From d565bb91fa370fd1e0742e7a9267a943635cf81d Mon Sep 17 00:00:00 2001
From: hailin <hailin.zhao@gdzx.xyz>
Date: Wed, 17 Dec 2025 07:53:37 -0800
Subject: [PATCH] =?UTF-8?q?feat(authorization):=20=E6=B7=BB=E5=8A=A0?=
 =?UTF-8?q?=E5=AE=A1=E8=AE=A1=E6=9F=A5=E8=AF=A2=E6=96=B9=E6=B3=95=E6=94=AF?=
 =?UTF-8?q?=E6=8C=81=E6=9F=A5=E8=AF=A2=E5=B7=B2=E5=88=A0=E9=99=A4=E8=AE=B0?=
 =?UTF-8?q?=E5=BD=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- findAllByUserIdIncludeDeleted: 按用户ID查询所有记录(含已删除)
- findAllByAccountSequenceIncludeDeleted: 按账号序列查询所有记录(含已删除)
- findByIdIncludeDeleted: 按ID查询记录(含已删除)

确保撤销的授权记录可审计追溯

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 .../authorization-role.repository.ts          | 20 +++++++++++++++
 .../authorization-role.repository.impl.ts     | 25 +++++++++++++++++++
 2 files changed, 45 insertions(+)

diff --git a/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts b/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts
index 548fd7fa..e3b0e67d 100644
--- a/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts
+++ b/backend/services/authorization-service/src/domain/repositories/authorization-role.repository.ts
@@ -96,4 +96,24 @@ export interface IAuthorizationRoleRepository {
    * 根据社区名称查找社区授权（用于社区名称全局唯一性校验）
    */
   findCommunityByName(communityName: string): Promise<AuthorizationRole | null>
+
+  // ============ 审计查询方法 (包含已软删除的记录) ============
+
+  /**
+   * 根据用户ID查询所有授权记录（包含已撤销/软删除的记录）
+   * 用于审计和历史记录查询
+   */
+  findAllByUserIdIncludeDeleted(userId: UserId): Promise<AuthorizationRole[]>
+
+  /**
+   * 根据账号序列号查询所有授权记录（包含已撤销/软删除的记录）
+   * 用于审计和历史记录查询
+   */
+  findAllByAccountSequenceIncludeDeleted(accountSequence: string): Promise<AuthorizationRole[]>
+
+  /**
+   * 根据ID查询授权记录（包含已软删除的记录）
+   * 用于审计和历史记录查询
+   */
+  findByIdIncludeDeleted(authorizationId: AuthorizationId): Promise<AuthorizationRole | null>
 }
diff --git a/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts b/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts
index 037aec79..fa6ef00e 100644
--- a/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts
+++ b/backend/services/authorization-service/src/infrastructure/persistence/repositories/authorization-role.repository.impl.ts
@@ -422,6 +422,31 @@ export class AuthorizationRoleRepositoryImpl implements IAuthorizationRoleReposi
     return record ? this.toDomain(record) : null
   }
 
+  // ============ 审计查询方法 (包含已软删除的记录) ============
+
+  async findAllByUserIdIncludeDeleted(userId: UserId): Promise<AuthorizationRole[]> {
+    const records = await this.prisma.authorizationRole.findMany({
+      where: { userId: userId.value },
+      orderBy: { createdAt: 'desc' },
+    })
+    return records.map((record) => this.toDomain(record))
+  }
+
+  async findAllByAccountSequenceIncludeDeleted(accountSequence: string): Promise<AuthorizationRole[]> {
+    const records = await this.prisma.authorizationRole.findMany({
+      where: { accountSequence: accountSequence },
+      orderBy: { createdAt: 'desc' },
+    })
+    return records.map((record) => this.toDomain(record))
+  }
+
+  async findByIdIncludeDeleted(authorizationId: AuthorizationId): Promise<AuthorizationRole | null> {
+    const record = await this.prisma.authorizationRole.findUnique({
+      where: { id: authorizationId.value },
+    })
+    return record ? this.toDomain(record) : null
+  }
+
   private toDomain(record: any): AuthorizationRole {
     const props: AuthorizationRoleProps = {
       authorizationId: AuthorizationId.create(record.id),