docs: 整理数据初始化文档

commit: 193c858ffe1a002609c5540f31ed20e6d2cae671 [log] [tgz]
author: 刘洪青 <hongqing.liu@supwisdom.com> 周一 4月 19 23:28:42 2021 +0800
committer: 刘洪青 <hongqing.liu@supwisdom.com> 周四 6月 17 13:08:58 2021 +0800
tree: ab7684b6dbc7e9b0b45130045f30e1fb3c1c8d15
parent: 0bfa89997e02da3985b17f38322a3fb24166dea6 [diff]
diff --git "a/deploy-manifests/k8s-rancher/1.2.0001.\350\256\244\350\257\201\346\216\210\346\235\203-\346\216\210\346\235\203\346\234\215\345\212\241\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\247\222\350\211\262\357\274\211.md" "b/deploy-manifests/k8s-rancher/1.2.0001.\350\256\244\350\257\201\346\216\210\346\235\203-\346\216\210\346\235\203\346\234\215\345\212\241\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\247\222\350\211\262\357\274\211.md"
new file mode 100644
index 0000000..5c148e3
--- /dev/null
+++ "b/deploy-manifests/k8s-rancher/1.2.0001.\350\256\244\350\257\201\346\216\210\346\235\203-\346\216\210\346\235\203\346\234\215\345\212\241\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\247\222\350\211\262\357\274\211.md"

@@ -0,0 +1,67 @@
+
+# 认证授权-授权服务数据初始化.md
+
+
+[TOC]
+
+
+## 文档说明
+
+
+
+## 操作指南
+
+
+
+
+## 初始化数据
+
+
+### 创建授权应用
+
+```sql
+INSERT INTO TB_APPLICATION (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, 
+  BUSINESS_DOMAIN_ID, SYSTEM_ID, 
+  NAME, APPLICATION_ID, SYNC_URL, ENABLED)
+VALUES ('20', '1', 0, 'admin', '2019-07-01 00:00:00', 
+  '1', '1', 
+  '用户授权', '20', '', 1);
+
+commit;
+```
+
+### 创建应用角色
+
+#### 方式，SQL脚本
+
+连接至 user_authz 数据库，执行以下 SQL脚本
+
+```sql
+use user_authz;
+
+INSERT INTO TB_ROLE (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, APPLICATION_ID, CODE, NAME, DESCRIPTION, ENABLED, EXTERNAL_ID)
+VALUES ('20', '1', 0, 'admin', '2019-07-01 00:00:00', '20', 'cas-admin', '认证管理员', '认证管理员', 1, '20');
+
+INSERT INTO TB_ROLE (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, APPLICATION_ID, CODE, NAME, DESCRIPTION, ENABLED, EXTERNAL_ID)
+VALUES ('30', '1', 0, 'admin', '2019-07-01 00:00:00', '20', 'user-admin', '用户管理员', '用户管理员', 1, '30');
+
+INSERT INTO TB_ROLE (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, APPLICATION_ID, CODE, NAME, DESCRIPTION, ENABLED, EXTERNAL_ID)
+VALUES ('40', '1', 0, 'admin', '2019-07-01 00:00:00', '20', 'user-authz-admin', '授权管理员', '授权管理员', 1, '40');
+INSERT INTO TB_ROLE (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, APPLICATION_ID, CODE, NAME, DESCRIPTION, ENABLED, EXTERNAL_ID)
+VALUES ('41', '1', 0, 'admin', '2019-07-01 00:00:00', '20', 'user-authz-grant-admin', '用户授权管理员', '用户授权管理员', 1, '41');
+INSERT INTO TB_ROLE (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, APPLICATION_ID, CODE, NAME, DESCRIPTION, ENABLED, EXTERNAL_ID)
+VALUES ('42', '1', 0, 'admin', '2019-07-01 00:00:00', '20', 'user-authz-man-grant-admin', '分级授权管理员', '分级授权管理员', 1, '42');
+
+commit;
+```
+
+若角色已经存在，更新
+
+```sql
+use user_authz;
+
+UPDATE TB_ROLE SET APPLICATION_ID='20' WHERE ID IN ('20', '30', '40', '41', '42');
+
+commit;
+```
+

diff --git "a/deploy-manifests/k8s-rancher/0.1.2.\350\256\244\350\257\201\346\216\210\346\235\203\350\217\234\345\215\225\357\274\210\344\272\221\345\271\263\345\217\260\345\206\205\357\274\211\345\210\235\345\247\213\345\214\226.md" "b/deploy-manifests/k8s-rancher/1.2.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
similarity index 76%
rename from "deploy-manifests/k8s-rancher/0.1.2.\350\256\244\350\257\201\346\216\210\346\235\203\350\217\234\345\215\225\357\274\210\344\272\221\345\271\263\345\217\260\345\206\205\357\274\211\345\210\235\345\247\213\345\214\226.md"
rename to "deploy-manifests/k8s-rancher/1.2.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
index 9d87b87..1d927fb 100644
--- "a/deploy-manifests/k8s-rancher/0.1.2.\350\256\244\350\257\201\346\216\210\346\235\203\350\217\234\345\215\225\357\274\210\344\272\221\345\271\263\345\217\260\345\206\205\357\274\211\345\210\235\345\247\213\345\214\226.md"
+++ "b/deploy-manifests/k8s-rancher/1.2.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"

@@ -1,5 +1,5 @@
 
-# 认证授权菜单初始化
+# 认证授权-云平台数据初始化
 
 
 [TOC]
@@ -14,64 +14,151 @@
 
 
 
-## 导入数据
+## 初始化数据
 
-### 应用
 
-```sql
-insert into TB_MGT_APPLICATION (ID, DELETED, CODE, NAME, STATUS) 
-values ('10', 0, '10', '认证授权', '1');
+### 创建路由
+
+#### 方式一，手动添加
+
+进入 云平台 - 基础管理 - 路由管理，添加路由记录
+
+注：
+* 路由前缀 如：`/api/v1/sample/**`，确保与其他路由信息 **不存在冲突**
+* 后端服务地址 如：`http://xxx.sample.edu.cn`
+* 是否丢弃前缀，若是，转发到后端服务时的请求为 `http://xxx.sample.edu.cn/**`，否则为 `http://xxx.sample.edu.cn/api/v1/sample/**`
+
+
+代码 | 名称 | 描述 | 是否启用 | 路由前缀 | 路由服务地址 | 是否丢弃前缀
+- | - | - | - | - | - | - | -
+authx-service-user-api | 认证授权 - 用户接口 | | 是 | /api/v1/base | http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080 | 否
+authx-service-personal-api | 认证授权 - 个人信息接口 | | 是 | /api/v1/personal | http://personal-security-center-bff-svc.personal-security-center.svc.cluster.local:8080/api/v1 | 是
+authx-service-admin-api | 认证授权 - 聚合接口（认证、授权） | | 是 | /api/v2/admin | http://authx-service-bff-svc.authx-service.svc.cluster.local:8080 | 否
+authx-service-open-api | 认证授权 - 聚合接口（公开） | | 是 | /api/v2/open | http://authx-service-bff-svc.authx-service.svc.cluster.local:8080 | 否
+
+
+#### 方式二，bash脚本
+
+```json
+{"id": "20", "code": "authx-service-user-api", "name":"认证授权 - 用户接口", "memo":"", "status":"1", "pathPrefix":"/api/v1/base", "url":"http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080", "stripPrefix":false}
+
+{"id": "40", "code": "authx-service-personal-api", "name":"认证授权 - 个人信息接口", "memo":"", "status":"1", "pathPrefix":"/api/v1/personal", "url":"http://personal-security-center-bff-svc.personal-security-center.svc.cluster.local:8080/api/v1", "stripPrefix":true}
+
+{"id": "21", "code": "authx-service-admin-api", "name":"认证授权 - 聚合接口（认证、授权）", "memo":"", "status":"1", "pathPrefix":"/api/v2/admin", "url":"http://authx-service-bff-svc.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+{"id": "22", "code": "authx-service-open-api", "name":"认证授权 - 聚合接口（公开）", "memo":"", "status":"1", "pathPrefix":"/api/v2/open", "url":"http://authx-service-bff-svc.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+```
+
+```bash
+curl -i -s -X POST "http://admin-backend-sa-svc.admin-backend.svc.cluster.local:8080/v1/admin/routes" -H 'Content-Type: application/json' \
+-d \
+'
+{"id": "20", "code": "authx-service-user-api", "name":"认证授权 - 用户接口", "memo":"", "status":"1", "pathPrefix":"/api/v1/base", "url":"http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080", "stripPrefix":false}
+'
+
+curl -i -s -X POST "http://admin-backend-sa-svc.admin-backend.svc.cluster.local:8080/v1/admin/routes" -H 'Content-Type: application/json' \
+-d \
+'
+{"id": "40", "code": "authx-service-personal-api", "name":"认证授权 - 个人信息接口", "memo":"", "status":"1", "pathPrefix":"/api/v1/personal", "url":"http://personal-security-center-bff-svc.personal-security-center.svc.cluster.local:8080/api/v1", "stripPrefix":true}
+'
+
+curl -i -s -X POST "http://admin-backend-sa-svc.admin-backend.svc.cluster.local:8080/v1/admin/routes" -H 'Content-Type: application/json' \
+-d \
+'
+{"id": "21", "code": "authx-service-admin-api", "name":"认证授权 - 聚合接口（认证、授权）", "memo":"", "status":"1", "pathPrefix":"/api/v2/admin", "url":"http://authx-service-bff-svc.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+'
+
+curl -i -s -X POST "http://admin-backend-sa-svc.admin-backend.svc.cluster.local:8080/v1/admin/routes" -H 'Content-Type: application/json' \
+-d \
+'
+{"id": "22", "code": "authx-service-open-api", "name":"认证授权 - 聚合接口（公开）", "memo":"", "status":"1", "pathPrefix":"/api/v2/open", "url":"http://authx-service-bff-svc.authx-service.svc.cluster.local:8080", "stripPrefix":false}
+'
 ```
 
 
+#### 方式三，SQL脚本
+
+连接至 admin_center 数据库，执行以下 SQL脚本
+
+```sql
+use admin_center;
+
+insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
+values ('20', 0, 'authx-service-user-api', '认证授权 - 用户接口', '1', '/api/v1/base', 'https://localhost:8022', 0);
+
+insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
+values ('40', 0, 'authx-service-personal-api', '认证授权 - 个人信息接口', '1', '/api/v1/personal', 'http://localhost:8041/api/v1', 1);
+
+insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
+values ('21', 0, 'authx-service-admin-api', '认证授权 - 聚合接口（认证、授权）', '1', '/api/v2/admin', 'http://localhost:8009', 0);
+insert into TB_MGT_ROUTE (ID, DELETED, CODE, NAME, STATUS, PATH_PREFIX, URL, STRIP_PREFIX) 
+values ('22', 0, 'authx-service-open-api', '认证授权 - 聚合接口（公开）', '1', '/api/v2/open', 'http://localhost:8009', 0);
+
+commit;
+
+update TB_MGT_ROUTE set URL='http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080' where ID='20';
+
+update TB_MGT_ROUTE set URL='http://personal-security-center-bff-svc.personal-security-center.svc.cluster.local:8080/api/v1' where ID='40';
+
+update TB_MGT_ROUTE set URL='http://authx-service-bff-svc.authx-service.svc.cluster.local:8080' where ID='21';
+update TB_MGT_ROUTE set URL='http://authx-service-bff-svc.authx-service.svc.cluster.local:8080' where ID='22';
+
+commit;
+```
+
+
+### 创建应用
+
+#### 方式一，手动添加
+
+进入 云平台 - 基础管理 - 应用管理，添加应用
+
+应用标识 | 名称 | 描述 | 是否启用 | 应用访问地址
+- | - | - | - | -
+20 | 用户授权 | | 是 | 
+
+
+#### 方式二，bash脚本
+
 ```json
-{"id": "10", "code": "10", "name":"认证授权", "memo":"", "status":"1", "url":""}
+{"id": "20", "code": "20", "name":"用户授权", "memo":"", "status":"1", "url":""}
 ```
 
 
 ```bash
-curl -i -s -X POST "http://admin-center-sa-svc.admin-center.svc.cluster.local:8080/v1/admin/applications" -H 'Content-Type: application/json' \
+curl -i -s -X POST "http://admin-backend-sa-svc.admin-backend.svc.cluster.local:8080/v1/admin/applications" -H 'Content-Type: application/json' \
 -d \
 '
-{"id": "10", "code": "10", "name":"认证授权", "memo":"", "status":"1", "url":""}
+{"id": "20", "code": "20", "name":"用户授权", "memo":"", "status":"1", "url":""}
 '
 ```
 
 
-### 菜单
+#### 方式三，SQL脚本
 
-* 认证管理
+连接至 admin_center 数据库，执行以下 SQL脚本
 
 ```sql
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('20000', 0, 'cas-server', '认证管理', '1', '2', '', '/', '10', '1', 20000, 1, 18, 33);
+use admin_center;
 
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('20100', 0, 'loginConfig', '登录方式配置', '1', '2', 'su-icon-denglupeizhi', '/cas-server/loginConfig', '10', '20000', 20100, 2, 19, 20);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('20200', 0, 'safeLoginConfig', '账号安全配置', '1', '2', 'su-icon-config-security', '/cas-server/safeLoginConfig', '10', '20000', 20200, 2, 21, 22);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('20300', 0, 'accountActivationConfiguration', '账号激活配置', '1', '2', 'su-icon-bulb', '/cas-server/accountActivationConfiguration', '10', '20000', 20300, 2, 23, 24);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('20400', 0, 'safeConfig', '安全策略配置', '1', '2', 'su-icon-celuepeizhi', '/cas-server/safeConfig', '10', '20000', 20400, 2, 25, 26);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('20500', 0, 'passwordConfig', '密码策略配置', '1', '2', 'su-icon-mimacelue', '/cas-server/passwordConfig', '10', '20000', 20500, 2, 27, 28);
+insert into TB_MGT_APPLICATION (ID, DELETED, CODE, NAME, STATUS) 
+values ('20', 0, '20', '用户授权', '1');
 
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('20600', 0, 'serverManagement', '应用对接配置', '1', '2', 'el-icon-service', '/cas-server/serverManagement', '10', '20000', 20600, 2, 29, 30);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('20700', 0, 'loginPageConfig', '登录页面配置', '1', '2', 'su-icon-tongxunxinxi', '/cas-server/loginPageConfig', '10', '20000', 20700, 2, 29, 30);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('20800', 0, 'linkLoginConfig', '联合登录配置', '1', '2', 'su-icon-test', '/cas-server/linkLoginConfig', '10', '20000', 20800, 2, 29, 30);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('21000', 0, 'lockManagement', '认证锁定管理', '1', '2', 'su-icon-shouquanjiguanli', '/cas-server/lockManagement', '10', '20000', 21000, 2, 31, 32);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('21100', 0, 'analyze', '认证统计分析', '1', '2', 'su-icon-renzhengtongjifenxi', '/cas-server/analyze', '10', '20000', 21100, 2, 31, 32);
+commit;
 ```
 
 
+### 创建菜单
+
+#### 方式一，手动导入
+
+进入 云平台 - 基础管理 - 菜单管理，导入
+
+所属应用 选择 用户授权
+
+菜单列表（JSON）如下，（复制后粘贴）
+
+* 认证管理
+
 ```json
 [
   {
@@ -132,111 +219,8 @@
 ]
 ```
 
-
-```bash
-curl -i -s -X POST "http://admin-center-sa-svc.admin-center.svc.cluster.local:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \
--d \
-'
-{
-  "applicationId": "10",
-  "menuList": 
-    [
-      {
-        "id": "20000", "parentIdOrCode":"1", "code": "cas-server", "name": "认证管理", "memo": "", "status": "1", 
-        "icon": "", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/", "target": "", 
-        "order": 20000, "resourceIdOrCodes": []
-      },
-      {
-        "id": "20100", "parentIdOrCode":"20000", "code": "loginConfig", "name": "登录方式配置", "memo": "", "status": "1", 
-        "icon": "su-icon-denglupeizhi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/loginConfig", "target": "", 
-        "order": 20100, "resourceIdOrCodes": []
-      },
-      {
-        "id": "20200", "parentIdOrCode":"20000", "code": "safeLoginConfig", "name": "账号安全配置", "memo": "", "status": "1", 
-        "icon": "su-icon-config-security", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/safeLoginConfig", "target": "", 
-        "order": 20200, "resourceIdOrCodes": []
-      },
-      {
-        "id": "20300", "parentIdOrCode":"20000", "code": "accountActivationConfiguration", "name": "账号激活配置", "memo": "", "status": "1", 
-        "icon": "su-icon-bulb", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/accountActivationConfiguration", "target": "", 
-        "order": 20300, "resourceIdOrCodes": []
-      },
-      {
-        "id": "20400", "parentIdOrCode":"20000", "code": "safeConfig", "name": "安全策略配置", "memo": "", "status": "1", 
-        "icon": "su-icon-celuepeizhi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/safeConfig", "target": "", 
-        "order": 20400, "resourceIdOrCodes": []
-      },
-      {
-        "id": "20500", "parentIdOrCode":"20000", "code": "passwordConfig", "name": "密码策略配置", "memo": "", "status": "1", 
-        "icon": "su-icon-mimacelue", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/passwordConfig", "target": "", 
-        "order": 20500, "resourceIdOrCodes": []
-      },
-      {
-        "id": "20600", "parentIdOrCode":"20000", "code": "serverManagement", "name": "应用对接配置", "memo": "", "status": "1", 
-        "icon": "el-icon-service", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/serverManagement", "target": "", 
-        "order": 20600, "resourceIdOrCodes": []
-      },
-      {
-        "id": "20700", "parentIdOrCode":"20000", "code": "loginPageConfig", "name": "登录页面配置", "memo": "", "status": "1", 
-        "icon": "su-icon-tongxunxinxi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/loginPageConfig", "target": "", 
-        "order": 20700, "resourceIdOrCodes": []
-      },
-      {
-        "id": "20800", "parentIdOrCode":"20000", "code": "linkLoginConfig", "name": "联合登录配置", "memo": "", "status": "1", 
-        "icon": "su-icon-test", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/linkLoginConfig", "target": "", 
-        "order": 20800, "resourceIdOrCodes": []
-      },
-      {
-        "id": "21000", "parentIdOrCode":"20000", "code": "lockManagement", "name": "认证锁定管理", "memo": "", "status": "1", 
-        "icon": "su-icon-shouquanjiguanli", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/lockManagement", "target": "", 
-        "order": 21000, "resourceIdOrCodes": []
-      },
-      {
-        "id": "21100", "parentIdOrCode":"20000", "code": "analyze", "name": "认证统计分析", "memo": "", "status": "1", 
-        "icon": "su-icon-renzhengtongjifenxi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/analyze", "target": "", 
-        "order": 21100, "resourceIdOrCodes": []
-      }
-    ]
-}
-'
-```
-
-
 * 用户管理
 
-```sql
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30000', 0, 'user-server', '用户管理', '1', '2', '', '/', '10', '1', 30000, 1, 34, 53);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30100', 0, 'dictionary', '字典管理', '1', '2', 'su-icon-zidian', '/user-server/dictionary', '10', '30000', 30100, 2, 35, 36);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30200', 0, 'identity', '身份管理', '1', '2', 'su-icon-shenfen', '/user-server/identity', '10', '30000', 30200, 2, 37, 38);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30300', 0, 'mechanism', '组织机构管理', '1', '2', 'su-icon-department', '/user-server/mechanism', '10', '30000', 30300, 2, 39, 40);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30400', 0, 'person', '人员管理', '1', '2', 'su-icon-people', '/user-server/person', '10', '30000', 30400, 2, 41, 42);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30500', 0, 'label', '标签管理', '1', '2', 'su-icon-biaoqian', '/user-server/label', '10', '30000', 30500, 2, 43, 44);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30600', 0, 'simpleUserGroupManage', '普通用户组管理', '1', '2', 'su-icon-portrait', '/user-server/simpleUserGroupManage', '10', '30000', 30600, 2, 45, 46);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30700', 0, 'postUserGroupManage', '岗位用户组管理', '1', '2', 'su-icon-personnel', '/user-server/postUserGroupManage', '10', '30000', 30700, 2, 47, 48);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30750', 0, 'userScope', '用户规则', '1', '1', 'el-icon-guide', '/user-server/userScope', '1', '30000', 30750, 2, 51, 52);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('30800', 0, 'assignation', '人员分配', '1', '2', 'su-icon-tihuanbanliren', '/user-server/assignation', '10', '30000', 30800, 2, 49, 50);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('31000', 0, 'activateAccount', '账号激活审核', '1', '2', 'su-icon-yonghushouquan', '/user-server/activateAccount', '10', '30000', 31000, 2, 51, 52);
-
-```
-
-
-
 ```json
 [
   {
@@ -297,113 +281,8 @@
 ]
 ```
 
-
-```bash
-curl -i -s -X POST "http://admin-center-sa-svc.admin-center.svc.cluster.local:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \
--d \
-'
-{
-  "applicationId": "10",
-  "menuList": 
-    [
-      {
-        "id": "30000", "parentIdOrCode":"1", "code": "user-server", "name": "用户管理", "memo": "", "status": "1", 
-        "icon": "", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/", "target": "", 
-        "order": 30000, "resourceIdOrCodes": []
-      },
-      {
-        "id": "30100", "parentIdOrCode":"30000", "code": "dictionary", "name": "字典管理", "memo": "", "status": "1", 
-        "icon": "su-icon-zidian", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/dictionary", "target": "", 
-        "order": 30100, "resourceIdOrCodes": []
-      },
-      {
-        "id": "30200", "parentIdOrCode":"30000", "code": "identity", "name": "身份管理", "memo": "", "status": "1", 
-        "icon": "su-icon-shenfen", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/identity", "target": "", 
-        "order": 30200, "resourceIdOrCodes": []
-      },
-      {
-        "id": "30300", "parentIdOrCode":"30000", "code": "mechanism", "name": "组织机构管理", "memo": "", "status": "1", 
-        "icon": "su-icon-department", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/mechanism", "target": "", 
-        "order": 30300, "resourceIdOrCodes": []
-      },
-      {
-        "id": "30400", "parentIdOrCode":"30000", "code": "person", "name": "人员管理", "memo": "", "status": "1", 
-        "icon": "su-icon-people", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/person", "target": "", 
-        "order": 30400, "resourceIdOrCodes": []
-      },
-      {
-        "id": "30500", "parentIdOrCode":"30000", "code": "label", "name": "标签管理", "memo": "", "status": "1", 
-        "icon": "su-icon-biaoqian", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/label", "target": "", 
-        "order": 30500, "resourceIdOrCodes": []
-      },
-      {
-        "id": "30600", "parentIdOrCode":"30000", "code": "simpleUserGroupManage", "name": "普通用户组管理", "memo": "", "status": "1", 
-        "icon": "su-icon-portrait", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/simpleUserGroupManage", "target": "", 
-        "order": 30600, "resourceIdOrCodes": []
-      },
-      {
-        "id": "30700", "parentIdOrCode":"30000", "code": "postUserGroupManage", "name": "岗位用户组管理", "memo": "", "status": "1", 
-        "icon": "su-icon-personnel", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/postUserGroupManage", "target": "", 
-        "order": 30700, "resourceIdOrCodes": []
-      },
-      {
-        "id": "30750", "parentIdOrCode":"30000", "code": "userScope", "name": "用户规则", "memo": "", "status": "1", 
-        "icon": "el-icon-guide", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/userScope", "target": "", 
-        "order": 30750, "resourceIdOrCodes": []
-      },
-      {
-        "id": "30800", "parentIdOrCode":"30000", "code": "assignation", "name": "人员分配", "memo": "", "status": "1", 
-        "icon": "su-icon-tihuanbanliren", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/assignation", "target": "", 
-        "order": 30800, "resourceIdOrCodes": []
-      },
-      {
-        "id": "31000", "parentIdOrCode":"30000", "code": "activateAccount", "name": "账号激活审核", "memo": "", "status": "1", 
-        "icon": "su-icon-yonghushouquan", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/activateAccount", "target": "", 
-        "order": 31000, "resourceIdOrCodes": []
-      }
-    ]
-}
-'
-```
-
-
 * 授权管理
 
-```sql
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('40000', 0, 'authorization-server', '授权管理', '1', '2', '', '/', '10', '1', 40000, 1, 54, 77);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('40100', 0, 'applicationRole', '角色授权', '1', '2', 'su-icon-yingyongjuese', '/auth-server/applicationRole', '10', '40000', 40100, 2, 55, 56);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('40200', 0, 'authorizationRoleComponent', '角色组授权', '1', '2', 'su-icon-juesezu', '/auth-server/authorizationRoleComponent', '10', '40000', 40200, 2, 57, 58);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('40300', 0, 'userAuthManagePeople', '用户授权', '1', '2', 'su-icon-yonghushouquan', '/auth-server/userAuthManagePeople', '10', '40000', 40300, 2, 59, 60);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('40400', 0, 'roleAuthManagement', '用户规则授权', '1', '2', 'su-icon-yonghuguize', '/auth-server/roleAuthManagement', '10', '40000', 40400, 2, 61, 62);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('40500', 0, 'userGroupAuth', '用户组授权', '1', '2', 'su-icon-yonghuguize', '/auth-server/userGroupAuth', '10', '40000', 40500, 2, 63, 64);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('40900', 0, 'authorizationAndManagement', '分级授权管理', '1', '2', 'su-icon-shouquanjiguanli', '/auth-server/authorizationAndManagement', '10', '40000', 40900, 2, 65, 66);
-
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('41100', 0, 'accountAuthorizationAudit', '账号授权审计', '1', '2', 'su-icon-zhsqsj', '/auth-server/accountAuthorizationAudit', '10', '40000', 41100, 2, 67, 68);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('41200', 0, 'userAudit', '用户规则权限审计', '1', '2', 'su-icon-yhgzqxsj', '/auth-server/userAudit', '10', '40000', 41200, 2, 69, 70);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('41300', 0, 'rolePermissionAudit', '角色/组授权审计', '1', '2', 'su-icon-jszsqsj', '/auth-server/rolePermissionAudit', '10', '40000', 41300, 2, 71, 72);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('41400', 0, 'authOperationsAudit', '权限操作审计', '1', '2', 'su-icon-qxczsj', '/auth-server/authOperationsAudit', '10', '40000', 41400, 2, 73, 74);
-insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
-values ('41500', 0, 'authStatisticalMonitor', '授权统计监控', '1', '2', 'su-icon-sqtjjk', '/auth-server/authStatisticalMonitor', '10', '40000', 41500, 2, 75, 76);
-
-```
-
-
 ```json
 [
   {
@@ -470,12 +349,156 @@
 ```
 
 
+#### 方式二，bash脚本
+
+* 认证管理
+
 ```bash
-curl -i -s -X POST "http://admin-center-sa-svc.admin-center.svc.cluster.local:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \
+curl -i -s -X POST "http://admin-backend-sa-svc.admin-backend.svc.cluster.local:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \
 -d \
 '
 {
-  "applicationId": "10",
+  "applicationId": "20",
+  "menuList": 
+    [
+      {
+        "id": "20000", "parentIdOrCode":"1", "code": "cas-server", "name": "认证管理", "memo": "", "status": "1", 
+        "icon": "", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/", "target": "", 
+        "order": 20000, "resourceIdOrCodes": []
+      },
+      {
+        "id": "20100", "parentIdOrCode":"20000", "code": "loginConfig", "name": "登录方式配置", "memo": "", "status": "1", 
+        "icon": "su-icon-denglupeizhi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/loginConfig", "target": "", 
+        "order": 20100, "resourceIdOrCodes": []
+      },
+      {
+        "id": "20200", "parentIdOrCode":"20000", "code": "safeLoginConfig", "name": "账号安全配置", "memo": "", "status": "1", 
+        "icon": "su-icon-config-security", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/safeLoginConfig", "target": "", 
+        "order": 20200, "resourceIdOrCodes": []
+      },
+      {
+        "id": "20300", "parentIdOrCode":"20000", "code": "accountActivationConfiguration", "name": "账号激活配置", "memo": "", "status": "1", 
+        "icon": "su-icon-bulb", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/accountActivationConfiguration", "target": "", 
+        "order": 20300, "resourceIdOrCodes": []
+      },
+      {
+        "id": "20400", "parentIdOrCode":"20000", "code": "safeConfig", "name": "安全策略配置", "memo": "", "status": "1", 
+        "icon": "su-icon-celuepeizhi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/safeConfig", "target": "", 
+        "order": 20400, "resourceIdOrCodes": []
+      },
+      {
+        "id": "20500", "parentIdOrCode":"20000", "code": "passwordConfig", "name": "密码策略配置", "memo": "", "status": "1", 
+        "icon": "su-icon-mimacelue", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/passwordConfig", "target": "", 
+        "order": 20500, "resourceIdOrCodes": []
+      },
+      {
+        "id": "20600", "parentIdOrCode":"20000", "code": "serverManagement", "name": "应用对接配置", "memo": "", "status": "1", 
+        "icon": "el-icon-service", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/serverManagement", "target": "", 
+        "order": 20600, "resourceIdOrCodes": []
+      },
+      {
+        "id": "20700", "parentIdOrCode":"20000", "code": "loginPageConfig", "name": "登录页面配置", "memo": "", "status": "1", 
+        "icon": "su-icon-tongxunxinxi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/loginPageConfig", "target": "", 
+        "order": 20700, "resourceIdOrCodes": []
+      },
+      {
+        "id": "20800", "parentIdOrCode":"20000", "code": "linkLoginConfig", "name": "联合登录配置", "memo": "", "status": "1", 
+        "icon": "su-icon-test", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/linkLoginConfig", "target": "", 
+        "order": 20800, "resourceIdOrCodes": []
+      },
+      {
+        "id": "21000", "parentIdOrCode":"20000", "code": "lockManagement", "name": "认证锁定管理", "memo": "", "status": "1", 
+        "icon": "su-icon-shouquanjiguanli", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/lockManagement", "target": "", 
+        "order": 21000, "resourceIdOrCodes": []
+      },
+      {
+        "id": "21100", "parentIdOrCode":"20000", "code": "analyze", "name": "认证统计分析", "memo": "", "status": "1", 
+        "icon": "su-icon-renzhengtongjifenxi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/analyze", "target": "", 
+        "order": 21100, "resourceIdOrCodes": []
+      }
+    ]
+}
+'
+```
+
+* 用户管理
+
+```bash
+curl -i -s -X POST "http://admin-backend-sa-svc.admin-backend.svc.cluster.local:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \
+-d \
+'
+{
+  "applicationId": "20",
+  "menuList": 
+    [
+      {
+        "id": "30000", "parentIdOrCode":"1", "code": "user-server", "name": "用户管理", "memo": "", "status": "1", 
+        "icon": "", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/", "target": "", 
+        "order": 30000, "resourceIdOrCodes": []
+      },
+      {
+        "id": "30100", "parentIdOrCode":"30000", "code": "dictionary", "name": "字典管理", "memo": "", "status": "1", 
+        "icon": "su-icon-zidian", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/dictionary", "target": "", 
+        "order": 30100, "resourceIdOrCodes": []
+      },
+      {
+        "id": "30200", "parentIdOrCode":"30000", "code": "identity", "name": "身份管理", "memo": "", "status": "1", 
+        "icon": "su-icon-shenfen", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/identity", "target": "", 
+        "order": 30200, "resourceIdOrCodes": []
+      },
+      {
+        "id": "30300", "parentIdOrCode":"30000", "code": "mechanism", "name": "组织机构管理", "memo": "", "status": "1", 
+        "icon": "su-icon-department", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/mechanism", "target": "", 
+        "order": 30300, "resourceIdOrCodes": []
+      },
+      {
+        "id": "30400", "parentIdOrCode":"30000", "code": "person", "name": "人员管理", "memo": "", "status": "1", 
+        "icon": "su-icon-people", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/person", "target": "", 
+        "order": 30400, "resourceIdOrCodes": []
+      },
+      {
+        "id": "30500", "parentIdOrCode":"30000", "code": "label", "name": "标签管理", "memo": "", "status": "1", 
+        "icon": "su-icon-biaoqian", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/label", "target": "", 
+        "order": 30500, "resourceIdOrCodes": []
+      },
+      {
+        "id": "30600", "parentIdOrCode":"30000", "code": "simpleUserGroupManage", "name": "普通用户组管理", "memo": "", "status": "1", 
+        "icon": "su-icon-portrait", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/simpleUserGroupManage", "target": "", 
+        "order": 30600, "resourceIdOrCodes": []
+      },
+      {
+        "id": "30700", "parentIdOrCode":"30000", "code": "postUserGroupManage", "name": "岗位用户组管理", "memo": "", "status": "1", 
+        "icon": "su-icon-personnel", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/postUserGroupManage", "target": "", 
+        "order": 30700, "resourceIdOrCodes": []
+      },
+      {
+        "id": "30750", "parentIdOrCode":"30000", "code": "userScope", "name": "用户规则", "memo": "", "status": "1", 
+        "icon": "el-icon-guide", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/userScope", "target": "", 
+        "order": 30750, "resourceIdOrCodes": []
+      },
+      {
+        "id": "30800", "parentIdOrCode":"30000", "code": "assignation", "name": "人员分配", "memo": "", "status": "1", 
+        "icon": "su-icon-tihuanbanliren", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/assignation", "target": "", 
+        "order": 30800, "resourceIdOrCodes": []
+      },
+      {
+        "id": "31000", "parentIdOrCode":"30000", "code": "activateAccount", "name": "账号激活审核", "memo": "", "status": "1", 
+        "icon": "su-icon-yonghushouquan", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/activateAccount", "target": "", 
+        "order": 31000, "resourceIdOrCodes": []
+      }
+    ]
+}
+'
+```
+
+* 授权管理
+
+```bash
+curl -i -s -X POST "http://admin-backend-sa-svc.admin-backend.svc.cluster.local:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \
+-d \
+'
+{
+  "applicationId": "20",
   "menuList": 
     [
       {
@@ -544,25 +567,125 @@
 ```
 
 
-### 角色
+#### 方式三，SQL脚本
+
+连接至 admin_center 数据库，执行以下 SQL脚本
+
+* 认证管理
 
 ```sql
+use admin_center;
 
-insert into TB_MGT_ROLE (ID, DELETED, CODE, NAME, STATUS) 
-values ('20', 0, 'cas-admin', '认证管理员', '1');
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('20000', 0, 'cas-server', '认证管理', '1', '2', '', '/', '20', '1', 20000, 1, 18, 33);
 
-insert into TB_MGT_ROLE (ID, DELETED, CODE, NAME, STATUS) 
-values ('30', 0, 'user-admin', '用户管理员', '1');
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('20100', 0, 'loginConfig', '登录方式配置', '1', '2', 'su-icon-denglupeizhi', '/cas-server/loginConfig', '20', '20000', 20100, 2, 19, 20);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('20200', 0, 'safeLoginConfig', '账号安全配置', '1', '2', 'su-icon-config-security', '/cas-server/safeLoginConfig', '20', '20000', 20200, 2, 21, 22);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('20300', 0, 'accountActivationConfiguration', '账号激活配置', '1', '2', 'su-icon-bulb', '/cas-server/accountActivationConfiguration', '20', '20000', 20300, 2, 23, 24);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('20400', 0, 'safeConfig', '安全策略配置', '1', '2', 'su-icon-celuepeizhi', '/cas-server/safeConfig', '20', '20000', 20400, 2, 25, 26);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('20500', 0, 'passwordConfig', '密码策略配置', '1', '2', 'su-icon-mimacelue', '/cas-server/passwordConfig', '20', '20000', 20500, 2, 27, 28);
 
-insert into TB_MGT_ROLE (ID, DELETED, CODE, NAME, STATUS) 
-values ('40', 0, 'user-authz-admin', '授权管理员', '1');
-insert into TB_MGT_ROLE (ID, DELETED, CODE, NAME, STATUS) 
-values ('41', 0, 'user-authz-use-admin', '用户授权管理员', '1');
-insert into TB_MGT_ROLE (ID, DELETED, CODE, NAME, STATUS) 
-values ('42', 0, 'user-authz-man-admin', '分级授权管理员', '1');
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('20600', 0, 'serverManagement', '应用对接配置', '1', '2', 'el-icon-service', '/cas-server/serverManagement', '20', '20000', 20600, 2, 29, 30);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('20700', 0, 'loginPageConfig', '登录页面配置', '1', '2', 'su-icon-tongxunxinxi', '/cas-server/loginPageConfig', '20', '20000', 20700, 2, 29, 30);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('20800', 0, 'linkLoginConfig', '联合登录配置', '1', '2', 'su-icon-test', '/cas-server/linkLoginConfig', '20', '20000', 20800, 2, 29, 30);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('21000', 0, 'lockManagement', '认证锁定管理', '1', '2', 'su-icon-shouquanjiguanli', '/cas-server/lockManagement', '20', '20000', 21000, 2, 31, 32);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('21100', 0, 'analyze', '认证统计分析', '1', '2', 'su-icon-renzhengtongjifenxi', '/cas-server/analyze', '20', '20000', 21100, 2, 31, 32);
 
 commit;
+```
 
+* 用户管理
+
+```sql
+use admin_center;
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30000', 0, 'user-server', '用户管理', '1', '2', '', '/', '20', '1', 30000, 1, 34, 53);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30100', 0, 'dictionary', '字典管理', '1', '2', 'su-icon-zidian', '/user-server/dictionary', '20', '30000', 30100, 2, 35, 36);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30200', 0, 'identity', '身份管理', '1', '2', 'su-icon-shenfen', '/user-server/identity', '20', '30000', 30200, 2, 37, 38);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30300', 0, 'mechanism', '组织机构管理', '1', '2', 'su-icon-department', '/user-server/mechanism', '20', '30000', 30300, 2, 39, 40);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30400', 0, 'person', '人员管理', '1', '2', 'su-icon-people', '/user-server/person', '20', '30000', 30400, 2, 41, 42);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30500', 0, 'label', '标签管理', '1', '2', 'su-icon-biaoqian', '/user-server/label', '20', '30000', 30500, 2, 43, 44);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30600', 0, 'simpleUserGroupManage', '普通用户组管理', '1', '2', 'su-icon-portrait', '/user-server/simpleUserGroupManage', '20', '30000', 30600, 2, 45, 46);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30700', 0, 'postUserGroupManage', '岗位用户组管理', '1', '2', 'su-icon-personnel', '/user-server/postUserGroupManage', '20', '30000', 30700, 2, 47, 48);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30750', 0, 'userScope', '用户规则', '1', '1', 'el-icon-guide', '/user-server/userScope', '1', '30000', 30750, 2, 51, 52);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('30800', 0, 'assignation', '人员分配', '1', '2', 'su-icon-tihuanbanliren', '/user-server/assignation', '20', '30000', 30800, 2, 49, 50);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('31000', 0, 'activateAccount', '账号激活审核', '1', '2', 'su-icon-yonghushouquan', '/user-server/activateAccount', '20', '30000', 31000, 2, 51, 52);
+
+commit;
+```
+
+* 授权管理
+
+```sql
+use admin_center;
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('40000', 0, 'authorization-server', '授权管理', '1', '2', '', '/', '20', '1', 40000, 1, 54, 77);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('40100', 0, 'applicationRole', '角色授权', '1', '2', 'su-icon-yingyongjuese', '/auth-server/applicationRole', '20', '40000', 40100, 2, 55, 56);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('40200', 0, 'authorizationRoleComponent', '角色组授权', '1', '2', 'su-icon-juesezu', '/auth-server/authorizationRoleComponent', '20', '40000', 40200, 2, 57, 58);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('40300', 0, 'userAuthManagePeople', '用户授权', '1', '2', 'su-icon-yonghushouquan', '/auth-server/userAuthManagePeople', '20', '40000', 40300, 2, 59, 60);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('40400', 0, 'roleAuthManagement', '用户规则授权', '1', '2', 'su-icon-yonghuguize', '/auth-server/roleAuthManagement', '20', '40000', 40400, 2, 61, 62);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('40500', 0, 'userGroupAuth', '用户组授权', '1', '2', 'su-icon-yonghuguize', '/auth-server/userGroupAuth', '20', '40000', 40500, 2, 63, 64);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('40900', 0, 'authorizationAndManagement', '分级授权管理', '1', '2', 'su-icon-shouquanjiguanli', '/auth-server/authorizationAndManagement', '20', '40000', 40900, 2, 65, 66);
+
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('41100', 0, 'accountAuthorizationAudit', '账号授权审计', '1', '2', 'su-icon-zhsqsj', '/auth-server/accountAuthorizationAudit', '20', '40000', 41100, 2, 67, 68);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('41200', 0, 'userAudit', '用户规则权限审计', '1', '2', 'su-icon-yhgzqxsj', '/auth-server/userAudit', '20', '40000', 41200, 2, 69, 70);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('41300', 0, 'rolePermissionAudit', '角色/组授权审计', '1', '2', 'su-icon-jszsqsj', '/auth-server/rolePermissionAudit', '20', '40000', 41300, 2, 71, 72);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('41400', 0, 'authOperationsAudit', '权限操作审计', '1', '2', 'su-icon-qxczsj', '/auth-server/authOperationsAudit', '20', '40000', 41400, 2, 73, 74);
+insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) 
+values ('41500', 0, 'authStatisticalMonitor', '授权统计监控', '1', '2', 'su-icon-sqtjjk', '/auth-server/authStatisticalMonitor', '20', '40000', 41500, 2, 75, 76);
+
+commit;
+```
+
+
+### 关联角色权限
+
+角色由授权服务进行初始化
+
+
+```sql
 
 insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) 
 
@@ -609,23 +732,23 @@
 ```json
 [
   {
-    "id": "20", "code": "cas-admin", "name":"认证管理员", "memo":"", "status":"1", 
+    "roleId": "20", "roleCode":"cas-admin", 
     "permissionIdOrCodes": ["20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "21000", "21100"]
   },
   {
-    "id": "30", "code": "user-admin", "name":"用户管理员", "memo":"", "status":"1", 
-    "permissionIdOrCodes": ["30000", "30100", "30200", "30300", "30400", "30500", "30600", "30700", "30750", "30800", "31000"]
+    "roleId": "30", "roleCode": "user-admin", 
+    "permissionIdOrCodes": ["30000", "30100", "30200", "30300", "30400", "30500", "30600", "30700", "30800", "31000"]
   },
   {
-    "id": "40", "code": "user-authz-admin", "name":"授权管理员", "memo":"", "status":"1", 
+    "roleId": "40", "roleCode": "user-authz-admin", 
     "permissionIdOrCodes": ["40000", "40100", "40200", "40300", "40400", "40500", "40900", "41100", "41200", "41300", "41400", "41500"]
   },
   {
-    "id": "41", "code": "user-authz-grant-admin", "name":"用户授权管理员", "memo":"", "status":"1", 
+    "roleId": "41", "roleCode": "user-authz-grant-admin", 
     "permissionIdOrCodes": ["40000", "40100", "40300", "40400", "40500"]
   },
   {
-    "id": "42", "code": "user-authz-man-grant-admin", "name":"分级授权管理员", "memo":"", "status":"1", 
+    "roleId": "42", "roleCode": "user-authz-man-grant-admin", 
     "permissionIdOrCodes": ["40000", "40900"]
   }
 ]
@@ -633,31 +756,30 @@
 
 
 ```bash
-curl -i -s -X POST "http://admin-center-sa-svc.admin-center.svc.cluster.local:8080/v1/admin/roles/importRole" -H 'Content-Type: application/json' \
+curl -i -s -X POST "http://admin-backend-sa-svc.admin-backend.svc.cluster.local:8080/v1/admin/rolePermissions/importRolePermission" -H 'Content-Type: application/json' \
 -d \
 '
 {
-  "applicationId": "10",
-  "roleList": 
+  "rolePermissionList": 
     [
       {
-        "id": "20", "code": "cas-admin", "name":"认证管理员", "memo":"", "status":"1", 
+        "roleId": "20", "roleCode":"cas-admin", 
         "permissionIdOrCodes": ["20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "21000", "21100"]
       },
       {
-        "id": "30", "code": "user-admin", "name":"用户管理员", "memo":"", "status":"1", 
+        "roleId": "30", "roleCode": "user-admin", 
         "permissionIdOrCodes": ["30000", "30100", "30200", "30300", "30400", "30500", "30600", "30700", "30800", "31000"]
       },
       {
-        "id": "40", "code": "user-authz-admin", "name":"授权管理员", "memo":"", "status":"1", 
+        "roleId": "40", "roleCode": "user-authz-admin", 
         "permissionIdOrCodes": ["40000", "40100", "40200", "40300", "40400", "40500", "40900", "41100", "41200", "41300", "41400", "41500"]
       },
       {
-        "id": "41", "code": "user-authz-grant-admin", "name":"用户授权管理员", "memo":"", "status":"1", 
+        "roleId": "41", "roleCode": "user-authz-grant-admin", 
         "permissionIdOrCodes": ["40000", "40100", "40300", "40400", "40500"]
       },
       {
-        "id": "42", "code": "user-authz-man-grant-admin", "name":"分级授权管理员", "memo":"", "status":"1", 
+        "roleId": "42", "roleCode": "user-authz-man-grant-admin", 
         "permissionIdOrCodes": ["40000", "40900"]
       }
     ]

diff --git a/deploy-manifests/k8s-rancher/authx-platform.png b/deploy-manifests/k8s-rancher/authx-platform.png
new file mode 100644
index 0000000..169a3f3
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/authx-platform.png
Binary files differ
commit	193c858ffe1a002609c5540f31ed20e6d2cae671	[log] [tgz]
author	刘洪青 <hongqing.liu@supwisdom.com>	周一 4月 19 23:28:42 2021 +0800
committer	刘洪青 <hongqing.liu@supwisdom.com>	周四 6月 17 13:08:58 2021 +0800
tree	ab7684b6dbc7e9b0b45130045f30e1fb3c1c8d15
parent	0bfa89997e02da3985b17f38322a3fb24166dea6 [diff]