diff --git a/src/main/java/au/com/royalpay/payment/manage/mappers/system/OrgMapper.java b/src/main/java/au/com/royalpay/payment/manage/mappers/system/OrgMapper.java index 59cacde68..04ae18528 100644 --- a/src/main/java/au/com/royalpay/payment/manage/mappers/system/OrgMapper.java +++ b/src/main/java/au/com/royalpay/payment/manage/mappers/system/OrgMapper.java @@ -25,6 +25,10 @@ public interface OrgMapper { List listOrgs(@Param("type") int type, PageBounds order); + List listOrgsWithParent(JSONObject params); + + List listOrgsWithChid(JSONObject params); + @AutoSql(type = SqlType.INSERT) void saveOrg(JSONObject org); @@ -41,4 +45,6 @@ public interface OrgMapper { JSONObject findOrgByBDId(@Param("bd_id") int bd_id); PageList listOrgWithPages(JSONObject paraams, PageBounds order); + + List listOrgAndChild(@Param("org_id") int org_id); } diff --git a/src/main/java/au/com/royalpay/payment/manage/merchants/beans/PartnerQuery.java b/src/main/java/au/com/royalpay/payment/manage/merchants/beans/PartnerQuery.java index d89677a80..44643a4bc 100644 --- a/src/main/java/au/com/royalpay/payment/manage/merchants/beans/PartnerQuery.java +++ b/src/main/java/au/com/royalpay/payment/manage/merchants/beans/PartnerQuery.java @@ -22,6 +22,7 @@ public class PartnerQuery { private String short_name; private String sub_merchant_id; private String org_id; + private String org_ids; private Integer bd; private String business_structure; private String industry; @@ -117,6 +118,9 @@ public class PartnerQuery { if (org_id != null) { param.put("org_id", org_id); } + if (org_ids != null) { + param.put("org_ids", org_ids); + } if (bd != null) { param.put("bd_user", bd); } @@ -440,4 +444,12 @@ public class PartnerQuery { public boolean isIs_valid() { return is_valid; } + + public String getOrg_ids() { + return org_ids; + } + + public void setOrg_ids(String org_ids) { + this.org_ids = org_ids; + } } diff --git a/src/main/java/au/com/royalpay/payment/manage/merchants/core/impls/ClientManagerImpl.java b/src/main/java/au/com/royalpay/payment/manage/merchants/core/impls/ClientManagerImpl.java index 62364635e..008a48d03 100644 --- a/src/main/java/au/com/royalpay/payment/manage/merchants/core/impls/ClientManagerImpl.java +++ b/src/main/java/au/com/royalpay/payment/manage/merchants/core/impls/ClientManagerImpl.java @@ -10,25 +10,8 @@ import au.com.royalpay.payment.manage.analysis.mappers.TransactionAnalysisMapper import au.com.royalpay.payment.manage.appclient.beans.AppClientBean; import au.com.royalpay.payment.manage.mappers.payment.TransactionMapper; import au.com.royalpay.payment.manage.mappers.redpack.ActClientInvitationCodeMapper; -import au.com.royalpay.payment.manage.mappers.system.ClientAccountMapper; -import au.com.royalpay.payment.manage.mappers.system.ClientApplyMapper; -import au.com.royalpay.payment.manage.mappers.system.ClientAuditProcessMapper; -import au.com.royalpay.payment.manage.mappers.system.ClientBDMapper; -import au.com.royalpay.payment.manage.mappers.system.ClientBankAccountMapper; -import au.com.royalpay.payment.manage.mappers.system.ClientDeviceMapper; -import au.com.royalpay.payment.manage.mappers.system.ClientFilesMapper; -import au.com.royalpay.payment.manage.mappers.system.ClientMapper; -import au.com.royalpay.payment.manage.mappers.system.ClientRateMapper; -import au.com.royalpay.payment.manage.mappers.system.CommoditiesMapper; -import au.com.royalpay.payment.manage.mappers.system.ManagerMapper; -import au.com.royalpay.payment.manage.mappers.system.OrgMapper; -import au.com.royalpay.payment.manage.merchants.beans.ActivityPosterBuilder; -import au.com.royalpay.payment.manage.merchants.beans.BankAccountInfo; -import au.com.royalpay.payment.manage.merchants.beans.ClientAuthFilesInfo; -import au.com.royalpay.payment.manage.merchants.beans.ClientRateConfig; -import au.com.royalpay.payment.manage.merchants.beans.ClientRegisterInfo; -import au.com.royalpay.payment.manage.merchants.beans.NewAccountBean; -import au.com.royalpay.payment.manage.merchants.beans.PartnerQuery; +import au.com.royalpay.payment.manage.mappers.system.*; +import au.com.royalpay.payment.manage.merchants.beans.*; import au.com.royalpay.payment.manage.merchants.core.ClientComplyValidator; import au.com.royalpay.payment.manage.merchants.core.ClientManager; import au.com.royalpay.payment.manage.notice.core.MailService; @@ -56,22 +39,16 @@ import au.com.royalpay.payment.tools.merchants.qrboard.QRBoard; import au.com.royalpay.payment.tools.merchants.qrboard.QRBoardProvider; import au.com.royalpay.payment.tools.permission.enums.ManagerRole; import au.com.royalpay.payment.tools.permission.enums.PartnerRole; -import au.com.royalpay.payment.tools.utils.ImageUtils; -import au.com.royalpay.payment.tools.utils.PageListUtils; -import au.com.royalpay.payment.tools.utils.PasswordUtils; -import au.com.royalpay.payment.tools.utils.PdfUtils; -import au.com.royalpay.payment.tools.utils.QRCodeUtils; -import au.com.royalpay.payment.tools.utils.TimeZoneUtils; +import au.com.royalpay.payment.tools.utils.*; import au.com.royalpay.payment.tools.websocket.notify.PartnerPageEvent; - +import cn.yixblog.platform.http.HttpRequestGenerator; +import cn.yixblog.platform.http.HttpRequestResult; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import com.github.miemiedev.mybatis.paginator.domain.Order; import com.github.miemiedev.mybatis.paginator.domain.PageBounds; import com.github.miemiedev.mybatis.paginator.domain.PageList; -import com.mysql.jdbc.exceptions.MySQLIntegrityConstraintViolationException; - import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; @@ -93,34 +70,22 @@ import org.springframework.web.bind.annotation.RequestMethod; import org.thymeleaf.context.Context; import org.thymeleaf.spring4.SpringTemplateEngine; +import javax.annotation.Resource; +import javax.imageio.ImageIO; +import javax.servlet.ServletOutputStream; +import javax.servlet.http.HttpServletResponse; import java.awt.*; import java.awt.image.BufferedImage; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.File; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; +import java.io.*; import java.math.BigDecimal; import java.net.URISyntaxException; import java.net.URL; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Date; +import java.util.*; import java.util.List; -import java.util.Objects; import java.util.concurrent.TimeUnit; import java.util.zip.ZipEntry; import java.util.zip.ZipOutputStream; -import javax.annotation.Resource; -import javax.imageio.ImageIO; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletResponse; - -import cn.yixblog.platform.http.HttpRequestGenerator; -import cn.yixblog.platform.http.HttpRequestResult; - import static au.com.royalpay.payment.manage.permission.utils.OrgCheckUtils.checkOrgPermission; /** @@ -327,8 +292,18 @@ public class ClientManagerImpl implements ClientManager, ManagerTodoNoticeProvid params.put("bd_user", manager.getString("manager_id")); } } + + if(params.getString("org_id") != null){ + if(params.getString("org_ids") == null){ + orgIds(params,Integer.parseInt(params.getString("org_id"))); + }else { + params.put("org_id",params.getString("org_ids")); + params.remove("org_ids"); + } + } + JSONObject org = null; if (params.getString("org_id") != null) { - JSONObject org = orgMapper.findOne(params.getIntValue("org_id")); + org = orgMapper.findOne(params.getIntValue("org_id")); if (org.getIntValue("type") == 1) { params.put("referrer_id", org.getString("org_id")); params.remove("org_id"); @@ -336,7 +311,18 @@ public class ClientManagerImpl implements ClientManager, ManagerTodoNoticeProvid } int orgId = manager.getIntValue("org_id"); if (orgId > 0) { - params.put("org_id", orgId); + if(params.getString("org_ids") == null){ + JSONObject org2 = orgMapper.findOne(orgId); + if(org2.getString("parent_org_id") != null){ + params.put("org_id",orgId); + }else { + params.put("org_id",orgId); + orgIds(params,orgId); + } + }else { + params.put("org_id", params.getIntValue("org_ids")); + params.remove("org_ids"); + } } String tempSubMchId = sysConfigManager.getSysConfig().getString("temp_sub_mch_id"); String tempSubMchSource = sysConfigManager.getSysConfig().getString("temp_sub_mch_id_source"); @@ -361,6 +347,21 @@ public class ClientManagerImpl implements ClientManager, ManagerTodoNoticeProvid } return PageListUtils.buildPageListResult(partners); } + private void orgIds(JSONObject params,int orgId){ + JSONObject param = new JSONObject(); + param.put("parent_org_id",params.getString("org_id")); + param.put("type",0); + List orgIds = new ArrayList<>(); + List childOrgs = orgMapper.listOrgsWithChid(param); + if(childOrgs.size() > 0){ + for(JSONObject object : childOrgs ){ + orgIds.add(object.getIntValue("org_id")); + } + orgIds.add(orgId); + params.put("org_ids",orgIds); + params.remove("org_id"); + } + } @Override public List listPartners(JSONObject manager, PartnerQuery query) { diff --git a/src/main/java/au/com/royalpay/payment/manage/organizations/beans/OrgInfo.java b/src/main/java/au/com/royalpay/payment/manage/organizations/beans/OrgInfo.java index 86be29bc4..3eda2a10d 100644 --- a/src/main/java/au/com/royalpay/payment/manage/organizations/beans/OrgInfo.java +++ b/src/main/java/au/com/royalpay/payment/manage/organizations/beans/OrgInfo.java @@ -10,7 +10,7 @@ import org.hibernate.validator.constraints.NotEmpty; public class OrgInfo { @NotEmpty private String name; - private int type = 0; + private String type; private String logo; @NotEmpty private String location; @@ -32,6 +32,8 @@ public class OrgInfo { private String search_text; private int page = 1; private int limit = 10; + private String parent_org_id; + private String org_id; public JSONObject toJsonParam() { JSONObject param = new JSONObject(); @@ -44,9 +46,15 @@ public class OrgInfo { if (StringUtils.isNotBlank(search_text)) { param.put("search_text", search_text); } - if (StringUtils.isNotBlank(String.valueOf(type))){ + if (type != null){ param.put("type", type); } + if (StringUtils.isNotBlank(parent_org_id)){ + param.put("parent_org_id", parent_org_id); + } + if (StringUtils.isNotBlank(org_id)){ + param.put("org_id", org_id); + } return param; } @@ -126,11 +134,11 @@ public class OrgInfo { this.rate_value = rate_value; } - public int getType() { + public String getType() { return type; } - public void setType(int type) { + public void setType(String type) { this.type = type; } @@ -205,4 +213,20 @@ public class OrgInfo { public void setLimit(int limit) { this.limit = limit; } + + public String getParent_org_id() { + return parent_org_id; + } + + public void setParent_org_id(String parent_org_id) { + this.parent_org_id = parent_org_id; + } + + public String getOrg_id() { + return org_id; + } + + public void setOrg_id(String org_id) { + this.org_id = org_id; + } } diff --git a/src/main/java/au/com/royalpay/payment/manage/organizations/core/OrgManager.java b/src/main/java/au/com/royalpay/payment/manage/organizations/core/OrgManager.java index 006eb8acc..d3f35d221 100644 --- a/src/main/java/au/com/royalpay/payment/manage/organizations/core/OrgManager.java +++ b/src/main/java/au/com/royalpay/payment/manage/organizations/core/OrgManager.java @@ -11,9 +11,11 @@ import java.util.List; public interface OrgManager { List listOrgs(boolean detail); - JSONObject listAllOrgs(OrgInfo orgInfo); + List listOrgsWithChid(JSONObject manager,OrgInfo orgInfo); - JSONObject getOrgDetail(int orgId); + JSONObject listAllOrgs(OrgInfo orgInfo,JSONObject manager); + + JSONObject getOrgDetail(int orgId,JSONObject manager); JSONObject saveNewOrg(OrgInfo org); @@ -25,4 +27,5 @@ public interface OrgManager { List listAllOrg(); + JSONObject checkOrg(JSONObject manager, JSONObject params); } diff --git a/src/main/java/au/com/royalpay/payment/manage/organizations/core/impls/OrgManagerImpl.java b/src/main/java/au/com/royalpay/payment/manage/organizations/core/impls/OrgManagerImpl.java index 11cda86db..90ddc9abd 100644 --- a/src/main/java/au/com/royalpay/payment/manage/organizations/core/impls/OrgManagerImpl.java +++ b/src/main/java/au/com/royalpay/payment/manage/organizations/core/impls/OrgManagerImpl.java @@ -3,16 +3,23 @@ package au.com.royalpay.payment.manage.organizations.core.impls; import au.com.royalpay.payment.manage.mappers.system.OrgMapper; import au.com.royalpay.payment.manage.organizations.beans.OrgInfo; import au.com.royalpay.payment.manage.organizations.core.OrgManager; +import au.com.royalpay.payment.tools.exceptions.BadRequestException; +import au.com.royalpay.payment.tools.exceptions.ForbiddenException; +import au.com.royalpay.payment.tools.permission.enums.ManagerRole; import au.com.royalpay.payment.tools.utils.PageListUtils; +import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import com.github.miemiedev.mybatis.paginator.domain.Order; import com.github.miemiedev.mybatis.paginator.domain.PageBounds; import com.github.miemiedev.mybatis.paginator.domain.PageList; +import org.apache.ibatis.annotations.Param; import org.springframework.stereotype.Service; import javax.annotation.Resource; +import java.util.ArrayList; import java.util.Date; import java.util.List; +import java.util.stream.Collectors; /** * Created by yixian on 2016-10-18. @@ -29,16 +36,47 @@ public class OrgManagerImpl implements OrgManager { } @Override - public JSONObject listAllOrgs(OrgInfo orgInfo) { + public List listOrgsWithChid(JSONObject manager,OrgInfo orgInfo) { + JSONObject params = new JSONObject(); + params.put("type",0); + List listOrgsByChild = orgMapper.listOrgsWithChid(params); + if(orgInfo.getOrg_id() != null){ + params.put("org_id", orgInfo.getOrg_id()); + }else { + if (manager.getInteger("org_id") != null) { + params.put("org_id", manager.getIntValue("org_id")); + } + } + List listOrgs = orgMapper.listOrgsWithParent(params); + List orgs = new ArrayList<>(); + for(JSONObject org : listOrgs){ + org.put("type",org.getString("name")); + orgs.add(org); + for(JSONObject orgChild : listOrgsByChild){ + if(org.getIntValue("org_id") == orgChild.getIntValue("parent_org_id")){ + orgChild.put("type",org.getString("name")); + orgs.add(orgChild); + } + } + } + return orgs; + } + + + + @Override + public JSONObject listAllOrgs(OrgInfo orgInfo,JSONObject manager) { /* PageBounds sort = new PageBounds(Order.formString("sort_no.asc")); return orgMapper.listsOrgWithDetail(sort);*/ + checkBdRole(manager); JSONObject params = orgInfo.toJsonParam(); PageList listOrg = orgMapper.listOrgWithPages(params,new PageBounds(orgInfo.getPage(),orgInfo.getLimit(),Order.formString("sort_no.asc"))); return PageListUtils.buildPageListResult(listOrg); } @Override - public JSONObject getOrgDetail(int orgId) { + public JSONObject getOrgDetail(int orgId,JSONObject manager) { + checkBdRole(manager); return orgMapper.findOne(orgId); } @@ -86,4 +124,41 @@ public class OrgManagerImpl implements OrgManager { return listAllOrgs; } + private void checkBdRole(JSONObject manager){ + if(ManagerRole.BD_USER.hasRole(manager.getIntValue("role"))){ + if(manager.getString("org_id") != null){ + JSONObject org = orgMapper.findOne(manager.getIntValue("org_id")); + if(org != null && org.getIntValue("type") == 0 && org.getString("parent_org_id") != null){ + throw new BadRequestException("Invalid Role"); + } + } + } + } + + @Override + public JSONObject checkOrg(JSONObject manager, JSONObject params){ + if (params.getString("org_id")==null){ + if (manager.getInteger("org_id")!=null){ + List orgs = orgMapper.listOrgAndChild(manager.getIntValue("org_id")); + if (orgs.size()>1){ + List orgIds = orgs.stream().map(org->org.getIntValue("org_id")).collect(Collectors.toList()); + params.put("org_ids",orgIds); + }else { + params.put("org_id",manager.getIntValue("org_id")); + } + } + }else { + if (manager.getInteger("org_id")!=null){ + List orgs = orgMapper.listOrgAndChild(manager.getIntValue("org_id")); + List orgIds = orgs.stream().map(org->org.getIntValue("org_id")).collect(Collectors.toList()); + if (!orgIds.contains(params.getString("org_id"))){ + throw new ForbiddenException("You have no permission to query the org"); + } + + } + + } + return params; + } + } diff --git a/src/main/java/au/com/royalpay/payment/manage/organizations/web/OrgManageController.java b/src/main/java/au/com/royalpay/payment/manage/organizations/web/OrgManageController.java index 3f0b7faa3..28f4698bd 100644 --- a/src/main/java/au/com/royalpay/payment/manage/organizations/web/OrgManageController.java +++ b/src/main/java/au/com/royalpay/payment/manage/organizations/web/OrgManageController.java @@ -3,9 +3,11 @@ package au.com.royalpay.payment.manage.organizations.web; import au.com.royalpay.payment.manage.organizations.beans.OrgInfo; import au.com.royalpay.payment.manage.organizations.core.OrgManager; import au.com.royalpay.payment.manage.permission.manager.ManagerMapping; +import au.com.royalpay.payment.tools.CommonConsts; import au.com.royalpay.payment.tools.permission.enums.ManagerRole; import au.com.royalpay.payment.manage.permission.manager.RequireManager; import au.com.royalpay.payment.tools.http.HttpUtils; +import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import org.springframework.validation.Errors; import org.springframework.web.bind.annotation.*; @@ -29,10 +31,16 @@ public class OrgManageController { return orgManager.listOrgs(detail); } + @RequestMapping(value = "/orgChild",method = RequestMethod.GET) + @RequireManager + public List listOrgsWithChid(@ModelAttribute(CommonConsts.MANAGER_STATUS) JSONObject manager,OrgInfo orgInfo) { + return orgManager.listOrgsWithChid(manager,orgInfo); + } + @RequestMapping(value = "/listsOrg", method = RequestMethod.GET) @RequireManager - public JSONObject listsOrg(OrgInfo orgInfo) { - return orgManager.listAllOrgs(orgInfo); + public JSONObject listsOrg(OrgInfo orgInfo,@ModelAttribute(CommonConsts.MANAGER_STATUS) JSONObject manager) { + return orgManager.listAllOrgs(orgInfo,manager); } @RequestMapping(value = "/list_all_Org", method = RequestMethod.GET) @@ -41,15 +49,15 @@ public class OrgManageController { return orgManager.listAllOrg(); } - @ManagerMapping(method = RequestMethod.POST, role = ManagerRole.ADMIN) + @ManagerMapping(method = RequestMethod.POST, role = {ManagerRole.ADMIN,ManagerRole.BD_USER}) public JSONObject saveOrg(@RequestBody @Valid OrgInfo org, Errors errors) { HttpUtils.handleValidErrors(errors); return orgManager.saveNewOrg(org); } - @ManagerMapping(value = "/{orgId}", method = RequestMethod.GET, role = ManagerRole.ADMIN) - public JSONObject getOrgDetail(@PathVariable int orgId) { - return orgManager.getOrgDetail(orgId); + @ManagerMapping(value = "/{orgId}", method = RequestMethod.GET, role = {ManagerRole.ADMIN,ManagerRole.BD_USER}) + public JSONObject getOrgDetail(@PathVariable int orgId,@ModelAttribute(CommonConsts.MANAGER_STATUS) JSONObject manager) { + return orgManager.getOrgDetail(orgId,manager); } @ManagerMapping(value = "/{orgId}", method = RequestMethod.PUT) @@ -58,7 +66,7 @@ public class OrgManageController { orgManager.updateOrg(orgId, org); } - @ManagerMapping(value = "/{orgId}/enable_change_rate",method = RequestMethod.PUT,role = {ManagerRole.ADMIN}) + @ManagerMapping(value = "/{orgId}/enable_change_rate",method = RequestMethod.PUT,role = {ManagerRole.ADMIN,ManagerRole.BD_USER}) public void switchEnableChangeRate(@PathVariable int orgId, @RequestBody JSONObject enable){ boolean enabled = enable.getBooleanValue("enabled"); orgManager.switchPermission(orgId,"rate_editable",enabled); diff --git a/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/ManagerAccountServiceImpl.java b/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/ManagerAccountServiceImpl.java index 4598f9434..a8a4ef3f9 100644 --- a/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/ManagerAccountServiceImpl.java +++ b/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/ManagerAccountServiceImpl.java @@ -2,6 +2,7 @@ package au.com.royalpay.payment.manage.signin.core.impls; import au.com.royalpay.payment.manage.mappers.financial.FinancialBDConfigMapper; import au.com.royalpay.payment.manage.mappers.system.ManagerMapper; +import au.com.royalpay.payment.manage.mappers.system.OrgMapper; import au.com.royalpay.payment.tools.permission.enums.ManagerRole; import au.com.royalpay.payment.manage.signin.beans.ManagerInfo; import au.com.royalpay.payment.manage.signin.core.ManagerAccountsService; @@ -22,11 +23,15 @@ import java.util.List; public class ManagerAccountServiceImpl implements ManagerAccountsService { @Resource private ManagerMapper managerMapper; + + @Resource + private OrgMapper orgMapper; @Resource private FinancialBDConfigMapper financialBDConfigMapper; @Override public List listManagers(JSONObject loginManager) { + checkBdRole(loginManager); JSONObject params = new JSONObject(); if (loginManager.getInteger("org_id") != null) { params.put("org_id", loginManager.getIntValue("org_id")); @@ -52,7 +57,8 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService { @Override public void saveManager(ManagerInfo manager, JSONObject loginManager) { - if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role"))) { + checkBdRole(loginManager); + if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role")) && !ManagerRole.BD_USER.hasRole(loginManager.getIntValue("role"))) { if (manager.isAdmin() || manager.isFinacial() || manager.isOperator() || manager.isServant() || manager.isSitemanager() || manager.isDeveloper()) { throw new BadRequestException("Invalid Role"); } @@ -67,12 +73,13 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService { @Override public void modify(String userId, ManagerInfo manager, JSONObject loginManager) { + checkBdRole(loginManager); JSONObject managerFromDb = managerMapper.findById(userId); if (managerFromDb == null) { throw new NotFoundException("manager not exists or invalid"); } JSONObject obj = manager.accountJson(false); - if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role"))) { + if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role")) && !ManagerRole.BD_USER.hasRole(loginManager.getIntValue("role"))) { if (managerFromDb.getIntValue("org_id") != loginManager.getIntValue("org_id")) { throw new BadRequestException("You cannot modify accounts belong to other organizations"); } @@ -87,8 +94,9 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService { @Override public void disable(String userId, JSONObject loginManager) { + checkBdRole(loginManager); JSONObject manager = managerMapper.findById(userId); - if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role"))) { + if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role")) && !ManagerRole.BD_USER.hasRole(loginManager.getIntValue("role"))){ if (manager.getIntValue("org_id") != loginManager.getIntValue("org_id")) { throw new BadRequestException("You cannot disable accounts belong to other organizations"); } @@ -117,4 +125,16 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService { public JSONObject getBDConfig(String bd_id){ return financialBDConfigMapper.getBdConfig(bd_id); } + + private void checkBdRole(JSONObject loginManager){ + if(ManagerRole.BD_USER.hasRole(loginManager.getIntValue("role"))){ + JSONObject manager = managerMapper.findById(loginManager.getString("manager_id")); + if(manager.getString("org_id") != null){ + JSONObject org = orgMapper.findOne(manager.getIntValue("org_id")); + if(org != null && org.getIntValue("type") == 0 && org.getString("parent_org_id") != null){ + throw new BadRequestException("Invalid Role"); + } + } + } + } } diff --git a/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/SignInAccountServiceImpl.java b/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/SignInAccountServiceImpl.java index 042a1149d..4d20ee720 100644 --- a/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/SignInAccountServiceImpl.java +++ b/src/main/java/au/com/royalpay/payment/manage/signin/core/impls/SignInAccountServiceImpl.java @@ -32,10 +32,7 @@ import org.thymeleaf.context.Context; import org.thymeleaf.spring4.SpringTemplateEngine; import javax.annotation.Resource; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; +import java.util.*; /** * account service for sign in @@ -67,11 +64,14 @@ public class SignInAccountServiceImpl implements SignInAccountService, Applicati @Cacheable(value = ":login:managers:", key = "''+#accountId") public JSONObject getManager(String accountId) { JSONObject manager = managerMapper.findById(accountId); + JSONObject org = null; if (manager == null) { throw new ForbiddenException("用户不存在或已禁用"); } if (manager.getInteger("org_id") != null) { - manager.put("org", orgMapper.findOne(manager.getIntValue("org_id"))); + org = orgMapper.findOne(manager.getIntValue("org_id")); + manager.put("org", org); + manager.put("parent_org_id",org.getIntValue("parent_org_id")); } List funcs = permissionManager.listUserFunctions(manager.getIntValue("role")); List funcIds = new ArrayList<>(); @@ -90,12 +90,36 @@ public class SignInAccountServiceImpl implements SignInAccountService, Applicati modules.put(module, mod); } } + if(org != null && org.getIntValue("type")==0 && org.getString("parent_org_id") != null){ + if(modules.containsKey("org")){ + deleteOrgModule(modules,"org"); + } + if(modules.containsKey("manager_accounts")){ + deleteOrgModule(modules,"manager_accounts"); + } + } + if(org != null && org.getIntValue("type")==0 && org.getString("parent_org_id") == null){ + if(modules.containsKey("manager_accounts")){ + deleteOrgModule(modules,"manager_accounts"); + } + } + manager.put("available_func_ids", funcIds); manager.put("available_func_names", funcNames); manager.put("modules", modules.values()); manager.put("module_names", modules.keySet()); return manager; } + private void deleteOrgModule(Map modules,String module){ + Iterator iterator = modules.keySet().iterator(); + while (iterator.hasNext()) { + String key = (String) iterator.next(); + if (module.equals(key)) { + iterator.remove(); + modules.remove(key); + } + } + } @Override @Cacheable(value = ":login:clients:", key = "''+#accountId") diff --git a/src/main/java/au/com/royalpay/payment/manage/signin/web/ManagerAccountsController.java b/src/main/java/au/com/royalpay/payment/manage/signin/web/ManagerAccountsController.java index 2d0aad18b..7e539b1a4 100644 --- a/src/main/java/au/com/royalpay/payment/manage/signin/web/ManagerAccountsController.java +++ b/src/main/java/au/com/royalpay/payment/manage/signin/web/ManagerAccountsController.java @@ -33,14 +33,14 @@ public class ManagerAccountsController { // } @RequestMapping(method = RequestMethod.GET) - @RequireManager(role = {ManagerRole.ADMIN, ManagerRole.ACCOUNT_MANAGER}) + @RequireManager(role = {ManagerRole.ADMIN, ManagerRole.ACCOUNT_MANAGER,ManagerRole.BD_USER}) public List listManagerss(@ModelAttribute(CommonConsts.MANAGER_STATUS) JSONObject loginManager, @RequestParam Map map) { loginManager.putAll(map); return managerAccountsService.listManagers(loginManager); } @RequestMapping(method = RequestMethod.POST) - @RequireManager(role = {ManagerRole.ADMIN, ManagerRole.ACCOUNT_MANAGER}) + @RequireManager(role = {ManagerRole.ADMIN, ManagerRole.ACCOUNT_MANAGER,ManagerRole.BD_USER}) public void saveManager(@RequestBody @Valid ManagerInfo manager, Errors errors, @ModelAttribute(CommonConsts.MANAGER_STATUS) JSONObject loginManager) { HttpUtils.handleValidErrors(errors); managerAccountsService.saveManager(manager, loginManager); @@ -55,12 +55,12 @@ public class ManagerAccountsController { return managerAccountsService.listBDUsers((JSONObject) JSON.toJSON(map)); } - @ManagerMapping(value = "/{userId}", method = RequestMethod.PUT, role = {ManagerRole.ADMIN, ManagerRole.ACCOUNT_MANAGER}) + @ManagerMapping(value = "/{userId}", method = RequestMethod.PUT, role = {ManagerRole.ADMIN, ManagerRole.ACCOUNT_MANAGER,ManagerRole.BD_USER}) public void modify(@PathVariable String userId, @RequestBody ManagerInfo manager, @ModelAttribute(CommonConsts.MANAGER_STATUS) JSONObject loginManager) { managerAccountsService.modify(userId, manager, loginManager); } - @ManagerMapping(value = "/{userId}", method = RequestMethod.DELETE, role = {ManagerRole.ADMIN, ManagerRole.ACCOUNT_MANAGER}) + @ManagerMapping(value = "/{userId}", method = RequestMethod.DELETE, role = {ManagerRole.ADMIN, ManagerRole.ACCOUNT_MANAGER,ManagerRole.BD_USER}) public void disableUser(@PathVariable String userId, @ModelAttribute(CommonConsts.MANAGER_STATUS) JSONObject loginManager) { managerAccountsService.disable(userId, loginManager); } diff --git a/src/main/java/au/com/royalpay/payment/manage/tradelog/beans/TradeLogQuery.java b/src/main/java/au/com/royalpay/payment/manage/tradelog/beans/TradeLogQuery.java index 6773cbb08..d21fded04 100644 --- a/src/main/java/au/com/royalpay/payment/manage/tradelog/beans/TradeLogQuery.java +++ b/src/main/java/au/com/royalpay/payment/manage/tradelog/beans/TradeLogQuery.java @@ -36,6 +36,7 @@ public class TradeLogQuery { private int trans_type; private boolean onlyGroup = false; private int group_bd; + private String org_id; public JSONObject toParams(String timezone) { JSONObject params = new JSONObject(); @@ -91,6 +92,9 @@ public class TradeLogQuery { if (getDev_id() != null) { params.put("dev_id", getDev_id()); } + if (org_id != null && org_id != "ALL") { + params.put("org_id", org_id); + } return params; } @@ -214,4 +218,12 @@ public class TradeLogQuery { public void setChannel(PayChannel channel) { this.channel = channel; } + + public String getOrg_id() { + return org_id; + } + + public void setOrg_id(String org_id) { + this.org_id = org_id; + } } diff --git a/src/main/java/au/com/royalpay/payment/manage/tradelog/core/impls/TradeLogServiceImpl.java b/src/main/java/au/com/royalpay/payment/manage/tradelog/core/impls/TradeLogServiceImpl.java index 6848bd064..4f2ab89ab 100644 --- a/src/main/java/au/com/royalpay/payment/manage/tradelog/core/impls/TradeLogServiceImpl.java +++ b/src/main/java/au/com/royalpay/payment/manage/tradelog/core/impls/TradeLogServiceImpl.java @@ -18,7 +18,9 @@ import au.com.royalpay.payment.manage.mappers.payment.TransactionMapper; import au.com.royalpay.payment.manage.mappers.system.ClientAccountMapper; import au.com.royalpay.payment.manage.mappers.system.CustomerMapper; import au.com.royalpay.payment.manage.mappers.system.CustomerRelationAlipayMapper; +import au.com.royalpay.payment.manage.mappers.system.OrgMapper; import au.com.royalpay.payment.manage.merchants.core.ClientManager; +import au.com.royalpay.payment.manage.organizations.core.OrgManager; import au.com.royalpay.payment.manage.tradelog.beans.PreRefundQueryBean; import au.com.royalpay.payment.manage.tradelog.beans.TradeLogQuery; import au.com.royalpay.payment.manage.tradelog.core.TradeLogService; @@ -119,6 +121,9 @@ public class TradeLogServiceImpl implements TradeLogService { @Resource private ClientCustomersMapper clientCustomersMapper; + @Resource + private OrgManager orgManager; + // @Value("classpath:/jasper/trans_flow.jasper") // @Value("classpath:/jasper/trans_flow_new.jasper") @Value("classpath:/jasper/partner_invoice.jasper") @@ -175,9 +180,7 @@ public class TradeLogServiceImpl implements TradeLogService { params.put("bd_group_bd", query.getGroup_bd()); } } - if (manager.getInteger("org_id") != null) { - params.put("org_id", manager.getIntValue("org_id")); - } + orgManager.checkOrg(manager,params); PageList logs = orderMapper.listOrders(params, new PageBounds(query.getPage(), query.getLimit(), Order.formString("create_time.desc"))); JSONObject result = PageListUtils.buildPageListResult(logs); JSONObject analysis = orderMapper.analysisOrders(params); @@ -185,6 +188,8 @@ public class TradeLogServiceImpl implements TradeLogService { return result; } + + @Override public List listOrderRefunds(String orderId, String timezone) { List refunds = refundMapper.listOrderRefunds(orderId, new PageBounds(Order.formString("create_time.desc"))); diff --git a/src/main/resources/au/com/royalpay/payment/manage/mappers/payment/OrderMapper.xml b/src/main/resources/au/com/royalpay/payment/manage/mappers/payment/OrderMapper.xml index d9476cdbf..15377e695 100644 --- a/src/main/resources/au/com/royalpay/payment/manage/mappers/payment/OrderMapper.xml +++ b/src/main/resources/au/com/royalpay/payment/manage/mappers/payment/OrderMapper.xml @@ -172,10 +172,12 @@ and o.order_id=#{order_id} + and p.org_id in + #{org_id} and o.gateway in #{gateway} - and p.org_id=#{org_id} + and p.org_id=#{org_id} and o.create_time >= #{from} and o.create_time < #{to} and date(o.create_time)=date(#{date}) diff --git a/src/main/resources/au/com/royalpay/payment/manage/mappers/system/ClientMapper.xml b/src/main/resources/au/com/royalpay/payment/manage/mappers/system/ClientMapper.xml index 77c69f77f..59fce38fe 100644 --- a/src/main/resources/au/com/royalpay/payment/manage/mappers/system/ClientMapper.xml +++ b/src/main/resources/au/com/royalpay/payment/manage/mappers/system/ClientMapper.xml @@ -150,6 +150,8 @@ and c.org_id=#{org_id} + and c.org_id in + #{org_id} and c.referrer_id=#{referrer_id} and c.is_valid=1 diff --git a/src/main/resources/au/com/royalpay/payment/manage/mappers/system/OrgMapper.xml b/src/main/resources/au/com/royalpay/payment/manage/mappers/system/OrgMapper.xml index 7c5036341..c1a62ca1c 100644 --- a/src/main/resources/au/com/royalpay/payment/manage/mappers/system/OrgMapper.xml +++ b/src/main/resources/au/com/royalpay/payment/manage/mappers/system/OrgMapper.xml @@ -8,6 +8,33 @@ + + + + + + @@ -37,6 +64,13 @@ and org.name=#{name} + + and org.parent_org_id=#{parent_org_id} + + + and (org.org_id=#{org_id} or org.parent_org_id=#{org_id}) + + \ No newline at end of file diff --git a/src/main/ui/static/config/managers/manager.js b/src/main/ui/static/config/managers/manager.js index b749ab7a8..adf9fee30 100644 --- a/src/main/ui/static/config/managers/manager.js +++ b/src/main/ui/static/config/managers/manager.js @@ -20,9 +20,9 @@ define(['angular', 'uiRouter', 'uiBootstrap'], function (angular) { }; if($filter('withRole')('1')){ $scope.listOrgs = function () { - $http.get('/sys/orgs',{params:{detail:true}}).then(function (resp) { + $http.get('/sys/orgs/list_all_Org', {params: {}}).then(function (resp) { $scope.orgs = resp.data; - }) + }); }; $scope.listOrgs(); } diff --git a/src/main/ui/static/config/managers/templates/managers.html b/src/main/ui/static/config/managers/templates/managers.html index 688282066..36fa9f08d 100644 --- a/src/main/ui/static/config/managers/templates/managers.html +++ b/src/main/ui/static/config/managers/templates/managers.html @@ -36,11 +36,17 @@
+ +
+
-
+
-
+
-
+
-
+

-
+
@@ -88,7 +89,7 @@
-
+
diff --git a/src/main/ui/static/config/organizations/templates/org_detail.html b/src/main/ui/static/config/organizations/templates/org_detail.html index dbba42c13..cd634a020 100644 --- a/src/main/ui/static/config/organizations/templates/org_detail.html +++ b/src/main/ui/static/config/organizations/templates/org_detail.html @@ -50,7 +50,8 @@
-
+
diff --git a/src/main/ui/static/config/organizations/templates/org_detail_parent.html b/src/main/ui/static/config/organizations/templates/org_detail_parent.html new file mode 100644 index 000000000..e2053af76 --- /dev/null +++ b/src/main/ui/static/config/organizations/templates/org_detail_parent.html @@ -0,0 +1,255 @@ + +
+

+ +
+
+
+
+ + +
+
+
+ +
+ +
+
+
+ +
+

+ + + +

+
+
+
+ +
+ +
+
+
+ +
+ + + + + +
+
+
+
+ +
+ + % +
+
+
+
+
+ +
+ + % +
+
+ +
+ +
+ + % +
+
+ +
+ +
+ + % +
+
+ +
+ +
+ + % +
+
+ +
+ +
+ + % +
+
+
+ +
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+
+ + Back +
+ +
+
+ +
+
+
+ +
\ No newline at end of file diff --git a/src/main/ui/static/config/organizations/templates/orgs.html b/src/main/ui/static/config/organizations/templates/orgs.html index 3a1d1a023..a763ce5f0 100644 --- a/src/main/ui/static/config/organizations/templates/orgs.html +++ b/src/main/ui/static/config/organizations/templates/orgs.html @@ -86,15 +86,22 @@
-
+ + <!––> +
--> +
+
- @@ -144,7 +151,8 @@ - {{org.name}} + {{org.name}} {{org.location}} {{org.contact_person}} {{org.contact_phone}} @@ -153,11 +161,14 @@
Edit - | + ui-sref=".detail({orgId:org.org_id})" ng-if="(currentUser.org_id == null) || (org.parent_org_id == currentUser.org_id)"> Edit | + Disable + ng-click="disableOrg(org)" ng-if="(currentUser.org_id == null)||(org.parent_org_id == currentUser.org_id)">Disable + + Detail
diff --git a/src/main/ui/static/payment/partner/partner-manage.js b/src/main/ui/static/payment/partner/partner-manage.js index 2d8a28884..cf7b65814 100644 --- a/src/main/ui/static/payment/partner/partner-manage.js +++ b/src/main/ui/static/payment/partner/partner-manage.js @@ -122,7 +122,6 @@ define(['angular', 'decimal', 'static/commons/commons', 'uiBootstrap', 'uiRouter if ($scope.currentUser.org_id == 1 || $scope.currentUser.org_id == null) { $scope.analysisClients(); } - $scope.pagination = {}; $scope.industries = industryMap.configs(); $scope.states = stateMap.configs(); @@ -131,7 +130,7 @@ define(['angular', 'decimal', 'static/commons/commons', 'uiBootstrap', 'uiRouter $scope.business_structures = businessStructuresMap.configs(); $scope.clean_days = angular.copy(clean_days_map); $scope.bd_citys = angular.copy(bd_city_map); - $scope.params = {textType: 'all'}; + $scope.params = {textType: 'all',org_name:'ALL'}; $scope.loadPartners = function (page) { var params = angular.copy($scope.params); @@ -165,6 +164,21 @@ define(['angular', 'decimal', 'static/commons/commons', 'uiBootstrap', 'uiRouter }); } + $scope.loadOrgs = function () { + var params = angular.copy($scope.params); + $http.get('/sys/orgs/orgChild',{params: params}).then(function (resp) { + $scope.orgs_child = resp.data; + }) + }; + $scope.loadOrgs(); + + + /* $scope.onOrgsSelect = function (selectedItem) { + $scope.params.org_id = selectedItem.org_id; + $scope.params.org_name = selectedItem.label; + $scope.loadPartners(); + }; +*/ /* $scope.chooseOrg = function (org) { if (org == 'all') { delete $scope.params.org_id; diff --git a/src/main/ui/static/payment/partner/templates/partners.html b/src/main/ui/static/payment/partner/templates/partners.html index 1a326ce7a..aa99dceb1 100644 --- a/src/main/ui/static/payment/partner/templates/partners.html +++ b/src/main/ui/static/payment/partner/templates/partners.html @@ -142,11 +142,34 @@
+ +
+ + +
+ +
+
+ -
+
diff --git a/src/main/ui/static/payment/tradelog/templates/trade_logs.html b/src/main/ui/static/payment/tradelog/templates/trade_logs.html index a631b9a9e..b5b7cc556 100644 --- a/src/main/ui/static/payment/tradelog/templates/trade_logs.html +++ b/src/main/ui/static/payment/tradelog/templates/trade_logs.html @@ -56,6 +56,16 @@
+
+ +
+ +
+
diff --git a/src/main/ui/static/payment/tradelog/tradelog-manage.js b/src/main/ui/static/payment/tradelog/tradelog-manage.js index fb124fd19..7bac63aa5 100644 --- a/src/main/ui/static/payment/tradelog/tradelog-manage.js +++ b/src/main/ui/static/payment/tradelog/tradelog-manage.js @@ -17,7 +17,7 @@ define(['angular', 'uiBootstrap', 'uiRouter'], function (angular) { }]); app.controller('globalTradeLogCtrl', ['$scope', '$http', '$filter', 'commonDialog', 'refunder', 'orderService', function ($scope, $http, $filter, commonDialog, refunder, orderService) { - $scope.params = {status: 'PAID',channel:'ALL', textType: 'all', datefrom: new Date(), dateto: new Date()}; + $scope.params = {status: 'PAID',channel:'ALL', textType: 'all', datefrom: new Date(), dateto: new Date(),org_name:'ALL'}; $scope.pagination = {}; $scope.today = new Date(); @@ -76,6 +76,14 @@ define(['angular', 'uiBootstrap', 'uiRouter'], function (angular) { $scope.params.datefrom = monthBegin; $scope.loadTradeLogs(1); }; + + $scope.loadOrgs = function () { + $http.get('/sys/orgs/orgChild').then(function (resp) { + $scope.orgs = resp.data; + }) + }; + $scope.loadOrgs(); + $scope.loadTradeLogs = function (page) { var params = angular.copy($scope.params); if (params.datefrom) { diff --git a/src/test/java/au/com/royalpay/payment/manage/apps/core/impls/CustomerImpressionImplTest.java b/src/test/java/au/com/royalpay/payment/manage/apps/core/impls/CustomerImpressionImplTest.java index dcb24d4f8..f0631ed79 100644 --- a/src/test/java/au/com/royalpay/payment/manage/apps/core/impls/CustomerImpressionImplTest.java +++ b/src/test/java/au/com/royalpay/payment/manage/apps/core/impls/CustomerImpressionImplTest.java @@ -1,6 +1,6 @@ package au.com.royalpay.payment.manage.apps.core.impls; -import au.com.royalpay.payment.manage.apps.core.CustomerImpression; +import au.com.royalpay.payment.manage.apps.core.CustomerImpressionService; import org.junit.Test; import org.junit.runner.RunWith; @@ -18,7 +18,7 @@ import javax.annotation.Resource; @RunWith(SpringRunner.class) public class CustomerImpressionImplTest { @Resource - private CustomerImpression customerImpression; + private CustomerImpressionService customerImpression; @Test public void generate() throws Exception { customerImpression.generate(9);