sales/todo-backend
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 添加顾客权限控制和订单时间限制

Browse Source
This commit is contained in:
Agent
2026-03-24 00:40:15 +00:00
parent 8e47a764b3
commit 3d84686fcf
9 changed files with 222 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
k8s/secret.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: tencentyun-secret
namespace: drone
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: base64编码内容

12
maven-cache-pvc.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: maven-cache-pvc
namespace: drone
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: local-path

57
src/main/java/com/example/building/controller/OrderController.java
View File

@@ -5,9 +5,12 @@ import com.example.building.common.Result;
import com.example.building.dto.CreateOrderRequest; import com.example.building.dto.CreateOrderRequest;
import com.example.building.entity.Order; import com.example.building.entity.Order;
import com.example.building.service.OrderService; import com.example.building.service.OrderService;
import com.example.building.service.SystemConfigService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import static java.lang.String.defaultString;
import java.util.Map; import java.util.Map;
/** /**
@@ -16,6 +19,7 @@ import java.util.Map;
* - 订单创建:计算原价(total_amount)、优惠金额(discount_amount)、实付金额(actual_amount) * - 订单创建:计算原价(total_amount)、优惠金额(discount_amount)、实付金额(actual_amount)
* - 订单原价 = 商品标价 × 数量之和 * - 订单原价 = 商品标价 × 数量之和
* - 实付金额 = 原价 - 优惠金额 * - 实付金额 = 原价 - 优惠金额
* - 顾客角色:只能查看半年内的订单(可配置)
*/ */
@RestController @RestController
@RequestMapping("/api/v1/orders") @RequestMapping("/api/v1/orders")
@@ -24,22 +28,28 @@ public class OrderController {
@Autowired @Autowired
private OrderService orderService; private OrderService orderService;
@Autowired
private SystemConfigService systemConfigService;
/** /**
* 创建订单 * 创建订单
* 核心逻辑: * 顾客角色不允许创建订单
* 1. 计算订单原价(total_amount) = Σ(item.price × item.quantity)
* 2. 计算优惠金额(discount_amount) = total_amount × (100 - discount_rate) / 100
* 3. 计算实付金额(actual_amount) = total_amount - discount_amount
*/ */
@PostMapping @PostMapping
public Result<Order> createOrder(@RequestBody CreateOrderRequest request, public Result<Order> createOrder(@RequestBody CreateOrderRequest request,
@RequestHeader("X-User-Id") String operatorId, @RequestHeader("X-User-Id") String operatorId,
@RequestHeader("X-Username") String operatorName) { @RequestHeader("X-Username") String operatorName,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客角色不允许创建订单
if ("customer".equals(role)) {
return Result.error("顾客账号不允许创建订单,请联系销售人员");
}
return Result.success(orderService.createOrder(request, operatorId, operatorName)); return Result.success(orderService.createOrder(request, operatorId, operatorName));
} }
/** /**
* 获取订单列表 * 获取订单列表
* 顾客角色只能看到半年内的订单(可配置)
*/ */
@GetMapping @GetMapping
public Result<Page<Order>> getOrders( public Result<Page<Order>> getOrders(
@@ -48,16 +58,26 @@ public class OrderController {
@RequestParam(required = false) String startDate, @RequestParam(required = false) String startDate,
@RequestParam(required = false) String endDate, @RequestParam(required = false) String endDate,
@RequestParam(defaultValue = "1") Integer page, @RequestParam(defaultValue = "1") Integer page,
@RequestParam(defaultValue = "20") Integer pageSize) { @RequestParam(defaultValue = "20") Integer pageSize,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客角色:限制时间范围
if ("customer".equals(role) && startDate == null) {
startDate = systemConfigService.getCustomerOrderStartDate().toString();
}
return Result.success(orderService.getOrders(customerId, status, startDate, endDate, page, pageSize)); return Result.success(orderService.getOrders(customerId, status, startDate, endDate, page, pageSize));
} }
/** /**
* 获取订单详情 * 获取订单详情
* 顾客只能查看自己的订单
*/ */
@GetMapping("/{id}") @GetMapping("/{id}")
public Result<Map<String, Object>> getOrderDetail(@PathVariable String id) { public Result<Map<String, Object>> getOrderDetail(@PathVariable String id,
return Result.success(orderService.getOrderDetail(id)); @RequestHeader("X-User-Id") String userId,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
return Result.success(orderService.getOrderDetail(id, userId, role));
} }
/** /**
@@ -65,7 +85,12 @@ public class OrderController {
*/ */
@PutMapping("/{id}/cancel") @PutMapping("/{id}/cancel")
public Result<Void> cancelOrder(@PathVariable String id, public Result<Void> cancelOrder(@PathVariable String id,
@RequestHeader("X-User-Id") String operatorId) { @RequestHeader("X-User-Id") String operatorId,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客不能取消订单
if ("customer".equals(role)) {
return Result.error("顾客账号不允许取消订单");
}
orderService.cancelOrder(id, operatorId); orderService.cancelOrder(id, operatorId);
return Result.success(); return Result.success();
} }
@@ -75,7 +100,12 @@ public class OrderController {
*/ */
@PutMapping("/{id}/refund") @PutMapping("/{id}/refund")
public Result<Void> refundOrder(@PathVariable String id, public Result<Void> refundOrder(@PathVariable String id,
@RequestHeader("X-User-Id") String operatorId) { @RequestHeader("X-User-Id") String operatorId,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客不能退款
if ("customer".equals(role)) {
return Result.error("顾客账号不允许退款操作");
}
orderService.refundOrder(id, operatorId); orderService.refundOrder(id, operatorId);
return Result.success(); return Result.success();
} }
@@ -86,7 +116,12 @@ public class OrderController {
@GetMapping("/statistics") @GetMapping("/statistics")
public Result<Map<String, Object>> getStatistics( public Result<Map<String, Object>> getStatistics(
@RequestParam(required = false) String startDate, @RequestParam(required = false) String startDate,
@RequestParam(required = false) String endDate) { @RequestParam(required = false) String endDate,
@RequestHeader(value = "X-User-Role", required = defaultString) String role) {
// 顾客不能查看统计
if ("customer".equals(role)) {
return Result.error("顾客账号不允许查看统计");
}
return Result.success(orderService.getStatistics(startDate, endDate)); return Result.success(orderService.getStatistics(startDate, endDate));
} }
} }

57
src/main/java/com/example/building/controller/SystemConfigController.java Normal file
View File

@@ -0,0 +1,57 @@
package com.example.building.controller;
import com.example.building.common.Result;
import com.example.building.entity.SystemConfig;
import com.example.building.mapper.SystemConfigMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* 系统配置控制器
*/
@RestController
@RequestMapping("/api/v1/system-config")
public class SystemConfigController {
@Autowired
private SystemConfigMapper systemConfigMapper;
/**
* 获取所有配置
*/
@GetMapping
public Result<Map<String, String>> getAllConfig() {
List<SystemConfig> configs = systemConfigMapper.selectList(null);
Map<String, String> result = new HashMap<>();
for (SystemConfig config : configs) {
result.put(config.getConfigKey(), config.getConfigValue());
}
return Result.success(result);
}
/**
* 更新配置
*/
@PutMapping
public Result<Void> updateConfig(@RequestBody SystemConfig config) {
// 检查是否存在
SystemConfig existing = systemConfigMapper.selectOne(
new com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper<SystemConfig>()
.eq(SystemConfig::getConfigKey, config.getConfigKey())
);
if (existing != null) {
existing.setConfigValue(config.getConfigValue());
existing.setRemark(config.getRemark());
systemConfigMapper.updateById(existing);
} else {
config.setConfigId(java.util.UUID.randomUUID().toString());
systemConfigMapper.insert(config);
}
return Result.success();
}
}

38
src/main/java/com/example/building/entity/SystemConfig.java Normal file
View File

@@ -0,0 +1,38 @@
package com.example.building.entity;
import com.baomidou.mybatisplus.annotation.*;
import lombok.Data;
import java.time.LocalDateTime;
/**
* 系统配置实体
*/
@Data
@TableName("system_config")
public class SystemConfig {
@TableId(type = IdType.ASSIGN_UUID)
private String configId;
/**
* 配置键
*/
private String configKey;
/**
* 配置值
*/
private String configValue;
/**
* 备注
*/
private String remark;
@TableField(fill = FieldFill.INSERT)
private LocalDateTime createdAt;
@TableField(fill = FieldFill.INSERT_UPDATE)
private LocalDateTime updatedAt;
}

9
src/main/java/com/example/building/mapper/SystemConfigMapper.java Normal file
View File

@@ -0,0 +1,9 @@
package com.example.building.mapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.example.building.entity.SystemConfig;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface SystemConfigMapper extends BaseMapper<SystemConfig> {
}

3
src/main/java/com/example/building/service/OrderService.java
View File

@@ -28,8 +28,9 @@ public interface OrderService {
/** /**
* 获取订单详情(含明细) * 获取订单详情(含明细)
* 顾客只能查看自己的订单
*/ */
Map<String, Object> getOrderDetail(String orderId); Map<String, Object> getOrderDetail(String orderId, String userId, String role);
/** /**
* 取消订单 * 取消订单

43
src/main/java/com/example/building/service/SystemConfigService.java Normal file
View File

@@ -0,0 +1,43 @@
package com.example.building.service;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.example.building.entity.SystemConfig;
import com.example.building.mapper.SystemConfigMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.time.LocalDate;
@Service
public class SystemConfigService {
@Autowired
private SystemConfigMapper systemConfigMapper;
/**
* 获取顾客订单可见天数配置
* 默认180天半年
*/
public int getCustomerOrderVisibleDays() {
LambdaQueryWrapper<SystemConfig> wrapper = new LambdaQueryWrapper<>();
wrapper.eq(SystemConfig::getConfigKey, "customer_order_visible_days");
SystemConfig config = systemConfigMapper.selectOne(wrapper);
if (config != null && config.getConfigValue() != null) {
try {
return Integer.parseInt(config.getConfigValue());
} catch (NumberFormatException e) {
return 180;
}
}
return 180; // 默认半年
}
/**
* 获取顾客可见订单开始日期
*/
public LocalDate getCustomerOrderStartDate() {
int days = getCustomerOrderVisibleDays();
return LocalDate.now().minusDays(days);
}
}

8
src/main/java/com/example/building/service/impl/OrderServiceImpl.java
View File

@@ -171,14 +171,20 @@ public class OrderServiceImpl implements OrderService {
/** /**
* 获取订单详情(含明细) * 获取订单详情(含明细)
* 顾客只能查看自己的订单
*/ */
@Override @Override
public Map<String, Object> getOrderDetail(String orderId) { public Map<String, Object> getOrderDetail(String orderId, String userId, String role) {
Order order = orderMapper.selectById(orderId); Order order = orderMapper.selectById(orderId);
if (order == null) { if (order == null) {
throw new RuntimeException("订单不存在"); throw new RuntimeException("订单不存在");
} }
// 顾客只能查看自己的订单
if ("customer".equals(role) && !userId.equals(order.getCustomerId())) {
throw new RuntimeException("无权查看该订单");
}
List<OrderItem> items = orderItemMapper.selectList(new LambdaQueryWrapper<OrderItem>() List<OrderItem> items = orderItemMapper.selectList(new LambdaQueryWrapper<OrderItem>()
.eq(OrderItem::getOrderId, orderId)); .eq(OrderItem::getOrderId, orderId));