public async Task <ActionResult> DeleteDefaultRole(string id, AssignRoleToOrgDto model) { if (model == null || model.RoleIds == null || !model.RoleIds.Any()) { return(Ok()); } // 除了平台的超级管理员,其他管理员只能管理所属 Client 的资源 bool isSuper = User.IsSuperAdmin(); IEnumerable <string> allowedClientIds = null; if (!isSuper) { allowedClientIds = User.FindAll(JwtClaimTypes.ClientId).Select(itm => itm.Value); } await _orgService.DeleteDefaultRolesAsync(id, model.RoleIds, allowedClientIds); return(Ok()); }