feat(portal): 增加文档密钥保护功能

- 为HwWebDocument实体添加secretKey字段的@JsonIgnore注解- 新方法增getHasSecret用于判断是否存在密钥 - 在toString方法中用hasSecret替换secretKey输出 - 控制器中根据是否有密钥决定是否返回文档地址 -优化密钥验证逻辑，确保安全性 - 服务层改进密钥校验流程和错误处理机制
2 months ago · 135e901ff4
parent b5b6a62ff3
commit 135e901ff4
3 changed files with 26 additions and 6 deletions
--- a/ruoyi-modules/hw-portal/src/main/java/com/ruoyi/portal/controller/HwWebDocumentController.java
+++ b/ruoyi-modules/hw-portal/src/main/java/com/ruoyi/portal/controller/HwWebDocumentController.java
@ -46,6 +46,11 @@ public class HwWebDocumentController extends BaseController
    {
        startPage();
        List<HwWebDocument> list = hwWebDocumentService.selectHwWebDocumentList(hwWebDocument);
        for (HwWebDocument doc : list) {
            if (doc.getHasSecret()) {
                doc.setDocumentAddress(null);
            }
        }
        return getDataTable(list);
    }
@ -69,7 +74,11 @@ public class HwWebDocumentController extends BaseController
    @GetMapping(value = "/{documentId}")
    public AjaxResult getInfo(@PathVariable("documentId") String documentId)
    {
-        return success(hwWebDocumentService.selectHwWebDocumentByDocumentId(documentId));
+        HwWebDocument doc = hwWebDocumentService.selectHwWebDocumentByDocumentId(documentId);
        if (doc != null && doc.getHasSecret()) {
            doc.setDocumentAddress(null);
        }
        return success(doc);
    }
    /**
--- a/ruoyi-modules/hw-portal/src/main/java/com/ruoyi/portal/domain/HwWebDocument.java
+++ b/ruoyi-modules/hw-portal/src/main/java/com/ruoyi/portal/domain/HwWebDocument.java
@ -4,6 +4,7 @@ import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
 import com.ruoyi.common.core.annotation.Excel;
 import com.ruoyi.common.core.web.domain.BaseEntity;
 import com.fasterxml.jackson.annotation.JsonIgnore;
 /**
 * Hw资料文件对象 hw_web_document
@ -32,6 +33,7 @@ public class HwWebDocument extends BaseEntity
    /** 密钥 */
    @Excel(name = "密钥")
    @JsonIgnore
    private String secretKey;
    /** json */
@ -89,6 +91,10 @@ public class HwWebDocument extends BaseEntity
        return secretKey;
    }
    public boolean getHasSecret() {
        return secretKey != null && !secretKey.trim().isEmpty();
    }
    public String getJson() {
        return json;
    }
@ -121,7 +127,7 @@ public class HwWebDocument extends BaseEntity
            .append("documentAddress", getDocumentAddress())
            .append("createTime", getCreateTime())
            .append("webCode", getWebCode())
-            .append("secretKey", getSecretKey())
+            .append("hasSecret", getHasSecret())
            .append("json", getJson())
            .append("type", getType())
            .append("isDelete", getIsDelete())
--- a/ruoyi-modules/hw-portal/src/main/java/com/ruoyi/portal/service/impl/HwWebDocumentServiceImpl.java
+++ b/ruoyi-modules/hw-portal/src/main/java/com/ruoyi/portal/service/impl/HwWebDocumentServiceImpl.java
@ -102,11 +102,16 @@ public class HwWebDocumentServiceImpl implements IHwWebDocumentService
            throw new ServiceException("文件不存在");
        }
        String secretKey = document.getSecretKey();
-        if (providedKey != null) {
+        String address = document.getDocumentAddress();
-            providedKey = providedKey.trim();
+        if (secretKey == null || secretKey.trim().isEmpty()) {
            return address;
        }
-        if (secretKey.isEmpty()|| secretKey.equals(providedKey)) {
+        String trimmedProvided = providedKey == null ? null : providedKey.trim();
-            return document.getDocumentAddress();
+        if (trimmedProvided == null || trimmedProvided.isEmpty()) {
            throw new ServiceException("密钥错误");
        }
        if (secretKey.trim().equals(trimmedProvided)) {
            return address;
        } else {
            throw new ServiceException("密钥错误");
        }