2 年之前 · 22a29e7a85
--- a/api/tenancy_admin_views.py
+++ b/api/tenancy_admin_views.py
@@ -115,7 +115,7 @@ def shot_request_list(request, administrator):
 
                     reqs = TenancyShotRequestInfo.objects.filter(status=True).order_by('-pk')
              
 
                 
              
 
                     if query:
              
 
                -        shots = list(TenancyShotInfo.objects.values_list('model_id', flat=True).filter(sn__icontains=query))
              
 
                +        shots = list(TenancyShotInfo.objects.values_list('shot_id', flat=True).filter(sn__icontains=query))
              
 
                         reqs = reqs.filter(Q(phone__icontains=query) | Q(name__icontains=query) | Q(shot_id__in=shots))
              
 
                 
              
 
                 
              
@@ -181,6 +181,9 @@ def shot_request_update(request, administrator):
 
                     old_tracking_number = req.tracking_number
              
 
                     old_back_tracking_number = req.back_tracking_number
              
 
                 
              
 
                +    if req.admin_id and req.admin_id != administrator.admin_id:
              
 
                +        return response(40001, 'No permission', '不是经办人，没有权限')
              
 
                +
              
 
                     if shot_id:
              
 
                         req.shot_id = shot_id
              
 
                     if name:
              
@@ -265,9 +268,13 @@ def shot_request_send(request, administrator):
 
                         shot = TenancyShotInfo.objects.get(shot_id=shot_id, status=True)
              
 
                     except TenancyShotInfo.DoesNotExist:
              
 
                         return response()
              
 
                +    
              
 
                +    if req.admin_id and req.admin_id != administrator.admin_id:
              
 
                +        return response(40001, 'No permission', '不是经办人，没有权限')
              
 
                 
              
 
                     old_tracking_number = req.tracking_number
              
 
                 
              
 
                +    req.admin_id = administrator.admin_id
              
 
                     req.express_name = express_name
              
 
                     req.express_com = express_com
              
 
                     req.tracking_number = tracking_number
              
@@ -310,6 +317,9 @@ def shot_request_signed(request, administrator):
 
                     except TenancyShotRequestInfo.DoesNotExist:
              
 
                         return response(TenancyStatusCode.TENANCY_SHOT_REQUEST_NOT_FOUND)
              
 
                 
              
 
                +    if req.admin_id and req.admin_id != administrator.admin_id:
              
 
                +        return response(40001, 'No permission', '不是经办人，没有权限')
              
 
                +
              
 
                     req.request_status = TenancyShotRequestInfo.TENANCY_TRACKING_BACK_SIGNED
              
 
                     request_status_at = req.request_status_at
              
 
                     request_status_at[TenancyShotRequestInfo.TENANCY_TRACKING_BACK_SIGNED] = tc.utc_string()