commit
98c10c2c27
@ -328,17 +328,21 @@ public class FileDealComp {
|
||||
|
||||
/**
|
||||
* 根据用户传入的参数,判断是否有下载或者预览权限
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public boolean checkAuthDownloadAndPreview(String shareBatchNum,
|
||||
String extractionCode,
|
||||
String token,
|
||||
String userFileId,
|
||||
String userFileIds,
|
||||
Integer platform) {
|
||||
log.debug("权限检查开始:shareBatchNum:{}, extractionCode:{}, token:{}, userFileId{}" , shareBatchNum, extractionCode, token, userFileId);
|
||||
log.debug("权限检查开始:shareBatchNum:{}, extractionCode:{}, token:{}, userFileIds{}", shareBatchNum, extractionCode, token, userFileIds);
|
||||
if (platform != null && platform == 2) {
|
||||
return true;
|
||||
}
|
||||
String[] userFileIdArr = userFileIds.split(",");
|
||||
for (String userFileId : userFileIdArr) {
|
||||
|
||||
UserFile userFile = userFileMapper.selectById(userFileId);
|
||||
log.debug(JSON.toJSONString(userFile));
|
||||
if ("undefined".equals(shareBatchNum) || StringUtils.isEmpty(shareBatchNum)) {
|
||||
@ -379,12 +383,15 @@ public class FileDealComp {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* 拷贝文件
|
||||
* 场景:修改的文件被多处引用时,需要重新拷贝一份,然后在新的基础上修改
|
||||
*
|
||||
* @param fileBean
|
||||
* @param userFile
|
||||
* @return
|
||||
|
@ -32,6 +32,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
||||
"/user/login",
|
||||
"/user/checkuserlogininfo",
|
||||
"/filetransfer/downloadfile",
|
||||
"/filetransfer/batchDownloadFile",
|
||||
"/filetransfer/preview",
|
||||
"/share/sharefileList",
|
||||
"/share/sharetype",
|
||||
|
@ -146,7 +146,24 @@ public class FiletransferController {
|
||||
@RequestMapping(value = "/batchDownloadFile", method = RequestMethod.GET)
|
||||
@MyLog(operation = "批量下载文件", module = CURRENT_MODULE)
|
||||
@ResponseBody
|
||||
public void batchDownloadFile(HttpServletResponse httpServletResponse, BatchDownloadFileDTO batchDownloadFileDTO) {
|
||||
public void batchDownloadFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, BatchDownloadFileDTO batchDownloadFileDTO) {
|
||||
Cookie[] cookieArr = httpServletRequest.getCookies();
|
||||
String token = "";
|
||||
if (cookieArr != null) {
|
||||
for (Cookie cookie : cookieArr) {
|
||||
if ("token".equals(cookie.getName())) {
|
||||
token = cookie.getValue();
|
||||
}
|
||||
}
|
||||
}
|
||||
boolean authResult = fileDealComp.checkAuthDownloadAndPreview(batchDownloadFileDTO.getShareBatchNum(),
|
||||
batchDownloadFileDTO.getExtractionCode(),
|
||||
token,
|
||||
batchDownloadFileDTO.getUserFileIds(), null);
|
||||
if (!authResult) {
|
||||
log.error("没有权限下载!!!");
|
||||
return;
|
||||
}
|
||||
|
||||
String files = batchDownloadFileDTO.getUserFileIds();
|
||||
String[] userFileIdStrs = files.split(",");
|
||||
|
@ -8,5 +8,9 @@ import lombok.Data;
|
||||
public class BatchDownloadFileDTO {
|
||||
@Schema(description="文件集合", required = true)
|
||||
private String userFileIds;
|
||||
@Schema(description="批次号")
|
||||
private String shareBatchNum;
|
||||
@Schema(description="提取码")
|
||||
private String extractionCode;
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user