禁止删除平台和租户管理员

src/platform/ZhonTai.Admin/Services/User/Dto/UserGetPageOutput.cs

@@ -1,7 +1,9 @@
-using Newtonsoft.Json;
+using Mapster;
+using Newtonsoft.Json;
 using System;
 using System.Collections.Generic;
 using ZhonTai.Admin.Domain.Role;
+using ZhonTai.Admin.Domain.User;
 
 namespace ZhonTai.Admin.Services.User.Dto;
 
@@ -32,6 +34,11 @@ public class UserGetPageOutput
     /// </summary>
     public string Email { get; set; }
 
+    /// <summary>
+    /// 用户类型
+    /// </summary>
+    public UserType Type { get; set; }
+
     /// <summary>
     /// 角色
     /// </summary>

src/platform/ZhonTai.Admin/Services/User/UserService.cs

@@ -29,6 +29,7 @@ using System.Data;
 using ZhonTai.Admin.Domain.TenantPermission;
 using FreeSql;
 using ZhonTai.Admin.Core.Auth;
+using Org.BouncyCastle.Crypto;
 
 namespace ZhonTai.Admin.Services.User;
 
@@ -363,12 +364,23 @@ public class UserService : BaseService, IUserService, IDynamicApi
     [Transaction]
     public virtual async Task<IResultOutput> DeleteAsync(long id)
     {
-        //删除员工
-        await _staffRepository.DeleteAsync(a => a.Id == id);
+        var user = await _userRepository.Select.WhereDynamic(id).ToOneAsync(a => new { a.Type });
+        if(user == null)
+        {
+            return ResultOutput.NotOk("用户不存在");
+        }
+
+        if(user.Type == UserType.PlatformAdmin || user.Type == UserType.TenantAdmin)
+        {
+            return ResultOutput.NotOk("平台管理员禁止删除");
+        }
+
         //删除用户角色
         await _userRoleRepository.DeleteAsync(a => a.UserId == id);
-        //删除员工所属部门
+        //删除用户所属部门
         await _userOrgRepository.DeleteAsync(a => a.UserId == id);
+        //删除员工
+        await _staffRepository.DeleteAsync(a => a.Id == id);
         //删除用户
         await _userRepository.DeleteAsync(a => a.Id == id);
 
@@ -383,12 +395,18 @@ public class UserService : BaseService, IUserService, IDynamicApi
     [Transaction]
     public virtual async Task<IResultOutput> BatchDeleteAsync(long[] ids)
     {
-        //删除员工
-        await _staffRepository.DeleteAsync(a => ids.Contains(a.Id));
+        var admin = await _userRepository.Select.Where(a => ids.Contains(a.Id) && (a.Type == UserType.PlatformAdmin || a.Type == UserType.TenantAdmin)).AnyAsync();
+        if (admin)
+        {
+            return ResultOutput.NotOk("平台管理员禁止删除");
+        }
+       
         //删除用户角色
         await _userRoleRepository.DeleteAsync(a => ids.Contains(a.UserId));
-        //删除员工所属部门
+        //删除用户所属部门
         await _userOrgRepository.DeleteAsync(a => ids.Contains(a.UserId));
+        //删除员工
+        await _staffRepository.DeleteAsync(a => ids.Contains(a.Id));
         //删除用户
         await _userRepository.DeleteAsync(a => ids.Contains(a.Id));
 
@@ -403,9 +421,20 @@ public class UserService : BaseService, IUserService, IDynamicApi
     [Transaction]
     public virtual async Task<IResultOutput> SoftDeleteAsync(long id)
     {
-        await _staffRepository.SoftDeleteAsync(a => a.Id == id);
+        var user = await _userRepository.Select.WhereDynamic(id).ToOneAsync(a => new { a.Type });
+        if (user == null)
+        {
+            return ResultOutput.NotOk("用户不存在");
+        }
+
+        if (user.Type == UserType.PlatformAdmin || user.Type == UserType.TenantAdmin)
+        {
+            return ResultOutput.NotOk("平台管理员禁止删除");
+        }
+
         await _userRoleRepository.DeleteAsync(a => a.UserId == id);
         await _userOrgRepository.DeleteAsync(a => a.UserId == id);
+        await _staffRepository.SoftDeleteAsync(a => a.Id == id);
         await _userRepository.SoftDeleteAsync(id);
 
         return ResultOutput.Ok();
@@ -419,9 +448,15 @@ public class UserService : BaseService, IUserService, IDynamicApi
     [Transaction]
     public virtual async Task<IResultOutput> BatchSoftDeleteAsync(long[] ids)
     {
-        await _staffRepository.SoftDeleteAsync(a => ids.Contains(a.Id));
+        var admin = await _userRepository.Select.Where(a => ids.Contains(a.Id) && (a.Type == UserType.PlatformAdmin || a.Type == UserType.TenantAdmin)).AnyAsync();
+        if (admin)
+        {
+            return ResultOutput.NotOk("平台管理员禁止删除");
+        }
+
         await _userRoleRepository.DeleteAsync(a => ids.Contains(a.UserId));
         await _userOrgRepository.DeleteAsync(a => ids.Contains(a.UserId));
+        await _staffRepository.SoftDeleteAsync(a => ids.Contains(a.Id));
         await _userRepository.SoftDeleteAsync(ids);
 
         return ResultOutput.Ok();

src/platform/ZhonTai.Admin/ZhonTai.Admin.xml

@@ -2097,6 +2097,36 @@
             权限
             </summary>
         </member>
+        <member name="T:ZhonTai.Admin.Domain.Role.DataScope">
+            <summary>
+            数据范围
+            </summary>
+        </member>
+        <member name="F:ZhonTai.Admin.Domain.Role.DataScope.All">
+            <summary>
+            全部
+            </summary>
+        </member>
+        <member name="F:ZhonTai.Admin.Domain.Role.DataScope.Dept">
+            <summary>
+            本部门
+            </summary>
+        </member>
+        <member name="F:ZhonTai.Admin.Domain.Role.DataScope.DeptWithChild">
+            <summary>
+            本部门和下级部门
+            </summary>
+        </member>
+        <member name="F:ZhonTai.Admin.Domain.Role.DataScope.Custom">
+            <summary>
+            指定部门
+            </summary>
+        </member>
+        <member name="F:ZhonTai.Admin.Domain.Role.DataScope.Self">
+            <summary>
+            本人数据
+            </summary>
+        </member>
         <member name="P:ZhonTai.Admin.Domain.Role.Dto.RoleGetListInput.Name">
             <summary>
             名称
@@ -2147,6 +2177,11 @@
             角色类型
             </summary>
         </member>
+        <member name="P:ZhonTai.Admin.Domain.Role.RoleEntity.DataScope">
+            <summary>
+            数据范围
+            </summary>
+        </member>
         <member name="P:ZhonTai.Admin.Domain.Role.RoleEntity.Description">
             <summary>
             说明
@@ -5307,6 +5342,11 @@
             邮箱
             </summary>
         </member>
+        <member name="P:ZhonTai.Admin.Services.User.Dto.UserGetPageOutput.Type">
+            <summary>
+            用户类型
+            </summary>
+        </member>
         <member name="P:ZhonTai.Admin.Services.User.Dto.UserGetPageOutput.RoleNames">
             <summary>
             角色