diff --git a/app/admin/apis/erpordermanage/erp_order.go b/app/admin/apis/erpordermanage/erp_order.go index cd9bdee..4735e77 100644 --- a/app/admin/apis/erpordermanage/erp_order.go +++ b/app/admin/apis/erpordermanage/erp_order.go @@ -35,27 +35,14 @@ func ErpOrderCreate(c *gin.Context) { return } - sysUser, err := model.GetSysUserByCtx(c) - if err != nil { - logger.Error("sys user err:", logger.Field("err", err)) - app.Error(c, http.StatusInternalServerError, err, "操作失败:"+err.Error()) - return - } - - if sysUser.StoreData == "" { // 校验登陆账户所属门店 - logger.Error("sys user store id null") - app.Error(c, http.StatusBadRequest, errors.New("para err"), "该账户未绑定门店") - return - } - - err = model.CreateErpOrder(req, sysUser) + err = model.CreateErpOrder(req, c) if err != nil { logger.Error("CreateErpOrder err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, err.Error()) return } - app.OK(c, nil, "") + app.OK(c, nil, "新增成功") return } @@ -81,27 +68,14 @@ func ErpOrderEdit(c *gin.Context) { return } - sysUser, err := model.GetSysUserByCtx(c) - if err != nil { - logger.Error("sys user err:", logger.Field("err", err)) - app.Error(c, http.StatusInternalServerError, err, "操作失败:"+err.Error()) - return - } - - if sysUser.StoreData == "" { // 校验登陆账户所属门店 - logger.Error("sys user store id null") - app.Error(c, http.StatusBadRequest, errors.New("para err"), "该账户未绑定门店") - return - } - - err = model.EditErpOrder(req, sysUser) + err = model.EditErpOrder(req, c) if err != nil { logger.Error("EditErpOrder err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, err.Error()) return } - app.OK(c, nil, "") + app.OK(c, nil, "编辑成功") return } @@ -121,7 +95,7 @@ func ErpOrderList(c *gin.Context) { return } - resp, err := req.List() + resp, err := req.List(c) if err != nil { logger.Error("erp commodity list err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) @@ -154,13 +128,6 @@ func ErpOrderAudit(c *gin.Context) { return } - sysUser, err := model.GetSysUserByCtx(c) - if err != nil { - logger.Errorf("err:%#v", err) - app.Error(c, http.StatusInternalServerError, errors.New("order list err"), "获取订单列表失败") - return - } - // todo 需要判断是否有审核权限 var erpOrder model.ErpOrder @@ -171,6 +138,20 @@ func ErpOrderAudit(c *gin.Context) { return } + sysUser, err := model.GetSysUserByCtx(c) + if err != nil { + logger.Errorf("err:%#v", err) + app.Error(c, http.StatusInternalServerError, err, "审核失败:"+err.Error()) + return + } + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !model.CheckUserStore(erpOrder.StoreId, sysUser) { + app.Error(c, http.StatusInternalServerError, err, "审核失败:您没有该门店权限") + return + } + } + // 如果订单已审核而且是已支付状态,则不能取消审核 if erpOrder.State == model.ErpOrderStateAudited && erpOrder.PayStatus == model.HavePaid && req.State == 2 { app.Error(c, http.StatusInternalServerError, err, "操作失败:已支付订单不能取消审核") @@ -275,7 +256,7 @@ func ErpOrderDelete(c *gin.Context) { return } - err = model.DeleteOrder(req) + err = model.DeleteOrder(req, c) if err != nil { logger.Error("AddInvoice err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, err.Error()) @@ -308,7 +289,7 @@ func ErpOrderAddInvoice(c *gin.Context) { return } - err = model.SetInvoice(req) + err = model.SetInvoice(req, c) if err != nil { logger.Error("AddInvoice err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "操作失败:"+err.Error()) @@ -341,7 +322,7 @@ func ErpOrderPay(c *gin.Context) { return } - resp, err := model.ErpOrderPay(req) + resp, err := model.ErpOrderPay(req, c) if err != nil { logger.Error("ErpOrderPay err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, err.Error()) @@ -407,7 +388,7 @@ func ErpOrderStoreManageData(c *gin.Context) { return } - resp, err := model.QueryStoreManageData(req) + resp, err := model.QueryStoreManageData(req, c) if err != nil { logger.Error("QueryStoreManageData err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) @@ -440,7 +421,7 @@ func ErpOrderRetailMargin(c *gin.Context) { return } - resp, err := model.QueryRetailMargin(req) + resp, err := model.QueryRetailMargin(req, c) if err != nil { logger.Error("QueryRetailMargin err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) @@ -473,7 +454,7 @@ func ErpOrderRetailDetail(c *gin.Context) { return } - resp, err := model.QueryRetailDetail(req) + resp, err := model.QueryRetailDetail(req, c) if err != nil { logger.Error("QueryRetailDetail err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) @@ -506,7 +487,7 @@ func ErpOrderReceiptData(c *gin.Context) { return } - resp, err := model.QueryReceiptData(req) + resp, err := model.QueryReceiptData(req, c) if err != nil { logger.Error("QueryRetailDetail err:", logger.Field("err", err)) app.Error(c, http.StatusInternalServerError, err, "查询失败:"+err.Error()) @@ -539,6 +520,11 @@ func ErpOrderShowAllData(c *gin.Context) { return } + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + app.Error(c, http.StatusBadRequest, errors.New("您没有该接口权限"), "您没有该接口权限") + return + } + err = model.SetErpOrderShowConfig(req) if err != nil { logger.Error("SetErpOrderShowConfig err:", logger.Field("err", err)) diff --git a/app/admin/models/erp_order.go b/app/admin/models/erp_order.go index a02228b..c3e4870 100644 --- a/app/admin/models/erp_order.go +++ b/app/admin/models/erp_order.go @@ -4,6 +4,7 @@ import ( "encoding/json" "errors" "fmt" + "github.com/gin-gonic/gin" "github.com/xuri/excelize/v2" "go-admin/app/admin/apis/pay" orm "go-admin/common/global" @@ -406,8 +407,32 @@ type TableData struct { JE uint32 `json:"JE"` // 商品指导零售价乘以销售数量 } +// GetValidStoreIDs 返回未过期门店的ID列表 +func GetValidStoreIDs(storeData string) []uint32 { + // 解析门店数据 + var stores []StoreInfo + if err := json.Unmarshal([]byte(storeData), &stores); err != nil { + return nil + } + + var validStoreIDs []uint32 + // 遍历每个门店,检查是否过期 + for _, store := range stores { + expireTime, err := time.Parse(StoreDateTimeFormat, store.ExpireTime) + if err != nil { + continue + } + // 如果过期时间在当前时间之后,则未过期,将门店ID添加到列表中 + if expireTime.After(time.Now()) { + validStoreIDs = append(validStoreIDs, uint32(store.StoreID)) + } + } + + return validStoreIDs +} + // List 查询零售订单列表 -func (m *ErpOrderListReq) List() (*ErpOrderListResp, error) { +func (m *ErpOrderListReq) List(c *gin.Context) (*ErpOrderListResp, error) { showConfig, err := GetErpOrderShowConfig() if err != nil { logger.Errorf("List err:", err) @@ -424,18 +449,34 @@ func (m *ErpOrderListReq) List() (*ErpOrderListResp, error) { if m.PageSize == 0 { m.PageSize = 10 } + if m.ScanCode != "" { // 扫描了串码,需要查询已售的商品数据 - return QueryListByScanCode(m.ScanCode, showConfig.ShowAll) + return QueryListByScanCode(m.ScanCode, showConfig.ShowAll, c) } if m.CommodityName != "" { // 输入了商品名称进行查询 - return QueryListByCommodityName(m, showConfig.ShowAll) + return QueryListByCommodityName(m, showConfig.ShowAll, c) } qs := orm.Eloquent.Table("erp_order") if showConfig.ShowAll == "OFF" { // 关闭后未开小票的零售销售订单隐藏 qs = qs.Where("is_print = ? or retail_type = ?", HavePrinted, RetailTypeRejected) } + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + qs = qs.Where("store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } if m.BillSn != "" { qs = qs.Where("bill_sn=?", m.BillSn) } else { @@ -522,7 +563,7 @@ func (m *ErpOrderListReq) List() (*ErpOrderListResp, error) { } // QueryListByScanCode 通过扫描串码查询列表 -func QueryListByScanCode(scanCode, showConfig string) (*ErpOrderListResp, error) { +func QueryListByScanCode(scanCode, showConfig string, c *gin.Context) (*ErpOrderListResp, error) { resp := &ErpOrderListResp{} var commodity []ErpOrderCommodity @@ -551,6 +592,20 @@ func QueryListByScanCode(scanCode, showConfig string) (*ErpOrderListResp, error) } } + if len(orders) != 0 { + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("查询失败:" + err.Error()) + } + + if !CheckUserStore(orders[0].StoreId, sysUser) { + return &ErpOrderListResp{}, errors.New("您没有该门店权限") + } + } + } + // 添加付款、销售员、商品信息 erpOrderListSetCommodity(orders) erpOrderListSetCashier(orders) @@ -567,7 +622,7 @@ func QueryListByScanCode(scanCode, showConfig string) (*ErpOrderListResp, error) } // QueryListByCommodityName 通过商品名称查询列表 -func QueryListByCommodityName(req *ErpOrderListReq, showConfig string) (*ErpOrderListResp, error) { +func QueryListByCommodityName(req *ErpOrderListReq, showConfig string, c *gin.Context) (*ErpOrderListResp, error) { resp := &ErpOrderListResp{ PageIndex: req.PageIndex, PageSize: req.PageSize, @@ -598,6 +653,21 @@ func QueryListByCommodityName(req *ErpOrderListReq, showConfig string) (*ErpOrde if req.StoreId != 0 { // 门店ID qs = qs.Where("erp_order.store_id=?", req.StoreId) } + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + qs = qs.Where("erp_order.store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } qs.Where("erp_order.pay_status = ?", HavePaid) es := qs @@ -1203,9 +1273,15 @@ func SetUserInfo(tel string) { } // SetInvoice 设置发票内容 -func SetInvoice(req *ErpOrderAddInvoiceReq) error { +func SetInvoice(req *ErpOrderAddInvoiceReq, c *gin.Context) error { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + logger.Errorf("err:%#v", err) + return err + } + var orderInfo ErpOrder - err := orm.Eloquent.Table("erp_order").Where("bill_sn = ?", req.BillSn).Find(&orderInfo).Error + err = orm.Eloquent.Table("erp_order").Where("bill_sn = ?", req.BillSn).Find(&orderInfo).Error if err != nil { logger.Error("操作失败,未查询到订单", logger.Field("err", err)) return errors.New("未查询到订单") @@ -1221,6 +1297,13 @@ func SetInvoice(req *ErpOrderAddInvoiceReq) error { return errors.New("订单未支付") } + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !CheckUserStore(orderInfo.StoreId, sysUser) { + return errors.New("操作失败:您没有该门店权限") + } + } + err = orm.Eloquent.Table("erp_order").Where("id = ?", orderInfo.ID).Updates(map[string]interface{}{ "invoice_code": req.InvoiceCode, "invoice_number": req.InvoiceNumber, @@ -1234,9 +1317,15 @@ func SetInvoice(req *ErpOrderAddInvoiceReq) error { } // DeleteOrder 删除订单 -func DeleteOrder(req *ErpOrderDeleteReq) error { +func DeleteOrder(req *ErpOrderDeleteReq, c *gin.Context) error { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + logger.Errorf("err:%#v", err) + return err + } + var orderInfo ErpOrder - err := orm.Eloquent.Table("erp_order").Where("bill_sn = ?", req.BillSn).Find(&orderInfo).Error + err = orm.Eloquent.Table("erp_order").Where("bill_sn = ?", req.BillSn).Find(&orderInfo).Error if err != nil { logger.Error("order delete err:", logger.Field("err", err)) return errors.New("未查询到订单") @@ -1247,6 +1336,13 @@ func DeleteOrder(req *ErpOrderDeleteReq) error { return errors.New("已审核订单不能删除") } + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !CheckUserStore(orderInfo.StoreId, sysUser) { + return errors.New("操作失败:您没有该门店权限") + } + } + var orderCommodities ErpOrderCommodity err = orm.Eloquent.Table("erp_order_commodity").Where("erp_order_id = ?", orderInfo.ID).Find(&orderCommodities).Error if err != nil { @@ -1340,18 +1436,31 @@ func checkIsPayInit(billSn string) bool { } // ErpOrderPay 零售订单支付 -func ErpOrderPay(req *ErpOrderPayReq) (*ErpOrderPayResp, error) { +func ErpOrderPay(req *ErpOrderPayReq, c *gin.Context) (*ErpOrderPayResp, error) { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + logger.Errorf("err:%#v", err) + return nil, err + } + resp := &ErpOrderPayResp{ Status: PayFailed, } //通过单据号查询收款金额 var orderInfo ErpOrder - err := orm.Eloquent.Table("erp_order").Where("bill_sn = ?", req.BillSn).Find(&orderInfo).Error + err = orm.Eloquent.Table("erp_order").Where("bill_sn = ?", req.BillSn).Find(&orderInfo).Error if err != nil { logger.Error("未查询到订单:", logger.Field("err", err)) return resp, err } + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !CheckUserStore(orderInfo.StoreId, sysUser) { + return nil, errors.New("操作失败:您没有该门店权限") + } + } + if orderInfo.PayStatus == HavePaid { logger.Error("ErpOrderPay err, 订单已支付") return resp, errors.New("订单已支付") @@ -1639,7 +1748,7 @@ func CommodityIsHaveStock(req ErpOrderCommodity, storeId uint32) bool { } // QueryStoreManageData 查询门店经营数据 -func QueryStoreManageData(req *ErpOrderStoreManageDataReq) (*ErpOrderStoreManageDataResp, error) { +func QueryStoreManageData(req *ErpOrderStoreManageDataReq, c *gin.Context) (*ErpOrderStoreManageDataResp, error) { showConfig, err := GetErpOrderShowConfig() if err != nil { logger.Errorf("List err:", err) @@ -1665,6 +1774,21 @@ func QueryStoreManageData(req *ErpOrderStoreManageDataReq) (*ErpOrderStoreManage if req.StoreId != 0 { qs = qs.Where("store_id = ?", req.StoreId) } + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + qs = qs.Where("store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } if showConfig.ShowAll == "OFF" { qs = qs.Where("is_print = ? or retail_type = ?", HavePrinted, RetailTypeRejected) } @@ -1908,7 +2032,7 @@ func retailMarginDataExport(req *ErpOrderRetailMarginResp) (string, error) { } // QueryRetailMargin 查询零售毛利汇总数据 -func QueryRetailMargin(req *ErpOrderRetailMarginReq) (*ErpOrderRetailMarginResp, error) { +func QueryRetailMargin(req *ErpOrderRetailMarginReq, c *gin.Context) (*ErpOrderRetailMarginResp, error) { showConfig, err := GetErpOrderShowConfig() if err != nil { logger.Errorf("List err:", err) @@ -1933,6 +2057,21 @@ func QueryRetailMargin(req *ErpOrderRetailMarginReq) (*ErpOrderRetailMarginResp, if len(req.StoreId) != 0 { qs.Where("erp_order.store_id in ?", req.StoreId) } + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + qs = qs.Where("erp_order.store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } if len(req.RetailType) != 0 { qs.Where("erp_order.retail_type in ?", req.RetailType) } @@ -2118,16 +2257,16 @@ func float64ToPercentage(value float64) string { } // QueryRetailDetail 查询零售明细 -func QueryRetailDetail(req *ErpOrderRetailDetailReq) (*ErpOrderRetailDetailResp, error) { +func QueryRetailDetail(req *ErpOrderRetailDetailReq, c *gin.Context) (*ErpOrderRetailDetailResp, error) { resp := &ErpOrderRetailDetailResp{} var err error if (req.ErpCategoryId != 0 || req.ErpCommodityName != "") && req.BillSn == "" { // 商品分类or商品名称不为空且订单编号为空 // 联表查询 - resp, err = queryRetailDetailByJoin(req) + resp, err = queryRetailDetailByJoin(req, c) } else { // 普通单表查询,然后补充收款数据和商品数据 - resp, err = queryRetailDetailCommon(req) + resp, err = queryRetailDetailCommon(req, c) } if err != nil { logger.Error("queryRetailDetailCommon err") @@ -2388,7 +2527,7 @@ type RetailDetailByJoin struct { } // 联表查询 -func queryRetailDetailByJoin(req *ErpOrderRetailDetailReq) (*ErpOrderRetailDetailResp, error) { +func queryRetailDetailByJoin(req *ErpOrderRetailDetailReq, c *gin.Context) (*ErpOrderRetailDetailResp, error) { showConfig, err := GetErpOrderShowConfig() if err != nil { logger.Errorf("List err:", err) @@ -2449,6 +2588,23 @@ func queryRetailDetailByJoin(req *ErpOrderRetailDetailReq) (*ErpOrderRetailDetai es = es.Where("erp_order.store_id=?", req.StoreId) orderSumQs = orderSumQs.Where("eo.store_id=?", req.StoreId) } + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + qs = qs.Where("erp_order.store_id IN (?)", storeList) + es = es.Where("erp_order.store_id IN (?)", storeList) + orderSumQs = orderSumQs.Where("erp_order.store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } if req.Salesman != 0 { // 销售员 qs = qs.Where("JSON_CONTAINS(erp_order.salesman_list, ?)", fmt.Sprintf(`{"uid":%d}`, req.Salesman)) es = es.Where("JSON_CONTAINS(erp_order.salesman_list, ?)", fmt.Sprintf(`{"uid":%d}`, req.Salesman)) @@ -2711,7 +2867,7 @@ func packData(result []RetailDetailByJoin) []ErpOrder { } // 普通单表查询,然后补充收款数据和商品数据 -func queryRetailDetailCommon(req *ErpOrderRetailDetailReq) (*ErpOrderRetailDetailResp, error) { +func queryRetailDetailCommon(req *ErpOrderRetailDetailReq, c *gin.Context) (*ErpOrderRetailDetailResp, error) { showConfig, err := GetErpOrderShowConfig() if err != nil { logger.Errorf("List err:", err) @@ -2750,6 +2906,21 @@ func queryRetailDetailCommon(req *ErpOrderRetailDetailReq) (*ErpOrderRetailDetai if req.StoreId != 0 { // 门店ID qs = qs.Where("store_id=?", req.StoreId) } + // 非管理员才判断所属门店 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + + // 返回sysUser未过期的门店id列表 + storeList := GetValidStoreIDs(sysUser.StoreData) + if len(storeList) > 0 { + qs = qs.Where("store_id IN (?)", storeList) + } else { + return nil, errors.New("用户未绑定门店") + } + } if req.Salesman != 0 { // 销售员 qs = qs.Where("JSON_CONTAINS(salesman_list, ?)", fmt.Sprintf(`{"uid":%d}`, req.Salesman)) } @@ -3033,14 +3204,27 @@ func subtractCashierData(cashier, rejectedCashier TotalCashierData) TotalCashier } // QueryReceiptData 查询小票数据 -func QueryReceiptData(req *ErpOrderDeleteReq) (*ErpOrderReceiptDataResp, error) { +func QueryReceiptData(req *ErpOrderDeleteReq, c *gin.Context) (*ErpOrderReceiptDataResp, error) { + sysUser, err := GetSysUserByCtx(c) + if err != nil { + logger.Errorf("err:%#v", err) + return nil, err + } + var orders []ErpOrder - err := orm.Eloquent.Table("erp_order").Where("bill_sn = ?", req.BillSn).Find(&orders).Error + err = orm.Eloquent.Table("erp_order").Where("bill_sn = ?", req.BillSn).Find(&orders).Error if err != nil { logger.Error("erp_order find err:", logger.Field("err", err)) return nil, err } + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !CheckUserStore(orders[0].StoreId, sysUser) { + return nil, errors.New("操作失败:您没有该门店权限") + } + } + if orders[0].PayStatus != HavePaid { logger.Error("订单未支付") return nil, errors.New("该订单未支付,不支持打印小票") @@ -3120,9 +3304,9 @@ func QueryReceiptData(req *ErpOrderDeleteReq) (*ErpOrderReceiptDataResp, error) } // CreateErpOrder 创建零售订单 -func CreateErpOrder(req *ErpOrderCreateReq, sysUser *SysUser) error { +func CreateErpOrder(req *ErpOrderCreateReq, c *gin.Context) error { // 校验订单数据 - erpOrder, err := checkOrderData(req, sysUser) + erpOrder, err := checkOrderData(req, c) if err != nil { return err } @@ -3214,7 +3398,7 @@ func CreateErpOrder(req *ErpOrderCreateReq, sysUser *SysUser) error { } // EditErpOrder 编辑订单 -func EditErpOrder(req *ErpOrderCreateReq, sysUser *SysUser) error { +func EditErpOrder(req *ErpOrderCreateReq, c *gin.Context) error { var orderInfo ErpOrder err := orm.Eloquent.Table("erp_order").Where("bill_sn=?", req.BillSn).Find(&orderInfo).Error if err != nil { @@ -3228,7 +3412,7 @@ func EditErpOrder(req *ErpOrderCreateReq, sysUser *SysUser) error { } // 校验订单数据 - erpOrder, err := checkOrderData(req, sysUser) + erpOrder, err := checkOrderData(req, c) if err != nil { return err } @@ -3278,14 +3462,52 @@ func EditErpOrder(req *ErpOrderCreateReq, sysUser *SysUser) error { return nil } +// CheckUserStore 校验用户门店是否包含在门店数据中且未过期 +func CheckUserStore(userStoreId uint32, sysUser *SysUser) bool { + // 解析门店数据 + var stores []StoreInfo + if err := json.Unmarshal([]byte(sysUser.StoreData), &stores); err != nil { + return false + } + + // 查找用户门店并检查是否过期 + for _, store := range stores { + if store.StoreID == int(userStoreId) { + expireTime, err := time.Parse(StoreDateTimeFormat, store.ExpireTime) + if err != nil { + return false + } + // 如果过期时间在当前时间之后,则未过期 + if expireTime.After(time.Now()) { + return true + } + return false + } + } + + // 没有找到对应的门店 + return false +} + // checkOrderData 校验订单数据 -func checkOrderData(req *ErpOrderCreateReq, sysUser *SysUser) (*ErpOrder, error) { +func checkOrderData(req *ErpOrderCreateReq, c *gin.Context) (*ErpOrder, error) { jCashier, err := json.Marshal(req.Cashiers) if err != nil { logger.Error("cashiers marshal err:", logger.Field("err", err)) return nil, errors.New("操作失败:" + err.Error()) } + sysUser, err := GetSysUserByCtx(c) + if err != nil { + return nil, errors.New("操作失败:" + err.Error()) + } + // 校验入参门店是否包含在用户所有门店中,是否过期 + if !(tools.GetRoleName(c) == "admin" || tools.GetRoleName(c) == "系统管理员") { + if !CheckUserStore(req.StoreId, sysUser) { + return nil, errors.New("操作失败:您没有该门店权限") + } + } + if req.RetailType == RetailTypeSale { // 校验商品是否有库存 err = checkOrderCommodityStock(req) diff --git a/app/admin/models/inventory_allot.go b/app/admin/models/inventory_allot.go index 967243c..0c5b041 100644 --- a/app/admin/models/inventory_allot.go +++ b/app/admin/models/inventory_allot.go @@ -239,7 +239,7 @@ func AddInventoryAllot(req *InventoryAllotAddReq, sysUser *SysUser) (*ErpInvento DeliverStoreName: req.DeliverStoreName, ReceiveStoreId: req.ReceiveStoreId, ReceiveStoreName: req.ReceiveStoreName, - HandlerId: uint32(sysUser.UserId), + HandlerId: req.HandlerId, HandlerName: req.HandlerName, MakerTime: &nowTime, MakerId: uint32(sysUser.UserId), diff --git a/app/admin/models/inventory_change.go b/app/admin/models/inventory_change.go index 64699fe..74302da 100644 --- a/app/admin/models/inventory_change.go +++ b/app/admin/models/inventory_change.go @@ -244,7 +244,7 @@ func AddInventoryChange(req *InventoryChangeAddReq, sysUser *SysUser) (*ErpInven ChangeType: req.ChangeType, StoreId: req.StoreId, StoreName: req.StoreName, - HandlerId: uint32(sysUser.UserId), + HandlerId: req.HandlerId, HandlerName: req.HandlerName, MakerTime: &nowTime, MakerId: uint32(sysUser.UserId), diff --git a/app/admin/models/purchase.go b/app/admin/models/purchase.go index c19e2d2..d0f5372 100644 --- a/app/admin/models/purchase.go +++ b/app/admin/models/purchase.go @@ -4183,27 +4183,20 @@ func getSignalPurchaseData(erpPurchaseOrderId, commodityId uint32) (PurchaseData //} // 查询所有商品信息,每页展示不同商品ID及其对应的订单ID -func getAllOrderCommodity(pageIndex, pageSize, is_export int) (map[uint32][]uint32, error) { +func getAllOrderCommodity(pageIndex, pageSize, isExport int) (map[uint32][]uint32, error) { var commodityMap = make(map[uint32][]uint32) var query string - if is_export == 1 { //导出excel + if isExport == 1 { //导出excel // 执行原生 SQL 查询,联结表格,按照每个商品ID列出所有的订单ID query = fmt.Sprintf(` - SELECT pc1.erp_commodity_id, GROUP_CONCAT(pc2.erp_purchase_order_id) AS order_ids - FROM erp_purchase_commodity pc1 - JOIN erp_purchase_commodity pc2 - ON pc1.erp_commodity_id = pc2.erp_commodity_id - GROUP BY pc1.erp_commodity_id`) + SELECT erp_commodity_id, GROUP_CONCAT(erp_purchase_order_id) AS order_ids FROM erp_purchase_commodity +GROUP BY erp_commodity_id`) } else { // 执行原生 SQL 查询,联结表格,按照每个商品ID列出所有的订单ID query = fmt.Sprintf(` - SELECT pc1.erp_commodity_id, GROUP_CONCAT(pc2.erp_purchase_order_id) AS order_ids - FROM erp_purchase_commodity pc1 - JOIN erp_purchase_commodity pc2 - ON pc1.erp_commodity_id = pc2.erp_commodity_id - GROUP BY pc1.erp_commodity_id - LIMIT %d OFFSET %d - `, pageSize, pageIndex*pageSize) + SELECT erp_commodity_id, GROUP_CONCAT(erp_purchase_order_id) AS order_ids FROM erp_purchase_commodity +GROUP BY erp_commodity_id + LIMIT %d OFFSET %d`, pageSize, pageIndex*pageSize) } rows, err := orm.Eloquent.Raw(query).Rows() diff --git a/app/admin/models/user.go b/app/admin/models/user.go index 0901edc..7d462d1 100644 --- a/app/admin/models/user.go +++ b/app/admin/models/user.go @@ -129,6 +129,7 @@ const ( const DateTimeFormat = "2006-01-02" const TimeFormat = "2006-01-02 15-04-05" const QueryTimeFormat = "2006-01-02T15:04:05+08:00" +const StoreDateTimeFormat = "2006.01.02" const ( ExportUrl = "https://dev.admin.deovo.com/load/export/"