gitee
/
django-vue-admin
mirror of https://gitee.com/liqianglog/django-vue-admin
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update backend/dvadmin/system/views/user.py. 

修改URL样式,,,另外此处密码修改和密码重置使用id进行判断用户可能存在越权?作者确认下
pull/61/head
chuanwei 2022-05-31 01:21:06 +00:00 committed by Gitee
parent b7114880ff
commit 5454e1e823
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
backend/dvadmin/system/views/user.py
View File

@ -229,7 +229,7 @@ class UserViewSet(CustomModelViewSet):
"role": "角色ID", "role": "角色ID",
} }
@action(methods=["GET"], detail=True, permission_classes=[IsAuthenticated]) @action(methods=["GET"], detail=False, permission_classes=[IsAuthenticated])
def user_info(self, request): def user_info(self, request):
"""获取当前用户信息""" """获取当前用户信息"""
user = request.user user = request.user
@ -242,7 +242,7 @@ class UserViewSet(CustomModelViewSet):
} }
return DetailResponse(data=result, msg="获取成功") return DetailResponse(data=result, msg="获取成功")
@action(methods=["PUT"], detail=True, permission_classes=[IsAuthenticated]) @action(methods=["PUT"], detail=False, permission_classes=[IsAuthenticated])
def update_user_info(self, request): def update_user_info(self, request):
"""修改当前用户信息""" """修改当前用户信息"""
user = request.user user = request.user