【修复】访问数据库存储的文件，path 多层级时，无法访问的问题

yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/controller/admin/file/FileController.java

@@ -1,6 +1,7 @@
 package cn.iocoder.yudao.module.infra.controller.admin.file;
 
 import cn.hutool.core.io.IoUtil;
+import cn.hutool.core.util.StrUtil;
 import cn.iocoder.yudao.framework.common.pojo.CommonResult;
 import cn.iocoder.yudao.framework.common.pojo.PageResult;
 import cn.iocoder.yudao.framework.common.util.servlet.ServletUtils;
@@ -13,7 +14,6 @@ import cn.iocoder.yudao.module.infra.dal.dataobject.file.FileDO;
 import cn.iocoder.yudao.module.infra.service.file.FileService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
-import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
@@ -24,6 +24,7 @@ import org.springframework.web.multipart.MultipartFile;
 
 import javax.annotation.Resource;
 import javax.annotation.security.PermitAll;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.validation.Valid;
 
@@ -57,16 +58,20 @@ public class FileController {
         return success(true);
     }
 
-    @GetMapping("/{configId}/get/{path}")
+    @GetMapping("/{configId}/get/**")
     @PermitAll
     @ApiOperation("下载文件")
-    @ApiImplicitParams({
+    @ApiImplicitParam(name = "configId", value = "配置编号",  required = true, dataTypeClass = Long.class)
-            @ApiImplicitParam(name = "configId", value = "配置编号",  required = true, dataTypeClass = Long.class),
+    public void getFileContent(HttpServletRequest request,
-            @ApiImplicitParam(name = "path", value = "文件路径", required = true, dataTypeClass = String.class)
+                               HttpServletResponse response,
-    })
+                               @PathVariable("configId") Long configId) throws Exception {
-    public void getFileContent(HttpServletResponse response,
+        // 获取请求的路径
-                               @PathVariable("configId") Long configId,
+        String path = StrUtil.subAfter(request.getRequestURI(), "/get/", false);
-                               @PathVariable("path") String path) throws Exception {
+        if (StrUtil.isEmpty(path)) {
+            throw new IllegalArgumentException("结尾的 path 路径必须传递");
+        }
+
+        // 读取内容
         byte[] content = fileService.getFileContent(configId, path);
         if (content == null) {
             log.warn("[getFileContent][configId({}) path({}) 文件不存在]", configId, path);

yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java

@@ -36,6 +36,8 @@ public class SecurityConfiguration {
                 // Spring Boot Admin Server 的安全配置
                 registry.antMatchers(adminSeverContextPath).anonymous()
                         .antMatchers(adminSeverContextPath + "/**").anonymous();
+                // 文件读取
+                registry.antMatchers(buildAdminApi("/infra/file/*/get/**")).permitAll();
 
                 // TODO 芋艿：这个每个项目都需要重复配置，得捉摸有没通用的方案
                 // RPC 服务的安全配置