From dcd97d683792b5d47cc13966b24e3bbb92ee9854 Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期三, 11 十二月 2024 19:11:36 +0800
Subject: [PATCH] 修改安全相关功能和合作商权限功能

---
 ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java |   10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletions(-)

diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java
index f239bd8..e58a374 100644
--- a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/service/impl/TChargingOrderServiceImpl.java
@@ -932,7 +932,7 @@
 		Long userId = tokenService.getLoginUserApplet().getUserId();
 		TChargingOrder one = this.getOne(new LambdaQueryWrapper<TChargingOrder>().eq(TChargingOrder::getAppUserId, userId).eq(TChargingOrder::getChargingGunId, id)
 				.eq(TChargingOrder::getRechargePaymentStatus, 2).eq(TChargingOrder::getDelFlag, 0).orderByDesc(TChargingOrder::getStartTime).last(" limit 0, 1"));
-		if(null == one){
+		if(null == one || !one.getAppUserId().equals(userId)){
 			return null;
 		}
 		ChargingDetails chargingDetails = new ChargingDetails();
@@ -982,6 +982,10 @@
 		}
 		if(status == 4 || status == 5){
 			return AjaxResult.error("不能重复操作");
+		}
+		Long userId = tokenService.getLoginUserApplet().getUserId();
+		if(!order.getAppUserId().equals(userId)){
+			return AjaxResult.error("权限不足");
 		}
 		TChargingOrder chargingOrder = new TChargingOrder();
 		chargingOrder.setId(Long.valueOf(id));
@@ -3010,6 +3014,10 @@
 	public EndOfChargePageInfo getEndOfChargePageInfo(String id) {
 		EndOfChargePageInfo info = new EndOfChargePageInfo();
 		TChargingOrder chargingOrder = this.getById(id);
+		Long userId = tokenService.getLoginUserApplet().getUserId();
+		if(!chargingOrder.getAppUserId().equals(userId)){
+			throw new RuntimeException("权限不足");
+		}
 		info.setId(id);
 		info.setCode(chargingOrder.getCode());
 		info.setPaymentAmount(chargingOrder.getPaymentAmount());

--
Gitblit v1.7.1