收款列表权限细分

backup.sql

@@ -135,9 +135,13 @@ INSERT INTO `cm_receipt_permission`(`id`,`permission`) VALUES
 (6,'关联供应商退款'),
 (7,'审核订单款'),
 (8,'收款详情分享'),
-(9,'订单款/非订单款详情查看'),
-(10,'返佣款详情查看'),
-(11,'供应商退款详情查看');
+(9,'非订单款查看(全部)'),
+(10,'订单款查看(全部)'),
+(11,'返佣款查看(全部)'),
+(12,'供应商退款查看(全部)'),
+(13,'订单款查看(协销自己机构)'),
+(14,'返佣款查看(协销自己机构)'),
+(15,'供应商退款查看(协销自己机构)');
 INSERT INTO `cm_receipt_type`(`id`,`type`) VALUES (1,'建设银行-7297'),(2,'广发银行-0115'),(3,'中信银行-7172'),(4,'中信银行-0897'),(5,'中信银行-0897-财付通'),(6,'中信银行-0897-支付宝'),(7,'线上-支付宝'),(8,'线上-微信支付'),(9,'线上-快钱支付'),(10,'口头返佣'),(11,'广发银行-5461'),(12,'企业网银'),(13,'微信支付'),(14,'支付宝'),(15,'微信支付'),(16,'余额抵扣'),(18,'建设银行-1854'),(19,'建设银行-6256');
 
 

src/main/java/com/caimei365/order/mapper/ReceiptMapper.java

@@ -41,7 +41,8 @@ public interface ReceiptMapper {
      */
     void updateOpenidByMobile(String openid, String unionId, String mobile);
     /**
-     * 获取用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
+     * 获取用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,
+     * 9非订单款查看(全部)，10订单款查看(全部)，11返佣款查看(全部)，12供应商退款查看(全部)，13订单款查看(协销自己机构)，14返佣款查看(协销自己机构)，15供应商退款查看(协销自己机构)
      */
     List<Integer> getPermissionsByUserId(Integer userId);
     /**

src/main/java/com/caimei365/order/model/vo/ReceiptUserVo.java

@@ -46,14 +46,15 @@ public class ReceiptUserVo implements Serializable {
     @ApiModelProperty("密码")
     private String password;
     /**
-     * 用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
+     * 用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,
+     * 9非订单款查看(全部)，10订单款查看(全部)，11返佣款查看(全部)，12供应商退款查看(全部)，13订单款查看(协销自己机构)，14返佣款查看(协销自己机构)，15供应商退款查看(协销自己机构)
      */
-    @ApiModelProperty("用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看")
+    @ApiModelProperty("用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9非订单款查看(全部)，10订单款查看(全部)，11返佣款查看(全部)，12供应商退款查看(全部)，13订单款查看(协销自己机构)，14返佣款查看(协销自己机构)，15供应商退款查看(协销自己机构)")
     private Integer permission;
     /**
-     * 用户权限列表: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
+     * 用户权限列表
      */
-    @ApiModelProperty("用户权限列表: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看")
+    @ApiModelProperty("用户权限列表")
     private List<Integer> permissions;
     /**
      * 微信unionId

src/main/java/com/caimei365/order/service/impl/ReceiptServiceImpl.java

@@ -88,7 +88,8 @@ public class ReceiptServiceImpl implements ReceiptService {
             // 收款用户
             ReceiptUserVo receiptUser = receiptMapper.getReceiptUserByOpenid(openid);
             if (null != receiptUser) {
-                // 用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
+                // 用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,
+                // 9非订单款查看(全部)，10订单款查看(全部)，11返佣款查看(全部)，12供应商退款查看(全部)，13订单款查看(协销自己机构)，14返佣款查看(协销自己机构)，15供应商退款查看(协销自己机构)
                 List<Integer> permissions = receiptMapper.getPermissionsByUserId(receiptUser.getId());
                 receiptUser.setPermissions(permissions);
                 return ResponseJson.success(receiptUser);
@@ -137,7 +138,8 @@ public class ReceiptServiceImpl implements ReceiptService {
                 } else {
                     return ResponseJson.error(appletsInfo.getMsg(), null);
                 }
-                // 用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
+                // 用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,
+                // 9非订单款查看(全部)，10订单款查看(全部)，11返佣款查看(全部)，12供应商退款查看(全部)，13订单款查看(协销自己机构)，14返佣款查看(协销自己机构)，15供应商退款查看(协销自己机构)
                 List<Integer> permissions = receiptMapper.getPermissionsByUserId(receiptUser.getId());
                 receiptUser.setPermissions(permissions);
                 return ResponseJson.success(receiptUser);
@@ -489,7 +491,7 @@ public class ReceiptServiceImpl implements ReceiptService {
      * --客服：     非订单款，返佣款，订单款
      * --财务:      不能进入详情，操作权限可配置
      *
-     * @param receiptType   收款款项类型：1订单款，2非订单款，3返佣款 4订单款或者非订单款（因财务阶段无法区分订单非订单） 5供应商退款
+     * @param receiptType   收款款项类型：1订单款，2非订单款，3返佣款 5供应商退款
      * @param receiptStatus 收款状态：1待确认、2已确认(待审核)、3审核通过、4审核未通过、5收款撤销【线上支付成功为审核通过】
      * @param smsContent    收款短信
      * @param startDate     筛选开始时间
@@ -499,11 +501,6 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<PageInfo<ReceiptVo>> getReceiptList(Integer receiptType, Integer receiptStatus, String smsContent, String startDate, String endDate, int pageNum, int pageSize, HttpHeaders headers) {
-        // 检查收款用户权限
-        ReceiptUserVo receiptUser = checkPermissions(0, headers);
-        if (null == receiptUser) {
-            return ResponseJson.error("无权限操作！", null);
-        }
         ReceiptParamsBo paramsBo = new ReceiptParamsBo();
         PageInfo<ReceiptVo> emptyInfo = new PageInfo();
         if (null != receiptStatus && receiptStatus > 0) {
@@ -515,23 +512,64 @@ public class ReceiptServiceImpl implements ReceiptService {
             }
             paramsBo.setReceiptStatusArr(receiptStatusArr);
         }
-        if (1 == receiptUser.getUserType()) {
-            // 协销：(非订单款，返佣款)?，与自身相关的订单款，与自身相关的供应商退款
-            if(1 == receiptType || 5 == receiptType) {
+        ReceiptUserVo receiptUser = null;
+        // 订单款
+        if(1 == receiptType) {
+            // 检查收款用户权限：10订单款查看(全部)，13订单款查看(协销自己机构)
+            receiptUser = checkPermissions(Arrays.asList(10, 13), headers);
+            if (null == receiptUser) {
+                return ResponseJson.error("无权限操作！", null);
+            }
+            List<Integer> permissions = receiptUser.getPermissions();
+            //协销与自身相关的订单款
+            if (!permissions.contains(10) && permissions.contains(13)) {
                 // 获取该协销收款用户下的机构userIds
                 Integer spId = receiptMapper.getServiceProviderId(receiptUser.getUnionId());
                 List<Integer> clubUserIds = receiptMapper.getClubUserIdBySpId(spId);
                 paramsBo.setUserIds(clubUserIds);
-            } else {
-                return ResponseJson.error("无权限查看！", null);
             }
-        } else if (2 == receiptUser.getUserType()) {
-            //客服： 非订单款，返佣款，订单款
-            if (5 == receiptType) {
-                // 不能查看供应商退款
-                return ResponseJson.success(emptyInfo);
+        }
+        // 非订单款
+        else if (2 == receiptType) {
+            // 检查收款用户权限：9非订单款查看(全部)
+            receiptUser = checkPermissions(9, headers);
+            if (null == receiptUser) {
+                return ResponseJson.error("无权限操作！", null);
+            }
+        }
+        // 返佣款
+        else if (3 == receiptType) {
+            // 检查收款用户权限:11返佣款查看(全部)，14返佣款查看(协销自己机构)
+            receiptUser = checkPermissions(Arrays.asList(11, 14), headers);
+            if (null == receiptUser) {
+                return ResponseJson.error("无权限操作！", null);
+            }
+            List<Integer> permissions = receiptUser.getPermissions();
+            //协销与自身相关的返佣款
+            if (!permissions.contains(11) && permissions.contains(14)) {
+                // 获取该协销收款用户下的机构userIds
+                Integer spId = receiptMapper.getServiceProviderId(receiptUser.getUnionId());
+                List<Integer> clubUserIds = receiptMapper.getClubUserIdBySpId(spId);
+                paramsBo.setUserIds(clubUserIds);
             }
         }
+        // 供应商退款
+        else if (5 == receiptType) {
+            // 检查收款用户权限: 12供应商退款查看(全部)，15供应商退款查看(协销自己机构)
+            receiptUser = checkPermissions(Arrays.asList(12, 15), headers);
+            if (null == receiptUser) {
+                return ResponseJson.error("无权限操作！", null);
+            }
+            List<Integer> permissions = receiptUser.getPermissions();
+            //协销与自身相关的供应商退款
+            if (!permissions.contains(11) && permissions.contains(14)) {
+                // 获取该协销收款用户下的机构userIds
+                Integer spId = receiptMapper.getServiceProviderId(receiptUser.getUnionId());
+                List<Integer> clubUserIds = receiptMapper.getClubUserIdBySpId(spId);
+                paramsBo.setUserIds(clubUserIds);
+            }
+        }
+
         if (StringUtils.isNotBlank(smsContent)) {
             // 短信内容隐藏余额
             String message = hiddenBalance(smsContent);
@@ -559,8 +597,8 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<ReceiptVo> getReceiptDetail(Integer id, HttpHeaders headers) {
-        // 检查收款用户权限：9订单款/非订单款详情查看
-        ReceiptUserVo receiptUser = checkPermissions(9, headers);
+        // 检查收款用户权限：9非订单款查看(全部)，10订单款查看(全部)，13订单款查看(协销自己机构)
+        ReceiptUserVo receiptUser = checkPermissions(Arrays.asList(9, 10, 13), headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
         }
@@ -614,7 +652,6 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<Map<String, Integer>> getReceiptDetailType(Integer id, HttpHeaders headers) {
-        // 检查收款用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
         ReceiptUserVo receiptUser = checkPermissions(0, headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
@@ -636,7 +673,7 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<ReceiptVo> getReceiptDetailShare(Integer id, HttpHeaders headers) {
-        // 检查收款用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
+        // 检查收款用户权限: 8收款详情分享
         ReceiptUserVo receiptUser = checkPermissions(8, headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
@@ -653,8 +690,8 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<ReceiptVo> getReceiptRefundDetail(Integer id, HttpHeaders headers) {
-        // 检查收款用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
-        ReceiptUserVo receiptUser = checkPermissions(11, headers);
+        // 检查收款用户权限: 12供应商退款查看(全部)，15供应商退款查看(协销自己机构)
+        ReceiptUserVo receiptUser = checkPermissions(Arrays.asList(12, 15), headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
         }
@@ -670,8 +707,8 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<ReceiptVo> getReceiptRebateDetail(Integer id, HttpHeaders headers) {
-        // 检查收款用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
-        ReceiptUserVo receiptUser = checkPermissions(10, headers);
+        // 检查收款用户权限:11返佣款查看(全部)，14返佣款查看(协销自己机构)
+        ReceiptUserVo receiptUser = checkPermissions(Arrays.asList(11, 14), headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
         }
@@ -694,8 +731,8 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<PageInfo<OrderVo>> getReceiptOrderList(Integer id, Integer type, Integer organizeId, String orderReceiptStatus, String keyword, int pageNum, int pageSize, HttpHeaders headers) {
-        // 检查收款用户权限：9订单款/非订单款详情查看
-        ReceiptUserVo receiptUser = checkPermissions(9, headers);
+        // 检查收款用户权限：10订单款查看(全部)，13订单款查看(协销自己机构)
+        ReceiptUserVo receiptUser = checkPermissions(Arrays.asList(10, 13), headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
         }
@@ -802,8 +839,8 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<OrderVo> getReceiptOrderInfo(Integer orderId, HttpHeaders headers) {
-        // 检查收款用户权限：9订单款/非订单款详情查看
-        ReceiptUserVo receiptUser = checkPermissions(9, headers);
+        // 检查收款用户权限：10订单款查看(全部)，13订单款查看(协销自己机构)
+        ReceiptUserVo receiptUser = checkPermissions(Arrays.asList(10, 13), headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
         }
@@ -845,8 +882,8 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<PageInfo<ShopOrderVo>> getRefundShopOrderList(Integer id, Integer confirmedType, String shopName, String keyword, int pageNum, int pageSize, HttpHeaders headers) {
-        // 检查收款用户权限：11供应商退款详情查看
-        ReceiptUserVo receiptUser = checkPermissions(11, headers);
+        // 检查收款用户权限: 12供应商退款查看(全部)，15供应商退款查看(协销自己机构)
+        ReceiptUserVo receiptUser = checkPermissions(Arrays.asList(12, 15), headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
         }
@@ -889,8 +926,8 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<OrderVo> getRefundShopOrderInfo(Integer orderId, HttpHeaders headers) {
-        // 检查收款用户权限：11供应商退款详情查看
-        ReceiptUserVo receiptUser = checkPermissions(11, headers);
+        // 检查收款用户权限: 12供应商退款查看(全部)，15供应商退款查看(协销自己机构)
+        ReceiptUserVo receiptUser = checkPermissions(Arrays.asList(12, 15), headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
         }
@@ -951,8 +988,8 @@ public class ReceiptServiceImpl implements ReceiptService {
      */
     @Override
     public ResponseJson<PageInfo<ShopOrderVo>> getRebateShopOrderList(Integer id, String shopName, int pageNum, int pageSize, HttpHeaders headers) {
-        // 检查收款用户权限：10返佣款详情查看
-        ReceiptUserVo receiptUser = checkPermissions(10, headers);
+        // 检查收款用户权限:11返佣款查看(全部)，14返佣款查看(协销自己机构)
+        ReceiptUserVo receiptUser = checkPermissions(Arrays.asList(11, 14), headers);
         if (null == receiptUser) {
             return ResponseJson.error("无权限操作！", null);
         }
@@ -1172,7 +1209,7 @@ public class ReceiptServiceImpl implements ReceiptService {
         receiptPo.setConfirmDate(time);
         receiptMapper.updateReceipt(receiptPo);
 
-        // 关联成功推送模板消息给指定人员（用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看）
+        // 关联成功推送模板消息给指定人员（权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款)
         try {
             String accessToken = weChatService.getAccessToken();
             List<String> openidList = receiptMapper.getOpenidListByPermission(Collections.singletonList(7));
@@ -1691,7 +1728,7 @@ public class ReceiptServiceImpl implements ReceiptService {
                 String receiptTypeStr = receiptMapper.getReceiptTypeStrById(receiptPo.getPayType());
                 String remarkText = "收款类型："+ receiptTypeStr +"；"+"审核时间："+receiptPo.getReviewDate();
                 double associateAmount = receiptMapper.countAssociateAmountById(receiptPo.getId());
-                // （用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看）
+                // （用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款）
                 List<String> openidList = receiptMapper.getOpenidListByPermission(Collections.singletonList(3));
                 openidList.removeIf(Objects::isNull);
                 // 跳转到【普通款项待审核】页面
@@ -1719,7 +1756,7 @@ public class ReceiptServiceImpl implements ReceiptService {
         paramsBo.setStartDate("2022-01-01 00:00:00");
         List<ReceiptVo> list = receiptMapper.getReceiptList(paramsBo);
         list.removeIf(Objects::isNull);
-        // （用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看）
+        // （用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款）
         List<String> openidList = receiptMapper.getOpenidListByPermission(Arrays.asList(3,4,5,6));
         openidList.removeIf(Objects::isNull);
         String title = "超时未确认，请及时查看详情并确认关联！";
@@ -1749,7 +1786,7 @@ public class ReceiptServiceImpl implements ReceiptService {
         paramsBo.setStartDate("2022-01-01 00:00:00");
         List<ReceiptVo> list = receiptMapper.getReceiptList(paramsBo);
         list.removeIf(Objects::isNull);
-        // （用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看）
+        // （用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款）
         List<String> openidList = receiptMapper.getOpenidListByPermission(Collections.singletonList(7));
         openidList.removeIf(Objects::isNull);
         String title = "超时未审核，请及时查看详情并审核！";
@@ -1884,7 +1921,8 @@ public class ReceiptServiceImpl implements ReceiptService {
 
     /**
      * 检查收款权限
-     * 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
+     * 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,
+     * 9非订单款查看(全部)，10订单款查看(全部)，11返佣款查看(全部)，12供应商退款查看(全部)，13订单款查看(协销自己机构)，14返佣款查看(协销自己机构)，15供应商退款查看(协销自己机构)
      *
      * @param permission 0:登录用户不需要权限，其他具体权限
      * @param headers    HttpHeaders
@@ -1897,7 +1935,6 @@ public class ReceiptServiceImpl implements ReceiptService {
             // 收款用户
             ReceiptUserVo receiptUser = receiptMapper.getReceiptUserByOpenid(openid);
             if (null != receiptUser) {
-                // 获取用户权限: 1录入收款,2收款列表操作,3关联订单款,4关联返佣款,5口头返佣,6关联供应商退款,7审核订单款,8收款详情分享,9订单款/非订单款详情查看,10返佣款详情查看,11供应商退款详情查看
                 List<Integer> permissions = receiptMapper.getPermissionsByUserId(receiptUser.getId());
                 if (0 == permission || permissions.contains(permission)) {
                     receiptUser.setPermissions(permissions);
@@ -1907,6 +1944,24 @@ public class ReceiptServiceImpl implements ReceiptService {
         }
         return null;
     }
+    private ReceiptUserVo checkPermissions(List<Integer> permissions, HttpHeaders headers) {
+        // 用户openid
+        String openid = headers.getFirst("x-openid");
+        if (StringUtils.isNotBlank(openid)) {
+            // 收款用户
+            ReceiptUserVo receiptUser = receiptMapper.getReceiptUserByOpenid(openid);
+            if (null != receiptUser) {
+                List<Integer> dbPermissions = receiptMapper.getPermissionsByUserId(receiptUser.getId());
+                receiptUser.setPermissions(dbPermissions);
+                for (Integer permission : permissions) {
+                    if (0 == permission || dbPermissions.contains(permission)) {
+                        return receiptUser;
+                    }
+                }
+            }
+        }
+        return null;
+    }
 
     /**
      * 识别收款短信