优化安全配置；

修复安全框架多集合，部分集合为空，导致跳转不到具体交易得缺陷

优化安全配置；
修复安全框架多集合，部分集合为空，导致跳转不到具体交易得缺陷
4e56c07f · WeiCong · 9d8c3302 · 4e56c07f · 4e56c07f
Commit 4e56c07f authored Oct 10, 2020 by WeiCong
Hide whitespace changes
Inline Side-by-side

Showing with 21 additions and 20 deletions

DataSecurityUtil.java ...java/org/sss/presentation/noui/util/DataSecurityUtil.java +12 -8

security.properties src/main/resources/security.properties +9 -12

No files found.
--- a/src/main/java/org/sss/presentation/noui/util/DataSecurityUtil.java
+++ b/src/main/java/org/sss/presentation/noui/util/DataSecurityUtil.java
@@ -150,7 +150,11 @@ public class DataSecurityUtil {
                                String val = dataField.getValue().toString();
                                checkList[index]=val;
                            }
-                            pars[i]=String.join("_", checkList);
+                            if(checkList.length==0){
+                                pars[i]="_";
+                            }else{
+                                pars[i]=String.join("_", checkList);
+                            }
                        } else {
                            StringBuilder sb = new StringBuilder();
                            sb.append("安全配置[").append(configKey).append("]对应的待校验字段[");
@@ -220,7 +224,7 @@ public class DataSecurityUtil {
            return ERROR_AES_DECODE;
        }
        String clientEnc = preHandle(clientpars);
-        if(serverEnc.indexOf("_")>0){
+        if(serverEnc.indexOf("_") != -1){
            //集合处理
            String[] parts=serverEnc.split(",");
            for(String part:parts){
@@ -270,12 +274,12 @@ public class DataSecurityUtil {
        }
        List<String> lst = Arrays.asList(pars);
        String md5 = String.join(",", lst);
-        if(md5.startsWith(",")){
+//        if(md5.startsWith(",")){
-            md5=md5.substring(1,md5.length());
+//            md5=md5.substring(1,md5.length());
-        }
+//        }
-        if(md5.endsWith(",")){
+//        if(md5.endsWith(",")){
-            md5=md5.substring(0,md5.length()-1);
+//            md5=md5.substring(0,md5.length()-1);
-        }
+//        }
        return md5;
    }

--- a/src/main/resources/security.properties
+++ b/src/main/resources/security.properties
@@ -11,6 +11,7 @@ switch=ON
 /bhgrel/init_decode=\\bhggrp\\rec\\inr
 /bhgrel/init_encode=\\bhggrp\\rec\\inr
 /bhgrel/relrow_decode=\\bhggrp\\rec\\inr
+/bhgrel/reprow_decode=\\bhggrp\\rec\\inr
 #共享前置用户管理
 /usrreg/regsel_encode=\\recp\\usrlst[]\\inr
@@ -30,6 +31,7 @@ switch=ON
 /urgrel/init_decode=\\urggrp\\rec\\inr
 /urgrel/init_encode=\\urggrp\\rec\\inr
 /urgrel/relrow_decode=\\urggrp\\rec\\inr
+/urgrel/reprow_decode=\\urggrp\\rec\\inr
 #共享前置公告——查询
 /elsinf/sel_encode=\\infgrp\\inflst[]\\inr
@@ -49,6 +51,7 @@ switch=ON
 /dbdbch/init_encode=\\bchgrp\\rec\\inr
 /dbdbch/sav_decode=\\bchgrp\\rec\\inr
 #机构管理——复核
+/bchrel/init_decode=\\bchgrp\\rec\\inr
 /bchrel/init_encode=\\bchgrp\\rec\\inr
 /bchrel/relrow_decode=\\bchgrp\\rec\\inr
@@ -59,6 +62,7 @@ switch=ON
 /dberol/init_encode=\\rolgrp\\rec\\inr
 /dberol/sav_decode=\\rolgrp\\rec\\inr
 #角色管理——删除
+/dbdrol/init_decode=\\rolgrp\\rec\\inr
 /dbdrol/init_encode=\\rolgrp\\rec\\inr
 /dbdrol/sav_decode=\\rolgrp\\rec\\inr
@@ -109,7 +113,7 @@ switch=ON
 /bdtrtn/init_decode=\\bddgrp\\rec\\inr
 /bdtrtn/init_encode=\\bddgrp\\rec\\inr
 /bdtrtn/sav_decode=\\bddgrp\\rec\\inr
-#退单
+#到期付款
 /bdtacc/init_decode=\\bddgrp\\rec\\inr
 /bdtacc/init_encode=\\bddgrp\\rec\\inr
 /bdtacc/sav_decode=\\bddgrp\\rec\\inr
@@ -144,7 +148,10 @@ switch=ON
 /detrej/init_decode=\\dedgrp\\rec\\inr
 /detrej/init_encode=\\dedgrp\\rec\\inr
 /detrej/sav_decode=\\dedgrp\\rec\\inr
+#备忘录
+/diasel/sel_encode=\\dialst[]\\objinr
+#主页
+/office/offp_todo_encode=\\offp\\todolst[]\\objinr
 #复核夹
 /trnrel/searow_encode=\\recpan\\trnlst[]\\inr
 /trnrel/init_decode=\\trn\\inr
@@ -152,16 +159,6 @@ switch=ON
 /trnrel/relrow_decode=\\trn\\inr
 /trnrel/reprow_decode=\\trn\\inr
-#经办夹
-#/sptsel/sel_encode=\\sptp\\lst[]\\objinr