From 22a4d0dbce111943c0993050b19c7bf715051ea4 Mon Sep 17 00:00:00 2001 From: gdlcf88 Date: Tue, 9 Aug 2022 13:49:02 +0800 Subject: [PATCH 1/2] Fix authorization of flash sales module --- .../FlashSalePlans/FlashSalePlanAppService.cs | 10 ++-------- .../FlashSaleResultAppService.cs | 19 +++++++++---------- 2 files changed, 11 insertions(+), 18 deletions(-) diff --git a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs index 14d8e91c..2eb6b92d 100644 --- a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs +++ b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs @@ -107,10 +107,7 @@ public class FlashSalePlanAppService : { var flashSalePlan = await GetEntityByIdAsync(id); - if (GetPolicyName is not null) - { - await CheckMultiStorePolicyAsync(flashSalePlan.StoreId, GetPolicyName); - } + await CheckGetPolicyAsync(); if (!flashSalePlan.IsPublished) { @@ -122,10 +119,7 @@ public class FlashSalePlanAppService : public override async Task> GetListAsync(FlashSalePlanGetListInput input) { - if (GetListPolicyName is not null) - { - await CheckMultiStorePolicyAsync(input.StoreId, GetListPolicyName); - } + await CheckGetListPolicyAsync(); return await base.GetListAsync(input); } diff --git a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSaleResults/FlashSaleResultAppService.cs b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSaleResults/FlashSaleResultAppService.cs index d58f19b0..c9034bb9 100644 --- a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSaleResults/FlashSaleResultAppService.cs +++ b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSaleResults/FlashSaleResultAppService.cs @@ -5,6 +5,7 @@ using EasyAbp.EShop.Plugins.FlashSales.FlashSaleResults.Dtos; using EasyAbp.EShop.Plugins.FlashSales.Permissions; using EasyAbp.EShop.Stores.Stores; using Volo.Abp.Application.Dtos; +using Volo.Abp.Users; namespace EasyAbp.EShop.Plugins.FlashSales.FlashSaleResults; @@ -24,12 +25,11 @@ public class FlashSaleResultAppService : { var flashSaleResult = await GetEntityByIdAsync(id); - if (GetPolicyName is not null) + if (flashSaleResult.UserId == CurrentUser.Id) { - await CheckMultiStorePolicyAsync(flashSaleResult.StoreId, GetPolicyName); + await CheckGetPolicyAsync(); } - - if (flashSaleResult.UserId != CurrentUser.Id) + else { await CheckMultiStorePolicyAsync(flashSaleResult.StoreId, FlashSalesPermissions.FlashSaleResult.Manage); } @@ -39,7 +39,11 @@ public class FlashSaleResultAppService : public override async Task> GetListAsync(FlashSaleResultGetListInput input) { - if (GetListPolicyName is not null) + if (input.UserId.HasValue && input.UserId == CurrentUser.Id) + { + await CheckGetListPolicyAsync(); + } + else { await CheckMultiStorePolicyAsync(input.StoreId, GetListPolicyName); } @@ -49,11 +53,6 @@ public class FlashSaleResultAppService : protected override async Task> CreateFilteredQueryAsync(FlashSaleResultGetListInput input) { - if (input.UserId != CurrentUser.Id) - { - await CheckMultiStorePolicyAsync(input.StoreId, FlashSalesPermissions.FlashSaleResult.Manage); - } - return (await base.CreateFilteredQueryAsync(input)) .WhereIf(input.StoreId.HasValue, x => x.StoreId == input.StoreId.Value) .WhereIf(input.PlanId.HasValue, x => x.PlanId == input.PlanId.Value) From 2177adec7bc191f161fb793663a5e5109264d5ee Mon Sep 17 00:00:00 2001 From: gdlcf88 Date: Tue, 9 Aug 2022 13:51:03 +0800 Subject: [PATCH 2/2] Fix `FlashSalePlanAppService.CreateFilteredQueryAsync` method --- .../FlashSalePlans/FlashSalePlanAppService.cs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs index 2eb6b92d..b61b3a50 100644 --- a/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs +++ b/plugins/FlashSales/src/EasyAbp.EShop.Plugins.FlashSales.Application/EasyAbp/EShop/Plugins/FlashSales/FlashSalePlans/FlashSalePlanAppService.cs @@ -121,6 +121,11 @@ public class FlashSalePlanAppService : { await CheckGetListPolicyAsync(); + if (input.IncludeUnpublished) + { + await CheckMultiStorePolicyAsync(input.StoreId, FlashSalesPermissions.FlashSalePlan.Manage); + } + return await base.GetListAsync(input); } @@ -191,11 +196,6 @@ public class FlashSalePlanAppService : protected override async Task> CreateFilteredQueryAsync(FlashSalePlanGetListInput input) { - if (input.IncludeUnpublished) - { - await CheckMultiStorePolicyAsync(input.StoreId, FlashSalesPermissions.FlashSalePlan.Manage); - } - return (await base.CreateFilteredQueryAsync(input)) .WhereIf(input.StoreId.HasValue, x => x.StoreId == input.StoreId.Value) .WhereIf(input.ProductId.HasValue, x => x.ProductId == input.ProductId.Value)