Skip to content

G
gdtel-gztel-school-center
Commit cfe1cf8f by 罗承锋
Options

修改部分代码审计问题,提交审计结果

parent 6b2c737d
Showing with 2 additions and 5 deletions
service-manager/src/main/java/com/winsun/controller/LzKpiController.java
...@@ -523,9 +523,6 @@ public class LzKpiController extends BaseController { ...@@ -523,9 +523,6 @@ public class LzKpiController extends BaseController {
if (!StringUtils.endsWithAny(file.getOriginalFilename(), "xlsx", "xls")) { if (!StringUtils.endsWithAny(file.getOriginalFilename(), "xlsx", "xls")) {
return ResponseData.error("手工上传数据仅支持Excel文件,其他格式不支持!"); return ResponseData.error("手工上传数据仅支持Excel文件,其他格式不支持!");
} }
if ( (double)file.getSize()/1048576 > 100) {
return ResponseData.error("文件过大,无法上传");
}
ShiroUser user = getShiroUser(); ShiroUser user = getShiroUser();
// 当前是否有数据权限 // 当前是否有数据权限
boolean hasDataPermission = user.getRoleNames().stream().anyMatch(data -> StringUtils.equalsAny(data, "活动上单员", "数据管理员", "超级管理员")); boolean hasDataPermission = user.getRoleNames().stream().anyMatch(data -> StringUtils.equalsAny(data, "活动上单员", "数据管理员", "超级管理员"));
......
service-manager/src/main/java/com/winsun/controller/SchoolManagementController.java
...@@ -257,8 +257,8 @@ public class SchoolManagementController extends BaseController { ...@@ -257,8 +257,8 @@ public class SchoolManagementController extends BaseController {
if ( (double)file.getSize()/1048576 > 100) { if ( (double)file.getSize()/1048576 > 100) {
return ResponseData.error("图片过大,无法上传"); return ResponseData.error("图片过大,无法上传");
} }
School school1 = schoolMapper.selectById(id);
File savePath = new File(backgroundpath, id + FILENAME); File savePath = new File(backgroundpath, school1.getId() + FILENAME);
OutputStream os = null; OutputStream os = null;
try { try {
os = new FileOutputStream(savePath); os = new FileOutputStream(savePath);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment