fix(api): 修复商户列表查询逻辑并增强用户过滤条件

- 修改查询条件，将 `delete_time` 为空作为有效数据筛选 - 优化用户过滤，支持 `user_id` 字段匹配及 JSON 字段中包含该用户 - 修正代码格式和缩进以提升可读性 - 增加对请求参数 `limit` 的范围校验 - 优化错误处理逻辑，确保查询异常时返回正确状态码
2025-12-18 22:02:04 +08:00 · 2025-12-18 22:02:04 +08:00 · 962d1c0ae3
parent c45cabbfdc
commit 962d1c0ae3
1 changed files with 55 additions and 49 deletions
--- a/server/internal/api/ymt_merchants.go
+++ b/server/internal/api/ymt_merchants.go
@ -1,62 +1,68 @@
 package api

 import (
-    "database/sql"
-    "net/http"
-    "strconv"
+	"database/sql"
+	"net/http"
+	"strconv"
 )

 type YMTMerchantsAPI struct {
-    ymt *sql.DB
+	ymt *sql.DB
 }

 func YMTMerchantsHandler(ymt *sql.DB) http.Handler {
-    api := &YMTMerchantsAPI{ymt: ymt}
-    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-        if r.Method == http.MethodGet {
-            api.list(w, r)
-            return
-        }
-        w.WriteHeader(http.StatusNotFound)
-    })
+	api := &YMTMerchantsAPI{ymt: ymt}
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method == http.MethodGet {
+			api.list(w, r)
+			return
+		}
+		w.WriteHeader(http.StatusNotFound)
+	})
 }

 func (a *YMTMerchantsAPI) list(w http.ResponseWriter, r *http.Request) {
-    q := r.URL.Query()
-    userIDStr := q.Get("user_id")
-    like := q.Get("q")
-    limitStr := q.Get("limit")
-    limit := 2000
-    if limitStr != "" {
-        if n, err := strconv.Atoi(limitStr); err == nil && n > 0 && n <= 10000 { limit = n }
-    }
-    sql1 := "SELECT id, name FROM merchant WHERE id IS NOT NULL"
-    args := []interface{}{}
-    if userIDStr != "" {
-        sql1 += " AND user_id = ?"
-        args = append(args, userIDStr)
-    }
-    if like != "" {
-        sql1 += " AND (CAST(id AS CHAR) LIKE ? OR name LIKE ?)"
-        s := "%" + like + "%"
-        args = append(args, s, s)
-    }
-    sql1 += " ORDER BY id ASC LIMIT ?"
-    args = append(args, limit)
-    rows, err := a.ymt.Query(sql1, args...)
-    if err != nil {
-        fail(w, r, http.StatusInternalServerError, err.Error())
-        return
-    }
-    defer rows.Close()
-    out := []map[string]interface{}{}
-    for rows.Next() {
-        var id sql.NullInt64
-        var name sql.NullString
-        if err := rows.Scan(&id, &name); err != nil { continue }
-        if !id.Valid { continue }
-        out = append(out, map[string]interface{}{"id": id.Int64, "name": name.String})
-    }
-    ok(w, r, out)
+	q := r.URL.Query()
+	userIDStr := q.Get("user_id")
+	like := q.Get("q")
+	limitStr := q.Get("limit")
+	limit := 2000
+	if limitStr != "" {
+		if n, err := strconv.Atoi(limitStr); err == nil && n > 0 && n <= 10000 {
+			limit = n
+		}
+	}
+	sql1 := "SELECT id, name FROM merchant WHERE delete_time IS NULL"
+	args := []interface{}{}
+	if userIDStr != "" {
+		// user_id 匹配 或者 operation_user JSON 中包含该 user_id
+		sql1 += " AND (user_id = ? OR JSON_CONTAINS(operation_user, JSON_OBJECT('user_id', CAST(? AS SIGNED))))"
+		args = append(args, userIDStr, userIDStr)
+	}
+	if like != "" {
+		sql1 += " AND (CAST(id AS CHAR) LIKE ? OR name LIKE ?)"
+		s := "%" + like + "%"
+		args = append(args, s, s)
+	}
+	sql1 += " ORDER BY id ASC LIMIT ?"
+	args = append(args, limit)
+	rows, err := a.ymt.Query(sql1, args...)
+	if err != nil {
+		fail(w, r, http.StatusInternalServerError, err.Error())
+		return
+	}
+	defer rows.Close()
+	out := []map[string]interface{}{}
+	for rows.Next() {
+		var id sql.NullInt64
+		var name sql.NullString
+		if err := rows.Scan(&id, &name); err != nil {
+			continue
+		}
+		if !id.Valid {
+			continue
+		}
+		out = append(out, map[string]interface{}{"id": id.Int64, "name": name.String})
+	}
+	ok(w, r, out)
 }
-