smartGeoinfoOriginal/src/main/java/egovframework/com/cmm/util/EgovFileUploadUtil.java

package egovframework.com.cmm.util;

import java.io.File;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

import javax.servlet.http.HttpServletRequest;

import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.multipart.MultipartHttpServletRequest;

/**
 * @Class Name  : EgovFileUploadUtil.java
 * @Description : Spring 기반 File Upload 유틸리티
 * @Modification Information
 *
 *   수정일                   수정자                수정내용
 *   ----------     --------     ---------------------------
 *   2009.08.26     한성곤               최초 생성
 *   2018.08.17     신용호               uploadFilesExt(확장자 기록) 추가
 *
 * @author 공통컴포넌트 개발팀 한성곤
 * @since 2009.08.26
 * @version 1.0
 * @see
 */
public class EgovFileUploadUtil extends EgovFormBasedFileUtil {
	/**
	 * 파일을 Upload 처리한다.
	 *
	 * @param request
	 * @param where
	 * @param maxFileSize
	 * @return
	 * @throws Exception
	 */
	public static List<EgovFormBasedFileVo> uploadFiles(HttpServletRequest request, String where, long maxFileSize) throws Exception {
		List<EgovFormBasedFileVo> list = new ArrayList<EgovFormBasedFileVo>();

		MultipartHttpServletRequest mptRequest = (MultipartHttpServletRequest) request;
		Iterator<?> fileIter = mptRequest.getFileNames();

		while (fileIter.hasNext()) {
			MultipartFile mFile = mptRequest.getFile((String) fileIter.next());

			EgovFormBasedFileVo vo = new EgovFormBasedFileVo();

			String tmp = mFile.getOriginalFilename();

			if (tmp.lastIndexOf("\\") >= 0) {
				tmp = tmp.substring(tmp.lastIndexOf("\\") + 1);
			}

			vo.setFileName(tmp);
			vo.setContentType(mFile.getContentType());
			vo.setServerSubPath(getTodayString());
			vo.setPhysicalName(getPhysicalFileName());
			vo.setSize(mFile.getSize());

			if (tmp.lastIndexOf(".") >= 0) {
				vo.setPhysicalName(vo.getPhysicalName()); // 2012.11 KISA 보안조치
			}

			if (mFile.getSize() > 0) {
				InputStream is = null;

				try {
					is = mFile.getInputStream();
					saveFile(is, new File(EgovWebUtil.filePathBlackList(where + SEPERATOR + vo.getServerSubPath() + SEPERATOR + vo.getPhysicalName())));
				} finally {
					if (is != null) {
						is.close();
					}
				}
				list.add(vo);
			}
		}

		return list;
	}

	/**
	 * 파일을 Upload(확장명 저장 및 확장자 제한) 처리한다.
	 *
	 * @param request
	 * @param where
	 * @param maxFileSize
	 * @return
	 * @throws Exception
	 */
	public static List<EgovFormBasedFileVo> uploadFilesExt(HttpServletRequest request, String where, long maxFileSize, String extensionWhiteList) throws Exception {
		List<EgovFormBasedFileVo> list = new ArrayList<EgovFormBasedFileVo>();

		MultipartHttpServletRequest mptRequest = (MultipartHttpServletRequest) request;
		Iterator<?> fileIter = mptRequest.getFileNames();

		while (fileIter.hasNext()) {
			List<MultipartFile> mFiles = mptRequest.getFiles((String) fileIter.next());
			for(MultipartFile mFile : mFiles) {
				EgovFormBasedFileVo vo = new EgovFormBasedFileVo();

				String uploadName = mFile.getName();
				String tmp = mFile.getOriginalFilename();
				if("".equals(tmp) || tmp == null) continue;	//파일 이름이 없으면 패스

				if (tmp.lastIndexOf("\\") >= 0) {
					tmp = tmp.substring(tmp.lastIndexOf("\\") + 1);
				}
				String ext = "";
				if ( tmp.lastIndexOf(".") > 0 )
					ext = getFileExtension(tmp).toLowerCase();
				else
					throw new SecurityException("Unacceptable file extension."); // 허용되지 않는 확장자 처리
				if ( extensionWhiteList.indexOf(ext) < 0 )
					throw new SecurityException("Unacceptable file extension."); // 허용되지 않는 확장자 처리

				vo.setFileUploadName(uploadName);
				vo.setFileName(tmp);
				vo.setContentType(mFile.getContentType());
				vo.setServerSubPath(getTodayString());
				vo.setPhysicalName(getPhysicalFileName()+"_"+tmp);	//기존 파일명 저장 방식으로 인하여 원본 파일명 추가
				vo.setSize(mFile.getSize());

				if (tmp.lastIndexOf(".") >= 0) {
					vo.setPhysicalName(vo.getPhysicalName()); // 2012.11 KISA 보안조치
				}

				if (mFile.getSize() > 0) {
					InputStream is = null;

					try {
						is = mFile.getInputStream();
						saveFile(is, new File(EgovWebUtil.filePathBlackList(where + SEPERATOR + vo.getPhysicalName())));
					} finally {
						if (is != null) {
							is.close();
						}
					}
					list.add(vo);
				}
			}
		}

		return list;
	}

	/**
	 * 파일 확장자를 추출한다.
	 *
	 * @param fileNamePath
	 * @return
	 */
	public static String getFileExtension(String fileNamePath) {

		String ext = fileNamePath.substring(fileNamePath.lastIndexOf(".") + 1,fileNamePath.length());

		return (ext == null) ? "" : ext;
	}
}