1 Minggu lalu · 1a50a8c746
--- a/fuintBackend/fuint-application/src/main/java/com/fuint/module/backendApi/controller/BackendAccountController.java
+++ b/fuintBackend/fuint-application/src/main/java/com/fuint/module/backendApi/controller/BackendAccountController.java
@@ -291,11 +291,12 @@ public class BackendAccountController extends BaseController {
 
				             return getFailureResult(201, "不能修改自己的权限");
			
 
				         }
			
 
				 
			
 
				-        if ("admin".equals(loginAccount.getAccountName())){
			
 
				+        TAccount tAccount = tAccountService.getAccountInfoById(id);
			
 
				+
			
 
				+        if ("admin".equals(tAccount.getAccountName())){
			
 
				             return getFailureResult(201, "抱歉，不能修改超级管理员的信息");
			
 
				         }
			
 
				 
			
 
				-        TAccount tAccount = tAccountService.getAccountInfoById(id);
			
 
				         tAccount.setAcctId(id);
			
 
				         tAccount.setRealName(realName);
			
 
				 
			
@@ -438,6 +439,10 @@ public class BackendAccountController extends BaseController {
 
				             return getFailureResult(1001, "请先登录");
			
 
				         }
			
 
				 
			
 
				+        if (!StringUtil.equals(accountDto.getAccountName(), "admin")) {
			
 
				+            return getFailureResult(201, "不能修改超级管理员密码");
			
 
				+        }
			
 
				+
			
 
				         TAccount tAccount = tAccountService.getAccountInfoById(userId);
			
 
				         tAccount.setPassword(password);
			
 
				 
			
--- a/fuintBackend/fuint-application/src/main/java/com/fuint/module/backendApi/controller/BackendGoodsController.java
+++ b/fuintBackend/fuint-application/src/main/java/com/fuint/module/backendApi/controller/BackendGoodsController.java
@@ -2,6 +2,7 @@ package com.fuint.module.backendApi.controller;
 
				 
			
 
				 import com.alibaba.fastjson.JSONArray;
			
 
				 import com.alibaba.fastjson.JSONObject;
			
 
				+import com.baomidou.mybatisplus.core.toolkit.ObjectUtils;
			
 
				 import com.fuint.common.Constants;
			
 
				 import com.fuint.common.dto.*;
			
 
				 import com.fuint.common.enums.GoodsTypeEnum;
			
@@ -18,6 +19,7 @@ import com.fuint.framework.web.ResponseObject;
 
				 import com.fuint.repository.mapper.MtGoodsSkuMapper;
			
 
				 import com.fuint.repository.mapper.MtGoodsSpecMapper;
			
 
				 import com.fuint.repository.model.*;
			
 
				+import com.fuint.utils.ObjectUtil;
			
 
				 import com.fuint.utils.StringUtil;
			
 
				 import io.swagger.annotations.Api;
			
 
				 import io.swagger.annotations.ApiOperation;
			
@@ -200,6 +202,11 @@ public class BackendGoodsController extends BaseController {
 
				         if (accountInfo == null) {
			
 
				             return getFailureResult(1001, "请先登录");
			
 
				         }
			
 
				+
			
 
				+        if (accountInfo.getStoreId() == null || accountInfo.getStoreId() == 0){
			
 
				+            return getFailureResult(1001, "平台账号无权限修改商品");
			
 
				+        }
			
 
				+
			
 
				         String operator = accountInfo.getAccountName();
			
 
				         goodsService.deleteGoods(goodsId, operator);
			
 
				         return getSuccessResult(true);
			
@@ -224,6 +231,10 @@ public class BackendGoodsController extends BaseController {
 
				             return getFailureResult(1001, "请先登录");
			
 
				         }
			
 
				 
			
 
				+        if (accountInfo.getStoreId() == null || accountInfo.getStoreId() == 0){
			
 
				+            return getFailureResult(1001, "平台账号无权限修改商品");
			
 
				+        }
			
 
				+
			
 
				         MtGoods mtGoods = goodsService.queryGoodsById(id);
			
 
				         if (mtGoods == null) {
			
 
				             return getFailureResult(201, "该商品不存在");
			
@@ -381,6 +392,9 @@ public class BackendGoodsController extends BaseController {
 
				         if (accountInfo == null) {
			
 
				             return getFailureResult(1001, "请先登录");
			
 
				         }
			
 
				+        if (accountInfo.getStoreId() == null || accountInfo.getStoreId() == 0){
			
 
				+            return getFailureResult(1001, "平台账号无权限修改商品");
			
 
				+        }
			
 
				 
			
 
				         String goodsId = param.get("goodsId") == null ? "0" : param.get("goodsId").toString();
			
 
				         if (StringUtil.isEmpty(goodsId)) {
			
@@ -403,7 +417,8 @@ public class BackendGoodsController extends BaseController {
 
				         String isMemberDiscount = param.get("isMemberDiscount") == null ? "" : param.get("isMemberDiscount").toString();
			
 
				         String isSingleSpec = param.get("isSingleSpec") == null ? "" : param.get("isSingleSpec").toString();
			
 
				         Long cateId = (param.get("cateId") == null || StringUtil.isEmpty(param.get("cateId").toString())) ? 0 : Long.parseLong(param.get("cateId").toString());
			
 
				-        Long storeId = (param.get("storeId") == null || StringUtil.isEmpty(param.get("storeId").toString())) ? 0 : Long.parseLong(param.get("storeId").toString());
			
 
				+//        Long storeId = (param.get("storeId") == null || StringUtil.isEmpty(param.get("storeId").toString())) ? 0 : Long.parseLong(param.get("storeId").toString());
			
 
				+        Long storeId = accountInfo.getStoreId();
			
 
				         String type = param.get("type") == null ? "" : param.get("type").toString();
			
 
				         String couponIds = param.get("couponIds") == null ? "" : param.get("couponIds").toString();
			
 
				         String serviceTime = param.get("serviceTime") == null ? "0" : param.get("serviceTime").toString();