diff --git a/src/main/java/vin/vio/collaboraonline/controller/WopiController.java b/src/main/java/vin/vio/collaboraonline/controller/WopiController.java index 96bfde1..7ffea4f 100644 --- a/src/main/java/vin/vio/collaboraonline/controller/WopiController.java +++ b/src/main/java/vin/vio/collaboraonline/controller/WopiController.java @@ -35,7 +35,7 @@ public class WopiController { // 检查文件信息 @GetMapping("/files/{fileId}") - public ResponseEntity checkFileInfo(@PathVariable String fileId) { + public ResponseEntity checkFileInfo(@PathVariable String fileId, @RequestParam(required = false) String access_token) { WopiFile file = fileService.getFileInfo(fileId); if (file == null) { @@ -49,9 +49,9 @@ public class WopiController { // 获取文件内容 @GetMapping("/files/{fileId}/contents") - public ResponseEntity getFile(@PathVariable String fileId) { + public ResponseEntity getFile(@PathVariable String fileId) { - File fileResource = fileService.loadFileAsResource(fileId); + Resource fileResource = fileService.loadFileAsResource(fileId); if (fileResource == null) { return ResponseEntity.notFound().build(); } @@ -89,14 +89,14 @@ public class WopiController { response.put("EnableOwnerTermination", true); // 允许强制终止锁 // 关闭所有安全限制 - response.put("IsAnonymousUser", true); // 允许匿名访问 + response.put("IsAnonymousUser", false); // 允许匿名访问 response.put("ProtectInClient", false); // 禁用客户端保护 response.put("DisablePrint", false); response.put("DisableExport", false); response.put("DisableCopy", false); // 添加必要协议字段 - response.put("HostEditUrl", host + "/wopi/files/"+file.getFileName()); + response.put("HostEditUrl", host + "/wopi/files/"+file.getFileName() + "?access_token=asdasd"); response.put("PostMessageOrigin", host); // 本地测试用 // 测试环境特殊配置 diff --git a/src/main/java/vin/vio/collaboraonline/service/FileService.java b/src/main/java/vin/vio/collaboraonline/service/FileService.java index 6a8148c..69ee541 100644 --- a/src/main/java/vin/vio/collaboraonline/service/FileService.java +++ b/src/main/java/vin/vio/collaboraonline/service/FileService.java @@ -63,11 +63,19 @@ public class FileService { return file; } - public File loadFileAsResource(String fileId) { - String requestFile = kingdeeService.requestFile(fileId); - Path resolvedPath = new File(requestFile).toPath(); + public Resource loadFileAsResource(String fileId) { + try { + String path = kingdeeService.requestFile(fileId); + Path filePath = Paths.get(path); + FileSystemResource resource = new FileSystemResource(filePath); - return resolvedPath.toFile(); + if (resource.exists() && resource.isReadable() && Files.isRegularFile(filePath)) { + return resource; + } + return null; + } catch (InvalidPathException | SecurityException e) { + throw new RuntimeException("非法文件访问: " + fileId, e); + } } public boolean saveFile(String fileId, InputStream content) { diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index e35dce3..04da934 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -6,12 +6,12 @@ spring: # http://192.168.3.211:9980/browser/dist/cool.html?WOPISrc=http://192.168.3.104:8080/wopi/files/test.docx&lang=zh-cn -# http://47.99.175.155:59980/browser/dist/cool.html?WOPISrc=http://47.99.175.155:59981/wopi/files/test.docx&lang=zh-cn +# http://47.99.175.155:59980/browser/dist/cool.html?lang=zh-cn&WOPISrc=http://47.99.175.155:59981/wopi/files/test.docx # http://:<端口>/browser/dist/cool.html?WOPISrc=http://<本机IP>:<服务端口>/wopi/files/<文件名>&lang=zh-cn -# http://192.168.3.211:9980/browser/dist/cool.html?WOPISrc=http://192.168.3.104:8080/wopi/files/2087131858671270912&lang=zh-cn +# http://192.168.3.211:9980/browser/dist/cool.html?lang=zh-cn&WOPISrc=http://192.168.3.104:8080/wopi/files/2087131858671270912 ensign: kingdee: env: test