haozq
/
lj-zhgd-ht
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

文件导出修改

This commit is contained in:
haozq 2024-07-01 15:16:01 +08:00
parent ac69133915
commit c7d5310aeb
11 changed files with 1461 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/HttpStatus.java
View File

@ -91,4 +91,5 @@ public class HttpStatus
* 系统警告消息
*/
public static final int WARN = 601;
}

4
bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/ServletUtils.java
View File

@ -335,10 +335,10 @@ public class ServletUtils
if(jimi){
String responseData= AesCbcUtils.encrypt( JSON.toJSONString(result));
maps.put("data",responseData);
maps.put(SystemGlobal.KEY_HEAD,true);
maps.put(SystemGlobal.KEY_DECRYPT,true);
}else{
maps.put("data",result);
maps.put(SystemGlobal.KEY_HEAD,false);
maps.put(SystemGlobal.KEY_DECRYPT,false);
}
DataBuffer dataBuffer = response.bufferFactory().wrap(JSON.toJSONString(maps).getBytes());
return response.writeWith(Mono.just(dataBuffer));

2
bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/encryption/AesCbcUtils.java
View File

@ -81,7 +81,7 @@ public class AesCbcUtils {
String json="{\"username\":\"guest\",\"password\":\"admin@123\"}";
String data=encrypt(json);
System.err.println(data);
String jm=decrypt("2RfVUupHD1a5WfiAF/uN2jS788R0Xz4POr7YNzqZFzlXt70upWGYHPq9P7lDPHb9+Uabtx3gX9ASDgdj2csPe6Td7FECUhVDkzR624fECeU=");
String jm=decrypt("HpouTnMjl/Of1leko+SHm3D436XwOROzSOhMqU0ZNUISeD/iXPK9t49sMEuBw3YO");
String jiemi=decrypt(data);
System.err.println(jm);
System.err.println(jiemi);

10
bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/global/SystemGlobal.java
View File

@ -15,10 +15,14 @@ public class SystemGlobal {
public static String FORM_DATA="formData";
/**
* 加密字段
*
* 解密头
*/
public final static String KEY_HEAD="decrypt";
public final static String KEY_DECRYPT="decrypt";
/**
* 加密头
*/
public final static String KEY_ENCRYPT ="encryption";
/**
* 成功的200 字符串
*/

14
bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/web/controller/BaseController.java
View File

@ -69,7 +69,19 @@ public class BaseController
rspData.setTotal(new PageInfo(list).getTotal());
return rspData;
}
/**
* 响应请求分页数据
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
protected TableDataInfo getDataTableError(List<?> list)
{
TableDataInfo rspData = new TableDataInfo();
rspData.setCode(HttpStatus.ERROR);
rspData.setRows(list);
rspData.setMsg("系统错误,请联系管理员");
rspData.setTotal(new PageInfo(list).getTotal());
return rspData;
}
/**
* 返回成功
*/

8
bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/interceptor/ParamSecureHandler.java
View File

@ -58,11 +58,13 @@ public class ParamSecureHandler implements AsyncHandlerInterceptor {
if(isFileUpload(request)){
return true;
}
XssRequestWrapper requestWrapper = new XssRequestWrapper(request);
String requestUrl = requestWrapper.getRequestURI();
/**
* 防止refer篡改
*/
if("/operlog/addLogs".equals(requestUrl)){
return true;
}
/**
* 白名单中不验证参数
*/

18
bonus-gateway/src/main/java/com/bonus/gateway/filter/AecDecryptParamFilter.java
View File

@ -4,6 +4,7 @@ import com.bonus.common.core.exception.CaptchaException;
import com.bonus.common.core.utils.StringUtils;
import com.bonus.common.core.utils.encryption.AesCbcUtils;
import com.bonus.common.core.utils.global.CommonConstant;
import com.bonus.common.core.utils.global.SystemGlobal;
import com.bonus.gateway.module.GatewayContext;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
@ -67,10 +68,17 @@ public class AecDecryptParamFilter extends AbstractGatewayFilterFactory {
if (HttpMethod.DELETE.matches(serverHttpRequest.getMethodValue())) {
return chain.filter(exchange);
}
String contentType=serverHttpRequest.getHeaders().get("Content-Type").toString();
if (contentType.contains(MULTIPART_FORM_DATA_VALUE)){
return chain.filter(exchange);
HttpHeaders heard=serverHttpRequest.getHeaders();
if(heard!=null){
Object object=heard.getFirst("Content-Type");
if(object!=null){
String contentType=object.toString();
if (contentType.contains(MULTIPART_FORM_DATA_VALUE)){
return chain.filter(exchange);
}
}
}
byte[] decrypBytes;
GatewayContext gatewayContext = exchange.getAttribute(GatewayContext.CACHE_GATEWAY_CONTEXT);
if(StringUtils.isEmpty(gatewayContext.getCacheBody())){
@ -84,9 +92,9 @@ public class AecDecryptParamFilter extends AbstractGatewayFilterFactory {
}
}
//强制加密
return CommonConstant.buildResponse(exchange, HttpStatus.BAD_REQUEST.value(), "请求参数不正确!");
// return CommonConstant.buildResponse(exchange, HttpStatus.BAD_REQUEST.value(), "请求参数不正确!");
//未强制加密
// return chain.filter(exchange);
return chain.filter(exchange);
}
try {
// 获取request body

34
bonus-gateway/src/main/java/com/bonus/gateway/filter/RequestCoverFilter.java
View File

@ -1,6 +1,8 @@
package com.bonus.gateway.filter;
import com.bonus.common.core.utils.StringUtils;
import com.bonus.common.core.utils.encryption.AesCbcUtils;
import com.bonus.common.core.utils.global.CommonConstant;
import com.bonus.common.core.utils.global.SystemGlobal;
import com.bonus.gateway.module.GatewayContext;
import io.netty.buffer.ByteBufAllocator;
@ -14,6 +16,7 @@ import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.core.io.buffer.NettyDataBufferFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.codec.HttpMessageReader;
import org.springframework.http.server.reactive.ServerHttpRequest;
@ -21,6 +24,7 @@ import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.stereotype.Component;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.util.ObjectUtils;
import org.springframework.web.reactive.function.server.HandlerStrategies;
import org.springframework.web.reactive.function.server.ServerRequest;
import org.springframework.web.server.ServerWebExchange;
@ -72,7 +76,6 @@ public class RequestCoverFilter implements GlobalFilter, Ordered {
String charsetName = charset.name();
MultiValueMap<String, String> formData = gatewayContext.getFormData();
MultiValueMap<String, String> formData2=new LinkedMultiValueMap<>();
/**
* formData is empty just return
*/
@ -81,13 +84,28 @@ public class RequestCoverFilter implements GlobalFilter, Ordered {
}
//是否进行加密
if(jaData){
String data= AesCbcUtils.decrypt(formData.get(SystemGlobal.FORM_DATA).toString());
String[] params=data.split("&");
for (int i = 0; i < params.length; i++) {
String[] param=params[i].split("=");
formData2.add(param[0],param[1]);
}
formData=formData2;
Object obj= formData.get(SystemGlobal.FORM_DATA);
if(!ObjectUtils.isEmpty(obj)){
String data= obj.toString();
data=AesCbcUtils.decrypt(data);
if(StringUtils.isEmpty(data)){
return CommonConstant.buildResponse(exchange, HttpStatus.BAD_REQUEST.value(), "请输入正确的请求参数");
}
String[] params=data.split("&");
for (int i = 0; i < params.length; i++) {
String[] param=params[i].split("=");
formData2.add(param[0],param[1]);
}
formData=formData2;
}else{
//如果是空的 是否去除了加密
ServerHttpRequest serverHttpRequest = exchange.getRequest();
String head= serverHttpRequest.getHeaders().getFirst(SystemGlobal.KEY_DECRYPT);
if(StringUtils.isNotEmpty(head) && !SystemGlobal.KEY_DECRYPT.equals(head)){
return CommonConstant.buildResponse(exchange, HttpStatus.BAD_REQUEST.value(), "请输入正确的请求参数");
}
}
}
StringBuilder formDataBodyBuilder = new StringBuilder();
String entryKey;

16
bonus-gateway/src/main/java/com/bonus/gateway/filter/ResponseEncryptFilter.java
View File

@ -53,11 +53,17 @@ public class ResponseEncryptFilter implements GlobalFilter, Ordered {
ServerHttpRequest request = exchange.getRequest();
URI uri = request.getURI();
String url = uri.getPath();
HttpHeaders headers=request.getHeaders();
if(headers!=null){
Object object=headers.get("Content-Type");
Object object=headers.getFirst("Content-Type");
Object head=headers.getFirst(SystemGlobal.KEY_ENCRYPT);
if (head!=null){
String keyHead=head.toString();
if (SystemGlobal.KEY_ENCRYPT.equals(keyHead)){
return chain.filter(exchange);
}
}
if(object!=null){
String contentType=object.toString();
if (contentType.contains(MULTIPART_FORM_DATA_VALUE)){
@ -113,16 +119,16 @@ public class ResponseEncryptFilter implements GlobalFilter, Ordered {
String responseData = new String(content, Charsets.UTF_8);
System.out.println(responseData);
Map map = JSON.parseObject(responseData);
Object encrypt = map.get(SystemGlobal.KEY_HEAD);
Object encrypt = map.get(SystemGlobal.KEY_DECRYPT);
Map maps= Maps.newHashMap();
if(encrypt==null || encrypt=="" || SystemGlobal.TRUE_STR.equals(encrypt)){
responseData = AesCbcUtils.encrypt(JSON.toJSONString(map));
maps.put("data",responseData);
maps.put(SystemGlobal.KEY_HEAD,true);
maps.put(SystemGlobal.KEY_DECRYPT,true);
responseData=JSON.toJSONString(maps);
}else{
maps.put("data",responseData);
maps.put(SystemGlobal.KEY_HEAD,false);
maps.put(SystemGlobal.KEY_DECRYPT,false);
}
byte[] uppedContent = responseData.getBytes(Charsets.UTF_8);
originalResponse.getHeaders().setContentLength(uppedContent.length);

25
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysConfigController.java
View File

@ -1,7 +1,12 @@
package com.bonus.system.controller;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.http.HttpServletResponse;
import com.bonus.common.log.annotation.SysLog;
import com.bonus.common.log.enums.OperaType;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
@ -30,6 +35,7 @@ import com.bonus.system.service.ISysConfigService;
*/
@RestController
@RequestMapping("/config")
@Slf4j
public class SysConfigController extends BaseController
{
@Autowired
@ -40,18 +46,23 @@ public class SysConfigController extends BaseController
*/
@RequiresPermissions("system:config:list")
@GetMapping("/list")
public TableDataInfo list(SysConfig config)
{
startPage();
List<SysConfig> list = configService.selectConfigList(config);
return getDataTable(list);
@SysLog(title = "参数配置", businessType = OperaType.QUERY,logType = 0,module = "系统管理->参数配置")
public TableDataInfo list(SysConfig config) {
try{
startPage();
List<SysConfig> list = configService.selectConfigList(config);
return getDataTable(list);
}catch (Exception e){
log.error(e.toString(),e);
}
return getDataTableError(new ArrayList<SysConfig>());
}
@Log(title = "参数管理", businessType = BusinessType.EXPORT)
@RequiresPermissions("system:config:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysConfig config)
{
@SysLog(title = "参数配置", businessType = OperaType.EXPORT,logType = 0,module = "系统管理->参数配置")
public void export(HttpServletResponse response, SysConfig config) {
List<SysConfig> list = configService.selectConfigList(config);
ExcelUtil<SysConfig> util = new ExcelUtil<SysConfig>(SysConfig.class);
util.exportExcel(response, list, "参数数据");

1364
logs/bonus-auth/log/error.2024-06-27.log Normal file
View File

File diff suppressed because it is too large Load Diff