diff --git a/app/Http/Controllers/Api/FileController.php b/app/Http/Controllers/Api/FileController.php index a3fe123c..55321908 100755 --- a/app/Http/Controllers/Api/FileController.php +++ b/app/Http/Controllers/Api/FileController.php @@ -33,13 +33,18 @@ class FileController extends AbstractController $data = Request::all(); $pid = intval($data['pid']); // + $permission = 1000; if ($pid > 0) { - File::allowFind($pid); + File::permissionFind($pid, 0, $permission); $builder = File::wherePid($pid); } else { $builder = File::whereUserid($user->userid); } + // $array = $builder->take(500)->get()->toArray(); + foreach ($array as &$item) { + $item['permission'] = $permission; + } // if ($pid > 0) { // 遍历获取父级 @@ -50,7 +55,7 @@ class FileController extends AbstractController } $pid = $file->pid; $temp = $file->toArray(); - $temp['allow'] = $file->chackAllow($user->userid); + $temp['permission'] = $file->getPermission($user->userid); $array[] = $temp; } } else { @@ -81,23 +86,27 @@ class FileController extends AbstractController /** * 获取单条数据 * - * @apiParam {String} [code] 链接码(用于预览) - * @apiParam {Number} [id] 文件ID(需要权限,用于管理) + * @apiParam {Number|String} id + * - Number 文件ID(需要登录) + * - String 链接码(不需要登录,用于预览) * * @return array */ public function one() { - if (Request::exists("code")) { - $fileLink = FileLink::whereCode(Request::input('code'))->first(); + $id = Request::input('id'); + // + if (Base::isNumber($id)) { + User::auth(); + $file = File::permissionFind(intval($id)); + } elseif ($id) { + $fileLink = FileLink::whereCode($id)->first(); $file = $fileLink?->file; if (empty($file)) { return Base::retError('链接不存在'); } } else { - User::auth(); - $id = intval(Request::input('id')); - $file = File::allowFind($id); + return Base::retError('参数错误'); } return Base::retSuccess('success', $file); } @@ -146,7 +155,7 @@ class FileController extends AbstractController // if ($id > 0) { // 修改 - $file = File::allowFind($id, 1); + $file = File::permissionFind($id, 1); // $file->name = $name; $file->save(); @@ -180,7 +189,7 @@ class FileController extends AbstractController if (File::wherePid($pid)->count() >= 300) { return Base::retError('每个文件夹里最多只能创建300个文件或文件夹'); } - $row = File::allowFind($pid, 1, '主文件不存在'); + $row = File::permissionFind($pid, 1); $userid = $row->userid; } else { if (File::whereUserid($user->userid)->wherePid(0)->count() >= 300) { @@ -215,7 +224,7 @@ class FileController extends AbstractController // $id = intval(Request::input('id')); // - $row = File::allowFind($id); + $row = File::permissionFind($id); // $userid = $user->userid; if ($row->pid > 0) { @@ -257,7 +266,7 @@ class FileController extends AbstractController $id = intval(Request::input('id')); $pid = intval(Request::input('pid')); // - $file = File::allowFind($id, 1000); + $file = File::permissionFind($id, 1000); // if ($pid > 0) { if (!File::whereUserid($user->userid)->whereId($pid)->exists()) { @@ -291,7 +300,7 @@ class FileController extends AbstractController // $id = intval(Request::input('id')); // - $file = File::allowFind($id, 1000); + $file = File::permissionFind($id, 1000); // $file->deleteFile(); return Base::retSuccess('删除成功', $file); @@ -300,20 +309,25 @@ class FileController extends AbstractController /** * 获取文件内容 * - * @apiParam {String} [code] 链接码(用于预览) - * @apiParam {Number} [id] 文件ID(需要权限,用于管理) + * @apiParam {Number|String} id + * - Number 文件ID(需要登录) + * - String 链接码(不需要登录,用于预览) */ public function content() { - if (Request::exists("code")) { - $fileLink = FileLink::whereCode(Request::input('code'))->first(); + $id = Request::input('id'); + // + if (Base::isNumber($id)) { + User::auth(); + $file = File::permissionFind(intval($id)); + } elseif ($id) { + $fileLink = FileLink::whereCode($id)->first(); $file = $fileLink?->file; if (empty($file)) { return Base::retError('链接不存在'); } } else { - $id = intval(Request::input('id')); - $file = File::allowFind($id); + return Base::retError('参数错误'); } // $content = FileContent::whereFid($file->id)->orderByDesc('id')->first(); @@ -334,7 +348,7 @@ class FileController extends AbstractController $id = Base::getPostInt('id'); $content = Base::getPostValue('content'); // - $file = File::allowFind($id, 1); + $file = File::permissionFind($id, 1); // $text = ''; if ($file->type == 'document') { @@ -387,7 +401,7 @@ class FileController extends AbstractController $key = Request::input('key'); $url = Request::input('url'); // - $file = File::allowFind($id, 1); + $file = File::permissionFind($id, 1); // if ($status === 2) { $parse = parse_url($url); @@ -434,7 +448,7 @@ class FileController extends AbstractController if (File::wherePid($pid)->count() >= 300) { return Base::retError('每个文件夹里最多只能创建300个文件或文件夹'); } - $row = File::allowFind($pid, 1, '主文件不存在'); + $row = File::permissionFind($pid, 1); $userid = $row->userid; } else { if (File::whereUserid($user->userid)->wherePid(0)->count() >= 300) { @@ -618,7 +632,7 @@ class FileController extends AbstractController // $id = intval(Request::input('id')); // - $file = File::allowFind($id); + $file = File::permissionFind($id); // if ($file->userid == $user->userid) { return Base::retError('不能退出自己共享的文件'); @@ -653,7 +667,7 @@ class FileController extends AbstractController $id = intval(Request::input('id')); $refresh = Request::input('refresh', 'no'); // - $file = File::allowFind($id, 1000); + $file = File::permissionFind($id, 1000); if ($file->type == 'folder') { return Base::retError('文件夹暂不支持此功能'); } diff --git a/app/Models/File.php b/app/Models/File.php index 4cd8b777..24984d56 100644 --- a/app/Models/File.php +++ b/app/Models/File.php @@ -53,30 +53,9 @@ class File extends AbstractModel /** * 是否有访问权限 * @param $userid - * @param int $permission 要求权限: 0-访问权限、1-读写权限、1000-所有者 - */ - public function exceAllow($userid, $permission = 0) - { - if ($this->chackAllow($userid) < $permission) { - if ($permission == 1000) { - $msg = '仅限所有者操作'; - } elseif ($permission == 1) { - $msg = '没有读写权限'; - } else { - $msg = '没有访问权限'; - } - throw new ApiException($msg); - } - } - - /** - * 是否有访问权限 - * ① 自己的文件夹 - * ② 在指定共享成员内 - * @param $userid * @return int -1:没有权限,0:访问权限,1:读写权限,1000:所有者 */ - public function chackAllow($userid) + public function getPermission($userid) { if ($userid == $this->userid) { // ① 自己的文件夹 @@ -238,17 +217,26 @@ class File extends AbstractModel /** * 获取文件并检测权限 * @param $id - * @param int $permission 要求权限: 0-访问权限、1-读写权限、1000-所有者 - * @param null $noExistTis 文件不存在的描述 + * @param int $limit 要求权限: 0-访问权限、1-读写权限、1000-所有者 + * @param $permission * @return File */ - public static function allowFind($id, $permission = 0, $noExistTis = null) + public static function permissionFind($id, $limit = 0, &$permission = -1) { $file = File::find($id); if (empty($file)) { - throw new ApiException($noExistTis ?: '文件不存在或已被删除'); + throw new ApiException('文件不存在或已被删除'); + } + // + $permission = $file->getPermission(User::userid()); + if ($permission < $limit) { + $msg = match ($limit) { + 1000 => '仅限所有者操作', + 1 => '没有读写权限', + default => '没有访问权限', + }; + throw new ApiException($msg); } - $file->exceAllow(User::userid(), $permission); return $file; } } diff --git a/resources/assets/js/components/OnlyOffice.vue b/resources/assets/js/components/OnlyOffice.vue index 17ff8c9a..a14134a5 100644 --- a/resources/assets/js/components/OnlyOffice.vue +++ b/resources/assets/js/components/OnlyOffice.vue @@ -46,15 +46,19 @@ export default { return "office_" + Math.round(Math.random() * 10000); } }, + code: { + type: String, + default: '' + }, value: { type: [Object, Array], default: function () { return {} } }, - code: { - type: String, - default: '' + readOnly: { + type: Boolean, + default: false }, }, @@ -80,18 +84,6 @@ export default { computed: { ...mapState(['userToken', 'userInfo']), - isPreview() { - return !!this.code - }, - - fileUrl() { - if (this.isPreview) { - return 'http://nginx/api/file/content/?code=' + this.code; - } else { - return 'http://nginx/api/file/content/?id=' + this.value.id + '&token=' + this.userToken; - } - }, - fileType() { return this.getType(this.value.type); }, @@ -102,9 +94,9 @@ export default { }, watch: { - fileUrl: { - handler(url) { - if (!url) { + 'value.id': { + handler(id) { + if (!id) { return; } this.loadIng++; @@ -112,9 +104,9 @@ export default { this.loadIng--; if (e !== null) { $A.modalAlert("组件加载失败!"); - return; + } else { + this.loadFile() } - this.loadFile() }) }, immediate: true, @@ -135,9 +127,6 @@ export default { }, loadFile() { - if (!this.fileUrl) { - return; - } if (this.docEditor !== null) { this.docEditor.destroyEditor(); this.docEditor = null; @@ -154,12 +143,13 @@ export default { break; } // + let fileKey = this.code || this.value.id; const config = { "document": { "fileType": this.fileType, - "key": this.fileType + '-' + this.value.id, + "key": this.fileType + '-' + fileKey, "title": this.fileName + '.' + this.fileType, - "url": this.fileUrl, + "url": 'http://nginx/api/file/content/?id=' + fileKey + '&token=' + this.userToken, }, "editorConfig": { "mode": "edit", @@ -171,7 +161,7 @@ export default { "customization": { "uiTheme": "theme-classic-light", }, - "callbackUrl": 'http://nginx/api/file/content/office?id=' + this.value.id + '&token=' + this.userToken, + "callbackUrl": 'http://nginx/api/file/content/office?id=' + fileKey + '&token=' + this.userToken, } }; if (this.isPreview) { diff --git a/resources/assets/js/components/TEditor.vue b/resources/assets/js/components/TEditor.vue index 10245f33..fb218eb7 100755 --- a/resources/assets/js/components/TEditor.vue +++ b/resources/assets/js/components/TEditor.vue @@ -111,7 +111,7 @@ type: Boolean, default: false }, - readonly: { + readOnly: { type: Boolean, default: false }, @@ -180,7 +180,7 @@ } } }, - readonly(value) { + readOnly(value) { if (this.editor !== null) { if (value) { this.editor.setMode('readonly'); @@ -317,7 +317,7 @@ editor.on('Init', (e) => { this.editorT = editor; this.editorT.setContent(this.content); - if (this.readonly) { + if (this.readOnly) { this.editorT.setMode('readonly'); } else { this.editorT.setMode('design'); @@ -345,7 +345,7 @@ this.spinShow = false; this.editor = editor; this.editor.setContent(this.content); - if (this.readonly) { + if (this.readOnly) { this.editor.setMode('readonly'); } else { this.editor.setMode('design'); diff --git a/resources/assets/js/pages/manage/components/FileContent.vue b/resources/assets/js/pages/manage/components/FileContent.vue index 2cceadf5..bec699d6 100644 --- a/resources/assets/js/pages/manage/components/FileContent.vue +++ b/resources/assets/js/pages/manage/components/FileContent.vue @@ -312,7 +312,8 @@ export default { this.unsaveTip = false; }, - formatName({name, ext}) { + formatName(file) { + let {name, ext} = file; if (ext != '') { name += "." + ext; } diff --git a/resources/assets/js/pages/manage/components/FilePreview.vue b/resources/assets/js/pages/manage/components/FilePreview.vue index 87e9eba2..a2bca489 100644 --- a/resources/assets/js/pages/manage/components/FilePreview.vue +++ b/resources/assets/js/pages/manage/components/FilePreview.vue @@ -5,6 +5,7 @@
{{formatName(file)}} + {{$L('只读')}}
- +
@@ -82,9 +83,9 @@ export default { }, watch: { - code: { - handler(code) { - if (code) { + 'file.id': { + handler(id) { + if (id) { this.contentDetail = null; this.getContent(); } @@ -132,7 +133,7 @@ export default { this.$store.dispatch("call", { url: 'file/content', data: { - code: this.code, + id: this.code || this.file.id, }, }).then(({data}) => { this.loadIng--; @@ -161,7 +162,8 @@ export default { } }, - formatName({name, ext}) { + formatName(file) { + let {name, ext} = file; if (ext != '') { name += "." + ext; } diff --git a/resources/assets/js/pages/manage/file.vue b/resources/assets/js/pages/manage/file.vue index 375b73d7..515c2d7b 100644 --- a/resources/assets/js/pages/manage/file.vue +++ b/resources/assets/js/pages/manage/file.vue @@ -28,6 +28,7 @@
  • {{item.name}} + {{$L('只读')}}