From c8d94da4fb66daff6fd5c19635c9f545af2e3ceb Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期六, 17 六月 2023 22:38:06 +0800
Subject: [PATCH] fix 修复 用户篡改管理员角色标识符越权问题

---
 ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java |    4 +---
 1 files changed, 1 insertions(+), 3 deletions(-)

diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java
index 57d562f..c8f6327 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysUserServiceImpl.java
@@ -330,9 +330,7 @@
     @Override
     @Transactional(rollbackFor = Exception.class)
     public void insertUserAuth(Long userId, Long[] roleIds) {
-        userRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>()
-            .eq(SysUserRole::getUserId, userId));
-        insertUserRole(userId, roleIds, false);
+        insertUserRole(userId, roleIds, true);
     }
 
     /**

--
Gitblit v1.9.3