1.调整之后的DataFIlter

epmet-auth/src/main/java/com/epmet/feign/EpmetUserFeignClient.java

@@ -3,6 +3,7 @@ package com.epmet.feign;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.GovStaffRoleDTO;
 import com.epmet.dto.UserDTO;
 import com.epmet.dto.UserWechatDTO;
 import com.epmet.dto.form.*;
@@ -107,4 +108,11 @@ public interface EpmetUserFeignClient {
 	 **/
 	@PostMapping(value = "epmetuser/staffagencyvisited/saveStaffLoginRecord", consumes = MediaType.APPLICATION_JSON_VALUE)
 	Result saveStaffLoginRecord(StaffLoginAgencyRecordFormDTO staffLoginHistoryFormDTO);
+
+	/**
+	 * 查询工作人员的角色
+	 * @return
+	 */
+	@PostMapping("/epmetuser/staffrole/staffroles")
+	Result<List<GovStaffRoleDTO>> getRolesOfStaff(StaffRoleFormDTO staffRoleFormDTO);
 }

epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java

@@ -2,8 +2,10 @@ package com.epmet.feign;
 
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.form.StaffOrgFormDTO;
 import com.epmet.dto.result.DepartmentListResultDTO;
+import com.epmet.dto.result.GridByStaffResultDTO;
 import com.epmet.dto.result.StaffOrgsResultDTO;
 import com.epmet.feign.fallback.GovOrgFeignClientFallback;
 import org.springframework.cloud.openfeign.FeignClient;
@@ -37,4 +39,20 @@ public interface GovOrgFeignClient {
      */
     @PostMapping("/gov/org/department/staff/{staffId}/departmentlist")
     Result<List<DepartmentListResultDTO>> getDepartmentListByStaffId(@PathVariable("staffId") String staffId);
+
+    /**
+     * 查询工作人员所有的网格
+     * @param staffId
+     * @return
+     */
+    @PostMapping("/gov/org/grid/gridsbystaffid/{staffId}")
+    Result<List<GridByStaffResultDTO>> listGridsbystaffid(@PathVariable("staffId") String staffId);
+
+    /**
+     * 根据staffId查询所属的组织机构
+     * @param staffId
+     * @return
+     */
+    @PostMapping("/gov/org/agency/agencybystaff/{staffId}")
+    Result<CustomerAgencyDTO> getAgencyByStaff(@PathVariable("staffId") String staffId);
 }

epmet-auth/src/main/java/com/epmet/feign/fallback/EpmetUserFeignClientFallback.java

@@ -4,6 +4,7 @@ import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.GovStaffRoleDTO;
 import com.epmet.dto.UserDTO;
 import com.epmet.dto.UserWechatDTO;
 import com.epmet.dto.form.*;
@@ -62,4 +63,9 @@ public class EpmetUserFeignClientFallback implements EpmetUserFeignClient {
 		return ModuleUtils.feignConError(ServiceConstant.EPMET_USER_SERVER, "saveStaffLoginRecord", staffLoginHistoryFormDTO);
 	}
 
+	@Override
+	public Result<List<GovStaffRoleDTO>> getRolesOfStaff(StaffRoleFormDTO staffRoleFormDTO) {
+		return ModuleUtils.feignConError(ServiceConstant.EPMET_USER_SERVER, "getRolesOfStaff", staffRoleFormDTO);
+	}
+
 }

epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java

@@ -3,8 +3,10 @@ package com.epmet.feign.fallback;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.form.StaffOrgFormDTO;
 import com.epmet.dto.result.DepartmentListResultDTO;
+import com.epmet.dto.result.GridByStaffResultDTO;
 import com.epmet.dto.result.StaffOrgsResultDTO;
 import com.epmet.feign.GovOrgFeignClient;
 import org.springframework.stereotype.Component;
@@ -28,5 +30,15 @@ public class GovOrgFeignClientFallback implements GovOrgFeignClient {
     public Result<List<DepartmentListResultDTO>> getDepartmentListByStaffId(String staffId) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getDepartmentListByStaffId", staffId);
     }
+
+    @Override
+    public Result<List<GridByStaffResultDTO>> listGridsbystaffid(String staffId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "listGridsbystaffid", staffId);
+    }
+
+    @Override
+    public Result<CustomerAgencyDTO> getAgencyByStaff(String staffId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getAgencyByStaff", staffId);
+    }
 }
 

epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java

@@ -11,12 +11,11 @@ import com.epmet.commons.tools.utils.CpUserDetailRedis;
 import com.epmet.commons.tools.utils.DateUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.commons.tools.validator.PhoneValidatorUtils;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.GovStaffRoleDTO;
 import com.epmet.dto.form.*;
-import com.epmet.dto.result.DepartmentListResultDTO;
-import com.epmet.dto.result.StaffLatestAgencyResultDTO;
-import com.epmet.dto.result.StaffOrgsResultDTO;
-import com.epmet.dto.result.UserTokenResultDTO;
+import com.epmet.dto.result.*;
 import com.epmet.feign.EpmetUserFeignClient;
 import com.epmet.feign.GovOrgFeignClient;
 import com.epmet.feign.MessageFeignClient;
@@ -168,12 +167,59 @@ public class GovLoginServiceImpl implements GovLoginService {
         govTokenDto.setAgencyId(staffLatestAgency.getAgencyId());
         govTokenDto.setCustomerId(staffLatestAgency.getCustomerId());
 
+        //设置部门，网格，角色列表
+        govTokenDto.setDeptIdList(getDeptartmentIdList(staffLatestAgency.getStaffId()));
+        govTokenDto.setGridIdList(getGridIdList(staffLatestAgency.getStaffId()));
+        CustomerAgencyDTO agency = getAgencyByStaffId(staffLatestAgency.getStaffId());
+        if (agency != null) {
+            govTokenDto.setRoleIdList(queryGovStaffRoleIds(staffLatestAgency.getStaffId(), agency.getId()));
+        }
+        govTokenDto.setOrgIdPath(getOrgIdPath(staffLatestAgency.getStaffId()));
+
+        cpUserDetailRedis.set(govTokenDto, expire);
+        logger.info("截止时间：" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss"));
+    }
+
+    /**
+     * 查询人员在某机关单位下的角色列表
+     * @param staffId
+     * @param orgId
+     * @return
+     */
+    public Set<String> queryGovStaffRoleIds(String staffId, String orgId) {
+        StaffRoleFormDTO formDTO = new StaffRoleFormDTO();
+        formDTO.setStaffId(staffId);
+        formDTO.setOrgId(orgId);
+        Result<List<GovStaffRoleDTO>> gridResult = epmetUserFeignClient.getRolesOfStaff(formDTO);
+        if (!CollectionUtils.isEmpty(gridResult.getData())) {
+            return gridResult.getData().stream().map(role -> role.getId()).collect(Collectors.toSet());
+        }
+        return null;
+    }
+
+    /**
+     * 根据工作人员ID查询网格ID列表
+     * @param staffId
+     * @return
+     */
+    public Set<String> getGridIdList(String staffId) {
+        Result<List<GridByStaffResultDTO>> result = govOrgFeignClient.listGridsbystaffid(staffId);
+        if (!result.success()) {
+            logger.error("登录:查询网格列表，远程调用返回错误:{}", result.getMsg());
+            return null;
+        } else {
+            List<GridByStaffResultDTO> grids = result.getData();
+            return grids.stream().map(grid -> grid.getGridId()).collect(Collectors.toSet());
+        }
+    }
+
+    public Set<String> getDeptartmentIdList(String staffId) {
         try {
-            Result<List<DepartmentListResultDTO>> deptListResult = govOrgFeignClient.getDepartmentListByStaffId(staffLatestAgency.getStaffId());
+            Result<List<DepartmentListResultDTO>> deptListResult = govOrgFeignClient.getDepartmentListByStaffId(staffId);
             if (deptListResult.success()) {
                 if (!CollectionUtils.isEmpty(deptListResult.getData())) {
                     Set<String> deptIdLists = deptListResult.getData().stream().map(dept -> dept.getDepartmentId()).collect(Collectors.toSet());
-                    govTokenDto.setDeptIdList(deptIdLists);
+                    return deptIdLists;
                 }
             } else {
                 logger.error("登录:查询部门列表，远程调用返回错误:{}", deptListResult.getMsg());
@@ -182,9 +228,7 @@ public class GovLoginServiceImpl implements GovLoginService {
             String errorStackTrace = ExceptionUtils.getErrorStackTrace(e);
             logger.error("登录:查询部门列表异常:{}", errorStackTrace);
         }
-
-        cpUserDetailRedis.set(govTokenDto, expire);
-        logger.info("截止时间：" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss"));
+        return null;
     }
 
     //保存登录日志
@@ -300,8 +344,50 @@ public class GovLoginServiceImpl implements GovLoginService {
         govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime());
         govTokenDto.setAgencyId(orgId);
         govTokenDto.setCustomerId(customerId);
+
+        //设置部门，网格，角色列表
+        govTokenDto.setDeptIdList(getDeptartmentIdList(staffId));
+        govTokenDto.setGridIdList(getGridIdList(staffId));
+        CustomerAgencyDTO agency = getAgencyByStaffId(staffId);
+        if (agency != null) {
+            govTokenDto.setRoleIdList(queryGovStaffRoleIds(staffId, agency.getId()));
+        }
+        govTokenDto.setOrgIdPath(getOrgIdPath(staffId));
+
         cpUserDetailRedis.set(govTokenDto, expire);
         logger.info("截止时间：" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss"));
     }
+
+    /**
+     * 查询工作人员的OrgIdPath
+     * @param staffId
+     * @return
+     */
+    public String getOrgIdPath(String staffId) {
+        Result<CustomerAgencyDTO> result = govOrgFeignClient.getAgencyByStaff(staffId);
+        if (!result.success()) {
+            logger.error("登录：查询登录人所属的机关OrgIdPath失败:{}", result.getMsg());
+            return null;
+        }
+        CustomerAgencyDTO agency = result.getData();
+        if (agency != null) {
+            if ("0".equals(agency.getPid())) {
+                // 顶级
+                return agency.getId();
+            } else {
+                return agency.getPids().concat(":").concat(agency.getId());
+            }
+        }
+        return null;
+    }
+
+    public CustomerAgencyDTO getAgencyByStaffId(String staffId) {
+        Result<CustomerAgencyDTO> result = govOrgFeignClient.getAgencyByStaff(staffId);
+        if (!result.success()) {
+            logger.error("登录：查询登录人所属的机关OrgIdPath失败:{}", result.getMsg());
+            return null;
+        }
+        return result.getData();
+    }
 }
 

epmet-auth/src/test/java/com/epmet/TokenGenTest.java

@@ -1,10 +1,15 @@
 package com.epmet;
 
+import cn.binarywang.wx.miniapp.bean.WxMaJscode2SessionResult;
 import com.epmet.common.token.constant.LoginConstant;
 import com.epmet.commons.tools.security.dto.GovTokenDto;
 import com.epmet.commons.tools.utils.CpUserDetailRedis;
+import com.epmet.commons.tools.utils.DateUtils;
+import com.epmet.dto.CustomerAgencyDTO;
+import com.epmet.dto.result.StaffLatestAgencyResultDTO;
 import com.epmet.jwt.JwtTokenProperties;
 import com.epmet.jwt.JwtTokenUtils;
+import com.epmet.service.impl.GovLoginServiceImpl;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -29,6 +34,9 @@ public class TokenGenTest {
     @Autowired
     private CpUserDetailRedis cpUserDetailRedis;
 
+    @Autowired
+    private GovLoginServiceImpl govLoginService;
+
     @Test
     public void genToken() {
         String staffId = "wxz";
@@ -50,6 +58,33 @@ public class TokenGenTest {
         cpUserDetailRedis.set(govTokenDto, expire);
     }
 
+    @Test
+    public void saveLatestGovTokenDto() {
+        String staffId = "wxz";
+        String token = generateGovWxmpToken(staffId);
+        int expire = jwtTokenProperties.getExpire();
+        GovTokenDto govTokenDto = new GovTokenDto();
+        govTokenDto.setApp(LoginConstant.APP_GOV);
+        govTokenDto.setClient(LoginConstant.CLIENT_WXMP);
+        govTokenDto.setToken(token);
+        govTokenDto.setUserId(staffId);
+        govTokenDto.setUpdateTime(System.currentTimeMillis());
+        govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime());
+        //govTokenDto.setAgencyId(staffLatestAgency.getAgencyId());
+        //govTokenDto.setCustomerId(staffLatestAgency.getCustomerId());
+
+        //设置部门，网格，角色列表
+        govTokenDto.setDeptIdList(govLoginService.getDeptartmentIdList(staffId));
+        govTokenDto.setGridIdList(govLoginService.getGridIdList(staffId));
+        CustomerAgencyDTO agency = govLoginService.getAgencyByStaffId(staffId);
+        if (agency != null) {
+            govTokenDto.setRoleIdList(govLoginService.queryGovStaffRoleIds(staffId, agency.getId()));
+        }
+        govTokenDto.setOrgIdPath(govLoginService.getOrgIdPath(staffId));
+
+        cpUserDetailRedis.set(govTokenDto, expire);
+    }
+
     /**
      * @Description 生成token
      * @Date 2020/4/18 23:04

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java

@@ -10,9 +10,8 @@ package com.epmet.commons.mybatis.aspect;
 
 import com.epmet.commons.mybatis.annotation.DataFilter;
 import com.epmet.commons.mybatis.constant.AccessSettingConstant;
-import com.epmet.commons.mybatis.constant.OpeScopeConstant;
+import com.epmet.commons.tools.constant.OpeScopeConstant;
 import com.epmet.commons.mybatis.dto.form.*;
-import com.epmet.commons.mybatis.entity.DataScope;
 import com.epmet.commons.mybatis.feign.GovAccessFeignClient;
 import com.epmet.commons.mybatis.feign.GovOrgFeignClient;
 import com.epmet.commons.tools.aspect.AccessOpeAspect;
@@ -32,6 +31,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.util.CollectionUtils;
 
 import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * 数据过滤，切面处理类
@@ -86,11 +86,11 @@ public class DataFilterAspect {
         String client = loginUserUtil.getLoginUserClient();
         String userId = loginUserUtil.getLoginUserId();
 
-        StaffPermissionFormDTO staffPermissionFormDTO = new StaffPermissionFormDTO();
+        StaffPermCacheFormDTO staffPermissionFormDTO = new StaffPermCacheFormDTO();
         staffPermissionFormDTO.setApp(app);
         staffPermissionFormDTO.setClient(client);
         staffPermissionFormDTO.setStaffId(userId);
-        Result<StaffPermCacheResultDTO> result = govAccessFeignClient.getStaffCurrPermissions(staffPermissionFormDTO);
+        Result<LoginUserInfoResultDTO> result = govAccessFeignClient.getLoginUserInfo(staffPermissionFormDTO);
 
         if (result.getCode() != 0) {
             // 查询不到权限，记录日志，抛出8000异常
@@ -98,21 +98,23 @@ public class DataFilterAspect {
             throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
         }
 
-        StaffPermCacheResultDTO permCacheResultDTO = result.getData();
+        LoginUserInfoResultDTO userDetail = result.getData();
 
-        if (permCacheResultDTO == null || CollectionUtils.isEmpty(permCacheResultDTO.getPermissions())) {
-            log.error("操作权限不足，查询不到权限");
+        if (userDetail == null) {
+            log.error("操作权限不足，查询不到登录用户信息");
             throw new RenException(EpmetErrorCode.REQUIRE_PERMISSION.getCode());
         }
 
+        Set<String> currPermissions = getPermissions(userDetail.getRoleIdList());
+
         // 校验操作权限
-        validateOpePermission(permCacheResultDTO.getPermissions(), requirePermission);
+        validateOpePermission(currPermissions, requirePermission);
 
         hasConditions.set(false);
 
         // 生成过滤sql
-        String sqlFilterSegment = getSqlFilterSegment(userId, permCacheResultDTO.getRoleIdList(), requirePermission,
-                permCacheResultDTO.getOrgIdPath(), permCacheResultDTO.getGridId(), tableAlias, permCacheResultDTO.getDeptIdList());
+        String sqlFilterSegment = getSqlFilterSegment(userId, userDetail.getRoleIdList(), requirePermission,
+                userDetail.getOrgIdPath(), userDetail.getDeptIdList(), tableAlias, userDetail.getDeptIdList());
 
         // 方式1.填充到Service方法列表中的DataScope对象中。如果dao入参是用DTO的话，那么再加一个DataScope入参，sql中会报错提示#{}参数找不到，因此改用方法2
         //Object[] methodArgs = point.getArgs();
@@ -129,6 +131,22 @@ public class DataFilterAspect {
         }
     }
 
+    private Set<String> getPermissions(Set<String> roleIdList) {
+        Set<String> permissions = new HashSet<>();
+        roleIdList.forEach(role -> {
+            // 找出该角色的所有功能操作列表
+            Result<Set<RoleOpeScopeResultDTO>> result = govAccessFeignClient.listRoleAllOperationScopesByRoleId(role);
+            if (!result.success()) {
+                // 获取operation异常
+                log.error("调用GovAccess，根据RoleId查询Operation列表失败:{}", result.getMsg());
+                throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+            }
+            Set<RoleOpeScopeResultDTO> roleOperations = result.getData();
+            permissions.addAll(roleOperations.stream().map(ope -> ope.getOperationKey()).collect(Collectors.toSet()));
+        });
+        return permissions;
+    }
+
     /**
      * 校验操作权限
      */
@@ -146,7 +164,7 @@ public class DataFilterAspect {
      * @return
      */
     private String getSqlFilterSegment(String userId, Set<String> roleIds, String reqiurePermission, String orgIdPath,
-                                       String gridId, String tableAlias, Set<String> deptIds) {
+                                       Set<String> gridIdList, String tableAlias, Set<String> deptIds) {
 
         StringBuilder sb = new StringBuilder();
 
@@ -164,7 +182,7 @@ public class DataFilterAspect {
         // 3.生成sql:本网格的
         String inGrid = accessSettings.get(AccessSettingConstant.IN_GRID_KEY);
         if (StringUtils.isNotBlank(inGrid) && AccessSettingConstant.IN_GRID_YES.equals(inGrid)) {
-            genInGrid(sb, gridId, tableAlias);
+            genInGrid(sb, gridIdList, tableAlias);
         }
 
         // 4.生成sql:根据部门列表
@@ -218,15 +236,28 @@ public class DataFilterAspect {
      * 网格sql
      *
      * @param sb
-     * @param gridId
      * @param tableAlias
      */
-    private void genInGrid(StringBuilder sb, String gridId, String tableAlias) {
+    private void genInGrid(StringBuilder sb, Set<String> gridIdList, String tableAlias) {
+        //if (StringUtils.isBlank(tableAlias)) {
+        //    sb.append(hasConditions.get() ? " OR " : "").append(" GRID_ID ='").append(gridId).append("' ");
+        //} else {
+        //    sb.append(hasConditions.get() ? " OR " : "").append(tableAlias).append(".GRID_ID ='").append(gridId).append("' ");
+        //}
+
+        if (hasConditions.get()) {
+            // 之前没有条件
+            sb.append(" OR ");
+        }
+        // OR     GRID_ID = 'XXX' OR GRID_ID = 'QQQ'
+        for (String gridId : gridIdList) {
             if (StringUtils.isBlank(tableAlias)) {
-            sb.append(hasConditions.get() ? " OR " : "").append(" GRID_ID ='").append(gridId).append("' ");
+                sb.append(" GRID_ID = '").append(gridId).append("' OR");
             } else {
-            sb.append(hasConditions.get() ? " OR " : "").append(tableAlias).append(".GRID_ID ='").append(gridId).append("' ");
+                sb.append(" ").append(tableAlias).append(".GRID_ID ='").append(gridId).append("' OR ");
             }
+        }
+        sb.replace(sb.lastIndexOf("OR"), sb.lastIndexOf("OR") + 3, "");
         hasConditions.set(true);
     }
 
@@ -253,19 +284,31 @@ public class DataFilterAspect {
     public void genOrgScopeSql(StringBuilder sb, String orgIdPath, Set<String> roleIds, String reqiurePermission, String tableAlias) {
 
         // 根据角色列表查询操作范围列表
-        Set<OperationScopeDTO> scopeDTOS = new HashSet<>();
+        Set<RoleOpeScopeResultDTO> opeAndScopes = new HashSet<>();
+        //roleIds.forEach(roleId -> {
+        //    OperationScopeFormDTO osformDto = new OperationScopeFormDTO();
+        //    osformDto.setRoleId(roleId);
+        //    osformDto.setOperationKey(reqiurePermission);
+        //    Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto);
+        //    if (result.success()) {
+        //        scopeDTOS.addAll(result.getData());
+        //    }
+        //});
+
         roleIds.forEach(roleId -> {
-            OperationScopeFormDTO osformDto = new OperationScopeFormDTO();
-            osformDto.setRoleId(roleId);
-            osformDto.setOperationKey(reqiurePermission);
-            Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto);
-            if (result.success()) {
-                scopeDTOS.addAll(result.getData());
+            Result<Set<RoleOpeScopeResultDTO>> opeResult = govAccessFeignClient.listRoleAllOperationScopesByRoleId(roleId);
+            if (!opeResult.success()) {
+                log.error("DataFilter：根据角色查询角色所有的操作列表出错:{}", opeResult.getMsg());
+            } else {
+                Set<RoleOpeScopeResultDTO> opes = opeResult.getData();
+                if (!CollectionUtils.isEmpty(opes)) {
+                    opeAndScopes.addAll(opes);
+                }
             }
         });
 
         // 过滤范围
-        HashSet<String> scopes = filteScopes(scopeDTOS);
+        HashSet<String> scopes = filteScopes(opeAndScopes);
         if (CollectionUtils.isEmpty(scopes)) {
             // 没有范围限制
             return;
@@ -333,10 +376,10 @@ public class DataFilterAspect {
      * @param scopeDTOS
      * @return
      */
-    private HashSet<String> filteScopes(Set<OperationScopeDTO> scopeDTOS) {
-        HashMap<String, OperationScopeDTO> filtedScopes = new HashMap<>();
+    private HashSet<String> filteScopes(Set<RoleOpeScopeResultDTO> scopeDTOS) {
+        HashMap<String, RoleOpeScopeResultDTO> filtedScopes = new HashMap<>();
 
-        for (OperationScopeDTO scope : scopeDTOS) {
+        for (RoleOpeScopeResultDTO scope : scopeDTOS) {
             String scopeIndex = scope.getScopeIndex();
             if (StringUtils.isBlank(scopeIndex)) {
                 continue;
@@ -348,7 +391,7 @@ public class DataFilterAspect {
                 continue;
             }
 
-            OperationScopeDTO tempScope = filtedScopes.get(currArr[0]);
+            RoleOpeScopeResultDTO tempScope = filtedScopes.get(currArr[0]);
             if (tempScope != null) {
                 // 已经有ac开头的了
                 String tempScopeIndex = tempScope.getScopeIndex();
@@ -360,8 +403,8 @@ public class DataFilterAspect {
             }
         }
         HashSet<String> scopeStrs = new HashSet<>();
-        Set<Map.Entry<String, OperationScopeDTO>> entries = filtedScopes.entrySet();
-        for (Map.Entry<String, OperationScopeDTO> entry : entries) {
+        Set<Map.Entry<String, RoleOpeScopeResultDTO>> entries = filtedScopes.entrySet();
+        for (Map.Entry<String, RoleOpeScopeResultDTO> entry : entries) {
             scopeStrs.add(entry.getValue().getScopeKey());
         }
         return scopeStrs;

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/LoginUserInfoResultDTO.java

@@ -0,0 +1,40 @@
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+import java.util.Set;
+
+@Data
+public class LoginUserInfoResultDTO {
+
+    /**
+     * 权限列表
+     */
+    private Set<String> permissions;
+
+    /**
+     * 角色列表
+     */
+    private Set<String> roleIdList;
+
+    /**
+     * 部门id列表
+     */
+    private Set<String> deptIdList;
+
+    /**
+     * 组织ID
+     */
+    private String orgIdPath;
+
+    /**
+     * 网格ID
+     */
+    private String gridId;
+
+    /**
+     * 网格ID列表
+     */
+    private Set<String> gridIdList;
+
+}

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/RoleOpeScopeResultDTO.java

@@ -0,0 +1,33 @@
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+@Data
+public class RoleOpeScopeResultDTO {
+
+    /**
+     * 角色ID
+     */
+    private String roleId;
+
+    /**
+     * 操作key
+     */
+    private String operationKey;
+
+    /**
+     * 范围key
+     */
+    private String scopeKey;
+
+    /**
+     * 范围名称
+     */
+    private String scopeName;
+
+    /**
+     * 范围序号
+     */
+    private String scopeIndex;
+
+}

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheFormDTO.java

@@ -0,0 +1,59 @@
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import java.util.Set;
+
+@Data
+public class StaffPermCacheFormDTO {
+
+    /**
+     * 更新权限缓存分组
+     */
+    public interface UpdatePermissionCache {}
+
+    /**
+     * 查询当前权限列表
+     */
+    public interface GetStaffCurrPermissions {}
+
+    /**
+     * 工作人员 id
+     */
+    @NotBlank(message = "工作人员ID不能为空", groups = {UpdatePermissionCache.class, GetStaffCurrPermissions.class})
+    private String staffId;
+
+    /**
+     * 登录头信息app
+     */
+    @NotBlank(message = "登录头信息app不能为空", groups = {UpdatePermissionCache.class, GetStaffCurrPermissions.class})
+    private String app;
+
+    /**
+     * 登录头信息client
+     */
+    @NotBlank(message = "登录头信息client不能为空", groups = {UpdatePermissionCache.class, GetStaffCurrPermissions.class})
+    private String client;
+
+    /**
+     * 组织ID路径
+     */
+    private String orgIdPath;
+
+    /**
+     * 权限列表
+     */
+    private Set<String> permissions;
+
+    /**
+     * 角色列表
+     */
+    private Set<String> roleIdList;
+
+    /**
+     * 当前所在网格id
+     */
+    private String gridId;
+
+}

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java

@@ -32,4 +32,6 @@ public class StaffPermCacheResultDTO {
      */
     private String gridId;
 
+    private String gridIdList;
+
 }

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java

@@ -25,8 +25,8 @@ public interface GovAccessFeignClient {
      * 查询用户当前权限列表
      * @return
      */
-    @PostMapping("/gov/access/access/getcurrpermissions")
-    Result<StaffPermCacheResultDTO> getStaffCurrPermissions(StaffPermissionFormDTO dto);
+    @PostMapping("/gov/access/access/loginuserinfo")
+    Result<LoginUserInfoResultDTO> getLoginUserInfo(@RequestBody StaffPermCacheFormDTO dto);
 
     /**
      * 查询角色的操作key对应操作范围列表
@@ -43,4 +43,11 @@ public interface GovAccessFeignClient {
      */
     @PostMapping("/gov/access/access/role/{roleId}/accesssettings")
     Result<Map<String, String>> listAccessSettings(@PathVariable("roleId") String roleId);
+
+    /**
+     * 查询角色所有operation及其范围(缓存)
+     * @return
+     */
+    @PostMapping("/gov/access/access/roleallopesandscopes/{roleId}")
+    Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId);
 }

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java

@@ -6,8 +6,8 @@ import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
 import org.springframework.stereotype.Component;
+import org.springframework.web.bind.annotation.PathVariable;
 
-import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
@@ -21,8 +21,8 @@ import java.util.Set;
 public class GovAccessFeignClientFallback implements GovAccessFeignClient {
 
     @Override
-    public Result<StaffPermCacheResultDTO> getStaffCurrPermissions(StaffPermissionFormDTO dto) {
-        return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getStaffCurrPermissions", dto);
+    public Result<LoginUserInfoResultDTO> getLoginUserInfo(StaffPermCacheFormDTO dto) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getLoginUserInfo", dto);
     }
 
     @Override
@@ -34,4 +34,9 @@ public class GovAccessFeignClientFallback implements GovAccessFeignClient {
     public Result<Map<String, String>> listAccessSettings(String roleId) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listAccessSettings", roleId);
     }
+
+    @Override
+    public Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId){
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listRoleAllOperationScopesByRoleId", roleId);
+    }
 }

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/OpeScopeConstant.java → epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/constant/OpeScopeConstant.java

@@ -1,4 +1,4 @@
-package com.epmet.commons.mybatis.constant;
+package com.epmet.commons.tools.constant;
 
 public class OpeScopeConstant {
     //"同级组织的下级"
@@ -7,6 +7,7 @@ public class OpeScopeConstant {
     public static final String ORG_EQUAL_AND_SUB = "org_equal_and_sub";
     //"同级组织"
     public static final String ORG_EQUAL = "org_equal";
+
     //"本组织的下级"
     public static final String ORG_CURR_SUB = "org_curr_sub";
     //"本组织及下级"
@@ -14,4 +15,9 @@ public class OpeScopeConstant {
     //"本组织"
     public static final String ORG_CURR = "org_curr";
 
+    //"本组织的上级"
+    public static final String ORG_CURR_SUP = "org_curr_sup";
+    //"本组织及上级"
+    public static final String ORG_CURR_AND_SUP = "org_curr_and_sup";
+
 }

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java

@@ -218,6 +218,15 @@ public class RedisKeys {
 		return rootPrefix.concat("gov:access:role:opescopes:").concat(roleId).concat(":").concat(opeKey);
 	}
 
+	/**
+	 * 角色所有操作权限对应的可操作范围
+	 * @param roleId 角色ID
+	 * @return
+	 */
+	public static String getRoleAllOpeScopesKey(String roleId) {
+		return rootPrefix.concat("gov:access:role:allopescopes:").concat(roleId);
+	}
+
 	/**
 	 * 角色ID对应的权限配置
 	 * @param roleId

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java

@@ -59,6 +59,11 @@ public class GovTokenDto extends BaseTokenDto implements Serializable {
      */
     private String gridId;
 
+    /***
+     * 所在网格列表
+     */
+    private Set<String> gridIdList;
+
     /**
      * 部门id列表
      */

epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/OperationScopeDTO.java

@@ -48,6 +48,11 @@ public class OperationScopeDTO implements Serializable {
      */
 	private String scopeName;
 
+    /**
+     * 范围序号
+     */
+    private String scopeIndex;
+
     /**
      * 是否删除，0：未删除，1：已删除
      */

epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java → epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/LoginUserInfoResultDTO.java

@@ -2,11 +2,10 @@ package com.epmet.dto.result;
 
 import lombok.Data;
 
-import javax.validation.constraints.NotBlank;
 import java.util.Set;
 
 @Data
-public class StaffPermCacheResultDTO {
+public class LoginUserInfoResultDTO {
 
     /**
      * 权限列表
@@ -33,4 +32,9 @@ public class StaffPermCacheResultDTO {
      */
     private String gridId;
 
+    /**
+     * 网格ID列表
+     */
+    private Set<String> gridIdList;
+
 }

epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java

@@ -10,6 +10,11 @@ public class RoleOpeScopeResultDTO {
      */
     private String roleId;
 
+    /**
+     * 操作key
+     */
+    private String operationKey;
+
     /**
      * 范围key
      */

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java

@@ -6,9 +6,9 @@ import com.epmet.commons.tools.validator.ValidatorUtils;
 import com.epmet.dto.OperationScopeDTO;
 import com.epmet.dto.form.OperationScopeFormDTO;
 import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.result.LoginUserInfoResultDTO;
 import com.epmet.dto.result.RoleAccessSettingResultDTO;
 import com.epmet.dto.result.RoleOpeScopeResultDTO;
-import com.epmet.dto.result.StaffPermCacheResultDTO;
 import com.epmet.entity.OperationScopeEntity;
 import com.epmet.service.AccessService;
 import org.springframework.beans.BeanUtils;
@@ -53,23 +53,23 @@ public class AccessController {
     }
 
     /**
-     * 从缓存中查询用户当前权限列表(DataFilterAspect中用到)
+     * 从缓存中查询用户信息(DataFilterAspect中用到)
      * @return
      */
-    @PostMapping("getcurrpermissions")
-    public Result<StaffPermCacheResultDTO> getStaffCurrPermissions(@RequestBody StaffPermCacheFormDTO dto) {
+    @PostMapping("loginuserinfo")
+    public Result<LoginUserInfoResultDTO> getLoginUserInfo(@RequestBody StaffPermCacheFormDTO dto) {
         ValidatorUtils.validateEntity(dto, StaffPermCacheFormDTO.GetStaffCurrPermissions.class);
-        GovTokenDto govTokenDto = accessService.listStaffCurrPermissions(dto.getApp(), dto.getClient(), dto.getStaffId());
-        StaffPermCacheResultDTO resultDTO = null;
+        GovTokenDto govTokenDto = accessService.getUserDetails(dto.getApp(), dto.getClient(), dto.getStaffId());
+        LoginUserInfoResultDTO resultDTO = null;
         if (govTokenDto != null) {
-            resultDTO = new StaffPermCacheResultDTO();
-            resultDTO.setPermissions(govTokenDto.getPermissions());
+            resultDTO = new LoginUserInfoResultDTO();
             resultDTO.setRoleIdList(govTokenDto.getRoleIdList());
+            //resultDTO.setGridId(govTokenDto.getGridId());
             resultDTO.setOrgIdPath(govTokenDto.getOrgIdPath());
-            resultDTO.setGridId(govTokenDto.getGridId());
+            resultDTO.setGridIdList(govTokenDto.getGridIdList());
             resultDTO.setDeptIdList(govTokenDto.getDeptIdList());
         }
-        return new Result<StaffPermCacheResultDTO>().ok(resultDTO);
+        return new Result<LoginUserInfoResultDTO>().ok(resultDTO);
     }
 
     /**
@@ -83,6 +83,16 @@ public class AccessController {
         return new Result<Set<RoleOpeScopeResultDTO>>().ok(scopes);
     }
 
+    /**
+     * 查询角色所有operation及其范围(缓存)
+     * @return
+     */
+    @PostMapping("roleallopesandscopes/{roleId}")
+    public Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId) {
+        Set<RoleOpeScopeResultDTO> scopes = accessService.listAllRoleOperationScopesByRoleId(roleId);
+        return new Result<Set<RoleOpeScopeResultDTO>>().ok(scopes);
+    }
+
     /**
      * 查询角色的权限相关配置
      * @param roleId

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java

@@ -44,4 +44,14 @@ public interface OperationScopeDao extends BaseDao<OperationScopeEntity> {
      */
     Set<RoleOpeScopeResultDTO> listOperationScopesByRoleId(@Param("roleId") String roleId,
                                             @Param("operationKey") String operationKey);
+
+    /**
+     * 查询角色所有operation及其范围
+     * @param roleId
+     */
+    Set<RoleOpeScopeResultDTO> listAllRoleOperationScopesByRoleId(String roleId);
+
+    String getDefaultScopeKeyForOperation(@Param("operationKey") String operationKey);
+
+    String getScopeIndexByScopeKey(@Param("scopeKey") String scopeKey);
 }

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java

@@ -29,6 +29,16 @@ public class RoleOpeScopeRedis {
         redisUtils.set(roleOpeScopesKey, scopes);
     }
 
+    /**
+     * 缓存角色所有的操作范围
+     * @param roleId
+     * @param scopes
+     */
+    public void setRoleAllOpeScopes(String roleId, Set<RoleOpeScopeResultDTO> scopes) {
+        String roleAllOpeScopesKey = RedisKeys.getRoleAllOpeScopesKey(roleId);
+        redisUtils.set(roleAllOpeScopesKey, scopes);
+    }
+
     /**
      * 查询角色操作范围
      * @param roleId
@@ -40,4 +50,14 @@ public class RoleOpeScopeRedis {
         return (Set<RoleOpeScopeResultDTO>)redisUtils.get(roleOpeScopesKey);
     }
 
+    /**
+     * 查询角色所有操作范围
+     * @param roleId
+     * @return
+     */
+    public Set<RoleOpeScopeResultDTO> getRoleAllOpeScopes(String roleId) {
+        String roleOpeScopesKey = RedisKeys.getRoleAllOpeScopesKey(roleId);
+        return (Set<RoleOpeScopeResultDTO>)redisUtils.get(roleOpeScopesKey);
+    }
+
 }

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java

@@ -21,7 +21,7 @@ public interface AccessService {
      * 查询用户当前权限列表
      * @return
      */
-    GovTokenDto listStaffCurrPermissions(String app, String client, String staffId);
+    GovTokenDto getUserDetails(String app, String client, String staffId);
 
     /**
      * 查询角色的操作key对应操作范围列表
@@ -37,4 +37,11 @@ public interface AccessService {
      * @return
      */
     Map<String, String> listAccessSettings(String roleId);
+
+    /**
+     * 查询角色所有operation及其范围(缓存)
+     * @param roleId
+     * @return
+     */
+    Set<RoleOpeScopeResultDTO> listAllRoleOperationScopesByRoleId(String roleId);
 }

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java

@@ -10,6 +10,7 @@ import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.redis.RoleAccessSettingRedis;
 import com.epmet.redis.RoleOpeScopeRedis;
 import com.epmet.service.AccessService;
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -65,7 +66,7 @@ public class AccessServiceImpl implements AccessService {
     }
 
     @Override
-    public GovTokenDto listStaffCurrPermissions(String app, String client, String staffId) {
+    public GovTokenDto getUserDetails(String app, String client, String staffId) {
         return cpUserDetailRedis.get(app, client, staffId, GovTokenDto.class);
     }
 
@@ -111,4 +112,30 @@ public class AccessServiceImpl implements AccessService {
         }
         return settings;
     }
+
+    @Override
+    public Set<RoleOpeScopeResultDTO> listAllRoleOperationScopesByRoleId(String roleId) {
+        Set<RoleOpeScopeResultDTO> roleAllOpeScopes = roleOpeScopeRedis.getRoleAllOpeScopes(roleId);
+        if (roleAllOpeScopes == null) {
+            roleAllOpeScopes = new HashSet<>();
+            Set<RoleOpeScopeResultDTO> roleAllOpeScopesResult = operationScopeDao.listAllRoleOperationScopesByRoleId(roleId);
+            for (RoleOpeScopeResultDTO opeAndScope : roleAllOpeScopesResult) {
+                if (StringUtils.isBlank(opeAndScope.getScopeKey())) {
+                    // 没有人为配置scope，则使用角色默认配置
+                    String scopeKey = operationScopeDao.getDefaultScopeKeyForOperation(opeAndScope.getOperationKey());
+                    if (StringUtils.isNotBlank(scopeKey)) {
+                        String scopeIndex = operationScopeDao.getScopeIndexByScopeKey(scopeKey);
+                        opeAndScope.setScopeKey(scopeKey);
+                        opeAndScope.setScopeIndex(scopeIndex);
+                        roleAllOpeScopes.add(opeAndScope);
+                        // 有默认scope配置的才返回
+                    }
+                } else {
+                    roleAllOpeScopes.add(opeAndScope);
+                }
+            }
+            roleOpeScopeRedis.setRoleAllOpeScopes(roleId, roleAllOpeScopes);
+        }
+        return roleAllOpeScopes;
+    }
 }

epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml

@@ -27,5 +27,32 @@
           and os.DEL_FLAG = '0'
     </select>
 
+    <!--查询角色所有operation及其范围-->
+    <select id="listAllRoleOperationScopesByRoleId" resultType="com.epmet.dto.result.RoleOpeScopeResultDTO">
+        SELECT ope.ROLE_ID,
+               ope.OPERATION_KEY,
+               ro.SCOPE_KEY,
+               os.SCOPE_INDEX
+        FROM role_operation ope
+                 LEFT JOIN role_scope ro
+                           ON (ope.ROLE_ID = ro.ROLE_ID AND ope.OPERATION_KEY = ro.OPERATION_KEY AND ro.DEL_FLAG = 0)
+                 LEFT JOIN operation_scope os
+                           ON (ro.SCOPE_KEY = os.SCOPE_KEY)
+        WHERE ope.ROLE_ID = #{roleId}
+          AND ope.DEL_FLAG = 0
+    </select>
+
+    <select id="getDefaultScopeKeyForOperation" resultType="java.lang.String">
+        SELECT def.SCOPE_KEY
+        FROM operation_scope_default def
+        WHERE def.OPERATION_KEY = #{operationKey};
+    </select>
+
+    <select id="getScopeIndexByScopeKey" resultType="java.lang.String">
+        SELECT SCOPE_INDEX
+        FROM operation_scope scope
+        WHERE scope.SCOPE_KEY = #{scopeKey}
+    </select>
+
 
 </mapper>

epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java

@@ -2,7 +2,10 @@ package com.epmet.feign;
 
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.OperationScopeDTO;
+import com.epmet.dto.form.OperationScopeFormDTO;
 import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.dto.result.RoleOperationResultDTO;
 import com.epmet.feign.fallback.GovAccessFeignClientFallback;
 import org.springframework.cloud.openfeign.FeignClient;
@@ -11,11 +14,13 @@ import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 
 import java.util.List;
+import java.util.Set;
 
 /**
  * @Description
  * @Author sun
  */
+//url = "localhost:8099"
 @FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class)
 public interface GovAccessFeignClient {
 
@@ -34,4 +39,20 @@ public interface GovAccessFeignClient {
      */
     @PostMapping("/gov/access/access/updatepermissioncache")
     Result updatePermissionCache(@RequestBody StaffPermCacheFormDTO staffPermCacheFormDTO);
+
+    /**
+     * 查询角色的操作key对应操作范围列表
+     * @param operationScopeFormDTO
+     * @return
+     */
+    @PostMapping("/gov/access/access/operationscopes")
+    Result<Set<OperationScopeDTO>> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO);
+
+    /**
+     * 查询角色所有operation及其范围(缓存)
+     * @return
+     */
+    @PostMapping("/gov/access/access/roleallopesandscopes/{roleId}")
+    Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId);
+
 }

epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java

@@ -56,6 +56,14 @@ public interface GovOrgFeignClient {
      * @param agencyId
      * @return
      */
-    @PostMapping("/gov/org/agency/{agencyId}")
+    @PostMapping("/gov/org/agency/agencybyid/{agencyId}")
     Result<CustomerAgencyDTO> getAgencyById(@PathVariable("agencyId") String agencyId);
+
+    /**
+     * 根据staffId查询所属的组织机构
+     * @param staffId
+     * @return
+     */
+    @PostMapping("/gov/org/agency/agencybystaff/{staffId}")
+    Result<CustomerAgencyDTO> getAgencyByStaff(@PathVariable("staffId") String staffId);
 }

epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovAccessFeignClientFallback.java

@@ -3,13 +3,17 @@ package com.epmet.feign.fallback;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.OperationScopeDTO;
+import com.epmet.dto.form.OperationScopeFormDTO;
 import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.dto.result.RoleOperationResultDTO;
 import com.epmet.feign.GovAccessFeignClient;
 import org.springframework.stereotype.Component;
 import org.springframework.web.bind.annotation.RequestBody;
 
 import java.util.List;
+import java.util.Set;
 
 /**
  * @Description
@@ -32,4 +36,14 @@ public class GovAccessFeignClientFallback implements GovAccessFeignClient {
 	public Result updatePermissionCache(@RequestBody StaffPermCacheFormDTO staffPermCacheFormDTO) {
 		return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "updatePermissionCache");
 	}
+
+	@Override
+	public Result<Set<OperationScopeDTO>> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO) {
+		return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getOperationScopesByRoleId", operationScopeFormDTO);
+	}
+
+	@Override
+	public Result<Set<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(String roleId) {
+		return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listRoleAllOperationScopesByRoleId", roleId);
+	}
 }

epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallBack.java

@@ -34,6 +34,11 @@ public class GovOrgFeignClientFallBack implements GovOrgFeignClient {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getAgencyById", agencyId);
     }
 
+    @Override
+    public Result<CustomerAgencyDTO> getAgencyByStaff(String staffId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getAgencyByStaff", staffId);
+    }
+
     @Override
     public Result<LatestCustomerResultDTO> getLatestCustomer(String userId) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getLatestCustomer", userId);

epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/AccessService.java

@@ -1,6 +1,5 @@
 package com.epmet.service;
 
-import java.util.List;
 import java.util.Set;
 
 /**
@@ -15,4 +14,5 @@ public interface AccessService {
      * @return
      */
     Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String agencyId, String gridId);
+    //Set<String> listOpeKeysByStaffIdBak(String app, String client, String staffId, String agencyId, String gridId);
 }

epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java

@@ -1,28 +1,26 @@
 package com.epmet.service.impl;
 
+import com.epmet.commons.tools.constant.OpeScopeConstant;
 import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.RenException;
-import com.epmet.commons.tools.utils.CpUserDetailRedis;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.GovStaffRoleDTO;
-import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.OperationScopeDTO;
 import com.epmet.dto.form.StaffRoleFormDTO;
-import com.epmet.dto.result.RoleOperationResultDTO;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.feign.EpmetUserFeignClient;
 import com.epmet.feign.GovAccessFeignClient;
 import com.epmet.feign.GovOrgFeignClient;
 import com.epmet.service.AccessService;
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
 
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
+import java.util.*;
 
 @Service
 public class AccessServiceImpl implements AccessService {
@@ -38,6 +36,10 @@ public class AccessServiceImpl implements AccessService {
     @Autowired
     private GovOrgFeignClient govOrgFeignClient;
 
+    public static final String ORG_RELATION_SAME = "same";
+    public static final String ORG_RELATION_SUB = "sub";
+    public static final String ORG_RELATION_SUP = "sup";
+
     public List<GovStaffRoleDTO> queryGovStaffRoles(String staffId, String orgId) {
         List<GovStaffRoleDTO> roleDTOS = new ArrayList<>();
         StaffRoleFormDTO formDTO = new StaffRoleFormDTO();
@@ -51,55 +53,222 @@ public class AccessServiceImpl implements AccessService {
     }
 
     @Override
-    public Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String agencyId, String gridId) {
-        List<GovStaffRoleDTO> roleDTOS = new ArrayList<>();
+    public Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String currAgencyId, String currGridId) {
+
+        // 1.拿到所属组织机构信息
+        Result<CustomerAgencyDTO> agencyByStaffRst = govOrgFeignClient.getAgencyByStaff(staffId);
+        if (!agencyByStaffRst.success()) {
+            logger.error("根据StaffId查询所属单位出错,StaffId:{}, 错误信息:{}", staffId, agencyByStaffRst.getMsg());
+            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+        }
+        CustomerAgencyDTO belongAgency = agencyByStaffRst.getData();
+        if (belongAgency == null) {
+            logger.error("根据StaffId查询所属单位结果为空,StaffId:{}", staffId);
+            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+        }
+
+        // 2.拿到当前所处机关单位信息
+        Result<CustomerAgencyDTO> currAgencyRst = govOrgFeignClient.getAgencyById(currAgencyId);
+        CustomerAgencyDTO currAgencyDto = currAgencyRst.getData();
+        if (!currAgencyRst.success() || currAgencyDto == null) {
+            logger.error("根据当前机构id[{}]查询pids失败:{}", currAgencyId, currAgencyRst.getMsg());
+            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+        }
+
+        // 拿到该用户所属的组织机构的orgIdPath，拿到当前组织机构的orgIdPath，看当前组织机构的orgIdPath是否在用户所属的组织机构的orgIdPath下
+
         // 查询机关单位中的角色
-        roleDTOS.addAll(queryGovStaffRoles(staffId, agencyId));
-        // 查询网格中的角色
-        roleDTOS.addAll(queryGovStaffRoles(staffId, gridId));
+        List<GovStaffRoleDTO> roleDTOS = queryGovStaffRoles(staffId, belongAgency.getId());
 
         // 拼装操作key列表
-        Set<String> opeKeys = new HashSet<>();
+        //Set<String> opeKeys = new HashSet<>();
         // 角色ID列表
-        Set<String> roleIds = new HashSet<>();
+        //Set<String> roleIds = new HashSet<>();
+
+        // 当前组织和所属组织的orgId路径,以及他们的上下级关系
+        String belongOrgIdPath = getOrgIdPath(belongAgency);
+        String currOrgIdPath = getOrgIdPath(currAgencyDto);
+        String currOrgRelation = getCurrOrgRelation(belongOrgIdPath, currOrgIdPath);
+
+        HashSet<String> filtedOps = new HashSet<>();
         roleDTOS.forEach(roleDto -> {
             String roleId = roleDto.getId();
-            Result<List<RoleOperationResultDTO>> result = govAccessFeignClient.listOperationsByRoleId(roleId);
-            if (result.getCode() != 0) {
+            // 找出该角色的所有功能操作列表
+            Result<Set<RoleOpeScopeResultDTO>> result = govAccessFeignClient.listRoleAllOperationScopesByRoleId(roleId);
+            if (!result.success()) {
                 // 获取operation异常
                 logger.error("调用GovAccess，根据RoleId查询Operation列表失败:{}", result.getMsg());
                 throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
             }
-            List<RoleOperationResultDTO> roleOperations = result.getData();
-            // 角色id
-            roleIds.add(roleDto.getId());
-            if (!CollectionUtils.isEmpty(roleOperations)) {
-                roleOperations.forEach(roleOpe -> {
-                    if (roleOpe != null) {
-                        opeKeys.add(roleOpe.getOperationKey());
-                    }
+            Set<RoleOpeScopeResultDTO> roleOperations = result.getData();
+            filtedOps.addAll(filterOpesByScope(currOrgRelation, roleOperations));
         });
+        return filtedOps;
+    }
+
+    /**
+     * 根据上下级关系过滤出要返回的权限列表
+     *
+     * @param currOrgRelation
+     * @param roleOperations
+     * @return
+     */
+    private HashSet<String> filterOpesByScope(String currOrgRelation, Set<RoleOpeScopeResultDTO> roleOperations) {
+        HashSet<String> opeKeys = new HashSet<>();
+        roleOperations.stream().forEach(opeScope -> {
+            String scopeKey = opeScope.getScopeKey();
+            switch (currOrgRelation) {
+                case ORG_RELATION_SAME:// 就在所在机构下
+                    if (OpeScopeConstant.ORG_CURR.equals(scopeKey)
+                            || OpeScopeConstant.ORG_CURR_AND_SUB.equals(scopeKey)
+                            || OpeScopeConstant.ORG_CURR_AND_SUP.equals(scopeKey)) {
+                        opeKeys.add(opeScope.getOperationKey());
+                    }
+                    break;
+                case ORG_RELATION_SUB:// 所在机构的子级
+                    if (OpeScopeConstant.ORG_CURR_SUB.equals(scopeKey)
+                            || OpeScopeConstant.ORG_CURR_AND_SUB.equals(scopeKey)) {
+                        opeKeys.add(opeScope.getOperationKey());
+                    }
+                    break;
+                case ORG_RELATION_SUP:// 所在机构的上级
+                    if (OpeScopeConstant.ORG_CURR_SUP.equals(scopeKey)
+                            || OpeScopeConstant.ORG_CURR_AND_SUP.equals(scopeKey)) {
+                        opeKeys.add(opeScope.getOperationKey());
+                    }
+                    break;
             }
         });
+        return opeKeys;
+    }
 
-        // 查询该直属机关的orgIdPath
-        Result<CustomerAgencyDTO> agencyById = govOrgFeignClient.getAgencyById(agencyId);
-        if (!agencyById.success() || agencyById.getData() == null) {
-            logger.error("根据当前机构id[{}]查询pids失败:{}", agencyId, agencyById.getMsg());
-            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+    /**
+     * 获取当前所处机关与所属机关的关系
+     */
+    private String getCurrOrgRelation(String belongOrgPath, String currAgencyPath) {
+        if (belongOrgPath.equals(currAgencyPath)) {
+            // 当前机关即该人员所属机关
+            return ORG_RELATION_SAME;
+        } else if (currAgencyPath.indexOf(belongOrgPath.concat(":")) > -1) {
+            // 说明当前所在机关是人员所属机关子级,只取出scope为sub的
+            return ORG_RELATION_SUB;
+        } else if (belongOrgPath.indexOf(currAgencyPath.concat(":")) > -1) {
+            // 说明当前所在机关是人员所属机关的上级
+            return ORG_RELATION_SUP;
+        }
+        return belongOrgPath;
     }
 
-        // 将最新权限缓存到redis，为了尽量统一操作入口，调用gov-access接口实现
-        StaffPermCacheFormDTO staffPermCacheFormDTO = new StaffPermCacheFormDTO();
-        staffPermCacheFormDTO.setApp(app);
-        staffPermCacheFormDTO.setClient(client);
-        staffPermCacheFormDTO.setStaffId(staffId);
-        staffPermCacheFormDTO.setPermissions(opeKeys);
-        staffPermCacheFormDTO.setRoleIdList(roleIds);
-        staffPermCacheFormDTO.setGridId(gridId);
-        // 拼接orgIdPath
-        staffPermCacheFormDTO.setOrgIdPath(String.format("%s:%s", agencyById.getData().getPids(), agencyId));
-        govAccessFeignClient.updatePermissionCache(staffPermCacheFormDTO);
-        return opeKeys;
+    /**
+     * 获取组织的orgId路径
+     */
+    public String getOrgIdPath(CustomerAgencyDTO agency) {
+        // 拼接单位ID全路径
+        if ("0".equals(agency.getPid())) {
+            // 顶级组织
+            return agency.getId();
+        } else {
+            return agency.getPids().concat(":").concat(agency.getId());
+        }
+    }
+
+    //private boolean filterCurrOrgKeysByScope(Set<String> roleIds, String opeKey) {
+    //    for (String roleId : roleIds) {
+    //        Result<Set<RoleOpeScopeResultDTO>> result = govAccessFeignClient.listRoleAllOperationScopesByRoleId(roleId);
+    //        if (!result.success()) {
+    //            continue;
+    //        }
+    //        Set<RoleOpeScopeResultDTO> scopeDTOS = result.getData();
+    //        Set<String> scopeKeys = scopeDTOS.stream()
+    //                .filter(scope -> scope.getScopeKey().equals(opeKey))
+    //                .map(scope -> scope.getScopeKey())
+    //                .collect(Collectors.toSet());
+    //        if (scopeKeys.contains(OpeScopeConstant.ORG_CURR)
+    //                || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUB)
+    //                || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUP)) {
+    //            return true;
+    //        }
+    //    }
+    //    return false;
+    //}
+
+    //private boolean filterSubOrgKeysByScope(Set<String> roleIds, String opeKey) {
+    //    for (String roleId : roleIds) {
+    //        OperationScopeFormDTO opeScopeFormDTO = new OperationScopeFormDTO();
+    //        opeScopeFormDTO.setRoleId(roleId);
+    //        opeScopeFormDTO.setOperationKey(opeKey);
+    //        Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(opeScopeFormDTO);
+    //        if (!result.success()) {
+    //            continue;
+    //        }
+    //
+    //        Set<OperationScopeDTO> scopeDTOS = result.getData();
+    //        Set<String> scopeKeys = scopeDTOS.stream().map(scope -> scope.getScopeKey()).collect(Collectors.toSet());
+    //        if (scopeKeys.contains(OpeScopeConstant.ORG_CURR_SUB)
+    //                || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUB)) {
+    //            return true;
+    //        }
+    //    }
+    //    return false;
+    //}
+
+    //private boolean filterSupOrgKeysByScope(Set<String> roleIds, String opeKey) {
+    //    for (String roleId : roleIds) {
+    //        OperationScopeFormDTO opeScopeFormDTO = new OperationScopeFormDTO();
+    //        opeScopeFormDTO.setRoleId(roleId);
+    //        opeScopeFormDTO.setOperationKey(opeKey);
+    //        Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(opeScopeFormDTO);
+    //        if (!result.success()) {
+    //            continue;
+    //        }
+    //
+    //        Set<OperationScopeDTO> scopeDTOS = result.getData();
+    //        Set<String> scopeKeys = scopeDTOS.stream().map(scope -> scope.getScopeKey()).collect(Collectors.toSet());
+    //        if (scopeKeys.contains(OpeScopeConstant.ORG_CURR_SUP)
+    //                || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUP)) {
+    //            return true;
+    //        }
+    //    }
+    //    return false;
+    //}
+
+    /**
+     * 过滤有效范围
+     *
+     * @param scopeDTOS
+     * @return
+     */
+    private HashSet<String> filteScopes(Set<OperationScopeDTO> scopeDTOS) {
+        HashMap<String, OperationScopeDTO> filtedScopes = new HashMap<>();
+
+        for (OperationScopeDTO scope : scopeDTOS) {
+            String scopeIndex = scope.getScopeIndex();
+            if (StringUtils.isBlank(scopeIndex)) {
+                continue;
+            }
+            String[] currArr = scopeIndex.split("_");
+            if ("0".equals(currArr[1])) {
+                // 为0，说明没有包含关系，直接放入
+                filtedScopes.put(scopeIndex, scope);
+                continue;
+            }
+
+            OperationScopeDTO tempScope = filtedScopes.get(currArr[0]);
+            if (tempScope != null) {
+                // 已经有ac开头的了
+                String tempScopeIndex = tempScope.getScopeIndex();
+                if (Integer.valueOf(currArr[1]) < Integer.valueOf(tempScopeIndex.split("_")[1])) {
+                    filtedScopes.put(currArr[0], scope);
+                }
+            } else {
+                filtedScopes.put(currArr[0], scope);
+            }
+        }
+        HashSet<String> scopeStrs = new HashSet<>();
+        Set<Map.Entry<String, OperationScopeDTO>> entries = filtedScopes.entrySet();
+        for (Map.Entry<String, OperationScopeDTO> entry : entries) {
+            scopeStrs.add(entry.getValue().getScopeKey());
+        }
+        return scopeStrs;
     }
 }

epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/result/GridByStaffResultDTO.java

@@ -0,0 +1,11 @@
+package com.epmet.dto.result;
+
+import lombok.Data;
+
+@Data
+public class GridByStaffResultDTO {
+
+    private String gridId;
+    private String gridName;
+
+}

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/AgencyController.java

@@ -126,7 +126,7 @@ public class AgencyController {
      * @param agencyId
      * @return
      */
-    @PostMapping("{agencyId}")
+    @PostMapping("agencybyid/{agencyId}")
     public Result<CustomerAgencyDTO> getAgencyById(@PathVariable("agencyId") String agencyId) {
         CustomerAgencyEntity agency = agencyService.getAgencyById(agencyId);
         CustomerAgencyDTO customerAgencyDTO = new CustomerAgencyDTO();
@@ -134,6 +134,22 @@ public class AgencyController {
             BeanUtils.copyProperties(agency, customerAgencyDTO);
             return new Result<CustomerAgencyDTO>().ok(customerAgencyDTO);
         }
+        return new Result<>();
+    }
+
+    /**
+     * 根据staffId查询
+     * @param staffId
+     * @return
+     */
+    @PostMapping("agencybystaff/{staffId}")
+    public Result<CustomerAgencyDTO> getAgencyByStaff(@PathVariable("staffId") String staffId) {
+        CustomerAgencyEntity agencyEntity = agencyService.getAgencyByStaff(staffId);
+        CustomerAgencyDTO customerAgencyDTO = new CustomerAgencyDTO();
+        if (agencyEntity != null) {
+            BeanUtils.copyProperties(agencyEntity, customerAgencyDTO);
+            return new Result<CustomerAgencyDTO>().ok(customerAgencyDTO);
+        }
         return new Result<CustomerAgencyDTO>();
     }
 

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/GridController.java

@@ -5,18 +5,11 @@ import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.form.*;
 import com.epmet.commons.tools.validator.ValidatorUtils;
-import com.epmet.dto.result.AddGridResultDTO;
-import com.epmet.dto.result.CommonStaffInfoResultDTO;
-import com.epmet.dto.result.GridBaseInfoResultDTO;
-import com.epmet.dto.result.GridDetailResultDTO;
-import com.epmet.dto.result.GridListInfoResultDTO;
+import com.epmet.dto.result.*;
 import com.epmet.service.CustomerGridService;
 import com.epmet.service.CustomerStaffAgencyService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
 
@@ -141,4 +134,15 @@ public class GridController {
         ValidatorUtils.validateEntity(tokenDto);
         return customerGridService.removeGridStaff(commonGridStaffInfoFormDTO);
     }
+
+    /**
+     * 查询工作人员所有的网格
+     * @param staffId
+     * @return
+     */
+    @PostMapping("gridsbystaffid/{staffId}")
+    public Result<List<GridByStaffResultDTO>> listGridsbystaffid(@PathVariable("staffId") String staffId) {
+        List<GridByStaffResultDTO> grids = customerGridService.listGridsbystaffid(staffId);
+        return new Result<List<GridByStaffResultDTO>>().ok(grids);
+    }
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerAgencyDao.java

@@ -77,4 +77,6 @@ public interface CustomerAgencyDao extends BaseDao<CustomerAgencyEntity> {
      * @Description 查询当前组织的所有下级组织列表
      **/
     List<CustomerAgencyDTO> selectFindList(CustomerAgencyDTO customerAgencyDTO);
+
+    CustomerAgencyEntity getAgencyByStaffId(@Param("staffId") String staffId);
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerGridDao.java

@@ -20,20 +20,15 @@ package com.epmet.dao;
 import com.epmet.commons.mybatis.dao.BaseDao;
 import com.epmet.dto.form.ListCustomerGridFormDTO;
 import com.epmet.dto.form.SelectGridNameByGridIdFormDTO;
-import com.epmet.dto.result.CustomerGridForStrangerResultDTO;
+import com.epmet.dto.result.*;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.CustomerGridDTO;
 import com.epmet.dto.CustomerStaffGridDTO;
 import com.epmet.dto.UserIdDTO;
 import com.epmet.dto.form.CustomerGridFormDTO;
-import com.epmet.dto.result.SelectGridNameByGridIdResultDTO;
 import com.epmet.dto.form.DeleteGridFormDTO;
 import com.epmet.dto.form.ListCustomerGridFormDTO;
-import com.epmet.dto.result.AddGridResultDTO;
-import com.epmet.dto.result.CustomerGridByUserIdResultDTO;
 import com.epmet.dto.result.CustomerGridForStrangerResultDTO;
-import com.epmet.dto.result.GridDetailResultDTO;
-import com.epmet.dto.result.GridBaseInfoResultDTO;
 import com.epmet.entity.CustomerGridEntity;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Param;
@@ -164,4 +159,6 @@ public interface CustomerGridDao extends BaseDao<CustomerGridEntity> {
      * @Date 2020.04.23 15:30
      **/
     List<GridBaseInfoResultDTO> selectGridListByAgencyId(@Param("agencyId")String agencyId,@Param("pageSize")Integer pageSize);
+
+    List<GridByStaffResultDTO> listGridsbystaffid(@Param("staffId") String staffId);
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/AgencyService.java

@@ -88,4 +88,6 @@ public interface AgencyService {
      * @return
      */
     CustomerAgencyEntity getAgencyById(String agencyId);
+
+    CustomerAgencyEntity getAgencyByStaff(String staffId);
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/CustomerGridService.java

@@ -31,10 +31,8 @@ import com.epmet.dto.form.SelectGridNameByGridIdFormDTO;
 import com.epmet.dto.result.CustomerGridForStrangerResultDTO;
 import com.epmet.dto.result.SelectGridNameByGridIdResultDTO;
 import com.epmet.dto.result.GridInfoResultDTO;
-import com.epmet.dto.result.GridInfoResultDTO;
 import com.epmet.dto.result.*;
 import com.epmet.entity.CustomerGridEntity;
-import org.springframework.web.bind.annotation.RequestBody;
 
 import java.util.List;
 import java.util.Map;
@@ -219,4 +217,6 @@ public interface CustomerGridService extends BaseService<CustomerGridEntity> {
      * @Description 根据网格id查询所属组织信息、根据网格Id查询网格下所有工作人员列表
      **/
     Result<AgencyAndStaffsResultDTO> getAgencyAndStaffsBygridId(String gridId);
+
+    List<GridByStaffResultDTO> listGridsbystaffid(String staffId);
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/AgencyServiceImpl.java

@@ -244,4 +244,9 @@ public class AgencyServiceImpl implements AgencyService {
     public CustomerAgencyEntity getAgencyById(String agencyId) {
         return customerAgencyDao.selectById(agencyId);
     }
+
+    @Override
+    public CustomerAgencyEntity getAgencyByStaff(String staffId) {
+        return customerAgencyDao.getAgencyByStaffId(staffId);
+    }
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerGridServiceImpl.java

@@ -36,7 +36,6 @@ import com.epmet.dto.form.*;
 import com.epmet.dto.result.*;
 import com.epmet.entity.CustomerGridEntity;
 import com.epmet.feign.EpmetUserFeignClient;
-import com.epmet.resi.partymember.dto.warmhearted.form.ResiWarmheartedFormDTO;
 import com.epmet.service.CustomerAgencyService;
 import com.epmet.service.CustomerGridService;
 import com.epmet.service.CustomerStaffGridService;
@@ -498,4 +497,9 @@ public class CustomerGridServiceImpl extends BaseServiceImpl<CustomerGridDao, Cu
         agencyAndStaffsResultDTO.setStaffList(staffList);
         return result.ok(agencyAndStaffsResultDTO);
     }
+
+    @Override
+    public List<GridByStaffResultDTO> listGridsbystaffid(String staffId) {
+        return baseDao.listGridsbystaffid(staffId);
+    }
 }

epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml

@@ -84,4 +84,11 @@
             AND ca.pids LIKE concat('%', #{pids}, '%')
         </if>
     </select>
+
+    <select id="getAgencyByStaffId" resultType="com.epmet.entity.CustomerAgencyEntity">
+        SELECT ca.*
+        FROM customer_staff_agency csa
+               INNER JOIN customer_agency ca ON (csa.AGENCY_ID = ca.ID)
+        WHERE csa.USER_ID = #{staffId}
+    </select>
 </mapper>

epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerGridDao.xml

@@ -251,4 +251,13 @@
         </where>
     </select>
 
+    <select id="listGridsbystaffid" resultType="com.epmet.dto.result.GridByStaffResultDTO">
+        SELECT g.ID as gridId, g.GRID_NAME as gridName
+        FROM customer_staff_grid sg
+                 INNER JOIN customer_grid g ON (sg.GRID_ID = g.ID)
+        WHERE sg.DEL_FLAG = '0'
+          AND g.DEL_FLAG = '0'
+          AND sg.USER_ID = #{staffId}
+    </select>
+
 </mapper>

epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java

@@ -45,7 +45,7 @@ public interface StaffRoleDao extends BaseDao<StaffRoleEntity> {
      * @param orgId
      * @return
      */
-    //@DataFilter(tableAliases = { "sr" })
+    @DataFilter(tableAliases = { "sr" })
     List<GovStaffRoleResultDTO> listStaffIdsByRoleKeyAndOrgId(@Param("roleKey") String roleKey, @Param("orgId") String orgId,
                                                               @Param("dataScope") DataScope dataScope);