From b4f9d3a8f238e3d40d97f0d947b5b4b302d0c04e Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期四, 27 五月 2021 22:06:36 +0800
Subject: [PATCH] update 优化dataScope参数防止注入

---
 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java |    8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java
index 719012b..c3fdf83 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java
@@ -15,12 +15,14 @@
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Map;
 
 /**
  * 閮ㄩ棬淇℃伅
- * 
+ *
  * @author ruoyi
  */
 @RestController
@@ -89,10 +91,10 @@
     public AjaxResult roleDeptTreeselect(@PathVariable("roleId") Long roleId)
     {
         List<SysDept> depts = deptService.selectDeptList(new SysDept());
-        AjaxResult ajax = AjaxResult.success();
+		Map<String,Object> ajax = new HashMap<>();
         ajax.put("checkedKeys", deptService.selectDeptListByRoleId(roleId));
         ajax.put("depts", deptService.buildDeptTreeSelect(depts));
-        return ajax;
+        return AjaxResult.success(ajax);
     }
 
     /**

--
Gitblit v1.9.3