From 4470052c3b6bdeb18e45987f8aa293d1e93d0552 Mon Sep 17 00:00:00 2001
From: Ludc <2870569285@qq.com>
Date: 星期二, 18 十一月 2025 11:59:12 +0800
Subject: [PATCH] 所有文件上传接口增加文件安全校验逻辑。
---
Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeMdmInfaceImpl.java | 20 +++++++++++++++++---
1 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeMdmInfaceImpl.java b/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeMdmInfaceImpl.java
index 0708de7..fb2c8eb 100644
--- a/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeMdmInfaceImpl.java
+++ b/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeMdmInfaceImpl.java
@@ -327,7 +327,15 @@
String fixedField=fixedFieldMap.getOrDefault("dr","");
dr = masterData.getOrDefault(fixedField, "").toString();
}
- object.setCode(masterData.getOrDefault(currentClassifyConfig.get().getSourceCodeKey(),"").toString());//缂栫爜
+ List<String> sourceCodeKeyList=VciBaseUtil.str2List(currentClassifyConfig.get().getSourceCodeKey());
+ //object.setCode(masterData.getOrDefault(currentClassifyConfig.get().getSourceCodeKey(),"").toString());//缂栫爜
+ if(!CollectionUtils.isEmpty(sourceCodeKeyList)) {
+ sourceCodeKeyList.stream().forEach(codekey -> {
+ if (StringUtils.isNotBlank(masterData.getOrDefault(codekey, "").toString())) {
+ object.setCode(masterData.getOrDefault(codekey, "").toString());//缂栫爜
+ }
+ });
+ }
object.setProp(proppertyVOList);
if (dr.equals(1)) {
@@ -342,6 +350,9 @@
codeList.add(object.getCode());
});
+ if(CollectionUtils.isEmpty(codeList)){
+ throw new Throwable("妫�鏌ラ厤缃枃浠�:銆恠ourceCodeKey銆戯紝鍞竴鏍囪瘑瀛楁鏄惁姝g‘");
+ }
String targetCodeKey=currentClassifyConfig.get().getTargetCodeKey();
StringBuffer sb = new StringBuffer();
sb.append(" select * from ");
@@ -358,7 +369,7 @@
ApplyDatasVO editDatasVO = new ApplyDatasVO();
if (!CollectionUtils.isEmpty(cboList)) {
//鏍规嵁MDM缂栫爜鍘诲垽鏂暟鎹槸鍚﹂噸澶�.
- Map<String, ClientBusinessObject> oldpplyDataVOMap = cboList.stream().filter(data -> data != null && StringUtils.isNotBlank(data.getAttributeValue(targetCodeKey))).collect(Collectors.toList()).stream().collect(Collectors.toMap(s -> s.getAttributeValue(targetCodeKey).toLowerCase(Locale.ROOT), t -> t));
+ Map<String, ClientBusinessObject> oldpplyDataVOMap = cboList.stream().filter(data -> data != null && StringUtils.isNotBlank(data.getAttributeValue(targetCodeKey))).collect(Collectors.toList()).stream().collect(Collectors.toMap(s -> s.getAttributeValue(targetCodeKey), t -> t));
//鏁版嵁搴撲笉瀛樺湪鐨�
List<ApplyDataVO> applyApplyDataVOList = applyDataVOList.stream().filter(cbo -> {
String code = cbo.getCode();
@@ -369,6 +380,8 @@
List<ApplyDataVO> editApplyDataVOList = applyDataVOList.stream().filter(cbo -> {
String code = cbo.getCode();
if (oldpplyDataVOMap.containsKey(code)) {
+ ClientBusinessObject object= oldpplyDataVOMap.get(code);
+ cbo.setCode(object.getId());
cbo.setOperate("update");
}
return oldpplyDataVOMap.containsKey(code);
@@ -483,7 +496,7 @@
mesg="闆嗘垚绯荤粺锛氥��"+systemCode+"銆戠敵璇风紪鐮佸け璐�:" + e.getMessage();
mesg = e.getMessage();
e.printStackTrace();
- throw new ServiceException(e.getMessage());
+ // throw new ServiceException(e.getMessage());
} finally {
XMLResultDataObjectDetailDO x = new XMLResultDataObjectDetailDO();
x.setId(rowData.getOid());
@@ -700,6 +713,7 @@
String dataValue = sourceKeyValueMap.get(sourceKey);
if (attrMapConfigMap.containsKey(sourceKey)) {
String targetKey = attrMapConfigMap.get(sourceKey);
+ log.info("xxxxx灞炴�ф槧灏勫��:sourceKey銆�"+sourceKey+"銆戔�斺�斻��+targetKey---銆�"+targetKey+":"+dataValue);
keyValueMap.put(targetKey, StringUtils.isBlank(dataValue)?"":dataValue);
}
});
--
Gitblit v1.9.3