From 1fc05560eee20f5f68e625416b8a65655ea87fd6 Mon Sep 17 00:00:00 2001 From: "liang.chao" <1360241448@qq.com> Date: Wed, 10 Sep 2025 16:06:18 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0ip=E8=84=B1=E6=95=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../system/SysIpWhitelistController.java | 17 ++++- .../web/domain/ArchivalCatalogueDto.java | 5 ++ .../bonus/common/utils/DesensitizedUtil.java | 48 +++++++++----- .../com/bonus/common/utils/StringUtils.java | 62 +++++++++++++++++++ .../bonus/system/domain/SysIpWhitelist.java | 5 ++ .../impl/SysIpWhitelistServiceImpl.java | 2 + 6 files changed, 122 insertions(+), 17 deletions(-) diff --git a/bonus-admin/src/main/java/com/bonus/web/controller/system/SysIpWhitelistController.java b/bonus-admin/src/main/java/com/bonus/web/controller/system/SysIpWhitelistController.java index d1d65b9..1c982ac 100644 --- a/bonus-admin/src/main/java/com/bonus/web/controller/system/SysIpWhitelistController.java +++ b/bonus-admin/src/main/java/com/bonus/web/controller/system/SysIpWhitelistController.java @@ -6,11 +6,15 @@ import com.bonus.common.core.controller.BaseController; import com.bonus.common.core.domain.R; import com.bonus.common.core.page.TableDataInfo; import com.bonus.common.enums.OperaType; +import com.bonus.common.utils.StringUtils; import com.bonus.system.domain.SysIpWhitelist; import com.bonus.system.service.ISysIpWhitelistService; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import com.bonus.common.utils.poi.ExcelUtil; +import com.bonus.common.utils.DesensitizedUtil; + import javax.servlet.http.HttpServletResponse; import java.util.ArrayList; import java.util.List; @@ -37,6 +41,9 @@ public class SysIpWhitelistController extends BaseController { try { startPage(); List list = sysIpWhitelistService.selectSysIpWhitelistList(sysIpWhitelist); + for (SysIpWhitelist ipWhitelist : list) { + ipWhitelist.setIpAddressDes(DesensitizedUtil.ipMiddle(ipWhitelist.getIpAddress())); + } return getDataTable(list); } catch (Exception e) { return getDataTable(new ArrayList<>()); @@ -72,7 +79,10 @@ public class SysIpWhitelistController extends BaseController { @RequiresPermissions("system:whitelist:add") @PostMapping("/add") @SysLog(title = "新增白名单", businessType = OperaType.INSERT, logType = 1, module = "系统管理->新增白名单", details = "新增白名单") - public R add(@RequestBody SysIpWhitelist sysIpWhitelist) { + public R add(@RequestBody @Validated SysIpWhitelist sysIpWhitelist) { + if (!StringUtils.isValidIp(sysIpWhitelist.getIpAddress())) { + return R.fail("请输入正确的IP地址"); + } return sysIpWhitelistService.insertSysIpWhitelist(sysIpWhitelist); } @@ -82,7 +92,10 @@ public class SysIpWhitelistController extends BaseController { @RequiresPermissions("system:whitelist:edit") @PostMapping("/edit") @SysLog(title = "修改白名单", businessType = OperaType.UPDATE, logType = 1, module = "系统管理->修改白名单", details = "修改白名单") - public R edit(@RequestBody SysIpWhitelist sysIpWhitelist) { + public R edit(@RequestBody @Validated SysIpWhitelist sysIpWhitelist) { + if (!StringUtils.isValidIp(sysIpWhitelist.getIpAddress())) { + return R.fail("请输入正确的IP地址"); + } return sysIpWhitelistService.updateSysIpWhitelist(sysIpWhitelist); } diff --git a/bonus-admin/src/main/java/com/bonus/web/domain/ArchivalCatalogueDto.java b/bonus-admin/src/main/java/com/bonus/web/domain/ArchivalCatalogueDto.java index f01e677..8c0ad55 100644 --- a/bonus-admin/src/main/java/com/bonus/web/domain/ArchivalCatalogueDto.java +++ b/bonus-admin/src/main/java/com/bonus/web/domain/ArchivalCatalogueDto.java @@ -2,6 +2,8 @@ package com.bonus.web.domain; import lombok.Data; +import javax.validation.constraints.NotBlank; +import javax.validation.constraints.NotNull; import java.util.ArrayList; import java.util.List; @@ -13,12 +15,15 @@ import java.util.List; @Data public class ArchivalCatalogueDto { private Integer id; + @NotBlank(message = "分类名称或文件题名不能为空") private String contentName; private String parentName; + @NotNull(message = "上级节点不能为空") private Integer parentId; private Integer level; private Integer sort; private String markCode; + @NotBlank(message = "请选择档案分类") private String term; private String unitName; private String major; diff --git a/bonus-common/src/main/java/com/bonus/common/utils/DesensitizedUtil.java b/bonus-common/src/main/java/com/bonus/common/utils/DesensitizedUtil.java index d5223b7..27acfc3 100644 --- a/bonus-common/src/main/java/com/bonus/common/utils/DesensitizedUtil.java +++ b/bonus-common/src/main/java/com/bonus/common/utils/DesensitizedUtil.java @@ -5,18 +5,15 @@ package com.bonus.common.utils; * * @author bonus */ -public class DesensitizedUtil -{ +public class DesensitizedUtil { /** * 密码的全部字符都用*代替,比如:****** * * @param password 密码 * @return 脱敏后的密码 */ - public static String password(String password) - { - if (StringUtils.isBlank(password)) - { + public static String password(String password) { + if (StringUtils.isBlank(password)) { return StringUtils.EMPTY; } return StringUtils.repeat('*', password.length()); @@ -28,22 +25,43 @@ public class DesensitizedUtil * @param carLicense 完整的车牌号 * @return 脱敏后的车牌 */ - public static String carLicense(String carLicense) - { - if (StringUtils.isBlank(carLicense)) - { + public static String carLicense(String carLicense) { + if (StringUtils.isBlank(carLicense)) { return StringUtils.EMPTY; } // 普通车牌 - if (carLicense.length() == 7) - { + if (carLicense.length() == 7) { carLicense = StringUtils.hide(carLicense, 3, 6); - } - else if (carLicense.length() == 8) - { + } else if (carLicense.length() == 8) { // 新能源车牌 carLicense = StringUtils.hide(carLicense, 3, 7); } return carLicense; } + + public static String ipMiddle(String ip) { + if (StringUtils.isBlank(ip)) { + return StringUtils.EMPTY; + } + + String[] parts = ip.split("\\."); + if (parts.length != 4) { + // 非标准 IPv4 格式 + return "xxx.xxx.xxx.xxx"; + } + + // 验证每一段是否为有效数字(0-255) + for (String part : parts) { + if (!StringUtils.isNumeric(part)) { + return "xxx.xxx.xxx.xxx"; + } + int num = Integer.parseInt(part); + if (num < 0 || num > 255) { + return "xxx.xxx.xxx.xxx"; + } + } + + // 保留第1段和第4段,中间两段脱敏 + return parts[0] + ".*.*." + parts[3]; + } } diff --git a/bonus-common/src/main/java/com/bonus/common/utils/StringUtils.java b/bonus-common/src/main/java/com/bonus/common/utils/StringUtils.java index d650272..6ea8668 100644 --- a/bonus-common/src/main/java/com/bonus/common/utils/StringUtils.java +++ b/bonus-common/src/main/java/com/bonus/common/utils/StringUtils.java @@ -821,4 +821,66 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils // 比较校验码 return idCard.charAt(17) == checkCode; } + + /** + * 校验是否为合法的 IPv4 地址 + * 规则: + * - 必须是 a.b.c.d 四段格式 + * - 每段为 0-255 的整数 + * - 不允许前导零(如 192.168.01.1 非法) + * - 不包含空格或非法字符 + * + * @param ip 待校验的 IP 字符串 + * @return true 表示合法,false 表示非法 + */ + public static boolean isValidIp(String ip) { + if (StringUtils.isBlank(ip)) { + return false; + } + + // 去除首尾空格 + ip = ip.trim(); + + // 分割 + String[] parts = ip.split("\\.", -1); // 使用 -1 保留末尾空字段 + if (parts.length != 4) { + return false; + } + + for (String part : parts) { + // 检查是否为空 + if (StringUtils.isEmpty(part)) { + return false; + } + + // 不允许有空格 + if (part.contains(" ")) { + return false; + } + + // 检查是否全为数字 + if (!StringUtils.isNumeric(part)) { + return false; + } + + // 转换为整数 + try { + int num = Integer.parseInt(part); + + // 范围检查 + if (num < 0 || num > 255) { + return false; + } + + // 检查前导零:如 "01"、"00"、"001" 都不允许 + if (part.length() > 1 && part.startsWith("0")) { + return false; + } + } catch (NumberFormatException e) { + return false; + } + } + + return true; + } } diff --git a/bonus-system/src/main/java/com/bonus/system/domain/SysIpWhitelist.java b/bonus-system/src/main/java/com/bonus/system/domain/SysIpWhitelist.java index 04600fb..e4343e6 100644 --- a/bonus-system/src/main/java/com/bonus/system/domain/SysIpWhitelist.java +++ b/bonus-system/src/main/java/com/bonus/system/domain/SysIpWhitelist.java @@ -1,6 +1,8 @@ package com.bonus.system.domain; import com.fasterxml.jackson.annotation.JsonFormat; import lombok.Data; + +import javax.validation.constraints.NotBlank; import java.util.Date; /** * @className:SysIpWhitelist @@ -13,7 +15,10 @@ import java.util.Date; public class SysIpWhitelist { private Long id; + @NotBlank(message = "IP地址不能为空") private String ipAddress; + // 脱敏ip地址 + private String ipAddressDes; private String ipRangeStart; private String ipRangeEnd; diff --git a/bonus-system/src/main/java/com/bonus/system/service/impl/SysIpWhitelistServiceImpl.java b/bonus-system/src/main/java/com/bonus/system/service/impl/SysIpWhitelistServiceImpl.java index 260a998..f1928e7 100644 --- a/bonus-system/src/main/java/com/bonus/system/service/impl/SysIpWhitelistServiceImpl.java +++ b/bonus-system/src/main/java/com/bonus/system/service/impl/SysIpWhitelistServiceImpl.java @@ -2,6 +2,7 @@ package com.bonus.system.service.impl; import com.bonus.common.core.domain.R; import com.bonus.common.core.redis.RedisCache; +import com.bonus.common.utils.DesensitizedUtil; import com.bonus.system.domain.SysIpWhitelist; import com.bonus.system.mapper.SysIpWhitelistMapper; import com.bonus.system.service.ISysIpWhitelistService; @@ -57,6 +58,7 @@ public class SysIpWhitelistServiceImpl implements ISysIpWhitelistService { if (ObjectUtils.isEmpty(sysIpWhitelist)) { return R.fail(); } else { + sysIpWhitelist.setIpAddressDes(DesensitizedUtil.ipMiddle(sysIpWhitelist.getIpAddress())); return R.ok(sysIpWhitelist); } } catch (Exception e) {