From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java | 124 +++++++++++++++++++++++++++++++++++-----
1 files changed, 107 insertions(+), 17 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java b/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java
index 8d435a3..b185612 100644
--- a/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java
+++ b/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java
@@ -1,9 +1,9 @@
package org.dromara.common.tenant.helper;
-import cn.dev33.satoken.context.SaHolder;
-import cn.dev33.satoken.spring.SpringMVCUtil;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.convert.Convert;
-import com.alibaba.ttl.TransmittableThreadLocal;
+import cn.hutool.core.util.ObjectUtil;
import com.baomidou.mybatisplus.core.plugins.IgnoreStrategy;
import com.baomidou.mybatisplus.core.plugins.InterceptorIgnoreHelper;
import lombok.AccessLevel;
@@ -12,9 +12,11 @@
import org.dromara.common.core.constant.GlobalConstants;
import org.dromara.common.core.utils.SpringUtils;
import org.dromara.common.core.utils.StringUtils;
+import org.dromara.common.core.utils.reflect.ReflectUtils;
import org.dromara.common.redis.utils.RedisUtils;
import org.dromara.common.satoken.utils.LoginHelper;
+import java.util.Stack;
import java.util.function.Supplier;
/**
@@ -28,7 +30,9 @@
private static final String DYNAMIC_TENANT_KEY = GlobalConstants.GLOBAL_REDIS_KEY + "dynamicTenant";
- private static final ThreadLocal<String> TEMP_DYNAMIC_TENANT = new TransmittableThreadLocal<>();
+ private static final ThreadLocal<String> TEMP_DYNAMIC_TENANT = new ThreadLocal<>();
+
+ private static final ThreadLocal<Stack<Integer>> REENTRANT_IGNORE = ThreadLocal.withInitial(Stack::new);
/**
* 绉熸埛鍔熻兘鏄惁鍚敤
@@ -37,18 +41,49 @@
return Convert.toBool(SpringUtils.getProperty("tenant.enable"), false);
}
+ private static IgnoreStrategy getIgnoreStrategy() {
+ Object ignoreStrategyLocal = ReflectUtils.getStaticFieldValue(ReflectUtils.getField(InterceptorIgnoreHelper.class, "IGNORE_STRATEGY_LOCAL"));
+ if (ignoreStrategyLocal instanceof ThreadLocal<?> IGNORE_STRATEGY_LOCAL) {
+ if (IGNORE_STRATEGY_LOCAL.get() instanceof IgnoreStrategy ignoreStrategy) {
+ return ignoreStrategy;
+ }
+ }
+ return null;
+ }
+
/**
* 寮�鍚拷鐣ョ鎴�(寮�鍚悗闇�鎵嬪姩璋冪敤 {@link #disableIgnore()} 鍏抽棴)
*/
public static void enableIgnore() {
- InterceptorIgnoreHelper.handle(IgnoreStrategy.builder().tenantLine(true).build());
+ IgnoreStrategy ignoreStrategy = getIgnoreStrategy();
+ if (ObjectUtil.isNull(ignoreStrategy)) {
+ InterceptorIgnoreHelper.handle(IgnoreStrategy.builder().tenantLine(true).build());
+ } else {
+ ignoreStrategy.setTenantLine(true);
+ }
+ Stack<Integer> reentrantStack = REENTRANT_IGNORE.get();
+ reentrantStack.push(reentrantStack.size() + 1);
}
/**
* 鍏抽棴蹇界暐绉熸埛
*/
public static void disableIgnore() {
- InterceptorIgnoreHelper.clearIgnoreStrategy();
+ IgnoreStrategy ignoreStrategy = getIgnoreStrategy();
+ if (ObjectUtil.isNotNull(ignoreStrategy)) {
+ boolean noOtherIgnoreStrategy = !Boolean.TRUE.equals(ignoreStrategy.getDynamicTableName())
+ && !Boolean.TRUE.equals(ignoreStrategy.getBlockAttack())
+ && !Boolean.TRUE.equals(ignoreStrategy.getIllegalSql())
+ && !Boolean.TRUE.equals(ignoreStrategy.getDataPermission())
+ && CollectionUtil.isEmpty(ignoreStrategy.getOthers());
+ Stack<Integer> reentrantStack = REENTRANT_IGNORE.get();
+ boolean empty = reentrantStack.isEmpty() || reentrantStack.pop() == 1;
+ if (noOtherIgnoreStrategy && empty) {
+ InterceptorIgnoreHelper.clearIgnoreStrategy();
+ } else if (empty) {
+ ignoreStrategy.setTenantLine(false);
+ }
+ }
}
/**
@@ -79,37 +114,49 @@
}
}
+ public static void setDynamic(String tenantId) {
+ setDynamic(tenantId, false);
+ }
+
/**
* 璁剧疆鍔ㄦ�佺鎴�(涓�鐩存湁鏁� 闇�瑕佹墜鍔ㄦ竻鐞�)
* <p>
- * 濡傛灉涓洪潪web鐜 閭d箞鍙湪褰撳墠绾跨▼鍐呯敓鏁�
+ * 濡傛灉涓烘湭鐧诲綍鐘舵�佷笅 閭d箞鍙湪褰撳墠绾跨▼鍐呯敓鏁�
+ *
+ * @param tenantId 绉熸埛id
+ * @param global 鏄惁鍏ㄥ眬鐢熸晥
*/
- public static void setDynamic(String tenantId) {
- if (!SpringMVCUtil.isWeb()) {
+ public static void setDynamic(String tenantId, boolean global) {
+ if (!isEnable()) {
+ return;
+ }
+ if (!isLogin() || !global) {
TEMP_DYNAMIC_TENANT.set(tenantId);
return;
}
String cacheKey = DYNAMIC_TENANT_KEY + ":" + LoginHelper.getUserId();
RedisUtils.setCacheObject(cacheKey, tenantId);
- SaHolder.getStorage().set(cacheKey, tenantId);
}
/**
* 鑾峰彇鍔ㄦ�佺鎴�(涓�鐩存湁鏁� 闇�瑕佹墜鍔ㄦ竻鐞�)
* <p>
- * 濡傛灉涓洪潪web鐜 閭d箞鍙湪褰撳墠绾跨▼鍐呯敓鏁�
+ * 濡傛灉涓烘湭鐧诲綍鐘舵�佷笅 閭d箞鍙湪褰撳墠绾跨▼鍐呯敓鏁�
*/
public static String getDynamic() {
- if (!SpringMVCUtil.isWeb()) {
+ if (!isEnable()) {
+ return null;
+ }
+ if (!isLogin()) {
return TEMP_DYNAMIC_TENANT.get();
}
- String cacheKey = DYNAMIC_TENANT_KEY + ":" + LoginHelper.getUserId();
- String tenantId = (String) SaHolder.getStorage().get(cacheKey);
+ // 濡傛灉绾跨▼鍐呮湁鍊� 浼樺厛杩斿洖
+ String tenantId = TEMP_DYNAMIC_TENANT.get();
if (StringUtils.isNotBlank(tenantId)) {
return tenantId;
}
+ String cacheKey = DYNAMIC_TENANT_KEY + ":" + LoginHelper.getUserId();
tenantId = RedisUtils.getCacheObject(cacheKey);
- SaHolder.getStorage().set(cacheKey, tenantId);
return tenantId;
}
@@ -117,19 +164,53 @@
* 娓呴櫎鍔ㄦ�佺鎴�
*/
public static void clearDynamic() {
- if (!SpringMVCUtil.isWeb()) {
+ if (!isEnable()) {
+ return;
+ }
+ if (!isLogin()) {
TEMP_DYNAMIC_TENANT.remove();
return;
}
+ TEMP_DYNAMIC_TENANT.remove();
String cacheKey = DYNAMIC_TENANT_KEY + ":" + LoginHelper.getUserId();
RedisUtils.deleteObject(cacheKey);
- SaHolder.getStorage().delete(cacheKey);
+ }
+
+ /**
+ * 鍦ㄥ姩鎬佺鎴蜂腑鎵ц
+ *
+ * @param handle 澶勭悊鎵ц鏂规硶
+ */
+ public static void dynamic(String tenantId, Runnable handle) {
+ setDynamic(tenantId);
+ try {
+ handle.run();
+ } finally {
+ clearDynamic();
+ }
+ }
+
+ /**
+ * 鍦ㄥ姩鎬佺鎴蜂腑鎵ц
+ *
+ * @param handle 澶勭悊鎵ц鏂规硶
+ */
+ public static <T> T dynamic(String tenantId, Supplier<T> handle) {
+ setDynamic(tenantId);
+ try {
+ return handle.get();
+ } finally {
+ clearDynamic();
+ }
}
/**
* 鑾峰彇褰撳墠绉熸埛id(鍔ㄦ�佺鎴蜂紭鍏�)
*/
public static String getTenantId() {
+ if (!isEnable()) {
+ return null;
+ }
String tenantId = TenantHelper.getDynamic();
if (StringUtils.isBlank(tenantId)) {
tenantId = LoginHelper.getTenantId();
@@ -137,4 +218,13 @@
return tenantId;
}
+ private static boolean isLogin() {
+ try {
+ StpUtil.checkLogin();
+ return true;
+ } catch (Exception e) {
+ return false;
+ }
+ }
+
}
--
Gitblit v1.9.3