✨ -创建敏感数据库-访问控制模块

1 year ago · 46d56a613e
3 changed files with 67 additions and 15 deletions
--- a/tp-admin/src/main/java/com/inscloudtech/web/controller/monitor/SysOperlogController.java
+++ b/tp-admin/src/main/java/com/inscloudtech/web/controller/monitor/SysOperlogController.java
@ -18,7 +18,7 @@ import javax.servlet.http.HttpServletResponse;
 import java.util.List;

 /**
- * 操作日志记录
+ * 安全审计模块
 *
 * @author inscloudtech
 */
@ -31,7 +31,7 @@ public class SysOperlogController extends BaseController {
    private final ISysOperLogService operLogService;

    /**
-     * 获取操作日志记录列表
+     * 获取操作记录列表
     */
    @SaCheckPermission("monitor:operlog:list")
    @GetMapping("/list")
@ -40,21 +40,21 @@ public class SysOperlogController extends BaseController {
    }

    /**
-     * 导出操作日志记录列表
+     * 导出操作记录列表
     */
-    @Log(title = "操作日志", businessType = BusinessType.EXPORT)
+    @Log(title = "操作", businessType = BusinessType.EXPORT)
    @SaCheckPermission("monitor:operlog:export")
    @PostMapping("/export")
    public void export(SysOperLog operLog, HttpServletResponse response) {
        List<SysOperLog> list = operLogService.selectOperLogList(operLog);
-        ExcelUtil.exportExcel(list, "操作日志", SysOperLog.class, response);
+        ExcelUtil.exportExcel(list, "操作", SysOperLog.class, response);
    }

    /**
-     * 批量删除操作日志记录
-     * @param operIds 日志ids
+     * 批量删除操作记录
+     * @param operIds ids
     */
-    @Log(title = "操作日志", businessType = BusinessType.DELETE)
+    @Log(title = "操作", businessType = BusinessType.DELETE)
    @SaCheckPermission("monitor:operlog:remove")
    @DeleteMapping("/{operIds}")
    public R<Void> remove(@PathVariable Long[] operIds) {
@ -62,9 +62,9 @@ public class SysOperlogController extends BaseController {
    }

    /**
-     * 清理操作日志记录
+     * 清理操作记录
     */
-    @Log(title = "操作日志", businessType = BusinessType.CLEAN)
+    @Log(title = "操作", businessType = BusinessType.CLEAN)
    @SaCheckPermission("monitor:operlog:remove")
    @DeleteMapping("/clean")
    public R<Void> clean() {
--- a/tp-functional/src/main/java/com/inscloudtech/functional/aspect/SensitiveDBAspect.java
+++ b/tp-functional/src/main/java/com/inscloudtech/functional/aspect/SensitiveDBAspect.java
@ -0,0 +1,50 @@
+package com.inscloudtech.functional.aspect;
+
+
+
+import cn.dev33.satoken.exception.NotPermissionException;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.collection.CollectionUtil;
+import com.inscloudtech.common.helper.LoginHelper;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.*;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+@Component
+@Aspect
+public class SensitiveDBAspect {
+
+    private static final String SENSITIVE_DB_PERMISSION = "system:sensitive:op";
+
+    private final String executeExpr = "execution(* com.inscloudtech.functional.controller.SensitiveDbController.*(..)))";
+
+    // 定义一个切点，拦截MyController的所有方法
+    @Pointcut("execution(* com.inscloudtech.functional.controller.SensitiveDbController.*(..))")
+    public void myControllerPointcut() {
+        // 执行前置逻辑
+        System.out.println("Before method: ");
+    }
+
+    // 在控制器方法执行之前调用
+    @Before("myControllerPointcut()")
+    public void beforeControllerMethod(JoinPoint joinPoint) {
+        LoginHelper.getLoginUser();
+        List<String> permissionList = StpUtil.getPermissionList();
+        if(CollectionUtil.isEmpty(permissionList) && !permissionList.contains(SENSITIVE_DB_PERMISSION)){
+           throw new RuntimeException("当前用户无敏感数据库操作权限！");
+        }
+
+        // 执行前置逻辑
+        System.out.println("Before method: " + joinPoint.getSignature().getName());
+    }
+
+    // 在控制器方法执行之后调用
+    @After("myControllerPointcut()")
+    public void afterControllerMethod(JoinPoint joinPoint) {
+        // 执行后置逻辑
+        System.out.println("After method: " + joinPoint.getSignature().getName());
+    }
+}
--- a/tp-functional/src/main/java/com/inscloudtech/functional/controller/SensitiveDbController.java
+++ b/tp-functional/src/main/java/com/inscloudtech/functional/controller/SensitiveDbController.java
@ -24,8 +24,8 @@ import java.util.Map;
 */
@Validated
@RestController
-@RequestMapping("/functional/encrypt")
-public class TestEncryptController {
+@RequestMapping("/functional/sensitive")
+public class SensitiveDbController {

    @Autowired
    private TestDemoEncryptMapper mapper;
@ -37,8 +37,8 @@ public class TestEncryptController {
     * 加密和解密模块测试
     */
    @ApiEncrypt(response = true)
-    @Log(title = "测试敏感数据库加解密", businessType = BusinessType.UPDATE)
-    @PostMapping("/de")
+    @Log(title = "加密和解密模块测试", businessType = BusinessType.UPDATE)
+    @PostMapping("/encrypt")
    public R<Map<String, TestDemoEncrypt>> test(@RequestBody TestDemoBo bo) {
        if (!encryptEnable) {
            throw new RuntimeException("加密功能未开启!");
@ -51,9 +51,11 @@ public class TestEncryptController {
        map.put("加密", demo);
        TestDemoEncrypt testDemo = mapper.selectById(demo.getId());
        map.put("解密", testDemo);
-
        return R.ok(map);
    }


+
+
+
 }