github/dootask
1
0
Fork 0
mirror of https://github.com/kuaifan/dootask.git synced 2025-12-13 20:12:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

perf: 优化错误提示

Browse Source
This commit is contained in:
kuaifan 2025-07-30 20:33:27 +08:00
parent a1a51914a2
commit 1b242dc04e
8 changed files with 20 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Controllers/Api/ApproveController.php
View File

@ -984,13 +984,13 @@ class ApproveController extends AbstractController
{ {
$userid = Session::get('approve::export:userid'); $userid = Session::get('approve::export:userid');
if (empty($userid)) { if (empty($userid)) {
return Base::ajaxError("请求已过期,请重新导出!", [], 0, 502); return Base::ajaxError("请求已过期,请重新导出!", [], 0, 403);
} }
// //
$array = Base::string2array(base64_decode(urldecode(Request::input('key')))); $array = Base::string2array(base64_decode(urldecode(Request::input('key'))));
$file = $array['file']; $file = $array['file'];
if (empty($file) || !file_exists(storage_path($file))) { if (empty($file) || !file_exists(storage_path($file))) {
return Base::ajaxError("文件不存在!", [], 0, 502); return Base::ajaxError("文件不存在!", [], 0, 403);
} }
return Response::download(storage_path($file)); return Response::download(storage_path($file));
} }

8
app/Http/Controllers/Api/DialogController.php
View File

@ -1857,12 +1857,8 @@ class DialogController extends AbstractController
$down = Request::input('down', 'yes'); $down = Request::input('down', 'yes');
// //
$msg = WebSocketDialogMsg::whereId($msg_id)->first(); $msg = WebSocketDialogMsg::whereId($msg_id)->first();
if (empty($msg)) { abort_if(empty($msg), 403, "This file not exist.");
abort(403, "This file not exist."); abort_if($msg->type != 'file', 403, "This file not support download.");
}
if ($msg->type != 'file') {
abort(403, "This file not support download.");
}
$array = Base::json2array($msg->getRawOriginal('msg')); $array = Base::json2array($msg->getRawOriginal('msg'));
// //
if ($down === 'preview') { if ($down === 'preview') {

4
app/Http/Controllers/Api/FileController.php
View File

@ -1020,13 +1020,13 @@ class FileController extends AbstractController
if ($key) { if ($key) {
$userid = Session::get('file::pack:userid'); $userid = Session::get('file::pack:userid');
if (empty($userid)) { if (empty($userid)) {
return Base::ajaxError("请求已过期,请重新导出!", [], 0, 502); return Base::ajaxError("请求已过期,请重新导出!", [], 0, 403);
} }
// //
$array = Base::string2array(base64_decode(urldecode($key))); $array = Base::string2array(base64_decode(urldecode($key)));
$file = $array['file']; $file = $array['file'];
if (empty($file) || !file_exists(storage_path($file))) { if (empty($file) || !file_exists(storage_path($file))) {
return Base::ajaxError("文件不存在!", [], 0, 502); return Base::ajaxError("文件不存在!", [], 0, 403);
} }
return Response::download(storage_path($file)); return Response::download(storage_path($file));
} }

8
app/Http/Controllers/Api/ProjectController.php
View File

@ -1661,13 +1661,13 @@ class ProjectController extends AbstractController
{ {
$userid = Session::get('task::export:userid'); $userid = Session::get('task::export:userid');
if (empty($userid)) { if (empty($userid)) {
return Base::ajaxError("请求已过期,请重新导出!", [], 0, 502); return Base::ajaxError("请求已过期,请重新导出!", [], 0, 403);
} }
// //
$array = Base::string2array(base64_decode(urldecode(Request::input('key')))); $array = Base::string2array(base64_decode(urldecode(Request::input('key'))));
$file = $array['file']; $file = $array['file'];
if (empty($file) || !file_exists(storage_path($file))) { if (empty($file) || !file_exists(storage_path($file))) {
return Base::ajaxError("文件不存在!", [], 0, 502); return Base::ajaxError("文件不存在!", [], 0, 403);
} }
return Response::download(storage_path($file)); return Response::download(storage_path($file));
} }
@ -1926,9 +1926,7 @@ class ProjectController extends AbstractController
$down = Request::input('down', 'yes'); $down = Request::input('down', 'yes');
// //
$file = ProjectTaskFile::find($file_id); $file = ProjectTaskFile::find($file_id);
if (empty($file)) { abort_if(empty($file), 403, "This file not exist.");
abort(403, "This file not exist.");
}
// //
try { try {
ProjectTask::userTask($file->task_id, null); ProjectTask::userTask($file->task_id, null);

4
app/Http/Controllers/Api/SystemController.php
View File

@ -1512,13 +1512,13 @@ class SystemController extends AbstractController
{ {
$userid = Session::get('checkin::export:userid'); $userid = Session::get('checkin::export:userid');
if (empty($userid)) { if (empty($userid)) {
return Base::ajaxError("请求已过期,请重新导出!", [], 0, 502); return Base::ajaxError("请求已过期,请重新导出!", [], 0, 403);
} }
// //
$array = Base::string2array(base64_decode(urldecode(Request::input('key')))); $array = Base::string2array(base64_decode(urldecode(Request::input('key'))));
$file = $array['file']; $file = $array['file'];
if (empty($file) || !file_exists(storage_path($file))) { if (empty($file) || !file_exists(storage_path($file))) {
return Base::ajaxError("文件不存在!", [], 0, 502); return Base::ajaxError("文件不存在!", [], 0, 403);
} }
return Response::download(storage_path($file)); return Response::download(storage_path($file));
} }

14
app/Http/Controllers/IndexController.php
View File

@ -352,9 +352,7 @@ class IndexController extends InvokeController
break; break;
} }
} }
if (empty($avaiPath)) { abort_if(empty($avaiPath), 404);
abort(404);
}
$lists = Base::recursiveFiles($dirPath, false); $lists = Base::recursiveFiles($dirPath, false);
$files = []; $files = [];
foreach ($lists as $file) { foreach ($lists as $file) {
@ -432,13 +430,9 @@ class IndexController extends InvokeController
$path = Arr::get($data, 'path'); $path = Arr::get($data, 'path');
$file = public_path($path); $file = public_path($path);
// 防止 ../ 穿越获取到系统文件 // 防止 ../ 穿越获取到系统文件
if (!str_starts_with(realpath($file), public_path())) { abort_if(!str_starts_with(realpath($file), public_path()), 404);
abort(404); // 如果文件不存在,直接返回 404
} abort_if(!file_exists($file), 404);
//
if (!file_exists($file)) {
abort(404);
}
// //
parse_str($data['query'], $query); parse_str($data['query'], $query);
$name = Arr::get($query, 'name'); $name = Arr::get($query, 'name');

9
app/Models/FileContent.php
View File

@ -129,9 +129,7 @@ class FileContent extends AbstractModel
], ],
default => json_decode('{}'), default => json_decode('{}'),
}; };
if ($download) { abort_if($download, 403, "This file is empty.");
abort(403, "This file is empty.");
}
} else { } else {
$path = $content['url']; $path = $content['url'];
if ($file->ext) { if ($file->ext) {
@ -147,11 +145,8 @@ class FileContent extends AbstractModel
} }
if ($download) { if ($download) {
$filePath = public_path($path); $filePath = public_path($path);
if (isset($filePath)) { abort_if(!isset($filePath),403, "This file not support download.");
return Base::DownloadFileResponse($filePath, $name); return Base::DownloadFileResponse($filePath, $name);
} else {
abort(403, "This file not support download.");
}
} }
} }
return Base::retSuccess('success', [ 'content' => $content ]); return Base::retSuccess('success', [ 'content' => $content ]);

5
app/Module/Base.php
View File

@ -1404,11 +1404,8 @@ class Base
*/ */
public static function ajaxError($msg, $data = [], $ret = 0, $abortCode = 404) public static function ajaxError($msg, $data = [], $ret = 0, $abortCode = 404)
{ {
if (Request::header('Content-Type') === 'application/json') { abort_if(Request::header('Content-Type') !== 'application/json', $abortCode, Doo::translate($msg));
return Base::retError($msg, $data, $ret); return Base::retError($msg, $data, $ret);
} else {
abort($abortCode, $msg);
}
} }
/** /**