From 9e2ea2de62816faba673c16b53a9fc59b6873238 Mon Sep 17 00:00:00 2001 From: xupei Date: Wed, 27 Aug 2025 17:40:05 +0800 Subject: [PATCH] =?UTF-8?q?TASK:=E5=AF=BC=E5=87=BA=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E6=97=B6=E6=B7=BB=E5=8A=A0=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../da/service/impl/AccountServiceImpl.java | 75 ++++++++----------- 1 file changed, 30 insertions(+), 45 deletions(-) diff --git a/src/main/java/com/ai/da/service/impl/AccountServiceImpl.java b/src/main/java/com/ai/da/service/impl/AccountServiceImpl.java index 04ea7b7f..4b1a0e1d 100644 --- a/src/main/java/com/ai/da/service/impl/AccountServiceImpl.java +++ b/src/main/java/com/ai/da/service/impl/AccountServiceImpl.java @@ -51,6 +51,7 @@ import org.springframework.web.client.RestTemplate; import org.springframework.web.multipart.MultipartFile; import javax.annotation.Resource; +import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; @@ -2489,6 +2490,9 @@ public class AccountServiceImpl extends ServiceImpl impl private Boolean updateSubAccount(AddSubAccountDTO addSubAccountDTO, Account adminAcc, int subUserRole) { Account exAccountInfo = baseMapper.selectById(addSubAccountDTO.getId()); + if (!exAccountInfo.getParentId().equals(adminAcc.getId())){ + throw new BusinessException("Access denied. Insufficient permissions."); + } // 校验用户名是否同名 if (!StringUtil.isNullOrEmpty(addSubAccountDTO.getUserName()) @@ -3348,85 +3352,66 @@ public class AccountServiceImpl extends ServiceImpl impl @Override public void exportAccountsToExcel(HttpServletResponse response) { - Workbook workbook = null; - try { - // 1. 查询数据 - Account adminAcc = baseMapper.selectById(UserContext.getUserHolder().getId()); - int subUserRole = getSubUserRole(adminAcc.getSystemUser()); + // 1. 查询数据 + Account adminAcc = baseMapper.selectById(UserContext.getUserHolder().getId()); + int subUserRole = getSubUserRole(adminAcc.getSystemUser()); - List accounts = accountMapper.selectList(new QueryWrapper() - .eq("organization_name", adminAcc.getOrganizationName()) - .eq("system_user", subUserRole ) - .select("user_name", "user_email", "user_password", "credits_usage_limit")); + List accounts = accountMapper.selectList(new QueryWrapper() + .eq("organization_name", adminAcc.getOrganizationName()) + .eq("system_user", subUserRole) + .select("user_name", "user_email", "user_password", "credits_usage_limit")); - // 2. 创建Excel工作簿 - workbook = new XSSFWorkbook(); + String fileName = "subAccount_export.xlsx"; + + // 2. 创建Excel工作簿 + try (Workbook workbook = new XSSFWorkbook()) { Sheet sheet = workbook.createSheet("subAccounts"); - // 3. 创建标题行 + // 3. 标题行 Row headerRow = sheet.createRow(0); String[] headers = {"name", "email", "password", "creditsUsageLimit"}; - // 设置标题样式 CellStyle headerStyle = workbook.createCellStyle(); Font headerFont = workbook.createFont(); headerFont.setBold(true); headerStyle.setFont(headerFont); - // 写入标题 for (int i = 0; i < headers.length; i++) { Cell cell = headerRow.createCell(i); cell.setCellValue(headers[i]); cell.setCellStyle(headerStyle); } - // 4. 写入数据 + // 4. 数据 int rowNum = 1; for (Account account : accounts) { Row row = sheet.createRow(rowNum++); row.createCell(0).setCellValue(account.getUserName() != null ? account.getUserName() : ""); row.createCell(1).setCellValue(account.getUserEmail() != null ? account.getUserEmail() : ""); row.createCell(2).setCellValue(account.getUserPassword() != null ? account.getUserPassword() : ""); - - // 更安全的数据类型处理 - if (account.getCreditsUsageLimit() != null) { - row.createCell(3).setCellValue(String.valueOf(account.getCreditsUsageLimit())); - } else { - row.createCell(3).setCellValue(""); // 空字符串 - } + row.createCell(3).setCellValue(account.getCreditsUsageLimit() != null + ? String.valueOf(account.getCreditsUsageLimit()) + : ""); } - // 5. 自动调整列宽 for (int i = 0; i < headers.length; i++) { sheet.autoSizeColumn(i); } - // 6. 重置响应(重要!) + // 5. 设置响应头 response.reset(); response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"); - response.setCharacterEncoding("UTF-8"); + response.setHeader("Content-Disposition", "attachment;filename=" + fileName); +// response.setHeader("Access-Control-Allow-Origin", "http://localhost:3000"); - // 设置文件名(处理特殊字符) - String fileName = "subAccount_export.xlsx"; - String encodedFileName = URLEncoder.encode(fileName, "UTF-8").replace("+", "%20"); - response.setHeader("Content-Disposition", "attachment; filename*=UTF-8''" + encodedFileName); - - // 7. 写入响应流 - OutputStream outputStream = response.getOutputStream(); - workbook.write(outputStream); - outputStream.flush(); - } catch (IOException e) { - log.error(e.getMessage()); // 记录异常信息 - throw new BusinessException("导出文件失败"); - } finally { - // 确保资源关闭 - if (workbook != null) { - try { - workbook.close(); - } catch (IOException e) { - log.error(e.getMessage()); // 记录异常信息 - } + // 6. 输出流写入 + try (ServletOutputStream outputStream = response.getOutputStream()) { + workbook.write(outputStream); + outputStream.flush(); } + } catch (IOException e) { + log.error("导出Excel失败", e); + throw new BusinessException("导出文件失败"); } }