From bace0e420eabafdcbebb3e803474fa38d37dccd9 Mon Sep 17 00:00:00 2001 From: "eason.qian" Date: Tue, 9 Jan 2018 10:35:25 +0800 Subject: [PATCH] fix --- .../manage/mappers/system/OrgMapper.java | 2 ++ .../manage/organizations/core/OrgManager.java | 1 + .../core/impls/OrgManagerImpl.java | 29 +++++++++++++++++++ .../core/impls/TradeLogServiceImpl.java | 28 ++++-------------- .../manage/mappers/payment/OrderMapper.xml | 2 +- .../manage/mappers/system/OrgMapper.xml | 4 +++ .../managers/templates/new_manager.html | 6 ++-- 7 files changed, 45 insertions(+), 27 deletions(-) diff --git a/src/main/java/au/com/royalpay/payment/manage/mappers/system/OrgMapper.java b/src/main/java/au/com/royalpay/payment/manage/mappers/system/OrgMapper.java index 968557be4..04ae18528 100644 --- a/src/main/java/au/com/royalpay/payment/manage/mappers/system/OrgMapper.java +++ b/src/main/java/au/com/royalpay/payment/manage/mappers/system/OrgMapper.java @@ -45,4 +45,6 @@ public interface OrgMapper { JSONObject findOrgByBDId(@Param("bd_id") int bd_id); PageList listOrgWithPages(JSONObject paraams, PageBounds order); + + List listOrgAndChild(@Param("org_id") int org_id); } diff --git a/src/main/java/au/com/royalpay/payment/manage/organizations/core/OrgManager.java b/src/main/java/au/com/royalpay/payment/manage/organizations/core/OrgManager.java index c682aee4f..d3f35d221 100644 --- a/src/main/java/au/com/royalpay/payment/manage/organizations/core/OrgManager.java +++ b/src/main/java/au/com/royalpay/payment/manage/organizations/core/OrgManager.java @@ -27,4 +27,5 @@ public interface OrgManager { List listAllOrg(); + JSONObject checkOrg(JSONObject manager, JSONObject params); } diff --git a/src/main/java/au/com/royalpay/payment/manage/organizations/core/impls/OrgManagerImpl.java b/src/main/java/au/com/royalpay/payment/manage/organizations/core/impls/OrgManagerImpl.java index 76ece5f19..90ddc9abd 100644 --- a/src/main/java/au/com/royalpay/payment/manage/organizations/core/impls/OrgManagerImpl.java +++ b/src/main/java/au/com/royalpay/payment/manage/organizations/core/impls/OrgManagerImpl.java @@ -4,6 +4,7 @@ import au.com.royalpay.payment.manage.mappers.system.OrgMapper; import au.com.royalpay.payment.manage.organizations.beans.OrgInfo; import au.com.royalpay.payment.manage.organizations.core.OrgManager; import au.com.royalpay.payment.tools.exceptions.BadRequestException; +import au.com.royalpay.payment.tools.exceptions.ForbiddenException; import au.com.royalpay.payment.tools.permission.enums.ManagerRole; import au.com.royalpay.payment.tools.utils.PageListUtils; import com.alibaba.fastjson.JSONArray; @@ -11,12 +12,14 @@ import com.alibaba.fastjson.JSONObject; import com.github.miemiedev.mybatis.paginator.domain.Order; import com.github.miemiedev.mybatis.paginator.domain.PageBounds; import com.github.miemiedev.mybatis.paginator.domain.PageList; +import org.apache.ibatis.annotations.Param; import org.springframework.stereotype.Service; import javax.annotation.Resource; import java.util.ArrayList; import java.util.Date; import java.util.List; +import java.util.stream.Collectors; /** * Created by yixian on 2016-10-18. @@ -132,4 +135,30 @@ public class OrgManagerImpl implements OrgManager { } } + @Override + public JSONObject checkOrg(JSONObject manager, JSONObject params){ + if (params.getString("org_id")==null){ + if (manager.getInteger("org_id")!=null){ + List orgs = orgMapper.listOrgAndChild(manager.getIntValue("org_id")); + if (orgs.size()>1){ + List orgIds = orgs.stream().map(org->org.getIntValue("org_id")).collect(Collectors.toList()); + params.put("org_ids",orgIds); + }else { + params.put("org_id",manager.getIntValue("org_id")); + } + } + }else { + if (manager.getInteger("org_id")!=null){ + List orgs = orgMapper.listOrgAndChild(manager.getIntValue("org_id")); + List orgIds = orgs.stream().map(org->org.getIntValue("org_id")).collect(Collectors.toList()); + if (!orgIds.contains(params.getString("org_id"))){ + throw new ForbiddenException("You have no permission to query the org"); + } + + } + + } + return params; + } + } diff --git a/src/main/java/au/com/royalpay/payment/manage/tradelog/core/impls/TradeLogServiceImpl.java b/src/main/java/au/com/royalpay/payment/manage/tradelog/core/impls/TradeLogServiceImpl.java index fe9ed3449..4f2ab89ab 100644 --- a/src/main/java/au/com/royalpay/payment/manage/tradelog/core/impls/TradeLogServiceImpl.java +++ b/src/main/java/au/com/royalpay/payment/manage/tradelog/core/impls/TradeLogServiceImpl.java @@ -20,6 +20,7 @@ import au.com.royalpay.payment.manage.mappers.system.CustomerMapper; import au.com.royalpay.payment.manage.mappers.system.CustomerRelationAlipayMapper; import au.com.royalpay.payment.manage.mappers.system.OrgMapper; import au.com.royalpay.payment.manage.merchants.core.ClientManager; +import au.com.royalpay.payment.manage.organizations.core.OrgManager; import au.com.royalpay.payment.manage.tradelog.beans.PreRefundQueryBean; import au.com.royalpay.payment.manage.tradelog.beans.TradeLogQuery; import au.com.royalpay.payment.manage.tradelog.core.TradeLogService; @@ -121,7 +122,7 @@ public class TradeLogServiceImpl implements TradeLogService { private ClientCustomersMapper clientCustomersMapper; @Resource - private OrgMapper orgMapper; + private OrgManager orgManager; // @Value("classpath:/jasper/trans_flow.jasper") // @Value("classpath:/jasper/trans_flow_new.jasper") @@ -179,28 +180,7 @@ public class TradeLogServiceImpl implements TradeLogService { params.put("bd_group_bd", query.getGroup_bd()); } } - if (manager.getInteger("org_id") != null) { - if(params.getString("org_id") == null) { - JSONObject org = orgMapper.findOne(manager.getInteger("org_id")); - if(org.getString("parent_org_id") != null){ - params.put("org_id",manager.getInteger("org_id")); - }else { - JSONObject param = new JSONObject(); - param.put("parent_org_id", manager.getIntValue("org_id")); - param.put("type", 0); - List orgIds = new ArrayList<>(); - List childOrgs = orgMapper.listOrgsWithChid(param); - if(childOrgs.size()>0){ - for (JSONObject object : childOrgs) { - orgIds.add(object.getIntValue("org_id")); - } - orgIds.add(manager.getIntValue("org_id")); - params.put("org_ids", orgIds); - } - } - - } - } + orgManager.checkOrg(manager,params); PageList logs = orderMapper.listOrders(params, new PageBounds(query.getPage(), query.getLimit(), Order.formString("create_time.desc"))); JSONObject result = PageListUtils.buildPageListResult(logs); JSONObject analysis = orderMapper.analysisOrders(params); @@ -208,6 +188,8 @@ public class TradeLogServiceImpl implements TradeLogService { return result; } + + @Override public List listOrderRefunds(String orderId, String timezone) { List refunds = refundMapper.listOrderRefunds(orderId, new PageBounds(Order.formString("create_time.desc"))); diff --git a/src/main/resources/au/com/royalpay/payment/manage/mappers/payment/OrderMapper.xml b/src/main/resources/au/com/royalpay/payment/manage/mappers/payment/OrderMapper.xml index c9893b8d6..15377e695 100644 --- a/src/main/resources/au/com/royalpay/payment/manage/mappers/payment/OrderMapper.xml +++ b/src/main/resources/au/com/royalpay/payment/manage/mappers/payment/OrderMapper.xml @@ -177,7 +177,7 @@ and o.gateway in #{gateway} - and p.org_id=#{org_id} + and p.org_id=#{org_id} and o.create_time >= #{from} and o.create_time < #{to} and date(o.create_time)=date(#{date}) diff --git a/src/main/resources/au/com/royalpay/payment/manage/mappers/system/OrgMapper.xml b/src/main/resources/au/com/royalpay/payment/manage/mappers/system/OrgMapper.xml index fd1772188..c1a62ca1c 100644 --- a/src/main/resources/au/com/royalpay/payment/manage/mappers/system/OrgMapper.xml +++ b/src/main/resources/au/com/royalpay/payment/manage/mappers/system/OrgMapper.xml @@ -31,6 +31,10 @@ + + diff --git a/src/main/ui/static/config/managers/templates/new_manager.html b/src/main/ui/static/config/managers/templates/new_manager.html index 96a455d20..1fa60ccb9 100644 --- a/src/main/ui/static/config/managers/templates/new_manager.html +++ b/src/main/ui/static/config/managers/templates/new_manager.html @@ -36,17 +36,17 @@
-
+
-
+
-
+