From db7c6f42a10e0109ccb0f4abc437037e3c9400aa Mon Sep 17 00:00:00 2001 From: lu17301156525 Date: Tue, 27 May 2025 01:22:02 -0700 Subject: [PATCH 1/7] fix: Fix i18n test --- .../tinyengine/it/controller/I18nEntryControllerTest.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java b/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java index 3650b72f..da707448 100644 --- a/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java +++ b/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java @@ -60,9 +60,10 @@ void setUp() { @Test void testGetAllI18nEntries() { I18nEntryListResult mockData = new I18nEntryListResult(); - when(i18nEntryService.findAllI18nEntry()).thenReturn(mockData); - - Result result = i18nEntryController.getAllI18nEntries(); + when(i18nEntryService.findI18nEntryByApp(anyInt(), anyString())).thenReturn(mockData); + Integer host = 1; + String hostType = "app"; + Result result = i18nEntryController.getI18nEntriesByApp(host, hostType); Assertions.assertEquals(mockData, result.getData()); } From 4c3e1f23e2afbdcb9f10f92bdb48ed094e1b3fa5 Mon Sep 17 00:00:00 2001 From: lu17301156525 Date: Tue, 27 May 2025 01:22:26 -0700 Subject: [PATCH 2/7] fix: Fix i18n test --- .../com/tinyengine/it/controller/I18nEntryController.java | 4 ++-- .../com/tinyengine/it/controller/I18nEntryControllerTest.java | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java b/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java index c8b8dad0..42a7705d 100644 --- a/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java +++ b/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java @@ -70,7 +70,7 @@ public class I18nEntryController { private I18nEntryService i18nEntryService; /** - * Gets all i 18 n entries by app. + * Gets i 18 n entries by app. * * @return 获取国际化词条列表 i 18 n entries */ @@ -79,7 +79,7 @@ public class I18nEntryController { content = @Content(mediaType = "application/json", schema = @Schema())), @ApiResponse(responseCode = "400", description = "请求失败") }) - @SystemControllerLog(description = "获取国际化词条列表") + @SystemControllerLog(description = "通过app获取国际化词条列表") @GetMapping("/i18n/entries") public Result getI18nEntriesByApp( @RequestParam(value = "host", required = false) Integer host, @RequestParam(value = "host_type", required = false) String hostType) { diff --git a/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java b/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java index da707448..0068ef75 100644 --- a/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java +++ b/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java @@ -58,7 +58,7 @@ void setUp() { } @Test - void testGetAllI18nEntries() { + void testGetI18nEntriesByApp() { I18nEntryListResult mockData = new I18nEntryListResult(); when(i18nEntryService.findI18nEntryByApp(anyInt(), anyString())).thenReturn(mockData); Integer host = 1; From a39d7561ec1827ca472f530b70a6aa4d4cb6b04e Mon Sep 17 00:00:00 2001 From: lu17301156525 Date: Thu, 5 Jun 2025 00:39:06 -0700 Subject: [PATCH 3/7] fix: Fix page and block lock bug --- .../h2/update_tables_ddl_v1.0.0_2025_0527.sql | 2 ++ .../update_tables_ddl_v1.0.0_2025_0527.sql | 2 ++ .../service/app/impl/CanvasServiceImpl.java | 19 ++++++++++++------- .../main/resources/mappers/BlockMapper.xml | 2 +- .../src/main/resources/mappers/PageMapper.xml | 2 +- 5 files changed, 18 insertions(+), 9 deletions(-) create mode 100644 app/src/main/resources/sql/h2/update_tables_ddl_v1.0.0_2025_0527.sql create mode 100644 app/src/main/resources/sql/mysql/update_tables_ddl_v1.0.0_2025_0527.sql diff --git a/app/src/main/resources/sql/h2/update_tables_ddl_v1.0.0_2025_0527.sql b/app/src/main/resources/sql/h2/update_tables_ddl_v1.0.0_2025_0527.sql new file mode 100644 index 00000000..460a83aa --- /dev/null +++ b/app/src/main/resources/sql/h2/update_tables_ddl_v1.0.0_2025_0527.sql @@ -0,0 +1,2 @@ +ALTER TABLE t_block_group DROP INDEX u_idx_block_group; +ALTER TABLE t_block_group ADD INDEX u_idx_block_group (`tenant_id`, `platform_id`, `name`, `app_id`); \ No newline at end of file diff --git a/app/src/main/resources/sql/mysql/update_tables_ddl_v1.0.0_2025_0527.sql b/app/src/main/resources/sql/mysql/update_tables_ddl_v1.0.0_2025_0527.sql new file mode 100644 index 00000000..460a83aa --- /dev/null +++ b/app/src/main/resources/sql/mysql/update_tables_ddl_v1.0.0_2025_0527.sql @@ -0,0 +1,2 @@ +ALTER TABLE t_block_group DROP INDEX u_idx_block_group; +ALTER TABLE t_block_group ADD INDEX u_idx_block_group (`tenant_id`, `platform_id`, `name`, `app_id`); \ No newline at end of file diff --git a/base/src/main/java/com/tinyengine/it/service/app/impl/CanvasServiceImpl.java b/base/src/main/java/com/tinyengine/it/service/app/impl/CanvasServiceImpl.java index 143e7d72..0a6d3ab7 100644 --- a/base/src/main/java/com/tinyengine/it/service/app/impl/CanvasServiceImpl.java +++ b/base/src/main/java/com/tinyengine/it/service/app/impl/CanvasServiceImpl.java @@ -14,6 +14,7 @@ import com.tinyengine.it.common.base.Result; import com.tinyengine.it.common.context.LoginUserContext; +import com.tinyengine.it.common.enums.Enums; import com.tinyengine.it.mapper.BlockMapper; import com.tinyengine.it.mapper.PageMapper; import com.tinyengine.it.mapper.UserMapper; @@ -44,7 +45,7 @@ public class CanvasServiceImpl implements CanvasService { @Override public Result lockCanvas(Integer id, String state, String type) { - String occupier; + String occupier = null; // needTODO 先试用mock数据,后续添加登录及权限后从session获取, User user = userMapper.queryUserById(loginUserContext.getLoginUserId()); if(user == null) { @@ -52,17 +53,21 @@ public Result lockCanvas(Integer id, String state, String type) { user.setId(loginUserContext.getLoginUserId()); } CanvasDto canvasDto = new CanvasDto(); + String value = state.equals(Enums.CanvasEditorState.OCCUPY.getValue()) ? user.getId() : null; + User occupierValue = state.equals(Enums.CanvasEditorState.OCCUPY.getValue()) ? user : null; if ("page".equals(type)) { Page page = pageMapper.queryPageById(id); - occupier = page.getOccupier().getId(); + if (page.getOccupier() != null) { + occupier = page.getOccupier().getId(); + } Boolean isCaDoIt = isCanDoIt(occupier, user); if (isCaDoIt) { Page updatePage = new Page(); updatePage.setId(id); - updatePage.setOccupierBy(user.getId()); + updatePage.setOccupierBy(value); pageMapper.updatePageById(updatePage); canvasDto.setOperate("success"); - canvasDto.setOccupier(user); + canvasDto.setOccupier(occupierValue); return Result.success(canvasDto); } } else { @@ -72,15 +77,15 @@ public Result lockCanvas(Integer id, String state, String type) { if (isCaDoIt) { Block updateBlock = new Block(); updateBlock.setId(id); - updateBlock.setOccupierBy(user.getId()); + updateBlock.setOccupierBy(value); blockMapper.updateBlockById(updateBlock); canvasDto.setOperate("success"); - canvasDto.setOccupier(user); + canvasDto.setOccupier(occupierValue); return Result.success(canvasDto); } } canvasDto.setOperate("failed"); - canvasDto.setOccupier(user); + canvasDto.setOccupier(occupierValue); return Result.success(canvasDto); } diff --git a/base/src/main/resources/mappers/BlockMapper.xml b/base/src/main/resources/mappers/BlockMapper.xml index e562c060..43b06531 100644 --- a/base/src/main/resources/mappers/BlockMapper.xml +++ b/base/src/main/resources/mappers/BlockMapper.xml @@ -142,7 +142,7 @@ path = #{path}, - + occupier_by = #{occupierBy}, diff --git a/base/src/main/resources/mappers/PageMapper.xml b/base/src/main/resources/mappers/PageMapper.xml index 2044d35c..bdf95efa 100644 --- a/base/src/main/resources/mappers/PageMapper.xml +++ b/base/src/main/resources/mappers/PageMapper.xml @@ -108,7 +108,7 @@ is_page = #{isPage}, - + occupier_by = #{occupierBy}, From 66c5f786df3d2d69761ca02f92c36a2460b70d64 Mon Sep 17 00:00:00 2001 From: lu17301156525 Date: Thu, 5 Jun 2025 23:02:54 -0700 Subject: [PATCH 4/7] fix: File format check --- .../com/tinyengine/it/common/enums/Enums.java | 90 +++++++++++++++++++ .../common/utils/SecurityFileCheckUtil.java | 11 +++ .../it/controller/ComponentController.java | 5 ++ .../it/controller/I18nEntryController.java | 7 ++ .../app/impl/I18nEntryServiceImpl.java | 5 +- .../app/impl/I18nEntryServiceImplTest.java | 4 +- 6 files changed, 119 insertions(+), 3 deletions(-) diff --git a/base/src/main/java/com/tinyengine/it/common/enums/Enums.java b/base/src/main/java/com/tinyengine/it/common/enums/Enums.java index e9b7f2ad..7cd5f5b1 100644 --- a/base/src/main/java/com/tinyengine/it/common/enums/Enums.java +++ b/base/src/main/java/com/tinyengine/it/common/enums/Enums.java @@ -908,4 +908,94 @@ public String getValue() { return value; } } + + public enum FileType { + /** + * File type zip. + */ + ZIP("application/zip"), + + /** + * File type json. + */ + JSON("application/json"), + + /** + * File type text. + */ + TXT("text/plain"), + + /** + * File type html. + */ + HTML("text/html"), + /** + * File type png. + */ + PNG("image/png"), + + /** + * File type jpg. + */ + JPG("image/jpeg"); + private final String value; + + FileType(String value) { + this.value = value; + } + + /** + * Gets value. + * + * @return the value + */ + public String getValue() { + return value; + } + } + + public enum FileNameEnd { + /** + * File name end .zip. + */ + ZIP(".zip"), + + /** + * File name end .json. + */ + JSON(".json"), + + /** + * File name end .text. + */ + TXT(".txt"), + + /** + * File name end .html. + */ + HTML(".html"), + /** + * File name end .png. + */ + PNG(".png"), + + /** + * File name end .jpg. + */ + JPG(".jpeg"); + private final String value; + + FileNameEnd(String value) { + this.value = value; + } + + /** + * Gets value. + * + * @return the value + */ + public String getValue() { + return value; + } + } } diff --git a/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java b/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java index 2b6e6b49..e4a65446 100644 --- a/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java +++ b/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java @@ -12,12 +12,14 @@ package com.tinyengine.it.common.utils; import cn.hutool.core.util.ObjectUtil; +import com.fasterxml.jackson.databind.ObjectMapper; import com.tinyengine.it.common.exception.ExceptionEnum; import com.tinyengine.it.common.exception.ServiceException; import org.springframework.util.StringUtils; import org.springframework.web.multipart.MultipartFile; import java.io.File; +import java.io.IOException; import java.util.Locale; import java.util.Map; import java.util.Objects; @@ -177,5 +179,14 @@ private static String getFileName(String filePath) { return file.getName(); } + public static void isValidJson(MultipartFile file) { + ObjectMapper objectMapper = new ObjectMapper(); + try { + // 将 MultipartFile 转换为 InputStream 并解析 JSON + objectMapper.readTree(file.getInputStream()); + } catch (IOException e) { + throw new ServiceException(ExceptionEnum.CM308.getResultCode(), ExceptionEnum.CM308.getResultMsg()); + } + } } diff --git a/base/src/main/java/com/tinyengine/it/controller/ComponentController.java b/base/src/main/java/com/tinyengine/it/controller/ComponentController.java index 833e3a44..c5fed849 100644 --- a/base/src/main/java/com/tinyengine/it/controller/ComponentController.java +++ b/base/src/main/java/com/tinyengine/it/controller/ComponentController.java @@ -13,6 +13,7 @@ package com.tinyengine.it.controller; import com.tinyengine.it.common.base.Result; +import com.tinyengine.it.common.enums.Enums; import com.tinyengine.it.common.exception.ExceptionEnum; import com.tinyengine.it.common.log.SystemControllerLog; import com.tinyengine.it.common.utils.SecurityFileCheckUtil; @@ -75,6 +76,8 @@ public Result bundleCreateComponent(@RequestParam MultipartFile file return Result.failed(ExceptionEnum.CM307); } SecurityFileCheckUtil.validFileName(file.getOriginalFilename()); + SecurityFileCheckUtil.checkFileType(file, Enums.FileNameEnd.JSON.getValue(), Enums.FileType.JSON.getValue()); + SecurityFileCheckUtil.isValidJson(file); // 返回插入和更新的条数 return componentService.readFileAndBulkCreate(file); } @@ -99,6 +102,8 @@ public Result bundleSplit(@RequestParam MultipartFile file) { return Result.failed(ExceptionEnum.CM307); } SecurityFileCheckUtil.validFileName(file.getOriginalFilename()); + SecurityFileCheckUtil.checkFileType(file, Enums.FileNameEnd.JSON.getValue(), Enums.FileType.JSON.getValue()); + SecurityFileCheckUtil.isValidJson(file); return componentService.bundleSplit(file); } diff --git a/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java b/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java index 42a7705d..a7eeaf74 100644 --- a/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java +++ b/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java @@ -13,6 +13,7 @@ package com.tinyengine.it.controller; import com.tinyengine.it.common.base.Result; +import com.tinyengine.it.common.enums.Enums; import com.tinyengine.it.common.exception.ExceptionEnum; import com.tinyengine.it.common.exception.ServiceException; import com.tinyengine.it.common.log.SystemControllerLog; @@ -45,6 +46,7 @@ import org.springframework.web.multipart.MultipartFile; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; import java.util.Map; @@ -249,7 +251,11 @@ public Result updateI18nSingleFile( if (file.isEmpty()) { return Result.failed(ExceptionEnum.CM307); } + Map fileTypeMap = new HashMap<>(); + fileTypeMap.put(Enums.FileNameEnd.ZIP.getValue(), Enums.FileType.ZIP.getValue()); + fileTypeMap.put(Enums.FileNameEnd.JSON.getValue(), Enums.FileType.JSON.getValue()); SecurityFileCheckUtil.validFileName(file.getOriginalFilename()); + SecurityFileCheckUtil.checkFileType(file, fileTypeMap); // 返回插入和更新的条数 result = i18nEntryService.readSingleFileAndBulkCreate(file, id); } @@ -286,6 +292,7 @@ public Result updateI18nMultiFile( return Result.failed(ExceptionEnum.CM307); } SecurityFileCheckUtil.validFileName(file.getOriginalFilename()); + SecurityFileCheckUtil.checkFileType(file, Enums.FileNameEnd.JSON.getValue(), Enums.FileType.JSON.getValue()); // 返回插入和更新的条数 result = i18nEntryService.readFilesAndbulkCreate(key, file, id); } diff --git a/base/src/main/java/com/tinyengine/it/service/app/impl/I18nEntryServiceImpl.java b/base/src/main/java/com/tinyengine/it/service/app/impl/I18nEntryServiceImpl.java index 88d6c109..4ade2134 100644 --- a/base/src/main/java/com/tinyengine/it/service/app/impl/I18nEntryServiceImpl.java +++ b/base/src/main/java/com/tinyengine/it/service/app/impl/I18nEntryServiceImpl.java @@ -21,6 +21,7 @@ import com.tinyengine.it.common.exception.ExceptionEnum; import com.tinyengine.it.common.exception.ServiceException; import com.tinyengine.it.common.log.SystemServiceLog; +import com.tinyengine.it.common.utils.SecurityFileCheckUtil; import com.tinyengine.it.common.utils.Utils; import com.tinyengine.it.mapper.I18nEntryMapper; import com.tinyengine.it.mapper.I18nLangMapper; @@ -326,7 +327,8 @@ public Result readSingleFileAndBulkCreate(MultipartFile file, int ho List entriesArr = new ArrayList<>(); String contentType = file.getContentType(); - if (Objects.equals(contentType, Enums.MimeType.JSON.getValue())) { + if (Objects.equals(contentType, Enums.FileType.JSON.getValue())) { + SecurityFileCheckUtil.isValidJson(file); Result parseJsonFileStreamResult = Utils.parseJsonFileStream(file); if (!parseJsonFileStreamResult.isSuccess()) { return Result.failed(ExceptionEnum.CM001); @@ -357,6 +359,7 @@ public Result readSingleFileAndBulkCreate(MultipartFile file, int ho @SystemServiceLog(description = "readFilesAndbulkCreate 批量上传词条数据") @Override public Result readFilesAndbulkCreate(String lang, MultipartFile file, int host) throws Exception { + SecurityFileCheckUtil.isValidJson(file); Result parseJsonFileStreamResult = Utils.parseJsonFileStream(file); // 解析 JSON 数据 if (!parseJsonFileStreamResult.isSuccess()) { diff --git a/base/src/test/java/com/tinyengine/it/service/app/impl/I18nEntryServiceImplTest.java b/base/src/test/java/com/tinyengine/it/service/app/impl/I18nEntryServiceImplTest.java index c2de3384..8ca96f85 100644 --- a/base/src/test/java/com/tinyengine/it/service/app/impl/I18nEntryServiceImplTest.java +++ b/base/src/test/java/com/tinyengine/it/service/app/impl/I18nEntryServiceImplTest.java @@ -284,7 +284,7 @@ void testReadSingleFileAndBulkCreate() throws Exception { when(file.getOriginalFilename()).thenReturn("originalName"); when(file.getName()).thenReturn("123"); when(file.getBytes()).thenReturn("{\"name\":\"value\"}".getBytes(StandardCharsets.UTF_8)); - when(file.getInputStream()).thenReturn(IoUtil.toStream("test".getBytes(StandardCharsets.UTF_8))); + when(file.getInputStream()).thenReturn(IoUtil.toStream("{\"name\":\"value\"}".getBytes(StandardCharsets.UTF_8))); Result result = i18nEntryServiceImpl.readSingleFileAndBulkCreate(file, 0); @@ -299,7 +299,7 @@ void testReadFilesAndbulkCreate() throws Exception { when(file.getOriginalFilename()).thenReturn("originalName"); when(file.getName()).thenReturn("123"); when(file.getBytes()).thenReturn("{\"name\":\"value\"}".getBytes(StandardCharsets.UTF_8)); - when(file.getInputStream()).thenReturn(IoUtil.toStream("test".getBytes(StandardCharsets.UTF_8))); + when(file.getInputStream()).thenReturn(IoUtil.toStream("{\"name\":\"value\"}".getBytes(StandardCharsets.UTF_8))); // file not existed Result result = i18nEntryServiceImpl.readFilesAndbulkCreate("1", file, 0); Assertions.assertNull(result.getData()); From 2c3ca8ee5fb2acb551eb6e7076832f3d932b7ee0 Mon Sep 17 00:00:00 2001 From: lu17301156525 Date: Thu, 5 Jun 2025 23:40:53 -0700 Subject: [PATCH 5/7] fix: File format check --- .../it/common/utils/SecurityFileCheckUtil.java | 5 +++++ .../it/controller/ComponentController.java | 12 ++++++++++-- .../it/controller/I18nEntryController.java | 11 +++++++++-- 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java b/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java index 00cdce9a..6064d902 100644 --- a/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java +++ b/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java @@ -179,6 +179,11 @@ private static String getFileName(String filePath) { return file.getName(); } + /** + * Verify json file. + * + * @param file the file + */ public static void isValidJson(MultipartFile file) { ObjectMapper objectMapper = new ObjectMapper(); try { diff --git a/base/src/main/java/com/tinyengine/it/controller/ComponentController.java b/base/src/main/java/com/tinyengine/it/controller/ComponentController.java index 9ad56025..dabeb230 100644 --- a/base/src/main/java/com/tinyengine/it/controller/ComponentController.java +++ b/base/src/main/java/com/tinyengine/it/controller/ComponentController.java @@ -75,7 +75,11 @@ public Result bundleCreateComponent(@RequestParam MultipartFile file return Result.failed(ExceptionEnum.CM307); } SecurityFileCheckUtil.validFileName(file.getOriginalFilename()); - SecurityFileCheckUtil.checkFileType(file, Enums.FileNameEnd.JSON.getValue(), Enums.FileType.JSON.getValue()); + boolean checkFileType = SecurityFileCheckUtil.checkFileType(file, Enums.FileNameEnd.JSON.getValue(), + Enums.FileType.JSON.getValue()); + if (!checkFileType) { + return Result.failed(ExceptionEnum.CM308); + } SecurityFileCheckUtil.isValidJson(file); // 返回插入和更新的条数 return componentService.readFileAndBulkCreate(file); @@ -101,7 +105,11 @@ public Result bundleSplit(@RequestParam MultipartFile file) { return Result.failed(ExceptionEnum.CM307); } SecurityFileCheckUtil.validFileName(file.getOriginalFilename()); - SecurityFileCheckUtil.checkFileType(file, Enums.FileNameEnd.JSON.getValue(), Enums.FileType.JSON.getValue()); + boolean checkFileType = SecurityFileCheckUtil.checkFileType(file, Enums.FileNameEnd.JSON.getValue(), + Enums.FileType.JSON.getValue()); + if (!checkFileType) { + return Result.failed(ExceptionEnum.CM308); + } SecurityFileCheckUtil.isValidJson(file); return componentService.bundleSplit(file); } diff --git a/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java b/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java index 046b697e..44631260 100644 --- a/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java +++ b/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java @@ -254,7 +254,10 @@ public Result updateI18nSingleFile( fileTypeMap.put(Enums.FileNameEnd.ZIP.getValue(), Enums.FileType.ZIP.getValue()); fileTypeMap.put(Enums.FileNameEnd.JSON.getValue(), Enums.FileType.JSON.getValue()); SecurityFileCheckUtil.validFileName(file.getOriginalFilename()); - SecurityFileCheckUtil.checkFileType(file, fileTypeMap); + boolean checkFileType = SecurityFileCheckUtil.checkFileType(file, fileTypeMap); + if (!checkFileType) { + return Result.failed(ExceptionEnum.CM325); + } // 返回插入和更新的条数 result = i18nEntryService.readSingleFileAndBulkCreate(file, id); } @@ -291,7 +294,11 @@ public Result updateI18nMultiFile( return Result.failed(ExceptionEnum.CM307); } SecurityFileCheckUtil.validFileName(file.getOriginalFilename()); - SecurityFileCheckUtil.checkFileType(file, Enums.FileNameEnd.JSON.getValue(), Enums.FileType.JSON.getValue()); + boolean checkFileType = SecurityFileCheckUtil.checkFileType(file, Enums.FileNameEnd.JSON.getValue(), + Enums.FileType.JSON.getValue()); + if (!checkFileType) { + return Result.failed(ExceptionEnum.CM308); + } // 返回插入和更新的条数 result = i18nEntryService.readFilesAndbulkCreate(key, file, id); } From 6d678ae296965d05db06cd280448541fa6af6771 Mon Sep 17 00:00:00 2001 From: lu17301156525 Date: Fri, 6 Jun 2025 00:44:17 -0700 Subject: [PATCH 6/7] fix: File format check --- .../com/tinyengine/it/common/enums/Enums.java | 5 +++++ .../common/utils/SecurityFileCheckUtil.java | 11 +++++++--- .../it/controller/I18nEntryController.java | 7 ++++--- .../material/impl/ComponentServiceImpl.java | 14 ------------- .../controller/I18nEntryControllerTest.java | 20 +++++++++++++------ 5 files changed, 31 insertions(+), 26 deletions(-) diff --git a/base/src/main/java/com/tinyengine/it/common/enums/Enums.java b/base/src/main/java/com/tinyengine/it/common/enums/Enums.java index 7cd5f5b1..c534de21 100644 --- a/base/src/main/java/com/tinyengine/it/common/enums/Enums.java +++ b/base/src/main/java/com/tinyengine/it/common/enums/Enums.java @@ -915,6 +915,11 @@ public enum FileType { */ ZIP("application/zip"), + /** + * File type x-zip. + */ + XZIP("application/x-zip-compressed"), + /** * File type json. */ diff --git a/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java b/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java index 6064d902..deae55e3 100644 --- a/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java +++ b/base/src/main/java/com/tinyengine/it/common/utils/SecurityFileCheckUtil.java @@ -20,6 +20,7 @@ import java.io.File; import java.io.IOException; +import java.util.List; import java.util.Locale; import java.util.Map; import java.util.Objects; @@ -61,14 +62,18 @@ public static boolean checkPathHasCrossDir(String dirOrFileName) { * @param fileTypeMap the fileTypeMap * @return true or false */ - public static boolean checkFileType(MultipartFile file, Map fileTypeMap) { + public static boolean checkFileType(MultipartFile file, Map> fileTypeMap) { if (Objects.isNull(file) || fileTypeMap.isEmpty()) { throw new ServiceException(ExceptionEnum.CM307.getResultCode(), ExceptionEnum.CM307.getResultMsg()); } String originalFileName = file.getOriginalFilename(); - for (Map.Entry entry : fileTypeMap.entrySet()) { + String contentType = file.getContentType(); + + for (Map.Entry> entry : fileTypeMap.entrySet()) { if (originalFileName.endsWith(entry.getKey())) { - return checkFileType(file, entry.getKey(), entry.getValue()); + if (entry.getValue().contains(contentType)) { + return true; + } } } return false; diff --git a/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java b/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java index 44631260..7894f254 100644 --- a/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java +++ b/base/src/main/java/com/tinyengine/it/controller/I18nEntryController.java @@ -47,6 +47,7 @@ import org.springframework.web.multipart.MultipartFile; import java.util.ArrayList; +import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -250,9 +251,9 @@ public Result updateI18nSingleFile( if (file.isEmpty()) { return Result.failed(ExceptionEnum.CM307); } - Map fileTypeMap = new HashMap<>(); - fileTypeMap.put(Enums.FileNameEnd.ZIP.getValue(), Enums.FileType.ZIP.getValue()); - fileTypeMap.put(Enums.FileNameEnd.JSON.getValue(), Enums.FileType.JSON.getValue()); + Map> fileTypeMap = new HashMap<>(); + fileTypeMap.put(Enums.FileNameEnd.ZIP.getValue(), Arrays.asList(Enums.FileType.ZIP.getValue(), Enums.FileType.XZIP.getValue())); + fileTypeMap.put(Enums.FileNameEnd.JSON.getValue(), Arrays.asList(Enums.FileType.JSON.getValue())); SecurityFileCheckUtil.validFileName(file.getOriginalFilename()); boolean checkFileType = SecurityFileCheckUtil.checkFileType(file, fileTypeMap); if (!checkFileType) { diff --git a/base/src/main/java/com/tinyengine/it/service/material/impl/ComponentServiceImpl.java b/base/src/main/java/com/tinyengine/it/service/material/impl/ComponentServiceImpl.java index 2b7b7abd..ab7449d1 100644 --- a/base/src/main/java/com/tinyengine/it/service/material/impl/ComponentServiceImpl.java +++ b/base/src/main/java/com/tinyengine/it/service/material/impl/ComponentServiceImpl.java @@ -183,11 +183,6 @@ public Result readFileAndBulkCreate(MultipartFile file) { @Override @SystemServiceLog(description = "bundleSplit 拆分bundle.json实现方法") public Result bundleSplit(MultipartFile file) { - // 检验文件 - boolean isFileCheck = this.checkFile(file); - if (!isFileCheck) { - return Result.failed(ExceptionEnum.CM325); - } // 获取bundle.json数据 Result result = Utils.parseJsonFileStream(file); if (!result.isSuccess()) { @@ -392,13 +387,4 @@ private List buildComponentList(BundleDto bundleDto, List fileTypeMap = new HashMap<>(); - fileTypeMap.put(".json", "application/json"); - boolean isCheckFileType = SecurityFileCheckUtil.checkFileType(file, fileTypeMap); - if (!isCheckFileType) { - return false; - } - return true; - } } diff --git a/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java b/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java index 0068ef75..9fbdc1dd 100644 --- a/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java +++ b/base/src/test/java/com/tinyengine/it/controller/I18nEntryControllerTest.java @@ -17,6 +17,7 @@ import static org.mockito.Mockito.anyString; import static org.mockito.Mockito.when; +import cn.hutool.core.io.IoUtil; import com.tinyengine.it.common.base.Result; import com.tinyengine.it.model.dto.DeleteI18nEntry; import com.tinyengine.it.model.dto.FileResult; @@ -36,6 +37,7 @@ import org.mockito.MockitoAnnotations; import org.springframework.web.multipart.MultipartFile; +import java.nio.charset.StandardCharsets; import java.util.Arrays; import java.util.HashMap; import java.util.List; @@ -130,10 +132,13 @@ void testUpdateI18nSingleFile() throws Exception { Result mockData = new Result<>(); mockData.setSuccess(true); when(i18nEntryService.readSingleFileAndBulkCreate(any(MultipartFile.class), anyInt())) - .thenReturn(mockData); + .thenReturn(mockData); MultipartFile file = Mockito.mock(MultipartFile.class); - when(file.getOriginalFilename()).thenReturn("example.json"); - when(file.isEmpty()).thenReturn(false); + when(file.getContentType()).thenReturn("application/json"); + when(file.getOriginalFilename()).thenReturn("originalName.json"); + when(file.getName()).thenReturn("123"); + when(file.getBytes()).thenReturn("{\"name\":\"value\"}".getBytes(StandardCharsets.UTF_8)); + when(file.getInputStream()).thenReturn(IoUtil.toStream("{\"name\":\"value\"}".getBytes(StandardCharsets.UTF_8))); HashMap filesMap = new HashMap() {{ put("filesMap", file); }}; @@ -145,10 +150,13 @@ void testUpdateI18nSingleFile() throws Exception { @Test void testUpdateI18nMultiFile() throws Exception { when(i18nEntryService.readFilesAndbulkCreate(anyString(), any(MultipartFile.class), anyInt())) - .thenReturn(new Result()); + .thenReturn(new Result()); MultipartFile file = Mockito.mock(MultipartFile.class); - when(file.getOriginalFilename()).thenReturn("example.json"); - when(file.isEmpty()).thenReturn(false); + when(file.getContentType()).thenReturn("application/json"); + when(file.getOriginalFilename()).thenReturn("originalName.json"); + when(file.getName()).thenReturn("123"); + when(file.getBytes()).thenReturn("{\"name\":\"value\"}".getBytes(StandardCharsets.UTF_8)); + when(file.getInputStream()).thenReturn(IoUtil.toStream("{\"name\":\"value\"}".getBytes(StandardCharsets.UTF_8))); HashMap filesMap = new HashMap() {{ put("filesMap", file); }}; From 9c2bcd7747c7d102edc5c1789f0cdd158dae8c83 Mon Sep 17 00:00:00 2001 From: lu17301156525 Date: Sun, 8 Jun 2025 19:10:03 -0700 Subject: [PATCH 7/7] fix: Modify code format --- .../it/service/material/impl/ComponentServiceImpl.java | 1 - 1 file changed, 1 deletion(-) diff --git a/base/src/main/java/com/tinyengine/it/service/material/impl/ComponentServiceImpl.java b/base/src/main/java/com/tinyengine/it/service/material/impl/ComponentServiceImpl.java index ab7449d1..8fde5817 100644 --- a/base/src/main/java/com/tinyengine/it/service/material/impl/ComponentServiceImpl.java +++ b/base/src/main/java/com/tinyengine/it/service/material/impl/ComponentServiceImpl.java @@ -15,7 +15,6 @@ import com.tinyengine.it.common.base.Result; import com.tinyengine.it.common.exception.ExceptionEnum; import com.tinyengine.it.common.log.SystemServiceLog; -import com.tinyengine.it.common.utils.SecurityFileCheckUtil; import com.tinyengine.it.common.utils.Utils; import com.tinyengine.it.mapper.ComponentLibraryMapper; import com.tinyengine.it.mapper.ComponentMapper;