From 20c30d26f8bab22a4cb6b6459962fa92d6da490f Mon Sep 17 00:00:00 2001
From: cy <1664593601@qq.com>
Date: 星期一, 27 十一月 2023 14:20:29 +0800
Subject: [PATCH] feat: 漏洞修改

---
 consum-base/src/main/java/com/consum/base/controller/LWarehouseFlowController.java |   22 ++++++++++++++++++----
 1 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/consum-base/src/main/java/com/consum/base/controller/LWarehouseFlowController.java b/consum-base/src/main/java/com/consum/base/controller/LWarehouseFlowController.java
index 5177428..b55681b 100644
--- a/consum-base/src/main/java/com/consum/base/controller/LWarehouseFlowController.java
+++ b/consum-base/src/main/java/com/consum/base/controller/LWarehouseFlowController.java
@@ -1,5 +1,6 @@
 package com.consum.base.controller;
 
+import cn.hutool.core.util.ReflectUtil;
 import com.consum.base.BaseController;
 import com.consum.base.core.utils.CommonUtil;
 import com.consum.base.core.utils.MapUtils;
@@ -34,7 +35,12 @@
     private LWarehouseFlowService lWarehouseFlowService;
 
     @GetMapping("/list")
-    public ResponseValue queryFormProcureList(LWarehouseFlowParam param) {
+    public ResponseValue queryFormProcureList() {
+        LWarehouseFlowParam param = CommonUtil.getObjFromReq(LWarehouseFlowParam.class);
+        LWarehouseFlowParam param2 = new LWarehouseFlowParam();
+        CommonUtil.copyProperties(param, param2);
+        param = param2;
+
         S_user_core currentUser = this.getCurrentUser();
         if (currentUser == null) {
             return ResponseValue.error("鐧诲綍鐢ㄦ埛淇℃伅涓嶅瓨鍦�");
@@ -47,8 +53,9 @@
         });
         try {
             Field fieldDatas = GenericPager.class.getDeclaredField("datas");
-            fieldDatas.setAccessible(true);
-            fieldDatas.set(genericPager, result);
+//            fieldDatas.setAccessible(true);
+//            fieldDatas.set(genericPager, result);
+            ReflectUtil.setFieldValue(genericPager, fieldDatas, result);
         } catch (Exception e) {
             logger.error(e.getMessage(), e);
         }
@@ -58,7 +65,11 @@
 
 
     @GetMapping("/detail/list")
-    public ResponseValue queryFormProcureList1(LWarehouseFlowParam param) {
+    public ResponseValue queryFormProcureList1() {
+        LWarehouseFlowParam param = CommonUtil.getObjFromReq(LWarehouseFlowParam.class);
+        LWarehouseFlowParam param2 = new LWarehouseFlowParam();
+        CommonUtil.copyProperties(param, param2);
+        param = param2;
         S_user_core currentUser = this.getCurrentUser();
         if (currentUser == null) {
             return ResponseValue.error("鐧诲綍鐢ㄦ埛淇℃伅涓嶅瓨鍦�");
@@ -74,6 +85,9 @@
             return ResponseValue.error("鐧诲綍鐢ㄦ埛淇℃伅涓嶅瓨鍦�");
         }
         LWarehouseFlowParam param = CommonUtil.getObjFromReq(LWarehouseFlowParam.class);
+        LWarehouseFlowParam param2 = new LWarehouseFlowParam();
+        CommonUtil.copyProperties(param, param2);
+        param = param2;
         /*褰撳墠鐧诲綍浜哄彧鑳界湅鍒拌嚜宸辨満鏋勪笅鐨勫垪琛�*/
         FinSysTenantUser sysInfo = this.getSysInfo();
         String tenantId = sysInfo.getTenantId();

--
Gitblit v1.9.1