数据库加密组件

4cf0013f · 郑冰晶 · b554ed75 · 4cf0013f
Commit 4cf0013f authored Sep 02, 2021 by 郑冰晶
Showing with 47 additions and 25 deletions

MySqlSecurityParameterVisitor.java matrix-datasource/matrix-datasource-security/matrix-datasource-security-druid/src/main/java/com/secoo/mall/datasource/security/visitor/MySqlSecurityParameterVisitor.java +47 -25

No files found.
--- a/matrix-datasource/matrix-datasource-security/matrix-datasource-security-druid/src/main/java/com/secoo/mall/datasource/security/visitor/MySqlSecurityParameterVisitor.java
+++ b/matrix-datasource/matrix-datasource-security/matrix-datasource-security-druid/src/main/java/com/secoo/mall/datasource/security/visitor/MySqlSecurityParameterVisitor.java
@@ -98,18 +98,31 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
            return true;
        }
-        this.encryptColumnParameters.add(new Parameter(column.getTableName(),column.getColumnAlias(), column.getColumnName(), x.getIndex(),x.getName(),columnRule));
+        this.encryptColumnParameters.add(new Parameter(column,x.getName(), x.getIndex(),columnRule, null));
        return true;
    }
-    public boolean visit(SQLInsertStatement x) {
+    public boolean visit(MySqlInsertStatement x) {
-        String tableName = x.getTableName().getSimpleName();
+        if (repository != null
+                && x.getParent() == null) {
+            repository.resolve(x);
+        }
+        accept(x.getColumns());
+        accept(x.getValuesList());
+        accept(x.getQuery());
+        accept(x.getDuplicateKeyUpdate());
+        // 插入sql不能省略列名
        List<SQLExpr> columns = x.getColumns();
+        if(columns.isEmpty()){
+            return true;
+        }
+        String tableName = x.getTableName().getSimpleName();
+        // columns
        Map<Integer, Column> columnMap = new HashMap<>();
-        // 插入sql不能省略列名
-        if(!columns.isEmpty()){
        for(int i=0;i<columns.size();i++){
            SQLExpr columnSQLExpr = columns.get(i);
            String columnName = null;
@@ -122,10 +135,11 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
                columnName = columnSQLPropertyExpr.getName();
            }
-                Column column = new Column(tableName,"",columnName);
+            Column column = new Column(tableName,"",columnName,"",null);
            columnMap.put(i,column);
        }
+        // values
        List<MySqlInsertStatement.ValuesClause> valuesClauses = x.getValuesList();
        for(SQLInsertStatement.ValuesClause valuesClause:valuesClauses){
            List<SQLExpr> values = valuesClause.getValues();
@@ -148,37 +162,45 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
                if(columnRule == null){
                    return true;
                }
-                    Parameter parameter = new Parameter(column.getTableName(),column.getColumnAlias(),column.getColumnName(),variantRefExpr.getIndex(),variantRefExpr.getName(),columnRule);
+                Parameter parameter = new Parameter(column,variantRefExpr.getName(),variantRefExpr.getIndex(),columnRule,null);
                this.encryptColumnParameters.add(parameter);
            }
        }
-        }
-        return true;
+        // duplicateKeyUpdate
+        List<SQLExpr> duplicateKeyUpdate = x.getDuplicateKeyUpdate();
+        for(int i=0;i<duplicateKeyUpdate.size();i++){
+            SQLExpr sqlExpr = duplicateKeyUpdate.get(i);
+            if(!(sqlExpr instanceof SQLBinaryOpExpr)){
+                sqlExpr.accept(this);
+                continue;
            }
+            SQLBinaryOpExpr sqlBinaryOpExpr = (SQLBinaryOpExpr) sqlExpr;
-    public void endVisit(SQLInsertStatement x) {
+            SQLExpr left = sqlBinaryOpExpr.getLeft();
-        // TODO 根据待增加的明文参数信息，增加明文列
+            SQLExpr right = sqlBinaryOpExpr.getRight();
+            if (!(right instanceof SQLVariantRefExpr)) {// ?
+                continue;
+            }
+            SQLVariantRefExpr variantRefExpr = (SQLVariantRefExpr) right;
+            if(!Token.QUES.name.equals(variantRefExpr.getName())){
+                continue;
            }
-    public boolean visit(SQLSelectItem x) {
+            Column column = this.getMySqlColumn(left);
-        SQLExpr sqlExpr = x.getExpr();
+            if(column == null){
-        return true;
+                continue;
            }
+            ColumnRule columnRule = this.getColumnRule(column.getTableName(),column.getColumnName());
+            if(columnRule == null){
+                continue;
+            }
-    public boolean visit(SQLUpdateSetItem x) {
+            this.encryptColumnParameters.add(new Parameter(column,variantRefExpr.getName(), variantRefExpr.getIndex(),columnRule, null));
-        // TODO 如果是逻辑列，替换为加密列，修改加密参数；如果有明文列，同时记录增加的明文参数信息
-        return true;
        }
-    /**
+        return true;
-     * 增加明文列
-     * @param x
-     */
-    public void endVisit(SQLUpdateStatement x) {
-        // TODO 根据待增加的明文参数信息，增加明文列
    }
    /**
@@ -261,7 +283,7 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
            return null;
        }
-        return new Column(tableName.toString(),"",columnName);
+        return new Column(tableName,"",columnName,"",null);
    }
    private SQLExpr unwrapExpr(SQLExpr expr) {