github/dootask
1
0
Fork 0
mirror of https://github.com/kuaifan/dootask.git synced 2026-03-17 11:13:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: 修改/删除账号接口无权限问题修改;根据env文件'SYSTEM_SETTING'变量判断是否能修改/删除账号

Browse Source
This commit is contained in:
韦荣超 2022-07-14 11:01:09 +08:00
parent 1a23fff2ce
commit 16ac8d6b06
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Http/Controllers/Api/SystemController.php
View File

@ -109,10 +109,10 @@ class SystemController extends AbstractController
*/ */
public function setting__email() public function setting__email()
{ {
User::auth('admin');
// //
$type = trim(Request::input('type')); $type = trim(Request::input('type'));
if ($type == 'save') { if ($type == 'save') {
User::auth('admin');
if (env("SYSTEM_SETTING") == 'disabled') { if (env("SYSTEM_SETTING") == 'disabled') {
return Base::retError('当前环境禁止修改'); return Base::retError('当前环境禁止修改');
} }
@ -138,6 +138,7 @@ class SystemController extends AbstractController
} }
$setting = Base::setting('emailSetting', Base::newTrim($all)); $setting = Base::setting('emailSetting', Base::newTrim($all));
} else { } else {
User::auth();
$setting = Base::setting('emailSetting'); $setting = Base::setting('emailSetting');
} }
// //

6
app/Http/Controllers/Api/UsersController.php
View File

@ -1043,6 +1043,9 @@ class UsersController extends AbstractController
public function email__edit() public function email__edit()
{ {
$user = User::auth(); $user = User::auth();
if (env("SYSTEM_SETTING") == 'disabled') {
return Base::retError('当前环境禁止修改');
}
// //
$user->checkSystem(); $user->checkSystem();
// //
@ -1089,6 +1092,9 @@ class UsersController extends AbstractController
public function delete__account() public function delete__account()
{ {
$user = User::auth(); $user = User::auth();
if (env("SYSTEM_SETTING") == 'disabled') {
return Base::retError('当前环境禁止删除');
}
// //
$user->checkSystem(1); $user->checkSystem(1);
// //