evan/tank
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Finish the basic share code validate.

Browse Source
This commit is contained in:
zicla
2019-05-01 03:05:33 +08:00
parent ebd20c6db5
commit adf4b9ea5a
4 changed files with 71 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
code/rest/alien_service.go
View File

@ -17,6 +17,7 @@ type AlienService struct {
userDao *UserDao userDao *UserDao
uploadTokenDao *UploadTokenDao uploadTokenDao *UploadTokenDao
downloadTokenDao *DownloadTokenDao downloadTokenDao *DownloadTokenDao
shareService *ShareService
imageCacheDao *ImageCacheDao imageCacheDao *ImageCacheDao
imageCacheService *ImageCacheService imageCacheService *ImageCacheService
} }
@ -51,6 +52,11 @@ func (this *AlienService) Init() {
this.downloadTokenDao = c this.downloadTokenDao = c
} }
b = core.CONTEXT.GetBean(this.shareService)
if c, ok := b.(*ShareService); ok {
this.shareService = c
}
b = core.CONTEXT.GetBean(this.imageCacheDao) b = core.CONTEXT.GetBean(this.imageCacheDao)
if c, ok := b.(*ImageCacheDao); ok { if c, ok := b.(*ImageCacheDao); ok {
this.imageCacheDao = c this.imageCacheDao = c
@ -105,8 +111,15 @@ func (this *AlienService) PreviewOrDownload(
//判断文件的所属人是否正确 //判断文件的所属人是否正确
operator := this.findUser(writer, request) operator := this.findUser(writer, request)
if operator == nil || (operator.Role != USER_ROLE_ADMINISTRATOR && matter.UserUuid != operator.Uuid) {
//可以使用分享码的形式授权。
shareUuid := request.FormValue("shareUuid")
shareCode := request.FormValue("shareCode")
shareRootUuid := request.FormValue("shareRootUuid")
if shareUuid == "" || shareCode == "" || shareRootUuid == "" {
panic(result.UNAUTHORIZED) panic(result.UNAUTHORIZED)
} else {
this.shareService.ValidateMatter(shareUuid, shareCode, operator, shareRootUuid, matter)
} }
} }

16
code/rest/matter_controller.go
View File

@ -149,20 +149,8 @@ func (this *MatterController) Page(writer http.ResponseWriter, request *http.Req
} }
user := this.findUser(writer, request) user := this.findUser(writer, request)
share := this.shareService.CheckShare(shareUuid, shareCode, user) //根据某个shareUuid和code某个用户是否有权限获取 shareRootUuid 下面的 matterUuid
this.shareService.ValidateMatter(shareUuid, shareCode, user, shareRootUuid, dirMatter)
//验证 shareRootMatter是否在被分享。
shareRootMatter := this.matterDao.CheckByUuid(shareRootUuid)
if !shareRootMatter.Dir {
panic(result.BadRequest("只有文件夹可以浏览!"))
}
this.bridgeDao.CheckByShareUuidAndMatterUuid(share.Uuid, shareRootMatter.Uuid)
//保证 puuid对应的matter是shareRootMatter的子文件夹。
child := strings.HasPrefix(dirMatter.Path, shareRootMatter.Path)
if !child {
panic(result.BadRequest("%s 不是 %s 的子文件夹!", puuid, shareRootUuid))
}
} else { } else {
//非分享模式要求必须登录 //非分享模式要求必须登录

7
code/rest/share_controller.go
View File

@ -302,12 +302,10 @@ func (this *ShareController) Browse(writer http.ResponseWriter, request *http.Re
share := this.shareService.CheckShare(shareUuid, code, user) share := this.shareService.CheckShare(shareUuid, code, user)
bridges := this.bridgeDao.ListByShareUuid(share.Uuid) bridges := this.bridgeDao.ListByShareUuid(share.Uuid)
if puuid == "" {
puuid = MATTER_ROOT
}
//分享的跟目录
if puuid == MATTER_ROOT { if puuid == MATTER_ROOT {
//分享的根目录
//获取对应的 matter. //获取对应的 matter.
var matters []*Matter var matters []*Matter
if len(bridges) != 0 { if len(bridges) != 0 {
@ -315,7 +313,6 @@ func (this *ShareController) Browse(writer http.ResponseWriter, request *http.Re
for _, bridge := range bridges { for _, bridge := range bridges {
uuids = append(uuids, bridge.MatterUuid) uuids = append(uuids, bridge.MatterUuid)
} }
sortArray := []builder.OrderPair{ sortArray := []builder.OrderPair{
{ {
Key: "dir", Key: "dir",

55
code/rest/share_service.go
View File

@ -3,14 +3,17 @@ package rest
import ( import (
"github.com/eyebluecn/tank/code/core" "github.com/eyebluecn/tank/code/core"
"github.com/eyebluecn/tank/code/tool/result" "github.com/eyebluecn/tank/code/tool/result"
"strings"
"time" "time"
) )
//@Service //@Service
type ShareService struct { type ShareService struct {
BaseBean BaseBean
shareDao *ShareDao shareDao *ShareDao
userDao *UserDao matterDao *MatterDao
bridgeDao *BridgeDao
userDao *UserDao
} }
//初始化方法 //初始化方法
@ -23,6 +26,16 @@ func (this *ShareService) Init() {
this.shareDao = b this.shareDao = b
} }
b = core.CONTEXT.GetBean(this.matterDao)
if b, ok := b.(*MatterDao); ok {
this.matterDao = b
}
b = core.CONTEXT.GetBean(this.bridgeDao)
if b, ok := b.(*BridgeDao); ok {
this.bridgeDao = b
}
b = core.CONTEXT.GetBean(this.userDao) b = core.CONTEXT.GetBean(this.userDao)
if b, ok := b.(*UserDao); ok { if b, ok := b.(*UserDao); ok {
this.userDao = b this.userDao = b
@ -60,3 +73,41 @@ func (this *ShareService) CheckShare(shareUuid string, code string, user *User)
return share return share
} }
//根据某个shareUuid和code某个用户是否有权限获取 shareRootUuid 下面的 matterUuid
//如果是根目录下的文件那么shareRootUuid传root.
func (this *ShareService) ValidateMatter(shareUuid string, code string, user *User, shareRootUuid string, matter *Matter) {
if matter == nil {
panic(result.BadRequest("matter cannot be nil"))
}
//如果文件是自己的,那么放行
if user != nil && matter.UserUuid == user.Uuid {
return
}
if shareRootUuid == "" {
panic(result.BadRequest("matterUuid cannot be null"))
}
share := this.CheckShare(shareUuid, code, user)
//如果shareRootUuid是根那么matterUuid在bridge中应该有记录
if shareRootUuid == MATTER_ROOT {
this.bridgeDao.CheckByShareUuidAndMatterUuid(share.Uuid, matter.Uuid)
} else {
//验证 shareRootMatter是否在被分享。
shareRootMatter := this.matterDao.CheckByUuid(shareRootUuid)
this.bridgeDao.CheckByShareUuidAndMatterUuid(share.Uuid, shareRootMatter.Uuid)
//保证 puuid对应的matter是shareRootMatter的子文件夹。
child := strings.HasPrefix(matter.Path, shareRootMatter.Path)
if !child {
panic(result.BadRequest("%s 不是 %s 的子文件夹!", matter.Uuid, shareRootUuid))
}
}
}