From 2399cc29d6f132367459aee4da626ae9c1986fc4 Mon Sep 17 00:00:00 2001 From: hailin Date: Tue, 16 Dec 2025 17:20:36 -0800 Subject: [PATCH] =?UTF-8?q?fix(authorization):=20=E4=BF=AE=E6=AD=A3?= =?UTF-8?q?=E7=9C=81=E5=8C=BA=E5=9F=9F=E8=A7=92=E8=89=B2=E5=94=AF=E4=B8=80?= =?UTF-8?q?=E6=80=A7=E6=A3=80=E6=9F=A5=E9=80=BB=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 将省区域角色从"全系统唯一"改为"按省份唯一": - 修改 grantProvinceCompany 使用 findProvinceCompanyByRegion 检查 - 删除废弃的 findAnyProvinceCompany 方法 - 现在不同省份可以分别授权给不同账户 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- .../services/authorization-application.service.ts | 10 +++++----- .../repositories/authorization-role.repository.ts | 5 ----- .../repositories/authorization-role.repository.impl.ts | 10 ---------- 3 files changed, 5 insertions(+), 20 deletions(-) diff --git a/backend/services/authorization-service/src/application/services/authorization-application.service.ts b/backend/services/authorization-service/src/application/services/authorization-application.service.ts index 0823152b..894ec232 100644 --- a/backend/services/authorization-service/src/application/services/authorization-application.service.ts +++ b/backend/services/authorization-service/src/application/services/authorization-application.service.ts @@ -271,7 +271,7 @@ export class AuthorizationApplicationService { * * 业务规则: * - 同一个用户不能同时拥有省区域和市区域两种身份 - * - 整个系统中只允许一个省区域角色被授权(全局唯一) + * - 同一个省份只允许授权给一个账户(按省份唯一) */ async grantProvinceCompany(command: GrantProvinceCompanyCommand): Promise { const userId = UserId.create(command.userId, command.accountSequence) @@ -299,11 +299,11 @@ export class AuthorizationApplicationService { ) } - // 3. 检查系统中是否已有省区域授权(整个系统全局唯一) - const existingAnyProvince = await this.authorizationRepository.findAnyProvinceCompany() - if (existingAnyProvince) { + // 3. 检查该省份是否已有省区域授权(同一省份只能授权给一个账户) + const existingProvinceRegion = await this.authorizationRepository.findProvinceCompanyByRegion(command.provinceCode) + if (existingProvinceRegion) { throw new ApplicationError( - `系统中已有省区域角色授权给用户 ${existingAnyProvince.userId.accountSequence}(${existingAnyProvince.regionName}),整个系统只允许一个省区域角色`, + `省份「${command.provinceName}」已有省区域角色授权给用户 ${existingProvinceRegion.userId.accountSequence},不能重复授权`, ) } diff --git a/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts b/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts index 5669d781..548fd7fa 100644 --- a/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts +++ b/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts @@ -96,9 +96,4 @@ export interface IAuthorizationRoleRepository { * 根据社区名称查找社区授权(用于社区名称全局唯一性校验) */ findCommunityByName(communityName: string): Promise - /** - * 查找系统中任何已授权的省区域角色(用于省区域全局唯一性校验) - * 整个系统只允许一个省区域角色被授权 - */ - findAnyProvinceCompany(): Promise } diff --git a/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts b/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts index 1096e1d7..d4069a58 100644 --- a/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts +++ b/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts @@ -399,16 +399,6 @@ export class AuthorizationRoleRepositoryImpl implements IAuthorizationRoleReposi return record ? this.toDomain(record) : null } - async findAnyProvinceCompany(): Promise { - const record = await this.prisma.authorizationRole.findFirst({ - where: { - roleType: RoleType.PROVINCE_COMPANY, - status: AuthorizationStatus.AUTHORIZED, - }, - }) - return record ? this.toDomain(record) : null - } - private toDomain(record: any): AuthorizationRole { const props: AuthorizationRoleProps = { authorizationId: AuthorizationId.create(record.id),