From 4b26e3b108dff9a96873a66aa20e94096e68e4cb Mon Sep 17 00:00:00 2001
From: 无关风月 <443237572@qq.com>
Date: 星期四, 23 一月 2025 18:30:25 +0800
Subject: [PATCH] bug修改
---
ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java | 44 +++++++++++++++++++++++++++++++++++++++++---
1 files changed, 41 insertions(+), 3 deletions(-)
diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java
index a1649f7..9f1b596 100644
--- a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java
@@ -17,6 +17,8 @@
import com.ruoyi.common.core.utils.OrderCodeUtil;
import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.PageInfo;
+import com.ruoyi.common.security.annotation.Logical;
+import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.order.api.model.TChargingOrderRefund;
import com.ruoyi.order.api.model.TExchangeOrder;
@@ -113,6 +115,7 @@
}
}
+ @RequiresPermissions(value = {"/shoppingOrder"}, logical = Logical.OR)
@PostMapping("/getShoppingOrderList")
@ApiOperation(value = "列表查询", tags = {"管理后台-购物订单"})
public AjaxResult<PageInfo<TShoppingOrder>> getShoppingOrderList(@RequestBody ShoppingOrderQuery query) {
@@ -136,6 +139,7 @@
return AjaxResult.success(res);
}
+ @RequiresPermissions(value = {"/shoppingOrder/deliver_goods"}, logical = Logical.OR)
@GetMapping("/getShoppingOrderInfoById")
@ApiOperation(value = "根据订单id查看订单详情", tags = {"管理后台-购物订单"})
public AjaxResult<TShoppingOrder> getShoppingOrderList(String id) {
@@ -176,13 +180,17 @@
return AjaxResult.success(byId);
}
+
+ @RequiresPermissions(value = {"/shoppingOrder/del"}, logical = Logical.OR)
@GetMapping("/deleteShoppingOrder")
@ApiOperation(value = "批量删除订单", tags = {"管理后台-购物订单"})
public AjaxResult<TShoppingOrder> deleteShoppingOrder(String ids) {
shoppingOrderService.removeBatchByIds(Arrays.asList(ids.split(",")));
return AjaxResult.success();
}
-
+
+
+ @RequiresPermissions(value = {"/shoppingOrder/cancel"}, logical = Logical.OR)
@GetMapping("/cancelShoppingOrder")
@ApiOperation(value = "取消订单", tags = {"管理后台-购物订单"})
public AjaxResult cancelShoppingOrder(String id) {
@@ -191,7 +199,7 @@
// todo 根据支付方式 取消订单
byId.setCancellationId(userid);
byId.setCancellationTime(LocalDateTime.now());
- byId.setStatus(4);
+ byId.setStatus(5);
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmssSSS");
TShoppingOrderRefund tShoppingOrderRefund = new TShoppingOrderRefund();
tShoppingOrderRefund.setPayTime(byId.getPayTime());
@@ -264,6 +272,8 @@
return AjaxResult.success();
}
+
+ @RequiresPermissions(value = {"/shoppingOrder/deliver_goods"}, logical = Logical.OR)
@GetMapping("/consignerShoppingOrder")
@ApiOperation(value = "发货", tags = {"管理后台-购物订单"})
public AjaxResult consignerShoppingOrder(String id, String companyName, String code) {
@@ -304,8 +314,27 @@
@GetMapping("/getMyShoppingOrderInfo/{id}")
- @ApiOperation(value = "获取购买订单详情", tags = {"小程序-商城购买订单", "管理后台-支付订单-订单信息"})
+ @ApiOperation(value = "获取购买订单详情", tags = {"管理后台-支付订单-订单信息"})
public AjaxResult<MyShoppingOrderInfo> getMyShoppingOrderInfo(@PathVariable String id) {
+ TShoppingOrder shoppingOrder = shoppingOrderService.getById(id);
+ Long userId = tokenService.getLoginUserApplet().getUserId();
+ if(!shoppingOrder.getAppUserId().equals(userId)){
+ return AjaxResult.error("权限不足");
+ }
+ MyShoppingOrderInfo info = shoppingOrderService.getMyShoppingOrderInfo(id);
+ return AjaxResult.success(info);
+ }
+
+
+
+ @GetMapping("/getMyShoppingOrderInfo1/{id}")
+ @ApiOperation(value = "获取购买订单详情", tags = {"小程序-商城购买订单"})
+ public AjaxResult<MyShoppingOrderInfo> getMyShoppingOrderInfo1(@PathVariable String id) {
+ TShoppingOrder shoppingOrder = shoppingOrderService.getById(id);
+ Long userId = tokenService.getLoginUserApplet().getUserId();
+ if(!shoppingOrder.getAppUserId().equals(userId)){
+ return AjaxResult.error("权限不足");
+ }
MyShoppingOrderInfo info = shoppingOrderService.getMyShoppingOrderInfo(id);
return AjaxResult.success(info);
}
@@ -315,6 +344,10 @@
@ApiOperation(value = "确认收货操作", tags = {"小程序-商城购买订单"})
public AjaxResult confirmReceipt(@PathVariable String id) {
TShoppingOrder shoppingOrder = shoppingOrderService.getById(id);
+ Long userId = tokenService.getLoginUserApplet().getUserId();
+ if(!shoppingOrder.getAppUserId().equals(userId)){
+ return AjaxResult.error("权限不足");
+ }
if (shoppingOrder.getStatus() == 3) {
return AjaxResult.error("不能重复确认收货");
}
@@ -334,6 +367,11 @@
@PutMapping("/cancelOrder/{id}")
@ApiOperation(value = "取消订单操作", tags = {"小程序-商城购买订单"})
public AjaxResult cancelOrder(@PathVariable String id) {
+ TShoppingOrder shoppingOrder = shoppingOrderService.getById(id);
+ Long userId = tokenService.getLoginUserApplet().getUserId();
+ if(!shoppingOrder.getAppUserId().equals(userId)){
+ return AjaxResult.error("权限不足");
+ }
return shoppingOrderService.cancelOrder(id);
}
--
Gitblit v1.7.1