From bad0b6332e1722c8351a67bf8528dd6b5b43a652 Mon Sep 17 00:00:00 2001
From: jianxing <jianxing.chen.ag@gmail.com>
Date: Tue, 8 Aug 2023 20:41:14 +0800
Subject: [PATCH] =?UTF-8?q?refactor(=E7=B3=BB=E7=BB=9F=E8=AE=BE=E7=BD=AE):?=
 =?UTF-8?q?=20=E5=88=A0=E9=99=A4=E7=94=A8=E6=88=B7=E7=BB=84=E5=90=8E?=
 =?UTF-8?q?=EF=BC=8C=E9=87=8C=E9=9D=A2=E7=9A=84=E7=94=A8=E6=88=B7=E6=B2=A1?=
 =?UTF-8?q?=E6=9C=89=E7=94=A8=E6=88=B7=E7=BB=84=EF=BC=8C=E5=88=99=E6=B7=BB?=
 =?UTF-8?q?=E5=8A=A0=E7=B3=BB=E7=BB=9F=E6=88=90=E5=91=98=E7=94=A8=E6=88=B7?=
 =?UTF-8?q?=E7=BB=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../mapper/BaseUserRoleRelationMapper.java    | 12 +++
 .../sdk/mapper/BaseUserRoleRelationMapper.xml | 17 +++++
 .../service/BaseUserRoleRelationService.java  | 23 +++++-
 .../sdk/service/BaseUserRoleService.java      | 66 +++++++++++++++--
 .../resources/i18n/system_en_US.properties    |  1 +
 .../resources/i18n/system_zh_CN.properties    |  1 +
 .../resources/i18n/system_zh_TW.properties    |  1 +
 .../controller/GlobalUserRoleController.java  |  2 +-
 .../controller/result/SystemResultCode.java   |  1 +
 .../mapper/ExtUserRoleRelationMapper.java     |  2 -
 .../mapper/ExtUserRoleRelationMapper.xml      |  8 --
 .../GlobalUserRoleRelationService.java        | 21 +++++-
 .../system/service/GlobalUserRoleService.java |  4 +-
 .../system/service/OrganizationService.java   |  2 +-
 .../service/OrganizationUserRoleService.java  | 44 ++---------
 .../GlobalUserRoleControllerTests.java        | 74 ++++++++++++++++++-
 ...GlobalUserRoleRelationControllerTests.java | 30 +++++---
 17 files changed, 231 insertions(+), 78 deletions(-)
 create mode 100644 backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserRoleRelationMapper.java
 create mode 100644 backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserRoleRelationMapper.xml

diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserRoleRelationMapper.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserRoleRelationMapper.java
new file mode 100644
index 0000000000..e0638c0320
--- /dev/null
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserRoleRelationMapper.java
@@ -0,0 +1,12 @@
+package io.metersphere.sdk.mapper;
+
+import io.metersphere.system.domain.UserRoleRelation;
+import org.apache.ibatis.annotations.Param;
+
+import java.util.List;
+
+public interface BaseUserRoleRelationMapper {
+    List<UserRoleRelation> getUserIdAndSourceIdByUserIds(@Param("userIds") List<String> userIds);
+
+    List<String> getUserIdRoleId(@Param("roleId") String roleId);
+}
diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserRoleRelationMapper.xml b/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserRoleRelationMapper.xml
new file mode 100644
index 0000000000..c1a72f3dc2
--- /dev/null
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserRoleRelationMapper.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="io.metersphere.sdk.mapper.BaseUserRoleRelationMapper">
+    <select id="getUserIdAndSourceIdByUserIds" resultType="io.metersphere.system.domain.UserRoleRelation">
+        select user_id, source_id, role_id
+        from user_role_relation
+        where user_id in
+        <foreach collection="userIds" item="userId" open="(" separator="," close=")">
+            #{userId}
+        </foreach>
+    </select>
+    <select id="getUserIdRoleId" resultType="java.lang.String">
+        select user_id
+        from user_role_relation
+        where role_id = #{roleId}
+    </select>
+</mapper>
\ No newline at end of file
diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserRoleRelationService.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserRoleRelationService.java
index d2c09b0cb1..fdf3c954a8 100644
--- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserRoleRelationService.java
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserRoleRelationService.java
@@ -1,6 +1,7 @@
 package io.metersphere.sdk.service;
 
 import io.metersphere.sdk.exception.MSException;
+import io.metersphere.sdk.mapper.BaseUserRoleRelationMapper;
 import io.metersphere.system.domain.UserRole;
 import io.metersphere.system.domain.UserRoleRelation;
 import io.metersphere.system.domain.UserRoleRelationExample;
@@ -12,6 +13,7 @@ import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.ArrayList;
 import java.util.List;
 import java.util.UUID;
 
@@ -28,10 +30,11 @@ public class BaseUserRoleRelationService {
     @Resource
     protected UserRoleRelationMapper userRoleRelationMapper;
     @Resource
+    protected BaseUserRoleRelationMapper baseUserRoleRelationMapper;
+    @Resource
     @Lazy
     protected BaseUserRoleService baseUserRoleService;
 
-
     protected UserRoleRelation add(UserRoleRelation userRoleRelation) {
         checkExist(userRoleRelation);
         userRoleRelation.setCreateTime(System.currentTimeMillis());
@@ -98,4 +101,22 @@ public class BaseUserRoleRelationService {
         }
         return null;
     }
+
+    public List<String> getUserIdRoleId(String roleId) {
+       return baseUserRoleRelationMapper.getUserIdRoleId(roleId);
+    }
+
+    public List<UserRoleRelation> getUserIdAndSourceIdByUserIds(List<String> userIds) {
+        if (CollectionUtils.isEmpty(userIds)) {
+            return new ArrayList<>(0);
+        }
+       return baseUserRoleRelationMapper.getUserIdAndSourceIdByUserIds(userIds);
+    }
+
+    public void batchInsert(List<UserRoleRelation> addRelations) {
+        if (CollectionUtils.isEmpty(addRelations)) {
+            return;
+        }
+        userRoleRelationMapper.batchInsert(addRelations);
+    }
 }
diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserRoleService.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserRoleService.java
index ff1eec992e..4cfb671827 100644
--- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserRoleService.java
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserRoleService.java
@@ -9,6 +9,7 @@ import io.metersphere.sdk.util.PermissionCache;
 import io.metersphere.sdk.util.Translator;
 import io.metersphere.system.domain.UserRole;
 import io.metersphere.system.domain.UserRoleExample;
+import io.metersphere.system.domain.UserRoleRelation;
 import io.metersphere.system.mapper.UserRoleMapper;
 import jakarta.annotation.Resource;
 import org.apache.commons.collections.CollectionUtils;
@@ -18,6 +19,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.util.*;
+import java.util.stream.Collectors;
 
 import static io.metersphere.sdk.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
 
@@ -33,9 +35,9 @@ public class BaseUserRoleService {
     @Resource
     private UserRoleMapper userRoleMapper;
     @Resource
-    private BaseUserRolePermissionService baseUserRolePermissionService;
+    protected BaseUserRolePermissionService baseUserRolePermissionService;
     @Resource
-    private BaseUserRoleRelationService baseUserRoleRelationService;
+    protected BaseUserRoleRelationService baseUserRoleRelationService;
 
     /**
      * 根据用户组获取对应的权限配置项
@@ -101,7 +103,7 @@ public class BaseUserRoleService {
         }
         String[] idSplit = p.getId().split(":");
         String permissionKey = idSplit[idSplit.length - 1];
-        Map<String, String> translationMap = new HashMap<>(){{
+        Map<String, String> translationMap = new HashMap<>() {{
             put("READ", "permission.read");
             put("READ+ADD", "permission.add");
             put("READ+UPDATE", "permission.edit");
@@ -114,6 +116,7 @@ public class BaseUserRoleService {
 
     /**
      * 更新单个用户组的配置项
+     *
      * @param request
      */
     protected void updatePermissionSetting(PermissionSettingUpdateRequest request) {
@@ -139,14 +142,24 @@ public class BaseUserRoleService {
 
     /**
      * 删除用户组，并且删除用户组与用户的关联关系，用户组与权限的关联关系
+     *
      * @param userRole
      */
-    public void delete(UserRole userRole) {
+    public void delete(UserRole userRole, String defaultRoleId, String currentUserId) {
         String id = userRole.getId();
         checkInternalUserRole(userRole);
+
+        // 删除用户组的权限设置
         baseUserRolePermissionService.deleteByRoleId(id);
-        baseUserRoleRelationService.deleteByRoleId(id);
+
+        // 删除用户组
         userRoleMapper.deleteByPrimaryKey(id);
+
+        // 检查是否只有一个用户组，如果是则添加系统成员等默认用户组
+        checkOneLimitRole(id, defaultRoleId, currentUserId);
+
+        // 删除用户组与用户的关联关系
+        baseUserRoleRelationService.deleteByRoleId(id);
     }
 
     /**
@@ -163,9 +176,9 @@ public class BaseUserRoleService {
     }
 
     public List<UserRole> getList(List<String> idList) {
-        if(CollectionUtils.isEmpty(idList)){
+        if (CollectionUtils.isEmpty(idList)) {
             return new ArrayList<>();
-        }else {
+        } else {
             UserRoleExample example = new UserRoleExample();
             example.createCriteria().andIdIn(idList);
             return userRoleMapper.selectByExample(example);
@@ -176,4 +189,43 @@ public class BaseUserRoleService {
         UserRole userRole = userRoleMapper.selectByPrimaryKey(id);
         return userRole == null ? null : userRole.getName();
     }
+
+    /**
+     * 删除用户组时校验必须要有一个用户组
+     * 没有的话，添加系统成员，组织成员，项目成员用户组
+     * @param defaultRoleId 默认用户组id
+     * @param currentUserId 当前用户id
+     */
+    public void checkOneLimitRole(String roleId, String defaultRoleId, String currentUserId) {
+
+        // 查询要删除的用户组关联的用户ID
+        List<String> userIds = baseUserRoleRelationService.getUserIdRoleId(roleId);
+
+        if (CollectionUtils.isEmpty(userIds)) {
+           return;
+        }
+
+        // 查询用户列表与所有用户组的关联关系，并分组（UserRoleRelation 中只有 userId 和 sourceId）
+        Map<String, List<UserRoleRelation>> userRoleRelationMap = baseUserRoleRelationService
+                .getUserIdAndSourceIdByUserIds(userIds)
+                .stream()
+                .collect(Collectors.groupingBy(i -> i.getUserId() + i.getSourceId()));
+
+        List<UserRoleRelation> addRelations = new ArrayList<>();
+        userRoleRelationMap.forEach((groupId, relations) -> {
+            // 如果当前用户组只有一个用户，并且就是要删除的用户组，则添加组织成员等默认用户组
+            if (relations.size() == 1 && StringUtils.equals(relations.get(0).getRoleId(), roleId)) {
+                UserRoleRelation relation = new UserRoleRelation();
+                relation.setId(UUID.randomUUID().toString());
+                relation.setUserId(relations.get(0).getUserId());
+                relation.setSourceId(relations.get(0).getSourceId());
+                relation.setRoleId(defaultRoleId);
+                relation.setCreateTime(System.currentTimeMillis());
+                relation.setCreateUser(currentUserId);
+                addRelations.add(relation);
+            }
+        });
+
+        baseUserRoleRelationService.batchInsert(addRelations);
+    }
 }
diff --git a/backend/framework/sdk/src/main/resources/i18n/system_en_US.properties b/backend/framework/sdk/src/main/resources/i18n/system_en_US.properties
index 01c22546d7..15aefb96ba 100644
--- a/backend/framework/sdk/src/main/resources/i18n/system_en_US.properties
+++ b/backend/framework/sdk/src/main/resources/i18n/system_en_US.properties
@@ -145,6 +145,7 @@ organization_member_not_exist=organization member does not exist
 global_user_role_permission_error=no global user role permission
 global_user_role_exist_error=global user role already exists
 global_user_role_relation_system_permission_error=no global user role relation system permission
+global_user_role_limit_error=At least one user group is required
 organization_user_role_permission_error=no organization user role permission
 user_role_exist=User role already exists
 user_role_not_exist=User role not exist
diff --git a/backend/framework/sdk/src/main/resources/i18n/system_zh_CN.properties b/backend/framework/sdk/src/main/resources/i18n/system_zh_CN.properties
index de057165ef..46fd55d188 100644
--- a/backend/framework/sdk/src/main/resources/i18n/system_zh_CN.properties
+++ b/backend/framework/sdk/src/main/resources/i18n/system_zh_CN.properties
@@ -144,6 +144,7 @@ organization_member_not_exist=组织成员不存在
 global_user_role_permission_error=没有权限操作非全局用户组
 global_user_role_exist_error=全局用户组已存在
 global_user_role_relation_system_permission_error=没有权限操作非系统级别用户组
+global_user_role_limit_error=至少需要有一个用户组
 organization_user_role_permission_error=没有权限操作非组织用户组
 user_role_exist=用户组已存在
 user_role_not_exist=用户组不存在
diff --git a/backend/framework/sdk/src/main/resources/i18n/system_zh_TW.properties b/backend/framework/sdk/src/main/resources/i18n/system_zh_TW.properties
index d281690771..c5b66790cc 100644
--- a/backend/framework/sdk/src/main/resources/i18n/system_zh_TW.properties
+++ b/backend/framework/sdk/src/main/resources/i18n/system_zh_TW.properties
@@ -144,6 +144,7 @@ organization_member_not_exist=組織成員不存在
 global_user_role_permission_error=沒有權限操作非全局用戶組
 global_user_role_exist_error=全局用戶組已存在
 global_user_role_relation_system_permission_error=沒有權限操作非系統級別用戶組
+global_user_role_limit_error=至少需要有一个用户组
 organization_user_role_permission_error=沒有權限操作非組織用戶組
 user_role_exist=用戶組已存在
 user_role_not_exist=用戶組不存在
diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/GlobalUserRoleController.java b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/GlobalUserRoleController.java
index 62e565c63b..3c97267f0c 100644
--- a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/GlobalUserRoleController.java
+++ b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/GlobalUserRoleController.java
@@ -82,6 +82,6 @@ public class GlobalUserRoleController {
     @RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_DELETE)
     @Log(type = OperationLogType.DELETE, expression = "#msClass.deleteLog(#id)", msClass = GlobalUserRoleLogService.class)
     public void delete(@PathVariable String id) {
-        globalUserRoleService.delete(id);
+        globalUserRoleService.delete(id, SessionUtils.getUserId());
     }
 }
diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/result/SystemResultCode.java b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/result/SystemResultCode.java
index 5984e57ae7..ead1825b83 100644
--- a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/result/SystemResultCode.java
+++ b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/result/SystemResultCode.java
@@ -13,6 +13,7 @@ public enum SystemResultCode implements IResultCode {
     GLOBAL_USER_ROLE_PERMISSION(101001, "global_user_role_permission_error"),
     GLOBAL_USER_ROLE_EXIST(101002, "global_user_role_exist_error"),
     GLOBAL_USER_ROLE_RELATION_SYSTEM_PERMISSION(101003, "global_user_role_relation_system_permission_error"),
+    GLOBAL_USER_ROLE_LIMIT(101004, "global_user_role_limit_error"),
     /**
      * 获取/编辑组织自定义用户组，如果非组织自定义用户组，会返回该响应码
      */
diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/mapper/ExtUserRoleRelationMapper.java b/backend/services/system-setting/src/main/java/io/metersphere/system/mapper/ExtUserRoleRelationMapper.java
index 306ff9a606..49e05f74d5 100644
--- a/backend/services/system-setting/src/main/java/io/metersphere/system/mapper/ExtUserRoleRelationMapper.java
+++ b/backend/services/system-setting/src/main/java/io/metersphere/system/mapper/ExtUserRoleRelationMapper.java
@@ -13,6 +13,4 @@ public interface ExtUserRoleRelationMapper {
     List<UserRoleRelation> selectGlobalRoleByUserId(String userId);
 
     List<UserRoleRelationUserDTO> listGlobal(@Param("request")  GlobalUserRoleRelationQueryRequest request);
-
-    void batchInsert(@Param("list") List<UserRoleRelation> list);
 }
diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/mapper/ExtUserRoleRelationMapper.xml b/backend/services/system-setting/src/main/java/io/metersphere/system/mapper/ExtUserRoleRelationMapper.xml
index 744b71cb2d..4393ff8f55 100644
--- a/backend/services/system-setting/src/main/java/io/metersphere/system/mapper/ExtUserRoleRelationMapper.xml
+++ b/backend/services/system-setting/src/main/java/io/metersphere/system/mapper/ExtUserRoleRelationMapper.xml
@@ -30,12 +30,4 @@
             )
         </if>
     </select>
-
-    <insert id="batchInsert" parameterType="java.util.List">
-        insert into user_role_relation (id, user_id, role_id, source_id, create_time, create_user)
-        values
-        <foreach collection="list" item="item" separator="," >
-            (#{item.id}, #{item.userId}, #{item.roleId}, #{item.sourceId}, #{item.createTime}, #{item.createUser})
-        </foreach>
-    </insert>
 </mapper>
\ No newline at end of file
diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/service/GlobalUserRoleRelationService.java b/backend/services/system-setting/src/main/java/io/metersphere/system/service/GlobalUserRoleRelationService.java
index e0ea270de1..786768a86c 100644
--- a/backend/services/system-setting/src/main/java/io/metersphere/system/service/GlobalUserRoleRelationService.java
+++ b/backend/services/system-setting/src/main/java/io/metersphere/system/service/GlobalUserRoleRelationService.java
@@ -5,6 +5,7 @@ import io.metersphere.sdk.dto.request.GlobalUserRoleRelationBatchRequest;
 import io.metersphere.sdk.dto.request.GlobalUserRoleRelationUpdateRequest;
 import io.metersphere.sdk.exception.MSException;
 import io.metersphere.sdk.service.BaseUserRoleRelationService;
+import io.metersphere.sdk.service.BaseUserRoleService;
 import io.metersphere.sdk.util.BeanUtils;
 import io.metersphere.sdk.util.Translator;
 import io.metersphere.system.domain.UserRole;
@@ -16,13 +17,14 @@ import io.metersphere.validation.groups.Created;
 import io.metersphere.validation.groups.Updated;
 import jakarta.annotation.Resource;
 import org.apache.commons.collections4.CollectionUtils;
-import org.apache.ibatis.session.SqlSessionFactory;
 import org.springframework.stereotype.Service;
 import org.springframework.validation.annotation.Validated;
 
 import java.util.*;
 import java.util.stream.Collectors;
 
+import static io.metersphere.system.controller.result.SystemResultCode.GLOBAL_USER_ROLE_LIMIT;
+
 /**
  * @author jianxing
  * @date : 2023-6-12
@@ -35,8 +37,6 @@ public class GlobalUserRoleRelationService extends BaseUserRoleRelationService {
     private GlobalUserRoleService globalUserRoleService;
     @Resource
     private UserService userService;
-    @Resource
-    private SqlSessionFactory sqlSessionFactory;
 
     public List<UserRoleRelationUserDTO> list(GlobalUserRoleRelationQueryRequest request) {
         UserRole userRole = globalUserRoleService.get(request.getRoleId());
@@ -62,13 +62,18 @@ public class GlobalUserRoleRelationService extends BaseUserRoleRelationService {
                 Collections.singletonList(request.getRoleId()));
         //检查用户的合法性
         userService.checkUserLegality(request.getUserIds());
+        List<UserRoleRelation> userRoleRelations = new ArrayList<>();
         request.getUserIds().forEach(userId -> {
             UserRoleRelation userRoleRelation = new UserRoleRelation();
             BeanUtils.copyBean(userRoleRelation, request);
             userRoleRelation.setUserId(userId);
             userRoleRelation.setSourceId(GlobalUserRoleService.SYSTEM_TYPE);
-            super.add(userRoleRelation);
+            checkExist(userRoleRelation);
+            userRoleRelation.setCreateTime(System.currentTimeMillis());
+            userRoleRelation.setId(UUID.randomUUID().toString());
+            userRoleRelations.add(userRoleRelation);
         });
+        userRoleRelationMapper.batchInsert(userRoleRelations);
     }
 
     public List<UserRoleRelation> selectByUserIdAndRuleId(List<String> userIds, List<String> roleIds) {
@@ -113,8 +118,16 @@ public class GlobalUserRoleRelationService extends BaseUserRoleRelationService {
     @Override
     public void delete(String id) {
         UserRole userRole = getUserRole(id);
+        UserRoleRelation userRoleRelation = userRoleRelationMapper.selectByPrimaryKey(id);
         globalUserRoleService.checkSystemUserGroup(userRole);
         globalUserRoleService.checkGlobalUserRole(userRole);
         super.delete(id);
+        UserRoleRelationExample example = new UserRoleRelationExample();
+        example.createCriteria()
+                .andUserIdEqualTo(userRoleRelation.getUserId())
+                .andSourceIdEqualTo(BaseUserRoleService.SYSTEM_TYPE);
+        if (CollectionUtils.isEmpty(userRoleRelationMapper.selectByExample(example))) {
+            throw new MSException(GLOBAL_USER_ROLE_LIMIT);
+        }
     }
 }
diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/service/GlobalUserRoleService.java b/backend/services/system-setting/src/main/java/io/metersphere/system/service/GlobalUserRoleService.java
index c67971b83f..d44a0a3fba 100644
--- a/backend/services/system-setting/src/main/java/io/metersphere/system/service/GlobalUserRoleService.java
+++ b/backend/services/system-setting/src/main/java/io/metersphere/system/service/GlobalUserRoleService.java
@@ -95,10 +95,10 @@ public class GlobalUserRoleService extends BaseUserRoleService {
         return super.update(userRole);
     }
 
-    public void delete(String id) {
+    public void delete(String id, String currentUserId) {
         UserRole userRole = get(id);
         checkGlobalUserRole(userRole);
-        delete(userRole);
+        super.delete(userRole, MEMBER.getValue(), currentUserId);
     }
 
     public void checkRoleIsGlobalAndHaveMember(@Valid @NotEmpty List<String> roleIdList, boolean isSystem) {
diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/service/OrganizationService.java b/backend/services/system-setting/src/main/java/io/metersphere/system/service/OrganizationService.java
index f091db4b89..70dea93ce7 100644
--- a/backend/services/system-setting/src/main/java/io/metersphere/system/service/OrganizationService.java
+++ b/backend/services/system-setting/src/main/java/io/metersphere/system/service/OrganizationService.java
@@ -188,7 +188,7 @@ public class OrganizationService {
             }
         });
         if (CollectionUtils.isNotEmpty(userRoleRelations)) {
-            extUserRoleRelationMapper.batchInsert(userRoleRelations);
+            userRoleRelationMapper.batchInsert(userRoleRelations);
         }
     }
 
diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/service/OrganizationUserRoleService.java b/backend/services/system-setting/src/main/java/io/metersphere/system/service/OrganizationUserRoleService.java
index b08516ac1a..528c898f37 100644
--- a/backend/services/system-setting/src/main/java/io/metersphere/system/service/OrganizationUserRoleService.java
+++ b/backend/services/system-setting/src/main/java/io/metersphere/system/service/OrganizationUserRoleService.java
@@ -15,8 +15,9 @@ import org.apache.commons.collections.CollectionUtils;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-import java.util.*;
-import java.util.stream.Collectors;
+import java.util.Arrays;
+import java.util.List;
+import java.util.UUID;
 
 import static io.metersphere.system.controller.result.SystemResultCode.NO_ORG_USER_ROLE_PERMISSION;
 
@@ -69,43 +70,10 @@ public class OrganizationUserRoleService extends BaseUserRoleService {
     }
 
     public void delete(String roleId, String currentUserId) {
-        UserRole oldRole = get(roleId);
+        UserRole userRole = get(roleId);
         // 非组织用户组不允许删除, 内置用户组不允许删除
-        checkOrgUserRole(oldRole);
-        checkInternalUserRole(oldRole);
-        // 删除用户组
-        userRoleMapper.deleteByPrimaryKey(roleId);
-        UserRoleRelationExample relationExample = new UserRoleRelationExample();
-        relationExample.createCriteria().andRoleIdEqualTo(roleId).andSourceIdEqualTo(oldRole.getScopeId());
-        List<UserRoleRelation> userRoleRelations = userRoleRelationMapper.selectByExample(relationExample);
-        List<UserRoleRelation> orgMemberRelations = new ArrayList<>();
-        if (CollectionUtils.isNotEmpty(userRoleRelations)) {
-            // 如果删除的组织用户组内成员只有当前一个用户组，则给该成员赋予组织成员用户组
-            List<String> userIds = userRoleRelations.stream().map(UserRoleRelation::getUserId).toList();
-            UserRoleRelationExample userRelationExample = new UserRoleRelationExample();
-            userRelationExample.createCriteria().andUserIdIn(userIds).andSourceIdEqualTo(oldRole.getScopeId());
-            List<UserRoleRelation> allUserRelations = userRoleRelationMapper.selectByExample(userRelationExample);
-            Map<String, List<UserRoleRelation>> userRoleRelationMap = allUserRelations.stream().collect(Collectors.groupingBy(UserRoleRelation::getUserId));
-            userRoleRelationMap.forEach((userId, relations) -> {
-                if (relations.size() == 1) {
-                    UserRoleRelation relation = new UserRoleRelation();
-                    relation.setId(UUID.randomUUID().toString());
-                    relation.setUserId(userId);
-                    relation.setSourceId(oldRole.getScopeId());
-                    relation.setRoleId(InternalUserRole.ORG_MEMBER.getValue());
-                    relation.setCreateTime(System.currentTimeMillis());
-                    relation.setCreateUser(currentUserId);
-                    orgMemberRelations.add(relation);
-                }
-            });
-        }
-        if (CollectionUtils.isNotEmpty(orgMemberRelations)) {
-            extUserRoleRelationMapper.batchInsert(orgMemberRelations);
-        }
-        userRoleRelationMapper.deleteByExample(relationExample);
-        UserRolePermissionExample permissionExample = new UserRolePermissionExample();
-        permissionExample.createCriteria().andRoleIdEqualTo(roleId);
-        userRolePermissionMapper.deleteByExample(permissionExample);
+        checkOrgUserRole(userRole);
+        super.delete(userRole, InternalUserRole.ORG_MEMBER.getValue(), currentUserId);
     }
 
     public List<User> listMember(OrganizationUserRoleMemberRequest request) {
diff --git a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/GlobalUserRoleControllerTests.java b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/GlobalUserRoleControllerTests.java
index ff41c199ac..be7d4a3b21 100644
--- a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/GlobalUserRoleControllerTests.java
+++ b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/GlobalUserRoleControllerTests.java
@@ -4,6 +4,7 @@ import io.metersphere.sdk.base.BaseTest;
 import io.metersphere.sdk.constants.InternalUserRole;
 import io.metersphere.sdk.constants.PermissionConstants;
 import io.metersphere.sdk.constants.UserRoleType;
+import io.metersphere.sdk.constants.UserSourceEnum;
 import io.metersphere.sdk.dto.Permission;
 import io.metersphere.sdk.dto.PermissionDefinitionItem;
 import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
@@ -11,11 +12,18 @@ import io.metersphere.sdk.dto.request.UserRoleUpdateRequest;
 import io.metersphere.sdk.log.constants.OperationLogType;
 import io.metersphere.sdk.service.BaseUserRolePermissionService;
 import io.metersphere.sdk.service.BaseUserRoleRelationService;
+import io.metersphere.sdk.service.BaseUserRoleService;
 import io.metersphere.sdk.util.BeanUtils;
+import io.metersphere.sdk.util.SessionUtils;
 import io.metersphere.system.controller.param.PermissionSettingUpdateRequestDefinition;
 import io.metersphere.system.controller.param.UserRoleUpdateRequestDefinition;
+import io.metersphere.system.domain.User;
 import io.metersphere.system.domain.UserRole;
+import io.metersphere.system.domain.UserRoleRelation;
+import io.metersphere.system.domain.UserRoleRelationExample;
+import io.metersphere.system.mapper.UserMapper;
 import io.metersphere.system.mapper.UserRoleMapper;
+import io.metersphere.system.mapper.UserRoleRelationMapper;
 import jakarta.annotation.Resource;
 import org.apache.commons.collections.CollectionUtils;
 import org.junit.jupiter.api.*;
@@ -27,7 +35,7 @@ import org.testcontainers.shaded.org.apache.commons.lang3.StringUtils;
 import java.util.*;
 import java.util.stream.Collectors;
 
-import static io.metersphere.sdk.constants.InternalUserRole.ADMIN;
+import static io.metersphere.sdk.constants.InternalUserRole.*;
 import static io.metersphere.sdk.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
 import static io.metersphere.system.controller.result.SystemResultCode.*;
 import static io.metersphere.system.service.GlobalUserRoleService.GLOBAL_SCOPE;
@@ -48,6 +56,11 @@ class GlobalUserRoleControllerTests extends BaseTest {
 
     // 保存创建的用户组，方便之后的修改和删除测试使用
     private static UserRole addUserRole;
+    private static UserRole anotherUserRole;
+    @Resource
+    private UserMapper userMapper;
+    @Resource
+    private UserRoleRelationMapper userRoleRelationMapper;
     @Override
     protected String getBasePath() {
         return BASE_PATH;
@@ -90,12 +103,18 @@ class GlobalUserRoleControllerTests extends BaseTest {
         Assertions.assertEquals(request.getName(), userRole.getName());
         Assertions.assertEquals(request.getType(), userRole.getType());
         Assertions.assertEquals(request.getDescription(), userRole.getDescription());
+
         // @@校验日志
         checkLog(this.addUserRole.getId(), OperationLogType.ADD);
 
         // @@重名校验异常
         assertErrorCode(this.requestPost(DEFAULT_ADD, request), GLOBAL_USER_ROLE_EXIST);
 
+        // 在添加一条数据，供删除没有关联用户的用户组使用，提高覆盖率
+        request.setName("other name");
+        MvcResult anotherMvcResult = this.requestPostWithOkAndReturn(DEFAULT_ADD, request);
+        anotherUserRole = userRoleMapper.selectByPrimaryKey(getResultData(anotherMvcResult, UserRole.class).getId());
+
         // @@异常参数校验
         createdGroupParamValidateTest(UserRoleUpdateRequestDefinition.class, DEFAULT_ADD);
 
@@ -242,8 +261,10 @@ class GlobalUserRoleControllerTests extends BaseTest {
     @Test
     @Order(3)
     void delete() throws Exception {
+        // 校验删除该用户组，没有用户组的用户会默认添加系统成员用户组
+        UserRoleRelation userRoleRelation = prepareOneLimitTest(addUserRole.getId());
         // @@请求成功
-        this.requestGet(DEFAULT_DELETE, addUserRole.getId());
+        this.requestGetWithOk(DEFAULT_DELETE, addUserRole.getId());
         // 校验请求成功数据
         Assertions.assertNull(userRoleMapper.selectByPrimaryKey(addUserRole.getId()));
         // 校验用户组与权限的关联关系是否删除
@@ -251,6 +272,17 @@ class GlobalUserRoleControllerTests extends BaseTest {
         // 校验用户组与用户的关联关系是否删除
         Assertions.assertTrue(CollectionUtils.isEmpty(baseUserRoleRelationService.getByRoleId(addUserRole.getId())));
 
+        // 校验删除该用户组，没有用户组的用户会默认添加系统成员用户组
+        UserRoleRelationExample example = new UserRoleRelationExample();
+        example.createCriteria().andUserIdEqualTo(userRoleRelation.getUserId());
+        List<UserRoleRelation> userRoleRelations = userRoleRelationMapper.selectByExample(example);
+        Assertions.assertTrue(userRoleRelations.size() == 1);
+        Assertions.assertTrue(StringUtils.equals(userRoleRelations.get(0).getRoleId(), MEMBER.getValue()));
+        clearOneLimitTest(userRoleRelation.getUserId());
+
+        // 删除没有关联用户的用户组
+        this.requestGetWithOk(DEFAULT_DELETE, anotherUserRole.getId());
+
         // @@校验日志
         checkLog(addUserRole.getId(), OperationLogType.DELETE);
 
@@ -276,4 +308,42 @@ class GlobalUserRoleControllerTests extends BaseTest {
         userRoleMapper.insert(nonGlobalUserRole);
         return nonGlobalUserRole;
     }
+
+    /**
+     * 创建一个用户和只有一个用户组的
+     * 用于测试删除该用户组后，没有用户组的用户会默认添加系统成员用户组
+     *
+     */
+    private UserRoleRelation prepareOneLimitTest(String userRoleId) {
+        // 插入一条用户数据
+        User user = new User();
+        user.setId(UUID.randomUUID().toString());
+        user.setCreateUser(SessionUtils.getUserId());
+        user.setName("test one user role");
+        user.setSource(UserSourceEnum.LOCAL.name());
+        user.setEmail("1111111111@qq.com");
+        user.setCreateTime(System.currentTimeMillis());
+        user.setUpdateTime(System.currentTimeMillis());
+        user.setCreateUser(ADMIN.getValue());
+        user.setUpdateUser(ADMIN.getValue());
+        user.setEnable(true);
+        user.setDeleted(false);
+        userMapper.insert(user);
+        UserRoleRelation roleRelation = new UserRoleRelation();
+        roleRelation.setId(UUID.randomUUID().toString());
+        roleRelation.setCreateTime(System.currentTimeMillis());
+        roleRelation.setRoleId(userRoleId);
+        roleRelation.setCreateUser(ADMIN.getValue());
+        roleRelation.setUserId(user.getId());
+        roleRelation.setSourceId(BaseUserRoleService.SYSTEM_TYPE);
+        userRoleRelationMapper.insert(roleRelation);
+        return roleRelation;
+    }
+
+    /**
+     * 清理测试数据
+     */
+    private void clearOneLimitTest(String userId) {
+        userMapper.deleteByPrimaryKey(userId);
+    }
 }
\ No newline at end of file
diff --git a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/GlobalUserRoleRelationControllerTests.java b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/GlobalUserRoleRelationControllerTests.java
index 43f2338d2b..b4f9887b55 100644
--- a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/GlobalUserRoleRelationControllerTests.java
+++ b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/GlobalUserRoleRelationControllerTests.java
@@ -5,6 +5,7 @@ import io.metersphere.sdk.constants.PermissionConstants;
 import io.metersphere.sdk.dto.UserRoleRelationUserDTO;
 import io.metersphere.sdk.dto.request.GlobalUserRoleRelationUpdateRequest;
 import io.metersphere.sdk.log.constants.OperationLogType;
+import io.metersphere.sdk.service.BaseUserRoleService;
 import io.metersphere.sdk.util.Pager;
 import io.metersphere.system.controller.param.GlobalUserRoleRelationQueryRequestDefinition;
 import io.metersphere.system.controller.param.GlobalUserRoleRelationUpdateRequestDefinition;
@@ -102,12 +103,9 @@ class GlobalUserRoleRelationControllerTests extends BaseTest {
         request.setUserIds(Arrays.asList(ADMIN.getValue()));
         request.setRoleId(nonInternalUserRole.getId());
         this.requestPostWithOk(DEFAULT_ADD, request);
-        UserRoleRelationExample example = new UserRoleRelationExample();
-        example.createCriteria()
-                .andRoleIdEqualTo(request.getRoleId())
-                .andUserIdEqualTo(ADMIN.getValue());
-        Assertions.assertTrue(CollectionUtils.isNotEmpty(userRoleRelationMapper.selectByExample(example)));
-        addUserRoleRelation = userRoleRelationMapper.selectByExample(example).get(0);
+        List<UserRoleRelation> userRoleRelations = getUserRoleRelationByRoleIdAndUserId(request.getRoleId(), ADMIN.getValue());
+        Assertions.assertTrue(CollectionUtils.isNotEmpty(userRoleRelations));
+        addUserRoleRelation = userRoleRelations.get(0);
 
         // @@校验日志
         checkLog(addUserRoleRelation.getRoleId(), OperationLogType.ADD);
@@ -153,14 +151,14 @@ class GlobalUserRoleRelationControllerTests extends BaseTest {
         // @@操作非全局用户组异常
         assertErrorCode(this.requestGet(DEFAULT_DELETE, getNonGlobalUserRoleRelation().getId()), GLOBAL_USER_ROLE_PERMISSION);
 
+        // @@校验必须有一个系统用户组
+        UserRoleRelation permissionUserRoleRelation = userRoleRelationMapper.selectByPrimaryKey(BaseUserRoleService.SYSTEM_TYPE);
+        assertErrorCode(this.requestGet(DEFAULT_DELETE, permissionUserRoleRelation.getId()), GLOBAL_USER_ROLE_LIMIT);
+
         // @@删除admin系统管理员用户组异常
-        UserRoleRelationExample example = new UserRoleRelationExample();
-        example.createCriteria()
-                .andRoleIdEqualTo(ADMIN.getValue())
-                .andUserIdEqualTo(ADMIN.getValue());
-        List<UserRoleRelation> userRoleRelations = userRoleRelationMapper.selectByExample(example);
+        List<UserRoleRelation> userRoleRelations = getUserRoleRelationByRoleIdAndUserId(ADMIN.getValue(), ADMIN.getValue());
         assertErrorCode(this.requestGet(DEFAULT_DELETE, userRoleRelations.get(0).getId()),
-               USER_ROLE_RELATION_REMOVE_ADMIN_USER_PERMISSION);
+                USER_ROLE_RELATION_REMOVE_ADMIN_USER_PERMISSION);
 
         // @@校验权限
         requestGetPermissionTest(PermissionConstants.SYSTEM_USER_ROLE_UPDATE, DEFAULT_DELETE, addUserRoleRelation.getId());
@@ -222,4 +220,12 @@ class GlobalUserRoleRelationControllerTests extends BaseTest {
         userRoleMapper.insert(nonInternalRole);
         return nonInternalRole;
     }
+
+    private List<UserRoleRelation> getUserRoleRelationByRoleIdAndUserId(String roleId, String userId) {
+        UserRoleRelationExample example = new UserRoleRelationExample();
+        example.createCriteria()
+                .andRoleIdEqualTo(roleId)
+                .andUserIdEqualTo(userId);
+        return userRoleRelationMapper.selectByExample(example);
+    }
 }