实现逻辑:

查询角色通用接口添加查询逻辑是否包含分包负责人等特殊角色

tyr-api/src/main/java/cn/axzo/tyr/client/model/req/QuerySaasRoleReq.java

@@ -62,6 +62,12 @@ public class QuerySaasRoleReq {
 	 */
 	private Boolean includePermissionGroup;
 
+	/**
+	 * 是否包含分包负责人等特殊角色
+	 * @return
+	 */
+	private Boolean includeSpecialRole;
+
 	public QuerySaasRoleReq buildDefault() {
 		if (this.workspaceId == null) {
 			this.workspaceId = new ArrayList<>();

tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java

@@ -28,7 +28,7 @@ public interface RoleService {
 
     List<SaasRoleVO> queryByIdentityIdType(Long identityId, Integer identityType,Long workspaceId,Long ouId, Boolean includePermissionGroup);
 
-    List<SaasRoleVO> getByIds(List<Long> roleIds, Integer isCommon, List<Long> workspaceId, List<Long> ouId, Boolean includePermissionGroup);
+    List<SaasRoleVO> getByIds(List<Long> roleIds, Integer isCommon, List<Long> workspaceId, List<Long> ouId, Boolean includePermissionGroup,Boolean includeSpecialRole);
 
     List<SaasRoleVO> query(QuerySaasRoleReq req);
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java

@@ -71,9 +71,10 @@ public class RoleServiceImpl implements RoleService {
 	SaasPgroupPermissionRelationService saasPgroupPermissionRelationService;
 	@Autowired
 	SaasRoleGroupService saasRoleGroupService;
-
 	@Autowired
 	SaasRoleUserRelationDao saasRoleUserRelationDao;
+	@Autowired
+	RoleUserService roleUserService;
 
 	@Override
 	public List<SaasRoleVO> queryByIdentityIdType(Long identityId, Integer identityType, Long workspaceId, Long ouId, Boolean includePermissionGroup) {
@@ -82,7 +83,7 @@ public class RoleServiceImpl implements RoleService {
 		if (CollectionUtils.isEmpty(roleIds)) {
 			return new ArrayList<>();
 		}
-		return getByIds(roleIds, null, null,null, includePermissionGroup);
+		return getByIds(roleIds, null, null,null, includePermissionGroup,null);
 	}
 
 	/**
@@ -91,15 +92,23 @@ public class RoleServiceImpl implements RoleService {
 	 * @return
 	 */
 	@Override
-	public List<SaasRoleVO> getByIds(List<Long> roleIds, Integer isCommon, List<Long> workspaceId, List<Long> ouId, Boolean includePermissionGroup) {
-		if (includePermissionGroup == null) {
-			includePermissionGroup = false;
-		}
+	public List<SaasRoleVO> getByIds(List<Long> roleIds, Integer isCommon, List<Long> workspaceId, List<Long> ouId, Boolean includePermissionGroup, Boolean includeSpecialRole) {
 		if (CollectionUtils.isEmpty(roleIds)) {
 			return new ArrayList<>();
 		}
+		if (includePermissionGroup == null) {
+			includePermissionGroup = false;
+		}
+		if (includeSpecialRole == null) {
+			includeSpecialRole = true;
+		}
+		if (!includeSpecialRole) {
+			List<Long> specialRole = roleUserService.getSpecialRole();
+			roleIds = roleIds.stream().filter(e -> !specialRole.contains(e)).collect(Collectors.toList());
+		}
 		// 查询角色信息
 		List<SaasRole> roles = saasRoleDao.lambdaQuery().in(BaseEntity::getId, roleIds).list();
+
 		// 查询权限集
 		Map<Long, List<SaasPgroupRoleRelation>> pgrouRelationMap = null;
 		Map<Long, List<SaasPermissionGroupVO>> pGroupMap = null;
@@ -189,7 +198,7 @@ public class RoleServiceImpl implements RoleService {
 				.in(CollectionUtils.isEmpty(req.getIds()) && CollectionUtils.isNotEmpty(req.getOuId()),SaasRole::getOwnerOuId,req.getOuId())
 				.orderByDesc(BaseEntity::getId)
 				.list();
-		return getByIds(list.stream().map(BaseEntity::getId).collect(Collectors.toList()), req.getIsCommon(),req.getWorkspaceId(),req.getOuId(),req.getIncludePermissionGroup());
+		return getByIds(list.stream().map(BaseEntity::getId).collect(Collectors.toList()), req.getIsCommon(),req.getWorkspaceId(),req.getOuId(),req.getIncludePermissionGroup(),req.getIncludeSpecialRole());
 	}
 
 	@Override

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java

@@ -48,7 +48,19 @@ public class RoleUserService implements SaasRoleUserService {
 
 	// 单位类型默认角色关系,后面可以座位管理员的逻辑进行迭代
 	@Value("${#{${participateUnitDefaultRoleIdList:{}}}:}")
-	private Map<Integer,Long> participateUnitDefaultRoleIdList;
+	public Map<Integer,Long> participateUnitDefaultRoleId;
+
+	/**
+	 * 获取分包负责人等特殊角色
+	 * @return
+	 */
+	public List<Long> getSpecialRole() {
+		if (participateUnitDefaultRoleId != null && participateUnitDefaultRoleId.size() > 0) {
+			return participateUnitDefaultRoleId.values().stream().collect(Collectors.toList());
+		}else{
+			return new ArrayList<>();
+		}
+	}
 
 
 	@Override
@@ -75,8 +87,8 @@ public class RoleUserService implements SaasRoleUserService {
 			// 排除管理员角色(普通角色) 这里用过滤的方式，是为了防止脏数据产生(saas_role_user_relation表有用户数据但是角色表已经被删除)
 			notAdminRole = existsRoleUser.stream().mapToLong(SaasRoleUserRelation::getRoleId).boxed().filter(roleId -> !adminRole.contains(roleId)).collect(Collectors.toList());
 			// 排除分包负责人等角色
-			if (CollectionUtils.isNotEmpty(notAdminRole) && participateUnitDefaultRoleIdList != null && participateUnitDefaultRoleIdList.size() > 0) {
-				notAdminRole = notAdminRole.stream().filter(e-> !participateUnitDefaultRoleIdList.values().contains(e)).collect(Collectors.toList());
+			if (CollectionUtils.isNotEmpty(notAdminRole) && participateUnitDefaultRoleId != null && participateUnitDefaultRoleId.size() > 0) {
+				notAdminRole = notAdminRole.stream().filter(e-> !participateUnitDefaultRoleId.values().contains(e)).collect(Collectors.toList());
 			}
 		}
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java

@@ -590,7 +590,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
         //查询角色及权限
         watch.start("roleService.getByIds");
         List<SaasRoleVO> rolePermissions = roleService.getByIds(roleIds,
-                null, Lists.newArrayList(workspaceId), Lists.newArrayList(ouId), true);
+                null, Lists.newArrayList(workspaceId), Lists.newArrayList(ouId), true,null);
         watch.stop();
         //计算角色实际的权限 - 匹配请求的权限  --> 实际拥有权限的角色
         watch.start("filterMatchFeature");