From 4df404b277470050e119a767dbd05b2406946cc5 Mon Sep 17 00:00:00 2001
From: 79493 <794930212@qq.com>
Date: Fri, 30 Sep 2022 09:41:48 +0800
Subject: [PATCH] =?UTF-8?q?Xuwanxin=20=E4=BC=81=E4=B8=9A=E7=AB=AF=E7=99=BB?=
 =?UTF-8?q?=E9=99=86=20=E4=BC=81=E4=B8=9A=E7=BB=84=E7=BB=87=E6=A0=91=20spr?=
 =?UTF-8?q?ing=20security=20=E9=9B=86=E6=88=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/rzyc/mapper/ent/EntPostMapper.java    |  29 +++
 .../com/rzyc/mapper/ent/EntUserMapper.java    |  32 +++
 .../com/rzyc/mapper/ent/SysEntLogsMapper.java |  21 ++
 .../main/java/com/rzyc/model/ent/EntPost.java | 201 +++++++++++++++++
 .../main/java/com/rzyc/model/ent/EntUser.java | 213 ++++++++++++++++++
 .../java/com/rzyc/model/ent/SysEntLogs.java   | 138 ++++++++++++
 .../rzyc/model/log/SysEntLogsWithBLOBs.java   |  84 +++++++
 .../resources/mapper/ent/EntPostMapper.xml    |  36 +++
 .../resources/mapper/ent/EntUserMapper.xml    |  35 +++
 .../resources/mapper/ent/SysEntLogsMapper.xml |  35 +++
 inventory-ent/pom.xml                         |  28 +++
 .../com/rzyc/InventoryEntApplication.java     |   1 +
 .../java/com/rzyc/advice/ExceptionAdvice.java |  18 ++
 .../java/com/rzyc/advice/LoginAspect.java     |  14 ++
 .../java/com/rzyc/advice/log/LogAspect.java   |  42 ++--
 .../java/com/rzyc/config/EntUserDetails.java  |  33 +++
 .../java/com/rzyc/config/SecurityConfig.java  | 102 +++++++++
 .../rzyc/config/UserDetailsServiceImpl.java   |  59 +++++
 .../com/rzyc/controller/BaseController.java   |   8 +
 .../rzyc/controller/PcCompanyController.java  |  24 +-
 .../rzyc/controller/PersonalController.java   |  77 ++++++-
 .../filter/JwtAuthenticationTokenFiler.java   |  73 ++++++
 .../com/rzyc/service/PcBusinessService.java   |  77 +++++++
 .../com/rzyc/service/UserLoginService.java    |  61 +++++
 inventory-gov/pom.xml                         |   1 -
 .../java/com/common/utils/model/Code.java     |   8 +-
 .../java/com/common/utils/model/Message.java  |   4 +
 27 files changed, 1424 insertions(+), 30 deletions(-)
 create mode 100644 inventory-dao/src/main/java/com/rzyc/mapper/ent/EntPostMapper.java
 create mode 100644 inventory-dao/src/main/java/com/rzyc/mapper/ent/EntUserMapper.java
 create mode 100644 inventory-dao/src/main/java/com/rzyc/mapper/ent/SysEntLogsMapper.java
 create mode 100644 inventory-dao/src/main/java/com/rzyc/model/ent/EntPost.java
 create mode 100644 inventory-dao/src/main/java/com/rzyc/model/ent/EntUser.java
 create mode 100644 inventory-dao/src/main/java/com/rzyc/model/ent/SysEntLogs.java
 create mode 100644 inventory-dao/src/main/java/com/rzyc/model/log/SysEntLogsWithBLOBs.java
 create mode 100644 inventory-dao/src/main/resources/mapper/ent/EntPostMapper.xml
 create mode 100644 inventory-dao/src/main/resources/mapper/ent/EntUserMapper.xml
 create mode 100644 inventory-dao/src/main/resources/mapper/ent/SysEntLogsMapper.xml
 create mode 100644 inventory-ent/src/main/java/com/rzyc/config/EntUserDetails.java
 create mode 100644 inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java
 create mode 100644 inventory-ent/src/main/java/com/rzyc/config/UserDetailsServiceImpl.java
 create mode 100644 inventory-ent/src/main/java/com/rzyc/filter/JwtAuthenticationTokenFiler.java
 create mode 100644 inventory-ent/src/main/java/com/rzyc/service/PcBusinessService.java
 create mode 100644 inventory-ent/src/main/java/com/rzyc/service/UserLoginService.java

diff --git a/inventory-dao/src/main/java/com/rzyc/mapper/ent/EntPostMapper.java b/inventory-dao/src/main/java/com/rzyc/mapper/ent/EntPostMapper.java
new file mode 100644
index 0000000..d9b6182
--- /dev/null
+++ b/inventory-dao/src/main/java/com/rzyc/mapper/ent/EntPostMapper.java
@@ -0,0 +1,29 @@
+package com.rzyc.mapper.ent;
+
+import com.rzyc.model.ent.EntPost;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Param;
+import org.springframework.stereotype.Repository;
+
+import java.util.List;
+
+/**
+ * <p>
+ * 企业岗位 Mapper 接口
+ * </p>
+ *
+ * @author 
+ * @since 2022-09-29
+ */
+@Repository
+public interface EntPostMapper extends BaseMapper<EntPost> {
+
+    /**
+     * 查询企业结构树，如果传入entUserId就是查当前以下的
+     * @param enterpriseId 企业id
+     * @param postId 岗位id
+     * @return EntUser 企业用户实体
+     * */
+    List<EntPost> selectEntUserTree(@Param("enterpriseId") String enterpriseId, @Param("postId") String postId);
+
+}
diff --git a/inventory-dao/src/main/java/com/rzyc/mapper/ent/EntUserMapper.java b/inventory-dao/src/main/java/com/rzyc/mapper/ent/EntUserMapper.java
new file mode 100644
index 0000000..92e3d09
--- /dev/null
+++ b/inventory-dao/src/main/java/com/rzyc/mapper/ent/EntUserMapper.java
@@ -0,0 +1,32 @@
+package com.rzyc.mapper.ent;
+
+import com.rzyc.model.ent.EntPost;
+import com.rzyc.model.ent.EntUser;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Param;
+import org.springframework.stereotype.Repository;
+
+import java.util.List;
+
+/**
+ * <p>
+ * 企业用户 Mapper 接口
+ * </p>
+ *
+ * @author 
+ * @since 2022-09-28
+ */
+@Repository
+public interface EntUserMapper extends BaseMapper<EntUser> {
+
+    /**
+     * 查询企业用户by名字
+     * @param name 用户名
+     * @return EntUser 企业用户实体
+     * */
+    EntUser selectByName(@Param("name") String name);
+
+
+
+
+}
diff --git a/inventory-dao/src/main/java/com/rzyc/mapper/ent/SysEntLogsMapper.java b/inventory-dao/src/main/java/com/rzyc/mapper/ent/SysEntLogsMapper.java
new file mode 100644
index 0000000..6113f96
--- /dev/null
+++ b/inventory-dao/src/main/java/com/rzyc/mapper/ent/SysEntLogsMapper.java
@@ -0,0 +1,21 @@
+package com.rzyc.mapper.ent;
+
+import com.rzyc.model.ent.SysEntLogs;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.rzyc.model.log.SysEntLogsWithBLOBs;
+import org.springframework.stereotype.Repository;
+
+/**
+ * <p>
+ *  Mapper 接口
+ * </p>
+ *
+ * @author 
+ * @since 2022-09-28
+ */
+@Repository
+public interface SysEntLogsMapper extends BaseMapper<SysEntLogs> {
+
+    int insert(SysEntLogsWithBLOBs record);
+
+}
diff --git a/inventory-dao/src/main/java/com/rzyc/model/ent/EntPost.java b/inventory-dao/src/main/java/com/rzyc/model/ent/EntPost.java
new file mode 100644
index 0000000..d8643e9
--- /dev/null
+++ b/inventory-dao/src/main/java/com/rzyc/model/ent/EntPost.java
@@ -0,0 +1,201 @@
+package com.rzyc.model.ent;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import java.util.Date;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableField;
+import java.io.Serializable;
+import java.util.List;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+/**
+ * <p>
+ * 企业岗位
+ * </p>
+ *
+ * @author 
+ * @since 2022-09-29
+ */
+@TableName("ent_post")
+@ApiModel(value="EntPost对象", description="企业岗位")
+public class EntPost implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    @ApiModelProperty(value = "企业岗位id")
+    @TableId("post_id")
+    private String postId;
+
+    @ApiModelProperty(value = "企业id")
+    @TableField("enterprise_id")
+    private String enterpriseId;
+
+    @ApiModelProperty(value = "岗位名")
+    @TableField("name")
+    private String name;
+
+    @ApiModelProperty(value = "父级岗位")
+    @TableField("parent_id")
+    private String parentId;
+
+    @ApiModelProperty(value = "岗位路径")
+    @TableField("post_path")
+    private String postPath;
+
+    @ApiModelProperty(value = "父级岗位名")
+    @TableField("parent_name")
+    private String parentName;
+
+    @ApiModelProperty(value = "岗位层级")
+    @TableField("post_level")
+    private Integer postLevel;
+
+    @ApiModelProperty(value = "履职清单进度")
+    @TableField("completion_rate")
+    private Double completionRate;
+
+    @ApiModelProperty(value = "创建时间")
+    @TableField("create_time")
+    private Date createTime;
+
+    @ApiModelProperty(value = "创建人")
+    @TableField("create_by")
+    private String createBy;
+
+    @ApiModelProperty(value = "修改时间")
+    @TableField("modify_time")
+    private Date modifyTime;
+
+    @ApiModelProperty(value = "修改人")
+    @TableField("modify_by")
+    private String modifyBy;
+
+    @ApiModelProperty(value = "下属人员数量")
+    @TableField(exist = false)
+    private Integer Subordinates;
+
+    @ApiModelProperty(value = "子结点")
+    @TableField(exist = false)
+    private List<EntPost>children;
+
+    public List<EntPost> getChildren() {
+        return children;
+    }
+
+    public void setChildren(List<EntPost> children) {
+        this.children = children;
+    }
+
+    public Integer getSubordinates() {
+        return Subordinates;
+    }
+
+    public void setSubordinates(Integer subordinates) {
+        Subordinates = subordinates;
+    }
+
+    public String getPostId() {
+        return postId;
+    }
+
+    public void setPostId(String postId) {
+        this.postId = postId;
+    }
+    public String getEnterpriseId() {
+        return enterpriseId;
+    }
+
+    public void setEnterpriseId(String enterpriseId) {
+        this.enterpriseId = enterpriseId;
+    }
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+    public String getParentId() {
+        return parentId;
+    }
+
+    public void setParentId(String parentId) {
+        this.parentId = parentId;
+    }
+    public String getPostPath() {
+        return postPath;
+    }
+
+    public void setPostPath(String postPath) {
+        this.postPath = postPath;
+    }
+    public String getParentName() {
+        return parentName;
+    }
+
+    public void setParentName(String parentName) {
+        this.parentName = parentName;
+    }
+    public Integer getPostLevel() {
+        return postLevel;
+    }
+
+    public void setPostLevel(Integer postLevel) {
+        this.postLevel = postLevel;
+    }
+    public Double getCompletionRate() {
+        return completionRate;
+    }
+
+    public void setCompletionRate(Double completionRate) {
+        this.completionRate = completionRate;
+    }
+    public Date getCreateTime() {
+        return createTime;
+    }
+
+    public void setCreateTime(Date createTime) {
+        this.createTime = createTime;
+    }
+    public String getCreateBy() {
+        return createBy;
+    }
+
+    public void setCreateBy(String createBy) {
+        this.createBy = createBy;
+    }
+    public Date getModifyTime() {
+        return modifyTime;
+    }
+
+    public void setModifyTime(Date modifyTime) {
+        this.modifyTime = modifyTime;
+    }
+    public String getModifyBy() {
+        return modifyBy;
+    }
+
+    public void setModifyBy(String modifyBy) {
+        this.modifyBy = modifyBy;
+    }
+
+    @Override
+    public String toString() {
+        return "EntPost{" +
+            "postId=" + postId +
+            ", enterpriseId=" + enterpriseId +
+            ", name=" + name +
+            ", parentId=" + parentId +
+            ", postPath=" + postPath +
+            ", parentName=" + parentName +
+            ", postLevel=" + postLevel +
+            ", completionRate=" + completionRate +
+            ", createTime=" + createTime +
+            ", createBy=" + createBy +
+            ", modifyTime=" + modifyTime +
+            ", modifyBy=" + modifyBy +
+        "}";
+    }
+}
diff --git a/inventory-dao/src/main/java/com/rzyc/model/ent/EntUser.java b/inventory-dao/src/main/java/com/rzyc/model/ent/EntUser.java
new file mode 100644
index 0000000..696f913
--- /dev/null
+++ b/inventory-dao/src/main/java/com/rzyc/model/ent/EntUser.java
@@ -0,0 +1,213 @@
+package com.rzyc.model.ent;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import java.util.Date;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableField;
+import java.io.Serializable;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+/**
+ * <p>
+ * 企业用户
+ * </p>
+ *
+ * @author 
+ * @since 2022-09-28
+ */
+@TableName("ent_user")
+@ApiModel(value="EntUser对象", description="企业用户")
+public class EntUser implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    @ApiModelProperty(value = "企业用户id")
+    @TableId("ent_user_id")
+    private String entUserId;
+
+    @ApiModelProperty(value = "岗位id")
+    @TableField("post_id")
+    private String postId;
+
+    @ApiModelProperty(value = "企业id")
+    @TableField("enterprise_id")
+    private String enterpriseId;
+
+    @ApiModelProperty(value = "姓名")
+    @TableField("name")
+    private String name;
+
+    @ApiModelProperty(value = "电话")
+    @TableField("mobile")
+    private String mobile;
+
+    @ApiModelProperty(value = "人员类型")
+    @TableField("user_type")
+    private Integer userType;
+
+    @ApiModelProperty(value = "年龄")
+    @TableField("age")
+    private Integer age;
+
+    @ApiModelProperty(value = "从业时间")
+    @TableField("work_time")
+    private Date workTime;
+
+    @ApiModelProperty(value = "登录密码")
+    @TableField("passwd")
+    private String passwd;
+
+    @ApiModelProperty(value = "岗位路径")
+    @TableField("post_path")
+    private String postPath;
+
+    @ApiModelProperty(value = "岗位名")
+    @TableField("post_path_name")
+    private String postPathName;
+
+    @ApiModelProperty(value = "创建时间")
+    @TableField("create_time")
+    private Date createTime;
+
+    @ApiModelProperty(value = "创建人")
+    @TableField("create_by")
+    private String createBy;
+
+    @ApiModelProperty(value = "修改时间")
+    @TableField("modify_time")
+    private Date modifyTime;
+
+    @ApiModelProperty(value = "修改人")
+    @TableField("modify_by")
+    private String modifyBy;
+
+
+
+    public String getEntUserId() {
+        return entUserId;
+    }
+
+    public void setEntUserId(String entUserId) {
+        this.entUserId = entUserId;
+    }
+    public String getPostId() {
+        return postId;
+    }
+
+    public void setPostId(String postId) {
+        this.postId = postId;
+    }
+    public String getEnterpriseId() {
+        return enterpriseId;
+    }
+
+    public void setEnterpriseId(String enterpriseId) {
+        this.enterpriseId = enterpriseId;
+    }
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+    public String getMobile() {
+        return mobile;
+    }
+
+    public void setMobile(String mobile) {
+        this.mobile = mobile;
+    }
+    public Integer getUserType() {
+        return userType;
+    }
+
+    public void setUserType(Integer userType) {
+        this.userType = userType;
+    }
+    public Integer getAge() {
+        return age;
+    }
+
+    public void setAge(Integer age) {
+        this.age = age;
+    }
+    public Date getWorkTime() {
+        return workTime;
+    }
+
+    public void setWorkTime(Date workTime) {
+        this.workTime = workTime;
+    }
+    public String getPasswd() {
+        return passwd;
+    }
+
+    public void setPasswd(String passwd) {
+        this.passwd = passwd;
+    }
+    public String getPostPath() {
+        return postPath;
+    }
+
+    public void setPostPath(String postPath) {
+        this.postPath = postPath;
+    }
+    public String getPostPathName() {
+        return postPathName;
+    }
+
+    public void setPostPathName(String postPathName) {
+        this.postPathName = postPathName;
+    }
+    public Date getCreateTime() {
+        return createTime;
+    }
+
+    public void setCreateTime(Date createTime) {
+        this.createTime = createTime;
+    }
+    public String getCreateBy() {
+        return createBy;
+    }
+
+    public void setCreateBy(String createBy) {
+        this.createBy = createBy;
+    }
+    public Date getModifyTime() {
+        return modifyTime;
+    }
+
+    public void setModifyTime(Date modifyTime) {
+        this.modifyTime = modifyTime;
+    }
+    public String getModifyBy() {
+        return modifyBy;
+    }
+
+    public void setModifyBy(String modifyBy) {
+        this.modifyBy = modifyBy;
+    }
+
+    @Override
+    public String toString() {
+        return "EntUser{" +
+            "entUserId=" + entUserId +
+            ", postId=" + postId +
+            ", enterpriseId=" + enterpriseId +
+            ", name=" + name +
+            ", mobile=" + mobile +
+            ", userType=" + userType +
+            ", age=" + age +
+            ", workTime=" + workTime +
+            ", passwd=" + passwd +
+            ", postPath=" + postPath +
+            ", postPathName=" + postPathName +
+            ", createTime=" + createTime +
+            ", createBy=" + createBy +
+            ", modifyTime=" + modifyTime +
+            ", modifyBy=" + modifyBy +
+        "}";
+    }
+}
diff --git a/inventory-dao/src/main/java/com/rzyc/model/ent/SysEntLogs.java b/inventory-dao/src/main/java/com/rzyc/model/ent/SysEntLogs.java
new file mode 100644
index 0000000..35c07a0
--- /dev/null
+++ b/inventory-dao/src/main/java/com/rzyc/model/ent/SysEntLogs.java
@@ -0,0 +1,138 @@
+package com.rzyc.model.ent;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import java.util.Date;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableField;
+import java.io.Serializable;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+/**
+ * <p>
+ * 
+ * </p>
+ *
+ * @author 
+ * @since 2022-09-28
+ */
+@TableName("sys_ent_logs")
+@ApiModel(value="SysEntLogs对象", description="")
+public class SysEntLogs implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    @ApiModelProperty(value = "日志id")
+    @TableId("log_id")
+    private String logId;
+
+    @ApiModelProperty(value = "用户id")
+    @TableField("user_id")
+    private String userId;
+
+    @ApiModelProperty(value = "用户名")
+    @TableField("nickname")
+    private String nickname;
+
+    @ApiModelProperty(value = "请求地址")
+    @TableField("url")
+    private String url;
+
+    @ApiModelProperty(value = "ip地址")
+    @TableField("ip_address")
+    private String ipAddress;
+
+    @ApiModelProperty(value = "参数")
+    @TableField("params")
+    private String params;
+
+    @ApiModelProperty(value = "返回值")
+    @TableField("response_str")
+    private String responseStr;
+
+    @TableField("create_time")
+    private Date createTime;
+
+    @ApiModelProperty(value = " 1.应急业务分析引擎  2.应急任务调度引擎 3.应急多媒体引擎 4.应急网格化管理api调用 5.应急网格考核api调用 6.管理对象特征标签api调用 13.其他")
+    @TableField("type")
+    private Integer type;
+
+    public String getLogId() {
+        return logId;
+    }
+
+    public void setLogId(String logId) {
+        this.logId = logId;
+    }
+    public String getUserId() {
+        return userId;
+    }
+
+    public void setUserId(String userId) {
+        this.userId = userId;
+    }
+    public String getNickname() {
+        return nickname;
+    }
+
+    public void setNickname(String nickname) {
+        this.nickname = nickname;
+    }
+    public String getUrl() {
+        return url;
+    }
+
+    public void setUrl(String url) {
+        this.url = url;
+    }
+    public String getIpAddress() {
+        return ipAddress;
+    }
+
+    public void setIpAddress(String ipAddress) {
+        this.ipAddress = ipAddress;
+    }
+    public String getParams() {
+        return params;
+    }
+
+    public void setParams(String params) {
+        this.params = params;
+    }
+    public String getResponseStr() {
+        return responseStr;
+    }
+
+    public void setResponseStr(String responseStr) {
+        this.responseStr = responseStr;
+    }
+    public Date getCreateTime() {
+        return createTime;
+    }
+
+    public void setCreateTime(Date createTime) {
+        this.createTime = createTime;
+    }
+    public Integer getType() {
+        return type;
+    }
+
+    public void setType(Integer type) {
+        this.type = type;
+    }
+
+    @Override
+    public String toString() {
+        return "SysEntLogs{" +
+            "logId=" + logId +
+            ", userId=" + userId +
+            ", nickname=" + nickname +
+            ", url=" + url +
+            ", ipAddress=" + ipAddress +
+            ", params=" + params +
+            ", responseStr=" + responseStr +
+            ", createTime=" + createTime +
+            ", type=" + type +
+        "}";
+    }
+}
diff --git a/inventory-dao/src/main/java/com/rzyc/model/log/SysEntLogsWithBLOBs.java b/inventory-dao/src/main/java/com/rzyc/model/log/SysEntLogsWithBLOBs.java
new file mode 100644
index 0000000..bf73382
--- /dev/null
+++ b/inventory-dao/src/main/java/com/rzyc/model/log/SysEntLogsWithBLOBs.java
@@ -0,0 +1,84 @@
+package com.rzyc.model.log;
+
+import java.io.Serializable;
+
+/**
+ * @author
+ */
+public class SysEntLogsWithBLOBs extends SysLogs implements Serializable {
+    /**
+     * 参数
+     */
+    private String params;
+
+    /**
+     * 返回值
+     */
+    private String responseStr;
+
+    private static final long serialVersionUID = 1L;
+
+    public String getParams() {
+        return params;
+    }
+
+    public void setParams(String params) {
+        this.params = params;
+    }
+
+    public String getResponseStr() {
+        return responseStr;
+    }
+
+    public void setResponseStr(String responseStr) {
+        this.responseStr = responseStr;
+    }
+
+    @Override
+    public boolean equals(Object that) {
+        if (this == that) {
+            return true;
+        }
+        if (that == null) {
+            return false;
+        }
+        if (getClass() != that.getClass()) {
+            return false;
+        }
+        SysEntLogsWithBLOBs other = (SysEntLogsWithBLOBs) that;
+        return (this.getLogId() == null ? other.getLogId() == null : this.getLogId().equals(other.getLogId()))
+            && (this.getUserId() == null ? other.getUserId() == null : this.getUserId().equals(other.getUserId()))
+            && (this.getUrl() == null ? other.getUrl() == null : this.getUrl().equals(other.getUrl()))
+            && (this.getIpAddress() == null ? other.getIpAddress() == null : this.getIpAddress().equals(other.getIpAddress()))
+            && (this.getCreateTime() == null ? other.getCreateTime() == null : this.getCreateTime().equals(other.getCreateTime()))
+            && (this.getParams() == null ? other.getParams() == null : this.getParams().equals(other.getParams()))
+            && (this.getResponseStr() == null ? other.getResponseStr() == null : this.getResponseStr().equals(other.getResponseStr()));
+    }
+
+    @Override
+    public int hashCode() {
+        final int prime = 31;
+        int result = 1;
+        result = prime * result + ((getLogId() == null) ? 0 : getLogId().hashCode());
+        result = prime * result + ((getUserId() == null) ? 0 : getUserId().hashCode());
+        result = prime * result + ((getUrl() == null) ? 0 : getUrl().hashCode());
+        result = prime * result + ((getIpAddress() == null) ? 0 : getIpAddress().hashCode());
+        result = prime * result + ((getCreateTime() == null) ? 0 : getCreateTime().hashCode());
+        result = prime * result + ((getParams() == null) ? 0 : getParams().hashCode());
+        result = prime * result + ((getResponseStr() == null) ? 0 : getResponseStr().hashCode());
+        return result;
+    }
+
+    @Override
+    public String toString() {
+        StringBuilder sb = new StringBuilder();
+        sb.append(getClass().getSimpleName());
+        sb.append(" [");
+        sb.append("Hash = ").append(hashCode());
+        sb.append(", params=").append(params);
+        sb.append(", responseStr=").append(responseStr);
+        sb.append(", serialVersionUID=").append(serialVersionUID);
+        sb.append("]");
+        return sb.toString();
+    }
+}
diff --git a/inventory-dao/src/main/resources/mapper/ent/EntPostMapper.xml b/inventory-dao/src/main/resources/mapper/ent/EntPostMapper.xml
new file mode 100644
index 0000000..7b629f3
--- /dev/null
+++ b/inventory-dao/src/main/resources/mapper/ent/EntPostMapper.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.rzyc.mapper.ent.EntPostMapper">
+
+    <!-- 通用查询映射结果 -->
+    <resultMap id="BaseResultMap" type="com.rzyc.model.ent.EntPost">
+        <id column="post_id" property="postId" />
+        <result column="enterprise_id" property="enterpriseId" />
+        <result column="name" property="name" />
+        <result column="parent_id" property="parentId" />
+        <result column="post_path" property="postPath" />
+        <result column="parent_name" property="parentName" />
+        <result column="post_level" property="postLevel" />
+        <result column="completion_rate" property="completionRate" />
+        <result column="create_time" property="createTime" />
+        <result column="create_by" property="createBy" />
+        <result column="modify_time" property="modifyTime" />
+        <result column="modify_by" property="modifyBy" />
+        <result column="subordinates" property="subordinates"/>
+    </resultMap>
+
+    <!-- 通用查询结果列 -->
+    <sql id="Base_Column_List">
+        post_id, enterprise_id, name, parent_id, post_path, parent_name, post_level, completion_rate, create_time, create_by, modify_time, modify_by
+    </sql>
+
+    <select id="selectEntUserTree" resultMap="BaseResultMap">
+        select * from ent_post
+        where enterprise_id = #{enterpriseId}
+        <if test="null != postId and '' != postId">
+            and post_path like concat('%',#{postId},'%')
+        </if>
+        order by post_level asc
+    </select>
+
+</mapper>
diff --git a/inventory-dao/src/main/resources/mapper/ent/EntUserMapper.xml b/inventory-dao/src/main/resources/mapper/ent/EntUserMapper.xml
new file mode 100644
index 0000000..729d5a7
--- /dev/null
+++ b/inventory-dao/src/main/resources/mapper/ent/EntUserMapper.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.rzyc.mapper.ent.EntUserMapper">
+
+    <!-- 通用查询映射结果 -->
+    <resultMap id="BaseResultMap" type="com.rzyc.model.ent.EntUser">
+        <id column="ent_user_id" property="entUserId" />
+        <result column="post_id" property="postId" />
+        <result column="enterprise_id" property="enterpriseId" />
+        <result column="name" property="name" />
+        <result column="mobile" property="mobile" />
+        <result column="user_type" property="userType" />
+        <result column="age" property="age" />
+        <result column="work_time" property="workTime" />
+        <result column="passwd" property="passwd" />
+        <result column="post_path" property="postPath" />
+        <result column="post_path_name" property="postPathName" />
+        <result column="create_time" property="createTime" />
+        <result column="create_by" property="createBy" />
+        <result column="modify_time" property="modifyTime" />
+        <result column="modify_by" property="modifyBy" />
+    </resultMap>
+
+    <!-- 通用查询结果列 -->
+    <sql id="Base_Column_List">
+        ent_user_id, post_id, enterprise_id, name, mobile, user_type, age, work_time, passwd, post_path, post_path_name, create_time, create_by, modify_time, modify_by
+    </sql>
+
+    <select id="selectByName" resultMap="BaseResultMap">
+        select * from ent_user where name = #{name}
+    </select>
+    
+
+
+</mapper>
diff --git a/inventory-dao/src/main/resources/mapper/ent/SysEntLogsMapper.xml b/inventory-dao/src/main/resources/mapper/ent/SysEntLogsMapper.xml
new file mode 100644
index 0000000..4ffa327
--- /dev/null
+++ b/inventory-dao/src/main/resources/mapper/ent/SysEntLogsMapper.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.rzyc.mapper.ent.SysEntLogsMapper">
+
+    <!-- 通用查询映射结果 -->
+    <resultMap id="BaseResultMap" type="com.rzyc.model.ent.SysEntLogs">
+        <id column="log_id" property="logId" />
+        <result column="user_id" property="userId" />
+        <result column="nickname" property="nickname" />
+        <result column="url" property="url" />
+        <result column="ip_address" property="ipAddress" />
+        <result column="params" property="params" />
+        <result column="response_str" property="responseStr" />
+        <result column="create_time" property="createTime" />
+        <result column="type" property="type" />
+    </resultMap>
+
+    <!-- 通用查询结果列 -->
+    <sql id="Base_Column_List">
+        log_id, user_id, nickname, url, ip_address, params, response_str, create_time, type
+    </sql>
+
+    <insert id="insert" parameterType="com.rzyc.model.log.SysEntLogsWithBLOBs">
+        insert into sys_ent_logs (log_id, user_id, nickname,url,
+                              ip_address, create_time, params,
+                              response_str)
+        values (#{logId,jdbcType=VARCHAR},
+                #{userId,jdbcType=VARCHAR},
+                #{nickname,jdbcType=VARCHAR},
+                #{url,jdbcType=VARCHAR},
+                #{ipAddress,jdbcType=VARCHAR}, #{createTime,jdbcType=TIMESTAMP}, #{params,jdbcType=LONGVARCHAR},
+                #{responseStr,jdbcType=LONGVARCHAR})
+    </insert>
+
+</mapper>
diff --git a/inventory-ent/pom.xml b/inventory-ent/pom.xml
index 91eb5f5..fd0e537 100644
--- a/inventory-ent/pom.xml
+++ b/inventory-ent/pom.xml
@@ -187,7 +187,35 @@
         </dependency>
         <!-- 配置文件密码加密 end -->
 
+        <!-- spring security start -->
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+            <version>5.2.2.RELEASE</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+            <version>5.2.2.RELEASE</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-web</artifactId>
+            <version>5.7.3</version>
+        </dependency>
+        <!-- spring security end -->
 
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt</artifactId>
+            <version>0.9.1</version>
+        </dependency>
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+            <version>RELEASE</version>
+            <scope>compile</scope>
+        </dependency>
 
     </dependencies>
 
diff --git a/inventory-ent/src/main/java/com/rzyc/InventoryEntApplication.java b/inventory-ent/src/main/java/com/rzyc/InventoryEntApplication.java
index e524638..49be5a4 100644
--- a/inventory-ent/src/main/java/com/rzyc/InventoryEntApplication.java
+++ b/inventory-ent/src/main/java/com/rzyc/InventoryEntApplication.java
@@ -7,6 +7,7 @@ import org.springframework.boot.autoconfigure.data.mongo.MongoDataAutoConfigurat
 import org.springframework.boot.autoconfigure.mongo.MongoAutoConfiguration;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.EnableAspectJAutoProxy;
+
 /**
  * 企业端
  * @version v1.0
diff --git a/inventory-ent/src/main/java/com/rzyc/advice/ExceptionAdvice.java b/inventory-ent/src/main/java/com/rzyc/advice/ExceptionAdvice.java
index ba39d2a..ed269c3 100644
--- a/inventory-ent/src/main/java/com/rzyc/advice/ExceptionAdvice.java
+++ b/inventory-ent/src/main/java/com/rzyc/advice/ExceptionAdvice.java
@@ -7,6 +7,7 @@ import org.apache.tomcat.util.http.fileupload.impl.SizeLimitExceededException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpStatus;
+import org.springframework.security.access.AccessDeniedException;
 import org.springframework.validation.BindException;
 import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -162,4 +163,21 @@ public class ExceptionAdvice {
         result.setMessage(e.getMessage());
         return result;
     }
+
+
+    /**
+     * @author Xuwanxin
+     * 权限不足总捕获异常
+     * */
+    @ResponseBody
+    @ExceptionHandler(value = AccessDeniedException.class)
+    public SingleResult<String> handleAccessRE(AccessDeniedException e) {
+        e.printStackTrace();
+        logger.info("权限不足");
+        SingleResult<String> result = new SingleResult<>();
+        result.setCode(Code.AUTHORIZATION_FAILED.getCode());
+        result.setMessage(Message.AUTHORIZATION_FAILED);
+        return result;
+    }
+
 }
diff --git a/inventory-ent/src/main/java/com/rzyc/advice/LoginAspect.java b/inventory-ent/src/main/java/com/rzyc/advice/LoginAspect.java
index ee1d913..de375c9 100644
--- a/inventory-ent/src/main/java/com/rzyc/advice/LoginAspect.java
+++ b/inventory-ent/src/main/java/com/rzyc/advice/LoginAspect.java
@@ -9,11 +9,17 @@ import org.aspectj.lang.annotation.Pointcut;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.core.annotation.Order;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.servlet.http.HttpServletRequest;
+import java.util.ArrayList;
+import java.util.List;
 
 /**
  * 拦截器
@@ -55,6 +61,8 @@ public class LoginAspect {
         //token验证
 //        verificationToken(userToken);
 
+
+
         return proceedingJoinPoint.proceed();
     }
 
@@ -73,6 +81,12 @@ public class LoginAspect {
                 if (!JwtUtil.checkToken(userToken)) {
                     throw new TokenException("user token is expire");
                 }
+                List<GrantedAuthority> authoritys = new ArrayList<GrantedAuthority>();
+                //给通过登陆的进行role权限，也可以根据业务调整
+                authoritys.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
+                UsernamePasswordAuthenticationToken authenticationToken =
+                        new UsernamePasswordAuthenticationToken(null,authoritys);
+                SecurityContextHolder.getContext().setAuthentication(authenticationToken);
             }
         } else {
             throw new TokenException("user token is null");
diff --git a/inventory-ent/src/main/java/com/rzyc/advice/log/LogAspect.java b/inventory-ent/src/main/java/com/rzyc/advice/log/LogAspect.java
index 672599c..58251fa 100644
--- a/inventory-ent/src/main/java/com/rzyc/advice/log/LogAspect.java
+++ b/inventory-ent/src/main/java/com/rzyc/advice/log/LogAspect.java
@@ -5,10 +5,10 @@ import com.common.utils.RandomNumber;
 import com.common.utils.StringUtils;
 import com.common.utils.jwt.JwtUtil;
 import com.common.utils.model.Result;
-import com.rzyc.mapper.log.SysLogsMapper;
-import com.rzyc.mapper.user.SysUserMapper;
-import com.rzyc.model.user.SysUser;
-import com.rzyc.model.log.SysLogsWithBLOBs;
+import com.rzyc.mapper.ent.SysEntLogsMapper;
+import com.rzyc.mapper.ent.EntUserMapper;
+import com.rzyc.model.ent.EntUser;
+import com.rzyc.model.log.SysEntLogsWithBLOBs;
 import org.apache.commons.collections.map.HashedMap;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
@@ -28,6 +28,8 @@ import java.util.HashMap;
 import java.util.Map;
 
 /**
+ * @author Dong
+ * @date 2019
  * 日志记录
  */
 @Component
@@ -37,13 +39,17 @@ public class LogAspect {
 
     protected final static Logger logger = LoggerFactory.getLogger("Aspect ->  ");
 
-    //日志
-    @Autowired
-    protected SysLogsMapper sysLogsMapper;
+    /**企业端日志*/
+    protected SysEntLogsMapper sysEntLogsMapper;
+
+    /**用户*/
+    protected EntUserMapper entUserMapper;
 
-    /*用户*/
     @Autowired
-    protected SysUserMapper sysUserMapper;
+    public LogAspect(SysEntLogsMapper sysEntLogsMapper, EntUserMapper entUserMapper) {
+        this.sysEntLogsMapper = sysEntLogsMapper;
+        this.entUserMapper = entUserMapper;
+    }
 
     /**
      * 拦截位置
@@ -51,7 +57,7 @@ public class LogAspect {
     @Pointcut("execution(* com.rzyc.controller..*.*(..))")
     public void saveLog() {}
 
-    //用around得到方法使用的时间
+    /**用around的时见*/
     @Around(value = "saveLog()")
     public Object doAround(ProceedingJoinPoint joinPoint) throws Throwable {
 
@@ -107,7 +113,7 @@ public class LogAspect {
 
 
         /* 保存日志 start */
-        SysLogsWithBLOBs logs = new SysLogsWithBLOBs();
+        SysEntLogsWithBLOBs logs = new SysEntLogsWithBLOBs();
         logs.setLogId(RandomNumber.getUUid());
         logs.setCreateTime(new Date());
         logs.setUserId(userId);
@@ -127,9 +133,9 @@ public class LogAspect {
      */
     class saveLog implements Runnable{
 
-        private SysLogsWithBLOBs logs;
+        private SysEntLogsWithBLOBs logs;
 
-        public saveLog(SysLogsWithBLOBs logs) {
+        public saveLog(SysEntLogsWithBLOBs logs) {
             this.logs = logs;
         }
 
@@ -152,12 +158,12 @@ public class LogAspect {
          * @param logs
          * @throws Exception
          */
-        public void saveLogs(SysLogsWithBLOBs logs)throws Exception{
-            SysUser sysUser = sysUserMapper.findById(logs.getUserId());
-            if(null != sysUser){
-                logs.setNickname(sysUser.getChinaname());
+        public void saveLogs(SysEntLogsWithBLOBs logs)throws Exception{
+            EntUser entUser = entUserMapper.selectById(logs.getUserId());
+            if(null != entUser) {
+                logs.setNickname(entUser.getName());
             }
-            sysLogsMapper.insert(logs);
+            sysEntLogsMapper.insert(logs);
         }
 
     }
diff --git a/inventory-ent/src/main/java/com/rzyc/config/EntUserDetails.java b/inventory-ent/src/main/java/com/rzyc/config/EntUserDetails.java
new file mode 100644
index 0000000..c01bf41
--- /dev/null
+++ b/inventory-ent/src/main/java/com/rzyc/config/EntUserDetails.java
@@ -0,0 +1,33 @@
+package com.rzyc.config;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+
+import java.util.Collection;
+
+
+/**
+ * spring security UserDetails Custom Part
+ * @author Xuwanxin
+ * @date 2022/9/28
+ * */
+
+public class EntUserDetails extends User {
+
+
+    private String id;
+
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    public EntUserDetails(String username, String password, Collection<? extends GrantedAuthority> authorities,String id) {
+        super(username, password, authorities);
+        setId(id);
+    }
+
+}
diff --git a/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java b/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java
new file mode 100644
index 0000000..5c33187
--- /dev/null
+++ b/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java
@@ -0,0 +1,102 @@
+package com.rzyc.config;
+
+import com.rzyc.filter.JwtAuthenticationTokenFiler;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import org.springframework.security.authentication.AuthenticationManager;
+
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+
+import org.springframework.security.core.userdetails.UserDetailsService;
+
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+/**
+ * spring security config
+ * @author Xuwanxin
+ * @date 2022/9/26
+ * */
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)
+public class SecurityConfig  extends WebSecurityConfigurerAdapter {
+
+    /**
+     * 数据库用户连接
+     */
+    private UserDetailsService userService;
+
+    /**
+     * 数据库用户连接
+     */
+    private PasswordEncoder passwordEncoder;
+
+    /**
+     * token jwt 验证拦截器
+     * */
+    private JwtAuthenticationTokenFiler jwtAuthenticationTokenFiler;
+
+    @Autowired
+    public void setSecurityConfigFinder(UserDetailsService userService,PasswordEncoder passwordEncoder,JwtAuthenticationTokenFiler jwtAuthenticationTokenFiler) {
+        this.userService = userService;
+        this.passwordEncoder = passwordEncoder;
+        this.jwtAuthenticationTokenFiler = jwtAuthenticationTokenFiler;
+    }
+
+
+    @Bean
+    public PasswordEncoder getPasswordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    /**
+     * 暴露AuthenticationManager，存上下文
+     * */
+    @Bean
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception
+    {
+        return super.authenticationManagerBean();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .authorizeRequests()
+                // 对于登录接口 允许匿名访问
+                .antMatchers("/personal/login").anonymous()
+                //放行swagger
+                .antMatchers("/swagger-ui.html","/swagger-resources/**","/webjars/**","/v2/**","/api/**").permitAll()
+                // 除上面外的所有请求全部需要鉴权认证,配置退出路径
+                .anyRequest().authenticated()
+                .and()
+                .logout().logoutUrl( "/logout")
+                .and()
+                //关闭security默认登陆框
+                .formLogin().disable()
+                //关闭csrf
+                .csrf().disable()
+                //不通过Session获取SecurityContext
+                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and().addFilterBefore(jwtAuthenticationTokenFiler, UsernamePasswordAuthenticationFilter.class)
+                ;
+    }
+
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        // 配置数据库访问，认证步骤
+        auth.userDetailsService(userService).passwordEncoder(passwordEncoder);
+    }
+
+}
diff --git a/inventory-ent/src/main/java/com/rzyc/config/UserDetailsServiceImpl.java b/inventory-ent/src/main/java/com/rzyc/config/UserDetailsServiceImpl.java
new file mode 100644
index 0000000..e354cad
--- /dev/null
+++ b/inventory-ent/src/main/java/com/rzyc/config/UserDetailsServiceImpl.java
@@ -0,0 +1,59 @@
+package com.rzyc.config;
+
+import com.rzyc.mapper.ent.EntUserMapper;
+import com.rzyc.model.ent.EntUser;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Objects;
+
+/**
+ * spring security 用户认证过程
+ * @author Xuwanxin
+ * @author 2022/09/27
+ * */
+
+@Service("userService")
+public class UserDetailsServiceImpl implements UserDetailsService {
+
+    /**
+     * 内存过程密码加密
+     * */
+    private PasswordEncoder passwordEncoder;
+
+    /**
+     * 企业端用户
+     * */
+    private EntUserMapper entUserMapper;
+
+    @Autowired
+    public void UserDetailsServiceImplFinder(PasswordEncoder passwordEncoder,EntUserMapper entUserMapper) {
+        this.passwordEncoder = passwordEncoder;
+        this.entUserMapper = entUserMapper;
+    }
+
+
+
+
+    @Override
+    public UserDetails loadUserByUsername(String name) throws UsernameNotFoundException {
+        //判断数据库用户
+        EntUser entUser = entUserMapper.selectByName(name);
+        if (Objects.isNull(entUser)){
+            throw new UsernameNotFoundException("用户名或密码错误");
+        }
+            // 获取用户权限
+            List<GrantedAuthority> authority= new ArrayList<GrantedAuthority>();
+            //给通过登陆的进行role权限，也可以根据业务调整
+            authority.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
+            return new EntUserDetails(entUser.getName(), passwordEncoder.encode(entUser.getPasswd()), authority,entUser.getEntUserId());
+
+    }
+}
diff --git a/inventory-ent/src/main/java/com/rzyc/controller/BaseController.java b/inventory-ent/src/main/java/com/rzyc/controller/BaseController.java
index 0bdbee8..8623820 100644
--- a/inventory-ent/src/main/java/com/rzyc/controller/BaseController.java
+++ b/inventory-ent/src/main/java/com/rzyc/controller/BaseController.java
@@ -450,6 +450,14 @@ public class BaseController {
 
 
 
+    //企业下企业用户
+    @Autowired
+    protected EntUserMapper entUserMapper;
+
+    //企业岗位
+    @Autowired
+    protected EntPostMapper entPostMapper;
+
     /**
      * 新都文件地址处理
      * @param url
diff --git a/inventory-ent/src/main/java/com/rzyc/controller/PcCompanyController.java b/inventory-ent/src/main/java/com/rzyc/controller/PcCompanyController.java
index b30c14d..70a6ca4 100644
--- a/inventory-ent/src/main/java/com/rzyc/controller/PcCompanyController.java
+++ b/inventory-ent/src/main/java/com/rzyc/controller/PcCompanyController.java
@@ -31,9 +31,13 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
-import org.apache.commons.beanutils.BeanUtils;
+
+
 import org.apache.commons.beanutils.ConvertUtils;
 import org.apache.commons.beanutils.converters.DateConverter;
+
+import org.springframework.beans.BeanUtils;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.validation.annotation.Validated;
@@ -72,6 +76,7 @@ public class PcCompanyController extends BaseController{
     })
     @PostMapping("/companyDetail")
     @ResponseBody
+    @PreAuthorize("hasRole('ADMIN')")
     public SingleResult<String> companyDetail(String SysEnterpriseId)throws Exception {
         SingleResult singleResult = new SingleResult();
         List<SysEnterprise> sysEnterprises = sysEnterpriseMapper.companyDetail(SysEnterpriseId);
@@ -512,7 +517,7 @@ public class PcCompanyController extends BaseController{
          * 报错No value specified for Date
          * */
         ConvertUtils.register(new DateConverter(null), Date.class);
-        BeanUtils.copyProperties(sysEnterprise,sysEnterpriseDo);
+        BeanUtils.copyProperties(sysEnterpriseDo ,sysEnterprise);
         String token = servletRequest.getHeader("userToken");
         String userId = JwtUtil.getTokenMsg(token);
         if (StringUtils.isBlank(userId)){
@@ -652,7 +657,7 @@ public class PcCompanyController extends BaseController{
     public SingleResult<String> changeTalk(@Valid ChangeTalkDto changeTalkDto)throws Exception{
         SingleResult<String> result = new SingleResult<>();
         BookTalkWithBLOBs bookTalk = new BookTalkWithBLOBs();
-        BeanUtils.copyProperties(bookTalk,changeTalkDto);
+        BeanUtils.copyProperties(changeTalkDto,bookTalk);
 
         //操作人
         String chinaName = getChinaName();
@@ -712,7 +717,7 @@ public class PcCompanyController extends BaseController{
     public SingleResult<String> changeLaw(@Valid ChangeLawDto changeLawDto)throws Exception{
         SingleResult<String> result = new SingleResult<>();
         BookLawWithBLOBs bookLaw = new BookLawWithBLOBs();
-        BeanUtils.copyProperties(bookLaw,changeLawDto);
+        BeanUtils.copyProperties(changeLawDto,bookLaw);
 
         //操作人
         String chinaName = getChinaName();
@@ -766,7 +771,7 @@ public class PcCompanyController extends BaseController{
         String userId = getUserId();
 
         EntCertificates entCertificates = new EntCertificates();
-        BeanUtils.copyProperties(entCertificates,certificatesAddDto);
+        BeanUtils.copyProperties(certificatesAddDto,entCertificates);
         entCertificates.setModifyTime(new Date());
         entCertificates.setCreateBy(userId);
 
@@ -814,4 +819,13 @@ public class PcCompanyController extends BaseController{
         return singleResult;
     }
 
+
+
+    @PostMapping("/testSpringSecurity")
+    @ResponseBody
+    @PreAuthorize("hasRole('USER')")
+    public String testSpringSecurity(String SysEnterpriseId)throws Exception {
+        return "SysEnterpriseId";
+    }
+
 }
diff --git a/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java b/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java
index 944a628..cb8a6bf 100644
--- a/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java
+++ b/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java
@@ -1,23 +1,31 @@
 package com.rzyc.controller;
 
+import com.common.utils.model.Code;
+import com.common.utils.model.Message;
 import com.alibaba.fastjson.JSONArray;
 import com.common.utils.StringUtils;
 import com.common.utils.encryption.PasswdFactory;
 import com.common.utils.jwt.JwtUtil;
-import com.common.utils.model.Code;
-import com.common.utils.model.Message;
 import com.common.utils.model.SingleResult;
 import com.rzyc.bean.user.dto.LoginDto;
+import com.rzyc.model.ent.EntUser;
+import com.rzyc.service.PcBusinessService;
+import com.rzyc.service.UserLoginService;
 import com.rzyc.bean.user.dto.WeChartLoginDto;
 import com.rzyc.model.ent.SysEnterprise;
 import com.rzyc.model.user.SysUser;
 import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiImplicitParam;
+import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
-import org.springframework.stereotype.Controller;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
-
 import javax.validation.Valid;
+import java.util.List;
+import java.util.Objects;
+
 
 /**
  * 个人中心系统
@@ -32,6 +40,43 @@ import javax.validation.Valid;
 @Validated
 public class PersonalController extends BaseController{
 
+    @Autowired
+    UserLoginService userLoginService;
+
+    @Autowired
+    PcBusinessService pcBusinessService;
+
+    /**
+     * 用户登录
+     * @version v1.0
+     * @author dong
+     * @date 2022/9/16 14:21
+     */
+    @ApiOperation(value = "用户登录", notes = "用户登录")
+    @PostMapping(value = "/login")
+    public SingleResult<String> login(@Valid LoginDto loginDto)throws Exception{
+        SingleResult<String> result = new SingleResult<>();
+
+        String generateCode = request.getSession().getAttribute(constantsConfigure.getGenerateCodeKey())+"";
+        //验证码只能使用一次
+        request.getSession().removeAttribute(constantsConfigure.getGenerateCodeKey());
+
+        if(loginDto.getGenerateCode().equals(generateCode)) {
+            String loginResult = userLoginService.login(loginDto.sysusername, loginDto.getSyspassword());
+            if (Objects.isNull(loginResult)) {
+                result.setCode(Code.PASSWORD_OR_ACCOUNT_ERROR.getCode());
+                result.setMessage(Message.PASSWORD_OR_ACCOUNT_ERROR);
+            } else {
+                System.out.println("登陆成功");
+                result.setData(loginResult);
+            }
+        }else {
+            result.setCode(Code.CODE_ERROT.getCode());
+            result.setMessage(Message.CODE_ERROT);
+        }
+        return result;
+    }
+
     /**
      * 企业登录
      * @param loginDto
@@ -96,4 +141,28 @@ public class PersonalController extends BaseController{
         return result;
     }
 
+
+    /**
+     * 企业用户组织树
+     * @param enterpriseId 企业id
+     * @param postId 企业用户id
+     * @return 企业用户树
+     * @throws Exception
+     */
+    @ApiOperation(value = "企业用户组织树", notes = "企业用户组织树")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "enterpriseId", value = "公司id", required = true, dataType = "string"),
+            @ApiImplicitParam(name = "postId", value = "企业用户岗位id",required = false, dataType = "string"),
+    })
+    @PostMapping(value = "/entUserTree")
+    @PreAuthorize("hasRole('ADMIN')")
+    @ResponseBody
+    public SingleResult<List<EntUser>> entUserTree(String enterpriseId, String postId)throws Exception{
+        return  pcBusinessService.entUserTree(enterpriseId,postId);
+    }
+
+
+
+
+
 }
diff --git a/inventory-ent/src/main/java/com/rzyc/filter/JwtAuthenticationTokenFiler.java b/inventory-ent/src/main/java/com/rzyc/filter/JwtAuthenticationTokenFiler.java
new file mode 100644
index 0000000..6b6fd17
--- /dev/null
+++ b/inventory-ent/src/main/java/com/rzyc/filter/JwtAuthenticationTokenFiler.java
@@ -0,0 +1,73 @@
+package com.rzyc.filter;
+
+import com.common.utils.jwt.JwtUtil;
+import com.rzyc.advice.CustomException;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * spring security JWT Filter
+ * @author Xuwanxin
+ * @date 2022/9/26
+ * */
+
+@Component
+@Slf4j
+public class JwtAuthenticationTokenFiler extends OncePerRequestFilter {
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        //获取token
+        String token = request.getHeader("token");
+        if (!StringUtils.hasText(token)) {
+            //放行
+            filterChain.doFilter(request, response);
+            return;
+        }
+        try {
+            String userId = JwtUtil.getTokenMsg(token);
+        } catch (Exception e) {
+            System.out.println("token非法");
+            throw new RuntimeException("token非法");
+        }
+        try {
+
+            //角色权限和操作权限
+            List<GrantedAuthority> authoritys = new ArrayList<GrantedAuthority>();
+            //这里暂时写死的测试，后面以redis来暂时存储role权限
+            authoritys.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
+
+            // 获取权限信息封装到Authentication中
+            UsernamePasswordAuthenticationToken authenticationToken =
+                    new UsernamePasswordAuthenticationToken(null,null,authoritys);
+            SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+
+
+
+            filterChain.doFilter(request, response);
+        }catch (AccessDeniedException e){
+            System.out.println("权限失败");
+            throw new CustomException("无权限");
+        }catch (Exception e){
+           e.printStackTrace();
+        }
+
+    }
+
+}
diff --git a/inventory-ent/src/main/java/com/rzyc/service/PcBusinessService.java b/inventory-ent/src/main/java/com/rzyc/service/PcBusinessService.java
new file mode 100644
index 0000000..990eacd
--- /dev/null
+++ b/inventory-ent/src/main/java/com/rzyc/service/PcBusinessService.java
@@ -0,0 +1,77 @@
+package com.rzyc.service;
+
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONArray;
+import com.common.utils.StringUtils;
+import com.common.utils.TypeConversion;
+import com.common.utils.model.SingleResult;
+import com.rzyc.bean.emergency.PlanList;
+import com.rzyc.controller.BaseController;
+import com.rzyc.model.ent.EntPost;
+import com.rzyc.model.ent.EntUser;
+import com.rzyc.model.ent.SysEnterprise;
+
+import org.springframework.stereotype.Service;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 企业端pc业务 Service
+ * @author Xuwanxin
+ * @date 2022/9/29
+ * */
+
+
+@Service
+public class PcBusinessService extends BaseController {
+
+    public SingleResult<List<EntUser>>entUserTree(String enterpriseId,String postId){
+        SingleResult singleResult = new SingleResult();
+        SysEnterprise sysEnterprise = sysEnterpriseMapper.selectByPrimaryKey(enterpriseId);
+        List<EntPost> list = entPostMapper.selectEntUserTree(enterpriseId,postId);
+
+        /**
+         * sql里进行了order by，如果传入postId就是查询非全部的数结构，需要加入一个公司，所以把第一个最大权限设置为company，这样公司才会在树的最上面
+         * 相反不穿postId就是查询全部，默认会有company打头就不用再修改list的0对象
+         */
+        if (null != postId){
+            list.get(0).setParentId("company");
+        }
+        //加入公司为第一个树结构
+        EntPost entPost = new EntPost();
+        entPost.setName(sysEnterprise.getEntname());
+        entPost.setPostId("company");
+        list.add(entPost);
+
+        JSONArray jsonArray =  handleEntUserTree(list);
+        List<EntPost>posts = JSONArray.parseArray(JSONArray.toJSONString(jsonArray),EntPost.class);
+        singleResult.setData(posts);
+        return singleResult;
+    }
+
+    /**
+     * 处理企业用户数结构list
+     */
+    private JSONArray handleEntUserTree(List<EntPost> list){
+        List<Map<String,Object>> data = new ArrayList<>();
+        for(EntPost entPost : list){
+            if(StringUtils.isBlank(entPost.getParentId())){
+                entPost.setParentId("");
+            }
+            Map<String,Object> entPostMap = new HashMap<String,Object>();
+            entPostMap.put("postId",entPost.getPostId());
+            entPostMap.put("name",entPost.getName());
+            entPostMap.put("parentId",entPost.getParentId());
+            entPostMap.put("subordinates",entPost.getSubordinates());
+            data.add(entPostMap);
+        }
+        com.alibaba.fastjson.JSONArray result = TypeConversion.listToTree(com.alibaba.fastjson.JSONArray.parseArray(JSON.toJSONString(data)),"postId","parentId","children");
+        return result;
+    }
+
+
+
+}
diff --git a/inventory-ent/src/main/java/com/rzyc/service/UserLoginService.java b/inventory-ent/src/main/java/com/rzyc/service/UserLoginService.java
new file mode 100644
index 0000000..38575d0
--- /dev/null
+++ b/inventory-ent/src/main/java/com/rzyc/service/UserLoginService.java
@@ -0,0 +1,61 @@
+package com.rzyc.service;
+
+
+import com.common.utils.jwt.JwtUtil;
+import com.rzyc.config.EntUserDetails;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+import java.util.Objects;
+
+/**
+ * 用户登陆 Service
+ * @author Xuwanxin
+ * @date 2022/9/26
+ * */
+
+@Service
+public class UserLoginService {
+
+
+    private UserDetailsService userDetailsService;
+
+
+    private PasswordEncoder passwordEncoder;
+
+    @Autowired
+    public void UserLoginServiceFinder(UserDetailsService userDetailsService,PasswordEncoder passwordEncoder){
+        this.userDetailsService = userDetailsService;
+        this.passwordEncoder = passwordEncoder;
+    }
+
+    public String login(String username, String password) {
+        String token = null;
+        try {
+            UserDetails userDetails = userDetailsService.loadUserByUsername(username);
+            if (Objects.isNull(userDetails)) {
+                throw new UsernameNotFoundException("账号不存在");
+            }
+            //这里可能会不对，因为我们是MD5，这个是spring security 中的 encoder加密
+            if (!passwordEncoder.matches(password, userDetails.getPassword())) {
+                throw new BadCredentialsException("密码不正确");
+            }
+            //spring security context insert
+            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+            SecurityContextHolder.getContext().setAuthentication(authentication);
+            //企业用户id
+            String id = ((EntUserDetails)SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getId();
+            token = JwtUtil.createToken(id);
+        } catch (AuthenticationException e) {
+            e.printStackTrace();
+        }
+        return token;
+    }
+}
diff --git a/inventory-gov/pom.xml b/inventory-gov/pom.xml
index 877af14..0e532e1 100644
--- a/inventory-gov/pom.xml
+++ b/inventory-gov/pom.xml
@@ -194,7 +194,6 @@
         <!-- 配置文件密码加密 end -->
 
 
-
     </dependencies>
 
     <build>
diff --git a/utils/src/main/java/com/common/utils/model/Code.java b/utils/src/main/java/com/common/utils/model/Code.java
index 25d580b..c6e9cc7 100644
--- a/utils/src/main/java/com/common/utils/model/Code.java
+++ b/utils/src/main/java/com/common/utils/model/Code.java
@@ -59,8 +59,12 @@ public enum Code {
 	//已修改过
 	CHANGED(27),
 	//令牌过期
-	TOKEN_EXPIRE(28);
-	
+	TOKEN_EXPIRE(28),
+	//无权限
+	AUTHORIZATION_FAILED(29),
+	//账户或密码错误
+	PASSWORD_OR_ACCOUNT_ERROR(30);
+
 	private int code;
 	
 	private Code(int code){
diff --git a/utils/src/main/java/com/common/utils/model/Message.java b/utils/src/main/java/com/common/utils/model/Message.java
index f847514..59f9a97 100644
--- a/utils/src/main/java/com/common/utils/model/Message.java
+++ b/utils/src/main/java/com/common/utils/model/Message.java
@@ -61,6 +61,8 @@ public class Message {
 
 	public static final String PASSWORD_ERROR = "密码错误";
 
+	public static final String PASSWORD_OR_ACCOUNT_ERROR = "账户或密码错误";
+
 	public static final String NOT_AUTH = "没有权限";
 
 	public static final String CODE_ERROT = "验证码错误";
@@ -164,4 +166,6 @@ public class Message {
 	public static final String CODE_NOTICE = "参数异常";
 
 	public static final String NOT_BACK = "存在未归还记录";
+
+	public static final String AUTHORIZATION_FAILED="无权限操作";
 }