✨ -创建敏感数据库-访问控制模块

tp-admin/src/main/java/com/inscloudtech/web/controller/monitor/SysOperlogController.java

@@ -18,7 +18,7 @@ import javax.servlet.http.HttpServletResponse;
 import java.util.List;
 
 /**
- * 操作日志记录
+ * 安全审计模块
  *
  * @author inscloudtech
  */
@@ -31,7 +31,7 @@ public class SysOperlogController extends BaseController {
     private final ISysOperLogService operLogService;
 
     /**
-     * 获取操作日志记录列表
+     * 获取操作记录列表
      */
     @SaCheckPermission("monitor:operlog:list")
     @GetMapping("/list")
@@ -40,21 +40,21 @@ public class SysOperlogController extends BaseController {
     }
 
     /**
-     * 导出操作日志记录列表
+     * 导出操作记录列表
      */
-    @Log(title = "操作日志", businessType = BusinessType.EXPORT)
+    @Log(title = "操作", businessType = BusinessType.EXPORT)
     @SaCheckPermission("monitor:operlog:export")
     @PostMapping("/export")
     public void export(SysOperLog operLog, HttpServletResponse response) {
         List<SysOperLog> list = operLogService.selectOperLogList(operLog);
-        ExcelUtil.exportExcel(list, "操作日志", SysOperLog.class, response);
+        ExcelUtil.exportExcel(list, "操作", SysOperLog.class, response);
     }
 
     /**
-     * 批量删除操作日志记录
-     * @param operIds 日志ids
+     * 批量删除操作记录
+     * @param operIds ids
      */
-    @Log(title = "操作日志", businessType = BusinessType.DELETE)
+    @Log(title = "操作", businessType = BusinessType.DELETE)
     @SaCheckPermission("monitor:operlog:remove")
     @DeleteMapping("/{operIds}")
     public R<Void> remove(@PathVariable Long[] operIds) {
@@ -62,9 +62,9 @@ public class SysOperlogController extends BaseController {
     }
 
     /**
-     * 清理操作日志记录
+     * 清理操作记录
      */
-    @Log(title = "操作日志", businessType = BusinessType.CLEAN)
+    @Log(title = "操作", businessType = BusinessType.CLEAN)
     @SaCheckPermission("monitor:operlog:remove")
     @DeleteMapping("/clean")
     public R<Void> clean() {

tp-functional/src/main/java/com/inscloudtech/functional/aspect/SensitiveDBAspect.java

@@ -0,0 +1,50 @@
+package com.inscloudtech.functional.aspect;
+
+
+
+import cn.dev33.satoken.exception.NotPermissionException;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.collection.CollectionUtil;
+import com.inscloudtech.common.helper.LoginHelper;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.*;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+@Component
+@Aspect
+public class SensitiveDBAspect {
+
+    private static final String SENSITIVE_DB_PERMISSION = "system:sensitive:op";
+
+    private final String executeExpr = "execution(* com.inscloudtech.functional.controller.SensitiveDbController.*(..)))";
+
+    // 定义一个切点，拦截MyController的所有方法
+    @Pointcut("execution(* com.inscloudtech.functional.controller.SensitiveDbController.*(..))")
+    public void myControllerPointcut() {
+        // 执行前置逻辑
+        System.out.println("Before method: ");
+    }
+
+    // 在控制器方法执行之前调用
+    @Before("myControllerPointcut()")
+    public void beforeControllerMethod(JoinPoint joinPoint) {
+        LoginHelper.getLoginUser();
+        List<String> permissionList = StpUtil.getPermissionList();
+        if(CollectionUtil.isEmpty(permissionList) && !permissionList.contains(SENSITIVE_DB_PERMISSION)){
+           throw new RuntimeException("当前用户无敏感数据库操作权限！");
+        }
+
+        // 执行前置逻辑
+        System.out.println("Before method: " + joinPoint.getSignature().getName());
+    }
+
+    // 在控制器方法执行之后调用
+    @After("myControllerPointcut()")
+    public void afterControllerMethod(JoinPoint joinPoint) {
+        // 执行后置逻辑
+        System.out.println("After method: " + joinPoint.getSignature().getName());
+    }
+}

tp-functional/src/main/java/com/inscloudtech/functional/controller/TestEncryptController.java → tp-functional/src/main/java/com/inscloudtech/functional/controller/SensitiveDbController.java

@@ -24,8 +24,8 @@ import java.util.Map;
  */
 @Validated
 @RestController
-@RequestMapping("/functional/encrypt")
-public class TestEncryptController {
+@RequestMapping("/functional/sensitive")
+public class SensitiveDbController {
 
     @Autowired
     private TestDemoEncryptMapper mapper;
@@ -37,8 +37,8 @@ public class TestEncryptController {
      * 加密和解密模块测试
      */
     @ApiEncrypt(response = true)
-    @Log(title = "测试敏感数据库加解密", businessType = BusinessType.UPDATE)
-    @PostMapping("/de")
+    @Log(title = "加密和解密模块测试", businessType = BusinessType.UPDATE)
+    @PostMapping("/encrypt")
     public R<Map<String, TestDemoEncrypt>> test(@RequestBody TestDemoBo bo) {
         if (!encryptEnable) {
             throw new RuntimeException("加密功能未开启!");
@@ -51,9 +51,11 @@ public class TestEncryptController {
         map.put("加密", demo);
         TestDemoEncrypt testDemo = mapper.selectById(demo.getId());
         map.put("解密", testDemo);
-
         return R.ok(map);
     }
 
 
+
+
+
 }