diff --git a/epmet-auth/src/main/java/com/epmet/feign/EpmetUserFeignClient.java b/epmet-auth/src/main/java/com/epmet/feign/EpmetUserFeignClient.java
index 6bebb97f96..37312c17f6 100644
--- a/epmet-auth/src/main/java/com/epmet/feign/EpmetUserFeignClient.java
+++ b/epmet-auth/src/main/java/com/epmet/feign/EpmetUserFeignClient.java
@@ -3,6 +3,7 @@ package com.epmet.feign;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.GovStaffRoleDTO;
 import com.epmet.dto.UserDTO;
 import com.epmet.dto.UserWechatDTO;
 import com.epmet.dto.form.*;
@@ -107,4 +108,11 @@ public interface EpmetUserFeignClient {
 	 **/
 	@PostMapping(value = "epmetuser/staffagencyvisited/saveStaffLoginRecord", consumes = MediaType.APPLICATION_JSON_VALUE)
 	Result saveStaffLoginRecord(StaffLoginAgencyRecordFormDTO staffLoginHistoryFormDTO);
+
+	/**
+	 * 查询工作人员的角色
+	 * @return
+	 */
+	@PostMapping("/epmetuser/staffrole/staffroles")
+	Result<List<GovStaffRoleDTO>> getRolesOfStaff(StaffRoleFormDTO staffRoleFormDTO);
 }
diff --git a/epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java b/epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java
index 27c596f0de..de717a944e 100644
--- a/epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java
+++ b/epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java
@@ -2,8 +2,10 @@ package com.epmet.feign;
 
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.form.StaffOrgFormDTO;
 import com.epmet.dto.result.DepartmentListResultDTO;
+import com.epmet.dto.result.GridByStaffResultDTO;
 import com.epmet.dto.result.StaffOrgsResultDTO;
 import com.epmet.feign.fallback.GovOrgFeignClientFallback;
 import org.springframework.cloud.openfeign.FeignClient;
@@ -37,4 +39,20 @@ public interface GovOrgFeignClient {
      */
     @PostMapping("/gov/org/department/staff/{staffId}/departmentlist")
     Result<List<DepartmentListResultDTO>> getDepartmentListByStaffId(@PathVariable("staffId") String staffId);
+
+    /**
+     * 查询工作人员所有的网格
+     * @param staffId
+     * @return
+     */
+    @PostMapping("/gov/org/grid/gridsbystaffid/{staffId}")
+    Result<List<GridByStaffResultDTO>> listGridsbystaffid(@PathVariable("staffId") String staffId);
+
+    /**
+     * 根据staffId查询所属的组织机构
+     * @param staffId
+     * @return
+     */
+    @PostMapping("/gov/org/agency/agencybystaff/{staffId}")
+    Result<CustomerAgencyDTO> getAgencyByStaff(@PathVariable("staffId") String staffId);
 }
diff --git a/epmet-auth/src/main/java/com/epmet/feign/fallback/EpmetUserFeignClientFallback.java b/epmet-auth/src/main/java/com/epmet/feign/fallback/EpmetUserFeignClientFallback.java
index b08fcbca1a..88ed4e42de 100644
--- a/epmet-auth/src/main/java/com/epmet/feign/fallback/EpmetUserFeignClientFallback.java
+++ b/epmet-auth/src/main/java/com/epmet/feign/fallback/EpmetUserFeignClientFallback.java
@@ -4,6 +4,7 @@ import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.GovStaffRoleDTO;
 import com.epmet.dto.UserDTO;
 import com.epmet.dto.UserWechatDTO;
 import com.epmet.dto.form.*;
@@ -62,4 +63,9 @@ public class EpmetUserFeignClientFallback implements EpmetUserFeignClient {
 		return ModuleUtils.feignConError(ServiceConstant.EPMET_USER_SERVER, "saveStaffLoginRecord", staffLoginHistoryFormDTO);
 	}
 
+	@Override
+	public Result<List<GovStaffRoleDTO>> getRolesOfStaff(StaffRoleFormDTO staffRoleFormDTO) {
+		return ModuleUtils.feignConError(ServiceConstant.EPMET_USER_SERVER, "getRolesOfStaff", staffRoleFormDTO);
+	}
+
 }
diff --git a/epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java b/epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java
index 0e42e2436f..9e5d0d05ee 100644
--- a/epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java
+++ b/epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java
@@ -3,8 +3,10 @@ package com.epmet.feign.fallback;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.form.StaffOrgFormDTO;
 import com.epmet.dto.result.DepartmentListResultDTO;
+import com.epmet.dto.result.GridByStaffResultDTO;
 import com.epmet.dto.result.StaffOrgsResultDTO;
 import com.epmet.feign.GovOrgFeignClient;
 import org.springframework.stereotype.Component;
@@ -28,5 +30,15 @@ public class GovOrgFeignClientFallback implements GovOrgFeignClient {
     public Result<List<DepartmentListResultDTO>> getDepartmentListByStaffId(String staffId) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getDepartmentListByStaffId", staffId);
     }
+
+    @Override
+    public Result<List<GridByStaffResultDTO>> listGridsbystaffid(String staffId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "listGridsbystaffid", staffId);
+    }
+
+    @Override
+    public Result<CustomerAgencyDTO> getAgencyByStaff(String staffId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getAgencyByStaff", staffId);
+    }
 }
 
diff --git a/epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java b/epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java
index 6b5fc2914d..7ad0fae480 100644
--- a/epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java
+++ b/epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java
@@ -11,12 +11,11 @@ import com.epmet.commons.tools.utils.CpUserDetailRedis;
 import com.epmet.commons.tools.utils.DateUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.commons.tools.validator.PhoneValidatorUtils;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.GovStaffRoleDTO;
 import com.epmet.dto.form.*;
-import com.epmet.dto.result.DepartmentListResultDTO;
-import com.epmet.dto.result.StaffLatestAgencyResultDTO;
-import com.epmet.dto.result.StaffOrgsResultDTO;
-import com.epmet.dto.result.UserTokenResultDTO;
+import com.epmet.dto.result.*;
 import com.epmet.feign.EpmetUserFeignClient;
 import com.epmet.feign.GovOrgFeignClient;
 import com.epmet.feign.MessageFeignClient;
@@ -168,12 +167,59 @@ public class GovLoginServiceImpl implements GovLoginService {
         govTokenDto.setAgencyId(staffLatestAgency.getAgencyId());
         govTokenDto.setCustomerId(staffLatestAgency.getCustomerId());
 
+        //设置部门，网格，角色列表
+        govTokenDto.setDeptIdList(getDeptartmentIdList(staffLatestAgency.getStaffId()));
+        govTokenDto.setGridIdList(getGridIdList(staffLatestAgency.getStaffId()));
+        CustomerAgencyDTO agency = getAgencyByStaffId(staffLatestAgency.getStaffId());
+        if (agency != null) {
+            govTokenDto.setRoleIdList(queryGovStaffRoleIds(staffLatestAgency.getStaffId(), agency.getId()));
+        }
+        govTokenDto.setOrgIdPath(getOrgIdPath(staffLatestAgency.getStaffId()));
+
+        cpUserDetailRedis.set(govTokenDto, expire);
+        logger.info("截止时间：" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss"));
+    }
+
+    /**
+     * 查询人员在某机关单位下的角色列表
+     * @param staffId
+     * @param orgId
+     * @return
+     */
+    public Set<String> queryGovStaffRoleIds(String staffId, String orgId) {
+        StaffRoleFormDTO formDTO = new StaffRoleFormDTO();
+        formDTO.setStaffId(staffId);
+        formDTO.setOrgId(orgId);
+        Result<List<GovStaffRoleDTO>> gridResult = epmetUserFeignClient.getRolesOfStaff(formDTO);
+        if (!CollectionUtils.isEmpty(gridResult.getData())) {
+            return gridResult.getData().stream().map(role -> role.getId()).collect(Collectors.toSet());
+        }
+        return null;
+    }
+
+    /**
+     * 根据工作人员ID查询网格ID列表
+     * @param staffId
+     * @return
+     */
+    public Set<String> getGridIdList(String staffId) {
+        Result<List<GridByStaffResultDTO>> result = govOrgFeignClient.listGridsbystaffid(staffId);
+        if (!result.success()) {
+            logger.error("登录:查询网格列表，远程调用返回错误:{}", result.getMsg());
+            return null;
+        } else {
+            List<GridByStaffResultDTO> grids = result.getData();
+            return grids.stream().map(grid -> grid.getGridId()).collect(Collectors.toSet());
+        }
+    }
+
+    public Set<String> getDeptartmentIdList(String staffId) {
         try {
-            Result<List<DepartmentListResultDTO>> deptListResult = govOrgFeignClient.getDepartmentListByStaffId(staffLatestAgency.getStaffId());
+            Result<List<DepartmentListResultDTO>> deptListResult = govOrgFeignClient.getDepartmentListByStaffId(staffId);
             if (deptListResult.success()) {
                 if (!CollectionUtils.isEmpty(deptListResult.getData())) {
                     Set<String> deptIdLists = deptListResult.getData().stream().map(dept -> dept.getDepartmentId()).collect(Collectors.toSet());
-                    govTokenDto.setDeptIdList(deptIdLists);
+                    return deptIdLists;
                 }
             } else {
                 logger.error("登录:查询部门列表，远程调用返回错误:{}", deptListResult.getMsg());
@@ -182,9 +228,7 @@ public class GovLoginServiceImpl implements GovLoginService {
             String errorStackTrace = ExceptionUtils.getErrorStackTrace(e);
             logger.error("登录:查询部门列表异常:{}", errorStackTrace);
         }
-
-        cpUserDetailRedis.set(govTokenDto, expire);
-        logger.info("截止时间：" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss"));
+        return null;
     }
 
     //保存登录日志
@@ -300,8 +344,50 @@ public class GovLoginServiceImpl implements GovLoginService {
         govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime());
         govTokenDto.setAgencyId(orgId);
         govTokenDto.setCustomerId(customerId);
+
+        //设置部门，网格，角色列表
+        govTokenDto.setDeptIdList(getDeptartmentIdList(staffId));
+        govTokenDto.setGridIdList(getGridIdList(staffId));
+        CustomerAgencyDTO agency = getAgencyByStaffId(staffId);
+        if (agency != null) {
+            govTokenDto.setRoleIdList(queryGovStaffRoleIds(staffId, agency.getId()));
+        }
+        govTokenDto.setOrgIdPath(getOrgIdPath(staffId));
+
         cpUserDetailRedis.set(govTokenDto, expire);
         logger.info("截止时间：" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss"));
     }
+
+    /**
+     * 查询工作人员的OrgIdPath
+     * @param staffId
+     * @return
+     */
+    public String getOrgIdPath(String staffId) {
+        Result<CustomerAgencyDTO> result = govOrgFeignClient.getAgencyByStaff(staffId);
+        if (!result.success()) {
+            logger.error("登录：查询登录人所属的机关OrgIdPath失败:{}", result.getMsg());
+            return null;
+        }
+        CustomerAgencyDTO agency = result.getData();
+        if (agency != null) {
+            if ("0".equals(agency.getPid())) {
+                // 顶级
+                return agency.getId();
+            } else {
+                return agency.getPids().concat(":").concat(agency.getId());
+            }
+        }
+        return null;
+    }
+
+    public CustomerAgencyDTO getAgencyByStaffId(String staffId) {
+        Result<CustomerAgencyDTO> result = govOrgFeignClient.getAgencyByStaff(staffId);
+        if (!result.success()) {
+            logger.error("登录：查询登录人所属的机关OrgIdPath失败:{}", result.getMsg());
+            return null;
+        }
+        return result.getData();
+    }
 }
 
diff --git a/epmet-auth/src/test/java/com/epmet/TokenGenTest.java b/epmet-auth/src/test/java/com/epmet/TokenGenTest.java
index 60f7654b22..e337632663 100644
--- a/epmet-auth/src/test/java/com/epmet/TokenGenTest.java
+++ b/epmet-auth/src/test/java/com/epmet/TokenGenTest.java
@@ -1,10 +1,15 @@
 package com.epmet;
 
+import cn.binarywang.wx.miniapp.bean.WxMaJscode2SessionResult;
 import com.epmet.common.token.constant.LoginConstant;
 import com.epmet.commons.tools.security.dto.GovTokenDto;
 import com.epmet.commons.tools.utils.CpUserDetailRedis;
+import com.epmet.commons.tools.utils.DateUtils;
+import com.epmet.dto.CustomerAgencyDTO;
+import com.epmet.dto.result.StaffLatestAgencyResultDTO;
 import com.epmet.jwt.JwtTokenProperties;
 import com.epmet.jwt.JwtTokenUtils;
+import com.epmet.service.impl.GovLoginServiceImpl;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -29,6 +34,9 @@ public class TokenGenTest {
     @Autowired
     private CpUserDetailRedis cpUserDetailRedis;
 
+    @Autowired
+    private GovLoginServiceImpl govLoginService;
+
     @Test
     public void genToken() {
         String staffId = "wxz";
@@ -50,6 +58,33 @@ public class TokenGenTest {
         cpUserDetailRedis.set(govTokenDto, expire);
     }
 
+    @Test
+    public void saveLatestGovTokenDto() {
+        String staffId = "wxz";
+        String token = generateGovWxmpToken(staffId);
+        int expire = jwtTokenProperties.getExpire();
+        GovTokenDto govTokenDto = new GovTokenDto();
+        govTokenDto.setApp(LoginConstant.APP_GOV);
+        govTokenDto.setClient(LoginConstant.CLIENT_WXMP);
+        govTokenDto.setToken(token);
+        govTokenDto.setUserId(staffId);
+        govTokenDto.setUpdateTime(System.currentTimeMillis());
+        govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime());
+        //govTokenDto.setAgencyId(staffLatestAgency.getAgencyId());
+        //govTokenDto.setCustomerId(staffLatestAgency.getCustomerId());
+
+        //设置部门，网格，角色列表
+        govTokenDto.setDeptIdList(govLoginService.getDeptartmentIdList(staffId));
+        govTokenDto.setGridIdList(govLoginService.getGridIdList(staffId));
+        CustomerAgencyDTO agency = govLoginService.getAgencyByStaffId(staffId);
+        if (agency != null) {
+            govTokenDto.setRoleIdList(govLoginService.queryGovStaffRoleIds(staffId, agency.getId()));
+        }
+        govTokenDto.setOrgIdPath(govLoginService.getOrgIdPath(staffId));
+
+        cpUserDetailRedis.set(govTokenDto, expire);
+    }
+
     /**
      * @Description 生成token
      * @Date 2020/4/18 23:04
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java
index a7c5fc1683..78b2ba49e0 100644
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java
@@ -10,9 +10,8 @@ package com.epmet.commons.mybatis.aspect;
 
 import com.epmet.commons.mybatis.annotation.DataFilter;
 import com.epmet.commons.mybatis.constant.AccessSettingConstant;
-import com.epmet.commons.mybatis.constant.OpeScopeConstant;
+import com.epmet.commons.tools.constant.OpeScopeConstant;
 import com.epmet.commons.mybatis.dto.form.*;
-import com.epmet.commons.mybatis.entity.DataScope;
 import com.epmet.commons.mybatis.feign.GovAccessFeignClient;
 import com.epmet.commons.mybatis.feign.GovOrgFeignClient;
 import com.epmet.commons.tools.aspect.AccessOpeAspect;
@@ -32,6 +31,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.util.CollectionUtils;
 
 import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * 数据过滤，切面处理类
@@ -86,11 +86,11 @@ public class DataFilterAspect {
         String client = loginUserUtil.getLoginUserClient();
         String userId = loginUserUtil.getLoginUserId();
 
-        StaffPermissionFormDTO staffPermissionFormDTO = new StaffPermissionFormDTO();
+        StaffPermCacheFormDTO staffPermissionFormDTO = new StaffPermCacheFormDTO();
         staffPermissionFormDTO.setApp(app);
         staffPermissionFormDTO.setClient(client);
         staffPermissionFormDTO.setStaffId(userId);
-        Result<StaffPermCacheResultDTO> result = govAccessFeignClient.getStaffCurrPermissions(staffPermissionFormDTO);
+        Result<LoginUserInfoResultDTO> result = govAccessFeignClient.getLoginUserInfo(staffPermissionFormDTO);
 
         if (result.getCode() != 0) {
             // 查询不到权限，记录日志，抛出8000异常
@@ -98,21 +98,23 @@ public class DataFilterAspect {
             throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
         }
 
-        StaffPermCacheResultDTO permCacheResultDTO = result.getData();
+        LoginUserInfoResultDTO userDetail = result.getData();
 
-        if (permCacheResultDTO == null || CollectionUtils.isEmpty(permCacheResultDTO.getPermissions())) {
-            log.error("操作权限不足，查询不到权限");
+        if (userDetail == null) {
+            log.error("操作权限不足，查询不到登录用户信息");
             throw new RenException(EpmetErrorCode.REQUIRE_PERMISSION.getCode());
         }
 
+        Set<String> currPermissions = getPermissions(userDetail.getRoleIdList());
+
         // 校验操作权限
-        validateOpePermission(permCacheResultDTO.getPermissions(), requirePermission);
+        validateOpePermission(currPermissions, requirePermission);
 
         hasConditions.set(false);
 
         // 生成过滤sql
-        String sqlFilterSegment = getSqlFilterSegment(userId, permCacheResultDTO.getRoleIdList(), requirePermission,
-                permCacheResultDTO.getOrgIdPath(), permCacheResultDTO.getGridId(), tableAlias, permCacheResultDTO.getDeptIdList());
+        String sqlFilterSegment = getSqlFilterSegment(userId, userDetail.getRoleIdList(), requirePermission,
+                userDetail.getOrgIdPath(), userDetail.getDeptIdList(), tableAlias, userDetail.getDeptIdList());
 
         // 方式1.填充到Service方法列表中的DataScope对象中。如果dao入参是用DTO的话，那么再加一个DataScope入参，sql中会报错提示#{}参数找不到，因此改用方法2
         //Object[] methodArgs = point.getArgs();
@@ -129,6 +131,22 @@ public class DataFilterAspect {
         }
     }
 
+    private Set<String> getPermissions(Set<String> roleIdList) {
+        Set<String> permissions = new HashSet<>();
+        roleIdList.forEach(role -> {
+            // 找出该角色的所有功能操作列表
+            Result<Set<RoleOpeScopeResultDTO>> result = govAccessFeignClient.listRoleAllOperationScopesByRoleId(role);
+            if (!result.success()) {
+                // 获取operation异常
+                log.error("调用GovAccess，根据RoleId查询Operation列表失败:{}", result.getMsg());
+                throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+            }
+            Set<RoleOpeScopeResultDTO> roleOperations = result.getData();
+            permissions.addAll(roleOperations.stream().map(ope -> ope.getOperationKey()).collect(Collectors.toSet()));
+        });
+        return permissions;
+    }
+
     /**
      * 校验操作权限
      */
@@ -146,7 +164,7 @@ public class DataFilterAspect {
      * @return
      */
     private String getSqlFilterSegment(String userId, Set<String> roleIds, String reqiurePermission, String orgIdPath,
-                                       String gridId, String tableAlias, Set<String> deptIds) {
+                                       Set<String> gridIdList, String tableAlias, Set<String> deptIds) {
 
         StringBuilder sb = new StringBuilder();
 
@@ -164,7 +182,7 @@ public class DataFilterAspect {
         // 3.生成sql:本网格的
         String inGrid = accessSettings.get(AccessSettingConstant.IN_GRID_KEY);
         if (StringUtils.isNotBlank(inGrid) && AccessSettingConstant.IN_GRID_YES.equals(inGrid)) {
-            genInGrid(sb, gridId, tableAlias);
+            genInGrid(sb, gridIdList, tableAlias);
         }
 
         // 4.生成sql:根据部门列表
@@ -218,15 +236,28 @@ public class DataFilterAspect {
      * 网格sql
      *
      * @param sb
-     * @param gridId
      * @param tableAlias
      */
-    private void genInGrid(StringBuilder sb, String gridId, String tableAlias) {
-        if (StringUtils.isBlank(tableAlias)) {
-            sb.append(hasConditions.get() ? " OR " : "").append(" GRID_ID ='").append(gridId).append("' ");
-        } else {
-            sb.append(hasConditions.get() ? " OR " : "").append(tableAlias).append(".GRID_ID ='").append(gridId).append("' ");
+    private void genInGrid(StringBuilder sb, Set<String> gridIdList, String tableAlias) {
+        //if (StringUtils.isBlank(tableAlias)) {
+        //    sb.append(hasConditions.get() ? " OR " : "").append(" GRID_ID ='").append(gridId).append("' ");
+        //} else {
+        //    sb.append(hasConditions.get() ? " OR " : "").append(tableAlias).append(".GRID_ID ='").append(gridId).append("' ");
+        //}
+
+        if (hasConditions.get()) {
+            // 之前没有条件
+            sb.append(" OR ");
         }
+        // OR     GRID_ID = 'XXX' OR GRID_ID = 'QQQ'
+        for (String gridId : gridIdList) {
+            if (StringUtils.isBlank(tableAlias)) {
+                sb.append(" GRID_ID = '").append(gridId).append("' OR");
+            } else {
+                sb.append(" ").append(tableAlias).append(".GRID_ID ='").append(gridId).append("' OR ");
+            }
+        }
+        sb.replace(sb.lastIndexOf("OR"), sb.lastIndexOf("OR") + 3, "");
         hasConditions.set(true);
     }
 
@@ -253,19 +284,31 @@ public class DataFilterAspect {
     public void genOrgScopeSql(StringBuilder sb, String orgIdPath, Set<String> roleIds, String reqiurePermission, String tableAlias) {
 
         // 根据角色列表查询操作范围列表
-        Set<OperationScopeDTO> scopeDTOS = new HashSet<>();
+        Set<RoleOpeScopeResultDTO> opeAndScopes = new HashSet<>();
+        //roleIds.forEach(roleId -> {
+        //    OperationScopeFormDTO osformDto = new OperationScopeFormDTO();
+        //    osformDto.setRoleId(roleId);
+        //    osformDto.setOperationKey(reqiurePermission);
+        //    Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto);
+        //    if (result.success()) {
+        //        scopeDTOS.addAll(result.getData());
+        //    }
+        //});
+
         roleIds.forEach(roleId -> {
-            OperationScopeFormDTO osformDto = new OperationScopeFormDTO();
-            osformDto.setRoleId(roleId);
-            osformDto.setOperationKey(reqiurePermission);
-            Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto);
-            if (result.success()) {
-                scopeDTOS.addAll(result.getData());
+            Result<Set<RoleOpeScopeResultDTO>> opeResult = govAccessFeignClient.listRoleAllOperationScopesByRoleId(roleId);
+            if (!opeResult.success()) {
+                log.error("DataFilter：根据角色查询角色所有的操作列表出错:{}", opeResult.getMsg());
+            } else {
+                Set<RoleOpeScopeResultDTO> opes = opeResult.getData();
+                if (!CollectionUtils.isEmpty(opes)) {
+                    opeAndScopes.addAll(opes);
+                }
             }
         });
 
         // 过滤范围
-        HashSet<String> scopes = filteScopes(scopeDTOS);
+        HashSet<String> scopes = filteScopes(opeAndScopes);
         if (CollectionUtils.isEmpty(scopes)) {
             // 没有范围限制
             return;
@@ -333,10 +376,10 @@ public class DataFilterAspect {
      * @param scopeDTOS
      * @return
      */
-    private HashSet<String> filteScopes(Set<OperationScopeDTO> scopeDTOS) {
-        HashMap<String, OperationScopeDTO> filtedScopes = new HashMap<>();
+    private HashSet<String> filteScopes(Set<RoleOpeScopeResultDTO> scopeDTOS) {
+        HashMap<String, RoleOpeScopeResultDTO> filtedScopes = new HashMap<>();
 
-        for (OperationScopeDTO scope : scopeDTOS) {
+        for (RoleOpeScopeResultDTO scope : scopeDTOS) {
             String scopeIndex = scope.getScopeIndex();
             if (StringUtils.isBlank(scopeIndex)) {
                 continue;
@@ -348,7 +391,7 @@ public class DataFilterAspect {
                 continue;
             }
 
-            OperationScopeDTO tempScope = filtedScopes.get(currArr[0]);
+            RoleOpeScopeResultDTO tempScope = filtedScopes.get(currArr[0]);
             if (tempScope != null) {
                 // 已经有ac开头的了
                 String tempScopeIndex = tempScope.getScopeIndex();
@@ -360,8 +403,8 @@ public class DataFilterAspect {
             }
         }
         HashSet<String> scopeStrs = new HashSet<>();
-        Set<Map.Entry<String, OperationScopeDTO>> entries = filtedScopes.entrySet();
-        for (Map.Entry<String, OperationScopeDTO> entry : entries) {
+        Set<Map.Entry<String, RoleOpeScopeResultDTO>> entries = filtedScopes.entrySet();
+        for (Map.Entry<String, RoleOpeScopeResultDTO> entry : entries) {
             scopeStrs.add(entry.getValue().getScopeKey());
         }
         return scopeStrs;
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/LoginUserInfoResultDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/LoginUserInfoResultDTO.java
new file mode 100644
index 0000000000..dc7cf8e657
--- /dev/null
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/LoginUserInfoResultDTO.java
@@ -0,0 +1,40 @@
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+import java.util.Set;
+
+@Data
+public class LoginUserInfoResultDTO {
+
+    /**
+     * 权限列表
+     */
+    private Set<String> permissions;
+
+    /**
+     * 角色列表
+     */
+    private Set<String> roleIdList;
+
+    /**
+     * 部门id列表
+     */
+    private Set<String> deptIdList;
+
+    /**
+     * 组织ID
+     */
+    private String orgIdPath;
+
+    /**
+     * 网格ID
+     */
+    private String gridId;
+
+    /**
+     * 网格ID列表
+     */
+    private Set<String> gridIdList;
+
+}
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/RoleOpeScopeResultDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/RoleOpeScopeResultDTO.java
new file mode 100644
index 0000000000..f255b6d546
--- /dev/null
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/RoleOpeScopeResultDTO.java
@@ -0,0 +1,33 @@
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+@Data
+public class RoleOpeScopeResultDTO {
+
+    /**
+     * 角色ID
+     */
+    private String roleId;
+
+    /**
+     * 操作key
+     */
+    private String operationKey;
+
+    /**
+     * 范围key
+     */
+    private String scopeKey;
+
+    /**
+     * 范围名称
+     */
+    private String scopeName;
+
+    /**
+     * 范围序号
+     */
+    private String scopeIndex;
+
+}
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheFormDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheFormDTO.java
new file mode 100644
index 0000000000..19bb386e00
--- /dev/null
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheFormDTO.java
@@ -0,0 +1,59 @@
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import java.util.Set;
+
+@Data
+public class StaffPermCacheFormDTO {
+
+    /**
+     * 更新权限缓存分组
+     */
+    public interface UpdatePermissionCache {}
+
+    /**
+     * 查询当前权限列表
+     */
+    public interface GetStaffCurrPermissions {}
+
+    /**
+     * 工作人员 id
+     */
+    @NotBlank(message = "工作人员ID不能为空", groups = {UpdatePermissionCache.class, GetStaffCurrPermissions.class})
+    private String staffId;
+
+    /**
+     * 登录头信息app
+     */
+    @NotBlank(message = "登录头信息app不能为空", groups = {UpdatePermissionCache.class, GetStaffCurrPermissions.class})
+    private String app;
+
+    /**
+     * 登录头信息client
+     */
+    @NotBlank(message = "登录头信息client不能为空", groups = {UpdatePermissionCache.class, GetStaffCurrPermissions.class})
+    private String client;
+
+    /**
+     * 组织ID路径
+     */
+    private String orgIdPath;
+
+    /**
+     * 权限列表
+     */
+    private Set<String> permissions;
+
+    /**
+     * 角色列表
+     */
+    private Set<String> roleIdList;
+
+    /**
+     * 当前所在网格id
+     */
+    private String gridId;
+
+}
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java
index ec090d7aee..e00dce2b3a 100644
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java
@@ -32,4 +32,6 @@ public class StaffPermCacheResultDTO {
      */
     private String gridId;
 
+    private String gridIdList;
+
 }
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java
index 354df4950f..9eb4c00377 100644
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java
@@ -25,8 +25,8 @@ public interface GovAccessFeignClient {
      * 查询用户当前权限列表
      * @return
      */
-    @PostMapping("/gov/access/access/getcurrpermissions")
-    Result<StaffPermCacheResultDTO> getStaffCurrPermissions(StaffPermissionFormDTO dto);
+    @PostMapping("/gov/access/access/loginuserinfo")
+    Result<LoginUserInfoResultDTO> getLoginUserInfo(@RequestBody StaffPermCacheFormDTO dto);
 
     /**
      * 查询角色的操作key对应操作范围列表
@@ -43,4 +43,11 @@ public interface GovAccessFeignClient {
      */
     @PostMapping("/gov/access/access/role/{roleId}/accesssettings")
     Result<Map<String, String>> listAccessSettings(@PathVariable("roleId") String roleId);
+
+    /**
+     * 查询角色所有operation及其范围(缓存)
+     * @return
+     */
+    @PostMapping("/gov/access/access/roleallopesandscopes/{roleId}")
+    Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId);
 }
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java
index ae74de9483..197ddbfc7a 100644
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java
@@ -6,8 +6,8 @@ import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
 import org.springframework.stereotype.Component;
+import org.springframework.web.bind.annotation.PathVariable;
 
-import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
@@ -21,8 +21,8 @@ import java.util.Set;
 public class GovAccessFeignClientFallback implements GovAccessFeignClient {
 
     @Override
-    public Result<StaffPermCacheResultDTO> getStaffCurrPermissions(StaffPermissionFormDTO dto) {
-        return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getStaffCurrPermissions", dto);
+    public Result<LoginUserInfoResultDTO> getLoginUserInfo(StaffPermCacheFormDTO dto) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getLoginUserInfo", dto);
     }
 
     @Override
@@ -34,4 +34,9 @@ public class GovAccessFeignClientFallback implements GovAccessFeignClient {
     public Result<Map<String, String>> listAccessSettings(String roleId) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listAccessSettings", roleId);
     }
+
+    @Override
+    public Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId){
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listRoleAllOperationScopesByRoleId", roleId);
+    }
 }
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/OpeScopeConstant.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/constant/OpeScopeConstant.java
similarity index 71%
rename from epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/OpeScopeConstant.java
rename to epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/constant/OpeScopeConstant.java
index 3d415ffb30..9d11c7d3b3 100644
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/OpeScopeConstant.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/constant/OpeScopeConstant.java
@@ -1,4 +1,4 @@
-package com.epmet.commons.mybatis.constant;
+package com.epmet.commons.tools.constant;
 
 public class OpeScopeConstant {
     //"同级组织的下级"
@@ -7,6 +7,7 @@ public class OpeScopeConstant {
     public static final String ORG_EQUAL_AND_SUB = "org_equal_and_sub";
     //"同级组织"
     public static final String ORG_EQUAL = "org_equal";
+
     //"本组织的下级"
     public static final String ORG_CURR_SUB = "org_curr_sub";
     //"本组织及下级"
@@ -14,4 +15,9 @@ public class OpeScopeConstant {
     //"本组织"
     public static final String ORG_CURR = "org_curr";
 
+    //"本组织的上级"
+    public static final String ORG_CURR_SUP = "org_curr_sup";
+    //"本组织及上级"
+    public static final String ORG_CURR_AND_SUP = "org_curr_and_sup";
+
 }
diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java
index 38e7eeeae5..b60c3a40d1 100644
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java
@@ -15,7 +15,7 @@ public enum EpmetErrorCode {
 	CANNOT_JOIN_GROUP(8001, "只有认证党员和居民才可以加入小组，请选择您的身份"),
 	CANNOT_CREATE_GROUP(8002, "只有党员和热心居民才能创建小组，请选择您的身份"),
 	GROUP_ALREADY_EXISTED(8003,"组名已存在"),
-	GOV_STAFF_NOT_EXISTS(8004,"未找到您所属的组织，请联系您单位的管理员，确认其录入的手机号和您注册的号码一致。"),
+	GOV_STAFF_NOT_EXISTS(8004,"手机号未注册，请联系贵单位管理员，确认其录入手机与您所持手机号相同"),
 	GOV_STAFF_DISABLED(8005,"您好，您的账户已被冻结，请联系管理员。"),
 	LOSE_EFFICACY(8006,"此邀请链接已过期"),
 	ERROR_PHONE(8007,"请输入正确的手机号"),
diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java
index 0b6c64d6ef..f4f6be0539 100644
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java
@@ -218,6 +218,15 @@ public class RedisKeys {
 		return rootPrefix.concat("gov:access:role:opescopes:").concat(roleId).concat(":").concat(opeKey);
 	}
 
+	/**
+	 * 角色所有操作权限对应的可操作范围
+	 * @param roleId 角色ID
+	 * @return
+	 */
+	public static String getRoleAllOpeScopesKey(String roleId) {
+		return rootPrefix.concat("gov:access:role:allopescopes:").concat(roleId);
+	}
+
 	/**
 	 * 角色ID对应的权限配置
 	 * @param roleId
diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java
index de94567fb6..5362a740ca 100644
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java
@@ -59,6 +59,11 @@ public class GovTokenDto extends BaseTokenDto implements Serializable {
      */
     private String gridId;
 
+    /***
+     * 所在网格列表
+     */
+    private Set<String> gridIdList;
+
     /**
      * 部门id列表
      */
diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/OperationScopeDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/OperationScopeDTO.java
index 19e1111e96..35885d7f8c 100644
--- a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/OperationScopeDTO.java
+++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/OperationScopeDTO.java
@@ -48,6 +48,11 @@ public class OperationScopeDTO implements Serializable {
      */
 	private String scopeName;
 
+    /**
+     * 范围序号
+     */
+    private String scopeIndex;
+
     /**
      * 是否删除，0：未删除，1：已删除
      */
diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/LoginUserInfoResultDTO.java
similarity index 79%
rename from epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java
rename to epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/LoginUserInfoResultDTO.java
index d19ed3ff27..ee62b2d80e 100644
--- a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java
+++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/LoginUserInfoResultDTO.java
@@ -2,11 +2,10 @@ package com.epmet.dto.result;
 
 import lombok.Data;
 
-import javax.validation.constraints.NotBlank;
 import java.util.Set;
 
 @Data
-public class StaffPermCacheResultDTO {
+public class LoginUserInfoResultDTO {
 
     /**
      * 权限列表
@@ -33,4 +32,9 @@ public class StaffPermCacheResultDTO {
      */
     private String gridId;
 
+    /**
+     * 网格ID列表
+     */
+    private Set<String> gridIdList;
+
 }
diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java
index fbafb374e7..db971dcbb2 100644
--- a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java
+++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java
@@ -10,6 +10,11 @@ public class RoleOpeScopeResultDTO {
      */
     private String roleId;
 
+    /**
+     * 操作key
+     */
+    private String operationKey;
+
     /**
      * 范围key
      */
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java
index 2f9bdcb567..e017c63cf1 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java
@@ -6,9 +6,9 @@ import com.epmet.commons.tools.validator.ValidatorUtils;
 import com.epmet.dto.OperationScopeDTO;
 import com.epmet.dto.form.OperationScopeFormDTO;
 import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.result.LoginUserInfoResultDTO;
 import com.epmet.dto.result.RoleAccessSettingResultDTO;
 import com.epmet.dto.result.RoleOpeScopeResultDTO;
-import com.epmet.dto.result.StaffPermCacheResultDTO;
 import com.epmet.entity.OperationScopeEntity;
 import com.epmet.service.AccessService;
 import org.springframework.beans.BeanUtils;
@@ -53,23 +53,23 @@ public class AccessController {
     }
 
     /**
-     * 从缓存中查询用户当前权限列表(DataFilterAspect中用到)
+     * 从缓存中查询用户信息(DataFilterAspect中用到)
      * @return
      */
-    @PostMapping("getcurrpermissions")
-    public Result<StaffPermCacheResultDTO> getStaffCurrPermissions(@RequestBody StaffPermCacheFormDTO dto) {
+    @PostMapping("loginuserinfo")
+    public Result<LoginUserInfoResultDTO> getLoginUserInfo(@RequestBody StaffPermCacheFormDTO dto) {
         ValidatorUtils.validateEntity(dto, StaffPermCacheFormDTO.GetStaffCurrPermissions.class);
-        GovTokenDto govTokenDto = accessService.listStaffCurrPermissions(dto.getApp(), dto.getClient(), dto.getStaffId());
-        StaffPermCacheResultDTO resultDTO = null;
+        GovTokenDto govTokenDto = accessService.getUserDetails(dto.getApp(), dto.getClient(), dto.getStaffId());
+        LoginUserInfoResultDTO resultDTO = null;
         if (govTokenDto != null) {
-            resultDTO = new StaffPermCacheResultDTO();
-            resultDTO.setPermissions(govTokenDto.getPermissions());
+            resultDTO = new LoginUserInfoResultDTO();
             resultDTO.setRoleIdList(govTokenDto.getRoleIdList());
+            //resultDTO.setGridId(govTokenDto.getGridId());
             resultDTO.setOrgIdPath(govTokenDto.getOrgIdPath());
-            resultDTO.setGridId(govTokenDto.getGridId());
+            resultDTO.setGridIdList(govTokenDto.getGridIdList());
             resultDTO.setDeptIdList(govTokenDto.getDeptIdList());
         }
-        return new Result<StaffPermCacheResultDTO>().ok(resultDTO);
+        return new Result<LoginUserInfoResultDTO>().ok(resultDTO);
     }
 
     /**
@@ -83,6 +83,16 @@ public class AccessController {
         return new Result<Set<RoleOpeScopeResultDTO>>().ok(scopes);
     }
 
+    /**
+     * 查询角色所有operation及其范围(缓存)
+     * @return
+     */
+    @PostMapping("roleallopesandscopes/{roleId}")
+    public Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId) {
+        Set<RoleOpeScopeResultDTO> scopes = accessService.listAllRoleOperationScopesByRoleId(roleId);
+        return new Result<Set<RoleOpeScopeResultDTO>>().ok(scopes);
+    }
+
     /**
      * 查询角色的权限相关配置
      * @param roleId
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java
index 4ac02b7f91..1a3504ad7e 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java
@@ -44,4 +44,14 @@ public interface OperationScopeDao extends BaseDao<OperationScopeEntity> {
      */
     Set<RoleOpeScopeResultDTO> listOperationScopesByRoleId(@Param("roleId") String roleId,
                                             @Param("operationKey") String operationKey);
+
+    /**
+     * 查询角色所有operation及其范围
+     * @param roleId
+     */
+    Set<RoleOpeScopeResultDTO> listAllRoleOperationScopesByRoleId(String roleId);
+
+    String getDefaultScopeKeyForOperation(@Param("operationKey") String operationKey);
+
+    String getScopeIndexByScopeKey(@Param("scopeKey") String scopeKey);
 }
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java
index cd929c692d..6bcc3ed5ed 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java
@@ -29,6 +29,16 @@ public class RoleOpeScopeRedis {
         redisUtils.set(roleOpeScopesKey, scopes);
     }
 
+    /**
+     * 缓存角色所有的操作范围
+     * @param roleId
+     * @param scopes
+     */
+    public void setRoleAllOpeScopes(String roleId, Set<RoleOpeScopeResultDTO> scopes) {
+        String roleAllOpeScopesKey = RedisKeys.getRoleAllOpeScopesKey(roleId);
+        redisUtils.set(roleAllOpeScopesKey, scopes);
+    }
+
     /**
      * 查询角色操作范围
      * @param roleId
@@ -40,4 +50,14 @@ public class RoleOpeScopeRedis {
         return (Set<RoleOpeScopeResultDTO>)redisUtils.get(roleOpeScopesKey);
     }
 
+    /**
+     * 查询角色所有操作范围
+     * @param roleId
+     * @return
+     */
+    public Set<RoleOpeScopeResultDTO> getRoleAllOpeScopes(String roleId) {
+        String roleOpeScopesKey = RedisKeys.getRoleAllOpeScopesKey(roleId);
+        return (Set<RoleOpeScopeResultDTO>)redisUtils.get(roleOpeScopesKey);
+    }
+
 }
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java
index dcda2ebe7e..24fc47532c 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java
@@ -21,7 +21,7 @@ public interface AccessService {
      * 查询用户当前权限列表
      * @return
      */
-    GovTokenDto listStaffCurrPermissions(String app, String client, String staffId);
+    GovTokenDto getUserDetails(String app, String client, String staffId);
 
     /**
      * 查询角色的操作key对应操作范围列表
@@ -37,4 +37,11 @@ public interface AccessService {
      * @return
      */
     Map<String, String> listAccessSettings(String roleId);
+
+    /**
+     * 查询角色所有operation及其范围(缓存)
+     * @param roleId
+     * @return
+     */
+    Set<RoleOpeScopeResultDTO> listAllRoleOperationScopesByRoleId(String roleId);
 }
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
index 0249885536..19a0cc4616 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
@@ -10,6 +10,7 @@ import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.redis.RoleAccessSettingRedis;
 import com.epmet.redis.RoleOpeScopeRedis;
 import com.epmet.service.AccessService;
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -65,7 +66,7 @@ public class AccessServiceImpl implements AccessService {
     }
 
     @Override
-    public GovTokenDto listStaffCurrPermissions(String app, String client, String staffId) {
+    public GovTokenDto getUserDetails(String app, String client, String staffId) {
         return cpUserDetailRedis.get(app, client, staffId, GovTokenDto.class);
     }
 
@@ -111,4 +112,30 @@ public class AccessServiceImpl implements AccessService {
         }
         return settings;
     }
+
+    @Override
+    public Set<RoleOpeScopeResultDTO> listAllRoleOperationScopesByRoleId(String roleId) {
+        Set<RoleOpeScopeResultDTO> roleAllOpeScopes = roleOpeScopeRedis.getRoleAllOpeScopes(roleId);
+        if (roleAllOpeScopes == null) {
+            roleAllOpeScopes = new HashSet<>();
+            Set<RoleOpeScopeResultDTO> roleAllOpeScopesResult = operationScopeDao.listAllRoleOperationScopesByRoleId(roleId);
+            for (RoleOpeScopeResultDTO opeAndScope : roleAllOpeScopesResult) {
+                if (StringUtils.isBlank(opeAndScope.getScopeKey())) {
+                    // 没有人为配置scope，则使用角色默认配置
+                    String scopeKey = operationScopeDao.getDefaultScopeKeyForOperation(opeAndScope.getOperationKey());
+                    if (StringUtils.isNotBlank(scopeKey)) {
+                        String scopeIndex = operationScopeDao.getScopeIndexByScopeKey(scopeKey);
+                        opeAndScope.setScopeKey(scopeKey);
+                        opeAndScope.setScopeIndex(scopeIndex);
+                        roleAllOpeScopes.add(opeAndScope);
+                        // 有默认scope配置的才返回
+                    }
+                } else {
+                    roleAllOpeScopes.add(opeAndScope);
+                }
+            }
+            roleOpeScopeRedis.setRoleAllOpeScopes(roleId, roleAllOpeScopes);
+        }
+        return roleAllOpeScopes;
+    }
 }
diff --git a/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml
index 8b07df685d..032ebac635 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml
+++ b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml
@@ -27,5 +27,32 @@
           and os.DEL_FLAG = '0'
     </select>
 
+    <!--查询角色所有operation及其范围-->
+    <select id="listAllRoleOperationScopesByRoleId" resultType="com.epmet.dto.result.RoleOpeScopeResultDTO">
+        SELECT ope.ROLE_ID,
+               ope.OPERATION_KEY,
+               ro.SCOPE_KEY,
+               os.SCOPE_INDEX
+        FROM role_operation ope
+                 LEFT JOIN role_scope ro
+                           ON (ope.ROLE_ID = ro.ROLE_ID AND ope.OPERATION_KEY = ro.OPERATION_KEY AND ro.DEL_FLAG = 0)
+                 LEFT JOIN operation_scope os
+                           ON (ro.SCOPE_KEY = os.SCOPE_KEY)
+        WHERE ope.ROLE_ID = #{roleId}
+          AND ope.DEL_FLAG = 0
+    </select>
+
+    <select id="getDefaultScopeKeyForOperation" resultType="java.lang.String">
+        SELECT def.SCOPE_KEY
+        FROM operation_scope_default def
+        WHERE def.OPERATION_KEY = #{operationKey};
+    </select>
+
+    <select id="getScopeIndexByScopeKey" resultType="java.lang.String">
+        SELECT SCOPE_INDEX
+        FROM operation_scope scope
+        WHERE scope.SCOPE_KEY = #{scopeKey}
+    </select>
+
 
 </mapper>
\ No newline at end of file
diff --git a/epmet-module/gov-grid/gov-grid-server/docker-compose.yml b/epmet-module/gov-grid/gov-grid-server/docker-compose.yml
index 298855f42a..a05c005de8 100644
--- a/epmet-module/gov-grid/gov-grid-server/docker-compose.yml
+++ b/epmet-module/gov-grid/gov-grid-server/docker-compose.yml
@@ -2,7 +2,7 @@ version: "3.7"
 services:
   gov-grid-server:
     container_name: gov-grid-server-dev
-    image: registry-vpc.cn-qingdao.aliyuncs.com/epmet-cloud-dev/gov-grid-server:0.3.5
+    image: registry-vpc.cn-qingdao.aliyuncs.com/epmet-cloud-dev/gov-grid-server:0.3.6
     ports:
       - "8097:8097"
     network_mode: host # 使用现有网络
diff --git a/epmet-module/gov-grid/gov-grid-server/pom.xml b/epmet-module/gov-grid/gov-grid-server/pom.xml
index 2fba18c767..15f4c19976 100644
--- a/epmet-module/gov-grid/gov-grid-server/pom.xml
+++ b/epmet-module/gov-grid/gov-grid-server/pom.xml
@@ -3,7 +3,7 @@
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <version>0.3.5</version>
+    <version>0.3.6</version>
     <parent>
         <groupId>com.epmet</groupId>
         <artifactId>gov-grid</artifactId>
diff --git a/epmet-module/gov-grid/gov-grid-server/src/main/java/com/epmet/controller/ResiPartyMemberController.java b/epmet-module/gov-grid/gov-grid-server/src/main/java/com/epmet/controller/ResiPartyMemberController.java
index 86b3380ce0..c3cacb7575 100644
--- a/epmet-module/gov-grid/gov-grid-server/src/main/java/com/epmet/controller/ResiPartyMemberController.java
+++ b/epmet-module/gov-grid/gov-grid-server/src/main/java/com/epmet/controller/ResiPartyMemberController.java
@@ -3,6 +3,7 @@ package com.epmet.controller;
 import com.epmet.commons.tools.annotation.LoginUser;
 import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.commons.tools.validator.ValidatorUtils;
 import com.epmet.dto.form.AuditedPartyMemberFormDTO;
 import com.epmet.dto.form.AuditingPartyMemberFormDTO;
 import com.epmet.dto.form.CertifiedDetailFormDTO;
@@ -96,6 +97,7 @@ public class ResiPartyMemberController {
      */
     @PostMapping("audit")
     public Result manualConfirmResult(@RequestBody PartyMemberConfirmFromDTO fromDTO) {
+        ValidatorUtils.validateEntity(fromDTO);
         return resiPartyMemberService.manualConfirmResult(fromDTO);
     }
 
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java
index 8cb514ad3f..5d6b6e81ca 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java
@@ -2,7 +2,10 @@ package com.epmet.feign;
 
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.OperationScopeDTO;
+import com.epmet.dto.form.OperationScopeFormDTO;
 import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.dto.result.RoleOperationResultDTO;
 import com.epmet.feign.fallback.GovAccessFeignClientFallback;
 import org.springframework.cloud.openfeign.FeignClient;
@@ -11,11 +14,13 @@ import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 
 import java.util.List;
+import java.util.Set;
 
 /**
  * @Description
  * @Author sun
  */
+//url = "localhost:8099"
 @FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class)
 public interface GovAccessFeignClient {
 
@@ -34,4 +39,20 @@ public interface GovAccessFeignClient {
      */
     @PostMapping("/gov/access/access/updatepermissioncache")
     Result updatePermissionCache(@RequestBody StaffPermCacheFormDTO staffPermCacheFormDTO);
+
+    /**
+     * 查询角色的操作key对应操作范围列表
+     * @param operationScopeFormDTO
+     * @return
+     */
+    @PostMapping("/gov/access/access/operationscopes")
+    Result<Set<OperationScopeDTO>> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO);
+
+    /**
+     * 查询角色所有operation及其范围(缓存)
+     * @return
+     */
+    @PostMapping("/gov/access/access/roleallopesandscopes/{roleId}")
+    Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId);
+
 }
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java
index 45f0647c4b..f5ba8752e5 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java
@@ -56,6 +56,14 @@ public interface GovOrgFeignClient {
      * @param agencyId
      * @return
      */
-    @PostMapping("/gov/org/agency/{agencyId}")
+    @PostMapping("/gov/org/agency/agencybyid/{agencyId}")
     Result<CustomerAgencyDTO> getAgencyById(@PathVariable("agencyId") String agencyId);
+
+    /**
+     * 根据staffId查询所属的组织机构
+     * @param staffId
+     * @return
+     */
+    @PostMapping("/gov/org/agency/agencybystaff/{staffId}")
+    Result<CustomerAgencyDTO> getAgencyByStaff(@PathVariable("staffId") String staffId);
 }
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovAccessFeignClientFallback.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovAccessFeignClientFallback.java
index 3e9fc8e415..867f6cbf5c 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovAccessFeignClientFallback.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovAccessFeignClientFallback.java
@@ -3,13 +3,17 @@ package com.epmet.feign.fallback;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.OperationScopeDTO;
+import com.epmet.dto.form.OperationScopeFormDTO;
 import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.dto.result.RoleOperationResultDTO;
 import com.epmet.feign.GovAccessFeignClient;
 import org.springframework.stereotype.Component;
 import org.springframework.web.bind.annotation.RequestBody;
 
 import java.util.List;
+import java.util.Set;
 
 /**
  * @Description
@@ -32,4 +36,14 @@ public class GovAccessFeignClientFallback implements GovAccessFeignClient {
 	public Result updatePermissionCache(@RequestBody StaffPermCacheFormDTO staffPermCacheFormDTO) {
 		return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "updatePermissionCache");
 	}
+
+	@Override
+	public Result<Set<OperationScopeDTO>> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO) {
+		return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getOperationScopesByRoleId", operationScopeFormDTO);
+	}
+
+	@Override
+	public Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(String roleId) {
+		return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listRoleAllOperationScopesByRoleId", roleId);
+	}
 }
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallBack.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallBack.java
index 128f81bd50..c81a8c0451 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallBack.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallBack.java
@@ -34,6 +34,11 @@ public class GovOrgFeignClientFallBack implements GovOrgFeignClient {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getAgencyById", agencyId);
     }
 
+    @Override
+    public Result<CustomerAgencyDTO> getAgencyByStaff(String staffId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getAgencyByStaff", staffId);
+    }
+
     @Override
     public Result<LatestCustomerResultDTO> getLatestCustomer(String userId) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getLatestCustomer", userId);
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/AccessService.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/AccessService.java
index 9866ea9ffd..ef088f44dc 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/AccessService.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/AccessService.java
@@ -1,6 +1,5 @@
 package com.epmet.service;
 
-import java.util.List;
 import java.util.Set;
 
 /**
@@ -15,4 +14,5 @@ public interface AccessService {
      * @return
      */
     Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String agencyId, String gridId);
+    //Set<String> listOpeKeysByStaffIdBak(String app, String client, String staffId, String agencyId, String gridId);
 }
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
index 13340d53e1..1142b84700 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
@@ -1,28 +1,26 @@
 package com.epmet.service.impl;
 
+import com.epmet.commons.tools.constant.OpeScopeConstant;
 import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.RenException;
-import com.epmet.commons.tools.utils.CpUserDetailRedis;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.GovStaffRoleDTO;
-import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.OperationScopeDTO;
 import com.epmet.dto.form.StaffRoleFormDTO;
-import com.epmet.dto.result.RoleOperationResultDTO;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.feign.EpmetUserFeignClient;
 import com.epmet.feign.GovAccessFeignClient;
 import com.epmet.feign.GovOrgFeignClient;
 import com.epmet.service.AccessService;
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
 
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
+import java.util.*;
 
 @Service
 public class AccessServiceImpl implements AccessService {
@@ -38,6 +36,10 @@ public class AccessServiceImpl implements AccessService {
     @Autowired
     private GovOrgFeignClient govOrgFeignClient;
 
+    public static final String ORG_RELATION_SAME = "same";
+    public static final String ORG_RELATION_SUB = "sub";
+    public static final String ORG_RELATION_SUP = "sup";
+
     public List<GovStaffRoleDTO> queryGovStaffRoles(String staffId, String orgId) {
         List<GovStaffRoleDTO> roleDTOS = new ArrayList<>();
         StaffRoleFormDTO formDTO = new StaffRoleFormDTO();
@@ -51,55 +53,222 @@ public class AccessServiceImpl implements AccessService {
     }
 
     @Override
-    public Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String agencyId, String gridId) {
-        List<GovStaffRoleDTO> roleDTOS = new ArrayList<>();
+    public Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String currAgencyId, String currGridId) {
+
+        // 1.拿到所属组织机构信息
+        Result<CustomerAgencyDTO> agencyByStaffRst = govOrgFeignClient.getAgencyByStaff(staffId);
+        if (!agencyByStaffRst.success()) {
+            logger.error("根据StaffId查询所属单位出错,StaffId:{}, 错误信息:{}", staffId, agencyByStaffRst.getMsg());
+            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+        }
+        CustomerAgencyDTO belongAgency = agencyByStaffRst.getData();
+        if (belongAgency == null) {
+            logger.error("根据StaffId查询所属单位结果为空,StaffId:{}", staffId);
+            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+        }
+
+        // 2.拿到当前所处机关单位信息
+        Result<CustomerAgencyDTO> currAgencyRst = govOrgFeignClient.getAgencyById(currAgencyId);
+        CustomerAgencyDTO currAgencyDto = currAgencyRst.getData();
+        if (!currAgencyRst.success() || currAgencyDto == null) {
+            logger.error("根据当前机构id[{}]查询pids失败:{}", currAgencyId, currAgencyRst.getMsg());
+            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+        }
+
+        // 拿到该用户所属的组织机构的orgIdPath，拿到当前组织机构的orgIdPath，看当前组织机构的orgIdPath是否在用户所属的组织机构的orgIdPath下
+
         // 查询机关单位中的角色
-        roleDTOS.addAll(queryGovStaffRoles(staffId, agencyId));
-        // 查询网格中的角色
-        roleDTOS.addAll(queryGovStaffRoles(staffId, gridId));
+        List<GovStaffRoleDTO> roleDTOS = queryGovStaffRoles(staffId, belongAgency.getId());
 
         // 拼装操作key列表
-        Set<String> opeKeys = new HashSet<>();
+        //Set<String> opeKeys = new HashSet<>();
         // 角色ID列表
-        Set<String> roleIds = new HashSet<>();
+        //Set<String> roleIds = new HashSet<>();
+
+        // 当前组织和所属组织的orgId路径,以及他们的上下级关系
+        String belongOrgIdPath = getOrgIdPath(belongAgency);
+        String currOrgIdPath = getOrgIdPath(currAgencyDto);
+        String currOrgRelation = getCurrOrgRelation(belongOrgIdPath, currOrgIdPath);
+
+        HashSet<String> filtedOps = new HashSet<>();
         roleDTOS.forEach(roleDto -> {
             String roleId = roleDto.getId();
-            Result<List<RoleOperationResultDTO>> result = govAccessFeignClient.listOperationsByRoleId(roleId);
-            if (result.getCode() != 0) {
+            // 找出该角色的所有功能操作列表
+            Result<Set<RoleOpeScopeResultDTO>> result = govAccessFeignClient.listRoleAllOperationScopesByRoleId(roleId);
+            if (!result.success()) {
                 // 获取operation异常
                 logger.error("调用GovAccess，根据RoleId查询Operation列表失败:{}", result.getMsg());
                 throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
             }
-            List<RoleOperationResultDTO> roleOperations = result.getData();
-            // 角色id
-            roleIds.add(roleDto.getId());
-            if (!CollectionUtils.isEmpty(roleOperations)) {
-                roleOperations.forEach(roleOpe -> {
-                    if (roleOpe != null) {
-                        opeKeys.add(roleOpe.getOperationKey());
+            Set<RoleOpeScopeResultDTO> roleOperations = result.getData();
+            filtedOps.addAll(filterOpesByScope(currOrgRelation, roleOperations));
+        });
+        return filtedOps;
+    }
+
+    /**
+     * 根据上下级关系过滤出要返回的权限列表
+     *
+     * @param currOrgRelation
+     * @param roleOperations
+     * @return
+     */
+    private HashSet<String> filterOpesByScope(String currOrgRelation, Set<RoleOpeScopeResultDTO> roleOperations) {
+        HashSet<String> opeKeys = new HashSet<>();
+        roleOperations.stream().forEach(opeScope -> {
+            String scopeKey = opeScope.getScopeKey();
+            switch (currOrgRelation) {
+                case ORG_RELATION_SAME:// 就在所在机构下
+                    if (OpeScopeConstant.ORG_CURR.equals(scopeKey)
+                            || OpeScopeConstant.ORG_CURR_AND_SUB.equals(scopeKey)
+                            || OpeScopeConstant.ORG_CURR_AND_SUP.equals(scopeKey)) {
+                        opeKeys.add(opeScope.getOperationKey());
+                    }
+                    break;
+                case ORG_RELATION_SUB:// 所在机构的子级
+                    if (OpeScopeConstant.ORG_CURR_SUB.equals(scopeKey)
+                            || OpeScopeConstant.ORG_CURR_AND_SUB.equals(scopeKey)) {
+                        opeKeys.add(opeScope.getOperationKey());
+                    }
+                    break;
+                case ORG_RELATION_SUP:// 所在机构的上级
+                    if (OpeScopeConstant.ORG_CURR_SUP.equals(scopeKey)
+                            || OpeScopeConstant.ORG_CURR_AND_SUP.equals(scopeKey)) {
+                        opeKeys.add(opeScope.getOperationKey());
                     }
-                });
+                    break;
             }
         });
+        return opeKeys;
+    }
 
-        // 查询该直属机关的orgIdPath
-        Result<CustomerAgencyDTO> agencyById = govOrgFeignClient.getAgencyById(agencyId);
-        if (!agencyById.success() || agencyById.getData() == null) {
-            logger.error("根据当前机构id[{}]查询pids失败:{}", agencyId, agencyById.getMsg());
-            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+    /**
+     * 获取当前所处机关与所属机关的关系
+     */
+    private String getCurrOrgRelation(String belongOrgPath, String currAgencyPath) {
+        if (belongOrgPath.equals(currAgencyPath)) {
+            // 当前机关即该人员所属机关
+            return ORG_RELATION_SAME;
+        } else if (currAgencyPath.indexOf(belongOrgPath.concat(":")) > -1) {
+            // 说明当前所在机关是人员所属机关子级,只取出scope为sub的
+            return ORG_RELATION_SUB;
+        } else if (belongOrgPath.indexOf(currAgencyPath.concat(":")) > -1) {
+            // 说明当前所在机关是人员所属机关的上级
+            return ORG_RELATION_SUP;
         }
+        return belongOrgPath;
+    }
 
-        // 将最新权限缓存到redis，为了尽量统一操作入口，调用gov-access接口实现
-        StaffPermCacheFormDTO staffPermCacheFormDTO = new StaffPermCacheFormDTO();
-        staffPermCacheFormDTO.setApp(app);
-        staffPermCacheFormDTO.setClient(client);
-        staffPermCacheFormDTO.setStaffId(staffId);
-        staffPermCacheFormDTO.setPermissions(opeKeys);
-        staffPermCacheFormDTO.setRoleIdList(roleIds);
-        staffPermCacheFormDTO.setGridId(gridId);
-        // 拼接orgIdPath
-        staffPermCacheFormDTO.setOrgIdPath(String.format("%s:%s", agencyById.getData().getPids(), agencyId));
-        govAccessFeignClient.updatePermissionCache(staffPermCacheFormDTO);
-        return opeKeys;
+    /**
+     * 获取组织的orgId路径
+     */
+    public String getOrgIdPath(CustomerAgencyDTO agency) {
+        // 拼接单位ID全路径
+        if ("0".equals(agency.getPid())) {
+            // 顶级组织
+            return agency.getId();
+        } else {
+            return agency.getPids().concat(":").concat(agency.getId());
+        }
+    }
+
+    //private boolean filterCurrOrgKeysByScope(Set<String> roleIds, String opeKey) {
+    //    for (String roleId : roleIds) {
+    //        Result<Set<RoleOpeScopeResultDTO>> result = govAccessFeignClient.listRoleAllOperationScopesByRoleId(roleId);
+    //        if (!result.success()) {
+    //            continue;
+    //        }
+    //        Set<RoleOpeScopeResultDTO> scopeDTOS = result.getData();
+    //        Set<String> scopeKeys = scopeDTOS.stream()
+    //                .filter(scope -> scope.getScopeKey().equals(opeKey))
+    //                .map(scope -> scope.getScopeKey())
+    //                .collect(Collectors.toSet());
+    //        if (scopeKeys.contains(OpeScopeConstant.ORG_CURR)
+    //                || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUB)
+    //                || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUP)) {
+    //            return true;
+    //        }
+    //    }
+    //    return false;
+    //}
+
+    //private boolean filterSubOrgKeysByScope(Set<String> roleIds, String opeKey) {
+    //    for (String roleId : roleIds) {
+    //        OperationScopeFormDTO opeScopeFormDTO = new OperationScopeFormDTO();
+    //        opeScopeFormDTO.setRoleId(roleId);
+    //        opeScopeFormDTO.setOperationKey(opeKey);
+    //        Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(opeScopeFormDTO);
+    //        if (!result.success()) {
+    //            continue;
+    //        }
+    //
+    //        Set<OperationScopeDTO> scopeDTOS = result.getData();
+    //        Set<String> scopeKeys = scopeDTOS.stream().map(scope -> scope.getScopeKey()).collect(Collectors.toSet());
+    //        if (scopeKeys.contains(OpeScopeConstant.ORG_CURR_SUB)
+    //                || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUB)) {
+    //            return true;
+    //        }
+    //    }
+    //    return false;
+    //}
+
+    //private boolean filterSupOrgKeysByScope(Set<String> roleIds, String opeKey) {
+    //    for (String roleId : roleIds) {
+    //        OperationScopeFormDTO opeScopeFormDTO = new OperationScopeFormDTO();
+    //        opeScopeFormDTO.setRoleId(roleId);
+    //        opeScopeFormDTO.setOperationKey(opeKey);
+    //        Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(opeScopeFormDTO);
+    //        if (!result.success()) {
+    //            continue;
+    //        }
+    //
+    //        Set<OperationScopeDTO> scopeDTOS = result.getData();
+    //        Set<String> scopeKeys = scopeDTOS.stream().map(scope -> scope.getScopeKey()).collect(Collectors.toSet());
+    //        if (scopeKeys.contains(OpeScopeConstant.ORG_CURR_SUP)
+    //                || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUP)) {
+    //            return true;
+    //        }
+    //    }
+    //    return false;
+    //}
+
+    /**
+     * 过滤有效范围
+     *
+     * @param scopeDTOS
+     * @return
+     */
+    private HashSet<String> filteScopes(Set<OperationScopeDTO> scopeDTOS) {
+        HashMap<String, OperationScopeDTO> filtedScopes = new HashMap<>();
+
+        for (OperationScopeDTO scope : scopeDTOS) {
+            String scopeIndex = scope.getScopeIndex();
+            if (StringUtils.isBlank(scopeIndex)) {
+                continue;
+            }
+            String[] currArr = scopeIndex.split("_");
+            if ("0".equals(currArr[1])) {
+                // 为0，说明没有包含关系，直接放入
+                filtedScopes.put(scopeIndex, scope);
+                continue;
+            }
+
+            OperationScopeDTO tempScope = filtedScopes.get(currArr[0]);
+            if (tempScope != null) {
+                // 已经有ac开头的了
+                String tempScopeIndex = tempScope.getScopeIndex();
+                if (Integer.valueOf(currArr[1]) < Integer.valueOf(tempScopeIndex.split("_")[1])) {
+                    filtedScopes.put(currArr[0], scope);
+                }
+            } else {
+                filtedScopes.put(currArr[0], scope);
+            }
+        }
+        HashSet<String> scopeStrs = new HashSet<>();
+        Set<Map.Entry<String, OperationScopeDTO>> entries = filtedScopes.entrySet();
+        for (Map.Entry<String, OperationScopeDTO> entry : entries) {
+            scopeStrs.add(entry.getValue().getScopeKey());
+        }
+        return scopeStrs;
     }
 }
diff --git a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddAgencyFormDTO.java b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddAgencyFormDTO.java
index 1e7cd65f80..0e64901007 100644
--- a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddAgencyFormDTO.java
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddAgencyFormDTO.java
@@ -18,6 +18,7 @@
 package com.epmet.dto.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.NotNull;
@@ -44,6 +45,7 @@ public class AddAgencyFormDTO implements Serializable {
      * 机构组织名称
      */
     @NotBlank(message = "组织名称不能为空")
+    @Length(max=50,message = "机构名称不能超过50个字")
     private String agencyName;
 
     /**
@@ -54,30 +56,35 @@ public class AddAgencyFormDTO implements Serializable {
      * 省级:province） 机关级别（社区级：community，乡（镇、街道）级:street,区县级: district,市级: city省级:province）
      */
     @NotBlank(message = "机关级别不能为空")
+    @Length(max=30,message = "机关类别不能超过30个字")
     private String level;
 
     /**
      * 地区编码
      */
     @NotBlank(message = "地区编码不能为空")
+    @Length(max=10,message = "地区编码不能超过10位")
     private String areaCode;
 
     /**
      * 省份
      */
     @NotBlank(message = "省级名称不能为空")
+    @Length(max=30,message = "省份名称不能超过30个字")
     private String province;
 
     /**
      * 城市
      */
     @NotBlank(message = "市级名称不能为空")
+    @Length(max=30,message = "市级名称不能超过30个字")
     private String city;
 
     /**
      * 区县
      */
     @NotBlank(message = "区县名称不能为空")
+    @Length(max=30,message = "区县名称不能超过30个字")
     private String district;
 
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentFormDTO.java b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentFormDTO.java
index e03ad75034..30f74015ca 100644
--- a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentFormDTO.java
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentFormDTO.java
@@ -17,6 +17,7 @@ package com.epmet.dto.form;
  */
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
@@ -41,12 +42,14 @@ public class AddDepartmentFormDTO implements Serializable {
      * 部门名称
      */
     @NotBlank(message = "部门名称不能为空")
+    @Length(max=120,message = "部门名称不能超过120个字")
     private String departmentName;
 
     /**
      * 部门职责
      */
     @NotBlank(message = "部门职责不能为空")
+    @Length(max=250,message = "部门职责不能超过250个字")
     private String departmentDuty;
 
 
diff --git a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/EditAgencyFormDTO.java b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/EditAgencyFormDTO.java
index 6cc332a6e7..276099576a 100644
--- a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/EditAgencyFormDTO.java
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/EditAgencyFormDTO.java
@@ -18,6 +18,7 @@
 package com.epmet.dto.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
@@ -43,6 +44,7 @@ public class EditAgencyFormDTO implements Serializable {
      * 机关组织名称
      */
     @NotBlank(message = "机关组织名称不能为空")
+    @Length(max=50,message = "机构名称不能超过50个字")
     private String agencyName;
 
     /**
diff --git a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/EditDepartmentFormDTO.java b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/EditDepartmentFormDTO.java
index 949ac45ace..d87c0081a0 100644
--- a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/EditDepartmentFormDTO.java
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/EditDepartmentFormDTO.java
@@ -18,6 +18,7 @@
 package com.epmet.dto.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
@@ -43,12 +44,14 @@ public class EditDepartmentFormDTO implements Serializable {
      * 部门名称
      */
     @NotBlank(message = "部门名称不能为空")
+    @Length(max=120,message = "部门名称不能超过120个字")
     private String departmentName;
 
     /**
      * 部门职责
      */
     @NotBlank(message = "部门职责不能为空")
+    @Length(max=250,message = "部门职责不能超过250个字")
     private String departmentDuty;
 
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/StaffSubmitFromDTO.java b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/StaffSubmitFromDTO.java
index 0f368af813..f1b99c26a8 100644
--- a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/StaffSubmitFromDTO.java
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/StaffSubmitFromDTO.java
@@ -2,8 +2,11 @@ package com.epmet.dto.form;
 
 import lombok.Data;
 import lombok.NoArgsConstructor;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Pattern;
 import java.io.Serializable;
 import java.util.List;
 
@@ -33,16 +36,18 @@ public class StaffSubmitFromDTO implements Serializable {
 	 * 姓名
 	 */
 	@NotBlank(message = "姓名不能为空")
+	@Length(max = 5, message = "姓名不能超过5个字符")
 	private String name;
 	/**
 	 * 手机
 	 */
 	@NotBlank(message = "手机号不能为空")
+	@Pattern(regexp = "^[1][3,4,5,6,7,8,9][0-9]{9}$", message = "手机号格式有误")
 	private String mobile;
 	/**
 	 * 性别
 	 */
-	@NotBlank(message = "性别不能为空")
+	@NotNull(message = "性别不能为空")
 	private Integer gender;
 	/**
 	 * 专兼职
@@ -52,7 +57,7 @@ public class StaffSubmitFromDTO implements Serializable {
 	/**
 	 * 角色id列表
 	 */
-	@NotBlank(message = "角色不能为空")
+	@NotNull(message = "角色不能为空")
 	private List<String> roles;
 	/**
 	 * 来源app(政府端:gov、居民端:resi、运营端:oper)
diff --git a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/result/GridByStaffResultDTO.java b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/result/GridByStaffResultDTO.java
new file mode 100644
index 0000000000..5c4eab1c1b
--- /dev/null
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/result/GridByStaffResultDTO.java
@@ -0,0 +1,11 @@
+package com.epmet.dto.result;
+
+import lombok.Data;
+
+@Data
+public class GridByStaffResultDTO {
+
+    private String gridId;
+    private String gridName;
+
+}
diff --git a/epmet-module/gov-org/gov-org-server/docker-compose.yml b/epmet-module/gov-org/gov-org-server/docker-compose.yml
index 1c3d05d4a4..410c3767d7 100644
--- a/epmet-module/gov-org/gov-org-server/docker-compose.yml
+++ b/epmet-module/gov-org/gov-org-server/docker-compose.yml
@@ -2,7 +2,7 @@ version: "3.7"
 services:
   gov-org-server:
     container_name: gov-org-server-dev
-    image: registry-vpc.cn-qingdao.aliyuncs.com/epmet-cloud-dev/gov-org-server:0.3.18
+    image: registry-vpc.cn-qingdao.aliyuncs.com/epmet-cloud-dev/gov-org-server:0.3.20
     ports:
       - "8092:8092"
     network_mode: host # 使用现有网络
diff --git a/epmet-module/gov-org/gov-org-server/pom.xml b/epmet-module/gov-org/gov-org-server/pom.xml
index 990b4e3355..0211983cad 100644
--- a/epmet-module/gov-org/gov-org-server/pom.xml
+++ b/epmet-module/gov-org/gov-org-server/pom.xml
@@ -2,7 +2,7 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <version>0.3.18</version>
+    <version>0.3.20</version>
     <parent>
         <groupId>com.epmet</groupId>
         <artifactId>gov-org</artifactId>
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/AgencyController.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/AgencyController.java
index 6f554aa48c..184dfc1a87 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/AgencyController.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/AgencyController.java
@@ -126,7 +126,7 @@ public class AgencyController {
      * @param agencyId
      * @return
      */
-    @PostMapping("{agencyId}")
+    @PostMapping("agencybyid/{agencyId}")
     public Result<CustomerAgencyDTO> getAgencyById(@PathVariable("agencyId") String agencyId) {
         CustomerAgencyEntity agency = agencyService.getAgencyById(agencyId);
         CustomerAgencyDTO customerAgencyDTO = new CustomerAgencyDTO();
@@ -134,6 +134,22 @@ public class AgencyController {
             BeanUtils.copyProperties(agency, customerAgencyDTO);
             return new Result<CustomerAgencyDTO>().ok(customerAgencyDTO);
         }
+        return new Result<>();
+    }
+
+    /**
+     * 根据staffId查询
+     * @param staffId
+     * @return
+     */
+    @PostMapping("agencybystaff/{staffId}")
+    public Result<CustomerAgencyDTO> getAgencyByStaff(@PathVariable("staffId") String staffId) {
+        CustomerAgencyEntity agencyEntity = agencyService.getAgencyByStaff(staffId);
+        CustomerAgencyDTO customerAgencyDTO = new CustomerAgencyDTO();
+        if (agencyEntity != null) {
+            BeanUtils.copyProperties(agencyEntity, customerAgencyDTO);
+            return new Result<CustomerAgencyDTO>().ok(customerAgencyDTO);
+        }
         return new Result<CustomerAgencyDTO>();
     }
 
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/GridController.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/GridController.java
index 553644d00a..c1d0b48b40 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/GridController.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/GridController.java
@@ -5,18 +5,11 @@ import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.form.*;
 import com.epmet.commons.tools.validator.ValidatorUtils;
-import com.epmet.dto.result.AddGridResultDTO;
-import com.epmet.dto.result.CommonStaffInfoResultDTO;
-import com.epmet.dto.result.GridBaseInfoResultDTO;
-import com.epmet.dto.result.GridDetailResultDTO;
-import com.epmet.dto.result.GridListInfoResultDTO;
+import com.epmet.dto.result.*;
 import com.epmet.service.CustomerGridService;
 import com.epmet.service.CustomerStaffAgencyService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
 
@@ -141,4 +134,15 @@ public class GridController {
         ValidatorUtils.validateEntity(tokenDto);
         return customerGridService.removeGridStaff(commonGridStaffInfoFormDTO);
     }
+
+    /**
+     * 查询工作人员所有的网格
+     * @param staffId
+     * @return
+     */
+    @PostMapping("gridsbystaffid/{staffId}")
+    public Result<List<GridByStaffResultDTO>> listGridsbystaffid(@PathVariable("staffId") String staffId) {
+        List<GridByStaffResultDTO> grids = customerGridService.listGridsbystaffid(staffId);
+        return new Result<List<GridByStaffResultDTO>>().ok(grids);
+    }
 }
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/StaffController.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/StaffController.java
index 79da9b903b..1b8f109082 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/StaffController.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/StaffController.java
@@ -5,12 +5,14 @@ package com.epmet.controller;
 import com.epmet.commons.tools.annotation.LoginUser;
 import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.commons.tools.validator.ValidatorUtils;
 import com.epmet.dto.form.StaffInfoFromDTO;
 import com.epmet.dto.form.StaffSubmitFromDTO;
 import com.epmet.dto.form.StaffsInAgencyFromDTO;
 import com.epmet.dto.result.*;
 import com.epmet.service.StaffService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -81,6 +83,7 @@ public class StaffController {
 	 */
 	@PostMapping("addstaff")
 	public Result addStaff(@LoginUser TokenDto tokenDto, @RequestBody StaffSubmitFromDTO fromDTO){
+		ValidatorUtils.validateEntity(fromDTO);
 		return staffService.addStaff(tokenDto, fromDTO);
 	}
 
@@ -92,6 +95,7 @@ public class StaffController {
 	 */
 	@PostMapping("editstaff")
 	public Result editStaff(@LoginUser TokenDto tokenDto, @RequestBody StaffSubmitFromDTO fromDTO){
+		ValidatorUtils.validateEntity(fromDTO);
 		return staffService.editStaff(tokenDto, fromDTO);
 	}
 
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerAgencyDao.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerAgencyDao.java
index 21c535f730..bf68fc2458 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerAgencyDao.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerAgencyDao.java
@@ -78,6 +78,8 @@ public interface CustomerAgencyDao extends BaseDao<CustomerAgencyEntity> {
      **/
     List<CustomerAgencyDTO> selectFindList(CustomerAgencyDTO customerAgencyDTO);
 
+    CustomerAgencyEntity getAgencyByStaffId(@Param("staffId") String staffId);
+
     /**
      * @Description 根据agencyId查询地区编码
      * @param agencyId 所属机关id
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerGridDao.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerGridDao.java
index ecbdbbbad3..a8c6aeb6d0 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerGridDao.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerGridDao.java
@@ -21,20 +21,15 @@ import com.epmet.commons.mybatis.dao.BaseDao;
 import com.epmet.dto.UserIdAndPidDTO;
 import com.epmet.dto.form.ListCustomerGridFormDTO;
 import com.epmet.dto.form.SelectGridNameByGridIdFormDTO;
-import com.epmet.dto.result.CustomerGridForStrangerResultDTO;
+import com.epmet.dto.result.*;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.CustomerGridDTO;
 import com.epmet.dto.CustomerStaffGridDTO;
 import com.epmet.dto.UserIdDTO;
 import com.epmet.dto.form.CustomerGridFormDTO;
-import com.epmet.dto.result.SelectGridNameByGridIdResultDTO;
 import com.epmet.dto.form.DeleteGridFormDTO;
 import com.epmet.dto.form.ListCustomerGridFormDTO;
-import com.epmet.dto.result.AddGridResultDTO;
-import com.epmet.dto.result.CustomerGridByUserIdResultDTO;
 import com.epmet.dto.result.CustomerGridForStrangerResultDTO;
-import com.epmet.dto.result.GridDetailResultDTO;
-import com.epmet.dto.result.GridBaseInfoResultDTO;
 import com.epmet.entity.CustomerGridEntity;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Param;
@@ -165,4 +160,6 @@ public interface CustomerGridDao extends BaseDao<CustomerGridEntity> {
      * @Date 2020.04.23 15:30
      **/
     List<GridBaseInfoResultDTO> selectGridListByAgencyId(@Param("agencyId")String agencyId,@Param("pageSize")Integer pageSize);
+
+    List<GridByStaffResultDTO> listGridsbystaffid(@Param("staffId") String staffId);
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/AgencyService.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/AgencyService.java
index d09e56ba05..0f19dac336 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/AgencyService.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/AgencyService.java
@@ -88,4 +88,6 @@ public interface AgencyService {
      * @return
      */
     CustomerAgencyEntity getAgencyById(String agencyId);
+
+    CustomerAgencyEntity getAgencyByStaff(String staffId);
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/CustomerGridService.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/CustomerGridService.java
index 76459d1de6..477780c4bd 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/CustomerGridService.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/CustomerGridService.java
@@ -31,10 +31,8 @@ import com.epmet.dto.form.SelectGridNameByGridIdFormDTO;
 import com.epmet.dto.result.CustomerGridForStrangerResultDTO;
 import com.epmet.dto.result.SelectGridNameByGridIdResultDTO;
 import com.epmet.dto.result.GridInfoResultDTO;
-import com.epmet.dto.result.GridInfoResultDTO;
 import com.epmet.dto.result.*;
 import com.epmet.entity.CustomerGridEntity;
-import org.springframework.web.bind.annotation.RequestBody;
 
 import java.util.List;
 import java.util.Map;
@@ -219,4 +217,6 @@ public interface CustomerGridService extends BaseService<CustomerGridEntity> {
      * @Description 根据网格id查询所属组织信息、根据网格Id查询网格下所有工作人员列表
      **/
     Result<AgencyAndStaffsResultDTO> getAgencyAndStaffsBygridId(String gridId);
+
+    List<GridByStaffResultDTO> listGridsbystaffid(String staffId);
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/AgencyServiceImpl.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/AgencyServiceImpl.java
index ea5cee6df4..72b95f4181 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/AgencyServiceImpl.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/AgencyServiceImpl.java
@@ -244,4 +244,9 @@ public class AgencyServiceImpl implements AgencyService {
     public CustomerAgencyEntity getAgencyById(String agencyId) {
         return customerAgencyDao.selectById(agencyId);
     }
+
+    @Override
+    public CustomerAgencyEntity getAgencyByStaff(String staffId) {
+        return customerAgencyDao.getAgencyByStaffId(staffId);
+    }
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerGridServiceImpl.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerGridServiceImpl.java
index 38a3c8691e..3a1cdfa37d 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerGridServiceImpl.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerGridServiceImpl.java
@@ -37,7 +37,6 @@ import com.epmet.dto.form.*;
 import com.epmet.dto.result.*;
 import com.epmet.entity.CustomerGridEntity;
 import com.epmet.feign.EpmetUserFeignClient;
-import com.epmet.resi.partymember.dto.warmhearted.form.ResiWarmheartedFormDTO;
 import com.epmet.service.CustomerAgencyService;
 import com.epmet.service.CustomerGridService;
 import com.epmet.service.CustomerStaffGridService;
@@ -506,4 +505,9 @@ public class CustomerGridServiceImpl extends BaseServiceImpl<CustomerGridDao, Cu
         agencyAndStaffsResultDTO.setStaffList(staffList);
         return result.ok(agencyAndStaffsResultDTO);
     }
+
+    @Override
+    public List<GridByStaffResultDTO> listGridsbystaffid(String staffId) {
+        return baseDao.listGridsbystaffid(staffId);
+    }
 }
diff --git a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml
index 1e40ebb4b8..b288726eda 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml
+++ b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml
@@ -95,4 +95,11 @@
             id = #{agencyId}
             AND del_flag = 0
     </select>
+
+    <select id="getAgencyByStaffId" resultType="com.epmet.entity.CustomerAgencyEntity">
+        SELECT ca.*
+        FROM customer_staff_agency csa
+               INNER JOIN customer_agency ca ON (csa.AGENCY_ID = ca.ID)
+        WHERE csa.USER_ID = #{staffId}
+    </select>
 </mapper>
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerGridDao.xml b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerGridDao.xml
index 7fc3e1beaf..fb9dcf6ae0 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerGridDao.xml
+++ b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerGridDao.xml
@@ -253,4 +253,13 @@
         </where>
     </select>
 
+    <select id="listGridsbystaffid" resultType="com.epmet.dto.result.GridByStaffResultDTO">
+        SELECT g.ID as gridId, g.GRID_NAME as gridName
+        FROM customer_staff_grid sg
+                 INNER JOIN customer_grid g ON (sg.GRID_ID = g.ID)
+        WHERE sg.DEL_FLAG = '0'
+          AND g.DEL_FLAG = '0'
+          AND sg.USER_ID = #{staffId}
+    </select>
+
 </mapper>
\ No newline at end of file
diff --git a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/form/PartyMemberConfirmFromDTO.java b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/form/PartyMemberConfirmFromDTO.java
index a530da6850..2c891284da 100644
--- a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/form/PartyMemberConfirmFromDTO.java
+++ b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/form/PartyMemberConfirmFromDTO.java
@@ -1,7 +1,9 @@
 package com.epmet.resi.partymember.dto.partymember.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
+import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
 
 /**
@@ -30,10 +32,12 @@ public class PartyMemberConfirmFromDTO implements Serializable {
 	/**
 	 * 审核状态 yes,no
 	 */
+	@NotBlank(message = "审核状态不能为空")
 	private String partyMemberFlag;
 
 	/**
 	 * 审核理由
 	 */
+	@Length(max = 50, message = "审核理由不超过50字")
 	private String reason;
 }
diff --git a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/result/AutoFailedDetailResultDTO.java b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/result/AutoFailedDetailResultDTO.java
index 7000c5f240..41719226dc 100644
--- a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/result/AutoFailedDetailResultDTO.java
+++ b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/result/AutoFailedDetailResultDTO.java
@@ -4,6 +4,7 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 
 import java.io.Serializable;
+import java.util.List;
 
 /**
  * @author zhaoqifeng
@@ -45,5 +46,5 @@ public class AutoFailedDetailResultDTO implements Serializable {
 	/**
 	 * 自动审核失败原因以逗号隔开
 	 */
-	private String failedReason;
+	private List<String> failedReason;
 }
diff --git a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/result/RejectedDetailResultDTO.java b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/result/RejectedDetailResultDTO.java
index 275490c991..9018117429 100644
--- a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/result/RejectedDetailResultDTO.java
+++ b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/partymember/result/RejectedDetailResultDTO.java
@@ -4,6 +4,7 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 
 import java.io.Serializable;
+import java.util.List;
 
 /**
  * @author zhaoqifeng
@@ -62,5 +63,5 @@ public class RejectedDetailResultDTO implements Serializable {
 	/**
 	 * 自动审核失败的原因
 	 */
-	private String failedReason;
+	private List<String> failedReason;
 }
diff --git a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/.gitkeep b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/.gitkeep
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmAuditRejectFormDTO.java b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmAuditRejectFormDTO.java
index 6f19739bcc..1903c65c93 100644
--- a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmAuditRejectFormDTO.java
+++ b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmAuditRejectFormDTO.java
@@ -18,6 +18,7 @@
 package com.epmet.resi.partymember.dto.warmhearted.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
@@ -42,6 +43,7 @@ public class ResiWarmAuditRejectFormDTO implements Serializable {
      * 驳回理由
      */
     @NotBlank(message = "驳回理由不能为空")
+    @Length(max=300,message = "驳回理由不能超过300个字")
     private String refuseReason;
 
     /**
diff --git a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmheartedFormDTO.java b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmheartedFormDTO.java
index 0b33c41cdd..71886ade06 100644
--- a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmheartedFormDTO.java
+++ b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmheartedFormDTO.java
@@ -18,6 +18,7 @@
 package com.epmet.resi.partymember.dto.warmhearted.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
@@ -48,6 +49,7 @@ public class ResiWarmheartedFormDTO implements Serializable {
      * 访问来源 指的是用户点的那个功能进入到的注册页面，就是一个功能模块的Id（value:feature+action）
      */
     @NotBlank(message = "访问来源不能为空")
+    @Length(max=120,message = "访问来源不能超过120个字")
     private String visitFrom;
 
     /**
diff --git a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmheartedSubmitFormDTO.java b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmheartedSubmitFormDTO.java
index 7ce698f0af..38497917d8 100644
--- a/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmheartedSubmitFormDTO.java
+++ b/epmet-module/resi-partymember/resi-partymember-client/src/main/java/com/epmet/resi/partymember/dto/warmhearted/form/ResiWarmheartedSubmitFormDTO.java
@@ -18,6 +18,7 @@
 package com.epmet.resi.partymember.dto.warmhearted.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
@@ -54,6 +55,7 @@ public class ResiWarmheartedSubmitFormDTO implements Serializable {
      * 申请理由(300字)
      */
     @NotBlank(message = "申请理由不能为空")
+    @Length(max=300,message = "申请理由不能超过300个字")
     private String reason;
 
     /**
diff --git a/epmet-module/resi-partymember/resi-partymember-server/docker-compose.yml b/epmet-module/resi-partymember/resi-partymember-server/docker-compose.yml
index 793ece847d..4860db4369 100644
--- a/epmet-module/resi-partymember/resi-partymember-server/docker-compose.yml
+++ b/epmet-module/resi-partymember/resi-partymember-server/docker-compose.yml
@@ -2,7 +2,7 @@ version: "3.7"
 services:
   resi-partymember-server:
     container_name: resi-partymember-server-dev
-    image: registry-vpc.cn-qingdao.aliyuncs.com/epmet-cloud-dev/resi-partymember-server:0.3.5
+    image: registry-vpc.cn-qingdao.aliyuncs.com/epmet-cloud-dev/resi-partymember-server:0.3.6
     ports:
       - "8096:8096"
     network_mode: host # 使用现有网络
diff --git a/epmet-module/resi-partymember/resi-partymember-server/pom.xml b/epmet-module/resi-partymember/resi-partymember-server/pom.xml
index a367d99068..611ffc22f0 100644
--- a/epmet-module/resi-partymember/resi-partymember-server/pom.xml
+++ b/epmet-module/resi-partymember/resi-partymember-server/pom.xml
@@ -2,7 +2,7 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <version>0.3.5</version>
+    <version>0.3.6</version>
     <parent>
         <groupId>com.epmet</groupId>
         <artifactId>resi-partymember</artifactId>
diff --git a/epmet-module/resi-partymember/resi-partymember-server/src/main/java/com/epmet/modules/partymember/service/impl/PartyMemberConfirmServiceImpl.java b/epmet-module/resi-partymember/resi-partymember-server/src/main/java/com/epmet/modules/partymember/service/impl/PartyMemberConfirmServiceImpl.java
index 50658337d2..6718a6fb72 100644
--- a/epmet-module/resi-partymember/resi-partymember-server/src/main/java/com/epmet/modules/partymember/service/impl/PartyMemberConfirmServiceImpl.java
+++ b/epmet-module/resi-partymember/resi-partymember-server/src/main/java/com/epmet/modules/partymember/service/impl/PartyMemberConfirmServiceImpl.java
@@ -372,27 +372,29 @@ public class PartyMemberConfirmServiceImpl implements PartyMemberConfirmService
 		resultDTO.setIdCard(partyMemberInfo.getIdCard());
 		resultDTO.setMobile(partyMemberInfo.getMobile());
 		resultDTO.setAddress(partyMemberInfo.getStreet() + partyMemberInfo.getEstate() + partyMemberInfo.getBuilding());
-		String failedReason = "";
+		List<String> failedReason = new ArrayList<>();
 		if (null != fromDTO.getAutoId() && !fromDTO.getAutoId().isEmpty()) {
 			PartymemberConfirmAutoEntity autoEntity = partymemberConfirmAutoService.selectById(fromDTO.getAutoId());
 			resultDTO.setCertifyTime(autoEntity.getContrastTime().getTime());
 			if (PartyMemberConstant.SAME.equals(autoEntity.getMobileResult())) {
-				failedReason = failedReason + "手机号匹配,";
+				failedReason.add("手机号匹配");
 			} else {
-				failedReason = failedReason + "手机号未匹配,";
+				failedReason.add("手机号未匹配");
 			}
 			if (PartyMemberConstant.SAME.equals(autoEntity.getIdCardResult())) {
-				failedReason = failedReason + "身份证匹配,";
+				failedReason.add("身份证匹配");
 			} else {
-				failedReason = failedReason + "身份证未匹配,";
+				failedReason.add("身份证未匹配");
 			}
 			if (PartyMemberConstant.SAME.equals(autoEntity.getNameResult())) {
-				failedReason = failedReason + "姓名匹配";
+				failedReason.add("姓名匹配");
 			} else {
-				failedReason = failedReason + "姓名未匹配";
+				failedReason.add("姓名未匹配");
 			}
 		} else {
-			failedReason = "手机号未匹配,身份证未匹配，姓名未匹配";
+			failedReason.add("手机号未匹配");
+			failedReason.add("身份证未匹配");
+			failedReason.add("姓名未匹配");
 			resultDTO.setCertifyTime(partyMemberInfo.getUpdatedTime().getTime());
 		}
 		resultDTO.setFailedReason(failedReason);
@@ -423,26 +425,28 @@ public class PartyMemberConfirmServiceImpl implements PartyMemberConfirmService
 		resultDTO.setExtraOrganization(partyMemberInfo.getExtraOrganization());
 		resultDTO.setContactMobile(partyMemberInfo.getExtraCertifierMobile() == null ? "" : partyMemberInfo.getExtraCertifierMobile());
 		resultDTO.setContactPeople(partyMemberInfo.getExtraCertifierName() == null ? "" : partyMemberInfo.getExtraCertifierName());
-		String failedReason ="";
+		List<String> failedReason = new ArrayList<>();
 		if (null != fromDTO.getAutoId() && !fromDTO.getAutoId().isEmpty()) {
 			PartymemberConfirmAutoEntity autoEntity = partymemberConfirmAutoService.selectById(fromDTO.getAutoId());
 			if (PartyMemberConstant.SAME.equals(autoEntity.getMobileResult())) {
-				failedReason = failedReason + "手机号匹配,";
+				failedReason.add("手机号匹配");
 			} else {
-				failedReason = failedReason + "手机号未匹配,";
+				failedReason.add("手机号未匹配");
 			}
 			if (PartyMemberConstant.SAME.equals(autoEntity.getIdCardResult())) {
-				failedReason = failedReason + "身份证匹配,";
+				failedReason.add("身份证匹配");
 			} else {
-				failedReason = failedReason + "身份证未匹配,";
+				failedReason.add("身份证未匹配");
 			}
 			if (PartyMemberConstant.SAME.equals(autoEntity.getNameResult())) {
-				failedReason = failedReason + "姓名匹配";
+				failedReason.add("姓名匹配");
 			} else {
-				failedReason = failedReason + "姓名未匹配";
+				failedReason.add("姓名未匹配");
 			}
 		} else {
-			failedReason = "手机号未匹配,身份证未匹配，姓名未匹配";
+			failedReason.add("手机号未匹配");
+			failedReason.add("身份证未匹配");
+			failedReason.add("姓名未匹配");
 		}
 		resultDTO.setFailedReason(failedReason);
 		//获取人工审核信息
diff --git a/epmet-module/resi-partymember/resi-partymember-server/src/main/java/com/epmet/modules/partymember/service/impl/PartymemberInfoServiceImpl.java b/epmet-module/resi-partymember/resi-partymember-server/src/main/java/com/epmet/modules/partymember/service/impl/PartymemberInfoServiceImpl.java
index 741f2c505b..56dc878bc9 100644
--- a/epmet-module/resi-partymember/resi-partymember-server/src/main/java/com/epmet/modules/partymember/service/impl/PartymemberInfoServiceImpl.java
+++ b/epmet-module/resi-partymember/resi-partymember-server/src/main/java/com/epmet/modules/partymember/service/impl/PartymemberInfoServiceImpl.java
@@ -144,12 +144,12 @@ public class PartymemberInfoServiceImpl extends BaseServiceImpl<PartymemberInfoD
 	public List<CertifiedResultDTO> certified(CertifiedFormDTO certifiedFormDTO) {
 		certifiedFormDTO.setPageNo(certifiedFormDTO.getPageNo() - NumConstant.ONE);
 		List<CertifiedResultDTO> certifiedResultDTOS = partyMemberInfoDao.selectCertifiedList(certifiedFormDTO);
-		for (CertifiedResultDTO certifiedResultDTO : certifiedResultDTOS) {
-			certifiedResultDTO.setApplyTime(certifiedResultDTO.getApplyTime()*1000L);
-		}
 		if (certifiedResultDTOS.size()==0){
 			return new ArrayList<>();
 		}
+		for (CertifiedResultDTO certifiedResultDTO : certifiedResultDTOS) {
+			certifiedResultDTO.setApplyTime(certifiedResultDTO.getApplyTime()*1000L);
+		}
 		Result<List<CertifiedResultDTO>> listResult = epmetUserFeignClient.selectUserHeadPhotoByUserId(certifiedResultDTOS);
 		Result<SelectGridNameByGridIdResultDTO> gridName = govOrgFeignClient.selectGridNameByGridId(certifiedFormDTO);
 		for (CertifiedResultDTO datum : listResult.getData()) {
diff --git a/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/InfoSubmitFromDTO.java b/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/InfoSubmitFromDTO.java
index 3f61da4667..aa999da0f6 100644
--- a/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/InfoSubmitFromDTO.java
+++ b/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/InfoSubmitFromDTO.java
@@ -18,6 +18,7 @@
 package com.epmet.dto.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
@@ -27,7 +28,7 @@ import java.util.Date;
 /**
  * 用户居民端注册信息表  用户在居民端完善的个人信息
  *
- * @author generator generator@elink-cn.com
+ * @author sun
  * @since v1.0.0 2020-03-30
  */
 @Data
@@ -39,24 +40,28 @@ public class InfoSubmitFromDTO implements Serializable {
      * 手机号(注册手机号)
      */
 	@NotBlank(message = "手机号不能为空")
+	@Length(max=16,message = "手机号不能超过16位")
 	private String regMobile;
 
     /**
      * 姓氏
      */
 	@NotBlank(message = "姓氏不能为空")
+	@Length(max=10,message = "姓氏不能超过10个字")
 	private String surname;
 
     /**
      * 名称
      */
 	@NotBlank(message = "名称不能为空")
+	@Length(max=20,message = "名称不能超过20个字")
 	private String name;
 
     /**
      * 街道
      */
 	@NotBlank(message = "所在街道不能为空")
+	@Length(max=120,message = "所属街道不能超过120个字")
 	private String street;
 
     /**
@@ -78,6 +83,7 @@ public class InfoSubmitFromDTO implements Serializable {
 	 * 手机验证码
 	 */
 	@NotBlank(message = "手机验证码不能为空")
+	@Length(max=6,message = "手机验证码不能超过6位")
 	private String mobileCode;
 
 
diff --git a/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/ResiRegisterFormDTO.java b/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/ResiRegisterFormDTO.java
index 0cc3bcfef2..c97036ced0 100644
--- a/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/ResiRegisterFormDTO.java
+++ b/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/ResiRegisterFormDTO.java
@@ -18,6 +18,7 @@
 package com.epmet.dto.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
@@ -48,6 +49,7 @@ public class ResiRegisterFormDTO implements Serializable {
      * 访问来源 指的是用户点的那个功能进入到的注册页面，就是一个功能模块的Id（value:feature+action）
      */
     @NotBlank(message = "访问来源不能为空")
+    @Length(max=120,message = "访问来源不能超过120个字")
     private String visitFrom;
 
     /**
diff --git a/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/VerificationCodeFormDTO.java b/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/VerificationCodeFormDTO.java
index 4d28c3b0ed..a6bb8c31ba 100644
--- a/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/VerificationCodeFormDTO.java
+++ b/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/VerificationCodeFormDTO.java
@@ -1,6 +1,7 @@
 package com.epmet.dto.form;
 
 import lombok.Data;
+import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
@@ -19,6 +20,7 @@ public class VerificationCodeFormDTO implements Serializable {
      * 手机号(注册手机号)
      */
     @NotBlank(message = "手机号不能为空")
+    @Length(max=16,message = "手机号不能超过16位")
     private String mobile;
 
     /**
diff --git a/epmet-user/epmet-user-server/docker-compose.yml b/epmet-user/epmet-user-server/docker-compose.yml
index 5d54ef6e2d..5336083637 100644
--- a/epmet-user/epmet-user-server/docker-compose.yml
+++ b/epmet-user/epmet-user-server/docker-compose.yml
@@ -2,7 +2,7 @@ version: "3.7"
 services:
   epmet-user-server:
     container_name: epmet-user-server-dev
-    image: registry-vpc.cn-qingdao.aliyuncs.com/epmet-cloud-dev/epmet-user-server:0.3.14
+    image: registry-vpc.cn-qingdao.aliyuncs.com/epmet-cloud-dev/epmet-user-server:0.3.16
     ports:
       - "8087:8087"
     network_mode: host # 不会创建新的网络
diff --git a/epmet-user/epmet-user-server/pom.xml b/epmet-user/epmet-user-server/pom.xml
index 24a650f429..9ed1998002 100644
--- a/epmet-user/epmet-user-server/pom.xml
+++ b/epmet-user/epmet-user-server/pom.xml
@@ -2,7 +2,7 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <version>0.3.14</version>
+    <version>0.3.16</version>
     <parent>
         <groupId>com.epmet</groupId>
         <artifactId>epmet-user</artifactId>
diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java
index b943b44be7..8196b45787 100644
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java
@@ -45,7 +45,7 @@ public interface StaffRoleDao extends BaseDao<StaffRoleEntity> {
      * @param orgId
      * @return
      */
-    //@DataFilter(tableAliases = { "sr" })
+    @DataFilter(tableAliases = { "sr" })
     List<GovStaffRoleResultDTO> listStaffIdsByRoleKeyAndOrgId(@Param("roleKey") String roleKey, @Param("orgId") String orgId,
                                                               @Param("dataScope") DataScope dataScope);
 
diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/CustomerStaffServiceImpl.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/CustomerStaffServiceImpl.java
index e17211ee73..3c079c624e 100644
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/CustomerStaffServiceImpl.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/CustomerStaffServiceImpl.java
@@ -314,7 +314,7 @@ public class CustomerStaffServiceImpl extends BaseServiceImpl<CustomerStaffDao,
 		customerStaffFormDTO.setCustomerId(fromDTO.getCustomerId());
 		customerStaffFormDTO.setMobile(fromDTO.getMobile());
 		CustomerStaffDTO customerStaffDTO = baseDao.selectListCustomerStaffInfo(customerStaffFormDTO);
-		if (!fromDTO.getStaffId().equals(customerStaffDTO.getUserId())) {
+		if (null != customerStaffDTO && !fromDTO.getStaffId().equals(customerStaffDTO.getUserId())){
 			return new Result<CustomerStaffDTO>().error(EpmetErrorCode.MOBILE_USED.getCode(), EpmetErrorCode.MOBILE_USED.getMsg());
 		}
 
@@ -412,20 +412,20 @@ public class CustomerStaffServiceImpl extends BaseServiceImpl<CustomerStaffDao,
 		return new Result<List<CustomerIdDTO>>().ok(baseDao.selectCustomerIdByUserId(addDepartmentStaffFormDTO));
 	}
 
-    /**
-     * @Description 通过userId列表查询未被禁用的用户信息
-     * @Param CommonUserIdListFormDTO :: getUserIdList
-     * @return Result<List<CommonStaffInfoResultDTO>>
-     * @Author wangc
-     * @Date 2020.04.24 15:44
-     **/
-    @Override
-    public Result<List<CommonStaffInfoResultDTO>> getEnableStaffMsgList(CommonUserIdListFormDTO userIdList) {
+	/**
+	 * @return Result<List < CommonStaffInfoResultDTO>>
+	 * @Description 通过userId列表查询未被禁用的用户信息
+	 * @Param CommonUserIdListFormDTO :: getUserIdList
+	 * @Author wangc
+	 * @Date 2020.04.24 15:44
+	 **/
+	@Override
+	public Result<List<CommonStaffInfoResultDTO>> getEnableStaffMsgList(CommonUserIdListFormDTO userIdList) {
 		if (userIdList.getUserIdList().size() <= NumConstant.ZERO) {
 			return new Result<List<CommonStaffInfoResultDTO>>().ok(new ArrayList<>());
 		}
 
-		return new Result<List<CommonStaffInfoResultDTO>>().ok(baseDao.selectEnableStaffMsg(userIdList.getUserIdList(),userIdList.getCustomerId()));
-    }
+		return new Result<List<CommonStaffInfoResultDTO>>().ok(baseDao.selectEnableStaffMsg(userIdList.getUserIdList(), userIdList.getCustomerId()));
+	}
 
 }
\ No newline at end of file