From 74b0e0814e37d640596f44ec86d20fa9ecce9ed6 Mon Sep 17 00:00:00 2001
From: puzhibing <393733352@qq.com>
Date: 星期三, 05 二月 2025 10:42:06 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'
---
ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderInvoiceController.java | 25 ++++++++++++++++++++++---
1 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderInvoiceController.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderInvoiceController.java
index 5637f6c..bfef7f3 100644
--- a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderInvoiceController.java
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderInvoiceController.java
@@ -9,6 +9,9 @@
import com.ruoyi.common.core.web.page.PageInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
+import com.ruoyi.common.security.annotation.Logical;
+import com.ruoyi.common.security.annotation.RequiresPermissions;
+import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.order.api.model.TOrderInvoice;
import com.ruoyi.order.api.query.TOrderInvoiceQuery;
import com.ruoyi.order.api.vo.TOrderInvoiceVO;
@@ -53,6 +56,9 @@
@Resource
private TOrderInvoiceService orderInvoiceService;
+ @Resource
+ private TokenService tokenService;
+
@@ -62,13 +68,18 @@
public AjaxResult addOrderInvoice(@RequestBody AddOrderInvoice addOrderInvoice){
return orderInvoiceService.addOrderInvoice(addOrderInvoice);
}
-
+
+
+ @RequiresPermissions(value = {"/invoiceManagement"}, logical = Logical.OR)
@PostMapping("/pageList")
@ApiOperation(value = "查询开票分页列表", tags = {"管理后台-发票管理"})
public AjaxResult<PageInfo<TOrderInvoiceVO>> pageList(@RequestBody TOrderInvoiceQuery query){
return AjaxResult.success(orderInvoiceService.pageList(query));
}
-
+
+
+
+ @RequiresPermissions(value = {"/invoiceManagement/accept_hear_case"}, logical = Logical.OR)
@GetMapping("/uploadPdf")
@ApiOperation(value = "上传发票", tags = {"管理后台-发票管理"})
public AjaxResult<String> uploadPdf(@RequestParam("id") Long id,
@@ -175,7 +186,9 @@
}
return AjaxResult.success();
}
-
+
+
+ @RequiresPermissions(value = {"/invoiceManagement"}, logical = Logical.OR)
@PostMapping("/statusCount")
@ApiOperation(value = "查询开票状态数量", tags = {"管理后台-发票管理"})
public AjaxResult<Map<String,Integer>> statusCount(@RequestBody TOrderInvoiceQuery query){
@@ -185,6 +198,7 @@
/**
* 发票管理导出
*/
+ @RequiresPermissions(value = {"/invoiceManagement/export"}, logical = Logical.OR)
@ApiOperation(value = "发票管理导出", tags = {"管理后台-发票管理"})
@Log(title = "发票管理导出", businessType = BusinessType.EXPORT)
@PutMapping("/export")
@@ -238,6 +252,11 @@
@GetMapping("/getMyOrderInvoiceInfo/{id}")
@ApiOperation(value = "获取开票记录详情", tags = {"小程序-充电发票"})
public AjaxResult<MyOrderInvoiceInfo> getMyOrderInvoiceInfo(@PathVariable String id){
+ TOrderInvoice orderInvoice = orderInvoiceService.getById(id);
+ Long userId = tokenService.getLoginUserApplet().getUserId();
+ if(!orderInvoice.getAppUserId().equals(userId)){
+ return AjaxResult.error("权限不足");
+ }
MyOrderInvoiceInfo myOrderInvoiceInfo = orderInvoiceService.getMyOrderInvoiceInfo(id);
return AjaxResult.success(myOrderInvoiceInfo);
}
--
Gitblit v1.7.1