From df86e91e2cc71206294e5c232d415cc077e55f57 Mon Sep 17 00:00:00 2001
From: liapples <liapples@163.com>
Date: Wed, 1 Sep 2021 10:38:45 +0800
Subject: [PATCH] =?UTF-8?q?=E4=B8=8D=E5=85=81=E8=AE=B8=E6=9F=A5=E7=9C=8B?=
 =?UTF-8?q?=E9=9D=9E=E8=87=AA=E5=B7=B1=E7=9A=84=E6=95=B0=E6=8D=AE=E4=BC=98?=
 =?UTF-8?q?=E5=8C=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/AdminSupplier/Controllers/OrderController.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/app/AdminSupplier/Controllers/OrderController.php b/app/AdminSupplier/Controllers/OrderController.php
index 611a1b6..88e7c8d 100644
--- a/app/AdminSupplier/Controllers/OrderController.php
+++ b/app/AdminSupplier/Controllers/OrderController.php
@@ -6,6 +6,7 @@ use App\AdminSupplier\Repositories\Order;
 use App\Common\OrderStatus;
 use App\Common\PayType;
 use App\Models\Agent;
+use App\Models\OrderProductItem;
 use App\Models\Supplier;
 use Dcat\Admin\Admin;
 use Dcat\Admin\Form;
@@ -95,10 +96,10 @@ class OrderController extends AdminController
 			$show->disableQuickEdit();
 			$show->disableEditButton();
 
-			//不允许查看非自己的数据 TODO 待筛选
-			$show->model()->whereHas('orderProductItem', function ($query) {
-				return $query->where('supplier_id', Admin::user()->id);
-			});
+			//不允许查看非自己的数据，$show->model()->whereHas()不起作用？
+			if (!OrderProductItem::where(['order_id' => $show->model()->id, 'supplier_id' => Admin::user()->id])->exists()) {
+				Admin::exit('数据不存在');
+			}
 
 			$show->field('id');
 			$show->field('agent.name');