Accueil Explorer Aide
Connexion
examcloud-backend
/
examcloud-exchange
2
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

Merge branch 'master' of http://git.qmth.com.cn/ExamCloud-3/examcloud-exchange

chenken il y a 6 ans
Parent
5f54bd63f4 6df0d78b71
commit
ab0b92223c
3 fichiers modifiés avec 17 ajouts et 3 suppressions
Vue séparée Afficher les stats Diff
  1. 8 3
      examcloud-exchange-inner-api-provider/src/main/java/cn/com/qmth/examcloud/exchange/inner/api/controller/UpyunController.java
  2. 8 0
      examcloud-exchange-starter/src/main/java/cn/com/qmth/examcloud/exchange/config/DefaultWebMvcConfigurerAdapter.java
  3. 1 0
      examcloud-exchange-starter/src/main/resources/security-mapping.properties

+ 8 - 3
examcloud-exchange-inner-api-provider/src/main/java/cn/com/qmth/examcloud/exchange/inner/api/controller/UpyunController.java
Voir le fichier 

@@ -13,6 +13,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 
 import org.springframework.web.bind.annotation.RestController;

 

 import cn.com.qmth.examcloud.commons.base.exception.ExamCloudRuntimeException;

+import cn.com.qmth.examcloud.commons.base.exception.StatusException;

 import cn.com.qmth.examcloud.commons.base.util.AES;

 import cn.com.qmth.examcloud.commons.web.security.bean.User;

 import cn.com.qmth.examcloud.commons.web.support.ControllerSupport;

@@ -37,12 +38,16 @@ public class UpyunController extends ControllerSupport {
 
 	AES aes = new AES();

 

 	@ApiOperation(value = "保存照片")

-	@PutMapping("put/{siteId}/{fileName}.{fileSuffix}")

-	public String putFile(@PathVariable String siteId, @PathVariable String fileName,

-			@PathVariable String fileSuffix, HttpServletRequest req) {

+	@PutMapping("put/{siteId}/{fileSuffix}")

+	public String putFile(@PathVariable String siteId, @PathVariable String fileSuffix,

+			HttpServletRequest req) {

 

 		User accessUser = getAccessUser();

 

+		if (!fileSuffix.matches("\\w+")) {

+			throw new StatusException("EX-600100", "fileSuffix is wrong");

+		}

+

 		fileSuffix = "." + fileSuffix;

 

 		ServletInputStream in = null;

+ 8 - 0
examcloud-exchange-starter/src/main/java/cn/com/qmth/examcloud/exchange/config/DefaultWebMvcConfigurerAdapter.java
Voir le fichier 

@@ -22,6 +22,7 @@ import cn.com.qmth.examcloud.commons.web.security.RequestPermissionInterceptor;
 
 import cn.com.qmth.examcloud.commons.web.security.SpringCloudInterceptor;

 import cn.com.qmth.examcloud.commons.web.security.bean.Role;

 import cn.com.qmth.examcloud.commons.web.security.bean.User;

+import cn.com.qmth.examcloud.commons.web.security.bean.UserType;

 import cn.com.qmth.examcloud.commons.web.security.enums.RoleMeta;

 import cn.com.qmth.examcloud.core.basic.api.CommonCloudService;

 

@@ -73,6 +74,13 @@ public class DefaultWebMvcConfigurerAdapter extends WebMvcConfigurerAdapter {
 
 

 			@Override

 			public boolean hasPermission(String mappingPath, User user) {

+

+				// 学生鉴权

+				if (user.getUserType().equals(UserType.STUDENT)) {

+					String key = "[s]" + mappingPath;

+					return PropertiesUtil.getBoolean(key, false);

+				}

+

 				List<Role> roleList = user.getRoleList();

 

 				if (CollectionUtils.isEmpty(roleList)) {

+ 1 - 0
examcloud-exchange-starter/src/main/resources/security-mapping.properties
Voir le fichier 

@@ -0,0 +1 @@
 
+[s][${$rmp.ctr.exchange.inner}/upyun][put/{siteId}/{fileSuffix}][PUT]=true