fix: 修复代理用户能看到未分配套餐系列的问题
Some checks failed
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Has been cancelled
Some checks failed
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Has been cancelled
问题:代理用户登录后能看到所有套餐系列,即使没有分配给该店铺 原因:PackageSeries 模型没有 shop_id 字段,GORM Callback 无法自动过滤 修复: - 在 package_series Service 的 List 方法中添加权限过滤 - 代理用户只能看到通过 shop_series_allocation 分配给自己店铺的系列 - 平台用户/超级管理员可以看到所有套餐系列 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -16,11 +16,15 @@ import (
|
||||
)
|
||||
|
||||
type Service struct {
|
||||
packageSeriesStore *postgres.PackageSeriesStore
|
||||
packageSeriesStore *postgres.PackageSeriesStore
|
||||
shopSeriesAllocationStore *postgres.ShopSeriesAllocationStore
|
||||
}
|
||||
|
||||
func New(packageSeriesStore *postgres.PackageSeriesStore) *Service {
|
||||
return &Service{packageSeriesStore: packageSeriesStore}
|
||||
func New(packageSeriesStore *postgres.PackageSeriesStore, shopSeriesAllocationStore *postgres.ShopSeriesAllocationStore) *Service {
|
||||
return &Service{
|
||||
packageSeriesStore: packageSeriesStore,
|
||||
shopSeriesAllocationStore: shopSeriesAllocationStore,
|
||||
}
|
||||
}
|
||||
|
||||
func (s *Service) Create(ctx context.Context, req *dto.CreatePackageSeriesRequest) (*dto.PackageSeriesResponse, error) {
|
||||
@@ -166,6 +170,33 @@ func (s *Service) List(ctx context.Context, req *dto.PackageSeriesListRequest) (
|
||||
filters["enable_one_time_commission"] = *req.EnableOneTimeCommission
|
||||
}
|
||||
|
||||
// 获取用户类型,代理用户需要过滤只能看到分配给自己店铺的套餐系列
|
||||
userType := middleware.GetUserTypeFromContext(ctx)
|
||||
if userType == constants.UserTypeAgent {
|
||||
shopID := middleware.GetShopIDFromContext(ctx)
|
||||
if shopID == 0 {
|
||||
// 代理用户没有店铺,返回空结果
|
||||
return []*dto.PackageSeriesResponse{}, 0, nil
|
||||
}
|
||||
|
||||
// 查询分配给该店铺的系列 ID
|
||||
allocations, err := s.shopSeriesAllocationStore.GetByShopID(ctx, shopID)
|
||||
if err != nil {
|
||||
return nil, 0, errors.Wrap(errors.CodeInternalError, err, "查询套餐系列分配失败")
|
||||
}
|
||||
if len(allocations) == 0 {
|
||||
// 没有分配任何套餐系列,返回空结果
|
||||
return []*dto.PackageSeriesResponse{}, 0, nil
|
||||
}
|
||||
|
||||
// 提取系列 ID 列表
|
||||
seriesIDs := make([]uint, len(allocations))
|
||||
for i, a := range allocations {
|
||||
seriesIDs[i] = a.SeriesID
|
||||
}
|
||||
filters["series_ids"] = seriesIDs
|
||||
}
|
||||
|
||||
seriesList, total, err := s.packageSeriesStore.List(ctx, opts, filters)
|
||||
if err != nil {
|
||||
return nil, 0, errors.Wrap(errors.CodeInternalError, err, "查询套餐系列列表失败")
|
||||
|
||||
Reference in New Issue
Block a user