fix: 后端对用户名进行文件夹合法性校验

2025-09-08 19:30:28 +08:00
parent 706bb8584d
commit 41bb159542
3 changed files with 72 additions and 2 deletions
--- a/app/models/ConfigBase.py
+++ b/app/models/ConfigBase.py
@@ -29,6 +29,7 @@ from typing import List, Any, Dict, Union, Optional


 from app.utils import dpapi_encrypt, dpapi_decrypt
+from app.utils.constants import RESERVED_NAMES, ILLEGAL_CHARS


 class ConfigValidator:
@@ -177,6 +178,46 @@ class FolderValidator(ConfigValidator):
        return Path(value).resolve().as_posix()


+class UserNameValidator(ConfigValidator):
+    """用户名验证器"""
+
+    def validate(self, value: Any) -> bool:
+        if not isinstance(value, str):
+            return False
+
+        if not value or not value.strip():
+            return False
+
+        if value != value.strip() or value != value.strip("."):
+            return False
+
+        if any(char in ILLEGAL_CHARS for char in value):
+            return False
+
+        if value.upper() in RESERVED_NAMES:
+            return False
+        if len(value) > 255:
+            return False
+
+        return True
+
+    def correct(self, value: Any) -> str:
+        if not isinstance(value, str):
+            value = "默认用户名"
+
+        value = value.strip().strip(".")
+
+        value = "".join(char for char in value if char not in ILLEGAL_CHARS)
+
+        if value.upper() in RESERVED_NAMES or not value:
+            value = "默认用户名"
+
+        if len(value) > 255:
+            value = value[:255]
+
+        return value
+
+
 class ConfigItem:
    """配置项"""