交易密码

src/main/java/com/izouma/nineth/service/AssetService.java

@@ -29,6 +29,7 @@ import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.scheduling.annotation.Async;
 import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
 import javax.persistence.criteria.Predicate;
@@ -57,6 +58,7 @@ public class AssetService {
     private ShowroomRepo            showroomRepo;
     private ShowCollectionRepo      showCollectionRepo;
     private CollectionPrivilegeRepo collectionPrivilegeRepo;
+    private PasswordEncoder         passwordEncoder;
 
 
     public Page<Asset> all(PageQuery pageQuery) {
@@ -167,7 +169,7 @@ public class AssetService {
         assetRepo.save(asset);
     }
 
-    public synchronized void consignment(Long id, BigDecimal price) {
+    public synchronized void consignment(Long id, BigDecimal price, String tradeCode) {
         Asset asset = assetRepo.findById(id).orElseThrow(new BusinessException("无记录"));
         if (!asset.getUserId().equals(SecurityUtils.getAuthenticatedUser().getId())) {
             throw new BusinessException("此藏品不属于你");
@@ -184,6 +186,9 @@ public class AssetService {
             throw new BusinessException("需持有满" + holdDays + "天才能寄售上架");
         }
         User owner = userRepo.findById(asset.getUserId()).orElseThrow(new BusinessException("用户不存在"));
+        if (!passwordEncoder.matches(tradeCode, owner.getTradeCode())) {
+            throw new BusinessException("交易密码错误");
+        }
         if (StringUtils.isBlank(owner.getSettleAccountId())) {
             throw new BusinessException("请先绑定银行卡");
         }

src/main/java/com/izouma/nineth/service/GiftOrderService.java

@@ -36,6 +36,7 @@ import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.core.env.Environment;
 import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.ui.Model;
 
@@ -69,14 +70,23 @@ public class GiftOrderService {
     private GeneralProperties generalProperties;
     private SnowflakeIdWorker snowflakeIdWorker;
     private ErrorOrderRepo    errorOrderRepo;
+    private PasswordEncoder   passwordEncoder;
 
     @Transactional
-    public GiftOrder giftWithoutGasFee(Long userId, Long assetId, Long toUserId) {
+    public GiftOrder giftWithoutGasFee(Long userId, Long assetId, Long toUserId, String tradeCode) {
+        if (BigDecimal.ZERO.compareTo(sysConfigService.getBigDecimal("gift_gas_fee")) != 0) {
+            throw new BusinessException("需支付gas费");
+        }
         Asset asset = assetRepo.findById(assetId).orElseThrow(new BusinessException("资产不存在"));
         if (!asset.getUserId().equals(userId)) {
             throw new BusinessException("无权限");
         }
 
+        User user = userRepo.findById(asset.getUserId()).orElseThrow(new BusinessException("用户不存在"));
+        if (!passwordEncoder.matches(tradeCode, user.getTradeCode())) {
+            throw new BusinessException("交易密码错误");
+        }
+
         int holdDays;
         if (ObjectUtils.isEmpty(asset.getHoldDays())) {
             holdDays = sysConfigService.getInt("hold_days");
@@ -123,15 +133,20 @@ public class GiftOrderService {
     }
 
     @Transactional
-    public GiftOrder gift(Long userId, Long assetId, Long toUserId) {
+    public GiftOrder gift(Long userId, Long assetId, Long toUserId, String tradeCode) {
         if (BigDecimal.ZERO.compareTo(sysConfigService.getBigDecimal("gift_gas_fee")) == 0) {
-            return giftWithoutGasFee(userId, assetId, toUserId);
+            return giftWithoutGasFee(userId, assetId, toUserId, tradeCode);
         }
         Asset asset = assetRepo.findById(assetId).orElseThrow(new BusinessException("资产不存在"));
         if (!asset.getUserId().equals(userId)) {
             throw new BusinessException("无权限");
         }
 
+        User user = userRepo.findById(asset.getUserId()).orElseThrow(new BusinessException("用户不存在"));
+        if (!passwordEncoder.matches(tradeCode, user.getTradeCode())) {
+            throw new BusinessException("交易密码错误");
+        }
+
         int holdDays;
         if (ObjectUtils.isEmpty(asset.getHoldDays())) {
             holdDays = sysConfigService.getInt("hold_days");

src/main/java/com/izouma/nineth/service/UserBalanceService.java

@@ -107,14 +107,14 @@ public class UserBalanceService {
                     .divide(new BigDecimal("100"), 2, RoundingMode.HALF_UP);
 
             totalAmount = totalAmount.add(order.getTotalPrice());
-            royaltiesAmount = order.getTotalPrice()
+            royaltiesAmount = royaltiesAmount.add(order.getTotalPrice()
                     .subtract(order.getGasPrice())
                     .multiply(BigDecimal.valueOf(order.getRoyalties()))
-                    .divide(new BigDecimal("100"), 2, RoundingMode.HALF_UP);
-            serviceChargeAmount = order.getTotalPrice()
+                    .divide(new BigDecimal("100"), 2, RoundingMode.HALF_UP));
+            serviceChargeAmount = serviceChargeAmount.add(order.getTotalPrice()
                     .subtract(order.getGasPrice())
                     .multiply(BigDecimal.valueOf(order.getServiceCharge()))
-                    .divide(new BigDecimal("100"), 2, RoundingMode.HALF_UP);
+                    .divide(new BigDecimal("100"), 2, RoundingMode.HALF_UP));
 
             userBalance.setLastBalance(userBalance.getBalance());
             userBalance.setBalance(userBalance.getBalance().add(amount));

src/main/java/com/izouma/nineth/web/AssetController.java

@@ -50,7 +50,7 @@ public class AssetController extends BaseController {
     //@PreAuthorize("hasRole('ADMIN')")
     @PostMapping("/all")
     public Page<Asset> all(@RequestBody PageQuery pageQuery) {
-        pageQuery.getQuery().put("userId",SecurityUtils.getAuthenticatedUser().getId());
+        pageQuery.getQuery().put("userId", SecurityUtils.getAuthenticatedUser().getId());
         return assetService.all(pageQuery);
     }
 
@@ -94,8 +94,8 @@ public class AssetController extends BaseController {
 
     @PostMapping("/consignment")
     @ApiOperation("寄售")
-    public void consignment(@RequestParam Long id, @RequestParam BigDecimal price) {
-        assetService.consignment(id, price);
+    public void consignment(@RequestParam Long id, @RequestParam BigDecimal price, @RequestParam String tradeCode) {
+        assetService.consignment(id, price, tradeCode);
     }
 
     @PostMapping("/cancelConsignment")
@@ -106,13 +106,13 @@ public class AssetController extends BaseController {
 
     @PostMapping("/gift")
     @ApiOperation("转赠")
-    public GiftOrder gift(@RequestParam Long assetId, @RequestParam Long toUserId) {
-        return giftOrderService.gift(SecurityUtils.getAuthenticatedUser().getId(), assetId, toUserId);
+    public GiftOrder gift(@RequestParam Long assetId, @RequestParam Long toUserId, @RequestParam String tradeCode) {
+        return giftOrderService.gift(SecurityUtils.getAuthenticatedUser().getId(), assetId, toUserId, tradeCode);
     }
 
     @PostMapping("/giftWithoutGasFee")
     @ApiOperation("转赠(无gas费)")
-    public GiftOrder giftWithoutGasFee(@RequestParam Long assetId, @RequestParam Long toUserId) {
+    public GiftOrder giftWithoutGasFee(@RequestParam Long assetId, @RequestParam Long toUserId, @RequestParam String tradeCode) {
         return giftOrderService.giftWithoutGasFee(SecurityUtils.getAuthenticatedUser().getId(), assetId, toUserId);
     }