refactor: 新增演示环境控制，免责声明

DataRoom/dataroom-core/src/main/java/com/gccloud/dataroom/core/config/DataRoomConfig.java

@@ -1,5 +1,6 @@
 package com.gccloud.dataroom.core.config;
 
+import com.gccloud.dataroom.core.config.bean.DemoEnv;
 import com.gccloud.dataroom.core.config.bean.FileConfig;
 import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
@@ -23,4 +24,9 @@ public class DataRoomConfig {
      */
     @NestedConfigurationProperty
     private FileConfig file = new FileConfig();
+    /**
+     * 演示环境
+     */
+    @NestedConfigurationProperty
+    private DemoEnv demoEnv = new DemoEnv();
 }

DataRoom/dataroom-core/src/main/java/com/gccloud/dataroom/core/config/bean/DemoEnv.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright 2023 http://gcpaas.gccloud.com
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gccloud.dataroom.core.config.bean;
+
+import com.google.common.collect.Sets;
+import lombok.Data;
+
+import java.util.Set;
+
+/**
+ * 演示环境配置
+ *
+ * @author liuchengbiao
+ * @date 2021/7/28 5:34 下午
+ */
+@Data
+public class DemoEnv {
+    /**
+     * 是否是演示环境
+     */
+    private Boolean enable = false;
+    /**
+     * 非法请求警告提示
+     */
+    private String tip = "演示环境,不允许操作";
+    /**
+     * post请求过滤URL
+     */
+    private Set<String> postUrlPassSet = Sets.newHashSet();
+    /**
+     * put请求过滤URL
+     */
+    private Set<String> putUrlPassSet = Sets.newHashSet();
+    /**
+     * delete请求过滤URL
+     */
+    private Set<String> deleteUrlPassSet = Sets.newHashSet();
+    /**
+     * 以该URL开头的都过滤掉
+     */
+    private Set<String> startWithUrlPassSet = Sets.newHashSet();
+}

DataRoom/dataroom-core/src/main/java/com/gccloud/dataroom/core/filter/DemoEnvFilter.java

@@ -0,0 +1,89 @@
+package com.gccloud.dataroom.core.filter;
+
+import com.baomidou.mybatisplus.core.config.GlobalConfig;
+import com.gccloud.common.vo.R;
+import com.gccloud.dataroom.core.config.DataRoomConfig;
+import com.gccloud.dataroom.core.config.bean.DemoEnv;
+import com.google.common.collect.Sets;
+import com.google.gson.Gson;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import javax.annotation.PostConstruct;
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Set;
+
+/**
+ * 演示环境
+ *
+ * @author liuchengbiao
+ * @date 2021年07月28日17:31:33
+ */
+@Order(2)
+@Component
+@Slf4j
+@ConditionalOnProperty(prefix = "gc.starter.demoEnv", name = "enable", havingValue = "true")
+public class DemoEnvFilter implements Filter {
+
+    @Resource
+    private DataRoomConfig dataRoomConfig;
+
+    /**
+     * 系统默认的post请求放行接口
+     */
+    private static final Set<String> POST_URL_PASS_SET = Sets.newHashSet(
+            "/dataroom/design",
+            "/dataroom/file",
+            "/datasource/"
+    );
+
+
+    @PostConstruct
+    public void init() {
+        log.info("启动演示环境过滤器，用于保证演示环境的稳定性，仅允许指定的一些接口请求访问，可通过gc.starter.demoEnv.enable 设置是否禁用");
+    }
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        HttpServletRequest request = (HttpServletRequest) servletRequest;
+        String method = request.getMethod();
+        if (StringUtils.equalsAnyIgnoreCase(RequestMethod.GET.toString(), method)
+                || StringUtils.equalsAnyIgnoreCase(RequestMethod.OPTIONS.toString(), method)) {
+            filterChain.doFilter(servletRequest, servletResponse);
+            return;
+        }
+        String uri = request.getServletPath();
+        DemoEnv demoEnv = dataRoomConfig.getDemoEnv();
+        for (String startWithUrl : demoEnv.getStartWithUrlPassSet()) {
+            if (uri.startsWith(startWithUrl)) {
+                filterChain.doFilter(servletRequest, servletResponse);
+                return;
+            }
+        }
+        if (StringUtils.equalsAnyIgnoreCase(RequestMethod.POST.toString(), method) && (demoEnv.getPostUrlPassSet().contains(uri) || POST_URL_PASS_SET.contains(uri))) {
+            filterChain.doFilter(servletRequest, servletResponse);
+            return;
+        } else if (StringUtils.equalsAnyIgnoreCase(RequestMethod.PUT.toString(), method) && demoEnv.getPutUrlPassSet().contains(uri)) {
+            filterChain.doFilter(servletRequest, servletResponse);
+            return;
+        } else if (StringUtils.equalsAnyIgnoreCase(RequestMethod.DELETE.toString(), method) && (demoEnv.getDeleteUrlPassSet().contains(uri))) {
+            filterChain.doFilter(servletRequest, servletResponse);
+            return;
+        }
+        log.error("演示环境，不允许发送 {} 的 {} 请求", uri, request.getMethod());
+        HttpServletResponse response = (HttpServletResponse) servletResponse;
+        response.setHeader("Access-Control-Allow-Credentials", "true");
+        response.setContentType("application/json;charset=UTF-8");
+        response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
+        String json = new Gson().toJson(R.error(500, demoEnv.getTip()));
+        response.getWriter().print(json);
+    }
+}

DataRoom/dataroom-core/src/main/java/com/gccloud/dataroom/core/module/openSource/OpenSourceController.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright 2023 http://gcpaas.gccloud.com
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gccloud.dataroom.core.module.openSource;
+
+import com.gccloud.common.vo.R;
+import com.gccloud.dataroom.core.module.biz.component.controller.BizComponentController;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.ApiSort;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.exception.ExceptionUtils;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.io.InputStream;
+import java.nio.charset.Charset;
+
+/**
+ * @author liuchengbiao
+ */
+@Slf4j
+@RestController
+@RequestMapping("/dataroom/opensource")
+@Api(tags = "开源")
+@ApiSort(value = 100)
+public class OpenSourceController {
+
+    @GetMapping("/disclaimer")
+    @ApiOperation(value = "免责申明", notes = "免责申明", produces = MediaType.APPLICATION_JSON_VALUE)
+    public R<String> disclaimer() {
+        try (InputStream is = OpenSourceController.class.getClassLoader().getResourceAsStream("disclaimer.html")) {
+            String content = IOUtils.toString(is, "utf-8");
+            return R.success(content);
+        } catch (Exception e) {
+            log.error(ExceptionUtils.getStackTrace(e));
+        }
+        return R.error("免责申明获取失败");
+    }
+}