2018-01-17 14:10:40 +08:00
|
|
|
|
package cn.keking.web.controller;
|
|
|
|
|
|
|
2019-04-16 21:09:32 +08:00
|
|
|
|
import cn.keking.config.ConfigConstants;
|
2022-07-25 17:26:02 +08:00
|
|
|
|
import cn.keking.model.ReturnResponse;
|
2022-07-25 18:33:22 +08:00
|
|
|
|
import cn.keking.utils.KkFileUtils;
|
2023-01-17 22:56:51 +08:00
|
|
|
|
import cn.keking.utils.WebUtils;
|
2020-05-14 10:04:09 +08:00
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
|
|
import org.slf4j.LoggerFactory;
|
2020-05-15 18:09:19 +08:00
|
|
|
|
import org.springframework.util.StreamUtils;
|
2022-07-25 17:26:02 +08:00
|
|
|
|
import org.springframework.web.bind.annotation.GetMapping;
|
|
|
|
|
|
import org.springframework.web.bind.annotation.PostMapping;
|
2018-01-17 14:10:40 +08:00
|
|
|
|
import org.springframework.web.bind.annotation.RequestParam;
|
|
|
|
|
|
import org.springframework.web.bind.annotation.RestController;
|
|
|
|
|
|
import org.springframework.web.multipart.MultipartFile;
|
2022-07-25 17:26:02 +08:00
|
|
|
|
import org.springframework.web.util.HtmlUtils;
|
2018-01-17 14:10:40 +08:00
|
|
|
|
|
2022-07-25 17:26:02 +08:00
|
|
|
|
import java.io.File;
|
|
|
|
|
|
import java.io.IOException;
|
|
|
|
|
|
import java.io.InputStream;
|
|
|
|
|
|
import java.io.OutputStream;
|
2021-01-23 13:12:31 +08:00
|
|
|
|
import java.nio.charset.StandardCharsets;
|
2022-12-14 09:40:37 +08:00
|
|
|
|
import java.nio.file.Files;
|
|
|
|
|
|
import java.nio.file.Paths;
|
2023-01-17 22:56:51 +08:00
|
|
|
|
import java.util.*;
|
2018-01-17 14:10:40 +08:00
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @author yudian-it
|
2023-01-11 13:26:18 +08:00
|
|
|
|
* 2017/12/1
|
2018-01-17 14:10:40 +08:00
|
|
|
|
*/
|
|
|
|
|
|
@RestController
|
|
|
|
|
|
public class FileController {
|
2020-05-14 10:04:09 +08:00
|
|
|
|
|
|
|
|
|
|
private final Logger logger = LoggerFactory.getLogger(FileController.class);
|
|
|
|
|
|
|
2020-05-15 18:09:19 +08:00
|
|
|
|
private final String fileDir = ConfigConstants.getFileDir();
|
|
|
|
|
|
private final String demoDir = "demo";
|
|
|
|
|
|
private final String demoPath = demoDir + File.separator;
|
2023-01-17 22:56:51 +08:00
|
|
|
|
public static final String BASE64_DECODE_ERROR_MSG = "Base64解码失败,请检查你的 %s 是否采用 Base64 + urlEncode 双重编码了!";
|
2022-07-25 17:26:02 +08:00
|
|
|
|
@PostMapping("/fileUpload")
|
2022-12-14 09:40:37 +08:00
|
|
|
|
public ReturnResponse<Object> fileUpload(@RequestParam("file") MultipartFile file) {
|
2021-07-06 09:09:19 +08:00
|
|
|
|
if (ConfigConstants.getFileUploadDisable()) {
|
2022-07-25 18:33:22 +08:00
|
|
|
|
return ReturnResponse.failure("文件传接口已禁用");
|
2021-07-06 09:09:19 +08:00
|
|
|
|
}
|
2019-07-30 10:02:36 +08:00
|
|
|
|
// 获取文件名
|
2018-01-17 14:10:40 +08:00
|
|
|
|
String fileName = file.getOriginalFilename();
|
2019-07-30 10:02:36 +08:00
|
|
|
|
//判断是否为IE浏览器的文件名,IE浏览器下文件名会带有盘符信息
|
2022-07-25 17:26:02 +08:00
|
|
|
|
|
2021-01-16 04:32:41 +08:00
|
|
|
|
// escaping dangerous characters to prevent XSS
|
2022-07-25 17:26:02 +08:00
|
|
|
|
assert fileName != null;
|
2021-01-23 13:12:31 +08:00
|
|
|
|
fileName = HtmlUtils.htmlEscape(fileName, StandardCharsets.UTF_8.name());
|
|
|
|
|
|
|
2019-07-30 10:02:36 +08:00
|
|
|
|
// Check for Unix-style path
|
|
|
|
|
|
int unixSep = fileName.lastIndexOf('/');
|
|
|
|
|
|
// Check for Windows-style path
|
|
|
|
|
|
int winSep = fileName.lastIndexOf('\\');
|
|
|
|
|
|
// Cut off at latest possible point
|
2020-05-15 18:09:19 +08:00
|
|
|
|
int pos = (Math.max(winSep, unixSep));
|
2022-07-25 17:26:02 +08:00
|
|
|
|
if (pos != -1) {
|
2019-07-30 10:02:36 +08:00
|
|
|
|
fileName = fileName.substring(pos + 1);
|
|
|
|
|
|
}
|
2023-01-11 13:26:18 +08:00
|
|
|
|
String fileType= "";
|
|
|
|
|
|
int i = fileName.lastIndexOf('.');
|
|
|
|
|
|
if (i > 0) {
|
|
|
|
|
|
fileType= fileName.substring(i+1);
|
|
|
|
|
|
fileType= fileType.toLowerCase();
|
|
|
|
|
|
}
|
|
|
|
|
|
if (fileType.length() == 0 || fileType.equals("dll") || fileType.equals("exe") || fileType.equals("msi") ){
|
|
|
|
|
|
return ReturnResponse.failure(fileName+"不允许上传的文件");
|
|
|
|
|
|
}
|
2020-05-14 10:04:09 +08:00
|
|
|
|
// 判断是否存在同名文件
|
|
|
|
|
|
if (existsFile(fileName)) {
|
2022-07-25 18:33:22 +08:00
|
|
|
|
return ReturnResponse.failure("存在同名文件,请先删除原有文件再次上传");
|
2018-01-17 14:10:40 +08:00
|
|
|
|
}
|
|
|
|
|
|
File outFile = new File(fileDir + demoPath);
|
2020-12-27 01:43:50 +08:00
|
|
|
|
if (!outFile.exists() && !outFile.mkdirs()) {
|
2022-07-25 17:26:02 +08:00
|
|
|
|
logger.error("创建文件夹【{}】失败,请检查目录权限!", fileDir + demoPath);
|
2018-01-17 14:10:40 +08:00
|
|
|
|
}
|
2020-05-18 09:46:52 +08:00
|
|
|
|
logger.info("上传文件:{}", fileDir + demoPath + fileName);
|
2022-12-14 09:40:37 +08:00
|
|
|
|
try (InputStream in = file.getInputStream(); OutputStream out = Files.newOutputStream(Paths.get(fileDir + demoPath + fileName))) {
|
2020-05-15 18:09:19 +08:00
|
|
|
|
StreamUtils.copy(in, out);
|
2023-01-11 13:26:18 +08:00
|
|
|
|
in.close();
|
|
|
|
|
|
out.close();
|
2022-07-25 18:33:22 +08:00
|
|
|
|
return ReturnResponse.success(null);
|
2018-01-17 14:10:40 +08:00
|
|
|
|
} catch (IOException e) {
|
2020-05-14 10:04:09 +08:00
|
|
|
|
logger.error("文件上传失败", e);
|
2022-07-25 18:33:22 +08:00
|
|
|
|
return ReturnResponse.failure();
|
2018-01-17 14:10:40 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-07-25 17:26:02 +08:00
|
|
|
|
@GetMapping("/deleteFile")
|
2022-12-14 09:40:37 +08:00
|
|
|
|
public ReturnResponse<Object> deleteFile(String fileName) {
|
|
|
|
|
|
if (fileName == null || fileName.length() == 0) {
|
|
|
|
|
|
return ReturnResponse.failure("文件名为空,删除失败!");
|
|
|
|
|
|
}
|
|
|
|
|
|
try {
|
2023-01-17 22:56:51 +08:00
|
|
|
|
fileName = WebUtils.decodeUrl(fileName);
|
|
|
|
|
|
} catch (Exception ex) {
|
|
|
|
|
|
String errorMsg = String.format(BASE64_DECODE_ERROR_MSG, "url");
|
|
|
|
|
|
return ReturnResponse.failure(errorMsg+"删除失败!");
|
2022-12-14 09:40:37 +08:00
|
|
|
|
}
|
2018-01-17 14:10:40 +08:00
|
|
|
|
if (fileName.contains("/")) {
|
|
|
|
|
|
fileName = fileName.substring(fileName.lastIndexOf("/") + 1);
|
|
|
|
|
|
}
|
2022-07-25 18:33:22 +08:00
|
|
|
|
if (KkFileUtils.isIllegalFileName(fileName)) {
|
|
|
|
|
|
return ReturnResponse.failure("非法文件名,删除失败!");
|
|
|
|
|
|
}
|
2018-01-17 14:10:40 +08:00
|
|
|
|
File file = new File(fileDir + demoPath + fileName);
|
2020-05-14 10:04:09 +08:00
|
|
|
|
logger.info("删除文件:{}", file.getAbsolutePath());
|
2020-12-27 01:43:50 +08:00
|
|
|
|
if (file.exists() && !file.delete()) {
|
2022-07-25 18:33:22 +08:00
|
|
|
|
String msg = String.format("删除文件【%s】失败,请检查目录权限!", file.getPath());
|
|
|
|
|
|
logger.error(msg);
|
|
|
|
|
|
return ReturnResponse.failure(msg);
|
2018-01-17 14:10:40 +08:00
|
|
|
|
}
|
2022-07-25 18:33:22 +08:00
|
|
|
|
return ReturnResponse.success();
|
2018-01-17 14:10:40 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-07-25 17:26:02 +08:00
|
|
|
|
@GetMapping("/listFiles")
|
2022-12-14 09:40:37 +08:00
|
|
|
|
public List<Map<String, String>> getFiles() {
|
2020-12-26 01:52:52 +08:00
|
|
|
|
List<Map<String, String>> list = new ArrayList<>();
|
2018-01-17 14:10:40 +08:00
|
|
|
|
File file = new File(fileDir + demoPath);
|
|
|
|
|
|
if (file.exists()) {
|
2020-12-26 01:52:52 +08:00
|
|
|
|
Arrays.stream(Objects.requireNonNull(file.listFiles())).forEach(file1 -> {
|
2020-12-27 01:43:50 +08:00
|
|
|
|
Map<String, String> fileName = new HashMap<>();
|
2020-12-26 01:52:52 +08:00
|
|
|
|
fileName.put("fileName", demoDir + "/" + file1.getName());
|
|
|
|
|
|
list.add(fileName);
|
|
|
|
|
|
});
|
2018-01-17 14:10:40 +08:00
|
|
|
|
}
|
2022-07-25 18:33:22 +08:00
|
|
|
|
return list;
|
2018-01-17 14:10:40 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-05-14 10:04:09 +08:00
|
|
|
|
private boolean existsFile(String fileName) {
|
|
|
|
|
|
File file = new File(fileDir + demoPath + fileName);
|
2020-05-15 18:09:19 +08:00
|
|
|
|
return file.exists();
|
2018-01-17 14:10:40 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
