权限开发，页面交互开发，增加阅读数

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiCommonController.java

@@ -2,19 +2,24 @@ package com.zyplayer.doc.wiki.controller;
 
 import cn.hutool.core.date.DateTime;
 import cn.hutool.core.util.RandomUtil;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.zyplayer.doc.core.json.DocResponseJson;
 import com.zyplayer.doc.core.json.ResponseJson;
 import com.zyplayer.doc.data.aspect.AuthMan;
 import com.zyplayer.doc.data.config.security.DocUserDetails;
 import com.zyplayer.doc.data.config.security.DocUserUtil;
+import com.zyplayer.doc.data.repository.manage.entity.UserInfo;
 import com.zyplayer.doc.data.repository.manage.entity.WikiPage;
 import com.zyplayer.doc.data.repository.manage.entity.WikiPageFile;
 import com.zyplayer.doc.data.repository.manage.entity.WikiSpace;
+import com.zyplayer.doc.data.service.manage.UserInfoService;
 import com.zyplayer.doc.data.service.manage.WikiPageFileService;
 import com.zyplayer.doc.data.service.manage.WikiPageService;
 import com.zyplayer.doc.data.service.manage.WikiSpaceService;
 import com.zyplayer.doc.wiki.framework.consts.Const;
+import com.zyplayer.doc.wiki.framework.consts.SpaceType;
+import com.zyplayer.doc.wiki.framework.consts.WikiAuthType;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -29,10 +34,7 @@ import java.io.FileInputStream;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.net.URLEncoder;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Optional;
+import java.util.*;
 
 /**
  * 文档控制器
@@ -55,6 +57,21 @@ public class WikiCommonController {
 	WikiPageService wikiPageService;
 	@Resource
 	WikiSpaceService wikiSpaceService;
+	@Resource
+	UserInfoService userInfoService;
+	
+	@PostMapping("/user/base")
+	public ResponseJson<Object> userBaseInfo(String search) {
+		if (StringUtils.isBlank(search)) {
+			return DocResponseJson.ok();
+		}
+		QueryWrapper<UserInfo> queryWrapper = new QueryWrapper<>();
+		queryWrapper.like("user_name", search).or().like("user_no", search)
+				.or().like("email", search);
+		queryWrapper.select("id", "user_name");
+		List<UserInfo> userInfoList = userInfoService.list(queryWrapper);
+		return DocResponseJson.ok(userInfoList);
+	}
 	
 	@PostMapping("/wangEditor/upload")
 	public Map<String, Object> wangEditorUpload(WikiPageFile wikiPageFile, @RequestParam("files") MultipartFile file) {
@@ -67,12 +84,28 @@ public class WikiCommonController {
 	
 	@PostMapping("/upload")
 	public ResponseJson<Object> upload(WikiPageFile wikiPageFile, @RequestParam("files") MultipartFile file) {
+		DocUserDetails currentUser = DocUserUtil.getCurrentUser();
+		Long pageId = wikiPageFile.getPageId();
+		if (pageId != null && pageId > 0) {
+			WikiPage wikiPageSel = wikiPageService.getById(pageId);
+			WikiSpace wikiSpaceSel = wikiSpaceService.getById(wikiPageSel.getSpaceId());
+			// 私人空间
+			if (SpaceType.isOthersPrivate(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
+				return DocResponseJson.warn("您没有该空间的文件上传权限！");
+			}
+			// 空间不是自己的，也没有权限
+			if (SpaceType.isOthersPersonal(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
+				boolean pageAuth = DocUserUtil.havePageAuth(WikiAuthType.PAGE_FILE_UPLOAD.getName(), pageId);
+				if (!pageAuth) {
+					return DocResponseJson.warn("您没有修改该文章附件的权限！");
+				}
+			}
+		}
 		String fileName = file.getOriginalFilename();
 		String fileSuffix = "";
 		if (fileName != null && fileName.lastIndexOf(".") >= 0) {
 			fileSuffix = fileName.substring(fileName.lastIndexOf("."));
 		}
-		DocUserDetails currentUser = DocUserUtil.getCurrentUser();
 		String path = uploadPath + "/" + DateTime.now().toString("yyyy/MM/dd") + "/";
 		File newFile = new File(path);
 		if (!newFile.exists() && !newFile.mkdirs()) {

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiPageAuthController.java

@@ -1,5 +1,7 @@
 package com.zyplayer.doc.wiki.controller;
 
+import com.alibaba.fastjson.JSON;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.zyplayer.doc.core.json.DocResponseJson;
 import com.zyplayer.doc.core.json.ResponseJson;
 import com.zyplayer.doc.data.aspect.AuthMan;
@@ -7,8 +9,10 @@ import com.zyplayer.doc.data.config.security.DocUserDetails;
 import com.zyplayer.doc.data.config.security.DocUserUtil;
 import com.zyplayer.doc.data.repository.manage.entity.*;
 import com.zyplayer.doc.data.service.manage.*;
+import com.zyplayer.doc.wiki.controller.vo.UserPageAuthVo;
 import com.zyplayer.doc.wiki.framework.consts.SpaceType;
 import com.zyplayer.doc.wiki.framework.consts.WikiAuthType;
+import org.apache.commons.collections.CollectionUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -16,9 +20,9 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import javax.annotation.Resource;
-import java.util.Date;
-import java.util.List;
-import java.util.Objects;
+import java.util.*;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 /**
  * 文档控制器
@@ -37,6 +41,8 @@ public class WikiPageAuthController {
 	@Resource
 	WikiSpaceService wikiSpaceService;
 	@Resource
+	UserInfoService userInfoService;
+	@Resource
 	WikiPageService wikiPageService;
 	@Resource
 	UserAuthService userAuthService;
@@ -44,43 +50,133 @@ public class WikiPageAuthController {
 	AuthInfoService authInfoService;
 	
 	@PostMapping("/assign")
-	public ResponseJson<List<WikiPageZan>> assign(Long pageId, Long userId, Long authId) {
+	public ResponseJson<List<WikiPageZan>> assign(Long pageId, String authList) {
 		DocUserDetails currentUser = DocUserUtil.getCurrentUser();
 		WikiPage wikiPageSel = wikiPageService.getById(pageId);
 		WikiSpace wikiSpaceSel = wikiSpaceService.getById(wikiPageSel.getSpaceId());
-		if (SpaceType.isPrivate(wikiSpaceSel.getType())) {
-			return DocResponseJson.warn("");
-		}
-		if (SpaceType.isPublic(wikiSpaceSel.getType())) {
-			return DocResponseJson.warn("");
-		}
+//		if (SpaceType.isPrivate(wikiSpaceSel.getType())) {
+//			return DocResponseJson.warn("私人空间不可以编辑权限");
+//		}
+//		if (SpaceType.isPublic(wikiSpaceSel.getType())) {
+//			return DocResponseJson.warn("公共空间不需要编辑权限");
+//		}
 		if (!SpaceType.isPersonal(wikiSpaceSel.getType())) {
-			return DocResponseJson.warn("");
+			return DocResponseJson.warn("只有个人空间才可以编辑权限");
 		}
 		if (!Objects.equals(currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
 			if (!DocUserUtil.havePageAuth(WikiAuthType.PAGE_AUTH_MANAGE.getName(), pageId)) {
-				return DocResponseJson.warn("");
+				return DocResponseJson.warn("您不是创建人或没有权限修改");
 			}
 		}
-		AuthInfo authInfo = authInfoService.getById(authId);
-		if (authInfo == null) {
-			return DocResponseJson.warn("");
+		List<String> authNameList = Stream.of(WikiAuthType.values()).map(WikiAuthType::getName).collect(Collectors.toList());
+		QueryWrapper<AuthInfo> queryWrapper = new QueryWrapper<>();
+		queryWrapper.in("auth_name", authNameList);
+		Collection<AuthInfo> authInfoList = authInfoService.list(queryWrapper);
+		Map<String, Long> authInfoMap = authInfoList.stream().collect(Collectors.toMap(AuthInfo::getAuthName, AuthInfo::getId));
+		
+		// 先删除页面的所有用户的权限
+		UserAuth userAuthDel = new UserAuth();
+		userAuthDel.setDelFlag(1);
+		QueryWrapper<UserAuth> updateWrapper = new QueryWrapper<>();
+		updateWrapper.eq("auth_custom_suffix", pageId);
+		updateWrapper.eq("del_flag", 0);
+		userAuthService.update(userAuthDel, updateWrapper);
+		
+		List<UserPageAuthVo> authVoList = JSON.parseArray(authList, UserPageAuthVo.class);
+		for (UserPageAuthVo authVo : authVoList) {
+			List<UserAuth> userAuthList = new LinkedList<>();
+			if (Objects.equals(authVo.getEditPage(), 1)) {
+				Long authId = authInfoMap.get(WikiAuthType.EDIT_PAGE.getName());
+				UserAuth userAuth = this.createUserAuth(pageId, currentUser.getUserId(), authVo.getUserId(), authId);
+				userAuthList.add(userAuth);
+			}
+			if (Objects.equals(authVo.getCommentPage(), 1)) {
+				Long authId = authInfoMap.get(WikiAuthType.COMMENT_PAGE.getName());
+				UserAuth userAuth = this.createUserAuth(pageId, currentUser.getUserId(), authVo.getUserId(), authId);
+				userAuthList.add(userAuth);
+			}
+			if (Objects.equals(authVo.getDeletePage(), 1)) {
+				Long authId = authInfoMap.get(WikiAuthType.DELETE_PAGE.getName());
+				UserAuth userAuth = this.createUserAuth(pageId, currentUser.getUserId(), authVo.getUserId(), authId);
+				userAuthList.add(userAuth);
+			}
+			if (Objects.equals(authVo.getPageFileUpload(), 1)) {
+				Long authId = authInfoMap.get(WikiAuthType.PAGE_FILE_UPLOAD.getName());
+				UserAuth userAuth = this.createUserAuth(pageId, currentUser.getUserId(), authVo.getUserId(), authId);
+				userAuthList.add(userAuth);
+			}
+			if (Objects.equals(authVo.getPageFileDelete(), 1)) {
+				Long authId = authInfoMap.get(WikiAuthType.PAGE_FILE_DELETE.getName());
+				UserAuth userAuth = this.createUserAuth(pageId, currentUser.getUserId(), authVo.getUserId(), authId);
+				userAuthList.add(userAuth);
+			}
+			if (Objects.equals(authVo.getPageAuthManage(), 1)) {
+				Long authId = authInfoMap.get(WikiAuthType.PAGE_AUTH_MANAGE.getName());
+				UserAuth userAuth = this.createUserAuth(pageId, currentUser.getUserId(), authVo.getUserId(), authId);
+				userAuthList.add(userAuth);
+			}
+			if (userAuthList.size() > 0) {
+				userAuthService.saveBatch(userAuthList);
+			}
 		}
-		UserAuth userAuth = new UserAuth();
-		userAuth.setAuthId(authId);
-		userAuth.setCreateUid(currentUser.getUserId());
-		userAuth.setCreationTime(new Date());
-		userAuth.setDelFlag(0);
-		userAuth.setUserId(userId);
-		userAuth.setAuthCustomSuffix(String.valueOf(pageId));
-		userAuthService.save(userAuth);
 		return DocResponseJson.ok();
 	}
 	
-	@PostMapping("/update")
-	public ResponseJson<Object> update(WikiPageZan wikiPageZan) {
+	@PostMapping("/list")
+	public ResponseJson<Object> list(Long pageId) {
 		DocUserDetails currentUser = DocUserUtil.getCurrentUser();
-		return DocResponseJson.ok();
+		WikiPage wikiPageSel = wikiPageService.getById(pageId);
+		WikiSpace wikiSpaceSel = wikiSpaceService.getById(wikiPageSel.getSpaceId());
+		if (!Objects.equals(currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
+			if (!DocUserUtil.havePageAuth(WikiAuthType.PAGE_AUTH_MANAGE.getName(), pageId)) {
+				return DocResponseJson.warn("您没有权限管理该页面的权限");
+			}
+		}
+		QueryWrapper<UserAuth> queryWrapper = new QueryWrapper<>();
+		queryWrapper.eq("auth_custom_suffix", pageId);
+		queryWrapper.eq("del_flag", 0);
+		List<UserAuth> authList = userAuthService.list(queryWrapper);
+		if (CollectionUtils.isEmpty(authList)) {
+			return DocResponseJson.ok();
+		}
+		// 权限ID对应的权限名
+		Collection<AuthInfo> authInfoList = authInfoService.listByIds(authList.stream().map(UserAuth::getAuthId).collect(Collectors.toList()));
+		Map<Long, String> authInfoMap = authInfoList.stream().collect(Collectors.toMap(AuthInfo::getId, AuthInfo::getAuthName));
+		// 查询用户信息
+		Map<Long, List<UserAuth>> userAuthGroup = authList.stream().collect(Collectors.groupingBy(UserAuth::getUserId));
+		Collection<UserInfo> userInfos = userInfoService.listByIds(userAuthGroup.keySet());
+		Map<Long, String> userInfoMap = userInfos.stream().collect(Collectors.toMap(UserInfo::getId, UserInfo::getUserName));
+		List<UserPageAuthVo> authVoList = new LinkedList<>();
+		// 组装结果集
+		userAuthGroup.forEach((key, value) -> {
+			Set<String> authNameSet = value.stream().map(auth -> authInfoMap.get(auth.getAuthId())).collect(Collectors.toSet());
+			UserPageAuthVo authVo = new UserPageAuthVo();
+			authVo.setEditPage(this.haveAuth(authNameSet, WikiAuthType.EDIT_PAGE));
+			authVo.setCommentPage(this.haveAuth(authNameSet, WikiAuthType.COMMENT_PAGE));
+			authVo.setDeletePage(this.haveAuth(authNameSet, WikiAuthType.DELETE_PAGE));
+			authVo.setPageFileUpload(this.haveAuth(authNameSet, WikiAuthType.PAGE_FILE_UPLOAD));
+			authVo.setPageFileDelete(this.haveAuth(authNameSet, WikiAuthType.PAGE_FILE_DELETE));
+			authVo.setPageAuthManage(this.haveAuth(authNameSet, WikiAuthType.PAGE_AUTH_MANAGE));
+			authVo.setUserId(key);
+			authVo.setUserName(userInfoMap.get(key));
+			authVoList.add(authVo);
+		});
+		return DocResponseJson.ok(authVoList);
+	}
+	
+	private Integer haveAuth(Set<String> authNameSet, WikiAuthType wikiAuthType){
+		return authNameSet.contains(wikiAuthType.getName()) ? 1 : 0;
+	}
+	
+	private UserAuth createUserAuth(Long pageId, Long loginUserId, Long userId, Long authId){
+		UserAuth userAuth = new UserAuth();
+		userAuth.setAuthCustomSuffix(String.valueOf(pageId));
+		userAuth.setCreationTime(new Date());
+		userAuth.setCreateUid(loginUserId);
+		userAuth.setDelFlag(0);
+		userAuth.setUserId(userId);
+		userAuth.setAuthId(authId);
+		return userAuth;
 	}
 }
 

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiPageCommentController.java

@@ -14,6 +14,7 @@ import com.zyplayer.doc.data.service.manage.WikiPageService;
 import com.zyplayer.doc.data.service.manage.WikiSpaceService;
 import com.zyplayer.doc.wiki.controller.vo.WikiPageCommentVo;
 import com.zyplayer.doc.wiki.framework.consts.SpaceType;
+import com.zyplayer.doc.wiki.framework.consts.WikiAuthType;
 import org.dozer.Mapper;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -90,6 +91,13 @@ public class WikiPageCommentController {
 		if (SpaceType.isOthersPrivate(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
 			return DocResponseJson.warn("您没有该空间的评论权！");
 		}
+		// 空间不是自己的，也没有权限
+		if (SpaceType.isOthersPersonal(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
+			boolean pageAuth = DocUserUtil.havePageAuth(WikiAuthType.COMMENT_PAGE.getName(), pageId);
+			if (!pageAuth) {
+				return DocResponseJson.warn("您没有评论该文章的权限！");
+			}
+		}
 		if (id != null && id > 0) {
 			wikiPageCommentService.updateById(pageComment);
 		} else {

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiPageController.java

@@ -11,6 +11,7 @@ import com.zyplayer.doc.data.service.manage.*;
 import com.zyplayer.doc.wiki.controller.vo.WikiPageContentVo;
 import com.zyplayer.doc.wiki.controller.vo.WikiPageVo;
 import com.zyplayer.doc.wiki.framework.consts.SpaceType;
+import com.zyplayer.doc.wiki.framework.consts.WikiAuthType;
 import org.apache.commons.lang3.StringUtils;
 import org.dozer.Mapper;
 import org.slf4j.Logger;
@@ -54,7 +55,7 @@ public class WikiPageController {
 		WikiSpace wikiSpaceSel = wikiSpaceService.getById(wikiPage.getSpaceId());
 		// 私人空间
 		if (SpaceType.isOthersPrivate(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
-			return DocResponseJson.warn("您没有查看该空间的文章列表！");
+			return DocResponseJson.warn("您没有权限查看该空间的文章列表！");
 		}
 		UpdateWrapper<WikiPage> wrapper = new UpdateWrapper<>();
 		wrapper.eq("del_flag", 0);
@@ -79,13 +80,12 @@ public class WikiPageController {
 		WikiSpace wikiSpaceSel = wikiSpaceService.getById(wikiPageSel.getSpaceId());
 		// 私人空间
 		if (SpaceType.isOthersPrivate(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
-			return DocResponseJson.warn("您没有查看该空间的文章详情！");
+			return DocResponseJson.warn("您没有权限查看该空间的文章详情！");
 		}
 		UpdateWrapper<WikiPageContent> wrapper = new UpdateWrapper<>();
 		wrapper.eq("page_id", wikiPage.getId());
 		WikiPageContent pageContent = wikiPageContentService.getOne(wrapper);
 		
-		// TODO 检查space是否开放访问
 		UpdateWrapper<WikiPageFile> wrapperFile = new UpdateWrapper<>();
 		wrapperFile.eq("page_id", wikiPage.getId());
 		wrapperFile.eq("del_flag", 0);
@@ -103,6 +103,14 @@ public class WikiPageController {
 		vo.setPageContent(pageContent);
 		vo.setFileList(pageFiles);
 		vo.setSelfZan((pageZan != null) ? 1 : 0);
+		// 高并发下会有覆盖问题，但不重要~
+		Integer viewNum =  Optional.ofNullable(wikiPageSel.getViewNum()).orElse(0);
+		WikiPage wikiPageUp = new WikiPage();
+		wikiPageUp.setId(wikiPageSel.getId());
+		wikiPageUp.setViewNum(viewNum + 1);
+		wikiPageService.updateById(wikiPageUp);
+		// 修改返回值里的查看数+1
+		wikiPageSel.setViewNum(viewNum + 1);
 		return DocResponseJson.ok(vo);
 	}
 	
@@ -117,7 +125,14 @@ public class WikiPageController {
 		WikiSpace wikiSpaceSel = wikiSpaceService.getById(wikiPageSel.getSpaceId());
 		// 私人空间不允许调用接口获取文章
 		if (SpaceType.isOthersPrivate(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
-			return DocResponseJson.warn("您没有修改该空间的文章权限！");
+			return DocResponseJson.warn("您没有权限修改该空间的文章！");
+		}
+		// 空间不是自己的，也没有权限
+		if (SpaceType.isOthersPersonal(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
+			boolean pageAuth = DocUserUtil.havePageAuth(WikiAuthType.EDIT_PAGE.getName(), id);
+			if (!pageAuth) {
+				return DocResponseJson.warn("您没有修改该文章的权限！");
+			}
 		}
 		WikiPage wikiPageUp = new WikiPage();
 		wikiPageUp.setId(wikiPage.getId());
@@ -138,17 +153,25 @@ public class WikiPageController {
 		if (delFlag == 0 && StringUtils.isBlank(wikiPage.getName())) {
 			return DocResponseJson.warn("标题不能为空！");
 		}
-		Long id = wikiPage.getId();
-		if (id != null && id > 0) {
-			WikiPage wikiPageSel = wikiPageService.getById(id);
+		Long pageId = wikiPage.getId();
+		if (pageId != null && pageId > 0) {
+			WikiPage wikiPageSel = wikiPageService.getById(pageId);
 			if (wikiPageSel == null || Objects.equals(wikiPageSel.getEditType(), 1)) {
 				return DocResponseJson.warn("当前页面不允许编辑！");
 			}
-			WikiSpace wikiSpaceSel = wikiSpaceService.getById(wikiPageSel.getSpaceId());
+			WikiSpace wikiSpaceSel = wikiSpaceService.getById(wikiPage.getSpaceId());
 			// 私人空间不允许调用接口获取文章
 			if (SpaceType.isOthersPrivate(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
-				return DocResponseJson.warn("您没有修改该空间的文章权限！");
+				return DocResponseJson.warn("您没有权限修改该空间的文章！");
 			}
+			// 空间不是自己的，也没有权限
+			if (SpaceType.isOthersPersonal(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
+				boolean pageAuth = DocUserUtil.havePageAuth(WikiAuthType.EDIT_PAGE.getName(), pageId);
+				if (!pageAuth) {
+					return DocResponseJson.warn("您没有修改该文章的权限！");
+				}
+			}
+			wikiPage.setSpaceId(null);
 			wikiPage.setEditType(null);
 			wikiPage.setUpdateTime(new Date());
 			wikiPage.setUpdateUserId(currentUser.getUserId());
@@ -159,9 +182,14 @@ public class WikiPageController {
 			pageContent.setUpdateUserId(currentUser.getUserId());
 			pageContent.setUpdateUserName(currentUser.getUsername());
 			UpdateWrapper<WikiPageContent> wrapper = new UpdateWrapper<>();
-			wrapper.eq("page_id", id);
+			wrapper.eq("page_id", pageId);
 			wikiPageContentService.update(pageContent, wrapper);
 		} else {
+			WikiSpace wikiSpaceSel = wikiSpaceService.getById(wikiPage.getSpaceId());
+			// 空间不是自己的
+			if (SpaceType.isOthersPrivate(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
+				return DocResponseJson.warn("您没有权限新增该空间的文章！");
+			}
 			wikiPage.setCreateTime(new Date());
 			wikiPage.setCreateUserId(currentUser.getUserId());
 			wikiPage.setCreateUserName(currentUser.getUsername());

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiPageFileController.java

@@ -12,6 +12,7 @@ import com.zyplayer.doc.data.service.manage.WikiPageFileService;
 import com.zyplayer.doc.data.service.manage.WikiPageService;
 import com.zyplayer.doc.data.service.manage.WikiSpaceService;
 import com.zyplayer.doc.wiki.framework.consts.SpaceType;
+import com.zyplayer.doc.wiki.framework.consts.WikiAuthType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -72,6 +73,13 @@ public class WikiPageFileController {
 		if (SpaceType.isOthersPrivate(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
 			return DocResponseJson.warn("您没有该空间的文件上传权限！");
 		}
+		// 空间不是自己的，也没有权限
+		if (SpaceType.isOthersPersonal(wikiSpaceSel.getType(), currentUser.getUserId(), wikiSpaceSel.getCreateUserId())) {
+			boolean pageAuth = DocUserUtil.havePageAuth(WikiAuthType.PAGE_FILE_UPLOAD.getName(), pageId);
+			if (!pageAuth) {
+				return DocResponseJson.warn("您没有修改该文章附件的权限！");
+			}
+		}
 		if (id != null && id > 0) {
 			wikiPageFile.setUpdateUserId(currentUser.getUserId());
 			wikiPageFile.setUpdateUserName(currentUser.getUsername());

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/vo/UserPageAuthVo.java

@@ -0,0 +1,76 @@
+package com.zyplayer.doc.wiki.controller.vo;
+
+public class UserPageAuthVo {
+	private String userName;
+	private Long userId;
+	private Integer editPage;
+	private Integer commentPage;
+	private Integer deletePage;
+	private Integer pageFileUpload;
+	private Integer pageFileDelete;
+	private Integer pageAuthManage;
+	
+	public Integer getCommentPage() {
+		return commentPage;
+	}
+	
+	public void setCommentPage(Integer commentPage) {
+		this.commentPage = commentPage;
+	}
+	
+	public Integer getDeletePage() {
+		return deletePage;
+	}
+	
+	public void setDeletePage(Integer deletePage) {
+		this.deletePage = deletePage;
+	}
+	
+	public Integer getPageFileUpload() {
+		return pageFileUpload;
+	}
+	
+	public void setPageFileUpload(Integer pageFileUpload) {
+		this.pageFileUpload = pageFileUpload;
+	}
+	
+	public Integer getPageFileDelete() {
+		return pageFileDelete;
+	}
+	
+	public void setPageFileDelete(Integer pageFileDelete) {
+		this.pageFileDelete = pageFileDelete;
+	}
+	
+	public Integer getPageAuthManage() {
+		return pageAuthManage;
+	}
+	
+	public void setPageAuthManage(Integer pageAuthManage) {
+		this.pageAuthManage = pageAuthManage;
+	}
+	
+	public String getUserName() {
+		return userName;
+	}
+	
+	public void setUserName(String userName) {
+		this.userName = userName;
+	}
+	
+	public Long getUserId() {
+		return userId;
+	}
+	
+	public void setUserId(Long userId) {
+		this.userId = userId;
+	}
+	
+	public Integer getEditPage() {
+		return editPage;
+	}
+	
+	public void setEditPage(Integer editPage) {
+		this.editPage = editPage;
+	}
+}

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/framework/consts/SpaceType.java

@@ -11,10 +11,14 @@ public class SpaceType {
 		return Objects.equals(type, publicSpace);
 	}
 	
-	public static boolean isPersonal(Integer type){
+	public static boolean isPersonal(Integer type) {
 		return Objects.equals(type, personalSpace);
 	}
 	
+	public static boolean isOthersPersonal(Integer type, Long loginUserId, Long spaceUserId){
+		return Objects.equals(type, personalSpace) && !Objects.equals(loginUserId, spaceUserId);
+	}
+	
 	public static boolean isPrivate(Integer type){
 		return Objects.equals(type, privateSpace);
 	}

zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/framework/consts/WikiAuthType.java

@@ -1,13 +1,13 @@
 package com.zyplayer.doc.wiki.framework.consts;
 
 public enum WikiAuthType {
-	CREATE_PAGE(1, "CREATE_PAGE_"),
-	VIEW_PAGE(1, "VIEW_PAGE_"),
-	COMMENT_PAGE(1, "COMMENT_PAGE_"),
-	DELETE_PAGE(1, "DELETE_PAGE_"),
-	PAGE_FILE_UPLOAD(1, "PAGE_FILE_UPLOAD_"),
-	PAGE_FILE_DELETE(1, "PAGE_FILE_DELETE_"),
-	PAGE_AUTH_MANAGE(1, "PAGE_AUTH_MANAGE_"),
+	CREATE_PAGE(1, "WIKI_CREATE_PAGE_"),
+	EDIT_PAGE(1, "WIKI_EDIT_PAGE_"),
+	COMMENT_PAGE(1, "WIKI_COMMENT_PAGE_"),
+	DELETE_PAGE(1, "WIKI_DELETE_PAGE_"),
+	PAGE_FILE_UPLOAD(1, "WIKI_PAGE_FILE_UPLOAD_"),
+	PAGE_FILE_DELETE(1, "WIKI_PAGE_FILE_DELETE_"),
+	PAGE_AUTH_MANAGE(1, "WIKI_PAGE_AUTH_MANAGE_"),
 	;
 	private Integer type;
 	private String name;