diff --git a/pom.xml b/pom.xml
index 39612245..3e03bd2f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -15,8 +15,8 @@
tyr
- tyr-server
tyr-api
+ tyr-server
diff --git a/tyr-api/pom.xml b/tyr-api/pom.xml
index fef4a3b2..ed393a16 100644
--- a/tyr-api/pom.xml
+++ b/tyr-api/pom.xml
@@ -32,6 +32,10 @@
dao-support-lib
2.0.0-SNAPSHOT
+
+ cn.axzo.basics
+ basics-profiles-common
+
cn.axzo.maokai
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/common/SaasRoleFits.java b/tyr-api/src/main/java/cn/axzo/tyr/client/common/SaasRoleFits.java
new file mode 100644
index 00000000..4057081a
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/common/SaasRoleFits.java
@@ -0,0 +1,184 @@
+package cn.axzo.tyr.client.common;
+
+import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
+import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
+import org.springframework.util.CollectionUtils;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+public class SaasRoleFits {
+ private static Map ouTypeMap = new HashMap<>();
+ private static Map ouTypeValueToBitMap = new HashMap<>();
+ static {
+ ouTypeMap.put(1L, OrganizationalUnitTypeEnum.PRIMARY_CONTRACTING_UNIT); //总包
+ ouTypeMap.put(2L, OrganizationalUnitTypeEnum.CONSTRUCTION_UNIT); //建设单位
+ ouTypeMap.put(4L, OrganizationalUnitTypeEnum.SUPERVISION_UNIT); //监理单位
+ ouTypeMap.put(8L, OrganizationalUnitTypeEnum.LABOR_SUBCONTRACTING); //劳务分包
+ ouTypeMap.put(16L, OrganizationalUnitTypeEnum.PROFESSIONAL_SUBCONTRACTING); //专业分包
+ ouTypeMap.put(32L, OrganizationalUnitTypeEnum.PROJECT_OUT_TEAM); //平台班组
+ ouTypeMap.put(64L, OrganizationalUnitTypeEnum.AXZ_PLATFORM); //平台班组
+
+ for(Entry e : ouTypeMap.entrySet())
+ ouTypeValueToBitMap.put(e.getValue().getValue(), e.getKey());
+ }
+
+ static Map ouNodeTypeMap = new HashMap<>();
+ private static Map ouNodeTypeValueToBitMap = new HashMap<>();
+ static {
+ ouNodeTypeMap.put(1L, OrganizationalNodeTypeEnum.DEPARTMENT); // 部门
+ ouNodeTypeMap.put(2L, OrganizationalNodeTypeEnum.TEAM); //班组
+ ouNodeTypeMap.put(3L, OrganizationalNodeTypeEnum.GROUP); // 小组
+ ouNodeTypeMap.put(4L, OrganizationalNodeTypeEnum.PROJECT_TEAM); // 项目内班组
+ ouNodeTypeMap.put(5L, OrganizationalNodeTypeEnum.PROJECT_GROUP); // 项目内小组
+
+ for(Entry e : ouNodeTypeMap.entrySet())
+ ouNodeTypeValueToBitMap.put(e.getValue().getValue(), e.getKey());
+ }
+
+ public static List splitToFitOuTypeEnums(Long fitOuType) {
+ if (isZero(fitOuType)) {
+ return new ArrayList<>(ouTypeMap.values());
+ }
+ List list = toListByCheckBit(fitOuType, ouTypeMap);
+ return list;
+ }
+
+ public static List splitToFitOuTypeValues(Long fitOuType) {
+ if (isZero(fitOuType)) {
+ return ouTypeMap.values().stream().map(OrganizationalUnitTypeEnum::getValue)
+ .collect(Collectors.toList());
+ }
+ List list = toListByCheckBit(fitOuType, ouTypeMap);
+ return list.stream().map(OrganizationalUnitTypeEnum::getValue).collect(Collectors.toList());
+ }
+
+ public static List splitToFitOuNodeTypeValues(Long fitOuNodeType) {
+ if (isZero(fitOuNodeType)) {
+ return ouNodeTypeMap.values().stream().map(OrganizationalNodeTypeEnum::getValue)
+ .collect(Collectors.toList());
+ }
+ List list = toListByCheckBit(fitOuNodeType, ouNodeTypeMap);
+ return list.stream().map(OrganizationalNodeTypeEnum::getValue).collect(Collectors.toList());
+ }
+
+ public static List splitToFitOuNodeTypeEnums(Long fitOuNodeType) {
+ if (isZero(fitOuNodeType)) {
+ return new ArrayList<>(ouNodeTypeMap.values());
+ }
+ List list = toListByCheckBit(fitOuNodeType, ouNodeTypeMap);
+ return list;
+ }
+
+ public static Long concatFitOuTypeByList(List fitOuTypeList) {
+ if (CollectionUtils.isEmpty(fitOuTypeList)) {
+ return Long.valueOf(OrganizationalUnitTypeEnum.ALL_TYPE.getBitValue());
+ }
+ Set set = new HashSet<>(fitOuTypeList);
+ Long result = 0L;
+ for (OrganizationalUnitTypeEnum type : set) {
+ result += ouTypeValueToBitMap.get(type.getValue());
+ }
+ return result;
+ }
+
+ public static Long concatFitOuNodeTypeByList(List fitOuNodeTypeList) {
+ if (CollectionUtils.isEmpty(fitOuNodeTypeList)) {
+ return Long.valueOf(OrganizationalNodeTypeEnum.ALL_TYPE.getBitValue());
+ }
+ Set set = new HashSet<>(fitOuNodeTypeList);
+ Long result = 0L;
+ for (OrganizationalNodeTypeEnum type : set) {
+ result += ouNodeTypeValueToBitMap.get(type.getValue());
+ }
+ return result;
+ }
+
+ public static Long concatFitOuTypeByValues(List fitOuTypeList) {
+ if (CollectionUtils.isEmpty(fitOuTypeList)) {
+ return Long.valueOf(OrganizationalUnitTypeEnum.ALL_TYPE.getBitValue());
+ }
+ Set set = new HashSet<>(fitOuTypeList);
+ Long result = 0L;
+ for(Integer type : set) {
+ result |= ouTypeValueToBitMap.get(type);
+ }
+ return result;
+ }
+
+ public static Long concatFitOuNodeTypeByValues(List fitOuNodeTypeList) {
+ if (CollectionUtils.isEmpty(fitOuNodeTypeList)) {
+ return Long.valueOf(OrganizationalNodeTypeEnum.ALL_TYPE.getBitValue());
+ }
+ Set set = new HashSet<>(fitOuNodeTypeList);
+ Long result = 0L;
+ for (Integer type : set) {
+ result |= ouNodeTypeValueToBitMap.get(type);
+ }
+ return result;
+ }
+
+ public static boolean isFitOuType(Long fitOuTypeBit, Integer ouType) {
+ if (fitOuTypeBit == null || fitOuTypeBit == 0 || fitOuTypeBit == 65535L) {
+ return true;
+ }
+ Long bit = ouTypeValueToBitMap.get(ouType);
+ long result = bit & fitOuTypeBit;
+ return result > 0;
+ }
+
+ public static boolean isFitOuNodeType(Long fitOuNodeTypeBit, Integer ouNodeType) {
+ if (fitOuNodeTypeBit == null || fitOuNodeTypeBit == 0 || fitOuNodeTypeBit == 65535L) {
+ return true;
+ }
+ Long bit = ouNodeTypeValueToBitMap.get(ouNodeType);
+ long result = bit & fitOuNodeTypeBit;
+ return result > 0;
+ }
+
+ ///以下是工具函数
+
+ private static boolean isZero(Long l) {
+ if (l == null) {
+ return true;
+ }
+ if (l == 0L) {
+ return true;
+ }
+ if (l == 65535L) {
+ return true;
+ }
+ return false;
+ }
+
+ private static List toListByCheckBit(Long fitOuType, Map map) {
+ if(fitOuType == null || fitOuType == 0L)
+ return Collections.emptyList();
+
+ List list = new ArrayList<>();
+ for(Long key : map.keySet()) {
+ long result = fitOuType & key;
+ if(result > 0L) {
+ list.add(map.get(key));
+ }
+ }
+ return list;
+ }
+
+
+ public static void main(String[] args) {
+ List list = SaasRoleFits.splitToFitOuTypeValues(1+2+4L);
+ System.out.println(list);
+ Long value = SaasRoleFits.concatFitOuNodeTypeByValues(list);
+ System.out.println(value);
+ }
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/common/enums/ProductTypeEnum.java b/tyr-api/src/main/java/cn/axzo/tyr/client/common/enums/ProductTypeEnum.java
new file mode 100644
index 00000000..adb92705
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/common/enums/ProductTypeEnum.java
@@ -0,0 +1,40 @@
+package cn.axzo.tyr.client.common.enums;
+
+import com.baomidou.mybatisplus.annotation.EnumValue;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 2022/5/18 14:57
+ *
+ * @deprecated 这个类只用在历史代码迁移上,新的业务里不要用这个。
+ * 因为一个Feature可能不只是属于一个产品类型。就像一个Feature不只是属于一个产品板块一样。
+ * 这种单一化的判断会引来新的BUG。
+ *
+ */
+@Getter
+@RequiredArgsConstructor
+@Deprecated
+public enum ProductTypeEnum {
+
+ /**
+ * 总包企业产品
+ */
+ PT_ENT_ZB(1, "PT_ENT_ZB"), //原来叫CEMS,但这个名字跟terminal搅在一起了,所以重新做了枚举值来区分
+ /**
+ * 总包项目产品
+ */
+ PT_PROJ(2, "PT_PROJ"), //原来叫PMS,但这个名字跟terminal搅在一起了,所以重新做了枚举值来区分
+ PT_OMS(6, "PT_OMS") //
+ ;
+
+ //TODO:以后增加其他的产品类型 -- 3:政企产品 4:分包企业产品 5:班组产品
+
+
+ @EnumValue
+ private final Integer code;
+ private final String name;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/common/enums/SaasPositionEnum.java b/tyr-api/src/main/java/cn/axzo/tyr/client/common/enums/SaasPositionEnum.java
index b9fe8b99..4e8c9b77 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/common/enums/SaasPositionEnum.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/common/enums/SaasPositionEnum.java
@@ -11,12 +11,12 @@ import lombok.Getter;
* @date 2022/7/4 10:51
*/
public enum SaasPositionEnum {
- PLAT_TEAM_OWNER("plat_teamowner", "平台级班组长"),
- PLAT_ACTING_MONITOR("plat_actingmonitor", "班组管理员"),
- PLAT_GROUP_LEADER("plat_groupleader", "平台级小组长"),
- WORKSPACE_TEAM_OWNER("workspace_teamowner", "工作台级班组长"),
- WORKSPACE_ACTING_MONITOR("workspace_actingmonitor", "工作台级代班长"),
- WORKSPACE_GROUP_LEADER("workspace_groupleader", "工作台级小组长"),;
+ PLAT_TEAM_OWNER("plat_teamowner", "平台级班组长", 8),
+ PLAT_ACTING_MONITOR("plat_actingmonitor", "班组管理员", 8),
+ PLAT_GROUP_LEADER("plat_groupleader", "平台级小组长", 8),
+ WORKSPACE_TEAM_OWNER("workspace_teamowner", "工作台级班组长", 9),
+ WORKSPACE_ACTING_MONITOR("workspace_actingmonitor", "工作台级代班长", 9),
+ WORKSPACE_GROUP_LEADER("workspace_groupleader", "工作台级小组长", 9),;
@Getter
@EnumValue
@@ -26,9 +26,13 @@ public enum SaasPositionEnum {
@Getter
private final String desc;
- SaasPositionEnum(String value, String desc) {
+ @Getter
+ private final Integer productUnitType;
+
+ SaasPositionEnum(String value, String desc, Integer productUnitType) {
this.code = value;
this.desc = desc;
+ this.productUnitType = productUnitType;
}
public static SaasPositionEnum getValueByCode(String code) {
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/ProductApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/ProductApi.java
index 855e11d3..be38b13d 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/ProductApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/ProductApi.java
@@ -12,10 +12,13 @@ import cn.axzo.tyr.client.model.product.ProductSearchListReq;
import cn.axzo.tyr.client.model.product.ProductSearchPageReq;
import cn.axzo.tyr.client.model.product.ProductUpdateReq;
import cn.axzo.tyr.client.model.product.ProductVO;
+import cn.axzo.tyr.client.model.req.ProductQueryReq;
import cn.axzo.tyr.client.model.req.ProductSaveReq;
import cn.axzo.tyr.client.model.req.UpdateProductStatusReq;
import cn.axzo.tyr.client.model.res.GovernmentTerminalResp;
+import cn.axzo.tyr.client.model.res.ProductQueryResp;
import cn.axzo.tyr.client.model.res.WorkspaceProductResp;
+import cn.azxo.framework.common.model.CommonResponse;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
@@ -25,6 +28,7 @@ import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
+import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import java.util.List;
import java.util.Map;
@@ -174,4 +178,20 @@ public interface ProductApi {
*/
@PostMapping("api/auth/product/getDetail")
ApiResult getDetail(@Validated @RequestBody ProductDetailReq req);
+
+ /**
+ * 获取产品列表
+ */
+ @PostMapping("api/product/listWithOutDelete")
+ CommonResponse> listWithOutDelete(@RequestBody @Valid ProductQueryReq req);
+
+ /**
+ * 用于创建/获取OMS的产品使用
+ * 主要用于OMS第一次创建服务包时进行数据处理使用
+ *
+ * 首先会获取OMS类型的基础产品,获取成功就直接返回
+ * 未获取到会直接创建一个类型是OMS的产品,默认选中所有的OMS类型菜单
+ */
+ @PostMapping("api/product/createOrGetOmsProduct")
+ CommonResponse createOrGetOmsProduct();
}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasAuthApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasAuthApi.java
new file mode 100644
index 00000000..7879298a
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasAuthApi.java
@@ -0,0 +1,27 @@
+package cn.axzo.tyr.client.feign;
+
+import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp;
+import cn.axzo.tyr.client.model.permission.IdentityKey;
+import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionReq;
+import cn.azxo.framework.common.model.CommonResponse;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import javax.validation.Valid;
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/9 14:40
+ * @description : 权限-与人相关
+ */
+@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
+public interface SaasAuthApi {
+
+ @PostMapping("api/feature/findIdentityKeysByParams")
+ CommonResponse> findIdentityKeysByParams(@RequestBody @Valid QueryIdentityByPermissionReq req);
+
+ @PostMapping("api/feature/findIdentityAndAccountInfosByParams")
+ CommonResponse> findIdentityAndAccountInfosByParams(@RequestBody @Valid QueryIdentityByPermissionReq req);
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasFeatureApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasFeatureApi.java
new file mode 100644
index 00000000..c59975e4
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasFeatureApi.java
@@ -0,0 +1,40 @@
+package cn.axzo.tyr.client.feign;
+
+import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.model.permission.ApplicationFeatureRes;
+import cn.axzo.tyr.client.model.permission.GetInfoByMicroAppItemIdReq;
+import cn.axzo.tyr.client.model.permission.SaasFeatureRes;
+import cn.axzo.tyr.client.model.req.GetByIdsReq;
+import cn.axzo.tyr.client.model.req.ListAllFeatureByTerminalReq;
+import cn.axzo.tyr.client.model.res.SaasFeatureBO;
+import cn.azxo.framework.common.model.CommonResponse;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import java.util.List;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 11/23/2022 11:06 AM
+ */
+@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
+public interface SaasFeatureApi {
+
+ /**
+ * 获取所有原生和小程序 (只取第二级数据 防止菜单配置错误 如下 (模块-小程序-小程序))
+ */
+ @PostMapping("/api/app/application/feature")
+ CommonResponse> getAppApplicationFeature(@RequestBody List terminals);
+
+ @PostMapping("/api/saasFeature/getInfoByMicroAppItemId")
+ ApiResult> getInfoByMicroAppItemId(@RequestBody GetInfoByMicroAppItemIdReq req);
+
+ @PostMapping("/api/saasFeature/getByIds")
+ ApiResult> getByIds(@RequestBody GetByIdsReq req);
+
+ @PostMapping("/api/saasFeature/listAllFeatureByTerminal")
+ ApiResult> listAllFeatureByTerminal(@RequestBody ListAllFeatureByTerminalReq req);
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasPermissionGroupApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasPermissionGroupApi.java
index 5d7583d4..5c0aeb48 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasPermissionGroupApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasPermissionGroupApi.java
@@ -2,7 +2,11 @@ package cn.axzo.tyr.client.feign;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.model.permission.ListByWorkspaceIdAndOuIdReq;
+import cn.axzo.tyr.client.model.permission.ListFeatureIdByGroupIdsReq;
import cn.axzo.tyr.client.model.req.QuerySaasPermissionGroupReq;
+import cn.axzo.tyr.client.model.res.SaasPermissionGroupRes;
+import cn.axzo.tyr.client.model.res.SaasPgroupPermissionRelationRes;
import cn.axzo.tyr.client.model.vo.DeletePermissionGroupVO;
import cn.axzo.tyr.client.model.vo.SaasPermissionGroupVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdatePermissionGroupVO;
@@ -52,4 +56,10 @@ public interface SaasPermissionGroupApi {
@PostMapping("/api/saasPermissionGoup/deletePermissionGroupSpecial")
ApiResult deletePermissionGroupSpecial(@RequestBody @Valid DeletePermissionGroupVO group);
+
+ @PostMapping("/api/saasPermissionGoup/listByWorkspaceIdAndOuId")
+ ApiResult> listByWorkspaceIdAndOuId(@RequestBody @Valid ListByWorkspaceIdAndOuIdReq group);
+
+ @PostMapping("/api/saasPermissionGoup/listFeatureIdByGroupIds")
+ ApiResult> listFeatureIdByGroupIds(@RequestBody @Valid ListFeatureIdByGroupIdsReq group);
}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasPositionTemplateApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasPositionTemplateApi.java
new file mode 100644
index 00000000..4a9f9b20
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasPositionTemplateApi.java
@@ -0,0 +1,26 @@
+package cn.axzo.tyr.client.feign;
+
+import cn.axzo.tyr.client.model.permission.SaasPositionTemplateExBO;
+import cn.axzo.tyr.client.model.permission.SaasPositionTemplateReq;
+import cn.azxo.framework.common.model.CommonResponse;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import java.util.List;
+
+/**
+ * 职位模板、职位模板的权限树相关的API
+ **/
+@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
+public interface SaasPositionTemplateApi {
+
+ /**
+ * 查询 职位,权限集分类,权限集
+ * @param req
+ * @return
+ */
+ @PostMapping("api/saas/positionTemplate/list")
+ CommonResponse> findPositionTemplateWithPermissionGroup(@RequestBody SaasPositionTemplateReq req);
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleApi.java
new file mode 100644
index 00000000..13ab8ede
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleApi.java
@@ -0,0 +1,65 @@
+package cn.axzo.tyr.client.feign;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp;
+import cn.axzo.tyr.client.model.permission.SaasUserRoleExBO;
+import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleByPhoneReq;
+import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleReq;
+import cn.axzo.tyr.client.model.req.ListUserRoleByParams;
+import cn.axzo.tyr.client.model.req.QuerySuperAdminReq;
+import cn.axzo.tyr.client.model.req.UpdateUserJobReq;
+import cn.axzo.tyr.client.model.res.SuperAminInfoResp;
+import cn.azxo.framework.common.model.CommonResponse;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import javax.validation.Valid;
+import java.util.List;
+
+/**
+ * 2022-06-13,高伟、陈亮、谭杰,评审了此API
+ *
+ * @author : liuchuntao
+ * @description : saas角色处理
+ */
+@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
+@Validated
+public interface SaasRoleApi {
+
+ /**
+ * workpaceId + ownerOuId + roleId + identifyId 赋予角色(支持角色赋予的同时 角色创建)
+ * work for: 组织 + 服务包
+ */
+ @PostMapping("api/saas/role/grantAdminRole")
+ CommonResponse grantAdminRole(@RequestBody @Valid List req);
+
+ /**
+ * workpaceId + ownerOuId + roleId + 手机号 + 姓名 赋予角色(支持角色赋予的同时 角色创建)
+ * work for: 组织 + 服务包
+ */
+ @PostMapping("api/saas/role/grantAdminRoleByPhone")
+ CommonResponse> grantAdminRoleByPhone(@RequestBody @Valid List req);
+
+ @PostMapping("api/saas/role/user/update")
+ CommonResponse updateUserRole(@RequestBody @Valid UpdateUserJobReq req);
+
+ /**
+ * @param adminReqs
+ * @return
+ */
+ @PostMapping("api/saas/role/batchFindSuperAdmin")
+ CommonResponse> batchFindSuperAdmin(@RequestBody @Valid List adminReqs);
+
+ /**
+ * 根据 工作台id + 单位id 查询已关联的人员列表 work for: 工作流
+ */
+ @PostMapping("api/saas/role/findSuperAdmin")
+ CommonResponse findSuperAdmin(@RequestBody @Valid QuerySuperAdminReq req);
+
+ @PostMapping("api/saas/role/listUserRoleExByParams")
+ CommonResponse> getUserRoleExListMapByIdentityIdAndWorkspaceId(@RequestBody @Valid ListUserRoleByParams req);
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleUserRelationApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleUserRelationApi.java
new file mode 100644
index 00000000..9b6b4234
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleUserRelationApi.java
@@ -0,0 +1,29 @@
+package cn.axzo.tyr.client.feign;
+
+import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.model.req.GetByIdsReq;
+import cn.axzo.tyr.client.model.req.WorkspaceUpdateUserRoleDTO;
+import cn.axzo.tyr.client.model.res.SaasFeatureBO;
+import cn.azxo.framework.common.model.CommonResponse;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import java.util.List;
+
+/**
+ * @author yanglin
+ */
+@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
+public interface SaasRoleUserRelationApi {
+
+ /**
+ * 用户帐户注销
+ */
+ @PostMapping("api/roleUserRelation/deleteByPersonId")
+ CommonResponse deleteByPersonId(@RequestParam("personId") Long personId);
+
+ @PostMapping("/api/roleUserRelation/updateWorkspaceUserRoles")
+ ApiResult updateWorkspaceUserRoles(@RequestBody WorkspaceUpdateUserRoleDTO req);
+}
\ No newline at end of file
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index 5fb80f5e..46d9e129 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -3,6 +3,7 @@ package cn.axzo.tyr.client.feign;
import cn.axzo.foundation.page.PageResp;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.model.permission.BaseIdentityReq;
import cn.axzo.tyr.client.model.roleuser.RoleUserUpdateReq;
import cn.axzo.tyr.client.model.roleuser.dto.GetUserAutoOwnRoleResp;
import cn.axzo.tyr.client.model.roleuser.dto.GetUserFeatureResourceIdsResp;
@@ -22,6 +23,16 @@ import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
import cn.axzo.tyr.client.model.roleuser.req.WorkerManagerRoleUserReq;
import com.baomidou.mybatisplus.core.metadata.IPage;
+import cn.axzo.tyr.client.model.roleuser.req.AutoOwnRoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.GantOrUnGantaWorkerLeaderRoleReq;
+import cn.axzo.tyr.client.model.roleuser.req.GetUserAutoOwnRoleReq;
+import cn.axzo.tyr.client.model.roleuser.req.GetUserFeatureResourceIdsReq;
+import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
+import cn.axzo.tyr.client.model.roleuser.req.WorkerManagerRoleUserReq;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -157,4 +168,7 @@ public interface TyrSaasRoleUserApi {
*/
@PostMapping("/api/roleUserRelation/temporarily/page")
ApiResult> pageRoleUserRelation(@RequestBody @Valid PageRoleUserRelationReq param);
+
+ @PostMapping("/api/saas-role-user/batch-update-identity-by-id")
+ ApiResult updateIdentityId(@RequestBody @Valid List req);
}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/FeatureTypeEnum.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/FeatureTypeEnum.java
new file mode 100644
index 00000000..7d542211
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/FeatureTypeEnum.java
@@ -0,0 +1,28 @@
+package cn.axzo.tyr.client.model.enums;
+
+import com.baomidou.mybatisplus.annotation.EnumValue;
+import com.fasterxml.jackson.annotation.JsonValue;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor
+public enum FeatureTypeEnum {
+
+ /**
+ * 0.模块 1.菜单 2页面 3功能
+ */
+ /**
+ * 枚举值
+ */
+ MODEL(0,"模块"),
+ MENU(1,"菜单"),
+ PAGE(2,"2页面"),
+ FEATURE(3,"页面元素");
+
+ @EnumValue
+ @JsonValue //标记json返回的值
+ public final Integer code;
+
+ public final String name;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java
new file mode 100644
index 00000000..aec9f007
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java
@@ -0,0 +1,45 @@
+package cn.axzo.tyr.client.model.enums;
+
+import com.baomidou.mybatisplus.annotation.EnumValue;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonValue;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+import java.util.Arrays;
+
+/**
+ * @author tanjie@axzo.cn
+ * @date 2022/10/10 10:50
+ */
+@Getter
+@RequiredArgsConstructor
+public enum SaasJobTypeEnum {
+ //主岗
+ MASTER_JOB(1,"岗位"),
+ //兼岗
+ SLAVE_JOB(2,"协助岗位");
+ @EnumValue
+ @JsonValue
+ private Integer value;
+ private String desc;
+
+
+ SaasJobTypeEnum(Integer value, String desc) {
+ this.value = value;
+ this.desc = desc;
+ }
+
+ @JsonCreator(mode = JsonCreator.Mode.DELEGATING)
+ public static SaasJobTypeEnum create(Integer value){
+ return match(value);
+ }
+
+ public static SaasJobTypeEnum match(Integer saasJobType) {
+ return Arrays.stream(values()).filter(e -> e.getValue().equals(saasJobType)).findFirst().get();
+ }
+
+ public boolean isMaster() {
+ return value.equals(MASTER_JOB.getValue());
+ }
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/WorkspaceTypeWithLegacyEnum.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/WorkspaceTypeWithLegacyEnum.java
new file mode 100644
index 00000000..d054ae8a
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/WorkspaceTypeWithLegacyEnum.java
@@ -0,0 +1,53 @@
+package cn.axzo.tyr.client.model.enums;
+
+import com.baomidou.mybatisplus.annotation.EnumValue;
+import com.fasterxml.jackson.annotation.JsonValue;
+import lombok.Getter;
+
+import java.util.Arrays;
+import java.util.Map;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+
+/**
+ * 在 3A 里面这个类的 code 值可以直接对应到 workspaceType
+ *
+ * 尽量不用枚举的文字,用数字就好。
+ *
+ *
+ */
+@Getter
+public enum WorkspaceTypeWithLegacyEnum {
+
+ /**
+ * 枚举值
+ */
+ ENT_SPACE(1, "CEMS"),
+ PROJ_SPACE(2, "CMS"),
+ OMS_SPACE(6, "OMS");
+
+ @EnumValue
+ @JsonValue //标记json返回的值
+ private final Integer code;
+
+ private final String name;
+
+
+ WorkspaceTypeWithLegacyEnum(Integer code, String name) {
+ this.code = code;
+ this.name = name;
+ }
+
+ private static Map map = null;
+
+ public static WorkspaceTypeWithLegacyEnum getByCode(Integer code) {
+ if (map == null) {
+ map = Arrays.stream(values()).collect(Collectors.toMap(WorkspaceTypeWithLegacyEnum::getCode, Function.identity()));
+ }
+ return map.get(code);
+ }
+
+ public boolean isCmsProject() {
+ return this.equals(WorkspaceTypeWithLegacyEnum.PROJ_SPACE);
+ }
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/AccountBindPersonReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/AccountBindPersonReq.java
new file mode 100644
index 00000000..b9b943b6
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/AccountBindPersonReq.java
@@ -0,0 +1,30 @@
+package cn.axzo.tyr.client.model.permission;
+
+import javax.validation.constraints.NotNull;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/11 14:09
+ * @description : 账户绑定自然人
+ */
+@Data
+public class AccountBindPersonReq {
+
+ /**
+ * 账户Id
+ */
+ private Long accountId;
+
+ /**
+ * 手机号
+ */
+ private String phone;
+
+ /**
+ * 自然人Id
+ */
+ @NotNull(message = "自然人Id不能为空")
+ private Long naturalPersonId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ApplicationFeatureRes.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ApplicationFeatureRes.java
new file mode 100644
index 00000000..67ce11e1
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ApplicationFeatureRes.java
@@ -0,0 +1,64 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class ApplicationFeatureRes {
+
+ /**
+ * 菜单id
+ */
+ private Long featureId;
+
+ /**
+ * 菜单名称
+ */
+ private String featureName;
+
+ /**
+ * 父节点菜单id
+ */
+ private Long parentFeatureId;
+
+ /**
+ * 父节点菜单名称
+ */
+ private String parentFeatureName;
+
+ /**
+ * 图标名(原生使用)
+ * 小程序使用自己配置中的图标
+ */
+ private String icon;
+
+ /**
+ * 1:cms 2:小程序 4:原生 如果菜单同时又对应app上展示 则填写对应linkUrl 和linkExt
+ */
+ private Integer linkType;
+
+ /**
+ * 小程序id(小程序使用 关联micro_app_item id)
+ */
+ private String microAppItemId;
+
+ /**
+ * 路由地址(小程序使用)
+ */
+ private String linkUrl;
+
+ /**
+ * 扩展字段(原生使用)
+ */
+ private String linkExt;
+
+ /**
+ * 端
+ */
+ private String terminal;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/BaseAuthorizationReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/BaseAuthorizationReq.java
new file mode 100644
index 00000000..2d77d6d4
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/BaseAuthorizationReq.java
@@ -0,0 +1,57 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/14 18:37
+ * @description : 获取权限信息基础参数
+ */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class BaseAuthorizationReq {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+ private Integer identityTypeInt;
+
+ public Integer getIdentityTypeInt() {
+ if (identityType == null) {
+ return null;
+ }
+
+ return identityType.getCode();
+ }
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+ /**
+ * 指定端的权限
+ */
+ private String terminal;
+
+
+ private Integer ouType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/BaseIdentityReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/BaseIdentityReq.java
new file mode 100644
index 00000000..e6a2dd20
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/BaseIdentityReq.java
@@ -0,0 +1,28 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/5 10:53
+ * @description : 账号合并身份信息
+ */
+@Data
+public class BaseIdentityReq {
+
+ /**
+ * 原身份Id
+ */
+ private Long oldIdentityId;
+
+ /**
+ * 新身份Id
+ */
+ private Long newIdentityId;
+
+ /**
+ * 身份类型
+ */
+ private Integer identityType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CommonUserReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CommonUserReq.java
new file mode 100644
index 00000000..79db1e43
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CommonUserReq.java
@@ -0,0 +1,30 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class CommonUserReq {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+
+ /**
+ * 指定端的权限
+ */
+ private String terminal;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CommonWorkspaceIdAndOuIdReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CommonWorkspaceIdAndOuIdReq.java
new file mode 100644
index 00000000..6c22ff33
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CommonWorkspaceIdAndOuIdReq.java
@@ -0,0 +1,22 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * 这个类只有两个字段 。如果需要增加字段的,请写新类继承它
+ */
+@Data
+public class CommonWorkspaceIdAndOuIdReq {
+
+ /**
+ * 工作台id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位id : 非必填
+ */
+ private Long ouId;
+
+ // 这个类只有两个字段 。如果需要增加字段的,请写新类继承它
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreatePermissionGroupReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreatePermissionGroupReq.java
new file mode 100644
index 00000000..71fd6a7b
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreatePermissionGroupReq.java
@@ -0,0 +1,30 @@
+package cn.axzo.tyr.client.model.permission;
+
+import java.util.List;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotEmpty;
+import lombok.Data;
+import org.hibernate.validator.constraints.Length;
+
+/**
+ */
+@Data
+public class CreatePermissionGroupReq{
+
+ /**
+ * 权限集名称
+ */
+ @NotBlank(message = "权限集名称不能为空")
+ @Length(max = 20, message = "权限集名称不能超过20个字符")
+ private String name;
+ /**
+ * 权限集的具体权限对应的功能id 列表
+ */
+ @NotEmpty(message = "权限集不能为空")
+ private List featureIds;
+
+ /**
+ * 备注
+ */
+ private String description;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreateResRoleDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreateResRoleDTO.java
new file mode 100644
index 00000000..64608c61
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreateResRoleDTO.java
@@ -0,0 +1,16 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author: wangli
+ * @date: 2022/5/27 15:42
+ */
+@Data
+public class CreateResRoleDTO {
+
+ /**
+ * 工作台ID
+ */
+ private Long workspaceId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreateRoleReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreateRoleReq.java
new file mode 100644
index 00000000..352553b6
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreateRoleReq.java
@@ -0,0 +1,46 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/19 15:35
+ * @description :
+ */
+@Data
+public class CreateRoleReq {
+
+ @NotNull(message = "身份Id不能为空")
+ private Long identityId;
+
+ @NotNull(message = "身份类型不能为空")
+ private Long identityType;
+ /**
+ * 自然人Id
+ */
+ @NotNull(message = "自然人Id不能为空")
+ private Long naturalPersonId;
+ /**
+ * 手机号
+ */
+ @NotNull(message = "手机号不能为空")
+ private String phone;
+
+ @NotEmpty(message = "角色Id集合不能为空")
+ private List roleIds;
+
+
+ @NotNull(message = "工作台Id不能为空")
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ @NotNull(message = "单位Id不能为空")
+ private Long organizationalUnitId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreateWorkspaceAdminDto.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreateWorkspaceAdminDto.java
new file mode 100644
index 00000000..7b63e3cd
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/CreateWorkspaceAdminDto.java
@@ -0,0 +1,34 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/27 18:26
+ * @description :
+ */
+@Data
+public class CreateWorkspaceAdminDto {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型
+ */
+ private Integer identityType;
+
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/DecodeQrCodeBo.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/DecodeQrCodeBo.java
new file mode 100644
index 00000000..e5751acb
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/DecodeQrCodeBo.java
@@ -0,0 +1,27 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author zhangPeng
+ * @description
+ * @date 2021/1/26 17:22
+ */
+@Data
+public class DecodeQrCodeBo {
+
+ /**
+ * 目标值 - 类型不同值不同
+ */
+ private String value;
+
+ /**
+ * 类型 - personal(个人信息) - team(班组) - http(三方地址)
+ */
+ private String type;
+
+ /**
+ * 属于那一个平台的二维码
+ */
+ private String terminal;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/DeletePermissionGroupReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/DeletePermissionGroupReq.java
new file mode 100644
index 00000000..ede31558
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/DeletePermissionGroupReq.java
@@ -0,0 +1,18 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ */
+@Data
+public class DeletePermissionGroupReq {
+
+ /**
+ * 主键id
+ */
+ private Long id;
+ /**
+ * 权限集描述
+ */
+ private String description;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/DeleteRoleOfUserReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/DeleteRoleOfUserReq.java
new file mode 100644
index 00000000..aa4cb631
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/DeleteRoleOfUserReq.java
@@ -0,0 +1,15 @@
+package cn.axzo.tyr.client.model.permission;
+
+import java.util.List;
+import lombok.Data;
+
+/**
+ */
+@Data
+public class DeleteRoleOfUserReq {
+
+ /**
+ * 用户角色关联关系的主键集合
+ */
+ private List ids;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeatureByIdentityResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeatureByIdentityResp.java
new file mode 100644
index 00000000..23c4470b
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeatureByIdentityResp.java
@@ -0,0 +1,23 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+@Builder
+public class FeatureByIdentityResp {
+
+ private Long identityId;
+
+ private IdentityType identityType;
+
+ private List featureCodes;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeatureIdAndFeaturePathBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeatureIdAndFeaturePathBO.java
new file mode 100644
index 00000000..33e57ee9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeatureIdAndFeaturePathBO.java
@@ -0,0 +1,24 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class FeatureIdAndFeaturePathBO {
+
+ /**
+ * 菜单id
+ */
+ private Long featureId;
+
+ /**
+ * 菜单表path字段
+ */
+ private String featurePath;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeatureItemResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeatureItemResp.java
new file mode 100644
index 00000000..edea178e
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeatureItemResp.java
@@ -0,0 +1,39 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+/**
+ * @author: cl
+ * @description: 授权功能请求实体
+ * @date: 2022-06-17
+ **/
+@Getter
+@Setter
+@Builder
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+public class FeatureItemResp {
+
+ /**
+ * 是否授权
+ */
+ private Boolean isGrant;
+
+ /**
+ * 功能编码
+ */
+ private String featureCode;
+
+ /**
+ * 功能名称
+ */
+ private String featureName;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeaturePermissionReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeaturePermissionReq.java
new file mode 100644
index 00000000..47561915
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeaturePermissionReq.java
@@ -0,0 +1,50 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AccessLevel;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+import lombok.experimental.FieldDefaults;
+
+import javax.validation.constraints.Min;
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 2022/8/15 19:58
+ */
+@Getter
+@Setter
+@ToString(callSuper = true)
+@FieldDefaults(level = AccessLevel.PRIVATE)
+public class FeaturePermissionReq {
+ /**
+ * 工作台id
+ */
+ @NotNull
+ @Min(value = 1)
+ Long workspaceId;
+ /**
+ * 单位id
+ */
+ @NotNull
+ @Min(value = 1)
+ Long ouId;
+ /**
+ * 指定端的权限
+ */
+ String terminal;
+ @NotNull
+ @Min(value = 1)
+ Long identityId;
+ @NotNull
+ @Min(value = 0)
+ Integer identityType;
+
+ public IdentityType getIdentityTypeEnum() {
+ return IdentityType.getIdentityType(identityType);
+ }
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeaturePermissionRes.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeaturePermissionRes.java
new file mode 100644
index 00000000..31221fb5
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FeaturePermissionRes.java
@@ -0,0 +1,24 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AccessLevel;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+import lombok.experimental.FieldDefaults;
+
+import java.util.Set;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 11/23/2022 11:18 AM
+ */
+@Getter
+@Setter
+@ToString(callSuper = true)
+@FieldDefaults(level = AccessLevel.PRIVATE)
+public class FeaturePermissionRes {
+ boolean superAdmin = false;
+ Set permissionCodes;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FilterFeatureTreeReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FilterFeatureTreeReq.java
new file mode 100644
index 00000000..d6d02af4
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FilterFeatureTreeReq.java
@@ -0,0 +1,44 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/14 18:37
+ * @description : 获取权限信息基础参数
+ */
+@Data
+public class FilterFeatureTreeReq {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ private IdentityType identityType;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+ /**
+ * 指定端的权限
+ */
+ private String terminal;
+
+ /**
+ * FeatureType: 类型 0.模块 1.菜单 2页面 3功能
+ * 此字段=0,只返回模块,=1,返回到菜单级,=2,返回到页面级,=3,到功能级。
+ * 此字段默认到功能级, (会做为递归的深度限制)
+ *------
+ */
+ private Integer limitFeatureTypeLevel = 3;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FindUserWorkspaceRoleReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FindUserWorkspaceRoleReq.java
new file mode 100644
index 00000000..5cc85da9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/FindUserWorkspaceRoleReq.java
@@ -0,0 +1,20 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.page.PageRequest;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/21 15:35
+ * @description :获取角色列表
+ */
+@Data
+public class FindUserWorkspaceRoleReq extends PageRequest {
+
+ /**
+ * 关键字:暂定角色名称
+ */
+ private String keyWords;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GargantuanRoleQueryReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GargantuanRoleQueryReq.java
new file mode 100644
index 00000000..47b81967
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GargantuanRoleQueryReq.java
@@ -0,0 +1,22 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.page.PageRequest;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Data;
+
+@Data
+public class GargantuanRoleQueryReq extends PageRequest {
+
+ private String roleNameLike;
+
+ private String userNameLike;
+
+ private String workspaceType;
+
+ private Long workspaceId;
+
+ private Long ownerOuId;
+
+ private IdentityType identityType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GetInfoByMicroAppItemIdReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GetInfoByMicroAppItemIdReq.java
new file mode 100644
index 00000000..45d9b5b2
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GetInfoByMicroAppItemIdReq.java
@@ -0,0 +1,17 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class GetInfoByMicroAppItemIdReq {
+
+ private List appItemId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GrantAgencyAdminRoleDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GrantAgencyAdminRoleDTO.java
new file mode 100644
index 00000000..3928ce42
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GrantAgencyAdminRoleDTO.java
@@ -0,0 +1,69 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.Min;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+@Builder
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class GrantAgencyAdminRoleDTO {
+
+ /**
+ * 工作台id,与context校验
+ */
+ @NotNull(message = "工作台Id不能为空")
+ private Long workspaceId;
+
+ /**
+ * 单位id : 必填
+ */
+ @NotNull(message = "单位Id不能为空")
+ private Long ouId;
+
+ public OrganizationalUnitTypeEnum getOrganizationalUnitTypeEnum() {
+ return OrganizationalUnitTypeEnum.getByType(organizationalUnitType);
+ }
+
+ /**
+ * 单位类型
+ */
+ @NotNull(message = "单位类型不能为空")
+ @Min(value = 1)
+ private Integer organizationalUnitType;
+
+ /**
+ * 被赋予角色的人的身份类型
+ */
+ @NotNull(message = "身份类型不能为空")
+ private IdentityType identityType;
+
+ /**
+ * 手机号
+ */
+ @NotBlank(message = "手机号不能为空")
+ private String phoneNo;
+
+ /**
+ * 用户名
+ */
+ @NotBlank(message = "用户名不能为空")
+ private String userName;
+
+ /**
+ * 之前的所有RoleId都被更新
+ */
+ @NotEmpty(message = "角色列表不能为空")
+ private List updateRoleIds;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GrantRoleToUserReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GrantRoleToUserReq.java
new file mode 100644
index 00000000..4d96cf75
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GrantRoleToUserReq.java
@@ -0,0 +1,21 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ */
+@Data
+public class GrantRoleToUserReq extends CommonWorkspaceIdAndOuIdReq {
+ private List roleIds;
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+ /**
+ * 身份类型 1:工人 2:从业人员 3:班组长 4:运营人员 5:政务人员
+ */
+ private Integer identityType;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GroupPermissionResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GroupPermissionResp.java
new file mode 100644
index 00000000..30e13451
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/GroupPermissionResp.java
@@ -0,0 +1,39 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+/**
+ * @author: cl
+ * @description: 授权功能返回实体
+ * @date: 2022-06-17
+ **/
+@Getter
+@Setter
+@Builder
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+public class GroupPermissionResp {
+
+ /**
+ * 是否授权
+ */
+ private Boolean isGrant;
+
+ /**
+ * 功能编码
+ */
+ private String groupPermissionId;
+
+ /**
+ * 功能名称
+ */
+ private String groupPermissionName;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/IdentityAndAccountDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/IdentityAndAccountDTO.java
new file mode 100644
index 00000000..c98201e6
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/IdentityAndAccountDTO.java
@@ -0,0 +1,49 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.trade.datasecurity.core.annotation.CryptField;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/11 11:20
+ * @description :
+ */
+@Data
+public class IdentityAndAccountDTO {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+
+ /**
+ * 账户Id
+ */
+ private Long accountId;
+
+ /**
+ * 手机号
+ */
+ @CryptField
+ private String phone;
+
+
+ /**
+ * 真实姓名
+ */
+ private String realName;
+
+
+ /**
+ * 自然人Id
+ */
+ private Long naturalPersonId;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/IdentityAndAccountResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/IdentityAndAccountResp.java
new file mode 100644
index 00000000..01ff2273
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/IdentityAndAccountResp.java
@@ -0,0 +1,49 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Data;
+
+import java.io.Serializable;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/11 11:20
+ * @description :
+ */
+@Data
+public class IdentityAndAccountResp implements Serializable {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+
+ /**
+ * 账户Id
+ *
+ * @deprecated 此字段业务中不要使用,全部用身份id来处理业务
+ */
+ @Deprecated
+ private Long accountId;
+
+ /**
+ * 手机号
+ */
+ private String phone;
+
+ /**
+ * 真实姓名
+ */
+ private String realName;
+
+ /**
+ * 自然人Id
+ */
+ private Long naturalPersonId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/IdentityKey.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/IdentityKey.java
new file mode 100644
index 00000000..5eb6a63c
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/IdentityKey.java
@@ -0,0 +1,19 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Data
+public class IdentityKey {
+
+ private Long identityId;
+
+ private IdentityType identityType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/JobDto.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/JobDto.java
new file mode 100644
index 00000000..83a3a271
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/JobDto.java
@@ -0,0 +1,34 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AccessLevel;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+import lombok.experimental.FieldDefaults;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 2022/10/12 15:23
+ */
+@Getter
+@Setter
+@ToString
+@FieldDefaults(level = AccessLevel.PRIVATE)
+public class JobDto {
+
+ /**
+ * 岗位id
+ */
+ Long jobId;
+ /**
+ * 岗位code
+ */
+ String jobCode;
+ /**
+ * 岗位名字
+ */
+ String jobName;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/LeaderResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/LeaderResp.java
new file mode 100644
index 00000000..c7635c4f
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/LeaderResp.java
@@ -0,0 +1,40 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+/**
+ * @author: cl
+ * @description: 企业班组响应
+ * @date: 2022-06-17
+ **/
+@Getter
+@Setter
+@Builder
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+public class LeaderResp {
+
+ /**
+ * 身份ID
+ */
+ private Long identityId;
+
+ private IdentityType identityType;
+
+ /**
+ * 角色名称
+ */
+ private String roleName;
+ /**
+ *角色ID
+ */
+ private Long roleId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListByWorkspaceIdAndOuIdReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListByWorkspaceIdAndOuIdReq.java
new file mode 100644
index 00000000..b7dfb6b9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListByWorkspaceIdAndOuIdReq.java
@@ -0,0 +1,17 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class ListByWorkspaceIdAndOuIdReq {
+
+ private Long workspaceId;
+
+ private Long ouId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListFeatureIdByGroupIdsReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListFeatureIdByGroupIdsReq.java
new file mode 100644
index 00000000..5fb2a0de
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListFeatureIdByGroupIdsReq.java
@@ -0,0 +1,17 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class ListFeatureIdByGroupIdsReq {
+
+ private List groupIds;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListRoleReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListRoleReq.java
new file mode 100644
index 00000000..327e44e9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListRoleReq.java
@@ -0,0 +1,27 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+
+import javax.validation.constraints.Min;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.Set;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 2022/10/13 16:54
+ */
+@Getter
+@Setter
+@ToString
+public class ListRoleReq {
+ @NotNull
+ @Min(value = 0)
+ private Long workspaceId;
+ @NotEmpty
+ private Set roleIds;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListRoleRes.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListRoleRes.java
new file mode 100644
index 00000000..e49edf9b
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListRoleRes.java
@@ -0,0 +1,21 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 2022/10/13 16:54
+ */
+@Getter
+@Setter
+@ToString
+@EqualsAndHashCode
+public class ListRoleRes {
+ private Long roleId;
+ private String jobCode;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListUserRoleReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListUserRoleReq.java
new file mode 100644
index 00000000..7786b974
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ListUserRoleReq.java
@@ -0,0 +1,28 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+
+import javax.validation.constraints.Min;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.Set;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 2022/10/14 11:52
+ */
+@Getter
+@Setter
+@ToString
+public class ListUserRoleReq {
+ @NotNull
+ @Min(value = 0)
+ private Long workspaceId;
+ private Long ouId;
+ @NotEmpty
+ private Set roleCodes;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/LoginLogSaveDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/LoginLogSaveDTO.java
new file mode 100644
index 00000000..b2d20981
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/LoginLogSaveDTO.java
@@ -0,0 +1,33 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.manager.auth.base.UserContext;
+import lombok.Data;
+
+/**
+ * @ClassName LoginLogSaveDTO
+ * @Author zhangran
+ * @Date 2022/6/11 18:14
+ **/
+@Data
+public class LoginLogSaveDTO {
+
+ /**
+ * m账号
+ */
+ private String account;
+
+ /**
+ * 登录状态:1-成功;2-失败
+ */
+ private Integer loginStatus;
+ /**
+ * 错误原因
+ */
+ private String failReason;
+ /**
+ * 平台
+ */
+ private String terminal;
+
+ private UserContext userContext;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/LoginSuccessBo.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/LoginSuccessBo.java
new file mode 100644
index 00000000..786cf56f
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/LoginSuccessBo.java
@@ -0,0 +1,23 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * @author zhangPeng
+ * @description
+ * @date 2021/1/26 17:16
+ */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class LoginSuccessBo {
+ private String accessToken;
+ /**
+ * 终端
+ */
+ private String terminal;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/MergeAccountReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/MergeAccountReq.java
new file mode 100644
index 00000000..9739d9e9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/MergeAccountReq.java
@@ -0,0 +1,30 @@
+package cn.axzo.tyr.client.model.permission;
+
+import java.util.List;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/5 10:50
+ * @description :账号合并Req
+ */
+@Data
+public class MergeAccountReq {
+
+ /**
+ * 原自然人Id
+ */
+ private Long oldPerSonId;
+
+
+ /**
+ * 新自然人Id
+ */
+ private Long newPerSonId;
+
+
+ /**
+ * 身份列表
+ */
+ private List baseIdentity;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/MoveFeatureReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/MoveFeatureReq.java
new file mode 100644
index 00000000..0728aeb8
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/MoveFeatureReq.java
@@ -0,0 +1,21 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author haiyangjin
+ * @date 2023/8/23
+ */
+@Data
+public class MoveFeatureReq {
+// @NotEmpty(message = "featureCode 不能为空")
+ private String featureCode;
+
+ private String moveToFeatureCode;
+
+ private Long id;
+
+ private Long moveToId;
+
+ private String token;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/NativeFeatureResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/NativeFeatureResp.java
new file mode 100644
index 00000000..467a7158
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/NativeFeatureResp.java
@@ -0,0 +1,24 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class NativeFeatureResp {
+
+ /*
+ * 企业端菜单id
+ */
+ private Long entFeatureId;
+
+ /*
+ * 项目端菜单id
+ */
+ private Long projFeatureId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OperateLogQueryReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OperateLogQueryReq.java
new file mode 100644
index 00000000..99e90a1a
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OperateLogQueryReq.java
@@ -0,0 +1,79 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.page.PageRequest;
+import com.fasterxml.jackson.annotation.JsonFormat;
+import lombok.Data;
+
+import java.util.Date;
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/28 20:08
+ * @description : 操作日志请求参数
+ */
+@Data
+public class OperateLogQueryReq extends PageRequest {
+
+ /**
+ * 调用方服务名
+ */
+ private String serviceName;
+
+ /**
+ * 操作人
+ */
+ private String operateUserName;
+
+ /**
+ * 事件类型
+ */
+ private List featureCodes;
+
+ /**
+ * 功能name
+ */
+ private String featureName;
+
+ /**
+ * 开始时间
+ */
+ @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
+ private Date startTime;
+
+ /**
+ * 结束时间
+ */
+ @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
+ private Date endTime;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型
+ */
+ private Integer identityType;
+
+ /**
+ * 操作类型 1:add 2:add_batch 3:update 4:update_batch 5:delete 6:delete_batch
+ */
+ private Integer operateType;
+
+ /**
+ * 操作表名
+ */
+ private String operateTable;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OperateLogQueryResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OperateLogQueryResp.java
new file mode 100644
index 00000000..e29a4ac8
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OperateLogQueryResp.java
@@ -0,0 +1,51 @@
+package cn.axzo.tyr.client.model.permission;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import lombok.Data;
+
+import java.util.Date;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/28 20:08
+ * @description : 操作日志响应
+ */
+@Data
+public class OperateLogQueryResp {
+
+ /**
+ * 操作人
+ */
+ private String operateUserName;
+
+ /**
+ * 事件类型
+ */
+ private String featureCode;
+
+ /**
+ * 事件类型
+ */
+ private String featureName;
+
+ /**
+ * 事件摘要
+ */
+ private String contentSummary;
+
+ /**
+ * 操作时间
+ */
+ @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
+ private Date operateTime;
+
+ /**
+ * 操作人手机号
+ */
+ private String operateUserPhone;
+
+ /**
+ * 所属单位名称
+ */
+ private String ouName;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OwnSpaceAndOuInfoDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OwnSpaceAndOuInfoDTO.java
new file mode 100644
index 00000000..a6ba99be
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OwnSpaceAndOuInfoDTO.java
@@ -0,0 +1,28 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/14 15:19
+ * @description : 查询拥有权限的工作台和单位Id
+ */
+@Data
+public class OwnSpaceAndOuInfoDTO {
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceType;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OwnSpaceAndOuInfoResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OwnSpaceAndOuInfoResp.java
new file mode 100644
index 00000000..e70540c4
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/OwnSpaceAndOuInfoResp.java
@@ -0,0 +1,28 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/14 15:19
+ * @description : 查询拥有权限的工作台和单位Id
+ */
+@Data
+public class OwnSpaceAndOuInfoResp {
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceType;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PageDefaultDto.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PageDefaultDto.java
new file mode 100644
index 00000000..d7d54606
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PageDefaultDto.java
@@ -0,0 +1,12 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.page.PageRequest;
+import lombok.Data;
+
+/**
+ * @author hewei@axzo.cn
+ * @date 2022/12/6 10:28
+ */
+@Data
+public class PageDefaultDto extends PageRequest {
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PagePermissionGroupReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PagePermissionGroupReq.java
new file mode 100644
index 00000000..19175831
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PagePermissionGroupReq.java
@@ -0,0 +1,19 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.page.PageRequest;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/29 16:00
+ * @description : 权限集分页搜索相关
+ */
+@Data
+public class PagePermissionGroupReq extends PageRequest {
+
+ /**
+ * 搜索内容
+ */
+ private String searchKey;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PayoffRoleResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PayoffRoleResp.java
new file mode 100644
index 00000000..a102ddfb
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PayoffRoleResp.java
@@ -0,0 +1,54 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+/**
+ * @author: cl
+ * @description: 代班组权限响应
+ * @date: 2022-06-17
+ **/
+@Getter
+@Setter
+@Builder
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+public class PayoffRoleResp {
+
+ /**
+ * 单位id
+ */
+ private Long ouId;
+
+ /**
+ * 角色身份ID
+ */
+ private Long identityId;
+
+ /**
+ * 角色身份类型,用于检查是否匹配
+ */
+ private Integer identityType;
+
+ /**
+ * 手机号
+ */
+ private String phone;
+
+ /**
+ * 真实姓名
+ */
+ private String realName;
+
+ /**
+ * 账户Id
+ */
+ private Long accountId;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PermissionCheckBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PermissionCheckBO.java
new file mode 100644
index 00000000..91c53e2b
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/PermissionCheckBO.java
@@ -0,0 +1,31 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.framework.auth.domain.TerminalInfo;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Set;
+
+/**
+ * 鉴权处理对象
+ *
+ * @version V1.0
+ * @author: ZhanSiHu
+ * @date: 2024/4/15 14:55
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class PermissionCheckBO {
+ private Long personId;
+ private Long identityId;
+ private IdentityType identityType;
+ private Long ouId;
+ private Long workspaceId;
+ private Set featureCodes;
+ private TerminalInfo terminalInfo;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductAndFeatureBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductAndFeatureBO.java
new file mode 100644
index 00000000..0d52fc0e
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductAndFeatureBO.java
@@ -0,0 +1,24 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class ProductAndFeatureBO {
+
+ /**
+ * 产品id
+ */
+ private Long productId;
+
+ /**
+ * 菜单id
+ */
+ private Long featureId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductAndFeaturePathBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductAndFeaturePathBO.java
new file mode 100644
index 00000000..809d727b
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductAndFeaturePathBO.java
@@ -0,0 +1,24 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class ProductAndFeaturePathBO {
+
+ /**
+ * 产品id
+ */
+ private Long productId;
+
+ /**
+ * 菜单表path字段
+ */
+ private String featurePath;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductQueryReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductQueryReq.java
new file mode 100644
index 00000000..478a01b8
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductQueryReq.java
@@ -0,0 +1,22 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotNull;
+
+@Data
+public class ProductQueryReq {
+
+
+ /**
+ * 1:总包企业产品 2:总包项目产品 3:政企产品 4:分包企业产品 5:班组产品
+ */
+ @NotNull(message = "产品类型不能为空")
+ private Integer productType;
+
+ /**
+ * 基础产品与否 0:基础产品 1:普通产品
+ */
+ private Integer commonProduct;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductQueryResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductQueryResp.java
new file mode 100644
index 00000000..bba51ff3
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/ProductQueryResp.java
@@ -0,0 +1,44 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import java.util.Date;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/18 18:50
+ * @description : 产品查询响应
+ */
+@Data
+public class ProductQueryResp {
+
+ protected Long id;
+
+ /**
+ * 创建时间
+ */
+ protected Date createAt;
+
+ /**
+ * 修改时间
+ */
+ protected Date updateAt;
+
+ /**
+ * 1:总包企业产品 2:总包项目产品 3:政企产品 4:分包企业产品 5:班组产品
+ */
+ private Integer productType;
+ /**
+ * 产品板块名字
+ */
+ private String productName;
+ /**
+ * 基础产品与否 0:基础产品 1:普通产品
+ */
+ private Integer commonProduct;
+ /**
+ * 产品板块备注
+ */
+ private String remark;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QrCodeBo.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QrCodeBo.java
new file mode 100644
index 00000000..1b9899a2
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QrCodeBo.java
@@ -0,0 +1,23 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * 二维码
+ *
+ * @author liuyang
+ * @date 2020/6/15
+ **/
+@NoArgsConstructor
+@AllArgsConstructor
+@Data
+public class QrCodeBo {
+
+ /**
+ * code码
+ */
+ private String code;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryFeatureReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryFeatureReq.java
new file mode 100644
index 00000000..6cc45629
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryFeatureReq.java
@@ -0,0 +1,14 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+@Data
+public class QueryFeatureReq extends CommonWorkspaceIdAndOuIdReq {
+
+ /**
+ * 是否查询子节点 0: 不查询: 1:查询( 默认0)
+ */
+ private Integer loadChildrens = 0;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryIdentityByPermissionDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryIdentityByPermissionDTO.java
new file mode 100644
index 00000000..76e9164d
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryIdentityByPermissionDTO.java
@@ -0,0 +1,46 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/9 14:42
+ * @description : 获取拥有指定权限的人员列表
+ */
+@Data
+public class QueryIdentityByPermissionDTO {
+
+ /**
+ * 权限列表
+ * Query的语义是:只要有一个code就算命中,而不是必须有所有code权限。
+ */
+ private List codes;
+
+ private Long roleId;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ private IdentityType identityType;
+
+ /**
+ * 指定端的权限
+ */
+ private String terminal;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryIdentityByPermissionReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryIdentityByPermissionReq.java
new file mode 100644
index 00000000..96c3a84b
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryIdentityByPermissionReq.java
@@ -0,0 +1,101 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/9 14:42
+ * @description : 获取拥有指定权限的人员列表
+ */
+@Data
+public class QueryIdentityByPermissionReq {
+
+ /**
+ * 权限列表
+ * Query的语义是:只要有一个code就算命中,而不是必须有所有code权限。
+ */
+ private List codes;
+
+ private Long roleId;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ private IdentityType identityType;
+
+ /**
+ * 指定端的权限
+ */
+ private String terminal;
+
+ public List getCodes() {
+ return codes;
+ }
+
+ public void setCodes(List codes) {
+ this.codes = codes;
+ }
+
+ public Long getRoleId() {
+ return roleId;
+ }
+
+ public void setRoleId(Long roleId) {
+ this.roleId = roleId;
+ }
+
+ public Long getWorkspaceId() {
+ return workspaceId;
+ }
+
+ public void setWorkspaceId(Long workspaceId) {
+ this.workspaceId = workspaceId;
+ }
+
+ public Long getOuId() {
+ return ouId;
+ }
+
+ public void setOuId(Long ouId) {
+ this.ouId = ouId;
+ }
+
+ public Long getIdentityId() {
+ return identityId;
+ }
+
+ public void setIdentityId(Long identityId) {
+ this.identityId = identityId;
+ }
+
+ public IdentityType getIdentityType() {
+ return identityType;
+ }
+
+ public void setIdentityType(IdentityType identityType) {
+ this.identityType = identityType;
+ }
+
+ public String getTerminal() {
+ return terminal;
+ }
+
+ public void setTerminal(String terminal) {
+ this.terminal = terminal;
+ }
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryPermissionGroupByCategoryIdReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryPermissionGroupByCategoryIdReq.java
new file mode 100644
index 00000000..57232453
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryPermissionGroupByCategoryIdReq.java
@@ -0,0 +1,17 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author hewei@axzo.cn
+ * @date 2022/10/13 17:17
+ */
+@Data
+public class QueryPermissionGroupByCategoryIdReq {
+
+ private Long productCategoryId;
+
+ private List groupIds;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryProductReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryProductReq.java
new file mode 100644
index 00000000..f45cdf97
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryProductReq.java
@@ -0,0 +1,29 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.page.PageRequest;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+/**
+ * @author hewei@axzo.cn
+ * @date 2022/10/11 16:33
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class QueryProductReq extends PageRequest {
+
+ /**
+ * 功能分组id
+ */
+ private Long productId;
+ /**
+ * 权限集id列表
+ */
+ private List groupIds;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryRoleByNameReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryRoleByNameReq.java
new file mode 100644
index 00000000..c2181f80
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryRoleByNameReq.java
@@ -0,0 +1,69 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import lombok.Data;
+import org.springframework.util.CollectionUtils;
+
+import javax.validation.constraints.NotEmpty;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import java.util.Set;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/27 14:05
+ * @description : 通过角色名字查询角色信息
+ */
+@Data
+public class QueryRoleByNameReq extends CommonWorkspaceIdAndOuIdReq {
+
+ @NotEmpty(message = "角色名字不能为空")
+ private List roleNames;
+
+ /**
+ * 单位类型
+ */
+ private Set ouTypes;
+
+ @JsonIgnore
+ public int getFitOuTypeBit() {
+ int fitOuTypeBit = 0;
+ if (!CollectionUtils.isEmpty(ouTypes)) {
+ Optional reduce = ouTypes.stream()
+ .map(OrganizationalUnitTypeEnum::getByType).filter(Objects::nonNull)
+ .map(OrganizationalUnitTypeEnum::getBitValue).reduce((a, b) -> {
+ a |= b;
+ return a;
+ });
+ if (reduce.isPresent()) {
+ fitOuTypeBit = reduce.get();
+ }
+ }
+ return fitOuTypeBit;
+ }
+
+ /**
+ * 节点类型
+ */
+ private Set nodeTypes;
+
+ @JsonIgnore
+ public int getFitNodeTypeBit() {
+ int fitOuNodeTypeBit = 0;
+ if (!CollectionUtils.isEmpty(nodeTypes)) {
+ Optional reduce = nodeTypes.stream()
+ .map(OrganizationalUnitTypeEnum::getByType).filter(Objects::nonNull)
+ .map(OrganizationalUnitTypeEnum::getBitValue).reduce((a, b) -> {
+ a |= b;
+ return a;
+ });
+ if (reduce.isPresent()) {
+ fitOuNodeTypeBit = reduce.get();
+ }
+ }
+ return fitOuNodeTypeBit;
+ }
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryRoleByNameResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryRoleByNameResp.java
new file mode 100644
index 00000000..6f699b46
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryRoleByNameResp.java
@@ -0,0 +1,30 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/27 14:06
+ * @description : 通过名字查询角色响应
+ */
+@Data
+public class QueryRoleByNameResp {
+
+ /**
+ * 角色名字
+ */
+ private String roleName;
+
+ /**
+ * 角色Id
+ */
+ private Long roleId;
+
+ /**
+ * 角色类型:common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
+ */
+ private String roleType;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryRoleTemplateReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryRoleTemplateReq.java
new file mode 100644
index 00000000..4a37d612
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryRoleTemplateReq.java
@@ -0,0 +1,24 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.page.PageRequest;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/19 14:21
+ * @description : 模板信息查询
+ */
+@Data
+public class QueryRoleTemplateReq extends PageRequest {
+
+ /**
+ * 模板Id
+ */
+ private Long templateId;
+
+ /**
+ * 1:总包企业级 2:总包项目级 3:政企级 4:分包企业级 5:班组级
+ */
+ private Integer type;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QuerySaasPermissionGroupInPositionTemplateReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QuerySaasPermissionGroupInPositionTemplateReq.java
new file mode 100644
index 00000000..be28f4c9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QuerySaasPermissionGroupInPositionTemplateReq.java
@@ -0,0 +1,50 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+
+/**
+ *
+ *
+ * 用来查询基于PositionTemplate分配的Role、PermissionGroup。
+ *
+ * @author gaowei
+ *
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class QuerySaasPermissionGroupInPositionTemplateReq {
+
+ /**
+ * 项目部工作台ID,不可为空。
+ */
+ @NotNull
+ private Long workspaceId;
+
+ /**
+ * 对应SaasRoleUserRelation表里的ouId
+ */
+ private Long ouId;
+
+ /**
+ * 身份ID,可以为空,为空则忽略此查询条件。
+ */
+ private List identityIds;
+
+ private IdentityType identityType;
+
+ /**
+ * 职位Code列表。
+ * 可以为空,为空则忽略此查询条件。
+ */
+ private List positionCodeList;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QuerySaasRoleByIdentityListDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QuerySaasRoleByIdentityListDTO.java
new file mode 100644
index 00000000..cfce7458
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QuerySaasRoleByIdentityListDTO.java
@@ -0,0 +1,38 @@
+package cn.axzo.tyr.client.model.permission;
+
+import java.util.List;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Builder;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/28 13:56
+ * @description : 通过工作台Id 单位Id 查询用户角色信息
+ */
+@Data
+@Builder
+public class QuerySaasRoleByIdentityListDTO {
+
+ /**
+ * 身份IdList
+ */
+ private List identityIds;
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+
+ /**
+ * 工作台id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryUserRoleReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryUserRoleReq.java
new file mode 100644
index 00000000..7b36fbdf
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/QueryUserRoleReq.java
@@ -0,0 +1,43 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/19 15:01
+ * @description : 查询用户拥有得角色
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class QueryUserRoleReq {
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+ /**
+ * 身份Id列表
+ */
+ private List identityIds;
+
+ private IdentityType identityType;
+
+ private List roleTypes;
+
+ private List roleIds;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RemoveTokenDto.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RemoveTokenDto.java
new file mode 100644
index 00000000..86de3d9a
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RemoveTokenDto.java
@@ -0,0 +1,26 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author liuyang
+ * 删除token
+ */
+@Data
+public class RemoveTokenDto {
+
+ /**
+ * 账号ID
+ */
+ @NotNull(message = "账号ID不能为空")
+ private Integer acctId;
+
+ /**
+ * 客户端ID
+ */
+ @NotBlank(message = "客户端ID不能为空")
+ private String clientId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleBaseInfo.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleBaseInfo.java
new file mode 100644
index 00000000..b5631fe3
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleBaseInfo.java
@@ -0,0 +1,32 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/19 15:13
+ * @description : 角色基本信息
+ */
+@Data
+public class RoleBaseInfo {
+
+ /**
+ * id
+ */
+ private Long id;
+
+ /**
+ * 角色名称
+ */
+ private String name;
+
+ /**
+ * 角色描述
+ */
+ private String description;
+
+ /**
+ * 角色类型:common 普通角色 super_admin超级管理员 admin子管理员 init初始化内置角色
+ */
+ private String roleType;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleByIdentityIdAndWorkspaceIdReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleByIdentityIdAndWorkspaceIdReq.java
new file mode 100644
index 00000000..15e74fa2
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleByIdentityIdAndWorkspaceIdReq.java
@@ -0,0 +1,28 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/27 15:50
+ * @description :
+ */
+@Data
+public class RoleByIdentityIdAndWorkspaceIdReq {
+
+ /**
+ * 身份id
+ */
+ private Long identityId;
+
+// /**
+// * 身份类型
+// */
+// private IdentityTypeEnum identityType;
+
+ /**
+ * 工作台id
+ */
+ private Long workspaceId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleResp.java
new file mode 100644
index 00000000..2b1641f1
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleResp.java
@@ -0,0 +1,36 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+/**
+ * @author: cl
+ * @description: 班组长权限分类实体
+ * @date: 2022-06-17
+ **/
+@Getter
+@Setter
+@Builder
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+public class RoleResp {
+
+ /**
+ * 权限集分类名称
+ */
+ private String roleName;
+
+ /**
+ * 授权的权限
+ */
+ @NotNull
+ private List groupPermissionList;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleTemplateResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleTemplateResp.java
new file mode 100644
index 00000000..e71c26b1
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/RoleTemplateResp.java
@@ -0,0 +1,33 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/19 14:23
+ * @description : 模板响应
+ */
+@Data
+public class RoleTemplateResp {
+
+ /**
+ * Id
+ */
+ private Long id;
+
+ /**
+ * 模板名字
+ */
+ private String templateName;
+
+ /**
+ * 1:总包企业级 2:总包项目级 3:政企级 4:分包企业级 5:班组级
+ */
+ private Integer type;
+
+ /**
+ * 备注
+ */
+ private String remark;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureBO.java
new file mode 100644
index 00000000..aa9ad7ac
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureBO.java
@@ -0,0 +1,100 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import java.time.LocalDateTime;
+
+@Data
+public class SaasFeatureBO {
+
+ /**
+ * 适用单位类型 位
+ */
+ private Long fitOuTypeBit;
+ /**
+ * id
+ */
+ private Long id;
+ /**
+ * 名称
+ */
+ private String featureName;
+ /**
+ * 描述
+ */
+ private String description;
+ /**
+ * code
+ */
+ private String featureCode;
+ /**
+ * 图标地址
+ */
+ private String icon;
+ /**
+ * 菜单上级id
+ */
+ private Long parentId;
+ /**
+ * 链接地址
+ */
+ private String linkUrl;
+ /**
+ * 1:CMS 2:小程序 4:原生
+ */
+ private Integer linkType;
+ /**
+ * 扩展字段
+ */
+ private String linkExt;
+ /**
+ * 小程序id 关联micro_app_item id
+ */
+ private String microAppItemId;
+ /**
+ * 路径
+ */
+ private String path;
+ /**
+ * 排序
+ */
+ private Integer sort;
+ /**
+ * terminal
+ */
+ private String terminal;
+ /**
+ * 类型 0.模块 1.菜单 2页面 3功能
+ */
+ private Integer featureType;
+ /**
+ * 是否需要权限 1.需要 2:不需要
+ */
+ private Integer needAuth;
+ /**
+ * 是否删除
+ */
+ private Long isDelete;
+ /**
+ * 创建人id
+ */
+ private Long createBy;
+ /**
+ * 创建时间
+ */
+ private LocalDateTime createAt;
+ /**
+ * 更新时间
+ */
+ private LocalDateTime updateAt;
+ /**
+ * 修改人id
+ */
+ private Long updateBy;
+
+ private Long productId;
+
+ private String productName;
+
+ private String legacyLayout;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureDTO.java
new file mode 100644
index 00000000..34a6f3f8
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureDTO.java
@@ -0,0 +1,64 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+@Data
+public class SaasFeatureDTO {
+
+ private Long id;
+ /**
+ * 描述
+ */
+ private String description;
+ /**
+ * 名称
+ */
+ private String featureName;
+ /**
+ * code
+ */
+ private String featureCode;
+ /**
+ * 图标地址
+ */
+ private String icon;
+ /**
+ * 菜单上级id
+ */
+ private Long parentId;
+ /**
+ * 链接地址
+ */
+ private String linkUrl;
+ /**
+ * 1:CMS 2:小程序 4:原生
+ */
+ private Integer linkType;
+ /**
+ * 扩展字段
+ */
+ private String linkExt;
+ /**
+ * 小程序id 关联micro_app_item id
+ */
+ private String microAppItemId;
+ /**
+ * 排序
+ */
+ private Integer sort;
+ /**
+ * 菜单适用于平台 0:企业工作台 1:项目工作台
+ */
+ private Integer perspectiveTerminal;
+ /**
+ * 类型 0.模块 1.菜单 2页面 3功能
+ */
+ private Integer featureType;
+ /**
+ * 是否需要权限 1.需要 2:不需要
+ */
+ private Integer needAuth;
+
+ private Long productId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureRes.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureRes.java
new file mode 100644
index 00000000..4e36fa47
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureRes.java
@@ -0,0 +1,140 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Date;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasFeatureRes {
+
+ private Long id;
+
+ /**
+ * 创建时间
+ */
+ private Date createAt;
+
+ /**
+ * 修改时间
+ */
+ private Date updateAt;
+
+ /**
+ * 是否删除 0正常,1删除
+ */
+ private Long isDelete;
+
+
+ /**
+ * 名称
+ */
+ private String featureName;
+ /**
+ * code
+ */
+ private String featureCode;
+ /**
+ * 描述
+ */
+ private String description;
+ /**
+ * 图标地址
+ */
+ private String icon;
+ /**
+ * 菜单上级id
+ */
+ private Long parentId;
+ /**
+ * 链接地址
+ */
+ private String linkUrl;
+ /**
+ * 1:CMS 2:小程序 4:原生
+ */
+ private Integer linkType;
+ /**
+ * 扩展字段
+ */
+ private String linkExt;
+ /**
+ * 小程序id 关联micro_app_item id
+ */
+ private String microAppItemId;
+ /**
+ * 路径
+ */
+ private String path;
+ /**
+ * 排序
+ */
+ private Integer sort;
+ /**
+ * {@link cn.axzo.framework.auth.domain.TerminalInfo }查看NT开头 downloadResource
+ * 菜单适用于平台 NT_CMS_WEB_ENT_ZB:企业工作台 NT_CMS_WEB_PROJ:项目工作台
+ * NT_CMP_APP_ENT_ZB:从业人员企业端 NT_CMP_APP_PROJ:从业人员项目端
+ * NT_CM_APP_CM_LEADER:班组长侧 NT_CM_APP_WORKER:工人侧
+ * NT_OMS_WEB OMS,运营管理后台 NT_SM:数据大屏
+ * NT_SCREEN 数据大屏
+ */
+ private String terminal;
+ /**
+ * 类型 0.模块 1.菜单 2页面 3功能
+ */
+ private Integer featureType;
+
+ /**
+ * 创建人id
+ */
+ private Long createBy;
+
+ /**
+ * 修改人id
+ */
+ private Long updateBy;
+
+ /**
+ * 适用单位类型 1:总包 2:建设单位 4:监理单位 8:劳务分包 16:专业分包 0都可以用 只会挂在最末级
+ */
+ private Long fitOuTypeBit;
+
+ /**
+ * 适用节点类型 1:部门 2:班组 4:小组 只会挂在最末级
+ */
+ private Long fitOuNodeTypeBit;
+
+ /**
+ * 适配老接口 应用所属 system:系统应用 personal:个人应用 business:业务应用 只会挂在第一级别
+ */
+ private String legacyLayout;
+
+ /**
+ * 网关专属字段,所属应用
+ * 后续会换成枚举,暂时枚举未定义完全
+ */
+ private String appName;
+ /**
+ * 网关专属字段,是否授权 0:无需要授权 1:需要授权
+ */
+ private Integer needAuth;
+
+ /**
+ * 网关专属字段,是否认证 0:无需要认证 1:需要认证
+ */
+ private Integer needCert;
+
+ /**
+ * 网关专属字段 ,功能URL,对应后端接口url
+ */
+ private String featureUrl;
+
+ private String businessNo;
+
+ private String parentBusinessNo;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureSearchDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureSearchDTO.java
new file mode 100644
index 00000000..d9ba702e
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureSearchDTO.java
@@ -0,0 +1,24 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.page.PageRequest;
+import lombok.Data;
+
+@Data
+public class SaasFeatureSearchDTO extends PageRequest {
+
+ /**
+ * 权限名称/权限code
+ */
+ private String key;
+
+ /**
+ * 权限集名称
+ */
+ private String groupName;
+
+ /**
+ * 目标平台
+ */
+ private String perspectiveTerminal;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureTreeResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureTreeResp.java
new file mode 100644
index 00000000..0b1782fa
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasFeatureTreeResp.java
@@ -0,0 +1,179 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.model.IBaseTree;
+import cn.axzo.tyr.client.model.enums.FeatureTypeEnum;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import lombok.Data;
+import org.springframework.util.CollectionUtils;
+
+import java.util.Date;
+import java.util.List;
+import java.util.Objects;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/16 10:31
+ * @description : saas 资源树
+ */
+@Data
+public class SaasFeatureTreeResp implements IBaseTree {
+
+ /**
+ * 元素 Id
+ */
+ private Long id;
+
+ /**
+ * 父级 Id
+ */
+ private Long parentId;
+
+ /**
+ * 0.模块 1.菜单 2页面 3功能 99:端-不可编辑
+ */
+ private Integer menuType;
+
+ /**
+ * 元素名称
+ */
+ private String name;
+ /**
+ * code
+ */
+ private String code;
+
+ /**
+ * 图标名
+ */
+ private String icon;
+ /**
+ * 路由地址
+ */
+ private String linkUrl;
+ /**
+ * 1:安心筑企业 2:小程序 4:原生 如果菜单同时又对应app上展示 则填写对应linkUrl 和linkExt
+ */
+ private Integer linkType;
+ /**
+ * 扩展字段 原生使用
+ */
+ private String linkExt;
+
+ /**
+ * 排序号
+ */
+ private Integer sort;
+
+
+ /**
+ * 小程序id 关联micro_app_item id
+ */
+ private String microAppItemId;
+
+ /**
+ * 菜单适用于平台 NT_CMS_WEB_ENT_ZB:企业工作台 NT_CMS_WEB_PROJ:项目工作台
+ * NT_CMP_APP_ENT_ZB:从业人员企业端 NT_CMP_APP_PROJ:从业人员项目端
+ * NT_CM_APP_CM_LEADER:班组长侧 NT_CM_APP_WORKER:工人侧
+ * NT_OMS_WEB OMS,运营管理后台 NT_SM:数据大屏
+ * NT_SCREEN 数据大屏
+ * */
+ private String terminal;
+
+ /**
+ * 备注
+ */
+ private String remark;
+
+ /**
+ * 创建时间
+ */
+ private Date createAt;
+
+ /**
+ * 更新时间
+ */
+ private Date updateAt;
+
+ /**
+ * 1:总包 2:建设单位 4:监理单位 8:劳务分包 16:专业分包
+ */
+ private List fitOuTypes;
+
+ /**
+ * 1:部门 2:班组 4:小组
+ */
+ private List fitOuNodeTypes;
+
+ /**
+ * 适配老接口 应用所属 system:系统应用 personal:个人应用 business:业务应用 只会挂在第一级别
+ */
+ private String legacyLayout;
+
+
+ /**
+ * 网关专属字段,所属应用
+ */
+ private String appName;
+ /**
+ * 网关专属字段,是否授权 0:无需要授权 1:需要授权
+ */
+ private Integer needAuth;
+
+ /**
+ * 网关专属字段,是否认证 0:无需要认证 1:需要认证
+ */
+ private Integer needCert;
+
+ /**
+ * 网关专属字段 ,功能URL,对应后端接口url
+ */
+ private String featureUrl;
+
+
+ /**
+ * 当前所有子级里面是否有功能code
+ */
+ @JsonIgnore
+ public boolean isHadFeatureFunction() {
+ if (!Objects.equals(menuType, FeatureTypeEnum.FEATURE.getCode())) {
+ if (CollectionUtils.isEmpty(children)) {
+ return false;
+ }
+ return children.stream().anyMatch(SaasFeatureTreeResp::isHadFeatureFunction);
+ }
+ return true;
+ }
+
+ /**
+ * 子集
+ */
+ private List children;
+
+
+ @Override
+ @JsonIgnore
+ public String getNodeCode() {
+ return businessNo;
+ }
+
+ @Override
+ @JsonIgnore
+ public String getParentNodeCode() {
+ return parentBusinessNo;
+ }
+
+ @Override
+ @JsonIgnore
+ public List getNodeChildren() {
+ return children;
+ }
+
+ @Override
+ public void setNodeChildren(List nodeChildren) {
+ this.children = nodeChildren;
+ }
+
+ private String businessNo;
+
+ private String parentBusinessNo;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasHierarchyFeatureBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasHierarchyFeatureBO.java
new file mode 100644
index 00000000..2c7aab7d
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasHierarchyFeatureBO.java
@@ -0,0 +1,103 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import java.time.LocalDateTime;
+import java.util.List;
+
+@Data
+public class SaasHierarchyFeatureBO {
+
+ /**
+ * 适用单位类型 位
+ */
+ private Long fitOuTypeBit;
+ /**
+ * id
+ */
+ private Long id;
+ /**
+ * 名称
+ */
+ private String featureName;
+ /**
+ * 描述
+ */
+ private String description;
+ /**
+ * code
+ */
+ private String featureCode;
+ /**
+ * 图标地址
+ */
+ private String icon;
+ /**
+ * 菜单上级id
+ */
+ private Long parentId;
+ /**
+ * 链接地址
+ */
+ private String linkUrl;
+ /**
+ * 1:CMS 2:小程序 4:原生
+ */
+ private Integer linkType;
+ /**
+ * 扩展字段
+ */
+ private String linkExt;
+ /**
+ * 小程序id 关联micro_app_item id
+ */
+ private String microAppItemId;
+ /**
+ * 路径
+ */
+ private String path;
+ /**
+ * 排序
+ */
+ private Integer sort;
+ /**
+ * terminal
+ */
+ private String terminal;
+ /**
+ * 类型 0.模块 1.菜单 2页面 3功能
+ */
+ private Integer featureType;
+ /**
+ * 是否需要权限 1.需要 2:不需要
+ */
+ private Integer needAuth;
+ /**
+ * 是否删除
+ */
+ private Long isDelete;
+ /**
+ * 创建人id
+ */
+ private Long createBy;
+ /**
+ * 创建时间
+ */
+ private LocalDateTime createAt;
+ /**
+ * 更新时间
+ */
+ private LocalDateTime updateAt;
+ /**
+ * 修改人id
+ */
+ private Long updateBy;
+
+ private Long productId;
+
+ private String productName;
+
+ private String legacyLayout;
+
+ private List child;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPermissionGroupBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPermissionGroupBO.java
new file mode 100644
index 00000000..497484a1
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPermissionGroupBO.java
@@ -0,0 +1,75 @@
+package cn.axzo.tyr.client.model.permission;
+
+import com.baomidou.mybatisplus.extension.activerecord.Model;
+import lombok.Data;
+
+import java.time.LocalDateTime;
+import java.util.List;
+
+/**
+ * TODO: 这里的字段和Model的字段对不上
+ *
+ * @author gaowei
+ *
+ */
+@Data
+public class SaasPermissionGroupBO extends Model {
+
+ private Long id;
+ /**
+ * 产品Id
+ */
+ private Long productId;
+ /**
+ * 权限集名称
+ */
+ private String name;
+ /**
+ * 权限集描述
+ */
+ private String description;
+ /**
+ * 适用单位类型 1总包 2分包 3分包总包
+ */
+ private Integer ouType;
+ /**
+ * 权限集类型 1查看 2操作管理
+ */
+ private Integer type;
+ /**
+ * 是否删除:0否,other是
+ */
+ private Long isDelete;
+ /**
+ * 创建时间
+ */
+ private LocalDateTime createAt;
+ /**
+ * 更新时间
+ */
+ private LocalDateTime updateAt;
+ /**
+ * 创建者
+ */
+ private Long createBy;
+ /**
+ * 更新者
+ */
+ private Long updateBy;
+ /**
+ * 是否自定义 0:不是 1:是 如果为1 custom_space_id 不能为空
+ */
+ private Integer isCustom;
+ /**
+ * 工作台Id
+ */
+ private Long customSpaceId;
+
+ /**
+ * 功能IDs
+ */
+ private List featureIds;
+
+
+}
+
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPermissionGroupInPositionTemplate.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPermissionGroupInPositionTemplate.java
new file mode 100644
index 00000000..749edbe3
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPermissionGroupInPositionTemplate.java
@@ -0,0 +1,33 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasPermissionGroupInPositionTemplate {
+
+ /**
+ * 分类名称,对应角色分组名称
+ */
+ private String categoryName;
+ /**
+ * 分类编码,对应角色分组code
+ */
+ private String categoryCode;
+
+ /**
+ * 权限集id
+ */
+ private Long permissionGroupId;
+
+ /**
+ * 权限集名称,对应角色名称
+ */
+ private String permissionGroupName;
+
+}
\ No newline at end of file
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPositionTemplateExBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPositionTemplateExBO.java
new file mode 100644
index 00000000..a9a14c36
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPositionTemplateExBO.java
@@ -0,0 +1,45 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasPositionTemplateExBO {
+
+ /**
+ * id
+ */
+ private Long id;
+
+ /**
+ * 职位名,对应角色分组名
+ */
+ private String name;
+
+ /**
+ * 编码,对应角色分组code
+ */
+ private String code;
+
+ /**
+ * 描述
+ */
+ private String description;
+
+ /**
+ * 职位类型:1:平台级别类型,2:workspace级别类型,对应角色分组工作台类型
+ */
+ private Integer type;
+
+ private List permissionGroups;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPositionTemplateReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPositionTemplateReq.java
new file mode 100644
index 00000000..c0e889b9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasPositionTemplateReq.java
@@ -0,0 +1,26 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasPositionTemplateReq {
+
+ /**
+ * 可以为空,为空就是忽略此条件
+ */
+ private List positionTemplateIdList;
+
+ /**
+ * 可以为空,为空就是忽略此条件
+ */
+ private List positionCodeList;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleAndIdentityBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleAndIdentityBO.java
new file mode 100644
index 00000000..f4928bc3
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleAndIdentityBO.java
@@ -0,0 +1,29 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+/**
+ * saas-角色(SaasRole)表实体类
+ *
+ * @author makejava
+ * @since 2022-05-24 11:18:41
+ */
+@Getter
+@Setter
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasRoleAndIdentityBO extends SaasRoleBO {
+
+ private Long identityId;
+
+ private IdentityType identityType;
+
+ private int jobType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleBO.java
new file mode 100644
index 00000000..bb1b78e2
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleBO.java
@@ -0,0 +1,62 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+/**
+ * saas-角色(SaasRole)表实体类
+ *
+ * @author makejava
+ * @since 2022-05-24 11:18:41
+ */
+@Getter
+@Setter
+@Builder
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasRoleBO {
+
+ private Long roleId;
+
+ /**
+ * 角色名称
+ */
+ private String roleName;
+
+ /**
+ * 角色类型:common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
+ */
+ private RoleTypeEnum roleType;
+
+ /**
+ * 角色描述
+ */
+ private String description;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 0:企业工作台 1:项目工作台
+ */
+ private Integer workspaceType;
+
+ /**
+ * 角色所属单位Id 可能是总包,也可能是分包
+ */
+ private Long ownerOuId;
+
+ /**
+ * 岗位编码
+ */
+ private String jobCode;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleCreateOrUpdateReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleCreateOrUpdateReq.java
new file mode 100644
index 00000000..67587512
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleCreateOrUpdateReq.java
@@ -0,0 +1,95 @@
+package cn.axzo.tyr.client.model.permission;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.validation.constraints.NotBlank;
+
+import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
+import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
+import cn.axzo.tyr.client.common.SaasRoleFits;
+import cn.axzo.tyr.client.model.enums.WorkspaceTypeWithLegacyEnum;
+import lombok.Builder;
+import lombok.Data;
+
+@Data
+@Builder
+public class SaasRoleCreateOrUpdateReq {
+
+ private Long id;
+
+ @NotBlank(message = "名字不能为空")
+ private String name;
+
+ private String description;
+
+ private String roleType;
+
+ /**
+ * 表示这个Role可以使用哪些权限集里的权限
+ */
+ private List permissionGroupIds = new ArrayList<>();
+
+ private WorkspaceTypeWithLegacyEnum workspaceType;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 角色owner单位Id 实际角色和用户的所属关系 具体查询relation的ouId
+ */
+ private Long ownerOuId;
+
+ /**
+ * 适用单位类型 1:总包 2:建设单位 4:监理单位 8:劳务分包 16:专业分包 0都可以用 只会挂在最末级
+ */
+ private Long fitOuTypeBit;
+
+ /**
+ * 适用节点类型 1:部门 2:班组 4:小组 只会挂在最末级
+ */
+ private Long fitOuNodeTypeBit;
+
+ public List getFitOuTypeEnumList() {
+ return SaasRoleFits.splitToFitOuTypeEnums(this.fitOuTypeBit);
+ }
+
+ public List getFitOuNodeTypeEnumList() {
+ return SaasRoleFits.splitToFitOuNodeTypeEnums(this.fitOuNodeTypeBit);
+ }
+
+ public List getFitOuTypeValueList() {
+ return SaasRoleFits.splitToFitOuTypeValues(this.fitOuTypeBit);
+ }
+
+ public List getFitOuNodeTypeValueList() {
+ return SaasRoleFits.splitToFitOuNodeTypeValues(this.fitOuNodeTypeBit);
+ }
+
+ public void setFitOuTypeByValues(List fitOuTypeList) {
+ this.fitOuTypeBit = SaasRoleFits.concatFitOuTypeByValues(fitOuTypeList);
+ }
+
+ public void setFitOuNodeTypeByValues(List fitOuNodeTypeList) {
+ this.fitOuNodeTypeBit = SaasRoleFits.concatFitOuNodeTypeByValues(fitOuNodeTypeList);
+ }
+
+ public void setFitOuTypeByEnums(List fitOuTypeList) {
+ this.fitOuTypeBit = SaasRoleFits.concatFitOuTypeByList(fitOuTypeList);
+ }
+
+ public void setFitOuNodeTypeByEnums(List fitOuNodeTypeList) {
+ this.fitOuNodeTypeBit = SaasRoleFits.concatFitOuNodeTypeByList(fitOuNodeTypeList);
+ }
+
+ public boolean isFitOuType(Integer ouType) {
+ return SaasRoleFits.isFitOuType(this.fitOuTypeBit, ouType);
+ }
+
+ public boolean isFitOuNodeType(Integer ouNodeType) {
+ return SaasRoleFits.isFitOuNodeType(this.fitOuNodeTypeBit, ouNodeType);
+ }
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleDTO.java
new file mode 100644
index 00000000..b8793ac2
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleDTO.java
@@ -0,0 +1,70 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.experimental.Accessors;
+
+import javax.validation.constraints.NotBlank;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @author: wangli
+ * @date: 2022/5/26 14:18
+ */
+@Data
+@Accessors(chain = true)
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class SaasRoleDTO {
+
+ private Long id;
+
+ /**
+ * 角色名称
+ */
+ @NotBlank(message = "名字不能为空")
+ private String name;
+
+ /**
+ * 角色描述
+ */
+ private String description;
+
+ /**
+ * 权限集
+ */
+ private List groupIds = new ArrayList<>();
+
+ /**
+ * 工作台ID
+ */
+ private Long workspaceId;
+ /**
+ * 工作台类型
+ */
+ private Integer workspaceType;
+
+ /**
+ * 所属单位ID
+ */
+ private Long ownerOuId;
+
+ /**
+ * 角色类型
+ */
+ private String roleType;
+
+ /**
+ * 是否删除
+ */
+ private Long isDelete;
+
+ /**
+ * 职位模板I
+ */
+ private Long positionTemplateId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleDelDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleDelDTO.java
new file mode 100644
index 00000000..3b4eb6af
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleDelDTO.java
@@ -0,0 +1,35 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Builder;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/30 16:00
+ * @description : 删除指定工作台角色-用户关联关系
+ */
+@Data
+@Builder
+public class SaasRoleDelDTO {
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleDetailResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleDetailResp.java
new file mode 100644
index 00000000..6e1e26ab
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleDetailResp.java
@@ -0,0 +1,41 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/30 14:46
+ * @description :
+ */
+@Data
+public class SaasRoleDetailResp extends SaasRoleResp{
+
+ /**
+ * 权限集Id
+ */
+ private List groupIds;
+
+ /**
+ * 权限集名称
+ */
+ private List groupNames;
+
+
+ /**
+ * 权限集Id
+ */
+ private int groupCounts;
+
+ /**
+ * 岗位成员
+ */
+ private List mainUsers;
+
+ /**
+ * 协助岗位成员
+ */
+ private List salveUsers;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleExBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleExBO.java
new file mode 100644
index 00000000..77632dec
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleExBO.java
@@ -0,0 +1,61 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+import java.util.List;
+
+/**
+ * saas-角色(SaasRole)表实体类
+ *
+ * @author makejava
+ * @since 2022-05-24 11:18:41
+ */
+@Getter
+@Setter
+@Builder
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasRoleExBO {
+
+ private Long roleId;
+
+ /**
+ * 角色名称
+ */
+ private String roleName;
+
+ /**
+ * 角色类型:common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
+ */
+ private RoleTypeEnum roleType;
+
+ /**
+ * 角色描述
+ */
+ private String description;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 0:企业工作台 1:项目工作台
+ */
+ private Integer workspaceType;
+
+ /**
+ * 角色所属单位Id 可能是总包,也可能是分包
+ */
+ private Long ownerOuId;
+
+ private List permissionGroupList;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleExReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleExReq.java
new file mode 100644
index 00000000..4e004bb6
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleExReq.java
@@ -0,0 +1,21 @@
+package cn.axzo.tyr.client.model.permission;
+
+import java.util.List;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasRoleExReq {
+ private List roleIds;
+
+ private Long workspaceId;
+
+ private Long ownerOuId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleFits.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleFits.java
new file mode 100644
index 00000000..f5967652
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleFits.java
@@ -0,0 +1,165 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
+import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+public class SaasRoleFits {
+ private static Map ouTypeMap = new HashMap<>();
+ private static Map ouTypeValueToBitMap = new HashMap<>();
+ static {
+ ouTypeMap.put(1L, OrganizationalUnitTypeEnum.PRIMARY_CONTRACTING_UNIT); //总包
+ ouTypeMap.put(2L, OrganizationalUnitTypeEnum.CONSTRUCTION_UNIT); //建设单位
+ ouTypeMap.put(4L, OrganizationalUnitTypeEnum.SUPERVISION_UNIT); //监理单位
+ ouTypeMap.put(8L, OrganizationalUnitTypeEnum.LABOR_SUBCONTRACTING); //劳务分包
+ ouTypeMap.put(16L, OrganizationalUnitTypeEnum.PROFESSIONAL_SUBCONTRACTING); //专业分包
+ ouTypeMap.put(32L, OrganizationalUnitTypeEnum.PROJECT_OUT_TEAM); //平台班组
+ ouTypeMap.put(64L, OrganizationalUnitTypeEnum.AXZ_PLATFORM); //安心筑平台
+
+ for(Entry e : ouTypeMap.entrySet())
+ ouTypeValueToBitMap.put(e.getValue().getValue(), e.getKey());
+ }
+
+ static Map ouNodeTypeMap = new HashMap<>();
+ private static Map ouNodeTypeValueToBitMap = new HashMap<>();
+ static {
+ ouNodeTypeMap.put(1L, OrganizationalNodeTypeEnum.DEPARTMENT); // 部门
+ ouNodeTypeMap.put(2L, OrganizationalNodeTypeEnum.TEAM); // 团队
+ ouNodeTypeMap.put(3L, OrganizationalNodeTypeEnum.GROUP); // 小组
+ ouNodeTypeMap.put(4L, OrganizationalNodeTypeEnum.PROJECT_TEAM); // 项目内班组
+ ouNodeTypeMap.put(5L, OrganizationalNodeTypeEnum.PROJECT_GROUP); // 项目内小组
+
+ for(Entry e : ouNodeTypeMap.entrySet())
+ ouNodeTypeValueToBitMap.put(e.getValue().getValue(), e.getKey());
+ }
+
+ public static List splitToFitOuTypeEnums(Long fitOuType) {
+ if(isZero(fitOuType))
+ return ouTypeMap.values().stream().collect(Collectors.toList());
+ List list = toListByCheckBit(fitOuType, ouTypeMap);
+ return list;
+ }
+
+ public static List splitToFitOuTypeValues(Long fitOuType) {
+ if(isZero(fitOuType))
+ return ouTypeMap.values().stream().map(e -> e.getValue()).collect(Collectors.toList());
+ List list = toListByCheckBit(fitOuType, ouTypeMap);
+ return list.stream().map(t -> t.getValue()).collect(Collectors.toList());
+ }
+
+ public static List splitToFitOuNodeTypeValues(Long fitOuNodeType) {
+ if(isZero(fitOuNodeType))
+ return ouNodeTypeMap.values().stream().map(e -> e.getValue()).collect(Collectors.toList());
+ List list = toListByCheckBit(fitOuNodeType, ouNodeTypeMap);
+ return list.stream().map(t -> t.getValue()).collect(Collectors.toList());
+ }
+
+ public static List splitToFitOuNodeTypeEnums(Long fitOuNodeType) {
+ if(isZero(fitOuNodeType))
+ return ouNodeTypeMap.values().stream().collect(Collectors.toList());
+ List list = toListByCheckBit(fitOuNodeType, ouNodeTypeMap);
+ return list;
+ }
+
+ public static Long concatFitOuTypeByList(List fitOuTypeList) {
+ if(fitOuTypeList == null || fitOuTypeList.size() == 0)
+ return 0L;
+ Set set = fitOuTypeList.stream().collect(Collectors.toSet());
+ Long result = 0L;
+ for(OrganizationalUnitTypeEnum type : set) {
+ result += ouTypeValueToBitMap.get(type.getValue());
+ }
+ return result;
+ }
+
+ public static Long concatFitOuNodeTypeByList(List fitOuNodeTypeList) {
+ if(fitOuNodeTypeList == null || fitOuNodeTypeList.size() == 0)
+ return 0L;
+ Set set = fitOuNodeTypeList.stream().collect(Collectors.toSet());
+ Long result = 0L;
+ for(OrganizationalNodeTypeEnum type : set) {
+ result += ouNodeTypeValueToBitMap.get(type.getValue());
+ }
+ return result;
+ }
+
+ public static Long concatFitOuTypeByValues(List fitOuTypeList) {
+ if(fitOuTypeList == null || fitOuTypeList.size() == 0)
+ return 0L;
+ Set set = fitOuTypeList.stream().collect(Collectors.toSet());
+ Long result = 0L;
+ for(Integer type : set) {
+ result += ouTypeValueToBitMap.get(type);
+ }
+ return result;
+ }
+
+ public static Long concatFitOuNodeTypeByValues(List fitOuNodeTypeList) {
+ if(fitOuNodeTypeList == null || fitOuNodeTypeList.size() == 0)
+ return 0L;
+ Set set = fitOuNodeTypeList.stream().collect(Collectors.toSet());
+ Long result = 0L;
+ for(Integer type : set) {
+ result += ouNodeTypeValueToBitMap.get(type);
+ }
+ return result;
+ }
+
+ public static boolean isFitOuType(Long fitOuTypeBit, Integer ouType) {
+ if(fitOuTypeBit == 0 || fitOuTypeBit == null)
+ return true;
+ Long bit = ouTypeValueToBitMap.get(ouType);
+ long result = bit & fitOuTypeBit;
+ return result > 0;
+ }
+
+ public static boolean isFitOuNodeType(Long fitOuNodeTypeBit, Integer ouNodeType) {
+ if(fitOuNodeTypeBit == 0 || fitOuNodeTypeBit == null)
+ return true;
+ Long bit = ouNodeTypeValueToBitMap.get(ouNodeType);
+ long result = bit & fitOuNodeTypeBit;
+ return result > 0;
+ }
+
+ ///以下是工具函数
+
+ private static boolean isZero(Long l) {
+ if(l == null)
+ return true;
+ if(l == 0L)
+ return true;
+ return false;
+ }
+
+ private static List toListByCheckBit(Long fitOuType, Map map) {
+ if(fitOuType == null || fitOuType == 0L)
+ return Collections.emptyList();
+
+ List list = new ArrayList<>();
+ for(Long key : map.keySet()) {
+ long result = fitOuType & key;
+ if(result > 0L) {
+ list.add(map.get(key));
+ }
+ }
+ return list;
+ }
+
+
+ public static void main(String[] args) {
+ List list = SaasRoleFits.splitToFitOuTypeValues(1+2+4L);
+ System.out.println(list);
+ Long value = SaasRoleFits.concatFitOuNodeTypeByValues(list);
+ System.out.println(value);
+ }
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleInfoResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleInfoResp.java
new file mode 100644
index 00000000..520bc5eb
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleInfoResp.java
@@ -0,0 +1,25 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/21 15:38
+ * @description : 角色及信息
+ */
+@Data
+public class SaasRoleInfoResp {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 角色列表
+ */
+ private List roleBOList;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleJobInfoResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleJobInfoResp.java
new file mode 100644
index 00000000..b82b1045
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleJobInfoResp.java
@@ -0,0 +1,22 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author hewei@axzo.cn
+ * @date 2022/10/10 17:20
+ */
+@Data
+public class SaasRoleJobInfoResp {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+ /**
+ * 岗位列表
+ */
+ private List roleJobBOList;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleOuBatchDelDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleOuBatchDelDTO.java
new file mode 100644
index 00000000..48cf9507
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleOuBatchDelDTO.java
@@ -0,0 +1,36 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+/**
+ * @author : cl
+ * @date : 2022/06/21
+ * @description : 批量删除指定用户角色
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasRoleOuBatchDelDTO {
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+ /**
+ * 身份Id
+ */
+ private List identityIdList;
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleQueryDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleQueryDTO.java
new file mode 100644
index 00000000..24e56541
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleQueryDTO.java
@@ -0,0 +1,48 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/30 14:35
+ * @description :
+ */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class SaasRoleQueryDTO {
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+
+ /**
+ * 查询关键字
+ */
+ private String keyWords;
+
+ private RoleTypeEnum roleType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleResp.java
new file mode 100644
index 00000000..dc73b8df
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleResp.java
@@ -0,0 +1,34 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/8 16:53
+ * @description : 角色列表
+ */
+@Data
+public class SaasRoleResp {
+
+ /**
+ * 主键
+ */
+ private Long id;
+ /**
+ * 角色名称
+ */
+ private String name;
+ /**
+ * 角色描述
+ */
+ private String description;
+ /**
+ * 角色类型:common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
+ */
+ private String roleType;
+ /**
+ *
+ * 岗位编码
+ */
+ private String jobCode;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserPermissionBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserPermissionBO.java
new file mode 100644
index 00000000..c7cef76c
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserPermissionBO.java
@@ -0,0 +1,103 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
+import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.tyr.client.common.SaasRoleFits;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * 首先可以用来表达一个用户有哪些Code。
+ * 字段全一些,可以为以后的功能打一些基础。
+ *
+ * @author gaowei
+ *
+ */
+@Data
+public class SaasUserPermissionBO {
+
+ /**
+ * 这个字段来自SaasRoleUserRelation
+ */
+ private Long identityId;
+
+ /**
+ * 这个字段来自SaasRoleUserRelation
+ */
+ private IdentityType identityType;
+
+ /**
+ * 这个字段来自SaasRoleUserRelation
+ */
+ private Long workspaceId;
+
+ /**
+ * 这个字段来自SaasRoleUserRelation
+ */
+ private Long ouId;
+
+ /**
+ * code,这个字段来自SaasFeature
+ */
+ private String featureCode;
+
+ /**
+ * 名称,这个字段来自SaasFeature
+ */
+ private String featureName;
+
+ /**
+ * 这个字段来自SaasFeature
+ */
+ private Long fitOuTypeBit;
+
+ /**
+ * 这个字段来自SaasFeature
+ */
+ private Long fitOuNodeTypeBit;
+
+
+ public List getFitOuTypeEnumList() {
+ return SaasRoleFits.splitToFitOuTypeEnums(this.fitOuTypeBit);
+ }
+
+ public List getFitOuNodeTypeEnumList() {
+ return SaasRoleFits.splitToFitOuNodeTypeEnums(this.fitOuNodeTypeBit);
+ }
+
+ public List getFitOuTypeValueList() {
+ return SaasRoleFits.splitToFitOuTypeValues(this.fitOuTypeBit);
+ }
+
+ public List getFitOuNodeTypeValueList() {
+ return SaasRoleFits.splitToFitOuNodeTypeValues(this.fitOuNodeTypeBit);
+ }
+
+ public void setFitOuTypeByValues(List fitOuTypeList) {
+ this.fitOuTypeBit = SaasRoleFits.concatFitOuTypeByValues(fitOuTypeList);
+ }
+
+ public void setFitOuNodeTypeByValues(List fitOuNodeTypeList) {
+ this.fitOuNodeTypeBit = SaasRoleFits.concatFitOuNodeTypeByValues(fitOuNodeTypeList);
+ }
+
+ public void setFitOuTypeByEnums(List fitOuTypeList) {
+ this.fitOuTypeBit = SaasRoleFits.concatFitOuTypeByList(fitOuTypeList);
+ }
+
+ public void setFitOuNodeTypeByEnums(List fitOuNodeTypeList) {
+ this.fitOuNodeTypeBit = SaasRoleFits.concatFitOuNodeTypeByList(fitOuNodeTypeList);
+ }
+
+ public boolean isFitOuType(Integer ouType) {
+ return SaasRoleFits.isFitOuType(this.fitOuTypeBit, ouType);
+ }
+
+ public boolean isFitOuNodeType(Integer ouNodeType) {
+ return SaasRoleFits.isFitOuNodeType(this.fitOuNodeTypeBit, ouNodeType);
+ }
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserPermissionReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserPermissionReq.java
new file mode 100644
index 00000000..223deaef
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserPermissionReq.java
@@ -0,0 +1,31 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasUserPermissionReq {
+
+ private List identityIds;
+
+ private IdentityType identityType;
+
+ private List productIds;
+
+ private Long workspaceId;
+
+ private Long ouId;
+
+ private List codes;
+
+ private String featureNameLike;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserRoleExBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserRoleExBO.java
new file mode 100644
index 00000000..8e116008
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserRoleExBO.java
@@ -0,0 +1,146 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
+import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.tyr.client.common.SaasRoleFits;
+import cn.axzo.tyr.client.model.enums.WorkspaceTypeWithLegacyEnum;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+
+import java.time.LocalDateTime;
+import java.util.List;
+
+/**
+ *
+ */
+@Getter
+@Setter
+@ToString
+public class SaasUserRoleExBO {
+
+ private Long id;
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+ /**
+ * 角色Id
+ */
+ private Long roleId;
+ /**
+ * 自然人Id
+ */
+ private Long naturalPersonId;
+ /**
+ * 是否删除:0否,other是
+ */
+ private Long isDelete;
+ /**
+ * 创建时间
+ */
+ private LocalDateTime createAt;
+ /**
+ * 更新时间
+ */
+ private LocalDateTime updateAt;
+ /**
+ * 创建者
+ */
+ private Long createBy;
+ /**
+ * 更新者
+ */
+ private Long updateBy;
+
+ private Long ouId;
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 资源类型
+ */
+ private Integer resourceType;
+
+ /**
+ * 资源Id
+ */
+ private Long resourceId;
+
+ /// 以下是从SaasRole冗余过来的字段
+
+ private String roleName;
+
+ /**
+ * 角色类型:common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
+ */
+ private String roleType;
+
+ /**
+ * 1:企业工作台 2:项目工作台
+ */
+ private WorkspaceTypeWithLegacyEnum workspaceType;
+ /**
+ * 角色owner单位Id 实际角色和用户的所属关系 具体查询relation的ouId
+ */
+ private Long ownerOuId;
+
+ /**
+ * 适用单位类型 1:总包 2:建设单位 4:监理单位 8:劳务分包 16:专业分包 0都可以用 只会挂在最末级
+ */
+ private Long fitOuTypeBit;
+
+ /**
+ * 适用节点类型 1:部门 2:班组 4:小组 只会挂在最末级
+ */
+ private Long fitOuNodeTypeBit;
+
+ public List getFitOuTypeEnumList() {
+ return SaasRoleFits.splitToFitOuTypeEnums(this.fitOuTypeBit);
+ }
+
+ public List getFitOuNodeTypeEnumList() {
+ return SaasRoleFits.splitToFitOuNodeTypeEnums(this.fitOuNodeTypeBit);
+ }
+
+ public List getFitOuTypeValueList() {
+ return SaasRoleFits.splitToFitOuTypeValues(this.fitOuTypeBit);
+ }
+
+ public List getFitOuNodeTypeValueList() {
+ return SaasRoleFits.splitToFitOuNodeTypeValues(this.fitOuNodeTypeBit);
+ }
+
+ public void setFitOuTypeByValues(List fitOuTypeList) {
+ this.fitOuTypeBit = SaasRoleFits.concatFitOuTypeByValues(fitOuTypeList);
+ }
+
+ public void setFitOuNodeTypeByValues(List fitOuNodeTypeList) {
+ this.fitOuNodeTypeBit = SaasRoleFits.concatFitOuNodeTypeByValues(fitOuNodeTypeList);
+ }
+
+ public void setFitOuTypeByEnums(List fitOuTypeList) {
+ this.fitOuTypeBit = SaasRoleFits.concatFitOuTypeByList(fitOuTypeList);
+ }
+
+ public void setFitOuNodeTypeByEnums(List fitOuNodeTypeList) {
+ this.fitOuNodeTypeBit = SaasRoleFits.concatFitOuNodeTypeByList(fitOuNodeTypeList);
+ }
+
+ public boolean isFitOuType(Integer ouType) {
+ return SaasRoleFits.isFitOuType(this.fitOuTypeBit, ouType);
+ }
+
+ public boolean isFitOuNodeType(Integer ouNodeType) {
+ return SaasRoleFits.isFitOuNodeType(this.fitOuNodeTypeBit, ouNodeType);
+ }
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserWithEntProjectBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserWithEntProjectBO.java
new file mode 100644
index 00000000..ad1a2249
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasUserWithEntProjectBO.java
@@ -0,0 +1,34 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+import lombok.experimental.Accessors;
+
+import java.util.Set;
+
+/**
+ * 从业人员拥有权限的项目 企业
+ *
+ * @author jiachao
+ * @date 2021/8/25
+ */
+@Data
+@Accessors(chain = true)
+public class SaasUserWithEntProjectBO {
+
+ /**
+ * 从业userid
+ */
+ private Long entUserId;
+
+ /**
+ * 项目id list
+ */
+ private Set projectIds;
+
+ /**
+ * 企业id list
+ */
+ private Set entIds;
+}
+
+
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SuperAminInfoResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SuperAminInfoResp.java
new file mode 100644
index 00000000..0c90bcd9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SuperAminInfoResp.java
@@ -0,0 +1,42 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/17 16:20
+ * @description : 超管信息
+ */
+@Data
+public class SuperAminInfoResp {
+
+ /**
+ * 身份ID
+ */
+ private Long identityId;
+
+ private IdentityType identityType;
+
+ /**
+ * 手机号
+ */
+ private String phone;
+
+ /**
+ * 姓名
+ */
+ private String realName;
+
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UpdatePermissionGroupReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UpdatePermissionGroupReq.java
new file mode 100644
index 00000000..018046fa
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UpdatePermissionGroupReq.java
@@ -0,0 +1,38 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+import org.hibernate.validator.constraints.Length;
+
+import javax.validation.constraints.Min;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+/**
+ */
+@Data
+public class UpdatePermissionGroupReq extends CommonWorkspaceIdAndOuIdReq {
+
+ /**
+ * 主键id
+ */
+ @NotNull
+ @Min(value = 1)
+ private Long id;
+ /**
+ * 权限集名称
+ */
+ @NotBlank(message = "权限集名称不能为空")
+ @Length(max = 20, message = "权限集名称不能超过20个字符")
+ private String name;
+ /**
+ * 权限集描述
+ */
+ private String description;
+ /**
+ * 功能集合id
+ */
+ @NotEmpty(message = "权限集不能为空")
+ private List featureIds;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UpdateWorkspaceSupAdminDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UpdateWorkspaceSupAdminDTO.java
new file mode 100644
index 00000000..de6083fa
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UpdateWorkspaceSupAdminDTO.java
@@ -0,0 +1,46 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Builder;
+import lombok.Data;
+
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/30 16:24
+ * @description : 更新工作台超管
+ */
+@Builder
+@Data
+public class UpdateWorkspaceSupAdminDTO {
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+
+ /**
+ * 身份id
+ */
+ private Long identityId;
+
+ /**
+ * 工作台id
+ */
+ private Long workspaceId;
+
+ /**
+ * 组织单位id
+ */
+ private Long organizationalUnitId;
+
+ /**
+ * 工作台类型
+ */
+ private Integer workspaceType;
+
+
+ private Long naturalPersonId;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UserInfoDto.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UserInfoDto.java
new file mode 100644
index 00000000..3d8d9f4f
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UserInfoDto.java
@@ -0,0 +1,32 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.trade.datasecurity.sd.extension.annotation.SDCellPhoneField;
+import lombok.Data;
+
+/**
+ * @author hewei@axzo.cn
+ * @date 2022/10/11 10:52
+ */
+@Data
+public class UserInfoDto {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型
+ */
+ private IdentityType identityType;
+ /**
+ * 姓名
+ */
+ private String name;
+ /**
+ * 手机号码
+ */
+ @SDCellPhoneField
+ private String phone;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UserRoleRelationApiDto.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UserRoleRelationApiDto.java
new file mode 100644
index 00000000..6cd887fb
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/UserRoleRelationApiDto.java
@@ -0,0 +1,29 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.constant.ConstStringPool;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 2022/8/13 14:12
+ */
+@Getter
+@Setter
+@ToString
+public class UserRoleRelationApiDto {
+
+ private long ouId = 0L;
+ private long workspaceId = 0L;
+ private long identityId = 0L;
+
+ @JsonIgnore
+ public String getUniquenessKey() {
+ return ouId + ConstStringPool.REDIS_SPLIT_STRING + workspaceId
+ + ConstStringPool.REDIS_SPLIT_STRING + identityId;
+ }
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceAndOuFeatureBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceAndOuFeatureBO.java
new file mode 100644
index 00000000..cdce386d
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceAndOuFeatureBO.java
@@ -0,0 +1,29 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class WorkspaceAndOuFeatureBO {
+
+ /**
+ * 工作台id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位id
+ */
+ private Long ouId;
+
+ /**
+ * 菜单id
+ */
+ private Long featureId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceAndOuFeatureIdBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceAndOuFeatureIdBO.java
new file mode 100644
index 00000000..379d605c
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceAndOuFeatureIdBO.java
@@ -0,0 +1,23 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+@Data
+public class WorkspaceAndOuFeatureIdBO {
+
+ /**
+ * 工作台id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位id
+ */
+ private Long ouId;
+
+ /**
+ * 菜单path
+ */
+ private Long featureId;
+
+}
\ No newline at end of file
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceChangerAdminReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceChangerAdminReq.java
new file mode 100644
index 00000000..6e1c8dba
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceChangerAdminReq.java
@@ -0,0 +1,23 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/10 16:20
+ * @description : 工作台变更超管请求
+ */
+@Data
+public class WorkspaceChangerAdminReq {
+
+ @NotNull(message = "原账户Id不能为空")
+ private Long oldAccountId;
+
+ @NotNull(message = "新账户Id不能为空")
+ private Long newAccountId;
+
+ @NotNull(message = "工作台Id不能为空")
+ private Long workspaceId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceCreateAdminReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceCreateAdminReq.java
new file mode 100644
index 00000000..58965e41
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceCreateAdminReq.java
@@ -0,0 +1,27 @@
+package cn.axzo.tyr.client.model.permission;
+
+import java.util.List;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/10 16:20
+ * @description : 工作台创建请求
+ */
+@Data
+public class WorkspaceCreateAdminReq {
+
+ @NotNull(message = "账户Id不能为空")
+ private Long accountId;
+
+ @NotNull(message = "工作台Id不能为空")
+ private Long workspaceId;
+
+ @NotNull(message = "工作台类型不能为空")
+ private Integer workspaceType;
+
+ @NotEmpty(message = "saas产品Id不能为空")
+ private List saasProductId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceCreateOrUpdateAdminReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceCreateOrUpdateAdminReq.java
new file mode 100644
index 00000000..457b2ef9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceCreateOrUpdateAdminReq.java
@@ -0,0 +1,38 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/18 17:00
+ * @description :
+ */
+@Data
+public class WorkspaceCreateOrUpdateAdminReq {
+
+ @NotNull(message = "手机号")
+ private String phoneNo;
+
+ @NotNull(message = "用户名")
+ private String userName;
+
+ @NotNull(message = "工作台Id不能为空")
+ private Long workspaceId;
+
+ @NotNull(message = "单位Id不能为空")
+ private Long organizationalUnitId;
+
+ @NotNull(message = "工作台类型不能为空 1.总包企业级 ,2.总包项目级 ,3.政企级,4.分包企业级,5.班组级")
+ private Integer workspaceType;
+
+ @NotEmpty(message = "当前工作台对应的产品Id集合")
+ private List currentProductIds;
+ /**
+ * 原产品IdList 初次创建可以不填
+ */
+ private List oldProductIds;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceCreateOrUpdateAdminResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceCreateOrUpdateAdminResp.java
new file mode 100644
index 00000000..c3347c24
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceCreateOrUpdateAdminResp.java
@@ -0,0 +1,30 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+@Data
+public class WorkspaceCreateOrUpdateAdminResp {
+
+ /**
+ * 身份Id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型 1 - 工人, 2 - 班组长, 3 - 从业人员, 4 - 政务人员
+ */
+ private Integer identityType;
+
+ /**
+ * 账户Id
+ */
+ private Long accountId;
+
+ /**
+ * 自然人Id
+ */
+ private Long personId;
+
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceGrantAdminRoleByPhoneReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceGrantAdminRoleByPhoneReq.java
new file mode 100644
index 00000000..2aaa3577
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceGrantAdminRoleByPhoneReq.java
@@ -0,0 +1,51 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+
+@Data
+public class WorkspaceGrantAdminRoleByPhoneReq {
+
+ /**
+ * 工作台id,与context校验
+ */
+ @NotNull(message = "workspaceId不能为空")
+ private Long workspaceId;
+
+ /**
+ * 单位id
+ */
+ @NotNull(message = "ouId不能为空")
+ private Long ouId;
+
+ /**
+ * 手机号
+ */
+ @NotBlank(message = "phone不能为空")
+ private String phone;
+
+ /**
+ * 昵称
+ */
+ private String nickName;
+
+ /**
+ * 角色Id,必填
+ * 只能传SUPER_ADMIN,ADMIN
+ */
+ private RoleTypeEnum roleType;
+
+ /**
+ * 身份类型
+ */
+ @NotNull(message = "identityType不能为空")
+ private IdentityType identityType;
+
+ @NotNull(message = "workspaceType不能为空")
+ private Integer workspaceType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceGrantAdminRoleReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceGrantAdminRoleReq.java
new file mode 100644
index 00000000..f21ad330
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceGrantAdminRoleReq.java
@@ -0,0 +1,48 @@
+package cn.axzo.tyr.client.model.permission;
+
+import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import cn.axzo.tyr.client.model.enums.WorkspaceTypeWithLegacyEnum;
+import lombok.Data;
+
+@Data
+public class WorkspaceGrantAdminRoleReq {
+
+ /**
+ * 工作台id,与context校验
+ */
+ private Long workspaceId;
+
+ /**
+ * 工作台类型
+ */
+ private WorkspaceTypeWithLegacyEnum workspaceType;
+
+ /**
+ * 单位id : 非必填
+ */
+ private Long ouId;
+
+ /**
+ * 单位类型
+ */
+ private OrganizationalNodeTypeEnum nodeTypeEnum;
+
+ /**
+ * 被赋予角色的人的身份id
+ */
+ private Long identityId;
+
+ /**
+ * 身份类型,必填
+ */
+ private IdentityType identityType;
+
+ /**
+ * 角色Id,必填
+ * 只能传SUPER_ADMIN,ADMIN
+ */
+ private RoleTypeEnum roleType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceTemplateInitReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceTemplateInitReq.java
new file mode 100644
index 00000000..162a7b29
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceTemplateInitReq.java
@@ -0,0 +1,29 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+
+@Data
+public class WorkspaceTemplateInitReq {
+
+ @NotNull(message = "工作台Id不能为空")
+ private Long workspaceId;
+
+ @NotNull(message = "单位Id不能为空")
+ private Long organizationalUnitId;
+
+ @NotNull(message = "工作台类型不能为空 1.总包企业级 ,2.总包项目级 ,3.政企级,4.分包企业级,5.班组级")
+ private Integer workspaceType;
+
+ @NotEmpty(message = "当前工作台对应的产品Id集合")
+ private Long newTemplateId;
+
+ /**
+ * 原产品IdList 初次创建可以不填
+ */
+ private Long oldTemplateId;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceWorkTeamRoleResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceWorkTeamRoleResp.java
new file mode 100644
index 00000000..d9b30720
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceWorkTeamRoleResp.java
@@ -0,0 +1,40 @@
+package cn.axzo.tyr.client.model.permission;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+/**
+ * @author: cl
+ * @description: 项目外成员管理角色权限
+ * @date: 2022-06-17
+ **/
+
+@Getter
+@Setter
+@Builder
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+public class WorkspaceWorkTeamRoleResp {
+
+ /**
+ * 工作空间ID
+ */
+ private Long workspaceId;
+
+ /**
+ * 资源Id
+ */
+ private Long resourceId;
+
+ /**
+ * 资源类型
+ */
+ private Integer resourceType;
+
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/AddValidGroup.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/AddValidGroup.java
new file mode 100644
index 00000000..9aa93dc9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/AddValidGroup.java
@@ -0,0 +1,9 @@
+package cn.axzo.tyr.client.model.req;
+
+/**
+ * @author: wangli
+ * @date: 2022/1/26 10:44
+ */
+public interface AddValidGroup {
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/GetByIdsReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/GetByIdsReq.java
new file mode 100644
index 00000000..b59e5401
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/GetByIdsReq.java
@@ -0,0 +1,17 @@
+package cn.axzo.tyr.client.model.req;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class GetByIdsReq {
+
+ private List ids;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListAllFeatureByTerminalReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListAllFeatureByTerminalReq.java
new file mode 100644
index 00000000..0cac187e
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListAllFeatureByTerminalReq.java
@@ -0,0 +1,15 @@
+package cn.axzo.tyr.client.model.req;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class ListAllFeatureByTerminalReq {
+
+ private String terminal;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListUserRoleByParams.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListUserRoleByParams.java
new file mode 100644
index 00000000..43b57a03
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListUserRoleByParams.java
@@ -0,0 +1,27 @@
+package cn.axzo.tyr.client.model.req;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+/**
+ * @author chenwenjian
+ * @version 1.0
+ * @date 2024/10/14 19:54
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class ListUserRoleByParams {
+
+ private List identityIds;
+
+ private IdentityType identityType;
+
+ private Long workspaceId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ProductQueryReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ProductQueryReq.java
new file mode 100644
index 00000000..f1e3f8af
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ProductQueryReq.java
@@ -0,0 +1,27 @@
+package cn.axzo.tyr.client.model.req;
+
+import lombok.Data;
+
+import java.util.List;
+
+@Data
+public class ProductQueryReq {
+
+
+ /**
+ * 1:总包企业产品 2:总包项目产品 3:政企产品 4:分包企业产品 5:班组产品
+ */
+// @NotNull(message = "产品类型不能为空")
+ private Integer productType;
+
+ /**
+ * 基础产品与否 0:基础产品 1:普通产品
+ */
+ private Integer commonProduct;
+
+ /**
+ * 产品列表
+ */
+ private List productIds;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/QuerySuperAdminReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/QuerySuperAdminReq.java
new file mode 100644
index 00000000..c26d3eac
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/QuerySuperAdminReq.java
@@ -0,0 +1,33 @@
+package cn.axzo.tyr.client.model.req;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/17 16:28
+ * @description : 查询超管信息
+ */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class QuerySuperAdminReq {
+
+ /**
+ * 工作台Id
+ */
+ @NotNull(message = "工作台Id不能为空")
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ @NotNull(message = "单位Id不能为空")
+ private Long ouId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/SaasProductQueryReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/SaasProductQueryReq.java
new file mode 100644
index 00000000..9d8a7bdc
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/SaasProductQueryReq.java
@@ -0,0 +1,34 @@
+package cn.axzo.tyr.client.model.req;
+
+import cn.axzo.basics.common.page.PageRequest;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/16 15:13
+ * @description : 查询产品类型列表
+ */
+@Data
+public class SaasProductQueryReq extends PageRequest {
+
+ /**
+ * 1:总包企业产品 2:总包项目产品 3:政企产品 4:分包企业产品 5:班组产品
+ */
+ private Integer productType;
+ /**
+ * 产品板块名字
+ */
+ private String productName;
+ /**
+ * 基础产品与否 0:基础产品 1:普通产品
+ */
+ private Integer commonProduct;
+
+ /**
+ * 产品Id列表
+ */
+ private List productIds;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/SaasProductSaveOrUpdateReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/SaasProductSaveOrUpdateReq.java
new file mode 100644
index 00000000..ee7dca65
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/SaasProductSaveOrUpdateReq.java
@@ -0,0 +1,53 @@
+package cn.axzo.tyr.client.model.req;
+
+import lombok.Data;
+import org.hibernate.validator.constraints.Length;
+
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/16 15:15
+ * @description : saas 产品新增或修改
+ */
+@Data
+public class SaasProductSaveOrUpdateReq {
+
+ /**
+ * id
+ */
+ @NotNull(message = "修改产品Id不能为空",groups = UpdateValidGroup.class)
+ protected Long id;
+
+ /**
+ * 1:总包企业产品 2:总包项目产品 3:政企产品 4:分包企业产品 5:班组产品
+ */
+ @NotNull(message = "产品类型不能为空",groups = {AddValidGroup.class,UpdateValidGroup.class})
+ private Integer productType;
+
+ /**
+ * 产品名字
+ */
+ @NotNull(message = "产品名字不能为空", groups = {AddValidGroup.class, UpdateValidGroup.class})
+ @Length(max = 50, message = "产品名字长度不能超过50", groups = {AddValidGroup.class,
+ UpdateValidGroup.class})
+ private String productName;
+
+ /**
+ * 基础产品与否 0:基础产品 1:普通产品
+ */
+ @NotNull(message = "基础产品与否不能为空",groups = {AddValidGroup.class,UpdateValidGroup.class})
+ private Integer commonProduct;
+ /**
+ * 产品板块备注
+ */
+ private String remark;
+
+ /**
+ * 功能列表
+ */
+ @NotNull(message = "产品绑定的功能列表不能为空",groups = {AddValidGroup.class,UpdateValidGroup.class})
+ private List featureIds;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateUserJobReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateUserJobReq.java
new file mode 100644
index 00000000..934520bf
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateUserJobReq.java
@@ -0,0 +1,50 @@
+package cn.axzo.tyr.client.model.req;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+
+import javax.validation.constraints.Min;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.Set;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 2022/10/14 11:44
+ */
+@Getter
+@Setter
+@ToString
+@EqualsAndHashCode
+public class UpdateUserJobReq {
+
+ @NotNull
+ @Min(value = 1)
+ private Long workspaceId;
+ @NotNull
+ @Min(value = 1)
+ private Long identityId;
+ @NotNull
+ private IdentityType identityType;
+ @NotNull
+ @Min(value = 1)
+ private Long ouId;
+ @NotEmpty
+ private Set roles;
+
+ @Getter
+ @Setter
+ @ToString
+ @EqualsAndHashCode
+ public static class RoleReq {
+ private String roleCode;
+ private Long roleId;
+ private SaasJobTypeEnum jobType;
+ }
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateValidGroup.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateValidGroup.java
new file mode 100644
index 00000000..6fa63a83
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateValidGroup.java
@@ -0,0 +1,9 @@
+package cn.axzo.tyr.client.model.req;
+
+/**
+ * @author: wangli
+ * @date: 2022/1/26 10:44
+ */
+public interface UpdateValidGroup {
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/WorkspaceUpdateUserRoleDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/WorkspaceUpdateUserRoleDTO.java
new file mode 100644
index 00000000..2d2b3ec1
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/WorkspaceUpdateUserRoleDTO.java
@@ -0,0 +1,46 @@
+package cn.axzo.tyr.client.model.req;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Builder
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class WorkspaceUpdateUserRoleDTO {
+
+ /**
+ * 工作台id,与context校验
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位id : 必填
+ */
+ private Long ouId;
+
+ /**
+ * 被赋予角色的人的身份id
+ */
+ private Long identityId;
+
+ /**
+ * 被赋予角色的人的身份类型
+ */
+ private IdentityType identityType;
+
+ /**
+ * 完整的update,之前的所有RoleId都被更新
+ */
+ private List updateRoleIds;
+
+
+ private SaasJobTypeEnum jobType = SaasJobTypeEnum.SLAVE_JOB;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/ProductQueryResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/ProductQueryResp.java
new file mode 100644
index 00000000..d1862d8d
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/ProductQueryResp.java
@@ -0,0 +1,44 @@
+package cn.axzo.tyr.client.model.res;
+
+import lombok.Data;
+
+import java.util.Date;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/18 18:50
+ * @description : 产品查询响应
+ */
+@Data
+public class ProductQueryResp {
+
+ protected Long id;
+
+ /**
+ * 创建时间
+ */
+ protected Date createAt;
+
+ /**
+ * 修改时间
+ */
+ protected Date updateAt;
+
+ /**
+ * 1:总包企业产品 2:总包项目产品 3:政企产品 4:分包企业产品 5:班组产品
+ */
+ private Integer productType;
+ /**
+ * 产品板块名字
+ */
+ private String productName;
+ /**
+ * 基础产品与否 0:基础产品 1:普通产品
+ */
+ private Integer commonProduct;
+ /**
+ * 产品板块备注
+ */
+ private String remark;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasFeatureBO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasFeatureBO.java
new file mode 100644
index 00000000..00766f23
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasFeatureBO.java
@@ -0,0 +1,106 @@
+package cn.axzo.tyr.client.model.res;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.time.LocalDateTime;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasFeatureBO {
+
+ /**
+ * 适用单位类型 位
+ */
+ private Long fitOuTypeBit;
+ /**
+ * id
+ */
+ private Long id;
+ /**
+ * 名称
+ */
+ private String featureName;
+ /**
+ * 描述
+ */
+ private String description;
+ /**
+ * code
+ */
+ private String featureCode;
+ /**
+ * 图标地址
+ */
+ private String icon;
+ /**
+ * 菜单上级id
+ */
+ private Long parentId;
+ /**
+ * 链接地址
+ */
+ private String linkUrl;
+ /**
+ * 1:CMS 2:小程序 4:原生
+ */
+ private Integer linkType;
+ /**
+ * 扩展字段
+ */
+ private String linkExt;
+ /**
+ * 小程序id 关联micro_app_item id
+ */
+ private String microAppItemId;
+ /**
+ * 路径
+ */
+ private String path;
+ /**
+ * 排序
+ */
+ private Integer sort;
+ /**
+ * terminal
+ */
+ private String terminal;
+ /**
+ * 类型 0.模块 1.菜单 2页面 3功能
+ */
+ private Integer featureType;
+ /**
+ * 是否需要权限 1.需要 2:不需要
+ */
+ private Integer needAuth;
+ /**
+ * 是否删除
+ */
+ private Long isDelete;
+ /**
+ * 创建人id
+ */
+ private Long createBy;
+ /**
+ * 创建时间
+ */
+ private LocalDateTime createAt;
+ /**
+ * 更新时间
+ */
+ private LocalDateTime updateAt;
+ /**
+ * 修改人id
+ */
+ private Long updateBy;
+
+ private Long productId;
+
+ private String productName;
+
+ private String legacyLayout;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasPermissionGroupRes.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasPermissionGroupRes.java
new file mode 100644
index 00000000..ac587358
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasPermissionGroupRes.java
@@ -0,0 +1,88 @@
+package cn.axzo.tyr.client.model.res;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Date;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasPermissionGroupRes {
+
+ private Long id;
+
+ /**
+ * 创建时间
+ */
+ private Date createAt;
+
+ /**
+ * 修改时间
+ */
+ private Date updateAt;
+
+ /**
+ * 是否删除 0正常,1删除
+ */
+ private Long isDelete = 0L;
+
+ /**
+ * 权限集名称
+ */
+ private String name;
+ /**
+ * 权限集描述
+ */
+ private String description;
+
+ /**
+ * 1:总包企业产品 2:总包项目产品 3:政企产品 4:分包企业产品 5:班组产品
+ */
+ private Integer productType;
+
+ /**
+ * 权限集类型 1查看 2操作管理
+ */
+ private Integer legacyType;
+
+ /**
+ * 创建者
+ */
+ private Long createBy;
+ /**
+ * 更新者
+ */
+ private Long updateBy;
+ /**
+ * 是否自定义 0:不是 1:是 如果为1 custom_space_id 不能为空
+ */
+ private Integer isCustom;
+ /**
+ * 工作台Id
+ */
+ private Long customSpaceId;
+
+ /**
+ * 适用单位类型 1:总包 2:建设单位 3:监理单位 4:劳务分包 5:专业分包 6:班组 0都可以用
+ */
+ private Long fitOuTypeBit;
+
+ /**
+ * 适用节点类型 1:部门 2:班组 3:小组
+ */
+ private Long fitOuNodeTypeBit;
+
+ /**
+ * 单位ID
+ */
+ private Long ouId;
+
+ /**
+ * 功能分组ID
+ */
+ private Long productCategoryId;
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasPgroupPermissionRelationRes.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasPgroupPermissionRelationRes.java
new file mode 100644
index 00000000..7520eed9
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasPgroupPermissionRelationRes.java
@@ -0,0 +1,51 @@
+package cn.axzo.tyr.client.model.res;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Date;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class SaasPgroupPermissionRelationRes {
+
+ private Long id;
+
+ /**
+ * 创建时间
+ */
+ private Date createAt;
+
+ /**
+ * 修改时间
+ */
+ private Date updateAt;
+
+ /**
+ * 是否删除 0正常,1删除
+ */
+ private Long isDelete = 0L;
+
+ /**
+ * 权限集id
+ */
+ private Long groupId;
+ /**
+ * 功能id
+ */
+ private Long featureId;
+
+ /**
+ * 创建者
+ */
+ private Long createBy;
+ /**
+ * 更新者
+ */
+ private Long updateBy;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasProductResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasProductResp.java
new file mode 100644
index 00000000..9f94412b
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasProductResp.java
@@ -0,0 +1,47 @@
+package cn.axzo.tyr.client.model.res;
+
+import lombok.Data;
+
+import java.util.Date;
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/16 15:33
+ * @description :
+ */
+@Data
+public class SaasProductResp {
+
+ /**
+ * 主键
+ */
+ private Long id;
+ /**
+ * 1:总包企业产品 2:总包项目产品 3:政企产品 4:分包企业产品 5:班组产品
+ */
+ private Integer productType;
+ /**
+ * 产品板块名字
+ */
+ private String productName;
+ /**
+ * 基础产品与否 0:基础产品 1:普通产品
+ */
+ private Integer commonProduct;
+ /**
+ * 产品板块备注
+ */
+ private String remark;
+
+ private Date createAt;
+
+
+ private Date updateAt;
+
+ /**
+ * 获取产品绑定的功能列表
+ */
+ private List featureIds;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SuperAminInfoResp.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SuperAminInfoResp.java
new file mode 100644
index 00000000..617c32f5
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SuperAminInfoResp.java
@@ -0,0 +1,42 @@
+package cn.axzo.tyr.client.model.res;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/17 16:20
+ * @description : 超管信息
+ */
+@Data
+public class SuperAminInfoResp {
+
+ /**
+ * 身份ID
+ */
+ private Long identityId;
+
+ private IdentityType identityType;
+
+ /**
+ * 手机号
+ */
+ private String phone;
+
+ /**
+ * 姓名
+ */
+ private String realName;
+
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+}
diff --git a/tyr-server/pom.xml b/tyr-server/pom.xml
index 49da2119..4b79e636 100644
--- a/tyr-server/pom.xml
+++ b/tyr-server/pom.xml
@@ -150,6 +150,12 @@
axzo-log-api
1.0.0-SNAPSHOT
+
+
+ cn.axzo.braum
+ braum-api
+ 1.0.0-SNAPSHOT
+
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/common/util/NumUtil.java b/tyr-server/src/main/java/cn/axzo/tyr/server/common/util/NumUtil.java
new file mode 100644
index 00000000..8c3af441
--- /dev/null
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/common/util/NumUtil.java
@@ -0,0 +1,49 @@
+package cn.axzo.tyr.server.common.util;
+
+import java.util.List;
+
+public class NumUtil {
+
+ public static boolean equals(Long a, Long b) {
+ return numberEquals(a, b);
+ }
+
+ public static boolean numberEquals(Number a, Number b) {
+ if (a == null) {
+ a = 0L;
+ }
+ if (b == null) {
+ b = 0L;
+ }
+
+ return a.equals(b);
+ }
+
+ public static boolean equals(Integer a, Integer b) {
+ return numberEquals(a, b);
+ }
+
+ public static boolean notZero(Long a) {
+ if (a == null) {
+ return false;
+ }
+ return a.longValue() != 0L;
+ }
+
+ public static String joinToString(List list, String split) {
+ if (list == null || list.size() == 0)
+ return "";
+ StringBuilder sb = new StringBuilder(list.get(0).toString());
+ for (int i = 1; i < list.size(); i++) {
+ sb.append(split).append(list.get(i).toString());
+ }
+ return sb.toString();
+ }
+
+ public static boolean isZero(Long workspaceId) {
+ if(workspaceId == null)
+ return true;
+ return workspaceId == 0L;
+ }
+
+}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasAuthApiImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasAuthApiImpl.java
new file mode 100644
index 00000000..3081143d
--- /dev/null
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasAuthApiImpl.java
@@ -0,0 +1,95 @@
+package cn.axzo.tyr.server.controller.permission;
+
+import cn.axzo.basics.common.BeanMapper;
+import cn.axzo.basics.common.util.AssertUtil;
+import cn.axzo.basics.profiles.api.IdentityProfileApi;
+import cn.axzo.basics.profiles.api.vo.request.FindIdentityProfileReq;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.basics.profiles.dto.basic.IdentityProfileDto;
+import cn.axzo.tyr.client.feign.SaasAuthApi;
+import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO;
+import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp;
+import cn.axzo.tyr.client.model.permission.IdentityKey;
+import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
+import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionReq;
+import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
+import cn.axzo.tyr.server.util.RpcInternalUtil;
+import cn.azxo.framework.common.model.CommonResponse;
+import cn.hutool.core.collection.CollectionUtil;
+import com.google.common.collect.Lists;
+import lombok.RequiredArgsConstructor;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.stream.Collectors;
+
+@RestController
+@RequiredArgsConstructor
+public class SaasAuthApiImpl implements SaasAuthApi {
+
+ private final SaasRoleUserRelationService relationService;
+ private final IdentityProfileApi identityProfileApi;
+
+ private static final String SPLIT = "|";
+
+ @Override
+ public CommonResponse> findIdentityKeysByParams(QueryIdentityByPermissionReq req) {
+
+ IdentityProfileDto superAdmin = getSuperAdmin(req.getIdentityId(), req.getIdentityType(), req.getWorkspaceId(), req.getOuId());
+ if (superAdmin != null) {
+ IdentityKey identityKey = new IdentityKey();
+ identityKey.setIdentityId(superAdmin.getId());
+ identityKey.setIdentityType(superAdmin.getIdentityType());
+ return CommonResponse.success(Lists.newArrayList(identityKey));
+ }
+
+ QueryIdentityByPermissionDTO dto = BeanMapper.copyBean(req, QueryIdentityByPermissionDTO.class);
+ List accountResps = relationService.findIdentityAndAccountInfosByParams(dto);
+ if (CollectionUtil.isEmpty(accountResps)) {
+ return CommonResponse.success(new ArrayList<>());
+ }
+ return CommonResponse.success(accountResps.stream().map(k -> new IdentityKey(k.getIdentityId(), k.getIdentityType())).distinct()
+ .collect(Collectors.toList()));
+
+ }
+
+ private IdentityProfileDto getSuperAdmin(Long identityId, IdentityType identityType, Long workspaceId, Long ouId) {
+ IdentityProfileDto saasAccount = null;
+ boolean superAdmin = relationService.isSuperAdmin(identityId, identityType, workspaceId, ouId);
+ if (superAdmin) {
+ IdentityProfileDto identityProfile = RpcInternalUtil.checkAndGetData(identityProfileApi.findIdentityProfile(FindIdentityProfileReq.builder()
+ .identityId(identityId)
+ .identityType(identityType)
+ .build()));
+ if (identityProfile == null) {
+ AssertUtil.fail("未找到自然人信息");
+ }
+ saasAccount = identityProfile;
+ }
+ return saasAccount;
+ }
+
+ @Override
+ public CommonResponse> findIdentityAndAccountInfosByParams(QueryIdentityByPermissionReq req) {
+ IdentityProfileDto superAdmin = getSuperAdmin(req.getIdentityId(), req.getIdentityType(), req.getWorkspaceId(), req.getOuId());
+ if (superAdmin != null) {
+ IdentityAndAccountResp identityAndAccountResp = new IdentityAndAccountResp();
+ identityAndAccountResp.setIdentityId(superAdmin.getId());
+ identityAndAccountResp.setIdentityType(superAdmin.getIdentityType());
+ identityAndAccountResp.setAccountId(0L);
+ identityAndAccountResp.setPhone(superAdmin.getPersonProfile().getPhone());
+ identityAndAccountResp.setRealName(superAdmin.getPersonProfile().getRealName());
+ identityAndAccountResp.setNaturalPersonId(superAdmin.getPersonProfile().getId());
+ return CommonResponse.success(Lists.newArrayList(identityAndAccountResp));
+ }
+ QueryIdentityByPermissionDTO dto = BeanMapper.copyBean(req, QueryIdentityByPermissionDTO.class);
+ List accountResps = relationService.findIdentityAndAccountInfosByParams(dto);
+ if (CollectionUtil.isEmpty(accountResps)) {
+ return CommonResponse.success(Collections.emptyList());
+ }
+ return CommonResponse.success(BeanMapper.copyList(accountResps, IdentityAndAccountResp.class));
+
+ }
+}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasFeatureApiImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasFeatureApiImpl.java
new file mode 100644
index 00000000..3103a31a
--- /dev/null
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasFeatureApiImpl.java
@@ -0,0 +1,132 @@
+package cn.axzo.tyr.server.controller.permission;
+
+import cn.axzo.basics.common.BeanMapper;
+import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.feign.SaasFeatureApi;
+import cn.axzo.tyr.client.model.permission.ApplicationFeatureRes;
+import cn.axzo.tyr.client.model.permission.GetInfoByMicroAppItemIdReq;
+import cn.axzo.tyr.client.model.permission.SaasFeatureRes;
+import cn.axzo.tyr.client.model.req.GetByIdsReq;
+import cn.axzo.tyr.client.model.req.ListAllFeatureByTerminalReq;
+import cn.axzo.tyr.client.model.res.SaasFeatureBO;
+import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
+import cn.axzo.tyr.server.repository.entity.SaasFeature;
+import cn.azxo.framework.common.model.CommonResponse;
+import com.google.common.collect.Lists;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.BeanUtils;
+import org.springframework.util.CollectionUtils;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.annotation.Resource;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+/**
+ * @author cn
+ * @version 1.0
+ * @description
+ * @date 11/23/2022 11:14 AM
+ */
+@RestController
+@RequiredArgsConstructor
+public class SaasFeatureApiImpl implements SaasFeatureApi {
+
+ // 小程序
+ private static final Integer LINK_TYPE_UNIAPP = 2;
+ // 原生
+ private static final Integer LINK_TYPE_NATIVE = 4;
+
+ @Resource
+ private SaasFeatureDao saasFeatureDao;
+
+ @Override
+ public CommonResponse> getAppApplicationFeature(List terminals) {
+ List saasFeatures = saasFeatureDao.lambdaQuery()
+ .in(SaasFeature::getLinkType, Arrays.asList(LINK_TYPE_UNIAPP, LINK_TYPE_NATIVE))
+ .in(!CollectionUtils.isEmpty(terminals), SaasFeature::getTerminal, terminals)
+ .eq(SaasFeature::getIsDelete, 0)
+ .list();
+ if(CollectionUtils.isEmpty(saasFeatures)){
+ return CommonResponse.success();
+ }
+
+ // 所有父节点
+ List parentFeatureIds = saasFeatures.stream().map(SaasFeature::getParentId).distinct().collect(Collectors.toList());
+
+ List parentSaasFeatures = new ArrayList<>();
+
+ if(!CollectionUtils.isEmpty(parentFeatureIds)){
+ // 小程序的父节点为顶级节点(顶级节点的父节点值为 0)
+ parentSaasFeatures = saasFeatureDao.lambdaQuery()
+ .in(SaasFeature::getId, parentFeatureIds)
+ .eq(SaasFeature::getIsDelete, 0)
+ .eq(SaasFeature::getParentId, 0)
+ .list();
+ }
+ // 父节点属性
+ Map parentFeatureIdAndNameMap = parentSaasFeatures.stream().collect(Collectors.toMap(SaasFeature::getId, SaasFeature::getFeatureName));
+
+ return CommonResponse.success(saasFeatures.stream()
+ .filter(data -> parentFeatureIdAndNameMap.containsKey(data.getParentId()))
+ .map(data -> {
+ Long parentId = data.getParentId();
+ return ApplicationFeatureRes.builder()
+ .featureId(data.getId())
+ .featureName(data.getFeatureName())
+ .parentFeatureId(parentId)
+ .parentFeatureName(parentFeatureIdAndNameMap.get(parentId))
+ .icon(data.getIcon())
+ .linkType(data.getLinkType())
+ .microAppItemId(data.getMicroAppItemId())
+ .linkUrl(data.getLinkUrl())
+ .linkExt(data.getLinkExt())
+ .terminal(data.getTerminal())
+ .build();
+ })
+ .collect(Collectors.toList()));
+ }
+
+ @Override
+ public ApiResult> getInfoByMicroAppItemId(GetInfoByMicroAppItemIdReq req) {
+ if(CollectionUtils.isEmpty(req.getAppItemId())){
+ return ApiResult.ok(Collections.emptyList());
+ }
+ List result = saasFeatureDao.lambdaQuery()
+ .eq(SaasFeature::getIsDelete, 0)
+ .in(SaasFeature::getMicroAppItemId, req.getAppItemId())
+ .list()
+ .stream()
+ .map(e -> {
+ SaasFeatureRes saasFeatureRes = SaasFeatureRes.builder().build();
+ BeanUtils.copyProperties(e, saasFeatureRes);
+ return saasFeatureRes;
+ })
+ .collect(Collectors.toList());
+
+ return ApiResult.ok(result);
+ }
+
+ @Override
+ public ApiResult> getByIds(GetByIdsReq req) {
+ if (CollectionUtils.isEmpty(req.getIds())) {
+ return ApiResult.ok(Lists.newArrayList());
+ }
+ List list = saasFeatureDao.lambdaQuery().in(SaasFeature::getId, req.getIds()).list();
+ return ApiResult.ok(BeanMapper.mapList(list, SaasFeatureBO.class));
+ }
+
+ @Override
+ public ApiResult> listAllFeatureByTerminal(ListAllFeatureByTerminalReq req) {
+
+ List saasFeatures = saasFeatureDao.lambdaQuery()
+ .eq(SaasFeature::getIsDelete, 0)
+ .eq(SaasFeature::getTerminal, req.getTerminal())
+ .list();
+ return ApiResult.ok(BeanMapper.mapList(saasFeatures, SaasFeatureBO.class));
+ }
+}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasPositionTemplateV2ApiImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasPositionTemplateV2ApiImpl.java
new file mode 100644
index 00000000..a008d4ce
--- /dev/null
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasPositionTemplateV2ApiImpl.java
@@ -0,0 +1,78 @@
+package cn.axzo.tyr.server.controller.permission;
+
+import cn.axzo.basics.common.exception.ServiceException;
+import cn.axzo.tyr.client.feign.SaasPositionTemplateApi;
+import cn.axzo.tyr.client.model.permission.SaasPermissionGroupInPositionTemplate;
+import cn.axzo.tyr.client.model.permission.SaasPositionTemplateExBO;
+import cn.axzo.tyr.client.model.permission.SaasPositionTemplateReq;
+import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;
+import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO;
+import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
+import cn.axzo.tyr.server.service.RoleService;
+import cn.axzo.tyr.server.service.SaasRoleGroupService;
+import cn.azxo.framework.common.model.CommonResponse;
+import cn.hutool.core.collection.CollectionUtil;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+
+/**
+ * @author tanjie@axzo.cn
+ * @date 2022/7/4 14:04
+ */
+@RestController
+@Slf4j
+@RequiredArgsConstructor
+public class SaasPositionTemplateV2ApiImpl implements SaasPositionTemplateApi {
+
+ private final RoleService roleService;
+ private final SaasRoleGroupService saasRoleGroupService;
+
+ @Override
+ public CommonResponse> findPositionTemplateWithPermissionGroup(SaasPositionTemplateReq req) {
+
+ if (CollectionUtil.isNotEmpty(req.getPositionTemplateIdList())) {
+ throw new ServiceException("不支持position id查询,请使用Code");
+ }
+ List saasRoleCategoryVO = roleService.queryByCategoryCode(req.getPositionCodeList());
+
+ Map categoryVOMap = saasRoleCategoryVO.stream().collect(Collectors.toMap(SaasRoleCategoryVO::getCategoryCode, Function.identity()));
+
+ return CommonResponse.success(
+ req.getPositionCodeList().stream().map(positionCode -> {
+ SaasRoleCategoryVO categoryVO = categoryVOMap.get(positionCode);
+
+ // 获取角色分组详情
+ List roleGroupCodeList = categoryVO.getRoleGroupCodeVOList().stream().map(SaasRoleGroupCodeVO::getCode).collect(Collectors.toList());
+ List saasRoleGroupVOList = saasRoleGroupService.listByCategoryCode(Collections.singletonList(categoryVO.getCategoryCode()));
+ Map roleGroupVOMap = saasRoleGroupVOList.stream().filter(g -> roleGroupCodeList.contains(g.getCode())).collect(Collectors.toMap(SaasRoleGroupVO::getCode, Function.identity()));
+
+ return categoryVO.getRoleGroupCodeVOList().stream().map(roleGroupCodeVo -> {
+ SaasPositionTemplateExBO saasPositionTemplateExBO = new SaasPositionTemplateExBO();
+ saasPositionTemplateExBO.setName(roleGroupVOMap.get(roleGroupCodeVo.getCode()).getName());
+ saasPositionTemplateExBO.setCode(roleGroupCodeVo.getCode());
+ saasPositionTemplateExBO.setType(Integer.parseInt(roleGroupVOMap.get(roleGroupCodeVo.getCode()).getWorkspaceTypeCode()));
+
+ List saasPermissionGroupInPositionTemplateList = roleGroupCodeVo.getRoleInfos().stream().map(roleInfo -> {
+ SaasPermissionGroupInPositionTemplate saasPermissionGroupInPositionTemplate = new SaasPermissionGroupInPositionTemplate();
+ saasPermissionGroupInPositionTemplate.setCategoryCode(roleGroupCodeVo.getCode());
+ saasPermissionGroupInPositionTemplate.setCategoryName(roleGroupVOMap.get(roleGroupCodeVo.getCode()).getName());
+ saasPermissionGroupInPositionTemplate.setPermissionGroupId(roleInfo.getPermissionGroup().get(0).getId());
+ saasPermissionGroupInPositionTemplate.setPermissionGroupName(roleInfo.getName());
+ return saasPermissionGroupInPositionTemplate;
+ }).collect(Collectors.toList());
+
+ saasPositionTemplateExBO.setPermissionGroups(saasPermissionGroupInPositionTemplateList);
+ return saasPositionTemplateExBO;
+ }).collect(Collectors.toList());
+ }).flatMap(Collection::stream).collect(Collectors.toList())
+ );
+ }
+}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java
new file mode 100644
index 00000000..49b99085
--- /dev/null
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java
@@ -0,0 +1,249 @@
+package cn.axzo.tyr.server.controller.permission;
+
+import cn.axzo.tyr.client.model.permission.IdentityKey;
+import cn.axzo.basics.profiles.api.IdentityProfileApi;
+import cn.axzo.basics.profiles.api.OperatorProfileServiceApi;
+import cn.axzo.basics.profiles.api.RegulatorProfileApi;
+import cn.axzo.basics.profiles.api.UserProfileServiceApi;
+import cn.axzo.basics.profiles.api.vo.profiles.PersonPostVo;
+import cn.axzo.basics.profiles.api.vo.profiles.PractitionerAndPersonPostVO;
+import cn.axzo.basics.profiles.api.vo.request.FindIdentityProfileReq;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.basics.profiles.dto.basic.IdentityProfileDto;
+import cn.axzo.basics.profiles.dto.basic.OperatorProfileDto;
+import cn.axzo.basics.profiles.dto.basic.PersonProfileDto;
+import cn.axzo.basics.profiles.dto.basic.PersonUnion;
+import cn.axzo.basics.profiles.dto.basic.PractitionerProfileDto;
+import cn.axzo.basics.profiles.dto.basic.RegulatorProfileDto;
+import cn.axzo.basics.profiles.dto.request.PersonUpdateDto;
+import cn.axzo.basics.profiles.dto.request.PractitionerUpdateDto;
+import cn.axzo.braum.client.feign.SaasAccountApi;
+import cn.axzo.braum.client.request.AccountUserReq;
+import cn.axzo.framework.domain.ServiceException;
+import cn.axzo.tyr.client.feign.SaasRoleApi;
+import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp;
+import cn.axzo.tyr.client.model.permission.SaasUserRoleExBO;
+import cn.axzo.tyr.client.model.permission.UpdateWorkspaceSupAdminDTO;
+import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleByPhoneReq;
+import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleReq;
+import cn.axzo.tyr.client.model.req.ListUserRoleByParams;
+import cn.axzo.tyr.client.model.req.QuerySuperAdminReq;
+import cn.axzo.tyr.client.model.req.UpdateUserJobReq;
+import cn.axzo.tyr.client.model.res.SuperAminInfoResp;
+import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAdminRoleParam;
+import cn.axzo.tyr.server.controller.roleuser.RoleUserController;
+import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
+import cn.axzo.tyr.server.util.RpcInternalUtil;
+import cn.azxo.framework.common.model.CommonResponse;
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.extra.pinyin.PinyinUtil;
+import com.baomidou.mybatisplus.core.toolkit.CollectionUtils;
+import com.google.common.collect.Lists;
+import lombok.extern.slf4j.Slf4j;
+import lombok.var;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Collections;
+import java.util.List;
+
+@Slf4j
+@RestController
+public class SaasRoleApiImpl implements SaasRoleApi {
+
+ @Autowired
+ private OperatorProfileServiceApi operatorProfileServiceApi;
+ @Autowired
+ private UserProfileServiceApi userProfileServiceApi;
+ @Autowired
+ private RoleUserController roleUserController;
+ @Autowired
+ private RegulatorProfileApi regulatorProfileApi;
+ @Autowired
+ private SaasAccountApi saasAccountApi;
+ @Autowired
+ private SaasRoleUserRelationService saasRoleUserRelationService;
+ @Autowired
+ private IdentityProfileApi identityProfileApi;
+
+ @Override
+ @Transactional(rollbackFor = Exception.class)
+ public CommonResponse grantAdminRole(List req) {
+ // TODO: 2022/6/23 @liuchuntao 先做正常返回 历史编码逻辑需修改
+// var map = req.stream()
+// .collect(Collectors.groupingBy(WorkspaceGrantAdminRoleReq::getRoleType));
+// map.forEach((k, v) -> {
+// granRoleStrategyManager.getStrategy(k).grantRole(req, v);
+// });
+ return CommonResponse.success(Boolean.TRUE);
+ }
+
+ @Override
+ @Transactional(rollbackFor = Exception.class)
+ public CommonResponse> grantAdminRoleByPhone(
+ List req) {
+ List list = Lists.newArrayList();
+
+ req.forEach(item -> {
+
+ if (null == item.getPhone()) {
+ throw new ServiceException("账号为空");
+ }
+ //校验账户是否存在 存在继续 不存在-创建账户及身份
+ cn.axzo.braum.client.resp.IdentityAndAccountResp accounDto = null;
+ var phone = item.getPhone();
+
+ PersonUpdateDto personUpdate = new PersonUpdateDto().
+ setRealName(item.getNickName()).
+ setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName()));
+ personUpdate.setPhone(phone);
+ PersonUnion personUnion = new PersonUnion();
+ personUnion.setPhone(phone);
+
+ // 通过手机号这个唯一条件创建人员用户,幂等返回用户
+ PersonProfileDto newPersonProfile;
+ Long identityId;
+ IdentityType identityType;
+ //这里要判断是不是OMS 工作台 // TODO: 2023/8/8 @TanJ 后续需要改成使用WorkspaceTypeEnum判断
+ if (item.getWorkspaceType().equals(6)) {
+ //如果是OMS,运营人员
+ PersonUpdateDto personUpdateDto = new PersonUpdateDto();
+ personUpdateDto.setPhone(phone);
+ personUpdateDto.setRealName(item.getNickName());
+ personUpdateDto.setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName()));
+ OperatorProfileDto withPerson = RpcInternalUtil.checkAndGetData(operatorProfileServiceApi.addOperator(personUpdateDto));
+ newPersonProfile=withPerson.getPersonProfile();
+ identityId= withPerson.getId();
+ identityType= IdentityType.OPERATOR;
+ } else if (item.getWorkspaceType().equals(3)) {
+ PersonUpdateDto personUpdateDto = new PersonUpdateDto();
+ personUpdateDto.setPhone(phone);
+ RegulatorProfileDto regulatorProfileDto = RpcInternalUtil.checkAndGetData(regulatorProfileApi.create(personUpdateDto));
+ newPersonProfile = regulatorProfileDto.getPersonProfile();
+ identityId= regulatorProfileDto.getId();
+ identityType= IdentityType.REGULATOR;
+ } else {
+ PractitionerAndPersonPostVO practitionerAndPersonPostVO = new PractitionerAndPersonPostVO();
+ practitionerAndPersonPostVO.setUpdate(new PractitionerUpdateDto());
+
+ PersonPostVo personPostVo = new PersonPostVo();
+ personPostVo.setPhone(phone);
+ personPostVo.setRealName(item.getNickName());
+ practitionerAndPersonPostVO.setPersonPost(personPostVo);
+ PractitionerProfileDto practitionerDto = RpcInternalUtil.checkAndGetData(userProfileServiceApi.postPractitionerProfileWithUnionPerson(practitionerAndPersonPostVO));
+
+ newPersonProfile = practitionerDto.getPersonProfile();
+ identityId= practitionerDto.getId();
+ identityType= IdentityType.PRACTITIONER;
+ }
+
+
+
+ AccountUserReq accountUserReq = new AccountUserReq();
+ accountUserReq.setPhone(newPersonProfile.getPhone());
+ accountUserReq.setNickname(item.getNickName());
+ accountUserReq.setNaturalPersonId(newPersonProfile.getId());
+ accountUserReq.setType(identityType.equals(IdentityType.OPERATOR) ? 1 : 0);
+ accounDto = RpcInternalUtil.checkAndGetData(saasAccountApi.createAccount(accountUserReq));
+ //历史代码,暂时屏蔽,上面的创建账号是幂等创建,不会重复创建。
+ /* if (account == null) {
+ accounDto = accountService.createAccount(accountUserReq, 0L);
+ } else {
+ //有账号也不能确认是第一次创建OMS
+ accounDto = new AccountUserDto();
+ accounDto.setAccountId(account.getId());
+ accounDto.setPhone(item.getPhone());
+ accounDto.setNickname(item.getNickName());
+ account.setNickname(item.getNickName());
+ account.setNaturalPersonId(newPersonProfile.getId());
+ accountService.updateById(account);
+ }*/
+
+ accounDto.setIdentityId(identityId);
+
+ UpdateWorkspaceSupAdminDTO dto = UpdateWorkspaceSupAdminDTO.builder()
+ .workspaceId(item.getWorkspaceId())
+ .identityType(identityType)
+ .identityId(accounDto.getIdentityId())
+ .naturalPersonId(newPersonProfile.getId())
+ .organizationalUnitId(item.getOuId())
+ .workspaceType(item.getWorkspaceType())
+ .build();
+ CreateSuperAdminRoleParam createSuperAdminRoleParam = new CreateSuperAdminRoleParam();
+ createSuperAdminRoleParam.setWorkspaceId(item.getWorkspaceId());
+ createSuperAdminRoleParam.setOuId(item.getOuId());
+ createSuperAdminRoleParam.setIdentityId(accounDto.getIdentityId());
+ createSuperAdminRoleParam.setIdentityType(cn.axzo.tyr.client.model.enums.IdentityType.getIdentityType(dto.getIdentityType().getCode()));
+ createSuperAdminRoleParam.setWorkspaceType(dto.getWorkspaceType());
+ createSuperAdminRoleParam.setNaturalPersonId(dto.getNaturalPersonId());
+ roleUserController.createSuperAdminRole(createSuperAdminRoleParam);
+ IdentityAndAccountResp resp = new IdentityAndAccountResp();
+ resp.setIdentityId(identityId);
+ resp.setIdentityType(identityType);
+ resp.setAccountId(accounDto.getAccountId());
+ resp.setPhone(accounDto.getPhone());
+ resp.setRealName(newPersonProfile.getRealName());
+ resp.setNaturalPersonId(newPersonProfile.getId());
+ list.add(resp);
+ });
+ return CommonResponse.success(list);
+ }
+
+ @Override
+ public CommonResponse updateUserRole(UpdateUserJobReq req) {
+ saasRoleUserRelationService.updateWorkspaceUserRolesList(req);
+ return CommonResponse.success(Boolean.TRUE);
+ }
+
+ @Override
+ public CommonResponse> batchFindSuperAdmin(
+ List adminReqs) {
+ if (CollUtil.isEmpty(adminReqs)) {
+ return CommonResponse.success(Collections.emptyList());
+ }
+
+
+ return CommonResponse.success(saasRoleUserRelationService.findBathSuperAdmin(adminReqs));
+ }
+
+ @Override
+ public CommonResponse findSuperAdmin(QuerySuperAdminReq req) {
+ return CommonResponse.success(doFindSuperAdmin(req));
+ }
+
+ private SuperAminInfoResp doFindSuperAdmin(QuerySuperAdminReq req) {
+ List ids = saasRoleUserRelationService.getSuperAdminIdsByWorkspaceAndOu(
+ req.getWorkspaceId(), req.getOuId());
+ if (CollectionUtils.isEmpty(ids)) {
+ return null;
+ }
+
+ IdentityProfileDto profile = RpcInternalUtil.checkAndGetData(identityProfileApi.findIdentityProfile(FindIdentityProfileReq.builder()
+ .identityId(ids.get(0).getIdentityId())
+ .identityType(ids.get(0).getIdentityType())
+ .build()));
+
+ if (profile == null) {
+ return null;
+ }
+
+ SuperAminInfoResp resp = new SuperAminInfoResp();
+ resp.setOuId(req.getOuId());
+ resp.setIdentityId(ids.get(0).getIdentityId());
+ resp.setIdentityType(ids.get(0).getIdentityType());
+ if (profile.getPersonProfile() != null) {
+ resp.setPhone(profile.getPersonProfile().getPhone());
+ resp.setRealName(profile.getPersonProfile().getRealName());
+ }
+ resp.setWorkspaceId(req.getWorkspaceId());
+
+ return resp;
+ }
+
+ @Override
+ public CommonResponse> getUserRoleExListMapByIdentityIdAndWorkspaceId(ListUserRoleByParams params) {
+ return CommonResponse.success(
+ saasRoleUserRelationService.getUserRoleExListMapByIdentityIdAndWorkspaceId(params.getIdentityIds(), params.getIdentityType(), params.getWorkspaceId()));
+ }
+}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleUserRelationApiImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleUserRelationApiImpl.java
new file mode 100644
index 00000000..6b42bbc7
--- /dev/null
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleUserRelationApiImpl.java
@@ -0,0 +1,31 @@
+package cn.axzo.tyr.server.controller.permission;
+
+import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.feign.SaasRoleUserRelationApi;
+import cn.axzo.tyr.client.model.req.WorkspaceUpdateUserRoleDTO;
+import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
+import cn.azxo.framework.common.model.CommonResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * @author yanglin
+ */
+@RestController
+@RequiredArgsConstructor
+public class SaasRoleUserRelationApiImpl implements SaasRoleUserRelationApi {
+
+ private final SaasRoleUserRelationService saasRoleUserRelationService;
+
+ @Override
+ public CommonResponse deleteByPersonId(Long personId) {
+ return CommonResponse.success(
+ saasRoleUserRelationService.deleteByPersonId(personId));
+ }
+
+ @Override
+ public ApiResult updateWorkspaceUserRoles(WorkspaceUpdateUserRoleDTO req) {
+
+ return ApiResult.ok(saasRoleUserRelationService.updateWorkspaceUserRoles(req));
+ }
+}
\ No newline at end of file
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/product/ProductController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/product/ProductController.java
index 297726fd..dd3ebd08 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/product/ProductController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/product/ProductController.java
@@ -1,8 +1,14 @@
package cn.axzo.tyr.server.controller.product;
+import cn.axzo.basics.common.BeanMapper;
+import cn.axzo.basics.common.page.PageResult;
+import cn.axzo.framework.auth.domain.TerminalInfo;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.pudge.core.service.ServiceException;
+import cn.axzo.tyr.client.common.enums.ProductTypeEnum;
import cn.axzo.tyr.client.feign.ProductApi;
+import cn.axzo.tyr.client.model.permission.SaasFeatureBO;
import cn.axzo.tyr.client.model.product.OldUpdateFeatureRelationRequestV2;
import cn.axzo.tyr.client.model.product.ProductAddReq;
import cn.axzo.tyr.client.model.product.ProductDetailReq;
@@ -13,14 +19,23 @@ import cn.axzo.tyr.client.model.product.ProductSearchListReq;
import cn.axzo.tyr.client.model.product.ProductSearchPageReq;
import cn.axzo.tyr.client.model.product.ProductUpdateReq;
import cn.axzo.tyr.client.model.product.ProductVO;
+import cn.axzo.tyr.client.model.req.ProductQueryReq;
import cn.axzo.tyr.client.model.req.ProductSaveReq;
+import cn.axzo.tyr.client.model.req.SaasProductQueryReq;
+import cn.axzo.tyr.client.model.req.SaasProductSaveOrUpdateReq;
import cn.axzo.tyr.client.model.req.UpdateProductStatusReq;
import cn.axzo.tyr.client.model.res.GovernmentTerminalResp;
+import cn.axzo.tyr.client.model.res.ProductQueryResp;
+import cn.axzo.tyr.client.model.res.SaasProductResp;
import cn.axzo.tyr.client.model.res.WorkspaceProductResp;
import cn.axzo.tyr.server.model.PermissionCacheKey;
+import cn.axzo.tyr.server.repository.entity.ProductModule;
import cn.axzo.tyr.server.service.PermissionCacheService;
import cn.axzo.tyr.server.service.ProductFeatureRelationService;
import cn.axzo.tyr.server.service.ProductService;
+import cn.axzo.tyr.server.service.SaasFeatureResourceService;
+import cn.azxo.framework.common.model.CommonResponse;
+import cn.hutool.core.collection.CollectionUtil;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.CollectionUtils;
@@ -29,6 +44,7 @@ import org.springframework.web.bind.annotation.RestController;
import java.util.List;
import java.util.Map;
import java.util.Set;
+import java.util.stream.Collectors;
/**
* 产品相关 API 实现
@@ -44,6 +60,8 @@ public class ProductController implements ProductApi {
private final ProductService productService;
private final ProductFeatureRelationService productFeatureRelationService;
private final PermissionCacheService permissionCacheService;
+ private final SaasFeatureResourceService saasFeatureResourceService;
+
/**
* 获取产品基础信息的列表
*
@@ -199,4 +217,45 @@ public class ProductController implements ProductApi {
public ApiResult getDetail(ProductDetailReq req) {
return productService.getById(req.getProductId(), req.getQueryFeatureScope());
}
+
+ @Override
+ public CommonResponse> listWithOutDelete(ProductQueryReq req) {
+ SaasProductQueryReq queryReq = BeanMapper.copyBean(req, SaasProductQueryReq.class);
+ List respList = productService.saasProductListWithOutDelete(queryReq);
+ List resps = BeanMapper.copyList(respList,ProductQueryResp.class);
+ return CommonResponse.success(resps);
+ }
+
+ @Override
+ public CommonResponse createOrGetOmsProduct() {
+ SaasProductQueryReq saasProductQueryReq = new SaasProductQueryReq();
+ saasProductQueryReq.setProductType(ProductTypeEnum.PT_OMS.getCode());
+ saasProductQueryReq.setCommonProduct(0);
+
+ PageResult saasProductRespPageResult = productService.saasProductList(saasProductQueryReq);
+ Long totalCount = saasProductRespPageResult.getTotalCount();
+ if (totalCount!=null&& totalCount> 0) {
+ List omsBaseProduct = saasProductRespPageResult.getData();
+ if (CollectionUtil.isNotEmpty(omsBaseProduct)) {
+ // 随便取哪一个ID都可以,主要用于数据初始化
+ return CommonResponse.success(omsBaseProduct.get(0).getId());
+ }
+ }
+ // 没有默认产品,创建
+ SaasProductSaveOrUpdateReq saasProductSaveOrUpdateReq = new SaasProductSaveOrUpdateReq();
+ saasProductSaveOrUpdateReq.setProductType(ProductTypeEnum.PT_OMS.getCode());
+ saasProductSaveOrUpdateReq.setProductName("OMS基础产品");
+ saasProductSaveOrUpdateReq.setCommonProduct(0);
+ saasProductSaveOrUpdateReq.setRemark("OMS基础产品");
+
+
+ List saasFeatureBOS = saasFeatureResourceService.listAllFeatureByTerminal(TerminalInfo.NT_OMS_WEB);
+
+ if (CollectionUtil.isEmpty(saasFeatureBOS)) {
+ throw new ServiceException("生成OMS产品错误,未维护对应的菜单");
+ }
+ saasProductSaveOrUpdateReq.setFeatureIds(saasFeatureBOS.stream().filter(e ->
+ e.getFeatureType().equals(3)).map(SaasFeatureBO::getId).collect(Collectors.toList()));
+ return CommonResponse.success(productService.productModuleCreate(saasProductSaveOrUpdateReq));
+ }
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasPermissionGroupController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasPermissionGroupController.java
index aea17984..fd8eed8f 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasPermissionGroupController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasPermissionGroupController.java
@@ -1,12 +1,17 @@
package cn.axzo.tyr.server.controller.role;
+import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.basics.common.exception.ServiceException;
import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.feign.SaasPermissionGroupApi;
+import cn.axzo.tyr.client.model.permission.ListByWorkspaceIdAndOuIdReq;
+import cn.axzo.tyr.client.model.permission.ListFeatureIdByGroupIdsReq;
import cn.axzo.tyr.client.model.req.QuerySaasPermissionGroupReq;
+import cn.axzo.tyr.client.model.res.SaasPermissionGroupRes;
+import cn.axzo.tyr.client.model.res.SaasPgroupPermissionRelationRes;
import cn.axzo.tyr.client.model.vo.DeletePermissionGroupVO;
import cn.axzo.tyr.client.model.vo.SaasPermissionGroupVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdatePermissionGroupVO;
@@ -14,15 +19,20 @@ import cn.axzo.tyr.client.model.vo.SavePermissionGroupPPVO;
import cn.axzo.tyr.server.repository.dao.SaasPermissionGroupDao;
import cn.axzo.tyr.server.repository.dao.SaasPermissionGroupScopeDao;
import cn.axzo.tyr.server.repository.dao.SaasPgroupPermissionRelationDao;
+import cn.axzo.tyr.server.repository.entity.SaasPermissionGroup;
+import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
import cn.axzo.tyr.server.service.PermissionGroupService;
import com.google.common.collect.Lists;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.CollectionUtils;
+import org.springframework.beans.BeanUtils;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.RestController;
import java.util.List;
+import java.util.Objects;
+import java.util.stream.Collectors;
@Slf4j
@RestController
@@ -33,6 +43,7 @@ public class SaasPermissionGroupController implements SaasPermissionGroupApi {
private final SaasPgroupPermissionRelationDao pgroupPermissionRelationDao;
private final SaasPermissionGroupScopeDao permissionGroupScopeDao;
private final PermissionGroupService permissionGroupService;
+ private final SaasPermissionGroupDao saasPermissionGroupDao;
@Override
public ApiResult saveOrUpdateSpecial(SaveOrUpdatePermissionGroupVO permissionGroup) {
@@ -79,4 +90,39 @@ public class SaasPermissionGroupController implements SaasPermissionGroupApi {
return ApiResult.ok();
}
+ @Override
+ public ApiResult> listByWorkspaceIdAndOuId(ListByWorkspaceIdAndOuIdReq group) {
+ List saasPermissionGroupRes = saasPermissionGroupDao.lambdaQuery()
+ .eq(Objects.nonNull(group.getWorkspaceId()), SaasPermissionGroup::getCustomSpaceId, group.getWorkspaceId())
+ .eq(Objects.nonNull(group.getOuId()), SaasPermissionGroup::getOuId, group.getOuId())
+ .list()
+ .stream()
+ .map(e -> {
+ SaasPermissionGroupRes result = SaasPermissionGroupRes.builder().build();
+ BeanUtils.copyProperties(e, result);
+ return result;
+ })
+ .collect(Collectors.toList());
+
+ return ApiResult.ok(saasPermissionGroupRes);
+ }
+
+ @Override
+ public ApiResult> listFeatureIdByGroupIds(ListFeatureIdByGroupIdsReq group) {
+
+ List saasPgroupPermissionRelationRes = pgroupPermissionRelationDao.lambdaQuery()
+ .select(SaasPgroupPermissionRelation::getFeatureId)
+ .eq(SaasPgroupPermissionRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value)
+ .in(SaasPgroupPermissionRelation::getGroupId, group.getGroupIds())
+ .list()
+ .stream()
+ .map(e -> {
+ SaasPgroupPermissionRelationRes result = SaasPgroupPermissionRelationRes.builder().build();
+ BeanUtils.copyProperties(e, result);
+ return result;
+ })
+ .collect(Collectors.toList());
+
+ return ApiResult.ok(saasPgroupPermissionRelationRes);
+ }
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
index d320ab66..ef2f9ad4 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@@ -8,6 +8,7 @@ import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
import cn.axzo.tyr.client.model.enums.IdentityType;
+import cn.axzo.tyr.client.model.permission.BaseIdentityReq;
import cn.axzo.tyr.client.model.roleuser.RoleUserUpdateReq;
import cn.axzo.tyr.client.model.roleuser.dto.GetUserAutoOwnRoleResp;
import cn.axzo.tyr.client.model.roleuser.dto.GetUserFeatureResourceIdsResp;
@@ -37,6 +38,16 @@ import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
import cn.axzo.tyr.client.model.roleuser.req.WorkerManagerRoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.AutoOwnRoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.GantOrUnGantaWorkerLeaderRoleReq;
+import cn.axzo.tyr.client.model.roleuser.req.GetUserAutoOwnRoleReq;
+import cn.axzo.tyr.client.model.roleuser.req.GetUserFeatureResourceIdsReq;
+import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
+import cn.axzo.tyr.client.model.roleuser.req.WorkerManagerRoleUserReq;
import cn.axzo.tyr.server.model.PermissionCacheKey;
import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
@@ -351,4 +362,14 @@ public class RoleUserController implements TyrSaasRoleUserApi {
})
.collect(Collectors.toList());
}
+
+ @Override
+ public ApiResult updateIdentityId(List req) {
+ req.forEach(item -> saasRoleUserRelationDao.lambdaUpdate()
+ .eq(SaasRoleUserRelation::getIdentityId, item.getOldIdentityId())
+ .eq(SaasRoleUserRelation::getIdentityType, item.getIdentityType())
+ .set(SaasRoleUserRelation::getIdentityId, item.getNewIdentityId()).update());
+
+ return ApiResult.ok();
+ }
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/model/QueryUserRoleReq.java b/tyr-server/src/main/java/cn/axzo/tyr/server/model/QueryUserRoleReq.java
new file mode 100644
index 00000000..989d5ba0
--- /dev/null
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/model/QueryUserRoleReq.java
@@ -0,0 +1,43 @@
+package cn.axzo.tyr.server.model;
+
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/19 15:01
+ * @description : 查询用户拥有得角色
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class QueryUserRoleReq {
+
+ /**
+ * 工作台Id
+ */
+ private Long workspaceId;
+
+ /**
+ * 单位Id
+ */
+ private Long ouId;
+
+ /**
+ * 身份Id列表
+ */
+ private List identityIds;
+
+ private IdentityType identityType;
+
+ private List roleTypes;
+
+ private List roleIds;
+
+}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/ProductModuleDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/ProductModuleDao.java
index c83be1d3..b9dd45ad 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/ProductModuleDao.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/ProductModuleDao.java
@@ -1,10 +1,18 @@
package cn.axzo.tyr.server.repository.dao;
+import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
+import cn.axzo.basics.common.exception.ServiceException;
+import cn.axzo.tyr.client.model.req.SaasProductQueryReq;
import cn.axzo.tyr.server.repository.entity.ProductModule;
import cn.axzo.tyr.server.repository.mapper.ProductModuleMapper;
+import cn.hutool.core.util.StrUtil;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.core.toolkit.CollectionUtils;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.springframework.stereotype.Service;
+import java.util.List;
+
/**
* saas-产品表(SaasProduct)表服务实现类
*
@@ -14,5 +22,41 @@ import org.springframework.stereotype.Service;
@Service
public class ProductModuleDao extends ServiceImpl {
+ public List listByNameTypeWithOutDelete(SaasProductQueryReq req) {
+ return lambdaQuery().like(StrUtil.isNotEmpty(req.getProductName()), ProductModule::getProductName,
+ req.getProductName())
+ .eq(req.getProductType() != null, ProductModule::getDictWorkspaceTypeCode, req.getProductType())
+ .eq(req.getCommonProduct() != null, ProductModule::getCommonProduct, req.getCommonProduct())
+ .eq(ProductModule::getIsDelete, 0)
+ .in(CollectionUtils.isNotEmpty(req.getProductIds()), ProductModule::getId, req.getProductIds())
+ .orderByDesc(ProductModule::getCreateAt)
+ .list();
+ }
+
+ public IPage listByNameType(SaasProductQueryReq req) {
+
+ if (StrUtil.isNotEmpty(req.getProductName()) && (req.getProductName().contains("%") || req.getProductName().contains("_"))) {
+ throw new ServiceException("涉及模糊查询禁止传入特殊字符串");
+ }
+
+
+
+ return lambdaQuery().like(StrUtil.isNotEmpty(req.getProductName()), ProductModule::getProductName,
+ req.getProductName())
+ .eq(req.getProductType() != null, ProductModule::getProductType, req.getProductType())
+ .eq(req.getCommonProduct() != null, ProductModule::getCommonProduct, req.getCommonProduct())
+ .eq(ProductModule::getIsDelete, TableIsDeleteEnum.NORMAL.value)
+ .orderByDesc(ProductModule::getCreateAt)
+ .page(req.toPage());
+ }
+
+ public ProductModule queryByName(String productName) {
+ List list = lambdaQuery().eq(ProductModule::getProductName, productName)
+ .eq(ProductModule::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
+ if (CollectionUtils.isNotEmpty(list)) {
+ return list.get(0);
+ }
+ return null;
+ }
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasFeatureDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasFeatureDao.java
index 26244f5d..7e0f92bc 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasFeatureDao.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasFeatureDao.java
@@ -1,5 +1,6 @@
package cn.axzo.tyr.server.repository.dao;
+import cn.axzo.pudge.core.persistence.BaseEntity;
import cn.axzo.tyr.server.repository.entity.SaasFeature;
import com.baomidou.mybatisplus.extension.service.IService;
@@ -30,4 +31,7 @@ public interface SaasFeatureDao extends IService {
List getChildByParentId(Long parentId);
+ List listAllFeature();
+
+ List listAllFeatureByTerminal(String terminal);
}
\ No newline at end of file
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
index eedd7241..6e0a67f2 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
@@ -127,5 +127,13 @@ public class SaasRoleDao extends ServiceImpl {
.eq(SaasRole::getRoleType, RoleTypeEnum.INIT.getValue())
.list();
}
+
+ public List listRoleByIds(Set notRemoveRoleIds) {
+ return this.lambdaQuery()
+ .in(BaseEntity::getId, notRemoveRoleIds)
+ .eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value)
+ .select(BaseEntity::getId, SaasRole::getRoleType)
+ .list();
+ }
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java
index 1493e1ed..b08eae86 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java
@@ -1,10 +1,17 @@
package cn.axzo.tyr.server.repository.dao;
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
+import cn.axzo.karma.client.model.dto.ProjectWorkBaseDTO;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.model.BaseWorkspaceModel;
import cn.axzo.tyr.client.model.enums.IdentityType;
+import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
+import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO;
+import cn.axzo.tyr.client.model.permission.IdentityKey;
+import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
+import cn.axzo.tyr.client.model.permission.SaasUserRoleExBO;
import cn.axzo.tyr.client.model.roleuser.dto.IdentityInfo;
+import cn.axzo.tyr.server.model.QueryUserRoleReq;
import cn.axzo.tyr.server.model.RoleUserInfo;
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import cn.axzo.tyr.server.repository.mapper.SaasRoleUserRelationMapper;
@@ -12,6 +19,7 @@ import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.collection.CollectionUtil;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;
import java.util.List;
@@ -21,6 +29,36 @@ import java.util.stream.Collectors;
@Repository
public class SaasRoleUserRelationDao extends ServiceImpl {
+ @Autowired
+ private SaasRoleUserRelationMapper saasRoleUserRelationMapper;
+
+ public List query(Long identityId, Integer identityType, Long workspaceId, Long ouId) {
+ return this.lambdaQuery()
+ .eq(SaasRoleUserRelation::getIdentityId, identityId)
+ .eq(SaasRoleUserRelation::getIdentityType, identityType)
+ .eq(null != workspaceId, SaasRoleUserRelation::getWorkspaceId, workspaceId)
+ .eq(null != ouId, SaasRoleUserRelation::getOuId, ouId)
+ .eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
+ .list();
+ }
+
+ public List queryByPersonId(Long personId, Long workspaceId, Long ouId) {
+ return this.lambdaQuery()
+ .eq(SaasRoleUserRelation::getNaturalPersonId, personId)
+ .eq(null != workspaceId, SaasRoleUserRelation::getWorkspaceId, workspaceId)
+ .eq(null != ouId, SaasRoleUserRelation::getOuId, ouId)
+ .eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
+ .list();
+ }
+
+
+ public void deleteByRoleId(List roleId) {
+ lambdaUpdate()
+ .in(SaasRoleUserRelation::getRoleId,roleId)
+ .set(BaseEntity::getIsDelete,TableIsDeleteEnum.DELETE.value)
+ .update();
+ }
+
public void deleteById(List ids) {
if (CollUtil.isEmpty(ids)) {
return;
@@ -102,5 +140,55 @@ public class SaasRoleUserRelationDao extends ServiceImpl listUserRoleExByParams(QueryUserRoleReq req) {
+ List list = saasRoleUserRelationMapper.listUserRoleExByParams(req);
+ return list;
+ }
+
+ public List findAccountInfosByCode(QueryIdentityByPermissionDTO req) {
+ List dtoList = saasRoleUserRelationMapper.findIdentityAndAccountInfosByParams(req);
+ return dtoList;
+ }
+
+ /**
+ * 删除用户的岗位,不包含超管和代班长的
+ *
+ * @param workspaceId
+ * @param ouId
+ * @param identityId
+ * @param identityType
+ * @param masterJob
+ */
+ public void deleteButNotAdminAndNotLeader(Long workspaceId, Long ouId, Long identityId, cn.axzo.basics.profiles.common.enums.IdentityType identityType, SaasJobTypeEnum masterJob) {
+ getBaseMapper().deleteButNotAdminAndNotLeader(workspaceId, ouId, identityId, identityType, masterJob);
+ }
+
+ public void delByIdentityAndWorkspaceIdAndOuId(Long identityId, cn.axzo.basics.profiles.common.enums.IdentityType identityType, Long workspaceId, Long ouId) {
+ getBaseMapper().deleteButNotAdminAndNotLeader(workspaceId, ouId, identityId, identityType, null);
+// lambdaUpdate().eq(SaasRoleUserRelation::getWorkspaceId, workspaceId)
+// .eq(SaasRoleUserRelation::getIdentityId, identityId)
+// .eq(SaasRoleUserRelation::getIdentityType, identityType)
+// .eq(SaasRoleUserRelation::getOuId, ouId)
+// .set(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.DELETE.value).update();
+ }
+
+ public List findBathSuperAdmin(List req) {
+ return saasRoleUserRelationMapper.findBathSuperAdmin(req);
+ }
+
+ //TODO: 加一个roleIds
+ public List listIdentityKeysByParams(QueryUserRoleReq req) {
+ return saasRoleUserRelationMapper.listIdentityKeysByParams(req);
+ }
+
+ public List listUserRoleExByIdentityIdsAndWorkspaceId(List identityIds, cn.axzo.basics.profiles.common.enums.IdentityType identityType, Long workspaceId) {
+ return saasRoleUserRelationMapper.listUserRoleExByParams(QueryUserRoleReq.builder().identityIds(identityIds).identityType(identityType).workspaceId(workspaceId).build());
+ }
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/impl/SaasFeatureDaoImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/impl/SaasFeatureDaoImpl.java
index e7dc4d03..a87b1875 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/impl/SaasFeatureDaoImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/impl/SaasFeatureDaoImpl.java
@@ -60,4 +60,17 @@ public class SaasFeatureDaoImpl extends ServiceImpl listAllFeature() {
+ return lambdaQuery().eq(BaseEntity::getIsDelete, 0).list();
+ }
+
+ @Override
+ public List listAllFeatureByTerminal(String terminal) {
+ return lambdaQuery()
+ .eq(BaseEntity::getIsDelete, 0)
+ .eq(SaasFeature::getTerminal, terminal)
+ .list();
+ }
}
\ No newline at end of file
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasPermissionGroup.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasPermissionGroup.java
index 8fcd2444..7d5a5524 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasPermissionGroup.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasPermissionGroup.java
@@ -55,6 +55,16 @@ public class SaasPermissionGroup extends BaseEntity {
*/
private Integer isCommon;
+ /**
+ * 工作台Id
+ */
+ private Long customSpaceId;
+
+ /**
+ * 单位ID
+ */
+ private Long ouId;
+
/**
* 获取主键值
*
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRole.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRole.java
index 0b2bd48e..e4618c1e 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRole.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRole.java
@@ -1,6 +1,7 @@
package cn.axzo.tyr.server.repository.entity;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
+import cn.axzo.tyr.client.model.permission.SaasRoleFits;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.EqualsAndHashCode;
@@ -104,5 +105,10 @@ public class SaasRole extends BaseEntity {
protected Serializable pkVal() {
return this.id;
}
+
+ public boolean isFitOuType(Integer ouType) {
+ return SaasRoleFits.isFitOuType(this.fitOuTypeBit, ouType);
+ }
+
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRoleUserRelation.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRoleUserRelation.java
index ca3c4687..db31dc77 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRoleUserRelation.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRoleUserRelation.java
@@ -2,6 +2,7 @@ package cn.axzo.tyr.server.repository.entity;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.model.enums.IdentityType;
+import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.EqualsAndHashCode;
import lombok.Getter;
@@ -73,6 +74,12 @@ public class SaasRoleUserRelation extends BaseEntity {
*/
private Long resourceId;
+ /**
+ * 岗位类型 1:主岗 2:兼岗
+ * 一个人在一个工作台内,除非 特殊的角色(超管,无权限角色等)必定有且只有一个主岗,可以有N个兼岗
+ */
+ private SaasJobTypeEnum jobType;
+
/**
* 获取主键值
*
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleUserRelationMapper.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleUserRelationMapper.java
index ad0f6e40..01f89260 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleUserRelationMapper.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleUserRelationMapper.java
@@ -2,6 +2,14 @@ package cn.axzo.tyr.server.repository.mapper;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
import cn.axzo.tyr.client.model.roleuser.req.PageRoleUserRelationReq;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.karma.client.model.dto.ProjectWorkBaseDTO;
+import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
+import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO;
+import cn.axzo.tyr.client.model.permission.IdentityKey;
+import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
+import cn.axzo.tyr.server.model.QueryUserRoleReq;
+import cn.axzo.tyr.client.model.permission.SaasUserRoleExBO;
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import lombok.AllArgsConstructor;
@@ -32,6 +40,25 @@ public interface SaasRoleUserRelationMapper extends BaseMapper pageRoleUserRelation(@Param("param") PageRoleUserRelationReq param);
+ List listUserRoleExByParams(@Param("req") QueryUserRoleReq req);
+
+ List findIdentityAndAccountInfosByParams(@Param("req") QueryIdentityByPermissionDTO req);
+
+ /**
+ * 删除岗位,但不包括超管和带班长的
+ *
+ * @param workspaceId
+ * @param ouId
+ * @param identityId
+ * @param identityType
+ * @param jobType
+ */
+ void deleteButNotAdminAndNotLeader(@Param("workspaceId") Long workspaceId, @Param("ouId") Long ouId, @Param("identityId") Long identityId, @Param("identityType") IdentityType identityType, @Param("jobType") SaasJobTypeEnum jobType);
+
+ List findBathSuperAdmin(@Param("req") List req);
+
+ List listIdentityKeysByParams(@Param("req") QueryUserRoleReq req);
+
@Data
@Builder
@NoArgsConstructor
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/ProductService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/ProductService.java
index 9ea8aaf1..e06a82ca 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/ProductService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/ProductService.java
@@ -1,5 +1,6 @@
package cn.axzo.tyr.server.service;
+import cn.axzo.basics.common.page.PageResult;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.model.product.ProductAddReq;
@@ -8,9 +9,13 @@ import cn.axzo.tyr.client.model.product.ProductSearchPageReq;
import cn.axzo.tyr.client.model.product.ProductUpdateReq;
import cn.axzo.tyr.client.model.product.ProductVO;
import cn.axzo.tyr.client.model.req.ProductSaveReq;
+import cn.axzo.tyr.client.model.req.SaasProductQueryReq;
+import cn.axzo.tyr.client.model.req.SaasProductSaveOrUpdateReq;
import cn.axzo.tyr.client.model.req.UpdateProductStatusReq;
import cn.axzo.tyr.client.model.res.GovernmentTerminalResp;
+import cn.axzo.tyr.client.model.res.SaasProductResp;
import cn.axzo.tyr.client.model.res.WorkspaceProductResp;
+import cn.axzo.tyr.server.repository.entity.ProductModule;
import java.util.List;
@@ -41,4 +46,19 @@ public interface ProductService {
ApiResult> getGovernmentTerminal(String terminal);
ApiResult getWorkspaceProduct(String workspaceType);
+
+ List saasProductListWithOutDelete(SaasProductQueryReq queryReq);
+
+ /***
+ * 获取产品列表
+ * @param req
+ * @return
+ */
+ PageResult saasProductList(SaasProductQueryReq req);
+
+ /**
+ * 创建产品
+ * @param req
+ */
+ Long productModuleCreate(SaasProductSaveOrUpdateReq req);
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java
index 360f44ae..1455ca4d 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java
@@ -1,6 +1,7 @@
package cn.axzo.tyr.server.service;
import cn.axzo.foundation.page.PageResp;
+import cn.axzo.tyr.client.model.permission.SaasFeatureBO;
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
@@ -71,6 +72,8 @@ public interface SaasFeatureResourceService extends IService listAllFeatureByTerminal(String terminal);
+
@Data
@Builder
@NoArgsConstructor
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasProductModuleFeatureRelationService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasProductModuleFeatureRelationService.java
new file mode 100644
index 00000000..3aeca33f
--- /dev/null
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasProductModuleFeatureRelationService.java
@@ -0,0 +1,19 @@
+package cn.axzo.tyr.server.service;
+
+
+import cn.axzo.tyr.server.repository.entity.SaasProductModuleFeatureRelation;
+
+import java.util.List;
+
+/**
+ * 产品-菜单关联关系(SaasProductModuleFeatureRelation)表服务接口
+ *
+ * @author makejava
+ * @since 2022-05-24 11:18:41
+ */
+public interface SaasProductModuleFeatureRelationService {
+
+
+ boolean saveBatch(List relations);
+}
+
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java
index 650bd909..47809a30 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java
@@ -1,8 +1,20 @@
package cn.axzo.tyr.server.service;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.framework.domain.page.PageResp;
+import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO;
+import cn.axzo.tyr.client.model.permission.IdentityKey;
+import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
+import cn.axzo.tyr.client.model.permission.SaasUserRoleExBO;
+import cn.axzo.tyr.client.model.req.QuerySuperAdminReq;
+import cn.axzo.tyr.client.model.req.UpdateUserJobReq;
+import cn.axzo.tyr.client.model.req.WorkspaceUpdateUserRoleDTO;
+import cn.axzo.tyr.client.model.res.SuperAminInfoResp;
+import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam;
import cn.axzo.tyr.client.model.roleuser.req.PageRoleUserRelationParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import com.baomidou.mybatisplus.extension.service.IService;
import lombok.AllArgsConstructor;
@@ -48,4 +60,28 @@ public interface SaasRoleUserRelationService extends IService findIdentityAndAccountInfosByParams(QueryIdentityByPermissionDTO req);
+
+ void updateWorkspaceUserRolesList(UpdateUserJobReq req);
+
+ List findBathSuperAdmin(List req);
+
+ List getSuperAdminIdsByWorkspaceAndOu(Long workspaceId, Long ouId);
+
+ List getUserRoleExListMapByIdentityIdAndWorkspaceId(List identityIds, IdentityType identityType, Long workspaceId);
+
+ Boolean updateWorkspaceUserRoles(WorkspaceUpdateUserRoleDTO req);
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ProductServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ProductServiceImpl.java
index 4c898184..2da39b7b 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ProductServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ProductServiceImpl.java
@@ -1,6 +1,7 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.common.BeanMapper;
+import cn.axzo.basics.common.page.PageResult;
import cn.axzo.basics.common.util.AssertUtil;
import cn.axzo.basics.profiles.api.UserProfileServiceApi;
import cn.axzo.basics.profiles.dto.basic.PersonProfileDto;
@@ -8,6 +9,7 @@ import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
+import cn.axzo.pudge.core.service.ServiceException;
import cn.axzo.tyr.client.common.enums.PermissionRelationOperateLogSceneEnum;
import cn.axzo.tyr.client.common.enums.ProductModuleFeatureRelationTypeEnum;
import cn.axzo.tyr.client.model.dict.request.BasicDictQueryReq;
@@ -24,8 +26,11 @@ import cn.axzo.tyr.client.model.product.ProductUpdateReq;
import cn.axzo.tyr.client.model.product.ProductVO;
import cn.axzo.tyr.client.model.req.PermissionOperateLogReq;
import cn.axzo.tyr.client.model.req.ProductSaveReq;
+import cn.axzo.tyr.client.model.req.SaasProductQueryReq;
+import cn.axzo.tyr.client.model.req.SaasProductSaveOrUpdateReq;
import cn.axzo.tyr.client.model.req.UpdateProductStatusReq;
import cn.axzo.tyr.client.model.res.GovernmentTerminalResp;
+import cn.axzo.tyr.client.model.res.SaasProductResp;
import cn.axzo.tyr.client.model.res.WorkspaceProductResp;
import cn.axzo.tyr.server.model.RelationOperateLogProductBindResourceDO;
import cn.axzo.tyr.server.repository.dao.ProductModuleDao;
@@ -39,6 +44,7 @@ import cn.axzo.tyr.server.service.ProductService;
import cn.axzo.tyr.server.service.SaasBasicDictService;
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationOperateLogService;
+import cn.axzo.tyr.server.service.SaasProductModuleFeatureRelationService;
import cn.axzo.tyr.server.util.RpcInternalUtil;
import cn.azxo.framework.common.constatns.Constants;
import cn.hutool.core.collection.CollectionUtil;
@@ -88,6 +94,7 @@ public class ProductServiceImpl implements ProductService {
private final UserProfileServiceApi userProfileServiceApi;
private final SaasPgroupPermissionRelationOperateLogService saasPgroupPermissionRelationOperateLogService;
private final SaasFeatureResourceDao saasFeatureResourceDao;
+ private final SaasProductModuleFeatureRelationService saasProductModuleFeatureRelationService;
@Override
public ApiResult> list(ProductSearchListReq req) {
@@ -571,4 +578,69 @@ public class ProductServiceImpl implements ProductService {
.build();
saasPgroupPermissionRelationOperateLogService.batchSave(Lists.newArrayList(operateLog));
}
+
+ @Override
+ public List saasProductListWithOutDelete(SaasProductQueryReq queryReq) {
+
+ return productModuleDao.listByNameTypeWithOutDelete(queryReq);
+ }
+
+ /**
+ * 获取产品列表
+ * @param req
+ * @return
+ */
+ @Override
+ public PageResult saasProductList(SaasProductQueryReq req) {
+ PageResult result = new PageResult();
+ IPage productList = productModuleDao.listByNameType(req);
+ if (com.baomidou.mybatisplus.core.toolkit.CollectionUtils.isEmpty(productList.getRecords())) {
+ return result;
+ }
+ List respList = BeanMapper.mapList(productList.getRecords(),SaasProductResp.class);
+ result.setData(respList);
+ result.setTotalCount(productList.getTotal());
+ return result;
+ }
+
+ /**
+ * 创建产品
+ * @param req
+ */
+ @Override
+ @Transactional(rollbackFor = Exception.class)
+ public Long productModuleCreate(SaasProductSaveOrUpdateReq req) {
+ ProductModule productModule = saasProductCreate(req);
+ if(com.baomidou.mybatisplus.core.toolkit.CollectionUtils.isNotEmpty(req.getFeatureIds())){
+ List relations = new ArrayList<>();
+ req.getFeatureIds().forEach(item -> {
+ SaasProductModuleFeatureRelation relation = new SaasProductModuleFeatureRelation();
+ relation.setFeatureId(item);
+ relation.setProductModuleId(productModule.getId());
+ relations.add(relation);
+ });
+ saasProductModuleFeatureRelationService.saveBatch(relations);
+
+ }
+ return productModule.getId();
+ }
+
+ /**
+ * 创建产品
+ * @param req
+ */
+ private ProductModule saasProductCreate(SaasProductSaveOrUpdateReq req) {
+ //校验对应产品是否存在
+ ProductModule productModule = productModuleDao.queryByName(req.getProductName());
+ if (productModule != null) {
+ throw new ServiceException("该名称对应产品已存在");
+ }
+ ProductModule product = new ProductModule();
+ product.setProductType(req.getProductType());
+ product.setProductName(req.getProductName());
+ product.setCommonProduct(req.getCommonProduct());
+ product.setRemark(req.getRemark());
+ productModuleDao.save(product);
+ return product;
+ }
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java
index f1b4707f..9605bd48 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java
@@ -16,6 +16,7 @@ import cn.axzo.tyr.client.common.enums.FeatureResourceStatus;
import cn.axzo.tyr.client.common.enums.FeatureResourceType;
import cn.axzo.tyr.client.common.enums.PageElementFeatureResourceRelationTypeEnum;
import cn.axzo.tyr.client.model.enums.DelegatedType;
+import cn.axzo.tyr.client.model.permission.SaasFeatureBO;
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
import cn.axzo.tyr.client.model.req.FeatureComponentSaveReq;
@@ -986,4 +987,12 @@ public class SaasFeatureResourceServiceImpl extends ServiceImpl listAllFeatureByTerminal(String terminal) {
+
+ List saasFeatures = saasFeatureDao.listAllFeatureByTerminal(terminal);
+
+ return BeanMapper.mapList(saasFeatures, SaasFeatureBO.class);
+ }
}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasProductModuleFeatureRelationServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasProductModuleFeatureRelationServiceImpl.java
new file mode 100644
index 00000000..98ba9efa
--- /dev/null
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasProductModuleFeatureRelationServiceImpl.java
@@ -0,0 +1,36 @@
+package cn.axzo.tyr.server.service.impl;
+
+import cn.axzo.tyr.server.repository.dao.SaasProductModuleFeatureRelationDao;
+import cn.axzo.tyr.server.repository.entity.SaasProductModuleFeatureRelation;
+import cn.axzo.tyr.server.service.SaasProductModuleFeatureRelationService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.List;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/7 22:14
+ * @description : 产品关联功能树实现
+ */
+@Service
+public class SaasProductModuleFeatureRelationServiceImpl implements
+ SaasProductModuleFeatureRelationService {
+
+ @Autowired
+ private SaasProductModuleFeatureRelationDao relationDao;
+
+
+ /**
+ * 产品-feature批量保存
+ * @param relations
+ * @return
+ */
+ @Override
+ @Transactional(rollbackFor = Exception.class)
+ public boolean saveBatch(List relations) {
+ return relationDao.saveBatch(relations);
+ }
+
+}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java
index 8e404451..d2effa39 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java
@@ -1,25 +1,52 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
+import cn.axzo.basics.common.util.AssertUtil;
+import cn.axzo.basics.profiles.api.IdentityProfileApi;
import cn.axzo.basics.profiles.api.UserProfileServiceApi;
+import cn.axzo.basics.profiles.api.vo.request.FindIdentityProfileReq;
+import cn.axzo.basics.profiles.common.enums.IdentityType;
+import cn.axzo.basics.profiles.dto.basic.IdentityProfileDto;
import cn.axzo.basics.profiles.dto.basic.PersonProfileDto;
import cn.axzo.foundation.dao.support.converter.PageConverter;
import cn.axzo.foundation.dao.support.mysql.QueryWrapperHelper;
import cn.axzo.foundation.exception.Axssert;
+import cn.axzo.framework.auth.domain.ContextInfo;
+import cn.axzo.framework.auth.domain.ContextInfoHolder;
import cn.axzo.framework.rocketmq.Event;
-import cn.axzo.log.platform.client.LogPlatClient;
+import cn.axzo.karma.client.model.dto.ProjectWorkBaseDTO;
+import cn.axzo.maokai.api.client.OrganizationalUnitApi;
+import cn.axzo.maokai.api.vo.response.OrganizationalUnitVO;
+import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
+import cn.axzo.pudge.core.service.ServiceException;
+import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
+import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO;
+import cn.axzo.tyr.client.model.permission.IdentityKey;
+import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
+import cn.axzo.tyr.client.model.permission.SaasUserRoleExBO;
import cn.axzo.tyr.client.model.req.ListRoleReq;
+import cn.axzo.tyr.client.model.req.QuerySuperAdminReq;
+import cn.axzo.tyr.client.model.req.UpdateUserJobReq;
+import cn.axzo.tyr.client.model.req.WorkspaceUpdateUserRoleDTO;
import cn.axzo.tyr.client.model.res.SaasRoleRes;
+import cn.axzo.tyr.client.model.res.SuperAminInfoResp;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam;
import cn.axzo.tyr.client.model.roleuser.req.PageRoleUserRelationParam;
+import cn.axzo.tyr.server.common.util.NumUtil;
import cn.axzo.tyr.server.config.MqProducer;
import cn.axzo.tyr.server.event.payload.SaasRoleUserRelationRemovePayload;
+import cn.axzo.tyr.server.model.QueryUserRoleReq;
+import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
+import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
+import cn.axzo.tyr.server.repository.entity.SaasRole;
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import cn.axzo.tyr.server.repository.mapper.SaasRoleUserRelationMapper;
import cn.axzo.tyr.server.service.RoleService;
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
import cn.axzo.tyr.server.util.RpcInternalUtil;
+import cn.hutool.core.collection.CollectionUtil;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
@@ -33,8 +60,11 @@ import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.CollectionUtils;
+import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
@@ -54,6 +84,10 @@ import static cn.axzo.tyr.server.event.inner.EventTypeEnum.SAAS_ROLE_USER_RELATI
@Service
public class SaasRoleUserRelationServiceImpl extends ServiceImpl
implements SaasRoleUserRelationService {
+ @Autowired
+ private SaasRoleUserRelationDao saasRoleUserRelationDao;
+ @Autowired
+ private SaasRoleDao saasRoleDao;
@Autowired
private UserProfileServiceApi userProfileServiceApi;
@@ -62,8 +96,9 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl list = this.listUserRoleExByParams(QueryUserRoleReq.builder()
+ .identityIds(Arrays.asList(identityId)).identityType(identityType).workspaceId(workspaceId).ouId(ouId)
+ .roleTypes(Arrays.asList(RoleTypeEnum.SUPER_ADMIN.getValue())).build());
+ return list.size() > 0;
+ }
+
+ public List listUserRoleExByParams(QueryUserRoleReq req) {
+ return saasRoleUserRelationDao.listUserRoleExByParams(req);
+ }
+
+ @Override
+ public Boolean deleteByPersonId(Long personId) {
+ return saasRoleUserRelationDao.lambdaUpdate()
+ .in(SaasRoleUserRelation::getNaturalPersonId, personId)
+ .eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value)
+ .setSql(" is_delete=id")
+ .update();
+ }
+
+ @Override
+ public List findIdentityAndAccountInfosByParams(QueryIdentityByPermissionDTO req) {
+ return saasRoleUserRelationDao.findAccountInfosByCode(req);
+ }
+
+ @Override
+ @Transactional(rollbackFor = Exception.class)
+ public void updateWorkspaceUserRolesList(UpdateUserJobReq req) {
+ Set roles = req.getRoles();
+ if (CollectionUtils.isEmpty(roles)) {
+ return;
+ }
+ //region 排除掉超管和带班长,只修改init的
+ Set roleIds = roles.stream().map(UpdateUserJobReq.RoleReq::getRoleId).collect(Collectors.toSet());
+ List saasRoles = saasRoleDao.listRoleByIds(roleIds);
+ if (CollectionUtils.isEmpty(saasRoles)) {
+ return;
+ }
+ Set couldUpdateRoleIds = saasRoles.stream().filter(e -> Objects.equals(RoleTypeEnum.INIT.getValue(), e.getRoleType())).map(BaseEntity::getId).collect(Collectors.toSet());
+ if (CollectionUtils.isEmpty(couldUpdateRoleIds)) {
+ return;
+ }
+ roles = roles.stream().filter(e -> couldUpdateRoleIds.contains(e.getRoleId())).collect(Collectors.toSet());
+ //endregion
+
+ List masterJobs = roles.stream().filter(e -> e.getJobType().equals(SaasJobTypeEnum.MASTER_JOB)).collect(Collectors.toList());
+ if (masterJobs.size() != 1) {
+ AssertUtil.fail("主岗必须且只能有一个");
+ }
+ Set slaveJobs = roles.stream().filter(e -> e.getJobType().equals(SaasJobTypeEnum.SLAVE_JOB)).collect(Collectors.toSet());
+ if (!CollectionUtils.isEmpty(slaveJobs)) {
+ WorkspaceUpdateUserRoleDTO workspaceUpdateUserRoleDTO = new WorkspaceUpdateUserRoleDTO();
+ workspaceUpdateUserRoleDTO.setWorkspaceId(req.getWorkspaceId());
+ workspaceUpdateUserRoleDTO.setOuId(req.getOuId());
+ workspaceUpdateUserRoleDTO.setIdentityId(req.getIdentityId());
+ workspaceUpdateUserRoleDTO.setIdentityType(req.getIdentityType());
+ workspaceUpdateUserRoleDTO.setUpdateRoleIds(slaveJobs.stream().map(UpdateUserJobReq.RoleReq::getRoleId).collect(Collectors.toList()));
+ //这里面会删除所有岗位(主岗,兼岗)
+ updateWorkspaceUserRolesList(Lists.newArrayList(workspaceUpdateUserRoleDTO));
+ } else {
+ //如果传入空,表示删除兼岗
+ saasRoleUserRelationDao.deleteButNotAdminAndNotLeader(req.getWorkspaceId(), req.getOuId(), req.getIdentityId(),
+ req.getIdentityType(), SaasJobTypeEnum.SLAVE_JOB);
+ }
+ UpdateUserJobReq.RoleReq masterJob = masterJobs.get(0);
+ checkRoleInWorkspaceAndFitOu(Collections.singletonList(masterJob.getRoleId()), req.getWorkspaceId(), req.getOuId(), Collections.singletonList(RoleTypeEnum.INIT));
+ IdentityProfileDto profile = this.checkIdentity(req.getIdentityId(), req.getIdentityType());
+ //删除用户的主岗
+ saasRoleUserRelationDao.deleteButNotAdminAndNotLeader(req.getWorkspaceId(), req.getOuId(), req.getIdentityId(),
+ req.getIdentityType(), SaasJobTypeEnum.MASTER_JOB);
+
+ //添加用户主岗
+ SaasRoleUserRelation relation = new SaasRoleUserRelation();
+ relation.setRoleId(masterJob.getRoleId());
+ relation.setIdentityId(req.getIdentityId());
+ relation.setIdentityType(profile.getIdentityType().getCode());
+ relation.setIsDelete(0L);
+ relation.setNaturalPersonId(profile.getPersonProfile().getId());
+ relation.setOuId(req.getOuId());
+ relation.setResourceId(0L);
+ relation.setJobType(SaasJobTypeEnum.MASTER_JOB);
+ relation.setResourceType(0);
+ relation.setWorkspaceId(req.getWorkspaceId());
+ saasRoleUserRelationDao.save(relation);
+ }
+
+ private Boolean updateWorkspaceUserRolesList(List dtoList) {
+ Set roleIdSet = new HashSet<>();
+ for (WorkspaceUpdateUserRoleDTO dto : dtoList) {
+ roleIdSet.addAll(dto.getUpdateRoleIds());
+ }
+ // 先从数据库里拿出所有的Role by roleIds
+ // 检查一下是否有SUPER_ADMIN、ADMIN,如果有就抛异常,不能分配ADMIN、SUPER_ADMIN
+ // 检查一下所有Role都存在,且都是这个workspace、这个ou的,否则抛异常,角色列表有错
+ // 完成数据库写操作
+ // 返回
+
+ Long workspaceId = dtoList.get(0).getWorkspaceId();
+ Long ouId = dtoList.get(0).getOuId();
+ for (int i = 1; i < dtoList.size(); i++) {
+ if (!NumUtil.equals(workspaceId, dtoList.get(i).getWorkspaceId())) {
+ throw new ServiceException(String.format("批量配置角色失败,输入列表中有多个不同的工作台Id,%d != %d", workspaceId,
+ dtoList.get(i).getWorkspaceId()));
+ }
+ if (!NumUtil.equals(ouId, dtoList.get(i).getOuId())) {
+ throw new ServiceException(
+ String.format("批量配置角色失败,输入列表中有多个不同的单位ID,%d != %d", ouId, dtoList.get(i).getOuId()));
+ }
+
+ }
+
+ checkWorkspace(workspaceId);
+ checkRoleInWorkspaceAndFitOu(roleIdSet, workspaceId, ouId,
+ Arrays.asList(RoleTypeEnum.INIT, RoleTypeEnum.COMMON));
+ for (WorkspaceUpdateUserRoleDTO g : dtoList) {
+ if (!doUpdateWorkspaceUserRoles(g.getIdentityId(), g.getIdentityType(), g.getUpdateRoleIds(), g.getWorkspaceId(), g.getOuId(), g.getJobType())) {
+ throw new ServiceException(String.format("批量配置角色失败,失败点:用户身份ID=%d,工作台ID=%d, 角色列表=%s", g.getIdentityId(),
+ g.getWorkspaceId(), NumUtil.joinToString(g.getUpdateRoleIds(), ",")));
+ }
+ }
+ return Boolean.TRUE;
+ }
+
+ /**
+ * 检查这些Role是这个Workspace的,也是这个OU合适的
+ *
+ * @param roleIds
+ * @param workspaceId
+ * @param typeList
+ */
+ private void checkRoleInWorkspaceAndFitOu(Collection roleIds, Long workspaceId, Long ouId,
+ List typeList) {
+ if (CollectionUtils.isEmpty(roleIds)) {
+ return;
+ }
+ OrganizationalUnitVO ou = checkAndReturnOU(ouId);
+ List roles = this.saasRoleDao.lambdaQuery().in(SaasRole::getId, roleIds)
+ .in(SaasRole::getRoleType,
+ typeList.stream().map(RoleTypeEnum::getValue).collect(Collectors.toList()))
+ .eq(SaasRole::getIsDelete, 0).list();
+ Set roleIdSet = roles.stream().map(SaasRole::getId).collect(Collectors.toSet());
+
+ for (Long id : roleIds) {
+ if (roleIdSet.contains(id))
+ continue;
+ throw new ServiceException("无法找到角色,ID=" + id);
+ }
+
+ for (SaasRole role : roles) {
+ if (!NumUtil.equals(role.getWorkspaceId(), workspaceId)) {
+ throw new ServiceException("角色不属于当前工作台");
+ }
+ if (!role.isFitOuType(ou.getType())) {
+ throw new ServiceException(String.format("角色[%d-%s]不能适用于单位[%d-%s]", role.getId(), role.getName(),
+ ou.getId(), ou.getName()));
+ }
+ }
+ }
+
+ private void checkWorkspace(Long workspaceId) {
+ ContextInfo contextInfo = ContextInfoHolder.get();
+ if (null != contextInfo) {
+ if (!NumUtil.equals(contextInfo.getWorkspaceId(), workspaceId)) {
+ String msg = String.format("输入的工作台与当前Context工作台不一致, contextInfo.workspace=%d, params.workspaceId=%d",
+ contextInfo.getWorkspaceId(), workspaceId);
+ log.error(msg);
+ // 以后稍微稳定一些了再抛异常吧。
+ // throw new ServiceException(msg);
+ }
+ }
+ }
+
+ /**
+ * @param identityId
+ * @param roleIdList
+ * @param workspaceId
+ * @param ouId
+ * @param jobType
+ * @return
+ */
+ private boolean doUpdateWorkspaceUserRoles(Long identityId, IdentityType identityType, List roleIdList, Long workspaceId, Long ouId, SaasJobTypeEnum jobType) {
+ IdentityProfileDto profile = this.checkIdentity(identityId, identityType);
+ saasRoleUserRelationDao.delByIdentityAndWorkspaceIdAndOuId(identityId, identityType, workspaceId, ouId);
+ List list = new ArrayList<>();
+ for (Long roleId : roleIdList) {
+ SaasRoleUserRelation relation = new SaasRoleUserRelation();
+ relation.setRoleId(roleId);
+ relation.setIdentityId(identityId);
+ relation.setIdentityType(profile.getIdentityType().getCode());
+ relation.setIsDelete(0L);
+ relation.setNaturalPersonId(profile.getPersonProfile().getId());
+ relation.setOuId(ouId);
+ relation.setResourceId(0L);
+ relation.setJobType(jobType);
+ relation.setResourceType(0);
+ relation.setWorkspaceId(workspaceId);
+ list.add(relation);
+ }
+ return saasRoleUserRelationDao.saveBatch(list);
+ }
+
+ private IdentityProfileDto checkIdentity(Long identityId, IdentityType identityType) {
+ if(identityId == null || NumUtil.equals(identityId, 0L))
+ throw new ServiceException("身份错误");
+
+ if (identityType == null)
+ return null;
+
+ FindIdentityProfileReq req = FindIdentityProfileReq.builder()
+ .identityId(identityId)
+ .identityType(identityType)
+ .build();
+ IdentityProfileDto profile = RpcInternalUtil.checkAndGetData(identityProfileApi.findIdentityProfile(req));
+ if (Objects.isNull(profile))
+ throw new ServiceException(String.format("找不到相关身份ID=%d的信息", identityId));
+ return profile;
+ }
+
+ private OrganizationalUnitVO checkAndReturnOU(Long ouId) {
+ if(NumUtil.isZero(ouId))
+ throw new ServiceException("单位为空");
+ return RpcInternalUtil.checkAndGetData(organizationalUnitApi.getById(ouId));
+ }
+
+ @Override
+ public List findBathSuperAdmin(List req) {
+ if (CollectionUtil.isEmpty(req)) {
+ return new ArrayList<>();
+ }
+ // 查询超管
+
+ List superAdmin = saasRoleUserRelationDao.findBathSuperAdmin(req.stream().map(e -> new ProjectWorkBaseDTO(e.getOuId(), e.getWorkspaceId())).collect(Collectors.toList()));
+ if (CollectionUtil.isEmpty(superAdmin)) {
+ return new ArrayList<>();
+ }
+ // 查询档案
+// Map profile = identityProfileService.findProfileByIdSetV2(
+// superAdmin.stream().map(SaasRoleUserRelation::getIdentityId)
+// .collect(Collectors.toSet()), IdentityType.PRACTITIONER);
+ // 数据映射 目前工作台只会有一条超管且档案不支持多身份类型查询,所以直接在map中查询了,
+ return superAdmin.stream().map(e->{
+ IdentityProfileDto identityProfile = RpcInternalUtil.checkAndGetData(identityProfileApi.findIdentityProfile(FindIdentityProfileReq.builder()
+ .identityId(e.getIdentityId())
+ .identityType(IdentityType.getIdentityType(e.getIdentityType()))
+ .build()));
+ SuperAminInfoResp superAminInfoResp = new SuperAminInfoResp();
+ superAminInfoResp.setIdentityId(e.getIdentityId());
+ superAminInfoResp.setIdentityType(IdentityType.getIdentityType(e.getIdentityType()));
+ if (Objects.nonNull(identityProfile)) {
+ superAminInfoResp.setPhone(identityProfile.getPersonProfile().getPhone());
+ superAminInfoResp.setRealName(identityProfile.getPersonProfile().getRealName());
+ }
+ superAminInfoResp.setWorkspaceId(e.getWorkspaceId());
+ superAminInfoResp.setOuId(e.getOuId());
+ return superAminInfoResp;
+ }).collect(Collectors.toList());
+ }
+
+ @Override
+ public List getSuperAdminIdsByWorkspaceAndOu(Long workspaceId, Long ouId) {
+ return saasRoleUserRelationDao.listIdentityKeysByParams(
+ QueryUserRoleReq.builder()
+ .workspaceId(workspaceId)
+ .ouId(ouId)
+ .roleTypes(Arrays.asList(RoleTypeEnum.SUPER_ADMIN.getValue()))
+ .build());
+ }
+
+ @Override
+ public List getUserRoleExListMapByIdentityIdAndWorkspaceId(List identityIds, IdentityType identityType, Long workspaceId) {
+ return saasRoleUserRelationDao.listUserRoleExByIdentityIdsAndWorkspaceId(identityIds, identityType, workspaceId);
+ }
+
+ @Transactional(rollbackFor = Throwable.class)
+ @Override
+ public Boolean updateWorkspaceUserRoles(WorkspaceUpdateUserRoleDTO g) {
+ checkWorkspace(g.getWorkspaceId());
+ checkRoleInWorkspaceAndFitOu(g.getUpdateRoleIds(), g.getWorkspaceId(), g.getOuId(),
+ Arrays.asList(RoleTypeEnum.INIT, RoleTypeEnum.COMMON));
+ doUpdateWorkspaceUserRoles(g.getIdentityId(), g.getIdentityType(), g.getUpdateRoleIds(), g.getWorkspaceId(), g.getOuId(), g.getJobType());
+ return Boolean.TRUE;
+ }
}
diff --git a/tyr-server/src/main/resources/mapper/SaasRoleUserRelationMapper.xml b/tyr-server/src/main/resources/mapper/SaasRoleUserRelationMapper.xml
index 43d2ed52..709bfb38 100644
--- a/tyr-server/src/main/resources/mapper/SaasRoleUserRelationMapper.xml
+++ b/tyr-server/src/main/resources/mapper/SaasRoleUserRelationMapper.xml
@@ -63,4 +63,172 @@
+
+
+
+
+
+
+
+
+ update saas_role_user_relation t1 inner join saas_role t2 on t1.role_id = t2.id and t2.role_type = 'init' and
+ t2.is_delete = 0
+ set t1.is_delete=t1.id
+ where t1.workspace_id = #{workspaceId}
+ and t1.ou_id = #{ouId}
+ and t1.identity_id = #{identityId}
+ and t1.identity_type = #{identityType}
+
+ and t1.job_type = #{jobType}
+
+
+
+
+
+
\ No newline at end of file