framework/src/main/java/cn/lili/modules/lmk/enums/general/AdminRoleEnum.java
New file @@ -0,0 +1,25 @@ package cn.lili.modules.lmk.enums.general; import lombok.Getter; @Getter public enum AdminRoleEnum { ORDER_INFO_PERMISSION("order_info_permission","订单敏感信息"), COUPON_PERMISSION("coupon_permission","优惠卷敏感信息"); private String value; private String desc; AdminRoleEnum(String value, String desc) { this.value = value; this.desc = desc; } public static AdminRoleEnum getByValue(String value) { for (AdminRoleEnum e : AdminRoleEnum.values()) { if (e.value.equals(value)) { return e; } } return null; } } framework/src/main/java/cn/lili/modules/lmk/service/impl/MyCollectServiceImpl.java
@@ -3,11 +3,14 @@ import cn.lili.common.enums.CollectTypeEnum; import cn.lili.common.properties.RocketmqCustomProperties; import cn.lili.common.security.context.UserContext; import cn.lili.common.vo.PageVO; import cn.lili.modules.goods.entity.vos.GoodsVO; import cn.lili.modules.lmk.domain.query.AuthorVideoQuery; import cn.lili.modules.lmk.domain.vo.*; import cn.lili.modules.lmk.service.MySubscribeService; import cn.lili.modules.lmk.service.VideoService; import cn.lili.modules.member.entity.vo.GoodsCollectionVO; import cn.lili.modules.member.service.GoodsCollectionService; import cn.lili.rocketmq.RocketmqSendCallbackBuilder; import cn.lili.rocketmq.tags.CommentTagsEnum; import cn.lili.rocketmq.tags.VideoTagsEnum; @@ -52,8 +55,7 @@ private final LmkFileServiceImpl fileService; private final RocketMQTemplate rocketMQTemplate; private final VideoServiceMakeUpImpl serviceMakeUp; private final GoodsCollectionService goodsCollectionService; /** * 收藏/取消收藏 @@ -200,7 +202,15 @@ videoQuery.setPageNumber(query.getPageNumber()); return serviceMakeUp.getAuthorCollectVideoPage(videoQuery); }else if (CollectTypeEnum.goods.getType().equals(query.getType())) { baseMapper.getGoodsCollectPage(page, userId); PageVO pageVo = new PageVO(); pageVo.setPageSize((int) query.getPageSize()); pageVo.setPageNumber((int) query.getPageNumber()); IPage<GoodsCollectionVO> goodsCollectionVOIPage = goodsCollectionService.goodsCollection(pageVo); for (GoodsCollectionVO goodsCollectionVO : goodsCollectionVOIPage.getRecords()) { goodsCollectionVO.setImage(fileService.getPreviewUrl(goodsCollectionVO.getImage())); } return Result.ok().data(goodsCollectionVOIPage.getRecords()).total(goodsCollectionVOIPage.getTotal()); }
@@ -153,6 +153,12 @@ @ApiModelProperty(value = "卖家订单备注") private String sellerRemark; /** * 敏感信息 */ private String consigneeName; private String consigneeMobile; public List<OrderItemVO> getOrderItems() { if (CharSequenceUtil.isEmpty(groupGoodsId)) { return new ArrayList<>(); framework/src/main/java/cn/lili/modules/order/order/mapper/OrderMapper.java
@@ -82,8 +82,10 @@ * @return 简短订单分页 */ @Select("select o.sn,o.flow_price,o.create_time,o.order_status,o.pay_status,o.payment_method,o.payment_time,o.member_name,o.store_name as " + "store_name,o.store_id as store_id,o.client_type,o.order_type,o.deliver_status,o.order_promotion_type,o.seller_remark " + ",GROUP_CONCAT(oi.goods_id) as group_goods_id," + "store_name,o.store_id as store_id,o.client_type,o.order_type,o.deliver_status,o.order_promotion_type,o.seller_remark, " + "o.consignee_name AS consigneeName," + "o.consignee_mobile AS consigneeMobile," + " GROUP_CONCAT(oi.goods_id) as group_goods_id," + " GROUP_CONCAT(oi.sku_id) as group_sku_id," + " GROUP_CONCAT(oi.num) as group_num" + ",GROUP_CONCAT(oi.image) as group_images" + framework/src/main/java/cn/lili/modules/order/order/serviceimpl/OrderServiceImpl.java
@@ -16,6 +16,7 @@ import cn.lili.common.event.TransactionCommitSendMQEvent; import cn.lili.common.exception.ServiceException; import cn.lili.common.properties.RocketmqCustomProperties; import cn.lili.common.security.AuthUser; import cn.lili.common.security.OperationalJudgment; import cn.lili.common.security.context.UserContext; import cn.lili.common.security.enums.UserEnums; @@ -25,6 +26,7 @@ import cn.lili.modules.goods.entity.dos.Goods; import cn.lili.modules.goods.entity.dto.GoodsCompleteMessage; import cn.lili.modules.goods.service.GoodsService; import cn.lili.modules.lmk.enums.general.AdminRoleEnum; import cn.lili.modules.member.entity.dto.MemberAddressDTO; import cn.lili.modules.order.cart.entity.dto.TradeDTO; import cn.lili.modules.order.cart.entity.enums.DeliveryMethodEnum; @@ -38,6 +40,9 @@ import cn.lili.modules.order.trade.entity.dos.OrderLog; import cn.lili.modules.order.trade.service.OrderLogService; import cn.lili.modules.payment.entity.enums.PaymentMethodEnum; import cn.lili.modules.permission.entity.dos.AdminUser; import cn.lili.modules.permission.service.AdminUserService; import cn.lili.modules.permission.service.RoleService; import cn.lili.modules.promotion.entity.dos.Pintuan; import cn.lili.modules.promotion.service.PintuanService; import cn.lili.modules.store.entity.dto.StoreDeliverGoodsAddressDTO; @@ -61,6 +66,7 @@ import cn.lili.trigger.model.TimeTriggerMsg; import cn.lili.trigger.util.DelayQueueTools; import cn.lili.utils.COSUtil; import cn.lili.utils.CommonUtil; import com.baomidou.mybatisplus.core.conditions.Wrapper; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; @@ -88,7 +94,7 @@ import java.net.URLEncoder; import java.util.*; import java.util.stream.Collectors; import cn.lili.modules.permission.entity.dos.Role; /** * 子订单业务层实现 * @@ -175,6 +181,12 @@ private GoodsService goodsService; @Autowired private COSUtil cosUtil; @Autowired private AdminUserService adminUserService; @Autowired private RoleService roleService; @Override @Transactional(rollbackFor = Exception.class) public void intoDB(TradeDTO tradeDTO) { @@ -233,8 +245,18 @@ QueryWrapper queryWrapper = orderSearchParams.queryWrapper(); queryWrapper.groupBy("o.id"); queryWrapper.orderByDesc("o.id"); return this.baseMapper.queryByParams(PageUtil.initPage(orderSearchParams), queryWrapper); IPage<OrderSimpleVO> page = this.baseMapper.queryByParams(PageUtil.initPage(orderSearchParams), queryWrapper); if (!adminUserService.havePermissionRole(AdminRoleEnum.ORDER_INFO_PERMISSION)){ for (OrderSimpleVO vo : page.getRecords()){ vo.setConsigneeName(CommonUtil.maskName(vo.getConsigneeName())); vo.setConsigneeMobile(CommonUtil.maskMobile(vo.getConsigneeMobile())); } } return page; } @Override public IPage<OrderSimpleXcxVO> queryByXcxParams(OrderSearchXcxParams orderSearchParams) { @@ -376,8 +398,17 @@ @Override public void queryExportOrder(HttpServletResponse response, OrderSearchParams orderSearchParams) { List<OrderExportDTO> orderExportDTOS = this.baseMapper.queryExportOrder(orderSearchParams.queryWrapper()); XSSFWorkbook workbook = initOrderExportData(this.baseMapper.queryExportOrder(orderSearchParams.queryWrapper())); if (!adminUserService.havePermissionRole(AdminRoleEnum.ORDER_INFO_PERMISSION)){ for (OrderExportDTO vo : orderExportDTOS){ vo.setConsigneeName(CommonUtil.maskName(vo.getConsigneeName())); vo.setConsigneeMobile(CommonUtil.maskMobile(vo.getConsigneeMobile())); } } XSSFWorkbook workbook = initOrderExportData(orderExportDTOS); try { // 设置响应头 String fileName = URLEncoder.encode("订单列表", "UTF-8"); framework/src/main/java/cn/lili/modules/permission/service/AdminUserService.java
@@ -3,6 +3,7 @@ import cn.lili.common.security.enums.UserEnums; import cn.lili.common.security.token.Token; import cn.lili.modules.lmk.enums.general.AdminRoleEnum; import cn.lili.modules.permission.entity.dos.AdminUser; import cn.lili.modules.permission.entity.dto.AdminUserDTO; import cn.lili.modules.permission.entity.vo.AdminUserVO; @@ -42,6 +43,9 @@ AdminUser findByUsername(String username); AdminUser findByUserById(String id); boolean havePermissionRole(AdminRoleEnum adminRoleEnum); /** * 更新管理员 * framework/src/main/java/cn/lili/modules/permission/service/RoleService.java
@@ -14,6 +14,8 @@ */ public interface RoleService extends IService<Role> { List<Role> findRoles(List<String> ids); /** * 获取默认角色 * framework/src/main/java/cn/lili/modules/permission/serviceimpl/AdminUserServiceImpl.java
@@ -11,6 +11,7 @@ import cn.lili.common.security.token.Token; import cn.lili.common.utils.BeanUtil; import cn.lili.common.utils.StringUtils; import cn.lili.modules.lmk.enums.general.AdminRoleEnum; import cn.lili.modules.permission.entity.dos.AdminUser; import cn.lili.modules.permission.entity.dos.Department; import cn.lili.modules.permission.entity.dos.Role; @@ -163,7 +164,35 @@ public AdminUser findByUsername(String username) { return getOne(new LambdaQueryWrapper<AdminUser>().eq(AdminUser::getUsername, username), false); } @Override public AdminUser findByUserById(String id){ return getOne(new LambdaQueryWrapper<AdminUser>().eq(AdminUser::getId,id).eq(AdminUser::getDeleteFlag,Boolean.FALSE),false); } @Override public boolean havePermissionRole(AdminRoleEnum adminRoleEnum) { AuthUser currentUser = UserContext.getCurrentUser(); boolean orderInfoPermission = false; if (currentUser != null) { if (currentUser.getIsSuper()){ orderInfoPermission = true; }else { if (StringUtils.isNotBlank(currentUser.getId())){ AdminUser adminUser = this.findByUserById(currentUser.getId()); String[] roleIds = adminUser.getRoleIds().split(","); List<Role> list = roleService.findRoles(Arrays.asList(roleIds)); for (Role item: list){ if (adminRoleEnum.getValue().equals(item.getName())){ orderInfoPermission = true; break; } } } } } return orderInfoPermission; } @Override @SystemLogPoint(description = "修改管理员", customerLog = "'修改管理员:'+#adminUser.username") framework/src/main/java/cn/lili/modules/permission/serviceimpl/RoleServiceImpl.java
@@ -12,6 +12,7 @@ import cn.lili.modules.permission.service.RoleService; import cn.lili.modules.permission.service.UserRoleService; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -45,6 +46,12 @@ private Cache cache; @Override public List<Role> findRoles(List<String> ids){ return new LambdaQueryChainWrapper<>(baseMapper) .in(Role::getId,ids).eq(Role::getDeleteFlag,Boolean.FALSE).list(); } @Override public List<Role> findByDefaultRole(Boolean defaultRole) { QueryWrapper<Role> queryWrapper = new QueryWrapper<>(); queryWrapper.eq("default_role", true); framework/src/main/java/cn/lili/utils/CommonUtil.java
New file @@ -0,0 +1,41 @@ package cn.lili.utils; import cn.lili.common.utils.StringUtils; /** * lmk-shop-java * 工具 * * @author : zxl * @date : 2025-08-07 14:40 **/ public class CommonUtil { public static String maskName(String name) { if (StringUtils.isBlank(name)) { return ""; } // 规则:保留第一个字符,其余替换为 * return name.charAt(0) + StringUtils.repeat("*", name.length() - 1); } /** * 通用手机号脱敏:无论位数多少,均替换中间4位 * 示例: * - 13812345678 → 138****5678 * - 12345678 → 12****78 * - 12345 → 1****5 (不足4位时全部替换) */ public static String maskMobile(String mobile) { String digits = mobile.replaceAll("[^0-9]", ""); int length = digits.length(); // 2. 短号码直接隐藏 if (length <= 4) { return "****"; } // 3. 保留前2位和后2位,替换中间 return digits.replaceAll("(\\d{2})\\d+(\\d{2})", "$1****$2"); } } manager-api/src/main/java/cn/lili/controller/order/OrderManagerController.java
@@ -67,6 +67,7 @@ @ApiOperation(value = "查询订单导出列表") @GetMapping("/queryExportOrder") public void queryExportOrder(OrderSearchParams orderSearchParams) { HttpServletResponse response = ThreadContextHolder.getHttpResponse(); orderService.queryExportOrder(response,orderSearchParams); }
