Merge branch 'release/v1.2.0' into 'master'

Release/v1.2.0

See merge request dcuc-tjdsj/auth-service!242

dcuc-auth-api/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>dcuc-auth</artifactId>
         <groupId>com.dragoninfo</groupId>
-        <version>2.4.3-tjdsj-SNAPSHOT</version>
+        <version>2.5.0-tjdsj-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/api/IZeroTrustAuthFacade.java

@@ -0,0 +1,51 @@
+package com.dragoninfo.dcuc.auth.auth.api;
+
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.*;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+/**
+ * @author mazq
+ * @date 2023/7/10
+ */
+@FeignClient(name = "dcuc-auth", path = "/dcuc/auth/zeroTrustAuth")
+public interface IZeroTrustAuthFacade {
+
+    /**
+     * 应用级鉴权
+     *
+     * @param appAuthReqVO 应用级鉴权请求
+     * @return 应用级权限
+     */
+    @PostMapping("appAuth")
+    ZeroTrustDataRespVO<String> appAuth(@RequestBody AppAuthReqVO appAuthReqVO);
+
+    /**
+     * 功能级鉴权
+     *
+     * @param functionAuthReqVO 功能级鉴权求
+     * @return 功能级鉴权
+     */
+    @PostMapping("functionAuth")
+    ZeroTrustDataRespVO<String> functionAuth(@RequestBody FunctionAuthReqVO functionAuthReqVO);
+
+    /**
+     * 服务级鉴权
+     *
+     * @param serviceAuthReqVO 服务级鉴权请求
+     * @return 服务级鉴权
+     */
+    @PostMapping("serviceAuth")
+    ZeroTrustDataRespVO<String> serviceAuth(@RequestBody ServiceAuthReqVO serviceAuthReqVO);
+
+    /**
+     * 数据级鉴权
+     *
+     * @param dataAuthReqVO 数据级鉴权
+     * @return 数据级鉴权
+     */
+    @PostMapping("dataAuth")
+    ZeroTrustDataRespVO<DataAuthRespVO> dataAuth(@RequestBody DataAuthReqVO dataAuthReqVO);
+
+}

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/IApprovalFacade.java

@@ -1,7 +1,9 @@
 package com.dragoninfo.dcuc.auth.auth.facade;
 
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustMessageRespVO;
 import com.dragoninfo.dcuc.auth.auth.dto.ApprovalDto;
 import com.dragoninfo.dcuc.auth.auth.entity.FuncApproval;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.approval.ApprovalCallBackReqVO;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
@@ -48,4 +50,13 @@ public interface IApprovalFacade {
 
     @PostMapping(value = "applyResult")
     ResponseDTO applyResult(@RequestBody ApprovalDto approvalDto);
+
+    /**
+     * 审批回调
+     *
+     * @param approvalCallBackReqVO 审批回调请求
+     * @return 状态
+     */
+    @PostMapping("callBack")
+    ZeroTrustMessageRespVO callBack(@RequestBody ApprovalCallBackReqVO approvalCallBackReqVO);
 }

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/IAuthRoleOrgRelFacade.java

@@ -1,7 +1,7 @@
 package com.dragoninfo.dcuc.auth.auth.facade;
 
-import com.dragoninfo.dcuc.auth.auth.vo.roleorgauth.RoleOrgAuthSaveVo;
-import com.dragoninfo.dcuc.auth.auth.vo.roleorgauth.RoleOrgAuthVo;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleorgauth.RoleOrgAuthSaveVo;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleorgauth.RoleOrgAuthVo;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
 import org.springframework.cloud.openfeign.FeignClient;

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/IRoleAuthInfoFacade.java

@@ -3,6 +3,9 @@ package com.dragoninfo.dcuc.auth.auth.facade;
 import com.dragoninfo.dcuc.auth.auth.entity.StaffAssignAuthInfo;
 import com.dragoninfo.dcuc.auth.auth.vo.RoleInfoVO;
 import com.dragoninfo.dcuc.auth.auth.vo.TreeInfoVO;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleauthapply.ApplyRoleInVo;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleauthapply.RoleAuthApplySaveVo;
+import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.data.domain.Page;
@@ -78,4 +81,20 @@ public interface IRoleAuthInfoFacade {
     List<TreeInfoVO> getRptOrgListByPid(@RequestParam(value = "appId", required = true) String appId,
                                         @RequestParam(value = "orgId", required = false) String orgId,
                                         @RequestParam(value = "isInit", required = false) boolean isInit);
+
+    /**
+     * 角色授权申请
+     * @param saveVo
+     * @return
+     */
+    @PostMapping("roleAuthApply")
+    ResponseStatus roleAuthApply(@RequestBody RoleAuthApplySaveVo saveVo);
+
+    /**
+     * 角色授权-角色列表
+     * @param searchDTO
+     * @return
+     */
+    @PostMapping("applyRoleList")
+    List<ApplyRoleInVo> applyRoleList(@RequestBody SearchDTO searchDTO);
 }

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/IRoleInfoFacade.java

@@ -1,10 +1,10 @@
 package com.dragoninfo.dcuc.auth.auth.facade;
 
 import com.dragoninfo.dcuc.auth.auth.entity.RoleInfo;
-import com.dragoninfo.dcuc.auth.auth.vo.DcucRoleVO;
 import com.dragoninfo.dcuc.auth.auth.vo.RoleAuthParamVo;
 import com.dragoninfo.dcuc.auth.auth.vo.RoleInfoVO;
 import com.dragoninfo.dcuc.auth.auth.vo.RsGridCheckedVO;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.rolemanage.RoleOperateApplyVo;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
@@ -182,9 +182,6 @@ public interface IRoleInfoFacade {
     @PostMapping(value = "staffRoleList")
     List<RoleInfoVO> staffRoleList(@RequestBody SearchDTO searchDTO);
 
-//    @RequestMapping(value = "getDcucRole")
-//    DcucRoleVO getDcucRole();
-
     /**
      * 根据角色代码获取角色信息
      *
@@ -202,4 +199,12 @@ public interface IRoleInfoFacade {
      */
     @PostMapping("roleAuthRoleViewPage")
     Page<RoleInfoVO> roleAuthRoleViewPage(@RequestBody SearchDTO searchDTO);
+
+    /**
+     * 角色生命周期管理
+     * @param roleOperateApplyVo
+     * @return
+     */
+    @PostMapping("roleOperateApply")
+    ResponseDTO<Object> roleOperateApply(@RequestBody RoleOperateApplyVo roleOperateApplyVo);
 }

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/element/facade/IEnvElementFacade.java

@@ -1,13 +1,18 @@
 package com.dragoninfo.dcuc.auth.element.facade;
 
+import com.dragoninfo.dcuc.auth.element.vo.ElementUserRelRespVo;
+import com.dragoninfo.dcuc.auth.element.vo.ElementUserSaveVo;
 import com.dragoninfo.dcuc.auth.element.vo.EnvElementSaveVo;
 import com.dragoninfo.dcuc.auth.element.vo.RespEnvElementVo;
+import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.List;
+
 /**
  * @author mazq
  * @date 2022/8/25
@@ -54,4 +59,38 @@ public interface IEnvElementFacade {
      */
     @DeleteMapping("deleteById/{id}")
     ResponseStatus deleteById(@PathVariable("id") String id);
+
+    /**
+     * 关联用户分页查询
+     * @param searchDTO
+     * @return
+     */
+    @PostMapping("userRelPage")
+    Page<ElementUserRelRespVo> userRelPage(@RequestBody SearchDTO searchDTO);
+
+    /**
+     * 保存用户关联关系
+     *
+     * @param relSaveVo
+     * @return
+     */
+    @PostMapping("userRelSave")
+    ResponseStatus userRelSave(@RequestBody ElementUserSaveVo relSaveVo);
+
+    /**
+     * 删除用户关联关系
+     *
+     * @param id
+     * @return
+     */
+    @DeleteMapping("deleteUserRel/{id}")
+    ResponseStatus deleteUserRel(@PathVariable("id") String id);
+
+    /**
+     * 非关联用户分页查询
+     * @param searchDTO
+     * @return
+     */
+    @PostMapping("notInUserRelPage")
+    Page<AuthUserVo> notInUserRelPage(@RequestBody SearchDTO searchDTO);
 }

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/power/facade/IAppFunInfoFacade.java

@@ -7,6 +7,7 @@ import com.dragoninfo.dcuc.auth.auth.dto.AppResourcesDto;
 import com.dragoninfo.dcuc.auth.auth.entity.AppFunInfo;
 import com.dragoninfo.dcuc.auth.auth.vo.AppFunInfoVo;
 import com.dragoninfo.dcuc.auth.auth.vo.TreeInfoVO;
+import com.dragoninfo.dcuc.auth.auth.vo.appfun.RespAppFunTreeVo;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
@@ -206,4 +207,12 @@ public interface IAppFunInfoFacade {
      */
     @PostMapping("apiFuncSearch")
     ResponseDTO<List<AppFunInfoDTO>> apiFuncSearch(@RequestBody SearchDTO searchDTO);
+
+    /**
+     * 获取角色关联的菜单树
+     * @param roleId
+     * @return
+     */
+    @GetMapping(value = "/menuTree")
+    List<RespAppFunTreeVo> getRoleMenuTree(@RequestParam("roleId") String roleId);
 }

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/securitypolicy/facade/IApiSecurityPolicyFacade.java

@@ -0,0 +1,25 @@
+package com.dragoninfo.dcuc.auth.securitypolicy.facade;
+
+import com.dragoninfo.dcuc.auth.api.vo.securitypolicy.req.AuthRiskOrderReqVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustMessageRespVO;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+/**
+ * @author mazq
+ * @date 2023/7/12
+ */
+@FeignClient(name = "dcuc-auth", path = "/dcuc/securityPolicyFacade")
+public interface IApiSecurityPolicyFacade {
+
+    /**
+     * 接收权限风险指令
+     *
+     * @param authRiskOrderReqVo 接收权限风险指令信息
+     * @return 状态
+     */
+    @PostMapping("risk-order")
+    ZeroTrustMessageRespVO riskOrder(@RequestBody AuthRiskOrderReqVo authRiskOrderReqVo);
+
+}

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/sub/facade/IAuthSubTaskTypeFacade.java

@@ -0,0 +1,56 @@
+package com.dragoninfo.dcuc.auth.sub.facade;
+
+import com.dragoninfo.dcuc.auth.sub.vo.tasktype.AuthSubTaskTypeVo;
+import com.dragoninfo.dcuc.auth.sub.vo.tasktype.TaskTypeTreeVo;
+import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
+import com.dragonsoft.duceap.base.entity.search.SearchDTO;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.data.domain.Page;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/2/13
+ */
+@FeignClient(name = "dcuc-auth",path = "/dcuc/auth/subTaskTypeFacade")
+public interface IAuthSubTaskTypeFacade {
+
+    /**
+     * 任务类型分页查询
+     *
+     * @param searchDTO
+     * @return
+     */
+    @PostMapping("pageSearch")
+    Page<AuthSubTaskTypeVo> pageSearch(@RequestBody SearchDTO searchDTO);
+
+    /**
+     * 任务类型导入
+     *
+     * @param fileId
+     * @return
+     */
+    @GetMapping("taskTypeImp")
+    ResponseStatus taskTypeImp(@RequestParam("fileId") String fileId);
+
+
+    /**
+     * 任务类型同步
+     * @return
+     */
+    @GetMapping("taskTypeSync")
+    ResponseStatus taskTypeSync();
+
+    /**
+     * 任务类型树
+     * @return
+     */
+    @GetMapping
+    List<TaskTypeTreeVo> taskTypeTree();
+
+}

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/token/facade/IAuthTokenFacade.java

@@ -1,13 +1,14 @@
 package com.dragoninfo.dcuc.auth.token.facade;
 
-import com.dragoninfo.dcuc.auth.api.vo.MessageRespVO;
-import com.dragoninfo.dcuc.auth.token.vo.TokenDetailRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustMessageRespVO;
+import com.dragoninfo.dcuc.auth.token.vo.TokenOnlineReqVo;
+import com.dragoninfo.dcuc.auth.token.vo.TokenOnlineRespVo;
 import com.dragoninfo.dcuc.auth.token.vo.TokenReceiveVO;
-import com.dragoninfo.dcuc.auth.token.vo.UserTokenInfoRespVO;
 import org.springframework.cloud.openfeign.FeignClient;
-import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import java.util.List;
 
 /**
  * @author mazq
@@ -17,42 +18,20 @@ import org.springframework.web.bind.annotation.RequestParam;
 public interface IAuthTokenFacade {
 
     /**
-     * 获取用户令牌详情
+     * 接收令牌
      *
-     * @param userTokenId
+     * @param tokenReceiveReqVoList
      * @return
      */
-    @GetMapping("getUserTokenInfo")
-    UserTokenInfoRespVO getUserTokenInfo(@RequestParam("userTokenId") String userTokenId);
+    @PostMapping("tokenReceive")
+    ZeroTrustMessageRespVO tokenReceive(@RequestBody List<TokenReceiveVO> tokenReceiveReqVoList);
 
     /**
-     * 获取应用令牌详情数据
-     *
-     * @param appTokenId
-     * @param needUserInfo
-     * @param needAppInfo
+     * 令牌在线查询
+     * @param reqVo
      * @return
      */
-    @GetMapping("getByAppTokenId")
-    TokenDetailRespVo getByAppTokenId(@RequestParam("appTokenId") String appTokenId, @RequestParam("needUserInfo") Boolean needUserInfo, @RequestParam("needAppInfo") Boolean needAppInfo);
+    @PostMapping("tokenOnlineQuery")
+    TokenOnlineRespVo tokenOnlineQuery(@RequestBody TokenOnlineReqVo reqVo);
 
-
-    /**
-     * 缓存用户令牌
-     *
-     * @param idcard
-     * @param userTokeId
-     * @param expiredTime
-     */
-    @GetMapping("cacheStandardUserToken")
-    void cacheStandardUserToken(@RequestParam("idcard") String idcard, @RequestParam("userTokeId") String userTokeId, @RequestParam("expiredTime") Integer expiredTime);
-
-    /**
-     * 接收令牌
-     *
-     * @param receiveVO
-     * @return
-     */
-    @PostMapping("tokenReceive")
-    MessageRespVO tokenReceive(TokenReceiveVO receiveVO);
 }

dcuc-auth-model/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>dcuc-auth</artifactId>
         <groupId>com.dragoninfo</groupId>
-        <version>2.4.3-tjdsj-SNAPSHOT</version>
+        <version>2.5.0-tjdsj-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/enums/securitypolicy/AuthTypeEnum.java

@@ -0,0 +1,53 @@
+package com.dragoninfo.dcuc.auth.api.enums.securitypolicy;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * <p>
+ * 权限类型
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/29
+ */
+public enum AuthTypeEnum implements ICodeEnum {
+
+    /**
+     * 应用
+     */
+    APP("app", "应用"),
+
+    /**
+     * 功能
+     */
+    FUNCTION("function", "功能"),
+
+    /**
+     * 服务
+     */
+    SERVICE("service", "服务"),
+
+    /**
+     * 数据
+     */
+    DATA("data", "数据");
+
+
+    private final String value;
+    private final String label;
+
+    AuthTypeEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/enums/zerotrust/ZeroTrustBusinessRespEnum.java

@@ -0,0 +1,82 @@
+package com.dragoninfo.dcuc.auth.api.enums.zerotrust;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * <p>
+ * 业务通用响应码
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/1
+ */
+public enum ZeroTrustBusinessRespEnum implements ICodeEnum {
+    /**
+     * 操作成功
+     */
+    SUCCESS("0000", "操作成功"),
+
+    /**
+     * 操作失败
+     */
+    OPERATE_FAIL("0001", "操作失败"),
+
+    /**
+     * 令牌失效
+     */
+    TOKEN_FAIL("0002", "令牌失效"),
+
+    /**
+     * 权限冻结
+     */
+    PERMISSION_FREEZE("0003", "权限冻结"),
+
+    /**
+     * 用户令牌解密失败
+     */
+    USER_TOKEN_DECODE_FAIL("1000", "用户令牌解密失败"),
+
+    /**
+     * 用户令牌不存在
+     */
+    USER_TOKEN_NOT_EXITS("1001", "用户令牌不存在"),
+
+    /**
+     * 应用令牌解密失败
+     */
+    APP_TOKEN_DECODE_FAIL("1002", "应用令牌解密失败"),
+    /**
+     * 应用令牌不存在
+     */
+    APP_TOKEN_NOT_EXITS("1003", "应用令牌不存在"),
+
+    /**
+     * 用户令牌不需要续期
+     */
+    USER_TOKEN_NO_RENEWAL("1004", "用户令牌不需要续期"),
+
+    /**
+     * 应用令牌不需要续期
+     */
+    APP_TOKEN_NO_RENEWAL("1005", "应用令牌不需要续期");
+
+    private final String value;
+
+    private final String label;
+
+
+    ZeroTrustBusinessRespEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return this.value;
+    }
+
+    @Override
+    public String getLabel() {
+        return this.label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/DataRespVO.java

@@ -1,51 +0,0 @@
-package com.dragoninfo.dcuc.auth.api.vo;
-
-import com.fasterxml.jackson.annotation.JsonProperty;
-import lombok.Data;
-
-/**
- * <p>
- *
- * </p>
- *
- * @author huangzqa
- * @date 2023/2/15
- */
-@Data
-public class DataRespVO<T> {
-
-    private String message;
-
-    /**
-     * 状态码
-     */
-    @JsonProperty("status_code")
-    private String statusCode;
-
-    /**
-     * 详细信息
-     */
-    private DataItemRespVO<T> data;
-
-    /**
-     * 设置业务枚举
-     *
-     * @param businessRespEnum 业务枚举
-     */
-    public static <T> DataRespVO<T> resultEnumMessage(BusinessRespEnum businessRespEnum) {
-        DataRespVO<T> dataRespVO = new DataRespVO<>();
-        dataRespVO.setStatusCode(businessRespEnum.getValue());
-        return dataRespVO;
-    }
-
-
-    public static <T> DataRespVO<T> success(T result) {
-        DataRespVO<T> dataRespVO = new DataRespVO<>();
-        dataRespVO.setStatusCode(BusinessRespEnum.SUCCESS.getValue());
-        DataItemRespVO<T> dataItemRespVO = new DataItemRespVO<>();
-        dataItemRespVO.setResult(result);
-        dataRespVO.setData(dataItemRespVO);
-        dataRespVO.setMessage("操作成功");
-        return dataRespVO;
-    }
-}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/securitypolicy/req/AuthRiskOrderReqVo.java

@@ -0,0 +1,49 @@
+package com.dragoninfo.dcuc.auth.api.vo.securitypolicy.req;
+
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustSignReqVO;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/29
+ */
+@ApiModel(value = "权限风险指令请求")
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class AuthRiskOrderReqVo extends ZeroTrustSignReqVO {
+
+    /**
+     * 撤销的用户唯一标识
+     */
+    @ApiModelProperty(value = "撤销的用户唯一标识", required = true)
+    private String pid;
+
+    /**
+     * 需要撤销的权限类型（app、function）
+     *
+     * @see com.dragoninfo.dcuc.auth.api.enums.securitypolicy.AuthTypeEnum
+     */
+    @ApiModelProperty(value = "需要撤销的权限类型（app、function）", required = true)
+    private String authType;
+
+    /**
+     * 需要撤销的资源标识，多个以英文逗号,分隔
+     */
+    @ApiModelProperty(value = "需要撤销的资源标识，多个以英文逗号,分隔", required = true)
+    private String resourceId;
+
+    /**
+     * 撤销权限的持续时间（单位秒）
+     */
+    @ApiModelProperty(value = "撤销权限的持续时间（单位秒）", required = true)
+    private Integer effectiveTime;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/AppAuthReqVO.java

@@ -0,0 +1,24 @@
+
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * <p>
+ * 应用级鉴权请求
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/1
+ */
+@Data
+public class AppAuthReqVO {
+    /**
+     * 用户令牌标识
+     */
+    @ApiModelProperty(value = "用户令牌标识")
+    private String userTokenId;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/DataAuthReqVO.java

@@ -0,0 +1,38 @@
+
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * <p>
+ * 数据鉴权请求
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/1
+ */
+@Data
+public class DataAuthReqVO {
+
+    /**
+     * 应用令牌标识
+     */
+    @ApiModelProperty(value = "应用令牌标识")
+    private String appTokenId;
+
+    /**
+     * 任务编码
+     */
+    @ApiModelProperty(value = "任务编码")
+    private String taskId;
+
+    /**
+     * 资源标识符
+     */
+    @ApiModelProperty(value = "资源标识符")
+    private String resourceId;
+
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/DataAuthRespVO.java

@@ -0,0 +1,33 @@
+
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+
+import lombok.Data;
+
+/**
+ * <p>
+ * 数据鉴权返回值
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/1
+ */
+@Data
+public class DataAuthRespVO {
+
+    /**
+     * 资源标识符
+     */
+    private String resourceId;
+
+    /**
+     * 数据项标识符，英文,号分隔
+     */
+    private String itemIdentifier;
+
+    public static DataAuthRespVO empty() {
+        DataAuthRespVO dataAuthRespVO = new DataAuthRespVO();
+        dataAuthRespVO.setResourceId("");
+        dataAuthRespVO.setItemIdentifier("");
+        return dataAuthRespVO;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/FunctionAuthReqVO.java

@@ -0,0 +1,32 @@
+
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * <p>
+ * 功能鉴权请求
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/1
+ */
+@Data
+public class FunctionAuthReqVO {
+
+    /**
+     * 应用令牌标识
+     */
+    @ApiModelProperty(value = "应用令牌标识")
+    private String appTokenId;
+
+    /**
+     * 任务编码
+     */
+    @ApiModelProperty(value = "任务编码")
+    private String taskId;
+
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/ServiceAuthReqVO.java

@@ -0,0 +1,31 @@
+
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * <p>
+ * 服务鉴权请求
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/1
+ */
+@Data
+public class ServiceAuthReqVO {
+
+    /**
+     * 应用令牌标识
+     */
+    @ApiModelProperty(value = "应用令牌标识")
+    private String appTokenId;
+
+    /**
+     * 任务编码
+     */
+    @ApiModelProperty(value = "任务编码")
+    private String taskId;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/UserOrgAuthReqVO.java

@@ -0,0 +1,33 @@
+
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+
+import lombok.Data;
+
+/**
+ * <p>
+ * 用户结构数据鉴权请求
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/1
+ */
+@Data
+public class UserOrgAuthReqVO {
+
+    /**
+     * 应用令牌标识
+     */
+    private String appTokenId;
+
+    /**
+     * 身份证号
+     */
+    private String idcard;
+
+    /**
+     * 机构编号
+     */
+    private String orgCode;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/ZeroTrustDataRespVO.java

@@ -0,0 +1,88 @@
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
+import com.dragoninfo.dcuc.auth.api.vo.DataItemRespVO;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/2/15
+ */
+@Data
+public class ZeroTrustDataRespVO<T> {
+
+    private String message;
+
+    /**
+     * 状态码
+     */
+    @JsonProperty("status_code")
+    private String statusCode;
+
+    /**
+     * 详细信息
+     */
+    private DataItemRespVO<T> data;
+
+    /**
+     * 设置业务枚举
+     *
+     * @param businessRespEnum 业务枚举
+     */
+    public static <T> ZeroTrustDataRespVO<T> resultEnumMessage(ZeroTrustBusinessRespEnum businessRespEnum) {
+        ZeroTrustDataRespVO<T> dataRespVO = new ZeroTrustDataRespVO<>();
+        dataRespVO.setStatusCode(businessRespEnum.getValue());
+        return dataRespVO;
+    }
+
+
+    public static <T> ZeroTrustDataRespVO<T> success(T result) {
+        ZeroTrustDataRespVO<T> dataRespVO = new ZeroTrustDataRespVO<>();
+        dataRespVO.setStatusCode(ZeroTrustBusinessRespEnum.SUCCESS.getValue());
+        DataItemRespVO<T> dataItemRespVO = new DataItemRespVO<>();
+        dataItemRespVO.setResult(result);
+        dataRespVO.setData(dataItemRespVO);
+        dataRespVO.setMessage("操作成功");
+        return dataRespVO;
+    }
+
+    public static <T> ZeroTrustDataRespVO<T> resultEnumMessage(ZeroTrustBusinessRespEnum respEnum, T result) {
+        ZeroTrustDataRespVO<T> dataRespVO = new ZeroTrustDataRespVO<>();
+        dataRespVO.setStatusCode(respEnum.getValue());
+        dataRespVO.setMessage(respEnum.getLabel());
+        DataItemRespVO<T> dataItemRespVO = new DataItemRespVO<>();
+        dataRespVO.setData(dataItemRespVO);
+        dataItemRespVO.setResult(result);
+        return dataRespVO;
+    }
+
+
+    /**
+     * 是否成功
+     *
+     * @return 是否成功
+     */
+    @JsonIgnore
+    public boolean isRespSuccess() {
+        return this.statusCode.equalsIgnoreCase(ZeroTrustBusinessRespEnum.SUCCESS.getValue());
+    }
+
+    /**
+     * 转换为ZeroTrustDataRespVO返回
+     *
+     * @param <T> 泛型
+     * @return Result返回
+     */
+    public <T> ZeroTrustDataRespVO<T> toDataRespVO() {
+        ZeroTrustDataRespVO<T> objectZeroTrustResultRespVO = new ZeroTrustDataRespVO<>();
+        objectZeroTrustResultRespVO.setStatusCode(statusCode);
+        objectZeroTrustResultRespVO.setMessage(message);
+        return objectZeroTrustResultRespVO;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/ZeroTrustMessageRespVO.java

@@ -0,0 +1,123 @@
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
+import com.dragoninfo.dcuc.auth.api.vo.BusinessRespEnum;
+import com.dragoninfo.dcuc.auth.api.vo.ResultRespVO;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
+
+/**
+ * <p>
+ * 用户令牌校验返回
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/1
+ */
+@Data
+public class ZeroTrustMessageRespVO {
+
+    /**
+     * “0000” 表示令牌有效；
+     * 其他值表示无效或接口调用出错
+     */
+    @JsonProperty("status_code")
+    private String statusCode;
+
+    /**
+     * 状态码对应的详细描述
+     */
+    private String message;
+
+    /**
+     * 设置请求参数异常
+     *
+     * @param message 异常信息
+     */
+    public static ZeroTrustMessageRespVO requestErrorMessage(String message) {
+        return messageEnumMessage(ZeroTrustBusinessRespEnum.OPERATE_FAIL, message);
+    }
+
+    /**
+     * 设置业务枚举
+     *
+     * @param businessRespEnum 业务枚举
+     */
+    public void setBusinessRespEnum(ZeroTrustBusinessRespEnum businessRespEnum) {
+        setStatusCode(businessRespEnum.getValue());
+        setMessage(businessRespEnum.getLabel());
+    }
+
+
+    /**
+     * 设置业务枚举
+     *
+     * @param businessRespEnum 业务枚举
+     */
+    public static ZeroTrustMessageRespVO messageEnumMessage(ZeroTrustBusinessRespEnum businessRespEnum) {
+        ZeroTrustMessageRespVO messageRespVO = new ZeroTrustMessageRespVO();
+        messageRespVO.setBusinessRespEnum(businessRespEnum);
+        return messageRespVO;
+    }
+
+    /**
+     * 设置请求参数异常
+     *
+     * @param businessRespEnum 枚举
+     * @param message          异常信息
+     */
+    public static ZeroTrustMessageRespVO messageEnumMessage(ZeroTrustBusinessRespEnum businessRespEnum, String message) {
+        ZeroTrustMessageRespVO messageRespVO = new ZeroTrustMessageRespVO();
+        messageRespVO.setStatusCode(businessRespEnum.getValue());
+        messageRespVO.setMessage(message);
+        return messageRespVO;
+    }
+
+    /**
+     * 是否成功
+     *
+     * @return 是否成功
+     */
+    @JsonIgnore
+    public boolean isRespSuccess() {
+        return this.statusCode.equalsIgnoreCase(BusinessRespEnum.SUCCESS.getValue());
+    }
+
+    /**
+     * 是否失败
+     *
+     * @return 是否失败
+     */
+    @JsonIgnore
+    public boolean isRespFail() {
+        return !isRespSuccess();
+    }
+
+    /**
+     * 转发Result返回
+     *
+     * @param <T> 泛型
+     * @return Result返回
+     */
+    public <T> ResultRespVO<T> toResultRespVO() {
+        ResultRespVO<T> objectResultRespVO = new ResultRespVO<>();
+        objectResultRespVO.setStatusCode(statusCode);
+        objectResultRespVO.setMessage(message);
+        return objectResultRespVO;
+    }
+
+
+    /**
+     * 转换为ZeroTrustDataRespVO返回
+     *
+     * @param <T> 泛型
+     * @return Result返回
+     */
+    public <T> ZeroTrustDataRespVO<T> toDataRespVO() {
+        ZeroTrustDataRespVO<T> objectZeroTrustResultRespVO = new ZeroTrustDataRespVO<>();
+        objectZeroTrustResultRespVO.setStatusCode(statusCode);
+        objectZeroTrustResultRespVO.setMessage(message);
+        return objectZeroTrustResultRespVO;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/ZeroTrustSignReqVO.java

@@ -0,0 +1,47 @@
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * <p>
+ * 验签请求
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/3
+ */
+@ApiModel(value = "验签请求")
+@Data
+public class ZeroTrustSignReqVO {
+
+    /**
+     * 接口调用方标识
+     * 接口调用方Id，用于检查接口调用的合法性，由认证服务分配并线下告知应用厂商。
+     */
+    @ApiModelProperty(value = "接口调用方标识")
+    private String callerId;
+
+    /**
+     * 接口调用时间戳
+     * 本次请求时的时间戳（1970至今的毫秒数），精确到毫秒。
+     * 服务会对该时间戳进行检验，时间偏差超过一定限度的将拒绝服务。
+     */
+    @ApiModelProperty(value = "接口调用时间戳")
+    private String callerTimestamp;
+
+    /**
+     * 接口调用随机值
+     * 本次请求时的随机字符串，如UUId。
+     */
+    @ApiModelProperty(value = "接口调用随机值")
+    private String callerNounce;
+
+    /**
+     * 签名
+     * 需采用签名算法对接口入参进行签名，以保证接口入参不被篡改，签名算法需具备安全性和高效性。
+     */
+    @ApiModelProperty(value = "签名")
+    private String callerSign;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/audit/dto/RiskPushLogDto.java

@@ -2,6 +2,7 @@ package com.dragoninfo.dcuc.auth.audit.dto;
 
 import lombok.Data;
 
+import javax.persistence.Column;
 import java.util.Date;
 
 /**
@@ -54,4 +55,9 @@ public class RiskPushLogDto {
      * 风险用户终端ip
      */
     private String terminalIPs;
+
+    /**
+     * 处理建议
+     */
+    private String handleOpinion;
 }

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/audit/dto/warningrule/ExceptionIpRule.java

@@ -0,0 +1,22 @@
+package com.dragoninfo.dcuc.auth.audit.dto.warningrule;
+
+/**
+ * @Author: qiuyu
+ * @Date: 2021/5/18 14:23
+ * @Description: 异常事件鉴权预警
+ */
+public class ExceptionIpRule {
+
+    /**
+     * 受限制的ip段,多个使用,隔开
+     */
+    private String limitIp;
+
+    public String getLimitIp() {
+        return limitIp;
+    }
+
+    public void setLimitIp(String limitIp) {
+        this.limitIp = limitIp;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/AppAuthResultDto.java

@@ -0,0 +1,26 @@
+package com.dragoninfo.dcuc.auth.auth.dto;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * 应用鉴权结果dto
+ *
+ * @author mazq
+ * @date 2023/3/8
+ */
+@Data
+public class AppAuthResultDto {
+
+    /**
+     * 人员id
+     */
+    private String openId;
+
+    /**
+     * 应用id集合
+     */
+    private List<String> appIds;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/approval/ApprovalBaseRespDto.java

@@ -0,0 +1,87 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval;
+
+import com.dragoninfo.dcuc.auth.sub.dto.zerotrust.tasktype.ApprovalResultEnum;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
+
+/**
+ * @author mazq
+ * 审批返回结果
+ */
+@Data
+public class ApprovalBaseRespDto {
+
+    /**
+     * “0000” 表示令牌有效；
+     * 其他值表示无效或接口调用出错
+     */
+    @JsonProperty("status_code")
+    private String statusCode;
+
+    /**
+     * 状态码对应的详细描述
+     */
+    private String message;
+
+    public ApprovalBaseRespDto success() {
+         this.messageEnumMessage(ApprovalResultEnum.SUCCESS);
+         return this;
+    }
+
+    /**
+     * 设置业务枚举
+     *
+     * @param businessRespEnum 业务枚举
+     */
+    public void setBusinessRespEnum(ApprovalResultEnum businessRespEnum) {
+        setStatusCode(businessRespEnum.getValue());
+        setMessage(businessRespEnum.getLabel());
+    }
+
+
+    /**
+     * 设置业务枚举
+     *
+     * @param businessRespEnum 业务枚举
+     */
+    public ApprovalBaseRespDto messageEnumMessage(ApprovalResultEnum businessRespEnum) {
+        this.setBusinessRespEnum(businessRespEnum);
+        return this;
+    }
+
+
+    /**
+     * 设置请求参数异常
+     *
+     * @param businessRespEnum 枚举
+     * @param message          异常信息
+     */
+    public ApprovalBaseRespDto messageEnumMessage(ApprovalResultEnum businessRespEnum, String message) {
+        ApprovalBaseRespDto respDto = new ApprovalBaseRespDto();
+        respDto.setStatusCode(businessRespEnum.getValue());
+        respDto.setMessage(message);
+        return respDto;
+    }
+
+    /**
+     * 是否成功
+     *
+     * @return 是否成功
+     */
+    @JsonIgnore
+    public boolean isRespSuccess() {
+        return this.statusCode.equalsIgnoreCase(ApprovalResultEnum.SUCCESS.getValue());
+    }
+
+    /**
+     * 是否失败
+     *
+     * @return 是否失败
+     */
+    @JsonIgnore
+    public boolean isRespFail() {
+        return !isRespSuccess();
+    }
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/approval/FlowApplyItemRespDTO.java

@@ -0,0 +1,36 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval;
+
+import lombok.Data;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/1
+ */
+@Data
+public class FlowApplyItemRespDTO {
+
+    /**
+     * 审批人id
+     */
+    private String uid;
+
+    /**
+     * 审批人名称
+     */
+    private String userName;
+
+    /**
+     * 审批人部门
+     */
+    private String unitCode;
+
+    /**
+     * 审批人部门名称
+     */
+    private String unitName;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/approval/FlowApplyReqDto.java

@@ -0,0 +1,89 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotBlank;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 审批流程申请Dto
+ *
+ * @author mazq
+ * @date 2023/4/4
+ */
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Data
+public class FlowApplyReqDto {
+
+
+    /**
+     * 应用令牌
+     */
+    @NotBlank
+    private String appTokenId;
+
+    /**
+     * 流程定义 Id
+     * 调用审批服务需先在审批中心注册流程，每个注册流程有唯一流程定义ID
+     */
+    @NotBlank
+    private String processDefId;
+
+    /**
+     * 流程标题
+     */
+    @NotBlank
+    private String title;
+
+    /**
+     * 任务类型
+     * “01”表示落地调查 “02”表示立线侦察 “03” 表示立案侦察 “04”表示任务初查 “05”表示刑事任务 “06” 表示重点对象管控 “07” 表示行政任务 “08” 表示权限变更
+     * “98” 表示平台演示 “99” 表示系統巡检
+     */
+    @NotBlank
+    private String taskClass;
+
+    /**
+     * 任务编号
+     * 审批流程所关联的任务唯一标识，任务id编码规则（共32位）：RWBH+公安机关组织机构代码（符合GA/T 380－2012的要求）+日期（格式YYYYMMDD）+8位流水号。如：RWBH0100000000002022030100000001
+     */
+    @NotBlank
+    private String taskId;
+
+    /**
+     * 表单
+     * “表名”：[{"字段 1":"值","字段 2":"值"}，{"字段 1":"值","字段2":"值"}]}
+     */
+    private Map<String, List<Map<String, String>>> bo = Collections.emptyMap();
+
+    /**
+     * 回调地址（应用开发的接收审批结果变动的地址）
+     */
+    private String callbackUrl;
+
+    /**
+     * 业务数据
+     * 扩展字段
+     */
+    private Map<String, String> bizData;
+
+    /**
+     * 电子签名
+     * 应采用国产密码算法对接口请求参数进行完整性保护
+     */
+    private String callerSign;
+
+
+    /**
+     * 业务流程唯一标识
+     */
+    private String businessKey;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/approval/FlowApplyRespDTO.java

@@ -0,0 +1,33 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * 开启流程返回
+ *
+ * @author mazq
+ * @date 2023/5/26
+ */
+@Data
+public class FlowApplyRespDTO {
+    /**
+     * 下节点ID
+     */
+    private String nextTaskNodeId;
+
+    /**
+     * 流程实例 Id
+     */
+    private String processInstId;
+
+    /**
+     * 任务实例ID
+     */
+    private String taskInstId;
+    /**
+     * 审批人列表
+     */
+    private List<FlowApplyItemRespDTO> reviewer;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/approval/FlowDetailRespDTO.java

@@ -0,0 +1,61 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * <p>
+ * 流程详情返回
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/1
+ */
+@Data
+public class FlowDetailRespDTO {
+    /**
+     * 申请人
+     */
+    private String createUser;
+    /**
+     * 流程名称
+     */
+    private String title;
+    /**
+     * 申请时间
+     * yyyy-MM-dd HH:mm:ss
+     */
+    private String createTime;
+    /**
+     * 流程状态、
+     * 流程状态01审批通过，02审批驳回，03审批中，04已撤销
+     *
+     * @see com.dragoninfo.dcuc.auth.approval.enumsource.ApproveStatusEnum
+     */
+    private String processStatus;
+    /**
+     * 流程实例ID
+     */
+    private String processInstId;
+    /**
+     * 流程状态
+     * 0 发起中 1 已完成 2 撤销 3冻结 4 终止 5指令失效 6流程撤回
+     *
+     * @see com.dragoninfo.dcuc.auth.approval.enumsource.FlowStatusEnum
+     */
+    private String status;
+
+    /**
+     * 审批结果
+     * 1 通过 0 不通过
+     */
+    private String result;
+
+    /**
+     * 审批节点数据
+     */
+    private List<FlowDetailSubTaskRespDTO> subTasks;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/approval/FlowDetailSubTaskRespDTO.java

@@ -0,0 +1,35 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval;
+
+import lombok.Data;
+
+/**
+ * <p>
+ * 审批节点数据
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/1
+ */
+@Data
+public class FlowDetailSubTaskRespDTO {
+
+    /**
+     * 任务节点名称
+     */
+    private String taskTitle;
+
+    /**
+     * 审批人
+     */
+    private String target;
+
+    /**
+     * 审批结果
+     */
+    private String result;
+
+    /**
+     * 备注
+     */
+    private String msg;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/approval/FlowOperateManageReqDto.java

@@ -0,0 +1,34 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+/**
+ * 审批流程管理dto
+ *
+ * @author mazq
+ * @date 2023/4/4
+ */
+@Data
+public class FlowOperateManageReqDto {
+
+    /**
+     * 应用令牌
+     */
+    @NotBlank
+    private String appTokenId;
+
+    /**
+     * 流程实例id
+     */
+    @NotBlank
+    private String processInstId;
+
+    /**
+     * 操作类型
+     * @see com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval.FlowActionTypeEnum
+     */
+    @NotBlank
+    private String actionType;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/approval/FlowSubmitReqDTO.java

@@ -0,0 +1,115 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval;
+
+import lombok.Builder;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * <p>
+ * 流程提交请求
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/1
+ */
+@Builder
+@Data
+public class FlowSubmitReqDTO {
+
+    /**
+     * 应用令牌ID
+     */
+    @NotBlank
+    private String appToken;
+
+    /**
+     * 用户令牌ID
+     */
+    @NotBlank
+    private String userToken;
+
+    /**
+     * 流程实例ID
+     */
+    @NotBlank
+    private String processInstId;
+
+    /**
+     * 任务实例ID
+     */
+    @NotBlank
+    private String taskInstId;
+
+    /**
+     * 审批结果
+     */
+    @NotBlank
+    private String result;
+
+    /**
+     * 任务类型
+     */
+    @NotBlank
+    private String taskClass;
+
+    /**
+     * 提请人员ID
+     */
+    @NotBlank
+    private String userCode;
+
+    /**
+     * 审批人ID
+     */
+    @NotBlank
+    private String reviewerCode;
+
+    /**
+     * 任务ID
+     */
+    private String taskId;
+
+    /**
+     * 流程变量
+     */
+    @NotNull
+    private Map<String, String> vars;
+
+    /**
+     * 业务审批方式
+     */
+    @NotBlank
+    private String approveType;
+
+    /**
+     * 业务审批方式地址
+     */
+    private String approveUrl;
+
+    /**
+     * 任务详情地址
+     */
+    private String taskUrl;
+
+    /**
+     * 表单
+     * “表名”：[{"字段 1":"值","字段 2":"值"}，{"字段 1":"值","字段2":"值"}]}
+     */
+    private Map<String, List<Map<String, String>>> bo;
+
+    /**
+     * 是否更新表单
+     */
+    private String updateBo;
+
+    /**
+     * 任务业务数据
+     */
+    private Map<String, Object> bizData;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/approval/FlowSubmitRespDTO.java

@@ -0,0 +1,31 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval;
+
+import lombok.Data;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/1
+ */
+@Data
+public class FlowSubmitRespDTO {
+
+    /**
+     * 流程实例ID
+     */
+    private String processInstId;
+
+    /**
+     * 任务实例ID
+     */
+    private String taskInstId;
+
+    /**
+     * 下一节点类型
+     */
+    private String nodeType;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/notify/AppAuthNotifyDto.java

@@ -0,0 +1,22 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.notify;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * @author mazq
+ * @date 2023/7/13
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class AppAuthNotifyDto {
+
+    private String userTokenId;
+
+    private String content;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/zerotrust/risk/AuthRiskDTO.java

@@ -0,0 +1,54 @@
+package com.dragoninfo.dcuc.auth.auth.dto.zerotrust.risk;
+
+import com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.risk.AuthRiskTypeEnum;
+import com.fasterxml.jackson.annotation.JsonFormat;
+import lombok.Builder;
+import lombok.Data;
+
+import java.util.Date;
+
+/**
+ * <p>
+ * 权限风险
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/20
+ */
+@Builder
+@Data
+public class AuthRiskDTO {
+    /**
+     * 风险类型
+     *
+     * @see AuthRiskTypeEnum
+     */
+    private String riskType;
+
+    /**
+     * 用户名
+     */
+    private String userName;
+
+    /**
+     * 鉴权者IP
+     */
+    private String authIp;
+
+    /**
+     * 风险发生时间
+     */
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
+    private Date riskAt;
+
+    /**
+     * 风险详情
+     */
+    private String detail;
+
+    /**
+     * 处理意见
+     */
+    private String handleOpinion;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/RoleInfo.java

@@ -2,40 +2,18 @@
 package com.dragoninfo.dcuc.auth.auth.entity;
 
 import com.dragonsoft.duceap.base.entity.persistent.IdEntity;
+import lombok.Data;
 import org.hibernate.annotations.GenericGenerator;
 
 import javax.persistence.*;
 import java.util.Date;
 
 //角色信息表
+@Data
 @Entity
 @Table(name = "T_ROLE_INFO")
 public class RoleInfo implements IdEntity<String> {
 
-	public RoleInfo() {
-	}
-
-	public RoleInfo(String id, String code, String name, String appId, String detail, String roleLevel, Integer initNumber,
-					String isActive, Date createTime, String creator, Date modifiedTime, String modifier,
-					String roleBusiness, String policeCategory, String isNotLimitCount, String remark) {
-		this.id = id;
-		this.code = code;
-		this.name = name;
-		this.appId = appId;
-		this.detail = detail;
-		this.roleLevel = roleLevel;
-		this.initNumber = initNumber;
-		this.isActive = isActive;
-		this.createTime = createTime;
-		this.creator = creator;
-		this.modifiedTime = modifiedTime;
-		this.modifier = modifier;
-		this.roleBusiness = roleBusiness;
-		this.policeCategory = policeCategory;
-		this.isNotLimitCount = isNotLimitCount;
-		this.remark = remark;
-	}
-
 	//可以直接使用: @Length(max=50,message="用户名长度不能大于50")显示错误消息
 	//columns START
 	@Id
@@ -107,154 +85,15 @@ public class RoleInfo implements IdEntity<String> {
 
 	@Column(name = "ROLE_TYPE")
 	private String roleType;
-	//columns END
 
 	@Column(name = "FACE_VERIFY_FLAG")
 	private String faceVerifyFlag;
 
-	public String getFaceVerifyFlag() {
-		return faceVerifyFlag;
-	}
-
-	public void setFaceVerifyFlag(String faceVerifyFlag) {
-		this.faceVerifyFlag = faceVerifyFlag;
-	}
-
-	public void setId(String value) {
-		this.id = value;
-	}
-
-	public String getId() {
-		return this.id;
-	}
-
-	public void setCode(String value) {
-		this.code = value;
-	}
-
-	public String getCode() {
-		return this.code;
-	}
-
-	public void setName(String value) {
-		this.name = value;
-	}
-
-	public String getName() {
-		return this.name;
-	}
-
-	public void setAppId(String value) {
-		this.appId = value;
-	}
-
-	public String getAppId() {
-		return this.appId;
-	}
-
-	public void setDetail(String value) {
-		this.detail = value;
-	}
-
-	public String getDetail() {
-		return this.detail;
-	}
-
-	public void setRoleLevel(String value) {
-		this.roleLevel = value;
-	}
-
-	public String getRoleLevel() {
-		return this.roleLevel;
-	}
-
-	public void setInitNumber(Integer value) {
-		this.initNumber = value;
-	}
-
-	public Integer getInitNumber() {
-		return this.initNumber;
-	}
-
-	public void setIsActive(String value) {
-		this.isActive = value;
-	}
-
-	public String getIsActive() {
-		return this.isActive;
-	}
-
-	public void setCreateTime(java.util.Date value) {
-		this.createTime = value;
-	}
-
-	public java.util.Date getCreateTime() {
-		return this.createTime;
-	}
-
-	public void setCreator(String value) {
-		this.creator = value;
-	}
-
-	public String getCreator() {
-		return this.creator;
-	}
-
-	public void setModifiedTime(java.util.Date value) {
-		this.modifiedTime = value;
-	}
-
-	public java.util.Date getModifiedTime() {
-		return this.modifiedTime;
-	}
-		
-	public void setModifier(String value) {
-		this.modifier = value;
-	}
-	
-	public String getModifier() {
-		return this.modifier;
-	}
-		
-	public void setRemark(String value) {
-		this.remark = value;
-	}
-	
-	public String getRemark() {
-		return this.remark;
-	}
-
-
-	public String getRoleBusiness() {
-		return roleBusiness;
-	}
-
-	public void setRoleBusiness(String roleBusiness) {
-		this.roleBusiness = roleBusiness;
-	}
-
-	public String getPoliceCategory() {
-		return policeCategory;
-	}
-
-	public void setPoliceCategory(String policeCategory) {
-		this.policeCategory = policeCategory;
-	}
-
-	public String getIsNotLimitCount() {
-		return isNotLimitCount;
-	}
-
-	public void setIsNotLimitCount(String isNotLimitCount) {
-		this.isNotLimitCount = isNotLimitCount;
-	}
-
-	public String getRoleType() {
-		return roleType;
-	}
+    /**
+     * 角色关键状态 LOCAL:本地角色 ALL:全局角色 默认本地角色
+     */
+    @Column(name = "ROLE_CATEGORY")
+    private String roleCategory = "LOCAL";
 
-	public void setRoleType(String roleType) {
-		this.roleType = roleType;
-	}
 }
 

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/ServiceAuthFlow.java

@@ -1,199 +0,0 @@
-//package com.dragoninfo.dcuc.auth.auth.entity;
-//
-//import com.dragonsoft.duceap.base.entity.persistent.IdEntity;
-//import lombok.Data;
-//import org.hibernate.annotations.GenericGenerator;
-//
-//import javax.persistence.*;
-//import java.util.Date;
-//
-///**
-// * 服务授权工单entity
-// * @author mazq
-// * @Description
-// * @create 2020-11-25
-// */
-//@Data
-//@Entity
-//@Table(name = "T_SERVICE_AUTH_FLOW")
-//public class ServiceAuthFlow implements IdEntity<String> {
-//
-//    @Id
-//    @GeneratedValue(generator="idGenerator")
-//    @GenericGenerator(name="idGenerator", strategy="uuid")
-//    @Column(name = "ID")
-//    private String id;
-//
-//    /**
-//     * 申请单号
-//     */
-//    @Column(name = "APPLICANT_ID")
-//    private String applicantId;
-//
-//    /**
-//     * 申请人身份证号
-//     */
-//    @Column(name = "APPLICANT_IDCARD")
-//    private String applicantIdcard;
-//
-//    /**
-//     * 申请人姓名
-//     */
-//    @Column(name = "APPLICANT_NAME")
-//    private String applicantName;
-//
-//    /**
-//     * 申请人联系方式
-//     */
-//    @Column(name = "APPLICANT_PHONE_NO")
-//    private String applicantPhoneNo;
-//
-//    /**
-//     * 申请机构code
-//     */
-//    @Column(name = "APPLICANT_ORG_CODE")
-//    private String applicantOrgCode;
-//
-//    /**
-//     * 申请机构名称
-//     */
-//    @Column(name = "APPLICANT_ORG_NAME")
-//    private String applicantOrgName;
-//
-//    /**
-//     * 应用代码
-//     */
-//    @Column(name = "APP_CODE")
-//    private String appCode;
-//
-//    /**
-//     * 应用名称
-//     */
-//    @Column(name = "APP_NAME")
-//    private String appName;
-//
-//
-//    /**
-//     * 应用管理单位名称
-//     */
-//    @Column(name = "APP_MANAGER_ORG_NAME")
-//    private String appManagerOrgName;
-//
-//
-//    /**
-//     * 应用管理单位code
-//     */
-//    @Column(name = "APP_MANAGER_ORG_CODE")
-//    private String appManagerOrgCode;
-//
-//    /**
-//     * 应用事权单位名称
-//     */
-//    @Column(name = "APP_ORG_NAME")
-//    private String appOrgName;
-//
-//    /**
-//     * 应用事权单位code
-//     */
-//    @Column(name = "APP_ORG_CODE")
-//    private String appOrgCode;
-//
-//    /**
-//     * 工作单类型
-//     * SERVICE_AUTH-服务授权工作单 SERVICE_AUTH_CANCEL-服务权限撤销工作单
-//     */
-//    @Column(name = "FLOW_TYPE")
-//    private String flowType;
-//
-//    /**
-//     * 工作单状态
-//     * 根据审批服务工作流状态确定
-//     */
-//    @Column(name = "FLOW_STATUS")
-//    private String flowStatus;
-//
-//    /**
-//     * 消息Id
-//     */
-//    @Column(name = "MESSAGE_ID")
-//    private String messageId;
-//
-//    /**
-//     * 审批服务工作流id（作为外部id标识）
-//     */
-//    @Column(name = "FLOW_ID")
-//    private String flowId;
-//
-//    /**
-//     * 申请时间
-//     */
-//    @Column(name = "APPLY_TIME")
-//    private Date applyTime;
-//
-//    /**
-//     * 申请原因
-//     */
-//    @Column(name = "APPLY_REASON")
-//    private String applyReason;
-//
-//    /**
-//     * 服务资源codes （多个服务使用',' 隔开）
-//     */
-//    @Column(name = "SERVICE_CODES")
-//    private String serviceCodes;
-//
-//    /**
-//     * 服务资源名称 （多个服务使用',' 隔开）
-//     */
-//    @Column(name = "SERVICE_NAMES")
-//    private String serviceNames;
-//
-//    /**
-//     * 创建时间
-//     */
-//    @Column(name = "CREATE_TIME")
-//    private Date createTime;
-//
-//    /**
-//     * 更新时间
-//     */
-//    @Column(name = "UPDATE_TIME")
-//    private Date updateTime;
-//
-//    /**
-//     * 权限有效类型（01：自定义 | 02：长期）
-//     */
-//    @Column(name = "PERMISSION_VALID_TYPE")
-//    private String permissionValidType;
-//
-//    /**
-//     * 授权有效期起始时间
-//     */
-//    @Column(name = "START_TIME")
-//    private Date startTime;
-//
-//    /**
-//     * 授权有效期结束时间
-//     */
-//    @Column(name = "END_TIME")
-//    private Date endTime;
-//
-//    /**
-//     * 是否删除
-//     */
-//    @Column(name = "DELETED")
-//    private String deleted;
-//
-//    /**
-//     * 工作单结果说明
-//     */
-//    @Column(name = "REMARK")
-//    private String remark;
-//
-//    /**
-//     * 服务共享方式
-//     */
-//    @Column(name = "SERVICE_SHARED_WAY")
-//    private String serviceSharedWay;
-//
-//}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/zerotrust/ApprovalResult.java

@@ -0,0 +1,68 @@
+package com.dragoninfo.dcuc.auth.auth.entity.zerotrust;
+
+import com.dragonsoft.duceap.base.entity.persistent.IdEntity;
+import com.dragonsoft.duceap.core.persistent.audit.JpaAuditingEntityListener;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.hibernate.annotations.GenericGenerator;
+import org.hibernate.annotations.Where;
+
+import javax.persistence.*;
+
+/**
+ * @author mazq
+ * @date 2023/5/11
+ */
+@EntityListeners({JpaAuditingEntityListener.class})
+@EqualsAndHashCode(callSuper = true)
+@Data
+@Entity
+@Table(name = "T_AUTH_APPROVAL_RESULT")
+@Where(clause = "deleted = '0'")
+public class ApprovalResult extends BaseUpdateEntity implements IdEntity<String> {
+
+    /**
+     * 主键id
+     */
+    @Id
+    @GeneratedValue(generator="idGenerator")
+    @GenericGenerator(name="idGenerator", strategy="uuid")
+    private String id;
+
+    /** 流程实例 Id */
+    private String processInstId;
+
+    /** 流程发起人 */
+    private String openId;
+
+    /** 发起人姓名 */
+    private String userName;
+
+    /** 审批结果标识 “1”表示审批通过；“2”表示审批不通过 */
+    private String endFlag;
+
+    /** 流水号创建时间 */
+    private String taskIdDate;
+
+    /** 任务编号 */
+    private String taskId;
+
+    /** 流程定义标识 */
+    private String processDefId;
+
+    /** 业务唯一标识  */
+    private String businessKey;
+
+    /** 申请类型
+     *  @see ApprovalApplyTypeEnum
+     */
+    private String applyType;
+
+    /**
+     * 是否已经回调处理
+     * 0：没有  1：有
+     */
+    private String callBack;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/AuthRoleOrgRel.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/zerotrust/AuthRoleOrgRel.java

@@ -1,4 +1,4 @@
-package com.dragoninfo.dcuc.auth.auth.entity;
+package com.dragoninfo.dcuc.auth.auth.entity.zerotrust;
 
 import com.dragonsoft.duceap.base.annotations.audit.DeletedBy;
 import com.dragonsoft.duceap.base.annotations.audit.DeletedDate;

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/zerotrust/BaseEntity.java

@@ -0,0 +1,47 @@
+package com.dragoninfo.dcuc.auth.auth.entity.zerotrust;
+
+import com.dragonsoft.duceap.base.annotations.audit.DeletedBy;
+import com.dragonsoft.duceap.base.annotations.audit.DeletedDate;
+import lombok.Data;
+import org.springframework.data.annotation.CreatedBy;
+import org.springframework.data.annotation.CreatedDate;
+
+import javax.persistence.Column;
+import java.util.Date;
+
+/**
+ * 实体类公共字段
+ *
+ * @author mazq
+ * @date 2023/3/13
+ */
+@Data
+public class BaseEntity {
+
+    /** 创建人 */
+    @CreatedBy
+    @Column(name = "CREATE_USER")
+    private String createUser;
+
+    /** 创建时间 */
+    @CreatedDate
+    @Column(name = "CREATE_TIME")
+    private Date createTime;
+
+    /**
+     * 是否删除
+     */
+    @Column(name = "DELETED")
+    private String deleted = "0";
+
+    /** 删除人 */
+    @DeletedBy
+    @Column(name = "DELETE_USER")
+    private String deleteUser;
+
+    /** 删除时间 */
+    @DeletedDate
+    @Column(name = "DELETE_TIME")
+    private Date deleteTime;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/zerotrust/BaseUpdateEntity.java

@@ -0,0 +1,31 @@
+package com.dragoninfo.dcuc.auth.auth.entity.zerotrust;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.springframework.data.annotation.LastModifiedBy;
+import org.springframework.data.annotation.LastModifiedDate;
+
+import javax.persistence.Column;
+import java.util.Date;
+
+/**
+ * 实体类公共字段
+ *
+ * @author mazq
+ * @date 2023/3/13
+ */
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class BaseUpdateEntity extends BaseEntity {
+
+    /** 更新人 */
+    @LastModifiedBy
+    @Column(name = "UPDATE_USER")
+    private String updateUser ;
+
+    /** 更新时间 */
+    @LastModifiedDate
+    @Column(name = "UPDATE_TIME")
+    private Date updateTime ;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/zerotrust/RoleAuthApply.java

@@ -0,0 +1,69 @@
+package com.dragoninfo.dcuc.auth.auth.entity.zerotrust;
+
+import com.dragonsoft.duceap.base.entity.persistent.IdEntity;
+import com.dragonsoft.duceap.core.persistent.audit.JpaAuditingEntityListener;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.hibernate.annotations.GenericGenerator;
+import org.hibernate.annotations.Where;
+
+import javax.persistence.*;
+
+/**
+ * 角色授权申请操作内容
+ *
+ * @author mazq
+ * @date 2023/4/21
+ */
+@EqualsAndHashCode(callSuper = true)
+@EntityListeners({JpaAuditingEntityListener.class})
+@Data
+@Entity
+@Table(name = "T_AUTH_ROLE_AUTH_APPLY")
+@Where(clause = "deleted = '0'")
+public class RoleAuthApply extends BaseUpdateEntity implements IdEntity<String> {
+
+    /**
+     * 主键id
+     */
+    @Id
+    @GeneratedValue(generator="idGenerator")
+    @GenericGenerator(name="idGenerator", strategy="uuid")
+    private String id;
+
+    /**
+     * 操作申请人id
+     */
+    @Column(name = "USER_ID")
+    private String userId;
+
+    /**
+     * 应用id
+     */
+    @Column(name = "APP_ID")
+    private String appId;
+
+    /**
+     * 角色code
+     */
+    @Column(name = "ROLE_CODE")
+    private String roleCode;
+
+    /**
+     * 流程实例id
+     */
+    @Column(name = "PROCESS_INST_ID")
+    private String processInstId;
+
+    /**
+     * 任务节点实例id
+     */
+    @Column(name = "TASK_INST_ID")
+    private String taskInstId;
+
+    /**
+     * 审批结果
+     */
+    @Column(name = "APPROVAL_RESULT")
+    private String approvalResult;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/zerotrust/RoleOperateContent.java

@@ -0,0 +1,128 @@
+package com.dragoninfo.dcuc.auth.auth.entity.zerotrust;
+
+import com.dragonsoft.duceap.base.entity.persistent.IdEntity;
+import com.dragonsoft.duceap.core.persistent.audit.JpaAuditingEntityListener;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.hibernate.annotations.GenericGenerator;
+import org.hibernate.annotations.Where;
+
+import javax.persistence.*;
+import java.io.Serializable;
+
+/**
+ * 角色操作暂存内容
+ *
+ * @author mazq
+ * @date 2023/4/21
+ */
+@EqualsAndHashCode(callSuper = true)
+@EntityListeners({JpaAuditingEntityListener.class})
+@Data
+@Entity
+@Table(name = "T_AUTH_ROLE_OPERATE_CONTENT")
+@Where(clause = "deleted = '0'")
+public class RoleOperateContent extends BaseUpdateEntity implements IdEntity<String> {
+
+    /**
+     * 主键id
+     */
+    @Id
+    @GeneratedValue(generator="idGenerator")
+    @GenericGenerator(name="idGenerator", strategy="uuid")
+    private String id;
+
+    /**
+     * 申请操作类型 see RoleManageOpeTypeEnum
+     */
+    @Column(name = "OPERATE_TYPE")
+    private String operateType;
+
+    /**
+     * 操作申请人id
+     */
+    @Column(name = "USER_ID")
+    private String userId;
+
+    /**
+     * 角色id
+     */
+    @Column(name = "ROLE_ID")
+    private String roleId;
+
+    /**
+     * 角色code
+     */
+    @Column(name = "CODE")
+    private String code;
+
+    /**
+     * 角色name
+     */
+    @Column(name = "NAME")
+    private String name;
+
+    /**
+     * 应用id
+     */
+    @Column(name = "APP_ID")
+    private String appId;
+
+    /**
+     * 角色层级
+     */
+    @Column(name = "ROLE_LEVEL")
+    private String roleLevel;
+
+    /**
+     * 角色业务域
+     */
+    @Column(name = "ROLE_BUSINESS")
+    private String roleBusiness;
+
+    //警种
+    @Column(name = "POLICE_CATEGORY")
+    private String policeCategory;
+
+    /**
+     * 角色关键状态
+     */
+    @Column(name = "ROLE_CATEGORY")
+    private String roleCategory = "LOCAL";
+
+    /**
+     * 是否限制配额
+     */
+    @Column(name = "LIMIT_COUNT")
+    private String limitCount;
+
+/*    *//**
+     * 角色类型 LOCAL:本地角色 ALL:全局角色 默认本地角色
+     *//*
+    @Column(name = "ROLE_TUPE")
+    private String roleType = "LOCAL";*/
+
+    /**
+     * 业务回调唯一标识
+     */
+    @Column(name = "APPROVAL_BUSINESS_ID")
+    private String approvalBusinessId;
+
+    /**
+     * 流程实例id
+     */
+    @Column(name = "PROCESS_INST_ID")
+    private String processInstId;
+
+    /**
+     * 任务节点实例id
+     */
+    @Column(name = "TASK_INST_ID")
+    private String taskInstId;
+
+    /**
+     * 审批结果
+     */
+    @Column(name = "APPROVAL_RESULT")
+    private String approvalResult;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/RoleCategoryEnum.java

@@ -0,0 +1,49 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * @author mazq
+ * @date 2023/6/21
+ */
+public enum RoleCategoryEnum implements ICodeEnum {
+
+    /**
+     * 角色类型-全局角色
+     */
+    ALL("ALL", "全局角色"),
+
+    /**
+     * 角色类型-本地角色
+     */
+    LOCAL("LOCAL", "本地角色"),
+
+    ;
+
+    private String value;
+
+    private String label;
+
+    RoleCategoryEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/RoleManageOpeTypeEnum.java

@@ -0,0 +1,48 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * 角色生命周期管理操作类型
+ * @author mazq
+ * @date 2023/7/11
+ */
+public enum RoleManageOpeTypeEnum implements ICodeEnum {
+
+    /**
+     * 新增角色
+     */
+    ADD("ADD", "新增角色"),
+
+    /**
+     * 修改角色
+     */
+    UPDATE("UPDATE", "修改角色"),
+
+    /**
+     * 删除角色
+     */
+    DELETE("DELETE", "删除角色");
+
+    private String value;
+
+    private String label;
+
+    RoleManageOpeTypeEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return this.value;
+    }
+
+    @Override
+    public String getLabel() {
+        return this.label;
+    }
+
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/AmCallbackStatusEnum.java

@@ -0,0 +1,55 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * <p>
+ * 审批结果状态
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/7/4
+ */
+public enum AmCallbackStatusEnum implements ICodeEnum {
+
+    /**
+     * 审批通过
+     */
+    APPROVED("1", "审批通过"),
+
+    /**
+     * 审批不通过
+     */
+    NOT_APPROVED("2", "审批不通过");
+
+    private String value;
+
+    private String label;
+
+    AmCallbackStatusEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    public String toEndFlag() {
+        return this.value;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/AmFlowStatusEnum.java

@@ -0,0 +1,70 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * <p>
+ * 安盟审批状态
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/7/4
+ */
+public enum AmFlowStatusEnum implements ICodeEnum {
+
+    /**
+     * 审批中
+     */
+    ING("2", "审批中"),
+
+    /**
+     * 已申请待审批
+     */
+    PASS("1", "已审批"),
+
+    /**
+     * 已申请待审批
+     */
+    AWAIT("-1", "已申请待审批");
+
+
+    private String value;
+
+    private String label;
+
+    AmFlowStatusEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    public FlowStatusEnum toApproveStatusEnum() {
+        switch (this) {
+            case ING:
+            case AWAIT:
+                return FlowStatusEnum.INITIATING;
+            case PASS:
+                return FlowStatusEnum.FINISH;
+            default:
+                throw new UnsupportedOperationException();
+        }
+    }
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/ApprovalApplyTypeEnum.java

@@ -0,0 +1,47 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+public enum ApprovalApplyTypeEnum implements ICodeEnum {
+    /**
+     * 功能级权限申请
+     */
+    ROLE_AUTH_APPLY("功能级权限申请", "ROLE_AUTH_APPLY"),
+
+    /**
+     * 数据级权限申请
+     */
+    DATA_AUTH_APPLY("数据级权限申请", "DATA_AUTH_APPLY"),
+
+    /**
+     * 角色新增、修改、删除流程申请
+     */
+    ROLE_OPERATE("角色操作流程申请", "ROLE_OPERATE");
+
+    private String label;
+
+    private String value;
+
+    ApprovalApplyTypeEnum(String label, String value) {
+        this.label = label;
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/ApprovalEndFlagEnum.java

@@ -0,0 +1,48 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * 审批结果
+ *
+ * @author mazq
+ * @date 2023/4/6
+ */
+public enum ApprovalEndFlagEnum implements ICodeEnum {
+
+    /**
+     * 审批通过
+     */
+    AGREE("1", "审批通过"),
+    /**
+     * 审批不通过
+     */
+    DIS_AGREE("2", "审批不通过");
+
+    private String value;
+
+    private String label;
+
+    ApprovalEndFlagEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/ApprovalResultEnum.java

@@ -0,0 +1,47 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * 审批中心接口返回状态
+ *
+ * @author mazq
+ * @date 2023/4/6
+ */
+public enum ApprovalResultEnum implements ICodeEnum {
+    /**
+     * 成功
+     */
+    SUCCESS("0000", "成功"),
+    /**
+     * 失败
+     */
+    FAIL("0001", "失败");
+
+    ApprovalResultEnum(String value, String label) {
+        this.label = label;
+        this.value = value;
+    }
+
+    private String label;
+
+    private String value;
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/ApprovalSubmitResultEnum.java

@@ -0,0 +1,48 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * 审批提交
+ *
+ * @author mazq
+ * @date 2023/4/6
+ */
+public enum ApprovalSubmitResultEnum implements ICodeEnum {
+
+    /**
+     * 审批通过1
+     */
+    AGREE("0", "审批通过"),
+    /**
+     * 审批不通过
+     */
+    DIS_AGREE("1", "审批不通过");
+
+    private String value;
+
+    private String label;
+
+    ApprovalSubmitResultEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/ApprovalTypeEnum.java

@@ -0,0 +1,50 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * 审批方式
+ * 01审批中心审批
+ * 02业务系统审批
+ *
+ * @author mazq
+ * @date 2023/4/6
+ */
+public enum ApprovalTypeEnum implements ICodeEnum {
+
+    /**
+     * 审批中心审批
+     */
+    APPROVE_SERVICE("01", "审批中心审批"),
+    /**
+     * 业务系统审批
+     */
+    BUSINESS_SERVICE("02", "业务系统审批");
+
+    private String value;
+
+    private String label;
+
+    ApprovalTypeEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/ApproveStatusEnum.java

@@ -0,0 +1,57 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * <p>
+ * 审批状态
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/1
+ */
+public enum ApproveStatusEnum implements ICodeEnum {
+    /**
+     * 审批通过
+     */
+    PASS("审批通过", "01"),
+    /**
+     * 审批驳回
+     */
+    REJECT("审批驳回", "02"),
+    /**
+     * 审批中
+     */
+    ING("审批中", "03"),
+    /**
+     * 已撤销
+     */
+    REVOKED("已撤销", "04");
+
+    private String label;
+
+    private String value;
+
+    ApproveStatusEnum(String label, String value) {
+        this.label = label;
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/AuthApplyStatusEnum.java

@@ -0,0 +1,84 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+import java.util.Arrays;
+
+/**
+ * @author mazq
+ * @date 2021/2/22
+ */
+public enum AuthApplyStatusEnum implements ICodeEnum {
+
+    /**
+     * 失效
+     */
+    NOT_EFF("7", "失效"),
+
+    /**
+     * 同意
+     */
+    AGREE("6", "同意"),
+
+    /**
+     * 不同意
+     */
+    DIS_AGREE("5","不同意"),
+
+    /**
+     * 被终止
+     */
+    STOP("4", "终止"),
+
+    /**
+     * 主动撤销
+     */
+    CANCEL("3", "撤销"),
+
+    /**
+     * 申请中
+     */
+    APPLYING("2", "申请中"),
+
+    /**
+     * 保存
+     */
+    SAVING("1", "暂存");
+
+
+
+
+    private String label;
+    private String value;
+
+    AuthApplyStatusEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    public static AuthApplyStatusEnum getByStatusCode(String applyStatus) {
+       return Arrays.stream(values())
+               .filter(e-> e.getValue().equals(applyStatus))
+               .findAny()
+               .orElse(null);
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String lable) {
+        this.label = lable;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/FlowActionTypeEnum.java

@@ -0,0 +1,55 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * 审批中心工作流操作类型
+ *
+ * @author mazq
+ * @date 2023/4/4
+ */
+public enum FlowActionTypeEnum implements ICodeEnum {
+    /**
+     * 撤销
+     */
+    CANCEL("撤销", "01"),
+    /**
+     * 挂起
+     */
+    HANG_UP("挂起", "02"),
+    /**
+     * 冻结
+     */
+    FROZEN("冻结", "03"),
+    /**
+     * 终止
+     */
+    STOP("终止", "04"),
+    ;
+    private String label;
+
+    private String value;
+
+    FlowActionTypeEnum(String label, String value) {
+        this.label = label;
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/FlowCallBackTypeEnum.java

@@ -0,0 +1,63 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * 审批中心工作流处理结果
+ *
+ * @author mazq
+ * @date 2023/4/4
+ */
+public enum FlowCallBackTypeEnum implements ICodeEnum {
+    /**
+     * 流程结束
+     */
+    END("流程结束", "end"),
+    /**
+     * 流程撤销
+     */
+    CANCEL("流程撤销", "cancel"),
+    /**
+     * 流程删除
+     */
+    DELETE("流程删除", "delete"),
+    /**
+     * 终止
+     */
+    STOP("终止", "stop"),
+    /**
+     * 流程失效
+     */
+    NONE_EFFECTIVE("流程失效", "noneffective"),
+    /**
+     * 流程有效
+     */
+    EFFECTIVE("流程有效", "effective");
+
+    private String label;
+
+    private String value;
+
+    FlowCallBackTypeEnum(String label, String value) {
+        this.label = label;
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/FlowResultEnum.java

@@ -0,0 +1,51 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * 审批流程审批结果
+ *
+ * @author mazq
+ * @date 2023/6/5
+ */
+public enum FlowResultEnum implements ICodeEnum {
+
+    /**
+     * 审批通过
+     */
+    APPROVAL("通过", "1"),
+
+    /**
+     * 审批不通过
+     */
+    DIS_APPROVAL("不通过", "0"),
+
+    ;
+
+    private String label;
+
+    private String value;
+
+    FlowResultEnum(String label, String value) {
+        this.label = label;
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/approval/FlowStatusEnum.java

@@ -0,0 +1,76 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * <p>
+ * 流程状态
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/1
+ */
+public enum FlowStatusEnum implements ICodeEnum {
+
+    /**
+     * 发起中
+     */
+    INITIATING("发起中", "0"),
+
+    /**
+     * 已完成
+     */
+    FINISH("已完成", "1"),
+
+    /**
+     * 撤销
+     */
+    BACK_OUT("撤销", "2"),
+
+    /**
+     * 冻结
+     */
+    FREEZE("冻结", "3"),
+
+    /**
+     * 终止
+     */
+    TERMINATION("终止", "4"),
+
+    /**
+     * 指令失效
+     */
+    INSTRUCTION_INVALIDATION("指令失效", "5"),
+
+    /**
+     * 流程撤回
+     */
+    RECALL("流程撤回", "6");
+
+    private String label;
+
+    private String value;
+
+    FlowStatusEnum(String label, String value) {
+        this.label = label;
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/enumresources/zerotrust/risk/AuthRiskTypeEnum.java

@@ -0,0 +1,78 @@
+package com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.risk;
+
+import com.dragoninfo.dcuc.auth.audit.enums.RiskProgrammeTypeEnum;
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * @author huangzqa
+ * @date 2023/6/20
+ **/
+public enum AuthRiskTypeEnum implements ICodeEnum {
+
+    /**
+     * 非法IP鉴权
+     */
+    ABNORMAL_IP("ABNORMAL_IP", "非法IP鉴权"),
+    /**
+     * 非法时间鉴权
+     */
+    ABNORMAL_TIME("ABNORMAL_TIME", "非法时间鉴权"),
+
+    /**
+     * 频繁鉴权
+     */
+    FREQUENT_APPRAISAL("FREQUENT_APPRAISAL", "频繁鉴权"),
+
+    /**
+     * 频繁越权访问
+     */
+    FREQUENT_ULTRA_VIRES("FREQUENT_ULTRA_VIRES", "频繁越权访问"),
+
+    /**
+     * 频繁命中白名单鉴
+     */
+    FREQUENT_WHITE_LIST("FREQUENT_WHITE_LIST", "频繁命中白名单鉴"),
+
+    /**
+     * 条件缺失鉴权
+     */
+    INCOMPLETE_CONDITIONS("INCOMPLETE_CONDITIONS", "条件缺失鉴权");
+
+
+    private final String value;
+
+    private final String label;
+
+
+    AuthRiskTypeEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return this.value;
+    }
+
+    @Override
+    public String getLabel() {
+        return this.label;
+    }
+
+    public static AuthRiskTypeEnum parseRiskProgrammeTypeEnum(RiskProgrammeTypeEnum riskProgrammeTypeEnum) {
+        if (riskProgrammeTypeEnum == null) {
+            return null;
+        }
+        if (riskProgrammeTypeEnum.equals(RiskProgrammeTypeEnum.DSJPFJQFX)) {
+            return AuthRiskTypeEnum.FREQUENT_APPRAISAL;
+        } else if (riskProgrammeTypeEnum.equals(RiskProgrammeTypeEnum.JQBYTJBWZFX)) {
+            return AuthRiskTypeEnum.INCOMPLETE_CONDITIONS;
+        } else if (riskProgrammeTypeEnum.equals(RiskProgrammeTypeEnum.DSJPFHBMDMZFX)) {
+            return AuthRiskTypeEnum.FREQUENT_WHITE_LIST;
+        } else if (riskProgrammeTypeEnum.equals(RiskProgrammeTypeEnum.YHCXYQFWFX)) {
+            return AuthRiskTypeEnum.FREQUENT_ULTRA_VIRES;
+        }
+        return null;
+
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/appfun/RespAppFunTreeVo.java

@@ -0,0 +1,68 @@
+package com.dragoninfo.dcuc.auth.auth.vo.appfun;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ *
+ *
+ * @author mazq
+ */
+@Data
+@ApiModel("菜单树信息Vo")
+public class RespAppFunTreeVo {
+
+    private static final long serialVersionUID = -7566884439176698458L;
+
+    /**
+     * 代码
+     */
+    @ApiModelProperty("功能id")
+    private String id;
+
+    /**
+     *
+     */
+    @ApiModelProperty("名称")
+    private String name;
+
+    /**
+     * 功能代码
+     */
+    @ApiModelProperty("功能代码")
+    private String code;
+
+    /**
+     * 父节点id
+     */
+    @ApiModelProperty("父节点id")
+    private String parentId;
+
+    /**
+     * URL
+     */
+    @ApiModelProperty("URL")
+    private String url;
+
+    /**
+     * 排序
+     */
+    @ApiModelProperty("排序")
+    private Integer seq;
+
+    /**
+     * 是否是父节点
+     */
+    @ApiModelProperty("是否是父节点")
+    private Boolean isParent;
+
+    /**
+     * 子级列表
+     */
+    @ApiModelProperty("子级列表")
+    private List<RespAppFunTreeVo> children;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/approval/ApprovalCallBackReqVO.java

@@ -0,0 +1,28 @@
+package com.dragoninfo.dcuc.auth.auth.vo.zerotrust.approval;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+/**
+ * 审批回调地址
+ *
+ * @author huangzqa
+ * @date 2023/7/4
+ */
+@ApiModel("审批回调")
+@Data
+public class ApprovalCallBackReqVO {
+
+    private String type;
+    private String processInstId;
+    private String openId;
+    private String userName;
+    private String endFlag;
+    private String description;
+    private String taskId;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/roleauthapply/ApplyRoleInVo.java

@@ -0,0 +1,29 @@
+package com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleauthapply;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * @author mazq
+ * @date 2023/7/19
+ */
+@Data
+@ApiModel("角色授权申请内容")
+public class ApplyRoleInVo {
+
+    @ApiModelProperty(value = "应用id")
+    private String appId;
+
+    @ApiModelProperty(value = "应用名称")
+    private String appName;
+
+    @ApiModelProperty(value = "角色名称")
+    private String roleName;
+
+    @ApiModelProperty(value = "角色编码")
+    private String roleCode;
+
+    @ApiModelProperty(value = "是否是申请中的角色 0：否 1：是")
+    private String apply;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/roleauthapply/RoleAuthApplySaveVo.java

@@ -0,0 +1,24 @@
+package com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleauthapply;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * 角色授权申请保存Vo
+ * @author mazq
+ * @date 2023/7/19
+ */
+@Data
+@ApiModel(value = "角色授权申请保存Vo")
+public class RoleAuthApplySaveVo {
+
+    @ApiModelProperty(value = "申请人人员id")
+    private String userId;
+
+    @ApiModelProperty(value = "申请角色内容")
+    private List<ApplyRoleInVo> applyRoleInVos;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/rolemanage/RoleOperateApplyVo.java

@@ -0,0 +1,26 @@
+package com.dragoninfo.dcuc.auth.auth.vo.zerotrust.rolemanage;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author mazq
+ * @date 2023/4/21
+ */
+@Data
+@ApiModel(value = "角色操作申请Vo")
+public class RoleOperateApplyVo {
+
+    @NotNull
+    @ApiModelProperty
+    private RoleSaveVo roleSaveVo;
+
+    @NotBlank
+    @ApiModelProperty(value = "操作类型 ADD:新增 UPDATE:修改 DELETE:删除")
+    private String operate;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/rolemanage/RoleSaveVo.java

@@ -0,0 +1,57 @@
+package com.dragoninfo.dcuc.auth.auth.vo.zerotrust.rolemanage;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+/**
+ * @author mazq
+ * @date 2023/3/20
+ */
+@Data
+@ApiModel("角色信息保存Vo")
+public class RoleSaveVo {
+
+    @ApiModelProperty(value = "id 新增时可不传")
+    private String id;
+
+    @NotBlank
+    @ApiModelProperty(value = "角色代码")
+    private String code;
+
+    @NotBlank
+    @ApiModelProperty(value = "角色名称")
+    private String name;
+
+    @NotBlank
+    @ApiModelProperty(value = "应用ID")
+    private String appId;
+
+    @ApiModelProperty(value = "详细描述")
+    private String remark;
+
+    @ApiModelProperty(value = "角色层级:省厅、市局、分局、派出所")
+    private String roleLevel;
+
+    @ApiModelProperty(value = "业务域")
+    private String roleBusiness;
+
+    @ApiModelProperty(value = "角色类型 LOCAL:本地角色 ALL:全局角色")
+    private String roleCategory;
+
+    @NotBlank
+    @ApiModelProperty(value = "是否限制配额")
+    private String isNotLimitCount;
+
+    /**
+     * 警种
+     */
+    private String policeCategory;
+
+    /**
+     * 描述
+     */
+    private String detail;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/roleorgauth/RoleOrgAuthSaveVo.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/roleorgauth/RoleOrgAuthSaveVo.java

@@ -1,4 +1,4 @@
-package com.dragoninfo.dcuc.auth.auth.vo.roleorgauth;
+package com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleorgauth;
 
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/roleorgauth/RoleOrgAuthVo.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/roleorgauth/RoleOrgAuthVo.java

@@ -1,4 +1,4 @@
-package com.dragoninfo.dcuc.auth.auth.vo.roleorgauth;
+package com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleorgauth;
 
 import com.fasterxml.jackson.annotation.JsonFormat;
 import io.swagger.annotations.ApiModel;

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/element/vo/ElementUserRelRespVo.java

@@ -0,0 +1,37 @@
+package com.dragoninfo.dcuc.auth.element.vo;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * @author mazq
+ * @date 2022/8/25
+ */
+@Data
+@ApiModel(value = "环境要素-用户关联关系Vo")
+public class ElementUserRelRespVo {
+
+    @ApiModelProperty(value = "关联关系id")
+    private String id;
+
+    @ApiModelProperty(value = "人员id")
+    private String userId;
+
+    @ApiModelProperty(value = "环境要素id")
+    private String elementId;
+
+    @ApiModelProperty(value = "人员姓名")
+    private String userName;
+
+    @ApiModelProperty(value = "身份证号")
+    private String idcard;
+
+    @ApiModelProperty(value = "机构名称")
+    private String orgName;
+
+    @ApiModelProperty(value = "警号")
+    private String policeNumber;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/element/vo/ElementUserSaveVo.java

@@ -0,0 +1,27 @@
+package com.dragoninfo.dcuc.auth.element.vo;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/7/5
+ */
+@Data
+@ApiModel(value = "环境要素-用户关联关系保存Vo")
+public class ElementUserSaveVo {
+
+    @NotBlank
+    @ApiModelProperty(value = "环境要素id")
+    private String elementId;
+
+    @NotNull
+    @ApiModelProperty(value = "新增人员id集合")
+    private List<String> userIds;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/element/vo/EnvElementRespVo.java

@@ -0,0 +1,33 @@
+package com.dragoninfo.dcuc.auth.element.vo;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.util.Date;
+
+/**
+ * @author mazq
+ * @date 2022/8/25
+ */
+@Data
+@ApiModel(value = "环境要素Vo")
+public class EnvElementRespVo {
+
+    @ApiModelProperty(value = "id")
+    private String id;
+
+    @ApiModelProperty(value = "环境要素类型 码表值")
+    private String envElementType;
+
+    @ApiModelProperty(value = "环境要素名称")
+    private String envElementName;
+
+    @ApiModelProperty(value = "环境要素值")
+    private String envElementValue;
+
+    @ApiModelProperty(value = "创建时间")
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss",timezone="GMT+8")
+    private Date createTime;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/sub/dto/zerotrust/tasktype/ApprovalBaseRespDto.java

@@ -0,0 +1,86 @@
+package com.dragoninfo.dcuc.auth.sub.dto.zerotrust.tasktype;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
+
+/**
+ * @author mazq
+ * 审批返回结果
+ */
+@Data
+public class ApprovalBaseRespDto {
+
+    /**
+     * “0000” 表示令牌有效；
+     * 其他值表示无效或接口调用出错
+     */
+    @JsonProperty("status_code")
+    private String statusCode;
+
+    /**
+     * 状态码对应的详细描述
+     */
+    private String message;
+
+    public ApprovalBaseRespDto success() {
+         this.messageEnumMessage(ApprovalResultEnum.SUCCESS);
+         return this;
+    }
+
+    /**
+     * 设置业务枚举
+     *
+     * @param businessRespEnum 业务枚举
+     */
+    public void setBusinessRespEnum(ApprovalResultEnum businessRespEnum) {
+        setStatusCode(businessRespEnum.getValue());
+        setMessage(businessRespEnum.getLabel());
+    }
+
+
+    /**
+     * 设置业务枚举
+     *
+     * @param businessRespEnum 业务枚举
+     */
+    public ApprovalBaseRespDto messageEnumMessage(ApprovalResultEnum businessRespEnum) {
+        this.setBusinessRespEnum(businessRespEnum);
+        return this;
+    }
+
+
+    /**
+     * 设置请求参数异常
+     *
+     * @param businessRespEnum 枚举
+     * @param message          异常信息
+     */
+    public ApprovalBaseRespDto messageEnumMessage(ApprovalResultEnum businessRespEnum, String message) {
+        ApprovalBaseRespDto respDto = new ApprovalBaseRespDto();
+        respDto.setStatusCode(businessRespEnum.getValue());
+        respDto.setMessage(message);
+        return respDto;
+    }
+
+    /**
+     * 是否成功
+     *
+     * @return 是否成功
+     */
+    @JsonIgnore
+    public boolean isRespSuccess() {
+        return this.statusCode.equalsIgnoreCase(ApprovalResultEnum.SUCCESS.getValue());
+    }
+
+    /**
+     * 是否失败
+     *
+     * @return 是否失败
+     */
+    @JsonIgnore
+    public boolean isRespFail() {
+        return !isRespSuccess();
+    }
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/sub/dto/zerotrust/tasktype/ApprovalResultEnum.java

@@ -0,0 +1,47 @@
+package com.dragoninfo.dcuc.auth.sub.dto.zerotrust.tasktype;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * 审批中心接口返回状态
+ *
+ * @author mazq
+ * @date 2023/4/6
+ */
+public enum ApprovalResultEnum implements ICodeEnum {
+    /**
+     * 成功
+     */
+    SUCCESS("0000", "成功"),
+    /**
+     * 失败
+     */
+    FAIL("0001", "失败");
+
+    ApprovalResultEnum(String value, String label) {
+        this.label = label;
+        this.value = value;
+    }
+
+    private String label;
+
+    private String value;
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/sub/dto/zerotrust/tasktype/ExcelImpTaskType.java

@@ -0,0 +1,33 @@
+package com.dragoninfo.dcuc.auth.sub.dto.zerotrust.tasktype;
+
+import lombok.Data;
+
+/**
+ * 导入的任务类型
+ *
+ * @author mazq
+ * @date 2023/2/13
+ */
+@Data
+public class ExcelImpTaskType {
+
+    /**
+     * 在excel中的行数
+     */
+    private Integer rowNum;
+
+    /**
+     * 任务类型名称
+     */
+    private String taskTypeName;
+
+    /**
+     * 任务类型编码
+     */
+    private String taskTypeCode;
+
+    /**
+     * 上级编码
+     */
+    private String parentCode;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/sub/dto/zerotrust/tasktype/TaskInfoDetailResp.java

@@ -0,0 +1,40 @@
+package com.dragoninfo.dcuc.auth.sub.dto.zerotrust.tasktype;
+
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * <p>
+ * 任务详情
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/5/31
+ */
+@Data
+public class TaskInfoDetailResp {
+
+    /**
+     * 任务代码
+     */
+    @ApiModelProperty(value = "任务代码")
+    private String taskCode;
+
+    /**
+     * 任务名称
+     */
+    @ApiModelProperty(value = "任务名称")
+    private String taskName;
+
+    /**
+     * 任务类型代码
+     */
+    @ApiModelProperty(value = "任务类型代码")
+    private String taskClassCode;
+
+    /**
+     * 任务类型名称
+     */
+    @ApiModelProperty(value = "任务类型名称")
+    private String taskClassName;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/sub/dto/zerotrust/tasktype/TaskTypeInfoDto.java

@@ -0,0 +1,47 @@
+package com.dragoninfo.dcuc.auth.sub.dto.zerotrust.tasktype;
+
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * 任务类型返回内容
+ *
+ * @author mazq
+ * @date 2023/5/29
+ */
+@Data
+public class TaskTypeInfoDto {
+
+    /**
+     * 任务类型代码
+     */
+    @ApiModelProperty(value = "任务类型代码")
+    private String taskClassCode;
+    /**
+     * 任务类型名称
+     */
+    @ApiModelProperty(value = "任务类型名称")
+    private String taskClassName;
+    /**
+     * 父任务类型ID
+     */
+    @ApiModelProperty(value = "父任务类型ID")
+    private String parentId;
+    /**
+     * 父任务类型代码
+     */
+    @ApiModelProperty(value = "父任务类型代码")
+    private String parentClassCode;
+    /**
+     * 父任务类型名称
+     */
+    @ApiModelProperty(value = "父任务类型名称")
+    private String parentClassName;
+
+    /**
+     * 来源应用代码
+     */
+    @ApiModelProperty(value = "来源应用代码")
+    private String sourceAppCode;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/sub/dto/zerotrust/tasktype/TaskTypeReqDto.java

@@ -0,0 +1,20 @@
+package com.dragoninfo.dcuc.auth.sub.dto.zerotrust.tasktype;
+
+import cn.hutool.crypto.SecureUtil;
+import com.dragonsoft.duceap.commons.util.UUIDUtils;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+/**
+ * 任务类型查询dto
+ *
+ * @author mazq
+ * @date 2023/5/29
+ */
+@Data
+public class TaskTypeReqDto {
+
+    private String appTokenId;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/sub/enumresource/OperateTypeEnum.java

@@ -0,0 +1,43 @@
+package com.dragoninfo.dcuc.auth.sub.enumresource;
+
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * @author huanghy
+ * @date 2018/5/29 13:24
+ */
+public enum OperateTypeEnum implements ICodeEnum {
+
+    /**
+     * 新增
+     */
+    ADD("10", "新增"),
+    /**
+     * 修改
+     */
+    UPDATE("20", "修改"),
+    /**
+     * 删除
+     */
+    DELETE("30", "删除");
+
+
+    private final String value;
+    private final String label;
+
+    OperateTypeEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/sub/vo/tasktype/AuthSubTaskTypeVo.java

@@ -0,0 +1,33 @@
+package com.dragoninfo.dcuc.auth.sub.vo.tasktype;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import org.springframework.format.annotation.DateTimeFormat;
+
+import java.util.Date;
+
+/**
+ * @author mazq
+ * @date 2023/2/13
+ */
+@Data
+@ApiModel("任务类型Vo")
+public class AuthSubTaskTypeVo {
+
+    @ApiModelProperty(name = "主键id")
+    private String id;
+
+    @ApiModelProperty(name = "任务类型名称")
+    private String taskTypeName;
+
+    @ApiModelProperty(name = "任务类型编码")
+    private String taskTypeCode;
+
+    @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
+    @ApiModelProperty(name = "任务类型创建时间")
+    private Date createTime;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/sub/vo/tasktype/TaskTypeTreeVo.java

@@ -0,0 +1,36 @@
+package com.dragoninfo.dcuc.auth.sub.vo.tasktype;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ *
+ * @author mazq
+ * @date 2023/5/29
+ */
+@ApiModel("任务类型树结构Vo")
+@Data
+public class TaskTypeTreeVo {
+
+    @ApiModelProperty(value = "主键id")
+    private String id;
+
+    @ApiModelProperty(value = "任务类型名称")
+    private String name;
+
+    @ApiModelProperty(value = "任务类型编码")
+    private String code;
+
+    @ApiModelProperty(value = "父节点id")
+    private String pid;
+
+    @ApiModelProperty(value = "是否是父节点")
+    private Boolean isParent;
+
+    @ApiModelProperty(value = "子节点信息")
+    private List<TaskTypeTreeVo> children;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/enums/TokenActionEnum.java

@@ -0,0 +1,49 @@
+package com.dragoninfo.dcuc.auth.token.enums;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * <p>
+ * 令牌动作
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/8/1
+ */
+public enum TokenActionEnum implements ICodeEnum {
+    /**
+     * 上线
+     */
+    ONLINE("online", "上线"),
+
+    /**
+     * 下线
+     */
+    OFFLINE("offline", "下线"),
+
+    /**
+     * 续期
+     */
+    RENEW("renew", "续期"),
+
+    ;
+    private final String value;
+
+    private final String label;
+
+
+    TokenActionEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return this.value;
+    }
+
+    @Override
+    public String getLabel() {
+        return this.label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/enums/TokenTypeEnum.java

@@ -0,0 +1,37 @@
+package com.dragoninfo.dcuc.auth.token.enums;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * @author huangzqa
+ */
+
+public enum TokenTypeEnum implements ICodeEnum {
+    /**
+     * 用户令牌
+     */
+    USER("user", "用户令牌"),
+    /**
+     * 应用令牌
+     */
+    APP("app", "应用令牌");
+
+    private final String value;
+
+    private final String label;
+
+    TokenTypeEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/vo/AppTokenInfoRespVO.java

@@ -17,9 +17,9 @@ import java.util.Date;
 public class AppTokenInfoRespVO {
 
     /**
-     * 应用标识
+     * 应用令牌ID
      */
-    private String appId;
+    private String appTokenId;
 
     /**
      * 用户令牌创建时间
@@ -34,12 +34,17 @@ public class AppTokenInfoRespVO {
     private Date expireAt;
 
     /**
-     * 应用令牌ID
+     * 应用标识
      */
-    private String appTokenId;
+    private String appId;
 
     /**
      * 用户令牌详细信息
      */
     private UserTokenInfoRespVO userToken;
+
+    /**
+     * 应用令牌签名值
+     */
+    private String sign;
 }

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/vo/TokenOnlineReqVo.java

@@ -0,0 +1,21 @@
+package com.dragoninfo.dcuc.auth.token.vo;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * @author mazq
+ * @date 2023/6/21
+ */
+@Data
+@ApiModel("令牌在线查询Vo")
+public class TokenOnlineReqVo {
+
+    @ApiModelProperty(value = "用户令牌id")
+    private String userTokenId;
+
+    @ApiModelProperty(value = "应用令牌id")
+    private String appTokenId;
+    
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/vo/TokenOnlineRespVo.java

@@ -0,0 +1,21 @@
+package com.dragoninfo.dcuc.auth.token.vo;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * @author mazq
+ * @date 2023/6/21
+ */
+@Data
+@ApiModel("令牌在线查询结果")
+public class TokenOnlineRespVo {
+
+    @ApiModelProperty(value = "用户令牌是否在线")
+    private String userTokenOnline;
+
+    @ApiModelProperty(value = "应用令牌是否在线")
+    private String appTokenOnline;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/vo/UserTokenInfoRespVO.java

@@ -1,7 +1,6 @@
 package com.dragoninfo.dcuc.auth.token.vo;
 
 import com.fasterxml.jackson.annotation.JsonFormat;
-import com.fasterxml.jackson.annotation.JsonProperty;
 import lombok.Data;
 
 import java.util.Date;
@@ -18,14 +17,26 @@ import java.util.Date;
 public class UserTokenInfoRespVO {
 
     /**
-     * 用户标识
+     * 用户令牌id
      */
-    private String pid;
+    private String userTokenId;
 
     /**
-     * 用户名称
+     * 用户令牌创建时间
      */
-    private String name;
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
+    private Date createTime;
+
+    /**
+     * 用户令牌到期时间
+     */
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
+    private Date expireAt;
+
+    /**
+     * 用户标识
+     */
+    private String pid;
 
     /**
      * 组织机构编码
@@ -33,31 +44,28 @@ public class UserTokenInfoRespVO {
     private String orgCode;
 
     /**
-     * 终端设备标识
+     * 终端 IP 地址
      */
-    @JsonProperty("mId")
-    private String mId;
+    private String ip;
 
     /**
-     * 终端环境类型
+     * 终端设备标识
      */
-    private String env;
+    private String mid;
 
     /**
-     * 用户令牌创建时间
+     * 终端环境类型
      */
-    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
-    private Date createTime;
+    private String env;
 
     /**
-     * 用户令牌到期时间
+     * 用户名称
      */
-    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
-    private Date expireAt;
+    private String name;
 
     /**
-     * 用户令牌
+     * 令牌内容签名
      */
-    private String userTokenId;
+    private String sign;
 
 }

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/vo/ZeroTrustAppTokenInfoReqVO.java

@@ -0,0 +1,14 @@
+package com.dragoninfo.dcuc.auth.token.vo;
+
+import lombok.Data;
+
+/**
+ * @author mazq
+ * @date 2023/7/14
+ */
+@Data
+public class ZeroTrustAppTokenInfoReqVO {
+
+    private String appTokenId;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/vo/ZeroTrustUserTokenInfoReqVO.java

@@ -0,0 +1,15 @@
+package com.dragoninfo.dcuc.auth.token.vo;
+
+import lombok.Data;
+
+/**
+ * @author mazq
+ * @date 2023/7/14
+ */
+@Data
+public class ZeroTrustUserTokenInfoReqVO {
+    /**
+     * 用户令牌id
+     */
+    String userTokenId;
+}

dcuc-auth-service/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>dcuc-auth</artifactId>
         <groupId>com.dragoninfo</groupId>
-        <version>2.4.3-tjdsj-SNAPSHOT</version>
+        <version>2.5.0-tjdsj-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>dcuc-auth-service</artifactId>
@@ -38,6 +38,15 @@
             <artifactId>duceap-boot-starter</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>com.dragonsoft</groupId>
+            <artifactId>sm-tools-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.dragonsoft</groupId>
+            <artifactId>sm-tools-local</artifactId>
+        </dependency>
+
         <!--配置 duceap 结束-->
         <!--配置 dcuc 开始-->
         <dependency>
@@ -55,13 +64,13 @@
         <dependency>
             <groupId>com.dragoninfo</groupId>
             <artifactId>dcuc-common</artifactId>
-            <version>2.0.1-SNAPSHOT</version>
+            <version>2.1.0-tjdsj-SNAPSHOT</version>
         </dependency>
 
         <dependency>
             <groupId>com.dragoninfo</groupId>
             <artifactId>dcuc-duceap-api</artifactId>
-            <version>2.1.2-SNAPSHOT</version>
+            <version>2.2.0-tjdsj-SNAPSHOT</version>
         </dependency>
         <!--配置 dcuc 结束-->
 
@@ -145,7 +154,6 @@
         <dependency>
             <groupId>com.dragonsoft</groupId>
             <artifactId>auditlog-qm-tj</artifactId>
-            <version>1.0.1-SNAPSHOT</version>
             <exclusions>
                 <exclusion>
                     <artifactId>joda-time</artifactId>
@@ -161,6 +169,30 @@
             <version>3.5.4</version>
         </dependency>
 
+        <dependency>
+            <groupId>com.github.dreamhead</groupId>
+            <artifactId>moco-core</artifactId>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>com.github.dreamhead</groupId>
+            <artifactId>moco-junit</artifactId>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>it.ozimov</groupId>
+            <artifactId>embedded-redis</artifactId>
+            <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <artifactId>slf4j-simple</artifactId>
+                    <groupId>org.slf4j</groupId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
         <!--配置第三方组件结束-->
     </dependencies>
     <packaging>${project.packaging}</packaging>
@@ -188,7 +220,7 @@
                                 </goals>
                                 <configuration>
                                     <!--排除licenseignore包，用来禁用许可开关，防止生产环境通过关闭开关，绕过许可-->
-<!--                                <excludeArtifactIds>duceap-support-licenseignore</excludeArtifactIds>-->
+                                    <!--                                <excludeArtifactIds>duceap-support-licenseignore</excludeArtifactIds>-->
                                     <excludeScope>provided</excludeScope>
                                     <outputDirectory>${project.build.directory}/lib</outputDirectory>
                                     <!--取消依赖包的时间戳-->

dcuc-auth-service/src/main/assembly/conf/application.yml

@@ -9,3 +9,14 @@ apollo:
     namespaces: application,dragonsoft.dcuc
   cluster: default
   meta: http://192.168.6.123:8080
+logging:
+  level:
+    org.apache.kafka.clients.NetworkClient: error
+  config: classpath:logback-dragon.xml
+dcuc:
+  auth:
+    zerotrust:
+      syslog:
+        host: 127.0.0.1
+        port: 514
+        facility: LOCAL0

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/AuthRedisConstant.java

@@ -10,32 +10,33 @@ public class AuthRedisConstant {
 
     }
 
+
     /**
      * 令牌命名空间
      */
-    public static final String REDIS_TOKEN_NAMESPACE = "DCUC-AUTH:";
+    public static final String REDIS_DCUC_AUTH_NAMESPACE = "DCUC-AUTH:";
     /**
      * 用户令牌命名空间
      */
-    public static final String REDIS_USER_TOKEN_NAMESPACE = REDIS_TOKEN_NAMESPACE + "USER:";
-
-    /**
-     * 标准规范用户令牌命令空间
-     */
-    public static final String REDIS_STANDARD_USER_TOKEN_NAMESPACE = REDIS_TOKEN_NAMESPACE + "STANDARD_USER:";
+    public static final String REDIS_USER_TOKEN_NAMESPACE = REDIS_DCUC_AUTH_NAMESPACE + "USER:";
 
     /**
      * BIM token命名空间
      */
-    public static final String REDIS_BIM_TOKEN_NAMESPACE = REDIS_TOKEN_NAMESPACE + "TOKEN";
+    public static final String REDIS_BIM_TOKEN_NAMESPACE = REDIS_DCUC_AUTH_NAMESPACE + "TOKEN";
 
     /**
      * BIM USER_TOKEN命名空间
      */
-    public static final String REDIS_BIM_USER_TOKEN_NAMESPACE = REDIS_TOKEN_NAMESPACE + "TASK_USER_TOKEN";
+    public static final String REDIS_BIM_USER_TOKEN_NAMESPACE = REDIS_DCUC_AUTH_NAMESPACE + "TASK_USER_TOKEN";
 
     /**
      * BIM APP_TOKEN命名空间
      */
-    public static final String REDIS_BIM_APP_TOKEN_NAMESPACE = REDIS_TOKEN_NAMESPACE + "TASK_APP_TOKEN";
+    public static final String REDIS_BIM_APP_TOKEN_NAMESPACE = REDIS_DCUC_AUTH_NAMESPACE + "TASK_APP_TOKEN";
+
+    /**
+     * 审批回调接口
+     */
+    public static final String REDIS_APPROVAL_CALL_BACK_NAMESPACE = REDIS_DCUC_AUTH_NAMESPACE + "APPROVAL_CALL_BACK:";
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/async/BusiEventPublisher.java

@@ -0,0 +1,43 @@
+package com.dragoninfo.dcuc.auth.async;
+
+import cn.hutool.core.collection.CollUtil;
+import com.dragoninfo.dcuc.auth.async.event.SecurityPolicyLogEvent;
+import com.dragoninfo.dcuc.auth.async.event.SendRiskInfoEvent;
+import com.dragoninfo.dcuc.auth.audit.dto.RiskPushLogDto;
+import com.dragoninfo.dcuc.auth.auth.securitypolicy.SecurityPolicyAuthenticationLogReqVO;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.scheduling.annotation.Async;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2022/9/28
+ */
+@Component
+public class BusiEventPublisher {
+
+    private ApplicationEventPublisher publisher;
+
+    @Autowired
+    public void setPublisher(ApplicationEventPublisher publisher) {
+        this.publisher = publisher;
+    }
+
+    @Async
+    public void sendRiskInfoEvent(List<RiskPushLogDto> riskPushLogList) {
+        if (CollUtil.isNotEmpty(riskPushLogList)) {
+            SendRiskInfoEvent sendRiskInfoEvent = new SendRiskInfoEvent(riskPushLogList);
+            publisher.publishEvent(sendRiskInfoEvent);
+        }
+    }
+
+    @Async
+    public void sendSecurityPolicyLogEvent(SecurityPolicyAuthenticationLogReqVO securityPolicyAuthenticationLogReqVO) {
+        SecurityPolicyLogEvent securityPolicyLogEvent = new SecurityPolicyLogEvent(securityPolicyAuthenticationLogReqVO);
+        publisher.publishEvent(securityPolicyLogEvent);
+    }
+
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/async/event/SecurityPolicyLogEvent.java

@@ -0,0 +1,32 @@
+package com.dragoninfo.dcuc.auth.async.event;
+
+import com.dragoninfo.dcuc.auth.auth.securitypolicy.SecurityPolicyAuthenticationLogReqVO;
+import org.springframework.context.ApplicationEvent;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/30
+ */
+public class SecurityPolicyLogEvent extends ApplicationEvent {
+
+    private final SecurityPolicyAuthenticationLogReqVO securityPolicyAuthenticationLogReqVO;
+
+    /**
+     * Create a new {@code ApplicationEvent}.
+     *
+     * @param source the object on which the event initially occurred or with
+     *               which the event is associated (never {@code null})
+     */
+    public SecurityPolicyLogEvent(SecurityPolicyAuthenticationLogReqVO securityPolicyAuthenticationLogReqVO) {
+        super(securityPolicyAuthenticationLogReqVO);
+        this.securityPolicyAuthenticationLogReqVO = securityPolicyAuthenticationLogReqVO;
+    }
+
+    public SecurityPolicyAuthenticationLogReqVO getSecurityPolicyAuthenticationLogReqVO() {
+        return securityPolicyAuthenticationLogReqVO;
+    }
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/async/event/SendRiskInfoEvent.java

@@ -0,0 +1,34 @@
+package com.dragoninfo.dcuc.auth.async.event;
+
+import com.dragoninfo.dcuc.auth.audit.dto.RiskPushLogDto;
+import org.springframework.context.ApplicationEvent;
+
+import java.util.List;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/30
+ */
+public class SendRiskInfoEvent extends ApplicationEvent {
+
+    private final List<RiskPushLogDto> riskPushLogList;
+
+    /**
+     * Create a new {@code ApplicationEvent}.
+     *
+     * @param source the object on which the event initially occurred or with
+     *               which the event is associated (never {@code null})
+     */
+    public SendRiskInfoEvent(List<RiskPushLogDto> riskPushLogList) {
+        super(riskPushLogList);
+        this.riskPushLogList = riskPushLogList;
+    }
+
+    public List<RiskPushLogDto> getRiskPushLogList() {
+        return riskPushLogList;
+    }
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/async/listener/QmAuditSendRiskInfoEventListener.java

@@ -0,0 +1,37 @@
+package com.dragoninfo.dcuc.auth.async.listener;
+
+import com.dragoninfo.dcuc.auth.async.event.SendRiskInfoEvent;
+import com.dragoninfo.dcuc.auth.audit.dto.RiskPushLogDto;
+import com.dragoninfo.dcuc.auth.audit.service.log.QmAuditPushService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationListener;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+/**
+ * 美亚审计发送风险信息
+ *
+ * @author mazq
+ * @date 2021/7/28
+ */
+@Slf4j
+@Service
+public class QmAuditSendRiskInfoEventListener implements ApplicationListener<SendRiskInfoEvent> {
+
+    private QmAuditPushService pushService;
+
+    @Autowired
+    public void setPushService(QmAuditPushService pushService) {
+        this.pushService = pushService;
+    }
+
+    @Override
+    public void onApplicationEvent(SendRiskInfoEvent event) {
+        List<RiskPushLogDto> riskPushLogList = event.getRiskPushLogList();
+
+        pushService.pushRiskLog(riskPushLogList);
+    }
+
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/async/listener/RzySyslogSendRiskInfoEventListener.java

@@ -0,0 +1,75 @@
+package com.dragoninfo.dcuc.auth.async.listener;
+
+import com.dragoninfo.dcuc.auth.async.event.SendRiskInfoEvent;
+import com.dragoninfo.dcuc.auth.audit.dto.RiskPushLogDto;
+import com.dragoninfo.dcuc.auth.audit.enums.RiskProgrammeTypeEnum;
+import com.dragoninfo.dcuc.auth.auth.dto.zerotrust.risk.AuthRiskDTO;
+import com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.risk.AuthRiskTypeEnum;
+import com.dragoninfo.dcuc.auth.constance.Constant;
+import com.dragonsoft.duceap.commons.util.enums.EnumUtils;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections4.CollectionUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.ApplicationListener;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/30
+ */
+@Slf4j
+@Component
+public class RzySyslogSendRiskInfoEventListener implements ApplicationListener<SendRiskInfoEvent> {
+
+    protected final Logger sysLogLogger = LoggerFactory.getLogger(Constant.AUTH_SYS_LOG_NAME);
+
+    @Override
+    public void onApplicationEvent(SendRiskInfoEvent event) {
+        List<RiskPushLogDto> riskPushLogList = event.getRiskPushLogList();
+        sendRiskLog(riskPushLogList);
+    }
+
+    /**
+     * 发生安全策略控制服务
+     *
+     * @param risksDtos 风险信息
+     */
+    private void sendRiskLog(List<RiskPushLogDto> risksDtos) {
+        if (CollectionUtils.isEmpty(risksDtos)) {
+            return;
+        }
+        ObjectMapper objectMapper = new ObjectMapper();
+        for (RiskPushLogDto risksDto : risksDtos) {
+            String riskType = risksDto.getRiskType();
+            RiskProgrammeTypeEnum riskProgrammeTypeEnum = EnumUtils.enumOf(RiskProgrammeTypeEnum.class, riskType);
+            AuthRiskTypeEnum riskTypeEnum = AuthRiskTypeEnum.parseRiskProgrammeTypeEnum(riskProgrammeTypeEnum);
+
+            if (riskTypeEnum != null) {
+                AuthRiskDTO authRiskDTO = AuthRiskDTO.builder()
+                        .riskType(riskTypeEnum.getValue())
+                        .userName(risksDto.getCreaterId())
+                        .authIp(risksDto.getTerminalIPs())
+                        .riskAt(risksDto.getCreateTime())
+                        .detail(risksDto.getRiskContent())
+                        .handleOpinion(risksDto.getHandleOpinion())
+                        .build();
+                try {
+                    String writeValueAsString = objectMapper.writeValueAsString(authRiskDTO);
+                    log.info("发送到安全策略控制服务风险信息：{}", writeValueAsString);
+                    sysLogLogger.info(writeValueAsString);
+                } catch (JsonProcessingException e) {
+                    log.error("parse error", e);
+                }
+            }
+        }
+    }
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/async/listener/SyslogSecurityPolicyLogListener.java

@@ -0,0 +1,36 @@
+package com.dragoninfo.dcuc.auth.async.listener;
+
+import com.dragoninfo.dcuc.auth.async.event.SecurityPolicyLogEvent;
+import com.dragoninfo.dcuc.auth.auth.securitypolicy.SecurityPolicyAuthenticationLogReqVO;
+import com.dragoninfo.dcuc.auth.constance.Constant;
+import com.dragonsoft.duceap.commons.util.json.JsonUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.ApplicationListener;
+import org.springframework.stereotype.Component;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/6/30
+ */
+@Slf4j
+@Component
+public class SyslogSecurityPolicyLogListener implements ApplicationListener<SecurityPolicyLogEvent> {
+    protected final Logger sysLogLogger = LoggerFactory.getLogger(Constant.AUTH_SYS_LOG_NAME);
+
+
+    @Override
+    public void onApplicationEvent(SecurityPolicyLogEvent event) {
+        SecurityPolicyAuthenticationLogReqVO securityPolicyAuthenticationLogReqVO = event.getSecurityPolicyAuthenticationLogReqVO();
+        String jsonString = JsonUtils.toJSONString(securityPolicyAuthenticationLogReqVO);
+        log.info("向安全策略控制服务发送鉴权日志：{}", jsonString);
+
+        sysLogLogger.info(jsonString);
+
+    }
+}