Merge remote-tracking branch 'origin/feature/REQ-2227' into feature/REQ-2227

tyr-api/src/main/java/cn/axzo/tyr/client/feign/FeatureResourceApi.java

@@ -36,7 +36,7 @@ public interface FeatureResourceApi {
     ApiResult<Void> syncFromBase(@RequestBody @Valid ResourceSyncReq req);
 
     @PostMapping("/api/featureResource/saveOrUpdate")
-    ApiResult<Void> saveMenu(@RequestBody FeatureResourceTreeSaveReq req);
+    ApiResult<Long> saveMenu(@RequestBody FeatureResourceTreeSaveReq req);
 
     /** 查询功能资源树 **/
     @PostMapping("/api/featureResource/getTree")

tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleApi.java

@@ -11,7 +11,6 @@ import cn.axzo.tyr.client.model.req.QueryRoleByNameReq;
 import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
 import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
 import cn.axzo.tyr.client.model.req.TreeRoleReq;
-import cn.axzo.tyr.client.model.req.UpdateRoleGroupOffsetReq;
 import cn.axzo.tyr.client.model.req.UpdateRoleOffsetReq;
 import cn.axzo.tyr.client.model.res.FeatureRoleRelationResp;
 import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
@@ -20,6 +19,7 @@ import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
 import cn.axzo.tyr.client.model.res.RoleTreeRes;
 import cn.axzo.tyr.client.model.res.RoleWithUserRes;
 import cn.axzo.tyr.client.model.res.SaasRoleRes;
+import cn.axzo.tyr.client.model.vo.DeleteRoleVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO;
@@ -57,7 +57,7 @@ public interface TyrSaasRoleApi {
 
     /** 角色和组件页面的关联关系 **/
     @PostMapping("/api/saasRoleGroup/relation/query")
-    ApiResult<List<FeatureRoleRelationResp>> queryFeatureRoleRelation(@RequestParam Long featureId);
+    ApiResult<FeatureRoleRelationResp> queryFeatureRoleRelation(@RequestParam Long featureId);
 
     /**
      * 根据id查询详情
@@ -77,8 +77,7 @@ public interface TyrSaasRoleApi {
      * 删除
      */
     @PostMapping("/api/saasRole/delete")
-    @Deprecated
+    ApiResult<Void> delete(@RequestBody DeleteRoleVO request);
-    ApiResult<Void> delete(@RequestBody List<Long> id);
 
 
     /**

tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SaasRoleUserDTO.java

@@ -84,4 +84,9 @@ public class SaasRoleUserDTO {
      * 资源Id
      */
     private Long resourceId;
+
+    /**
+     * 是否展示角色
+     */
+    private Boolean displayRole;
 }

tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/DeleteRoleVO.java

@@ -0,0 +1,36 @@
+package cn.axzo.tyr.client.model.vo;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotEmpty;
+import java.util.List;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class DeleteRoleVO {
+    /**
+     * 待删除角色集合
+     */
+    @NotEmpty(message = "roleIds不能为空")
+    private List<Long> roleIds;
+
+    /**
+     * 待删除角色所属workSpaceId 历史接口需要
+     */
+    private Long workSpaceId;
+
+    /**
+     * 待删除角色所属单位ID 历史接口需要
+     */
+    private Long outId;
+
+    /**
+     * 历史接口对已经有user绑定到role有进行check，不能删除
+     */
+    private boolean needUsedCheck;
+}

tyr-server/src/main/java/cn/axzo/tyr/server/controller/PrivateController.java

@@ -0,0 +1,151 @@
+package cn.axzo.tyr.server.controller;
+
+import cn.axzo.tyr.client.model.req.CommonDictQueryReq;
+import cn.axzo.tyr.client.model.req.QuerySaasRoleGroupReq;
+import cn.axzo.tyr.client.model.res.CommonDictResp;
+import cn.axzo.tyr.client.model.res.SaasRoleRes;
+import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
+import cn.axzo.tyr.server.repository.dao.SaasRoleGroupRelationDao;
+import cn.axzo.tyr.server.repository.entity.SaasRole;
+import cn.axzo.tyr.server.repository.entity.SaasRoleGroup;
+import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation;
+import cn.axzo.tyr.server.service.RoleService;
+import cn.axzo.tyr.server.service.SaasCommonDictService;
+import cn.axzo.tyr.server.service.SaasRoleGroupService;
+import com.google.common.collect.Lists;
+import lombok.RequiredArgsConstructor;
+import org.apache.commons.collections.CollectionUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Collection;
+import java.util.Comparator;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+import java.util.stream.IntStream;
+
+@RestController
+@RequiredArgsConstructor
+public class PrivateController {
+
+    @Autowired
+    private SaasCommonDictService saasCommonDictService;
+    @Autowired
+    private SaasRoleGroupService saasRoleGroupService;
+    @Autowired
+    private SaasRoleGroupRelationDao saasRoleGroupRelationDao;
+    @Autowired
+    private RoleService roleService;
+
+    /**
+     * 统一层级的roleGroup按照id升序，sort从1递增
+     * @return
+     * @throws Exception
+     */
+    @PostMapping("/private/role/group/sort/refresh")
+    public Object refreshRoleGroupSort() {
+        List<CommonDictResp> commonDicts = saasCommonDictService.query(CommonDictQueryReq.builder()
+                .scope("role")
+                .build());
+
+        if (CollectionUtils.isEmpty(commonDicts)) {
+            return "ok";
+        }
+
+        Map<String, List<SaasRoleGroupVO>> roleGroups = saasRoleGroupService.getList(QuerySaasRoleGroupReq.builder()
+                        .workspaceTypeCode(Lists.transform(commonDicts, CommonDictResp::getDictCode))
+                        .build())
+                .stream()
+                .collect(Collectors.groupingBy(SaasRoleGroupVO::getWorkspaceTypeCode));
+
+        roleGroups.entrySet()
+                .forEach(e -> {
+                    List<SaasRoleGroupVO> saasRoleGroups = e.getValue().stream()
+                            .sorted(Comparator.comparing(SaasRoleGroupVO::getId))
+                            .collect(Collectors.toList());
+
+                    List<SaasRoleGroup> update = IntStream.range(0, saasRoleGroups.size())
+                            .mapToObj(i -> {
+                                SaasRoleGroupVO saasRoleGroup = saasRoleGroups.get(i);
+                                SaasRoleGroup result = SaasRoleGroup.builder()
+                                        .sort(i + 1)
+                                        .build();
+                                result.setId(saasRoleGroup.getId());
+                                return result;
+                            })
+                            .collect(Collectors.toList());
+
+                    saasRoleGroupService.updateBatchById(update);
+                });
+
+        return "ok";
+    }
+
+    /**
+     * 刷新role的sort，
+     * @return
+     * @throws Exception
+     */
+    @PostMapping("/private/role/sort/refresh")
+    public Object refreshRoleSort() {
+        List<CommonDictResp> commonDicts = saasCommonDictService.query(CommonDictQueryReq.builder()
+                .scope("role")
+                .build());
+
+        if (CollectionUtils.isEmpty(commonDicts)) {
+            return "ok";
+        }
+
+        List<SaasRoleGroupVO> roleGroups = saasRoleGroupService.getList(QuerySaasRoleGroupReq.builder()
+                .workspaceTypeCode(Lists.transform(commonDicts, CommonDictResp::getDictCode))
+                .build());
+
+        List<Long> roleGroupIds = roleGroups.stream().map(SaasRoleGroupVO::getId).collect(Collectors.toList());
+        if (CollectionUtils.isEmpty(roleGroupIds)) {
+            return "ok";
+        }
+
+        List<SaasRoleGroupRelation> saasRoleGroupRelations = saasRoleGroupRelationDao.getByGroupIds(roleGroupIds);
+        if (CollectionUtils.isEmpty(saasRoleGroupRelations)) {
+            return "ok";
+        }
+
+        Map<Long, SaasRoleRes> saasRoles = roleService.list(RoleService.ListSaasRoleParam.builder()
+                        .roleIds(Lists.transform(saasRoleGroupRelations, SaasRoleGroupRelation::getRoleId))
+                        .build())
+                .stream()
+                .collect(Collectors.toMap(SaasRoleRes::getId, Function.identity()));
+
+        List<SaasRole> updateSaasRoles = saasRoleGroupRelations.stream()
+                .collect(Collectors.groupingBy(SaasRoleGroupRelation::getSaasRoleGroupId))
+                .values()
+                .stream()
+                .map(e -> {
+                    List<SaasRoleRes> sortedRoles = e.stream()
+                            .map(rr -> saasRoles.get(rr.getRoleId()))
+                            .filter(Objects::nonNull)
+                            .sorted(Comparator.comparing(SaasRoleRes::getId))
+                            .collect(Collectors.toList());
+
+                    List<SaasRole> update = IntStream.range(0, sortedRoles.size())
+                            .mapToObj(i -> {
+                                SaasRoleRes saasRole = sortedRoles.get(i);
+                                SaasRole result = new SaasRole();
+                                result.setSort(i + 1);
+                                result.setId(saasRole.getId());
+                                return result;
+                            })
+                            .collect(Collectors.toList());
+                    return update;
+                })
+                .flatMap(Collection::stream)
+                .collect(Collectors.toList());
+
+        roleService.updateBatchById(updateSaasRoles);
+        return "ok";
+    }
+}

tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/FeatureResourceController.java

@@ -49,10 +49,11 @@ public class FeatureResourceController implements FeatureResourceApi {
     }
 
     @Override
-    public ApiResult<Void> saveMenu(FeatureResourceTreeSaveReq req) {
+    public ApiResult<Long> saveMenu(FeatureResourceTreeSaveReq req) {
         log.info("save feature resource req : " + req.toString());
-        featureResourceService.saveOrUpdateMenu(req);
+        Long featureId = featureResourceService.saveOrUpdateMenu(req);
-        return ApiResult.ok();
+        log.info("save feature resource resp : " + featureId.toString());
+        return ApiResult.ok(featureId);
     }
 
     @Override

tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleController.java

@@ -25,6 +25,7 @@ import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
 import cn.axzo.tyr.client.model.res.RoleTreeRes;
 import cn.axzo.tyr.client.model.res.RoleWithUserRes;
 import cn.axzo.tyr.client.model.res.SaasRoleRes;
+import cn.axzo.tyr.client.model.vo.DeleteRoleVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO;
@@ -111,7 +112,7 @@ public class SaasRoleController implements TyrSaasRoleApi {
     }
 
     @Override
-    public ApiResult<List<FeatureRoleRelationResp>> queryFeatureRoleRelation(Long featureId) {
+    public ApiResult<FeatureRoleRelationResp> queryFeatureRoleRelation(Long featureId) {
         return ApiResult.ok(roleService.queryFeatureRoleRelation(featureId));
     }
 
@@ -135,13 +136,21 @@ public class SaasRoleController implements TyrSaasRoleApi {
 
     @Override
     public ApiResult<Void> deleteRole(List<Long> roleIds, Long workSpaceId, Long outId) {
-        roleService.deleteRole(roleIds, workSpaceId, outId);
+        DeleteRoleVO deleteRoleParam = DeleteRoleVO.builder()
+                .roleIds(roleIds)
+                .workSpaceId(workSpaceId)
+                .outId(outId)
+                .needUsedCheck(true)
+                .build();
+        roleService.deleteRole(deleteRoleParam);
         permissionCacheService.markTempDisable(PermissionCacheKey.builder().disableAll(true).build());
         return ApiResult.ok();
     }
 
     @Override
-    public ApiResult<Void> delete(List<Long> roleIds) {
+    public ApiResult<Void> delete(DeleteRoleVO reqeust) {
+        roleService.deleteRole(reqeust);
+        permissionCacheService.markTempDisable(PermissionCacheKey.builder().disableAll(true).build());
         return ApiResult.ok();
     }
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java

@@ -17,6 +17,7 @@ import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
 import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
 import cn.axzo.tyr.client.model.res.RoleWithUserRes;
 import cn.axzo.tyr.client.model.res.SaasRoleRes;
+import cn.axzo.tyr.client.model.vo.DeleteRoleVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO;
@@ -100,11 +101,9 @@ public interface RoleService extends IService<SaasRole> {
 
     /**
      * 删除角色列表
-     * @param roleIds 待删除角色集合
+     * @param deleteRoleParam
-     * @param workSpaceId 待删除角色所属workSpaceId
-     * @param outId 待删除角色所属单位ID
      */
-    void deleteRole(List<Long> roleIds,Long workSpaceId,Long outId);
+    void deleteRole(DeleteRoleVO deleteRoleParam);
 
     List<SaasRole> queryRoleByFeatures(Set<Long> matchedFeatureIds);
 
@@ -125,7 +124,7 @@ public interface RoleService extends IService<SaasRole> {
 
     void saveOrUpdateFeatureRoleRelation(List<FeatureRoleRelationReq> req, Long operatorId);
 
-    List<FeatureRoleRelationResp> queryFeatureRoleRelation(Long featureId);
+    FeatureRoleRelationResp queryFeatureRoleRelation(Long featureId);
 
     @SuperBuilder
     @Data
@@ -142,6 +141,9 @@ public interface RoleService extends IService<SaasRole> {
         @CriteriaField(field = "isDisplay", operator = Operator.EQ)
         private Boolean isDisplay;
 
+        @CriteriaField(field = "roleCode", operator = Operator.EQ)
+        private String roleCode;
+
         @CriteriaField(ignore = true)
         private Boolean needPermission;
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java

@@ -19,13 +19,15 @@ import java.util.List;
  */
 public interface SaasFeatureResourceService {
 
-    void saveOrUpdateMenu(FeatureResourceTreeSaveReq req);
+    Long saveOrUpdateMenu(FeatureResourceTreeSaveReq req);
 
     void updateFeatureAuthType(Long featureId, Integer authType);
 
     /**递归的**/
     List<SaasFeatureResource> listDescendant(Long featureId);
 
+    SaasFeatureResource featureResourceById(Long featureId);
+
     FeatureResourceTreeNode getTreeFeatureDescendant(Long featureId);
 
     /**删除指定菜单**/

tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasPgroupPermissionRelationService.java

@@ -6,4 +6,6 @@ import java.util.List;
 
 public interface SaasPgroupPermissionRelationService {
     void saveOrUpdate(List<Long> groupIds, List<SaasPgroupPermissionRelation> relations);
+
+    void deleteByFeatureIds(List<Long> featureIds);
 }

tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleGroupService.java

@@ -2,6 +2,8 @@ package cn.axzo.tyr.server.service;
 
 import cn.axzo.tyr.client.model.req.QuerySaasRoleGroupReq;
 import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
+import cn.axzo.tyr.server.repository.entity.SaasRoleGroup;
+import com.baomidou.mybatisplus.extension.service.IService;
 
 import java.util.List;
 /**
@@ -10,7 +12,7 @@ import java.util.List;
  * @description
  * @date 2023/12/1 16:37
  */
-public interface SaasRoleGroupService {
+public interface SaasRoleGroupService extends IService<SaasRoleGroup> {
 
     List<SaasRoleGroupVO> getList(QuerySaasRoleGroupReq req);
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java

@@ -27,6 +27,7 @@ import cn.axzo.tyr.client.model.res.RoleWithUserRes;
 import cn.axzo.tyr.client.model.res.SaasPermissionRes;
 import cn.axzo.tyr.client.model.res.SaasRoleGroupRes;
 import cn.axzo.tyr.client.model.res.SaasRoleRes;
+import cn.axzo.tyr.client.model.vo.DeleteRoleVO;
 import cn.axzo.tyr.client.model.vo.SaasPermissionGroupVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;
@@ -67,6 +68,7 @@ import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.collection.ListUtil;
+import cn.hutool.core.lang.Assert;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
@@ -91,6 +93,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Date;
@@ -459,12 +462,39 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
         return saasRoleDao.listRoleUserByPermissionGroup(permissionGroupIdList, workspaceIds);
     }
 
+    private void checkRoleCode(SaveOrUpdateRoleVO saveOrUpdateRole) {
+
+        if (StringUtils.isBlank(saveOrUpdateRole.getRoleCode())) {
+            return;
+        }
+        List<SaasRoleRes> oldSaasRoles = this.list(ListSaasRoleParam.builder()
+                .roleCode(saveOrUpdateRole.getRoleCode())
+                .build());
+        if (CollectionUtils.isNotEmpty(oldSaasRoles)) {
+            throw new ServiceException("角色编码已存在");
+        }
+    }
+
+    /**
+     * roleType = 自定义，common，workspaceType = saveOrUpdateRole.workspaceType
+     * 其他就从角色组取，没有就saveOrUpdateRole.workspaceType
+     * @param saveOrUpdateRole
+     * @return
+     */
+    private Integer resolveWorkspaceType(SaveOrUpdateRoleVO saveOrUpdateRole) {
+        if (COMMON_ROLE_TYPES.contains(saveOrUpdateRole.getRoleType()) || CollectionUtils.isEmpty(saveOrUpdateRole.getGroupTree())) {
+            return saveOrUpdateRole.getWorkspaceType();
+        }
+        return Integer.parseInt(saveOrUpdateRole.getGroupTree().get(0).getWorkspaceTypeCode());
+    }
+
     private SaasRole validAndBuildRole(SaveOrUpdateRoleVO saveOrUpdateRole, Date now) {
         SaasRole saasRole;
         if (Objects.isNull(saveOrUpdateRole.getId())) {
             saasRole = new SaasRole();
             saasRole.setCreateBy(saveOrUpdateRole.getOperatorId());
             saasRole.setCreateAt(now);
+            checkRoleCode(saveOrUpdateRole);
         } else {
             saasRole = saasRoleDao.getById(saveOrUpdateRole.getId());
             if (Objects.isNull(saasRole)) {
@@ -479,14 +509,9 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
         saasRole.setRoleType(saveOrUpdateRole.getRoleType());
         saasRole.setWorkspaceId(saveOrUpdateRole.getWorkspaceId());
         saasRole.setOwnerOuId(saveOrUpdateRole.getOwnerOuId());
-        // roleType = 自定义，common，workspaceType = saveOrUpdateRole.workspaceType
+        Integer workspaceType = resolveWorkspaceType(saveOrUpdateRole);
-        // 其他就从角色组取，没有就saveOrUpdateRole.workspaceType
+        saasRole.setWorkspaceType(workspaceType);
-        Integer workspaceType = null;
+
-        if (COMMON_ROLE_TYPES.contains(saveOrUpdateRole.getRoleType()) || CollectionUtils.isEmpty(saveOrUpdateRole.getGroupTree())) {
-            workspaceType = saveOrUpdateRole.getWorkspaceType();
-        } else {
-            workspaceType = Integer.parseInt(saveOrUpdateRole.getGroupTree().get(0).getWorkspaceTypeCode());
-        }
         if (CollectionUtils.isNotEmpty(saveOrUpdateRole.getGroupTree())) {
             saasRole.setProductUnitType(setProductUnitType(saveOrUpdateRole.getGroupTree().get(0)));
         } else {
@@ -509,6 +534,7 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
             systemAndCustomWorkspaceCodes.add(Long.valueOf(workspaceType));
             systemAndCustomWorkspaceCodes.add(-1L);
 
+
             List<Long> systemAndCustomOuIds = new ArrayList<>();
             systemAndCustomOuIds.add(saveOrUpdateRole.getOwnerOuId());
             systemAndCustomOuIds.add(-1L);
@@ -542,14 +568,19 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
                 }
             });
         }
-        saasRole.setSort(saveOrUpdateRole.getSort());
         assembleSort(saveOrUpdateRole, saasRole);
         return saasRole;
     }
 
 
     private void assembleSort(SaveOrUpdateRoleVO saveOrUpdateRole, SaasRole saasRole) {
-        if (saasRole.getSort() != null || saasRole.getId() != null || CollectionUtils.isEmpty(saveOrUpdateRole.getGroupTree())) {
+        if (saveOrUpdateRole.getSort() != null) {
+            saasRole.setSort(saveOrUpdateRole.getSort());
+            return;
+        }
+
+        // 新增时且没有传sort时，才自动维护一个最大的sort
+        if (saasRole.getId() != null || CollectionUtils.isEmpty(saveOrUpdateRole.getGroupTree())) {
             return;
         }
 
@@ -834,20 +865,26 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
 
     @Override
     @Transactional(rollbackFor = Exception.class)
-    public void deleteRole(List<Long> roleIds, Long workSpaceId, Long ouId) {
+    public void deleteRole(DeleteRoleVO deleteRoleParam) {
-        List<SaasRoleUserRelation> saasRoleUserRelations = roleUserRelationDao.lambdaQuery()
-                .in(CollectionUtil.isNotEmpty(roleIds), SaasRoleUserRelation::getRoleId, roleIds)
-                .eq(workSpaceId != null, SaasRoleUserRelation::getWorkspaceId, workSpaceId)
-                .eq(ouId != null, SaasRoleUserRelation::getOuId, ouId)
-                .eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
-                .list();
 
-        if (CollectionUtil.isNotEmpty(saasRoleUserRelations)) {
+        if (BooleanUtils.isTrue(deleteRoleParam.isNeedUsedCheck())) {
-            throw new cn.axzo.basics.common.exception.ServiceException("当前角色已被用户使用，无法删除！");
+            List<SaasRoleUserRelation> saasRoleUserRelations = roleUserRelationDao.lambdaQuery()
+                    .in(CollectionUtil.isNotEmpty(deleteRoleParam.getRoleIds()), SaasRoleUserRelation::getRoleId, deleteRoleParam.getRoleIds())
+                    .eq(deleteRoleParam.getWorkSpaceId() != null, SaasRoleUserRelation::getWorkspaceId, deleteRoleParam.getWorkSpaceId())
+                    .eq(deleteRoleParam.getOutId() != null, SaasRoleUserRelation::getOuId, deleteRoleParam.getOutId())
+                    .eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
+                    .list();
+
+            if (CollectionUtil.isNotEmpty(saasRoleUserRelations)) {
+                throw new cn.axzo.basics.common.exception.ServiceException("当前角色已被用户使用，无法删除！");
+            }
         }
-        saasRoleDao.delete(roleIds);
+
-        roleUserRelationDao.deleteByRoleId(roleIds);
+        saasRoleDao.delete(deleteRoleParam.getRoleIds());
-        roleGroupRelationDao.deleteGroupRelation(roleIds);
+        // 未根据id进行更新，会存在死锁的风险，但是角色的操作频率很低，可以先不考虑
+        roleUserRelationDao.deleteByRoleId(deleteRoleParam.getRoleIds());
+        roleGroupRelationDao.deleteGroupRelation(deleteRoleParam.getRoleIds());
+        saasPgroupRoleRelationDao.deleteByRoleId(deleteRoleParam.getRoleIds());
     }
 
     @Override
@@ -1162,14 +1199,7 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
                     return permissionIds.stream()
                             .map(permissionId -> {
                                 SaasPermissionRes saasPermissionRes = resourcePermissions.get(permissionId);
-                                if (saasPermissionRes == null) {
+                                return SaasPermissionWrapper.from(e, saasPermissionRes);
-                                    return null;
-                                }
-                                return SaasPermissionWrapper.builder()
-                                        .id(saasPermissionRes.getId())
-                                        .featureCode(saasPermissionRes.getFeatureCode())
-                                        .roleId(e.getRoleId())
-                                        .build();
                             })
                             .filter(Objects::nonNull)
                             .collect(Collectors.toList());
@@ -1196,6 +1226,18 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
         private String featureCode;
 
         private Long roleId;
+
+        public static SaasPermissionWrapper from(SaasPgroupRoleRelation saasPgroupRoleRelation,
+                                                 SaasPermissionRes saasPermissionRes) {
+            if (saasPermissionRes == null) {
+                return null;
+            }
+            return SaasPermissionWrapper.builder()
+                    .id(saasPermissionRes.getId())
+                    .featureCode(saasPermissionRes.getFeatureCode())
+                    .roleId(saasPgroupRoleRelation.getRoleId())
+                    .build();
+        }
     }
 
     private Map<Long, List<SaasRoleGroupRes>> listRoleGroups(PageSaasRoleParam param,
@@ -1220,18 +1262,24 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
                 .collect(Collectors.toMap(SaasRoleGroup::getId, Function.identity()));
 
         return roleGroupRelations.stream()
+                .filter(e -> saasRoleGroups.get(e.getSaasRoleGroupId()) != null)
                 .collect(Collectors.groupingBy(SaasRoleGroupRelation::getRoleId,
                         Collectors.mapping(e -> {
                             SaasRoleGroup saasRoleGroup = saasRoleGroups.get(e.getSaasRoleGroupId());
-                            if (saasRoleGroup == null) {
+                            return toRoleGroupRes(saasRoleGroup);
-                                return null;
-                            }
-                            SaasRoleGroupRes saasRoleGroupRes = SaasRoleGroupRes.builder().build();
-                            BeanUtils.copyProperties(saasRoleGroup, saasRoleGroupRes);
-                            return saasRoleGroupRes;
                         }, Collectors.toList())));
     }
 
+    private SaasRoleGroupRes toRoleGroupRes(SaasRoleGroup saasRoleGroup) {
+        if (saasRoleGroup == null) {
+            return null;
+        }
+        SaasRoleGroupRes saasRoleGroupRes = SaasRoleGroupRes.builder().build();
+        BeanUtils.copyProperties(saasRoleGroup, saasRoleGroupRes);
+        return saasRoleGroupRes;
+    }
+
+    @Override
     @Transactional(rollbackFor = Exception.class)
     public void saveOrUpdateFeatureRoleRelation(List<FeatureRoleRelationReq> req, Long operatorId) {
         for (FeatureRoleRelationReq item : req) {
@@ -1269,30 +1317,22 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
     }
 
     @Override
-    public  List<FeatureRoleRelationResp> queryFeatureRoleRelation(Long featureId) {
+    public  FeatureRoleRelationResp queryFeatureRoleRelation(Long featureId) {
-        List<SaasFeatureResource> list = saasFeatureResourceService.listDescendant(featureId);
+        SaasFeatureResource featureResource = saasFeatureResourceService.featureResourceById(featureId);
-        List<Long> featureIds = list.stream().map(SaasFeatureResource::getId).collect(Collectors.toList());
+        Assert.notNull(featureResource, "菜单不存在");
-
+        FeatureRoleRelationResp resp = new FeatureRoleRelationResp();
-        List<SaasPgroupPermissionRelation> pgroupPermissionRelations = saasPgroupPermissionRelationDao.queryByFeatureIds(featureIds);
+        resp.setFeatureId(featureId);
-        Map<Long, List<SaasPgroupPermissionRelation>> permissionMap = pgroupPermissionRelations.stream().collect(Collectors.groupingBy(SaasPgroupPermissionRelation::getFeatureId));
+        resp.setAuthType(featureResource.getAuthType());
-        List<Long> groupIds = pgroupPermissionRelations.stream().map(SaasPgroupPermissionRelation::getGroupId).collect(Collectors.toList());
+        List<SaasPgroupPermissionRelation> pgroupPermissionRelations = saasPgroupPermissionRelationDao.queryByFeatureIds(Collections.singletonList(featureId));
-        List<SaasPgroupRoleRelation> relations = saasPgroupRoleRelationDao.listByGroupIds(groupIds);
+        if (CollectionUtil.isNotEmpty(pgroupPermissionRelations)) {
-
+            List<Long> groupIds = pgroupPermissionRelations.stream().map(SaasPgroupPermissionRelation::getGroupId).collect(Collectors.toList());
-        List<FeatureRoleRelationResp> resps = new ArrayList<>();
+            List<SaasPgroupRoleRelation> relations = saasPgroupRoleRelationDao.listByGroupIds(groupIds);
-        list.forEach(item -> {
+            if (CollectionUtil.isNotEmpty(relations)) {
-            FeatureRoleRelationResp resp = new FeatureRoleRelationResp();
+                List<Long> roleIds = relations.stream().map(SaasPgroupRoleRelation::getRoleId).collect(Collectors.toList());
-            resp.setFeatureId(item.getId());
-            resp.setAuthType(item.getAuthType());
-            List<SaasPgroupPermissionRelation> groups = permissionMap.get(item.getId());
-            if (CollectionUtil.isNotEmpty(groups)) {
-                List<Long> itemGroupIds = groups.stream().map(SaasPgroupPermissionRelation::getGroupId).collect(Collectors.toList());
-                List<SaasPgroupRoleRelation> itemRoles = relations.stream().filter(role -> itemGroupIds.contains(role.getGroupId())).collect(Collectors.toList());
-                List<Long> roleIds = itemRoles.stream().map(SaasPgroupRoleRelation::getRoleId).collect(Collectors.toList());
                 resp.setRoleIds(roleIds);
             }
-            resps.add(resp);
+        }
-        });
+        return resp;
-        return resps;
     }
 
     private void validPermission(Set<Long> permissionIds) {

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java

@@ -26,6 +26,7 @@ import cn.axzo.tyr.server.repository.entity.SaasFeatureResource;
 import cn.axzo.tyr.server.service.RoleService;
 import cn.axzo.tyr.server.service.SaasCommonDictService;
 import cn.axzo.tyr.server.service.SaasFeatureResourceService;
+import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationService;
 import cn.azxo.framework.common.utils.StringUtils;
 import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.lang.Assert;
@@ -72,7 +73,7 @@ public class SaasFeatureResourceServiceImpl implements SaasFeatureResourceServic
     private final SaasFeatureResourceCacheService saasFeatureResourceCacheService;
     private final SaasCommonDictService saasCommonDictService;
 
-    private final PermissionGroupImpl roleService;
+    private final SaasPgroupPermissionRelationService pgroupPermissionRelationService;
 
     @Override
     public List<SaasFeatureResource> listNavByIds(List<Long> featureIds) {
@@ -192,7 +193,7 @@ public class SaasFeatureResourceServiceImpl implements SaasFeatureResourceServic
     @Override
     @Transactional(rollbackFor = Exception.class)
     @CacheEvict(value = SaasFeatureResourceCacheService.CACHE_FEATURE_RESOURCE_TREE,allEntries = true)
-    public void saveOrUpdateMenu(FeatureResourceTreeSaveReq req) {
+    public Long saveOrUpdateMenu(FeatureResourceTreeSaveReq req) {
         SaasFeatureResource baseResource = BeanMapper.copyBean(req, SaasFeatureResource.class);
         baseResource.setUpdateBy(req.getOperatorId());
         // 新增时候
@@ -223,6 +224,7 @@ public class SaasFeatureResourceServiceImpl implements SaasFeatureResourceServic
         } else {
             deleteComponentRecursionById(baseResource.getId(), null, req.getOperatorId());
         }
+        return baseResource.getId();
     }
 
     @Override
@@ -306,6 +308,17 @@ public class SaasFeatureResourceServiceImpl implements SaasFeatureResourceServic
                 .list();
     }
 
+    @Override
+    public SaasFeatureResource featureResourceById(Long featureId) {
+        if (featureId == null) {
+            return null;
+        }
+        return featureResourceDao.lambdaQuery()
+                .eq(BaseEntity::getIsDelete,0)
+                .eq(SaasFeatureResource::getId, featureId)
+                .one();
+    }
+
     @Override
     @Transactional(rollbackFor = Exception.class)
     @CacheEvict(value = SaasFeatureResourceCacheService.CACHE_FEATURE_RESOURCE_TREE,allEntries = true)
@@ -318,7 +331,7 @@ public class SaasFeatureResourceServiceImpl implements SaasFeatureResourceServic
                 .apply("FIND_IN_SET('" + featureId + "', path)")
                 .list();
         List<Long> featureIds = featureDescendant.stream().map(SaasFeatureResource::getId).collect(Collectors.toList());
-
+        pgroupPermissionRelationService.deleteByFeatureIds(featureIds);
         // 删除自己及自己的子集
         featureResourceDao.lambdaUpdate()
                 .eq(BaseEntity::getIsDelete,0)

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasPgroupPermissionRelationServiceImpl.java

@@ -4,6 +4,7 @@ import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
 import cn.axzo.tyr.server.repository.dao.SaasPgroupPermissionRelationDao;
 import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
 import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationService;
+import cn.hutool.core.collection.CollectionUtil;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections.CollectionUtils;
@@ -46,4 +47,14 @@ public class SaasPgroupPermissionRelationServiceImpl implements SaasPgroupPermis
 			saasPgroupPermissionRelationDao.removeByIds(deleteList.stream().map(SaasPgroupPermissionRelation::getId).sorted().collect(Collectors.toList()));
 		}
 	}
+
+	@Override
+	@Transactional(rollbackFor = Exception.class)
+	public void deleteByFeatureIds(List<Long> featureIds) {
+		if (CollectionUtil.isEmpty(featureIds)) {
+			return;
+		}
+		saasPgroupPermissionRelationDao.removeByPermissionPointIds(featureIds);
+
+	}
 }

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java

@@ -8,8 +8,10 @@ import cn.axzo.tyr.server.repository.dao.SaasRoleGroupDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleGroupRelationDao;
 import cn.axzo.tyr.server.repository.entity.SaasRoleGroup;
 import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation;
+import cn.axzo.tyr.server.repository.mapper.SaasRoleGroupMapper;
 import cn.axzo.tyr.server.service.SaasRoleGroupService;
 import cn.hutool.core.bean.BeanUtil;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections.CollectionUtils;
@@ -28,7 +30,8 @@ import java.util.stream.Collectors;
 @Slf4j
 @RequiredArgsConstructor
 @Service
-public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
+public class SaasRoleGroupServiceImpl extends ServiceImpl<SaasRoleGroupMapper, SaasRoleGroup>
+        implements SaasRoleGroupService {
     private final SaasRoleGroupDao saasRoleGroupDao;
     private final SaasRoleGroupRelationDao saasRoleGroupRelationDao;
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java

@@ -61,6 +61,7 @@ public class SaasRoleUserRelationServiceImpl implements SaasRoleUserRelationServ
                     userRole.setRoleName(role.getName());
                     userRole.setDescription(role.getDescription());
                     userRole.setRoleType(RoleTypeEnum.getRoleType(role.getRoleType()));
+                    userRole.setDisplayRole(role.getIsDisplay());
                     return userRole;
                 }).collect(Collectors.toList());
     }