1、增加招聘端权限控制相关

citu-framework/citu-common/src/main/java/com/citu/framework/common/exception/enums/GlobalErrorCodeConstants.java

@@ -35,7 +35,5 @@ public interface GlobalErrorCodeConstants {
     // ========== 自定义错误段 ==========
     ErrorCode REPEATED_REQUESTS = new ErrorCode(900, "重复请求，请稍后重试"); // 重复请求
     ErrorCode DEMO_DENY = new ErrorCode(901, "演示模式，禁止写操作");
-
     ErrorCode UNKNOWN = new ErrorCode(999, "未知错误");
-
 }

menduner/menduner-common/src/main/java/com/citu/module/menduner/common/util/LoginUserContext.java

@@ -3,11 +3,10 @@ package com.citu.module.menduner.common.util;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ObjectUtil;
 import com.citu.framework.common.enums.UserTypeEnum;
+import com.citu.framework.common.exception.ErrorCode;
 import com.citu.framework.security.core.LoginUser;
 import com.citu.framework.security.core.util.SecurityFrameworkUtils;
 
-import static com.citu.framework.common.exception.enums.GlobalErrorCodeConstants.FORBIDDEN;
-import static com.citu.framework.common.exception.enums.GlobalErrorCodeConstants.UNAUTHORIZED;
 import static com.citu.framework.common.exception.util.ServiceExceptionUtil.exception;
 
 /**
@@ -17,6 +16,12 @@ import static com.citu.framework.common.exception.util.ServiceExceptionUtil.exce
  **/
 public class LoginUserContext {
 
+
+    private static ErrorCode USER_LOGIN_TOKEN_ERROR = new ErrorCode(1000, "系统登录授权错误，请重新登录");
+    private static ErrorCode ENTERPRISE_LOGIN_TOKEN_ERROR = new ErrorCode(1000, "企业登录授权错误，请重新登录");
+
+    private static ErrorCode ENTERPRISE_ADMIN_USER_ERROR = new ErrorCode(1001, "操作错误,您不是企业管理员");
+
     /**
      * 获取当前登录的用户对象
      * 为空则抛出异常
@@ -25,7 +30,7 @@ public class LoginUserContext {
         LoginUser loginUser = SecurityFrameworkUtils.getLoginUser();
         if (null == loginUser) {
             // 没权限
-            throw exception(UNAUTHORIZED);
+            throw exception(USER_LOGIN_TOKEN_ERROR);
         }
         return loginUser;
     }
@@ -77,7 +82,7 @@ public class LoginUserContext {
      **/
     public static Long getEnterpriseId(LoginUser loginUser) {
         if (!checkEnterprise(loginUser)) {
-            throw exception(UNAUTHORIZED);
+            throw exception(ENTERPRISE_LOGIN_TOKEN_ERROR);
         }
         return Long.valueOf(loginUser.getInfo().get(LoginUser.INFO_KEY_DATA_ID));
     }
@@ -126,7 +131,7 @@ public class LoginUserContext {
         LoginUser loginUser = LoginUserContext.get();
         // 判断操作者是否有权限操作
         if (!checkEnterprise(loginUser)) {
-            throw exception(FORBIDDEN);
+            throw exception(ENTERPRISE_ADMIN_USER_ERROR);
         }
         return loginUser;
     }
@@ -145,7 +150,9 @@ public class LoginUserContext {
     }
 
 
-    /** 验证是否是系统后台管理员 **/
+    /**
+     * 验证是否是系统后台管理员
+     **/
     public static boolean checkIsSystemUser() {
         LoginUser loginUser = LoginUserContext.get();
         if (ObjectUtil.equal(loginUser.getUserType(), UserTypeEnum.ADMIN.getValue())) {

menduner/menduner-system-api/src/main/java/com/citu/module/menduner/system/api/permission/MendunerPermissionApi.java

@@ -28,28 +28,34 @@ public interface MendunerPermissionApi {
     @GetMapping(PREFIX + "/has-any-permissions")
     @Operation(summary = "判断是否有权限，任一一个即可")
     @Parameters({
+            @Parameter(name = "enterpriseId", description = "企业编号", example = "2", required = true),
             @Parameter(name = "userId", description = "用户编号", example = "1", required = true),
             @Parameter(name = "permissions", description = "权限", example = "read,write", required = true)
     })
-    CommonResult<Boolean> hasAnyPermissions(@RequestParam("userId") Long userId,
+    CommonResult<Boolean> hasAnyPermissions(@RequestParam("enterpriseId") Long enterpriseId,
+                                            @RequestParam("userId") Long userId,
                                             @RequestParam("permissions") String... permissions);
 
     @GetMapping(PREFIX + "/has-any-roles")
     @Operation(summary = "判断是否有角色，任一一个即可")
     @Parameters({
+            @Parameter(name = "enterpriseId", description = "企业编号", example = "2", required = true),
             @Parameter(name = "userId", description = "用户编号", example = "1", required = true),
             @Parameter(name = "roles", description = "角色数组", example = "2", required = true)
     })
-    CommonResult<Boolean> hasAnyRoles(@RequestParam("userId") Long userId,
-                                      @RequestParam("roles") String... roles);
+    CommonResult<Boolean> hasAnyRoles(
+
+            @RequestParam("enterpriseId") Long enterpriseId,
+            @RequestParam("userId") Long userId,
+            @RequestParam("roles") String... roles);
 
 
     @GetMapping(PREFIX + "/get-data-permission")
     @Operation(summary = "获得登陆用户的数据权限")
     @Parameters({
-            @Parameter(name = "userId", description = "用户编号", example = "2", required = true),
             @Parameter(name = "enterpriseId", description = "企业编号", example = "2", required = true),
+            @Parameter(name = "userId", description = "用户编号", example = "2", required = true),
     })
-    CommonResult<DataPermissionRespDTO> getDataPermission(@RequestParam("userId") Long userId, @RequestParam("enterpriseId") Long enterpriseId);
+    CommonResult<DataPermissionRespDTO> getDataPermission(@RequestParam("enterpriseId") Long enterpriseId, @RequestParam("userId") Long userId);
 
 }

menduner/menduner-system-api/src/main/java/com/citu/module/menduner/system/enums/ErrorCodeConstants.java

@@ -31,6 +31,7 @@ public interface ErrorCodeConstants {
     ErrorCode MDE_REQUEST_ILLEGAL = new ErrorCode(1_099_000_011, "非法请求");
 
 
+
     // ========== 人员信息-个人档案 1_100_001_000 ==========
     ErrorCode MDE_USER_INFO_NOT_EXISTS = new ErrorCode(1_100_001_001, "个人档案不存在");
     ErrorCode MDE_PERSON_ADVANTAGE_NOT_EXISTS = new ErrorCode(1_100_001_002, "个人优势不能为空");

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/api/permission/MendunerPermissionApiImpl.java

@@ -25,18 +25,18 @@ public class MendunerPermissionApiImpl implements MendunerPermissionApi {
     }
 
     @Override
-    public CommonResult<Boolean> hasAnyPermissions(Long userId, String... permissions) {
-        return success(service.hasAnyPermissions(userId, permissions));
+    public CommonResult<Boolean> hasAnyPermissions(Long enterpriseId, Long userId, String... permissions) {
+        return success(service.hasAnyPermissions(enterpriseId, userId, permissions));
     }
 
     @Override
-    public CommonResult<Boolean> hasAnyRoles(Long userId, String... roles) {
-        return success(service.hasAnyRoles(userId, roles));
+    public CommonResult<Boolean> hasAnyRoles(Long enterpriseId, Long userId, String... roles) {
+        return success(service.hasAnyRoles(enterpriseId, userId, roles));
     }
 
 
     @Override
-    public CommonResult<DataPermissionRespDTO> getDataPermission(Long userId, Long enterpriseId) {
-        return success(service.getDataPermission(userId,enterpriseId));
+    public CommonResult<DataPermissionRespDTO> getDataPermission(Long enterpriseId, Long userId) {
+        return success(service.getDataPermission(enterpriseId, userId));
     }
 }

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/config/permission/CustomDataPermissionRule.java

@@ -20,6 +20,7 @@ import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
 import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
 import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
 import net.sf.jsqlparser.expression.operators.relational.InExpression;
+import net.sf.jsqlparser.expression.operators.relational.ParenthesedExpressionList;
 
 import java.util.HashMap;
 import java.util.HashSet;
@@ -92,7 +93,7 @@ public class CustomDataPermissionRule implements DataPermissionRule {
         // 从上下文中拿不到，则调用逻辑进行获取
         if (dataPermission == null) {
             Long enterpriseId = Long.valueOf(loginUser.getInfo().get(LoginUser.INFO_KEY_DATA_ID));
-            dataPermission = permissionApi.getDataPermission(loginUser.getId(), enterpriseId).getCheckedData();
+            dataPermission = permissionApi.getDataPermission(enterpriseId,loginUser.getId()).getCheckedData();
             if (dataPermission == null) {
                 log.error("[getExpression][LoginUser({}) 获取数据权限为 null]", JsonUtils.toJsonString(loginUser));
                 throw new NullPointerException(String.format("LoginUser(%d) Table(%s/%s) 未返回数据权限",
@@ -132,7 +133,7 @@ public class CustomDataPermissionRule implements DataPermissionRule {
         // // 目前，如果有指定数据 + 可查看自己，采用 OR 条件。即，WHERE (xx_id IN ? OR user_id = ?)
         // return new Parenthesis(new OrExpression(dataExpression, userExpression));
         // 改为 AND 条件。即，WHERE (xx_id IN ? and user_id = ?)
-        return new Parenthesis(new AndExpression(dataExpression, userExpression));
+        return new ParenthesedExpressionList(new AndExpression(dataExpression, userExpression));
     }
 
     private Expression buildDataExpression(String tableName, Alias tableAlias, Set<Long> dataIds) {
@@ -147,7 +148,7 @@ public class CustomDataPermissionRule implements DataPermissionRule {
         }
         // 拼接条件
         return new InExpression(MyBatisUtils.buildColumn(tableName, tableAlias, columnName),
-                new ExpressionList<>(CollectionUtils.convertList(dataIds, LongValue::new)));
+                new ParenthesedExpressionList<>(CollectionUtils.convertList(dataIds, LongValue::new)));
     }
 
     private Expression buildUserExpression(String tableName, Alias tableAlias, Boolean self, Long userId) {

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/admin/permission/MdeMenuController.java

@@ -0,0 +1,88 @@
+package com.citu.module.menduner.system.controller.admin.permission;
+
+import com.citu.framework.common.enums.CommonStatusEnum;
+import com.citu.framework.common.pojo.CommonResult;
+import com.citu.framework.common.util.object.BeanUtils;
+
+import com.citu.module.menduner.system.controller.base.permission.menu.MdeMenuListReqVO;
+import com.citu.module.menduner.system.controller.base.permission.menu.MdeMenuRespVO;
+import com.citu.module.menduner.system.controller.base.permission.menu.MdeMenuSaveVO;
+import com.citu.module.menduner.system.controller.base.permission.menu.MdeMenuSimpleRespVO;
+import com.citu.module.menduner.system.dal.dataobject.permission.MdeMenuDO;
+import com.citu.module.menduner.system.service.permission.MdeMenuService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+
+import javax.annotation.Resource;
+import javax.validation.Valid;
+import java.util.Comparator;
+import java.util.List;
+
+import static com.citu.framework.common.pojo.CommonResult.success;
+
+@Tag(name = "管理后台 - 招聘端菜单")
+@RestController
+@RequestMapping("/menduner/system/menu")
+@Validated
+public class MdeMenuController {
+
+    @Resource
+    private MdeMenuService menuService;
+
+    @PostMapping("/create")
+    @Operation(summary = "创建菜单")
+    @PreAuthorize("@ss.hasPermission('menduner:system:menu:create')")
+    public CommonResult<Long> createMenu(@Valid @RequestBody MdeMenuSaveVO createReqVO) {
+        Long menuId = menuService.createMenu(createReqVO);
+        return success(menuId);
+    }
+
+    @PutMapping("/update")
+    @Operation(summary = "修改菜单")
+    @PreAuthorize("@ss.hasPermission('menduner:system:menu:update')")
+    public CommonResult<Boolean> updateMenu(@Valid @RequestBody MdeMenuSaveVO updateReqVO) {
+        menuService.updateMenu(updateReqVO);
+        return success(true);
+    }
+
+    @DeleteMapping("/delete")
+    @Operation(summary = "删除菜单")
+    @Parameter(name = "id", description = "菜单编号", required= true, example = "1024")
+    @PreAuthorize("@ss.hasPermission('menduner:system:menu:delete')")
+    public CommonResult<Boolean> deleteMenu(@RequestParam("id") Long id) {
+        menuService.deleteMenu(id);
+        return success(true);
+    }
+
+    @GetMapping("/list")
+    @Operation(summary = "获取菜单列表", description = "用于【菜单管理】界面")
+    @PreAuthorize("@ss.hasPermission('menduner:system:menu:query')")
+    public CommonResult<List<MdeMenuRespVO>> getMenuList(MdeMenuListReqVO reqVO) {
+        List<MdeMenuDO> list = menuService.getMenuList(reqVO);
+        list.sort(Comparator.comparing(MdeMenuDO::getSort));
+        return success(BeanUtils.toBean(list, MdeMenuRespVO.class));
+    }
+
+    @GetMapping({"/list-all-simple", "simple-list"})
+    @Operation(summary = "获取菜单精简信息列表", description = "只包含被开启的菜单，用于【角色分配菜单】功能的选项。" +
+            "在多租户的场景下，会只返回租户所在套餐有的菜单")
+    public CommonResult<List<MdeMenuSimpleRespVO>> getSimpleMenuList() {
+        List<MdeMenuDO> list = menuService.getMenuListByTenant(
+                new MdeMenuListReqVO().setStatus(CommonStatusEnum.ENABLE.getStatus()));
+        list.sort(Comparator.comparing(MdeMenuDO::getSort));
+        return success(BeanUtils.toBean(list, MdeMenuSimpleRespVO.class));
+    }
+
+    @GetMapping("/get")
+    @Operation(summary = "获取菜单信息")
+    @PreAuthorize("@ss.hasPermission('menduner:system:menu:query')")
+    public CommonResult<MdeMenuRespVO> getMenu(Long id) {
+        MdeMenuDO menu = menuService.getMenu(id);
+        return success(BeanUtils.toBean(menu, MdeMenuRespVO.class));
+    }
+
+}

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/admin/permission/MdePermissionController.java

@@ -1,58 +0,0 @@
-package com.citu.module.menduner.system.controller.admin.permission;
-
-import com.citu.framework.common.pojo.CommonResult;
-import com.citu.module.menduner.system.controller.base.permission.permission.MdePermissionAssignRoleDataScopeReqVO;
-import com.citu.module.menduner.system.controller.base.permission.permission.MdePermissionAssignUserRoleReqVO;
-import com.citu.module.menduner.system.service.permission.MdePermissionService;
-import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.tags.Tag;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.*;
-
-import javax.annotation.Resource;
-import javax.validation.Valid;
-import java.util.Set;
-
-import static com.citu.framework.common.pojo.CommonResult.success;
-
-/**
- * 权限 Controller，提供赋予用户、角色的权限的 API 接口
- *
- * @author Rayson
- */
-@Tag(name = "管理后台 - 权限")
-@RestController
-@RequestMapping("/menduner/system/permission")
-public class MdePermissionController {
-
-    @Resource
-    private MdePermissionService permissionService;
-
-
-    @PostMapping("/assign-role-data-scope")
-    @Operation(summary = "赋予角色数据权限")
-    @PreAuthorize("@ss.hasPermission('menduner:system:permission:assign-role-data-scope')")
-    public CommonResult<Boolean> assignRoleDataScope(@Valid @RequestBody MdePermissionAssignRoleDataScopeReqVO reqVO) {
-        permissionService.assignRoleDataScope(reqVO.getRoleId(), reqVO.getDataScope(), reqVO.getDataScopeEnterpriseIds());
-        return success(true);
-    }
-
-    @Operation(summary = "获得管理员拥有的角色编号列表")
-    @Parameter(name = "userId", description = "用户编号", required = true)
-    @GetMapping("/list-user-roles")
-    @PreAuthorize("@ss.hasPermission('menduner:system:permission:assign-user-role')")
-    public CommonResult<Set<Long>> listAdminRoles(@RequestParam("userId") Long userId) {
-        return success(permissionService.getUserRoleIdListByUserId(userId));
-    }
-
-    @Operation(summary = "赋予用户角色")
-    @PostMapping("/assign-user-role")
-    @PreAuthorize("@ss.hasPermission('menduner:system:permission:assign-user-role')")
-    public CommonResult<Boolean> assignUserRole(@Validated @RequestBody MdePermissionAssignUserRoleReqVO reqVO) {
-        permissionService.assignUserRole(reqVO.getUserId(), reqVO.getRoleIds());
-        return success(true);
-    }
-
-}

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/admin/permission/MdeRoleController.java

@@ -1,102 +0,0 @@
-package com.citu.module.menduner.system.controller.admin.permission;
-
-import com.citu.framework.apilog.core.annotation.ApiAccessLog;
-import com.citu.module.menduner.system.enums.MendunerStatusEnum;
-import com.citu.framework.common.pojo.CommonResult;
-import com.citu.framework.common.pojo.PageParam;
-import com.citu.framework.common.pojo.PageResult;
-import com.citu.framework.common.util.object.BeanUtils;
-import com.citu.framework.excel.core.util.ExcelUtils;
-import com.citu.module.menduner.system.controller.base.permission.role.MdeRolePageReqVO;
-import com.citu.module.menduner.system.controller.base.permission.role.MdeRoleRespVO;
-import com.citu.module.menduner.system.controller.base.permission.role.MdeRoleSaveReqVO;
-import com.citu.module.menduner.system.dal.dataobject.permission.MdeRoleDO;
-import com.citu.module.menduner.system.service.permission.MdeRoleService;
-import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.tags.Tag;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.*;
-
-import javax.annotation.Resource;
-import javax.servlet.http.HttpServletResponse;
-import javax.validation.Valid;
-import java.io.IOException;
-import java.util.Comparator;
-import java.util.List;
-
-import static com.citu.framework.apilog.core.enums.OperateTypeEnum.EXPORT;
-import static com.citu.framework.common.pojo.CommonResult.success;
-import static java.util.Collections.singleton;
-
-@Tag(name = "管理后台 - 角色")
-@RestController
-@RequestMapping("/menduner/system/mde-role")
-@Validated
-public class MdeRoleController {
-
-    @Resource
-    private MdeRoleService roleService;
-
-    @PostMapping("/create")
-    @Operation(summary = "创建角色")
-    @PreAuthorize("@ss.hasPermission('menduner:system:mde-role:create')")
-    public CommonResult<Long> createRole(@Valid @RequestBody MdeRoleSaveReqVO createReqVO) {
-        return success(roleService.createRole(createReqVO, null));
-    }
-
-    @PutMapping("/update")
-    @Operation(summary = "修改角色")
-    @PreAuthorize("@ss.hasPermission('menduner:system:mde-role:update')")
-    public CommonResult<Boolean> updateRole(@Valid @RequestBody MdeRoleSaveReqVO updateReqVO) {
-        roleService.updateRole(updateReqVO);
-        return success(true);
-    }
-
-    @DeleteMapping("/delete")
-    @Operation(summary = "删除角色")
-    @Parameter(name = "id", description = "角色编号", required = true, example = "1024")
-    @PreAuthorize("@ss.hasPermission('menduner:system:mde-role:delete')")
-    public CommonResult<Boolean> deleteRole(@RequestParam("id") Long id) {
-        roleService.deleteRole(id);
-        return success(true);
-    }
-
-    @GetMapping("/get")
-    @Operation(summary = "获得角色信息")
-    @PreAuthorize("@ss.hasPermission('menduner:system:mde-role:query')")
-    public CommonResult<MdeRoleRespVO> getRole(@RequestParam("id") Long id) {
-        MdeRoleDO role = roleService.getRole(id);
-        return success(BeanUtils.toBean(role, MdeRoleRespVO.class));
-    }
-
-    @GetMapping("/page")
-    @Operation(summary = "获得角色分页")
-    @PreAuthorize("@ss.hasPermission('menduner:system:mde-role:query')")
-    public CommonResult<PageResult<MdeRoleRespVO>> getRolePage(MdeRolePageReqVO pageReqVO) {
-        PageResult<MdeRoleDO> pageResult = roleService.getRolePage(pageReqVO);
-        return success(BeanUtils.toBean(pageResult, MdeRoleRespVO.class));
-    }
-
-    @GetMapping({"/list-all-simple", "/simple-list"})
-    @Operation(summary = "获取角色精简信息列表", description = "只包含被开启的角色，主要用于前端的下拉选项")
-    public CommonResult<List<MdeRoleRespVO>> getSimpleRoleList() {
-        List<MdeRoleDO> list = roleService.getRoleListByStatus(singleton(MendunerStatusEnum.ENABLE.getStatus()));
-        list.sort(Comparator.comparing(MdeRoleDO::getSort));
-        return success(BeanUtils.toBean(list, MdeRoleRespVO.class));
-    }
-
-    @GetMapping("/export-excel")
-    @Operation(summary = "导出角色 Excel")
-    @ApiAccessLog(operateType = EXPORT)
-    @PreAuthorize("@ss.hasPermission('menduner:system:mde-role:export')")
-    public void export(HttpServletResponse response, @Validated MdeRolePageReqVO exportReqVO) throws IOException {
-        exportReqVO.setPageSize(PageParam.PAGE_SIZE_NONE);
-        List<MdeRoleDO> list = roleService.getRolePage(exportReqVO).getList();
-        // 输出
-        ExcelUtils.write(response, "角色数据.xls", "数据", MdeRoleRespVO.class,
-                BeanUtils.toBean(list, MdeRoleRespVO.class));
-    }
-
-}

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/enterprise/vo/AppRecruitEnterpriseChildrenRespVO.java

@@ -0,0 +1,24 @@
+package com.citu.module.menduner.system.controller.app.recruit.enterprise.vo;
+
+import com.citu.module.menduner.system.controller.app.jobhunt.area.vo.AppAreaChildrenRespVO;
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.Data;
+
+import java.time.LocalDateTime;
+import java.util.List;
+
+@Schema(description = "menduner - 企业信息及下级列表 Response VO")
+@Data
+public class AppRecruitEnterpriseChildrenRespVO extends AppRecruitEnterpriseRespVO{
+
+    @Schema(description = "上级ID", example = "9103")
+    private Long parentId;
+
+    @Schema(description = "路径")
+    private String path;
+
+    /**
+     * 子节点
+     */
+    private List<AppAreaChildrenRespVO> children;
+}

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/enterprise/vo/AppRecruitEnterpriseTreeRespVO.java

@@ -21,6 +21,9 @@ public class AppRecruitEnterpriseTreeRespVO {
     @Schema(description = "企业别称", example = "xx科技")
     private String anotherName;
 
+    @Schema(description = "路径")
+    private String path;
+
     @Schema(description = "子节点", example = "{}")
     private List<AppRecruitEnterpriseTreeRespVO> children;
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/permission/AppMdePermissionController.java

@@ -14,6 +14,7 @@ import com.citu.module.menduner.system.convert.AuthConvert;
 import com.citu.module.menduner.system.dal.dataobject.permission.MdeMenuDO;
 import com.citu.module.menduner.system.dal.dataobject.permission.MdeRoleDO;
 import com.citu.module.menduner.system.enums.MendunerStatusEnum;
+import com.citu.module.menduner.system.enums.permission.MdeDefaultRoleEnum;
 import com.citu.module.menduner.system.service.enterprise.bind.EnterpriseUserBindService;
 import com.citu.module.menduner.system.service.enterprise.vip.EnterpriseEntitlementService;
 import com.citu.module.menduner.system.service.permission.MdeMenuService;
@@ -86,14 +87,16 @@ public class AppMdePermissionController {
     @GetMapping("/list-user-roles")
     @PreAuthenticated
     public CommonResult<Set<Long>> listAdminRoles(@RequestParam("userId") Long userId) {
-        return success(permissionService.getUserRoleIdListByUserId(userId));
+        return success(permissionService.getEnterpriseUserRoleIdListByUserId(LoginUserContext.getEnterpriseId(), userId));
     }
 
     @Operation(summary = "赋予用户角色")
     @PostMapping("/assign-user-role")
     @PreAuthenticated
     public CommonResult<Boolean> assignUserRole(@Validated @RequestBody MdePermissionAssignUserRoleReqVO reqVO) {
-        permissionService.assignUserRole(reqVO.getUserId(), reqVO.getRoleIds());
+        permissionService.assignEnterpriseUserRole(LoginUserContext.getEnterpriseId(),
+                LoginUserContext.getUserId(),
+                reqVO.getRoleIds());
         return success(true);
     }
 
@@ -110,9 +113,11 @@ public class AppMdePermissionController {
         }
 
         // 1.2 获得角色列表
-        Set<Long> roleIds = permissionService.getUserRoleIdListByUserId(getLoginUserId());
+        Set<Long> roleIds = permissionService.getEnterpriseUserRoleIdListByUserId(LoginUserContext.getEnterpriseId(), getLoginUserId());
         if (CollUtil.isEmpty(roleIds)) {
-            return success(AuthConvert.INSTANCE.convert(user, Collections.emptyList(), Collections.emptyList()));
+            // 兼容没有角色绑定的情况
+            roleIds = Collections.singleton(roleService.getRoleByDefault(MdeDefaultRoleEnum.MENDUNER_ENTERPRISE_ROLE).getId());
+            // return success(AuthConvert.INSTANCE.convert(user, Collections.emptyList(), Collections.emptyList()));
         }
         List<MdeRoleDO> roles = roleService.getRoleList(roleIds);
         roles.removeIf(role -> !MendunerStatusEnum.ENABLE.getStatus().equals(role.getStatus())); // 移除禁用的角色

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/permission/AppMdeRoleController.java

@@ -7,6 +7,7 @@ import com.citu.framework.common.pojo.PageResult;
 import com.citu.framework.common.util.object.BeanUtils;
 import com.citu.framework.excel.core.util.ExcelUtils;
 import com.citu.framework.security.core.annotations.PreAuthenticated;
+import com.citu.module.menduner.common.util.LoginUserContext;
 import com.citu.module.menduner.system.controller.base.permission.role.MdeRolePageReqVO;
 import com.citu.module.menduner.system.controller.base.permission.role.MdeRoleRespVO;
 import com.citu.module.menduner.system.controller.base.permission.role.MdeRoleSaveReqVO;
@@ -75,6 +76,7 @@ public class AppMdeRoleController {
     @Operation(summary = "获得角色分页")
     @PreAuthenticated
     public CommonResult<PageResult<MdeRoleRespVO>> getRolePage(MdeRolePageReqVO pageReqVO) {
+        pageReqVO.setEnterpriseId(LoginUserContext.getEnterpriseId());
         PageResult<MdeRoleDO> pageResult = roleService.getRolePage(pageReqVO);
         return success(BeanUtils.toBean(pageResult, MdeRoleRespVO.class));
     }

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/base/permission/permission/MdePermissionAssignUserRoleReqVO.java

@@ -11,10 +11,6 @@ import java.util.Set;
 @Data
 public class MdePermissionAssignUserRoleReqVO {
 
-    @Schema(description = "用户编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "1")
-    @NotNull(message = "{1_100_016_018}")
-    private Long userId;
-
     @Schema(description = "角色编号列表", example = "1,3,5")
     private Set<Long> roleIds = Collections.emptySet(); // 兜底
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/base/permission/role/MdeRolePageReqVO.java

@@ -15,6 +15,9 @@ import static com.citu.framework.common.util.date.DateUtils.FORMAT_YEAR_MONTH_DA
 @EqualsAndHashCode(callSuper = true)
 public class MdeRolePageReqVO extends PageParam {
 
+    @Schema(description = "企业编号", example = "1024")
+    private Long enterpriseId;
+
     @Schema(description = "角色名称，模糊匹配", example = "芋道")
     private String name;
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/base/permission/role/MdeRoleRespVO.java

@@ -4,7 +4,7 @@ import com.alibaba.excel.annotation.ExcelIgnoreUnannotated;
 import com.alibaba.excel.annotation.ExcelProperty;
 import com.citu.framework.excel.core.annotations.DictFormat;
 import com.citu.framework.excel.core.convert.DictConvert;
-import com.citu.module.system.enums.DictTypeConstants;
+import com.citu.module.menduner.system.enums.DictTypeConstants;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 
@@ -36,7 +36,7 @@ public class MdeRoleRespVO {
 
     @Schema(description = "状态，参见 MendunerStatusEnum 枚举类", requiredMode = Schema.RequiredMode.REQUIRED, example = "1")
     @ExcelProperty(value = "角色状态", converter = DictConvert.class)
-    @DictFormat(DictTypeConstants.COMMON_STATUS)
+    @DictFormat(DictTypeConstants.MENDUNER_STATUS)
     private String status;
 
     @Schema(description = "角色类型，参见 RoleTypeEnum 枚举类", requiredMode = Schema.RequiredMode.REQUIRED, example = "1")

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/base/permission/role/MdeRoleSaveReqVO.java

@@ -1,5 +1,9 @@
 package com.citu.module.menduner.system.controller.base.permission.role;
 
+import com.alibaba.excel.annotation.ExcelProperty;
+import com.citu.framework.excel.core.annotations.DictFormat;
+import com.citu.framework.excel.core.convert.DictConvert;
+import com.citu.module.menduner.system.enums.DictTypeConstants;
 import com.mzt.logapi.starter.annotation.DiffLogField;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
@@ -32,6 +36,9 @@ public class MdeRoleSaveReqVO {
     @DiffLogField(name = "显示顺序")
     private Integer sort;
 
+    @Schema(description = "状态，参见 MendunerStatusEnum 枚举类",  example = "1")
+    private String status;
+
     @Schema(description = "备注", example = "我是一个角色")
     @DiffLogField(name = "备注")
     private String remark;

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/dal/mysql/permission/MdeRoleMapper.java

@@ -17,6 +17,7 @@ public interface MdeRoleMapper extends BaseMapperX<MdeRoleDO> {
 
     default PageResult<MdeRoleDO> selectPage(MdeRolePageReqVO reqVO) {
         return selectPage(reqVO, new LambdaQueryWrapperX<MdeRoleDO>()
+                .eqIfPresent(MdeRoleDO::getEnterpriseId, reqVO.getEnterpriseId())
                 .likeIfPresent(MdeRoleDO::getName, reqVO.getName())
                 .likeIfPresent(MdeRoleDO::getCode, reqVO.getCode())
                 .eqIfPresent(MdeRoleDO::getStatus, reqVO.getStatus())

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/dal/mysql/permission/MdeUserRoleMapper.java

@@ -22,9 +22,8 @@ public interface MdeUserRoleMapper extends BaseMapperX<MdeUserRoleDO> {
                 .in(MdeUserRoleDO::getRoleId, roleIds));
     }
 
-    default void deleteListByEnterpriseIdAndUserId(Long enterpriseId, Long userId) {
+    default void deleteListByEnterpriseIdAndUserId( Long userId) {
         delete(new LambdaQueryWrapper<MdeUserRoleDO>()
-                .eq(MdeUserRoleDO::getEnterpriseId, enterpriseId)
                 .eq(MdeUserRoleDO::getUserId, userId));
     }
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/framework/datapermission/config/DataPermissionConfiguration.java

@@ -16,8 +16,6 @@ public class DataPermissionConfiguration {
     @Bean
     public CustomDataPermissionRuleCustomizer customDataPermissionRuleCustomizer() {
         return rule -> {
-            // 角色
-            rule.addDataColumn(MdeRoleDO.class);
         };
     }
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/enterprise/EnterpriseService.java

@@ -3,6 +3,7 @@ package com.citu.module.menduner.system.service.enterprise;
 import com.citu.framework.common.pojo.PageParam;
 import com.citu.framework.common.pojo.PageResult;
 import com.citu.module.menduner.common.dto.TimeRangeBaseReqVO;
+import com.citu.module.menduner.system.controller.app.jobhunt.area.vo.AppAreaChildrenRespVO;
 import com.citu.module.menduner.system.controller.app.jobhunt.enterprise.vo.AppEnterpriseClickReqVO;
 import com.citu.module.menduner.system.controller.app.jobhunt.enterprise.vo.AppEnterpriseDetailRespVO;
 import com.citu.module.menduner.system.controller.app.recruit.enterprise.vo.*;
@@ -276,4 +277,5 @@ public interface EnterpriseService {
      **/
     List<AppEnterpriseDetailRespVO> getEnterpriseDetails(String ids);
 
+
 }

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/enterprise/EnterpriseServiceImpl.java

@@ -12,13 +12,16 @@ import com.citu.framework.dict.core.DictFrameworkUtils;
 import com.citu.module.menduner.common.dto.TimeRangeBaseReqVO;
 import com.citu.module.menduner.common.util.LoginUserContext;
 import com.citu.module.menduner.system.api.python.GraphSendDTO;
+import com.citu.module.menduner.system.controller.app.jobhunt.area.vo.AppAreaChildrenRespVO;
 import com.citu.module.menduner.system.controller.app.jobhunt.enterprise.vo.AppEnterpriseClickReqVO;
 import com.citu.module.menduner.system.controller.app.jobhunt.enterprise.vo.AppEnterpriseDetailRespVO;
 import com.citu.module.menduner.system.controller.app.recruit.enterprise.vo.*;
 import com.citu.module.menduner.system.controller.base.CommonRespVO;
 import com.citu.module.menduner.system.controller.base.enterprise.address.EnterpriseAddressRespVO;
 import com.citu.module.menduner.system.controller.base.enterprise.vo.*;
+import com.citu.module.menduner.system.convert.AreaConvert;
 import com.citu.module.menduner.system.convert.EnterpriseConvert;
+import com.citu.module.menduner.system.dal.dataobject.area.AreaDO;
 import com.citu.module.menduner.system.dal.dataobject.enterprise.EnterpriseAddressDO;
 import com.citu.module.menduner.system.dal.dataobject.enterprise.EnterpriseBusinessDO;
 import com.citu.module.menduner.system.dal.dataobject.enterprise.EnterpriseDO;
@@ -336,6 +339,7 @@ public class EnterpriseServiceImpl implements EnterpriseService {
     }
 
 
+
     @Override
     public EnterpriseBaseSimpleRespVO getEnterpriseSimple(Long id) {
         EnterpriseDO enterprise = enterpriseMapper.selectById(id);

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/enterprise/apply/EnterpriseUserApplyServiceImpl.java

@@ -141,7 +141,8 @@ public class EnterpriseUserApplyServiceImpl implements EnterpriseUserApplyServic
 
         // 审批通过更改用户绑定角色
         // 绑定企业用户
-        permissionService.assignUserRoleByDefault(userApplyDO.getUserId(), MdeDefaultRoleEnum.MENDUNER_ENTERPRISE_ROLE);
+        permissionService.assignEnterpriseUserRoleByDefault(userApplyDO.getEnterpriseId(),
+                userApplyDO.getUserId(), MdeDefaultRoleEnum.MENDUNER_ENTERPRISE_ROLE);
     }
 
     @Override

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/permission/MdePermissionService.java

@@ -16,20 +16,21 @@ public interface MdePermissionService {
 
     /**
      * 判断是否有权限，任一一个即可
-     *
+     * @param enterpriseId 企业编号
      * @param userId      用户编号
      * @param permissions 权限
      * @return 是否
      */
-    boolean hasAnyPermissions(Long userId, String... permissions);
+    boolean hasAnyPermissions(Long enterpriseId,Long userId, String... permissions);
 
     /**
      * 判断是否有角色，任一一个即可
-     *
+     * @param enterpriseId 企业编号
+     * @param userId      用户编号
      * @param roles 角色数组
      * @return 是否
      */
-    boolean hasAnyRoles(Long userId, String... roles);
+    boolean hasAnyRoles(Long enterpriseId,Long userId, String... roles);
 
     // ========== 角色-菜单的相关方法  ==========
 
@@ -85,26 +86,25 @@ public interface MdePermissionService {
 
     /**
      * 设置用户角色
-     *
+     * @param enterpriseId 企业编号
      * @param userId  角色编号
      * @param roleIds 角色编号集合
      */
-    void assignUserRole(Long userId, Set<Long> roleIds);
+    void assignEnterpriseUserRole(Long enterpriseId,Long userId, Set<Long> roleIds);
 
     /**
      * 设置用户默认角色
-     *
+     * @param enterpriseId 企业编号
      * @param userId  角色编号
      * @param roleEnum 角色枚举
      */
-    void assignUserRoleByDefault(Long userId, MdeDefaultRoleEnum roleEnum);
+    void assignEnterpriseUserRoleByDefault(Long enterpriseId,Long userId, MdeDefaultRoleEnum roleEnum);
 
     /**
      * 处理用户删除时，删除关联授权数据
-     *
      * @param userId 用户编号
      */
-    void processUserDeleted(Long userId);
+    void processEnterpriseUserDeleted(Long userId);
 
     /**
      * 获得拥有多个角色的用户编号集合
@@ -116,19 +116,19 @@ public interface MdePermissionService {
 
     /**
      * 获得用户拥有的角色编号集合
-     *
+     * @param enterpriseId 企业编号
      * @param userId 用户编号
      * @return 角色编号集合
      */
-    Set<Long> getUserRoleIdListByUserId(Long userId);
+    Set<Long> getEnterpriseUserRoleIdListByUserId(Long enterpriseId,Long userId);
 
     /**
      * 获得用户拥有的角色编号集合，从缓存中获取
-     *
+     * @param enterpriseId 企业编号
      * @param userId 用户编号
      * @return 角色编号集合
      */
-    Set<Long> getUserRoleIdListByUserIdFromCache(Long userId);
+    Set<Long> getEnterpriseUserRoleIdListByUserIdFromCache(Long enterpriseId,Long userId);
 
     // ========== 用户-企业的相关方法  ==========
 
@@ -145,11 +145,12 @@ public interface MdePermissionService {
     /**
      * 获得登陆用户的部门数据权限
      *
-     * @param userId       用户编号
+
      * @param enterpriseId 企业id
+     * @param userId       用户编号
      * @return 部门数据权限
      */
-    DataPermissionRespDTO getDataPermission(Long userId, Long enterpriseId);
+    DataPermissionRespDTO getDataPermission(Long enterpriseId,Long userId);
 
 }
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/permission/MdePermissionServiceImpl.java

@@ -5,7 +5,6 @@ import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.extra.spring.SpringUtil;
 import com.baomidou.dynamic.datasource.annotation.DSTransactional;
-import com.citu.framework.common.enums.CommonStatusEnum;
 import com.citu.framework.common.util.collection.CollectionUtils;
 import com.citu.framework.datapermission.core.annotation.DataPermission;
 import com.citu.module.menduner.system.dal.dataobject.enterprise.EnterpriseUserBindDO;
@@ -13,7 +12,6 @@ import com.citu.module.menduner.system.dal.dataobject.permission.MdeMenuDO;
 import com.citu.module.menduner.system.dal.dataobject.permission.MdeRoleDO;
 import com.citu.module.menduner.system.dal.dataobject.permission.MdeRoleMenuDO;
 import com.citu.module.menduner.system.dal.dataobject.permission.MdeUserRoleDO;
-import com.citu.module.menduner.system.dal.dataobject.user.MdeUserDO;
 import com.citu.module.menduner.system.dal.mysql.permission.MdeRoleMenuMapper;
 import com.citu.module.menduner.system.dal.mysql.permission.MdeUserRoleMapper;
 import com.citu.module.menduner.system.dal.redis.RedisKeyConstants;
@@ -74,387 +72,312 @@ public class MdePermissionServiceImpl implements MdePermissionService {
     @Resource
     @Lazy
     private EnterpriseService enterpriseService;
-//
-//    @Override
-//    public boolean hasAnyPermissions(Long userId, String... permissions) {
-//        // 如果为空，说明已经有权限
-//        if (ArrayUtil.isEmpty(permissions)) {
-//            return true;
-//        }
-//
-//        // 获得当前登录的角色。如果为空，说明没有权限
-//        List<MdeRoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);
-//        if (CollUtil.isEmpty(roles)) {
-//            return false;
-//        }
-//
-//        // 情况一：遍历判断每个权限，如果有一满足，说明有权限
-//        for (String permission : permissions) {
-//            if (hasAnyPermission(roles, permission)) {
-//                return true;
-//            }
-//        }
-//
-//        // 情况二：如果是超管，也说明有权限
-//        return roleService.hasAnySuperAdmin(convertSet(roles, MdeRoleDO::getId));
-//    }
-//
-//    /**
-//     * 判断指定角色，是否拥有该 permission 权限
-//     *
-//     * @param roles      指定角色数组
-//     * @param permission 权限标识
-//     * @return 是否拥有
-//     */
-//    private boolean hasAnyPermission(List<MdeRoleDO> roles, String permission) {
-//        List<Long> menuIds = menuService.getMenuIdListByPermissionFromCache(permission);
-//        // 采用严格模式，如果权限找不到对应的 Menu 的话，也认为没有权限
-//        if (CollUtil.isEmpty(menuIds)) {
-//            return false;
-//        }
-//
-//        // 判断是否有权限
-//        Set<Long> roleIds = convertSet(roles, MdeRoleDO::getId);
-//        for (Long menuId : menuIds) {
-//            // 获得拥有该菜单的角色编号集合
-//            Set<Long> menuRoleIds = getSelf().getMenuRoleIdListByMenuIdFromCache(menuId);
-//            // 如果有交集，说明有权限
-//            if (CollUtil.containsAny(menuRoleIds, roleIds)) {
-//                return true;
-//            }
-//        }
-//        return false;
-//    }
-//
-//    @Override
-//    public boolean hasAnyRoles(Long userId, String... roles) {
-//        // 如果为空，说明已经有权限
-//        if (ArrayUtil.isEmpty(roles)) {
-//            return true;
-//        }
-//
-//        // 获得当前登录的角色。如果为空，说明没有权限
-//        List<MdeRoleDO> roleList = getEnableUserRoleListByUserIdFromCache(userId);
-//        if (CollUtil.isEmpty(roleList)) {
-//            return false;
-//        }
-//
-//        // 判断是否有角色
-//        Set<String> userRoles = convertSet(roleList, MdeRoleDO::getCode);
-//        return CollUtil.containsAny(userRoles, Sets.newHashSet(roles));
-//    }
-//
-//    // ========== 角色-菜单的相关方法  ==========
-//
-//    @Override
-//    @DSTransactional // 多数据源，使用 @DSTransactional 保证本地事务，以及数据源的切换
-//    @Caching(evict = {
-//            @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST,
-//                    allEntries = true),
-//            @CacheEvict(value = RedisKeyConstants.MDE_PERMISSION_MENU_ID_LIST,
-//                    allEntries = true) // allEntries 清空所有缓存，主要一次更新涉及到的 menuIds 较多，反倒批量会更快
-//    })
-//    public void assignRoleMenu(Long roleId, Set<Long> menuIds) {
-//        // 获得角色拥有菜单编号
-//        Set<Long> dbMenuIds = convertSet(roleMenuMapper.selectListByRoleId(roleId), MdeRoleMenuDO::getMenuId);
-//        // 计算新增和删除的菜单编号
-//        Set<Long> menuIdList = CollUtil.emptyIfNull(menuIds);
-//        Collection<Long> createMenuIds = CollUtil.subtract(menuIdList, dbMenuIds);
-//        Collection<Long> deleteMenuIds = CollUtil.subtract(dbMenuIds, menuIdList);
-//        // 执行新增和删除。对于已经授权的菜单，不用做任何处理
-//        if (CollUtil.isNotEmpty(createMenuIds)) {
-//            roleMenuMapper.insertBatch(CollectionUtils.convertList(createMenuIds, menuId -> {
-//                MdeRoleMenuDO entity = new MdeRoleMenuDO();
-//                entity.setRoleId(roleId);
-//                entity.setMenuId(menuId);
-//                return entity;
-//            }));
-//        }
-//        if (CollUtil.isNotEmpty(deleteMenuIds)) {
-//            roleMenuMapper.deleteListByRoleIdAndMenuIds(roleId, deleteMenuIds);
-//        }
-//    }
-//
-//    @Override
-//    @Transactional(rollbackFor = Exception.class)
-//    @Caching(evict = {
-//            @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST,
-//                    allEntries = true), // allEntries 清空所有缓存，此处无法方便获得 roleId 对应的 menu 缓存们
-//            @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS,
-//                    allEntries = true) // allEntries 清空所有缓存，此处无法方便获得 roleId 对应的 user 缓存们
-//    })
-//    public void processRoleDeleted(Long roleId) {
-//        // 标记删除 UserRole
-//        userRoleMapper.deleteListByRoleId(roleId);
-//        // 标记删除 RoleMenu
-//        roleMenuMapper.deleteListByRoleId(roleId);
-//    }
-//
-//    @Override
-//    @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST, key = "#menuId")
-//    public void processMenuDeleted(Long menuId) {
-//        roleMenuMapper.deleteListByMenuId(menuId);
-//    }
-//
-//    @Override
-//    public Set<Long> getRoleMenuListByRoleId(Collection<Long> roleIds) {
-//        if (CollUtil.isEmpty(roleIds)) {
-//            return Collections.emptySet();
-//        }
-//
-//        // 如果是管理员的情况下，获取全部菜单编号
-//        if (roleService.hasAnySuperAdmin(roleIds)) {
-//            return convertSet(menuService.getMenuList(), MdeMenuDO::getId);
-//        }
-//        // 如果是非管理员的情况下，获得拥有的菜单编号
-//        return convertSet(roleMenuMapper.selectListByRoleId(roleIds), MdeRoleMenuDO::getMenuId);
-//    }
-//
-//    @Override
-//    @Cacheable(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST, key = "#menuId")
-//    public Set<Long> getMenuRoleIdListByMenuIdFromCache(Long menuId) {
-//        return convertSet(roleMenuMapper.selectListByMenuId(menuId), MdeRoleMenuDO::getRoleId);
-//    }
-//
-//    // ========== 用户-角色的相关方法  ==========
-//
-//    @Override
-//    @DSTransactional // 多数据源，使用 @DSTransactional 保证本地事务，以及数据源的切换
-//    @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#userId")
-//    public void assignUserRole(Long enterpriseId,Long userId, Set<Long> roleIds) {
-//        // 获得角色拥有角色编号
-//        Set<Long> dbRoleIds = convertSet(userRoleMapper.selectListByEnterpriseIdAndUserId(enterpriseId,userId),
-//                MdeUserRoleDO::getRoleId);
-//        // 计算新增和删除的角色编号
-//        Set<Long> roleIdList = CollUtil.emptyIfNull(roleIds);
-//        Collection<Long> createRoleIds = CollUtil.subtract(roleIdList, dbRoleIds);
-//        Collection<Long> deleteMenuIds = CollUtil.subtract(dbRoleIds, roleIdList);
-//        // 执行新增和删除。对于已经授权的角色，不用做任何处理
-//        if (!CollectionUtil.isEmpty(createRoleIds)) {
-//            userRoleMapper.insertBatch(CollectionUtils.convertList(createRoleIds, roleId -> {
-//                MdeUserRoleDO entity = new MdeUserRoleDO();
-//                entity.setUserId(userId);
-//                entity.setRoleId(roleId);
-//                return entity;
-//            }));
-//        }
-//        if (!CollectionUtil.isEmpty(deleteMenuIds)) {
-//            userRoleMapper.deleteListByEnterpriseIdAndUserIdAndRoleIdIds(enterpriseId,userId, deleteMenuIds);
-//        }
-//    }
-//
-//    @Override
-//    public void assignUserRoleByDefault(Long userId, MdeDefaultRoleEnum roleEnum) {
-//        // 获得默认角色信息
-//        MdeRoleDO role = roleService.getRoleByDefault(roleEnum);
-//        MdeUserRoleDO entity = new MdeUserRoleDO();
-//        entity.setUserId(userId);
-//        entity.setRoleId(role.getId());
-//        userRoleMapper.insert(entity);
-//    }
-//
-//    @Override
-//    @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key =  "#enterpriseId + ':' + #userId")
-//    public void processUserDeleted(Long enterpriseId,Long userId) {
-//        userRoleMapper.deleteListByEnterpriseIdAndUserId(enterpriseId,userId);
-//    }
-//
-//    @Override
-//    public Set<Long> getUserRoleIdListByUserId(Long enterpriseId,Long userId) {
-//        return convertSet(userRoleMapper.selectListByEnterpriseIdAndUserId(enterpriseId,userId), MdeUserRoleDO::getRoleId);
-//    }
-//
-//    @Override
-//    @Cacheable(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#userId")
-//    public Set<Long> getUserRoleIdListByUserIdFromCache(Long userId) {
-//        return getUserRoleIdListByUserId(userId);
-//    }
-//
-//    @Override
-//    public Set<Long> getUserRoleIdListByRoleId(Collection<Long> roleIds) {
-//        return convertSet(userRoleMapper.selectListByRoleIds(roleIds), MdeUserRoleDO::getUserId);
-//    }
-//
-//    /**
-//     * 获得用户拥有的角色，并且这些角色是开启状态的
-//     *
-//     * @param userId 用户编号
-//     * @return 用户拥有的角色
-//     */
-//    @VisibleForTesting
-//    List<MdeRoleDO> getEnableUserRoleListByUserIdFromCache(Long userId) {
-//        // 获得用户拥有的角色编号
-//        Set<Long> roleIds = getSelf().getUserRoleIdListByUserIdFromCache(userId);
-//        // 获得角色数组，并移除被禁用的
-//        List<MdeRoleDO> roles = roleService.getRoleListFromCache(roleIds);
-//        roles.removeIf(role -> !MendunerStatusEnum.ENABLE.getStatus().equals(role.getStatus()));
-//        return roles;
-//    }
-//
-//    // ========== 用户-部门的相关方法  ==========
-//
-//    @Override
-//    public void assignRoleDataScope(Long roleId, Integer dataScope, Set<Long> dataScopeDataIds) {
-//        roleService.updateRoleDataScope(roleId, dataScope, dataScopeDataIds);
-//    }
-//
-//    @Override
-//    @DataPermission(enable = false) // 关闭数据权限，不然就会出现递归获取数据权限的问题
-//    public DataPermissionRespDTO getDataPermission(Long userId, Long enterpriseId) {
-//        DataPermissionRespDTO result = new DataPermissionRespDTO();
-//        // 获得用户的角色
-//        List<MdeRoleDO> roles = getEnableUserRoleListByUserIdFromCache(userId);
-//        // 如果角色为空，则只能查看自己
-//        if (CollUtil.isEmpty(roles)) {
-//            result.setSelf(true);
-//            return result;
-//        }
-//
-//        // 获得用户的部门编号的缓存，通过 Guava 的 Suppliers 惰性求值，即有且仅有第一次发起 DB 的查询
-//        EnterpriseUserBindDO enterpriseUserBind = enterpriseUserBindService
-//                .selectByEnterpriseIdAndUserId(enterpriseId, userId);
-//        if (enterpriseUserBind == null) {
-//            // 找不到企业用户 or 禁用了
-//            return result;
-//        }
-//        // 遍历每个角色，计算
-//        for (MdeRoleDO role : roles) {
-//            // 为空时，跳过
-//            if (role.getDataScope() == null) {
-//                continue;
-//            }
-//            // 情况一，ALL 所有的数据权限
-//            if (Objects.equals(role.getDataScope(), DataScopeEnum.ALL.getScope())) {
-//                result.setAll(true);
-//                continue;
-//            }
-//            // 情况二，DEPT_CUSTOM 自定义
-//            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_CUSTOM.getScope())) {
-//                CollUtil.addAll(result.getDataIds(), role.getDataScopeEnterpriseIds());
-//                // 自定义可见部门时，保证可以看到自己所在的部门。否则，一些场景下可能会有问题。
-//                // 例如说，登录时，基于 t_user 的 username 查询会可能被 dept_id 过滤掉
-//                CollUtil.addAll(result.getDataIds(), enterpriseUserBind.getEnterpriseId());
-//                continue;
-//            }
-//            // 情况三，DEPT_ONLY 自己所在的数据权限
-//            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_ONLY.getScope())) {
-//                CollectionUtils.addIfNotNull(result.getDataIds(), enterpriseUserBind.getEnterpriseId());
-//                continue;
-//            }
-//            // 情况四，DEPT_DEPT_AND_CHILD 自己所在及以下的数据权限
-//            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_AND_CHILD.getScope())) {
-//                CollUtil.addAll(result.getDataIds(), enterpriseService
-//                        .getChildEnterpriseIdListFromCache(enterpriseUserBind.getEnterpriseId()));
-//                // 添加本身部门编号
-//                CollUtil.addAll(result.getDataIds(), enterpriseUserBind
-//                        .getEnterpriseId());
-//                continue;
-//            }
-//            // 情况五，SELF
-//            if (Objects.equals(role.getDataScope(), DataScopeEnum.SELF.getScope())) {
-//                //                if (!EnterpriseUserTypeEnum.ADMIN.getType()
-//                //                        .equals(enterpriseUserBind.getUserType())) {
-//                //                    // 不是管理员,加入自己的权限
-//                //                    result.setSelf(true);
-//                //                }
-//                // 20240718 更改 所有用户都只能看到自己的数据
-//                result.setSelf(true);
-//                continue;
-//            }
-//            // 未知情况，error log 即可
-//            log.error("[getDeptDataPermission][LoginUser({}) role({}) 无法处理]", userId, toJsonString(result));
-//        }
-//        return result;
-//    }
-//
-//
-//    /**
-//     * 获得自身的代理对象，解决 AOP 生效问题
-//     *
-//     * @return 自己
-//     */
-//    private MdePermissionServiceImpl getSelf() {
-//        return SpringUtil.getBean(getClass());
-//    }
-
 
     @Override
-    public boolean hasAnyPermissions(Long userId, String... permissions) {
+    public boolean hasAnyPermissions(Long enterpriseId, Long userId, String... permissions) {
+        // 如果为空，说明已经有权限
+        if (ArrayUtil.isEmpty(permissions)) {
+            return true;
+        }
+
+        // 获得当前登录的角色。如果为空，说明没有权限
+        List<MdeRoleDO> roles = getEnableUserRoleListByUserIdFromCache(enterpriseId,userId);
+        if (CollUtil.isEmpty(roles)) {
+            return false;
+        }
+
+        // 情况一：遍历判断每个权限，如果有一满足，说明有权限
+        for (String permission : permissions) {
+            if (hasAnyPermission(roles, permission)) {
+                return true;
+            }
+        }
+
+        // 情况二：如果是超管，也说明有权限
+        return roleService.hasAnySuperAdmin(convertSet(roles, MdeRoleDO::getId));
+    }
+
+    /**
+     * 判断指定角色，是否拥有该 permission 权限
+     *
+     * @param roles      指定角色数组
+     * @param permission 权限标识
+     * @return 是否拥有
+     */
+    private boolean hasAnyPermission(List<MdeRoleDO> roles, String permission) {
+        List<Long> menuIds = menuService.getMenuIdListByPermissionFromCache(permission);
+        // 采用严格模式，如果权限找不到对应的 Menu 的话，也认为没有权限
+        if (CollUtil.isEmpty(menuIds)) {
+            return false;
+        }
+
+        // 判断是否有权限
+        Set<Long> roleIds = convertSet(roles, MdeRoleDO::getId);
+        for (Long menuId : menuIds) {
+            // 获得拥有该菜单的角色编号集合
+            Set<Long> menuRoleIds = getSelf().getMenuRoleIdListByMenuIdFromCache(menuId);
+            // 如果有交集，说明有权限
+            if (CollUtil.containsAny(menuRoleIds, roleIds)) {
+                return true;
+            }
+        }
         return false;
     }
 
     @Override
-    public boolean hasAnyRoles(Long userId, String... roles) {
-        return false;
+    public boolean hasAnyRoles(Long enterpriseId, Long userId, String... roles) {
+        // 如果为空，说明已经有权限
+        if (ArrayUtil.isEmpty(roles)) {
+            return true;
+        }
+
+        // 获得当前登录的角色。如果为空，说明没有权限
+        List<MdeRoleDO> roleList = getEnableUserRoleListByUserIdFromCache(enterpriseId, userId);
+        if (CollUtil.isEmpty(roleList)) {
+            return false;
+        }
+
+        // 判断是否有角色
+        Set<String> userRoles = convertSet(roleList, MdeRoleDO::getCode);
+        return CollUtil.containsAny(userRoles, Sets.newHashSet(roles));
     }
 
+    // ========== 角色-菜单的相关方法  ==========
+
     @Override
+    @DSTransactional // 多数据源，使用 @DSTransactional 保证本地事务，以及数据源的切换
+    @Caching(evict = {
+            @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST,
+                    allEntries = true),
+            @CacheEvict(value = RedisKeyConstants.MDE_PERMISSION_MENU_ID_LIST,
+                    allEntries = true) // allEntries 清空所有缓存，主要一次更新涉及到的 menuIds 较多，反倒批量会更快
+    })
     public void assignRoleMenu(Long roleId, Set<Long> menuIds) {
-
+        // 获得角色拥有菜单编号
+        Set<Long> dbMenuIds = convertSet(roleMenuMapper.selectListByRoleId(roleId), MdeRoleMenuDO::getMenuId);
+        // 计算新增和删除的菜单编号
+        Set<Long> menuIdList = CollUtil.emptyIfNull(menuIds);
+        Collection<Long> createMenuIds = CollUtil.subtract(menuIdList, dbMenuIds);
+        Collection<Long> deleteMenuIds = CollUtil.subtract(dbMenuIds, menuIdList);
+        // 执行新增和删除。对于已经授权的菜单，不用做任何处理
+        if (CollUtil.isNotEmpty(createMenuIds)) {
+            roleMenuMapper.insertBatch(CollectionUtils.convertList(createMenuIds, menuId -> {
+                MdeRoleMenuDO entity = new MdeRoleMenuDO();
+                entity.setRoleId(roleId);
+                entity.setMenuId(menuId);
+                return entity;
+            }));
+        }
+        if (CollUtil.isNotEmpty(deleteMenuIds)) {
+            roleMenuMapper.deleteListByRoleIdAndMenuIds(roleId, deleteMenuIds);
+        }
     }
 
     @Override
+    @Transactional(rollbackFor = Exception.class)
+    @Caching(evict = {
+            @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST,
+                    allEntries = true), // allEntries 清空所有缓存，此处无法方便获得 roleId 对应的 menu 缓存们
+            @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS,
+                    allEntries = true) // allEntries 清空所有缓存，此处无法方便获得 roleId 对应的 user 缓存们
+    })
     public void processRoleDeleted(Long roleId) {
-
+        // 标记删除 UserRole
+        userRoleMapper.deleteListByRoleId(roleId);
+        // 标记删除 RoleMenu
+        roleMenuMapper.deleteListByRoleId(roleId);
     }
 
     @Override
+    @CacheEvict(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST, key = "#menuId")
     public void processMenuDeleted(Long menuId) {
-
-    }
-
-    @Override
-    public Set<Long> getRoleMenuListByRoleId(Long roleId) {
-        return MdePermissionService.super.getRoleMenuListByRoleId(roleId);
+        roleMenuMapper.deleteListByMenuId(menuId);
     }
 
     @Override
     public Set<Long> getRoleMenuListByRoleId(Collection<Long> roleIds) {
-        return Set.of();
+        if (CollUtil.isEmpty(roleIds)) {
+            return Collections.emptySet();
+        }
+
+        // 如果是管理员的情况下，获取全部菜单编号
+        if (roleService.hasAnySuperAdmin(roleIds)) {
+            return convertSet(menuService.getMenuList(), MdeMenuDO::getId);
+        }
+        // 如果是非管理员的情况下，获得拥有的菜单编号
+        return convertSet(roleMenuMapper.selectListByRoleId(roleIds), MdeRoleMenuDO::getMenuId);
     }
 
     @Override
+    @Cacheable(value = RedisKeyConstants.MDE_MENU_ROLE_ID_LIST, key = "#menuId")
     public Set<Long> getMenuRoleIdListByMenuIdFromCache(Long menuId) {
-        return Set.of();
+        return convertSet(roleMenuMapper.selectListByMenuId(menuId), MdeRoleMenuDO::getRoleId);
     }
 
-    @Override
-    public void assignUserRole(Long userId, Set<Long> roleIds) {
+    // ========== 用户-角色的相关方法  ==========
 
+    @Override
+    @DSTransactional // 多数据源，使用 @DSTransactional 保证本地事务，以及数据源的切换
+    @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#userId")
+    public void assignEnterpriseUserRole(Long enterpriseId, Long userId, Set<Long> roleIds) {
+        // 获得角色拥有角色编号
+        Set<Long> dbRoleIds = convertSet(userRoleMapper.selectListByEnterpriseIdAndUserId(enterpriseId, userId),
+                MdeUserRoleDO::getRoleId);
+        // 计算新增和删除的角色编号
+        Set<Long> roleIdList = CollUtil.emptyIfNull(roleIds);
+        Collection<Long> createRoleIds = CollUtil.subtract(roleIdList, dbRoleIds);
+        Collection<Long> deleteMenuIds = CollUtil.subtract(dbRoleIds, roleIdList);
+        // 执行新增和删除。对于已经授权的角色，不用做任何处理
+        if (!CollectionUtil.isEmpty(createRoleIds)) {
+            userRoleMapper.insertBatch(CollectionUtils.convertList(createRoleIds, roleId -> {
+                MdeUserRoleDO entity = new MdeUserRoleDO();
+                entity.setUserId(userId);
+                entity.setRoleId(roleId);
+                return entity;
+            }));
+        }
+        if (!CollectionUtil.isEmpty(deleteMenuIds)) {
+            userRoleMapper.deleteListByEnterpriseIdAndUserIdAndRoleIdIds(enterpriseId, userId, deleteMenuIds);
+        }
     }
 
     @Override
-    public void assignUserRoleByDefault(Long userId, MdeDefaultRoleEnum roleEnum) {
-
+    public void assignEnterpriseUserRoleByDefault(Long enterpriseId, Long userId, MdeDefaultRoleEnum roleEnum) {
+        // 获得默认角色信息
+        MdeRoleDO role = roleService.getRoleByDefault(roleEnum);
+        MdeUserRoleDO entity = new MdeUserRoleDO();
+        entity.setEnterpriseId(enterpriseId);
+        entity.setUserId(userId);
+        entity.setRoleId(role.getId());
+        userRoleMapper.insert(entity);
     }
 
     @Override
-    public void processUserDeleted(Long userId) {
-
+    @CacheEvict(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#userId")
+    public void processEnterpriseUserDeleted(Long userId) {
+        userRoleMapper.deleteListByEnterpriseIdAndUserId(userId);
     }
 
     @Override
-    public Set<Long> getUserRoleIdListByRoleId(Collection<Long> roleIds) {
-        return Set.of();
+    public Set<Long> getEnterpriseUserRoleIdListByUserId(Long enterpriseId, Long userId) {
+        return convertSet(userRoleMapper.selectListByEnterpriseIdAndUserId(enterpriseId, userId), MdeUserRoleDO::getRoleId);
     }
 
     @Override
-    public Set<Long> getUserRoleIdListByUserId(Long userId) {
-        return Set.of();
+    @Cacheable(value = RedisKeyConstants.MDE_USER_ROLE_IDS, key = "#enterpriseId + ':' + #userId")
+    public Set<Long> getEnterpriseUserRoleIdListByUserIdFromCache(Long enterpriseId, Long userId) {
+        return getEnterpriseUserRoleIdListByUserId(enterpriseId, userId);
     }
 
     @Override
-    public Set<Long> getUserRoleIdListByUserIdFromCache(Long userId) {
-        return Set.of();
+    public Set<Long> getUserRoleIdListByRoleId(Collection<Long> roleIds) {
+        return convertSet(userRoleMapper.selectListByRoleIds(roleIds), MdeUserRoleDO::getUserId);
+    }
+
+    /**
+     * 获得用户拥有的角色，并且这些角色是开启状态的
+     *
+     * @param userId 用户编号
+     * @return 用户拥有的角色
+     */
+    @VisibleForTesting
+    List<MdeRoleDO> getEnableUserRoleListByUserIdFromCache(Long enterpriseId, Long userId) {
+        // 获得用户拥有的角色编号
+        Set<Long> roleIds = getSelf().getEnterpriseUserRoleIdListByUserIdFromCache(enterpriseId, userId);
+        // 获得角色数组，并移除被禁用的
+        List<MdeRoleDO> roles = roleService.getRoleListFromCache(roleIds);
+        roles.removeIf(role -> !MendunerStatusEnum.ENABLE.getStatus().equals(role.getStatus()));
+        return roles;
     }
 
+    // ========== 用户-部门的相关方法  ==========
+
     @Override
     public void assignRoleDataScope(Long roleId, Integer dataScope, Set<Long> dataScopeDataIds) {
-
+        roleService.updateRoleDataScope(roleId, dataScope, dataScopeDataIds);
     }
 
     @Override
-    public DataPermissionRespDTO getDataPermission(Long userId, Long enterpriseId) {
-        return null;
+    @DataPermission(enable = false) // 关闭数据权限，不然就会出现递归获取数据权限的问题
+    public DataPermissionRespDTO getDataPermission(Long enterpriseId, Long userId) {
+        DataPermissionRespDTO result = new DataPermissionRespDTO();
+        // 获得用户的部门编号的缓存，通过 Guava 的 Suppliers 惰性求值，即有且仅有第一次发起 DB 的查询
+        EnterpriseUserBindDO enterpriseUserBind = enterpriseUserBindService
+                .selectByEnterpriseIdAndUserId(enterpriseId, userId);
+        if (enterpriseUserBind == null) {
+            // 找不到企业用户 or 禁用了
+            return result;
+        }
+        // 获得用户的角色
+        List<MdeRoleDO> roles = getEnableUserRoleListByUserIdFromCache(enterpriseId, userId);
+        // 如果角色为空，则只能查看自己
+        if (CollUtil.isEmpty(roles)) {
+            result.setSelf(true);
+            if(enterpriseUserBindService.checkIsAdmin(enterpriseUserBind)) {
+                // 管理员
+                result.setDataIds(Collections.singleton(enterpriseId));
+            }
+            return result;
+        }
+
+        // 遍历每个角色，计算
+        for (MdeRoleDO role : roles) {
+            // 为空时，跳过
+            if (role.getDataScope() == null) {
+                continue;
+            }
+            // 情况一，ALL 所有的数据权限
+            if (Objects.equals(role.getDataScope(), DataScopeEnum.ALL.getScope())) {
+                result.setAll(true);
+                continue;
+            }
+            // 情况二，DEPT_CUSTOM 自定义
+            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_CUSTOM.getScope())) {
+                CollUtil.addAll(result.getDataIds(), role.getDataScopeEnterpriseIds());
+                // 自定义可见部门时，保证可以看到自己所在的部门。否则，一些场景下可能会有问题。
+                // 例如说，登录时，基于 t_user 的 username 查询会可能被 dept_id 过滤掉
+                CollUtil.addAll(result.getDataIds(), enterpriseUserBind.getEnterpriseId());
+                continue;
+            }
+            // 情况三，DEPT_ONLY 自己所在的数据权限
+            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_ONLY.getScope())) {
+                CollectionUtils.addIfNotNull(result.getDataIds(), enterpriseUserBind.getEnterpriseId());
+                continue;
+            }
+            // 情况四，DEPT_DEPT_AND_CHILD 自己所在及以下的数据权限
+            if (Objects.equals(role.getDataScope(), DataScopeEnum.DEPT_AND_CHILD.getScope())) {
+                CollUtil.addAll(result.getDataIds(), enterpriseService
+                        .getChildEnterpriseIdListFromCache(enterpriseUserBind.getEnterpriseId()));
+                // 添加本身部门编号
+                CollUtil.addAll(result.getDataIds(), enterpriseUserBind
+                        .getEnterpriseId());
+                continue;
+            }
+            // 情况五，SELF
+            if (Objects.equals(role.getDataScope(), DataScopeEnum.SELF.getScope())) {
+                //                if (!EnterpriseUserTypeEnum.ADMIN.getType()
+                //                        .equals(enterpriseUserBind.getUserType())) {
+                //                    // 不是管理员,加入自己的权限
+                //                    result.setSelf(true);
+                //                }
+                // 20240718 更改 所有用户都只能看到自己的数据
+                result.setSelf(true);
+                continue;
+            }
+            // 未知情况，error log 即可
+            log.error("[getDeptDataPermission][LoginUser({}) role({}) 无法处理]", userId, toJsonString(result));
+        }
+        return result;
+    }
+
+
+    /**
+     * 获得自身的代理对象，解决 AOP 生效问题
+     *
+     * @return 自己
+     */
+    private MdePermissionServiceImpl getSelf() {
+        return SpringUtil.getBean(getClass());
     }
+
 }

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/permission/MdeRoleServiceImpl.java

@@ -172,6 +172,10 @@ public class MdeRoleServiceImpl implements MdeRoleService {
         if (RoleTypeEnum.SYSTEM.getType().equals(role.getType())) {
             throw exception(MDE_ROLE_CAN_NOT_UPDATE_SYSTEM_TYPE_ROLE);
         }
+        if(!role.getEnterpriseId().equals(LoginUserContext.getEnterpriseId())) {
+            // 操作别人的数据
+            throw exception(MDE_REQUEST_ILLEGAL);
+        }
         return role;
     }
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/user/MdeUserServiceImpl.java

@@ -100,8 +100,6 @@ public class MdeUserServiceImpl implements MdeUserService {
         user.setStatus(MendunerStatusEnum.ENABLE.getStatus()); // 默认开启
         user.setPassword(encodePassword(createReqVO.getPassword())); // 加密密码
         mdeUserMapper.insert(user);
-        // 2.2 绑定默认角色
-        mdePermissionService.assignUserRoleByDefault(user.getId(), MdeDefaultRoleEnum.MENDUNER_ENTERPRISE_ROLE);
         // 3. 记录操作日志上下文
         LogRecordContext.putVariable("user", user);
         return user.getId();
@@ -185,7 +183,7 @@ public class MdeUserServiceImpl implements MdeUserService {
         // 校验存在
         MdeUserDO user = validateMdeUserExists(id);
         // 2.2 删除用户关联数据
-        mdePermissionService.processUserDeleted(id);
+        mdePermissionService.processEnterpriseUserDeleted(id);
         // 删除
         mdeUserMapper.deleteById(id);