diff --git a/integration-test/src/test/resources/role-user.http b/integration-test/src/test/resources/role-user.http
index 3d1e2906..aa43bfaf 100644
--- a/integration-test/src/test/resources/role-user.http
+++ b/integration-test/src/test/resources/role-user.http
@@ -21,4 +21,16 @@ Content-Type: application/json
 > reponse-check.js
 
 
+###
+POST {{host}}/api/saas-role-user/delete-user-role-of-workspace
+Accept: application/json
+Content-Type: application/json
+
+{
+
+}
+
+> reponse-check.js
+
+
 
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionPointApplyApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionPointApplyApi.java
index d3f3906c..24cd5278 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionPointApplyApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionPointApplyApi.java
@@ -30,9 +30,6 @@ public interface PermissionPointApplyApi {
     @PostMapping(value = "/api/v1/permissionPoint/apply/submit")
     ApiResult<Long> submitApply(@RequestBody@Valid SubmitPermissionPointApplyVO apply);
 
-    @PostMapping(value = "/api/v1/permissionPoint/apply/update-detail")
-    ApiResult<Void> updateDetail(@RequestBody@Valid UpdatePermissionPointApplyVO updateDetail);
-
     @PostMapping(value = "/api/v1/permissionPoint/apply/bind")
     ApiResult<Void> bindWorkflowInstantce(@RequestBody@Valid BindWorkflowInstantceVO bind);
 
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index c4dd4a8b..3dde660b 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -1,19 +1,24 @@
 package cn.axzo.tyr.client.feign;
 
-import java.util.List;
-
-import javax.validation.Valid;
-import javax.validation.constraints.NotEmpty;
-
-import org.springframework.cloud.openfeign.FeignClient;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-
 import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
-import cn.axzo.tyr.client.model.roleuser.req.*;
+import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import javax.validation.Valid;
+import javax.validation.constraints.NotEmpty;
+import java.util.List;
 
 /**
  * 角色
@@ -41,16 +46,16 @@ public interface TyrSaasRoleUserApi {
      * @param param
      * @return
      */
-    @PostMapping("api/saas-role-user/delete")
+    @PostMapping("/api/saas-role-user/delete")
     ApiResult<Boolean> deleteUserAllRoles(@RequestBody @Valid List<DeleteRoleUserParam> param);
 
     /**
-     * 新的 移除某个人在某个工作台的所有角色(除超管)
+     * 删除某个用户非超管角色(新)
      *
      * @param param
      * @return
      */
-    @PostMapping("api/saas-role-user/delete-user-role")
+    @PostMapping("/api/saas-role-user/delete-user-role")
     ApiResult<Boolean> deleteUserRoles(@RequestBody @Valid DeleteUserRoleParam param);
 
     /**
@@ -58,10 +63,10 @@ public interface TyrSaasRoleUserApi {
      * @param param
      * @return
      */
-    @PostMapping("api/saas-role-user/create-agency-admin-role")
+    @PostMapping("/api/saas-role-user/create-agency-admin-role")
     ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(@RequestBody @Valid CreateAgencyAdminRoleParam param);
 
-    @PostMapping("api/saas-role-user/create-super-admin-role")
+    @PostMapping("/api/saas-role-user/create-super-admin-role")
     ApiResult<Void> createSuperAdminRole(@RequestBody @Valid @NotEmpty CreateSuperAminRoleParam param);
 
     /**
@@ -69,22 +74,14 @@ public interface TyrSaasRoleUserApi {
      * @param params
      * @return
      */
-    @PostMapping("api/saas-role-user/delete-admin-role")
+    @PostMapping("/api/saas-role-user/delete-admin-role")
     ApiResult<Boolean> deleteAdminRole(@RequestBody @Valid @NotEmpty List<DeleteAdminRoleParam> params);
 
     /**
-     * 批量查询超管
-     * @param params
-     * @return
-     */
-    @PostMapping("api/saas-role-user/super-admin-list")
-    ApiResult<List<SuperAdminInfoDTO>> superAdminList(@RequestBody @Valid @NotEmpty List<SuperAdminParam> params);
-
-    /**
-     * 查看超管详情
+     * 批量查询超管, 只能批量获取单个工作台台下的超管，业务系统需要根据返回的identityId和identityType查询identityProfile查询用户明细信息
      * @param param
      * @return
      */
-    @PostMapping("api/saas-role-user/super-admin")
-    ApiResult<SuperAdminInfoDTO> superAdmin(@RequestBody @Valid SuperAdminParam param);
+    @PostMapping("/api/saas-role-user/super-admin-list")
+    ApiResult<List<SuperAdminInfoDTO>> superAdminList(@RequestBody @Valid SuperAdminParam param);
 }
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java
index b68e4f8f..dff78ac7 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java
@@ -50,7 +50,7 @@ public class IdentityAuthReq {
     /**
      * {@link TerminalInfo#NT()}
      */
-    private String terminal;
+    private List<String> terminal;
     @Builder.Default
     private Set<Long> featureId = new HashSet<>();
     @Builder.Default
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java
index e9cba93c..88a81e17 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java
@@ -1,6 +1,5 @@
 package cn.axzo.tyr.client.model.roleuser.dto;
 
-import cn.axzo.tyr.client.model.enums.IdentityType;
 import lombok.Data;
 
 /**
@@ -16,19 +15,7 @@ public class SuperAdminInfoDTO {
    */
   private Long identityId;
   
-  private IdentityType identityType;
-
-  /**
-   * 手机号
-   */
-  private String phone;
-
-  /**
-   * 姓名
-   */
-  private String realName;
-
-
+  private Integer identityType;
   /**
    * 工作台Id
    */
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java
index 0d2cbb7e..a29c29dd 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java
@@ -1,7 +1,5 @@
 package cn.axzo.tyr.client.model.roleuser.req;
 
-import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
-import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import lombok.Data;
 
@@ -12,22 +10,10 @@ public class DeleteAdminRoleParam {
      * 工作台id，与context校验
      */
     private Long workspaceId;
-
-    /**
-     * 工作台类型
-     */
-    private Integer workspaceTypeCode;
-
     /**
      * 单位id : 非必填
      */
     private Long ouId;
-
-    /**
-     * 单位类型
-     */
-    private OrganizationalNodeTypeEnum nodeTypeEnum;
-
     /**
      * 被赋予角色的人的身份id
      */
@@ -37,11 +23,4 @@ public class DeleteAdminRoleParam {
      * 身份类型，必填
      */
     private IdentityType identityType;
-
-    /**
-     * 角色Id，必填
-     * 只能传SUPER_ADMIN，ADMIN
-     */
-    private RoleTypeEnum roleType;
-
 }
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRolesOfWorkspaceParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRolesOfWorkspaceParam.java
new file mode 100644
index 00000000..2ef239e6
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRolesOfWorkspaceParam.java
@@ -0,0 +1,30 @@
+package cn.axzo.tyr.client.model.roleuser.req;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author haiyangjin
+ * @date 2023/10/17
+ */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class DeleteUserRolesOfWorkspaceParam {
+    /**
+     * 工作台id
+     */
+    @NotNull(message = "工作台ID不能为空")
+    private Long workspaceId;
+
+    /**
+     * 单位id
+     */
+    @NotNull(message = "单位ID不能为空")
+    private Long ouId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java
index f14a640e..11a0213f 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java
@@ -1,5 +1,8 @@
 package cn.axzo.tyr.client.model.roleuser.req;
 
+import java.util.List;
+
+import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 
 import lombok.AllArgsConstructor;
@@ -27,7 +30,6 @@ public class SuperAdminParam {
   /**
    * 单位Id
    */
-  @NotNull(message = "单位Id不能为空")
-  private Long ouId;
-
+  @NotEmpty(message = "单位Id不能为空")
+  private List<Long> ouIds;
 }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionPointApplyController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionPointApplyController.java
index 6e6b8956..94e780ff 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionPointApplyController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionPointApplyController.java
@@ -35,11 +35,6 @@ public class PermissionPointApplyController implements PermissionPointApplyApi {
         return ApiResult.ok(saasFeatureApplyService.saveApply(apply));
     }
 
-    @Override
-    public ApiResult<Void> updateDetail(UpdatePermissionPointApplyVO updateDetail) {
-        return null;
-    }
-
     @Override
     public ApiResult<Void> bindWorkflowInstantce(BindWorkflowInstantceVO bind) {
         saasFeatureApplyService.bindWorkflowInstantce(bind);
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
index 150bca0a..a21892fe 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@@ -1,21 +1,30 @@
 package cn.axzo.tyr.server.controller.roleuser;
 
+import java.util.List;
+
+import javax.validation.Valid;
+
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
 import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
-import cn.axzo.tyr.client.model.roleuser.req.*;
+import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
-
-import javax.validation.Valid;
-import java.util.ArrayList;
-import java.util.List;
 
 /**
  * @author tanjie@axzo.cn
@@ -45,7 +54,7 @@ public class RoleUserController implements TyrSaasRoleUserApi {
     }
 
     /**
-     * 新的 移除某个人在某个工作台的所有角色(除超管)
+     * 删除用户非超管角色
      *
      * @param param
      * @return
@@ -73,15 +82,13 @@ public class RoleUserController implements TyrSaasRoleUserApi {
         return ApiResult.ok(true);
     }
 
+    /**
+     * cn.axzo.basics.auth.api.SaasRoleApi#batchFindSuperAdmin
+     * @param param
+     * @return
+     */
     @Override
-    public ApiResult<List<SuperAdminInfoDTO>> superAdminList(List<SuperAdminParam> params) {
-        //todo cn.axzo.basics.auth.api.SaasRoleApi#batchFindSuperAdmin
-        return ApiResult.ok(new ArrayList<>());
-    }
-
-    @Override
-    public ApiResult<SuperAdminInfoDTO> superAdmin(SuperAdminParam param) {
-        // todo cn.axzo.basics.auth.api.SaasRoleApi#findSuperAdmin
-        return ApiResult.ok(new SuperAdminInfoDTO());
+    public ApiResult<List<SuperAdminInfoDTO>> superAdminList(SuperAdminParam param) {
+        return ApiResult.ok(saasRoleUserService.superAdminList(param));
     }
 }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
index afaeb634..9e54c847 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@@ -3,6 +3,9 @@ package cn.axzo.tyr.server.service;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.req.*;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 
 import java.util.List;
@@ -42,7 +45,6 @@ public interface SaasRoleUserService {
      */
     boolean deleteUserRoles(DeleteUserRoleParam param);
 
-
     /**
      * <pre>
      *  查询人所在的工作台或者单位中的数据
@@ -64,4 +66,18 @@ public interface SaasRoleUserService {
      * work for: 组织 + 服务包
      */
     void createSuperAdminRole(CreateSuperAminRoleParam param);
+
+    /**
+     * 批量获取超管信息
+     * @param param
+     * @return
+     */
+    List<SuperAdminInfoDTO> superAdminList(SuperAdminParam param);
+
+    /**
+     * 移除管理员
+     * @param params
+     * @return
+     */
+    boolean deleteAdminRole(List<DeleteAdminRoleParam> params);
 }
\ No newline at end of file
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
index 76dc03cb..d1448da1 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
@@ -164,7 +164,8 @@ public class RoleServiceImpl implements RoleService {
 		}
 		// 根据工作台类型和单位类型查询角色分组
 		List<SaasRoleGroup> roleGroup = new ArrayList<>();
-		if (CollectionUtils.isNotEmpty(req.getWorkspaceTypeCode()) || CollectionUtils.isNotEmpty(req.getOuTypeCode())) {
+		// 如果传入了角色id就以传入的角色id为准
+		if (CollectionUtils.isEmpty(req.getIds()) && (CollectionUtils.isNotEmpty(req.getWorkspaceTypeCode()) || CollectionUtils.isNotEmpty(req.getOuTypeCode()))) {
 			roleGroup = saasRoleGroupDao.query(QuerySaasRoleGroupReq.builder()
 				.ids(req.getSassRoleGroupIds())
 				.workspaceTypeCode(req.getWorkspaceTypeCode())
@@ -189,8 +190,8 @@ public class RoleServiceImpl implements RoleService {
 			.in(CollectionUtils.isNotEmpty(req.getIds()), BaseEntity::getId, req.getIds())
 			.in(CollectionUtils.isNotEmpty(groupRelation), BaseEntity::getId, groupRelation.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toList()))
 			.in(CollectionUtils.isNotEmpty(req.getRoleType()), SaasRole::getRoleType, req.getRoleType())
-			.in(CollectionUtils.isNotEmpty(req.getWorkspaceId()),SaasRole::getWorkspaceId,req.getWorkspaceId())
-			.in(CollectionUtils.isNotEmpty(req.getOuId()),SaasRole::getOwnerOuId,req.getOuId())
+			.in(CollectionUtils.isEmpty(req.getIds()) && CollectionUtils.isNotEmpty(req.getWorkspaceId()),SaasRole::getWorkspaceId,req.getWorkspaceId())
+			.in(CollectionUtils.isEmpty(req.getIds()) && CollectionUtils.isNotEmpty(req.getOuId()),SaasRole::getOwnerOuId,req.getOuId())
 			.orderByDesc(BaseEntity::getId)
 			.list();
 		return getByIds(list.stream().map(BaseEntity::getId).collect(Collectors.toList()), req.getIsCommon(),req.getWorkspaceId(),req.getOuId(),req.getIncludePermissionGroup());
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
index cd9768fe..812afdf1 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@@ -1,5 +1,18 @@
 package cn.axzo.tyr.server.service.impl;
 
+import java.util.Collections;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import com.alibaba.nacos.common.utils.CollectionUtils;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+
+import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
 import cn.axzo.basics.common.exception.ServiceException;
 import cn.axzo.basics.common.util.AssertUtil;
 import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
@@ -10,24 +23,16 @@ import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAminRoleParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
 import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
 import cn.axzo.tyr.server.repository.entity.SaasRole;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
 import cn.hutool.core.collection.CollectionUtil;
-import com.alibaba.nacos.common.utils.CollectionUtils;
-import com.baomidou.mybatisplus.core.toolkit.Wrappers;
-import com.google.common.collect.Lists;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-
-import java.util.List;
-import java.util.Objects;
-import java.util.Set;
-import java.util.stream.Collectors;
 
 /**
  * 角色
@@ -123,6 +128,7 @@ public class RoleUserService implements SaasRoleUserService {
 	}
 
 	@Override
+	@Transactional(rollbackFor = Exception.class)
 	public boolean deleteUserRoles(DeleteUserRoleParam param) {
 		List<SaasRole> roleList = saasRoleDao.lambdaQuery()
 				.eq(Objects.nonNull(param.getOuId()), SaasRole::getOwnerOuId, param.getOuId())
@@ -185,4 +191,33 @@ public class RoleUserService implements SaasRoleUserService {
 				workspaceId, ouId);
 		AssertUtil.isEmpty(saasRoles, "已存在相同的角色名称，请更换角色名称");
 	}
+
+	@Override
+	public List<SuperAdminInfoDTO> superAdminList(SuperAdminParam param) {
+		if (param.getWorkspaceId() == null || CollectionUtil.isEmpty(param.getOuIds())) {
+			return Collections.emptyList();
+		}
+		List<SaasRoleUserRelation> relations = roleUserRelationDao.lambdaQuery()
+				.in(SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
+				.in(SaasRoleUserRelation::getOuId, param.getOuIds())
+				.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
+		if (CollectionUtils.isEmpty(relations)) {
+			return Collections.emptyList();
+		}
+		return relations.stream().map(r -> {
+			SuperAdminInfoDTO superAdminInfo = new SuperAdminInfoDTO();
+			superAdminInfo.setWorkspaceId(r.getWorkspaceId());
+			superAdminInfo.setOuId(r.getOuId());
+			superAdminInfo.setIdentityId(r.getIdentityId());
+			superAdminInfo.setIdentityType(r.getIdentityType());
+			return superAdminInfo;
+		}).collect(Collectors.toList());
+	}
+
+	@Override
+	@Transactional(rollbackFor = Exception.class)
+	public boolean deleteAdminRole(List<DeleteAdminRoleParam> params) {
+
+		return false;
+	}
 }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyDetailServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyDetailServiceImpl.java
index 96353fa1..d2140a7c 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyDetailServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyDetailServiceImpl.java
@@ -89,9 +89,9 @@ public class SaasFeatureApplyDetailServiceImpl implements SaasFeatureApplyDetail
     @Transactional(rollbackFor = Exception.class)
     public void updateApplyDetail(PermissionPointApplyDetailUpdateReq req) {
         SaasFeatureApplyDetail detail = BeanMapper.copyBean(req, SaasFeatureApplyDetail.class, (p, s) -> {
-            s.setFitOuTypeBit(p.getFitOuTypeList() == null ? "" : JSON.toJSONString(p.getFitOuTypeList()));
+            s.setFitOuTypeBit(p.getFitOuTypeList() == null ? "[65535]" : JSON.toJSONString(p.getFitOuTypeList()));
             s.setFitOuNodeTypeBit(
-                    p.getFitOuNodeTypeList() == null ? "" : JSON.toJSONString(p.getFitOuNodeTypeList()));
+                    p.getFitOuNodeTypeList() == null ? "[65535]" : JSON.toJSONString(p.getFitOuNodeTypeList()));
         });
         this.saveOrUpdate(Lists.newArrayList(detail));
     }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyServiceImpl.java
index 77121a73..52cf7340 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyServiceImpl.java
@@ -5,6 +5,7 @@ import java.util.function.Function;
 import java.util.stream.Collectors;
 
 import cn.axzo.tyr.client.model.enums.FeatureDataType;
+import com.google.common.collect.Lists;
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.collections4.MapUtils;
 import org.apache.commons.lang3.BooleanUtils;
@@ -423,9 +424,9 @@ public class SaasFeatureApplyServiceImpl implements SaasFeatureApplyService {
             detail.setSort(point.getSort());
             detail.setTerminal(point.getTerminal());
             detail.setFeatureType(point.getFeatureType());
-            detail.setFitOuTypeBit(point.getFitOuTypeList() == null ? "" : JSON.toJSONString(point.getFitOuTypeList()));
+            detail.setFitOuTypeBit(point.getFitOuTypeList() == null ? "[65535]" : JSON.toJSONString(point.getFitOuTypeList()));
             detail.setFitOuNodeTypeBit(
-                point.getFitOuNodeTypeList() == null ? "" : JSON.toJSONString(point.getFitOuNodeTypeList()));
+                point.getFitOuNodeTypeList() == null ? "[65535]" : JSON.toJSONString(point.getFitOuNodeTypeList()));
             detail.setDelegatedType(point.getDelegatedType());
             detail.setCreateBy(createBy);
             detail.setCreateAt(now);
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
index e22b0cca..307e7045 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
@@ -424,7 +424,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
                             //通过子级查询父级并打平树型结构
                             List<PermissionPointTreeNode> allPermissionPoint = permissionPointService.listTreeNodesFlatChild(PermissionPointTreeQueryReq.builder()
                                     .ids(buttonPermissionPointId)
-                                    .terminalList(StrUtil.isNotBlank(identityAuthReq.getTerminal()) ? Collections.singletonList(identityAuthReq.getTerminal()) : new ArrayList<>())
+                                    .terminalList(identityAuthReq.getTerminal())
                                     .build());
 
                             workspacePermission.getPermissionPoint().addAll(allPermissionPoint.stream()
@@ -461,7 +461,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
                         //通过子级查询父级并平铺菜单
                         List<PermissionPointTreeNode> allPermissionPoint = permissionPointService.listTreeNodesFlatChild(PermissionPointTreeQueryReq.builder()
                                 .ids(new HashSet<>(resultHashAuthPointId))
-                                .terminalList(StrUtil.isNotBlank(identityAuthReq.getTerminal()) ? Collections.singletonList(identityAuthReq.getTerminal()) : new ArrayList<>())
+                                .terminalList(identityAuthReq.getTerminal())
                                 .build());
 
                         workspacePermission.getPermissionPoint().addAll(allPermissionPoint.stream()