tj

brg-queue-center/app/base/api/api.base.js

@@ -12,7 +12,13 @@ class APIBase {
 
 
     async doexecMethod(gname, methodname, pobj, query, req) {
     async doexecMethod(gname, methodname, pobj, query, req) {
         try {
         try {
+            if (!pobj.actionBody) {
+                pobj.actionBody = {};
+            }
             var result = await this[methodname](pobj, query, req);
             var result = await this[methodname](pobj, query, req);
+            if (!result) {
+                result = system.getResult(null, "请求的方法返回值为空");
+            }
             result.requestId = await this.getBusUid("scz");
             result.requestId = await this.getBusUid("scz");
             if ("LOGS-SYTXPUBLIC-MSGQ" != settings.queuedName) {
             if ("LOGS-SYTXPUBLIC-MSGQ" != settings.queuedName) {
                 pobj.actionBody.resultInfo = result;
                 pobj.actionBody.resultInfo = result;
@@ -22,10 +28,11 @@ class APIBase {
             }
             }
             return result;
             return result;
         } catch (e) {
         } catch (e) {
-            console.log(e.stack, "api.base调用出现异常，请联系管理员..........");
-            var rtnerror = system.getResultFail(-200, "出现异常，error：" + e.stack);
+            var stackStr = e.stack ? e.stack : JSON.stringify(e);
+            console.log(stackStr, "api.base调用出现异常，请联系管理员..........");
+            var rtnerror = system.getResultFail(-200, "出现异常，error：" + stackStr);
             pobj.actionBody.requestId = await this.getBusUid("err");
             pobj.actionBody.requestId = await this.getBusUid("err");
-            pobj.actionBody.errorInfo = e.stack;
+            pobj.actionBody.errorInfo = stackStr;
             pobj.actionBody.opTitle = "，reqPath:" + req.path;
             pobj.actionBody.opTitle = "，reqPath:" + req.path;
             this.esUtils.addEsLogs(settings.queuedName + "apidoexec-error", pobj.actionBody);
             this.esUtils.addEsLogs(settings.queuedName + "apidoexec-error", pobj.actionBody);
             return rtnerror;
             return rtnerror;

brg-queue-center/app/base/api/impl/uploadAction/txCos.js

+var APIBase = require("../../api.base");
+var system = require("../../../system");
+
+class ProducerAPI extends APIBase {
+    constructor() {
+        super();
+        this.utilsTxCosSve = system.getObject("service.utilsSve.utilsTxCosSve");
+    }
+    async getCosInfo(pobj, qobj, req) {
+        var result = await this.utilsTxCosSve.getCosInfo();
+        return result;
+    }
+}
+module.exports = ProducerAPI;
\ No newline at end of file

brg-queue-center/app/base/service/impl/utilsSve/utilsTxCosSve.js

+const system = require("../../../system");
+const AppServiceBase = require("../../app.base");
+const { TXCOSCONFIG } = require("../../../../config/platform");
+const COSSTS = require('qcloud-cos-sts');
+//用户权限操作
+class UtilsTxCosService extends AppServiceBase {
+  constructor() {
+    super();
+    this.configInfoDao = system.getObject("db.opLogs.configInfoDao");
+  }
+  /**
+     * 接口跳转-POST请求
+     * action_type     执行的类型
+     * action_body     执行的参数
+     */
+  async getCosInfo() {
+    var result = null;
+
+    if (TXCOSCONFIG.allowPrefix === '_ALLOW_DIR_/*') {
+      result = system.getResult(null, "请修改 allowPrefix 配置项，指定允许上传的路径前缀");
+      return result;
+    }
+    var configInfoResult = await this.configInfoDao.getList();
+    if (configInfoResult.status != 1) {
+      result = system.getResult(null, "db-configInfo list is empty");
+      return result;
+    }
+    var cosSecretId = configInfoResult.data.filter(f => f.c_key === "cosSecretId");
+    var cosSecretKey = configInfoResult.data.filter(f => f.c_key === "cosSecretKey");
+    var cosBucket = configInfoResult.data.filter(f => f.c_key === "cosBucket");
+    var cosRegion = configInfoResult.data.filter(f => f.c_key === "cosRegion");
+    var cosProxy = configInfoResult.data.filter(f => f.c_key === "cosProxy");
+    if (!cosSecretId || !cosSecretKey || !cosBucket || !cosRegion) {
+      result = system.getResult(null, "db-configInfo,cos info is empty");
+      return result;
+    }
+    // 获取临时密钥
+    var LongBucketName = cosBucket[0].c_value;
+    var ShortBucketName = LongBucketName.substr(0, LongBucketName.lastIndexOf('-'));
+    var AppId = LongBucketName.substr(LongBucketName.lastIndexOf('-') + 1);
+    var policy = {
+      'version': '2.0',
+      'statement': [{
+        'action': TXCOSCONFIG.allowActions,
+        'effect': 'allow',
+        'resource': [
+          'qcs::cos:' + cosRegion[0].c_value + ':uid/' + AppId + ':prefix//' + AppId + '/' + ShortBucketName + '/' + TXCOSCONFIG.allowPrefix,
+        ],
+      }],
+    };
+    var startTime = Math.round(Date.now() / 1000);
+    var getParam = await new Promise(function (resv, rej) {
+      COSSTS.getCredential({
+        secretId: cosSecretId[0].c_value,
+        secretKey: cosSecretKey[0].c_value,
+        proxy: cosProxy ? cosProxy[0].c_value || "" : "",
+        region: cosRegion[0].c_value,
+        durationSeconds: TXCOSCONFIG.durationSeconds,
+        policy: policy,
+      }, function (err, tempKeys) {
+        if (err) {
+          rej(err);
+        } else {
+          resv(tempKeys);
+        }
+      });
+    });
+    result = getParam ? system.getResultSuccess(getParam) : system.getResult(null, "获取cos信息失败");
+    return result;
+  }
+}
+module.exports = UtilsTxCosService;

brg-queue-center/app/config/environment.js

@@ -25,9 +25,10 @@ module.exports = function (app) {
     req.objs = system;
     req.objs = system;
     res.header('Access-Control-Allow-Origin', '*');
     res.header('Access-Control-Allow-Origin', '*');
     res.header('Access-Control-Allow-Headers', 'Content-Type, Content-Length, Authorization, Accept, X-Requested-With , yourHeaderFeild');
     res.header('Access-Control-Allow-Headers', 'Content-Type, Content-Length, Authorization, Accept, X-Requested-With , yourHeaderFeild');
+    //跨域允许的请求方式 
     res.header('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE, OPTIONS');
     res.header('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE, OPTIONS');
-    // res.header('Access-Control-Allow-Credentials', 'true');
-    if (req.method == 'OPTIONS') {
+    res.header('Access-Control-Allow-Credentials', 'true');
+    if (req.method.toLowerCase() == 'options') {
       res.send(200); //让options请求快速返回/
       res.send(200); //让options请求快速返回/
     }
     }
     else {
     else {

brg-queue-center/app/config/platform.js

+module.exports = {
+    TXCOSCONFIG: {
+        durationSeconds: 1800,
+        // 允许操作（上传）的对象前缀，可以根据自己网站的用户登录态判断允许上传的目录，例子： user1/* 或者 * 或者a.jpg
+        // 请注意当使用 * 时，可能存在安全风险，详情请参阅：https://cloud.tencent.com/document/product/436/40265
+        // allowPrefix: '_ALLOW_DIR_/*',
+        allowPrefix: '*',
+        // 密钥的权限列表
+        allowActions: [
+            // 所有 action 请看文档 https://cloud.tencent.com/document/product/436/31923
+            // 简单上传
+            'name/cos:PutObject',
+            'name/cos:PostObject',
+            // 分片上传
+            'name/cos:InitiateMultipartUpload',
+            'name/cos:ListMultipartUploads',
+            'name/cos:ListParts',
+            'name/cos:UploadPart',
+            'name/cos:CompleteMultipartUpload'
+        ],
+    }
+}
\ No newline at end of file

brg-queue-center/app/config/routes/api.js

@@ -4,25 +4,20 @@ module.exports = function (app) {
 	//-----------------------新的模式---------api---------开始
 	//-----------------------新的模式---------api---------开始
 
 
 	app.all("/api/*", async function (req, res, next) {
 	app.all("/api/*", async function (req, res, next) {
+		if (req.path === "/api/uploadAction/txCos/getCosInfo") {
+			next();
+			return;
+		}
 		var result = system.getResult(null, "req method must is post");
 		var result = system.getResult(null, "req method must is post");
 		if (req.method != "POST") {
 		if (req.method != "POST") {
 			res.end(JSON.stringify(result));
 			res.end(JSON.stringify(result));
 			return;
 			return;
 		}
 		}
-		// if (["getAppTokenByHosts", "getAppTokenByAppKey"].indexOf(req.body.actionType) >= 0) {
-		// 	req.body.actionBody.appHosts = req.host;
-		// 	next();
-		// 	return;
-		// }
-		// if (req.path.indexOf("/taskapi/") >= 0) {
-		// 	next();
-		// 	return;
-		// }
 		if (!req.body.actionType) {
 		if (!req.body.actionType) {
 			result.msg = "actionType can not be empty";
 			result.msg = "actionType can not be empty";
 			res.end(JSON.stringify(result));
 			res.end(JSON.stringify(result));
 			return;
 			return;
-		}		
+		}
 		next();
 		next();
 	});
 	});
 
 
@@ -33,7 +28,7 @@ module.exports = function (app) {
 
 
 		classPath = gname + "." + classPath;
 		classPath = gname + "." + classPath;
 		var tClientIp = system.get_client_ip(req);
 		var tClientIp = system.get_client_ip(req);
-		req.clientIp = tClientIp; 
+		req.clientIp = tClientIp;
 		req.uagent = req.headers["user-agent"];
 		req.uagent = req.headers["user-agent"];
 		req.classname = classPath;
 		req.classname = classPath;
 
 

brg-queue-center/package.json

@@ -44,6 +44,7 @@
     "nodemailer": "^6.3.0",
     "nodemailer": "^6.3.0",
     "pinyin": "^2.9.0",
     "pinyin": "^2.9.0",
     "puppeteer": "^1.20.0",
     "puppeteer": "^1.20.0",
+    "qcloud-cos-sts": "^3.0.2",
     "qr-image": "^3.2.0",
     "qr-image": "^3.2.0",
     "sequelize": "^4.37.8",
     "sequelize": "^4.37.8",
     "sequelize-cli": "^4.1.1",
     "sequelize-cli": "^4.1.1",