diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java
index 14ce3af0a1..13910a6f3a 100644
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java
@@ -1,19 +1,23 @@
 /**
  * Copyright (c) 2018 人人开源 All rights reserved.
- *
+ * <p>
  * https://www.renren.io
- *
+ * <p>
  * 版权所有，侵权必究！
  */
 
 package com.epmet.commons.mybatis.aspect;
 
+import com.epmet.commons.mybatis.annotation.DataFilter;
+import com.epmet.commons.mybatis.constant.OpeScopeConstant;
+import com.epmet.commons.mybatis.dto.form.OperationScopeDTO;
+import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO;
+import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO;
 import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO;
 import com.epmet.commons.mybatis.entity.DataScope;
 import com.epmet.commons.mybatis.feign.GovAccessFeignClient;
 import com.epmet.commons.tools.aspect.AccessOpeAspect;
 import com.epmet.commons.tools.exception.EpmetErrorCode;
-import com.epmet.commons.tools.exception.ErrorCode;
 import com.epmet.commons.tools.exception.RenException;
 import com.epmet.commons.tools.security.user.LoginUserUtil;
 import com.epmet.commons.tools.utils.Result;
@@ -21,15 +25,14 @@ import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.reflect.MethodSignature;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.util.CollectionUtils;
 
-import java.util.Arrays;
-import java.util.List;
-import java.util.Set;
+import java.util.*;
 
 /**
  * 数据过滤，切面处理类
@@ -49,31 +52,59 @@ public class DataFilterAspect {
     @Autowired
     private GovAccessFeignClient govAccessFeignClient;
 
+    public static final String orgIdPathSpliter = ":";
+
     @Before("@annotation(com.epmet.commons.mybatis.annotation.DataFilter)")
     public void dataFilter(JoinPoint point) {
-        // 反射的方式
-        //MethodSignature signature = (MethodSignature) point.getSignature();
-        //Class[] parameterTypes = signature.getParameterTypes();
-        //for (Class parameterType : parameterTypes) {
-        //    if (parameterType == DataScope.class) {
-        //
-        //    }
-        //}
-
-        String reqiurePermission = AccessOpeAspect.requirePermissionTl.get();
+        // 通过反射，取到注解属性
+        DataFilter dataFilterAnno = ((MethodSignature) point.getSignature()).getMethod().getAnnotation(DataFilter.class);
+        String tableAlias = dataFilterAnno.tableAlias();
+
+        // 从ThreadLocal中取所需权限
+        String requirePermission = AccessOpeAspect.requirePermissionTl.get();
         // 没有配置所需权限，不做操作，打印提示日志
-        if (StringUtils.isBlank(reqiurePermission)) {
+        if (StringUtils.isBlank(requirePermission)) {
             log.warn("Api编码需要指定所需权限，请在Api上使用@RequirePermission注解完成所需权限配置");
             return;
         }
 
+        String app = loginUserUtil.getLoginUserApp();
+        String client = loginUserUtil.getLoginUserClient();
+        String userId = loginUserUtil.getLoginUserId();
+
+        StaffPermissionFormDTO staffPermissionFormDTO = new StaffPermissionFormDTO();
+        staffPermissionFormDTO.setApp(app);
+        staffPermissionFormDTO.setClient(client);
+        staffPermissionFormDTO.setStaffId(userId);
+        Result<StaffPermCacheResultDTO> result = govAccessFeignClient.getStaffCurrPermissions(staffPermissionFormDTO);
+
+        if (result.getCode() != 0) {
+            // 查询不到权限，记录日志，抛出8000异常
+            log.error("调用Access查询权限失败:{}", result.getMsg());
+            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+        }
+
+        StaffPermCacheResultDTO permCacheResultDTO = result.getData();
+
+        if (permCacheResultDTO == null || CollectionUtils.isEmpty(permCacheResultDTO.getPermissions())) {
+            log.error("操作权限不足，查询不到权限");
+            throw new RenException(EpmetErrorCode.REQUIRE_PERMISSION.getCode());
+        }
+
         // 校验操作权限
-        validateOpePermission(reqiurePermission);
+        validateOpePermission(permCacheResultDTO.getPermissions(), requirePermission);
 
+        // 生成过滤sql
         Object[] methodArgs = point.getArgs();
         for (Object methodArg : methodArgs) {
             if (methodArg instanceof DataScope) {
-                ((DataScope) methodArg).setSqlFilter(getSqlFilterSegment());
+                ((DataScope) methodArg).setSqlFilter(getSqlFilterSegment(
+                        userId,
+                        permCacheResultDTO.getRoleIdList(),
+                        requirePermission,
+                        permCacheResultDTO.getOrgIdPath(),
+                        permCacheResultDTO.getGridId(),
+                        tableAlias));
                 return;
             }
         }
@@ -84,38 +115,216 @@ public class DataFilterAspect {
     /**
      * 校验操作权限
      */
-    private void validateOpePermission(String requirePermission) {
-        StaffPermissionFormDTO staffPermissionFormDTO = new StaffPermissionFormDTO();
-        staffPermissionFormDTO.setApp(loginUserUtil.getLoginUserApp());
-        staffPermissionFormDTO.setClient(loginUserUtil.getLoginUserClient());
-        staffPermissionFormDTO.setStaffId(loginUserUtil.getLoginUserId());
-        Result<Set<String>> permissions = govAccessFeignClient.getStaffCurrPermissions(staffPermissionFormDTO);
-        if (permissions.getCode() != 0) {
-            // 查询不到权限，记录日志，抛出8000异常
-            log.error("调用Access查询权限失败:{}", permissions.getMsg());
-            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+    private void validateOpePermission(Set<String> permissions, String reqiurePermission) {
+        if (!permissions.contains(reqiurePermission)) {
+            // 权限不足
+            log.error("操作权限不足");
+            throw new RenException(EpmetErrorCode.REQUIRE_PERMISSION.getCode());
         }
-
-        if (!CollectionUtils.isEmpty(permissions.getData()) && StringUtils.isNotBlank(requirePermission)
-                && permissions.getData().contains(requirePermission)) {
-            // 权限允许，正常结束
-            return;
-        }
-        // 权限不足抛出异常
-        throw new RenException(EpmetErrorCode.REQUIRE_PERMISSION.getCode());
     }
 
     /**
      * 生成过滤sql片段
+     *
      * @return
      */
-    private String getSqlFilterSegment() {
+    private String getSqlFilterSegment(String userId,Set<String> roleIds, String reqiurePermission, String orgIdPath, String gridId, String tableAlias) {
         // 根据角色列表查询操作范围列表
+        Set<OperationScopeDTO> scopeDTOS = new HashSet<>();
+        roleIds.forEach(roleId -> {
+            OperationScopeFormDTO osformDto = new OperationScopeFormDTO();
+            osformDto.setRoleId(roleId);
+            osformDto.setOperationKey(reqiurePermission);
+            Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto);
+            if (result.success()) {
+                scopeDTOS.addAll(result.getData());
+            }
+        });
+
+        // 过滤范围
+        HashSet<String> scopes = filteScopes(scopeDTOS);
+        if (CollectionUtils.isEmpty(scopes)) {
+            // 没有范围限制
+            return "";
+        }
+        StringBuilder sb = new StringBuilder();
+
+        // 1.生成sql:组织范围过滤
+        genOrgScopeSql(sb, orgIdPath, scopes, tableAlias);
+
+        // 2.生成sql:我发起的
+        genIStartedSql(sb, userId, tableAlias);
+
+        // 3.生成sql:本网格的
+        genInGrid(sb, gridId, tableAlias);
+
+        //sb.append(")");
+        System.out.println("生成的过滤sql：" + sb.toString());
+        return sb.toString();
+    }
+
+    /**
+     * 网格sql
+     * @param sb
+     * @param gridId
+     * @param tableAlias
+     */
+    private void genInGrid(StringBuilder sb, String gridId, String tableAlias) {
+        if (StringUtils.isBlank(tableAlias)) {
+            sb.append(" OR GRID_ID ='").append(gridId).append("'");
+        } else {
+            sb.append(" OR ").append(tableAlias).append(".GRID_ID ='").append(gridId).append("'");
+        }
+    }
+
+    /**
+     * sql：我发起的
+     * @param userId
+     */
+    private void genIStartedSql(StringBuilder sb, String userId, String tableAlias) {
+        if (StringUtils.isBlank(tableAlias)) {
+            sb.append(" OR CREATED_BY ='").append(userId).append("'");
+        } else {
+            sb.append(" OR ").append(tableAlias).append(".CREATED_BY ='").append(userId).append("'");
+        }
+    }
+
+    /**
+     * 计算组织范围过滤sql，整体入口
+     * @param sb
+     * @param orgIdPath
+     * @param scopes
+     */
+    public void genOrgScopeSql(StringBuilder sb, String orgIdPath, HashSet<String> scopes, String tableAlias) {
+        // 取出父组织ID path 和当前组织ID
+        String pOrgPath = orgIdPath.substring(0, orgIdPath.lastIndexOf(orgIdPathSpliter));
+        String currOrgPath = orgIdPath.substring(orgIdPath.lastIndexOf(orgIdPathSpliter) + 1);
+        genOrgScopeSql(sb, scopes, currOrgPath, pOrgPath, tableAlias);
+        sb.replace(sb.lastIndexOf("OR"), sb.lastIndexOf("OR") + 3, "");
+    }
+
+    /**
+     * 计算组织范围过滤sql
+     * @param scopes
+     * @param currOrg
+     * @param pOrgPath
+     * @return
+     */
+    private void genOrgScopeSql(StringBuilder sb,HashSet<String> scopes, String currOrg, String pOrgPath, String tableAlias) {
+        for (String scope : scopes) {
+            switch (scope) {
+                case OpeScopeConstant.ORG_CURR:
+                    if (StringUtils.isBlank(tableAlias)) {
+                        sb.append(" ORG_ID = '").append(currOrg).append("' OR ");
+                    } else {
+                        sb.append(" ").append(tableAlias).append(".ORG_ID = '").append(currOrg).append("' OR ");
+                    }
+                    break;
+                case OpeScopeConstant.ORG_CURR_AND_SUB:
+                    if (StringUtils.isBlank(tableAlias)) {
+                        sb.append(" ORG_ID_PATH like '").append(pOrgPath).append("%' ").append(" OR ");
+                    } else {
+                        sb.append(" ").append(tableAlias).append(".ORG_ID_PATH like '").append(pOrgPath).append("%' ").append(" OR ");
+                    }
+                    break;
+                case OpeScopeConstant.ORG_CURR_SUB:
+                    if (StringUtils.isBlank(tableAlias)) {
+                        sb.append(" ORG_ID_PATH like '").append(pOrgPath).append(orgIdPathSpliter).append(currOrg).append("%' ").append(" OR ");
+                    } else {
+                        sb.append(" ").append(tableAlias).append(".ORG_ID_PATH like '").append(pOrgPath).append(orgIdPathSpliter).append(currOrg).append("%' ").append(" OR ");
+                    }
+                    break;
+                case OpeScopeConstant.ORG_EQUAL:
+                    // todo 同级
+                    //sb.append(" OR ");
+                    break;
+                case OpeScopeConstant.ORG_EQUAL_AND_SUB:
+                    // todo 同级及其子级
+                    //sb.append(" OR ");
+                    break;
+                case OpeScopeConstant.ORG_EQUAL_SUB:
+                    // todo 同级的子级
+                    //sb.append(" OR ");
+                    break;
+            }
+        }
+    }
+
+    /**
+     * 过滤有效范围
+     *
+     * @param scopeDTOS
+     * @return
+     */
+    private HashSet<String> filteScopes(Set<OperationScopeDTO> scopeDTOS) {
+        HashMap<String, OperationScopeDTO> filtedScopes = new HashMap<>();
+
+        for (OperationScopeDTO scope : scopeDTOS) {
+            String scopeIndex = scope.getScopeIndex();
+            String[] currArr = scopeIndex.split("_");
+            if ("0".equals(currArr[1])) {
+                // 为0，说明没有包含关系，直接放入
+                filtedScopes.put(scopeIndex, scope);
+                continue;
+            }
+
+            OperationScopeDTO tempScope = filtedScopes.get(currArr[0]);
+            if (tempScope != null) {
+                // 已经有ac开头的了
+                String tempScopeIndex = tempScope.getScopeIndex();
+                if (Integer.valueOf(currArr[1]) < Integer.valueOf(tempScopeIndex.split("_")[1])) {
+                    filtedScopes.put(currArr[0], scope);
+                }
+            } else {
+                filtedScopes.put(currArr[0], scope);
+            }
+        }
+        HashSet<String> scopeStrs = new HashSet<>();
+        Set<Map.Entry<String, OperationScopeDTO>> entries = filtedScopes.entrySet();
+        for (Map.Entry<String, OperationScopeDTO> entry : entries) {
+            scopeStrs.add(entry.getValue().getScopeKey());
+        }
+        return scopeStrs;
+    }
+
+    /**
+     * 模拟范围数据
+     *
+     * @return
+     */
+    private Set<OperationScopeDTO> genScopeDtos() {
+        OperationScopeDTO scopeDTO1 = new OperationScopeDTO();
+        scopeDTO1.setScopeKey("org_curr");
+        scopeDTO1.setScopeName("本机关");
+        scopeDTO1.setScopeIndex("ac_0");
+
+        OperationScopeDTO scopeDTO2 = new OperationScopeDTO();
+        scopeDTO2.setScopeKey("org_curr_and_sub");
+        scopeDTO2.setScopeName("本机关及下级");
+        scopeDTO2.setScopeIndex("ac_501");
+
+        OperationScopeDTO scopeDTO3 = new OperationScopeDTO();
+        scopeDTO3.setScopeKey("org_curr_sub");
+        scopeDTO3.setScopeName("本机关的下级");
+        scopeDTO3.setScopeIndex("ac_502");
+
+        OperationScopeDTO scopeDTO4 = new OperationScopeDTO();
+        scopeDTO4.setScopeKey("org_equal_and_sub");
+        scopeDTO4.setScopeName("同级机关及下级");
+        scopeDTO4.setScopeIndex("ae_601");
 
-        // 拼接sql语句
+        OperationScopeDTO scopeDTO5 = new OperationScopeDTO();
+        scopeDTO5.setScopeKey("org_equal_sub");
+        scopeDTO5.setScopeName("同级机关的下级");
+        scopeDTO5.setScopeIndex("ae_602");
 
-        // TODO
-        return "dept_id in (1,2,3)";
+        Set<OperationScopeDTO> scopeDTOS = new HashSet<>();
+        scopeDTOS.add(scopeDTO1);
+        scopeDTOS.add(scopeDTO2);
+        scopeDTOS.add(scopeDTO3);
+        scopeDTOS.add(scopeDTO4);
+        scopeDTOS.add(scopeDTO5);
+        return scopeDTOS;
     }
 
     ///**
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/OpeScopeConstant.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/OpeScopeConstant.java
new file mode 100644
index 0000000000..3d415ffb30
--- /dev/null
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/OpeScopeConstant.java
@@ -0,0 +1,17 @@
+package com.epmet.commons.mybatis.constant;
+
+public class OpeScopeConstant {
+    //"同级组织的下级"
+    public static final String ORG_EQUAL_SUB = "org_equal_sub";
+    //"同级组织及下级"
+    public static final String ORG_EQUAL_AND_SUB = "org_equal_and_sub";
+    //"同级组织"
+    public static final String ORG_EQUAL = "org_equal";
+    //"本组织的下级"
+    public static final String ORG_CURR_SUB = "org_curr_sub";
+    //"本组织及下级"
+    public static final String ORG_CURR_AND_SUB = "org_curr_and_sub";
+    //"本组织"
+    public static final String ORG_CURR = "org_curr";
+
+}
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeDTO.java
new file mode 100644
index 0000000000..3e65b753d7
--- /dev/null
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeDTO.java
@@ -0,0 +1,92 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+import java.io.Serializable;
+import java.util.Date;
+
+
+/**
+ * 权限范围表
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+@Data
+public class OperationScopeDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * id
+     */
+	private String id;
+
+    /**
+     * 角色id
+     */
+    private String roleId;
+
+    /**
+     * 范围key
+     */
+	private String scopeKey;
+
+    /**
+     * 范围名称
+     */
+	private String scopeName;
+
+    /**
+     * 范围序号
+     */
+	private String scopeIndex;
+
+    /**
+     * 是否删除，0：未删除，1：已删除
+     */
+	private Integer delFlag;
+
+    /**
+     * 乐观锁
+     */
+	private Integer revision;
+
+    /**
+     * 创建者id
+     */
+	private String createdBy;
+
+    /**
+     * 创建时间
+     */
+	private Date createdTime;
+
+    /**
+     * 更新者id
+     */
+	private String updatedBy;
+
+    /**
+     * 更新时间
+     */
+	private Date updatedTime;
+
+}
\ No newline at end of file
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeFormDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeFormDTO.java
new file mode 100644
index 0000000000..fe5aca825b
--- /dev/null
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeFormDTO.java
@@ -0,0 +1,18 @@
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+@Data
+public class OperationScopeFormDTO {
+
+    public interface ListOperationScopeGroup {}
+
+    @NotBlank(message = "角色ID不能为空", groups = {ListOperationScopeGroup.class})
+    private String roleId;
+
+    @NotBlank(message = "操作的key不能为空", groups = {ListOperationScopeGroup.class})
+    private String operationKey;
+
+}
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java
new file mode 100644
index 0000000000..7775756b38
--- /dev/null
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java
@@ -0,0 +1,30 @@
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+import java.util.Set;
+
+@Data
+public class StaffPermCacheResultDTO {
+
+    /**
+     * 权限列表
+     */
+    private Set<String> permissions;
+
+    /**
+     * 角色列表
+     */
+    private Set<String> roleIdList;
+
+    /**
+     * 机构Id
+     */
+    private String orgIdPath;
+
+    /**
+     * 网格ID
+     */
+    private String gridId;
+
+}
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java
index 198d996bc9..50b20890e7 100644
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java
@@ -1,12 +1,17 @@
 package com.epmet.commons.mybatis.feign;
 
+import com.epmet.commons.mybatis.dto.form.OperationScopeDTO;
+import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO;
+import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO;
 import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO;
 import com.epmet.commons.mybatis.feign.fallback.GovAccessFeignClientFallback;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 
+import java.util.List;
 import java.util.Set;
 
 /**
@@ -17,10 +22,18 @@ import java.util.Set;
 public interface GovAccessFeignClient {
 
     /**
-     * 查询用户当前权限列表(DataFilterAspect中用到)
+     * 查询用户当前权限列表
      * @return
      */
     @PostMapping("/gov/access/access/getcurrpermissions")
-    Result<Set<String>> getStaffCurrPermissions(StaffPermissionFormDTO dto);
+    Result<StaffPermCacheResultDTO> getStaffCurrPermissions(StaffPermissionFormDTO dto);
+
+    /**
+     * 查询角色的操作key对应操作范围列表
+     * @param operationScopeFormDTO
+     * @return
+     */
+    @PostMapping("/gov/access/access/operationscopes")
+    Result<Set<OperationScopeDTO>> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO);
 
 }
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java
index 3c5ccd599b..6dfa1b89cc 100644
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java
@@ -1,5 +1,8 @@
 package com.epmet.commons.mybatis.feign.fallback;
 
+import com.epmet.commons.mybatis.dto.form.OperationScopeDTO;
+import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO;
+import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO;
 import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO;
 import com.epmet.commons.mybatis.feign.GovAccessFeignClient;
 import com.epmet.commons.tools.constant.ServiceConstant;
@@ -19,7 +22,12 @@ import java.util.Set;
 public class GovAccessFeignClientFallback implements GovAccessFeignClient {
 
     @Override
-    public Result<Set<String>> getStaffCurrPermissions(StaffPermissionFormDTO dto) {
+    public Result<StaffPermCacheResultDTO> getStaffCurrPermissions(StaffPermissionFormDTO dto) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getStaffCurrPermissions", dto);
     }
+
+    @Override
+    public Result<Set<OperationScopeDTO>> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getOperationScopesByRoleId", operationScopeFormDTO);
+    }
 }
diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java
index 046c012da4..d26f7525a1 100644
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java
@@ -10,9 +10,9 @@ package com.epmet.commons.mybatis.interceptor;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
-import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 import com.baomidou.mybatisplus.extension.handlers.AbstractSqlParserHandler;
 import com.epmet.commons.mybatis.entity.DataScope;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.ibatis.executor.statement.StatementHandler;
 import org.apache.ibatis.mapping.BoundSql;
 import org.apache.ibatis.mapping.MappedStatement;
@@ -43,10 +43,10 @@ public class DataFilterInterceptor extends AbstractSqlParserHandler implements I
         this.sqlParser(metaObject);
 
         // 先判断是不是SELECT操作
-        MappedStatement mappedStatement = (MappedStatement) metaObject.getValue("delegate.mappedStatement");
-        if (!SqlCommandType.SELECT.equals(mappedStatement.getSqlCommandType())) {
-            return invocation.proceed();
-        }
+        //MappedStatement mappedStatement = (MappedStatement) metaObject.getValue("delegate.mappedStatement");
+        //if (!SqlCommandType.SELECT.equals(mappedStatement.getSqlCommandType())) {
+        //    return invocation.proceed();
+        //}
 
         // 针对定义了rowBounds，做为mapper接口方法的参数
         BoundSql boundSql = (BoundSql) metaObject.getValue("delegate.boundSql");
@@ -79,12 +79,18 @@ public class DataFilterInterceptor extends AbstractSqlParserHandler implements I
         // 拼接新SQL
         String orderBy = "ORDER BY";
         String groupBy = "GROUP BY";
+        String sqlFilter = scope.getSqlFilter();
+        if (originalSql.indexOf("WHERE") == 0) {
+            // 不包含where，需要手动拼接上
+            sqlFilter = " WHERE ".concat(sqlFilter);
+        }
+
         if (originalSql.indexOf(groupBy) > -1) {
-            originalSql = originalSql.replace(groupBy, scope.getSqlFilter() + groupBy);
+            originalSql = originalSql.replace(groupBy, sqlFilter + groupBy);
         } else if (originalSql.indexOf(orderBy) > -1) {
-            originalSql = originalSql.replace(orderBy, scope.getSqlFilter() + orderBy);
+            originalSql = originalSql.replace(orderBy, sqlFilter + orderBy);
         } else {
-            originalSql = originalSql + scope.getSqlFilter();
+            originalSql = originalSql.concat(" AND (").concat(scope.getSqlFilter()).concat(")");
         }
 
         // 重写SQL
diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/aspect/AccessOpeAspect.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/aspect/AccessOpeAspect.java
index eeeedc6508..72070ee6e1 100644
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/aspect/AccessOpeAspect.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/aspect/AccessOpeAspect.java
@@ -37,8 +37,6 @@ public class AccessOpeAspect {
         RequirePermission requirePermissionAnno = methodSignature.getMethod().getAnnotation(RequirePermission.class);
         String key = requirePermissionAnno.key();
         String desc = requirePermissionAnno.desc();
-        System.out.println(key);
-        System.out.println(desc);
 
         // 放入ThreadLocal，供DataFilterAspect中使用
         requirePermissionTl.set(key);
diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java
index 199e38e235..6598010561 100644
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java
@@ -207,4 +207,14 @@ public class RedisKeys {
 	public static String getLoginSmsCodeKey(String app, String client, String phone) {
 		return String.format(rootPrefix+"smsCode:login:%s:%s:%s",app,client,phone);
 	}
+
+	/**
+	 * 角色的操作权限对应的可操作范围
+	 * @param roleId 角色ID
+	 * @param opeKey 操作Key
+	 * @return
+	 */
+	public static String getRoleOpeScopesKey(String roleId, String opeKey) {
+		return rootPrefix.concat("gov:access:role:opescopes:").concat(roleId).concat(opeKey);
+	}
 }
diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java
index 7088bb10a3..49d6cb15a3 100644
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java
@@ -34,6 +34,16 @@ public class GovTokenDto extends BaseTokenDto implements Serializable {
      */
     private String customerId;
 
+    /**
+     * 过期时间戳
+     */
+    private Long expireTime;
+
+    /**
+     * 最后一次更新时间
+     */
+    private long updateTime;
+
     /**
      * 当前登录的组织id(顶级)
      */
@@ -55,18 +65,13 @@ public class GovTokenDto extends BaseTokenDto implements Serializable {
     private List<String> deptIdList;
 
     /**
-     * 过期时间戳
-     */
-    private Long expireTime;
-
-    /**
-     * 最后一次更新时间
+     * 功能权限列表，实际上是gov_staff => staff_role => role_operation查询到的operationKey
      */
-    private long updateTime;
+    private Set<String> permissions;
 
     /**
-     * 功能权限列表，实际上是gov_staff => staff_role => role_operation查询到的operationKey
+     * 角色ID列表
      */
-    private Set<String> permissions;
+    private Set<String> roleIdList;
 }
 
diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/OperationScopeDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/OperationScopeDTO.java
new file mode 100644
index 0000000000..19e1111e96
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/OperationScopeDTO.java
@@ -0,0 +1,81 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.dto;
+
+import java.io.Serializable;
+import java.util.Date;
+import lombok.Data;
+
+
+/**
+ * 权限范围表
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+@Data
+public class OperationScopeDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * id
+     */
+	private String id;
+
+    /**
+     * 范围key
+     */
+	private String scopeKey;
+
+    /**
+     * 范围名称
+     */
+	private String scopeName;
+
+    /**
+     * 是否删除，0：未删除，1：已删除
+     */
+	private Integer delFlag;
+
+    /**
+     * 乐观锁
+     */
+	private Integer revision;
+
+    /**
+     * 创建者id
+     */
+	private String createdBy;
+
+    /**
+     * 创建时间
+     */
+	private Date createdTime;
+
+    /**
+     * 更新者id
+     */
+	private String updatedBy;
+
+    /**
+     * 更新时间
+     */
+	private Date updatedTime;
+
+}
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/RoleScopeDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/RoleScopeDTO.java
new file mode 100644
index 0000000000..17f8866215
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/RoleScopeDTO.java
@@ -0,0 +1,86 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.dto;
+
+import java.io.Serializable;
+import java.util.Date;
+import lombok.Data;
+
+
+/**
+ * 角色能操作哪些范围
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+@Data
+public class RoleScopeDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 
+     */
+	private String id;
+
+    /**
+     * 角色ID
+     */
+	private String roleId;
+
+    /**
+     * 操作key
+     */
+	private String operationKey;
+
+    /**
+     * 范围Key
+     */
+	private String scopeKey;
+
+    /**
+     * 是否删除，0：未删除，1：已删除
+     */
+	private Integer delFlag;
+
+    /**
+     * 乐观锁
+     */
+	private Integer revision;
+
+    /**
+     * 创建者id
+     */
+	private String createdBy;
+
+    /**
+     * 创建时间
+     */
+	private Date createdTime;
+
+    /**
+     * 更新者id
+     */
+	private String updatedBy;
+
+    /**
+     * 更新时间
+     */
+	private Date updatedTime;
+
+}
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/OperationScopeFormDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/OperationScopeFormDTO.java
new file mode 100644
index 0000000000..af992b7d51
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/OperationScopeFormDTO.java
@@ -0,0 +1,18 @@
+package com.epmet.dto.form;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+@Data
+public class OperationScopeFormDTO {
+
+    public interface ListOperationScopeGroup {}
+
+    @NotBlank(message = "角色ID不能为空", groups = {ListOperationScopeGroup.class})
+    private String roleId;
+
+    @NotBlank(message = "操作的key不能为空", groups = {ListOperationScopeGroup.class})
+    private String operationKey;
+
+}
diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/StaffPermCacheFormDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/StaffPermCacheFormDTO.java
index 56907e52af..191314af0a 100644
--- a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/StaffPermCacheFormDTO.java
+++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/StaffPermCacheFormDTO.java
@@ -36,9 +36,19 @@ public class StaffPermCacheFormDTO {
     @NotBlank(message = "登录头信息client不能为空", groups = {UpdatePermissionCache.class, GetStaffCurrPermissions.class})
     private String client;
 
+    /**
+     * 组织ID路径
+     */
+    private String orgIdPath;
+
     /**
      * 权限列表
      */
     private Set<String> permissions;
 
+    /**
+     * 角色列表
+     */
+    private Set<String> roleIdList;
+
 }
diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java
new file mode 100644
index 0000000000..fbafb374e7
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java
@@ -0,0 +1,28 @@
+package com.epmet.dto.result;
+
+import lombok.Data;
+
+@Data
+public class RoleOpeScopeResultDTO {
+
+    /**
+     * 角色ID
+     */
+    private String roleId;
+
+    /**
+     * 范围key
+     */
+    private String scopeKey;
+
+    /**
+     * 范围名称
+     */
+    private String scopeName;
+
+    /**
+     * 范围序号
+     */
+    private String scopeIndex;
+
+}
diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java
new file mode 100644
index 0000000000..ce24cf9501
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java
@@ -0,0 +1,31 @@
+package com.epmet.dto.result;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import java.util.Set;
+
+@Data
+public class StaffPermCacheResultDTO {
+
+    /**
+     * 权限列表
+     */
+    private Set<String> permissions;
+
+    /**
+     * 角色列表
+     */
+    private Set<String> roleIdList;
+
+    /**
+     * 组织ID
+     */
+    private String orgIdPath;
+
+    /**
+     * 网格ID
+     */
+    private String gridId;
+
+}
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java
index aa954dc584..e34df14a06 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java
@@ -1,15 +1,21 @@
 package com.epmet.controller;
 
+import com.epmet.commons.tools.security.dto.GovTokenDto;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.commons.tools.validator.ValidatorUtils;
+import com.epmet.dto.OperationScopeDTO;
+import com.epmet.dto.form.OperationScopeFormDTO;
 import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
+import com.epmet.dto.result.StaffPermCacheResultDTO;
+import com.epmet.entity.OperationScopeEntity;
 import com.epmet.service.AccessService;
+import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
+import java.util.ArrayList;
+import java.util.List;
 import java.util.Set;
 
 /**
@@ -37,7 +43,9 @@ public class AccessController {
         String app = staffPermCacheFormDTO.getApp();
         String client = staffPermCacheFormDTO.getClient();
         Set<String> permissions = staffPermCacheFormDTO.getPermissions();
-        accessService.updatePermissionCache(staffId, app, client, permissions);
+        Set<String> roleIdList = staffPermCacheFormDTO.getRoleIdList();
+        String orgId = staffPermCacheFormDTO.getOrgIdPath();
+        accessService.updatePermissionCache(staffId, app, client, permissions, roleIdList, orgId);
         return new Result();
     }
 
@@ -46,9 +54,28 @@ public class AccessController {
      * @return
      */
     @PostMapping("getcurrpermissions")
-    public Result<Set<String>> getStaffCurrPermissions(@RequestBody StaffPermCacheFormDTO dto) {
+    public Result<StaffPermCacheResultDTO> getStaffCurrPermissions(@RequestBody StaffPermCacheFormDTO dto) {
         ValidatorUtils.validateEntity(dto, StaffPermCacheFormDTO.GetStaffCurrPermissions.class);
-        Set<String> permissions = accessService.listStaffCurrPermissions(dto.getApp(), dto.getClient(), dto.getStaffId());
-        return new Result<Set<String>>().ok(permissions);
+        GovTokenDto govTokenDto = accessService.listStaffCurrPermissions(dto.getApp(), dto.getClient(), dto.getStaffId());
+        StaffPermCacheResultDTO resultDTO = null;
+        if (govTokenDto != null) {
+            resultDTO = new StaffPermCacheResultDTO();
+            resultDTO.setPermissions(govTokenDto.getPermissions());
+            resultDTO.setRoleIdList(govTokenDto.getRoleIdList());
+            resultDTO.setOrgIdPath(govTokenDto.getOrgIdPath());
+            resultDTO.setGridId(govTokenDto.getGridId());
+        }
+        return new Result<StaffPermCacheResultDTO>().ok(resultDTO);
+    }
+
+    /**
+     * 查询角色的操作key对应操作范围列表(缓存)
+     * @return
+     */
+    @PostMapping("operationscopes")
+    public Result<Set<RoleOpeScopeResultDTO>> getOperationScopesByRoleId(@RequestBody OperationScopeFormDTO operationScopeFormDTO) {
+        ValidatorUtils.validateEntity(operationScopeFormDTO, OperationScopeFormDTO.ListOperationScopeGroup.class);
+        Set<RoleOpeScopeResultDTO> scopes = accessService.listOperationScopesByRoleId(operationScopeFormDTO.getRoleId(), operationScopeFormDTO.getOperationKey());
+        return new Result<Set<RoleOpeScopeResultDTO>>().ok(scopes);
     }
 }
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java
new file mode 100644
index 0000000000..4ac02b7f91
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java
@@ -0,0 +1,47 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.dao;
+
+import com.epmet.commons.mybatis.dao.BaseDao;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
+import com.epmet.entity.OperationScopeEntity;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+import org.springframework.context.annotation.Scope;
+
+import java.util.List;
+import java.util.Set;
+
+/**
+ * 权限范围表
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+@Mapper
+public interface OperationScopeDao extends BaseDao<OperationScopeEntity> {
+
+    /**
+     * 查询角色的操作key对应操作范围列表
+     * @param roleId 角色id
+     * @param operationKey 操作key
+     * @return
+     */
+    Set<RoleOpeScopeResultDTO> listOperationScopesByRoleId(@Param("roleId") String roleId,
+                                            @Param("operationKey") String operationKey);
+}
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOperationRedis.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/RoleScopeDao.java
similarity index 61%
rename from epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOperationRedis.java
rename to epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/RoleScopeDao.java
index d57c02ebde..60982f5528 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOperationRedis.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/RoleScopeDao.java
@@ -15,33 +15,19 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package com.epmet.redis;
+package com.epmet.dao;
 
-import com.epmet.commons.tools.redis.RedisUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
+import com.epmet.commons.mybatis.dao.BaseDao;
+import com.epmet.entity.RoleScopeEntity;
+import org.apache.ibatis.annotations.Mapper;
 
 /**
- * 角色能进行那些操作
+ * 角色能操作哪些范围
  *
  * @author generator generator@elink-cn.com
- * @since v1.0.0 2020-04-22
+ * @since v1.0.0 2020-04-24
  */
-@Component
-public class RoleOperationRedis {
-    @Autowired
-    private RedisUtils redisUtils;
-
-    public void delete(Object[] ids) {
-
-    }
-
-    public void set(){
-
-    }
-
-    public String get(String id){
-        return null;
-    }
-
+@Mapper
+public interface RoleScopeDao extends BaseDao<RoleScopeEntity> {
+	
 }
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/OperationScopeEntity.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/OperationScopeEntity.java
new file mode 100644
index 0000000000..2fd6b18361
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/OperationScopeEntity.java
@@ -0,0 +1,51 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.entity;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+
+import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.util.Date;
+
+/**
+ * 权限范围表
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+@Data
+@EqualsAndHashCode(callSuper=false)
+@TableName("operation_scope")
+public class OperationScopeEntity extends BaseEpmetEntity {
+
+	private static final long serialVersionUID = 1L;
+
+    /**
+     * 范围key
+     */
+	private String scopeKey;
+
+    /**
+     * 范围名称
+     */
+	private String scopeName;
+
+}
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/RoleScopeEntity.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/RoleScopeEntity.java
new file mode 100644
index 0000000000..2c3c6f21dc
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/RoleScopeEntity.java
@@ -0,0 +1,56 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.entity;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+
+import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.util.Date;
+
+/**
+ * 角色能操作哪些范围
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+@Data
+@EqualsAndHashCode(callSuper=false)
+@TableName("role_scope")
+public class RoleScopeEntity extends BaseEpmetEntity {
+
+	private static final long serialVersionUID = 1L;
+
+    /**
+     * 角色ID
+     */
+	private String roleId;
+
+    /**
+     * 操作key
+     */
+	private String operationKey;
+
+    /**
+     * 范围Key
+     */
+	private String scopeKey;
+
+}
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java
new file mode 100644
index 0000000000..cd929c692d
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java
@@ -0,0 +1,43 @@
+package com.epmet.redis;
+
+import cn.hutool.core.bean.BeanUtil;
+import com.epmet.commons.tools.redis.RedisKeys;
+import com.epmet.commons.tools.redis.RedisUtils;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.util.Set;
+
+/**
+ * 角色的操作权限对应的操作范围Redis
+ */
+@Component
+public class RoleOpeScopeRedis {
+
+    @Autowired
+    private RedisUtils redisUtils;
+
+    /**
+     * 缓存角色操作范围
+     * @param roleId
+     * @param opeKey
+     * @param scopes
+     */
+    public void setRoleOpeScopes(String roleId, String opeKey, Set<RoleOpeScopeResultDTO> scopes) {
+        String roleOpeScopesKey = RedisKeys.getRoleOpeScopesKey(roleId, opeKey);
+        redisUtils.set(roleOpeScopesKey, scopes);
+    }
+
+    /**
+     * 查询角色操作范围
+     * @param roleId
+     * @param opeKey
+     * @return
+     */
+    public Set<RoleOpeScopeResultDTO> getRoleOpeScopes(String roleId, String opeKey) {
+        String roleOpeScopesKey = RedisKeys.getRoleOpeScopesKey(roleId, opeKey);
+        return (Set<RoleOpeScopeResultDTO>)redisUtils.get(roleOpeScopesKey);
+    }
+
+}
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java
index a9e5150db8..df16e1e9df 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java
@@ -1,5 +1,10 @@
 package com.epmet.service;
 
+import com.epmet.commons.tools.security.dto.GovTokenDto;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
+import com.epmet.entity.OperationScopeEntity;
+
+import java.util.List;
 import java.util.Set;
 
 public interface AccessService {
@@ -8,11 +13,19 @@ public interface AccessService {
      * @param staffId
      * @param permissions
      */
-    void updatePermissionCache(String staffId, String app, String client, Set<String> permissions);
+    void updatePermissionCache(String staffId, String app, String client, Set<String> permissions, Set<String> roleIdList, String orgIdPath);
 
     /**
      * 查询用户当前权限列表
      * @return
      */
-    Set<String> listStaffCurrPermissions(String app, String client, String staffId);
+    GovTokenDto listStaffCurrPermissions(String app, String client, String staffId);
+
+    /**
+     * 查询角色的操作key对应操作范围列表
+     * @param roleId
+     * @param operationKey
+     * @return
+     */
+    Set<RoleOpeScopeResultDTO> listOperationScopesByRoleId(String roleId, String operationKey);
 }
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/OperationScopeService.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/OperationScopeService.java
new file mode 100644
index 0000000000..cb24b913c0
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/OperationScopeService.java
@@ -0,0 +1,95 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.service;
+
+import com.epmet.commons.mybatis.service.BaseService;
+import com.epmet.commons.tools.page.PageData;
+import com.epmet.dto.OperationScopeDTO;
+import com.epmet.entity.OperationScopeEntity;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 权限范围表
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+public interface OperationScopeService extends BaseService<OperationScopeEntity> {
+
+    /**
+     * 默认分页
+     *
+     * @param params
+     * @return PageData<OperationScopeDTO>
+     * @author generator
+     * @date 2020-04-24
+     */
+    PageData<OperationScopeDTO> page(Map<String, Object> params);
+
+    /**
+     * 默认查询
+     *
+     * @param params
+     * @return java.util.List<OperationScopeDTO>
+     * @author generator
+     * @date 2020-04-24
+     */
+    List<OperationScopeDTO> list(Map<String, Object> params);
+
+    /**
+     * 单条查询
+     *
+     * @param id
+     * @return OperationScopeDTO
+     * @author generator
+     * @date 2020-04-24
+     */
+    OperationScopeDTO get(String id);
+
+    /**
+     * 默认保存
+     *
+     * @param dto
+     * @return void
+     * @author generator
+     * @date 2020-04-24
+     */
+    void save(OperationScopeDTO dto);
+
+    /**
+     * 默认更新
+     *
+     * @param dto
+     * @return void
+     * @author generator
+     * @date 2020-04-24
+     */
+    void update(OperationScopeDTO dto);
+
+    /**
+     * 批量删除
+     *
+     * @param ids
+     * @return void
+     * @author generator
+     * @date 2020-04-24
+     */
+    void delete(String[] ids);
+}
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/RoleScopeService.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/RoleScopeService.java
new file mode 100644
index 0000000000..34cdd6e07f
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/RoleScopeService.java
@@ -0,0 +1,95 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.service;
+
+import com.epmet.commons.mybatis.service.BaseService;
+import com.epmet.commons.tools.page.PageData;
+import com.epmet.dto.RoleScopeDTO;
+import com.epmet.entity.RoleScopeEntity;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 角色能操作哪些范围
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+public interface RoleScopeService extends BaseService<RoleScopeEntity> {
+
+    /**
+     * 默认分页
+     *
+     * @param params
+     * @return PageData<RoleScopeDTO>
+     * @author generator
+     * @date 2020-04-24
+     */
+    PageData<RoleScopeDTO> page(Map<String, Object> params);
+
+    /**
+     * 默认查询
+     *
+     * @param params
+     * @return java.util.List<RoleScopeDTO>
+     * @author generator
+     * @date 2020-04-24
+     */
+    List<RoleScopeDTO> list(Map<String, Object> params);
+
+    /**
+     * 单条查询
+     *
+     * @param id
+     * @return RoleScopeDTO
+     * @author generator
+     * @date 2020-04-24
+     */
+    RoleScopeDTO get(String id);
+
+    /**
+     * 默认保存
+     *
+     * @param dto
+     * @return void
+     * @author generator
+     * @date 2020-04-24
+     */
+    void save(RoleScopeDTO dto);
+
+    /**
+     * 默认更新
+     *
+     * @param dto
+     * @return void
+     * @author generator
+     * @date 2020-04-24
+     */
+    void update(RoleScopeDTO dto);
+
+    /**
+     * 批量删除
+     *
+     * @param ids
+     * @return void
+     * @author generator
+     * @date 2020-04-24
+     */
+    void delete(String[] ids);
+}
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
index cd846aa3b8..34e458ec6a 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
@@ -1,7 +1,11 @@
 package com.epmet.service.impl;
 
+import com.epmet.commons.tools.exception.ExceptionUtils;
 import com.epmet.commons.tools.security.dto.GovTokenDto;
 import com.epmet.commons.tools.utils.CpUserDetailRedis;
+import com.epmet.dao.OperationScopeDao;
+import com.epmet.dto.result.RoleOpeScopeResultDTO;
+import com.epmet.redis.RoleOpeScopeRedis;
 import com.epmet.service.AccessService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -9,7 +13,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
 
-import java.util.HashSet;
 import java.util.Set;
 
 @Service
@@ -20,19 +23,28 @@ public class AccessServiceImpl implements AccessService {
     @Autowired
     private CpUserDetailRedis cpUserDetailRedis;
 
+    @Autowired
+    private OperationScopeDao operationScopeDao;
+
+    @Autowired
+    private RoleOpeScopeRedis roleOpeScopeRedis;
+
     /**
      * 更新权限缓存
      * @param staffId
      * @param permissions
      */
     @Override
-    public void updatePermissionCache(String staffId, String app, String client, Set<String> permissions) {
+    public void updatePermissionCache(String staffId, String app, String client, Set<String> permissions, Set<String> roleIdList, String orgIdPath) {
         GovTokenDto govTokenDto = cpUserDetailRedis.get(app, client, staffId, GovTokenDto.class);
         if (govTokenDto == null) {
             logger.warn("更新[{}]用户缓存:Redis中不存在该用户TokenDto缓存信息", staffId);
             return ;
         }
+        // 将权限，角色列表，和当前组织ID存入TokenDto
         govTokenDto.setPermissions(permissions);
+        govTokenDto.setRoleIdList(roleIdList);
+        govTokenDto.setOrgIdPath(orgIdPath);
 
         // 将新的TokenDto更新到redis中
         long expire = cpUserDetailRedis.getExpire(app, client, staffId);
@@ -41,11 +53,28 @@ public class AccessServiceImpl implements AccessService {
     }
 
     @Override
-    public Set<String> listStaffCurrPermissions(String app, String client, String staffId) {
-        GovTokenDto govTokenDto = cpUserDetailRedis.get(app, client, staffId, GovTokenDto.class);
-        if (govTokenDto == null || CollectionUtils.isEmpty(govTokenDto.getPermissions())) {
-            return new HashSet<>();
+    public GovTokenDto listStaffCurrPermissions(String app, String client, String staffId) {
+        return cpUserDetailRedis.get(app, client, staffId, GovTokenDto.class);
+    }
+
+    /**
+     * 查询角色的操作key对应操作范围列表
+     * @param roleId
+     * @param operationKey
+     * @return
+     */
+    public Set<RoleOpeScopeResultDTO> listOperationScopesByRoleId(String roleId, String operationKey) {
+        Set<RoleOpeScopeResultDTO> roleOpeScopes = roleOpeScopeRedis.getRoleOpeScopes(roleId, operationKey);
+        if (roleOpeScopes != null) {
+            return roleOpeScopes;
+        }
+        Set<RoleOpeScopeResultDTO> scopes = operationScopeDao.listOperationScopesByRoleId(roleId, operationKey);
+        try {
+            roleOpeScopeRedis.setRoleOpeScopes(roleId, operationKey, scopes);
+        } catch (Exception e) {
+            String errorStackTrace = ExceptionUtils.getErrorStackTrace(e);
+            logger.error("GovAccess:查询角色的操作范围:缓存范围出错:{}", errorStackTrace);
         }
-        return new HashSet<>(govTokenDto.getPermissions());
+        return scopes;
     }
 }
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/OperationScopeServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/OperationScopeServiceImpl.java
new file mode 100644
index 0000000000..e582395fe2
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/OperationScopeServiceImpl.java
@@ -0,0 +1,101 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.service.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.epmet.commons.mybatis.service.impl.BaseServiceImpl;
+import com.epmet.commons.tools.page.PageData;
+import com.epmet.commons.tools.utils.ConvertUtils;
+import com.epmet.commons.tools.constant.FieldConstant;
+import com.epmet.dao.OperationScopeDao;
+import com.epmet.dto.OperationScopeDTO;
+import com.epmet.entity.OperationScopeEntity;
+import com.epmet.service.OperationScopeService;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 权限范围表
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+@Service
+public class OperationScopeServiceImpl extends BaseServiceImpl<OperationScopeDao, OperationScopeEntity> implements OperationScopeService {
+
+
+    @Override
+    public PageData<OperationScopeDTO> page(Map<String, Object> params) {
+        IPage<OperationScopeEntity> page = baseDao.selectPage(
+                getPage(params, FieldConstant.CREATED_TIME, false),
+                getWrapper(params)
+        );
+        return getPageData(page, OperationScopeDTO.class);
+    }
+
+    @Override
+    public List<OperationScopeDTO> list(Map<String, Object> params) {
+        List<OperationScopeEntity> entityList = baseDao.selectList(getWrapper(params));
+
+        return ConvertUtils.sourceToTarget(entityList, OperationScopeDTO.class);
+    }
+
+    private QueryWrapper<OperationScopeEntity> getWrapper(Map<String, Object> params){
+        String id = (String)params.get(FieldConstant.ID_HUMP);
+
+        QueryWrapper<OperationScopeEntity> wrapper = new QueryWrapper<>();
+        wrapper.eq(StringUtils.isNotBlank(id), FieldConstant.ID, id);
+
+        return wrapper;
+    }
+
+    @Override
+    public OperationScopeDTO get(String id) {
+        OperationScopeEntity entity = baseDao.selectById(id);
+        return ConvertUtils.sourceToTarget(entity, OperationScopeDTO.class);
+    }
+
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public void save(OperationScopeDTO dto) {
+        OperationScopeEntity entity = ConvertUtils.sourceToTarget(dto, OperationScopeEntity.class);
+        insert(entity);
+    }
+
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public void update(OperationScopeDTO dto) {
+        OperationScopeEntity entity = ConvertUtils.sourceToTarget(dto, OperationScopeEntity.class);
+        updateById(entity);
+    }
+
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public void delete(String[] ids) {
+        // 逻辑删除（@TableLogic 注解）
+        baseDao.deleteBatchIds(Arrays.asList(ids));
+    }
+
+}
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleOperationServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleOperationServiceImpl.java
index bb6d914d2e..a690363b33 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleOperationServiceImpl.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleOperationServiceImpl.java
@@ -27,7 +27,6 @@ import com.epmet.dao.RoleOperationDao;
 import com.epmet.dto.RoleOperationDTO;
 import com.epmet.dto.result.RoleOperationResultDTO;
 import com.epmet.entity.RoleOperationEntity;
-import com.epmet.redis.RoleOperationRedis;
 import com.epmet.service.RoleOperationService;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -47,9 +46,6 @@ import java.util.Map;
 @Service
 public class RoleOperationServiceImpl extends BaseServiceImpl<RoleOperationDao, RoleOperationEntity> implements RoleOperationService {
 
-    @Autowired
-    private RoleOperationRedis roleOperationRedis;
-
     @Override
     public PageData<RoleOperationDTO> page(Map<String, Object> params) {
         IPage<RoleOperationEntity> page = baseDao.selectPage(
diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleScopeServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleScopeServiceImpl.java
new file mode 100644
index 0000000000..bff52f8d64
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleScopeServiceImpl.java
@@ -0,0 +1,100 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.service.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.epmet.commons.mybatis.service.impl.BaseServiceImpl;
+import com.epmet.commons.tools.page.PageData;
+import com.epmet.commons.tools.utils.ConvertUtils;
+import com.epmet.commons.tools.constant.FieldConstant;
+import com.epmet.dao.RoleScopeDao;
+import com.epmet.dto.RoleScopeDTO;
+import com.epmet.entity.RoleScopeEntity;
+import com.epmet.service.RoleScopeService;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 角色能操作哪些范围
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-24
+ */
+@Service
+public class RoleScopeServiceImpl extends BaseServiceImpl<RoleScopeDao, RoleScopeEntity> implements RoleScopeService {
+
+    @Override
+    public PageData<RoleScopeDTO> page(Map<String, Object> params) {
+        IPage<RoleScopeEntity> page = baseDao.selectPage(
+                getPage(params, FieldConstant.CREATED_TIME, false),
+                getWrapper(params)
+        );
+        return getPageData(page, RoleScopeDTO.class);
+    }
+
+    @Override
+    public List<RoleScopeDTO> list(Map<String, Object> params) {
+        List<RoleScopeEntity> entityList = baseDao.selectList(getWrapper(params));
+
+        return ConvertUtils.sourceToTarget(entityList, RoleScopeDTO.class);
+    }
+
+    private QueryWrapper<RoleScopeEntity> getWrapper(Map<String, Object> params){
+        String id = (String)params.get(FieldConstant.ID_HUMP);
+
+        QueryWrapper<RoleScopeEntity> wrapper = new QueryWrapper<>();
+        wrapper.eq(StringUtils.isNotBlank(id), FieldConstant.ID, id);
+
+        return wrapper;
+    }
+
+    @Override
+    public RoleScopeDTO get(String id) {
+        RoleScopeEntity entity = baseDao.selectById(id);
+        return ConvertUtils.sourceToTarget(entity, RoleScopeDTO.class);
+    }
+
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public void save(RoleScopeDTO dto) {
+        RoleScopeEntity entity = ConvertUtils.sourceToTarget(dto, RoleScopeEntity.class);
+        insert(entity);
+    }
+
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public void update(RoleScopeDTO dto) {
+        RoleScopeEntity entity = ConvertUtils.sourceToTarget(dto, RoleScopeEntity.class);
+        updateById(entity);
+    }
+
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public void delete(String[] ids) {
+        // 逻辑删除（@TableLogic 注解）
+        baseDao.deleteBatchIds(Arrays.asList(ids));
+    }
+
+}
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql b/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql
index bcc1d74a5d..93d8c2a148 100644
--- a/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql
+++ b/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql
@@ -10,6 +10,7 @@ CREATE TABLE `operation_scope`  (
   `ID` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT 'id',
   `SCOPE_KEY` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '范围key',
   `SCOPE_NAME` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '范围名称',
+  `SCOPE_INDEX` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '范围序号',
   `DEL_FLAG` tinyint(1) NULL DEFAULT NULL COMMENT '是否删除，0：未删除，1：已删除',
   `REVISION` int(10) NULL DEFAULT NULL COMMENT '乐观锁',
   `CREATED_BY` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '创建者id',
@@ -61,7 +62,8 @@ CREATE TABLE `role_operation`  (
 CREATE TABLE `role_scope`  (
   `ID` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL,
   `ROLE_ID` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '角色ID',
-  `SCOPE_KEY` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '范围Key',
+  `OPERATION_KEY` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '操作Key',
+  `SCOPE_KEY` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '范围Key',
   `DEL_FLAG` tinyint(1) NULL DEFAULT NULL COMMENT '是否删除，0：未删除，1：已删除',
   `REVISION` int(10) NULL DEFAULT NULL COMMENT '乐观锁',
   `CREATED_BY` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '创建者id',
diff --git a/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml
new file mode 100644
index 0000000000..ab6839e941
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="com.epmet.dao.OperationScopeDao">
+
+    <resultMap type="com.epmet.entity.OperationScopeEntity" id="operationScopeMap">
+        <result property="id" column="ID"/>
+        <result property="scopeKey" column="SCOPE_KEY"/>
+        <result property="scopeName" column="SCOPE_NAME"/>
+        <result property="delFlag" column="DEL_FLAG"/>
+        <result property="revision" column="REVISION"/>
+        <result property="createdBy" column="CREATED_BY"/>
+        <result property="createdTime" column="CREATED_TIME"/>
+        <result property="updatedBy" column="UPDATED_BY"/>
+        <result property="updatedTime" column="UPDATED_TIME"/>
+    </resultMap>
+
+    <!--查询角色的操作key对应操作范围列表-->
+    <select id="listOperationScopesByRoleId" resultType="com.epmet.dto.result.RoleOpeScopeResultDTO">
+        select os.SCOPE_KEY, os.SCOPE_NAME, rs.ROLE_ID, os.SCOPE_INDEX
+        from role_scope rs
+               inner join operation_scope os
+                          on (rs.SCOPE_KEY = os.SCOPE_KEY)
+        where rs.ROLE_ID = #{roleId}
+          and rs.OPERATION_KEY = #{operationKey}
+    </select>
+
+
+</mapper>
\ No newline at end of file
diff --git a/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/RoleScopeDao.xml b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/RoleScopeDao.xml
new file mode 100644
index 0000000000..fdca928212
--- /dev/null
+++ b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/RoleScopeDao.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="com.epmet.dao.RoleScopeDao">
+
+    <resultMap type="com.epmet.entity.RoleScopeEntity" id="roleScopeMap">
+        <result property="id" column="ID"/>
+        <result property="roleId" column="ROLE_ID"/>
+        <result property="operationKey" column="OPERATION_KEY"/>
+        <result property="scopeKey" column="SCOPE_KEY"/>
+        <result property="delFlag" column="DEL_FLAG"/>
+        <result property="revision" column="REVISION"/>
+        <result property="createdBy" column="CREATED_BY"/>
+        <result property="createdTime" column="CREATED_TIME"/>
+        <result property="updatedBy" column="UPDATED_BY"/>
+        <result property="updatedTime" column="UPDATED_TIME"/>
+    </resultMap>
+
+
+</mapper>
\ No newline at end of file
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/controller/AccessController.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/controller/AccessController.java
index 173e19243a..61944d3939 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/controller/AccessController.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/controller/AccessController.java
@@ -30,7 +30,7 @@ public class AccessController {
     private AccessService accessService;
 
     /**
-     * 查询用户可操作功能列表(包含缓存)
+     * 查询用户可操作功能列表(同时更新缓存)
      * @param tokenDto
      * @param staffOperationDTO
      * @return
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java
index 8cb514ad3f..b41a5e59ca 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java
@@ -16,7 +16,7 @@ import java.util.List;
  * @Description
  * @Author sun
  */
-@FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class)
+@FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class, url = "localhost:8099")
 public interface GovAccessFeignClient {
 
     /**
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java
index 737988fd0b..8c03d28764 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java
@@ -2,6 +2,7 @@ package com.epmet.feign;
 
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.form.LatestGridFormDTO;
 import com.epmet.dto.result.CustomerGridByUserIdResultDTO;
 import com.epmet.dto.result.LatestCustomerResultDTO;
@@ -49,4 +50,11 @@ public interface GovOrgFeignClient {
     @PostMapping(value = "/gov/org/customerstaffgrid/getstaffgrid")
     Result<CustomerGridByUserIdResultDTO> getStaffGrid(@RequestBody LatestGridFormDTO latestGridFormDTO);
 
+    /**
+     * 根据Id查询agency
+     * @param agencyId
+     * @return
+     */
+    @PostMapping("/gov/org/agency/{agencyId}")
+    Result<CustomerAgencyDTO> getAgencyById(@PathVariable("agencyId") String agencyId);
 }
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallBack.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallBack.java
index 818a325666..128f81bd50 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallBack.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallBack.java
@@ -3,6 +3,7 @@ package com.epmet.feign.fallback;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.form.LatestGridFormDTO;
 import com.epmet.dto.result.CustomerGridByUserIdResultDTO;
 import com.epmet.dto.result.LatestCustomerResultDTO;
@@ -28,6 +29,11 @@ public class GovOrgFeignClientFallBack implements GovOrgFeignClient {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getStaffGrid",latestGridFormDTO);
     }
 
+    @Override
+    public Result<CustomerAgencyDTO> getAgencyById(String agencyId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getAgencyById", agencyId);
+    }
+
     @Override
     public Result<LatestCustomerResultDTO> getLatestCustomer(String userId) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getLatestCustomer", userId);
diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
index 1da258978a..d76e2e2f34 100644
--- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
+++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
@@ -1,14 +1,20 @@
 package com.epmet.service.impl;
 
+import com.epmet.commons.tools.exception.EpmetErrorCode;
+import com.epmet.commons.tools.exception.RenException;
 import com.epmet.commons.tools.utils.CpUserDetailRedis;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.GovStaffRoleDTO;
 import com.epmet.dto.form.StaffPermCacheFormDTO;
 import com.epmet.dto.form.StaffRoleFormDTO;
 import com.epmet.dto.result.RoleOperationResultDTO;
 import com.epmet.feign.EpmetUserFeignClient;
 import com.epmet.feign.GovAccessFeignClient;
+import com.epmet.feign.GovOrgFeignClient;
 import com.epmet.service.AccessService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
@@ -21,12 +27,17 @@ import java.util.Set;
 @Service
 public class AccessServiceImpl implements AccessService {
 
+    private static Logger logger = LoggerFactory.getLogger(AccessServiceImpl.class);
+
     @Autowired
     private EpmetUserFeignClient userFeignClient;
 
     @Autowired
     private GovAccessFeignClient govAccessFeignClient;
 
+    @Autowired
+    private GovOrgFeignClient govOrgFeignClient;
+
     @Autowired
     private CpUserDetailRedis cpUserDetailRedis;
 
@@ -49,24 +60,46 @@ public class AccessServiceImpl implements AccessService {
             roleDTOS.addAll(gridResult.getData());
         }
 
-        // 拼装
+        // 拼装操作key列表
         Set<String> opeKeys = new HashSet<>();
+        // 角色ID列表
+        Set<String> roleIds = new HashSet<>();
         roleDTOS.forEach(roleDto -> {
             String roleId = roleDto.getId();
-            List<RoleOperationResultDTO> roleOperations = govAccessFeignClient.listOperationsByRoleId(roleId).getData();
-            roleOperations.forEach(roleOpe -> {
-                if (roleOpe != null) {
-                    opeKeys.add(roleOpe.getOperationKey());
-                }
-            });
+            Result<List<RoleOperationResultDTO>> result = govAccessFeignClient.listOperationsByRoleId(roleId);
+            if (result.getCode() != 0) {
+                // 获取operation异常
+                logger.error("调用GovAccess，根据RoleId查询Operation列表失败:{}", result.getMsg());
+                throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+            }
+            List<RoleOperationResultDTO> roleOperations = result.getData();
+            // 角色id
+            roleIds.add(roleDto.getId());
+            if (!CollectionUtils.isEmpty(roleOperations)) {
+                roleOperations.forEach(roleOpe -> {
+                    if (roleOpe != null) {
+                        opeKeys.add(roleOpe.getOperationKey());
+                    }
+                });
+            }
         });
 
+        // 查询该直属机关的orgIdPath
+        Result<CustomerAgencyDTO> agencyById = govOrgFeignClient.getAgencyById(agencyId);
+        if (agencyById.getCode() != 0 || agencyById.getData() == null) {
+            logger.error("根据当前机构id[{}]查询pids失败:{}", agencyId, agencyById.getMsg());
+            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
+        }
+
         // 将最新权限缓存到redis，为了尽量统一操作入口，调用gov-access接口实现
         StaffPermCacheFormDTO staffPermCacheFormDTO = new StaffPermCacheFormDTO();
         staffPermCacheFormDTO.setApp(app);
         staffPermCacheFormDTO.setClient(client);
         staffPermCacheFormDTO.setStaffId(staffId);
         staffPermCacheFormDTO.setPermissions(opeKeys);
+        staffPermCacheFormDTO.setRoleIdList(roleIds);
+        // 拼接orgIdPath
+        staffPermCacheFormDTO.setOrgIdPath(String.format("%s:%s", agencyById.getData().getPids(), agencyId));
         govAccessFeignClient.updatePermissionCache(staffPermCacheFormDTO);
         return opeKeys;
     }
diff --git a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/CustomerIdDTO.java b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/CustomerIdDTO.java
new file mode 100644
index 0000000000..d18a182d1e
--- /dev/null
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/CustomerIdDTO.java
@@ -0,0 +1,27 @@
+package com.epmet.dto;
+
+import lombok.Data;
+
+import java.io.Serializable;
+
+/**
+ * 根据userId查询customerId 的DTO
+ * @Auther zxc
+ * @Create 2020-04-24 15:57
+ */
+@Data
+public class CustomerIdDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * userId  用户id
+     */
+    private String userId;
+
+    /**
+     * customerId 客户id
+     */
+    private String customerId;
+
+}
diff --git a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentFormDTO.java b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentFormDTO.java
index 1188979f4a..57680d2ecd 100644
--- a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentFormDTO.java
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentFormDTO.java
@@ -16,20 +16,10 @@ package com.epmet.dto.form;
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-
 import lombok.Data;
 
 import javax.validation.constraints.NotBlank;
 import java.io.Serializable;
-import java.util.List;
-
-/**
- * 添加部门人员DTO
- * @Auther zxc
- * @Create 2020-04-24 14:51
-import javax.validation.constraints.NotBlank;
-import java.io.Serializable;
-
 
 /**
  * 添加部门-接口入参
@@ -41,16 +31,6 @@ public class AddDepartmentFormDTO implements Serializable {
 
     private static final long serialVersionUID = 1L;
 
-    /**
-     *部门id
-     */
-    private String departmentId;
-
-    /**
-     * 选中人员id
-     */
-    private List<String> selectedList;
-
     /**
      * 所属组织机构ID（customer_agency.id）
      */
diff --git a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentStaffFormDTO.java b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentStaffFormDTO.java
new file mode 100644
index 0000000000..96503be98e
--- /dev/null
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/AddDepartmentStaffFormDTO.java
@@ -0,0 +1,31 @@
+package com.epmet.dto.form;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import java.io.Serializable;
+import java.util.List;
+
+/**
+ * 添加部门人员DTO
+ * @Auther zxc
+ * @Create 2020-04-24 14:51
+ */
+@Data
+public class AddDepartmentStaffFormDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     *部门id
+     */
+    @NotBlank(message = "部门id不能为空")
+    private String departmentId;
+
+    /**
+     * 选中人员id
+     */
+    @NotBlank(message = "选中人员不能为空")
+    private List selectedList;
+
+}
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/AgencyController.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/AgencyController.java
index b8b8300489..728e6e03a8 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/AgencyController.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/AgencyController.java
@@ -18,17 +18,17 @@
 package com.epmet.controller;
 
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerAgencyDTO;
 import com.epmet.dto.form.*;
 import com.epmet.dto.result.AddAgencyResultDTO;
 import com.epmet.dto.result.AgencyListResultDTO;
 import com.epmet.dto.result.AgencysResultDTO;
 import com.epmet.dto.result.SubAgencyResultDTO;
+import com.epmet.entity.CustomerAgencyEntity;
 import com.epmet.service.AgencyService;
+import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
 
@@ -110,4 +110,21 @@ public class AgencyController {
     public Result<List<AgencyListResultDTO>> agencyList(@RequestBody AgencyListFormDTO formDTO) {
         return agencyService.agencyList(formDTO);
     }
+
+    /**
+     * 根据Id查询agency
+     * @param agencyId
+     * @return
+     */
+    @PostMapping("{agencyId}")
+    public Result<CustomerAgencyDTO> getAgencyById(@PathVariable("agencyId") String agencyId) {
+        CustomerAgencyEntity agency = agencyService.getAgencyById(agencyId);
+        CustomerAgencyDTO customerAgencyDTO = new CustomerAgencyDTO();
+        if (agency != null) {
+            BeanUtils.copyProperties(agency, customerAgencyDTO);
+            return new Result<CustomerAgencyDTO>().ok(customerAgencyDTO);
+        }
+        return new Result<CustomerAgencyDTO>();
+    }
+
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/DepartmentController.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/DepartmentController.java
index 33a1d7fe87..eba65e1372 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/DepartmentController.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/DepartmentController.java
@@ -29,9 +29,15 @@ public class DepartmentController {
     @Autowired
     private DepartmentService departmentService;
 
+    /**
+     * 添加部门人员
+     * @param tokenDto
+     * @param addDepartmentStaffFormDTO
+     * @return
+     */
     @PostMapping(value = "adddepartmentstaff")
-    public Result addDepartmentStaff(@LoginUser TokenDto tokenDto, @RequestBody AddDepartmentFormDTO addDepartmentFormDTO){
-        return null;
+    public Result addDepartmentStaff(@LoginUser TokenDto tokenDto, @RequestBody AddDepartmentStaffFormDTO addDepartmentStaffFormDTO){
+        return departmentService.addDepartmentStaff(tokenDto,addDepartmentStaffFormDTO);
     }
 
     /**
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerStaffDepartmentDao.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerStaffDepartmentDao.java
index 22ab90c4ba..2f103d1daf 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerStaffDepartmentDao.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerStaffDepartmentDao.java
@@ -41,4 +41,11 @@ public interface CustomerStaffDepartmentDao extends BaseDao<CustomerStaffDepartm
      * @Description 查询部门下工作人员的用户Id集合
      */
     List<String> selectUserIdByDepartmentId(@Param("departmentId") String departmentId);
+
+    /**
+     * 修改部门人数
+     * @param
+     * @auther zxc
+     */
+    void updateDepartmentStaffCount(@Param("addCount")Integer addCount,@Param("departmentId")String departmentId);
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java
index 96f51e83ec..8eb86517de 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java
@@ -3,6 +3,10 @@ package com.epmet.feign;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.*;
+import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.CustomerStaffGridDTO;
+import com.epmet.dto.StaffGridListDTO;
+import com.epmet.dto.form.AddDepartmentStaffFormDTO;
 import com.epmet.dto.form.DepartmentInStaffFormDTO;
 import com.epmet.dto.form.StaffInfoFromDTO;
 import com.epmet.dto.form.StaffSubmitFromDTO;
@@ -36,6 +40,11 @@ public interface EpmetUserFeignClient {
 	@PostMapping(value = "/epmetuser/customerstaff/getstaffinfobyuserid")
 	Result<CustomerStaffDTO> getCustomerStaffInfoByUserId(@RequestBody CustomerStaffDTO formDTO);
 
+	/**
+	 * 获取网格下人员具体信息(头像、名字...)
+	 * @param customerStaffGridDTOS
+	 * @return
+	 */
     @PostMapping("/epmetuser/customerstaff/selectstaffgridlistbyuserid")
     Result<List<StaffGridListDTO>> getStaffGridList(@RequestBody List<CustomerStaffGridDTO> customerStaffGridDTOS);
 
@@ -47,6 +56,11 @@ public interface EpmetUserFeignClient {
 	@PostMapping("/epmetuser/customerstaff/staffsinagency")
 	Result<List<StaffInfoResultDTO>> getStaffInfoForHome(StaffsInAgencyFromDTO fromDTO);
 
+	/**
+	 * 获取网格下未禁用的人员数量
+	 * @param userIdDTO
+	 * @return
+	 */
     @PostMapping(value = "/epmetuser/customerstaff/selectgridstaffcountbyuserid")
 	Result<GridStaffCountDTO> selectGridStaffCountByUserId(@RequestBody UserIdDTO userIdDTO);
 
@@ -120,4 +134,12 @@ public interface EpmetUserFeignClient {
 	@PostMapping("/epmetuser/customerstaff/getdepartmentstafflist")
 	Result<List<DepartInStaffListResultDTO>> getDepartmentStaffList(DepartmentInStaffFormDTO departmentInStaffFormDTO);
 
+	/**
+	 *	根据userId查询customerId
+	 * @param  addDepartmentStaffFormDTO
+	 * @auther zxc
+	 */
+	@PostMapping("/epmetuser/customerstaff/selectcustomeridbyuserid")
+	Result<List<CustomerIdDTO>> selectCustomerIdByUserId(AddDepartmentStaffFormDTO addDepartmentStaffFormDTO);
+
 }
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/feign/fallback/EpmetUserFeignClientFallBack.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/feign/fallback/EpmetUserFeignClientFallBack.java
index 273b6172d1..1284fb622b 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/feign/fallback/EpmetUserFeignClientFallBack.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/feign/fallback/EpmetUserFeignClientFallBack.java
@@ -4,6 +4,10 @@ import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.*;
+import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.CustomerStaffGridDTO;
+import com.epmet.dto.StaffGridListDTO;
+import com.epmet.dto.form.AddDepartmentStaffFormDTO;
 import com.epmet.dto.form.DepartmentInStaffFormDTO;
 import com.epmet.dto.form.StaffInfoFromDTO;
 import com.epmet.dto.form.StaffSubmitFromDTO;
@@ -82,4 +86,9 @@ public class EpmetUserFeignClientFallBack implements EpmetUserFeignClient {
     public Result disabledStaff(StaffInfoFromDTO fromDTO) {
         return ModuleUtils.feignConError(ServiceConstant.EPMET_USER_SERVER, "disabledStaff", fromDTO);
     }
+    @Override
+    public Result<List<CustomerIdDTO>> selectCustomerIdByUserId(AddDepartmentStaffFormDTO addDepartmentStaffFormDTO) {
+        return ModuleUtils.feignConError(ServiceConstant.EPMET_USER_SERVER, "selectCustomerIdByUserId", addDepartmentStaffFormDTO);
+    }
+
 }
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/AgencyService.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/AgencyService.java
index f2edc0c462..d09e56ba05 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/AgencyService.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/AgencyService.java
@@ -23,6 +23,7 @@ import com.epmet.dto.result.AddAgencyResultDTO;
 import com.epmet.dto.result.AgencyListResultDTO;
 import com.epmet.dto.result.AgencysResultDTO;
 import com.epmet.dto.result.SubAgencyResultDTO;
+import com.epmet.entity.CustomerAgencyEntity;
 
 import java.util.List;
 
@@ -80,4 +81,11 @@ public interface AgencyService {
      * @Description 获取组织列表
      */
     Result<List<AgencyListResultDTO>> agencyList(AgencyListFormDTO formDTO);
+
+    /**
+     * 根据Id查询
+     * @param agencyId
+     * @return
+     */
+    CustomerAgencyEntity getAgencyById(String agencyId);
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/DepartmentService.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/DepartmentService.java
index 48fe029fb0..2d49860de2 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/DepartmentService.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/DepartmentService.java
@@ -17,7 +17,9 @@
 
 package com.epmet.service;
 
+import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerIdDTO;
 import com.epmet.dto.form.*;
 import com.epmet.dto.result.*;
 
@@ -77,4 +79,11 @@ public interface DepartmentService {
      * @Description 获取机构下部门列表
      */
     Result<List<DepartmentListResultDTO>> departmentList(DepartmentListFormDTO formDTO);
+
+    /**
+     * 添加部门人员
+     * @param addDepartmentStaffFormDTO
+     * @return
+     */
+    Result addDepartmentStaff(TokenDto tokenDto,AddDepartmentStaffFormDTO addDepartmentStaffFormDTO);
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/AgencyServiceImpl.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/AgencyServiceImpl.java
index a71c53e80a..7177d64d7e 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/AgencyServiceImpl.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/AgencyServiceImpl.java
@@ -184,4 +184,9 @@ public class AgencyServiceImpl implements AgencyService {
         List<AgencyListResultDTO> agencyList = customerAgencyDao.selectAgencyList(formDTO.getAgencyId());
         return new Result<List<AgencyListResultDTO>>().ok(agencyList);
     }
+
+    @Override
+    public CustomerAgencyEntity getAgencyById(String agencyId) {
+        return customerAgencyDao.selectById(agencyId);
+    }
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerGridServiceImpl.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerGridServiceImpl.java
index a53a6bac1c..075799dfb8 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerGridServiceImpl.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerGridServiceImpl.java
@@ -177,6 +177,7 @@ public class CustomerGridServiceImpl extends BaseServiceImpl<CustomerGridDao, Cu
     public Result<GridDetailResultDTO> griddetail(CustomerGridFormDTO customerGridFormDTO) {
         GridDetailResultDTO griddetail = baseDao.griddetail(customerGridFormDTO);
         List<CustomerStaffGridDTO> customerStaffGridDTOS = baseDao.selectUserIdByGridId(customerGridFormDTO);
+        //获取人员具体信息(头像、名字...)
         Result<List<StaffGridListDTO>> staffGridList = epmetUserFeignClient.getStaffGridList(customerStaffGridDTOS);
         griddetail.setStaffGridList(staffGridList.getData());
         return new Result<GridDetailResultDTO>().ok(griddetail);
diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/DepartmentServiceImpl.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/DepartmentServiceImpl.java
index 263daff4ac..dda0d02ae7 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/DepartmentServiceImpl.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/DepartmentServiceImpl.java
@@ -20,17 +20,20 @@ package com.epmet.service.impl;
 import com.epmet.commons.tools.constant.NumConstant;
 import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.ConvertUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.constant.CustomerDepartmentConstant;
 import com.epmet.dao.CustomerAgencyDao;
 import com.epmet.dao.CustomerDepartmentDao;
 import com.epmet.dao.CustomerStaffDepartmentDao;
+import com.epmet.dto.CustomerIdDTO;
 import com.epmet.dto.StaffRoleDTO;
 import com.epmet.dto.form.*;
 import com.epmet.dto.result.*;
 import com.epmet.entity.CustomerAgencyEntity;
 import com.epmet.entity.CustomerDepartmentEntity;
+import com.epmet.entity.CustomerStaffDepartmentEntity;
 import com.epmet.feign.EpmetUserFeignClient;
 import com.epmet.service.DepartmentService;
 import com.epmet.util.ModuleConstant;
@@ -197,4 +200,30 @@ public class DepartmentServiceImpl implements DepartmentService {
         List<DepartmentListResultDTO> departmentList = customerDepartmentDao.selectDepartmentList(formDTO.getAgencyId());
         return new Result<List<DepartmentListResultDTO>>().ok(departmentList);
     }
+
+    /**
+     * 添加部门人员
+     * @param tokenDto
+     * @param addDepartmentStaffFormDTO
+     * @return
+     */
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public Result addDepartmentStaff(TokenDto tokenDto,AddDepartmentStaffFormDTO addDepartmentStaffFormDTO) {
+        CustomerStaffDepartmentEntity customerStaffDepartmentEntity = new CustomerStaffDepartmentEntity();
+        Result<List<CustomerIdDTO>> listResult = epmetUserFeignClient.selectCustomerIdByUserId(addDepartmentStaffFormDTO);
+        List<CustomerIdDTO> data = listResult.getData();
+        customerStaffDepartmentEntity.setDepartmentId(addDepartmentStaffFormDTO.getDepartmentId());
+        customerStaffDepartmentEntity.setCreatedBy(tokenDto.getUserId());
+        customerStaffDepartmentEntity.setUpdatedBy(tokenDto.getUserId());
+        customerStaffDepartmentEntity.setDelFlag("0");
+        customerStaffDepartmentEntity.setRevision(0);
+        for (CustomerIdDTO customerIdDTO : data) {
+            customerStaffDepartmentEntity.setUserId(customerIdDTO.getUserId());
+            customerStaffDepartmentEntity.setCustomerId(customerIdDTO.getCustomerId());
+            customerStaffDepartmentDao.insert(customerStaffDepartmentEntity);
+        }
+        customerStaffDepartmentDao.updateDepartmentStaffCount(data.size(),addDepartmentStaffFormDTO.getDepartmentId());
+        return new Result();
+    }
 }
\ No newline at end of file
diff --git a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerStaffDepartmentDao.xml b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerStaffDepartmentDao.xml
index 8df91287f1..6f13998784 100644
--- a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerStaffDepartmentDao.xml
+++ b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerStaffDepartmentDao.xml
@@ -14,5 +14,15 @@
 
     </select>
 
+    <!-- 修改部门人数 -->
+    <update id="updateDepartmentStaffCount">
+        UPDATE
+            customer_department
+        SET
+            total_user = total_user + #{addCount}
+        WHERE
+            id = #{departmentId}
+    </update>
+
 
 </mapper>
\ No newline at end of file
diff --git a/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/GovStaffRoleDTO.java b/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/GovStaffRoleDTO.java
index 78905406ba..9bc2f4c4de 100644
--- a/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/GovStaffRoleDTO.java
+++ b/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/GovStaffRoleDTO.java
@@ -23,7 +23,7 @@ import lombok.Data;
 
 
 /**
- * 政府端角色表
+ * 政府端角色字典表
  *
  * @author generator generator@elink-cn.com
  * @since v1.0.0 2020-04-22
diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/CustomerStaffController.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/CustomerStaffController.java
index f1ed7bd6ba..748252137b 100644
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/CustomerStaffController.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/CustomerStaffController.java
@@ -27,6 +27,10 @@ import com.epmet.commons.tools.validator.group.DefaultGroup;
 import com.epmet.commons.tools.validator.group.UpdateGroup;
 import com.epmet.dto.*;
 import com.epmet.dto.form.*;
+import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.CustomerStaffGridDTO;
+import com.epmet.dto.StaffGridListDTO;
+import com.epmet.dto.form.*;
 import com.epmet.dto.result.DepartInStaffListResultDTO;
 import com.epmet.dto.result.StaffDetailResultDTO;
 import com.epmet.dto.result.StaffInfoResultDTO;
@@ -145,18 +149,13 @@ public class CustomerStaffController {
         return customerStaffService.getCustomerStaffInfoByUserId(formDTO);
     }
 
-    @PostMapping(value = "selectgridstaffcountbyuserid")
-    public Result<GridStaffCountDTO> selectGridStaffCountByUserId(@RequestBody UserIdDTO userIdDTO){
-        return customerStaffService.selectGridStaffCountByUserId(userIdDTO);
-    }
-
     /**
      * 组织首页-工作人员列表
      * @param fromDTO
      * @return
      */
     @PostMapping("staffsinagency")
-    public Result<List<StaffInfoResultDTO>> getStaffInfoForHome(@RequestBody StaffsInAgencyFromDTO fromDTO) {
+    public Result<List<StaffInfoResultDTO>> getStaffInfoForHome(StaffsInAgencyFromDTO fromDTO) {
         return customerStaffService.getStaffInfoForHome(fromDTO);
     }
 
@@ -166,74 +165,18 @@ public class CustomerStaffController {
      * @return
      */
     @PostMapping("stafflist")
-    public Result<List<StaffInfoResultDTO>> getStaffList(@RequestBody StaffsInAgencyFromDTO fromDTO) {
+    public Result<List<StaffInfoResultDTO>> getStaffList(StaffsInAgencyFromDTO fromDTO) {
         return customerStaffService.getStaffList(fromDTO);
     }
 
     /**
-     * 人员添加页面初始化
-     *
-     * @param fromDTO 参数
-     * @return Result<StaffInitResultDTO>
+     * 查询网格下未被禁用人员
+     * @param  userIdDTO
+     * @auther zxc
      */
-    @PostMapping("rolelist")
-    public Result<StaffInitResultDTO> addStaffInit(@RequestBody StaffInfoFromDTO fromDTO){
-        return customerStaffService.addStaffInit(fromDTO);
-    }
-
-    /**
-     * 人员编辑页面初始化
-     *
-     * @param fromDTO 参数
-     * @return Result<StaffInitResultDTO>
-     */
-    @PostMapping("editstaffinit")
-    public Result<StaffInitResultDTO> editStaffInit(@RequestBody StaffInfoFromDTO fromDTO){
-        return customerStaffService.editStaffInit(fromDTO);
-    }
-
-    /**
-     * 人员添加
-     *
-     * @param fromDTO 参数
-     * @return Result
-     */
-    @PostMapping("addstaff")
-    public Result addStaff(@RequestBody StaffSubmitFromDTO fromDTO){
-        return customerStaffService.addStaff(fromDTO);
-    }
-
-    /**
-     * 人员编辑
-     *
-     * @param fromDTO 参数
-     * @return Result
-     */
-    @PostMapping("editstaff")
-    public Result editStaff(@RequestBody StaffSubmitFromDTO fromDTO){
-        return customerStaffService.editStaff(fromDTO);
-    }
-
-    /**
-     * 人员详情
-     *
-     * @param fromDTO 参数
-     * @return Result<StaffDetailResultDTO>
-     */
-    @PostMapping("staffdetail")
-    public Result<StaffDetailResultDTO> getStaffDetail(@RequestBody StaffInfoFromDTO fromDTO){
-        return customerStaffService.getStaffDetail(fromDTO);
-    }
-
-    /**
-     * 人员禁用
-     *
-     * @param fromDTO 参数
-     * @return Result
-     */
-    @PostMapping("disabledstaff")
-    public Result disabledStaff(@RequestBody StaffInfoFromDTO fromDTO){
-        return customerStaffService.disabledStaff(fromDTO);
+    @PostMapping(value = "selectgridstaffcountbyuserid")
+    public Result<GridStaffCountDTO> selectGridStaffCountByUserId(@RequestBody UserIdDTO userIdDTO){
+        return customerStaffService.selectGridStaffCountByUserId(userIdDTO);
     }
 
     /**
@@ -246,4 +189,9 @@ public class CustomerStaffController {
     public Result<List<DepartInStaffListResultDTO>> getDepartmentStaffList(DepartmentInStaffFormDTO fromDTO) {
         return customerStaffService.getDepartmentStaffList(fromDTO);
     }
+
+    @PostMapping(value = "selectcustomeridbyuserid")
+    public Result<List<CustomerIdDTO>> selectCustomerIdByUserId(@RequestBody AddDepartmentStaffFormDTO addDepartmentStaffFormDTO){
+        return customerStaffService.selectCustomerIdByUserId(addDepartmentStaffFormDTO);
+    }
 }
\ No newline at end of file
diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/StaffRoleController.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/StaffRoleController.java
index 795b0a34d9..c3fc1b9f24 100644
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/StaffRoleController.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/controller/StaffRoleController.java
@@ -1,5 +1,7 @@
 package com.epmet.controller;
 
+import com.epmet.commons.mybatis.entity.DataScope;
+import com.epmet.commons.tools.annotation.RequirePermission;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.commons.tools.validator.ValidatorUtils;
 import com.epmet.dto.GovStaffRoleDTO;
@@ -65,7 +67,7 @@ public class StaffRoleController {
         ValidatorUtils.validateEntity(staffRoleFormDTO, StaffRoleFormDTO.GetStaffsInRole.class);
         String roleKey = staffRoleFormDTO.getRoleKey();
         String orgId = staffRoleFormDTO.getOrgId();
-        List<GovStaffRoleResultDTO> staffRoleDTOS = staffRoleService.listStaffsInRole(roleKey, orgId);
+        List<GovStaffRoleResultDTO> staffRoleDTOS = staffRoleService.listStaffsInRole(roleKey, orgId , DataScope.getDefault());
         return new Result<List<GovStaffRoleResultDTO>>().ok(staffRoleDTOS);
     }
 
diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/CustomerStaffDao.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/CustomerStaffDao.java
index e74e4b6ce5..6c4cab6dc7 100644
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/CustomerStaffDao.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/CustomerStaffDao.java
@@ -20,10 +20,7 @@ package com.epmet.dao;
 import com.epmet.commons.mybatis.dao.BaseDao;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.*;
-import com.epmet.dto.form.CustomerStaffFormDTO;
-import com.epmet.dto.form.StaffInfoFromDTO;
-import com.epmet.dto.form.DepartmentInStaffFormDTO;
-import com.epmet.dto.form.StaffsInAgencyFromDTO;
+import com.epmet.dto.form.*;
 import com.epmet.dto.result.DepartInStaffListResultDTO;
 import com.epmet.dto.result.StaffInfoResultDTO;
 import com.epmet.entity.CustomerStaffEntity;
@@ -115,4 +112,11 @@ public interface CustomerStaffDao extends BaseDao<CustomerStaffEntity> {
 	 * @Description 根据客户Id及userId集合查询用户基本信息
 	 */
     List<DepartInStaffListResultDTO> selectDepartmentStaffList(DepartmentInStaffFormDTO fromDTO);
+
+    /**
+     *
+     * @param  departmentStaffFormDTO
+     * @auther zxc
+     */
+    List<CustomerIdDTO> selectCustomerIdByUserId(AddDepartmentStaffFormDTO departmentStaffFormDTO);
 }
\ No newline at end of file
diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/CustomerStaffService.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/CustomerStaffService.java
index a79bafba8b..abd130c21c 100644
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/CustomerStaffService.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/CustomerStaffService.java
@@ -21,15 +21,10 @@ import com.epmet.commons.mybatis.service.BaseService;
 import com.epmet.commons.tools.page.PageData;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.*;
-import com.epmet.dto.form.CustomerGridFormDTO;
+import com.epmet.dto.form.*;
 import com.epmet.dto.CustomerStaffDTO;
 import com.epmet.dto.CustomerStaffGridDTO;
 import com.epmet.dto.StaffGridListDTO;
-import com.epmet.dto.form.CustomerStaffFormDTO;
-import com.epmet.dto.form.StaffInfoFromDTO;
-import com.epmet.dto.form.StaffSubmitFromDTO;
-import com.epmet.dto.form.DepartmentInStaffFormDTO;
-import com.epmet.dto.form.StaffsInAgencyFromDTO;
 import com.epmet.dto.result.StaffDetailResultDTO;
 import com.epmet.dto.result.DepartInStaffListResultDTO;
 import com.epmet.dto.result.StaffInfoResultDTO;
@@ -218,4 +213,11 @@ public interface CustomerStaffService extends BaseService<CustomerStaffEntity> {
 	 * @Description 根据客户Id及userId集合查询用户基本信息
 	 */
 	Result<List<DepartInStaffListResultDTO>> getDepartmentStaffList(DepartmentInStaffFormDTO fromDTO);
+
+	/**
+	 *	根据userId查询customerId
+	 * @param:	addDepartmentStaffFormDTO
+	 * @auther: zxc
+	 */
+	Result<List<CustomerIdDTO>> selectCustomerIdByUserId(AddDepartmentStaffFormDTO addDepartmentStaffFormDTO);
 }
\ No newline at end of file
diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/StaffRoleService.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/StaffRoleService.java
index 88742d7400..9c6af5321e 100644
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/StaffRoleService.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/StaffRoleService.java
@@ -17,6 +17,7 @@
 
 package com.epmet.service;
 
+import com.epmet.commons.mybatis.entity.DataScope;
 import com.epmet.commons.mybatis.service.BaseService;
 import com.epmet.commons.tools.page.PageData;
 import com.epmet.dto.StaffRoleDTO;
@@ -100,7 +101,7 @@ public interface StaffRoleService extends BaseService<StaffRoleEntity> {
      * @param orgId
      * @return
      */
-    List<GovStaffRoleResultDTO> listStaffsInRole(String roleKey, String orgId);
+    List<GovStaffRoleResultDTO> listStaffsInRole(String roleKey, String orgId, DataScope dataScope);
 
     /**
      * 清空工作人员权限
diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/CustomerStaffServiceImpl.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/CustomerStaffServiceImpl.java
index fdd47f560d..d3a98772bd 100644
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/CustomerStaffServiceImpl.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/CustomerStaffServiceImpl.java
@@ -32,6 +32,17 @@ import com.epmet.dao.CustomerStaffDao;
 import com.epmet.dto.*;
 import com.epmet.dto.form.*;
 import com.epmet.dto.result.*;
+import com.epmet.dto.form.*;
+import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.CustomerStaffGridDTO;
+import com.epmet.dto.GovStaffRoleDTO;
+import com.epmet.dto.StaffGridListDTO;
+import com.epmet.dto.StaffRoleDTO;
+import com.epmet.dto.result.StaffDetailResultDTO;
+import com.epmet.dto.result.DepartInStaffListResultDTO;
+import com.epmet.dto.result.StaffInfoResultDTO;
+import com.epmet.dto.result.StaffInitResultDTO;
+import com.epmet.dto.result.StaffRoleResultDTO;
 import com.epmet.entity.CustomerStaffEntity;
 import com.epmet.entity.GovStaffRoleEntity;
 import com.epmet.entity.StaffRoleEntity;
@@ -352,4 +363,14 @@ public class CustomerStaffServiceImpl extends BaseServiceImpl<CustomerStaffDao,
 		return new Result<List<DepartInStaffListResultDTO>>().ok(staffList);
 	}
 
+    /**
+     *
+     * @param: addDepartmentStaffFormDTO
+     * @auther: zxc
+     */
+	@Override
+	public Result<List<CustomerIdDTO>> selectCustomerIdByUserId(AddDepartmentStaffFormDTO addDepartmentStaffFormDTO) {
+		return new Result<List<CustomerIdDTO>>().ok(baseDao.selectCustomerIdByUserId(addDepartmentStaffFormDTO));
+	}
+
 }
\ No newline at end of file
diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java
index 0a9d7ce90d..180521ebe3 100644
--- a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java
+++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java
@@ -19,6 +19,8 @@ package com.epmet.service.impl;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.epmet.commons.mybatis.annotation.DataFilter;
+import com.epmet.commons.mybatis.entity.DataScope;
 import com.epmet.commons.mybatis.service.impl.BaseServiceImpl;
 import com.epmet.commons.tools.page.PageData;
 import com.epmet.commons.tools.utils.ConvertUtils;
@@ -110,7 +112,7 @@ public class StaffRoleServiceImpl extends BaseServiceImpl<StaffRoleDao, StaffRol
      */
     @Override
     //@DataFilter
-    public List<GovStaffRoleResultDTO> listStaffsInRole(String roleKey, String orgId) {
+    public List<GovStaffRoleResultDTO> listStaffsInRole(String roleKey, String orgId, DataScope dataScope) {
         return baseDao.listStaffIdsByRoleKeyAndOrgId(roleKey, orgId);
     }
 
diff --git a/epmet-user/epmet-user-server/src/main/resources/mapper/CustomerStaffDao.xml b/epmet-user/epmet-user-server/src/main/resources/mapper/CustomerStaffDao.xml
index b2bd97dbd4..d1cfdd797d 100644
--- a/epmet-user/epmet-user-server/src/main/resources/mapper/CustomerStaffDao.xml
+++ b/epmet-user/epmet-user-server/src/main/resources/mapper/CustomerStaffDao.xml
@@ -145,4 +145,20 @@
         </foreach>
         ORDER BY CONVERT (real_name USING gbk) ASC<!--按中文对应的拼音升序排列-->
     </select>
+
+    <!-- 根据userId查询customerId -->
+    <select id="selectCustomerIdByUserId" parameterType="com.epmet.dto.form.AddDepartmentStaffFormDTO" resultType="com.epmet.dto.CustomerIdDTO">
+        SELECT
+            user_id AS userId,
+            customer_id AS customerId
+        FROM
+            customer_staff
+        WHERE
+            user_id in
+            <foreach item="item" collection="selectedList" separator="," open="(" close=")" index="">
+                #{item}
+            </foreach>
+            AND del_flag = 0
+            AND enable_flag = 'enable'
+    </select>
 </mapper>
\ No newline at end of file