From f08cc005dc1c443bd6bfc7da008619157660e033 Mon Sep 17 00:00:00 2001
From: gdlcf88 <47396430@qq.com>
Date: Wed, 29 Apr 2020 23:28:31 +0800
Subject: [PATCH] Improved get list with hidden items permission check.

---
 .../EasyAbp/EShop/Products/Categories/CategoryAppService.cs | 6 +++---
 .../EasyAbp/EShop/Products/Products/ProductAppService.cs    | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/modules/EasyAbp.EShop.Products/src/EasyAbp.EShop.Products.Application/EasyAbp/EShop/Products/Categories/CategoryAppService.cs b/modules/EasyAbp.EShop.Products/src/EasyAbp.EShop.Products.Application/EasyAbp/EShop/Products/Categories/CategoryAppService.cs
index 45644a9f..a38604ec 100644
--- a/modules/EasyAbp.EShop.Products/src/EasyAbp.EShop.Products.Application/EasyAbp/EShop/Products/Categories/CategoryAppService.cs
+++ b/modules/EasyAbp.EShop.Products/src/EasyAbp.EShop.Products.Application/EasyAbp/EShop/Products/Categories/CategoryAppService.cs
@@ -35,9 +35,9 @@ namespace EasyAbp.EShop.Products.Categories
         public override async Task<PagedResultDto<CategoryDto>> GetListAsync(GetCategoryListDto input)
         {
             // Todo: Check if current user is an admin of the store.
-            var isCurrentUserStoreAdmin = true;
-
-            if (input.ShowHidden && (!isCurrentUserStoreAdmin || !await AuthorizationService.IsGrantedAsync(ProductsPermissions.Categories.Default)))
+            var isCurrentUserStoreAdmin = true && await AuthorizationService.IsGrantedAsync(ProductsPermissions.Categories.Default);
+            
+            if (input.ShowHidden && !isCurrentUserStoreAdmin)
             {
                 throw new NotAllowedToGetCategoryListWithShowHiddenException();
             }
diff --git a/modules/EasyAbp.EShop.Products/src/EasyAbp.EShop.Products.Application/EasyAbp/EShop/Products/Products/ProductAppService.cs b/modules/EasyAbp.EShop.Products/src/EasyAbp.EShop.Products.Application/EasyAbp/EShop/Products/Products/ProductAppService.cs
index 201ef42e..f3ba1721 100644
--- a/modules/EasyAbp.EShop.Products/src/EasyAbp.EShop.Products.Application/EasyAbp/EShop/Products/Products/ProductAppService.cs
+++ b/modules/EasyAbp.EShop.Products/src/EasyAbp.EShop.Products.Application/EasyAbp/EShop/Products/Products/ProductAppService.cs
@@ -194,9 +194,9 @@ namespace EasyAbp.EShop.Products.Products
             await CheckGetListPolicyAsync();
 
             // Todo: Check if current user is an admin of the store.
-            var isCurrentUserStoreAdmin = true;
+            var isCurrentUserStoreAdmin = true && await AuthorizationService.IsGrantedAsync(ProductsPermissions.Products.Default);
             
-            if (input.ShowHidden && (!isCurrentUserStoreAdmin || !await AuthorizationService.IsGrantedAsync(ProductsPermissions.Products.Default)))
+            if (input.ShowHidden && !isCurrentUserStoreAdmin)
             {
                 throw new NotAllowedToGetProductListWithShowHiddenException();
             }