Open Gotric opened 5 years ago
if (current_user.email not in email_dict['owner']) and (current_user.email != email_dict['department_manager']): abort(403)
if (current_user.email.lower() not in email_dict['owner']) and (current_user.email != email_dict['department_manager']): abort(403)
insight/srcpm/app/src/views.py 漏洞列表、漏洞详细、漏洞操作的权限校验部分,由于email_dict['owner']做了小写处理,当注册用户邮件填写的是大写时,会触发弹403界面。
请改为将current_user.email做小写处理,