From a00334acf394915c98ff3538c40543cc36fbbe9a Mon Sep 17 00:00:00 2001 From: "Captain.B" Date: Mon, 11 Jan 2021 11:38:24 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E6=9F=A5=E8=AF=A2?= =?UTF-8?q?=E4=B8=AA=E4=BA=BA=E4=BF=A1=E6=81=AF=E6=97=B6=E8=B6=8A=E6=9D=83?= =?UTF-8?q?=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1089 --- .../main/java/io/metersphere/controller/UserController.java | 3 +++ backend/src/main/java/io/metersphere/xpack | 2 +- frontend/src/business/components/xpack | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/backend/src/main/java/io/metersphere/controller/UserController.java b/backend/src/main/java/io/metersphere/controller/UserController.java index 0548ee872f..7b7da40432 100644 --- a/backend/src/main/java/io/metersphere/controller/UserController.java +++ b/backend/src/main/java/io/metersphere/controller/UserController.java @@ -168,6 +168,9 @@ public class UserController { @GetMapping("/info/{userId}") public UserDTO getUserInfo(@PathVariable(value = "userId") String userId) { + if (!StringUtils.equals(userId, SessionUtils.getUserId())) { + MSException.throwException(Translator.get("not_authorized")); + } return userService.getUserInfo(userId); } diff --git a/backend/src/main/java/io/metersphere/xpack b/backend/src/main/java/io/metersphere/xpack index 9f4a9bbf46..068127ce59 160000 --- a/backend/src/main/java/io/metersphere/xpack +++ b/backend/src/main/java/io/metersphere/xpack @@ -1 +1 @@ -Subproject commit 9f4a9bbf46fc1333dbcccea21f83e27e3ec10b1f +Subproject commit 068127ce59ea8b016434ed52a9de4a7a4b13bdb4 diff --git a/frontend/src/business/components/xpack b/frontend/src/business/components/xpack index 010ad7a5f0..7d43154a7c 160000 --- a/frontend/src/business/components/xpack +++ b/frontend/src/business/components/xpack @@ -1 +1 @@ -Subproject commit 010ad7a5f072a5e9d368c756a2473bbd20781433 +Subproject commit 7d43154a7c19732407a8e9ace8a7d1ea13c91f36