From f6c06bd7ad09001f7aeb2e897c2af8eb9458ebcd Mon Sep 17 00:00:00 2001 From: laoboli <1293528695@qq.com> Date: Tue, 28 Apr 2026 19:38:02 +0800 Subject: [PATCH] feat: file upload and download --- controllers/ai.go | 57 ++++- controllers/lesson_plan.go | 354 +++++++++++++++++++++++++++ controllers/response.go | 17 ++ main.go | 3 + middleware/lesson_plan_permission.go | 52 ++++ models/app_file.go | 28 +++ routes/routes.go | 9 + 7 files changed, 512 insertions(+), 8 deletions(-) create mode 100644 controllers/lesson_plan.go create mode 100644 controllers/response.go create mode 100644 middleware/lesson_plan_permission.go create mode 100644 models/app_file.go diff --git a/controllers/ai.go b/controllers/ai.go index 4d098df..71f3c36 100644 --- a/controllers/ai.go +++ b/controllers/ai.go @@ -4,10 +4,12 @@ package controllers import ( "context" // 在此处添加 context 导入 + "errors" "fmt" "github.com/gin-gonic/gin" "github.com/sashabaranov/go-openai" "hr_receiver/config" + "hr_receiver/models" "hr_receiver/util" "io" "io/ioutil" @@ -15,6 +17,9 @@ import ( "mime/multipart" "net/http" "os" + "strings" + + "gorm.io/gorm" ) const ( @@ -57,6 +62,14 @@ func readDocxContent(fileHeader *multipart.FileHeader) (string, error) { return str, nil } +func readDocxContentFromPath(filePath string) (string, error) { + str, err := util.DocxToStructuredPrompt(filePath) + if err != nil { + return "", fmt.Errorf("failed to parse docx with go-docx: %w", err) + } + return str, nil +} + // readCSVContent 读取 .csv 文件内容 // 修改为先保存临时文件再读取 func readCSVContent(fileHeader *multipart.FileHeader) (string, error) { @@ -246,16 +259,19 @@ func (tc *TrainingController) AnalyzeByAI(c *gin.Context) { } // 2. 获取文件列表 - docxFiles := form.File["teaching_plan"] // 假设前端字段名为 'teaching_plan' csvFiles := form.File["heart_rate_data"] // 假设前端字段名为 'heart_rate_data' stepFiles := form.File["step_data"] analysisType := c.PostForm("analysis_type") + teachingPlanSource := c.PostForm("teaching_plan_source") if analysisType == "" { analysisType = analysisTypeHeartRateOnly } + if teachingPlanSource == "" { + teachingPlanSource = "upload" + } - if len(docxFiles) == 0 || len(csvFiles) == 0 { - c.JSON(http.StatusBadRequest, gin.H{"error": "Missing required files: teaching_plan (.docx) or heart_rate_data (.csv)"}) + if len(csvFiles) == 0 { + c.JSON(http.StatusBadRequest, gin.H{"error": "Missing required file: heart_rate_data (.csv)"}) return } if analysisType == analysisTypeHeartRateWithSteps && len(stepFiles) == 0 { @@ -265,13 +281,15 @@ func (tc *TrainingController) AnalyzeByAI(c *gin.Context) { // 3. 读取文件内容 // 注意:这里我们只取第一个上传的文件 - teachingPlanFileHeader := docxFiles[0] heartRateFileHeader := csvFiles[0] - - teachingPlanContent, err := readDocxContent(teachingPlanFileHeader) + teachingPlanContent, err := resolveTeachingPlanContent(c, form, teachingPlanSource) if err != nil { - log.Printf("Error reading teaching plan file (%s): %v", teachingPlanFileHeader.Filename, err) - c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("Failed to process teaching plan file: %v", err)}) + log.Printf("Error resolving teaching plan: %v", err) + if errors.Is(err, gorm.ErrRecordNotFound) { + c.JSON(http.StatusNotFound, gin.H{"error": "Cloud teaching plan file not found"}) + return + } + c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) return } @@ -314,3 +332,26 @@ func (tc *TrainingController) AnalyzeByAI(c *gin.Context) { }) } + +func resolveTeachingPlanContent(c *gin.Context, form *multipart.Form, source string) (string, error) { + switch strings.ToLower(strings.TrimSpace(source)) { + case "upload": + docxFiles := form.File["teaching_plan"] + if len(docxFiles) == 0 { + return "", fmt.Errorf("Missing required file: teaching_plan (.docx)") + } + return readDocxContent(docxFiles[0]) + case "cloud": + lessonPlanID := c.PostForm("lesson_plan_id") + if strings.TrimSpace(lessonPlanID) == "" { + return "", fmt.Errorf("missing required field: lesson_plan_id") + } + var fileRecord models.AppFile + if err := config.DB.Where("id = ? AND file_type = ?", lessonPlanID, models.AppFileTypeLessonPlan).First(&fileRecord).Error; err != nil { + return "", err + } + return readDocxContentFromPath(fileRecord.FilePath) + default: + return "", fmt.Errorf("invalid teaching_plan_source, expected upload or cloud") + } +} diff --git a/controllers/lesson_plan.go b/controllers/lesson_plan.go new file mode 100644 index 0000000..c45d2f9 --- /dev/null +++ b/controllers/lesson_plan.go @@ -0,0 +1,354 @@ +package controllers + +import ( + "crypto/md5" + "encoding/hex" + "errors" + "fmt" + "hr_receiver/config" + "hr_receiver/models" + "io" + "mime/multipart" + "net/http" + "os" + "path/filepath" + "strings" + "time" + + "github.com/gin-gonic/gin" + "gorm.io/gorm" +) + +const ( + lessonPlanMaxSize = 10 * 1024 * 1024 + lessonPlanStorageDir = "storage/lesson_plans" + lessonPlanFieldName = "file" + lessonPlanCleanupDays = 30 +) + +type LessonPlanController struct { + DB *gorm.DB +} + +type lessonPlanPaginationParams struct { + PageNum int `form:"pageNum,default=1"` + PageSize int `form:"pageSize,default=10"` +} + +func NewLessonPlanController() *LessonPlanController { + return &LessonPlanController{DB: config.DB} +} + +func (lc *LessonPlanController) Upload(c *gin.Context) { + fileHeader, err := c.FormFile(lessonPlanFieldName) + if err != nil { + writeError(c, http.StatusBadRequest, "missing file") + return + } + if err := validateLessonPlanFileHeader(fileHeader); err != nil { + writeError(c, http.StatusBadRequest, err.Error()) + return + } + + uploaderID, uploaderName, ok := currentUser(c) + if !ok { + writeError(c, http.StatusUnauthorized, "invalid user context") + return + } + + src, err := fileHeader.Open() + if err != nil { + writeError(c, http.StatusInternalServerError, "failed to open upload") + return + } + defer src.Close() + + if err := os.MkdirAll(lessonPlanStorageDir, 0o755); err != nil { + writeError(c, http.StatusInternalServerError, "failed to initialize storage") + return + } + + tempFile, err := os.CreateTemp(lessonPlanStorageDir, "upload-*.docx") + if err != nil { + writeError(c, http.StatusInternalServerError, "failed to create temp file") + return + } + tempPath := tempFile.Name() + defer func() { + _ = tempFile.Close() + if _, statErr := os.Stat(tempPath); statErr == nil { + _ = os.Remove(tempPath) + } + }() + + hasher := md5.New() + size, err := io.Copy(io.MultiWriter(tempFile, hasher), src) + if err != nil { + writeError(c, http.StatusInternalServerError, "failed to save upload") + return + } + if size > lessonPlanMaxSize { + writeError(c, http.StatusBadRequest, "file exceeds 10MB limit") + return + } + + md5Value := hex.EncodeToString(hasher.Sum(nil)) + var existing models.AppFile + if err := lc.DB.Where("md5 = ? AND file_type = ?", md5Value, models.AppFileTypeLessonPlan).First(&existing).Error; err == nil { + writeSuccess(c, http.StatusConflict, "duplicate file", existing) + return + } else if !errors.Is(err, gorm.ErrRecordNotFound) { + writeError(c, http.StatusInternalServerError, "failed to check duplicate file") + return + } + + storedFilename := buildStoredLessonPlanFilename(md5Value, fileHeader.Filename) + finalPath := filepath.Join(lessonPlanStorageDir, storedFilename) + if err := os.Rename(tempPath, finalPath); err != nil { + writeError(c, http.StatusInternalServerError, "failed to finalize upload") + return + } + + record := models.AppFile{ + FileType: models.AppFileTypeLessonPlan, + OriginalFilename: fileHeader.Filename, + StoredFilename: storedFilename, + FilePath: finalPath, + ContentType: normalizeLessonPlanContentType(fileHeader.Header.Get("Content-Type")), + FileSize: size, + MD5: md5Value, + UploaderID: uploaderID, + UploaderName: uploaderName, + } + + if err := lc.DB.Create(&record).Error; err != nil { + _ = os.Remove(finalPath) + writeError(c, http.StatusInternalServerError, "failed to persist file metadata") + return + } + + writeSuccess(c, http.StatusCreated, "upload success", record) +} + +func (lc *LessonPlanController) List(c *gin.Context) { + var records []models.AppFile + if err := lc.DB.Where("file_type = ?", models.AppFileTypeLessonPlan).Order("created_at DESC").Find(&records).Error; err != nil { + writeError(c, http.StatusInternalServerError, "failed to list lesson plans") + return + } + writeSuccess(c, http.StatusOK, "query success", records) +} + +func (lc *LessonPlanController) Page(c *gin.Context) { + var params lessonPlanPaginationParams + if err := c.ShouldBindQuery(¶ms); err != nil { + writeError(c, http.StatusBadRequest, err.Error()) + return + } + if params.PageNum < 1 { + params.PageNum = 1 + } + if params.PageSize < 1 || params.PageSize > 100 { + params.PageSize = 10 + } + offset := (params.PageNum - 1) * params.PageSize + + var total int64 + var records []models.AppFile + query := lc.DB.Model(&models.AppFile{}).Where("file_type = ?", models.AppFileTypeLessonPlan) + if err := query.Count(&total).Error; err != nil { + writeError(c, http.StatusInternalServerError, "failed to count lesson plans") + return + } + if err := query.Order("created_at DESC").Offset(offset).Limit(params.PageSize).Find(&records).Error; err != nil { + writeError(c, http.StatusInternalServerError, "failed to query lesson plans") + return + } + + writeSuccess(c, http.StatusOK, "query success", gin.H{ + "list": records, + "pagination": gin.H{ + "currentPage": params.PageNum, + "pageSize": params.PageSize, + "totalList": total, + "totalPage": int((total + int64(params.PageSize) - 1) / int64(params.PageSize)), + }, + }) +} + +func (lc *LessonPlanController) Download(c *gin.Context) { + record, err := lc.findLessonPlan(c.Param("id")) + if err != nil { + respondLessonPlanLookupError(c, err) + return + } + + userID, _, ok := currentUser(c) + if !ok { + writeError(c, http.StatusUnauthorized, "invalid user context") + return + } + role := currentUserRole(c) + if !canAccessLessonPlan(record, userID, role) { + writeError(c, http.StatusForbidden, "permission denied") + return + } + + now := time.Now().UnixMilli() + if err := lc.DB.Model(&models.AppFile{}). + Where("id = ?", record.ID). + Updates(map[string]interface{}{ + "download_count": gorm.Expr("download_count + 1"), + "last_download_at": now, + }).Error; err != nil { + writeError(c, http.StatusInternalServerError, "failed to update download stats") + return + } + + c.FileAttachment(record.FilePath, record.OriginalFilename) +} + +func (lc *LessonPlanController) Delete(c *gin.Context) { + record, err := lc.findLessonPlan(c.Param("id")) + if err != nil { + respondLessonPlanLookupError(c, err) + return + } + + userID, _, ok := currentUser(c) + if !ok { + writeError(c, http.StatusUnauthorized, "invalid user context") + return + } + role := currentUserRole(c) + if !canAccessLessonPlan(record, userID, role) { + writeError(c, http.StatusForbidden, "permission denied") + return + } + + if err := deleteLessonPlanRecord(lc.DB, &record); err != nil { + writeError(c, http.StatusInternalServerError, err.Error()) + return + } + + writeSuccess(c, http.StatusOK, "delete success", nil) +} + +func (lc *LessonPlanController) CleanupExpiredFiles() error { + cutoffMillis := time.Now().AddDate(0, 0, -lessonPlanCleanupDays).UnixMilli() + cutoffTime := time.Now().AddDate(0, 0, -lessonPlanCleanupDays) + var records []models.AppFile + if err := lc.DB. + Where("file_type = ?", models.AppFileTypeLessonPlan). + Where("(last_download_at IS NOT NULL AND last_download_at < ?) OR (last_download_at IS NULL AND created_at < ?)", cutoffMillis, cutoffTime). + Find(&records).Error; err != nil { + return err + } + for i := range records { + if err := deleteLessonPlanRecord(lc.DB, &records[i]); err != nil { + return err + } + } + return nil +} + +func StartLessonPlanCleanupJob(db *gorm.DB) { + controller := &LessonPlanController{DB: db} + go func() { + runCleanup := func() { + if err := controller.CleanupExpiredFiles(); err != nil { + fmt.Printf("lesson plan cleanup failed: %v\n", err) + } + } + runCleanup() + ticker := time.NewTicker(24 * time.Hour) + defer ticker.Stop() + for range ticker.C { + runCleanup() + } + }() +} + +func validateLessonPlanFileHeader(fileHeader *multipart.FileHeader) error { + if fileHeader.Size > lessonPlanMaxSize { + return fmt.Errorf("file exceeds 10MB limit") + } + if !strings.EqualFold(filepath.Ext(fileHeader.Filename), ".docx") { + return fmt.Errorf("only .docx files are allowed") + } + contentType := strings.ToLower(strings.TrimSpace(fileHeader.Header.Get("Content-Type"))) + if contentType != "" && contentType != "application/vnd.openxmlformats-officedocument.wordprocessingml.document" { + return fmt.Errorf("content-type must be .docx") + } + return nil +} + +func buildStoredLessonPlanFilename(md5Value, originalName string) string { + return fmt.Sprintf("%d_%s%s", time.Now().UnixNano(), md5Value, strings.ToLower(filepath.Ext(originalName))) +} + +func normalizeLessonPlanContentType(contentType string) string { + if strings.TrimSpace(contentType) == "" { + return "application/vnd.openxmlformats-officedocument.wordprocessingml.document" + } + return contentType +} + +func currentUser(c *gin.Context) (uint, string, bool) { + userIDValue, idExists := c.Get("userID") + usernameValue, usernameExists := c.Get("username") + if !idExists || !usernameExists { + return 0, "", false + } + userID, ok := userIDValue.(uint) + if !ok { + return 0, "", false + } + username, ok := usernameValue.(string) + if !ok { + return 0, "", false + } + return userID, username, true +} + +func currentUserRole(c *gin.Context) models.UserRole { + roleValue, exists := c.Get("role") + if !exists { + return "" + } + role, _ := roleValue.(models.UserRole) + return role +} + +func canAccessLessonPlan(record models.AppFile, userID uint, role models.UserRole) bool { + if record.UploaderID == userID { + return true + } + return role == models.UserRoleSuperAdmin || role == models.UserRoleRegionAdmin +} + +func deleteLessonPlanRecord(db *gorm.DB, record *models.AppFile) error { + if err := os.Remove(record.FilePath); err != nil && !os.IsNotExist(err) { + return fmt.Errorf("failed to remove file: %w", err) + } + if err := db.Unscoped().Delete(&models.AppFile{}, record.ID).Error; err != nil { + return fmt.Errorf("failed to delete metadata: %w", err) + } + return nil +} + +func (lc *LessonPlanController) findLessonPlan(id string) (models.AppFile, error) { + var record models.AppFile + if err := lc.DB.Where("id = ? AND file_type = ?", id, models.AppFileTypeLessonPlan).First(&record).Error; err != nil { + return record, err + } + return record, nil +} + +func respondLessonPlanLookupError(c *gin.Context, err error) { + if errors.Is(err, gorm.ErrRecordNotFound) { + writeError(c, http.StatusNotFound, "lesson plan not found") + return + } + writeError(c, http.StatusInternalServerError, "failed to query lesson plan") +} diff --git a/controllers/response.go b/controllers/response.go new file mode 100644 index 0000000..d958608 --- /dev/null +++ b/controllers/response.go @@ -0,0 +1,17 @@ +package controllers + +import "github.com/gin-gonic/gin" + +type APIResponse struct { + Data interface{} `json:"data"` + Msg string `json:"msg"` + Code int `json:"code"` +} + +func writeSuccess(c *gin.Context, httpStatus int, msg string, data interface{}) { + c.JSON(httpStatus, APIResponse{Data: data, Msg: msg, Code: httpStatus}) +} + +func writeError(c *gin.Context, httpStatus int, msg string) { + c.JSON(httpStatus, APIResponse{Data: nil, Msg: msg, Code: httpStatus}) +} diff --git a/main.go b/main.go index e89264f..15d02f5 100644 --- a/main.go +++ b/main.go @@ -2,6 +2,7 @@ package main import ( "hr_receiver/config" + "hr_receiver/controllers" "hr_receiver/models" "hr_receiver/mqtt" "hr_receiver/routes" @@ -28,6 +29,7 @@ func main() { &models.RegressionResult{}, &models.User{}, &models.UserRegionBinding{}, + &models.AppFile{}, &models.MqttHeartRateRecord{}, &models.MqttStepCountRecord{}, &models.MqttGatewayStatusRecord{}, @@ -40,6 +42,7 @@ func main() { if err := mqtt.Start(config.DB, config.App.MQTT); err != nil { log.Printf("mqtt listener start failed: %v", err) } + controllers.StartLessonPlanCleanupJob(config.DB) // 启动服务 r := routes.SetupRouter() diff --git a/middleware/lesson_plan_permission.go b/middleware/lesson_plan_permission.go new file mode 100644 index 0000000..f541d6b --- /dev/null +++ b/middleware/lesson_plan_permission.go @@ -0,0 +1,52 @@ +package middleware + +import ( + "hr_receiver/models" + "net/http" + + "github.com/gin-gonic/gin" +) + +func RequireHeartRateOperatorOrHigher() gin.HandlerFunc { + return func(c *gin.Context) { + roleValue, exists := c.Get("role") + if !exists { + c.JSON(http.StatusForbidden, gin.H{"error": "missing user role"}) + c.Abort() + return + } + role, ok := roleValue.(models.UserRole) + if !ok { + c.JSON(http.StatusForbidden, gin.H{"error": "invalid user role"}) + c.Abort() + return + } + if role != models.UserRoleOperator && + role != models.UserRoleRegionAdmin && + role != models.UserRoleSuperAdmin { + c.JSON(http.StatusForbidden, gin.H{"error": "insufficient role permissions"}) + c.Abort() + return + } + + flavorValue, exists := c.Get("flavorType") + if !exists { + c.JSON(http.StatusForbidden, gin.H{"error": "missing user flavor"}) + c.Abort() + return + } + flavorType, ok := flavorValue.(models.UserFlavorType) + if !ok { + c.JSON(http.StatusForbidden, gin.H{"error": "invalid user flavor"}) + c.Abort() + return + } + if flavorType != models.UserFlavorHeartRate && flavorType != models.UserFlavorAll { + c.JSON(http.StatusForbidden, gin.H{"error": "insufficient flavor permissions"}) + c.Abort() + return + } + + c.Next() + } +} diff --git a/models/app_file.go b/models/app_file.go new file mode 100644 index 0000000..db6b75b --- /dev/null +++ b/models/app_file.go @@ -0,0 +1,28 @@ +package models + +import "gorm.io/gorm" + +type AppFileType string + +const ( + AppFileTypeLessonPlan AppFileType = "lesson_plan" +) + +type AppFile struct { + gorm.Model + FileType AppFileType `gorm:"type:varchar(64);not null;index" json:"fileType"` + OriginalFilename string `gorm:"size:255;not null" json:"originalFilename"` + StoredFilename string `gorm:"size:255;not null;uniqueIndex" json:"storedFilename"` + FilePath string `gorm:"size:1024;not null" json:"filePath"` + ContentType string `gorm:"size:255;not null" json:"contentType"` + FileSize int64 `gorm:"not null" json:"fileSize"` + MD5 string `gorm:"size:32;not null;uniqueIndex" json:"md5"` + UploaderID uint `gorm:"not null;index" json:"uploaderId"` + UploaderName string `gorm:"size:255;not null;index" json:"uploaderName"` + DownloadCount int64 `gorm:"not null;default:0" json:"downloadCount"` + LastDownloadAt *int64 `gorm:"type:bigint;index" json:"lastDownloadAt"` +} + +func (AppFile) TableName() string { + return "app_files" +} diff --git a/routes/routes.go b/routes/routes.go index e574bed..f52ba37 100644 --- a/routes/routes.go +++ b/routes/routes.go @@ -13,6 +13,7 @@ func SetupRouter() *gin.Engine { r.Use(middleware.GzipMiddleware()) trainingController := controllers.NewTrainingController() stepTrainController := controllers.NewStepTrainingController() + lessonPlanController := controllers.NewLessonPlanController() v1 := r.Group("/api/v1") { @@ -31,6 +32,14 @@ func SetupRouter() *gin.Engine { steps.GET("train-rank/:trainId", stepTrainController.GetTrainingRank) // 可扩展其他路由:GET, PUT, DELETE等 } + lessonPlans := v1.Group("/lesson-plans").Use(middleware.JWTAuth()) + { + lessonPlans.POST("/upload", middleware.RequireHeartRateOperatorOrHigher(), lessonPlanController.Upload) + lessonPlans.GET("", middleware.RequireHeartRateOperatorOrHigher(), lessonPlanController.List) + lessonPlans.GET("/page", middleware.RequireHeartRateOperatorOrHigher(), lessonPlanController.Page) + lessonPlans.GET("/:id/download", lessonPlanController.Download) + lessonPlans.DELETE("/:id", lessonPlanController.Delete) + } public := v1.Group("") { public.POST("/register", controllers.Register)