From bf019b405ea8fc0eaf56270ef62edb07172ccec6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90li?=
 <15040126243@163.com>
Date: Fri, 11 Feb 2022 15:04:49 +0800
Subject: [PATCH] =?UTF-8?q?add=20=E5=A2=9E=E5=8A=A0=20=E6=95=B0=E6=8D=AE?=
 =?UTF-8?q?=E8=84=B1=E6=95=8F=20=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/ruoyi/system/api/domain/SysUser.java  |  4 ++
 .../common/core/annotation/Sensitive.java     | 24 ++++++++++
 .../common/core/enums/SensitiveStrategy.java  | 48 +++++++++++++++++++
 .../core/jackson/SensitiveJsonSerializer.java | 46 ++++++++++++++++++
 .../common/core/service/SensitiveService.java | 18 +++++++
 .../service/impl/SysSensitiveServiceImpl.java | 25 ++++++++++
 6 files changed, 165 insertions(+)
 create mode 100644 ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/annotation/Sensitive.java
 create mode 100644 ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/enums/SensitiveStrategy.java
 create mode 100644 ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/jackson/SensitiveJsonSerializer.java
 create mode 100644 ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/service/SensitiveService.java
 create mode 100644 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysSensitiveServiceImpl.java

diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
index 1303b5e7..6638aebc 100644
--- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
+++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
@@ -3,6 +3,8 @@ package com.ruoyi.system.api.domain;
 import com.baomidou.mybatisplus.annotation.*;
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.fasterxml.jackson.annotation.JsonProperty;
+import com.ruoyi.common.core.annotation.Sensitive;
+import com.ruoyi.common.core.enums.SensitiveStrategy;
 import com.ruoyi.common.core.web.domain.BaseEntity;
 import com.ruoyi.common.core.xss.Xss;
 import io.swagger.annotations.ApiModel;
@@ -69,6 +71,7 @@ public class SysUser extends BaseEntity {
     /**
      * 用户邮箱
      */
+    @Sensitive(strategy = SensitiveStrategy.EMAIL)
     @ApiModelProperty(value = "用户邮箱")
     @Email(message = "邮箱格式不正确")
     @Size(min = 0, max = 50, message = "邮箱长度不能超过50个字符")
@@ -77,6 +80,7 @@ public class SysUser extends BaseEntity {
     /**
      * 手机号码
      */
+    @Sensitive(strategy = SensitiveStrategy.PHONE)
     @ApiModelProperty(value = "手机号码")
     private String phonenumber;
 
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/annotation/Sensitive.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/annotation/Sensitive.java
new file mode 100644
index 00000000..a9339f1b
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/annotation/Sensitive.java
@@ -0,0 +1,24 @@
+package com.ruoyi.common.core.annotation;
+
+import com.fasterxml.jackson.annotation.JacksonAnnotationsInside;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.ruoyi.common.core.enums.SensitiveStrategy;
+import com.ruoyi.common.core.jackson.SensitiveJsonSerializer;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 数据脱敏注解
+ *
+ * @author Lion Li
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.FIELD)
+@JacksonAnnotationsInside
+@JsonSerialize(using = SensitiveJsonSerializer.class)
+public @interface Sensitive {
+    SensitiveStrategy strategy();
+}
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/enums/SensitiveStrategy.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/enums/SensitiveStrategy.java
new file mode 100644
index 00000000..c61c192c
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/enums/SensitiveStrategy.java
@@ -0,0 +1,48 @@
+package com.ruoyi.common.core.enums;
+
+import cn.hutool.core.util.DesensitizedUtil;
+import lombok.AllArgsConstructor;
+
+import java.util.function.Function;
+
+/**
+ * 脱敏策略
+ *
+ * @author Yjoioooo
+ */
+@AllArgsConstructor
+public enum SensitiveStrategy {
+
+    /**
+     * 身份证脱敏
+     */
+    ID_CARD(s -> DesensitizedUtil.idCardNum(s, 3, 4)),
+
+    /**
+     * 手机号脱敏
+     */
+    PHONE(DesensitizedUtil::mobilePhone),
+
+    /**
+     * 地址脱敏
+     */
+    ADDRESS(s -> DesensitizedUtil.address(s, 8)),
+
+    /**
+     * 邮箱脱敏
+     */
+    EMAIL(DesensitizedUtil::email),
+
+    /**
+     * 银行卡
+     */
+    BANK_CARD(DesensitizedUtil::bankCard);
+
+    //可自行添加其他脱敏策略
+
+    private final Function<String, String> desensitizer;
+
+    public Function<String, String> desensitizer() {
+        return desensitizer;
+    }
+}
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/jackson/SensitiveJsonSerializer.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/jackson/SensitiveJsonSerializer.java
new file mode 100644
index 00000000..f26c5239
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/jackson/SensitiveJsonSerializer.java
@@ -0,0 +1,46 @@
+package com.ruoyi.common.core.jackson;
+
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanProperty;
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.ser.ContextualSerializer;
+import com.ruoyi.common.core.annotation.Sensitive;
+import com.ruoyi.common.core.enums.SensitiveStrategy;
+import com.ruoyi.common.core.service.SensitiveService;
+import com.ruoyi.common.core.utils.SpringUtils;
+
+import java.io.IOException;
+import java.util.Objects;
+
+/**
+ * 数据脱敏json序列化工具
+ *
+ * @author Yjoioooo
+ */
+public class SensitiveJsonSerializer extends JsonSerializer<String> implements ContextualSerializer {
+
+    private SensitiveStrategy strategy;
+
+    @Override
+    public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException {
+        SensitiveService sensitiveService = SpringUtils.getBean(SensitiveService.class);
+        if (sensitiveService.isSensitive()) {
+            gen.writeString(value);
+        } else {
+            gen.writeString(strategy.desensitizer().apply(value));
+        }
+
+    }
+
+    @Override
+    public JsonSerializer<?> createContextual(SerializerProvider prov, BeanProperty property) throws JsonMappingException {
+        Sensitive annotation = property.getAnnotation(Sensitive.class);
+        if (Objects.nonNull(annotation) && Objects.equals(String.class, property.getType().getRawClass())) {
+            this.strategy = annotation.strategy();
+            return this;
+        }
+        return prov.findValueSerializer(property.getType(), property);
+    }
+}
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/service/SensitiveService.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/service/SensitiveService.java
new file mode 100644
index 00000000..7b27bb45
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/service/SensitiveService.java
@@ -0,0 +1,18 @@
+package com.ruoyi.common.core.service;
+
+/**
+ * 脱敏服务
+ * 默认管理员不过滤
+ * 需自行根据业务重写实现
+ *
+ * @author Lion Li
+ * @version 3.6.0
+ */
+public interface SensitiveService {
+
+    /**
+     * 是否脱敏
+     */
+    boolean isSensitive();
+
+}
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysSensitiveServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysSensitiveServiceImpl.java
new file mode 100644
index 00000000..23ff6e25
--- /dev/null
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysSensitiveServiceImpl.java
@@ -0,0 +1,25 @@
+package com.ruoyi.system.service.impl;
+
+import com.ruoyi.common.core.service.SensitiveService;
+import com.ruoyi.common.satoken.utils.LoginHelper;
+import org.springframework.stereotype.Service;
+
+/**
+ * 脱敏服务
+ * 默认管理员不过滤
+ * 需自行根据业务重写实现
+ *
+ * @author Lion Li
+ */
+@Service
+public class SysSensitiveServiceImpl implements SensitiveService {
+
+    /**
+     * 是否脱敏
+     */
+    @Override
+    public boolean isSensitive() {
+        return LoginHelper.isAdmin();
+    }
+
+}