fix: 修复查询个人信息时越权的问题

Closes #1089

backend/src/main/java/io/metersphere/controller/UserController.java

@@ -168,6 +168,9 @@ public class UserController {
 
     @GetMapping("/info/{userId}")
     public UserDTO getUserInfo(@PathVariable(value = "userId") String userId) {
+        if (!StringUtils.equals(userId, SessionUtils.getUserId())) {
+            MSException.throwException(Translator.get("not_authorized"));
+        }
         return userService.getUserInfo(userId);
     }
 

backend/src/main/java/io/metersphere/xpack

@@ -1 +1 @@
-Subproject commit 9f4a9bbf46fc1333dbcccea21f83e27e3ec10b1f
+Subproject commit 068127ce59ea8b016434ed52a9de4a7a4b13bdb4

frontend/src/business/components/xpack

@@ -1 +1 @@
-Subproject commit 010ad7a5f072a5e9d368c756a2473bbd20781433
+Subproject commit 7d43154a7c19732407a8e9ace8a7d1ea13c91f36