diff --git a/framework/src/main/java/cn/lili/common/security/filter/Sensitive.java b/framework/src/main/java/cn/lili/common/security/filter/Sensitive.java new file mode 100644 index 00000000..797459af --- /dev/null +++ b/framework/src/main/java/cn/lili/common/security/filter/Sensitive.java @@ -0,0 +1,17 @@ +package cn.lili.common.security.filter; + +import com.fasterxml.jackson.annotation.JacksonAnnotationsInside; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +@Retention(RetentionPolicy.RUNTIME) +@Target(ElementType.FIELD) +@JacksonAnnotationsInside +@JsonSerialize(using = SensitiveJsonSerializer.class) +public @interface Sensitive { + SensitiveStrategy strategy(); +} diff --git a/framework/src/main/java/cn/lili/common/security/filter/SensitiveJsonSerializer.java b/framework/src/main/java/cn/lili/common/security/filter/SensitiveJsonSerializer.java new file mode 100644 index 00000000..cba8edbd --- /dev/null +++ b/framework/src/main/java/cn/lili/common/security/filter/SensitiveJsonSerializer.java @@ -0,0 +1,38 @@ +package cn.lili.common.security.filter; + +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.databind.BeanProperty; +import com.fasterxml.jackson.databind.JsonMappingException; +import com.fasterxml.jackson.databind.JsonSerializer; +import com.fasterxml.jackson.databind.SerializerProvider; +import com.fasterxml.jackson.databind.ser.ContextualSerializer; + +import java.io.IOException; +import java.util.Objects; + +/** + * @author liushuai(liushuai711 @ gmail.com) + * @version v4.1 + * @Description: + * @since 2021/9/8 3:03 下午 + */ +public class SensitiveJsonSerializer extends JsonSerializer implements ContextualSerializer { + private SensitiveStrategy strategy; + + @Override + public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException { + gen.writeString(strategy.desensitizer().apply(value)); + } + + @Override + public JsonSerializer createContextual(SerializerProvider prov, BeanProperty property) throws JsonMappingException { + + Sensitive annotation = property.getAnnotation(Sensitive.class); + if (Objects.nonNull(annotation)&&Objects.equals(String.class, property.getType().getRawClass())) { + this.strategy = annotation.strategy(); + return this; + } + return prov.findValueSerializer(property.getType(), property); + + } +} diff --git a/framework/src/main/java/cn/lili/common/security/filter/SensitiveStrategy.java b/framework/src/main/java/cn/lili/common/security/filter/SensitiveStrategy.java new file mode 100644 index 00000000..dbba625d --- /dev/null +++ b/framework/src/main/java/cn/lili/common/security/filter/SensitiveStrategy.java @@ -0,0 +1,39 @@ +package cn.lili.common.security.filter; + +import java.util.function.Function; + +/** + * @author liushuai(liushuai711 @ gmail.com) + * @version v4.1 + * @Description: + * @since 2021/9/8 3:03 下午 + */ +public enum SensitiveStrategy { + /** + * Username sensitive strategy. + */ + USERNAME(s -> s.replaceAll("(\\S)\\S(\\S*)", "$1*$2")), + /** + * Id card sensitive type. + */ + ID_CARD(s -> s.replaceAll("(\\d{4})\\d{10}(\\w{4})", "$1****$2")), + /** + * Phone sensitive type. + */ + PHONE(s -> s.replaceAll("(\\d{3})\\d{4}(\\d{4})", "$1****$2")), + /** + * Address sensitive type. + */ + ADDRESS(s -> s.replaceAll("(\\S{3})\\S{2}(\\S*)\\S{2}", "$1****$2****")); + + + private final Function desensitizer; + + SensitiveStrategy(Function desensitizer) { + this.desensitizer = desensitizer; + } + + public Function desensitizer() { + return desensitizer; + } +} diff --git a/framework/src/main/java/cn/lili/modules/member/entity/dos/Member.java b/framework/src/main/java/cn/lili/modules/member/entity/dos/Member.java index 9ae98602..39b32dcc 100644 --- a/framework/src/main/java/cn/lili/modules/member/entity/dos/Member.java +++ b/framework/src/main/java/cn/lili/modules/member/entity/dos/Member.java @@ -1,7 +1,9 @@ package cn.lili.modules.member.entity.dos; -import cn.lili.mybatis.BaseEntity; import cn.lili.common.enums.ClientTypeEnum; +import cn.lili.common.security.filter.Sensitive; +import cn.lili.common.security.filter.SensitiveStrategy; +import cn.lili.mybatis.BaseEntity; import com.baomidou.mybatisplus.annotation.TableName; import com.fasterxml.jackson.annotation.JsonFormat; import io.swagger.annotations.ApiModel; @@ -54,6 +56,7 @@ public class Member extends BaseEntity { @NotEmpty(message = "手机号码不能为空") @ApiModelProperty(value = "手机号码", required = true) + @Sensitive(strategy = SensitiveStrategy.PHONE) private String mobile; @Min(message = "必须为数字", value = 0) diff --git a/framework/src/main/java/cn/lili/modules/member/entity/dos/MemberAddress.java b/framework/src/main/java/cn/lili/modules/member/entity/dos/MemberAddress.java index 4b53c23b..3cfeba49 100644 --- a/framework/src/main/java/cn/lili/modules/member/entity/dos/MemberAddress.java +++ b/framework/src/main/java/cn/lili/modules/member/entity/dos/MemberAddress.java @@ -1,7 +1,9 @@ package cn.lili.modules.member.entity.dos; -import cn.lili.mybatis.BaseEntity; +import cn.lili.common.security.filter.Sensitive; +import cn.lili.common.security.filter.SensitiveStrategy; import cn.lili.common.validation.Phone; +import cn.lili.mybatis.BaseEntity; import com.baomidou.mybatisplus.annotation.TableName; import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; @@ -32,6 +34,7 @@ public class MemberAddress extends BaseEntity { @Phone @ApiModelProperty(value = "手机号码") + @Sensitive(strategy = SensitiveStrategy.PHONE) private String mobile; @NotBlank(message = "地址不能为空") diff --git a/framework/src/main/java/cn/lili/modules/order/order/entity/dos/Order.java b/framework/src/main/java/cn/lili/modules/order/order/entity/dos/Order.java index ebc48cf5..e72968b5 100644 --- a/framework/src/main/java/cn/lili/modules/order/order/entity/dos/Order.java +++ b/framework/src/main/java/cn/lili/modules/order/order/entity/dos/Order.java @@ -2,9 +2,11 @@ package cn.lili.modules.order.order.entity.dos; import cn.hutool.core.util.StrUtil; import cn.hutool.json.JSONUtil; -import cn.lili.mybatis.BaseEntity; -import cn.lili.common.utils.BeanUtil; import cn.lili.common.enums.ClientTypeEnum; +import cn.lili.common.enums.PromotionTypeEnum; +import cn.lili.common.security.filter.Sensitive; +import cn.lili.common.security.filter.SensitiveStrategy; +import cn.lili.common.utils.BeanUtil; import cn.lili.modules.goods.entity.enums.GoodsTypeEnum; import cn.lili.modules.order.cart.entity.dto.TradeDTO; import cn.lili.modules.order.cart.entity.enums.CartTypeEnum; @@ -13,7 +15,7 @@ import cn.lili.modules.order.cart.entity.vo.CartVO; import cn.lili.modules.order.order.entity.dto.PriceDetailDTO; import cn.lili.modules.order.order.entity.enums.*; import cn.lili.modules.promotion.entity.dos.PromotionGoods; -import cn.lili.common.enums.PromotionTypeEnum; +import cn.lili.mybatis.BaseEntity; import com.baomidou.mybatisplus.annotation.TableName; import com.fasterxml.jackson.annotation.JsonFormat; import io.swagger.annotations.ApiModel; @@ -89,6 +91,7 @@ public class Order extends BaseEntity { private String consigneeName; @ApiModelProperty(value = "收件人手机") + @Sensitive(strategy = SensitiveStrategy.PHONE) private String consigneeMobile; /** diff --git a/framework/src/main/java/cn/lili/modules/store/entity/dto/StoreEditDTO.java b/framework/src/main/java/cn/lili/modules/store/entity/dto/StoreEditDTO.java index 0782a3e6..f8815508 100644 --- a/framework/src/main/java/cn/lili/modules/store/entity/dto/StoreEditDTO.java +++ b/framework/src/main/java/cn/lili/modules/store/entity/dto/StoreEditDTO.java @@ -1,9 +1,10 @@ package cn.lili.modules.store.entity.dto; +import cn.lili.common.security.filter.Sensitive; +import cn.lili.common.security.filter.SensitiveStrategy; import cn.lili.common.validation.Mobile; import cn.lili.common.validation.Phone; import com.baomidou.mybatisplus.annotation.TableField; -import com.baomidou.mybatisplus.annotation.TableId; import io.swagger.annotations.ApiModelProperty; import lombok.Data; import org.hibernate.validator.constraints.Length; @@ -75,6 +76,7 @@ public class StoreEditDTO { @NotBlank(message = "手机号不能为空") @Phone @ApiModelProperty(value = "联系人电话") + @Sensitive(strategy = SensitiveStrategy.PHONE) private String linkPhone; @Size(min = 18, max = 18, message = "营业执照长度为18位字符")