[新功能]文件的查看、下载、转发以及权限校验

app/file/controller/file.go

@@ -53,7 +53,7 @@ func (f *file) Distribute(c *gin.Context) {
 	userFile := model.ReqUserFile{}
 	json.Unmarshal([]byte(str), &userFile)
 
-	savePath := "/uploadfiles/" + newfileName
+	savePath := "uploadfiles/" + newfileName
 	distribute := service.FileService.Distribute(formFile.Filename, savePath, &userFile, nowUser.User.ID)
 
 	c.JSON(http.StatusOK, distribute)
@@ -65,3 +65,32 @@ func (f *file) GetUserFiles(c *gin.Context) {
 	files := service.FileService.GetUserFiles(claims.ID)
 	c.JSON(http.StatusOK, files)
 }
+
+// 转发文件
+func (f *file) ForwardingFile(c *gin.Context) {
+	fileid := c.Query("fileid")
+	header := c.GetHeader("Authorization")
+	claims, _ := token.JwtClaims.ParseJwtToken(header)
+
+	requsers := model.ReqUsers{}
+	if err := c.ShouldBindJSON(&requsers); err != nil {
+		c.JSON(http.StatusOK, common.ParamsInvalidResponse(err.Error(), nil))
+		return
+	}
+	uid, _ := strconv.Atoi(claims.ID)
+	fid, _ := strconv.Atoi(fileid)
+	forwardingFile := service.FileService.ForwardingFile(uid, fid, requsers.UsersId)
+	c.JSON(http.StatusOK, forwardingFile)
+}
+
+// 查看文件
+func (f *file) ViewFile(c *gin.Context) {
+	fileid := c.Query("fileid")
+	service.FileService.GetFile(fileid, c)
+}
+
+// 下载文件
+func (f *file) DownloadFile(c *gin.Context) {
+	fileid := c.Query("fileid")
+	service.FileService.GetFile(fileid, c)
+}

app/file/dao/file.go

@@ -31,8 +31,14 @@ func (f *File) GetUserFiles(uid int) ([]File, error) {
 		Select("file.*").
 		Joins("left join user_file uf on uf.file_id = file.id").
 		Where("uf.receiver = ? AND file.is_showed = 0 AND file.is_deleted = 0", uid).
-		Order("upload_time DESC"). // 根据created_at字段降序排列
+		Order("upload_time DESC").
+		Group("file.id"). // 根据created_at字段降序排列
 		Scan(&files).
 		Error
 	return files, err
 }
+
+func (f *File) GetFile(id string) (*File, error) {
+	err := Db.Model(&f).Where("id = ?", id).First(&f).Error
+	return f, err
+}

app/file/dao/userfile.go

@@ -4,12 +4,12 @@ import "time"
 
 // UserFile 用户文件记录表
 type UserFile struct {
-	ID              int       `gorm:"primary_key;type:int" json:"id"`                                         //编号
-	Operator        int       `gorm:"type:int" json:"operator"`                                               //操作者id
-	Receiver        int       `gorm:"type:int" json:"receiver"`                                               //接收者id
-	FileID          int       `gorm:"type:int" json:"fileid"`                                                 //文件id
-	EffectiveDate   time.Time `gorm:"autoCreateTime;column:effectiveDate;type:datetime" json:"effectiveDate"` //阅读的有效日期
-	OperationStatus string    `gorm:"type:varchar(12)" json:"operationStatus"`                                //操作状态
+	ID              int        `gorm:"primary_key;type:int" json:"id"`                          //编号
+	Operator        int        `gorm:"type:int" json:"operator"`                                //操作者id
+	Receiver        int        `gorm:"type:int" json:"receiver"`                                //接收者id
+	FileID          int        `gorm:"type:int" json:"fileid"`                                  //文件id
+	EffectiveDate   *time.Time `gorm:"column:effectiveDate;type:datetime" json:"effectiveDate"` //阅读的有效日期
+	OperationStatus string     `gorm:"type:varchar(12)" json:"operationStatus"`                 //操作状态
 }
 
 func (*UserFile) TableName() string {

app/file/model/file.go

@@ -9,3 +9,7 @@ type ReqUserFile struct {
 	DeptsId       []int     `json:"deptsId"`       //下发的部门id
 	EffectiveDate time.Time `json:"effectiveDate"` //阅读的有效日期
 }
+
+type ReqUsers struct {
+	UsersId []int `json:"users"` //转发的用户id
+}

app/file/service/fileService.go

@@ -2,11 +2,13 @@ package service
 
 import (
 	"github.com/gin-gonic/gin"
+	"io/ioutil"
 	"iot_manager_service/app/file/dao"
 	"iot_manager_service/app/file/model"
 	userdao "iot_manager_service/app/user/dao"
 	"iot_manager_service/util/common"
 	"iot_manager_service/util/websocket"
+	"net/http"
 	"path"
 	"strconv"
 	"time"
@@ -44,7 +46,7 @@ func (f *fileService) Distribute(encryptedname, savepath string, requserfile *mo
 			Operator:        uid,
 			Receiver:        u.ID,
 			FileID:          file.ID,
-			EffectiveDate:   requserfile.EffectiveDate,
+			EffectiveDate:   &requserfile.EffectiveDate,
 			OperationStatus: "上传",
 		})
 	}
@@ -71,3 +73,40 @@ func (f *fileService) GetUserFiles(id string) *common.Errors {
 	}
 	return common.SuccessResponse("查询成功", gin.H{"files": files})
 }
+
+func (f *fileService) GetFile(id string, c *gin.Context) {
+	filedao := &dao.File{}
+	file, err := filedao.GetFile(id)
+	if err != nil {
+		panic(err.Error())
+	}
+	encryptedData, err := ioutil.ReadFile(file.SavePath)
+	if err != nil {
+		panic(err.Error())
+	}
+	c.Header("Content-Disposition", "attachment;filename="+file.EncryptedName)
+	c.Header("Content-Type", "application/octet-stream")
+	c.Data(http.StatusOK, "application/octet-stream", encryptedData)
+}
+
+// 转发
+func (f *fileService) ForwardingFile(uid, fileid int, users []int) *common.Errors {
+	var userfile []dao.UserFile
+	var nilTime *time.Time
+	for _, u := range users {
+		userfile = append(userfile, dao.UserFile{
+			Operator:        uid,
+			Receiver:        u,
+			FileID:          fileid,
+			EffectiveDate:   nilTime,
+			OperationStatus: "转发",
+		})
+	}
+	userfiledao := &dao.UserFile{}
+	err := userfiledao.BatchUFRecords(userfile)
+	if err != nil {
+		return common.FailResponse(err.Error(), nil)
+
+	}
+	return common.SuccessResponse("新增记录成功", nil)
+}

app/middleware/checkAuth.go

@@ -1,53 +1,57 @@
 package middleware
 
-//type CustomResponseWriter struct {
-//	gin.ResponseWriter
-//	body *bytes.Buffer
-//	Host string
-//}
-//
-//func (w CustomResponseWriter) Write(b []byte) (int, error) {
-//	w.body.Write(b)
-//	if strings.Contains(w.Host, "cloud.long-chi.com") {
-//		old := string(b)
-//		//为兼容https，此处需要修改下
-//		new := strings.ReplaceAll(old, "http://110.40.223.170:9000/", "https://cloud.long-chi.com/")
-//		new = strings.ReplaceAll(new, "http://106.52.134.22:9099/", "https://cloud.long-chi.com/")
-//		b = []byte(new)
-//	}
-//	return w.ResponseWriter.Write(b)
-//}
-//
-//func (w CustomResponseWriter) WriteString(s string) (int, error) {
-//	w.body.WriteString(s)
-//	return w.ResponseWriter.WriteString(s)
-//}
+import (
+	"fmt"
+	"github.com/gin-gonic/gin"
+	"iot_manager_service/app/file/dao"
+	"iot_manager_service/util/cache"
+	"iot_manager_service/util/common"
+	"iot_manager_service/util/token"
+	"net/http"
+	"strings"
+)
 
-//func CheckAuth() gin.HandlerFunc {
-//	return func(ctx *gin.Context) {
-//		//该路由下不校验token
-//		if strings.Contains(ctx.Request.RequestURI, "/login") ||
-//			strings.Contains(ctx.Request.RequestURI, "/captcha") ||
-//			strings.Contains(ctx.Request.RequestURI, "/tenant/info") ||
-//			strings.Contains(ctx.Request.RequestURI, "/api/ctwing/aep/callback") ||
-//			strings.Contains(ctx.Request.RequestURI, "/token") {
-//			ctx.Next()
-//			return
-//		}
-//
-//		authorization := ctx.GetHeader(Authorization)
-//		if authorization != "" {
-//			token := ParseAccessToken(authorization)
-//			if token != nil {
-//				ctx.Set(Authorization, token)
-//
-//				blw := &CustomResponseWriter{body: bytes.NewBufferString(""), ResponseWriter: ctx.Writer, Host: ctx.Request.Host}
-//				ctx.Writer = blw
-//				ctx.Next()
-//				return
-//			}
-//		}
-//		ctx.JSON(http.StatusUnauthorized, common.NormalResponse(http.StatusUnauthorized, "token is invalid", nil))
-//		ctx.Abort()
-//	}
-//}
+// 校验用户对文件的权限
+func CheckAuth() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		header := c.GetHeader("Authorization")
+		claims, _ := token.JwtClaims.ParseJwtToken(header)
+		user, _ := cache.GetNowUser(claims.ID)
+		fileid := c.Query("fileid")
+
+		filedao := &dao.File{}
+		file, err := filedao.GetFile(fileid)
+		if err != nil {
+			c.JSON(http.StatusOK, err)
+			c.Abort()
+			return
+		}
+		userAuth := user.User.AuthId
+		fileAuth := file.AuthId
+
+		var permissionMap = map[string]struct {
+			index   int
+			message string
+		}{
+			"/viewfile":       {0, "查看"},
+			"/downloadfile":   {1, "下载"},
+			"/forwardingfile": {2, "转发"},
+		}
+
+		for url, obj := range permissionMap {
+			if strings.Contains(c.Request.RequestURI, url) {
+				if fileAuth[obj.index] != '1' {
+					c.JSON(http.StatusForbidden, common.StatusForbidden(fmt.Sprintf("抱歉，该文件不支持【%s】操作，请联系管理员。", obj.message), nil))
+					c.Abort()
+					return
+				}
+				if userAuth[obj.index] != fileAuth[obj.index] || userAuth[obj.index] != '1' {
+					c.JSON(http.StatusForbidden, common.StatusForbidden(fmt.Sprintf("抱歉，您没有【%s】该文件权限，请联系管理员。", obj.message), nil))
+					c.Abort()
+					return
+				}
+			}
+		}
+		c.Next()
+	}
+}

app/user/controller/user.go

@@ -57,7 +57,7 @@ func (u *user) GetNewTokens(c *gin.Context) {
 	tokens["accessToken"] = accessToken
 	tokens["refreshToken"] = refreshToken
 
-	c.JSON(http.StatusOK, gin.H{"token": tokens})
+	c.JSON(http.StatusOK, common.SuccessResponse("获取成功", tokens))
 }
 
 func (u *user) Logout(c *gin.Context) {

router/router.go

@@ -37,6 +37,9 @@ func InitRouter(engine *gin.Engine) {
 	{
 		files.POST("/distribute", file.FileController.Distribute)
 		files.GET("/getuserfiles", file.FileController.GetUserFiles)
+		files.GET("/viewfile", middleware.CheckAuth(), file.FileController.ViewFile)
+		files.GET("/downloadfile", middleware.CheckAuth(), file.FileController.DownloadFile)
+		files.POST("/forwardingfile", middleware.CheckAuth(), file.FileController.ForwardingFile)
 	}
 
 	//下发通知
@@ -44,9 +47,7 @@ func InitRouter(engine *gin.Engine) {
 	{
 		//请求Websocket连接
 		notice.GET("/websocket", websocket.HandleWebSocket)
-
 		notice.GET("/demo", user.UserController.GetUser)
-
 	}
 
 }

util/common/errors.go

@@ -53,6 +53,14 @@ func StatusUnauthorized(msg string, data interface{}) *Errors {
 	}
 }
 
+func StatusForbidden(msg string, data interface{}) *Errors {
+	return &Errors{
+		Code: 403,
+		Msg:  msg,
+		Data: data,
+	}
+}
+
 func OperationInvalidResponse(msg string, data interface{}) *Errors {
 	return &Errors{
 		Code: CodeOperationInvalid,

util/token/token.go

@@ -28,7 +28,7 @@ var (
 )
 
 // CreateJwtToken 生成一个jwttoken
-func (jwtClaims) CreateJwtToken(id string, userName string, uuid string, ti time.Duration) (string, error) {
+func (jwtClaims) CreateJwtToken(id, userName, uuid string, ti time.Duration) (string, error) {
 
 	// 定义过期时间
 	expireToken := time.Now().Add(time.Hour * ti).Unix()

util/websocket/websocket.go

@@ -62,9 +62,11 @@ func HandleWebSocket(c *gin.Context) {
 // 关闭对应的用户连接
 func CloseConn(id string) {
 	mutex.Lock()
-	conn, _ := client[id]
+	conn, ok := client[id]
 	mutex.Unlock()
-	conn.Close()
+	if ok {
+		conn.Close()
+	}
 }
 
 // 发送消息给指定用户