From 74b0e0814e37d640596f44ec86d20fa9ecce9ed6 Mon Sep 17 00:00:00 2001
From: puzhibing <393733352@qq.com>
Date: 星期三, 05 二月 2025 10:42:06 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'
---
ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TExchangeOrderController.java | 43 ++++++++++++++++++++++++++++++++++++-------
1 files changed, 36 insertions(+), 7 deletions(-)
diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TExchangeOrderController.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TExchangeOrderController.java
index 7d688c5..354ef74 100644
--- a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TExchangeOrderController.java
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TExchangeOrderController.java
@@ -14,6 +14,8 @@
import com.ruoyi.common.core.dto.ExchangeBackDto;
import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.PageInfo;
+import com.ruoyi.common.security.annotation.Logical;
+import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.order.api.model.TExchangeOrder;
import com.ruoyi.order.api.model.TShoppingOrder;
@@ -71,8 +73,16 @@
private GoodsClient goodsClient;
@Resource
private CouponClient couponClient;
-
-
+
+ @Resource
+ private SysUserClient sysUserClient;
+
+ @Resource
+ private TokenService tokenService;
+
+
+
+ @RequiresPermissions(value = {"/exchangeOrder"}, logical = Logical.OR)
@PostMapping("/getExchangeOrderList")
@ApiOperation(value = "列表查询", tags = {"管理后台-兑换订单"})
public AjaxResult<PageInfo<TExchangeOrder>> getExchangeOrderList(@RequestBody ShoppingOrderQuery query) {
@@ -96,8 +106,10 @@
PageInfo<TExchangeOrder> res = exchangeOrderService.pageList(query);
return AjaxResult.success(res);
}
- @Resource
- private SysUserClient sysUserClient;
+
+
+
+ @RequiresPermissions(value = {"/exchangeOrder/deliver_goods"}, logical = Logical.OR)
@GetMapping("/getShoppingOrderInfoById")
@ApiOperation(value = "根据订单id查看订单详情", tags = {"管理后台-兑换订单"})
public AjaxResult<TExchangeOrder> getShoppingOrderList(String id) {
@@ -137,14 +149,19 @@
}
return AjaxResult.success(byId);
}
- @Resource
- private TokenService tokenService;
+
+
+
+ @RequiresPermissions(value = {"/exchangeOrder/del"}, logical = Logical.OR)
@GetMapping("/deleteShoppingOrder")
@ApiOperation(value = "批量删除订单", tags = {"管理后台-兑换订单"})
public AjaxResult<TExchangeOrder> deleteShoppingOrder(String ids) {
exchangeOrderService.removeBatchByIds(Arrays.asList(ids.split(",")));
return AjaxResult.success();
}
+
+
+ @RequiresPermissions(value = {"/exchangeOrder/cancel"}, logical = Logical.OR)
@GetMapping("/cancelShoppingOrder")
@ApiOperation(value = "取消订单", tags = {"管理后台-兑换订单"})
public AjaxResult cancelShoppingOrder(String id) {
@@ -159,6 +176,10 @@
appUserClient.refundPoints(byId.getAppUserId()+"-"+points);
return AjaxResult.success();
}
+
+
+
+ @RequiresPermissions(value = {"/exchangeOrder/deliver_goods"}, logical = Logical.OR)
@GetMapping("/consignerShoppingOrder")
@ApiOperation(value = "发货", tags = {"管理后台-兑换订单"})
public AjaxResult consignerShoppingOrder(String id,String companyName,String code) {
@@ -377,7 +398,11 @@
@ApiOperation(value = "获取兑换订单详情", tags = {"小程序-兑换记录"})
public AjaxResult<ExchangeOrderGoodsInfo> getGoodsExchangeOrder(@PathVariable String id){
ExchangeOrderGoodsInfo goodsExchangeOrder = exchangeOrderService.getGoodsExchangeOrder(id);
-
+ TExchangeOrder exchangeOrder = exchangeOrderService.getById(id);
+ Long userId = tokenService.getLoginUserApplet().getUserId();
+ if(!exchangeOrder.getAppUserId().equals(userId)){
+ return AjaxResult.error("权限不足");
+ }
return AjaxResult.success(goodsExchangeOrder);
}
@@ -386,6 +411,10 @@
@ApiOperation(value = "确认收货操作", tags = {"小程序-兑换记录"})
public AjaxResult confirmReceipt(@PathVariable String id){
TExchangeOrder tExchangeOrder = exchangeOrderService.getById(id);
+ Long userId = tokenService.getLoginUserApplet().getUserId();
+ if(!tExchangeOrder.getAppUserId().equals(userId)){
+ return AjaxResult.error("权限不足");
+ }
if(tExchangeOrder.getStatus() == 3){
return AjaxResult.error("不能重复确认收货");
}
--
Gitblit v1.7.1