From 3347ca4d7484d9141b189462e169b2be4d324632 Mon Sep 17 00:00:00 2001 From: 江强 <jiangq@powerlbs.com> Date: 星期二, 27 七月 2021 09:33:12 +0800 Subject: [PATCH] fix:Issue #I42GRW 修复任意账户越权漏洞 --- ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java | 11 ++++++----- 1 files changed, 6 insertions(+), 5 deletions(-) diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java index 41b8209..8678fd6 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java @@ -118,18 +118,19 @@ @DeleteMapping("/{configIds}") public AjaxResult remove(@PathVariable Long[] configIds) { - return toAjax(configService.deleteConfigByIds(configIds)); + configService.deleteConfigByIds(configIds); + return success(); } /** - * 清空缓存 + * 刷新参数缓存 */ @PreAuthorize("@ss.hasPermi('system:config:remove')") @Log(title = "参数管理", businessType = BusinessType.CLEAN) - @DeleteMapping("/clearCache") - public AjaxResult clearCache() + @DeleteMapping("/refreshCache") + public AjaxResult refreshCache() { - configService.clearCache(); + configService.resetConfigCache(); return AjaxResult.success(); } } -- Gitblit v1.9.2