From bc194e6be2f453fed247a62a30120d0555b97d26 Mon Sep 17 00:00:00 2001
From: wsw <wsw@winning.com.cn>
Date: Sat, 29 Jul 2023 15:04:20 +0800
Subject: [PATCH] =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=91=98=E6=97=A5=E5=BF=97-?=
 =?UTF-8?q?=E5=85=A5=E5=8F=82=E5=87=BA=E5=B7=AE=E8=84=B1=E6=95=8F=E5=A4=84?=
 =?UTF-8?q?=E7=90=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../playedu/api/aspectj/AdminLogAspect.java   | 45 ++++++++++++++-----
 1 file changed, 35 insertions(+), 10 deletions(-)

diff --git a/src/main/java/xyz/playedu/api/aspectj/AdminLogAspect.java b/src/main/java/xyz/playedu/api/aspectj/AdminLogAspect.java
index d399de5..27ded92 100644
--- a/src/main/java/xyz/playedu/api/aspectj/AdminLogAspect.java
+++ b/src/main/java/xyz/playedu/api/aspectj/AdminLogAspect.java
@@ -53,7 +53,7 @@ public class AdminLogAspect {
 
     /** 排除敏感属性字段 */
     public static final String[] EXCLUDE_PROPERTIES = {
-        "password", "oldPassword", "newPassword", "confirmPassword"
+        "password", "oldPassword", "newPassword", "confirmPassword", "token"
     };
 
     /** Controller层切点 注解拦截 */
@@ -118,20 +118,19 @@ public class AdminLogAspect {
                 }
             }
             if (StringUtil.isNotEmpty(params)) {
-                JSONObject paramObj = JSONUtil.parseObj(params);
-                for (String i : Arrays.asList(EXCLUDE_PROPERTIES)) {
-                    if (paramObj.containsKey(i)) {
-                        paramObj.put(i, "******");
-                    }
-                }
-                adminLog.setParam(StringUtils.substring(JSONUtil.toJsonStr(paramObj), 0, 2000));
+                JSONObject paramObj = excludeProperties(params);
+                adminLog.setParam(JSONUtil.toJsonStr(paramObj));
             }
-            adminLog.setResult(JSONUtil.toJsonStr(jsonResult));
+            if (null != jsonResult) {
+                jsonResult = excludeProperties(JSONUtil.toJsonStr(jsonResult));
+                adminLog.setResult(JSONUtil.toJsonStr(jsonResult));
+            }
+
             adminLog.setIp(IpUtil.getIpAddress());
             adminLog.setIpArea(IpUtil.getRealAddressByIP(IpUtil.getIpAddress()));
 
             if (null != e) {
-                adminLog.setErrorMsg(StringUtil.substring(e.getMessage(), 0, 2000));
+                adminLog.setErrorMsg(e.getMessage());
             }
             adminLog.setCreatedAt(new Date());
             // 保存数据库
@@ -152,4 +151,30 @@ public class AdminLogAspect {
         }
         return null;
     }
+
+    public JSONObject excludeProperties(String jsonData) {
+        JSONObject jsonObjectResult = new JSONObject();
+        // 把传入String类型转换成JSONObject对象
+        if(JSONUtil.isTypeJSON(jsonData)){
+            JSONObject jsonObject = JSONUtil.parseObj(jsonData);
+            for (Map.Entry<String, Object> entry : jsonObject.entrySet()) {
+                String key = entry.getKey();
+                Object value = entry.getValue();
+                if(StringUtil.isNotNull(value)){
+                    // 如果value依旧是json类型的话继续递归解析
+                    if (JSONUtil.isTypeJSON(value.toString())) {
+                        jsonObjectResult.put(key, excludeProperties(entry.getValue().toString()));
+                    } else {
+                        // 如果value是单纯的数据,执行脱敏操作
+                        for (String i : Arrays.asList(EXCLUDE_PROPERTIES)) {
+                            if(key.equals(i)){
+                                jsonObjectResult.put(key, "******");
+                            }
+                        }
+                    }
+                }
+            }
+        }
+        return jsonObjectResult;
+    }
 }