8 months ago · dd3c338886
--- a/apis/Lepao/Account/Admin/ChangeLepaoCount.js
+++ b/apis/Lepao/Account/Admin/ChangeLepaoCount.js
@@ -0,0 +1,55 @@
 
				+const API = require("../../../../lib/API");
			
 
				+const db = require("../../../../plugin/DataBase/db");
			
 
				+const AccessControl = require("../../../../lib/AccessControl");
			
 
				+const { BaseStdResponse } = require("../../../../BaseStdResponse");
			
 
				+
			
 
				+class ChangeLepaoCount extends API {
			
 
				+    constructor() {
			
 
				+        super()
			
 
				+
			
 
				+        this.setPath('/Admin/User/ChangeLepaoCount')
			
 
				+        this.setMethod('POST')
			
 
				+    }
			
 
				+
			
 
				+    async onRequest(req, res) {
			
 
				+        let {
			
 
				+            uuid,
			
 
				+            session,
			
 
				+            userid,
			
 
				+            lepao_count
			
 
				+        } = req.body
			
 
				+
			
 
				+        if ([uuid, session, userid, lepao_count].some(value => value === '' || value === null || value === undefined))
			
 
				+            return res.json({
			
 
				+                ...BaseStdResponse.MISSING_PARAMETER
			
 
				+            })
			
 
				+
			
 
				+        // 检查 session
			
 
				+        if (!await AccessControl.checkSession(uuid, session))
			
 
				+            return res.status(401).json({
			
 
				+                ...BaseStdResponse.ACCESS_DENIED
			
 
				+            })
			
 
				+
			
 
				+        // 检查权限
			
 
				+        let permission = await AccessControl.getPermission(uuid)
			
 
				+        if (!permission.includes("admin") && !permission.includes("service"))
			
 
				+            return res.json({
			
 
				+                ...BaseStdResponse.PERMISSION_DENIED
			
 
				+            })
			
 
				+
			
 
				+
			
 
				+        let sql = 'UPDATE users SET lepao_count = ? WHERE uuid = ?'
			
 
				+        let r = await db.query(sql, [lepao_count, userid])
			
 
				+        if (!r || r.affectedRows !== 1)
			
 
				+            return res.json({
			
 
				+                ...BaseStdResponse.DATABASE_ERR
			
 
				+            })
			
 
				+
			
 
				+        res.json({
			
 
				+            ...BaseStdResponse.OK
			
 
				+        })
			
 
				+
			
 
				+    }
			
 
				+}
			
 
				+
			
 
				+module.exports.ChangeLepaoCount = ChangeLepaoCount
			
--- a/apis/Order/CallBack.js
+++ b/apis/Order/CallBack.js
@@ -26,6 +26,8 @@ class CallBack extends API {
 
				             })
			
 
				         }
			
 
				 
			
 
				+        this.logger.info(`收到支付回调。订单号：${out_trade_no}`)
			
 
				+
			
 
				         // 签名校验
			
 
				         const rawParams = {
			
 
				             money, name, out_trade_no, pid, trade_no, trade_status, type
			
@@ -43,7 +45,8 @@ class CallBack extends API {
 
				         if (trade_status !== 'TRADE_SUCCESS') {
			
 
				             const sql = 'UPDATE orders SET state = 3, pay_id = ? WHERE orderId = ?'
			
 
				             await db.query(sql, [trade_no, out_trade_no])
			
 
				-            return res.send('fail')
			
 
				+            this.logger.info(`支付未成功。订单号：${out_trade_no}`)
			
 
				+            return res.send('success')
			
 
				         }
			
 
				 
			
 
				         try {
			
@@ -90,6 +93,8 @@ class CallBack extends API {
 
				                 sql = 'UPDATE orders SET state = 2 WHERE orderId = ?'
			
 
				                 await db.query(sql, [out_trade_no])
			
 
				 
			
 
				+                this.logger.info(`支付成功，订单处理完毕。订单号：${out_trade_no}`)
			
 
				+
			
 
				                 return res.send('success')
			
 
				             } else {
			
 
				                 this.logger.warn(`订单不存在或已处理，订单号：${out_trade_no}`)