修改：分享增加代理权限

2025-12-23 14:35:57 +08:00
parent 21fc156af0
commit 7b47f4512f
6 changed files with 216 additions and 13 deletions
--- a/app/main/api/internal/logic/agent/getpromotionquerylistlogic.go
+++ b/app/main/api/internal/logic/agent/getpromotionquerylistlogic.go
@@ -2,10 +2,14 @@ package agent

 import (
    "context"
+    "encoding/hex"
+    "encoding/json"
+    "strings"
    "ycc-server/app/main/model"
    "ycc-server/common/ctxdata"
    "ycc-server/common/globalkey"
    "ycc-server/common/xerr"
+    "ycc-server/pkg/lzkit/crypto"

    "github.com/jinzhu/copier"
    "github.com/pkg/errors"
@@ -71,6 +75,34 @@ func (l *GetPromotionQueryListLogic) GetPromotionQueryList(req *types.GetPromoti
            return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询产品信息失败, %v", pErr)
        }

+        // 获取订单价格
+        order, oErr := l.svcCtx.OrderModel.FindOne(l.ctx, ao.OrderId)
+        if oErr != nil {
+            return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询订单信息失败, %v", oErr)
+        }
+
+        // 解密并脱敏params
+        var params map[string]interface{}
+        if q.QueryParams != "" {
+            secretKey := l.svcCtx.Config.Encrypt.SecretKey
+            key, decodeErr := hex.DecodeString(secretKey)
+            if decodeErr != nil {
+                return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "获取AES密钥失败, %v", decodeErr)
+            }
+            decryptedData, decryptErr := crypto.AesDecrypt(q.QueryParams, key)
+            if decryptErr != nil {
+                return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "解密查询参数失败, %v", decryptErr)
+            }
+            unmarshalErr := json.Unmarshal(decryptedData, &params)
+            if unmarshalErr != nil {
+                return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "解析查询参数失败, %v", unmarshalErr)
+            }
+            // 脱敏处理
+            params = l.desensitizeParams(params)
+        } else {
+            params = make(map[string]interface{})
+        }
+
        item := types.PromotionQueryItem{}
        _ = copier.Copy(&item, q)
        item.Id = q.Id
@@ -78,6 +110,8 @@ func (l *GetPromotionQueryListLogic) GetPromotionQueryList(req *types.GetPromoti
        item.ProductName = product.ProductName
        item.CreateTime = q.CreateTime.Format("2006-01-02 15:04:05")
        item.QueryState = q.QueryState
+        item.Params = params
+        item.Price = order.Amount
        list = append(list, item)
    }

@@ -86,3 +120,64 @@ func (l *GetPromotionQueryListLogic) GetPromotionQueryList(req *types.GetPromoti
        List:  list,
    }, nil
 }
+
+// desensitizeParams 对敏感数据进行脱敏处理
+func (l *GetPromotionQueryListLogic) desensitizeParams(params map[string]interface{}) map[string]interface{} {
+    result := make(map[string]interface{})
+    for key, value := range params {
+        if strValue, ok := value.(string); ok {
+            keyLower := strings.ToLower(key)
+            if (strings.Contains(keyLower, "name") || strings.Contains(keyLower, "姓名")) && len(strValue) > 0 {
+                result[key] = l.maskName(strValue)
+            } else if (strings.Contains(keyLower, "idcard") || strings.Contains(keyLower, "id_card") || strings.Contains(keyLower, "身份证")) && len(strValue) > 10 {
+                result[key] = l.maskIDCard(strValue)
+            } else if (strings.Contains(keyLower, "mobile") || strings.Contains(keyLower, "phone") || strings.Contains(keyLower, "手机")) && len(strValue) >= 8 {
+                result[key] = l.maskPhone(strValue)
+            } else {
+                result[key] = strValue
+            }
+        } else {
+            result[key] = value
+        }
+    }
+    return result
+}
+
+// maskName 姓名脱敏
+func (l *GetPromotionQueryListLogic) maskName(name string) string {
+    runes := []rune(name)
+    length := len(runes)
+    if length <= 1 {
+        return name
+    }
+    if length == 2 {
+        return string(runes[0]) + "*"
+    }
+    return string(runes[0]) + strings.Repeat("*", length-2) + string(runes[length-1])
+}
+
+// maskIDCard 身份证号脱敏
+func (l *GetPromotionQueryListLogic) maskIDCard(idCard string) string {
+    length := len(idCard)
+    if length <= 10 {
+        return idCard
+    }
+    // 保留前3位和后4位
+    if length > 7 {
+        return idCard[:3] + strings.Repeat("*", length-7) + idCard[length-4:]
+    }
+    return idCard
+}
+
+// maskPhone 手机号脱敏
+func (l *GetPromotionQueryListLogic) maskPhone(phone string) string {
+    length := len(phone)
+    if length < 8 {
+        return phone
+    }
+    // 保留前3位和后4位
+    if length > 7 {
+        return phone[:3] + strings.Repeat("*", length-7) + phone[length-4:]
+    }
+    return phone
+}
--- a/app/main/api/internal/logic/query/querygeneratesharelinklogic.go
+++ b/app/main/api/internal/logic/query/querygeneratesharelinklogic.go
@@ -82,8 +82,15 @@ func (l *QueryGenerateShareLinkLogic) QueryGenerateShareLink(req *types.QueryGen
 		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "生成分享链接, 获取用户失败: %v", err)
 	}
 	if user.Inside != 1 {
+		// 检查是否是订单所有者或订单的代理
 		if order.UserId != userId {
-			return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "生成分享链接, 无权操作此订单")
+			isAgent, aerr := IsOrderAgent(l.ctx, l.svcCtx, userId, order.Id)
+			if aerr != nil {
+				return nil, aerr
+			}
+			if !isAgent {
+				return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "生成分享链接, 无权操作此订单")
+			}
 		}
 	}

--- a/app/main/api/internal/logic/query/querylistlogic.go
+++ b/app/main/api/internal/logic/query/querylistlogic.go
@@ -2,11 +2,15 @@ package query

 import (
 	"context"
+	"encoding/hex"
+	"encoding/json"
+	"strings"
 	"ycc-server/app/main/api/internal/svc"
 	"ycc-server/app/main/api/internal/types"
 	"ycc-server/app/main/model"
 	"ycc-server/common/ctxdata"
 	"ycc-server/common/xerr"
+	"ycc-server/pkg/lzkit/crypto"

 	"github.com/Masterminds/squirrel"
 	"github.com/jinzhu/copier"
@@ -59,14 +63,42 @@ func (l *QueryListLogic) QueryList(req *types.QueryListReq) (resp *types.QueryLi
 			if findProductErr != nil {
 				return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "报告列表查询, 获取商品信息失败, %+v", err)
 			}
-			
+
 			// 检查订单状态，如果订单已退款，则设置查询状态为已退款
 			order, findOrderErr := l.svcCtx.OrderModel.FindOne(l.ctx, queryModel.OrderId)
-			if findOrderErr == nil && order.Status == model.OrderStatusRefunded {
+			if findOrderErr != nil {
+				return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "报告列表查询, 查询订单信息失败, %+v", findOrderErr)
+			}
+			if order.Status == model.OrderStatusRefunded {
 				query.QueryState = model.QueryStateRefunded
 			}
+
+			// 解密并脱敏params
+			var params map[string]interface{}
+			if queryModel.QueryParams != "" {
+				secretKey := l.svcCtx.Config.Encrypt.SecretKey
+				key, decodeErr := hex.DecodeString(secretKey)
+				if decodeErr != nil {
+					return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "报告列表查询, 获取AES密钥失败, %+v", decodeErr)
+				}
+				decryptedData, decryptErr := crypto.AesDecrypt(queryModel.QueryParams, key)
+				if decryptErr != nil {
+					return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "报告列表查询, 解密查询参数失败, %+v", decryptErr)
+				}
+				unmarshalErr := json.Unmarshal(decryptedData, &params)
+				if unmarshalErr != nil {
+					return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "报告列表查询, 解析查询参数失败, %+v", unmarshalErr)
+				}
+				// 脱敏处理
+				params = l.desensitizeParams(params)
+			} else {
+				params = make(map[string]interface{})
+			}
+
 			query.ProductName = product.ProductName
 			query.Product = product.ProductEn
+			query.Params = params
+			query.Price = order.Amount
 			list = append(list, query)
 		}
 	}
@@ -76,3 +108,64 @@ func (l *QueryListLogic) QueryList(req *types.QueryListReq) (resp *types.QueryLi
 		List:  list,
 	}, nil
 }
+
+// desensitizeParams 对敏感数据进行脱敏处理
+func (l *QueryListLogic) desensitizeParams(params map[string]interface{}) map[string]interface{} {
+	result := make(map[string]interface{})
+	for key, value := range params {
+		if strValue, ok := value.(string); ok {
+			keyLower := strings.ToLower(key)
+			if (strings.Contains(keyLower, "name") || strings.Contains(keyLower, "姓名")) && len(strValue) > 0 {
+				result[key] = l.maskName(strValue)
+			} else if (strings.Contains(keyLower, "idcard") || strings.Contains(keyLower, "id_card") || strings.Contains(keyLower, "身份证")) && len(strValue) > 10 {
+				result[key] = l.maskIDCard(strValue)
+			} else if (strings.Contains(keyLower, "mobile") || strings.Contains(keyLower, "phone") || strings.Contains(keyLower, "手机")) && len(strValue) >= 8 {
+				result[key] = l.maskPhone(strValue)
+			} else {
+				result[key] = strValue
+			}
+		} else {
+			result[key] = value
+		}
+	}
+	return result
+}
+
+// maskName 姓名脱敏
+func (l *QueryListLogic) maskName(name string) string {
+	runes := []rune(name)
+	length := len(runes)
+	if length <= 1 {
+		return name
+	}
+	if length == 2 {
+		return string(runes[0]) + "*"
+	}
+	return string(runes[0]) + strings.Repeat("*", length-2) + string(runes[length-1])
+}
+
+// maskIDCard 身份证号脱敏
+func (l *QueryListLogic) maskIDCard(idCard string) string {
+	length := len(idCard)
+	if length <= 10 {
+		return idCard
+	}
+	// 保留前3位和后4位
+	if length > 7 {
+		return idCard[:3] + strings.Repeat("*", length-7) + idCard[length-4:]
+	}
+	return idCard
+}
+
+// maskPhone 手机号脱敏
+func (l *QueryListLogic) maskPhone(phone string) string {
+	length := len(phone)
+	if length < 8 {
+		return phone
+	}
+	// 保留前3位和后4位
+	if length > 7 {
+		return phone[:3] + strings.Repeat("*", length-7) + phone[length-4:]
+	}
+	return phone
+}