yoyuz/my_site
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

完善前端直连oss功能,新增重命名以及删除文件功能,完善后端接口

Browse Source
This commit is contained in:
yoyuzh
2026-03-19 10:26:50 +08:00
parent 96079b7e5b
commit e0d859bd82
26 changed files with 2545 additions and 183 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
backend/README.md
View File

@@ -86,9 +86,12 @@ CREATE INDEX IF NOT EXISTS idx_grade_user_semester ON portal_grade (user_id, sem
- `POST /api/auth/login`
- `GET /api/user/profile`
- `POST /api/files/upload`
- `POST /api/files/upload/initiate`
- `POST /api/files/upload/complete`
- `POST /api/files/mkdir`
- `GET /api/files/list`
- `GET /api/files/download/{fileId}`
- `GET /api/files/download/{fileId}/url`
- `DELETE /api/files/{fileId}`
- `GET /api/cqu/schedule`
- `GET /api/cqu/grades`
@@ -106,3 +109,23 @@ app:
```
当前 Java 后端保留了 HTTP 适配点;本地 `dev` 环境使用 mock 数据先把前后端链路跑通。
## OSS 直传说明
生产环境如果启用:
```env
YOYUZH_STORAGE_PROVIDER=oss
YOYUZH_OSS_ENDPOINT=https://oss-ap-northeast-1.aliyuncs.com
YOYUZH_OSS_BUCKET=your-bucket
YOYUZH_OSS_ACCESS_KEY_ID=...
YOYUZH_OSS_ACCESS_KEY_SECRET=...
```
前端会先调用后端拿签名上传地址,再由浏览器直接把文件内容传到 OSS。为保证浏览器可以直传请在 OSS Bucket 上放行站点域名对应的 CORS 规则,至少允许:
- Origin: `https://yoyuzh.xyz`
- Methods: `PUT`, `GET`, `HEAD`
- Headers: `Content-Type`, `x-oss-*`
如果生产环境里曾经存在“数据库元数据已经在 OSS 模式下运行,但本地磁盘里没有对应文件”的历史数据,需要额外做一次对象迁移或元数据修复;否则旧记录在重命名/删除时仍可能失败。

5
backend/pom.xml
View File

@@ -65,6 +65,11 @@
<artifactId>mysql-connector-j</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>com.aliyun.oss</groupId>
<artifactId>aliyun-sdk-oss</artifactId>
<version>3.17.4</version>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>

19
backend/src/main/java/com/yoyuzh/config/FileStorageConfiguration.java Normal file
View File

@@ -0,0 +1,19 @@
package com.yoyuzh.config;
import com.yoyuzh.files.storage.FileContentStorage;
import com.yoyuzh.files.storage.LocalFileContentStorage;
import com.yoyuzh.files.storage.OssFileContentStorage;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class FileStorageConfiguration {
@Bean
public FileContentStorage fileContentStorage(FileStorageProperties properties) {
if ("oss".equalsIgnoreCase(properties.getProvider())) {
return new OssFileContentStorage(properties);
}
return new LocalFileContentStorage(properties);
}
}

98
backend/src/main/java/com/yoyuzh/config/FileStorageProperties.java
View File

@@ -5,15 +5,25 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
@ConfigurationProperties(prefix = "app.storage")
public class FileStorageProperties {
private String rootDir = "./storage";
private String provider = "local";
private final Local local = new Local();
private final Oss oss = new Oss();
private long maxFileSize = 50 * 1024 * 1024L;
public String getRootDir() {
return rootDir;
public String getProvider() {
return provider;
}
public void setRootDir(String rootDir) {
this.rootDir = rootDir;
public void setProvider(String provider) {
this.provider = provider;
}
public Local getLocal() {
return local;
}
public Oss getOss() {
return oss;
}
public long getMaxFileSize() {
@@ -23,4 +33,82 @@ public class FileStorageProperties {
public void setMaxFileSize(long maxFileSize) {
this.maxFileSize = maxFileSize;
}
// Backward-compatible convenience accessors used by existing tests and dev tooling.
public String getRootDir() {
return local.getRootDir();
}
public void setRootDir(String rootDir) {
local.setRootDir(rootDir);
}
public static class Local {
private String rootDir = "./storage";
public String getRootDir() {
return rootDir;
}
public void setRootDir(String rootDir) {
this.rootDir = rootDir;
}
}
public static class Oss {
private String endpoint;
private String bucket;
private String accessKeyId;
private String accessKeySecret;
private String publicBaseUrl;
private boolean privateBucket = true;
public String getEndpoint() {
return endpoint;
}
public void setEndpoint(String endpoint) {
this.endpoint = endpoint;
}
public String getBucket() {
return bucket;
}
public void setBucket(String bucket) {
this.bucket = bucket;
}
public String getAccessKeyId() {
return accessKeyId;
}
public void setAccessKeyId(String accessKeyId) {
this.accessKeyId = accessKeyId;
}
public String getAccessKeySecret() {
return accessKeySecret;
}
public void setAccessKeySecret(String accessKeySecret) {
this.accessKeySecret = accessKeySecret;
}
public String getPublicBaseUrl() {
return publicBaseUrl;
}
public void setPublicBaseUrl(String publicBaseUrl) {
this.publicBaseUrl = publicBaseUrl;
}
public boolean isPrivateBucket() {
return privateBucket;
}
public void setPrivateBucket(boolean privateBucket) {
this.privateBucket = privateBucket;
}
}
}

2
backend/src/main/java/com/yoyuzh/config/SecurityConfig.java
View File

@@ -91,7 +91,7 @@ public class SecurityConfig {
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(corsProperties.getAllowedOrigins());
configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
configuration.setAllowedHeaders(List.of("*"));
configuration.setAllowCredentials(false);
configuration.setMaxAge(3600L);

13
backend/src/main/java/com/yoyuzh/files/CompleteUploadRequest.java Normal file
View File

@@ -0,0 +1,13 @@
package com.yoyuzh.files;
import jakarta.validation.constraints.Min;
import jakarta.validation.constraints.NotBlank;
public record CompleteUploadRequest(
@NotBlank String path,
@NotBlank String filename,
@NotBlank String storageName,
String contentType,
@Min(0) long size
) {
}

4
backend/src/main/java/com/yoyuzh/files/DownloadUrlResponse.java Normal file
View File

@@ -0,0 +1,4 @@
package com.yoyuzh.files;
public record DownloadUrlResponse(String url) {
}

45
backend/src/main/java/com/yoyuzh/files/FileController.java
View File

@@ -14,8 +14,10 @@ import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestPart;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;
@@ -38,6 +40,26 @@ public class FileController {
return ApiResponse.success(fileService.upload(userDetailsService.loadDomainUser(userDetails.getUsername()), path, file));
}
@Operation(summary = "初始化上传")
@PostMapping("/upload/initiate")
public ApiResponse<InitiateUploadResponse> initiateUpload(@AuthenticationPrincipal UserDetails userDetails,
@Valid @RequestBody InitiateUploadRequest request) {
return ApiResponse.success(fileService.initiateUpload(
userDetailsService.loadDomainUser(userDetails.getUsername()),
request
));
}
@Operation(summary = "完成上传")
@PostMapping("/upload/complete")
public ApiResponse<FileMetadataResponse> completeUpload(@AuthenticationPrincipal UserDetails userDetails,
@Valid @RequestBody CompleteUploadRequest request) {
return ApiResponse.success(fileService.completeUpload(
userDetailsService.loadDomainUser(userDetails.getUsername()),
request
));
}
@Operation(summary = "创建目录")
@PostMapping("/mkdir")
public ApiResponse<FileMetadataResponse> mkdir(@AuthenticationPrincipal UserDetails userDetails,
@@ -62,11 +84,30 @@ public class FileController {
@Operation(summary = "下载文件")
@GetMapping("/download/{fileId}")
public ResponseEntity<byte[]> download(@AuthenticationPrincipal UserDetails userDetails,
@PathVariable Long fileId) {
public ResponseEntity<?> download(@AuthenticationPrincipal UserDetails userDetails,
@PathVariable Long fileId) {
return fileService.download(userDetailsService.loadDomainUser(userDetails.getUsername()), fileId);
}
@Operation(summary = "获取下载链接")
@GetMapping("/download/{fileId}/url")
public ApiResponse<DownloadUrlResponse> downloadUrl(@AuthenticationPrincipal UserDetails userDetails,
@PathVariable Long fileId) {
return ApiResponse.success(fileService.getDownloadUrl(
userDetailsService.loadDomainUser(userDetails.getUsername()),
fileId
));
}
@Operation(summary = "重命名文件")
@PatchMapping("/{fileId}/rename")
public ApiResponse<FileMetadataResponse> rename(@AuthenticationPrincipal UserDetails userDetails,
@PathVariable Long fileId,
@Valid @RequestBody RenameFileRequest request) {
return ApiResponse.success(
fileService.rename(userDetailsService.loadDomainUser(userDetails.getUsername()), fileId, request.filename()));
}
@Operation(summary = "删除文件")
@DeleteMapping("/{fileId}")
public ApiResponse<Void> delete(@AuthenticationPrincipal UserDetails userDetails,

287
backend/src/main/java/com/yoyuzh/files/FileService.java
View File

@@ -5,6 +5,8 @@ import com.yoyuzh.common.BusinessException;
import com.yoyuzh.common.ErrorCode;
import com.yoyuzh.common.PageResponse;
import com.yoyuzh.config.FileStorageProperties;
import com.yoyuzh.files.storage.FileContentStorage;
import com.yoyuzh.files.storage.PreparedUpload;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageRequest;
import org.springframework.http.HttpHeaders;
@@ -15,12 +17,9 @@ import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.StringUtils;
import org.springframework.web.multipart.MultipartFile;
import java.io.IOException;
import java.net.URI;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardCopyOption;
import java.util.List;
@Service
@@ -28,52 +27,58 @@ public class FileService {
private static final List<String> DEFAULT_DIRECTORIES = List.of("下载", "文档", "图片");
private final StoredFileRepository storedFileRepository;
private final Path rootPath;
private final FileContentStorage fileContentStorage;
private final long maxFileSize;
public FileService(StoredFileRepository storedFileRepository, FileStorageProperties properties) {
public FileService(StoredFileRepository storedFileRepository,
FileContentStorage fileContentStorage,
FileStorageProperties properties) {
this.storedFileRepository = storedFileRepository;
this.rootPath = Path.of(properties.getRootDir()).toAbsolutePath().normalize();
this.fileContentStorage = fileContentStorage;
this.maxFileSize = properties.getMaxFileSize();
try {
Files.createDirectories(rootPath);
} catch (IOException ex) {
throw new IllegalStateException("无法初始化存储目录", ex);
}
}
@Transactional
public FileMetadataResponse upload(User user, String path, MultipartFile multipartFile) {
String normalizedPath = normalizeDirectoryPath(path);
String filename = StringUtils.cleanPath(multipartFile.getOriginalFilename());
if (!StringUtils.hasText(filename)) {
throw new BusinessException(ErrorCode.UNKNOWN, "文件名不能为空");
}
if (multipartFile.getSize() > maxFileSize) {
throw new BusinessException(ErrorCode.UNKNOWN, "文件大小超出限制");
}
if (storedFileRepository.existsByUserIdAndPathAndFilename(user.getId(), normalizedPath, filename)) {
throw new BusinessException(ErrorCode.UNKNOWN, "同目录下文件已存在");
}
String filename = normalizeUploadFilename(multipartFile.getOriginalFilename());
validateUpload(user.getId(), normalizedPath, filename, multipartFile.getSize());
Path targetDir = resolveUserPath(user.getId(), normalizedPath);
Path targetFile = targetDir.resolve(filename).normalize();
try {
Files.createDirectories(targetDir);
Files.copy(multipartFile.getInputStream(), targetFile, StandardCopyOption.REPLACE_EXISTING);
} catch (IOException ex) {
throw new BusinessException(ErrorCode.UNKNOWN, "文件上传失败");
}
fileContentStorage.upload(user.getId(), normalizedPath, filename, multipartFile);
return saveFileMetadata(user, normalizedPath, filename, filename, multipartFile.getContentType(), multipartFile.getSize());
}
StoredFile storedFile = new StoredFile();
storedFile.setUser(user);
storedFile.setFilename(filename);
storedFile.setPath(normalizedPath);
storedFile.setStorageName(filename);
storedFile.setContentType(multipartFile.getContentType());
storedFile.setSize(multipartFile.getSize());
storedFile.setDirectory(false);
return toResponse(storedFileRepository.save(storedFile));
public InitiateUploadResponse initiateUpload(User user, InitiateUploadRequest request) {
String normalizedPath = normalizeDirectoryPath(request.path());
String filename = normalizeLeafName(request.filename());
validateUpload(user.getId(), normalizedPath, filename, request.size());
PreparedUpload preparedUpload = fileContentStorage.prepareUpload(
user.getId(),
normalizedPath,
filename,
request.contentType(),
request.size()
);
return new InitiateUploadResponse(
preparedUpload.direct(),
preparedUpload.uploadUrl(),
preparedUpload.method(),
preparedUpload.headers(),
preparedUpload.storageName()
);
}
@Transactional
public FileMetadataResponse completeUpload(User user, CompleteUploadRequest request) {
String normalizedPath = normalizeDirectoryPath(request.path());
String filename = normalizeLeafName(request.filename());
String storageName = normalizeLeafName(request.storageName());
validateUpload(user.getId(), normalizedPath, filename, request.size());
fileContentStorage.completeUpload(user.getId(), normalizedPath, storageName, request.contentType(), request.size());
return saveFileMetadata(user, normalizedPath, filename, storageName, request.contentType(), request.size());
}
@Transactional
@@ -87,11 +92,8 @@ public class FileService {
if (storedFileRepository.existsByUserIdAndPathAndFilename(user.getId(), parentPath, directoryName)) {
throw new BusinessException(ErrorCode.UNKNOWN, "目录已存在");
}
try {
Files.createDirectories(resolveUserPath(user.getId(), normalizedPath));
} catch (IOException ex) {
throw new BusinessException(ErrorCode.UNKNOWN, "目录创建失败");
}
fileContentStorage.createDirectory(user.getId(), normalizedPath);
StoredFile storedFile = new StoredFile();
storedFile.setUser(user);
@@ -126,11 +128,8 @@ public class FileService {
continue;
}
try {
Files.createDirectories(resolveUserPath(user.getId(), "/").resolve(directoryName));
} catch (IOException ex) {
throw new BusinessException(ErrorCode.UNKNOWN, "默认目录初始化失败");
}
String logicalPath = "/" + directoryName;
fileContentStorage.ensureDirectory(user.getId(), logicalPath);
StoredFile storedFile = new StoredFile();
storedFile.setUser(user);
@@ -146,53 +145,146 @@ public class FileService {
@Transactional
public void delete(User user, Long fileId) {
StoredFile storedFile = storedFileRepository.findById(fileId)
.orElseThrow(() -> new BusinessException(ErrorCode.FILE_NOT_FOUND, "文件不存在"));
if (!storedFile.getUser().getId().equals(user.getId())) {
throw new BusinessException(ErrorCode.PERMISSION_DENIED, "没有权限删除该文件");
}
try {
Path basePath = resolveUserPath(user.getId(), storedFile.getPath());
Path target = storedFile.isDirectory()
? basePath.resolve(storedFile.getFilename()).normalize()
: basePath.resolve(storedFile.getStorageName()).normalize();
Files.deleteIfExists(target);
} catch (IOException ex) {
throw new BusinessException(ErrorCode.UNKNOWN, "删除文件失败");
StoredFile storedFile = getOwnedFile(user, fileId, "删除");
if (storedFile.isDirectory()) {
String logicalPath = buildLogicalPath(storedFile);
List<StoredFile> descendants = storedFileRepository.findByUserIdAndPathEqualsOrDescendant(user.getId(), logicalPath);
fileContentStorage.deleteDirectory(user.getId(), logicalPath, descendants);
if (!descendants.isEmpty()) {
storedFileRepository.deleteAll(descendants);
}
} else {
fileContentStorage.deleteFile(user.getId(), storedFile.getPath(), storedFile.getStorageName());
}
storedFileRepository.delete(storedFile);
}
public ResponseEntity<byte[]> download(User user, Long fileId) {
StoredFile storedFile = storedFileRepository.findById(fileId)
.orElseThrow(() -> new BusinessException(ErrorCode.FILE_NOT_FOUND, "文件不存在"));
if (!storedFile.getUser().getId().equals(user.getId())) {
throw new BusinessException(ErrorCode.PERMISSION_DENIED, "没有权限下载该文件");
@Transactional
public FileMetadataResponse rename(User user, Long fileId, String nextFilename) {
StoredFile storedFile = getOwnedFile(user, fileId, "重命名");
String sanitizedFilename = normalizeLeafName(nextFilename);
if (sanitizedFilename.equals(storedFile.getFilename())) {
return toResponse(storedFile);
}
if (storedFileRepository.existsByUserIdAndPathAndFilename(user.getId(), storedFile.getPath(), sanitizedFilename)) {
throw new BusinessException(ErrorCode.UNKNOWN, "同目录下文件已存在");
}
if (storedFile.isDirectory()) {
String oldLogicalPath = buildLogicalPath(storedFile);
String newLogicalPath = "/".equals(storedFile.getPath())
? "/" + sanitizedFilename
: storedFile.getPath() + "/" + sanitizedFilename;
List<StoredFile> descendants = storedFileRepository.findByUserIdAndPathEqualsOrDescendant(user.getId(), oldLogicalPath);
fileContentStorage.renameDirectory(user.getId(), oldLogicalPath, newLogicalPath, descendants);
for (StoredFile descendant : descendants) {
if (descendant.getPath().equals(oldLogicalPath)) {
descendant.setPath(newLogicalPath);
continue;
}
descendant.setPath(newLogicalPath + descendant.getPath().substring(oldLogicalPath.length()));
}
if (!descendants.isEmpty()) {
storedFileRepository.saveAll(descendants);
}
} else {
fileContentStorage.renameFile(user.getId(), storedFile.getPath(), storedFile.getStorageName(), sanitizedFilename);
}
storedFile.setFilename(sanitizedFilename);
storedFile.setStorageName(sanitizedFilename);
return toResponse(storedFileRepository.save(storedFile));
}
public ResponseEntity<?> download(User user, Long fileId) {
StoredFile storedFile = getOwnedFile(user, fileId, "下载");
if (storedFile.isDirectory()) {
throw new BusinessException(ErrorCode.UNKNOWN, "目录不支持下载");
}
try {
Path filePath = resolveUserPath(user.getId(), storedFile.getPath()).resolve(storedFile.getStorageName()).normalize();
byte[] body = Files.readAllBytes(filePath);
return ResponseEntity.ok()
.header(HttpHeaders.CONTENT_DISPOSITION,
"attachment; filename*=UTF-8''" + URLEncoder.encode(storedFile.getFilename(), StandardCharsets.UTF_8))
.contentType(MediaType.parseMediaType(
storedFile.getContentType() == null ? MediaType.APPLICATION_OCTET_STREAM_VALUE : storedFile.getContentType()))
.body(body);
} catch (IOException ex) {
throw new BusinessException(ErrorCode.FILE_NOT_FOUND, "文件不存在");
if (fileContentStorage.supportsDirectDownload()) {
return ResponseEntity.status(302)
.location(URI.create(fileContentStorage.createDownloadUrl(
user.getId(),
storedFile.getPath(),
storedFile.getStorageName(),
storedFile.getFilename())))
.build();
}
return ResponseEntity.ok()
.header(HttpHeaders.CONTENT_DISPOSITION,
"attachment; filename*=UTF-8''" + URLEncoder.encode(storedFile.getFilename(), StandardCharsets.UTF_8))
.contentType(MediaType.parseMediaType(
storedFile.getContentType() == null ? MediaType.APPLICATION_OCTET_STREAM_VALUE : storedFile.getContentType()))
.body(fileContentStorage.readFile(user.getId(), storedFile.getPath(), storedFile.getStorageName()));
}
public DownloadUrlResponse getDownloadUrl(User user, Long fileId) {
StoredFile storedFile = getOwnedFile(user, fileId, "下载");
if (storedFile.isDirectory()) {
throw new BusinessException(ErrorCode.UNKNOWN, "目录不支持下载");
}
if (fileContentStorage.supportsDirectDownload()) {
return new DownloadUrlResponse(fileContentStorage.createDownloadUrl(
user.getId(),
storedFile.getPath(),
storedFile.getStorageName(),
storedFile.getFilename()
));
}
return new DownloadUrlResponse("/api/files/download/" + storedFile.getId());
}
private FileMetadataResponse saveFileMetadata(User user,
String normalizedPath,
String filename,
String storageName,
String contentType,
long size) {
StoredFile storedFile = new StoredFile();
storedFile.setUser(user);
storedFile.setFilename(filename);
storedFile.setPath(normalizedPath);
storedFile.setStorageName(storageName);
storedFile.setContentType(contentType);
storedFile.setSize(size);
storedFile.setDirectory(false);
return toResponse(storedFileRepository.save(storedFile));
}
private StoredFile getOwnedFile(User user, Long fileId, String action) {
StoredFile storedFile = storedFileRepository.findById(fileId)
.orElseThrow(() -> new BusinessException(ErrorCode.FILE_NOT_FOUND, "文件不存在"));
if (!storedFile.getUser().getId().equals(user.getId())) {
throw new BusinessException(ErrorCode.PERMISSION_DENIED, "没有权限" + action + "该文件");
}
return storedFile;
}
private void validateUpload(Long userId, String normalizedPath, String filename, long size) {
if (size > maxFileSize) {
throw new BusinessException(ErrorCode.UNKNOWN, "文件大小超出限制");
}
if (storedFileRepository.existsByUserIdAndPathAndFilename(userId, normalizedPath, filename)) {
throw new BusinessException(ErrorCode.UNKNOWN, "同目录下文件已存在");
}
}
private FileMetadataResponse toResponse(StoredFile storedFile) {
String logicalPath = storedFile.getPath();
if (storedFile.isDirectory()) {
logicalPath = "/".equals(storedFile.getPath())
? "/" + storedFile.getFilename()
: storedFile.getPath() + "/" + storedFile.getFilename();
private String normalizeUploadFilename(String originalFilename) {
String filename = StringUtils.cleanPath(originalFilename);
if (!StringUtils.hasText(filename)) {
throw new BusinessException(ErrorCode.UNKNOWN, "文件名不能为空");
}
return normalizeLeafName(filename);
}
private FileMetadataResponse toResponse(StoredFile storedFile) {
String logicalPath = storedFile.isDirectory() ? buildLogicalPath(storedFile) : storedFile.getPath();
return new FileMetadataResponse(
storedFile.getId(),
storedFile.getFilename(),
@@ -221,16 +313,6 @@ public class FileService {
return normalized;
}
private Path resolveUserPath(Long userId, String normalizedPath) {
Path userRoot = rootPath.resolve(userId.toString()).normalize();
Path relative = "/".equals(normalizedPath) ? Path.of("") : Path.of(normalizedPath.substring(1));
Path resolved = userRoot.resolve(relative).normalize();
if (!resolved.startsWith(userRoot)) {
throw new BusinessException(ErrorCode.UNKNOWN, "路径不合法");
}
return resolved;
}
private String extractParentPath(String normalizedPath) {
int lastSlash = normalizedPath.lastIndexOf('/');
return lastSlash <= 0 ? "/" : normalizedPath.substring(0, lastSlash);
@@ -239,4 +321,21 @@ public class FileService {
private String extractLeafName(String normalizedPath) {
return normalizedPath.substring(normalizedPath.lastIndexOf('/') + 1);
}
private String buildLogicalPath(StoredFile storedFile) {
return "/".equals(storedFile.getPath())
? "/" + storedFile.getFilename()
: storedFile.getPath() + "/" + storedFile.getFilename();
}
private String normalizeLeafName(String filename) {
String cleaned = StringUtils.cleanPath(filename == null ? "" : filename).trim();
if (!StringUtils.hasText(cleaned)) {
throw new BusinessException(ErrorCode.UNKNOWN, "文件名不能为空");
}
if (cleaned.contains("/") || cleaned.contains("\\") || cleaned.contains("..")) {
throw new BusinessException(ErrorCode.UNKNOWN, "文件名不合法");
}
return cleaned;
}
}

12
backend/src/main/java/com/yoyuzh/files/InitiateUploadRequest.java Normal file
View File

@@ -0,0 +1,12 @@
package com.yoyuzh.files;
import jakarta.validation.constraints.Min;
import jakarta.validation.constraints.NotBlank;
public record InitiateUploadRequest(
@NotBlank String path,
@NotBlank String filename,
String contentType,
@Min(0) long size
) {
}

12
backend/src/main/java/com/yoyuzh/files/InitiateUploadResponse.java Normal file
View File

@@ -0,0 +1,12 @@
package com.yoyuzh.files;
import java.util.Map;
public record InitiateUploadResponse(
boolean direct,
String uploadUrl,
String method,
Map<String, String> headers,
String storageName
) {
}

9
backend/src/main/java/com/yoyuzh/files/RenameFileRequest.java Normal file
View File

@@ -0,0 +1,9 @@
package com.yoyuzh.files;
import jakarta.validation.constraints.NotBlank;
public record RenameFileRequest(
@NotBlank(message = "文件名不能为空")
String filename
) {
}

8
backend/src/main/java/com/yoyuzh/files/StoredFileRepository.java
View File

@@ -28,5 +28,13 @@ public interface StoredFileRepository extends JpaRepository<StoredFile, Long> {
@Param("path") String path,
Pageable pageable);
@Query("""
select f from StoredFile f
where f.user.id = :userId and (f.path = :path or f.path like concat(:path, '/%'))
order by f.createdAt asc
""")
List<StoredFile> findByUserIdAndPathEqualsOrDescendant(@Param("userId") Long userId,
@Param("path") String path);
List<StoredFile> findTop12ByUserIdAndDirectoryFalseOrderByCreatedAtDesc(Long userId);
}

31
backend/src/test/java/com/yoyuzh/config/SecurityConfigTest.java Normal file
View File

@@ -0,0 +1,31 @@
package com.yoyuzh.config;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.jupiter.api.Test;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import static org.assertj.core.api.Assertions.assertThat;
class SecurityConfigTest {
@Test
void corsConfigurationShouldAllowPatchRequests() {
CorsProperties corsProperties = new CorsProperties();
corsProperties.setAllowedOrigins(java.util.List.of("https://yoyuzh.xyz"));
SecurityConfig securityConfig = new SecurityConfig(
null,
null,
new ObjectMapper(),
corsProperties
);
CorsConfigurationSource source = securityConfig.corsConfigurationSource();
CorsConfiguration configuration = source.getCorsConfiguration(
new org.springframework.mock.web.MockHttpServletRequest("OPTIONS", "/api/files/1/rename"));
assertThat(configuration).isNotNull();
assertThat(configuration.getAllowedMethods()).contains("PATCH");
}
}

145
backend/src/test/java/com/yoyuzh/files/FileServiceTest.java
View File

@@ -3,9 +3,10 @@ package com.yoyuzh.files;
import com.yoyuzh.auth.User;
import com.yoyuzh.common.BusinessException;
import com.yoyuzh.config.FileStorageProperties;
import com.yoyuzh.files.storage.FileContentStorage;
import com.yoyuzh.files.storage.PreparedUpload;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.io.TempDir;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
@@ -13,14 +14,16 @@ import org.springframework.data.domain.PageImpl;
import org.springframework.data.domain.PageRequest;
import org.springframework.mock.web.MockMultipartFile;
import java.nio.file.Path;
import java.time.LocalDateTime;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
@@ -31,21 +34,20 @@ class FileServiceTest {
@Mock
private StoredFileRepository storedFileRepository;
private FileService fileService;
@Mock
private FileContentStorage fileContentStorage;
@TempDir
Path tempDir;
private FileService fileService;
@BeforeEach
void setUp() {
FileStorageProperties properties = new FileStorageProperties();
properties.setRootDir(tempDir.toString());
properties.setMaxFileSize(50 * 1024 * 1024);
fileService = new FileService(storedFileRepository, properties);
fileService = new FileService(storedFileRepository, fileContentStorage, properties);
}
@Test
void shouldStoreUploadedFileUnderUserDirectory() {
void shouldStoreUploadedFileViaConfiguredStorage() {
User user = createUser(7L);
MockMultipartFile multipartFile = new MockMultipartFile(
"file", "notes.txt", "text/plain", "hello".getBytes());
@@ -60,8 +62,71 @@ class FileServiceTest {
assertThat(response.id()).isEqualTo(10L);
assertThat(response.path()).isEqualTo("/docs");
assertThat(response.directory()).isFalse();
assertThat(tempDir.resolve("7/docs/notes.txt")).exists();
verify(fileContentStorage).upload(7L, "/docs", "notes.txt", multipartFile);
}
@Test
void shouldInitiateDirectUploadThroughStorage() {
User user = createUser(7L);
when(storedFileRepository.existsByUserIdAndPathAndFilename(7L, "/docs", "notes.txt")).thenReturn(false);
when(fileContentStorage.prepareUpload(7L, "/docs", "notes.txt", "text/plain", 12L))
.thenReturn(new PreparedUpload(true, "https://upload.example.com", "PUT", Map.of("Content-Type", "text/plain"), "notes.txt"));
InitiateUploadResponse response = fileService.initiateUpload(user,
new InitiateUploadRequest("/docs", "notes.txt", "text/plain", 12L));
assertThat(response.direct()).isTrue();
assertThat(response.uploadUrl()).isEqualTo("https://upload.example.com");
verify(fileContentStorage).prepareUpload(7L, "/docs", "notes.txt", "text/plain", 12L);
}
@Test
void shouldCompleteDirectUploadAndPersistMetadata() {
User user = createUser(7L);
when(storedFileRepository.existsByUserIdAndPathAndFilename(7L, "/docs", "notes.txt")).thenReturn(false);
when(storedFileRepository.save(any(StoredFile.class))).thenAnswer(invocation -> {
StoredFile file = invocation.getArgument(0);
file.setId(11L);
return file;
});
FileMetadataResponse response = fileService.completeUpload(user,
new CompleteUploadRequest("/docs", "notes.txt", "notes.txt", "text/plain", 12L));
assertThat(response.id()).isEqualTo(11L);
verify(fileContentStorage).completeUpload(7L, "/docs", "notes.txt", "text/plain", 12L);
}
@Test
void shouldRenameFileThroughConfiguredStorage() {
User user = createUser(7L);
StoredFile storedFile = createFile(10L, user, "/docs", "notes.txt");
when(storedFileRepository.findById(10L)).thenReturn(Optional.of(storedFile));
when(storedFileRepository.existsByUserIdAndPathAndFilename(7L, "/docs", "renamed.txt")).thenReturn(false);
when(storedFileRepository.save(any(StoredFile.class))).thenAnswer(invocation -> invocation.getArgument(0));
FileMetadataResponse response = fileService.rename(user, 10L, "renamed.txt");
assertThat(response.filename()).isEqualTo("renamed.txt");
verify(fileContentStorage).renameFile(7L, "/docs", "notes.txt", "renamed.txt");
}
@Test
void shouldRenameDirectoryAndUpdateDescendantPaths() {
User user = createUser(7L);
StoredFile directory = createDirectory(10L, user, "/docs", "archive");
StoredFile childFile = createFile(11L, user, "/docs/archive", "nested.txt");
when(storedFileRepository.findById(10L)).thenReturn(Optional.of(directory));
when(storedFileRepository.existsByUserIdAndPathAndFilename(7L, "/docs", "renamed-archive")).thenReturn(false);
when(storedFileRepository.findByUserIdAndPathEqualsOrDescendant(7L, "/docs/archive")).thenReturn(List.of(childFile));
when(storedFileRepository.save(any(StoredFile.class))).thenAnswer(invocation -> invocation.getArgument(0));
FileMetadataResponse response = fileService.rename(user, 10L, "renamed-archive");
assertThat(response.filename()).isEqualTo("renamed-archive");
assertThat(childFile.getPath()).isEqualTo("/docs/renamed-archive");
verify(fileContentStorage).renameDirectory(7L, "/docs/archive", "/docs/renamed-archive", List.of(childFile));
}
@Test
@@ -76,6 +141,22 @@ class FileServiceTest {
.hasMessageContaining("没有权限");
}
@Test
void shouldDeleteDirectoryWithNestedFilesViaStorage() {
User user = createUser(7L);
StoredFile directory = createDirectory(10L, user, "/docs", "archive");
StoredFile childFile = createFile(11L, user, "/docs/archive", "nested.txt");
when(storedFileRepository.findById(10L)).thenReturn(Optional.of(directory));
when(storedFileRepository.findByUserIdAndPathEqualsOrDescendant(7L, "/docs/archive")).thenReturn(List.of(childFile));
fileService.delete(user, 10L);
verify(fileContentStorage).deleteDirectory(7L, "/docs/archive", List.of(childFile));
verify(storedFileRepository).deleteAll(List.of(childFile));
verify(storedFileRepository).delete(directory);
}
@Test
void shouldListFilesByPathWithPagination() {
User user = createUser(7L);
@@ -100,15 +181,39 @@ class FileServiceTest {
fileService.ensureDefaultDirectories(user);
assertThat(tempDir.resolve("7/下载")).exists();
assertThat(tempDir.resolve("7/文档")).exists();
assertThat(tempDir.resolve("7/图片")).exists();
verify(storedFileRepository).existsByUserIdAndPathAndFilename(7L, "/", "下载");
verify(storedFileRepository).existsByUserIdAndPathAndFilename(7L, "/", "文档");
verify(storedFileRepository).existsByUserIdAndPathAndFilename(7L, "/", "图片");
verify(fileContentStorage).ensureDirectory(7L, "/下载");
verify(fileContentStorage).ensureDirectory(7L, "/文档");
verify(fileContentStorage).ensureDirectory(7L, "/图片");
verify(storedFileRepository, times(3)).save(any(StoredFile.class));
}
@Test
void shouldUseSignedDownloadUrlWhenStorageSupportsDirectDownload() {
User user = createUser(7L);
StoredFile file = createFile(22L, user, "/docs", "notes.txt");
when(storedFileRepository.findById(22L)).thenReturn(Optional.of(file));
when(fileContentStorage.supportsDirectDownload()).thenReturn(true);
when(fileContentStorage.createDownloadUrl(7L, "/docs", "notes.txt", "notes.txt"))
.thenReturn("https://download.example.com/file");
DownloadUrlResponse response = fileService.getDownloadUrl(user, 22L);
assertThat(response.url()).isEqualTo("https://download.example.com/file");
}
@Test
void shouldFallbackToBackendDownloadUrlWhenStorageIsLocal() {
User user = createUser(7L);
StoredFile file = createFile(22L, user, "/docs", "notes.txt");
when(storedFileRepository.findById(22L)).thenReturn(Optional.of(file));
when(fileContentStorage.supportsDirectDownload()).thenReturn(false);
DownloadUrlResponse response = fileService.getDownloadUrl(user, 22L);
assertThat(response.url()).isEqualTo("/api/files/download/22");
verify(fileContentStorage, never()).createDownloadUrl(any(), any(), any(), any());
}
private User createUser(Long id) {
User user = new User();
user.setId(id);
@@ -131,4 +236,12 @@ class FileServiceTest {
file.setCreatedAt(LocalDateTime.now());
return file;
}
private StoredFile createDirectory(Long id, User user, String path, String filename) {
StoredFile directory = createFile(id, user, path, filename);
directory.setDirectory(true);
directory.setContentType("directory");
directory.setSize(0L);
return directory;
}
}