fix:创建文件夹可以跳过权限校验
This commit is contained in:
@@ -18,6 +18,9 @@ public class BatchCreateNormalDirReq {
|
||||
@Schema(description = "父节点对应的文件夹ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||
private Long parentId;
|
||||
|
||||
@Schema(description = "是否跳过权限校验,默认为false", requiredMode = Schema.RequiredMode.NOT_REQUIRED)
|
||||
private Boolean skipPermissionCheck = false;
|
||||
|
||||
@NotEmpty(message = "文件夹项列表不能为空")
|
||||
@Schema(description = "待创建的文件夹项列表", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||
private List<FolderItemReq> folderItems;
|
||||
|
||||
@@ -3993,8 +3993,8 @@ public class MinioFileIDataFileServiceImpl implements IDataFileService {
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public SdmResponse<BatchCreateNormalDirResp> batchCreateNormalDirs(BatchCreateNormalDirReq req) {
|
||||
log.info("开始执行批量创建普通文件夹,父目UUID: {}, folderItems数量: {}",
|
||||
req.getParentUUId(), req.getFolderItems() == null ? 0 : req.getFolderItems().size());
|
||||
log.info("开始执行批量创建普通文件夹,父目录ID: {}, 父目录UUID: {}, folderItems数量: {}, 跳过权限校验: {}",
|
||||
req.getParentId(), req.getParentUUId(), req.getFolderItems() == null ? 0 : req.getFolderItems().size(), req.getSkipPermissionCheck());
|
||||
long startTime = System.currentTimeMillis();
|
||||
|
||||
// 1. 参数校验
|
||||
@@ -4005,7 +4005,8 @@ public class MinioFileIDataFileServiceImpl implements IDataFileService {
|
||||
}
|
||||
|
||||
// 2. 父目录校验与权限检查
|
||||
SdmResponse<FileMetadataInfo> parentDirResult = validateParentDirAndPermission(req.getParentUUId());
|
||||
SdmResponse<FileMetadataInfo> parentDirResult = validateParentDirAndPermission(
|
||||
req.getParentId(), req.getParentUUId(), req.getSkipPermissionCheck());
|
||||
if (!parentDirResult.isSuccess()) {
|
||||
log.error("父目录校验失败: {}", parentDirResult.getMessage());
|
||||
return SdmResponse.failed(parentDirResult.getMessage());
|
||||
@@ -4069,8 +4070,8 @@ public class MinioFileIDataFileServiceImpl implements IDataFileService {
|
||||
if (req == null) {
|
||||
return SdmResponse.failed("请求参数不能为空");
|
||||
}
|
||||
if (req.getParentUUId() == null) {
|
||||
return SdmResponse.failed("父文件夹UUID不能为空");
|
||||
if (req.getParentId() == null && req.getParentUUId() == null) {
|
||||
return SdmResponse.failed("父文件夹ID和UUID不能同时为空");
|
||||
}
|
||||
if (CollectionUtils.isEmpty(req.getFolderItems())) {
|
||||
return SdmResponse.failed("文件夹项列表不能为空");
|
||||
@@ -4081,20 +4082,33 @@ public class MinioFileIDataFileServiceImpl implements IDataFileService {
|
||||
/**
|
||||
* 验证父目录并检查权限
|
||||
*/
|
||||
private SdmResponse<FileMetadataInfo> validateParentDirAndPermission(String parentUuid) {
|
||||
FileMetadataInfo parentDir = fileMetadataInfoService.lambdaQuery()
|
||||
private SdmResponse<FileMetadataInfo> validateParentDirAndPermission(Long parentId, String parentUuid, boolean skipPermissionCheck) {
|
||||
FileMetadataInfo parentDir;
|
||||
|
||||
// 优先使用 parentId 查找,如果为空则使用 parentUuid
|
||||
if (parentId != null) {
|
||||
parentDir = fileMetadataInfoService.getById(parentId);
|
||||
} else if (parentUuid != null) {
|
||||
parentDir = fileMetadataInfoService.lambdaQuery()
|
||||
.eq(FileMetadataInfo::getRelatedResourceUuid, parentUuid)
|
||||
.one();
|
||||
} else {
|
||||
return SdmResponse.failed("父文件夹ID和UUID不能同时为空");
|
||||
}
|
||||
|
||||
if (parentDir == null) {
|
||||
return SdmResponse.failed("父文件夹不存在");
|
||||
}
|
||||
|
||||
// 如果不跳过权限校验,则检查权限
|
||||
if (!skipPermissionCheck) {
|
||||
// 权限检查(需要写入权限)
|
||||
boolean hasWritePermission = fileUserPermissionService.hasFilePermission(
|
||||
parentDir.getId(), ThreadLocalContext.getUserId(), FilePermissionEnum.WRITE);
|
||||
if (!hasWritePermission) {
|
||||
return SdmResponse.failed("没有写入权限");
|
||||
}
|
||||
}
|
||||
|
||||
return SdmResponse.success(parentDir);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user