diff --git a/internal/service/my_commission/service.go b/internal/service/my_commission/service.go index 64c5a72..f1e3a92 100644 --- a/internal/service/my_commission/service.go +++ b/internal/service/my_commission/service.go @@ -237,16 +237,14 @@ func (s *Service) CreateWithdrawalRequest(ctx context.Context, req *dto.CreateMy }, nil } -// ListMyWithdrawalRequests 查询我的提现记录 +// ListMyWithdrawalRequests 查询提现记录 +// 代理账号:仅查询本店铺数据;平台账号/超级管理员:查询全部数据 func (s *Service) ListMyWithdrawalRequests(ctx context.Context, req *dto.MyWithdrawalListReq) (*dto.WithdrawalRequestPageResult, error) { userType := middleware.GetUserTypeFromContext(ctx) - if userType != constants.UserTypeAgent { - return nil, errors.New(errors.CodeForbidden, "仅代理商用户可访问") - } - shopID := middleware.GetShopIDFromContext(ctx) - if shopID == 0 { - return nil, errors.New(errors.CodeForbidden, "无法获取店铺信息") + // 仅允许超级管理员、平台账号、代理账号访问 + if userType != constants.UserTypeSuperAdmin && userType != constants.UserTypePlatform && userType != constants.UserTypeAgent { + return nil, errors.New(errors.CodeForbidden, "无权限访问提现记录") } page := req.Page @@ -258,8 +256,16 @@ func (s *Service) ListMyWithdrawalRequests(ctx context.Context, req *dto.MyWithd pageSize = constants.DefaultPageSize } - query := s.db.WithContext(ctx).Model(&model.CommissionWithdrawalRequest{}). - Where("shop_id = ?", shopID) + query := s.db.WithContext(ctx).Model(&model.CommissionWithdrawalRequest{}) + + // 代理账号按店铺过滤;平台账号和超级管理员查看全部 + if userType == constants.UserTypeAgent { + shopID := middleware.GetShopIDFromContext(ctx) + if shopID == 0 { + return nil, errors.New(errors.CodeForbidden, "无法获取店铺信息") + } + query = query.Where("shop_id = ?", shopID) + } if req.Status != nil { query = query.Where("status = ?", *req.Status) @@ -312,16 +318,14 @@ func (s *Service) ListMyWithdrawalRequests(ctx context.Context, req *dto.MyWithd }, nil } -// ListMyCommissionRecords 查询我的佣金明细 +// ListMyCommissionRecords 查询佣金明细 +// 代理账号:仅查询本店铺数据;平台账号/超级管理员:查询全部数据 func (s *Service) ListMyCommissionRecords(ctx context.Context, req *dto.MyCommissionRecordListReq) (*dto.MyCommissionRecordPageResult, error) { userType := middleware.GetUserTypeFromContext(ctx) - if userType != constants.UserTypeAgent { - return nil, errors.New(errors.CodeForbidden, "仅代理商用户可访问") - } - shopID := middleware.GetShopIDFromContext(ctx) - if shopID == 0 { - return nil, errors.New(errors.CodeForbidden, "无法获取店铺信息") + // 仅允许超级管理员、平台账号、代理账号访问 + if userType != constants.UserTypeSuperAdmin && userType != constants.UserTypePlatform && userType != constants.UserTypeAgent { + return nil, errors.New(errors.CodeForbidden, "无权限访问佣金明细") } page := req.Page @@ -333,8 +337,16 @@ func (s *Service) ListMyCommissionRecords(ctx context.Context, req *dto.MyCommis pageSize = constants.DefaultPageSize } - query := s.db.WithContext(ctx).Model(&model.CommissionRecord{}). - Where("shop_id = ?", shopID) + query := s.db.WithContext(ctx).Model(&model.CommissionRecord{}) + + // 代理账号按店铺过滤;平台账号和超级管理员查看全部 + if userType == constants.UserTypeAgent { + shopID := middleware.GetShopIDFromContext(ctx) + if shopID == 0 { + return nil, errors.New(errors.CodeForbidden, "无法获取店铺信息") + } + query = query.Where("shop_id = ?", shopID) + } if req.CommissionSource != nil { query = query.Where("commission_source = ?", *req.CommissionSource)