From cdb509a4fa10bf32fd1341e04dee7c9c9c7f8c20 Mon Sep 17 00:00:00 2001
From: jenn <244251889@qq.com>
Date: 星期五, 10 三月 2023 21:15:54 +0800
Subject: [PATCH] fix 修复用户相关更新操作会越权的问题

---
 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysPostController.java |   42 +++++++++++++++++++++---------------------
 1 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysPostController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysPostController.java
index b0235a2..88027a6 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysPostController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysPostController.java
@@ -1,21 +1,21 @@
 package com.ruoyi.system.controller.system;
 
 import cn.dev33.satoken.annotation.SaCheckPermission;
-import com.ruoyi.common.log.annotation.Log;
-import com.ruoyi.common.core.constant.UserConstants;
-import com.ruoyi.common.web.core.BaseController;
-import com.ruoyi.common.mybatis.core.page.PageQuery;
 import com.ruoyi.common.core.domain.R;
-import com.ruoyi.common.mybatis.core.page.TableDataInfo;
-import com.ruoyi.common.log.enums.BusinessType;
 import com.ruoyi.common.excel.utils.ExcelUtil;
-import com.ruoyi.system.domain.SysPost;
+import com.ruoyi.common.log.annotation.Log;
+import com.ruoyi.common.log.enums.BusinessType;
+import com.ruoyi.common.mybatis.core.page.PageQuery;
+import com.ruoyi.common.mybatis.core.page.TableDataInfo;
+import com.ruoyi.common.web.core.BaseController;
+import com.ruoyi.system.domain.bo.SysPostBo;
+import com.ruoyi.system.domain.vo.SysPostVo;
 import com.ruoyi.system.service.ISysPostService;
+import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
-import jakarta.servlet.http.HttpServletResponse;
 import java.util.List;
 
 /**
@@ -36,7 +36,7 @@
      */
     @SaCheckPermission("system:post:list")
     @GetMapping("/list")
-    public TableDataInfo<SysPost> list(SysPost post, PageQuery pageQuery) {
+    public TableDataInfo<SysPostVo> list(SysPostBo post, PageQuery pageQuery) {
         return postService.selectPagePostList(post, pageQuery);
     }
 
@@ -46,9 +46,9 @@
     @Log(title = "宀椾綅绠＄悊", businessType = BusinessType.EXPORT)
     @SaCheckPermission("system:post:export")
     @PostMapping("/export")
-    public void export(SysPost post, HttpServletResponse response) {
-        List<SysPost> list = postService.selectPostList(post);
-        ExcelUtil.exportExcel(list, "宀椾綅鏁版嵁", SysPost.class, response);
+    public void export(SysPostBo post, HttpServletResponse response) {
+        List<SysPostVo> list = postService.selectPostList(post);
+        ExcelUtil.exportExcel(list, "宀椾綅鏁版嵁", SysPostVo.class, response);
     }
 
     /**
@@ -58,7 +58,7 @@
      */
     @SaCheckPermission("system:post:query")
     @GetMapping(value = "/{postId}")
-    public R<SysPost> getInfo(@PathVariable Long postId) {
+    public R<SysPostVo> getInfo(@PathVariable Long postId) {
         return R.ok(postService.selectPostById(postId));
     }
 
@@ -68,10 +68,10 @@
     @SaCheckPermission("system:post:add")
     @Log(title = "宀椾綅绠＄悊", businessType = BusinessType.INSERT)
     @PostMapping
-    public R<Void> add(@Validated @RequestBody SysPost post) {
-        if (UserConstants.NOT_UNIQUE.equals(postService.checkPostNameUnique(post))) {
+    public R<Void> add(@Validated @RequestBody SysPostBo post) {
+        if (!postService.checkPostNameUnique(post)) {
             return R.fail("鏂板宀椾綅'" + post.getPostName() + "'澶辫触锛屽矖浣嶅悕绉板凡瀛樺湪");
-        } else if (UserConstants.NOT_UNIQUE.equals(postService.checkPostCodeUnique(post))) {
+        } else if (!postService.checkPostCodeUnique(post)) {
             return R.fail("鏂板宀椾綅'" + post.getPostName() + "'澶辫触锛屽矖浣嶇紪鐮佸凡瀛樺湪");
         }
         return toAjax(postService.insertPost(post));
@@ -83,10 +83,10 @@
     @SaCheckPermission("system:post:edit")
     @Log(title = "宀椾綅绠＄悊", businessType = BusinessType.UPDATE)
     @PutMapping
-    public R<Void> edit(@Validated @RequestBody SysPost post) {
-        if (UserConstants.NOT_UNIQUE.equals(postService.checkPostNameUnique(post))) {
+    public R<Void> edit(@Validated @RequestBody SysPostBo post) {
+        if (!postService.checkPostNameUnique(post)) {
             return R.fail("淇敼宀椾綅'" + post.getPostName() + "'澶辫触锛屽矖浣嶅悕绉板凡瀛樺湪");
-        } else if (UserConstants.NOT_UNIQUE.equals(postService.checkPostCodeUnique(post))) {
+        } else if (!postService.checkPostCodeUnique(post)) {
             return R.fail("淇敼宀椾綅'" + post.getPostName() + "'澶辫触锛屽矖浣嶇紪鐮佸凡瀛樺湪");
         }
         return toAjax(postService.updatePost(post));
@@ -108,8 +108,8 @@
      * 鑾峰彇宀椾綅閫夋嫨妗嗗垪琛�
      */
     @GetMapping("/optionselect")
-    public R<List<SysPost>> optionselect() {
-        List<SysPost> posts = postService.selectPostAll();
+    public R<List<SysPostVo>> optionselect() {
+        List<SysPostVo> posts = postService.selectPostAll();
         return R.ok(posts);
     }
 }

--
Gitblit v1.9.3