From 75df8db438ccaac079af512502177098f18aba8e Mon Sep 17 00:00:00 2001
From: withchao <993506633@qq.com>
Date: Sun, 4 Jun 2023 17:01:00 +0800
Subject: [PATCH] DismissGroup

---
 internal/rpc/group/group.go | 40 +++++++++++++++++--------------------
 1 file changed, 18 insertions(+), 22 deletions(-)

diff --git a/internal/rpc/group/group.go b/internal/rpc/group/group.go
index a4fcf1cd3..8200aa29f 100644
--- a/internal/rpc/group/group.go
+++ b/internal/rpc/group/group.go
@@ -485,34 +485,30 @@ func (s *groupServer) KickGroupMember(ctx context.Context, req *pbGroup.KickGrou
 		}
 		memberMap := make(map[string]*relationTb.GroupMemberModel)
 		for i, member := range members {
-			if member.RoleLevel == constant.GroupOwner {
-				return nil, errs.ErrArgs.Wrap("can not kick group owner")
-			}
 			memberMap[member.UserID] = members[i]
 		}
+		isAppManagerUid := tokenverify.IsAppManagerUid(ctx)
+		opMember := memberMap[opUserID]
 		for _, userID := range req.KickedUserIDs {
-			if _, ok := memberMap[userID]; !ok {
+			member, ok := memberMap[userID]
+			if !ok {
 				return nil, errs.ErrUserIDNotFound.Wrap(userID)
 			}
-		}
-		if !tokenverify.IsAppManagerUid(ctx) {
-			member := memberMap[opUserID]
-			if member == nil {
-				return nil, errs.ErrNoPermission.Wrap(fmt.Sprintf("opUserID %s no in group", opUserID))
-			}
-			switch member.RoleLevel {
-			case constant.GroupOwner:
-			case constant.GroupAdmin:
-				for _, member := range members {
-					if member.UserID == opUserID {
-						continue
-					}
-					if member.RoleLevel == constant.GroupOwner || member.RoleLevel == constant.GroupAdmin {
-						return nil, errs.ErrNoPermission.Wrap("userID:" + member.UserID)
-					}
+			if !isAppManagerUid {
+				if opMember == nil {
+					return nil, errs.ErrNoPermission.Wrap("opUserID no in group")
+				}
+				switch opMember.RoleLevel {
+				case constant.GroupOwner:
+				case constant.GroupAdmin:
+					if member.RoleLevel == constant.GroupOwner || member.RoleLevel == constant.GroupAdmin {
+						return nil, errs.ErrNoPermission.Wrap("group admins cannot remove the group owner and other admins")
+					}
+				case constant.GroupOrdinaryUsers:
+					return nil, errs.ErrNoPermission.Wrap("opUserID no permission")
+				default:
+					return nil, errs.ErrNoPermission.Wrap("opUserID roleLevel unknown")
 				}
-			default:
-				return nil, errs.ErrNoPermission.Wrap("opUserID is OrdinaryUser")
 			}
 		}
 		userIDs, err := s.GroupDatabase.FindGroupMemberUserID(ctx, req.GroupID)