refactor(bonus-material): 重构数据加解密拦截器
- 优化了数据加密和解密的逻辑,提高了代码的可扩展性和维护性 - 增加了对空对象的判断,提高了代码的健壮性 - 优化了日志输出,增加了异常日志的空判断和错误处理 - 注释了未使用的拦截器方法,为未来可能的需求做准备
This commit is contained in:
parent
e78c6a2f0e
commit
4f133288a3
|
|
@ -24,13 +24,14 @@ import java.util.Properties;
|
|||
* @author weiweiwang
|
||||
*/
|
||||
@Intercepts({
|
||||
@Signature(type = ParameterHandler.class, method = "setParameters", args = {PreparedStatement.class}),
|
||||
@Signature(type = ResultSetHandler.class, method = "handleResultSets", args = {Statement.class})
|
||||
// @Signature(type = ParameterHandler.class, method = "setParameters", args = {PreparedStatement.class}),
|
||||
// @Signature(type = ResultSetHandler.class, method = "handleResultSets", args = {Statement.class})
|
||||
})
|
||||
public class DataEnDecryptInterceptor implements Interceptor {
|
||||
protected final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||
final static String USER_MAPPER_ID = "NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN";
|
||||
final static String DEPT_MAPPER_ID = "NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNxxxNNN";
|
||||
|
||||
@Override
|
||||
public Object intercept(Invocation invocation) throws Throwable {
|
||||
try {
|
||||
|
|
@ -68,7 +69,7 @@ public class DataEnDecryptInterceptor implements Interceptor {
|
|||
return invocation.proceed();
|
||||
}
|
||||
catch (Exception e){
|
||||
logger.error("mybatis对敏感数据加解密拦截器异常报错,{}",e.getMessage ());
|
||||
logger.error("mybatis对敏感数据加解密拦截器异常报错", e);
|
||||
return invocation.proceed();
|
||||
}
|
||||
}
|
||||
|
|
@ -83,28 +84,42 @@ public class DataEnDecryptInterceptor implements Interceptor {
|
|||
}
|
||||
|
||||
private void encryptUserObject(Object parameterObject){
|
||||
if (parameterObject == null) {
|
||||
logger.warn("encryptUserObject: parameterObject is null");
|
||||
return;
|
||||
}
|
||||
if (parameterObject instanceof BmProject) {
|
||||
BmProject pro = (BmProject) parameterObject;
|
||||
// 加密敏感字段
|
||||
|
||||
if (pro.getTelphone() != null) {
|
||||
pro.setTelphone(Sm4Utils.encrypt(pro.getTelphone()));
|
||||
}
|
||||
encryptField(pro, "telphone");
|
||||
}
|
||||
}
|
||||
|
||||
private void encryptDeptObject(Object parameterObject) {
|
||||
if (parameterObject == null) {
|
||||
logger.warn("encryptDeptObject: parameterObject is null");
|
||||
return;
|
||||
}
|
||||
if (parameterObject instanceof SysDept) {
|
||||
SysDept dept = (SysDept) parameterObject;
|
||||
// 加密敏感字段
|
||||
if (dept.getEmail() != null) {
|
||||
dept.setEmail(Sm4Utils.encrypt(dept.getEmail()));
|
||||
}
|
||||
if (dept.getPhone() != null) {
|
||||
dept.setPhone(Sm4Utils.encrypt(dept.getPhone()));
|
||||
encryptField(dept, "email");
|
||||
encryptField(dept, "phone");
|
||||
}
|
||||
}
|
||||
|
||||
private void encryptField(Object obj, String fieldName) {
|
||||
try {
|
||||
Field field = obj.getClass().getDeclaredField(fieldName);
|
||||
field.setAccessible(true);
|
||||
Object value = field.get(obj);
|
||||
if (value != null && value instanceof String) {
|
||||
String encryptedValue = Sm4Utils.encrypt((String) value);
|
||||
field.set(obj, encryptedValue);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
logger.error("Failed to encrypt field {} in {}", fieldName, obj.getClass().getName(), e);
|
||||
}
|
||||
}
|
||||
|
||||
private void decryUserObject(Object result){
|
||||
|
|
@ -119,14 +134,17 @@ public class DataEnDecryptInterceptor implements Interceptor {
|
|||
} else if (result instanceof BmProject) {
|
||||
decryptUser ((BmProject) result);
|
||||
}
|
||||
} catch (Exception ingore) {
|
||||
} catch (Exception e) {
|
||||
logger.error("Error decrypting user object", e);
|
||||
}
|
||||
}
|
||||
private void decryptUser(BmProject pro) {
|
||||
|
||||
if (pro.getTelphone() != null) {
|
||||
pro.setTelphone(Sm4Utils.decrypt(pro.getTelphone()));
|
||||
private void decryptUser(BmProject pro) {
|
||||
if (pro == null) {
|
||||
logger.warn("decryptUser: pro is null");
|
||||
return;
|
||||
}
|
||||
decryptField(pro, "telphone");
|
||||
}
|
||||
|
||||
private void decryDeptObject(Object result){
|
||||
|
|
@ -141,16 +159,31 @@ public class DataEnDecryptInterceptor implements Interceptor {
|
|||
} else if (result instanceof SysDept) {
|
||||
decryptDept ((SysDept) result);
|
||||
}
|
||||
} catch (Exception ingore) {
|
||||
} catch (Exception e) {
|
||||
logger.error("Error decrypting dept object", e);
|
||||
}
|
||||
}
|
||||
|
||||
private void decryptDept(SysDept dept) {
|
||||
if (dept.getEmail() != null) {
|
||||
dept.setEmail(Sm4Utils.decrypt(dept.getEmail()));
|
||||
if (dept == null) {
|
||||
logger.warn("decryptDept: dept is null");
|
||||
return;
|
||||
}
|
||||
if (dept.getPhone() != null) {
|
||||
dept.setPhone(Sm4Utils.decrypt(dept.getPhone()));
|
||||
decryptField(dept, "email");
|
||||
decryptField(dept, "phone");
|
||||
}
|
||||
|
||||
private void decryptField(Object obj, String fieldName) {
|
||||
try {
|
||||
Field field = obj.getClass().getDeclaredField(fieldName);
|
||||
field.setAccessible(true);
|
||||
Object value = field.get(obj);
|
||||
if (value != null && value instanceof String) {
|
||||
String decryptedValue = Sm4Utils.decrypt((String) value);
|
||||
field.set(obj, decryptedValue);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
logger.error("Failed to decrypt field {} in {}", fieldName, obj.getClass().getName(), e);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue