用户角色接口调整

tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java

@@ -24,18 +24,18 @@ public interface TyrSaasRoleUserApi {
     @PostMapping("/api/saas-role-user/save-or-update")
     ApiResult<Void> saveOrUpdate(@RequestBody  @Valid  RoleUserReq req);
 
-    /**
-     * 用户角色列表 限制1000条
-     */
-    @PostMapping("/api/saas-role-user/list")
-    ApiResult<List<SaasRoleUserDTO>> roleUserList(@RequestBody @Valid RoleUserParam param);
-
     /**
      * 创建超管
      */
     @PostMapping("/api/saas-role-user/create-super-admin-role")
     ApiResult<Void> createSuperAdminRole(@RequestBody @Valid @NotEmpty CreateSuperAdminRoleParam param);
 
+    /**
+     * 用户角色列表 限制1000条
+     */
+    @PostMapping("/api/saas-role-user/list")
+    ApiResult<List<SaasRoleUserDTO>> roleUserList(@RequestBody @Valid RoleUserParam param);
+
     /**
      * 批量查询超管, 只能批量获取单个工作台台下的超管，业务系统需要根据返回的identityId和identityType查询identityProfile查询用户明细信息
      */

tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAdminRoleParam.java

@@ -35,6 +35,7 @@ public class CreateSuperAdminRoleParam {
 	@NotNull(message = "workspaceType不能为空")
 	private Integer workspaceType;
 
+	@NotNull(message = "自然人id不能为空")
 	private Long naturalPersonId;
 
 }

tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/RoleUserReq.java

@@ -34,14 +34,18 @@ public class RoleUserReq {
     @NotNull
     private Long ouId;
 
-
-    private Long personId;
     /**
      * 身份id
      */
     @NotNull
     private Long identityId;
 
+    /**
+     * 自然人id
+     */
+    @NotNull
+    private Long personId;
+
     /**
      * 身份类型
      */
@@ -51,7 +55,6 @@ public class RoleUserReq {
     /**
      * 完整的update，所有RoleId都被更新
      */
-    @NotEmpty
     private Set<Long> updateRoleIds;
 
 }

tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java

@@ -31,7 +31,6 @@ public class RoleUserController implements TyrSaasRoleUserApi {
     public ApiResult<Void> saveOrUpdate(@Valid RoleUserReq req) {
         saasRoleUserService.saveOrUpdate(req);
         return ApiResult.ok();
-
     }
 
     @Override

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java

@@ -56,35 +56,41 @@ public class RoleUserService implements SaasRoleUserService {
 	@Transactional(rollbackFor = Exception.class)
 	public void saveOrUpdate(RoleUserReq req) {
 
-		if (CollectionUtil.isEmpty(req.getUpdateRoleIds())) {
-			throw new ServiceException("当前不支持空角色");
-		}
-
-		List<SaasRole> roles = saasRoleDao.listByIds(req.getUpdateRoleIds());
-		if (roles.stream().anyMatch(e -> RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole())) {
-			throw new ServiceException("暂不支持更换管理员角色");
+		Set<Long> updateRoleIds = req.getUpdateRoleIds();
+		// 角色校验(不能将角色修改为管理员角色)
+		if(CollectionUtils.isNotEmpty(updateRoleIds)){
+			List<SaasRole> roles = saasRoleDao.listByIds(updateRoleIds);
+			if (roles.stream().anyMatch(e -> RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole())) {
+				throw new ServiceException("暂不支持更换管理员角色");
+			}
 		}
 
+		// 查询用户所有角色
 		List<SaasRoleUserRelation> existsRoleUser = roleUserRelationDao.query(req.getIdentityId(), req.getIdentityType().getCode(), req.getWorkspaceId(), req.getOuId());
+		// 当前用户非超管的角色
+		List<Long> notAdminRole = Collections.emptyList();
 		if (CollectionUtils.isNotEmpty(existsRoleUser)) {
 			List<SaasRole> existsRole = saasRoleDao.listByIds(existsRoleUser.stream().mapToLong(SaasRoleUserRelation::getRoleId).boxed().collect(Collectors.toList()));
-			List<SaasRole> notAdminRole = existsRole.stream().filter(e -> !RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole()).collect(Collectors.toList());
-			// 删除现有非管理员的角色
-			roleUserRelationDao.deleteByUser(BaseWorkspaceModel.builder()
-					.workspaceId(req.getWorkspaceId())
-					.ouId(req.getOuId())
-					.identityId(req.getIdentityId())
-					.identityType(req.getIdentityType())
-					.build()
-				, notAdminRole
-					.stream()
-					.mapToLong(BaseEntity::getId)
-					.boxed()
-					.collect(Collectors.toList()));
+			// 管理员角色
+			List<Long> adminRole = existsRole.stream().filter(e -> RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole()).mapToLong(SaasRole::getId).boxed().collect(Collectors.toList());
+			// 排除管理员角色(普通角色) 这里用过滤的方式，是为了防止脏数据产生(saas_role_user_relation表有用户数据但是角色表已经被删除)
+			notAdminRole = existsRoleUser.stream().mapToLong(SaasRoleUserRelation::getRoleId).boxed().filter(roleId -> !adminRole.contains(roleId)).collect(Collectors.toList());
+		}
+		BaseWorkspaceModel workspaceModel = BaseWorkspaceModel.builder()
+				.workspaceId(req.getWorkspaceId()).ouId(req.getOuId())
+				.identityId(req.getIdentityId()).identityType(req.getIdentityType())
+				.build();
 
+		// 删除现有非管理员的角色
+		if (CollectionUtils.isNotEmpty(existsRoleUser)) {
+			roleUserRelationDao.deleteByUser(workspaceModel, notAdminRole);
+		}
+		// 清空所有角色
+		if (CollectionUtil.isEmpty(updateRoleIds)) {
+			return;
 		}
 
-		roleUserRelationDao.saveBatch(req.getUpdateRoleIds().stream().map(e -> {
+		roleUserRelationDao.saveBatch(updateRoleIds.stream().map(e -> {
 			SaasRoleUserRelation saasRoleUserRelation = new SaasRoleUserRelation();
 			saasRoleUserRelation.setIdentityId(req.getIdentityId());
 			saasRoleUserRelation.setIdentityType(req.getIdentityType().getCode());

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java

@@ -38,6 +38,7 @@ public class SaasRoleUserRelationServiceImpl implements SaasRoleUserRelationServ
 
     @Override
     public List<SaasRoleUserDTO> list(RoleUserParam param) {
+        // TODO jhy 角色查询 需要验证标准角色和自定义角色的查询逻辑
         List<SaasRoleUserRelation> saasRoleUserRelations = saasRoleUserRelationDao.lambdaQuery()
                 .eq(Objects.nonNull(param.getIdentityId()), SaasRoleUserRelation::getIdentityId, param.getIdentityId())
                 .eq(Objects.nonNull(param.getIdentityType()), SaasRoleUserRelation::getIdentityType, param.getIdentityType())