From 8c4bbe846095733960c17905746bc40882a50f88 Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期四, 12 十二月 2024 16:40:16 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'

---
 ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java |   10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletions(-)

diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java
index ac92738..c1898d6 100644
--- a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java
@@ -934,7 +934,7 @@
 		Long userId = tokenService.getLoginUserApplet().getUserId();
 		TChargingOrder one = this.getOne(new LambdaQueryWrapper<TChargingOrder>().eq(TChargingOrder::getAppUserId, userId).eq(TChargingOrder::getChargingGunId, id)
 				.eq(TChargingOrder::getRechargePaymentStatus, 2).eq(TChargingOrder::getDelFlag, 0).orderByDesc(TChargingOrder::getStartTime).last(" limit 0, 1"));
-		if(null == one){
+		if(null == one || !one.getAppUserId().equals(userId)){
 			return null;
 		}
 		ChargingDetails chargingDetails = new ChargingDetails();
@@ -984,6 +984,10 @@
 		}
 		if(status == 4 || status == 5){
 			return AjaxResult.error("不能重复操作");
+		}
+		Long userId = tokenService.getLoginUserApplet().getUserId();
+		if(!order.getAppUserId().equals(userId)){
+			return AjaxResult.error("权限不足");
 		}
 		TChargingOrder chargingOrder = new TChargingOrder();
 		chargingOrder.setId(Long.valueOf(id));
@@ -3316,6 +3320,10 @@
 	public EndOfChargePageInfo getEndOfChargePageInfo(String id) {
 		EndOfChargePageInfo info = new EndOfChargePageInfo();
 		TChargingOrder chargingOrder = this.getById(id);
+		Long userId = tokenService.getLoginUserApplet().getUserId();
+		if(!chargingOrder.getAppUserId().equals(userId)){
+			throw new RuntimeException("权限不足");
+		}
 		info.setId(id);
 		info.setCode(chargingOrder.getCode());
 		info.setPaymentAmount(chargingOrder.getPaymentAmount());

--
Gitblit v1.7.1