1. 限制记录 api 日志的字段长度

2. 完整记录所有的 databus api 的请求日志 3. 新增 iwork 同步可以按 id 维度进行 4. 新增自动扫描 BusinessBaseDO 的公司部门数据权限模式
2025-12-01 17:46:42 +08:00
parent e9542acd27
commit 95d905e76f
15 changed files with 606 additions and 66 deletions
--- a/zt-framework/zt-spring-boot-starter-biz-business/pom.xml
+++ b/zt-framework/zt-spring-boot-starter-biz-business/pom.xml
@@ -36,6 +36,11 @@
            <artifactId>zt-spring-boot-starter-biz-tenant</artifactId>
            <version>${revision}</version>
        </dependency>
        <dependency>
            <groupId>com.zt.plat</groupId>
            <artifactId>zt-spring-boot-starter-mybatis</artifactId>
            <version>${revision}</version>
        </dependency>
        <!-- Test 测试相关 -->
        <dependency>
            <groupId>com.zt.plat</groupId>
--- a/zt-framework/zt-spring-boot-starter-biz-business/src/main/java/com/zt/plat/framework/business/framework/BusinessDataPermissionConfiguration.java
+++ b/zt-framework/zt-spring-boot-starter-biz-business/src/main/java/com/zt/plat/framework/business/framework/BusinessDataPermissionConfiguration.java
@@ -2,27 +2,54 @@ package com.zt.plat.framework.business.framework;
 import com.zt.plat.framework.datapermission.core.rule.company.CompanyDataPermissionRuleCustomizer;
 import com.zt.plat.framework.datapermission.core.rule.dept.DeptDataPermissionRuleCustomizer;
 import org.springframework.beans.factory.BeanFactory;
 import org.springframework.boot.autoconfigure.AutoConfigurationPackages;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import java.util.LinkedHashSet;
 import java.util.Set;
 /**
- * @author chenbowen
+ * 自动为继承 BusinessBaseDO 的实体注册公司/部门数据权限字段。
 */
@Configuration(proxyBeanMethods = false)
 public class BusinessDataPermissionConfiguration {
    @Bean
-    public CompanyDataPermissionRuleCustomizer sysCompanyDataPermissionRuleCustomizer() {
+    public BusinessDataPermissionEntityScanner businessDataPermissionEntityScanner(BeanFactory beanFactory, ApplicationContext applicationContext) {
-        return rule -> {
+        Set<String> basePackages = new LinkedHashSet<>();
-            // companyId
+        if (AutoConfigurationPackages.has(beanFactory)) {
-            rule.addCompanyColumn("demo_contract", "company_id");
+            basePackages.addAll(AutoConfigurationPackages.get(beanFactory));
-        };
+        }
        if (basePackages.isEmpty()) {
            basePackages.add("com.zt");
        }
        ClassLoader classLoader = applicationContext != null
                ? applicationContext.getClassLoader()
                : Thread.currentThread().getContextClassLoader();
        if (classLoader == null) {
            classLoader = BusinessDataPermissionConfiguration.class.getClassLoader();
        }
        return new BusinessDataPermissionEntityScanner(basePackages, classLoader);
    }
    @Bean
-    public DeptDataPermissionRuleCustomizer businessDeptDataPermissionRuleCustomizer() {
+    public CompanyDataPermissionRuleCustomizer autoCompanyDataPermissionRuleCustomizer(BusinessDataPermissionEntityScanner scanner) {
-        return rule -> {
+        return rule -> scanner.getEntityMetadata().forEach(metadata -> {
-            // dept
+            if (metadata.hasCompanyColumn()) {
-            rule.addDeptColumn("demo_contract", "dept_id");
+                rule.addCompanyColumn(metadata.getTableName(), metadata.getCompanyColumn());
-        };
+            }
        });
    }
    @Bean
    public DeptDataPermissionRuleCustomizer autoDeptDataPermissionRuleCustomizer(BusinessDataPermissionEntityScanner scanner) {
        return rule -> scanner.getEntityMetadata().forEach(metadata -> {
            if (metadata.hasDeptColumn()) {
                rule.addDeptColumn(metadata.getTableName(), metadata.getDeptColumn());
            }
        });
    }
 }
--- a/zt-framework/zt-spring-boot-starter-biz-business/src/main/java/com/zt/plat/framework/business/framework/BusinessDataPermissionEntityScanner.java
+++ b/zt-framework/zt-spring-boot-starter-biz-business/src/main/java/com/zt/plat/framework/business/framework/BusinessDataPermissionEntityScanner.java
--- a/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/annotation/CompanyColumn.java
+++ b/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/annotation/CompanyColumn.java
@@ -0,0 +1,23 @@
 package com.zt.plat.framework.mybatis.core.annotation;
 import java.lang.annotation.ElementType;
 import java.lang.annotation.Inherited;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;
 /**
 * 标记业务实体对应表中的公司字段名称，默认 company_id。
 *
 * @author chenbow
 */
@Target(ElementType.TYPE)
@Retention(RetentionPolicy.RUNTIME)
@Inherited
 public @interface CompanyColumn {
    /**
     * 表中公司字段名称
     */
    String value() default "company_id";
 }
--- a/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/annotation/DeptColumn.java
+++ b/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/annotation/DeptColumn.java
@@ -0,0 +1,23 @@
 package com.zt.plat.framework.mybatis.core.annotation;
 import java.lang.annotation.ElementType;
 import java.lang.annotation.Inherited;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;
 /**
 * 标记业务实体对应表中的部门字段名称，默认 dept_id。
 *
 * @author chenbow
 */
@Target(ElementType.TYPE)
@Retention(RetentionPolicy.RUNTIME)
@Inherited
 public @interface DeptColumn {
    /**
     * 表中部门字段名称
     */
    String value() default "dept_id";
 }
--- a/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/dataobject/BusinessBaseDO.java
+++ b/zt-framework/zt-spring-boot-starter-mybatis/src/main/java/com/zt/plat/framework/mybatis/core/dataobject/BusinessBaseDO.java
@@ -2,6 +2,8 @@ package com.zt.plat.framework.mybatis.core.dataobject;
 import com.baomidou.mybatisplus.annotation.FieldFill;
 import com.baomidou.mybatisplus.annotation.TableField;
 import com.zt.plat.framework.mybatis.core.annotation.CompanyColumn;
 import com.zt.plat.framework.mybatis.core.annotation.DeptColumn;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import org.apache.ibatis.type.JdbcType;
@@ -13,6 +15,8 @@ import java.util.List;
 */
@Data
@EqualsAndHashCode(callSuper = true)
@CompanyColumn
@DeptColumn
 public class BusinessBaseDO extends BaseDO {
    /** 公司编号  */
--- a/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/core/ApiGatewayAccessLogger.java
+++ b/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/core/ApiGatewayAccessLogger.java
--- a/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/core/ApiGatewayRequestMapper.java
+++ b/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/core/ApiGatewayRequestMapper.java
@@ -3,6 +3,7 @@ package com.zt.plat.module.databus.framework.integration.gateway.core;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.zt.plat.module.databus.framework.integration.config.ApiGatewayProperties;
 import com.zt.plat.module.databus.framework.integration.gateway.model.ApiInvocationContext;
 import com.zt.plat.module.databus.framework.integration.gateway.core.ApiGatewayAccessLogger;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpHeaders;
@@ -90,6 +91,7 @@ public class ApiGatewayRequestMapper {
        });
        context.setUserAgent(GatewayHeaderUtils.findFirstHeaderValue(context.getRequestHeaders(), HttpHeaders.USER_AGENT));
        context.setClientIp(resolveClientIp(headers, context.getRequestHeaders()));
        captureAccessLogId(context);
        populateQueryParams(headers, context, originalRequestUri);
        if (properties.isEnableTenantHeader()) {
            Object tenantHeaderValue = context.getRequestHeaders().get(properties.getTenantHeader());
@@ -114,6 +116,21 @@ public class ApiGatewayRequestMapper {
        return context;
    }
    private void captureAccessLogId(ApiInvocationContext context) {
        String headerValue = GatewayHeaderUtils.findFirstHeaderValue(context.getRequestHeaders(), ApiGatewayAccessLogger.HEADER_ACCESS_LOG_ID);
        if (!StringUtils.hasText(headerValue)) {
            return;
        }
        try {
            Long logId = Long.valueOf(headerValue);
            context.getAttributes().put(ApiGatewayAccessLogger.ATTR_LOG_ID, logId);
        } catch (NumberFormatException ex) {
            // 忽略格式问题，仅在属性中保留原文以便排查
            context.getAttributes().put(ApiGatewayAccessLogger.ATTR_LOG_ID, headerValue);
        }
        context.getRequestHeaders().remove(ApiGatewayAccessLogger.HEADER_ACCESS_LOG_ID);
    }
    private boolean isInternalHeader(String headerName) {
        if (!StringUtils.hasText(headerName)) {
            return true;
--- a/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/security/GatewaySecurityFilter.java
+++ b/zt-module-databus/zt-module-databus-server/src/main/java/com/zt/plat/module/databus/framework/integration/gateway/security/GatewaySecurityFilter.java
@@ -13,6 +13,7 @@ import com.zt.plat.framework.tenant.core.context.TenantContextHolder;
 import com.zt.plat.framework.web.core.util.WebFrameworkUtils;
 import com.zt.plat.module.databus.dal.dataobject.gateway.ApiClientCredentialDO;
 import com.zt.plat.module.databus.framework.integration.config.ApiGatewayProperties;
 import com.zt.plat.module.databus.framework.integration.gateway.core.ApiGatewayAccessLogger;
 import com.zt.plat.module.databus.framework.integration.gateway.model.ApiGatewayResponse;
 import com.zt.plat.module.databus.service.gateway.ApiAnonymousUserService;
 import com.zt.plat.module.databus.service.gateway.ApiClientCredentialService;
@@ -56,6 +57,7 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
    private final ApiClientCredentialService credentialService;
    private final ApiAnonymousUserService anonymousUserService;
    private final ObjectMapper objectMapper;
    private final ApiGatewayAccessLogger accessLogger;
    private final AntPathMatcher pathMatcher = new AntPathMatcher();
    private static final TypeReference<Map<String, Object>> MAP_TYPE = new TypeReference<>() {};
@@ -72,18 +74,24 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
            filterChain.doFilter(request, response);
            return;
        }
        Long accessLogId = accessLogger.logEntrance(request);
        // 校验访问 IP 是否落在允许范围内
        if (!isIpAllowed(request)) {
            log.warn("[API-PORTAL] 拦截来自 IP {} 访问 {} 的请求", request.getRemoteAddr(), pathWithinApplication);
            response.sendError(HttpStatus.FORBIDDEN.value(), "IP 禁止访问");
            accessLogger.finalizeEarly(request, HttpStatus.FORBIDDEN.value(), "IP 禁止访问");
            return;
        }
        ApiGatewayProperties.Security security = properties.getSecurity();
        ApiClientCredentialDO credential = null;
        if (!security.isEnabled()) {
-            filterChain.doFilter(request, response);
+            byte[] originalBody = StreamUtils.copyToByteArray(request.getInputStream());
            CachedBodyHttpServletRequest passthroughRequest = new CachedBodyHttpServletRequest(request, originalBody);
            ApiGatewayAccessLogger.propagateLogIdHeader(passthroughRequest, accessLogId);
            filterChain.doFilter(passthroughRequest, response);
            return;
        }
        boolean dispatchedToGateway = false;
        try {
            Long tenantId = resolveTenantId(request);
            // 从请求头解析 appId 并加载客户端凭证，包含匿名访问配置
@@ -118,6 +126,7 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
            // 使用可重复读取的请求包装，供后续过滤器继续消费
            CachedBodyHttpServletRequest securedRequest = new CachedBodyHttpServletRequest(request, decryptedBody);
            ApiGatewayAccessLogger.propagateLogIdHeader(securedRequest, accessLogId);
            if (StringUtils.hasText(request.getCharacterEncoding())) {
                securedRequest.setCharacterEncoding(request.getCharacterEncoding());
            }
@@ -129,6 +138,7 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
            ContentCachingResponseWrapper responseWrapper = new ContentCachingResponseWrapper(response);
            try {
                filterChain.doFilter(securedRequest, responseWrapper);
                dispatchedToGateway = true;
                encryptResponse(responseWrapper, credential, security);
            } finally {
                responseWrapper.copyBodyToResponse();
@@ -136,9 +146,15 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
        } catch (SecurityValidationException ex) {
            log.warn("[API-PORTAL] 安全校验失败: {}", ex.getMessage());
            writeErrorResponse(response, security, credential, ex.status(), ex.getMessage());
            if (!dispatchedToGateway) {
                accessLogger.finalizeEarly(request, ex.status().value(), ex.getMessage());
            }
        } catch (Exception ex) {
            log.error("[API-PORTAL] 处理安全校验时出现异常", ex);
            writeErrorResponse(response, security, credential, HttpStatus.INTERNAL_SERVER_ERROR, "网关安全校验失败");
            if (!dispatchedToGateway) {
                accessLogger.finalizeEarly(request, HttpStatus.INTERNAL_SERVER_ERROR.value(), "网关安全校验失败");
            }
        }
    }
--- a/zt-module-infra/zt-module-infra-server/src/main/java/com/zt/plat/module/infra/dal/dataobject/logger/ApiErrorLogDO.java
+++ b/zt-module-infra/zt-module-infra-server/src/main/java/com/zt/plat/module/infra/dal/dataobject/logger/ApiErrorLogDO.java
@@ -26,11 +26,76 @@ import java.time.LocalDateTime;
@KeySequence(value = "infra_api_error_log_seq")
 public class ApiErrorLogDO extends BaseDO {
    /**
     * {@link #traceId} 的最大长度
     */
    public static final Integer TRACE_ID_MAX_LENGTH = 64;
    /**
     * {@link #applicationName} 的最大长度
     */
    public static final Integer APPLICATION_NAME_MAX_LENGTH = 50;
    /**
     * {@link #requestMethod} 的最大长度
     */
    public static final Integer REQUEST_METHOD_MAX_LENGTH = 16;
    /**
     * {@link #requestUrl} 的最大长度
     */
    public static final Integer REQUEST_URL_MAX_LENGTH = 255;
    /**
     * {@link #requestParams} 的最大长度
     */
    public static final Integer REQUEST_PARAMS_MAX_LENGTH = 8000;
    /**
     * {@link #userIp} 的最大长度
     */
    public static final Integer USER_IP_MAX_LENGTH = 50;
    /**
     * {@link #userAgent} 的最大长度
     */
    public static final Integer USER_AGENT_MAX_LENGTH = 512;
    /**
     * {@link #exceptionName} 的最大长度
     */
    public static final Integer EXCEPTION_NAME_MAX_LENGTH = 128;
    /**
     * {@link #exceptionClassName} 的最大长度
     */
    public static final Integer EXCEPTION_CLASS_NAME_MAX_LENGTH = 512;
    /**
     * {@link #exceptionFileName} 的最大长度
     */
    public static final Integer EXCEPTION_FILE_NAME_MAX_LENGTH = 512;
    /**
     * {@link #exceptionMethodName} 的最大长度
     */
    public static final Integer EXCEPTION_METHOD_NAME_MAX_LENGTH = 512;
    /**
     * {@link #exceptionMessage} 的最大长度
     */
    public static final Integer EXCEPTION_MESSAGE_MAX_LENGTH = 4000;
    /**
     * {@link #exceptionRootCauseMessage} 的最大长度
     */
    public static final Integer EXCEPTION_ROOT_CAUSE_MESSAGE_MAX_LENGTH = 4000;
    /**
     * {@link #exceptionStackTrace} 的最大长度
     */
    public static final Integer EXCEPTION_STACK_TRACE_MAX_LENGTH = 8000;
    /**
     * 编号
     */
--- a/Show More
+++ b/Show More