Merge branch 'main' of http://carsafe.uicp.cn/toolchaintechnologycenter/spdm-backend

2026-03-19 15:01:42 +08:00
parent c958a4b46f d1f08f22ed
commit c59b039881
2 changed files with 13 additions and 6 deletions
--- a/data/src/main/java/com/sdm/data/model/req/DownloadFileReq.java
+++ b/data/src/main/java/com/sdm/data/model/req/DownloadFileReq.java
@@ -22,4 +22,7 @@ public class DownloadFileReq {

    @Schema(description = "解密密钥")
    private String decryptKey;
+
+    @Schema(description = "是否跳过权限校验，默认为false", requiredMode = Schema.RequiredMode.NOT_REQUIRED)
+    private Boolean skipPermissionCheck = false;
 }
--- a/data/src/main/java/com/sdm/data/service/impl/MinioFileIDataFileServiceImpl.java
+++ b/data/src/main/java/com/sdm/data/service/impl/MinioFileIDataFileServiceImpl.java
@@ -2193,7 +2193,6 @@ public class MinioFileIDataFileServiceImpl implements IDataFileService {


    @Override
-    @PermissionCheckAspect.FilePermissionCheck(value = FilePermissionEnum.DOWNLOAD, fileIdExpression = "#req.fileId")
    public void downloadFile(DownloadFileReq req, HttpServletResponse response) {
        try {
            FileMetadataInfo fileMetadataInfo = fileMetadataInfoService.lambdaQuery().eq(FileMetadataInfo::getId, req.getFileId()).one();
@@ -2203,11 +2202,16 @@ public class MinioFileIDataFileServiceImpl implements IDataFileService {
            }
            String fileObjectKey = fileMetadataInfo.getObjectKey();

-          /*  boolean hasDownloadPermission = fileUserPermissionService.hasFilePermission(fileMetadataInfo.getId(), ThreadLocalContext.getUserId(), FilePermissionEnum.DOWNLOAD);
-            if (!hasDownloadPermission) {
-                response.sendError(HttpServletResponse.SC_NON_AUTHORITATIVE_INFORMATION, "用户无权限");
-                return;
-            }*/
+
+            if(Boolean.FALSE.equals(req.getSkipPermissionCheck())) {
+                boolean hasDownloadPermission = fileUserPermissionService.hasFilePermission(fileMetadataInfo.getId(), ThreadLocalContext.getUserId(), FilePermissionEnum.DOWNLOAD);
+                if (!hasDownloadPermission) {
+                    response.sendError(HttpServletResponse.SC_NON_AUTHORITATIVE_INFORMATION, "用户无权限");
+                    return;
+                }
+            }
+
+
            // 从MinIO下载文件
            minioService.streamFile(fileObjectKey, fileMetadataInfo.getBucketName(), response, fileMetadataInfo.getOriginalName(), "");
        } catch (Exception e) {