From 6b7d16c4004fee88a80721ef65f4fa98c4197976 Mon Sep 17 00:00:00 2001
From: sh <sh@zkr.com>
Date: Wed, 29 Apr 2026 12:03:40 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=BC=8F=E6=B4=9E=EF=BC=88?=
 =?UTF-8?q?=E5=AF=B9=E6=8A=A5=E9=94=99=E4=BF=A1=E6=81=AF=E8=BF=9B=E8=A1=8C?=
 =?UTF-8?q?=E8=87=AA=E5=AE=9A=E4=B9=89=EF=BC=8C=E9=81=BF=E5=85=8D=E6=B3=84?=
 =?UTF-8?q?=E9=9C=B2=E7=B3=BB=E7=BB=9F=E6=95=8F=E6=84=9F=E4=BF=A1=E6=81=AF?=
 =?UTF-8?q?=EF=BC=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../ruoyi/cms/controller/app/AppCompanyContactController.java  | 3 +++
 .../java/com/ruoyi/cms/controller/app/AppFileController.java   | 3 +++
 .../main/java/com/ruoyi/framework/config/SecurityConfig.java   | 2 ++
 3 files changed, 8 insertions(+)

diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppCompanyContactController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppCompanyContactController.java
index 71f8073..2b8aaea 100644
--- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppCompanyContactController.java
+++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppCompanyContactController.java
@@ -37,6 +37,9 @@ public class AppCompanyContactController extends BaseController {
     @ApiOperation("公司联系人列表")
     @GetMapping("/list")
     public TableDataInfo list(CompanyContact companyContact){
+        if(companyContact.getCompanyId()==null){
+            return error(400,"无效的企业id!");
+        }
         List<CompanyContact> list=companyContactService.getSelectList(companyContact);
         return getDataTable(list);
     }
diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppFileController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppFileController.java
index 916c058..f3778bc 100644
--- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppFileController.java
+++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppFileController.java
@@ -38,6 +38,9 @@ public class AppFileController extends BaseController {
     @GetMapping("/list")
     public TableDataInfo list(File file)
     {
+        if(file.getBussinessid()==null){
+            return error(400,"无效的业务id!");
+        }
         List<File> results = fileService.selectFileList(file);
         return getDataTable(results);
     }
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index bc2fa40..536ad9b 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -131,6 +131,8 @@ public class SecurityConfig
                     .antMatchers("/app/fair/**").permitAll()
                     //.antMatchers("/app/**").permitAll()
                     //.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
+                    //正式环境禁用接口
+                    .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**","/app/user/list").denyAll()
                     //放行前端界面
                     .antMatchers("/kashi/job-portal/detail/**").permitAll()
                     // 除上面外的所有请求全部需要鉴权认证