chenxudong
/
electromagnetic-data-new
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: chenxudong:7509811d5b4820493aeaa3965470f982bad5f9d6
Branches Tags
chenxudong:master
chenxudong:release3.0.8
chenxudong:develop
chenxudong:test
chenxudong:release3.0.7
chenxudong:release3.0.6
chenxudong:release3.0.5
chenxudong:release3.0.4
chenxudong:release3.0.3
chenxudong:release3.0.2
chenxudong:release3.0.1
chenxudong:release3
chenxudong:release2
..
compare: chenxudong:31404333e6933eba249baae94e4511ae050f6777
Branches Tags
chenxudong:release3.0.8
chenxudong:develop
chenxudong:test
chenxudong:release3.0.7
chenxudong:release3.0.6
chenxudong:release3.0.5
chenxudong:release3.0.4
chenxudong:release3.0.3
chenxudong:release3.0.2
chenxudong:release3.0.1
chenxudong:release3
chenxudong:release2
chenxudong:master

No commits in common. "7509811d5b4820493aeaa3965470f982bad5f9d6" and "31404333e6933eba249baae94e4511ae050f6777" have entirely different histories.
7509811d5b ... 31404333e6

6 changed files with 28 additions and 25 deletions
Show Stats Expand all files Collapse all files

13
electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/LoginInterceptor.java
View File

@ -2,7 +2,6 @@ package com.electromagnetic.industry.software.manage.config;
import cn.hutool.core.date.SystemClock;
import com.electromagnetic.industry.software.common.cons.UserConstants;
import com.electromagnetic.industry.software.common.enums.AdminTypeEnum;
import com.electromagnetic.industry.software.common.pojo.UserLoginInfo;
import com.electromagnetic.industry.software.common.util.TokenUtil;
import com.electromagnetic.industry.software.common.util.UserThreadLocal;
@ -37,12 +36,12 @@ public class LoginInterceptor implements HandlerInterceptor {
}
private boolean checkSysAdminOperation(HttpServletRequest request, HttpServletResponse response) {
String requestURI = request.getRequestURI();
if (requestURI.startsWith("/data/ed/prj") && !UserThreadLocal.getAdminType().equals(AdminTypeEnum.SYSTEM.getValue())) {
log.warn("{}没有层级操作权限,当前用户类型是{}", UserThreadLocal.getUsername(), UserThreadLocal.getAdminType());
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return false;
}
// String requestURI = request.getRequestURI();
// if (requestURI.startsWith("/data/ed/prj") && !UserThreadLocal.getAdminType().equals(AdminTypeEnum.SYSTEM.getValue())) {
// log.warn("{}没有层级操作权限,当前用户类型是{}", UserThreadLocal.getUsername(), UserThreadLocal.getAdminType());
// response.setStatus(HttpServletResponse.SC_FORBIDDEN);
// return false;
// }
return true;
}

2
electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java
View File

@ -42,5 +42,5 @@ public interface PermissionService {
* 过滤有导出权限的文件id
* @param ids
*/
Map<String, Boolean> filterExportIds(String[] ids);
String[] filterExportIds(String[] ids);
}

17
electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java
View File

@ -72,10 +72,17 @@ public class EdFileInfoServiceImpl extends ServiceImpl<EdFileInfoMapper, EdFileI
private Environment environment;
@Resource
private PermissionService permissionService;
@Resource
@Lazy
private EdFileRelationService edFileRelationService;
private String downloadDataDir = "";
private String uploadDataDir = "";
@Value("${file.security.passwd}")
private String password;
@PostConstruct
public void init() {
String osName = System.getProperty("os.name").toLowerCase();
@ -406,7 +413,7 @@ public class EdFileInfoServiceImpl extends ServiceImpl<EdFileInfoMapper, EdFileI
String mainName = FileUtil.mainName(destColibPath);
String parentDir = FileUtil.getParent(destColibPath, 1);
String zipDirPath = parentDir + File.separator + mainName + ".zip";
AES aes = SecureUtil.aes(FILE_SEC_PASSWD.getBytes());
AES aes = SecureUtil.aes(password.getBytes());
try (
InputStream inputStream = Files.newInputStream(Paths.get(destColibPath));
OutputStream outputStream = Files.newOutputStream(Paths.get(zipDirPath));
@ -603,10 +610,6 @@ public class EdFileInfoServiceImpl extends ServiceImpl<EdFileInfoMapper, EdFileI
public ResponseEntity<InputStreamResource> batchExport(String dataIdArr, HttpServletResponse response) throws IOException {
String userDownloadDataDir = downloadDataDir + File.separator + UserThreadLocal.getUserId();
String[] ids = dataIdArr.split(",");
Map<String, Boolean> map = permissionService.filterExportIds(ids);
if (map.containsValue(Boolean.FALSE)) {
throw new BizException(-1, "有未授权的层级接口,禁止导出");
}
Map<String, EdFileInfo> maps = new HashMap<>();
for (String id : ids) {
Map<String, EdFileInfo> edFileInfos = this.baseMapper.selectList(Wrappers.lambdaQuery(EdFileInfo.class)
@ -652,7 +655,7 @@ public class EdFileInfoServiceImpl extends ServiceImpl<EdFileInfoMapper, EdFileI
}
ZipUtil.zip(prjDirPath, exportZipFile);
AES aes = SecureUtil.aes(FILE_SEC_PASSWD.getBytes());
AES aes = SecureUtil.aes(password.getBytes());
try (
InputStream inputStream = Files.newInputStream(Paths.get(exportZipFile));
OutputStream outputStream = Files.newOutputStream(Paths.get(exportColibFile));
@ -742,7 +745,7 @@ public class EdFileInfoServiceImpl extends ServiceImpl<EdFileInfoMapper, EdFileI
this.saveOrUpdate(newEdFileInfo);
String fileDestPath = commonService.getFileSysPath(newEdFileInfo.getFilePath());
FileUtil.writeFromStream(file.getInputStream(), fileDestPath);
EleCommonUtil.encryptFile(fileDestPath, SecureUtil.aes(FILE_SEC_PASSWD.getBytes()));
EleCommonUtil.encryptFile(fileDestPath, SecureUtil.aes(password.getBytes()));
fileSystemService.save(FileUtil.getInputStream(fileDestPath), fileDestPath);
}
} catch (Exception e) {

4
electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileRelationServiceImpl.java
View File

@ -45,6 +45,8 @@ public class EdFileRelationServiceImpl extends ServiceImpl<EdFileRelationMapper,
private CommonService commonService;
@Resource
private FileSystemService fileSystemService;
@Value("${file.security.passwd}")
private String password;
/**
* 创建文件关系
@ -233,7 +235,7 @@ public class EdFileRelationServiceImpl extends ServiceImpl<EdFileRelationMapper,
edFileInfoService.saveOrUpdate(newEdFileInfo);
String fileDestPath = commonService.getFileSysPath(newEdFileInfo.getFilePath());
FileUtil.writeFromStream(file.getInputStream(), fileDestPath);
EleCommonUtil.encryptFile(fileDestPath, SecureUtil.aes(FILE_SEC_PASSWD.getBytes()));
EleCommonUtil.encryptFile(fileDestPath, SecureUtil.aes(password.getBytes()));
fileSystemService.save(FileUtil.getInputStream(fileDestPath), fileDestPath);
// 创建文件关系

17
electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java
View File

@ -123,22 +123,23 @@ public class PermissionServiceImpl implements PermissionService {
* @param ids
*/
@Override
public Map<String, Boolean> filterExportIds(String[] ids) {
Map<String, Boolean> map = new HashMap<>();
public String[] filterExportIds(String[] ids){
if (ids.length==0) {
return map;
return ids;
}
String userId=UserThreadLocal.getUserId();
List<String> roleIds = getRoles(userId);
List<String> result = new ArrayList<>();
for (String id : ids) {
LambdaQueryWrapper<RolePermission> queryWrapper = new LambdaQueryWrapper<>();
queryWrapper.eq(RolePermission::getFileId, id)
.eq(RolePermission::getPermissionCode, FilePermission.EXPORT.getCode())
.in(RolePermission::getRoleId, roleIds);
long count = rolePermissionMapper.selectCount(queryWrapper);
map.put(id, count > 0);
}
return map;
List<RolePermission> list = rolePermissionMapper.selectList(queryWrapper);
if (!list.isEmpty()) {
result.add(id);
}
}
return result.toArray(new String[0]);
}
}

2
electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/ElectromagneticConstants.java
View File

@ -13,6 +13,4 @@ public interface ElectromagneticConstants {
String UPLOAD_FILE_CHUNK_SUFFIX = ".part";
String NAME_VALID_MSG = "文件名不符合规范只能包含中文字符、下划线、连字符、加号、数字和英文字符且长度小于32。";
String FILE_SEC_PASSWD = "adknfhkj87654knd";
}