|
@@ -142,8 +142,8 @@ public class FileController {
|
|
|
public void downLoad(HttpServletResponse response, @RequestParam @PathParam(value = "path") String path) throws Exception {
|
|
|
AdminUserDetails userDetails = (AdminUserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
|
|
boolean access = AuthUtil.checkAccess(userDetails, AuthUtil.ACCESS);
|
|
|
- if (path.startsWith(String.valueOf(UploadConfig.AUTH_STR))&&!access) return;
|
|
|
File file = new File(path);
|
|
|
+ if (file.getName().startsWith(String.valueOf(UploadConfig.AUTH_STR))&&!access) return;
|
|
|
if (file.exists()) { //判断文件父目录是否存在
|
|
|
String fileName = file.getName();
|
|
|
response.setContentType("application/form-data");
|