From e089eb5361a3394d6fe22ff9bd33b1980c7ca176 Mon Sep 17 00:00:00 2001 From: OYX-1 <74037789+OYX-1@users.noreply.github.com> Date: Tue, 27 Jan 2026 11:20:42 +0800 Subject: [PATCH 1/5] Update changeEmail.ts --- apps/mis-web/src/pages/api/profile/changeEmail.ts | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/apps/mis-web/src/pages/api/profile/changeEmail.ts b/apps/mis-web/src/pages/api/profile/changeEmail.ts index a8b0b60bdd..e04ef621f0 100644 --- a/apps/mis-web/src/pages/api/profile/changeEmail.ts +++ b/apps/mis-web/src/pages/api/profile/changeEmail.ts @@ -49,7 +49,8 @@ export const ChangeEmailSchema = typeboxRouteSchema({ }); export default /* #__PURE__*/typeboxRoute(ChangeEmailSchema, async (req, res) => { - const auth = authenticate(() => true); + const { userId, newEmail } = req.body; + const auth = authenticate((info) => userId === info.identityId); const info = await auth(req, res); @@ -60,8 +61,6 @@ export default /* #__PURE__*/typeboxRoute(ChangeEmailSchema, async (req, res) => return { 501: null }; } - const { userId, newEmail } = req.body; - const client = getClient(UserServiceClient); return await asyncClientCall(client, "changeEmail", { From 1df7812f85cf7ea18d68f3f75dad90baea3dd4a2 Mon Sep 17 00:00:00 2001 From: OYX-1 <74037789+OYX-1@users.noreply.github.com> Date: Tue, 27 Jan 2026 11:24:32 +0800 Subject: [PATCH 2/5] Create blue-laws-swim.md --- .changeset/blue-laws-swim.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .changeset/blue-laws-swim.md diff --git a/.changeset/blue-laws-swim.md b/.changeset/blue-laws-swim.md new file mode 100644 index 0000000000..0ad75ae8c8 --- /dev/null +++ b/.changeset/blue-laws-swim.md @@ -0,0 +1,5 @@ +--- +"@scow/mis-web": patch +--- + +用户修改邮箱增加校验权限 From 83c0b68d988751b004365ae5427f3542c800f4c9 Mon Sep 17 00:00:00 2001 From: OYX-1 <74037789+OYX-1@users.noreply.github.com> Date: Wed, 28 Jan 2026 15:00:24 +0800 Subject: [PATCH 3/5] Update changeEmail.ts --- apps/mis-web/src/pages/api/profile/changeEmail.ts | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/mis-web/src/pages/api/profile/changeEmail.ts b/apps/mis-web/src/pages/api/profile/changeEmail.ts index e04ef621f0..fca22f5f47 100644 --- a/apps/mis-web/src/pages/api/profile/changeEmail.ts +++ b/apps/mis-web/src/pages/api/profile/changeEmail.ts @@ -29,7 +29,6 @@ export const ChangeEmailSchema = typeboxRouteSchema({ method: "PATCH", body: Type.Object({ - userId:Type.String(), newEmail: Type.String(), }), @@ -49,13 +48,14 @@ export const ChangeEmailSchema = typeboxRouteSchema({ }); export default /* #__PURE__*/typeboxRoute(ChangeEmailSchema, async (req, res) => { - const { userId, newEmail } = req.body; - const auth = authenticate((info) => userId === info.identityId); + const auth = authenticate(() => true); const info = await auth(req, res); if (!info) { return; } - + + const { newEmail } = req.body; + const ldapCapabilities = await getCapabilities(runtimeConfig.AUTH_INTERNAL_URL); if (!ldapCapabilities.changeEmail) { return { 501: null }; @@ -64,7 +64,7 @@ export default /* #__PURE__*/typeboxRoute(ChangeEmailSchema, async (req, res) => const client = getClient(UserServiceClient); return await asyncClientCall(client, "changeEmail", { - userId, + userId:info.identityId, newEmail, }) .then(() => ({ 204: null })) From 2ce92da8871008f99e17d7713af38961517145b0 Mon Sep 17 00:00:00 2001 From: OYX-1 <74037789+OYX-1@users.noreply.github.com> Date: Wed, 28 Jan 2026 15:01:55 +0800 Subject: [PATCH 4/5] Update ChangeEmailModal.tsx --- apps/mis-web/src/pageComponents/profile/ChangeEmailModal.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/mis-web/src/pageComponents/profile/ChangeEmailModal.tsx b/apps/mis-web/src/pageComponents/profile/ChangeEmailModal.tsx index 585255c48e..cb8ec0196f 100644 --- a/apps/mis-web/src/pageComponents/profile/ChangeEmailModal.tsx +++ b/apps/mis-web/src/pageComponents/profile/ChangeEmailModal.tsx @@ -52,7 +52,7 @@ export const ChangeEmailModal: React.FC = ({ const { newEmail } = await form.validateFields(); setLoading(true); - await api.changeEmail({ body: { userId: userStore.user!.identityId, newEmail } }) + await api.changeEmail({ body: { newEmail } }) .httpError(404, () => { message.error(t(p("userNotExist"))); }) .httpError(500, () => { message.error(t(p("changeEmailFail"))); }) .httpError(501, () => { message.error(t(p("unavailable"))); }) From 7937d71a25fedeccd5088d8541f45072dc304ab2 Mon Sep 17 00:00:00 2001 From: OYX-1 <74037789+OYX-1@users.noreply.github.com> Date: Wed, 28 Jan 2026 15:03:24 +0800 Subject: [PATCH 5/5] Update changeEmail.ts --- apps/mis-web/src/pages/api/profile/changeEmail.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/mis-web/src/pages/api/profile/changeEmail.ts b/apps/mis-web/src/pages/api/profile/changeEmail.ts index fca22f5f47..a2251d8430 100644 --- a/apps/mis-web/src/pages/api/profile/changeEmail.ts +++ b/apps/mis-web/src/pages/api/profile/changeEmail.ts @@ -54,13 +54,13 @@ export default /* #__PURE__*/typeboxRoute(ChangeEmailSchema, async (req, res) => if (!info) { return; } - const { newEmail } = req.body; - const ldapCapabilities = await getCapabilities(runtimeConfig.AUTH_INTERNAL_URL); if (!ldapCapabilities.changeEmail) { return { 501: null }; } - + + const { newEmail } = req.body; + const client = getClient(UserServiceClient); return await asyncClientCall(client, "changeEmail", {