From 86d507cc981ce4a7d4827dc53c9d3bf739cf388c Mon Sep 17 00:00:00 2001 From: none Date: Fri, 3 Mar 2023 11:12:36 +0800 Subject: [PATCH] =?UTF-8?q?added:=20=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../api/PlayEduBackendThreadLocal.java | 21 +++++-- .../java/xyz/playedu/api/bus/BackendBus.java | 19 +++++++ .../api/checks/AdminPermissionCheck.java | 26 ++++++++- .../api/constant/BPermissionConstant.java | 5 ++ .../playedu/api/constant/BackendConstant.java | 5 ++ .../xyz/playedu/api/domain/AdminUser.java | 11 ++++ .../java/xyz/playedu/api/domain/User.java | 20 +++++++ .../api/middleware/AdminAuthMiddleware.java | 4 ++ .../xyz/playedu/api/util/PrivacyUtil.java | 55 +++++++++++++++++++ 9 files changed, 160 insertions(+), 6 deletions(-) create mode 100644 src/main/java/xyz/playedu/api/util/PrivacyUtil.java diff --git a/src/main/java/xyz/playedu/api/PlayEduBackendThreadLocal.java b/src/main/java/xyz/playedu/api/PlayEduBackendThreadLocal.java index d2e8720..b8204f4 100644 --- a/src/main/java/xyz/playedu/api/PlayEduBackendThreadLocal.java +++ b/src/main/java/xyz/playedu/api/PlayEduBackendThreadLocal.java @@ -2,12 +2,17 @@ package xyz.playedu.api; import xyz.playedu.api.domain.AdminUser; +import java.util.HashMap; import java.util.LinkedHashMap; public class PlayEduBackendThreadLocal { private static final java.lang.ThreadLocal> THREAD_LOCAL = new java.lang.ThreadLocal<>(); + public final static String KEY_ADMIN_USER_ID = "admin_id"; + public final static String KEY_ADMIN_USER = "admin_user"; + public final static String KEY_ADMIN_PER = "admin_per"; + public PlayEduBackendThreadLocal() { } @@ -25,19 +30,27 @@ public class PlayEduBackendThreadLocal { } public static Integer getAdminUserID() { - return (Integer) get("admin_user_id"); + return (Integer) get(KEY_ADMIN_USER_ID); } public static void setAdminUserId(Integer userId) { - put("admin_user_id", userId); + put(KEY_ADMIN_USER_ID, userId); } public static AdminUser getAdminUser() { - return (AdminUser) get("admin_user"); + return (AdminUser) get(KEY_ADMIN_USER); } public static void setAdminUser(AdminUser adminUser) { - put("admin_user", adminUser); + put(KEY_ADMIN_USER, adminUser); + } + + public static void setAdminPer(HashMap permissions) { + put(KEY_ADMIN_PER, permissions); + } + + public static HashMap getAdminPer() { + return (HashMap) get(KEY_ADMIN_PER); } public static void remove() { diff --git a/src/main/java/xyz/playedu/api/bus/BackendBus.java b/src/main/java/xyz/playedu/api/bus/BackendBus.java index e5470cd..c04b538 100644 --- a/src/main/java/xyz/playedu/api/bus/BackendBus.java +++ b/src/main/java/xyz/playedu/api/bus/BackendBus.java @@ -2,11 +2,13 @@ package xyz.playedu.api.bus; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; +import xyz.playedu.api.PlayEduBackendThreadLocal; import xyz.playedu.api.constant.BackendConstant; import xyz.playedu.api.domain.AdminRole; import xyz.playedu.api.service.AdminPermissionService; import xyz.playedu.api.service.AdminRoleService; import xyz.playedu.api.service.AdminUserService; +import xyz.playedu.api.util.PrivacyUtil; import java.util.HashMap; import java.util.List; @@ -56,4 +58,21 @@ public class BackendBus { return permissionService.getSlugsByIds(permissionIds); } + public static String valueHidden(String permissionSlug, String type, String value) { + HashMap permissions = PlayEduBackendThreadLocal.getAdminPer(); + if (permissions.get(permissionSlug) != null) { + return value; + } + if (BackendConstant.PRIVACY_FIELD_TYPE_EMAIL.equals(type)) { + return PrivacyUtil.hideEmail(value); + } else if (BackendConstant.PRIVACY_FIELD_TYPE_PHONE.equals(type)) { + return PrivacyUtil.hidePhone(value); + } else if (BackendConstant.PRIVACY_FIELD_TYPE_NAME.equals(type)) { + return PrivacyUtil.hideChineseName(value); + } else if (BackendConstant.PRIVACY_FIELD_TYPE_ID_CARD.equals(type)) { + return PrivacyUtil.hideIDCard(value); + } + return PrivacyUtil.desValue(value, 1, 0, "*"); + } + } diff --git a/src/main/java/xyz/playedu/api/checks/AdminPermissionCheck.java b/src/main/java/xyz/playedu/api/checks/AdminPermissionCheck.java index c221c45..b1c9738 100644 --- a/src/main/java/xyz/playedu/api/checks/AdminPermissionCheck.java +++ b/src/main/java/xyz/playedu/api/checks/AdminPermissionCheck.java @@ -47,6 +47,14 @@ public class AdminPermissionCheck implements ApplicationRunner { {"课程", "0", "课程", BPermissionConstant.COURSE}, }; + private final String[][] DATA_PERMISSIONS = { + {"管理员", "0", "邮箱", BPermissionConstant.DATA_ADMIN_EMAIL}, + + {"学员", "0", "邮箱", BPermissionConstant.DATA_USER_EMAIL}, + {"学员", "10", "姓名", BPermissionConstant.DATA_USER_NAME}, + {"学员", "10", "身份证号", BPermissionConstant.DATA_USER_ID_CARD}, + }; + @Override public void run(ApplicationArguments args) throws Exception { HashMap slugs = permissionService.allSlugs(); @@ -71,8 +79,22 @@ public class AdminPermissionCheck implements ApplicationRunner { list.add(permission); } - if (list.size() == 0) { - return; + for (int i = 0; i < DATA_PERMISSIONS.length; i++) { + String[] item = DATA_PERMISSIONS[i]; + String tmpSlug = item[3]; + if (slugs.get(tmpSlug) != null) {//已经存在 + continue; + } + AdminPermission permission = new AdminPermission(); + + permission.setGroupName(item[0]); + permission.setSort(Integer.valueOf(item[1])); + permission.setName(item[2]); + permission.setSlug(tmpSlug); + permission.setType(BPermissionConstant.TYPE_DATA); + permission.setCreatedAt(now); + + list.add(permission); } permissionService.saveBatch(list); diff --git a/src/main/java/xyz/playedu/api/constant/BPermissionConstant.java b/src/main/java/xyz/playedu/api/constant/BPermissionConstant.java index 9ba37a3..818d22a 100644 --- a/src/main/java/xyz/playedu/api/constant/BPermissionConstant.java +++ b/src/main/java/xyz/playedu/api/constant/BPermissionConstant.java @@ -32,4 +32,9 @@ public class BPermissionConstant { public final static String COURSE = "course"; + public final static String DATA_USER_NAME = "data-user-name"; + public final static String DATA_USER_EMAIL = "data-user-email"; + public final static String DATA_USER_ID_CARD = "data-user-id-card"; + public final static String DATA_ADMIN_EMAIL = "data-admin-email"; + } diff --git a/src/main/java/xyz/playedu/api/constant/BackendConstant.java b/src/main/java/xyz/playedu/api/constant/BackendConstant.java index f76ef92..93826d3 100644 --- a/src/main/java/xyz/playedu/api/constant/BackendConstant.java +++ b/src/main/java/xyz/playedu/api/constant/BackendConstant.java @@ -49,4 +49,9 @@ public class BackendConstant { public final static String[] UPLOAD_IMAGE_CONTENT_TYPE_WL = {"image/png", "image/jpg", "image/jpeg", "image/gif"}; public final static String UPLOAD_IMAGE_DIR = "images/"; + public final static String PRIVACY_FIELD_TYPE_EMAIL = "email"; + public final static String PRIVACY_FIELD_TYPE_PHONE = "phone"; + public final static String PRIVACY_FIELD_TYPE_NAME = "name"; + public final static String PRIVACY_FIELD_TYPE_ID_CARD = "IDCard"; + } diff --git a/src/main/java/xyz/playedu/api/domain/AdminUser.java b/src/main/java/xyz/playedu/api/domain/AdminUser.java index a4c69ca..6a0bcce 100644 --- a/src/main/java/xyz/playedu/api/domain/AdminUser.java +++ b/src/main/java/xyz/playedu/api/domain/AdminUser.java @@ -8,15 +8,21 @@ import com.baomidou.mybatisplus.annotation.TableName; import java.io.Serializable; import java.util.Date; +import com.fasterxml.jackson.annotation.JsonGetter; import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonProperty; import lombok.Data; +import lombok.extern.slf4j.Slf4j; +import xyz.playedu.api.bus.BackendBus; +import xyz.playedu.api.constant.BPermissionConstant; +import xyz.playedu.api.constant.BackendConstant; /** * @TableName admin_users */ @TableName(value = "admin_users") @Data +@Slf4j public class AdminUser implements Serializable { /** * @@ -79,6 +85,11 @@ public class AdminUser implements Serializable { @TableField(exist = false) private static final long serialVersionUID = 1L; + @JsonGetter("email") + public String transformEmail() { + return BackendBus.valueHidden(BPermissionConstant.DATA_ADMIN_EMAIL, BackendConstant.PRIVACY_FIELD_TYPE_EMAIL, email); + } + @Override public boolean equals(Object that) { if (this == that) { diff --git a/src/main/java/xyz/playedu/api/domain/User.java b/src/main/java/xyz/playedu/api/domain/User.java index a310e2f..456a69d 100644 --- a/src/main/java/xyz/playedu/api/domain/User.java +++ b/src/main/java/xyz/playedu/api/domain/User.java @@ -8,9 +8,14 @@ import com.baomidou.mybatisplus.annotation.TableName; import java.io.Serializable; import java.util.Date; +import com.fasterxml.jackson.annotation.JsonGetter; import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonProperty; import lombok.Data; +import lombok.extern.slf4j.Slf4j; +import xyz.playedu.api.bus.BackendBus; +import xyz.playedu.api.constant.BPermissionConstant; +import xyz.playedu.api.constant.BackendConstant; /** * @TableName users @@ -124,6 +129,21 @@ public class User implements Serializable { @TableField(exist = false) private static final long serialVersionUID = 1L; + @JsonGetter("name") + public String transformName() { + return BackendBus.valueHidden(BPermissionConstant.DATA_USER_NAME, BackendConstant.PRIVACY_FIELD_TYPE_NAME, getName()); + } + + @JsonGetter("email") + public String transformEmail() { + return BackendBus.valueHidden(BPermissionConstant.DATA_USER_EMAIL, BackendConstant.PRIVACY_FIELD_TYPE_EMAIL, getEmail()); + } + + @JsonGetter("id_card") + public String transformIdCard() { + return BackendBus.valueHidden(BPermissionConstant.DATA_USER_ID_CARD, BackendConstant.PRIVACY_FIELD_TYPE_ID_CARD, getIdCard()); + } + @Override public boolean equals(Object that) { if (this == that) { diff --git a/src/main/java/xyz/playedu/api/middleware/AdminAuthMiddleware.java b/src/main/java/xyz/playedu/api/middleware/AdminAuthMiddleware.java index 39a9ded..59a9ba8 100644 --- a/src/main/java/xyz/playedu/api/middleware/AdminAuthMiddleware.java +++ b/src/main/java/xyz/playedu/api/middleware/AdminAuthMiddleware.java @@ -33,6 +33,9 @@ public class AdminAuthMiddleware implements HandlerInterceptor { @Autowired private AppBus appBus; + @Autowired + private BackendBus backendBus; + @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if ("OPTIONS".equals(request.getMethod()) || BackendBus.inUnAuthWhitelist(request.getRequestURI())) { @@ -57,6 +60,7 @@ public class AdminAuthMiddleware implements HandlerInterceptor { PlayEduBackendThreadLocal.setAdminUserId(payload.getSub()); PlayEduBackendThreadLocal.setAdminUser(adminUser); + PlayEduBackendThreadLocal.setAdminPer(backendBus.adminUserPermissions(adminUser.getId())); return HandlerInterceptor.super.preHandle(request, response, handler); } catch (Exception e) { diff --git a/src/main/java/xyz/playedu/api/util/PrivacyUtil.java b/src/main/java/xyz/playedu/api/util/PrivacyUtil.java new file mode 100644 index 0000000..23cfc56 --- /dev/null +++ b/src/main/java/xyz/playedu/api/util/PrivacyUtil.java @@ -0,0 +1,55 @@ +package xyz.playedu.api.util; + +/** + * @Author 杭州白书科技有限公司 + * @create 2023/3/3 10:51 + */ +public class PrivacyUtil { + + public static String hidePhone(String phone) { + return phone.replaceAll("(\\d{3})\\d{4}(\\d{4})", "$1****$2"); + } + + public static String hideEmail(String email) { + return email.replaceAll("(\\w?)(\\w+)(\\w)(@\\w+\\.[a-z]+(\\.[a-z]+)?)", "$1****$3$4"); + } + + public static String hideIDCard(String idCard) { + return idCard.replaceAll("(\\d{4})\\d{10}(\\w{4})", "$1*****$2"); + } + + public static String hideChineseName(String chineseName) { + if (chineseName == null) { + return null; + } + return desValue(chineseName, 1, 0, "*"); + } + + /** + * 对字符串进行脱敏操作 + * + * @param origin 原始字符串 + * @param prefixNoMaskLen 左侧需要保留几位明文字段 + * @param suffixNoMaskLen 右侧需要保留几位明文字段 + * @param maskStr 用于遮罩的字符串, 如'*' + * @return 脱敏后结果 + */ + public static String desValue(String origin, int prefixNoMaskLen, int suffixNoMaskLen, String maskStr) { + if (origin == null) { + return null; + } + StringBuilder sb = new StringBuilder(); + for (int i = 0, n = origin.length(); i < n; i++) { + if (i < prefixNoMaskLen) { + sb.append(origin.charAt(i)); + continue; + } + if (i > (n - suffixNoMaskLen - 1)) { + sb.append(origin.charAt(i)); + continue; + } + sb.append(maskStr); + } + return sb.toString(); + } +} \ No newline at end of file