调整了前端接口调用防止越权

Author: piexlmax

web/src/api/user.js

@@ -111,6 +111,22 @@ export const setUserInfo = (data) => {
   })
 }
 
+// @Tags SysUser
+// @Summary 设置用户信息
+// @Security ApiKeyAuth
+// @accept application/json
+// @Produce application/json
+// @Param data body model.SysUser true "设置用户信息"
+// @Success 200 {string} string "{"success":true,"data":{},"msg":"修改成功"}"
+// @Router /user/setSelfInfo [put]
+export const setSelfInfo = (data) => {
+  return service({
+    url: '/user/setSelfInfo',
+    method: 'put',
+    data: data
+  })
+}
+
 // @Tags User
 // @Summary 设置用户权限
 // @Security ApiKeyAuth

web/src/components/chooseImg/index.vue

@@ -22,7 +22,7 @@
 import { ref } from 'vue'
 import { getFileList } from '@/api/fileUploadAndDownload'
 
-const emit = defineEmits(['chooseImg'])
+const emit = defineEmits(['enterImg'])
 defineProps({
   target: {
     type: Object,
@@ -42,7 +42,7 @@ const chooseImg = (url, target, targetKey) => {
   if (target && targetKey) {
     target[targetKey] = url
   }
-  emit('enter-img', url)
+  emit('enterImg', url)
   drawer.value = false
 }
 

web/src/pinia/modules/user.js

@@ -1,4 +1,4 @@
-import { login, getUserInfo, setUserInfo as setUserInfoApi } from '@/api/user'
+import { login, getUserInfo, setSelfInfo } from '@/api/user'
 import { jsonInBlacklist } from '@/api/jwt'
 import router from '@/router/index'
 import { ElMessage } from 'element-plus'
@@ -74,7 +74,7 @@ export const useUserStore = defineStore('user', () => {
   }
   /* 设置侧边栏模式*/
   const changeSideMode = async(data) => {
-    const res = await setUserInfoApi({ sideMode: data, ID: userInfo.value.ID })
+    const res = await setSelfInfo({ sideMode: data })
     if (res.code === 0) {
       userInfo.value.sideMode = data
       ElMessage({

web/src/view/person/person.vue

@@ -178,7 +178,7 @@ export default {
 
 <script setup>
 import ChooseImg from '@/components/chooseImg/index.vue'
-import { setUserInfo, changePassword } from '@/api/user.js'
+import { setSelfInfo, changePassword } from '@/api/user.js'
 import { reactive, ref } from 'vue'
 import { ElMessage } from 'element-plus'
 import { useUserStore } from '@/pinia/modules/user'
@@ -249,13 +249,10 @@ const openChooseImg = () => {
   chooseImgRef.value.open()
 }
 
-const ResetUserInfo = (data) => {
-  userStore.ResetUserInfo(data)
-}
 const enterImg = async(url) => {
-  const res = await setUserInfo({ headerImg: url, ID: userStore.userInfo.ID })
+  const res = await setSelfInfo({ headerImg: url })
   if (res.code === 0) {
-    ResetUserInfo({ headerImg: url })
+    userStore.ResetUserInfo({ headerImg: url })
     ElMessage({
       type: 'success',
       message: '设置成功',
@@ -274,12 +271,11 @@ const closeEdit = () => {
 }
 
 const enterEdit = async() => {
-  const res = await setUserInfo({
-    nickName: nickName.value,
-    ID: userStore.userInfo.ID,
+  const res = await setSelfInfo({
+    nickName: nickName.value
   })
   if (res.code === 0) {
-    ResetUserInfo({ nickName: nickName.value })
+    userStore.ResetUserInfo({ nickName: nickName.value })
     ElMessage({
       type: 'success',
       message: '设置成功',