feat(storage): 新增Discord Bot存储驱动并实现分片断点续传支持

feat(storage): 新增MIRROR(清华、中科大、阿里云镜像站配置)存储驱动及浏览器伪装功能
per(storage): 增强存储配置的安全性与密钥处理

- 新增支持分块上传的Discord存储驱动
- 优化对输入值的掩码占位符检测，防止将掩码值写回数据库，确保真实密钥的安全性。
- 实现面向开源软件镜像站点的新MIRROR存储驱动（只读模式）
- 通过MasqueradeClient为存储驱动添加浏览器伪装功能
- 支持预置镜像站配置（清华、中科大、阿里云）及自动填充端点
- 将镜像驱动集成至StorageFactory并配置验证规则
- 为现有驱动添加类浏览器头部信息以提升兼容性

Author: 2512132839

backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cloudpaste-api",
-  "version": "1.8.0",
+  "version": "1.9.0",
   "description": "CloudPaste API基于Cloudflare Workers和D1数据库",
   "main": "unified-entry.js",
   "scripts": {
@@ -27,15 +27,15 @@
     "@aws-sdk/client-s3": "3.726.1",
     "@aws-sdk/lib-storage": "3.726.1",
     "@aws-sdk/s3-request-presigner": "3.726.1",
-    "@huggingface/hub": "^2.7.1",
     "@hono/node-server": "^1.19.6",
+    "@huggingface/hub": "^2.7.1",
     "better-sqlite3": "^12.5.0",
+    "cron-parser": "^5.4.0",
     "fast-xml-parser": "^5.2.5",
     "file-type": "^21.0.0",
     "hono": "^4.10.6",
     "mime-types": "^3.0.1",
     "node-schedule": "^2.1.1",
-    "cron-parser": "^5.4.0",
     "tsx": "^4.21.0",
     "webdav": "^5.8.0"
   },

backend/src/repositories/StorageConfigRepository.js

@@ -31,9 +31,10 @@ export class StorageConfigRepository extends BaseRepository {
           row,
         });
 
+        // 注意：row（表字段）优先级应高于 config_json（投影字段）
         const merged = {
-          ...row,
           ...(projected && typeof projected === "object" ? projected : {}),
+          ...row,
         };
 
         // 保留原始 config_json 对象（非枚举属性，避免对外暴露）

backend/src/routes/fs/multipart.js

@@ -5,7 +5,7 @@ import { MountManager } from "../../storage/managers/MountManager.js";
 import { FileSystem } from "../../storage/fs/FileSystem.js";
 import { getEncryptionSecret } from "../../utils/environmentUtils.js";
 import { usePolicy } from "../../security/policies/policies.js";
-import { findUploadSessionById, updateUploadSessionById } from "../../utils/uploadSessions.js";
+import { findUploadSessionById, normalizeUploadSessionUserId, updateUploadSessionById } from "../../utils/uploadSessions.js";
 import { validateFsItemName } from "../../storage/fs/utils/FsInputValidator.js";
 
 /**
@@ -93,6 +93,24 @@ export const registerMultipartRoutes = (router, helpers) => {
     return { db: c.env.DB, encryptionSecret: getEncryptionSecret(c), repositoryFactory: c.get("repos"), userInfo, userIdOrInfo, userType };
   };
 
+  const assertUploadSessionOwnedByUser = (sessionRow, userIdOrInfo, userType) => {
+    if (!sessionRow) {
+      throw new ValidationError("未找到对应的上传会话");
+    }
+
+    const expectedUserId = normalizeUploadSessionUserId(userIdOrInfo, userType);
+    const rowUserId = String(sessionRow.user_id || "");
+    const rowUserType = String(sessionRow.user_type || "");
+
+    // 必须至少匹配 user_id；user_type 为空时视为兼容旧数据（不做强校验）
+    const idMatches = rowUserId === String(expectedUserId || "");
+    const typeMatches = !rowUserType || rowUserType === String(userType || "");
+
+    if (!idMatches || !typeMatches) {
+      throw new AuthenticationError("上传会话不属于当前用户，拒绝访问");
+    }
+  };
+
   const assertValidFileName = (fileName) => {
     const result = validateFsItemName(fileName);
     if (result.valid) return;
@@ -148,6 +166,9 @@ export const registerMultipartRoutes = (router, helpers) => {
       assertValidFileName(fileName);
     }
 
+    const sessionRow = await findUploadSessionById(db, { id: uploadId });
+    assertUploadSessionOwnedByUser(sessionRow, userIdOrInfo, userType);
+
     const mountManager = new MountManager(db, encryptionSecret, repositoryFactory, { env: c.env });
     const fileSystem = new FileSystem(mountManager);
     const safeParts = Array.isArray(parts) ? parts : [];
@@ -167,6 +188,9 @@ export const registerMultipartRoutes = (router, helpers) => {
 
     assertValidFileName(fileName);
 
+    const sessionRow = await findUploadSessionById(db, { id: uploadId });
+    assertUploadSessionOwnedByUser(sessionRow, userIdOrInfo, userType);
+
     const mountManager = new MountManager(db, encryptionSecret, repositoryFactory, { env: c.env });
     const fileSystem = new FileSystem(mountManager);
     await fileSystem.abortFrontendMultipartUpload(path, uploadId, fileName, userIdOrInfo, userType);
@@ -200,6 +224,9 @@ export const registerMultipartRoutes = (router, helpers) => {
 
     assertValidFileName(fileName);
 
+    const sessionRow = await findUploadSessionById(db, { id: uploadId });
+    assertUploadSessionOwnedByUser(sessionRow, userIdOrInfo, userType);
+
     const mountManager = new MountManager(db, encryptionSecret, repositoryFactory, { env: c.env });
     const fileSystem = new FileSystem(mountManager);
     const result = await fileSystem.listMultipartParts(path, uploadId, fileName, userIdOrInfo, userType);
@@ -219,6 +246,9 @@ export const registerMultipartRoutes = (router, helpers) => {
 
     const safePartNumbers = Array.isArray(partNumbers) ? partNumbers : [];
 
+    const sessionRow = await findUploadSessionById(db, { id: uploadId });
+    assertUploadSessionOwnedByUser(sessionRow, userIdOrInfo, userType);
+
     // 状态机推进：请求分片 URL 视为“开始上传”
     try {
       await updateUploadSessionById(db, {
@@ -266,9 +296,7 @@ export const registerMultipartRoutes = (router, helpers) => {
     const contentLength = contentLengthHeader ? Number.parseInt(contentLengthHeader, 10) || 0 : 0;
 
     const sessionRow = await findUploadSessionById(db, { id: uploadId });
-    if (!sessionRow) {
-      throw new ValidationError("未找到对应的上传会话");
-    }
+    assertUploadSessionOwnedByUser(sessionRow, userIdOrInfo, userType);
 
     const mountManager = new MountManager(db, encryptionSecret, repositoryFactory, { env: c.env });
     const fileSystem = new FileSystem(mountManager);

backend/src/routes/systemRoutes.js

@@ -97,7 +97,7 @@ systemRoutes.get("/api/version", async (c) => {
   const isDocker = runtimeEnv === "docker";
 
   // 统一的默认版本配置
-  const DEFAULT_VERSION = "1.8.0";
+  const DEFAULT_VERSION = "1.9.0";
   const DEFAULT_NAME = "cloudpaste-api";
 
   let version = DEFAULT_VERSION;

backend/src/services/storageConfigService.js

@@ -5,6 +5,8 @@ import { MountManager } from "../storage/managers/MountManager.js";
 import { ApiStatus } from "../constants/index.js";
 import { AppError, ValidationError, NotFoundError, DriverError } from "../http/errors.js";
 import { CAPABILITIES } from "../storage/interfaces/capabilities/index.js";
+import { invalidateFsCache } from "../cache/invalidation.js";
+import { FsSearchIndexStore } from "../storage/fs/search/FsSearchIndexStore.js";
 
 /**
  * 计算存储配置在 WebDAV 渠道下支持的策略列表
@@ -33,6 +35,81 @@ function computeWebDavSupportedPolicies(cfg) {
   // 去重
   return Array.from(new Set(policies));
 }
+
+/**
+ * 判断一个输入值是否像“掩码占位符”（例如 *****1234）
+ * - 这是为了防止编辑表单时把 masked 值写回数据库，覆盖真实密钥
+ * - 前端应该已做过滤，但后端必须兜底
+ * @param {any} value
+ * @returns {boolean}
+ */
+function isMaskedSecretPlaceholder(value) {
+  if (typeof value !== "string") return false;
+  const s = value.trim();
+  if (!s) return false;
+  // maskSecret 默认会生成很多个 * + 尾部少量可见字符
+  // 这里用一个“非常保守但够用”的判定：至少 3 个 * 开头
+  return /^\*{3,}.+$/.test(s);
+}
+
+function getTypeConfigSchema(storageType) {
+  if (!storageType) return null;
+  const meta = StorageFactory.getTypeMetadata(storageType);
+  return meta?.configSchema || null;
+}
+
+function getSecretFieldDefsFromSchema(schema) {
+  const fields = schema?.fields;
+  if (!Array.isArray(fields)) return [];
+  return fields.filter((f) => f && typeof f === "object" && f.type === "secret" && typeof f.name === "string" && f.name);
+}
+
+function shouldSkipSecretWrite(value, { allowEmpty = true } = {}) {
+  if (value === undefined || value === null) return true;
+  if (typeof value === "string") {
+    const s = value.trim();
+    if (allowEmpty && s.length === 0) return true;
+    if (isMaskedSecretPlaceholder(s)) return true;
+  }
+  return false;
+}
+
+async function encryptSecretsInConfigJson(storageType, configJson, encryptionSecret, { requireRequiredSecrets = false } = {}) {
+  const schema = getTypeConfigSchema(storageType);
+  const secretFields = getSecretFieldDefsFromSchema(schema);
+  if (!secretFields.length) return configJson;
+
+  for (const f of secretFields) {
+    const key = f.name;
+    const raw = configJson?.[key];
+
+    // required 校验（仅用于 create）
+    if (requireRequiredSecrets) {
+      const missing =
+        raw === undefined ||
+        raw === null ||
+        (typeof raw === "string" && raw.trim().length === 0) ||
+        isMaskedSecretPlaceholder(raw);
+      if (f.required === true && missing) {
+        throw new ValidationError(`缺少必填字段: ${key}`);
+      }
+    }
+
+    // 跳过空值（update 时应“保留原值”）
+    if (shouldSkipSecretWrite(raw, { allowEmpty: true })) {
+      continue;
+    }
+
+    // 明确拒绝 masked 占位符写入（无论 create/update）
+    if (isMaskedSecretPlaceholder(raw)) {
+      throw new ValidationError(`字段 ${key} 不能是掩码占位符，请重新填写`);
+    }
+
+    configJson[key] = await encryptValue(String(raw), encryptionSecret);
+  }
+
+  return configJson;
+}
 import { encryptValue, buildSecretView } from "../utils/crypto.js";
 import { generateStorageConfigId } from "../utils/common.js";
 
@@ -119,6 +196,9 @@ export async function createStorageConfig(db, configData, adminId, encryptionSec
     for (const f of requiredS3) {
       if (!configData[f]) throw new ValidationError(`缺少必填字段: ${f}`);
     }
+    if (isMaskedSecretPlaceholder(configData.access_key_id) || isMaskedSecretPlaceholder(configData.secret_access_key)) {
+      throw new ValidationError("S3 密钥字段疑似为掩码占位符（*****1234），请重新填写真实值");
+    }
     const encryptedAccessKey = await encryptValue(configData.access_key_id, encryptionSecret);
     const encryptedSecretKey = await encryptValue(configData.secret_access_key, encryptionSecret);
     configJson = {
@@ -139,6 +219,9 @@ export async function createStorageConfig(db, configData, adminId, encryptionSec
     for (const f of requiredWebDav) {
       if (!configData[f]) throw new ValidationError(`缺少必填字段: ${f}`);
     }
+    if (isMaskedSecretPlaceholder(configData.password)) {
+      throw new ValidationError("WebDAV 密码字段疑似为掩码占位符（*****1234），请重新填写真实值");
+    }
 
     let endpoint_url = String(configData.endpoint_url).trim();
     try {
@@ -173,8 +256,9 @@ export async function createStorageConfig(db, configData, adminId, encryptionSec
       total_storage_bytes: totalStorageBytes,
     };
   } else {
-    const { name, storage_type, is_public, is_default, ...rest } = configData;
+    const { name, storage_type, is_public, is_default, remark, url_proxy, ...rest } = configData;
     configJson = rest || {};
+    await encryptSecretsInConfigJson(configData.storage_type, configJson, encryptionSecret, { requireRequiredSecrets: true });
   }
   const createData = {
     id,
@@ -203,6 +287,10 @@ export async function updateStorageConfig(db, id, updateData, adminId, encryptio
   const exists = await repo.findByIdAndAdminWithSecrets(id, adminId);
   if (!exists) throw new NotFoundError("存储配置不存在");
 
+  // 是否有“驱动私有配置”字段变化（比如 endpoint/bucket/token 等）
+  // - 仅改 name/remark/is_public/is_default/status 这种“展示/开关”字段，不需要清索引
+  // - 一旦改了驱动配置，旧索引可能对应的是“旧数据源/旧路径”，必须标记 not_ready 让你重建
+  let driverConfigChanged = false;
   const topPatch = {};
   if (updateData.name) topPatch.name = updateData.name;
   if (updateData.is_public !== undefined) topPatch.is_public = updateData.is_public ? 1 : 0;
@@ -215,17 +303,32 @@ export async function updateStorageConfig(db, id, updateData, adminId, encryptio
   if (exists?.__config_json__ && typeof exists.__config_json__ === "object") {
     cfg = { ...exists.__config_json__ };
   }
+
+  // 本类型 schema 中声明的 secret 字段集合
+  const schema = getTypeConfigSchema(exists.storage_type);
+  const secretFieldSet = new Set(getSecretFieldDefsFromSchema(schema).map((f) => f.name));
+
   // 合并驱动 JSON 字段
   const boolKeys = new Set(["path_style", "tls_insecure_skip_verify"]);
   for (const [k, v] of Object.entries(updateData)) {
     if (["name", "storage_type", "is_public", "is_default", "status", "remark", "url_proxy"].includes(k)) continue;
-    if (k === "access_key_id") {
-      cfg.access_key_id = await encryptValue(v, encryptionSecret);
-    } else if (k === "secret_access_key") {
-      cfg.secret_access_key = await encryptValue(v, encryptionSecret);
-    } else if (k === "password") {
-      cfg.password = await encryptValue(v, encryptionSecret);
-    } else if (k === "total_storage_bytes") {
+
+    // secret：空值/掩码占位符 -> 不提交（保留原值）；真实值 -> 加密写入
+    if (secretFieldSet.has(k)) {
+      if (shouldSkipSecretWrite(v, { allowEmpty: true })) {
+        continue;
+      }
+      // shouldSkipSecretWrite 已涵盖 masked，这里再次兜底
+      if (isMaskedSecretPlaceholder(v)) {
+        continue;
+      }
+      cfg[k] = await encryptValue(String(v), encryptionSecret);
+      driverConfigChanged = true;
+      continue;
+    }
+
+    driverConfigChanged = true;
+    if (k === "total_storage_bytes") {
       const val = parseInt(v, 10);
       cfg.total_storage_bytes = Number.isFinite(val) && val > 0 ? val : null;
     } else if (k === "signature_expires_in") {
@@ -264,6 +367,23 @@ export async function updateStorageConfig(db, id, updateData, adminId, encryptio
     const mountManager = new MountManager(db, encryptionSecret, factory);
     await mountManager.clearConfigCache(exists.storage_type, id);
   } catch {}
+
+  // 如果驱动配置变化：把依赖此存储配置的挂载点索引清掉 + 标记 not_ready
+  if (driverConfigChanged) {
+    try {
+      const mountRepo = factory.getMountRepository();
+      const mounts = await mountRepo.findByStorageConfig(id, exists.storage_type);
+      const store = new FsSearchIndexStore(db);
+      for (const m of mounts || []) {
+        const mountId = String(m?.id || "").trim();
+        if (!mountId) continue;
+        await store.clearDerivedByMount(mountId, { keepState: true });
+      }
+      invalidateFsCache({ storageConfigId: id, reason: "storage-config-update", bumpMountsVersion: true, db });
+    } catch (e) {
+      console.warn("updateStorageConfig: 清理相关挂载点索引失败（将继续返回更新成功）：", e);
+    }
+  }
 }
 
 export async function deleteStorageConfig(db, id, adminId, repositoryFactory = null) {
@@ -283,7 +403,25 @@ export async function deleteStorageConfig(db, id, adminId, repositoryFactory = n
     }
   }
 
+  // 删除存储配置前：先把依赖它的挂载点与索引派生数据清掉
+  // 否则会留下“挂载点指向不存在的存储配置”+ “索引残留”的脏数据
+  try {
+    const mountRepo = factory.getMountRepository();
+    const mounts = await mountRepo.findByStorageConfig(id, exists.storage_type);
+    const store = new FsSearchIndexStore(db);
+    for (const m of mounts || []) {
+      const mountId = String(m?.id || "").trim();
+      if (!mountId) continue;
+      await store.clearDerivedByMount(mountId, { keepState: false });
+      await mountRepo.deleteMount(mountId);
+      invalidateFsCache({ mountId, storageConfigId: id, reason: "mount-delete-by-storage-config", bumpMountsVersion: true, db });
+    }
+  } catch (error) {
+    console.warn("deleteStorageConfig: 清理挂载点/索引失败，将继续删除存储配置本身：", error);
+  }
+
   await repo.deleteConfig(id);
+  invalidateFsCache({ storageConfigId: id, reason: "storage-config-delete", bumpMountsVersion: true, db });
 }
 
 export async function setDefaultStorageConfig(db, id, adminId, repositoryFactory = null) {

backend/src/services/storageMountService.js

@@ -6,6 +6,7 @@ import { ValidationError, ConflictError, NotFoundError, AuthorizationError } fro
 import { generateUUID } from "../utils/common.js";
 import { MountRepository, StorageConfigRepository } from "../repositories/index.js";
 import { invalidateFsCache } from "../cache/invalidation.js";
+import { FsSearchIndexStore } from "../storage/fs/search/FsSearchIndexStore.js";
 
 const emitMountCacheInvalidation = ({ mountId, storageConfigId = null, reason, db = null }) => {
   if (!mountId && !storageConfigId) {
@@ -205,6 +206,19 @@ class MountService {
     await this.mountRepository.updateMount(mountId, updateData);
 
     const updatedMount = await this.mountRepository.findById(mountId);
+
+    // 如果“挂载实际指向的内容”发生变化，旧索引就一定不可信了：
+    // - 改 mount_path：索引里存的是旧路径前缀，会导致搜索结果路径错乱
+    // - 改 storage_config_id / storage_type：等于换了一个“数据源”，必须清掉旧索引
+    const shouldResetIndex =
+      (updateData.mount_path && updateData.mount_path !== existingMount.mount_path) ||
+      (updateData.storage_config_id && updateData.storage_config_id !== existingMount.storage_config_id) ||
+      (updateData.storage_type && updateData.storage_type !== existingMount.storage_type);
+    if (shouldResetIndex) {
+      const store = new FsSearchIndexStore(this.db);
+      await store.clearDerivedByMount(mountId, { keepState: true });
+    }
+
     emitMountCacheInvalidation({ mountId, storageConfigId: updatedMount?.storage_config_id || null, reason: "mount-update", db: this.db });
 
     // 返回更新后的挂载点信息
@@ -231,7 +245,12 @@ class MountService {
       throw new AuthorizationError("没有权限删除此挂载点");
     }
 
-    // 删除挂载点
+    // 先清理索引派生数据，再删挂载点（避免删成功但索引残留）
+    // - entries/dirty/state 都属于派生数据，不影响真实文件数据
+    const store = new FsSearchIndexStore(this.db);
+    await store.clearDerivedByMount(mountId, { keepState: false });
+
+    // 删除挂载点（真实业务数据）
     const result = await this.mountRepository.deleteMount(mountId);
 
     emitMountCacheInvalidation({ mountId, storageConfigId: existingMount.storage_config_id || null, reason: "mount-delete", db: this.db });