feat(private): 私有化部署增强 — 服务自动开通、屏蔽 Ops 功能

- FeatureServiceManager: 私有化模式下服务开通申请跳过审核，直接自动激活
- OpsController: 私有化模式下 /api/auth/ops/login 返回 404，屏蔽运营登录
- OpsAdminInitializer: 私有化模式下跳过默认运营管理员账号的初始化

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

tenant-service/src/main/java/com/xuqm/tenant/config/OpsAdminInitializer.java

@@ -1,6 +1,8 @@
 package com.xuqm.tenant.config;
 
 import com.xuqm.tenant.service.OpsService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.ApplicationArguments;
 import org.springframework.boot.ApplicationRunner;
@@ -9,7 +11,10 @@ import org.springframework.stereotype.Component;
 @Component
 public class OpsAdminInitializer implements ApplicationRunner {
 
+    private static final Logger log = LoggerFactory.getLogger(OpsAdminInitializer.class);
+
     private final OpsService opsService;
+    private final PrivateDeploymentProperties deploymentProperties;
 
     @Value("${ops.admin.username:admin}")
     private String adminUsername;
@@ -17,12 +22,17 @@ public class OpsAdminInitializer implements ApplicationRunner {
     @Value("${ops.admin.password:Admin@123456}")
     private String adminPassword;
 
-    public OpsAdminInitializer(OpsService opsService) {
+    public OpsAdminInitializer(OpsService opsService, PrivateDeploymentProperties deploymentProperties) {
         this.opsService = opsService;
+        this.deploymentProperties = deploymentProperties;
     }
 
     @Override
     public void run(ApplicationArguments args) {
+        if (deploymentProperties.isPrivate()) {
+            log.info("私有化部署模式，跳过运营管理员初始化");
+            return;
+        }
         opsService.initDefaultAdmin(adminUsername, adminPassword);
     }
 }

tenant-service/src/main/java/com/xuqm/tenant/controller/OpsController.java

@@ -1,6 +1,7 @@
 package com.xuqm.tenant.controller;
 
 import com.xuqm.common.model.ApiResponse;
+import com.xuqm.tenant.config.PrivateDeploymentProperties;
 import com.xuqm.tenant.entity.AppEntity;
 import com.xuqm.tenant.entity.FeatureServiceEntity;
 import com.xuqm.tenant.entity.OperationLogEntity;
@@ -39,20 +40,26 @@ public class OpsController {
     private final RiskControlService riskControlService;
     private final OpsPushDiagnosticsClient pushDiagnosticsClient;
     private final LicenseServiceClient licenseServiceClient;
+    private final PrivateDeploymentProperties deploymentProperties;
 
     public OpsController(OpsService opsService, FeatureServiceManager featureServiceManager,
                          RiskControlService riskControlService,
                          OpsPushDiagnosticsClient pushDiagnosticsClient,
-                         LicenseServiceClient licenseServiceClient) {
+                         LicenseServiceClient licenseServiceClient,
+                         PrivateDeploymentProperties deploymentProperties) {
         this.opsService = opsService;
         this.featureServiceManager = featureServiceManager;
         this.riskControlService = riskControlService;
         this.pushDiagnosticsClient = pushDiagnosticsClient;
         this.licenseServiceClient = licenseServiceClient;
+        this.deploymentProperties = deploymentProperties;
     }
 
     @PostMapping("/api/auth/ops/login")
     public ResponseEntity<ApiResponse<Map<String, String>>> opsLogin(@RequestBody Map<String, String> body) {
+        if (deploymentProperties.isPrivate()) {
+            return ResponseEntity.notFound().build();
+        }
         String token = opsService.login(body.get("username"), body.get("password"));
         return ResponseEntity.ok(ApiResponse.success(Map.of("token", token)));
     }

tenant-service/src/main/java/com/xuqm/tenant/service/FeatureServiceManager.java

@@ -5,6 +5,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.ArrayNode;
 import com.fasterxml.jackson.databind.node.ObjectNode;
 import com.xuqm.common.exception.BusinessException;
+import com.xuqm.tenant.config.PrivateDeploymentProperties;
 import com.xuqm.tenant.entity.FeatureServiceEntity;
 import com.xuqm.tenant.entity.ServiceActivationRequestEntity;
 import com.xuqm.tenant.entity.ServiceActivationRequestEntity.Status;
@@ -34,19 +35,22 @@ public class FeatureServiceManager {
     private final ObjectMapper objectMapper;
     private final LicenseServiceClient licenseServiceClient;
     private final ImPlatformEventService imPlatformEventService;
+    private final PrivateDeploymentProperties deploymentProperties;
 
     public FeatureServiceManager(FeatureServiceRepository repository,
                                  ServiceActivationRequestRepository requestRepository,
                                  AppRepository appRepository,
                                  ObjectMapper objectMapper,
                                  LicenseServiceClient licenseServiceClient,
-                                 ImPlatformEventService imPlatformEventService) {
+                                 ImPlatformEventService imPlatformEventService,
+                                 PrivateDeploymentProperties deploymentProperties) {
         this.repository = repository;
         this.requestRepository = requestRepository;
         this.appRepository = appRepository;
         this.objectMapper = objectMapper;
         this.licenseServiceClient = licenseServiceClient;
         this.imPlatformEventService = imPlatformEventService;
+        this.deploymentProperties = deploymentProperties;
     }
 
     public List<FeatureServiceEntity> listByApp(String appKey) {
@@ -98,7 +102,13 @@ public class FeatureServiceManager {
         req.setStatus(Status.PENDING);
         req.setApplyReason(applyReason);
         req.setCreatedAt(LocalDateTime.now());
-        return requestRepository.save(req);
+        requestRepository.save(req);
+
+        // 私有化部署无需运营审核，直接自动开通
+        if (deploymentProperties.isPrivate()) {
+            return approveRequest(req.getId(), "私有化部署自动开通");
+        }
+        return req;
     }
 
     /**