zyh/game_server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 在公告请求中添加参数校验,确保跳转链接长度不超过5000字符,并在创建和更新公告时应用有效性检查

Browse Source
This commit is contained in:
yahaozhang
2025-10-11 16:41:53 +08:00
parent 314eecb211
commit 2abd585e89
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/java/com/gameplatform/server/controller/admin/AnnouncementController.java
View File

@@ -11,6 +11,7 @@ import io.jsonwebtoken.Claims;
import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.tags.Tag;
import javax.validation.Valid;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@@ -35,7 +36,7 @@ public class AnnouncementController {
@PostMapping @PostMapping
@Operation(summary = "创建公告", description = "创建新的系统公告belongId会自动从JWT token中获取") @Operation(summary = "创建公告", description = "创建新的系统公告belongId会自动从JWT token中获取")
public ResponseEntity<Object> createAnnouncement(@RequestBody AnnouncementRequest request, Authentication authentication) { public ResponseEntity<Object> createAnnouncement(@Valid @RequestBody AnnouncementRequest request, Authentication authentication) {
if (request.getTitle() == null || request.getTitle().trim().isEmpty()) { if (request.getTitle() == null || request.getTitle().trim().isEmpty()) {
return ResponseEntity.badRequest().body(new Object() { return ResponseEntity.badRequest().body(new Object() {
public final boolean success = false; public final boolean success = false;
@@ -161,7 +162,7 @@ public class AnnouncementController {
@Operation(summary = "更新公告", description = "更新指定ID的公告信息belongId会自动从JWT token中获取") @Operation(summary = "更新公告", description = "更新指定ID的公告信息belongId会自动从JWT token中获取")
public ResponseEntity<Object> updateAnnouncement( public ResponseEntity<Object> updateAnnouncement(
@Parameter(description = "公告ID", example = "1") @PathVariable Long id, @Parameter(description = "公告ID", example = "1") @PathVariable Long id,
@RequestBody AnnouncementRequest request, @Valid @RequestBody AnnouncementRequest request,
Authentication authentication) { Authentication authentication) {
// 检查公告是否存在 // 检查公告是否存在

4
src/main/java/com/gameplatform/server/model/dto/admin/AnnouncementRequest.java
View File

@@ -1,6 +1,7 @@
package com.gameplatform.server.model.dto.admin; package com.gameplatform.server.model.dto.admin;
import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.media.Schema;
import javax.validation.constraints.Size;
@Schema(description = "公告请求DTO") @Schema(description = "公告请求DTO")
public class AnnouncementRequest { public class AnnouncementRequest {
@@ -14,7 +15,8 @@ public class AnnouncementRequest {
@Schema(description = "是否启用", required = true, example = "true") @Schema(description = "是否启用", required = true, example = "true")
private Boolean enabled; private Boolean enabled;
@Schema(description = "跳转链接", example = "https://example.com") @Schema(description = "跳转链接最大5000字符", example = "https://example.com")
@Size(max = 5000, message = "跳转链接长度不能超过5000个字符")
private String jumpUrl; private String jumpUrl;
// belongId字段保留用于内部设置但不在API文档中暴露 // belongId字段保留用于内部设置但不在API文档中暴露