From 4470052c3b6bdeb18e45987f8aa293d1e93d0552 Mon Sep 17 00:00:00 2001
From: Ludc <2870569285@qq.com>
Date: 星期二, 18 十一月 2025 11:59:12 +0800
Subject: [PATCH] 所有文件上传接口增加文件安全校验逻辑。

---
 Source/BladeX-Tool/blade-starter-swagger/src/main/java/org/springblade/core/swagger/SwaggerUtil.java |   74 +++++++++++++++++++++++++++++++++++++
 1 files changed, 74 insertions(+), 0 deletions(-)

diff --git a/Source/BladeX-Tool/blade-starter-swagger/src/main/java/org/springblade/core/swagger/SwaggerUtil.java b/Source/BladeX-Tool/blade-starter-swagger/src/main/java/org/springblade/core/swagger/SwaggerUtil.java
new file mode 100644
index 0000000..feb569c
--- /dev/null
+++ b/Source/BladeX-Tool/blade-starter-swagger/src/main/java/org/springblade/core/swagger/SwaggerUtil.java
@@ -0,0 +1,74 @@
+/*
+ *      Copyright (c) 2018-2028, Chill Zhuang All rights reserved.
+ *
+ *  Redistribution and use in source and binary forms, with or without
+ *  modification, are permitted provided that the following conditions are met:
+ *
+ *  Redistributions of source code must retain the above copyright notice,
+ *  this list of conditions and the following disclaimer.
+ *  Redistributions in binary form must reproduce the above copyright
+ *  notice, this list of conditions and the following disclaimer in the
+ *  documentation and/or other materials provided with the distribution.
+ *  Neither the name of the dreamlu.net developer nor the names of its
+ *  contributors may be used to endorse or promote products derived from
+ *  this software without specific prior written permission.
+ *  Author: Chill 搴勯獮 (smallchill@163.com)
+ */
+package org.springblade.core.swagger;
+
+import com.google.common.base.Function;
+import com.google.common.base.Optional;
+import org.springblade.core.launch.constant.TokenConstant;
+import springfox.documentation.RequestHandler;
+import springfox.documentation.service.ApiKey;
+
+import java.util.List;
+import java.util.function.Predicate;
+
+/**
+ * Swagger宸ュ叿绫�
+ *
+ * @author Chill
+ */
+public class SwaggerUtil {
+
+	/**
+	 * 鑾峰彇鍖呴泦鍚�
+	 *
+	 * @param basePackages 澶氫釜鍖呭悕闆嗗悎
+	 */
+	public static Predicate<RequestHandler> basePackages(final List<String> basePackages) {
+		return input -> declaringClass(input).transform(handlerPackage(basePackages)).or(true);
+	}
+
+	private static Function<Class<?>, Boolean> handlerPackage(final List<String> basePackages) {
+		return input -> {
+			// 寰幆鍒ゆ柇鍖归厤
+			for (String strPackage : basePackages) {
+				boolean isMatch = input.getPackage().getName().startsWith(strPackage);
+				if (isMatch) {
+					return true;
+				}
+			}
+			return false;
+		};
+	}
+
+	private static Optional<? extends Class<?>> declaringClass(RequestHandler input) {
+		return Optional.fromNullable(input.declaringClass());
+	}
+
+
+	public static ApiKey clientInfo() {
+		return new ApiKey("ClientInfo", "Authorization", "header");
+	}
+
+	public static ApiKey bladeAuth() {
+		return new ApiKey("BladeAuth", TokenConstant.HEADER, "header");
+	}
+
+	public static ApiKey bladeTenant() {
+		return new ApiKey("TenantId", "Tenant-Id", "header");
+	}
+
+}

--
Gitblit v1.10.0