From 4470052c3b6bdeb18e45987f8aa293d1e93d0552 Mon Sep 17 00:00:00 2001
From: Ludc <2870569285@qq.com>
Date: 星期二, 18 十一月 2025 11:59:12 +0800
Subject: [PATCH] 所有文件上传接口增加文件安全校验逻辑。
---
Source/BladeX-Tool/blade-core-secure/src/main/java/org/springblade/core/secure/auth/AuthFun.java | 151 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 151 insertions(+), 0 deletions(-)
diff --git a/Source/BladeX-Tool/blade-core-secure/src/main/java/org/springblade/core/secure/auth/AuthFun.java b/Source/BladeX-Tool/blade-core-secure/src/main/java/org/springblade/core/secure/auth/AuthFun.java
new file mode 100644
index 0000000..c711386
--- /dev/null
+++ b/Source/BladeX-Tool/blade-core-secure/src/main/java/org/springblade/core/secure/auth/AuthFun.java
@@ -0,0 +1,151 @@
+/*
+ * Copyright (c) 2018-2028, Chill Zhuang All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * Neither the name of the dreamlu.net developer nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ * Author: Chill 搴勯獮 (smallchill@163.com)
+ */
+package org.springblade.core.secure.auth;
+
+import org.springblade.core.secure.BladeUser;
+import org.springblade.core.secure.handler.IPermissionHandler;
+import org.springblade.core.secure.utils.AuthUtil;
+import org.springblade.core.tool.constant.RoleConstant;
+import org.springblade.core.tool.utils.*;
+
+/**
+ * 鏉冮檺鍒ゆ柇
+ *
+ * @author Chill
+ */
+public class AuthFun {
+
+ /**
+ * 鏉冮檺鏍¢獙澶勭悊鍣�
+ */
+ private static IPermissionHandler permissionHandler;
+
+ private static IPermissionHandler getPermissionHandler() {
+ if (permissionHandler == null) {
+ permissionHandler = SpringUtil.getBean(IPermissionHandler.class);
+ }
+ return permissionHandler;
+ }
+
+ /**
+ * 鍒ゆ柇瑙掕壊鏄惁鍏锋湁鎺ュ彛鏉冮檺
+ *
+ * @return {boolean}
+ */
+ public boolean permissionAll() {
+ return getPermissionHandler().permissionAll();
+ }
+
+ /**
+ * 鍒ゆ柇瑙掕壊鏄惁鍏锋湁鎺ュ彛鏉冮檺
+ *
+ * @param permission 鏉冮檺缂栧彿
+ * @return {boolean}
+ */
+ public boolean hasPermission(String permission) {
+ return getPermissionHandler().hasPermission(permission);
+ }
+
+ /**
+ * 鏀捐鎵�鏈夎姹�
+ *
+ * @return {boolean}
+ */
+ public boolean permitAll() {
+ return true;
+ }
+
+ /**
+ * 鍙湁瓒呯瑙掕壊鎵嶅彲璁块棶
+ *
+ * @return {boolean}
+ */
+ public boolean denyAll() {
+ return hasRole(RoleConstant.ADMIN);
+ }
+
+ /**
+ * 鏄惁宸叉巿鏉�
+ *
+ * @return {boolean}
+ */
+ public boolean hasAuth() {
+ return Func.isNotEmpty(AuthUtil.getUser());
+ }
+
+ /**
+ * 鏄惁鏈夋椂闂存巿鏉�
+ *
+ * @param start 寮�濮嬫椂闂�
+ * @param end 缁撴潫鏃堕棿
+ * @return {boolean}
+ */
+ public boolean hasTimeAuth(Integer start, Integer end) {
+ Integer hour = DateUtil.hour();
+ return hour >= start && hour <= end;
+ }
+
+ /**
+ * 鍒ゆ柇鏄惁鏈夎瑙掕壊鏉冮檺
+ *
+ * @param role 鍗曡鑹�
+ * @return {boolean}
+ */
+ public boolean hasRole(String role) {
+ return hasAnyRole(role);
+ }
+
+ /**
+ * 鍒ゆ柇鏄惁鍏锋湁鎵�鏈夎鑹叉潈闄�
+ *
+ * @param role 瑙掕壊闆嗗悎
+ * @return {boolean}
+ */
+ public boolean hasAllRole(String... role) {
+ for (String r : role) {
+ if (!hasRole(r)) {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ /**
+ * 鍒ゆ柇鏄惁鏈夎瑙掕壊鏉冮檺
+ *
+ * @param role 瑙掕壊闆嗗悎
+ * @return {boolean}
+ */
+ public boolean hasAnyRole(String... role) {
+ BladeUser user = AuthUtil.getUser();
+ if (user == null) {
+ return false;
+ }
+ String userRole = user.getRoleName();
+ if (StringUtil.isBlank(userRole)) {
+ return false;
+ }
+ String[] roles = Func.toStrArray(userRole);
+ for (String r : role) {
+ if (CollectionUtil.contains(roles, r)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+}
--
Gitblit v1.9.3