From bc30ab7c034a26fc06d0e2a362dd73d5a5fcce50 Mon Sep 17 00:00:00 2001
From: giveup <giveup@users.noreply.github.com>
Date: Wed, 27 May 2020 23:29:00 +0800
Subject: [PATCH] =?UTF-8?q?=E6=94=B9=E8=BF=9B=E8=84=B1=E6=95=8F=20(#874)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fixed typos

* 改进脱敏

* 改进脱敏

* 添加脱敏单元测试

Co-authored-by: Your Name <you@example.com>
---
 .../halo/app/annotation/SensitiveConceal.java | 15 +++++
 .../app/aspect/SensitiveConcealAspect.java    | 57 ++++++++++++++++++
 .../content/api/JournalController.java        | 12 ++--
 .../content/api/PostController.java           | 13 ++--
 .../content/api/SheetController.java          | 12 ++--
 .../base/BaseCommentRepository.java           | 11 ++++
 .../repository/base/BaseRepositoryImpl.java   |  3 +
 .../app/service/base/BaseCommentService.java  |  3 +
 .../service/impl/BaseCommentServiceImpl.java  |  3 +
 .../aspect/SensitiveConcealAspectTest.java    | 60 +++++++++++++++++++
 10 files changed, 164 insertions(+), 25 deletions(-)
 create mode 100644 src/main/java/run/halo/app/annotation/SensitiveConceal.java
 create mode 100644 src/main/java/run/halo/app/aspect/SensitiveConcealAspect.java
 create mode 100644 src/test/java/run/halo/app/aspect/SensitiveConcealAspectTest.java

diff --git a/src/main/java/run/halo/app/annotation/SensitiveConceal.java b/src/main/java/run/halo/app/annotation/SensitiveConceal.java
new file mode 100644
index 000000000..2df8ea2e9
--- /dev/null
+++ b/src/main/java/run/halo/app/annotation/SensitiveConceal.java
@@ -0,0 +1,15 @@
+package run.halo.app.annotation;
+
+
+import java.lang.annotation.*;
+
+/**
+ * @author giveup
+ * @description SensitiveConceal
+ * @date 8:18 PM 26/5/2020
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Inherited
+public @interface SensitiveConceal {
+}
diff --git a/src/main/java/run/halo/app/aspect/SensitiveConcealAspect.java b/src/main/java/run/halo/app/aspect/SensitiveConcealAspect.java
new file mode 100644
index 000000000..15f311adf
--- /dev/null
+++ b/src/main/java/run/halo/app/aspect/SensitiveConcealAspect.java
@@ -0,0 +1,57 @@
+package run.halo.app.aspect;
+
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.springframework.stereotype.Component;
+import run.halo.app.model.entity.BaseComment;
+import run.halo.app.security.context.SecurityContextHolder;
+
+
+/**
+ * @author giveup
+ * @description SensitiveMaskAspect
+ * @date 10:22 PM 25/5/2020
+ */
+@Aspect
+@Component
+public class SensitiveConcealAspect {
+
+
+    @Pointcut("@annotation(run.halo.app.annotation.SensitiveConceal)")
+    public void pointCut() {
+    }
+
+    private Object sensitiveMask(Object comment) {
+        if (comment instanceof BaseComment) {
+            ((BaseComment) comment).setEmail("");
+            ((BaseComment) comment).setIpAddress("");
+        }
+        return comment;
+    }
+
+
+    @Around("pointCut()")
+    public Object mask(ProceedingJoinPoint joinPoint) throws Throwable {
+
+        Object result = joinPoint.proceed();
+
+        if (SecurityContextHolder.getContext().isAuthenticated()) {
+
+            return result;
+
+        }
+
+        if (result instanceof Iterable) {
+
+            ((Iterable<?>) result).forEach(this::sensitiveMask);
+
+        }
+
+        return sensitiveMask(result);
+
+    }
+
+
+}
diff --git a/src/main/java/run/halo/app/controller/content/api/JournalController.java b/src/main/java/run/halo/app/controller/content/api/JournalController.java
index 4899db526..cf969b47d 100644
--- a/src/main/java/run/halo/app/controller/content/api/JournalController.java
+++ b/src/main/java/run/halo/app/controller/content/api/JournalController.java
@@ -73,8 +73,7 @@ public class JournalController {
     public Page<CommentWithHasChildrenVO> listTopComments(@PathVariable("journalId") Integer journalId,
                                                           @RequestParam(name = "page", required = false, defaultValue = "0") int page,
                                                           @SortDefault(sort = "createTime", direction = DESC) Sort sort) {
-        Page<CommentWithHasChildrenVO> result = journalCommentService.pageTopCommentsBy(journalId, CommentStatus.PUBLISHED, PageRequest.of(page, optionService.getCommentPageSize(), sort));
-        return journalCommentService.filterIpAddress(result);
+        return journalCommentService.pageTopCommentsBy(journalId, CommentStatus.PUBLISHED, PageRequest.of(page, optionService.getCommentPageSize(), sort));
     }
 
     @GetMapping("{journalId:\\d+}/comments/{commentParentId:\\d+}/children")
@@ -84,8 +83,7 @@ public class JournalController {
         // Find all children comments
         List<JournalComment> postComments = journalCommentService.listChildrenBy(journalId, commentParentId, CommentStatus.PUBLISHED, sort);
         // Convert to base comment dto
-        List<BaseCommentDTO> result = journalCommentService.convertTo(postComments);
-        return journalCommentService.filterIpAddress(result);
+        return journalCommentService.convertTo(postComments);
     }
 
     @GetMapping("{journalId:\\d+}/comments/tree_view")
@@ -93,8 +91,7 @@ public class JournalController {
     public Page<BaseCommentVO> listCommentsTree(@PathVariable("journalId") Integer journalId,
                                                 @RequestParam(name = "page", required = false, defaultValue = "0") int page,
                                                 @SortDefault(sort = "createTime", direction = DESC) Sort sort) {
-        Page<BaseCommentVO> result = journalCommentService.pageVosBy(journalId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
-        return journalCommentService.filterIpAddress(result);
+        return journalCommentService.pageVosBy(journalId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
     }
 
     @GetMapping("{journalId:\\d+}/comments/list_view")
@@ -102,8 +99,7 @@ public class JournalController {
     public Page<BaseCommentWithParentVO> listComments(@PathVariable("journalId") Integer journalId,
                                                       @RequestParam(name = "page", required = false, defaultValue = "0") int page,
                                                       @SortDefault(sort = "createTime", direction = DESC) Sort sort) {
-        Page<BaseCommentWithParentVO> result = journalCommentService.pageWithParentVoBy(journalId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
-        return journalCommentService.filterIpAddress(result);
+        return journalCommentService.pageWithParentVoBy(journalId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
     }
 
     @PostMapping("comments")
diff --git a/src/main/java/run/halo/app/controller/content/api/PostController.java b/src/main/java/run/halo/app/controller/content/api/PostController.java
index 3659fc9b0..241a7a0f6 100644
--- a/src/main/java/run/halo/app/controller/content/api/PostController.java
+++ b/src/main/java/run/halo/app/controller/content/api/PostController.java
@@ -91,9 +91,7 @@ public class PostController {
                                                           @RequestParam(name = "page", required = false, defaultValue = "0") int page,
                                                           @SortDefault(sort = "createTime", direction = DESC) Sort sort) {
 
-        Page<CommentWithHasChildrenVO> result = postCommentService.pageTopCommentsBy(postId, CommentStatus.PUBLISHED, PageRequest.of(page, optionService.getCommentPageSize(), sort));
-
-        return postCommentService.filterIpAddress(result);
+        return postCommentService.pageTopCommentsBy(postId, CommentStatus.PUBLISHED, PageRequest.of(page, optionService.getCommentPageSize(), sort));
     }
 
 
@@ -105,9 +103,7 @@ public class PostController {
         List<PostComment> postComments = postCommentService.listChildrenBy(postId, commentParentId, CommentStatus.PUBLISHED, sort);
         // Convert to base comment dto
 
-        List<BaseCommentDTO> result = postCommentService.convertTo(postComments);
-
-        return postCommentService.filterIpAddress(result);
+        return postCommentService.convertTo(postComments);
     }
 
     @GetMapping("{postId:\\d+}/comments/tree_view")
@@ -115,8 +111,7 @@ public class PostController {
     public Page<BaseCommentVO> listCommentsTree(@PathVariable("postId") Integer postId,
                                                 @RequestParam(name = "page", required = false, defaultValue = "0") int page,
                                                 @SortDefault(sort = "createTime", direction = DESC) Sort sort) {
-        Page<BaseCommentVO> result = postCommentService.pageVosBy(postId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
-        return postCommentService.filterIpAddress(result);
+        return postCommentService.pageVosBy(postId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
     }
 
     @GetMapping("{postId:\\d+}/comments/list_view")
@@ -125,7 +120,7 @@ public class PostController {
                                                       @RequestParam(name = "page", required = false, defaultValue = "0") int page,
                                                       @SortDefault(sort = "createTime", direction = DESC) Sort sort) {
         Page<BaseCommentWithParentVO> result = postCommentService.pageWithParentVoBy(postId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
-        return postCommentService.filterIpAddress(result);
+        return result;
     }
 
     @PostMapping("comments")
diff --git a/src/main/java/run/halo/app/controller/content/api/SheetController.java b/src/main/java/run/halo/app/controller/content/api/SheetController.java
index 84a75e2ac..fefec2680 100644
--- a/src/main/java/run/halo/app/controller/content/api/SheetController.java
+++ b/src/main/java/run/halo/app/controller/content/api/SheetController.java
@@ -80,8 +80,7 @@ public class SheetController {
     public Page<CommentWithHasChildrenVO> listTopComments(@PathVariable("sheetId") Integer sheetId,
                                                           @RequestParam(name = "page", required = false, defaultValue = "0") int page,
                                                           @SortDefault(sort = "createTime", direction = DESC) Sort sort) {
-        Page<CommentWithHasChildrenVO> result = sheetCommentService.pageTopCommentsBy(sheetId, CommentStatus.PUBLISHED, PageRequest.of(page, optionService.getCommentPageSize(), sort));
-        return sheetCommentService.filterIpAddress(result);
+        return sheetCommentService.pageTopCommentsBy(sheetId, CommentStatus.PUBLISHED, PageRequest.of(page, optionService.getCommentPageSize(), sort));
     }
 
     @GetMapping("{sheetId:\\d+}/comments/{commentParentId:\\d+}/children")
@@ -91,8 +90,7 @@ public class SheetController {
         // Find all children comments
         List<SheetComment> sheetComments = sheetCommentService.listChildrenBy(sheetId, commentParentId, CommentStatus.PUBLISHED, sort);
         // Convert to base comment dto
-        List<BaseCommentDTO> result = sheetCommentService.convertTo(sheetComments);
-        return sheetCommentService.filterIpAddress(result);
+        return sheetCommentService.convertTo(sheetComments);
     }
 
 
@@ -101,8 +99,7 @@ public class SheetController {
     public Page<BaseCommentVO> listCommentsTree(@PathVariable("sheetId") Integer sheetId,
                                                 @RequestParam(name = "page", required = false, defaultValue = "0") int page,
                                                 @SortDefault(sort = "createTime", direction = DESC) Sort sort) {
-        Page<BaseCommentVO> result = sheetCommentService.pageVosBy(sheetId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
-        return sheetCommentService.filterIpAddress(result);
+        return sheetCommentService.pageVosBy(sheetId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
     }
 
     @GetMapping("{sheetId:\\d+}/comments/list_view")
@@ -110,8 +107,7 @@ public class SheetController {
     public Page<BaseCommentWithParentVO> listComments(@PathVariable("sheetId") Integer sheetId,
                                                       @RequestParam(name = "page", required = false, defaultValue = "0") int page,
                                                       @SortDefault(sort = "createTime", direction = DESC) Sort sort) {
-        Page<BaseCommentWithParentVO> result = sheetCommentService.pageWithParentVoBy(sheetId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
-        return sheetCommentService.filterIpAddress(result);
+        return sheetCommentService.pageWithParentVoBy(sheetId, PageRequest.of(page, optionService.getCommentPageSize(), sort));
     }
 
     @PostMapping("comments")
diff --git a/src/main/java/run/halo/app/repository/base/BaseCommentRepository.java b/src/main/java/run/halo/app/repository/base/BaseCommentRepository.java
index 45e63af93..c1de1a492 100644
--- a/src/main/java/run/halo/app/repository/base/BaseCommentRepository.java
+++ b/src/main/java/run/halo/app/repository/base/BaseCommentRepository.java
@@ -7,6 +7,7 @@ import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.NoRepositoryBean;
 import org.springframework.lang.NonNull;
 import org.springframework.lang.Nullable;
+import run.halo.app.annotation.SensitiveConceal;
 import run.halo.app.model.entity.BaseComment;
 import run.halo.app.model.enums.CommentStatus;
 import run.halo.app.model.projection.CommentChildrenCountProjection;
@@ -33,6 +34,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @return a page of comment
      */
     @NonNull
+    @SensitiveConceal
     Page<COMMENT> findAllByStatus(@Nullable CommentStatus status, @NonNull Pageable pageable);
 
 
@@ -43,6 +45,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @return a list of comment
      */
     @NonNull
+    @SensitiveConceal
     List<COMMENT> findAllByPostIdIn(@NonNull Collection<Integer> postIds);
 
     /**
@@ -52,6 +55,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @return a list of comment
      */
     @NonNull
+    @SensitiveConceal
     List<COMMENT> findAllByPostId(@NonNull Integer postId);
 
     /**
@@ -109,6 +113,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @return a list of comment
      */
     @NonNull
+    @SensitiveConceal
     List<COMMENT> findAllByPostIdAndStatus(Integer postId, CommentStatus status);
 
     /**
@@ -120,6 +125,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @return a page of comment
      */
     @NonNull
+    @SensitiveConceal
     Page<COMMENT> findAllByPostIdAndStatus(Integer postId, CommentStatus status, Pageable pageable);
 
     /**
@@ -131,6 +137,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @return a list of comment
      */
     @NonNull
+    @SensitiveConceal
     List<COMMENT> findAllByPostIdAndStatusAndParentId(@NonNull Integer postId, @NonNull CommentStatus status, @NonNull Long parentId);
 
     /**
@@ -141,6 +148,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @return a list of comment
      */
     @NonNull
+    @SensitiveConceal
     List<COMMENT> findAllByPostIdAndParentId(@NonNull Integer postId, @NonNull Long parentId);
 
     /**
@@ -151,6 +159,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @return a list of comment
      */
     @NonNull
+    @SensitiveConceal
     List<COMMENT> findAllByStatusAndParentIdIn(@NonNull CommentStatus status, @NonNull Collection<Long> parentIds);
 
     /**
@@ -159,6 +168,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @param parentIds parent id collection must not be null
      * @return a list of comment
      */
+    @SensitiveConceal
     List<COMMENT> findAllByParentIdIn(@NonNull Collection<Long> parentIds);
 
     /**
@@ -171,6 +181,7 @@ public interface BaseCommentRepository<COMMENT extends BaseComment> extends Base
      * @return a page of comment
      */
     @NonNull
+    @SensitiveConceal
     Page<COMMENT> findAllByPostIdAndStatusAndParentId(Integer postId, CommentStatus status, Long parentId, Pageable pageable);
 
 
diff --git a/src/main/java/run/halo/app/repository/base/BaseRepositoryImpl.java b/src/main/java/run/halo/app/repository/base/BaseRepositoryImpl.java
index 7999e84b6..c8fc96c62 100644
--- a/src/main/java/run/halo/app/repository/base/BaseRepositoryImpl.java
+++ b/src/main/java/run/halo/app/repository/base/BaseRepositoryImpl.java
@@ -12,6 +12,7 @@ import org.springframework.data.repository.support.PageableExecutionUtils;
 import org.springframework.lang.Nullable;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.Assert;
+import run.halo.app.annotation.SensitiveConceal;
 
 import javax.persistence.EntityManager;
 import javax.persistence.TypedQuery;
@@ -71,6 +72,7 @@ public class BaseRepositoryImpl<DOMAIN, ID> extends SimpleJpaRepository<DOMAIN,
      * @return a list of domains
      */
     @Override
+    @SensitiveConceal
     public List<DOMAIN> findAllByIdIn(Collection<ID> ids, Sort sort) {
         Assert.notNull(ids, "The given Collection of Id's must not be null!");
         Assert.notNull(sort, "Sort info must nto be null");
@@ -93,6 +95,7 @@ public class BaseRepositoryImpl<DOMAIN, ID> extends SimpleJpaRepository<DOMAIN,
     }
 
     @Override
+    @SensitiveConceal
     public Page<DOMAIN> findAllByIdIn(Collection<ID> ids, Pageable pageable) {
         Assert.notNull(ids, "The given Collection of Id's must not be null!");
         Assert.notNull(pageable, "Page info must nto be null");
diff --git a/src/main/java/run/halo/app/service/base/BaseCommentService.java b/src/main/java/run/halo/app/service/base/BaseCommentService.java
index 9b562cd45..787fa3c56 100644
--- a/src/main/java/run/halo/app/service/base/BaseCommentService.java
+++ b/src/main/java/run/halo/app/service/base/BaseCommentService.java
@@ -287,6 +287,7 @@ public interface BaseCommentService<COMMENT extends BaseComment> extends CrudSer
      *
      * @param comment comment dto must not be null
      */
+    @Deprecated
     <T extends BaseCommentDTO> T filterIpAddress(@NonNull T comment);
 
     /**
@@ -294,6 +295,7 @@ public interface BaseCommentService<COMMENT extends BaseComment> extends CrudSer
      *
      * @param comments comment dto list
      */
+    @Deprecated
     <T extends BaseCommentDTO> List<T> filterIpAddress(@Nullable List<T> comments);
 
     /**
@@ -301,6 +303,7 @@ public interface BaseCommentService<COMMENT extends BaseComment> extends CrudSer
      *
      * @param commentPage comment page
      */
+    @Deprecated
     <T extends BaseCommentDTO> Page<T> filterIpAddress(@NonNull Page<T> commentPage);
 
     /**
diff --git a/src/main/java/run/halo/app/service/impl/BaseCommentServiceImpl.java b/src/main/java/run/halo/app/service/impl/BaseCommentServiceImpl.java
index b3df5e2a9..33e981c54 100644
--- a/src/main/java/run/halo/app/service/impl/BaseCommentServiceImpl.java
+++ b/src/main/java/run/halo/app/service/impl/BaseCommentServiceImpl.java
@@ -564,6 +564,7 @@ public abstract class BaseCommentServiceImpl<COMMENT extends BaseComment> extend
     }
 
     @Override
+    @Deprecated
     public <T extends BaseCommentDTO> T filterIpAddress(@NonNull T comment) {
         Assert.notNull(comment, "Base comment dto must not be null");
 
@@ -592,6 +593,7 @@ public abstract class BaseCommentServiceImpl<COMMENT extends BaseComment> extend
     }
 
     @Override
+    @Deprecated
     public <T extends BaseCommentDTO> List<T> filterIpAddress(List<T> comments) {
         if (CollectionUtils.isEmpty(comments)) {
             return Collections.emptyList();
@@ -603,6 +605,7 @@ public abstract class BaseCommentServiceImpl<COMMENT extends BaseComment> extend
     }
 
     @Override
+    @Deprecated
     public <T extends BaseCommentDTO> Page<T> filterIpAddress(Page<T> commentPage) {
         Assert.notNull(commentPage, "Comment page must not be null");
         commentPage.forEach(this::filterIpAddress);
diff --git a/src/test/java/run/halo/app/aspect/SensitiveConcealAspectTest.java b/src/test/java/run/halo/app/aspect/SensitiveConcealAspectTest.java
new file mode 100644
index 000000000..e29bf0d2a
--- /dev/null
+++ b/src/test/java/run/halo/app/aspect/SensitiveConcealAspectTest.java
@@ -0,0 +1,60 @@
+package run.halo.app.aspect;
+
+import lombok.extern.slf4j.Slf4j;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+import run.halo.app.model.entity.PostComment;
+import run.halo.app.model.entity.User;
+import run.halo.app.security.authentication.AuthenticationImpl;
+import run.halo.app.security.context.SecurityContextHolder;
+import run.halo.app.security.context.SecurityContextImpl;
+import run.halo.app.security.support.UserDetail;
+import run.halo.app.service.PostCommentService;
+
+import java.util.List;
+
+
+/**
+ * @author giveup
+ * @description SensitiveConcealAspectTest
+ * @date 1:14 AM 27/5/2020
+ */
+@RunWith(SpringRunner.class)
+@SpringBootTest
+@Slf4j
+public class SensitiveConcealAspectTest {
+
+
+    @Autowired
+    private PostCommentService postCommentService;
+
+
+    @Test
+    public void testGuest() {
+
+        List<PostComment> postComments = postCommentService.listBy(1);
+        for (PostComment postComment : postComments) {
+            Assert.assertEquals("", postComment.getIpAddress());
+            Assert.assertEquals("", postComment.getEmail());
+        }
+
+    }
+
+    @Test
+    public void testAdmin() {
+
+        SecurityContextHolder.setContext(new SecurityContextImpl(new AuthenticationImpl(new UserDetail(new User()))));
+
+        List<PostComment> postComments = postCommentService.listBy(1);
+        for (PostComment postComment : postComments) {
+            Assert.assertEquals("127.0.0.1", postComment.getIpAddress());
+            Assert.assertEquals("hi@halo.run", postComment.getEmail());
+        }
+
+    }
+
+}