MAC
Gitee
commit
98c10c2c27
@ -214,18 +214,18 @@ public class FileDealComp {
|
|||||||
* @param nodeNameQueue
|
* @param nodeNameQueue
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
public TreeNode insertTreeNode(TreeNode treeNode, long id, String filePath, Queue<String> nodeNameQueue){
|
public TreeNode insertTreeNode(TreeNode treeNode, long id, String filePath, Queue<String> nodeNameQueue) {
|
||||||
|
|
||||||
List<TreeNode> childrenTreeNodes = treeNode.getChildren();
|
List<TreeNode> childrenTreeNodes = treeNode.getChildren();
|
||||||
String currentNodeName = nodeNameQueue.peek();
|
String currentNodeName = nodeNameQueue.peek();
|
||||||
if (currentNodeName == null){
|
if (currentNodeName == null) {
|
||||||
return treeNode;
|
return treeNode;
|
||||||
}
|
}
|
||||||
|
|
||||||
QiwenFile qiwenFile = new QiwenFile(filePath, currentNodeName, true);
|
QiwenFile qiwenFile = new QiwenFile(filePath, currentNodeName, true);
|
||||||
filePath = qiwenFile.getPath();
|
filePath = qiwenFile.getPath();
|
||||||
|
|
||||||
if (!isExistPath(childrenTreeNodes, currentNodeName)){ //1、判断有没有该子节点,如果没有则插入
|
if (!isExistPath(childrenTreeNodes, currentNodeName)) { //1、判断有没有该子节点,如果没有则插入
|
||||||
//插入
|
//插入
|
||||||
TreeNode resultTreeNode = new TreeNode();
|
TreeNode resultTreeNode = new TreeNode();
|
||||||
|
|
||||||
@ -235,7 +235,7 @@ public class FileDealComp {
|
|||||||
|
|
||||||
childrenTreeNodes.add(resultTreeNode);
|
childrenTreeNodes.add(resultTreeNode);
|
||||||
|
|
||||||
}else{ //2、如果有,则跳过
|
} else { //2、如果有,则跳过
|
||||||
nodeNameQueue.poll();
|
nodeNameQueue.poll();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -243,7 +243,7 @@ public class FileDealComp {
|
|||||||
for (int i = 0; i < childrenTreeNodes.size(); i++) {
|
for (int i = 0; i < childrenTreeNodes.size(); i++) {
|
||||||
|
|
||||||
TreeNode childrenTreeNode = childrenTreeNodes.get(i);
|
TreeNode childrenTreeNode = childrenTreeNodes.get(i);
|
||||||
if (currentNodeName.equals(childrenTreeNode.getLabel())){
|
if (currentNodeName.equals(childrenTreeNode.getLabel())) {
|
||||||
childrenTreeNode = insertTreeNode(childrenTreeNode, id * 10, filePath, nodeNameQueue);
|
childrenTreeNode = insertTreeNode(childrenTreeNode, id * 10, filePath, nodeNameQueue);
|
||||||
childrenTreeNodes.remove(i);
|
childrenTreeNodes.remove(i);
|
||||||
childrenTreeNodes.add(childrenTreeNode);
|
childrenTreeNodes.add(childrenTreeNode);
|
||||||
@ -251,7 +251,7 @@ public class FileDealComp {
|
|||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}else{
|
} else {
|
||||||
treeNode.setChildren(childrenTreeNodes);
|
treeNode.setChildren(childrenTreeNodes);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -313,7 +313,7 @@ public class FileDealComp {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public void deleteESByUserFileId(String userFileId) {
|
public void deleteESByUserFileId(String userFileId) {
|
||||||
exec.execute(()->{
|
exec.execute(() -> {
|
||||||
try {
|
try {
|
||||||
elasticsearchClient.delete(d -> d
|
elasticsearchClient.delete(d -> d
|
||||||
.index("filesearch")
|
.index("filesearch")
|
||||||
@ -328,54 +328,60 @@ public class FileDealComp {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* 根据用户传入的参数,判断是否有下载或者预览权限
|
* 根据用户传入的参数,判断是否有下载或者预览权限
|
||||||
|
*
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
public boolean checkAuthDownloadAndPreview(String shareBatchNum,
|
public boolean checkAuthDownloadAndPreview(String shareBatchNum,
|
||||||
String extractionCode,
|
String extractionCode,
|
||||||
String token,
|
String token,
|
||||||
String userFileId,
|
String userFileIds,
|
||||||
Integer platform) {
|
Integer platform) {
|
||||||
log.debug("权限检查开始:shareBatchNum:{}, extractionCode:{}, token:{}, userFileId{}" , shareBatchNum, extractionCode, token, userFileId);
|
log.debug("权限检查开始:shareBatchNum:{}, extractionCode:{}, token:{}, userFileIds{}", shareBatchNum, extractionCode, token, userFileIds);
|
||||||
if (platform != null && platform == 2) {
|
if (platform != null && platform == 2) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
UserFile userFile = userFileMapper.selectById(userFileId);
|
String[] userFileIdArr = userFileIds.split(",");
|
||||||
log.debug(JSON.toJSONString(userFile));
|
for (String userFileId : userFileIdArr) {
|
||||||
if ("undefined".equals(shareBatchNum) || StringUtils.isEmpty(shareBatchNum)) {
|
|
||||||
|
|
||||||
String userId = userService.getUserIdByToken(token);
|
UserFile userFile = userFileMapper.selectById(userFileId);
|
||||||
log.debug(JSON.toJSONString("当前登录session用户id:" + userId));
|
log.debug(JSON.toJSONString(userFile));
|
||||||
if (userId == null) {
|
if ("undefined".equals(shareBatchNum) || StringUtils.isEmpty(shareBatchNum)) {
|
||||||
return false;
|
|
||||||
}
|
String userId = userService.getUserIdByToken(token);
|
||||||
log.debug("文件所属用户id:" + userFile.getUserId());
|
log.debug(JSON.toJSONString("当前登录session用户id:" + userId));
|
||||||
log.debug("登录用户id:" + userId);
|
if (userId == null) {
|
||||||
if (!userFile.getUserId().equals(userId)) {
|
|
||||||
log.info("用户id不一致,权限校验失败");
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
Map<String, Object> param = new HashMap<>();
|
|
||||||
param.put("shareBatchNum", shareBatchNum);
|
|
||||||
List<Share> shareList = shareService.listByMap(param);
|
|
||||||
//判断批次号
|
|
||||||
if (shareList.size() <= 0) {
|
|
||||||
log.info("分享批次号不存在,权限校验失败");
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
Integer shareType = shareList.get(0).getShareType();
|
|
||||||
if (1 == shareType) {
|
|
||||||
//判断提取码
|
|
||||||
if (!shareList.get(0).getExtractionCode().equals(extractionCode)) {
|
|
||||||
log.info("提取码错误,权限校验失败");
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
log.debug("文件所属用户id:" + userFile.getUserId());
|
||||||
param.put("userFileId", userFileId);
|
log.debug("登录用户id:" + userId);
|
||||||
List<ShareFile> shareFileList = shareFileService.listByMap(param);
|
if (!userFile.getUserId().equals(userId)) {
|
||||||
if (shareFileList.size() <= 0) {
|
log.info("用户id不一致,权限校验失败");
|
||||||
log.info("用户id和分享批次号不匹配,权限校验失败");
|
return false;
|
||||||
return false;
|
}
|
||||||
|
} else {
|
||||||
|
Map<String, Object> param = new HashMap<>();
|
||||||
|
param.put("shareBatchNum", shareBatchNum);
|
||||||
|
List<Share> shareList = shareService.listByMap(param);
|
||||||
|
//判断批次号
|
||||||
|
if (shareList.size() <= 0) {
|
||||||
|
log.info("分享批次号不存在,权限校验失败");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
Integer shareType = shareList.get(0).getShareType();
|
||||||
|
if (1 == shareType) {
|
||||||
|
//判断提取码
|
||||||
|
if (!shareList.get(0).getExtractionCode().equals(extractionCode)) {
|
||||||
|
log.info("提取码错误,权限校验失败");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
param.put("userFileId", userFileId);
|
||||||
|
List<ShareFile> shareFileList = shareFileService.listByMap(param);
|
||||||
|
if (shareFileList.size() <= 0) {
|
||||||
|
log.info("用户id和分享批次号不匹配,权限校验失败");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -385,6 +391,7 @@ public class FileDealComp {
|
|||||||
/**
|
/**
|
||||||
* 拷贝文件
|
* 拷贝文件
|
||||||
* 场景:修改的文件被多处引用时,需要重新拷贝一份,然后在新的基础上修改
|
* 场景:修改的文件被多处引用时,需要重新拷贝一份,然后在新的基础上修改
|
||||||
|
*
|
||||||
* @param fileBean
|
* @param fileBean
|
||||||
* @param userFile
|
* @param userFile
|
||||||
* @return
|
* @return
|
||||||
|
|||||||
@ -32,6 +32,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
|||||||
"/user/login",
|
"/user/login",
|
||||||
"/user/checkuserlogininfo",
|
"/user/checkuserlogininfo",
|
||||||
"/filetransfer/downloadfile",
|
"/filetransfer/downloadfile",
|
||||||
|
"/filetransfer/batchDownloadFile",
|
||||||
"/filetransfer/preview",
|
"/filetransfer/preview",
|
||||||
"/share/sharefileList",
|
"/share/sharefileList",
|
||||||
"/share/sharetype",
|
"/share/sharetype",
|
||||||
|
|||||||
@ -146,7 +146,24 @@ public class FiletransferController {
|
|||||||
@RequestMapping(value = "/batchDownloadFile", method = RequestMethod.GET)
|
@RequestMapping(value = "/batchDownloadFile", method = RequestMethod.GET)
|
||||||
@MyLog(operation = "批量下载文件", module = CURRENT_MODULE)
|
@MyLog(operation = "批量下载文件", module = CURRENT_MODULE)
|
||||||
@ResponseBody
|
@ResponseBody
|
||||||
public void batchDownloadFile(HttpServletResponse httpServletResponse, BatchDownloadFileDTO batchDownloadFileDTO) {
|
public void batchDownloadFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, BatchDownloadFileDTO batchDownloadFileDTO) {
|
||||||
|
Cookie[] cookieArr = httpServletRequest.getCookies();
|
||||||
|
String token = "";
|
||||||
|
if (cookieArr != null) {
|
||||||
|
for (Cookie cookie : cookieArr) {
|
||||||
|
if ("token".equals(cookie.getName())) {
|
||||||
|
token = cookie.getValue();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
boolean authResult = fileDealComp.checkAuthDownloadAndPreview(batchDownloadFileDTO.getShareBatchNum(),
|
||||||
|
batchDownloadFileDTO.getExtractionCode(),
|
||||||
|
token,
|
||||||
|
batchDownloadFileDTO.getUserFileIds(), null);
|
||||||
|
if (!authResult) {
|
||||||
|
log.error("没有权限下载!!!");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
String files = batchDownloadFileDTO.getUserFileIds();
|
String files = batchDownloadFileDTO.getUserFileIds();
|
||||||
String[] userFileIdStrs = files.split(",");
|
String[] userFileIdStrs = files.split(",");
|
||||||
|
|||||||
@ -8,5 +8,9 @@ import lombok.Data;
|
|||||||
public class BatchDownloadFileDTO {
|
public class BatchDownloadFileDTO {
|
||||||
@Schema(description="文件集合", required = true)
|
@Schema(description="文件集合", required = true)
|
||||||
private String userFileIds;
|
private String userFileIds;
|
||||||
|
@Schema(description="批次号")
|
||||||
|
private String shareBatchNum;
|
||||||
|
@Schema(description="提取码")
|
||||||
|
private String extractionCode;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user