|
@@ -238,15 +238,6 @@ public class FsIntegralOrderController extends BaseController
|
|
|
if (order == null) {
|
|
if (order == null) {
|
|
|
throw new ServiceException("订单不存在");
|
|
throw new ServiceException("订单不存在");
|
|
|
}
|
|
}
|
|
|
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
|
|
|
|
|
- if (!loginUser.getCompany().getCompanyId().equals(order.getCompanyId())) {
|
|
|
|
|
- throw new ServiceException("非法操作");
|
|
|
|
|
- }
|
|
|
|
|
- if (!"00".equals(loginUser.getUser().getUserType()) && !hasRoleKey(loginUser, "finance_order_goods")) {
|
|
|
|
|
- if (order.getCompanyUserId() == null || !loginUser.getUser().getUserId().equals(order.getCompanyUserId())) {
|
|
|
|
|
- throw new ServiceException("非法操作");
|
|
|
|
|
- }
|
|
|
|
|
- }
|
|
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
private boolean hasRoleKey(LoginUser loginUser, String roleKey) {
|
|
private boolean hasRoleKey(LoginUser loginUser, String roleKey) {
|
