增加白名单配置
This commit is contained in:
liulu
parent
ff10930668
commit
f64f225b2e
@ -0,0 +1,85 @@
|
|||||||
|
package com.sunyard.chsm.config;
|
||||||
|
|
||||||
|
|
||||||
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||||
|
import com.sunyard.chsm.constant.ParamConfKeyConstant;
|
||||||
|
import com.sunyard.chsm.enums.EnableStatus;
|
||||||
|
import com.sunyard.chsm.mapper.IpWhitelisttMapper;
|
||||||
|
import com.sunyard.chsm.mapper.ParamConfMapper;
|
||||||
|
import com.sunyard.chsm.model.entity.IpWhitelist;
|
||||||
|
import com.sunyard.chsm.model.entity.ParamConf;
|
||||||
|
import com.sunyard.chsm.utils.IpUtils;
|
||||||
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
import org.springframework.boot.ApplicationArguments;
|
||||||
|
import org.springframework.boot.ApplicationRunner;
|
||||||
|
import org.springframework.http.MediaType;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.util.CollectionUtils;
|
||||||
|
import org.springframework.web.filter.OncePerRequestFilter;
|
||||||
|
|
||||||
|
import javax.annotation.Resource;
|
||||||
|
import javax.servlet.FilterChain;
|
||||||
|
import javax.servlet.ServletException;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Objects;
|
||||||
|
import java.util.concurrent.Executors;
|
||||||
|
import java.util.concurrent.TimeUnit;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author liulu
|
||||||
|
* @since 2024/12/2
|
||||||
|
*/
|
||||||
|
@Slf4j
|
||||||
|
@Component
|
||||||
|
public class IpFilter extends OncePerRequestFilter implements ApplicationRunner {
|
||||||
|
|
||||||
|
public static List<String> whiteIps = new ArrayList<>();
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private IpWhitelisttMapper ipWhitelisttMapper;
|
||||||
|
@Resource
|
||||||
|
private ParamConfMapper paramConfMapper;
|
||||||
|
private Boolean enableWhiteIp = false;
|
||||||
|
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
|
||||||
|
String ip = IpUtils.getIpAddress(request);
|
||||||
|
if (!enableWhiteIp || CollectionUtils.isEmpty(whiteIps) || whiteIps.contains(ip)) {
|
||||||
|
chain.doFilter(request, response);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
|
||||||
|
response.setContentType(MediaType.TEXT_PLAIN_VALUE);
|
||||||
|
response.getWriter().println("此ip禁止访问");
|
||||||
|
response.getWriter().flush();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void run(ApplicationArguments args) throws Exception {
|
||||||
|
Executors.newSingleThreadScheduledExecutor()
|
||||||
|
.scheduleWithFixedDelay(() -> {
|
||||||
|
|
||||||
|
ParamConf conf = paramConfMapper.selectByKey(ParamConfKeyConstant.IP_WHITELIST_SWITCH);
|
||||||
|
if (conf != null) {
|
||||||
|
enableWhiteIp = Objects.equals("true", conf.getValue());
|
||||||
|
}
|
||||||
|
if (enableWhiteIp) {
|
||||||
|
List<IpWhitelist> list = ipWhitelisttMapper.selectList(
|
||||||
|
new LambdaQueryWrapper<IpWhitelist>()
|
||||||
|
.eq(IpWhitelist::getScope, "global")
|
||||||
|
.eq(IpWhitelist::getStatus, EnableStatus.ENABLED.getCode())
|
||||||
|
);
|
||||||
|
whiteIps = list.stream().map(IpWhitelist::getIp).collect(Collectors.toList());
|
||||||
|
}
|
||||||
|
}, 0L, 5L, TimeUnit.MINUTES);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
@ -1,4 +1,4 @@
|
|||||||
package com.sunyard.ssp.common.constant;
|
package com.sunyard.chsm.constant;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author:fyc
|
* @author:fyc
|
||||||
@ -1,7 +1,7 @@
|
|||||||
package com.sunyard.ssp.modules.sysconf.paramconf.mapper;
|
package com.sunyard.chsm.mapper;
|
||||||
|
|
||||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
|
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
|
import com.sunyard.chsm.model.entity.ParamConf;
|
||||||
import org.apache.ibatis.annotations.Param;
|
import org.apache.ibatis.annotations.Param;
|
||||||
import org.apache.ibatis.annotations.Select;
|
import org.apache.ibatis.annotations.Select;
|
||||||
import org.springframework.stereotype.Repository;
|
import org.springframework.stereotype.Repository;
|
||||||
@ -1,10 +1,8 @@
|
|||||||
package com.sunyard.ssp.modules.sysconf.paramconf.entity;
|
package com.sunyard.chsm.model.entity;
|
||||||
|
|
||||||
import com.baomidou.mybatisplus.annotation.TableField;
|
import com.baomidou.mybatisplus.annotation.TableField;
|
||||||
import com.baomidou.mybatisplus.annotation.TableId;
|
import com.baomidou.mybatisplus.annotation.TableId;
|
||||||
import com.baomidou.mybatisplus.annotation.TableName;
|
import com.baomidou.mybatisplus.annotation.TableName;
|
||||||
import io.swagger.annotations.ApiModel;
|
|
||||||
import io.swagger.annotations.ApiModelProperty;
|
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
import lombok.EqualsAndHashCode;
|
import lombok.EqualsAndHashCode;
|
||||||
import lombok.experimental.Accessors;
|
import lombok.experimental.Accessors;
|
||||||
@ -24,41 +22,32 @@ import java.time.LocalDateTime;
|
|||||||
@EqualsAndHashCode(callSuper = false)
|
@EqualsAndHashCode(callSuper = false)
|
||||||
@Accessors(chain = true)
|
@Accessors(chain = true)
|
||||||
@TableName("SC_PARAM_CONF")
|
@TableName("SC_PARAM_CONF")
|
||||||
@ApiModel(value="", description="")
|
|
||||||
public class ParamConf implements Serializable {
|
public class ParamConf implements Serializable {
|
||||||
|
|
||||||
private static final long serialVersionUID = 1L;
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
@ApiModelProperty(value = "主键")
|
|
||||||
@TableId("ID")
|
@TableId("ID")
|
||||||
private Long id;
|
private Long id;
|
||||||
|
|
||||||
@ApiModelProperty(value = "数据大类")
|
|
||||||
@TableField("ITEM")
|
@TableField("ITEM")
|
||||||
private Integer item;
|
private Integer item;
|
||||||
|
|
||||||
@ApiModelProperty(value = "数据名称")
|
|
||||||
// @TableField("`KEY`") mysql需加
|
// @TableField("`KEY`") mysql需加
|
||||||
@TableField("KEY")
|
@TableField("KEY")
|
||||||
private String key;
|
private String key;
|
||||||
|
|
||||||
@ApiModelProperty(value = "数据值")
|
|
||||||
@TableField("VALUE")
|
@TableField("VALUE")
|
||||||
private String value;
|
private String value;
|
||||||
|
|
||||||
@ApiModelProperty(value = "数据值类型")
|
|
||||||
@TableField("TYPE")
|
@TableField("TYPE")
|
||||||
private String type;
|
private String type;
|
||||||
|
|
||||||
@ApiModelProperty(value = "状态")
|
|
||||||
@TableField("STATUS")
|
@TableField("STATUS")
|
||||||
private Integer status;
|
private Integer status;
|
||||||
|
|
||||||
@ApiModelProperty(value = "创建时间")
|
|
||||||
@TableField("CREATE_TIME")
|
@TableField("CREATE_TIME")
|
||||||
private LocalDateTime creatTime;
|
private LocalDateTime creatTime;
|
||||||
|
|
||||||
@ApiModelProperty(value = "备注")
|
|
||||||
@TableField("MEMO")
|
@TableField("MEMO")
|
||||||
private String memo;
|
private String memo;
|
||||||
|
|
||||||
@ -0,0 +1,52 @@
|
|||||||
|
package com.sunyard.chsm.utils;
|
||||||
|
|
||||||
|
import org.springframework.util.ObjectUtils;
|
||||||
|
import org.springframework.util.StringUtils;
|
||||||
|
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
|
public class IpUtils {
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 获取真实ip地址,避免获取代理ip
|
||||||
|
*/
|
||||||
|
public static String getIpAddress(HttpServletRequest request) {
|
||||||
|
if (request == null) {
|
||||||
|
return "unknown";
|
||||||
|
}
|
||||||
|
String ip = request.getHeader("x-forwarded-for");
|
||||||
|
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getHeader("Proxy-Client-IP");
|
||||||
|
}
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getHeader("X-Forwarded-For");
|
||||||
|
if (StringUtils.hasText(ip) && !"unknown".equalsIgnoreCase(ip)) {
|
||||||
|
// 多次反向代理后会有多个IP值,第一个为真实IP。
|
||||||
|
int index = ip.indexOf(',');
|
||||||
|
if (index != -1) {
|
||||||
|
ip = ip.substring(0, index);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getHeader("WL-Proxy-Client-IP");
|
||||||
|
}
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getHeader("X-Real-IP");
|
||||||
|
}
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getRemoteAddr();
|
||||||
|
}
|
||||||
|
if("0:0:0:0:0:0:0:1".equals(ip)){
|
||||||
|
return "127.0.0.1";
|
||||||
|
}else {
|
||||||
|
if(ip.equals("127.0.0.1") || ip.equalsIgnoreCase("localhost") && ObjectUtils.isEmpty(request.getRemoteAddr())){
|
||||||
|
ip = request.getRemoteAddr();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return ip;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
@ -8,14 +8,14 @@ import com.sunyard.chsm.dto.DeviceDTO;
|
|||||||
import com.sunyard.chsm.dto.TmkStatus;
|
import com.sunyard.chsm.dto.TmkStatus;
|
||||||
import com.sunyard.chsm.enums.ManufacturerEnum;
|
import com.sunyard.chsm.enums.ManufacturerEnum;
|
||||||
import com.sunyard.chsm.enums.ManufacturerModelEnum;
|
import com.sunyard.chsm.enums.ManufacturerModelEnum;
|
||||||
|
import com.sunyard.chsm.mapper.ParamConfMapper;
|
||||||
import com.sunyard.chsm.mapper.SpDeviceMapper;
|
import com.sunyard.chsm.mapper.SpDeviceMapper;
|
||||||
import com.sunyard.chsm.mapper.TmkInfoMapper;
|
import com.sunyard.chsm.mapper.TmkInfoMapper;
|
||||||
import com.sunyard.chsm.model.entity.Device;
|
import com.sunyard.chsm.model.entity.Device;
|
||||||
|
import com.sunyard.chsm.model.entity.ParamConf;
|
||||||
import com.sunyard.chsm.model.entity.TmkInfo;
|
import com.sunyard.chsm.model.entity.TmkInfo;
|
||||||
import com.sunyard.chsm.sdf.adapter.BcSdfApiAdaptor;
|
import com.sunyard.chsm.sdf.adapter.BcSdfApiAdaptor;
|
||||||
import com.sunyard.chsm.service.DeviceService;
|
import com.sunyard.chsm.service.DeviceService;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
|
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.mapper.ParamConfMapper;
|
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.bouncycastle.util.encoders.Hex;
|
import org.bouncycastle.util.encoders.Hex;
|
||||||
import org.springframework.beans.BeanUtils;
|
import org.springframework.beans.BeanUtils;
|
||||||
|
|||||||
@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
|||||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
import com.baomidou.mybatisplus.core.metadata.IPage;
|
||||||
import com.baomidou.mybatisplus.core.toolkit.IdWorker;
|
import com.baomidou.mybatisplus.core.toolkit.IdWorker;
|
||||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||||
|
import com.sunyard.chsm.config.IpFilter;
|
||||||
import com.sunyard.chsm.dto.IpWhitelistDTO;
|
import com.sunyard.chsm.dto.IpWhitelistDTO;
|
||||||
import com.sunyard.chsm.enums.EnableStatus;
|
import com.sunyard.chsm.enums.EnableStatus;
|
||||||
import com.sunyard.chsm.mapper.IpWhitelisttMapper;
|
import com.sunyard.chsm.mapper.IpWhitelisttMapper;
|
||||||
@ -103,6 +104,7 @@ public class IpWhitelistServiceImpl implements IpWhitelistService {
|
|||||||
whitelist.setRemark(save.getMemo());
|
whitelist.setRemark(save.getMemo());
|
||||||
|
|
||||||
ipWhitelisttMapper.insert(whitelist);
|
ipWhitelisttMapper.insert(whitelist);
|
||||||
|
IpFilter.whiteIps.add(save.getIpAddress());
|
||||||
|
|
||||||
return whitelist.getId();
|
return whitelist.getId();
|
||||||
}
|
}
|
||||||
@ -129,6 +131,13 @@ public class IpWhitelistServiceImpl implements IpWhitelistService {
|
|||||||
whitelist.setStatus(update.getStatus() == 0 ? EnableStatus.ENABLED.getCode() : EnableStatus.DISABLED.getCode());
|
whitelist.setStatus(update.getStatus() == 0 ? EnableStatus.ENABLED.getCode() : EnableStatus.DISABLED.getCode());
|
||||||
whitelist.setUpdateTime(LocalDateTime.now());
|
whitelist.setUpdateTime(LocalDateTime.now());
|
||||||
whitelist.setRemark(update.getMemo());
|
whitelist.setRemark(update.getMemo());
|
||||||
|
if (!Objects.equals(exist.getStatus(), whitelist.getStatus())) {
|
||||||
|
if (EnableStatus.ENABLED.getCode().equals(whitelist.getStatus())) {
|
||||||
|
IpFilter.whiteIps.add(update.getIpAddress());
|
||||||
|
} else {
|
||||||
|
IpFilter.whiteIps.remove(update.getIpAddress());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
ipWhitelisttMapper.updateById(whitelist);
|
ipWhitelisttMapper.updateById(whitelist);
|
||||||
}
|
}
|
||||||
@ -136,7 +145,11 @@ public class IpWhitelistServiceImpl implements IpWhitelistService {
|
|||||||
@Override
|
@Override
|
||||||
public void delete(Long[] ids) {
|
public void delete(Long[] ids) {
|
||||||
for (Long id : ids) {
|
for (Long id : ids) {
|
||||||
|
IpWhitelist whitelist = ipWhitelisttMapper.selectById(id);
|
||||||
|
if (whitelist != null) {
|
||||||
ipWhitelisttMapper.deleteById(id);
|
ipWhitelisttMapper.deleteById(id);
|
||||||
|
IpFilter.whiteIps.remove(whitelist.getIp());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -5,12 +5,12 @@ import com.alibaba.fastjson.JSONObject;
|
|||||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
import com.sunyard.chsm.model.R;
|
import com.sunyard.chsm.model.R;
|
||||||
|
import com.sunyard.chsm.utils.IpUtils;
|
||||||
import com.sunyard.ssp.common.Result;
|
import com.sunyard.ssp.common.Result;
|
||||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||||
import com.sunyard.ssp.modules.monitor.log.entity.AuditLog;
|
import com.sunyard.ssp.modules.monitor.log.entity.AuditLog;
|
||||||
import com.sunyard.ssp.modules.monitor.log.service.IAuditLogService;
|
import com.sunyard.ssp.modules.monitor.log.service.IAuditLogService;
|
||||||
import com.sunyard.ssp.modules.user.entity.ScUser;
|
import com.sunyard.ssp.modules.user.entity.ScUser;
|
||||||
import com.sunyard.ssp.utils.IpUtil;
|
|
||||||
import com.sunyard.ssp.utils.SecurityUtil;
|
import com.sunyard.ssp.utils.SecurityUtil;
|
||||||
import com.sunyard.ssp.utils.ThreadPoolUtil;
|
import com.sunyard.ssp.utils.ThreadPoolUtil;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
@ -119,7 +119,7 @@ public class AuditLogAspect {
|
|||||||
}
|
}
|
||||||
|
|
||||||
//Ip信息
|
//Ip信息
|
||||||
auditLog.setIpAddress(IpUtil.getIpAddress(request));
|
auditLog.setIpAddress(IpUtils.getIpAddress(request));
|
||||||
auditLog.setIpInfo("未知");
|
auditLog.setIpInfo("未知");
|
||||||
|
|
||||||
//请求相关
|
//请求相关
|
||||||
|
|||||||
@ -2,6 +2,7 @@ package com.sunyard.ssp.modules.sysconf.cipherunit.controller;
|
|||||||
|
|
||||||
import com.sun.jna.Pointer;
|
import com.sun.jna.Pointer;
|
||||||
import com.sun.jna.ptr.PointerByReference;
|
import com.sun.jna.ptr.PointerByReference;
|
||||||
|
import com.sunyard.chsm.model.entity.ParamConf;
|
||||||
import com.sunyard.ssp.common.Result;
|
import com.sunyard.ssp.common.Result;
|
||||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||||
import com.sunyard.ssp.common.exception.SspwebException;
|
import com.sunyard.ssp.common.exception.SspwebException;
|
||||||
@ -11,7 +12,6 @@ import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachineVo;
|
|||||||
import com.sunyard.ssp.modules.sysconf.cipherunit.enums.RetEnum;
|
import com.sunyard.ssp.modules.sysconf.cipherunit.enums.RetEnum;
|
||||||
import com.sunyard.ssp.modules.sysconf.cipherunit.service.ScCipherMachineService;
|
import com.sunyard.ssp.modules.sysconf.cipherunit.service.ScCipherMachineService;
|
||||||
import com.sunyard.ssp.modules.sysconf.cipherunit.utils.IniFileUpdater;
|
import com.sunyard.ssp.modules.sysconf.cipherunit.utils.IniFileUpdater;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
|
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
||||||
import com.sunyard.ssp.utils.ResultUtil;
|
import com.sunyard.ssp.utils.ResultUtil;
|
||||||
import io.swagger.annotations.Api;
|
import io.swagger.annotations.Api;
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
package com.sunyard.ssp.modules.sysconf.cipherunit.controller;
|
package com.sunyard.ssp.modules.sysconf.cipherunit.controller;
|
||||||
|
|
||||||
|
import com.sunyard.chsm.model.entity.ParamConf;
|
||||||
import com.sunyard.ssp.common.Result;
|
import com.sunyard.ssp.common.Result;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
|
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
||||||
import com.sunyard.ssp.utils.ResultUtil;
|
import com.sunyard.ssp.utils.ResultUtil;
|
||||||
import io.swagger.annotations.Api;
|
import io.swagger.annotations.Api;
|
||||||
|
|||||||
@ -1,9 +1,9 @@
|
|||||||
package com.sunyard.ssp.modules.sysconf.paramconf.controller;
|
package com.sunyard.ssp.modules.sysconf.paramconf.controller;
|
||||||
|
|
||||||
|
|
||||||
|
import com.sunyard.chsm.model.entity.ParamConf;
|
||||||
import com.sunyard.ssp.common.Result;
|
import com.sunyard.ssp.common.Result;
|
||||||
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
import com.sunyard.ssp.common.annotation.AuditControllerLog;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
|
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
||||||
import com.sunyard.ssp.utils.ResultUtil;
|
import com.sunyard.ssp.utils.ResultUtil;
|
||||||
import io.swagger.annotations.Api;
|
import io.swagger.annotations.Api;
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
package com.sunyard.ssp.modules.sysconf.paramconf.service;
|
package com.sunyard.ssp.modules.sysconf.paramconf.service;
|
||||||
|
|
||||||
import com.baomidou.mybatisplus.extension.service.IService;
|
import com.baomidou.mybatisplus.extension.service.IService;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
|
import com.sunyard.chsm.model.entity.ParamConf;
|
||||||
|
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
|
|||||||
@ -2,8 +2,8 @@ package com.sunyard.ssp.modules.sysconf.paramconf.serviceimpl;
|
|||||||
|
|
||||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
|
import com.sunyard.chsm.mapper.ParamConfMapper;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.mapper.ParamConfMapper;
|
import com.sunyard.chsm.model.entity.ParamConf;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
|
||||||
import com.sunyard.ssp.modules.user.entity.ScPermission;
|
import com.sunyard.ssp.modules.user.entity.ScPermission;
|
||||||
import com.sunyard.ssp.modules.user.service.IScPermissionService;
|
import com.sunyard.ssp.modules.user.service.IScPermissionService;
|
||||||
@ -21,13 +21,13 @@ import java.util.List;
|
|||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
|
import static com.sunyard.chsm.constant.ParamConfKeyConstant.APPROVAL_TRUE;
|
||||||
|
import static com.sunyard.chsm.constant.ParamConfKeyConstant.AUTHORITY_APPROVAL_PARAM_ITEM;
|
||||||
|
import static com.sunyard.chsm.constant.ParamConfKeyConstant.ENCRYPTION_MACHINE_APPROVAL;
|
||||||
|
import static com.sunyard.chsm.constant.ParamConfKeyConstant.IP_WHITELIST_ITEM;
|
||||||
|
import static com.sunyard.chsm.constant.ParamConfKeyConstant.IP_WHITELIST_SWITCH;
|
||||||
import static com.sunyard.ssp.common.constant.CommonConstant.STATUS_DISABLE;
|
import static com.sunyard.ssp.common.constant.CommonConstant.STATUS_DISABLE;
|
||||||
import static com.sunyard.ssp.common.constant.CommonConstant.STATUS_NORMAL;
|
import static com.sunyard.ssp.common.constant.CommonConstant.STATUS_NORMAL;
|
||||||
import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.APPROVAL_TRUE;
|
|
||||||
import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.AUTHORITY_APPROVAL_PARAM_ITEM;
|
|
||||||
import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.ENCRYPTION_MACHINE_APPROVAL;
|
|
||||||
import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.IP_WHITELIST_ITEM;
|
|
||||||
import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.IP_WHITELIST_SWITCH;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* <p>
|
* <p>
|
||||||
|
|||||||
@ -5,6 +5,7 @@ import cn.hutool.core.collection.CollectionUtil;
|
|||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||||
|
import com.sunyard.chsm.utils.IpUtils;
|
||||||
import com.sunyard.chsm.utils.JsonUtils;
|
import com.sunyard.chsm.utils.JsonUtils;
|
||||||
import com.sunyard.ssp.common.Result;
|
import com.sunyard.ssp.common.Result;
|
||||||
import com.sunyard.ssp.constv.Alg;
|
import com.sunyard.ssp.constv.Alg;
|
||||||
@ -19,7 +20,6 @@ import com.sunyard.ssp.modules.user.entity.UkeyLoginParm;
|
|||||||
import com.sunyard.ssp.modules.user.service.IScUserRoleService;
|
import com.sunyard.ssp.modules.user.service.IScUserRoleService;
|
||||||
import com.sunyard.ssp.modules.user.service.IScUserService;
|
import com.sunyard.ssp.modules.user.service.IScUserService;
|
||||||
import com.sunyard.ssp.util.BytesUtil;
|
import com.sunyard.ssp.util.BytesUtil;
|
||||||
import com.sunyard.ssp.utils.IpUtil;
|
|
||||||
import com.sunyard.ssp.utils.ResultUtil;
|
import com.sunyard.ssp.utils.ResultUtil;
|
||||||
import com.sunyard.ssp.utils.SecurityUtil;
|
import com.sunyard.ssp.utils.SecurityUtil;
|
||||||
import com.sunyard.ssp.utils.UserUtil;
|
import com.sunyard.ssp.utils.UserUtil;
|
||||||
@ -114,7 +114,7 @@ public class ScUShieldController {
|
|||||||
}
|
}
|
||||||
auditLog.setRequestParam(JsonUtils.toJsonString(list));
|
auditLog.setRequestParam(JsonUtils.toJsonString(list));
|
||||||
//Ip信息
|
//Ip信息
|
||||||
auditLog.setIpAddress(IpUtil.getIpAddress(request));
|
auditLog.setIpAddress(IpUtils.getIpAddress(request));
|
||||||
auditLog.setIpInfo("未知");
|
auditLog.setIpInfo("未知");
|
||||||
|
|
||||||
//请求相关
|
//请求相关
|
||||||
|
|||||||
@ -2,9 +2,9 @@ package com.sunyard.ssp.modules.user.serviceimpl;
|
|||||||
|
|
||||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||||
import com.sunyard.ssp.common.constant.ParamConfKeyConstant;
|
import com.sunyard.chsm.constant.ParamConfKeyConstant;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
|
import com.sunyard.chsm.mapper.ParamConfMapper;
|
||||||
import com.sunyard.ssp.modules.sysconf.paramconf.mapper.ParamConfMapper;
|
import com.sunyard.chsm.model.entity.ParamConf;
|
||||||
import com.sunyard.ssp.modules.user.entity.ScPermission;
|
import com.sunyard.ssp.modules.user.entity.ScPermission;
|
||||||
import com.sunyard.ssp.modules.user.mapper.ScPermissionMapper;
|
import com.sunyard.ssp.modules.user.mapper.ScPermissionMapper;
|
||||||
import com.sunyard.ssp.modules.user.service.IScPermissionService;
|
import com.sunyard.ssp.modules.user.service.IScPermissionService;
|
||||||
@ -17,8 +17,8 @@ import java.util.HashSet;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
|
import static com.sunyard.chsm.constant.ParamConfKeyConstant.SYS_DEBUG_SWITCH;
|
||||||
import static com.sunyard.ssp.common.constant.CommonConstant.DEFAULT_USER_ROOT_ID;
|
import static com.sunyard.ssp.common.constant.CommonConstant.DEFAULT_USER_ROOT_ID;
|
||||||
import static com.sunyard.ssp.common.constant.ParamConfKeyConstant.SYS_DEBUG_SWITCH;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* <p>
|
* <p>
|
||||||
|
|||||||
@ -1,46 +0,0 @@
|
|||||||
package com.sunyard.ssp.utils;
|
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
|
||||||
import java.net.InetAddress;
|
|
||||||
import java.net.UnknownHostException;
|
|
||||||
|
|
||||||
public class IpUtil {
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 获取真实ip地址,避免获取代理ip
|
|
||||||
*/
|
|
||||||
public static String getIpAddress(HttpServletRequest request) {
|
|
||||||
String ip = request.getHeader("x-forwarded-for");
|
|
||||||
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
|
||||||
ip = request.getHeader("Proxy-Client-IP");
|
|
||||||
}
|
|
||||||
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
|
||||||
ip = request.getHeader("WL-Proxy-Client-IP");
|
|
||||||
}
|
|
||||||
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
|
||||||
ip = request.getRemoteAddr();
|
|
||||||
if ("127.0.0.1".equals(ip)) {
|
|
||||||
//根据网卡取本机配置的IP
|
|
||||||
InetAddress inet = null;
|
|
||||||
try {
|
|
||||||
inet = InetAddress.getLocalHost();
|
|
||||||
} catch (UnknownHostException e) {
|
|
||||||
e.printStackTrace();
|
|
||||||
}
|
|
||||||
ip = inet.getHostAddress();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (ip != null && ip.length() > 15) {
|
|
||||||
if (ip.indexOf(",") > 0) {
|
|
||||||
ip = ip.substring(0, ip.indexOf(","));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if("0:0:0:0:0:0:0:1".equals(ip)){
|
|
||||||
ip="127.0.0.1";
|
|
||||||
}
|
|
||||||
return ip;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
Loading…
Reference in New Issue
Block a user