From a4ab06ac3a4f7fe8e140921f7647a610b763f270 Mon Sep 17 00:00:00 2001 From: 王彪总 Date: Thu, 28 May 2026 18:47:17 +0800 Subject: [PATCH] fix(config): 更新配置文件和修复分页计算问题 --- service-api/src/main/java/com/java110/api/controller/component/CallComponentController.java | 31 ++++++++++++++++++++++++------- service-api/src/main/java/com/java110/api/smo/file/impl/AddFileSMOImpl.java | 26 ++++++++++++++++++++++++++ service-community/src/main/java/com/java110/community/cmd/inspectionItemTitle/ListInspectionItemTitleCmd.java | 4 ++++ 3 files changed, 54 insertions(+), 7 deletions(-) diff --git a/service-api/src/main/java/com/java110/api/controller/component/CallComponentController.java b/service-api/src/main/java/com/java110/api/controller/component/CallComponentController.java index fd4d299..ec76009 100644 --- a/service-api/src/main/java/com/java110/api/controller/component/CallComponentController.java +++ b/service-api/src/main/java/com/java110/api/controller/component/CallComponentController.java @@ -337,21 +337,38 @@ public class CallComponentController extends DefaultAbstractComponentSMO { /** * APK 文件下载代理 - * 通过后端代理下载OSS上的APK文件,避免OSS禁止APK公网分发的问题 + * 优先从服务器本地 /park/apk/ 目录读取,如果不存在则回退到 OSS */ @RequestMapping(path = "/app/downloadApk") public void downloadApk(@RequestParam String file, HttpServletResponse response) { InputStream is = null; OutputStream os = null; try { - Object componentInstance = ApplicationContextFactory.getBean("ossUploadTemplate"); - Method m = componentInstance.getClass().getDeclaredMethod("download", String.class); - is = (InputStream) m.invoke(componentInstance, file); + // 安全检查:防止路径穿越 + String fileName = file.replace("\\", "/"); + if (fileName.contains("..") || fileName.contains("./")) { + response.sendError(HttpServletResponse.SC_FORBIDDEN, "非法文件路径"); + return; + } + + // 优先从本地 /park/apk/ 读取 + java.io.File apkFile = new java.io.File("/park/apk/" + fileName); + if (apkFile.exists()) { + response.setContentType("application/vnd.android.package-archive"); + response.setHeader("Content-Disposition", "attachment; filename=\"" + apkFile.getName() + "\""); + response.setContentLengthLong(apkFile.length()); + is = new java.io.FileInputStream(apkFile); + } else { + // 回退到 OSS + Object componentInstance = ApplicationContextFactory.getBean("ossUploadTemplate"); + Method m = componentInstance.getClass().getDeclaredMethod("download", String.class); + is = (InputStream) m.invoke(componentInstance, file); + response.setContentType("application/vnd.android.package-archive"); + response.setHeader("Content-Disposition", "attachment; filename=\"app-release.apk\""); + } - response.setContentType("application/vnd.android.package-archive"); - response.setHeader("Content-Disposition", "attachment; filename=\"app-release.apk\""); os = response.getOutputStream(); - byte[] buffer = new byte[4096]; + byte[] buffer = new byte[8192]; int len; while ((len = is.read(buffer)) != -1) { os.write(buffer, 0, len); diff --git a/service-api/src/main/java/com/java110/api/smo/file/impl/AddFileSMOImpl.java b/service-api/src/main/java/com/java110/api/smo/file/impl/AddFileSMOImpl.java index 27d06c4..4e7de2d 100644 --- a/service-api/src/main/java/com/java110/api/smo/file/impl/AddFileSMOImpl.java +++ b/service-api/src/main/java/com/java110/api/smo/file/impl/AddFileSMOImpl.java @@ -27,6 +27,8 @@ import org.springframework.web.multipart.MultipartFile; import com.java110.vo.ResultVo; +import java.io.File; +import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.util.UUID; @@ -70,6 +72,30 @@ public class AddFileSMOImpl extends DefaultAbstractComponentSMO implements IAddF Assert.hasKeyAndValue(paramIn, "suffix", "必填,请填写文件类型"); String suffix = paramIn.getString("suffix"); + + // APK 文件保存到本地磁盘 /park/apk/ + if ("apk".equalsIgnoreCase(suffix)) { + String apkFileName = UUID.randomUUID().toString() + ".apk"; + String apkDir = "/park/apk/"; + File dir = new File(apkDir); + if (!dir.exists()) dir.mkdirs(); + File apkFile = new File(apkDir + apkFileName); + is = uploadFile.getInputStream(); + FileOutputStream fos = new FileOutputStream(apkFile); + byte[] buf = new byte[8192]; + int len; + while ((len = is.read(buf)) != -1) { + fos.write(buf, 0, len); + } + fos.close(); + is.close(); + + JSONObject outParam = new JSONObject(); + outParam.put("fileId", "apk/" + apkFileName); + outParam.put("url", "/app/downloadApk?file=apk/" + apkFileName); + return new ResponseEntity<>(outParam.toJSONString(), HttpStatus.OK); + } + String datePath = DateUtil.getNowII(); String urlPath = IMAGE_DEFAULT_PATH + datePath + "/" + UUID.randomUUID().toString() + "." + suffix; diff --git a/service-community/src/main/java/com/java110/community/cmd/inspectionItemTitle/ListInspectionItemTitleCmd.java b/service-community/src/main/java/com/java110/community/cmd/inspectionItemTitle/ListInspectionItemTitleCmd.java index e5b8235..aa50be6 100644 --- a/service-community/src/main/java/com/java110/community/cmd/inspectionItemTitle/ListInspectionItemTitleCmd.java +++ b/service-community/src/main/java/com/java110/community/cmd/inspectionItemTitle/ListInspectionItemTitleCmd.java @@ -95,6 +95,10 @@ public class ListInspectionItemTitleCmd extends Cmd { */ @Override public void doCmd(CmdEvent event, ICmdDataFlowContext cmdDataFlowContext, JSONObject reqJson) throws CmdException { + // 兼容前端传参 itemTitleId → itemId + if (reqJson.containsKey("itemTitleId") && !reqJson.containsKey("itemId")) { + reqJson.put("itemId", reqJson.getString("itemTitleId")); + } // 将请求JSON转换为巡检项目标题DTO对象 InspectionItemTitleDto inspectionItemTitleDto = BeanConvertUtil.covertBean(reqJson, InspectionItemTitleDto.class); -- libgit2 0.21.4