From c93b6661406b61ba9bca170273e74ae769bc31a6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=9B=98=E5=8F=A4=E7=BB=99=E4=BD=A0=E4=B8=80=E6=96=A7?=
 <56600535@qq.com>
Date: Thu, 9 Nov 2023 09:37:56 +0000
Subject: [PATCH] =?UTF-8?q?!444=20@Sensitive=E8=84=B1=E6=95=8F=E5=A2=9E?=
 =?UTF-8?q?=E5=8A=A0=E8=A7=92=E8=89=B2=E5=92=8C=E6=9D=83=E9=99=90=E6=A0=A1?=
 =?UTF-8?q?=E9=AA=8C=20*=20update=20=E4=BC=98=E5=8C=96=20=E8=84=B1?=
 =?UTF-8?q?=E6=95=8F=E5=A2=9E=E5=8A=A0=E8=A7=92=E8=89=B2=E5=8F=8A=E6=9D=83?=
 =?UTF-8?q?=E9=99=90=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../sensitive/annotation/Sensitive.java       |  4 ++++
 .../sensitive/core/SensitiveService.java      |  2 +-
 .../sensitive/handler/SensitiveHandler.java   |  6 +++++-
 .../controller/TestSensitiveController.java   |  8 ++++----
 .../service/impl/SysSensitiveServiceImpl.java | 19 ++++++++++++++++++-
 5 files changed, 32 insertions(+), 7 deletions(-)

diff --git a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/annotation/Sensitive.java b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/annotation/Sensitive.java
index f2def8ab2..1dfc896ff 100644
--- a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/annotation/Sensitive.java
+++ b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/annotation/Sensitive.java
@@ -21,4 +21,8 @@ import java.lang.annotation.Target;
 @JsonSerialize(using = SensitiveHandler.class)
 public @interface Sensitive {
     SensitiveStrategy strategy();
+
+    String roleKey() default "";
+
+    String perms() default "";
 }
diff --git a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveService.java b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveService.java
index 4b57fcb82..7b5264b87 100644
--- a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveService.java
+++ b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveService.java
@@ -13,6 +13,6 @@ public interface SensitiveService {
     /**
      * 是否脱敏
      */
-    boolean isSensitive();
+    boolean isSensitive(String roleKey, String perms);
 
 }
diff --git a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/handler/SensitiveHandler.java b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/handler/SensitiveHandler.java
index 3c8b78a31..c76c83a98 100644
--- a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/handler/SensitiveHandler.java
+++ b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/handler/SensitiveHandler.java
@@ -26,12 +26,14 @@ import java.util.Objects;
 public class SensitiveHandler extends JsonSerializer<String> implements ContextualSerializer {
 
     private SensitiveStrategy strategy;
+    private String roleKey;
+    private String perms;
 
     @Override
     public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException {
         try {
             SensitiveService sensitiveService = SpringUtils.getBean(SensitiveService.class);
-            if (ObjectUtil.isNotNull(sensitiveService) && sensitiveService.isSensitive()) {
+            if (ObjectUtil.isNotNull(sensitiveService) && sensitiveService.isSensitive(roleKey, perms)) {
                 gen.writeString(strategy.desensitizer().apply(value));
             } else {
                 gen.writeString(value);
@@ -47,6 +49,8 @@ public class SensitiveHandler extends JsonSerializer<String> implements Contextu
         Sensitive annotation = property.getAnnotation(Sensitive.class);
         if (Objects.nonNull(annotation) && Objects.equals(String.class, property.getType().getRawClass())) {
             this.strategy = annotation.strategy();
+            this.roleKey = annotation.roleKey();
+            this.perms = annotation.perms();
             return this;
         }
         return prov.findValueSerializer(property.getType(), property);
diff --git a/ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/controller/TestSensitiveController.java b/ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/controller/TestSensitiveController.java
index 8d6ad5397..eba05527c 100644
--- a/ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/controller/TestSensitiveController.java
+++ b/ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/controller/TestSensitiveController.java
@@ -50,25 +50,25 @@ public class TestSensitiveController extends BaseController {
         /**
          * 电话
          */
-        @Sensitive(strategy = SensitiveStrategy.PHONE)
+        @Sensitive(strategy = SensitiveStrategy.PHONE, roleKey = "common")
         private String phone;
 
         /**
          * 地址
          */
-        @Sensitive(strategy = SensitiveStrategy.ADDRESS)
+        @Sensitive(strategy = SensitiveStrategy.ADDRESS, perms = "system:user:query")
         private String address;
 
         /**
          * 邮箱
          */
-        @Sensitive(strategy = SensitiveStrategy.EMAIL)
+        @Sensitive(strategy = SensitiveStrategy.EMAIL, roleKey = "common", perms = "system:user:query1")
         private String email;
 
         /**
          * 银行卡
          */
-        @Sensitive(strategy = SensitiveStrategy.BANK_CARD)
+        @Sensitive(strategy = SensitiveStrategy.BANK_CARD, roleKey = "common1", perms = "system:user:query")
         private String bankCard;
 
     }
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSensitiveServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSensitiveServiceImpl.java
index 1202c33f2..2f2493aa3 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSensitiveServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSensitiveServiceImpl.java
@@ -1,5 +1,7 @@
 package org.dromara.system.service.impl;
 
+import cn.dev33.satoken.stp.StpUtil;
+import org.dromara.common.core.utils.StringUtils;
 import org.dromara.common.satoken.utils.LoginHelper;
 import org.dromara.common.sensitive.core.SensitiveService;
 import org.dromara.common.tenant.helper.TenantHelper;
@@ -20,7 +22,22 @@ public class SysSensitiveServiceImpl implements SensitiveService {
      * 是否脱敏
      */
     @Override
-    public boolean isSensitive() {
+    public boolean isSensitive(String roleKey, String perms) {
+        if (!StpUtil.isLogin()) {
+            return true;
+        }
+        boolean roleExist = StringUtils.isNotEmpty(roleKey);
+        boolean permsExist = StringUtils.isNotEmpty(perms);
+        if (roleExist && permsExist) {
+            if (StpUtil.hasRole(roleKey) && StpUtil.hasPermission(perms)) {
+                return false;
+            }
+        } else if (roleExist && StpUtil.hasRole(roleKey)) {
+            return false;
+        } else if (permsExist && StpUtil.hasPermission(perms)) {
+            return false;
+        }
+
         if (TenantHelper.isEnable()) {
             return !LoginHelper.isSuperAdmin() && !LoginHelper.isTenantAdmin();
         }