From cdb509a4fa10bf32fd1341e04dee7c9c9c7f8c20 Mon Sep 17 00:00:00 2001
From: jenn <244251889@qq.com>
Date: 星期五, 10 三月 2023 21:15:54 +0800
Subject: [PATCH] fix 修复用户相关更新操作会越权的问题

---
 ruoyi-admin/src/main/java/com/ruoyi/web/service/SysLoginService.java |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/service/SysLoginService.java b/ruoyi-admin/src/main/java/com/ruoyi/web/service/SysLoginService.java
index fde2634..c8357cc 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/service/SysLoginService.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/service/SysLoginService.java
@@ -3,6 +3,7 @@
 import cn.dev33.satoken.exception.NotLoginException;
 import cn.dev33.satoken.secure.BCrypt;
 import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.util.ObjectUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.ruoyi.common.core.constant.Constants;
@@ -266,7 +267,7 @@
         loginUser.setMenuPermission(permissionService.getMenuPermission(user.getUserId()));
         loginUser.setRolePermission(permissionService.getRolePermission(user.getUserId()));
         loginUser.setDeptName(ObjectUtil.isNull(user.getDept()) ? "" : user.getDept().getDeptName());
-        List<RoleDTO> roles = MapstructUtils.convert(user.getRoles(), RoleDTO.class);
+        List<RoleDTO> roles = BeanUtil.copyToList(user.getRoles(), RoleDTO.class);
         loginUser.setRoles(roles);
         return loginUser;
     }

--
Gitblit v1.9.3