From bb6e904258e8fb2afead0dbb021f7e7f4ad5b2b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=8E=8B=E7=82=9C=E7=BF=94?= <2307953404@qq.com>
Date: Wed, 19 Feb 2025 21:22:03 +0800
Subject: [PATCH] 1

---
 asg_form/Controllers/BlackController.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/asg_form/Controllers/BlackController.cs b/asg_form/Controllers/BlackController.cs
index afae3e5..5dc16aa 100644
--- a/asg_form/Controllers/BlackController.cs
+++ b/asg_form/Controllers/BlackController.cs
@@ -64,7 +64,7 @@ namespace asg_form.Controllers
         {
             string userId = this.User.FindFirst(ClaimTypes.NameIdentifier)!.Value;
             var user = await userManager.FindByIdAsync(userId);
-            if (!this.User.FindAll(ClaimTypes.Role).Any(a => a.Value == "nbadmin")||!this.User.FindAll(ClaimTypes.Role).Any(a => a.Value == "admin"))
+            if (!this.User.FindAll(ClaimTypes.Role).Any(a => a.Value == "nbadmin")&&!this.User.FindAll(ClaimTypes.Role).Any(a => a.Value == "admin"))
             {
                 return Ok(new error_mb { code = 401, message = "无权访问" });
             }
@@ -113,7 +113,7 @@ namespace asg_form.Controllers
         {
             string userId = this.User.FindFirst(ClaimTypes.NameIdentifier)!.Value;
             var user = await userManager.FindByIdAsync(userId);
-            if (!this.User.FindAll(ClaimTypes.Role).Any(a => a.Value == "nbadmin") || !this.User.FindAll(ClaimTypes.Role).Any(a => a.Value == "admin"))
+            if (!this.User.FindAll(ClaimTypes.Role).Any(a => a.Value == "nbadmin") && !this.User.FindAll(ClaimTypes.Role).Any(a => a.Value == "admin"))
             {
                 return Ok(new error_mb { code = 401, message = "无权访问" });
             }