员工权限相关接口

cash-api/account-server/src/main/java/com/czg/AccountApplication.java

@@ -5,6 +5,7 @@ import com.czg.account.entity.SysRolesMenus;
 import com.czg.account.service.SysMenuService;
 import com.czg.account.service.SysRolesMenusService;
 import com.czg.annotation.SaAdminCheckPermission;
+import com.mybatisflex.core.dialect.DbType;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.dubbo.config.spring.context.annotation.EnableDubbo;
 import org.mybatis.spring.annotation.MapperScan;
@@ -13,6 +14,7 @@ import org.springframework.boot.CommandLineRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
+import org.springframework.context.annotation.Bean;
 import org.springframework.core.annotation.AnnotationUtils;
 import org.springframework.transaction.annotation.EnableTransactionManagement;
 import org.springframework.web.method.HandlerMethod;
@@ -43,6 +45,8 @@ public class AccountApplication implements CommandLineRunner {
     @Autowired
     private SysRolesMenusService sysRolesMenusService;
 
+
+
     public void run(String... args) {
         Map<RequestMappingInfo, HandlerMethod> handlerMethods = this.requestMappingHandlerMapping.getHandlerMethods();
         handlerMethods.forEach((key, value) -> {

cash-api/account-server/src/main/java/com/czg/controller/admin/AuthorizationController.java

@@ -5,6 +5,7 @@ import com.czg.account.service.AuthorizationService;
 import com.czg.account.service.PermissionService;
 import com.czg.account.vo.LoginVO;
 import com.czg.annotation.SaAdminCheckPermission;
+import com.czg.annotation.SaStaffCheckPermission;
 import com.czg.resp.CzgResult;
 import com.czg.sa.StpKit;
 import jakarta.annotation.Resource;
@@ -50,6 +51,7 @@ public class AuthorizationController {
         return CzgResult.success();
     }
 
+    @SaStaffCheckPermission("1231")
     @GetMapping("test")
     public CzgResult<?> login() {
         return CzgResult.success(Map.of("token", StpKit.USER.getShopId()));

cash-api/account-server/src/main/java/com/czg/controller/admin/ShopPermissionController.java

@@ -0,0 +1,33 @@
+package com.czg.controller.admin;
+
+import com.czg.account.entity.ShopPermission;
+import com.czg.account.service.ShopPermissionService;
+import com.czg.annotation.SaAdminCheckPermission;
+import com.czg.resp.CzgResult;
+import com.czg.sa.StpKit;
+import jakarta.annotation.Resource;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.List;
+
+/**
+ * @author Administrator
+ */
+@RestController
+@RequestMapping("/admin/shopPermission")
+public class ShopPermissionController {
+    @Resource
+    private ShopPermissionService shopPermissionService;
+
+    /**
+     * 获取店铺权限列表
+     * @return 权限列表
+     */
+    @SaAdminCheckPermission("shopPermission:list")
+    @GetMapping
+    public CzgResult<List<ShopPermission>> getPermission() {
+        return CzgResult.success(shopPermissionService.getPermission());
+    }
+}

cash-api/account-server/src/main/java/com/czg/controller/admin/ShopStaffController.java

@@ -13,6 +13,8 @@ import jakarta.annotation.Resource;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.List;
+
 /**
  * 店铺员工管理
  *
@@ -38,6 +40,17 @@ public class ShopStaffController {
         return CzgResult.success(shopStaffService.get(name, code));
     }
 
+    /**
+     * 获取员工对应的权限id
+     * 权限标识: shopStaff:permission
+     * @return 权限id集合
+     */
+    @SaAdminCheckPermission("shopStaff:permission")
+    @GetMapping("/permission")
+    public CzgResult<List<Long>> permission(@RequestParam Long id) {
+        return CzgResult.success(shopStaffService.permission(id));
+    }
+
     /**
      * 员工详情
      * 权限标识: shopStaff:detail

cash-api/account-server/src/main/java/com/czg/controller/user/UserAuthorizationController.java

@@ -4,6 +4,7 @@ import com.czg.account.dto.auth.LoginTokenDTO;
 import com.czg.account.dto.auth.UserAuthorizationLoginDTO;
 import com.czg.account.service.UserAuthorizationService;
 import com.czg.resp.CzgResult;
+import com.czg.sa.MyStpLogic;
 import com.czg.sa.StpKit;
 import jakarta.annotation.Resource;
 import org.springframework.validation.annotation.Validated;
@@ -37,7 +38,7 @@ public class UserAuthorizationController {
      */
     @PostMapping("/test")
     public CzgResult<String> login() {
-        StpKit.USER.login(1L, null, false, false);
+        StpKit.USER.login(1L, null, MyStpLogic.LoginType.MANAGER, false);
         return CzgResult.success(StpKit.USER.getTokenValue());
     }
 }

cash-common/cash-common-sa-token/src/main/java/com/czg/annotation/SaStaffCheckPermission.java

@@ -0,0 +1,29 @@
+package com.czg.annotation;
+
+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.dev33.satoken.annotation.SaMode;
+import org.springframework.core.annotation.AliasFor;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 权限认证(User版)：必须具有指定权限才能进入该方法
+ * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上）
+ * @author click33
+ *
+ */
+//@SaCheckPermission(type = "user")
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ ElementType.METHOD, ElementType.TYPE})
+public @interface SaStaffCheckPermission {
+
+    /**
+     * 需要校验的权限码
+     * @return 需要校验的权限码
+     */
+    String  value() default "";
+
+}

cash-common/cash-common-sa-token/src/main/java/com/czg/handler/SaStaffCheckPermissionHandler.java

@@ -0,0 +1,31 @@
+package com.czg.handler;
+
+import cn.dev33.satoken.annotation.handler.SaAnnotationHandlerInterface;
+import cn.hutool.core.util.StrUtil;
+import com.czg.annotation.SaStaffCheckPermission;
+import com.czg.sa.StpKit;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+
+import java.lang.reflect.Method;
+
+/**
+ * 员工权限校验
+ * @author Administrator
+ */
+@Component
+@Slf4j
+public class SaStaffCheckPermissionHandler implements SaAnnotationHandlerInterface<SaStaffCheckPermission> {
+
+    @Override
+    public Class<SaStaffCheckPermission> getHandlerAnnotationClass() {
+        return SaStaffCheckPermission.class;
+    }
+
+    @Override
+    public void checkMethod(SaStaffCheckPermission at, Method method) {
+        if (at != null && StrUtil.isNotBlank(at.value()) && StpKit.USER.isStaff()) {
+            StpKit.USER.checkPermission(at.value());
+        }
+    }
+}

cash-common/cash-common-sa-token/src/main/java/com/czg/sa/MyStpLogic.java

@@ -26,6 +26,10 @@ public class MyStpLogic {
     public static final StpLogic CLIENT_LOGIC = new StpLogic("client");
     public static final StpLogic ADMIN_LOGIC = new StpLogic("admin");
 
+    public enum LoginType {
+        MANAGER, USER, STAFF
+    }
+
     private StpLogic getLogic() {
         boolean hit = SaRouter.match("/admin/**").isHit();
         if (hit) {
@@ -37,16 +41,16 @@ public class MyStpLogic {
     /**
      * @param id        登录账号id
      * @param shopId    店铺id
-     * @param isManager true 管理端 false 用户端
+     * @param loginType 登录类型枚举
      * @param isAdmin   是否为管理员账号
      */
-    public void login(Long id, Long shopId, boolean isManager, boolean isAdmin) {
+    public void login(Long id, Long shopId, LoginType loginType, boolean isAdmin) {
         StpLogic logic = getLogic();
         logic.login(id);
-        if (isManager && shopId == null) {
+        if (loginType.equals(LoginType.MANAGER) && shopId == null) {
             throw new ApiNotPrintException("管理端登录必须传递店铺id");
         }
-        SaSession session = logic.getSession().set("userId", id).set("isAdmin", isAdmin).set("isManager", isManager);
+        SaSession session = logic.getSession().set("userId", id).set("isAdmin", isAdmin).set("isManager", loginType.equals(LoginType.MANAGER)).set("loginType", loginType);
         if (shopId != null) {
             session.set("shopId", shopId);
         }
@@ -104,6 +108,28 @@ public class MyStpLogic {
         }
     }
 
+    /**
+     * 是否为管理端登录
+     *
+     * @return 布尔值
+     */
+    public boolean isStaff() {
+        StpLogic logic = getLogic();
+        Object object = logic.getSession().get("loginType");
+        return object instanceof LoginType t && t.equals(LoginType.STAFF);
+    }
+
+    /**
+     * 是否为管理端登录
+     *
+     * @return 布尔值
+     */
+    public boolean isManager() {
+        StpLogic logic = getLogic();
+        Object object = logic.getSession().get("isManager");
+        return object instanceof Boolean t && t;
+    }
+
     /**
      * 是否为管理员
      *

cash-common/cash-common-service/src/main/java/com/czg/account/dto/ShopPermissionDTO.java

@@ -0,0 +1,71 @@
+
+package com.czg.account.dto;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+import com.alibaba.fastjson2.annotation.JSONField;
+import java.io.Serial;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * 店铺权限 实体类。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class ShopPermissionDTO implements Serializable {
+
+    @Serial
+    private static final long serialVersionUID = 1L;
+
+    private Integer id;
+
+    /**
+     * 权限类型：staff 员工，
+     */
+    private String type;
+
+    /**
+     * 权限名称
+     */
+    private String label;
+
+    /**
+     * 权限code，为了区分采用汉语拼音
+     */
+    private String code;
+
+    /**
+     * 层级
+     */
+    private Integer level;
+
+    /**
+     * 上级ID
+     */
+    private Integer parentId;
+
+    /**
+     * 是否重要： 重要对应页面红色
+     */
+    private Integer isImportant;
+
+    /**
+     * 排序
+     */
+    private Integer sort;
+
+    @JSONField(format = "yyyy-MM-dd HH:mm:ss")
+    private LocalDateTime createTime;
+
+    @JSONField(format = "yyyy-MM-dd HH:mm:ss")
+    private LocalDateTime updateTime;
+
+}

cash-common/cash-common-service/src/main/java/com/czg/account/dto/ShopStaffPermissionDTO.java

@@ -0,0 +1,48 @@
+
+package com.czg.account.dto;
+
+import java.io.Serializable;
+import java.io.Serial;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * 店铺员工权限关联表 实体类。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class ShopStaffPermissionDTO implements Serializable {
+
+    @Serial
+    private static final long serialVersionUID = 1L;
+
+    private Integer id;
+
+    /**
+     * 权限ID
+     */
+    private Integer permissionId;
+
+    /**
+     * 员工ID
+     */
+    private Integer staffId;
+
+    /**
+     * 店铺ID
+     */
+    private Integer shopId;
+
+    /**
+     * 用户ID
+     */
+    private Integer userId;
+
+}

cash-common/cash-common-service/src/main/java/com/czg/account/dto/staff/ShopStaffAddDTO.java

@@ -5,6 +5,7 @@ import jakarta.validation.constraints.NotNull;
 import lombok.Data;
 
 import java.math.BigDecimal;
+import java.util.List;
 
 /**
  * @author Administrator
@@ -16,6 +17,10 @@ public class ShopStaffAddDTO {
      */
     @NotNull(message = "角色id不为空")
     private Long roleId;
+    /**
+     * 店铺权限id集合
+     */
+    private List<Long> shopPermissionIds;
     /**
      * 员工姓名
      */

cash-common/cash-common-service/src/main/java/com/czg/account/dto/staff/ShopStaffEditDTO.java

@@ -5,6 +5,7 @@ import jakarta.validation.constraints.NotNull;
 import lombok.Data;
 
 import java.math.BigDecimal;
+import java.util.List;
 
 /**
  * @author Administrator
@@ -13,6 +14,10 @@ import java.math.BigDecimal;
 public class ShopStaffEditDTO {
     @NotNull(message = "id不为空")
     private Long id;
+    /**
+     * 店铺权限id集合
+     */
+    private List<Long> shopPermissionIds;
     /**
      * 角色id
      */

cash-common/cash-common-service/src/main/java/com/czg/account/entity/ShopPermission.java

@@ -0,0 +1,81 @@
+package com.czg.account.entity;
+
+import com.mybatisflex.annotation.Column;
+import com.mybatisflex.annotation.Id;
+import com.mybatisflex.annotation.KeyType;
+import com.mybatisflex.annotation.Table;
+import java.io.Serializable;
+import java.time.LocalDateTime;
+
+import java.io.Serial;
+import java.util.List;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * 店铺权限 实体类。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Table("tb_shop_permission")
+public class ShopPermission implements Serializable {
+
+    @Serial
+    private static final long serialVersionUID = 1L;
+
+    @Id(keyType = KeyType.Auto)
+    private Long id;
+
+    /**
+     * 权限类型：staff 员工，
+     */
+    private String type;
+
+    /**
+     * 权限名称
+     */
+    private String label;
+
+    /**
+     * 权限code，为了区分采用汉语拼音
+     */
+    private String code;
+
+    /**
+     * 层级
+     */
+    private Integer level;
+
+    /**
+     * 上级ID
+     */
+    private Long parentId;
+
+    /**
+     * 是否重要： 重要对应页面红色
+     */
+    private Integer isImportant;
+
+    /**
+     * 排序
+     */
+    private Integer sort;
+
+    @Column(onInsertValue = "now()")
+    private LocalDateTime createTime;
+
+    @Column(onInsertValue = "now()", onUpdateValue = "now()")
+    private LocalDateTime updateTime;
+
+    @Column(ignore = true)
+    private List<ShopPermission> children;
+
+}

cash-common/cash-common-service/src/main/java/com/czg/account/entity/ShopStaffPermission.java

@@ -0,0 +1,54 @@
+package com.czg.account.entity;
+
+import com.mybatisflex.annotation.Id;
+import com.mybatisflex.annotation.KeyType;
+import com.mybatisflex.annotation.Table;
+import java.io.Serializable;
+
+import java.io.Serial;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * 店铺员工权限关联表 实体类。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Table("tb_shop_staff_permission")
+public class ShopStaffPermission implements Serializable {
+
+    @Serial
+    private static final long serialVersionUID = 1L;
+
+    @Id(keyType = KeyType.Auto)
+    private Long id;
+
+    /**
+     * 权限ID
+     */
+    private Long permissionId;
+
+    /**
+     * 员工ID
+     */
+    private Long staffId;
+
+    /**
+     * 店铺ID
+     */
+    private Long shopId;
+
+    /**
+     * 用户ID
+     */
+    private Long userId;
+
+}

cash-common/cash-common-service/src/main/java/com/czg/account/service/ShopPermissionService.java

@@ -0,0 +1,17 @@
+package com.czg.account.service;
+
+import com.mybatisflex.core.service.IService;
+import com.czg.account.entity.ShopPermission;
+
+import java.util.List;
+
+/**
+ * 店铺权限 服务层。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+public interface ShopPermissionService extends IService<ShopPermission> {
+
+    List<ShopPermission> getPermission();
+}

cash-common/cash-common-service/src/main/java/com/czg/account/service/ShopStaffPermissionService.java

@@ -0,0 +1,18 @@
+package com.czg.account.service;
+
+import com.czg.account.entity.ShopPermission;
+import com.mybatisflex.core.service.IService;
+import com.czg.account.entity.ShopStaffPermission;
+
+import java.util.List;
+
+/**
+ * 店铺员工权限关联表 服务层。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+public interface ShopStaffPermissionService extends IService<ShopStaffPermission> {
+
+    List<ShopPermission> getPermissionByStaffId(Long shopId, Long staffId, Long userId);
+}

cash-common/cash-common-service/src/main/java/com/czg/account/service/ShopStaffService.java

@@ -7,6 +7,8 @@ import com.czg.account.entity.ShopStaff;
 import com.mybatisflex.core.paginate.Page;
 import com.mybatisflex.core.service.IService;
 
+import java.util.List;
+
 /**
  * 店铺员工 服务层。
  *
@@ -22,4 +24,6 @@ public interface ShopStaffService extends IService<ShopStaff> {
     Page<ShopStaff> get(String name, String code);
 
     Boolean delete(ShopStaffRemoveDTO shopStaffRemoveDTO);
+
+    List<Long> permission(Long id);
 }

cash-service/account-service/pom.xml

@@ -44,5 +44,18 @@
         </dependency>
 
     </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>21</source>
+                    <target>21</target>
+                    <compilerArgs>--enable-preview</compilerArgs>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
 
 </project>

cash-service/account-service/src/main/java/com/czg/service/account/mapper/ShopPermissionMapper.java

@@ -0,0 +1,14 @@
+package com.czg.service.account.mapper;
+
+import com.mybatisflex.core.BaseMapper;
+import com.czg.account.entity.ShopPermission;
+
+/**
+ * 店铺权限 映射层。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+public interface ShopPermissionMapper extends BaseMapper<ShopPermission> {
+
+}

cash-service/account-service/src/main/java/com/czg/service/account/mapper/ShopStaffPermissionMapper.java

@@ -0,0 +1,19 @@
+package com.czg.service.account.mapper;
+
+import com.czg.account.entity.ShopPermission;
+import com.mybatisflex.core.BaseMapper;
+import com.czg.account.entity.ShopStaffPermission;
+import org.apache.ibatis.annotations.Param;
+
+import java.util.List;
+
+/**
+ * 店铺员工权限关联表 映射层。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+public interface ShopStaffPermissionMapper extends BaseMapper<ShopStaffPermission> {
+
+    List<ShopPermission> getPermissionByStaffId(@Param("shopId") Long shopId, @Param("staffId") Long staffId, @Param("userId") Long userId);
+}

cash-service/account-service/src/main/java/com/czg/service/account/service/impl/AuthorizationServiceImpl.java

@@ -11,6 +11,7 @@ import com.czg.account.vo.LoginVO;
 import com.czg.config.RedisCst;
 import com.czg.enums.StatusEnum;
 import com.czg.exception.ApiNotPrintException;
+import com.czg.sa.MyStpLogic;
 import com.czg.sa.StpKit;
 import com.czg.service.RedisService;
 import com.czg.service.account.mapper.SysMenuMapper;
@@ -18,6 +19,7 @@ import com.wf.captcha.SpecCaptcha;
 import jakarta.annotation.Resource;
 import org.springframework.stereotype.Service;
 
+import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 import java.util.stream.Collectors;
@@ -35,6 +37,8 @@ public class AuthorizationServiceImpl implements AuthorizationService {
     @Resource
     private ShopStaffService shopStaffService;
     @Resource
+    private ShopStaffPermissionService shopStaffPermissionService;
+    @Resource
     private ShopInfoService shopInfoService;
     @Resource
     private SysRoleService sysRoleService;
@@ -90,6 +94,8 @@ public class AuthorizationServiceImpl implements AuthorizationService {
         }
 
         ShopInfo shopInfo;
+        boolean isStaff = false;
+        List<String> shopStaffPromissionList = null;
         // 商户员工登录
         if (loginDTO.loginType() == 1) {
             ShopStaff shopStaff = shopStaffService.queryChain().eq(ShopStaff::getStatus, 1)
@@ -98,8 +104,11 @@ public class AuthorizationServiceImpl implements AuthorizationService {
             if (shopStaff == null) {
                 throw new ApiNotPrintException("账户未启用");
             }
-
+            isStaff = true;
             shopInfo = shopInfoService.getById(shopStaff.getShopId());
+
+            // 查询员工权限
+            shopStaffPromissionList = shopStaffPermissionService.getPermissionByStaffId(shopInfo.getId(), shopStaff.getId(), user.getId()).stream().map(ShopPermission::getCode).toList();
         }else {
             shopInfo = shopInfoService.getById(user.getId());
         }
@@ -114,13 +123,17 @@ public class AuthorizationServiceImpl implements AuthorizationService {
             }
         }
 
-        StpKit.USER.login(user.getId(), shopInfo.getId(), true, user.getIsAdmin());
+        StpKit.USER.login(user.getId(), shopInfo.getId(), isStaff ? MyStpLogic.LoginType.STAFF :MyStpLogic.LoginType.MANAGER, user.getIsAdmin());
         // 查询角色
         List<SysRole> roleList = sysRoleService.getByUserId(user.getId());
         List<String> roleNames = roleList.stream().map(SysRole::getName).collect(Collectors.toList());
         StpKit.USER.addRoleList(roleNames);
         // 权限赋予
         List<String> promissionList = sysMenuMapper.selectByUserId(user.getId(), null).stream().map(SysMenu::getPermission).filter(StrUtil::isNotBlank).collect(Collectors.toList());
+        // 加入员工权限
+        if (shopStaffPromissionList != null && !shopStaffPromissionList.isEmpty()) {
+            promissionList.addAll(shopStaffPromissionList);
+        }
         StpKit.USER.addPermissionList(promissionList);
         return new LoginVO(StpKit.USER.getTokenInfo(), promissionList, loginDTO.loginType(), shopInfo);
     }

cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopPermissionServiceImpl.java

@@ -0,0 +1,42 @@
+package com.czg.service.account.service.impl;
+
+import com.mybatisflex.spring.service.impl.ServiceImpl;
+import com.czg.account.entity.ShopPermission;
+import com.czg.account.service.ShopPermissionService;
+import com.czg.service.account.mapper.ShopPermissionMapper;
+import org.springframework.stereotype.Service;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+/**
+ * 店铺权限 服务层实现。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+@Service
+public class ShopPermissionServiceImpl extends ServiceImpl<ShopPermissionMapper, ShopPermission> implements ShopPermissionService{
+
+    @Override
+    public List<ShopPermission> getPermission() {
+        // 构建 parentId -> Permission 映射
+        List<ShopPermission> permissions = list();
+        Map<Long, List<ShopPermission>> groupByParent = permissions.stream()
+                .collect(Collectors.groupingBy(ShopPermission::getParentId));
+
+        // 通过 stream 递归构建树
+        return permissions.stream()
+                .filter(p -> p.getParentId() == 0)
+                .peek(p -> p.setChildren(getChildren(p.getId(), groupByParent)))
+                .collect(Collectors.toList());
+    }
+
+    private static List<ShopPermission> getChildren(long parentId, Map<Long, List<ShopPermission>> groupByParent) {
+        return groupByParent.getOrDefault(parentId, new ArrayList<>()).stream()
+                .peek(child -> child.setChildren(getChildren(child.getId(), groupByParent)))
+                .collect(Collectors.toList());
+    }
+}

cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopStaffPermissionServiceImpl.java

@@ -0,0 +1,25 @@
+package com.czg.service.account.service.impl;
+
+import com.czg.account.entity.ShopPermission;
+import com.mybatisflex.spring.service.impl.ServiceImpl;
+import com.czg.account.entity.ShopStaffPermission;
+import com.czg.account.service.ShopStaffPermissionService;
+import com.czg.service.account.mapper.ShopStaffPermissionMapper;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+/**
+ * 店铺员工权限关联表 服务层实现。
+ *
+ * @author zs
+ * @since 2025-02-18
+ */
+@Service
+public class ShopStaffPermissionServiceImpl extends ServiceImpl<ShopStaffPermissionMapper, ShopStaffPermission> implements ShopStaffPermissionService{
+
+    @Override
+    public List<ShopPermission> getPermissionByStaffId(Long shopId, Long staffId, Long userId) {
+        return mapper.getPermissionByStaffId(shopId, staffId, userId);
+    }
+}

cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopStaffServiceImpl.java

@@ -5,11 +5,11 @@ import cn.hutool.core.util.StrUtil;
 import com.czg.account.dto.staff.ShopStaffAddDTO;
 import com.czg.account.dto.staff.ShopStaffEditDTO;
 import com.czg.account.dto.staff.ShopStaffRemoveDTO;
+import com.czg.account.entity.ShopPermission;
 import com.czg.account.entity.ShopStaff;
+import com.czg.account.entity.ShopStaffPermission;
 import com.czg.account.entity.SysUser;
-import com.czg.account.service.ShopStaffService;
+import com.czg.account.service.*;
-import com.czg.account.service.SysUserService;
-import com.czg.account.service.SysUsersRolesService;
 import com.czg.exception.ApiNotPrintException;
 import com.czg.sa.StpKit;
 import com.czg.service.account.mapper.ShopStaffMapper;
@@ -20,6 +20,9 @@ import com.mybatisflex.spring.service.impl.ServiceImpl;
 import jakarta.annotation.Resource;
 import org.springframework.stereotype.Service;
 
+import java.util.ArrayList;
+import java.util.List;
+
 /**
  * 店铺员工 服务层实现。
  *
@@ -32,6 +35,10 @@ public class ShopStaffServiceImpl extends ServiceImpl<ShopStaffMapper, ShopStaff
     private SysUserService sysUserService;
     @Resource
     private SysUsersRolesService sysUsersRolesService;
+    @Resource
+    private ShopPermissionService shopPermissionService;
+    @Resource
+    private ShopStaffPermissionService shopStaffPermissionService;
 
     @Override
     public Boolean add(ShopStaffAddDTO shopStaffAddDTO) {
@@ -40,7 +47,11 @@ public class ShopStaffServiceImpl extends ServiceImpl<ShopStaffMapper, ShopStaff
         ShopStaff shopStaff = BeanUtil.copyProperties(shopStaffAddDTO, ShopStaff.class);
         shopStaff.setShopId(StpKit.USER.getLoginIdAsLong());
         shopStaff.setId(sysUser.getId());
-        return save(shopStaff);
+        save(shopStaff);
+
+        // 权限添加
+        addPermission(shopStaff, shopStaffAddDTO.getShopPermissionIds());
+        return true;
     }
 
     @Override
@@ -53,7 +64,33 @@ public class ShopStaffServiceImpl extends ServiceImpl<ShopStaffMapper, ShopStaff
 
         sysUserService.updateSysUserPwd(shopStaff.getId(), shopStaffEditDTO.getAccountPwd());
         BeanUtil.copyProperties(shopStaffEditDTO, shopStaff);
-        return updateById(shopStaff);
+        updateById(shopStaff);
+
+        if (!shopStaffEditDTO.getShopPermissionIds().isEmpty()) {
+            shopStaffPermissionService.updateChain().eq(ShopStaffPermission::getStaffId, shopStaff.getId())
+                    .eq(ShopStaffPermission::getShopId, StpKit.USER.getShopId()).eq(ShopStaffPermission::getUserId, shopStaff.getId()).remove();
+            // 权限添加
+            addPermission(shopStaff, shopStaffEditDTO.getShopPermissionIds());
+        }
+        return true;
+    }
+
+    private void addPermission(ShopStaff shopStaff, List<Long> shopPermissionIds) {
+        long count = shopPermissionService.queryChain().in(ShopPermission::getId, shopPermissionIds).count();
+        if (count != shopPermissionIds.size()) {
+            throw new ApiNotPrintException("存在不存在的权限");
+        }
+
+        ArrayList<ShopStaffPermission> staffPermissions = new ArrayList<>();
+        shopPermissionIds.forEach(item -> {
+            ShopStaffPermission shopStaffPermission = new ShopStaffPermission();
+            shopStaffPermission.setStaffId(shopStaff.getId());
+            shopStaffPermission.setShopId(StpKit.USER.getShopId());
+            shopStaffPermission.setUserId(shopStaff.getId());
+            shopStaffPermission.setPermissionId(item);
+            staffPermissions.add(shopStaffPermission);
+        });
+        shopStaffPermissionService.saveBatch(staffPermissions);
     }
 
     @Override
@@ -82,4 +119,9 @@ public class ShopStaffServiceImpl extends ServiceImpl<ShopStaffMapper, ShopStaff
         sysUserService.removeUserAndRole(shopStaff.getId());
         return removeById(shopStaff.getId());
     }
+
+    @Override
+    public List<Long> permission(Long id) {
+        return shopStaffPermissionService.getPermissionByStaffId(StpKit.USER.getShopId(), id, id).stream().map(ShopPermission::getId).toList();
+    }
 }

cash-service/account-service/src/main/java/com/czg/service/account/service/impl/UserAuthorizationServiceImpl.java

@@ -12,6 +12,7 @@ import com.czg.account.service.UserInfoService;
 import com.czg.enums.StatusEnum;
 import com.czg.enums.UserAuthSourceEnum;
 import com.czg.exception.CzgException;
+import com.czg.sa.MyStpLogic;
 import com.czg.sa.StpKit;
 import com.czg.service.account.util.AlipayUtil;
 import com.czg.service.account.util.WechatAuthUtil;
@@ -63,7 +64,7 @@ public class UserAuthorizationServiceImpl implements UserAuthorizationService {
         userInfo.setLastLoginTime(DateUtil.date().toLocalDateTime());
         userInfoService.saveOrUpdate(userInfo);
 //        StpKit.USER.login(userInfo.getId());
-        StpKit.USER.login(userInfo.getId(), null, false, false);
+        StpKit.USER.login(userInfo.getId(), null, MyStpLogic.LoginType.USER, false);
         return new LoginTokenDTO(StpKit.USER.getTokenValue(), userInfo);
     }
 }

cash-service/account-service/src/main/resources/mapper/ShopPermissionMapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper
+        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.czg.service.account.mapper.ShopPermissionMapper">
+
+</mapper>

cash-service/account-service/src/main/resources/mapper/ShopStaffPermissionMapper.xml

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper
+        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.czg.service.account.mapper.ShopStaffPermissionMapper">
+
+    <select id="getPermissionByStaffId" resultType="com.czg.account.entity.ShopPermission">
+        select b.* from tb_shop_staff_permission as a left join tb_shop_permission as b on a.permission_id=b.id
+        where a.shop_id=#{shopId} and a.staff_id=#{staffId} and a.user_id=#{userId}
+    </select>
+</mapper>

cash-service/code-generator/src/main/java/com/czg/Main.java

@@ -28,8 +28,8 @@ public class Main {
 //        String packageName = "product";
 //        String packageName = "order";
 
-        String tableName = "tb_shop_coupon_product";
+        String tableName = "tb_shop_staff_permission";
-        String author = "ww";
+        String author = "zs";
         //是否生成DTO实体 默认生成
         boolean isGenerateDto = true;