diff --git a/src/main/java/com/guahao/h5/hsjc/controller/HsjcController.java b/src/main/java/com/guahao/h5/hsjc/controller/HsjcController.java index c9282dc..3483633 100644 --- a/src/main/java/com/guahao/h5/hsjc/controller/HsjcController.java +++ b/src/main/java/com/guahao/h5/hsjc/controller/HsjcController.java @@ -65,7 +65,7 @@ public class HsjcController { @RequestMapping("/opPacscx") @WebLog(description = "opPacscx") - + @CheckPatientId(userIdParam="userId",patientIdParam = "QueryCode") public Object opPacscx(Integer userId, String token, String QueryCode, Integer QueryType, String StartTime, String EndTime) { @@ -150,6 +150,7 @@ public class HsjcController { @RequestMapping("/opDjqr") @WebLog(description = "opDjqr") + @CheckPatientId(userIdParam="userId",patientIdParam = "patientid") public Object opDjqr(Integer userId, String token, String patientid, String jsonData) { try { int retToken = getUserToken(userId, token); @@ -173,6 +174,7 @@ public class HsjcController { @RequestMapping("/opDjcx") @WebLog(description = "opDjcx") + @CheckPatientId(userIdParam="userId",patientIdParam = "PatientId") public Object opDjcx(Integer userId, String token, String PatientId, Integer QueryType, String OrderNo) { try { int retToken = getUserToken(userId, token); @@ -200,6 +202,7 @@ public class HsjcController { @RequestMapping("/GetPdfReportsAddress") @WebLog(description = "GetPdfReportsAddress") + @CheckPatientId(userIdParam="userId",patientIdParam = "PatientsID") public Object GetPdfReportsAddress(Integer userId, String token, String PatientsID, @@ -223,6 +226,7 @@ public class HsjcController { } @RequestMapping("/opLMQuery") @WebLog(description = "opLMQuery") + @CheckPatientId(userIdParam="userId",patientIdParam = "QueryCode") public Object opLMQuery(Integer userId, String token, String QueryCode, Integer QueryType, String StartTime, String EndTime) { try { @@ -240,6 +244,7 @@ public class HsjcController { @RequestMapping("/opLBQuery") @WebLog(description = "opLBQuery") + @CheckPatientId(userIdParam="userId",patientIdParam = "PatientId") public Object opLBQuery(Integer userId, String token, String FlowNo, String PatientId, Integer InsuranceType) { try { diff --git a/src/main/java/com/guahao/h5/reserve/controller/BingAnController.java b/src/main/java/com/guahao/h5/reserve/controller/BingAnController.java index 1793a12..4173cd8 100644 --- a/src/main/java/com/guahao/h5/reserve/controller/BingAnController.java +++ b/src/main/java/com/guahao/h5/reserve/controller/BingAnController.java @@ -2,6 +2,7 @@ package com.guahao.h5.reserve.controller; import com.guahao.WebLog; import com.guahao.common.response.ResponseResult; +import com.guahao.common.util.SafeUtil; import com.guahao.h5.reserve.service.BinganService; import com.guahao.h5.reserve.vo.BingAnPayVO; import com.guahao.h5.reserve.vo.BingAnVO; @@ -35,6 +36,8 @@ public class BingAnController { private TokenService tokenService; @Autowired private BinganService binganService; + @Autowired + private SafeUtil safeUtil; @RequestMapping( value = "/apiBayj", @@ -93,9 +96,14 @@ public class BingAnController { if (retToken != 0) { List list = null; if (patientId != null && !patientId.isEmpty()) { + Boolean hasUser = safeUtil.hasUser(userId, patientId); + if (!hasUser) { + return ResponseResult.sysError("用户未绑定该患者病案信息,无法查询"); + } // 处理 patientId 相关逻辑 log.info("通过patientId查询病案"); list = binganService.apiGetBAListByPatientId(patientId); + } else if (hosNum != null && !hosNum.isEmpty()) { // 处理 hosNum 相关逻辑 log.info("通过住院号查询病案"); @@ -137,7 +145,7 @@ public class BingAnController { int retToken = getUserToken(userId,token); if (retToken != 0) { // log.info("病案邮寄"); - Integer i = binganService.apiDeleteApplication(id); + Integer i = binganService.apiDeleteApplication(id,userId); if (i == 1){ return ResponseResult.success(); }else { diff --git a/src/main/java/com/guahao/h5/reserve/controller/ReserveController.java b/src/main/java/com/guahao/h5/reserve/controller/ReserveController.java index a8cb32b..102e3dd 100644 --- a/src/main/java/com/guahao/h5/reserve/controller/ReserveController.java +++ b/src/main/java/com/guahao/h5/reserve/controller/ReserveController.java @@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONArray; import com.guahao.WebLog; import com.guahao.api.walkinto.service.PayService; import com.guahao.common.Exception.LogicException; +import com.guahao.common.annotation.CheckPatientId; import com.guahao.common.response.ErrorCode; import com.guahao.common.response.ResponseResult; import com.guahao.common.util.SoapUtil; @@ -64,6 +65,7 @@ public class ReserveController { */ @RequestMapping(value = "/opRegisterCancelList", method = RequestMethod.POST) @WebLog(description = "opRegisterCancelList") + @CheckPatientId(userIdParam="userId",patientIdParam = "PatientId") public Object opRegisterCancelList(Integer userId,String token, String PatientId, Integer SearchType, String StartTime, String EndTime) { try { @@ -112,6 +114,7 @@ public class ReserveController { */ @RequestMapping(value = "/opRegisterListQuery", method = RequestMethod.POST) @WebLog(description = "opRegisterListQuery") + @CheckPatientId(userIdParam="userId",patientIdParam = "PatientId") public Object opRegisterListQuery(Integer userId,String token, String PatientId, Integer SearchType, String StartTime, String EndTime) { try { @@ -144,6 +147,7 @@ public class ReserveController { */ @RequestMapping(value = "/opBillsPayedRefundQuery", method = RequestMethod.POST) @WebLog(description = "opBillsPayedRefundQuery") + @CheckPatientId(userIdParam="userId",patientIdParam = "PatientId") public Object opBillsPayedRefundQuery(Integer userId,String token, String PatientId, String FlowNo) { try { diff --git a/src/main/java/com/guahao/h5/reserve/mapper/BinganMapper.java b/src/main/java/com/guahao/h5/reserve/mapper/BinganMapper.java index 5177425..a81933e 100644 --- a/src/main/java/com/guahao/h5/reserve/mapper/BinganMapper.java +++ b/src/main/java/com/guahao/h5/reserve/mapper/BinganMapper.java @@ -17,7 +17,7 @@ public interface BinganMapper { List selectListByUserId(Integer userId); - Integer deleteApplication(Integer id); + Integer deleteApplication(Integer id, Integer userId); BingAnVO selectByOrderNo(@Param("outTradeNo") String outTradeNo); diff --git a/src/main/java/com/guahao/h5/reserve/service/BinganService.java b/src/main/java/com/guahao/h5/reserve/service/BinganService.java index 85b6790..012d1ac 100644 --- a/src/main/java/com/guahao/h5/reserve/service/BinganService.java +++ b/src/main/java/com/guahao/h5/reserve/service/BinganService.java @@ -15,7 +15,7 @@ public interface BinganService { List apiGetBAList(Integer userId); - Integer apiDeleteApplication(Integer id); + Integer apiDeleteApplication(Integer id, Integer userId); Map apiBAPay(BingAnPayVO vo, HttpServletRequest request); diff --git a/src/main/java/com/guahao/h5/reserve/service/BinganServiceImpl.java b/src/main/java/com/guahao/h5/reserve/service/BinganServiceImpl.java index 69f6cd8..bd7605c 100644 --- a/src/main/java/com/guahao/h5/reserve/service/BinganServiceImpl.java +++ b/src/main/java/com/guahao/h5/reserve/service/BinganServiceImpl.java @@ -178,8 +178,8 @@ public class BinganServiceImpl implements BinganService { } @Override - public Integer apiDeleteApplication(Integer id) { - return binganMapper.deleteApplication(id); + public Integer apiDeleteApplication(Integer id, Integer userId) { + return binganMapper.deleteApplication(id,userId); } @Override diff --git a/src/main/java/com/guahao/h5/user/controller/UserController.java b/src/main/java/com/guahao/h5/user/controller/UserController.java index 22d2ecc..399fab7 100644 --- a/src/main/java/com/guahao/h5/user/controller/UserController.java +++ b/src/main/java/com/guahao/h5/user/controller/UserController.java @@ -5,9 +5,7 @@ import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.guahao.WebLog; import com.guahao.common.response.ResponseResult; -import com.guahao.common.util.HttpClientUtil; -import com.guahao.common.util.SoapUtil; -import com.guahao.common.util.VeDate; +import com.guahao.common.util.*; import com.guahao.h5.message.vo.MessageCenterVo; import com.guahao.h5.token.service.TokenService; import com.guahao.h5.token.vo.TokenVo; @@ -19,7 +17,6 @@ import org.slf4j.LoggerFactory; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; -import com.guahao.common.util.XmlUtil; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -49,6 +46,8 @@ public class UserController { @Autowired private TokenService tokenService; + @Autowired + private SafeUtil safeUtil; @RequestMapping(value = "/test1") public void createActivityQrCode(String content, HttpServletResponse response) { @@ -352,6 +351,17 @@ public Object getAccessToken() { // Integer iQueryType = 1; Integer iQueryBusiness = 0; + Boolean hasCard = true; + if (queryType == 7){ + //queryCode身份证 + hasCard = safeUtil.hasUserByIdCard(userId, queryCode); + }else { + //queryCode是patientId + hasCard = safeUtil.hasUser(userId, queryCode); + } + if (!hasCard) { + return ResponseResult.sysError("您当前未绑定该就诊卡,无法查询"); + } try { String strXML = XmlUtil.getCardReqXml(queryCode, queryType, iQueryBusiness);// 封装请求数据 String responseStr = SoapUtil.soapMethod(strXML);// 发送请求 diff --git a/src/main/java/com/guahao/h5/user/controller/UserOrderController.java b/src/main/java/com/guahao/h5/user/controller/UserOrderController.java index 3f8fd85..0a48165 100644 --- a/src/main/java/com/guahao/h5/user/controller/UserOrderController.java +++ b/src/main/java/com/guahao/h5/user/controller/UserOrderController.java @@ -4,8 +4,10 @@ package com.guahao.h5.user.controller; import com.alibaba.fastjson.JSONObject; import com.guahao.WebLog; import com.guahao.api.Inventory.service.InventoryService; +import com.guahao.common.annotation.CheckPatientId; import com.guahao.common.response.ResponseResult; import com.guahao.common.util.HttpClientUtil; +import com.guahao.common.util.SafeUtil; import com.guahao.h5.token.service.TokenService; import com.guahao.h5.token.vo.TokenVo; import com.guahao.h5.user.service.UserOrderService; @@ -38,6 +40,8 @@ public class UserOrderController { @Autowired private InventoryService inventoryService; + @Autowired + private SafeUtil safeUtil; @RequestMapping("/pay") @WebLog(description = "pay") @@ -52,6 +56,10 @@ public class UserOrderController { if (retToken == 0) { return ResponseResult.sysLoginError(); } + Boolean hasCard = safeUtil.hasUserByIdCard(uid, cardno); + if (!hasCard) { + return ResponseResult.sysError("您当前未绑定该就诊卡,无法操作"); + } Map str = service.pay(uid, cardno, money, num,request); return ResponseResult.success(token, str); } catch (Exception e) { @@ -85,6 +93,17 @@ public class UserOrderController { if (retToken == 0) { return ResponseResult.sysLoginError(); } + Boolean hasCard = true; + if (QueryType == 7){ + //queryCode身份证 + hasCard = safeUtil.hasUserByIdCard(uid, QueryCode); + }else { + //queryCode是patientId + hasCard = safeUtil.hasUser(uid, QueryCode); + } + if (!hasCard) { + return ResponseResult.sysError("您当前未绑定该就诊卡,无法查询"); + } String str = service.InHosChargeRecordQuery(QueryCode, QueryType, StartTime, EndTime); return ResponseResult.success(str); } catch (Exception e) { @@ -102,6 +121,7 @@ public class UserOrderController { */ @RequestMapping("/yjjXeQuery") @WebLog(description = "预交金限额查询") + @CheckPatientId(userIdParam="uid",patientIdParam = "patientId") public Object yjjXeQuery( @RequestParam(value = "userId", required = false) Integer uid, @RequestParam(value = "token", required = false) String token, @@ -139,6 +159,17 @@ public class UserOrderController { if (retToken == 0) { return ResponseResult.sysLoginError(); } + Boolean hasCard = true; + if (QueryType == 7){ + //queryCode身份证 + hasCard = safeUtil.hasUserByIdCard(uid, QueryCode); + }else { + //queryCode是patientId + hasCard = safeUtil.hasUser(uid, QueryCode); + } + if (!hasCard) { + return ResponseResult.sysError("您当前未绑定该就诊卡,无法查询"); + } String str = service.InHosPatientInfoQuery(QueryCode, QueryType); return ResponseResult.success(str); } catch (Exception e) { diff --git a/src/main/java/com/guahao/h5/zip/DownloadZipController.java b/src/main/java/com/guahao/h5/zip/DownloadZipController.java index b401ac7..ceaa9e6 100644 --- a/src/main/java/com/guahao/h5/zip/DownloadZipController.java +++ b/src/main/java/com/guahao/h5/zip/DownloadZipController.java @@ -12,6 +12,9 @@ import java.util.Objects; @RestController @RequestMapping("/find") +/** + * 对账平台接口 + */ public class DownloadZipController { // ZIP 文件所在目录 diff --git a/src/main/resources/mybatis/mapper/reserve/BinganMapper.xml b/src/main/resources/mybatis/mapper/reserve/BinganMapper.xml index d50a8b9..601da16 100644 --- a/src/main/resources/mybatis/mapper/reserve/BinganMapper.xml +++ b/src/main/resources/mybatis/mapper/reserve/BinganMapper.xml @@ -19,6 +19,7 @@ deleted = 1 where id = #{id} + And user_id = #{userId} update express