4 weeks ago · 106819ba5c
--- a/elevator-admin/src/main/java/com/inspur/idm/media/comm/AdminError.java
+++ b/elevator-admin/src/main/java/com/inspur/idm/media/comm/AdminError.java
@@ -16,6 +16,7 @@ public class AdminError extends AbstractCodeError {
 
				      */
			
 
				     public static final BaseCodeError MEDIA_CANNOT_SUBMIT = new BaseCodeError("MEDIA_CANNOT_SUBMIT", "media.status_cannot_submit");
			
 
				     public static final BaseCodeError FILE_UPLOAD_ERROR = new BaseCodeError("FILE_UPLOAD_ERROR", "file.upload_error");
			
 
				+    public static final BaseCodeError FILE_UPLOAD_ALLOW_ERROR = new BaseCodeError("FILE_UPLOAD_ALLOW_ERROR", "file.upload_allow_error");
			
 
				     public static final BaseCodeError ELEVATOR_BRAND_EXISTS = new BaseCodeError("ELEVATOR_BRAND_EXISTS", "elevator.brand_exists");
			
 
				 
			
 
				     public static final BaseCodeError PART_BRAND_EXISTS = new BaseCodeError("PART_BRAND_EXISTS", "part.brand_exists");
			
--- a/elevator-admin/src/main/java/com/inspur/idm/media/service/FileService.java
+++ b/elevator-admin/src/main/java/com/inspur/idm/media/service/FileService.java
@@ -14,6 +14,8 @@ import java.io.File;
 
				 import java.io.IOException;
			
 
				 import java.text.SimpleDateFormat;
			
 
				 import java.util.Date;
			
 
				+import java.util.Set;
			
 
				+import java.util.HashSet;
			
 
				 
			
 
				 @Service
			
 
				 @Slf4j
			
@@ -26,6 +28,25 @@ public class FileService {
 
				     @Autowired
			
 
				     private PubConfigService pubConfigService;
			
 
				 
			
 
				+    private final static Set<String> allowedSuffixSet = new HashSet<String>() {{
			
 
				+        add(".jpg");
			
 
				+        add(".jpeg");
			
 
				+        add(".png");
			
 
				+        add(".gif");
			
 
				+        add(".bmp");
			
 
				+        add(".doc");
			
 
				+        add(".docx");
			
 
				+        add(".xls");
			
 
				+        add(".xlsx");
			
 
				+        add(".ppt");
			
 
				+        add(".pptx");
			
 
				+        add(".pdf");
			
 
				+        add(".txt");
			
 
				+        add(".zip");
			
 
				+        add(".rar");
			
 
				+        add(".7z");
			
 
				+    }};
			
 
				+
			
 
				     /**
			
 
				      * 添加合同文件
			
 
				      * @param file
			
@@ -70,6 +91,10 @@ public class FileService {
 
				         String fileName = file.getOriginalFilename();
			
 
				         long fileSize = file.getSize();
			
 
				         String suffix = fileName.substring(fileName.lastIndexOf(".")).toLowerCase();
			
 
				+        // 检查文件后缀是否在允许范围内
			
 
				+        if (!allowedSuffixSet.contains(suffix)) {
			
 
				+            throw new CodeException(AdminError.FILE_UPLOAD_ALLOW_ERROR);
			
 
				+        }
			
 
				         String filePath;
			
 
				         if (CommConstant.FILE_TYPE_CONTRACT.equalsIgnoreCase(type)) {
			
 
				             filePath = CommConstant.PATH_CONTRACT;