feat(2046) 班组管理员相关权限添加批量取消授权功能

tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/WorkerManagerRoleUserReq.java

@@ -37,7 +37,7 @@ public class WorkerManagerRoleUserReq {
     private Integer resourceType;
     @NotNull
     private Long resourceId;
-    private boolean ungrant = false;
+
     private IdentityType identityType;
     private Long identityId;
     private Long personId;
@@ -48,6 +48,25 @@ public class WorkerManagerRoleUserReq {
     @NotEmpty
     private List<Long> permissionGroupId;
 
+// -------------
+    /**
+     * 是否取消授权
+     */
+    @Builder.Default
+    private boolean ungrant = false;
+    /**
+     * 是否取消所有权限，是的话则不消费permissionGroupId
+     */
+    @Builder.Default
+    private boolean isUngrantAll = false;
+
+    /**
+     * 取消所有授权的角色分组 saas role group 上的categoryCode;
+     * 只有在isUngrantAll时生效
+     * #{@link SaasPositionEnum}
+     */
+    private String roleGroupCategoryCode;
+
 
 
 

tyr-server/src/main/java/cn/axzo/tyr/server/model/RoleUserInfo.java

@@ -7,6 +7,7 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 
 import java.util.List;
+import java.util.Set;
 
 /**
  * @author tanjie@axzo.cn
@@ -24,7 +25,7 @@ public class RoleUserInfo {
     private IdentityType identityType;
     private Long identityId;
     private Long personId;
-    private List<Long> roleId;
+    private Set<Long> roleId;
 
 
 }

tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupRelationDao.java

@@ -9,8 +9,10 @@ import org.apache.commons.collections.CollectionUtils;
 import org.springframework.stereotype.Repository;
 
 import java.io.Serializable;
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
+import java.util.Set;
 
 @Repository
 public class SaasRoleGroupRelationDao extends ServiceImpl<SaasRoleGroupRelationMapper, SaasRoleGroupRelation> {
@@ -41,5 +43,14 @@ public class SaasRoleGroupRelationDao extends ServiceImpl<SaasRoleGroupRelationM
 				.set(BaseEntity::getIsDelete,1L)
 				.update();
 	}
+
+	public List<SaasRoleGroupRelation> findByGroupId(Set<Long> groupIds) {
+		if (CollectionUtils.isEmpty(groupIds)) {
+			return new ArrayList<>();
+		}
+		return lambdaQuery().eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL)
+				.in(SaasRoleGroupRelation::getSaasRoleGroupId, groupIds).list();
+	}
+
 }
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java

@@ -5,6 +5,7 @@ import cn.axzo.basics.common.exception.ServiceException;
 import cn.axzo.basics.common.util.AssertUtil;
 import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
 import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import cn.axzo.tyr.client.common.enums.SaasPositionEnum;
 import cn.axzo.tyr.client.model.BaseWorkspaceModel;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.enums.WorkerLeaderRoleEnum;
@@ -14,16 +15,22 @@ import cn.axzo.tyr.client.model.roleuser.req.GantOrUnGantaWorkerLeaderRoleReq;
 import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
 import cn.axzo.tyr.client.model.roleuser.req.WorkerManagerRoleUserReq;
+import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
 import cn.axzo.tyr.server.model.RoleUserInfo;
 import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
+import cn.axzo.tyr.server.repository.dao.SaasRoleGroupRelationDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
 import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
 import cn.axzo.tyr.server.repository.entity.SaasRole;
+import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
+import cn.axzo.tyr.server.service.SaasRoleGroupRelationService;
+import cn.axzo.tyr.server.service.SaasRoleGroupService;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
 import cn.hutool.core.collection.CollectionUtil;
+import cn.hutool.core.util.StrUtil;
 import com.alibaba.nacos.common.utils.CollectionUtils;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper;
@@ -54,6 +61,8 @@ public class RoleUserService implements SaasRoleUserService {
     private final SaasRoleUserRelationDao roleUserRelationDao;
     private final SaasRoleDao saasRoleDao;
     private final SaasPgroupRoleRelationDao saasPgroupRoleRelationDao;
+    private final SaasRoleGroupService saasRoleGroupService;
+    private final SaasRoleGroupRelationDao saasRoleGroupRelationDao;
 
     // 单位类型默认角色关系,后面可以座位管理员的逻辑进行迭代
     @Value("#{${participateUnitDefaultRoleId:{}}}")
@@ -315,6 +324,7 @@ public class RoleUserService implements SaasRoleUserService {
     }
 
     @Override
+    @Transactional
     public void grantOrUngrantWorkerManager(WorkerManagerRoleUserReq req) {
         // 查询出角色ID
         List<SaasPgroupRoleRelation> saasPgroupRoleRelations = saasPgroupRoleRelationDao.listByIds(req.getPermissionGroupId());
@@ -334,7 +344,7 @@ public class RoleUserService implements SaasRoleUserService {
                 .ouId(req.getOuId())
                 .identityId(req.getIdentityId())
                 .identityType(req.getIdentityType())
-                .roleId(roleInfos.stream().map(BaseEntity::getId).distinct().collect(Collectors.toList()))
+                .roleId(roleInfos.stream().map(BaseEntity::getId).distinct().collect(Collectors.toSet()))
                 .build();
         // 授权
         if (!req.isUngrant()) {
@@ -357,6 +367,24 @@ public class RoleUserService implements SaasRoleUserService {
             return;
         }
         // 取消授权
+        if (!req.isUngrantAll()) {
+            roleUserRelationDao.removeByResource(roleUserBaseInfo);
+            return;
+        }
+        //  取消所有权限
+        String categoryCode = req.getRoleGroupCategoryCode();
+        if (StrUtil.isBlank(categoryCode)) {
+            throw new ServiceException("不支持清除该人员所有角色，请指定分组");
+        }
+        List<SaasRoleGroupVO> saasRoleGroupVO = saasRoleGroupService.listByCategoryCode(categoryCode);
+        List<SaasRoleGroupRelation> roleGroupRelations = saasRoleGroupRelationDao.findByGroupId(saasRoleGroupVO.stream().map(SaasRoleGroupVO::getId).collect(Collectors.toSet()));
+        Set<Long> roleIds = roleGroupRelations.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toSet());
+        if (CollectionUtil.isEmpty(roleIds)) {
+            return;
+        }
+        roleUserBaseInfo.setRoleId(roleIds);
         roleUserRelationDao.removeByResource(roleUserBaseInfo);
+
     }
+
 }