auth-servcie 中添加一个 /api/account/require_role 接口

auth/auth-service/src/main/java/cn/reghao/tnb/auth/app/controller/AccountProfileController.java

@@ -1,6 +1,7 @@
 package cn.reghao.tnb.auth.app.controller;
 
 import cn.reghao.jutil.jdk.web.result.Result;
+import cn.reghao.tnb.auth.app.model.dto.GrantRole;
 import cn.reghao.tnb.common.web.WebResult;
 import cn.reghao.tnb.auth.app.model.dto.PasswordUpdateDto;
 import cn.reghao.tnb.auth.app.model.dto.UserEmailUpdate;
@@ -27,6 +28,13 @@ public class AccountProfileController {
         this.accountProfileService = accountProfileService;
     }
 
+    @Operation(summary = "请求授予角色", description = "N")
+    @PostMapping(value = "/require_role", produces = MediaType.APPLICATION_JSON_VALUE)
+    public String requireRole(@RequestBody @Validated GrantRole grantRole) {
+        Result result = accountProfileService.grantRole(grantRole);
+        return WebResult.result(result);
+    }
+
     @Operation(summary = "修改用户名", description = "N")
     @PostMapping(value = "/screenname", produces = MediaType.APPLICATION_JSON_VALUE)
     public String updateUserScreenName(@NotBlank(message = "用户名不能为空") String screenName) {

auth/auth-service/src/main/java/cn/reghao/tnb/auth/app/db/repository/AccountRepository.java

@@ -60,9 +60,14 @@ public class AccountRepository {
         userAccountMapper.updateUserAvatar(userId, avatarUrl);
     }
 
-    private void addUserRole(long userId, String role) {
-        UserRole userRole = new UserRole(userId, role);
-        userRoleMapper.save(userRole);
+    public void addUserRole(long userId, String role) {
+        Set<String> roles = userRoleMapper.findRolesByUserId(userId).stream()
+                .map(UserRole::getName)
+                .collect(Collectors.toSet());
+        if (!roles.contains(role)) {
+            UserRole userRole = new UserRole(userId, role);
+            userRoleMapper.save(userRole);
+        }
     }
 
     @CacheEvict(cacheNames = "tnb:account:registry", key = "'account-registry'")

auth/auth-service/src/main/java/cn/reghao/tnb/auth/app/model/dto/GrantRole.java

@@ -0,0 +1,19 @@
+package cn.reghao.tnb.auth.app.model.dto;
+
+import cn.reghao.jutil.jdk.web.validator.ValidEnum;
+import cn.reghao.tnb.common.auth.AccountRole;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Size;
+import lombok.Data;
+
+/**
+ * @author reghao
+ * @date 2026-05-11 16:48:09
+ */
+@Data
+public class GrantRole {
+    //@ValidEnum(value = AccountRole.class, message = "角色类型不正确")
+    @NotBlank(message = "role 不能为空字符串")
+    @Size(min = 1, max = 10)
+    private String role;
+}

auth/auth-service/src/main/java/cn/reghao/tnb/auth/app/service/AccountProfileService.java

@@ -5,11 +5,13 @@ import cn.reghao.jutil.jdk.security.RandomString;
 import cn.reghao.tnb.auth.app.model.constant.VerifyChannel;
 import cn.reghao.tnb.auth.app.db.mapper.UserAccountMapper;
 import cn.reghao.tnb.auth.app.db.repository.AccountRepository;
+import cn.reghao.tnb.auth.app.model.dto.GrantRole;
 import cn.reghao.tnb.auth.app.model.dto.PasswordResetDto;
 import cn.reghao.tnb.auth.app.model.dto.PasswordUpdateDto;
 import cn.reghao.tnb.auth.app.model.dto.UserEmailUpdate;
 import cn.reghao.tnb.auth.app.model.po.UserAccount;
 import cn.reghao.tnb.auth.app.security.form.AccountAuthToken;
+import cn.reghao.tnb.common.auth.AccountRole;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
@@ -37,6 +39,19 @@ public class AccountProfileService {
         this.passwordEncoder = passwordEncoder;
     }
 
+    public Result grantRole(GrantRole grantRole) {
+        String roleName = grantRole.getRole();
+        AccountRole accountRole = AccountRole.getByDesc(roleName);
+        if (accountRole == null) {
+            return Result.fail(String.format("role %s not exists", roleName));
+        }
+
+        AccountAuthToken authToken = accountTokenService.getAuthToken();
+        long userId = authToken.getUserId();
+        accountRepository.addUserRole(userId, roleName);
+        return Result.success();
+    }
+
     public Result updateUserScreenName(String screenName) {
         AccountAuthToken authToken = accountTokenService.getAuthToken();
         long userId = authToken.getUserId();

common/src/main/java/cn/reghao/tnb/common/auth/AccountRole.java

@@ -1,5 +1,8 @@
 package cn.reghao.tnb.common.auth;
 
+import java.util.HashMap;
+import java.util.Map;
+
 /**
  * @author reghao
  * @date 2024-02-14 19:13:18
@@ -16,6 +19,13 @@ public enum AccountRole {
         this.desc = desc;
     }
 
+    private static final Map<String, AccountRole> map = new HashMap<>();
+    static {
+        for (AccountRole role : AccountRole.values()) {
+            map.put(role.getDesc(), role);
+        }
+    }
+
     public String getName() {
         return this.name();
     }
@@ -27,4 +37,8 @@ public enum AccountRole {
     public String getDesc() {
         return desc;
     }
+
+    public static AccountRole getByDesc(String desc) {
+        return map.get(desc);
+    }
 }