diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/FilterChainUtils.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/FilterChainUtils.java index dda6d055e7..fecf984473 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/FilterChainUtils.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/FilterChainUtils.java @@ -20,6 +20,7 @@ public class FilterChainUtils { filterChainDefinitionMap.put("/assets/**", "anon"); filterChainDefinitionMap.put("/fonts/**", "anon"); filterChainDefinitionMap.put("/display/info", "anon"); + filterChainDefinitionMap.put("/file/preview/**", "anon"); filterChainDefinitionMap.put("/favicon.ico", "anon"); filterChainDefinitionMap.put("/base-display/**", "anon"); filterChainDefinitionMap.put("/jmeter/ping", "anon"); diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/controller/FileManagementController.java b/backend/services/project-management/src/main/java/io/metersphere/project/controller/FileManagementController.java index b77650ede1..c11efac9a1 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/controller/FileManagementController.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/controller/FileManagementController.java @@ -6,8 +6,8 @@ import io.metersphere.project.service.FileManagementService; import io.metersphere.project.service.FileMetadataService; import io.metersphere.sdk.constants.PermissionConstants; import io.metersphere.sdk.exception.MSException; -import io.metersphere.system.utils.Pager; import io.metersphere.sdk.util.Translator; +import io.metersphere.system.utils.Pager; import io.metersphere.system.utils.SessionUtils; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; @@ -45,6 +45,13 @@ public class FileManagementController { return fileMetadataService.page(request); } + @GetMapping("/get/{id}") + @Operation(summary = "项目管理-文件管理-查看文件详情") + @RequiresPermissions(PermissionConstants.PROJECT_FILE_MANAGEMENT_READ) + public FileInformationDTO page(@PathVariable String id) { + return fileMetadataService.get(id); + } + @PostMapping("/module/count") @Operation(summary = "项目管理-文件管理-表格分页查询文件") @@ -83,13 +90,6 @@ public class FileManagementController { return fileMetadataService.downloadById(id); } - @GetMapping(value = "/download/preview-img/{id}") - @Operation(summary = "项目管理-文件管理-下载图片预览文件") - @RequiresPermissions(PermissionConstants.PROJECT_FILE_MANAGEMENT_READ_DOWNLOAD) - public ResponseEntity downloadPreview(@PathVariable String id) { - return fileMetadataService.downloadPreviewImgById(id); - } - @PostMapping(value = "/delete") @Operation(summary = "项目管理-文件管理-删除文件") @RequiresPermissions(PermissionConstants.PROJECT_FILE_MANAGEMENT_READ_DELETE) diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/controller/FileModuleController.java b/backend/services/project-management/src/main/java/io/metersphere/project/controller/FileModuleController.java index 7a061bcefe..378f5180a8 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/controller/FileModuleController.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/controller/FileModuleController.java @@ -2,13 +2,10 @@ package io.metersphere.project.controller; import io.metersphere.project.request.filemanagement.FileModuleCreateRequest; import io.metersphere.project.request.filemanagement.FileModuleUpdateRequest; -import io.metersphere.project.service.FileModuleLogService; import io.metersphere.project.service.FileModuleService; import io.metersphere.sdk.constants.PermissionConstants; import io.metersphere.system.dto.sdk.BaseTreeNode; import io.metersphere.system.dto.sdk.request.NodeMoveRequest; -import io.metersphere.system.log.annotation.Log; -import io.metersphere.system.log.constants.OperationLogType; import io.metersphere.system.utils.SessionUtils; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; @@ -52,7 +49,6 @@ public class FileModuleController { @GetMapping("/delete/{deleteId}") @Operation(summary = "项目管理-文件管理-模块-删除模块") @RequiresPermissions(PermissionConstants.PROJECT_FILE_MANAGEMENT_READ_DELETE) - @Log(type = OperationLogType.DELETE, expression = "#msClass.deleteLog(#deleteId)", msClass = FileModuleLogService.class) public void deleteNode(@PathVariable String deleteId) { fileModuleService.deleteModule(deleteId, SessionUtils.getUserId()); } diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/controller/FilePreviewController.java b/backend/services/project-management/src/main/java/io/metersphere/project/controller/FilePreviewController.java new file mode 100644 index 0000000000..b24b87bdc1 --- /dev/null +++ b/backend/services/project-management/src/main/java/io/metersphere/project/controller/FilePreviewController.java @@ -0,0 +1,61 @@ +package io.metersphere.project.controller; + +import io.metersphere.project.dto.filemanagement.FileInformationDTO; +import io.metersphere.project.service.FileMetadataService; +import io.metersphere.project.service.PermissionCheckService; +import io.metersphere.sdk.constants.PermissionConstants; +import io.metersphere.sdk.exception.MSException; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.tags.Tag; +import jakarta.annotation.Resource; +import org.apache.commons.lang3.StringUtils; +import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +@Tag(name = "项目管理-文件预览") +@RestController +@RequestMapping("/file/preview") +public class FilePreviewController { + + @Resource + private FileMetadataService fileMetadataService; + @Resource + private PermissionCheckService permissionCheckService; + + + @GetMapping(value = "/original/{userId}/{fileId}") + @Operation(summary = "预览原图") + @RequiresPermissions(PermissionConstants.PROJECT_FILE_MANAGEMENT_READ_DOWNLOAD) + public ResponseEntity originalImg(@PathVariable String userId,@PathVariable String fileId) { + FileInformationDTO fileInformationDTO = fileMetadataService.get(fileId); + if (StringUtils.isEmpty(fileInformationDTO.getId())) { + throw new MSException("file.not.exist"); + } + //检查权限 + if(permissionCheckService.userHasProjectPermission(userId,fileInformationDTO.getProjectId(),PermissionConstants.PROJECT_FILE_MANAGEMENT_READ_DOWNLOAD)){ + return fileMetadataService.downloadById(fileId); + }else { + throw new MSException("http_result_forbidden"); + } + + } + @GetMapping(value = "/compressed/{userId}/{fileId}") + @Operation(summary = "预览缩略图") + public ResponseEntity compressedImg(@PathVariable String userId,@PathVariable String fileId) { + FileInformationDTO fileInformationDTO = fileMetadataService.get(fileId); + if (StringUtils.isEmpty(fileInformationDTO.getId())) { + throw new MSException("file.not.exist"); + } + //检查权限 + if(permissionCheckService.userHasProjectPermission(userId,fileInformationDTO.getProjectId(),PermissionConstants.PROJECT_FILE_MANAGEMENT_READ)){ + return fileMetadataService.downloadPreviewImgById(fileId); + }else { + throw new MSException("http_result_forbidden"); + } + + } +} diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/dto/filemanagement/FileInformationDTO.java b/backend/services/project-management/src/main/java/io/metersphere/project/dto/filemanagement/FileInformationDTO.java index f81ee4b684..68203d5ede 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/dto/filemanagement/FileInformationDTO.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/dto/filemanagement/FileInformationDTO.java @@ -7,6 +7,7 @@ import lombok.Data; import lombok.NoArgsConstructor; import org.apache.commons.lang3.StringUtils; +import java.util.ArrayList; import java.util.List; @Data @@ -21,12 +22,27 @@ public class FileInformationDTO { @Schema(description = "文件类型") private String fileType; + @Schema(description = "项目ID") + private String projectId; + @Schema(description = "标签") - private List tags; + private List tags = new ArrayList<>(); @Schema(description = "描述") private String description; + @Schema(description = "模块名称") + private String moduleName; + + @Schema(description = "模块ID") + private String moduleId; + + @Schema(description = "更新人") + private String createUser; + + @Schema(description = "更新时间") + private long createTime; + @Schema(description = "更新人") private String updateUser; @@ -36,16 +52,25 @@ public class FileInformationDTO { @Schema(description = "文件大小") private long size; + @Schema(description = "启用/禁用(jar文件)") + private boolean enable; + public FileInformationDTO(FileMetadata fileMetadata) { - this.id = fileMetadata.getId(); - this.name = fileMetadata.getName(); - this.fileType = fileMetadata.getType(); - this.size = fileMetadata.getSize(); - if (StringUtils.isNotBlank(fileMetadata.getTags())) { - tags = JSON.parseArray(fileMetadata.getTags(), String.class); + if (fileMetadata != null) { + this.id = fileMetadata.getId(); + this.projectId = fileMetadata.getProjectId(); + this.name = fileMetadata.getName(); + this.fileType = fileMetadata.getType(); + this.description = fileMetadata.getDescription(); + this.moduleId = fileMetadata.getModuleId(); + this.size = fileMetadata.getSize(); + if (StringUtils.isNotBlank(fileMetadata.getTags())) { + tags = JSON.parseArray(fileMetadata.getTags(), String.class); + } + this.createTime = fileMetadata.getCreateTime(); + this.createUser = fileMetadata.getCreateUser(); + this.updateUser = fileMetadata.getUpdateUser(); + this.updateTime = fileMetadata.getUpdateTime(); } - this.description = fileMetadata.getDescription(); - this.updateUser = fileMetadata.getUpdateUser(); - this.updateTime = fileMetadata.getUpdateTime(); } } diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileMetadataMapper.java b/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileMetadataMapper.java index 953c10d225..800340fbf7 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileMetadataMapper.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileMetadataMapper.java @@ -16,6 +16,8 @@ public interface ExtFileMetadataMapper { long countMyFile(FileManagementPageDTO fileManagementPageDTO); + FileMetadata getById(String id); + List selectIdByRefIdList(@Param("refIdList") List refIdList); List selectDeleteFileInfoByIds(@Param("ids") List ids); diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileMetadataMapper.xml b/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileMetadataMapper.xml index 4afeaa9880..cf207be88f 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileMetadataMapper.xml +++ b/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileMetadataMapper.xml @@ -6,18 +6,22 @@ resultType="io.metersphere.project.domain.FileMetadata"> SELECT f.id, + updateUser.name as updateUser, + createUser.name AS createUser, + f.module_id, f.name, f.type, f.tags, f.description, - u.name as update_user, + f.create_time, f.update_time, f.path, f.project_id, f.size, f.storage FROM file_metadata f - INNER JOIN user u ON f.update_user = u.id + INNER JOIN user updateUser ON f.update_user = updateUser.id + INNER JOIN user createUser ON f.create_user = createUser.id @@ -28,7 +32,8 @@ f.id, f.ref_id FROM file_metadata f - INNER JOIN user u ON f.update_user = u.id + INNER JOIN user updateUser ON f.update_user = updateUser.id + INNER JOIN user createUser ON f.create_user = createUser.id @@ -37,7 +42,8 @@ resultType="io.metersphere.project.dto.ModuleCountDTO"> SELECT f.module_id AS moduleId, count(f.id) AS dataCount FROM file_metadata f - INNER JOIN user u ON f.update_user = u.id + INNER JOIN user updateUser ON f.update_user = updateUser.id + INNER JOIN user createUser ON f.create_user = createUser.id GROUP BY f.module_id @@ -47,7 +53,8 @@ resultType="java.lang.Long"> SELECT count(f.id) FROM file_metadata f - INNER JOIN user u ON f.update_user = u.id + INNER JOIN user updateUser ON f.update_user = updateUser.id + INNER JOIN user createUser ON f.create_user = createUser.id @@ -122,6 +129,27 @@ FROM file_metadata f WHERE f.project_id = #{projectId} + \ No newline at end of file diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileModuleMapper.java b/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileModuleMapper.java index f60d1615e2..c3d3ae0fba 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileModuleMapper.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileModuleMapper.java @@ -26,4 +26,6 @@ public interface ExtFileModuleMapper { FileModule getNextModuleInParentId(@Param("parentId") String parentId, @Param("pos") int pos); FileModule getPreviousModuleInParentId(@Param("parentId") String parentId, @Param("pos") int pos); + + String selectNameById(String moduleId); } diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileModuleMapper.xml b/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileModuleMapper.xml index 3ade8463de..d4d598f591 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileModuleMapper.xml +++ b/backend/services/project-management/src/main/java/io/metersphere/project/mapper/ExtFileModuleMapper.xml @@ -61,5 +61,10 @@ desc limit 1 + \ No newline at end of file diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/service/FileMetadataService.java b/backend/services/project-management/src/main/java/io/metersphere/project/service/FileMetadataService.java index 90194ad541..2e76ce5488 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/service/FileMetadataService.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/service/FileMetadataService.java @@ -14,8 +14,11 @@ import io.metersphere.project.utils.FileDownloadUtils; import io.metersphere.sdk.constants.ModuleConstants; import io.metersphere.sdk.constants.StorageType; import io.metersphere.sdk.exception.MSException; +import io.metersphere.sdk.util.JSON; +import io.metersphere.sdk.util.LogUtils; +import io.metersphere.sdk.util.TempFileUtils; +import io.metersphere.sdk.util.Translator; import io.metersphere.system.file.FileRequest; -import io.metersphere.sdk.util.*; import io.metersphere.system.uid.IDGenerator; import io.metersphere.system.utils.PageUtils; import io.metersphere.system.utils.Pager; @@ -36,6 +39,7 @@ import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import java.util.concurrent.atomic.AtomicLong; +import java.util.stream.Collectors; @Service @Transactional(rollbackFor = Exception.class) @@ -56,6 +60,13 @@ public class FileMetadataService { @Value("${metersphere.file.batch-download-max:600MB}") private DataSize maxFileSize; + public FileInformationDTO get(String id) { + FileMetadata fileMetadata = extFileMetadataMapper.getById(id); + FileInformationDTO dto = new FileInformationDTO(fileMetadata); + initModuleName(dto); + return dto; + } + public List list(FileMetadataTableRequest request) { List returnList = new ArrayList<>(); FileManagementPageDTO pageDTO = new FileManagementPageDTO(request); @@ -64,9 +75,30 @@ public class FileMetadataService { FileInformationDTO fileInformationDTO = new FileInformationDTO(fileMetadata); returnList.add(fileInformationDTO); }); + this.initModuleName(returnList); return returnList; } + private void initModuleName(List returnList) { + List moduleIds = returnList.stream().map(FileInformationDTO::getModuleId).distinct().collect(Collectors.toList()); + Map moduleNameMap = fileModuleService.getModuleNameMapByIds(moduleIds); + for (FileInformationDTO dto : returnList) { + if (StringUtils.equals(dto.getModuleId(), ModuleConstants.DEFAULT_NODE_ID)) { + dto.setModuleName(Translator.get("default.module")); + } else { + dto.setModuleName(moduleNameMap.get(dto.getModuleId())); + } + } + } + + private void initModuleName(FileInformationDTO dto) { + if (StringUtils.equals(dto.getModuleId(), ModuleConstants.DEFAULT_NODE_ID)) { + dto.setModuleName(Translator.get("default.module")); + } else { + dto.setModuleName(fileModuleService.getModuleName(dto.getModuleId())); + } + } + public String upload(FileUploadRequest request, String operator, MultipartFile uploadFile) throws Exception { //检查模块的合法性 fileManagementService.checkModule(request.getModuleId(), ModuleConstants.NODE_TYPE_DEFAULT); diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/service/FileModuleService.java b/backend/services/project-management/src/main/java/io/metersphere/project/service/FileModuleService.java index 19815df0a1..9d9575e0b3 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/service/FileModuleService.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/service/FileModuleService.java @@ -9,11 +9,11 @@ import io.metersphere.project.mapper.FileModuleMapper; import io.metersphere.project.request.filemanagement.FileModuleCreateRequest; import io.metersphere.project.request.filemanagement.FileModuleUpdateRequest; import io.metersphere.sdk.constants.ModuleConstants; +import io.metersphere.sdk.exception.MSException; +import io.metersphere.sdk.util.Translator; import io.metersphere.system.dto.sdk.BaseModule; import io.metersphere.system.dto.sdk.BaseTreeNode; import io.metersphere.system.dto.sdk.request.NodeMoveRequest; -import io.metersphere.sdk.exception.MSException; -import io.metersphere.sdk.util.Translator; import io.metersphere.system.service.CleanupProjectResourceService; import io.metersphere.system.uid.IDGenerator; import jakarta.annotation.Resource; @@ -27,6 +27,7 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import java.util.*; +import java.util.stream.Collectors; @Service @Transactional(rollbackFor = Exception.class) @@ -285,4 +286,19 @@ public class FileModuleService extends ModuleTreeService implements CleanupProje public void cleanReportResources(String projectId) { // nothing to do } + + public Map getModuleNameMapByIds(List moduleIds) { + if (CollectionUtils.isEmpty(moduleIds)) { + return new HashMap<>(); + } else { + FileModuleExample example = new FileModuleExample(); + example.createCriteria().andIdIn(moduleIds); + List moduleList = fileModuleMapper.selectByExample(example); + return moduleList.stream().collect(Collectors.toMap(FileModule::getId, FileModule::getName)); + } + } + + public String getModuleName(String moduleId) { + return extFileModuleMapper.selectNameById(moduleId); + } } diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/service/PermissionCheckService.java b/backend/services/project-management/src/main/java/io/metersphere/project/service/PermissionCheckService.java new file mode 100644 index 0000000000..ceec60894b --- /dev/null +++ b/backend/services/project-management/src/main/java/io/metersphere/project/service/PermissionCheckService.java @@ -0,0 +1,58 @@ +package io.metersphere.project.service; + + +import io.metersphere.sdk.constants.InternalUserRole; +import io.metersphere.sdk.constants.UserRoleType; +import io.metersphere.system.domain.UserRole; +import io.metersphere.system.domain.UserRolePermission; +import io.metersphere.system.dto.user.UserDTO; +import io.metersphere.system.service.UserLoginService; +import jakarta.annotation.Resource; +import org.apache.commons.lang3.StringUtils; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.stream.Collectors; + +@Service +@Transactional(rollbackFor = Exception.class) +public class PermissionCheckService { + @Resource + private UserLoginService userLoginService; + + public boolean userHasProjectPermission(String userId, String projectId, String permission) { + Map> userRolePermissions = new HashMap<>(); + Map role = new HashMap<>(); + UserDTO user = userLoginService.getUserDTO(userId); + if (user != null) { + user.getUserRoleRelations().forEach(ug -> user.getUserRolePermissions().forEach(gp -> { + if (StringUtils.equalsIgnoreCase(gp.getUserRole().getId(), ug.getRoleId())) { + userRolePermissions.put(ug.getId(), gp.getUserRolePermissions()); + role.put(ug.getId(), gp.getUserRole()); + } + })); + // 判断是否是超级管理员 + long count = user.getUserRoles() + .stream() + .filter(g -> StringUtils.equalsIgnoreCase(g.getId(), InternalUserRole.ADMIN.getValue())) + .count(); + if (count > 0) { + return true; + } + Set currentProjectPermissions = user.getUserRoleRelations().stream() + .filter(ug -> role.get(ug.getId()) != null && StringUtils.equalsIgnoreCase(role.get(ug.getId()).getType(), UserRoleType.PROJECT.name())) + .filter(ug -> StringUtils.equalsIgnoreCase(ug.getSourceId(), projectId)) + .flatMap(ug -> userRolePermissions.get(ug.getId()).stream()) + .map(UserRolePermission::getPermissionId) + .collect(Collectors.toSet()); + return currentProjectPermissions.contains(permission); + } + return false; + } + + +} diff --git a/backend/services/project-management/src/test/java/io/metersphere/project/controller/filemanagement/FileManagementControllerTests.java b/backend/services/project-management/src/test/java/io/metersphere/project/controller/filemanagement/FileManagementControllerTests.java index 9d0b498c81..a7fd025b33 100644 --- a/backend/services/project-management/src/test/java/io/metersphere/project/controller/filemanagement/FileManagementControllerTests.java +++ b/backend/services/project-management/src/test/java/io/metersphere/project/controller/filemanagement/FileManagementControllerTests.java @@ -12,15 +12,15 @@ import io.metersphere.project.utils.FileManagementRequestUtils; import io.metersphere.sdk.constants.ModuleConstants; import io.metersphere.sdk.constants.SessionConstants; import io.metersphere.sdk.constants.StorageType; -import io.metersphere.system.dto.sdk.BaseTreeNode; -import io.metersphere.system.dto.sdk.request.NodeMoveRequest; import io.metersphere.sdk.util.JSON; -import io.metersphere.system.utils.Pager; import io.metersphere.sdk.util.TempFileUtils; import io.metersphere.system.base.BaseTest; import io.metersphere.system.controller.handler.ResultHolder; +import io.metersphere.system.dto.sdk.BaseTreeNode; +import io.metersphere.system.dto.sdk.request.NodeMoveRequest; import io.metersphere.system.log.constants.OperationLogType; import io.metersphere.system.uid.IDGenerator; +import io.metersphere.system.utils.Pager; import jakarta.annotation.Resource; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.collections4.MapUtils; @@ -57,6 +57,9 @@ public class FileManagementControllerTests extends BaseTest { private static String reUploadFileId; + private static String picFileId; + private static String txtFileId; + @Resource private FileModuleService fileModuleService; @Resource @@ -388,6 +391,7 @@ public class FileManagementControllerTests extends BaseTest { String returnId = JSON.parseObject(mvcResult.getResponse().getContentAsString(StandardCharsets.UTF_8), ResultHolder.class).getData().toString(); checkLog(returnId, OperationLogType.ADD, FileManagementRequestUtils.URL_FILE_UPLOAD); FILE_ID_PATH.put(returnId, filePath); + picFileId = returnId; uploadedFileTypes.add("JPG"); //检查文件类型获取接口有没有获取到数据 @@ -411,6 +415,7 @@ public class FileManagementControllerTests extends BaseTest { returnId = JSON.parseObject(mvcResult.getResponse().getContentAsString(StandardCharsets.UTF_8), ResultHolder.class).getData().toString(); checkLog(returnId, OperationLogType.ADD, FileManagementRequestUtils.URL_FILE_UPLOAD); FILE_ID_PATH.put(returnId, filePath); + txtFileId = returnId; uploadedFileTypes.add("txt"); //检查文件类型获取接口有没有获取到数据 @@ -700,6 +705,7 @@ public class FileManagementControllerTests extends BaseTest { MvcResult mvcResult = this.batchDownloadFile(FileManagementRequestUtils.URL_FILE_BATCH_DOWNLOAD, batchProcessDTO); byte[] fileBytes = mvcResult.getResponse().getContentAsByteArray(); Assertions.assertTrue(fileBytes.length > 0); + //全部文件大小超过默认配置(600M)的限制 事先存储20个大小为50M的数据,过后删除 for (int i = 0; i < 20; i++) { String id = "test_" + i; @@ -764,8 +770,27 @@ public class FileManagementControllerTests extends BaseTest { Pager.class); List fileList = JSON.parseArray(JSON.toJSONString(pageResult.getList()), FileInformationDTO.class); for (FileInformationDTO fileDTO : fileList) { - MvcResult mvcResult = this.downloadFile(String.format(FileManagementRequestUtils.URL_PREVIEW_IMG_FILE_DOWNLOAD, fileDTO.getId())); - byte[] fileBytes = mvcResult.getResponse().getContentAsByteArray(); + MvcResult originalResult = this.downloadFile(String.format(FileManagementRequestUtils.URL_FILE_PREVIEW_ORIGINAL, "admin", fileDTO.getId())); + Assertions.assertTrue(originalResult.getResponse().getContentAsByteArray().length > 0); + MvcResult compressedResult = this.downloadFile(String.format(FileManagementRequestUtils.URL_FILE_PREVIEW_COMPRESSED, "admin", fileDTO.getId())); + byte[] fileBytes = compressedResult.getResponse().getContentAsByteArray(); + if (TempFileUtils.isImage(fileDTO.getFileType())) { + if (StringUtils.equals(reUploadFileId, fileDTO.getId())) { + //重新上传的文件并不是图片 + Assertions.assertEquals(fileBytes.length, 0); + } else { + Assertions.assertTrue(fileBytes.length > 0); + } + } else { + Assertions.assertEquals(fileBytes.length, 0); + } + } + //测试重复获取 + for (FileInformationDTO fileDTO : fileList) { + MvcResult originalResult = this.downloadFile(String.format(FileManagementRequestUtils.URL_FILE_PREVIEW_ORIGINAL, "admin", fileDTO.getId())); + Assertions.assertTrue(originalResult.getResponse().getContentAsByteArray().length > 0); + MvcResult compressedResult = this.downloadFile(String.format(FileManagementRequestUtils.URL_FILE_PREVIEW_COMPRESSED, "admin", fileDTO.getId())); + byte[] fileBytes = compressedResult.getResponse().getContentAsByteArray(); if (TempFileUtils.isImage(fileDTO.getFileType())) { if (StringUtils.equals(reUploadFileId, fileDTO.getId())) { //重新上传的文件并不是图片 @@ -773,12 +798,29 @@ public class FileManagementControllerTests extends BaseTest { } else { Assertions.assertTrue(fileBytes.length > 0); } - } else { Assertions.assertEquals(fileBytes.length, 0); } } + //权限测试 + + + //文件不存在(原图、缩略图两个接口校验) + mockMvc.perform(getRequestBuilder(String.format(FileManagementRequestUtils.URL_FILE_PREVIEW_COMPRESSED, "admin", IDGenerator.nextNum()))) + .andExpect(content().contentType(MediaType.APPLICATION_JSON)) + .andExpect(status().is5xxServerError()); + mockMvc.perform(getRequestBuilder(String.format(FileManagementRequestUtils.URL_FILE_PREVIEW_ORIGINAL, "admin", IDGenerator.nextNum()))) + .andExpect(content().contentType(MediaType.APPLICATION_JSON)) + .andExpect(status().is5xxServerError()); + + //用户不存在(原图、缩略图两个接口校验) + mockMvc.perform(getRequestBuilder(String.format(FileManagementRequestUtils.URL_FILE_PREVIEW_COMPRESSED, IDGenerator.nextNum(), picFileId))) + .andExpect(content().contentType(MediaType.APPLICATION_JSON)) + .andExpect(status().is5xxServerError()); + mockMvc.perform(getRequestBuilder(String.format(FileManagementRequestUtils.URL_FILE_PREVIEW_ORIGINAL, IDGenerator.nextNum(), picFileId))) + .andExpect(content().contentType(MediaType.APPLICATION_JSON)) + .andExpect(status().is5xxServerError()); } @Test @@ -896,6 +938,16 @@ public class FileManagementControllerTests extends BaseTest { } + @Test + @Order(23) + public void fileInformationTest() throws Exception { + MvcResult fileTypeResult = this.requestGetWithOkAndReturn(String.format(FileManagementRequestUtils.URL_FILE, IDGenerator.nextNum())); + String returnData = fileTypeResult.getResponse().getContentAsString(StandardCharsets.UTF_8); + ResultHolder resultHolder = JSON.parseObject(returnData, ResultHolder.class); + FileInformationDTO dto = JSON.parseObject(JSON.toJSONString(resultHolder.getData()), FileInformationDTO.class); + Assertions.assertTrue(StringUtils.isEmpty(dto.getId())); + } + @Test @Order(80) public void moveTest() throws Exception { diff --git a/backend/services/project-management/src/test/java/io/metersphere/project/utils/FileManagementRequestUtils.java b/backend/services/project-management/src/test/java/io/metersphere/project/utils/FileManagementRequestUtils.java index 3e849fb57c..5a644fb3a0 100644 --- a/backend/services/project-management/src/test/java/io/metersphere/project/utils/FileManagementRequestUtils.java +++ b/backend/services/project-management/src/test/java/io/metersphere/project/utils/FileManagementRequestUtils.java @@ -16,6 +16,8 @@ public class FileManagementRequestUtils { public static final String URL_FILE_UPLOAD = "/project/file/upload"; //获取文件类型 public static final String URL_FILE_TYPE = "/project/file/type/%s"; + //获取文件 + public static final String URL_FILE = "/project/file/get/%s"; //文件列表查询 public static final String URL_FILE_PAGE = "/project/file/page"; //文件列表查询对应的模块统计 @@ -24,8 +26,10 @@ public class FileManagementRequestUtils { public static final String URL_FILE_RE_UPLOAD = "/project/file/re-upload"; //文件下载 public static final String URL_FILE_DOWNLOAD = "/project/file/download/%s"; - //文件预览下载 - public static final String URL_PREVIEW_IMG_FILE_DOWNLOAD = "/project/file/download/preview-img/%s"; + //文件预览缩略图下载 + public static final String URL_FILE_PREVIEW_COMPRESSED = "/file/preview/compressed/%s/%s"; + //文件预览原图下载 + public static final String URL_FILE_PREVIEW_ORIGINAL = "/file/preview/original/%s/%s"; //文件批量下载 public static final String URL_FILE_BATCH_DOWNLOAD = "/project/file/batch-download"; //文件批量删除 diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/utils/SessionUtils.java b/backend/services/system-setting/src/main/java/io/metersphere/system/utils/SessionUtils.java index 7b5442b624..3f67c4867e 100644 --- a/backend/services/system-setting/src/main/java/io/metersphere/system/utils/SessionUtils.java +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/utils/SessionUtils.java @@ -3,11 +3,11 @@ package io.metersphere.system.utils; import io.metersphere.sdk.constants.InternalUserRole; import io.metersphere.sdk.constants.UserRoleScope; import io.metersphere.sdk.constants.UserRoleType; -import io.metersphere.system.dto.sdk.SessionUser; import io.metersphere.sdk.util.CommonBeanFactory; import io.metersphere.sdk.util.LogUtils; import io.metersphere.system.domain.UserRole; import io.metersphere.system.domain.UserRolePermission; +import io.metersphere.system.dto.sdk.SessionUser; import jakarta.servlet.http.HttpServletRequest; import org.apache.commons.collections4.MapUtils; import org.apache.commons.lang3.StringUtils; @@ -168,7 +168,7 @@ public class SessionUtils { return systemPermissions.contains(permission); } - private static Set getSystemPermissions(Map> userRolePermissions, Map role, SessionUser user) { + public static Set getSystemPermissions(Map> userRolePermissions, Map role, SessionUser user) { return user.getUserRoleRelations().stream() .filter(ug -> role.get(ug.getId()) != null && StringUtils.equalsIgnoreCase(role.get(ug.getId()).getType(), UserRoleType.SYSTEM.name())) .filter(ug -> StringUtils.equalsIgnoreCase(ug.getSourceId(), UserRoleScope.SYSTEM)) @@ -177,7 +177,7 @@ public class SessionUtils { .collect(Collectors.toSet()); } - private static Set getCurrentOrganizationPermissions(Map> userRolePermissions, String organizationId, Map role, SessionUser user) { + public static Set getCurrentOrganizationPermissions(Map> userRolePermissions, String organizationId, Map role, SessionUser user) { return user.getUserRoleRelations().stream() .filter(ug -> role.get(ug.getId()) != null && StringUtils.equalsIgnoreCase(role.get(ug.getId()).getType(), UserRoleType.ORGANIZATION.name())) .filter(ug -> StringUtils.equalsIgnoreCase(ug.getSourceId(), organizationId)) @@ -186,7 +186,7 @@ public class SessionUtils { .collect(Collectors.toSet()); } - private static Set getCurrentProjectPermissions(Map> userRolePermissions, String projectId, Map role, SessionUser user) { + public static Set getCurrentProjectPermissions(Map> userRolePermissions, String projectId, Map role, SessionUser user) { return user.getUserRoleRelations().stream() .filter(ug -> role.get(ug.getId()) != null && StringUtils.equalsIgnoreCase(role.get(ug.getId()).getType(), UserRoleType.PROJECT.name())) .filter(ug -> StringUtils.equalsIgnoreCase(ug.getSourceId(), projectId))