局域网内才可执行删除文件的操作

src/main/java/com/uas/report/controller/PrintController.java

@@ -68,7 +68,7 @@ public class PrintController {
 	 * @param request
 	 * @param response
 	 */
-	@RequestMapping("")
+	@RequestMapping()
 	public void print(String userName, String profile, String reportName, String whereCondition, String otherParameters,
 			String printType, HttpServletRequest request, HttpServletResponse response) {
 		// printType为空，默认进入预览页

src/main/java/com/uas/report/controller/filter/FileDeleteFilter.java

@@ -0,0 +1,55 @@
+package com.uas.report.controller.filter;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import com.alibaba.fastjson.JSONObject;
+import com.uas.report.core.advice.ExceptionHandlerAdvice;
+import com.uas.report.core.exception.ReportException;
+import com.uas.report.util.IpHelper;
+
+/**
+ * 对文件删除进行过滤
+ * 
+ * @author sunyj
+ * @since 2016年12月13日 下午4:46:03
+ */
+public class FileDeleteFilter implements Filter {
+
+	public static final String PARAM_NAME_USERNAME = "userNsame";
+	public static final String PARAM_NAME_PASSWORD = "password";
+
+	private FilterConfig filterConfig;
+
+	@Override
+	public void init(FilterConfig filterConfig) throws ServletException {
+		this.filterConfig = filterConfig;
+	}
+
+	@Override
+	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+			throws IOException, ServletException {
+		HttpServletRequest httpRequest = (HttpServletRequest) request;
+		HttpServletResponse httpResponse = (HttpServletResponse) response;
+		// 局域网内才允许执行
+		if (!IpHelper.isLAN(IpHelper.getIp(httpRequest))) {
+			ExceptionHandlerAdvice.handleError(httpResponse, HttpServletResponse.SC_FORBIDDEN, "没有权限");
+		} else {
+			chain.doFilter(httpRequest, response);
+		}
+	}
+
+	@Override
+	public void destroy() {
+
+	}
+
+}

src/main/java/com/uas/report/core/advice/ExceptionHandlerAdvice.java

@@ -2,8 +2,11 @@
  */
 package com.uas.report.core.advice;
 
+import java.io.IOException;
 import java.sql.SQLRecoverableException;
 
+import javax.servlet.http.HttpServletResponse;
+
 import org.apache.log4j.Logger;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
@@ -13,6 +16,7 @@ import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 
+import com.alibaba.fastjson.JSONObject;
 import com.uas.report.core.exception.ReportException;
 
 /**
@@ -110,4 +114,20 @@ public class ExceptionHandlerAdvice {
 		return new ResponseEntity<ModelMap>(map, headers, HttpStatus.BAD_REQUEST);
 	}
 
+	/**
+	 * 处理错误
+	 * 
+	 * @param response
+	 * @param status
+	 * @param message
+	 * @throws IOException
+	 */
+	public static void handleError(HttpServletResponse response, Integer status, String message) throws IOException {
+		response.setStatus(status);
+		JSONObject jsonObject = new JSONObject();
+		jsonObject.put("success", false);
+		jsonObject.put("message", message);
+		response.getWriter().println(jsonObject);
+	}
+
 }

src/main/java/com/uas/report/support/StartupProcessor.java

@@ -6,6 +6,12 @@ import org.springframework.context.event.ContextRefreshedEvent;
 
 import com.uas.report.service.FileService;
 
+/**
+ * 容器启动时需执行的任务
+ * 
+ * @author sunyj
+ * @since 2016年12月13日 下午3:12:48
+ */
 public class StartupProcessor implements ApplicationListener<ContextRefreshedEvent> {
 
 	@Autowired

src/main/java/com/uas/report/util/IpHelper.java

@@ -1,5 +1,7 @@
 package com.uas.report.util;
 
+import java.util.regex.Pattern;
+
 import javax.servlet.http.HttpServletRequest;
 
 /**
@@ -41,4 +43,14 @@ public class IpHelper {
 		return ipAddress;
 	}
 
+	/**
+	 * 判断指定的ip地址是否在局域网内
+	 * 
+	 * @param ipAddress
+	 * @return
+	 */
+	public static boolean isLAN(String ipAddress) {
+		return Pattern.matches("^((192.168.)|(10.)|(172.16)|(127.0))+[0-9.]+$", ipAddress);
+	}
+
 }

src/main/resources/spring/applicationContext.xml

@@ -23,6 +23,8 @@
 	<!-- jasperserver rest_v2 api 相关参数注入 -->
 	<util:properties id="js_rest_api"
 		location="classpath:spring/js-rest-api.properties" />
+		<!-- 容器启动后执行 -->
+	<bean class="com.uas.report.support.StartupProcessor"></bean>
 
 	<!-- 扫描注解 -->
 	<context:annotation-config />

src/main/webapp/WEB-INF/web.xml

@@ -54,6 +54,7 @@
 		<filter-name>HttpMethodFilter</filter-name>
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>
+
 	<filter>
 		<filter-name>DruidWebStatFilter</filter-name>
 		<filter-class>com.alibaba.druid.support.http.WebStatFilter</filter-class>
@@ -67,6 +68,24 @@
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>
 
+	<!-- 文件删除过滤 -->
+	<filter>
+		<filter-name>FileDeleteFilter</filter-name>
+		<filter-class>com.uas.report.controller.filter.FileDeleteFilter</filter-class>
+		<init-param>
+			<param-name>userName</param-name>
+			<param-value>admin</param-value>
+		</init-param>
+		<init-param>
+			<param-name>password</param-name>
+			<param-value>select123***</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>FileDeleteFilter</filter-name>
+		<url-pattern>/file/delete</url-pattern>
+	</filter-mapping>
+
 	<!-- Handles Spring requests -->
 	<servlet>
 		<servlet-name>spring-mvc-dispatcher</servlet-name>

src/main/webapp/resources/js/files/app.js

@@ -220,7 +220,11 @@ function deleteFile(path, listItemDiv) {
 			spinner = hideLoading(spinner);
 		},
 		error : function(XMLHttpRequest) {
-			showErrorMessageByXMLHttpRequest(XMLHttpRequest);
+			if (XMLHttpRequest.status == 403) {
+				alert(JSON.parse(XMLHttpRequest.responseText).message);
+			} else {
+				showErrorMessageByXMLHttpRequest(XMLHttpRequest);
+			}
 			spinner = hideLoading(spinner);
 		}
 	});