From 56512c852ff49b6950de5952b33bbcd4688e4bee Mon Sep 17 00:00:00 2001
From: wet <1034391973@qq.com>
Date: Mon, 10 Jul 2023 11:39:11 +0800
Subject: [PATCH] 1

---
 .../Service/BookingOrder/BookingOrderService.cs        | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/Myshipping.Application/Service/BookingOrder/BookingOrderService.cs b/Myshipping.Application/Service/BookingOrder/BookingOrderService.cs
index 1c0b982e..ec222f52 100644
--- a/Myshipping.Application/Service/BookingOrder/BookingOrderService.cs
+++ b/Myshipping.Application/Service/BookingOrder/BookingOrderService.cs
@@ -732,7 +732,15 @@ namespace Myshipping.Application
 
                 var mlist = await _rep.AsQueryable().Filter(null, true).Where(x => x.Id == input.Id).FirstAsync();
                 var rightlist= await _right.GetDataScopeList(MenuConst.MenuBookingOrder,true);
-                if (!(mlist.OPID == UserManager.UserId.ToString() || mlist.DOCID == UserManager.UserId.ToString() || mlist.CUSTSERVICEID == UserManager.UserId.ToString() || mlist.ROUTEID == UserManager.UserId.ToString() || mlist.CreatedUserId.ToString() == UserManager.UserId.ToString() || UserManager.DjyUserId == "d85fd590-d9f6-4410-93a1-f6fac77b606e"))
+                if (!(
+                    mlist.OPID == UserManager.UserId.ToString() || 
+                    mlist.DOCID == UserManager.UserId.ToString() ||
+                    mlist.CUSTSERVICEID == UserManager.UserId.ToString() ||
+                    mlist.ROUTEID == UserManager.UserId.ToString() ||
+                    mlist.CreatedUserId.ToString() == UserManager.UserId.ToString() ||
+                    UserManager.DjyUserId == "d85fd590-d9f6-4410-93a1-f6fac77b606e"||
+                    rightlist.Contains((long)mlist.CreatedUserId)
+                    ))
                 {
                     throw Oops.Bah("您没有当前单据的操作权限！");
                 }