From f9569be7dc3cda974321833d436ee6dbe38a86b7 Mon Sep 17 00:00:00 2001 From: yaooo <272523191@qq.com> Date: Fri, 8 Sep 2023 16:42:44 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E5=95=86=E5=AE=B6=E5=88=A0?= =?UTF-8?q?=E9=99=A4=E5=A7=94=E6=89=98=E5=95=86=E5=93=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controller/api/community/Community.php | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/app/controller/api/community/Community.php b/app/controller/api/community/Community.php index bf19598e..9ae1818e 100644 --- a/app/controller/api/community/Community.php +++ b/app/controller/api/community/Community.php @@ -673,16 +673,16 @@ class Community extends BaseController if ($communityInfo['mer_status'] > 0) { return app('json')->fail('该委托商品已审核'); } - $merchantId = Db::name('merchant')->where('uid', $this->request->uid())->value('mer_id'); - if ($merchantId != $communityInfo['entrust_mer_id']) { - return app('json')->fail('当前商户无审核此委托商品权限'); - } $status = $this->request->param('status'); if (!$status) { return app('json')->fail('请设置审核状态'); } // 同意 if ($status == 1) { + $merchantId = Db::name('merchant')->where('uid', $this->request->uid())->value('mer_id'); + if ($merchantId != $communityInfo['entrust_mer_id']) { + return app('json')->fail('当前商户无审核此委托商品权限'); + } $res = Db::name('community')->where('community_id', $id)->where('is_del', 0)->update(['status' => $status, 'mer_status' => 1, 'entrust_start_date' =>date('Y-m-d H:i:s')]); if (!$res) { return app('json')->fail('审核失败'); @@ -690,6 +690,10 @@ class Community extends BaseController } // 拒绝 if ($status == 2) { + $merchantId = Db::name('merchant')->where('uid', $this->request->uid())->value('mer_id'); + if ($merchantId != $communityInfo['entrust_mer_id']) { + return app('json')->fail('当前商户无审核此委托商品权限'); + } $refusal = $this->request->param('refusal', ''); Db::startTrans(); try { @@ -708,6 +712,9 @@ class Community extends BaseController } // 删除 if ($status == 3) { + if ($communityInfo['uid'] != $this->request->uid()) { + return app('json')->fail('当前商户无删除此委托商品权限'); + } Db::startTrans(); try { $list = Db::name('entrust')->where('community_id', $id)->where('is_del', 0)->where('status', 0)->select();