perf(参数校验): 文件名合法性校验，图像预览优化

pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.qiwenshare</groupId>
         <artifactId>qiwenshare</artifactId>
-        <version>1.0.9</version>
+        <version>1.0.10</version>
     </parent>
 
     <artifactId>qiwen-file</artifactId>

src/main/java/com/qiwenshare/file/advice/GlobalExceptionHandlerAdvice.java

@@ -7,6 +7,7 @@ import com.qiwenshare.common.result.ResultCodeEnum;
 import com.qiwenshare.ufop.exception.UploadException;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.ResponseBody;
@@ -69,6 +70,17 @@ public class GlobalExceptionHandlerAdvice {
         return RestResult.setResult(ResultCodeEnum.NOT_LOGIN_ERROR);
     }
 
+    /**
+     * 方法参数校验
+     */
+    @ExceptionHandler(MethodArgumentNotValidException.class)
+    @ResponseBody
+    @ResponseStatus(HttpStatus.BAD_REQUEST)
+    public RestResult handleMethodArgumentNotValidException(MethodArgumentNotValidException e) {
+        log.error(e.getMessage(), e);
+        return RestResult.setResult(ResultCodeEnum.PARAM_ERROR).message(e.getBindingResult().getFieldError().getDefaultMessage());
+    }
+
 
     /**-------- 自定义定异常处理方法 --------**/
     @ExceptionHandler(QiwenException.class)

src/main/java/com/qiwenshare/file/component/UserDealComp.java

@@ -1,6 +1,7 @@
 package com.qiwenshare.file.component;
 
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.qiwenshare.common.constant.RegexConstant;
 import com.qiwenshare.file.domain.UserBean;
 import com.qiwenshare.file.mapper.UserMapper;
 import org.springframework.stereotype.Component;
@@ -51,8 +52,7 @@ public class UserDealComp {
     }
 
     public Boolean isPhoneFormatRight(String phone){
-        String regex = "^1\\d{10}";
+        boolean isRight = Pattern.matches(RegexConstant.PASSWORD_REGEX, phone);
-        boolean isRight = Pattern.matches(regex, phone);
         return isRight;
     }
 }

src/main/java/com/qiwenshare/file/controller/FileController.java

@@ -40,6 +40,7 @@ import org.springframework.data.elasticsearch.core.query.NativeSearchQueryBuilde
 import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
+import javax.validation.Valid;
 import java.util.*;
 
 @Tag(name = "file", description = "该接口为文件接口，主要用来做一些文件的基本操作，如创建目录，删除，移动，复制等。")
@@ -67,7 +68,7 @@ public class FileController {
     @RequestMapping(value = "/createfile", method = RequestMethod.POST)
     @MyLog(operation = "创建文件", module = CURRENT_MODULE)
     @ResponseBody
-    public RestResult<String> createFile(@RequestBody CreateFileDTO createFileDto) {
+    public RestResult<String> createFile(@Valid @RequestBody CreateFileDTO createFileDto) {
 
         UserBean sessionUserBean = (UserBean) SessionUtil.getSession();
 

src/main/java/com/qiwenshare/file/controller/UserController.java

@@ -18,6 +18,7 @@ import org.apache.shiro.crypto.hash.SimpleHash;
 import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
+import javax.validation.Valid;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -42,7 +43,7 @@ public class UserController {
     @PostMapping(value = "/register")
     @MyLog(operation = "用户注册", module = CURRENT_MODULE)
     @ResponseBody
-    public RestResult<String> addUser(@RequestBody RegisterDTO registerDTO) {
+    public RestResult<String> addUser(@Valid @RequestBody RegisterDTO registerDTO) {
         RestResult<String> restResult = null;
         UserBean userBean = new UserBean();
         BeanUtil.copyProperties(registerDTO, userBean);

src/main/java/com/qiwenshare/file/dto/file/BatchDeleteFileDTO.java

@@ -3,12 +3,17 @@ package com.qiwenshare.file.dto.file;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 
+import java.util.regex.Pattern;
+
 @Data
 @Schema(name = "批量删除文件DTO",required = true)
 public class BatchDeleteFileDTO {
     @Schema(description="文件集合", required = true)
     private String files;
 
-
+    public static void main(String[] args) {
+        boolean ddd = Pattern.matches("(?!((^(con)$)|^(con)/..*|(^(prn)$)|^(prn)/..*|(^(aux)$)|^(aux)/..*|(^(nul)$)|^(nul)/..*|(^(com)[1-9]$)|^(com)[1-9]/..*|(^(lpt)[1-9]$)|^(lpt)[1-9]/..*)|^/s+|.*/s$)(^[^/////:/*/?/\"/</>/|]{1,255}$)", "con1");
+        System.out.println(ddd);
+    }
 
 }

src/main/java/com/qiwenshare/file/dto/file/CreateFileDTO.java

@@ -1,13 +1,21 @@
 package com.qiwenshare.file.dto.file;
 
+import com.qiwenshare.common.constant.RegexConstant;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.Pattern;
+
 @Data
 @Schema(name = "创建文件DTO",required = true)
 public class CreateFileDTO {
     @Schema(description="文件名", required=true)
+    @NotBlank(message = "文件名不能为空")
+    @Pattern(regexp = RegexConstant.FILE_NAME_REGEX, message = "文件名不合法！")
     private String fileName;
     @Schema(description="文件路径", required=true)
     private String filePath;
+
 }

src/main/java/com/qiwenshare/file/dto/user/RegisterDTO.java

@@ -1,15 +1,29 @@
 package com.qiwenshare.file.dto.user;
 
+import com.qiwenshare.common.constant.RegexConstant;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
+import javax.validation.constraints.Size;
+
 @Data
 @Schema(name = "用户注册DTO",required = true)
 public class RegisterDTO {
-    @Schema(description = "用户名")
+
+    @Schema(description = "用户名", required = true, example = "奇文网盘")
+    @NotBlank(message = "用户名不能为空")
+    @Size(min = 1, max = 20, message = "用户名最少1位，最多20位")
     private String username;
-    @Schema(description = "手机号")
+
+    @Schema(description = "手机号", required = true, example = "13911112222")
+    @NotBlank(message = "手机号不能为空")
+    @Pattern(regexp = RegexConstant.PHONE_REGEX, message = "手机号码输入有误")
     private String telephone;
-    @Schema(description = "密码")
+
+    @Schema(description = "密码", required = true, example = "password123")
+    @NotBlank(message = "密码不能为空")
+    @Pattern(regexp = RegexConstant.PASSWORD_REGEX, message = "密码长度6-20位,不允许中文")
     private String password;
 }

src/main/java/com/qiwenshare/file/service/FiletransferService.java

@@ -208,7 +208,7 @@ public class FiletransferService implements IFiletransferService {
                     FileBean fileBean = fileMapper.selectById(userFile1.getFileId());
                     Downloader downloader = ufopFactory.getDownloader(fileBean.getStorageType());
                     if (downloader == null) {
-                        log.error("下载失败，文件存储类型不支持下载，storageType:{}, isOSS:{}", fileBean.getStorageType());
+                        log.error("下载失败，文件存储类型不支持下载，storageType:{}", fileBean.getStorageType());
                         throw new UploadException("下载失败");
                     }
                     DownloadFile downloadFile = new DownloadFile();

src/main/java/com/qiwenshare/file/service/UserService.java

@@ -110,17 +110,7 @@ public class UserService extends ServiceImpl<UserMapper, UserBean> implements IU
 //            return restResult;
 //        }
         UserController.verificationCodeMap.remove(telephone);
-        if (userBean.getTelephone() == null || "".equals(userBean.getTelephone())){
-            return RestResult.fail().message("用户名不能为空！");
-        }
-        if (userBean.getPassword() == null || "".equals(userBean.getPassword())){
-            return RestResult.fail().message("密码不能为空！");
 
-        }
-
-        if (userBean.getUsername() == null || "".equals(userBean.getUsername())){
-            return RestResult.fail().message("用户名不能为空！");
-        }
         if (userDealComp.isUserNameExit(userBean)) {
             return RestResult.fail().message("用户名已存在！");
         }