fix query

2025-04-25 11:36:20 +08:00 · 2025-04-25 11:36:20 +08:00 · e99814461e
commit e99814461e
parent 7b6d7fcb50
1 changed files with 9 additions and 4 deletions
--- a/app/user/cmd/api/internal/logic/query/querydetailbyorderidlogic.go
+++ b/app/user/cmd/api/internal/logic/query/querydetailbyorderidlogic.go
@ -52,10 +52,15 @@ func (l *QueryDetailByOrderIdLogic) QueryDetailByOrderId(req *types.QueryDetailB
 		}
 		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "报告查询, 查找报告错误: %v", err)
 	}
-
-	// 安全验证：确保订单属于当前用户
-	if order.UserId != userId {
-		return nil, errors.Wrapf(xerr.NewErrCode(xerr.LOGIC_QUERY_NOT_FOUND), "无权查看此订单报告")
+	user, err := l.svcCtx.UserModel.FindOne(l.ctx, userId)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "报告查询, 查找用户错误: %v", err)
+	}
+	if user.Inside != 1 {
+		// 安全验证：确保订单属于当前用户
+		if order.UserId != userId {
+			return nil, errors.Wrapf(xerr.NewErrCode(xerr.LOGIC_QUERY_NOT_FOUND), "无权查看此订单报告")
+		}
 	}

 	// 创建渐进式延迟策略实例