From 1c97b5e1fb283992048d8766dba71a9ad55b5385 Mon Sep 17 00:00:00 2001
From: "taylor.dang" <taylor.dang@globalfreepay.com>
Date: Tue, 16 Apr 2019 18:42:23 +0800
Subject: [PATCH] =?UTF-8?q?[Y]=20=E7=88=B6=E5=95=86=E6=88=B7=E5=A4=84?=
 =?UTF-8?q?=E7=90=86=E5=AD=90=E5=95=86=E6=88=B7=E4=BA=A4=E6=98=93=E9=AA=8C?=
 =?UTF-8?q?=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../tradelog/refund/impls/RefundServiceImpl.java  | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/src/main/java/au/com/royalpay/payment/manage/tradelog/refund/impls/RefundServiceImpl.java b/src/main/java/au/com/royalpay/payment/manage/tradelog/refund/impls/RefundServiceImpl.java
index 1ace7eb97..e7b38ef44 100644
--- a/src/main/java/au/com/royalpay/payment/manage/tradelog/refund/impls/RefundServiceImpl.java
+++ b/src/main/java/au/com/royalpay/payment/manage/tradelog/refund/impls/RefundServiceImpl.java
@@ -75,17 +75,14 @@ public class RefundServiceImpl implements RefundService, ApplicationEventPublish
     @Override
     public JSONObject checkOrderRefundAmount(String orderId, JSONObject account) {
         JSONObject order = orderMapper.getOrderDetail(orderId);
-        if (account != null) {
+        if (account != null && (account.getIntValue("client_id") != order.getIntValue("client_id"))) {
             JSONObject client = clientMapper.findClient(account.getIntValue("client_id"));
             ////父商户全局管理子商户时候，跳过
-            if (account.getIntValue("client_id") != order.getIntValue("client_id")) {
-                JSONObject clientOrder = clientMapper.findClient(order.getIntValue("client_id"));
-                if(!(client.getBoolean("sub_manage") &&
-                        clientOrder.containsKey("parent_client_id")?clientOrder.getIntValue("parent_client_id")==client.getIntValue("client_id"):false)){
-                    throw new ForbiddenException("Order is not belong to your shop/merchant");
-                }
-
-
+            JSONObject orderTargetClient = clientMapper.findClient(order.getIntValue("client_id"));
+            if (orderTargetClient.getIntValue("parent_client_id") != account.getIntValue("client_id")) {
+                throw new ForbiddenException("Order is not belong to your shop/merchant");
+            } else if (!client.getBooleanValue("sub_manage")) {
+                throw new ForbiddenException("Order is not belong to your shop/merchant");
             }
         }
         Assert.notNull(order, "Order Not Exists");