From 80d25863db80001427f796a13d37d2d06135c1d0 Mon Sep 17 00:00:00 2001
From: 若依 <yzz_ivy@163.com>
Date: 星期一, 25 七月 2022 18:32:42 +0800
Subject: [PATCH] !536 防止主键字段名与'row'或'ids'一致导致报错的问题。 Merge pull request !536 from 张政/N/A
---
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
index e9be25e..60d9de0 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
@@ -148,6 +148,7 @@
public AjaxResult edit(@Validated @RequestBody SysUser user)
{
userService.checkUserAllowed(user);
+ userService.checkUserDataScope(user.getUserId());
if (StringUtils.isNotEmpty(user.getPhonenumber())
&& UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
{
@@ -186,6 +187,7 @@
public AjaxResult resetPwd(@RequestBody SysUser user)
{
userService.checkUserAllowed(user);
+ userService.checkUserDataScope(user.getUserId());
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
user.setUpdateBy(getUsername());
return toAjax(userService.resetPwd(user));
@@ -200,6 +202,7 @@
public AjaxResult changeStatus(@RequestBody SysUser user)
{
userService.checkUserAllowed(user);
+ userService.checkUserDataScope(user.getUserId());
user.setUpdateBy(getUsername());
return toAjax(userService.updateUserStatus(user));
}
@@ -227,6 +230,7 @@
@PutMapping("/authRole")
public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
{
+ userService.checkUserDataScope(userId);
userService.insertUserAuth(userId, roleIds);
return success();
}
--
Gitblit v1.9.2