修改人员角色显示逻辑

server/src/main/java/com/pica/cloud/account/account/server/enums/SaasRoleEnum.java

@@ -11,7 +11,7 @@ import lombok.Getter;
 public enum SaasRoleEnum {
     NULL_ROLE(0L,"无角色信息"),
     MAIN_ADMIN_ROLE(1L, "主管理员"),
-    ADMIN_ROLE(2L, "管理员"),
+    ADMIN_ROLE(2L, "系统管理员"),
     SAAS_MAIN_ADMIN(3L, "saas系统管理员"),
     SAAS_DOCTOR(4L,"开单医生");
     private Long code;

server/src/main/java/com/pica/cloud/account/account/server/req/HospitalRoleListReq.java

@@ -22,7 +22,7 @@ public class HospitalRoleListReq {
     @ApiModelProperty("页码")
     private Integer pageNo = 1;
 
-    @ApiModelProperty("登录来源  0:saas 1:运营平台")
+    @ApiModelProperty("登录来源  0:运营平台 1:saas")
     private Integer loginFlag = 0;
 
 }

server/src/main/java/com/pica/cloud/account/account/server/req/HospitalSaasUserReq.java

@@ -49,6 +49,10 @@ public class HospitalSaasUserReq {
     @ApiModelProperty("资源类型 1表示安卓，2表示ios，3表示web，4表示H5登录，5表示admin后台 6.SAAS")
     private Integer sourceType;
 
+
+    @ApiModelProperty("登录来源  0:运营平台 1:saas")
+    private Integer loginFlag = 0;
+
     public void checkInsertParams() {
         if (StringUtils.isBlank(this.mobile)) {
             throw new PicaWarnException(AccountExceptionEnum.PICA_NOT_EMPTY.getCode(), "手机号不能为空");

server/src/main/java/com/pica/cloud/account/account/server/service/impl/HospitalSaasRoleServiceImpl.java

@@ -91,7 +91,7 @@ public class HospitalSaasRoleServiceImpl implements HospitalSaasRoleService {
     public HospitalRoleResp listByPage(HospitalRoleListReq req) {
         Map<String, Object> map = new HashMap(4);
         if (req.getLoginFlag() == 1) {
-            List<Long> list = Arrays.asList(SaasRoleEnum.MAIN_ADMIN_ROLE.getCode(), SaasRoleEnum.ADMIN_ROLE.getCode());
+            List<Long> list = Arrays.asList(SaasRoleEnum.MAIN_ADMIN_ROLE.getCode(), SaasRoleEnum.ADMIN_ROLE.getCode(),SaasRoleEnum.SAAS_MAIN_ADMIN.getCode());
             map.put("list", list);
         }
         map.put("name", req.getName());

server/src/main/java/com/pica/cloud/account/account/server/service/impl/HospitalSaasUserServiceImpl.java

@@ -71,6 +71,12 @@ public class HospitalSaasUserServiceImpl implements HospitalSaasUserService {
     public int register(HospitalSaasUserReq req, Long doctorId) {
         req.checkInsertParams();
         validatorAdminRole(req.getRoleId(), req.getHospitalId().longValue());
+        if (CollectionUtils.isNotEmpty(req.getRoleId()) && ((req.getRoleId().contains(SaasRoleEnum.MAIN_ADMIN_ROLE)) || req.getRoleId().contains(SaasRoleEnum.ADMIN_ROLE))) {
+            throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "主管理员或系统管理员不可被操作");
+        }
+        if (req.getLoginFlag() == 1 && CollectionUtils.isNotEmpty(req.getRoleId()) && ((req.getRoleId().contains(SaasRoleEnum.MAIN_ADMIN_ROLE)) || req.getRoleId().contains(SaasRoleEnum.ADMIN_ROLE) || req.getRoleId().contains(SaasRoleEnum.SAAS_MAIN_ADMIN))) {
+            throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "saas系统管理员不可被操作");
+        }
         //得到手机号
         String mobile = req.getMobile();
         //幂等校验
@@ -105,7 +111,6 @@ public class HospitalSaasUserServiceImpl implements HospitalSaasUserService {
                 redisClient.del(nxKey);
                 return 1;
             }
-
             Account byMobilePhone = accountMapper.getByMobilePhone(mobileEncrypt);
             if (!req.getHospitalId().equals(byMobilePhone.getHospitalId())) {
                 throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "正在添加的用户非本机构下用户");
@@ -175,13 +180,6 @@ public class HospitalSaasUserServiceImpl implements HospitalSaasUserService {
         return new HospitalSaasUserResp(lists, count);
     }
 
-//    private void validatorAdminRole(Long roleId, Long hospitalId) {
-//        int count = accountMapper.adminRoleCountByhospitalId(hospitalId);
-//        if (count >= 1 && null != roleId && Objects.equals(roleId, SaasRoleEnum.SAAS_MAIN_ADMIN.getCode())) {
-//            throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "当前已存在系统管理员,请勿重复设置");
-//        }
-//    }
-
     private void validatorAdminRole(List<Long> roleId, Long hospitalId) {
         int count = accountMapper.adminRoleCountByhospitalId(hospitalId);
         if (count >= 1 && CollectionUtils.isNotEmpty(roleId) && roleId.contains(SaasRoleEnum.SAAS_MAIN_ADMIN)) {
@@ -195,18 +193,25 @@ public class HospitalSaasUserServiceImpl implements HospitalSaasUserService {
             throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "参数错误");
         }
         validatorAdminRole(req.getRoleId(), req.getHospitalId().longValue());
+        if (CollectionUtils.isNotEmpty(req.getRoleId()) && (req.getRoleId().contains(SaasRoleEnum.MAIN_ADMIN_ROLE)) || req.getRoleId().contains(SaasRoleEnum.ADMIN_ROLE)) {
+            throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "主管理员或系统管理员不可被编辑");
+        }
+        if (CollectionUtils.isNotEmpty(req.getRoleId()) && (req.getRoleId().contains(SaasRoleEnum.NULL_ROLE)) && req.getRoleId().size() > 1) {
+            throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "角色选择非法");
+        }
+        if (req.getLoginFlag() == 1) {
+            List<RoleDto> roleDtos = doctorRoleMapper.selectRoleByUserId(req.getId());
+            if (CollectionUtils.isNotEmpty(roleDtos) && roleDtos.contains(SaasRoleEnum.SAAS_MAIN_ADMIN)) {
+                if (CollectionUtils.isNotEmpty(req.getRoleId()) && !req.getRoleId().contains(SaasRoleEnum.SAAS_MAIN_ADMIN)) {
+                    throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "saas角色管理员角色不可移除");
+                }
+            }
+        }
         String mobileEncrypt = AESUtil.encryptV0(req.getMobile());
         Account accountExist = accountMapper.getByMobilePhone(mobileEncrypt);
         if (accountExist == null) {
             throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "当前用户不存在");
         }
-//        HospitalSaasUserEditResp saasUser = accountMapper.selectUserRoleById(req.getId());
-//        if (req.getLoginFlag() == 1 && saasUser != null && saasUser.getRoleId() != null && !Objects.equals(req.getRoleId(), saasUser.getRoleId()) && req.getRoleId() != 0 && saasUser.getRoleId() < SaasRoleEnum.SAAS_MAIN_ADMIN.getCode()) {
-//            throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "当前角色不可编辑");
-//        }
-//        if (req.getLoginFlag() == 0 && saasUser != null && saasUser.getRoleId() != null && !Objects.equals(req.getRoleId(), saasUser.getRoleId()) && req.getRoleId() != 0 && saasUser.getRoleId() < SaasRoleEnum.SAAS_DOCTOR.getCode()) {
-//            throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "当前角色不可编辑");
-//        }
         Account account = new Account();
         account.setId(req.getId());
         account.setModifyId(doctorId);
@@ -292,7 +297,7 @@ public class HospitalSaasUserServiceImpl implements HospitalSaasUserService {
             return new HospitalSaasUserEditResp();
         }
         resp.setPwdFlag(2);
-        //手机号 不为空 解密脱敏
+        //手机号不为空 解密脱敏
         if (StringUtils.isNotBlank(resp.getMobile())) {
             String phone = EncryptUtils.decryptContent(resp.getMobile(), EncryptConstants.ENCRYPT_TYPE_MOBILE, EncryptConstants.ENCRYPT_DECRYPT_KEY);
             resp.setMobile(phone);

server/src/main/resources/mybatis/PermissionRoleMapper.xml

@@ -182,7 +182,8 @@
     <select id="querySaasRoles" resultType="com.pica.cloud.account.account.server.resp.RoleDto">
         select p.id as id, p.role_name as name
         from permission_role as p
-        where p.delete_flag = 1
+        where p.id not in (1, 2)
+          and p.delete_flag = 1
     </select>