修复接口ApiDescriptionSettings(false)存在安全隐患

Admin.NET/Admin.NET.Core/Service/Auth/SysAuthService.cs

@@ -120,7 +120,7 @@ public class SysAuthService : IDynamicApiController, ITransient
     /// </summary>
     /// <param name="user"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task<string> CreateToken(SysUser user)
     {
         var tokenExpire = await _sysConfigService.GetTokenExpire();

Admin.NET/Admin.NET.Core/Service/Cache/SysCacheService.cs

@@ -38,7 +38,7 @@ public class SysCacheService : IDynamicApiController, ISingleton
     /// <param name="key"></param>
     /// <param name="value"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public bool Set(string key, object value)
     {
         return _cache.Set(key, value);
@@ -51,7 +51,7 @@ public class SysCacheService : IDynamicApiController, ISingleton
     /// <param name="value"></param>
     /// <param name="expire"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public bool Set(string key, object value, TimeSpan expire)
     {
         return _cache.Set(key, value, expire);
@@ -63,7 +63,7 @@ public class SysCacheService : IDynamicApiController, ISingleton
     /// <typeparam name="T"></typeparam>
     /// <param name="key"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public T Get<T>(string key)
     {
         return _cache.Get<T>(key);
@@ -86,7 +86,7 @@ public class SysCacheService : IDynamicApiController, ISingleton
     /// </summary>
     /// <param name="key">键</param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public bool ExistKey(string key)
     {
         return _cache.ContainsKey(key);

Admin.NET/Admin.NET.Core/Service/CodeGen/SysCodeGenConfigService.cs

@@ -60,7 +60,7 @@ public class SysCodeGenConfigService : IDynamicApiController, ITransient
     /// </summary>
     /// <param name="codeGenId"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task DeleteCodeGenConfig(long codeGenId)
     {
         await _db.Deleteable<SysCodeGenConfig>().Where(u => u.CodeGenId == codeGenId).ExecuteCommandAsync();
@@ -82,7 +82,7 @@ public class SysCodeGenConfigService : IDynamicApiController, ITransient
     /// </summary>
     /// <param name="tableColumnOuputList"></param>
     /// <param name="codeGenerate"></param>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public void AddList(List<ColumnOuput> tableColumnOuputList, SysCodeGen codeGenerate)
     {
         if (tableColumnOuputList == null) return;

Admin.NET/Admin.NET.Core/Service/Config/SysConfigService.cs

@@ -141,7 +141,7 @@ public class SysConfigService : IDynamicApiController, ITransient
     /// </summary>
     /// <param name="code"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task<T> GetConfigValue<T>(string code)
     {
         var value = _sysCacheService.Get<string>(code);
@@ -169,7 +169,7 @@ public class SysConfigService : IDynamicApiController, ITransient
     /// 获取 Token 过期时间
     /// </summary>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task<int> GetTokenExpire()
     {
         var tokenExpireStr = await GetConfigValue<string>(CommonConst.SysTokenExpire);
@@ -181,7 +181,7 @@ public class SysConfigService : IDynamicApiController, ITransient
     /// 获取 RefreshToken 过期时间
     /// </summary>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task<int> GetRefreshTokenExpire()
     {
         var refreshTokenExpireStr = await GetConfigValue<string>(CommonConst.SysRefreshTokenExpire);

Admin.NET/Admin.NET.Core/Service/Dict/SysDictDataService.cs

@@ -136,7 +136,7 @@ public class SysDictDataService : IDynamicApiController, ITransient
     /// </summary>
     /// <param name="dictTypeId"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task<List<SysDictData>> GetDictDataListByDictTypeId(long dictTypeId)
     {
         return await _sysDictDataRep.AsQueryable()
@@ -178,7 +178,7 @@ public class SysDictDataService : IDynamicApiController, ITransient
     /// </summary>
     /// <param name="dictTypeId"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task DeleteDictData(long dictTypeId)
     {
         await _sysDictDataRep.DeleteAsync(u => u.DictTypeId == dictTypeId);

Admin.NET/Admin.NET.Core/Service/Menu/SysMenuService.cs

@@ -230,7 +230,7 @@ public class SysMenuService : IDynamicApiController, ITransient
     /// 获取系统所有按钮权限集合（缓存）
     /// </summary>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task<List<string>> GetAllBtnPermList()
     {
         var permissions = _sysCacheService.Get<List<string>>(CacheConst.KeyUserButton + 0);

Admin.NET/Admin.NET.Core/Service/Notice/SysNoticeService.cs

@@ -171,7 +171,7 @@ public class SysNoticeService : IDynamicApiController, ITransient
     /// 初始化通知公告信息
     /// </summary>
     /// <param name="notice"></param>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     private void InitNoticeInfo(SysNotice notice)
     {
         notice.PublicUserId = _userManager.UserId;

Admin.NET/Admin.NET.Core/Service/OnlineUser/SysOnlineUserService.cs

@@ -62,7 +62,7 @@ public class SysOnlineUserService : IDynamicApiController, ITransient
     /// <param name="notice"></param>
     /// <param name="userIds"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task PublicNotice(SysNotice notice, List<long> userIds)
     {
         var userList = await _sysOnlineUerRep.GetListAsync(m => userIds.Contains(m.UserId));
@@ -78,7 +78,7 @@ public class SysOnlineUserService : IDynamicApiController, ITransient
     /// 单用户登录
     /// </summary>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task SignleLogin(long userId)
     {
         if (await _sysConfigService.GetConfigValue<bool>(CommonConst.SysSingleLogin))

Admin.NET/Admin.NET.Core/Service/Org/SysOrgService.cs

@@ -232,7 +232,7 @@ public class SysOrgService : IDynamicApiController, ITransient
     /// 根据用户Id获取机构Id集合
     /// </summary>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task<List<long>> GetUserOrgIdList()
     {
         if (_userManager.SuperAdmin)
@@ -340,7 +340,7 @@ public class SysOrgService : IDynamicApiController, ITransient
     /// </summary>
     /// <param name="pid"></param>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task<List<long>> GetChildIdListWithSelfById(long pid)
     {
         var orgTreeList = await _sysOrgRep.AsQueryable().ToChildListAsync(u => u.Pid, pid, true);

Admin.NET/Admin.NET.Core/Service/Tenant/SysTenantService.cs

@@ -93,7 +93,7 @@ public class SysTenantService : IDynamicApiController, ITransient
     /// 获取库隔离的租户列表
     /// </summary>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task<List<SysTenant>> GetTenantDbList()
     {
         return await _sysTenantRep.GetListAsync(u => u.TenantType == TenantTypeEnum.Db && u.Status == StatusEnum.Enable);
@@ -341,7 +341,7 @@ public class SysTenantService : IDynamicApiController, ITransient
     /// 缓存所有租户
     /// </summary>
     /// <returns></returns>
-    [ApiDescriptionSettings(false)]
+    [NonAction]
     public async Task UpdateTenantCache()
     {
         _sysCacheService.Remove(CacheConst.KeyTenant);