manager/zyplayer-doc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: manager:v1.1.4
Branches Tags
manager:dev-new manager:master manager:full-latest manager:dev-sh1yu manager:dev manager:only-db manager:open-doc
manager:v1.1.6 manager:v1.1.4 manager:v1.1.3 manager:v1.1.2 manager:v1.1.1 manager:v1.1.0 manager:v1.0.9 manager:v1.0.8 manager:v1.0.7 manager:v1.0.6 manager:v1.0.5 manager:v1.0.4 manager:v1.0.3 manager:v1.0.2 manager:v1.0.1 manager:v1.0.0
..
compare: manager:dev
Branches Tags
manager:dev-new manager:master manager:full-latest manager:dev-sh1yu manager:dev manager:only-db manager:open-doc
manager:v1.1.6 manager:v1.1.4 manager:v1.1.3 manager:v1.1.2 manager:v1.1.1 manager:v1.1.0 manager:v1.0.9 manager:v1.0.8 manager:v1.0.7 manager:v1.0.6 manager:v1.0.5 manager:v1.0.4 manager:v1.0.3 manager:v1.0.2 manager:v1.0.1 manager:v1.0.0

5 Commits
v1.1.4 ... dev

Author SHA1 Message Date
暮光:城中城
8bd22c4634 隐私空间支持分组授权查看 2023-03-28 08:32:39 +08:00
暮光:城中城
5b01d3274a !13 升级fastjson版本到1.2.83,1.2.83版本之前存在代码执行漏洞风险,CVE-2022-25845 
Merge pull request !13 from mnwexxx/N/A
 2023-03-26 10:27:20 +00:00
mnwexxx
d6d3d61bdd 升级fastjson版本到1.2.83,1.2.83版本之前存在代码执行漏洞风险,CVE-2022-25845 
升级fastjson版本到1.2.83,1.2.83版本之前存在代码执行漏洞风险,CVE-2022-25845

Signed-off-by: mnwexxx <12525570+mnwexxx@user.noreply.gitee.com>
 2023-03-26 10:04:15 +00:00
暮光:城中城
12599ff4db 更新文档地址 
Signed-off-by: 暮光:城中城 <806783409@qq.com>
 2023-03-22 14:25:26 +00:00
暮光:城中城
2f0b06a541 更新群信息 
Signed-off-by: 暮光:城中城 <806783409@qq.com>
 2023-03-18 10:05:11 +00:00
7 changed files with 48 additions and 6 deletions
Expand all files Collapse all files

6
README.md
View File

@@ -1,13 +1,15 @@
# 项目简介
zyplayer-doc是一款适合团队和个人使用的WIKI文档管理工具同时还包含数据库文档、Api接口文档。
在线文档:[zyplayer-doc使用文档](http://doc.zyplayer.com/doc-wiki#/docs/w4eSzPWvQRSBvaCHZS8t6d)
在线文档:[zyplayer-doc使用文档](http://doc.zyplayer.com/doc-wiki#/integrate/zyplayer-doc)
体验地址:[http://doc.zyplayer.com](http://doc.zyplayer.com)
欢迎有想法的同学一起来完善如果觉得不错就给个Star鼓励下呗作为给项目快速更新的动力
欢迎加群讨论QQ群号466363173
欢迎加入微信群与我们一起交流
![weixinqun.jpg](https://zyplayer.oss-cn-beijing.aliyuncs.com/doc/weixin/weixinqun.png)
# 快速启动
## 相关依赖

2
pom.xml
View File

@@ -159,7 +159,7 @@
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.78</version>
<version>1.2.83</version>
</dependency>
<dependency>
<groupId>cn.hutool</groupId>

6
zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/service/manage/WikiSpaceService.java
View File

@@ -3,6 +3,8 @@ package com.zyplayer.doc.data.service.manage;
import com.zyplayer.doc.data.repository.manage.entity.WikiSpace;
import com.baomidou.mybatisplus.extension.service.IService;
import java.util.List;
/**
* <p>
* 服务类
@@ -12,5 +14,7 @@ import com.baomidou.mybatisplus.extension.service.IService;
* @since 2019-03-13
*/
public interface WikiSpaceService extends IService<WikiSpace> {
List<Long> getViewAuthSpaceIds();
}

8
zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/service/manage/impl/WikiSpaceServiceImpl.java
View File

@@ -6,6 +6,8 @@ import com.zyplayer.doc.data.service.manage.WikiSpaceService;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.springframework.stereotype.Service;
import java.util.List;
/**
* <p>
* 服务实现类
@@ -16,5 +18,9 @@ import org.springframework.stereotype.Service;
*/
@Service
public class WikiSpaceServiceImpl extends ServiceImpl<WikiSpaceMapper, WikiSpace> implements WikiSpaceService {
@Override
public List<Long> getViewAuthSpaceIds() {
return null;
}
}

6
zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/controller/WikiSpaceController.java
View File

@@ -60,7 +60,11 @@ public class WikiSpaceController {
LambdaQueryWrapper<WikiSpace> wrapper = new LambdaQueryWrapper<>();
wrapper.eq(WikiSpace::getDelFlag, 0);
wrapper.eq(wikiSpace.getId() != null, WikiSpace::getId, wikiSpace.getId());
wrapper.and(con -> con.and(conSub -> conSub.eq(WikiSpace::getType, 3).eq(WikiSpace::getCreateUserId, currentUser.getUserId())).or().in(WikiSpace::getType, 1, 2));
wrapper.and(con ->
con.and(conSub -> conSub.eq(WikiSpace::getType, 3).eq(WikiSpace::getCreateUserId, currentUser.getUserId()))
.or(conSub -> conSub.eq(WikiSpace::getType, 3).eq(WikiSpace::getCreateUserId, currentUser.getUserId()))
.or().in(WikiSpace::getType, 1, 2)
);
// 收藏的空间
List<WikiSpaceFavorite> favoriteList = wikiSpaceFavoriteService.myFavoriteSpaceList();
Set<Long> favoriteSpaceIds = favoriteList.stream().map(WikiSpaceFavorite::getSpaceId).collect(Collectors.toSet());

1
zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/framework/consts/WikiAuthType.java
View File

@@ -9,6 +9,7 @@ package com.zyplayer.doc.wiki.framework.consts;
public enum WikiAuthType {
@Deprecated
CREATE_PAGE(1, "WIKI_CREATE_PAGE_"),
VIEW_PAGE(2, "WIKI_VIEW_PAGE_"),
EDIT_PAGE(2, "WIKI_EDIT_PAGE_"),
@Deprecated
COMMENT_PAGE(3, "WIKI_COMMENT_PAGE_"),

25
zyplayer-doc-wiki/src/main/java/com/zyplayer/doc/wiki/service/common/WikiPageAuthService.java
View File

@@ -23,6 +23,31 @@ import java.util.Objects;
public class WikiPageAuthService {
private final UserGroupAuthMapper userGroupAuthMapper;
/**
* 是否具有查看权限
*/
public String canView(WikiSpace wikiSpaceSel, Integer editType, Long pageId, Long currentUserId) {
if (wikiSpaceSel == null || Objects.equals(editType, 1)) {
return "当前页面不允许查看!";
}
// 私人空间不允许调用接口获取文章
if (SpaceType.isOthersPrivate(wikiSpaceSel.getType(), currentUserId, wikiSpaceSel.getCreateUserId())) {
return "您没有权限修改该空间的文章!";
}
// 空间不是自己的,也没有权限
if (SpaceType.isOthersPersonal(wikiSpaceSel.getType(), currentUserId, wikiSpaceSel.getCreateUserId())) {
boolean pageAuth = DocUserUtil.haveCustomAuth(WikiAuthType.VIEW_PAGE.getCode(), DocSysType.WIKI.getType(), DocSysModuleType.Wiki.PAGE.getType(), pageId);
if (!pageAuth) {
// 在空间上直接授权了分组的权限,在这个分组里就具有权限
Long authId = userGroupAuthMapper.haveAuth(wikiSpaceSel.getId(), DocSysType.WIKI.getType(), WikiAuthType.VIEW_PAGE.getType(), currentUserId);
if (authId == null) {
return "您没有查看该文章的权限!";
}
}
}
return null;
}
/**
* 是否具有编辑权限