diff --git a/README.md b/README.md
index a1f13175632dda37cc3271eeb457db4c5d2bc34e..20c84b23c8cdb7126811f951ae81a958a3330a7a 100644
--- a/README.md
+++ b/README.md
@@ -67,7 +67,8 @@ ps: 虽然我知道，大部分人都是来了**直接下载源代码**后就潇
    1. 数据库链接属性(可搜索`datasource`或定位到L.19) 
    2. redis配置(可搜索`redis`或定位到L.69)
    3. mail配置(可搜索`mail`或定位到L.89)
-   4. 【[七牛云](http://qiniu.com)】配置(可搜索`qiniu`或定位到L.135)
+   4. 【[七牛云](http://qiniu.com)】配置(见sys_config表中qiniu_*开头的字段)    
+   注：因为系统存在redis缓存，如果是第一次使用，可以直接修改sys_config表内容，如果不是第一次用，建议使用admin项目中的`系统配置`页面修改相关配置内容
 5. 运行项目(三种方式)
    1. 项目根目录下执行`mvn -X clean package -Dmaven.test.skip=true`编译打包，然后执行`java -jar target/blog-web.jar`
    2. 项目根目录下执行`mvn springboot:run`
@@ -81,10 +82,21 @@ _超级管理员_： 账号：root  密码：123456  （本地测试使用这个
 
 _普通管理员_： 账号：admin  密码：123456
 
+_评论审核管理员_： 账号：comment-admin  密码：123456
+
+注：后台用户的创建，尽可能做到**权限最小化**
+
 更多详情，请参考【[Wiki](https://gitee.com/yadong.zhang/DBlog/wikis)】
 
 ### 更新日志
 
+2018-05-22
+
+**修改功能：**
+
+1. 完善shiro权限（数据库、页面）。注：需要重新执行下`sys_resources`和`sys_role_resources`两张表的`insert`语句
+2. redis配置默认不含密码（鉴于大多数朋友的redis都没有密码做此修改，不过本人 **强烈建议**设置下密码）
+
 2018-05-18
 
 **修复bug：**
diff --git a/blog-admin/src/main/java/com/zyd/blog/controller/RenderController.java b/blog-admin/src/main/java/com/zyd/blog/controller/RenderController.java
index 8d19b55c687dc3a636ec2c49a6a59c28e1a117c9..70f89043d1512886f3db1a3c09f1f5aa13b55bfd 100644
--- a/blog-admin/src/main/java/com/zyd/blog/controller/RenderController.java
+++ b/blog-admin/src/main/java/com/zyd/blog/controller/RenderController.java
@@ -34,15 +34,8 @@ import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.servlet.ModelAndView;
 
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
 /**
  * 页面跳转类
  *
@@ -164,42 +157,11 @@ public class RenderController {
         return ResultUtil.view("sysWebpage/list");
     }
 
-    @GetMapping("/list")
-    public ModelAndView list(Model model) {
-        return ResultUtil.view("list");
-    }
-
-    @GetMapping("/details")
-    public ModelAndView detail(Model model) {
-        return ResultUtil.view("detail");
-    }
-
-    @GetMapping("/ztree")
-    public ModelAndView ztree(Model model) {
-        return ResultUtil.view("ztree");
-    }
-
     @GetMapping("/icons")
     public ModelAndView icons(Model model) {
         return ResultUtil.view("icons");
     }
 
-    @PostMapping("/getZtree")
-    @ResponseBody
-    public List<Map<String, Object>> getTree() {
-        List<Map<String, Object>> mapList = new ArrayList<Map<String, Object>>();
-        Map<String, Object> map = null;
-        for (int i = 0; i < 20; i++) {
-            map = new HashMap<>(4);
-            map.put("id", i);
-            map.put("pId", (i % 3 > 0 ? i - 1 : 0));
-            map.put("checked", (i % 3 > 0 ? i - 1 : 0) != 0);
-            map.put("name", "菜单i");
-            mapList.add(map);
-        }
-        return mapList;
-    }
-
     @GetMapping("/shiro")
     public ModelAndView shiro(Model model) {
         return ResultUtil.view("shiro");
diff --git a/blog-admin/src/main/resources/application.yml b/blog-admin/src/main/resources/application.yml
index b4644c7fd5b63318e5f81ef62281f24e53fe8b28..eab77adcae376c09b24bd8b692c22c3acee784e8 100644
--- a/blog-admin/src/main/resources/application.yml
+++ b/blog-admin/src/main/resources/application.yml
@@ -73,7 +73,7 @@ spring:
         # Redis服务器连接端口
         port: 6379
         # Redis服务器连接密码（默认为空）
-        password: qwe!@#123
+        password:
         # 连接池最大连接数（使用负值表示没有限制）
         pool:
             maxActive: 8
diff --git a/blog-admin/src/main/resources/templates/article/list.ftl b/blog-admin/src/main/resources/templates/article/list.ftl
index f3af8b828e2694ba07eb244a557b54927187b802..f7dda423607ec097bf64b96f48cc685a0b1cc102 100644
--- a/blog-admin/src/main/resources/templates/article/list.ftl
+++ b/blog-admin/src/main/resources/templates/article/list.ftl
@@ -11,13 +11,19 @@
                 <div class="x_content">
                     <div class="<#--table-responsive-->">
                         <div class="btn-group hidden-xs" id="toolbar">
-                            <a class="btn btn-default" title="发布文章" href="/article/publish"> <i class="fa fa-plus"></i> 发布文章 </a>
-                            <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
-                                <i class="fa fa-trash-o"></i> 批量删除
-                            </button>
-                            <button id="btn_push_ids" type="button" class="btn btn-info" title="批量推送">
-                                <i class="fa fa-send-o"></i> 批量推送到百度
-                            </button>
+                            <@shiro.hasPermission name="article:publish">
+                                <a class="btn btn-default" title="发布文章" href="/article/publish"> <i class="fa fa-plus"></i> 发布文章 </a>
+                            </@shiro.hasPermission>
+                            <@shiro.hasPermission name="article:batchDelete">
+                                <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
+                                    <i class="fa fa-trash-o"></i> 批量删除
+                                </button>
+                            </@shiro.hasPermission>
+                            <@shiro.hasPermission name="article:batchPush">
+                                <button id="btn_push_ids" type="button" class="btn btn-info" title="批量推送">
+                                    <i class="fa fa-send-o"></i> 批量推送到百度
+                                </button>
+                            </@shiro.hasPermission>
                         </div>
                         <table id="tablelist">
                         </table>
@@ -39,11 +45,11 @@
     function operateFormatter(code, row, index) {
         var trId = row.id;
         var operateBtn = [
-            '<a class="btn btn-xs btn-info btn-push" title="推送" data-id="' + trId + '"><i class="fa fa-send-o"></i>推送</a>',
-            '<a class="btn btn-xs btn-success btn-top" data-id="' + trId + '"><i class="fa fa-arrow-circle-up"></i>置顶</a>',
-            '<a class="btn btn-xs btn-success btn-recommend" data-id="' + trId + '"><i class="fa fa-thumbs-o-up"></i>推荐</a>',
-            '<a class="btn btn-xs btn-primary" href="/article/update/' + trId + '"><i class="fa fa-edit"></i>编辑</a>',
-            '<a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a>'
+            '<@shiro.hasPermission name="article:push"><a class="btn btn-xs btn-info btn-push" title="推送" data-id="' + trId + '"><i class="fa fa-send-o"></i>推送</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="article:top"><a class="btn btn-xs btn-success btn-top" data-id="' + trId + '"><i class="fa fa-arrow-circle-up"></i>置顶</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="article:recommend"><a class="btn btn-xs btn-success btn-recommend" data-id="' + trId + '"><i class="fa fa-thumbs-o-up"></i>推荐</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="article:edit"><a class="btn btn-xs btn-primary" href="/article/update/' + trId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="article:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>'
         ];
         return operateBtn.join('');
     }
diff --git a/blog-admin/src/main/resources/templates/article/tags.ftl b/blog-admin/src/main/resources/templates/article/tags.ftl
index 76cd132bc46b0303b26fdd72a750d1f6c2670688..3afb582050b37c6317bae0f359a37426503dd6ce 100644
--- a/blog-admin/src/main/resources/templates/article/tags.ftl
+++ b/blog-admin/src/main/resources/templates/article/tags.ftl
@@ -11,12 +11,16 @@
                 <div class="x_content">
                     <div class="<#--table-responsive-->">
                         <div class="btn-group hidden-xs" id="toolbar">
-                            <button id="btn_add" type="button" class="btn btn-default" title="新增标签">
-                                <i class="fa fa-plus"></i> 新增标签
-                            </button>
+                        <@shiro.hasPermission name="tag:add">
+                        <button id="btn_add" type="button" class="btn btn-default" title="新增标签">
+                            <i class="fa fa-plus"></i> 新增标签
+                        </button>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="tag:batchDelete">
                             <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
                                 <i class="fa fa-trash-o"></i> 批量删除
                             </button>
+                        </@shiro.hasPermission>
                         </div>
                         <table id="tablelist">
                         </table>
@@ -71,8 +75,8 @@
     function operateFormatter(code, row, index) {
         var trId = row.id;
         var operateBtn = [
-            '<a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a>',
-            '<a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a>'
+            '<@shiro.hasPermission name="tag:edit"><a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="tag:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>'
         ];
         return operateBtn.join('');
     }
diff --git a/blog-admin/src/main/resources/templates/article/types.ftl b/blog-admin/src/main/resources/templates/article/types.ftl
index 07934900c4bdbf04f110332f2ea35baad03f937b..e4947e192ee58666e83a5bf7ad6656a5c9da4318 100644
--- a/blog-admin/src/main/resources/templates/article/types.ftl
+++ b/blog-admin/src/main/resources/templates/article/types.ftl
@@ -11,12 +11,16 @@
                 <div class="x_content">
                     <div class="<#--table-responsive-->">
                         <div class="btn-group hidden-xs" id="toolbar">
+                        <@shiro.hasPermission name="type:add">
                             <button id="btn_add" type="button" class="btn btn-default" title="新增分类">
                                 <i class="fa fa-plus"></i> 新增分类
                             </button>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="type:batchDelete">
                             <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
                                 <i class="fa fa-trash-o"></i> 批量删除
                             </button>
+                        </@shiro.hasPermission>
                         </div>
                         <table id="tablelist">
                         </table>
@@ -135,8 +139,8 @@
     function operateFormatter(code, row, index) {
         var trId = row.id;
         var operateBtn = [
-            '<a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a>',
-            '<a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a>'
+            '<@shiro.hasPermission name="type:edit"><a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="type:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>'
         ];
         return operateBtn.join('');
     }
diff --git a/blog-admin/src/main/resources/templates/comment/list.ftl b/blog-admin/src/main/resources/templates/comment/list.ftl
index df6552c3e66550557b5af371d3a3893434fb4ae6..ad6cf0f2ad6d8bd5a8d2731a3a6ecefbf8101a6b 100644
--- a/blog-admin/src/main/resources/templates/comment/list.ftl
+++ b/blog-admin/src/main/resources/templates/comment/list.ftl
@@ -11,9 +11,11 @@
                 <div class="x_content">
                     <div class="<#--table-responsive-->">
                         <div class="btn-group hidden-xs" id="toolbar">
-                            <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
-                                <i class="fa fa-trash-o"></i> 批量删除
-                            </button>
+                            <@shiro.hasPermission name="comment:batchDelete">
+                                <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
+                                    <i class="fa fa-trash-o"></i> 批量删除
+                                </button>
+                            </@shiro.hasPermission>
                         </div>
                         <table id="tablelist">
                         </table>
@@ -112,9 +114,9 @@
         var id = row.id;
         var sid = row.sid;
         var operateBtn = [
-            '<a class="btn btn-xs btn-primary btn-reply" data-id="' + id + '" data-sid="' + sid + '"><i class="fa fa-edit"></i>回复</a>',
-            '<a class="btn btn-xs btn-warning btn-audit" data-id="' + id + '" data-sid="' + sid + '"><i class="fa fa-edit"></i>审核</a>',
-            '<a class="btn btn-xs btn-danger btn-remove" data-id="' + id + '" data-sid="' + sid + '"><i class="fa fa-trash-o"></i>删除</a>'
+            '<@shiro.hasPermission name="comment:reply"><a class="btn btn-xs btn-primary btn-reply" data-id="' + id + '" data-sid="' + sid + '"><i class="fa fa-edit"></i>回复</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="comment:audit"><a class="btn btn-xs btn-warning btn-audit" data-id="' + id + '" data-sid="' + sid + '"><i class="fa fa-edit"></i>审核</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="comment:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + id + '" data-sid="' + sid + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>'
         ];
         return operateBtn.join('');
     }
diff --git a/blog-admin/src/main/resources/templates/index.ftl b/blog-admin/src/main/resources/templates/index.ftl
index 4af8f4960b198c2a465f7dd1a7e71cfe95527ec5..c1e615cd8385f7e86b844da6a77f0ad6a3f0dec5 100644
--- a/blog-admin/src/main/resources/templates/index.ftl
+++ b/blog-admin/src/main/resources/templates/index.ftl
@@ -9,107 +9,170 @@
                 <div class="clearfix"></div>
             </div>
             <div class="x_content">
-                <div class="col-md-7 col-sm-7 col-xs-12">
-                    <div class="row">
-                        <div class="col-md-12 col-sm-12 col-xs-12">
-                            <div class="x_panel">
-                                <div class="x_title">
-                                    <h2>最近发布</h2>
-                                    <a href="/article/publish" class="btn btn-default pull-right"><i class="fa fa-plus"></i> 发布新文章</a>
-                                    <div class="clearfix"></div>
-                                </div>
-                                <div class="x_content">
-                                    <ul class="list-unstyled lately lately-article">
-                                        <@articleTag method="recentArticles">
-                                            <#if recentArticles?? && recentArticles?size gt 0>
-                                                <#list recentArticles as item>
-                                                    <li style="line-height: 1.8;">
-                                                        <span>${item.createTime?string('yyyy-MM-dd HH:mm')}</span>
-                                                        <a href="${config.siteUrl}/article/${item.id?c}" target="_blank">${item.title}</a>
-                                                    </li>
-                                                </#list>
-                                            </#if>
-                                        </@articleTag>
-                                    </ul>
-                                </div>
+                <div class="row">
+                    <@shiro.hasPermission name="articles">
+                    <div class="col-md-6 col-sm-6 col-xs-12">
+                        <div class="x_panel">
+                            <div class="x_title">
+                                <h2>最近发布</h2>
+                                <@shiro.hasPermission name="article:publish">
+                                    <a href="/article/publish" class="btn btn-success btn-xs pull-right"><i class="fa fa-plus"></i> 发布文章</a>
+                                </@shiro.hasPermission>
+                                <div class="clearfix"></div>
+                            </div>
+                            <div class="x_content">
+                                <ul class="list-unstyled lately lately-article">
+                                    <@articleTag method="recentArticles">
+                                        <#if recentArticles?? && recentArticles?size gt 0>
+                                            <#list recentArticles as item>
+                                                <li style="line-height: 1.8;">
+                                                    <span>${item.createTime?string('yyyy-MM-dd HH:mm')}</span>
+                                                    <a href="${config.siteUrl}/article/${item.id?c}" target="_blank">${item.title}</a>
+                                                </li>
+                                            </#list>
+                                        </#if>
+                                    </@articleTag>
+                                </ul>
                             </div>
                         </div>
                     </div>
-                    <div class="row">
-                        <div class="col-md-12 col-sm-12 col-xs-12">
-                            <div class="x_panel">
-                                <div class="x_title">
-                                    <h2>近期评论</h2>
-                                    <div class="clearfix"></div>
-                                </div>
-                                <div class="x_content">
-                                    <ul class="list-unstyled lately lately-comment">
-                                        <@zhydTag method="recentComments">
-                                            <#if recentComments?? && recentComments?size gt 0>
-                                                <#list recentComments as item>
-                                                    <li style="line-height: 1.8;border-bottom: 1px solid #e8e9e8;margin-bottom: 10px;">
-                                                        <strong>${item.nickname}：</strong>
-                                                        <a href="${config.siteUrl}${item.sourceUrl}" target="_blank">${item.briefContent?if_exists}</a>
-                                                        <p><span>${item.createTime?string('yyyy-MM-dd HH:mm')}</span></p>
-                                                    </li>
-                                                </#list>
-                                            <#else>
-                                                <li style="line-height: 1.8;"><span>暂无评论</span></li>
-                                            </#if>
-                                        </@zhydTag>
-                                    </ul>
-                                </div>
+                    </@shiro.hasPermission>
+                    <@shiro.hasPermission name="comments">
+                    <div class="col-md-6 col-sm-6 col-xs-12">
+                        <div class="x_panel">
+                            <div class="x_title">
+                                <h2>近期评论</h2>
+                                <div class="clearfix"></div>
+                            </div>
+                            <div class="x_content">
+                                <ul class="list-unstyled lately lately-comment">
+                                    <@zhydTag method="recentComments">
+                                        <#if recentComments?? && recentComments?size gt 0>
+                                            <#list recentComments as item>
+                                                <li style="line-height: 1.8;border-bottom: 1px solid #e8e9e8;margin-bottom: 10px;">
+                                                    <strong>${item.nickname}：</strong>
+                                                    <a href="${config.siteUrl}${item.sourceUrl}" target="_blank">${item.briefContent?if_exists}</a>
+                                                    <p><span>${item.createTime?string('yyyy-MM-dd HH:mm')}</span></p>
+                                                </li>
+                                            </#list>
+                                        <#else>
+                                            <li style="line-height: 1.8;"><span>暂无评论</span></li>
+                                        </#if>
+                                    </@zhydTag>
+                                </ul>
                             </div>
                         </div>
                     </div>
+                    </@shiro.hasPermission>
                 </div>
-                <div class="col-md-5 col-sm-5 col-xs-12">
-                    <div class="x_panel">
-                        <div class="x_title">
-                            <h2>系统日志</h2>
-                            <div class="clearfix"></div>
-                        </div>
-                        <div class="x_content">
-                            <ul class="list-unstyled timeline">
-                                <li>
-                                    <div class="block">
-                                        <div class="tags">
-                                            <a href="javascript:;" class="tag">
-                                                <span>11月11日</span>
-                                            </a>
+                <div class="row">
+                    <div class="col-md-12 col-sm-12 col-xs-12">
+                        <div class="x_panel">
+                            <div class="x_title">
+                                <h2>系统日志</h2>
+                                <div class="clearfix"></div>
+                            </div>
+                            <div class="x_content">
+                                <ul class="list-unstyled timeline">
+                                    <li>
+                                        <div class="block">
+                                            <div class="tags">
+                                                <a href="javascript:;" class="tag">
+                                                    <span>05月22日</span>
+                                                </a>
+                                            </div>
+                                            <div class="block_content">
+                                                <h2 class="title">
+                                                    <span>更新说明</span>
+                                                </h2>
+                                                <div class="byline">
+                                                    <span>13 hours ago</span> by <a>zyd</a>
+                                                </div>
+                                                <div class="excerpt">
+                                                    <h5>修改功能：</h5>
+                                                    <ol class="list-unstyled">
+                                                        <li>1. 完善shiro权限（数据库、页面）。注：需要重新执行下`sys_resources`和`sys_role_resources`两张表的`insert`语句</li>
+                                                        <li>2. redis配置默认不含密码（鉴于大多数朋友的redis都没有密码做此修改，不过本人 <strong>强烈建议设置下密码</strong>）</li>
+                                                    </ol>
+                                                </div>
+                                            </div>
                                         </div>
-                                        <div class="block_content">
-                                            <h2 class="title">
-                                                <span>上线说明</span>
-                                            </h2>
-                                            <div class="byline">
-                                                <span>13 hours ago</span> by <a>zyd</a>
+                                    </li>
+                                    <li>
+                                        <div class="block">
+                                            <div class="tags">
+                                                <a href="javascript:;" class="tag">
+                                                    <span>05月18日</span>
+                                                </a>
+                                            </div>
+                                            <div class="block_content">
+                                                <h2 class="title">
+                                                    <span>更新说明</span>
+                                                </h2>
+                                                <div class="byline">
+                                                    <span>13 hours ago</span> by <a>zyd</a>
+                                                </div>
+                                                <div class="excerpt">
+                                                    <h5>修复bug：</h5>
+                                                    <ol class="list-unstyled">
+                                                        <li>1. web端自动申请友链后不显示的问题</li>
+                                                        <li>2. config表修改后不能实时刷新的问题</li>
+                                                    </ol>
+                                                    <h5>增加功能：</h5>
+                                                    <ol class="list-unstyled">
+                                                        <li>1. 网站赞赏码</li>
+                                                        <li>2. 百度推送功能(链接提交到百度站长平台)</li>
+                                                    </ol>
+                                                    <h5>修改功能：</h5>
+                                                    <ol class="list-unstyled">
+                                                        <li>1. 百度api的ak和百度推送的token以及七牛云的配置改为通过config表管理</li>
+                                                        <li>2. admin模块菜单通过标签实时获取(链接提交到百度站长平台)</li>
+                                                        <li>2. 弹窗工具类js结构调整</li>
+                                                    </ol>
+                                                </div>
                                             </div>
-                                            <p class="excerpt">上线了<a>Read&nbsp;More</a>
-                                            </p>
                                         </div>
-                                    </div>
-                                </li>
-                                <li>
-                                    <div class="block">
-                                        <div class="tags">
-                                            <a href="javascript:;" class="tag">
-                                                <span>01月06日</span>
-                                            </a>
+                                    </li>
+                                    <li>
+                                        <div class="block">
+                                            <div class="tags">
+                                                <a href="javascript:;" class="tag">
+                                                    <span>11月11日</span>
+                                                </a>
+                                            </div>
+                                            <div class="block_content">
+                                                <h2 class="title">
+                                                    <span>上线说明</span>
+                                                </h2>
+                                                <div class="byline">
+                                                    <span>13 hours ago</span> by <a>zyd</a>
+                                                </div>
+                                                <p class="excerpt">上线了<a>Read&nbsp;More</a>
+                                                </p>
+                                            </div>
                                         </div>
-                                        <div class="block_content">
-                                            <h2 class="title">
-                                                <span>更新说明</span>
-                                            </h2>
-                                            <div class="byline">
-                                                <span>13 hours ago</span> by <a>zyd</a>
+                                    </li>
+                                    <li>
+                                        <div class="block">
+                                            <div class="tags">
+                                                <a href="javascript:;" class="tag">
+                                                    <span>01月06日</span>
+                                                </a>
+                                            </div>
+                                            <div class="block_content">
+                                                <h2 class="title">
+                                                    <span>更新说明</span>
+                                                </h2>
+                                                <div class="byline">
+                                                    <span>13 hours ago</span> by <a>zyd</a>
+                                                </div>
+                                                <p class="excerpt">列表页面的js代码提出为zyd.table.js公共代码</p>
+                                                <p class="excerpt">zyd.tool.js</p>
                                             </div>
-                                            <p class="excerpt">列表页面的js代码提出为zyd.table.js公共代码</p>
-                                            <p class="excerpt">zyd.tool.js</p>
                                         </div>
-                                    </div>
-                                </li>
-                            </ul>
+                                    </li>
+                                </ul>
+                            </div>
                         </div>
                     </div>
                 </div>
diff --git a/blog-admin/src/main/resources/templates/layout/setting.ftl b/blog-admin/src/main/resources/templates/layout/setting.ftl
index 19d437779dab4ae840753a4ed1c779b01929d08f..fd97fe79ce1c65c80f58ff48e2586b7a571080c3 100644
--- a/blog-admin/src/main/resources/templates/layout/setting.ftl
+++ b/blog-admin/src/main/resources/templates/layout/setting.ftl
@@ -11,16 +11,17 @@
                         <span class=" fa fa-angle-down"></span>
                     </a>
                     <ul class="dropdown-menu dropdown-usermenu pull-right">
-                        <#--<li><a href="/profile"> 个人资料</a></li>-->
+                        <@shiro.hasRole name="role:root">
                         <li>
                             <a href="/config">
-                                <#--<span class="badge bg-red pull-right">50%</span>-->
                                 <span>系统配置</span>
                             </a>
                         </li>
+                        </@shiro.hasRole>
                         <li><a href="/passport/logout"><i class="fa fa-sign-out pull-right"></i> 退出系统</a></li>
                     </ul>
                 </li>
+                <@shiro.hasPermission name="comments">
                 <li role="presentation" class="dropdown">
                     <a href="javascript:;" class="dropdown-toggle info-number" data-toggle="dropdown" aria-expanded="false">
                         <i class="fa fa-envelope-o"></i>
@@ -37,6 +38,7 @@
                         </li>
                     </ul>
                 </li>
+                </@shiro.hasPermission>
             </ul>
         </nav>
     </div>
diff --git a/blog-admin/src/main/resources/templates/layout/sidebar.ftl b/blog-admin/src/main/resources/templates/layout/sidebar.ftl
index 1f3b1ea94d3525194d80d4401fec6645d22bc7ab..71d7ec004d44c1bfa7534d9d3e1b4e37859853c2 100644
--- a/blog-admin/src/main/resources/templates/layout/sidebar.ftl
+++ b/blog-admin/src/main/resources/templates/layout/sidebar.ftl
@@ -2,6 +2,9 @@
 <div id="sidebar-menu" class="main_menu_side hidden-print main_menu">
     <div class="menu_section">
         <ul class="nav side-menu">
+            <@shiro.user>
+                <li><a href="/index"><i class="fa fa-home"></i>首页</a></li>
+            </@shiro.user>
             <@zhydTag method="menus" userId="${user.id}">
                 <#if menus?? && menus?size gt 0>
                     <#list menus as item>
diff --git a/blog-admin/src/main/resources/templates/link/list.ftl b/blog-admin/src/main/resources/templates/link/list.ftl
index 735755b97a886ac73853a2a1da8b6b428994ca36..1f944e017e9c3633e9bf66b2b63fdaedb85571a2 100644
--- a/blog-admin/src/main/resources/templates/link/list.ftl
+++ b/blog-admin/src/main/resources/templates/link/list.ftl
@@ -10,12 +10,16 @@
             <div class="x_content">
                 <div class="<#--table-responsive-->">
                     <div class="btn-group hidden-xs" id="toolbar">
-                        <button id="btn_add" type="button" class="btn btn-default" title="新增友情链接">
-                            <i class="fa fa-plus"></i> 新增友情链接
-                        </button>
-                        <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
-                            <i class="fa fa-trash-o"></i> 批量删除
-                        </button>
+                        <@shiro.hasPermission name="link:add">
+                            <button id="btn_add" type="button" class="btn btn-default" title="新增友链">
+                                <i class="fa fa-plus"></i> 新增友链
+                            </button>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="link:batchDelete">
+                            <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
+                                <i class="fa fa-trash-o"></i> 批量删除
+                            </button>
+                        </@shiro.hasPermission>
                     </div>
                     <table id="tablelist">
                     </table>
@@ -141,8 +145,8 @@
     function operateFormatter(code, row, index) {
         var trId = row.id;
         var operateBtn = [
-            '<a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a>',
-            '<a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a>'
+            '<@shiro.hasPermission name="link:edit"><a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="link:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>'
         ];
         return operateBtn.join('');
     }
diff --git a/blog-admin/src/main/resources/templates/list.ftl b/blog-admin/src/main/resources/templates/list.ftl
deleted file mode 100644
index c2e429f531b91dece7f249f3ad0d8aab40afeac8..0000000000000000000000000000000000000000
--- a/blog-admin/src/main/resources/templates/list.ftl
+++ /dev/null
@@ -1,391 +0,0 @@
-<#include "layout/header.ftl"/>
-<div class="">
-    <div class="page-title">
-        <div class="title_left">
-            <h3>Projects <small>Listing design</small></h3>
-        </div>
-
-        <div class="title_right">
-            <div class="col-md-5 col-sm-5 col-xs-12 form-group pull-right top_search">
-                <div class="input-group">
-                    <input type="text" class="form-control" placeholder="Search for...">
-                    <span class="input-group-btn">
-                      <button class="btn btn-default" type="button">Go!</button>
-                    </span>
-                </div>
-            </div>
-        </div>
-    </div>
-
-    <div class="clearfix"></div>
-
-    <div class="row">
-        <div class="col-md-12">
-            <div class="x_panel">
-                <div class="x_title">
-                    <h2>Projects</h2>
-                    <ul class="nav navbar-right panel_toolbox">
-                        <li><a class="collapse-link"><i class="fa fa-chevron-up"></i></a>
-                        </li>
-                        <li class="dropdown">
-                            <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><i class="fa fa-wrench"></i></a>
-                            <ul class="dropdown-menu" role="menu">
-                                <li><a href="#">Settings 1</a>
-                                </li>
-                                <li><a href="#">Settings 2</a>
-                                </li>
-                            </ul>
-                        </li>
-                        <li><a class="close-link"><i class="fa fa-close"></i></a>
-                        </li>
-                    </ul>
-                    <div class="clearfix"></div>
-                </div>
-                <div class="x_content">
-
-                    <p>Simple table with project listing with progress and editing options</p>
-
-                    <!-- start project list -->
-                    <table class="table table-striped projects">
-                        <thead>
-                        <tr>
-                            <th style="width: 1%">#</th>
-                            <th style="width: 20%">Project Name</th>
-                            <th>Team Members</th>
-                            <th>Project Progress</th>
-                            <th>Status</th>
-                            <th style="width: 20%">#Edit</th>
-                        </tr>
-                        </thead>
-                        <tbody>
-                        <tr>
-                            <td>#</td>
-                            <td>
-                                <a>Pesamakini Backend UI</a>
-                                <br />
-                                <small>Created 01.01.2015</small>
-                            </td>
-                            <td>
-                                <ul class="list-inline">
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                </ul>
-                            </td>
-                            <td class="project_progress">
-                                <div class="progress progress_sm">
-                                    <div class="progress-bar bg-green" role="progressbar" data-transitiongoal="57"></div>
-                                </div>
-                                <small>57% Complete</small>
-                            </td>
-                            <td>
-                                <button type="button" class="btn btn-success btn-xs">Success</button>
-                            </td>
-                            <td>
-                                <a href="#" class="btn btn-primary btn-xs"><i class="fa fa-folder"></i> View </a>
-                                <a href="/detail" class="btn btn-info btn-xs"><i class="fa fa-pencil"></i> Edit </a>
-                                <a href="#" class="btn btn-danger btn-xs"><i class="fa fa-trash-o"></i> Delete </a>
-                            </td>
-                        </tr>
-                        <tr>
-                            <td>#</td>
-                            <td>
-                                <a>Pesamakini Backend UI</a>
-                                <br />
-                                <small>Created 01.01.2015</small>
-                            </td>
-                            <td>
-                                <ul class="list-inline">
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                </ul>
-                            </td>
-                            <td class="project_progress">
-                                <div class="progress progress_sm">
-                                    <div class="progress-bar bg-green" role="progressbar" data-transitiongoal="47"></div>
-                                </div>
-                                <small>47% Complete</small>
-                            </td>
-                            <td>
-                                <button type="button" class="btn btn-success btn-xs">Success</button>
-                            </td>
-                            <td>
-                                <a href="#" class="btn btn-primary btn-xs"><i class="fa fa-folder"></i> View </a>
-                                <a href="#" class="btn btn-info btn-xs"><i class="fa fa-pencil"></i> Edit </a>
-                                <a href="#" class="btn btn-danger btn-xs"><i class="fa fa-trash-o"></i> Delete </a>
-                            </td>
-                        </tr>
-                        <tr>
-                            <td>#</td>
-                            <td>
-                                <a>Pesamakini Backend UI</a>
-                                <br />
-                                <small>Created 01.01.2015</small>
-                            </td>
-                            <td>
-                                <ul class="list-inline">
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                </ul>
-                            </td>
-                            <td class="project_progress">
-                                <div class="progress progress_sm">
-                                    <div class="progress-bar bg-green" role="progressbar" data-transitiongoal="77"></div>
-                                </div>
-                                <small>77% Complete</small>
-                            </td>
-                            <td>
-                                <button type="button" class="btn btn-success btn-xs">Success</button>
-                            </td>
-                            <td>
-                                <a href="#" class="btn btn-primary btn-xs"><i class="fa fa-folder"></i> View </a>
-                                <a href="#" class="btn btn-info btn-xs"><i class="fa fa-pencil"></i> Edit </a>
-                                <a href="#" class="btn btn-danger btn-xs"><i class="fa fa-trash-o"></i> Delete </a>
-                            </td>
-                        </tr>
-                        <tr>
-                            <td>#</td>
-                            <td>
-                                <a>Pesamakini Backend UI</a>
-                                <br />
-                                <small>Created 01.01.2015</small>
-                            </td>
-                            <td>
-                                <ul class="list-inline">
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                </ul>
-                            </td>
-                            <td class="project_progress">
-                                <div class="progress progress_sm">
-                                    <div class="progress-bar bg-green" role="progressbar" data-transitiongoal="60"></div>
-                                </div>
-                                <small>60% Complete</small>
-                            </td>
-                            <td>
-                                <button type="button" class="btn btn-success btn-xs">Success</button>
-                            </td>
-                            <td>
-                                <a href="#" class="btn btn-primary btn-xs"><i class="fa fa-folder"></i> View </a>
-                                <a href="#" class="btn btn-info btn-xs"><i class="fa fa-pencil"></i> Edit </a>
-                                <a href="#" class="btn btn-danger btn-xs"><i class="fa fa-trash-o"></i> Delete </a>
-                            </td>
-                        </tr>
-                        <tr>
-                            <td>#</td>
-                            <td>
-                                <a>Pesamakini Backend UI</a>
-                                <br />
-                                <small>Created 01.01.2015</small>
-                            </td>
-                            <td>
-                                <ul class="list-inline">
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                </ul>
-                            </td>
-                            <td class="project_progress">
-                                <div class="progress progress_sm">
-                                    <div class="progress-bar bg-green" role="progressbar" data-transitiongoal="12"></div>
-                                </div>
-                                <small>12% Complete</small>
-                            </td>
-                            <td>
-                                <button type="button" class="btn btn-success btn-xs">Success</button>
-                            </td>
-                            <td>
-                                <a href="#" class="btn btn-primary btn-xs"><i class="fa fa-folder"></i> View </a>
-                                <a href="#" class="btn btn-info btn-xs"><i class="fa fa-pencil"></i> Edit </a>
-                                <a href="#" class="btn btn-danger btn-xs"><i class="fa fa-trash-o"></i> Delete </a>
-                            </td>
-                        </tr>
-                        <tr>
-                            <td>#</td>
-                            <td>
-                                <a>Pesamakini Backend UI</a>
-                                <br />
-                                <small>Created 01.01.2015</small>
-                            </td>
-                            <td>
-                                <ul class="list-inline">
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                </ul>
-                            </td>
-                            <td class="project_progress">
-                                <div class="progress progress_sm">
-                                    <div class="progress-bar bg-green" role="progressbar" data-transitiongoal="35"></div>
-                                </div>
-                                <small>35% Complete</small>
-                            </td>
-                            <td>
-                                <button type="button" class="btn btn-success btn-xs">Success</button>
-                            </td>
-                            <td>
-                                <a href="#" class="btn btn-primary btn-xs"><i class="fa fa-folder"></i> View </a>
-                                <a href="#" class="btn btn-info btn-xs"><i class="fa fa-pencil"></i> Edit </a>
-                                <a href="#" class="btn btn-danger btn-xs"><i class="fa fa-trash-o"></i> Delete </a>
-                            </td>
-                        </tr>
-                        <tr>
-                            <td>#</td>
-                            <td>
-                                <a>Pesamakini Backend UI</a>
-                                <br />
-                                <small>Created 01.01.2015</small>
-                            </td>
-                            <td>
-                                <ul class="list-inline">
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                </ul>
-                            </td>
-                            <td class="project_progress">
-                                <div class="progress progress_sm">
-                                    <div class="progress-bar bg-green" role="progressbar" data-transitiongoal="87"></div>
-                                </div>
-                                <small>87% Complete</small>
-                            </td>
-                            <td>
-                                <button type="button" class="btn btn-success btn-xs">Success</button>
-                            </td>
-                            <td>
-                                <a href="#" class="btn btn-primary btn-xs"><i class="fa fa-folder"></i> View </a>
-                                <a href="#" class="btn btn-info btn-xs"><i class="fa fa-pencil"></i> Edit </a>
-                                <a href="#" class="btn btn-danger btn-xs"><i class="fa fa-trash-o"></i> Delete </a>
-                            </td>
-                        </tr>
-                        <tr>
-                            <td>#</td>
-                            <td>
-                                <a>Pesamakini Backend UI</a>
-                                <br />
-                                <small>Created 01.01.2015</small>
-                            </td>
-                            <td>
-                                <ul class="list-inline">
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                </ul>
-                            </td>
-                            <td class="project_progress">
-                                <div class="progress progress_sm">
-                                    <div class="progress-bar bg-green" role="progressbar" data-transitiongoal="77"></div>
-                                </div>
-                                <small>77% Complete</small>
-                            </td>
-                            <td>
-                                <button type="button" class="btn btn-success btn-xs">Success</button>
-                            </td>
-                            <td>
-                                <a href="#" class="btn btn-primary btn-xs"><i class="fa fa-folder"></i> View </a>
-                                <a href="#" class="btn btn-info btn-xs"><i class="fa fa-pencil"></i> Edit </a>
-                                <a href="#" class="btn btn-danger btn-xs"><i class="fa fa-trash-o"></i> Delete </a>
-                            </td>
-                        </tr>
-                        <tr>
-                            <td>#</td>
-                            <td>
-                                <a>Pesamakini Backend UI</a>
-                                <br />
-                                <small>Created 01.01.2015</small>
-                            </td>
-                            <td>
-                                <ul class="list-inline">
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                    <li>
-                                        <img src="/assets/images/user.png" class="avatar" alt="Avatar">
-                                    </li>
-                                </ul>
-                            </td>
-                            <td class="project_progress">
-                                <div class="progress progress_sm">
-                                    <div class="progress-bar bg-green" role="progressbar" data-transitiongoal="77"></div>
-                                </div>
-                                <small>77% Complete</small>
-                            </td>
-                            <td>
-                                <button type="button" class="btn btn-success btn-xs">Success</button>
-                            </td>
-                            <td>
-                                <a href="#" class="btn btn-primary btn-xs"><i class="fa fa-folder"></i> View </a>
-                                <a href="#" class="btn btn-info btn-xs"><i class="fa fa-pencil"></i> Edit </a>
-                                <a href="#" class="btn btn-danger btn-xs"><i class="fa fa-trash-o"></i> Delete </a>
-                            </td>
-                        </tr>
-                        </tbody>
-                    </table>
-                    <!-- end project list -->
-
-                </div>
-            </div>
-        </div>
-    </div>
-</div>
-<#include "layout/footer.ftl"/>
\ No newline at end of file
diff --git a/blog-admin/src/main/resources/templates/notice/list.ftl b/blog-admin/src/main/resources/templates/notice/list.ftl
index d09a5497bc102ecf6dc5aa555feaabf8c126672e..8cb07d2fa3fc72c212a9b06db0a09d8ea32411d0 100644
--- a/blog-admin/src/main/resources/templates/notice/list.ftl
+++ b/blog-admin/src/main/resources/templates/notice/list.ftl
@@ -10,12 +10,16 @@
             <div class="x_content">
                 <div class="<#--table-responsive-->">
                     <div class="btn-group hidden-xs" id="toolbar">
-                        <button id="btn_add" type="button" class="btn btn-default" title="新增网站通知">
-                            <i class="fa fa-plus"></i> 新增网站通知
-                        </button>
-                        <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
-                            <i class="fa fa-trash-o"></i> 批量删除
-                        </button>
+                        <@shiro.hasPermission name="notice:add">
+                            <button id="btn_add" type="button" class="btn btn-default" title="添加公告">
+                                <i class="fa fa-plus"></i> 添加公告
+                            </button>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="notice:batchDelete">
+                            <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
+                                <i class="fa fa-trash-o"></i> 批量删除
+                            </button>
+                        </@shiro.hasPermission>
                     </div>
                     <table id="tablelist">
                     </table>
@@ -89,14 +93,14 @@
         var status = row.status;
         var html = '';
         if (status && status == 'NOT_RELEASE') {
-            html = '<a class="btn btn-xs btn-primary btn-release" data-id="' + trId + '"><i class="fa fa-rocket fa-fw"></i>发布</a>';
+            html = '<@shiro.hasPermission name="notice:release"><a class="btn btn-xs btn-primary btn-release" data-id="' + trId + '"><i class="fa fa-rocket fa-fw"></i>发布</a></@shiro.hasPermission>';
         } else {
-            html = '<a class="btn btn-xs btn-primary btn-withdraw" data-id="' + trId + '"><i class="fa fa-rocket fa-rotate-180 fa-fw"></i>撤回</a>';
+            html = '<@shiro.hasPermission name="notice:withdraw"><a class="btn btn-xs btn-primary btn-withdraw" data-id="' + trId + '"><i class="fa fa-rocket fa-rotate-180 fa-fw"></i>撤回</a></@shiro.hasPermission>';
         }
         var operateBtn = [
             html,
-            '<a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit fa-fw"></i>编辑</a>',
-            '<a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o fa-fw"></i>删除</a>'
+            '<@shiro.hasPermission name="notice:edit"><a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="notice:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>'
         ];
         return operateBtn.join('');
     }
diff --git a/blog-admin/src/main/resources/templates/resources/list.ftl b/blog-admin/src/main/resources/templates/resources/list.ftl
index 756cab54ac7c6db7ca92d1a3a085fe7571b58155..ad0adfe7a519b8415ab505666d75869893ec2fa0 100644
--- a/blog-admin/src/main/resources/templates/resources/list.ftl
+++ b/blog-admin/src/main/resources/templates/resources/list.ftl
@@ -10,12 +10,16 @@
             <div class="x_content">
                 <div class="<#--table-responsive-->">
                     <div class="btn-group hidden-xs" id="toolbar">
+                        <@shiro.hasPermission name="resource:add">
                         <button id="btn_add" type="button" class="btn btn-default" title="新增资源">
                             <i class="fa fa-plus"></i> 新增资源
                         </button>
-                        <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
-                            <i class="fa fa-trash-o"></i> 批量删除
-                        </button>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="resource:batchDelete">
+                            <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
+                                <i class="fa fa-trash-o"></i> 批量删除
+                            </button>
+                        </@shiro.hasPermission>
                     </div>
                     <table id="tablelist">
                     </table>
@@ -46,15 +50,16 @@
                         <label class="control-label col-md-3 col-sm-3 col-xs-12" for="type">资源类型: <span class="required">*</span></label>
                         <div class="col-md-6 col-sm-6 col-xs-12">
                             <select name="type" id="type" required="required" class="form-control col-md-7 col-xs-12">
+                                <option value="">请选择</option>
                                 <option value="menu">菜单</option>
                                 <option value="button">按钮</option>
                             </select>
                         </div>
                     </div>
                     <div class="item form-group">
-                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="type">父级资源: <span class="required">*</span></label>
-                        <div class="col-md-6 col-sm-6 col-xs-12">
-                            <select name="parentId" id="parentId" required="required" class="form-control col-md-7 col-xs-12">
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="type">父级资源: </label>
+                        <div class="col-md-6 col-sm-6 col-xs-6">
+                            <select id="parentId" name="parentId" class="form-control col-md-5 col-xs-5">
                                 <option value="">请选择</option>
                                 <@zhydTag method="availableMenus">
                                     <#if availableMenus?? && availableMenus?size gt 0>
@@ -101,20 +106,8 @@
                         <label class="control-label col-md-3 col-sm-3 col-xs-12" for="mobile">是否可用 <span class="required">*</span></label>
                         <div class="col-md-6 col-sm-6 col-xs-12">
                             <ul class="list-unstyled list-inline">
-                                <li>
-                                    <div class="radio">
-                                        <label>
-                                            <input type="radio" class="flat" checked name="available" value="1"> 可用
-                                        </label>
-                                    </div>
-                                </li>
-                                <li>
-                                    <div class="radio">
-                                        <label>
-                                            <input type="radio" class="flat" name="available" value="0"> 禁用
-                                        </label>
-                                    </div>
-                                </li>
+                                <li><input type="radio" class="flat" checked="checked" name="available" value="1"> 可用</li>
+                                <li><input type="radio" class="flat" name="available" value="0"> 禁用</li>
                             </ul>
                         </div>
                     </div>
@@ -122,20 +115,8 @@
                         <label class="control-label col-md-3 col-sm-3 col-xs-12" for="mobile">外部链接 <span class="required">*</span></label>
                         <div class="col-md-6 col-sm-6 col-xs-12">
                             <ul class="list-unstyled list-inline">
-                                <li>
-                                    <div class="radio">
-                                        <label>
-                                            <input type="radio" class="flat" checked name="external" value="0"> 否
-                                        </label>
-                                    </div>
-                                </li>
-                                <li>
-                                    <div class="radio">
-                                        <label>
-                                            <input type="radio" class="flat" name="external" value="1"> 是
-                                        </label>
-                                    </div>
-                                </li>
+                                <li><input type="radio" class="flat" checked name="external" value="0"> 否</li>
+                                <li><input type="radio" class="flat" name="external" value="1"> 是</li>
                             </ul>
                         </div>
                     </div>
@@ -160,9 +141,9 @@
     function operateFormatter(code, row, index) {
         var trId = row.id;
         var operateBtn = [
-            '<a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a>',
+            '<@shiro.hasPermission name="resource:edit"><a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="resource:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>'
         ];
-        operateBtn.push('<a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a>');
         return operateBtn.join('');
     }
     $(function () {
@@ -225,5 +206,6 @@
         $.tableUtil.init(options);
         //2.初始化Button的点击事件
         $.buttonUtil.init(options);
+
     });
 </script>
\ No newline at end of file
diff --git a/blog-admin/src/main/resources/templates/role/list.ftl b/blog-admin/src/main/resources/templates/role/list.ftl
index 447a7f9f07a73edbd3232506579822aff360716f..cdc177b9116ef45183248183d1cfc83d52e5c663 100644
--- a/blog-admin/src/main/resources/templates/role/list.ftl
+++ b/blog-admin/src/main/resources/templates/role/list.ftl
@@ -10,12 +10,16 @@
             <div class="x_content">
                 <div class="<#--table-responsive-->">
                     <div class="btn-group hidden-xs" id="toolbar">
+                        <@shiro.hasPermission name="role:add">
                         <button id="btn_add" type="button" class="btn btn-default" title="新增角色">
                             <i class="fa fa-plus"></i> 新增角色
                         </button>
-                        <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
-                            <i class="fa fa-trash-o"></i> 批量删除
-                        </button>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="role:batchDelete">
+                            <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
+                                <i class="fa fa-trash-o"></i> 批量删除
+                            </button>
+                        </@shiro.hasPermission>
                     </div>
                     <table id="tablelist">
                     </table>
@@ -59,15 +63,22 @@
                 <form id="addOrUpdateForm" class="form-horizontal form-label-left" novalidate>
                     <input type="hidden" name="id">
                     <div class="item form-group">
-                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="description">角色名称: <span class="required">*</span></label>
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="name">角色名称: <span class="required">*</span></label>
+                        <div class="col-md-6 col-sm-6 col-xs-12">
+                            <input type="text" class="form-control col-md-7 col-xs-12" name="name" id="name" required="required" placeholder="请输入角色名称"/>
+                        </div>
+                    </div>
+                    <div class="item form-group">
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="description">角色描述: <span class="required">*</span></label>
                         <div class="col-md-6 col-sm-6 col-xs-12">
-                            <input type="text" class="form-control col-md-7 col-xs-12" name="description" id="description" required="required" placeholder="请输入角色名称"/>
+                            <input type="text" class="form-control col-md-7 col-xs-12" name="description" id="description" required="required" placeholder="请输入角色描述"/>
                         </div>
                     </div>
                     <div class="item form-group">
                         <label class="control-label col-md-3 col-sm-3 col-xs-12" for="available">是否可用: <span class="required">*</span></label>
                         <div class="col-md-6 col-sm-6 col-xs-12">
                             <select name="available" id="available" required="required" class="form-control col-md-7 col-xs-12">
+                                <option value="">请选择</option>
                                 <option value="0">不可用</option>
                                 <option value="1" selected="selected">可用</option>
                             </select>
@@ -94,10 +105,10 @@
     function operateFormatter(code, row, index) {
         var trId = row.id;
         var operateBtn = [
-            '<a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a>',
+            '<@shiro.hasPermission name="role:edit"><a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="role:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="role:allotResource"><a class="btn btn-xs btn-info btn-allot" data-id="' + trId + '"><i class="fa fa-circle-thin"></i>分配资源</a></@shiro.hasPermission>'
         ];
-        operateBtn.push('<a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a>');
-        operateBtn.push('<a class="btn btn-xs btn-info btn-allot" data-id="' + trId + '"><i class="fa fa-circle-thin"></i>分配资源</a>')
         return operateBtn.join('');
     }
 
@@ -112,9 +123,13 @@
             columns: [{
                 checkbox: true
             }, {
-                field: 'description',
+                field: 'name',
                 title: '角色名',
                 editable: false,
+            }, {
+                field: 'description',
+                title: '角色描述',
+                editable: false,
             }, {
                 field: 'available',
                 title: '是否可用',
diff --git a/blog-admin/src/main/resources/templates/template/list.ftl b/blog-admin/src/main/resources/templates/template/list.ftl
index aa07ee5a48c405d33843595a0f19dab09e05b53a..1aa5bb7cc1efc80c05a4f2022e92927ed86914dd 100644
--- a/blog-admin/src/main/resources/templates/template/list.ftl
+++ b/blog-admin/src/main/resources/templates/template/list.ftl
@@ -10,12 +10,16 @@
             <div class="x_content">
                 <div class="<#--table-responsive-->">
                     <div class="btn-group hidden-xs" id="toolbar">
-                        <button id="btn_add" type="button" class="btn btn-default" title="新增模板">
-                            <i class="fa fa-plus"></i> 新增模板
-                        </button>
-                        <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
-                            <i class="fa fa-trash-o"></i> 批量删除
-                        </button>
+                        <@shiro.hasPermission name="template:add">
+                            <button id="btn_add" type="button" class="btn btn-default" title="新增模板">
+                                <i class="fa fa-plus"></i> 新增模板
+                            </button>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="template:batchDelete">
+                            <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
+                                <i class="fa fa-trash-o"></i> 批量删除
+                            </button>
+                        </@shiro.hasPermission>
                     </div>
                     <table id="tablelist">
                     </table>
@@ -69,8 +73,8 @@
     function operateFormatter(code, row, index) {
         var trId = row.id;
         var operateBtn = [
-            '<a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a>',
-            '<a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a>'
+            '<@shiro.hasPermission name="template:edit"><a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="template:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>'
         ];
         return operateBtn.join('');
     }
diff --git a/blog-admin/src/main/resources/templates/update/list.ftl b/blog-admin/src/main/resources/templates/update/list.ftl
index fecc4e58fe06736c8a49be9fe689fd2dfcccae66..7d5fc4fc038b71f95b786a98376f234743a94e81 100644
--- a/blog-admin/src/main/resources/templates/update/list.ftl
+++ b/blog-admin/src/main/resources/templates/update/list.ftl
@@ -10,12 +10,16 @@
             <div class="x_content">
                 <div class="<#--table-responsive-->">
                     <div class="btn-group hidden-xs" id="toolbar">
-                        <button id="btn_add" type="button" class="btn btn-default" title="新增更新记录">
-                            <i class="fa fa-plus"></i> 新增更新记录
-                        </button>
-                        <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
-                            <i class="fa fa-trash-o"></i> 批量删除
-                        </button>
+                        <@shiro.hasPermission name="updateLog:add">
+                            <button id="btn_add" type="button" class="btn btn-default" title="新增更新记录">
+                                <i class="fa fa-plus"></i> 新增更新记录
+                            </button>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="updateLog:batchDelete">
+                            <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
+                                <i class="fa fa-trash-o"></i> 批量删除
+                            </button>
+                        </@shiro.hasPermission>
                     </div>
                     <table id="tablelist">
                     </table>
@@ -80,8 +84,8 @@
     function operateFormatter(code, row, index) {
         var trId = row.id;
         var operateBtn = [
-            '<a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a>',
-            '<a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a>'
+            '<@shiro.hasPermission name="updateLog:edit"><a class="btn btn-xs btn-primary btn-update" data-id="' + trId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
+            '<@shiro.hasPermission name="updateLog:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>'
         ];
         return operateBtn.join('');
     }
diff --git a/blog-admin/src/main/resources/templates/user/list.ftl b/blog-admin/src/main/resources/templates/user/list.ftl
index 43b808fec598b2c2c21890383a34a0dff6231820..15dfd9e747431c7b48543fcabf2bd1814d9dba74 100644
--- a/blog-admin/src/main/resources/templates/user/list.ftl
+++ b/blog-admin/src/main/resources/templates/user/list.ftl
@@ -10,12 +10,16 @@
             <div class="x_content">
                 <div class="<#--table-responsive-->">
                     <div class="btn-group hidden-xs" id="toolbar">
+                        <@shiro.hasPermission name="user:add">
                         <button id="btn_add" type="button" class="btn btn-default" title="新增用户">
                             <i class="fa fa-plus"></i> 新增用户
                         </button>
-                        <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
-                            <i class="fa fa-trash-o"></i> 批量删除
-                        </button>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="user:batchDelete">
+                            <button id="btn_delete_ids" type="button" class="btn btn-default" title="删除选中">
+                                <i class="fa fa-trash-o"></i> 批量删除
+                            </button>
+                        </@shiro.hasPermission>
                     </div>
                     <table id="tablelist">
                     </table>
@@ -116,11 +120,11 @@
         var currentUserId = '${user.id}';
         var trUserId = row.id;
         var operateBtn = [
-            '<a class="btn btn-xs btn-primary btn-update" data-id="' + trUserId + '"><i class="fa fa-edit"></i>编辑</a>',
+            '<@shiro.hasPermission name="user:edit"><a class="btn btn-xs btn-primary btn-update" data-id="' + trUserId + '"><i class="fa fa-edit"></i>编辑</a></@shiro.hasPermission>',
         ];
         if (currentUserId != trUserId) {
-            operateBtn.push('<a class="btn btn-xs btn-danger btn-remove" data-id="' + trUserId + '"><i class="fa fa-trash-o"></i>删除</a>');
-            operateBtn.push('<a class="btn btn-xs btn-info btn-allot" data-id="' + trUserId + '"><i class="fa fa-circle-thin"></i>分配角色</a>')
+            operateBtn.push('<@shiro.hasPermission name="user:delete"><a class="btn btn-xs btn-danger btn-remove" data-id="' + trUserId + '"><i class="fa fa-trash-o"></i>删除</a></@shiro.hasPermission>');
+            operateBtn.push('<@shiro.hasPermission name="user:allotRole"><a class="btn btn-xs btn-info btn-allot" data-id="' + trUserId + '"><i class="fa fa-circle-thin"></i>分配角色</a></@shiro.hasPermission>')
         }
         return operateBtn.join('');
     }
diff --git a/blog-web/src/main/resources/application.yml b/blog-web/src/main/resources/application.yml
index f83e1d14bab58df70efecede8a9fef0731ea9022..a9eb4f0279795eafd9ca46e7c8204286b17bb9bc 100644
--- a/blog-web/src/main/resources/application.yml
+++ b/blog-web/src/main/resources/application.yml
@@ -73,7 +73,7 @@ spring:
         # Redis服务器连接端口
         port: 6379
         # Redis服务器连接密码（默认为空）
-        password: qwe!@#123
+        password:
         # 连接池最大连接数（使用负值表示没有限制）
         pool:
             maxActive: 8
diff --git a/docs/db/dblog.sql b/docs/db/dblog.sql
index a9030ecf7cae3e6254a4e862c2e3b6e2c44ab13b..b0328f06f3f06f2c140b184f3d225ebb318c4425 100644
--- a/docs/db/dblog.sql
+++ b/docs/db/dblog.sql
@@ -10,7 +10,7 @@ Target Server Type    : MYSQL
 Target Server Version : 50624
 File Encoding         : 65001
 
-Date: 2018-05-21 17:24:21
+Date: 2018-05-22 11:53:59
 */
 
 SET FOREIGN_KEY_CHECKS=0;
@@ -71,6 +71,8 @@ INSERT INTO `biz_article_look` VALUES ('6', '3', null, '0:0:0:0:0:0:0:1', '2018-
 INSERT INTO `biz_article_look` VALUES ('7', '3', null, '0:0:0:0:0:0:0:1', '2018-04-23 10:18:17', '2018-04-23 10:18:17', '2018-04-23 10:18:17');
 INSERT INTO `biz_article_look` VALUES ('8', '3', null, '0:0:0:0:0:0:0:1', '2018-04-23 10:19:39', '2018-04-23 10:19:39', '2018-04-23 10:19:39');
 INSERT INTO `biz_article_look` VALUES ('9', '3', null, '0:0:0:0:0:0:0:1', '2018-04-23 10:19:45', '2018-04-23 10:19:45', '2018-04-23 10:19:45');
+INSERT INTO `biz_article_look` VALUES ('10', '1', null, '0:0:0:0:0:0:0:1', '2018-05-22 11:50:14', '2018-05-22 11:50:14', '2018-05-22 11:50:14');
+INSERT INTO `biz_article_look` VALUES ('11', '1', null, '0:0:0:0:0:0:0:1', '2018-05-22 11:50:44', '2018-05-22 11:50:44', '2018-05-22 11:50:44');
 
 -- ----------------------------
 -- Table structure for biz_article_love
@@ -142,11 +144,12 @@ CREATE TABLE `biz_comment` (
   `create_time` datetime DEFAULT CURRENT_TIMESTAMP COMMENT '添加时间',
   `update_time` datetime DEFAULT CURRENT_TIMESTAMP COMMENT '更新时间',
   PRIMARY KEY (`id`) USING BTREE
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 ROW_FORMAT=COMPACT;
+) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8 ROW_FORMAT=COMPACT;
 
 -- ----------------------------
 -- Records of biz_comment
 -- ----------------------------
+INSERT INTO `biz_comment` VALUES ('1', '1', null, '0', '843977358', '七彩狼', 'https://q1.qlogo.cn/g?b=qq&nk=843977358&s=40', '843977358@qq.com', 'https://www.zhyd.me', 'VERIFYING', '0:0:0:0:0:0:0:1', null, null, '未知', 'Windows 7', null, 'Chrome 65.0.3325.146', null, '<p>测试评论</p>', null, '0', '0', '2018-05-22 11:50:40', '2018-05-22 11:50:40');
 
 -- ----------------------------
 -- Table structure for biz_tags
@@ -233,7 +236,7 @@ CREATE TABLE `sys_config` (
 -- ----------------------------
 -- Records of sys_config
 -- ----------------------------
-INSERT INTO `sys_config` VALUES ('1', '张亚东博客是一个程序员的个人技术博客(微博ID:@七彩狼丿)，旨在分享工作和学习中用到的技术、遇到的疑难知识点，也为了备战自己的人生。心之所向，无所不能。', '张亚东博客,程序猿,程序员,后端开发,软件开发,WEB开发,Java攻城狮,全栈工程师,原创博客,个人原创网站,个人技术博客', 'zhyd.me', 'http://localhost:8443', '博客', '一个程序员的个人博客，心之所向，无所不能', 'https://static.zhyd.me/static/img/favicon.ico', 'http://localhost:8443', '张亚东', 'yadong.zhang0415#gmail.com', '', '843977358', 'http://weibo.com/211230415', 'https://github.com/zhangyd-c', '0', '2018-12-19 23:07:52', '1', null, null, null, null, null, null, null, null, '2018-01-19 23:07:52', '2018-05-21 16:35:28');
+INSERT INTO `sys_config` VALUES ('1', '张亚东博客是一个程序员的个人技术博客(微博ID:@七彩狼丿)，旨在分享工作和学习中用到的技术、遇到的疑难知识点，也为了备战自己的人生。心之所向，无所不能。', '张亚东博客,程序猿,程序员,后端开发,软件开发,WEB开发,Java攻城狮,全栈工程师,原创博客,个人原创网站,个人技术博客', 'zhyd.me', 'http://localhost:8443', '博客', '一个程序员的个人博客，心之所向，无所不能', 'https://static.zhyd.me/static/img/favicon.ico', 'http://localhost:8443', '张亚东', 'yadong.zhang0415#gmail.com', '', '843977358', 'http://weibo.com/211230415', 'https://github.com/zhangyd-c', '0', '2018-12-19 23:07:52', '1', null, null, null, null, null, null, null, null, '2018-01-19 23:07:52', '2018-05-21 17:34:46');
 
 -- ----------------------------
 -- Table structure for sys_link
@@ -276,11 +279,12 @@ CREATE TABLE `sys_notice` (
   `create_time` datetime DEFAULT CURRENT_TIMESTAMP COMMENT '添加时间',
   `update_time` datetime DEFAULT CURRENT_TIMESTAMP COMMENT '更新时间',
   PRIMARY KEY (`id`) USING BTREE
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 ROW_FORMAT=COMPACT;
+) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8 ROW_FORMAT=COMPACT;
 
 -- ----------------------------
 -- Records of sys_notice
 -- ----------------------------
+INSERT INTO `sys_notice` VALUES ('1', '1', 'RELEASE', 'asd', 'asd', '2018-05-22 10:26:26', '2018-05-22 10:26:34');
 
 -- ----------------------------
 -- Table structure for sys_resources
@@ -306,27 +310,76 @@ CREATE TABLE `sys_resources` (
 -- ----------------------------
 -- Records of sys_resources
 -- ----------------------------
-INSERT INTO `sys_resources` VALUES ('1', '首页', 'menu', '/index', 'index', '0', '0', '0', '1', 'fa fa-home', '2017-12-20 16:40:06', '2018-01-14 21:02:05');
-INSERT INTO `sys_resources` VALUES ('2', '用户管理', 'menu', '/users', 'users', '0', '1', null, '1', 'fa fa-users', '2017-12-22 13:56:15', '2017-12-22 13:56:15');
-INSERT INTO `sys_resources` VALUES ('3', '系统配置', 'menu', null, null, '0', '7', null, '1', 'fa fa-cogs', '2017-12-20 16:40:06', '2017-12-20 16:40:08');
-INSERT INTO `sys_resources` VALUES ('4', '资源管理', 'menu', '/resources', 'resources', '3', '1', null, '1', null, '2017-12-22 15:31:05', '2017-12-22 15:31:05');
-INSERT INTO `sys_resources` VALUES ('5', '角色管理', 'menu', '/roles', 'roles', '3', '2', null, '1', null, '2017-12-22 15:31:27', '2017-12-22 15:31:27');
-INSERT INTO `sys_resources` VALUES ('6', '测试页面', 'menu', null, null, '0', '100', null, '1', 'fa fa-desktop', '2017-12-22 15:31:27', '2017-12-22 15:31:27');
-INSERT INTO `sys_resources` VALUES ('7', 'list', 'menu', '/list', 'anon', '6', '1', null, '1', null, '2017-12-22 15:31:27', '2017-12-22 15:31:27');
-INSERT INTO `sys_resources` VALUES ('8', 'detail', 'menu', '/details', 'anon', '6', '2', null, '1', null, '2017-12-22 15:31:27', '2017-12-22 15:31:27');
-INSERT INTO `sys_resources` VALUES ('9', 'ztree', 'menu', '/ztree', 'anon', '6', '3', null, '1', null, '2017-12-22 15:31:27', '2017-12-22 15:31:27');
-INSERT INTO `sys_resources` VALUES ('10', 'icons', 'menu', '/icons', 'anon', '6', '4', null, '1', null, '2018-01-02 15:05:57', '2018-01-02 15:05:57');
-INSERT INTO `sys_resources` VALUES ('11', '文章管理', 'menu', '', '', '0', '2', '0', '1', 'fa fa-list', '2018-01-13 21:23:00', '2018-01-13 21:23:00');
-INSERT INTO `sys_resources` VALUES ('12', '文章列表', 'menu', '/articles', 'articles', '11', '1', '0', '1', '', '2018-01-13 21:45:50', '2018-01-13 21:51:47');
-INSERT INTO `sys_resources` VALUES ('13', '发表文章', 'menu', '/article/publish', 'article:publish', '11', '2', '0', '1', '', '2018-01-13 21:48:36', '2018-01-13 21:51:53');
-INSERT INTO `sys_resources` VALUES ('14', '分类列表', 'menu', '/article/types', 'article:types', '11', '3', '0', '1', '', '2018-01-13 21:49:36', '2018-01-13 21:51:58');
-INSERT INTO `sys_resources` VALUES ('15', '标签列表', 'menu', '/article/tags', 'article:tags', '11', '4', '0', '1', '', '2018-01-13 21:50:10', '2018-01-13 21:51:41');
-INSERT INTO `sys_resources` VALUES ('16', '友情链接', 'menu', '/links', 'links', '21', '3', '0', '1', null, '2018-01-13 21:54:21', '2018-01-13 21:54:21');
-INSERT INTO `sys_resources` VALUES ('17', '评论管理', 'menu', '/comments', 'comments', '21', '4', '0', '1', null, '2018-01-14 20:25:29', '2018-01-14 20:29:56');
-INSERT INTO `sys_resources` VALUES ('18', '模板管理', 'menu', '/templates', 'templates', '21', '3', '0', '1', null, '2018-01-14 20:26:28', '2018-01-14 20:28:10');
-INSERT INTO `sys_resources` VALUES ('19', '更新记录', 'menu', '/updates', 'updates', '21', '5', '0', '1', null, '2018-01-15 17:46:23', '2018-01-15 17:49:46');
-INSERT INTO `sys_resources` VALUES ('20', '公告管理', 'menu', '/notices', 'notices', '21', '6', '0', '1', null, '2018-01-15 17:54:14', '2018-01-15 17:54:14');
-INSERT INTO `sys_resources` VALUES ('21', '网站管理', 'menu', '', null, '0', '2', '0', '1', 'fa fa-globe', '2018-01-31 11:25:13', '2018-01-31 11:25:13');
+INSERT INTO `sys_resources` VALUES ('1', '用户管理', 'menu', null, null, '0', '1', '0', '1', 'fa fa-users', '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('2', '用户列表', 'menu', '/users', 'users', '1', '1', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('3', '新增用户', 'button', null, 'user:add', '2', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('4', '批量删除用户', 'button', null, 'user:batchDelete', '2', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('5', '编辑用户', 'button', null, 'user:edit', '2', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('6', '删除用户', 'button', null, 'user:delete', '2', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('7', '分配用户角色', 'button', null, 'user:allotRole', '2', '6', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('8', '系统配置', 'menu', null, null, '0', '2', '0', '1', 'fa fa-cogs', '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('9', '资源管理', 'menu', '/resources', 'resources', '8', '1', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('10', '新增资源', 'button', null, 'resource:add', '9', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('11', '批量删除资源', 'button', null, 'resource:batchDelete', '9', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('12', '编辑资源', 'button', null, 'resource:edit', '9', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('13', '删除资源', 'button', null, 'resource:delete', '9', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('14', '角色管理', 'menu', '/roles', 'roles', '8', '2', '0', '1', '', '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('15', '新增角色', 'button', null, 'role:add', '14', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('16', '批量删除角色', 'button', null, 'role:batchDelete', '14', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('17', '编辑角色', 'button', null, 'role:edit', '14', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('18', '删除角色', 'button', null, 'role:delete', '14', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('19', '分配角色资源', 'button', null, 'role:allotResource', '14', '6', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('20', '文章管理', 'menu', null, null, '0', '3', '0', '1', 'fa fa-list', '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('21', '文章列表', 'menu', '/articles', 'articles', '20', '1', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('22', '发表文章', 'button', null, 'article:publish', '21', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('23', '批量删除文章', 'button', null, 'article:batchDelete', '21', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('24', '批量推送文章', 'button', null, 'article:batchPush', '21', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('25', '推送文章', 'button', null, 'article:push', '21', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('26', '置顶文章', 'button', null, 'article:top', '21', '6', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('27', '推荐文章', 'button', null, 'article:recommend', '21', '7', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('28', '编辑文章', 'button', null, 'article:edit', '21', '8', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('29', '删除文章', 'button', null, 'article:delete', '21', '9', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('30', '分类列表', 'menu', '/article/types', 'types', '20', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('31', '添加分类', 'button', null, 'type:add', '30', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('32', '批量删除分类', 'button', null, 'type:batchDelete', '30', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('33', '编辑分类', 'button', null, 'type:edit', '30', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('34', '删除分类', 'button', null, 'type:delete', '30', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('35', '标签列表', 'menu', '/article/tags', 'tags', '20', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('36', '添加标签', 'button', null, 'tag:add', '35', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('37', '批量删除标签', 'button', null, 'tag:batchDelete', '35', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('38', '编辑标签', 'button', null, 'tag:edit', '35', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('39', '删除标签', 'button', null, 'tag:delete', '35', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('40', '网站管理', 'menu', null, null, '0', '4', '0', '1', 'fa fa-globe', '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('41', '友情链接', 'menu', '/links', 'links', '40', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('42', '添加友情链接', 'button', null, 'link:add', '41', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('43', '批量删除友情链接', 'button', null, 'link:batchDelete', '41', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('44', '编辑友情链接', 'button', null, 'link:edit', '41', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('45', '删除友情链接', 'button', null, 'link:delete', '41', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('46', '评论管理', 'menu', '/comments', 'comments', '40', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('47', '批量删除评论', 'button', null, 'comment:batchDelete', '46', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('48', '回复评论', 'button', null, 'comment:reply', '46', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('49', '审核评论', 'button', null, 'comment:audit', '46', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('50', '删除评论', 'button', null, 'comment:delete', '46', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('51', '模板管理', 'menu', '/templates', 'templates', '40', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('52', '添加模板', 'button', null, 'template:add', '51', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('53', '批量删除模板', 'button', null, 'template:batchDelete', '51', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('54', '编辑模板', 'button', null, 'template:edit', '51', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('55', '删除模板', 'button', null, 'template:delete', '51', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('56', '更新日志', 'menu', '/updates', 'updateLogs', '40', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('57', '添加更新日志', 'button', null, 'updateLog:add', '51', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('58', '批量删除更新日志', 'button', null, 'updateLog:batchDelete', '51', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('59', '编辑更新日志', 'button', null, 'updateLog:edit', '51', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('60', '删除更新日志', 'button', null, 'updateLog:delete', '51', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('61', '公告管理', 'menu', '/notices', 'notices', '40', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('62', '添加公告', 'button', null, 'notice:add', '61', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('63', '批量删除公告', 'button', null, 'notice:batchDelete', '61', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('64', '编辑公告', 'button', null, 'notice:edit', '61', '4', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('65', '删除公告', 'button', null, 'notice:delete', '61', '5', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('66', '发布公告', 'button', null, 'notice:release', '61', '6', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('67', '撤回公告', 'button', null, 'notice:withdraw', '61', '7', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('68', '测试页面', 'menu', null, null, '0', '5', '0', '1', 'fa fa-desktop', '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('69', 'icons图标', 'menu', '/icons', 'icons', '68', '2', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
+INSERT INTO `sys_resources` VALUES ('70', 'shiro测试', 'menu', '/shiro', 'shiro', '68', '3', '0', '1', null, '2018-05-22 10:08:05', '2018-05-22 10:08:05');
 
 -- ----------------------------
 -- Table structure for sys_role
@@ -334,7 +387,7 @@ INSERT INTO `sys_resources` VALUES ('21', '网站管理', 'menu', '', null, '0',
 DROP TABLE IF EXISTS `sys_role`;
 CREATE TABLE `sys_role` (
   `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
-  `name`  varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL COMMENT '角色名',
+  `name` varchar(100) DEFAULT NULL COMMENT '角色名',
   `description` varchar(100) DEFAULT NULL,
   `available` tinyint(1) DEFAULT '0',
   `create_time` datetime DEFAULT CURRENT_TIMESTAMP COMMENT '添加时间',
@@ -347,6 +400,7 @@ CREATE TABLE `sys_role` (
 -- ----------------------------
 INSERT INTO `sys_role` VALUES ('1', 'role:root', '超级管理员', '1', '2017-12-20 16:40:24', '2017-12-20 16:40:26');
 INSERT INTO `sys_role` VALUES ('2', 'role:admin', '管理员', '1', '2017-12-22 13:56:39', '2017-12-22 13:56:39');
+INSERT INTO `sys_role` VALUES ('3', 'role:comment', '评论审核管理员', '1', '2018-05-22 11:37:37', '2018-05-22 11:37:37');
 
 -- ----------------------------
 -- Table structure for sys_role_resources
@@ -364,27 +418,84 @@ CREATE TABLE `sys_role_resources` (
 -- ----------------------------
 -- Records of sys_role_resources
 -- ----------------------------
-INSERT INTO `sys_role_resources` VALUES ('1', '1', '1', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('2', '1', '2', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('3', '1', '11', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('4', '1', '12', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('5', '1', '13', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('6', '1', '14', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('7', '1', '15', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('8', '1', '21', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('9', '1', '16', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('10', '1', '18', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('11', '1', '17', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('12', '1', '19', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('13', '1', '20', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('14', '1', '3', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('15', '1', '4', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('16', '1', '5', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('17', '1', '6', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('18', '1', '7', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('19', '1', '8', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('20', '1', '9', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
-INSERT INTO `sys_role_resources` VALUES ('21', '1', '10', '2018-05-21 17:23:58', '2018-05-21 17:23:58');
+INSERT INTO `sys_role_resources` VALUES ('1', '1', '1', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('2', '1', '2', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('3', '1', '3', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('4', '1', '4', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('5', '1', '5', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('6', '1', '6', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('7', '1', '7', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('8', '1', '8', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('9', '1', '9', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('10', '1', '10', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('11', '1', '11', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('12', '1', '12', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('13', '1', '13', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('14', '1', '14', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('15', '1', '15', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('16', '1', '16', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('17', '1', '17', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('18', '1', '18', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('19', '1', '19', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('20', '1', '20', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('21', '1', '21', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('22', '1', '22', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('23', '1', '23', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('24', '1', '24', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('25', '1', '25', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('26', '1', '26', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('27', '1', '27', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('28', '1', '28', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('29', '1', '29', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('30', '1', '30', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('31', '1', '31', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('32', '1', '32', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('33', '1', '33', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('34', '1', '34', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('35', '1', '35', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('36', '1', '36', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('37', '1', '37', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('38', '1', '38', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('39', '1', '39', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('40', '1', '40', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('41', '1', '41', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('42', '1', '42', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('43', '1', '43', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('44', '1', '44', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('45', '1', '45', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('46', '1', '46', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('47', '1', '47', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('48', '1', '48', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('49', '1', '49', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('50', '1', '50', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('51', '1', '51', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('52', '1', '52', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('53', '1', '57', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('54', '1', '53', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('55', '1', '58', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('56', '1', '54', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('57', '1', '59', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('58', '1', '55', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('59', '1', '60', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('60', '1', '56', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('61', '1', '61', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('62', '1', '62', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('63', '1', '63', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('64', '1', '64', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('65', '1', '65', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('66', '1', '66', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('67', '1', '67', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('68', '1', '68', '2018-05-22 09:28:07', '2018-05-22 09:28:07');
+INSERT INTO `sys_role_resources` VALUES ('84', '2', '20', '2018-05-22 10:13:40', '2018-05-22 10:13:40');
+INSERT INTO `sys_role_resources` VALUES ('85', '2', '21', '2018-05-22 10:13:40', '2018-05-22 10:13:40');
+INSERT INTO `sys_role_resources` VALUES ('86', '2', '24', '2018-05-22 10:13:40', '2018-05-22 10:13:40');
+INSERT INTO `sys_role_resources` VALUES ('87', '2', '25', '2018-05-22 10:13:40', '2018-05-22 10:13:40');
+INSERT INTO `sys_role_resources` VALUES ('88', '2', '26', '2018-05-22 10:13:40', '2018-05-22 10:13:40');
+INSERT INTO `sys_role_resources` VALUES ('89', '2', '27', '2018-05-22 10:13:40', '2018-05-22 10:13:40');
+INSERT INTO `sys_role_resources` VALUES ('93', '3', '40', '2018-05-22 11:37:48', '2018-05-22 11:37:48');
+INSERT INTO `sys_role_resources` VALUES ('94', '3', '46', '2018-05-22 11:37:48', '2018-05-22 11:37:48');
+INSERT INTO `sys_role_resources` VALUES ('95', '3', '48', '2018-05-22 11:37:48', '2018-05-22 11:37:48');
+INSERT INTO `sys_role_resources` VALUES ('96', '3', '49', '2018-05-22 11:37:48', '2018-05-22 11:37:48');
 
 -- ----------------------------
 -- Table structure for sys_template
@@ -469,8 +580,9 @@ CREATE TABLE `sys_user` (
 -- ----------------------------
 -- Records of sys_user
 -- ----------------------------
-INSERT INTO `sys_user` VALUES ('1', 'root', 'CGUx1FN++xS+4wNDFeN6DA==', '超级管理员', '15151551516', '843977358@qq.com', '843977358', null, null, 'https://static.zhyd.me/static/img/favicon.ico', 'ROOT', null, null, null, 'ZHYD', null, null, '0', '0', null, null, '2018-04-10 15:26:23', '159', null, '1', '2018-01-02 09:32:15', '2018-04-10 15:26:23');
-INSERT INTO `sys_user` VALUES ('2', 'admin', 'gXp2EbyZ+sB/A6QUMhiUJQ==', '管理员', '15151551516', '843977358@qq.com', '843977358', null, null, null, 'ADMIN', null, null, null, 'ZHYD', '1', '1', '0', '0', '0:0:0:0:0:0:0:1', null, null, '0', null, '1', '2018-01-02 15:56:34', '2018-01-05 18:18:05');
+INSERT INTO `sys_user` VALUES ('1', 'root', 'CGUx1FN++xS+4wNDFeN6DA==', '超级管理员', '15151551516', '843977358@qq.com', '843977358', null, null, 'https://static.zhyd.me/static/img/favicon.ico', 'ROOT', null, null, null, 'ZHYD', null, null, '0', '0', null, '0:0:0:0:0:0:0:1', '2018-05-22 11:14:19', '177', null, '1', '2018-01-02 09:32:15', '2018-05-22 11:14:19');
+INSERT INTO `sys_user` VALUES ('2', 'admin', 'gXp2EbyZ+sB/A6QUMhiUJQ==', '管理员', '15151551516', '843977358@qq.com', '843977358', null, null, null, 'ADMIN', null, null, null, 'ZHYD', '1', '1', '0', '0', '0:0:0:0:0:0:0:1', '0:0:0:0:0:0:0:1', '2018-05-22 10:54:18', '2', null, '1', '2018-01-02 15:56:34', '2018-05-22 10:54:18');
+INSERT INTO `sys_user` VALUES ('3', 'comment-admin', 'x9qCx3yP05yWfIE5wXbCsg==', '评论审核管理员', '', '', '', null, null, null, 'ADMIN', null, null, null, 'ZHYD', '1', '1', '0', '0', '0:0:0:0:0:0:0:1', '0:0:0:0:0:0:0:1', '2018-05-22 11:43:45', '1', null, '1', '2018-05-22 11:43:22', '2018-05-22 11:43:45');
 
 -- ----------------------------
 -- Table structure for sys_user_role
@@ -490,3 +602,4 @@ CREATE TABLE `sys_user_role` (
 -- ----------------------------
 INSERT INTO `sys_user_role` VALUES ('1', '1', '1', '2018-01-02 10:47:27', '2018-01-02 10:47:27');
 INSERT INTO `sys_user_role` VALUES ('2', '2', '2', '2018-01-05 18:21:02', '2018-01-05 18:21:02');
+INSERT INTO `sys_user_role` VALUES ('3', '3', '3', '2018-05-22 11:43:31', '2018-05-22 11:43:31');
diff --git a/docs/db/update.sql b/docs/db/update.sql
index dbba54ccf60ba0744205a4c43d91e1624a2b766e..c16d9c7801158bd0df526126ad09ff5a0b726766 100644
--- a/docs/db/update.sql
+++ b/docs/db/update.sql
@@ -1,3 +1,11 @@
+###################################  readme  ###################################
+#
+#  该文件中的sql已同步更新到了dblog.sql中，本文件存在的目的主要是记录数据库修改的内容
+#  在每次更新时，凡是涉及到修改数据库的，如果是第一次使用该系统，则只需要导入dblog.sql即可
+#  如果你已经在使用dblog了，则只需要复制本文件中的相关sql去执行即可，避免了直接执行dblog可能会覆盖本地修改内容的问题
+#
+###################################  readme  ###################################
+
 ALTER TABLE `sys_role`
 ADD COLUMN `name`  varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL COMMENT '角色名' AFTER `id`;