From 4470052c3b6bdeb18e45987f8aa293d1e93d0552 Mon Sep 17 00:00:00 2001
From: Ludc <2870569285@qq.com>
Date: 星期二, 18 十一月 2025 11:59:12 +0800
Subject: [PATCH] 所有文件上传接口增加文件安全校验逻辑。

---
 Source/BladeX-Tool/blade-starter-redis/src/main/java/org/springblade/core/redis/ratelimiter/RedisRateLimiterAspect.java |  102 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 102 insertions(+), 0 deletions(-)

diff --git a/Source/BladeX-Tool/blade-starter-redis/src/main/java/org/springblade/core/redis/ratelimiter/RedisRateLimiterAspect.java b/Source/BladeX-Tool/blade-starter-redis/src/main/java/org/springblade/core/redis/ratelimiter/RedisRateLimiterAspect.java
new file mode 100644
index 0000000..ab3f751
--- /dev/null
+++ b/Source/BladeX-Tool/blade-starter-redis/src/main/java/org/springblade/core/redis/ratelimiter/RedisRateLimiterAspect.java
@@ -0,0 +1,102 @@
+/*
+ *      Copyright (c) 2018-2028, DreamLu All rights reserved.
+ *
+ *  Redistribution and use in source and binary forms, with or without
+ *  modification, are permitted provided that the following conditions are met:
+ *
+ *  Redistributions of source code must retain the above copyright notice,
+ *  this list of conditions and the following disclaimer.
+ *  Redistributions in binary form must reproduce the above copyright
+ *  notice, this list of conditions and the following disclaimer in the
+ *  documentation and/or other materials provided with the distribution.
+ *  Neither the name of the dreamlu.net developer nor the names of its
+ *  contributors may be used to endorse or promote products derived from
+ *  this software without specific prior written permission.
+ *  Author: DreamLu 鍗㈡槬姊� (596392912@qq.com)
+ */
+
+package org.springblade.core.redis.ratelimiter;
+
+import lombok.RequiredArgsConstructor;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springblade.core.tool.spel.BladeExpressionEvaluator;
+import org.springblade.core.tool.utils.CharPool;
+import org.springblade.core.tool.utils.StringUtil;
+import org.springframework.beans.BeansException;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+import org.springframework.context.expression.AnnotatedElementKey;
+import org.springframework.expression.EvaluationContext;
+import org.springframework.lang.NonNull;
+import org.springframework.util.Assert;
+
+import java.lang.reflect.Method;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * redis 闄愭祦
+ *
+ * @author L.cm
+ */
+@Aspect
+@RequiredArgsConstructor
+public class RedisRateLimiterAspect implements ApplicationContextAware {
+	/**
+	 * 琛ㄨ揪寮忓鐞�
+	 */
+	private final BladeExpressionEvaluator evaluator = new BladeExpressionEvaluator();
+	/**
+	 * redis 闄愭祦鏈嶅姟
+	 */
+	private final RedisRateLimiterClient rateLimiterClient;
+	private ApplicationContext applicationContext;
+
+	/**
+	 * AOP 鐜垏 娉ㄨВ @RateLimiter
+	 */
+	@Around("@annotation(limiter)")
+	public Object aroundRateLimiter(ProceedingJoinPoint point, RateLimiter limiter) throws Throwable {
+		String limitKey = limiter.value();
+		Assert.hasText(limitKey, "@RateLimiter value must have length; it must not be null or empty");
+		// el 琛ㄨ揪寮�
+		String limitParam = limiter.param();
+		// 琛ㄨ揪寮忎笉涓虹┖
+		String rateKey;
+		if (StringUtil.isNotBlank(limitParam)) {
+			String evalAsText = evalLimitParam(point, limitParam);
+			rateKey = limitKey + CharPool.COLON + evalAsText;
+		} else {
+			rateKey = limitKey;
+		}
+		long max = limiter.max();
+		long ttl = limiter.ttl();
+		TimeUnit timeUnit = limiter.timeUnit();
+		return rateLimiterClient.allow(rateKey, max, ttl, timeUnit, point::proceed);
+	}
+
+	/**
+	 * 璁＄畻鍙傛暟琛ㄨ揪寮�
+	 *
+	 * @param point      ProceedingJoinPoint
+	 * @param limitParam limitParam
+	 * @return 缁撴灉
+	 */
+	private String evalLimitParam(ProceedingJoinPoint point, String limitParam) {
+		MethodSignature ms = (MethodSignature) point.getSignature();
+		Method method = ms.getMethod();
+		Object[] args = point.getArgs();
+		Object target = point.getTarget();
+		Class<?> targetClass = target.getClass();
+		EvaluationContext context = evaluator.createContext(method, args, target, targetClass, applicationContext);
+		AnnotatedElementKey elementKey = new AnnotatedElementKey(method, targetClass);
+		return evaluator.evalAsText(limitParam, elementKey, context);
+	}
+
+	@Override
+	public void setApplicationContext(@NonNull ApplicationContext applicationContext) throws BeansException {
+		this.applicationContext = applicationContext;
+	}
+}

--
Gitblit v1.10.0