更新！

FullCardClient/src/main/java/com/zhongshu/card/client/model/org/OrganizationUserSearch.java

@@ -5,6 +5,7 @@ import com.zhongshu.card.client.model.base.SuperSearch;
 import com.zhongshu.card.client.type.OrganizationUserType;
 import com.zhongshu.card.client.type.Sex;
 import com.zhongshu.card.client.type.UserState;
+import com.zhongshu.card.client.type.user.OrgUserState;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 
@@ -17,6 +18,9 @@ import java.util.List;
 @Data
 public class OrganizationUserSearch extends SuperSearch {
 
+    @Schema(description = "用户状态")
+    private OrgUserState orgUserState;
+
     @Schema(description = "关键字")
     private String keyWord;
 

FullCardClient/src/main/java/com/zhongshu/card/client/model/org/role/RoleInit.java

@@ -0,0 +1,39 @@
+package com.zhongshu.card.client.model.org.role;
+
+import com.zhongshu.card.client.type.RoleType;
+import com.zhongshu.card.client.type.user.RoleInitType;
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.Builder;
+import lombok.Data;
+
+import java.util.Set;
+
+/**
+ * @author TRX
+ * @date 2025/2/14
+ */
+@Data
+@Builder
+public class RoleInit {
+
+    @Schema(description = "名称")
+    private String name;
+
+    @Schema(description = "编码")
+    private String code;
+
+    @Schema(description = "角色预制类型，如：管理员、游客")
+    private RoleInitType roleInitType;
+
+    @Schema(description = "是否是管理员")
+    private Boolean isAdmin = Boolean.FALSE;
+
+    @Schema(description = "角色类型: 系统内置、自定义")
+    private RoleType roleType;
+
+    @Schema(description = "是否是游客角色")
+    private Boolean isVisitor = Boolean.FALSE;
+
+    @Schema(description = "默认规定的权限")
+    private Set<String> auth = Set.of();
+}

FullCardClient/src/main/java/com/zhongshu/card/client/model/projectAbout/projectCommon/ProjectCommonConfigModel.java

@@ -1,12 +1,20 @@
 package com.zhongshu.card.client.model.projectAbout.projectCommon;
 
+import com.zhongshu.card.client.model.org.role.RoleModel;
 import com.zhongshu.card.client.type.PassWordDefaultType;
 import com.zhongshu.card.client.type.PassWordType;
+import com.zhongshu.card.client.type.config.LonginType;
+import com.zhongshu.card.client.type.config.RegisterExamineType;
+import com.zhongshu.card.client.type.config.RetrievePasswordType;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 
+import java.math.BigDecimal;
+import java.util.ArrayList;
+import java.util.List;
+
 /**
  * @author TRX
  * @date 2024/9/24
@@ -14,46 +22,68 @@ import lombok.NoArgsConstructor;
 @Data
 @AllArgsConstructor
 @NoArgsConstructor
-public class ProjectCommonConfigModel {
+public class ProjectCommonConfigModel extends ProjectCommonSuperParam {
+
+    //-------------------协议信息 start ------------------
+    @Schema(description = "用户协议")
+    private String userAgreement = "";
+
+    @Schema(description = "隐私政策")
+    private String privacyPolicy = "";
+
+    //-------------------注册控制 start-------------------
+
+    @Schema(description = "是否允许注册")
+    private Boolean isAllowRegister = Boolean.FALSE;
+
+    @Schema(description = "注册是否允许选择角色")
+    private Boolean isAllowSelectRole = Boolean.FALSE;
 
-    @Schema(description = "数据ID")
-    private String id;
+    @Schema(description = "注册时可以选择的角色")
+    private List<RoleModel> roles = new ArrayList<RoleModel>();
 
-    @Schema(description = "项目ID")
-    private String projectOid;
+    @Schema(description = "角色集合")
+    private List<String> roleIds = new ArrayList<>();
 
-    @Schema(description = "最小密码长度")
-    private Integer minPassWordLength = 6;
+    @Schema(description = "注册是否需要审核")
+    private Boolean isExamineRegister = Boolean.TRUE;
 
-    @Schema(description = "最小密码长度")
-    private Integer maxPassWordLength = 20;
+    @Schema(description = "审核范围")
+    private RegisterExamineType examineType = RegisterExamineType.All;
 
-    @Schema(description = "密码字符组合类型")
-    private PassWordType passWordType;
+    @Schema(description = "密码字符组合类型/强度")
+    private PassWordType passWordType = PassWordType.Weak;
 
+    //--------------------导入用户密码规则 start---------------
     @Schema(description = "默认密码设置类型")
-    private PassWordDefaultType passWordDefaultType;
+    private PassWordDefaultType passWordDefaultType = PassWordDefaultType.CardNumberLast6;
 
     @Schema(description = "这样的默认密码")
-    private String defaultPassWord;
+    private String defaultPassWord = "123abc";
 
-    @Schema(description = "默认用户头像")
-    private String defaultUserHead;
+    //-----------------------密码找回方式 start --------------
 
-    // --------------游客许可 ---------------
-    @Schema(description = "允许游客注册")
-    private Boolean isAllowRegister = Boolean.FALSE;
+    @Schema(description = "找回密码方式")
+    private List<RetrievePasswordType> retrievePasswordTypes = new ArrayList<>();
 
-    @Schema(description = "允许游客消费")
-    private Boolean isAllowConsume = Boolean.FALSE;
+    @Schema(description = "登录方式")
+    private List<LonginType> longinTypes = new ArrayList<>();
 
+    //-----------------------人脸照片管理 start---------------
 
-    //----------------协议信息 start---------
+    @Schema(description = "是否允许用户修改人脸数据")
+    private Boolean isAllowUpdateFace = Boolean.TRUE;
 
-    @Schema(description = "用户协议")
-    private String userAgreement = "";
+    @Schema(description = "是否开启人脸审核")
+    private Boolean isExamineFace = Boolean.FALSE;
 
-    @Schema(description = "隐私政策")
-    private String privacyPolicy = "";
+    @Schema(description = "人脸照片相似度(0-100)")
+    private Integer similarity = 80;
+
+    @Schema(description = "人脸识别照片上传数量限制")
+    private Integer maxFaceNumber = 3;
+
+    @Schema(description = "照片大小限制")
+    private BigDecimal maxSize = BigDecimal.valueOf(2);
 
 }

FullCardClient/src/main/java/com/zhongshu/card/client/model/projectAbout/projectCommon/ProjectCommonConfigParam.java

@@ -1,16 +1,21 @@
 package com.zhongshu.card.client.model.projectAbout.projectCommon;
 
+import com.zhongshu.card.client.model.base.ProjectOidParam;
+import com.zhongshu.card.client.model.org.role.RoleModel;
 import com.zhongshu.card.client.type.PassWordDefaultType;
 import com.zhongshu.card.client.type.PassWordType;
+import com.zhongshu.card.client.type.config.LonginType;
+import com.zhongshu.card.client.type.config.RegisterExamineType;
+import com.zhongshu.card.client.type.config.RetrievePasswordType;
 import io.swagger.v3.oas.annotations.media.Schema;
-import jakarta.validation.constraints.Max;
-import jakarta.validation.constraints.Min;
-import jakarta.validation.constraints.NotEmpty;
-import jakarta.validation.constraints.NotNull;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 
+import java.math.BigDecimal;
+import java.util.ArrayList;
+import java.util.List;
+
 /**
  * @author TRX
  * @date 2024/9/24
@@ -18,51 +23,58 @@ import lombok.NoArgsConstructor;
 @Data
 @AllArgsConstructor
 @NoArgsConstructor
-public class ProjectCommonConfigParam {
+public class ProjectCommonConfigParam extends ProjectCommonSuperParam {
+
+    //-------------------注册控制 start-------------------
+
+    @Schema(description = "是否允许注册")
+    private Boolean isAllowRegister = Boolean.FALSE;
+
+    @Schema(description = "注册是否允许选择角色")
+    private Boolean isAllowSelectRole = Boolean.FALSE;
 
-    @NotEmpty
-    @Schema(description = "项目id")
-    private String projectOid;
+    @Schema(description = "角色集合")
+    private List<String> roleIds = new ArrayList<>();
 
-    @Schema(description = "最小密码长度")
-    @Min(value = 4)
-    @Max(value = 20)
-    private Integer minPassWordLength = 6;
+    @Schema(description = "注册是否需要审核")
+    private Boolean isExamineRegister = Boolean.TRUE;
 
-    @Schema(description = "最小密码长度")
-    @Min(value = 4)
-    @Max(value = 20)
-    private Integer maxPassWordLength = 20;
+    @Schema(description = "审核范围")
+    private RegisterExamineType examineType = RegisterExamineType.All;
 
-    @Schema(description = "密码字符组合类型")
-    @NotNull
-    private PassWordType passWordType;
+    @Schema(description = "密码字符组合类型/强度")
+    private PassWordType passWordType = PassWordType.Weak;
 
+    //--------------------导入用户密码规则 start---------------
     @Schema(description = "默认密码设置类型")
-    private PassWordDefaultType passWordDefaultType;
+    private PassWordDefaultType passWordDefaultType = PassWordDefaultType.CardNumberLast6;
 
     @Schema(description = "这样的默认密码")
-    private String defaultPassWord;
+    private String defaultPassWord = "123abc";
 
-    @Schema(description = "默认用户头像")
-    private String defaultUserHead;
+    //-----------------------密码找回方式 start --------------
 
-    // --------------游客许可 ---------------
-    @Schema(description = "允许游客注册")
-    private Boolean isAllowRegister = Boolean.FALSE;
+    @Schema(description = "找回密码方式")
+    private List<RetrievePasswordType> retrievePasswordTypes = new ArrayList<>();
+
+    @Schema(description = "登录方式")
+    private List<LonginType> longinTypes = new ArrayList<>();
+
+    //-----------------------人脸照片管理 start---------------
+
+    @Schema(description = "是否允许用户修改人脸数据")
+    private Boolean isAllowUpdateFace = Boolean.TRUE;
 
-    @Schema(description = "允许游客消费")
-    private Boolean isAllowConsume = Boolean.FALSE;
+    @Schema(description = "是否开启人脸审核")
+    private Boolean isExamineFace = Boolean.FALSE;
 
-    @Schema(description = "用户协议")
-    @NotEmpty
-    private String userAgreement = "";
+    @Schema(description = "人脸照片相似度(0-100)")
+    private Integer similarity = 80;
 
-    @NotEmpty
-    @Schema(description = "隐私政策")
-    private String privacyPolicy = "";
+    @Schema(description = "人脸识别照片上传数量限制")
+    private Integer maxFaceNumber = 3;
 
-    @Schema(description = "")
-    private String remark;
+    @Schema(description = "照片大小限制")
+    private BigDecimal maxSize = BigDecimal.valueOf(2);
 
 }

FullCardClient/src/main/java/com/zhongshu/card/client/type/PassWordType.java

@@ -3,14 +3,12 @@ package com.zhongshu.card.client.type;
 import lombok.Getter;
 
 /**
- * 密码限制类型
+ * 密码限制类型强度
  */
 public enum PassWordType {
-    NotLimit("不限制"),
-    ChartAndNumber("必须包含子母+数字"),
-    ChartUpAndChartLowAndNumber("必须包含大写字母+小写字母+数字组合"),
-    ChartAndSpecialAndNumber("必须包含字母+特殊字符+数字组合"),
-    ChartUpAndChartLowAndSpecialAndNumber("必须包含大写字母+小写字母+特殊字符+数字组合"),
+    Weak("弱（6位以上）"),
+    Medium("中（8位+数字）"),
+    Strong("强（8位+大小写+符号）"),
     ;
 
     @Getter

FullCardClient/src/main/java/com/zhongshu/card/client/type/config/LonginType.java

@@ -0,0 +1,20 @@
+package com.zhongshu.card.client.type.config;
+
+import lombok.Getter;
+
+/**
+ * 登录方式
+ */
+public enum LonginType {
+    Account("账号密码"),
+    Phone("手机号+验证码"),
+    Wx("微信快捷登录"),
+    ;
+
+    @Getter
+    private String remark;
+
+    LonginType(String remark) {
+        this.remark = remark;
+    }
+}

FullCardClient/src/main/java/com/zhongshu/card/client/type/config/RegisterExamineType.java

@@ -0,0 +1,19 @@
+package com.zhongshu.card.client.type.config;
+
+import lombok.Getter;
+
+/**
+ * 消息类型
+ */
+public enum RegisterExamineType {
+    All("所有用户都需要审核(包括游客)"),
+    Formal("仅正式身份需要审核(除游客外)"),
+    ;
+
+    @Getter
+    private String remark;
+
+    RegisterExamineType(String remark) {
+        this.remark = remark;
+    }
+}

FullCardClient/src/main/java/com/zhongshu/card/client/type/config/RetrievePasswordType.java

@@ -0,0 +1,19 @@
+package com.zhongshu.card.client.type.config;
+
+import lombok.Getter;
+
+/**
+ * 找回密码类型
+ */
+public enum RetrievePasswordType {
+    PhoneAndCard("手机号+身份证"),
+    Face("人脸识别"),
+    ;
+
+    @Getter
+    private String remark;
+
+    RetrievePasswordType(String remark) {
+        this.remark = remark;
+    }
+}

FullCardClient/src/main/java/com/zhongshu/card/client/type/user/OrgUserState.java

@@ -0,0 +1,19 @@
+package com.zhongshu.card.client.type.user;
+
+import lombok.Getter;
+
+/**
+ *
+ */
+public enum OrgUserState {
+    Formal("正式"),
+    Unaudited("审核中"),
+    ;
+
+    @Getter
+    private String remark;
+
+    OrgUserState(String remark) {
+        this.remark = remark;
+    }
+}

FullCardClient/src/main/java/com/zhongshu/card/client/type/user/RoleInitType.java

@@ -0,0 +1,19 @@
+package com.zhongshu.card.client.type.user;
+
+import lombok.Getter;
+
+/**
+ * 角色类型
+ */
+public enum RoleInitType {
+    Admin("管理员"),
+    Tourist("游客"),
+    ;
+
+    @Getter
+    private String remark;
+
+    RoleInitType(String remark) {
+        this.remark = remark;
+    }
+}

FullCardServer/src/main/java/com/zhongshu/card/server/core/controller/org/OrganizationUserController.java

@@ -70,7 +70,9 @@ public class OrganizationUserController {
     @ResourceAuth(value = "user", type = AuthType.User)
     @Operation(summary = "项目用户列表-分页查询", description = "项目用户列表-分页查询")
     @RequestMapping(value = {"projectUserPage"}, method = {RequestMethod.POST})
-    public ResultContent<Page<OrganizationUserModel>> projectUserPage(@Parameter(hidden = true) @PageableDefault(page = 0, size = 10) Pageable pageable, @Parameter(required = false) OrganizationUserSearch param) {
+    public ResultContent<Page<OrganizationUserModel>> projectUserPage(
+            @Parameter(hidden = true) @PageableDefault(page = 0, size = 10) Pageable pageable,
+            @Parameter(required = false) OrganizationUserSearch param) {
         Assert.hasText(param.getProjectOid(), "projectOid不能为空");
         // 项目用户 包括项目下所有的机构的用户
         param.setIsSearchProject(Boolean.TRUE);

FullCardServer/src/main/java/com/zhongshu/card/server/core/controller/projectAbout/ProjectCommonConfigController.java

@@ -45,7 +45,7 @@ public class ProjectCommonConfigController {
     @Operation(summary = "得到项目的通用配置", description = "得到项目的通用配置")
     @RequestMapping(value = "getInfo", method = {RequestMethod.POST})
     @Hidden
-    public ResultContent<ProjectCommonConfigModel> getProjectWeChatInfo(@RequestBody ProjectOidParam param) {
+    public ResultContent<ProjectCommonConfigModel> getInfo(@RequestBody ProjectOidParam param) {
         return projectCommonConfigService.getInfo(param.getProjectOid());
     }
 

FullCardServer/src/main/java/com/zhongshu/card/server/core/dao/org/RoleDao.java

@@ -37,4 +37,6 @@ public interface RoleDao extends MongoDao<Role>, RoleDaoExtend {
     List<Role> findByOidAndNameIn(String oid, List<String> names);
 
     List<Role> findByOidAndIsAdmin(String oid, Boolean isAdmin);
+
+    List<Role> findByOidAndIsVisitor(String oid, Boolean isVisitor);
 }

FullCardServer/src/main/java/com/zhongshu/card/server/core/dao/org/impl/OrganizationUserDaoImpl.java

@@ -78,6 +78,11 @@ public class OrganizationUserDaoImpl extends BaseImpl implements OrganizationUse
             criteria.and("state").is(param.getState());
         }
 
+        // 用户加入状态
+        if (param.getOrgUserState() != null) {
+            criteria.and("orgUserState").is(param.getOrgUserState());
+        }
+
         // 用户在机构的类型
         if (param.getUserType() != null) {
             criteria.and("userType").is(param.getUserType());

FullCardServer/src/main/java/com/zhongshu/card/server/core/dataConfig/CardSystemDefault.java

@@ -1,5 +1,12 @@
 package com.zhongshu.card.server.core.dataConfig;
 
+import com.zhongshu.card.client.model.org.role.RoleInit;
+import com.zhongshu.card.client.type.RoleType;
+import com.zhongshu.card.client.type.user.RoleInitType;
+
+import java.util.ArrayList;
+import java.util.List;
+
 /**
  * 全卡项目默认设置信息
  *
@@ -23,4 +30,24 @@ public class CardSystemDefault {
     // 系统默认头像 （闸机当头像为空时不能下发，所以设置个默认的）
     public static final String defaultPermissFaceUrl = "https://zswl-dev.oss-cn-chengdu.aliyuncs.com/665fc0386b0724481afc56d9/store/665fc0386b0724481afc56d9/01457397-2a17-41ae-a6e3-118511e96d13" +
             ".jpg/1730191730919.jpg";
+
+    public static final List<RoleInit> initRoles = new ArrayList<RoleInit>();
+
+    static {
+        initRoles.add(RoleInit.builder().name(DEFAULT_ROLE_NAME)
+                .roleInitType(RoleInitType.Admin)
+                .isAdmin(Boolean.TRUE)
+                .roleType(RoleType.BuildIn)
+                .isVisitor(Boolean.FALSE)
+                .build());
+
+        initRoles.add(RoleInit.builder().name("游客")
+                .roleInitType(RoleInitType.Tourist)
+                .isAdmin(Boolean.FALSE)
+                .roleType(RoleType.BuildIn)
+                .isVisitor(Boolean.TRUE)
+                .code("Tourist")
+                .build());
+    }
+
 }

FullCardServer/src/main/java/com/zhongshu/card/server/core/domain/org/OrganizationUser.java

@@ -6,6 +6,7 @@ import com.zhongshu.card.client.type.CertificateType;
 import com.zhongshu.card.client.type.OrganizationUserType;
 import com.zhongshu.card.client.type.Sex;
 import com.zhongshu.card.client.type.UserState;
+import com.zhongshu.card.client.type.user.OrgUserState;
 import com.zhongshu.card.server.core.domain.base.SuperMain;
 import com.zhongshu.card.server.core.domain.school.DictInfo;
 import io.swagger.v3.oas.annotations.media.Schema;
@@ -44,6 +45,9 @@ public class OrganizationUser extends SuperMain {
     @DBRef(lazy = true)
     private UserAccount user;
 
+    @Schema(description = "用户状态")
+    private OrgUserState orgUserState = OrgUserState.Formal;
+
     //---------------------------用户基础信息 start ----------------------
     @Schema(description = "用户ID")
     private String userId;

FullCardServer/src/main/java/com/zhongshu/card/server/core/domain/org/Role.java

@@ -3,6 +3,7 @@ package com.zhongshu.card.server.core.domain.org;
 import com.github.microservice.auth.security.type.AuthType;
 import com.zhongshu.card.client.type.DataState;
 import com.zhongshu.card.client.type.RoleType;
+import com.zhongshu.card.client.type.user.RoleInitType;
 import com.zhongshu.card.server.core.domain.base.SuperMain;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.*;
@@ -33,6 +34,9 @@ public class Role extends SuperMain {
     @Schema(description = "角色类型: 系统内置、自定义")
     private RoleType roleType;
 
+    @Schema(description = "角色预制类型，如：管理员、游客")
+    private RoleInitType roleInitType;
+
     @Schema(description = "角色主体类型，如：项目、机构、学校")
     private AuthType authType;
 

FullCardServer/src/main/java/com/zhongshu/card/server/core/domain/projectAbout/ProjectCommonConfig.java

@@ -2,8 +2,12 @@ package com.zhongshu.card.server.core.domain.projectAbout;
 
 import com.zhongshu.card.client.type.PassWordDefaultType;
 import com.zhongshu.card.client.type.PassWordType;
+import com.zhongshu.card.client.type.config.LonginType;
+import com.zhongshu.card.client.type.config.RegisterExamineType;
+import com.zhongshu.card.client.type.config.RetrievePasswordType;
 import com.zhongshu.card.server.core.domain.base.SuperMain;
 import com.zhongshu.card.server.core.domain.org.Organization;
+import com.zhongshu.card.server.core.domain.org.Role;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -12,6 +16,10 @@ import lombok.NoArgsConstructor;
 import org.springframework.data.mongodb.core.mapping.DBRef;
 import org.springframework.data.mongodb.core.mapping.Document;
 
+import java.math.BigDecimal;
+import java.util.ArrayList;
+import java.util.List;
+
 /**
  * 项目相关的 通用设置
  *
@@ -37,34 +45,66 @@ public class ProjectCommonConfig extends SuperMain {
 
     //----------------------------业务信息 start-----------------
 
-    @Schema(description = "最小密码长度")
-    private Integer minPassWordLength = 6;
+    //-------------------协议信息 start ------------------
+    @Schema(description = "用户协议")
+    private String userAgreement = "";
+
+    @Schema(description = "隐私政策")
+    private String privacyPolicy = "";
+
+    //-------------------注册控制 start-------------------
+
+    @Schema(description = "是否允许注册")
+    private Boolean isAllowRegister = Boolean.FALSE;
+
+    @Schema(description = "注册是否允许选择角色")
+    private Boolean isAllowSelectRole = Boolean.FALSE;
+
+    @Schema(description = "注册时可以选择的角色")
+    private List<Role> roles = new ArrayList<Role>();
+
+    @Schema(description = "角色集合")
+    private List<String> roleIds = new ArrayList<>();
 
-    @Schema(description = "最小密码长度")
-    private Integer maxPassWordLength = 20;
+    @Schema(description = "注册是否需要审核")
+    private Boolean isExamineRegister = Boolean.TRUE;
 
-    @Schema(description = "密码字符组合类型")
-    private PassWordType passWordType;
+    @Schema(description = "审核范围")
+    private RegisterExamineType examineType = RegisterExamineType.All;
 
+    @Schema(description = "密码字符组合类型/强度")
+    private PassWordType passWordType = PassWordType.Weak;
+
+    //--------------------导入用户密码规则 start---------------
     @Schema(description = "默认密码设置类型")
-    private PassWordDefaultType passWordDefaultType;
+    private PassWordDefaultType passWordDefaultType = PassWordDefaultType.CardNumberLast6;
 
     @Schema(description = "这样的默认密码")
-    private String defaultPassWord;
+    private String defaultPassWord = "123abc";
 
-    @Schema(description = "默认用户头像")
-    private String defaultUserHead;
+    //-----------------------密码找回方式 start --------------
 
-    // --------------游客许可 ---------------
-    @Schema(description = "允许游客注册")
-    private Boolean isAllowRegister = Boolean.FALSE;
+    @Schema(description = "找回密码方式")
+    private List<RetrievePasswordType> retrievePasswordTypes = new ArrayList<>();
 
-    @Schema(description = "允许游客消费")
-    private Boolean isAllowConsume = Boolean.FALSE;
+    @Schema(description = "登录方式")
+    private List<LonginType> longinTypes = new ArrayList<>();
 
-    @Schema(description = "用户协议")
-    private String userAgreement = "";
+    //-----------------------人脸照片管理 start---------------
+
+    @Schema(description = "是否允许用户修改人脸数据")
+    private Boolean isAllowUpdateFace = Boolean.TRUE;
+
+    @Schema(description = "是否开启人脸审核")
+    private Boolean isExamineFace = Boolean.FALSE;
+
+    @Schema(description = "人脸照片相似度(0-100)")
+    private Integer similarity = 80;
+
+    @Schema(description = "人脸识别照片上传数量限制")
+    private Integer maxFaceNumber = 3;
+
+    @Schema(description = "照片大小限制")
+    private BigDecimal maxSize = BigDecimal.valueOf(2);
 
-    @Schema(description = "隐私政策")
-    private String privacyPolicy = "";
 }

FullCardServer/src/main/java/com/zhongshu/card/server/core/service/org/OrganizationServiceImpl.java

@@ -206,8 +206,12 @@ public class OrganizationServiceImpl extends SuperService implements Organizatio
         // 初始项目的默认管理员角色
         roleServiceImpl.initOrgManagerRole(organization);
 
-        //todo  同步名称至openApi网关
-        signService.syncBusinessName(organization.getOid(), organization.getName());
+        try {
+            //todo  同步名称至openApi网关
+            signService.syncBusinessName(organization.getOid(), organization.getName());
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
 
         // 把管理员用户加入到项目中
         organizationUserServiceImpl.orgBindManager(organization, userAccounts);
@@ -1118,6 +1122,17 @@ public class OrganizationServiceImpl extends SuperService implements Organizatio
         return ResultContent.buildSuccess();
     }
 
+    /**
+     * 更新项目的默认信息
+     *
+     * @param organization
+     */
+    public void updateProjectInitInfo(Organization organization) {
+        if (organization != null && organization.getAuthType() == AuthType.Project) {
+            roleServiceImpl.initOrgManagerRole(organization);
+        }
+    }
+
     /**
      * @param code
      * @return

FullCardServer/src/main/java/com/zhongshu/card/server/core/service/projectAbout/ProjectCommonConfigService.java

@@ -1,20 +1,26 @@
 package com.zhongshu.card.server.core.service.projectAbout;
 
+import com.github.microservice.auth.client.service.RoleService;
 import com.github.microservice.net.ResultContent;
 import com.zhongshu.card.client.model.projectAbout.projectCommon.ProjectCommonConfigModel;
 import com.zhongshu.card.client.model.projectAbout.projectCommon.ProjectCommonConfigParam;
 import com.zhongshu.card.client.model.projectAbout.projectCommon.ProjectCommonSuperParam;
 import com.zhongshu.card.server.core.dao.org.OrganizationDao;
+import com.zhongshu.card.server.core.dao.org.RoleDao;
 import com.zhongshu.card.server.core.dao.projectAbout.ProjectCommonConfigDao;
 import com.zhongshu.card.server.core.domain.org.Organization;
+import com.zhongshu.card.server.core.domain.org.Role;
 import com.zhongshu.card.server.core.domain.projectAbout.ProjectCommonConfig;
 import com.zhongshu.card.server.core.service.base.SuperService;
+import com.zhongshu.card.server.core.service.user.RoleServiceImpl;
 import com.zhongshu.card.server.core.util.BeanUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.ObjectUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.util.List;
+
 /**
  * 项目的 关联的物联网 ak sk 设置
  *
@@ -26,10 +32,16 @@ import org.springframework.stereotype.Service;
 public class ProjectCommonConfigService extends SuperService {
 
     @Autowired
-    OrganizationDao organizationDao;
+    private OrganizationDao organizationDao;
+
+    @Autowired
+    private ProjectCommonConfigDao commonConfigDao;
 
     @Autowired
-    ProjectCommonConfigDao commonConfigDao;
+    private RoleDao roleDao;
+
+    @Autowired
+    private RoleServiceImpl roleService;
 
     /**
      * 保存配置信息
@@ -144,6 +156,11 @@ public class ProjectCommonConfigService extends SuperService {
         if (ObjectUtils.isNotEmpty(entity)) {
             model = new ProjectCommonConfigModel();
             BeanUtils.copyProperties(entity, model);
+
+            if (ObjectUtils.isNotEmpty(entity.getRoleIds())) {
+                List<Role> roles = roleDao.findByIdIn(entity.getRoleIds());
+                model.setRoles(roleService.toModels(roles));
+            }
         }
         return model;
     }

FullCardServer/src/main/java/com/zhongshu/card/server/core/service/user/RoleServiceImpl.java

@@ -117,6 +117,16 @@ public class RoleServiceImpl extends SuperService {
             admin.setOrganizationId(oid);
             com.github.microservice.auth.client.content.ResultContent<String> updateRoleGroupAdmin = roleService.updateRoleGroup(admin);
             String groupId = updateRoleGroupAdmin.getContent();
+            if (StringUtils.isEmpty(groupId)) {
+                com.github.microservice.auth.client.content.ResultContent<RoleGroupModel> groupContent = roleService
+                        .getRoleGroupByName(param.getName(), oid);
+                if (groupContent.isSuccess()) {
+                    RoleGroupModel roleGroupModel = groupContent.getContent();
+                    if (roleGroupModel != null) {
+                        groupId = roleGroupModel.getId();
+                    }
+                }
+            }
 
             com.github.microservice.auth.client.model.RoleModel roleModel = new com.github.microservice.auth.client.model.RoleModel();
             roleModel.setOrganizationId(oid);
@@ -125,6 +135,7 @@ public class RoleServiceImpl extends SuperService {
             // 添加角色
             com.github.microservice.auth.client.content.ResultContent<String> updateRole = roleService.updateRole(roleModel);
             String roleId = updateRole.getContent();
+
             // 把角色绑定到角色组
             roleService.addRoleToRoleGroup(groupId, new String[]{updateRole.getContent()});
 
@@ -166,8 +177,13 @@ public class RoleServiceImpl extends SuperService {
                     roleService.updateRole(roleModel);
                 }
             }
-            // 编辑本地角色
-            BeanUtils.copyProperties(param, role, "roleType");
+            if (role.getRoleType() == RoleType.BuildIn) {
+                // 编辑本地角色
+                BeanUtils.copyProperties(param, role, "roleType", "name", "code", "roleInitType", "isVisitor");
+            } else {
+                // 编辑本地角色
+                BeanUtils.copyProperties(param, role, "roleType", "roleInitType", "isVisitor");
+            }
             initUpdateEntity(role);
             roleDao.save(role);
         }
@@ -701,67 +717,97 @@ public class RoleServiceImpl extends SuperService {
     }
 
     /**
-     * 初始机构的管理员角色
+     * 初始机构、项目的默认角色
      *
      * @param organization
      * @return
      */
     public ResultContent initOrgManagerRole(Organization organization) {
         if (ObjectUtils.isNotEmpty(organization)) {
-            Role adminRole = roleDao.findTopByNameAndOid(CardSystemDefault.DEFAULT_ROLE_NAME, organization.getOid());
-            if (ObjectUtils.isEmpty(adminRole)) {
-                Set<String> auth = Set.of(AuthConstant.Admin);
+            List<RoleInit> initRoles = CardSystemDefault.initRoles;
+            if (ObjectUtils.isNotEmpty(initRoles)) {
+                for (RoleInit roleInit : initRoles) {
+                    initRole(organization, roleInit);
+                }
+            }
+        }
+        return ResultContent.buildSuccess();
+    }
+
+    private void initRole(Organization organization, RoleInit roleInit) {
+        String name = roleInit.getName();
+        Role tempRole = roleDao.findTopByNameAndOid(name, organization.getOid());
+        if (ObjectUtils.isEmpty(tempRole)) {
+            Set<String> auth = new HashSet<>();
+            if (roleInit.getIsAdmin() != null && roleInit.getIsAdmin()) {
+                auth = Set.of(AuthConstant.Admin);
                 if (organization.getAuthType().equals(AuthType.Platform)) {
                     auth = Set.of(AuthConstant.SuperAdmin);
                 }
+            } else {
+                auth = roleInit.getAuth();
+            }
 
-                String defaultName = CardSystemDefault.DEFAULT_ROLE_NAME;
-                String defaultReMark = CardSystemDefault.DEFAULT_ROLE_NAME;
-                String oid = organization.getOid();
-                // 权限中心: 角色组
-                RoleGroupModel admin = new RoleGroupModel();
-                admin.setName(defaultName);
-                admin.setRemark(defaultReMark);
-                admin.setOrganizationId(oid);
-                admin.setIdentity(auth);
-                com.github.microservice.auth.client.content.ResultContent<String> updateRoleGroupAdmin = roleService.updateRoleGroup(admin);
-                String groupId = updateRoleGroupAdmin.getContent();
-                log.info("初始权限中心角色组成功：{}", groupId);
-
-                if (!StringUtils.isEmpty(groupId)) {
-                    // 权限中心: 角色信息
-                    com.github.microservice.auth.client.model.RoleModel roleModel = new com.github.microservice.auth.client.model.RoleModel();
-                    roleModel.setOrganizationId(oid);
-                    roleModel.setName(defaultName);
-                    roleModel.setRemark(defaultReMark);
-                    roleModel.setAuth(auth);
-                    com.github.microservice.auth.client.content.ResultContent<String> updateRole = roleService.updateRole(roleModel);
-
-                    log.info("权限中心：初始角色和角色组关系成功");
-                    String roleId = updateRole.getContent();
-                    roleService.addRoleToRoleGroup(groupId, new String[]{roleId});
-
-                    // 添加本地机构角色信息
-                    adminRole = new Role();
-                    if (organization.getAuthType().equals(AuthType.Platform)) {
-                        adminRole.setCode(AuthConstant.SuperAdmin);
-                    } else {
-                        adminRole.setCode(AuthConstant.Admin);
+            String defaultName = name;
+            String defaultReMark = name;
+            String oid = organization.getOid();
+            // 权限中心: 角色组
+            RoleGroupModel admin = new RoleGroupModel();
+            admin.setName(defaultName);
+            admin.setRemark(defaultReMark);
+            admin.setOrganizationId(oid);
+            admin.setIdentity(auth);
+            com.github.microservice.auth.client.content.ResultContent<String> updateRoleGroupAdmin = roleService.updateRoleGroup(admin);
+            String groupId = updateRoleGroupAdmin.getContent();
+            log.info("初始权限中心角色组成功：{}", groupId);
+            if (StringUtils.isEmpty(groupId)) {
+                com.github.microservice.auth.client.content.ResultContent<RoleGroupModel> groupContent = roleService.getRoleGroupByName(defaultName, oid);
+                if (groupContent.isSuccess()) {
+                    RoleGroupModel roleGroupModel = groupContent.getContent();
+                    if (roleGroupModel != null) {
+                        groupId = roleGroupModel.getId();
                     }
-                    adminRole.setAuth(auth);
-                    adminRole.setOid(oid);
-                    adminRole.setRoleGroupId(groupId);
-                    adminRole.setName(defaultName);
-                    adminRole.setRemark(defaultReMark);
-                    adminRole.setRoleType(RoleType.BuildIn);
-                    adminRole.setIsAdmin(Boolean.TRUE);
-                    adminRole.setRoleId(roleId);
-                    adminRole.setAuthType(organization.getAuthType());
-                    roleDao.save(adminRole);
                 }
             }
+
+            if (StringUtils.isNotEmpty(groupId)) {
+                // 权限中心: 角色信息
+                com.github.microservice.auth.client.model.RoleModel roleModel = new com.github.microservice.auth.client.model.RoleModel();
+                roleModel.setOrganizationId(oid);
+                roleModel.setName(defaultName);
+                roleModel.setRemark(defaultReMark);
+                roleModel.setAuth(auth);
+                com.github.microservice.auth.client.content.ResultContent<String> updateRole = roleService.updateRole(roleModel);
+
+                log.info("权限中心：初始角色和角色组关系成功");
+                String roleId = updateRole.getContent();
+                roleService.addRoleToRoleGroup(groupId, new String[]{roleId});
+
+                // 添加本地机构角色信息
+                tempRole = new Role();
+                tempRole.setRoleId(roleId);
+                tempRole.setAuth(auth);
+                tempRole.setOid(oid);
+                tempRole.setRoleGroupId(groupId);
+                tempRole.setName(defaultName);
+                tempRole.setRemark(defaultReMark);
+            }
         }
-        return ResultContent.buildSuccess();
+        String code = roleInit.getCode();
+        if (roleInit.getIsAdmin() != null && roleInit.getIsAdmin()) {
+            if (organization.getAuthType().equals(AuthType.Platform)) {
+                code = AuthConstant.SuperAdmin;
+            } else {
+                code = AuthConstant.Admin;
+            }
+        }
+        tempRole.setCode(code);
+        tempRole.setRoleType(roleInit.getRoleType());
+        tempRole.setIsAdmin(roleInit.getIsAdmin());
+        tempRole.setIsVisitor(roleInit.getIsVisitor());
+        tempRole.setRoleInitType(roleInit.getRoleInitType());
+        tempRole.setAuthType(organization.getAuthType());
+        roleDao.save(tempRole);
     }
 
     /**
@@ -774,6 +820,16 @@ public class RoleServiceImpl extends SuperService {
         return roleDao.findByOidAndIsAdmin(oid, Boolean.TRUE);
     }
 
+    /**
+     * 得到游客角色
+     *
+     * @param oid
+     * @return
+     */
+    public List<Role> getVisitorRoles(String oid) {
+        return roleDao.findByOidAndIsVisitor(oid, Boolean.TRUE);
+    }
+
     /**
      * 用户移除角色
      *