Merge branch 'release/v1.2.0' of http://192.168.0.144/dcuc-tjdsj/auth-service into mazq-jiekouyouhua-230523

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/IApprovalFacade.java

@@ -1,7 +1,9 @@
 package com.dragoninfo.dcuc.auth.auth.facade;
 
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustMessageRespVO;
 import com.dragoninfo.dcuc.auth.auth.dto.ApprovalDto;
 import com.dragoninfo.dcuc.auth.auth.entity.FuncApproval;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.approval.ApprovalCallBackReqVO;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
@@ -48,4 +50,13 @@ public interface IApprovalFacade {
 
     @PostMapping(value = "applyResult")
     ResponseDTO applyResult(@RequestBody ApprovalDto approvalDto);
+
+    /**
+     * 审批回调
+     *
+     * @param approvalCallBackReqVO 审批回调请求
+     * @return 状态
+     */
+    @PostMapping("callBack")
+    ZeroTrustMessageRespVO callBack(@RequestBody ApprovalCallBackReqVO approvalCallBackReqVO);
 }

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/entity/zerotrust/RoleOperateContent.java

@@ -96,11 +96,11 @@ public class RoleOperateContent extends BaseUpdateEntity implements IdEntity<Str
     @Column(name = "LIMIT_COUNT")
     private String limitCount;
 
-    /**
+/*    *//**
      * 角色类型 LOCAL:本地角色 ALL:全局角色 默认本地角色
-     */
+     *//*
     @Column(name = "ROLE_TUPE")
-    private String roleType = "LOCAL";
+    private String roleType = "LOCAL";*/
 
     /**
      * 业务回调唯一标识

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/approval/ApprovalCallBackReqVO.java

@@ -7,27 +7,22 @@ import lombok.Data;
 import javax.validation.constraints.NotBlank;
 
 /**
- * 安盟审批回调地址
+ * 审批回调地址
  *
  * @author huangzqa
  * @date 2023/7/4
  */
-@ApiModel("安盟审批回调地址")
+@ApiModel("审批回调")
 @Data
 public class ApprovalCallBackReqVO {
-    /**
-     * 流程实例ID
-     */
-    @NotBlank
-    @ApiModelProperty(value = "流程实例ID")
-    private String processInstId;
 
-    /**
-     * 审批结果状态
-     */
-    @NotBlank
-    @ApiModelProperty(value = "审批结果状态")
-    private String status;
+    private String type;
+    private String processInstId;
+    private String openId;
+    private String userName;
+    private String endFlag;
+    private String description;
+    private String taskId;
 
 
 }

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/rolemanage/RoleSaveVo.java

@@ -51,4 +51,13 @@ public class RoleSaveVo {
     @ApiModelProperty(value = "角色类型 LOCAL:本地角色 ALL:全局角色")
     private String roleType;
 
+    /**
+     * 警种
+     */
+    private String policeCategory;
+
+    /**
+     * 描述
+     */
+    private String detail;
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/async/listener/RzySyslogSendRiskInfoEventListener.java

@@ -13,7 +13,6 @@ import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections4.CollectionUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.ApplicationListener;
 import org.springframework.stereotype.Component;
 
@@ -29,7 +28,6 @@ import java.util.List;
  */
 @Slf4j
 @Component
-@ConditionalOnProperty(name = "dcuc.auth.zerotrust.security-policy.type", havingValue = "rzy")
 public class RzySyslogSendRiskInfoEventListener implements ApplicationListener<SendRiskInfoEvent> {
 
     protected final Logger sysLogLogger = LoggerFactory.getLogger(Constant.AUTH_SYS_LOG_NAME);

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/async/listener/SyslogSecurityPolicyLogListener.java

@@ -6,7 +6,6 @@ import com.dragoninfo.dcuc.auth.constance.Constant;
 import com.dragonsoft.duceap.commons.util.json.JsonUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.ApplicationListener;
 import org.springframework.stereotype.Component;
 
@@ -18,7 +17,6 @@ import org.springframework.stereotype.Component;
  * @author huangzqa
  * @date 2023/6/30
  */
-@ConditionalOnProperty(name = "dcuc.auth.zerotrust.security-policy.type", havingValue = "rzy")
 @Component
 public class SyslogSecurityPolicyLogListener implements ApplicationListener<SecurityPolicyLogEvent> {
     protected final Logger sysLogLogger = LoggerFactory.getLogger(Constant.AUTH_SYS_LOG_NAME);

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/ApprovalFacade.java

@@ -1,8 +1,11 @@
 package com.dragoninfo.dcuc.auth.auth.facade;
 
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustMessageRespVO;
 import com.dragoninfo.dcuc.auth.auth.dto.ApprovalDto;
 import com.dragoninfo.dcuc.auth.auth.service.IApprovalService;
 import com.dragoninfo.dcuc.auth.auth.entity.FuncApproval;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.approval.ApprovalCallBackReqVO;
+import com.dragoninfo.dcuc.auth.business.zerotrust.IApprovalBusiness;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
@@ -21,6 +24,9 @@ public class ApprovalFacade implements IApprovalFacade {
     @Autowired
     private IApprovalService iApprovalService;
 
+    @Autowired
+    private IApprovalBusiness iApprovalBusiness;
+
     @Override
     public ResponseDTO authApply(String appCode, String roleCode, String userIdCard, String approvalIdCard, String reason) {
         return iApprovalService.authApply(appCode, roleCode, userIdCard, approvalIdCard, reason);
@@ -50,4 +56,9 @@ public class ApprovalFacade implements IApprovalFacade {
     public ResponseDTO applyResult(ApprovalDto approvalDto) {
         return iApprovalService.applyResult(approvalDto);
     }
+
+    @Override
+    public ZeroTrustMessageRespVO callBack(ApprovalCallBackReqVO approvalCallBackReqVO) {
+      return  iApprovalBusiness.approvalCallBack(approvalCallBackReqVO);
+    }
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/RoleInfoFacade.java

@@ -82,7 +82,7 @@ public class RoleInfoFacade implements IRoleInfoFacade {
         String roleType = roleInfo.getRoleCategory();
         if (RoleCategoryEnum.ALL.getValue().equals(roleType)) {
             roleInfo.setRoleBusiness(null);
-            roleInfo.setRoleCategory(null);
+            //roleInfo.setRoleCategory(null);
             roleInfo.setRoleLevel(null);
         }
 

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/repo/zerotrust/RoleOperateContentRepository.java

@@ -7,6 +7,8 @@ import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 
+import java.util.List;
+
 /**
  * @author mazq
  * @date 2021/7/8
@@ -22,4 +24,8 @@ public interface RoleOperateContentRepository extends BaseRepository<RoleOperate
     @Modifying
     @Query(value = "UPDATE T_AUTH_ROLE_OPERATE_CONTENT SET APPROVAL_RESULT = :approvalResult WHERE ID = :id AND DELETED = '0'", nativeQuery = true)
     void updateApprovalResult(@Param("id") String id, @Param("approvalResult") String approvalResult);
+
+
+    @Query("from ElementUserRel  where elementId=:elementId ")
+    RoleOperateContent getUserIdByElementId(@Param("elementId") String elementId);
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/zerotrust/RoleOperateApplyServiceImpl.java

@@ -12,6 +12,7 @@ import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.rolemanage.RoleOperateApplyVo;
 import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.rolemanage.RoleSaveVo;
 import com.dragoninfo.dcuc.auth.business.zerotrust.IApprovalBusiness;
 import com.dragoninfo.dcuc.auth.config.zerotrust.ApprovalProperties;
+import com.dragoninfo.dcuc.auth.sub.enumresource.OperateTypeEnum;
 import com.dragoninfo.dcuc.common.utils.ResponseUtil;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.security.SecurityUser;
@@ -20,12 +21,14 @@ import com.dragonsoft.duceap.commons.util.UUIDUtils;
 import com.dragonsoft.duceap.commons.util.enums.EnumUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.domain.Example;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.time.LocalDate;
 import java.time.format.DateTimeFormatter;
 import java.util.Collections;
+import java.util.Optional;
 
 /**
  * 角色操作申请业务类
@@ -64,7 +67,7 @@ public class RoleOperateApplyServiceImpl implements IRoleOperateApplyService {
         RoleSaveVo roleSaveVo = roleOperateApplyVo.getRoleSaveVo();
         String operate = roleOperateApplyVo.getOperate();
         SecurityUser currentUser = UserContextUtils.getCurrentUser();
-        RoleManageOpeTypeEnum typeEnum = EnumUtils.enumOf(RoleManageOpeTypeEnum.class, operate);
+        OperateTypeEnum typeEnum = EnumUtils.enumOf(OperateTypeEnum.class, operate);
         String uuid = UUIDUtils.getUUID();
 
         // 先推送送审批
@@ -94,13 +97,20 @@ public class RoleOperateApplyServiceImpl implements IRoleOperateApplyService {
         operateContent.setProcessInstId(processInstId);
         operateContent.setApprovalBusinessId(uuid);
         operateContent.setOperateType(typeEnum.getValue());
+        operateContent.setPoliceCategory(roleSaveVo.getPoliceCategory());
+        operateContent.setRoleBusiness(roleSaveVo.getRoleBusiness());
         repository.save(operateContent);
         return ResponseDTO.success("", (Object) null);
     }
 
     @Override
     public RoleOperateContent getByProcessInstIdId(String processInstId) {
-        return null;
+        RoleOperateContent content = new RoleOperateContent();
+        content.setProcessInstId(processInstId);
+        content.setRoleCategory(null);
+        Example<RoleOperateContent> example = Example.of(content);
+        Optional<RoleOperateContent> result = repository.findOne(example);
+        return result.orElse(null);
     }
 
     @Override

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/ApprovalBusinessImpl.java

@@ -27,6 +27,7 @@ import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.utils.UserContextUtils;
 import com.dragonsoft.duceap.commons.util.ObjectUtils;
+import com.dragonsoft.duceap.commons.util.UUIDUtils;
 import com.dragonsoft.duceap.commons.util.date.DateConst;
 import com.dragonsoft.duceap.commons.util.date.DateUtils;
 import com.dragonsoft.duceap.commons.util.enums.EnumUtils;
@@ -240,10 +241,10 @@ public class ApprovalBusinessImpl implements IApprovalBusiness {
 
     @Override
     public ZeroTrustMessageRespVO approvalCallBack(ApprovalCallBackReqVO approvalCallBackReqVO) {
-        log.info("接收到的安盟审批回调信息:{}", JSONUtil.toJsonStr(approvalCallBackReqVO));
+        log.info("接收到的审批回调信息:{}", JSONUtil.toJsonStr(approvalCallBackReqVO));
 
         String processInstId = approvalCallBackReqVO.getProcessInstId();
-        String status = approvalCallBackReqVO.getStatus();
+        String status = approvalCallBackReqVO.getEndFlag();
         ApprovalResult approvalResult = approvalResultService.getByProcessInstId(processInstId);
         if (ObjectUtils.isEmpty(approvalResult)) {
             log.error("processInstId {} can't find", processInstId);
@@ -318,6 +319,7 @@ public class ApprovalBusinessImpl implements IApprovalBusiness {
         roleInfo.setRoleCategory(roleOperateContent.getRoleCategory());
         roleInfo.setRoleBusiness(roleOperateContent.getRoleBusiness());
         roleInfo.setIsNotLimitCount(roleOperateContent.getLimitCount());
+        roleInfo.setIsActive("1");
         return roleInfo;
     }
 

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/ApproveRemoteCallBusinessImpl.java

@@ -1,6 +1,10 @@
 package com.dragoninfo.dcuc.auth.business.impl.zerotrust;
 
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.lang.Assert;
 import com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval.*;
+import com.dragoninfo.dcuc.auth.business.impl.zerotrust.dto.FlowApplyReqDTO;
+import com.dragoninfo.dcuc.auth.business.impl.zerotrust.dto.FlowDataRespDto;
 import com.dragoninfo.dcuc.auth.business.zerotrust.IApproveRemoteCallBusiness;
 import com.dragoninfo.dcuc.auth.config.zerotrust.ApprovalProperties;
 import com.dragoninfo.dcuc.auth.config.zerotrust.DcucAuthZerotrustConfig;
@@ -10,26 +14,34 @@ import com.dragoninfo.dcuc.auth.sub.dto.zerotrust.tasktype.TaskInfoDetailResp;
 import com.dragoninfo.dcuc.auth.sub.dto.zerotrust.tasktype.TaskTypeInfoDto;
 import com.dragoninfo.dcuc.auth.sub.entity.AuthSubTaskType;
 import com.dragoninfo.dcuc.auth.sub.service.IAuthSubTaskTypeService;
+import com.dragoninfo.dcuc.auth.util.ValidUtil;
 import com.dragoninfo.dcuc.common.utils.ResponseUtil;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
+import com.dragonsoft.duceap.commons.util.date.DateUtils;
 import com.dragonsoft.duceap.commons.util.json.JsonUtils;
 import com.dragonsoft.duceap.commons.util.string.StringUtils;
+import com.dragonsoft.smtools.loader.SMFactory;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.annotations.VisibleForTesting;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections4.CollectionUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Component;
 import org.springframework.web.client.RestTemplate;
 
+import java.util.Collections;
+import java.util.Date;
 import java.util.List;
+import java.util.Locale;
 import java.util.stream.Collectors;
 
 /**
@@ -50,6 +62,10 @@ public class ApproveRemoteCallBusinessImpl implements IApproveRemoteCallBusiness
 
     private IAuthSubTaskTypeService taskTypeService;
 
+    private SMFactory smFactory;
+
+    private ObjectMapper dragonObjectMapper;
+
     @Autowired
     public void setApprovalProperties(ApprovalProperties approvalProperties) {
         this.approvalProperties = approvalProperties;
@@ -65,6 +81,17 @@ public class ApproveRemoteCallBusinessImpl implements IApproveRemoteCallBusiness
         this.restTemplate = restTemplate;
     }
 
+    @Autowired
+    public void setSmFactory(SMFactory smFactory) {
+        this.smFactory = smFactory;
+    }
+
+    @Qualifier("dragonObjectMapper")
+    @Autowired
+    public void setDragonObjectMapper(ObjectMapper dragonObjectMapper) {
+        this.dragonObjectMapper = dragonObjectMapper;
+    }
+
     @Override
     public ResponseStatus syncTaskClass() {
         // 查询审批接口获取任务类型
@@ -98,12 +125,45 @@ public class ApproveRemoteCallBusinessImpl implements IApproveRemoteCallBusiness
 
     @Override
     public ResponseDTO<FlowApplyRespDTO> flowApply(FlowApplyReqDto flowApplyReqDto) {
-        return null;
+        FlowApplyReqDTO flowApplyReqDTO = new FlowApplyReqDTO();
+        flowApplyReqDTO.setAppTokenId(flowApplyReqDto.getAppTokenId());
+        flowApplyReqDTO.setProcessDefId(flowApplyReqDto.getProcessDefId());
+        flowApplyReqDTO.setTitle(flowApplyReqDto.getTitle());
+        flowApplyReqDTO.setTaskClass(flowApplyReqDto.getTaskClass());
+        flowApplyReqDTO.setTaskId(flowApplyReqDto.getTaskId());
+        flowApplyReqDTO.setBo(flowApplyReqDto.getBo());
+        flowApplyReqDTO.setCallbackUrl(flowApplyReqDto.getCallbackUrl());
+        flowApplyReqDTO.setBizData(flowApplyReqDto.getBizData());
+
+        String callerSign = generateCallerSign(flowApplyReqDTO);
+
+        flowApplyReqDTO.setCallerSign(callerSign);
+
+        ResponseDTO<FlowApplyRespDTO> responseDTO = beginFlow(flowApplyReqDTO);
+        if (ResponseUtil.isFail(responseDTO)) {
+            return ResponseUtil.dtoFail(responseDTO.getMessage());
+        }
+
+        FlowApplyRespDTO amFlowApplyRespDTO = ResponseUtil.getResult(responseDTO);
+
+        FlowApplyItemRespDTO flowApplyItemRespDTO = new FlowApplyItemRespDTO();
+        flowApplyItemRespDTO.setUid("不需要，先填空");
+
+        FlowApplyRespDTO flowApplyRespDTO = new FlowApplyRespDTO();
+        flowApplyRespDTO.setProcessInstId(amFlowApplyRespDTO.getProcessInstId());
+        flowApplyRespDTO.setReviewer(Collections.singletonList(flowApplyItemRespDTO));
+
+        return ResponseUtil.newInstance(flowApplyRespDTO);
     }
 
     @Override
     public ResponseDTO<FlowSubmitRespDTO> flowSubmit(FlowSubmitReqDTO flowSubmitReqDTO) {
-        return null;
+        String processInstId = flowSubmitReqDTO.getProcessInstId();
+
+        FlowSubmitRespDTO flowSubmitRespDTO = new FlowSubmitRespDTO();
+        flowSubmitRespDTO.setProcessInstId(processInstId);
+
+        return ResponseUtil.newInstance(flowSubmitRespDTO);
     }
 
     @Override
@@ -154,7 +214,7 @@ public class ApproveRemoteCallBusinessImpl implements IApproveRemoteCallBusiness
             JsonNode jsonNode = mapper.readTree(body);
             String statusCode = jsonNode.get("statusCode").asText();
             String message = jsonNode.get("message").asText();
-            if (ApprovalResultEnum.SUCCESS.getValue().equals(statusCode)) {
+            if ("200".equals(statusCode)) {
                 respDto = mapper.readValue(body, typeReference);
             } else {
                 return ResponseUtil.dtoFail(message);
@@ -204,4 +264,91 @@ public class ApproveRemoteCallBusinessImpl implements IApproveRemoteCallBusiness
         }
     }
 
+
+    /**
+     * 开启流程
+     *
+     */
+    protected ResponseDTO<FlowApplyRespDTO> beginFlow(FlowApplyReqDTO flowApplyReqDTO) {
+
+        String baseUrl = approvalProperties.getBaseUrl();
+        String url = baseUrl + "/api/v3/apply";
+        ResponseDTO<FlowApplyRespDTO> responseDTO = this.baseReqData(url, flowApplyReqDTO, "开启流程请求",
+                new TypeReference<FlowDataRespDto<FlowApplyRespDTO>>() {
+                });
+        return responseDTO;
+    }
+
+    /**
+     * 生成签名
+     *
+     * @param dto 请求参数
+     * @return 签名
+     */
+    @VisibleForTesting
+    protected String generateCallerSign(FlowApplyReqDTO dto) {
+        String appTokenId = dto.getAppTokenId();
+        String processDefId = dto.getProcessDefId();
+        String title = dto.getTitle();
+        Assert.notBlank(appTokenId);
+        Assert.notBlank(processDefId);
+        Assert.notBlank(title);
+        String origin = appTokenId + "," + processDefId + "," + title+","+dto.getTaskClass()
+                +","+dto.getTaskId()+","+dto.getCallbackUrl();
+        String summary = smFactory.getSM3().summary(origin).toString().toLowerCase(Locale.ROOT);
+        log.info("生成审批请求签名原文:{}", origin);
+        log.info("生成审批请求签名后的值:{}", summary);
+        return summary;
+    }
+
+    /**
+     * 基础操作
+     *
+     * @param url 路径
+     * @param req 请求参数
+     * @return 返回内容
+     */
+    protected <R, S> ResponseDTO<S> baseReqData(String url, R req, String requestName, TypeReference<FlowDataRespDto<S>> typeReference) {
+        // 打印请求参数
+        log.info(requestName + " 请求路径：{} 请求参数:{}", url, JsonUtils.toJSONString(req));
+        String errorTip = requestName + "失败";
+        ResponseStatus responseStatus = ValidUtil.validReqVo(req);
+        if (ResponseUtil.isFail(responseStatus)) {
+            log.error("request vo valid error:{}", responseStatus.getMessage());
+            return ResponseUtil.dtoFail(responseStatus.getMessage());
+        }
+
+        HttpEntity<R> entity = new HttpEntity<>(req);
+        ResponseEntity<String> exchange = restTemplate.exchange(url, HttpMethod.POST, entity, String.class);
+
+        if (!exchange.getStatusCode().is2xxSuccessful()) {
+            log.error("{} error. resp: {}", requestName, JsonUtils.toJSONString(exchange));
+            return ResponseUtil.dtoFail(errorTip);
+        }
+        String body = exchange.getBody();
+        if (StringUtils.isBlank(body)) {
+            log.error("{} error. resp: {}", requestName, JsonUtils.toJSONString(exchange));
+            return ResponseUtil.dtoFail(errorTip);
+        }
+
+        log.info("baseReq resp :{}", JsonUtils.toJSONString(exchange));
+
+        FlowDataRespDto<S> respDto;
+
+        try {
+            JsonNode jsonNode = dragonObjectMapper.readTree(body);
+            String statusCode = jsonNode.get("status_code").asText();
+            String message = jsonNode.get("message").asText();
+            if (ApprovalResultEnum.SUCCESS.getValue().equals(statusCode)) {
+                respDto = dragonObjectMapper.readValue(body, typeReference);
+            } else {
+                return ResponseUtil.dtoFail(message);
+            }
+        } catch (JsonProcessingException e) {
+            log.error("parse error.", e);
+            return ResponseUtil.dtoFail("返回值解析失败");
+        }
+
+        return ResponseUtil.newInstance(respDto.getData());
+    }
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/AuthTokenBusinessImpl.java

@@ -86,6 +86,11 @@ public class AuthTokenBusinessImpl implements IAuthTokenBusiness {
         this.userInfoService = userInfoService;
     }
 
+    @Autowired
+    public void setTokenBusiness(IAuthTokenBusiness tokenBusiness) {
+        this.tokenBusiness = tokenBusiness;
+    }
+
     @Override
     public UserTokenInfoRespVO getUserTokenInfo(String userTokenId) {
         // 从缓存获取的都是经过令牌签名校验的

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/dto/ApprovalBaseRespDto.java

@@ -0,0 +1,87 @@
+package com.dragoninfo.dcuc.auth.business.impl.zerotrust.dto;
+
+import com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval.ApprovalResultEnum;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
+
+/**
+ * @author mazq
+ * 审批返回结果
+ */
+@Data
+public class ApprovalBaseRespDto {
+
+    /**
+     * “0000” 表示令牌有效；
+     * 其他值表示无效或接口调用出错
+     */
+    @JsonProperty("status_code")
+    private String statusCode;
+
+    /**
+     * 状态码对应的详细描述
+     */
+    private String message;
+
+    public ApprovalBaseRespDto success() {
+         this.messageEnumMessage(ApprovalResultEnum.SUCCESS);
+         return this;
+    }
+
+    /**
+     * 设置业务枚举
+     *
+     * @param businessRespEnum 业务枚举
+     */
+    public void setBusinessRespEnum(ApprovalResultEnum businessRespEnum) {
+        setStatusCode(businessRespEnum.getValue());
+        setMessage(businessRespEnum.getLabel());
+    }
+
+
+    /**
+     * 设置业务枚举
+     *
+     * @param businessRespEnum 业务枚举
+     */
+    public ApprovalBaseRespDto messageEnumMessage(ApprovalResultEnum businessRespEnum) {
+        this.setBusinessRespEnum(businessRespEnum);
+        return this;
+    }
+
+
+    /**
+     * 设置请求参数异常
+     *
+     * @param businessRespEnum 枚举
+     * @param message          异常信息
+     */
+    public ApprovalBaseRespDto messageEnumMessage(ApprovalResultEnum businessRespEnum, String message) {
+        ApprovalBaseRespDto respDto = new ApprovalBaseRespDto();
+        respDto.setStatusCode(businessRespEnum.getValue());
+        respDto.setMessage(message);
+        return respDto;
+    }
+
+    /**
+     * 是否成功
+     *
+     * @return 是否成功
+     */
+    @JsonIgnore
+    public boolean isRespSuccess() {
+        return this.statusCode.equalsIgnoreCase(ApprovalResultEnum.SUCCESS.getValue());
+    }
+
+    /**
+     * 是否失败
+     *
+     * @return 是否失败
+     */
+    @JsonIgnore
+    public boolean isRespFail() {
+        return !isRespSuccess();
+    }
+
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/dto/FlowApplyReqDTO.java

@@ -0,0 +1,88 @@
+package com.dragoninfo.dcuc.auth.business.impl.zerotrust.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotBlank;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 安盟审批流程申请Dto
+ *
+ * @author huangzqa
+ * @date 2023/7/4
+ */
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Data
+public class FlowApplyReqDTO {
+
+
+    /**
+     * 应用令牌
+     */
+    @NotBlank
+    private String appTokenId;
+
+    /**
+     * 流程定义 Id
+     * 调用审批服务需先在审批中心注册流程，每个注册流程有唯一流程定义ID
+     */
+    @NotBlank
+    private String processDefId;
+
+    /**
+     * 流程标题
+     * 对应任务编号的任务名称(格式为申请任务名称+时间区间到秒的字符串，xxx20230628174811)
+     */
+    @NotBlank
+    private String title;
+
+    /**
+     * 任务类型
+     * 申请类型，1：权限申请
+     */
+    @NotBlank
+    private String taskClass;
+
+    /**
+     * 审批流程所关联的任务唯一标识，任务编号编码规则（共 32 位）：
+     * RWBH+公安机关组织机构代码（应符合 GA/T 380 的要求）+日期（由年月日时分秒组成的中国时区时间字符串，格式是 yyyy-MM-dd HH:mm:ss）+8 位流水号
+     */
+    @NotBlank
+    private String taskId;
+
+    /**
+     * 表单
+     * “表名”：[{"字段 1":"值","字段 2":"值"}，{"字段 1":"值","字段2":"值"}]}
+     */
+    private Map<String, List<Map<String, String>>> bo = Collections.emptyMap();
+
+    /**
+     * 回调地址（应用开发的接收审批结果变动的地址）
+     */
+    @NotBlank
+    private String callbackUrl;
+
+    /**
+     * 业务数据
+     * 扩展字段
+     */
+    private Map<String, String> bizData;
+
+    /**
+     * 电子签名
+     * 应采用国产密码算法对接口请求参数进行完整性保护
+     * 应采用国产密码算法对接口请求参数进行完整性保护
+     * （appTokenId ,processDefId,title用&符号链接后SM3加密(appTokenId &processDefId&title)）
+     */
+    @NotBlank
+    private String callerSign;
+
+
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/dto/FlowApplyRespDTO.java

@@ -0,0 +1,19 @@
+package com.dragoninfo.dcuc.auth.business.impl.zerotrust.dto;
+
+import lombok.Data;
+
+/**
+ * 安盟开启流程返回
+ *
+ * @author mazq
+ * @date 2023/5/26
+ */
+@Data
+public class FlowApplyRespDTO {
+
+    /**
+     * 流程实例 Id
+     */
+    private String processInstId;
+
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/dto/FlowDataRespDto.java

@@ -0,0 +1,23 @@
+package com.dragoninfo.dcuc.auth.business.impl.zerotrust.dto;
+
+import com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval.ApprovalResultEnum;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+/**
+ * 审批流程申请响应内容
+ *
+ * @author mazq
+ * @date 2023/4/4
+ */
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class FlowDataRespDto<T> extends ApprovalBaseRespDto {
+
+    private T data;
+
+    @Override
+    public boolean isRespSuccess() {
+        return this.getStatusCode().equals(ApprovalResultEnum.SUCCESS.getValue());
+    }
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/zerotrust/IApprovalBusiness.java

@@ -52,7 +52,7 @@ public interface IApprovalBusiness {
     ResponseDTO<FlowDetailRespDTO> flowDetail(String processInstId);
 
     /**
-     * 安盟审批回调
+     * 审批回调
      *
      * @param approvalCallBackReqVO 安盟审批回调请求
      * @return 状态

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/config/RestTemplateConfig.java

@@ -15,8 +15,8 @@ public class RestTemplateConfig {
     @Bean
     public RestTemplate restTemplate() {
         NoSSLHttpClientFactory factory = new NoSSLHttpClientFactory();
-        factory.setReadTimeout(5000);
-        factory.setConnectTimeout(5000);
+        factory.setReadTimeout(15000);
+        factory.setConnectTimeout(15000);
         return new RestTemplate(factory);
     }
 

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/config/zerotrust/AuthServiceConfig.java

@@ -0,0 +1,26 @@
+package com.dragoninfo.dcuc.auth.config.zerotrust;
+
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * @author mazq
+ * @date 2023/3/30
+ */
+@Slf4j
+@Configuration
+public class AuthServiceConfig {
+    @Qualifier("dragonObjectMapper")
+    @Bean()
+    public ObjectMapper dragonObjectMapper() {
+        ObjectMapper mapper = new ObjectMapper();
+        // 忽略不对应的字段
+        mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+        return mapper;
+    }
+
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/element/business/impl/EnvElementBusiness.java

@@ -115,7 +115,7 @@ public class EnvElementBusiness implements IEnvElementBusiness {
         String elementId = elementIdCondition.getValue().toString();
         Page<ElementUserRel> elementUserRels = getElementUserRels(searchable, elementId, userInfos);
         if (elementUserRels.isEmpty()) {
-            return new PageImpl(new ArrayList());
+            return new PageImpl(new ArrayList(), searchable.getPage(), 0);
         }
         // 用户查询为空再次查询用户
         if (null == userInfos) {
@@ -126,11 +126,11 @@ public class EnvElementBusiness implements IEnvElementBusiness {
                     .collect(Collectors.toList());
             userInfos = userInfoService.findByIds(userIds);
             if (CollectionUtils.isEmpty(userInfos)) {
-                return new PageImpl(new ArrayList());
+                return new PageImpl(new ArrayList(), searchable.getPage(), 0);
             }
         }
         Result<List<ElementUserRelRespVo>> result = getPageVos(elementUserRels, userInfos);
-        return new PageImpl(result.getContent(), Pageable.unpaged(), result.getTotalElements());
+        return new PageImpl(result.getContent(), searchable.getPage(), result.getTotalElements());
 
     }
 

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/sub/entity/AuthSubTaskType.java

@@ -6,8 +6,10 @@ import lombok.Data;
 import lombok.EqualsAndHashCode;
 import org.hibernate.annotations.GenericGenerator;
 import org.hibernate.annotations.Where;
+import org.springframework.data.annotation.CreatedDate;
 
 import javax.persistence.*;
+import java.util.Date;
 
 /**
  * 主体管理-任务类型
@@ -56,5 +58,10 @@ public class AuthSubTaskType extends BaseUpdateEntity {
      */
     @Column(name = "PARENT_CODE")
     private String parentCode;
+
+    /** 创建时间 */
+    @CreatedDate
+    @Column(name = "CREATE_TIME")
+    private Date createTime;
 }
 

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/util/ValidUtil.java

@@ -0,0 +1,155 @@
+package com.dragoninfo.dcuc.auth.util;
+
+import cn.hutool.core.lang.Assert;
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.core.util.StrUtil;
+import com.dragoninfo.dcuc.common.Constants;
+import com.dragoninfo.dcuc.common.utils.LangUtil;
+import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.extern.slf4j.Slf4j;
+import sun.reflect.generics.reflectiveObjects.ParameterizedTypeImpl;
+
+import javax.validation.ConstraintViolation;
+import javax.validation.Path;
+import javax.validation.Validation;
+import javax.validation.Validator;
+import java.lang.reflect.Field;
+import java.lang.reflect.Type;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2022/12/8
+ */
+@Slf4j
+public class ValidUtil {
+
+    /**
+     * 校验请求参数
+     *
+     * @param t   请求参数
+     * @param <T> 请求参数泛型
+     * @return 结果，错误信息
+     */
+    public static <T> ResponseStatus validReqVo(T t) {
+        Set<ConstraintViolation<T>> constraintViolationSet = getValidator().validate(t);
+        StringBuilder errorMessageBuilder = new StringBuilder();
+        for (ConstraintViolation<T> constraintViolation : constraintViolationSet) {
+            String message = constraintViolation.getMessage();
+            Path propertyPath = constraintViolation.getPropertyPath();
+            List<String> nodeNameList = new ArrayList<>();
+            for (Path.Node node : propertyPath) {
+                String name = node.getName();
+                nodeNameList.add(name);
+            }
+            Class<T> rootBeanClass = constraintViolation.getRootBeanClass();
+
+            String fieldName = getVoFieldName(nodeNameList, rootBeanClass);
+            Object invalidValue = constraintViolation.getInvalidValue();
+            String valueString = "";
+            if (ObjectUtil.isNotNull(invalidValue)) {
+                valueString = invalidValue.toString();
+            }
+
+            errorMessageBuilder.append(fieldName).append("：【").append(valueString)
+                    .append("】")
+                    .append(message)
+                    .append(Constants.CHINESE_COMMA);
+        }
+        String string = errorMessageBuilder.toString();
+        if (StrUtil.isNotBlank(string)) {
+            return ResponseStatus.fail(string);
+        }
+        return ResponseStatus.success();
+    }
+
+    /**
+     * 获取VO的中文名称
+     *
+     * @param nodeNameList  节点列表
+     * @param rootBeanClass 类
+     * @param <T>           泛型
+     * @return 获取后的中文名称
+     */
+    public static <T> String getVoFieldName(List<String> nodeNameList, Class<T> rootBeanClass) {
+        Assert.notNull(rootBeanClass);
+        StringBuilder stringBuilder = new StringBuilder();
+
+        Class<?> declaringClass = rootBeanClass;
+        for (int i = 0; i < nodeNameList.size(); i++) {
+            String nodeName = nodeNameList.get(i);
+            Field declaredField = null;
+            try {
+                declaredField = declaringClass.getDeclaredField(nodeName);
+            } catch (NoSuchFieldException e) {
+                log.error("getFiled error", e);
+            }
+            String apiModelPropertyName = getApiModelPropertyName(declaredField);
+            if (i < (nodeNameList.size() - 1)) {
+                stringBuilder.append(apiModelPropertyName).append(StrUtil.DASHED);
+                if (ObjectUtil.isNotNull(declaredField)) {
+                    Type genericType = declaredField.getGenericType();
+                    Type[] parameterizedType = ((ParameterizedTypeImpl) genericType).getActualTypeArguments();
+                    Class<?> childrenDeclaringClass = null;
+                    if (ObjectUtil.isNotNull(parameterizedType) && parameterizedType.length > 0) {
+                        String name = ((Class) parameterizedType[0]).getName();
+                        if (StrUtil.isNotBlank(name)) {
+                            try {
+                                childrenDeclaringClass = Class.forName(name);
+                            } catch (ClassNotFoundException e) {
+                                log.error("Class error", e);
+                            }
+                        }
+                    }
+
+                    if (ObjectUtil.isNull(childrenDeclaringClass)) {
+                        childrenDeclaringClass = declaredField.getType();
+                    }
+
+                    declaringClass = childrenDeclaringClass;
+                }
+            } else {
+                stringBuilder.append(apiModelPropertyName).append(Constants.CHINESE_COMMA);
+            }
+        }
+
+        return LangUtil.subLastSymbol(stringBuilder.toString(), Constants.CHINESE_COMMA);
+    }
+
+    /**
+     * 获取字段中 ApiModelProperty中的名称
+     *
+     * @param declaredField 字段
+     * @return 名称
+     */
+    public static String getApiModelPropertyName(Field declaredField) {
+        String nodeName = "";
+        if (ObjectUtil.isNotNull(declaredField)) {
+            ApiModelProperty apiModelProperty = declaredField.getAnnotation(ApiModelProperty.class);
+            if (ObjectUtil.isNotNull(apiModelProperty)) {
+                String value = apiModelProperty.value();
+                if (StrUtil.isNotBlank(value)) {
+                    nodeName = value;
+                }
+            }
+        }
+        return nodeName;
+    }
+
+    /**
+     * 获取校验器
+     *
+     * @return 校验器
+     */
+    private static Validator getValidator() {
+        return Validation.buildDefaultValidatorFactory()
+                .getValidator();
+    }
+}

dcuc-auth-service/src/main/resources/application-auth.yml

@@ -5,17 +5,15 @@ dcuc:
         host: 127.0.0.1
         port: 514
         facility: LOCAL0
-      security-policy:
-        type: rzy
       user-token-query-url:
       app-token-query-url:
       user-info-query-url:
       notify-app-url-list:
       approval:
-        base-url:
-        call-back-url:
-        role-operate-def-id:
-        role-manage-task-type:
+        base-url: http://10.11.0.168:8866/approve-gateway/approve-core/
+        call-back-url: http://10.11.0.240:8861/dcucauth/api/auth-service/v1/approval/call-back
+        role-operate-def-id: dcuc-function-auth-apply
+        role-manage-task-type: 222
     app-code: QXXT0000000000000001
     menu-noclear: true
     #服务变更通知
@@ -44,7 +42,7 @@ dcuc:
       data-auth-bus-code:
     audit-log:
       #是否开启kafka功能
-      kafka: true
+      kafka: false
       authentication-topic: 10000028
       authentication-groupId: auditlog
       authorize-topic: 10000029
@@ -62,7 +60,7 @@ dcuc:
     gm-enable: false
     gm-select-enable: false
     approval-center-url: http://10.254.11.185:8866/approve-gateway
-    user-center-url: http://10.11.1.237:8860/dcuc
+    user-center-url: http://10.201.1.50:8860/dcuc
     root-user-id: 402881cb4era66f4014b0ghd0b875485
     root-org-id: 7F08CCC3C4984A2586C9D3F0A6B804E5
     operator-idcard: '000000000000000001'

dcuc-auth-service/src/main/resources/config/mysql/V4_3_0032__AddAuthSubTask.sql

@@ -0,0 +1,65 @@
+CREATE TABLE T_AUTH_SUB_TASK_TYPE
+(
+    ID             VARCHAR(32) NOT NULL COMMENT 'ID 主键id',
+    TASK_TYPE_NAME VARCHAR(128) COMMENT 'TASK_TYPE_NAME 任务类型名称',
+    TASK_TYPE_CODE VARCHAR(32) COMMENT 'TASK_TYPE_CODE 任务类型编码',
+    DELETED        VARCHAR(5) DEFAULT '0' COMMENT 'DELETED 是否删除',
+    CREATE_USER    VARCHAR(32) COMMENT 'CREATE_USER 创建人',
+    CREATE_TIME    DATETIME DEFAULT CURRENT_TIMESTAMP COMMENT 'CREATE_TIME 创建时间',
+    UPDATE_USER    VARCHAR(32) COMMENT 'UPDATE_USER 更新人',
+    UPDATE_TIME    DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT 'UPDATE_TIME 更新时间',
+    DELETE_USER    VARCHAR(32) COMMENT 'DELETE_USER 删除人',
+    DELETE_TIME    DATETIME COMMENT 'DELETE_TIME 删除时间',
+    PRIMARY KEY (ID)
+) COMMENT = '任务类型 ';
+
+ALTER TABLE T_AUTH_SUB_TASK_TYPE
+    ADD INDEX T_AUTH_S_T_INX_T_CODE (TASK_TYPE_CODE);
+
+UPDATE T_AUTH_SUB_TASK_TYPE SET CREATE_TIME = now() WHERE CREATE_TIME IS NULL;
+alter table t_auth_sub_task_type modify TASK_TYPE_CODE varchar(50) null comment 'TASK_TYPE_CODE 任务类型编码';
+alter table t_auth_sub_task_type add PARENT_ID varchar(32) null comment '父级id';
+alter table t_auth_sub_task_type add PARENT_CODE varchar(50) null comment '父级id';
+
+INSERT INTO t_auth_menu_info (ID, NAME, CODE, APP_ID, PARENT_ID, URL, SHOW_MODE, IS_ACTIVE, SEQ, CREATE_TIME, CREATOR, MODIFIED_TIME, MODIFIER, REMARK, IS_SYSTEM, IS_HIDE, RESOURCE_TYPE) VALUES ('fca158d1b47d4d5d8e5ed8a5c6db1342', '主体环境要素管理', 'QXGL_SQGL_ZTGL_ZTHJYSGL', '00000000000000000000000000000000', '836d3a356a264300832841aa97b945e0', null, '1', '1', 4, null, null, null, null, null, '0', '0', null);
+
+CREATE TABLE T_AUTH_APPROVAL_RESULT(
+       ID VARCHAR(32) NOT NULL   COMMENT 'ID 主键id' ,
+       PROCESS_INST_ID VARCHAR(64)    COMMENT 'PROCESS_INST_ID 流程实例id' ,
+       OPEN_ID DATETIME    COMMENT 'OPEN_ID 流程发起人标识' ,
+       USER_NAME VARCHAR(32)    COMMENT 'USER_NAME 发起人姓名' ,
+       UPDATED_TIME DATETIME    COMMENT 'END_FLAG 审批结果标识 “1”表示审批通过； “2”表示审批不通过' ,
+       TASK_ID VARCHAR(32)    COMMENT 'TASK_ID 任务编号' ,
+       PROCESS_DEF_ID VARCHAR(64)    COMMENT 'PROCESS_DEF_ID 流程定义id' ,
+       BUSINESS_KEY VARCHAR(64)    COMMENT 'BUSINESS_KEY 业务标识' ,
+       APPLY_TYPE VARCHAR(32)    COMMENT 'APPLY_TYPE 申请类型' ,
+       DELETED VARCHAR(32)   DEFAULT '0' COMMENT 'DELETED 是否删除' ,
+       CREATE_USER VARCHAR(32)    COMMENT 'CREATE_USER' ,
+       CREATE_TIME VARCHAR(32)    COMMENT 'CREATE_TIME' ,
+       UPDATE_USER VARCHAR(32)    COMMENT 'UPDATE_USER' ,
+       UPDATE_TIME VARCHAR(32)    COMMENT 'UPDATE_TIME' ,
+       DELETE_USER VARCHAR(32)    COMMENT 'DELETE_USER' ,
+       DELETE_TIME VARCHAR(32)    COMMENT 'DELETE_TIME' ,
+       PRIMARY KEY (ID)
+) COMMENT = '审批结果表 ';
+
+alter table t_auth_approval_result modify TASK_ID varchar(50) null comment 'TASK_ID 任务编号';
+alter table t_auth_approval_result add TASK_ID_DATE varchar(20) null;
+
+ALTER TABLE T_AUTH_APPROVAL_RESULT ADD INDEX t_auth_a_r_inx_psid(PROCESS_INST_ID);
+
+alter table t_auth_approval_result
+    change UPDATED_TIME END_FLAG varchar(5) null comment 'END_FLAG 审批结果标识 “1”表示审批通过； “2”表示审批不通过';
+
+alter table t_auth_approval_result
+    modify OPEN_ID varchar(32) null comment 'OPEN_ID 流程发起人标识';
+
+alter table t_auth_approval_result
+    modify CREATE_TIME DATETIME null comment 'CREATE_TIME';
+
+alter table t_auth_approval_result
+    modify UPDATE_TIME DATETIME null comment 'UPDATE_TIME';
+
+alter table t_auth_approval_result
+    modify DELETE_TIME DATETIME null comment 'DELETE_TIME';
+