删除超管角色

2023-10-21 15:35:08 +08:00 · 2023-10-21 15:35:08 +08:00 · e2f692f830
commit e2f692f830
parent ce880c2686
5 changed files with 67 additions and 44 deletions
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@ -20,6 +20,7 @@ public interface TyrSaasRoleUserApi {

    /**
     * 保存/更新 用户的角色，每次传入新的角色ID时都会覆盖原来的所有角色
+     * 此接口不能修改非管理员角色
     */
    @PostMapping("/api/saas-role-user/save-or-update")
    ApiResult<Void> saveOrUpdate(@RequestBody  @Valid  RoleUserReq req);
@ -30,6 +31,11 @@ public interface TyrSaasRoleUserApi {
    @PostMapping("/api/saas-role-user/create-super-admin-role")
    ApiResult<Void> createSuperAdminRole(@RequestBody @Valid @NotEmpty CreateSuperAdminRoleParam param);

+    /**
+     * 删除超管的所有角色
+     */
+    @PostMapping("/api/saas-role-user/delete-super-admin-all-role")
+    ApiResult<Void> deleteSuperAdminAllRole(@RequestBody @Valid @NotEmpty DeleteSuperAdminRoleParam param);
    /**
     * 用户角色列表 限制1000条
     */
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteSuperAdminRoleParam.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteSuperAdminRoleParam.java
@ -0,0 +1,35 @@
+package cn.axzo.tyr.client.model.roleuser.req;
+
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import lombok.Data;
+
+import javax.validation.constraints.NotNull;
+
+@Data
+public class DeleteSuperAdminRoleParam {
+
+	/**
+	 * 工作台id，与context校验
+	 */
+	@NotNull(message = "workspaceId不能为空")
+	private Long workspaceId;
+
+	/**
+	 * 单位id
+	 */
+	@NotNull(message = "ouId不能为空")
+	private Long ouId;
+
+	/**
+	 * 身份id
+	 */
+	@NotNull(message = "identityId不能为空")
+	private Long identityId;
+
+	/**
+	 * 身份类型
+	 */
+	@NotNull(message = "identityType不能为空")
+	private IdentityType identityType;
+
+}
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@ -44,6 +44,12 @@ public class RoleUserController implements TyrSaasRoleUserApi {
        return ApiResult.ok();
    }

+    @Override
+    public ApiResult<Void> deleteSuperAdminAllRole(DeleteSuperAdminRoleParam param) {
+        saasRoleUserService.deleteSuperAdminAllRole(param);
+        return ApiResult.ok();
+    }
+
    /**
     * cn.axzo.basics.auth.api.SaasRoleApi#batchFindSuperAdmin
     * @param param
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@ -64,4 +64,8 @@ public interface SaasRoleUserService {
    List<SuperAminInfoResp> batchSuperAdminList(List<SuperAdminParam> param);

    List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds);
+    /**
+     * 删除超管的所有角色
+     */
+    void deleteSuperAdminAllRole(DeleteSuperAdminRoleParam param);
 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@ -9,11 +9,7 @@ import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.BaseWorkspaceModel;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAminInfoResp;
-import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleIncludeAdminParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
-import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleGroupDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleGroupRelationDao;
@ -52,8 +48,7 @@ public class RoleUserService implements SaasRoleUserService {

 	private final SaasRoleUserRelationDao roleUserRelationDao;
 	private final SaasRoleDao saasRoleDao;
-	private final SaasRoleGroupRelationDao roleGroupRelationDao;
-	private final SaasRoleGroupDao roleGroupDao;
+
 	@Override
 	@Transactional(rollbackFor = Exception.class)
 	public void saveOrUpdate(RoleUserReq req) {
@ -230,43 +225,6 @@ public class RoleUserService implements SaasRoleUserService {
 		}).collect(Collectors.toList());
 	}

-	private List<SaasRoleGroupRelation> filterAgencyAdminRoleGroupRelation(CreateAgencyAdminRoleParam param) {
-		// 根据传入的角色id筛选出内置角色
-		List<SaasRole> saasRoles = saasRoleDao.lambdaQuery().in(SaasRole::getId, param.getUpdateRoleIds())
-				.eq(SaasRole::getRoleType, RoleTypeEnum.INIT.getValue())
-				.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
-		if (CollUtil.isEmpty(saasRoles)) {
-			throw new ServiceException("选中角色中无角色可以给改分包公司所属类型适用");
-		}
-		// 传入的角色id对应的角色可能不存在|已删除|不是内置角色，需要重新过滤一次
-		List<Long> roleIds = saasRoles.stream().map(SaasRole::getId).sorted().collect(Collectors.toList());
-		// 获取这些角色对应的分组，角色必须绑定在某个分组下，删除分组时候需要判断分组下是否有角色，否则不能删除，但是如果手动删除数据或者创建角色和删除分组时候出现并发，可能导致这种角色对应的分组不存在，需要人工处理
-		List<SaasRoleGroupRelation> roleGroupRelations = roleGroupRelationDao.lambdaQuery().in(SaasRoleGroupRelation::getRoleId, roleIds).eq(SaasRoleGroupRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
-		if (CollectionUtils.isEmpty(roleGroupRelations)) {
-			log.error("数据异常，所选角色没有对应角色分组信息：roleId {}", JSON.toJSONString(roleIds));
-			throw new ServiceException("数据错误，所选角色没有对应角色分组信息，请联系管理员");
-		}
-		/*
-		 *	根据角色分组上的适用单位类型，来筛选出符合传入的单位类型的角色信息
-		 */
-		List<Long> roleGroupIds = roleGroupRelations.stream().map(SaasRoleGroupRelation::getSaasRoleGroupId).sorted().collect(Collectors.toList());
-		List<SaasRoleGroup> roleGroups = roleGroupDao.lambdaQuery().in(SaasRoleGroup::getId, roleGroupIds).eq(SaasRoleGroup::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
-		if (CollectionUtils.isEmpty(roleGroups)) {
-			log.error("数据错误，角色关联已被删除的分组信息，roleId {}， roleGroupIds {}", JSON.toJSONString(roleIds), JSON.toJSONString(roleGroupIds));
-			throw new ServiceException("数据错误，角色关联已被删除的分组信息，请联系管理员");
-		}
-		Set<Long> matchedRoleGroupIds = roleGroups.stream().filter(g -> {
-			if (StringUtils.isBlank(g.getOuTypeCode())) {
-				return false;
-			}
-			return Arrays.stream(g.getOuTypeCode().split(",")).filter(StringUtils::isNotBlank).anyMatch(s -> StringUtils.equals(s, param.getOrganizationalUnitTypeCode().toString()));
-		}).map(SaasRoleGroup::getId).collect(Collectors.toSet());
-		if (CollectionUtils.isEmpty(matchedRoleGroupIds)) {
-			throw new ServiceException("选中角色中无角色可以给改分包公司所属类型适用");
-		}
-		return roleGroupRelations.stream().filter(r -> matchedRoleGroupIds.contains(r.getSaasRoleGroupId())).collect(Collectors.toList());
-	}
-
 	@Override
 	public List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds) {
 		if (CollectionUtil.isEmpty(roleIds)) {
@ -276,4 +234,18 @@ public class RoleUserService implements SaasRoleUserService {
 				.in(SaasRoleUserRelation::getRoleId, roleIds));
 	}

+
+	@Override
+	public void deleteSuperAdminAllRole(DeleteSuperAdminRoleParam req) {
+		// 查询用户所有角色
+		List<SaasRoleUserRelation> existsRoleUser = roleUserRelationDao.query(req.getIdentityId(), req.getIdentityType().getCode(), req.getWorkspaceId(), req.getOuId());
+		if (CollectionUtils.isNotEmpty(existsRoleUser)) {
+			List<Long> existsRoleIds = existsRoleUser.stream().mapToLong(SaasRoleUserRelation::getRoleId).boxed().collect(Collectors.toList());
+			BaseWorkspaceModel workspaceModel = BaseWorkspaceModel.builder()
+					.workspaceId(req.getWorkspaceId()).ouId(req.getOuId())
+					.identityId(req.getIdentityId()).identityType(req.getIdentityType())
+					.build();
+			roleUserRelationDao.deleteByUser(workspaceModel, existsRoleIds);
+		}
+	}
 }