From 22a4d0dbce111943c0993050b19c7bf715051ea4 Mon Sep 17 00:00:00 2001 From: gdlcf88 Date: Tue, 9 Aug 2022 13:49:02 +0800 Subject: [PATCH] Fix authorization of flash sales module --- .../FlashSalePlans/FlashSalePlanAppService.cs | 10 ++-------- .../FlashSaleResultAppService.cs | 19 +++++++++---------- 2 files changed, 11 insertions(+), 18 deletions(-) diff --git a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs index 14d8e91c..2eb6b92d 100644 --- a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs +++ b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs @@ -107,10 +107,7 @@ public class FlashSalePlanAppService : { var flashSalePlan = await GetEntityByIdAsync(id); - if (GetPolicyName is not null) - { - await CheckMultiStorePolicyAsync(flashSalePlan.StoreId, GetPolicyName); - } + await CheckGetPolicyAsync(); if (!flashSalePlan.IsPublished) { @@ -122,10 +119,7 @@ public class FlashSalePlanAppService : public override async Task> GetListAsync(FlashSalePlanGetListInput input) { - if (GetListPolicyName is not null) - { - await CheckMultiStorePolicyAsync(input.StoreId, GetListPolicyName); - } + await CheckGetListPolicyAsync(); return await base.GetListAsync(input); } diff --git a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSaleResults/FlashSaleResultAppService.cs b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSaleResults/FlashSaleResultAppService.cs index d58f19b0..c9034bb9 100644 --- a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSaleResults/FlashSaleResultAppService.cs +++ b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSaleResults/FlashSaleResultAppService.cs @@ -5,6 +5,7 @@ using EasyAbp.EShop.Plugins.FlashSales.FlashSaleResults.Dtos; using EasyAbp.EShop.Plugins.FlashSales.Permissions; using EasyAbp.EShop.Stores.Stores; using Volo.Abp.Application.Dtos; +using Volo.Abp.Users; namespace EasyAbp.EShop.Plugins.FlashSales.FlashSaleResults; @@ -24,12 +25,11 @@ public class FlashSaleResultAppService : { var flashSaleResult = await GetEntityByIdAsync(id); - if (GetPolicyName is not null) + if (flashSaleResult.UserId == CurrentUser.Id) { - await CheckMultiStorePolicyAsync(flashSaleResult.StoreId, GetPolicyName); + await CheckGetPolicyAsync(); } - - if (flashSaleResult.UserId != CurrentUser.Id) + else { await CheckMultiStorePolicyAsync(flashSaleResult.StoreId, FlashSalesPermissions.FlashSaleResult.Manage); } @@ -39,7 +39,11 @@ public class FlashSaleResultAppService : public override async Task> GetListAsync(FlashSaleResultGetListInput input) { - if (GetListPolicyName is not null) + if (input.UserId.HasValue && input.UserId == CurrentUser.Id) + { + await CheckGetListPolicyAsync(); + } + else { await CheckMultiStorePolicyAsync(input.StoreId, GetListPolicyName); } @@ -49,11 +53,6 @@ public class FlashSaleResultAppService : protected override async Task> CreateFilteredQueryAsync(FlashSaleResultGetListInput input) { - if (input.UserId != CurrentUser.Id) - { - await CheckMultiStorePolicyAsync(input.StoreId, FlashSalesPermissions.FlashSaleResult.Manage); - } - return (await base.CreateFilteredQueryAsync(input)) .WhereIf(input.StoreId.HasValue, x => x.StoreId == input.StoreId.Value) .WhereIf(input.PlanId.HasValue, x => x.PlanId == input.PlanId.Value)