fix: 目录权限错误 Relate #7

liueic · liueic · commit 68e1ff58241b · 2025-08-06T21:45:17.000+08:00
diff --git a/.gitignore b/.gitignore
@@ -124,4 +124,5 @@ dmypy.json
 # Pyre type checker
 .pyre/
 
-.codebuddy/
+.codebuddy/
+dev/
diff --git a/backend/Dockerfile b/backend/Dockerfile
@@ -26,9 +26,10 @@ RUN pip install --no-cache-dir -r requirements.txt
 # 复制应用代码
 COPY . .
 
-# 创建必要的目录
-RUN mkdir -p uploads logs && \
-    chown -R appuser:appgroup /app
+# 创建必要的目录和子目录
+RUN mkdir -p uploads/email_attachments logs data && \
+    chown -R appuser:appgroup /app && \
+    chmod -R 755 uploads logs data
 
 # 切换到非root用户
 USER appuser
diff --git a/backend/app/services/attachment_service.py b/backend/app/services/attachment_service.py
@@ -23,8 +23,69 @@ class AttachmentService:
     """附件处理服务类"""
     
     def __init__(self):
-        self.upload_dir = Path(settings.UPLOAD_DIR) / "email_attachments"
-        self.upload_dir.mkdir(parents=True, exist_ok=True)
+        """初始化附件服务"""
+        try:
+            # 使用配置中的上传目录
+            base_upload_dir = Path(getattr(settings, 'UPLOAD_DIR', 'uploads'))
+            self.upload_dir = base_upload_dir / "email_attachments"
+            
+            # 尝试创建目录
+            self.upload_dir.mkdir(parents=True, exist_ok=True)
+            
+            # 验证目录权限
+            if not self._check_directory_permissions():
+                raise PermissionError(f"无法写入上传目录: {self.upload_dir}")
+                
+            logger.info(f"附件服务初始化成功，上传目录: {self.upload_dir}")
+            
+        except PermissionError as e:
+            logger.error(f"附件服务初始化失败 - 权限错误: {e}")
+            # 尝试使用临时目录作为备选方案
+            self._setup_fallback_directory()
+        except Exception as e:
+            logger.error(f"附件服务初始化失败: {e}")
+            # 尝试使用临时目录作为备选方案
+            self._setup_fallback_directory()
+    
+    def _check_directory_permissions(self) -> bool:
+        """检查目录权限"""
+        try:
+            # 尝试创建测试文件
+            test_file = self.upload_dir / ".permission_test"
+            test_file.write_text("test")
+            test_file.unlink()
+            return True
+        except Exception as e:
+            logger.warning(f"目录权限检查失败: {e}")
+            return False
+    
+    def _setup_fallback_directory(self):
+        """设置备选目录"""
+        try:
+            import tempfile
+            fallback_dir = Path(tempfile.gettempdir()) / "kb_upload_genie" / "email_attachments"
+            fallback_dir.mkdir(parents=True, exist_ok=True)
+            
+            # 验证备选目录权限
+            if self._check_fallback_permissions(fallback_dir):
+                self.upload_dir = fallback_dir
+                logger.warning(f"使用临时目录作为上传目录: {self.upload_dir}")
+            else:
+                raise RuntimeError("无法找到可写的上传目录")
+                
+        except Exception as e:
+            logger.error(f"设置备选目录失败: {e}")
+            raise RuntimeError(f"附件服务初始化完全失败: {e}")
+    
+    def _check_fallback_permissions(self, directory: Path) -> bool:
+        """检查备选目录权限"""
+        try:
+            test_file = directory / ".permission_test"
+            test_file.write_text("test")
+            test_file.unlink()
+            return True
+        except Exception:
+            return False
     
     def _get_file_hash(self, file_data: bytes) -> str:
         """计算文件哈希值"""
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,15 +1,15 @@
 services:
   # 后端服务
   backend:
-    image: 
-    container_name: ghcr.io/pancrepal-xiaoyibao/kb-backend:latest
+    image: ghcr.io/pancrepal-xiaoyibao/kb-backend:latest
+    container_name: kb-backend
     env_file:
       - backend/.env
     environment:
       - PYTHONPATH=/app
     volumes:
       - backend_data:/app/data
-      - backend_data:/app/uploads
+      - backend_uploads:/app/uploads
       - backend_logs:/app/logs
       - ./backend/.env:/app/.env:ro
     networks:
@@ -21,6 +21,7 @@ services:
       timeout: 10s
       retries: 3
       start_period: 40s
+    user: "1001:1001"  # 使用与Dockerfile中相同的用户ID
 
   # 前端服务
   frontend:
@@ -40,8 +41,17 @@ services:
       retries: 3
       start_period: 20s
 
+# 卷定义
+volumes:
+  backend_data:
+    driver: local
+  backend_uploads:
+    driver: local
+  backend_logs:
+    driver: local
+
 # 网络
 networks:
   kb-network:
     driver: bridge
-    name: kb-upload-genie-network
+    name: kb-upload-genie-network
