From 4470052c3b6bdeb18e45987f8aa293d1e93d0552 Mon Sep 17 00:00:00 2001
From: Ludc <2870569285@qq.com>
Date: 星期二, 18 十一月 2025 11:59:12 +0800
Subject: [PATCH] 所有文件上传接口增加文件安全校验逻辑。

---
 Source/UBCS/ubcs-ops/ubcs-resource/src/main/java/com/vci/ubcs/resource/controller/FileController.java |   19 ++++++++++++++-----
 1 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/Source/UBCS/ubcs-ops/ubcs-resource/src/main/java/com/vci/ubcs/resource/controller/FileController.java b/Source/UBCS/ubcs-ops/ubcs-resource/src/main/java/com/vci/ubcs/resource/controller/FileController.java
index 626effe..42a7ba4 100644
--- a/Source/UBCS/ubcs-ops/ubcs-resource/src/main/java/com/vci/ubcs/resource/controller/FileController.java
+++ b/Source/UBCS/ubcs-ops/ubcs-resource/src/main/java/com/vci/ubcs/resource/controller/FileController.java
@@ -1,8 +1,8 @@
 package com.vci.ubcs.resource.controller;
 
-import com.alibaba.fastjson.JSON;
 import com.alibaba.nacos.common.utils.StringUtils;
 import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.vci.ubcs.common.validator.ComprehensiveFileValidator;
 import com.vci.ubcs.resource.dto.FileObjectDTO;
 import com.vci.ubcs.resource.dto.FileReleaseDTO;
 import com.vci.ubcs.resource.dto.FileShareDTO;
@@ -10,14 +10,11 @@
 import com.vci.ubcs.resource.service.IFileService;
 import com.vci.ubcs.resource.utils.FileDownloadUtil;
 import com.vci.ubcs.resource.vo.FileObjectVO;
-import com.vci.ubcs.starter.exception.VciBaseException;
 import com.vci.ubcs.starter.web.util.ControllerUtil;
 import com.vci.ubcs.starter.web.util.LangBaseUtil;
 import com.vci.ubcs.starter.web.util.VciBaseUtil;
-import lombok.extern.java.Log;
 import lombok.extern.slf4j.Slf4j;
 import org.springblade.core.mp.support.Query;
-import org.springblade.core.oss.MinioTemplate;
 import org.springblade.core.tool.api.R;
 import org.springblade.core.tool.utils.StringUtil;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -45,6 +42,12 @@
 	 */
 	@Autowired
 	private IFileService fileService;
+
+	/**
+	 * 鏂囦欢瀹夊叏妫�鏌�
+	 */
+	@Autowired
+	private ComprehensiveFileValidator fileValidator;
 
 	/**
 	 * 鏍规嵁鏂囦欢涓婚敭涓嬭浇鏂囦欢
@@ -82,7 +85,7 @@
 			if(StringUtil.isBlank(msg)){
 				msg = "鏈煡閿欒";
 			}
-			log.debug(msg);
+			log.error(msg);
 			return R.fail(msg);
 		}
 		return R.success("鍒犻櫎鎴愬姛");
@@ -97,6 +100,12 @@
 	@PostMapping("/uploadFile")
 	public R<FileObjectVO> uploadFile(MultipartFile file, FileObjectDTO fileObjectDTO){
 		if (file != null ) {
+			// 浣跨敤鏂囦欢瀹夊叏楠岃瘉鍣�
+			ComprehensiveFileValidator.UploadValidationResult result = fileValidator.validateFile(file);
+			if (!result.isValid()) {
+				return R.fail(result.getMessage());
+			}
+			//涓婁紶鏂囦欢
 			return fileService.uploadFile(file, fileObjectDTO);
 		} else {
 			return R.fail("鏃犱笂浼犵殑鏂囦欢");

--
Gitblit v1.9.3