mirror of
https://gitee.com/shuto-github/intranet_app_manager.git
synced 2026-05-27 00:00:14 +08:00
移动权限
This commit is contained in:
yizhaorong
@@ -30,13 +30,18 @@ public class ShiroConfig {
|
||||
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
|
||||
shiroFilterFactoryBean.setSecurityManager(securityManager);
|
||||
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
|
||||
// 不需要权限可以访问的页面
|
||||
filterChainDefinitionMap.put("/account/signin", "anon");
|
||||
filterChainDefinitionMap.put("/account/logout", "anon");
|
||||
filterChainDefinitionMap.put("/error/unauthorized", "anon");
|
||||
|
||||
// 需要授权访问的页面
|
||||
filterChainDefinitionMap.put("/apps/**", "authc");
|
||||
// 登录页面
|
||||
shiroFilterFactoryBean.setLoginUrl("/account/signin");
|
||||
// 成功后跳转页面
|
||||
shiroFilterFactoryBean.setSuccessUrl("/apps");
|
||||
// 未授权页面
|
||||
shiroFilterFactoryBean.setUnauthorizedUrl("/error/unauthorized");
|
||||
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
|
||||
return shiroFilterFactoryBean;
|
||||
|
||||
@@ -13,10 +13,13 @@ import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
import org.yzr.model.App;
|
||||
import org.yzr.model.Package;
|
||||
import org.yzr.model.Storage;
|
||||
import org.yzr.model.User;
|
||||
import org.yzr.service.AppService;
|
||||
import org.yzr.service.PackageService;
|
||||
import org.yzr.service.StorageService;
|
||||
import org.yzr.service.UserService;
|
||||
import org.yzr.storage.StorageUtil;
|
||||
import org.yzr.utils.file.FileType;
|
||||
import org.yzr.utils.file.FileUtil;
|
||||
import org.yzr.utils.file.PathManager;
|
||||
@@ -114,13 +117,11 @@ public class PackageController {
|
||||
if (user == null) {
|
||||
return ResponseUtil.unauthz();
|
||||
}
|
||||
String filePath = transfer(file);
|
||||
FileType fileType = FileUtil.getType(filePath);
|
||||
if (fileType == null || fileType != FileType.ZIP) {
|
||||
// 文件类型错误
|
||||
FileUtils.forceDelete(new File(filePath));
|
||||
return ResponseUtil.badArgument();
|
||||
String filePath = StorageUtil.checkAndTransfer(file.getInputStream(), file.getSize(), file.getContentType(), file.getOriginalFilename());
|
||||
if (filePath == null) {
|
||||
return ResponseUtil.fail(401, "不支持的文件类型");
|
||||
}
|
||||
|
||||
Package aPackage = this.packageService.buildPackage(filePath, user);
|
||||
Map<String, String> extra = new HashMap<>();
|
||||
String jobName = request.getParameter("jobName");
|
||||
|
||||
@@ -1,15 +1,23 @@
|
||||
package org.yzr.storage;
|
||||
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.apache.commons.io.FilenameUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.core.io.Resource;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
import org.yzr.model.Storage;
|
||||
import org.yzr.utils.CharUtil;
|
||||
import org.yzr.utils.file.FileType;
|
||||
import org.yzr.utils.file.FileUtil;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.InputStream;
|
||||
import java.io.PushbackInputStream;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.nio.file.StandardCopyOption;
|
||||
import java.util.UUID;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
/**
|
||||
@@ -37,6 +45,47 @@ public class StorageUtil {
|
||||
this.storage = storage;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 检测并转存文件
|
||||
* @param inputStream
|
||||
* @param contentLength
|
||||
* @param contentType
|
||||
* @param fileName
|
||||
* @return
|
||||
*/
|
||||
public static String checkAndTransfer(InputStream inputStream, long contentLength, String contentType, String fileName) {
|
||||
// 判断文件类型
|
||||
if (!(contentType != null && contentType.equalsIgnoreCase("application/octet-stream"))) {
|
||||
return null;
|
||||
}
|
||||
int len = 28;
|
||||
PushbackInputStream pushbackInputStream = new PushbackInputStream(inputStream, len);
|
||||
try {
|
||||
byte[] b = new byte[len];
|
||||
FileType type = FileUtil.getType(pushbackInputStream);
|
||||
// ipa和apk文件都是zip文件
|
||||
if (type != FileType.ZIP) {
|
||||
pushbackInputStream.close();
|
||||
return null;
|
||||
}
|
||||
pushbackInputStream.unread(b);
|
||||
// 获取文件后缀
|
||||
String ext = FilenameUtils.getExtension(fileName);
|
||||
// 生成文件名
|
||||
String newFileName = UUID.randomUUID().toString() + "." + ext;
|
||||
// 转存到 tmp
|
||||
String destPath = FileUtils.getTempDirectoryPath() + File.separator + newFileName;
|
||||
destPath = destPath.replaceAll("//", "/");
|
||||
System.out.println(destPath);
|
||||
Files.copy(pushbackInputStream, Paths.get(destPath), StandardCopyOption.REPLACE_EXISTING);
|
||||
return destPath;
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* 存储一个文件对象
|
||||
*
|
||||
@@ -46,6 +95,7 @@ public class StorageUtil {
|
||||
* @param fileName 文件索引名
|
||||
*/
|
||||
public Storage store(InputStream inputStream, long contentLength, String contentType, String fileName) {
|
||||
// 判断文件类型
|
||||
if (!(contentType != null && contentType.equalsIgnoreCase("application/octet-stream"))) {
|
||||
return null;
|
||||
}
|
||||
@@ -55,6 +105,7 @@ public class StorageUtil {
|
||||
try {
|
||||
byte[] b = new byte[len];
|
||||
FileType type = FileUtil.getType(pushbackInputStream);
|
||||
// ipa和apk文件都是zip文件
|
||||
if (type != FileType.ZIP) {
|
||||
pushbackInputStream.close();
|
||||
return null;
|
||||
|
||||
Reference in New Issue
Block a user