fix: 修复套餐系列/套餐分配权限过滤问题
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 7m19s
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 7m19s
代理用户只能看到自己分配出去的记录,而不是被分配的记录。 - 新增 ApplyAllocatorShopFilter 过滤函数 - ShopSeriesAllocationStore: List 和 GetByID 改用 ApplyAllocatorShopFilter - ShopPackageAllocationStore: List 和 GetByID 改用 ApplyAllocatorShopFilter - 平台用户和超管不受限制 - 代理用户只能看到 allocator_shop_id = 自己店铺ID 的记录 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -24,8 +24,8 @@ func (s *ShopPackageAllocationStore) Create(ctx context.Context, allocation *mod
|
||||
func (s *ShopPackageAllocationStore) GetByID(ctx context.Context, id uint) (*model.ShopPackageAllocation, error) {
|
||||
var allocation model.ShopPackageAllocation
|
||||
query := s.db.WithContext(ctx).Where("id = ?", id)
|
||||
// 应用数据权限过滤
|
||||
query = middleware.ApplyShopFilter(ctx, query)
|
||||
// 应用数据权限过滤:代理只能访问自己分配出去的记录
|
||||
query = middleware.ApplyAllocatorShopFilter(ctx, query)
|
||||
if err := query.First(&allocation).Error; err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -56,8 +56,8 @@ func (s *ShopPackageAllocationStore) List(ctx context.Context, opts *store.Query
|
||||
var total int64
|
||||
|
||||
query := s.db.WithContext(ctx).Model(&model.ShopPackageAllocation{})
|
||||
// 应用数据权限过滤
|
||||
query = middleware.ApplyShopFilter(ctx, query)
|
||||
// 应用数据权限过滤:代理只能看到自己分配出去的记录
|
||||
query = middleware.ApplyAllocatorShopFilter(ctx, query)
|
||||
|
||||
if shopID, ok := filters["shop_id"].(uint); ok && shopID > 0 {
|
||||
query = query.Where("shop_id = ?", shopID)
|
||||
|
||||
@@ -24,8 +24,8 @@ func (s *ShopSeriesAllocationStore) Create(ctx context.Context, allocation *mode
|
||||
func (s *ShopSeriesAllocationStore) GetByID(ctx context.Context, id uint) (*model.ShopSeriesAllocation, error) {
|
||||
var allocation model.ShopSeriesAllocation
|
||||
query := s.db.WithContext(ctx).Where("id = ?", id)
|
||||
// 应用数据权限过滤
|
||||
query = middleware.ApplyShopFilter(ctx, query)
|
||||
// 应用数据权限过滤:代理只能访问自己分配出去的记录
|
||||
query = middleware.ApplyAllocatorShopFilter(ctx, query)
|
||||
if err := query.First(&allocation).Error; err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -57,8 +57,8 @@ func (s *ShopSeriesAllocationStore) List(ctx context.Context, opts *store.QueryO
|
||||
var total int64
|
||||
|
||||
query := s.db.WithContext(ctx).Model(&model.ShopSeriesAllocation{})
|
||||
// 应用数据权限过滤
|
||||
query = middleware.ApplyShopFilter(ctx, query)
|
||||
// 应用数据权限过滤:代理只能看到自己分配出去的记录
|
||||
query = middleware.ApplyAllocatorShopFilter(ctx, query)
|
||||
|
||||
if shopID, ok := filters["shop_id"].(uint); ok && shopID > 0 {
|
||||
query = query.Where("shop_id = ?", shopID)
|
||||
|
||||
Reference in New Issue
Block a user