兰宝车间质量管理系统
上一版本: 82c62091 | 补丁 | 提交 | 忽略空白
疯狂的狮子Li
2023-12-23 a1f404d5487de9171d62a36342f238b3c1af1aef 
fix 修复 CryptoFilter 代码逻辑问题
已修改1个文件
21 ■■■■ 文件已修改
ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java 21 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史 
 ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java


@@ -18,6 +18,7 @@


import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;




import java.io.IOException;


import java.io.PrintWriter;






/**


@@ -37,7 +38,7 @@


        HttpServletRequest servletRequest = (HttpServletRequest) request;


        HttpServletResponse servletResponse = (HttpServletResponse) response;




        boolean encryptFlag = false;


        boolean responseFlag = false;


        ServletRequest requestWrapper = null;


        ServletResponse responseWrapper = null;


        EncryptResponseBodyWrapper responseBodyWrapper = null;


@@ -48,24 +49,24 @@


            if (HttpMethod.PUT.matches(servletRequest.getMethod()) || HttpMethod.POST.matches(servletRequest.getMethod())) {


                // 是否存在加密标头


                String headerValue = servletRequest.getHeader(properties.getHeaderFlag());


                // 获取加密注解


                ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);


                responseFlag = apiEncrypt != null && apiEncrypt.response();


                if (StringUtils.isNotBlank(headerValue)) {


                    // 请求解密


                    requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPrivateKey(), properties.getHeaderFlag());


                    // 获取加密注解


                    ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);


                } else {


                    // 是否有注解,有就报错,没有放行


                    if (ObjectUtil.isNotNull(apiEncrypt)) {


                        // 响应加密标志


                        encryptFlag = apiEncrypt.response();


                    } else {


                        // 是否有注解,有就报错,没有放行


                        HandlerExceptionResolver exceptionResolver = SpringUtils.getBean(HandlerExceptionResolver.class);


                        HandlerExceptionResolver exceptionResolver = SpringUtils.getBean("handlerExceptionResolver", HandlerExceptionResolver.class);


                        exceptionResolver.resolveException(


                            servletRequest, servletResponse, null,


                            new ServiceException("没有访问权限,请联系管理员授权", HttpStatus.FORBIDDEN));


                        return;


                    }


                }


                // 判断是否响应加密


                if (encryptFlag) {


                if (responseFlag) {


                    responseBodyWrapper = new EncryptResponseBodyWrapper(servletResponse);


                    responseWrapper = responseBodyWrapper;


                }


@@ -76,7 +77,7 @@


            ObjectUtil.defaultIfNull(requestWrapper, request),


            ObjectUtil.defaultIfNull(responseWrapper, response));




        if (encryptFlag) {


        if (responseFlag) {


            servletResponse.reset();


            // 对原始内容加密


            String encryptContent = responseBodyWrapper.getEncryptContent(