public/dataease
1
0
Fork 0
mirror of https://github.com/dataease/dataease.git synced 2026-06-12 16:31:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 任意文件上传/写

Browse Source
This commit is contained in:
tjlygdx
2026-06-10 11:21:27 +08:00
parent ed5ee3137f
commit 33d91a42ce
1 changed files with 24 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
core/core-backend/src/main/java/io/dataease/font/manage/FontManage.java
View File

@@ -37,6 +37,7 @@ import java.util.regex.Pattern;
public class FontManage {
private static final Pattern SAFE_FONT_FILE_NAME = Pattern.compile("^[A-Za-z0-9._-]+\\.ttf$", Pattern.CASE_INSENSITIVE);
private static final String TTF_EXTENSION = ".ttf";
@Value("${dataease.path.font:/opt/dataease2.0/data/font/}")
private String path;
@@ -164,18 +165,16 @@ public class FontManage {
try {
String filename = file.getOriginalFilename();
FileUtils.validateUploadFilename(filename);
if (StringUtils.isEmpty(filename) || !filename.toLowerCase().endsWith(".ttf")) {
if (StringUtils.isEmpty(filename) || !filename.toLowerCase().endsWith(TTF_EXTENSION)) {
DEException.throwException("非法格式的文件!");
}
String fileTransName = fileNameUUID + ".ttf";
UploadedFont uploadedFont = validateAndReadUploadedFont(file);
String fileTransName = fileNameUUID + TTF_EXTENSION;
Path filePath = resolveFontPath(fileTransName);
try (OutputStream fileOutputStream = Files.newOutputStream(filePath, StandardOpenOption.CREATE_NEW, StandardOpenOption.WRITE)) {
fileOutputStream.write(file.getBytes());
fileOutputStream.flush();
}
Files.write(filePath, uploadedFont.bytes(), StandardOpenOption.CREATE_NEW, StandardOpenOption.WRITE);
fontDto.setFileTransName(fileTransName);
long length = file.getSize();
long length = uploadedFont.bytes().length;
String unit = "MB";
Double size = 0.0;
if ((double) length / 1024 / 1024 > 1) {
@@ -189,16 +188,29 @@ public class FontManage {
unit = "KB";
size = Double.valueOf(String.format("%.2f", (double) length / 1024));
}
Font font = Font.createFont(Font.TRUETYPE_FONT, filePath.toFile());
fontDto.setSize(size);
fontDto.setSizeType(unit);
fontDto.setName(font.getFontName());
fontDto.setName(uploadedFont.font().getFontName());
} catch (Exception e) {
DEException.throwException(e);
}
return fontDto;
}
private UploadedFont validateAndReadUploadedFont(MultipartFile file) throws Exception {
byte[] fileBytes = file.getBytes();
if (fileBytes.length == 0) {
DEException.throwException("非法格式的文件!");
}
try (ByteArrayInputStream inputStream = new ByteArrayInputStream(fileBytes)) {
Font font = Font.createFont(Font.TRUETYPE_FONT, inputStream);
return new UploadedFont(fileBytes, font);
} catch (FontFormatException e) {
DEException.throwException("非法格式的文件!");
return null;
}
}
private void validateUploadedFont(String fileTransName) {
if (StringUtils.isEmpty(fileTransName)) {
return;
@@ -253,4 +265,7 @@ public class FontManage {
return StringUtils.isNotBlank(fileTransName) && SAFE_FONT_FILE_NAME.matcher(fileTransName).matches();
}
private record UploadedFont(byte[] bytes, Font font) {
}
}