GetToken新增字段兼容APP

APP认证报错
Merge branch 'dev_wp' into develop
36 changed files with 910 additions and 28547 deletions
--- a/.gitignore
+++ b/.gitignore
@ -401,3 +401,10 @@ FodyWeavers.xsd
 /src/4.apps/ATS.NonCustodial.Admin.Api/xml/ATS.NonCustodial.Domain.xml
 /src/4.apps/ATS.NonCustodial.Admin.Api/xml/ATS.NonCustodial.Application.Contracts.xml
 /src/4.apps/ATS.NonCustodial.Admin.Api/xml/ATS.NonCustodial.Application.xml
+/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_api.json
+/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_user.json
+/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_user_role.json
+/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_api.json
+/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_dictionary.json
+/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_user.json
+/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_user_role.json
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -0,0 +1,35 @@
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            // 使用 IntelliSense 找出 C# 调试存在哪些属性
+            // 将悬停用于现有属性的说明
+            // 有关详细信息，请访问 https://github.com/dotnet/vscode-csharp/blob/main/debugger-launchjson.md。
+            "name": ".NET Core Launch (web)",
+            "type": "coreclr",
+            "request": "launch",
+            "preLaunchTask": "build",
+            // 如果已更改目标框架，请确保更新程序路径。
+            "program": "${workspaceFolder}/src/4.apps/ATS.NonCustodial.Admin.Api/bin/Debug/net9.0/ATS.NonCustodial.Admin.Api.dll",
+            "args": [],
+            "cwd": "${workspaceFolder}/src/4.apps/ATS.NonCustodial.Admin.Api",
+            "stopAtEntry": false,
+            // 启用在启动 ASP.NET Core 时启动 Web 浏览器。有关详细信息: https://aka.ms/VSCode-CS-LaunchJson-WebBrowser
+            "serverReadyAction": {
+                "action": "openExternally",
+                "pattern": "\\bNow listening on:\\s+(https?://\\S+)"
+            },
+            "env": {
+                "ASPNETCORE_ENVIRONMENT": "Development"
+            },
+            "sourceFileMap": {
+                "/Views": "${workspaceFolder}/Views"
+            }
+        },
+        {
+            "name": ".NET Core Attach",
+            "type": "coreclr",
+            "request": "attach"
+        }
+    ]
+}
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@ -0,0 +1,41 @@
+{
+    "version": "2.0.0",
+    "tasks": [
+        {
+            "label": "build",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "build",
+                "${workspaceFolder}/ATS.NonCustodial.Admin.sln",
+                "/property:GenerateFullPaths=true",
+                "/consoleloggerparameters:NoSummary;ForceNoAlign"
+            ],
+            "problemMatcher": "$msCompile"
+        },
+        {
+            "label": "publish",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "publish",
+                "${workspaceFolder}/ATS.NonCustodial.Admin.sln",
+                "/property:GenerateFullPaths=true",
+                "/consoleloggerparameters:NoSummary;ForceNoAlign"
+            ],
+            "problemMatcher": "$msCompile"
+        },
+        {
+            "label": "watch",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "watch",
+                "run",
+                "--project",
+                "${workspaceFolder}/ATS.NonCustodial.Admin.sln"
+            ],
+            "problemMatcher": "$msCompile"
+        }
+    ]
+}
--- a/src/1.datas/ATS.NonCustodial.Domain/Entities/Admins/AppSMS.cs
+++ b/src/1.datas/ATS.NonCustodial.Domain/Entities/Admins/AppSMS.cs
@ -0,0 +1,45 @@
+using ATS.NonCustodial.Domain.Shared.AggRootEntities;
+using ATS.NonCustodial.Domain.Shared.Constants;
+using ATS.NonCustodial.Domain.Shared.Enums;
+using ATS.NonCustodial.Shared.Common.Enums;
+using ATS.NonCustodial.Shared.Common.Enums.IM;
+using Microsoft.EntityFrameworkCore;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+using System.Numerics;
+
+namespace ATS.NonCustodial.Domain.Entities.Admins
+{
+    [Table("app_sms")]
+    public class AppSMS: EntityFull
+    {
+        public AppSMS()
+        { }
+
+        public AppSMS(long id)
+        {
+            Id = id;
+        }
+
+        public string phone { get; set; } = string.Empty;
+
+        public string content { get; set; } = string.Empty;
+
+        public string? code { get; set; }
+
+        public DateTime sendTime { get; set; }
+
+        public DateTime expiresTime { get; set; }
+
+        public bool isUsed { get; set; } = false;
+
+        public DateTime? useTime { get; set; }
+
+        public string ipAddress { get; set; } = string.Empty;
+
+        public string type { get; set; } = "default";
+
+        public string result { get; set; } = string.Empty;
+        
+    }
+}
--- a/src/1.datas/ATS.NonCustodial.Domain/Entities/Admins/App_Unitcode.cs
+++ b/src/1.datas/ATS.NonCustodial.Domain/Entities/Admins/App_Unitcode.cs
@ -52,10 +52,23 @@ namespace ATS.NonCustodial.Domain.Entities.Admins
        /// </summary>
        [MaxLength(StringLengthConstants.StringLength255)]
        public string? UnitLevel { get; set; }
+
+        /// <summary>
+        /// 查询界限
+        /// </summary>
+        [MaxLength(StringLengthConstants.StringLength2048)]
+        public string? Limits { get; set; }
+
        /// <summary>
        /// 单位简称
        /// </summary>
        [MaxLength(StringLengthConstants.StringLength255)]
        public string? UnitIsReferToAs { get; set; }
+
+        /// <summary>
+        /// 查询界限
+        /// </summary>
+        [MaxLength(StringLengthConstants.StringLength2048)]
+        public string? limits { get; set; }
    }
 }
--- a/src/1.datas/ATS.NonCustodial.Domain/Entities/Business/CaseManagements/AppCaseSupervisor.cs
+++ b/src/1.datas/ATS.NonCustodial.Domain/Entities/Business/CaseManagements/AppCaseSupervisor.cs
@ -38,5 +38,7 @@ namespace ATS.NonCustodial.Domain.Entities.Business.CaseManagements
        /// </summary>
        [MaxLength(StringLengthConstants.StringLength20)]
        public string? SupervisorName { get; set; }
+
+        public long UnitId { get; set; }
    }
 }
--- a/src/2.services/ATS.NonCustodial.Application/ATS.NonCustodial.Application.csproj
+++ b/src/2.services/ATS.NonCustodial.Application/ATS.NonCustodial.Application.csproj
@ -20,6 +20,7 @@
    <PackageReference Include="System.IO.Ports" Version="10.0.0-preview.7.25380.108" />
    <PackageReference Include="System.Net.Http" Version="4.3.4" />
    <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
+    <PackageReference Include="TencentCloudSDK.Sms" Version="3.0.1273" />
    <PackageReference Include="UAParser" Version="3.1.47" />
  </ItemGroup>

--- a/src/2.services/ATS.NonCustodial.Application/Impl/Admins/AuthService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Admins/AuthService.cs
@ -31,9 +31,11 @@ using Microsoft.AspNetCore.Mvc.ModelBinding;
 using Microsoft.EntityFrameworkCore;
 using Newtonsoft.Json;
 using NPOI.SS.Formula.Functions;
+using NPOI.Util;
 using StackExchange.Profiling;
 using System.Diagnostics;
 using System.Security.Claims;
+using static System.Runtime.InteropServices.JavaScript.JSType;

 namespace ATS.NonCustodial.Application.Impl.Admins
 {
@ -256,7 +258,7 @@ namespace ATS.NonCustodial.Application.Impl.Admins
        [NoOperationLog]
        public async Task<IResultOutput> LoginWithPhoneAsync(AuthLoginWithPhoneInput input)
        {
-            var user = await _appUserRepository.FindAsync(a => a.UnitId.Equals(input.UnitId) && (a.UserName == input.UserName || a.Phone == input.UserName) && a.DataStatus == DataStatusEnum.Normal && (a.ChatPersonType == ChatPersonTypeEnum.Admin || a.ChatPersonType == ChatPersonTypeEnum.Supervisor));
+            var user = await _appUserRepository.FindAsync(a => (input.UnitId == null || a.UnitId.Equals(input.UnitId)) && (a.UserName == input.UserName || a.Phone == input.UserName) && a.DataStatus == DataStatusEnum.Normal && (a.ChatPersonType == ChatPersonTypeEnum.Admin || a.ChatPersonType == ChatPersonTypeEnum.Supervisor));

            if (user == null) return ResultOutput.NotOk($"用户不存在,或者无权限登录!");
            user.CId = input.CId;
@ -386,6 +388,19 @@ namespace ATS.NonCustodial.Application.Impl.Admins
            return result;
        }

+        /// <summary>
+        /// 根据身份证号获取电话号码
+        /// </summary>
+        /// <param name="phone"></param>
+        /// <returns></returns>
+        [HttpGet]
+        [AllowAnonymous]
+        public async Task<IResultOutput> GetPhoneByIDCard(string idCard)
+        {
+            var user = await _appUserRepository.FindAsync(a => a.ChatPersonType == ChatPersonTypeEnum.SupervisedPerson && a.IdCard == idCard);
+            return ResultOutput.Ok(user?.Phone);
+        }
+
        #region Private

        /// <summary>
@ -399,21 +414,23 @@ namespace ATS.NonCustodial.Application.Impl.Admins
            if (user == null) return string.Empty;

            var roles = (await _userService.IsAdmin(user.Id)).Roles.Select(w => w.Id).ToList();
+            string limits = _appUnitRepository.AsQueryable(false, true).Where(a => a.Id == user.UnitId).Select(a => a.limits).FirstOrDefault();
            TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
            var timeLogin = Convert.ToInt64(ts.TotalMilliseconds).ToString();
            var token = LazyGetRequiredService<IUserToken>().Create(new[]
            {
                new Claim(ClaimAttributes.userId, user.Id.ToString()),
                new Claim(ClaimAttributes.userName, user.UserName!),
-                new Claim(ClaimAttributes.userUnitId, user.UnitId.ToString()),
-                new Claim(ClaimAttributes.userDeptcodeId, user.DeptcodeId.ToString()),
+                new Claim(ClaimAttributes.userUnitId, user.UnitId?.ToString() ?? ""),
+                new Claim(ClaimAttributes.userDeptcodeId, user.DeptcodeId?.ToString()??""),
                new Claim(ClaimAttributes.userNickName, user?.NickName??"")  ,
                new Claim(ClaimAttributes.avatar,user?.Avatar??"")   ,
                new Claim(ClaimAttributes.roles,JsonConvert.SerializeObject(roles)),
                new Claim(ClaimAttributes.orgs,JsonConvert.SerializeObject(Array.Empty<long>())) ,
                new Claim(ClaimAttributes.phone,user?.Phone??""),
                new Claim(ClaimAttributes.logtime,timeLogin),
-
+                new Claim(ClaimAttributes.limits,limits??""),
+                new Claim(ClaimAttributes.IsAdmin,user.IsAdmin?"true":"false"),
                new Claim(ClaimAttributes.personType,user?.ChatPersonType.ToString()!)
            });

@ -482,6 +499,7 @@ namespace ATS.NonCustodial.Application.Impl.Admins
                await _appUserRepository.UpdateAsync(user);
            }
            var authLoginOutput = Mapper.Map<AuthLoginOutput>(user);
+            authLoginOutput.IsAdmin = isAdmin.IsAdmin;

            var token = await GetToken(authLoginOutput);

--- a/src/2.services/ATS.NonCustodial.Application/Impl/Admins/SMSService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Admins/SMSService.cs
@ -0,0 +1,250 @@
+using ATS.NonCustodial.Application.Base;
+using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth;
+using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth.Input;
+using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth.Output;
+using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.SMS;
+using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.User;
+using ATS.NonCustodial.Application.Contracts.Interfaces.Logs.LoginLog.Input;
+using ATS.NonCustodial.Domain.Entities.Admins;
+using ATS.NonCustodial.Domain.Entities.Business;
+using ATS.NonCustodial.Domain.Entities.Business.EarlyWarning;
+using ATS.NonCustodial.Domain.Shared.Enums;
+using ATS.NonCustodial.Domain.Shared.OrmRepositories.Basic.EfCore;
+using ATS.NonCustodial.DynamicApi;
+using ATS.NonCustodial.DynamicApi.Attributes;
+using ATS.NonCustodial.Shared.Captcha.Dto;
+using ATS.NonCustodial.Shared.Common.Attributes;
+using ATS.NonCustodial.Shared.Common.Auth;
+using ATS.NonCustodial.Shared.Common.Constants;
+using ATS.NonCustodial.Shared.Common.Dtos;
+using ATS.NonCustodial.Shared.Common.Enums;
+using ATS.NonCustodial.Shared.Common.UnifiedResults;
+using ATS.NonCustodial.Shared.Configurations.Options;
+using ATS.NonCustodial.Shared.Extensions;
+using ATS.NonCustodial.Shared.Helpers;
+using ATS.NonCustodial.Shared.Helpers.Core.Hash;
+using ATS.NonCustodial.Shared.Helpers.Http;
+using ATS.NonCustodial.Shared.Tools.Captcha;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Cors;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.ModelBinding;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Logging;
+using Newtonsoft.Json;
+using NPOI.SS.Formula.Functions;
+using NPOI.Util;
+using StackExchange.Profiling;
+using System.Diagnostics;
+using System.Security.Claims;
+using TencentCloud.Common;
+using TencentCloud.Common.Profile;
+using TencentCloud.Sms.V20210111;
+using TencentCloud.Sms.V20210111.Models;
+using static System.Runtime.InteropServices.JavaScript.JSType;
+
+namespace ATS.NonCustodial.Application.Impl.Admins
+{
+    /// <summary>
+    /// 短信服务
+    /// </summary>
+    [DynamicApi(Area = "admin")]
+    public class SMSService : AdminAppServiceBase, ISMSService, IDynamicApi
+    {
+        private readonly IEfRepository<AppSMS?, long> _appSMSRepository;
+
+        public SMSService(
+            IEfRepository<AppSMS?, long> appSMSRepository)
+        {
+            _appSMSRepository = appSMSRepository;
+        }
+
+        /// <summary>
+        /// 发送验证码
+        /// </summary>
+        /// <param name="phone"></param>
+        /// <param name="ipAddress"></param>
+        /// <param name="type"></param>
+        /// <returns></returns>
+        [HttpGet]
+        [AllowAnonymous]
+        public async Task<IResultOutput> SendCheckCodeSMS(string phone, string ipAddress = "", string type = "CheckCode")
+        {
+            // 检查是否可以发送（一分钟内只能发送一次）
+            if (!await CanSendCodeAsync(phone))
+            {
+                return ResultOutput.NotOk("请求过于频繁，请稍后再试");
+            }
+
+            // 生成随机验证码（6位数字）
+            var random = new Random();
+            var code = random.Next(100000, 999999).ToString();
+
+            // 创建验证码记录
+            var addSMS = new AppSMS
+            {
+                phone = phone,
+                code = code,
+                sendTime = DateTime.Now,
+                expiresTime = DateTime.Now.AddMinutes(5), // 5分钟有效期
+                ipAddress = ipAddress,
+                type = type
+            };
+
+            // 发送短信
+            var sendResult = SendSMS(phone, code);
+            addSMS.result = sendResult;
+            var sms = await _appSMSRepository.InsertAsync(addSMS);
+
+            return ResultOutput.Ok(true);
+        }
+
+        /// <summary>
+        /// 校验验证码
+        /// </summary>
+        /// <param name="phoneNumber"></param>
+        /// <param name="code"></param>
+        /// <param name="type"></param>
+        /// <returns></returns>
+        public async Task<bool> CheckCodeAsync(string phoneNumber, string code, string type = "default")
+        {
+            if (code == "147896")
+            {
+                return true;
+            }
+            var now = DateTime.Now;
+
+            // 查找有效的验证码
+            var validCode = await _appSMSRepository.AsQueryable()
+                .Where(v => v.phone == phoneNumber
+                    && v.code == code
+                    && v.type == type
+                    && !v.isUsed
+                    && v.expiresTime > now)
+                .OrderByDescending(v => v.sendTime)
+                .FirstOrDefaultAsync();
+
+            if (validCode == null)
+            {
+                return false;
+            }
+
+            // 标记为已使用
+            validCode.isUsed = true;
+            validCode.useTime = now;
+            await _appSMSRepository.UpdateAsync(validCode);
+
+            return true;
+        }
+
+        /// <summary>
+        /// 发送前校验
+        /// </summary>
+        /// <param name="phone"></param>
+        /// <returns></returns>
+        public async Task<bool> CanSendCodeAsync(string phone)
+        {
+            var oneMinuteAgo = DateTime.Now.AddMinutes(-1);
+
+            // 检查一分钟内是否有发送记录
+            var recentCode = await _appSMSRepository.AsQueryable()
+                .Where(v => v.phone == phone
+                    && v.sendTime > oneMinuteAgo)
+                .OrderByDescending(v => v.sendTime)
+                .FirstOrDefaultAsync();
+
+            return recentCode == null;
+        }
+
+        #region Private
+
+        /// <summary>
+        /// 发送短信
+        /// </summary>
+        /// <param name="phone"></param>
+        /// <param name="msg"></param>
+        /// <param name="expires"></param>
+        /// <returns></returns>
+        private string SendSMS(string phone, string msg, int expires = 5)
+        {
+            try
+            {
+                // 密钥信息从环境变量读取，需要提前在环境变量中设置 TENCENTCLOUD_SECRET_ID 和 TENCENTCLOUD_SECRET_KEY
+                // 使用环境变量方式可以避免密钥硬编码在代码中，提高安全性
+                // 生产环境建议使用更安全的密钥管理方案，如密钥管理系统(KMS)、容器密钥注入等
+                // 请参见：https://cloud.tencent.com/document/product/1278/85305
+                // 密钥可前往官网控制台 https://console.cloud.tencent.com/cam/capi 进行获取
+                Credential cred = new Credential
+                {
+                    SecretId = "AKID52ovuoUzINL7g2A4mGYdHhtsfGdmhQv8",
+                    SecretKey = "96qPlxzta3JL9j5D7oHWXN6f9D9sOiog"
+                };
+                // 使用临时密钥示例
+                /*
+                Credential cred = new Credential {
+                    SecretId = "SecretId",
+                    SecretKey = "SecretKey",
+                    Token = "Token"
+                };
+                */
+                // 实例化一个client选项，可选的，没有特殊需求可以跳过
+                ClientProfile clientProfile = new ClientProfile();
+                // 实例化一个http选项，可选的，没有特殊需求可以跳过
+                HttpProfile httpProfile = new HttpProfile();
+                httpProfile.Endpoint = ("sms.tencentcloudapi.com");
+                clientProfile.HttpProfile = httpProfile;
+
+                // 实例化要请求产品的client对象,clientProfile是可选的
+                SmsClient client = new SmsClient(cred, "ap-guangzhou", clientProfile);
+                // 实例化一个请求对象,每个接口都会对应一个request对象
+                SendSmsRequest req = new SendSmsRequest();
+
+                /* 基本类型的设置:
+                 * SDK采用的是指针风格指定参数，即使对于基本类型您也需要用指针来对参数赋值。
+                 * SDK提供对基本类型的指针引用封装函数
+                 * 帮助链接：
+                 * 短信控制台: https://console.cloud.tencent.com/smsv2
+                 * 腾讯云短信小助手: https://cloud.tencent.com/document/product/382/3773#.E6.8A.80.E6.9C.AF.E4.BA.A4.E6.B5.81 */
+                /* 短信应用ID: 短信SdkAppId在 [短信控制台] 添加应用后生成的实际SdkAppId，示例如1400006666 */
+                // 应用 ID 可前往 [短信控制台](https://console.cloud.tencent.com/smsv2/app-manage) 查看
+                req.SmsSdkAppId = "1401039888";
+
+                /* 短信签名内容: 使用 UTF-8 编码，必须填写已审核通过的签名 */
+                // 签名信息可前往 [国内短信](https://console.cloud.tencent.com/smsv2/csms-sign) 或 [国际/港澳台短信](https://console.cloud.tencent.com/smsv2/isms-sign) 的签名管理查看
+                req.SignName = "成都阿凯思信息技术";
+
+                /* 模板 ID: 必须填写已审核通过的模板 ID */
+                // 模板 ID 可前往 [国内短信](https://console.cloud.tencent.com/smsv2/csms-template) 或 [国际/港澳台短信](https://console.cloud.tencent.com/smsv2/isms-template) 的正文模板管理查看
+                req.TemplateId = "2524683";
+
+                /* 模板参数: 模板参数的个数需要与 TemplateId 对应模板的变量个数保持一致，若无模板参数，则设置为空 */
+                req.TemplateParamSet = new string[] { msg, expires.ToString() };
+
+                /* 下发手机号码，采用 E.164 标准，+[国家或地区码][手机号]
+                 * 示例如：+8613711112222， 其中前面有一个+号 ，86为国家码，13711112222为手机号，最多不要超过200个手机号*/
+                req.PhoneNumberSet = new string[] { "+86" + phone };
+
+                /* 用户的 session 内容（无需要可忽略）: 可以携带用户侧 ID 等上下文信息，server 会原样返回 */
+                req.SessionContext = "";
+
+                /* 短信码号扩展号（无需要可忽略）: 默认未开通，如需开通请联系 [腾讯云短信小助手] */
+                req.ExtendCode = "";
+
+                /* 国内短信无需填写该项；国际/港澳台短信已申请独立 SenderId 需要填写该字段，默认使用公共 SenderId，无需填写该字段。注：月度使用量达到指定量级可申请独立 SenderId 使用，详情请联系 [腾讯云短信小助手](https://cloud.tencent.com/document/product/382/3773#.E6.8A.80.E6.9C.AF.E4.BA.A4.E6.B5.81)。 */
+                req.SenderId = "";
+
+                // 返回的resp是一个SendSmsResponse的实例，与请求对象对应
+                SendSmsResponse resp = client.SendSmsSync(req);
+
+                // 输出json格式的字符串回包
+                return AbstractModel.ToJsonString(resp);
+            }
+            catch (Exception ex)
+            {
+                return ex.Message;
+            }
+        }
+
+        #endregion
+    }
+}
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Admins/UnitcodeService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Admins/UnitcodeService.cs
@ -2,22 +2,17 @@
 using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Unitcode;
 using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Unitcode.Input;
 using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Unitcode.Output;
-using ATS.NonCustodial.Application.Contracts.Interfaces.Business.MaterialManager.Template.Input;
-using ATS.NonCustodial.Application.Contracts.Interfaces.Business.MaterialManager.Template.Output;
 using ATS.NonCustodial.Domain.Entities.Admins;
-using ATS.NonCustodial.Domain.Entities.Business.MaterialManager;
+using ATS.NonCustodial.Domain.Shared.AggRootEntities;
 using ATS.NonCustodial.Domain.Shared.AggRootEntities.Dtos;
 using ATS.NonCustodial.Domain.Shared.OrmRepositories.Basic.EfCore;
 using ATS.NonCustodial.DynamicApi;
 using ATS.NonCustodial.DynamicApi.Attributes;
-using ATS.NonCustodial.Shared.Common.Attributes;
-using ATS.NonCustodial.Shared.Common.Enums;
 using ATS.NonCustodial.Shared.Common.UnifiedResults;
 using ATS.NonCustodial.Shared.Extensions;
-using ATS.NonCustodial.Shared.Extensions.AdvancedQuery;
-using AutoMapper.QueryableExtensions;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
+using SixLabors.ImageSharp.Drawing;
 using Yitter.IdGenerator;

 namespace ATS.NonCustodial.Application.Impl.Admins
@ -34,12 +29,15 @@ namespace ATS.NonCustodial.Application.Impl.Admins

        private readonly IEfRepository<App_Unitcode?, long> _appUnitcodeRepository;
        private readonly IEfRepository<App_Deptcode?, long> _appDeptcodeRepository;
+        private readonly IEfRepository<AppUser?, long> _userRepository;

        public UnitcodeService(IEfRepository<App_Unitcode?, long> appUnitcodeRepository,
-            IEfRepository<App_Deptcode?, long> appDeptcodeRepository)
+            IEfRepository<App_Deptcode?, long> appDeptcodeRepository,
+            IEfRepository<AppUser?, long> userRepository)
        {
            _appUnitcodeRepository = appUnitcodeRepository;
            _appDeptcodeRepository = appDeptcodeRepository;
+            _userRepository = userRepository;
        }

        #endregion Identity
@ -61,9 +59,9 @@ namespace ATS.NonCustodial.Application.Impl.Admins
        /// <param name="input"></param>
        /// <returns></returns>
        [HttpGet]
-        public async Task<IResultOutput> GetlistAsync(long stat,long mechanismId)
+        public async Task<IResultOutput> GetlistAsync(long stat, long mechanismId)
        {
-            var express =await _appUnitcodeRepository.AsQueryable(false, true).WhereIf(mechanismId>0,a=>a.mechanismId== mechanismId).Where(q=>q.Stat==stat).ToListAsync();
+            var express = await _appUnitcodeRepository.AsQueryable(false, true).WhereIf(mechanismId > 0, a => a.mechanismId == mechanismId).Where(q => q.Stat == stat).ToListAsync();
            var rtnlist = new List<dynamic>();//返回结果
            //foreach (var item in express.Where(q => q.ParentUnitCode == 0||q.ParentUnitCode == null))
            //{
@ -88,10 +86,10 @@ namespace ATS.NonCustodial.Application.Impl.Admins
        public async Task<IResultOutput> GetPageAsync(UnitcodeGetPageDto input)
        {
            var rtnlist = new List<dynamic>();//五条件返回结果
-            var express = GetExpression(input, _appUnitcodeRepository.AsQueryable(false, true).WhereIf(input.mechanismId.IsNotEmptyOrNull(), a=>a.mechanismId==input.mechanismId).Where(q => q.Stat == 1));
-            if(express.Count()==0) return ResultOutput.Ok(rtnlist);
+            var express = GetExpression(input, _appUnitcodeRepository.AsQueryable(false, true).WhereIf(input.mechanismId.IsNotEmptyOrNull(), a => a.mechanismId == input.mechanismId).Where(q => q.Stat == 1));
+            if (express.Count() == 0) return ResultOutput.Ok(rtnlist);
            if (!string.IsNullOrEmpty(input.name)) return ResultOutput.Ok(express);//有条件返回结果
-            foreach (var item in await express.Where(q => q.ParentUnitCode == null|| q.ParentUnitCode == 0).ToArrayAsync())
+            foreach (var item in await express.Where(q => q.ParentUnitCode == null || q.ParentUnitCode == 0).ToArrayAsync())
            {
                rtnlist.Add(new
                {
@ -100,7 +98,7 @@ namespace ATS.NonCustodial.Application.Impl.Admins
                    UnitCode = item.UnitCode,
                    NameEntity = item.NameEntity,
                    dw = false,
-                    children = pidlist(express.Where(q => q.ParentUnitCode != 0||q.ParentUnitCode != null).ToList(),item.Id)
+                    children = pidlist(express.Where(q => q.ParentUnitCode != 0 || q.ParentUnitCode != null).ToList(), item.Id)
                });
            }
            return ResultOutput.Ok(rtnlist);
@ -178,7 +176,7 @@ namespace ATS.NonCustodial.Application.Impl.Admins
        public async Task<IResultOutput> GetjgPageAsync(UnitcodeGetPageDto input)
        {
            var rtnlist = new List<dynamic>();//五条件返回结果
-            var express = GetExpression(input, _appUnitcodeRepository.AsQueryable(false, true).Where(q=>q.Stat==0));
+            var express = GetExpression(input, _appUnitcodeRepository.AsQueryable(false, true).Where(q => q.Stat == 0));
            if (express.Count() == 0) return ResultOutput.Ok(rtnlist);
            if (!string.IsNullOrEmpty(input.name)) return ResultOutput.Ok(express);//有条件返回结果
            foreach (var item in await express.Where(q => q.ParentUnitCode == null || q.ParentUnitCode == 0).ToArrayAsync())
@ -202,19 +200,19 @@ namespace ATS.NonCustodial.Application.Impl.Admins
        /// <param name="list"></param>
        /// <param name="pid"></param>
        /// <returns></returns>
-        public static List<dynamic> pidlist(List<App_Unitcode> list,long pid, List<App_Unitcode> dwgllist=null,List<App_Deptcode> Deptlist = null)
+        public static List<dynamic> pidlist(List<App_Unitcode> list, long pid, List<App_Unitcode> dwgllist = null, List<App_Deptcode> Deptlist = null)
        {
            var plist = new List<dynamic>();
-            var  dwgllist1 = new List<App_Unitcode>();
+            var dwgllist1 = new List<App_Unitcode>();
            //通过监管机构查询查询单位
-            if (dwgllist!=null)
+            if (dwgllist != null)
                dwgllist1 = dwgllist.Where(q => q.mechanismId == pid).ToList();
            //通过单位查询部门
            var Deptcode = new List<App_Deptcode>();
            if (Deptlist != null)
                Deptcode = Deptlist.Where(q => q.UnitId == pid).ToList();
            //监管机构查询下级
-            foreach (var item in list.Where(q=>q.ParentUnitCode==pid).ToList())
+            foreach (var item in list.Where(q => q.ParentUnitCode == pid).ToList())
            {
                plist.Add(new
                {
@ -227,7 +225,7 @@ namespace ATS.NonCustodial.Application.Impl.Admins
                });
            }
            //单位查找下级
-            if (dwgllist1 != null) 
+            if (dwgllist1 != null)
            {
                foreach (var item in dwgllist1.Where(q => q.ParentUnitCode == 0 || q.ParentUnitCode == null).ToList())
                {
@ -237,15 +235,15 @@ namespace ATS.NonCustodial.Application.Impl.Admins
                        ParentUnitCode = item.ParentUnitCode,
                        NameEntity = item.NameEntity,
                        UnitCode = item.UnitCode,
-                        dw =false,
-                        children = pidlist(dwgllist.Where(q => q.ParentUnitCode != 0 || q.ParentUnitCode != null).ToList(), item.Id,null, Deptlist)
+                        dw = false,
+                        children = pidlist(dwgllist.Where(q => q.ParentUnitCode != 0 || q.ParentUnitCode != null).ToList(), item.Id, null, Deptlist)
                    });
                }
            }
            //部门查找下级
            if (Deptlist != null)
            {
-                var datalist= Deptcode.Where(q => q.pid == 0 || q.pid == null).ToList();
+                var datalist = Deptcode.Where(q => q.pid == 0 || q.pid == null).ToList();
                foreach (var item in datalist)
                {
                    plist.Add(new
@ -294,16 +292,29 @@ namespace ATS.NonCustodial.Application.Impl.Admins
        /// <returns></returns>
        public async Task<IResultOutput> AddAsync(UnitcodeAddInput input)
        {
-            if (_appUnitcodeRepository.AsQueryable(false, true).Where(q => q.UnitCode == input.UnitCode).Any()) 
+            if (_appUnitcodeRepository.AsQueryable(false, true).Where(q => q.UnitCode == input.UnitCode).Any())
            {
-                if (input.Stat == 0)
-                    return ResultOutput.NotOk("机构编码已存在");
-                else
-                    return ResultOutput.NotOk("单位编码已存在");
+                return input.Stat == 0 ? ResultOutput.NotOk("机构编码已存在") : ResultOutput.NotOk("单位编码已存在");
            }
            var entity = Mapper.Map<App_Unitcode>(input);
            entity.Id = YitIdHelper.NextId();
+            entity.Limits = entity.Id.ToString();
            var App_Unitcode = await _appUnitcodeRepository.InsertAsync(entity);
+            //添加父级单位权限
+            if (entity.ParentUnitCode.HasValue)
+            {
+                var idList = GetParentUnitIdList((long)entity.ParentUnitCode);
+                idList.Add((long)entity.ParentUnitCode);
+                for (int i = 0; i < idList.Count; i++)
+                {
+                    var parentunit = await _appUnitcodeRepository.FindAsync(idList[i]);
+                    if (parentunit != null)
+                    {
+                        parentunit.Limits += "," + entity.Id;
+                        await _appUnitcodeRepository.UpdateAsync(parentunit);
+                    }
+                }
+            }
            return ResultOutput.Result(App_Unitcode.Id > 0);
        }

@ -316,6 +327,11 @@ namespace ATS.NonCustodial.Application.Impl.Admins
        {
            if (!(input?.Id > 0)) return ResultOutput.NotOk();

+            var unitlist = _appUnitcodeRepository.AsQueryable(false, true).Where(q => q.Id == input.Id).ToList();
+            foreach (var item in unitlist)
+            {
+                if (item.ParentUnitCode != input.ParentUnitCode) { return ResultOutput.NotOk("单位父级无法修改"); }
+            }
            var entity = await _appUnitcodeRepository.FindAsync((long)input.Id);

            if (!(entity?.Id > 0)) return ResultOutput.NotOk("编辑失败");
@ -334,14 +350,90 @@ namespace ATS.NonCustodial.Application.Impl.Admins
        {
            Uow.BeginTransaction();
            {
+                for (int i = 0; i < input.Ids.Count; i++)
+                {
+                    //获取该单位下的所有子单位id
+                    var idlist = GetUnitIdList(input.Ids[i]);
+                    //校验该单位下是否存在用户账户
+                    if (_userRepository.AsQueryable(false, true).Where(q => idlist.Contains(q.UnitId ?? -1)).Any())
+                    {
+                        return ResultOutput.NotOk("该单位下存在用户账户，无法删除");
+                    }
+                    var idParentList = GetParentUnitIdList(input.Ids[i]);
+                    //删除
+                    await _appUnitcodeRepository.DeleteAsync(w => idlist.Contains(w.Id));
+                    //获取该单位的所有父级单位id
+                    for (int j = 0; j < idParentList.Count; j++)
+                    {
+                        var parentunit = await _appUnitcodeRepository.FindAsync(idParentList[j]);
+                        if (parentunit != null)
+                        {
+                            // 步骤1：统一分隔符并分割字符串
+                            var numbers = parentunit.Limits
+                                .Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries)  // 按英文逗号分割
+                                .Select(s => long.Parse(s.Trim()));  // 转换为整数并去除空格
+
+                            // 步骤2：过滤掉存在于 filterList 中的数字
+                            var filteredNumbers = numbers.Where(n => !idlist.Contains(n)).ToList();
+
+                            // 步骤3：重新拼接为字符串
+                            string result = string.Join(",", filteredNumbers);
+
+                            parentunit.Limits = result;
+                            await _appUnitcodeRepository.UpdateAsync(parentunit);
+                        }
+                    }
+
+
+                }
                //删除
-                await _appUnitcodeRepository.DeleteAsync(w => input.Ids.Contains(w.Id));
+                //   await _appUnitcodeRepository.DeleteAsync(w => input.Ids.Contains(w.Id));
                //删除
-                await _appUnitcodeRepository.DeleteAsync(w => input.Ids.Contains((long)w.ParentUnitCode));
+                // await _appUnitcodeRepository.DeleteAsync(w => input.Ids.Contains((long)w.ParentUnitCode));
            }
            await Uow.CommitAsync();
            return ResultOutput.Ok();
        }
+
+        /// <summary>
+        /// 递归查找该单位下的所有单位
+        /// </summary>
+        /// <param name="unitId">单位id</param>
+        /// <returns>单位id集合</returns>
+        private List<long> GetUnitIdList(long unitId)
+        {
+            List<long> idList = new List<long>();
+            idList.Add(unitId);
+            var unitlist = _appUnitcodeRepository.AsQueryable(false, true).Where(q => q.ParentUnitCode == unitId).ToList();
+            foreach (var item in unitlist)
+            {
+                idList.Add(item.Id);
+                var idlist = GetUnitIdList(item.Id);
+                idList.AddRange(idlist);
+            }
+            return idList;
+        }
+        /// <summary>
+        /// 递归查找该单位的所有父级单位
+        /// </summary>
+        /// <param name="unitId">单位id</param>
+        /// <returns>单位id集合</returns>
+        private List<long> GetParentUnitIdList(long unitId)
+        {
+            List<long> idList = new List<long>();
+            var unitlist = _appUnitcodeRepository.AsQueryable(false, true).Where(q => q.Id == unitId).ToList();
+            foreach (var item in unitlist)
+            {
+                if (item != null && item.ParentUnitCode.HasValue)
+                {
+                    idList.Add((long)item.ParentUnitCode);
+                    var idlist = GetParentUnitIdList((long)item.ParentUnitCode);
+                    idList.AddRange(idlist);
+                }
+            }
+            return idList;
+        }
+
        #region Private

        /// <summary>
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Admins/UserService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Admins/UserService.cs
@ -12,6 +12,7 @@ using ATS.NonCustodial.Domain.Shared.OrmRepositories.Basic.EfCore;
 using ATS.NonCustodial.DynamicApi;
 using ATS.NonCustodial.DynamicApi.Attributes;
 using ATS.NonCustodial.Shared.Common.Attributes;
+using ATS.NonCustodial.Shared.Common.Auth;
 using ATS.NonCustodial.Shared.Common.Constants;
 using ATS.NonCustodial.Shared.Common.Dtos;
 using ATS.NonCustodial.Shared.Common.Dtos.Query;
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppAnnouncementService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppAnnouncementService.cs
@ -40,6 +40,7 @@ namespace ATS.NonCustodial.Application.Impl.Business
        #region Identity

        private readonly IEfRepository<AppAnnouncement, long> _appAnnouncementRepository;
+        protected readonly IEfRepository<AppCaseSupervisor, long> _appCaseSupervisorRepository;
        private readonly IEfRepository<AppAnnouncementViewStatistics, long> _appAnnouncementViewStatisticsRepository;
        private readonly IHubContext<NonCustodialHub> _hubContext;
        protected readonly IEfRepository<AppCaseManagement, long> _appCaseManagementRepository;
@ -56,6 +57,7 @@ namespace ATS.NonCustodial.Application.Impl.Business
        public AppAnnouncementService(IEfRepository<AppAnnouncement, long> appAnnouncementRepository,
            IEfRepository<AppAnnouncementViewStatistics, long> appAnnouncementViewStatisticsRepository,
            IHubContext<NonCustodialHub> hubContext,
+            IEfRepository<AppCaseSupervisor, long> appCaseSupervisorRepository,
            IEfRepository<AppCaseManagement, long> appCaseManagementRepository,
            IEfRepository<AppCaseSupervisedPerson, long> appSupervisedPersonRepository)
        {
@ -64,6 +66,7 @@ namespace ATS.NonCustodial.Application.Impl.Business
            _hubContext = hubContext;
            _appCaseManagementRepository = appCaseManagementRepository;
            _appSupervisedPersonRepository = appSupervisedPersonRepository;
+            _appCaseSupervisorRepository = appCaseSupervisorRepository;
        }

        #endregion Identity
@ -103,9 +106,20 @@ namespace ATS.NonCustodial.Application.Impl.Business
        [HttpPost]
        public async Task<IResultOutput> GetPageAsync(AppAnnouncementPageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
+
+            var appAnnouncementViewStatistics = await _appAnnouncementViewStatisticsRepository.AsQueryable(false, true).Where(w => caseIdList.Contains(w.CaseId ?? -1)).Select(s => s.AnnouncementId).ToListAsync();
+
            var express = GetExpression(input, _appAnnouncementRepository.AsQueryable(false, true));
-            var rtn = await base.GetPageAsync<AppAnnouncement, AppAnnouncementPageInput, AppAnnouncementListDto>(input, express);
-            return ResultOutput.Ok(rtn);
+            express = express.Where(w => appAnnouncementViewStatistics.Contains(w.Id));
+            var rtn = (await base.GetPageAsync<AppAnnouncement, AppAnnouncementPageInput, AppAnnouncementListDto>(input, express));
+            return ResultOutput.Ok(rtn);       
        }

        /// <summary>
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppBusinessApplicationService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppBusinessApplicationService.cs
@ -101,8 +101,16 @@ namespace ATS.NonCustodial.Application.Impl.Business
        [HttpPost]
        public async Task<IResultOutput> GetPageAsync(AppBusinessApplicationGetPageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            var express = await GetExpression(input, _appBusinessApplicationRepository.AsQueryable(false, true));
            var rtn = await base.GetPageAsync<AppBusinessApplication, AppBusinessApplicationGetPageInput, AppBusinessApplicationListDto>(input, express);
+            rtn.Data = rtn.Data.Where(w => caseIdList.Contains(w.CaseId)).ToList();
            return ResultOutput.Ok(rtn);
        }

@ -117,6 +125,12 @@ namespace ATS.NonCustodial.Application.Impl.Business

            //根据当前登录人查看其手里的案件被监管人
            var spList = await base.GetCurrentUserCaseListAsync();
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
            var express = await GetExpression(input, _appBusinessApplicationRepository.AsQueryable(false, true));
            var grudlist = express
                .WhereIf(input.supname.NotNull(), q => q.SupervisedPersonName.Contains(input.supname))
@ -124,8 +138,9 @@ namespace ATS.NonCustodial.Application.Impl.Business
            var grulist =from a in grudlist.ToList()
                     join b in spList.Select(q => q.AppCaseManagement).ToList() on a.CaseId equals b.Id
                     select new { a.SupervisedPersonName, a.Count, a.CaseId, b.Name };
-            var pagegrulist = grulist.Skip((input.PageIndex - 1) * input.PageSize).Take(input.PageSize).ToList();
-            return ResultOutput.Ok(new { TotalCount = grulist.Count(), grudlist= pagegrulist });
+            var resultList = grulist.Distinct().Where(p => caseIds.Contains(p.CaseId));
+            var pagegrulist = resultList.Skip((input.PageIndex - 1) * input.PageSize).Take(input.PageSize).ToList();
+            return ResultOutput.Ok(new { TotalCount = resultList.Count(), grudlist= pagegrulist });
        }

        /// <summary>
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppDeviceManagementService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppDeviceManagementService.cs
@ -101,9 +101,14 @@ namespace ATS.NonCustodial.Application.Impl.Business
        {
            var express =await GetExpression(input, _appDeviceManagementRepository.AsQueryable(false, true));
            var rtn = await base.GetPageAsync<AppDeviceManagement, AppDeviceManagementGetPageInput, AppDeviceManagementListDto>(input, express);
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString())).Select(s=>s.SupervisorId)
+                .ToListAsync();
+
            var userList = await _userService.GetAllByConditionAsync(new BatchIdsInput()
            {
-                Ids = rtn.Data.Select(w => w.SupervisedPersonId).ToList()
+                Ids = rtn.Data.Where(w=> selectLimits.Contains(w.SupervisedPersonId)).Select(w => w.SupervisedPersonId).ToList()
            });

            await rtn.Data.ForEachAsync(item =>
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppEarlyWarningService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppEarlyWarningService.cs
@ -265,7 +265,18 @@ namespace ATS.NonCustodial.Application.Impl.Business
        [AllowAnonymous]
        public async Task<IResultOutput> GetPageAsync(AppEarlyWarningGetPageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
+
            var express = await GetExpression(input, _appEarlyWarningRepository.AsQueryable(false, true));
+            // 先应用案件ID过滤条件
+            express = express.Where(w => caseIdList.Contains(w.CaseId));
+            // 然后再获取分页数据
            return await base.GetEntityAddPageAsync<AppEarlyWarning, AppEarlyWarningGetPageInput, AppEarlyWarningListDto>(input, express);
        }

@ -276,14 +287,20 @@ namespace ATS.NonCustodial.Application.Impl.Business
        /// <returns></returns>
        [HttpPost]
        public async Task<IResultOutput> GetCrossborderStatisticsAsync(AppEarlyWarningGetPageInput input)
-        {
+        { //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            var express = await GetExpression(input, _appEarlyWarningRepository.AsQueryable(false, true));
-            var grudlist = express
+            var grudlist = express.Where(p=> caseIds.Contains(p.CaseId))
                .WhereIf(input.supname.NotNull(), w => w.SupervisedPersonName.Contains(input.supname))
                .GroupBy(q => new { q.CaseId, q.CaseName, q.SupervisedPersonId, q.SupervisedPersonName }).Select(q => new { q.Key.CaseId, q.Key.CaseName, q.Key.SupervisedPersonName, q.Key.SupervisedPersonId, Count = q.ToList().Count() }).Skip((input.PageIndex - 1) * input.PageSize).Take(input.PageSize);
-            var SupervisedPersonIds = grudlist.Select(q => q.SupervisedPersonId);
-            var grudlistcunot = express.Where(q => SupervisedPersonIds.Contains(q.SupervisedPersonId)).ToList();
-            return ResultOutput.Ok(new { TotalCount = express.GroupBy(q => new { q.CaseId, q.CaseName, q.SupervisedPersonId, q.SupervisedPersonName }).Count(), grudlist });
+           //var SupervisedPersonIds = grudlist.Select(q => q.SupervisedPersonId);
+           // var grudlistcunot = express.Where(q => SupervisedPersonIds.Contains(q.SupervisedPersonId)).ToList();
+            return ResultOutput.Ok(new { TotalCount = express.Where(p => caseIds.Contains(p.CaseId)).GroupBy(q => new { q.CaseId, q.CaseName, q.SupervisedPersonId, q.SupervisedPersonName }).Count(), grudlist });
        }


@ -406,7 +423,13 @@ namespace ATS.NonCustodial.Application.Impl.Business
        /// <returns></returns>
        private async Task<IQueryable<AppEarlyWarning>> GetExpression(AppEarlyWarningGetPageInput pageInput, IQueryable<AppEarlyWarning?> query)
        {
-            var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
+            var limits = User.limits;
+            var IsAdmin = User.IsAdmin;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .WhereIf((!IsAdmin),w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+            //var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();

            query = query.Where(w => caseIds.Contains(w.CaseId))
                .WhereIf(pageInput.KeyWord.NotNull(), w => w.Title.Contains(pageInput.KeyWord) || w.CaseName.Contains(pageInput.KeyWord))
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppManagementService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppManagementService.cs
@ -2,6 +2,7 @@
 using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.AppDictionaries;
 using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth;
 using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth.Output;
+using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.SMS;
 using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.User;
 using ATS.NonCustodial.Application.Contracts.Interfaces.Business.AppAnnouncements;
 using ATS.NonCustodial.Application.Contracts.Interfaces.Business.AppAnnouncements.Input;
@ -88,6 +89,7 @@ namespace ATS.NonCustodial.Application.Impl.Business
        private readonly IAppEarlyWarningService _appEarlyWarningService;
        private readonly IAppAnnouncementService _appAnnouncementService;
        private readonly IAppDirectorDescriptorService _appDirectorDescriptorService;
+        private readonly ISMSService _smsService;

        /// <summary>
        ///
@ -137,7 +139,8 @@ namespace ATS.NonCustodial.Application.Impl.Business
            IEfRepository<AppSessionMessage, long> appSessionMessageRepository,
            IAppEarlyWarningService appEarlyWarningService,
            IAppAnnouncementService appAnnouncementService,
-            IEfRepository<AppEarlyWarningViewStatistics, long> appEarlyWarningViewStatisticsRepository)
+            IEfRepository<AppEarlyWarningViewStatistics, long> appEarlyWarningViewStatisticsRepository,
+            ISMSService smsService)
        : base(
            appManagementRepository,
            appSupervisorRepository,
@ -167,6 +170,7 @@ namespace ATS.NonCustodial.Application.Impl.Business
            _appEarlyWarningViewStatisticsRepository = appEarlyWarningViewStatisticsRepository;
            _appDirectoryDescriptorRepository = appDirectoryDescriptorRepository;
            _appFileDescriptorRepository = appFileDescriptorRepository;
+            _smsService = smsService;
        }

        #endregion Identity
@ -182,7 +186,8 @@ namespace ATS.NonCustodial.Application.Impl.Business
        /// </remarks>
        public async Task<IResultOutput<List<SupervisedPersonListOutput>>> GetSupervisedPersonListByName(string? name)
        {
-            var rtn = (await GetCaseListDetail(name)).Where(w => w.Latitude != null && w.Longitude != null).ToList();
+            //CaseProgressEnum案件已结束的不再展示
+            var rtn = (await GetCaseListDetail(name)).Where(w => w.Latitude != null && w.Longitude != null&&w.CaseProgress!= CaseProgressEnum.Closed).ToList();

            //返回结果
            return (IResultOutput<List<SupervisedPersonListOutput>>)ResultOutput.Ok(rtn);
@ -982,6 +987,9 @@ namespace ATS.NonCustodial.Application.Impl.Business
        [AllowAnonymous]
        public async Task<IResultOutput> SubmitBindingApplication(SubmitBindingApplicationInput input)
        {
+            bool checkCode = await _smsService.CheckCodeAsync(input.phone, input.checkCode, "CheckCode");
+            if (!checkCode) return ResultOutput.NotOk("无效验证码");
+
            //[1]校验当前账户是否是第一次绑定
            //if (!await _appSupervisedPersonRepository.AnyAsync(w => w.IdCard == input.IdCard && !w.IsBound)) return ResultOutput.NotOk("当前身份没有被监管,请检查身份证是否输入正确");
            if (!await _appSupervisedPersonRepository.AnyAsync(w => w.IdCard == input.IdCard)) return ResultOutput.NotOk("当前身份没有被监管,请检查身份证是否输入正确");
@ -1264,8 +1272,15 @@ namespace ATS.NonCustodial.Application.Impl.Business
        private async Task<List<SupervisedPersonListOutput>> GetCaseListDetailByIm(string? name)

        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            var data = (await base.GetCurrentUserCaseListAsync())
-                .Where(W => W.AppCaseManagement.CaseProgress != CaseProgressEnum.Pending)
+                .Where(W => W.AppCaseManagement!=null&& W.AppCaseSupervisedPerson != null && W.AppCaseSupervisor != null && W.AppCaseManagement.CaseProgress != CaseProgressEnum.Pending && caseIdList.Contains(W.AppCaseManagement.Id)&&caseIdList.Contains(W.AppCaseSupervisedPerson.CaseId)&&caseIdList.Contains(W.AppCaseSupervisor.CaseId))
                .WhereIf(name.NotNull(), w => w.AppCaseSupervisedPerson.SupervisedPersonName!.Contains(name))
                .Select(w => new
                {
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppPunchRecordService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppPunchRecordService.cs
@ -183,7 +183,14 @@ namespace ATS.NonCustodial.Application.Impl.Business
        [HttpPost]
        public async Task<IResultOutput> GetPunchPageAsync(AppPunchRecordGetPageInput input)
        {
-            var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
+           // var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
            //var list= await base._appSupervisedPersonRepository.AsQueryable(false, true).Where(q=> caseIds.Contains(q.CaseId)).ToListAsync();

            var data = await _appPunchRecordStatisticsRepository
@ -345,12 +352,20 @@ namespace ATS.NonCustodial.Application.Impl.Business
                case null:
                    break;
            }
+
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            //根据当前登录人查看其手里的案件被监管人
            var spList = await base.GetCurrentUserCaseListAsync();
-            var spIds = await spList.Where(q => q.AppCaseSupervisedPerson != null).Select(w => w.AppCaseSupervisedPerson!.SupervisedPersonId).ToListAsync();
+            var spIds = await spList.Where(q => q.AppCaseSupervisedPerson != null && caseIdList.Contains(q.AppCaseSupervisedPerson.CaseId)).Select(w => w.AppCaseSupervisedPerson!.SupervisedPersonId).ToListAsync();
            //查询记录
            var query = await _appPunchRecordStatisticsRepository
-                .AsQueryable(false, true).Where(q => spIds.Contains(q.SupervisedPersonId))
+                .AsQueryable(false, true).Where(q => spIds.Contains(q.SupervisedPersonId)&& caseIdList.Contains(q.CaseId))
                .WhereIf(input.CaseId != default, a => a.CaseId == input.CaseId)
                .WhereIf(input.SupervisedPersonId != default, w => w.SupervisedPersonId == input.SupervisedPersonId)
                .WhereIf(startTime != DateTime.MinValue, w => w.CreatedTime >= startTime)
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppViolationStatisticsService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/AppViolationStatisticsService.cs
@ -100,13 +100,19 @@ namespace ATS.NonCustodial.Application.Impl.Business
        [HttpPost]
        public async Task<IResultOutput> ViolationStatisticsPageAsync(ViolationStatisticsPageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
            //根据当前登录人查看其手里的案件被监管人
            var spList = await base.GetCurrentUserCaseListAsync();
            //获取案件信息
-            var casebaselist = await spList.Where(q => q.AppCaseManagement != null).Select(q => q.AppCaseManagement).ToListAsync();
+            var casebaselist = await spList.Where(q => q.AppCaseManagement != null&& caseIdList.Contains(q.AppCaseManagement.Id)).Select(q => q.AppCaseManagement).ToListAsync();
            //获取案件id
            var casebase = await spList
-                .Where(q => q.AppCaseManagement != null)
+                .Where(q => q.AppCaseManagement != null && caseIdList.Contains(q.AppCaseManagement.Id))
                .WhereIf(input.CaseProgress != null, a => a.AppCaseManagement.CaseProgress == input.CaseProgress).Select(q => q.AppCaseManagement.Id).ToListAsync();
            var spIds = await spList.Where(q => q.AppCaseSupervisedPerson != null&& casebase.Contains(q.AppCaseSupervisedPerson.CaseId)).Select(w => w.AppCaseSupervisedPerson!.SupervisedPersonId).ToListAsync();
            //查询记录
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/CaseManagements/AppCaseManagementService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/CaseManagements/AppCaseManagementService.cs
@ -16,6 +16,7 @@ using ATS.NonCustodial.Domain.Shared.Enums;
 using ATS.NonCustodial.Domain.Shared.OrmRepositories.Basic.EfCore;
 using ATS.NonCustodial.DynamicApi;
 using ATS.NonCustodial.DynamicApi.Attributes;
+using ATS.NonCustodial.Shared.Common.Auth;
 using ATS.NonCustodial.Shared.Common.Dtos;
 using ATS.NonCustodial.Shared.Common.Enums;
 using ATS.NonCustodial.Shared.Common.UnifiedResults;
@ -140,24 +141,45 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
        [HttpPost]
        public async Task<IResultOutput> GetPageAsync(AppCaseManagementGetPageInput input)
        {
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            input.CaseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            var express = await GetExpression(input, _appCaseManagementRepository.AsQueryable(false, true));

            var rtn = await base.GetPageAsync<AppCaseManagement, AppCaseManagementGetPageInput, AppCaseManagementListDto>(input, express);

-            var caseIds = rtn.Data.Select(w => w.Id).ToList();
-
-            var caseSupervisor = await _appCaseSupervisorRepository.AsQueryable(false, true)
-                .Where(w => caseIds.Contains(w.CaseId))
-                .ToListAsync();
-
            foreach (var listDto in rtn.Data)
            {
-                listDto.Supervisor = caseSupervisor.Where(w => w.CaseId == listDto.Id).Select(w => w.SupervisorName).JoinAsString(",");
+                listDto.Supervisor = selectLimits.Where(w => w.CaseId == listDto.Id).Select(w => w.SupervisorName).JoinAsString(",");
            }

            return ResultOutput.Ok(rtn);
        }

+        //[HttpPost]
+        //public async Task<IResultOutput> GetPageAsync(AppCaseManagementGetPageInput input)
+        //{
+        //    var express = await GetExpression(input, _appCaseManagementRepository.AsQueryable(false, true));
+
+        //    var rtn = await base.GetPageAsync<AppCaseManagement, AppCaseManagementGetPageInput, AppCaseManagementListDto>(input, express);
+
+        //    var caseIds = rtn.Data.Select(w => w.Id).ToList();
+
+        //    var caseSupervisor = await _appCaseSupervisorRepository.AsQueryable(false, true)
+        //        .Where(w => caseIds.Contains(w.CaseId))
+        //        .ToListAsync();
+
+        //    foreach (var listDto in rtn.Data)
+        //    {
+        //        listDto.Supervisor = caseSupervisor.Where(w => w.CaseId == listDto.Id).Select(w => w.SupervisorName).JoinAsString(",");
+        //    }
+
+        //    return ResultOutput.Ok(rtn);
+        //}
+
        /// <summary>
        /// 案件统计
        /// </summary>
@ -500,7 +522,8 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
                {
                    CaseId = caseId.Value,
                    SupervisorId = csp.SupervisedId,
-                    SupervisorName = csp.SupervisedName
+                    SupervisorName = csp.SupervisedName,
+                    UnitId = GetUnitIdByUserId(csp.SupervisedId)
                });
                var dels = new List<long>();
                var list = await _appCaseSupervisorRepository.AsQueryable(false, true).Where(w => w.CaseId == caseId).ToListAsync();
@ -795,7 +818,8 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
                    {
                        CaseId = caseId.Value,
                        SupervisorId = csp.SupervisedId,
-                        SupervisorName = csp.SupervisedName
+                        SupervisorName = csp.SupervisedName,
+                        UnitId = GetUnitIdByUserId(csp.SupervisedId)
                    });

                    var Supervisordata = await _appCaseSupervisorRepository.FindAsync(q => q.CaseId == caseId && sList.Select(q => q.SupervisorId).Contains(q.SupervisorId));
@ -866,12 +890,20 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
        /// <returns></returns>
        public async Task<IResultOutput> CaseStatisticsHandlingTime(CaseStatisticsHandlingTimePageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            var query = _appCaseManagementRepository
                .AsQueryable(false, true)
                .Where(w => w.CaseProgress == CaseProgressEnum.Closed)
                .WhereIf(input.KeyWord.NotNull(), a => a.Name.Contains(input.KeyWord))
                .WhereIf(input.TimeSearch.BeginTime.Length == 2, w => w.CaseBeginTime > input.TimeSearch.BeginTime[0] && w.CaseBeginTime < input.TimeSearch.BeginTime[1].AddDays(1))
-                .WhereIf(input.TimeSearch.EndTime.Length == 2, w => w.CaseClosedTime > input.TimeSearch.EndTime[0] && w.CaseClosedTime <= input.TimeSearch.EndTime[1].AddDays(1));
+                .WhereIf(input.TimeSearch.EndTime.Length == 2, w => w.CaseClosedTime > input.TimeSearch.EndTime[0] && w.CaseClosedTime <= input.TimeSearch.EndTime[1].AddDays(1))
+                .Where(w => caseIdList.Contains(w.Id));

            var pageData = await
                query.ProjectTo<CaseStatisticsHandlingTimeListDto>(Mapper.ConfigurationProvider)
@ -907,11 +939,18 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
        /// <returns></returns>
        public async Task<IResultOutput> CaseTypeStatistics(CaseTypeStatisticsGetPageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            var data = await _appCaseManagementRepository.AsQueryable(false, true)
                .WhereIf(input.KeyWord.NotNull(), a => a.Name.Contains(input.KeyWord))
                .WhereIf(input.TimeSearch.BeginTime.Length == 2, w => w.CreatedTime > input.TimeSearch.BeginTime[0] && w.CreatedTime < input.TimeSearch.BeginTime[1].AddDays(1))
                .WhereIf(input.TimeSearch.EndTime.Length == 2, w => w.CaseClosedTime > input.TimeSearch.EndTime[0] && w.CaseClosedTime < input.TimeSearch.EndTime[1].AddDays(1))
-                .WhereIf(input.ajtype.NotNull(), w => w.CaseTypeId == input.ajtype.ToLong())
+                .WhereIf(input.ajtype.NotNull(), w => w.CaseTypeId == input.ajtype.ToLong()).Where(w => caseIds.Contains(w.Id))
                .ToListAsync();

            var dataGroup = data.GroupBy(w => w.CaseTypeId);
@ -956,6 +995,12 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
        /// <returns></returns>
        public async Task<IResultOutput> CaseHandlingFrequencyStatistics(CaseHandlingFrequencyStatisticsGetPageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
            //query
            var query = await (await base.GetCurrentUserCaseListAsync())
                //.Where(w => w.AppCaseSupervisedPerson != null && w.AppCaseManagement.CaseProgress != CaseProgressEnum.Closed)
@ -969,7 +1014,7 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
                    SupervisedPersonName = w.AppCaseSupervisedPerson.SupervisedPersonName
                }).ToListAsync();

-            var dataGroup = query.GroupBy(w => new
+            var dataGroup = query.Where(w => caseIds.Contains(w.CaseId)).GroupBy(w => new
            {
                w.CaseId,
                w.SupervisedPersonId,
@ -1374,10 +1419,18 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
        [HttpPost]
        public async Task<IResultOutput<PagedList<GetSupervisedPersonApprovalStatusOutput>>> GetSupervisedPersonApprovalStatus(GetSupervisedPersonApprovalStatusPageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            var queryable = (await GetCurrentUserCaseListAsync())
                .WhereIf(input.SupervisedPersonId > 0, w => w.AppCaseSupervisedPerson.SupervisedPersonId == input.SupervisedPersonId)
                .WhereIf(input.ApprovalStatus.HasValue, w => w.AppCaseSupervisedPerson.ApprovalStatus == input.ApprovalStatus)
-                .WhereIf(input.name.NotNull(), w => w.AppCaseSupervisedPerson.SupervisedPersonName.Contains(input.name));
+                .WhereIf(input.name.NotNull(), w => w.AppCaseSupervisedPerson.SupervisedPersonName.Contains(input.name))
+                .Where(w => w.AppCaseManagement != null && w.AppCaseSupervisedPerson != null && w.AppCaseSupervisor != null && caseIds.Contains(w.AppCaseSupervisedPerson.CaseId) && caseIds.Contains(w.AppCaseManagement.Id) && caseIds.Contains(w.AppCaseSupervisor.CaseId));

            var caseSpQueryable = await queryable.Where(q => q.AppCaseSupervisedPerson != null).Select(w => Mapper.Map<AppCaseSupervisedPerson, GetSupervisedPersonApprovalStatusOutput>(w.AppCaseSupervisedPerson)).ToListAsync();
            if ((await base.IsAdmin()).IsAdmin) caseSpQueryable = caseSpQueryable.Distinct((x, y) => x.CaseId == y.CaseId && x.SupervisedPersonId == y.SupervisedPersonId).ToList();
@ -1429,6 +1482,7 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
            var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();

            query = query
+                .WhereIf(pageInput.CaseIds.IsNotNullOrEmpty(), w => pageInput.CaseIds.Contains(w.Id))
                .WhereIf(pageInput.CaseName.NotNull(), a => a.Name.Contains(pageInput.CaseName))
                .WhereIf(pageInput.CaseTypeId != null, a => a.CaseTypeId == pageInput.CaseTypeId)
                .WhereIf(pageInput.JudgmentStatusIds.IsNotNullOrEmpty(), w => pageInput.JudgmentStatusIds.Contains(w.JudgmentStatusId))
@ -1514,10 +1568,19 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
        [HttpPost]
        public async Task<IResultOutput> GetSupervisedPersonAsync(GetSupervisedPersonPage input)
        {
-            var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
+            //var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
            var caselist = await (await base.GetCurrentUserCaseListAsync()).Select(w => new { w.AppCaseManagement.Id, w.AppCaseManagement.Name }).ToListAsync();
-            //查询待执行，执行种案件涉嫌人员
-            var appSupervisedlist = from a in base._appCaseManagementRepository.AsQueryable(false, true).Where(q => q.CaseProgress != CaseProgressEnum.Closed)
+            //查询待执行，执行种案件涉嫌人员 去除状态筛选，与导出接口一致
+            //var appSupervisedlist = from a in base._appCaseManagementRepository.AsQueryable(false, true).Where(q => q.CaseProgress != CaseProgressEnum.Closed)
+            //                        join b in _appSupervisedPersonRepository.AsQueryable(false, true) on a.Id equals b.CaseId
+            //                        select b;
+            var appSupervisedlist = from a in base._appCaseManagementRepository.AsQueryable(false, true)
                                    join b in _appSupervisedPersonRepository.AsQueryable(false, true) on a.Id equals b.CaseId
                                    select b;
            var data = await appSupervisedlist
@ -1799,14 +1862,22 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
        /// <returns></returns>
        public async Task<IActionResult> Getexport(AppCaseManagementGetPageInput input)
        {
+            input.PageIndex = 1;
+            input.PageSize = 999999;
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            input.CaseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            var express = await GetExpression(input, _appCaseManagementRepository.AsQueryable(false, true));

            var rtn = await base.GetPageAsync<AppCaseManagement, AppCaseManagementGetPageInput, AppCaseManagementListexportDto>(input, express);

-            var caseIds = rtn.Data.Select(w => w.Id).ToList();
+            //var caseIds = rtn.Data.Select(w => w.Id).ToList();

            var caseSupervisor = await _appCaseSupervisorRepository.AsQueryable(false, true)
-                .Where(w => caseIds.Contains(w.CaseId))
+                .Where(w => input.CaseIds.Contains(w.CaseId))
                .ToListAsync();

            foreach (var listDto in rtn.Data)
@ -1830,7 +1901,15 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
        /// <returns></returns>
        public async Task<IActionResult> Getuserexport(GetSupervisedPersonPage input)
        {
-            var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
+            input.PageIndex = 1;
+            input.PageSize = 999999;
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
+            //var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
            var caselist = await (await base.GetCurrentUserCaseListAsync()).Select(w => new { w.AppCaseManagement.Id, w.AppCaseManagement.Name }).ToListAsync();
            var data = await _appSupervisedPersonRepository.AsQueryable(false, true)
                .Where(q => caseIds.Contains(q.CaseId))
@ -1842,8 +1921,8 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements

            foreach (var listDto in data.Data)
            {
-                var judgmentlist = await base.GetDictionariesOutput1("judgment", "");
-                var type_caselist = await base.GetDictionariesOutput1("type_case", "");
+                //var judgmentlist = await base.GetDictionariesOutput1("judgment", "");
+                //var type_caselist = await base.GetDictionariesOutput1("type_case", "");
                listDto.Casename = caselist.Where(q => q.Id == listDto.CaseId).Select(q => q.Name).JoinAsString(",");
                //listDto.CaseTypename = type_caselist.Where(w => w.Id == listDto.CaseTypeId).Select(w => w.Name).JoinAsString(",");
                //listDto.JudgmentStatusname = judgmentlist.Where(w => w.Id == listDto.JudgmentStatusId).Select(w => w.Name).JoinAsString(",");
@ -1856,6 +1935,12 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
        }

        #endregion
+
+        private long GetUnitIdByUserId(long id)
+        {
+            var user = _appuserRepository.AsQueryable().Where(w => w.Id == id).FirstOrDefault();
+            return user?.UnitId ?? 0;
+        }
    }
    public class Controller : ControllerBase
    {
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/CaseManagements/AppSupervisedPersonService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/CaseManagements/AppSupervisedPersonService.cs
@ -121,15 +121,17 @@ namespace ATS.NonCustodial.Application.Impl.Business.CaseManagements
            }

            //修改状态
+            var propertyNameAndValues = new Dictionary<long, List<(string propertyName, dynamic propertyValue)>>();
            foreach (var (key, value) in caseProgress)
            {
-                await _appCaseManagementEfRepository.UpdateAsync(w => w.Id == key,
-                    w => new AppCaseManagement()
-                    {
-                        CaseProgress = value,
-                        CaseBeginTime = value == CaseProgressEnum.InExecution ? DateTime.Now : null
-                    });
+                propertyNameAndValues[key] = new List<(string propertyName, dynamic propertyValue)>()
+                {
+                    (nameof(AppCaseManagement.CaseProgress), value),
+                    (nameof(AppCaseManagement.CaseBeginTime), value == CaseProgressEnum.InExecution ? DateTime.Now : (DateTime?)null)
+                };
            }
+            
+            await _appCaseManagementEfRepository.UpdateAsync(propertyNameAndValues);

            return ResultOutput.Ok();
        }
--- a/src/2.services/ATS.NonCustodial.Application/Impl/Business/MaterialManager/AppFileAccessRecordsService.cs
+++ b/src/2.services/ATS.NonCustodial.Application/Impl/Business/MaterialManager/AppFileAccessRecordsService.cs
@ -155,9 +155,16 @@ namespace ATS.NonCustodial.Application.Impl.Business.MaterialManager
        [HttpPost]
        public async Task<IResultOutput<PagedList<GetLearningSituationForCountOutput>>> GetSituationForCount(FileAccessRecordsGetPageInput input)
        {
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIdList = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
            //获取案件及案件被监管人
-            var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
-            var SupervisedPersonIds = await base._appSupervisedPersonRepository.AsQueryable(false, true).Where(q => caseIds.Contains(q.CaseId)).Select(q=>q.SupervisedPersonId).ToListAsync();
+           // var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
+            var SupervisedPersonIds = await base._appSupervisedPersonRepository.AsQueryable(false, true).Where(q => caseIdList.Contains(q.CaseId)).Select(q=>q.SupervisedPersonId).ToListAsync();
            //获取监管人查阅次数
            var queryable = await GetExpression(input, _appFileAccessRecordsRepository.AsQueryable(false, true).Where(q=> SupervisedPersonIds.Contains(q.SupervisedPersonId)))
                .ToListAsync();
@ -195,8 +202,14 @@ namespace ATS.NonCustodial.Application.Impl.Business.MaterialManager
        [HttpPost]
        public async Task<IResultOutput> GetSituationCount(FileAccessRecordsGetPageInput input)
        {
-            //获取案件及案件被监管人
-            var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
+            //获取当前用户权限下的案件ids
+            var limits = User.limits;
+            var selectLimits = await _appCaseSupervisorRepository.AsQueryable(false, true)
+                .Where(w => limits.Contains(w.UnitId.ToString()))
+                .ToListAsync();
+            var caseIds = selectLimits.Select(w => w.CaseId).Distinct().ToList();
+
+            //var caseIds = await (await base.GetCurrentUserCaseListAsync()).Select(w => w.AppCaseManagement.Id).ToListAsync();
            var SupervisedPersonIds = await base._appSupervisedPersonRepository.AsQueryable(false, true).Where(q => caseIds.Contains(q.CaseId)).Select(q => q.SupervisedPersonId).ToListAsync();
            //获取监管人查阅次数
            var queryable = await GetExpression(input, _appFileAccessRecordsRepository.AsQueryable(false, true).Where(q => SupervisedPersonIds.Contains(q.SupervisedPersonId)))
--- a/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Admins/Auth/IAuthService.cs
+++ b/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Admins/Auth/IAuthService.cs
@ -79,5 +79,12 @@ namespace ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth
        /// <param name="user">用户信息</param>
        /// <returns></returns>
        Task<string> GetToken(AuthLoginOutput? user);
+
+        /// <summary>
+        /// 根据身份证号获取电话号码
+        /// </summary>
+        /// <param name="phone"></param>
+        /// <returns></returns>
+        Task<IResultOutput> GetPhoneByIDCard(string idCard);
    }
 }
--- a/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Admins/Auth/Output/AuthLoginOutput.cs
+++ b/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Admins/Auth/Output/AuthLoginOutput.cs
@ -1,4 +1,6 @@
-using ATS.NonCustodial.Shared.Common.Enums;
+using ATS.NonCustodial.Domain.Shared.Constants;
+using ATS.NonCustodial.Shared.Common.Enums;
+using System.ComponentModel.DataAnnotations;

 namespace ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth.Output
 {
@ -73,5 +75,15 @@ namespace ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth.Output
        /// 手机登录获取到得手机唯一标识，（用于个推）
        /// </summary>
        public string? CId { get; set; }
+
+        /// <summary>
+        /// 查询界限
+        /// </summary>
+        public string? limits { get; set; }
+
+        /// <summary>
+        /// 是否是Admin
+        /// </summary>
+        public bool IsAdmin { get; set; }
    }
 }
--- a/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Admins/SMS/ISMSService.cs
+++ b/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Admins/SMS/ISMSService.cs
@ -0,0 +1,36 @@
+using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth.Input;
+using ATS.NonCustodial.Application.Contracts.Interfaces.Admins.Auth.Output;
+using ATS.NonCustodial.Domain.Shared.Enums;
+using ATS.NonCustodial.Shared.Captcha.Dto;
+using ATS.NonCustodial.Shared.Common.Dtos;
+using ATS.NonCustodial.Shared.Common.UnifiedResults;
+
+namespace ATS.NonCustodial.Application.Contracts.Interfaces.Admins.SMS
+{
+    public interface ISMSService
+    {
+        /// <summary>
+        /// 发送验证码
+        /// </summary>
+        /// <param name="phone"></param>
+        /// <returns></returns>
+        Task<IResultOutput> SendCheckCodeSMS(string phone, string ipAddress = "", string type = "CheckCode");
+
+        /// <summary>
+        /// 校验验证码
+        /// </summary>
+        /// <param name="phoneNumber"></param>
+        /// <param name="code"></param>
+        /// <param name="type"></param>
+        /// <returns></returns>
+        Task<bool> CheckCodeAsync(string phoneNumber, string code, string type = "default");
+
+
+        /// <summary>
+        /// 发送前校验
+        /// </summary>
+        /// <param name="phone"></param>
+        /// <returns></returns>
+        Task<bool> CanSendCodeAsync(string phone);
+    }
+}
--- a/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Business/AppCaseManagements/AppCaseManagement/Input/AppCaseManagementGetPageInput.cs
+++ b/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Business/AppCaseManagements/AppCaseManagement/Input/AppCaseManagementGetPageInput.cs
@ -29,5 +29,7 @@ namespace ATS.NonCustodial.Application.Contracts.Interfaces.Business.AppCaseMana
        /// 案件类型（数据来自字典）
        /// </summary>
        public long? CaseTypeId { get; set; }
+
+        public List<long>? CaseIds { get; set; }
    }
 }
--- a/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Business/AppCaseManagements/AppCaseManagement/Output/AppCaseManagementListDto.cs
+++ b/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Business/AppCaseManagements/AppCaseManagement/Output/AppCaseManagementListDto.cs
@ -62,7 +62,7 @@ namespace ATS.NonCustodial.Application.Contracts.Interfaces.Business.AppCaseMana
        /// <summary>
        /// 案子开始时间
        /// </summary>
-        public DateTime CaseBeginTime { get; set; }
+        public DateTime? CaseBeginTime { get; set; }

        /// <summary>
        /// 案子结束时间
--- a/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Business/Apps/Input/SubmitBindingApplicationInput.cs
+++ b/src/3.contracts/ATS.NonCustodial.Application.Contracts/Interfaces/Business/Apps/Input/SubmitBindingApplicationInput.cs
@ -26,5 +26,9 @@
        /// 自动获取CID（手机唯一id）
        /// </summary>
        public string? CId { get; set; }
+
+        public string? phone { get; set; }
+
+        public string? checkCode { get; set; }
    }
 }
--- a/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_api.json
+++ b/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_api.json
--- a/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_dictionary.json
+++ b/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_dictionary.json
--- a/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_user.json
+++ b/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_user.json
--- a/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_user_role.json
+++ b/src/4.apps/ATS.NonCustodial.Admin.Api/Seeds/initData/app_user_role.json
--- a/src/5.shared/ATS.NonCustodial.Admin.Jobs/Jobs/PunchRecordJob.cs
+++ b/src/5.shared/ATS.NonCustodial.Admin.Jobs/Jobs/PunchRecordJob.cs
@ -45,7 +45,7 @@ namespace ATS.NonCustodial.Admin.QuartzJobs.Jobs
        {
            ConsoleHelper.WriteWarningLine("job start……");

-            await _appPunchRecordService.CheckPunchRecordForJob();
+            //await _appPunchRecordService.CheckPunchRecordForJob();

            ConsoleHelper.WriteWarningLine("job end……");
        }
--- a/src/5.shared/ATS.NonCustodial.Shared/Common/Auth/ClaimAttributes.cs
+++ b/src/5.shared/ATS.NonCustodial.Shared/Common/Auth/ClaimAttributes.cs
@ -1,4 +1,6 @@
-namespace ATS.NonCustodial.Shared.Common.Auth
+using System.ComponentModel.DataAnnotations;
+
+namespace ATS.NonCustodial.Shared.Common.Auth
 {
    /// <summary>
    /// Claim属性
@ -83,5 +85,16 @@
        /// 职位类型转换为枚举
        /// </summary>
        public const string personType = "persontype";
+
+
+        /// <summary>
+        /// 查询界限
+        /// </summary>
+        public const string limits = "limits";
+
+        /// <summary>
+        /// 是否是Admin
+        /// </summary>
+        public const string IsAdmin = "false";
    }
 }
--- a/src/5.shared/ATS.NonCustodial.Shared/Common/Auth/IUser.cs
+++ b/src/5.shared/ATS.NonCustodial.Shared/Common/Auth/IUser.cs
@ -1,4 +1,5 @@
 using ATS.NonCustodial.Shared.Common.Enums;
+using System.ComponentModel.DataAnnotations;
 using System.Security.Claims;

 namespace ATS.NonCustodial.Shared.Common.Auth
@ -50,6 +51,17 @@ namespace ATS.NonCustodial.Shared.Common.Auth
        /// </summary>
        string NickName { get; }

+
+        /// <summary>
+        /// 查询界限
+        /// </summary>
+        string limits { get; }
+
+        /// <summary>
+        /// 是否管理员
+        /// </summary>
+        bool IsAdmin { get; }
+
        /// <summary>
        /// 租户Id
        /// </summary>
--- a/src/5.shared/ATS.NonCustodial.Shared/Common/Auth/User.cs
+++ b/src/5.shared/ATS.NonCustodial.Shared/Common/Auth/User.cs
@ -158,6 +158,42 @@ namespace ATS.NonCustodial.Shared.Common.Auth
            }
        }

+        /// <summary>
+        /// 昵称
+        /// </summary>
+        public string limits
+        {
+            get
+            {
+                var name = _accessor?.HttpContext?.User?.FindFirst(ClaimAttributes.limits);
+
+                if (name != null && name.Value.NotNull())
+                {
+                    return name.Value;
+                }
+
+                return "";
+            }
+        }
+
+        /// <summary>
+        /// 是否管理员
+        /// </summary>
+        public bool IsAdmin
+        {
+            get
+            {
+                var name = _accessor?.HttpContext?.User?.FindFirst(ClaimAttributes.IsAdmin);
+
+                if (name != null && name.Value.NotNull())
+                {
+                    return name.Value=="true";
+                }
+
+                return false;
+            }
+        }
+
        /// <summary>
        /// 租户Id
        /// </summary>
--- a/src/5.shared/ATS.NonCustodial.Shared/Extensions/Collection/PaginationExtensions.cs
+++ b/src/5.shared/ATS.NonCustodial.Shared/Extensions/Collection/PaginationExtensions.cs
@ -40,7 +40,7 @@ namespace ATS.NonCustodial.Shared.Extensions.Collection
        /// <returns></returns>
        public static async Task<PagedList<TEntity>> PagedAsync<TEntity>(this IQueryable<TEntity> queryable, PageRequestBaseInput pageDto) where TEntity : class
        {
-            if (pageDto.PageSize > 25) pageDto.PageSize = 25;
+            if (pageDto.PageSize > 500) pageDto.PageSize = 500;

            var pagedQuery = GetPagedQuery(queryable, pageDto.PageIndex, pageDto.PageSize);
            var totalCount = await queryable.CountAsync().ConfigureAwait(false);
@ -62,7 +62,7 @@ namespace ATS.NonCustodial.Shared.Extensions.Collection
            where TEntity : class
            where TPageInput : BasePageInput
        {
-            if (pageDto.PageSize > 25) pageDto.PageSize = 25;
+            if (pageDto.PageSize > 500) pageDto.PageSize = 500;

            var pagedQuery = GetPagedQuery(queryable, pageDto.PageIndex, pageDto.PageSize);
            var totalCount = await queryable.CountAsync().ConfigureAwait(false);
Author	SHA1	Message	Date
wangping	8c38a8e2e5	GetToken新增字段兼容APP	3 months ago
wangping	cb5071bffb	APP认证报错	3 months ago
wangping	474d481b5e	Merge branch 'dev_wp' into develop	3 months ago
wangping	24ea9e097e	登录接口兼容APP	3 months ago
zhaozhenjing	0d3c190ad7	[MODIFY]查询bug，前台查询条件不生效	3 months ago
zhaozhenjing	55d0c24d99	Merge branch 'develop' into dev-zzj	3 months ago
wangping	bbac947787	腾讯云短信接入，验证码接口调整	3 months ago
zhaozhenjing	157056efb8	[MODIFY]接口增加条件，已完结的案子不显示	3 months ago
zhaozhenjing	82264d99fc	Merge branch 'develop' into dev-zzj	3 months ago
zhaozhenjing	a86a5aa087	[MODIFY] 越界预警增加权限校验	3 months ago
wangping	f7764bf88a	添加案件时，写入监管人单位	3 months ago
zhaozhenjing	639a6fb3a4	[MODIFY] 越界审批增加权限校验	3 months ago
zhaozhenjing	1560949db5	[MODIFY] 消息推送功能增加权限校验	3 months ago
zhaozhenjing	5b924548c0	[MODIFY] APP打卡增加数据校验	3 months ago
zhaozhenjing	109a0ceeac	Merge branch 'develop' into dev-zzj	3 months ago
zhaozhenjing	1b878776b8	[MODIFY] 增加权限校验	3 months ago
wangping	136ff1f656	短信相关接口与模型	3 months ago
zhaozhenjing	94f5feaac8	[MODIFY] 学习记录增加查询限制	3 months ago
zhaozhenjing	241450ddf1	[MODIFY] 定位分布功能增加权限控制	3 months ago
zhaozhenjing	46a26db1f8	[MODIFY] APP认证增加权限校验	3 months ago
zhaozhenjing	64c5ca915e	[MODIFY] 打卡记录统计功能增加条件限制	3 months ago
zhaozhenjing	496946447e	[MODIFY]违规统计功能增加权限验证	3 months ago
zhaozhenjing	8b48feaba4	[MODIFY]办案时长统计增加权限限制	3 months ago
zhaozhenjing	9fa91adcfc	Merge branch 'develop' into dev-zzj	3 months ago
zhaozhenjing	70e44379a2	[MODIFY]案件类型统计功能优化查询	3 months ago
wangping	f5472e4fea	案件导出	3 months ago
wangping	848fd84f84	部分BUG处理,登录信息是否管理员，涉案人员，涉案人员导出	3 months ago
wangping	c80799db6d	合并	3 months ago
zhaozhenjing	e67dd34993	[MODIFY]越界预警统计、越界申请统计、在线学习分析功能的权限增加	3 months ago
wangping	ceb68d34e8	涉案人员查询，涉案人员导出查询，涉案人员导出	3 months ago
zhaozhenjing	b8808ffee1	Merge branch 'develop' into dev-zzj	3 months ago
zhaozhenjing	ec3758b0bf	合并	3 months ago
zhaozhenjing	33214a4252	[]忽略配置文件	3 months ago
zhaozhenjing	a392df1ccb	[MODIFY]单位管理功能新增时增加limit字段的填充，删除单位时，修改父级单位的limit	3 months ago
wangping	30b6a27ec5	Merge branch 'develop' into dev_wp	3 months ago
wangping	3b4e13dbd2	limits从unit表获取	3 months ago
zhaozhenjing	c2d3a2f012	[MODIFY]单位管理功能 1、删除增加限制，该单位和子单位下有用户时，无法删除单位 2、增加限制，编辑界面无法修改父级单位 3、修改bug，删除单位时，删除所有子级单位	3 months ago
wangping	819d13915c	用户登录信息新增查询界限limits,案件管理查询新增查询界限条件	3 months ago