From af243c209737fbae0671638f0e73a9e670f3d6fa Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期二, 24 十二月 2024 09:19:37 +0800
Subject: [PATCH] 修改小程序权限控制及更换接口

---
 ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderAppealController.java |   91 +++++++++++++++++++++++++++++++++++++++++++--
 1 files changed, 86 insertions(+), 5 deletions(-)

diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderAppealController.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderAppealController.java
index 2a771c7..75fedb2 100644
--- a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderAppealController.java
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/controller/TOrderAppealController.java
@@ -1,27 +1,45 @@
 package com.ruoyi.order.controller;
 
 
+import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.ruoyi.account.api.feignClient.AppUserClient;
 import com.ruoyi.account.api.model.TAppUser;
+import com.ruoyi.chargingPile.api.domain.SiteMenu;
+import com.ruoyi.chargingPile.api.dto.GetSiteListDTO;
+import com.ruoyi.chargingPile.api.feignClient.PartnerClient;
+import com.ruoyi.chargingPile.api.feignClient.SiteClient;
 import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.web.domain.AjaxResult;
+import com.ruoyi.common.core.web.domain.BasePojo;
 import com.ruoyi.common.core.web.page.PageInfo;
+import com.ruoyi.common.security.annotation.Logical;
+import com.ruoyi.common.security.annotation.RequiresPermissions;
 import com.ruoyi.common.security.service.TokenService;
 import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.order.api.model.*;
 import com.ruoyi.order.api.query.TOrderAppealQuery;
+import com.ruoyi.order.api.vo.ChargingOrderVO;
 import com.ruoyi.order.api.vo.TOrderAppealVO;
 import com.ruoyi.order.dto.ManageFeedbackDto;
 import com.ruoyi.order.dto.ManageOrderAppealQuery;
 import com.ruoyi.order.service.*;
+import com.ruoyi.other.api.feignClient.RoleSiteClient;
+import com.ruoyi.other.api.feignClient.UserSiteClient;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.feignClient.SysUserClient;
+import com.ruoyi.system.api.feignClient.SysUserRoleClient;
+import com.ruoyi.system.api.model.SysUserRoleVo;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
+import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.List;
+import java.util.Set;
 
 /**
  * <p>
@@ -48,42 +66,100 @@
 
     @Resource
     private TVipOrderService vipOrderService;
-
+    
+    @Resource
+    private SysUserClient sysUserClient;
+    
+    @Resource
+    private PartnerClient partnerService;
+    
+    @Resource
+    private UserSiteClient userSiteClient;
+    
+    @Resource
+    private RoleSiteClient roleSiteClient;
+    
+    @Resource
+    private SysUserRoleClient sysUserRoleClient;
+    @Resource
+    private PartnerClient partnerClient;
 
     @Autowired
     public TOrderAppealController(TOrderAppealService orderAppealService, TokenService tokenService) {
         this.orderAppealService = orderAppealService;
         this.tokenService = tokenService;
     }
+    @Resource
+    private SiteClient siteClient;
+    
+    
+    @RequiresPermissions(value = {"/appealOrder"}, logical = Logical.OR)
     @ApiOperation(tags = {"后台-订单管理-订单申诉"},value = "列表")
     @PostMapping(value = "/manage/pageList")
     public R<Page<TOrderAppeal>> managePageList(@RequestBody ManageOrderAppealQuery manageOrderAppealQuery) {
-
         Page<TOrderAppeal> page = orderAppealService.lambdaQuery().eq(manageOrderAppealQuery.getStatus() != null, TOrderAppeal::getStatus, manageOrderAppealQuery.getStatus())
                 .like(manageOrderAppealQuery.getCode() != null, TOrderAppeal::getCode, manageOrderAppealQuery.getCode())
                 .like(manageOrderAppealQuery.getPhone() != null, TOrderAppeal::getPhone, manageOrderAppealQuery.getPhone())
                 .eq(manageOrderAppealQuery.getOrderType() != null, TOrderAppeal::getOrderType, manageOrderAppealQuery.getOrderType())
-                .in(TOrderAppeal::getOrderType, 1, 2).page(Page.of(manageOrderAppealQuery.getPageCurr(), manageOrderAppealQuery.getPageSize()));
-
+                .in(TOrderAppeal::getOrderType, 1, 2)
+                .orderByDesc(TOrderAppeal::getCreateTime)
+                .page(Page.of(manageOrderAppealQuery.getPageCurr(), manageOrderAppealQuery.getPageSize()));
+        SysUser sysUser = sysUserClient.getSysUser(tokenService.getLoginUser().getUserid()).getData();
+        Integer roleType = sysUser.getRoleType();
+        List<TOrderAppeal> res = new ArrayList<>();
         for (TOrderAppeal record : page.getRecords()) {
+            if (record.getOrderType()!=1){
+                res.add(record);
+            }
+            if (roleType == 2 && record.getOrderType()==1){
+                List<Integer> siteIds = new ArrayList<>();
+                    if (sysUser.getUserId() != null){
+                        List<GetSiteListDTO> data = siteClient.getSiteListByUserId(sysUser.getUserId()).getData();
+                        for (GetSiteListDTO datum : data) {
+                            siteIds.add(datum.getId());
+                        }
+                    }
+                if (siteIds.isEmpty()){
+                    siteIds.add(-1);
+                }
+                    TChargingOrder byId = chargingOrderService.getById(record.getOrderId());
+                    if (byId!=null&&siteIds.contains(byId.getSiteId())){
+                        res.add(record);
+                        // 校验有没有这个站点的权限
+                        List<Boolean> data = partnerClient.managePageListMenu(sysUser.getObjectId(), byId.getSiteId()).getData();
+                        record.setAuthInfo(data.get(0));
+                        record.setAuthHandle(data.get(1));
+                    }
+
+            }else{
+                res.add(record);
+            }
             record.setUid(record.getId().toString());
         }
+
         return R.ok(page);
 
 
     }
+    
+    
+    @RequiresPermissions(value = {"/appealOrder/del"}, logical = Logical.OR)
     @ApiOperation(tags = {"后台-订单管理-订单申诉"},value = "删除")
     @DeleteMapping (value = "/manage/delete")
     public R<Page<TOrderAppeal>> delete(String ids) {
         orderAppealService.removeBatchByIds(Arrays.asList(ids.split(",")));
         return R.ok();
     }
-
+    
+    
+    
+    @RequiresPermissions(value = {"/appealOrder/select", "/appealOrder/handle"}, logical = Logical.OR)
     @ApiOperation(tags = {"后台-订单管理-订单申诉"},value = "后台-订单管理-订单申诉")
     @PostMapping(value = "/manage/feedback")
     public R manageFeedback(@RequestBody ManageFeedbackDto manageFeedbackDto) {
         TOrderAppeal byId = orderAppealService.getById(manageFeedbackDto.getId());
         byId.setFeedback(manageFeedbackDto.getFeedback());
+        byId.setStatus(2);
         orderAppealService.updateById(byId);
         return R.ok();
     }
@@ -105,6 +181,11 @@
     @GetMapping(value = "/getDetailById")
     @ApiOperation(tags = {"小程序-订单申诉"},value = "查询订单申诉详情")
     public AjaxResult<TOrderAppealVO> getDetailById(String id) {
+        TOrderAppeal orderAppeal = orderAppealService.getById(id);
+        Long userId = tokenService.getLoginUserApplet().getUserId();
+        if(!orderAppeal.getAppUserId().equals(userId)){
+            return AjaxResult.error("权限不足");
+        }
         return AjaxResult.ok(orderAppealService.getDetailById(id));
     }
     

--
Gitblit v1.7.1