Pre Merge pull request !421 from AhYi/master

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/annotation/NoSensitive.java

@@ -0,0 +1,15 @@
+package com.ruoyi.common.core.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * @Description “关闭” 数据脱敏
+ * @Author AhYi
+ * @Date 2025-07-07 10:23
+ */
+
+@Target({ElementType.TYPE, ElementType.METHOD})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface NoSensitive {
+}

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/aspect/NoSensitiveAspect.java

@@ -0,0 +1,29 @@
+package com.ruoyi.common.core.aspect;
+
+import com.ruoyi.common.core.annotation.NoSensitive;
+import com.ruoyi.common.core.context.SensitiveContextHolder;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.springframework.stereotype.Component;
+
+/**
+ * @Description @NoSensitive 注解切面，主要用户对方法的注解
+ * @Author AhYi
+ * @Date 2025-07-07 10:31
+ */
+
+@Aspect
+@Component
+public class NoSensitiveAspect {
+
+    @Around("@annotation(noSensitive)")
+    public Object around(ProceedingJoinPoint joinPoint, NoSensitive noSensitive) throws Throwable {
+        try {
+            SensitiveContextHolder.enterNoSensitiveScope();
+            return joinPoint.proceed();
+        } finally {
+            SensitiveContextHolder.exitNoSensitiveScope();
+        }
+    }
+}

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/context/SensitiveContextHolder.java

@@ -0,0 +1,36 @@
+package com.ruoyi.common.core.context;
+
+/**
+ * @Description Sensitive 数据脱敏上下文管理，存储当前线程是否需要脱敏
+ * @Author AhYi
+ * @Date 2025-07-07 10:27
+ */
+
+
+public class SensitiveContextHolder {
+    private static final ThreadLocal<Integer> COUNTER = new ThreadLocal<>();
+
+    public static void enterNoSensitiveScope() {
+        Integer count = COUNTER.get();
+        if (count == null) {
+            count = 0;
+        }
+        COUNTER.set(count + 1);
+    }
+
+    public static void exitNoSensitiveScope() {
+        Integer count = COUNTER.get();
+        if (count != null) {
+            if (count <= 1) {
+                COUNTER.remove();
+            } else {
+                COUNTER.set(count - 1);
+            }
+        }
+    }
+
+    public static boolean isNoSensitiveScope() {
+        Integer count = COUNTER.get();
+        return count != null && count > 0;
+    }
+}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/NoSensitiveInterceptor.java

@@ -0,0 +1,43 @@
+package com.ruoyi.common.security.interceptor;
+
+import com.ruoyi.common.core.annotation.NoSensitive;
+import com.ruoyi.common.core.context.SensitiveContextHolder;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @Description @NoSensitive 注解的请求拦截器，主要用于对请求的注解，在请求的整个生命周期内有效
+ * @Author AhYi
+ * @Date 2025-07-07 10:35
+ */
+
+public class NoSensitiveInterceptor implements HandlerInterceptor {
+    private static final String SENSITIVE_INTERCEPTOR_APPLIED = "SENSITIVE_INTERCEPTOR_APPLIED";
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        if (handler instanceof HandlerMethod) {
+            HandlerMethod handlerMethod = (HandlerMethod) handler;
+            NoSensitive noSensitive = handlerMethod.getMethodAnnotation(NoSensitive.class);
+            if (noSensitive == null) {
+                noSensitive = handlerMethod.getBeanType().getAnnotation(NoSensitive.class);
+            }
+            if (noSensitive != null) {
+                SensitiveContextHolder.enterNoSensitiveScope();
+                request.setAttribute(SENSITIVE_INTERCEPTOR_APPLIED, Boolean.TRUE);
+            }
+        }
+        return true;
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+        Object applied = request.getAttribute(SENSITIVE_INTERCEPTOR_APPLIED);
+        if (applied != null && (Boolean) applied) {
+            SensitiveContextHolder.exitNoSensitiveScope();
+        }
+    }
+}

ruoyi-common/ruoyi-common-sensitive/src/main/java/com/ruoyi/common/sensitive/config/SensitiveJsonSerializer.java

@@ -10,6 +10,7 @@ import com.fasterxml.jackson.databind.SerializerProvider;
 import com.fasterxml.jackson.databind.ser.ContextualSerializer;
 import com.ruoyi.common.core.constant.UserConstants;
 import com.ruoyi.common.core.context.SecurityContextHolder;
+import com.ruoyi.common.core.context.SensitiveContextHolder;
 import com.ruoyi.common.sensitive.annotation.Sensitive;
 import com.ruoyi.common.sensitive.enums.DesensitizedType;
 
@@ -25,7 +26,7 @@ public class SensitiveJsonSerializer extends JsonSerializer<String> implements C
     @Override
     public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException
     {
-        if (desensitization())
+        if (desensitization() && !SensitiveContextHolder.isNoSensitiveScope())
         {
             gen.writeString(desensitizedType.desensitizer().apply(value));
         }