# desensitize

**Repository Path**: LySoY/desensitize

## Basic Information

- **Project Name**: desensitize
- **Description**: 脱敏工具切面类，获取脱敏规则对返回结果集进行脱敏
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 1
- **Forks**: 0
- **Created**: 2023-06-21
- **Last Updated**: 2023-06-21

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# 如何使用
1.在配置类中定义IDesensitizeService的实现类的bean和切面bean
默认实现类RemoteDesensitizeService第一个参数是获取规则列表的远程地址接口；
第二个参数是request的header名称，用于获取规则

```java
@Configuration
public class DesensitizeConfig {
    @Value("${url.desensitize}")
    private String desensitizeUrl;
    
    @Bean
    public IDesensitizeService idesensitizeService(){
        return new RemoteDesensitizeService(desensitizeUrl, SystemConstant.DEFAULT_TOKEN_KEY);
    }

    @Bean
    public DesensitizeAspect desensitizeAspect(IDesensitizeService desensitizeService) {
        return new DesensitizeAspect(desensitizeService, new DesensitizeUtil());
    }
}
```

默认带缓存的实现类
```java
@Configuration
public class DesensitizeConfig {
    @Value("${url.desensitize}")
    private String desensitizeUrl;

    @Bean
    public IDesensitizeService idesensitizeService(RedisTemplate redisTemplate){
        return new RemoteWithCacheDesensitizeService(redisTemplate, "SYS:DESENSITIZE:", desensitizeUrl, SystemConstant.DEFAULT_TOKEN_KEY, null, 1);
    }

    @Bean
    public DesensitizeAspect desensitizeAspect(IDesensitizeService desensitizeService) {
        return new DesensitizeAspect(desensitizeService, new ExtendDesensitizeUtil());
    }
}
```


2.在需要脱敏的接口上使用RequiredDesensitize注解
a.简单模式。只标注注解,哪些字段使用哪种脱敏规则需要通过其它方式配置
例如：    @RequiredDesensitize

b.复杂模式。标注返回结果中哪些字段使用哪种脱敏规则，字段使用全路径
例如：    @RequiredDesensitize(simpleMode = false, phone = {"data.list.phone"})

# 特别说明
1.请在URL接口上使用RequiredDesensitize注解
2.如果返回结果为String类型，不进行脱敏
3.如果返回ModelAndView，如下载接口，请手动调用Util中的方法进行脱敏

扩展：
1.自定义IDesensitizeService接口的实现类，如下
```java
@Slf4j
public class RedisDesensitizeService implements IDesensitizeService {
    private final RedisTemplate redisTemplate;
    private final String redisKey;
    private final String roleKey;

    @Autowired
    public RedisDesensitizeService(RedisTemplate redisTemplate, String redisKey, String roleKey) {
        this.redisTemplate = redisTemplate;
        this.redisKey = redisKey;
        this.roleKey = roleKey;
    }

    /**
     * 获取当前查询用户脱敏规则,如果同字段有多个规则，保留最后创建的
     * 建议把角色id放在redis中，防止从sql中读取导致死循环
     *
     * @param request
     */
    @Override
    public List<DesensitizeRule> getRules(HttpServletRequest request, String mapperId) {
        String header = roleKey+request.getHeader(SystemConstant.DEFAULT_TOKEN_KEY);
        String roleId = get(header).toString();
        return keepLast(getRules(roleId,mapperId));
    }

    /**
     * 每种规则只保留一个，保留创建时间为最后的
     */
    private List<DesensitizeRule> keepLast(List<DesensitizeRule> rules){
        Map<String, DesensitizeRule> map = new HashMap<>();
        for(DesensitizeRule rule: rules) {
            String column = rule.getColumn();
            if (!map.containsKey(column)) {
                map.put(column, rule);
            }else {
                DesensitizeRule old = map.get(column);
                if (null != old.getCreateTime()) {
                    if (null != rule.getCreateTime()) {
                        if (old.getCreateTime().before(rule.getCreateTime())) {
                            map.put(column, rule);
                        }
                    }
                }else {
                    if (null != rule.getCreateTime()) {
                        map.put(column, rule);
                    }
                }
            }
        }
        return new ArrayList<>(map.values());
    }

    /**
     * 每种规则只保留一个，保留序号最大的
     */
    private List<DesensitizeRule> keepMaxSort(List<DesensitizeRule> rules){
        Map<String, DesensitizeRule> map = new HashMap<>();
        for(DesensitizeRule rule: rules) {
            String column = rule.getColumn();
            if (!map.containsKey(column)) {
                map.put(column, rule);
            }else {
                DesensitizeRule old = map.get(column);
                if (null != old.getSort()) {
                    if (null != rule.getSort()) {
                        if (old.getSort()<(rule.getSort())) {
                            map.put(column, rule);
                        }
                    }
                }else {
                    if (null != rule.getSort()) {
                        map.put(column, rule);
                    }
                }
            }
        }
        return new ArrayList<>(map.values());
    }

    /**
     * 写入缓存
     * @param key
     * @param value
     * @return
     */
    public boolean set(final String key, Object value) {
        boolean result = false;
        try {
            ValueOperations<Serializable, Object> operations = redisTemplate.opsForValue();
            operations.set(key, value);
            result = true;
        } catch (Exception e) {
            log.error("RedisUtil.set异常,key:"+key,e);
        }
        return result;
    }

    /**
     * 删除对应的value
     * @param key
     */
    public boolean remove(final String key) {
        if (exists(key)) {
            return redisTemplate.delete(key);
        }
        return true;
    }

    /**
     * 读取缓存
     * @param key
     * @return
     */
    public Object get(final String key) {
        Object result;
        ValueOperations<Serializable, Object> operations = redisTemplate.opsForValue();
        result = operations.get(key);
        return result;
    }
    /**
     * 判断缓存中是否有对应的value
     * @param key
     * @return
     */
    public boolean exists(final String key) {
        return redisTemplate.hasKey(key);
    }

}
```

2.自定义脱敏方法：定义扩展脱敏方法类继承DesensitizeUtil并重写父类扩展方法，脱敏规则选择扩展规则
```java
public class ExtendDesensitizeUtil extends DesensitizeUtil {
    @Override
    protected String extend(String original, int length, Integer value) {
        return "test";
    }
}
```

# 引入方法
```
        <!--加载本地jar包-->
        <dependency>
            <groupId>com.zdxlz</groupId>
            <artifactId>desensitize</artifactId>
            <version>1.0-SNAPSHOT</version>
            <scope>system</scope>
            <systemPath>${project.basedir}/src/main/resources/lib/desensitize-1.0-SNAPSHOT.jar</systemPath>
        </dependency>
```