/ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestSensitiveController.java b/ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestSensitiveController.java
new file mode 100644
index 000000000..30708cd45
--- /dev/null
+++ b/ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestSensitiveController.java
@@ -0,0 +1,68 @@
+package com.ruoyi.demo.controller;
+
+import cn.hutool.core.bean.BeanUtil;
+import com.ruoyi.common.annotation.Log;
+import com.ruoyi.common.annotation.RepeatSubmit;
+import com.ruoyi.common.core.controller.BaseController;
+import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.PageQuery;
+import com.ruoyi.common.core.page.TableDataInfo;
+import com.ruoyi.common.core.validate.AddGroup;
+import com.ruoyi.common.core.validate.EditGroup;
+import com.ruoyi.common.core.validate.QueryGroup;
+import com.ruoyi.common.enums.BusinessType;
+import com.ruoyi.common.excel.ExcelResult;
+import com.ruoyi.common.utils.ValidatorUtils;
+import com.ruoyi.common.utils.poi.ExcelUtil;
+import com.ruoyi.demo.domain.TestDemo;
+import com.ruoyi.demo.domain.TestSensitive;
+import com.ruoyi.demo.domain.bo.TestDemoBo;
+import com.ruoyi.demo.domain.bo.TestDemoImportVo;
+import com.ruoyi.demo.domain.vo.TestDemoVo;
+import com.ruoyi.demo.service.ITestDemoService;
+import io.swagger.annotations.*;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.multipart.MultipartFile;
+
+import javax.servlet.http.HttpServletResponse;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.Arrays;
+import java.util.List;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * 测试单表Controller
+ *
+ * @author Lion Li
+ * @date 2021-07-26
+ */
+@Validated
+@Api(value = "测试数据脱敏控制器", tags = {"测试数据脱敏管理"})
+@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RestController
+@RequestMapping("/demo/sensitive")
+public class TestSensitiveController extends BaseController {
+
+    //默认为admin用户及拥有Sensitive权限字符用户不做脱敏
+    //1.配置菜单加入权限字符为Sensitive的按钮
+    //2.配置需要免除数据脱敏的角色加入Sensitive权限
+    //3.实体类上加上数据脱敏注解
+    /**
+     * 测试数据脱敏
+     */
+    @ApiOperation("查询测试单表列表")
+    @GetMapping()
+    public AjaxResult<TestSensitive> get() {
+        TestSensitive testSensitive = new TestSensitive()
+            .setIdCard("3333199910101212")
+            .setPhone("18888888888")
+            .setAddress("北京市朝阳区某某四合院1203室");
+        return AjaxResult.success(testSensitive);
+    }
+
+}
diff --git a/ruoyi-demo/src/main/java/com/ruoyi/demo/domain/TestSensitive.java b/ruoyi-demo/src/main/java/com/ruoyi/demo/domain/TestSensitive.java
new file mode 100644
index 000000000..1fbf6b377
--- /dev/null
+++ b/ruoyi-demo/src/main/java/com/ruoyi/demo/domain/TestSensitive.java
@@ -0,0 +1,35 @@
+package com.ruoyi.demo.domain;
+
+import com.baomidou.mybatisplus.annotation.*;
+import com.ruoyi.common.annotation.Sensitive;
+import com.ruoyi.common.core.domain.BaseEntity;
+import com.ruoyi.common.enums.SensitiveStrategy;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import lombok.experimental.Accessors;
+
+/**
+ * 测试单表对象 test_demo
+ *
+ * @author Lion Li
+ * @date 2021-07-26
+ */
+@Data
+@EqualsAndHashCode(callSuper = true)
+@Accessors(chain = true)
+public class TestSensitive extends BaseEntity {
+
+    private static final long serialVersionUID=1L;
+
+    /** 身份证 */
+    @Sensitive(strategy = SensitiveStrategy.ID_CARD)
+    private String idCard;
+
+    /** 电话 */
+    @Sensitive(strategy = SensitiveStrategy.PHONE)
+    private String phone;
+
+    /** 地址 */
+    @Sensitive(strategy = SensitiveStrategy.ADDRESS)
+    private String address;
+}