Pchen0
/
ic-ctbu-backend


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
							const API = require("../../../lib/API");
const db = require("../../../plugin/DataBase/db");
const AccessControl = require("../../../lib/AccessControl");
const { BaseStdResponse } = require("../../../BaseStdResponse");

// 添加/编辑商品
class AddProduct extends API {
    constructor() {
        super()

        this.setPath('/Admin/Goods')
        this.setMethod('POST')
    }

    async onRequest(req, res) {

        let {
            uuid,
            session,
            id,
            name,
            state,
            content,
            price,
            num,
            lepao_count,
            ic_count,
            icon,
            description,
            features
        } = req.body

        const goodsIcon = (icon && String(icon).trim()) ? String(icon).trim().slice(0, 16) : '🏃'
        const goodsDesc = description != null ? String(description).trim().slice(0, 200) : ''
        let goodsFeatures = '[]'
        if (features != null && features !== '') {
            const raw = typeof features === 'string' ? features : JSON.stringify(features)
            try {
                const arr = JSON.parse(raw)
                goodsFeatures = JSON.stringify(Array.isArray(arr) ? arr.map(s => String(s).trim()).filter(Boolean).slice(0, 6) : [])
            } catch {
                goodsFeatures = '[]'
            }
        }

        if ([uuid, session, name, state, content, price, num, lepao_count, ic_count].some(value => value === '' || value === null || value === undefined))
            return res.json({
                ...BaseStdResponse.MISSING_PARAMETER
            })

        // 检查 session
        if (!await AccessControl.checkSession(uuid, session))
            return res.status(401).json({
                ...BaseStdResponse.ACCESS_DENIED
            })

        // 检查权限
        let permission = await AccessControl.getPermission(uuid)
        if (!permission.includes("admin") && !permission.includes("product"))
            return res.json({
                ...BaseStdResponse.PERMISSION_DENIED
            })

        let sql, r
        const time = new Date().getTime()

        if (!id) {
            sql = 'INSERT INTO goods (name, create_user, create_time, update_time, state, content, price, lepao_count, ic_count, num, icon, description, features) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'
            r = await db.query(sql, [name, uuid, time, time, state, content, price, lepao_count, ic_count, num, goodsIcon, goodsDesc, goodsFeatures])
        } else {
            sql = 'UPDATE goods SET name = ?, update_user = ?, update_time = ?, state = ?, content = ?, price = ?, lepao_count = ?, ic_count = ?, num = ?, icon = ?, description = ?, features = ? WHERE id = ?'
            r = await db.query(sql, [name, uuid, time, state, content, price, lepao_count, ic_count, num, goodsIcon, goodsDesc, goodsFeatures, id])
        }

        try {
            if (r && r.affectedRows > 0) {
                res.json({
                    ...BaseStdResponse.OK
                })
            } else {
                res.json({ ...BaseStdResponse.ERR, endpoint: 7894378, msg: '编辑商品失败！数据库错误！请检查参数是否正确' })
            }
        } catch (err) {
            this.logger.error(`编辑商品失败！${err.stack}`)
            res.json({
                ...BaseStdResponse.ERR,
                msg: "编辑商品失败！",
            });
        }
    }
}

module.exports.AddProduct = AddProduct;