feat(tenant): 添加租户角色归属校验

- 在添加租户管理员时校验角色是否属于当前租户- 新增错误码 ROLE_NOT_BELONG_TENANT用于标识角色不匹配情况
- 实现通过角色ID查询并验证租户ID一致性逻辑

portal-service-domain/src/main/java/com/hfln/portal/domain/exception/ErrorEnum.java

@@ -130,6 +130,7 @@ public enum ErrorEnum implements ErrorEnumInterface {
      * 租户相关
      */
     TENANT_IS_ALREADY_EXIST("13001", "租户已经存在!"),
+    ROLE_NOT_BELONG_TENANT("13002", "角色不属于当前租户!"),
 
     /**
      * 事件相关

portal-service-infrastructure/src/main/java/com/hfln/portal/infrastructure/gateway/impl/WebTenantGatewayImpl.java

@@ -160,6 +160,12 @@ public class WebTenantGatewayImpl implements WebTenantGateway {
     @Transactional
     public void addTenantAdmin(TenantAdminAddParam req) {
 
+        // 校验当前角色 是否属于当前租户
+        TblRole role = tblRoleService.getById(req.getRoleId());
+        if (role == null || !req.getTenantId().equals(role.getTenantId())) {
+            throw new BizException(ErrorEnum.ROLE_NOT_BELONG_TENANT.getErrorCode(), ErrorEnum.ROLE_NOT_BELONG_TENANT.getErrorMessage());
+        }
+
         if (req.getUserId() == null) {
             // 1. 检查账号是否已存在
             AdminUserInfo exist = adminUserService.queryByAccount(req.getAccount());