bonus
/
Bonus-Cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

将所有PUT 方法修改为post,并对部门实体里的邮箱和电话号码进行加密存储

This commit is contained in:
weiweiw 2024-11-06 13:45:53 +08:00
parent 23beb395b3
commit c43a4fbf98
24 changed files with 109 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteConfigService.java
View File

@ -59,7 +59,7 @@ public interface RemoteConfigService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 修改成功影响的行数或错误码和错误消息
*/
@PutMapping
@PostMapping(value = "/config/edit")
public AjaxResult edit(@Validated @RequestBody SysConfig config, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**

4
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteDeptService.java
View File

@ -48,7 +48,7 @@ public interface RemoteDeptService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 修改成功影响的行数或错误码和错误消息
*/
@PutMapping("/dept")
@PostMapping("/dept/edit")
public AjaxResult edit(@Validated @RequestBody SysDept dept, @RequestHeader(SecurityConstants.FROM_SOURCE)String source);
/**
@ -57,6 +57,6 @@ public interface RemoteDeptService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 成功或出错信息
*/
@PostMapping("/delete/dept/{deptId}")
@PostMapping("/dept/delete/{deptId}")
public AjaxResult remove(@PathVariable("deptId") Long deptId, @RequestHeader(SecurityConstants.FROM_SOURCE)String source);
}

4
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteDictDataService.java
View File

@ -57,7 +57,7 @@ public interface RemoteDictDataService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 修改成功影响的行数或错误码和错误消息
*/
@PutMapping(value = "/dict/data")
@PostMapping(value = "/dict/data/edit")
public AjaxResult edit(@Validated @RequestBody SysDictData dict, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -66,6 +66,6 @@ public interface RemoteDictDataService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 成功或出错信息
*/
@PostMapping("/delete/dict/data/{dictCodes}")
@PostMapping("/dict/data/delete/{dictCodes}")
public AjaxResult remove(@PathVariable("dictCodes") Long[] dictCodes, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
}

4
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteDictTypeService.java
View File

@ -50,7 +50,7 @@ public interface RemoteDictTypeService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 修改成功影响的行数或错误码和错误消息
*/
@PutMapping(value = "/dict/type")
@PostMapping(value = "/dict/type/edit")
public AjaxResult edit(@Validated @RequestBody SysDictType dict, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -59,7 +59,7 @@ public interface RemoteDictTypeService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 成功或出错信息
*/
@PostMapping("/delete/dict/type/{dictIds}")
@PostMapping("/dict/type/delete/{dictIds}")
public AjaxResult remove(@PathVariable("dictIds") Long[] dictIds, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**

2
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteMenuService.java
View File

@ -67,7 +67,7 @@ public interface RemoteMenuService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 修改成功影响的行数或错误码和错误消息
*/
@PutMapping("/menu")
@PostMapping("/menu/edit")
public AjaxResult edit(@Validated @RequestBody SysMenu menu, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**

4
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteNoticeService.java
View File

@ -48,7 +48,7 @@ public interface RemoteNoticeService {
* @param source 内部请求的请求头标志使用SecurityConstants.INNER
* @return 修改公告影响行数或错误信息
*/
@PutMapping(value = "/notice")
@PostMapping(value = "/notice/edit")
public AjaxResult edit(@Validated @RequestBody SysNotice notice, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -57,6 +57,6 @@ public interface RemoteNoticeService {
* @param source 内部请求的请求头标志使用SecurityConstants.INNER
* @return 删除公告影响行数或错误信息
*/
@PostMapping("/delete/notice/{noticeIds}")
@PostMapping("/notice/delete/{noticeIds}")
public AjaxResult remove(@PathVariable("noticeIds") Long[] noticeIds, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
}

4
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemotePostService.java
View File

@ -48,7 +48,7 @@ public interface RemotePostService {
* @param source 内部请求标志使用SecurityConstants.INNER
* @return 修改岗位影响的行数或错误信息
*/
@PutMapping("/post")
@PostMapping("/post/edit")
public AjaxResult edit(@Validated @RequestBody SysPost post, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -57,7 +57,7 @@ public interface RemotePostService {
* @param source 内部请求标志使用SecurityConstants.INNER
* @return 删除岗位影响的行数或错误信息
*/
@PostMapping("/delete/post/{postIds}")
@PostMapping("/post/delete/{postIds}")
public AjaxResult remove(@PathVariable("postIds") Long[] postIds, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);

7
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteProfileService.java
View File

@ -6,10 +6,7 @@ import com.bonus.common.core.web.domain.AjaxResult;
import com.bonus.system.api.domain.SysUser;
import com.bonus.system.api.factory.RemoteRoleFallbackFactory;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.*;
/**
* @author wangvivi
@ -31,6 +28,6 @@ public interface RemoteProfileService {
* @param source 内部请求标志使用SecurityConstants.INNER
* @return 岗位列表
*/
@PutMapping
@PostMapping("/user/profile/edit")
public AjaxResult updateProfile(@RequestBody SysUser user, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
}

14
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteRoleService.java
View File

@ -50,7 +50,7 @@ public interface RemoteRoleService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 修改角色影响的行数或错误信息
*/
@PutMapping("/role")
@PostMapping("/role/edit")
public AjaxResult edit(@Validated @RequestBody SysRole role, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -59,7 +59,7 @@ public interface RemoteRoleService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 修改角色影响的行数或错误信息
*/
@PutMapping("/role/dataScope")
@PostMapping("/role/dataScope")
public AjaxResult dataScope(@RequestBody SysRole role, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -68,7 +68,7 @@ public interface RemoteRoleService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 修改角色状态影响的行数或错误信息
*/
@PutMapping("/role/changeStatus")
@PostMapping("/role/changeStatus")
public AjaxResult changeStatus(@RequestBody SysRole role, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -77,7 +77,7 @@ public interface RemoteRoleService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 删除角色影响的行数或错误信息
*/
@PostMapping("/delete/role/{roleIds}")
@PostMapping("/role/delete/{roleIds}")
public AjaxResult remove(@PathVariable("roleIds") Long[] roleIds, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -112,7 +112,7 @@ public interface RemoteRoleService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 取消用户的行数或错误信息
*/
@PutMapping("/role/authUser/cancel")
@PostMapping("/role/authUser/cancel")
public AjaxResult cancelAuthUser(@RequestBody SysUserRole userRole, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -122,7 +122,7 @@ public interface RemoteRoleService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 成功或失败消息
*/
@PutMapping("/role/authUser/cancelAll")
@PostMapping("/role/authUser/cancelAll")
public AjaxResult cancelAuthUserAll(@PathVariable("roleId")Long roleId, @PathVariable("userIds")Long[] userIds, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -132,7 +132,7 @@ public interface RemoteRoleService {
* @param source 请求来源使用SecurityConstants.INNER
* @return 成功或失败消息
*/
@PutMapping("/role/authUser/selectAll")
@PostMapping("/role/authUser/selectAll")
public AjaxResult selectAuthUserAll(@PathVariable("roleId")Long roleId, @PathVariable("userIds")Long[] userIds, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**

8
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteUserService.java
View File

@ -105,7 +105,7 @@ public interface RemoteUserService {
* @param source 请求来源
* @return 修改用户影响的行数或错误信息
*/
@PutMapping("/user/")
@PostMapping("/user/edit")
public AjaxResult edit(@Validated @RequestBody SysUser user, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -125,7 +125,7 @@ public interface RemoteUserService {
* @param source 请求来源
* @return 删除用户影响的行数或错误信息
*/
@PostMapping("/delete/user/{userIds}")
@PostMapping("/user/delete/{userIds}")
public AjaxResult remove(@PathVariable("userIds") Long[] userIds, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -135,7 +135,7 @@ public interface RemoteUserService {
* @param source 请求来源
* @return 修改用户状态的影响的行数或错误信息
*/
@PutMapping("/user/changeStatus")
@PostMapping("/user/changeStatus")
public AjaxResult changeStatus(@RequestBody SysUser user, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**
@ -156,7 +156,7 @@ public interface RemoteUserService {
* @param source 请求来源
* @return 成功授权消息或失败消息
*/
@PutMapping("/user/authRole")
@PostMapping("/user/authRole/edit")
public AjaxResult insertAuthRole(@PathVariable("userId") Long userId, @PathVariable("roleIds") Long[] roleIds, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
/**

2
bonus-modules/bonus-gen/src/main/java/com/bonus/gen/controller/GenController.java
View File

@ -118,7 +118,7 @@ public class GenController extends BaseController
* 修改保存代码生成业务
*/
@RequiresPermissions("tool:gen:edit")
@PutMapping
@PostMapping("/edit")
@SysLog(title = "代码生成", businessType = OperaType.UPDATE,logType = 0,module = "系统工具->代码生成",details = "修改保存代码生成业务")
public AjaxResult editSave(@Validated @RequestBody GenTable genTable)
{

6
bonus-modules/bonus-job/src/main/java/com/bonus/job/controller/SysJobController.java
View File

@ -116,7 +116,7 @@ public class SysJobController extends BaseController
* 修改定时任务
*/
@RequiresPermissions("monitor:job:edit")
@PutMapping
@PostMapping("edit")
@SysLog(title = "定时任务", businessType = OperaType.UPDATE,logType = 0,module = "系统监控->定时任务",details = "修改定时任务")
public AjaxResult edit(@RequestBody SysJob job) throws SchedulerException, TaskException
{
@ -152,7 +152,7 @@ public class SysJobController extends BaseController
* 定时任务状态修改
*/
@RequiresPermissions("monitor:job:changeStatus")
@PutMapping("/changeStatus")
@PostMapping("/changeStatus")
@SysLog(title = "定时任务", businessType = OperaType.UPDATE,logType = 0,module = "系统监控->定时任务",details = "定时任务状态修改")
public AjaxResult changeStatus(@RequestBody SysJob job) throws SchedulerException
{
@ -165,7 +165,7 @@ public class SysJobController extends BaseController
* 定时任务立即执行一次
*/
@RequiresPermissions("monitor:job:changeStatus")
@PutMapping("/run")
@PostMapping("/run")
@SysLog(title = "定时任务", businessType = OperaType.UPDATE,logType = 0,module = "系统监控->定时任务",details = "定时任务立即执行一次")
public AjaxResult run(@RequestBody SysJob job) throws SchedulerException
{

2
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysConfigController.java
View File

@ -120,7 +120,7 @@ public class SysConfigController extends BaseController {
* 修改参数配置
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:config:edit"))
@PutMapping
@PostMapping("/edit")
@SysLog(title = "参数配置", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->参数配置")
public AjaxResult edit(@Validated @RequestBody SysConfig config) {
try{

2
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysDeptController.java
View File

@ -112,7 +112,7 @@ public class SysDeptController extends BaseController
* 修改部门
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:dept:edit"))
@PutMapping
@PostMapping("/edit")
@SysLog(title = "部门管理", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->部门管理")
public AjaxResult edit(@Validated @RequestBody SysDept dept) {
try{

2
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysDictDataController.java
View File

@ -125,7 +125,7 @@ public class SysDictDataController extends BaseController
* 修改保存字典数据
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:dict:edit"))
@PutMapping
@PostMapping("/edit")
@SysLog(title = "字典管理", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->字典管理")
public AjaxResult edit(@Validated @RequestBody SysDictData dict) {
try{

2
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysDictTypeController.java
View File

@ -105,7 +105,7 @@ public class SysDictTypeController extends BaseController
* 修改字典类型
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:dict:edit"))
@PutMapping
@PostMapping("/edit")
@SysLog(title = "字典管理", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->字典管理")
public AjaxResult edit(@Validated @RequestBody SysDictType dict) {
try{

2
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysMenuController.java
View File

@ -134,7 +134,7 @@ public class SysMenuController extends BaseController
* 修改菜单
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:menu:edit"))
@PutMapping
@PostMapping("/edit")
@SysLog(title = "菜单管理", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->菜单管理")
public AjaxResult edit(@Validated @RequestBody SysMenu menu) {
try{

2
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysNoticeController.java
View File

@ -93,7 +93,7 @@ public class SysNoticeController extends BaseController
* 修改通知公告
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:notice:edit"))
@PutMapping
@PostMapping("/edit")
@SysLog(title = "通知公告", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->通知公告")
public AjaxResult edit(@Validated @RequestBody SysNotice notice) {
try{

2
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysPostController.java
View File

@ -109,7 +109,7 @@ public class SysPostController extends BaseController {
* 修改岗位
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:post:edit"))
@PutMapping
@PostMapping("/edit")
@SysLog(title = "岗位管理", businessType = OperaType.UPDATE, logType = 0, module = "系统管理->岗位管理")
public AjaxResult edit(@Validated @RequestBody SysPost post) {
try {

4
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysProfileController.java
View File

@ -66,7 +66,7 @@ public class SysProfileController extends BaseController {
/**
* 修改当前登录用户的个人信息
*/
@PutMapping
@PostMapping("/edit")
@SysLog(title = "个人中心", businessType = OperaType.UPDATE, logType = 0, module = "首页->个人中心")
public AjaxResult updateProfile(@RequestBody SysUser user) {
try {
@ -97,7 +97,7 @@ public class SysProfileController extends BaseController {
/**
* 重置密码
*/
@PutMapping("/updatePwd")
@PostMapping("/updatePwd")
@SysLog(title = "个人中心", businessType = OperaType.UPDATE, logType = 0, module = "首页->个人中心", details = "修改密码")
public AjaxResult updatePwd(String oldPassword, String newPassword) {
try {

12
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysRoleController.java
View File

@ -119,7 +119,7 @@ public class SysRoleController extends BaseController
* 修改保存角色
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:role:edit"))
@PutMapping
@PostMapping("/edit")
@SysLog(title = "角色管理", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->角色管理",details = "修改角色")
public AjaxResult edit(@Validated @RequestBody SysRole role) {
try{
@ -143,7 +143,7 @@ public class SysRoleController extends BaseController
* 修改保存数据权限
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:role:edit"))
@PutMapping("/dataScope")
@PostMapping("/dataScope/edit")
@SysLog(title = "角色管理", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->角色管理",details = "修改权限")
public AjaxResult dataScope(@RequestBody SysRole role) {
try{
@ -160,7 +160,7 @@ public class SysRoleController extends BaseController
* 状态修改
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:role:edit"))
@PutMapping("/changeStatus")
@PostMapping("/changeStatus")
@SysLog(title = "角色管理", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->角色管理",details = "修改角色状态")
public AjaxResult changeStatus(@RequestBody SysRole role) {
try{
@ -246,7 +246,7 @@ public class SysRoleController extends BaseController
* 取消授权用户
*/
@RequiresPermissions("system:role:edit")
@PutMapping("/authUser/cancel")
@PostMapping("/authUser/cancel")
@SysLog(title = "角色管理", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->角色管理->分配用户",details = "取消授权用户")
public AjaxResult cancelAuthUser(@RequestBody SysUserRole userRole) {
try{
@ -262,7 +262,7 @@ public class SysRoleController extends BaseController
* 批量取消授权用户
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:role:edit"))
@PutMapping("/authUser/cancelAll")
@PostMapping("/authUser/cancelAll")
@SysLog(title = "角色管理", businessType = OperaType.GRANT,logType = 0,module = "系统管理->角色管理->分配用户",details = "取消授权用户")
public AjaxResult cancelAuthUserAll(Long roleId, Long[] userIds) {
try{
@ -278,7 +278,7 @@ public class SysRoleController extends BaseController
* 批量选择用户授权
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:role:edit"))
@PutMapping("/authUser/selectAll")
@PostMapping("/authUser/selectAll")
@SysLog(title = "角色管理", businessType = OperaType.GRANT,logType = 0,module = "系统管理->角色管理->分配用户",details = "授权用户")
public AjaxResult selectAuthUserAll(Long roleId, Long[] userIds) {
try{

8
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysUserController.java
View File

@ -309,7 +309,7 @@ public class SysUserController extends BaseController {
* 修改用户
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:user:edit"))
@PutMapping
@PostMapping("/edit")
@SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 0, module = "系统管理->用户管理", details = "修改用户信息")
public AjaxResult edit(@Validated @RequestBody SysUser user) {
try {
@ -353,7 +353,7 @@ public class SysUserController extends BaseController {
* 重置密码
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:user:edit"))
@PutMapping("/resetPwd")
@PostMapping("/resetPwd")
@SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 0, module = "系统管理->用户管理", details = "重置用户密码")
public AjaxResult resetPwd(@RequestBody SysUser user) {
try {
@ -383,7 +383,7 @@ public class SysUserController extends BaseController {
* 状态修改
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:user:edit"))
@PutMapping("/changeStatus")
@PostMapping("/changeStatus")
@SysLog(title = "用户管理", businessType = OperaType.UPDATE, logType = 0, module = "系统管理->用户管理", details = "修改用户状态")
public AjaxResult changeStatus(@RequestBody SysUser user) {
try {
@ -420,7 +420,7 @@ public class SysUserController extends BaseController {
* 用户授权角色
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:user:edit"))
@PutMapping("/authRole")
@PostMapping("/authRole/edit")
@SysLog(title = "用户管理", businessType = OperaType.GRANT, logType = 0, module = "系统管理->用户管理", details = "用户授权角色")
public AjaxResult insertAuthRole(Long userId, Long[] roleIds) {
try {

68
bonus-modules/bonus-system/src/main/java/com/bonus/system/interceptor/DataEnDecryptInterceptor.java
View File

@ -1,6 +1,7 @@
package com.bonus.system.interceptor;
import com.bonus.common.core.utils.encryption.Sm4Utils;
import com.bonus.system.api.domain.SysDept;
import com.bonus.system.api.domain.SysUser;
import org.apache.ibatis.executor.parameter.ParameterHandler;
import org.apache.ibatis.executor.resultset.ResultSetHandler;
@ -17,7 +18,7 @@ import java.util.Properties;
import java.sql.Statement;
/**
* mybatis 拦截器
* 对用户邮箱和电话号码进行加密存库并从库里查询后解密
* 对用户和部门实体里的邮箱和电话号码进行加密存库并从库里查询后解密
* @author weiweiwang
*/
@Intercepts({
@ -26,6 +27,8 @@ import java.sql.Statement;
})
public class DataEnDecryptInterceptor implements Interceptor {
protected final Logger logger = LoggerFactory.getLogger(this.getClass());
final static String USER_MAPPER_ID = "com.bonus.system.mapper.SysUserMapper";
final static String DEPT_MAPPER_ID = "com.bonus.system.mapper.SysDeptMapper";
@Override
public Object intercept(Invocation invocation) throws Throwable {
try {
@ -36,10 +39,12 @@ public class DataEnDecryptInterceptor implements Interceptor {
PreparedStatement preparedStatement = (PreparedStatement) invocation.getArgs()[0];
Object parameterObject = parameterHandler.getParameterObject();
String sqlId = mappedStatement.getId();
if (!sqlId.contains("com.bonus.system.mapper.SysUserMapper"))
return invocation.proceed();
encryptObject (parameterObject);
if (sqlId.contains(USER_MAPPER_ID)){
encryptUserObject(parameterObject);
} else if (sqlId.contains(DEPT_MAPPER_ID)){
encryptDeptObject(parameterObject);
}
return invocation.proceed();
} else if (invocation.getTarget() instanceof ResultSetHandler) {
// Handle decryption after result set is obtained
@ -49,10 +54,12 @@ public class DataEnDecryptInterceptor implements Interceptor {
Object result = invocation.proceed();
String sqlId = mappedStatement.getId();
if (!sqlId.contains("com.bonus.system.mapper.SysUserMapper"))
return result;
decryObject (result);
if (sqlId.contains(USER_MAPPER_ID))
{
decryUserObject(result);
} else if (sqlId.contains(DEPT_MAPPER_ID)){
decryDeptObject(result);
}
return result;
}
@ -73,7 +80,7 @@ public class DataEnDecryptInterceptor implements Interceptor {
public void setProperties(Properties properties) {
}
private void encryptObject(Object parameterObject){
private void encryptUserObject(Object parameterObject){
if (parameterObject instanceof SysUser) {
SysUser user = (SysUser) parameterObject;
// 加密敏感字段
@ -86,7 +93,21 @@ public class DataEnDecryptInterceptor implements Interceptor {
}
}
private void decryObject(Object result){
private void encryptDeptObject(Object parameterObject) {
if (parameterObject instanceof SysDept) {
SysDept dept = (SysDept) parameterObject;
// 加密敏感字段
if (dept.getEmail() != null) {
dept.setEmail(Sm4Utils.encrypt(dept.getEmail()));
}
if (dept.getPhone() != null) {
dept.setPhone(Sm4Utils.encrypt(dept.getPhone()));
}
}
}
private void decryUserObject(Object result){
try {
if (result instanceof ArrayList) {
List<?> list = (List<?>) result;
@ -110,6 +131,31 @@ public class DataEnDecryptInterceptor implements Interceptor {
}
}
private void decryDeptObject(Object result){
try {
if (result instanceof ArrayList) {
List<?> list = (List<?>) result;
for (Object obj : list) {
if (obj instanceof SysDept) {
decryptDept ((SysDept) obj);
}
}
} else if (result instanceof SysDept) {
decryptDept ((SysDept) result);
}
} catch (Exception ingore) {
}
}
private void decryptDept(SysDept dept) {
if (dept.getEmail() != null) {
dept.setEmail(Sm4Utils.decrypt(dept.getEmail()));
}
if (dept.getPhone() != null) {
dept.setPhone(Sm4Utils.decrypt(dept.getPhone()));
}
}
private MappedStatement getMappedStatement(ParameterHandler parameterHandler) {
try {
// Use reflection to access the private field `mappedStatement` (or appropriate field)

8
sql/bns_20240604.sql
View File

@ -11,8 +11,8 @@ create table sys_dept (
dept_name varchar(30) default '' comment '部门名称',
order_num int(4) default 0 comment '显示顺序',
leader varchar(20) default null comment '负责人',
phone varchar(11) default null comment '联系电话',
email varchar(50) default null comment '邮箱',
phone varchar(255) default null comment '联系电话',
email varchar(255) default null comment '邮箱',
status char(1) default '0' comment '部门状态0正常 1停用',
del_flag char(1) default '0' comment '删除标志0代表存在 2代表删除',
create_by varchar(64) default '' comment '创建者',
@ -71,8 +71,8 @@ create table sys_user (
-- ----------------------------
-- 初始化-用户信息表数据
-- ----------------------------
insert into sys_user values(1, 103, 'bonus', '博诺思', '00', 'ry@163.com', '15888888888', '1', '', '$2a$10$5azz92OgGRyRUETz/ZJeZu1exkggPYUDRssvreywTjKk.0Pmn2Q16', '0', '0', '127.0.0.1', sysdate(), 'admin', sysdate(), '', null,sysdate(), '系统管理员','0','1','1');
insert into sys_user values(2, 103, 'audit', '博诺思', '00', 'ry@163.com', '15888888889', '1', '', '$2a$10$5azz92OgGRyRUETz/ZJeZu1exkggPYUDRssvreywTjKk.0Pmn2Q16', '0', '0', '127.0.0.1', sysdate(), 'admin', sysdate(), '', null,sysdate(),'审计管理员','0','1','1');
insert into sys_user values(1, 103, 'bonus', '博诺思', '00', '38fb2b6be1e8b9024b0140fc673f0ed245b6b82ae6464387bbe806dc68e66fa8', '4eb762402e0ce5ef9d0028e2d622c53bc8ea1d7680ea4416975e4cc23b4ef7f0', '1', '', '$2a$10$5azz92OgGRyRUETz/ZJeZu1exkggPYUDRssvreywTjKk.0Pmn2Q16', '0', '0', '127.0.0.1', sysdate(), 'admin', sysdate(), '', null,sysdate(), '系统管理员','0','1','1');
insert into sys_user values(2, 103, 'audit', '博诺思', '00', '38fb2b6be1e8b9024b0140fc673f0ed245b6b82ae6464387bbe806dc68e66fa8', '4eb762402e0ce5ef9d0028e2d622c53bc8ea1d7680ea4416975e4cc23b4ef7f0', '1', '', '$2a$10$5azz92OgGRyRUETz/ZJeZu1exkggPYUDRssvreywTjKk.0Pmn2Q16', '0', '0', '127.0.0.1', sysdate(), 'admin', sysdate(), '', null,sysdate(),'审计管理员','0','1','1');
-- ----------------------------