fix:下载文件只检查项目、知识库文件权限&编辑指标

2025-12-05 17:09:27 +08:00
parent 214c518067
commit 2c0fc1e889
14 changed files with 57 additions and 15 deletions
--- a/data/src/main/java/com/sdm/data/aop/PermissionCheckAspect.java
+++ b/data/src/main/java/com/sdm/data/aop/PermissionCheckAspect.java
@@ -1,7 +1,11 @@
 package com.sdm.data.aop;

+import com.sdm.common.common.SdmResponse;
 import com.sdm.common.common.ThreadLocalContext;
+import com.sdm.common.entity.enums.DirTypeEnum;
 import com.sdm.common.entity.enums.FilePermissionEnum;
+import com.sdm.common.entity.resp.data.FileMetadataInfoResp;
+import com.sdm.data.service.IDataFileService;
 import com.sdm.data.service.IFileUserPermissionService;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
@@ -19,6 +23,7 @@ import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;
 import java.nio.file.AccessDeniedException;
+import java.util.Arrays;

@Aspect
@Component
@@ -26,6 +31,8 @@ public class PermissionCheckAspect {

    @Autowired
    private IFileUserPermissionService fileUserPermissionService;
+    @Autowired
+    private IDataFileService dataFileService;

    private final ExpressionParser parser = new SpelExpressionParser();
    private final EvaluationContext context = SimpleEvaluationContext.forReadOnlyDataBinding().build();
@@ -42,10 +49,17 @@ public class PermissionCheckAspect {
        if (fileId == null) {
            throw new RuntimeException("无法解析 fileId，请检查 @FilePermissionCheck.fileIdExpression()");
        }
-
-        // 检查权限
-        if (!fileUserPermissionService.hasFilePermission(fileId, userId, filePermissionCheck.value())) {
-            throw new RuntimeException("用户无操作文件和文件夹权限");
+        // 知识库和项目文件需要验证权限
+        SdmResponse<FileMetadataInfoResp> sdmResponse = dataFileService.queryFileMetadataInfo(null, null, fileId);
+        if (sdmResponse.getData() != null) {
+            String objectKey = sdmResponse.getData().getObjectKey();
+            String dirName = objectKey.substring(0, objectKey.indexOf("/"));
+            if (Arrays.asList(DirTypeEnum.KNOWLEDGE_BASE_DIR.getDirName(), DirTypeEnum.PROJECT_NODE_DIR.getDirName()).contains(dirName)) {
+                // 检查权限
+                if (!fileUserPermissionService.hasFilePermission(fileId, userId, filePermissionCheck.value())) {
+                    throw new RuntimeException("用户无操作文件和文件夹权限");
+                }
+            }
        }
    }

--- a/data/src/main/java/com/sdm/data/controller/DataFileController.java
+++ b/data/src/main/java/com/sdm/data/controller/DataFileController.java
@@ -396,7 +396,7 @@ public class DataFileController implements IDataFeignClient {

    @GetMapping("/queryFileMetadataInfo")
    @Operation(summary = "根据节点uuid获取节点文件夹信息", description = "获取节点文件夹信息")
-    public SdmResponse<FileMetadataInfoResp> queryFileMetadataInfo(@RequestParam(value = "uuid") String uuid, @RequestParam(value = "uuidOwnType") String uuidOwnType, @RequestParam(value = "dirId") Integer dirId) {
+    public SdmResponse<FileMetadataInfoResp> queryFileMetadataInfo(@RequestParam(value = "uuid") String uuid, @RequestParam(value = "uuidOwnType") String uuidOwnType, @RequestParam(value = "dirId") Long dirId) {
        return IDataFileService.queryFileMetadataInfo(uuid, uuidOwnType, dirId);
    }

--- a/data/src/main/java/com/sdm/data/service/IDataFileService.java
+++ b/data/src/main/java/com/sdm/data/service/IDataFileService.java
@@ -311,7 +311,7 @@ public interface IDataFileService {
    default SdmResponse approveDataFile(LaunchApproveReq req){return null;};


-    SdmResponse<FileMetadataInfoResp> queryFileMetadataInfo(String uuid, String uuidOwnType, Integer dirId);
+    SdmResponse<FileMetadataInfoResp> queryFileMetadataInfo(String uuid, String uuidOwnType, Long dirId);

    SdmResponse<ChunkUploadMinioFileResp> chunkUploadToMinio(ChunkUploadMinioFileReq req);

--- a/data/src/main/java/com/sdm/data/service/impl/MinioFileIDataFileServiceImpl.java
+++ b/data/src/main/java/com/sdm/data/service/impl/MinioFileIDataFileServiceImpl.java
@@ -227,7 +227,7 @@ public class MinioFileIDataFileServiceImpl implements IDataFileService {
    }

    @Override
-    public SdmResponse<FileMetadataInfoResp> queryFileMetadataInfo(String uuid, String uuidOwnType, Integer dirId) {
+    public SdmResponse<FileMetadataInfoResp> queryFileMetadataInfo(String uuid, String uuidOwnType, Long dirId) {
        LambdaQueryWrapper<FileMetadataInfo> queryWrapper = new LambdaQueryWrapper<>();
        if (dirId != 0) {
            queryWrapper.eq(FileMetadataInfo::getId,dirId);
--- a/data/src/main/java/com/sdm/data/service/impl/SystemFileIDataFileServiceImpl.java
+++ b/data/src/main/java/com/sdm/data/service/impl/SystemFileIDataFileServiceImpl.java
@@ -1281,7 +1281,7 @@ public class SystemFileIDataFileServiceImpl implements IDataFileService {
    }

    @Override
-    public SdmResponse<FileMetadataInfoResp> queryFileMetadataInfo(String uuid, String uuidOwnType, Integer dirId) {
+    public SdmResponse<FileMetadataInfoResp> queryFileMetadataInfo(String uuid, String uuidOwnType, Long dirId) {
        return null;
    }