fix(authorization): 修正省区域角色唯一性检查逻辑

将省区域角色从"全系统唯一"改为"按省份唯一"： - 修改 grantProvinceCompany 使用 findProvinceCompanyByRegion 检查 - 删除废弃的 findAnyProvinceCompany 方法 - 现在不同省份可以分别授权给不同账户 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-16 17:20:36 -08:00 · 2025-12-16 17:20:36 -08:00 · 2399cc29d6
parent 2730bcb354
commit 2399cc29d6
3 changed files with 5 additions and 20 deletions
--- a/backend/services/authorization-service/src/application/services/authorization-application.service.ts
+++ b/backend/services/authorization-service/src/application/services/authorization-application.service.ts
@ -271,7 +271,7 @@ export class AuthorizationApplicationService {
   *
   * 业务规则：
   * - 同一个用户不能同时拥有省区域和市区域两种身份
-   * - 整个系统中只允许一个省区域角色被授权（全局唯一）
+   * - 同一个省份只允许授权给一个账户（按省份唯一）
   */
  async grantProvinceCompany(command: GrantProvinceCompanyCommand): Promise<void> {
    const userId = UserId.create(command.userId, command.accountSequence)
@ -299,11 +299,11 @@ export class AuthorizationApplicationService {
      )
    }

-    // 3. 检查系统中是否已有省区域授权（整个系统全局唯一）
-    const existingAnyProvince = await this.authorizationRepository.findAnyProvinceCompany()
-    if (existingAnyProvince) {
+    // 3. 检查该省份是否已有省区域授权（同一省份只能授权给一个账户）
+    const existingProvinceRegion = await this.authorizationRepository.findProvinceCompanyByRegion(command.provinceCode)
+    if (existingProvinceRegion) {
      throw new ApplicationError(
-        `系统中已有省区域角色授权给用户 ${existingAnyProvince.userId.accountSequence}（${existingAnyProvince.regionName}），整个系统只允许一个省区域角色`,
+        `省份「${command.provinceName}」已有省区域角色授权给用户 ${existingProvinceRegion.userId.accountSequence}，不能重复授权`,
      )
    }

--- a/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts
+++ b/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts
@ -96,9 +96,4 @@ export interface IAuthorizationRoleRepository {
   * 根据社区名称查找社区授权（用于社区名称全局唯一性校验）
   */
  findCommunityByName(communityName: string): Promise<AuthorizationRole | null>
-  /**
-   * 查找系统中任何已授权的省区域角色（用于省区域全局唯一性校验）
-   * 整个系统只允许一个省区域角色被授权
-   */
-  findAnyProvinceCompany(): Promise<AuthorizationRole | null>
 }
--- a/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts
+++ b/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts
@ -399,16 +399,6 @@ export class AuthorizationRoleRepositoryImpl implements IAuthorizationRoleReposi
    return record ? this.toDomain(record) : null
  }

-  async findAnyProvinceCompany(): Promise<AuthorizationRole | null> {
-    const record = await this.prisma.authorizationRole.findFirst({
-      where: {
-        roleType: RoleType.PROVINCE_COMPANY,
-        status: AuthorizationStatus.AUTHORIZED,
-      },
-    })
-    return record ? this.toDomain(record) : null
-  }
-
  private toDomain(record: any): AuthorizationRole {
    const props: AuthorizationRoleProps = {
      authorizationId: AuthorizationId.create(record.id),