check

conf/script/1000/orderApi/BE_Order_AcceptOrder_Request.groovy

@@ -7,6 +7,7 @@ import com.dderp.common.api.flycat.OrderSearchService
 import com.dderp.common.api.flycat.OrderService
 import com.dderp.common.api.flycat.OrderStepService
 import com.dderp.common.datas.ERPModule
+import com.dderp.common.datas.TokenUserFrom
 import com.dderp.common.entity.base.InvokeCallParams
 import com.dderp.common.entity.base.InvokeCallResult
 import com.dderp.common.entity.order.BusinessOrder
@@ -73,6 +74,29 @@ class BE_Order_AcceptOrder_Request implements BusinessExecutor<InvokeCallParams,
     }
 
     @Override
+    RetResult<InvokeCallParams> checkExecute(InvokeCallParams source) {
+        String dataSourceId = source.dataSourceId
+        long supplierCode = source.supplierCode
+        ERPTokenUser currentUser = source.currentUser
+
+        def jsonSlurper = new JsonSlurper()
+        def invokeOrder = jsonSlurper.parseText(source.params)
+        long idOrder = invokeOrder["idOrder"] as Long
+        RetResult<BusinessOrder> orderResult = orderSearchService.getBusinessOrder(idOrder, currentUser, dataSourceId, supplierCode, null)
+        if (!orderResult.isSuccess()) return RetResult.<InvokeCallParams> errorT().retinfo(orderResult.retinfo)
+
+        BusinessOrder esOrder = orderResult.result
+
+        if ((source.currentUser.userFrom == TokenUserFrom.APP_STORE_ADMIN.value) || (source.currentUser.userFrom == TokenUserFrom.PC_STORE_ADMIN.value)) {
+            if (esOrder.idStore != source.currentUser.idBindOrg) {
+                return RetResult.<InvokeCallParams> errorT().retinfo("无效的订单信息")
+            }
+        }
+
+        return super.checkExecute(source)
+    }
+
+    @Override
     RetResult<InvokeCallParams> beforeExecute(InvokeCallParams source) {
         return super.beforeExecute(source)
     }

conf/script/1000/orderApi/BE_Order_CookingDone_Request.groovy

@@ -7,6 +7,7 @@ import com.dderp.common.api.flycat.OrderSearchService
 import com.dderp.common.api.flycat.OrderService
 import com.dderp.common.api.flycat.OrderStepService
 import com.dderp.common.datas.ERPModule
+import com.dderp.common.datas.TokenUserFrom
 import com.dderp.common.entity.base.InvokeCallParams
 import com.dderp.common.entity.base.InvokeCallResult
 import com.dderp.common.entity.order.BusinessOrder
@@ -73,6 +74,29 @@ class BE_Order_CookingDone_Request implements BusinessExecutor<InvokeCallParams,
     }
 
     @Override
+    RetResult<InvokeCallParams> checkExecute(InvokeCallParams source) {
+        String dataSourceId = source.dataSourceId
+        long supplierCode = source.supplierCode
+        ERPTokenUser currentUser = source.currentUser
+
+        def jsonSlurper = new JsonSlurper()
+        def invokeOrder = jsonSlurper.parseText(source.params)
+        long idOrder = invokeOrder["idOrder"] as Long
+        RetResult<BusinessOrder> orderResult = orderSearchService.getBusinessOrder(idOrder, currentUser, dataSourceId, supplierCode, null)
+        if (!orderResult.isSuccess()) return RetResult.<InvokeCallParams> errorT().retinfo(orderResult.retinfo)
+
+        BusinessOrder esOrder = orderResult.result
+
+        if ((source.currentUser.userFrom == TokenUserFrom.APP_STORE_ADMIN.value) || (source.currentUser.userFrom == TokenUserFrom.PC_STORE_ADMIN.value)) {
+            if (esOrder.idStore != source.currentUser.idBindOrg) {
+                return RetResult.<InvokeCallParams> errorT().retinfo("无效的订单信息")
+            }
+        }
+
+        return super.checkExecute(source)
+    }
+
+    @Override
     RetResult<InvokeCallParams> beforeExecute(InvokeCallParams source) {
         return super.beforeExecute(source)
     }

conf/script/1000/orderApi/BE_Order_ProcessRefund_Request.groovy

@@ -7,8 +7,10 @@ import com.dderp.common.api.flycat.OrderSearchService
 import com.dderp.common.api.flycat.OrderService
 import com.dderp.common.api.flycat.OrderStepService
 import com.dderp.common.datas.ERPModule
+import com.dderp.common.datas.TokenUserFrom
 import com.dderp.common.entity.base.InvokeCallParams
 import com.dderp.common.entity.base.InvokeCallResult
+import com.dderp.common.entity.order.BusinessOrder
 import com.dderp.common.entity.order.OrderRefundRequest
 import com.dderp.common.entity.site.ERPTokenUser
 import com.dderp.common.tool.ERPUtils
@@ -74,6 +76,37 @@ class BE_Order_ProcessRefund_Request implements BusinessExecutor<InvokeCallParam
     }
 
     @Override
+    RetResult<InvokeCallParams> checkExecute(InvokeCallParams source) {
+        String dataSourceId = source.dataSourceId
+        long supplierCode = source.supplierCode
+        ERPTokenUser currentUser = source.currentUser
+
+        def jsonSlurper = new JsonSlurper()
+        def invokeOrder = jsonSlurper.parseText(source.params)
+        long idRefundRequest = invokeOrder["idRefundRequest"] as Long
+        int approve = invokeOrder["approve"] as int
+        String rejectReasonCode = invokeOrder["rejectReasonCode"] as String
+        String rejectMemo = invokeOrder["rejectMemo"] as String
+
+        //groovy 不能直接使用ERPUtils.PARAM_SEARCH_ID，要么直接用字符串，不知道下面的用法是否可以，需要测试一下
+        RetResult<OrderRefundRequest> requestRetResult = orderSearchService.searchOrderRefundRequest(new RMap<>("${ERPUtils.PARAM_SEARCH_ID}": idRefundRequest),
+                currentUser, dataSourceId, supplierCode, null)
+        if (!requestRetResult.isSuccess()) return RetResult.<InvokeCallParams> errorT().retinfo(requestRetResult.retinfo)
+
+        if (!(approve in [0, 1])) return RetResult.<InvokeCallParams> errorT().retinfo("传入状态非法")
+
+        OrderRefundRequest refundRequest = requestRetResult.result
+
+        if ((source.currentUser.userFrom == TokenUserFrom.APP_STORE_ADMIN.value) || (source.currentUser.userFrom == TokenUserFrom.PC_STORE_ADMIN.value)) {
+            if (refundRequest.idStore != source.currentUser.idBindOrg) {
+                return RetResult.<InvokeCallParams> errorT().retinfo("无效的订单信息")
+            }
+        }
+
+        return super.checkExecute(source)
+    }
+
+    @Override
     RetResult<InvokeCallParams> beforeExecute(InvokeCallParams source) {
         return super.beforeExecute(source)
     }

conf/script/1000/orderApi/BE_Order_RejectOrder_Request.groovy

@@ -6,6 +6,7 @@ import com.dderp.common.api.flycat.IncomePlatformService
 import com.dderp.common.api.flycat.OrderSearchService
 import com.dderp.common.api.flycat.OrderService
 import com.dderp.common.api.flycat.OrderStepService
+import com.dderp.common.datas.TokenUserFrom
 import com.dderp.common.datas.flycat.BusinessOrderStatus
 import com.dderp.common.datas.ERPModule
 import com.dderp.common.entity.base.InvokeCallParams
@@ -73,6 +74,29 @@ class BE_Order_RejectOrder_Request implements BusinessExecutor<InvokeCallParams,
         return ERPModule.ORDER_API
     }
 
+    @Override
+    RetResult<InvokeCallParams> checkExecute(InvokeCallParams source) {
+        String dataSourceId = source.dataSourceId
+        long supplierCode = source.supplierCode
+        ERPTokenUser currentUser = source.currentUser
+
+        def jsonSlurper = new JsonSlurper()
+        def invokeOrder = jsonSlurper.parseText(source.params)
+        long idOrder = invokeOrder["idOrder"] as Long
+        RetResult<BusinessOrder> orderResult = orderSearchService.getBusinessOrder(idOrder, currentUser, dataSourceId, supplierCode, null)
+        if (!orderResult.isSuccess()) return RetResult.<InvokeCallParams> errorT().retinfo(orderResult.retinfo)
+
+        BusinessOrder esOrder = orderResult.result
+
+        if ((source.currentUser.userFrom == TokenUserFrom.APP_STORE_ADMIN.value) || (source.currentUser.userFrom == TokenUserFrom.PC_STORE_ADMIN.value)) {
+            if (esOrder.idStore != source.currentUser.idBindOrg) {
+                return RetResult.<InvokeCallParams> errorT().retinfo("无效的订单信息")
+            }
+        }
+
+        return super.checkExecute(source)
+    }
+
     //params:{idOrder:xxx, rejectReason:[501,502], description:"超出配送范围"}
     RetResult<InvokeCallResult> execute(InvokeCallParams source) {
         //秒级时间戳，groovy里面不让用system

conf/script/1000/orderApi/BE_Order_StoreCancelOrder_Request.groovy

@@ -6,6 +6,7 @@ import com.dderp.common.api.flycat.IncomePlatformService
 import com.dderp.common.api.flycat.OrderSearchService
 import com.dderp.common.api.flycat.OrderService
 import com.dderp.common.api.flycat.OrderStepService
+import com.dderp.common.datas.TokenUserFrom
 import com.dderp.common.datas.flycat.BusinessOrderStatus
 import com.dderp.common.datas.ERPModule
 import com.dderp.common.entity.base.InvokeCallParams
@@ -77,6 +78,29 @@ class BE_Order_StoreCancelOrder_Request implements BusinessExecutor<InvokeCallPa
     }
 
     @Override
+    RetResult<InvokeCallParams> checkExecute(InvokeCallParams source) {
+        String dataSourceId = source.dataSourceId
+        long supplierCode = source.supplierCode
+        ERPTokenUser currentUser = source.currentUser
+
+        def jsonSlurper = new JsonSlurper()
+        def invokeOrder = jsonSlurper.parseText(source.params)
+        long idOrder = invokeOrder["idOrder"] as Long
+        RetResult<BusinessOrder> orderResult = orderSearchService.getBusinessOrder(idOrder, currentUser, dataSourceId, supplierCode, null)
+        if (!orderResult.isSuccess()) return RetResult.<InvokeCallParams> errorT().retinfo(orderResult.retinfo)
+
+        BusinessOrder esOrder = orderResult.result
+
+        if ((source.currentUser.userFrom == TokenUserFrom.APP_STORE_ADMIN.value) || (source.currentUser.userFrom == TokenUserFrom.PC_STORE_ADMIN.value)) {
+            if (esOrder.idStore != source.currentUser.idBindOrg) {
+                return RetResult.<InvokeCallParams> errorT().retinfo("无效的订单信息")
+            }
+        }
+
+        return super.checkExecute(source)
+    }
+
+    @Override
     RetResult<InvokeCallParams> beforeExecute(InvokeCallParams source) {
         return super.beforeExecute(source)
     }