dev 权限部分

@@ -3,7 +3,9 @@
 /logs/
 /logs/
 /out/
 /out/
 .mvn
 .mvn
-
+/lib/
+/xmlFromImf/
+/errorLogs/
 ### STS ###
 ### STS ###
 .apt_generated
 .apt_generated
 .classpath
 .classpath

@@ -74,6 +74,13 @@
 			</exclusions>
 			</exclusions>
 		</dependency>
 		</dependency>
 		<!--spring boot-->
 		<!--spring boot-->
+		<!-- tools-->
+		<dependency>
+			<groupId>commons-codec</groupId>
+			<artifactId>commons-codec</artifactId>
+			<version>1.11</version>
+		</dependency>
+		<!-- tools-->
 		<!-- alibaba的druid数据库连接池 -->
 		<!-- alibaba的druid数据库连接池 -->
 		<dependency>
 		<dependency>
 			<groupId>com.alibaba</groupId>
 			<groupId>com.alibaba</groupId>

+package com.tianbo.warehouse.dao;
+
+import com.tianbo.warehouse.model.PERMISSION;
+import java.math.BigDecimal;
+import java.util.List;
+
+public interface PERMISSIONMapper {
+    int deleteByPrimaryKey(BigDecimal permissionId);
+
+    int insert(PERMISSION record);
+
+    int insertSelective(PERMISSION record);
+
+    List<PERMISSION> selectByPrimaryKey(BigDecimal permissionId);
+
+    int updateByPrimaryKeySelective(PERMISSION record);
+
+    int updateByPrimaryKey(PERMISSION record);
+
+    List<PERMISSION> findAll();
+
+    List<PERMISSION> findByUserId(BigDecimal userId);
+}

+package com.tianbo.warehouse.dao;
+
+import com.tianbo.warehouse.model.ROLE;
+import java.math.BigDecimal;
+import java.util.List;
+
+public interface ROLEMapper {
+    int deleteByPrimaryKey(BigDecimal roleId);
+
+    int insert(ROLE record);
+
+    int insertSelective(ROLE record);
+
+    ROLE selectByPrimaryKey(BigDecimal roleId);
+
+    int updateByPrimaryKeySelective(ROLE record);
+
+    int updateByPrimaryKey(ROLE record);
+
+    List<ROLE> findRolesByUserId(BigDecimal userId);
+}

+package com.tianbo.warehouse.dao;
+
+import com.tianbo.warehouse.model.ROLE;
+import com.tianbo.warehouse.model.USERS;
+import java.math.BigDecimal;
+import java.util.List;
+
+public interface USERSMapper {
+    int deleteByPrimaryKey(BigDecimal userId);
+
+    int insert(USERS record);
+
+    int insertSelective(USERS record);
+
+    USERS selectByPrimaryKey(BigDecimal userId);
+
+    List<USERS> selectByUsername(String userName);
+
+    int updateByPrimaryKeySelective(USERS record);
+
+    int updateByPrimaryKey(USERS record);
+
+}

+package com.tianbo.warehouse.model;
+
+import java.math.BigDecimal;
+
+public class PERMISSION {
+    private BigDecimal permissionId;
+
+    private String permissionName;
+
+    private String permissionSign;
+
+    private String description;
+
+    private String groupName;
+
+    public BigDecimal getPermissionId() {
+        return permissionId;
+    }
+
+    public void setPermissionId(BigDecimal permissionId) {
+        this.permissionId = permissionId;
+    }
+
+    public String getPermissionName() {
+        return permissionName;
+    }
+
+    public void setPermissionName(String permissionName) {
+        this.permissionName = permissionName == null ? null : permissionName.trim();
+    }
+
+    public String getPermissionSign() {
+        return permissionSign;
+    }
+
+    public void setPermissionSign(String permissionSign) {
+        this.permissionSign = permissionSign == null ? null : permissionSign.trim();
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description == null ? null : description.trim();
+    }
+
+    public String getGroupName() {
+        return groupName;
+    }
+
+    public void setGroupName(String groupName) {
+        this.groupName = groupName == null ? null : groupName.trim();
+    }
+}

+package com.tianbo.warehouse.model;
+
+import org.springframework.security.core.GrantedAuthority;
+
+import java.math.BigDecimal;
+
+public class ROLE implements GrantedAuthority{
+
+    private static final long serialVersionUID = -3957539165716897200L;
+
+    private BigDecimal roleId;
+
+    private String roleName;
+
+    private String roleSign;
+
+    private String description;
+
+    public BigDecimal getRoleId() {
+        return roleId;
+    }
+
+    public void setRoleId(BigDecimal roleId) {
+        this.roleId = roleId;
+    }
+
+    public String getRoleName() {
+        return roleName;
+    }
+
+    public void setRoleName(String roleName) {
+        this.roleName = roleName == null ? null : roleName.trim();
+    }
+
+    public String getRoleSign() {
+        return roleSign;
+    }
+
+    public void setRoleSign(String roleSign) {
+        this.roleSign = roleSign == null ? null : roleSign.trim();
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description == null ? null : description.trim();
+    }
+
+    @Override
+    public String getAuthority(){
+        return this.getRoleName();
+    }
+}

+package com.tianbo.warehouse.model;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.io.Serializable;
+import java.math.BigDecimal;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Date;
+import java.util.List;
+
+public class USERS  implements UserDetails{
+
+    private static final long serialVersionUID = 1L;
+
+    private BigDecimal userId;
+
+    private String username;
+
+    private String password;
+
+    private Short state;
+
+    private Date creattime;
+
+    private String sex;
+
+    private String address;
+
+    private Date birthday;
+
+    private String mobilephone;
+
+    private Date updatetime;
+
+    private List<ROLE> roles;
+
+    public BigDecimal getUserId() {
+        return userId;
+    }
+
+    public void setUserId(BigDecimal userId) {
+        this.userId = userId;
+    }
+
+    @Override
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username == null ? null : username.trim();
+    }
+
+    @Override
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password == null ? null : password.trim();
+    }
+
+    public Short getState() {
+        return state;
+    }
+
+    public void setState(Short state) {
+        this.state = state;
+    }
+
+    public Date getCreattime() {
+        return creattime;
+    }
+
+    public void setCreattime(Date creattime) {
+        this.creattime = creattime;
+    }
+
+    public String getSex() {
+        return sex;
+    }
+
+    public void setSex(String sex) {
+        this.sex = sex == null ? null : sex.trim();
+    }
+
+    public String getAddress() {
+        return address;
+    }
+
+    public void setAddress(String address) {
+        this.address = address == null ? null : address.trim();
+    }
+
+    public Date getBirthday() {
+        return birthday;
+    }
+
+    public void setBirthday(Date birthday) {
+        this.birthday = birthday;
+    }
+
+    public String getMobilephone() {
+        return mobilephone;
+    }
+
+    public void setMobilephone(String mobilephone) {
+        this.mobilephone = mobilephone == null ? null : mobilephone.trim();
+    }
+
+    public Date getUpdatetime() {
+        return updatetime;
+    }
+
+    public void setUpdatetime(Date updatetime) {
+        this.updatetime = updatetime;
+    }
+
+    public List<ROLE> getRoles() {
+        return roles;
+    }
+
+    public void setRoles(List<ROLE> roles) {
+        this.roles = roles;
+    }
+
+    @Override
+    public boolean isAccountNonExpired(){
+        return true;
+    }
+
+    @Override
+    public boolean isAccountNonLocked(){
+        return true;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired(){
+        return true;
+    }
+
+    @Override
+    public boolean isEnabled(){
+        return true;
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities(){
+        List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
+        List<ROLE> roles = this.getRoles();
+        for (ROLE role : roles) {
+            auths.add(new SimpleGrantedAuthority(role.getAuthority()));
+        }
+        return auths;
+    }
+}

+package com.tianbo.warehouse.security;
+
+import com.tianbo.warehouse.dao.PERMISSIONMapper;
+import com.tianbo.warehouse.dao.USERSMapper;
+import com.tianbo.warehouse.model.PERMISSION;
+import com.tianbo.warehouse.model.USERS;
+import com.tianbo.warehouse.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Service("customuserservice")
+public class CustomUserDetailService implements UserDetailsService {
+
+    @Autowired
+    UserService userService;
+    @Autowired
+    PERMISSIONMapper permissionMapper;
+
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+
+        try {
+            USERS user = userService.loadByUsername(username);
+
+            //这里是根据用户ID取的权限表，还可以根据用户ID 去角色表
+            List<PERMISSION> permissions = permissionMapper.findByUserId(user.getUserId());
+            List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
+            for (PERMISSION permission : permissions) {
+                if (permission != null && permission.getPermissionName() != null) {
+
+                    GrantedAuthority grantedAuthority = new SimpleGrantedAuthority(permission.getPermissionName());
+                    //1：此处将权限信息添加到 GrantedAuthority 对象中，在后面进行全权限验证时会使用GrantedAuthority 对象。
+                    grantedAuthorities.add(grantedAuthority);
+                }
+            }
+            return user;
+        } catch (UsernameNotFoundException e) {
+
+            e.printStackTrace();
+        }
+        return null;
+    }
+}

+package com.tianbo.warehouse.security;
+
+import org.springframework.security.access.AccessDecisionManager;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.authentication.InsufficientAuthenticationException;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.stereotype.Service;
+
+import java.util.Collection;
+import java.util.Iterator;
+
+@Service
+public class MyAccessDecisionManager implements AccessDecisionManager{
+
+    // decide 方法是判定是否拥有权限的决策方法，
+    //authentication 是释CustomUserService中循环添加到 GrantedAuthority 对象中的权限信息集合.
+    //object 包含客户端发起的请求的requset信息，可转换为 HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
+    //configAttributes 为MyInvocationSecurityMetadataSource的getAttributes(Object object)这个方法返回的结果，此方法是为了判定用户请求的url 是否在权限表中，如果在权限表中，则返回给 decide 方法，用来判定用户是否有此权限。如果不在权限表中则放行。
+
+    @Override
+    public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException{
+
+        if(null== configAttributes || configAttributes.size() <=0) {
+            return;
+        }
+        ConfigAttribute c;
+        String needRole;
+        for(Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext(); ) {
+            c = iter.next();
+            needRole = c.getAttribute();
+            //authentication 为在注释1 中循环添加到 GrantedAuthority 对象中的权限信息集合
+            for(GrantedAuthority ga : authentication.getAuthorities()) {
+                if(needRole.trim().equals(ga.getAuthority())) {
+                    return;
+                }
+            }
+        }
+        throw new AccessDeniedException("no right");
+    }
+
+    @Override
+    public boolean supports(ConfigAttribute var1){
+
+        return true;
+    }
+
+    @Override
+    public boolean supports(Class<?> var1){
+        return true;
+    }
+}

+package com.tianbo.warehouse.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.SecurityMetadataSource;
+import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
+import org.springframework.security.access.intercept.InterceptorStatusToken;
+import org.springframework.security.web.FilterInvocation;
+import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
+import org.springframework.stereotype.Service;
+
+import javax.servlet.*;
+import java.io.IOException;
+
+@Service
+public class MyFilterSecurityInterceptor extends AbstractSecurityInterceptor implements Filter {
+
+    @Autowired
+    private FilterInvocationSecurityMetadataSource securityMetadataSource;
+
+
+    @Autowired
+    public void setMyAccessDecisionManager(MyAccessDecisionManager myAccessDecisionManager) {
+        super.setAccessDecisionManager(myAccessDecisionManager);
+    }
+
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+
+    }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+
+        FilterInvocation fi = new FilterInvocation(request, response, chain);
+        invoke(fi);
+    }
+
+
+    public void invoke(FilterInvocation fi) throws IOException, ServletException {
+//fi里面有一个被拦截的url
+//里面调用MyInvocationSecurityMetadataSource的getAttributes(Object object)这个方法获取fi对应的所有权限
+//再调用MyAccessDecisionManager的decide方法来校验用户的权限是否足够
+        InterceptorStatusToken token = super.beforeInvocation(fi);
+        try {
+//执行下一个拦截器
+            fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
+        } finally {
+            super.afterInvocation(token, null);
+        }
+    }
+
+    @Override
+    public void destroy() {
+
+    }
+
+    @Override
+    public Class<?> getSecureObjectClass() {
+        return FilterInvocation.class;
+    }
+
+    @Override
+    public SecurityMetadataSource obtainSecurityMetadataSource() {
+        return this.securityMetadataSource;
+    }
+
+}

+package com.tianbo.warehouse.security;
+
+import com.tianbo.warehouse.dao.PERMISSIONMapper;
+import com.tianbo.warehouse.model.PERMISSION;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.access.SecurityConfig;
+import org.springframework.security.web.FilterInvocation;
+import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.stereotype.Service;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.*;
+
+@Service
+public class MyInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource{
+
+    @Autowired
+    PERMISSIONMapper permissionMapper;
+
+    private HashMap<String, Collection<ConfigAttribute>> map =null;
+
+    /**
+     * 加载权限表中所有权限
+     */
+    public void loadResourceDefine(){
+        map = new HashMap<>();
+        Collection<ConfigAttribute> array;
+        ConfigAttribute cfg;
+        List<PERMISSION> permissions = permissionMapper.findAll();
+        for(PERMISSION permission : permissions) {
+            array = new ArrayList<>();
+            cfg = new SecurityConfig(permission.getPermissionName());
+            //此处只添加了用户的名字，其实还可以添加更多权限的信息，例如请求方法到ConfigAttribute的集合中去。此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
+            array.add(cfg);
+            //用权限的getUrl() 作为map的key，用ConfigAttribute的集合作为 value，
+            map.put(permission.getPermissionSign(), array);
+        }
+
+    }
+
+    //此方法是为了判定用户请求的url 是否在权限表中，如果在权限表中，则返回给 decide 方法，用来判定用户是否有此权限。如果不在权限表中则放行。
+    @Override
+    public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
+        if(map ==null) {loadResourceDefine();}
+        //object 中包含用户请求的request 信息
+        HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
+        AntPathRequestMatcher matcher;
+        String resUrl;
+        for(Iterator<String> iter = map.keySet().iterator(); iter.hasNext(); ) {
+            resUrl = iter.next();
+            matcher = new AntPathRequestMatcher(resUrl);
+            if(matcher.matches(request)) {
+                return map.get(resUrl);
+            }
+        }
+        return null;
+    }
+
+    @Override
+    public Collection<ConfigAttribute> getAllConfigAttributes() {
+        return null;
+    }
+
+    @Override
+    public boolean supports(Class<?> clazz) {
+        return true;
+    }
+}

+package com.tianbo.warehouse.security;
+
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.tomcat.util.security.MD5Encoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+
+@Service(value = "passwordEncodeService")
+public class PasswordEncoderImp implements PasswordEncoder{
+
+    @Override
+    public String encode(CharSequence charSequence) {
+        String enncodePassword = DigestUtils.md5Hex(charSequence.toString());
+        return enncodePassword;
+    }
+
+    @Override
+    public boolean matches(CharSequence rawPassword, String encodedPassword) {
+        //用户输入的登录密码
+        String endcodeInputPass = DigestUtils.md5Hex(rawPassword.toString());
+        return encodedPassword.equals(endcodeInputPass);
+    }
+}

+package com.tianbo.warehouse.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    private MyFilterSecurityInterceptor myFilterSecurityInterceptor;
+
+    @Autowired
+    private  PasswordEncoder passwordEncoder;
+
+    @Bean
+    UserDetailsService customUserService(){ //注册UserDetailsService 的bean
+        return new CustomUserDetailService();
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder  auth) throws Exception {
+        //user Details Service验证
+        auth.userDetailsService(customUserService()).passwordEncoder(passwordEncoder);
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                .anyRequest().authenticated() //任何请求,登录后可以访问
+                .and()
+                .formLogin()
+                .loginProcessingUrl("/home")
+                .loginPage("/login")
+                .failureUrl("/login?error")
+                .permitAll() //登录页面用户任意访问
+                .and()
+                .logout().permitAll(); //注销行为任意访问
+        http.addFilterBefore(myFilterSecurityInterceptor, FilterSecurityInterceptor.class);
+    }
+}

+package com.tianbo.warehouse.service;
+
+import com.tianbo.warehouse.model.USERS;
+
+public interface UserService {
+    USERS loadByUsername(String username);
+}

+package com.tianbo.warehouse.service.imp;
+
+import com.tianbo.warehouse.dao.ROLEMapper;
+import com.tianbo.warehouse.dao.USERSMapper;
+import com.tianbo.warehouse.model.ROLE;
+import com.tianbo.warehouse.model.USERS;
+import com.tianbo.warehouse.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+@Service(value = "userService")
+public class UserServiceImpl implements UserService{
+
+    @Autowired
+    private USERSMapper usersMapper;
+
+    @Autowired
+    private ROLEMapper roleMapper;
+
+    @Override
+    public USERS loadByUsername(String username){
+        List<USERS> userList = usersMapper.selectByUsername(username);
+
+        if (userList != null && userList.size() > 0) {
+            USERS user = userList.get(0);
+
+            List<ROLE> roleList = roleMapper.findRolesByUserId(user.getUserId());
+            if (roleList!=null && roleList.size()>0){
+                user.setRoles(roleList);
+                return user;
+            }
+        }
+        return null;
+
+    }
+}

@@ -42,8 +42,8 @@ spring.datasource.druid.test-on-return=false
 spring.datasource.druid.default-auto-commit=true
 spring.datasource.druid.default-auto-commit=true
 
 
 mybatis.mapper-locations=classpath:mapping/*.xml
 mybatis.mapper-locations=classpath:mapping/*.xml
-mybatis.type-aliases-package=com.example.demo.model
-logging.level.com.example.demo.mapper=DEBUG
+mybatis.type-aliases-package=com.tianbo.warehouse.model
+logging.level.com.tianbo.warehouse.dao=DEBUG
 
 
 pagehelper.helper-dialect=oracle
 pagehelper.helper-dialect=oracle
 #pagehelper.auto-dialect=true
 #pagehelper.auto-dialect=true

+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+<mapper namespace="com.tianbo.warehouse.dao.PERMISSIONMapper" >
+  <resultMap id="BaseResultMap" type="com.tianbo.warehouse.model.PERMISSION" >
+    <id column="PERMISSION_ID" property="permissionId" jdbcType="DECIMAL" />
+    <result column="PERMISSION_NAME" property="permissionName" jdbcType="VARCHAR" />
+    <result column="PERMISSION_SIGN" property="permissionSign" jdbcType="VARCHAR" />
+    <result column="DESCRIPTION" property="description" jdbcType="VARCHAR" />
+    <result column="GROUP_NAME" property="groupName" jdbcType="VARCHAR" />
+  </resultMap>
+  <sql id="Base_Column_List" >
+    PERMISSION_ID, PERMISSION_NAME, PERMISSION_SIGN, DESCRIPTION, GROUP_NAME
+  </sql>
+  <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.math.BigDecimal" >
+    select 
+    <include refid="Base_Column_List" />
+    from PERMISSION
+    where PERMISSION_ID = #{permissionId,jdbcType=DECIMAL}
+  </select>
+  <select id="findAll" resultMap="BaseResultMap" >
+    select
+    <include refid="Base_Column_List" />
+    from PERMISSION
+  </select>
+  <select id="findByUserId" parameterType="java.math.BigDecimal" resultMap="BaseResultMap">
+    select p.*
+    from USERS u
+    LEFT JOIN USER_ROLE ur on u.user_id= ur.user_id
+    LEFT JOIN ROLE r on ur.role_id=r.role_id
+    LEFT JOIN ROLE_PERMISSION rp on rp.role_id=r.role_id
+    LEFT JOIN PERMISSION p on p.PERMISSION_ID =rp.permission_id
+    where u.USER_ID = #{userId,jdbcType=DECIMAL}
+  </select>
+
+  <delete id="deleteByPrimaryKey" parameterType="java.math.BigDecimal" >
+    delete from PERMISSION
+    where PERMISSION_ID = #{permissionId,jdbcType=DECIMAL}
+  </delete>
+  <insert id="insert" parameterType="com.tianbo.warehouse.model.PERMISSION" >
+    insert into PERMISSION (PERMISSION_ID, PERMISSION_NAME, PERMISSION_SIGN, 
+      DESCRIPTION, GROUP_NAME)
+    values (#{permissionId,jdbcType=DECIMAL}, #{permissionName,jdbcType=VARCHAR}, #{permissionSign,jdbcType=VARCHAR}, 
+      #{description,jdbcType=VARCHAR}, #{groupName,jdbcType=VARCHAR})
+  </insert>
+  <insert id="insertSelective" parameterType="com.tianbo.warehouse.model.PERMISSION" >
+    insert into PERMISSION
+    <trim prefix="(" suffix=")" suffixOverrides="," >
+      <if test="permissionId != null" >
+        PERMISSION_ID,
+      </if>
+      <if test="permissionName != null" >
+        PERMISSION_NAME,
+      </if>
+      <if test="permissionSign != null" >
+        PERMISSION_SIGN,
+      </if>
+      <if test="description != null" >
+        DESCRIPTION,
+      </if>
+      <if test="groupName != null" >
+        GROUP_NAME,
+      </if>
+    </trim>
+    <trim prefix="values (" suffix=")" suffixOverrides="," >
+      <if test="permissionId != null" >
+        #{permissionId,jdbcType=DECIMAL},
+      </if>
+      <if test="permissionName != null" >
+        #{permissionName,jdbcType=VARCHAR},
+      </if>
+      <if test="permissionSign != null" >
+        #{permissionSign,jdbcType=VARCHAR},
+      </if>
+      <if test="description != null" >
+        #{description,jdbcType=VARCHAR},
+      </if>
+      <if test="groupName != null" >
+        #{groupName,jdbcType=VARCHAR},
+      </if>
+    </trim>
+  </insert>
+  <update id="updateByPrimaryKeySelective" parameterType="com.tianbo.warehouse.model.PERMISSION" >
+    update PERMISSION
+    <set >
+      <if test="permissionName != null" >
+        PERMISSION_NAME = #{permissionName,jdbcType=VARCHAR},
+      </if>
+      <if test="permissionSign != null" >
+        PERMISSION_SIGN = #{permissionSign,jdbcType=VARCHAR},
+      </if>
+      <if test="description != null" >
+        DESCRIPTION = #{description,jdbcType=VARCHAR},
+      </if>
+      <if test="groupName != null" >
+        GROUP_NAME = #{groupName,jdbcType=VARCHAR},
+      </if>
+    </set>
+    where PERMISSION_ID = #{permissionId,jdbcType=DECIMAL}
+  </update>
+  <update id="updateByPrimaryKey" parameterType="com.tianbo.warehouse.model.PERMISSION" >
+    update PERMISSION
+    set PERMISSION_NAME = #{permissionName,jdbcType=VARCHAR},
+      PERMISSION_SIGN = #{permissionSign,jdbcType=VARCHAR},
+      DESCRIPTION = #{description,jdbcType=VARCHAR},
+      GROUP_NAME = #{groupName,jdbcType=VARCHAR}
+    where PERMISSION_ID = #{permissionId,jdbcType=DECIMAL}
+  </update>
+</mapper>

+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+<mapper namespace="com.tianbo.warehouse.dao.ROLEMapper" >
+  <resultMap id="BaseResultMap" type="com.tianbo.warehouse.model.ROLE" >
+    <id column="ROLE_ID" property="roleId" jdbcType="DECIMAL" />
+    <result column="ROLE_NAME" property="roleName" jdbcType="VARCHAR" />
+    <result column="ROLE_SIGN" property="roleSign" jdbcType="VARCHAR" />
+    <result column="DESCRIPTION" property="description" jdbcType="VARCHAR" />
+  </resultMap>
+  <sql id="Base_Column_List" >
+    ROLE_ID, ROLE_NAME, ROLE_SIGN, DESCRIPTION
+  </sql>
+  <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.math.BigDecimal" >
+    select 
+    <include refid="Base_Column_List" />
+    from ROLE
+    where ROLE_ID = #{roleId,jdbcType=DECIMAL}
+  </select>
+  <select id="findRolesByUserId" parameterType="java.math.BigDecimal" resultMap="BaseResultMap">
+    SELECT
+    R.*
+    FROM
+    USERS U
+    LEFT JOIN USER_ROLE UR ON U .USER_ID = UR.USER_ID
+    LEFT JOIN ROLE R ON  R.ROLE_ID= UR.ROLE_ID
+    where U.USER_ID = #{userId,jdbcType=DECIMAL}
+  </select>
+  <delete id="deleteByPrimaryKey" parameterType="java.math.BigDecimal" >
+    delete from ROLE
+    where ROLE_ID = #{roleId,jdbcType=DECIMAL}
+  </delete>
+  <insert id="insert" parameterType="com.tianbo.warehouse.model.ROLE" >
+    insert into ROLE (ROLE_ID, ROLE_NAME, ROLE_SIGN, 
+      DESCRIPTION)
+    values (#{roleId,jdbcType=DECIMAL}, #{roleName,jdbcType=VARCHAR}, #{roleSign,jdbcType=VARCHAR}, 
+      #{description,jdbcType=VARCHAR})
+  </insert>
+  <insert id="insertSelective" parameterType="com.tianbo.warehouse.model.ROLE" >
+    insert into ROLE
+    <trim prefix="(" suffix=")" suffixOverrides="," >
+      <if test="roleId != null" >
+        ROLE_ID,
+      </if>
+      <if test="roleName != null" >
+        ROLE_NAME,
+      </if>
+      <if test="roleSign != null" >
+        ROLE_SIGN,
+      </if>
+      <if test="description != null" >
+        DESCRIPTION,
+      </if>
+    </trim>
+    <trim prefix="values (" suffix=")" suffixOverrides="," >
+      <if test="roleId != null" >
+        #{roleId,jdbcType=DECIMAL},
+      </if>
+      <if test="roleName != null" >
+        #{roleName,jdbcType=VARCHAR},
+      </if>
+      <if test="roleSign != null" >
+        #{roleSign,jdbcType=VARCHAR},
+      </if>
+      <if test="description != null" >
+        #{description,jdbcType=VARCHAR},
+      </if>
+    </trim>
+  </insert>
+  <update id="updateByPrimaryKeySelective" parameterType="com.tianbo.warehouse.model.ROLE" >
+    update ROLE
+    <set >
+      <if test="roleName != null" >
+        ROLE_NAME = #{roleName,jdbcType=VARCHAR},
+      </if>
+      <if test="roleSign != null" >
+        ROLE_SIGN = #{roleSign,jdbcType=VARCHAR},
+      </if>
+      <if test="description != null" >
+        DESCRIPTION = #{description,jdbcType=VARCHAR},
+      </if>
+    </set>
+    where ROLE_ID = #{roleId,jdbcType=DECIMAL}
+  </update>
+  <update id="updateByPrimaryKey" parameterType="com.tianbo.warehouse.model.ROLE" >
+    update ROLE
+    set ROLE_NAME = #{roleName,jdbcType=VARCHAR},
+      ROLE_SIGN = #{roleSign,jdbcType=VARCHAR},
+      DESCRIPTION = #{description,jdbcType=VARCHAR}
+    where ROLE_ID = #{roleId,jdbcType=DECIMAL}
+  </update>
+</mapper>

+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+<mapper namespace="com.tianbo.warehouse.dao.USERSMapper" >
+  <resultMap id="BaseResultMap" type="com.tianbo.warehouse.model.USERS" >
+    <id column="USER_ID" property="userId" jdbcType="DECIMAL" />
+    <result column="USERNAME" property="username" jdbcType="VARCHAR" />
+    <result column="PASSWORD" property="password" jdbcType="VARCHAR" />
+    <result column="STATE" property="state" jdbcType="DECIMAL" />
+    <result column="CREATTIME" property="creattime" jdbcType="TIMESTAMP" />
+    <result column="SEX" property="sex" jdbcType="VARCHAR" />
+    <result column="ADDRESS" property="address" jdbcType="VARCHAR" />
+    <result column="BIRTHDAY" property="birthday" jdbcType="TIMESTAMP" />
+    <result column="MOBILEPHONE" property="mobilephone" jdbcType="VARCHAR" />
+    <result column="UPDATETIME" property="updatetime" jdbcType="TIMESTAMP" />
+  </resultMap>
+  <sql id="Base_Column_List" >
+    USER_ID, USERNAME, PASSWORD, STATE, CREATTIME, SEX, ADDRESS, BIRTHDAY, MOBILEPHONE, 
+    UPDATETIME
+  </sql>
+  <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.math.BigDecimal" >
+    select 
+    <include refid="Base_Column_List" />
+    from USERS
+    where USER_ID = #{userId,jdbcType=DECIMAL}
+  </select>
+  <select id="selectByUsername" resultMap="BaseResultMap" parameterType="java.lang.String" >
+    select
+    <include refid="Base_Column_List" />
+    from USERS
+    where USERNAME = #{username,jdbcType=VARCHAR}
+  </select>
+  <delete id="deleteByPrimaryKey" parameterType="java.math.BigDecimal" >
+    delete from USERS
+    where USER_ID = #{userId,jdbcType=DECIMAL}
+  </delete>
+  <insert id="insert" parameterType="com.tianbo.warehouse.model.USERS" >
+    insert into USERS (USER_ID, USERNAME, PASSWORD, 
+      STATE, CREATTIME, SEX, 
+      ADDRESS, BIRTHDAY, MOBILEPHONE, 
+      UPDATETIME)
+    values (#{userId,jdbcType=DECIMAL}, #{username,jdbcType=VARCHAR}, #{password,jdbcType=VARCHAR}, 
+      #{state,jdbcType=DECIMAL}, #{creattime,jdbcType=TIMESTAMP}, #{sex,jdbcType=VARCHAR}, 
+      #{address,jdbcType=VARCHAR}, #{birthday,jdbcType=TIMESTAMP}, #{mobilephone,jdbcType=VARCHAR}, 
+      #{updatetime,jdbcType=TIMESTAMP})
+  </insert>
+  <insert id="insertSelective" parameterType="com.tianbo.warehouse.model.USERS" >
+    insert into USERS
+    <trim prefix="(" suffix=")" suffixOverrides="," >
+      <if test="userId != null" >
+        USER_ID,
+      </if>
+      <if test="username != null" >
+        USERNAME,
+      </if>
+      <if test="password != null" >
+        PASSWORD,
+      </if>
+      <if test="state != null" >
+        STATE,
+      </if>
+      <if test="creattime != null" >
+        CREATTIME,
+      </if>
+      <if test="sex != null" >
+        SEX,
+      </if>
+      <if test="address != null" >
+        ADDRESS,
+      </if>
+      <if test="birthday != null" >
+        BIRTHDAY,
+      </if>
+      <if test="mobilephone != null" >
+        MOBILEPHONE,
+      </if>
+      <if test="updatetime != null" >
+        UPDATETIME,
+      </if>
+    </trim>
+    <trim prefix="values (" suffix=")" suffixOverrides="," >
+      <if test="userId != null" >
+        #{userId,jdbcType=DECIMAL},
+      </if>
+      <if test="username != null" >
+        #{username,jdbcType=VARCHAR},
+      </if>
+      <if test="password != null" >
+        #{password,jdbcType=VARCHAR},
+      </if>
+      <if test="state != null" >
+        #{state,jdbcType=DECIMAL},
+      </if>
+      <if test="creattime != null" >
+        #{creattime,jdbcType=TIMESTAMP},
+      </if>
+      <if test="sex != null" >
+        #{sex,jdbcType=VARCHAR},
+      </if>
+      <if test="address != null" >
+        #{address,jdbcType=VARCHAR},
+      </if>
+      <if test="birthday != null" >
+        #{birthday,jdbcType=TIMESTAMP},
+      </if>
+      <if test="mobilephone != null" >
+        #{mobilephone,jdbcType=VARCHAR},
+      </if>
+      <if test="updatetime != null" >
+        #{updatetime,jdbcType=TIMESTAMP},
+      </if>
+    </trim>
+  </insert>
+  <update id="updateByPrimaryKeySelective" parameterType="com.tianbo.warehouse.model.USERS" >
+    update USERS
+    <set >
+      <if test="username != null" >
+        USERNAME = #{username,jdbcType=VARCHAR},
+      </if>
+      <if test="password != null" >
+        PASSWORD = #{password,jdbcType=VARCHAR},
+      </if>
+      <if test="state != null" >
+        STATE = #{state,jdbcType=DECIMAL},
+      </if>
+      <if test="creattime != null" >
+        CREATTIME = #{creattime,jdbcType=TIMESTAMP},
+      </if>
+      <if test="sex != null" >
+        SEX = #{sex,jdbcType=VARCHAR},
+      </if>
+      <if test="address != null" >
+        ADDRESS = #{address,jdbcType=VARCHAR},
+      </if>
+      <if test="birthday != null" >
+        BIRTHDAY = #{birthday,jdbcType=TIMESTAMP},
+      </if>
+      <if test="mobilephone != null" >
+        MOBILEPHONE = #{mobilephone,jdbcType=VARCHAR},
+      </if>
+      <if test="updatetime != null" >
+        UPDATETIME = #{updatetime,jdbcType=TIMESTAMP},
+      </if>
+    </set>
+    where USER_ID = #{userId,jdbcType=DECIMAL}
+  </update>
+  <update id="updateByPrimaryKey" parameterType="com.tianbo.warehouse.model.USERS" >
+    update USERS
+    set USERNAME = #{username,jdbcType=VARCHAR},
+      PASSWORD = #{password,jdbcType=VARCHAR},
+      STATE = #{state,jdbcType=DECIMAL},
+      CREATTIME = #{creattime,jdbcType=TIMESTAMP},
+      SEX = #{sex,jdbcType=VARCHAR},
+      ADDRESS = #{address,jdbcType=VARCHAR},
+      BIRTHDAY = #{birthday,jdbcType=TIMESTAMP},
+      MOBILEPHONE = #{mobilephone,jdbcType=VARCHAR},
+      UPDATETIME = #{updatetime,jdbcType=TIMESTAMP}
+    where USER_ID = #{userId,jdbcType=DECIMAL}
+  </update>
+</mapper>