重构角色权限管理，优化代码结构

src/CellularManagement.Application/Features/RolePermissions/Commands/AddRolePermissions/AddRolePermissionsCommand.cs

@@ -0,0 +1,19 @@
+using MediatR;
+
+namespace CellularManagement.Application.Features.RolePermissions.Commands.AddRolePermissions;
+
+/// <summary>
+/// 添加角色权限命令
+/// </summary>
+public class AddRolePermissionsCommand : IRequest<OperationResult<AddRolePermissionsResponse>>
+{
+    /// <summary>
+    /// 角色ID
+    /// </summary>
+    public string RoleId { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 权限ID列表
+    /// </summary>
+    public IEnumerable<string> PermissionIds { get; set; } = new List<string>();
+} 

src/CellularManagement.Application/Features/RolePermissions/Commands/AddRolePermissions/AddRolePermissionsCommandHandler.cs

@@ -0,0 +1,71 @@
+using MediatR;
+using CellularManagement.Domain.Repositories;
+using Microsoft.Extensions.Logging;
+
+namespace CellularManagement.Application.Features.RolePermissions.Commands.AddRolePermissions;
+
+/// <summary>
+/// 添加角色权限命令处理器
+/// </summary>
+public class AddRolePermissionsCommandHandler : IRequestHandler<AddRolePermissionsCommand, OperationResult<AddRolePermissionsResponse>>
+{
+    private readonly IRolePermissionRepository _rolePermissionRepository;
+    private readonly ILogger<AddRolePermissionsCommandHandler> _logger;
+
+    public AddRolePermissionsCommandHandler(
+        IRolePermissionRepository rolePermissionRepository,
+        ILogger<AddRolePermissionsCommandHandler> logger)
+    {
+        _rolePermissionRepository = rolePermissionRepository;
+        _logger = logger;
+    }
+
+    public async Task<OperationResult<AddRolePermissionsResponse>> Handle(
+        AddRolePermissionsCommand request,
+        CancellationToken cancellationToken)
+    {
+        try
+        {
+            // 获取角色当前已有的权限
+            var existingPermissions = await _rolePermissionRepository.GetPermissionsByRoleIdAsync(request.RoleId, cancellationToken);
+            var existingPermissionIds = existingPermissions.Select(p => p.Id).ToList();
+
+            // 过滤出需要新增的权限ID
+            var newPermissionIds = request.PermissionIds.Except(existingPermissionIds).ToList();
+
+            if (!newPermissionIds.Any())
+            {
+                return OperationResult<AddRolePermissionsResponse>.CreateFailure("所有权限已存在，无需添加");
+            }
+
+            // 添加新的角色权限
+            var addedRolePermissions = await _rolePermissionRepository.AddRolePermissionsAsync(
+                request.RoleId,
+                newPermissionIds,
+                cancellationToken);
+
+            var response = new AddRolePermissionsResponse
+            {
+                AddedPermissionIds = newPermissionIds,
+                FailedPermissionIds = request.PermissionIds.Except(newPermissionIds)
+            };
+
+            _logger.LogInformation(
+                "成功为角色 {RoleId} 添加 {Count} 个权限",
+                request.RoleId,
+                newPermissionIds.Count);
+
+            return OperationResult<AddRolePermissionsResponse>.CreateSuccess(response);
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(
+                ex,
+                "为角色 {RoleId} 添加权限时发生错误",
+                request.RoleId);
+
+            return OperationResult<AddRolePermissionsResponse>.CreateFailure(
+                "添加角色权限失败，请稍后重试");
+        }
+    }
+} 

src/CellularManagement.Application/Features/RolePermissions/Commands/AddRolePermissions/AddRolePermissionsCommandValidator.cs

@@ -0,0 +1,19 @@
+using FluentValidation;
+
+namespace CellularManagement.Application.Features.RolePermissions.Commands.AddRolePermissions;
+
+/// <summary>
+/// 添加角色权限命令验证器
+/// </summary>
+public class AddRolePermissionsCommandValidator : AbstractValidator<AddRolePermissionsCommand>
+{
+    public AddRolePermissionsCommandValidator()
+    {
+        RuleFor(x => x.RoleId)
+            .NotEmpty().WithMessage("角色ID不能为空");
+
+        RuleFor(x => x.PermissionIds)
+            .NotEmpty().WithMessage("权限ID列表不能为空")
+            .Must(x => x.Any()).WithMessage("至少需要指定一个权限ID");
+    }
+} 

src/CellularManagement.Application/Features/RolePermissions/Commands/AddRolePermissions/AddRolePermissionsResponse.cs

@@ -0,0 +1,17 @@
+namespace CellularManagement.Application.Features.RolePermissions.Commands.AddRolePermissions;
+
+/// <summary>
+/// 添加角色权限响应
+/// </summary>
+public class AddRolePermissionsResponse
+{
+    /// <summary>
+    /// 添加成功的权限ID列表
+    /// </summary>
+    public IEnumerable<string> AddedPermissionIds { get; set; } = new List<string>();
+
+    /// <summary>
+    /// 添加失败的权限ID列表
+    /// </summary>
+    public IEnumerable<string> FailedPermissionIds { get; set; } = new List<string>();
+} 

src/CellularManagement.Application/Features/RolePermissions/Commands/DeleteRolePermissions/DeleteRolePermissionsCommand.cs

@@ -0,0 +1,19 @@
+using MediatR;
+
+namespace CellularManagement.Application.Features.RolePermissions.Commands.DeleteRolePermissions;
+
+/// <summary>
+/// 删除角色权限命令
+/// </summary>
+public class DeleteRolePermissionsCommand : IRequest<OperationResult<DeleteRolePermissionsResponse>>
+{
+    /// <summary>
+    /// 角色ID
+    /// </summary>
+    public string RoleId { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 要删除的权限ID列表
+    /// </summary>
+    public IEnumerable<string> PermissionIds { get; set; } = new List<string>();
+} 

src/CellularManagement.Application/Features/RolePermissions/Commands/DeleteRolePermissions/DeleteRolePermissionsCommandHandler.cs

@@ -0,0 +1,71 @@
+using MediatR;
+using CellularManagement.Domain.Repositories;
+using Microsoft.Extensions.Logging;
+
+namespace CellularManagement.Application.Features.RolePermissions.Commands.DeleteRolePermissions;
+
+/// <summary>
+/// 删除角色权限命令处理器
+/// </summary>
+public class DeleteRolePermissionsCommandHandler : IRequestHandler<DeleteRolePermissionsCommand, OperationResult<DeleteRolePermissionsResponse>>
+{
+    private readonly IRolePermissionRepository _rolePermissionRepository;
+    private readonly ILogger<DeleteRolePermissionsCommandHandler> _logger;
+
+    public DeleteRolePermissionsCommandHandler(
+        IRolePermissionRepository rolePermissionRepository,
+        ILogger<DeleteRolePermissionsCommandHandler> logger)
+    {
+        _rolePermissionRepository = rolePermissionRepository;
+        _logger = logger;
+    }
+
+    public async Task<OperationResult<DeleteRolePermissionsResponse>> Handle(
+        DeleteRolePermissionsCommand request,
+        CancellationToken cancellationToken)
+    {
+        try
+        {
+            // 获取角色当前已有的权限
+            var existingPermissions = await _rolePermissionRepository.GetPermissionsByRoleIdAsync(request.RoleId, cancellationToken);
+            var existingPermissionIds = existingPermissions.Select(p => p.Id).ToList();
+
+            // 过滤出实际存在的权限ID
+            var validPermissionIds = request.PermissionIds.Intersect(existingPermissionIds).ToList();
+
+            if (!validPermissionIds.Any())
+            {
+                return OperationResult<DeleteRolePermissionsResponse>.CreateFailure("指定的权限不存在，无需删除");
+            }
+
+            // 删除角色权限
+            var deletedCount = await _rolePermissionRepository.DeleteRolePermissionsAsync(
+                request.RoleId,
+                validPermissionIds,
+                cancellationToken);
+
+            var response = new DeleteRolePermissionsResponse
+            {
+                DeletedCount = deletedCount,
+                FailedPermissionIds = request.PermissionIds.Except(validPermissionIds)
+            };
+
+            _logger.LogInformation(
+                "成功从角色 {RoleId} 删除 {Count} 个权限",
+                request.RoleId,
+                deletedCount);
+
+            return OperationResult<DeleteRolePermissionsResponse>.CreateSuccess(response);
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(
+                ex,
+                "从角色 {RoleId} 删除权限时发生错误",
+                request.RoleId);
+
+            return OperationResult<DeleteRolePermissionsResponse>.CreateFailure(
+                "删除角色权限失败，请稍后重试");
+        }
+    }
+} 

src/CellularManagement.Application/Features/RolePermissions/Commands/DeleteRolePermissions/DeleteRolePermissionsCommandValidator.cs

@@ -0,0 +1,19 @@
+using FluentValidation;
+
+namespace CellularManagement.Application.Features.RolePermissions.Commands.DeleteRolePermissions;
+
+/// <summary>
+/// 删除角色权限命令验证器
+/// </summary>
+public class DeleteRolePermissionsCommandValidator : AbstractValidator<DeleteRolePermissionsCommand>
+{
+    public DeleteRolePermissionsCommandValidator()
+    {
+        RuleFor(x => x.RoleId)
+            .NotEmpty().WithMessage("角色ID不能为空");
+
+        RuleFor(x => x.PermissionIds)
+            .NotEmpty().WithMessage("权限ID列表不能为空")
+            .Must(x => x.Any()).WithMessage("至少需要指定一个要删除的权限ID");
+    }
+} 

src/CellularManagement.Application/Features/RolePermissions/Commands/DeleteRolePermissions/DeleteRolePermissionsResponse.cs

@@ -0,0 +1,17 @@
+namespace CellularManagement.Application.Features.RolePermissions.Commands.DeleteRolePermissions;
+
+/// <summary>
+/// 删除角色权限响应
+/// </summary>
+public class DeleteRolePermissionsResponse
+{
+    /// <summary>
+    /// 成功删除的权限数量
+    /// </summary>
+    public int DeletedCount { get; set; }
+
+    /// <summary>
+    /// 删除失败的权限ID列表
+    /// </summary>
+    public IEnumerable<string> FailedPermissionIds { get; set; } = new List<string>();
+} 

src/CellularManagement.Application/Features/RolePermissions/Queries/GetRolePermissions/GetRolePermissionsQuery.cs

@@ -0,0 +1,19 @@
+using MediatR;
+
+namespace CellularManagement.Application.Features.RolePermissions.Queries.GetRolePermissions;
+
+/// <summary>
+/// 获取角色权限查询命令
+/// </summary>
+public class GetRolePermissionsQuery : IRequest<OperationResult<GetRolePermissionsResponse>>
+{
+    /// <summary>
+    /// 角色ID
+    /// </summary>
+    public string RoleId { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 是否包含权限详情
+    /// </summary>
+    public bool IncludeDetails { get; set; } = true;
+} 

src/CellularManagement.Application/Features/RolePermissions/Queries/GetRolePermissions/GetRolePermissionsQueryHandler.cs

@@ -0,0 +1,65 @@
+using MediatR;
+using CellularManagement.Domain.Repositories;
+using Microsoft.Extensions.Logging;
+
+namespace CellularManagement.Application.Features.RolePermissions.Queries.GetRolePermissions;
+
+/// <summary>
+/// 获取角色权限查询处理器
+/// </summary>
+public class GetRolePermissionsQueryHandler : IRequestHandler<GetRolePermissionsQuery, OperationResult<GetRolePermissionsResponse>>
+{
+    private readonly IRolePermissionRepository _rolePermissionRepository;
+    private readonly ILogger<GetRolePermissionsQueryHandler> _logger;
+
+    public GetRolePermissionsQueryHandler(
+        IRolePermissionRepository rolePermissionRepository,
+        ILogger<GetRolePermissionsQueryHandler> logger)
+    {
+        _rolePermissionRepository = rolePermissionRepository;
+        _logger = logger;
+    }
+
+    public async Task<OperationResult<GetRolePermissionsResponse>> Handle(
+        GetRolePermissionsQuery request,
+        CancellationToken cancellationToken)
+    {
+        try
+        {
+            // 获取角色权限
+            var rolePermissions = await _rolePermissionRepository.GetRolePermissionsWithDetailsAsync(
+                request.RoleId,
+                cancellationToken);
+
+            if (!rolePermissions.Any())
+            {
+                return OperationResult<GetRolePermissionsResponse>.CreateFailure("未找到角色权限信息");
+            }
+
+            // 构建响应
+            var response = new GetRolePermissionsResponse
+            {
+                RoleId = request.RoleId,
+                RoleName = rolePermissions.First().Role.Name,
+                Permissions = rolePermissions.Select(rp => PermissionDto.FromEntity(rp.Permission))
+            };
+
+            _logger.LogInformation(
+                "成功获取角色 {RoleId} 的权限信息，共 {Count} 个权限",
+                request.RoleId,
+                response.Permissions.Count());
+
+            return OperationResult<GetRolePermissionsResponse>.CreateSuccess(response);
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(
+                ex,
+                "获取角色 {RoleId} 的权限信息时发生错误",
+                request.RoleId);
+
+            return OperationResult<GetRolePermissionsResponse>.CreateFailure(
+                "获取角色权限信息失败，请稍后重试");
+        }
+    }
+} 

src/CellularManagement.Application/Features/RolePermissions/Queries/GetRolePermissions/GetRolePermissionsResponse.cs

@@ -0,0 +1,64 @@
+using CellularManagement.Domain.Entities;
+
+namespace CellularManagement.Application.Features.RolePermissions.Queries.GetRolePermissions;
+
+/// <summary>
+/// 获取角色权限响应
+/// </summary>
+public class GetRolePermissionsResponse
+{
+    /// <summary>
+    /// 角色ID
+    /// </summary>
+    public string RoleId { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 角色名称
+    /// </summary>
+    public string RoleName { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 权限列表
+    /// </summary>
+    public IEnumerable<PermissionDto> Permissions { get; set; } = new List<PermissionDto>();
+}
+
+/// <summary>
+/// 权限数据传输对象
+/// </summary>
+public class PermissionDto
+{
+    /// <summary>
+    /// 权限ID
+    /// </summary>
+    public string Id { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 权限名称
+    /// </summary>
+    public string Name { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 权限编码
+    /// </summary>
+    public string Code { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 权限描述
+    /// </summary>
+    public string Description { get; set; } = string.Empty;
+
+    /// <summary>
+    /// 从权限实体创建DTO
+    /// </summary>
+    public static PermissionDto FromEntity(Permission permission)
+    {
+        return new PermissionDto
+        {
+            Id = permission.Id,
+            Name = permission.Name,
+            Code = permission.Code,
+            Description = permission.Description
+        };
+    }
+} 

src/CellularManagement.Application/Features/Roles/Commands/AssignPermission/AssignPermissionCommand.cs

@@ -1,18 +0,0 @@
-using MediatR;
-using CellularManagement.Application.Common;
-
-namespace CellularManagement.Application.Features.Roles.Commands.AssignPermission;
-
-/// <summary>
-/// 分配权限命令
-/// </summary>
-public sealed record AssignPermissionCommand(
-    /// <summary>
-    /// 角色ID
-    /// </summary>
-    string RoleId,
-    
-    /// <summary>
-    /// 权限ID
-    /// </summary>
-    string PermissionId) : IRequest<OperationResult<AssignPermissionResponse>>; 

src/CellularManagement.Application/Features/Roles/Commands/AssignPermission/AssignPermissionCommandHandler.cs

@@ -1,62 +0,0 @@
-using System.Threading;
-using System.Threading.Tasks;
-using MediatR;
-using Microsoft.Extensions.Logging;
-using CellularManagement.Application.Common;
-using CellularManagement.Domain.Entities;
-using CellularManagement.Domain.Repositories;
-
-namespace CellularManagement.Application.Features.Roles.Commands.AssignPermission;
-
-/// <summary>
-/// 分配权限命令处理器
-/// </summary>
-public sealed class AssignPermissionCommandHandler : IRequestHandler<AssignPermissionCommand, OperationResult<AssignPermissionResponse>>
-{
-    private readonly IPermissionRepository _permissionRepository;
-    private readonly ILogger<AssignPermissionCommandHandler> _logger;
-
-    /// <summary>
-    /// 初始化处理器
-    /// </summary>
-    public AssignPermissionCommandHandler(
-        IPermissionRepository permissionRepository,
-        ILogger<AssignPermissionCommandHandler> logger)
-    {
-        _permissionRepository = permissionRepository;
-        _logger = logger;
-    }
-
-    /// <summary>
-    /// 处理分配权限请求
-    /// </summary>
-    public async Task<OperationResult<AssignPermissionResponse>> Handle(
-        AssignPermissionCommand request,
-        CancellationToken cancellationToken)
-    {
-        try
-        {
-            // 检查权限是否存在
-            var permission = await _permissionRepository.GetByIdAsync(request.PermissionId, cancellationToken);
-            if (permission == null)
-            {
-                _logger.LogWarning("权限 {PermissionId} 不存在", request.PermissionId);
-                return OperationResult<AssignPermissionResponse>.CreateFailure("权限不存在");
-            }
-
-            // 创建角色权限关联
-            var rolePermission = RolePermission.Create(request.RoleId, request.PermissionId);
-            await _permissionRepository.AddRolePermissionAsync(rolePermission, cancellationToken);
-
-            _logger.LogInformation("角色 {RoleId} 分配权限 {PermissionId} 成功", request.RoleId, request.PermissionId);
-
-            return OperationResult<AssignPermissionResponse>.CreateSuccess(
-                new AssignPermissionResponse(true));
-        }
-        catch (Exception ex)
-        {
-            _logger.LogError(ex, "角色 {RoleId} 分配权限 {PermissionId} 失败", request.RoleId, request.PermissionId);
-            return OperationResult<AssignPermissionResponse>.CreateFailure("分配权限失败，请稍后重试");
-        }
-    }
-} 

src/CellularManagement.Application/Features/Roles/Commands/AssignPermission/AssignPermissionCommandValidator.cs

@@ -1,18 +0,0 @@
-using FluentValidation;
-
-namespace CellularManagement.Application.Features.Roles.Commands.AssignPermission;
-
-/// <summary>
-/// 分配权限命令验证器
-/// </summary>
-public sealed class AssignPermissionCommandValidator : AbstractValidator<AssignPermissionCommand>
-{
-    public AssignPermissionCommandValidator()
-    {
-        RuleFor(x => x.RoleId)
-            .NotEmpty().WithMessage("角色ID不能为空");
-
-        RuleFor(x => x.PermissionId)
-            .NotEmpty().WithMessage("权限ID不能为空");
-    }
-} 

src/CellularManagement.Application/Features/Roles/Commands/AssignPermission/AssignPermissionResponse.cs

@@ -1,10 +0,0 @@
-namespace CellularManagement.Application.Features.Roles.Commands.AssignPermission;
-
-/// <summary>
-/// 分配权限响应
-/// </summary>
-public sealed record AssignPermissionResponse(
-    /// <summary>
-    /// 是否成功
-    /// </summary>
-    bool Success); 

src/CellularManagement.Application/Features/Roles/Commands/RemovePermission/RemovePermissionCommand.cs

@@ -1,18 +0,0 @@
-using MediatR;
-using CellularManagement.Application.Common;
-
-namespace CellularManagement.Application.Features.Roles.Commands.RemovePermission;
-
-/// <summary>
-/// 移除权限命令
-/// </summary>
-public sealed record RemovePermissionCommand(
-    /// <summary>
-    /// 角色ID
-    /// </summary>
-    string RoleId,
-    
-    /// <summary>
-    /// 权限ID
-    /// </summary>
-    string PermissionId) : IRequest<OperationResult<RemovePermissionResponse>>; 

src/CellularManagement.Application/Features/Roles/Commands/RemovePermission/RemovePermissionCommandHandler.cs

@@ -1,60 +0,0 @@
-using System.Threading;
-using System.Threading.Tasks;
-using MediatR;
-using Microsoft.Extensions.Logging;
-using CellularManagement.Application.Common;
-using CellularManagement.Domain.Repositories;
-
-namespace CellularManagement.Application.Features.Roles.Commands.RemovePermission;
-
-/// <summary>
-/// 移除权限命令处理器
-/// </summary>
-public sealed class RemovePermissionCommandHandler : IRequestHandler<RemovePermissionCommand, OperationResult<RemovePermissionResponse>>
-{
-    private readonly IPermissionRepository _permissionRepository;
-    private readonly ILogger<RemovePermissionCommandHandler> _logger;
-
-    /// <summary>
-    /// 初始化处理器
-    /// </summary>
-    public RemovePermissionCommandHandler(
-        IPermissionRepository permissionRepository,
-        ILogger<RemovePermissionCommandHandler> logger)
-    {
-        _permissionRepository = permissionRepository;
-        _logger = logger;
-    }
-
-    /// <summary>
-    /// 处理移除权限请求
-    /// </summary>
-    public async Task<OperationResult<RemovePermissionResponse>> Handle(
-        RemovePermissionCommand request,
-        CancellationToken cancellationToken)
-    {
-        try
-        {
-            // 检查权限是否存在
-            var permission = await _permissionRepository.GetByIdAsync(request.PermissionId, cancellationToken);
-            if (permission == null)
-            {
-                _logger.LogWarning("权限 {PermissionId} 不存在", request.PermissionId);
-                return OperationResult<RemovePermissionResponse>.CreateFailure("权限不存在");
-            }
-
-            // 移除角色权限关联
-            await _permissionRepository.DeleteRolePermissionAsync(request.RoleId, request.PermissionId, cancellationToken);
-
-            _logger.LogInformation("角色 {RoleId} 移除权限 {PermissionId} 成功", request.RoleId, request.PermissionId);
-
-            return OperationResult<RemovePermissionResponse>.CreateSuccess(
-                new RemovePermissionResponse(true));
-        }
-        catch (Exception ex)
-        {
-            _logger.LogError(ex, "角色 {RoleId} 移除权限 {PermissionId} 失败", request.RoleId, request.PermissionId);
-            return OperationResult<RemovePermissionResponse>.CreateFailure("移除权限失败，请稍后重试");
-        }
-    }
-} 

src/CellularManagement.Application/Features/Roles/Commands/RemovePermission/RemovePermissionCommandValidator.cs

@@ -1,18 +0,0 @@
-using FluentValidation;
-
-namespace CellularManagement.Application.Features.Roles.Commands.RemovePermission;
-
-/// <summary>
-/// 移除权限命令验证器
-/// </summary>
-public sealed class RemovePermissionCommandValidator : AbstractValidator<RemovePermissionCommand>
-{
-    public RemovePermissionCommandValidator()
-    {
-        RuleFor(x => x.RoleId)
-            .NotEmpty().WithMessage("角色ID不能为空");
-
-        RuleFor(x => x.PermissionId)
-            .NotEmpty().WithMessage("权限ID不能为空");
-    }
-} 

src/CellularManagement.Application/Features/Roles/Commands/RemovePermission/RemovePermissionResponse.cs

@@ -1,10 +0,0 @@
-namespace CellularManagement.Application.Features.Roles.Commands.RemovePermission;
-
-/// <summary>
-/// 移除权限响应
-/// </summary>
-public sealed record RemovePermissionResponse(
-    /// <summary>
-    /// 是否成功
-    /// </summary>
-    bool Success); 

src/CellularManagement.Domain/Entities/Permission.cs

@@ -17,11 +17,21 @@ public class Permission
     /// </summary>
     public string Name { get; private set; }
 
+    /// <summary>
+    /// 权限代码
+    /// </summary>
+    public string Code { get; set; } = string.Empty;
+
     /// <summary>
     /// 权限描述
     /// </summary>
     public string? Description { get; private set; }
 
+    /// <summary>
+    /// 权限类型
+    /// </summary>
+    public string Type { get; set; } = string.Empty;
+
     /// <summary>
     /// 创建时间
     /// </summary>

src/CellularManagement.Domain/Repositories/IRolePermissionRepository.cs

@@ -0,0 +1,79 @@
+using CellularManagement.Domain.Entities;
+
+namespace CellularManagement.Domain.Repositories;
+
+/// <summary>
+/// 角色权限仓储接口
+/// 遵循 DDD 设计模式，提供角色权限相关的领域操作
+/// </summary>
+public interface IRolePermissionRepository : ICommandRepository<RolePermission>, IQueryRepository<RolePermission>
+{
+    /// <summary>
+    /// 根据角色ID获取所有权限
+    /// </summary>
+    /// <param name="roleId">角色ID</param>
+    /// <param name="cancellationToken">取消令牌</param>
+    /// <returns>权限列表</returns>
+    Task<IEnumerable<Permission>> GetPermissionsByRoleIdAsync(string roleId, CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// 根据权限ID获取所有角色
+    /// </summary>
+    /// <param name="permissionId">权限ID</param>
+    /// <param name="cancellationToken">取消令牌</param>
+    /// <returns>角色列表</returns>
+    Task<IEnumerable<AppRole>> GetRolesByPermissionIdAsync(string permissionId, CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// 检查角色是否拥有指定权限
+    /// </summary>
+    /// <param name="roleId">角色ID</param>
+    /// <param name="permissionId">权限ID</param>
+    /// <param name="cancellationToken">取消令牌</param>
+    /// <returns>是否拥有权限</returns>
+    Task<bool> HasPermissionAsync(string roleId, string permissionId, CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// 批量添加角色权限
+    /// </summary>
+    /// <param name="roleId">角色ID</param>
+    /// <param name="permissionIds">权限ID列表</param>
+    /// <param name="cancellationToken">取消令牌</param>
+    /// <returns>添加的角色权限列表</returns>
+    Task<IEnumerable<RolePermission>> AddRolePermissionsAsync(string roleId, IEnumerable<string> permissionIds, CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// 批量删除角色权限
+    /// </summary>
+    /// <param name="roleId">角色ID</param>
+    /// <param name="permissionIds">权限ID列表</param>
+    /// <param name="cancellationToken">取消令牌</param>
+    /// <returns>删除的权限数量</returns>
+    Task<int> DeleteRolePermissionsAsync(string roleId, IEnumerable<string> permissionIds, CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// 获取角色的所有权限（包含权限详情）
+    /// </summary>
+    /// <param name="roleId">角色ID</param>
+    /// <param name="cancellationToken">取消令牌</param>
+    /// <returns>角色权限关联列表</returns>
+    Task<IEnumerable<RolePermission>> GetRolePermissionsWithDetailsAsync(string roleId, CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// 检查角色是否拥有所有指定的权限
+    /// </summary>
+    /// <param name="roleId">角色ID</param>
+    /// <param name="permissionIds">权限ID列表</param>
+    /// <param name="cancellationToken">取消令牌</param>
+    /// <returns>是否拥有所有权限</returns>
+    Task<bool> HasAllPermissionsAsync(string roleId, IEnumerable<string> permissionIds, CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// 获取角色缺少的权限
+    /// </summary>
+    /// <param name="roleId">角色ID</param>
+    /// <param name="permissionIds">要检查的权限ID列表</param>
+    /// <param name="cancellationToken">取消令牌</param>
+    /// <returns>角色缺少的权限ID列表</returns>
+    Task<IEnumerable<string>> GetMissingPermissionsAsync(string roleId, IEnumerable<string> permissionIds, CancellationToken cancellationToken = default);
+} 

src/CellularManagement.Infrastructure/Repositories/PermissionRepository.cs

@@ -13,10 +13,7 @@ namespace CellularManagement.Infrastructure.Repositories;
 /// <summary>
 /// 权限仓储实现类
 /// </summary>
-public class PermissionRepository : 
-    CommandRepository<Permission>,
-    IQueryRepository<Permission>,
-    IPermissionRepository
+public class PermissionRepository : CommandRepository<Permission>, IPermissionRepository
 {
     private readonly AppDbContext _context;
     private readonly ILogger<PermissionRepository> _logger;

src/CellularManagement.Infrastructure/Repositories/RolePermissionRepository.cs

@@ -0,0 +1,166 @@
+using System.Linq.Expressions;
+using CellularManagement.Domain.Entities;
+using CellularManagement.Domain.Repositories;
+using CellularManagement.Infrastructure.Context;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Logging;
+
+namespace CellularManagement.Infrastructure.Repositories;
+
+/// <summary>
+/// 角色权限仓储实现
+/// 遵循 DDD 设计模式，实现角色权限相关的领域操作
+/// </summary>
+public class RolePermissionRepository : CommandRepository<RolePermission>, IRolePermissionRepository
+{
+    private readonly AppDbContext _context;
+    private readonly ILogger<RolePermissionRepository> _logger;
+
+    public RolePermissionRepository(
+        AppDbContext context,
+        IUnitOfWork unitOfWork,
+        ILogger<RolePermissionRepository> logger)
+        : base(context, unitOfWork, logger)
+    {
+        _context = context;
+        _logger = logger;
+    }
+
+    // IQueryRepository<RolePermission> 实现
+    public async Task<RolePermission?> GetByIdAsync(string id, CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions.FindAsync(new object[] { id }, cancellationToken);
+    }
+
+    public async Task<IEnumerable<RolePermission>> GetAllAsync(CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions
+            .Include(rp => rp.Role)
+            .Include(rp => rp.Permission)
+            .ToListAsync(cancellationToken);
+    }
+
+    public async Task<IEnumerable<RolePermission>> FindAsync(Expression<Func<RolePermission, bool>> predicate, CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions
+            .Include(rp => rp.Role)
+            .Include(rp => rp.Permission)
+            .Where(predicate)
+            .ToListAsync(cancellationToken);
+    }
+
+    public async Task<(int TotalCount, IEnumerable<RolePermission> Items)> GetPagedAsync(int pageNumber, int pageSize, CancellationToken cancellationToken = default)
+    {
+        var query = _context.RolePermissions
+            .Include(rp => rp.Role)
+            .Include(rp => rp.Permission);
+        var totalCount = await query.CountAsync(cancellationToken);
+        var items = await query
+            .Skip((pageNumber - 1) * pageSize)
+            .Take(pageSize)
+            .ToListAsync(cancellationToken);
+        return (totalCount, items);
+    }
+
+    public async Task<(int TotalCount, IEnumerable<RolePermission> Items)> GetPagedAsync(
+        Expression<Func<RolePermission, bool>> predicate,
+        int pageNumber,
+        int pageSize,
+        CancellationToken cancellationToken = default)
+    {
+        var query = _context.RolePermissions
+            .Include(rp => rp.Role)
+            .Include(rp => rp.Permission)
+            .Where(predicate);
+        var totalCount = await query.CountAsync(cancellationToken);
+        var items = await query
+            .Skip((pageNumber - 1) * pageSize)
+            .Take(pageSize)
+            .ToListAsync(cancellationToken);
+        return (totalCount, items);
+    }
+
+    public async Task<RolePermission?> FirstOrDefaultAsync(Expression<Func<RolePermission, bool>> predicate, CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions
+            .Include(rp => rp.Role)
+            .Include(rp => rp.Permission)
+            .FirstOrDefaultAsync(predicate, cancellationToken);
+    }
+
+    public async Task<bool> AnyAsync(Expression<Func<RolePermission, bool>> predicate, CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions.AnyAsync(predicate, cancellationToken);
+    }
+
+    public async Task<int> CountAsync(Expression<Func<RolePermission, bool>> predicate, CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions.CountAsync(predicate, cancellationToken);
+    }
+
+    // IRolePermissionRepository 特有方法
+    public async Task<IEnumerable<Permission>> GetPermissionsByRoleIdAsync(string roleId, CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions
+            .Where(rp => rp.RoleId == roleId)
+            .Select(rp => rp.Permission)
+            .ToListAsync(cancellationToken);
+    }
+
+    public async Task<IEnumerable<AppRole>> GetRolesByPermissionIdAsync(string permissionId, CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions
+            .Where(rp => rp.PermissionId == permissionId)
+            .Select(rp => rp.Role)
+            .ToListAsync(cancellationToken);
+    }
+
+    public async Task<bool> HasPermissionAsync(string roleId, string permissionId, CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions
+            .AnyAsync(rp => rp.RoleId == roleId && rp.PermissionId == permissionId, cancellationToken);
+    }
+
+    public async Task<IEnumerable<RolePermission>> AddRolePermissionsAsync(string roleId, IEnumerable<string> permissionIds, CancellationToken cancellationToken = default)
+    {
+        var entities = permissionIds.Select(pid => RolePermission.Create(roleId, pid)).ToList();
+        await _context.RolePermissions.AddRangeAsync(entities, cancellationToken);
+        return entities;
+    }
+
+    public async Task<int> DeleteRolePermissionsAsync(string roleId, IEnumerable<string> permissionIds, CancellationToken cancellationToken = default)
+    {
+        var entities = await _context.RolePermissions
+            .Where(rp => rp.RoleId == roleId && permissionIds.Contains(rp.PermissionId))
+            .ToListAsync(cancellationToken);
+        if (entities.Any())
+        {
+            _context.RolePermissions.RemoveRange(entities);
+        }
+        return entities.Count;
+    }
+
+    public async Task<IEnumerable<RolePermission>> GetRolePermissionsWithDetailsAsync(string roleId, CancellationToken cancellationToken = default)
+    {
+        return await _context.RolePermissions
+            .Include(rp => rp.Permission)
+            .Where(rp => rp.RoleId == roleId)
+            .ToListAsync(cancellationToken);
+    }
+
+    public async Task<bool> HasAllPermissionsAsync(string roleId, IEnumerable<string> permissionIds, CancellationToken cancellationToken = default)
+    {
+        var count = await _context.RolePermissions
+            .CountAsync(rp => rp.RoleId == roleId && permissionIds.Contains(rp.PermissionId), cancellationToken);
+        return count == permissionIds.Count();
+    }
+
+    public async Task<IEnumerable<string>> GetMissingPermissionsAsync(string roleId, IEnumerable<string> permissionIds, CancellationToken cancellationToken = default)
+    {
+        var owned = await _context.RolePermissions
+            .Where(rp => rp.RoleId == roleId && permissionIds.Contains(rp.PermissionId))
+            .Select(rp => rp.PermissionId)
+            .ToListAsync(cancellationToken);
+        return permissionIds.Except(owned);
+    }
+} 

src/CellularManagement.Infrastructure/Repositories/UserRoleRepository.cs

@@ -12,10 +12,7 @@ namespace CellularManagement.Infrastructure.Repositories;
 /// <summary>
 /// 用户角色仓储实现类
 /// </summary>
-public class UserRoleRepository : 
-    CommandRepository<UserRole>,
-    IQueryRepository<UserRole>,
-    IUserRoleRepository
+public class UserRoleRepository : CommandRepository<UserRole>, IUserRoleRepository
 {
     private readonly AppDbContext _context;
     private readonly ILogger<UserRoleRepository> _logger;

src/CellularManagement.Presentation/Controllers/RolePermissionController.cs

@@ -0,0 +1,206 @@
+using Microsoft.AspNetCore.Mvc;
+using MediatR;
+using Microsoft.Extensions.Logging;
+using CellularManagement.Application.Features.RolePermissions.Commands.AddRolePermissions;
+using CellularManagement.Application.Features.RolePermissions.Commands.DeleteRolePermissions;
+using CellularManagement.Application.Features.RolePermissions.Queries.GetRolePermissions;
+using CellularManagement.Application.Common;
+using Microsoft.AspNetCore.Http;
+using CellularManagement.Presentation.Abstractions;
+
+namespace CellularManagement.Presentation.Controllers;
+
+/// <summary>
+/// 角色权限控制器
+/// 提供角色权限管理相关的 API 接口，包括添加、删除和查询角色权限功能
+/// </summary>
+public class RolePermissionController : ApiController
+{
+    private readonly ILogger<RolePermissionController> _logger;
+
+    /// <summary>
+    /// 初始化角色权限控制器
+    /// </summary>
+    /// <param name="mediator">MediatR 中介者，用于处理命令和查询</param>
+    /// <param name="logger">日志记录器</param>
+    public RolePermissionController(
+        IMediator mediator,
+        ILogger<RolePermissionController> logger) : base(mediator)
+    {
+        _logger = logger;
+    }
+
+    /// <summary>
+    /// 获取角色权限
+    /// </summary>
+    /// <remarks>
+    /// 示例请求:
+    ///
+    ///     GET /api/role-permissions/{roleId}?includeDetails=true
+    ///
+    /// </remarks>
+    /// <param name="roleId">角色ID</param>
+    /// <param name="includeDetails">是否包含权限详情</param>
+    /// <returns>
+    /// 角色权限信息，包含：
+    /// - 角色基本信息
+    /// - 权限列表
+    /// </returns>
+    /// <response code="200">获取成功，返回角色权限信息</response>
+    /// <response code="400">获取失败，返回错误信息</response>
+    [HttpGet("{roleId}")]
+    [ProducesResponseType(typeof(OperationResult<GetRolePermissionsResponse>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(OperationResult<GetRolePermissionsResponse>), StatusCodes.Status400BadRequest)]
+    public async Task<ActionResult<OperationResult<GetRolePermissionsResponse>>> GetRolePermissions(
+        string roleId,
+        [FromQuery] bool includeDetails = true)
+    {
+        try
+        {
+            var query = new GetRolePermissionsQuery
+            {
+                RoleId = roleId,
+                IncludeDetails = includeDetails
+            };
+
+            var result = await mediator.Send(query);
+
+            if (result.IsSuccess)
+            {
+                _logger.LogInformation(
+                    "成功获取角色 {RoleId} 的权限信息，共 {Count} 个权限",
+                    roleId,
+                    result.Data?.Permissions.Count());
+            }
+            else
+            {
+                _logger.LogWarning(
+                    "获取角色 {RoleId} 的权限信息失败: {Error}",
+                    roleId,
+                    result.ErrorMessages?.FirstOrDefault());
+            }
+
+            return Ok(result);
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(ex, "获取角色 {RoleId} 的权限信息时发生异常", roleId);
+            return StatusCode(StatusCodes.Status500InternalServerError,
+                OperationResult<GetRolePermissionsResponse>.CreateFailure("系统错误，请稍后重试"));
+        }
+    }
+
+    /// <summary>
+    /// 添加角色权限
+    /// </summary>
+    /// <remarks>
+    /// 示例请求:
+    ///
+    ///     POST /api/role-permissions
+    ///     {
+    ///        "roleId": "角色ID",
+    ///        "permissionIds": ["权限ID1", "权限ID2"]
+    ///     }
+    ///
+    /// </remarks>
+    /// <param name="command">添加角色权限命令</param>
+    /// <returns>
+    /// 添加结果，包含：
+    /// - 成功：返回添加成功的权限ID列表
+    /// - 失败：返回错误信息
+    /// </returns>
+    /// <response code="200">添加成功，返回添加结果</response>
+    /// <response code="400">添加失败，返回错误信息</response>
+    [HttpPost]
+    [ProducesResponseType(typeof(OperationResult<AddRolePermissionsResponse>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(OperationResult<AddRolePermissionsResponse>), StatusCodes.Status400BadRequest)]
+    public async Task<ActionResult<OperationResult<AddRolePermissionsResponse>>> AddRolePermissions(
+        [FromBody] AddRolePermissionsCommand command)
+    {
+        try
+        {
+            var result = await mediator.Send(command);
+
+            if (result.IsSuccess)
+            {
+                _logger.LogInformation(
+                    "成功为角色 {RoleId} 添加权限，添加成功：{SuccessCount}，添加失败：{FailedCount}",
+                    command.RoleId,
+                    result.Data?.AddedPermissionIds.Count(),
+                    result.Data?.FailedPermissionIds.Count());
+            }
+            else
+            {
+                _logger.LogWarning(
+                    "为角色 {RoleId} 添加权限失败: {Error}",
+                    command.RoleId,
+                    result.ErrorMessages?.FirstOrDefault());
+            }
+
+            return Ok(result);
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(ex, "为角色 {RoleId} 添加权限时发生异常", command.RoleId);
+            return StatusCode(StatusCodes.Status500InternalServerError,
+                OperationResult<AddRolePermissionsResponse>.CreateFailure("系统错误，请稍后重试"));
+        }
+    }
+
+    /// <summary>
+    /// 删除角色权限
+    /// </summary>
+    /// <remarks>
+    /// 示例请求:
+    ///
+    ///     DELETE /api/role-permissions
+    ///     {
+    ///        "roleId": "角色ID",
+    ///        "permissionIds": ["权限ID1", "权限ID2"]
+    ///     }
+    ///
+    /// </remarks>
+    /// <param name="command">删除角色权限命令</param>
+    /// <returns>
+    /// 删除结果，包含：
+    /// - 成功：返回删除的权限数量
+    /// - 失败：返回错误信息
+    /// </returns>
+    /// <response code="200">删除成功，返回删除结果</response>
+    /// <response code="400">删除失败，返回错误信息</response>
+    [HttpDelete]
+    [ProducesResponseType(typeof(OperationResult<DeleteRolePermissionsResponse>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(OperationResult<DeleteRolePermissionsResponse>), StatusCodes.Status400BadRequest)]
+    public async Task<ActionResult<OperationResult<DeleteRolePermissionsResponse>>> DeleteRolePermissions(
+        [FromBody] DeleteRolePermissionsCommand command)
+    {
+        try
+        {
+            var result = await mediator.Send(command);
+
+            if (result.IsSuccess)
+            {
+                _logger.LogInformation(
+                    "成功从角色 {RoleId} 删除权限，删除数量：{DeletedCount}，删除失败：{FailedCount}",
+                    command.RoleId,
+                    result.Data?.DeletedCount,
+                    result.Data?.FailedPermissionIds.Count());
+            }
+            else
+            {
+                _logger.LogWarning(
+                    "从角色 {RoleId} 删除权限失败: {Error}",
+                    command.RoleId,
+                    result.ErrorMessages?.FirstOrDefault());
+            }
+
+            return Ok(result);
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(ex, "从角色 {RoleId} 删除权限时发生异常", command.RoleId);
+            return StatusCode(StatusCodes.Status500InternalServerError,
+                OperationResult<DeleteRolePermissionsResponse>.CreateFailure("系统错误，请稍后重试"));
+        }
+    }
+}