fix: 日志记录敏感属性字段进行掩码

2024-03-06 09:59:36 +08:00
parent 315021fa5a
commit ad5e7fbf23
1 changed files with 50 additions and 20 deletions
--- a/src/framework/middleware/collectlogs/operate_log.go
+++ b/src/framework/middleware/collectlogs/operate_log.go
@@ -3,6 +3,7 @@ package collectlogs
 import (
 	"encoding/json"
 	"fmt"
+	"reflect"
 	"strings"
 	"time"

@@ -83,17 +84,6 @@ func OptionNew(title, businessType string) Options {
 	}
 }

-// 敏感属性字段进行掩码
-var maskProperties []string = []string{
-	"password",
-	"privateKey",
-	"privatePassword",
-	"passPhrase",
-	"oldPassword",
-	"newPassword",
-	"confirmPassword",
-}
-
 // OperateLog 访问操作日志记录
 //
 // 请在用户身份授权认证校验后使用以便获取登录用户信息
@@ -139,15 +129,8 @@ func OperateLog(options Options) gin.HandlerFunc {
 		// 是否需要保存request，参数和值
 		if options.IsSaveRequestData {
 			params := ctx.RequestParamsMap(c)
-			for k, v := range params {
-				// 敏感属性字段进行掩码
-				for _, s := range maskProperties {
-					if s == k {
-						params[k] = parse.SafeContent(v.(string))
-						break
-					}
-				}
-			}
+			// 敏感属性字段进行掩码
+			processSensitiveFields(params)
 			jsonStr, _ := json.Marshal(params)
 			paramsStr := string(jsonStr)
 			if len(paramsStr) > 2000 {
@@ -185,3 +168,50 @@ func OperateLog(options Options) gin.HandlerFunc {
 		service.NewSysLogOperateImpl.InsertSysLogOperate(operLog)
 	}
 }
+
+// 敏感属性字段进行掩码
+var maskProperties []string = []string{
+	"password",
+	"privateKey",
+	"privatePassword",
+	"passPhrase",
+	"oldPassword",
+	"newPassword",
+	"confirmPassword",
+}
+
+// processSensitiveFields 处理敏感属性字段
+func processSensitiveFields(obj interface{}) {
+	val := reflect.ValueOf(obj)
+
+	switch val.Kind() {
+	case reflect.Map:
+		for _, key := range val.MapKeys() {
+			value := val.MapIndex(key)
+			keyStr := key.Interface().(string)
+
+			// 遍历是否敏感属性
+			hasMaskKey := false
+			for _, v := range maskProperties {
+				if v == keyStr {
+					hasMaskKey = true
+					break
+				}
+			}
+
+			if hasMaskKey {
+				valueStr := value.Interface().(string)
+				if len(valueStr) > 100 {
+					valueStr = valueStr[0:100]
+				}
+				val.SetMapIndex(key, reflect.ValueOf(parse.SafeContent(valueStr)))
+			} else {
+				processSensitiveFields(value.Interface())
+			}
+		}
+	case reflect.Slice, reflect.Array:
+		for i := 0; i < val.Len(); i++ {
+			processSensitiveFields(val.Index(i).Interface())
+		}
+	}
+}