Inicio Explorar Ayuda
Iniciar sesión
airport
/
airport-server
Seguir 2
Destacar 0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Explorar el Código

操作日志记录支持排除敏感属性字段

RuoYi hace 3 años
padre
428255ddcf
commit
d6df1fe7b3
Se han modificado 2 ficheros con 38 adiciones y 2 borrados
Unificar vista Mostrar estadísticas de diff
  1. 14 2
      ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java
  2. 24 0
      ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/filter/PropertyPreExcludeFilter.java

+ 14 - 2
ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java
Ver fichero 

@@ -21,6 +21,7 @@ import com.ruoyi.common.core.utils.StringUtils;
21 
 import com.ruoyi.common.core.utils.ip.IpUtils;
21 
 import com.ruoyi.common.core.utils.ip.IpUtils;
22 
 import com.ruoyi.common.log.annotation.Log;
22 
 import com.ruoyi.common.log.annotation.Log;
23 
 import com.ruoyi.common.log.enums.BusinessStatus;
23 
 import com.ruoyi.common.log.enums.BusinessStatus;
24 
+import com.ruoyi.common.log.filter.PropertyPreExcludeFilter;
24 
 import com.ruoyi.common.log.service.AsyncLogService;
25 
 import com.ruoyi.common.log.service.AsyncLogService;
25 
 import com.ruoyi.common.security.utils.SecurityUtils;
26 
 import com.ruoyi.common.security.utils.SecurityUtils;
26 
 import com.ruoyi.system.api.domain.SysOperLog;
27 
 import com.ruoyi.system.api.domain.SysOperLog;

@@ -35,7 +36,10 @@ import com.ruoyi.system.api.domain.SysOperLog;
35 
 public class LogAspect
36 
 public class LogAspect
36 
 {
37 
 {
37 
     private static final Logger log = LoggerFactory.getLogger(LogAspect.class);
38 
     private static final Logger log = LoggerFactory.getLogger(LogAspect.class);
38 
-
39 
+
40 
+    /** 排除敏感属性字段 */
41 
+    public static final String[] EXCLUDE_PROPERTIES = { "password", "oldPassword", "newPassword", "confirmPassword" };
42 
+
39 
     @Autowired
43 
     @Autowired
40 
     private AsyncLogService asyncLogService;
44 
     private AsyncLogService asyncLogService;
41
45 
 

@@ -162,7 +166,7 @@ public class LogAspect
162 
                 {
166 
                 {
163 
                     try
167 
                     try
164 
                     {
168 
                     {
165 
-                        Object jsonObj = JSON.toJSON(o);
169 
+                        String jsonObj = JSON.toJSONString(o, excludePropertyPreFilter());
166 
                         params += jsonObj.toString() + " ";
170 
                         params += jsonObj.toString() + " ";
167 
                     }
171 
                     }
168 
                     catch (Exception e)
172 
                     catch (Exception e)

@@ -175,6 +179,14 @@ public class LogAspect
175 
     }
179 
     }
176
180
177 
     /**
181 
     /**
182 
+     * 忽略敏感属性
183 
+     */
184 
+    public PropertyPreExcludeFilter excludePropertyPreFilter()
185 
+    {
186 
+        return new PropertyPreExcludeFilter().addExcludes(EXCLUDE_PROPERTIES);
187 
+    }
188 
+
189 
+    /**
178 
      * 判断是否需要过滤的对象。
190 
      * 判断是否需要过滤的对象。
179 
      *
191 
      *
180 
      * @param o 对象信息。
192 
      * @param o 对象信息。

+ 24 - 0
ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/filter/PropertyPreExcludeFilter.java
Ver fichero 

@@ -0,0 +1,24 @@
1 
+package com.ruoyi.common.log.filter;
2 
+
3 
+import com.alibaba.fastjson2.filter.SimplePropertyPreFilter;
4 
+
5 
+/**
6 
+ * 排除JSON敏感属性
7 
+ *
8 
+ * @author ruoyi
9 
+ */
10 
+public class PropertyPreExcludeFilter extends SimplePropertyPreFilter
11 
+{
12 
+    public PropertyPreExcludeFilter()
13 
+    {
14 
+    }
15 
+
16 
+    public PropertyPreExcludeFilter addExcludes(String... filters)
17 
+    {
18 
+        for (int i = 0; i < filters.length; i++)
19 
+        {
20 
+            this.getExcludes().add(filters[i]);
21 
+        }
22 
+        return this;
23 
+    }
24 
+}