diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java index d9e090e2..f8d26f67 100644 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java @@ -6,7 +6,7 @@ import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO; import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO; import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam; import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam; -import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam; +import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleIncludeAdminParam; import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam; import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam; import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam; @@ -70,12 +70,12 @@ public interface TyrSaasRoleUserApi { ApiResult createWorkspaceAdminRole(@RequestBody @Valid @NotEmpty List params); /** - * 移除超管角色 + * 移除用户权限,包含超管,一般用于移除超管权限 * @param params * @return */ - @PostMapping("/api/saas-role-user/delete-admin-role") - ApiResult deleteAdminRole(@RequestBody @Valid @NotEmpty List params); + @PostMapping("/api/saas-role-user/delete-user-role-include-admin") + ApiResult deleteUserRoleIncludeAdmin(@RequestBody @Valid @NotEmpty List params); /** * 批量查询超管, 只能批量获取单个工作台台下的超管,业务系统需要根据返回的identityId和identityType查询identityProfile查询用户明细信息 diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRoleIncludeAdminParam.java similarity index 75% rename from tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java rename to tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRoleIncludeAdminParam.java index a29c29dd..d65ac28d 100644 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRoleIncludeAdminParam.java @@ -3,24 +3,30 @@ package cn.axzo.tyr.client.model.roleuser.req; import cn.axzo.tyr.client.model.enums.IdentityType; import lombok.Data; +import javax.validation.constraints.NotNull; + @Data -public class DeleteAdminRoleParam { +public class DeleteUserRoleIncludeAdminParam { /** * 工作台id,与context校验 */ + @NotNull private Long workspaceId; /** * 单位id : 非必填 */ + @NotNull private Long ouId; /** * 被赋予角色的人的身份id */ + @NotNull private Long identityId; /** * 身份类型,必填 */ + @NotNull private IdentityType identityType; } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java index 3266816e..bb1137da 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java @@ -12,15 +12,7 @@ import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi; import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO; import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO; import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO; -import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam; -import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam; -import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam; -import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam; -import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam; -import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam; -import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam; -import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq; -import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam; +import cn.axzo.tyr.client.model.roleuser.req.*; import cn.axzo.tyr.server.service.SaasRoleUserRelationService; import cn.axzo.tyr.server.service.SaasRoleUserService; import lombok.RequiredArgsConstructor; @@ -77,8 +69,8 @@ public class RoleUserController implements TyrSaasRoleUserApi { } @Override - public ApiResult deleteAdminRole(List params) { - // todo cn.axzo.basics.auth.api.SaasRoleApi#ungrantAdminRole + public ApiResult deleteUserRoleIncludeAdmin(List params) { + saasRoleUserService.deleteUserRoleIncludeAdmin(params); return ApiResult.ok(true); } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java index b14d5ad5..64484962 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java @@ -9,10 +9,8 @@ import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation; import java.util.List; import java.util.Set; -import cn.axzo.tyr.client.model.enums.IdentityType; import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO; import cn.axzo.tyr.client.model.roleuser.req.*; -import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation; /** * @author tanjie@axzo.cn @@ -72,9 +70,9 @@ public interface SaasRoleUserService { List superAdminList(SuperAdminParam param); /** - * 移除管理员 + * 移除用户角色包含超管 * @param params * @return */ - boolean deleteAdminRole(List params); + boolean deleteUserRoleIncludeAdmin(List params); } \ No newline at end of file diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java index a817997c..4c580cc8 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java @@ -18,9 +18,6 @@ import cn.axzo.pokonyan.config.mybatisplus.BaseEntity; import cn.axzo.tyr.client.common.enums.RoleTypeEnum; import cn.axzo.tyr.client.model.BaseWorkspaceModel; import cn.axzo.tyr.client.model.enums.IdentityType; -import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam; -import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam; -import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq; import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO; import cn.axzo.tyr.client.model.roleuser.req.*; import cn.axzo.tyr.server.repository.dao.SaasRoleDao; @@ -174,8 +171,25 @@ public class RoleUserService implements SaasRoleUserService { @Override @Transactional(rollbackFor = Exception.class) - public boolean deleteAdminRole(List params) { - - return false; + public boolean deleteUserRoleIncludeAdmin(List params) { + if (CollectionUtils.isEmpty(params)) { + return false; + } + params.forEach(param -> { + List roles = saasRoleDao.lambdaQuery() + .eq(SaasRole::getWorkspaceId, param.getWorkspaceId()).eq(SaasRole::getOwnerOuId, param.getOuId()).eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list(); + if (CollectionUtils.isEmpty(roles)) { + return; + } + List roleIds = roles.stream().map(SaasRole::getId).sorted().collect(Collectors.toList()); + List relations = roleUserRelationDao.lambdaQuery().in(SaasRoleUserRelation::getRoleId, roleIds) + .eq(SaasRoleUserRelation::getIdentityId, param.getIdentityId()).eq(SaasRoleUserRelation::getIdentityType, param.getIdentityType().getCode()) + .eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list(); + if (CollectionUtils.isNotEmpty(relations)) { + relations.forEach(r -> r.setIsDelete(r.getId())); + roleUserRelationDao.updateBatchById(relations); + } + }); + return true; } }