2 Commits 184b44f4c9 ... 0a5aa29286

Autor SHA1 Nachricht Datum
  matianxiang 0a5aa29286 xiazai bug vor 1 Monat
  matianxiang 3499aebe56 xiazai vor 1 Monat

+ 65 - 0
eitc-admin/src/main/java/com/eitc/web/controller/common/DownloadController.java

@@ -0,0 +1,65 @@
1
+package com.eitc.web.controller.common;
2
+
3
+import com.eitc.common.config.EitcConfig;
4
+import com.eitc.common.constant.Constants;
5
+import com.eitc.common.core.controller.BaseController;
6
+import com.eitc.common.utils.StringUtils;
7
+import com.eitc.common.utils.file.FileUtils;
8
+import org.slf4j.Logger;
9
+import org.slf4j.LoggerFactory;
10
+import org.springframework.http.MediaType;
11
+import org.springframework.web.bind.annotation.GetMapping;
12
+import org.springframework.web.bind.annotation.RequestMapping;
13
+import org.springframework.web.bind.annotation.RestController;
14
+
15
+import javax.servlet.http.HttpServletRequest;
16
+import javax.servlet.http.HttpServletResponse;
17
+
18
+
19
+/**
20
+ * 通用请求处理
21
+ *
22
+ * @author eitc
23
+ */
24
+@RestController
25
+@RequestMapping("/download")
26
+public class DownloadController extends BaseController {
27
+
28
+    /**
29
+     * 硬件app
30
+     */
31
+    @GetMapping("/hardware")
32
+    public void hardware(HttpServletRequest request, HttpServletResponse response) throws Exception {
33
+        String resource = "/profile/app/huishitong.apk";
34
+        resourceDownload(resource, response);
35
+    }
36
+
37
+    @GetMapping("/hospital")
38
+    public void hospital(HttpServletResponse response) throws Exception {
39
+        String resource = "/profile/app/kouqiangyiyuan_1.0.0_1_240830_release.apk";
40
+        resourceDownload(resource, response);
41
+    }
42
+
43
+    @GetMapping("/document")
44
+    public void document(HttpServletResponse response) throws Exception {
45
+        String resource = "/profile/app/document.pdf";
46
+        resourceDownload(resource, response);
47
+    }
48
+
49
+    public void resourceDownload(String resource, HttpServletResponse response) throws Exception {
50
+        // 禁止目录上跳级别
51
+        if (StringUtils.contains(resource, "..")) {
52
+            throw new Exception(StringUtils.format("资源文件({})非法,不允许下载。 ", resource));
53
+        }
54
+        // 本地资源路径
55
+        String localPath = EitcConfig.getProfile();
56
+        // 数据库资源地址
57
+        String downloadPath = localPath + StringUtils.substringAfter(resource, Constants.RESOURCE_PREFIX);
58
+        // 下载名称
59
+        String downloadName = StringUtils.substringAfterLast(downloadPath, "/");
60
+        response.setContentType(MediaType.APPLICATION_OCTET_STREAM_VALUE);
61
+        FileUtils.setAttachmentResponseHeader(response, downloadName);
62
+        FileUtils.writeBytes(downloadPath, response.getOutputStream());
63
+    }
64
+
65
+}

+ 1 - 0
eitc-framework/src/main/java/com/eitc/framework/config/SecurityConfig.java

@@ -112,6 +112,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
112 112
                 .authorizeRequests()
113 113
                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
114 114
                 .antMatchers("/login", "/register", "/captchaImage","/sys/clinict/downloadLocal/**").permitAll()
115
+                .antMatchers("/download/**").permitAll()
115 116
                 // 静态资源,可匿名访问
116 117
                 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
117 118
                 .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()