From 1e09e997d33ef057bb3d712646f309d03827888e Mon Sep 17 00:00:00 2001 From: chenlin Date: Tue, 11 Mar 2025 11:39:55 +0800 Subject: [PATCH] =?UTF-8?q?1=E3=80=81=E7=89=B9=E5=AE=9A=E8=A7=92=E8=89=B2?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E5=9C=A8=E6=96=B0=E5=A2=9E=E9=9B=B6=E5=94=AE?= =?UTF-8?q?=E8=AE=A2=E5=8D=95=E6=97=B6=E5=8F=AF=E4=BB=A5=E4=B8=8D=E5=8F=97?= =?UTF-8?q?=E6=9C=80=E4=BD=8E=E9=9B=B6=E5=94=AE=E4=BB=B7=E7=9A=84=E9=99=90?= =?UTF-8?q?=E5=88=B6=EF=BC=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/admin/apis/purchasemanage/purchase.go | 7 ++++++ app/admin/models/erp_order.go | 27 +++++++++++++++++++++-- app/admin/models/purchase.go | 2 +- cmd/api/server.go | 20 +++++++++-------- go.mod | 1 + go.sum | 1 + 6 files changed, 46 insertions(+), 12 deletions(-) diff --git a/app/admin/apis/purchasemanage/purchase.go b/app/admin/apis/purchasemanage/purchase.go index 7b8d2b4..702adc0 100644 --- a/app/admin/apis/purchasemanage/purchase.go +++ b/app/admin/apis/purchasemanage/purchase.go @@ -9,6 +9,7 @@ import ( "go-admin/logger" "go-admin/tools" "go-admin/tools/app" + "golang.org/x/time/rate" "math" "net/http" "time" @@ -830,6 +831,12 @@ func ErpPurchaseReportByCommodity(c *gin.Context) { return } + var limiter = rate.NewLimiter(5, 10) // 每秒最多5个请求 + if !limiter.Allow() { + app.Error(c, http.StatusTooManyRequests, errors.New("too Many Requests"), "Too Many Requests") + return + } + resp, err := model.GetReportByCommodity(req, c) if err != nil { logger.Error("GetReportByCommodity err:", logger.Field("err", err)) diff --git a/app/admin/models/erp_order.go b/app/admin/models/erp_order.go index 7e83f07..8d949f0 100644 --- a/app/admin/models/erp_order.go +++ b/app/admin/models/erp_order.go @@ -6195,6 +6195,27 @@ func AuthUserStore(c *gin.Context, storeId uint32) error { return nil } +// HasPermission 校验角色权限:以下角色支持零售开单修改零售价 < 商品最低零售价 +func HasPermission(c *gin.Context) bool { + // 获取用户角色 + roleName := tools.GetRoleName(c) + + // 允许的角色列表 + allowedRoles := map[string]bool{ + "manager": true, "经理": true, + "cg": true, "采购": true, + "yunying": true, "运营": true, + "admin": true, "系统管理员": true, + } + + // 检查用户角色是否在允许列表中 + if _, ok := allowedRoles[roleName]; !ok { + return false + } + + return true +} + // checkOrderData 校验订单数据 func checkOrderData(req *ErpOrderCreateReq, c *gin.Context) (*ErpOrder, error) { sysUser, err := GetSysUserByCtx(c) @@ -6442,8 +6463,10 @@ func checkOrderData(req *ErpOrderCreateReq, c *gin.Context) (*ErpOrder, error) { return nil, errors.New("赠送商品最低零售价不为0,不符合赠送条件,请检查") } if req.ErpOrderCommodities[i].SalePrice < v.MinRetailPrice { //零售价不能低于最低零售价 - logger.Error("SalePrice less than MinRetailPrice") - return nil, errors.New("零售价不能低于最低零售价,请检查") + if !HasPermission(c) { + logger.Error("SalePrice less than MinRetailPrice") + return nil, errors.New("零售价不能低于最低零售价,请检查") + } } if req.ErpOrderCommodities[i].PresentType == 1 && req.ErpOrderCommodities[i].CouponDiscount < req.ErpOrderCommodities[i].Amount { // 有非赠送商品 diff --git a/app/admin/models/purchase.go b/app/admin/models/purchase.go index e1c8fda..3770c43 100644 --- a/app/admin/models/purchase.go +++ b/app/admin/models/purchase.go @@ -4610,7 +4610,7 @@ func getReportByCommodityFromCommon(req *ErpPurchaseReportByCommodityReq, c *gin //close(ch) // 并发查询的限制 - const maxConcurrency = 15 + const maxConcurrency = 10 sem := make(chan struct{}, maxConcurrency) var wg sync.WaitGroup ch := make(chan TempData, len(orders)*len(commodityAndOrderIdMap)) diff --git a/cmd/api/server.go b/cmd/api/server.go index c08c9df..beddb39 100644 --- a/cmd/api/server.go +++ b/cmd/api/server.go @@ -207,16 +207,18 @@ func run() error { fmt.Println("err:", err) } - // 检测小程序商城有无待发货订单 - err = s.Every(1).Day().At("09:00").Do(models.CheckOnDeliverMall) - if err != nil { - fmt.Println("err:", err) - } + if config.ApplicationConfig.Mode != "dev" { + // 检测小程序商城有无待发货订单 + err = s.Every(1).Day().At("09:00").Do(models.CheckOnDeliverMall) + if err != nil { + fmt.Println("err:", err) + } - // 检测小程序商城有无待发货订单 - err = s.Every(1).Day().At("14:00").Do(models.CheckOnDeliverMall) - if err != nil { - fmt.Println("err:", err) + // 检测小程序商城有无待发货订单 + err = s.Every(1).Day().At("14:00").Do(models.CheckOnDeliverMall) + if err != nil { + fmt.Println("err:", err) + } } <-s.Start() diff --git a/go.mod b/go.mod index a3f452f..f9110be 100644 --- a/go.mod +++ b/go.mod @@ -55,6 +55,7 @@ require ( golang.org/x/arch v0.5.0 // indirect golang.org/x/crypto v0.14.0 golang.org/x/sync v0.4.0 + golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 golang.org/x/tools v0.14.0 // indirect google.golang.org/protobuf v1.31.0 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 diff --git a/go.sum b/go.sum index 188cac7..328f2ac 100644 --- a/go.sum +++ b/go.sum @@ -760,6 +760,7 @@ golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=