From aadb7a41cb4c69177a0251c251813070f7f97cd5 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期一, 22 八月 2022 10:24:20 +0800
Subject: [PATCH] 优化Context信息,防止泄漏问题

---
 ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java |   27 ++++++++++++++++++++++-----
 1 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
index 10fa58f..4e6f245 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
@@ -14,15 +14,16 @@
 import org.springframework.validation.BindingResult;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.servlet.HandlerMapping;
-import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson2.JSON;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.enums.BusinessStatus;
 import com.ruoyi.common.enums.HttpMethod;
+import com.ruoyi.common.filter.PropertyPreExcludeFilter;
+import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.ServletUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.ip.IpUtils;
-import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.framework.manager.AsyncManager;
 import com.ruoyi.framework.manager.factory.AsyncFactory;
 import com.ruoyi.system.domain.SysOperLog;
@@ -37,6 +38,9 @@
 public class LogAspect
 {
     private static final Logger log = LoggerFactory.getLogger(LogAspect.class);
+
+    /** 鎺掗櫎鏁忔劅灞炴�у瓧娈� */
+    public static final String[] EXCLUDE_PROPERTIES = { "password", "oldPassword", "newPassword", "confirmPassword" };
 
     /**
      * 澶勭悊瀹岃姹傚悗鎵ц
@@ -65,7 +69,6 @@
     {
         try
         {
-
             // 鑾峰彇褰撳墠鐨勭敤鎴�
             LoginUser loginUser = SecurityUtils.getLoginUser();
 
@@ -167,8 +170,14 @@
             {
                 if (StringUtils.isNotNull(o) && !isFilterObject(o))
                 {
-                    Object jsonObj = JSON.toJSON(o);
-                    params += jsonObj.toString() + " ";
+                    try
+                    {
+                        String jsonObj = JSON.toJSONString(o, excludePropertyPreFilter());
+                        params += jsonObj.toString() + " ";
+                    }
+                    catch (Exception e)
+                    {
+                    }
                 }
             }
         }
@@ -176,6 +185,14 @@
     }
 
     /**
+     * 蹇界暐鏁忔劅灞炴��
+     */
+    public PropertyPreExcludeFilter excludePropertyPreFilter()
+    {
+        return new PropertyPreExcludeFilter().addExcludes(EXCLUDE_PROPERTIES);
+    }
+
+    /**
      * 鍒ゆ柇鏄惁闇�瑕佽繃婊ょ殑瀵硅薄銆�
      * 
      * @param o 瀵硅薄淇℃伅銆�

--
Gitblit v1.9.3