账号分配角色相关

cms-common/cms-common-model/src/main/java/com/mmc/iuav/user/model/dto/LoginSuccessDTO.java

@@ -9,10 +9,10 @@ import lombok.NoArgsConstructor;
 import java.io.Serializable;
 
 /**
-* @author 作者 geDuo
-* @version 创建时间：2021年8月31日 下午8:06:14 
-* @explain 类说明 
-*/
+ * @author 作者 geDuo
+ * @version 创建时间：2021年8月31日 下午8:06:14
+ * @explain 类说明
+ */
 @Builder
 @Data
 @AllArgsConstructor
@@ -28,6 +28,6 @@ public class LoginSuccessDTO implements Serializable {
     private String userName;
     private String nickName;
     private CompanyInfoVO companyInfoVO;
-//	private RoleInfoDTO roleInfo;
+    private RoleInfoDTO roleInfo;
 
 }

cms-common/cms-common-model/src/main/java/com/mmc/iuav/user/model/dto/UserAccountSimpleDTO.java

 package com.mmc.iuav.user.model.dto;
 
-import com.mmc.iuav.user.model.vo.CompanyAuthVO;
 import com.mmc.iuav.user.model.vo.CooperationTagVO;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.AllArgsConstructor;
@@ -37,6 +36,8 @@ public class UserAccountSimpleDTO implements Serializable {
     private String nickName;
     @ApiModelProperty(value = "用户头像")
     private String userImg;
+    @ApiModelProperty(value = "openid")
+    private String openid;
     @ApiModelProperty(value = "用户性别：0未知、1男、2女")
     private Integer userSex;
     @ApiModelProperty(value = "用户邮箱")

cms-common/cms-common-model/src/main/java/com/mmc/iuav/user/model/vo/BUserAccountVO.java

@@ -55,18 +55,18 @@ public class BUserAccountVO implements Serializable {
     @NotNull(message = "状态不能为空", groups = {Update.class})
     private Integer accountStatus;
 
-    @ApiModelProperty(value = "角色", example = "1", hidden = true)
-    //@NotNull(message = "角色不能为空", groups = {Create.class, Update.class})
+    @ApiModelProperty(value = "角色", example = "1")
+    @NotNull(message = "角色不能为空", groups = {Create.class, Update.class})
     private Integer roleId;
 
-    @ApiModelProperty(value = "能控制的用户资源来源",hidden = true)
+    @ApiModelProperty(value = "能控制的用户资源来源", hidden = true)
     private Integer controlSource;
 
     @ApiModelProperty(value = "电子邮箱", example = "220700100213@163.com")
     @Email
     private String email;
 
-    @ApiModelProperty(value = "所属公司ID",example = "0")
+    @ApiModelProperty(value = "所属公司ID", example = "0")
     @NotNull(message = "所属公司不能为空", groups = {Create.class})
     private Integer companyId;
 

cms-common/cms-common-util/src/main/java/com/mmc/iuav/response/ResultEnum.java

@@ -39,8 +39,12 @@ public enum ResultEnum implements BaseErrorInfoInterface {
     UPDATE_USER_ACCOUNT_REPEAT("7003", "修改后的账户名已存在"),
     ADD_USER_ACCOUNT_NAME_EXISTS("7004", "新增账户名已经存在"),
     ROLE_NAME_REPEAT_ERROR("8004", "角色名已存在"),
-    ROLE_AVL_USER_DELETE_ERROR("8005", "该角色下目前已关联多个用户账号，请先在用户列表中删除角色者账号");
-
+    ROLE_AVL_USER_DELETE_ERROR("8005", "该角色下目前已关联多个用户账号，请先在用户列表中删除角色者账号"),
+    UPDATE_ADMIN_ROLE_MENUS_ERROR("8006", "禁止修改超级管理员角色的权限"),
+    UPDATE_OWNER_ROLE_MENUS_ERROR("8007", "禁止修改与当前登录账号角色相同的角色权限"),
+    UPDATE_OWNER_ROLE_ERROR("8008", "禁止修改当前账号的角色"),
+    UPDATE_ADMIN_ROLE_ERROR("8009", "禁止修改admin账号的角色"),
+    ONLY_ONE_ADMIN_ERROR("8010", "只能有一个超级管理员账号");
 
     /**
      * 错误码

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/AuthController.java

@@ -2,6 +2,7 @@ package com.mmc.iuav.user.controller;
 
 import com.mmc.iuav.group.Insert;
 import com.mmc.iuav.response.ResultBody;
+import com.mmc.iuav.user.model.dto.LoginSuccessDTO;
 import com.mmc.iuav.user.model.qo.LoginUserQO;
 import com.mmc.iuav.user.model.vo.AppUserSucVO;
 import com.mmc.iuav.user.model.vo.WxLoginVO;
@@ -11,8 +12,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
-import javax.servlet.http.HttpServletRequest;
-
 /**
  * @author: zj
  * @Date: 2023/5/15 15:50
@@ -26,14 +25,14 @@ public class AuthController {
     private AuthService authService;
 
     @ApiOperation(value = "小程序登录/注册")
-    @ApiResponses({ @ApiResponse(code = 200, message = "OK", response = AppUserSucVO.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = AppUserSucVO.class)})
     @PostMapping("appletLogin")
-    public ResultBody appletLogin(@Validated(value = {Insert.class})@RequestBody WxLoginVO wxLoginVO){
+    public ResultBody appletLogin(@Validated(value = {Insert.class}) @RequestBody WxLoginVO wxLoginVO) {
         return authService.appletLogin(wxLoginVO);
     }
 
     @ApiOperation(value = "平台账号密码登录")
-    @ApiResponses({ @ApiResponse(code = 200, message = "OK", response = ResultBody.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = LoginSuccessDTO.class)})
     @PostMapping("backEndLogin")
     public ResultBody backEndLogin(
             @ApiParam(value = "账号登录QO", required = true) @Validated @RequestBody LoginUserQO param) {
@@ -41,9 +40,9 @@ public class AuthController {
     }
 
     @ApiOperation(value = "测试-小程序unionId登录/注册")
-    @ApiResponses({ @ApiResponse(code = 200, message = "OK", response = AppUserSucVO.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = AppUserSucVO.class)})
     @PostMapping("testAppletLogin")
-    public ResultBody testAppletLogin(@RequestParam String unionId){
+    public ResultBody testAppletLogin(@RequestParam String unionId) {
         return authService.testAppletLogin(unionId);
     }
 }

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/BackUserAccountController.java

@@ -4,26 +4,17 @@ import com.mmc.iuav.group.Create;
 import com.mmc.iuav.group.Update;
 import com.mmc.iuav.group.UpdatePassword;
 import com.mmc.iuav.response.ResultBody;
-import com.mmc.iuav.user.client.PayClient;
-import com.mmc.iuav.user.model.dto.BaseAccountDTO;
-import com.mmc.iuav.user.model.dto.LoginSuccessDTO;
-import com.mmc.iuav.user.model.dto.UserAccountSimpleDTO;
 import com.mmc.iuav.user.model.qo.BUserAccountQO;
 import com.mmc.iuav.user.model.vo.BUserAccountVO;
 import com.mmc.iuav.user.model.vo.BackUserAccountVO;
-import com.mmc.iuav.user.model.vo.UserAccountVO;
 import com.mmc.iuav.user.service.BackUserAccountService;
-import com.mmc.iuav.user.service.UserAccountService;
 import io.swagger.annotations.*;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
-import org.springframework.web.client.RestTemplate;
 import springfox.documentation.annotations.ApiIgnore;
 
 import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.security.NoSuchAlgorithmException;
 import java.util.List;
 
 /**
@@ -33,7 +24,7 @@ import java.util.List;
 @Api(tags = "后台用户相关接口")
 @RequestMapping("/back-user/")
 @RestController
-public class BackUserAccountController extends BaseController{
+public class BackUserAccountController extends BaseController {
 
     @Autowired
     private BackUserAccountService backUserAccountService;
@@ -48,8 +39,8 @@ public class BackUserAccountController extends BaseController{
     @ApiOperation(value = "账号-修改")
     @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
     @PostMapping("updateBAccount")
-    public ResultBody updateBAccount(@Validated(value = {Update.class}) @RequestBody BUserAccountVO bUserAccountVO) {
-        return backUserAccountService.updateBAccount(bUserAccountVO);
+    public ResultBody updateBAccount(@Validated(value = {Update.class}) @RequestBody BUserAccountVO bUserAccountVO, HttpServletRequest request) {
+        return backUserAccountService.updateBAccount(bUserAccountVO, this.getUserLoginInfoFromRedis(request));
     }
 
     @ApiOperation(value = "账号-删除")
@@ -76,7 +67,7 @@ public class BackUserAccountController extends BaseController{
     @ApiOperation(value = "账号管理-修改密码")
     @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
     @PostMapping("updatePassword")
-    public ResultBody updatePassword(@Validated(value = {UpdatePassword.class}) @RequestBody BUserAccountVO account){
+    public ResultBody updatePassword(@Validated(value = {UpdatePassword.class}) @RequestBody BUserAccountVO account) {
         return backUserAccountService.updatePassword(account);
     }
 

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/dao/RoleDao.java

@@ -2,6 +2,7 @@ package com.mmc.iuav.user.dao;
 
 import com.mmc.iuav.user.entity.MenuInfoDO;
 import com.mmc.iuav.user.entity.RoleInfoDO;
+import com.mmc.iuav.user.model.dto.RoleInfoDTO;
 import com.mmc.iuav.user.model.qo.RoleInfoQO;
 import org.apache.ibatis.annotations.Mapper;
 
@@ -42,5 +43,11 @@ public interface RoleDao {
     void batchAddMenuIds(Integer roleId, List<Integer> addMenuIds);
 
     void batchDeleteMenuIds(Integer roleId, List<Integer> deleteMenuIds);
+
+    void updateUserRoleRel(Integer backUserAccountId, Integer roleId);
+
+    void insertUserRoleRel(Integer backUserAccountId, Integer roleId);
+
+    RoleInfoDTO getRoleInfoByUserId(Integer backUserAccountId);
 }
 

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/entity/RoleInfoDO.java

@@ -53,7 +53,7 @@ public class RoleInfoDO {
     /**
      * 创建角色账号id
      */
-    private Integer userAccountId;
+    private Integer backUserAccountId;
     /**
      * 账号名称
      */

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/entity/UserAccountDO.java

@@ -3,7 +3,6 @@ package com.mmc.iuav.user.entity;
 import com.mmc.iuav.user.model.dto.UserAccountSimpleDTO;
 import com.mmc.iuav.user.model.vo.BUserAccountVO;
 import com.mmc.iuav.user.model.vo.UserAccountVO;
-import io.swagger.annotations.ApiModelProperty;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
@@ -83,7 +82,7 @@ public class UserAccountDO implements Serializable {
 
     public UserAccountSimpleDTO buildUserAccountSimpleDTO() {
         return UserAccountSimpleDTO.builder().id(this.id).uid(this.uid).accountNo(this.accountNo).phoneNum(this.phoneNum).userName(this.userName).nickName(this.nickName)
-              .userImg(this.userImg).userSex(this.userSex).email(this.email).source(this.source).accountStatus(this.accountStatus).portType(this.portType)
+                .userImg(this.userImg).openid(this.openId).userSex(this.userSex).email(this.email).source(this.source).accountStatus(this.accountStatus).portType(this.portType)
                 .companyAuthStatus(this.companyAuthStatus == null || this.companyAuthStatus != 1 ? 0 : 1).cooperationTagId(this.cooperationTagId).companyName(this.companyName)
                 .build();
     }

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/enums/RoleEnums.java

+package com.mmc.iuav.user.enums;
+
+/**
+ * @author: zj
+ * @Date: 2023/7/13 11:18
+ */
+public enum RoleEnums {
+
+    ADMIN(1, "超级管理员"),
+    OPERATOR(2, "运营管理员"),
+    FINANCIAL(3, "财务"),
+    FRANCHISEE(4, "加盟商");
+
+    RoleEnums(Integer id, String roleName) {
+        this.id = id;
+        this.roleName = roleName;
+    }
+
+    private Integer id;
+
+    private String roleName;
+
+    public Integer getId() {
+        return this.id;
+    }
+
+    public String getRoleName() {
+        return this.roleName;
+    }
+
+}

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/BackUserAccountService.java

@@ -2,6 +2,7 @@ package com.mmc.iuav.user.service;
 
 import com.mmc.iuav.response.ResultBody;
 import com.mmc.iuav.user.entity.BackUserAccountDO;
+import com.mmc.iuav.user.model.dto.LoginSuccessDTO;
 import com.mmc.iuav.user.model.qo.BUserAccountQO;
 import com.mmc.iuav.user.model.vo.BUserAccountVO;
 import com.mmc.iuav.user.model.vo.BackUserAccountVO;
@@ -15,6 +16,7 @@ import java.util.List;
 public interface BackUserAccountService {
     /**
      * 添加后台用户
+     *
      * @param bUserAccountVO
      * @return
      */
@@ -22,13 +24,16 @@ public interface BackUserAccountService {
 
     /**
      * 添加后台用户信息
+     *
      * @param bUserAccountVO
+     * @param loginSuccessDTO
      * @return
      */
-    ResultBody updateBAccount(BUserAccountVO bUserAccountVO);
+    ResultBody updateBAccount(BUserAccountVO bUserAccountVO, LoginSuccessDTO loginSuccessDTO);
 
     /**
      * 删除后台用户
+     *
      * @param userAccountId
      * @return
      */
@@ -36,6 +41,7 @@ public interface BackUserAccountService {
 
     /**
      * 后台用户列表
+     *
      * @param bUserAccountQO
      * @return
      */
@@ -43,6 +49,7 @@ public interface BackUserAccountService {
 
     /**
      * 内部远程调用查询用户信息
+     *
      * @param bUserAccountQO
      * @return
      */
@@ -50,6 +57,7 @@ public interface BackUserAccountService {
 
     /**
      * 修改用户密码
+     *
      * @param account
      * @return
      */
@@ -57,6 +65,7 @@ public interface BackUserAccountService {
 
     /**
      * 内部确认用户密码
+     *
      * @param id
      * @param authPwd
      * @return
@@ -65,6 +74,7 @@ public interface BackUserAccountService {
 
     /**
      * 登录账号密码查询用户信息
+     *
      * @param accountNo
      * @param passWord
      * @return

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/AuthServiceImpl.java

@@ -11,11 +11,13 @@ import com.mmc.iuav.user.auth.PwdUtil;
 import com.mmc.iuav.user.client.PayClient;
 import com.mmc.iuav.user.constant.WxConstant;
 import com.mmc.iuav.user.dao.CompanyAuthDao;
+import com.mmc.iuav.user.dao.RoleDao;
 import com.mmc.iuav.user.entity.BackUserAccountDO;
 import com.mmc.iuav.user.entity.CompanyAuthDO;
 import com.mmc.iuav.user.entity.UserAccountDO;
 import com.mmc.iuav.user.enums.UserAccountStatus;
 import com.mmc.iuav.user.model.dto.LoginSuccessDTO;
+import com.mmc.iuav.user.model.dto.RoleInfoDTO;
 import com.mmc.iuav.user.model.qo.LoginUserQO;
 import com.mmc.iuav.user.model.vo.AppUserSucVO;
 import com.mmc.iuav.user.model.vo.CompanyInfoVO;
@@ -58,6 +60,9 @@ public class AuthServiceImpl implements AuthService {
     private CompanyAuthDao companyAuthDao;
 
     @Autowired
+    private RoleDao roleDao;
+
+    @Autowired
     private CompanyService companyService;
 
     @Autowired
@@ -84,7 +89,7 @@ public class AuthServiceImpl implements AuthService {
             unionId = json.getString(WxConstant.UNION_ID);
             openId = json.getString(WxConstant.OPEN_ID);
             sessionKey = json.getString(WxConstant.SESSION_KEY);
-        }else {
+        } else {
             return ResultBody.error(ResultEnum.PARAM_ERROR);
         }
         //数据库查询用户信息
@@ -102,7 +107,7 @@ public class AuthServiceImpl implements AuthService {
             userAccountService.insertUserAccount(userAccountDO);
             userAccountVO = userAccountDO.buildUserAccountVO();
             payClient.createWallet(userAccountDO.getId());
-        }else {
+        } else {
             uid = userAccountVO.getUid();
             CompanyAuthDO companyAuthDO = companyAuthDao.getCompanyAuth(userAccountVO.getId());
             if (companyAuthDO != null) {
@@ -133,7 +138,7 @@ public class AuthServiceImpl implements AuthService {
         if (user == null) {
             return ResultBody.error(ResultEnum.LOGIN_ACCOUNT_NOT_EXIT_ERROR);
         }
-        if (user.getAccountStatus() .equals(UserAccountStatus.DISABLE.getAccountStatus()) ) {
+        if (user.getAccountStatus().equals(UserAccountStatus.DISABLE.getAccountStatus())) {
             return ResultBody.error(ResultEnum.LOGIN_ACCOUNT_STATUS_ERROR);
         }
         String loginPwd = "";
@@ -147,12 +152,15 @@ public class AuthServiceImpl implements AuthService {
         }
         // 查询单位信息
         CompanyInfoVO companyInfoVO = companyService.getCompanyInfoByBackUserAccountId(user.getId());
+        // 角色信息
+        RoleInfoDTO roleInfoDTO = roleDao.getRoleInfoByUserId(user.getId());
         Map<String, Object> map = new HashMap<String, Object>();
         map.put(JwtConstant.USER_ACCOUNT_ID, user.getId());
         map.put(JwtConstant.TOKEN_TYPE, JwtConstant.M_TOKEN);
         String token = JwtUtil.createJwt(map);
-        LoginSuccessDTO loginSuccessDTO = LoginSuccessDTO.builder().token(token).userAccountId(user.getId()).accountNo(user.getAccountNo()).uid(user.getId() +"")
-                .userName(user.getUserName()).nickName(user.getUserName()).phoneNum(user.getPhoneNum()).portType(0).companyInfoVO(companyInfoVO == null ? null : companyInfoVO).build();
+        LoginSuccessDTO loginSuccessDTO = LoginSuccessDTO.builder().token(token).userAccountId(user.getId()).accountNo(user.getAccountNo()).uid(user.getId() + "")
+                .userName(user.getUserName()).nickName(user.getUserName()).phoneNum(user.getPhoneNum()).portType(0).companyInfoVO(companyInfoVO == null ? null : companyInfoVO)
+                .roleInfo(roleInfoDTO).build();
         stringRedisTemplate.opsForValue().set(
                 token, JSONObject.toJSONString(loginSuccessDTO),
                 JwtConstant.EXPIRATION, TimeUnit.MILLISECONDS);
@@ -196,7 +204,7 @@ public class AuthServiceImpl implements AuthService {
     @Override
     public ResultBody getLoginInfo(String randomLoginCode) {
         String json = stringRedisTemplate.opsForValue().get(randomLoginCode);
-        if (StringUtils.isBlank(json)){
+        if (StringUtils.isBlank(json)) {
             return ResultBody.error(ResultEnum.APPLET_LOGIN_ERROR);
         }
         LoginSuccessDTO loginSuccessDTO = JSONObject.parseObject(json, LoginSuccessDTO.class);

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/BackUserAccountServiceImpl.java

@@ -5,9 +5,12 @@ import com.mmc.iuav.response.ResultBody;
 import com.mmc.iuav.response.ResultEnum;
 import com.mmc.iuav.user.auth.PwdUtil;
 import com.mmc.iuav.user.dao.BackUserAccountDao;
+import com.mmc.iuav.user.dao.RoleDao;
 import com.mmc.iuav.user.entity.BackUserAccountDO;
 import com.mmc.iuav.user.entity.CompanyBackUserDO;
 import com.mmc.iuav.user.entity.CompanyInfoDO;
+import com.mmc.iuav.user.enums.RoleEnums;
+import com.mmc.iuav.user.model.dto.LoginSuccessDTO;
 import com.mmc.iuav.user.model.qo.BUserAccountQO;
 import com.mmc.iuav.user.model.vo.BUserAccountVO;
 import com.mmc.iuav.user.model.vo.BackUserAccountVO;
@@ -16,6 +19,7 @@ import com.mmc.iuav.user.service.CompanyService;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 
 import java.security.NoSuchAlgorithmException;
 import java.util.List;
@@ -34,6 +38,9 @@ public class BackUserAccountServiceImpl implements BackUserAccountService {
     @Autowired
     private CompanyService companyService;
 
+    @Autowired
+    private RoleDao roleDao;
+
     @Override
     public ResultBody insertBAccount(BUserAccountVO bUserAccountVO) {
         if (!bUserAccountVO.getPassWord().equals(bUserAccountVO.getAlertPwd())) {
@@ -45,6 +52,10 @@ public class BackUserAccountServiceImpl implements BackUserAccountService {
         if (count > 0) {
             return ResultBody.error(ResultEnum.ADD_USER_ACCOUNT_NAME_EXISTS);
         }
+        if (bUserAccountVO.getRoleId().equals(RoleEnums.ADMIN.getId())) {
+            return ResultBody.error(ResultEnum.ONLY_ONE_ADMIN_ERROR);
+        }
+        roleDao.insertUserRoleRel(bUserAccountVO.getId(), bUserAccountVO.getRoleId());
         BackUserAccountDO backUserAccountDO = new BackUserAccountDO(bUserAccountVO);
         try {
             backUserAccountDO.setPassword(PwdUtil.securityPwd(bUserAccountVO.getPassWord()));
@@ -53,7 +64,7 @@ public class BackUserAccountServiceImpl implements BackUserAccountService {
         }
         backUserAccountDao.insertBackUserAccount(backUserAccountDO);
         // 添加单位信息
-        if (bUserAccountVO.getCompanyId() != null){
+        if (bUserAccountVO.getCompanyId() != null) {
             CompanyBackUserDO companyBackUserDO = new CompanyBackUserDO();
             companyBackUserDO.setBackUserAccountId(backUserAccountDO.getId());
             companyBackUserDO.setCompanyInfoId(bUserAccountVO.getCompanyId());
@@ -62,8 +73,9 @@ public class BackUserAccountServiceImpl implements BackUserAccountService {
         return ResultBody.success();
     }
 
+    @Transactional
     @Override
-    public ResultBody updateBAccount(BUserAccountVO bUserAccountVO) {
+    public ResultBody updateBAccount(BUserAccountVO bUserAccountVO, LoginSuccessDTO loginSuccessDTO) {
         // 判断账号是否重复
         if (!StringUtils.isEmpty(bUserAccountVO.getAccountNo())) {
             // 如果传入的名字不为空，就查找数据库，看名字是否重复
@@ -75,12 +87,24 @@ public class BackUserAccountServiceImpl implements BackUserAccountService {
         BackUserAccountDO userAccountDO = new BackUserAccountDO(bUserAccountVO);
         backUserAccountDao.updateBackUserAccount(userAccountDO);
         // 修改单位信息
-        if (bUserAccountVO.getCompanyId() != null){
+        if (bUserAccountVO.getCompanyId() != null) {
             CompanyBackUserDO companyBackUserDO = new CompanyBackUserDO();
             companyBackUserDO.setBackUserAccountId(userAccountDO.getId());
             companyBackUserDO.setCompanyInfoId(bUserAccountVO.getCompanyId());
             companyService.updateCompanyBackUser(companyBackUserDO);
         }
+        if (bUserAccountVO.getRoleId().equals(RoleEnums.ADMIN.getId())) {
+            return ResultBody.error(ResultEnum.ONLY_ONE_ADMIN_ERROR);
+        }
+        // 不能修改自己的角色
+        if (loginSuccessDTO.getUserAccountId().toString().equals(bUserAccountVO.getId().toString())) {
+            return ResultBody.error(ResultEnum.UPDATE_OWNER_ROLE_ERROR);
+        }
+        // 不能修改admin账号的角色
+        if (bUserAccountVO.getId().equals(1) && !bUserAccountVO.getRoleId().equals(RoleEnums.ADMIN.getId())) {
+            return ResultBody.error(ResultEnum.UPDATE_ADMIN_ROLE_ERROR);
+        }
+        roleDao.updateUserRoleRel(bUserAccountVO.getId(), bUserAccountVO.getRoleId());
         return ResultBody.success();
     }
 
@@ -102,11 +126,11 @@ public class BackUserAccountServiceImpl implements BackUserAccountService {
         List<Integer> backUserIds = users.stream().map(BackUserAccountDO::getId).collect(Collectors.toList());
         List<BackUserAccountVO> collect = users.stream().map(BackUserAccountDO::buildBackUserAccountVO).collect(Collectors.toList());
         List<CompanyInfoDO> companyInfoDOList = companyService.listCompanyInfoByUID(backUserIds);
-        if (!companyInfoDOList.isEmpty()){
+        if (!companyInfoDOList.isEmpty()) {
             Map<Integer, CompanyInfoDO> userCompanyNameMap = companyInfoDOList.stream().collect(Collectors.toMap(CompanyInfoDO::getBackUserAccountId, k -> k, (v1, v2) -> v2));
             collect.forEach(d -> {
                 CompanyInfoDO companyInfoDO = userCompanyNameMap.get(d.getId());
-                if (companyInfoDO != null){
+                if (companyInfoDO != null) {
                     d.setCompanyName(companyInfoDO.getCompanyName());
                     d.setCompanyInfoVO(companyInfoDO.buildCompanyInfoVO());
                 }

csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/RoleServiceImpl.java

@@ -16,6 +16,7 @@ import com.mmc.iuav.user.service.RoleService;
 import com.mmc.iuav.user.util.MenuTreeUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.CollectionUtils;
 
 import java.util.List;
@@ -40,7 +41,7 @@ public class RoleServiceImpl implements RoleService {
             return ResultBody.error(ResultEnum.ROLE_NAME_REPEAT_ERROR);
         }
         RoleInfoDO rd = new RoleInfoDO(roleInfo);
-        rd.setUserAccountId(userLoginInfoFromRedis.getUserAccountId());
+        rd.setBackUserAccountId(userLoginInfoFromRedis.getUserAccountId());
         rd.setRoleNo(CodeUtil.createRoleNo(roleDao.findList()));
         roleDao.insertRoleInfo(rd);
         return ResultBody.success();
@@ -53,7 +54,7 @@ public class RoleServiceImpl implements RoleService {
         if (count > 0) {
             return ResultBody.error(ResultEnum.ROLE_NAME_REPEAT_ERROR);
         }
-        rd.setUserAccountId(userLoginInfoFromRedis.getUserAccountId());
+        rd.setBackUserAccountId(userLoginInfoFromRedis.getUserAccountId());
         roleDao.updateRoleInfo(rd);
         return ResultBody.success();
     }
@@ -89,9 +90,17 @@ public class RoleServiceImpl implements RoleService {
         return ResultBody.success(MenuTreeUtil.buildTreePCMenu(menuInfoDTOS));
     }
 
+    @Transactional
     @Override
-    public ResultBody updateRoleMenuInfo(RoleMenuInfoVO roleMenuInfoVO, LoginSuccessDTO userLoginInfoFromRedis) {
+    public ResultBody updateRoleMenuInfo(RoleMenuInfoVO roleMenuInfoVO, LoginSuccessDTO loginSuccessDTO) {
         // 判断该角色的菜单是否可以修改
+        RoleInfoDO roleInfo = roleDao.getRoleInfo(roleMenuInfoVO.getRoleId());
+        if (roleInfo.getSuperAdmin().equals(1)) {
+            return ResultBody.error(ResultEnum.UPDATE_ADMIN_ROLE_MENUS_ERROR);
+        }
+        if (roleMenuInfoVO.getRoleId().equals(loginSuccessDTO.getRoleInfo().getId())) {
+            return ResultBody.error(ResultEnum.UPDATE_OWNER_ROLE_MENUS_ERROR);
+        }
         if (!CollectionUtils.isEmpty(roleMenuInfoVO.getMenuInfoIds())) {
             List<MenuInfoDO> menuInfoDOList = roleDao.listRoleMenuInfo(roleMenuInfoVO.getRoleId());
             List<Integer> existMenuIds = menuInfoDOList.stream().map(MenuInfoDO::getId).collect(Collectors.toList());

csm-service/cms-service-user/src/main/resources/mapper/RoleDao.xml

@@ -14,14 +14,13 @@
         <result property="remark" column="remark"/>
         <result property="createTime" column="create_time"/>
         <result property="updateTime" column="update_time"/>
-        <result property="userAccountId" column="user_account_id"/>
+        <result property="backUserAccountId" column="back_user_account_id"/>
         <result property="userName" column="user_name"/>
         <result property="updateTime" column="update_time"/>
         <result property="userName" column="user_name"/>
         <result property="superAdmin" column="super_admin"/>
     </resultMap>
 
-
     <resultMap id="userAccountResultMap" type="com.mmc.iuav.user.entity.UserAccountDO">
         <id property="id" column="id"/>
         <result property="uid" column="uid"/>
@@ -66,8 +65,8 @@
 
     <insert id="insertRoleInfo" useGeneratedKeys="true"
             keyProperty="id" parameterType="com.mmc.iuav.user.entity.RoleInfoDO">
-        insert into role_info(role_no, role_name, user_account_id, remark, create_time, update_time)
-        values (#{roleNo}, #{roleName}, #{userAccountId}, #{remark}, NOW(), NOW())
+        insert into role_info(role_no, role_name, back_user_account_id, remark, create_time, update_time)
+        values (#{roleNo}, #{roleName}, #{backUserAccountId}, #{remark}, NOW(), NOW())
     </insert>
 
     <insert id="batchAddMenuIds">
@@ -83,6 +82,11 @@
         </foreach>
     </insert>
 
+    <insert id="insertUserRoleRel">
+        INSERT INTO user_role_rel(back_back_user_account_id, role_id, create_time)
+        VALUES (#{backUserAccountId}, #{roleId}, NOW());
+    </insert>
+
     <update id="updateRoleInfo"
             parameterType="com.mmc.iuav.user.entity.RoleInfoDO">
         UPDATE role_info
@@ -96,9 +100,14 @@
         where id = #{id}
     </update>
 
+    <update id="updateUserRoleRel">
+        UPDATE user_role_rel SET role_id = #{roleId}
+        WHERE back_user_account_id = #{backUserAccountId};
+    </update>
+
     <select id="listUserRoleInfo" resultType="int"
             parameterType="int">
-        select user_account_id
+        select back_user_account_id
         from user_role_rel
         where role_id = #{roleId}
     </select>
@@ -123,6 +132,7 @@
                r.role_no,
                r.role_name,
                r.remark,
+               r.super_admin,
                r.create_time
         from role_info r
         where r.id = #{id}
@@ -134,7 +144,7 @@
         SELECT count(*)
         FROM
         role_info r
-        INNER JOIN back_user_account ua ON r.user_account_id = ua.id
+        INNER JOIN back_user_account ua ON r.back_user_account_id = ua.id
         WHERE
         r.is_deleted =0
         <if test=" NumberOrName != null and NumberOrName != '' ">
@@ -152,13 +162,13 @@
         r.role_name,
         r.remark,
         r.create_time,
-        r.user_account_id,
+        r.back_user_account_id,
         r.super_admin,
         ua.user_name,
         r.update_time
         FROM
         role_info r
-        INNER JOIN back_user_account ua ON r.user_account_id = ua.id
+        INNER JOIN back_user_account ua ON r.back_user_account_id = ua.id
         WHERE
         r.is_deleted =0
         <if test=" NumberOrName != null and NumberOrName != '' ">
@@ -172,7 +182,7 @@
     <select id="countNotDelUserAccountByRole" resultType="java.lang.Integer">
         SELECT count(*)
         FROM user_role_rel ur
-                 INNER JOIN user_account ua ON ur.user_account_id = ua.id
+                 INNER JOIN user_account ua ON ur.back_user_account_id = ua.id
         WHERE ur.role_id = #{id}
           AND ua.is_deleted = 0
     </select>
@@ -192,5 +202,11 @@
         ORDER BY id DESC LIMIT 1;
     </select>
 
+    <select id="getRoleInfoByUserId" resultType="com.mmc.iuav.user.model.dto.RoleInfoDTO">
+        select ri.id,ri.role_no,ri.role_name,ri.is_deleted,ri.remark,
+        ri.create_time,ri.update_time,ri.user_account_id,ri.super_admin
+        from role_info ri INNER JOIN user_role_rel urr ON ri.id = urr.role_id
+        where urr.back_user_account_id = #{backUserAccountId}
+    </select>
 
 </mapper>