Merge branch 'main' of http://1.117.67.95:3000/team/ycc-proxy-server

2026-05-19 20:30:35 +08:00
parent fc9d7983b7 93886e2e90
commit 6c540c4216
13 changed files with 514 additions and 103 deletions
--- a/app/main/api/internal/logic/admin_order/admingetorderlistlogic.go
+++ b/app/main/api/internal/logic/admin_order/admingetorderlistlogic.go
@@ -2,12 +2,16 @@ package admin_order

 import (
 	"context"
+	"encoding/hex"
+	"strings"
 	"sync"

 	"ycc-server/app/main/api/internal/svc"
 	"ycc-server/app/main/api/internal/types"
 	"ycc-server/app/main/model"
+	"ycc-server/common/globalkey"
 	"ycc-server/common/xerr"
+	"ycc-server/pkg/lzkit/crypto"

 	"github.com/Masterminds/squirrel"
 	"github.com/pkg/errors"
@@ -72,6 +76,44 @@ func (l *AdminGetOrderListLogic) AdminGetOrderList(req *types.AdminGetOrderListR
 	if req.RefundTimeEnd != "" {
 		builder = builder.Where("refund_time <= ?", req.RefundTimeEnd)
 	}
+	if req.QuerySubjectName != "" || req.QuerySubjectMobile != "" || req.QuerySubjectIdCard != "" {
+		key, decodeErr := hex.DecodeString(l.svcCtx.Config.Encrypt.SecretKey)
+		if decodeErr != nil {
+			return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR),
+				"AdminGetOrderList, AES密钥解析失败 err: %v", decodeErr)
+		}
+		conds := []string{"del_state = ?"}
+		args := []interface{}{globalkey.DelStateNo}
+		if req.QuerySubjectName != "" {
+			enc, _, encErr := crypto.EncryptDeterministicOptional(req.QuerySubjectName, key)
+			if encErr != nil {
+				return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR),
+					"AdminGetOrderList, 加密筛选姓名失败 err: %v", encErr)
+			}
+			conds = append(conds, "enc_real_name = ?")
+			args = append(args, enc)
+		}
+		if req.QuerySubjectMobile != "" {
+			enc, encErr := crypto.EncryptMobile(req.QuerySubjectMobile, l.svcCtx.Config.Encrypt.SecretKey)
+			if encErr != nil {
+				return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR),
+					"AdminGetOrderList, 加密筛选手机号失败 err: %v", encErr)
+			}
+			conds = append(conds, "enc_mobile = ?")
+			args = append(args, enc)
+		}
+		if req.QuerySubjectIdCard != "" {
+			enc, encErr := crypto.EncryptIDCard(req.QuerySubjectIdCard, key)
+			if encErr != nil {
+				return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR),
+					"AdminGetOrderList, 加密筛选身份证失败 err: %v", encErr)
+			}
+			conds = append(conds, "enc_id_card = ?")
+			args = append(args, enc)
+		}
+		subSQL := "id IN (SELECT order_id FROM query_subject_index WHERE " + strings.Join(conds, " AND ") + ")"
+		builder = builder.Where(subSQL, args...)
+	}

 	// 并发获取总数和列表
 	var total int64
@@ -85,7 +127,7 @@ func (l *AdminGetOrderListLogic) AdminGetOrderList(req *types.AdminGetOrderListR
 		return nil
 	}, func() error {
 		var err error
-		orders, err = l.svcCtx.OrderModel.FindPageListByPage(l.ctx, builder, req.Page, req.PageSize, "id DESC")
+		orders, err = l.svcCtx.OrderModel.FindPageListByPage(l.ctx, builder, req.Page, req.PageSize, "create_time DESC")
 		if err != nil {
 			return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "AdminGetOrderList, 查询订单列表失败 err: %v", err)
 		}
--- a/app/main/api/internal/logic/admin_query/admingetquerydetailbyorderidlogic.go
+++ b/app/main/api/internal/logic/admin_query/admingetquerydetailbyorderidlogic.go
@@ -72,16 +72,48 @@ func (l *AdminGetQueryDetailByOrderIdLogic) AdminGetQueryDetailByOrderId(req *ty
 		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "报告查询, 获取商品信息失败, %v", err)
 	}
 	query.ProductName = product.ProductName
+
+	// 查询代理订单信息，判断是否是代理单
+	var agentUserName string
+	var agentUserMobile string
+	agentOrder, err := l.svcCtx.AgentOrderModel.FindOneByOrderId(l.ctx, queryModel.OrderId)
+	if err == nil && agentOrder != nil {
+		// 是代理单，查询代理实名信息获取姓名和手机号
+		realNameInfo, realNameErr := l.svcCtx.AgentRealNameModel.FindOneByAgentId(l.ctx, agentOrder.AgentId)
+		if realNameErr == nil && realNameInfo != nil {
+			agentUserName = realNameInfo.Name
+			// 解密实名认证中的手机号（ECB加密，使用 DecryptMobile）
+			if realNameInfo.Mobile != "" {
+				decryptedMobile, decryptErr := crypto.DecryptMobile(realNameInfo.Mobile, l.svcCtx.Config.Encrypt.SecretKey)
+				if decryptErr == nil {
+					agentUserMobile = decryptedMobile
+				}
+			}
+		}
+		// 如果实名认证中没有手机号，回退到Agent表获取
+		if agentUserMobile == "" {
+			agentInfo, agentErr := l.svcCtx.AgentModel.FindOne(l.ctx, agentOrder.AgentId)
+			if agentErr == nil && agentInfo != nil {
+				decryptedMobile, decryptErr := crypto.DecryptMobile(agentInfo.Mobile, l.svcCtx.Config.Encrypt.SecretKey)
+				if decryptErr == nil {
+					agentUserMobile = decryptedMobile
+				}
+			}
+		}
+	}
+
 	return &types.AdminGetQueryDetailByOrderIdResp{
-		Id:          query.Id,
-		OrderId:     query.OrderId,
-		UserId:      query.UserId,
-		ProductName: query.ProductName,
-		QueryParams: query.QueryParams,
-		QueryData:   query.QueryData,
-		CreateTime:  query.CreateTime,
-		UpdateTime:  query.UpdateTime,
-		QueryState:  query.QueryState,
+		Id:              query.Id,
+		OrderId:         query.OrderId,
+		UserId:          query.UserId,
+		ProductName:     query.ProductName,
+		QueryParams:     query.QueryParams,
+		QueryData:       query.QueryData,
+		CreateTime:      query.CreateTime,
+		UpdateTime:      query.UpdateTime,
+		QueryState:      query.QueryState,
+		AgentUserName:   agentUserName,
+		AgentUserMobile: agentUserMobile,
 	}, nil
 }

--- a/app/main/api/internal/pkg/querysubject/extract.go
+++ b/app/main/api/internal/pkg/querysubject/extract.go
@@ -0,0 +1,60 @@
+package querysubject
+
+import (
+	"strings"
+)
+
+func isNameField(key string) bool {
+	key = strings.ToLower(key)
+	if isPhoneField(key) || isIDCardField(key) {
+		return false
+	}
+	return strings.Contains(key, "name") || strings.Contains(key, "姓名") ||
+		strings.Contains(key, "owner") || strings.Contains(key, "main")
+}
+
+func isIDCardField(key string) bool {
+	key = strings.ToLower(key)
+	return strings.Contains(key, "idcard") || strings.Contains(key, "id_card") ||
+		strings.Contains(key, "身份证") || strings.Contains(key, "证件号")
+}
+
+func isPhoneField(key string) bool {
+	key = strings.ToLower(key)
+	return strings.Contains(key, "phone") || strings.Contains(key, "mobile") ||
+		strings.Contains(key, "手机") || strings.Contains(key, "电话")
+}
+
+// ExtractPlainSubject 从解密后的 query 参数 map 中提取被查询人姓名、手机、身份证（首次匹配优先）
+func ExtractPlainSubject(m map[string]interface{}) (name, mobile, idCard string) {
+	walkMap(m, &name, &mobile, &idCard)
+	return name, mobile, idCard
+}
+
+func walkMap(m map[string]interface{}, name, mobile, idCard *string) {
+	for k, v := range m {
+		switch val := v.(type) {
+		case string:
+			assignSubjectField(k, val, name, mobile, idCard)
+		case map[string]interface{}:
+			walkMap(val, name, mobile, idCard)
+		}
+	}
+}
+
+func assignSubjectField(key, val string, name, mobile, idCard *string) {
+	if val == "" {
+		return
+	}
+	if *idCard == "" && isIDCardField(key) {
+		*idCard = val
+		return
+	}
+	if *mobile == "" && isPhoneField(key) {
+		*mobile = val
+		return
+	}
+	if *name == "" && isNameField(key) {
+		*name = val
+	}
+}
--- a/app/main/api/internal/queue/paySuccessNotify.go
+++ b/app/main/api/internal/queue/paySuccessNotify.go
@@ -2,15 +2,18 @@ package queue

 import (
 	"context"
+	"database/sql"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"os"
 	"regexp"
 	"strings"
+	"ycc-server/app/main/api/internal/pkg/querysubject"
 	"ycc-server/app/main/api/internal/svc"
 	"ycc-server/app/main/api/internal/types"
 	"ycc-server/app/main/model"
+	"ycc-server/common/globalkey"
 	"ycc-server/pkg/lzkit/crypto"
 	"ycc-server/pkg/lzkit/lzUtils"

@@ -73,6 +76,11 @@ func (l *PaySuccessNotifyUserHandler) ProcessTask(ctx context.Context, t *asynq.
 		return fmt.Errorf("解密参数失败: %+v", aesdecryptErr)
 	}

+	var userInfo map[string]interface{}
+	if err := json.Unmarshal(decryptData, &userInfo); err != nil {
+		return fmt.Errorf("解析用户信息失败: %+v", err)
+	}
+
 	query := &model.Query{
 		Id:          uuid.NewString(),
 		OrderId:     order.Id,
@@ -86,6 +94,10 @@ func (l *PaySuccessNotifyUserHandler) ProcessTask(ctx context.Context, t *asynq.
 		return fmt.Errorf("保存查询失败: %+v", insertQueryErr)
 	}

+	if err := l.insertQuerySubjectIndex(ctx, query.Id, order.Id, userInfo, key); err != nil {
+		logx.Errorf("写入被查询人密文索引失败 order=%s query=%s err=%v", order.Id, query.Id, err)
+	}
+
 	// 插入后使用预生成的查询ID
 	queryId := query.Id

@@ -95,12 +107,6 @@ func (l *PaySuccessNotifyUserHandler) ProcessTask(ctx context.Context, t *asynq.
 		return fmt.Errorf("获取插入后的查询记录失败: %+v", err)
 	}

-	// 解析解密后的参数获取用户信息
-	var userInfo map[string]interface{}
-	if err := json.Unmarshal(decryptData, &userInfo); err != nil {
-		return fmt.Errorf("解析用户信息失败: %+v", err)
-	}
-
 	// 生成授权书
 	authDoc, err := l.svcCtx.AuthorizationService.GenerateAuthorizationDocument(
 		ctx, order.UserId, order.Id, queryId, userInfo,
@@ -262,6 +268,42 @@ func (l *PaySuccessNotifyUserHandler) handleError(ctx context.Context, err error
 	return asynq.SkipRetry
 }

+func (l *PaySuccessNotifyUserHandler) insertQuerySubjectIndex(
+	ctx context.Context,
+	queryId, orderId string,
+	userInfo map[string]interface{},
+	aesKey []byte,
+) error {
+	name, mobile, idCard := querysubject.ExtractPlainSubject(userInfo)
+	if name == "" && mobile == "" && idCard == "" {
+		return nil
+	}
+	row := &model.QuerySubjectIndex{
+		Id:       uuid.New().String(),
+		QueryId:  queryId,
+		OrderId:  orderId,
+		DelState: globalkey.DelStateNo,
+		Version:  0,
+	}
+	if enc, ok, err := crypto.EncryptDeterministicOptional(name, aesKey); err != nil {
+		return err
+	} else if ok {
+		row.EncRealName = sql.NullString{String: enc, Valid: true}
+	}
+	if enc, ok, err := crypto.EncryptDeterministicOptional(mobile, aesKey); err != nil {
+		return err
+	} else if ok {
+		row.EncMobile = sql.NullString{String: enc, Valid: true}
+	}
+	if enc, ok, err := crypto.EncryptDeterministicOptional(idCard, aesKey); err != nil {
+		return err
+	} else if ok {
+		row.EncIdCard = sql.NullString{String: enc, Valid: true}
+	}
+	_, err := l.svcCtx.QuerySubjectIndexModel.Insert(ctx, row)
+	return err
+}
+
 // desensitizeParams 对敏感数据进行脱敏处理
 func (l *PaySuccessNotifyUserHandler) desensitizeParams(data []byte) ([]byte, error) {
 	// 解析JSON数据到map
--- a/app/main/api/internal/service/verificationService.go
+++ b/app/main/api/internal/service/verificationService.go
@@ -1,26 +1,27 @@
 package service

 import (
-    "context"
-    "encoding/json"
-    "fmt"
-    "io"
-    "net/http"
-    "ycc-server/app/main/api/internal/config"
-    tianyuanapi "ycc-server/app/main/api/internal/service/tianyuanapi_sdk"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"ycc-server/app/main/api/internal/config"
+	tianyuanapi "ycc-server/app/main/api/internal/service/tianyuanapi_sdk"

-    "github.com/tidwall/gjson"
+	"github.com/tidwall/gjson"
 )
+
 type VerificationService struct {
 	c                 config.Config
-	tianyuanapi    *tianyuanapi.Client
+	tianyuanapi       *tianyuanapi.Client
 	apiRequestService *ApiRequestService
 }

 func NewVerificationService(c config.Config, tianyuanapi *tianyuanapi.Client, apiRequestService *ApiRequestService) *VerificationService {
 	return &VerificationService{
 		c:                 c,
-		tianyuanapi:    tianyuanapi,
+		tianyuanapi:       tianyuanapi,
 		apiRequestService: apiRequestService,
 	}
 }
@@ -156,52 +157,52 @@ func (r *VerificationService) ThreeFactorVerification(request ThreeFactorVerific

 // GetWechatH5OpenID 通过code获取微信H5 OpenID
 func (r *VerificationService) GetWechatH5OpenID(ctx context.Context, code string) (string, error) {
-    appID := r.c.WechatH5.AppID
-    appSecret := r.c.WechatH5.AppSecret
-    url := fmt.Sprintf("https://api.weixin.qq.com/sns/oauth2/access_token?appid=%s&secret=%s&code=%s&grant_type=authorization_code", appID, appSecret, code)
-    resp, err := http.Get(url)
-    if err != nil {
-        return "", err
-    }
-    defer resp.Body.Close()
-    body, err := io.ReadAll(resp.Body)
-    if err != nil {
-        return "", err
-    }
-    var data struct {
-        Openid string `json:"openid"`
-    }
-    if err := json.Unmarshal(body, &data); err != nil {
-        return "", err
-    }
-    if data.Openid == "" {
-        return "", fmt.Errorf("openid为空")
-    }
-    return data.Openid, nil
+	appID := r.c.WechatH5.AppID
+	appSecret := r.c.WechatH5.AppSecret
+	url := fmt.Sprintf("https://api.weixin.qq.com/sns/oauth2/access_token?appid=%s&secret=%s&code=%s&grant_type=authorization_code", appID, appSecret, code)
+	resp, err := http.Get(url)
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return "", err
+	}
+	var data struct {
+		Openid string `json:"openid"`
+	}
+	if err := json.Unmarshal(body, &data); err != nil {
+		return "", err
+	}
+	if data.Openid == "" {
+		return "", fmt.Errorf("openid为空")
+	}
+	return data.Openid, nil
 }

 // GetWechatMiniOpenID 通过code获取微信小程序 OpenID
 func (r *VerificationService) GetWechatMiniOpenID(ctx context.Context, code string) (string, error) {
-    appID := r.c.WechatMini.AppID
-    appSecret := r.c.WechatMini.AppSecret
-    url := fmt.Sprintf("https://api.weixin.qq.com/sns/jscode2session?appid=%s&secret=%s&js_code=%s&grant_type=authorization_code", appID, appSecret, code)
-    resp, err := http.Get(url)
-    if err != nil {
-        return "", err
-    }
-    defer resp.Body.Close()
-    body, err := io.ReadAll(resp.Body)
-    if err != nil {
-        return "", err
-    }
-    var data struct {
-        Openid string `json:"openid"`
-    }
-    if err := json.Unmarshal(body, &data); err != nil {
-        return "", err
-    }
-    if data.Openid == "" {
-        return "", fmt.Errorf("openid为空")
-    }
-    return data.Openid, nil
+	appID := r.c.WechatMini.AppID
+	appSecret := r.c.WechatMini.AppSecret
+	url := fmt.Sprintf("https://api.weixin.qq.com/sns/jscode2session?appid=%s&secret=%s&js_code=%s&grant_type=authorization_code", appID, appSecret, code)
+	resp, err := http.Get(url)
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return "", err
+	}
+	var data struct {
+		Openid string `json:"openid"`
+	}
+	if err := json.Unmarshal(body, &data); err != nil {
+		return "", err
+	}
+	if data.Openid == "" {
+		return "", fmt.Errorf("openid为空")
+	}
+	return data.Openid, nil
 }
--- a/app/main/api/internal/svc/servicecontext.go
+++ b/app/main/api/internal/svc/servicecontext.go
@@ -47,6 +47,7 @@ type ServiceContext struct {
 	OrderModel              model.OrderModel
 	OrderRefundModel        model.OrderRefundModel
 	QueryModel              model.QueryModel
+	QuerySubjectIndexModel  model.QuerySubjectIndexModel
 	QueryCleanupLogModel    model.QueryCleanupLogModel
 	QueryCleanupDetailModel model.QueryCleanupDetailModel
 	QueryCleanupConfigModel model.QueryCleanupConfigModel
@@ -143,6 +144,7 @@ func NewServiceContext(c config.Config) *ServiceContext {
 	// ============================== 订单相关模型 ==============================
 	orderModel := model.NewOrderModel(db, cacheConf)
 	queryModel := model.NewQueryModel(db, cacheConf)
+	querySubjectIndexModel := model.NewQuerySubjectIndexModel(db, cacheConf)
 	orderRefundModel := model.NewOrderRefundModel(db, cacheConf)
 	queryCleanupLogModel := model.NewQueryCleanupLogModel(db, cacheConf)
 	queryCleanupDetailModel := model.NewQueryCleanupDetailModel(db, cacheConf)
@@ -261,6 +263,7 @@ func NewServiceContext(c config.Config) *ServiceContext {
 		// 订单相关模型
 		OrderModel:              orderModel,
 		QueryModel:              queryModel,
+		QuerySubjectIndexModel:  querySubjectIndexModel,
 		OrderRefundModel:        orderRefundModel,
 		QueryCleanupLogModel:    queryCleanupLogModel,
 		QueryCleanupDetailModel: queryCleanupDetailModel,
--- a/app/main/api/internal/types/types.go
+++ b/app/main/api/internal/types/types.go
@@ -569,21 +569,24 @@ type AdminGetOrderDetailResp struct {
 }

 type AdminGetOrderListReq struct {
-	Page            int64   `form:"page,default=1"`             // 页码
-	PageSize        int64   `form:"pageSize,default=20"`        // 每页数量
-	OrderNo         string  `form:"order_no,optional"`          // 商户订单号
-	PlatformOrderId string  `form:"platform_order_id,optional"` // 支付订单号
-	ProductName     string  `form:"product_name,optional"`      // 产品名称
-	PaymentPlatform string  `form:"payment_platform,optional"`  // 支付方式
-	PaymentScene    string  `form:"payment_scene,optional"`     // 支付平台
-	Amount          float64 `form:"amount,optional"`            // 金额
-	Status          string  `form:"status,optional"`            // 支付状态：pending-待支付，paid-已支付，refunded-已退款，closed-已关闭，failed-支付失败
-	CreateTimeStart string  `form:"create_time_start,optional"` // 创建时间开始
-	CreateTimeEnd   string  `form:"create_time_end,optional"`   // 创建时间结束
-	PayTimeStart    string  `form:"pay_time_start,optional"`    // 支付时间开始
-	PayTimeEnd      string  `form:"pay_time_end,optional"`      // 支付时间结束
-	RefundTimeStart string  `form:"refund_time_start,optional"` // 退款时间开始
-	RefundTimeEnd   string  `form:"refund_time_end,optional"`   // 退款时间结束
+	Page               int64   `form:"page,default=1"`                 // 页码
+	PageSize           int64   `form:"pageSize,default=20"`            // 每页数量
+	OrderNo            string  `form:"order_no,optional"`              // 商户订单号
+	PlatformOrderId    string  `form:"platform_order_id,optional"`     // 支付订单号
+	ProductName        string  `form:"product_name,optional"`          // 产品名称
+	PaymentPlatform    string  `form:"payment_platform,optional"`      // 支付方式
+	PaymentScene       string  `form:"payment_scene,optional"`         // 支付平台
+	Amount             float64 `form:"amount,optional"`                // 金额
+	Status             string  `form:"status,optional"`                // 支付状态：pending-待支付，paid-已支付，refunded-已退款，closed-已关闭，failed-支付失败
+	CreateTimeStart    string  `form:"create_time_start,optional"`     // 创建时间开始
+	CreateTimeEnd      string  `form:"create_time_end,optional"`       // 创建时间结束
+	PayTimeStart       string  `form:"pay_time_start,optional"`        // 支付时间开始
+	PayTimeEnd         string  `form:"pay_time_end,optional"`          // 支付时间结束
+	RefundTimeStart    string  `form:"refund_time_start,optional"`     // 退款时间开始
+	RefundTimeEnd      string  `form:"refund_time_end,optional"`       // 退款时间结束
+	QuerySubjectName   string  `form:"query_subject_name,optional"`    // 姓名（明文，服务端转密文查询）
+	QuerySubjectMobile string  `form:"query_subject_mobile,optional"`  // 手机号
+	QuerySubjectIdCard string  `form:"query_subject_id_card,optional"` // 身份证
 }

 type AdminGetOrderListResp struct {
@@ -703,15 +706,17 @@ type AdminGetQueryDetailByOrderIdReq struct {
 }

 type AdminGetQueryDetailByOrderIdResp struct {
-	Id          string                 `json:"id"`           // 主键ID
-	OrderId     string                 `json:"order_id"`     // 订单ID
-	UserId      string                 `json:"user_id"`      // 用户ID
-	ProductName string                 `json:"product_name"` // 产品ID
-	QueryParams map[string]interface{} `json:"query_params"`
-	QueryData   []AdminQueryItem       `json:"query_data"`
-	CreateTime  string                 `json:"create_time"` // 创建时间
-	UpdateTime  string                 `json:"update_time"` // 更新时间
-	QueryState  string                 `json:"query_state"` // 查询状态
+	Id              string                 `json:"id"`           // 主键ID
+	OrderId         string                 `json:"order_id"`     // 订单ID
+	UserId          string                 `json:"user_id"`      // 用户ID
+	ProductName     string                 `json:"product_name"` // 产品名称
+	QueryParams     map[string]interface{} `json:"query_params"`
+	QueryData       []AdminQueryItem       `json:"query_data"`
+	CreateTime      string                 `json:"create_time"`       // 创建时间
+	UpdateTime      string                 `json:"update_time"`       // 更新时间
+	QueryState      string                 `json:"query_state"`       // 查询状态
+	AgentUserName   string                 `json:"agent_user_name"`   // 代理用户姓名（非代理单时为空）
+	AgentUserMobile string                 `json:"agent_user_mobile"` // 代理用户手机号（非代理单时为空）
 }

 type AdminGetRoleApiListReq struct {