zhangyuheng/Dominion
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 144 Wiki Activity

修复领地所有者可以被添加为领地成员的漏洞
All checks were successful
Java CI-CD with Gradle / build (push) Successful in 15m10s
Details

Browse Source
This commit is contained in:
zhangyuheng 2024-08-12 19:38:39 +08:00
parent 7f04300fc3
commit 16d2ae73d8
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build.gradle.kts
View File

@ -4,7 +4,7 @@ plugins {
}
group = "cn.lunadeer"
version = "2.1.16-beta"
version = "2.1.17-beta"
java {
toolchain.languageVersion.set(JavaLanguageVersion.of(21))

4
core/src/main/java/cn/lunadeer/dominion/controllers/MemberController.java
View File

@ -100,6 +100,10 @@ public class MemberController {
operator.setResponse(FAIL.addMessage("玩家 %s 不存在或没有登录过", player_name));
return;
}
if (dominion.getOwner().equals(player.getUuid())) {
operator.setResponse(FAIL.addMessage("玩家 %s 是领地 %s 的拥有者,不可以被添加为成员", player_name, dominionName));
return;
}
MemberDTO privilege = MemberDTO.select(player.getUuid(), dominion.getId());
if (privilege != null) {
operator.setResponse(FAIL.addMessage("玩家 %s 已经是领地 %s 的成员", player_name, dominionName));