From 3347ca4d7484d9141b189462e169b2be4d324632 Mon Sep 17 00:00:00 2001
From: 江强 <jiangq@powerlbs.com>
Date: Tue, 27 Jul 2021 09:33:12 +0800
Subject: [PATCH] fix:Issue #I42GRW   修复任意账户越权漏洞

---
 ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
index 7f73813..4ca306d 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
@@ -82,7 +82,7 @@
      * 强退用户
      */
     @PreAuthorize("@ss.hasPermi('monitor:online:forceLogout')")
-    @Log(title = "在线用户", businessType = BusinessType.DELETE)
+    @Log(title = "在线用户", businessType = BusinessType.FORCE)
     @DeleteMapping("/{tokenId}")
     public AjaxResult forceLogout(@PathVariable String tokenId)
     {

--
Gitblit v1.9.2