feat: 添加非管理员角色进行角色变更的接口

tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java

@@ -0,0 +1,25 @@
+package cn.axzo.tyr.client.feign;
+
+import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import javax.validation.Valid;
+
+/**
+ * 角色
+ */
+@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
+public interface TyrSaasRoleUserApi {
+
+    /**
+     * 保存/更新 用户的角色，每次传入新的角色ID时都会覆盖原来的所有角色
+     */
+    @PostMapping("/api/saas-role-user/save-or-update")
+    ApiResult<Void> saveOrUpdate(@RequestBody  @Valid  RoleUserReq req);
+
+
+
+}

tyr-api/src/main/java/cn/axzo/tyr/client/model/BaseWorkspaceModel.java

@@ -0,0 +1,45 @@
+package cn.axzo.tyr.client.model;
+
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author tanjie@axzo.cn
+ * @date 2023/9/13 16:09
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class BaseWorkspaceModel {
+
+    /**
+     * 工作台id
+     */
+    @NotNull
+    private Long workspaceId;
+
+    /**
+     * 单位id
+     */
+    @NotNull
+    private Long ouId;
+
+    /**
+     * 身份id
+     */
+    @NotNull
+    private Long identityId;
+
+    /**
+     * 身份类型
+     */
+    @NotNull
+    private IdentityType identityType;
+
+}

tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/RoleUserReq.java

@@ -0,0 +1,55 @@
+package cn.axzo.tyr.client.model.roleuser.req;
+
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+
+/**
+ * @author tanjie@axzo.cn
+ * @date 2023/9/13 15:38
+ */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class RoleUserReq {
+
+    /**
+     * 工作台id
+     */
+    @NotNull
+    private Long workspaceId;
+
+    /**
+     * 单位id
+     */
+    @NotNull
+    private Long ouId;
+
+
+    private Long personId;
+    /**
+     * 身份id
+     */
+    @NotNull
+    private Long identityId;
+
+    /**
+     * 身份类型
+     */
+    @NotNull
+    private IdentityType identityType;
+    /**
+     * 完整的update，所有RoleId都被更新
+     */
+    @NotEmpty
+    private List<Long> updateRoleIds;
+
+}

tyr-server/src/main/java/cn/axzo/tyr/server/common/enums/RoleTypeEnum.java

@@ -0,0 +1,47 @@
+package cn.axzo.tyr.server.common.enums;
+
+import com.baomidou.mybatisplus.annotation.EnumValue;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.Getter;
+
+import java.util.Arrays;
+import java.util.Map;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+
+/**
+ * @author tanjie@axzo.cn
+ * @date 2023/9/13 16:35
+ */
+
+@Getter
+@AllArgsConstructor
+public enum RoleTypeEnum {
+
+    //角色类型：common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
+    COMMON("common", "普通角色",false),
+    SUPER_ADMIN("super_admin", "超级管理员",true),
+    ADMIN("admin", "子管理员",true),
+    INIT("init", "初始化内置角色",false);
+
+    @EnumValue
+    private final String value;
+    private final String desc;
+    private final boolean isAdmin;
+
+    private static Map<String, RoleTypeEnum> map = null;
+
+    public static RoleTypeEnum getRoleType(String value) {
+        if (map == null) {
+            map = Arrays.stream(values())
+                    .collect(Collectors.toMap(RoleTypeEnum::getValue, Function.identity()));
+        }
+        return map.get(value);
+    }
+
+    public  boolean isAdminRole() {
+        return isAdmin;
+    }
+
+}

tyr-server/src/main/java/cn/axzo/tyr/server/common/util/StreamUtil.java

@@ -0,0 +1,17 @@
+package cn.axzo.tyr.server.common.util;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+
+/**
+ * @author tanjie@axzo.cn
+ * @date 2023/9/13 16:24
+ */
+public class StreamUtil {
+
+    public static <T,R> List<R> mapToList(Collection<T> collection, Function<T,R> function) {
+        return collection.stream().map(function).collect(Collectors.toList());
+    }
+}

tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java

@@ -0,0 +1,29 @@
+package cn.axzo.tyr.server.controller.roleuser;
+
+import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.server.repository.service.SaasRoleUserRelationDao;
+import cn.axzo.tyr.server.service.SaasRoleUserService;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.validation.Valid;
+
+/**
+ * @author tanjie@axzo.cn
+ * @date 2023/9/13 15:47
+ */
+@Slf4j
+@RestController
+@RequiredArgsConstructor
+public class RoleUserController implements TyrSaasRoleUserApi {
+    private final SaasRoleUserService saasRoleUserService;
+    @Override
+    public ApiResult<Void> saveOrUpdate(@Valid RoleUserReq req) {
+        saasRoleUserService.saveOrUpdate(req);
+        return ApiResult.ok();
+
+    }
+}

tyr-server/src/main/java/cn/axzo/tyr/server/repository/service/SaasRoleUserRelationDao.java

@@ -2,8 +2,11 @@ package cn.axzo.tyr.server.repository.service;
 
 import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
 import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
+import cn.axzo.tyr.client.model.BaseWorkspaceModel;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 import cn.axzo.tyr.server.repository.mapper.SaasRoleUserRelationMapper;
+import cn.hutool.core.collection.CollectionUtil;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import org.springframework.stereotype.Repository;
 
@@ -29,5 +32,26 @@ public class SaasRoleUserRelationDao extends ServiceImpl<SaasRoleUserRelationMap
 			.update();
 	}
 
+	/**
+	 *  若未传入roleId会导致用户所以角色都被清除。
+	 * @param baseWorkspaceModel
+	 * @param roleId 删除指定角色
+	 */
+	public void deleteByUser(BaseWorkspaceModel baseWorkspaceModel,List<Long> roleId) {
+		remove(
+				lambdaQuery()
+						.eq(SaasRoleUserRelation::getIdentityId, baseWorkspaceModel.getIdentityId())
+						.eq(SaasRoleUserRelation::getIdentityType, baseWorkspaceModel.getIdentityType())
+						.eq(SaasRoleUserRelation::getWorkspaceId, baseWorkspaceModel.getWorkspaceId())
+						.eq(SaasRoleUserRelation::getOuId, baseWorkspaceModel.getOuId())
+						.eq(CollectionUtil.isNotEmpty(roleId), SaasRoleUserRelation::getRoleId, roleId)
+		);
+
+	}
+
+
+
+
+
 }
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java

@@ -0,0 +1,16 @@
+package cn.axzo.tyr.server.service;
+
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+
+import javax.validation.Valid;
+
+/**
+ * @author tanjie@axzo.cn
+ * @date 2023/9/13 15:36
+ */
+public interface SaasRoleUserService {
+
+    void saveOrUpdate( RoleUserReq req);
+
+
+}

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java

@@ -0,0 +1,103 @@
+package cn.axzo.tyr.server.service.impl;
+
+import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
+import cn.axzo.framework.domain.ServiceException;
+import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
+import cn.axzo.tyr.client.model.BaseWorkspaceModel;
+import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
+import cn.axzo.tyr.client.model.req.QuerySaasPermissionGroupReq;
+import cn.axzo.tyr.client.model.req.QuerySaasRoleGroupReq;
+import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
+import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.vo.SaasPermissionGroupVO;
+import cn.axzo.tyr.client.model.vo.SaasRoleVO;
+import cn.axzo.tyr.server.common.enums.RoleTypeEnum;
+import cn.axzo.tyr.server.common.util.StreamUtil;
+import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
+import cn.axzo.tyr.server.repository.entity.SaasRole;
+import cn.axzo.tyr.server.repository.entity.SaasRoleGroup;
+import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation;
+import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
+import cn.axzo.tyr.server.repository.service.SaasPgroupRoleRelationDao;
+import cn.axzo.tyr.server.repository.service.SaasRoleDao;
+import cn.axzo.tyr.server.repository.service.SaasRoleGroupDao;
+import cn.axzo.tyr.server.repository.service.SaasRoleGroupRelationDao;
+import cn.axzo.tyr.server.repository.service.SaasRoleUserRelationDao;
+import cn.axzo.tyr.server.service.PermissionGroupService;
+import cn.axzo.tyr.server.service.RoleService;
+import cn.axzo.tyr.server.service.SaasRoleUserService;
+import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.collection.CollectionUtil;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.stream.Collectors;
+
+/**
+ * 角色
+ *
+ * @version V1.0
+ * @author: ZhanSiHu
+ * @date: 2023/9/6 15:51
+ */
+@Slf4j
+@RequiredArgsConstructor
+@Service
+public class RoleUserService implements SaasRoleUserService {
+
+	private final SaasRoleUserRelationDao roleUserRelationDao;
+	private final SaasRoleDao saasRoleDao;
+	@Override
+	@Transactional(rollbackFor = Exception.class)
+	public void saveOrUpdate(RoleUserReq req) {
+
+		if (CollectionUtil.isEmpty(req.getUpdateRoleIds())) {
+			throw new ServiceException("当前不支持空角色");
+		}
+
+		List<SaasRole> roles = saasRoleDao.listByIds(req.getUpdateRoleIds());
+		if (roles.stream().anyMatch(e -> RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole())) {
+			throw new ServiceException("暂不支持更换管理员角色");
+		}
+
+		List<SaasRoleUserRelation> existsRoleUser = roleUserRelationDao.query(req.getIdentityId(), req.getIdentityType().getCode(), req.getWorkspaceId(), req.getOuId());
+		List<SaasRole> existsRole = saasRoleDao.listByIds(existsRoleUser.stream().mapToLong(SaasRoleUserRelation::getRoleId).boxed().collect(Collectors.toList()));
+		List<SaasRole> notAdminRole = existsRole.stream().filter(e -> !RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole()).collect(Collectors.toList());
+
+		roleUserRelationDao.deleteByUser(BaseWorkspaceModel.builder()
+				.workspaceId(req.getWorkspaceId())
+				.ouId(req.getOuId())
+				.identityId(req.getIdentityId())
+				.identityType(req.getIdentityType())
+				.build()
+				, notAdminRole
+						.stream()
+						.mapToLong(BaseEntity::getId)
+						.boxed()
+						.collect(Collectors.toList()));
+
+
+		roleUserRelationDao.saveBatch(req.getUpdateRoleIds().stream().map(e -> {
+			SaasRoleUserRelation saasRoleUserRelation = new SaasRoleUserRelation();
+			saasRoleUserRelation.setIdentityId(req.getIdentityId());
+			saasRoleUserRelation.setIdentityType(req.getIdentityType().getCode());
+			saasRoleUserRelation.setRoleId(e);
+			saasRoleUserRelation.setNaturalPersonId(req.getPersonId());
+			saasRoleUserRelation.setOuId(req.getOuId());
+			saasRoleUserRelation.setWorkspaceId(req.getWorkspaceId());
+			return saasRoleUserRelation;
+		}).collect(Collectors.toList()));
+
+	}
+}