From af0e0a110e7187bf008655f7510199a0c0b25ec4 Mon Sep 17 00:00:00 2001
From: Nymph2333 <498092988@qq.com>
Date: 星期一, 10 四月 2023 14:27:40 +0800
Subject: [PATCH] newInstance() 已弃用,使用clazz.getDeclaredConstructor().newInstance() This method propagates any exception thrown by the nullary constructor, including a checked exception. Use of this method effectively bypasses the compile-time exception checking that would otherwise be performed by the compiler. The Constructor.newInstance method avoids this problem by wrapping any exception thrown by the constructor in a (checked) InvocationTargetException. The call clazz.newInstance() can be replaced by clazz.getDeclaredConstructor().newInstance() The latter sequence of calls is inferred to be able to throw the additional exception types InvocationTargetException and NoSuchMethodException. Both of these exception types are subclasses of ReflectiveOperationException.
---
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java | 142 +++++++++++++++++++++++++----------------------
1 files changed, 75 insertions(+), 67 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
index c11a477..006a8b9 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
@@ -1,35 +1,33 @@
package com.ruoyi.framework.aspectj;
-import java.lang.reflect.Method;
import java.util.Collection;
-import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.ArrayUtils;
import org.aspectj.lang.JoinPoint;
-import org.aspectj.lang.Signature;
import org.aspectj.lang.annotation.AfterReturning;
import org.aspectj.lang.annotation.AfterThrowing;
import org.aspectj.lang.annotation.Aspect;
-import org.aspectj.lang.annotation.Pointcut;
-import org.aspectj.lang.reflect.MethodSignature;
+import org.aspectj.lang.annotation.Before;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.core.NamedThreadLocal;
import org.springframework.stereotype.Component;
+import org.springframework.validation.BindingResult;
import org.springframework.web.multipart.MultipartFile;
-import org.springframework.web.servlet.HandlerMapping;
-import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson2.JSON;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.enums.BusinessStatus;
import com.ruoyi.common.enums.HttpMethod;
+import com.ruoyi.common.filter.PropertyPreExcludeFilter;
+import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.ip.IpUtils;
-import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.framework.manager.AsyncManager;
import com.ruoyi.framework.manager.factory.AsyncFactory;
-import com.ruoyi.framework.web.service.TokenService;
import com.ruoyi.system.domain.SysOperLog;
/**
@@ -43,10 +41,19 @@
{
private static final Logger log = LoggerFactory.getLogger(LogAspect.class);
- // 配置织入点
- @Pointcut("@annotation(com.ruoyi.common.annotation.Log)")
- public void logPointCut()
+ /** 排除敏感属性字段 */
+ public static final String[] EXCLUDE_PROPERTIES = { "password", "oldPassword", "newPassword", "confirmPassword" };
+
+ /** 计算操作消耗时间 */
+ private static final ThreadLocal<Long> TIME_THREADLOCAL = new NamedThreadLocal<Long>("Cost Time");
+
+ /**
+ * 处理请求前执行
+ */
+ @Before(value = "@annotation(controllerLog)")
+ public void boBefore(JoinPoint joinPoint, Log controllerLog)
{
+ TIME_THREADLOCAL.set(System.currentTimeMillis());
}
/**
@@ -54,10 +61,10 @@
*
* @param joinPoint 切点
*/
- @AfterReturning(pointcut = "logPointCut()", returning = "jsonResult")
- public void doAfterReturning(JoinPoint joinPoint, Object jsonResult)
+ @AfterReturning(pointcut = "@annotation(controllerLog)", returning = "jsonResult")
+ public void doAfterReturning(JoinPoint joinPoint, Log controllerLog, Object jsonResult)
{
- handleLog(joinPoint, null, jsonResult);
+ handleLog(joinPoint, controllerLog, null, jsonResult);
}
/**
@@ -66,36 +73,26 @@
* @param joinPoint 切点
* @param e 异常
*/
- @AfterThrowing(value = "logPointCut()", throwing = "e")
- public void doAfterThrowing(JoinPoint joinPoint, Exception e)
+ @AfterThrowing(value = "@annotation(controllerLog)", throwing = "e")
+ public void doAfterThrowing(JoinPoint joinPoint, Log controllerLog, Exception e)
{
- handleLog(joinPoint, e, null);
+ handleLog(joinPoint, controllerLog, e, null);
}
- protected void handleLog(final JoinPoint joinPoint, final Exception e, Object jsonResult)
+ protected void handleLog(final JoinPoint joinPoint, Log controllerLog, final Exception e, Object jsonResult)
{
try
{
- // 获得注解
- Log controllerLog = getAnnotationLog(joinPoint);
- if (controllerLog == null)
- {
- return;
- }
-
// 获取当前的用户
- LoginUser loginUser = SpringUtils.getBean(TokenService.class).getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = SecurityUtils.getLoginUser();
// *========数据库日志=========*//
SysOperLog operLog = new SysOperLog();
operLog.setStatus(BusinessStatus.SUCCESS.ordinal());
// 请求的地址
- String ip = IpUtils.getIpAddr(ServletUtils.getRequest());
+ String ip = IpUtils.getIpAddr();
operLog.setOperIp(ip);
- // 返回参数
- operLog.setJsonResult(JSON.toJSONString(jsonResult));
-
- operLog.setOperUrl(ServletUtils.getRequest().getRequestURI());
+ operLog.setOperUrl(StringUtils.substring(ServletUtils.getRequest().getRequestURI(), 0, 255));
if (loginUser != null)
{
operLog.setOperName(loginUser.getUsername());
@@ -113,16 +110,21 @@
// 设置请求方式
operLog.setRequestMethod(ServletUtils.getRequest().getMethod());
// 处理设置注解上的参数
- getControllerMethodDescription(joinPoint, controllerLog, operLog);
+ getControllerMethodDescription(joinPoint, controllerLog, operLog, jsonResult);
+ // 设置消耗时间
+ operLog.setCostTime(System.currentTimeMillis() - TIME_THREADLOCAL.get());
// 保存数据库
AsyncManager.me().execute(AsyncFactory.recordOper(operLog));
}
catch (Exception exp)
{
// 记录本地异常日志
- log.error("==前置通知异常==");
log.error("异常信息:{}", exp.getMessage());
exp.printStackTrace();
+ }
+ finally
+ {
+ TIME_THREADLOCAL.remove();
}
}
@@ -133,7 +135,7 @@
* @param operLog 操作日志
* @throws Exception
*/
- public void getControllerMethodDescription(JoinPoint joinPoint, Log log, SysOperLog operLog) throws Exception
+ public void getControllerMethodDescription(JoinPoint joinPoint, Log log, SysOperLog operLog, Object jsonResult) throws Exception
{
// 设置action动作
operLog.setBusinessType(log.businessType().ordinal());
@@ -145,7 +147,12 @@
if (log.isSaveRequestData())
{
// 获取参数的信息,传入到数据库中。
- setRequestValue(joinPoint, operLog);
+ setRequestValue(joinPoint, operLog, log.excludeParamNames());
+ }
+ // 是否需要保存response,参数和值
+ if (log.isSaveResponseData() && StringUtils.isNotNull(jsonResult))
+ {
+ operLog.setJsonResult(StringUtils.substring(JSON.toJSONString(jsonResult), 0, 2000));
}
}
@@ -155,55 +162,54 @@
* @param operLog 操作日志
* @throws Exception 异常
*/
- private void setRequestValue(JoinPoint joinPoint, SysOperLog operLog) throws Exception
+ private void setRequestValue(JoinPoint joinPoint, SysOperLog operLog, String[] excludeParamNames) throws Exception
{
+ Map<?, ?> paramsMap = ServletUtils.getParamMap(ServletUtils.getRequest());
String requestMethod = operLog.getRequestMethod();
- if (HttpMethod.PUT.name().equals(requestMethod) || HttpMethod.POST.name().equals(requestMethod))
+ if (StringUtils.isEmpty(paramsMap)
+ && (HttpMethod.PUT.name().equals(requestMethod) || HttpMethod.POST.name().equals(requestMethod)))
{
- String params = argsArrayToString(joinPoint.getArgs());
+ String params = argsArrayToString(joinPoint.getArgs(), excludeParamNames);
operLog.setOperParam(StringUtils.substring(params, 0, 2000));
}
else
{
- Map<?, ?> paramsMap = (Map<?, ?>) ServletUtils.getRequest().getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE);
- operLog.setOperParam(StringUtils.substring(paramsMap.toString(), 0, 2000));
+ operLog.setOperParam(StringUtils.substring(JSON.toJSONString(paramsMap, excludePropertyPreFilter(excludeParamNames)), 0, 2000));
}
- }
-
- /**
- * 是否存在注解,如果存在就获取
- */
- private Log getAnnotationLog(JoinPoint joinPoint) throws Exception
- {
- Signature signature = joinPoint.getSignature();
- MethodSignature methodSignature = (MethodSignature) signature;
- Method method = methodSignature.getMethod();
-
- if (method != null)
- {
- return method.getAnnotation(Log.class);
- }
- return null;
}
/**
* 参数拼装
*/
- private String argsArrayToString(Object[] paramsArray)
+ private String argsArrayToString(Object[] paramsArray, String[] excludeParamNames)
{
String params = "";
if (paramsArray != null && paramsArray.length > 0)
{
- for (int i = 0; i < paramsArray.length; i++)
+ for (Object o : paramsArray)
{
- if (!isFilterObject(paramsArray[i]))
+ if (StringUtils.isNotNull(o) && !isFilterObject(o))
{
- Object jsonObj = JSON.toJSON(paramsArray[i]);
- params += jsonObj.toString() + " ";
+ try
+ {
+ String jsonObj = JSON.toJSONString(o, excludePropertyPreFilter(excludeParamNames));
+ params += jsonObj.toString() + " ";
+ }
+ catch (Exception e)
+ {
+ }
}
}
}
return params.trim();
+ }
+
+ /**
+ * 忽略敏感属性
+ */
+ public PropertyPreExcludeFilter excludePropertyPreFilter(String[] excludeParamNames)
+ {
+ return new PropertyPreExcludeFilter().addExcludes(ArrayUtils.addAll(EXCLUDE_PROPERTIES, excludeParamNames));
}
/**
@@ -212,6 +218,7 @@
* @param o 对象信息。
* @return 如果是需要过滤的对象,则返回true;否则返回false。
*/
+ @SuppressWarnings("rawtypes")
public boolean isFilterObject(final Object o)
{
Class<?> clazz = o.getClass();
@@ -222,20 +229,21 @@
else if (Collection.class.isAssignableFrom(clazz))
{
Collection collection = (Collection) o;
- for (Iterator iter = collection.iterator(); iter.hasNext();)
+ for (Object value : collection)
{
- return iter.next() instanceof MultipartFile;
+ return value instanceof MultipartFile;
}
}
else if (Map.class.isAssignableFrom(clazz))
{
Map map = (Map) o;
- for (Iterator iter = map.entrySet().iterator(); iter.hasNext(); )
+ for (Object value : map.entrySet())
{
- Map.Entry entry = (Map.Entry) iter.next();
+ Map.Entry entry = (Map.Entry) value;
return entry.getValue() instanceof MultipartFile;
}
}
- return o instanceof MultipartFile || o instanceof HttpServletRequest || o instanceof HttpServletResponse;
+ return o instanceof MultipartFile || o instanceof HttpServletRequest || o instanceof HttpServletResponse
+ || o instanceof BindingResult;
}
}
--
Gitblit v1.9.2