上传图片时增加图片有效性校验

a29bca25 · huangcb · e08a5d78 · a29bca25 · a29bca25 · a29bca25
Commit a29bca25 authored Jun 10, 2020 by huangcb
5 changed files
--- a/pom.xml
+++ b/pom.xml
@@ -21,7 +21,7 @@
        <spring-cloud.version>Greenwich.SR1</spring-cloud.version>
        <alibaba-nacos-discovery.version>2.1.1.RELEASE</alibaba-nacos-discovery.version>
        <alibaba-nacos-config.version>2.1.1.RELEASE</alibaba-nacos-config.version>
-        <alibaba-fastjson.version>1.2.62</alibaba-fastjson.version>
+        <alibaba-fastjson.version>1.2.70</alibaba-fastjson.version>
        <alibaba-druid.version>1.1.22</alibaba-druid.version>
        <apache-commons-lang3.version>3.7</apache-commons-lang3.version>
        <mybatisplus.version>3.3.1</mybatisplus.version>

--- a/src/main/java/com/esv/freight/file/common/util/FileUtils.java
+++ b/src/main/java/com/esv/freight/file/common/util/FileUtils.java
+package com.esv.freight.file.common.util;
+
+import javax.imageio.ImageIO;
+import java.awt.image.BufferedImage;
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * @description: 文件工具类
+ * @project: freight-file-service
+ * @name: com.esv.freight.file.common.util.FileUtils
+ * @author: 黄朝斌
+ * @email: huangchaobin@esvtek.com
+ * @createTime: 2020/06/10 11:14
+ * @version:1.0
+ */
+public class FileUtils {
+
+    /**
+     * description 校验是否有效图片
+     * param [input]
+     * return boolean
+     * author HuangChaobin
+     * createTime 2020/06/10 11:29
+     **/
+    public static boolean isValidImage(InputStream input) {
+        boolean isValid = false;
+        BufferedImage bufferedImage;
+        try {
+            bufferedImage = ImageIO.read(input);
+        } catch (IOException e) {
+            return isValid;
+        }
+        if (null == bufferedImage) {
+            isValid = false;
+        } else {
+            isValid = true;
+        }
+        return isValid;
+    }
+
+    /**
+     * description 校验是否有效图片
+     * param [bytes]
+     * return boolean
+     * author HuangChaobin
+     * createTime 2020/06/10 11:30
+     **/
+    public static boolean isValidImage(byte[] bytes) {
+        return isValidImage(new ByteArrayInputStream(bytes));
+    }
+
+    /**
+     * description 校验是否有效图片
+     * param [file]
+     * return boolean
+     * author HuangChaobin
+     * createTime 2020/06/10 11:39
+     **/
+    public static boolean isValidImage(File file) {
+        InputStream inputStream;
+        try {
+            inputStream = org.apache.commons.io.FileUtils.openInputStream(file);
+        } catch (IOException e) {
+            return false;
+        }
+        return isValidImage(inputStream);
+    }
+
+}
--- a/src/main/java/com/esv/freight/file/module/file/service/impl/FileServiceImpl.java
+++ b/src/main/java/com/esv/freight/file/module/file/service/impl/FileServiceImpl.java
@@ -2,6 +2,7 @@ package com.esv.freight.file.module.file.service.impl;

 import com.alibaba.fastjson.JSONObject;
 import com.esv.freight.file.common.exception.EException;
+import com.esv.freight.file.common.util.FileUtils;
 import com.esv.freight.file.module.file.form.FileForm;
 import com.esv.freight.file.module.file.service.FileService;
 import lombok.extern.slf4j.Slf4j;
@@ -56,6 +57,11 @@ public class FileServiceImpl implements FileService {
        if (fileMaxSize < bytes.length) {
            throw new EException(1002, "文件大小不能超过["+fileRegSize+"MB]");
        }
+
+        // 校验是否有效图片
+        if ("image".equals(fileType) && !FileUtils.isValidImage(bytes)) {
+            throw new EException(1001, "不是有效图片");
+        }
    }

    @Override

--- a/src/test/java/com/esv/freight/file/common/util/FileUtilsTest.java
+++ b/src/test/java/com/esv/freight/file/common/util/FileUtilsTest.java
+package com.esv.freight.file.common.util;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.io.FileUtils;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+
+import javax.imageio.ImageIO;
+import java.awt.image.BufferedImage;
+import java.io.File;
+import java.io.IOException;
+
+/**
+ * @description:
+ * @project: freight-file-service
+ * @name: com.esv.freight.file.common.util.FileUtilsTest
+ * @author: 黄朝斌
+ * @email: huangchaobin@esvtek.com
+ * @createTime: 2020/06/10 11:14
+ * @version:1.0
+ */
+@SpringBootTest
+@Slf4j
+public class FileUtilsTest {
+
+    private static Long TEST_START_TIME;
+    private static Long TEST_END_TIME;
+
+    @Before
+    public void before() {
+        log.info("=================================== Test Start ===================================");
+        TEST_START_TIME = System.currentTimeMillis();
+    }
+
+    @After
+    public void after() {
+        TEST_END_TIME = System.currentTimeMillis();
+        log.info("Test耗时：" + (TEST_END_TIME - TEST_START_TIME) + "毫秒");
+        log.info("=================================== Test End ===================================");
+    }
+
+    @Test
+    public void isValidImageTest() throws IOException {
+        File file1 = FileUtils.getFile("D:\\test\\路上跑-签名.PNG");
+        File file2 = FileUtils.getFile("D:\\test\\test.txt");
+
+        BufferedImage bufferedImage = ImageIO.read(file1);
+        if (null == bufferedImage) {
+            log.info("file1不是有效图片文件");
+        } else {
+            log.info("file1是有效图片文件");
+        }
+
+        bufferedImage = ImageIO.read(file2);
+        if (null == bufferedImage) {
+            log.info("file2不是有效图片文件");
+        } else {
+            log.info("file2是有效图片文件");
+        }
+    }
+}
--- a/src/test/java/com/esv/freight/file/module/file/controller/UploadControllerTest.java
+++ b/src/test/java/com/esv/freight/file/module/file/controller/UploadControllerTest.java
@@ -4,6 +4,7 @@ import com.alibaba.fastjson.JSONObject;
 import com.esv.freight.file.BaseTestController;
 import com.esv.freight.file.common.response.ECode;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
 import org.junit.Assert;
 import org.junit.FixMethodOrder;
@@ -182,6 +183,32 @@ public class UploadControllerTest extends BaseTestController {
        Assert.assertEquals(1002, result.getIntValue("code"));
    }

+    @Test
+    public void b3_uploadSingleFile_inValid_image_error_test() throws Exception {
+        String url = "/upload/single";
+        JSONObject reqJson = new JSONObject();
+
+        // 构造数据
+        String filepath = "D:\\test\\test.txt";
+        File file = new File(filepath);
+        reqJson.put("fileType", "image");
+        reqJson.put("fileData", Base64.getEncoder().encodeToString(IOUtils.toByteArray(FileUtils.openInputStream(file))));
+        reqJson.put("fileName", "1366x768_107480_8.jpg");
+
+        MvcResult mvcResult = this.getMockMvc().perform(MockMvcRequestBuilders.post(url)
+                .contentType(MediaType.APPLICATION_JSON_UTF8_VALUE)
+                .content(reqJson.toJSONString()))
+                .andDo(MockMvcResultHandlers.print())
+                .andExpect(MockMvcResultMatchers.status().isOk())
+                .andReturn();
+
+        String responseStr = mvcResult.getResponse().getContentAsString();
+        log.info(responseStr);
+
+        JSONObject result = JSONObject.parseObject(responseStr);
+        Assert.assertEquals(1001, result.getIntValue("code"));
+    }
+
    @Test
    public void c1_directDownload_success_test() throws Exception {
        String[] datas = fileUrl.split("direct");