admin/lx-admin-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

!444 @Sensitive脱敏增加角色和权限校验

Browse Source 
* update 优化 脱敏增加角色及权限校验
This commit is contained in:
盘古给你一斧 2023-11-09 09:37:56 +00:00 committed by 疯狂的狮子Li
parent 0f16051024
commit c93b666140
5 changed files with 32 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/annotation/Sensitive.java
View File

@ -21,4 +21,8 @@ import java.lang.annotation.Target;
@JsonSerialize(using = SensitiveHandler.class) @JsonSerialize(using = SensitiveHandler.class)
public @interface Sensitive { public @interface Sensitive {
SensitiveStrategy strategy(); SensitiveStrategy strategy();
String roleKey() default "";
String perms() default "";
} }

2
ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveService.java
View File

@ -13,6 +13,6 @@ public interface SensitiveService {
/** /**
* 是否脱敏 * 是否脱敏
*/ */
boolean isSensitive(); boolean isSensitive(String roleKey, String perms);
} }

6
ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/handler/SensitiveHandler.java
View File

@ -26,12 +26,14 @@ import java.util.Objects;
public class SensitiveHandler extends JsonSerializer<String> implements ContextualSerializer { public class SensitiveHandler extends JsonSerializer<String> implements ContextualSerializer {
private SensitiveStrategy strategy; private SensitiveStrategy strategy;
private String roleKey;
private String perms;
@Override @Override
public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException { public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException {
try { try {
SensitiveService sensitiveService = SpringUtils.getBean(SensitiveService.class); SensitiveService sensitiveService = SpringUtils.getBean(SensitiveService.class);
if (ObjectUtil.isNotNull(sensitiveService) && sensitiveService.isSensitive()) { if (ObjectUtil.isNotNull(sensitiveService) && sensitiveService.isSensitive(roleKey, perms)) {
gen.writeString(strategy.desensitizer().apply(value)); gen.writeString(strategy.desensitizer().apply(value));
} else { } else {
gen.writeString(value); gen.writeString(value);
@ -47,6 +49,8 @@ public class SensitiveHandler extends JsonSerializer<String> implements Contextu
Sensitive annotation = property.getAnnotation(Sensitive.class); Sensitive annotation = property.getAnnotation(Sensitive.class);
if (Objects.nonNull(annotation) && Objects.equals(String.class, property.getType().getRawClass())) { if (Objects.nonNull(annotation) && Objects.equals(String.class, property.getType().getRawClass())) {
this.strategy = annotation.strategy(); this.strategy = annotation.strategy();
this.roleKey = annotation.roleKey();
this.perms = annotation.perms();
return this; return this;
} }
return prov.findValueSerializer(property.getType(), property); return prov.findValueSerializer(property.getType(), property);

8
ruoyi-modules/ruoyi-demo/src/main/java/org/dromara/demo/controller/TestSensitiveController.java
View File

@ -50,25 +50,25 @@ public class TestSensitiveController extends BaseController {
/** /**
* 电话 * 电话
*/ */
@Sensitive(strategy = SensitiveStrategy.PHONE) @Sensitive(strategy = SensitiveStrategy.PHONE, roleKey = "common")
private String phone; private String phone;
/** /**
* 地址 * 地址
*/ */
@Sensitive(strategy = SensitiveStrategy.ADDRESS) @Sensitive(strategy = SensitiveStrategy.ADDRESS, perms = "system:user:query")
private String address; private String address;
/** /**
* 邮箱 * 邮箱
*/ */
@Sensitive(strategy = SensitiveStrategy.EMAIL) @Sensitive(strategy = SensitiveStrategy.EMAIL, roleKey = "common", perms = "system:user:query1")
private String email; private String email;
/** /**
* 银行卡 * 银行卡
*/ */
@Sensitive(strategy = SensitiveStrategy.BANK_CARD) @Sensitive(strategy = SensitiveStrategy.BANK_CARD, roleKey = "common1", perms = "system:user:query")
private String bankCard; private String bankCard;
} }

19
ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSensitiveServiceImpl.java
View File

@ -1,5 +1,7 @@
package org.dromara.system.service.impl; package org.dromara.system.service.impl;
import cn.dev33.satoken.stp.StpUtil;
import org.dromara.common.core.utils.StringUtils;
import org.dromara.common.satoken.utils.LoginHelper; import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.common.sensitive.core.SensitiveService; import org.dromara.common.sensitive.core.SensitiveService;
import org.dromara.common.tenant.helper.TenantHelper; import org.dromara.common.tenant.helper.TenantHelper;
@ -20,7 +22,22 @@ public class SysSensitiveServiceImpl implements SensitiveService {
* 是否脱敏 * 是否脱敏
*/ */
@Override @Override
public boolean isSensitive() { public boolean isSensitive(String roleKey, String perms) {
if (!StpUtil.isLogin()) {
return true;
}
boolean roleExist = StringUtils.isNotEmpty(roleKey);
boolean permsExist = StringUtils.isNotEmpty(perms);
if (roleExist && permsExist) {
if (StpUtil.hasRole(roleKey) && StpUtil.hasPermission(perms)) {
return false;
}
} else if (roleExist && StpUtil.hasRole(roleKey)) {
return false;
} else if (permsExist && StpUtil.hasPermission(perms)) {
return false;
}
if (TenantHelper.isEnable()) { if (TenantHelper.isEnable()) {
return !LoginHelper.isSuperAdmin() && !LoginHelper.isTenantAdmin(); return !LoginHelper.isSuperAdmin() && !LoginHelper.isTenantAdmin();
} }