MAC
Gitee
commit
98c10c2c27
@ -214,18 +214,18 @@ public class FileDealComp {
|
||||
* @param nodeNameQueue
|
||||
* @return
|
||||
*/
|
||||
public TreeNode insertTreeNode(TreeNode treeNode, long id, String filePath, Queue<String> nodeNameQueue){
|
||||
public TreeNode insertTreeNode(TreeNode treeNode, long id, String filePath, Queue<String> nodeNameQueue) {
|
||||
|
||||
List<TreeNode> childrenTreeNodes = treeNode.getChildren();
|
||||
String currentNodeName = nodeNameQueue.peek();
|
||||
if (currentNodeName == null){
|
||||
if (currentNodeName == null) {
|
||||
return treeNode;
|
||||
}
|
||||
|
||||
QiwenFile qiwenFile = new QiwenFile(filePath, currentNodeName, true);
|
||||
filePath = qiwenFile.getPath();
|
||||
|
||||
if (!isExistPath(childrenTreeNodes, currentNodeName)){ //1、判断有没有该子节点,如果没有则插入
|
||||
if (!isExistPath(childrenTreeNodes, currentNodeName)) { //1、判断有没有该子节点,如果没有则插入
|
||||
//插入
|
||||
TreeNode resultTreeNode = new TreeNode();
|
||||
|
||||
@ -235,7 +235,7 @@ public class FileDealComp {
|
||||
|
||||
childrenTreeNodes.add(resultTreeNode);
|
||||
|
||||
}else{ //2、如果有,则跳过
|
||||
} else { //2、如果有,则跳过
|
||||
nodeNameQueue.poll();
|
||||
}
|
||||
|
||||
@ -243,7 +243,7 @@ public class FileDealComp {
|
||||
for (int i = 0; i < childrenTreeNodes.size(); i++) {
|
||||
|
||||
TreeNode childrenTreeNode = childrenTreeNodes.get(i);
|
||||
if (currentNodeName.equals(childrenTreeNode.getLabel())){
|
||||
if (currentNodeName.equals(childrenTreeNode.getLabel())) {
|
||||
childrenTreeNode = insertTreeNode(childrenTreeNode, id * 10, filePath, nodeNameQueue);
|
||||
childrenTreeNodes.remove(i);
|
||||
childrenTreeNodes.add(childrenTreeNode);
|
||||
@ -251,7 +251,7 @@ public class FileDealComp {
|
||||
}
|
||||
|
||||
}
|
||||
}else{
|
||||
} else {
|
||||
treeNode.setChildren(childrenTreeNodes);
|
||||
}
|
||||
|
||||
@ -313,7 +313,7 @@ public class FileDealComp {
|
||||
}
|
||||
|
||||
public void deleteESByUserFileId(String userFileId) {
|
||||
exec.execute(()->{
|
||||
exec.execute(() -> {
|
||||
try {
|
||||
elasticsearchClient.delete(d -> d
|
||||
.index("filesearch")
|
||||
@ -328,54 +328,60 @@ public class FileDealComp {
|
||||
|
||||
/**
|
||||
* 根据用户传入的参数,判断是否有下载或者预览权限
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public boolean checkAuthDownloadAndPreview(String shareBatchNum,
|
||||
String extractionCode,
|
||||
String token,
|
||||
String userFileId,
|
||||
String userFileIds,
|
||||
Integer platform) {
|
||||
log.debug("权限检查开始:shareBatchNum:{}, extractionCode:{}, token:{}, userFileId{}" , shareBatchNum, extractionCode, token, userFileId);
|
||||
log.debug("权限检查开始:shareBatchNum:{}, extractionCode:{}, token:{}, userFileIds{}", shareBatchNum, extractionCode, token, userFileIds);
|
||||
if (platform != null && platform == 2) {
|
||||
return true;
|
||||
}
|
||||
UserFile userFile = userFileMapper.selectById(userFileId);
|
||||
log.debug(JSON.toJSONString(userFile));
|
||||
if ("undefined".equals(shareBatchNum) || StringUtils.isEmpty(shareBatchNum)) {
|
||||
String[] userFileIdArr = userFileIds.split(",");
|
||||
for (String userFileId : userFileIdArr) {
|
||||
|
||||
String userId = userService.getUserIdByToken(token);
|
||||
log.debug(JSON.toJSONString("当前登录session用户id:" + userId));
|
||||
if (userId == null) {
|
||||
return false;
|
||||
}
|
||||
log.debug("文件所属用户id:" + userFile.getUserId());
|
||||
log.debug("登录用户id:" + userId);
|
||||
if (!userFile.getUserId().equals(userId)) {
|
||||
log.info("用户id不一致,权限校验失败");
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
Map<String, Object> param = new HashMap<>();
|
||||
param.put("shareBatchNum", shareBatchNum);
|
||||
List<Share> shareList = shareService.listByMap(param);
|
||||
//判断批次号
|
||||
if (shareList.size() <= 0) {
|
||||
log.info("分享批次号不存在,权限校验失败");
|
||||
return false;
|
||||
}
|
||||
Integer shareType = shareList.get(0).getShareType();
|
||||
if (1 == shareType) {
|
||||
//判断提取码
|
||||
if (!shareList.get(0).getExtractionCode().equals(extractionCode)) {
|
||||
log.info("提取码错误,权限校验失败");
|
||||
UserFile userFile = userFileMapper.selectById(userFileId);
|
||||
log.debug(JSON.toJSONString(userFile));
|
||||
if ("undefined".equals(shareBatchNum) || StringUtils.isEmpty(shareBatchNum)) {
|
||||
|
||||
String userId = userService.getUserIdByToken(token);
|
||||
log.debug(JSON.toJSONString("当前登录session用户id:" + userId));
|
||||
if (userId == null) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
param.put("userFileId", userFileId);
|
||||
List<ShareFile> shareFileList = shareFileService.listByMap(param);
|
||||
if (shareFileList.size() <= 0) {
|
||||
log.info("用户id和分享批次号不匹配,权限校验失败");
|
||||
return false;
|
||||
log.debug("文件所属用户id:" + userFile.getUserId());
|
||||
log.debug("登录用户id:" + userId);
|
||||
if (!userFile.getUserId().equals(userId)) {
|
||||
log.info("用户id不一致,权限校验失败");
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
Map<String, Object> param = new HashMap<>();
|
||||
param.put("shareBatchNum", shareBatchNum);
|
||||
List<Share> shareList = shareService.listByMap(param);
|
||||
//判断批次号
|
||||
if (shareList.size() <= 0) {
|
||||
log.info("分享批次号不存在,权限校验失败");
|
||||
return false;
|
||||
}
|
||||
Integer shareType = shareList.get(0).getShareType();
|
||||
if (1 == shareType) {
|
||||
//判断提取码
|
||||
if (!shareList.get(0).getExtractionCode().equals(extractionCode)) {
|
||||
log.info("提取码错误,权限校验失败");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
param.put("userFileId", userFileId);
|
||||
List<ShareFile> shareFileList = shareFileService.listByMap(param);
|
||||
if (shareFileList.size() <= 0) {
|
||||
log.info("用户id和分享批次号不匹配,权限校验失败");
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@ -385,6 +391,7 @@ public class FileDealComp {
|
||||
/**
|
||||
* 拷贝文件
|
||||
* 场景:修改的文件被多处引用时,需要重新拷贝一份,然后在新的基础上修改
|
||||
*
|
||||
* @param fileBean
|
||||
* @param userFile
|
||||
* @return
|
||||
|
||||
@ -32,6 +32,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
||||
"/user/login",
|
||||
"/user/checkuserlogininfo",
|
||||
"/filetransfer/downloadfile",
|
||||
"/filetransfer/batchDownloadFile",
|
||||
"/filetransfer/preview",
|
||||
"/share/sharefileList",
|
||||
"/share/sharetype",
|
||||
|
||||
@ -146,7 +146,24 @@ public class FiletransferController {
|
||||
@RequestMapping(value = "/batchDownloadFile", method = RequestMethod.GET)
|
||||
@MyLog(operation = "批量下载文件", module = CURRENT_MODULE)
|
||||
@ResponseBody
|
||||
public void batchDownloadFile(HttpServletResponse httpServletResponse, BatchDownloadFileDTO batchDownloadFileDTO) {
|
||||
public void batchDownloadFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, BatchDownloadFileDTO batchDownloadFileDTO) {
|
||||
Cookie[] cookieArr = httpServletRequest.getCookies();
|
||||
String token = "";
|
||||
if (cookieArr != null) {
|
||||
for (Cookie cookie : cookieArr) {
|
||||
if ("token".equals(cookie.getName())) {
|
||||
token = cookie.getValue();
|
||||
}
|
||||
}
|
||||
}
|
||||
boolean authResult = fileDealComp.checkAuthDownloadAndPreview(batchDownloadFileDTO.getShareBatchNum(),
|
||||
batchDownloadFileDTO.getExtractionCode(),
|
||||
token,
|
||||
batchDownloadFileDTO.getUserFileIds(), null);
|
||||
if (!authResult) {
|
||||
log.error("没有权限下载!!!");
|
||||
return;
|
||||
}
|
||||
|
||||
String files = batchDownloadFileDTO.getUserFileIds();
|
||||
String[] userFileIdStrs = files.split(",");
|
||||
|
||||
@ -8,5 +8,9 @@ import lombok.Data;
|
||||
public class BatchDownloadFileDTO {
|
||||
@Schema(description="文件集合", required = true)
|
||||
private String userFileIds;
|
||||
@Schema(description="批次号")
|
||||
private String shareBatchNum;
|
||||
@Schema(description="提取码")
|
||||
private String extractionCode;
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user