chenxudong
/
electromagnetic-data-new
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

增加权限校验

This commit is contained in:
chenxudong 2025-01-14 14:34:00 +08:00
parent d989e8847f
commit c2380336d4
4 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/aop/FilePermissionCheckAspect.java
View File

@ -1,6 +1,7 @@
package com.electromagnetic.industry.software.manage.aop; package com.electromagnetic.industry.software.manage.aop;
import com.electromagnetic.industry.software.common.annotations.RequiredPermission; import com.electromagnetic.industry.software.common.annotations.RequiredPermission;
import com.electromagnetic.industry.software.common.cons.ElectromagneticConstants;
import com.electromagnetic.industry.software.common.enums.FilePermission; import com.electromagnetic.industry.software.common.enums.FilePermission;
import com.electromagnetic.industry.software.common.exception.PermissionDeniedException; import com.electromagnetic.industry.software.common.exception.PermissionDeniedException;
import com.electromagnetic.industry.software.common.util.UserThreadLocal; import com.electromagnetic.industry.software.common.util.UserThreadLocal;
@ -50,7 +51,7 @@ public class FilePermissionCheckAspect {
if (args[0] instanceof FileInfoQueryDTO) { if (args[0] instanceof FileInfoQueryDTO) {
FileInfoQueryDTO fileInfoQueryDTO = (FileInfoQueryDTO) args[0]; FileInfoQueryDTO fileInfoQueryDTO = (FileInfoQueryDTO) args[0];
id = fileInfoQueryDTO.getParentId(); id = fileInfoQueryDTO.getParentId();
if (id.length() > 6) { if (id.length() > ElectromagneticConstants.PRJ_ID_LENGTH) {
return joinPoint.proceed(); return joinPoint.proceed();
} }
} }

1
electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/controller/EdFileInfoController.java
View File

@ -29,7 +29,6 @@ public class EdFileInfoController {
return edFileInfoService.tree(); return edFileInfoService.tree();
} }
@RequiredPermission(value = FilePermission.EDIT)
@RequestMapping("createFolder") @RequestMapping("createFolder")
public ElectromagneticResult<?> createFolder(@RequestBody CreateFolderDTO createFolderDTO) { public ElectromagneticResult<?> createFolder(@RequestBody CreateFolderDTO createFolderDTO) {
return edFileInfoService.createFolder(createFolderDTO); return edFileInfoService.createFolder(createFolderDTO);

3
electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java
View File

@ -72,6 +72,7 @@ public class EdFileInfoServiceImpl extends ServiceImpl<EdFileInfoMapper, EdFileI
@Resource @Resource
private UserMapper userMapper; private UserMapper userMapper;
private String downloadDataDir = ""; private String downloadDataDir = "";
private String uploadDataDir = ""; private String uploadDataDir = "";
@ -93,7 +94,7 @@ public class EdFileInfoServiceImpl extends ServiceImpl<EdFileInfoMapper, EdFileI
String parentId = pars.getParentId(); String parentId = pars.getParentId();
List<String> accessibleTree = permissionService.getAccessibleTree(); List<String> accessibleTree = permissionService.getAccessibleTree();
if (!accessibleTree.contains(parentId)) { if (!accessibleTree.contains(parentId) && parentId.length() == PRJ_ID_LENGTH) {
throw new PermissionDeniedException(); throw new PermissionDeniedException();
} }

2
electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/ElectromagneticConstants.java
View File

@ -15,4 +15,6 @@ public interface ElectromagneticConstants {
String NAME_VALID_MSG = "文件名不符合规范只能包含中文字符、下划线、连字符、加号、数字和英文字符且长度小于32。"; String NAME_VALID_MSG = "文件名不符合规范只能包含中文字符、下划线、连字符、加号、数字和英文字符且长度小于32。";
String FILE_SEC_PASSWD = "adknfhkj87654knd"; String FILE_SEC_PASSWD = "adknfhkj87654knd";
int PRJ_ID_LENGTH = 6;
} }