Guard batch activate with explicit status filters and add safety valve test
This commit is contained in:
萝卜
@@ -989,6 +989,16 @@ class PlatformOrderController extends Controller
|
|||||||
return redirect()->back()->with('warning', '当前筛选集合包含「对账不一致/退款不一致」订单,为避免带病同步,请先完成金额/状态治理(补回执/核对退款/修正状态)后再批量同步订阅。');
|
return redirect()->back()->with('warning', '当前筛选集合包含「对账不一致/退款不一致」订单,为避免带病同步,请先完成金额/状态治理(补回执/核对退款/修正状态)后再批量同步订阅。');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// 防误操作(口径一致):当用户显式传入了 status/payment_status 时,要求口径至少锁定「已支付+已生效」
|
||||||
|
// 说明:订阅详情页的批量同步入口会带 site_subscription_id + syncable_only=1,但未必显式带 status/payment_status。
|
||||||
|
// 这里采用“仅在显式传参时校验”的策略,避免误伤订阅详情页的一键批量同步。
|
||||||
|
$hasExplicitStatusFilters = ((string) ($filters['payment_status'] ?? '') !== '') || ((string) ($filters['status'] ?? '') !== '');
|
||||||
|
if ($scope === 'filtered' && $hasExplicitStatusFilters) {
|
||||||
|
if (($filters['payment_status'] ?? '') !== 'paid' || ($filters['status'] ?? '') !== 'activated') {
|
||||||
|
return redirect()->back()->with('warning', '为避免误操作,请先在筛选条件中锁定「支付状态=已支付」且「订单状态=已生效」,再执行批量同步订阅。');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// 防误操作:scope=all 需要二次确认
|
// 防误操作:scope=all 需要二次确认
|
||||||
if ($scope === 'all' && (string) $request->input('confirm', '') !== 'YES') {
|
if ($scope === 'all' && (string) $request->input('confirm', '') !== 'YES') {
|
||||||
return redirect()->back()->with('warning', '为避免误操作,执行全量批量同步前请在确认框输入 YES。');
|
return redirect()->back()->with('warning', '为避免误操作,执行全量批量同步前请在确认框输入 YES。');
|
||||||
|
|||||||
@@ -0,0 +1,103 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Tests\Feature;
|
||||||
|
|
||||||
|
use App\Models\Merchant;
|
||||||
|
use App\Models\Plan;
|
||||||
|
use App\Models\PlatformOrder;
|
||||||
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
||||||
|
use Tests\TestCase;
|
||||||
|
|
||||||
|
class AdminPlatformOrderBatchActivateSubscriptionsStatusFilterSafetyValveTest extends TestCase
|
||||||
|
{
|
||||||
|
use RefreshDatabase;
|
||||||
|
|
||||||
|
protected function loginAsPlatformAdmin(): void
|
||||||
|
{
|
||||||
|
$this->seed();
|
||||||
|
|
||||||
|
$this->post('/admin/login', [
|
||||||
|
'email' => 'platform.admin@demo.local',
|
||||||
|
'password' => 'Platform@123456',
|
||||||
|
])->assertRedirect('/admin');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_batch_activate_subscriptions_filtered_scope_requires_paid_and_activated_filters(): void
|
||||||
|
{
|
||||||
|
$this->loginAsPlatformAdmin();
|
||||||
|
|
||||||
|
$merchant = Merchant::query()->firstOrFail();
|
||||||
|
$plan = Plan::query()->create([
|
||||||
|
'code' => 'batch_activate_requires_status_filters_plan',
|
||||||
|
'name' => '批量同步订阅要求口径锁定(已支付+已生效)测试套餐',
|
||||||
|
'billing_cycle' => 'monthly',
|
||||||
|
'price' => 10,
|
||||||
|
'list_price' => 10,
|
||||||
|
'status' => 'active',
|
||||||
|
'sort' => 10,
|
||||||
|
'published_at' => now(),
|
||||||
|
]);
|
||||||
|
|
||||||
|
$order = PlatformOrder::query()->create([
|
||||||
|
'merchant_id' => $merchant->id,
|
||||||
|
'plan_id' => $plan->id,
|
||||||
|
'order_no' => 'PO_BATCH_ACTIVATE_REQUIRE_FILTERS_0001',
|
||||||
|
'order_type' => 'new_purchase',
|
||||||
|
'status' => 'activated',
|
||||||
|
'payment_status' => 'paid',
|
||||||
|
'plan_name' => $plan->name,
|
||||||
|
'billing_cycle' => $plan->billing_cycle,
|
||||||
|
'period_months' => 1,
|
||||||
|
'quantity' => 1,
|
||||||
|
'payable_amount' => 10,
|
||||||
|
'paid_amount' => 10,
|
||||||
|
'placed_at' => now(),
|
||||||
|
'paid_at' => now(),
|
||||||
|
'activated_at' => now(),
|
||||||
|
]);
|
||||||
|
|
||||||
|
// 仅勾选 syncable_only=1(不传 status/payment_status)时不应被该“口径锁定提示”误伤
|
||||||
|
$res = $this->post('/admin/platform-orders/batch-activate-subscriptions', [
|
||||||
|
'scope' => 'filtered',
|
||||||
|
'syncable_only' => '1',
|
||||||
|
'limit' => 50,
|
||||||
|
]);
|
||||||
|
$res->assertRedirect();
|
||||||
|
|
||||||
|
$order->refresh();
|
||||||
|
$this->assertNotNull(data_get($order->meta, 'subscription_activation.subscription_id'));
|
||||||
|
|
||||||
|
// 当显式传入 status/payment_status 且不符合 paid+activated 时,应触发 warning 并阻断
|
||||||
|
$o2 = PlatformOrder::query()->create([
|
||||||
|
'merchant_id' => $merchant->id,
|
||||||
|
'plan_id' => $plan->id,
|
||||||
|
'order_no' => 'PO_BATCH_ACTIVATE_REQUIRE_FILTERS_0002',
|
||||||
|
'order_type' => 'new_purchase',
|
||||||
|
'status' => 'activated',
|
||||||
|
'payment_status' => 'paid',
|
||||||
|
'plan_name' => $plan->name,
|
||||||
|
'billing_cycle' => $plan->billing_cycle,
|
||||||
|
'period_months' => 1,
|
||||||
|
'quantity' => 1,
|
||||||
|
'payable_amount' => 10,
|
||||||
|
'paid_amount' => 10,
|
||||||
|
'placed_at' => now(),
|
||||||
|
'paid_at' => now(),
|
||||||
|
'activated_at' => now(),
|
||||||
|
]);
|
||||||
|
|
||||||
|
$res2 = $this->post('/admin/platform-orders/batch-activate-subscriptions', [
|
||||||
|
'scope' => 'filtered',
|
||||||
|
'syncable_only' => '1',
|
||||||
|
'status' => 'pending',
|
||||||
|
'payment_status' => 'paid',
|
||||||
|
'limit' => 50,
|
||||||
|
]);
|
||||||
|
|
||||||
|
$res2->assertRedirect();
|
||||||
|
$res2->assertSessionHas('warning');
|
||||||
|
|
||||||
|
$o2->refresh();
|
||||||
|
$this->assertNull(data_get($o2->meta, 'subscription_activation.subscription_id'));
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user