clunt
/
RuoYi-Cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sysusercontrolelr 删除无效注释

This commit is contained in:
duandazhi 2021-07-28 14:37:12 +08:00
parent d8a899f0e9
commit 245854b3e3
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
View File

@ -157,7 +157,6 @@ public class SysUserController extends BaseController
return AjaxResult.error("userId不能为空"); return AjaxResult.error("userId不能为空");
} }
// 用户信息可以被爆破 dazer // 用户信息可以被爆破 dazer
//安全漏洞测试fix增加防止越权的操作不法分子可能通过修改 userid 抓取修改删除重置 任意用户敏感信息 (1 getInfo)
if (!this.checkUserIdAllowed(userId)) { if (!this.checkUserIdAllowed(userId)) {
return AjaxResult.error("请勿非法操作你无权操作该用户userId = " + userId ); return AjaxResult.error("请勿非法操作你无权操作该用户userId = " + userId );
} }