fix: 只读文件也能修改文件
This commit is contained in:
kuaifan
parent
6ef59f703a
commit
6c67ff3fe8
@ -146,7 +146,7 @@ class FileController extends AbstractController
|
|||||||
//
|
//
|
||||||
if ($id > 0) {
|
if ($id > 0) {
|
||||||
// 修改
|
// 修改
|
||||||
$file = File::allowFind($id);
|
$file = File::allowFind($id, 1);
|
||||||
//
|
//
|
||||||
$file->name = $name;
|
$file->name = $name;
|
||||||
$file->save();
|
$file->save();
|
||||||
@ -180,7 +180,7 @@ class FileController extends AbstractController
|
|||||||
if (File::wherePid($pid)->count() >= 300) {
|
if (File::wherePid($pid)->count() >= 300) {
|
||||||
return Base::retError('每个文件夹里最多只能创建300个文件或文件夹');
|
return Base::retError('每个文件夹里最多只能创建300个文件或文件夹');
|
||||||
}
|
}
|
||||||
$row = File::allowFind($pid, '主文件不存在');
|
$row = File::allowFind($pid, 1, '主文件不存在');
|
||||||
$userid = $row->userid;
|
$userid = $row->userid;
|
||||||
} else {
|
} else {
|
||||||
if (File::whereUserid($user->userid)->wherePid(0)->count() >= 300) {
|
if (File::whereUserid($user->userid)->wherePid(0)->count() >= 300) {
|
||||||
@ -257,13 +257,7 @@ class FileController extends AbstractController
|
|||||||
$id = intval(Request::input('id'));
|
$id = intval(Request::input('id'));
|
||||||
$pid = intval(Request::input('pid'));
|
$pid = intval(Request::input('pid'));
|
||||||
//
|
//
|
||||||
$file = File::whereId($id)->first();
|
$file = File::allowFind($id, 1000);
|
||||||
if (empty($file)) {
|
|
||||||
return Base::retError('文件不存在或已被删除');
|
|
||||||
}
|
|
||||||
if ($file->userid != $user->userid) {
|
|
||||||
return Base::retError('仅限所有者操作');
|
|
||||||
}
|
|
||||||
//
|
//
|
||||||
if ($pid > 0) {
|
if ($pid > 0) {
|
||||||
if (!File::whereUserid($user->userid)->whereId($pid)->exists()) {
|
if (!File::whereUserid($user->userid)->whereId($pid)->exists()) {
|
||||||
@ -293,9 +287,12 @@ class FileController extends AbstractController
|
|||||||
*/
|
*/
|
||||||
public function remove()
|
public function remove()
|
||||||
{
|
{
|
||||||
|
User::auth();
|
||||||
|
//
|
||||||
$id = intval(Request::input('id'));
|
$id = intval(Request::input('id'));
|
||||||
//
|
//
|
||||||
$file = File::allowFind($id);
|
$file = File::allowFind($id, 1000);
|
||||||
|
//
|
||||||
$file->deleteFile();
|
$file->deleteFile();
|
||||||
return Base::retSuccess('删除成功', $file);
|
return Base::retSuccess('删除成功', $file);
|
||||||
}
|
}
|
||||||
@ -337,7 +334,7 @@ class FileController extends AbstractController
|
|||||||
$id = Base::getPostInt('id');
|
$id = Base::getPostInt('id');
|
||||||
$content = Base::getPostValue('content');
|
$content = Base::getPostValue('content');
|
||||||
//
|
//
|
||||||
$file = File::allowFind($id);
|
$file = File::allowFind($id, 1);
|
||||||
//
|
//
|
||||||
$text = '';
|
$text = '';
|
||||||
if ($file->type == 'document') {
|
if ($file->type == 'document') {
|
||||||
@ -390,7 +387,7 @@ class FileController extends AbstractController
|
|||||||
$key = Request::input('key');
|
$key = Request::input('key');
|
||||||
$url = Request::input('url');
|
$url = Request::input('url');
|
||||||
//
|
//
|
||||||
$file = File::allowFind($id);
|
$file = File::allowFind($id, 1);
|
||||||
//
|
//
|
||||||
if ($status === 2) {
|
if ($status === 2) {
|
||||||
$parse = parse_url($url);
|
$parse = parse_url($url);
|
||||||
@ -437,7 +434,7 @@ class FileController extends AbstractController
|
|||||||
if (File::wherePid($pid)->count() >= 300) {
|
if (File::wherePid($pid)->count() >= 300) {
|
||||||
return Base::retError('每个文件夹里最多只能创建300个文件或文件夹');
|
return Base::retError('每个文件夹里最多只能创建300个文件或文件夹');
|
||||||
}
|
}
|
||||||
$row = File::allowFind($pid, '主文件不存在');
|
$row = File::allowFind($pid, 1, '主文件不存在');
|
||||||
$userid = $row->userid;
|
$userid = $row->userid;
|
||||||
} else {
|
} else {
|
||||||
if (File::whereUserid($user->userid)->wherePid(0)->count() >= 300) {
|
if (File::whereUserid($user->userid)->wherePid(0)->count() >= 300) {
|
||||||
@ -651,16 +648,12 @@ class FileController extends AbstractController
|
|||||||
*/
|
*/
|
||||||
public function link()
|
public function link()
|
||||||
{
|
{
|
||||||
$user = User::auth();
|
User::auth();
|
||||||
//
|
//
|
||||||
$id = intval(Request::input('id'));
|
$id = intval(Request::input('id'));
|
||||||
$refresh = Request::input('refresh', 'no');
|
$refresh = Request::input('refresh', 'no');
|
||||||
//
|
//
|
||||||
$file = File::allowFind($id);
|
$file = File::allowFind($id, 1000);
|
||||||
//
|
|
||||||
if ($file->userid != $user->userid) {
|
|
||||||
return Base::retError('仅限所有者操作');
|
|
||||||
}
|
|
||||||
if ($file->type == 'folder') {
|
if ($file->type == 'folder') {
|
||||||
return Base::retError('文件夹暂不支持此功能');
|
return Base::retError('文件夹暂不支持此功能');
|
||||||
}
|
}
|
||||||
|
|||||||
@ -53,11 +53,19 @@ class File extends AbstractModel
|
|||||||
/**
|
/**
|
||||||
* 是否有访问权限
|
* 是否有访问权限
|
||||||
* @param $userid
|
* @param $userid
|
||||||
|
* @param int $permission 要求权限: 0-访问权限、1-读写权限、1000-所有者
|
||||||
*/
|
*/
|
||||||
public function exceAllow($userid)
|
public function exceAllow($userid, $permission = 0)
|
||||||
{
|
{
|
||||||
if ($this->chackAllow($userid) === -1) {
|
if ($this->chackAllow($userid) < $permission) {
|
||||||
throw new ApiException('没有访问权限');
|
if ($permission == 1000) {
|
||||||
|
$msg = '仅限所有者操作';
|
||||||
|
} elseif ($permission == 1) {
|
||||||
|
$msg = '没有读写权限';
|
||||||
|
} else {
|
||||||
|
$msg = '没有访问权限';
|
||||||
|
}
|
||||||
|
throw new ApiException($msg);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -66,13 +74,13 @@ class File extends AbstractModel
|
|||||||
* ① 自己的文件夹
|
* ① 自己的文件夹
|
||||||
* ② 在指定共享成员内
|
* ② 在指定共享成员内
|
||||||
* @param $userid
|
* @param $userid
|
||||||
* @return int -1:没有权限,0:只读,1:读写
|
* @return int -1:没有权限,0:访问权限,1:读写权限,1000:所有者
|
||||||
*/
|
*/
|
||||||
public function chackAllow($userid)
|
public function chackAllow($userid)
|
||||||
{
|
{
|
||||||
if ($userid == $this->userid) {
|
if ($userid == $this->userid) {
|
||||||
// ① 自己的文件夹
|
// ① 自己的文件夹
|
||||||
return 1;
|
return 1000;
|
||||||
}
|
}
|
||||||
$row = $this->getShareInfo();
|
$row = $this->getShareInfo();
|
||||||
if ($row) {
|
if ($row) {
|
||||||
@ -230,16 +238,17 @@ class File extends AbstractModel
|
|||||||
/**
|
/**
|
||||||
* 获取文件并检测权限
|
* 获取文件并检测权限
|
||||||
* @param $id
|
* @param $id
|
||||||
* @param null $noExistTis
|
* @param int $permission 要求权限: 0-访问权限、1-读写权限、1000-所有者
|
||||||
|
* @param null $noExistTis 文件不存在的描述
|
||||||
* @return File
|
* @return File
|
||||||
*/
|
*/
|
||||||
public static function allowFind($id, $noExistTis = null)
|
public static function allowFind($id, $permission = 0, $noExistTis = null)
|
||||||
{
|
{
|
||||||
$file = File::find($id);
|
$file = File::find($id);
|
||||||
if (empty($file)) {
|
if (empty($file)) {
|
||||||
throw new ApiException($noExistTis ?: '文件不存在或已被删除');
|
throw new ApiException($noExistTis ?: '文件不存在或已被删除');
|
||||||
}
|
}
|
||||||
$file->exceAllow(User::userid());
|
$file->exceAllow(User::userid(), $permission);
|
||||||
return $file;
|
return $file;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -475,7 +475,7 @@ export default {
|
|||||||
let {pid, files} = this;
|
let {pid, files} = this;
|
||||||
let array = [];
|
let array = [];
|
||||||
while (pid > 0) {
|
while (pid > 0) {
|
||||||
let file = files.find(({id, allow}) => id == pid && allow !== -1);
|
let file = files.find(({id, allow}) => id == pid && allow > -1);
|
||||||
if (file) {
|
if (file) {
|
||||||
array.unshift(file);
|
array.unshift(file);
|
||||||
pid = file.pid;
|
pid = file.pid;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user