From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysProfileController.java | 17 +++++++++++------
1 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysProfileController.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysProfileController.java
index 0cdb675..893b381 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysProfileController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysProfileController.java
@@ -3,12 +3,15 @@
import cn.dev33.satoken.secure.BCrypt;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.io.FileUtil;
+import lombok.RequiredArgsConstructor;
import org.dromara.common.core.domain.R;
import org.dromara.common.core.utils.StringUtils;
import org.dromara.common.core.utils.file.MimeTypeUtils;
import org.dromara.common.encrypt.annotation.ApiEncrypt;
+import org.dromara.common.idempotent.annotation.RepeatSubmit;
import org.dromara.common.log.annotation.Log;
import org.dromara.common.log.enums.BusinessType;
+import org.dromara.common.mybatis.helper.DataPermissionHelper;
import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.common.web.core.BaseController;
import org.dromara.system.domain.bo.SysUserBo;
@@ -19,9 +22,7 @@
import org.dromara.system.domain.vo.SysOssVo;
import org.dromara.system.domain.vo.SysUserVo;
import org.dromara.system.service.ISysOssService;
-import org.dromara.system.service.ISysRoleService;
import org.dromara.system.service.ISysUserService;
-import lombok.RequiredArgsConstructor;
import org.springframework.http.MediaType;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
@@ -57,12 +58,14 @@
}
/**
- * 淇敼鐢ㄦ埛
+ * 淇敼鐢ㄦ埛淇℃伅
*/
+ @RepeatSubmit
@Log(title = "涓汉淇℃伅", businessType = BusinessType.UPDATE)
@PutMapping
- public R<Void> updateProfile(@RequestBody SysUserProfileBo profile) {
+ public R<Void> updateProfile(@Validated @RequestBody SysUserProfileBo profile) {
SysUserBo user = BeanUtil.toBean(profile, SysUserBo.class);
+ user.setUserId(LoginHelper.getUserId());
String username = LoginHelper.getUsername();
if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(user)) {
return R.fail("淇敼鐢ㄦ埛'" + username + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
@@ -70,8 +73,8 @@
if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(user)) {
return R.fail("淇敼鐢ㄦ埛'" + username + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
- user.setUserId(LoginHelper.getUserId());
- if (userService.updateUserProfile(user) > 0) {
+ int rows = DataPermissionHelper.ignore(() -> userService.updateUserProfile(user));
+ if (rows > 0) {
return R.ok();
}
return R.fail("淇敼涓汉淇℃伅寮傚父锛岃鑱旂郴绠$悊鍛�");
@@ -82,6 +85,7 @@
*
* @param bo 鏂版棫瀵嗙爜
*/
+ @RepeatSubmit
@ApiEncrypt
@Log(title = "涓汉淇℃伅", businessType = BusinessType.UPDATE)
@PutMapping("/updatePwd")
@@ -106,6 +110,7 @@
*
* @param avatarfile 鐢ㄦ埛澶村儚
*/
+ @RepeatSubmit
@Log(title = "鐢ㄦ埛澶村儚", businessType = BusinessType.UPDATE)
@PostMapping(value = "/avatar", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
public R<AvatarVo> avatar(@RequestPart("avatarfile") MultipartFile avatarfile) {
--
Gitblit v1.9.3