增加防御代码，防止恶意攻击(优化)

2021-08-22 18:48:02 +08:00
parent 95dfcbead3
commit d21e6a4ffe
2 changed files with 0 additions and 23 deletions
--- a/jshERP-boot/src/main/java/com/jsh/erp/controller/SupplierController.java
+++ b/jshERP-boot/src/main/java/com/jsh/erp/controller/SupplierController.java
@@ -52,26 +52,6 @@ public class SupplierController {
    @Resource
    private UserService userService;

-    /**
-     * 更新供应商-只更新预付款，其余用原来的值
-     * @param supplierId
-     * @param advanceIn
-     * @param request
-     * @return
-     */
-    @PostMapping(value = "/updateAdvanceIn")
-    public String updateAdvanceIn(@RequestParam("supplierId") Long supplierId,
-                                            @RequestParam("advanceIn") BigDecimal advanceIn,
-                                            HttpServletRequest request)throws Exception {
-        Map<String, Object> objectMap = new HashMap<String, Object>();
-        int res = supplierService.updateAdvanceIn(supplierId, advanceIn);
-        if(res > 0) {
-            return returnJson(objectMap, ErpInfo.OK.name, ErpInfo.OK.code);
-        } else {
-            return returnJson(objectMap, ErpInfo.ERROR.name, ErpInfo.ERROR.code);
-        }
-    }
-
    /**
     * 查找客户信息-下拉框
     * @param request
--- a/jshERP-boot/src/main/java/com/jsh/erp/service/supplier/SupplierService.java
+++ b/jshERP-boot/src/main/java/com/jsh/erp/service/supplier/SupplierService.java
@@ -240,9 +240,6 @@ public class SupplierService {

    @Transactional(value = "transactionManager", rollbackFor = Exception.class)
    public int updateAdvanceIn(Long supplierId, BigDecimal advanceIn)throws Exception{
-        logService.insertLog("商家",
-                new StringBuffer(BusinessConstants.LOG_OPERATION_TYPE_EDIT).append(supplierId).toString(),
-                ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest());
        Supplier supplier=null;
        try{
            supplier = supplierMapper.selectByPrimaryKey(supplierId);