diff --git a/src/application/auth-dept/auth-dept.service.ts b/src/application/auth-dept/auth-dept.service.ts index 49df2f9..6aac690 100644 --- a/src/application/auth-dept/auth-dept.service.ts +++ b/src/application/auth-dept/auth-dept.service.ts @@ -446,6 +446,9 @@ export class AuthDeptService { // DB 修改 private updateDept(id, updateAuthDeptDto: UpdateAuthDeptDto, userId) { + if (id == updateAuthDeptDto.pid) { + throw new HttpException('数据成环,无法设置!', HttpStatus.BAD_REQUEST); + } return this.mysqlService.db .update(pacAuthDept) .set({ diff --git a/src/application/auth-role/auth-role.service.ts b/src/application/auth-role/auth-role.service.ts index e3fa71e..bb85dec 100644 --- a/src/application/auth-role/auth-role.service.ts +++ b/src/application/auth-role/auth-role.service.ts @@ -173,6 +173,10 @@ export class AuthRoleService { } public async update(roleId: string, updateAuthRoleDto: UpdateAuthRoleDto, guardInfo: GuardInfo) { + if (roleId == updateAuthRoleDto.pid) { + throw new HttpException('数据成环,无法设置!', HttpStatus.BAD_REQUEST); + } + // ! 查找角色信息 const roleData = await this.getRoleForRoleId(roleId); diff --git a/src/application/auth-user/auth-user.service.ts b/src/application/auth-user/auth-user.service.ts index 34c173a..c00c271 100644 --- a/src/application/auth-user/auth-user.service.ts +++ b/src/application/auth-user/auth-user.service.ts @@ -576,6 +576,9 @@ export class AuthUserService { // DB 更新账户 private async updateUser(id: string, updateAuthUserDto: UpdateAuthUserDto, guardInfo: GuardInfo) { + if (id == updateAuthUserDto.pid) { + throw new HttpException('数据成环,无法设置!', HttpStatus.BAD_REQUEST); + } const user = await this.mysqlService.db .select({ id: pacAuthUser.userId, pid: pacAuthUser.pid }) .from(pacAuthUser) diff --git a/src/application/core-dict/core-dict.service.ts b/src/application/core-dict/core-dict.service.ts index db882cd..e63971a 100644 --- a/src/application/core-dict/core-dict.service.ts +++ b/src/application/core-dict/core-dict.service.ts @@ -152,6 +152,10 @@ export class CoreDictService { throw new HttpException('没有权限修改原始字典!', HttpStatus.UNAUTHORIZED); } + if (dictId == updateCoreDictDto.pid) { + throw new HttpException('数据成环,无法设置!', HttpStatus.BAD_REQUEST); + } + // ! 产看目标字典是否存在 const oldDict = await this.getMore(dictId); if (oldDict.length == 0) throw new HttpException('未找到目标字典,无法修改!', HttpStatus.BAD_REQUEST); diff --git a/src/application/core-env/core-env.service.ts b/src/application/core-env/core-env.service.ts index 96ea214..f4d3551 100644 --- a/src/application/core-env/core-env.service.ts +++ b/src/application/core-env/core-env.service.ts @@ -150,6 +150,9 @@ export class CoreEnvService { if (this.config.get('masterId') != guardInfo.userId && updateCoreEnvDto.root !== undefined) { throw new HttpException('没有权限修改原始字典!', HttpStatus.UNAUTHORIZED); } + if (envId == updateCoreEnvDto.pid) { + throw new HttpException('数据成环,无法设置!', HttpStatus.BAD_REQUEST); + } // ! 查变量是否存在 const oldEnv = await this.getMore(envId); diff --git a/src/application/core-menu/core-menu.service.ts b/src/application/core-menu/core-menu.service.ts index f496088..693829d 100644 --- a/src/application/core-menu/core-menu.service.ts +++ b/src/application/core-menu/core-menu.service.ts @@ -115,7 +115,12 @@ export class CoreMenuService { throw new HttpException('没有权限删除菜单!', HttpStatus.UNAUTHORIZED); } + if (id == updateCoreMenuDto.pid) { + throw new HttpException('数据成环,无法设置!', HttpStatus.BAD_REQUEST); + } + // ! 写入数据 + return this.updateMenuData(id, updateCoreMenuDto, guardInfo); } public async remove(id: string, guardInfo: GuardInfo) {