new

saicLogistics/src/main/java/com/fuzamei/web/CargoConsignAction.java

@@ -45,7 +45,7 @@ public class CargoConsignAction {
 	* @Title: queryOrdersBySupplier
 	* @Description: TODO(供应商查询订单信息)
 	{
-		"userId":"xx",
+		"tokenId":"xx",
 		"page":"1",
 		"orderId":"",
 		"boxNo":"",
@@ -62,7 +62,8 @@ public class CargoConsignAction {
 	@RequestMapping(value="/queryOrdersBySupplier",method=RequestMethod.POST)
 	public Map<String, Object> queryOrdersBySupplier(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.SUPPLIER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.SUPPLIER);
 			int page = ValidationUtil.checkMinAndAssignInt(params.getPage(), 1);
 			Long startTime=ValidationUtil.checkAndAssignDefaultLong(params.getStartTime(), 0L);
 			Long endTime=ValidationUtil.checkAndAssignDefaultLong(params.getEndTime(), Long.MAX_VALUE);
@@ -83,7 +84,7 @@ public class CargoConsignAction {
 	* @Title: queryOrdersByCarrier
 	* @Description: TODO(承运商查看订单信息)
 	{
-		"userId":"",
+		"tokenId":"",
 		"page":"1",
 		"orderId":"",
 		"boxNo":"",
@@ -100,7 +101,8 @@ public class CargoConsignAction {
 	@RequestMapping(value="/queryOrdersByCarrier",method=RequestMethod.POST)
 	public Map<String, Object> queryOrdersByCarrier(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.CARRIER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.CARRIER);
 			int page = ValidationUtil.checkMinAndAssignInt(params.getPage(), 1);
 			Long startTime=ValidationUtil.checkAndAssignDefaultLong(params.getStartTime(), 0L);
 			Long endTime=ValidationUtil.checkAndAssignDefaultLong(params.getEndTime(), Long.MAX_VALUE);
@@ -121,7 +123,7 @@ public class CargoConsignAction {
 	* @Title: doCarry
 	* @Description: TODO(承运商点击承运按钮后对订单表进行更新)
 	{
-		"userId":"",
+		"tokenId":"",
 		"orderId":"",
 		"carNo":""
 	}
@@ -134,7 +136,8 @@ public class CargoConsignAction {
 	@RequestMapping(value="/doCarry",method=RequestMethod.POST)
 	public Map<String, Object> doCarry(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.CARRIER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.CARRIER);
 			Orders order = orderService.queryFullOrderByOrderId(ValidationUtil.checkAndAssignInt(params.getOrderId()));
 			ValidationUtil.checkBlankAndAssignString(params.getCarNo());//车牌号校验
 			if(order==null) throw new RuntimeException("订单不存在");
@@ -153,7 +156,7 @@ public class CargoConsignAction {
 	* @Title: showAllCarriersUnderSupplier
 	* @Description: TODO(当供应商点击发货时候，跳出的弹框中承运商下拉框中显示所有承运商)
 	{
-		"userId":"xxx"
+		"tokenId":"xxx"
 	}
 	* @param @return    设定文件
 	* @return Map<String,Object>    返回类型
@@ -164,7 +167,8 @@ public class CargoConsignAction {
 	@RequestMapping(value="/showAllCarriersUnderSupplier",method=RequestMethod.POST)
 	public Map<String, Object> showAllCarriersUnderSupplier(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserDetail(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.SUPPLIER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserDetail(ValidationUtil.checkAndAssignInt(userId), Role.SUPPLIER);
 			params.setRoleName(Role.CARRIER);
 			List<UserDetail> carrierList = userAuthoricationService.showAllCarriersUnderSupplier(params);
 			return JSONUtil.getJsonMap(200, true, HintMSG.QUERY_SUCCESS, carrierList);
@@ -179,7 +183,7 @@ public class CargoConsignAction {
 	* @Title: orderTracking
 	* @Description: TODO(供应商和承运商的订单查询)
 	{
-		"userId":"xxx",
+		"tokenId":"xxx",
 		"orderId":""
 	}
 	* @param @return    设定文件
@@ -191,7 +195,8 @@ public class CargoConsignAction {
 	@RequestMapping(value="/orderTracking",method=RequestMethod.POST)
 	public Map<String, Object> orderTracking(@RequestBody Params params){
 		try {
-			UserDetail userDetail = userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()),Role.CARRIER,Role.SUPPLIER);//检测当前操作用户权限
+			String userId = params.getTokenId().split("&")[1];
+			UserDetail userDetail = userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId),Role.CARRIER,Role.SUPPLIER);//检测当前操作用户权限
 			Orders order = orderService.queryFullOrderByOrderId(ValidationUtil.checkAndAssignInt(params.getOrderId()));
 			if(Role.SUPPLIER.equals(userDetail.getRoleName())){
 				if(!params.getUserId().equals(order.getSupplierId())) throw new RuntimeException("无权查看");

saicLogistics/src/main/java/com/fuzamei/web/CargoDeliverAction.java

@@ -40,7 +40,7 @@ public class CargoDeliverAction {
 	* @Title: queryOrdersByCarrier
 	* @Description: TODO(承运商查看订单信息)
 	{
-		"userId":"xxx",
+		"tokenId":"xxx",
 		"page":"1",
 		"orderId":"",
 		"carNo":"",
@@ -55,18 +55,19 @@ public class CargoDeliverAction {
 	* @throws
 	 */
 	@RequestMapping(value="/queryOrdersByCarrier",method=RequestMethod.POST)
-	public Map<String, Object> queryOrdersByCarrier(@RequestBody Params Paramsss){
+	public Map<String, Object> queryOrdersByCarrier(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(Paramsss.getUserId()), Role.CARRIER);
-			int page = ValidationUtil.checkMinAndAssignInt(Paramsss.getPage(), 1);
-			Long startTime=ValidationUtil.checkAndAssignDefaultLong(Paramsss.getStartTime(), 0L);
-			Long endTime=ValidationUtil.checkAndAssignDefaultLong(Paramsss.getEndTime(), Long.MAX_VALUE);
-			Paramsss.setStartTime(startTime);
-			if(startTime<=endTime) Paramsss.setEndTime(endTime);
-			else Paramsss.setEndTime(Long.MAX_VALUE);
-			Paramsss.setStartPage((page - 1) * ROWNUM);
-			Paramsss.setRowNum(ROWNUM);
-			PageDTO pageDto = cargoDeliverService.queryOrdersByCarrier(Paramsss);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.CARRIER);
+			int page = ValidationUtil.checkMinAndAssignInt(params.getPage(), 1);
+			Long startTime=ValidationUtil.checkAndAssignDefaultLong(params.getStartTime(), 0L);
+			Long endTime=ValidationUtil.checkAndAssignDefaultLong(params.getEndTime(), Long.MAX_VALUE);
+			params.setStartTime(startTime);
+			if(startTime<=endTime) params.setEndTime(endTime);
+			else params.setEndTime(Long.MAX_VALUE);
+			params.setStartPage((page - 1) * ROWNUM);
+			params.setRowNum(ROWNUM);
+			PageDTO pageDto = cargoDeliverService.queryOrdersByCarrier(params);
 			return JSONUtil.getJsonMap(200, true, HintMSG.QUERY_SUCCESS, pageDto);
 		} catch (Exception e) {
 			return JSONUtil.getJsonMap(500, false, HintMSG.QUERY_FAIL+":"+e.getMessage(), null);
@@ -78,7 +79,7 @@ public class CargoDeliverAction {
 	* @Title: orderTracking
 	* @Description: TODO(承运商查看订单跟踪表)
 	{
-		"userId":"",
+		"tokenId":"",
 		"orderId":""
 	}
 	* @Paramss @return    设定文件
@@ -88,13 +89,14 @@ public class CargoDeliverAction {
 	* @throws
 	 */
 	@RequestMapping(value="/orderTracking",method=RequestMethod.POST)
-	public Map<String, Object> orderTracking(@RequestBody Params Paramss){
+	public Map<String, Object> orderTracking(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(Paramss.getUserId()),Role.CARRIER);//检测当前操作用户权限
-			Orders order = orderService.queryFullOrderByOrderId(ValidationUtil.checkAndAssignInt(Paramss.getOrderId()));
-			if(!Paramss.getUserId().equals(order.getCarrierId())) throw new RuntimeException("无权查看");
-			Paramss.setOrder(order);
-			Map<String, Object> map = cargoDeliverService.orderTracking(Paramss);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId),Role.CARRIER);//检测当前操作用户权限
+			Orders order = orderService.queryFullOrderByOrderId(ValidationUtil.checkAndAssignInt(params.getOrderId()));
+			if(!params.getUserId().equals(order.getCarrierId())) throw new RuntimeException("无权查看");
+			params.setOrder(order);
+			Map<String, Object> map = cargoDeliverService.orderTracking(params);
 			return JSONUtil.getJsonMap(200, true, HintMSG.QUERY_SUCCESS, map);
 		} catch (Exception e) {
 			return JSONUtil.getJsonMap(500, false, HintMSG.QUERY_FAIL+":"+e.getMessage(), null);

saicLogistics/src/main/java/com/fuzamei/web/CargoTallyAction.java

@@ -42,7 +42,7 @@ public class CargoTallyAction {
 	* @Title: queryOrdersByReceiver
 	* @Description: TODO(收货员查询订单信息)
 	{
-		"userId":"xxx",
+		"tokenId":"xxx",
 		"page":"1",
 		"orderId":"",
 		"carNo":"",
@@ -58,7 +58,8 @@ public class CargoTallyAction {
 	@RequestMapping(value="/queryOrdersByReceiver",method=RequestMethod.POST)
 	public Map<String, Object> queryOrdersByReceiver(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.STOCKER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.STOCKER);
 			int page = ValidationUtil.checkMinAndAssignInt(params.getPage(), 1);
 			Long startTime=ValidationUtil.checkAndAssignDefaultLong(params.getStartTime(), 0L);
 			Long endTime=ValidationUtil.checkAndAssignDefaultLong(params.getEndTime(), Long.MAX_VALUE);
@@ -79,7 +80,7 @@ public class CargoTallyAction {
 	* @Title: searchNewOrderByOrderId
 	* @Description: TODO(售货员根据订单号点击下一步查询最新的点货订单)
 	{
-		"userId":"",
+		"tokenId":"",
 		"orderId":""
 	}
 	* @params @return    设定文件
@@ -91,7 +92,8 @@ public class CargoTallyAction {
 	@RequestMapping(value="/searchNewOrderByOrderId",method=RequestMethod.POST)
 	public Map<String, Object> searchNewOrderByOrderId(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.STOCKER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.STOCKER);
 			Orders order = orderService.queryFullOrderByOrderId(ValidationUtil.checkAndAssignInt(params.getOrderId()));
 			if(order==null) throw new RuntimeException("订单不存在");
 			if(!Status.DELIVERING.equals(order.getStatusId())) throw new RuntimeException("非法操作");
@@ -108,7 +110,7 @@ public class CargoTallyAction {
 	* @Title: confirmOrReject
 	* @Description: TODO(收货员点击确认点货或拒收操作)
 	{
-		"userId":"",
+		"tokenId":"",
 		"orderId":"",
 		"confirmId":""
 	}
@@ -121,7 +123,8 @@ public class CargoTallyAction {
 	@RequestMapping(value="/confirmOrReject",method=RequestMethod.POST)
 	public Map<String, Object> confirmOrReject(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.STOCKER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.STOCKER);
 			ValidationUtil.checkRangeAndAssignInt(params.getConfirmId(), 0, 1);//确认id只能是0和1
 			Orders order = orderService.queryFullOrderByOrderId(ValidationUtil.checkAndAssignInt(params.getOrderId()));
 			if(order==null) throw new RuntimeException("订单不存在");
@@ -138,7 +141,7 @@ public class CargoTallyAction {
 	* @Title: orderTracking
 	* @Description: TODO(收货员查询订单跟踪信息)
 	{
-		"userId":"",
+		"tokenId":"",
 		"orderId":""
 	}
 	* @params @return    设定文件
@@ -150,7 +153,8 @@ public class CargoTallyAction {
 	@RequestMapping(value="/orderTracking",method=RequestMethod.POST)
 	public Map<String, Object> orderTracking(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()),Role.STOCKER);//检测当前操作用户权限
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId),Role.STOCKER);//检测当前操作用户权限
 			Orders order = orderService.queryFullOrderByOrderId(ValidationUtil.checkAndAssignInt(params.getOrderId()));
 			if(!params.getUserId().equals(order.getReceiverId())) throw new RuntimeException("无权查看");
 			params.setOrder(order);

saicLogistics/src/main/java/com/fuzamei/web/OperationHistoryAction.java

@@ -50,7 +50,8 @@ public class OperationHistoryAction {
 	@RequestMapping(value="/queryOperationHistory",method=RequestMethod.POST)
 	public Map<String, Object> queryOperationHistory(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.ADMIN);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.ADMIN);
 			int page = ValidationUtil.checkMinAndAssignInt(params.getPage(), 1);
 			Long startTime=ValidationUtil.checkAndAssignDefaultLong(params.getStartTime(), 0L);
 			Long endTime=ValidationUtil.checkAndAssignDefaultLong(params.getEndTime(), Long.MAX_VALUE);

saicLogistics/src/main/java/com/fuzamei/web/OrdersIssueAction.java

@@ -58,7 +58,7 @@ public class OrdersIssueAction {
 	* @Title: queryOrdersByPlanner
 	* @Description: TODO(由计划员查询订单信息)
 	{
-		"userId":"xxx",
+		"tokenId":"xxx",
 		"page":"1",
 		"supplierName":"",
 		"boxNo":"",
@@ -73,7 +73,8 @@ public class OrdersIssueAction {
 	@RequestMapping(value="/queryOrdersByPlanner",method=RequestMethod.POST)
 	public Map<String, Object> queryOrdersByPlanner(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.PLANNER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.PLANNER);
 			int page = ValidationUtil.checkMinAndAssignInt(params.getPage(), 1);
 			Long startTime=ValidationUtil.checkAndAssignDefaultLong(params.getStartTime(), 0L);
 			Long endTime=ValidationUtil.checkAndAssignDefaultLong(params.getEndTime(), Long.MAX_VALUE);
@@ -94,7 +95,7 @@ public class OrdersIssueAction {
 	* @Title: queryOrdersBySupplier
 	* @Description: TODO(供应商查询订单信息)
 	{
-		"userId":"",
+		"tokenId":"",
 		"page":"1",
 		"orderId":"",
 		"boxNo":"",
@@ -111,7 +112,8 @@ public class OrdersIssueAction {
 	@RequestMapping(value="/queryOrdersBySupplier",method=RequestMethod.POST)
 	public Map<String, Object> queryOrdersBySupplier(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.SUPPLIER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.SUPPLIER);
 			int page = ValidationUtil.checkMinAndAssignInt(params.getPage(), 1);
 			Long startTime=ValidationUtil.checkAndAssignDefaultLong(params.getStartTime(), 0L);
 			Long endTime=ValidationUtil.checkAndAssignDefaultLong(params.getEndTime(), Long.MAX_VALUE);
@@ -132,7 +134,7 @@ public class OrdersIssueAction {
 	* @Title: Consignment
 	* @Description: TODO(供应商点击发货这个动作)
 	{
-		"userId":"xxx",
+		"tokenId":"xxx",
 		"orderId":"",
 		"carrierId":""
 	}
@@ -145,7 +147,8 @@ public class OrdersIssueAction {
 	@RequestMapping(value="/consignment",method=RequestMethod.POST)
 	public Map<String, Object> consignment(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.SUPPLIER);
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.SUPPLIER);
 			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getCarrierId()), Role.CARRIER);
 			Orders order = orderService.queryFullOrderByOrderId(ValidationUtil.checkAndAssignInt(params.getOrderId()));
 			if(order==null) throw new RuntimeException("订单不存在");
@@ -163,7 +166,7 @@ public class OrdersIssueAction {
 	* @Title: addOrder
 	* @Description: TODO(由计划员增加新订单)
 	{
-		"userId":"xxx",
+		"tokenId":"xxx",
 		"orderId":"",
 		"supplierId":"",
 		"partNo":"",
@@ -179,8 +182,9 @@ public class OrdersIssueAction {
 	@RequestMapping(value="/addOrder",method=RequestMethod.POST)
 	public Map<String, Object> addOrder(@RequestBody Params params){
 		try {
+			String userId = params.getTokenId().split("&")[1];
 			orderService.checkIfHasTheSameId(ValidationUtil.checkAndAssignInt(params.getOrderId(),ORDER_ID_PATTERN));
-			UserDetail userDetail = userAuthoricationService.queryUserDetail(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.PLANNER);//检测当前操作用户权限
+			UserDetail userDetail = userAuthoricationService.queryUserDetail(ValidationUtil.checkAndAssignInt(userId), Role.PLANNER);//检测当前操作用户权限
 			ValidationUtil.checkBlankString(params.getPartNo());
 			List<UserDetail> users = userDetail.getUsers();
 			int supplierId = ValidationUtil.checkAndAssignInt(params.getSupplierId());
@@ -206,7 +210,7 @@ public class OrdersIssueAction {
 	* @Title: showSuppliersUnderPlanner
 	* @Description: TODO(当用户添加订单时点击供应商列表时显示该计划员下的所有供应商)
 	{
-		"userId":"xxx"
+		"tokenId":"xxx"
 	}
 	* @return Map<String,Object>    返回类型
 	* @author ylx
@@ -216,7 +220,8 @@ public class OrdersIssueAction {
 	@RequestMapping(value="/showSuppliersUnderPlanner",method=RequestMethod.POST)
 	public Map<String, Object> showSuppliersUnderPlanner(@RequestBody Params params){
 		try {
-			UserDetail userDetail = userAuthoricationService.queryUserDetail(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.PLANNER);//检测当前操作用户权限
+			String userId = params.getTokenId().split("&")[1];
+			UserDetail userDetail = userAuthoricationService.queryUserDetail(ValidationUtil.checkAndAssignInt(userId), Role.PLANNER);//检测当前操作用户权限
 			return JSONUtil.getJsonMap(200, true, HintMSG.QUERY_SUCCESS, userDetail.getUsers());
 		} catch (Exception e) {
 			return JSONUtil.getJsonMap(500, false, HintMSG.QUERY_FAIL+":"+e.getMessage(), null);
@@ -229,7 +234,7 @@ public class OrdersIssueAction {
 	* @Title: showAllBoxNo
 	* @Description: TODO(当计划员点击箱号，显示所有箱号)
 	{
-		"userId":"xxx"
+		"tokenId":"xxx"
 	}
 	* @params @return    设定文件
 	* @return Map<String,Object>    返回类型
@@ -240,7 +245,8 @@ public class OrdersIssueAction {
 	/*@RequestMapping(value="/showAllBoxNo",method=RequestMethod.POST)
 	public Map<String, Object> showAllBoxNo(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.PLANNER);//检测当前操作用户权限
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.PLANNER);//检测当前操作用户权限
 			List<Box> boxList = boxService.queryAllBoxInformation();
 			return JSONUtil.getJsonMap(200, true, HintMSG.QUERY_SUCCESS, boxList);
 		} catch (Exception e) {
@@ -253,7 +259,7 @@ public class OrdersIssueAction {
 	* @Title: showAllPartNo
 	* @Description: TODO(当计划员点击零件号，显示所有零件号)
 	{
-		"userId":"xxx"
+		"tokenId":"xxx"
 	}
 	* @params @return    设定文件
 	* @return Map<String,Object>    返回类型
@@ -264,7 +270,8 @@ public class OrdersIssueAction {
 	@RequestMapping(value="/showAllPartNo",method=RequestMethod.POST)
 	public Map<String, Object> showAllPartNo(@RequestBody Params params){
 		try {
-			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()), Role.PLANNER);//检测当前操作用户权限
+			String userId = params.getTokenId().split("&")[1];
+			userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId), Role.PLANNER);//检测当前操作用户权限
 			List<Part> partList = partService.queryAllPartInformation();
 			return JSONUtil.getJsonMap(200, true, HintMSG.QUERY_SUCCESS, partList);
 		} catch (Exception e) {
@@ -277,7 +284,7 @@ public class OrdersIssueAction {
 	* @Title: orderTracking
 	* @Description: TODO(查询订单的跟踪情况)
 	{
-		"userId":"xxx",
+		"tokenId":"xxx",
 		"orderId":""
 	}
 	* @params @return    设定文件
@@ -289,7 +296,8 @@ public class OrdersIssueAction {
 	@RequestMapping(value="/orderTracking",method=RequestMethod.POST)
 	public Map<String, Object> orderTracking(@RequestBody Params params){
 		try {
-			UserDetail userDetail = userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(params.getUserId()),Role.PLANNER,Role.SUPPLIER);//检测当前操作用户权限
+			String userId = params.getTokenId().split("&")[1];
+			UserDetail userDetail = userAuthoricationService.queryUserAuthority(ValidationUtil.checkAndAssignInt(userId),Role.PLANNER,Role.SUPPLIER);//检测当前操作用户权限
 			Orders order = orderService.queryFullOrderByOrderId(ValidationUtil.checkAndAssignInt(params.getOrderId()));
 			if(Role.PLANNER.equals(userDetail.getRoleName())){
 				if(!params.getUserId().equals(order.getPlannerId())) throw new RuntimeException(HintMSG.NO_AUTH);