diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/FilePermissionCheckAspect.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/FilePermissionCheckAspect.java index 738a600..d657f1f 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/FilePermissionCheckAspect.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/FilePermissionCheckAspect.java @@ -1,6 +1,7 @@ package com.electromagnetic.industry.software.manage.aop; import com.electromagnetic.industry.software.common.annotations.RequiredPermission; +import com.electromagnetic.industry.software.common.cons.ElectromagneticConstants; import com.electromagnetic.industry.software.common.enums.FilePermission; import com.electromagnetic.industry.software.common.exception.PermissionDeniedException; import com.electromagnetic.industry.software.common.util.UserThreadLocal; @@ -50,7 +51,7 @@ public class FilePermissionCheckAspect { if (args[0] instanceof FileInfoQueryDTO) { FileInfoQueryDTO fileInfoQueryDTO = (FileInfoQueryDTO) args[0]; id = fileInfoQueryDTO.getParentId(); - if (id.length() > 6) { + if (id.length() > ElectromagneticConstants.PRJ_ID_LENGTH) { return joinPoint.proceed(); } } diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/EdFileInfoController.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/EdFileInfoController.java index b38e1fa..b991d7d 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/EdFileInfoController.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/EdFileInfoController.java @@ -29,7 +29,6 @@ public class EdFileInfoController { return edFileInfoService.tree(); } - @RequiredPermission(value = FilePermission.EDIT) @RequestMapping("createFolder") public ElectromagneticResult createFolder(@RequestBody CreateFolderDTO createFolderDTO) { return edFileInfoService.createFolder(createFolderDTO); diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java index 4bd9dd2..744475e 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java @@ -72,6 +72,7 @@ public class EdFileInfoServiceImpl extends ServiceImpl accessibleTree = permissionService.getAccessibleTree(); - if (!accessibleTree.contains(parentId)) { + if (!accessibleTree.contains(parentId) && parentId.length() == PRJ_ID_LENGTH) { throw new PermissionDeniedException(); } diff --git a/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/ElectromagneticConstants.java b/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/ElectromagneticConstants.java index 72df716..9c53e3a 100644 --- a/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/ElectromagneticConstants.java +++ b/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/ElectromagneticConstants.java @@ -15,4 +15,6 @@ public interface ElectromagneticConstants { String NAME_VALID_MSG = "文件名不符合规范,只能包含中文字符、下划线、连字符、加号、数字和英文字符且长度小于32。"; String FILE_SEC_PASSWD = "adknfhkj87654knd"; + + int PRJ_ID_LENGTH = 6; }