什么是网站建设中的目录,南京振高建设有限公司官方网站,wordpress 开启伪静态,长沙人才招聘网官网网址前言 最近公司的私有 Oss 服务满了#xff0c;且 Oss 地址需要设置权限#xff0c;只有当前系统的登录用户才能访问 Oss 下载地址。一开始想着用 Nginx 做个转发来着#xff0c;Nginx 每当检测当前请求包含特定的 Oss 地址就转发到我们的统一鉴权接口上去#xff0c;但是紧…前言 最近公司的私有 Oss 服务满了且 Oss 地址需要设置权限只有当前系统的登录用户才能访问 Oss 下载地址。一开始想着用 Nginx 做个转发来着Nginx 每当检测当前请求包含特定的 Oss 地址就转发到我们的统一鉴权接口上去但是紧接着又细想了一下转发后的地址被恶意分享出去了不也还是存在文件泄露的风险吗于是又去翻阅了一下阿里云的 Oss 权限相关的文档。借此整合一些常用的方法机械代码自留也是分享给大家 完整代码
里面整合了文件的增、删、修改权限、获取签名等方法各位替换成各自的 ak、sk 即可
package com.queyi.qykgjx.util;import com.aliyun.oss.*;
import com.aliyun.oss.internal.OSSHeaders;
import com.aliyun.oss.model.*;
import org.apache.http.ParseException;
import org.springframework.web.multipart.MultipartFile;import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;public class OssUtilCsdn {private final static String ENDPOINT 端点;private final static String ACCESS_KEY_ID ak;private final static String ACCESS_KEY_SECRET sk;private final static String BUCKET_NAME 容器名;private static String HTTPS_URL_PREFIX ENDPOINT.replace(https://, (https:// BUCKET_NAME .));private final static String FILE_CATALOG 文件上传目录;public static void cpoy(String sourceKey, String dstKey, Boolean deleteSourceFile) {OSS ossClient new OSSClientBuilder().build(ENDPOINT, ACCESS_KEY_ID, ACCESS_KEY_SECRET);CopyObjectRequest copyObjectRequest new CopyObjectRequest(BUCKET_NAME, sourceKey, BUCKET_NAME, dstKey);ObjectMetadata objectMetadata new ObjectMetadata();objectMetadata.setObjectAcl(CannedAccessControlList.Private);copyObjectRequest.setNewObjectMetadata(objectMetadata);ossClient.copyObject(copyObjectRequest);//删除被拷贝的文件if (deleteSourceFile) ossClient.deleteObject(BUCKET_NAME, sourceKey);ossClient.shutdown();}public static void setAcl(String bucketName, String url, Boolean privateAcl) {ClientBuilderConfiguration config new ClientBuilderConfiguration();config.setSupportCname(false);OSS ossClient new OSSClientBuilder().build(ENDPOINT, ACCESS_KEY_ID, ACCESS_KEY_SECRET);try {ossClient.setObjectAcl(bucketName null ? BUCKET_NAME : bucketName,getObjectNameByFullUrl(url),privateAcl ? CannedAccessControlList.Private : CannedAccessControlList.PublicRead);} catch (OSSException oe) {oe.printStackTrace();} catch (ClientException ce) {ce.printStackTrace();} finally {if (ossClient ! null) {ossClient.shutdown();}}}/*** param bucketName 容器名称* param file 待上传的文件* param acl 文件权限*/public static String upload(String bucketName, MultipartFile file, String acl) throws IOException {OSS ossClient new OSSClientBuilder().build(ENDPOINT, ACCESS_KEY_ID, ACCESS_KEY_SECRET);if (null bucketName || bucketName.length() 0) bucketName BUCKET_NAME;InputStream inputStream file.getInputStream();String filename file.getOriginalFilename();String[] split filename.split(\\.);filename new Date().getTime() . split[split.length - 1];String s FILE_CATALOG / filename.replaceAll(/, );PutObjectRequest o new PutObjectRequest(bucketName, s, inputStream);ObjectMetadata metadata new ObjectMetadata();metadata.setHeader(OSSHeaders.OSS_STORAGE_CLASS, StorageClass.Standard.toString());if (private.equals(acl)) metadata.setObjectAcl(CannedAccessControlList.Private);else if (public.equals(acl)) metadata.setObjectAcl(CannedAccessControlList.PublicRead);else metadata.setObjectAcl(CannedAccessControlList.Private);o.setMetadata(metadata);ossClient.putObject(o);ossClient.shutdown();inputStream.close();return HTTPS_URL_PREFIX / s;}/*** 获取签名*/public static String getSign(String key, int timeOut) throws ParseException {ClientBuilderConfiguration config new ClientBuilderConfiguration();config.setSupportCname(false);Date expiration new Date(new Date().getTime() timeOut * 1000L);OSS ossClient new OSSClientBuilder().build(ENDPOINT, ACCESS_KEY_ID, ACCESS_KEY_SECRET, config);URL url ossClient.generatePresignedUrl(BUCKET_NAME, key, expiration);return url.toString().split(\\?)[1];}public static String getAclPath(String url, int timeOut) throws ParseException {ClientBuilderConfiguration config new ClientBuilderConfiguration();config.setSupportCname(false);Date expiration new Date(new Date().getTime() timeOut * 1000L);OSS ossClient new OSSClientBuilder().build(ENDPOINT, ACCESS_KEY_ID, ACCESS_KEY_SECRET, config);return ossClient.generatePresignedUrl(BUCKET_NAME, getObjectNameByFullUrl(url), expiration).toString();}public static String getObjectNameByFullUrl(String url) {if (!url.contains(FILE_CATALOG)) return null;/*** a/a.pdf*/return FILE_CATALOG url.split(FILE_CATALOG)[1];}/*** 删*/public static ListString deleteObject(String bucketName, ListString keys) {ArrayListString newKeys new ArrayList();keys.stream().forEach(key - {newKeys.add(key.replace(HTTPS_URL_PREFIX /, ));});OSS ossClient new OSSClientBuilder().build(ENDPOINT, ACCESS_KEY_ID, ACCESS_KEY_SECRET);DeleteObjectsResult deleteObjectsResult ossClient.deleteObjects(new DeleteObjectsRequest(bucketName null ? BUCKET_NAME : bucketName).withKeys(newKeys));ListString deletedObjects deleteObjectsResult.getDeletedObjects();ossClient.shutdown();return deletedObjects;}}整合接口 PostMapping(csdnUpFile)public Result csdnUpFile(RequestParam(file) MultipartFile multipartFile, RequestParam(acl) String perm) throws IOException {HashMapString, String map new HashMap();map.put(fileName, multipartFile.getOriginalFilename());map.put(fileUrl, OssUtil.zzhUpload(null, multipartFile, perm));return Result.success(map);}PostMapping(csdnSetAcl)public Result csdnSetAcl(RequestParam(filePath) String filePath) throws IOException {OssUtil.setAcl(null, filePath, true);return Result.success(ok);}PostMapping(csdnGetAclPath)public Result csdnGetAclPath(RequestParam(filePath) String url) throws IOException {return Result.success(OssUtil.getAclPath(url, 60));}PostMapping(csdnDeleteFile)public Result csdnDeleteDile(RequestBody ListString urls) throws IOException {return Result.success(OssUtil.deleteObject(null, urls));}测试
上传文件设置成公共读 文件正常访问 将全路径地址作为参数掉修改权限接口 再次访问此地址提示无权限 加上签名访问文件可以正常访问
其他方法不做一一测试了删除文件也是传上传接口返回的全路径即可可直接删除文件。其他操作看下阿里的Oss 文档即可机械代码不做过多描述
