diff --git a/src/main/java/com/qiwenshare/file/component/FileDealComp.java b/src/main/java/com/qiwenshare/file/component/FileDealComp.java index 431645b..dc8dbc2 100644 --- a/src/main/java/com/qiwenshare/file/component/FileDealComp.java +++ b/src/main/java/com/qiwenshare/file/component/FileDealComp.java @@ -7,6 +7,7 @@ import com.alibaba.fastjson2.JSON; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.qiwenshare.common.util.DateUtil; import com.qiwenshare.common.util.MusicUtils; +import com.qiwenshare.common.util.security.SessionUtil; import com.qiwenshare.file.api.IShareFileService; import com.qiwenshare.file.api.IShareService; import com.qiwenshare.file.api.IUserService; @@ -213,18 +214,18 @@ public class FileDealComp { * @param nodeNameQueue * @return */ - public TreeNode insertTreeNode(TreeNode treeNode, long id, String filePath, Queue nodeNameQueue){ + public TreeNode insertTreeNode(TreeNode treeNode, long id, String filePath, Queue nodeNameQueue) { List childrenTreeNodes = treeNode.getChildren(); String currentNodeName = nodeNameQueue.peek(); - if (currentNodeName == null){ + if (currentNodeName == null) { return treeNode; } QiwenFile qiwenFile = new QiwenFile(filePath, currentNodeName, true); filePath = qiwenFile.getPath(); - if (!isExistPath(childrenTreeNodes, currentNodeName)){ //1、判断有没有该子节点,如果没有则插入 + if (!isExistPath(childrenTreeNodes, currentNodeName)) { //1、判断有没有该子节点,如果没有则插入 //插入 TreeNode resultTreeNode = new TreeNode(); @@ -234,7 +235,7 @@ public class FileDealComp { childrenTreeNodes.add(resultTreeNode); - }else{ //2、如果有,则跳过 + } else { //2、如果有,则跳过 nodeNameQueue.poll(); } @@ -242,7 +243,7 @@ public class FileDealComp { for (int i = 0; i < childrenTreeNodes.size(); i++) { TreeNode childrenTreeNode = childrenTreeNodes.get(i); - if (currentNodeName.equals(childrenTreeNode.getLabel())){ + if (currentNodeName.equals(childrenTreeNode.getLabel())) { childrenTreeNode = insertTreeNode(childrenTreeNode, id * 10, filePath, nodeNameQueue); childrenTreeNodes.remove(i); childrenTreeNodes.add(childrenTreeNode); @@ -250,7 +251,7 @@ public class FileDealComp { } } - }else{ + } else { treeNode.setChildren(childrenTreeNodes); } @@ -312,7 +313,7 @@ public class FileDealComp { } public void deleteESByUserFileId(String userFileId) { - exec.execute(()->{ + exec.execute(() -> { try { elasticsearchClient.delete(d -> d .index("filesearch") @@ -327,54 +328,60 @@ public class FileDealComp { /** * 根据用户传入的参数,判断是否有下载或者预览权限 + * * @return */ public boolean checkAuthDownloadAndPreview(String shareBatchNum, String extractionCode, String token, - String userFileId, + String userFileIds, Integer platform) { - log.debug("权限检查开始:shareBatchNum:{}, extractionCode:{}, token:{}, userFileId{}" , shareBatchNum, extractionCode, token, userFileId); + log.debug("权限检查开始:shareBatchNum:{}, extractionCode:{}, token:{}, userFileIds{}", shareBatchNum, extractionCode, token, userFileIds); if (platform != null && platform == 2) { return true; } - UserFile userFile = userFileMapper.selectById(userFileId); - log.debug(JSON.toJSONString(userFile)); - if ("undefined".equals(shareBatchNum) || StringUtils.isEmpty(shareBatchNum)) { + String[] userFileIdArr = userFileIds.split(","); + for (String userFileId : userFileIdArr) { - String userId = userService.getUserIdByToken(token); - log.debug(JSON.toJSONString("当前登录session用户id:" + userId)); - if (userId == null) { - return false; - } - log.debug("文件所属用户id:" + userFile.getUserId()); - log.debug("登录用户id:" + userId); - if (!userFile.getUserId().equals(userId)) { - log.info("用户id不一致,权限校验失败"); - return false; - } - } else { - Map param = new HashMap<>(); - param.put("shareBatchNum", shareBatchNum); - List shareList = shareService.listByMap(param); - //判断批次号 - if (shareList.size() <= 0) { - log.info("分享批次号不存在,权限校验失败"); - return false; - } - Integer shareType = shareList.get(0).getShareType(); - if (1 == shareType) { - //判断提取码 - if (!shareList.get(0).getExtractionCode().equals(extractionCode)) { - log.info("提取码错误,权限校验失败"); + UserFile userFile = userFileMapper.selectById(userFileId); + log.debug(JSON.toJSONString(userFile)); + if ("undefined".equals(shareBatchNum) || StringUtils.isEmpty(shareBatchNum)) { + + String userId = userService.getUserIdByToken(token); + log.debug(JSON.toJSONString("当前登录session用户id:" + userId)); + if (userId == null) { return false; } - } - param.put("userFileId", userFileId); - List shareFileList = shareFileService.listByMap(param); - if (shareFileList.size() <= 0) { - log.info("用户id和分享批次号不匹配,权限校验失败"); - return false; + log.debug("文件所属用户id:" + userFile.getUserId()); + log.debug("登录用户id:" + userId); + if (!userFile.getUserId().equals(userId)) { + log.info("用户id不一致,权限校验失败"); + return false; + } + } else { + Map param = new HashMap<>(); + param.put("shareBatchNum", shareBatchNum); + List shareList = shareService.listByMap(param); + //判断批次号 + if (shareList.size() <= 0) { + log.info("分享批次号不存在,权限校验失败"); + return false; + } + Integer shareType = shareList.get(0).getShareType(); + if (1 == shareType) { + //判断提取码 + if (!shareList.get(0).getExtractionCode().equals(extractionCode)) { + log.info("提取码错误,权限校验失败"); + return false; + } + } + param.put("userFileId", userFileId); + List shareFileList = shareFileService.listByMap(param); + if (shareFileList.size() <= 0) { + log.info("用户id和分享批次号不匹配,权限校验失败"); + return false; + } + } } @@ -384,6 +391,7 @@ public class FileDealComp { /** * 拷贝文件 * 场景:修改的文件被多处引用时,需要重新拷贝一份,然后在新的基础上修改 + * * @param fileBean * @param userFile * @return @@ -404,6 +412,8 @@ public class FileDealComp { fileMapper.insert(fileBean); userFile.setFileId(fileBean.getFileId()); userFile.setUploadTime(DateUtil.getCurrentTime()); + userFile.setModifyTime(DateUtil.getCurrentTime()); + userFile.setModifyUserId(SessionUtil.getUserId()); userFileMapper.updateById(userFile); return fileUrl; } diff --git a/src/main/java/com/qiwenshare/file/config/security/filter/JwtAuthenticationTokenFilter.java b/src/main/java/com/qiwenshare/file/config/security/filter/JwtAuthenticationTokenFilter.java index 920654c..9f1ee55 100644 --- a/src/main/java/com/qiwenshare/file/config/security/filter/JwtAuthenticationTokenFilter.java +++ b/src/main/java/com/qiwenshare/file/config/security/filter/JwtAuthenticationTokenFilter.java @@ -32,6 +32,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { "/user/login", "/user/checkuserlogininfo", "/filetransfer/downloadfile", + "/filetransfer/batchDownloadFile", "/filetransfer/preview", "/share/sharefileList", "/share/sharetype", @@ -42,6 +43,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { "/param/grouplist", "/error/**", "/swagger-ui.html", + "/office/IndexServlet" }; @Autowired private UserService userService; diff --git a/src/main/java/com/qiwenshare/file/controller/FileController.java b/src/main/java/com/qiwenshare/file/controller/FileController.java index 8a87765..97b7b40 100644 --- a/src/main/java/com/qiwenshare/file/controller/FileController.java +++ b/src/main/java/com/qiwenshare/file/controller/FileController.java @@ -132,7 +132,8 @@ public class FileController { userFile.setExtendName(extendName); userFile.setUploadTime(DateUtil.getCurrentTime()); userFile.setFileId(fileBean.getFileId()); - + userFile.setCreateTime(DateUtil.getCurrentTime()); + userFile.setCreateUserId(SessionUtil.getUserId()); userFileService.save(userFile); } return RestResult.success().message("文件创建成功"); diff --git a/src/main/java/com/qiwenshare/file/controller/FiletransferController.java b/src/main/java/com/qiwenshare/file/controller/FiletransferController.java index f5f13e0..6b2bc41 100644 --- a/src/main/java/com/qiwenshare/file/controller/FiletransferController.java +++ b/src/main/java/com/qiwenshare/file/controller/FiletransferController.java @@ -146,7 +146,24 @@ public class FiletransferController { @RequestMapping(value = "/batchDownloadFile", method = RequestMethod.GET) @MyLog(operation = "批量下载文件", module = CURRENT_MODULE) @ResponseBody - public void batchDownloadFile(HttpServletResponse httpServletResponse, BatchDownloadFileDTO batchDownloadFileDTO) { + public void batchDownloadFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, BatchDownloadFileDTO batchDownloadFileDTO) { + Cookie[] cookieArr = httpServletRequest.getCookies(); + String token = ""; + if (cookieArr != null) { + for (Cookie cookie : cookieArr) { + if ("token".equals(cookie.getName())) { + token = cookie.getValue(); + } + } + } + boolean authResult = fileDealComp.checkAuthDownloadAndPreview(batchDownloadFileDTO.getShareBatchNum(), + batchDownloadFileDTO.getExtractionCode(), + token, + batchDownloadFileDTO.getUserFileIds(), null); + if (!authResult) { + log.error("没有权限下载!!!"); + return; + } String files = batchDownloadFileDTO.getUserFileIds(); String[] userFileIdStrs = files.split(","); diff --git a/src/main/java/com/qiwenshare/file/domain/UserFile.java b/src/main/java/com/qiwenshare/file/domain/UserFile.java index 30b8ff5..2cdec84 100644 --- a/src/main/java/com/qiwenshare/file/domain/UserFile.java +++ b/src/main/java/com/qiwenshare/file/domain/UserFile.java @@ -54,6 +54,14 @@ public class UserFile { @Column(columnDefinition = "varchar(50) comment '删除批次号'") private String deleteBatchNum; + @Column(columnDefinition="varchar(30) comment '创建时间'") + private String createTime; + @Column(columnDefinition="varchar(20) comment '创建用户id'") + private String createUserId; + @Column(columnDefinition="varchar(30) comment '修改时间'") + private String modifyTime; + @Column(columnDefinition="varchar(20) comment '修改用户id'") + private String modifyUserId; public UserFile() {}; public UserFile(QiwenFile qiwenFile, String userId, String fileId) { @@ -64,7 +72,10 @@ public class UserFile { this.fileName = qiwenFile.getNameNotExtend(); this.extendName = qiwenFile.getExtendName(); this.isDir = qiwenFile.isDirectory() ? 1 : 0; - this.uploadTime = DateUtil.getCurrentTime(); + String currentTime = DateUtil.getCurrentTime(); + this.setUploadTime(currentTime); + this.setCreateUserId(userId); + this.setCreateTime(currentTime); this.deleteFlag = 0; } diff --git a/src/main/java/com/qiwenshare/file/dto/file/BatchDownloadFileDTO.java b/src/main/java/com/qiwenshare/file/dto/file/BatchDownloadFileDTO.java index c4f92bf..2a31bfc 100644 --- a/src/main/java/com/qiwenshare/file/dto/file/BatchDownloadFileDTO.java +++ b/src/main/java/com/qiwenshare/file/dto/file/BatchDownloadFileDTO.java @@ -8,5 +8,9 @@ import lombok.Data; public class BatchDownloadFileDTO { @Schema(description="文件集合", required = true) private String userFileIds; + @Schema(description="批次号") + private String shareBatchNum; + @Schema(description="提取码") + private String extractionCode; } diff --git a/src/main/java/com/qiwenshare/file/office/services/configurers/implementations/DefaultEditorConfigConfigurer.java b/src/main/java/com/qiwenshare/file/office/services/configurers/implementations/DefaultEditorConfigConfigurer.java index 92a8b18..62dbb4d 100644 --- a/src/main/java/com/qiwenshare/file/office/services/configurers/implementations/DefaultEditorConfigConfigurer.java +++ b/src/main/java/com/qiwenshare/file/office/services/configurers/implementations/DefaultEditorConfigConfigurer.java @@ -86,7 +86,10 @@ public class DefaultEditorConfigConfigurer implements EditorConfigConfigurer() {{ put("mode", "strict"); put("change", false); - }} : null); + }} : new HashMap() {{ + put("mode", "fast"); + put("change", true); + }}); defaultCustomizationConfigurer.configure(config.getCustomization(), DefaultCustomizationWrapper.builder() // define the customization configurer .action(action) diff --git a/src/main/java/com/qiwenshare/file/service/FileService.java b/src/main/java/com/qiwenshare/file/service/FileService.java index 84786de..8c739ff 100644 --- a/src/main/java/com/qiwenshare/file/service/FileService.java +++ b/src/main/java/com/qiwenshare/file/service/FileService.java @@ -134,6 +134,8 @@ public class FileService extends ServiceImpl implements IF fileBean.setFileId(userFile.getFileId()); fileMapper.updateById(fileBean); userFile.setUploadTime(currentTime); + userFile.setModifyTime(currentTime); + userFile.setModifyUserId(SessionUtil.getUserId()); userFileMapper.updateById(userFile); } diff --git a/src/main/java/com/qiwenshare/file/util/QiwenFileUtil.java b/src/main/java/com/qiwenshare/file/util/QiwenFileUtil.java index a7a52a5..839e970 100644 --- a/src/main/java/com/qiwenshare/file/util/QiwenFileUtil.java +++ b/src/main/java/com/qiwenshare/file/util/QiwenFileUtil.java @@ -2,6 +2,7 @@ package com.qiwenshare.file.util; import cn.hutool.core.util.IdUtil; import com.qiwenshare.common.util.DateUtil; +import com.qiwenshare.common.util.security.SessionUtil; import com.qiwenshare.file.domain.UserFile; import com.qiwenshare.file.io.QiwenFile; @@ -18,6 +19,8 @@ public class QiwenFileUtil { userFile.setExtendName(null); userFile.setIsDir(1); userFile.setUploadTime(DateUtil.getCurrentTime()); + userFile.setCreateUserId(SessionUtil.getUserId()); + userFile.setCreateTime(DateUtil.getCurrentTime()); userFile.setDeleteFlag(0); userFile.setDeleteBatchNum(null); return userFile; @@ -33,6 +36,8 @@ public class QiwenFileUtil { userFile.setExtendName(extendName); userFile.setIsDir(0); userFile.setUploadTime(DateUtil.getCurrentTime()); + userFile.setCreateTime(DateUtil.getCurrentTime()); + userFile.setCreateUserId(SessionUtil.getUserId()); userFile.setDeleteFlag(0); userFile.setDeleteBatchNum(null); return userFile;