依赖
plugins {
id 'org.springframework.boot' version '2.5.3'
id 'io.spring.dependency-management' version '1.0.11.RELEASE'
id 'java'
}
group = 'com.stone'
version = '0.0.1-SNAPSHOT'
sourceCompatibility = '1.11'
repositories {
mavenLocal ( )
maven {
url 'https://maven.aliyun.com/repository/public/'
}
mavenCentral ( )
}
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-web:2.5.3'
compileOnly 'org.projectlombok:lombok:1.18.20'
annotationProcessor 'org.projectlombok:lombok:1.18.20'
implementation 'cn.hutool:hutool-all:5.7.7'
implementation 'org.springframework.boot:spring-boot-starter-validation:2.5.3'
testImplementation ( 'org.springframework.boot:spring-boot-starter-test:2.5.3' ) {
exclude group: 'org.junit.vintage' , module: 'junit-vintage-engine'
}
}
自定义验证注解 InspectFilePath.java
import com. stone. common. config. validator. InspectFilePathValidator;
import javax. validation. Constraint;
import javax. validation. Payload;
import java. lang. annotation. *;
@Target ( { ElementType. METHOD, ElementType. FIELD, ElementType. ANNOTATION_TYPE, ElementType. CONSTRUCTOR, ElementType. PARAMETER, ElementType. TYPE_USE} )
@Retention ( RetentionPolicy. RUNTIME)
@Documented
@Constraint ( validatedBy = InspectFilePathValidator. class )
public @interface InspectFilePath {
String message ( ) default "文件{param}禁止包含特殊符号:{toast}" ;
Class< ? > [ ] groups ( ) default { } ;
Class< ? extends Payload > [ ] payload ( ) default { } ;
boolean isFileName ( ) default false ;
}
自定义注解实现类 InspectFilePathValidator.java
import cn. hutool. core. util. StrUtil;
import com. stone. common. config. annotations. InspectFilePath;
import com. stone. common. utils. common. PreventFilePathAttacks;
import org. hibernate. validator. constraintvalidation. HibernateConstraintValidator;
import org. hibernate. validator. constraintvalidation. HibernateConstraintValidatorContext;
import org. hibernate. validator. constraintvalidation. HibernateConstraintValidatorInitializationContext;
import javax. validation. ConstraintValidatorContext;
import javax. validation. metadata. ConstraintDescriptor;
public class InspectFilePathValidator implements HibernateConstraintValidator < InspectFilePath, CharSequence> {
private boolean isFileName;
@Override
public void initialize ( ConstraintDescriptor< InspectFilePath> constraintDescriptor, HibernateConstraintValidatorInitializationContext initializationContext) {
isFileName = constraintDescriptor. getAnnotation ( ) . isFileName ( ) ;
}
@Override
public boolean isValid ( CharSequence value, ConstraintValidatorContext constraintValidatorContext) {
String toast;
if ( isFileName) {
toast = PreventFilePathAttacks. inspectFileName ( value. toString ( ) ) ;
if ( StrUtil. isNotBlank ( toast) ) {
constraintValidatorContext. unwrap ( HibernateConstraintValidatorContext. class ) . addMessageParameter ( "file" , "名称" ) . addMessageParameter ( "toast" , toast ) ;
return false ;
}
}
toast = PreventFilePathAttacks. inspectFilePath ( value. toString ( ) ) ;
if ( StrUtil. isNotBlank ( toast) ) {
constraintValidatorContext. unwrap ( HibernateConstraintValidatorContext. class ) . addMessageParameter ( "file" , "路径" ) . addMessageParameter ( "toast" , toast ) ;
return false ;
}
return true ;
}
}
注入校验对象
import org. hibernate. validator. HibernateValidator;
import org. springframework. context. annotation. Bean;
import org. springframework. context. annotation. Configuration;
import javax. validation. Validation;
import javax. validation. Validator;
@Configuration
public class ValidatorConfig {
@Bean
public Validator validator ( ) {
return Validation. byProvider ( HibernateValidator. class )
. configure ( )
. failFast ( true )
. buildValidatorFactory ( )
. getValidator ( ) ;
}
}
请求方法上添加验证注解@Validated
@GetMapping ( "/xxx" )
public void xxx ( @Validated XxxDTO xxxDTO) {
}
实体类增加验证
import com. stone. common. config. annotations. InspectFilePath;
import lombok. Data;
@Data
public class YsjlDeleteEnclosureImgDTO {
@InspectFilePath ( isFileName = true )
private String fileName;
private String id;
}