feat: 新增代理分配套餐上架状态（shelf_status）功能

- 新增数据库迁移：为 shop_package_allocation 表添加 shelf_status 字段
- 更新模型/DTO：ShopPackageAllocation 增加 ShelfStatus 字段及相关枚举
- 更新套餐分配 Service：支持上架/下架状态管理逻辑
- 更新套餐 Store/Service：根据 shelf_status 过滤可售套餐
- 更新购买验证 Service：引入上架状态校验逻辑
- 归档 OpenSpec 变更：2026-03-02-agent-allocation-shelf-status
- 同步更新主规范文档：allocation-shelf-status、package-management、purchase-validation

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

internal/bootstrap/services.go

@@ -82,7 +82,7 @@ type services struct {
 }
 
 func initServices(s *stores, deps *Dependencies) *services {
-	purchaseValidation := purchaseValidationSvc.New(deps.DB, s.IotCard, s.Device, s.Package)
+	purchaseValidation := purchaseValidationSvc.New(deps.DB, s.IotCard, s.Device, s.Package, s.ShopPackageAllocation)
 	accountAudit := accountAuditSvc.NewService(s.AccountOperationLog)
 	account := accountSvc.New(s.Account, s.Role, s.AccountRole, s.ShopRole, s.Shop, s.Enterprise, accountAudit)
 

internal/model/dto/shop_package_allocation.go

@@ -39,6 +39,7 @@ type ShopPackageAllocationResponse struct {
 	AllocatorShopName  string `json:"allocator_shop_name" description:"分配者店铺名称"`
 	CostPrice          int64  `json:"cost_price" description:"该代理的成本价（分）"`
 	Status             int    `json:"status" description:"状态 (1:启用, 2:禁用)"`
+	ShelfStatus        int    `json:"shelf_status" description:"上架状态 (1:上架, 2:下架)"`
 	CreatedAt          string `json:"created_at" description:"创建时间"`
 	UpdatedAt          string `json:"updated_at" description:"更新时间"`
 }

internal/model/shop_package_allocation.go

@@ -13,6 +13,7 @@ type ShopPackageAllocation struct {
 	CostPrice          int64 `gorm:"column:cost_price;type:bigint;not null;comment:该代理的成本价（分）" json:"cost_price"`
 	SeriesAllocationID *uint `gorm:"column:series_allocation_id;index;comment:关联的系列分配ID" json:"series_allocation_id"`
 	Status             int   `gorm:"column:status;type:int;default:1;not null;comment:状态 1-启用 2-禁用" json:"status"`
+	ShelfStatus        int   `gorm:"column:shelf_status;type:int;default:1;not null;comment:上架状态 1-上架 2-下架" json:"shelf_status"`
 }
 
 // TableName 指定表名

internal/service/package/service.go

@@ -425,6 +425,14 @@ func (s *Service) UpdateShelfStatus(ctx context.Context, id uint, shelfStatus in
 		return errors.New(errors.CodeUnauthorized, "未授权访问")
 	}
 
+	userType := middleware.GetUserTypeFromContext(ctx)
+
+	// 代理用户：修改自己分配记录的 shelf_status，不影响平台全局套餐状态
+	if userType == constants.UserTypeAgent {
+		return s.updateAgentShelfStatus(ctx, id, shelfStatus, currentUserID)
+	}
+
+	// 平台/超管：修改套餐全局 shelf_status
 	pkg, err := s.packageStore.GetByID(ctx, id)
 	if err != nil {
 		if err == gorm.ErrRecordNotFound {
@@ -433,7 +441,7 @@ func (s *Service) UpdateShelfStatus(ctx context.Context, id uint, shelfStatus in
 		return errors.Wrap(errors.CodeInternalError, err, "获取套餐失败")
 	}
 
-	if shelfStatus == 1 && pkg.Status == constants.StatusDisabled {
+	if shelfStatus == constants.ShelfStatusOn && pkg.Status == constants.StatusDisabled {
 		return errors.New(errors.CodeInvalidStatus, "禁用的套餐不能上架，请先启用")
 	}
 
@@ -447,6 +455,43 @@ func (s *Service) UpdateShelfStatus(ctx context.Context, id uint, shelfStatus in
 	return nil
 }
 
+// updateAgentShelfStatus 代理上下架路径：更新分配记录的 shelf_status
+func (s *Service) updateAgentShelfStatus(ctx context.Context, packageID uint, shelfStatus int, updaterID uint) error {
+	shopID := middleware.GetShopIDFromContext(ctx)
+	if shopID == 0 {
+		return errors.New(errors.CodeUnauthorized, "当前用户不属于任何店铺")
+	}
+
+	// 查找代理对该套餐的分配记录
+	allocation, err := s.packageAllocationStore.GetByShopAndPackage(ctx, shopID, packageID)
+	if err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return errors.New(errors.CodeNotFound, "该套餐未分配给您，无法操作上下架")
+		}
+		return errors.Wrap(errors.CodeInternalError, err, "获取分配记录失败")
+	}
+
+	// 上架时检查套餐全局禁用状态
+	if shelfStatus == constants.ShelfStatusOn {
+		pkg, err := s.packageStore.GetByID(ctx, packageID)
+		if err != nil {
+			if err == gorm.ErrRecordNotFound {
+				return errors.New(errors.CodeNotFound, "套餐不存在")
+			}
+			return errors.Wrap(errors.CodeInternalError, err, "获取套餐失败")
+		}
+		if pkg.Status == constants.StatusDisabled {
+			return errors.New(errors.CodeInvalidStatus, "套餐已禁用，无法上架")
+		}
+	}
+
+	if err := s.packageAllocationStore.UpdateShelfStatus(ctx, allocation.ID, shelfStatus, updaterID); err != nil {
+		return errors.Wrap(errors.CodeInternalError, err, "更新上下架状态失败")
+	}
+
+	return nil
+}
+
 func (s *Service) toResponse(ctx context.Context, pkg *model.Package) *dto.PackageResponse {
 	var seriesID *uint
 	if pkg.SeriesID > 0 {
@@ -488,6 +533,8 @@ func (s *Service) toResponse(ctx context.Context, pkg *model.Package) *dto.Packa
 			resp.CostPrice = allocation.CostPrice
 			profitMargin := pkg.SuggestedRetailPrice - allocation.CostPrice
 			resp.ProfitMargin = &profitMargin
+			// 代理查询时，shelf_status 返回自己分配记录的值，而非平台全局值
+			resp.ShelfStatus = allocation.ShelfStatus
 		}
 	}
 
@@ -547,6 +594,8 @@ func (s *Service) toResponseWithAllocation(_ context.Context, pkg *model.Package
 			resp.CostPrice = allocation.CostPrice
 			profitMargin := pkg.SuggestedRetailPrice - allocation.CostPrice
 			resp.ProfitMargin = &profitMargin
+			// 代理查询时，shelf_status 返回自己分配记录的值，而非平台全局值
+			resp.ShelfStatus = allocation.ShelfStatus
 		}
 	}
 

internal/service/purchase_validation/service.go

@@ -11,10 +11,11 @@ import (
 )
 
 type Service struct {
-	db           *gorm.DB
-	iotCardStore *postgres.IotCardStore
-	deviceStore  *postgres.DeviceStore
-	packageStore *postgres.PackageStore
+	db                     *gorm.DB
+	iotCardStore           *postgres.IotCardStore
+	deviceStore            *postgres.DeviceStore
+	packageStore           *postgres.PackageStore
+	packageAllocationStore *postgres.ShopPackageAllocationStore
 }
 
 func New(
@@ -22,12 +23,14 @@ func New(
 	iotCardStore *postgres.IotCardStore,
 	deviceStore *postgres.DeviceStore,
 	packageStore *postgres.PackageStore,
+	packageAllocationStore *postgres.ShopPackageAllocationStore,
 ) *Service {
 	return &Service{
-		db:           db,
-		iotCardStore: iotCardStore,
-		deviceStore:  deviceStore,
-		packageStore: packageStore,
+		db:                     db,
+		iotCardStore:           iotCardStore,
+		deviceStore:            deviceStore,
+		packageStore:           packageStore,
+		packageAllocationStore: packageAllocationStore,
 	}
 }
 
@@ -51,7 +54,13 @@ func (s *Service) ValidateCardPurchase(ctx context.Context, cardID uint, package
 		return nil, errors.New(errors.CodeInvalidParam, "该卡未关联套餐系列，无法购买套餐")
 	}
 
-	packages, totalPrice, err := s.validatePackages(ctx, packageIDs, *card.SeriesID)
+	// 确定卖家店铺ID：卡所属店铺即为卖家（代理渠道），平台自营时为0
+	var sellerShopID uint
+	if card.ShopID != nil {
+		sellerShopID = *card.ShopID
+	}
+
+	packages, totalPrice, err := s.validatePackages(ctx, packageIDs, *card.SeriesID, sellerShopID)
 	if err != nil {
 		return nil, err
 	}
@@ -76,7 +85,13 @@ func (s *Service) ValidateDevicePurchase(ctx context.Context, deviceID uint, pac
 		return nil, errors.New(errors.CodeInvalidParam, "该设备未关联套餐系列，无法购买套餐")
 	}
 
-	packages, totalPrice, err := s.validatePackages(ctx, packageIDs, *device.SeriesID)
+	// 确定卖家店铺ID：设备所属店铺即为卖家（代理渠道），平台自营时为0
+	var sellerShopID uint
+	if device.ShopID != nil {
+		sellerShopID = *device.ShopID
+	}
+
+	packages, totalPrice, err := s.validatePackages(ctx, packageIDs, *device.SeriesID, sellerShopID)
 	if err != nil {
 		return nil, err
 	}
@@ -88,7 +103,10 @@ func (s *Service) ValidateDevicePurchase(ctx context.Context, deviceID uint, pac
 	}, nil
 }
 
-func (s *Service) validatePackages(ctx context.Context, packageIDs []uint, seriesID uint) ([]*model.Package, int64, error) {
+// validatePackages 验证套餐列表是否可购买
+// sellerShopID > 0 表示代理渠道，校验该代理的 allocation.shelf_status；
+// sellerShopID == 0 表示平台自营渠道，校验 package.shelf_status
+func (s *Service) validatePackages(ctx context.Context, packageIDs []uint, seriesID uint, sellerShopID uint) ([]*model.Package, int64, error) {
 	if len(packageIDs) == 0 {
 		return nil, 0, errors.New(errors.CodeInvalidParam, "请选择至少一个套餐")
 	}
@@ -109,12 +127,21 @@ func (s *Service) validatePackages(ctx context.Context, packageIDs []uint, serie
 			return nil, 0, errors.New(errors.CodeInvalidParam, "套餐不在可购买范围内")
 		}
 
+		// Package.status 为全局开关，任何渠道都必须检查
 		if pkg.Status != constants.StatusEnabled {
 			return nil, 0, errors.New(errors.CodeInvalidParam, "套餐已禁用")
 		}
 
-		if pkg.ShelfStatus != constants.ShelfStatusOn {
-			return nil, 0, errors.New(errors.CodeInvalidParam, "套餐已下架")
+		if sellerShopID > 0 {
+			// 代理渠道：检查卖家代理的 allocation.shelf_status，不检查 package.shelf_status
+			if err := s.validateAgentShelfStatus(ctx, sellerShopID, pkgID); err != nil {
+				return nil, 0, err
+			}
+		} else {
+			// 平台自营渠道：检查 package.shelf_status
+			if pkg.ShelfStatus != constants.ShelfStatusOn {
+				return nil, 0, errors.New(errors.CodeInvalidParam, "套餐已下架")
+			}
 		}
 
 		packages = append(packages, pkg)
@@ -124,6 +151,25 @@ func (s *Service) validatePackages(ctx context.Context, packageIDs []uint, serie
 	return packages, totalPrice, nil
 }
 
+// validateAgentShelfStatus 校验卖家代理的分配记录上架状态
+func (s *Service) validateAgentShelfStatus(ctx context.Context, sellerShopID, packageID uint) error {
+	// 使用不带数据权限过滤的查询，避免 buyer ctx 的权限限制干扰系统级校验
+	allocation, err := s.packageAllocationStore.GetByShopAndPackageForSystem(ctx, sellerShopID, packageID)
+	if err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return errors.New(errors.CodeInvalidParam, "套餐已下架")
+		}
+		return errors.Wrap(errors.CodeInternalError, err, "查询套餐分配记录失败")
+	}
+
+	if allocation.ShelfStatus != constants.ShelfStatusOn {
+		return errors.New(errors.CodeInvalidParam, "套餐已下架")
+	}
+
+	return nil
+}
+
 func (s *Service) GetPurchasePrice(ctx context.Context, pkg *model.Package, buyerType string) int64 {
 	return pkg.SuggestedRetailPrice
 }
+

internal/service/shop_package_allocation/service.go

@@ -252,7 +252,9 @@ func (s *Service) UpdateStatus(ctx context.Context, id uint, status int) error {
 		return errors.New(errors.CodeUnauthorized, "未授权访问")
 	}
 
-	_, err := s.packageAllocationStore.GetByID(ctx, id)
+	// 任务 3.2：所有者校验 —— 代理只能修改自己创建的分配记录的 status
+	// 使用系统级查询（不带数据权限过滤），再做业务层权限判断以返回正确的 403
+	allocation, err := s.packageAllocationStore.GetByIDForSystem(ctx, id)
 	if err != nil {
 		if err == gorm.ErrRecordNotFound {
 			return errors.New(errors.CodeNotFound, "分配记录不存在")
@@ -260,6 +262,15 @@ func (s *Service) UpdateStatus(ctx context.Context, id uint, status int) error {
 		return errors.Wrap(errors.CodeInternalError, err, "获取分配记录失败")
 	}
 
+	userType := middleware.GetUserTypeFromContext(ctx)
+	if userType == constants.UserTypeAgent {
+		callerShopID := middleware.GetShopIDFromContext(ctx)
+		// 代理用户只能修改自己作为 allocator 的记录
+		if allocation.AllocatorShopID != callerShopID {
+			return errors.New(errors.CodeForbidden, "无权限操作该资源或资源不存在")
+		}
+	}
+
 	if err := s.packageAllocationStore.UpdateStatus(ctx, id, status, currentUserID); err != nil {
 		return errors.Wrap(errors.CodeInternalError, err, "更新状态失败")
 	}
@@ -267,6 +278,43 @@ func (s *Service) UpdateStatus(ctx context.Context, id uint, status int) error {
 	return nil
 }
 
+// UpdateShelfStatus 更新分配记录的上下架状态
+// 代理独立控制自己客户侧套餐可见性，不影响平台全局状态
+func (s *Service) UpdateShelfStatus(ctx context.Context, allocationID uint, shelfStatus int) error {
+	currentUserID := middleware.GetUserIDFromContext(ctx)
+	if currentUserID == 0 {
+		return errors.New(errors.CodeUnauthorized, "未授权访问")
+	}
+
+	allocation, err := s.packageAllocationStore.GetByID(ctx, allocationID)
+	if err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return errors.New(errors.CodeNotFound, "分配记录不存在")
+		}
+		return errors.Wrap(errors.CodeInternalError, err, "获取分配记录失败")
+	}
+
+	// 上架时检查套餐全局状态：禁用的套餐不允许上架
+	if shelfStatus == constants.ShelfStatusOn {
+		pkg, err := s.packageStore.GetByID(ctx, allocation.PackageID)
+		if err != nil {
+			if err == gorm.ErrRecordNotFound {
+				return errors.New(errors.CodeNotFound, "套餐不存在")
+			}
+			return errors.Wrap(errors.CodeInternalError, err, "获取套餐失败")
+		}
+		if pkg.Status == constants.StatusDisabled {
+			return errors.New(errors.CodeInvalidStatus, "套餐已禁用，无法上架")
+		}
+	}
+
+	if err := s.packageAllocationStore.UpdateShelfStatus(ctx, allocationID, shelfStatus, currentUserID); err != nil {
+		return errors.Wrap(errors.CodeInternalError, err, "更新上下架状态失败")
+	}
+
+	return nil
+}
+
 func (s *Service) buildResponse(ctx context.Context, a *model.ShopPackageAllocation, shopName, packageName, packageCode string) (*dto.ShopPackageAllocationResponse, error) {
 	var seriesID uint
 	seriesName := ""
@@ -304,6 +352,7 @@ func (s *Service) buildResponse(ctx context.Context, a *model.ShopPackageAllocat
 		AllocatorShopName:  allocatorShopName,
 		CostPrice:          a.CostPrice,
 		Status:             a.Status,
+		ShelfStatus:        a.ShelfStatus,
 		CreatedAt:          a.CreatedAt.Format(time.RFC3339),
 		UpdatedAt:          a.UpdatedAt.Format(time.RFC3339),
 	}, nil

internal/store/postgres/package_store.go

@@ -58,11 +58,13 @@ func (s *PackageStore) List(ctx context.Context, opts *store.QueryOptions, filte
 
 	query := s.db.WithContext(ctx).Model(&model.Package{})
 
-	// 代理用户额外过滤：只能看到已分配的套餐
+	// 代理用户额外过滤：只能看到已分配（allocation.status=启用）的套餐
+	// 不按 tb_package.shelf_status 过滤，代理套餐可见性由 allocation.shelf_status 决定
 	userType := middleware.GetUserTypeFromContext(ctx)
 	shopID := middleware.GetShopIDFromContext(ctx)
-	if userType == constants.UserTypeAgent && shopID > 0 {
-		query = query.Joins("INNER JOIN tb_shop_package_allocation ON tb_shop_package_allocation.package_id = tb_package.id").
+	isAgent := userType == constants.UserTypeAgent && shopID > 0
+	if isAgent {
+		query = query.Joins("INNER JOIN tb_shop_package_allocation ON tb_shop_package_allocation.package_id = tb_package.id AND tb_shop_package_allocation.deleted_at IS NULL").
 			Where("tb_shop_package_allocation.shop_id = ? AND tb_shop_package_allocation.status = ?",
 				shopID, constants.StatusEnabled)
 	}
@@ -77,7 +79,12 @@ func (s *PackageStore) List(ctx context.Context, opts *store.QueryOptions, filte
 		query = query.Where("tb_package.status = ?", status)
 	}
 	if shelfStatus, ok := filters["shelf_status"]; ok {
-		query = query.Where("tb_package.shelf_status = ?", shelfStatus)
+		if isAgent {
+			// 代理用户按自己的 allocation.shelf_status 过滤，不使用平台全局值
+			query = query.Where("tb_shop_package_allocation.shelf_status = ?", shelfStatus)
+		} else {
+			query = query.Where("tb_package.shelf_status = ?", shelfStatus)
+		}
 	}
 	if packageType, ok := filters["package_type"].(string); ok && packageType != "" {
 		query = query.Where("tb_package.package_type = ?", packageType)

internal/store/postgres/shop_package_allocation_store.go

@@ -32,6 +32,16 @@ func (s *ShopPackageAllocationStore) GetByID(ctx context.Context, id uint) (*mod
 	return &allocation, nil
 }
 
+// GetByIDForSystem 根据ID获取分配记录（不应用数据权限过滤）
+// 用于 Service 层需要先查到记录再做业务权限校验的场景
+func (s *ShopPackageAllocationStore) GetByIDForSystem(ctx context.Context, id uint) (*model.ShopPackageAllocation, error) {
+	var allocation model.ShopPackageAllocation
+	if err := s.db.WithContext(ctx).First(&allocation, id).Error; err != nil {
+		return nil, err
+	}
+	return &allocation, nil
+}
+
 func (s *ShopPackageAllocationStore) GetByShopAndPackage(ctx context.Context, shopID, packageID uint) (*model.ShopPackageAllocation, error) {
 	var allocation model.ShopPackageAllocation
 	query := s.db.WithContext(ctx).Where("shop_id = ? AND package_id = ?", shopID, packageID)
@@ -43,6 +53,18 @@ func (s *ShopPackageAllocationStore) GetByShopAndPackage(ctx context.Context, sh
 	return &allocation, nil
 }
 
+// GetByShopAndPackageForSystem 根据店铺和套餐查询分配记录（不应用数据权限过滤）
+// 用于系统内部查询场景（如购买校验），避免因 ctx 权限限制导致无法查到目标记录
+func (s *ShopPackageAllocationStore) GetByShopAndPackageForSystem(ctx context.Context, shopID, packageID uint) (*model.ShopPackageAllocation, error) {
+	var allocation model.ShopPackageAllocation
+	if err := s.db.WithContext(ctx).
+		Where("shop_id = ? AND package_id = ?", shopID, packageID).
+		First(&allocation).Error; err != nil {
+		return nil, err
+	}
+	return &allocation, nil
+}
+
 func (s *ShopPackageAllocationStore) Update(ctx context.Context, allocation *model.ShopPackageAllocation) error {
 	return s.db.WithContext(ctx).Save(allocation).Error
 }
@@ -106,6 +128,17 @@ func (s *ShopPackageAllocationStore) UpdateStatus(ctx context.Context, id uint,
 		}).Error
 }
 
+// UpdateShelfStatus 更新分配记录的上下架状态
+func (s *ShopPackageAllocationStore) UpdateShelfStatus(ctx context.Context, id uint, shelfStatus int, updater uint) error {
+	return s.db.WithContext(ctx).
+		Model(&model.ShopPackageAllocation{}).
+		Where("id = ?", id).
+		Updates(map[string]interface{}{
+			"shelf_status": shelfStatus,
+			"updater":      updater,
+		}).Error
+}
+
 func (s *ShopPackageAllocationStore) GetByShopID(ctx context.Context, shopID uint) ([]*model.ShopPackageAllocation, error) {
 	var allocations []*model.ShopPackageAllocation
 	query := s.db.WithContext(ctx).Where("shop_id = ? AND status = 1", shopID)