From f8ab5663ef7220f8adc0fd8fcbd7d0cf84c6d77d Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期一, 02 八月 2021 12:15:14 +0800
Subject: [PATCH] update 日常字符串校验 统一重构到 StringUtils 便于维护扩展
---
ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java | 103 ++++++++++++++++++++-------------------------------
1 files changed, 41 insertions(+), 62 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java
index f02b6d3..a54333e 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java
@@ -1,25 +1,22 @@
package com.ruoyi.web.controller.common;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.multipart.MultipartFile;
+import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.config.RuoYiConfig;
import com.ruoyi.common.constant.Constants;
-import com.ruoyi.common.core.domain.AjaxResult;
-import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.common.utils.file.FileUploadUtils;
import com.ruoyi.common.utils.file.FileUtils;
-import com.ruoyi.framework.config.ServerConfig;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.File;
/**
* 閫氱敤璇锋眰澶勭悊
- *
+ *
* @author ruoyi
*/
@RestController
@@ -27,12 +24,9 @@
{
private static final Logger log = LoggerFactory.getLogger(CommonController.class);
- @Autowired
- private ServerConfig serverConfig;
-
/**
* 閫氱敤涓嬭浇璇锋眰
- *
+ *
* @param fileName 鏂囦欢鍚嶇О
* @param delete 鏄惁鍒犻櫎
*/
@@ -41,21 +35,19 @@
{
try
{
- if (!FileUtils.isValidFilename(fileName))
+ if (!FileUtils.checkAllowDownload(fileName))
{
throw new Exception(StringUtils.format("鏂囦欢鍚嶇О({})闈炴硶锛屼笉鍏佽涓嬭浇銆� ", fileName));
}
String realFileName = System.currentTimeMillis() + fileName.substring(fileName.indexOf("_") + 1);
String filePath = RuoYiConfig.getDownloadPath() + fileName;
-
- response.setCharacterEncoding("utf-8");
- response.setContentType("multipart/form-data");
- response.setHeader("Content-Disposition",
- "attachment;fileName=" + FileUtils.setFileDownloadHeader(request, realFileName));
- FileUtils.writeBytes(filePath, response.getOutputStream());
+ File file = new File(filePath);
+ response.setContentType(MediaType.APPLICATION_OCTET_STREAM_VALUE);
+ FileUtils.setAttachmentResponseHeader(response, realFileName);
+ FileUtils.writeToStream(file, response.getOutputStream());
if (delete)
{
- FileUtils.deleteFile(filePath);
+ FileUtils.del(file);
}
}
catch (Exception e)
@@ -65,45 +57,32 @@
}
/**
- * 閫氱敤涓婁紶璇锋眰
- */
- @PostMapping("/common/upload")
- public AjaxResult uploadFile(MultipartFile file) throws Exception
- {
- try
- {
- // 涓婁紶鏂囦欢璺緞
- String filePath = RuoYiConfig.getUploadPath();
- // 涓婁紶骞惰繑鍥炴柊鏂囦欢鍚嶇О
- String fileName = FileUploadUtils.upload(filePath, file);
- String url = serverConfig.getUrl() + fileName;
- AjaxResult ajax = AjaxResult.success();
- ajax.put("fileName", fileName);
- ajax.put("url", url);
- return ajax;
- }
- catch (Exception e)
- {
- return AjaxResult.error(e.getMessage());
- }
- }
-
- /**
* 鏈湴璧勬簮閫氱敤涓嬭浇
*/
@GetMapping("/common/download/resource")
- public void resourceDownload(String name, HttpServletRequest request, HttpServletResponse response) throws Exception
+ public void resourceDownload(String resource, HttpServletRequest request, HttpServletResponse response)
+ throws Exception
{
- // 鏈湴璧勬簮璺緞
- String localPath = RuoYiConfig.getProfile();
- // 鏁版嵁搴撹祫婧愬湴鍧�
- String downloadPath = localPath + StringUtils.substringAfter(name, Constants.RESOURCE_PREFIX);
- // 涓嬭浇鍚嶇О
- String downloadName = StringUtils.substringAfterLast(downloadPath, "/");
- response.setCharacterEncoding("utf-8");
- response.setContentType("multipart/form-data");
- response.setHeader("Content-Disposition",
- "attachment;fileName=" + FileUtils.setFileDownloadHeader(request, downloadName));
- FileUtils.writeBytes(downloadPath, response.getOutputStream());
+ try
+ {
+ if (!FileUtils.checkAllowDownload(resource))
+ {
+ throw new Exception(StringUtils.format("璧勬簮鏂囦欢({})闈炴硶锛屼笉鍏佽涓嬭浇銆� ", resource));
+ }
+ // 鏈湴璧勬簮璺緞
+ String localPath = RuoYiConfig.getProfile();
+ // 鏁版嵁搴撹祫婧愬湴鍧�
+ String downloadPath = localPath + StringUtils.subAfter(resource, Constants.RESOURCE_PREFIX,false);
+ // 涓嬭浇鍚嶇О
+ String downloadName = StringUtils.subAfter(downloadPath, "/",true);
+ response.setContentType(MediaType.APPLICATION_OCTET_STREAM_VALUE);
+ File file = new File(downloadPath);
+ FileUtils.setAttachmentResponseHeader(response, downloadName);
+ FileUtils.writeToStream(file, response.getOutputStream());
+ }
+ catch (Exception e)
+ {
+ log.error("涓嬭浇鏂囦欢澶辫触", e);
+ }
}
}
--
Gitblit v1.9.3