gold-java/src/main/java/com/example/demo/controller/cash/CashRefundController.java

package com.example.demo.controller.cash;

import com.example.demo.Util.JWTUtil;
import com.example.demo.domain.entity.Admin;
import com.example.demo.domain.vo.cash.CashCollection;
import com.example.demo.domain.vo.coin.Page;
import com.example.demo.domain.vo.coin.Result;
import com.example.demo.service.coin.MarketService;
import com.example.demo.serviceImpl.cash.CashRefundServiceImpl;
import com.github.pagehelper.PageInfo;
import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.ObjectUtils;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import java.util.Arrays;
import java.util.List;

/**
 * @program: GOLD
 * @ClassName RefundController
 * @description:
 * @author: huangqizhen
 * @create: 2025−09-26 14:15
 * @Version 1.0
 **/
@RestController
@RequestMapping("/Money")
@RequiredArgsConstructor
@Slf4j
@CrossOrigin
public class CashRefundController {
    @Autowired
    private CashRefundServiceImpl cashRefundServiceImpl;
    @Autowired
    MarketService marketService;
    @PostMapping("/select")
    public Result select(@RequestBody Page page) throws Exception {
        // 获取当前请求对象
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        String token = request.getHeader("token");

// 解析 token 获取用户信息
        Admin admin = (Admin) JWTUtil.getUserDetailsList(String.valueOf(token), Admin.class);
        List<String> userMarkets = Arrays.asList(StringUtils.split(admin.getMarkets(), ","));
        List<String> markets = marketService.getMarketIds(userMarkets);

// 校验分页参数
        if (ObjectUtils.isEmpty(page.getPageNum())) {
            return Result.error("页码数为空！");
        }
        if (ObjectUtils.isEmpty(page.getPageSize())) {
            return Result.error("页大小为空！");
        }

// 获取传入的市场列表
        List<String> requestedMarkets = page.getGoldDetail() != null ? page.getGoldDetail().getMarkets() : null;

// 权限校验逻辑
        if (markets.contains("9") || markets.contains("9999")) {
            // 特权市场：9 或 9999，跳过权限校验，直接放行传入的 markets
            // 如果业务需要，也可以在这里做空值处理
            if (page.getGoldDetail() != null) {
                // 保持 requestedMarkets 不变，原样接受
                // 可选：如果 requestedMarkets 为 null，可设为默认值或保持 null
            }
        } else {
            // 普通用户：必须校验权限
            if (requestedMarkets == null || requestedMarkets.isEmpty()) {
                page.getGoldDetail().setMarkets(requestedMarkets);
            }
            if (!markets.containsAll(requestedMarkets)) {
                return Result.error("无权限！请求的市场不在授权范围内。");
            }
            // 校验通过，保持 requestedMarkets 不变
        }
       return Result.success(cashRefundServiceImpl.select(page.getPageNum(),page.getPageSize(),page.getCashCollection()));
    }
    @PostMapping("/add")
    public Result add(@RequestBody CashCollection cashCollection){
        return Result.success(cashRefundServiceImpl.add(cashCollection));
    }
    @PostMapping("/update")
    public Result update(@RequestBody CashCollection cashCollection){
        return Result.success(cashRefundServiceImpl.update(cashCollection));
    }
}