删除用户角色

2023-10-18 17:01:21 +08:00 · 2023-10-18 17:01:21 +08:00 · adbdf51b80
commit adbdf51b80
parent f967f9d736
5 changed files with 36 additions and 26 deletions
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@ -6,7 +6,7 @@ import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam;
 import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleIncludeAdminParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
 import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
@ -70,12 +70,12 @@ public interface TyrSaasRoleUserApi {
    ApiResult<CreateAdminRoleDTO> createWorkspaceAdminRole(@RequestBody @Valid @NotEmpty List<CreateWorkspaceAdminRoleParam> params);

    /**
-     * 移除超管角色
+     * 移除用户权限，包含超管，一般用于移除超管权限
     * @param params
     * @return
     */
-    @PostMapping("/api/saas-role-user/delete-admin-role")
-    ApiResult<Boolean> deleteAdminRole(@RequestBody @Valid @NotEmpty List<DeleteAdminRoleParam> params);
+    @PostMapping("/api/saas-role-user/delete-user-role-include-admin")
+    ApiResult<Boolean> deleteUserRoleIncludeAdmin(@RequestBody @Valid @NotEmpty List<DeleteUserRoleIncludeAdminParam> params);

    /**
     * 批量查询超管, 只能批量获取单个工作台台下的超管，业务系统需要根据返回的identityId和identityType查询identityProfile查询用户明细信息
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRoleIncludeAdminParam.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRoleIncludeAdminParam.java
@ -3,24 +3,30 @@ package cn.axzo.tyr.client.model.roleuser.req;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import lombok.Data;

+import javax.validation.constraints.NotNull;
+
@Data
-public class DeleteAdminRoleParam {
+public class DeleteUserRoleIncludeAdminParam {

    /**
     * 工作台id，与context校验
     */
+    @NotNull
    private Long workspaceId;
    /**
     * 单位id : 非必填
     */
+    @NotNull
    private Long ouId;
    /**
     * 被赋予角色的人的身份id
     */
+    @NotNull
    private Long identityId;

    /**
     * 身份类型，必填
     */
+    @NotNull
    private IdentityType identityType;
 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@ -12,15 +12,7 @@ import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
-import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
-import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
 import lombok.RequiredArgsConstructor;
@ -77,8 +69,8 @@ public class RoleUserController implements TyrSaasRoleUserApi {
    }

    @Override
-    public ApiResult<Boolean> deleteAdminRole(List<DeleteAdminRoleParam> params) {
-        // todo cn.axzo.basics.auth.api.SaasRoleApi#ungrantAdminRole
+    public ApiResult<Boolean> deleteUserRoleIncludeAdmin(List<DeleteUserRoleIncludeAdminParam> params) {
+        saasRoleUserService.deleteUserRoleIncludeAdmin(params);
        return ApiResult.ok(true);
    }

--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@ -9,10 +9,8 @@ import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 import java.util.List;
 import java.util.Set;

-import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.client.model.roleuser.req.*;
-import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;

 /**
 * @author tanjie@axzo.cn
@ -72,9 +70,9 @@ public interface SaasRoleUserService {
    List<SuperAdminInfoDTO> superAdminList(SuperAdminParam param);

    /**
-     * 移除管理员
+     * 移除用户角色包含超管
     * @param params
     * @return
     */
-    boolean deleteAdminRole(List<DeleteAdminRoleParam> params);
+    boolean deleteUserRoleIncludeAdmin(List<DeleteUserRoleIncludeAdminParam> params);
 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@ -18,9 +18,6 @@ import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
 import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.BaseWorkspaceModel;
 import cn.axzo.tyr.client.model.enums.IdentityType;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
@ -174,8 +171,25 @@ public class RoleUserService implements SaasRoleUserService {

 	@Override
 	@Transactional(rollbackFor = Exception.class)
-	public boolean deleteAdminRole(List<DeleteAdminRoleParam> params) {
-
-		return false;
+	public boolean deleteUserRoleIncludeAdmin(List<DeleteUserRoleIncludeAdminParam> params) {
+		if (CollectionUtils.isEmpty(params)) {
+			return false;
+		}
+		params.forEach(param -> {
+			List<SaasRole> roles = saasRoleDao.lambdaQuery()
+					.eq(SaasRole::getWorkspaceId, param.getWorkspaceId()).eq(SaasRole::getOwnerOuId, param.getOuId()).eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
+			if (CollectionUtils.isEmpty(roles)) {
+				return;
+			}
+			List<Long> roleIds = roles.stream().map(SaasRole::getId).sorted().collect(Collectors.toList());
+			List<SaasRoleUserRelation> relations = roleUserRelationDao.lambdaQuery().in(SaasRoleUserRelation::getRoleId, roleIds)
+					.eq(SaasRoleUserRelation::getIdentityId, param.getIdentityId()).eq(SaasRoleUserRelation::getIdentityType, param.getIdentityType().getCode())
+					.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
+			if (CollectionUtils.isNotEmpty(relations)) {
+				relations.forEach(r -> r.setIsDelete(r.getId()));
+				roleUserRelationDao.updateBatchById(relations);
+			}
+		});
+		return true;
 	}
 }