CRM-数据权限：完善团队成员相关操作

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/permission/CrmPermissionController.java

@@ -28,17 +28,16 @@ import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
 import javax.validation.Valid;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
+import java.util.*;
 import java.util.function.Predicate;
 import java.util.stream.Collectors;
 
+import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionUtil.exception;
 import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success;
 import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.anyMatch;
 import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertSet;
 import static cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils.getLoginUserId;
+import static cn.iocoder.yudao.module.crm.enums.ErrorCodeConstants.CRM_PERMISSION_NOT_EXISTS;
 
 @Tag(name = "管理后台 - CRM 数据权限（数据团队成员操作）")
 @RestController
@@ -85,12 +84,12 @@ public class CrmPermissionController {
     }
 
     @PutMapping("/update")
-    @Operation(summary = "编辑团队成员")
+    @Operation(summary = "编辑团队成员权限")
     @PreAuthorize("@ss.hasPermission('crm:permission:update')")
     @CrmPermission(bizType = CrmBizTypeEnum.CRM_PERMISSION, bizTypeValue = "#updateReqVO.bizType", bizId = "#updateReqVO.bizId"
-            , level = CrmPermissionLevelEnum.WRITE)
+            , level = CrmPermissionLevelEnum.OWNER)
     public CommonResult<Boolean> updatePermission(@Valid @RequestBody CrmPermissionUpdateReqVO updateReqVO) {
-        permissionService.updatePermission(CrmPermissionConvert.INSTANCE.convert(updateReqVO));
+        permissionService.updatePermission(updateReqVO);
         return success(true);
     }
 
@@ -99,15 +98,33 @@ public class CrmPermissionController {
     @Parameters({
             @Parameter(name = "bizType", description = "CRM 类型", required = true, example = "2"),
             @Parameter(name = "bizId", description = "CRM 类型数据编号", required = true, example = "1024"),
-            @Parameter(name = "id", description = "团队成员编号", required = true, example = "1024")
+            @Parameter(name = "ids", description = "团队成员编号", required = true, example = "1024")
     })
     @PreAuthorize("@ss.hasPermission('crm:permission:delete')")
     @CrmPermission(bizType = CrmBizTypeEnum.CRM_PERMISSION, bizTypeValue = "#bizType", bizId = "#bizId"
-            , level = CrmPermissionLevelEnum.OWNER)
+            , level = CrmPermissionLevelEnum.OWNER) // 为了校验权限请求必须带上 bizType 和  bizId
     public CommonResult<Boolean> deletePermission(@RequestParam("bizType") Integer bizType,
                                                   @RequestParam("bizId") Long bizId,
-                                                  @RequestParam("id") Long id) {
-        permissionService.deletePermission(id);
+                                                  @RequestParam("ids") Collection<Long> ids) {
+        permissionService.deletePermission(ids);
+        return success(true);
+    }
+
+    @DeleteMapping("/quit-team")
+    @Operation(summary = "退出团队")
+    @Parameters({
+            @Parameter(name = "id", description = "团队成员编号", required = true, example = "1024")
+    })
+    @PreAuthorize("@ss.hasPermission('crm:permission:delete')")
+    public CommonResult<Boolean> deletePermission(@RequestParam("id") Long id) {
+        // 校验数据存在且是自己
+        CrmPermissionDO permission = permissionService.getPermissionByIdAndUserId(id, getLoginUserId());
+        if (permission == null) {
+            throw exception(CRM_PERMISSION_NOT_EXISTS);
+        }
+
+        // 删除
+        permissionService.deletePermission(Collections.singletonList(id));
         return success(true);
     }
 

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/permission/vo/CrmPermissionRespVO.java

@@ -3,6 +3,7 @@ package cn.iocoder.yudao.module.crm.controller.admin.permission.vo;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 
+import java.time.LocalDateTime;
 import java.util.Set;
 
 @Schema(description = "管理后台 - CRM 数据权限（团队成员） Response VO")
@@ -21,4 +22,7 @@ public class CrmPermissionRespVO extends CrmPermissionBaseVO {
     @Schema(description = "岗位名称数组", requiredMode = Schema.RequiredMode.REQUIRED, example = "[BOOS,经理]")
     private Set<String> postNames;
 
+    @Schema(description = "创建时间", requiredMode = Schema.RequiredMode.REQUIRED, example = "2023-01-01 00:00:00")
+    private LocalDateTime createTime;
+
 }

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/permission/vo/CrmPermissionUpdateReqVO.java

@@ -1,22 +1,34 @@
 package cn.iocoder.yudao.module.crm.controller.admin.permission.vo;
 
+import cn.iocoder.yudao.framework.common.validation.InEnum;
+import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
+import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
-import lombok.EqualsAndHashCode;
-import lombok.ToString;
 
 import javax.validation.constraints.NotNull;
+import java.util.List;
 
 @Schema(description = "管理后台 - CRM 数据权限更新 Request VO")
 @Data
-@EqualsAndHashCode(callSuper = true)
-@ToString(callSuper = true)
-public class CrmPermissionUpdateReqVO extends CrmPermissionBaseVO {
+public class CrmPermissionUpdateReqVO {
 
-    @Schema(description = "数据权限编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "13563")
-    @NotNull(message = "数据权限编号不能为空")
-    private Long id;
+    @Schema(description = "数据权限编号列表", requiredMode = Schema.RequiredMode.REQUIRED, example = "[1,2]")
+    @NotNull(message = "数据权限编号列表不能为空")
+    private List<Long> ids;
 
-    // TODO @puhui999：是不是只更新 permission？？？ 是的
+    @Schema(description = "Crm 类型", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
+    @InEnum(CrmBizTypeEnum.class)
+    @NotNull(message = "Crm 类型不能为空")
+    private Integer bizType;
+
+    @Schema(description = "Crm 类型数据编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "1024")
+    @NotNull(message = "Crm 类型数据编号不能为空")
+    private Long bizId;
+
+    @Schema(description = "权限级别", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
+    @InEnum(CrmPermissionLevelEnum.class)
+    @NotNull(message = "权限级别不能为空")
+    private Integer level;
 
 }

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/convert/permission/CrmPermissionConvert.java

@@ -15,6 +15,7 @@ import com.google.common.collect.Multimaps;
 import org.mapstruct.Mapper;
 import org.mapstruct.factory.Mappers;
 
+import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 
@@ -54,4 +55,12 @@ public interface CrmPermissionConvert {
         });
     }
 
+    default List<CrmPermissionDO> convertList(CrmPermissionUpdateReqVO updateReqVO) {
+        List<CrmPermissionDO> permissions = new ArrayList<>();
+        updateReqVO.getIds().forEach(id -> {
+            permissions.add(new CrmPermissionDO().setId(id).setLevel(updateReqVO.getLevel()));
+        });
+        return permissions;
+    }
+
 }

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/dal/mysql/permission/CrmPermissionMapper.java

@@ -42,4 +42,9 @@ public interface CrmPermissionMapper extends BaseMapperX<CrmPermissionDO> {
                 .eq(CrmPermissionDO::getLevel, level));
     }
 
+    default CrmPermissionDO selectByIdAndUserId(Long id, Long userId) {
+        return selectOne(new LambdaQueryWrapperX<CrmPermissionDO>()
+                .eq(CrmPermissionDO::getId, id).eq(CrmPermissionDO::getUserId, userId));
+    }
+
 }

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/CrmPermissionService.java

@@ -1,11 +1,11 @@
 package cn.iocoder.yudao.module.crm.service.permission;
 
 
+import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionUpdateReqVO;
 import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
 import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
 import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
 import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionTransferReqBO;
-import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateReqBO;
 
 import javax.validation.Valid;
 import java.util.Collection;
@@ -29,16 +29,16 @@ public interface CrmPermissionService {
     /**
      * 更新数据权限
      *
-     * @param updateBO 更新信息
+     * @param updateReqVO 更新信息
      */
-    void updatePermission(@Valid CrmPermissionUpdateReqBO updateBO);
+    void updatePermission(CrmPermissionUpdateReqVO updateReqVO);
 
     /**
      * 删除数据权限
      *
-     * @param id 编号
+     * @param ids 编号
      */
-    void deletePermission(Long id);
+    void deletePermission(Collection<Long> ids);
 
     /**
      * 获取用户数据权限通过 数据类型 x 某个数据 x 用户编号
@@ -50,6 +50,15 @@ public interface CrmPermissionService {
      */
     CrmPermissionDO getPermissionByBizTypeAndBizIdAndUserId(Integer bizType, Long bizId, Long userId);
 
+    /**
+     * 获取用户数据权限通过 权限编号 x 用户编号
+     *
+     * @param id     权限编号
+     * @param userId 用户编号
+     * @return 数据权限
+     */
+    CrmPermissionDO getPermissionByIdAndUserId(Long id, Long userId);
+
     /**
      * 获取数据权限列表，通过 数据类型 x 某个数据
      *

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/CrmPermissionServiceImpl.java

@@ -2,6 +2,7 @@ package cn.iocoder.yudao.module.crm.service.permission;
 
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ObjUtil;
+import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionUpdateReqVO;
 import cn.iocoder.yudao.module.crm.convert.permission.CrmPermissionConvert;
 import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
 import cn.iocoder.yudao.module.crm.dal.mysql.permission.CrmPermissionMapper;
@@ -9,7 +10,6 @@ import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
 import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
 import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
 import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionTransferReqBO;
-import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateReqBO;
 import cn.iocoder.yudao.module.system.api.user.AdminUserApi;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
@@ -53,25 +53,22 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
 
     @Override
     @Transactional(rollbackFor = Exception.class)
-    public void updatePermission(CrmPermissionUpdateReqBO updateBO) {
-        // 1.1 校验用户是否存在
-        adminUserApi.validateUserList(Collections.singletonList(updateBO.getUserId()));
-        // 1.2 校验存在
-        validateCrmPermissionExists(updateBO.getId());
-
-        // 2. 更新操作
-        CrmPermissionDO updateDO = CrmPermissionConvert.INSTANCE.convert(updateBO);
-        crmPermissionMapper.updateById(updateDO);
+    public void updatePermission(CrmPermissionUpdateReqVO updateReqVO) {
+        // 校验存在
+        validateCrmPermissionExists(updateReqVO.getIds());
+
+        List<CrmPermissionDO> updateDO = CrmPermissionConvert.INSTANCE.convertList(updateReqVO);
+        crmPermissionMapper.updateBatch(updateDO);
     }
 
     @Override
     @Transactional(rollbackFor = Exception.class)
-    public void deletePermission(Long id) {
+    public void deletePermission(Collection<Long> ids) {
         // 校验存在
-        validateCrmPermissionExists(id);
+        validateCrmPermissionExists(ids);
 
         // 删除
-        crmPermissionMapper.deleteById(id);
+        crmPermissionMapper.deleteBatchIds(ids);
     }
 
     @Override
@@ -79,6 +76,11 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
         return crmPermissionMapper.selectByBizTypeAndBizIdByUserId(bizType, bizId, userId);
     }
 
+    @Override
+    public CrmPermissionDO getPermissionByIdAndUserId(Long id, Long userId) {
+        return crmPermissionMapper.selectByIdAndUserId(id, userId);
+    }
+
     @Override
     public List<CrmPermissionDO> getPermissionByBizTypeAndBizId(Integer bizType, Long bizId) {
         return crmPermissionMapper.selectByBizTypeAndBizId(bizType, bizId);
@@ -89,13 +91,16 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
         return crmPermissionMapper.selectListByBizTypeAndBizIdsAndLevel(bizType, bizIds, level);
     }
 
-    private void validateCrmPermissionExists(Long id) {
-        if (crmPermissionMapper.selectById(id) == null) {
+    private void validateCrmPermissionExists(Collection<Long> ids) {
+        List<CrmPermissionDO> permissionList = crmPermissionMapper.selectBatchIds(ids);
+        // 校验存在
+        if (ObjUtil.notEqual(permissionList.size(), ids.size())) {
             throw exception(CRM_PERMISSION_NOT_EXISTS);
         }
     }
 
     @Override
+    @Transactional(rollbackFor = Exception.class)
     public void transferPermission(CrmPermissionTransferReqBO transferReqBO) {
         // 1. 校验数据权限-是否是负责人，只有负责人才可以转移
         CrmPermissionDO oldPermission = crmPermissionMapper.selectByBizTypeAndBizIdByUserId(transferReqBO.getBizType(),
@@ -142,6 +147,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
     }
 
     @Override
+    @Transactional(rollbackFor = Exception.class)
     public void receiveBiz(Integer bizType, Long bizId, Long userId) {
         CrmPermissionDO permission = crmPermissionMapper.selectByBizTypeAndBizIdByUserId(bizType, bizId, CrmPermissionDO.POOL_USER_ID);
         if (permission == null) { // 不存在则模块数据也不存在
@@ -152,6 +158,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
     }
 
     @Override
+    @Transactional(rollbackFor = Exception.class)
     public void putPool(Integer bizType, Long bizId, Long userId) {
         CrmPermissionDO permission = crmPermissionMapper.selectByBizTypeAndBizIdByUserId(bizType, bizId, userId);
         if (permission == null) { // 不存在则模块数据也不存在