From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java | 70 ++++++++++++++++++++++++++++-------
1 files changed, 56 insertions(+), 14 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java b/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java
index 7a3a431..b185612 100644
--- a/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java
+++ b/ruoyi-common/ruoyi-common-tenant/src/main/java/org/dromara/common/tenant/helper/TenantHelper.java
@@ -1,19 +1,22 @@
package org.dromara.common.tenant.helper;
import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.convert.Convert;
+import cn.hutool.core.util.ObjectUtil;
import com.baomidou.mybatisplus.core.plugins.IgnoreStrategy;
import com.baomidou.mybatisplus.core.plugins.InterceptorIgnoreHelper;
import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.dromara.common.core.constant.GlobalConstants;
-import org.dromara.common.core.context.ThreadLocalHolder;
import org.dromara.common.core.utils.SpringUtils;
import org.dromara.common.core.utils.StringUtils;
+import org.dromara.common.core.utils.reflect.ReflectUtils;
import org.dromara.common.redis.utils.RedisUtils;
import org.dromara.common.satoken.utils.LoginHelper;
+import java.util.Stack;
import java.util.function.Supplier;
/**
@@ -27,7 +30,9 @@
private static final String DYNAMIC_TENANT_KEY = GlobalConstants.GLOBAL_REDIS_KEY + "dynamicTenant";
- private static final String TENANT_ID_KEY = "tempDynamicTenant";
+ private static final ThreadLocal<String> TEMP_DYNAMIC_TENANT = new ThreadLocal<>();
+
+ private static final ThreadLocal<Stack<Integer>> REENTRANT_IGNORE = ThreadLocal.withInitial(Stack::new);
/**
* 绉熸埛鍔熻兘鏄惁鍚敤
@@ -36,18 +41,49 @@
return Convert.toBool(SpringUtils.getProperty("tenant.enable"), false);
}
+ private static IgnoreStrategy getIgnoreStrategy() {
+ Object ignoreStrategyLocal = ReflectUtils.getStaticFieldValue(ReflectUtils.getField(InterceptorIgnoreHelper.class, "IGNORE_STRATEGY_LOCAL"));
+ if (ignoreStrategyLocal instanceof ThreadLocal<?> IGNORE_STRATEGY_LOCAL) {
+ if (IGNORE_STRATEGY_LOCAL.get() instanceof IgnoreStrategy ignoreStrategy) {
+ return ignoreStrategy;
+ }
+ }
+ return null;
+ }
+
/**
* 寮�鍚拷鐣ョ鎴�(寮�鍚悗闇�鎵嬪姩璋冪敤 {@link #disableIgnore()} 鍏抽棴)
*/
public static void enableIgnore() {
- InterceptorIgnoreHelper.handle(IgnoreStrategy.builder().tenantLine(true).build());
+ IgnoreStrategy ignoreStrategy = getIgnoreStrategy();
+ if (ObjectUtil.isNull(ignoreStrategy)) {
+ InterceptorIgnoreHelper.handle(IgnoreStrategy.builder().tenantLine(true).build());
+ } else {
+ ignoreStrategy.setTenantLine(true);
+ }
+ Stack<Integer> reentrantStack = REENTRANT_IGNORE.get();
+ reentrantStack.push(reentrantStack.size() + 1);
}
/**
* 鍏抽棴蹇界暐绉熸埛
*/
public static void disableIgnore() {
- InterceptorIgnoreHelper.clearIgnoreStrategy();
+ IgnoreStrategy ignoreStrategy = getIgnoreStrategy();
+ if (ObjectUtil.isNotNull(ignoreStrategy)) {
+ boolean noOtherIgnoreStrategy = !Boolean.TRUE.equals(ignoreStrategy.getDynamicTableName())
+ && !Boolean.TRUE.equals(ignoreStrategy.getBlockAttack())
+ && !Boolean.TRUE.equals(ignoreStrategy.getIllegalSql())
+ && !Boolean.TRUE.equals(ignoreStrategy.getDataPermission())
+ && CollectionUtil.isEmpty(ignoreStrategy.getOthers());
+ Stack<Integer> reentrantStack = REENTRANT_IGNORE.get();
+ boolean empty = reentrantStack.isEmpty() || reentrantStack.pop() == 1;
+ if (noOtherIgnoreStrategy && empty) {
+ InterceptorIgnoreHelper.clearIgnoreStrategy();
+ } else if (empty) {
+ ignoreStrategy.setTenantLine(false);
+ }
+ }
}
/**
@@ -78,22 +114,28 @@
}
}
+ public static void setDynamic(String tenantId) {
+ setDynamic(tenantId, false);
+ }
+
/**
* 璁剧疆鍔ㄦ�佺鎴�(涓�鐩存湁鏁� 闇�瑕佹墜鍔ㄦ竻鐞�)
* <p>
* 濡傛灉涓烘湭鐧诲綍鐘舵�佷笅 閭d箞鍙湪褰撳墠绾跨▼鍐呯敓鏁�
+ *
+ * @param tenantId 绉熸埛id
+ * @param global 鏄惁鍏ㄥ眬鐢熸晥
*/
- public static void setDynamic(String tenantId) {
+ public static void setDynamic(String tenantId, boolean global) {
if (!isEnable()) {
return;
}
- if (!isLogin()) {
- ThreadLocalHolder.set(TENANT_ID_KEY, tenantId);
+ if (!isLogin() || !global) {
+ TEMP_DYNAMIC_TENANT.set(tenantId);
return;
}
String cacheKey = DYNAMIC_TENANT_KEY + ":" + LoginHelper.getUserId();
RedisUtils.setCacheObject(cacheKey, tenantId);
- ThreadLocalHolder.set(cacheKey, tenantId);
}
/**
@@ -106,15 +148,15 @@
return null;
}
if (!isLogin()) {
- return ThreadLocalHolder.get(TENANT_ID_KEY);
+ return TEMP_DYNAMIC_TENANT.get();
}
- String cacheKey = DYNAMIC_TENANT_KEY + ":" + LoginHelper.getUserId();
- String tenantId = ThreadLocalHolder.get(cacheKey);
+ // 濡傛灉绾跨▼鍐呮湁鍊� 浼樺厛杩斿洖
+ String tenantId = TEMP_DYNAMIC_TENANT.get();
if (StringUtils.isNotBlank(tenantId)) {
return tenantId;
}
+ String cacheKey = DYNAMIC_TENANT_KEY + ":" + LoginHelper.getUserId();
tenantId = RedisUtils.getCacheObject(cacheKey);
- ThreadLocalHolder.set(cacheKey, tenantId);
return tenantId;
}
@@ -126,12 +168,12 @@
return;
}
if (!isLogin()) {
- ThreadLocalHolder.remove(TENANT_ID_KEY);
+ TEMP_DYNAMIC_TENANT.remove();
return;
}
+ TEMP_DYNAMIC_TENANT.remove();
String cacheKey = DYNAMIC_TENANT_KEY + ":" + LoginHelper.getUserId();
RedisUtils.deleteObject(cacheKey);
- ThreadLocalHolder.remove(cacheKey);
}
/**
--
Gitblit v1.9.3