From 31958870c91eae3505f1497078af820c5609c4d1 Mon Sep 17 00:00:00 2001
From: yangsong <yangsong@axzo.cn>
Date: Tue, 17 Oct 2023 16:59:20 +0800
Subject: [PATCH 01/12] =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E8=BF=81=E7=A7=BB?=
 =?UTF-8?q?=EF=BC=8C=E6=8E=A5=E5=8F=A3=E5=AE=9A=E4=B9=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../tyr/client/feign/TyrSaasRoleUserApi.java  | 55 +++++++++++++---
 .../roleuser/dto/CreateAdminRoleDTO.java      | 47 ++++++++++++++
 .../model/roleuser/dto/SuperAdminInfoDTO.java | 42 ++++++++++++
 .../req/CreateAgencyAdminRoleParam.java       | 65 +++++++++++++++++++
 .../req/CreateWorkspaceAdminRoleParam.java    | 51 +++++++++++++++
 .../roleuser/req/DeleteAdminRoleParam.java    | 47 ++++++++++++++
 .../model/roleuser/req/SuperAdminParam.java   | 33 ++++++++++
 .../roleuser/RoleUserController.java          | 38 +++++++++--
 8 files changed, 364 insertions(+), 14 deletions(-)
 create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/CreateAdminRoleDTO.java
 create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java
 create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateAgencyAdminRoleParam.java
 create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateWorkspaceAdminRoleParam.java
 create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java
 create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java

diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index 8ce58b65..a8139c18 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -1,19 +1,19 @@
 package cn.axzo.tyr.client.feign;
 
-import cn.axzo.framework.domain.web.result.ApiResult;
-import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
-import cn.azxo.framework.common.model.CommonResponse;
+import java.util.List;
+
+import javax.validation.Valid;
+import javax.validation.constraints.NotEmpty;
+
 import org.springframework.cloud.openfeign.FeignClient;
-import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 
-import javax.validation.Valid;
-import java.util.List;
+import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
+import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
+import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 
 /**
  * 角色
@@ -52,4 +52,39 @@ public interface TyrSaasRoleUserApi {
      */
     @PostMapping("api/saas-role-user/delete-user-role")
     ApiResult<Boolean> deleteUserRoles(@RequestBody @Valid DeleteUserRoleParam param);
+
+    /**
+     *
+     * @param param
+     * @return
+     */
+    @PostMapping("api/saas-role-user/create-agency-admin-role")
+    ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(@RequestBody @Valid CreateAgencyAdminRoleParam param);
+
+    @PostMapping("api/saas-role-user/create-workspace-admin-role")
+    ApiResult<CreateAdminRoleDTO> createWorkspaceAdminRole(@RequestBody @Valid @NotEmpty List<CreateWorkspaceAdminRoleParam> params);
+
+    /**
+     * 移除超管角色
+     * @param params
+     * @return
+     */
+    @PostMapping("api/saas-role-user/delete-admin-role")
+    ApiResult<Boolean> deleteAdminRole(@RequestBody @Valid @NotEmpty List<DeleteAdminRoleParam> params);
+
+    /**
+     * 批量查询超管
+     * @param params
+     * @return
+     */
+    @PostMapping("api/saas-role-user/super-admin-list")
+    ApiResult<List<SuperAdminInfoDTO>> superAdminList(@RequestBody @Valid @NotEmpty List<SuperAdminParam> params);
+
+    /**
+     * 查看超管详情
+     * @param param
+     * @return
+     */
+    @PostMapping("api/saas-role-user/super-admin")
+    ApiResult<SuperAdminInfoDTO> superAdmin(@RequestBody @Valid SuperAdminParam param);
 }
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/CreateAdminRoleDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/CreateAdminRoleDTO.java
new file mode 100644
index 00000000..2771e424
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/CreateAdminRoleDTO.java
@@ -0,0 +1,47 @@
+package cn.axzo.tyr.client.model.roleuser.dto;
+
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/5/11 11:20
+ * @description :
+ */
+@Data
+public class CreateAdminRoleDTO {
+
+	/**
+	 * 身份Id
+	 */
+	private Long identityId;
+
+	/**
+	 * 身份类型
+	 */
+	private IdentityType identityType;
+
+	/**
+	 * 账户Id
+	 *
+	 * @deprecated 此字段业务中不要使用，全部用身份id来处理业务
+	 */
+	@Deprecated
+	private Long accountId;
+
+	/**
+	 * 手机号
+	 */
+	private String phone;
+
+	/**
+	 * 真实姓名
+	 */
+	private String realName;
+
+	/**
+	 * 自然人Id
+	 */
+	private Long naturalPersonId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java
new file mode 100644
index 00000000..e9cba93c
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java
@@ -0,0 +1,42 @@
+package cn.axzo.tyr.client.model.roleuser.dto;
+
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import lombok.Data;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/17 16:20
+ * @description : 超管信息
+ */
+@Data
+public class SuperAdminInfoDTO {
+
+  /**
+   * 身份ID
+   */
+  private Long identityId;
+  
+  private IdentityType identityType;
+
+  /**
+   * 手机号
+   */
+  private String phone;
+
+  /**
+   * 姓名
+   */
+  private String realName;
+
+
+  /**
+   * 工作台Id
+   */
+  private Long workspaceId;
+
+  /**
+   * 单位Id
+   */
+  private Long ouId;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateAgencyAdminRoleParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateAgencyAdminRoleParam.java
new file mode 100644
index 00000000..476d6559
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateAgencyAdminRoleParam.java
@@ -0,0 +1,65 @@
+package cn.axzo.tyr.client.model.roleuser.req;
+
+import java.util.List;
+
+import javax.validation.constraints.Min;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Builder
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class CreateAgencyAdminRoleParam {
+
+	/**
+	 * 工作台id，与context校验
+	 */
+	@NotNull(message = "工作台Id不能为空")
+	private Long workspaceId;
+
+	/**
+	 * 单位id : 必填
+	 */
+	@NotNull(message = "单位Id不能为空")
+	private Long ouId;
+
+	/**
+	 * 单位类型
+	 */
+	@NotNull(message = "单位类型不能为空")
+	@Min(value = 1)
+	private Integer organizationalUnitType;
+
+	/**
+	 * 被赋予角色的人的身份类型
+	 */
+	@NotNull(message = "身份类型不能为空")
+	private IdentityType identityType;
+
+	/**
+	 * 手机号
+	 */
+	@NotBlank(message = "手机号不能为空")
+	private String phoneNo;
+
+	/**
+	 * 用户名
+	 */
+	@NotBlank(message = "用户名不能为空")
+	private String userName;
+
+	/**
+	 * 之前的所有RoleId都被更新
+	 */
+	@NotEmpty(message = "角色列表不能为空")
+	private List<Long> updateRoleIds;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateWorkspaceAdminRoleParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateWorkspaceAdminRoleParam.java
new file mode 100644
index 00000000..5fe62e57
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateWorkspaceAdminRoleParam.java
@@ -0,0 +1,51 @@
+package cn.axzo.tyr.client.model.roleuser.req;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+
+import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import lombok.Data;
+
+@Data
+public class CreateWorkspaceAdminRoleParam {
+
+	/**
+	 * 工作台id，与context校验
+	 */
+	@NotNull(message = "workspaceId不能为空")
+	private Long workspaceId;
+
+	/**
+	 * 单位id
+	 */
+	@NotNull(message = "ouId不能为空")
+	private Long ouId;
+
+	/**
+	 * 手机号
+	 */
+	@NotBlank(message = "phone不能为空")
+	private String phone;
+
+	/**
+	 * 昵称
+	 */
+	private String nickName;
+
+	/**
+	 * 角色Id，必填
+	 * 只能传SUPER_ADMIN，ADMIN
+	 */
+	private RoleTypeEnum roleType;
+
+	/**
+	 * 身份类型
+	 */
+	@NotNull(message = "identityType不能为空")
+	private IdentityType identityType;
+
+	@NotNull(message = "workspaceType不能为空")
+	private Integer workspaceType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java
new file mode 100644
index 00000000..0d2cbb7e
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java
@@ -0,0 +1,47 @@
+package cn.axzo.tyr.client.model.roleuser.req;
+
+import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
+import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import lombok.Data;
+
+@Data
+public class DeleteAdminRoleParam {
+
+    /**
+     * 工作台id，与context校验
+     */
+    private Long workspaceId;
+
+    /**
+     * 工作台类型
+     */
+    private Integer workspaceTypeCode;
+
+    /**
+     * 单位id : 非必填
+     */
+    private Long ouId;
+
+    /**
+     * 单位类型
+     */
+    private OrganizationalNodeTypeEnum nodeTypeEnum;
+
+    /**
+     * 被赋予角色的人的身份id
+     */
+    private Long identityId;
+
+    /**
+     * 身份类型，必填
+     */
+    private IdentityType identityType;
+
+    /**
+     * 角色Id，必填
+     * 只能传SUPER_ADMIN，ADMIN
+     */
+    private RoleTypeEnum roleType;
+
+}
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java
new file mode 100644
index 00000000..f14a640e
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java
@@ -0,0 +1,33 @@
+package cn.axzo.tyr.client.model.roleuser.req;
+
+import javax.validation.constraints.NotNull;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * @author : liuchuntao
+ * @date : 2022/6/17 16:28
+ * @description : 查询超管信息
+ */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class SuperAdminParam {
+
+  /**
+   * 工作台Id
+   */
+  @NotNull(message = "工作台Id不能为空")
+  private Long workspaceId;
+
+  /**
+   * 单位Id
+   */
+  @NotNull(message = "单位Id不能为空")
+  private Long ouId;
+
+}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
index 3c3bb6da..407b79dc 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@@ -2,19 +2,20 @@ package cn.axzo.tyr.server.controller.roleuser;
 
 import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
+import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
+import com.google.common.collect.Lists;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
 import javax.validation.Valid;
+import java.util.ArrayList;
 import java.util.List;
 
 /**
@@ -55,4 +56,33 @@ public class RoleUserController implements TyrSaasRoleUserApi {
         return ApiResult.ok(saasRoleUserService.deleteUserRoles(param));
     }
 
+    @Override
+    public ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(CreateAgencyAdminRoleParam param) {
+        // todo cn.axzo.basics.auth.api.SaasRoleApi#grantAgencyAdminRole
+        return ApiResult.ok(new CreateAdminRoleDTO());
+    }
+
+    @Override
+    public ApiResult<CreateAdminRoleDTO> createWorkspaceAdminRole(List<CreateWorkspaceAdminRoleParam> params) {
+        // todo cn.axzo.basics.auth.api.SaasRoleApi#grantAdminRoleByPhone
+        return ApiResult.ok(new CreateAdminRoleDTO());
+    }
+
+    @Override
+    public ApiResult<Boolean> deleteAdminRole(List<DeleteAdminRoleParam> params) {
+        // todo cn.axzo.basics.auth.api.SaasRoleApi#ungrantAdminRole
+        return ApiResult.ok(true);
+    }
+
+    @Override
+    public ApiResult<List<SuperAdminInfoDTO>> superAdminList(List<SuperAdminParam> params) {
+        //todo cn.axzo.basics.auth.api.SaasRoleApi#batchFindSuperAdmin
+        return ApiResult.ok(new ArrayList<>());
+    }
+
+    @Override
+    public ApiResult<SuperAdminInfoDTO> superAdmin(SuperAdminParam param) {
+        // todo cn.axzo.basics.auth.api.SaasRoleApi#findSuperAdmin
+        return ApiResult.ok(new SuperAdminInfoDTO());
+    }
 }

From cb6aa953e128a602630936c73d047495c8d41c9c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=87=91=E6=B5=B7=E6=B4=8B?= <jinhaiyang@axzo.cn>
Date: Tue, 17 Oct 2023 18:53:30 +0800
Subject: [PATCH 02/12] =?UTF-8?q?feat(server):=20=E5=A2=9E=E5=8A=A0?=
 =?UTF-8?q?=E5=88=A0=E9=99=A4=E5=B7=A5=E4=BD=9C=E5=8F=B0=E4=B8=8B=E7=9A=84?=
 =?UTF-8?q?=E6=89=80=E6=9C=89=E4=BA=BA=E5=91=98=E4=B8=8E=E5=B9=B3=E5=8F=B0?=
 =?UTF-8?q?=E8=A7=92=E8=89=B2=E6=8E=A5=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

https://jira.axzo.cn/browse/REQ-1502?goToView=1

modify:
1. 增加删除工作台下的所有人员与平台角色接口
---
 .../src/test/resources/role-user.http         | 12 ++++++
 .../tyr/client/feign/TyrSaasRoleUserApi.java  | 41 +++++++++++++------
 .../req/DeleteUserRolesOfWorkspaceParam.java  | 30 ++++++++++++++
 .../roleuser/RoleUserController.java          | 14 ++++++-
 .../server/service/SaasRoleUserService.java   | 10 ++++-
 .../server/service/impl/RoleUserService.java  | 19 +++++++++
 6 files changed, 111 insertions(+), 15 deletions(-)
 create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRolesOfWorkspaceParam.java

diff --git a/integration-test/src/test/resources/role-user.http b/integration-test/src/test/resources/role-user.http
index 3d1e2906..aa43bfaf 100644
--- a/integration-test/src/test/resources/role-user.http
+++ b/integration-test/src/test/resources/role-user.http
@@ -21,4 +21,16 @@ Content-Type: application/json
 > reponse-check.js
 
 
+###
+POST {{host}}/api/saas-role-user/delete-user-role-of-workspace
+Accept: application/json
+Content-Type: application/json
+
+{
+
+}
+
+> reponse-check.js
+
+
 
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index a8139c18..dab4f7e1 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -1,19 +1,25 @@
 package cn.axzo.tyr.client.feign;
 
-import java.util.List;
-
-import javax.validation.Valid;
-import javax.validation.constraints.NotEmpty;
-
-import org.springframework.cloud.openfeign.FeignClient;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-
 import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
-import cn.axzo.tyr.client.model.roleuser.req.*;
+import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import javax.validation.Valid;
+import javax.validation.constraints.NotEmpty;
+import java.util.List;
 
 /**
  * 角色
@@ -41,16 +47,16 @@ public interface TyrSaasRoleUserApi {
      * @param param
      * @return
      */
-    @PostMapping("api/saas-role-user/delete")
+    @PostMapping("/api/saas-role-user/delete")
     ApiResult<Boolean> deleteUserAllRoles(@RequestBody @Valid List<DeleteRoleUserParam> param);
 
     /**
-     * 新的 移除某个人在某个工作台的所有角色(除超管)
+     * 删除某个用户非超管角色(新)
      *
      * @param param
      * @return
      */
-    @PostMapping("api/saas-role-user/delete-user-role")
+    @PostMapping("/api/saas-role-user/delete-user-role")
     ApiResult<Boolean> deleteUserRoles(@RequestBody @Valid DeleteUserRoleParam param);
 
     /**
@@ -87,4 +93,13 @@ public interface TyrSaasRoleUserApi {
      */
     @PostMapping("api/saas-role-user/super-admin")
     ApiResult<SuperAdminInfoDTO> superAdmin(@RequestBody @Valid SuperAdminParam param);
+
+    /**
+     * 删除工作台下的所有人员与平台角色
+     *
+     * @param param
+     * @return
+     */
+    @PostMapping("/api/saas-role-user/delete-user-role-of-workspace")
+    ApiResult<Boolean> deleteUserRolesOfWorkspace(@RequestBody @Valid DeleteUserRolesOfWorkspaceParam param);
 }
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRolesOfWorkspaceParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRolesOfWorkspaceParam.java
new file mode 100644
index 00000000..2ef239e6
--- /dev/null
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRolesOfWorkspaceParam.java
@@ -0,0 +1,30 @@
+package cn.axzo.tyr.client.model.roleuser.req;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author haiyangjin
+ * @date 2023/10/17
+ */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class DeleteUserRolesOfWorkspaceParam {
+    /**
+     * 工作台id
+     */
+    @NotNull(message = "工作台ID不能为空")
+    private Long workspaceId;
+
+    /**
+     * 单位id
+     */
+    @NotNull(message = "单位ID不能为空")
+    private Long ouId;
+}
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
index 407b79dc..fed2e880 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@@ -4,6 +4,7 @@ import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
@@ -46,7 +47,7 @@ public class RoleUserController implements TyrSaasRoleUserApi {
     }
 
     /**
-     * 新的 移除某个人在某个工作台的所有角色(除超管)
+     * 删除用户非超管角色
      *
      * @param param
      * @return
@@ -56,6 +57,17 @@ public class RoleUserController implements TyrSaasRoleUserApi {
         return ApiResult.ok(saasRoleUserService.deleteUserRoles(param));
     }
 
+    /**
+     * 删除工作台下的所有人员与平台角色
+     *
+     * @param param
+     * @return
+     */
+    @Override
+    public ApiResult<Boolean> deleteUserRolesOfWorkspace(DeleteUserRolesOfWorkspaceParam param) {
+        return ApiResult.ok(saasRoleUserService.deleteUserRolesOfWorkspace(param));
+    }
+
     @Override
     public ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(CreateAgencyAdminRoleParam param) {
         // todo cn.axzo.basics.auth.api.SaasRoleApi#grantAgencyAdminRole
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
index 300a0a9d..5332a154 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@@ -3,7 +3,7 @@ package cn.axzo.tyr.server.service;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam;
 import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 
@@ -44,6 +44,14 @@ public interface SaasRoleUserService {
      */
     boolean deleteUserRoles(DeleteUserRoleParam param);
 
+    /**
+     * 删除某个工作台下的人和角色
+     *
+     * @param param
+     * @return
+     */
+    boolean deleteUserRolesOfWorkspace(DeleteUserRolesOfWorkspaceParam param);
+
 
     /**
      * <pre>
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
index 786d759a..09205041 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@@ -7,6 +7,7 @@ import cn.axzo.tyr.client.model.BaseWorkspaceModel;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam;
 import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
@@ -120,6 +121,7 @@ public class RoleUserService implements SaasRoleUserService {
 	}
 
 	@Override
+	@Transactional(rollbackFor = Exception.class)
 	public boolean deleteUserRoles(DeleteUserRoleParam param) {
 		List<SaasRole> roleList = saasRoleDao.lambdaQuery()
 				.eq(Objects.nonNull(param.getOuId()), SaasRole::getOwnerOuId, param.getOuId())
@@ -138,6 +140,23 @@ public class RoleUserService implements SaasRoleUserService {
 		return true;
 	}
 
+	@Override
+	@Transactional(rollbackFor = Exception.class)
+	public boolean deleteUserRolesOfWorkspace(DeleteUserRolesOfWorkspaceParam param) {
+		// 删除所有的角色
+		saasRoleDao.remove(Wrappers.lambdaQuery(SaasRole.class)
+				.eq(SaasRole::getWorkspaceId, param.getWorkspaceId())
+				.eq(SaasRole::getOwnerOuId, param.getOuId())
+				.eq(SaasRole::getRoleType, RoleTypeEnum.COMMON.getValue())
+		);
+		// 删除工作台下所有的人和角色的关系
+		roleUserRelationDao.remove(Wrappers.lambdaQuery(SaasRoleUserRelation.class)
+				.eq(SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
+				.eq(SaasRoleUserRelation::getOuId, param.getOuId())
+		);
+		return true;
+	}
+
 	@Override
 	public List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds) {
 		return roleUserRelationDao.queryByWorkspaceIdOrOu(identityId, identityType, workspaceIds, ouIds);

From 38b200e60076e21a36b11e3c8599e6703d90b051 Mon Sep 17 00:00:00 2001
From: yangsong <yangsong@axzo.cn>
Date: Tue, 17 Oct 2023 19:17:18 +0800
Subject: [PATCH 03/12] =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E8=BF=81=E7=A7=BB?=
 =?UTF-8?q?=EF=BC=8C=E5=88=A0=E9=99=A4=E7=AE=A1=E7=90=86=E5=91=98=E8=A7=92?=
 =?UTF-8?q?=E8=89=B2=E5=8F=82=E6=95=B0=E8=B0=83=E6=95=B4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../client/feign/PermissionPointApplyApi.java |  3 -
 .../tyr/client/feign/TyrSaasRoleUserApi.java  | 14 +----
 .../model/roleuser/dto/SuperAdminInfoDTO.java | 15 +----
 .../roleuser/req/DeleteAdminRoleParam.java    | 21 -------
 .../model/roleuser/req/SuperAdminParam.java   |  8 ++-
 .../PermissionPointApplyController.java       |  5 --
 .../roleuser/RoleUserController.java          | 30 +++++-----
 .../server/service/SaasRoleUserService.java   | 26 ++++++---
 .../server/service/impl/RoleUserService.java  | 56 +++++++++++++++----
 .../SaasFeatureApplyDetailServiceImpl.java    |  4 +-
 .../impl/SaasFeatureApplyServiceImpl.java     |  5 +-
 11 files changed, 91 insertions(+), 96 deletions(-)

diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionPointApplyApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionPointApplyApi.java
index d3f3906c..24cd5278 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionPointApplyApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionPointApplyApi.java
@@ -30,9 +30,6 @@ public interface PermissionPointApplyApi {
     @PostMapping(value = "/api/v1/permissionPoint/apply/submit")
     ApiResult<Long> submitApply(@RequestBody@Valid SubmitPermissionPointApplyVO apply);
 
-    @PostMapping(value = "/api/v1/permissionPoint/apply/update-detail")
-    ApiResult<Void> updateDetail(@RequestBody@Valid UpdatePermissionPointApplyVO updateDetail);
-
     @PostMapping(value = "/api/v1/permissionPoint/apply/bind")
     ApiResult<Void> bindWorkflowInstantce(@RequestBody@Valid BindWorkflowInstantceVO bind);
 
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index a8139c18..bf5d5731 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -73,18 +73,10 @@ public interface TyrSaasRoleUserApi {
     ApiResult<Boolean> deleteAdminRole(@RequestBody @Valid @NotEmpty List<DeleteAdminRoleParam> params);
 
     /**
-     * 批量查询超管
-     * @param params
-     * @return
-     */
-    @PostMapping("api/saas-role-user/super-admin-list")
-    ApiResult<List<SuperAdminInfoDTO>> superAdminList(@RequestBody @Valid @NotEmpty List<SuperAdminParam> params);
-
-    /**
-     * 查看超管详情
+     * 批量查询超管, 只能批量获取单个工作台台下的超管，业务系统需要根据返回的identityId和identityType查询identityProfile查询用户明细信息
      * @param param
      * @return
      */
-    @PostMapping("api/saas-role-user/super-admin")
-    ApiResult<SuperAdminInfoDTO> superAdmin(@RequestBody @Valid SuperAdminParam param);
+    @PostMapping("api/saas-role-user/super-admin-list")
+    ApiResult<List<SuperAdminInfoDTO>> superAdminList(@RequestBody @Valid SuperAdminParam param);
 }
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java
index e9cba93c..88a81e17 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java
@@ -1,6 +1,5 @@
 package cn.axzo.tyr.client.model.roleuser.dto;
 
-import cn.axzo.tyr.client.model.enums.IdentityType;
 import lombok.Data;
 
 /**
@@ -16,19 +15,7 @@ public class SuperAdminInfoDTO {
    */
   private Long identityId;
   
-  private IdentityType identityType;
-
-  /**
-   * 手机号
-   */
-  private String phone;
-
-  /**
-   * 姓名
-   */
-  private String realName;
-
-
+  private Integer identityType;
   /**
    * 工作台Id
    */
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java
index 0d2cbb7e..a29c29dd 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java
@@ -1,7 +1,5 @@
 package cn.axzo.tyr.client.model.roleuser.req;
 
-import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
-import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import lombok.Data;
 
@@ -12,22 +10,10 @@ public class DeleteAdminRoleParam {
      * 工作台id，与context校验
      */
     private Long workspaceId;
-
-    /**
-     * 工作台类型
-     */
-    private Integer workspaceTypeCode;
-
     /**
      * 单位id : 非必填
      */
     private Long ouId;
-
-    /**
-     * 单位类型
-     */
-    private OrganizationalNodeTypeEnum nodeTypeEnum;
-
     /**
      * 被赋予角色的人的身份id
      */
@@ -37,11 +23,4 @@ public class DeleteAdminRoleParam {
      * 身份类型，必填
      */
     private IdentityType identityType;
-
-    /**
-     * 角色Id，必填
-     * 只能传SUPER_ADMIN，ADMIN
-     */
-    private RoleTypeEnum roleType;
-
 }
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java
index f14a640e..11a0213f 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java
@@ -1,5 +1,8 @@
 package cn.axzo.tyr.client.model.roleuser.req;
 
+import java.util.List;
+
+import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 
 import lombok.AllArgsConstructor;
@@ -27,7 +30,6 @@ public class SuperAdminParam {
   /**
    * 单位Id
    */
-  @NotNull(message = "单位Id不能为空")
-  private Long ouId;
-
+  @NotEmpty(message = "单位Id不能为空")
+  private List<Long> ouIds;
 }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionPointApplyController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionPointApplyController.java
index 6e6b8956..94e780ff 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionPointApplyController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionPointApplyController.java
@@ -35,11 +35,6 @@ public class PermissionPointApplyController implements PermissionPointApplyApi {
         return ApiResult.ok(saasFeatureApplyService.saveApply(apply));
     }
 
-    @Override
-    public ApiResult<Void> updateDetail(UpdatePermissionPointApplyVO updateDetail) {
-        return null;
-    }
-
     @Override
     public ApiResult<Void> bindWorkflowInstantce(BindWorkflowInstantceVO bind) {
         saasFeatureApplyService.bindWorkflowInstantce(bind);
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
index 407b79dc..1989ffc8 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@@ -1,5 +1,12 @@
 package cn.axzo.tyr.server.controller.roleuser;
 
+import java.util.List;
+
+import javax.validation.Valid;
+
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
 import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
@@ -8,15 +15,8 @@ import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
-import com.google.common.collect.Lists;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
-
-import javax.validation.Valid;
-import java.util.ArrayList;
-import java.util.List;
 
 /**
  * @author tanjie@axzo.cn
@@ -74,15 +74,13 @@ public class RoleUserController implements TyrSaasRoleUserApi {
         return ApiResult.ok(true);
     }
 
+    /**
+     * cn.axzo.basics.auth.api.SaasRoleApi#batchFindSuperAdmin
+     * @param param
+     * @return
+     */
     @Override
-    public ApiResult<List<SuperAdminInfoDTO>> superAdminList(List<SuperAdminParam> params) {
-        //todo cn.axzo.basics.auth.api.SaasRoleApi#batchFindSuperAdmin
-        return ApiResult.ok(new ArrayList<>());
-    }
-
-    @Override
-    public ApiResult<SuperAdminInfoDTO> superAdmin(SuperAdminParam param) {
-        // todo cn.axzo.basics.auth.api.SaasRoleApi#findSuperAdmin
-        return ApiResult.ok(new SuperAdminInfoDTO());
+    public ApiResult<List<SuperAdminInfoDTO>> superAdminList(SuperAdminParam param) {
+        return ApiResult.ok(saasRoleUserService.superAdminList(param));
     }
 }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
index 300a0a9d..92d9a803 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@@ -1,15 +1,13 @@
 package cn.axzo.tyr.server.service;
 
-import cn.axzo.tyr.client.model.enums.IdentityType;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
-import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
-
 import java.util.List;
 import java.util.Set;
 
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
+import cn.axzo.tyr.client.model.roleuser.req.*;
+import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
+
 /**
  * @author tanjie@axzo.cn
  * @date 2023/9/13 15:36
@@ -60,4 +58,18 @@ public interface SaasRoleUserService {
      * @return
      */
     List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds);
+
+    /**
+     * 批量获取超管信息
+     * @param param
+     * @return
+     */
+    List<SuperAdminInfoDTO> superAdminList(SuperAdminParam param);
+
+    /**
+     * 移除管理员
+     * @param params
+     * @return
+     */
+    boolean deleteAdminRole(List<DeleteAdminRoleParam> params);
 }
\ No newline at end of file
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
index 786d759a..47756f0e 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@@ -1,30 +1,33 @@
 package cn.axzo.tyr.server.service.impl;
 
+import java.util.Collections;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import cn.axzo.tyr.client.model.roleuser.req.*;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import com.alibaba.nacos.common.utils.CollectionUtils;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+
+import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
 import cn.axzo.basics.common.exception.ServiceException;
 import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
 import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.BaseWorkspaceModel;
 import cn.axzo.tyr.client.model.enums.IdentityType;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
 import cn.axzo.tyr.server.repository.entity.SaasRole;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
 import cn.hutool.core.collection.CollectionUtil;
-import com.alibaba.nacos.common.utils.CollectionUtils;
-import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-
-import java.util.List;
-import java.util.Objects;
-import java.util.Set;
-import java.util.stream.Collectors;
 
 /**
  * 角色
@@ -142,4 +145,33 @@ public class RoleUserService implements SaasRoleUserService {
 	public List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds) {
 		return roleUserRelationDao.queryByWorkspaceIdOrOu(identityId, identityType, workspaceIds, ouIds);
 	}
+
+	@Override
+	public List<SuperAdminInfoDTO> superAdminList(SuperAdminParam param) {
+		if (param.getWorkspaceId() == null || CollectionUtil.isEmpty(param.getOuIds())) {
+			return Collections.emptyList();
+		}
+		List<SaasRoleUserRelation> relations = roleUserRelationDao.lambdaQuery()
+				.in(SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
+				.in(SaasRoleUserRelation::getOuId, param.getOuIds())
+				.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
+		if (CollectionUtils.isEmpty(relations)) {
+			return Collections.emptyList();
+		}
+		return relations.stream().map(r -> {
+			SuperAdminInfoDTO superAdminInfo = new SuperAdminInfoDTO();
+			superAdminInfo.setWorkspaceId(r.getWorkspaceId());
+			superAdminInfo.setOuId(r.getOuId());
+			superAdminInfo.setIdentityId(r.getIdentityId());
+			superAdminInfo.setIdentityType(r.getIdentityType());
+			return superAdminInfo;
+		}).collect(Collectors.toList());
+	}
+
+	@Override
+	@Transactional(rollbackFor = Exception.class)
+	public boolean deleteAdminRole(List<DeleteAdminRoleParam> params) {
+
+		return false;
+	}
 }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyDetailServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyDetailServiceImpl.java
index 96353fa1..d2140a7c 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyDetailServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyDetailServiceImpl.java
@@ -89,9 +89,9 @@ public class SaasFeatureApplyDetailServiceImpl implements SaasFeatureApplyDetail
     @Transactional(rollbackFor = Exception.class)
     public void updateApplyDetail(PermissionPointApplyDetailUpdateReq req) {
         SaasFeatureApplyDetail detail = BeanMapper.copyBean(req, SaasFeatureApplyDetail.class, (p, s) -> {
-            s.setFitOuTypeBit(p.getFitOuTypeList() == null ? "" : JSON.toJSONString(p.getFitOuTypeList()));
+            s.setFitOuTypeBit(p.getFitOuTypeList() == null ? "[65535]" : JSON.toJSONString(p.getFitOuTypeList()));
             s.setFitOuNodeTypeBit(
-                    p.getFitOuNodeTypeList() == null ? "" : JSON.toJSONString(p.getFitOuNodeTypeList()));
+                    p.getFitOuNodeTypeList() == null ? "[65535]" : JSON.toJSONString(p.getFitOuNodeTypeList()));
         });
         this.saveOrUpdate(Lists.newArrayList(detail));
     }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyServiceImpl.java
index 77121a73..52cf7340 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyServiceImpl.java
@@ -5,6 +5,7 @@ import java.util.function.Function;
 import java.util.stream.Collectors;
 
 import cn.axzo.tyr.client.model.enums.FeatureDataType;
+import com.google.common.collect.Lists;
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.collections4.MapUtils;
 import org.apache.commons.lang3.BooleanUtils;
@@ -423,9 +424,9 @@ public class SaasFeatureApplyServiceImpl implements SaasFeatureApplyService {
             detail.setSort(point.getSort());
             detail.setTerminal(point.getTerminal());
             detail.setFeatureType(point.getFeatureType());
-            detail.setFitOuTypeBit(point.getFitOuTypeList() == null ? "" : JSON.toJSONString(point.getFitOuTypeList()));
+            detail.setFitOuTypeBit(point.getFitOuTypeList() == null ? "[65535]" : JSON.toJSONString(point.getFitOuTypeList()));
             detail.setFitOuNodeTypeBit(
-                point.getFitOuNodeTypeList() == null ? "" : JSON.toJSONString(point.getFitOuNodeTypeList()));
+                point.getFitOuNodeTypeList() == null ? "[65535]" : JSON.toJSONString(point.getFitOuNodeTypeList()));
             detail.setDelegatedType(point.getDelegatedType());
             detail.setCreateBy(createBy);
             detail.setCreateAt(now);

From b05cc3a128da079a33659c440c04576668ebac65 Mon Sep 17 00:00:00 2001
From: yangsong <yangsong@axzo.cn>
Date: Tue, 17 Oct 2023 19:22:29 +0800
Subject: [PATCH 04/12] =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E8=BF=81=E7=A7=BB?=
 =?UTF-8?q?=EF=BC=8C=E5=88=A0=E9=99=A4=E7=AE=A1=E7=90=86=E5=91=98=E8=A7=92?=
 =?UTF-8?q?=E8=89=B2=E5=8F=82=E6=95=B0=E8=B0=83=E6=95=B4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../cn/axzo/tyr/server/service/SaasRoleUserService.java     | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
index 0c2c5817..7ace7776 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@@ -5,11 +5,7 @@ import java.util.Set;
 
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 
 /**

From a1b584c1efcfaf28fd54dc3677e2adb402d5515d Mon Sep 17 00:00:00 2001
From: yangsong <yangsong@axzo.cn>
Date: Tue, 17 Oct 2023 19:23:18 +0800
Subject: [PATCH 05/12] =?UTF-8?q?url=E6=B7=BB=E5=8A=A0=E5=89=8D=E7=BC=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index a2f817e8..a4bc114a 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -64,10 +64,10 @@ public interface TyrSaasRoleUserApi {
      * @param param
      * @return
      */
-    @PostMapping("api/saas-role-user/create-agency-admin-role")
+    @PostMapping("/api/saas-role-user/create-agency-admin-role")
     ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(@RequestBody @Valid CreateAgencyAdminRoleParam param);
 
-    @PostMapping("api/saas-role-user/create-workspace-admin-role")
+    @PostMapping("/api/saas-role-user/create-workspace-admin-role")
     ApiResult<CreateAdminRoleDTO> createWorkspaceAdminRole(@RequestBody @Valid @NotEmpty List<CreateWorkspaceAdminRoleParam> params);
 
     /**
@@ -75,7 +75,7 @@ public interface TyrSaasRoleUserApi {
      * @param params
      * @return
      */
-    @PostMapping("api/saas-role-user/delete-admin-role")
+    @PostMapping("/api/saas-role-user/delete-admin-role")
     ApiResult<Boolean> deleteAdminRole(@RequestBody @Valid @NotEmpty List<DeleteAdminRoleParam> params);
 
     /**
@@ -83,7 +83,7 @@ public interface TyrSaasRoleUserApi {
      * @param param
      * @return
      */
-    @PostMapping("api/saas-role-user/super-admin-list")
+    @PostMapping("/api/saas-role-user/super-admin-list")
     ApiResult<List<SuperAdminInfoDTO>> superAdminList(@RequestBody @Valid SuperAdminParam param);
 
     /**

From 0161d655c03a4cc452f85be80549afa1d9d92420 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=87=91=E6=B5=B7=E6=B4=8B?= <jinhaiyang@axzo.cn>
Date: Wed, 18 Oct 2023 09:36:49 +0800
Subject: [PATCH 06/12] =?UTF-8?q?feat(server):=20=E5=88=A0=E9=99=A4=20dele?=
 =?UTF-8?q?teUserRolesOfWorkspace=20=E6=8E=A5=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../tyr/client/feign/TyrSaasRoleUserApi.java  | 10 ---------
 .../roleuser/RoleUserController.java          | 22 ++++++++-----------
 .../server/service/SaasRoleUserService.java   | 15 +++++--------
 .../server/service/impl/RoleUserService.java  | 20 +++--------------
 4 files changed, 18 insertions(+), 49 deletions(-)

diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index a4bc114a..d9e090e2 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -9,7 +9,6 @@ import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam;
 import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
 import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
@@ -85,13 +84,4 @@ public interface TyrSaasRoleUserApi {
      */
     @PostMapping("/api/saas-role-user/super-admin-list")
     ApiResult<List<SuperAdminInfoDTO>> superAdminList(@RequestBody @Valid SuperAdminParam param);
-
-    /**
-     * 删除工作台下的所有人员与平台角色
-     *
-     * @param param
-     * @return
-     */
-    @PostMapping("/api/saas-role-user/delete-user-role-of-workspace")
-    ApiResult<Boolean> deleteUserRolesOfWorkspace(@RequestBody @Valid DeleteUserRolesOfWorkspaceParam param);
 }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
index 5de611c8..3266816e 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@@ -11,9 +11,16 @@ import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
-import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
-import cn.axzo.tyr.client.model.roleuser.req.*;
+import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
 import lombok.RequiredArgsConstructor;
@@ -57,17 +64,6 @@ public class RoleUserController implements TyrSaasRoleUserApi {
         return ApiResult.ok(saasRoleUserService.deleteUserRoles(param));
     }
 
-    /**
-     * 删除工作台下的所有人员与平台角色
-     *
-     * @param param
-     * @return
-     */
-    @Override
-    public ApiResult<Boolean> deleteUserRolesOfWorkspace(DeleteUserRolesOfWorkspaceParam param) {
-        return ApiResult.ok(saasRoleUserService.deleteUserRolesOfWorkspace(param));
-    }
-
     @Override
     public ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(CreateAgencyAdminRoleParam param) {
         // todo cn.axzo.basics.auth.api.SaasRoleApi#grantAgencyAdminRole
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
index 7ace7776..b14d5ad5 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@@ -1,5 +1,11 @@
 package cn.axzo.tyr.server.service;
 
+import cn.axzo.tyr.client.model.enums.IdentityType;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
+
 import java.util.List;
 import java.util.Set;
 
@@ -42,15 +48,6 @@ public interface SaasRoleUserService {
      */
     boolean deleteUserRoles(DeleteUserRoleParam param);
 
-    /**
-     * 删除某个工作台下的人和角色
-     *
-     * @param param
-     * @return
-     */
-    boolean deleteUserRolesOfWorkspace(DeleteUserRolesOfWorkspaceParam param);
-
-
     /**
      * <pre>
      *  查询人所在的工作台或者单位中的数据
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
index cf9ffa6a..a817997c 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@@ -18,6 +18,9 @@ import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
 import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.BaseWorkspaceModel;
 import cn.axzo.tyr.client.model.enums.IdentityType;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
+import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
+import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
@@ -142,23 +145,6 @@ public class RoleUserService implements SaasRoleUserService {
 		return true;
 	}
 
-	@Override
-	@Transactional(rollbackFor = Exception.class)
-	public boolean deleteUserRolesOfWorkspace(DeleteUserRolesOfWorkspaceParam param) {
-		// 删除所有的角色
-		saasRoleDao.remove(Wrappers.lambdaQuery(SaasRole.class)
-				.eq(SaasRole::getWorkspaceId, param.getWorkspaceId())
-				.eq(SaasRole::getOwnerOuId, param.getOuId())
-				.eq(SaasRole::getRoleType, RoleTypeEnum.COMMON.getValue())
-		);
-		// 删除工作台下所有的人和角色的关系
-		roleUserRelationDao.remove(Wrappers.lambdaQuery(SaasRoleUserRelation.class)
-				.eq(SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
-				.eq(SaasRoleUserRelation::getOuId, param.getOuId())
-		);
-		return true;
-	}
-
 	@Override
 	public List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds) {
 		return roleUserRelationDao.queryByWorkspaceIdOrOu(identityId, identityType, workspaceIds, ouIds);

From cd4751ebce0582d936efae2acd295c3510305b13 Mon Sep 17 00:00:00 2001
From: TanJ <tanjie@axzo.cn>
Date: Wed, 18 Oct 2023 10:56:58 +0800
Subject: [PATCH 07/12] feat: terminal
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

terminal查询逻辑调整
---
 .../java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java    | 2 +-
 .../axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java  | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java
index b68e4f8f..dff78ac7 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java
@@ -50,7 +50,7 @@ public class IdentityAuthReq {
     /**
      * {@link TerminalInfo#NT()}
      */
-    private String terminal;
+    private List<String> terminal;
     @Builder.Default
     private Set<Long> featureId = new HashSet<>();
     @Builder.Default
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
index e22b0cca..307e7045 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
@@ -424,7 +424,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
                             //通过子级查询父级并打平树型结构
                             List<PermissionPointTreeNode> allPermissionPoint = permissionPointService.listTreeNodesFlatChild(PermissionPointTreeQueryReq.builder()
                                     .ids(buttonPermissionPointId)
-                                    .terminalList(StrUtil.isNotBlank(identityAuthReq.getTerminal()) ? Collections.singletonList(identityAuthReq.getTerminal()) : new ArrayList<>())
+                                    .terminalList(identityAuthReq.getTerminal())
                                     .build());
 
                             workspacePermission.getPermissionPoint().addAll(allPermissionPoint.stream()
@@ -461,7 +461,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
                         //通过子级查询父级并平铺菜单
                         List<PermissionPointTreeNode> allPermissionPoint = permissionPointService.listTreeNodesFlatChild(PermissionPointTreeQueryReq.builder()
                                 .ids(new HashSet<>(resultHashAuthPointId))
-                                .terminalList(StrUtil.isNotBlank(identityAuthReq.getTerminal()) ? Collections.singletonList(identityAuthReq.getTerminal()) : new ArrayList<>())
+                                .terminalList(identityAuthReq.getTerminal())
                                 .build());
 
                         workspacePermission.getPermissionPoint().addAll(allPermissionPoint.stream()

From f967f9d7367d86d181fc20119b285bd2c774114f Mon Sep 17 00:00:00 2001
From: yangsong <yangsong@axzo.cn>
Date: Wed, 18 Oct 2023 11:13:28 +0800
Subject: [PATCH 08/12] =?UTF-8?q?=E6=9F=A5=E8=AF=A2=E8=A7=92=E8=89=B2?=
 =?UTF-8?q?=E5=88=97=E8=A1=A8bugfix?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../cn/axzo/tyr/server/service/impl/RoleServiceImpl.java   | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
index 76dc03cb..d1448da1 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
@@ -164,7 +164,8 @@ public class RoleServiceImpl implements RoleService {
 		}
 		// 根据工作台类型和单位类型查询角色分组
 		List<SaasRoleGroup> roleGroup = new ArrayList<>();
-		if (CollectionUtils.isNotEmpty(req.getWorkspaceTypeCode()) || CollectionUtils.isNotEmpty(req.getOuTypeCode())) {
+		// 如果传入了角色id就以传入的角色id为准
+		if (CollectionUtils.isEmpty(req.getIds()) && (CollectionUtils.isNotEmpty(req.getWorkspaceTypeCode()) || CollectionUtils.isNotEmpty(req.getOuTypeCode()))) {
 			roleGroup = saasRoleGroupDao.query(QuerySaasRoleGroupReq.builder()
 				.ids(req.getSassRoleGroupIds())
 				.workspaceTypeCode(req.getWorkspaceTypeCode())
@@ -189,8 +190,8 @@ public class RoleServiceImpl implements RoleService {
 			.in(CollectionUtils.isNotEmpty(req.getIds()), BaseEntity::getId, req.getIds())
 			.in(CollectionUtils.isNotEmpty(groupRelation), BaseEntity::getId, groupRelation.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toList()))
 			.in(CollectionUtils.isNotEmpty(req.getRoleType()), SaasRole::getRoleType, req.getRoleType())
-			.in(CollectionUtils.isNotEmpty(req.getWorkspaceId()),SaasRole::getWorkspaceId,req.getWorkspaceId())
-			.in(CollectionUtils.isNotEmpty(req.getOuId()),SaasRole::getOwnerOuId,req.getOuId())
+			.in(CollectionUtils.isEmpty(req.getIds()) && CollectionUtils.isNotEmpty(req.getWorkspaceId()),SaasRole::getWorkspaceId,req.getWorkspaceId())
+			.in(CollectionUtils.isEmpty(req.getIds()) && CollectionUtils.isNotEmpty(req.getOuId()),SaasRole::getOwnerOuId,req.getOuId())
 			.orderByDesc(BaseEntity::getId)
 			.list();
 		return getByIds(list.stream().map(BaseEntity::getId).collect(Collectors.toList()), req.getIsCommon(),req.getWorkspaceId(),req.getOuId(),req.getIncludePermissionGroup());

From 692a0a0e66523ddf59f4912cc648e260f492a8a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BC=A0=E5=BC=98=E6=98=8A?= <zhanghonghao@axzo.cn>
Date: Wed, 18 Oct 2023 14:47:00 +0800
Subject: [PATCH 09/12] =?UTF-8?q?=E5=88=9B=E5=BB=BA=E8=B6=85=E7=BA=A7?=
 =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=91=98=E8=A7=92=E8=89=B2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../tyr/client/feign/TyrSaasRoleUserApi.java  |  4 +-
 ...ram.java => CreateSuperAminRoleParam.java} | 29 +++++++++----
 .../roleuser/RoleUserController.java          |  7 ++-
 .../server/repository/dao/SaasRoleDao.java    | 28 ++++++++++++
 .../server/service/SaasRoleUserService.java   | 12 ++++--
 .../server/service/impl/RoleUserService.java  | 43 +++++++++++++++++++
 6 files changed, 104 insertions(+), 19 deletions(-)
 rename tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/{CreateWorkspaceAdminRoleParam.java => CreateSuperAminRoleParam.java} (55%)

diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index a8139c18..c4dd4a8b 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -61,8 +61,8 @@ public interface TyrSaasRoleUserApi {
     @PostMapping("api/saas-role-user/create-agency-admin-role")
     ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(@RequestBody @Valid CreateAgencyAdminRoleParam param);
 
-    @PostMapping("api/saas-role-user/create-workspace-admin-role")
-    ApiResult<CreateAdminRoleDTO> createWorkspaceAdminRole(@RequestBody @Valid @NotEmpty List<CreateWorkspaceAdminRoleParam> params);
+    @PostMapping("api/saas-role-user/create-super-admin-role")
+    ApiResult<Void> createSuperAdminRole(@RequestBody @Valid @NotEmpty CreateSuperAminRoleParam param);
 
     /**
      * 移除超管角色
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateWorkspaceAdminRoleParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAminRoleParam.java
similarity index 55%
rename from tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateWorkspaceAdminRoleParam.java
rename to tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAminRoleParam.java
index 5fe62e57..57c353f5 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateWorkspaceAdminRoleParam.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAminRoleParam.java
@@ -1,14 +1,13 @@
 package cn.axzo.tyr.client.model.roleuser.req;
 
-import javax.validation.constraints.NotBlank;
-import javax.validation.constraints.NotNull;
-
 import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import lombok.Data;
 
+import javax.validation.constraints.NotNull;
+
 @Data
-public class CreateWorkspaceAdminRoleParam {
+public class CreateSuperAminRoleParam {
 
 	/**
 	 * 工作台id，与context校验
@@ -23,15 +22,19 @@ public class CreateWorkspaceAdminRoleParam {
 	private Long ouId;
 
 	/**
-	 * 手机号
+	 * 适用单位类型 1:总包 2:建设单位 4:监理单位 8:劳务分包 16:专业分包 0都可以用 只会挂在最末级
+	 * <p>
+	 * 业务层，这个字段不要直接用。有变种的getter、setter，或者直接用解释工具。
 	 */
-	@NotBlank(message = "phone不能为空")
-	private String phone;
+	private Long fitOuTypeBit;
 
 	/**
-	 * 昵称
+	 *
+	 * 适用节点类型 1:部门 2:班组 4:小组 只会挂在最末级
+	 *
+	 * 业务层，这个字段不要直接用
 	 */
-	private String nickName;
+	private Long fitOuNodeTypeBit;
 
 	/**
 	 * 角色Id，必填
@@ -39,6 +42,12 @@ public class CreateWorkspaceAdminRoleParam {
 	 */
 	private RoleTypeEnum roleType;
 
+	/**
+	 * 身份id
+	 */
+	@NotNull(message = "identityId不能为空")
+	private Long identityId;
+
 	/**
 	 * 身份类型
 	 */
@@ -48,4 +57,6 @@ public class CreateWorkspaceAdminRoleParam {
 	@NotNull(message = "workspaceType不能为空")
 	private Integer workspaceType;
 
+	private Long naturalPersonId;
+
 }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
index 407b79dc..150bca0a 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@@ -8,7 +8,6 @@ import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
-import com.google.common.collect.Lists;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -63,9 +62,9 @@ public class RoleUserController implements TyrSaasRoleUserApi {
     }
 
     @Override
-    public ApiResult<CreateAdminRoleDTO> createWorkspaceAdminRole(List<CreateWorkspaceAdminRoleParam> params) {
-        // todo cn.axzo.basics.auth.api.SaasRoleApi#grantAdminRoleByPhone
-        return ApiResult.ok(new CreateAdminRoleDTO());
+    public ApiResult<Void> createSuperAdminRole(CreateSuperAminRoleParam param) {
+        saasRoleUserService.createSuperAdminRole(param);
+        return ApiResult.ok();
     }
 
     @Override
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
index 4a445d8c..d615b1e4 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
@@ -2,10 +2,13 @@ package cn.axzo.tyr.server.repository.dao;
 
 import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
 import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
+import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.server.repository.entity.SaasRole;
 import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
 import cn.axzo.tyr.server.repository.mapper.SaasRoleMapper;
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.collection.CollectionUtil;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import org.apache.commons.collections.CollectionUtils;
 import org.springframework.stereotype.Repository;
@@ -53,5 +56,30 @@ public class SaasRoleDao extends ServiceImpl<SaasRoleMapper, SaasRole> {
 		}
 		return this.getBaseMapper().listRoleUserByPermissionGroup(permissionGroupIdList, workspaceIds);
 	}
+
+	public SaasRole findRoleByTypeAndWorkspaceIdAndOuId(String roleType, Long workspaceId,
+														Long ouId) {
+		List<SaasRole> list = this.lambdaQuery()
+				.eq(SaasRole::getRoleType, roleType)
+				.eq(SaasRole::getWorkspaceId, workspaceId)
+				.eq(SaasRole::getOwnerOuId, ouId)
+				.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value)
+				.list();
+		if(CollUtil.isEmpty(list)){
+			return null;
+		}
+        return list.get(0);
+	}
+
+	public List<SaasRole> listCommonRoleByNameAndWorkspaceIdAndOuId(String name, Long workspaceId,
+																	Long ouId) {
+		return lambdaQuery().eq(SaasRole::getName, name)
+				.eq(SaasRole::getWorkspaceId, workspaceId)
+				.eq(SaasRole::getOwnerOuId, ouId)
+				.eq(SaasRole::getRoleType, RoleTypeEnum.COMMON.getValue())
+				.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value)
+				.select(SaasRole::getId)
+				.list();
+	}
 }
 
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
index 300a0a9d..afaeb634 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@@ -1,10 +1,8 @@
 package cn.axzo.tyr.server.service;
 
 import cn.axzo.tyr.client.model.enums.IdentityType;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
+import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 
 import java.util.List;
@@ -60,4 +58,10 @@ public interface SaasRoleUserService {
      * @return
      */
     List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds);
+
+    /**
+     * workpaceId + ownerOuId + roleId + 手机号 + 姓名 赋予角色（支持角色赋予的同时 角色创建）
+     * work for: 组织 + 服务包
+     */
+    void createSuperAdminRole(CreateSuperAminRoleParam param);
 }
\ No newline at end of file
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
index 786d759a..cd9768fe 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@@ -1,10 +1,12 @@
 package cn.axzo.tyr.server.service.impl;
 
 import cn.axzo.basics.common.exception.ServiceException;
+import cn.axzo.basics.common.util.AssertUtil;
 import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
 import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.BaseWorkspaceModel;
 import cn.axzo.tyr.client.model.enums.IdentityType;
+import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAminRoleParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
 import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
 import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
@@ -16,6 +18,7 @@ import cn.axzo.tyr.server.service.SaasRoleUserService;
 import cn.hutool.core.collection.CollectionUtil;
 import com.alibaba.nacos.common.utils.CollectionUtils;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.google.common.collect.Lists;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
@@ -142,4 +145,44 @@ public class RoleUserService implements SaasRoleUserService {
 	public List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds) {
 		return roleUserRelationDao.queryByWorkspaceIdOrOu(identityId, identityType, workspaceIds, ouIds);
 	}
+
+	@Override
+	@Transactional(rollbackFor = Exception.class)
+	public void createSuperAdminRole(CreateSuperAminRoleParam param) {
+		//获取超管角色
+		SaasRole saasRole = saasRoleDao
+				.findRoleByTypeAndWorkspaceIdAndOuId(RoleTypeEnum.SUPER_ADMIN.getValue(),
+						param.getWorkspaceId(), param.getOuId());
+		if (saasRole == null) {
+			saasRole = new SaasRole();
+			saasRole.setDescription(RoleTypeEnum.SUPER_ADMIN.getDesc());
+			saasRole.setName(RoleTypeEnum.SUPER_ADMIN.getDesc());
+			saasRole.setWorkspaceId(param.getWorkspaceId());
+			saasRole.setWorkspaceType(param.getWorkspaceType());
+			saasRole.setOwnerOuId(param.getOuId());
+			saasRole.setRoleType(RoleTypeEnum.SUPER_ADMIN.getValue());
+			saasRole.setIsDelete(0L);
+
+			checkRoleName(RoleTypeEnum.SUPER_ADMIN.getDesc(), param.getWorkspaceId(), param.getOuId());
+			saasRoleDao.save(saasRole);
+		}
+		//删除当前超管角色
+		roleUserRelationDao.deleteByRoldId(Lists.newArrayList(saasRole.getId()));
+
+		//新增关联关系
+		SaasRoleUserRelation saasRoleUserRelation = new SaasRoleUserRelation();
+		saasRoleUserRelation.setIdentityId(param.getIdentityId());
+		saasRoleUserRelation.setRoleId(saasRole.getId());
+		saasRoleUserRelation.setIdentityType(param.getIdentityType().getCode());
+		saasRoleUserRelation.setNaturalPersonId(param.getNaturalPersonId());
+		saasRoleUserRelation.setOuId(param.getOuId());
+		saasRoleUserRelation.setWorkspaceId(param.getWorkspaceId());
+		roleUserRelationDao.save(saasRoleUserRelation);
+	}
+
+	private void checkRoleName(String name, Long workspaceId, Long ouId) {
+		List<SaasRole> saasRoles = saasRoleDao.listCommonRoleByNameAndWorkspaceIdAndOuId(name,
+				workspaceId, ouId);
+		AssertUtil.isEmpty(saasRoles, "已存在相同的角色名称，请更换角色名称");
+	}
 }

From a05b3b57a5464677ad42fabb2aeddcd650fc43a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BC=A0=E5=BC=98=E6=98=8A?= <zhanghonghao@axzo.cn>
Date: Wed, 18 Oct 2023 14:49:41 +0800
Subject: [PATCH 10/12] =?UTF-8?q?=E5=88=9B=E5=BB=BA=E8=B6=85=E7=BA=A7?=
 =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=91=98=E8=A7=92=E8=89=B2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../tyr/client/feign/TyrSaasRoleUserApi.java  |  9 +------
 .../roleuser/RoleUserController.java          | 22 +++++----------
 .../server/service/SaasRoleUserService.java   |  5 +---
 .../server/service/impl/RoleUserService.java  | 27 ++++++++-----------
 4 files changed, 19 insertions(+), 44 deletions(-)

diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index 3dde660b..27ae8006 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -4,14 +4,7 @@ import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
-import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
-import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
index a21892fe..36a711be 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@@ -1,30 +1,20 @@
 package cn.axzo.tyr.server.controller.roleuser;
 
-import java.util.List;
-
-import javax.validation.Valid;
-
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
-
 import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
 import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
-import cn.axzo.tyr.client.model.roleuser.req.CreateAgencyAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.CreateWorkspaceAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteAdminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRolesOfWorkspaceParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
-import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
+import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.validation.Valid;
+import java.util.List;
 
 /**
  * @author tanjie@axzo.cn
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
index 9e54c847..344ba36e 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@@ -1,11 +1,8 @@
 package cn.axzo.tyr.server.service;
 
 import cn.axzo.tyr.client.model.enums.IdentityType;
-import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
+import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.client.model.roleuser.req.*;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 
 import java.util.List;
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
index 812afdf1..f2b92ea4 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@@ -1,17 +1,5 @@
 package cn.axzo.tyr.server.service.impl;
 
-import java.util.Collections;
-import java.util.List;
-import java.util.Objects;
-import java.util.Set;
-import java.util.stream.Collectors;
-
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-
-import com.alibaba.nacos.common.utils.CollectionUtils;
-import com.baomidou.mybatisplus.core.toolkit.Wrappers;
-
 import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
 import cn.axzo.basics.common.exception.ServiceException;
 import cn.axzo.basics.common.util.AssertUtil;
@@ -19,10 +7,6 @@ import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
 import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.BaseWorkspaceModel;
 import cn.axzo.tyr.client.model.enums.IdentityType;
-import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAminRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
-import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
-import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
 import cn.axzo.tyr.client.model.roleuser.req.*;
 import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
@@ -31,8 +15,19 @@ import cn.axzo.tyr.server.repository.entity.SaasRole;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
 import cn.hutool.core.collection.CollectionUtil;
+import com.alibaba.nacos.common.utils.CollectionUtils;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.google.common.collect.Lists;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+import java.util.stream.Collectors;
 
 /**
  * 角色

From 2d366e4500bfecdb0d7d60986d98193d04d11214 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BC=A0=E5=BC=98=E6=98=8A?= <zhanghonghao@axzo.cn>
Date: Wed, 18 Oct 2023 15:45:36 +0800
Subject: [PATCH 11/12] =?UTF-8?q?=E5=88=9B=E5=BB=BA=E8=B6=85=E7=BA=A7?=
 =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=91=98=E8=A7=92=E8=89=B2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java  | 2 +-
 ...teSuperAminRoleParam.java => CreateSuperAdminRoleParam.java} | 2 +-
 .../axzo/tyr/server/controller/roleuser/RoleUserController.java | 2 +-
 .../java/cn/axzo/tyr/server/service/SaasRoleUserService.java    | 2 +-
 .../java/cn/axzo/tyr/server/service/impl/RoleUserService.java   | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)
 rename tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/{CreateSuperAminRoleParam.java => CreateSuperAdminRoleParam.java} (96%)

diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
index 27ae8006..548fd6ec 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
@@ -60,7 +60,7 @@ public interface TyrSaasRoleUserApi {
     ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(@RequestBody @Valid CreateAgencyAdminRoleParam param);
 
     @PostMapping("/api/saas-role-user/create-super-admin-role")
-    ApiResult<Void> createSuperAdminRole(@RequestBody @Valid @NotEmpty CreateSuperAminRoleParam param);
+    ApiResult<Void> createSuperAdminRole(@RequestBody @Valid @NotEmpty CreateSuperAdminRoleParam param);
 
     /**
      * 移除超管角色
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAminRoleParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAdminRoleParam.java
similarity index 96%
rename from tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAminRoleParam.java
rename to tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAdminRoleParam.java
index 57c353f5..37714d17 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAminRoleParam.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAdminRoleParam.java
@@ -7,7 +7,7 @@ import lombok.Data;
 import javax.validation.constraints.NotNull;
 
 @Data
-public class CreateSuperAminRoleParam {
+public class CreateSuperAdminRoleParam {
 
 	/**
 	 * 工作台id，与context校验
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
index 36a711be..cb781a2a 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
@@ -61,7 +61,7 @@ public class RoleUserController implements TyrSaasRoleUserApi {
     }
 
     @Override
-    public ApiResult<Void> createSuperAdminRole(CreateSuperAminRoleParam param) {
+    public ApiResult<Void> createSuperAdminRole(CreateSuperAdminRoleParam param) {
         saasRoleUserService.createSuperAdminRole(param);
         return ApiResult.ok();
     }
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
index 344ba36e..12bc37f0 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@@ -62,7 +62,7 @@ public interface SaasRoleUserService {
      * workpaceId + ownerOuId + roleId + 手机号 + 姓名 赋予角色（支持角色赋予的同时 角色创建）
      * work for: 组织 + 服务包
      */
-    void createSuperAdminRole(CreateSuperAminRoleParam param);
+    void createSuperAdminRole(CreateSuperAdminRoleParam param);
 
     /**
      * 批量获取超管信息
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
index f2b92ea4..a3bdeff9 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@@ -149,7 +149,7 @@ public class RoleUserService implements SaasRoleUserService {
 
 	@Override
 	@Transactional(rollbackFor = Exception.class)
-	public void createSuperAdminRole(CreateSuperAminRoleParam param) {
+	public void createSuperAdminRole(CreateSuperAdminRoleParam param) {
 		//获取超管角色
 		SaasRole saasRole = saasRoleDao
 				.findRoleByTypeAndWorkspaceIdAndOuId(RoleTypeEnum.SUPER_ADMIN.getValue(),

From 10cdd20b93bb3803f6bd09e8acf78743a0e3c4e7 Mon Sep 17 00:00:00 2001
From: wangli <274027703@qq.com>
Date: Wed, 18 Oct 2023 16:20:04 +0800
Subject: [PATCH 12/12] =?UTF-8?q?add=20-=20=E6=96=B0=E5=A2=9E=E9=80=9A?=
 =?UTF-8?q?=E8=BF=87=E5=B7=A5=E4=BD=9C=E5=8F=B0=20id=20=E6=9F=A5=E8=AF=A2?=
 =?UTF-8?q?=E6=9D=83=E9=99=90=E7=82=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../main/java/cn/axzo/tyr/client/feign/ProductApi.java | 10 ++++++++++
 .../tyr/client/model/product/ProductSearchPageReq.java |  3 ---
 .../server/controller/product/ProductController.java   |  8 ++++++++
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/ProductApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/ProductApi.java
index 77cfd610..603db227 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/ProductApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/ProductApi.java
@@ -21,6 +21,8 @@ import org.springframework.web.bind.annotation.RequestParam;
 
 import javax.validation.constraints.NotNull;
 import java.util.List;
+import java.util.Map;
+import java.util.Set;
 
 /**
  * 产品相关 API
@@ -102,4 +104,12 @@ public interface ProductApi {
      */
     @PostMapping("api/auth/product/feature/relation/update")
     ApiResult<Boolean> updateFeatureRelation(@Validated @RequestBody List<ProductFeatureRelationUpdateReq> req);
+
+    /**
+     * 查询指定工作台关联的服务包下的产品权限点
+     *
+     * @param workspaceIds
+     * @return
+     */
+    ApiResult<Map<Long, List<ProductFeatureRelationVO>>> queryProductFeatureRelationByWorkspace(Set<Long> workspaceIds);
 }
diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/product/ProductSearchPageReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/product/ProductSearchPageReq.java
index 2451a09b..6f16df0d 100644
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/product/ProductSearchPageReq.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/product/ProductSearchPageReq.java
@@ -2,11 +2,8 @@ package cn.axzo.tyr.client.model.product;
 
 
 import cn.axzo.core.domain.PageRequest;
-import lombok.AllArgsConstructor;
-import lombok.Builder;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-import lombok.NoArgsConstructor;
 import lombok.experimental.Accessors;
 
 /**
diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/product/ProductController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/product/ProductController.java
index c3ae5fb8..0dda138e 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/product/ProductController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/product/ProductController.java
@@ -20,6 +20,8 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.Map;
+import java.util.Set;
 
 /**
  * 产品相关 API 实现
@@ -124,4 +126,10 @@ public class ProductController implements ProductApi {
         }
         return productFeatureRelationService.updateFeatureRelation(req);
     }
+
+
+    @Override
+    public ApiResult<Map<Long, List<ProductFeatureRelationVO>>> queryProductFeatureRelationByWorkspace(Set<Long> workspaceIds) {
+        return ApiResult.ok(productFeatureRelationService.getByWorkspace(workspaceIds));
+    }
 }