Commit 1ec4d7bc by fukai
parents 8a2851c3 95150ec6
...@@ -92,17 +92,19 @@ public abstract class AbstractCommonController { ...@@ -92,17 +92,19 @@ public abstract class AbstractCommonController {
if (DataSecurityUtil.needDecrypt(noUiRequest.getReqUrl())) { if (DataSecurityUtil.needDecrypt(noUiRequest.getReqUrl())) {
String[] clientpars = DataSecurityUtil.getSafeConfigByReqUrl(context,noUiRequest, noUiRequest.getReqUrl() + DataSecurityUtil.DECRYPT_FIX); String[] clientpars = DataSecurityUtil.getSafeConfigByReqUrl(context,noUiRequest, noUiRequest.getReqUrl() + DataSecurityUtil.DECRYPT_FIX);
if(!ArrayUtils.isEmpty(clientpars)){ if(!ArrayUtils.isEmpty(clientpars)){
if (paramsMap.containsKey(DataSecurityUtil.BACKGROUND_ID)) { if(!DataSecurityUtil.isIgnoreCheck(paramsMap)){
//合法性校验操作(场景:用户做修改、删除时调用) if (paramsMap.containsKey(DataSecurityUtil.BACKGROUND_ID)) {
serverEnc = (String) paramsMap.get(DataSecurityUtil.BACKGROUND_ID); //合法性校验操作(场景:用户做修改、删除时调用)
String errmsg = null; serverEnc = (String) paramsMap.get(DataSecurityUtil.BACKGROUND_ID);
if ((errmsg = DataSecurityUtil.checkIllegalData(serverEnc, clientpars, noUiRequest.getUserId())) != null) { String errmsg = null;
Result rt = new Result(ErrorCodes.ERROR, errmsg, null, noUiVersion.getVersion()); if ((errmsg = DataSecurityUtil.checkIllegalData(serverEnc, clientpars, noUiRequest.getUserId())) != null) {
Result rt = new Result(ErrorCodes.ERROR, errmsg, null, noUiVersion.getVersion());
return rt;
}
} else {
Result rt = new Result(ErrorCodes.ERROR, DataSecurityUtil.ERROR_SERVERENC_NULL, null, noUiVersion.getVersion());
return rt; return rt;
} }
} else {
Result rt = new Result(ErrorCodes.ERROR, DataSecurityUtil.ERROR_SERVERENC_NULL, null, noUiVersion.getVersion());
return rt;
} }
} }
} }
......
...@@ -19,7 +19,8 @@ import java.util.*; ...@@ -19,7 +19,8 @@ import java.util.*;
* 使用动态盐机制,每个盐只做一次双向校验后就失效 * 使用动态盐机制,每个盐只做一次双向校验后就失效
*/ */
public class DataSecurityUtil { public class DataSecurityUtil {
public static final String DEFAULT_CHECK = "selinr"; private static final String[] DEFAULT_CHECK = {"selinr","didinr"};
private static final String[] DEFAULT_IGNOR_CHECK = {"sptinr"};
public static final String ENCRYPT_FIX = "_encode"; public static final String ENCRYPT_FIX = "_encode";
public static final String DECRYPT_FIX = "_decode"; public static final String DECRYPT_FIX = "_decode";
public static final String ENCRYPT_ERROR = "encrypt exception"; public static final String ENCRYPT_ERROR = "encrypt exception";
...@@ -84,6 +85,17 @@ public class DataSecurityUtil { ...@@ -84,6 +85,17 @@ public class DataSecurityUtil {
return securityConfig.containsKey(reqUrl + DECRYPT_FIX); return securityConfig.containsKey(reqUrl + DECRYPT_FIX);
} }
public static boolean isIgnoreCheck(Map<String, ?> paramsMap){
for(String ig:DEFAULT_IGNOR_CHECK){
if(paramsMap.containsKey(ig)){
String iginr=paramsMap.get(ig).toString();
if(!StringUtil.isEmpty(iginr)){
return true;
}
}
}
return false;
}
/** /**
* 获取指定交易的安全配置 * 获取指定交易的安全配置
* *
...@@ -116,8 +128,10 @@ public class DataSecurityUtil { ...@@ -116,8 +128,10 @@ public class DataSecurityUtil {
Object valobj=dataField.getValue(); Object valobj=dataField.getValue();
String val=null; String val=null;
if(valobj==null){ if(valobj==null){
if(noUiRequest.getParamsMap().containsKey(DEFAULT_CHECK)){ for(String ck:DEFAULT_CHECK){
val=noUiRequest.getParamsMap().get(DEFAULT_CHECK).toString(); if(noUiRequest.getParamsMap().containsKey(ck)){
val=noUiRequest.getParamsMap().get(ck).toString();
}
} }
}else{ }else{
val= valobj.toString(); val= valobj.toString();
...@@ -253,6 +267,9 @@ public class DataSecurityUtil { ...@@ -253,6 +267,9 @@ public class DataSecurityUtil {
} }
List<String> lst = Arrays.asList(pars); List<String> lst = Arrays.asList(pars);
String md5 = String.join(",", lst); String md5 = String.join(",", lst);
if(md5.endsWith(",")){
md5=md5.substring(0,md5.length()-1);
}
return md5; return md5;
} }
......
...@@ -88,6 +88,7 @@ switch=ON ...@@ -88,6 +88,7 @@ switch=ON
/dbepty/init_encode=\\ptygrp\\rec\\inr /dbepty/init_encode=\\ptygrp\\rec\\inr
/dbepty/sav_decode=\\ptygrp\\rec\\inr /dbepty/sav_decode=\\ptygrp\\rec\\inr
#客户管理——删除 #客户管理——删除
/dbdpty/init_decode=\\ptygrp\\rec\\inr
/dbdpty/init_encode=\\ptygrp\\rec\\inr /dbdpty/init_encode=\\ptygrp\\rec\\inr
/dbdpty/sav_decode=\\ptygrp\\rec\\inr /dbdpty/sav_decode=\\ptygrp\\rec\\inr
...@@ -151,7 +152,8 @@ switch=ON ...@@ -151,7 +152,8 @@ switch=ON
/trnrel/relrow_decode=\\trn\\inr /trnrel/relrow_decode=\\trn\\inr
/trnrel/reprow_decode=\\trn\\inr /trnrel/reprow_decode=\\trn\\inr
#经办夹
#/sptsel/sel_encode=\\sptp\\lst[]\\objinr
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment