ak/file
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

perf(参数校验): 文件名合法性校验,图像预览优化

Browse Source
This commit is contained in:
MAC 2021-09-08 22:24:09 +08:00
parent 1d39d69f9d
commit 2e0aeb31e2
10 changed files with 51 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pom.xml
View File

@ -6,7 +6,7 @@
<parent>
<groupId>com.qiwenshare</groupId>
<artifactId>qiwenshare</artifactId>
<version>1.0.9</version>
<version>1.0.10</version>
</parent>
<artifactId>qiwen-file</artifactId>

12
src/main/java/com/qiwenshare/file/advice/GlobalExceptionHandlerAdvice.java
View File

@ -7,6 +7,7 @@ import com.qiwenshare.common.result.ResultCodeEnum;
import com.qiwenshare.ufop.exception.UploadException;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.MethodArgumentNotValidException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;
@ -69,6 +70,17 @@ public class GlobalExceptionHandlerAdvice {
return RestResult.setResult(ResultCodeEnum.NOT_LOGIN_ERROR);
}
/**
* 方法参数校验
*/
@ExceptionHandler(MethodArgumentNotValidException.class)
@ResponseBody
@ResponseStatus(HttpStatus.BAD_REQUEST)
public RestResult handleMethodArgumentNotValidException(MethodArgumentNotValidException e) {
log.error(e.getMessage(), e);
return RestResult.setResult(ResultCodeEnum.PARAM_ERROR).message(e.getBindingResult().getFieldError().getDefaultMessage());
}
/**-------- 自定义定异常处理方法 --------**/
@ExceptionHandler(QiwenException.class)

4
src/main/java/com/qiwenshare/file/component/UserDealComp.java
View File

@ -1,6 +1,7 @@
package com.qiwenshare.file.component;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.qiwenshare.common.constant.RegexConstant;
import com.qiwenshare.file.domain.UserBean;
import com.qiwenshare.file.mapper.UserMapper;
import org.springframework.stereotype.Component;
@ -51,8 +52,7 @@ public class UserDealComp {
}
public Boolean isPhoneFormatRight(String phone){
String regex = "^1\\d{10}";
boolean isRight = Pattern.matches(regex, phone);
boolean isRight = Pattern.matches(RegexConstant.PASSWORD_REGEX, phone);
return isRight;
}
}

3
src/main/java/com/qiwenshare/file/controller/FileController.java
View File

@ -40,6 +40,7 @@ import org.springframework.data.elasticsearch.core.query.NativeSearchQueryBuilde
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import javax.validation.Valid;
import java.util.*;
@Tag(name = "file", description = "该接口为文件接口,主要用来做一些文件的基本操作,如创建目录,删除,移动,复制等。")
@ -67,7 +68,7 @@ public class FileController {
@RequestMapping(value = "/createfile", method = RequestMethod.POST)
@MyLog(operation = "创建文件", module = CURRENT_MODULE)
@ResponseBody
public RestResult<String> createFile(@RequestBody CreateFileDTO createFileDto) {
public RestResult<String> createFile(@Valid @RequestBody CreateFileDTO createFileDto) {
UserBean sessionUserBean = (UserBean) SessionUtil.getSession();

3
src/main/java/com/qiwenshare/file/controller/UserController.java
View File

@ -18,6 +18,7 @@ import org.apache.shiro.crypto.hash.SimpleHash;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import javax.validation.Valid;
import java.util.HashMap;
import java.util.Map;
@ -42,7 +43,7 @@ public class UserController {
@PostMapping(value = "/register")
@MyLog(operation = "用户注册", module = CURRENT_MODULE)
@ResponseBody
public RestResult<String> addUser(@RequestBody RegisterDTO registerDTO) {
public RestResult<String> addUser(@Valid @RequestBody RegisterDTO registerDTO) {
RestResult<String> restResult = null;
UserBean userBean = new UserBean();
BeanUtil.copyProperties(registerDTO, userBean);

7
src/main/java/com/qiwenshare/file/dto/file/BatchDeleteFileDTO.java
View File

@ -3,12 +3,17 @@ package com.qiwenshare.file.dto.file;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import java.util.regex.Pattern;
@Data
@Schema(name = "批量删除文件DTO",required = true)
public class BatchDeleteFileDTO {
@Schema(description="文件集合", required = true)
private String files;
public static void main(String[] args) {
boolean ddd = Pattern.matches("(?!((^(con)$)|^(con)/..*|(^(prn)$)|^(prn)/..*|(^(aux)$)|^(aux)/..*|(^(nul)$)|^(nul)/..*|(^(com)[1-9]$)|^(com)[1-9]/..*|(^(lpt)[1-9]$)|^(lpt)[1-9]/..*)|^/s+|.*/s$)(^[^/////:/*/?/\"/</>/|]{1,255}$)", "con1");
System.out.println(ddd);
}
}

8
src/main/java/com/qiwenshare/file/dto/file/CreateFileDTO.java
View File

@ -1,13 +1,21 @@
package com.qiwenshare.file.dto.file;
import com.qiwenshare.common.constant.RegexConstant;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.Pattern;
@Data
@Schema(name = "创建文件DTO",required = true)
public class CreateFileDTO {
@Schema(description="文件名", required=true)
@NotBlank(message = "文件名不能为空")
@Pattern(regexp = RegexConstant.FILE_NAME_REGEX, message = "文件名不合法!")
private String fileName;
@Schema(description="文件路径", required=true)
private String filePath;
}

20
src/main/java/com/qiwenshare/file/dto/user/RegisterDTO.java
View File

@ -1,15 +1,29 @@
package com.qiwenshare.file.dto.user;
import com.qiwenshare.common.constant.RegexConstant;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.Pattern;
import javax.validation.constraints.Size;
@Data
@Schema(name = "用户注册DTO",required = true)
public class RegisterDTO {
@Schema(description = "用户名")
@Schema(description = "用户名", required = true, example = "奇文网盘")
@NotBlank(message = "用户名不能为空")
@Size(min = 1, max = 20, message = "用户名最少1位最多20位")
private String username;
@Schema(description = "手机号")
@Schema(description = "手机号", required = true, example = "13911112222")
@NotBlank(message = "手机号不能为空")
@Pattern(regexp = RegexConstant.PHONE_REGEX, message = "手机号码输入有误")
private String telephone;
@Schema(description = "密码")
@Schema(description = "密码", required = true, example = "password123")
@NotBlank(message = "密码不能为空")
@Pattern(regexp = RegexConstant.PASSWORD_REGEX, message = "密码长度6-20位,不允许中文")
private String password;
}

2
src/main/java/com/qiwenshare/file/service/FiletransferService.java
View File

@ -208,7 +208,7 @@ public class FiletransferService implements IFiletransferService {
FileBean fileBean = fileMapper.selectById(userFile1.getFileId());
Downloader downloader = ufopFactory.getDownloader(fileBean.getStorageType());
if (downloader == null) {
log.error("下载失败文件存储类型不支持下载storageType:{}, isOSS:{}", fileBean.getStorageType());
log.error("下载失败文件存储类型不支持下载storageType:{}", fileBean.getStorageType());
throw new UploadException("下载失败");
}
DownloadFile downloadFile = new DownloadFile();

10
src/main/java/com/qiwenshare/file/service/UserService.java
View File

@ -110,17 +110,7 @@ public class UserService extends ServiceImpl<UserMapper, UserBean> implements IU
// return restResult;
// }
UserController.verificationCodeMap.remove(telephone);
if (userBean.getTelephone() == null || "".equals(userBean.getTelephone())){
return RestResult.fail().message("用户名不能为空!");
}
if (userBean.getPassword() == null || "".equals(userBean.getPassword())){
return RestResult.fail().message("密码不能为空!");
}
if (userBean.getUsername() == null || "".equals(userBean.getUsername())){
return RestResult.fail().message("用户名不能为空!");
}
if (userDealComp.isUserNameExit(userBean)) {
return RestResult.fail().message("用户名已存在!");
}