chenhaiyangs / mybatis-encrypt-plugin Goto Github PK
View Code? Open in Web Editor NEWmybatis数据脱敏和字段加解密插件
mybatis数据脱敏和字段加解密插件
问题描述
在com.chenhaiyang.plugin.mybatis.sensitive.type.handler.BandCardSensitiveHandler
中的handle
针对银行卡号脱敏的方法与注释不符,存在bug。
// 关键源码
StringUtils.left(bankCard, 4).concat(StringUtils.removeStart(StringUtils.leftPad(StringUtils.right(bankCard, 4), StringUtils.length(bankCard), "*"), "***"))
配置类中ConfigurationCustomizer全路径是哪个,要引入哪个包?
com.chenhaiyang.plugin.mybatis.sensitive.interceptor.SensitiveAndEncryptWriteInterceptor#handleParameters
这个类里在进行Field值获取时,将所有Field的value都尝试用metaObject.getValue(field.getName())获取。
但比如像
private static final long serialVersionUID = -5068601256084847339L;
这种,DTO常见的序列化UID字段其实不需要考虑处理。建议在循环Field时加上:
if (Modifier.isStatic(field.getModifiers()) || Modifier.isFinal(field.getModifiers())) {
continue;
}
The difference between the plug-in and mysql AES encryption rules seems to be that the encryption values obtained from the same pair of parameters and the same secret key cannot be used in common with mysql
com.chenhaiyang.plugin.mybatis.sensitive.interceptor.SensitiveAndEncryptWriteInterceptor
当中,当参数为一个Map时,会跳过加解密阶段。
但当dao接口传入多个bean参数时,在切面获取到的参数类型其实还是个map:
@Transactional(readOnly = true) List<EncryptTest> queryListWithPage(@Param("entity") EncryptTest entity, @Param("params") QueryDBParams params);
貌似现在只支持单参数加解密,多参数Bean加解密可以考虑递归map实现,不过可能会有些复杂
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.