From 4095a1b6ee3ed943a228bca40304fe8dd6afb0ad Mon Sep 17 00:00:00 2001
From: Ricky <hk_ricky@163.com>
Date: 星期二, 27 七月 2021 10:08:04 +0800
Subject: [PATCH] !275 fix Issue #I42GRW 任意账户越权漏洞 Merge pull request !275 from lagXkjy/master

---
 ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml |    6 +-----
 1 files changed, 1 insertions(+), 5 deletions(-)

diff --git a/ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml b/ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml
index 0a8bc70..7e3ab1e 100644
--- a/ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml
+++ b/ruoyi-system/src/main/resources/mapper/system/SysRoleMapper.xml
@@ -135,12 +135,8 @@
  		where role_id = #{roleId}
 	</update>
 	
-	<update id="updateRoleStatus" parameterType="SysRole">
- 		update sys_user set status = #{status} where user_id = #{userId}
-	</update>
-	
 	<delete id="deleteRoleById" parameterType="Long">
- 		delete from sys_role where role_id = #{roleId}
+		update sys_role set del_flag = '2' where role_id = #{roleId}
  	</delete>
  	
  	<delete id="deleteRoleByIds" parameterType="Long">

--
Gitblit v1.9.2