From 46d56a613e71d1f0452681e5d0a9fdb7b1f70427 Mon Sep 17 00:00:00 2001 From: zhouyl <583641232@qq.com> Date: Fri, 30 Aug 2024 17:52:43 +0800 Subject: [PATCH] =?UTF-8?q?:sparkles:=20=20=20=20-=E5=88=9B=E5=BB=BA?= =?UTF-8?q?=E6=95=8F=E6=84=9F=E6=95=B0=E6=8D=AE=E5=BA=93-=E8=AE=BF?= =?UTF-8?q?=E9=97=AE=E6=8E=A7=E5=88=B6=E6=A8=A1=E5=9D=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../monitor/SysOperlogController.java | 20 ++++---- .../functional/aspect/SensitiveDBAspect.java | 50 +++++++++++++++++++ ...roller.java => SensitiveDbController.java} | 12 +++-- 3 files changed, 67 insertions(+), 15 deletions(-) create mode 100644 tp-functional/src/main/java/com/inscloudtech/functional/aspect/SensitiveDBAspect.java rename tp-functional/src/main/java/com/inscloudtech/functional/controller/{TestEncryptController.java => SensitiveDbController.java} (89%) diff --git a/tp-admin/src/main/java/com/inscloudtech/web/controller/monitor/SysOperlogController.java b/tp-admin/src/main/java/com/inscloudtech/web/controller/monitor/SysOperlogController.java index 7b8343b..464b40b 100644 --- a/tp-admin/src/main/java/com/inscloudtech/web/controller/monitor/SysOperlogController.java +++ b/tp-admin/src/main/java/com/inscloudtech/web/controller/monitor/SysOperlogController.java @@ -18,7 +18,7 @@ import javax.servlet.http.HttpServletResponse; import java.util.List; /** - * 操作日志记录 + * 安全审计模块 * * @author inscloudtech */ @@ -31,7 +31,7 @@ public class SysOperlogController extends BaseController { private final ISysOperLogService operLogService; /** - * 获取操作日志记录列表 + * 获取操作记录列表 */ @SaCheckPermission("monitor:operlog:list") @GetMapping("/list") @@ -40,21 +40,21 @@ public class SysOperlogController extends BaseController { } /** - * 导出操作日志记录列表 + * 导出操作记录列表 */ - @Log(title = "操作日志", businessType = BusinessType.EXPORT) + @Log(title = "操作", businessType = BusinessType.EXPORT) @SaCheckPermission("monitor:operlog:export") @PostMapping("/export") public void export(SysOperLog operLog, HttpServletResponse response) { List list = operLogService.selectOperLogList(operLog); - ExcelUtil.exportExcel(list, "操作日志", SysOperLog.class, response); + ExcelUtil.exportExcel(list, "操作", SysOperLog.class, response); } /** - * 批量删除操作日志记录 - * @param operIds 日志ids + * 批量删除操作记录 + * @param operIds ids */ - @Log(title = "操作日志", businessType = BusinessType.DELETE) + @Log(title = "操作", businessType = BusinessType.DELETE) @SaCheckPermission("monitor:operlog:remove") @DeleteMapping("/{operIds}") public R remove(@PathVariable Long[] operIds) { @@ -62,9 +62,9 @@ public class SysOperlogController extends BaseController { } /** - * 清理操作日志记录 + * 清理操作记录 */ - @Log(title = "操作日志", businessType = BusinessType.CLEAN) + @Log(title = "操作", businessType = BusinessType.CLEAN) @SaCheckPermission("monitor:operlog:remove") @DeleteMapping("/clean") public R clean() { diff --git a/tp-functional/src/main/java/com/inscloudtech/functional/aspect/SensitiveDBAspect.java b/tp-functional/src/main/java/com/inscloudtech/functional/aspect/SensitiveDBAspect.java new file mode 100644 index 0000000..0fd46d3 --- /dev/null +++ b/tp-functional/src/main/java/com/inscloudtech/functional/aspect/SensitiveDBAspect.java @@ -0,0 +1,50 @@ +package com.inscloudtech.functional.aspect; + + + +import cn.dev33.satoken.exception.NotPermissionException; +import cn.dev33.satoken.stp.StpUtil; +import cn.hutool.core.collection.CollectionUtil; +import com.inscloudtech.common.helper.LoginHelper; +import org.aspectj.lang.JoinPoint; +import org.aspectj.lang.ProceedingJoinPoint; +import org.aspectj.lang.annotation.*; +import org.springframework.stereotype.Component; + +import java.util.List; + +@Component +@Aspect +public class SensitiveDBAspect { + + private static final String SENSITIVE_DB_PERMISSION = "system:sensitive:op"; + + private final String executeExpr = "execution(* com.inscloudtech.functional.controller.SensitiveDbController.*(..)))"; + + // 定义一个切点,拦截MyController的所有方法 + @Pointcut("execution(* com.inscloudtech.functional.controller.SensitiveDbController.*(..))") + public void myControllerPointcut() { + // 执行前置逻辑 + System.out.println("Before method: "); + } + + // 在控制器方法执行之前调用 + @Before("myControllerPointcut()") + public void beforeControllerMethod(JoinPoint joinPoint) { + LoginHelper.getLoginUser(); + List permissionList = StpUtil.getPermissionList(); + if(CollectionUtil.isEmpty(permissionList) && !permissionList.contains(SENSITIVE_DB_PERMISSION)){ + throw new RuntimeException("当前用户无敏感数据库操作权限!"); + } + + // 执行前置逻辑 + System.out.println("Before method: " + joinPoint.getSignature().getName()); + } + + // 在控制器方法执行之后调用 + @After("myControllerPointcut()") + public void afterControllerMethod(JoinPoint joinPoint) { + // 执行后置逻辑 + System.out.println("After method: " + joinPoint.getSignature().getName()); + } +} diff --git a/tp-functional/src/main/java/com/inscloudtech/functional/controller/TestEncryptController.java b/tp-functional/src/main/java/com/inscloudtech/functional/controller/SensitiveDbController.java similarity index 89% rename from tp-functional/src/main/java/com/inscloudtech/functional/controller/TestEncryptController.java rename to tp-functional/src/main/java/com/inscloudtech/functional/controller/SensitiveDbController.java index d1ef15d..b05758d 100644 --- a/tp-functional/src/main/java/com/inscloudtech/functional/controller/TestEncryptController.java +++ b/tp-functional/src/main/java/com/inscloudtech/functional/controller/SensitiveDbController.java @@ -24,8 +24,8 @@ import java.util.Map; */ @Validated @RestController -@RequestMapping("/functional/encrypt") -public class TestEncryptController { +@RequestMapping("/functional/sensitive") +public class SensitiveDbController { @Autowired private TestDemoEncryptMapper mapper; @@ -37,8 +37,8 @@ public class TestEncryptController { * 加密和解密模块测试 */ @ApiEncrypt(response = true) - @Log(title = "测试敏感数据库加解密", businessType = BusinessType.UPDATE) - @PostMapping("/de") + @Log(title = "加密和解密模块测试", businessType = BusinessType.UPDATE) + @PostMapping("/encrypt") public R> test(@RequestBody TestDemoBo bo) { if (!encryptEnable) { throw new RuntimeException("加密功能未开启!"); @@ -51,9 +51,11 @@ public class TestEncryptController { map.put("加密", demo); TestDemoEncrypt testDemo = mapper.selectById(demo.getId()); map.put("解密", testDemo); - return R.ok(map); } + + + }