Merge remote-tracking branch 'origin/feature/REQ-1502' into feature/REQ-1502

tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaasRoleVO.java

@@ -1,12 +1,12 @@
 package cn.axzo.tyr.client.model.vo;
 
-import cn.axzo.trade.datasecurity.core.annotation.control.DisableCrypt;
 import cn.axzo.tyr.client.model.permission.PermissionPointTreeNode;
 import cn.hutool.core.collection.CollectionUtil;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;
 import lombok.NoArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 
 import java.util.ArrayList;
 import java.util.Collection;
@@ -21,6 +21,7 @@ import java.util.stream.Collectors;
 @AllArgsConstructor
 @NoArgsConstructor
 @Builder
+@Slf4j
 public class SaasRoleVO {
 
     private Long id;
@@ -125,6 +126,7 @@ public class SaasRoleVO {
             }
 
         }
+        log.info("+======permissionPoint: {}", permissionPoint);
         return new ArrayList<>((Collection) permissionPoint);
     }
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java

@@ -63,7 +63,7 @@ public interface SaasRoleUserService {
      */
     List<SuperAminInfoResp> batchSuperAdminList(List<SuperAdminParam> param);
 
-    List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds);
+    List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds, Long workspaceId);
 
     /**
      * 删除单位参与的工作台的所有的人员与角色。 目前主要是用于移除参与单位的地方

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java

@@ -227,11 +227,12 @@ public class RoleUserService implements SaasRoleUserService {
 	}
 
 	@Override
-	public List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds) {
+	public List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds, Long workspaceId) {
 		if (CollectionUtil.isEmpty(roleIds)) {
 			return new ArrayList<>();
 		}
 		return roleUserRelationDao.list(new LambdaQueryWrapper<SaasRoleUserRelation>()
+				.eq(SaasRoleUserRelation::getWorkspaceId, workspaceId)
 				.in(SaasRoleUserRelation::getRoleId, roleIds));
 	}
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java

@@ -608,6 +608,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
             }
         }
 
+        log.info("-======matchedRoleList: {}", matchedRoleList);
         log.info("====计算角色实际的权限 - 匹配请求的权限  --> 实际拥有权限的角色:{}===",featureIds);
         //查询角色下用户
         List<Long> matchedRoleIds = matchedRoleList.stream().map(SaasRoleVO::getId).collect(Collectors.toList());
@@ -619,8 +620,9 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
                 .map(SaasRole::getId)
                 .collect(Collectors.toSet());
         matchedRoleIds.addAll(superAdmins);
-        List<SaasRoleUserRelation> relationList = roleUserService.listByRoleIds(matchedRoleIds);
         log.info("====追加工作台超管:{}===",superAdmins);
+        List<SaasRoleUserRelation> relationList = roleUserService.listByRoleIds(matchedRoleIds, workspaceId);
+        log.info("====追加工作台超管:{}===",relationList);
         //构建用户-去重(identityId-identityType)
         List<ListIdentityFromPermissionResp.UserVO> users = new ArrayList<>();
         Set<String> filterSet = new HashSet<>();