From 9502203bbee72439c8f54aa692958f443a2ceeeb Mon Sep 17 00:00:00 2001
From: 若依 <yzz_ivy@163.com>
Date: 星期日, 14 三月 2021 16:32:07 +0800
Subject: [PATCH] !187 【漏洞修复】升级commons-collections版本，解决3.2.1版本的反序列化漏洞问题 Merge pull request !187 from Delusive/master

---
 ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml |    8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml b/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
index 36c2aa5..cdc26f4 100644
--- a/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
+++ b/ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
@@ -44,12 +44,14 @@
 		order by d.parent_id, d.order_num
     </select>
     
-    <select id="selectDeptListByRoleId" parameterType="Long" resultType="Integer">
-		select d.dept_id, d.parent_id
+    <select id="selectDeptListByRoleId" resultType="Integer">
+		select d.dept_id
 		from sys_dept d
             left join sys_role_dept rd on d.dept_id = rd.dept_id
         where rd.role_id = #{roleId}
-        	and d.dept_id not in (select d.parent_id from sys_dept d inner join sys_role_dept rd on d.dept_id = rd.dept_id and rd.role_id = #{roleId})
+            <if test="deptCheckStrictly">
+              and d.dept_id not in (select d.parent_id from sys_dept d inner join sys_role_dept rd on d.dept_id = rd.dept_id and rd.role_id = #{roleId})
+            </if>
 		order by d.parent_id, d.order_num
 	</select>
     

--
Gitblit v1.9.2