feat: 合并yunteng的IOT代码

+package org.thingsboard.server.controller.yunteng;
+
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.util.Assert;
+import org.springframework.web.bind.annotation.*;
+import org.thingsboard.server.common.data.exception.ThingsboardException;
+import org.thingsboard.server.common.data.yunteng.dto.RoleDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.RoleReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.OrderTypeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.controller.BaseController;
+import org.thingsboard.server.dao.yunteng.service.RoleService;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Set;
+
+import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*;
+
+
+@RestController
+@RequestMapping("api/v1/role")
+@RequiredArgsConstructor
+public class RoleController extends BaseController {
+
+  private final RoleService roleService;
+
+  @GetMapping(params = {PAGE_SIZE, PAGE})
+  public PageData<RoleDTO> pageRole(
+      @RequestParam(PAGE_SIZE) int pageSize,
+      @RequestParam(PAGE) int page,
+      @RequestParam(value = "roleName", required = false) String roleName,
+      @RequestParam(value = "status", required = false) Integer status,
+      @RequestParam(value = "roleType", required = false) RoleEnum roleType,
+      @RequestParam(value = ORDER_FILED, required = false) String orderBy,
+      @RequestParam(value = ORDER_TYPE, required = false) OrderTypeEnum orderType) throws ThingsboardException {
+    HashMap<String, Object> queryMap = new HashMap<>();
+    queryMap.put(PAGE_SIZE, pageSize);
+    queryMap.put(PAGE, page);
+    queryMap.put(ORDER_FILED, orderBy);
+    queryMap.put("roleName", roleName);
+    if (status != null) {
+      queryMap.put("status", status == 1);
+    }
+    if(roleType !=null){
+      queryMap.put("roleType", roleType.name());
+    }
+    if (orderType != null) {
+      queryMap.put(ORDER_TYPE, orderType.name());
+    }
+    return roleService.page(getCurrentUser().isSysadmin(), getCurrentUser().isPlatformAdmin(), getCurrentUser().getCurrentTenantId(),queryMap);
+  }
+
+  @DeleteMapping
+  public void deleteRole(@RequestBody String[] ids) throws ThingsboardException {
+    roleService.deleteRole(ids,getCurrentUser().getCurrentTenantId());
+  }
+
+  @GetMapping("/me/permissions")
+  public Set<String> getPermissions() throws ThingsboardException {
+    return roleService.getPermissions(getCurrentUser().isSysadmin(), getCurrentUser().isTenantAdmin(), getCurrentUser().getCurrentTenantId(), getCurrentUser().getCurrentUserId());
+  }
+
+  @PutMapping("updateRoleStatus/{roleId}/{status}")
+  public void updateRoleStatus(
+      @PathVariable("roleId") String roleId, @PathVariable("status") int status) throws ThingsboardException {
+    Assert.isTrue(status == 0 || status == 1, "role status is not correct");
+    roleService.updateRoleStatus(roleId, status, getCurrentUser().isSysadmin() ,getCurrentUser().getCurrentTenantId());
+  }
+
+  @PostMapping("saveOrUpdateRoleInfoWithMenu")
+  public RoleDTO saveOrUpdateRoleInfoWithMenu(@RequestBody RoleReqDTO roleReqDTO) throws ThingsboardException {
+    return roleService.saveOrUpdateRoleInfoWithMenu(
+        roleReqDTO,
+        getCurrentUser().isSysadmin(),
+        getCurrentUser().isPlatformAdmin(),
+        getCurrentUser().getCurrentTenantId());
+  }
+
+  @PostMapping("/find/list")
+  public List<RoleDTO> findRoleInfoList(@RequestBody RoleDTO roleDTO) throws ThingsboardException {
+    return roleService.findRoleInfo(getCurrentUser().isTenantAdmin(), getCurrentUser().getCurrentTenantId(),getCurrentUser().getCurrentUserId(), roleDTO);
+  }
+}

+package org.thingsboard.server.controller.yunteng;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.util.Assert;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import org.thingsboard.server.common.data.exception.ThingsboardException;
+import org.thingsboard.server.common.data.yunteng.common.UpdateGroup;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.dto.MenuDTO;
+import org.thingsboard.server.common.data.yunteng.dto.TenantDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.TenantReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.OrderTypeEnum;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.controller.BaseController;
+import org.thingsboard.server.dao.yunteng.service.MenuService;
+import org.thingsboard.server.dao.yunteng.service.YtTenantService;
+import org.thingsboard.server.dao.yunteng.service.YtUserService;
+
+import java.net.URI;
+import java.util.*;
+
+import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*;
+
+@RestController
+@RequestMapping("api/v1/admin")
+@RequiredArgsConstructor
+@PreAuthorize("hasAnyRole('SYS_ADMIN','PLATFORM_ADMIN')")
+public class YtAdminController extends BaseController {
+
+  private final YtTenantService ytTenantService;
+  private final MenuService menuService;
+  private final YtUserService userService;
+
+  @PostMapping("/tenant")
+  public ResponseEntity<TenantDTO> saveTenant(@RequestBody TenantReqDTO tenantReqDTO) {
+    TenantDTO newTenant = ytTenantService.createNewTenant(tenantReqDTO);
+    URI location =
+        ServletUriComponentsBuilder.fromCurrentRequest()
+            .path("/tenant/getById/{id}")
+            .buildAndExpand(newTenant.getId())
+            .toUri();
+    return ResponseEntity.created(location).body(newTenant);
+  }
+
+  @GetMapping(
+      path = "tenant/page",
+      params = {PAGE_SIZE, PAGE})
+  public PageData<TenantDTO> pageUser(
+      @RequestParam(PAGE_SIZE) int pageSize,
+      @RequestParam(PAGE) int page,
+      @RequestParam(value = "tenantName", required = false) String tenantName,
+      @RequestParam(value = ORDER_FILED, required = false) String orderBy,
+      @RequestParam(value = ORDER_TYPE, required = false) OrderTypeEnum orderType) {
+    HashMap<String, Object> queryMap = new HashMap<>();
+    queryMap.put(PAGE_SIZE, pageSize);
+    queryMap.put(PAGE, page);
+    queryMap.put(ORDER_FILED, orderBy);
+    if (orderType != null) {
+      queryMap.put(ORDER_TYPE, orderType.name());
+    }
+    queryMap.put("tenantName", tenantName);
+    return ytTenantService.page(queryMap);
+  }
+
+  @PutMapping("/tenant")
+  public TenantDTO updateTenant(@RequestBody TenantDTO tenantDTO) {
+    Assert.notNull(tenantDTO, "tenant cannot be null");
+    Assert.notNull(tenantDTO.getId(), "tenant id cannot be null when update");
+    return ytTenantService.updateTenant(tenantDTO);
+  }
+
+  @GetMapping("/tenant/roles/{tenantCode}")
+  public ResponseEntity<List<String>> getTenantRolesByTenantCode(
+      @PathVariable("tenantCode") String tenantCode) {
+    return ResponseEntity.ok(ytTenantService.getTenantRolesByTenantCode(tenantCode));
+  }
+
+  @DeleteMapping("/tenant")
+  public void deleteTenant(@RequestBody String[] ids) {
+    Assert.notNull(ids, "ids cannot be null");
+    if (ids.length == 0) {
+      throw new DataValidationException("id cannot be empty");
+    }
+    ytTenantService.deleteTenants(ids);
+  }
+
+  @DeleteMapping("/user/deleteTenantAdmin")
+  public void deleteTenantAdmin(@RequestBody String[] ids) throws ThingsboardException {
+    Assert.notNull(ids, "ids cannot be null");
+    userService.deleteUser(
+        new HashSet<>(Arrays.asList(ids)),
+        getCurrentUser().isSysadmin(),
+        getCurrentUser().getCurrentTenantId());
+  }
+
+  @GetMapping("/tenant/getById/{id}")
+  public ResponseEntity<TenantDTO> getTenant(@PathVariable("id") String id) {
+    return ResponseEntity.of(ytTenantService.findById(id));
+  }
+
+  @PostMapping("/tenant/adminUser")
+  public ResponseEntity<UserDTO> createTenantAdmin(
+      @RequestParam(value = "sendEmail", required = false, defaultValue = "false")
+          boolean sendEmail,
+      @RequestParam(value = "sendMsg", required = false, defaultValue = "false") boolean sendMsg,
+      @RequestBody UserDTO userDTO)
+      throws ThingsboardException {
+    UserDTO newUserDTO =
+        userService.saveAccount(
+            userDTO,
+            sendEmail,
+            sendMsg,
+            getCurrentUser().isSysadmin(),
+            getCurrentUser().getCurrentTenantId());
+    Optional<UserDTO> optional =
+        userService.getUser(
+            newUserDTO.getId(),
+            getCurrentUser().isSysadmin(),
+            getCurrentUser().getCurrentTenantId());
+    return ResponseEntity.ok(optional.get());
+  }
+
+  @GetMapping("/menu/getAll")
+  public ResponseEntity<List<MenuDTO>> getMenus() throws ThingsboardException {
+    return ResponseEntity.ok(menuService.getAllMenus(getCurrentUser().getCurrentTenantId()));
+  }
+
+  @GetMapping("me/menus")
+  public ResponseEntity<List<MenuDTO>> getMyMenus() throws ThingsboardException {
+    return ResponseEntity.ok(
+        menuService.getMyMenus(
+            getCurrentUser().getCurrentTenantId(),
+            getCurrentUser().getCurrentUserId(),
+            getCurrentUser().isSysadmin(), getCurrentUser().isTenantAdmin()));
+  }
+
+  @PutMapping("/menu/assign/{tenantCode}")
+  public void assignMenuToTenant(
+      @RequestBody String[] menuIds, @PathVariable("tenantCode") String tenantCode) throws ThingsboardException {
+    menuService.assignMenuToTenant(getCurrentUser().getCurrentTenantId(), menuIds);
+  }
+
+  @PostMapping("tenant/updateOrCreateTenant")
+  public TenantDTO updateOrCreateTenant(
+      @Validated(UpdateGroup.class) @RequestBody TenantReqDTO tenantReqDTO) {
+    return ytTenantService.updateOrCreateTenant(tenantReqDTO);
+  }
+}

+package org.thingsboard.server.controller.yunteng;
+
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.ApiResponse;
+import io.swagger.annotations.ApiResponses;
+import lombok.RequiredArgsConstructor;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.util.Assert;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import org.thingsboard.server.common.data.exception.ThingsboardException;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+import org.thingsboard.server.common.data.yunteng.common.DeleteGroup;
+import org.thingsboard.server.common.data.yunteng.utils.Demo;
+import org.thingsboard.server.common.data.yunteng.utils.ExcelUtil;
+import org.thingsboard.server.common.data.yunteng.dto.DeleteDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserInfoDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.AccountReqDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.RoleOrOrganizationReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.OrderTypeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.common.data.yunteng.utils.tools.ResponseResult;
+import org.thingsboard.server.controller.BaseController;
+import org.thingsboard.server.dao.yunteng.service.YtUserService;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.net.URI;
+import java.util.HashMap;
+import java.util.List;
+
+import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*;
+
+@RestController
+@RequestMapping("api/v1/user")
+@RequiredArgsConstructor
+@Api(value = "用户接口")
+public class YtUserController extends BaseController {
+
+  private final YtUserService userService;
+
+  @GetMapping("{userId}")
+  public ResponseEntity<UserDTO> getUser(@PathVariable("userId") String userId)
+      throws ThingsboardException {
+    return ResponseEntity.of(
+        userService.getUser(
+            userId, getCurrentUser().isSysadmin(), getCurrentUser().getCurrentTenantId()));
+  }
+
+  @GetMapping("me/info")
+  @ApiResponses({@ApiResponse(code = 200, message = "OK", response = UserInfoDTO.class)})
+  @ApiOperation(value = "获取当前用户信息")
+  public UserInfoDTO myInfo() throws ThingsboardException {
+    return userService.me(
+        getCurrentUser().getCurrentUserId(),
+        getCurrentUser().getCurrentTenantId(),
+        getCurrentUser().getRoles());
+  }
+
+  @GetMapping(
+      path = "page",
+      params = {PAGE_SIZE, PAGE})
+  public PageData<UserDTO> pageUser(
+      @RequestParam(PAGE_SIZE) int pageSize,
+      @RequestParam(PAGE) int page,
+      @RequestParam(value = "realName", required = false) String realName,
+      @RequestParam(value = "username", required = false) String username,
+      @RequestParam(value = "tenantCode", required = false) String tenantCode,
+      @RequestParam(value = "roleType", required = false) RoleEnum roleType,
+      @RequestParam(value = ORDER_FILED, required = false) String orderBy,
+      @RequestParam(value = ORDER_TYPE, required = false) OrderTypeEnum orderType)
+      throws ThingsboardException {
+    HashMap<String, Object> queryMap = new HashMap<>();
+    queryMap.put(PAGE_SIZE, pageSize);
+    queryMap.put(PAGE, page);
+    queryMap.put(ORDER_FILED, orderBy);
+    queryMap.put("realName", realName);
+    queryMap.put("username", username);
+    if (getCurrentUser().isSysadmin()) {
+      if (StringUtils.isEmpty(tenantCode)) {
+        tenantCode = getCurrentUser().getCurrentTenantId();
+      }
+      queryMap.put("tenantCode", tenantCode);
+    }
+    if (null != roleType) {
+      queryMap.put("roleType", roleType.name());
+    }
+    if (orderType != null) {
+      queryMap.put(ORDER_TYPE, orderType.name());
+    }
+    return userService.page(
+        queryMap,
+        getCurrentUser().isSysadmin(),
+        getCurrentUser().isPlatformAdmin(),
+        getCurrentUser().isTenantAdmin(),
+        getCurrentUser().getCurrentTenantId());
+  }
+
+  @PutMapping
+  public UserDTO updateUser(@RequestBody UserDTO userDTO) throws ThingsboardException {
+    return userService.updateUser(
+        userDTO, getCurrentUser().isSysadmin(), getCurrentUser().getCurrentTenantId());
+  }
+
+  @PostMapping
+  public ResponseEntity<UserDTO> addUser(
+      @RequestParam(value = "sendEmail", required = false, defaultValue = "false")
+          boolean sendEmail,
+      @RequestParam(value = "sendMsg", required = false, defaultValue = "false") boolean sendMsg,
+      @Validated({AddGroup.class}) @RequestBody UserDTO userDTO)
+      throws ThingsboardException {
+    UserDTO newUserDTO =
+        userService.saveAccount(
+            userDTO,
+            sendEmail,
+            sendMsg,
+            getCurrentUser().isSysadmin(),
+            getCurrentUser().getCurrentTenantId());
+    URI location =
+        ServletUriComponentsBuilder.fromCurrentRequest()
+            .path("{id}")
+            .buildAndExpand(newUserDTO.getId())
+            .toUri();
+    return ResponseEntity.created(location).body(newUserDTO);
+  }
+
+  @PreAuthorize("hasRole('SYS_ADMIN')")
+  @PostMapping("saveTenantAdmin")
+  public UserDTO saveTenantAdmin(@RequestBody UserDTO userDTO) throws ThingsboardException {
+    Assert.isTrue(StringUtils.isNotBlank(userDTO.getTenantCode()), "tenant code must exist");
+    Assert.notNull(userDTO.getUsername(), "username must exist");
+    Assert.notNull(userDTO.getRealName(), "real name must exist");
+    return userService.saveTenantAdmin(
+        userDTO, getCurrentUser().isSysadmin(), getCurrentUser().getCurrentTenantId());
+  }
+
+  @DeleteMapping
+  public void deleteUser(@Validated({DeleteGroup.class}) @RequestBody DeleteDTO deleteDTO)
+      throws ThingsboardException {
+    userService.deleteUser(
+        deleteDTO.getIds(), getCurrentUser().isSysadmin(), getCurrentUser().getCurrentTenantId());
+  }
+
+  @RequestMapping(
+      value = "/{userId}/activationLink",
+      method = RequestMethod.GET,
+      produces = "text/plain")
+  public String getActivationLink(
+      @PathVariable("userId") String strUserId, HttpServletRequest request) {
+
+    return null;
+  }
+
+  @GetMapping("getGroupUserByGroupId/{groupId}")
+  public ResponseEntity<List<UserDTO>> getGroupUserByGroupId(
+      @PathVariable("groupId") String groupId) throws ThingsboardException {
+    return ResponseEntity.of(
+        userService.getOrganizationUserByOrganizationId(
+            groupId, getCurrentUser().getCurrentTenantId()));
+  }
+
+  @Demo("这是一个演示的请求，查询当前用户，并将其导出到excel,参照完毕请务必删除")
+  @GetMapping("export")
+  public void export(HttpServletResponse response) throws IOException, ThingsboardException {
+    UserInfoDTO me =
+        userService.me(
+            getCurrentUser().getCurrentUserId(),
+            getCurrentUser().getCurrentTenantId(),
+            getCurrentUser().getRoles());
+    ExcelUtil.exportExcel(response, "用户信息", "user info", List.of(me), UserInfoDTO.class);
+  }
+
+  @GetMapping("/accountExist/{username}")
+  public ResponseResult<UserDTO> accountExist(@PathVariable String username)
+      throws ThingsboardException {
+    return ResponseResult.success(
+        userService.accountExist(username, getCurrentUser().getCurrentTenantId()));
+  }
+
+  @PostMapping("/relation")
+  public String[] getUserRoleOrGroup(
+      @Validated @RequestBody RoleOrOrganizationReqDTO roleOrGroupReqDTO) {
+    return userService.getUserRoleOrOrganization(roleOrGroupReqDTO);
+  }
+
+  @PostMapping("/reset")
+  @ApiOperation(value = "修改密码")
+  public ResponseResult<Boolean> changePassword(@RequestBody AccountReqDTO accountReqDTO) {
+    return ResponseResult.success(userService.changePassword(accountReqDTO));
+  }
+}

@@ -20,13 +20,16 @@ import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.stereotype.Component;
-import org.thingsboard.server.service.security.auth.TokenOutdatingService;
 import org.thingsboard.server.service.security.auth.JwtAuthenticationToken;
+import org.thingsboard.server.service.security.auth.TokenOutdatingService;
 import org.thingsboard.server.service.security.exception.JwtExpiredTokenException;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.model.token.RawAccessJwtToken;
 
+/**
+ * Jwt身份提供者
+ */
 @Component
 @RequiredArgsConstructor
 public class JwtAuthenticationProvider implements AuthenticationProvider {
@@ -34,11 +37,18 @@ public class JwtAuthenticationProvider implements AuthenticationProvider {
     private final JwtTokenFactory tokenFactory;
     private final TokenOutdatingService tokenOutdatingService;
 
+    /**
+     * 进行身份鉴定
+     * @param authentication 证明
+     * @return 证明
+     * @throws AuthenticationException 身份验证异常
+     */
     @Override
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
         RawAccessJwtToken rawAccessToken = (RawAccessJwtToken) authentication.getCredentials();
         SecurityUser securityUser = tokenFactory.parseAccessJwtToken(rawAccessToken);
 
+        //token失效了 过时了
         if (tokenOutdatingService.isOutdated(rawAccessToken, securityUser.getId())) {
             throw new JwtExpiredTokenException("Token is outdated");
         }

@@ -33,15 +33,15 @@ import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.id.UserId;
 import org.thingsboard.server.common.data.security.Authority;
-import org.thingsboard.server.service.security.auth.TokenOutdatingService;
-import org.thingsboard.server.common.data.security.UserCredentials;
-import org.thingsboard.server.dao.customer.CustomerService;
-import org.thingsboard.server.dao.user.UserService;
 import org.thingsboard.server.service.security.auth.RefreshAuthenticationToken;
+import org.thingsboard.server.service.security.auth.TokenOutdatingService;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.model.token.RawAccessJwtToken;
+import org.thingsboard.server.common.data.security.UserCredentials;
+import org.thingsboard.server.dao.customer.CustomerService;
+import org.thingsboard.server.dao.user.UserService;
 
 import java.util.UUID;
 

@@ -17,6 +17,14 @@ package org.thingsboard.server.service.security.auth.jwt.extractor;
 
 import javax.servlet.http.HttpServletRequest;
 
+/**
+ * 令牌器接口
+ */
 public interface TokenExtractor {
+    /**
+     * 提取令牌
+     * @param request 请求
+     * @return 令牌
+     */
     public String extract(HttpServletRequest request);
 }
\ No newline at end of file

@@ -16,7 +16,6 @@
 package org.thingsboard.server.service.security.auth.oauth2;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
@@ -26,7 +25,6 @@ import org.thingsboard.server.common.data.id.CustomerId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.service.security.system.SystemSecurityService;
-import org.thingsboard.server.utils.MiscUtils;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;

@@ -31,10 +31,10 @@ import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.oauth2.OAuth2Registration;
 import org.thingsboard.server.common.data.security.model.JwtToken;
 import org.thingsboard.server.dao.oauth2.OAuth2Service;
+import org.thingsboard.server.service.security.system.SystemSecurityService;
 import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRepository;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
-import org.thingsboard.server.service.security.system.SystemSecurityService;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 /**
  * Copyright © 2016-2021 The Thingsboard Authors
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * <p>http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
+ * <p>Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.thingsboard.server.service.security.auth.rest;
 
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.InsufficientAuthenticationException;
-import org.springframework.security.authentication.LockedException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.authentication.*;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Component;
 import org.springframework.util.Assert;
 import org.thingsboard.server.common.data.Customer;
@@ -36,167 +31,331 @@ import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.id.UserId;
 import org.thingsboard.server.common.data.security.Authority;
 import org.thingsboard.server.common.data.security.UserCredentials;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+import org.thingsboard.server.common.data.yunteng.core.cache.CacheUtils;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailsDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.CodeTTL;
+import org.thingsboard.server.common.data.yunteng.enums.MessageTypeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.MsgTemplatePurposeEnum;
 import org.thingsboard.server.dao.audit.AuditLogService;
 import org.thingsboard.server.dao.customer.CustomerService;
-import org.thingsboard.server.dao.user.UserService;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 import org.thingsboard.server.service.security.system.SystemSecurityService;
+import org.thingsboard.server.dao.user.UserService;
+import org.thingsboard.server.dao.yunteng.service.YtUserService;
 import ua_parser.Client;
 
+import java.time.LocalDateTime;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
 import java.util.UUID;
 
+import static org.thingsboard.server.common.data.yunteng.constant.FastIotConstants.CacheConfigKey.MOBILE_LOGIN_SMS_CODE;
+import static org.thingsboard.server.common.data.yunteng.constant.FastIotConstants.DEFAULT_DELIMITER;
 
 @Component
 @Slf4j
 public class RestAuthenticationProvider implements AuthenticationProvider {
 
-    private final SystemSecurityService systemSecurityService;
-    private final UserService userService;
-    private final CustomerService customerService;
-    private final AuditLogService auditLogService;
-
-    @Autowired
-    public RestAuthenticationProvider(final UserService userService,
-                                      final CustomerService customerService,
-                                      final SystemSecurityService systemSecurityService,
-                                      final AuditLogService auditLogService) {
-        this.userService = userService;
-        this.customerService = customerService;
-        this.systemSecurityService = systemSecurityService;
-        this.auditLogService = auditLogService;
-    }
-
-    @Override
-    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-        Assert.notNull(authentication, "No authentication data provided");
-
-        Object principal = authentication.getPrincipal();
-        if (!(principal instanceof UserPrincipal)) {
-            throw new BadCredentialsException("Authentication Failed. Bad user principal.");
-        }
+  private final SystemSecurityService systemSecurityService;
+  private final UserService userService;
+  private final CustomerService customerService;
+  private final AuditLogService auditLogService;
 
-        UserPrincipal userPrincipal =  (UserPrincipal) principal;
-        if (userPrincipal.getType() == UserPrincipal.Type.USER_NAME) {
-            String username = userPrincipal.getValue();
-            String password = (String) authentication.getCredentials();
-            return authenticateByUsernameAndPassword(authentication, userPrincipal, username, password);
-        } else {
-            String publicId = userPrincipal.getValue();
-            return authenticateByPublicId(userPrincipal, publicId);
-        }
+  @Autowired
+  public RestAuthenticationProvider(
+      final UserService userService,
+      final CustomerService customerService,
+      final SystemSecurityService systemSecurityService,
+      final AuditLogService auditLogService) {
+    this.userService = userService;
+    this.customerService = customerService;
+    this.systemSecurityService = systemSecurityService;
+    this.auditLogService = auditLogService;
+  }
+
+  @Override
+  public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+    Assert.notNull(authentication, "No authentication data provided");
+
+    Object principal = authentication.getPrincipal();
+    if (!(principal instanceof UserPrincipal)) {
+      throw new BadCredentialsException("Authentication Failed. Bad user principal.");
     }
 
-    private Authentication authenticateByUsernameAndPassword(Authentication authentication, UserPrincipal userPrincipal, String username, String password) {
-        User user = userService.findUserByEmail(TenantId.SYS_TENANT_ID, username);
-        if (user == null) {
-            throw new UsernameNotFoundException("User not found: " + username);
-        }
+    UserPrincipal userPrincipal = (UserPrincipal) principal;
+    if (userPrincipal.getType() == UserPrincipal.Type.USER_NAME) {
+      String username = userPrincipal.getValue();
+      String password = (String) authentication.getCredentials();
+      String ytUserName = username;
+      UserDetailsDTO ytDetailDTO = new UserDetailsDTO();
+      if (!FastIotConstants.EMAIL_PATTERN.matcher(username).matches()) {
+        username += FastIotConstants.DEFAULT_EMAIL_SUFFIX_FOR_TB;
+        ytDetailDTO = ytUserDetailsByUserName(ytUserName, password).get();
+      }
+      return authenticateByUsernameAndPassword(
+          ytDetailDTO, authentication, userPrincipal, username, password);
+    } else if (userPrincipal.getType() == UserPrincipal.Type.SMS_CODE) {
+      return ytUserDetailsByPhone(
+          authentication,
+          userPrincipal,
+          userPrincipal.getValue(),
+          (String) authentication.getCredentials());
+    } else {
+      String publicId = userPrincipal.getValue();
+      return authenticateByPublicId(userPrincipal, publicId);
+    }
+  }
 
-        try {
+  private Authentication authenticateByUsernameAndPassword(
+      UserDetailsDTO ytDetailDTO,
+      Authentication authentication,
+      UserPrincipal userPrincipal,
+      String username,
+      String password) {
 
-            UserCredentials userCredentials = userService.findUserCredentialsByUserId(TenantId.SYS_TENANT_ID, user.getId());
-            if (userCredentials == null) {
-                throw new UsernameNotFoundException("User credentials not found");
-            }
+    // TODO 先验证sys_user账号密码是否正确，正确后，在账号后面加上后缀验证TB用户是否正确
+    Object principal = authentication.getPrincipal();
+    if (!(principal instanceof UserPrincipal)) {
+      throw new BadCredentialsException("Authentication Failed. Bad user principal.");
+    }
 
-            try {
-                systemSecurityService.validateUserCredentials(user.getTenantId(), userCredentials, username, password);
-            } catch (LockedException e) {
-                logLoginAction(user, authentication, ActionType.LOCKOUT, null);
-                throw e;
-            }
+    User user = userService.findUserByEmail(TenantId.SYS_TENANT_ID, username);
+    if (user == null) {
+      throw new UsernameNotFoundException("User not found: " + username);
+    }
 
-            if (user.getAuthority() == null)
-                throw new InsufficientAuthenticationException("User has no authority assigned");
+    try {
 
-            SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled(), userPrincipal);
-            logLoginAction(user, authentication, ActionType.LOGIN, null);
-            return new UsernamePasswordAuthenticationToken(securityUser, null, securityUser.getAuthorities());
-        } catch (Exception e) {
-            logLoginAction(user, authentication, ActionType.LOGIN, e);
-            throw e;
-        }
+      UserCredentials userCredentials =
+          userService.findUserCredentialsByUserId(TenantId.SYS_TENANT_ID, user.getId());
+      if (userCredentials == null) {
+        throw new UsernameNotFoundException("User credentials not found");
+      }
+
+      try {
+        systemSecurityService.validateUserCredentials(
+            user.getTenantId(), userCredentials, username, password);
+      } catch (LockedException e) {
+        logLoginAction(user, authentication, ActionType.LOCKOUT, null);
+        throw e;
+      }
+
+      if (user.getAuthority() == null)
+        throw new InsufficientAuthenticationException("User has no authority assigned");
+
+      user.setUserDetailsDTO(ytDetailDTO);
+      SecurityUser securityUser =
+          new SecurityUser(user, userCredentials.isEnabled(), userPrincipal);
+      logLoginAction(user, authentication, ActionType.LOGIN, null);
+      return new UsernamePasswordAuthenticationToken(
+          securityUser, null, securityUser.getAuthorities());
+    } catch (Exception e) {
+      logLoginAction(user, authentication, ActionType.LOGIN, e);
+      throw e;
     }
+  }
 
-    private Authentication authenticateByPublicId(UserPrincipal userPrincipal, String publicId) {
-        CustomerId customerId;
-        try {
-            customerId = new CustomerId(UUID.fromString(publicId));
-        } catch (Exception e) {
-            throw new BadCredentialsException("Authentication Failed. Public Id is not valid.");
-        }
-        Customer publicCustomer = customerService.findCustomerById(TenantId.SYS_TENANT_ID, customerId);
-        if (publicCustomer == null) {
-            throw new UsernameNotFoundException("Public entity not found: " + publicId);
-        }
-        if (!publicCustomer.isPublic()) {
-            throw new BadCredentialsException("Authentication Failed. Public Id is not valid.");
-        }
-        User user = new User(new UserId(EntityId.NULL_UUID));
-        user.setTenantId(publicCustomer.getTenantId());
-        user.setCustomerId(publicCustomer.getId());
-        user.setEmail(publicId);
-        user.setAuthority(Authority.CUSTOMER_USER);
-        user.setFirstName("Public");
-        user.setLastName("Public");
-
-        SecurityUser securityUser = new SecurityUser(user, true, userPrincipal);
-
-        return new UsernamePasswordAuthenticationToken(securityUser, null, securityUser.getAuthorities());
-    }
-
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
-    }
-
-    private void logLoginAction(User user, Authentication authentication, ActionType actionType, Exception e) {
-        String clientAddress = "Unknown";
-        String browser = "Unknown";
-        String os = "Unknown";
-        String device = "Unknown";
-        if (authentication != null && authentication.getDetails() != null) {
-            if (authentication.getDetails() instanceof RestAuthenticationDetails) {
-                RestAuthenticationDetails details = (RestAuthenticationDetails)authentication.getDetails();
-                clientAddress = details.getClientAddress();
-                if (details.getUserAgent() != null) {
-                    Client userAgent = details.getUserAgent();
-                    if (userAgent.userAgent != null) {
-                        browser = userAgent.userAgent.family;
-                        if (userAgent.userAgent.major != null) {
-                            browser += " " + userAgent.userAgent.major;
-                            if (userAgent.userAgent.minor != null) {
-                                browser += "." + userAgent.userAgent.minor;
-                                if (userAgent.userAgent.patch != null) {
-                                    browser += "." + userAgent.userAgent.patch;
-                                }
-                            }
-                        }
-                    }
-                    if (userAgent.os != null) {
-                        os = userAgent.os.family;
-                        if (userAgent.os.major != null) {
-                            os += " " + userAgent.os.major;
-                            if (userAgent.os.minor != null) {
-                                os += "." + userAgent.os.minor;
-                                if (userAgent.os.patch != null) {
-                                    os += "." + userAgent.os.patch;
-                                    if (userAgent.os.patchMinor != null) {
-                                        os += "." + userAgent.os.patchMinor;
-                                    }
-                                }
-                            }
-                        }
-                    }
-                    if (userAgent.device != null) {
-                        device = userAgent.device.family;
-                    }
+  private Authentication authenticateByPublicId(UserPrincipal userPrincipal, String publicId) {
+    CustomerId customerId;
+    try {
+      customerId = new CustomerId(UUID.fromString(publicId));
+    } catch (Exception e) {
+      throw new BadCredentialsException("Authentication Failed. Public Id is not valid.");
+    }
+    Customer publicCustomer = customerService.findCustomerById(TenantId.SYS_TENANT_ID, customerId);
+    if (publicCustomer == null) {
+      throw new UsernameNotFoundException("Public entity not found: " + publicId);
+    }
+    if (!publicCustomer.isPublic()) {
+      throw new BadCredentialsException("Authentication Failed. Public Id is not valid.");
+    }
+    User user = new User(new UserId(EntityId.NULL_UUID));
+    user.setTenantId(publicCustomer.getTenantId());
+    user.setCustomerId(publicCustomer.getId());
+    user.setEmail(publicId);
+    user.setAuthority(Authority.CUSTOMER_USER);
+    user.setFirstName("Public");
+    user.setLastName("Public");
+
+    SecurityUser securityUser = new SecurityUser(user, true, userPrincipal);
+
+    return new UsernamePasswordAuthenticationToken(
+        securityUser, null, securityUser.getAuthorities());
+  }
+
+  @Override
+  public boolean supports(Class<?> authentication) {
+    return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
+  }
+
+  private void logLoginAction(
+      User user, Authentication authentication, ActionType actionType, Exception e) {
+    String clientAddress = "Unknown";
+    String browser = "Unknown";
+    String os = "Unknown";
+    String device = "Unknown";
+    if (authentication != null && authentication.getDetails() != null) {
+      if (authentication.getDetails() instanceof RestAuthenticationDetails) {
+        RestAuthenticationDetails details = (RestAuthenticationDetails) authentication.getDetails();
+        clientAddress = details.getClientAddress();
+        if (details.getUserAgent() != null) {
+          Client userAgent = details.getUserAgent();
+          if (userAgent.userAgent != null) {
+            browser = userAgent.userAgent.family;
+            if (userAgent.userAgent.major != null) {
+              browser += " " + userAgent.userAgent.major;
+              if (userAgent.userAgent.minor != null) {
+                browser += "." + userAgent.userAgent.minor;
+                if (userAgent.userAgent.patch != null) {
+                  browser += "." + userAgent.userAgent.patch;
+                }
+              }
+            }
+          }
+          if (userAgent.os != null) {
+            os = userAgent.os.family;
+            if (userAgent.os.major != null) {
+              os += " " + userAgent.os.major;
+              if (userAgent.os.minor != null) {
+                os += "." + userAgent.os.minor;
+                if (userAgent.os.patch != null) {
+                  os += "." + userAgent.os.patch;
+                  if (userAgent.os.patchMinor != null) {
+                    os += "." + userAgent.os.patchMinor;
+                  }
                 }
+              }
             }
+          }
+          if (userAgent.device != null) {
+            device = userAgent.device.family;
+          }
         }
-        auditLogService.logEntityAction(
-                user.getTenantId(), user.getCustomerId(), user.getId(),
-                user.getName(), user.getId(), null, actionType, e, clientAddress, browser, os, device);
+      }
+    }
+    auditLogService.logEntityAction(
+        user.getTenantId(),
+        user.getCustomerId(),
+        user.getId(),
+        user.getName(),
+        user.getId(),
+        null,
+        actionType,
+        e,
+        clientAddress,
+        browser,
+        os,
+        device);
+  }
+
+  @Autowired private YtUserService ytUserService;
+  @Autowired private CacheUtils cacheUtils;
+  @Autowired private PasswordEncoder passwordEncoder;
+
+  private Optional<UserDetailsDTO> ytUserDetailsByUserName(String username, String password) {
+    List<UserDetailsDTO> users = ytUserService.findUserDetailsByUsername(username);
+
+    if (users.isEmpty()) {
+      throw new UsernameNotFoundException("User not found: " + username);
+    }
+    Optional<UserDetailsDTO> optionalUser =
+        users.stream()
+            .filter(user -> passwordEncoder.matches(password, user.getPassword()))
+            .findAny();
+    if (optionalUser.isEmpty()) {
+      throw new BadCredentialsException("Authentication Failed. Username or Password not valid.");
+    }
+    if (doValidate(optionalUser)) {
+      return optionalUser;
+    }
+    return Optional.empty();
+  }
+
+  private Authentication ytUserDetailsByPhone(
+      Authentication authentication, UserPrincipal userPrincipal, String phoneNumber, String code) {
+    List<UserDetailsDTO> users = ytUserService.getUserByPhoneNumber(phoneNumber);
+    if (users.isEmpty()) {
+      throw new UsernameNotFoundException("phone number not found: " + phoneNumber);
+    }
+    String key =
+        MsgTemplatePurposeEnum.FOR_LOGIN.name()
+            + DEFAULT_DELIMITER
+            + MessageTypeEnum.PHONE_MESSAGE.name()
+            + DEFAULT_DELIMITER
+            + phoneNumber;
+
+    boolean correct =
+        cacheUtils
+            .get(MOBILE_LOGIN_SMS_CODE, key)
+            .map(
+                o -> {
+                  CodeTTL codeTTL = (CodeTTL) o;
+                  if (System.currentTimeMillis() - codeTTL.getSendTs() < 5 * 60 * 1000) {
+                    return Objects.equals(codeTTL.getCode(), code);
+                  } else {
+                    return false;
+                  }
+                })
+            .orElse(false);
+    Optional<UserDetailsDTO> optionalUser;
+    if (!correct) {
+      optionalUser = Optional.empty();
+    } else {
+      optionalUser = Optional.of(users.get(0));
+    }
+    if (optionalUser.isEmpty()) {
+      throw new BadCredentialsException("验证码不正确");
+    }
+
+    String tbEmail =
+        optionalUser.get().getUsername() + FastIotConstants.DEFAULT_EMAIL_SUFFIX_FOR_TB;
+    User user = userService.findUserByEmail(TenantId.SYS_TENANT_ID, tbEmail);
+    if (user == null) {
+      throw new UsernameNotFoundException("User not found: " + tbEmail);
+    }
+
+    try {
+      if (user.getAuthority() == null)
+        throw new InsufficientAuthenticationException("User has no authority assigned");
+
+      user.setUserDetailsDTO(optionalUser.get());
+      SecurityUser securityUser = new SecurityUser(user, true, userPrincipal);
+      logLoginAction(user, authentication, ActionType.LOGIN, null);
+      return new UsernamePasswordAuthenticationToken(
+          securityUser, null, securityUser.getAuthorities());
+    } catch (Exception e) {
+      logLoginAction(user, authentication, ActionType.LOGIN, e);
+      throw e;
+    }
+  }
+
+  private boolean doValidate(Optional<UserDetailsDTO> optionalUser) {
+    UserDetailsDTO detailsDTO = optionalUser.get();
+    boolean tenantEnabled = detailsDTO.getTenant().isEnabled();
+    if (!tenantEnabled) {
+      throw new LockedException("tenant has been disabled");
+    }
+    Optional.ofNullable(detailsDTO.getTenant().getTenantExpireTime())
+        .ifPresent(
+            expireTime -> {
+              if (LocalDateTime.now().isAfter(expireTime)) {
+                throw new AccountExpiredException("tenant has expired");
+              }
+            });
+    Optional.ofNullable(detailsDTO.getAccountExpireTime())
+        .ifPresent(
+            expireTime -> {
+              if (LocalDateTime.now().isAfter(expireTime)) {
+                throw new AccountExpiredException("user account has expired");
+              }
+            });
+    boolean enabled = detailsDTO.isEnabled();
+    if (!enabled) {
+      throw new LockedException("account has been disabled");
     }
+    return true;
+  }
 }

@@ -24,9 +24,9 @@ import org.springframework.security.web.WebAttributes;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.stereotype.Component;
 import org.thingsboard.server.common.data.security.model.JwtToken;
-import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRepository;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
+import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRepository;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;

@@ -28,7 +28,6 @@ import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.thingsboard.server.service.security.exception.AuthMethodNotSupportedException;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 

 /**
  * Copyright © 2016-2021 The Thingsboard Authors
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * <p>http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
+ * <p>Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.thingsboard.server.service.security.model;
 
+import lombok.Getter;
+import lombok.Setter;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.thingsboard.server.common.data.User;
 import org.thingsboard.server.common.data.id.UserId;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailRoleDTO;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
 
+import java.time.LocalDateTime;
 import java.util.Collection;
+import java.util.Optional;
+import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
 public class SecurityUser extends User {
 
-    private static final long serialVersionUID = -797397440703066079L;
+  private static final long serialVersionUID = -797397440703066079L;
 
-    private Collection<GrantedAuthority> authorities;
-    private boolean enabled;
-    private UserPrincipal userPrincipal;
+  private Collection<GrantedAuthority> authorities;
+  private boolean enabled;
+  private UserPrincipal userPrincipal;
+  @Getter
+  private String currentTenantId;
+  @Getter
+  private String currentUserId;
+  @Getter @Setter private LocalDateTime userExpireTime;
+  @Getter @Setter private LocalDateTime tenantExpireTime;
+  @Getter @Setter private boolean sysadmin = false;
+  @Getter @Setter private boolean tenantAdmin = false;
+  @Getter @Setter private boolean platformAdmin = false;
+  @Getter @Setter private Set<String> roles;
 
-    public SecurityUser() {
-        super();
-    }
+  public SecurityUser() {
+    super();
+  }
 
-    public SecurityUser(UserId id) {
-        super(id);
-    }
+  public SecurityUser(UserId id) {
+    super(id);
+  }
 
-    public SecurityUser(User user, boolean enabled, UserPrincipal userPrincipal) {
-        super(user);
-        this.enabled = enabled;
-        this.userPrincipal = userPrincipal;
-    }
+  public SecurityUser(User user, boolean enabled, UserPrincipal userPrincipal) {
+    super(user);
+    this.enabled = enabled;
+    this.userPrincipal = userPrincipal;
+    this.currentTenantId = user.getTenantId().getId().toString();
+    this.currentUserId = user.getUserDetailsDTO().getId();
+    Optional.ofNullable(user.getUserDetailsDTO().getRoles()).map(roleDTOS -> {
+      this.roles =
+              roleDTOS.stream()
+                      .map(UserDetailRoleDTO::getRoleType)
+                      .map(RoleEnum::name)
+                      .collect(Collectors.toSet());
+      this.sysadmin =
+              this.roles.stream().anyMatch(role -> role.equals(RoleEnum.ROLE_SYS_ADMIN.name()));
+      this.tenantAdmin =
+              this.roles.stream().anyMatch(role -> role.equals(RoleEnum.ROLE_TENANT_ADMIN.name()));
+      this.platformAdmin =
+              this.roles.stream().anyMatch(role -> role.equals(RoleEnum.ROLE_PLATFORM_ADMIN.name()));
+      return roleDTOS;
+    });
 
-    public Collection<GrantedAuthority> getAuthorities() {
-        if (authorities == null) {
-            authorities = Stream.of(SecurityUser.this.getAuthority())
-                    .map(authority -> new SimpleGrantedAuthority(authority.name()))
-                    .collect(Collectors.toList());
-        }
-        return authorities;
-    }
+  }
 
-    public boolean isEnabled() {
-        return enabled;
+  public Collection<GrantedAuthority> getAuthorities() {
+    if (authorities == null) {
+      authorities =
+          Stream.of(SecurityUser.this.getAuthority())
+              .map(authority -> new SimpleGrantedAuthority(authority.name()))
+              .collect(Collectors.toList());
     }
+    return authorities;
+  }
 
-    public UserPrincipal getUserPrincipal() {
-        return userPrincipal;
-    }
+  public boolean isEnabled() {
+    return enabled;
+  }
 
-    public void setEnabled(boolean enabled) {
-        this.enabled = enabled;
-    }
+  public UserPrincipal getUserPrincipal() {
+    return userPrincipal;
+  }
 
-    public void setUserPrincipal(UserPrincipal userPrincipal) {
-        this.userPrincipal = userPrincipal;
-    }
+  public void setEnabled(boolean enabled) {
+    this.enabled = enabled;
+  }
 
+  public void setUserPrincipal(UserPrincipal userPrincipal) {
+    this.userPrincipal = userPrincipal;
+  }
 }

@@ -37,7 +37,8 @@ public class UserPrincipal implements Serializable {
 
     public enum Type {
         USER_NAME,
-        PUBLIC_ID
+        PUBLIC_ID,
+        SMS_CODE
     }
 
 }

@@ -15,10 +15,8 @@
  */
 package org.thingsboard.server.service.security.permission;
 
-import org.thingsboard.server.common.data.HasCustomerId;
 import org.thingsboard.server.common.data.HasTenantId;
 import org.thingsboard.server.common.data.id.EntityId;
-import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.service.security.model.SecurityUser;
 
 import java.util.Arrays;

@@ -22,7 +22,6 @@ import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Header;
 import io.jsonwebtoken.Jwt;
 import io.jsonwebtoken.Jwts;
-import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.StringUtils;

@@ -15,81 +15,27 @@
  */
 package org.thingsboard.server.controller;
 
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.Header;
-import io.jsonwebtoken.Jwt;
-import io.jsonwebtoken.Jwts;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringUtils;
-import org.hamcrest.Matcher;
-import org.junit.After;
 import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Rule;
-import org.junit.rules.TestRule;
-import org.junit.rules.TestWatcher;
-import org.junit.runner.Description;
 import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootContextLoader;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.web.server.LocalServerPort;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.MediaType;
-import org.springframework.http.converter.HttpMessageConverter;
-import org.springframework.http.converter.StringHttpMessageConverter;
-import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
-import org.springframework.mock.http.MockHttpInputMessage;
-import org.springframework.mock.http.MockHttpOutputMessage;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
-import org.springframework.test.web.servlet.MockMvc;
-import org.springframework.test.web.servlet.MvcResult;
-import org.springframework.test.web.servlet.ResultActions;
-import org.springframework.test.web.servlet.ResultMatcher;
-import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
-import org.springframework.util.LinkedMultiValueMap;
-import org.springframework.util.MultiValueMap;
-import org.springframework.web.context.WebApplicationContext;
-import org.thingsboard.server.common.data.BaseData;
-import org.thingsboard.server.common.data.Customer;
-import org.thingsboard.server.common.data.Tenant;
-import org.thingsboard.server.common.data.User;
-import org.thingsboard.server.common.data.id.TenantId;
-import org.thingsboard.server.common.data.id.UUIDBased;
-import org.thingsboard.server.common.data.page.PageLink;
-import org.thingsboard.server.common.data.page.TimePageLink;
-import org.thingsboard.server.common.data.security.Authority;
-import org.thingsboard.server.config.ThingsboardSecurityConfiguration;
-import org.thingsboard.server.service.mail.TestMailService;
-import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRequest;
-import org.thingsboard.server.service.security.auth.rest.LoginRequest;
 
-import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Comparator;
-import java.util.List;
 
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.asyncDispatch;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.request;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-import static org.springframework.test.web.servlet.setup.MockMvcBuilders.webAppContextSetup;
 
 @ActiveProfiles("test")
 @RunWith(SpringRunner.class)

@@ -24,7 +24,7 @@ import static org.hamcrest.Matchers.*;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
 
 
-public abstract class BaseAdminControllerTest extends AbstractControllerTest {
+public abstract class BaseYtAdminControllerTest extends AbstractControllerTest {
 
     @Test
     public void testFindAdminSettingsByKey() throws Exception {

@@ -15,12 +15,12 @@
  */
 package org.thingsboard.server.controller.sql;
 
-import org.thingsboard.server.controller.BaseAdminControllerTest;
+import org.thingsboard.server.controller.BaseYtAdminControllerTest;
 import org.thingsboard.server.dao.service.DaoSqlTest;
 
 /**
  * Created by Valerii Sosliuk on 6/28/2017.
  */
 @DaoSqlTest
-public class AdminControllerSqlTest extends BaseAdminControllerTest {
+public class YtAdminControllerSqlTest extends BaseYtAdminControllerTest {
 }

@@ -100,6 +100,78 @@
             <groupId>io.swagger</groupId>
             <artifactId>swagger-annotations</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-autoconfigure</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context-support</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.data</groupId>
+            <artifactId>spring-data-redis</artifactId>
+        </dependency>
+
+        <!--阿里短信SDK -->
+        <dependency>
+            <groupId>com.aliyun</groupId>
+            <artifactId>aliyun-java-sdk-core</artifactId>
+            <version>${aliyun.sdk.core}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.aliyun</groupId>
+            <artifactId>aliyun-java-sdk-dysmsapi</artifactId>
+            <version>${aliyun.sdk.dysmsapi}</version>
+        </dependency>
+        <!-- 邮件发送 -->
+        <dependency>
+            <groupId>com.sun.mail</groupId>
+            <artifactId>jakarta.mail</artifactId>
+            <version>${jakarta.mail.version}</version>
+        </dependency>
+
+        <!--minio-->
+        <dependency>
+            <groupId>io.minio</groupId>
+            <artifactId>minio</artifactId>
+            <version>${io.minio.version}</version>
+        </dependency>
+        <!--alibaba easyExcel-->
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>easyexcel</artifactId>
+            <version>${com.alibaba.easyexcel.version}</version>
+        </dependency>
+        <!-- aspectj -->
+        <dependency>
+            <groupId>org.aspectj</groupId>
+            <artifactId>aspectjweaver</artifactId>
+            <version>1.9.6</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.thingsboard.common</groupId>
+            <artifactId>util</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.aspectj</groupId>
+            <artifactId>aspectjrt</artifactId>
+            <version>1.9.6</version>
+        </dependency>
     </dependencies>
 
     <build>

 /**
  * Copyright © 2016-2021 The Thingsboard Authors
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * <p>http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
+ * <p>Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.thingsboard.server.common.data;
@@ -21,6 +19,8 @@ import com.fasterxml.jackson.databind.JsonNode;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.Setter;
 import org.thingsboard.server.common.data.id.CustomerId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.TenantId;
@@ -28,167 +28,202 @@ import org.thingsboard.server.common.data.id.UserId;
 import org.thingsboard.server.common.data.security.Authority;
 import org.thingsboard.server.common.data.validation.Length;
 import org.thingsboard.server.common.data.validation.NoXss;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailRoleDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailsDTO;
+
+import java.util.Set;
 
 @ApiModel
 @EqualsAndHashCode(callSuper = true)
-public class User extends SearchTextBasedWithAdditionalInfo<UserId> implements HasName, HasTenantId, HasCustomerId {
-
-    private static final long serialVersionUID = 8250339805336035966L;
-
-    private TenantId tenantId;
-    private CustomerId customerId;
-    private String email;
-    private Authority authority;
-    @NoXss
-    @Length(fieldName = "first name")
-    private String firstName;
-    @NoXss
-    @Length(fieldName = "last name")
-    private String lastName;
-
-    public User() {
-        super();
-    }
-
-    public User(UserId id) {
-        super(id);
-    }
-
-    public User(User user) {
-        super(user);
-        this.tenantId = user.getTenantId();
-        this.customerId = user.getCustomerId();
-        this.email = user.getEmail();
-        this.authority = user.getAuthority();
-        this.firstName = user.getFirstName();
-        this.lastName = user.getLastName();
-    }
-
-
-    @ApiModelProperty(position = 1, value = "JSON object with the User Id. " +
-            "Specify this field to update the device. " +
-            "Referencing non-existing User Id will cause error. " +
-            "Omit this field to create new customer." )
-    @Override
-    public UserId getId() {
-        return super.getId();
-    }
-
-    @ApiModelProperty(position = 2, value = "Timestamp of the user creation, in milliseconds", example = "1609459200000", readOnly = true)
-    @Override
-    public long getCreatedTime() {
-        return super.getCreatedTime();
-    }
-
-    @ApiModelProperty(position = 3, value = "JSON object with the Tenant Id.", readOnly = true)
-    public TenantId getTenantId() {
-        return tenantId;
-    }
-
-    public void setTenantId(TenantId tenantId) {
-        this.tenantId = tenantId;
-    }
-
-    @ApiModelProperty(position = 4, value = "JSON object with the Customer Id.", readOnly = true)
-    public CustomerId getCustomerId() {
-        return customerId;
-    }
-
-    public void setCustomerId(CustomerId customerId) {
-        this.customerId = customerId;
-    }
-
-    @ApiModelProperty(position = 5, required = true, value = "Email of the user", example = "user@example.com")
-    public String getEmail() {
-        return email;
-    }
-
-    public void setEmail(String email) {
-        this.email = email;
-    }
-
-    @ApiModelProperty(position = 6, readOnly = true, value = "Duplicates the email of the user, readonly", example = "user@example.com")
-    @Override
-    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
-    public String getName() {
-        return email;
-    }
-
-    @ApiModelProperty(position = 7, required = true, value = "Authority", example = "SYS_ADMIN, TENANT_ADMIN or CUSTOMER_USER")
-    public Authority getAuthority() {
-        return authority;
-    }
-
-    public void setAuthority(Authority authority) {
-        this.authority = authority;
-    }
-
-    @ApiModelProperty(position = 8, required = true, value = "First name of the user", example = "John")
-    public String getFirstName() {
-        return firstName;
-    }
-
-    public void setFirstName(String firstName) {
-        this.firstName = firstName;
-    }
-
-    @ApiModelProperty(position = 9, required = true, value = "Last name of the user", example = "Doe")
-    public String getLastName() {
-        return lastName;
-    }
-
-    public void setLastName(String lastName) {
-        this.lastName = lastName;
-    }
-
-    @ApiModelProperty(position = 10, value = "Additional parameters of the user", dataType = "com.fasterxml.jackson.databind.JsonNode")
-    @Override
-    public JsonNode getAdditionalInfo() {
-        return super.getAdditionalInfo();
-    }
-
-    @Override
-    public String getSearchText() {
-        return getEmail();
-    }
-
-    @Override
-    public String toString() {
-        StringBuilder builder = new StringBuilder();
-        builder.append("User [tenantId=");
-        builder.append(tenantId);
-        builder.append(", customerId=");
-        builder.append(customerId);
-        builder.append(", email=");
-        builder.append(email);
-        builder.append(", authority=");
-        builder.append(authority);
-        builder.append(", firstName=");
-        builder.append(firstName);
-        builder.append(", lastName=");
-        builder.append(lastName);
-        builder.append(", additionalInfo=");
-        builder.append(getAdditionalInfo());
-        builder.append(", createdTime=");
-        builder.append(createdTime);
-        builder.append(", id=");
-        builder.append(id);
-        builder.append("]");
-        return builder.toString();
-    }
-
-    @JsonIgnore
-    public boolean isSystemAdmin() {
-        return tenantId == null || EntityId.NULL_UUID.equals(tenantId.getId());
-    }
-
-    @JsonIgnore
-    public boolean isTenantAdmin() {
-        return !isSystemAdmin() && (customerId == null || EntityId.NULL_UUID.equals(customerId.getId()));
-    }
-
-    @JsonIgnore
-    public boolean isCustomerUser() {
-        return !isSystemAdmin() && !isTenantAdmin();
-    }
+public class User extends SearchTextBasedWithAdditionalInfo<UserId>
+    implements HasName, HasTenantId, HasCustomerId {
+
+  private static final long serialVersionUID = 8250339805336035966L;
+
+  private TenantId tenantId;
+  private CustomerId customerId;
+  private String email;
+  private Authority authority;
+
+  @NoXss
+  @Length(fieldName = "first name")
+  private String firstName;
+
+  @NoXss
+  @Length(fieldName = "last name")
+  private String lastName;
+  /** 平台的用户详情 */
+  @Getter @Setter private UserDetailsDTO userDetailsDTO;
+
+  public User() {
+    super();
+  }
+
+  public User(UserId id) {
+    super(id);
+  }
+
+  public User(User user) {
+    super(user);
+    this.tenantId = user.getTenantId();
+    this.customerId = user.getCustomerId();
+    this.email = user.getEmail();
+    this.authority = user.getAuthority();
+    this.firstName = user.getFirstName();
+    this.lastName = user.getLastName();
+  }
+
+  @ApiModelProperty(
+      position = 1,
+      value =
+          "JSON object with the User Id. "
+              + "Specify this field to update the device. "
+              + "Referencing non-existing User Id will cause error. "
+              + "Omit this field to create new customer.")
+  @Override
+  public UserId getId() {
+    return super.getId();
+  }
+
+  @ApiModelProperty(
+      position = 2,
+      value = "Timestamp of the user creation, in milliseconds",
+      example = "1609459200000",
+      readOnly = true)
+  @Override
+  public long getCreatedTime() {
+    return super.getCreatedTime();
+  }
+
+  @ApiModelProperty(position = 3, value = "JSON object with the Tenant Id.", readOnly = true)
+  public TenantId getTenantId() {
+    return tenantId;
+  }
+
+  public void setTenantId(TenantId tenantId) {
+    this.tenantId = tenantId;
+  }
+
+  @ApiModelProperty(position = 4, value = "JSON object with the Customer Id.", readOnly = true)
+  public CustomerId getCustomerId() {
+    return customerId;
+  }
+
+  public void setCustomerId(CustomerId customerId) {
+    this.customerId = customerId;
+  }
+
+  @ApiModelProperty(
+      position = 5,
+      required = true,
+      value = "Email of the user",
+      example = "user@example.com")
+  public String getEmail() {
+    return email;
+  }
+
+  public void setEmail(String email) {
+    this.email = email;
+  }
+
+  @ApiModelProperty(
+      position = 6,
+      readOnly = true,
+      value = "Duplicates the email of the user, readonly",
+      example = "user@example.com")
+  @Override
+  @JsonProperty(access = JsonProperty.Access.READ_ONLY)
+  public String getName() {
+    return email;
+  }
+
+  @ApiModelProperty(
+      position = 7,
+      required = true,
+      value = "Authority",
+      example = "SYS_ADMIN, TENANT_ADMIN or CUSTOMER_USER")
+  public Authority getAuthority() {
+    return authority;
+  }
+
+  public void setAuthority(Authority authority) {
+    this.authority = authority;
+  }
+
+  @ApiModelProperty(
+      position = 8,
+      required = true,
+      value = "First name of the user",
+      example = "John")
+  public String getFirstName() {
+    return firstName;
+  }
+
+  public void setFirstName(String firstName) {
+    this.firstName = firstName;
+  }
+
+  @ApiModelProperty(position = 9, required = true, value = "Last name of the user", example = "Doe")
+  public String getLastName() {
+    return lastName;
+  }
+
+  public void setLastName(String lastName) {
+    this.lastName = lastName;
+  }
+
+  @ApiModelProperty(
+      position = 10,
+      value = "Additional parameters of the user",
+      dataType = "com.fasterxml.jackson.databind.JsonNode")
+  @Override
+  public JsonNode getAdditionalInfo() {
+    return super.getAdditionalInfo();
+  }
+
+  @Override
+  public String getSearchText() {
+    return getEmail();
+  }
+
+  @Override
+  public String toString() {
+    StringBuilder builder = new StringBuilder();
+    builder.append("User [tenantId=");
+    builder.append(tenantId);
+    builder.append(", customerId=");
+    builder.append(customerId);
+    builder.append(", email=");
+    builder.append(email);
+    builder.append(", authority=");
+    builder.append(authority);
+    builder.append(", firstName=");
+    builder.append(firstName);
+    builder.append(", lastName=");
+    builder.append(lastName);
+    builder.append(", additionalInfo=");
+    builder.append(getAdditionalInfo());
+    builder.append(", createdTime=");
+    builder.append(createdTime);
+    builder.append(", id=");
+    builder.append(id);
+    builder.append("]");
+    return builder.toString();
+  }
+
+  @JsonIgnore
+  public boolean isSystemAdmin() {
+    return tenantId == null || EntityId.NULL_UUID.equals(tenantId.getId());
+  }
+
+  @JsonIgnore
+  public boolean isTenantAdmin() {
+    return !isSystemAdmin()
+        && (customerId == null || EntityId.NULL_UUID.equals(customerId.getId()));
+  }
+
+  @JsonIgnore
+  public boolean isCustomerUser() {
+    return !isSystemAdmin() && !isTenantAdmin();
+  }
 }

+package org.thingsboard.server.common.data.yunteng.common;
+
+public interface AddGroup {
+}

+package org.thingsboard.server.common.data.yunteng.common;
+
+import org.thingsboard.server.common.data.yunteng.dto.SysDictItemDTO;
+
+public interface CommonService {
+  /**
+   * 通过dict表的Code和dictItem的codeText查询字典表的值
+   *
+   * @param dictCode 字典表Code
+   * @param codeValue 字典Item表文本值
+   * @return 返回字典Item表
+   */
+  SysDictItemDTO getDictValueByCodeAndText(String dictCode, String codeValue);
+
+  /**
+   * 生成DeviceToken
+   * @return 返回DeviceToken
+   */
+  String generateDeviceToken(String tenantId);
+}

+package org.thingsboard.server.common.data.yunteng.common;
+
+public interface DeleteGroup {
+}

+package org.thingsboard.server.common.data.yunteng.common;
+
+public interface UpdateGroup {
+}

+package org.thingsboard.server.common.data.yunteng.common.aspect;
+
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.springframework.stereotype.Component;
+import org.thingsboard.common.util.JacksonUtil;
+import org.thingsboard.server.common.data.yunteng.common.CommonService;
+import org.thingsboard.server.common.data.yunteng.common.aspect.annotation.AutoDict;
+import org.thingsboard.server.common.data.yunteng.dto.SysDictItemDTO;
+import org.thingsboard.server.common.data.yunteng.utils.ReflectUtils;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.common.data.yunteng.utils.tools.ResponseResult;
+
+import java.lang.reflect.Field;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.ArrayList;
+import java.util.List;
+
+@Aspect
+@Component
+@Slf4j
+@RequiredArgsConstructor
+public class SysDictAspect {
+
+  private final CommonService commonService;
+
+  /** 表对应字段加上_dictText即可显示出文本 */
+  private static final String DICT_TEXT_SUFFIX = "DictText";
+
+  /** 定义切入点 */
+  @Pointcut("execution(* com.codeez..*.*Controller.*(..))")
+  public void exudeService() {}
+
+  /**
+   * 执行环绕通知
+   *
+   * @param joinPoint 切面
+   * @return 返回类型： Object
+   */
+  @Around("exudeService()")
+  public Object aroundAdvise(ProceedingJoinPoint joinPoint) throws Throwable {
+    // 执行切点环绕通知，获取执行方法的返回值
+    Object returnObject = joinPoint.proceed();
+    return parseDictValue(returnObject);
+  }
+
+  /**
+   * 解析数据字典值
+   *
+   * @param returnObject 数据字典Code对应的值
+   */
+  private Object parseDictValue(Object returnObject) throws IllegalAccessException {
+    if (returnObject instanceof ResponseResult) {
+      Object object = ((ResponseResult<?>) returnObject).getData();
+      if(null != object){
+        ObjectNode objectNode = getObjectNode(object, ((ResponseResult) returnObject).getData());
+        if(null == objectNode){
+          return returnObject;
+        }
+        returnObject = ResponseResult.success(objectNode);
+      }
+    }
+    if (returnObject instanceof PageData) {
+      Object object = returnObject;
+      List<ObjectNode> list = new ArrayList<>();
+      for (Object obj : ((PageData<?>) object).getItems()) {
+        ObjectNode objectNode = getObjectNode(obj, obj);
+        if(null == objectNode){
+          return returnObject;
+        }
+        list.add(objectNode);
+      }
+      returnObject =new PageData<>(list, ((PageData<?>) object).getTotal());
+    }
+    return returnObject;
+  }
+
+  /**
+   * 通过dict表的Code和dictItem的codeText查询字典表的值
+   *
+   * @param code dict表的Code
+   * @param codeText dictItem的codeText
+   * @return 返回Item的值
+   */
+  private String getDictText(String code, Object codeText) {
+    SysDictItemDTO sysDictItemDTO =
+        commonService.getDictValueByCodeAndText(code, codeText.toString());
+    return sysDictItemDTO != null ? sysDictItemDTO.getItemText() : null;
+  }
+
+  /**
+   * 获取添加字段后的ObjectNode
+   *
+   * @param object 对象
+   * @param sourceObject 源对象
+   * @return 添加字段后的ObjectNode
+   */
+  private ObjectNode getObjectNode(Object object, Object sourceObject)
+      throws IllegalAccessException {
+    ObjectNode objectNode = null;
+    for (Field field : ReflectUtils.getAllDeclaredFields(object.getClass())) {
+      // 忽略修饰符访问检查
+      field.setAccessible(true);
+      if (field.getAnnotation(AutoDict.class) != null) {
+        String dictCode = field.getAnnotation(AutoDict.class).dictCode();
+        // 如果dictCode为空字符串，则循环下一个
+        if (StringUtils.isEmpty(dictCode)) {
+          log.debug("dictCode为空字符串的字段为{}", field.getName());
+          continue;
+        }
+        Object codeText = field.get(object);
+        if (null != codeText) {
+          String textValue = getDictText(dictCode, codeText);
+          JsonNode jsonNode = JacksonUtil.toJsonNode(JacksonUtil.toString(sourceObject));
+          if(null == objectNode){
+            objectNode = (ObjectNode) jsonNode;
+          }
+          objectNode.put(field.getName() + DICT_TEXT_SUFFIX, textValue);
+        }
+      }
+      if(field.getType().getName().equals("java.time.LocalDateTime")){
+        Object content = field.get(object);
+        if(null != content && null !=objectNode){
+          DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
+          objectNode.put(field.getName(),fmt.format((LocalDateTime)content));
+        }
+      }
+    }
+    return objectNode;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.common.aspect.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * 字典注解
+ */
+@Target(ElementType.FIELD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface AutoDict {
+    /**
+     * 字典Code
+     * @return 返回类型 String
+     */
+    String dictCode();
+}

+package org.thingsboard.server.common.data.yunteng.config.email;
+
+import lombok.Data;
+
+@Data
+public class EmailConfiguration {
+
+  /** 配置服务器 */
+  private String host;
+
+  /** 配置端口 */
+  private Integer port;
+
+  /** 配置用户名 */
+  private String username;
+
+  /** 配置密码 */
+  private String password;
+}

+package org.thingsboard.server.common.data.yunteng.config.sms;
+
+import lombok.extern.slf4j.Slf4j;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+
+@Slf4j
+public abstract class AbstractSmsSender implements SmsSender {
+
+  protected void validatePhoneNumber(String phoneNumber) {
+    phoneNumber = phoneNumber.trim();
+    if (!FastIotConstants.CHINA_MOBILE_PATTERN.matcher(phoneNumber).matches()) {
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+  }
+}
\ No newline at end of file

+package org.thingsboard.server.common.data.yunteng.config.sms;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonSubTypes;
+import com.fasterxml.jackson.annotation.JsonTypeInfo;
+import org.thingsboard.server.common.data.yunteng.config.sms.ali.AliSmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.config.sms.tencent.TencentSmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.enums.SmsProviderTypeEnum;
+
+@JsonTypeInfo(use = JsonTypeInfo.Id.NAME, include = JsonTypeInfo.As.PROPERTY, property = "type")
+@JsonSubTypes({
+  @JsonSubTypes.Type(value = AliSmsProviderConfiguration.class, name = "ALI_CLOUD"),
+  @JsonSubTypes.Type(value = TencentSmsProviderConfiguration.class, name = "TENCENT_CLOUD")
+})
+public interface SmsProviderConfiguration {
+
+  @JsonIgnore
+  SmsProviderTypeEnum getType();
+}

+package org.thingsboard.server.common.data.yunteng.config.sms;
+
+import java.util.LinkedHashMap;
+
+public interface SmsSender {
+    String sendSms(String phone, String templateCode, LinkedHashMap<String,String> param,String signName);
+}

+package org.thingsboard.server.common.data.yunteng.config.sms;
+
+public interface SmsSenderFactory {
+  SmsSender createSmsSender(SmsProviderConfiguration config);
+}

+package org.thingsboard.server.common.data.yunteng.config.sms;
+
+import org.springframework.stereotype.Component;
+import org.thingsboard.server.common.data.yunteng.config.sms.ali.AliSmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.config.sms.ali.AliSmsSender;
+import org.thingsboard.server.common.data.yunteng.config.sms.tencent.TencentSmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.config.sms.tencent.TencentSmsSender;
+
+@Component
+public class YtDefaultSmsSenderFactory implements SmsSenderFactory {
+  @Override
+  public SmsSender createSmsSender(
+      SmsProviderConfiguration config) {
+    switch (config.getType()) {
+      case ALI_CLOUD:
+        return new AliSmsSender(
+            (AliSmsProviderConfiguration) config);
+      case TENCENT_CLOUD:
+        return new TencentSmsSender(
+            (TencentSmsProviderConfiguration) config);
+      default:
+        throw new RuntimeException("Unknown SMS provider type " + config.getType());
+    }
+  }
+}

+package org.thingsboard.server.common.data.yunteng.config.sms.ali;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.config.sms.SmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.enums.SmsProviderTypeEnum;
+
+@Data
+public class AliSmsProviderConfiguration implements SmsProviderConfiguration {
+
+  /** 阿里云AccessKeyId */
+  private String accessKeyId;
+
+  /** 阿里云AccessKeySecret */
+  private String accessKeySecret;
+
+  @Override
+  public SmsProviderTypeEnum getType() {
+    return SmsProviderTypeEnum.ALI_CLOUD;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.config.sms.ali;
+
+import com.aliyuncs.DefaultAcsClient;
+import com.aliyuncs.IAcsClient;
+import com.aliyuncs.dysmsapi.model.v20170525.SendSmsRequest;
+import com.aliyuncs.dysmsapi.model.v20170525.SendSmsResponse;
+import com.aliyuncs.exceptions.ClientException;
+import com.aliyuncs.http.MethodType;
+import com.aliyuncs.profile.DefaultProfile;
+import com.aliyuncs.profile.IClientProfile;
+import lombok.Data;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.thingsboard.common.util.JacksonUtil;
+import org.thingsboard.server.common.data.yunteng.config.sms.AbstractSmsSender;
+import org.thingsboard.server.common.data.yunteng.core.exception.FastIotException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.enums.ResponseCodeEnum;
+
+import java.util.LinkedHashMap;
+
+@Slf4j
+public class AliSmsSender extends AbstractSmsSender {
+
+  /** 阿里云短信参数配置 */
+  private final AliSmsProviderConfiguration config;
+
+  private IClientProfile profile;
+
+  public AliSmsSender(AliSmsProviderConfiguration config) {
+    if (StringUtils.isEmpty(config.getAccessKeyId())
+        || StringUtils.isEmpty(config.getAccessKeyId())) {
+      throw new FastIotException(ErrorMessage.INVALID_PARAMETER);
+    }
+    this.config = config;
+    initProfile();
+  }
+
+  /** 使用AK&SK初始化账号Client */
+  private void initProfile() {
+    String endpoint = "dysmsapi.aliyuncs.com";
+    String product = "Dysmsapi";
+    String regionId = "cn-shanghai";
+    profile =
+        DefaultProfile.getProfile(regionId, config.getAccessKeyId(), config.getAccessKeySecret());
+    DefaultProfile.addEndpoint(regionId, product, endpoint);
+  }
+
+  @Override
+  public String sendSms(
+      String phone, String templateCode, LinkedHashMap<String, String> param, String signName) {
+    validatePhoneNumber(phone);
+    IAcsClient client = new DefaultAcsClient(profile);
+    SendSmsRequest request = new SendSmsRequest();
+    request.setSysMethod(MethodType.POST);
+    request.setPhoneNumbers(phone);
+    request.setSignName(signName);
+    request.setTemplateCode(templateCode);
+    // 有参数的时候才处理
+    if (!param.isEmpty()) {
+      request.setTemplateParam(JacksonUtil.toString(param));
+    }
+    try {
+      SendSmsResponse response = client.getAcsResponse(request);
+      return response.getCode().equalsIgnoreCase(ResponseCodeEnum.OK.name())
+          ? ResponseCodeEnum.SUCCESS.name()
+          : response.getMessage();
+    } catch (ClientException e) {
+      e.printStackTrace();
+      return e.getMessage();
+    }
+  }
+}

+package org.thingsboard.server.common.data.yunteng.config.sms.tencent;
+
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.config.sms.SmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.enums.SmsProviderTypeEnum;
+
+@Data
+public class TencentSmsProviderConfiguration implements SmsProviderConfiguration {
+
+  /** 腾讯云AppId */
+  private String appId;
+
+  /** 腾讯云appKey */
+  private String appKey;
+
+  @Override
+  public SmsProviderTypeEnum getType() {
+    return SmsProviderTypeEnum.TENCENT_CLOUD;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.config.sms.tencent;
+
+
+import lombok.extern.slf4j.Slf4j;
+import org.thingsboard.server.common.data.yunteng.config.sms.AbstractSmsSender;
+
+import java.util.LinkedHashMap;
+
+@Slf4j
+public class TencentSmsSender extends AbstractSmsSender {
+
+  public TencentSmsSender(TencentSmsProviderConfiguration config) {}
+
+  @Override
+  public String sendSms(
+      String phone, String templateCode, LinkedHashMap<String, String> param, String signName) {
+    return "";
+  }
+}

+package org.thingsboard.server.common.data.yunteng.constant;
+
+import java.util.regex.Pattern;
+
+public interface FastIotConstants {
+
+  class DefaultOrder {
+    public static final String CREATE_TIME="create_time";
+  }
+
+  String MOBILE =
+      "^[1](([3][0-9])|([4][0,1,4-9])|([5][0-3,5-9])|([6][2,5,6,7])|([7][0-8])|([8][0-9])|([9][0-3,5-9]))[0-9]{8}$";
+  String EMAIL = "^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,}$";
+  Pattern EMAIL_PATTERN = Pattern.compile(EMAIL, Pattern.CASE_INSENSITIVE);
+  Pattern CHINA_MOBILE_PATTERN = Pattern.compile(MOBILE);
+
+  class ConfigJSONKey {
+    public static final String BASE_URL = "baseUrl";
+  }
+
+  String DEFAULT_DELIMITER = "#";
+
+  class StateValue {
+    /** 禁用 */
+    public static final int DISABLE = 0;
+    /** 启用 */
+    public static final int ENABLE = 1;
+
+    /** 删除成功 */
+    public static final String DELETE_SUCCESS = "删除成功";
+
+    /** 删除失败 */
+    public static final String DELETE_FAILED = "删除成功";
+  }
+
+  class LevelValue {
+    /** 超级管理员 */
+    public static final int IS_ADMIN=0;
+
+    /** 系统平台其他管理员 */
+    public static final int IS_OTHER_ADMIN = 1;
+
+    /** 租户管理员 */
+    public static final int IS_TENANT_ADMIN = 2;
+
+    /** 普通用户 */
+    public static final int IS_NORMAL = 3;
+  }
+
+  interface CacheConfigKey {
+    String CACHE_CONFIG_KEY = "FAST_IOT_CACHE";
+    String USER_PERMISSION_PREFIX = "user_permission_for_";
+    String MOBILE_LOGIN_SMS_CODE = "mobile_login_sms_code";
+    String DEFAULT_RULE_CHAIN = "default_rule_chain";
+  }
+
+  String DEFAULT_EMAIL_SUFFIX_FOR_TB ="@yunteng.com";
+
+  interface TBCacheConfig {
+    String TB_CACHE_CONFIG_KEY = "TB_CONNECT_CACHE";
+    String EXISTING_TENANT = "EXISTING_TENANT";
+  }
+}

+package org.thingsboard.server.common.data.yunteng.constant;
+
+public final class ModelConstants {
+  public static class Table {
+    /** 系统用户表 */
+    public static final String USER_TABLE_NAME = "sys_user";
+    /** 租户表 */
+    public static final String TENANT_TABLE_NAME = "sys_tenant";
+    /** 租户菜单表 */
+    public static final String TENANT_MENU_TABLE_NAME = "sys_tenant_menu";
+    /** 租户角色表 */
+    public static final String TENANT_ROLE_TABLE_NAME = "sys_tenant_role";
+    /** 菜单表 */
+    public static final String MENU_TABLE_NAME = "sys_menu";
+    /** 角色表 */
+    public static final String ROLE_TABLE_NAME = "sys_role";
+    /** 用户角色关系表 */
+    public static final String USER_ROLE_TABLE_NAME = "sys_user_role";
+    /** 系统用户设置表 */
+    public static final String ADMIN_SETTING_TABLE_NAME = "sys_admin_setting";
+    /** 字典表 */
+    public static final String DICT_TABLE_NAME = "sys_dict";
+    /** 字典值表 */
+    public static final String DICT_ITEM_TABLE_NAME = "sys_dict_item";
+    /** 消息字典表 */
+    public static final String MESSAGE_CONFIG_TABLE_NAME = "message_config";
+    /** 消息模板表 */
+    public static final String MESSAGE_TEMPLATE_TABLE_NAME = "message_template";
+    /** 短信发送记录表 */
+    public static final String SMS_LOG_TABLE_NAME = "sms_log";
+    /** 邮件发送记录表 */
+    public static final String MAIL_LOG_TABLE_NAME = "mail_log";
+    /** 限流表 */
+    public static final String RATE_LIMIT_TABLE_NAME = "sys_rate_limit";
+    /** 系统部门表 */
+    public static final String DEPT_TABLE_NAME = "sys_dept";
+    /** 组织表 */
+    public static final String IOTFS_ORGANIZATION_TABLE_NAME = "iotfs_organization";
+    /** 用户与组织映射表 */
+    public static final String IOTFS_USER_ORGANIZATION_MAPPING_TABLE_NAME = "iotfs_user_organization_mapping";
+    /** 设备表 */
+    public static final String IOTFS_DEVICE_TABLE_NAME = "iotfs_device";
+    /** 设备配置表 */
+    public static final String IOTFS_DEVICE_PROFILE_TABLE_NAME = "iotfs_device_profile";
+    /** 设备类型表 */
+    public static final String IOTFS_DEVICE_TYPE_TABLE_NAME = "iotfs_device_type";
+    /** 告警配置表 */
+    public static final String IOTFS_ALARM_PROFILE_TABLE_NAME = "iotfs_alarm_profile";
+    /** 告警联系人 */
+    public static final String IOTFS_ALARM_CONTACT_TABLE_NAME = "iotfs_alarm_contact";
+  }
+
+  public static class TableFields {
+    public static final String TENANT_ID = "tenant_id";
+  }
+
+  public static class TablePropertyMapping {
+    public static final String ID = "id";
+    public static final String CREATE_TIME = "createTime";
+    public static final String UPDATE_TIME = "updateTime";
+    public static final String CREATOR = "creator";
+    public static final String UPDATER = "updater";
+    public static final String UPDATE = "update";
+    public static final String TENANT_CODE = "tenantCode";
+    public static final String PASSWORD = "password";
+    public static final String ACTIVATE_TOKEN = "activateToken";
+    public static final String TB_DEVICE_ID = "tbDeviceId";
+    public static final String DEVICE_STATE = "deviceState";
+    public static final String ACTIVE_TIME = "activeTime";
+  }
+
+  public static class AdminSettingConfigKey {
+    public static final String GENERAL_SETTING = "general";
+  }
+}

+package org.thingsboard.server.common.data.yunteng.constant;
+
+public class QueryConstant {
+  public static final String PAGE_SIZE = "pageSize";
+  public static final String PAGE = "page";
+  public static final String ORDER_FILED = "orderFiled";
+  public static final String ORDER_TYPE = "orderType";
+  public static final String CREATE_TIME="createTime";
+}

+package org.thingsboard.server.common.data.yunteng.constant;
+
+public final class SecurityConstant {
+    public static final String ROLE="role";
+    public static final String USER_ID="userId";
+    public static final String USER_NAME="username";
+    public static final String DISPLAY_NAME="displayName";
+    public static final String TENANT_CODE ="tenantCode";
+    public static final String TENANT_NAME="tenantName";
+    public static final String JWT_TOKEN_HEADER_PARAM="X-Authorization";
+}

+package org.thingsboard.server.common.data.yunteng.core;
+
+public enum RequestMethod {
+  GET,
+  HEAD,
+  POST,
+  PUT,
+  PATCH,
+  DELETE,
+  OPTIONS,
+  TRACE
+}

+package org.thingsboard.server.common.data.yunteng.core;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.springframework.util.Assert;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+
+import java.io.Serializable;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class Result implements Serializable {
+  private static final long serialVersionUID = -7460365055472356522L;
+  private String msg = "success";
+  private int code = -1;
+  private Object data;
+
+  public static Result ok(Object data) {
+    return new Result("success", 0, data);
+  }
+
+  public static Result error() {
+    return error(ErrorMessage.OPERATION_FAILED.getCode(), ErrorMessage.OPERATION_FAILED);
+  }
+
+  public static Result error(ErrorMessage ntlErrorMessage) {
+    return error(ntlErrorMessage.getCode(), ntlErrorMessage);
+  }
+
+  public static Result error(int code, ErrorMessage ntlErrorMessage) {
+    Assert.isTrue(code != 0, "error code should not be zero in error response!");
+    return new Result(ntlErrorMessage.getMessage(), code, null);
+  }
+
+  public static Result error(String msg) {
+    return new Result(msg, -1, null);
+  }
+
+  public static Result error(int code, String msg) {
+    Assert.isTrue(code != 0, "error code should not be zero in error response!");
+    return new Result(msg, code, null);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.cache;
+
+import org.springframework.cache.CacheManager;
+import org.springframework.stereotype.Component;
+
+import java.util.Objects;
+import java.util.Optional;
+
+@Component
+public class CacheUtils {
+
+  private final String COMMON_STORE_AREA = "yun-teng-iot-common";
+
+  private final CacheManager cacheManager;
+
+  public CacheUtils(CacheManager cacheManager) {
+    this.cacheManager = cacheManager;
+  }
+
+  public void put(String key, Object value) {
+    Objects.requireNonNull(cacheManager.getCache(COMMON_STORE_AREA)).put(key, value);
+  }
+
+  public void put(String cacheName, String key, Object value) {
+    Objects.requireNonNull(cacheManager.getCache(cacheName)).put(key, value);
+  }
+
+  public void invalidateCacheName(String cacheName) {
+    Objects.requireNonNull(cacheManager.getCache(cacheName)).invalidate();
+  }
+  public void invalidate(String key) {
+    Objects.requireNonNull(cacheManager.getCache(COMMON_STORE_AREA)).evictIfPresent(key);
+  }
+
+  public void invalidate(String cacheName, String key) {
+    Objects.requireNonNull(cacheManager.getCache(cacheName)).evictIfPresent(key);
+  }
+
+  @SuppressWarnings("unchecked")
+  public <T> Optional<T> get(String key) {
+    return Optional.ofNullable(
+            Objects.requireNonNull(cacheManager.getCache(COMMON_STORE_AREA)).get(key))
+        .map(v -> (T) v.get());
+  }
+
+  @SuppressWarnings("unchecked")
+  public <T> Optional<T> get(String cacheName, String key) {
+    return Optional.ofNullable(Objects.requireNonNull(cacheManager.getCache(cacheName)).get(key))
+        .map(v -> (T) v.get());
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.event;
+
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationEvent;
+
+public class RateLimitChangeEvent extends ApplicationEvent {
+  private static final long serialVersionUID = 5948179374091197232L;
+
+  /**
+   * Create a new ContextStartedEvent.
+   *
+   * @param source the {@code ApplicationContext} that the event is raised for (must not be {@code
+   *     null})
+   */
+  public RateLimitChangeEvent(ApplicationContext source) {
+    super(source);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class DTOCreationException extends RuntimeException {
+
+  private static final long serialVersionUID = 5255597864949518781L;
+
+  public DTOCreationException(String message) {
+    super(message);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+import lombok.Getter;
+
+public class DataValidationException extends RuntimeException {
+  private static final long serialVersionUID = 3556952261254572635L;
+
+  @Getter public boolean log = false;
+
+  public DataValidationException(String message) {
+    super(message);
+  }
+
+  public DataValidationException(String message, boolean log) {
+    super(message);
+    this.log = log;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class EntityCreationException extends RuntimeException {
+
+  private static final long serialVersionUID = 5255597864949518781L;
+
+  public EntityCreationException(String message) {
+    super(message);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+import lombok.Getter;
+import org.springframework.http.HttpStatus;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+
+public class FastIotException extends RuntimeException {
+  private static final long serialVersionUID = 4036257507478854844L;
+
+  @Getter private final HttpStatus httpStatus;
+
+  @Getter private final ErrorMessage error;
+
+  public FastIotException(ErrorMessage errorMessage) {
+    super(errorMessage.getMessage());
+    this.httpStatus = HttpStatus.INTERNAL_SERVER_ERROR;
+    this.error = errorMessage;
+  }
+
+  public FastIotException(ErrorMessage errorMessage, HttpStatus httpStatus) {
+    super(errorMessage.getMessage());
+    this.httpStatus = httpStatus;
+    this.error = errorMessage;
+  }
+
+  public FastIotException() {
+    super(ErrorMessage.INTERNAL_ERROR.getMessage());
+    this.error = ErrorMessage.INTERNAL_ERROR;
+    this.httpStatus = HttpStatus.INTERNAL_SERVER_ERROR;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class FileNotFoundException extends RuntimeException{
+    private static final long serialVersionUID = 3466865879043055822L;
+
+    public FileNotFoundException(String message) {
+    super(message);
+    }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class FileStorageException extends  RuntimeException{
+    private static final long serialVersionUID = -8866081834891143120L;
+
+    public FileStorageException(String message) {
+        super(message);
+    }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class NoneTenantAssetException extends RuntimeException {
+  private static final long serialVersionUID = 9135599998185288967L;
+
+  public NoneTenantAssetException(String message) {
+    super(message);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.exception;
+
+public class TooManyRequestException extends RuntimeException {
+  private static final long serialVersionUID = 1055141330426574861L;
+
+  public TooManyRequestException() {
+    super();
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.message;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+
+@JsonFormat(shape = JsonFormat.Shape.OBJECT)
+public enum ErrorMessage {
+  // ERROR STARTS FROM HERE
+  INTERNAL_ERROR(500000, "internal error"),
+  OPERATION_FAILED(500001, "operation failed"),
+  NO_PERMISSION(403001, "no permission"),
+  ACCOUNT_DISABLED(403002, "account disabled"),
+  ACCESS_DENIED(403003, "access denied"),
+  AUTHENTICATION_METHOD_NOT_SUPPORTED(403004, "authentication method not supported"),
+  USERNAME_PASSWORD_INCORRECT(401001, "incorrect username or password"),
+  TOKEN_EXPIRED(401002, "token has expired"),
+  NONE_TENANT_ASSET(401003, "not current tenant asset"),
+  AUTHENTICATION_FAILED_ACCOUNT_EXPIRED(401003, "account has expired"),
+  BAD_PARAMETER(400000, "query parameters not valid"),
+  INVALID_PARAMETER(400001, "invalid parameters"),
+  TOO_MANY_REQUEST(429001, "too many requests"),
+  EXIST_ENABLE_TEMPLATE(400002,"存在已启用相同类型及用途的模板"),
+  NOT_SET_PASSWORD_TEMPLATE(400003,"未设置用于密码重置的模板"),
+  PROVIDE_CORRECT_PHONE_NUMBER(400004,"请提供正确的电话号码"),
+  PROVIDE_CORRECT_EMAIL(400005,"请提供正确的邮箱"),
+  PHONE_NUMBER_OR_EMAIL_REQUIRED(400006,"必须提供电话或者邮箱"),
+  NAME_ALREADY_EXISTS(400007,"名称已存在"),
+  ROLE_IN_USE(400008,"该角色还存在用户使用"),
+  NONE_DEFAULT_RULE_CHAIN(400009,"该租户不存在默认的规则链"),
+  TENANT_MISMATCHING(400010,"租户不匹配"),
+  GET_CURRENT_USER_EXCEPTION(400011,"获取当前用户信息异常"),
+  CONNECT_TO_TB_ERROR(500001,"与TB联系错误"),
+  HAVE_NO_PERMISSION(500002,"没有修改权限");
+  private final int code;
+  private String message;
+
+  ErrorMessage(int code, String message) {
+    this.code = code;
+    this.message = message;
+  }
+
+  public ErrorMessage setMessage(String message) {
+    this.message = message;
+    return this;
+  }
+
+  public int getCode() {
+    return code;
+  }
+
+  public String getMessage() {
+    return message;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+@ConfigurationProperties(prefix = "file.storage.local")
+@Component
+@Data
+public class FileStorageProperties {
+  private String type;
+  private String uploadDir;
+  private String downloadPath;
+  private String uploadPath;
+  private boolean randomFileName;
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.multipart.MultipartFile;
+import org.thingsboard.server.common.data.yunteng.dto.FileUploadResponse;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public interface FileStorageService {
+
+  /**
+   * 上传文件
+   *
+   * @param file 待上传文件
+   * @return {@link FileUploadResponse} 实例对象
+   */
+  FileUploadResponse upload(MultipartFile file);
+
+  /**
+   * 下载文件
+   *
+   * @param fileName 待下载文件名
+   * @param response {@link HttpServletResponse}
+   */
+  ResponseEntity<?> download(
+      String fileName, HttpServletRequest request, HttpServletResponse response);
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.UrlResource;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Service;
+import org.springframework.util.StringUtils;
+import org.springframework.web.multipart.MultipartFile;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import org.thingsboard.server.common.data.yunteng.core.exception.FileNotFoundException;
+import org.thingsboard.server.common.data.yunteng.core.exception.FileStorageException;
+import org.thingsboard.server.common.data.yunteng.dto.FileUploadResponse;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.nio.file.StandardCopyOption;
+import java.util.Objects;
+
+@Service
+@Slf4j
+@ConditionalOnExpression("'${file.storage.type}'=='local'")
+public class LocalFileStorageService implements FileStorageService {
+
+  private final FileStorageProperties fileStorageProperties;
+  private final Path fileStorageLocation;
+
+  @Value("${file.storage.local.staticUrl}")
+  private String ossFileUrl;
+
+  @Autowired
+  public LocalFileStorageService(FileStorageProperties fileStorageProperties) {
+    this.fileStorageProperties = fileStorageProperties;
+    this.fileStorageLocation =
+        Paths.get(fileStorageProperties.getUploadDir()).toAbsolutePath().normalize();
+    try {
+      Files.createDirectories(this.fileStorageLocation);
+    } catch (Exception e) {
+      throw new RuntimeException(
+          "Could not create the directory where the uploaded files will be stored.");
+    }
+  }
+
+  public String storeFile(MultipartFile file) {
+    // Normalize file name
+    String fileName = StringUtils.cleanPath(Objects.requireNonNull(file.getOriginalFilename()));
+
+    try {
+      // random fileName if needed
+      if (fileStorageProperties.isRandomFileName()) {
+        if (fileName.contains(".")) {
+          fileName =
+              RandomStringUtils.randomAlphabetic(15)
+                  + fileName.substring(fileName.lastIndexOf("."));
+        } else {
+          fileName = RandomStringUtils.randomAlphabetic(15);
+        }
+      }
+      // Check if the file's name contains invalid characters
+      if (fileName.contains("..")) {
+        throw new FileStorageException(
+            "Sorry! Filename contains invalid path sequence " + fileName);
+      }
+
+      // Copy file to the target location (Replacing existing file with the same name)
+      Path targetLocation = this.fileStorageLocation.resolve(fileName);
+      Files.copy(file.getInputStream(), targetLocation, StandardCopyOption.REPLACE_EXISTING);
+
+      return fileName;
+    } catch (IOException ex) {
+      throw new FileStorageException("Could not store file " + fileName + ". Please try again!");
+    }
+  }
+
+  public Resource loadFileAsResource(String fileName) {
+    try {
+      Path filePath = this.fileStorageLocation.resolve(fileName).normalize();
+      Resource resource = new UrlResource(filePath.toUri());
+      if (resource.exists()) {
+        return resource;
+      } else {
+        throw new FileNotFoundException("File not found " + fileName);
+      }
+    } catch (MalformedURLException ex) {
+      throw new FileNotFoundException("File not found " + fileName);
+    }
+  }
+
+  @Override
+  public FileUploadResponse upload(MultipartFile file) {
+    String fileName = this.storeFile(file);
+    String fileDownloadPath =
+        ServletUriComponentsBuilder.fromCurrentRequestUri()
+            .path(fileStorageProperties.getDownloadPath())
+            .path(fileName)
+            .toUriString();
+    String realDownloadPath = fileDownloadPath.replace(fileStorageProperties.getUploadPath(), "");
+    String ossStaticPath =
+        ServletUriComponentsBuilder.fromCurrentContextPath().toUriString() + ossFileUrl;
+    ossStaticPath = ossStaticPath.replace("**", fileName);
+    return new FileUploadResponse(
+        fileName, realDownloadPath, file.getContentType(), file.getSize(), ossStaticPath);
+  }
+
+  @Override
+  public ResponseEntity<?> download(
+      String fileName, HttpServletRequest request, HttpServletResponse response) {
+    Resource resource = this.loadFileAsResource(fileName);
+    String contentType = null;
+    try {
+      contentType = request.getServletContext().getMimeType(resource.getFile().getAbsolutePath());
+    } catch (IOException ex) {
+      log.info("Could not determine file type.");
+    }
+
+    // Fallback to the default content type if type could not be determined
+    if (contentType == null) {
+      contentType = "application/octet-stream";
+    }
+
+    return ResponseEntity.ok()
+        .contentType(MediaType.parseMediaType(contentType))
+        .header(
+            HttpHeaders.CONTENT_DISPOSITION,
+            "attachment; filename=\"" + resource.getFilename() + "\"")
+        .body(resource);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * @author 徐浩然
+ * @desc minio配置文件
+ * @date 2021/12/1-15:35
+ */
+@ConfigurationProperties(prefix = "file.storage.minio")
+@Component
+@Data
+public class MinioFileStorageProperties {
+  /** minio储存地址 */
+  private String minioUrl;
+  /** minio账户 */
+  private String minioName;
+  /** minio访问密码 */
+  private String minioPass;
+  /** minio储存桶名称 */
+  private String bucketName;
+
+  private boolean randomFileName;
+}

+package org.thingsboard.server.common.data.yunteng.core.utils;
+
+import io.minio.*;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Service;
+import org.springframework.util.StringUtils;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.multipart.MultipartFile;
+import org.thingsboard.server.common.data.yunteng.core.exception.FileStorageException;
+import org.thingsboard.server.common.data.yunteng.dto.FileUploadResponse;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.Objects;
+
+@Service
+@Slf4j
+@ConditionalOnExpression("'${file.storage.type}'=='minio'")
+public class MinioFileStorageService implements FileStorageService {
+
+  private final MinioFileStorageProperties fileStorageProperties;
+  private MinioClient minioClient;
+
+  @Autowired
+  public MinioFileStorageService(MinioFileStorageProperties fileStorageProperties) {
+    this.fileStorageProperties = fileStorageProperties;
+    // 创建客户端对象
+    this.minioClient =
+        MinioClient.builder()
+            .endpoint(fileStorageProperties.getMinioUrl())
+            .credentials(fileStorageProperties.getMinioName(), fileStorageProperties.getMinioPass())
+            .build();
+    // 创建储存桶
+    checkBucket();
+  }
+
+  // 储存文件
+  public String storeFile(MultipartFile file) {
+    // Normalize file name
+    String fileName = StringUtils.cleanPath(Objects.requireNonNull(file.getOriginalFilename()));
+    // random fileName if needed
+    if (fileStorageProperties.isRandomFileName()) {
+      if (fileName.contains(".")) {
+        fileName =
+            RandomStringUtils.randomAlphabetic(15) + fileName.substring(fileName.lastIndexOf("."));
+      } else {
+        fileName = RandomStringUtils.randomAlphabetic(15);
+      }
+    }
+    // Check if the file's name contains invalid characters
+    if (fileName.contains("..")) {
+      throw new FileStorageException("Sorry! Filename contains invalid path sequence " + fileName);
+    }
+
+    // 储存
+    try {
+      checkBucket();
+      PutObjectArgs build =
+          PutObjectArgs.builder()
+              .bucket(fileStorageProperties.getBucketName())
+              .object(fileName)
+              .contentType(file.getContentType())
+              .stream(file.getInputStream(), file.getInputStream().available(), -1)
+              .build();
+      minioClient.putObject(build);
+      return fileName;
+    } catch (Exception ex) {
+      ex.printStackTrace();
+      throw new FileStorageException("Could not store file " + fileName + ". Please try again!");
+    }
+  }
+
+  @Override
+  public FileUploadResponse upload(MultipartFile file) {
+    String fileName = this.storeFile(file);
+    String staticPath = getPath(fileName);
+    String realDownloadPath = null;
+    try {
+      // 获取request
+      HttpServletRequest request =
+          ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+      // 生成下载接口的地址
+      realDownloadPath =
+          request.getRequestURL().toString().replace("upload", "downloadFile/" + fileName);
+    } catch (Exception e) {
+      e.printStackTrace();
+      log.info("Could not upload file " + fileName + ". Please try again!");
+    }
+    return new FileUploadResponse(
+        fileName, realDownloadPath, file.getContentType(), file.getSize(), staticPath);
+  }
+
+  @Override
+  public ResponseEntity<?> download(
+      String fileName, HttpServletRequest request, HttpServletResponse response) {
+    // get object given the bucket and object name
+    try (
+    // 获取文件流
+    InputStream inputStream =
+            minioClient.getObject(
+                GetObjectArgs.builder()
+                    .bucket(fileStorageProperties.getBucketName())
+                    .object(fileName)
+                    .build());
+        // 获取输出流
+        OutputStream outputStream = response.getOutputStream(); ) {
+      // 清空
+      response.reset();
+      // 写入流
+      byte[] buffer = inputStream.readAllBytes();
+      outputStream.write(buffer);
+      outputStream.flush();
+      // 配置header
+      response.addHeader(HttpHeaders.CONTENT_DISPOSITION, "attachment;filename=" + fileName);
+      response.addHeader(HttpHeaders.CONTENT_LENGTH, String.valueOf(buffer.length));
+      return ResponseEntity.status(HttpStatus.OK).body("download...");
+    } catch (Exception e) {
+      // 找不到文件时会抛出异常
+      String err = fileName + "file not found";
+      log.info(err);
+      return ResponseEntity.status(HttpStatus.NOT_FOUND).body(err);
+    }
+  }
+
+  // 检查储存桶情况
+  private void checkBucket() {
+    try {
+      // 桶是否存在
+      boolean exists =
+          minioClient.bucketExists(
+              BucketExistsArgs.builder().bucket(fileStorageProperties.getBucketName()).build());
+      if (!exists) {
+        // 不存在创建
+        minioClient.makeBucket(
+            MakeBucketArgs.builder().bucket(fileStorageProperties.getBucketName()).build());
+        // 设置储存桶策略
+        String str =
+            "{\"Statement\": [{\"Action\": [\"s3:GetBucketLocation\",\"s3:ListBucket\"],\"Effect\": \"Allow\",\"Principal\": \"*\",\"Resource\": \"arn:aws:s3:::%\"},{\"Action\": \"s3:GetObject\",\"Effect\": \"Allow\",\"Principal\": \"*\",\"Resource\": \"arn:aws:s3:::%/*\"}],\"Version\": \"2012-10-17\"}";
+        String replace = str.replace("%", fileStorageProperties.getBucketName());
+        minioClient.setBucketPolicy(
+            SetBucketPolicyArgs.builder()
+                .bucket(fileStorageProperties.getBucketName())
+                .config(replace)
+                .build());
+      }
+    } catch (Exception e) {
+      log.error(e.getMessage(), e);
+    }
+  }
+
+  /**
+   * @param fileName 文件名
+   * @return 文件访问地址
+   */
+  @NotNull
+  private String getPath(String fileName) {
+    return fileStorageProperties
+        .getMinioUrl()
+        .concat("/")
+        .concat(fileStorageProperties.getBucketName())
+        .concat("/")
+        .concat(fileName);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+
+@Data
+public class AlarmProfileDTO extends TenantDTO {
+  /** 告警联系人 通知多人“,”号分隔 */
+  private String alarmContactId;
+  /** 设备配置ID */
+  private String deviceProfileId;
+  /** 消息通知方式：多种方式“,”号分隔 MessageTypeEnum */
+  private String messageMode;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+import org.springframework.beans.BeanUtils;
+import org.thingsboard.server.common.data.yunteng.common.UpdateGroup;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+import org.thingsboard.server.common.data.yunteng.core.exception.EntityCreationException;
+import org.thingsboard.server.common.data.yunteng.utils.ReflectUtils;
+
+import javax.validation.constraints.NotEmpty;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.time.LocalDateTime;
+
+@Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class BaseDTO {
+  @NotEmpty(message = "ID不能为空或者空字符串",groups = {UpdateGroup.class})
+  private String id;
+  /**创建用户*/
+  private String creator;
+  /**创建时间*/
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime createTime;
+  /**更新用户*/
+  private String updater;
+  /**更新时间*/
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime updateTime;
+  @JsonIgnore
+  public <E> void copyToEntity(E entity, String... ignoreProperties) {
+    if (ignoreProperties.length == 0) {
+      BeanUtils.copyProperties(
+          this,
+          entity,
+          ModelConstants.TablePropertyMapping.CREATE_TIME,
+          ModelConstants.TablePropertyMapping.UPDATE_TIME,
+          ModelConstants.TablePropertyMapping.CREATOR,
+          ModelConstants.TablePropertyMapping.UPDATER);
+    } else {
+      BeanUtils.copyProperties(this, entity, ignoreProperties);
+    }
+  }
+
+  @JsonIgnore
+  @SuppressWarnings("unchecked")
+  public <E> E getEntity(Class<E> clazz) {
+    Constructor<?> constructor = ReflectUtils.getEmptyParameterConstructor(clazz);
+    if (constructor != null) {
+      try {
+        E e = (E) constructor.newInstance();
+        BeanUtils.copyProperties(this, e);
+        return e;
+      } catch (InstantiationException | IllegalAccessException | InvocationTargetException e) {
+        throw new EntityCreationException(
+            "try to get entity from class [" + clazz.getName() + "] failed " + e.getMessage());
+      }
+    } else {
+      throw new EntityCreationException(
+          "try to get entity from class [" + clazz.getName() + "] failed");
+    }
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.common.DeleteGroup;
+
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Size;
+import java.util.Set;
+
+@Data
+public class DeleteDTO {
+  /** 删除主键IDS */
+  @NotNull(
+      message = "IDS不能为空",
+      groups = {DeleteGroup.class})
+  @Size(
+      min = 1,
+      message = "删除至少需要一个id",
+      groups = {DeleteGroup.class})
+  private Set<String> ids;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.databind.JsonNode;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.security.DeviceCredentialsType;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+import org.thingsboard.server.common.data.yunteng.enums.DeviceState;
+import org.thingsboard.server.common.data.yunteng.enums.DeviceTypeEnum;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.time.LocalDateTime;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class DeviceDTO extends TenantDTO {
+  private String name;
+  /**
+   * 包含字段:
+   *
+   * <ul/>
+   *   <li>gateway 网关，bool类型
+   *   <li>description 描述字段
+   */
+  private JsonNode deviceInfo;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime activeTime;
+
+  private DeviceState deviceState = DeviceState.INACTIVE;
+
+  @NotEmpty(
+      message = "设备配置ID不能为空或者空字符串",
+      groups = {AddGroup.class})
+  @ApiModelProperty(value = "设备配置", required = true)
+  private String profileId;
+
+  @NotEmpty(
+      message = "设备唯一编号不能为空或空字符串",
+      groups = {AddGroup.class})
+  @ApiModelProperty(value = "设备唯一编号", required = true)
+  private String deviceToken;
+  // 不用序列化给前端
+  @JsonIgnore private String tbDeviceId;
+  private String deviceTypeId;
+
+  @NotEmpty(
+      message = "所属组织不能为空或者空字符串",
+      groups = {AddGroup.class})
+  @ApiModelProperty(value = "设备组织", required = true)
+  private String organizationId;
+  /** 标签 */
+  private String label;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime lastConnectTime;
+
+  private DeviceProfileDTO deviceProfile;
+  private OrganizationDTO organizationDTO;
+
+  @NotNull(
+      message = "设备类型不能为空",
+      groups = {AddGroup.class})
+  @ApiModelProperty(value = "设备类型：GATEWAY,DIRECT_CONNECTION,SENSOR", required = true)
+  private DeviceTypeEnum deviceType;
+  /** 设备凭证 */
+  private DeviceCredentialsType deviceCredentials;
+  /** 告警状态：0：正常 1：告警 */
+  private Integer alarmStatus;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.DeviceTransportType;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+
+import javax.validation.constraints.NotEmpty;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class DeviceProfileDTO extends TenantDTO {
+  @NotEmpty(message = "设备配置名称不能为空或者空字符串", groups = AddGroup.class)
+  @ApiModelProperty(value = "设备配置名称")
+  private String name;
+
+  private String description;
+  /** 转换脚本：TCP才会使用 */
+  private String convertJs;
+
+  @NotEmpty(message = "传输协议不能为空或者空字符串", groups = AddGroup.class)
+  @ApiModelProperty(value = "传输协议", required = true)
+  @NotEmpty(message = "传输协议不能为空或者二空字符串")
+  private DeviceTransportType transportType;
+  /** TB的设备配置文件 */
+  private String tbProfileId;
+
+  private JsonNode alarms;
+  /** 告警配置 */
+  private AlarmProfileDTO alarmProfile;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+
+@Data
+@AllArgsConstructor
+public class FileUploadResponse {
+  private String fileName;
+  private String fileDownloadUri;
+  private String fileType;
+  private long size;
+  private String fileStaticUri;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.enums.MenuTypeEnum;
+
+import java.time.LocalDateTime;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Objects;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class MenuDTO extends BaseDTO implements Comparable<MenuDTO> {
+  private String id;
+  /**
+   * if menu type is system default, the menu name can be null; if menu type is not system default,
+   * menu name is user defined
+   */
+  private String name;
+
+  //  @JsonIgnore
+  private String parentId;
+  private List<MenuDTO> children;
+  private String path;
+  //  @JsonIgnore
+  private MenuTypeEnum type;
+  private String permission;
+  private Integer sort;
+  @JsonIgnore private String tenantCode;
+  private String component;
+  private JsonNode meta;
+  @JsonIgnore private String alias;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String redirect;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private Boolean caseSensitive;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime createTime;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime updateTime;
+
+  public MenuDTO() {
+    this.children = new ArrayList<>();
+  }
+
+  @Override
+  public int compareTo(MenuDTO o) {
+    return Objects.requireNonNullElse(this.getSort(), 0)
+        - Objects.requireNonNullElse(o.getSort(), 0);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.common.aspect.annotation.AutoDict;
+
+@EqualsAndHashCode(callSuper = false)
+@Data
+public class MessageConfigDTO extends TenantDTO {
+
+  /** 配置名称 */
+  private String configName;
+  /** 短信平台类型 */
+  @AutoDict(dictCode = "platform_type")
+  private String platformType;
+
+  /** 消息类型 */
+  @AutoDict(dictCode = "message_type")
+  private String messageType;
+
+  /** json配置 */
+  private JsonNode config;
+
+  /** 状态：0禁用 1启用 */
+  private Integer status;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.common.aspect.annotation.AutoDict;
+
+@EqualsAndHashCode(callSuper = false)
+@Data
+public class MessageTemplateDTO extends TenantDTO {
+  /** 模板名称 */
+  private String templateName;
+
+  /** 模板签名 */
+  private String signName;
+
+  /** 模板CODE */
+  private String templateCode;
+
+  /** 消息配置 */
+  private String messageConfigId;
+
+  /**消息配置信息*/
+  private MessageConfigDTO messageConfig;
+
+  /**消息类型*/
+  private String messageType;
+
+  /** 模板用途 */
+  @AutoDict(dictCode = "template_purpose")
+  private String templatePurpose;
+
+  /** 状态：0禁用 1启用 */
+  private Integer status;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.utils.tree.TreeDTO;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class OrganizationDTO extends TenantDTO implements TreeDTO<OrganizationDTO> {
+  private String parentId;
+  private String name;
+  private int sort;
+  private List<OrganizationDTO> children;
+  private String remark;
+
+  public OrganizationDTO() {
+    this.children = new ArrayList<>();
+  }
+
+  @Override
+  public int compareTo(OrganizationDTO o) {
+    return this.getSort() - o.getSort();
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+
+import lombok.Data;
+
+@Data
+public class PlainRolesDTO {
+  private String roleId;
+  private String roleName;
+
+  @Override
+  public String toString() {
+    return "角色ID:" + roleId + " " + "角色名:" + roleName;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonAlias;
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.time.LocalDateTime;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class RoleDTO extends TenantDTO {
+  private String name;
+  private String remark;
+  private LocalDateTime createTime;
+  private String roleType;
+  private String code;
+  @JsonFormat(shape = JsonFormat.Shape.NUMBER)
+  @JsonAlias({"status", "enabled"})
+  @JsonProperty("status")
+  private boolean enabled = true;
+  private String[] roleIds;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+
+import javax.validation.constraints.NotEmpty;
+
+@Data
+public class SysDictDTO extends TenantDTO{
+
+    /** 字典名称 */
+    @NotEmpty(message = "字典名称不能为空或空字符串",groups = {AddGroup.class})
+    private String dictName;
+
+    /** 字典编码 */
+    @NotEmpty(message = "字典编码不能为空或空字符串",groups = {AddGroup.class})
+    private String dictCode;
+
+    /** 字典描述 */
+    private String description;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+
+import javax.validation.constraints.NotEmpty;
+
+@Data
+public class SysDictItemDTO extends BaseDTO{
+    /** 字典ID */
+    @NotEmpty(message = "字典表ID不能为空或空字符串",groups = {AddGroup.class})
+    private String dictId;
+
+    /** 字典文本 */
+    @NotEmpty(message = "字典Item文本不能为空或空字符串",groups = {AddGroup.class})
+    private String itemText;
+
+    /** 字典值 */
+    @NotEmpty(message = "字典Item文本值不能为空或空字符串",groups = {AddGroup.class})
+    private String itemValue;
+
+    /** 字典描述 */
+    private String description;
+
+    /** 字典排序 默认排序1*/
+    private Integer sort;
+
+    /** 字典状态 默认状态1 启用*/
+    private Integer status;
+
+    /** 租户Code */
+    private String tenantCode;
+
+    /**字典*/
+    private SysDictDTO sysDict;
+
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.enums.TenantStatusEnum;
+
+import java.time.LocalDateTime;
+
+@EqualsAndHashCode(callSuper = false)
+@Data
+public class TenantDTO extends BaseDTO {
+  private String name;
+  private String icon;
+  private String tenantCode;
+  private boolean enabled;
+  private String description;
+  private String defaultConfig;
+  /** TB的租户ID */
+  private String tenantId;
+  /** 租户角色 */
+  private String[] roleIds;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private TenantStatusEnum tenantStatus;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime tenantExpireTime;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+import org.thingsboard.server.common.data.yunteng.enums.UserStatusEnum;
+
+import javax.validation.constraints.NotEmpty;
+import java.time.LocalDateTime;
+import java.util.Set;
+
+@EqualsAndHashCode(callSuper = false)
+@Data
+public class UserDTO extends BaseDTO {
+
+  @NotEmpty(message = "用户名不能为空或字符串", groups = AddGroup.class)
+  private String username;
+
+  @NotEmpty(message = "姓名不能为空或字符串", groups = AddGroup.class)
+  private String realName;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  @NotEmpty(message = "密码不能为空或空字符串", groups = AddGroup.class)
+  private String password;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String activateToken;
+
+  /** 所辖组织ids */
+  private String[] organizationIds;
+
+  /** 角色ids */
+  private String[] roleIds;
+
+  private String phoneNumber;
+  private String email;
+  private String avatar;
+  private boolean enabled;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime accountExpireTime;
+
+  private boolean hasPassword;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String tenantCode;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String tenantName;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private UserStatusEnum userStatusEnum;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private Set<PlainRolesDTO> roles;
+
+  private String deptId;
+
+  /** 0：超级管理员；1：租户账号；2：租户下的账号 */
+  private Integer level;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+
+@Data
+public class UserDetailRoleDTO {
+    private RoleEnum roleType;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import lombok.Data;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+import java.util.Set;
+
+/** for authentication */
+@Data
+public class UserDetailsDTO implements Serializable {
+
+  private static final long serialVersionUID = -515966143236266646L;
+  private String id;
+  private String username;
+  private String password;
+  private boolean enabled;
+  private LocalDateTime accountExpireTime;
+  private TenantDTO tenant;
+  private String tenantId;
+  private Set<UserDetailRoleDTO> roles;
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.alibaba.excel.annotation.ExcelIgnore;
+import com.alibaba.excel.annotation.ExcelProperty;
+import com.alibaba.excel.converters.Converter;
+import com.alibaba.excel.converters.WriteConverterContext;
+import com.alibaba.excel.enums.CellDataTypeEnum;
+import com.alibaba.excel.metadata.data.WriteCellData;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import org.apache.commons.lang3.StringUtils;
+
+import java.util.Set;
+
+@Data
+public class UserInfoDTO {
+  @ExcelProperty("用户Id")
+  @ApiModelProperty(value = "用户ID")
+  private String userId;
+
+  @ApiModelProperty(value = "姓名")
+  private String realName;
+
+  @ExcelIgnore
+  @ApiModelProperty(value = "头像")
+  private String avatar;
+
+  @ApiModelProperty(value = "租户Code")
+  private String tenantCode;
+
+  @ApiModelProperty(value = "租户名称")
+  private String tenantName;
+
+  @ApiModelProperty(value = "主页地址")
+  private String homePath;
+  /** default: true */
+  @ApiModelProperty(value = "是否需要重置密码")
+  private boolean needSetPwd = true;
+
+  /** 添加SetConverter,将Set字符串或者对象转成字符串，对象转成字符串会调用其toString方法，请重写toString方法 */
+  @ExcelProperty(converter = SetConverter.class)
+  private Set<String> roles;
+
+  @ExcelProperty(converter = SetConverter.class)
+  private Set<PlainRolesDTO> plainRoles;
+
+  public static class SetConverter implements Converter<Set<?>> {
+    @Override
+    public Class<?> supportJavaTypeKey() {
+      return Set.class;
+    }
+
+    @Override
+    public WriteCellData<?> convertToExcelData(WriteConverterContext<Set<?>> context)
+        throws Exception {
+      return new WriteCellData<>(
+          CellDataTypeEnum.STRING, StringUtils.join(context.getValue(), ","));
+    }
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+
+import java.io.Serializable;
+
+@Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class UserRoleDTO implements Serializable {
+    private static final long serialVersionUID = -6930831157503627224L;
+    /** 用户ID */
+    private String userId;
+    /** 角色ID */
+    private String roleId;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+@Data
+@ApiModel(value = "密码修改")
+public class AccountReqDTO {
+
+    @ApiModelProperty(value = "用户ID",required = true)
+    private String userId;
+    @ApiModelProperty(value = "旧密码,旧密码为空表示设置初始密码")
+    private String password;
+    @ApiModelProperty(value = "新密码",required = true)
+    private String resetPassword;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Getter;
+
+@Getter
+public class CodeLoginRequest {
+  private final String phoneNumber;
+  private final String code;
+
+  @JsonCreator
+  public CodeLoginRequest(
+      @JsonProperty("phoneNumber") String phoneNumber, @JsonProperty("code") String code) {
+    this.phoneNumber = phoneNumber;
+    this.code = code;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class CodeTTL {
+  private String code;
+  private long sendTs;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.Data;
+import lombok.RequiredArgsConstructor;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.io.File;
+
+@Data
+@RequiredArgsConstructor
+public class EmailReqDTO{
+
+  /** 接收人 */
+  @NotEmpty(message = "缺少邮件接收人")
+  private String[] to;
+
+  /** 抄送人 */
+  private String[] cc;
+
+  /** 密送人 */
+  private String[] bcc;
+
+  /** 主题 */
+  @NotNull(message = "主题不能为空")
+  private String subject;
+
+  /** 内容 */
+  @NotEmpty(message ="内容不能为空")
+  private String body;
+
+  /** 附件 */
+  private File[] files;
+
+  /** 邮件格式：TEXT或者HTML */
+  @NotEmpty(message ="邮件格式不能为空")
+  private String emailFormatEnum;
+
+  /** 模板ID */
+  @NotEmpty(message ="模板ID不能为空")
+  private String id;
+
+  /**备注*/
+  private String remark;
+
+  /**用途*/
+  private String templatePurpose;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class LoginRequest {
+  private final String username;
+  private final String password;
+
+  @JsonCreator
+  public LoginRequest(
+      @JsonProperty("username") String username, @JsonProperty("password") String password) {
+    this.username = username;
+    this.password = password;
+  }
+
+  public String getUsername() {
+    return username;
+  }
+
+  public String getPassword() {
+    return password;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotEmpty;
+import java.io.Serializable;
+
+@Data
+public class RoleOrOrganizationReqDTO implements Serializable {
+
+  private static final long serialVersionUID = -5917331728153319765L;
+  /** 是否查询关联角色 */
+  private boolean queryRole;
+
+  /** 是否查询关联组织 */
+  private boolean queryOrganization;
+
+  /** 用户ID */
+  @NotEmpty(message = "用户ID不能为空或者空字符串")
+  private String userId;
+
+  /** 角色或组织的ID */
+  private String id;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+
+import java.util.List;
+
+@Data
+public class RoleReqDTO {
+  private String id;
+  private String name;
+  private String remark;
+  private RoleEnum roleType;
+  private int status;
+  private List<String> menu;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.enums.MessageTypeEnum;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+
+@Data
+public class SendResetPasswordEmailMsg {
+  @NotNull(message = "用户ID不能为空")
+  private String userId;
+
+  @NotEmpty(message = "消息类型不能为空字符串")
+  private MessageTypeEnum messageTypeEnum;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Pattern;
+import java.util.LinkedHashMap;
+
+@Data
+public class SmsReqDTO {
+
+  /** 模板参数 */
+  private LinkedHashMap<String, String> params;
+
+  /** 手机号码 */
+  @Pattern(regexp = FastIotConstants.MOBILE, message = "请输入正确的手机号")
+  private String phoneNumbers;
+
+  /** 模板ID */
+  @NotNull(message = "模板ID不能为空")
+  private String id;
+
+  /** 备注 */
+  private String remark;
+
+  /** 用途 */
+  private String templatePurpose;
+}

+package org.thingsboard.server.common.data.yunteng.dto.request;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.common.AddGroup;
+import org.thingsboard.server.common.data.yunteng.enums.TenantStatusEnum;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.time.LocalDateTime;
+
+@Data
+public class TenantReqDTO {
+  private String id;
+  private String icon;
+
+  @NotEmpty(message = "租户名称不能为空或空字符串", groups = AddGroup.class)
+  private String name;
+
+  private boolean enabled;
+  private String description;
+
+  @NotNull(message = "角色不能为空", groups = AddGroup.class)
+  private String[] roleIds;
+
+  @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+  private LocalDateTime tenantExpireTime;
+
+  private String tenantCode;
+  private String defaultConfig;
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private TenantStatusEnum tenantStatus;
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/**
+ * 设备凭证
+ */
+public enum DeviceCredentialsEnum {
+    ACCESS_TOKEN,
+    X509_CERTIFICATE,
+    MQTT_BASIC,
+    LWM2M_CREDENTIALS
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum DeviceState {
+  INACTIVE,
+  ONLINE,
+  OFFLINE
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum DeviceTypeEnum {
+    GATEWAY,
+    DIRECT_CONNECTION,
+    SENSOR
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum MenuTypeEnum {
+  SYSADMIN,
+  CUSTOM
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/** 消息类型枚举值 */
+public enum MessageTypeEnum {
+  EMAIL_MESSAGE,
+  PHONE_MESSAGE,
+  DING_TALK_MESSAGE,
+  WECHAT_MESSAGE
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum MsgTemplatePurposeEnum {
+  FOR_LOGIN,
+  FOR_FORGET_PASSWORD,
+  FOR_SET_PASSWORD,
+  FOR_ALARM_NOTICE,
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum OrderTypeEnum {
+  ASC,
+  DESC
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum RateLimitType {
+  /**
+   * 对所有请求进行限制
+   */
+  ALL,
+  /**
+   * 根据登录的用户限制
+   */
+  USER,
+  /**
+   * 根据IP限制
+   */
+  IP
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/** 请求响应枚举值 */
+public enum ResponseCodeEnum {
+  SUCCESS,
+  FAILED,
+  SENDING,
+  OK
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+public enum RoleEnum {
+  /**
+   * 超级管理员
+   */
+  ROLE_SYS_ADMIN,
+  /**
+   * 租户管理员
+   */
+  ROLE_TENANT_ADMIN,
+  /**
+   * 租户下普通用户
+   */
+  ROLE_NORMAL_USER,
+  /**
+   * 平台系统管理员
+   */
+  ROLE_PLATFORM_ADMIN;
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/** 短信平台枚举值 */
+public enum SmsProviderTypeEnum {
+  ALI_CLOUD,
+  TENCENT_CLOUD
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/** 租户状态 */
+public enum TenantStatusEnum {
+  NORMAL,
+  DISABLED,
+  EXPIRED
+}

+package org.thingsboard.server.common.data.yunteng.enums;
+
+/** 用户状态 */
+public enum UserStatusEnum {
+  NORMAL,
+  DISABLED,
+  EXPIRED
+}

+package org.thingsboard.server.common.data.yunteng.utils;
+
+import org.springframework.core.annotation.AliasFor;
+
+import java.lang.annotation.*;
+
+/** 表示这个是一个<em>演示</em>，这不是一个正式方法，参照写法完成以后，请删掉demo的方法或者字段演示 */
+@Target({ElementType.TYPE, ElementType.FIELD, ElementType.METHOD})
+@Retention(RetentionPolicy.SOURCE)
+@Documented
+public @interface Demo {
+  String value() default "";
+
+  @AliasFor(attribute = "value")
+  String description() default "";
+}

+package org.thingsboard.server.common.data.yunteng.utils;
+
+import com.alibaba.excel.EasyExcel;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.BeanUtils;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.ArrayList;
+import java.util.List;
+
+public class ExcelUtil {
+  private ExcelUtil() {}
+
+  public static void exportExcel(
+      HttpServletResponse response,
+      String fileName,
+      String sheetName,
+      List<?> list,
+      Class<?> pojoClass)
+      throws IOException {
+    if (StringUtils.isBlank(fileName)) {
+      fileName = LocalDateTime.now().format(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"));
+    }
+
+    response.setContentType("application/vnd.ms-excel");
+    response.setCharacterEncoding("UTF-8");
+    fileName = URLEncoder.encode(fileName, StandardCharsets.UTF_8);
+    response.setHeader("Content-disposition", "attachment;filename=" + fileName + ".xlsx");
+    EasyExcel.write(response.getOutputStream(), pojoClass).sheet(sheetName).doWrite(list);
+  }
+
+  @SuppressWarnings("all")
+  public static void exportExcelToTarget(
+      HttpServletResponse response,
+      String fileName,
+      String sheetName,
+      List<?> sourceList,
+      Class<?> targetClass)
+      throws Exception {
+    List<Object> targetList = new ArrayList<>(sourceList.size());
+
+    for (Object source : sourceList) {
+      Object target = targetClass.newInstance();
+      BeanUtils.copyProperties(source, target);
+      targetList.add(target);
+    }
+
+    exportExcel(response, fileName, sheetName, targetList, targetClass);
+  }
+}

+/**
+ * Copyright © 2016-2021 The Thingsboard Authors
+ *
+ * <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
+ *
+ * <p>http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * <p>Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.common.data.yunteng.utils;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import java.io.IOException;
+import java.util.Arrays;
+
+public class JacksonUtil {
+
+  public static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
+
+  static {
+    OBJECT_MAPPER.disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
+  }
+
+  public static <T> T convertValue(Object fromValue, Class<T> toValueType) {
+    try {
+      return fromValue != null ? OBJECT_MAPPER.convertValue(fromValue, toValueType) : null;
+    } catch (IllegalArgumentException e) {
+      throw new IllegalArgumentException(
+          "The given object value: " + fromValue + " cannot be converted to " + toValueType, e);
+    }
+  }
+
+  public static <T> T convertValue(Object fromValue, TypeReference<T> toValueTypeRef) {
+    try {
+      return fromValue != null ? OBJECT_MAPPER.convertValue(fromValue, toValueTypeRef) : null;
+    } catch (IllegalArgumentException e) {
+      throw new IllegalArgumentException(
+          "The given object value: " + fromValue + " cannot be converted to " + toValueTypeRef, e);
+    }
+  }
+
+  public static <T> T fromString(String string, Class<T> clazz) {
+    try {
+      return string != null ? OBJECT_MAPPER.readValue(string, clazz) : null;
+    } catch (IOException e) {
+      throw new IllegalArgumentException(
+          "The given string value: " + string + " cannot be transformed to Json object", e);
+    }
+  }
+
+  public static <T> T fromString(String string, TypeReference<T> valueTypeRef) {
+    try {
+      return string != null ? OBJECT_MAPPER.readValue(string, valueTypeRef) : null;
+    } catch (IOException e) {
+      throw new IllegalArgumentException(
+          "The given string value: " + string + " cannot be transformed to Json object", e);
+    }
+  }
+
+  public static <T> T fromBytes(byte[] bytes, Class<T> clazz) {
+    try {
+      return bytes != null ? OBJECT_MAPPER.readValue(bytes, clazz) : null;
+    } catch (IOException e) {
+      throw new IllegalArgumentException(
+          "The given string value: "
+              + Arrays.toString(bytes)
+              + " cannot be transformed to Json object",
+          e);
+    }
+  }
+
+  public static JsonNode fromBytes(byte[] bytes) {
+    try {
+      return OBJECT_MAPPER.readTree(bytes);
+    } catch (IOException e) {
+      throw new IllegalArgumentException(
+          "The given byte[] value: "
+              + Arrays.toString(bytes)
+              + " cannot be transformed to Json object",
+          e);
+    }
+  }
+
+  public static String toString(Object value) {
+    try {
+      return value != null ? OBJECT_MAPPER.writeValueAsString(value) : null;
+    } catch (JsonProcessingException e) {
+      throw new IllegalArgumentException(
+          "The given Json object value: " + value + " cannot be transformed to a String", e);
+    }
+  }
+
+  public static JsonNode toJsonNode(String value) {
+    if (value == null || value.isEmpty()) {
+      return null;
+    }
+    try {
+      return OBJECT_MAPPER.readTree(value);
+    } catch (IOException e) {
+      throw new IllegalArgumentException(e);
+    }
+  }
+
+  public static ObjectNode newObjectNode() {
+    return OBJECT_MAPPER.createObjectNode();
+  }
+
+  public static <T> T clone(T value) {
+    @SuppressWarnings("unchecked")
+    Class<T> valueClass = (Class<T>) value.getClass();
+    return fromString(toString(value), valueClass);
+  }
+
+  public static <T> JsonNode valueToTree(T value) {
+    return OBJECT_MAPPER.valueToTree(value);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.utils;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.BeanUtils;
+
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Field;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.List;
+
+@Slf4j
+public class ReflectUtils {
+
+  public static <T> Constructor<?> getEmptyParameterConstructor(Class<T> clazz) {
+    Constructor<?> constructor = null;
+    Constructor<?>[] constructors = clazz.getConstructors();
+    for (Constructor<?> con : constructors) {
+      if (con.getParameterCount() == 0) {
+        constructor = con;
+        break;
+      }
+    }
+    return constructor;
+  }
+
+  @SuppressWarnings("unchecked")
+  public static <T> List<T> sourceToTarget(
+      Collection<?> sourceList, Class<T> target, String... ignoreProperties) {
+    if (sourceList == null) {
+      return null;
+    }
+
+    List<T> targetList = new ArrayList<>(sourceList.size());
+    Constructor<?> constructor = getEmptyParameterConstructor(target);
+    if (constructor != null) {
+      try {
+        for (Object source : sourceList) {
+          T targetObject = (T) constructor.newInstance();
+          BeanUtils.copyProperties(source, targetObject, ignoreProperties);
+          targetList.add(targetObject);
+        }
+      } catch (Exception e) {
+        log.error("convert error ", e);
+      }
+    }
+    return targetList;
+  }
+
+
+  /**
+   * 获取类的所有属性，包含父类的【public private protected】
+   * @param clazz 不确定类型
+   * @return 返回List<Field>
+   */
+  public static List<Field> getAllDeclaredFields(Class<?> clazz){
+    List<Field> fieldList = new ArrayList<>();
+    for (;clazz !=null;clazz=clazz.getSuperclass()){
+      fieldList.addAll(Arrays.asList(clazz.getDeclaredFields()));
+    }
+    return fieldList;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.utils;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class RequestUtils {
+  public static String getClientIpAddr(HttpServletRequest request) {
+    String ip = request.getHeader("X-Forwarded-For");
+    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+      ip = request.getHeader("Proxy-Client-IP");
+    }
+    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+      ip = request.getHeader("WL-Proxy-Client-IP");
+    }
+    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+      ip = request.getHeader("HTTP_CLIENT_IP");
+    }
+    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+      ip = request.getHeader("HTTP_X_FORWARDED_FOR");
+    }
+    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+      ip = request.getRemoteAddr();
+    }
+    return ip;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.utils.tools;
+
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+import java.util.Collection;
+
+@Data
+@NoArgsConstructor
+public class PageData<T> implements Serializable {
+  private static final long serialVersionUID = -5385636733740491124L;
+  private int total;
+  private Collection<T> items;
+
+  public PageData(Collection<T> list, long total) {
+    this.items = list;
+    this.total = (int) total;
+  }
+}

+package org.thingsboard.server.common.data.yunteng.utils.tools;
+
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.springframework.http.HttpStatus;
+
+import java.io.Serializable;
+
+@Data
+@NoArgsConstructor
+public class ResponseResult<T> implements Serializable {
+
+    private static final long serialVersionUID = -8043533414600873987L;
+
+    /**
+     * 状态码
+     */
+    private Integer code;
+
+    /**
+     * 消息
+     */
+    private String message;
+
+    /**
+     * 数据
+     */
+    private T data;
+
+    /**
+     * 成功返回数据
+     * @param message 消息
+     * @return Result<T>
+     */
+    public static <T> ResponseResult<T> success(String message){
+        ResponseResult<T> responseResult = new ResponseResult<>();
+        responseResult.setMessage(message);
+        responseResult.setCode(HttpStatus.OK.value());
+        return responseResult;
+    }
+
+    /**
+     * 成功返回数据
+     * @param data 数据
+     * @return Result<T>
+     */
+    public static <T> ResponseResult<T> success(T data){
+        ResponseResult<T> responseResult = new ResponseResult<>();
+        responseResult.setCode(HttpStatus.OK.value());
+        responseResult.setMessage(HttpStatus.OK.getReasonPhrase());
+        responseResult.setData(data);
+        return responseResult;
+    }
+
+    /**
+     * 失败返回数据
+     * @param message 消息
+     * @return Result<T>
+     */
+    public static  <T> ResponseResult<T> failed(String message){
+        ResponseResult<T> responseResult = new ResponseResult<>();
+        responseResult.setMessage(message);
+        responseResult.setCode(HttpStatus.INTERNAL_SERVER_ERROR.value());
+        return responseResult;
+    }
+
+    /**
+     * 失败返回数据
+     * @param code 状态码
+     * @param message 消息
+     * @return Result<T>
+     */
+    public static <T> ResponseResult<T> failed(int code, String message){
+        ResponseResult<T> responseResult = new ResponseResult<>();
+        responseResult.setMessage(message);
+        responseResult.setCode(code);
+        return responseResult;
+    }
+}

+package org.thingsboard.server.common.data.yunteng.utils.tools;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.thingsboard.common.util.JacksonUtil;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+@Data
+@NoArgsConstructor
+public class TBPageData<T> implements Serializable {
+
+  private static final long serialVersionUID = -914237744254466700L;
+
+  private Collection<T> data;
+  private int totalPages;
+  private long totalElements;
+
+  @JsonProperty("hasNext")
+  private boolean hasNext;
+
+  public TBPageData(Collection<T> data, int totalPages, long totalElements, boolean hasNext) {
+    this.data = data;
+    this.totalPages = totalPages;
+    this.totalElements = totalElements;
+    this.hasNext = hasNext;
+  }
+
+  public <D> TBPageData<D> getPageData(TBPageData<T> data, Class<D> target){
+    List<D> targetList = new ArrayList<>();
+    for(T t:data.getData()){
+      targetList.add(JacksonUtil.convertValue(t,target));
+    }
+    return new TBPageData<>(targetList,data.totalPages,data.totalElements,data.hasNext);
+  }
+}

+package org.thingsboard.server.common.data.yunteng.utils.tree;
+
+import java.util.List;
+
+public interface TreeDTO<T> extends Comparable<T> {
+  String getParentId();
+
+  String getId();
+
+  List<T> getChildren();
+}

+package org.thingsboard.server.common.data.yunteng.utils.tree;
+
+import com.google.common.collect.Lists;
+import com.google.common.collect.Sets;
+
+import java.util.*;
+
+public class TreeUtils {
+  public static <T extends TreeDTO<T>> List<T> buildTree(List<T> treeList) {
+    Map<String, T> dtoMap = new LinkedHashMap<>(treeList.size());
+    HashSet<T> dtoSet = Sets.newHashSet(treeList);
+    dtoSet.forEach(dto -> dtoMap.put(dto.getId(), dto));
+    List<T> result = Lists.newArrayList();
+    for (T node : dtoMap.values()) {
+      T parent = dtoMap.get(node.getParentId());
+      if (parent != null && !(node.getId().equals(parent.getId()))) {
+        parent.getChildren().add(node);
+        continue;
+      }
+      result.add(node);
+    }
+    Collections.sort(result);
+    result.forEach(node -> Collections.sort(node.getChildren()));
+    return result;
+  }
+}

@@ -246,6 +246,13 @@
             <groupId>org.eclipse.leshan</groupId>
             <artifactId>leshan-core</artifactId>
         </dependency>
+
+        <!--mybatis-->
+        <dependency>
+            <groupId>com.baomidou</groupId>
+            <artifactId>mybatis-plus-boot-starter</artifactId>
+            <version>${mybatis-plus.version}</version>
+        </dependency>
     </dependencies>
     <build>
         <plugins>

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+import java.time.LocalDateTime;
+
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(ModelConstants.Table.ADMIN_SETTING_TABLE_NAME)
+public class AdminSetting extends BaseEntity {
+
+  private static final long serialVersionUID = -881433375246560135L;
+
+  private String configJson;
+  private String key;
+  private LocalDateTime createTime;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+import java.time.LocalDateTime;
+
+/**
+ * @Description
+ * @Author cxy   告警联系人实体表
+ * @Date 2021/11/2 11:17
+ */
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName(ModelConstants.Table.IOTFS_ALARM_CONTACT_TABLE_NAME)
+public class AlarmContact extends TenantBaseEntity{
+
+    private static final long serialVersionUID= -3982884827995610164L;
+
+    private  String username;
+
+    private String organizationId;
+
+
+    private  String phone;
+
+    private  String email;
+
+    private  String wechat;
+    private String dingtalk;
+
+    private  String remark;
+
+    private  String addPeople;
+
+    private String tenantCode;
+
+    @TableField(fill = FieldFill.INSERT)
+    private  LocalDateTime createTime;
+
+    private  String creator;
+
+    private String updater;
+
+    @TableField(fill = FieldFill.UPDATE)
+    private  LocalDateTime updateTime;
+
+
+
+
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName(ModelConstants.Table.IOTFS_ALARM_PROFILE_TABLE_NAME)
+public class AlarmProfile extends TenantBaseEntity {
+
+  private static final long serialVersionUID = -4922707705163155569L;
+  private String alarmContactId;
+  private String deviceProfileId;
+  private String messageMode;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.time.LocalDateTime;
+
+@Getter
+@Setter
+public class AuditRelatedEntity extends BaseEntity {
+
+  private static final long serialVersionUID = -5865650870569216315L;
+
+  @TableField(fill = FieldFill.INSERT)
+  private String creator;
+
+  @TableField(fill = FieldFill.INSERT)
+  private LocalDateTime createTime;
+
+  @TableField(fill = FieldFill.INSERT_UPDATE)
+  private String updater;
+
+  @TableField(fill = FieldFill.INSERT_UPDATE)
+  private LocalDateTime updateTime;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.beans.BeanUtils;
+import org.thingsboard.server.common.data.yunteng.core.exception.DTOCreationException;
+import org.thingsboard.server.common.data.yunteng.utils.ReflectUtils;
+
+import java.io.Serializable;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+
+@Getter
+@Setter
+public class BaseEntity implements Serializable {
+  private static final long serialVersionUID = 8948437944054606982L;
+
+  @TableId(type = IdType.ASSIGN_UUID)
+  private String id;
+
+  @JsonIgnore
+  public <T> void copyToDTO(T dto, String... ignoreProperties) {
+    BeanUtils.copyProperties(this, dto, ignoreProperties);
+  }
+
+  @JsonIgnore
+  @SuppressWarnings("unchecked")
+  public <T> T getDTO(Class<T> clazz) {
+    Constructor<?> constructor = ReflectUtils.getEmptyParameterConstructor(clazz);
+    if (constructor != null) {
+      try {
+        T t = (T) constructor.newInstance();
+        BeanUtils.copyProperties(this, t);
+        return t;
+      } catch (InstantiationException | IllegalAccessException | InvocationTargetException e) {
+        throw new DTOCreationException(
+            "try to get dto from class [" + clazz.getName() + "] failed " + e.getMessage());
+      }
+    } else {
+      throw new DTOCreationException("try to get dto from class [" + clazz.getName() + "] failed");
+    }
+  }
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName(ModelConstants.Table.IOTFS_DEVICE_TYPE_TABLE_NAME)
+public class DeviceType extends TenantBaseEntity {
+
+    private static final long serialVersionUID = -3777232331298040322L;
+
+    private String name;
+
+    private String parentId;
+
+    private String path;
+
+    private Integer sort;
+
+    private String description;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+import java.time.LocalDateTime;
+
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(value = ModelConstants.Table.MAIL_LOG_TABLE_NAME,autoResultMap = true)
+public class MailLog extends BaseEntity {
+  private static final long serialVersionUID = -8847842025838559296L;
+
+  /** 发件人 */
+  private String emailFrom;
+
+  /** 收件人 */
+  @TableField(typeHandler = JacksonTypeHandler.class)
+  private JsonNode emailTo;
+
+  /** 抄送人 */
+  @TableField(typeHandler = JacksonTypeHandler.class)
+  private JsonNode emailCc;
+
+  /** 密送人 */
+  @TableField(typeHandler = JacksonTypeHandler.class)
+  private JsonNode emailBcc;
+
+  /** 邮件主题 */
+  private String emailSubject;
+
+  /** 邮件内容 */
+  private String emailBody;
+
+  /** 状态:ResponseCodeEnum枚举值 */
+  private String status;
+
+  /** 发送时间 */
+  private LocalDateTime sendTime;
+
+  /** 租户Code */
+  private String tenantCode;
+
+  /** 模板ID */
+  private String messageTemplateId;
+
+  /**备注*/
+  private String remark;
+
+  /**用途*/
+  private String templatePurpose;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+import org.thingsboard.server.common.data.yunteng.enums.MenuTypeEnum;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName(ModelConstants.Table.MENU_TABLE_NAME)
+public class Menu extends TenantBaseEntity {
+
+  private static final long serialVersionUID = 6319718763792214142L;
+  private String name;
+
+  private String parentId;
+
+  private String path;
+
+  private MenuTypeEnum type;
+
+  private String permission;
+
+  private Integer sort;
+
+  @TableField(typeHandler = JacksonTypeHandler.class)
+  private JsonNode meta;
+
+  private String alias;
+
+  private String redirect;
+
+  private Boolean caseSensitive;
+
+  private String component;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName(value = ModelConstants.Table.MESSAGE_CONFIG_TABLE_NAME,autoResultMap = true)
+public class MessageConfig extends TenantBaseEntity {
+
+  private static final long serialVersionUID = -3624943194108704138L;
+
+  /** 配置名称 */
+  private String configName;
+
+  /** 平台类型 */
+  private String platformType;
+
+  /** 消息类型 */
+  private String messageType;
+
+  /** json配置 */
+  @TableField(typeHandler = JacksonTypeHandler.class)
+  private JsonNode config;
+
+  /** 状态：0禁用 1启用 */
+  private Integer status;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName(ModelConstants.Table.MESSAGE_TEMPLATE_TABLE_NAME)
+public class MessageTemplate extends TenantBaseEntity {
+
+  private static final long serialVersionUID = 6347635507829273091L;
+
+  /** 模板名称 */
+  private String templateName;
+
+  /** 模板签名 */
+  private String signName;
+
+  /** 模板CODE */
+  private String templateCode;
+
+  /** 消息配置 */
+  private String messageConfigId;
+
+  /** 模板用途 */
+  private String templatePurpose;
+
+  /** 消息类型 */
+  private String messageType;
+
+  /** 状态：0禁用 1启用 */
+  private Integer status;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName(ModelConstants.Table.IOTFS_ORGANIZATION_TABLE_NAME)
+public class Organization extends TenantBaseEntity {
+  private String parentId;
+  private String name;
+  private int sort;
+  private String remark;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+import org.thingsboard.server.common.data.yunteng.core.RequestMethod;
+import org.thingsboard.server.common.data.yunteng.enums.RateLimitType;
+
+import java.time.LocalTime;
+
+@Data
+@TableName(ModelConstants.Table.RATE_LIMIT_TABLE_NAME)
+public class RateLimiterEntity {
+  private String id;
+  private String path;
+  private double qps;
+  private RateLimitType rateLimitType;
+  private boolean enabled;
+  private LocalTime enableTime;
+  private LocalTime endTime;
+  private RequestMethod requestMethod;
+  private Integer sort;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(ModelConstants.Table.ROLE_TABLE_NAME)
+public class Role extends TenantBaseEntity {
+
+  private static final long serialVersionUID = 3915852360063998830L;
+  private String name;
+
+  private String remark;
+
+  private String roleType;
+
+  private String code;
+
+  private boolean enabled = true;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+import java.time.LocalDateTime;
+
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(value = ModelConstants.Table.SMS_LOG_TABLE_NAME,autoResultMap = true)
+public class SmsLog extends BaseEntity {
+
+  private static final long serialVersionUID = 2778820322396894328L;
+
+  /** 短信平台类型 */
+  private String type;
+
+  /** 发送状态：ResponseCodeEnum枚举值 */
+  private String status;
+
+  /** 发送时间 */
+  @TableField(fill = FieldFill.INSERT)
+  private LocalDateTime sendTime;
+
+  /** 发送手机号 */
+  private String toPhone;
+
+  /** 发送模板参数 */
+  @TableField(typeHandler = JacksonTypeHandler.class)
+  private JsonNode templateParam;
+
+  /** 租户Code */
+  private String tenantCode;
+
+  /** 模板ID */
+  private String messageTemplateId;
+
+  /**用途*/
+  private String templatePurpose;
+
+  /**备注*/
+  private String remark;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName(ModelConstants.Table.DEPT_TABLE_NAME)
+public class SysDept extends TenantBaseEntity {
+
+
+  private static final long serialVersionUID = -7160697827758883893L;
+  private String deptName;
+
+  private String parentId;
+
+  private Integer orderNo;
+
+
+  private String remark;
+  private Integer status;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(ModelConstants.Table.DICT_TABLE_NAME)
+public class SysDict extends TenantBaseEntity {
+
+  private static final long serialVersionUID = -5381101569947327544L;
+
+  /** 字典名称 */
+  private String dictName;
+
+  /** 字典编码 */
+  private String dictCode;
+
+  /** 字典描述 */
+  private String description;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.RequiredArgsConstructor;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@RequiredArgsConstructor
+@TableName(ModelConstants.Table.DICT_ITEM_TABLE_NAME)
+public class SysDictItem extends TenantBaseEntity {
+
+  private static final long serialVersionUID = 9177617160310722864L;
+  /** 字典id */
+  private String dictId;
+
+  /** 字典项文本 */
+  private String itemText;
+
+  /** 字典值 */
+  private String itemValue;
+
+  /** 描述 */
+  private String description;
+
+  /** 排序 */
+  private Integer sort;
+
+  /** 状态 */
+  private Integer status;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+import java.time.LocalDateTime;
+
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(ModelConstants.Table.TENANT_TABLE_NAME)
+public class Tenant extends AuditRelatedEntity {
+
+  private static final long serialVersionUID = 4848421848961008112L;
+  private String name;
+
+  private String tenantCode;
+
+  private String icon;
+
+  private boolean enabled = true;
+
+  private String description;
+
+  private String defaultConfig;
+
+  private LocalDateTime tenantExpireTime;
+
+  /** TB的租户ID */
+  private String tenantId;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.time.LocalDateTime;
+
+@Getter
+@Setter
+public class TenantBaseEntity extends BaseEntity {
+
+  private static final long serialVersionUID = -4315734960161684909L;
+
+  private String tenantCode;
+
+  @TableField(fill = FieldFill.INSERT)
+  private String creator;
+
+  @TableField(fill = FieldFill.UPDATE)
+  private String updater;
+
+  @TableField(fill = FieldFill.INSERT)
+  private LocalDateTime createTime;
+
+  @TableField(fill = FieldFill.UPDATE)
+  private LocalDateTime updateTime;
+
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+import java.io.Serializable;
+
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(ModelConstants.Table.TENANT_MENU_TABLE_NAME)
+public class TenantMenu implements Serializable {
+  private static final long serialVersionUID = -8775371485677702427L;
+  /** 菜单ID */
+  private String menuId;
+  /** 租户ID */
+  private String tenantCode;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+import java.io.Serializable;
+
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(ModelConstants.Table.TENANT_ROLE_TABLE_NAME)
+public class TenantRole implements Serializable {
+
+  private static final long serialVersionUID = 7332631758506821892L;
+  /** 角色ID */
+  private String roleId;
+  /** 租户ID */
+  private String tenantCode;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.FieldStrategy;
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+import java.time.LocalDateTime;
+
+/** user是所有可登录系统用户 */
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(ModelConstants.Table.USER_TABLE_NAME)
+public class User extends TenantBaseEntity {
+  private static final long serialVersionUID = 834982016421849497L;
+  private String username;
+
+  private String realName;
+
+  private String password;
+
+  @TableField(updateStrategy = FieldStrategy.IGNORED)
+  private String activateToken;
+
+  private String phoneNumber;
+
+  private String email;
+
+  private String avatar;
+
+  private boolean enabled = true;
+
+  private LocalDateTime accountExpireTime;
+
+  private String deptId;
+
+  /** 0：超级管理员；1：租户账号；2：租户下的账号 */
+  private Integer level;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+@TableName(ModelConstants.Table.IOTFS_USER_ORGANIZATION_MAPPING_TABLE_NAME)
+public class UserOrganizationMapping {
+  private String userId;
+  private String organizationId;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+
+import java.io.Serializable;
+
+@Data
+@EqualsAndHashCode(callSuper = false)
+@TableName(ModelConstants.Table.USER_ROLE_TABLE_NAME)
+public class UserRole implements Serializable {
+
+  private static final long serialVersionUID = -1018514294019250455L;
+
+  /** 用户ID */
+  private String userId;
+  /** 角色ID */
+  private String roleId;
+}

+package org.thingsboard.server.dao.yunteng.entities;
+
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+import org.thingsboard.server.common.data.yunteng.enums.DeviceCredentialsEnum;
+import org.thingsboard.server.common.data.yunteng.enums.DeviceState;
+import org.thingsboard.server.common.data.yunteng.enums.DeviceTypeEnum;
+
+import java.time.LocalDateTime;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+@TableName(value = ModelConstants.Table.IOTFS_DEVICE_TABLE_NAME)
+public class YtDevice extends TenantBaseEntity {
+  private String name;
+
+  @TableField(typeHandler = JacksonTypeHandler.class)
+  private JsonNode deviceInfo;
+
+  private LocalDateTime activeTime;
+  private DeviceState deviceState;
+  private String profileId;
+  private String deviceToken;
+  private String tbDeviceId;
+  private String deviceTypeId;
+  private LocalDateTime lastConnectTime;
+  private String label;
+  private DeviceTypeEnum deviceType;
+  private DeviceCredentialsEnum deviceCredentials;
+  private String organizationId;
+  /** 告警状态：0：正常 1：告警 */
+  private Integer alarmStatus;
+}

+package org.thingsboard.server.dao.yunteng.impl;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.springframework.stereotype.Service;
+import org.thingsboard.server.common.data.yunteng.common.CommonService;
+import org.thingsboard.server.common.data.yunteng.dto.DeviceDTO;
+import org.thingsboard.server.common.data.yunteng.dto.SysDictItemDTO;
+import org.thingsboard.server.dao.yunteng.mapper.SysDictItemMapper;
+import org.thingsboard.server.dao.yunteng.service.YtDeviceService;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class CommonServiceImpl implements CommonService {
+
+  private final SysDictItemMapper sysDictItemMapper;
+  private final YtDeviceService deviceService;
+  @Override
+  public SysDictItemDTO getDictValueByCodeAndText(String dictCode, String codeValue) {
+    return sysDictItemMapper.getDictValueByCodeAndText(dictCode, codeValue);
+  }
+
+  @Override
+  public String generateDeviceToken(String tenantId) {
+    String deviceToken = RandomStringUtils.randomAlphabetic(20);
+    DeviceDTO deviceDTO = new DeviceDTO();
+    deviceDTO.setDeviceToken(deviceToken);
+    //检查数据库是否已存在对应的DeviceToken
+    if(deviceService.findDeviceInfo(tenantId,deviceDTO).size()>0){
+      generateDeviceToken(tenantId);
+    }
+    return deviceToken;
+  }
+}

+package org.thingsboard.server.dao.yunteng.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.google.common.collect.Lists;
+import com.google.common.collect.Sets;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+import org.thingsboard.server.common.data.yunteng.core.cache.CacheUtils;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.core.exception.FastIotException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.dto.MenuDTO;
+import org.thingsboard.server.common.data.yunteng.enums.MenuTypeEnum;
+import org.thingsboard.server.dao.yunteng.entities.Menu;
+import org.thingsboard.server.dao.yunteng.mapper.MenuMapper;
+import org.thingsboard.server.dao.yunteng.mapper.RoleMapper;
+import org.thingsboard.server.dao.yunteng.service.AbstractBaseService;
+import org.thingsboard.server.dao.yunteng.service.MenuService;
+
+import java.util.*;
+
+@Service
+@Slf4j
+@RequiredArgsConstructor
+public class MenuServiceImpl extends AbstractBaseService<MenuMapper, Menu> implements MenuService {
+
+  private final RoleMapper roleMapper;
+  private final CacheUtils cacheUtils;
+
+  @Override
+  public List<MenuDTO> getAllMenus(String tenantId) {
+
+    List<Menu> menus =
+        baseMapper.selectList(
+            new QueryWrapper<Menu>().lambda().eq(Menu::getTenantCode, tenantId));
+    Map<String, MenuDTO> menuDTOMap = new LinkedHashMap<>(menus.size());
+    menus.forEach(menu -> menuDTOMap.put(menu.getId(), menu.getDTO(MenuDTO.class)));
+    return buildMenuDTOTree(menuDTOMap);
+  }
+
+  @Override
+  public List<MenuDTO> getMyMenus(String tenantId,String userId,boolean isSysAdmin,boolean isTenantAdmin) {
+    List<MenuDTO> menuDTOs;
+    if (isSysAdmin) {
+      menuDTOs = baseMapper.selectSysAdminMenu();
+    }
+    else if (isTenantAdmin) {
+      menuDTOs = baseMapper.selectTenantMenu(tenantId);
+    }
+    else {
+      menuDTOs = baseMapper.selectMyMenu(userId);
+    }
+    Map<String, MenuDTO> menuDTOMap = new LinkedHashMap<>(menuDTOs.size());
+    menuDTOs.forEach(menuDTO -> menuDTOMap.put(menuDTO.getId(), menuDTO));
+    return buildMenuDTOTree(menuDTOMap);
+  }
+
+  private List<MenuDTO> buildMenuDTOTree(Map<String, MenuDTO> menuDTOMap) {
+    List<MenuDTO> result = Lists.newArrayList();
+    for (MenuDTO node : menuDTOMap.values()) {
+      MenuDTO parent = menuDTOMap.get(node.getParentId());
+      if (parent != null && !(node.getId().equals(parent.getId()))) {
+        parent.getChildren().add(node);
+        continue;
+      }
+      result.add(node);
+    }
+    Collections.sort(result);
+    result.forEach(node -> Collections.sort(node.getChildren()));
+    return result;
+  }
+
+  @Override
+  @Transactional
+  public MenuDTO saveMenu(String tenantId,boolean isSysAdmin,MenuDTO menuDTO) {
+    if (menuDTO.getType() == null) {
+      menuDTO.setType(MenuTypeEnum.CUSTOM);
+    }
+    if (!isSysAdmin
+        && menuDTO.getType().equals(MenuTypeEnum.SYSADMIN)) {
+      throw new FastIotException(
+          ErrorMessage.ACCESS_DENIED.setMessage("Non-system admin cannot save system menu"),
+          HttpStatus.FORBIDDEN);
+    }
+    if (menuDTO.getType().equals(MenuTypeEnum.CUSTOM)
+        && StringUtils.isAllBlank(menuDTO.getName())) {
+      throw new DataValidationException("menu name is required when save custom menu");
+    }
+    int count =
+        baseMapper.selectCount(
+            new QueryWrapper<Menu>().lambda().eq(Menu::getPath, menuDTO.getPath()));
+    if (count > 0) {
+      throw new DataValidationException("menu with path " + menuDTO + " already exist");
+    }
+    menuDTO.setTenantCode(tenantId);
+    Menu menu = menuDTO.getEntity(Menu.class);
+    int insertCount = baseMapper.insert(menu);
+    if (insertCount > 0) {
+      menu.copyToDTO(menuDTO);
+      return menuDTO;
+    }
+    return null;
+  }
+
+  @Override
+  public Optional<MenuDTO> getMenu(String id) {
+    return Optional.ofNullable(baseMapper.selectById(id)).map(menu -> menu.getDTO(MenuDTO.class));
+  }
+
+  @Override
+  @Transactional
+  public MenuDTO updateMenu(String tenantId,boolean isSysAdmin,MenuDTO menuDTO) {
+    Menu menu = baseMapper.selectById(menuDTO.getId());
+    if (menu == null) {
+      throw new DataValidationException("cannot find menu to update");
+    } else {
+      if (!isSysAdmin) {
+        if (!tenantId.equals(menuDTO.getTenantCode())) {
+          throw new AccessDeniedException("You don't have permission to update this menu");
+        }
+      }
+      menuDTO.copyToEntity(menu);
+      baseMapper.updateById(menu);
+      if (!Objects.equals(menuDTO.getPermission(), menu.getPermission())) {
+        cacheUtils.invalidateCacheName(FastIotConstants.CacheConfigKey.CACHE_CONFIG_KEY);
+      }
+      menu.copyToDTO(menuDTO);
+    }
+    return menuDTO;
+  }
+
+  @Override
+  @Transactional
+  public boolean deleteMenus(String tenantId,String[] menuIds) {
+    Set<String> ids = Set.of(menuIds);
+    // 1. 判断是否所有的id都属于此人，admin也不可删除租户的menu
+    int notTenantMenuCount =
+        baseMapper.selectCount(
+            new QueryWrapper<Menu>()
+                .lambda()
+                .ne(Menu::getTenantCode, tenantId)
+                .in(Menu::getId, ids));
+    if (notTenantMenuCount > 0) {
+      throw new AccessDeniedException("cannot delete menu that not create by you");
+    }
+    // 2. 删除角色对应的menu
+    roleMapper.deleteRoleMenuMappingByMenuIds(ids);
+    // 3. 删除租户对应menu
+    baseMapper.deleteTenantMenuMappingByMenuIds(ids);
+    // 4. 删除menu
+    baseMapper.deleteBatchIds(ids);
+    cacheUtils.invalidateCacheName(FastIotConstants.CacheConfigKey.CACHE_CONFIG_KEY);
+    return true;
+  }
+
+  @Override
+  @Transactional
+  public boolean assignMenuToTenant(String tenantId,String[] menuId) {
+    Set<String> ids = Set.of(menuId);
+    int menuCountInDB =
+        baseMapper.selectCount(new QueryWrapper<Menu>().lambda().in(Menu::getId, ids));
+    if (menuCountInDB != menuId.length) {
+      throw new DataValidationException("please ensure all menu id are valid");
+    }
+    Set<String> existMenus = baseMapper.selectTenantMenuIds(tenantId);
+    Set<String> toDel = Sets.difference(existMenus, ids);
+    Set<String> toAdd = Sets.difference(ids, existMenus);
+    if (!toDel.isEmpty()) {
+      baseMapper.removeMenuFromTenant(tenantId, toDel);
+    }
+    if (!toAdd.isEmpty()) {
+      baseMapper.addMenuToTenant(tenantId, toAdd);
+    }
+    if (!toDel.isEmpty() && !toAdd.isEmpty()) {
+      cacheUtils.invalidate(
+          FastIotConstants.CacheConfigKey.CACHE_CONFIG_KEY,
+          FastIotConstants.CacheConfigKey.USER_PERMISSION_PREFIX + tenantId);
+    }
+    return true;
+  }
+
+  @Override
+  @Transactional
+  public boolean assignMenuToRole(String[] menuId, String roleId) {
+    Set<String> ids = Set.of(menuId);
+    if (!ids.isEmpty()) {
+      int menuCountInDB =
+          baseMapper.selectCount(new QueryWrapper<Menu>().lambda().in(Menu::getId, ids));
+      if (menuCountInDB != menuId.length) {
+        throw new DataValidationException("please ensure all menu id are valid");
+      }
+    }
+    Set<String> existMenus = baseMapper.selectRoleMenuIds(roleId);
+    Set<String> toDel = Sets.difference(existMenus, ids);
+    Set<String> toAdd = Sets.difference(ids, existMenus);
+    if (!toDel.isEmpty()) {
+      baseMapper.removeMenuFromRole(roleId, toDel);
+    }
+    if (!toAdd.isEmpty()) {
+      baseMapper.addMenuToRole(roleId, toAdd);
+    }
+    if (!toAdd.isEmpty() && !toDel.isEmpty()) {
+      cacheUtils.invalidateCacheName(FastIotConstants.CacheConfigKey.CACHE_CONFIG_KEY);
+    }
+    return true;
+  }
+
+  @Override
+  public Set<String> getMenuIdsByRoleId(String roleId) {
+    return roleMapper.getMenuIdsByRoleId(roleId);
+  }
+}

+package org.thingsboard.server.dao.yunteng.impl;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.dto.MessageTemplateDTO;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.dao.yunteng.entities.MessageTemplate;
+import org.thingsboard.server.dao.yunteng.mapper.MessageTemplateMapper;
+import org.thingsboard.server.dao.yunteng.service.AbstractBaseService;
+import org.thingsboard.server.dao.yunteng.service.MessageTemplateService;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+@Service
+@Slf4j
+@RequiredArgsConstructor
+public class MessageTemplateServiceImpl
+    extends AbstractBaseService<MessageTemplateMapper, MessageTemplate>
+    implements MessageTemplateService {
+  @Override
+  public PageData<MessageTemplateDTO> page(Map<String, Object> queryMap) {
+//    queryMap.put("tenantCode",SecurityContext.getCurrentUser().getTenantCode());
+    IPage<MessageTemplate> configIPage = getPage(queryMap, FastIotConstants.DefaultOrder.CREATE_TIME,false);
+    IPage<MessageTemplateDTO> iPage = baseMapper.getTemplatePage(configIPage,queryMap);
+    return getPageData(iPage, MessageTemplateDTO.class);
+  }
+
+  @Override
+  @Transactional
+  public MessageTemplateDTO saveMessageTemplate(MessageTemplateDTO templateDTO) {
+    MessageTemplate messageTemplate = new MessageTemplate();
+    templateDTO.copyToEntity(messageTemplate);
+//    messageTemplate.setTenantCode(SecurityContext.getCurrentUser().getTenantCode());
+    baseMapper.insert(messageTemplate);
+    messageTemplate.copyToDTO(templateDTO);
+    return templateDTO;
+  }
+
+  @Override
+  @Transactional
+  public boolean deleteMessageTemplate(Set<String> ids) {
+    return baseMapper.deleteBatchIds(ids) > 0;
+  }
+
+  @Override
+  @Transactional
+  public MessageTemplateDTO updateMessageTemplate(MessageTemplateDTO templateDTO) {
+
+//    String tenantCode = SecurityContext.getCurrentUser().getTenantCode();
+    //查询该租户下 是否已经启用相同消息类型、相同用途的模板
+    MessageTemplateDTO queryTemplate = new MessageTemplateDTO();
+    queryTemplate.setTemplatePurpose(templateDTO.getTemplatePurpose());
+    queryTemplate.setMessageType(templateDTO.getMessageType());
+//    queryTemplate.setTemplateCode(tenantCode);
+    if(StringUtils.isEmpty(templateDTO.getTemplatePurpose()) || StringUtils.isEmpty(templateDTO.getMessageType())){
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+    List<MessageTemplateDTO> messageTemplateDTOList = baseMapper.findMessageTemplate(queryTemplate);
+    if(null!=messageTemplateDTOList && messageTemplateDTOList.size()>0){
+      throw new DataValidationException(ErrorMessage.NOT_SET_PASSWORD_TEMPLATE.getMessage());
+    }
+    MessageTemplate messageTemplate = baseMapper.selectById(templateDTO.getId());
+    templateDTO.copyToEntity(messageTemplate);
+//    messageTemplate.setTenantCode(tenantCode);
+    baseMapper.updateById(messageTemplate);
+    messageTemplate.copyToDTO(templateDTO);
+    return templateDTO;
+  }
+
+  @Override
+  public List<MessageTemplateDTO> findMessageTemplate(MessageTemplateDTO templateDTO) {
+//    templateDTO.setTenantCode(SecurityContext.getCurrentUser().getTenantCode());
+    return baseMapper.findMessageTemplate(templateDTO);
+  }
+}

+package org.thingsboard.server.dao.yunteng.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.google.common.collect.Lists;
+import com.google.common.collect.Sets;
+import lombok.RequiredArgsConstructor;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.util.Assert;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.dto.DeleteDTO;
+import org.thingsboard.server.common.data.yunteng.dto.OrganizationDTO;
+import org.thingsboard.server.dao.yunteng.entities.UserOrganizationMapping;
+import org.thingsboard.server.dao.yunteng.entities.Organization;
+import org.thingsboard.server.dao.yunteng.entities.User;
+import org.thingsboard.server.dao.yunteng.mapper.DeviceMapper;
+import org.thingsboard.server.dao.yunteng.mapper.OrganizationMapper;
+import org.thingsboard.server.dao.yunteng.mapper.UserMapper;
+import org.thingsboard.server.dao.yunteng.mapper.UserOrganizationMappingMapper;
+import org.thingsboard.server.dao.yunteng.service.AbstractBaseService;
+import org.thingsboard.server.dao.yunteng.service.OrganizationService;
+
+import java.util.*;
+import java.util.stream.Collectors;
+
+@Service
+@RequiredArgsConstructor
+public class OrganizationServiceImpl extends AbstractBaseService<OrganizationMapper, Organization>
+    implements OrganizationService {
+
+  private final UserOrganizationMappingMapper userOrganizationMappingMapper;
+  private final UserMapper userMapper;
+  private final DeviceMapper deviceMapper;
+
+  @Override
+  @Transactional
+  public OrganizationDTO saveOrganization(OrganizationDTO organizationDTO) {
+    Assert.notNull(organizationDTO.getName(), "organization name cannot be null");
+    if (StringUtils.isNotBlank(organizationDTO.getParentId())) {
+      Organization organization = baseMapper.selectById(organizationDTO.getParentId());
+      if (organization == null) {
+        throw new DataValidationException("parent organization not exist!");
+      } else {
+        if (!organization
+            .getTenantCode()
+            .equals(null)) {//TODO getCurrentUser().getTenantCode()
+          throw new DataValidationException("parent organization not exist.");
+        }
+      }
+    }
+    Organization organization = new Organization();
+    //organizationDTO.setTenantCode(getCurrentUser().getTenantCode());
+    organizationDTO.copyToEntity(organization, "id");
+    baseMapper.insert(organization);
+    organization.copyToDTO(organizationDTO);
+    return organizationDTO;
+  }
+
+  @Override
+  @Transactional
+  public boolean deleteOrganizations(DeleteDTO deleteDTO) {
+    if(null == deleteDTO || deleteDTO.getIds().isEmpty()){
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+    String[] ids = deleteDTO.getIds().toArray(new String[deleteDTO.getIds().size()]);
+    Set<String> idToDelete =
+        baseMapper
+            .findOrganizationTreeList(
+                null, Arrays.asList(ids))//TODO getCurrentUser().getTenantCode()
+            .stream()
+            .map(OrganizationDTO::getId)
+            .collect(Collectors.toSet());
+    if (idToDelete.size() != ids.length) {
+      throw new DataValidationException("待删除数据存在子项,不能删除!");
+    }
+    List<UserOrganizationMapping> userOrganizationMappingList =
+        userOrganizationMappingMapper.selectList(
+            new QueryWrapper<UserOrganizationMapping>()
+                .lambda()
+                .in(UserOrganizationMapping::getOrganizationId, idToDelete));
+    if (!userOrganizationMappingList.isEmpty()) {
+      throw new DataValidationException("待删除数据存在关联用户,不能删除!");
+    }
+    // 查询是否有设备使用该组织
+//    List<Device> deviceList = deviceMapper.selectList(
+//        new QueryWrapper<Device>()
+//            .lambda()
+//            .eq(Device::getTenantCode, getCurrentUser().getTenantCode())
+//            .eq(Device::getOrganizationId,ids));
+//    if (!deviceList.isEmpty()) {
+//      throw new DataValidationException("待删除数据存在关联设备,不能删除!");
+//    }
+//    doDeleteUserOrganizationMapping(idToDelete);
+    return baseMapper.deleteBatchIds(idToDelete)>0;
+  }
+
+  private void doDeleteUserOrganizationMapping(Collection<String> organizationIds) {
+    userOrganizationMappingMapper.delete(
+        new QueryWrapper<UserOrganizationMapping>()
+            .lambda()
+            .in(UserOrganizationMapping::getOrganizationId, organizationIds));
+  }
+
+  @Override
+  @Transactional
+  public OrganizationDTO updateOrganization(OrganizationDTO organizationDTO) {
+//    Organization organization = baseMapper.selectById(organizationDTO.getId());
+//    Organization parent = null;
+//    if (StringUtils.isNotBlank(organizationDTO.getParentId())) {
+//      Organization parentOrganization = baseMapper.selectById(organizationDTO.getParentId());
+//      if (parentOrganization
+//          .getTenantCode()
+//          .equals(getCurrentUser().getTenantCode())) {
+//        parent = parentOrganization;
+//      }
+//    }
+//    if (organization == null) {
+//      return null;
+//    }
+//    if (organization.getName().equals(organizationDTO.getName())
+//        && organization.getSort() == organizationDTO.getSort()
+//        && organization.getRemark().equals(organizationDTO.getRemark())
+//        && Objects.equals(organization.getParentId(), organizationDTO.getParentId())) {
+//      return organizationDTO;
+//    }
+//    organization.setName(organizationDTO.getName());
+//    organization.setRemark(organizationDTO.getRemark());
+//    organization.setSort(organizationDTO.getSort());
+//    if (parent != null) {
+//      organization.setParentId(parent.getId());
+//    }
+//    baseMapper.updateById(organization);
+//    organization.copyToDTO(organizationDTO);
+//    return organizationDTO;
+    return null;
+  }
+
+  @Override
+  public List<OrganizationDTO> getMyOrganizations() {
+//    if (getCurrentUser().isTenantAdmin()) {
+//      return findOrganizationTree(getCurrentUser().getTenantCode());
+//    } else {
+//      Set<String> organizationIds =
+//          userOrganizationMappingMapper
+//              .selectList(
+//                  new QueryWrapper<UserOrganizationMapping>()
+//                      .lambda()
+//                      .in(
+//                          UserOrganizationMapping::getUserId,
+//                          getCurrentUser().getUserId()))
+//              .stream()
+//              .map(UserOrganizationMapping::getOrganizationId)
+//              .collect(Collectors.toSet());
+//      List<Organization> organizations =
+//          baseMapper.selectList(
+//              new QueryWrapper<Organization>()
+//                  .lambda()
+//                  .eq(Organization::getTenantCode, getCurrentUser().getTenantCode())
+//                  .in(organizationIds.size() > 0, Organization::getId, organizationIds));
+//      return TreeUtils.buildTree(ReflectUtils.sourceToTarget(organizations, OrganizationDTO.class));
+//    }
+    return null;
+  }
+
+  private List<OrganizationDTO> findOrganizationTree(String tenantCode) {
+    List<OrganizationDTO> organizationTreeList =
+        baseMapper.findOrganizationTreeList(tenantCode, null);
+    return buildOrganizationDTOTree(organizationTreeList);
+  }
+
+  private List<OrganizationDTO> buildOrganizationDTOTree(
+      List<OrganizationDTO> organizationTreeList) {
+    Map<String, OrganizationDTO> organizationDTOMap =
+        new LinkedHashMap<>(organizationTreeList.size());
+    HashSet<OrganizationDTO> organizationDTOSet = Sets.newHashSet(organizationTreeList);
+    organizationDTOSet.forEach(
+        organizationDTO -> organizationDTOMap.put(organizationDTO.getId(), organizationDTO));
+    List<OrganizationDTO> result = Lists.newArrayList();
+    for (OrganizationDTO node : organizationDTOMap.values()) {
+      OrganizationDTO parent = organizationDTOMap.get(node.getParentId());
+      if (parent != null && !(node.getId().equals(parent.getId()))) {
+        parent.getChildren().add(node);
+        continue;
+      }
+      result.add(node);
+    }
+    Collections.sort(result);
+    result.forEach(node -> Collections.sort(node.getChildren()));
+    return result;
+  }
+
+  @Override
+  @Transactional
+  public void bindUserToOrganization(String userId, String[] organizationIds) {
+//    User user = userMapper.selectById(userId);
+//    if (user == null) {
+//      throw new DataValidationException("所选用户不存在");
+//    }
+//    if (!user.getTenantCode().equals(getCurrentUser().getTenantCode())) {
+//      throw new DataValidationException("所选用户不可用");
+//    }
+//    if (null != organizationIds && organizationIds.length > 0) {
+//      Set<String> newBinding =
+//          baseMapper
+//              .findOrganizationTreeList(
+//                  getCurrentUser().getTenantCode(), Arrays.asList(organizationIds))
+//              .stream()
+//              .map(OrganizationDTO::getId)
+//              .collect(Collectors.toSet());
+//      Set<String> existBinding =
+//          userOrganizationMappingMapper
+//              .selectList(
+//                  new QueryWrapper<UserOrganizationMapping>()
+//                      .lambda()
+//                      .eq(UserOrganizationMapping::getUserId, userId))
+//              .stream()
+//              .map(UserOrganizationMapping::getOrganizationId)
+//              .collect(Collectors.toSet());
+//      Set<String> toDel = Sets.difference(existBinding, newBinding);
+//      Set<String> toAdd = Sets.difference(newBinding, existBinding);
+//      if (!toDel.isEmpty()) {
+//        userOrganizationMappingMapper.delete(
+//            new QueryWrapper<UserOrganizationMapping>()
+//                .lambda()
+//                .in(UserOrganizationMapping::getUserId, userId)
+//                .in(UserOrganizationMapping::getOrganizationId, toDel));
+//      }
+//      if (!toAdd.isEmpty()) {
+//        toAdd.stream()
+//            .map(organizationId -> new UserOrganizationMapping(userId, organizationId))
+//            .forEach(userOrganizationMappingMapper::insert);
+//      }
+//    }
+  }
+
+  @Override
+  @Transactional
+  public void unBindUserToOrganization(Set<String> userIds) {
+    for (String userId : userIds) {
+      User user = userMapper.selectById(userId);
+      if (user == null) {
+        throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+      }
+      userOrganizationMappingMapper.delete(
+          new QueryWrapper<UserOrganizationMapping>()
+              .lambda()
+              .eq(UserOrganizationMapping::getUserId, userId));
+    }
+  }
+}

+package org.thingsboard.server.dao.yunteng.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.google.common.collect.Sets;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.boot.actuate.endpoint.SecurityContext;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+import org.thingsboard.server.common.data.yunteng.core.cache.CacheUtils;
+import org.thingsboard.server.common.data.yunteng.core.exception.FastIotException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.dto.RoleDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.RoleReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.dao.yunteng.entities.Role;
+import org.thingsboard.server.dao.yunteng.entities.TenantMenu;
+import org.thingsboard.server.dao.yunteng.entities.TenantRole;
+import org.thingsboard.server.dao.yunteng.entities.UserRole;
+import org.thingsboard.server.dao.yunteng.mapper.*;
+import org.thingsboard.server.dao.yunteng.service.AbstractBaseService;
+import org.thingsboard.server.dao.yunteng.service.MenuService;
+import org.thingsboard.server.dao.yunteng.service.RoleService;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+@Service
+@Slf4j
+@RequiredArgsConstructor
+public class RoleServiceImpl extends AbstractBaseService<RoleMapper, Role> implements RoleService {
+
+  private final MenuMapper menuMapper;
+  private final CacheUtils cacheUtils;
+  private final MenuService menuService;
+  private final TenantMenuMapper tenantMenuMapper;
+  private final TenantRoleMapper tenantRoleMapper;
+  private final UserRoleMapper userRoleMapper;
+
+  @Override
+  public PageData<RoleDTO> page(boolean isSysadmin,boolean isPlatformAdmin, String tenantId,Map<String, Object> queryMap) {
+    IPage<Role> roleIPage =
+        baseMapper.selectPage(
+            getPage(queryMap, "create_time", false),
+            new QueryWrapper<Role>()
+                .lambda()
+                .eq(queryMap.get("status") != null, Role::isEnabled, queryMap.get("status"))
+                .eq(queryMap.get("roleType") != null, Role::getRoleType, queryMap.get("roleType"))
+                .ne(queryMap.get("roleType") == null, Role::getRoleType, RoleEnum.ROLE_TENANT_ADMIN)
+                .ne(
+                    queryMap.get("roleType") == null
+                        && isPlatformAdmin,
+                    Role::getRoleType,
+                    RoleEnum.ROLE_SYS_ADMIN)
+                .eq(
+                    !isSysadmin,
+                    Role::getTenantCode,
+                    tenantId)
+                .like(
+                    queryMap.get("roleName") != null,
+                    Role::getName,
+                    String.valueOf(queryMap.get("roleName"))));
+    return getPageData(roleIPage, RoleDTO.class);
+  }
+
+  @Override
+  @Transactional
+  public boolean deleteRole(String[] roleIds,String tenantId) {
+    Set<String> ids = Set.of(roleIds);
+    int notTenantMenuCount =
+        baseMapper.selectCount(
+            new QueryWrapper<Role>()
+                .lambda()
+                .ne(Role::getTenantCode, tenantId)
+                .in(Role::getId, ids));
+    if (notTenantMenuCount > 0) {
+      throw new AccessDeniedException("cannot delete role that not create by you");
+    }
+    // 判断该角色下面是否有用户
+    Set<String> userIds = baseMapper.checkRoleUserMappingByRoleIds(ids);
+    if (null != userIds && userIds.size() > 0) {
+      throw new FastIotException(ErrorMessage.ROLE_IN_USE);
+    }
+    // delete sys_role_menu mapping
+    baseMapper.deleteRoleMenuMappingByRoleIds(ids);
+    // delete role
+    baseMapper.deleteBatchIds(ids);
+    // FIXME 频繁删除role造成缓存效果不大
+    cacheUtils.invalidateCacheName(FastIotConstants.CacheConfigKey.CACHE_CONFIG_KEY);
+    return true;
+  }
+
+  @Override
+  public Set<String> getPermissions(boolean isSysadmin,boolean isTenantAdmin,String tenantId,String useerId) {
+    Set<String> permissions = Sets.newHashSet();
+    Set<String> allPermission;
+    String cacheKey;
+    boolean cachePresent;
+    if (isSysadmin) {
+      cacheKey =
+          FastIotConstants.CacheConfigKey.USER_PERMISSION_PREFIX + RoleEnum.ROLE_SYS_ADMIN.name();
+      Optional<Set<String>> optionalPermission =
+          cacheUtils.get(FastIotConstants.CacheConfigKey.CACHE_CONFIG_KEY, cacheKey);
+      cachePresent = optionalPermission.isPresent();
+      allPermission = optionalPermission.orElseGet(menuMapper::getAllPermission);
+    } else if (isTenantAdmin) {
+      cacheKey =
+          FastIotConstants.CacheConfigKey.USER_PERMISSION_PREFIX
+              + tenantId;
+      Optional<Set<String>> optionalPermission =
+          cacheUtils.get(FastIotConstants.CacheConfigKey.CACHE_CONFIG_KEY, cacheKey);
+      cachePresent = optionalPermission.isPresent();
+      allPermission =
+          optionalPermission.orElseGet(
+              () ->
+                  menuMapper.getAllPermissionsByTenantCode(tenantId));
+    } else {
+      cacheKey =
+          FastIotConstants.CacheConfigKey.USER_PERMISSION_PREFIX
+              + useerId;
+      Optional<Set<String>> optionalPermission =
+          cacheUtils.get(FastIotConstants.CacheConfigKey.CACHE_CONFIG_KEY, cacheKey);
+      cachePresent = optionalPermission.isPresent();
+      allPermission =
+          optionalPermission.orElseGet(
+              () ->
+                  menuMapper.getAllPermissionsByUserId(useerId));
+    }
+    if (cachePresent) {
+      return allPermission;
+    } else {
+      allPermission.forEach(
+          permission -> permissions.addAll(Sets.newHashSet(permission.split(","))));
+      cacheUtils.put(FastIotConstants.CacheConfigKey.CACHE_CONFIG_KEY, cacheKey, permissions);
+    }
+    return permissions;
+  }
+
+  @Override
+  @Transactional
+  public void updateRoleStatus(String roleId, int status,boolean isSysadmin,String tenantId) {
+    Optional.ofNullable(
+            baseMapper.selectOne(
+                new QueryWrapper<Role>()
+                    .lambda()
+                    .eq(Role::getId, roleId)
+                    .eq(
+                        !isSysadmin,
+                        Role::getTenantCode,
+                        tenantId)))
+        .ifPresent(
+            role -> {
+              role.setEnabled(status == 1);
+              baseMapper.updateById(role);
+            });
+  }
+
+  @Override
+  @Transactional
+  public RoleDTO saveOrUpdateRoleInfoWithMenu(RoleReqDTO roleReqDTO,boolean isSysadmin,boolean isPlatformAdmin,String tenantId) {
+    Role role;
+    // 默认普通管理员角色,即租户管理员添加的角色
+    var roleType = RoleEnum.ROLE_NORMAL_USER.name();
+    if (null != roleReqDTO.getRoleType()) {
+      roleType = roleReqDTO.getRoleType().name();
+    } else {
+      if (isSysadmin
+          || isPlatformAdmin) {
+        roleType = RoleEnum.ROLE_PLATFORM_ADMIN.name();
+      }
+    }
+    boolean update = StringUtils.isNotBlank(roleReqDTO.getId());
+    if (update) {
+      // do update
+      role =
+          baseMapper.selectOne(
+              new QueryWrapper<Role>()
+                  .lambda()
+                  .eq(Role::getId, roleReqDTO.getId())
+                  .eq(
+                      !isSysadmin,
+                      Role::getTenantCode,
+                      tenantId));
+      if (role == null) {
+        return null;
+      } else {
+        role.setRemark(roleReqDTO.getRemark());
+        role.setName(roleReqDTO.getName());
+        role.setEnabled(roleReqDTO.getStatus() == 1);
+        baseMapper.updateById(role);
+      }
+    } else {
+      // do save
+      role = new Role();
+      role.setRoleType(roleType);
+      role.setCode(RandomStringUtils.randomAlphabetic(10));
+      role.setRemark(roleReqDTO.getRemark());
+      role.setName(roleReqDTO.getName());
+      role.setEnabled(roleReqDTO.getStatus() == 1);
+      role.setTenantCode(tenantId);
+      baseMapper.insert(role);
+    }
+    // do update or save menu associate with this roleId
+    menuService.assignMenuToRole(
+        roleReqDTO.getMenu().toArray(new String[roleReqDTO.getMenu().size()]), role.getId());
+    // 如果是租户管理员角色并且是更新，则需要更新租户菜单表
+    if (role.getRoleType().equals(RoleEnum.ROLE_TENANT_ADMIN.name()) && update) {
+      List<String> menus = roleReqDTO.getMenu();
+      // 先删除以前的租户菜单，再更新新的租户菜单
+      // 1、查询这个角色有几个租户用户
+      // 2、删除并更新对应租户的信息
+      List<TenantRole> tenantRoles =
+          tenantRoleMapper.selectList(
+              new QueryWrapper<TenantRole>().lambda().eq(TenantRole::getRoleId, role.getId()));
+      tenantRoles.forEach(
+          tenantRole -> {
+            String updateTenantCode = tenantRole.getTenantCode();
+            int deleteCount =
+                tenantMenuMapper.delete(
+                    new QueryWrapper<TenantMenu>()
+                        .lambda()
+                        .eq(TenantMenu::getTenantCode, updateTenantCode));
+            if (deleteCount > 0) {
+              menus.forEach(
+                  menu -> {
+                    TenantMenu tenantMenu = new TenantMenu();
+                    tenantMenu.setMenuId(menu);
+                    tenantMenu.setTenantCode(updateTenantCode);
+                    tenantMenuMapper.insert(tenantMenu);
+                  });
+            }
+          });
+    }
+    return role.getDTO(RoleDTO.class);
+  }
+
+  @Override
+  public List<RoleDTO> findRoleInfo(boolean isTenantAdmin,String tenantId,String userId,RoleDTO roleDTO) {
+    if (StringUtils.isEmpty(roleDTO.getTenantCode())) {
+      roleDTO.setTenantCode(tenantId);
+    }
+    if (isTenantAdmin) {
+      // 租户管理员既要查询自己拥有的角色，也要查询自己创建的角色
+      List<String> roleIds =
+          userRoleMapper
+              .selectList(new QueryWrapper<UserRole>().lambda().eq(UserRole::getUserId, userId))
+              .stream()
+              .map(UserRole::getRoleId)
+              .collect(Collectors.toList());
+      roleDTO.setRoleIds(roleIds.toArray(new String[roleIds.size()]));
+    }
+    return baseMapper.findRoleInfo(roleDTO);
+  }
+}

+package org.thingsboard.server.dao.yunteng.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.fasterxml.jackson.databind.JsonNode;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.thingsboard.server.common.data.DeviceProfile;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.dto.DeviceDTO;
+import org.thingsboard.server.common.data.yunteng.dto.OrganizationDTO;
+import org.thingsboard.server.common.data.yunteng.enums.DeviceState;
+import org.thingsboard.server.common.data.yunteng.enums.DeviceTypeEnum;
+import org.thingsboard.server.common.data.yunteng.utils.ReflectUtils;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.dao.yunteng.entities.Organization;
+import org.thingsboard.server.dao.yunteng.entities.YtDevice;
+import org.thingsboard.server.dao.yunteng.mapper.DeviceMapper;
+import org.thingsboard.server.dao.yunteng.mapper.DeviceProfileMapper;
+import org.thingsboard.server.dao.yunteng.mapper.OrganizationMapper;
+import org.thingsboard.server.dao.yunteng.service.AbstractBaseService;
+import org.thingsboard.server.dao.yunteng.service.YtDeviceService;
+
+import java.util.*;
+import java.util.stream.Collectors;
+
+@Service
+@RequiredArgsConstructor
+@Slf4j
+public class YtDeviceServiceImpl extends AbstractBaseService<DeviceMapper, YtDevice>
+    implements YtDeviceService {
+
+//  private final TBConfig tbConfig;
+//  private final TBConnectService tbConnectService;
+//  private final TbDBService tbDBService;
+  private final DeviceProfileMapper deviceProfileMapper;
+  private final OrganizationMapper organizationMapper;
+
+  @Override
+  // @Transactional
+  // 事务会导致 tbDBService 多数据源失效
+  public DeviceDTO insertOrUpdate(String tenantId,DeviceDTO deviceDTO) {
+    if (StringUtils.isBlank(deviceDTO.getId())) {
+      return insert(tenantId,deviceDTO);
+    } else {
+      return update(tenantId,deviceDTO);
+    }
+  }
+
+  private DeviceDTO update(String tenantId,DeviceDTO deviceDTO) {
+    YtDevice device = baseMapper.selectById(deviceDTO.getId());
+    if (!device.getTenantCode().equals(tenantId)) {
+      return null;
+    }
+    validateDeviceDTO(tenantId,deviceDTO, false);
+    List<YtDevice> devices =
+        baseMapper.selectList(
+            new QueryWrapper<YtDevice>()
+                .lambda()
+//                .eq(YtDevice::getDeviceToken, deviceDTO.getDeviceToken())
+        );
+    if (!devices.isEmpty()) {
+      // 如果device token已经存在，那么必定只有一个，不会有多个
+      YtDevice deviceExistWithSameToken = devices.get(0);
+      if (!deviceExistWithSameToken.getId().equals(deviceDTO.getId())) {
+        throw new DataValidationException("设备Device Token已经存在!");
+      }
+    }
+    // 首先update tb, 需要更新的字段有
+    //  name, tbDeviceProfileId, label, isGateway, deviceToken
+    /*if (tbConfig.isEnabled()) {
+      validateUpdate(deviceDTO);
+      deviceDTO.setTbDeviceId(device.getTbDeviceId());
+      // 判断name, tbDeviceProfileId, label, isGateway是否有更新
+      boolean changed = detectDeviceChange(deviceDTO, device);
+      if (changed) {
+        Device tbDevice = buildTbDeviceFromDeviceDTO(deviceDTO);
+        try {
+          tbConnectService.saveDevice(tbDevice, deviceDTO.getDeviceToken()).get();
+        } catch (InterruptedException | ExecutionException e) {
+          log.error("update device to tb error:{}", e.getMessage());
+          throw new FastIotException(ErrorMessage.CONNECT_TO_TB_ERROR);
+        }
+      }
+      // update deviceToken
+      if (!deviceDTO.getDeviceToken().equals(device.getDeviceToken())) {
+        CredentialEntity credentialEntity =
+            tbDBService.findDeviceCredentialsByDeviceId(deviceDTO.getTbDeviceId());
+        if (credentialEntity == null) {
+          log.error("tb 无此设备信息->tbDeviceId[{}]", deviceDTO.getTbDeviceId());
+          throw new FastIotException(ErrorMessage.CONNECT_TO_TB_ERROR.setMessage("tb 无此设备信息"));
+        }
+        credentialEntity.setCredentialsId(deviceDTO.getDeviceToken());
+        TBCredential tbCredential = buildTBCredential(credentialEntity);
+        try {
+          TBCredential newTbCredentials = tbConnectService.saveDeviceCredential(tbCredential).get();
+          if (newTbCredentials == null) {
+            throw new FastIotException(
+                ErrorMessage.CONNECT_TO_TB_ERROR.setMessage("update tb credentials error"));
+          }
+        } catch (InterruptedException | ExecutionException e) {
+          log.error("update device to tb error:{}", e.getMessage());
+          throw new FastIotException(ErrorMessage.CONNECT_TO_TB_ERROR);
+        }
+      }
+    }*/
+    deviceDTO.copyToEntity(
+        device,
+        ModelConstants.TablePropertyMapping.ACTIVE_TIME,
+        ModelConstants.TablePropertyMapping.DEVICE_STATE,
+        ModelConstants.TablePropertyMapping.TB_DEVICE_ID,
+        ModelConstants.TablePropertyMapping.TENANT_CODE,
+        ModelConstants.TablePropertyMapping.CREATOR,
+        ModelConstants.TablePropertyMapping.UPDATER,
+        ModelConstants.TablePropertyMapping.CREATE_TIME,
+        ModelConstants.TablePropertyMapping.UPDATE,
+        ModelConstants.TablePropertyMapping.UPDATE_TIME);
+    baseMapper.updateById(device);
+    return device.getDTO(DeviceDTO.class);
+  }
+
+//  private TBCredential buildTBCredential(CredentialEntity credentialEntity) {
+//    Assert.notNull(credentialEntity, "credentialEntity cannot be null");
+//    TBCredential tbCredential = new TBCredential();
+//    tbCredential.setCredentialsId(credentialEntity.getCredentialsId());
+//    tbCredential.setCredentialsType(credentialEntity.getCredentialsType());
+//    tbCredential.setCreateTime(credentialEntity.getCreatedTime());
+//    tbCredential.setCredentialsValue(credentialEntity.getCredentialsValue());
+//    Id deviceId = new Id();
+//    deviceId.setEntityType(EntityType.DEVICE);
+//    deviceId.setId(credentialEntity.getDeviceId());
+//    tbCredential.setDeviceId(deviceId);
+//    Id id = new Id();
+//    id.setId(credentialEntity.getId());
+//    tbCredential.setId(id);
+//    return tbCredential;
+//  }
+
+  private void validateUpdate(DeviceDTO deviceDTO) {
+    if (StringUtils.isAllBlank(deviceDTO.getName())) {
+      throw new DataValidationException("device name must be specific");
+    }
+  }
+
+  private boolean detectDeviceChange(DeviceDTO deviceDTO, YtDevice device) {
+    boolean changed =
+        !deviceDTO.getName().equalsIgnoreCase(device.getName())
+            || !deviceDTO.getProfileId().equalsIgnoreCase(device.getProfileId());
+    if (changed) {
+      return true;
+    }
+    boolean dtoGateway =
+        Optional.ofNullable(deviceDTO.getDeviceType())
+            .map(deviceType -> deviceType.equals(DeviceTypeEnum.GATEWAY))
+            .orElse(false);
+    boolean entityGateway =
+        Optional.ofNullable(device.getDeviceType())
+            .map(deviceType -> deviceType.equals(DeviceTypeEnum.GATEWAY))
+            .orElse(false);
+    if (entityGateway != dtoGateway) {
+      changed = true;
+    }
+    if (changed) {
+      return true;
+    }
+    String dtoDesc =
+        Optional.ofNullable(deviceDTO.getDeviceInfo())
+            .map(deviceInfo -> deviceInfo.get("description"))
+            .map(JsonNode::asText)
+            .orElse("");
+    String dtoLabel = deviceDTO.getLabel() == null ? "" : deviceDTO.getLabel();
+    String entityDesc =
+        Optional.ofNullable(device.getDeviceInfo())
+            .map(deviceInfo -> deviceInfo.get("description"))
+            .map(JsonNode::asText)
+            .orElse("");
+    String entityLabel = device.getLabel() == null ? "" : device.getLabel();
+    if (!dtoDesc.equals(entityDesc) || !dtoLabel.equals(entityLabel)) {
+      changed = true;
+    }
+    return changed;
+  }
+
+  private void validateDeviceDTO(String tenantId,DeviceDTO deviceDTO, boolean insert) {
+    if (StringUtils.isBlank(deviceDTO.getName())) {
+      throw new DataValidationException("device name cannot be black");
+    }
+    // validate IOT DB
+    if (StringUtils.isBlank(deviceDTO.getProfileId())) {
+      throw new DataValidationException("device profile cannot be black");
+    }
+    if (StringUtils.isBlank(deviceDTO.getDeviceToken()) && !insert) {
+      throw new DataValidationException("device token cannot be black");
+    }
+    // 验证设备名称是否已经存在 如果此处直接使用deviceDTO 将有误
+    if (insert) {
+      DeviceDTO check = new DeviceDTO();
+      check.setName(deviceDTO.getName());
+      if (findDeviceInfo(tenantId,check).size() > 0) {
+        throw new DataValidationException(ErrorMessage.NAME_ALREADY_EXISTS.getMessage());
+      }
+    }
+    // 验证数据profileId的正确性
+    DeviceProfile deviceProfile = deviceProfileMapper.selectById(deviceDTO.getProfileId());
+    Organization organization = organizationMapper.selectById(deviceDTO.getOrganizationId());
+    if (null == deviceProfile || null == organization) {
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+//    } else if (StringUtils.isEmpty(deviceProfile.getTbProfileId())) {
+//      throw new DataValidationException("tb_device profile is nonexistent");
+    } else if (!deviceProfile
+            .getTenantId()
+            .equals(tenantId)
+        || !organization.getTenantCode().equals(tenantId)) {
+      throw new DataValidationException(ErrorMessage.TENANT_MISMATCHING.getMessage());
+    }
+  }
+
+  private DeviceDTO insert(String tenantId,DeviceDTO deviceDTO) {
+    validateDeviceDTO(tenantId,deviceDTO, true);
+    if (StringUtils.isNotBlank(deviceDTO.getDeviceToken())) {
+      List<YtDevice> devices =
+          baseMapper.selectList(
+              new QueryWrapper<YtDevice>()
+                  .lambda()
+                  .eq(YtDevice::getDeviceToken, deviceDTO.getDeviceToken()));
+      if (!devices.isEmpty()) {
+        throw new DataValidationException("设备Device Token已经存在!");
+      }
+    }
+    YtDevice device = new YtDevice();
+    deviceDTO.copyToEntity(
+        device,
+        ModelConstants.TablePropertyMapping.ACTIVE_TIME,
+        ModelConstants.TablePropertyMapping.DEVICE_STATE,
+        ModelConstants.TablePropertyMapping.TB_DEVICE_ID,
+        ModelConstants.TablePropertyMapping.TENANT_CODE,
+        ModelConstants.TablePropertyMapping.CREATOR,
+        ModelConstants.TablePropertyMapping.UPDATER,
+        ModelConstants.TablePropertyMapping.CREATE_TIME,
+        ModelConstants.TablePropertyMapping.UPDATE,
+        ModelConstants.TablePropertyMapping.UPDATE_TIME);
+    device.setTenantCode(tenantId);
+    // First insert into TB
+//    if (tbConfig.isEnabled()) {
+//      Device tbDevice = buildTbDeviceFromDeviceDTO(deviceDTO);
+//      try {
+//        Device insertedTbDevice =
+//            tbConnectService.saveDevice(tbDevice, deviceDTO.getDeviceToken()).get();
+//        if (insertedTbDevice == null) {
+//          throw new FastIotException(ErrorMessage.CONNECT_TO_TB_ERROR);
+//        }
+//        // 判断插入的DTO是否设置了deviceToken,如果不存在，获取Tb的deviceToken存入DB
+//        if (StringUtils.isAllBlank(device.getDeviceToken())) {
+//          String deviceTokenFromDB =
+//              tbDBService.getDeviceTokenFromDB(insertedTbDevice.getId().getId());
+//          device.setDeviceToken(deviceTokenFromDB);
+//        }
+//        device.setTbDeviceId(insertedTbDevice.getId().getId());
+//      } catch (InterruptedException | ExecutionException e) {
+//        log.error("insert device into tb error:{}", e.getMessage());
+//        throw new FastIotException(ErrorMessage.CONNECT_TO_TB_ERROR);
+//      }
+//    }
+    device.setAlarmStatus(0);
+    /** 默认待激活状态 */
+    device.setDeviceState(DeviceState.INACTIVE);
+    baseMapper.insert(device);
+    return device.getDTO(DeviceDTO.class);
+  }
+
+//  private Device buildTbDeviceFromDeviceDTO(DeviceDTO deviceDTO) {
+//    Device tbDevice = new Device();
+//    if (StringUtils.isNotBlank(deviceDTO.getTbDeviceId())) {
+//      Id id = new Id();
+//      id.setId(deviceDTO.getTbDeviceId());
+//      id.setEntityType(EntityType.DEVICE);
+//      tbDevice.setId(id);
+//    }
+//    Device.AdditionalInfo additionalInfo = new Device.AdditionalInfo();
+//    additionalInfo.setGateway(
+//        Optional.ofNullable(deviceDTO.getDeviceType())
+//            .map(deviceType -> deviceType.equals(DeviceTypeEnum.GATEWAY))
+//            .orElse(false));
+//
+//    additionalInfo.setDescription(
+//        Optional.ofNullable(deviceDTO.getDeviceInfo())
+//            .map(deviceInfo -> deviceInfo.get("description"))
+//            .map(JsonNode::asText)
+//            .orElse(""));
+//    additionalInfo.setOverwriteActivityTime(false);
+//
+//    Id deviceProfileId = new Id();
+//    deviceProfileId.setEntityType(EntityType.DEVICE_PROFILE);
+//    DeviceProfile deviceProfile = deviceProfileMapper.selectById(deviceDTO.getProfileId());
+//    deviceProfileId.setId(deviceProfile != null ? deviceProfile.getTbProfileId() : null);
+//
+//    tbDevice.setAdditionalInfo(additionalInfo);
+//    tbDevice.setCustomerId(null);
+//    tbDevice.setDeviceProfileId(deviceProfileId);
+//    tbDevice.setLabel(deviceDTO.getLabel());
+//    tbDevice.setName(deviceDTO.getName());
+//    tbDevice.setCreatedTime(LocalDateTime.now().toInstant(ZoneOffset.of("+8")).toEpochMilli());
+//    return tbDevice;
+//  }
+
+  @Override
+  @Transactional
+  public void deleteDevices(String tenantId,Set<String> ids) {
+    LambdaQueryWrapper<YtDevice> queryWrapper =
+        new QueryWrapper<YtDevice>()
+            .lambda()
+            .eq(YtDevice::getTenantCode, tenantId)
+            .in(YtDevice::getId, ids);
+
+    List<String> tbDeviceIds =
+        baseMapper.selectList(queryWrapper).stream()
+            .map(YtDevice::getTbDeviceId)
+            .collect(Collectors.toList());
+    baseMapper.delete(queryWrapper);
+    // 忽略删除进度，也不管是否删除了
+/*    if (tbConfig.isEnabled()) {
+      tbDeviceIds.forEach(tbConnectService::deleteDevice);
+    }*/
+  }
+
+  @Override
+  public Optional<DeviceDTO> getDevice(String tenantId,String id) {
+    return Optional.ofNullable(
+            baseMapper.selectOne(
+                new QueryWrapper<YtDevice>()
+                    .lambda()
+                    .eq(YtDevice::getTenantCode, tenantId)
+                    .eq(YtDevice::getId, id)))
+        .map(device -> device.getDTO(DeviceDTO.class));
+  }
+
+  @Override
+  public PageData<DeviceDTO> page(String tenantId,Map<String, Object> queryMap) {
+    queryMap.put("tenantCode", tenantId);
+    String organizationId = (String) queryMap.get("organizationId");
+    if (!StringUtils.isEmpty(organizationId)) {
+      List<String> organizationIds = new ArrayList<>();
+      organizationIds.add(organizationId);
+      // 查询该组织的所有子类
+      List<OrganizationDTO> organizationDTOS =
+          organizationMapper.findOrganizationTreeList(
+              tenantId, organizationIds);
+      List<String> queryOrganizationIds = new ArrayList<>();
+      organizationDTOS.forEach(
+          item -> {
+            queryOrganizationIds.add(item.getId());
+          });
+      queryMap.put("organizationIds", queryOrganizationIds);
+    }
+    IPage<YtDevice> page = getPage(queryMap, FastIotConstants.DefaultOrder.CREATE_TIME, false);
+    IPage<DeviceDTO> deviceIPage = baseMapper.getDevicePage(page, queryMap);
+    return getPageData(deviceIPage, DeviceDTO.class);
+  }
+
+  @Override
+  public List<DeviceDTO> findDeviceInfo(String tenantId,DeviceDTO deviceDTO) {
+    List<YtDevice> deviceList =
+        baseMapper.selectList(
+            new QueryWrapper<YtDevice>()
+                .lambda()
+                .eq(
+                    StringUtils.isNotBlank(deviceDTO.getDeviceToken()),
+                    YtDevice::getDeviceToken,
+                    deviceDTO.getDeviceToken())
+                .eq(true, YtDevice::getTenantCode, tenantId)
+                .like(
+                    StringUtils.isNotBlank(deviceDTO.getName()),
+                    YtDevice::getName,
+                    deviceDTO.getName()));
+    return ReflectUtils.sourceToTarget(deviceList, DeviceDTO.class);
+  }
+}

+package org.thingsboard.server.dao.yunteng.impl;
+
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.thingsboard.common.util.JacksonUtil;
+import org.thingsboard.server.common.data.yunteng.config.sms.YtDefaultSmsSenderFactory;
+import org.thingsboard.server.common.data.yunteng.config.sms.SmsProviderConfiguration;
+import org.thingsboard.server.common.data.yunteng.config.sms.SmsSender;
+import org.thingsboard.server.common.data.yunteng.core.cache.CacheUtils;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.dto.request.CodeTTL;
+import org.thingsboard.server.common.data.yunteng.dto.request.SmsReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.MessageTypeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.MsgTemplatePurposeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.ResponseCodeEnum;
+import org.thingsboard.server.dao.yunteng.entities.MessageConfig;
+import org.thingsboard.server.dao.yunteng.entities.MessageTemplate;
+import org.thingsboard.server.dao.yunteng.entities.SmsLog;
+import org.thingsboard.server.dao.yunteng.entities.User;
+import org.thingsboard.server.dao.yunteng.mapper.MessageConfigMapper;
+import org.thingsboard.server.dao.yunteng.mapper.MessageTemplateMapper;
+import org.thingsboard.server.dao.yunteng.mapper.SmsLogMapper;
+import org.thingsboard.server.dao.yunteng.mapper.UserMapper;
+import org.thingsboard.server.dao.yunteng.service.YtSmsService;
+
+import java.time.LocalDateTime;
+import java.util.LinkedHashMap;
+import java.util.List;
+
+import static org.thingsboard.server.common.data.yunteng.constant.FastIotConstants.CacheConfigKey.MOBILE_LOGIN_SMS_CODE;
+import static org.thingsboard.server.common.data.yunteng.constant.FastIotConstants.DEFAULT_DELIMITER;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class YtSmsServiceImpl implements YtSmsService {
+
+  private final MessageTemplateMapper messageTemplateMapper;
+
+  private final MessageConfigMapper messageConfigMapper;
+
+  private YtDefaultSmsSenderFactory ytDefaultSmsSenderFactory;
+
+  private final SmsLogMapper smsLogMapper;
+
+  private CacheUtils cacheUtils;
+
+  private final UserMapper userMapper;
+
+  @Override
+  @Transactional
+  public boolean sendSms(SmsReqDTO smsReqDTO) {
+    String phoneNumbers = smsReqDTO.getPhoneNumbers();
+    LinkedHashMap<String, String> templateParam = smsReqDTO.getParams();
+    String templateId = smsReqDTO.getId();
+    if (StringUtils.isEmpty(phoneNumbers) || StringUtils.isEmpty(templateId)) {
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+    MessageTemplate messageTemplate = messageTemplateMapper.selectById(templateId);
+    if (null != messageTemplate) {
+      MessageConfig messageConfig =
+          messageConfigMapper.selectById(messageTemplate.getMessageConfigId());
+      JsonNode configJsonNode = messageConfig.getConfig();
+      ObjectNode configObjectNode = (ObjectNode) configJsonNode;
+      configObjectNode.put("type", messageConfig.getPlatformType());
+      SmsProviderConfiguration smsProviderConfiguration =
+          JacksonUtil.convertValue(configObjectNode, SmsProviderConfiguration.class);
+      if (null != smsProviderConfiguration) {
+        SmsSender smsSender = ytDefaultSmsSenderFactory.createSmsSender(smsProviderConfiguration);
+        String result =
+            smsSender.sendSms(
+                phoneNumbers,
+                messageTemplate.getTemplateCode(),
+                templateParam,
+                messageTemplate.getSignName());
+        // 记录短信日志
+        String status = ResponseCodeEnum.SUCCESS.name();
+        String remark = smsReqDTO.getRemark()==null?"":smsReqDTO.getRemark();
+        if(!ResponseCodeEnum.SUCCESS.name().equals(result)){
+          status = ResponseCodeEnum.FAILED.name();
+          remark += result;
+        }
+        SmsLog smsLog = new SmsLog();
+        smsLog.setToPhone(phoneNumbers);
+        smsLog.setType(messageConfig.getPlatformType());
+        smsLog.setStatus(status);
+        smsLog.setRemark(remark);
+        smsLog.setMessageTemplateId(messageTemplate.getId());
+        smsLog.setTemplateParam(JacksonUtil.toJsonNode(JacksonUtil.toString(templateParam)));
+        smsLog.setSendTime(LocalDateTime.now());
+        smsLog.setTenantCode(messageTemplate.getTenantCode());
+        smsLog.setTemplatePurpose(smsReqDTO.getTemplatePurpose());
+        smsLogMapper.insert(smsLog);
+        return ResponseCodeEnum.SUCCESS.name().equals(result);
+      }
+    }
+    return false;
+  }
+
+  @Override
+  @Transactional
+  public boolean sendLoginSmsCode(String phoneNumber) {
+    // 检查手机号码是否存在系统，以免乱发消息
+    if (userMapper
+        .selectList(new QueryWrapper<User>().lambda().eq(User::getPhoneNumber, phoneNumber))
+        .isEmpty()) {
+      throw new DataValidationException("电话号码未在系统注册，请联系你的管理员");
+    }
+    // 获取是否有验证码存在，防止发送数量过多
+    String key =
+        MsgTemplatePurposeEnum.FOR_LOGIN.name()
+            + DEFAULT_DELIMITER
+            + MessageTypeEnum.PHONE_MESSAGE.name()
+            + DEFAULT_DELIMITER
+            + phoneNumber;
+    boolean canSend =
+        cacheUtils
+            .get(MOBILE_LOGIN_SMS_CODE, key)
+            .map(
+                o -> {
+                  CodeTTL codeTTL = (CodeTTL) o;
+                  return System.currentTimeMillis() - codeTTL.getSendTs()
+                      >= 60 * 1000; // 大于1分钟才允许下次再发送短信
+                })
+            .orElse(true);
+    if (!canSend) {
+      return false;
+    }
+    List<MessageTemplate> messageTemplates =
+        messageTemplateMapper.selectList(
+            new QueryWrapper<MessageTemplate>()
+                .lambda()
+                .eq(MessageTemplate::getTemplatePurpose, MsgTemplatePurposeEnum.FOR_LOGIN.name())
+                .eq(MessageTemplate::getMessageType, MessageTypeEnum.PHONE_MESSAGE.name()));
+    if (messageTemplates.isEmpty()) {
+      throw new DataValidationException("no sms provider config");
+    }
+    String code = RandomStringUtils.randomNumeric(6);
+    LinkedHashMap<String, String> params = new LinkedHashMap<>();
+    params.put("code", code);
+    MessageTemplate messageTemplate = messageTemplates.get(0);
+    SmsReqDTO smsReqDTO = new SmsReqDTO();
+    smsReqDTO.setParams(params);
+    smsReqDTO.setPhoneNumbers(phoneNumber);
+    smsReqDTO.setId(messageTemplate.getId());
+    smsReqDTO.setTemplatePurpose(MsgTemplatePurposeEnum.FOR_LOGIN.name());
+    if (this.sendSms(smsReqDTO)) {
+      cacheUtils.put(MOBILE_LOGIN_SMS_CODE, key, new CodeTTL(code, System.currentTimeMillis()));
+      return true;
+    } else {
+      cacheUtils.invalidate(MOBILE_LOGIN_SMS_CODE, key);
+      return false;
+    }
+  }
+}

+package org.thingsboard.server.dao.yunteng.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import lombok.RequiredArgsConstructor;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.BeanUtils;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.dto.TenantDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.TenantReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.TenantStatusEnum;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.dao.yunteng.entities.Tenant;
+import org.thingsboard.server.dao.yunteng.entities.TenantMenu;
+import org.thingsboard.server.dao.yunteng.entities.TenantRole;
+import org.thingsboard.server.dao.yunteng.entities.User;
+import org.thingsboard.server.dao.yunteng.mapper.*;
+import org.thingsboard.server.dao.yunteng.service.AbstractBaseService;
+import org.thingsboard.server.dao.yunteng.service.YtTenantService;
+
+import java.time.LocalDateTime;
+import java.util.*;
+
+@Service
+@RequiredArgsConstructor
+public class YtTenantServiceImpl extends AbstractBaseService<TenantMapper, Tenant>
+    implements YtTenantService {
+
+  private final MenuMapper menuMapper;
+  private final RoleMapper roleMapper;
+  private final UserMapper userMapper;
+  private final TenantMenuMapper tenantMenuMapper;
+  private final TenantRoleMapper tenantRoleMapper;
+
+  @Override
+  @Transactional
+  public TenantDTO createNewTenant(TenantReqDTO tenantReqDTO) {
+    TenantDTO tenantDTO = new TenantDTO();
+    BeanUtils.copyProperties(tenantReqDTO, tenantDTO);
+    processTenantCode(tenantDTO);
+    Tenant tenant = tenantDTO.getEntity(Tenant.class);
+    baseMapper.insert(tenant);
+    // 调用TB API
+    tenant.copyToDTO(tenantDTO);
+    saveTenantMapping(tenantDTO.getTenantCode(), tenantReqDTO.getRoleIds());
+    return tenantDTO;
+  }
+
+  @Override
+  public PageData<TenantDTO> page(Map<String, Object> queryMap) {
+    IPage<Tenant> tenantIPage = getPage(queryMap, "create_time", true);
+    IPage<TenantDTO> userPage =
+        baseMapper.getTenantPage(tenantIPage, (String) queryMap.get("tenantName"));
+    PageData<TenantDTO> pageData = getPageData(userPage, TenantDTO.class);
+    determineTenantStatus(pageData.getItems());
+    return pageData;
+  }
+
+  private void determineTenantStatus(Collection<TenantDTO> tenantDTOList) {
+    tenantDTOList.forEach(
+        tenantDTO -> {
+          if (!tenantDTO.isEnabled()) {
+            tenantDTO.setTenantStatus(TenantStatusEnum.DISABLED);
+          } else {
+            tenantDTO.setTenantStatus(TenantStatusEnum.NORMAL);
+            if (tenantDTO.getTenantExpireTime() != null
+                && LocalDateTime.now().isAfter(tenantDTO.getTenantExpireTime())) {
+              tenantDTO.setTenantStatus(TenantStatusEnum.EXPIRED);
+            }
+          }
+        });
+  }
+
+  private void processTenantCode(TenantDTO tenantDTO) {
+    if (tenantDTO.getTenantCode() != null) {
+      if (tenantDTO.getTenantCode().length() > 30) {
+        throw new DataValidationException("tenant code too long");
+      }
+      int count =
+          baseMapper.selectCount(
+              new QueryWrapper<Tenant>()
+                  .lambda()
+                  .eq(Tenant::getTenantCode, tenantDTO.getTenantCode()));
+      if (count > 0) {
+        throw new DataValidationException("tenant code already exist");
+      }
+    } else {
+      tenantDTO.setTenantCode(RandomStringUtils.randomAlphabetic(20));
+    }
+  }
+
+  @Override
+  @Transactional
+  public TenantDTO updateTenant(TenantDTO tenantDTO) {
+    Tenant tenant = baseMapper.selectById(tenantDTO.getId());
+    if (tenant == null) {
+      throw new DataValidationException("tenant does not exist");
+    }
+    String existTenantCode = tenant.getTenantCode();
+    tenantDTO.copyToEntity(tenant);
+    // tenantCode is immutable
+    tenant.setTenantCode(existTenantCode);
+    baseMapper.updateById(tenant);
+    tenant.copyToDTO(tenantDTO);
+    return tenantDTO;
+  }
+
+  @Override
+  @Transactional
+  public boolean deleteTenants(String[] idArr) {
+    Set<String> ids = Set.of(idArr);
+
+    Set<String> tenantCodes = baseMapper.getTenantCodesByTenantIds(ids);
+    // 1. GET ALL ROLE_ID
+    Set<String> allRoleIds = roleMapper.getAllIdsByTenantCode(tenantCodes);
+    // 2. DELETE SYS_ROLE SYS_ROLE_MENU SYS_USER_ROLE
+    if (!allRoleIds.isEmpty()) {
+      roleMapper.deleteBatchIds(allRoleIds);
+      roleMapper.deleteRoleMenuMappingByRoleIds(allRoleIds);
+      roleMapper.deleteRoleUserMappingByRoleIds(allRoleIds);
+    }
+    // 3. DELETE SYS_MENU SYS_TENANT_MENU
+    Set<String> allMenuIds = menuMapper.getAllIdsByTenantCode(tenantCodes);
+    if (!allMenuIds.isEmpty()) {
+      menuMapper.deleteBatchIds(allMenuIds);
+      menuMapper.deleteTenantMenuMappingByMenuIds(allMenuIds);
+    }
+    // 4. DELETE USER
+    userMapper.delete(new QueryWrapper<User>().lambda().in(User::getTenantCode, tenantCodes));
+    // 5. TELL RULE ENGINE TO STOP TENANT
+    // 6. DELETE OTHER RESOURCES IF ANY
+    // 7. DELETE TENANT
+    baseMapper.deleteBatchIds(ids);
+    // 删除 TENANT_ROLE、TENANT_MENU
+    deleteTenantRolesByTenantCode(tenantCodes);
+    deleteTenantMenusByTenantCode(tenantCodes);
+    // TODO 调用TB的API删除TB租户信息
+
+    return true;
+  }
+
+  /**
+   * 通过租户Code删除租户角色关系
+   * @param tenantCodes 租户Code
+   */
+  private void deleteTenantRolesByTenantCode(Set<String> tenantCodes) {
+    tenantRoleMapper.delete(
+            new QueryWrapper<TenantRole>().lambda().in(TenantRole::getTenantCode, tenantCodes));
+  }
+
+  /**
+   * 通过租户Code删除租户角色关系
+   * @param tenantCodes 租户Code
+   */
+  private void deleteTenantMenusByTenantCode(Set<String> tenantCodes) {
+    tenantMenuMapper.delete(
+            new QueryWrapper<TenantMenu>().lambda().in(TenantMenu::getTenantCode, tenantCodes));
+  }
+
+  @Override
+  public Optional<TenantDTO> findById(String id) {
+    return Optional.ofNullable(baseMapper.selectById(id))
+        .map(tenant -> tenant.getDTO(TenantDTO.class));
+  }
+
+  @Override
+  @Transactional
+  public TenantDTO updateOrCreateTenant(TenantReqDTO tenantReqDTO) {
+    if (StringUtils.isNotBlank(tenantReqDTO.getId())) {
+      Tenant tenant;
+      tenant = baseMapper.selectById(tenantReqDTO.getId());
+      if (tenant != null) {
+        BeanUtils.copyProperties(tenantReqDTO, tenant);
+        baseMapper.updateById(tenant);
+      }
+      return null;
+    } else {
+      return createNewTenant(tenantReqDTO);
+    }
+  }
+
+  @Override
+  public List<String> getTenantRolesByTenantCode(String tenantCode) {
+    if(StringUtils.isEmpty(tenantCode)){
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+    List<String> roles = new ArrayList<>();
+    List<TenantRole> tenantRoleList = tenantRoleMapper
+        .selectList(
+            new QueryWrapper<TenantRole>().lambda().eq(TenantRole::getTenantCode, tenantCode));
+    tenantRoleList.forEach(role->roles.add(role.getRoleId()));
+    return roles;
+  }
+
+  /**
+   * 保存租户与菜单、角色的映射关系
+   *
+   * @param tenantCode 租户Code
+   * @param roleIds 角色IDS
+   */
+  private void saveTenantMapping(String tenantCode, String[] roleIds) {
+    // 添加租户角色关系
+    for (String roleId : roleIds) {
+      saveTenantRoleMapping(roleId,tenantCode);
+      // 查询roleId有多少菜单
+      Set<String> menuIds = roleMapper.getMenuIdsByRoleId(roleId);
+      // 添加租户菜单关系
+      for (String menuId : menuIds) {
+        saveTenantMenuMapping(menuId,tenantCode);
+      }
+    }
+  }
+
+  /**
+   * 保存租户与菜单的关系
+   * @param menuId 菜单ID
+   * @param tenantCode 租户Code
+   */
+  private void saveTenantMenuMapping(String menuId,String tenantCode){
+    TenantMenu tenantMenu = new TenantMenu();
+    tenantMenu.setMenuId(menuId);
+    tenantMenu.setTenantCode(tenantCode);
+    tenantMenuMapper.insert(tenantMenu);
+  }
+
+  /**
+   * 保存租户与角色的关系
+   * @param roleId 角色ID
+   * @param tenantCode 租户Code
+   */
+  private void saveTenantRoleMapping(String roleId,String tenantCode){
+    TenantRole tenantRole = new TenantRole();
+    tenantRole.setTenantCode(tenantCode);
+    tenantRole.setRoleId(roleId);
+    tenantRoleMapper.insert(tenantRole);
+  }
+}

+package org.thingsboard.server.dao.yunteng.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.collect.Sets;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.util.Assert;
+import org.thingsboard.server.common.data.yunteng.constant.FastIotConstants;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+import org.thingsboard.server.common.data.yunteng.core.exception.DataValidationException;
+import org.thingsboard.server.common.data.yunteng.core.exception.FastIotException;
+import org.thingsboard.server.common.data.yunteng.core.exception.NoneTenantAssetException;
+import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
+import org.thingsboard.server.common.data.yunteng.dto.*;
+import org.thingsboard.server.common.data.yunteng.dto.request.AccountReqDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.RoleOrOrganizationReqDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.SendResetPasswordEmailMsg;
+import org.thingsboard.server.common.data.yunteng.dto.request.SmsReqDTO;
+import org.thingsboard.server.common.data.yunteng.enums.MessageTypeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.MsgTemplatePurposeEnum;
+import org.thingsboard.server.common.data.yunteng.enums.RoleEnum;
+import org.thingsboard.server.common.data.yunteng.enums.UserStatusEnum;
+import org.thingsboard.server.common.data.yunteng.utils.ReflectUtils;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.dao.yunteng.entities.*;
+import org.thingsboard.server.dao.yunteng.mapper.*;
+import org.thingsboard.server.dao.yunteng.service.*;
+
+import java.time.LocalDateTime;
+import java.util.*;
+import java.util.stream.Collectors;
+
+import static org.thingsboard.server.common.data.yunteng.constant.FastIotConstants.CHINA_MOBILE_PATTERN;
+import static org.thingsboard.server.common.data.yunteng.constant.FastIotConstants.EMAIL_PATTERN;
+import static org.thingsboard.server.common.data.yunteng.constant.ModelConstants.TablePropertyMapping.*;
+
+@Service
+@Slf4j
+@RequiredArgsConstructor
+public class YtUserServiceImpl extends AbstractBaseService<UserMapper, User> implements YtUserService {
+
+  private final AdminSettingMapper adminSettingMapper;
+  private final ObjectMapper mapper;
+  private final TenantMapper tenantMapper;
+  private final RoleMapper roleMapper;
+  private final OrganizationMapper organizationMapper;
+  private final UserOrganizationMappingMapper userOrganizationMappingMapper;
+  private final UserRoleMapper userRoleMapper;
+  private final TenantRoleMapper tenantRoleMapper;
+
+  private final YtSmsService ytSmsService;
+  private final MessageTemplateService messageTemplateService;
+  private final OrganizationService groupService;
+
+  public static final String ACTIVATE_URL_PATTERN = "%s/api/noauth/activate?activateToken=%s";
+  private final PasswordEncoder passwordEncoder;
+  /** 默认密码 */
+  private static final String DEFAULT_PWD = "123456";
+
+  @Override
+  public List<UserDetailsDTO> findUserDetailsByUsername(String username) {
+    // 多个租户可能存在多个username相同的情况
+    return baseMapper.findUserDetailsByUserName(username);
+  }
+
+  @Override
+  @Transactional
+  public UserDTO saveAccount(UserDTO userDTO, boolean sendEmail, boolean sendMsg,boolean isSysadmin,String tenantId) {
+    boolean isAdminOperate = isSysadmin;
+    if (StringUtils.isAllBlank(userDTO.getUsername())) {
+      throw new DataValidationException("username is required");
+    }
+    validatePhoneNumberAndEmail(userDTO);
+    if (sendMsg && StringUtils.isAllBlank(userDTO.getPhoneNumber())) {
+      throw new DataValidationException(
+          "you must specify user phone number if you want send activate email to this user");
+    }
+    if (sendEmail && StringUtils.isAllBlank(userDTO.getEmail())) {
+      throw new DataValidationException(
+          "you must specify user email if you want send activate email to this user");
+    }
+    User user = new User();
+    userDTO.copyToEntity(user, ID, CREATE_TIME, UPDATE_TIME, TENANT_CODE, ACTIVATE_TOKEN);
+    boolean userExist;
+    if (StringUtils.isNotBlank(userDTO.getPassword())) {
+      user.setPassword(passwordEncoder.encode(userDTO.getPassword()));
+    }
+    if (isAdminOperate) {
+      // 添加的租户管理员
+      if (StringUtils.isNotBlank(userDTO.getTenantCode())) {
+        user.setTenantCode(userDTO.getTenantCode());
+        user.setPassword(passwordEncoder.encode(DEFAULT_PWD));
+        int tenantExist =
+            tenantMapper.selectCount(
+                new QueryWrapper<Tenant>()
+                    .lambda()
+                    .eq(Tenant::getTenantCode, userDTO.getTenantCode()));
+        if (tenantExist == 0) {
+          throw new DataValidationException("tenant must exist");
+        }
+      } else {
+        // 添加的平台系统其他用户
+        user.setLevel(FastIotConstants.LevelValue.IS_OTHER_ADMIN);
+        user.setTenantCode(tenantId);
+      }
+      userExist =
+          baseMapper.selectCount(
+                  new QueryWrapper<User>()
+                      .lambda()
+                      .eq(User::getUsername, userDTO.getUsername())
+                      .eq(User::getTenantCode, userDTO.getTenantCode()))
+              > 0;
+    } else {
+      user.setLevel(FastIotConstants.LevelValue.IS_NORMAL);
+      user.setTenantCode(tenantId);
+      userExist =
+          baseMapper.selectCount(
+                  new QueryWrapper<User>()
+                      .lambda()
+                      .eq(User::getUsername, userDTO.getUsername())
+                      .eq(User::getTenantCode, tenantId))
+              > 0;
+    }
+    if (userExist) {
+      throw new DataValidationException(ErrorMessage.NAME_ALREADY_EXISTS.getMessage());
+    } else {
+      baseMapper.insert(user);
+      for (String roleId : userDTO.getRoleIds()) {
+        // 添加用户角色信息
+        UserRole userRole = new UserRole();
+        userRole.setUserId(user.getId());
+        userRole.setRoleId(roleId);
+        userRoleMapper.insert(userRole);
+      }
+      // 绑定用户和组织的关系
+      groupService.bindUserToOrganization(user.getId(), userDTO.getOrganizationIds());
+      user.copyToDTO(userDTO, PASSWORD, ACTIVATE_TOKEN);
+      return userDTO;
+    }
+  }
+
+  private void validatePhoneNumberAndEmail(UserDTO userDTO) {
+    if (StringUtils.isNotBlank(userDTO.getPhoneNumber())) {
+      if (!CHINA_MOBILE_PATTERN.matcher(userDTO.getPhoneNumber()).matches()) {
+        throw new DataValidationException(ErrorMessage.PROVIDE_CORRECT_PHONE_NUMBER.getMessage());
+      }
+    }
+    if (StringUtils.isNotBlank(userDTO.getEmail())) {
+      if (!EMAIL_PATTERN.matcher(userDTO.getEmail()).matches()) {
+        throw new DataValidationException(ErrorMessage.PROVIDE_CORRECT_EMAIL.getMessage());
+      }
+    }
+    if (StringUtils.isAllBlank(userDTO.getEmail())
+        && StringUtils.isAllBlank(userDTO.getPhoneNumber())) {
+      throw new DataValidationException(ErrorMessage.PHONE_NUMBER_OR_EMAIL_REQUIRED.getMessage());
+    }
+  }
+
+  @Override
+  public String getActivationLink(String userId,boolean isSysadmin,String tenantId) {
+    User user = baseMapper.selectById(userId);
+    if (!isSysadmin
+        && tenantId.equals(user.getTenantCode())) {
+      throw new AccessDeniedException(
+          "you don't have permission to get activation link for this user");
+    }
+    if (StringUtils.isAllBlank(user.getActivateToken())) {
+      throw new DataValidationException("user already activated");
+    }
+    try {
+      List<AdminSetting> generalSetting =
+          adminSettingMapper.selectList(
+              new QueryWrapper<AdminSetting>()
+                  .lambda()
+                  .eq(AdminSetting::getKey, ModelConstants.AdminSettingConfigKey.GENERAL_SETTING));
+      AdminSetting adminSetting = generalSetting.get(0);
+      JsonNode configNode = mapper.readTree(adminSetting.getConfigJson());
+      String baseUrl = configNode.get(FastIotConstants.ConfigJSONKey.BASE_URL).asText();
+      return String.format(ACTIVATE_URL_PATTERN, baseUrl, user.getActivateToken());
+    } catch (Exception e) {
+      throw new RuntimeException("error occurs");
+    }
+  }
+
+  @Override
+  public UserInfoDTO me(String userId,String tenantId,Set<String> currentRoles) {
+    User user = baseMapper.selectById(userId);
+    UserInfoDTO userInfoDTO = new UserInfoDTO();
+    if (!StringUtils.isEmpty(user.getActivateToken())) {
+      userInfoDTO.setNeedSetPwd(false);
+    }
+    userInfoDTO.setUserId(userId);
+    userInfoDTO.setRealName(user.getRealName());
+    userInfoDTO.setAvatar(user.getAvatar());
+    userInfoDTO.setTenantCode(tenantId);
+    userInfoDTO.setRoles(currentRoles);
+    Set<Role> roles = roleMapper.selectRoleByUserId(userId);
+    Set<PlainRolesDTO> plainRolesDTOSet = Sets.newHashSet();
+    roles.forEach(
+        role -> {
+          PlainRolesDTO plainRolesDTO = new PlainRolesDTO();
+          plainRolesDTO.setRoleId(role.getId());
+          plainRolesDTO.setRoleName(role.getName());
+          plainRolesDTOSet.add(plainRolesDTO);
+        });
+    userInfoDTO.setPlainRoles(plainRolesDTOSet);
+    return userInfoDTO;
+  }
+
+  @Override
+  public Optional<UserDTO> getUser(String userId,boolean isSysadmin,String tenantId) {
+    User user = baseMapper.selectById(userId);
+    if (user != null) {
+      UserDTO userDTO = new UserDTO();
+      user.copyToDTO(userDTO, PASSWORD, ACTIVATE_TOKEN);
+      if (!isSysadmin
+          && !tenantId.equals(user.getTenantCode())) {
+        return Optional.empty();
+      }
+      return Optional.of(userDTO);
+    } else {
+      return Optional.empty();
+    }
+  }
+
+  @Override
+  @Transactional
+  public UserDTO updateUser(UserDTO userDTO,boolean isSysadmin,String tenantId) {
+    Assert.notNull(userDTO.getId(), "user is must be specified");
+    User user = baseMapper.selectById(userDTO.getId());
+    if (!isSysadmin
+        && !user.getTenantCode().equals(tenantId)) {
+      throw new NoneTenantAssetException("this user not belong to current tenant");
+    }
+    if (!user.getUsername().equals(userDTO.getUsername())) {
+      throw new DataValidationException("username is immutable");
+    }
+    validatePhoneNumberAndEmail(userDTO);
+    user.setRealName(userDTO.getRealName());
+    user.setEnabled(userDTO.isEnabled());
+    user.setPhoneNumber(userDTO.getPhoneNumber());
+    user.setEmail(userDTO.getEmail());
+    user.setAccountExpireTime(userDTO.getAccountExpireTime());
+    if (!userDTO.getPassword().equals("******")) {
+      user.setPassword(passwordEncoder.encode(userDTO.getPassword()));
+    }
+    baseMapper.updateById(user);
+    user.copyToDTO(userDTO, PASSWORD, ACTIVATE_TOKEN);
+    return userDTO;
+  }
+
+  @Override
+  public PageData<UserDTO> page(
+      Map<String, Object> queryMap,
+      boolean isSysadmin,
+      boolean isPlatformAdmin,
+      boolean isTenantAdmin,
+      String tenantId) {
+    IPage<UserDTO> userPage = new Page<>();
+    IPage<User> userIPage = getPage(queryMap, "create_time", true);
+    if (isSysadmin) {
+      String roleType = (String) queryMap.get("roleType");
+      if (StringUtils.isEmpty(roleType)) {
+        roleType = RoleEnum.ROLE_PLATFORM_ADMIN.name();
+      }
+      userPage =
+          baseMapper.getAdminUserPage(
+              userIPage, tenantId, roleType);
+    }
+    else if(isPlatformAdmin){
+      //平台管理员只能管理租户
+      userPage = baseMapper.selectAllTenantUser(userIPage);
+    }else if(isTenantAdmin){
+      Map<String, Object> map = new HashMap<>();
+      map.put("realName", queryMap.get("realName"));
+      map.put("username", queryMap.get("username"));
+      map.put("tenantCode", tenantId);
+      userPage = baseMapper.getUserPage(userIPage, map);
+    }
+    if (null != userPage) {
+      userPage
+          .getRecords()
+          .forEach(
+              record -> {
+                fillUserStatus(record);
+                if (StringUtils.isNotBlank(record.getActivateToken())) {
+                  record.setHasPassword(true);
+                } else {
+                  record.setHasPassword(false);
+                }
+              });
+    }
+    return getPageData(userPage, UserDTO.class);
+  }
+
+  private void fillUserStatus(UserDTO userDTO) {
+    userDTO.setUserStatusEnum(UserStatusEnum.NORMAL);
+    if (!userDTO.isEnabled()) {
+      userDTO.setUserStatusEnum(UserStatusEnum.DISABLED);
+    } else {
+      if (userDTO.getAccountExpireTime() != null) {
+        if (userDTO.getAccountExpireTime().isBefore(LocalDateTime.now())) {
+          userDTO.setUserStatusEnum(UserStatusEnum.EXPIRED);
+        }
+      }
+    }
+  }
+
+  @Override
+  @Transactional
+  public boolean deleteUser(Set<String> userIds,boolean isSysadmin,String tenantId) {
+    // 1. 判断是否所有的id都属于此人
+    if (!isSysadmin) {
+      int notTenantUserCount =
+          baseMapper.selectCount(
+              new QueryWrapper<User>()
+                  .lambda()
+                  .ne(User::getTenantCode, tenantId)
+                  .in(User::getId, userIds));
+      if (notTenantUserCount > 0) {
+        throw new AccessDeniedException("cannot delete user that not belong to your tenant");
+      }
+    }
+    // 2. 删除人员对应的 role
+    roleMapper.deleteRoleUserMappingByUserIds(userIds);
+
+    // 3. 解绑人员对应的group
+
+    groupService.unBindUserToOrganization(userIds);
+
+    // 4. 删除人员
+    baseMapper.deleteBatchIds(userIds);
+
+    return true;
+  }
+
+  @Override
+  @Transactional
+  public UserDTO saveTenantAdmin(UserDTO userDTO,boolean isSysadmin,String tenantId) {
+    if (StringUtils.isNotBlank(userDTO.getId())) {
+      return updateUser(userDTO,isSysadmin,tenantId);
+    }
+    validatePhoneNumberAndEmail(userDTO);
+    User user = new User();
+    userDTO.copyToEntity(user, ID, PASSWORD, CREATE_TIME, UPDATE_TIME, ACTIVATE_TOKEN);
+    user.setPassword(passwordEncoder.encode(DEFAULT_PWD));
+    List<User> users =
+        baseMapper.selectList(
+            new QueryWrapper<User>().lambda().eq(User::getUsername, userDTO.getUsername()));
+    if (!users.isEmpty()) {
+      throw new DataValidationException("用户已存在");
+    }
+    baseMapper.insert(user);
+    List<TenantRole> tenantRoleList =
+        tenantRoleMapper.selectList(
+            new QueryWrapper<TenantRole>()
+                .lambda()
+                .eq(TenantRole::getTenantCode, userDTO.getTenantCode()));
+    // 保存用户与角色的映射信息
+    if (null == tenantRoleList || tenantRoleList.size() == 0) {
+      throw new FastIotException(ErrorMessage.INVALID_PARAMETER);
+    }
+    for (TenantRole tenantRole : tenantRoleList) {
+      roleMapper.saveUserRoleMapping(user.getId(), tenantRole.getRoleId());
+    }
+    user.copyToDTO(userDTO, PASSWORD, ACTIVATE_TOKEN);
+    return userDTO;
+  }
+
+  @Override
+  @Transactional
+  public void resetPassword(String userId,boolean isSysadmin,String tenantId) {
+    if (isSysadmin) {
+      baseMapper.setPassword2NullAndInsertActiveToken(
+          userId, RandomStringUtils.randomAlphabetic(10));
+    } else {
+      User user = baseMapper.selectById(userId);
+      if (user == null) {
+        return;
+      }
+      if (tenantId.equals(user.getTenantCode())) {
+        baseMapper.setPassword2NullAndInsertActiveToken(
+            userId, RandomStringUtils.randomAlphabetic(10));
+      }
+    }
+  }
+
+  @Override
+  public List<UserDetailsDTO> getUserByPhoneNumber(String phoneNumber) {
+    return baseMapper.findUserDetailsByPhoneNumber(phoneNumber);
+  }
+
+  @Override
+  public void sendRestPasswordMsg(SendResetPasswordEmailMsg msg) {
+    // 通过用户ID查询用户信息
+    User user = baseMapper.selectById(msg.getUserId());
+    if (null == user) {
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+
+    // 通过模板用途和状态查询模板信息
+    MessageTemplateDTO messageTemplateDTO = new MessageTemplateDTO();
+    String messageType = msg.getMessageTypeEnum().name();
+    messageTemplateDTO.setMessageType(messageType);
+    messageTemplateDTO.setTemplatePurpose(MsgTemplatePurposeEnum.FOR_SET_PASSWORD.name());
+    messageTemplateDTO.setStatus(1);
+    List<MessageTemplateDTO> templateDTOList =
+        messageTemplateService.findMessageTemplate(messageTemplateDTO);
+    if (null == templateDTOList || templateDTOList.size() < 1) {
+      throw new DataValidationException(ErrorMessage.EXIST_ENABLE_TEMPLATE.getMessage());
+    }
+    if (messageType.equalsIgnoreCase(MessageTypeEnum.PHONE_MESSAGE.name())) {
+      SmsReqDTO smsReqDTO = new SmsReqDTO();
+      smsReqDTO.setPhoneNumbers(user.getPhoneNumber());
+      smsReqDTO.setId(templateDTOList.get(0).getId());
+      LinkedHashMap<String, String> params = new LinkedHashMap<>();
+      params.put("name", user.getRealName());
+      smsReqDTO.setParams(params);
+      ytSmsService.sendSms(smsReqDTO);
+    }
+  }
+
+  @Override
+  public Optional<List<UserDTO>> getOrganizationUserByOrganizationId(String groupId,String tenantId) {
+    Organization group = organizationMapper.selectById(groupId);
+    if (group == null
+        || !group.getTenantCode().equals(tenantId)) {
+      return Optional.empty();
+    }
+    Set<String> userIds =
+        userOrganizationMappingMapper
+            .selectList(
+                new QueryWrapper<UserOrganizationMapping>()
+                    .lambda()
+                    .eq(UserOrganizationMapping::getOrganizationId, group))
+            .stream()
+            .map(UserOrganizationMapping::getUserId)
+            .collect(Collectors.toSet());
+    List<User> users = baseMapper.selectBatchIds(userIds);
+    return Optional.ofNullable(ReflectUtils.sourceToTarget(users, UserDTO.class));
+  }
+
+  @Override
+  public String[] getUserRoleOrOrganization(RoleOrOrganizationReqDTO roleOrGroupReqDTO) {
+    String userId = roleOrGroupReqDTO.getUserId();
+    if (StringUtils.isEmpty(userId)) {
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+    if (roleOrGroupReqDTO.isQueryRole()) {
+      List<String> roleIds =
+          userRoleMapper
+              .selectList(new QueryWrapper<UserRole>().lambda().eq(UserRole::getUserId, userId))
+              .stream()
+              .map(UserRole::getRoleId)
+              .collect(Collectors.toList());
+      return roleIds.toArray(new String[roleIds.size()]);
+    }
+    if (roleOrGroupReqDTO.isQueryOrganization()) {
+      List<String> roleIds =
+          userOrganizationMappingMapper
+              .selectList(
+                  new QueryWrapper<UserOrganizationMapping>()
+                      .lambda()
+                      .eq(UserOrganizationMapping::getUserId, userId))
+              .stream()
+              .map(UserOrganizationMapping::getOrganizationId)
+              .collect(Collectors.toList());
+      return roleIds.toArray(new String[roleIds.size()]);
+    }
+    return null;
+  }
+
+  @Override
+  @Transactional
+  public boolean changePassword(AccountReqDTO accountReqDTO) {
+    User user = baseMapper.selectById(accountReqDTO.getUserId());
+    if (null == user
+        || StringUtils.isEmpty(accountReqDTO.getPassword())
+        || StringUtils.isEmpty(accountReqDTO.getResetPassword())) {
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+    if (!StringUtils.isEmpty(user.getPassword())) {
+      // 判断用户密码是否正确
+      boolean isMatch = passwordEncoder.matches(accountReqDTO.getPassword(), user.getPassword());
+      if (!isMatch) {
+        throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+      }
+    }
+    // 修改密码
+    user.setPassword(passwordEncoder.encode(accountReqDTO.getResetPassword()));
+    user.setActivateToken(RandomStringUtils.randomAlphabetic(10));
+    return baseMapper.updateById(user) > 0;
+  }
+
+  @Override
+  public UserDTO accountExist(String userName,String tenantId) {
+    if (StringUtils.isEmpty(userName)) {
+      throw new DataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
+    }
+    UserDTO userDTO = new UserDTO();
+    userDTO.setTenantCode(tenantId);
+    userDTO.setUsername(userName);
+    return baseMapper.findUserInfo(userDTO);
+  }
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.AdminSetting;
+
+@Mapper
+public interface AdminSettingMapper extends BaseMapper<AdminSetting> {
+
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.AlarmContact;
+
+/** @Description 告警联系人持久化数据层 @Author cxy @Date 2021/11/2 11:52 */
+@Mapper
+public interface AlarmContactMapper extends BaseMapper<AlarmContact> {}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.AlarmProfile;
+
+@Mapper
+public interface AlarmProfileMapper extends BaseMapper<AlarmProfile> {
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.Device;
+import org.thingsboard.server.common.data.yunteng.dto.DeviceDTO;
+import org.thingsboard.server.dao.yunteng.entities.YtDevice;
+
+import java.util.Map;
+
+@Mapper
+public interface DeviceMapper extends BaseMapper<YtDevice> {
+
+    IPage<DeviceDTO> getDevicePage(
+            IPage<?> page, @Param("queryMap") Map<String, Object> queryMap);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.common.data.DeviceProfile;
+import org.thingsboard.server.common.data.yunteng.dto.DeviceProfileDTO;
+
+import java.util.List;
+
+@Mapper
+public interface DeviceProfileMapper extends BaseMapper<DeviceProfile> {
+
+    List<DeviceProfileDTO> getDeviceProfileInfo(DeviceProfileDTO deviceProfileDTO);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.DeviceType;
+
+@Mapper
+public interface DeviceTypeMapper extends BaseMapper<DeviceType> {
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.MailLog;
+
+@Mapper
+public interface MaiLogMapper extends BaseMapper<MailLog> {
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.yunteng.dto.MenuDTO;
+import org.thingsboard.server.dao.yunteng.entities.Menu;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Set;
+
+@Mapper
+public interface MenuMapper extends BaseMapper<Menu> {
+  List<MenuDTO> selectTenantMenu(String tenantCode);
+
+  List<MenuDTO> selectSysAdminMenu();
+
+  List<MenuDTO> selectMyMenu(String userId);
+
+  int deleteTenantMenuMappingByMenuIds(@Param("menuIds") Collection<String> menuIds);
+
+  Set<String> selectTenantMenuIds(String tenantCode);
+
+  Set<String> selectRoleMenuIds(String roleId);
+
+  Set<String> getAllIdsByTenantCode(@Param("tenantCodes") Collection<String> tenantCodes);
+
+  int addMenuToTenant(
+          @Param("tenantCode") String tenantCode, @Param("menuIds") Collection<String> menuIds);
+
+  int addMenuToRole(
+          @Param("roleId") String roleId, @Param("menuIds") Collection<String> menuIds);
+
+  int removeMenuFromTenant(
+          @Param("tenantCode") String tenantCode, @Param("menuIds") Collection<String> menuIds);
+
+  int removeMenuFromRole(
+          @Param("roleId") String roleId, @Param("menuIds") Collection<String> menuIds);
+
+  Set<String> getAllPermission();
+
+  Set<String> getAllPermissionsByTenantCode(String tenantCode);
+
+  Set<String> getAllPermissionsByUserId(String userId);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.yunteng.dto.MessageConfigDTO;
+import org.thingsboard.server.dao.yunteng.entities.MessageConfig;
+
+@Mapper
+public interface MessageConfigMapper extends BaseMapper<MessageConfig> {
+  MessageConfigDTO getEnableConfigByMessageAndPlatform(
+      @Param("messageType") String messageType,
+      @Param("platformType") String platformType,
+      @Param("tenantCode") String tenantCode);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.yunteng.dto.MessageTemplateDTO;
+import org.thingsboard.server.dao.yunteng.entities.MessageTemplate;
+
+import java.util.List;
+import java.util.Map;
+
+@Mapper
+public interface MessageTemplateMapper extends BaseMapper<MessageTemplate> {
+  /**
+   * 获取模板分页数据
+   *
+   * @param page 分页数据
+   * @param queryMap 查询参数
+   * @return
+   */
+  IPage<MessageTemplateDTO> getTemplatePage(
+      IPage<?> page, @Param("queryMap") Map<String, Object> queryMap);
+
+  /**
+   * 查询模板信息
+   * @param templateDTO 请求参数
+   * @return 模板信息列表 List<MessageTemplateDTO>
+   */
+  List<MessageTemplateDTO> findMessageTemplate(MessageTemplateDTO templateDTO);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.yunteng.dto.OrganizationDTO;
+import org.thingsboard.server.dao.yunteng.entities.Organization;
+
+import java.util.Collection;
+import java.util.List;
+
+@Mapper
+public interface OrganizationMapper extends BaseMapper<Organization> {
+  /**
+   * 通过租户code和组织Id递归查询其组织及子组织的List
+   *
+   * @param tenantCode 租户code
+   * @param organizationIds 待查询的组织ID,可以为空
+   * @return 组织及子组织，直到叶节点
+   */
+  List<OrganizationDTO> findOrganizationTreeList(
+      @Param("tenantCode") String tenantCode, @Param("organizationIds") Collection<String> organizationIds);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.RateLimiterEntity;
+
+@Mapper
+public interface RateLimiterMapper extends BaseMapper<RateLimiterEntity> {
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.yunteng.dto.RoleDTO;
+import org.thingsboard.server.dao.yunteng.entities.Role;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Set;
+
+@Mapper
+public interface RoleMapper extends BaseMapper<Role> {
+  void deleteRoleBatchByTenantIds(@Param("tenantIds") Collection<String> tenantIds);
+
+  int deleteRoleMenuMappingByRoleIds(@Param("roleIds") Collection<String> roleIds);
+
+  int deleteRoleMenuMappingByMenuIds(@Param("menuIds") Collection<String> menuIds);
+
+  int deleteRoleUserMappingByRoleIds(@Param("roleIds") Collection<String> roleIds);
+
+  int deleteRoleUserMappingByUserIds(@Param("userIds") Collection<String> userIds);
+
+  Set<String> getAllIdsByTenantCode(@Param("tenantCodes") Collection<String> tenantCodes);
+
+  Set<String> checkRoleUserMappingByRoleIds(@Param("ids") Collection<String> ids);
+
+  Set<Role> selectRoleByUserId(String userId);
+
+  Set<String> getMenuIdsByRoleId(String roleId);
+
+  void saveUserRoleMapping(@Param("userId")String userId,@Param("roleId")String roleId);
+
+  List<RoleDTO> findRoleInfo(RoleDTO roleDTO);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.SmsLog;
+
+@Mapper
+public interface SmsLogMapper extends BaseMapper<SmsLog> {
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.SysDept;
+
+@Mapper
+public interface SysDeptMapper extends BaseMapper<SysDept> {
+
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.yunteng.dto.SysDictItemDTO;
+import org.thingsboard.server.dao.yunteng.entities.SysDictItem;
+
+import java.util.List;
+
+@Mapper
+public interface SysDictItemMapper extends BaseMapper<SysDictItem> {
+  /**
+   * 通过dict表的Code和dictItem的codeText查询字典表的值
+   *
+   * @param dictCode 字典表Code
+   * @param itemValue 字典Item表文本值
+   * @return 返回字典Item表文本对应的文本
+   */
+  SysDictItemDTO getDictValueByCodeAndText(
+      @Param("dictCode") String dictCode,
+      @Param("itemValue") String itemValue);
+  /**
+   * 根据租户Code和字典表ID查询字典值
+   *
+   * @param dictId 字典表ID
+   * @return List<SysDictItemDTO>
+   */
+  List<SysDictItemDTO> getDictItemInfo(
+      @Param("dictId") String dictId,
+      @Param("dictCode") String dictCode);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.yunteng.dto.SysDictDTO;
+import org.thingsboard.server.dao.yunteng.entities.SysDict;
+
+@Mapper
+public interface SysDictMapper extends BaseMapper<SysDict> {
+
+  /**
+   * 根据租户Code和字典编码获取字典信息
+   *
+   * @param tenantCode 租户Code
+   * @param dictCode 字典信息
+   * @return SysDictDTO字典信息
+   */
+  SysDictDTO getDictInfoByCode(
+      @Param("tenantCode") String tenantCode,
+      @Param("dictCode") String dictCode);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.yunteng.dto.TenantDTO;
+import org.thingsboard.server.dao.yunteng.entities.Tenant;
+
+import java.util.Collection;
+import java.util.Set;
+
+@Mapper
+public interface TenantMapper extends BaseMapper<Tenant> {
+  Set<String> getTenantCodesByTenantIds(@Param("tenantIds") Collection<String> tenantIds);
+
+  IPage<TenantDTO> getTenantPage(IPage<?> page, @Param("tenantName") String tenantName);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.TenantMenu;
+
+@Mapper
+public interface TenantMenuMapper extends BaseMapper<TenantMenu> {
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.TenantRole;
+
+@Mapper
+public interface TenantRoleMapper extends BaseMapper<TenantRole> {
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.thingsboard.server.common.data.yunteng.dto.UserDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailsDTO;
+import org.thingsboard.server.dao.yunteng.entities.User;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+@Mapper
+public interface UserMapper extends BaseMapper<User> {
+
+  List<UserDetailsDTO> findUserDetailsByUserName(String username);
+
+  List<UserDetailsDTO> findUserDetailsByPhoneNumber(String phoneNumber);
+
+  IPage<UserDTO> getUserPage(IPage<?> page, @Param("queryMap") Map<String, Object> queryMap);
+
+  IPage<UserDTO> getAdminUserPage(
+      IPage<?> page, @Param("tenantCode") String tenantCode, @Param("roleType") String roleType);
+
+  IPage<UserDTO> selectAllTenantUser(IPage<?> page);
+
+  Set<String> getAllIdsByTenantCode(@Param("tenantCodes") Collection<String> tenantCodes);
+
+  void setPassword2NullAndInsertActiveToken(
+      @Param("userId") String userId, @Param("activeToken") String activeToken);
+
+  UserDTO findUserInfo(UserDTO userDTO);
+}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.UserOrganizationMapping;
+
+@Mapper
+public interface UserOrganizationMappingMapper extends BaseMapper<UserOrganizationMapping> {}

+package org.thingsboard.server.dao.yunteng.mapper;
+
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+import org.thingsboard.server.dao.yunteng.entities.UserRole;
+
+@Mapper
+public interface UserRoleMapper extends BaseMapper<UserRole> {
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.core.metadata.OrderItem;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.thingsboard.server.common.data.yunteng.constant.ModelConstants;
+import org.thingsboard.server.common.data.yunteng.enums.OrderTypeEnum;
+import org.thingsboard.server.common.data.yunteng.utils.ReflectUtils;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+import org.thingsboard.server.common.data.yunteng.utils.tools.TBPageData;
+import org.thingsboard.server.dao.yunteng.entities.BaseEntity;
+
+import java.util.List;
+import java.util.Map;
+
+import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*;
+
+public abstract class AbstractBaseService<M extends BaseMapper<T>, T extends BaseEntity>
+    implements BaseService<T> {
+
+  @Autowired protected M baseMapper;
+
+  @Override
+  public List<T> findAllByTenant(String tenantId) {
+    QueryWrapper<T> wrapper = new QueryWrapper<>();
+    wrapper.eq(StringUtils.isNotBlank(tenantId), ModelConstants.TableFields.TENANT_ID, tenantId);
+    return baseMapper.selectList(wrapper);
+  }
+
+  protected IPage<T> getPage(Map<String, Object> params, String defaultOrderField, boolean isAsc) {
+    int curPage = 1;
+    int limit = 10;
+    if (params.get(PAGE) != null) {
+      curPage = Integer.parseInt(params.get(PAGE).toString());
+    }
+
+    if (params.get(PAGE_SIZE) != null) {
+      limit = Integer.parseInt(params.get(PAGE_SIZE).toString());
+    }
+
+    Page<T> page = new Page<>(curPage, limit);
+    String orderField = (String) params.get(ORDER_FILED);
+    String order = (String) params.get(ORDER_TYPE);
+    if (StringUtils.isNotBlank(orderField) && StringUtils.isNotBlank(order)) {
+      return OrderTypeEnum.ASC.name().equalsIgnoreCase(order)
+          ? page.addOrder(OrderItem.asc(orderField))
+          : page.addOrder(OrderItem.desc(orderField));
+    } else if (StringUtils.isBlank(defaultOrderField)) {
+      return page;
+    } else {
+      if (isAsc) {
+        page.addOrder(OrderItem.asc(defaultOrderField));
+      } else {
+        page.addOrder(OrderItem.desc(defaultOrderField));
+      }
+      return page;
+    }
+  }
+
+  protected <D> PageData<D> getPageData(IPage<?> iPage, Class<D> target) {
+    List<D> targetList = ReflectUtils.sourceToTarget(iPage.getRecords(), target);
+    return new PageData<>(targetList, iPage.getTotal());
+  }
+
+  protected <D> PageData<D> getPageData(TBPageData<T> tbPageData, Class<D> target){
+    List<D> targetList = ReflectUtils.sourceToTarget(tbPageData.getData(),target);
+    return new PageData<>(targetList, tbPageData.getTotalElements());
+  }
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+
+
+import org.thingsboard.server.dao.yunteng.entities.BaseEntity;
+
+import java.util.List;
+
+public interface BaseService<T extends BaseEntity>{
+    List<T> findAllByTenant(String tenantId);
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+
+
+import org.thingsboard.server.common.data.yunteng.dto.MenuDTO;
+
+import java.util.List;
+import java.util.Optional;
+import java.util.Set;
+
+public interface MenuService {
+
+  /**
+   * sysadmin获取所有的menu，但是不获取租户自己创建的menu
+   *
+   * @return list 树状menu
+   */
+  List<MenuDTO> getAllMenus(String tenantId);
+
+  /**
+   * 获取自己的menu, 如果是tenant admin, 获取已分配的所有菜单，如果是普通用户，获取自己被租户管理员分配的菜单
+   *
+   * @return list 树状menu
+   */
+  List<MenuDTO> getMyMenus(String tenantId,String userId,boolean isSysAdmin,boolean isTenantAdmin);
+
+  MenuDTO saveMenu(String tenantId,boolean isSysAdmin,MenuDTO menuDTO);
+
+  Optional<MenuDTO> getMenu(String id);
+
+  MenuDTO updateMenu(String tenantId,boolean isSysAdmin,MenuDTO menuDTO);
+
+  boolean deleteMenus(String tenantId,String[] ids);
+
+  boolean assignMenuToTenant(String tenantId,String[] menuId);
+
+  boolean assignMenuToRole(String[] menuId, String roleId);
+
+  Set<String> getMenuIdsByRoleId(String roleId);
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+
+
+import org.thingsboard.server.common.data.yunteng.dto.MessageTemplateDTO;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+public interface MessageTemplateService {
+
+  PageData<MessageTemplateDTO> page(Map<String, Object> queryMap);
+
+  MessageTemplateDTO saveMessageTemplate(MessageTemplateDTO templateDTO);
+
+  boolean deleteMessageTemplate(Set<String> ids);
+
+  MessageTemplateDTO updateMessageTemplate(MessageTemplateDTO templateDTO);
+
+  /**
+   * 查询模板信息
+   * @param templateDTO 请求信息
+   * @return MessageTemplateDTO模板信息
+   */
+  List<MessageTemplateDTO> findMessageTemplate(MessageTemplateDTO templateDTO);
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+
+
+import org.thingsboard.server.common.data.yunteng.dto.DeleteDTO;
+import org.thingsboard.server.common.data.yunteng.dto.OrganizationDTO;
+
+import java.util.List;
+import java.util.Set;
+
+public interface OrganizationService {
+  OrganizationDTO saveOrganization(OrganizationDTO organizationDTO);
+
+  boolean deleteOrganizations(DeleteDTO deleteDTO);
+
+  List<OrganizationDTO> getMyOrganizations();
+
+  OrganizationDTO updateOrganization(OrganizationDTO organizationDTO);
+
+  void bindUserToOrganization(String userId, String[] organizationIds);
+
+  void unBindUserToOrganization(Set<String> userIds);
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+
+import org.thingsboard.server.common.data.yunteng.dto.RoleDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.RoleReqDTO;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+public interface RoleService {
+  PageData<RoleDTO> page(boolean isSysadmin,boolean isPlatformAdmin, String tenantId,Map<String, Object> queryMap);
+
+  boolean deleteRole(String[] roleIds,String tenantId);
+
+  Set<String> getPermissions(boolean isSysadmin,boolean isTenantAdmin,String tenantId,String useerId);
+
+  void updateRoleStatus(String roleId, int status,boolean isSysadmin,String tenantId);
+
+  RoleDTO saveOrUpdateRoleInfoWithMenu(RoleReqDTO roleReqDTO,boolean isSysadmin,boolean isPlatformAdmin,String tenantId);
+
+  /**
+   * 查询所有的角色信息
+   * @param roleDTO 过滤条件
+   * @return 所有角色信息
+   */
+  List<RoleDTO> findRoleInfo(boolean isTenantAdmin,String tenantId,String userId,RoleDTO roleDTO);
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+import org.thingsboard.server.common.data.yunteng.dto.DeviceDTO;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.Set;
+
+public interface YtDeviceService {
+  DeviceDTO insertOrUpdate(String tenantId,DeviceDTO deviceDTO);
+
+  void deleteDevices(String tenantId,Set<String> ids);
+
+  Optional<DeviceDTO> getDevice(String tenantId,String id);
+
+  PageData<DeviceDTO> page(String tenantId,Map<String, Object> queryMap);
+
+  /**
+   * 查询所有的设备信息
+   * @param deviceDTO 过滤参数
+   * @return List<DeviceDTO>
+   */
+  List<DeviceDTO> findDeviceInfo(String tenantId,DeviceDTO deviceDTO);
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+
+import org.thingsboard.server.common.data.yunteng.dto.request.SmsReqDTO;
+
+public interface YtSmsService {
+  boolean sendSms(SmsReqDTO smsReqDTO);
+
+  boolean sendLoginSmsCode(String phoneNumber);
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+
+
+import org.thingsboard.server.common.data.yunteng.dto.TenantDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.TenantReqDTO;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+
+public interface YtTenantService {
+  TenantDTO createNewTenant(TenantReqDTO tenantReqDTO);
+
+  TenantDTO updateTenant(TenantDTO tenantDTO);
+
+  boolean deleteTenants(String[] ids);
+
+  Optional<TenantDTO> findById(String id);
+
+  PageData<TenantDTO> page(Map<String, Object> queryMap);
+
+  TenantDTO updateOrCreateTenant(TenantReqDTO tenantReqDTO);
+
+  List<String> getTenantRolesByTenantCode(String tenantCode);
+}

+package org.thingsboard.server.dao.yunteng.service;
+
+import org.thingsboard.server.common.data.yunteng.dto.UserDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserDetailsDTO;
+import org.thingsboard.server.common.data.yunteng.dto.UserInfoDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.AccountReqDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.RoleOrOrganizationReqDTO;
+import org.thingsboard.server.common.data.yunteng.dto.request.SendResetPasswordEmailMsg;
+import org.thingsboard.server.common.data.yunteng.utils.tools.PageData;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.Set;
+
+public interface YtUserService {
+  List<UserDetailsDTO> findUserDetailsByUsername(String username);
+
+  UserDTO saveAccount(UserDTO userDTO, boolean sendEmail, boolean sendMsg,boolean isSysadmin,String tenantId);
+
+  String getActivationLink(String userId,boolean isSysadmin,String tenantId);
+
+  Optional<UserDTO> getUser(String userId,boolean isSysadmin,String tenantId);
+
+  UserInfoDTO me(String userId,String tenantId,Set<String> currentRoles);
+
+  PageData<UserDTO> page(Map<String, Object> queryMap,boolean isSysadmin,boolean isPlatformAdmin,boolean isTenantAdmin,String tenantId);
+
+  UserDTO updateUser(UserDTO userDTO,boolean isSysadmin,String tenantId);
+
+  boolean deleteUser(Set<String> userIds,boolean isSysadmin,String tenantId);
+
+  UserDTO saveTenantAdmin(UserDTO userDTO,boolean isSysadmin,String tenantId);
+
+  void resetPassword(String userId,boolean isSysadmin,String tenantId);
+
+  List<UserDetailsDTO> getUserByPhoneNumber(String phoneNumber);
+
+  /**
+   * 发送密码重置新消息
+   *
+   * @param msg 请求信息
+   */
+  void sendRestPasswordMsg(SendResetPasswordEmailMsg msg);
+
+  /**
+   * 判断账号是否注册过
+   *
+   * @param username 账号
+   * @return 账号信息
+   */
+  UserDTO accountExist(String username,String tenantId);
+
+  Optional<List<UserDTO>> getOrganizationUserByOrganizationId(String organizationId,String tenantId);
+
+  /**
+   * 查询用户关联的Role或者Group
+   *
+   * @param roleOrOrganizationReqDTO 参数
+   * @return 返回关联的Role或者Group
+   */
+  String[] getUserRoleOrOrganization(RoleOrOrganizationReqDTO roleOrOrganizationReqDTO);
+
+  /**
+   * 修改密码
+   *
+   * @param accountReqDTO 账号信息
+   * @return 修改成功、失败
+   */
+  boolean changePassword(AccountReqDTO accountReqDTO);
+}

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="org.thingsboard.server.dao.yunteng.mapper.MenuMapper">
+    <resultMap type="org.thingsboard.server.common.data.yunteng.dto.MenuDTO" id="menuDTOMap">
+        <result property="id" column="id"/>
+        <result property="name" column="name"/>
+        <result property="parentId" column="parent_id"/>
+        <result property="path" column="path"/>
+        <result property="type" column="type" typeHandler="org.apache.ibatis.type.EnumTypeHandler"/>
+        <result property="permission" column="permission"/>
+        <result property="sort" column="sort"/>
+        <result property="tenantCode" column="tenant_code"/>
+        <result property="component" column="component"/>
+        <result property="meta" column="meta"
+                typeHandler="com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler"/>
+        <result property="alias" column="alias"/>
+        <result property="redirect" column="redirect"/>
+        <result property="caseSensitive" column="case_sensitive"/>
+        <result property="createTime" column="create_time"/>
+        <result property="updateTime" column="update_time"/>
+    </resultMap>
+    <sql id="menuDTOMapColumn">
+        id,
+       parent_id,
+       path,
+       type,
+       permission,
+       sort,
+       component,
+       name,
+       meta,
+       alias,
+       redirect,
+       case_sensitive,
+       create_time,
+       update_time,
+       tenant_code
+    </sql>
+    <select id="selectTenantMenu" resultMap="menuDTOMap">
+        SELECT
+        <include refid="menuDTOMapColumn">
+        </include>
+        FROM sys_menu
+        WHERE id IN (SELECT menu_id FROM sys_tenant_menu WHERE tenant_code = #{tenantCode})
+    </select>
+
+    <select id="selectMyMenu" resultMap="menuDTOMap">
+        SELECT
+        <include refid="menuDTOMapColumn">
+        </include>
+        FROM sys_menu
+        WHERE id IN (SELECT menu_id
+        FROM sys_role_menu
+        WHERE role_id IN (SELECT id FROM sys_role WHERE id in (SELECT role_id FROM sys_user_role WHERE user_id
+        = #{userId}) AND enabled=true))
+    </select>
+
+    <delete id="deleteTenantMenuMappingByMenuIds">
+        DELETE FROM sys_tenant_menu WHERE menu_id IN
+        <foreach collection="menuIds" item="menuId" open="(" separator="," close=")">
+            #{menuId}
+        </foreach>
+    </delete>
+
+    <select id="selectTenantMenuIds" resultType="java.lang.String">
+        SELECT menu_id
+        FROM sys_tenant_menu
+        WHERE tenant_code = #{tenantCode}
+    </select>
+
+    <select id="selectRoleMenuIds" resultType="java.lang.String">
+        SELECT menu_id
+        FROM sys_role_menu
+        WHERE role_id = #{roleId}
+    </select>
+
+    <insert id="addMenuToTenant">
+        INSERT INTO sys_tenant_menu(menu_id , tenant_code) VALUES
+        <foreach collection="menuIds" item="menuId" index="index" separator=",">
+            (#{menuId},#{tenantCode})
+        </foreach>
+    </insert>
+
+    <insert id="addMenuToRole">
+        INSERT INTO sys_role_menu(menu_id , role_id) VALUES
+        <foreach collection="menuIds" item="menuId" index="index" separator=",">
+            (#{menuId},#{roleId})
+        </foreach>
+    </insert>
+    <delete id="removeMenuFromTenant">
+        DELETE FROM sys_tenant_menu WHERE
+        tenant_code =#{tenantCode} AND menu_id IN
+        <foreach collection="menuIds" item="menuId" open="(" separator="," close=")">
+            #{menuId}
+        </foreach>
+    </delete>
+
+    <delete id="removeMenuFromRole">
+        DELETE FROM sys_role_menu WHERE
+        role_id =#{roleId} AND menu_id IN
+        <foreach collection="menuIds" item="menuId" open="(" separator="," close=")">
+            #{menuId}
+        </foreach>
+    </delete>
+
+    <select id="getAllIdsByTenantCode" resultType="java.lang.String">
+        SELECT id FROM sys_menu WHERE tenant_code IN
+        <foreach collection="tenantCodes" item="tenantCode" open="(" separator="," close=")">
+            #{tenantCode}
+        </foreach>
+    </select>
+
+    <select id="getAllPermission" resultType="java.lang.String">
+        SELECT permission
+        FROM sys_menu
+    </select>
+
+    <select id="getAllPermissionsByTenantCode" resultType="java.lang.String">
+        SELECT permission
+        FROM sys_menu
+        WHERE id IN
+              (SELECT menu_id FROM sys_tenant_menu WHERE tenant_code = #{tenantCode})
+    </select>
+
+    <select id="getAllPermissionsByUserId" resultType="java.lang.String">
+        SELECT permission
+        FROM sys_menu
+        WHERE id IN
+              (SELECT menu_id
+               FROM sys_role_menu
+               WHERE role_id IN (
+                       SELECT role_id
+                       FROM sys_user_role
+                       WHERE user_id = #{userId}))
+    </select>
+
+    <select id="selectSysAdminMenu" resultMap="menuDTOMap">
+        SELECT
+        <include refid="menuDTOMapColumn">
+        </include>
+        FROM sys_menu
+        WHERE type = 'SYSADMIN'
+    </select>
+</mapper>

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="org.thingsboard.server.dao.yunteng.mapper.OrganizationMapper">
+    <resultMap type="org.thingsboard.server.common.data.yunteng.dto.OrganizationDTO" id="organizationDTOMap">
+        <result property="id" column="id"/>
+        <result property="parentId" column="parent_id"/>
+        <result property="sort" column="sort"/>
+        <result property="name" column="name"/>
+        <result property="creator" column="creator"/>
+        <result property="createTime" column="create_time"/>
+        <result property="updater" column="updater"/>
+        <result property="updateTime" column="update_time"/>
+        <result property="remark" column="remark"/>
+    </resultMap>
+
+    <select id="findOrganizationTreeList" resultMap="organizationDTOMap">
+        WITH RECURSIVE organization AS (
+        SELECT id, parent_id, name, sort,creator,create_time,updater,update_time,remark,tenant_code
+        FROM iotfs_organization
+        WHERE tenant_code = #{tenantCode}
+        <if test="organizationIds !=null and organizationIds.size() &gt; 0">
+            AND id IN
+            <foreach collection="organizationIds" item="organizationId" open="(" separator="," close=")">
+                #{organizationId}
+            </foreach>
+        </if>
+        UNION ALL
+        SELECT ig.id, ig.parent_id, ig.name, ig.sort,ig.creator,ig.create_time,ig.updater,ig.update_time,ig.remark,ig.tenant_code
+        FROM iotfs_organization ig
+        JOIN organization ON ig.parent_id = organization.id
+        WHERE ig.tenant_code = #{tenantCode}
+        )
+        SELECT id, parent_id, name, sort,creator,create_time,updater,update_time,remark,tenant_code
+        FROM organization WHERE tenant_code = #{tenantCode}
+    </select>
+</mapper>

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="org.thingsboard.server.dao.yunteng.mapper.RoleMapper">
+    <resultMap id="roleDtoMap" type="org.thingsboard.server.common.data.yunteng.dto.RoleDTO">
+        <result property="id" column="id"/>
+        <result property="name" column="name"/>
+        <result property="roleType" column="role_type"/>
+        <result property="tenantCode" column="tenant_code"/>
+        <result property="enabled" column="enabled"/>
+        <result property="creator" column="creator"/>
+        <result property="createTime" column="create_time"/>
+        <result property="updater" column="updater"/>
+        <result property="updateTime" column="update_time"/>
+        <result property="code" column="code"/>
+    </resultMap>
+    <select id="checkRoleUserMappingByRoleIds" resultType="java.lang.String">
+        SELECT user_id FROM sys_user_role WHERE role_id IN
+        <foreach collection="ids" item="id" open="(" separator="," close=")">
+            #{id}
+        </foreach>
+        GROUP BY user_id
+    </select>
+    <delete id="deleteRoleBatchByTenantIds">
+        DELETE FROM sys_role WHERE tenant_code in (
+        SELECT tenant_code FROM sys_tenant WHERE id IN
+        <foreach collection="tenantIds" item="tenantId" open="(" separator="," close=")">
+            #{tenantId}
+        </foreach>
+        )
+    </delete>
+
+    <delete id="deleteRoleMenuMappingByRoleIds">
+        DELETE FROM sys_role_menu WHERE role_id IN
+        <foreach collection="roleIds" item="roleId" open="(" separator="," close=")">
+            #{roleId}
+        </foreach>
+    </delete>
+
+    <delete id="deleteRoleUserMappingByRoleIds">
+        DELETE FROM sys_user_role WHERE role_id IN
+        <foreach collection="roleIds" item="roleId" open="(" separator="," close=")">
+            #{roleId}
+        </foreach>
+    </delete>
+
+    <delete id="deleteRoleUserMappingByUserIds">
+        DELETE FROM sys_user_role WHERE user_id IN
+        <foreach collection="userIds" item="userId" open="(" separator="," close=")">
+            #{userId}
+        </foreach>
+    </delete>
+
+    <delete id="deleteRoleMenuMappingByMenuIds">
+        DELETE FROM sys_role_menu WHERE menu_id IN
+        <foreach collection="menuIds" item="menuId" open="(" separator="," close=")">
+            #{menuId}
+        </foreach>
+    </delete>
+
+    <select id="getAllIdsByTenantCode" resultType="java.lang.String">
+        SELECT id from sys_role WHERE tenant_code IN
+        <foreach collection="tenantCodes" item="tenantCode" open="(" separator="," close=")">
+            #{tenantCode}
+        </foreach>
+    </select>
+
+    <select id="selectRoleByUserId" resultType="org.thingsboard.server.dao.yunteng.entities.Role">
+        SELECT *
+        FROM sys_role
+        WHERE id IN (SELECT role_id FROM sys_user_role WHERE user_id = #{userId})
+    </select>
+
+    <select id="getMenuIdsByRoleId" resultType="java.lang.String">
+        SELECT menu_id
+        FROM sys_role_menu
+        WHERE role_id = #{roleId}
+    </select>
+
+    <delete id="saveUserRoleMapping">
+        INSERT INTO sys_user_role(user_id, role_id)
+        VALUES (#{userId}, #{roleId})
+    </delete>
+
+    <select id="findRoleInfo" resultMap="roleDtoMap">
+        SELECT id,name,role_type,tenant_code,creator,create_time,updater,update_time,remark,code FROM sys_role
+        <where>
+            enabled='t'
+            <if test="roleType !=null and roleType !=''">AND role_type=#{roleType}</if>
+            <if test="tenantCode !=null and tenantCode !=''">AND tenant_code=#{tenantCode}</if>
+            <if test="code !=null and code !=''">AND code=#{code}</if>
+            <if test="roleIds !=null">OR id IN
+                <foreach collection="roleIds" item="id" open="(" separator="," close=")">
+                    #{id}
+                </foreach>
+            </if>
+        </where>
+
+    </select>
+</mapper>

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="org.thingsboard.server.dao.yunteng.mapper.SysDictItemMapper">
+    <resultMap id="sysDictItemDTOMap" type="org.thingsboard.server.common.data.yunteng.dto.SysDictItemDTO">
+        <result property="id" column="id"/>
+        <result property="dictId" column="dict_id"/>
+        <result property="itemText" column="item_text"/>
+        <result property="itemValue" column="item_value"/>
+        <result property="description" column="description"/>
+        <result property="sort" column="sort"/>
+        <result property="status" column="status"/>
+        <result property="creator" column="creator"/>
+        <result property="createTime" column="create_time"/>
+        <result property="updater" column="updater"/>
+        <result property="updateTime" column="update_time"/>
+        <association property="sysDict" javaType="org.thingsboard.server.common.data.yunteng.dto.SysDictDTO">
+            <result property="dictName" column="dict_name"/>
+            <result property="dictCode" column="dict_code"/>
+        </association>
+    </resultMap>
+    <sql id="columns">
+        sdi.id,sdi.dict_id,sdi.item_text,sdi.item_value,sdi.description,sdi.sort,
+            sdi.status,sdi.create_time,sdi.update_time,sd. dict_name,sd.dict_code
+    </sql>
+    <select id="getDictValueByCodeAndText" resultMap="sysDictItemDTOMap">
+        SELECT
+        sd. dict_name,sd.dict_code,sdi.id,sdi.item_text,sdi.sort
+        FROM
+        sys_dict_item sdi
+        LEFT JOIN sys_dict sd ON sd.ID = sdi.dict_id
+        <where>
+            sdi.status = 1
+            <if test="tenantCode !=null and tenantCode!=''">AND sd.tenant_code=#{tenantCode}</if>
+            <if test="dictCode !=null and dictCode!=''">AND sd.dict_code = #{dictCode}</if>
+            <if test="itemValue !=null and itemValue!=''">AND sdi.item_value = #{itemValue}</if>
+        </where>
+    </select>
+
+    <select id="getDictItemInfo" resultMap="sysDictItemDTOMap">
+        SELECT
+        <include refid="columns"/>
+        FROM
+        sys_dict_item sdi
+        LEFT JOIN sys_dict sd ON sd.ID = sdi.dict_id
+        <where>
+            <if test="dictId !=null and dictId!=''">AND sdi.dict_id=#{dictId}</if>
+            <if test="dictCode !=null and dictCode!=''">AND sd.dict_code=#{dictCode}</if>
+        </where>
+    </select>
+</mapper>

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="org.thingsboard.server.dao.yunteng.mapper.SysDictMapper">
+    <resultMap id="smsDictDTOMap" type="org.thingsboard.server.common.data.yunteng.dto.SysDictDTO" >
+        <result property="id" column="id"/>
+        <result property="dictName" column="dict_name"/>
+        <result property="dictCode" column="dict_code"/>
+        <result property="description" column="description"/>
+        <result property="tenantCode" column="tenant_code"/>
+        <result property="creator" column="creator"/>
+        <result property="createTime" column="create_time"/>
+        <result property="updater" column="updater"/>
+        <result property="updateTime" column="update_time"/>
+    </resultMap>
+    <sql id="columns">
+        id,dict_name,dict_code,description,tenant_code,creator,create_time,updater,update_time
+    </sql>
+    <select id="getDictInfoByCode" resultMap="smsDictDTOMap">
+        SELECT
+        <include refid="columns"/>
+        FROM sys_dict
+        <where>
+            <if test="tenantCode != null and tenantCode !=''">tenant_code=#{tenantCode}</if>
+            <if test="dictCode != null and dictCode !=''">AND dict_code=#{dictCode}</if>
+        </where>
+    </select>
+</mapper>

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="org.thingsboard.server.dao.yunteng.mapper.UserMapper">
+    <resultMap type="org.thingsboard.server.common.data.yunteng.dto.UserDetailsDTO" id="userDetailsMap">
+        <result property="id" column="id"/>
+        <result property="username" column="username"/>
+        <result property="password" column="password"/>
+        <result property="enabled" column="enabled"/>
+        <result property="accountExpireTime" column="account_expire_time"/>
+        <association property="tenant" javaType="org.thingsboard.server.common.data.yunteng.dto.TenantDTO">
+            <result column="tenant_name" property="name"/>
+            <result column="tenant_code" property="tenantCode"/>
+            <result column="tenant_enabled" property="enabled"/>
+            <result column="tenant_expire_time" property="tenantExpireTime"/>
+        </association>
+        <collection property="roles" javaType="java.util.Set" ofType="org.thingsboard.server.common.data.yunteng.dto.UserDetailRoleDTO">
+            <result column="role_type" property="roleType" typeHandler="org.apache.ibatis.type.EnumTypeHandler"/>
+        </collection>
+    </resultMap>
+    <resultMap type="org.thingsboard.server.common.data.yunteng.dto.UserDTO" id="userDTOMap">
+        <result property="id" column="id"/>
+        <result property="username" column="username"/>
+        <result property="password" column="password"/>
+        <result property="realName" column="real_name"/>
+        <result property="enabled" column="enabled"/>
+        <result property="phoneNumber" column="phone_number"/>
+        <result property="email" column="email"/>
+        <result property="avatar" column="avatar"/>
+        <result property="deptId" column="dept_id"/>
+        <result property="tenantName" column="tenant_name"/>
+        <result property="tenantCode" column="tenant_code"/>
+        <result property="createTime" column="create_time"/>
+        <result property="updateTime" column="update_time"/>
+        <result property="accountExpireTime" column="account_expire_time"/>
+        <result property="level" column="level"/>
+    </resultMap>
+
+    <sql id="columns">
+        su.id AS id,
+        su.username AS username,
+        su.password AS password,
+        su.phone_number AS phone_number,
+        su.email AS email,
+        su.avatar AS avatar,
+        su.enabled AS enabled,
+        su.account_expire_time AS account_expire_time,
+        su.tenant_code AS tenant_code,
+        su.create_time AS create_time,
+        su.update_time AS update_time,
+        su.real_name AS real_name,
+        su.dept_id AS dept_id,
+        su.level AS level
+    </sql>
+
+    <select id="findUserDetailsByUserName" resultMap="userDetailsMap">
+        SELECT su.id                  as id,
+               su.username            as username,
+               su.password            as password,
+               su.enabled             as enabled,
+               su.account_expire_time as account_expire_time,
+               st.name                as tenant_name,
+               st.tenant_code         as tenant_code,
+               st.enabled             as tenant_enabled,
+               st.tenant_expire_time  as tenant_expire_time,
+               rr.role_type           as role_type
+        FROM sys_user su
+                 LEFT JOIN sys_tenant st ON su.tenant_code = st.tenant_code
+                 LEFT JOIN (
+            SELECT sur.user_id,
+                   sr.role_type
+            FROM sys_user_role sur
+                     LEFT JOIN sys_role sr ON sur.role_id = sr.id
+            WHERE sur.user_id = (SELECT id FROM sys_user WHERE username = #{username})
+        ) rr ON su.id = rr.user_id
+        WHERE su.username = #{username};
+    </select>
+
+    <select id="getUserPage" resultMap="userDTOMap">
+        SELECT
+        <include refid="columns"/>,
+        st.name AS tenant_name
+        FROM sys_user su
+        LEFT JOIN sys_tenant st ON su.tenant_code = st.tenant_code
+        <where>
+            <if test="queryMap.realName!=null and queryMap.realName!=''">
+                AND su.real_name LIKE CONCAT('%',#{queryMap.realName}::TEXT,'%')
+            </if>
+            <if test="queryMap.username!=null and queryMap.username!=''">
+                AND su.username LIKE CONCAT('%',#{queryMap.username}::TEXT,'%')
+            </if>
+            <if test="queryMap.tenantCode !=null and queryMap.tenantCode!=''">
+                AND su.tenant_code=#{queryMap.tenantCode}
+            </if>
+        </where>
+    </select>
+
+    <select id="getAdminUserPage" resultMap="userDTOMap">
+        SELECT
+        <include refid="columns"/>,
+        st.name                AS tenant_name
+        FROM sys_user su
+                 LEFT JOIN sys_tenant st ON su.tenant_code = st.tenant_code
+        WHERE su.ID IN (SELECT user_id
+                        FROM sys_user_role
+                        WHERE role_id IN (SELECT ID
+                                          FROM sys_role
+                                          WHERE role_type = #{roleType}
+                                            <if test="roleType == 'ROLE_PLATFORM_ADMIN'">
+                                                OR role_type = 'ROLE_SYS_ADMIN'
+                                            </if>
+                                            AND tenant_code = #{tenantCode}))
+    </select>
+    <select id="selectAllTenantUser" resultMap="userDTOMap">
+        SELECT
+        <include refid="columns"/>,
+        st.name                AS tenant_name
+        FROM sys_user su
+        LEFT JOIN sys_tenant st ON su.tenant_code = st.tenant_code
+        WHERE su.level = 2;
+    </select>
+    <select id="getAllIdsByTenantCode" resultType="java.lang.String">
+        SELECT id FROM sys_user WHERE tenant_code IN
+        <foreach collection="tenantCodes" item="tenantCode" open="(" separator="," close=")">
+            #{tenantCode}
+        </foreach>
+    </select>
+
+    <update id="setPassword2NullAndInsertActiveToken">
+        UPDATE sys_user
+        SET password=null,
+            activate_token=#{activeToken}
+        WHERE id = #{userId}
+    </update>
+
+    <select id="findUserDetailsByPhoneNumber" resultMap="userDetailsMap">
+        SELECT su.id                  as id,
+               su.username            as username,
+               su.password            as password,
+               su.enabled             as enabled,
+               su.account_expire_time as account_expire_time,
+               st.name                as tenant_name,
+               st.tenant_code         as tenant_code,
+               st.enabled             as tenant_enabled,
+               st.tenant_expire_time  as tenant_expire_time,
+               rr.role_type           as role_type
+        FROM sys_user su
+                 LEFT JOIN sys_tenant st ON su.tenant_code = st.tenant_code
+                 LEFT JOIN (
+            SELECT sur.user_id,
+                   sr.role_type
+            FROM sys_user_role sur
+                     LEFT JOIN sys_role sr ON sur.role_id = sr.id
+            WHERE sur.user_id = (SELECT id FROM sys_user WHERE phone_number = #{phoneNumber})
+        ) rr ON su.id = rr.user_id
+        WHERE su.phone_number = #{phoneNumber};
+    </select>
+    <select id="findUserInfo" resultMap="userDTOMap">
+        SELECT
+        <include refid="columns"/>
+        FROM sys_user su
+        <where>
+            <if test="username !=null and username!=''">AND su.username=#{username}</if>
+            <if test="tenantCode !=null and tenantCode!=''">AND su.tenant_code=#{tenantCode}</if>
+        </where>
+    </select>
+</mapper>

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="org.thingsboard.server.dao.yunteng.mapper.UserRoleMapper">
+    <resultMap type="org.thingsboard.server.common.data.yunteng.dto.UserRoleDTO" id="userRoleMap">
+        <result property="userId" column="user_id"/>
+        <result property="roleId" column="role_id"/>
+    </resultMap>
+</mapper>

@@ -55,7 +55,7 @@
         <cassandra-driver-core.version>3.11.0</cassandra-driver-core.version>
         <guava.version>30.0-jre</guava.version>
         <caffeine.version>2.6.1</caffeine.version>
-        <commons-lang3.version>3.4</commons-lang3.version>
+        <commons-lang3.version>3.12.0</commons-lang3.version>
         <commons-codec.version>1.15</commons-codec.version>
         <commons-io.version>2.11.0</commons-io.version>
         <commons-logging.version>1.2</commons-logging.version>
@@ -130,6 +130,13 @@
         <!--      BLACKBOX TEST SCOPE     -->
         <testcontainers.version>1.16.0</testcontainers.version>
         <zeroturnaround.version>1.12</zeroturnaround.version>
+        <!-- 新增的开始 -->
+        <mybatis-plus.version>3.4.1</mybatis-plus.version>
+        <aliyun.sdk.core>4.5.20</aliyun.sdk.core>
+        <aliyun.sdk.dysmsapi>2.1.0</aliyun.sdk.dysmsapi>
+        <jakarta.mail.version>2.0.1</jakarta.mail.version>
+        <io.minio.version>8.3.1</io.minio.version>
+        <com.alibaba.easyexcel.version>3.0.1</com.alibaba.easyexcel.version>
     </properties>
 
     <modules>