Merge branch 'dev_aliyun' of https://bdgit.educoder.net/Hjqreturn/educoder into dev_item_bank

app/controllers/application_controller.rb

@@ -24,6 +24,9 @@ class ApplicationController < ActionController::Base
 	# 所有请求必须合法签名
 	def check_sign
 		Rails.logger.info("66666  #{params}")
+		suffix = request.url.split(".").last
+		suffix_arr = ["xls", "xlsx"] # excel文件先注释
+		unless suffix_arr.include?(suffix)
 			if params[:client_key].present?
 				randomcode = params[:randomcode]
 				tip_exception(501, "请求不合理") unless (Time.now.to_i - randomcode.to_i).between?(0,5)
@@ -35,6 +38,7 @@ class ApplicationController < ActionController::Base
 				tip_exception(501, "请求不合理")
 			end
 		end
+	end
 
 	# 全局配置参数
 	# 返回name对应的value

app/controllers/attachments_controller.rb

@@ -5,7 +5,7 @@ class AttachmentsController < ApplicationController
   before_action :require_login, :check_auth, except: [:show]
   before_action :find_file, only: %i[show destroy]
   before_action :attachment_candown, only: [:show]
-  skip_before_action :check_sign, only: [:show]
+  skip_before_action :check_sign, only: [:show, :create]
 
   include ApplicationHelper