fix delete-md-img bug

This commit is contained in:
Himit_ZH 2021-12-21 22:52:56 +08:00
parent eb2929ad6f
commit 6844f5e712
5 changed files with 54 additions and 7 deletions

View File

@ -4,6 +4,7 @@ import cn.hutool.core.io.FileUtil;
import cn.hutool.core.map.MapUtil; import cn.hutool.core.map.MapUtil;
import cn.hutool.core.util.IdUtil; import cn.hutool.core.util.IdUtil;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.Logical; import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresAuthentication; import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresRoles; import org.apache.shiro.authz.annotation.RequiresRoles;
@ -14,9 +15,13 @@ import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.multipart.MultipartFile; import org.springframework.web.multipart.MultipartFile;
import top.hcode.hoj.common.result.CommonResult; import top.hcode.hoj.common.result.CommonResult;
import top.hcode.hoj.pojo.vo.UserRolesVo;
import top.hcode.hoj.service.common.impl.FileServiceImpl;
import top.hcode.hoj.utils.Constants; import top.hcode.hoj.utils.Constants;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.File; import java.io.File;
/** /**
@ -30,10 +35,13 @@ import java.io.File;
public class MarkDownFileController { public class MarkDownFileController {
@Resource
private FileServiceImpl fileService;
@RequestMapping(value = "/upload-md-img", method = RequestMethod.POST) @RequestMapping(value = "/upload-md-img", method = RequestMethod.POST)
@RequiresAuthentication @RequiresAuthentication
@ResponseBody @ResponseBody
public CommonResult uploadMDImg(@RequestParam("image") MultipartFile image) { public CommonResult uploadMDImg(@RequestParam("image") MultipartFile image, HttpServletRequest request) {
if (image == null) { if (image == null) {
return CommonResult.errorResponse("上传的图片不能为空!"); return CommonResult.errorResponse("上传的图片不能为空!");
} }
@ -59,9 +67,21 @@ public class MarkDownFileController {
return CommonResult.errorResponse("服务器异常:图片文件上传失败!", CommonResult.STATUS_ERROR); return CommonResult.errorResponse("服务器异常:图片文件上传失败!", CommonResult.STATUS_ERROR);
} }
// 获取当前登录用户
HttpSession session = request.getSession();
UserRolesVo userRolesVo = (UserRolesVo) session.getAttribute("userInfo");
top.hcode.hoj.pojo.entity.common.File file = new top.hcode.hoj.pojo.entity.common.File();
file.setFolderPath(Constants.File.MARKDOWN_FILE_FOLDER.getPath())
.setName(filename)
.setFilePath(Constants.File.MARKDOWN_FILE_FOLDER.getPath() + File.separator + filename)
.setSuffix(suffix)
.setType("md")
.setUid(userRolesVo.getUid());
fileService.save(file);
return CommonResult.successResponse(MapUtil.builder() return CommonResult.successResponse(MapUtil.builder()
.put("link", Constants.File.IMG_API.getPath() + filename) .put("link", Constants.File.IMG_API.getPath() + filename)
.put("filePath", Constants.File.MARKDOWN_FILE_FOLDER.getPath() + File.separator + filename).map(), .put("fileId", file.getId()).map(),
"上传图片成功!"); "上传图片成功!");
} }
@ -70,9 +90,33 @@ public class MarkDownFileController {
@RequestMapping(value = "/delete-md-img", method = RequestMethod.GET) @RequestMapping(value = "/delete-md-img", method = RequestMethod.GET)
@RequiresAuthentication @RequiresAuthentication
@ResponseBody @ResponseBody
public CommonResult uploadMDImg(@RequestParam("filePath") String filePath) { public CommonResult deleteMDImg(@RequestParam("fileId") Long fileId, HttpServletRequest request) {
boolean result = FileUtil.del(filePath);
// 获取当前登录用户
HttpSession session = request.getSession();
UserRolesVo userRolesVo = (UserRolesVo) session.getAttribute("userInfo");
top.hcode.hoj.pojo.entity.common.File file = fileService.getById(fileId);
if (file == null) {
return CommonResult.errorResponse("错误:文件不存在!");
}
if (!file.getType().equals("md")) {
return CommonResult.errorResponse("错误:不支持删除!", CommonResult.STATUS_FORBIDDEN);
}
boolean isRoot = SecurityUtils.getSubject().hasRole("root");
boolean isProblemAdmin = SecurityUtils.getSubject().hasRole("problem_admin");
boolean isAdmin = SecurityUtils.getSubject().hasRole("admin");
if (!file.getUid().equals(userRolesVo.getUid()) && !isRoot && !isAdmin && !isProblemAdmin) {
return CommonResult.errorResponse("错误:无权删除他人文件!", CommonResult.STATUS_FORBIDDEN);
}
boolean result = FileUtil.del(file.getFilePath());
if (result) { if (result) {
fileService.removeById(fileId);
return CommonResult.successResponse(null, "删除成功"); return CommonResult.successResponse(null, "删除成功");
} else { } else {
return CommonResult.errorResponse("删除失败"); return CommonResult.errorResponse("删除失败");

View File

@ -314,6 +314,7 @@ public class AccountController {
if (loginDto.getUsername().length() > 20) { if (loginDto.getUsername().length() > 20) {
return CommonResult.errorResponse("用户名长度不能超过20位!"); return CommonResult.errorResponse("用户名长度不能超过20位!");
} }
UserRolesVo userRoles = userRoleDao.getUserRoles(null, loginDto.getUsername()); UserRolesVo userRoles = userRoleDao.getUserRoles(null, loginDto.getUsername());
Assert.notNull(userRoles, "用户名不存在,请注意大小写!"); Assert.notNull(userRoles, "用户名不存在,请注意大小写!");
if (!userRoles.getPassword().equals(SecureUtil.md5(loginDto.getPassword()))) { if (!userRoles.getPassword().equals(SecureUtil.md5(loginDto.getPassword()))) {

View File

@ -59,7 +59,7 @@ public class Dispatcher {
CompileSpj compileSpj = (CompileSpj) data; CompileSpj compileSpj = (CompileSpj) data;
return toCompile(path, compileSpj); return toCompile(path, compileSpj);
default: default:
throw new NullPointerException("判题机不支持此调用类型"); throw new IllegalArgumentException("判题机不支持此调用类型");
} }
return null; return null;
} }

View File

@ -135,6 +135,8 @@ public class Constants {
CODE_CHANGE_EMAIL_FAIL("change-email-fail:"), CODE_CHANGE_EMAIL_FAIL("change-email-fail:"),
CODE_CHANGE_EMAIL_LOCK("change-email-lock:"), CODE_CHANGE_EMAIL_LOCK("change-email-lock:"),
TRY_LOGIN_NUM("try-login-num:"),
ACM_RANK_CACHE("acm_rank_cache"), ACM_RANK_CACHE("acm_rank_cache"),
OI_RANK_CACHE("oi_rank_cache"), OI_RANK_CACHE("oi_rank_cache"),

View File

@ -61,7 +61,7 @@ export default {
headers: { 'Content-Type': 'multipart/form-data' }, headers: { 'Content-Type': 'multipart/form-data' },
}).then((res) => { }).then((res) => {
this.$refs.md.$img2Url(pos, res.data.data.link); this.$refs.md.$img2Url(pos, res.data.data.link);
this.img_file[res.data.data.link] = res.data.data.filePath; this.img_file[res.data.data.link] = res.data.data.fileId;
}); });
}, },
$imgDel(pos) { $imgDel(pos) {
@ -70,7 +70,7 @@ export default {
url: '/api/file/delete-md-img', url: '/api/file/delete-md-img',
method: 'get', method: 'get',
params: { params: {
filePath: this.img_file[pos[0]], fileId: this.img_file[pos[0]],
}, },
}); });
}, },