From 9b8b9bd7dddde61da4cd35718a5090948cff0014 Mon Sep 17 00:00:00 2001
From: xd <844539747@qq.com>
Date: Thu, 18 Apr 2024 09:04:12 +0800
Subject: [PATCH] '123'
---
pom.xml | 10 +-
.../ruoyi/common/annotation/Sensitive.java | 24 ++++
.../serializer/SensitiveJsonSerializer.java | 67 +++++++++++
.../ruoyi/common/enums/DesensitizedType.java | 59 ++++++++++
.../ruoyi/common/utils/DesensitizedUtil.java | 49 +++++++++
.../com/ruoyi/common/utils/StringUtils.java | 104 +++++++++++++-----
ruoyi-ui/src/views/quot/quot/index.vue | 4 +-
7 files changed, 285 insertions(+), 32 deletions(-)
create mode 100644 ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
create mode 100644 ruoyi-common/src/main/java/com/ruoyi/common/config/serializer/SensitiveJsonSerializer.java
create mode 100644 ruoyi-common/src/main/java/com/ruoyi/common/enums/DesensitizedType.java
create mode 100644 ruoyi-common/src/main/java/com/ruoyi/common/utils/DesensitizedUtil.java
diff --git a/pom.xml b/pom.xml
index 653a158..df49552 100644
--- a/pom.xml
+++ b/pom.xml
@@ -18,6 +18,7 @@
UTF-8
1.8
3.1.1
+ 5.3.33
1.2.21
1.21
3.0.0
@@ -39,7 +40,14 @@
-
+
+
+ org.springframework
+ spring-framework-bom
+ ${spring-framework.version}
+ pom
+ import
+
org.springframework.boot
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
new file mode 100644
index 0000000..c0621e9
--- /dev/null
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
@@ -0,0 +1,24 @@
+package com.ruoyi.common.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import com.fasterxml.jackson.annotation.JacksonAnnotationsInside;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.ruoyi.common.config.serializer.SensitiveJsonSerializer;
+import com.ruoyi.common.enums.DesensitizedType;
+
+/**
+ * 数据脱敏注解
+ *
+ * @author ruoyi
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.FIELD)
+@JacksonAnnotationsInside
+@JsonSerialize(using = SensitiveJsonSerializer.class)
+public @interface Sensitive
+{
+ DesensitizedType desensitizedType();
+}
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/config/serializer/SensitiveJsonSerializer.java b/ruoyi-common/src/main/java/com/ruoyi/common/config/serializer/SensitiveJsonSerializer.java
new file mode 100644
index 0000000..e819a1d
--- /dev/null
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/config/serializer/SensitiveJsonSerializer.java
@@ -0,0 +1,67 @@
+package com.ruoyi.common.config.serializer;
+
+import java.io.IOException;
+import java.util.Objects;
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanProperty;
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.ser.ContextualSerializer;
+import com.ruoyi.common.annotation.Sensitive;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.enums.DesensitizedType;
+import com.ruoyi.common.utils.SecurityUtils;
+
+/**
+ * 数据脱敏序列化过滤
+ *
+ * @author ruoyi
+ */
+public class SensitiveJsonSerializer extends JsonSerializer implements ContextualSerializer
+{
+ private DesensitizedType desensitizedType;
+
+ @Override
+ public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException
+ {
+ if (desensitization())
+ {
+ gen.writeString(desensitizedType.desensitizer().apply(value));
+ }
+ else
+ {
+ gen.writeString(value);
+ }
+ }
+
+ @Override
+ public JsonSerializer createContextual(SerializerProvider prov, BeanProperty property)
+ throws JsonMappingException
+ {
+ Sensitive annotation = property.getAnnotation(Sensitive.class);
+ if (Objects.nonNull(annotation) && Objects.equals(String.class, property.getType().getRawClass()))
+ {
+ this.desensitizedType = annotation.desensitizedType();
+ return this;
+ }
+ return prov.findValueSerializer(property.getType(), property);
+ }
+
+ /**
+ * 是否需要脱敏处理
+ */
+ private boolean desensitization()
+ {
+ try
+ {
+ LoginUser securityUser = SecurityUtils.getLoginUser();
+ // 管理员不脱敏
+ return !securityUser.getUser().isAdmin();
+ }
+ catch (Exception e)
+ {
+ return true;
+ }
+ }
+}
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/enums/DesensitizedType.java b/ruoyi-common/src/main/java/com/ruoyi/common/enums/DesensitizedType.java
new file mode 100644
index 0000000..4508122
--- /dev/null
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/DesensitizedType.java
@@ -0,0 +1,59 @@
+package com.ruoyi.common.enums;
+
+import java.util.function.Function;
+import com.ruoyi.common.utils.DesensitizedUtil;
+
+/**
+ * 脱敏类型
+ *
+ * @author ruoyi
+ */
+public enum DesensitizedType
+{
+ /**
+ * 姓名,第2位星号替换
+ */
+ USERNAME(s -> s.replaceAll("(\\S)\\S(\\S*)", "$1*$2")),
+
+ /**
+ * 密码,全部字符都用*代替
+ */
+ PASSWORD(DesensitizedUtil::password),
+
+ /**
+ * 身份证,中间10位星号替换
+ */
+ ID_CARD(s -> s.replaceAll("(\\d{4})\\d{10}(\\d{4})", "$1** **** ****$2")),
+
+ /**
+ * 手机号,中间4位星号替换
+ */
+ PHONE(s -> s.replaceAll("(\\d{3})\\d{4}(\\d{4})", "$1****$2")),
+
+ /**
+ * 电子邮箱,仅显示第一个字母和@后面的地址显示,其他星号替换
+ */
+ EMAIL(s -> s.replaceAll("(^.)[^@]*(@.*$)", "$1****$2")),
+
+ /**
+ * 银行卡号,保留最后4位,其他星号替换
+ */
+ BANK_CARD(s -> s.replaceAll("\\d{15}(\\d{3})", "**** **** **** **** $1")),
+
+ /**
+ * 车牌号码,包含普通车辆、新能源车辆
+ */
+ CAR_LICENSE(DesensitizedUtil::carLicense);
+
+ private final Function desensitizer;
+
+ DesensitizedType(Function desensitizer)
+ {
+ this.desensitizer = desensitizer;
+ }
+
+ public Function desensitizer()
+ {
+ return desensitizer;
+ }
+}
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/DesensitizedUtil.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/DesensitizedUtil.java
new file mode 100644
index 0000000..f8a4c02
--- /dev/null
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/DesensitizedUtil.java
@@ -0,0 +1,49 @@
+package com.ruoyi.common.utils;
+
+/**
+ * 脱敏工具类
+ *
+ * @author ruoyi
+ */
+public class DesensitizedUtil
+{
+ /**
+ * 密码的全部字符都用*代替,比如:******
+ *
+ * @param password 密码
+ * @return 脱敏后的密码
+ */
+ public static String password(String password)
+ {
+ if (StringUtils.isBlank(password))
+ {
+ return StringUtils.EMPTY;
+ }
+ return StringUtils.repeat('*', password.length());
+ }
+
+ /**
+ * 车牌中间用*代替,如果是错误的车牌,不处理
+ *
+ * @param carLicense 完整的车牌号
+ * @return 脱敏后的车牌
+ */
+ public static String carLicense(String carLicense)
+ {
+ if (StringUtils.isBlank(carLicense))
+ {
+ return StringUtils.EMPTY;
+ }
+ // 普通车牌
+ if (carLicense.length() == 7)
+ {
+ carLicense = StringUtils.hide(carLicense, 3, 6);
+ }
+ else if (carLicense.length() == 8)
+ {
+ // 新能源车牌
+ carLicense = StringUtils.hide(carLicense, 3, 7);
+ }
+ return carLicense;
+ }
+}
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/StringUtils.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/StringUtils.java
index dbcb319..b576b27 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/StringUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/StringUtils.java
@@ -12,7 +12,7 @@ import com.ruoyi.common.core.text.StrFormatter;
/**
* 字符串工具类
- *
+ *
* @author ruoyi
*/
public class StringUtils extends org.apache.commons.lang3.StringUtils
@@ -23,9 +23,12 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/** 下划线 */
private static final char SEPARATOR = '_';
+ /** 星号 */
+ private static final char ASTERISK = '*';
+
/**
* 获取参数不为空值
- *
+ *
* @param value defaultValue 要判断的value
* @return value 返回值
*/
@@ -36,7 +39,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个Collection是否为空, 包含List,Set,Queue
- *
+ *
* @param coll 要判断的Collection
* @return true:为空 false:非空
*/
@@ -47,7 +50,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个Collection是否非空,包含List,Set,Queue
- *
+ *
* @param coll 要判断的Collection
* @return true:非空 false:空
*/
@@ -58,7 +61,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个对象数组是否为空
- *
+ *
* @param objects 要判断的对象数组
** @return true:为空 false:非空
*/
@@ -69,7 +72,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个对象数组是否非空
- *
+ *
* @param objects 要判断的对象数组
* @return true:非空 false:空
*/
@@ -80,7 +83,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个Map是否为空
- *
+ *
* @param map 要判断的Map
* @return true:为空 false:非空
*/
@@ -91,7 +94,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个Map是否为空
- *
+ *
* @param map 要判断的Map
* @return true:非空 false:空
*/
@@ -102,7 +105,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个字符串是否为空串
- *
+ *
* @param str String
* @return true:为空 false:非空
*/
@@ -113,7 +116,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个字符串是否为非空串
- *
+ *
* @param str String
* @return true:非空串 false:空串
*/
@@ -124,7 +127,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个对象是否为空
- *
+ *
* @param object Object
* @return true:为空 false:非空
*/
@@ -135,7 +138,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个对象是否非空
- *
+ *
* @param object Object
* @return true:非空 false:空
*/
@@ -146,7 +149,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* * 判断一个对象是否是数组类型(Java基本型别的数组)
- *
+ *
* @param object 对象
* @return true:是数组 false:不是数组
*/
@@ -163,9 +166,52 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
return (str == null ? "" : str.trim());
}
+ /**
+ * 替换指定字符串的指定区间内字符为"*"
+ *
+ * @param str 字符串
+ * @param startInclude 开始位置(包含)
+ * @param endExclude 结束位置(不包含)
+ * @return 替换后的字符串
+ */
+ public static String hide(CharSequence str, int startInclude, int endExclude)
+ {
+ if (isEmpty(str))
+ {
+ return NULLSTR;
+ }
+ final int strLength = str.length();
+ if (startInclude > strLength)
+ {
+ return NULLSTR;
+ }
+ if (endExclude > strLength)
+ {
+ endExclude = strLength;
+ }
+ if (startInclude > endExclude)
+ {
+ // 如果起始位置大于结束位置,不替换
+ return NULLSTR;
+ }
+ final char[] chars = new char[strLength];
+ for (int i = 0; i < strLength; i++)
+ {
+ if (i >= startInclude && i < endExclude)
+ {
+ chars[i] = ASTERISK;
+ }
+ else
+ {
+ chars[i] = str.charAt(i);
+ }
+ }
+ return new String(chars);
+ }
+
/**
* 截取字符串
- *
+ *
* @param str 字符串
* @param start 开始
* @return 结果
@@ -196,7 +242,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* 截取字符串
- *
+ *
* @param str 字符串
* @param start 开始
* @param end 结束
@@ -272,7 +318,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
* 通常使用:format("this is {} for {}", "a", "b") -> this is a for b
* 转义{}: format("this is \\{} for {}", "a", "b") -> this is \{} for a
* 转义\: format("this is \\\\{} for {}", "a", "b") -> this is \a for b
- *
+ *
* @param template 文本模板,被替换的部分用 {} 表示
* @param params 参数值
* @return 格式化后的文本
@@ -288,7 +334,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* 是否为http(s)://开头
- *
+ *
* @param link 链接
* @return 结果
*/
@@ -299,7 +345,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* 字符串转set
- *
+ *
* @param str 字符串
* @param sep 分隔符
* @return set集合
@@ -311,7 +357,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* 字符串转list
- *
+ *
* @param str 字符串
* @param sep 分隔符
* @param filterBlank 过滤纯空白
@@ -448,7 +494,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* 是否包含字符串
- *
+ *
* @param str 验证字符串
* @param strs 字符串组
* @return 包含返回true
@@ -470,7 +516,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* 将下划线大写方式命名的字符串转换为驼峰式。如果转换前的下划线大写方式命名的字符串为空,则返回空字符串。 例如:HELLO_WORLD->HelloWorld
- *
+ *
* @param name 转换前的下划线大写方式命名的字符串
* @return 转换后的驼峰式命名的字符串
*/
@@ -544,7 +590,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* 查找指定字符串是否匹配指定字符串列表中的任意一个字符串
- *
+ *
* @param str 指定字符串
* @param strs 需要检查的字符串数组
* @return 是否匹配
@@ -566,11 +612,11 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
}
/**
- * 判断url是否与规则配置:
- * ? 表示单个字符;
- * * 表示一层路径内的任意字符串,不可跨层级;
+ * 判断url是否与规则配置:
+ * ? 表示单个字符;
+ * * 表示一层路径内的任意字符串,不可跨层级;
* ** 表示任意层路径;
- *
+ *
* @param pattern 匹配规则
* @param url 需要匹配的url
* @return
@@ -589,7 +635,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* 数字左边补齐0,使之达到指定长度。注意,如果数字转换为字符串后,长度大于size,则只保留 最后size个字符。
- *
+ *
* @param num 数字对象
* @param size 字符串指定长度
* @return 返回数字的字符串格式,该字符串为指定长度。
@@ -601,7 +647,7 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
/**
* 字符串左补齐。如果原始字符串s长度大于size,则只保留最后size个字符。
- *
+ *
* @param s 原始字符串
* @param size 字符串指定长度
* @param c 用于补齐的字符
@@ -635,4 +681,4 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
}
return sb.toString();
}
-}
\ No newline at end of file
+}
diff --git a/ruoyi-ui/src/views/quot/quot/index.vue b/ruoyi-ui/src/views/quot/quot/index.vue
index f887671..6fcc685 100644
--- a/ruoyi-ui/src/views/quot/quot/index.vue
+++ b/ruoyi-ui/src/views/quot/quot/index.vue
@@ -183,7 +183,7 @@
style="width:100%"
v-model="form.quotInquiryDate"
type="datetime"
- placeholder="选择日期时间"
+ placeholder="系统自动生成"
:disabled="true">
@@ -203,7 +203,7 @@
style="width:100%"
v-model="form.quotQuotationDate"
type="datetime"
- placeholder="选择日期时间"
+ placeholder="报价组填写"
:disabled="true">