From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java | 44 ++++++++++++++++++++++++++++++++++++++++----
1 files changed, 40 insertions(+), 4 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java b/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java
index 9d087e1..b185612 100644
--- a/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java
+++ b/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java
@@ -1,8 +1,9 @@
package org.dromara.common.tenant.helper;
import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.convert.Convert;
-import com.alibaba.ttl.TransmittableThreadLocal;
+import cn.hutool.core.util.ObjectUtil;
import com.baomidou.mybatisplus.core.plugins.IgnoreStrategy;
import com.baomidou.mybatisplus.core.plugins.InterceptorIgnoreHelper;
import lombok.AccessLevel;
@@ -11,9 +12,11 @@
import org.dromara.common.core.constant.GlobalConstants;
import org.dromara.common.core.utils.SpringUtils;
import org.dromara.common.core.utils.StringUtils;
+import org.dromara.common.core.utils.reflect.ReflectUtils;
import org.dromara.common.redis.utils.RedisUtils;
import org.dromara.common.satoken.utils.LoginHelper;
+import java.util.Stack;
import java.util.function.Supplier;
/**
@@ -27,7 +30,9 @@
private static final String DYNAMIC_TENANT_KEY = GlobalConstants.GLOBAL_REDIS_KEY + "dynamicTenant";
- private static final ThreadLocal<String> TEMP_DYNAMIC_TENANT = new TransmittableThreadLocal<>();
+ private static final ThreadLocal<String> TEMP_DYNAMIC_TENANT = new ThreadLocal<>();
+
+ private static final ThreadLocal<Stack<Integer>> REENTRANT_IGNORE = ThreadLocal.withInitial(Stack::new);
/**
* 绉熸埛鍔熻兘鏄惁鍚敤
@@ -36,18 +41,49 @@
return Convert.toBool(SpringUtils.getProperty("tenant.enable"), false);
}
+ private static IgnoreStrategy getIgnoreStrategy() {
+ Object ignoreStrategyLocal = ReflectUtils.getStaticFieldValue(ReflectUtils.getField(InterceptorIgnoreHelper.class, "IGNORE_STRATEGY_LOCAL"));
+ if (ignoreStrategyLocal instanceof ThreadLocal<?> IGNORE_STRATEGY_LOCAL) {
+ if (IGNORE_STRATEGY_LOCAL.get() instanceof IgnoreStrategy ignoreStrategy) {
+ return ignoreStrategy;
+ }
+ }
+ return null;
+ }
+
/**
* 寮�鍚拷鐣ョ鎴�(寮�鍚悗闇�鎵嬪姩璋冪敤 {@link #disableIgnore()} 鍏抽棴)
*/
public static void enableIgnore() {
- InterceptorIgnoreHelper.handle(IgnoreStrategy.builder().tenantLine(true).build());
+ IgnoreStrategy ignoreStrategy = getIgnoreStrategy();
+ if (ObjectUtil.isNull(ignoreStrategy)) {
+ InterceptorIgnoreHelper.handle(IgnoreStrategy.builder().tenantLine(true).build());
+ } else {
+ ignoreStrategy.setTenantLine(true);
+ }
+ Stack<Integer> reentrantStack = REENTRANT_IGNORE.get();
+ reentrantStack.push(reentrantStack.size() + 1);
}
/**
* 鍏抽棴蹇界暐绉熸埛
*/
public static void disableIgnore() {
- InterceptorIgnoreHelper.clearIgnoreStrategy();
+ IgnoreStrategy ignoreStrategy = getIgnoreStrategy();
+ if (ObjectUtil.isNotNull(ignoreStrategy)) {
+ boolean noOtherIgnoreStrategy = !Boolean.TRUE.equals(ignoreStrategy.getDynamicTableName())
+ && !Boolean.TRUE.equals(ignoreStrategy.getBlockAttack())
+ && !Boolean.TRUE.equals(ignoreStrategy.getIllegalSql())
+ && !Boolean.TRUE.equals(ignoreStrategy.getDataPermission())
+ && CollectionUtil.isEmpty(ignoreStrategy.getOthers());
+ Stack<Integer> reentrantStack = REENTRANT_IGNORE.get();
+ boolean empty = reentrantStack.isEmpty() || reentrantStack.pop() == 1;
+ if (noOtherIgnoreStrategy && empty) {
+ InterceptorIgnoreHelper.clearIgnoreStrategy();
+ } else if (empty) {
+ ignoreStrategy.setTenantLine(false);
+ }
+ }
}
/**
--
Gitblit v1.9.3