good version for web
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
"""数据管理路由,提供输入数据、输出结果和元数据的管理功能"""
|
||||
|
||||
from fastapi import APIRouter, HTTPException, status, Depends, UploadFile, File
|
||||
from fastapi import APIRouter, HTTPException, status, Depends, UploadFile, File, Form
|
||||
from typing import List, Dict, Any, Optional
|
||||
from pydantic import BaseModel
|
||||
from sqlalchemy.orm import Session
|
||||
@@ -8,7 +8,7 @@ import json
|
||||
|
||||
from app.services.data_manager import data_manager
|
||||
from app.models.database import get_db
|
||||
from app.dependencies import get_current_active_user
|
||||
from app.dependencies import get_current_active_user, get_current_active_user_optional
|
||||
|
||||
router = APIRouter(prefix="/data", tags=["data-management"])
|
||||
|
||||
@@ -176,19 +176,18 @@ async def get_user_outputs(
|
||||
@router.post("/media/upload")
|
||||
async def upload_media_file(
|
||||
file: UploadFile = File(...),
|
||||
algorithm_id: str = None,
|
||||
current_user: dict = Depends(get_current_active_user)
|
||||
algorithm_id: str = Form(...)
|
||||
):
|
||||
"""上传媒体文件(如图片、视频等)"""
|
||||
"""上传媒体文件(如图片、视频等)- 公开API,不需要认证"""
|
||||
if not algorithm_id:
|
||||
raise HTTPException(status_code=400, detail="algorithm_id is required")
|
||||
|
||||
# 读取文件内容
|
||||
file_content = await file.read()
|
||||
|
||||
# 保存到数据管理器
|
||||
# 保存到数据管理器(使用匿名用户)
|
||||
file_path = data_manager.save_media_file(
|
||||
user_id=current_user.get("id"),
|
||||
user_id="anonymous",
|
||||
algorithm_id=algorithm_id,
|
||||
file_content=file_content,
|
||||
file_name=file.filename
|
||||
@@ -209,10 +208,28 @@ async def upload_media_file(
|
||||
@router.get("/media/{file_path:path}")
|
||||
async def get_media_file(
|
||||
file_path: str,
|
||||
current_user: dict = Depends(get_current_active_user)
|
||||
current_user: Optional[dict] = Depends(get_current_active_user_optional)
|
||||
):
|
||||
"""获取媒体文件"""
|
||||
# 检查用户权限 - 确保用户只能访问自己的文件或公共文件
|
||||
# results 目录下的文件公开访问
|
||||
if file_path.startswith("results/"):
|
||||
content = data_manager.get_media_file(file_path)
|
||||
if content:
|
||||
# 从完整路径中提取文件名来获取正确的MIME类型
|
||||
import mimetypes
|
||||
filename = file_path.split('/')[-1]
|
||||
content_type, _ = mimetypes.guess_type(filename)
|
||||
if content_type is None:
|
||||
content_type = "application/octet-stream"
|
||||
|
||||
from fastapi.responses import Response
|
||||
return Response(content=content, media_type=content_type)
|
||||
else:
|
||||
raise HTTPException(status_code=404, detail="Media file not found")
|
||||
|
||||
# 其他文件需要用户权限
|
||||
if current_user is None:
|
||||
raise HTTPException(status_code=401, detail="Not authenticated")
|
||||
if current_user.get("role") != "admin" and not file_path.startswith(f"media/{current_user.get('id')}/"):
|
||||
raise HTTPException(status_code=403, detail="Insufficient permissions")
|
||||
|
||||
|
||||
Reference in New Issue
Block a user