构建集团公司统一档案管理平台:从零到一的技术落地指南
一、平台架构设计与技术选型
统一档案管理平台采用微服务架构,核心模块包括档案存储服务、元数据管理服务、全文检索服务和权限控制服务。技术栈选择基于成熟度和社区支持度,确保长期可维护性。
1.1 核心组件清单
- 后端框架:Spring Boot 2.7.18
- 数据库:PostgreSQL 15(主数据)、Elasticsearch 8.11(检索)
- 文件存储:MinIO(对象存储,兼容S3协议)
- 缓存:Redis 7.2
- 消息队列:RabbitMQ 3.12
- 前端框架:Vue 3 + Element Plus
二、环境准备与基础服务部署
所有服务均使用Docker容器化部署,确保环境一致性。操作系统要求为Ubuntu 22.04 LTS或CentOS 8+。
2.1 Docker及Docker Compose安装
执行以下命令安装最新版本:
```bash 安装Docker curl -fsSL https://get.docker.com -o get-docker.sh sudo sh get-docker.sh sudo systemctl start docker sudo systemctl enable docker 安装Docker Compose sudo curl -L "https://github.com/docker/compose/releases/download/v2.23.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose ```2.2 基础服务编排文件
创建docker-compose.yml文件,内容如下:
```yaml version: '3.8' services: postgres: image: postgres:15-alpine environment: POSTGRES_DB: archive_db POSTGRES_USER: archive_admin POSTGRES_PASSWORD: YourStrongPassword123! volumes: - postgres_data:/var/lib/postgresql/data ports: - "5432:5432" minio: image: minio/minio:latest command: server /data --console-address ":9001" environment: MINIO_ROOT_USER: minioadmin MINIO_ROOT_PASSWORD: minioadmin123 volumes: - minio_data:/data ports: - "9000:9000" - "9001:9001" elasticsearch: image: elasticsearch:8.11.4 environment: - discovery.type=single-node - xpack.security.enabled=false - "ES_JAVA_OPTS=-Xms512m -Xmx512m" volumes: - es_data:/usr/share/elasticsearch/data ports: - "9200:9200" redis: image: redis:7.2-alpine command: redis-server --requirepass YourRedisPassword123 volumes: - redis_data:/data ports: - "6379:6379" volumes: postgres_data: minio_data: es_data: redis_data: ```启动所有服务:
```bash docker-compose up -d ```三、后端服务核心实现
创建Spring Boot项目,使用Spring Initializr生成基础框架。
3.1 Maven依赖配置
pom.xml关键依赖:
```xml3.2 应用配置文件
application.yml完整配置:
```yaml server: port: 8080 spring: datasource: url: jdbc:postgresql://localhost:5432/archive_db username: archive_admin password: YourStrongPassword123! driver-class-name: org.postgresql.Driver jpa: hibernate: ddl-auto: update show-sql: true data: elasticsearch: uris: http://localhost:9200 redis: host: localhost port: 6379 password: YourRedisPassword123 minio: endpoint: http://localhost:9000 accessKey: minioadmin secretKey: minioadmin123 bucket: company-archive ```3.3 MinIO存储服务配置
创建MinIO配置类:
```java @Configuration public class MinioConfig { @Value("${minio.endpoint}") private String endpoint; @Value("${minio.accessKey}") private String accessKey; @Value("${minio.secretKey}") private String secretKey; @Value("${minio.bucket}") private String bucket; @Bean public MinioClient minioClient() { return MinioClient.builder() .endpoint(endpoint) .credentials(accessKey, secretKey) .build(); } @PostConstruct public void initBucket() throws Exception { boolean exists = minioClient() .bucketExists(BucketExistsArgs.builder().bucket(bucket).build()); if (!exists) { minioClient().makeBucket(MakeBucketArgs.builder().bucket(bucket).build()); } } } ```3.4 档案上传接口实现
核心上传服务类:
```java @Service public class ArchiveService { @Autowired private MinioClient minioClient; @Value("${minio.bucket}") private String bucket; public String uploadFile(MultipartFile file, String department, String category, String tags) throws Exception { // 生成唯一文件名 String originalFilename = file.getOriginalFilename(); String fileExtension = originalFilename.substring( originalFilename.lastIndexOf(".")); String objectName = department + "/" + UUID.randomUUID().toString() + fileExtension; // 上传到MinIO minioClient.putObject( PutObjectArgs.builder() .bucket(bucket) .object(objectName) .stream(file.getInputStream(), file.getSize(), -1) .contentType(file.getContentType()) .build() ); // 保存元数据到PostgreSQL ArchiveMetadata metadata = new ArchiveMetadata(); metadata.setFileName(originalFilename); metadata.setObjectName(objectName); metadata.setDepartment(department); metadata.setCategory(category); metadata.setFileSize(file.getSize()); metadata.setUploadTime(LocalDateTime.now()); metadata.setTags(Arrays.asList(tags.split(","))); metadataRepository.save(metadata); // 索引到Elasticsearch indexToElasticsearch(metadata); return objectName; } private void indexToElasticsearch(ArchiveMetadata metadata) { // Elasticsearch索引逻辑 IndexRequest request = new IndexRequest("archive_index") .id(metadata.getId().toString()) .source( "fileName", metadata.getFileName(), "department", metadata.getDepartment(), "category", metadata.getCategory(), "content", extractTextContent(metadata), // 文本提取方法 "uploadTime", metadata.getUploadTime(), "tags", metadata.getTags() ); elasticsearchRestTemplate.index(request, IndexCoordinates.of("archive_index")); } } ```四、前端界面快速搭建
使用Vue CLI创建项目,安装必要依赖。
4.1 项目初始化
```bash npm create vue@latest archive-frontend cd archive-frontend npm install element-plus axios ```4.2 档案上传组件
创建UploadComponent.vue:
```vue拖拽文件到此处或点击上传
五、全文检索功能实现
基于Elasticsearch实现跨部门档案检索。
5.1 检索服务实现
```java @Service public class SearchService { @Autowired private ElasticsearchRestTemplate elasticsearchRestTemplate; public List5.2 检索API接口
```java @RestController @RequestMapping("/api/search") public class SearchController { @Autowired private SearchService searchService; @GetMapping public ResponseEntity六、权限控制与审计
基于RBAC模型实现细粒度权限控制。
6.1 权限表结构设计
执行以下SQL创建权限相关表:
```sql -- 角色表 CREATE TABLE roles ( id SERIAL PRIMARY KEY, role_name VARCHAR(50) NOT NULL UNIQUE, description TEXT ); -- 权限表 CREATE TABLE permissions ( id SERIAL PRIMARY KEY, permission_code VARCHAR(100) NOT NULL UNIQUE, description TEXT ); -- 角色权限关联表 CREATE TABLE role_permissions ( role_id INTEGER REFERENCES roles(id), permission_id INTEGER REFERENCES permissions(id), PRIMARY KEY (role_id, permission_id) ); -- 用户角色关联表 CREATE TABLE user_roles ( user_id INTEGER, role_id INTEGER REFERENCES roles(id), PRIMARY KEY (user_id, role_id) ); -- 操作日志表 CREATE TABLE operation_logs ( id SERIAL PRIMARY KEY, user_id INTEGER NOT NULL, operation_type VARCHAR(50) NOT NULL, target_object VARCHAR(200), operation_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP, ip_address INET, user_agent TEXT ); ```6.2 Spring Security配置
```java @Configuration @EnableWebSecurity public class SecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http .csrf().disable() .authorizeHttpRequests(authz -> authz .requestMatchers("/api/auth/").permitAll() .requestMatchers("/api/archive/upload").hasAuthority("ARCHIVE_UPLOAD") .requestMatchers("/api/archive/download").hasAuthority("ARCHIVE_DOWNLOAD") .requestMatchers("/api/search/").hasAuthority("ARCHIVE_SEARCH") .anyRequest().authenticated() ) .sessionManagement(session -> session .sessionCreationPolicy(SessionCreationPolicy.STATELESS) ) .addFilterBefore(jwtFilter(), UsernamePasswordAuthenticationFilter.class); return http.build(); } } ```七、部署与监控
使用Docker Compose编排所有服务,并配置基础监控。
7.1 生产环境部署配置
创建docker-compose.prod.yml:
```yaml version: '3.8' services: archive-backend: build: ./backend ports: - "8080:8080" environment: - SPRING_PROFILES_ACTIVE=prod - DB_HOST=postgres - REDIS_HOST=redis - ES_HOST=elasticsearch depends_on: - postgres - redis - elasticsearch restart: always archive-frontend: build: ./frontend ports: - "80:80" depends_on: - archive-backend restart: always nginx: image: nginx:alpine volumes: - ./nginx.conf:/etc/nginx/nginx.conf ports: - "443:443" depends_on: - archive-frontend restart: always ```7.2 应用健康检查配置
在Spring Boot应用中添加健康检查端点:
```java @RestController @RequestMapping("/actuator") public class HealthController { @GetMapping("/health") public ResponseEntity在application.yml中启用所有健康检查:
```yaml management: endpoints: web: exposure: include: "" endpoint: health: show-details: always ```八、数据备份策略
配置自动化备份流程,确保数据安全。
8.1 PostgreSQL备份脚本
创建backup_postgres.sh:
```bash !/bin/bash BACKUP_DIR="/backup/postgres" DATE=$(date +%Y%m%d_%H%M%S) BACKUP_FILE="$BACKUP_DIR/archive_db_$DATE.sql" 创建备份目录 mkdir -p $BACKUP_DIR 执行备份 docker exec postgres pg_dump -U archive_admin archive_db > $BACKUP_FILE 压缩备份文件 gzip $BACKUP相关文章
