Fix: Delete order now works for Customer-based orders
Root cause: Orders created with CustomerInfo had NULL IdentityReference - CancelOrderAsync checked order.IdentityReference != identityReference - NULL != "telegram:12345:username" → always returned false - User saw "already processed" error even for pending orders Fix implemented: - Include Customer entity in CancelOrderAsync query - Extract Telegram user ID from identity reference format - Match against Customer.TelegramUserId for modern orders - Fallback to IdentityReference matching for legacy orders - Enhanced logging to debug ownership/status issues 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
parent
4c6a1f10d6
commit
a6f1c32461
@ -282,13 +282,46 @@ public class OrderService : IOrderService
|
|||||||
|
|
||||||
public async Task<bool> CancelOrderAsync(Guid id, string identityReference)
|
public async Task<bool> CancelOrderAsync(Guid id, string identityReference)
|
||||||
{
|
{
|
||||||
var order = await _context.Orders.FindAsync(id);
|
var order = await _context.Orders
|
||||||
if (order == null || order.IdentityReference != identityReference)
|
.Include(o => o.Customer)
|
||||||
|
.FirstOrDefaultAsync(o => o.Id == id);
|
||||||
|
|
||||||
|
if (order == null)
|
||||||
|
{
|
||||||
|
_logger.LogWarning("Cannot cancel order {OrderId} - order not found", id);
|
||||||
return false;
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Verify ownership - support both CustomerInfo-based and legacy IdentityReference-based orders
|
||||||
|
bool isOwner = false;
|
||||||
|
|
||||||
|
if (order.Customer != null && identityReference.StartsWith("telegram:"))
|
||||||
|
{
|
||||||
|
// Extract telegram user ID from identity reference (format: "telegram:12345:username")
|
||||||
|
var parts = identityReference.Split(':');
|
||||||
|
if (parts.Length >= 2 && long.TryParse(parts[1], out var telegramUserId))
|
||||||
|
{
|
||||||
|
isOwner = order.Customer.TelegramUserId == telegramUserId;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (!string.IsNullOrEmpty(order.IdentityReference))
|
||||||
|
{
|
||||||
|
// Legacy: match by identity reference
|
||||||
|
isOwner = order.IdentityReference == identityReference;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isOwner)
|
||||||
|
{
|
||||||
|
_logger.LogWarning("Cannot cancel order {OrderId} - identity mismatch (provided: {Identity}, customer: {CustomerId})",
|
||||||
|
id, identityReference, order.CustomerId);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
if (order.Status != OrderStatus.PendingPayment)
|
if (order.Status != OrderStatus.PendingPayment)
|
||||||
{
|
{
|
||||||
return false; // Can only cancel pending orders
|
_logger.LogWarning("Cannot cancel order {OrderId} - status is {Status}, must be PendingPayment",
|
||||||
|
id, order.Status);
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
order.Status = OrderStatus.Cancelled;
|
order.Status = OrderStatus.Cancelled;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user