Home Explore Help
Sign In
wangqifan
/
nanjing_nft
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

log

(cherry picked from commit ebdc05ed8760c6bb2169eb0072e620bf9a55eaa6)
xiongzhu 4 years ago
parent
35a23ee5c1
commit
5adef4d930
1 changed files with 21 additions and 1 deletions
Split View Show Diff Stats
  1. 21 1
      src/main/java/com/izouma/nineth/service/OrderService.java

+ 21 - 1
src/main/java/com/izouma/nineth/service/OrderService.java
View File 

@@ -32,6 +32,7 @@ import com.izouma.nineth.security.Authority;
 
 import com.izouma.nineth.service.sms.SmsService;
 
 import com.izouma.nineth.utils.AESEncryptUtil;
 
 import com.izouma.nineth.utils.JpaUtils;
 
+import com.izouma.nineth.utils.SecurityUtils;
 
 import com.izouma.nineth.utils.SnowflakeIdWorker;
 
 import lombok.AllArgsConstructor;
 
 import lombok.extern.slf4j.Slf4j;
 
@@ -358,12 +359,18 @@ public class OrderService {
 
 
     @Cacheable(value = "adapay", key = "#id+'_'+#payChannel")
 
     public Object payAdapay(Long id, String payChannel, String openId) throws BaseAdaPayException {
 
+
 
         List<String> aliChannels = Arrays.asList("alipay", "alipay_qr", "alipay_wap");
 
         List<String> wxChannels = Arrays.asList("wx_pub", "wx_lite");
 
         if (!aliChannels.contains(payChannel) && !wxChannels.contains(payChannel)) {
 
             throw new BusinessException("不支持此渠道");
 
         }
 
         Order order = orderRepo.findByIdAndDelFalse(id).orElseThrow(new BusinessException("订单不存在"));
 
+        if (SecurityUtils.getAuthenticatedUser() != null
 
+                && !SecurityUtils.getAuthenticatedUser().getId().equals(order.getUserId())) {
 
+            log.error("payAdapay userId错误 requestUserId={} orderUserId={}",
 
+                    SecurityUtils.getAuthenticatedUser().getId(), order.getUserId());
 
+        }
 
         Collection collection = collectionRepo.findById(order.getCollectionId())
 
                 .orElseThrow(new BusinessException("藏品不存在"));
 
         User invitor = null;
 
@@ -769,7 +776,20 @@ public class OrderService {
 
     }
 
 
     public Object queryCreateOrder(String id) {
 
-        return redisTemplate.opsForValue().get(RedisKeys.CREATE_ORDER + id);
 
+        Object res = redisTemplate.opsForValue().get(RedisKeys.CREATE_ORDER + id);
 
+        if (res != null) {
 
+            if (res instanceof Map) {
 
+                if (MapUtils.getBooleanValue((Map) res, "success", false)) {
 
+                    Order order = (Order) MapUtils.getObject((Map) res, "data");
 
+                    if (!SecurityUtils.getAuthenticatedUser().getId().equals(order.getUserId())) {
 
+                        log.error("queryCreateOrder userId错误 requestUserId={} orderUserId={}",
 
+                                SecurityUtils.getAuthenticatedUser().getId(), order.getUserId());
 
+                        return null;
 
+                    }
 
+                }
 
+            }
 
+        }
 
+        return res;
 
     }
 
 
     // 获取订单锁,有效时间1小时