From f64f225b2e15a352b593b4e9fa6dff0361825806 Mon Sep 17 00:00:00 2001 From: liulu Date: Mon, 2 Dec 2024 16:40:19 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E7=99=BD=E5=90=8D=E5=8D=95?= =?UTF-8?q?=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/sunyard/chsm/config/IpFilter.java | 85 +++++++++++++++++++ .../chsm}/constant/ParamConfKeyConstant.java | 2 +- .../sunyard/chsm}/mapper/ParamConfMapper.java | 4 +- .../sunyard/chsm/model}/entity/ParamConf.java | 13 +-- .../java/com/sunyard/chsm/utils/IpUtils.java | 52 ++++++++++++ .../chsm/service/impl/DeviceServiceImpl.java | 4 +- .../service/impl/IpWhitelistServiceImpl.java | 15 +++- .../monitor/log/aspect/AuditLogAspect.java | 4 +- .../controller/ScCipherMachineController.java | 2 +- .../controller/StatusController.java | 2 +- .../controller/ParamConfController.java | 2 +- .../paramconf/service/IParamConfService.java | 2 +- .../serviceimpl/ParamConfServiceImpl.java | 14 +-- .../user/controller/ScUShieldController.java | 4 +- .../serviceimpl/ScPermissionServiceImpl.java | 8 +- .../java/com/sunyard/ssp/utils/IpUtil.java | 46 ---------- 16 files changed, 176 insertions(+), 83 deletions(-) create mode 100644 chsm-common/src/main/java/com/sunyard/chsm/config/IpFilter.java rename {chsm-web-manage/src/main/java/com/sunyard/ssp/common => chsm-common/src/main/java/com/sunyard/chsm}/constant/ParamConfKeyConstant.java (98%) rename {chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf => chsm-common/src/main/java/com/sunyard/chsm}/mapper/ParamConfMapper.java (85%) rename {chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf => chsm-common/src/main/java/com/sunyard/chsm/model}/entity/ParamConf.java (66%) create mode 100644 chsm-common/src/main/java/com/sunyard/chsm/utils/IpUtils.java delete mode 100644 chsm-web-manage/src/main/java/com/sunyard/ssp/utils/IpUtil.java diff --git a/chsm-common/src/main/java/com/sunyard/chsm/config/IpFilter.java b/chsm-common/src/main/java/com/sunyard/chsm/config/IpFilter.java new file mode 100644 index 0000000..a0bb06f --- /dev/null +++ b/chsm-common/src/main/java/com/sunyard/chsm/config/IpFilter.java @@ -0,0 +1,85 @@ +package com.sunyard.chsm.config; + + +import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; +import com.sunyard.chsm.constant.ParamConfKeyConstant; +import com.sunyard.chsm.enums.EnableStatus; +import com.sunyard.chsm.mapper.IpWhitelisttMapper; +import com.sunyard.chsm.mapper.ParamConfMapper; +import com.sunyard.chsm.model.entity.IpWhitelist; +import com.sunyard.chsm.model.entity.ParamConf; +import com.sunyard.chsm.utils.IpUtils; +import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.ApplicationArguments; +import org.springframework.boot.ApplicationRunner; +import org.springframework.http.MediaType; +import org.springframework.stereotype.Component; +import org.springframework.util.CollectionUtils; +import org.springframework.web.filter.OncePerRequestFilter; + +import javax.annotation.Resource; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Objects; +import java.util.concurrent.Executors; +import java.util.concurrent.TimeUnit; +import java.util.stream.Collectors; + +/** + * @author liulu + * @since 2024/12/2 + */ +@Slf4j +@Component +public class IpFilter extends OncePerRequestFilter implements ApplicationRunner { + + public static List whiteIps = new ArrayList<>(); + + @Resource + private IpWhitelisttMapper ipWhitelisttMapper; + @Resource + private ParamConfMapper paramConfMapper; + private Boolean enableWhiteIp = false; + + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException { + String ip = IpUtils.getIpAddress(request); + if (!enableWhiteIp || CollectionUtils.isEmpty(whiteIps) || whiteIps.contains(ip)) { + chain.doFilter(request, response); + return; + } + response.setStatus(HttpServletResponse.SC_FORBIDDEN); + response.setContentType(MediaType.TEXT_PLAIN_VALUE); + response.getWriter().println("此ip禁止访问"); + response.getWriter().flush(); + } + + + @Override + public void run(ApplicationArguments args) throws Exception { + Executors.newSingleThreadScheduledExecutor() + .scheduleWithFixedDelay(() -> { + + ParamConf conf = paramConfMapper.selectByKey(ParamConfKeyConstant.IP_WHITELIST_SWITCH); + if (conf != null) { + enableWhiteIp = Objects.equals("true", conf.getValue()); + } + if (enableWhiteIp) { + List list = ipWhitelisttMapper.selectList( + new LambdaQueryWrapper() + .eq(IpWhitelist::getScope, "global") + .eq(IpWhitelist::getStatus, EnableStatus.ENABLED.getCode()) + ); + whiteIps = list.stream().map(IpWhitelist::getIp).collect(Collectors.toList()); + } + }, 0L, 5L, TimeUnit.MINUTES); + } + + +} diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/common/constant/ParamConfKeyConstant.java b/chsm-common/src/main/java/com/sunyard/chsm/constant/ParamConfKeyConstant.java similarity index 98% rename from chsm-web-manage/src/main/java/com/sunyard/ssp/common/constant/ParamConfKeyConstant.java rename to chsm-common/src/main/java/com/sunyard/chsm/constant/ParamConfKeyConstant.java index 64ce227..c34b803 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/common/constant/ParamConfKeyConstant.java +++ b/chsm-common/src/main/java/com/sunyard/chsm/constant/ParamConfKeyConstant.java @@ -1,4 +1,4 @@ -package com.sunyard.ssp.common.constant; +package com.sunyard.chsm.constant; /** * @author:fyc diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/mapper/ParamConfMapper.java b/chsm-common/src/main/java/com/sunyard/chsm/mapper/ParamConfMapper.java similarity index 85% rename from chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/mapper/ParamConfMapper.java rename to chsm-common/src/main/java/com/sunyard/chsm/mapper/ParamConfMapper.java index b76c96f..ecd1c00 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/mapper/ParamConfMapper.java +++ b/chsm-common/src/main/java/com/sunyard/chsm/mapper/ParamConfMapper.java @@ -1,7 +1,7 @@ -package com.sunyard.ssp.modules.sysconf.paramconf.mapper; +package com.sunyard.chsm.mapper; import com.baomidou.mybatisplus.core.mapper.BaseMapper; -import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf; +import com.sunyard.chsm.model.entity.ParamConf; import org.apache.ibatis.annotations.Param; import org.apache.ibatis.annotations.Select; import org.springframework.stereotype.Repository; diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/entity/ParamConf.java b/chsm-common/src/main/java/com/sunyard/chsm/model/entity/ParamConf.java similarity index 66% rename from chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/entity/ParamConf.java rename to chsm-common/src/main/java/com/sunyard/chsm/model/entity/ParamConf.java index 374dc22..d36a093 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/entity/ParamConf.java +++ b/chsm-common/src/main/java/com/sunyard/chsm/model/entity/ParamConf.java @@ -1,10 +1,8 @@ -package com.sunyard.ssp.modules.sysconf.paramconf.entity; +package com.sunyard.chsm.model.entity; import com.baomidou.mybatisplus.annotation.TableField; import com.baomidou.mybatisplus.annotation.TableId; import com.baomidou.mybatisplus.annotation.TableName; -import io.swagger.annotations.ApiModel; -import io.swagger.annotations.ApiModelProperty; import lombok.Data; import lombok.EqualsAndHashCode; import lombok.experimental.Accessors; @@ -24,41 +22,32 @@ import java.time.LocalDateTime; @EqualsAndHashCode(callSuper = false) @Accessors(chain = true) @TableName("SC_PARAM_CONF") -@ApiModel(value="", description="") public class ParamConf implements Serializable { private static final long serialVersionUID = 1L; - @ApiModelProperty(value = "主键") @TableId("ID") private Long id; - @ApiModelProperty(value = "数据大类") @TableField("ITEM") private Integer item; - @ApiModelProperty(value = "数据名称") // @TableField("`KEY`") mysql需加 @TableField("KEY") private String key; - @ApiModelProperty(value = "数据值") @TableField("VALUE") private String value; - @ApiModelProperty(value = "数据值类型") @TableField("TYPE") private String type; - @ApiModelProperty(value = "状态") @TableField("STATUS") private Integer status; - @ApiModelProperty(value = "创建时间") @TableField("CREATE_TIME") private LocalDateTime creatTime; - @ApiModelProperty(value = "备注") @TableField("MEMO") private String memo; diff --git a/chsm-common/src/main/java/com/sunyard/chsm/utils/IpUtils.java b/chsm-common/src/main/java/com/sunyard/chsm/utils/IpUtils.java new file mode 100644 index 0000000..782214b --- /dev/null +++ b/chsm-common/src/main/java/com/sunyard/chsm/utils/IpUtils.java @@ -0,0 +1,52 @@ +package com.sunyard.chsm.utils; + +import org.springframework.util.ObjectUtils; +import org.springframework.util.StringUtils; + +import javax.servlet.http.HttpServletRequest; + +public class IpUtils { + + + /** + * 获取真实ip地址,避免获取代理ip + */ + public static String getIpAddress(HttpServletRequest request) { + if (request == null) { + return "unknown"; + } + String ip = request.getHeader("x-forwarded-for"); + + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = request.getHeader("Proxy-Client-IP"); + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = request.getHeader("X-Forwarded-For"); + if (StringUtils.hasText(ip) && !"unknown".equalsIgnoreCase(ip)) { + // 多次反向代理后会有多个IP值,第一个为真实IP。 + int index = ip.indexOf(','); + if (index != -1) { + ip = ip.substring(0, index); + } + } + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = request.getHeader("WL-Proxy-Client-IP"); + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = request.getHeader("X-Real-IP"); + } + if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { + ip = request.getRemoteAddr(); + } + if("0:0:0:0:0:0:0:1".equals(ip)){ + return "127.0.0.1"; + }else { + if(ip.equals("127.0.0.1") || ip.equalsIgnoreCase("localhost") && ObjectUtils.isEmpty(request.getRemoteAddr())){ + ip = request.getRemoteAddr(); + } + } + return ip; + } + +} diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/DeviceServiceImpl.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/DeviceServiceImpl.java index 569099f..29bf0a2 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/DeviceServiceImpl.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/DeviceServiceImpl.java @@ -8,14 +8,14 @@ import com.sunyard.chsm.dto.DeviceDTO; import com.sunyard.chsm.dto.TmkStatus; import com.sunyard.chsm.enums.ManufacturerEnum; import com.sunyard.chsm.enums.ManufacturerModelEnum; +import com.sunyard.chsm.mapper.ParamConfMapper; import com.sunyard.chsm.mapper.SpDeviceMapper; import com.sunyard.chsm.mapper.TmkInfoMapper; import com.sunyard.chsm.model.entity.Device; +import com.sunyard.chsm.model.entity.ParamConf; import com.sunyard.chsm.model.entity.TmkInfo; import com.sunyard.chsm.sdf.adapter.BcSdfApiAdaptor; import com.sunyard.chsm.service.DeviceService; -import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf; -import com.sunyard.ssp.modules.sysconf.paramconf.mapper.ParamConfMapper; import lombok.extern.slf4j.Slf4j; import org.bouncycastle.util.encoders.Hex; import org.springframework.beans.BeanUtils; diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/IpWhitelistServiceImpl.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/IpWhitelistServiceImpl.java index f476223..e82785c 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/IpWhitelistServiceImpl.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/IpWhitelistServiceImpl.java @@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.core.toolkit.IdWorker; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; +import com.sunyard.chsm.config.IpFilter; import com.sunyard.chsm.dto.IpWhitelistDTO; import com.sunyard.chsm.enums.EnableStatus; import com.sunyard.chsm.mapper.IpWhitelisttMapper; @@ -103,6 +104,7 @@ public class IpWhitelistServiceImpl implements IpWhitelistService { whitelist.setRemark(save.getMemo()); ipWhitelisttMapper.insert(whitelist); + IpFilter.whiteIps.add(save.getIpAddress()); return whitelist.getId(); } @@ -129,6 +131,13 @@ public class IpWhitelistServiceImpl implements IpWhitelistService { whitelist.setStatus(update.getStatus() == 0 ? EnableStatus.ENABLED.getCode() : EnableStatus.DISABLED.getCode()); whitelist.setUpdateTime(LocalDateTime.now()); whitelist.setRemark(update.getMemo()); + if (!Objects.equals(exist.getStatus(), whitelist.getStatus())) { + if (EnableStatus.ENABLED.getCode().equals(whitelist.getStatus())) { + IpFilter.whiteIps.add(update.getIpAddress()); + } else { + IpFilter.whiteIps.remove(update.getIpAddress()); + } + } ipWhitelisttMapper.updateById(whitelist); } @@ -136,7 +145,11 @@ public class IpWhitelistServiceImpl implements IpWhitelistService { @Override public void delete(Long[] ids) { for (Long id : ids) { - ipWhitelisttMapper.deleteById(id); + IpWhitelist whitelist = ipWhitelisttMapper.selectById(id); + if (whitelist != null) { + ipWhitelisttMapper.deleteById(id); + IpFilter.whiteIps.remove(whitelist.getIp()); + } } } } diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/aspect/AuditLogAspect.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/aspect/AuditLogAspect.java index de92c86..0915115 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/aspect/AuditLogAspect.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/aspect/AuditLogAspect.java @@ -5,12 +5,12 @@ import com.alibaba.fastjson.JSONObject; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import com.sunyard.chsm.model.R; +import com.sunyard.chsm.utils.IpUtils; import com.sunyard.ssp.common.Result; import com.sunyard.ssp.common.annotation.AuditControllerLog; import com.sunyard.ssp.modules.monitor.log.entity.AuditLog; import com.sunyard.ssp.modules.monitor.log.service.IAuditLogService; import com.sunyard.ssp.modules.user.entity.ScUser; -import com.sunyard.ssp.utils.IpUtil; import com.sunyard.ssp.utils.SecurityUtil; import com.sunyard.ssp.utils.ThreadPoolUtil; import lombok.extern.slf4j.Slf4j; @@ -119,7 +119,7 @@ public class AuditLogAspect { } //Ip信息 - auditLog.setIpAddress(IpUtil.getIpAddress(request)); + auditLog.setIpAddress(IpUtils.getIpAddress(request)); auditLog.setIpInfo("未知"); //请求相关 diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/ScCipherMachineController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/ScCipherMachineController.java index c033093..41bd438 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/ScCipherMachineController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/ScCipherMachineController.java @@ -2,6 +2,7 @@ package com.sunyard.ssp.modules.sysconf.cipherunit.controller; import com.sun.jna.Pointer; import com.sun.jna.ptr.PointerByReference; +import com.sunyard.chsm.model.entity.ParamConf; import com.sunyard.ssp.common.Result; import com.sunyard.ssp.common.annotation.AuditControllerLog; import com.sunyard.ssp.common.exception.SspwebException; @@ -11,7 +12,6 @@ import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachineVo; import com.sunyard.ssp.modules.sysconf.cipherunit.enums.RetEnum; import com.sunyard.ssp.modules.sysconf.cipherunit.service.ScCipherMachineService; import com.sunyard.ssp.modules.sysconf.cipherunit.utils.IniFileUpdater; -import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf; import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService; import com.sunyard.ssp.utils.ResultUtil; import io.swagger.annotations.Api; diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/StatusController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/StatusController.java index f788669..c3e8957 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/StatusController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/StatusController.java @@ -1,7 +1,7 @@ package com.sunyard.ssp.modules.sysconf.cipherunit.controller; +import com.sunyard.chsm.model.entity.ParamConf; import com.sunyard.ssp.common.Result; -import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf; import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService; import com.sunyard.ssp.utils.ResultUtil; import io.swagger.annotations.Api; diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/controller/ParamConfController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/controller/ParamConfController.java index 6178cbd..758ff84 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/controller/ParamConfController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/controller/ParamConfController.java @@ -1,9 +1,9 @@ package com.sunyard.ssp.modules.sysconf.paramconf.controller; +import com.sunyard.chsm.model.entity.ParamConf; import com.sunyard.ssp.common.Result; import com.sunyard.ssp.common.annotation.AuditControllerLog; -import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf; import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService; import com.sunyard.ssp.utils.ResultUtil; import io.swagger.annotations.Api; diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/service/IParamConfService.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/service/IParamConfService.java index 59d776e..6969756 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/service/IParamConfService.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/service/IParamConfService.java @@ -1,7 +1,7 @@ package com.sunyard.ssp.modules.sysconf.paramconf.service; import com.baomidou.mybatisplus.extension.service.IService; -import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf; +import com.sunyard.chsm.model.entity.ParamConf; import java.util.Map; diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/serviceimpl/ParamConfServiceImpl.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/serviceimpl/ParamConfServiceImpl.java index 36276da..13aad10 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/serviceimpl/ParamConfServiceImpl.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/serviceimpl/ParamConfServiceImpl.java @@ -2,8 +2,8 @@ package com.sunyard.ssp.modules.sysconf.paramconf.serviceimpl; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; -import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf; -import com.sunyard.ssp.modules.sysconf.paramconf.mapper.ParamConfMapper; +import com.sunyard.chsm.mapper.ParamConfMapper; +import com.sunyard.chsm.model.entity.ParamConf; import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService; import com.sunyard.ssp.modules.user.entity.ScPermission; import com.sunyard.ssp.modules.user.service.IScPermissionService; @@ -21,13 +21,13 @@ import java.util.List; import java.util.Map; import java.util.Set; +import static com.sunyard.chsm.constant.ParamConfKeyConstant.APPROVAL_TRUE; +import static com.sunyard.chsm.constant.ParamConfKeyConstant.AUTHORITY_APPROVAL_PARAM_ITEM; +import static com.sunyard.chsm.constant.ParamConfKeyConstant.ENCRYPTION_MACHINE_APPROVAL; +import static com.sunyard.chsm.constant.ParamConfKeyConstant.IP_WHITELIST_ITEM; +import static com.sunyard.chsm.constant.ParamConfKeyConstant.IP_WHITELIST_SWITCH; import static com.sunyard.ssp.common.constant.CommonConstant.STATUS_DISABLE; import static com.sunyard.ssp.common.constant.CommonConstant.STATUS_NORMAL; -import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.APPROVAL_TRUE; -import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.AUTHORITY_APPROVAL_PARAM_ITEM; -import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.ENCRYPTION_MACHINE_APPROVAL; -import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.IP_WHITELIST_ITEM; -import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.IP_WHITELIST_SWITCH; /** *

diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUShieldController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUShieldController.java index b8553d9..71aff4e 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUShieldController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUShieldController.java @@ -5,6 +5,7 @@ import cn.hutool.core.collection.CollectionUtil; import cn.hutool.core.util.StrUtil; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.fasterxml.jackson.core.JsonProcessingException; +import com.sunyard.chsm.utils.IpUtils; import com.sunyard.chsm.utils.JsonUtils; import com.sunyard.ssp.common.Result; import com.sunyard.ssp.constv.Alg; @@ -19,7 +20,6 @@ import com.sunyard.ssp.modules.user.entity.UkeyLoginParm; import com.sunyard.ssp.modules.user.service.IScUserRoleService; import com.sunyard.ssp.modules.user.service.IScUserService; import com.sunyard.ssp.util.BytesUtil; -import com.sunyard.ssp.utils.IpUtil; import com.sunyard.ssp.utils.ResultUtil; import com.sunyard.ssp.utils.SecurityUtil; import com.sunyard.ssp.utils.UserUtil; @@ -114,7 +114,7 @@ public class ScUShieldController { } auditLog.setRequestParam(JsonUtils.toJsonString(list)); //Ip信息 - auditLog.setIpAddress(IpUtil.getIpAddress(request)); + auditLog.setIpAddress(IpUtils.getIpAddress(request)); auditLog.setIpInfo("未知"); //请求相关 diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/serviceimpl/ScPermissionServiceImpl.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/serviceimpl/ScPermissionServiceImpl.java index b4d460a..f1fdf8c 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/serviceimpl/ScPermissionServiceImpl.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/serviceimpl/ScPermissionServiceImpl.java @@ -2,9 +2,9 @@ package com.sunyard.ssp.modules.user.serviceimpl; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; -import com.sunyard.ssp.common.constant.ParamConfKeyConstant; -import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf; -import com.sunyard.ssp.modules.sysconf.paramconf.mapper.ParamConfMapper; +import com.sunyard.chsm.constant.ParamConfKeyConstant; +import com.sunyard.chsm.mapper.ParamConfMapper; +import com.sunyard.chsm.model.entity.ParamConf; import com.sunyard.ssp.modules.user.entity.ScPermission; import com.sunyard.ssp.modules.user.mapper.ScPermissionMapper; import com.sunyard.ssp.modules.user.service.IScPermissionService; @@ -17,8 +17,8 @@ import java.util.HashSet; import java.util.List; import java.util.Set; +import static com.sunyard.chsm.constant.ParamConfKeyConstant.SYS_DEBUG_SWITCH; import static com.sunyard.ssp.common.constant.CommonConstant.DEFAULT_USER_ROOT_ID; -import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.SYS_DEBUG_SWITCH; /** *

diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/IpUtil.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/IpUtil.java deleted file mode 100644 index 4aadf71..0000000 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/IpUtil.java +++ /dev/null @@ -1,46 +0,0 @@ -package com.sunyard.ssp.utils; - -import javax.servlet.http.HttpServletRequest; -import java.net.InetAddress; -import java.net.UnknownHostException; - -public class IpUtil { - - - /** - * 获取真实ip地址,避免获取代理ip - */ - public static String getIpAddress(HttpServletRequest request) { - String ip = request.getHeader("x-forwarded-for"); - if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { - ip = request.getHeader("Proxy-Client-IP"); - } - if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { - ip = request.getHeader("WL-Proxy-Client-IP"); - } - if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { - ip = request.getRemoteAddr(); - if ("127.0.0.1".equals(ip)) { - //根据网卡取本机配置的IP - InetAddress inet = null; - try { - inet = InetAddress.getLocalHost(); - } catch (UnknownHostException e) { - e.printStackTrace(); - } - ip = inet.getHostAddress(); - } - } - - if (ip != null && ip.length() > 15) { - if (ip.indexOf(",") > 0) { - ip = ip.substring(0, ip.indexOf(",")); - } - } - if("0:0:0:0:0:0:0:1".equals(ip)){ - ip="127.0.0.1"; - } - return ip; - } - -}