@nest-omni/core 4.1.3-11 → 4.1.3-12

package/file-upload/providers/s3-storage.provider.js

@@ -0,0 +1,455 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var S3StorageProvider_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.S3StorageProvider = void 0;
+const common_1 = require("@nestjs/common");
+const dynamic_import_util_1 = require("../utils/dynamic-import.util");
+/**
+ * AWS S3 存储提供者
+ * 使用动态导入，只在实际使用时加载 AWS SDK
+ */
+let S3StorageProvider = S3StorageProvider_1 = class S3StorageProvider {
+    constructor(options) {
+        this.options = options;
+        this.name = 's3';
+        this.logger = new common_1.Logger(S3StorageProvider_1.name);
+        this.initialized = false;
+    }
+    /**
+     * 初始化存储配置
+     * 动态导入 AWS S3 SDK
+     */
+    initialize() {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.initialized) {
+                return;
+            }
+            try {
+                // 动态导入 AWS S3 SDK
+                const { S3Client, PutObjectCommand, GetObjectCommand, DeleteObjectCommand, DeleteObjectsCommand, HeadObjectCommand, CopyObjectCommand, ListObjectsV2Command, getSignedUrl, } = yield dynamic_import_util_1.DynamicImportUtil.importAwsS3Sdk();
+                this.S3Commands = {
+                    PutObjectCommand,
+                    GetObjectCommand,
+                    DeleteObjectCommand,
+                    DeleteObjectsCommand,
+                    HeadObjectCommand,
+                    CopyObjectCommand,
+                    ListObjectsV2Command,
+                };
+                this.s3GetSignedUrl = getSignedUrl;
+                // 创建 S3 客户端
+                const clientConfig = {
+                    region: this.options.region,
+                    credentials: {
+                        accessKeyId: this.options.accessKeyId,
+                        secretAccessKey: this.options.secretAccessKey,
+                    },
+                };
+                // 自定义端点（用于 MinIO 或其他 S3 兼容服务）
+                if (this.options.endpoint) {
+                    clientConfig.endpoint = this.options.endpoint;
+                }
+                // 强制路径样式访问（某些 S3 兼容服务需要）
+                if (this.options.forcePathStyle) {
+                    clientConfig.forcePathStyle = true;
+                }
+                this.s3Client = new S3Client(clientConfig);
+                this.initialized = true;
+                this.logger.log(`S3 storage initialized: bucket=${this.options.bucket}, region=${this.options.region}`);
+            }
+            catch (error) {
+                this.logger.error('Failed to initialize S3 storage', error);
+                throw error;
+            }
+        });
+    }
+    /**
+     * 上传文件
+     */
+    upload(file, options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.ensureInitialized();
+            const key = this.generateKey(file, options);
+            const command = new this.S3Commands.PutObjectCommand({
+                Bucket: this.options.bucket,
+                Key: key,
+                Body: file.buffer,
+                ContentType: file.mimeType,
+                Metadata: options.metadata || {},
+                ACL: options.acl || this.options.acl,
+                ServerSideEncryption: this.options.serverSideEncryption,
+                StorageClass: this.options.storageClass,
+            });
+            const response = yield this.s3Client.send(command);
+            const url = this.getFileUrl(key);
+            return {
+                key,
+                url,
+                etag: response.ETag,
+                versionId: response.VersionId,
+                size: file.size,
+                uploadedAt: new Date(),
+                metadata: {
+                    originalName: file.originalName,
+                    mimeType: file.mimeType,
+                    bucket: this.options.bucket,
+                },
+            };
+        });
+    }
+    /**
+     * 下载文件
+     */
+    download(key) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            yield this.ensureInitialized();
+            const command = new this.S3Commands.GetObjectCommand({
+                Bucket: this.options.bucket,
+                Key: key,
+            });
+            const response = yield this.s3Client.send(command);
+            // 将流转换为 Buffer
+            const buffer = yield this.streamToBuffer(response.Body);
+            return {
+                buffer,
+                size: buffer.length,
+                mimeType: response.ContentType || 'application/octet-stream',
+                originalName: key.split('/').pop() || key,
+                hash: (_a = response.ETag) === null || _a === void 0 ? void 0 : _a.replace(/"/g, ''),
+            };
+        });
+    }
+    /**
+     * 删除文件
+     */
+    delete(key) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.ensureInitialized();
+            const command = new this.S3Commands.DeleteObjectCommand({
+                Bucket: this.options.bucket,
+                Key: key,
+            });
+            yield this.s3Client.send(command);
+            this.logger.log(`File deleted from S3: ${key}`);
+        });
+    }
+    /**
+     * 批量删除
+     */
+    deleteBatch(keys) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b;
+            yield this.ensureInitialized();
+            const command = new this.S3Commands.DeleteObjectsCommand({
+                Bucket: this.options.bucket,
+                Delete: {
+                    Objects: keys.map((key) => ({ Key: key })),
+                    Quiet: false,
+                },
+            });
+            const response = yield this.s3Client.send(command);
+            const deleted = ((_a = response.Deleted) === null || _a === void 0 ? void 0 : _a.map((item) => item.Key)) || [];
+            const failed = ((_b = response.Errors) === null || _b === void 0 ? void 0 : _b.map((item) => ({
+                path: item.Key,
+                error: item.Message,
+            }))) || [];
+            return {
+                deleted,
+                failed,
+                total: keys.length,
+            };
+        });
+    }
+    /**
+     * 检查文件是否存在
+     */
+    exists(key) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            yield this.ensureInitialized();
+            try {
+                const command = new this.S3Commands.HeadObjectCommand({
+                    Bucket: this.options.bucket,
+                    Key: key,
+                });
+                yield this.s3Client.send(command);
+                return true;
+            }
+            catch (error) {
+                if (error.name === 'NotFound' ||
+                    ((_a = error.$metadata) === null || _a === void 0 ? void 0 : _a.httpStatusCode) === 404) {
+                    return false;
+                }
+                throw error;
+            }
+        });
+    }
+    /**
+     * 获取文件元数据
+     */
+    getMetadata(key) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            yield this.ensureInitialized();
+            const command = new this.S3Commands.HeadObjectCommand({
+                Bucket: this.options.bucket,
+                Key: key,
+            });
+            const response = yield this.s3Client.send(command);
+            return {
+                size: response.ContentLength || 0,
+                mimeType: response.ContentType || 'application/octet-stream',
+                lastModified: response.LastModified || new Date(),
+                etag: (_a = response.ETag) === null || _a === void 0 ? void 0 : _a.replace(/"/g, ''),
+                metadata: response.Metadata,
+            };
+        });
+    }
+    /**
+     * 获取预签名URL（下载）
+     */
+    getSignedUrl(key_1) {
+        return __awaiter(this, arguments, void 0, function* (key, expiresIn = 3600) {
+            yield this.ensureInitialized();
+            const command = new this.S3Commands.GetObjectCommand({
+                Bucket: this.options.bucket,
+                Key: key,
+            });
+            return yield this.s3GetSignedUrl(this.s3Client, command, { expiresIn });
+        });
+    }
+    /**
+     * 获取预签名上传URL
+     */
+    getSignedUploadUrl(key_1) {
+        return __awaiter(this, arguments, void 0, function* (key, expiresIn = 3600, contentType) {
+            yield this.ensureInitialized();
+            const command = new this.S3Commands.PutObjectCommand({
+                Bucket: this.options.bucket,
+                Key: key,
+                ContentType: contentType,
+            });
+            const url = yield this.s3GetSignedUrl(this.s3Client, command, {
+                expiresIn,
+            });
+            return {
+                url,
+                method: 'PUT',
+                headers: contentType ? { 'Content-Type': contentType } : {},
+                expiresAt: new Date(Date.now() + expiresIn * 1000),
+            };
+        });
+    }
+    /**
+     * 复制文件
+     */
+    copy(sourceKey, destinationKey) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b;
+            yield this.ensureInitialized();
+            const command = new this.S3Commands.CopyObjectCommand({
+                Bucket: this.options.bucket,
+                CopySource: `${this.options.bucket}/${sourceKey}`,
+                Key: destinationKey,
+            });
+            const response = yield this.s3Client.send(command);
+            // 获取目标文件元数据
+            const metadata = yield this.getMetadata(destinationKey);
+            return {
+                destinationPath: destinationKey,
+                size: metadata.size,
+                copiedAt: new Date(),
+                etag: (_b = (_a = response.CopyObjectResult) === null || _a === void 0 ? void 0 : _a.ETag) === null || _b === void 0 ? void 0 : _b.replace(/"/g, ''),
+            };
+        });
+    }
+    /**
+     * 移动文件（复制后删除）
+     */
+    move(sourceKey, destinationKey) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.ensureInitialized();
+            // 先复制
+            const copyResult = yield this.copy(sourceKey, destinationKey);
+            // 再删除源文件
+            yield this.delete(sourceKey);
+            return {
+                destinationPath: destinationKey,
+                size: copyResult.size,
+                movedAt: new Date(),
+                etag: copyResult.etag,
+            };
+        });
+    }
+    /**
+     * 列出文件
+     */
+    list(prefix_1) {
+        return __awaiter(this, arguments, void 0, function* (prefix, limit = 1000) {
+            var _a;
+            yield this.ensureInitialized();
+            const command = new this.S3Commands.ListObjectsV2Command({
+                Bucket: this.options.bucket,
+                Prefix: prefix,
+                MaxKeys: limit,
+            });
+            const response = yield this.s3Client.send(command);
+            const files = ((_a = response.Contents) === null || _a === void 0 ? void 0 : _a.map((item) => {
+                var _a;
+                return ({
+                    key: item.Key,
+                    size: item.Size,
+                    lastModified: item.LastModified,
+                    etag: (_a = item.ETag) === null || _a === void 0 ? void 0 : _a.replace(/"/g, ''),
+                });
+            })) || [];
+            return {
+                files,
+                hasMore: response.IsTruncated || false,
+                nextMarker: response.NextContinuationToken,
+                totalCount: response.KeyCount,
+            };
+        });
+    }
+    /**
+     * 健康检查
+     */
+    healthCheck() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const startTime = Date.now();
+            try {
+                yield this.ensureInitialized();
+                // 尝试列出存储桶中的对象
+                const command = new this.S3Commands.ListObjectsV2Command({
+                    Bucket: this.options.bucket,
+                    MaxKeys: 1,
+                });
+                yield this.s3Client.send(command);
+                return {
+                    healthy: true,
+                    responseTime: Date.now() - startTime,
+                    details: {
+                        bucket: this.options.bucket,
+                        region: this.options.region,
+                        accessible: true,
+                    },
+                };
+            }
+            catch (error) {
+                return {
+                    healthy: false,
+                    responseTime: Date.now() - startTime,
+                    error: error.message,
+                    details: {
+                        bucket: this.options.bucket,
+                        region: this.options.region,
+                        accessible: false,
+                    },
+                };
+            }
+        });
+    }
+    /**
+     * 生成文件 Key
+     */
+    generateKey(file, options) {
+        const timestamp = Date.now();
+        const random = Math.random().toString(36).substring(2, 8);
+        const ext = file.originalName.split('.').pop();
+        let filename;
+        if (options.filename) {
+            filename = options.filename;
+        }
+        else {
+            filename = `${timestamp}-${random}.${ext}`;
+        }
+        // 添加路径前缀
+        if (options.path) {
+            return `${options.path}/${filename}`;
+        }
+        return filename;
+    }
+    /**
+     * 获取文件访问 URL
+     */
+    getFileUrl(key) {
+        // 如果启用了 CDN
+        if (this.options.cdnEnabled && this.options.cdnDomain) {
+            return `https://${this.options.cdnDomain}/${key}`;
+        }
+        // 标准 S3 URL
+        if (this.options.forcePathStyle || this.options.endpoint) {
+            return `${this.options.endpoint || `https://s3.${this.options.region}.amazonaws.com`}/${this.options.bucket}/${key}`;
+        }
+        // 虚拟主机样式
+        return `https://${this.options.bucket}.s3.${this.options.region}.amazonaws.com/${key}`;
+    }
+    /**
+     * 将流转换为 Buffer（带超时和大小限制）
+     */
+    streamToBuffer(stream) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return new Promise((resolve, reject) => {
+                const chunks = [];
+                const MAX_SIZE = 100 * 1024 * 1024; // 100MB
+                const TIMEOUT = 30000; // 30s
+                let totalSize = 0;
+                const timeout = setTimeout(() => {
+                    stream.destroy();
+                    reject(new Error('Stream timeout after 30s'));
+                }, TIMEOUT);
+                stream.on('data', (chunk) => {
+                    chunks.push(chunk);
+                    totalSize += chunk.length;
+                    if (totalSize > MAX_SIZE) {
+                        stream.destroy();
+                        clearTimeout(timeout);
+                        reject(new Error(`Stream exceeds maximum size: ${MAX_SIZE} bytes`));
+                    }
+                });
+                stream.on('error', (err) => {
+                    clearTimeout(timeout);
+                    reject(err);
+                });
+                stream.on('end', () => {
+                    clearTimeout(timeout);
+                    resolve(Buffer.concat(chunks));
+                });
+            });
+        });
+    }
+    /**
+     * 确保已初始化
+     */
+    ensureInitialized() {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!this.initialized) {
+                yield this.initialize();
+            }
+        });
+    }
+};
+exports.S3StorageProvider = S3StorageProvider;
+exports.S3StorageProvider = S3StorageProvider = S3StorageProvider_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [Object])
+], S3StorageProvider);

package/file-upload/services/file-signature-validator.service.d.ts

@@ -0,0 +1,118 @@
+import { CustomFileTypes, FileSignature } from '../interfaces/custom-file-type.interface';
+import { MimeRegistryService } from './mime-registry.service';
+/**
+ * 检测到的文件类型
+ */
+export interface DetectedType {
+    /** 类型名称 */
+    type: string;
+    /** 签名 */
+    signature: FileSignature;
+    /** 置信度 0-1 */
+    confidence: number;
+    /** 是否为自定义类型 */
+    isCustom?: boolean;
+}
+/**
+ * 文件完整性检查结果
+ */
+export interface IntegrityResult {
+    /** 是否完整 */
+    valid: boolean;
+    /** 错误列表 */
+    errors: string[];
+}
+/**
+ * 签名验证选项
+ */
+export interface SignatureValidationOptions {
+    /** 读取的最大字节数 */
+    maxReadBytes?: number;
+    /** 是否严格验证 */
+    strict?: boolean;
+    /** 容差范围 */
+    tolerance?: number;
+}
+/**
+ * 验证结果
+ */
+export interface ValidationResult {
+    /** 验证是否通过 */
+    valid: boolean;
+    /** 检测到的类型 */
+    detectedTypes: DetectedType[];
+    /** 期望的类型 */
+    expectedTypes: string[];
+    /** 错误列表 */
+    errors: string[];
+    /** 元数据 */
+    metadata: {
+        fileSize: number;
+        confidence: number;
+        signatures: Array<{
+            type: string;
+            signature: FileSignature;
+        }>;
+    };
+}
+/**
+ * 文件签名验证服务
+ */
+export declare class FileSignatureValidator {
+    private readonly mimeRegistry;
+    private readonly logger;
+    private readonly defaultSignatures;
+    constructor(mimeRegistry: MimeRegistryService, customTypes?: CustomFileTypes);
+    /**
+     * 验证文件签名
+     */
+    validateFileSignature(filePath: string, expectedTypes: string[], options?: SignatureValidationOptions): Promise<ValidationResult>;
+    /**
+     * 检测文件类型
+     */
+    detectFileTypes(buffer: Buffer): Promise<DetectedType[]>;
+    /**
+     * 注册自定义签名
+     */
+    registerCustomSignatures(customTypes: CustomFileTypes): void;
+    /**
+     * 检查签名是否匹配
+     */
+    private matchesSignature;
+    /**
+     * 检查类型是否匹配
+     */
+    private matchesType;
+    /**
+     * 规范化签名字节
+     */
+    private normalizeSignatureBytes;
+    /**
+     * 读取文件缓冲区
+     */
+    private readFileBuffer;
+    /**
+     * 检查文件完整性
+     */
+    private checkFileIntegrity;
+    /**
+     * 读取文件尾部
+     */
+    private readFileTail;
+    /**
+     * 计算签名置信度
+     */
+    private calculateSignatureConfidence;
+    /**
+     * 计算总体置信度
+     */
+    private calculateConfidence;
+    /**
+     * 获取验证错误信息
+     */
+    private getValidationError;
+    /**
+     * 初始化默认签名
+     */
+    private initializeDefaultSignatures;
+}