diff --git a/app/Controller/DownloadController.php b/app/Controller/DownloadController.php index d34e4ff..57b6814 100644 --- a/app/Controller/DownloadController.php +++ b/app/Controller/DownloadController.php @@ -13,15 +13,78 @@ */ namespace App\Controller; +use App\Helper\ValidateHelper; +use App\Model\ChatRecords; +use App\Model\ChatRecordsFile; +use App\Model\UsersGroup; +use Hyperf\Filesystem\FilesystemFactory; use Psr\Http\Message\ResponseInterface; class DownloadController extends AbstractController { public function userChatFile(): ResponseInterface { + $crId = (int) $this->request->input('cr_id', 0); + $uid = $this->uid(); + + if (! ValidateHelper::isInteger($crId)) { + return $this->response->error('文件下载失败...'); + } + + /** + * @var ChatRecords $recordsInfo + */ + $recordsInfo = ChatRecords::select(['msg_type', 'source', 'user_id', 'receive_id'])->where('id', $crId)->first(); + if (! $recordsInfo) { + return $this->response->error('文件不存在...'); + } + + //判断消息是否是当前用户发送(如果是则跳过权限验证) + if ($recordsInfo->user_id !== $uid) { + if ($recordsInfo->source === 1) { + if ($recordsInfo->receive_id !== $uid) { + return $this->response->error('非法请求...'); + } + } elseif (! UsersGroup::isMember($recordsInfo->receive_id, $uid)) { + return $this->response->error('非法请求...'); + } + } + + /** + * @var ChatRecordsFile $fileInfo + */ + $fileInfo = ChatRecordsFile::select(['save_dir', 'original_name'])->where('record_id', $crId)->first(); + if (! $fileInfo) { + return $this->response->error('文件不存在或没有下载权限...'); + } + + $factory = di(FilesystemFactory::class)->get('qiniu'); + if ($factory->has($fileInfo->save_dir)) { + $dir = config('file.storage.local.root'); + $contents = $factory->read($fileInfo->save_dir); + $fileSystem = di(FilesystemFactory::class)->get('local'); + if ($fileSystem->has($fileInfo->save_dir)) { + return $this->response->download($dir . '/' . $fileInfo->save_dir, $fileInfo->original_name); + } + $fileSystem->write($fileInfo->save_dir, $contents); + return $this->response->download($dir . '/' . $fileInfo->save_dir, $fileInfo->original_name); + } + return $this->response->error('文件不存在...'); } - public function download(): ResponseInterface + public function download(string $saveDir, string $originalName): ResponseInterface { + $factory = di(FilesystemFactory::class)->get('qiniu'); + if ($factory->has($saveDir)) { + $dir = config('file.storage.local.root'); + $contents = $factory->read($saveDir); + $fileSystem = di(FilesystemFactory::class)->get('local'); + if ($fileSystem->has($saveDir)) { + return $this->response->download($dir . '/' . $saveDir, $originalName); + } + $fileSystem->write($saveDir, $contents); + return $this->response->download($dir . '/' . $saveDir, $originalName); + } + return $this->response->error('文件不存在...'); } } diff --git a/app/Kernel/Http/Response.php b/app/Kernel/Http/Response.php index 063f036..db4bcc3 100644 --- a/app/Kernel/Http/Response.php +++ b/app/Kernel/Http/Response.php @@ -107,4 +107,9 @@ public function toWechatXML(string $xml, int $statusCode = 200): PsrResponseInte ->withAddedHeader('content-type', 'application/xml; charset=utf-8') ->withBody(new SwooleStream($xml)); } + + public function download(string $file, string $name = ''): PsrResponseInterface + { + return $this->container->get(ResponseInterface::class)->download($file, $name); + } } diff --git a/config/routes.php b/config/routes.php index 10dd660..5727772 100644 --- a/config/routes.php +++ b/config/routes.php @@ -124,7 +124,8 @@ /* ---------------------- 结束 ------------------------------------ */ /* --------------------- HTTP-Download -------------------------- */ Router::addGroup('/api/download/', static function () { - Router::get('user-chat-file', 'App\Controller\EmoticonController@userChatFile'); + Router::get('user-chat-file', 'App\Controller\DownloadController@userChatFile'); + Router::get('download', 'App\Controller\DownloadController@download'); }, [ 'middleware' => [HttpAuthMiddleware::class], ]);