Index: ssts-web/src/test/java/test/forgon/tools/util/StringUtilTests.java =================================================================== diff -u -r26085 -r41200 --- ssts-web/src/test/java/test/forgon/tools/util/StringUtilTests.java (.../StringUtilTests.java) (revision 26085) +++ ssts-web/src/test/java/test/forgon/tools/util/StringUtilTests.java (.../StringUtilTests.java) (revision 41200) @@ -17,4 +17,66 @@ assertEquals(StringUtil.combineString("|","","b","c"),"b|c"); assertEquals(StringUtil.combineString("|"," ","b","c"),"b|c"); } + + /** + * 姓名数据脱敏:头一末一,中间为*,如张三为张*三、穆罕穆德为穆*德; + */ + @Test + public void testMaskName(){ + //空白 + assertEquals(StringUtil.maskName(""), ""); + //字符串长度小于2 + assertEquals(StringUtil.maskName("a"), "a"); + //字符串长度等于2 + assertEquals(StringUtil.maskName("张三"), "张*三"); + //字符串长度大于2 + assertEquals(StringUtil.maskName("穆罕穆德"), "穆*德"); + } + + /** + * 手机号码数据脱敏:前三后四,中间4个 + */ + @Test + public void testMaskPhoneNumber(){ + //空白 + assertEquals(StringUtil.maskPhoneNumber(""), ""); + //字符串长度小于2 + assertEquals(StringUtil.maskPhoneNumber("1"), "1"); + //字符串长度等于7 + assertEquals(StringUtil.maskPhoneNumber("1231234"), "123****1234"); + //字符串长度大于7 + assertEquals(StringUtil.maskPhoneNumber("12345671234"), "123****1234"); + } + + /** + * 身份证号码数据脱敏,前三后二,中间13个 + */ + @Test + public void testMaskIDCardNumber(){ + //空白 + assertEquals(StringUtil.maskIDCardNumber(""), ""); + //字符串长度小于5 + assertEquals(StringUtil.maskIDCardNumber("1"), "1"); + //字符串长度等于5 + assertEquals(StringUtil.maskIDCardNumber("12312"), "123*************12"); + //字符串长度小于5 + assertEquals(StringUtil.maskIDCardNumber("123456789012345612"), "123*************12"); + } + + /** + * 邮箱:对@前面的字符,只显示第1个字符,然后固定显示6个*;@后面的地址完整显示。 + * 例如完整邮箱为li@example.com,脱敏显示为l******@example.com。 + */ + @Test + public void testMaskEmail(){ + //空白 + assertEquals(StringUtil.maskEmail(""), ""); + //不包含@ + assertEquals(StringUtil.maskEmail("liexample.com"), "l******"); + //包含@ + assertEquals(StringUtil.maskEmail("li@example.com"), "l******@example.com"); + //@在最后面 + assertEquals(StringUtil.maskEmail("li@"), "l******@"); + } + } Index: ssts-userecord/src/main/java/com/forgon/disinfectsystem/useRecord/dwr/table/UseRecordTableManager.java =================================================================== diff -u -r36774 -r41200 --- ssts-userecord/src/main/java/com/forgon/disinfectsystem/useRecord/dwr/table/UseRecordTableManager.java (.../UseRecordTableManager.java) (revision 36774) +++ ssts-userecord/src/main/java/com/forgon/disinfectsystem/useRecord/dwr/table/UseRecordTableManager.java (.../UseRecordTableManager.java) (revision 41200) @@ -11,14 +11,12 @@ import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.Map.Entry; import java.util.Set; import net.sf.json.JSONArray; import net.sf.json.JSONObject; import org.apache.commons.collections4.CollectionUtils; -import org.apache.commons.collections4.MapUtils; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang3.StringEscapeUtils; @@ -45,6 +43,7 @@ import com.forgon.tools.json.JSONUtil; import com.forgon.tools.string.StringTools; import com.forgon.tools.util.SqlUtils; +import com.forgon.util.StringUtil; /** * @@ -293,10 +292,37 @@ //关联查询特殊感染类型设置(GDSRMYY-550) returnJson = searchSpecialInfection(returnJson); + + //使用记录列表,后台将返回的姓名和身份证的数据进行脱敏处理。前台呈现时应脱敏呈现。ZSYY-442 + String maskData = sqlWhereParamMap.get("maskData"); + if(StringUtils.equals(maskData, "true")){ + returnJson = returnDataMaskingUseRecord(returnJson); + } + return returnJson; } /** + * 使用记录列表,后台将返回的姓名和身份证的数据进行脱敏处理。前台呈现时应脱敏呈现。ZSYY-442 + * @param returnJson 返回参数 + * @return + */ + private String returnDataMaskingUseRecord(String returnJson) { + JSONObject jsonData = JSONObject.fromObject(returnJson); + JSONArray rowsJSONArray = jsonData.optJSONArray(JSONUtil.JSON_KEY_ROWS); + if(CollectionUtils.isNotEmpty(rowsJSONArray)){ + for (int i = 0; i < rowsJSONArray.size(); i++) { + JSONObject data = rowsJSONArray.optJSONObject(i); + String patientName = data.optString("patientName"); + String patientIDCard = data.optString("patientIDCard"); + data.put("patientName", StringUtil.maskName(patientName)); + data.put("patientIDCard", StringUtil.maskIDCardNumber(patientIDCard)); + } + } + return jsonData.toString(); + } + + /** * 关联查询特殊感染类型设置(GDSRMYY-550) * @param returnJson * @return Index: ssts-userecord/src/main/java/com/forgon/disinfectsystem/useRecord/action/UseRecordAction.java =================================================================== diff -u -r40313 -r41200 --- ssts-userecord/src/main/java/com/forgon/disinfectsystem/useRecord/action/UseRecordAction.java (.../UseRecordAction.java) (revision 40313) +++ ssts-userecord/src/main/java/com/forgon/disinfectsystem/useRecord/action/UseRecordAction.java (.../UseRecordAction.java) (revision 41200) @@ -57,13 +57,15 @@ import com.forgon.systemsetting.service.HttpOptionManager; import com.forgon.tools.StrutsParamUtils; import com.forgon.tools.StrutsResponseUtils; +import com.forgon.tools.crypto.coder.CoderEncryption; import com.forgon.tools.date.DateTools; import com.forgon.tools.db.DatabaseUtil; import com.forgon.tools.json.DateJsonValueProcessor; import com.forgon.tools.json.JSONUtil; import com.forgon.tools.string.StringTools; import com.forgon.tools.util.ConfigUtils; import com.forgon.tools.util.SqlUtils; +import com.forgon.util.StringUtil; import com.opensymphony.xwork2.ModelDriven; import com.forgon.exception.SystemException; @@ -732,6 +734,8 @@ public void loadUseRecord() { String id = StrutsParamUtils.getPraramValue("id", ""); + //数据脱敏ZSYY-442 + boolean maskData = StrutsParamUtils.getBoolPraramValue("maskData", false); JSONObject result = JSONUtil.buildJsonObject(true); if (StringUtils.isNotBlank(id)) { useRecord = useRecordManager.getUseRecordById(id); @@ -755,11 +759,41 @@ } useRecordJSON.put("specialInfectionJson", specialInfectionJson); useRecordJSON.put("departNameOfpatient", departNameOfpatient); + if(maskData){ + useRecordJSON.put("patientName", StringUtil.maskName(useRecord.getPatientName())); + useRecordJSON.put("patientIDCard", StringUtil.maskIDCardNumber(useRecord.getPatientIDCard())); + } result.put("data", useRecordJSON); StrutsResponseUtils.output(result); } - + /** + * 查看使用记录患者姓名 + */ + public void loadEncryptUseRecordInfo() { + JSONObject result = JSONUtil.buildJsonObject(true); + try { + String id = StrutsParamUtils.getPraramValue("id", ""); + if (StringUtils.isNotBlank(id)) { + useRecord = useRecordManager.getUseRecordById(id); + } + String encryptPatientName = useRecord.getPatientName(); + if(StringUtils.isNotBlank(useRecord.getPatientName())){ + encryptPatientName = CoderEncryption.encryptBASE64(useRecord.getPatientName().getBytes("UTF-8")); + } + String encryptPatientIDCard = useRecord.getPatientIDCard(); + if(StringUtils.isNotBlank(useRecord.getPatientIDCard())){ + encryptPatientIDCard = CoderEncryption.encryptBASE64(useRecord.getPatientIDCard().getBytes("UTF-8")); + } + result.put("encryptPatientName", encryptPatientName); + result.put("encryptPatientIDCard", encryptPatientIDCard); + } catch (Exception e) { + result = JSONUtil.buildJsonObject(false, e.getMessage()); + } + StrutsResponseUtils.output(result); + } + + /** * 删除使用记录 */ public void deleteUseRecord() { Index: forgon-core/src/main/java/com/forgon/util/StringUtil.java =================================================================== diff -u -r38044 -r41200 --- forgon-core/src/main/java/com/forgon/util/StringUtil.java (.../StringUtil.java) (revision 38044) +++ forgon-core/src/main/java/com/forgon/util/StringUtil.java (.../StringUtil.java) (revision 41200) @@ -748,5 +748,73 @@ } return false; } - + + /** + * 姓名数据脱敏,例如:姓名按头一末一,中间为*,如张三为张*三、穆罕穆德为穆*德; + * @param name 姓名 + * @return 脱敏后的姓名 + */ + public static String maskName(String name){ + if(StringUtils.isBlank(name)){ + return name; + } + int length = name.length(); + if(length == 1){ + return name; + } + return name.charAt(0) + "*" + name.charAt(length - 1); + } + + /** + * 身份证号码数据脱敏,前三后二,中间13个* + * @param theIDCardNumber 身份证号码 + * @return 脱敏后的身份证号码 + */ + public static String maskIDCardNumber(String theIDCardNumber){ + if(StringUtils.isBlank(theIDCardNumber)){ + return theIDCardNumber; + } + int length = theIDCardNumber.length(); + if(length < 5){ + return theIDCardNumber; + } + + return theIDCardNumber.substring(0, 3) + "*************" + theIDCardNumber.substring(length - 2); + } + + /** + * 手机号码数据脱敏:前三后四,中间4个* + * @param phoneNumber 手机号码 + * @return 脱敏后的手机号码 + */ + public static String maskPhoneNumber(String phoneNumber){ + if(StringUtils.isBlank(phoneNumber)){ + return phoneNumber; + } + int length = phoneNumber.length(); + if(length < 7){ + return phoneNumber; + } + + return phoneNumber.substring(0, 3) + "****" + phoneNumber.substring(length-4); + } + + /** + * 邮箱数据脱敏:对@前面的字符,只显示第1个字符,然后固定显示6个*;@后面的地址完整显示。 + * 例如完整邮箱为li@example.com,脱敏显示为l******@example.com。 + * @param email 邮箱 + * @return 脱敏后的邮箱 + */ + public static String maskEmail(String email){ + if(StringUtils.isBlank(email)){ + return email; + } + int index = email.lastIndexOf("@"); + if(index == -1){ + return email.charAt(0) + "******"; + } + + return email.charAt(0) + "******" + email.substring(index); + } + } Index: forgon-core/src/main/java/com/forgon/directory/action/UserAction.java =================================================================== diff -u -r39758 -r41200 --- forgon-core/src/main/java/com/forgon/directory/action/UserAction.java (.../UserAction.java) (revision 39758) +++ forgon-core/src/main/java/com/forgon/directory/action/UserAction.java (.../UserAction.java) (revision 41200) @@ -40,6 +40,7 @@ import com.forgon.tools.util.ConfigUtils; import com.forgon.tools.util.PageUtil; import com.forgon.treenode.service.THTreeNodeManager; +import com.forgon.util.StringUtil; import com.opensymphony.xwork2.ModelDriven; import com.opensymphony.xwork2.Preparable; @@ -210,6 +211,8 @@ public String loadForm() { try { StrutsParamUtils.getResponse().setCharacterEncoding("UTF-8"); + //数据脱敏ZSYY-442 + boolean maskData = StrutsParamUtils.getBoolPraramValue("maskData", false); iniInfo(); JsonConfig config = new JsonConfig(); PropertyFilter propertyFilter = new JsonPropertyFilter( @@ -231,6 +234,11 @@ String supplierName = sysUserManager.getUserSupplierName(user); user.setSupplierName(supplierName); } + if(maskData){ + user.setIdCard(StringUtil.maskIDCardNumber(user.getIdCard())); + user.setSmsMumber(StringUtil.maskPhoneNumber(user.getSmsMumber())); + user.setEmail(StringUtil.maskEmail(user.getEmail())); + } map.put("data", user); JSONObject jsonObject = JSONObject.fromObject(map, config); String jsonStr = jsonObject.toString(); Index: forgon-core/src/main/java/com/forgon/security/action/UserAction.java =================================================================== diff -u -r40894 -r41200 --- forgon-core/src/main/java/com/forgon/security/action/UserAction.java (.../UserAction.java) (revision 40894) +++ forgon-core/src/main/java/com/forgon/security/action/UserAction.java (.../UserAction.java) (revision 41200) @@ -283,4 +283,35 @@ } StrutsResponseUtils.output(obj); } + + /** + * 查看用户被脱敏处理的字段ZSYY-442 + */ + public void loadEncryptUserInfo() { + JSONObject result = JSONUtil.buildJsonObject(true); + try { + String id = StrutsParamUtils.getPraramValue("id", ""); + User user = userManager.get(id); + if(user != null){ + String encryptPatientIDCard = user.getIdCard(); + String encryptSmsMunber = user.getSmsMumber(); + String encryptEmail = user.getEmail(); + if(StringUtils.isNotBlank(user.getIdCard())){ + encryptPatientIDCard = CoderEncryption.encryptBASE64(user.getIdCard().getBytes("UTF-8")); + } + if(StringUtils.isNotBlank(user.getSmsMumber())){ + encryptSmsMunber = CoderEncryption.encryptBASE64(user.getSmsMumber().getBytes("UTF-8")); + } + if(StringUtils.isNotBlank(user.getEmail())){ + encryptEmail = CoderEncryption.encryptBASE64(user.getEmail().getBytes("UTF-8")); + } + result.put("encryptPatientIDCard", encryptPatientIDCard); + result.put("encryptSmsMunber", encryptSmsMunber); + result.put("encryptEmail", encryptEmail); + } + } catch (Exception e) { + result = JSONUtil.buildJsonObject(false, e.getMessage()); + } + StrutsResponseUtils.output(result); + } }