1.所有接口需要根据agent_id绑定渠道

2.移除所有记录页面的更新按钮，只能查看数据
3.将所有软删除修改为硬删除

server/app/api/middleware/AuthTokenMiddleware.php

@@ -5,6 +5,7 @@ namespace app\api\middleware;
 
 use app\api\cache\AuthTokenCache;
 use app\api\util\ReturnCode;
+use plugin\saiadmin\app\model\system\SystemUser;
 use plugin\saiadmin\exception\ApiException;
 use Tinywan\Jwt\JwtToken;
 use Tinywan\Jwt\Exception\JwtTokenException;
@@ -53,7 +54,17 @@ class AuthTokenMiddleware implements MiddlewareInterface
             throw new ApiException('auth-token invalid or expired', ReturnCode::TOKEN_INVALID);
         }
 
+        $agent = SystemUser::where('agent_id', $agentId)->find();
+        if (!$agent || (int) ($agent->status ?? 0) !== 1) {
+            throw new ApiException('Invalid agent_id', ReturnCode::FORBIDDEN);
+        }
+        if (empty($agent->dept_id) || (int) $agent->dept_id <= 0) {
+            throw new ApiException('Agent channel is not configured', ReturnCode::FORBIDDEN);
+        }
+
         $request->agent_id = $agentId;
+        $request->agent_admin_id = (int) $agent->id;
+        $request->agent_dept_id = (int) $agent->dept_id;
         return $handler($request);
     }
 }