sales/todo-backend
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 添加顾客权限控制和订单时间限制

Browse Source
This commit is contained in:
Agent
2026-03-24 00:40:15 +00:00
parent 8e47a764b3
commit 3d84686fcf
9 changed files with 222 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
src/main/java/com/example/building/controller/OrderController.java
View File

@@ -5,9 +5,12 @@ import com.example.building.common.Result;
import com.example.building.dto.CreateOrderRequest;
import com.example.building.entity.Order;
import com.example.building.service.OrderService;
import com.example.building.service.SystemConfigService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import static java.lang.String.defaultString;
import java.util.Map;
/**
@@ -16,6 +19,7 @@ import java.util.Map;
* - 订单创建:计算原价(total_amount)、优惠金额(discount_amount)、实付金额(actual_amount)
* - 订单原价 = 商品标价 × 数量之和
* - 实付金额 = 原价 - 优惠金额
* - 顾客角色:只能查看半年内的订单(可配置)
*/
@RestController
@RequestMapping("/api/v1/orders")
@@ -24,22 +28,28 @@ public class OrderController {
@Autowired
private OrderService orderService;
@Autowired
private SystemConfigService systemConfigService;
/**
* 创建订单
* 核心逻辑:
* 1. 计算订单原价(total_amount) = Σ(item.price × item.quantity)
* 2. 计算优惠金额(discount_amount) = total_amount × (100 - discount_rate) / 100
* 3. 计算实付金额(actual_amount) = total_amount - discount_amount
* 顾客角色不允许创建订单
*/
@PostMapping
public Result<Order> createOrder(@RequestBody CreateOrderRequest request,
@RequestHeader("X-User-Id") String operatorId,
@RequestHeader("X-Username") String operatorName) {
@RequestHeader("X-Username") String operatorName,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客角色不允许创建订单
if ("customer".equals(role)) {
return Result.error("顾客账号不允许创建订单,请联系销售人员");
}
return Result.success(orderService.createOrder(request, operatorId, operatorName));
}
/**
* 获取订单列表
* 顾客角色只能看到半年内的订单(可配置)
*/
@GetMapping
public Result<Page<Order>> getOrders(
@@ -48,16 +58,26 @@ public class OrderController {
@RequestParam(required = false) String startDate,
@RequestParam(required = false) String endDate,
@RequestParam(defaultValue = "1") Integer page,
@RequestParam(defaultValue = "20") Integer pageSize) {
@RequestParam(defaultValue = "20") Integer pageSize,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客角色:限制时间范围
if ("customer".equals(role) && startDate == null) {
startDate = systemConfigService.getCustomerOrderStartDate().toString();
}
return Result.success(orderService.getOrders(customerId, status, startDate, endDate, page, pageSize));
}
/**
* 获取订单详情
* 顾客只能查看自己的订单
*/
@GetMapping("/{id}")
public Result<Map<String, Object>> getOrderDetail(@PathVariable String id) {
return Result.success(orderService.getOrderDetail(id));
public Result<Map<String, Object>> getOrderDetail(@PathVariable String id,
@RequestHeader("X-User-Id") String userId,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
return Result.success(orderService.getOrderDetail(id, userId, role));
}
/**
@@ -65,7 +85,12 @@ public class OrderController {
*/
@PutMapping("/{id}/cancel")
public Result<Void> cancelOrder(@PathVariable String id,
@RequestHeader("X-User-Id") String operatorId) {
@RequestHeader("X-User-Id") String operatorId,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客不能取消订单
if ("customer".equals(role)) {
return Result.error("顾客账号不允许取消订单");
}
orderService.cancelOrder(id, operatorId);
return Result.success();
}
@@ -75,7 +100,12 @@ public class OrderController {
*/
@PutMapping("/{id}/refund")
public Result<Void> refundOrder(@PathVariable String id,
@RequestHeader("X-User-Id") String operatorId) {
@RequestHeader("X-User-Id") String operatorId,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客不能退款
if ("customer".equals(role)) {
return Result.error("顾客账号不允许退款操作");
}
orderService.refundOrder(id, operatorId);
return Result.success();
}
@@ -86,7 +116,12 @@ public class OrderController {
@GetMapping("/statistics")
public Result<Map<String, Object>> getStatistics(
@RequestParam(required = false) String startDate,
@RequestParam(required = false) String endDate) {
@RequestParam(required = false) String endDate,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客不能查看统计
if ("customer".equals(role)) {
return Result.error("顾客账号不允许查看统计");
}
return Result.success(orderService.getStatistics(startDate, endDate));
}
}

57
src/main/java/com/example/building/controller/SystemConfigController.java Normal file
View File

@@ -0,0 +1,57 @@
package com.example.building.controller;
import com.example.building.common.Result;
import com.example.building.entity.SystemConfig;
import com.example.building.mapper.SystemConfigMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* 系统配置控制器
*/
@RestController
@RequestMapping("/api/v1/system-config")
public class SystemConfigController {
@Autowired
private SystemConfigMapper systemConfigMapper;
/**
* 获取所有配置
*/
@GetMapping
public Result<Map<String, String>> getAllConfig() {
List<SystemConfig> configs = systemConfigMapper.selectList(null);
Map<String, String> result = new HashMap<>();
for (SystemConfig config : configs) {
result.put(config.getConfigKey(), config.getConfigValue());
}
return Result.success(result);
}
/**
* 更新配置
*/
@PutMapping
public Result<Void> updateConfig(@RequestBody SystemConfig config) {
// 检查是否存在
SystemConfig existing = systemConfigMapper.selectOne(
new com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper<SystemConfig>()
.eq(SystemConfig::getConfigKey, config.getConfigKey())
);
if (existing != null) {
existing.setConfigValue(config.getConfigValue());
existing.setRemark(config.getRemark());
systemConfigMapper.updateById(existing);
} else {
config.setConfigId(java.util.UUID.randomUUID().toString());
systemConfigMapper.insert(config);
}
return Result.success();
}
}

38
src/main/java/com/example/building/entity/SystemConfig.java Normal file
View File

@@ -0,0 +1,38 @@
package com.example.building.entity;
import com.baomidou.mybatisplus.annotation.*;
import lombok.Data;
import java.time.LocalDateTime;
/**
* 系统配置实体
*/
@Data
@TableName("system_config")
public class SystemConfig {
@TableId(type = IdType.ASSIGN_UUID)
private String configId;
/**
* 配置键
*/
private String configKey;
/**
* 配置值
*/
private String configValue;
/**
* 备注
*/
private String remark;
@TableField(fill = FieldFill.INSERT)
private LocalDateTime createdAt;
@TableField(fill = FieldFill.INSERT_UPDATE)
private LocalDateTime updatedAt;
}

9
src/main/java/com/example/building/mapper/SystemConfigMapper.java Normal file
View File

@@ -0,0 +1,9 @@
package com.example.building.mapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.example.building.entity.SystemConfig;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface SystemConfigMapper extends BaseMapper<SystemConfig> {
}

3
src/main/java/com/example/building/service/OrderService.java
View File

@@ -28,8 +28,9 @@ public interface OrderService {
/**
* 获取订单详情(含明细)
* 顾客只能查看自己的订单
*/
Map<String, Object> getOrderDetail(String orderId);
Map<String, Object> getOrderDetail(String orderId, String userId, String role);
/**
* 取消订单

43
src/main/java/com/example/building/service/SystemConfigService.java Normal file
View File

@@ -0,0 +1,43 @@
package com.example.building.service;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.example.building.entity.SystemConfig;
import com.example.building.mapper.SystemConfigMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.time.LocalDate;
@Service
public class SystemConfigService {
@Autowired
private SystemConfigMapper systemConfigMapper;
/**
* 获取顾客订单可见天数配置
* 默认180天半年
*/
public int getCustomerOrderVisibleDays() {
LambdaQueryWrapper<SystemConfig> wrapper = new LambdaQueryWrapper<>();
wrapper.eq(SystemConfig::getConfigKey, "customer_order_visible_days");
SystemConfig config = systemConfigMapper.selectOne(wrapper);
if (config != null && config.getConfigValue() != null) {
try {
return Integer.parseInt(config.getConfigValue());
} catch (NumberFormatException e) {
return 180;
}
}
return 180; // 默认半年
}
/**
* 获取顾客可见订单开始日期
*/
public LocalDate getCustomerOrderStartDate() {
int days = getCustomerOrderVisibleDays();
return LocalDate.now().minusDays(days);
}
}

8
src/main/java/com/example/building/service/impl/OrderServiceImpl.java
View File

@@ -171,14 +171,20 @@ public class OrderServiceImpl implements OrderService {
/**
* 获取订单详情(含明细)
* 顾客只能查看自己的订单
*/
@Override
public Map<String, Object> getOrderDetail(String orderId) {
public Map<String, Object> getOrderDetail(String orderId, String userId, String role) {
Order order = orderMapper.selectById(orderId);
if (order == null) {
throw new RuntimeException("订单不存在");
}
// 顾客只能查看自己的订单
if ("customer".equals(role) && !userId.equals(order.getCustomerId())) {
throw new RuntimeException("无权查看该订单");
}
List<OrderItem> items = orderItemMapper.selectList(new LambdaQueryWrapper<OrderItem>()
.eq(OrderItem::getOrderId, orderId));