| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181 |
- /**
- * The MIT License (MIT)
- * Copyright (c) 2012-present 铭软科技(mingsoft.net)
- * Permission is hereby granted, free of charge, to any person obtaining a copy of
- * this software and associated documentation files (the "Software"), to deal in
- * the Software without restriction, including without limitation the rights to
- * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
- * the Software, and to permit persons to whom the Software is furnished to do so,
- * subject to the following conditions:
- * <p>
- * The above copyright notice and this permission notice shall be included in all
- * copies or substantial portions of the Software.
- * <p>
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
- * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
- * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
- * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- */
- package net.mingsoft.cms.aop;
- import cn.hutool.core.util.ObjectUtil;
- import cn.hutool.core.util.StrUtil;
- import net.mingsoft.base.entity.ResultData;
- import net.mingsoft.basic.aop.FileVerifyAop;
- import net.mingsoft.basic.bean.UploadConfigBean;
- import net.mingsoft.basic.util.BasicUtil;
- import net.mingsoft.basic.util.FileUtil;
- import net.mingsoft.basic.util.SpringUtil;
- import net.mingsoft.cms.bean.EditorStateBean;
- import org.apache.commons.codec.binary.Base64;
- import org.apache.commons.lang3.StringUtils;
- import org.aspectj.lang.ProceedingJoinPoint;
- import org.aspectj.lang.annotation.Around;
- import org.aspectj.lang.annotation.Aspect;
- import org.aspectj.lang.annotation.Pointcut;
- import org.springframework.stereotype.Component;
- import org.springframework.web.multipart.MultipartFile;
- import java.util.ArrayList;
- import java.util.List;
- /**
- * @author 铭软开发团队
- * @ClassName: EditorFileVerifyAop
- * @Description: 检测编辑器上传的文件是否合法
- * @date 2025年6月12日15:14:17
- */
- @Component
- @Aspect
- public class EditorFileVerifyAop extends FileVerifyAop {
- /**
- * 切入点
- */
- @Pointcut()
- public void uploadPointCut(){}
- /**
- * 后台上传文件的时候,将验证zip里的文件
- * @param joinPoint
- * @return
- * @throws Throwable
- */
- @Around("execution(* net.mingsoft.cms.action.EditorAction.editor(..)) ")
- public Object uploadAop(ProceedingJoinPoint joinPoint) throws Throwable {
- // 1. 获取请求操作
- String action = BasicUtil.getString("action");
- // 获取配置操作直接返回
- if (StrUtil.isBlank(action) || "config".equals(action)) {
- return joinPoint.proceed();
- }
- List<MultipartFile> files = this.getFiles(joinPoint);
- UploadConfigBean bean = new UploadConfigBean();
- // 会有抓取批量操作
- for (MultipartFile multipartFile : files) {
- bean = new UploadConfigBean();
- bean.setFile(multipartFile);
- ResultData resultData = prepareUpload(bean, false);
- if (!resultData.isSuccess()) {
- return new EditorStateBean(false, resultData.getMsg()).toString();
- }
- }
- return joinPoint.proceed();
- }
- /**
- * web上传文件的时候,将验证zip里的文件
- * @param joinPoint
- * @return
- * @throws Throwable
- */
- @Around("execution(* net.mingsoft.cms.action.web.EditorAction.editor(..))")
- public Object webUploadAop(ProceedingJoinPoint joinPoint) throws Throwable {
- // 1. 获取请求操作
- String action = BasicUtil.getString("action");
- // 获取配置操作直接返回
- if (StrUtil.isBlank(action) || "config".equals(action)) {
- return joinPoint.proceed();
- }
- List<MultipartFile> files = this.getFiles(joinPoint);
- UploadConfigBean bean = new UploadConfigBean();
- // 会有抓取批量操作
- for (MultipartFile multipartFile : files) {
- bean = new UploadConfigBean();
- bean.setFile(multipartFile);
- ResultData resultData = prepareUpload(bean, true);
- if (!resultData.isSuccess()) {
- return new EditorStateBean(false, resultData.getMsg()).toString();
- }
- }
- return joinPoint.proceed();
- }
- /**
- * 获取上传的文件数组,可能存在多个
- * @param pjp
- * @return
- * @throws Exception
- */
- private List<MultipartFile> getFiles(ProceedingJoinPoint pjp) throws Exception{
- // 1. 获取请求操作
- String action = BasicUtil.getString("action");
- List<MultipartFile> files = new ArrayList<>();
- MultipartFile file = null;
- // 判断当前编辑器什么操作
- switch (action) {
- case "uploadscrawl":
- // 上传涂鸦文件
- String base64 = SpringUtil.getRequest().getParameter("upfile");
- byte[] bytes = Base64.decodeBase64(base64);
- // 尝试从流中获取后缀地址
- file = FileUtil.bytesToMultipartFile(bytes, "png");
- if (ObjectUtil.isNull(file)) {
- files.add(file);
- }
- break;
- case "uploadimage":
- case "uploadvideo":
- case "uploadfile":
- // 上传文件
- Object[] args = pjp.getArgs();
- file = null;
- // TODO: 2025/6/12 通过getType无法获取file文件信息,所以改成这个方法获取文件信息
- for (Object arg : args) {
- if (arg instanceof MultipartFile) {
- file = (MultipartFile) arg;
- }
- }
- files.add(file);
- break;
- case "catchimage":
- // 抓取网络图片到本地
- // 获取图片地址
- String[] remotes = SpringUtil.getRequest().getParameterValues("source[]");
- for (String remote : remotes) {
- if (StringUtils.isBlank(remote)) {
- continue;
- }
- file = FileUtil.remoteUrlToMultipartFile(remote, "png");
- if (file == null) {
- continue;
- }
- files.add(file);
- }
- break;
- default:
- break;
- }
- return files;
- }
- }
|
