From 9ea18e97ce0a2318619a608a5a4585e7378553ea Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期四, 06 三月 2025 15:28:41 +0800
Subject: [PATCH] 修改bug和漏洞修复

---
 ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java |   24 ++++++++++++++++++++++--
 1 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java
index 4625823..2081255 100644
--- a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TShoppingOrderController.java
@@ -234,9 +234,15 @@
 				refundAmount.setCurrency("CNY");
 				refundAmount.setRefund(i);
 				wxPaymentRefundModel.setAmount(refundAmount);
-				R<String> stringR = wxPaymentClient.refundOrderR(wxPaymentRefundModel);
+				R<Map<String, Object>> stringR = wxPaymentClient.refundOrderR(wxPaymentRefundModel);
 				if(200 == stringR.getCode()){
 					shoppingOrderRefundService.save(tShoppingOrderRefund);
+					//手续费
+					Map<String, Object> amount1 = (Map<String, Object>) stringR.getData().get("amount");
+					Object refund_fee1 = amount1.get("refund_fee");
+					BigDecimal refund_fee = new BigDecimal(null == refund_fee1 ? "0" : refund_fee1.toString()).divide(new BigDecimal(100));
+					tShoppingOrderRefund.setRefundFee(refund_fee);
+					shoppingOrderRefundService.updateById(tShoppingOrderRefund);
 				}
 				break;
 			case 2:
@@ -314,7 +320,7 @@
 	
 	
 	@GetMapping("/getMyShoppingOrderInfo/{id}")
-	@ApiOperation(value = "获取购买订单详情", tags = {"小程序-商城购买订单", "管理后台-支付订单-订单信息"})
+	@ApiOperation(value = "获取购买订单详情", tags = {"管理后台-支付订单-订单信息"})
 	public AjaxResult<MyShoppingOrderInfo> getMyShoppingOrderInfo(@PathVariable String id) {
 		TShoppingOrder shoppingOrder = shoppingOrderService.getById(id);
 		Long userId = tokenService.getLoginUserApplet().getUserId();
@@ -326,6 +332,20 @@
 	}
 	
 	
+	
+	@GetMapping("/getMyShoppingOrderInfo1/{id}")
+	@ApiOperation(value = "获取购买订单详情", tags = {"小程序-商城购买订单"})
+	public AjaxResult<MyShoppingOrderInfo> getMyShoppingOrderInfo1(@PathVariable String id) {
+		TShoppingOrder shoppingOrder = shoppingOrderService.getById(id);
+		Long userId = tokenService.getLoginUserApplet().getUserId();
+		if(!shoppingOrder.getAppUserId().equals(userId)){
+			return AjaxResult.error("权限不足");
+		}
+		MyShoppingOrderInfo info = shoppingOrderService.getMyShoppingOrderInfo(id);
+		return AjaxResult.success(info);
+	}
+	
+	
 	@PutMapping("/confirmReceipt/{id}")
 	@ApiOperation(value = "确认收货操作", tags = {"小程序-商城购买订单"})
 	public AjaxResult confirmReceipt(@PathVariable String id) {

--
Gitblit v1.7.1