文件夹目录权限实现方法总结(附代码)
2024-04-12 09:31:34
文件夹权限分为可读、可写、管理、没有权限四种。有管理权限则有可读、可写权限。设置了没有权限,则不能设置可读、可写、管理权限。如果不设置没有权限,默认文件夹有可读权限。
权限设置,只能一级一级往下设置,不能从下往上设置。设置中,不允许出现冲突情况(上级目录没有权限,下级目录有权限)。
权限是继承的,子目录自动拥有父级目录的权限。
本目录设置权限前,查询所有下级目录是否设置过权限,如果设置过,则不允许设置权限。
情形一:目录B角色甲有权限,其他角色没设置过权限。那么下级目录就不允许再设置任何权限,即不允许再给甲设置下级目录没有权限。如果下级某个目录设置甲没有权限那么所有人都看不了该目录,没有意义。
情形二:目录B设置了甲乙丙三个角色有权限,子目录B1可以设置甲没有权限,可以设置目录B2乙没有权限,那么B2目录的下级目录就不能设置乙有权限。
情形三:目录B丙没有权限,甲乙有权限。下级目录B1可以设置甲乙没有权限,所有下级目录都不能设置丙有权限。
实现:
一、文件目录表结构设计:
文件夹目录信息表:
CREATE TABLE `disk_file` (`id` varchar(50) NOT NULL,`createtime` datetime DEFAULT NULL,`createuserid` varchar(50) DEFAULT NULL,`createusername` varchar(50) DEFAULT NULL,`filemd5` varchar(200) DEFAULT NULL,`filename` varchar(255) DEFAULT NULL,`filesize` bigint(20) NOT NULL,`filesuffix` varchar(20) DEFAULT NULL,`filetype` int(11) DEFAULT NULL,`imgsize` varchar(50) DEFAULT NULL,`pid` varchar(50) DEFAULT NULL,`thumbnailurl` varchar(200) DEFAULT NULL,`typecode` varchar(50) DEFAULT NULL,PRIMARY KEY (`id`),UNIQUE KEY `UKfjg8ov86e52cc1vw2g4cahpu7` (`createuserid`,`pid`,`filetype`,`filename`),KEY `IDX7h8ca5qp48qow851woryvg8q` (`pid`),KEY `IDX9j6hnchh4o79nofxhjgy0lc29` (`filename`),KEY `IDXlhtq88mi2kvwxihin21rvvm9b` (`typecode`),KEY `IDXb244b04v1wu3ftqfqjt7wodks` (`filesuffix`),KEY `IDXq0mhp53s6a40gh5w93bqmx5jp` (`filetype`),KEY `IDXc7snngp84h66d6f64u0l0hb56` (`createuserid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 ROW_FORMAT=DYNAMIC;文件夹权限数据表:
CREATE TABLE `disk_file_folder_privilege` (`id` varchar(32) NOT NULL COMMENT '主键',`user_id` varchar(32) DEFAULT NULL COMMENT '用户id',`role_id` varchar(32) DEFAULT NULL,`present_catalog` varchar(32) DEFAULT NULL COMMENT '当前文件夹目录',`whole_catalog` varchar(512) DEFAULT NULL COMMENT '完整文件夹目录',`readable` char(1) DEFAULT NULL COMMENT '可读:1',`writable` char(1) DEFAULT NULL COMMENT '可写:1',`manage` char(1) DEFAULT NULL COMMENT '管理:1',`no_auth` char(1) DEFAULT NULL COMMENT '没有权限',`create_time` varchar(32) DEFAULT NULL,`update_time` varchar(32) DEFAULT NULL,`creater` varchar(32) DEFAULT NULL,`updater` varchar(32) DEFAULT NULL,PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 ROW_FORMAT=DYNAMIC COMMENT='文件夹权限';二、保存文件夹目录权限
import cn.datainvest.common.page.Page;
import cn.datainvest.common.utils.lang.DateTimeUtil;
import cn.datainvest.core.constant.Constant;
import cn.datainvest.core.mapper.BaseGeneratedMapper;
import cn.datainvest.core.result.ServiceResult;
import cn.datainvest.core.result.ServiceResultHelper;
import cn.datainvest.core.service.AbstractBaseAOService;
import cn.datainvest.dms.system.auth.AuthUtil;
import cn.datainvest.dms.system.dao.customized.DiskFileFolderPrivilegeCustomizedMapper;
import cn.datainvest.dms.system.dao.gen.DiskFileFolderPrivilegeGeneratedMapper;
import cn.datainvest.dms.system.dto.request.DiskFileFolderPrivilegeForm;
import cn.datainvest.dms.system.dto.request.DiskFileFolderPrivilegeRequest;
import cn.datainvest.dms.system.entity.customized.DiskFileAO;
import cn.datainvest.dms.system.entity.customized.DiskFileFolderPrivilegeAO;
import cn.datainvest.dms.system.entity.customized.UserAO;
import cn.datainvest.dms.system.entity.gen.DiskFileFolderPrivilegeCriteria;
import cn.datainvest.dms.system.service.IDiskFileFolderPrivilegeService;
import cn.datainvest.dms.system.service.IDiskFileService;
import cn.datainvest.dms.system.service.IRoleService;
import com.github.pagehelper.PageHelper;
import com.github.pagehelper.PageInfo;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;import javax.annotation.Resource;
import java.util.*;@Service
public class DiskFileFolderPrivilegeService extends AbstractBaseAOService<DiskFileFolderPrivilegeAO, DiskFileFolderPrivilegeCriteria> implements IDiskFileFolderPrivilegeService {@Resourceprivate IDiskFileService diskFileService;@Resourceprivate IRoleService roleService;@Resourceprivate DiskFileFolderPrivilegeGeneratedMapper diskFileFolderPrivilegeGeneratedMapper;@Resourceprivate DiskFileFolderPrivilegeCustomizedMapper diskFileFolderPrivilegeCustomizedMapper;@Overrideprotected BaseGeneratedMapper<DiskFileFolderPrivilegeAO, DiskFileFolderPrivilegeCriteria> getGeneratedMapper() {return diskFileFolderPrivilegeGeneratedMapper;}@Overridepublic ServiceResult<List<DiskFileFolderPrivilegeAO>> list(DiskFileFolderPrivilegeRequest request) {ServiceResult<List<DiskFileFolderPrivilegeAO>> ret = new ServiceResult<>();PageHelper.startPage(request.getPageNo(), request.getPageSize());List<DiskFileFolderPrivilegeAO> privilegeAOList = diskFileFolderPrivilegeCustomizedMapper.listByCondition(request);ret.setData(privilegeAOList);ret.setSucceed(true);ret.setAdditionalProperties("page", Page.obtainPage(new PageInfo<>(privilegeAOList)));return ret;}/*** 保存文件夹目录权限** @param form* @return*/@Transactional(rollbackFor = Exception.class)@Overridepublic ServiceResult<Boolean> save(DiskFileFolderPrivilegeForm form) {List<String> roleIds = Arrays.asList(form.getRoleIds());if (CollectionUtils.isEmpty(roleIds)) {return ServiceResultHelper.genResultWithFaild("角色不能为空", -1);}if (StringUtils.isEmpty(form.getFileId())) {return ServiceResultHelper.genResultWithFaild("请选择文件夹目录", -1);}DiskFileAO diskFile = diskFileService.selectByPrimaryKey(form.getFileId()).getData();if (diskFile == null) {return ServiceResultHelper.genResultWithFaild("文件夹目录不存在", -1);}if (!Constant.INVALID_FLG.equals(diskFile.getFiletype())) {return ServiceResultHelper.genResultWithFaild("请选择文件夹目录", -1);}if (StringUtils.isEmpty(form.getReadable())&& StringUtils.isEmpty(form.getWritable())&& StringUtils.isEmpty(form.getManage())&& StringUtils.isEmpty(form.getNoAuth())) {return ServiceResultHelper.genResultWithFaild("请设置文件夹目录权限", -1);}UserAO user = AuthUtil.getCurrentUser();//1.判断是否是设置父级目录权限:子级文件夹目录已经设置过权限则不允许设置List<DiskFileAO> childList = diskFileService.listChildNodes(null, form.getFileId());if (!CollectionUtils.isEmpty(childList)) {for (DiskFileAO file : childList) {List<DiskFileFolderPrivilegeAO> privilegeList = listPrivilegeIn(file.getId(), roleIds).getData();if (!CollectionUtils.isEmpty(privilegeList)) {return ServiceResultHelper.genResultWithFaild("子级文件夹目录已经设置过权限", -1);}}}//2.查询其他角色是否设置过父级权限//获取直接父级DiskFileAO parent = diskFileService.getParentByChildId(form.getFileId()).getData();if (parent != null) {boolean hasPrivilege = hasPrivilegeIn(parent.getId(), roleIds);// 查询其他角色是否设置过父级目录的权限boolean hasPrivilegeOtherRoles = hasPrivilegeOtherRoles(parent.getId(), roleIds);//查询所有父级List<String> allParent = diskFileService.getAllParent(parent.getId());boolean isExist = existParent(allParent, roleIds);//如果父级目录配置过权限if (isExist) {//并且被配为没有权限,那么子级目录不能配置为有读/写/管理权限if (!hasPrivilege && StringUtils.isEmpty(form.getNoAuth())) {return ServiceResultHelper.genResultWithFaild("父级文件夹目录没有权限,该文件夹目录不能配置读/写/管理权限", -1);}//其他角色没有设置过父级目录权限,并且父级为有权限,下级目录不允许再设置任何权限if (hasPrivilege && !hasPrivilegeOtherRoles) {return ServiceResultHelper.genResultWithFaild("不允许设置该文件夹目录权限", -1);}}}List<DiskFileFolderPrivilegeAO> result = new ArrayList<>();for (String roleId : roleIds) {DiskFileFolderPrivilegeAO tmp = new DiskFileFolderPrivilegeAO();tmp.setRoleId(roleId);tmp.setCreater(user.getUserName());tmp.setCreateTime(DateTimeUtil.formatDateTime(new Date()));tmp.setPresentCatalog(form.getFileId());//当前文件夹目录tmp.setNoAuth(form.getNoAuth());if (StringUtils.isEmpty(form.getNoAuth())) {tmp.setReadable(Constant.VALID_FLG.toString());}//设置所选文件夹的可写,管理权限if (Constant.VALID_FLG.toString().equals(form.getWritable())) {tmp.setWritable(form.getWritable());}if (Constant.VALID_FLG.toString().equals(form.getManage())) {tmp.setWritable(Constant.VALID_FLG.toString());tmp.setManage(form.getManage());}result.add(tmp);}//先删除之前设置的权限deleteByFolderCatalog(form.getFileId(), roleIds);//编辑时删除原始数据if (!StringUtils.isEmpty(form.getFolderPrivilegeId())) {deleteById(form.getFolderPrivilegeId());}if (!CollectionUtils.isEmpty(result)) {insertBatch(result);}return ServiceResultHelper.genResultWithSuccess();}/*** 删除已存在的权限,需要比较权限的大小* 子级目录不覆盖父级目录的权限** @param fileId* @return*/public ServiceResult deleteByFolderCatalog(String fileId, List<String> roleIds) {DiskFileFolderPrivilegeCriteria criteria = new DiskFileFolderPrivilegeCriteria();DiskFileFolderPrivilegeCriteria.Criteria c = criteria.createCriteria();if (StringUtils.isEmpty(fileId)) {return ServiceResultHelper.genResultWithFaild("文件夹目录不能为空", -1);}c.andRoleIdIn(roleIds);c.andPresentCatalogEqualTo(fileId);return deleteByCriteria(criteria);}/*** 查询其他角色是否设置过父级目录的权限** @param fileId* @param roleIds* @return*/public boolean hasPrivilegeOtherRoles(String fileId, List<String> roleIds) {DiskFileFolderPrivilegeCriteria criteria = new DiskFileFolderPrivilegeCriteria();criteria.createCriteria().andPresentCatalogEqualTo(fileId).andRoleIdNotIn(roleIds).andNoAuthIsNull();List<DiskFileFolderPrivilegeAO> data = selectByCriteria(criteria).getData();if (!CollectionUtils.isEmpty(data)) {return true;}return false;}public ServiceResult<List<DiskFileFolderPrivilegeAO>> listPrivilegeIn(String fileId,List<String> roleIds) {DiskFileFolderPrivilegeCriteria criteria = new DiskFileFolderPrivilegeCriteria();criteria.createCriteria().andPresentCatalogEqualTo(fileId).andRoleIdIn(roleIds);return selectByCriteria(criteria);}/*** 查询没有权限的数据** @param roleIds* @return*/@Overridepublic ServiceResult<List<DiskFileFolderPrivilegeAO>> listNoPrivileges(List<String> roleIds) {return ServiceResultHelper.genResultWithSuccess(diskFileFolderPrivilegeCustomizedMapper.listNoPrivileges(roleIds));}/*** 目录是否有权限** @param fileId* @param roleIds* @return*/public boolean hasPrivilegeIn(String fileId, List<String> roleIds) {DiskFileFolderPrivilegeCriteria criteria = new DiskFileFolderPrivilegeCriteria();criteria.createCriteria().andPresentCatalogEqualTo(fileId).andRoleIdIn(roleIds).andNoAuthIsNull();List<DiskFileFolderPrivilegeAO> list = selectByCriteria(criteria).getData();if (!CollectionUtils.isEmpty(list)) {return true;}return false;}/*** 获取目录权限列表** @param fileId* @param roleIds* @return*/@Overridepublic ServiceResult<List<DiskFileFolderPrivilegeAO>> listPrivileges(String fileId, List<String> roleIds) {DiskFileFolderPrivilegeCriteria criteria = new DiskFileFolderPrivilegeCriteria();criteria.createCriteria().andPresentCatalogEqualTo(fileId).andRoleIdIn(roleIds);return selectByCriteria(criteria);}/**** 是否存在父级目录** @param fileIds* @param roleIds* @return*/public boolean existParent(List<String> fileIds, List<String> roleIds) {if (CollectionUtils.isEmpty(fileIds)) {return false;}DiskFileFolderPrivilegeCriteria criteria = new DiskFileFolderPrivilegeCriteria();criteria.createCriteria().andPresentCatalogIn(fileIds).andRoleIdIn(roleIds);List<DiskFileFolderPrivilegeAO> list = selectByCriteria(criteria).getData();if (!CollectionUtils.isEmpty(list)) {return true;}return false;}/*** 根据角色集合查询文件夹目录权限*/@Overridepublic ServiceResult<List<DiskFileFolderPrivilegeAO>> listByRoleId(List<String> roleIds) {return ServiceResultHelper.genResultWithSuccess(diskFileFolderPrivilegeCustomizedMapper.listByRoleId(roleIds));}/*** 查询文件夹目录权限*/@Overridepublic ServiceResult<List<DiskFileFolderPrivilegeAO>> listByUserId(String userId) {DiskFileFolderPrivilegeCriteria criteria = new DiskFileFolderPrivilegeCriteria();criteria.createCriteria().andUserIdEqualTo(userId);return selectByCriteria(criteria);}@Overridepublic int insertBatch(List<DiskFileFolderPrivilegeAO> privilegeAOList) {return diskFileFolderPrivilegeCustomizedMapper.insertBatch(privilegeAOList);}/*** 查询目录** @param fileId* @return*/@Overridepublic ServiceResult<List<DiskFileFolderPrivilegeAO>> listRoleFilePrivileges(String fileId,List<String> roleIds) {DiskFileFolderPrivilegeCriteria criteria = new DiskFileFolderPrivilegeCriteria();criteria.createCriteria().andPresentCatalogEqualTo(fileId).andRoleIdIn(roleIds);return selectByCriteria(criteria);}/*** 获取文件夹的权限数据** @param pid* @param roleIds* @return*/@Overridepublic ServiceResult<List<DiskFileFolderPrivilegeAO>> listFolderPrivileges(String pid, List<String> roleIds) {List<DiskFileFolderPrivilegeAO> privilegeList = null;List<DiskFileFolderPrivilegeAO> data = listPrivileges(pid, roleIds).getData();if (!CollectionUtils.isEmpty(data)) {privilegeList = data;} else {//查询所有父级List<String> allParentFileIds = diskFileService.getAllParent(pid);Collections.reverse(allParentFileIds);if (!CollectionUtils.isEmpty(allParentFileIds)) {for (String parentId : allParentFileIds) {privilegeList = listRoleFilePrivileges(parentId, roleIds).getData();if (!CollectionUtils.isEmpty(privilegeList)) {break;}}}}return ServiceResultHelper.genResultWithSuccess(privilegeList);}/*** 根据文件夹id获取权限** @param fileId* @return*/@Overridepublic ServiceResult<DiskFileFolderPrivilegeAO> getFolderPrivilegeByFileId(String fileId) {UserAO user = AuthUtil.getCurrentUser();DiskFileFolderPrivilegeAO result = new DiskFileFolderPrivilegeAO();if (user.isSuperAdmin()) {result.setPresentCatalog(fileId);result.setReadable("1");result.setWritable("1");result.setManage("1");} else {List<String> roleIds = roleService.getRoleIdsByUserId(user.getId()).getData();boolean readable = false;boolean writeable = false;boolean manage = false;boolean noAuth = false;if (CollectionUtils.isEmpty(roleIds)) {return ServiceResultHelper.genResultWithFaild("没有查询到用户的角色信息", -1);}List<DiskFileFolderPrivilegeAO> privilegeList = listFolderPrivileges(fileId, roleIds).getData();if (!CollectionUtils.isEmpty(privilegeList)) {for (DiskFileFolderPrivilegeAO privilege : privilegeList) {if (!readable) {if (!StringUtils.isEmpty(privilege.getReadable())) {readable = true;}}if (!writeable) {if (!StringUtils.isEmpty(privilege.getWritable())) {writeable = true;}}if (!manage) {if (!StringUtils.isEmpty(privilege.getManage())) {manage = true;}}if (!noAuth) {if (!StringUtils.isEmpty(privilege.getNoAuth())) {noAuth = true;}}}result.setPresentCatalog(fileId);result.setReadable(readable ? "1" : null);result.setWritable(writeable ? "1" : null);result.setManage(manage ? "1" : null);result.setNoAuth(noAuth ? "1" : null);} else {return ServiceResultHelper.genResultWithSuccess();}}return ServiceResultHelper.genResultWithSuccess(result);}
}
DiskFileService:
/*** 根据子级查询父级** @param childId 子id* @return*/@Overridepublic ServiceResult<DiskFileAO> getParentByChildId(String childId) {DiskFileAO file = selectByPrimaryKey(childId).getData();if (file != null) {return selectByPrimaryKey(file.getPid());}return ServiceResultHelper.genResultWithFaild();}/*** 获取所有父级** @param fileId* @return*/@Overridepublic List<String> getAllParent(String fileId) {List<DiskFileAO> fileList = selectByCriteria(null).getData();List<DiskFileAO> parentList = new ArrayList<>();if (!CollectionUtils.isEmpty(fileList)) {//查询所有父级getAllParentListWithChild(fileList, fileId, fileId, parentList);}List<String> parentFileIds = new ArrayList<>();if (!CollectionUtils.isEmpty(parentList)) {parentList.stream().forEach(o -> parentFileIds.add(o.getId()));}return parentFileIds;}/*** 根据子级查询所有父级** @param allList 所有文件* @param childId 子级id* @param parentList 最终返回的子级+所有父级的集合* @return*/@Overridepublic List<DiskFileAO> getAllParentListWithChild(List<DiskFileAO> allList, String childId,String notContain, List<DiskFileAO> parentList) {if (!CollectionUtils.isEmpty(allList)) {for (DiskFileAO resource : allList) {// 判断是否存在父节点if (resource.getId().equals(childId)) {// 递归遍历上一级getAllParentListWithChild(allList, resource.getPid(), notContain, parentList);if (!parentList.contains(resource) && !resource.getId().equals(notContain)) {parentList.add(resource);}}}return parentList;}return null;}@Overridepublic List<DiskFileAO> listChildNodes(DiskFileRequest request, String pid) {List<DiskFileAO> fileList = listByCondition(request);List<DiskFileAO> childNodes = new ArrayList<>();if (!CollectionUtils.isEmpty(fileList)) {DiskFileAO parent = null;for (DiskFileAO file : fileList) {if (file.getId().equals(pid)) {parent = file;break;}}//递归获取所有子节点if (parent != null) {getAllChildNodes(parent, fileList, childNodes);}}return childNodes;}/*** 获取某个父节点下面的所有子节点** @return*/public static <T extends BaseTreeAO> List<T> getAllChildNodes(T parentNode, List<T> list, List<T> childNodes) {for (T node : list) {//遍历出父id等于参数的id,add进子节点集合if (StringUtils.isNotEmpty(node.getPid()) && node.getPid().equals(parentNode.getId())) {//递归遍历下一级getAllChildNodes(node, list, childNodes);childNodes.add(node);}}return childNodes;}
三、根据权限取出文件夹目录
@Overridepublic ServiceResult<List<DiskFileAO>> findPageList(DiskFileRequest request) {List<DiskFileAO> fileList = listByParentId(request.getPid(), request.isContainFolder()).getData();List<RoleAO> roles = roleService.getRolesByUserName(AuthUtil.getCurrentUser().getUserName()).getData();List<String> roleIds = new ArrayList<>();List<String> fileIds = new ArrayList<>();roles.stream().forEach(o -> roleIds.add(o.getId()));fileList.stream().forEach(o -> fileIds.add(o.getId()));request.setRoleIds(roleIds);request.setFileIds(fileIds);ServiceResult<List<DiskFileAO>> ret = new ServiceResult<>();PageHelper.startPage(request.getPageNo(), request.getPageSize());StringBuilder orderBy=new StringBuilder();//order by 排序处理,防止sql注入if(!StringUtils.isEmpty(request.getOrderfield())){orderBy.append(request.getOrderfield()).append(" ").append(request.getOrdertype());}else{orderBy.append("createtime").append(" ").append("desc");}PageHelper.orderBy(orderBy.toString());List<DiskFileAO> fileListBeanList = diskFileCustomizedMapper.findAllList(request);ret.setData(fileListBeanList);ret.setSucceed(true);ret.setAdditionalProperties("page", Page.obtainPage(new PageInfo<>(fileListBeanList)));return ret;}mybatis sql配置:
<select id="findAllList" resultMap="CustomResultMap"parameterType="cn.datainvest.dms.system.dto.request.DiskFileRequest">SELECTt2.id,t2.filename,t2.filesize,t2.filetype,t2.filemd5,t2.filesuffix,t2.createtime,t2.pid,t2.typecode,t2.regulation_title,t2.regulation_publish_time,t2.regulation_impl_time, t2.regulation_issue_1, t2.regulation_issue_2, t2.regulation_issue_3,t2.regulation_classify, t2.regulation_file_type, t2.regulation_type, t2.regulation_number, t2.regulation_input_time,t2.regulation_status, t2.regulation_remark,dts.icon AS fileiconFROM(<choose><when test="isSuperAdmin != null and isSuperAdmin != '' and isSuperAdmin == 'false'">SELECT*FROMdisk_file<where><include refid="fileScopeWhere" />AND id NOT IN(SELECTpresent_catalogFROM`disk_file_folder_privilege`<where><if test="roleIds != null and roleIds.size()>0 ">AND role_id in<foreach collection="roleIds" item="item" index="index" open="(" separator="," close=")" >#{item,jdbcType=VARCHAR}</foreach></if>AND no_auth is not null AND no_auth <> ''</where>)</where></when><otherwise> <!--超级管理员查看所有-->SELECT*FROMdisk_file<where><if test="isContainFolder == false">AND filetype <> 0</if><if test="pid != null and pid != '' ">AND pid = #{pid, jdbcType=VARCHAR}</if></where></otherwise></choose>) t2LEFT JOINdisk_type_suffix dtsON dts.suffix = t2.filesuffixAND dts.typecode = t2.typecode<where><if test="typecode != null and typecode != '' and typecode != 'all' and typecode != 'ALL' ">AND t2.typecode = #{typecode, jdbcType=VARCHAR}</if><if test="filesuffix != null and filesuffix != '' ">AND t2.filesuffix = #{filesuffix, jdbcType=VARCHAR}</if><if test="filename != null and filename != ''">AND t2.filename LIKE CONCAT('%', #{filename, jdbcType=VARCHAR},'%')</if></where></select>
四、判断文件夹是否有可写、管理权限
1.上传文件到文件夹时判断有没有可写、管理权限
@ApiOperation(value = "切块上传", notes = "切块上传")@ApiImplicitParams({@ApiImplicitParam(name = "file", value = "切块", dataType = "file", paramType = "form", required = true),})@PostMapping("/uploadChunk")@FolderPrivilege(value = {"writable", "manage"}, logical = Logical.OR)public Object uploadChunk(@RequestParam("file")MultipartFile file, ChunkPojo chunkPojo) throws Exception {UserAO user = AuthUtil.getCurrentUser();//判断切块是否为空if (file == null) {return ServiceResultHelper.genResultWithFaild("切块不能为空", -1);}//参数设置Chunk chunk = new Chunk();BeanUtils.copyProperties(chunkPojo, chunk);chunk.setUserid(user.getId());chunk.setUsername(user.getUserName());chunk.setBytes(file.getBytes());//4.调用切块上传接口return diskFileService.uploadChunk(chunk);}
使用注解方式:
package cn.datainvest.dms.system.folderPrivilege;import org.apache.shiro.authz.annotation.Logical;import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface FolderPrivilege {String[] value();Logical logical() default Logical.AND;
}
aop获取文件夹权限并从注解中获取权限验证:
package cn.datainvest.dms.system.folderPrivilege;import cn.datainvest.common.exception.BaseException;
import cn.datainvest.dms.system.auth.AuthUtil;
import cn.datainvest.dms.system.entity.customized.DiskFileFolderPrivilegeAO;
import cn.datainvest.dms.system.entity.customized.UserAO;
import cn.datainvest.dms.system.service.IDiskFileFolderPrivilegeService;
import cn.datainvest.dms.system.service.IDiskFileService;
import cn.datainvest.dms.system.service.IRoleService;
import org.apache.shiro.authz.annotation.Logical;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.List;/*** @author yangfeng* @date 2019年9月10日*/
@Aspect
@Component
public class FolderPrivilegeAspect {private Logger logger = LoggerFactory.getLogger(getClass());@Resourceprivate IDiskFileService diskFileService;@Resourceprivate IRoleService roleService;@Resourceprivate IDiskFileFolderPrivilegeService diskFileFolderPrivilegeService;public FolderPrivilegeAspect() {}/*** 定义切入点对象表达式 execution* 注解参数 logOperation*/private static final String pointCutExpression = "execution(@FolderPrivilege * *(..)) && @annotation(folderPrivilege)";/*** 切入点声明** @param folderPrivilege*/@Pointcut(pointCutExpression)public void handlePointCut(FolderPrivilege folderPrivilege) {}/*** Before 增强。对handlePointCut进行before增强** @param joinPoint 被通知的对象的对象、参数。。。* @param folderPrivilege 注解参数提取action Name*/@Before(value = "handlePointCut(folderPrivilege)")public void handleBefore(JoinPoint joinPoint, FolderPrivilege folderPrivilege) {HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();if (request != null) {String[] privileges = folderPrivilege.value();Logical logical = folderPrivilege.logical();String pid = request.getParameter("pid");UserAO user = AuthUtil.getCurrentUser();if (!user.isSuperAdmin()) {boolean privileged = false;if (!StringUtils.isEmpty(pid)) {List<String> roleIds = roleService.getRoleIdsByUserId(user.getId()).getData();//获取文件夹的权限数据List<DiskFileFolderPrivilegeAO> privilegeList = diskFileFolderPrivilegeService.listFolderPrivileges(pid, roleIds).getData();if (!CollectionUtils.isEmpty(privilegeList)) {for (DiskFileFolderPrivilegeAO privilege : privilegeList) {if (privileges != null && privileges.length > 0) {if (logical == null) {if (FolderPrivilegeType.WRITABLE.getCode().equals(privileges[0])&& !StringUtils.isEmpty(privilege.getWritable())) {privileged = true;break;} else if (FolderPrivilegeType.MANAGE.getCode().equals(privileges[0])&& !StringUtils.isEmpty(privilege.getManage())) {privileged = true;break;}} else if (Logical.OR.equals(logical)) {for (String p : privileges) {if (FolderPrivilegeType.WRITABLE.getCode().equals(p)&& !StringUtils.isEmpty(privilege.getWritable())) {privileged = true;break;}if (FolderPrivilegeType.MANAGE.getCode().equals(p)&& !StringUtils.isEmpty(privilege.getManage())) {privileged = true;break;}}break;}}}}}if (!privileged) {throw new BaseException(-1, "没有操作权限");}}}}}2.删除文件或文件夹时判断有没有管理权限
/*** 检查文件是否有管理权限** @param ids 文件id*/public void checkManagePrivilege(List<String> ids) {UserAO user = AuthUtil.getCurrentUser();List<String> roleIds = roleService.getRoleIdsByUserId(user.getId()).getData();if (CollectionUtils.isEmpty(roleIds)) {throw new BaseException(-1, "没有查询到用户的角色信息");}if (!CollectionUtils.isEmpty(ids)) {for (String id : ids) {List<DiskFileFolderPrivilegeAO> privilegeList = diskFileFolderPrivilegeService.listFolderPrivileges(id, roleIds).getData();DiskFileAO file = selectByPrimaryKey(id).getData();if (file != null) {if (!hasManagePrivilege(privilegeList)) {throw new BaseException(-1, file.getFilename() + ":没有删除权限");}}}}}/*** 是否有管理权限** @param privilegeList* @return*/public boolean hasManagePrivilege(List<DiskFileFolderPrivilegeAO> privilegeList) {boolean result = false;if (!CollectionUtils.isEmpty(privilegeList)) {for (DiskFileFolderPrivilegeAO privilege : privilegeList) {if (!StringUtils.isEmpty(privilege.getManage())) {result = true;break;}}}return result;}至此,文件夹权限保存,根据权限获取文件夹,判断文件夹可写、管理权限完成。
文件夹目录权限实现方法总结(附代码)相关推荐
- java搜索文件夹中文件是否存在_java中判断文件文件夹是否存在的方法(附代码)...
1.判断文件夹是否存在,不存在则创建:(java相关视频教程推荐:java视频教程)File folder = new File("d:est1est2"); if (!folde ...
- 修改linux ftp共享目录权限,linux系统下修改文件夹目录权限
文件夹权限问题 Linux.Fedora.Ubuntu修改文件.文件夹权限的方法差不多.很多人开始接触Linux时都很头痛Linux的文件权限问题.这里告诉大家如何修改Linux文件-文件夹权限.以主 ...
- member.php?mod=register文件在哪里,织梦member会员中心文件夹目录修改设置方法
dede网站的member文件目录也是会被收到恶意代码攻击的途径之一,一般很大站长如果网站没有会员系统,只是用于产品或者服务的展示,可以移除此文件,如果移除此文件或者网站需要会员系统,那为了安全起见, ...
- mac无法连接服务器无法定位当前位置,Mac下Go2Shell配合ITerm2无法定位到当前文件夹目录的解决方法...
数据库sql语句规则 sql练习: 创建一个名称为mydb1的数据库. create database mydb1; 查看库 show databases; 创建一个使用utf-8字符集的mydb2数 ...
- Mac下Go2Shell配合ITerm2无法定位到当前文件夹目录的解决方法
下载最新版,这个问题在最新版已经完美解决. http://zipzapmac.com/go2shell 转载于:https://www.cnblogs.com/EasonJim/p/7895581.h ...
- 在linux上备份文件夹在哪里找,Linux 备份 文件夹的权限 然后在其他机器进行恢复...
Study From https://www.cnblogs.com/chenshoubiao/p/4780987.html 用到的命令 getfacl 和 setfacl 备份 getfacl -R ...
- ubuntu下复制文件到另一个文件夹下权限不够问题解决方法
ubuntu下复制文件到另一个文件夹下权限不够问题解决方法 在需要被复制的文件夹下打开终端: sudo nautilus 然后选择到需要复制到的文件夹目录下,右击粘贴.
- Linux目录下文件权限怎么改成777,linux修改文件夹-文件目录权限
Linux.Fedora.Ubuntu修改文件.文件夹权限的方法差不多.很多人开始接触Linux时都很头痛Linux的文件权限问题.这里告诉大家如何修改Linux文件-文件夹权限.以主文件夹下的一个名 ...
- 命令行修改文件文件夹访问权限 cacls, 修改hosts内容方法
背景 日常使用Windows的过程中,hosts(C:\Windows\System32\drivers\etc)文件可能被一些程序串改,因此在网上找到禁止/允许修改hosts文件的bat脚本,但是在 ...
- php获取目录文件 排序输出,php实现对文件夹目录中的文件进行排序的方法
php实现对文件夹目录中的文件按照时间.名称.大小进行排序的方法 函数介绍: opendir() 函数打开目录句柄. readdir() 函数返回目录中下一个文件的文件名. array_multiso ...
最新文章
- C++ 编译 找不到标识符 问题
- Socket通信原理
- 【数据结构】八大数据结构分类
- Android Canvas 绘制基本形状 Android自定义View(七)
- 【bzoj1758】[Wc2010]重建计划
- css 背景色半透明 子元素不透明
- python里使用正则表达式的后向搜索肯定模式
- 版本分支不宜间隔太久
- 微服务领域是不是要变天了?Spring Cloud Alibaba正式入驻Spring Cloud官方孵化器!...
- java6 64位_java6下载-java6官方版下载v6.0 最新64位免费版-旋风软件园
- 保护您的AWS网站免受DDoS攻击
- JanusGraph批量导入数据代码总结
- Docker load 命令
- [魅族Degao]Android客户端性能优化
- Set接口介绍、HashSet源码简要分析
- 【深度访问】Cocos2d-JS精品《航海王启航》:我们是要成为游戏王的团队
- 电脑重装系统后黑屏怎么解决
- 泰坦尼克号 机器学习_机器学习项目泰坦尼克号问题陈述
- 奔跑吧,程序员:从零开始打造产品、技术和团队
- 史上最全因果推断合集-10(滴滴的国际化外卖团队智能补贴实战)