blame | history | raw
1
zj
2025-08-23 a441a1665bc8dd78b70cc842ad9777ff0ec6daee 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187

package com.ruoyi.im;


 


import cn.hutool.core.util.ObjectUtil;


import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;


import com.ruoyi.common.core.domain.R;


import com.ruoyi.common.utils.StringUtils;


import com.ruoyi.im.comm.Result;


import com.ruoyi.im.config.IpUtils;


import com.ruoyi.im.dto.UpdateUserBusinessDto;


import com.ruoyi.im.service.ImApiServcie;


import com.ruoyi.im.dto.RegisterDto;


import com.ruoyi.system.domain.GroupWelcomeConfig;


import com.ruoyi.system.domain.IpBlacklist;


import com.ruoyi.system.domain.UserAccount;


import com.ruoyi.system.service.GroupWelcomeConfigService;


import com.ruoyi.system.service.ISysUserService;


import com.ruoyi.system.service.IpBlacklistService;


import com.ruoyi.system.service.UserAccountService;


import io.swagger.annotations.ApiOperation;


import lombok.extern.slf4j.Slf4j;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.beans.factory.annotation.Value;


import org.springframework.http.HttpStatus;


import org.springframework.http.ResponseEntity;


import org.springframework.validation.annotation.Validated;


import org.springframework.web.bind.annotation.*;


import org.springframework.web.multipart.MultipartFile;


 


import javax.servlet.http.HttpServletRequest;


import java.io.File;


import java.io.IOException;


import java.nio.file.Files;


import java.nio.file.Path;


import java.nio.file.Paths;


import java.nio.file.attribute.PosixFilePermission;


import java.nio.file.attribute.PosixFilePermissions;


import java.util.Map;


import java.util.Set;


import java.util.UUID;


 


@RestController


@RequestMapping("/im/api")


@Slf4j


public class ImApiController {


 


    @Autowired


    private ImApiServcie imApiServcie;


 


    @Autowired


    IpBlacklistService ipBlacklistService;


 


    @Autowired


    UserAccountService userAccountService;


 


 


 


    @Value("${file.upload-dir}")


    private String uploadDir;


 


    @Value("${file.upload-prefix}")


    private String prefix;


 


 


    /**


     * 注册


     */


    @PostMapping("/register")


    public Result register(@Validated RegisterDto dto){


        try {


            return imApiServcie.register(dto);


        }catch (Exception e){


            log.error("注册报错:",e);


            return Result.error("注册失败,请稍后再试!");


        }


    }


 


    /**


     * 获取ip地址并判断是否在黑名单


     */


    @GetMapping("/blacklist")


    public Result blacklist(HttpServletRequest request,@RequestParam("account") String account){


        try {


            String clientIp = IpUtils.getClientIp(request);


            if(StringUtils.isEmpty(clientIp)){


                return Result.success();


            }


            long count = ipBlacklistService.count(new LambdaQueryWrapper<IpBlacklist>().eq(IpBlacklist::getIpAddress, clientIp));


            if(count > 0){


                return Result.error("账号异常,禁止登录!");


            }


            UserAccount userAccount = userAccountService.getOne(new LambdaQueryWrapper<>(UserAccount.class).eq(UserAccount::getCloudMessageAccount, account));


            if(ObjectUtil.isEmpty(userAccount)){


                return Result.error("账号不存在!");


            }


            userAccount.setLoginIp(clientIp);


            userAccountService.updateById(userAccount);


            return Result.success();


        }catch (Exception e){


            log.error("登录错误:",e);


            return Result.error("登录错误,请稍后再试!");


        }


    }


 


 


    @PostMapping("/upload")


    public Result uploadFile(@RequestParam("file") MultipartFile file,@RequestParam("accountId") String accountId) {


        try {


 


            // 1. 验证文件类型


            String contentType = file.getContentType();


            if (contentType == null ||


                    (!contentType.equals("image/jpeg") &&


                            !contentType.equals("image/png") &&


                            !contentType.equals("image/gif"))) {


 


                return Result.error("只支持JPEG、PNG和GIF格式的图片!");


            }


 


            // 确保上传目录存在


            File directory = new File(uploadDir);


            if (!directory.exists()) {


                directory.mkdirs();


                // 设置目录权限为755 (rwxr-xr-x)


                setPermissions(directory, "rwxr-xr-x");


            }


 


            // 生成唯一文件名


            String fileName = UUID.randomUUID().toString() + "_" + file.getOriginalFilename();


            Path filePath = Paths.get(uploadDir, fileName);


 


            // 保存文件


            Files.write(filePath, file.getBytes());


 


            // 设置文件权限为644 (rw-r--r--)


            setPermissions(filePath.toFile(), "rw-r--r--");


 


            // 5. 调用网易云信API更新头像


            fileName = prefix+"/"+fileName;


            UpdateUserBusinessDto dto = new UpdateUserBusinessDto();


            dto.setAvatar(fileName);


            Map<String, Object> result = imApiServcie.updateUserAvatar(accountId,dto);


            if ((Boolean) result.get("success")) {


                return Result.success("文件上传成功");


            } else {


                return Result.error("上传失败!");


            }


        } catch (IOException e) {


            return Result.error("文件上传失败");


        } catch (Exception e) {


            e.printStackTrace();


            log.error("设置文件权限失败!");


        }


        return Result.success();


    }


 


    /**


     * 设置文件/目录权限


     * @param file 文件或目录对象


     * @param perm 权限字符串,如 "rw-r--r--"


     */


    private void setPermissions(File file, String perm) throws IOException {


        // 获取当前操作系统


        String os = System.getProperty("os.name").toLowerCase();


 


        // 只有在Unix/Linux系统上才能设置POSIX权限


        if (os.contains("nix") || os.contains("nux") || os.contains("mac")) {


            Set<PosixFilePermission> permissions = PosixFilePermissions.fromString(perm);


            Files.setPosixFilePermissions(file.toPath(), permissions);


        } else {


            // Windows系统不支持POSIX权限,可以设置基本权限


            file.setReadable(true, false);    // 所有用户可读


            if (perm.startsWith("rw")) {


                file.setWritable(true, false); // 所有用户可写(如果权限字符串以rw开头)


            } else {


                file.setWritable(false, false);


            }


 


            // 如果是目录且包含执行权限,设置可执行


            if (file.isDirectory() && perm.contains("x")) {


                file.setExecutable(true, false);


            }


        }


    }


 


 


 


}