yexuejc007/PlayEdu
1
0
Fork 0
mirror of https://github.com/PlayEdu/PlayEdu synced 2025-06-28 16:22:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

added: 数据权限

Browse Source
This commit is contained in:
none 2023-03-03 11:12:36 +08:00
parent c7f566f00d
commit 86d507cc98
9 changed files with 160 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/main/java/xyz/playedu/api/PlayEduBackendThreadLocal.java
View File

@ -2,12 +2,17 @@ package xyz.playedu.api;
import xyz.playedu.api.domain.AdminUser;
import java.util.HashMap;
import java.util.LinkedHashMap;
public class PlayEduBackendThreadLocal {
private static final java.lang.ThreadLocal<LinkedHashMap<String, Object>> THREAD_LOCAL = new java.lang.ThreadLocal<>();
public final static String KEY_ADMIN_USER_ID = "admin_id";
public final static String KEY_ADMIN_USER = "admin_user";
public final static String KEY_ADMIN_PER = "admin_per";
public PlayEduBackendThreadLocal() {
}
@ -25,19 +30,27 @@ public class PlayEduBackendThreadLocal {
}
public static Integer getAdminUserID() {
return (Integer) get("admin_user_id");
return (Integer) get(KEY_ADMIN_USER_ID);
}
public static void setAdminUserId(Integer userId) {
put("admin_user_id", userId);
put(KEY_ADMIN_USER_ID, userId);
}
public static AdminUser getAdminUser() {
return (AdminUser) get("admin_user");
return (AdminUser) get(KEY_ADMIN_USER);
}
public static void setAdminUser(AdminUser adminUser) {
put("admin_user", adminUser);
put(KEY_ADMIN_USER, adminUser);
}
public static void setAdminPer(HashMap<String, Boolean> permissions) {
put(KEY_ADMIN_PER, permissions);
}
public static HashMap<String, Boolean> getAdminPer() {
return (HashMap<String, Boolean>) get(KEY_ADMIN_PER);
}
public static void remove() {

19
src/main/java/xyz/playedu/api/bus/BackendBus.java
View File

@ -2,11 +2,13 @@ package xyz.playedu.api.bus;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import xyz.playedu.api.PlayEduBackendThreadLocal;
import xyz.playedu.api.constant.BackendConstant;
import xyz.playedu.api.domain.AdminRole;
import xyz.playedu.api.service.AdminPermissionService;
import xyz.playedu.api.service.AdminRoleService;
import xyz.playedu.api.service.AdminUserService;
import xyz.playedu.api.util.PrivacyUtil;
import java.util.HashMap;
import java.util.List;
@ -56,4 +58,21 @@ public class BackendBus {
return permissionService.getSlugsByIds(permissionIds);
}
public static String valueHidden(String permissionSlug, String type, String value) {
HashMap<String, Boolean> permissions = PlayEduBackendThreadLocal.getAdminPer();
if (permissions.get(permissionSlug) != null) {
return value;
}
if (BackendConstant.PRIVACY_FIELD_TYPE_EMAIL.equals(type)) {
return PrivacyUtil.hideEmail(value);
} else if (BackendConstant.PRIVACY_FIELD_TYPE_PHONE.equals(type)) {
return PrivacyUtil.hidePhone(value);
} else if (BackendConstant.PRIVACY_FIELD_TYPE_NAME.equals(type)) {
return PrivacyUtil.hideChineseName(value);
} else if (BackendConstant.PRIVACY_FIELD_TYPE_ID_CARD.equals(type)) {
return PrivacyUtil.hideIDCard(value);
}
return PrivacyUtil.desValue(value, 1, 0, "*");
}
}

26
src/main/java/xyz/playedu/api/checks/AdminPermissionCheck.java
View File

@ -47,6 +47,14 @@ public class AdminPermissionCheck implements ApplicationRunner {
{"课程", "0", "课程", BPermissionConstant.COURSE},
};
private final String[][] DATA_PERMISSIONS = {
{"管理员", "0", "邮箱", BPermissionConstant.DATA_ADMIN_EMAIL},
{"学员", "0", "邮箱", BPermissionConstant.DATA_USER_EMAIL},
{"学员", "10", "姓名", BPermissionConstant.DATA_USER_NAME},
{"学员", "10", "身份证号", BPermissionConstant.DATA_USER_ID_CARD},
};
@Override
public void run(ApplicationArguments args) throws Exception {
HashMap<String, Boolean> slugs = permissionService.allSlugs();
@ -71,8 +79,22 @@ public class AdminPermissionCheck implements ApplicationRunner {
list.add(permission);
}
if (list.size() == 0) {
return;
for (int i = 0; i < DATA_PERMISSIONS.length; i++) {
String[] item = DATA_PERMISSIONS[i];
String tmpSlug = item[3];
if (slugs.get(tmpSlug) != null) {//已经存在
continue;
}
AdminPermission permission = new AdminPermission();
permission.setGroupName(item[0]);
permission.setSort(Integer.valueOf(item[1]));
permission.setName(item[2]);
permission.setSlug(tmpSlug);
permission.setType(BPermissionConstant.TYPE_DATA);
permission.setCreatedAt(now);
list.add(permission);
}
permissionService.saveBatch(list);

5
src/main/java/xyz/playedu/api/constant/BPermissionConstant.java
View File

@ -32,4 +32,9 @@ public class BPermissionConstant {
public final static String COURSE = "course";
public final static String DATA_USER_NAME = "data-user-name";
public final static String DATA_USER_EMAIL = "data-user-email";
public final static String DATA_USER_ID_CARD = "data-user-id-card";
public final static String DATA_ADMIN_EMAIL = "data-admin-email";
}

5
src/main/java/xyz/playedu/api/constant/BackendConstant.java
View File

@ -49,4 +49,9 @@ public class BackendConstant {
public final static String[] UPLOAD_IMAGE_CONTENT_TYPE_WL = {"image/png", "image/jpg", "image/jpeg", "image/gif"};
public final static String UPLOAD_IMAGE_DIR = "images/";
public final static String PRIVACY_FIELD_TYPE_EMAIL = "email";
public final static String PRIVACY_FIELD_TYPE_PHONE = "phone";
public final static String PRIVACY_FIELD_TYPE_NAME = "name";
public final static String PRIVACY_FIELD_TYPE_ID_CARD = "IDCard";
}

11
src/main/java/xyz/playedu/api/domain/AdminUser.java
View File

@ -8,15 +8,21 @@ import com.baomidou.mybatisplus.annotation.TableName;
import java.io.Serializable;
import java.util.Date;
import com.fasterxml.jackson.annotation.JsonGetter;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import xyz.playedu.api.bus.BackendBus;
import xyz.playedu.api.constant.BPermissionConstant;
import xyz.playedu.api.constant.BackendConstant;
/**
* @TableName admin_users
*/
@TableName(value = "admin_users")
@Data
@Slf4j
public class AdminUser implements Serializable {
/**
*
@ -79,6 +85,11 @@ public class AdminUser implements Serializable {
@TableField(exist = false)
private static final long serialVersionUID = 1L;
@JsonGetter("email")
public String transformEmail() {
return BackendBus.valueHidden(BPermissionConstant.DATA_ADMIN_EMAIL, BackendConstant.PRIVACY_FIELD_TYPE_EMAIL, email);
}
@Override
public boolean equals(Object that) {
if (this == that) {

20
src/main/java/xyz/playedu/api/domain/User.java
View File

@ -8,9 +8,14 @@ import com.baomidou.mybatisplus.annotation.TableName;
import java.io.Serializable;
import java.util.Date;
import com.fasterxml.jackson.annotation.JsonGetter;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import xyz.playedu.api.bus.BackendBus;
import xyz.playedu.api.constant.BPermissionConstant;
import xyz.playedu.api.constant.BackendConstant;
/**
* @TableName users
@ -124,6 +129,21 @@ public class User implements Serializable {
@TableField(exist = false)
private static final long serialVersionUID = 1L;
@JsonGetter("name")
public String transformName() {
return BackendBus.valueHidden(BPermissionConstant.DATA_USER_NAME, BackendConstant.PRIVACY_FIELD_TYPE_NAME, getName());
}
@JsonGetter("email")
public String transformEmail() {
return BackendBus.valueHidden(BPermissionConstant.DATA_USER_EMAIL, BackendConstant.PRIVACY_FIELD_TYPE_EMAIL, getEmail());
}
@JsonGetter("id_card")
public String transformIdCard() {
return BackendBus.valueHidden(BPermissionConstant.DATA_USER_ID_CARD, BackendConstant.PRIVACY_FIELD_TYPE_ID_CARD, getIdCard());
}
@Override
public boolean equals(Object that) {
if (this == that) {

4
src/main/java/xyz/playedu/api/middleware/AdminAuthMiddleware.java
View File

@ -33,6 +33,9 @@ public class AdminAuthMiddleware implements HandlerInterceptor {
@Autowired
private AppBus appBus;
@Autowired
private BackendBus backendBus;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if ("OPTIONS".equals(request.getMethod()) || BackendBus.inUnAuthWhitelist(request.getRequestURI())) {
@ -57,6 +60,7 @@ public class AdminAuthMiddleware implements HandlerInterceptor {
PlayEduBackendThreadLocal.setAdminUserId(payload.getSub());
PlayEduBackendThreadLocal.setAdminUser(adminUser);
PlayEduBackendThreadLocal.setAdminPer(backendBus.adminUserPermissions(adminUser.getId()));
return HandlerInterceptor.super.preHandle(request, response, handler);
} catch (Exception e) {

55
src/main/java/xyz/playedu/api/util/PrivacyUtil.java Normal file
View File

@ -0,0 +1,55 @@
package xyz.playedu.api.util;
/**
* @Author 杭州白书科技有限公司
* @create 2023/3/3 10:51
*/
public class PrivacyUtil {
public static String hidePhone(String phone) {
return phone.replaceAll("(\\d{3})\\d{4}(\\d{4})", "$1****$2");
}
public static String hideEmail(String email) {
return email.replaceAll("(\\w?)(\\w+)(\\w)(@\\w+\\.[a-z]+(\\.[a-z]+)?)", "$1****$3$4");
}
public static String hideIDCard(String idCard) {
return idCard.replaceAll("(\\d{4})\\d{10}(\\w{4})", "$1*****$2");
}
public static String hideChineseName(String chineseName) {
if (chineseName == null) {
return null;
}
return desValue(chineseName, 1, 0, "*");
}
/**
* 对字符串进行脱敏操作
*
* @param origin 原始字符串
* @param prefixNoMaskLen 左侧需要保留几位明文字段
* @param suffixNoMaskLen 右侧需要保留几位明文字段
* @param maskStr 用于遮罩的字符串, '*'
* @return 脱敏后结果
*/
public static String desValue(String origin, int prefixNoMaskLen, int suffixNoMaskLen, String maskStr) {
if (origin == null) {
return null;
}
StringBuilder sb = new StringBuilder();
for (int i = 0, n = origin.length(); i < n; i++) {
if (i < prefixNoMaskLen) {
sb.append(origin.charAt(i));
continue;
}
if (i > (n - suffixNoMaskLen - 1)) {
sb.append(origin.charAt(i));
continue;
}
sb.append(maskStr);
}
return sb.toString();
}
}