fixed 解决安全问题访问附件，id改为uuid,id查询修改

app/services/api/v1/issues/concerns/checkable.rb

@@ -31,7 +31,7 @@ module Api::V1::Issues::Concerns::Checkable
   def check_attachments (attachment_ids)
     raise ApplicationService::Error, "请输入正确的附件ID数组！" unless attachment_ids.is_a?(Array)
     attachment_ids.each do |aid|
-      raise ApplicationService::Error, "请输入正确的附件ID！" unless Attachment.where("id=? or uuid=?", aid, aid).exists?
+      raise ApplicationService::Error, "请输入正确的附件ID！" unless Attachment.where_id_or_uuid(aid).exists?
     end
   end