1 год назад · 438a6636bb
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Excel.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Excel.java
@@ -171,7 +171,7 @@ public @interface Excel
 
				 

			
 
				     public enum ColumnType

			
 
				     {

			
 
				-        NUMERIC(0), STRING(1), IMAGE(2);

			
 
				+        NUMERIC(0), STRING(1), IMAGE(2), TEXT(3);

			
 
				         private final int value;

			
 
				 

			
 
				         ColumnType(int value)

			
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
@@ -0,0 +1,24 @@
 
				+package com.ruoyi.common.annotation;
			
 
				+
			
 
				+import java.lang.annotation.ElementType;
			
 
				+import java.lang.annotation.Retention;
			
 
				+import java.lang.annotation.RetentionPolicy;
			
 
				+import java.lang.annotation.Target;
			
 
				+import com.fasterxml.jackson.annotation.JacksonAnnotationsInside;
			
 
				+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
			
 
				+import com.ruoyi.common.config.serializer.SensitiveJsonSerializer;
			
 
				+import com.ruoyi.common.enums.DesensitizedType;
			
 
				+
			
 
				+/**
			
 
				+ * 数据脱敏注解
			
 
				+ *
			
 
				+ * @author ruoyi
			
 
				+ */
			
 
				+@Retention(RetentionPolicy.RUNTIME)
			
 
				+@Target(ElementType.FIELD)
			
 
				+@JacksonAnnotationsInside
			
 
				+@JsonSerialize(using = SensitiveJsonSerializer.class)
			
 
				+public @interface Sensitive
			
 
				+{
			
 
				+    DesensitizedType desensitizedType();
			
 
				+}
			
--- a/ruoyi-common/src/main/java/com/ruoyi/common/config/serializer/SensitiveJsonSerializer.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/config/serializer/SensitiveJsonSerializer.java
@@ -0,0 +1,67 @@
 
				+package com.ruoyi.common.config.serializer;
			
 
				+
			
 
				+import java.io.IOException;
			
 
				+import java.util.Objects;
			
 
				+import com.fasterxml.jackson.core.JsonGenerator;
			
 
				+import com.fasterxml.jackson.databind.BeanProperty;
			
 
				+import com.fasterxml.jackson.databind.JsonMappingException;
			
 
				+import com.fasterxml.jackson.databind.JsonSerializer;
			
 
				+import com.fasterxml.jackson.databind.SerializerProvider;
			
 
				+import com.fasterxml.jackson.databind.ser.ContextualSerializer;
			
 
				+import com.ruoyi.common.annotation.Sensitive;
			
 
				+import com.ruoyi.common.core.domain.model.LoginUser;
			
 
				+import com.ruoyi.common.enums.DesensitizedType;
			
 
				+import com.ruoyi.common.utils.SecurityUtils;
			
 
				+
			
 
				+/**
			
 
				+ * 数据脱敏序列化过滤
			
 
				+ *
			
 
				+ * @author ruoyi
			
 
				+ */
			
 
				+public class SensitiveJsonSerializer extends JsonSerializer<String> implements ContextualSerializer
			
 
				+{
			
 
				+    private DesensitizedType desensitizedType;
			
 
				+
			
 
				+    @Override
			
 
				+    public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException
			
 
				+    {
			
 
				+        if (desensitization())
			
 
				+        {
			
 
				+            gen.writeString(desensitizedType.desensitizer().apply(value));
			
 
				+        }
			
 
				+        else
			
 
				+        {
			
 
				+            gen.writeString(value);
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				+    @Override
			
 
				+    public JsonSerializer<?> createContextual(SerializerProvider prov, BeanProperty property)
			
 
				+            throws JsonMappingException
			
 
				+    {
			
 
				+        Sensitive annotation = property.getAnnotation(Sensitive.class);
			
 
				+        if (Objects.nonNull(annotation) && Objects.equals(String.class, property.getType().getRawClass()))
			
 
				+        {
			
 
				+            this.desensitizedType = annotation.desensitizedType();
			
 
				+            return this;
			
 
				+        }
			
 
				+        return prov.findValueSerializer(property.getType(), property);
			
 
				+    }
			
 
				+
			
 
				+    /**
			
 
				+     * 是否需要脱敏处理
			
 
				+     */
			
 
				+    private boolean desensitization()
			
 
				+    {
			
 
				+        try
			
 
				+        {
			
 
				+            LoginUser securityUser = SecurityUtils.getLoginUser();
			
 
				+            // 管理员不脱敏
			
 
				+            return !securityUser.getUser().isAdmin();
			
 
				+        }
			
 
				+        catch (Exception e)
			
 
				+        {
			
 
				+            return true;
			
 
				+        }
			
 
				+    }
			
 
				+}
			
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java
@@ -42,7 +42,7 @@ public class SysUser extends BaseEntity
 
				     private String email;

			
 
				 

			
 
				     /** 手机号码 */

			
 
				-    @Excel(name = "手机号码")

			
 
				+    @Excel(name = "手机号码", cellType = ColumnType.TEXT)

			
 
				     private String phonenumber;

			
 
				 

			
 
				     /** 用户性别 */

			
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/DesensitizedType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/DesensitizedType.java
@@ -0,0 +1,59 @@
 
				+package com.ruoyi.common.enums;
			
 
				+
			
 
				+import java.util.function.Function;
			
 
				+import com.ruoyi.common.utils.DesensitizedUtil;
			
 
				+
			
 
				+/**
			
 
				+ * 脱敏类型
			
 
				+ *
			
 
				+ * @author ruoyi
			
 
				+ */
			
 
				+public enum DesensitizedType
			
 
				+{
			
 
				+    /**
			
 
				+     * 姓名，第2位星号替换
			
 
				+     */
			
 
				+    USERNAME(s -> s.replaceAll("(\\S)\\S(\\S*)", "$1*$2")),
			
 
				+
			
 
				+    /**
			
 
				+     * 密码，全部字符都用*代替
			
 
				+     */
			
 
				+    PASSWORD(DesensitizedUtil::password),
			
 
				+
			
 
				+    /**
			
 
				+     * 身份证，中间10位星号替换
			
 
				+     */
			
 
				+    ID_CARD(s -> s.replaceAll("(\\d{4})\\d{10}(\\d{4})", "$1** **** ****$2")),
			
 
				+
			
 
				+    /**
			
 
				+     * 手机号，中间4位星号替换
			
 
				+     */
			
 
				+    PHONE(s -> s.replaceAll("(\\d{3})\\d{4}(\\d{4})", "$1****$2")),
			
 
				+
			
 
				+    /**
			
 
				+     * 电子邮箱，仅显示第一个字母和@后面的地址显示，其他星号替换
			
 
				+     */
			
 
				+    EMAIL(s -> s.replaceAll("(^.)[^@]*(@.*$)", "$1****$2")),
			
 
				+
			
 
				+    /**
			
 
				+     * 银行卡号，保留最后4位，其他星号替换
			
 
				+     */
			
 
				+    BANK_CARD(s -> s.replaceAll("\\d{15}(\\d{3})", "**** **** **** **** $1")),
			
 
				+
			
 
				+    /**
			
 
				+     * 车牌号码，包含普通车辆、新能源车辆
			
 
				+     */
			
 
				+    CAR_LICENSE(DesensitizedUtil::carLicense);
			
 
				+
			
 
				+    private final Function<String, String> desensitizer;
			
 
				+
			
 
				+    DesensitizedType(Function<String, String> desensitizer)
			
 
				+    {
			
 
				+        this.desensitizer = desensitizer;
			
 
				+    }
			
 
				+
			
 
				+    public Function<String, String> desensitizer()
			
 
				+    {
			
 
				+        return desensitizer;
			
 
				+    }
			
 
				+}
			
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/DesensitizedUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/DesensitizedUtil.java
@@ -0,0 +1,49 @@
 
				+package com.ruoyi.common.utils;
			
 
				+
			
 
				+/**
			
 
				+ * 脱敏工具类
			
 
				+ *
			
 
				+ * @author ruoyi
			
 
				+ */
			
 
				+public class DesensitizedUtil
			
 
				+{
			
 
				+    /**
			
 
				+     * 密码的全部字符都用*代替，比如：******
			
 
				+     *
			
 
				+     * @param password 密码
			
 
				+     * @return 脱敏后的密码
			
 
				+     */
			
 
				+    public static String password(String password)
			
 
				+    {
			
 
				+        if (StringUtils.isBlank(password))
			
 
				+        {
			
 
				+            return StringUtils.EMPTY;
			
 
				+        }
			
 
				+        return StringUtils.repeat('*', password.length());
			
 
				+    }
			
 
				+
			
 
				+    /**
			
 
				+     * 车牌中间用*代替，如果是错误的车牌，不处理
			
 
				+     *
			
 
				+     * @param carLicense 完整的车牌号
			
 
				+     * @return 脱敏后的车牌
			
 
				+     */
			
 
				+    public static String carLicense(String carLicense)
			
 
				+    {
			
 
				+        if (StringUtils.isBlank(carLicense))
			
 
				+        {
			
 
				+            return StringUtils.EMPTY;
			
 
				+        }
			
 
				+        // 普通车牌
			
 
				+        if (carLicense.length() == 7)
			
 
				+        {
			
 
				+            carLicense = StringUtils.hide(carLicense, 3, 6);
			
 
				+        }
			
 
				+        else if (carLicense.length() == 8)
			
 
				+        {
			
 
				+            // 新能源车牌
			
 
				+            carLicense = StringUtils.hide(carLicense, 3, 7);
			
 
				+        }
			
 
				+        return carLicense;
			
 
				+    }
			
 
				+}
			
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/StringUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/StringUtils.java
@@ -23,6 +23,9 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
 
				     /** 下划线 */

			
 
				     private static final char SEPARATOR = '_';

			
 
				 

			
 
				+    /** 星号 */

			
 
				+    private static final char ASTERISK = '*';

			
 
				+

			
 
				     /**

			
 
				      * 获取参数不为空值

			
 
				      * 

			
@@ -163,6 +166,49 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
 
				         return (str == null ? "" : str.trim());

			
 
				     }

			
 
				 

			
 
				+    /**

			
 
				+     * 替换指定字符串的指定区间内字符为"*"

			
 
				+     *

			
 
				+     * @param str 字符串

			
 
				+     * @param startInclude 开始位置（包含）

			
 
				+     * @param endExclude 结束位置（不包含）

			
 
				+     * @return 替换后的字符串

			
 
				+     */

			
 
				+    public static String hide(CharSequence str, int startInclude, int endExclude)

			
 
				+    {

			
 
				+        if (isEmpty(str))

			
 
				+        {

			
 
				+            return NULLSTR;

			
 
				+        }

			
 
				+        final int strLength = str.length();

			
 
				+        if (startInclude > strLength)

			
 
				+        {

			
 
				+            return NULLSTR;

			
 
				+        }

			
 
				+        if (endExclude > strLength)

			
 
				+        {

			
 
				+            endExclude = strLength;

			
 
				+        }

			
 
				+        if (startInclude > endExclude)

			
 
				+        {

			
 
				+            // 如果起始位置大于结束位置，不替换

			
 
				+            return NULLSTR;

			
 
				+        }

			
 
				+        final char[] chars = new char[strLength];

			
 
				+        for (int i = 0; i < strLength; i++)

			
 
				+        {

			
 
				+            if (i >= startInclude && i < endExclude)

			
 
				+            {

			
 
				+                chars[i] = ASTERISK;

			
 
				+            }

			
 
				+            else

			
 
				+            {

			
 
				+                chars[i] = str.charAt(i);

			
 
				+            }

			
 
				+        }

			
 
				+        return new String(chars);

			
 
				+    }

			
 
				+

			
 
				     /**

			
 
				      * 截取字符串

			
 
				      * 

			
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelUtil.java
@@ -39,6 +39,7 @@ import org.apache.poi.ss.usermodel.Cell;
 
				 import org.apache.poi.ss.usermodel.CellStyle;

			
 
				 import org.apache.poi.ss.usermodel.CellType;

			
 
				 import org.apache.poi.ss.usermodel.ClientAnchor;

			
 
				+import org.apache.poi.ss.usermodel.DataFormat;

			
 
				 import org.apache.poi.ss.usermodel.DataValidation;

			
 
				 import org.apache.poi.ss.usermodel.DataValidationConstraint;

			
 
				 import org.apache.poi.ss.usermodel.DataValidationHelper;

			
@@ -783,6 +784,8 @@ public class ExcelUtil<T>
 
				         titleFont.setFontHeightInPoints((short) 16);

			
 
				         titleFont.setBold(true);

			
 
				         style.setFont(titleFont);

			
 
				+        DataFormat dataFormat = wb.createDataFormat();

			
 
				+        style.setDataFormat(dataFormat.getFormat("@"));

			
 
				         styles.put("title", style);

			
 
				 

			
 
				         style = wb.createCellStyle();

			
@@ -845,6 +848,9 @@ public class ExcelUtil<T>
 
				                 headerFont.setBold(true);

			
 
				                 headerFont.setColor(excel.headerColor().index);

			
 
				                 style.setFont(headerFont);

			
 
				+                // 设置表格头单元格文本形式

			
 
				+                DataFormat dataFormat = wb.createDataFormat();

			
 
				+                style.setDataFormat(dataFormat.getFormat("@"));

			
 
				                 headerStyles.put(key, style);

			
 
				             }

			
 
				         }

			
@@ -862,34 +868,66 @@ public class ExcelUtil<T>
 
				         Map<String, CellStyle> styles = new HashMap<String, CellStyle>();

			
 
				         for (Object[] os : fields)

			
 
				         {

			
 
				+            Field field = (Field) os[0];

			
 
				             Excel excel = (Excel) os[1];

			
 
				-            String key = StringUtils.format("data_{}_{}_{}", excel.align(), excel.color(), excel.backgroundColor());

			
 
				-            if (!styles.containsKey(key))

			
 
				+            if (Collection.class.isAssignableFrom(field.getType()))

			
 
				             {

			
 
				-                CellStyle style = wb.createCellStyle();

			
 
				-                style.setAlignment(excel.align());

			
 
				-                style.setVerticalAlignment(VerticalAlignment.CENTER);

			
 
				-                style.setBorderRight(BorderStyle.THIN);

			
 
				-                style.setRightBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());

			
 
				-                style.setBorderLeft(BorderStyle.THIN);

			
 
				-                style.setLeftBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());

			
 
				-                style.setBorderTop(BorderStyle.THIN);

			
 
				-                style.setTopBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());

			
 
				-                style.setBorderBottom(BorderStyle.THIN);

			
 
				-                style.setBottomBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());

			
 
				-                style.setFillPattern(FillPatternType.SOLID_FOREGROUND);

			
 
				-                style.setFillForegroundColor(excel.backgroundColor().getIndex());

			
 
				-                Font dataFont = wb.createFont();

			
 
				-                dataFont.setFontName("Arial");

			
 
				-                dataFont.setFontHeightInPoints((short) 10);

			
 
				-                dataFont.setColor(excel.color().index);

			
 
				-                style.setFont(dataFont);

			
 
				-                styles.put(key, style);

			
 
				+                ParameterizedType pt = (ParameterizedType) field.getGenericType();

			
 
				+                Class<?> subClass = (Class<?>) pt.getActualTypeArguments()[0];

			
 
				+                List<Field> subFields = FieldUtils.getFieldsListWithAnnotation(subClass, Excel.class);

			
 
				+                for (Field subField : subFields)

			
 
				+                {

			
 
				+                    Excel subExcel = subField.getAnnotation(Excel.class);

			
 
				+                    annotationDataStyles(styles, subField, subExcel);

			
 
				+                }

			
 
				+            }

			
 
				+            else

			
 
				+            {

			
 
				+                annotationDataStyles(styles, field, excel);

			
 
				             }

			
 
				         }

			
 
				         return styles;

			
 
				     }

			
 
				 

			
 
				+    /**

			
 
				+     * 根据Excel注解创建表格列样式

			
 
				+     * 

			
 
				+     * @param styles 自定义样式列表

			
 
				+     * @param field  属性列信息

			
 
				+     * @param excel  注解信息

			
 
				+     */

			
 
				+    public void annotationDataStyles(Map<String, CellStyle> styles, Field field, Excel excel)

			
 
				+    {

			
 
				+        String key = StringUtils.format("data_{}_{}_{}_{}", excel.align(), excel.color(), excel.backgroundColor(), excel.cellType());

			
 
				+        if (!styles.containsKey(key))

			
 
				+        {

			
 
				+            CellStyle style = wb.createCellStyle();

			
 
				+            style.setAlignment(excel.align());

			
 
				+            style.setVerticalAlignment(VerticalAlignment.CENTER);

			
 
				+            style.setBorderRight(BorderStyle.THIN);

			
 
				+            style.setRightBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());

			
 
				+            style.setBorderLeft(BorderStyle.THIN);

			
 
				+            style.setLeftBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());

			
 
				+            style.setBorderTop(BorderStyle.THIN);

			
 
				+            style.setTopBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());

			
 
				+            style.setBorderBottom(BorderStyle.THIN);

			
 
				+            style.setBottomBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());

			
 
				+            style.setFillPattern(FillPatternType.SOLID_FOREGROUND);

			
 
				+            style.setFillForegroundColor(excel.backgroundColor().getIndex());

			
 
				+            Font dataFont = wb.createFont();

			
 
				+            dataFont.setFontName("Arial");

			
 
				+            dataFont.setFontHeightInPoints((short) 10);

			
 
				+            dataFont.setColor(excel.color().index);

			
 
				+            style.setFont(dataFont);

			
 
				+            if (ColumnType.TEXT == excel.cellType())

			
 
				+            {

			
 
				+                DataFormat dataFormat = wb.createDataFormat();

			
 
				+                style.setDataFormat(dataFormat.getFormat("@"));

			
 
				+            }

			
 
				+            styles.put(key, style);

			
 
				+        }

			
 
				+    }

			
 
				+

			
 
				     /**

			
 
				      * 创建单元格

			
 
				      */

			
@@ -904,7 +942,7 @@ public class ExcelUtil<T>
 
				         if (isSubList())

			
 
				         {

			
 
				             // 填充默认样式，防止合并单元格样式失效

			
 
				-            sheet.setDefaultColumnStyle(column, styles.get(StringUtils.format("data_{}_{}_{}", attr.align(), attr.color(), attr.backgroundColor())));

			
 
				+            sheet.setDefaultColumnStyle(column, styles.get(StringUtils.format("data_{}_{}_{}_{}", attr.align(), attr.color(), attr.backgroundColor(), attr.cellType())));

			
 
				             if (attr.needMerge())

			
 
				             {

			
 
				                 sheet.addMergedRegion(new CellRangeAddress(rownum - 1, rownum, column, column));

			
@@ -922,7 +960,7 @@ public class ExcelUtil<T>
 
				      */

			
 
				     public void setCellVo(Object value, Excel attr, Cell cell)

			
 
				     {

			
 
				-        if (ColumnType.STRING == attr.cellType())

			
 
				+        if (ColumnType.STRING == attr.cellType() || ColumnType.TEXT == attr.cellType())

			
 
				         {

			
 
				             String cellValue = Convert.toStr(value);

			
 
				             // 对于任何以表达式触发字符 =-+@开头的单元格，直接使用tab字符作为前缀，防止CSV注入。

			
@@ -1034,7 +1072,7 @@ public class ExcelUtil<T>
 
				                     CellRangeAddress cellAddress = new CellRangeAddress(subMergedFirstRowNum, subMergedLastRowNum, column, column);

			
 
				                     sheet.addMergedRegion(cellAddress);

			
 
				                 }

			
 
				-                cell.setCellStyle(styles.get(StringUtils.format("data_{}_{}_{}", attr.align(), attr.color(), attr.backgroundColor())));

			
 
				+                cell.setCellStyle(styles.get(StringUtils.format("data_{}_{}_{}_{}", attr.align(), attr.color(), attr.backgroundColor(), attr.cellType())));

			
 
				 

			
 
				                 // 用于读取对象中的属性

			
 
				                 Object value = getTargetValue(vo, field, attr);