商品查询架构文档
1 包规划
主包名为:com.enation.app.cms,下面的包皆以此为父包:
| goods | |
|---|---|
| model | 模型 |
| po | po模型 |
| vo | 装修所所需相应模型 |
| controller | 控制器 |
| service | 业务类接口 |
| impl | 业务类实现 |
| tag | 标签 |
2 商品查询API(商家查询和平台查询)
2.1 总体类图
GoodsQueryParam是查询所用的参数模型类,shop_cat_id是店铺分类,seller_id是卖家id,具体说明如下:
2.2 查询的时序图
在查询时通过UserContext和IStoreMemberManager鉴定相应权限,这两个类在这些包下:
GoodsManager的查询功能可参考微服务中的此类:
com.enation.javashop.controller.backend.GoodsBackController中的查询方法:
@Override
public Page list(GoodsQueryParam goodsQueryParam) {
StringBuffer sqlBuffer = new StringBuffer();
sqlBuffer.append(
"select g.goods_id,g.goods_name,g.sn,g.thumbnail,g.seller_name,g.enable_quantity,g.quantity,g.price,g.create_time,g.market_enable ,b.`name` brand_name,c.`name` category_name "
+ "from es_goods g left join es_goods_category c on g.category_id = c.category_id left join es_brand b on g.brand_id = b.brand_id "
+ "where g.disabled = 0 ");
if (goodsQueryParam.getMarket_enable() == null || (goodsQueryParam.getMarket_enable().intValue() != 1
&& goodsQueryParam.getMarket_enable().intValue() != 2)) {
sqlBuffer.append(" and g.market_enable !=2 ");
} else {
sqlBuffer.append(" and g.market_enable = " + goodsQueryParam.getMarket_enable());
}
if (goodsQueryParam.getStype().intValue() == 0) {
if (!StringUtil.isEmpty(goodsQueryParam.getKeyword())) {
sqlBuffer.append(" and (g.goods_name like '%" + goodsQueryParam.getKeyword() + "%' or g.sn like '%"
+ goodsQueryParam.getKeyword() + "%') ");
}
} else {
// 高级搜索
if (goodsQueryParam.getCategory_id() != null) {
Category category = this.daoSupport.queryForObject(
"select * from es_goods_category where category_id=? ", Category.class,
goodsQueryParam.getCategory_id());
if (category != null) {
String cat_path = category.getCategory_path();
if (cat_path != null) {
sqlBuffer.append(" and g.category_id in(");
sqlBuffer.append("select c.category_id from es_goods_category");
sqlBuffer.append(" c where c.category_path like '" + cat_path + "%')");
}
}
}
if (!StringUtil.isEmpty(goodsQueryParam.getGoods_name())) {
sqlBuffer.append(" and g.goods_name like '%" + goodsQueryParam.getGoods_name() + "%'");
}
if (!StringUtil.isEmpty(goodsQueryParam.getSeller_name())) {
sqlBuffer.append(" and g.seller_name like '%" + goodsQueryParam.getSeller_name() + "%'");
}
if (!StringUtil.isEmpty(goodsQueryParam.getGoods_sn())) {
sqlBuffer.append(" and g.sn like '%" + goodsQueryParam.getGoods_sn() + "%'");
}
}
sqlBuffer.append(" order by g.goods_id desc");
Page page = this.daoSupport.queryForPage(sqlBuffer.toString(), goodsQueryParam.getPage_no(),
goodsQueryParam.getPage_size());
return page;
}
但是要加入卖家id不为空,则进行相应的查询的条件
而且不能有字串拼接,必须要用?号传参,否则有sql注入风险
这个技术点可以参考微服务版中订单查询服务的:
com.enation.javashop.order.manager.impl.OrderDBQueryManager#querySeller
2.3 api路径
get:/shop/seller/goods/search.do
get:/shop/admin/goods/search.do