test-version22
/
MeterSphere
mirror of https://gitee.com/fit2cloud-feizhiyun/MeterSphere.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix(测试跟踪): 用例缺陷附件上传类型添加校验

This commit is contained in:
song-cc-rock 2023-06-26 14:42:28 +08:00 committed by f2c-ci-robot[bot]
parent 978ed0281e
commit 76229a322e
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
test-track/backend/src/main/java/io/metersphere/controller/AttachmentController.java
View File

@ -4,6 +4,9 @@ import io.metersphere.base.domain.FileAttachmentMetadata;
import io.metersphere.commons.constants.OperLogConstants; import io.metersphere.commons.constants.OperLogConstants;
import io.metersphere.commons.constants.OperLogModule; import io.metersphere.commons.constants.OperLogModule;
import io.metersphere.commons.constants.PermissionConstants; import io.metersphere.commons.constants.PermissionConstants;
import io.metersphere.commons.exception.MSException;
import io.metersphere.constants.AttachmentType;
import io.metersphere.i18n.Translator;
import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.log.annotation.MsAuditLog;
import io.metersphere.metadata.service.FileMetadataService; import io.metersphere.metadata.service.FileMetadataService;
import io.metersphere.request.attachment.AttachmentDumpRequest; import io.metersphere.request.attachment.AttachmentDumpRequest;
@ -97,6 +100,9 @@ public class AttachmentController {
@MsAuditLog(module = OperLogModule.TRACK_TEST_CASE, type = OperLogConstants.UPDATE, content = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds, true)", msClass = AttachmentService.class) @MsAuditLog(module = OperLogModule.TRACK_TEST_CASE, type = OperLogConstants.UPDATE, content = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds, true)", msClass = AttachmentService.class)
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_CASE_READ_EDIT) @RequiresPermissions(PermissionConstants.PROJECT_TRACK_CASE_READ_EDIT)
public void caseRelate(@RequestBody AttachmentRequest request) { public void caseRelate(@RequestBody AttachmentRequest request) {
if (!AttachmentType.TEST_CASE.type().equals(request.getBelongType())) {
MSException.throwException(Translator.get("invalid_parameter"));
}
attachmentService.relate(request); attachmentService.relate(request);
} }
@ -104,6 +110,9 @@ public class AttachmentController {
@MsAuditLog(module = OperLogModule.TRACK_BUG, type = OperLogConstants.UPDATE, content = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds, true)", msClass = AttachmentService.class) @MsAuditLog(module = OperLogModule.TRACK_BUG, type = OperLogConstants.UPDATE, content = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds, true)", msClass = AttachmentService.class)
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_ISSUE_READ_EDIT) @RequiresPermissions(PermissionConstants.PROJECT_TRACK_ISSUE_READ_EDIT)
public void issueRelate(@RequestBody AttachmentRequest request) { public void issueRelate(@RequestBody AttachmentRequest request) {
if (!AttachmentType.ISSUE.type().equals(request.getBelongType())) {
MSException.throwException(Translator.get("invalid_parameter"));
}
attachmentService.relate(request); attachmentService.relate(request);
} }
@ -111,6 +120,9 @@ public class AttachmentController {
@MsAuditLog(module = OperLogModule.TRACK_TEST_CASE, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds)", msClass = AttachmentService.class) @MsAuditLog(module = OperLogModule.TRACK_TEST_CASE, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds)", msClass = AttachmentService.class)
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_CASE_READ_EDIT) @RequiresPermissions(PermissionConstants.PROJECT_TRACK_CASE_READ_EDIT)
public void caseUnrelated(@RequestBody AttachmentRequest request) { public void caseUnrelated(@RequestBody AttachmentRequest request) {
if (!AttachmentType.TEST_CASE.type().equals(request.getBelongType())) {
MSException.throwException(Translator.get("invalid_parameter"));
}
attachmentService.unrelated(request); attachmentService.unrelated(request);
} }
@ -118,6 +130,9 @@ public class AttachmentController {
@MsAuditLog(module = OperLogModule.TRACK_BUG, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds)", msClass = AttachmentService.class) @MsAuditLog(module = OperLogModule.TRACK_BUG, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.belongId, #request.belongType, #request.metadataRefIds)", msClass = AttachmentService.class)
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_ISSUE_READ_EDIT) @RequiresPermissions(PermissionConstants.PROJECT_TRACK_ISSUE_READ_EDIT)
public void issueUnrelated(@RequestBody AttachmentRequest request) { public void issueUnrelated(@RequestBody AttachmentRequest request) {
if (!AttachmentType.ISSUE.type().equals(request.getBelongType())) {
MSException.throwException(Translator.get("invalid_parameter"));
}
attachmentService.unrelated(request); attachmentService.unrelated(request);
} }

5
test-track/backend/src/main/java/io/metersphere/service/AttachmentService.java
View File

@ -87,6 +87,8 @@ public class AttachmentService {
if (testCase == null) { if (testCase == null) {
MSException.throwException(Translator.get("test_case_attachment_upload_not_found") + request.getBelongId()); MSException.throwException(Translator.get("test_case_attachment_upload_not_found") + request.getBelongId());
} }
} else {
MSException.throwException(Translator.get("invalid_parameter"));
} }
// 上传MS平台 // 上传MS平台
@ -451,6 +453,9 @@ public class AttachmentService {
} }
public FileAttachmentMetadata saveAttachment(MultipartFile file, String attachmentType, String belongId) { public FileAttachmentMetadata saveAttachment(MultipartFile file, String attachmentType, String belongId) {
if (attachmentType.contains("/") || belongId.contains("/")) {
MSException.throwException(Translator.get("invalid_parameter"));
}
String uploadPath = FileUtils.ATTACHMENT_DIR + "/" + attachmentType + "/" + belongId; String uploadPath = FileUtils.ATTACHMENT_DIR + "/" + attachmentType + "/" + belongId;
FileUtils.uploadFile(file, uploadPath); FileUtils.uploadFile(file, uploadPath);
final FileAttachmentMetadata fileAttachmentMetadata = new FileAttachmentMetadata(); final FileAttachmentMetadata fileAttachmentMetadata = new FileAttachmentMetadata();