yexuejc007/PlayEdu
1
0
Fork 0
mirror of https://github.com/PlayEdu/PlayEdu synced 2025-06-27 23:52:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

管理员日志--入参做脱敏操作

Browse Source
This commit is contained in:
wsw 2023-07-26 22:11:00 +08:00
parent b58ee9dbc6
commit 0da1c9d0d2
1 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/main/java/xyz/playedu/api/aspectj/AdminLogAspect.java
View File

@ -15,6 +15,7 @@
*/ */
package xyz.playedu.api.aspectj; package xyz.playedu.api.aspectj;
import cn.hutool.json.JSONObject;
import cn.hutool.json.JSONUtil; import cn.hutool.json.JSONUtil;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
@ -33,6 +34,7 @@ import xyz.playedu.api.util.RequestUtil;
import xyz.playedu.api.util.StringUtil; import xyz.playedu.api.util.StringUtil;
import java.lang.reflect.Method; import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.Date; import java.util.Date;
import java.util.Map; import java.util.Map;
@ -45,6 +47,9 @@ public class AdminLogAspect {
@Autowired private AdminLogService adminLogService; @Autowired private AdminLogService adminLogService;
/** 排除敏感属性字段 */
public static final String[] EXCLUDE_PROPERTIES = { "password", "oldPassword", "newPassword", "confirmPassword" };
/** /**
* Controller层切点 注解拦截 * Controller层切点 注解拦截
*/ */
@ -98,17 +103,25 @@ public class AdminLogAspect {
} }
adminLog.setRequestMethod(request.getMethod()); adminLog.setRequestMethod(request.getMethod());
adminLog.setUrl(request.getRequestURL().toString()); adminLog.setUrl(request.getRequestURL().toString());
String params = "";
Map<String, String[]> parameterMap = request.getParameterMap(); Map<String, String[]> parameterMap = request.getParameterMap();
if (StringUtil.isNotEmpty(parameterMap)) { if (StringUtil.isNotEmpty(parameterMap)) {
String params = JSONUtil.toJsonStr(parameterMap); params = JSONUtil.toJsonStr(parameterMap);
adminLog.setParam(StringUtils.substring(params, 0, 2000));
}else { }else {
Object[] args = joinPoint.getArgs(); Object[] args = joinPoint.getArgs();
if (StringUtil.isNotNull(args)) { if (StringUtil.isNotNull(args)) {
String params = StringUtil.arrayToString(args); params = StringUtil.arrayToString(args);
adminLog.setParam(StringUtils.substring(params, 0, 2000));
} }
} }
if(StringUtil.isNotEmpty(params)){
JSONObject paramObj = JSONUtil.parseObj(params);
for(String i : Arrays.asList(EXCLUDE_PROPERTIES)){
if(paramObj.containsKey(i)){
paramObj.put(i,"******");
}
}
adminLog.setParam(StringUtils.substring(JSONUtil.toJsonStr(paramObj), 0, 2000));
}
adminLog.setResult(JSONUtil.toJsonStr(jsonResult)); adminLog.setResult(JSONUtil.toJsonStr(jsonResult));
adminLog.setIp(IpUtil.getIpAddress()); adminLog.setIp(IpUtil.getIpAddress());
adminLog.setIpArea(IpUtil.getRealAddressByIP(IpUtil.getIpAddress())); adminLog.setIpArea(IpUtil.getRealAddressByIP(IpUtil.getIpAddress()));