diff --git a/blog-admin/src/main/java/com/zyd/blog/controller/RestArticleController.java b/blog-admin/src/main/java/com/zyd/blog/controller/RestArticleController.java
index 9cdc1a5d4cf9a2a0f715fead4a5c728b7532e5b5..78d0ccba951616d7404cc398fbe0faca00bdc093 100644
--- a/blog-admin/src/main/java/com/zyd/blog/controller/RestArticleController.java
+++ b/blog-admin/src/main/java/com/zyd/blog/controller/RestArticleController.java
@@ -3,12 +3,17 @@ package com.zyd.blog.controller;
 import com.alibaba.fastjson.JSONObject;
 import com.github.pagehelper.PageInfo;
 import com.zyd.blog.business.annotation.BussinessLog;
+import com.zyd.blog.business.consts.SessionConst;
 import com.zyd.blog.business.entity.Article;
+import com.zyd.blog.business.entity.Resources;
+import com.zyd.blog.business.entity.User;
 import com.zyd.blog.business.enums.BaiduPushTypeEnum;
 import com.zyd.blog.business.enums.ConfigKeyEnum;
 import com.zyd.blog.business.enums.ResponseStatus;
+import com.zyd.blog.business.enums.UserTypeEnum;
 import com.zyd.blog.business.service.BizArticleService;
 import com.zyd.blog.business.service.SysConfigService;
+import com.zyd.blog.business.service.SysResourcesService;
 import com.zyd.blog.business.util.BaiduPushUtil;
 import com.zyd.blog.business.vo.ArticleConditionVO;
 import com.zyd.blog.framework.object.PageResult;
@@ -25,8 +30,12 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
 
+import javax.servlet.http.HttpSession;
+import java.util.List;
 import java.util.Map;
 
+import static com.zyd.blog.business.consts.PermissionConst.ARTICLE_LIST_PERMISSION;
+
 /**
  * 文章管理
  *
@@ -44,10 +53,19 @@ public class RestArticleController {
     private BizArticleService articleService;
     @Autowired
     private SysConfigService configService;
+    @Autowired
+    private SysResourcesService resourcesService;
 
     @RequiresPermissions("articles")
     @PostMapping("/list")
-    public PageResult list(ArticleConditionVO vo) {
+    public PageResult list(ArticleConditionVO vo, HttpSession session) {
+        User user = (User) session.getAttribute(SessionConst.USER_SESSION_KEY);        
+        List<Resources> resourcesList = resourcesService.listByUserId(user.getId());
+        boolean matchPermission = resourcesList.stream().anyMatch(resources -> ARTICLE_LIST_PERMISSION.equals(resources.getPermission()));
+        if (!matchPermission)
+        {
+            vo.setUserId(user.getId());
+        }
         PageInfo<Article> pageInfo = articleService.findPageBreakByCondition(vo);
         return ResultUtil.tablePage(pageInfo);
     }
diff --git a/blog-admin/src/main/java/com/zyd/blog/controller/RestFileController.java b/blog-admin/src/main/java/com/zyd/blog/controller/RestFileController.java
index 2fa9ff37116bfddecea9060b51962b415d1e5a4d..28b1535cab07f7a8fc2f10d6deeebc98fda3f7b9 100644
--- a/blog-admin/src/main/java/com/zyd/blog/controller/RestFileController.java
+++ b/blog-admin/src/main/java/com/zyd/blog/controller/RestFileController.java
@@ -35,7 +35,7 @@ public class RestFileController {
         return fileService.findPageBreakByCondition(vo);
     }
 
-    @RequiresPermissions("files")
+    @RequiresPermissions("file:delete")
     @PostMapping(value = "/remove")
     @BussinessLog("删除文件，ids:{1}")
     public ResponseVO remove(Long[] ids) {
@@ -47,7 +47,7 @@ public class RestFileController {
         return ResultUtil.success("成功删除 [" + ids.length + "] 张图片");
     }
 
-    @RequiresPermissions("files")
+    @RequiresPermissions("files:add")
     @PostMapping(value = "/add")
     @BussinessLog("添加文件")
     public ResponseVO add(MultipartFile[] file) {
@@ -57,4 +57,4 @@ public class RestFileController {
         int res = fileService.upload(file);
         return ResultUtil.success("成功上传" + res + "张图片");
     }
-}
+}
\ No newline at end of file
diff --git a/blog-admin/src/main/java/com/zyd/blog/controller/RestTagController.java b/blog-admin/src/main/java/com/zyd/blog/controller/RestTagController.java
index 7a25bf3e855720c08db801b46edc01393069ad96..1ab0edd326af5389f806551852921d4a8276b9d1 100644
--- a/blog-admin/src/main/java/com/zyd/blog/controller/RestTagController.java
+++ b/blog-admin/src/main/java/com/zyd/blog/controller/RestTagController.java
@@ -12,6 +12,7 @@ import com.zyd.blog.util.ResultUtil;
 import org.apache.shiro.authz.annotation.Logical;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -43,8 +44,12 @@ public class RestTagController {
     @PostMapping(value = "/add")
     @BussinessLog("添加标签")
     public ResponseVO add(Tags tags) {
-        tags = tagsService.insert(tags);
-        return ResultUtil.success("标签添加成功！新标签 - " + tags.getName(), tags);
+        if (!StringUtils.isEmpty(tags))
+        {
+            tags = tagsService.insert(tags);
+            return ResultUtil.success("标签添加成功！新标签 - " + tags.getName(), tags);
+        }
+        return ResultUtil.error(500, "标签不能为空！");
     }
 
     @RequiresPermissions(value = {"tag:batchDelete", "tag:delete"}, logical = Logical.OR)
@@ -72,12 +77,16 @@ public class RestTagController {
     @BussinessLog("编辑标签")
     public ResponseVO edit(Tags tags) {
         try {
-            tagsService.updateSelective(tags);
+            if (!StringUtils.isEmpty(tags))
+            {
+                tagsService.updateSelective(tags);
+                return ResultUtil.success(ResponseStatus.SUCCESS);
+            }
         } catch (Exception e) {
             e.printStackTrace();
             return ResultUtil.error("标签修改失败！");
         }
-        return ResultUtil.success(ResponseStatus.SUCCESS);
+        return ResultUtil.error("标签修改失败！");
     }
 
     @PostMapping("/listAll")
diff --git a/blog-admin/src/main/java/com/zyd/blog/controller/RestUserController.java b/blog-admin/src/main/java/com/zyd/blog/controller/RestUserController.java
index 75587fb9bf544481dbcc10531533d751d4e2b1a9..578d2d96498ae70e7b7da7a831771e4525610808 100644
--- a/blog-admin/src/main/java/com/zyd/blog/controller/RestUserController.java
+++ b/blog-admin/src/main/java/com/zyd/blog/controller/RestUserController.java
@@ -3,12 +3,16 @@ package com.zyd.blog.controller;
 import com.github.pagehelper.PageInfo;
 import com.zyd.blog.business.annotation.BussinessLog;
 import com.zyd.blog.business.entity.User;
+import com.zyd.blog.business.enums.FileUploadType;
 import com.zyd.blog.business.enums.ResponseStatus;
 import com.zyd.blog.business.service.SysUserRoleService;
 import com.zyd.blog.business.service.SysUserService;
 import com.zyd.blog.business.vo.UserConditionVO;
+import com.zyd.blog.file.FileUploader;
+import com.zyd.blog.file.entity.VirtualFile;
 import com.zyd.blog.framework.object.PageResult;
 import com.zyd.blog.framework.object.ResponseVO;
+import com.zyd.blog.plugin.file.GlobalFileUploader;
 import com.zyd.blog.util.PasswordUtil;
 import com.zyd.blog.util.ResultUtil;
 import org.apache.shiro.authz.annotation.Logical;
@@ -19,6 +23,7 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.multipart.MultipartFile;
 
 /**
  * 用户管理
@@ -48,16 +53,16 @@ public class RestUserController {
      * 保存用户角色
      *
      * @param userId
-     * @param roleIds
-     *         用户角色
-     *         此处获取的参数的角色id是以 “,” 分隔的字符串
+     * @param roleIds 用户角色
+     *                此处获取的参数的角色id是以 “,” 分隔的字符串
      * @return
      */
     @RequiresPermissions("user:allotRole")
     @PostMapping("/saveUserRoles")
     @BussinessLog("分配用户角色")
     public ResponseVO saveUserRoles(Long userId, String roleIds) {
-        if (StringUtils.isEmpty(userId)) {
+        if (StringUtils.isEmpty(userId))
+        {
             return ResultUtil.error("error");
         }
         userRoleService.addUserRole(userId, roleIds);
@@ -69,33 +74,112 @@ public class RestUserController {
     @BussinessLog("添加用户")
     public ResponseVO add(User user) {
         User u = userService.getByUserName(user.getUsername());
-        if (u != null) {
-            return ResultUtil.error("该用户名["+user.getUsername()+"]已存在！请更改用户名");
+        if (u != null)
+        {
+            return ResultUtil.error("该用户名[" + user.getUsername() + "]已存在！请更改用户名");
         }
-        try {
-            user.setPassword(PasswordUtil.encrypt(user.getPassword(), user.getUsername()));
+        try
+        {
+            String password = user.getPassword();
+            if (StringUtils.isEmpty(password))
+            {
+                return ResultUtil.error("error");
+            }
+            user.setPassword(PasswordUtil.encrypt(password, user.getUsername()));
             userService.insert(user);
             return ResultUtil.success("成功");
-        } catch (Exception e) {
+        }
+        catch (Exception e)
+        {
             e.printStackTrace();
             return ResultUtil.error("error");
         }
     }
 
+    @RequiresPermissions("user:edit")
+    @PostMapping("/edit")
+    @BussinessLog("编辑用户")
+    public ResponseVO edit(User user) {
+        try
+        {
+            encryptPassword(user);
+            userService.updateSelective(user);
+        }
+        catch (Exception e)
+        {
+            e.printStackTrace();
+            return ResultUtil.error("用户修改失败！");
+        }
+        return ResultUtil.success(ResponseStatus.SUCCESS);
+    }
+
+    @RequiresPermissions("user:edit")
+    @PostMapping("/addorupdate")
+    @BussinessLog("编辑用户")
+    public ResponseVO addOrUpdate(User user, MultipartFile file) {
+        VirtualFile virtualFile = this.saveFile(file);
+        try
+        {
+            if (virtualFile != null)
+            {
+                user.setAvatar(virtualFile.getFullFilePath());
+            }
+            encryptPassword(user);
+            if (user.getId() != null)
+            {
+                userService.updateSelective(user);
+            }
+            else
+            {
+                userService.insert(user);
+            }
+        }
+        catch (Exception e)
+        {
+            e.printStackTrace();
+            return ResultUtil.error("用户修改失败！");
+        }
+        return ResultUtil.success(ResponseStatus.SUCCESS);
+    }
+
+    private void encryptPassword(User user) throws Exception {
+        String password = user.getPassword();
+        if (StringUtils.isEmpty(password))
+        {
+            user.setPassword(null);
+        }
+        else
+        {
+            user.setPassword(PasswordUtil.encrypt(password, user.getUsername()));
+        }
+    }
+
+    public VirtualFile saveFile(MultipartFile file) {
+        if (file != null)
+        {
+            FileUploader uploader = new GlobalFileUploader();
+            return uploader.upload(file, FileUploadType.QRCODE.getPath(), true);
+        }
+        return null;
+    }
+
     @RequiresPermissions(value = {"user:batchDelete", "user:delete"}, logical = Logical.OR)
     @PostMapping(value = "/remove")
     @BussinessLog("删除用户")
     public ResponseVO remove(Long[] ids) {
-        if (null == ids) {
+        if (null == ids)
+        {
             return ResultUtil.error(500, "请至少选择一条记录");
         }
-        for (Long id : ids) {
+        for (Long id : ids)
+        {
             userService.removeByPrimaryKey(id);
             userRoleService.removeByUserId(id);
         }
         return ResultUtil.success("成功删除 [" + ids.length + "] 个用户");
     }
 
+
     @RequiresPermissions("user:get")
     @PostMapping("/get/{id}")
     @BussinessLog("获取用户详情")
@@ -103,17 +187,5 @@ public class RestUserController {
         return ResultUtil.success(null, this.userService.getByPrimaryKey(id));
     }
 
-    @RequiresPermissions("user:edit")
-    @PostMapping("/edit")
-    @BussinessLog("编辑用户")
-    public ResponseVO edit(User user) {
-        try {
-            userService.updateSelective(user);
-        } catch (Exception e) {
-            e.printStackTrace();
-            return ResultUtil.error("用户修改失败！");
-        }
-        return ResultUtil.success(ResponseStatus.SUCCESS);
-    }
 
 }
diff --git a/blog-admin/src/main/resources/templates/article/list.ftl b/blog-admin/src/main/resources/templates/article/list.ftl
index e843a317f2c632699e333fa61bd4c177137b7d24..9d2e6334846850f6167767eb47046244478cce75 100644
--- a/blog-admin/src/main/resources/templates/article/list.ftl
+++ b/blog-admin/src/main/resources/templates/article/list.ftl
@@ -15,7 +15,7 @@
                     <div class="<#--table-responsive-->">
                         <div class="btn-group hidden-xs" id="toolbar">
                             <@shiro.hasPermission name="article:publish">
-                                <a class="btn btn-success" title="发表文章" href="${(config.articleEditor! == 'md')?string('/article/publishMd', '/article/publish')}"> <i class="fa fa-pencil fa-fw"></i>  </a>
+                                <a class="btn btn-success" title="发表文章" href="${(config.articleEditor! = 'md')?string ('/article/publishMd', '/article/publishMd')}"> <i class="fa fa-pencil fa-fw"></i> </a>
                             </@shiro.hasPermission>
                             <@shiro.hasPermission name="article:batchDelete">
                                 <button id="btn_delete_ids" type="button" class="btn btn-danger" title="删除选中">
@@ -33,6 +33,12 @@
                                     <i class="fa fa-send-o fa-fw"></i>
                                 </button>
                             </@shiro.hasPermission>
+                            <@shiro.hasPermission name="article:publish">
+                                <div class="btn-group" style="padding: 0px 10px">
+                                    <button  id="btnMDEditor" class="btn btn-default btn-editor" type="button" value="/article/publishMd">${(config.articleEditor! = 'md')?string ('<i class="fa fa-check-square fa-fw"></i> MD编辑器', ' MD编辑器')}</button>
+                                    <button  id="btnWangEditor" class="btn btn-default btn-editor" type="button" value="/article/publish">${(config.articleEditor! != 'md')?string('<i class="fa fa-check-square fa-fw"></i> Wang编辑器', ' Wang编辑器')}</button>
+                                </div>
+                            </@shiro.hasPermission>
                         </div>
                         <table id="tablelist">
                         </table>
@@ -43,234 +49,299 @@
     </div>
 </div>
 <@footer>
-<script>
-    /**
-     * 操作按钮
-     * @param code
-     * @param row
-     * @param index
-     * @returns {string}
-     */
-    function operateFormatter(code, row, index) {
-        var trId = row.id;
-        // var recommended = row.recommended ? '<i class="fa fa-thumbs-o-down"></i>取消推荐' : '<i class="fa fa-thumbs-o-up"></i>推荐';
-        // var top = row.top ? '<i class="fa fa-arrow-circle-down"></i>取消置顶' : '<i class="fa fa-arrow-circle-up"></i>置顶';
-        var operateBtn = [
-            '<@shiro.hasPermission name="article:push"><a class="btn btn-sm btn-info btn-push" title="推送" data-id="' + trId + '"><i class="fa fa-send-o"></i></a></@shiro.hasPermission>',
-            '<@shiro.hasPermission name="article:edit"><a class="btn btn-sm btn-success" href="/article/update/' + trId + '"><i class="fa fa-edit fa-fw"></i></a></@shiro.hasPermission>',
-            '<@shiro.hasPermission name="article:delete"><a class="btn btn-sm btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o fa-fw"></i></a></@shiro.hasPermission>',
-            <#--'<@shiro.hasPermission name="article:top"><a class="btn btn-sm btn-success btn-top" data-id="' + trId + '">' + top + '</a></@shiro.hasPermission>',-->
-            <#--'<@shiro.hasPermission name="article:recommend"><a class="btn btn-sm btn-success btn-recommend" data-id="' + trId + '">' + recommended + '</a></@shiro.hasPermission>'-->
-        ];
-        return operateBtn.join('');
-    }
+    <script>
+        /**
+         * 操作按钮
+         * @param code
+         * @param row
+         * @param index
+         * @returns {string}
+         */
+        function operateFormatter(code, row, index) {
+            var trId = row.id;
+            // var recommended = row.recommended ? '<i class="fa fa-thumbs-o-down"></i>取消推荐' : '<i class="fa fa-thumbs-o-up"></i>推荐';
+            // var top = row.top ? '<i class="fa fa-arrow-circle-down"></i>取消置顶' : '<i class="fa fa-arrow-circle-up"></i>置顶';
+            var operateBtn = [
+                '<@shiro.hasPermission name="article:push"><a class="btn btn-sm btn-info btn-push" title="推送" data-id="' + trId + '"><i class="fa fa-send-o"></i></a></@shiro.hasPermission>',
+                '<@shiro.hasPermission name="article:edit"><a class="btn btn-sm btn-success" href="/article/update/' + trId + '"><i class="fa fa-edit fa-fw"></i></a></@shiro.hasPermission>',
+                '<@shiro.hasPermission name="article:delete"><a class="btn btn-sm btn-danger btn-remove" data-id="' + trId + '"><i class="fa fa-trash-o fa-fw"></i></a></@shiro.hasPermission>',
+                <#--'<@shiro.hasPermission name="article:top"><a class="btn btn-sm btn-success btn-top" data-id="' + trId + '">' + top + '</a></@shiro.hasPermission>',-->
+                <#--'<@shiro.hasPermission name="article:recommend"><a class="btn btn-sm btn-success btn-recommend" data-id="' + trId + '">' + recommended + '</a></@shiro.hasPermission>'-->
+            ];
+            return operateBtn.join('');
+        }
 
-    $(function () {
-        var options = {
-            modalName: "文章",
-            url: "/article/list",
-            getInfoUrl: "/article/get/{id}",
-            removeUrl: "/article/remove",
-            columns: [
-                {
-                    checkbox: true
-                }, {
-                    field: 'title',
-                    title: '标题',
-                    width: '270px',
-                    formatter: function (code, row, index) {
-                        var title = code;
-                        if(!title) {
-                            return '-';
-                        }
-                        title = title.length > 30 ? (title.substr(0, 30) + '...') : title;
-                        var id = row.id;
-                        var status = row.status ? '<span class="label label-success" style="margin-right: 5px;">已发布</span>' : '<span class="label label-danger" style="margin-right: 5px;">草稿</span>';
-                        return status + '<a href="' + appConfig.wwwPath + '/article/' + id + '" target="_blank" title="' + code + '">' + title + '</a>';
-                    }
-                }, {
-                    field: 'coverImage',
-                    title: '封面图',
-                    width: '50px',
-                    align: 'center',
-                    editable: false,
-                    formatter: function (code, row, index) {
-                        return code ? '<a href="' + code + '" class="showImage" title="' + row.title + '" rel="external nofollow"><img src="' + code + '" alt="' + row.title + '" class="img-rounded" style="width: 30px;height: auto;"></a>' : '-';
-                    }
-                }, {
-                    field: 'comment',
-                    title: '评论',
-                    width: '50px',
-                    align: 'center',
-                    formatter: function (code, row, index) {
-                        var checked = code ? 'checked' : '';
-                        return '<input type="checkbox" name="comment" class="js-switch btn-comment"  data-id="' + row.id + '" data-type="comment" ' + checked + '>';
-                    }
-                }, {
-                    field: 'recommended',
-                    title: '推荐 <i class="fa fa-question-circle-o" title="推荐的文章会在首页滚动显示"></i>',
-                    width: '50px',
-                    align: 'center',
-                    formatter: function (code, row, index) {
-                        var checked = code ? 'checked' : '';
-                        return '<input type="checkbox" name="recommended" class="js-switch btn-recommended" data-id="' + row.id + '" data-type="recommend" ' + checked + '>';
-                    }
-                }, {
-                    field: 'top',
-                    title: '置顶',
-                    width: '50px',
-                    align: 'center',
-                    formatter: function (code, row, index) {
-                        var checked = code ? 'checked' : '';
-                        return '<input type="checkbox" name="top" class="js-switch btn-top" data-id="' + row.id + '" data-type="top" ' + checked + '>';
-                    }
-                }, {
-                    field: 'lookCount',
-                    title: '浏览',
-                    width: '50px',
-                    align: 'center',
-                    formatter: function (code) {
-                        return code ? code : '-';
-                    }
-                }, {
-                    field: 'commentCount',
-                    title: '评论',
-                    width: '50px',
-                    align: 'center',
-                    formatter: function (code) {
-                        return code ? code : '-';
-                    }
-                }, {
-                    field: 'loveCount',
-                    title: '喜欢',
-                    width: '50px',
-                    align: 'center',
-                    formatter: function (code) {
-                        return code ? code : '-';
-                    }
-                }, {
-                    field: 'createTime',
-                    title: '发布时间',
-                    width: '130px',
-                    align: 'center',
-                    formatter: function (code) {
-                        return new Date(code).format("yyyy-MM-dd hh:mm:ss")
-                    }
-                }, {
-                    field: 'operate',
-                    title: '操作',
-                    align: "center",
-                    width: '100px',
-                    formatter: operateFormatter //自定义方法，添加操作按钮
+        function setEditor() {
+            let a = $("#toolbar a[title='发表文章']");
+            if (a.length) {
+                let i = $("#btnWangEditor > i");
+                let btnWangEditor = $("#btnWangEditor");
+                let btnMDEditor = $("#btnMDEditor");
+                if (i.length) {
+                    a.attr("href", btnWangEditor.val());
+                    changEditorBtnClass(btnWangEditor, "btn-default", "btn-warning");
+                    changEditorBtnClass(btnMDEditor, "btn-warning", "btn-default");
+                } else {
+                    a.attr("href", btnMDEditor.val());
+                    changEditorBtnClass(btnMDEditor, "btn-default", "btn-warning");
+                    changEditorBtnClass(btnWangEditor, "btn-warning", "btn-default");
                 }
-            ]
-        };
-        // 初始化table组件
-        var table = new Table(options);
-        table.init();
+            }
+        }
 
-        table.bindClickEvent('.switchery', function () {
-            var $input = $(this).prev();
+        function changEditorBtnClass(btn, removeClass, addClass) {
+            btn.removeClass(removeClass);
+            btn.addClass(addClass);
+        }
 
-            var id = $input.data("id");
-            var type = $input.data("type");
 
-            $.ajax({
-                type: "post",
-                url: "/article/update/" + type,
-                traditional: true,
-                data: {'id': id},
-                success: function (json) {
-                    if (json.status !== 200) {
-                        $.alert.error(json.message);
-                    }
-                },
-                error: $.alert.ajaxError
-            });
-        });
+        $(function () {
 
-        /**
-         * 推送到百度
-         */
-        table.bindClickEvent('.btn-push', function () {
-            var $this = $(this);
-            var userId = $this.attr("data-id");
-            push(userId);
-        });
+            setEditor();
 
-        /**
-         * 批量推送到百度
-         */
-        $("#btn_push_ids").click(function () {
-            var selectedId = table.getSelectedIds();
-            if (!selectedId || selectedId == '[]' || selectedId.length == 0) {
-                $.alert.error("请至少选择一条记录");
-                return;
+            let btnEditor = $(".btn-editor");
+            if (btnEditor.length) {
+                btnEditor.click(function () {
+                    let $item = $(this);
+                    let value = $item.val();
+                    let aTag = $("#toolbar a[title='发表文章']");
+                    let editor = "/article/publishMd";
+                    if (undefined != aTag) {
+                        let btnWangEditor = $("#btnWangEditor");
+                        let btnMDEditor = $("#btnMDEditor");
+                        if (undefined !== value && "/article/publishMd" == value) {
+                            $item.html("<i class=\"fa fa-check-square fa-fw\"></i> MD编辑器");
+                            btnWangEditor.html(" Wang编辑器");
+                            changEditorBtnClass(btnMDEditor, "btn-default", "btn-warning");
+                            changEditorBtnClass(btnWangEditor, "btn-warning", "btn-default");
+                            editor = "/article/publishMd";
+                        } else {
+                            $item.html("<i class=\"fa fa-check-square fa-fw\"></i> Wang编辑器");
+                            btnMDEditor.html(" MD编辑器");
+                            changEditorBtnClass(btnWangEditor, "btn-default", "btn-warning");
+                            changEditorBtnClass(btnMDEditor, "btn-warning", "btn-default");
+                            editor = "/article/publish";
+                        }
+                        aTag.attr("href", editor);
+                    }
+                });
             }
-            push(selectedId);
-        });
 
-        /**
-         * 批量修改状态
-         */
-        $("#btn_update_status").click(function () {
-            var selectedId = table.getSelectedIds();
-            if (!selectedId || selectedId == '[]' || selectedId.length == 0) {
-                $.alert.error("请至少选择一条记录");
-                return;
-            }
-            $.alert.confirm("确定批量发布？发布完成后用户可见", function () {
-                $.ajax({
-                    type: "post",
-                    url: "/article/batchPublish",
-                    traditional: true,
-                    data: {'ids': selectedId},
-                    success: function (json) {
-                        $.alert.ajaxSuccess(json);
-                        table.refresh();
+            var options = {
+                modalName: "文章",
+                url: "/article/list",
+                getInfoUrl: "/article/get/{id}",
+                removeUrl: "/article/remove",
+                columns: [
+                    {
+                        checkbox: true
+                    }, {
+                        field: 'title',
+                        title: '标题',
+                        width: '270px',
+                        formatter: function (code, row, index) {
+                            var title = code;
+                            if (!title) {
+                                return '-';
+                            }
+                            title = title.length > 30 ? (title.substr(0, 30) + '...') : title;
+                            var id = row.id;
+                            var status = row.status ? '<span class="label label-success" style="margin-right: 5px;">已发布</span>' : '<span class="label label-danger" style="margin-right: 5px;">草稿</span>';
+                            return status + '<a href="' + appConfig.wwwPath + '/article/' + id + '" target="_blank" title="' + code + '">' + title + '</a>';
+                        }
+                    }, {
+                        field: 'coverImage',
+                        title: '封面图',
+                        width: '50px',
+                        align: 'center',
+                        editable: false,
+                        formatter: function (code, row, index) {
+                            return code ? '<a href="' + code + '" class="showImage" title="' + row.title + '" rel="external nofollow"><img src="' + code + '" alt="' + row.title + '" class="img-rounded" style="width: 30px;height: auto;"></a>' : '-';
+                        }
                     },
-                    error: $.alert.ajaxError
-                });
-            }, function () {
+                    <@shiro.hasPermission name="article:push">
+                        {
+                            field: 'comment',
+                            title: '评论',
+                            width: '50px',
+                            align: 'center',
+                            formatter: function (code, row, index) {
+                                var checked = code ? 'checked' : '';
+                                return '<input type="checkbox" name="comment" class="js-switch btn-comment"  data-id="' + row.id + '" data-type="comment" ' + checked + '>';
+                            }
+                        },
+                    </@shiro.hasPermission>
+                    <@shiro.hasPermission name="article:recommend">
+                        {
+                            field: 'recommended',
+                            title: '推荐 <i class="fa fa-question-circle-o" title="推荐的文章会在首页滚动显示"></i>',
+                            width: '50px',
+                            align: 'center',
+                            formatter: function (code, row, index) {
+                                var checked = code ? 'checked' : '';
+                                return '<input type="checkbox" name="recommended" class="js-switch btn-recommended" data-id="' + row.id + '" data-type="recommend" ' + checked + '>';
+                            }
+                        },
+                    </@shiro.hasPermission>
+                    <@shiro.hasPermission name="article:top">
+                        {
+                            field: 'top',
+                            title: '置顶',
+                            width: '50px',
+                            align: 'center',
+                            formatter: function (code, row, index) {
+                                var checked = code ? 'checked' : '';
+                                return '<input type="checkbox" name="top" class="js-switch btn-top" data-id="' + row.id + '" data-type="top" ' + checked + '>';
+                            }
+                        },
+                    </@shiro.hasPermission>
+                    {
+                        field: 'lookCount',
+                        title: '浏览',
+                        width: '50px',
+                        align: 'center',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'commentCount',
+                        title: '评论',
+                        width: '50px',
+                        align: 'center',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'loveCount',
+                        title: '喜欢',
+                        width: '50px',
+                        align: 'center',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'createTime',
+                        title: '发布时间',
+                        width: '130px',
+                        align: 'center',
+                        formatter: function (code) {
+                            return new Date(code).format("yyyy-MM-dd hh:mm:ss")
+                        }
+                    }, {
+                        field: 'operate',
+                        title: '操作',
+                        align: "center",
+                        width: '100px',
+                        formatter: operateFormatter //自定义方法，添加操作按钮
+                    }
+                ]
+            };
+            // 初始化table组件
+            var table = new Table(options);
+            table.init();
 
-            }, 5000);
-        });
+            table.bindClickEvent('.switchery', function () {
+                var $input = $(this).prev();
+
+                var id = $input.data("id");
+                var type = $input.data("type");
 
-        function push(ids) {
-            $.alert.confirm("确定推送到百度站长平台？", function () {
                 $.ajax({
                     type: "post",
-                    url: "/article/pushToBaidu/urls",
+                    url: "/article/update/" + type,
                     traditional: true,
-                    data: {'ids': ids},
+                    data: {'id': id},
                     success: function (json) {
-                        $.alert.ajaxSuccess(json);
-                        if (json.status == 200) {
-                            var dataJson = JSON.parse(json.data);
-                            /**
-                             * success            int        成功推送的url条数
-                             * remain            int        当天剩余的可推送url条数
-                             * not_same_site    array    由于不是本站url而未处理的url列表
-                             * not_valid        array    不合法的url列表
-                             */
-                            var successNum = dataJson.success;
-                            var remain = dataJson.remain;
-                            var notSameSite = dataJson.not_same_site;
-                            var notValid = dataJson.not_valid;
-                            var message = '成功推送' + successNum + '条url\n';
-                            if (notValid) {
-                                message += '不合法的url：' + notValid + '\n';
-                            }
-                            message += '今日剩余' + remain + '条可推送的url。';
-                            $.alert.info(message, null, 5000);
+                        if (json.status !== 200) {
+                            $.alert.error(json.message);
                         }
                     },
                     error: $.alert.ajaxError
                 });
-            }, function () {
+            });
 
-            }, 5000);
-        }
-    });
-</script>
+            /**
+             * 推送到百度
+             */
+            table.bindClickEvent('.btn-push', function () {
+                var $this = $(this);
+                var userId = $this.attr("data-id");
+                push(userId);
+            });
+
+            /**
+             * 批量推送到百度
+             */
+            $("#btn_push_ids").click(function () {
+                var selectedId = table.getSelectedIds();
+                if (!selectedId || selectedId == '[]' || selectedId.length == 0) {
+                    $.alert.error("请至少选择一条记录");
+                    return;
+                }
+                push(selectedId);
+            });
+
+            /**
+             * 批量修改状态
+             */
+            $("#btn_update_status").click(function () {
+                var selectedId = table.getSelectedIds();
+                if (!selectedId || selectedId == '[]' || selectedId.length == 0) {
+                    $.alert.error("请至少选择一条记录");
+                    return;
+                }
+                $.alert.confirm("确定批量发布？发布完成后用户可见", function () {
+                    $.ajax({
+                        type: "post",
+                        url: "/article/batchPublish",
+                        traditional: true,
+                        data: {'ids': selectedId},
+                        success: function (json) {
+                            $.alert.ajaxSuccess(json);
+                            table.refresh();
+                        },
+                        error: $.alert.ajaxError
+                    });
+                }, function () {
+
+                }, 5000);
+            });
+
+            function push(ids) {
+                $.alert.confirm("确定推送到百度站长平台？", function () {
+                    $.ajax({
+                        type: "post",
+                        url: "/article/pushToBaidu/urls",
+                        traditional: true,
+                        data: {'ids': ids},
+                        success: function (json) {
+                            $.alert.ajaxSuccess(json);
+                            if (json.status == 200) {
+                                var dataJson = JSON.parse(json.data);
+                                /**
+                                 * success            int        成功推送的url条数
+                                 * remain            int        当天剩余的可推送url条数
+                                 * not_same_site    array    由于不是本站url而未处理的url列表
+                                 * not_valid        array    不合法的url列表
+                                 */
+                                var successNum = dataJson.success;
+                                var remain = dataJson.remain;
+                                var notSameSite = dataJson.not_same_site;
+                                var notValid = dataJson.not_valid;
+                                var message = '成功推送' + successNum + '条url\n';
+                                if (notValid) {
+                                    message += '不合法的url：' + notValid + '\n';
+                                }
+                                message += '今日剩余' + remain + '条可推送的url。';
+                                $.alert.info(message, null, 5000);
+                            }
+                        },
+                        error: $.alert.ajaxError
+                    });
+                }, function () {
+
+                }, 5000);
+            }
+        });
+    </script>
 </@footer>
\ No newline at end of file
diff --git a/blog-admin/src/main/resources/templates/file/list.ftl b/blog-admin/src/main/resources/templates/file/list.ftl
index 50c09516d6fbdb138d2d82fbc624f4b1d84ea2a6..afe3fda5e7182c9d26b448e9f88913cf431f3991 100644
--- a/blog-admin/src/main/resources/templates/file/list.ftl
+++ b/blog-admin/src/main/resources/templates/file/list.ftl
@@ -12,12 +12,12 @@
         <div class="x_panel">
             <div class="x_content">
                 <div class="btn-group hidden-xs" id="toolbar" style="padding: 10px 0;">
-                    <@shiro.hasPermission name="files">
+                    <@shiro.hasPermission name="file:add">
                         <button id="btn_add" type="button" class="btn btn-info" title="新增图片">
                             <i class="fa fa-plus fa-fw"></i>
                         </button>
                     </@shiro.hasPermission>
-                    <@shiro.hasPermission name="files">
+                    <@shiro.hasPermission name="file:delete">
                         <button id="btn_delete_ids" type="button" class="btn btn-danger" title="删除选中">
                             <i class="fa fa-trash-o fa-fw"></i>
                         </button>
@@ -72,7 +72,9 @@
                             '                                <div class="tools tools-bottom">\n' +
                             '                                    <a href="{{fullFilePath}}" class="file-icon showImage" title="{{filePath}}"><i class="fa fa-eye"></i></a>\n' +
                             '                                    <a href="{{fullFilePath}}" target="_blank" class="file-icon" title="复制地址（打开标签后复制）"><i class="fa fa-link"></i></a>\n' +
+                                                             <@shiro.hasPermission name="file:delete">
                             '                                    <a class="pointer file-icon" data-event="del" data-value="{{id}}" data-storage-type="{{storageType}}" title="删除文件"><i class="fa fa-times"></i></a>\n' +
+                                                             </@shiro.hasPermission>
                             '                                </div>\n' +
                             '                            </div>\n' +
                             '                            <div class="selected-mask">\n' +
diff --git a/blog-admin/src/main/resources/templates/user/list.ftl b/blog-admin/src/main/resources/templates/user/list.ftl
index f4a7b6b553b2788258f2ba1af093f428e8795cd5..bd8ce59bd05379547bc39fd755984845bd99a1ca 100644
--- a/blog-admin/src/main/resources/templates/user/list.ftl
+++ b/blog-admin/src/main/resources/templates/user/list.ftl
@@ -14,9 +14,8 @@
                 <div class="<#--table-responsive-->">
                     <div class="btn-group hidden-xs" id="toolbar">
                         <@shiro.hasPermission name="user:add">
-                        <button id="btn_add" type="button" class="btn btn-info" title="新增用户">
-                            <i class="fa fa-plus fa-fw"></i>
-                        </button>
+                            <a id="user-modal-add" href="#modal-container-user" role="button" class="btn btn-sm
+                            btn-success btn_add" data-toggle="modal"  title="添加" style="width: 44px;height: 34px;"><i class="fa fa-plus fa-fw" style="padding: 5px 0px;"></i></a>
                         </@shiro.hasPermission>
                         <@shiro.hasPermission name="user:batchDelete">
                             <button id="btn_delete_ids" type="button" class="btn btn-danger" title="删除选中">
@@ -52,47 +51,84 @@
         </div>
     </div>
 </div>
-<@addOrUpdateMOdal defaultTitle="添加用户">
-    <input type="hidden" name="id">
-    <div class="item form-group">
-        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="username">用户名 <span class="required">*</span></label>
-        <div class="col-md-6 col-sm-6 col-xs-12">
-            <input type="text" class="form-control col-md-7 col-xs-12" name="username" id="username" required="required" placeholder="请输入用户名"/>
-        </div>
-    </div>
-    <div class="item form-group">
-        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="password">密码 </label>
-        <div class="col-md-6 col-sm-6 col-xs-12">
-            <input type="password" class="form-control col-md-7 col-xs-12" id="password" name="password" placeholder="请输入密码 6位以上"/>
-        </div>
-    </div>
-    <div class="item form-group">
-        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="nickname">昵称 </label>
-        <div class="col-md-6 col-sm-6 col-xs-12">
-            <input type="text" class="form-control col-md-7 col-xs-12" name="nickname" id="nickname" placeholder="请输入昵称"/>
-        </div>
-    </div>
-    <div class="item form-group">
-        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="mobile">手机 </label>
-        <div class="col-md-6 col-sm-6 col-xs-12">
-            <input type="tel" class="form-control col-md-7 col-xs-12" name="mobile" id="mobile" data-validate-length-range="6,20" placeholder="请输入手机号"/>
-        </div>
-    </div>
-    <div class="item form-group">
-        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="email">邮箱 </label>
-        <div class="col-md-6 col-sm-6 col-xs-12">
-            <input type="email" class="form-control col-md-7 col-xs-12" name="email" id="email" placeholder="请输入邮箱"/>
-        </div>
-    </div>
-    <div class="item form-group">
-        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="qq">QQ </label>
-        <div class="col-md-6 col-sm-6 col-xs-12">
-            <input type="number" class="form-control col-md-7 col-xs-12" name="qq" id="qq" placeholder="请输入QQ"/>
+
+
+
+<div class="modal fade" id="modal-container-user" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+                <h4 class="modal-title" id="addroleLabel">添加用户</h4>
+            </div>
+            <div class="modal-body">
+                <form id="addOrUpdateForm" class="form-horizontal form-label-left" novalidate>
+                    <input type="hidden" name="id">
+                    <div class="item form-group">
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="username">用户名 <span class="required">*</span></label>
+                        <div class="col-md-6 col-sm-6 col-xs-12">
+                            <input type="text" class="form-control col-md-7 col-xs-12" name="username" id="username" required="required" placeholder="请输入用户名"/>
+                        </div>
+                    </div>
+                    <div class="item form-group">
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="password">密码 </label>
+                        <div class="col-md-6 col-sm-6 col-xs-12">
+                            <input type="password" class="form-control col-md-7 col-xs-12" id="password"
+                                   name="password" placeholder="请输入密码 6位以上, 不想修改密码请保持空值"/>
+                        </div>
+                    </div>
+                    <div class="item form-group">
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="nickname">昵称 </label>
+                        <div class="col-md-6 col-sm-6 col-xs-12">
+                            <input type="text" class="form-control col-md-7 col-xs-12" name="nickname" id="nickname" placeholder="请输入昵称"/>
+                        </div>
+                    </div>
+                    <div class="item form-group">
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="avatar">头像 </label>
+                        <div class="col-md-6 col-sm-6 col-xs-12">
+                            <input type="file" class="form-control col-md-7 col-xs-12 uploadPreview"
+                                   data-preview-container="#avatarPreview" name="file" id="avatar" placeholder="请输入头像链接"/>
+                        </div>
+                        <div class="col-md-6 col-sm-6 col-xs-12">
+                            <div id="avatarPreview" style="width: 200px;height: auto"></div>
+                        </div>
+                    </div>
+                    <div class="item form-group">
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="mobile">手机 </label>
+                        <div class="col-md-6 col-sm-6 col-xs-12">
+                            <input type="tel" class="form-control col-md-7 col-xs-12" name="mobile" id="mobile" data-validate-length-range="6,20" placeholder="请输入手机号"/>
+                        </div>
+                    </div>
+                    <div class="item form-group">
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="email">邮箱 </label>
+                        <div class="col-md-6 col-sm-6 col-xs-12">
+                            <input type="email" class="form-control col-md-7 col-xs-12" name="email" id="email" placeholder="请输入邮箱"/>
+                        </div>
+                    </div>
+                    <div class="item form-group">
+                        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="qq">QQ </label>
+                        <div class="col-md-6 col-sm-6 col-xs-12">
+                            <input type="number" class="form-control col-md-7 col-xs-12" name="qq" id="qq" placeholder="请输入QQ"/>
+                        </div>
+                    </div>
+                </form>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-default" data-dismiss="modal"><i class="fa fa-close"> 关闭</i></button>
+                <button type="button" class="btn btn-success addOrUpdateBtn"><i class="fa fa-save"> 保存</i></button>
+            </div>
         </div>
+
     </div>
-</@addOrUpdateMOdal>
+
+</div>
+
+
 <@footer>
+
     <script>
+
+
         /**
          * 操作按钮
          * @param code
@@ -101,25 +137,77 @@
          * @returns {string}
          */
         function operateFormatter(code, row, index) {
+            var admin = false;
+            <@shiro.hasPermission name="user:admin">
+            admin = true;
+            </@shiro.hasPermission>
             var currentUserId = '${user.id}';
+            var rowJson = encodeURI(JSON.stringify(row).replace(/\"/g, "。"));
+
             var trUserId = row.id;
-            var operateBtn = [
-                '<@shiro.hasPermission name="user:edit"><a class="btn btn-sm btn-success btn-update" data-id="' + trUserId + '"title="编辑"><i class="fa fa-edit fa-fw"></i></a></@shiro.hasPermission>',
-            ];
-            if (currentUserId != trUserId) {
-                operateBtn.push('<@shiro.hasPermission name="user:delete"><a class="btn btn-sm btn-danger btn-remove" data-id="' + trUserId + '"title="删除"><i class="fa fa-trash-o fa-fw"></i></a></@shiro.hasPermission>');
-                operateBtn.push('<@shiro.hasPermission name="user:allotRole"><a class="btn btn-sm btn-info btn-allot" data-id="' + trUserId + '" title="分配角色"><i class="fa fa-circle-thin fa-fw"></i></a></@shiro.hasPermission>')
+            if (admin || currentUserId == trUserId) {
+                var operateBtn = [
+                    '<@shiro.hasPermission name="user:edit"><a id="user-modal-update" href="#modal-container-user" role="button" class="btn btn-sm ' +
+                    'btn-success btn_update" data-toggle="modal" onclick="userUpdateClick(\'' + rowJson + '\')"' + ' title="编辑"><i ' + 'class="fa fa-edit ' + 'fa-fw"></i></a></@shiro.hasPermission>'
+                ];
+                if (currentUserId != trUserId) {
+                    operateBtn.push('<@shiro.hasPermission name="user:delete"><a class="btn btn-sm btn-danger btn-remove" data-id="' + trUserId + '"title="删除"><i class="fa fa-trash-o fa-fw"></i></a></@shiro.hasPermission>');
+                    operateBtn.push('<@shiro.hasPermission name="user:allotRole"><a class="btn btn-sm btn-info btn-allot" data-id="' + trUserId + '" title="分配角色"><i class="fa fa-circle-thin fa-fw"></i></a></@shiro.hasPermission>');
+                }
+                return operateBtn.join('');
             }
-            return operateBtn.join('');
+            return null;
+        }
+
+        function userUpdateClick(data) {
+            data = decodeURI(data).replace(/。/g, '"');
+            let row = JSON.parse(data);
+
+            $("#addOrUpdateForm input[name='id']").val(row.id);
+            $("#addOrUpdateForm input[name='username']").val(row.username);
+            $("#addOrUpdateForm input[name='nickname']").val(row.nickname);
+            let avatar = row.avatar;
+            if (avatar != undefined && avatar.length > 2) {
+                $("#addOrUpdateForm #avatarPreview").html('<img src="'+ avatar +'" class="img-responsive ' + 'img-rounded ' + 'auto-shake">');
+            }
+            $("#addOrUpdateForm input[name='mobile']").val(row.mobile);
+            $("#addOrUpdateForm input[name='email']").val(row.email);
+            $("#addOrUpdateForm input[name='qq']").val(row.qq);
+
         }
 
         $(function () {
+
+            $("#user-modal-add").click(function () {
+                $("#addOrUpdateForm").resetForm();
+                $("#addOrUpdateForm #avatarPreview").html("");
+            });
+
+            $(".addOrUpdateBtn").click(function () {                
+                var $form = $("#addOrUpdateForm");
+                var $modal = $("#modal-container-user");
+                if (validator.checkAll($form)) {
+                    $form.ajaxSubmit({
+                        type: "POST",
+                        url: '/user/addorupdate',
+                        success: function (json) {
+                            if(json.status == 200) {
+                                $modal.modal('hide');
+                            }
+                            $(".btn-default[name='refresh']").trigger('click');
+                            $.alert.ajaxSuccess(json);
+                        },
+                        error: $.alert.ajaxError
+                    });
+                }
+            });
+
             var options = {
                 url: "/user/list",
                 getInfoUrl: "/user/get/{id}",
-                updateUrl: "/user/edit",
+                updateUrl: "/user/addorupdate",
                 removeUrl: "/user/remove",
-                createUrl: "/user/add",
+                createUrl: "/user/addorupdate",
                 saveRolesUrl: "/user/saveUserRoles",
                 columns: [
                     {
@@ -143,6 +231,18 @@
                             return code ? code : '-';
                         }
                     }, {
+                        field: 'avatar',
+                        title: '头像',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'mobile',
+                        title: '手机',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    },{
                         field: 'email',
                         title: '邮箱',
                         formatter: function (code) {
@@ -246,6 +346,8 @@
                     }
                 });
             });
+
         });
     </script>
+
 </@footer>
\ No newline at end of file
diff --git a/blog-admin/src/main/resources/templates/user/list2.ftl b/blog-admin/src/main/resources/templates/user/list2.ftl
new file mode 100644
index 0000000000000000000000000000000000000000..4f535372126cf5564e6f835ee3d6979f5afc72fe
--- /dev/null
+++ b/blog-admin/src/main/resources/templates/user/list2.ftl
@@ -0,0 +1,289 @@
+<#include "/include/macros.ftl">
+<@header></@header>
+<div class="clearfix"></div>
+<div class="row">
+    <div class="col-md-12 col-sm-12 col-xs-12">
+        <@breadcrumb>
+            <ol class="breadcrumb">
+                <li><a href="/">首页</a></li>
+                <li class="active">用户管理</li>
+            </ol>
+        </@breadcrumb>
+        <div class="x_panel">
+            <div class="x_content">
+                <div class="<#--table-responsive-->">
+                    <div class="btn-group hidden-xs" id="toolbar">
+                        <@shiro.hasPermission name="user:add">
+                            <a id="user-modal-add" href="#modal-container-user" role="button" class="btn btn-sm  btn-success btn_add" data-toggle="modal"  title="添加"><i class="fa fa-plus fa-fw"></i></a>
+                        </@shiro.hasPermission>
+                        <@shiro.hasPermission name="user:batchDelete">
+                            <button id="btn_delete_ids" type="button" class="btn btn-danger" title="删除选中">
+                                <i class="fa fa-trash-o fa-fw"></i>
+                            </button>
+                        </@shiro.hasPermission>
+                    </div>
+                    <table id="tablelist">
+                    </table>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+<!--弹框-->
+<div class="modal fade bs-example-modal-sm" id="selectRole" tabindex="-1" role="dialog" aria-labelledby="selectRoleLabel">
+    <div class="modal-dialog modal-sm" role="document">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+                <h4 class="modal-title" id="selectRoleLabel">分配角色</h4>
+            </div>
+            <div class="modal-body">
+                <form id="boxRoleForm">
+                    <div class="zTreeDemoBackground left">
+                        <ul id="treeDemo" class="ztree"></ul>
+                    </div>
+                </form>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-default" data-dismiss="modal"><i class="fa fa-close"> 关闭</i></button>
+            </div>
+        </div>
+    </div>
+</div>
+
+<@addOrUpdateMOdal defaultTitle="添加用户">
+    <input type="hidden" name="id">
+    <div class="item form-group">
+        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="username">用户名 <span class="required">*</span></label>
+        <div class="col-md-6 col-sm-6 col-xs-12">
+            <input type="text" class="form-control col-md-7 col-xs-12" name="username" id="username" required="required" placeholder="请输入用户名"/>
+        </div>
+    </div>
+    <div class="item form-group">
+        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="password">密码 </label>
+        <div class="col-md-6 col-sm-6 col-xs-12">
+            <input type="password" class="form-control col-md-7 col-xs-12" id="password"
+                   name="password" placeholder="请输入密码 6位以上, 不想修改密码请保持空值"/>
+        </div>
+    </div>
+    <div class="item form-group">
+        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="nickname">昵称 </label>
+        <div class="col-md-6 col-sm-6 col-xs-12">
+            <input type="text" class="form-control col-md-7 col-xs-12" name="nickname" id="nickname" placeholder="请输入昵称"/>
+        </div>
+    </div>
+    <div class="item form-group">
+        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="avatar">头像 </label>
+        <div class="col-md-6 col-sm-6 col-xs-12">
+            <input type="file" class="form-control col-md-7 col-xs-12 uploadPreview"
+                   data-preview-container="#avatarPreview" name="file" id="avatar" placeholder="请输入头像链接"/>
+        </div>
+        <div class="col-md-6 col-sm-6 col-xs-12">
+            <div id="avatarPreview" style="width: 200px;height: auto"></div>
+        </div>
+    </div>
+    <div class="item form-group">
+        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="mobile">手机 </label>
+        <div class="col-md-6 col-sm-6 col-xs-12">
+            <input type="tel" class="form-control col-md-7 col-xs-12" name="mobile" id="mobile" data-validate-length-range="6,20" placeholder="请输入手机号"/>
+        </div>
+    </div>
+    <div class="item form-group">
+        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="email">邮箱 </label>
+        <div class="col-md-6 col-sm-6 col-xs-12">
+            <input type="email" class="form-control col-md-7 col-xs-12" name="email" id="email" placeholder="请输入邮箱"/>
+        </div>
+    </div>
+    <div class="item form-group">
+        <label class="control-label col-md-3 col-sm-3 col-xs-12" for="qq">QQ </label>
+        <div class="col-md-6 col-sm-6 col-xs-12">
+            <input type="number" class="form-control col-md-7 col-xs-12" name="qq" id="qq" placeholder="请输入QQ"/>
+        </div>
+    </div>
+</@addOrUpdateMOdal>
+
+<@footer>
+
+    <script>
+
+
+        /**
+         * 操作按钮
+         * @param code
+         * @param row
+         * @param index
+         * @returns {string}
+         */
+        function operateFormatter(code, row, index) {
+            var admin = false;
+            <@shiro.hasPermission name="user:admin">
+            admin = true;
+            </@shiro.hasPermission>
+            var currentUserId = '${user.id}';
+
+            var trUserId = row.id;
+            if (admin || currentUserId == trUserId) {
+                var operateBtn = [
+                    '<@shiro.hasPermission name="user:edit"><a class="btn btn-sm btn-success btn-update" data-id="' + trUserId + '"title="编辑"><i class="fa fa-edit fa-fw"></i></a></@shiro.hasPermission>',
+                ];
+                if (currentUserId != trUserId) {
+                    operateBtn.push('<@shiro.hasPermission name="user:delete"><a class="btn btn-sm btn-danger btn-remove" data-id="' + trUserId + '"title="删除"><i class="fa fa-trash-o fa-fw"></i></a></@shiro.hasPermission>');
+                    operateBtn.push('<@shiro.hasPermission name="user:allotRole"><a class="btn btn-sm btn-info btn-allot" data-id="' + trUserId + '" title="分配角色"><i class="fa fa-circle-thin fa-fw"></i></a></@shiro.hasPermission>')
+                }
+                return operateBtn.join('');
+            }
+            return null
+        }
+
+
+        $(function () {
+
+            var options = {
+                url: "/user/list",
+                getInfoUrl: "/user/get/{id}",
+                updateUrl: "/user/addorupdate",
+                removeUrl: "/user/remove",
+                createUrl: "/user/addorupdate",
+                saveRolesUrl: "/user/saveUserRoles",
+                columns: [
+                    {
+                        checkbox: true
+                    }, {
+                        field: 'id',
+                        title: 'ID',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'username',
+                        title: '用户名',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'nickname',
+                        title: '昵称',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'avatar',
+                        title: '头像',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'mobile',
+                        title: '手机',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    },{
+                        field: 'email',
+                        title: '邮箱',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'qq',
+                        title: 'qq',
+                        align: 'center',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'userType',
+                        title: '用户类型',
+                        align: 'center',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'statusEnum',
+                        title: '状态',
+                        align: 'center',
+                        formatter: function (code) {
+                            return (code && code == 'NORMAL') ? '<span class="label label-success">正常</span>' : '<span class="label label-danger">禁用</span>';
+                        }
+                    }, {
+                        field: 'lastLoginTime',
+                        title: '最后登录时间',
+                        align: 'center',
+                        formatter: function (code) {
+                            return new Date(code).format("yyyy-MM-dd hh:mm:ss")
+                        }
+                    }, {
+                        field: 'loginCount',
+                        title: '登录次数',
+                        align: 'center',
+                        formatter: function (code) {
+                            return code ? code : '-';
+                        }
+                    }, {
+                        field: 'operate',
+                        title: '操作',
+                        align: "center",
+                        width: '150px',
+                        formatter: operateFormatter //自定义方法，添加操作按钮
+                    }
+                ],
+                modalName: "用户"
+            };
+            // 初始化table组件
+            var table = new Table(options);
+            table.init();
+
+            /* 分配用户角色 */
+            table.bindClickEvent('.btn-allot', function () {
+                console.log("分配权限");
+                var $this = $(this);
+                var userId = $this.attr("data-id");
+                $.ajax({
+                    async: false,
+                    type: "POST",
+                    data: {uid: userId},
+                    url: '/roles/rolesWithSelected',
+                    dataType: 'json',
+                    success: function (json) {
+                        var data = json.data;
+                        console.log(data);
+                        var setting = {
+                            check: {
+                                enable: true,
+                                chkboxType: {"Y": "ps", "N": "ps"},
+                                chkStyle: "radio"
+                            },
+                            data: {
+                                simpleData: {
+                                    enable: true
+                                }
+                            },
+                            callback: {
+                                onCheck: function (event, treeId, treeNode) {
+                                    console.log(treeNode.tId + ", " + treeNode.name + "," + treeNode.checked);
+                                    var treeObj = $.fn.zTree.getZTreeObj(treeId);
+                                    var nodes = treeObj.getCheckedNodes(true);
+                                    var ids = new Array();
+                                    for (var i = 0; i < nodes.length; i++) {
+                                        //获取选中节点的值
+                                        ids.push(nodes[i].id);
+                                    }
+                                    console.log(ids);
+                                    console.log(userId);
+                                    $.post(options.saveRolesUrl, {"userId": userId, "roleIds": ids.join(",")}, function (obj) {
+                                    }, 'json');
+                                }
+                            }
+                        };
+                        var tree = $.fn.zTree.init($("#treeDemo"), setting, data);
+                        tree.expandAll(true);//全部展开
+
+                        $('#selectRole').modal('show');
+                    }
+                });
+            });
+
+        });
+    </script>
+
+</@footer>
\ No newline at end of file
diff --git a/blog-admin/sysResourcesSql.md b/blog-admin/sysResourcesSql.md
new file mode 100644
index 0000000000000000000000000000000000000000..24733ef692d4b7fce789d55a169504bf7a31f758
--- /dev/null
+++ b/blog-admin/sysResourcesSql.md
@@ -0,0 +1,13 @@
+### sys_resources
+	
+|  id   |   role_id  |  resources_id   |
+| --- | --- | --- |
+|   566  |  1   |   80  |
+|   567  |  1   |   77  |
+### sys_role_resources
+
+| id  | name         | type   | url | permission   | parent_id | sort | external| available | icon|
+| --- | ------------ | ------ | --- | ------------ | --------- | ---- | --------- | --------- | --------- |
+| 77  | 删除文件     | button | \N  | file:delete  | 75        | 3    | 0         | 1         | \N    |
+| 80  | 浏览文章列表 | button | \N  | article:list | 21        | 10   | 0         | 1         | fa fa-bars|
+
diff --git a/blog-core/src/main/java/com/zyd/blog/business/consts/PermissionConst.java b/blog-core/src/main/java/com/zyd/blog/business/consts/PermissionConst.java
new file mode 100644
index 0000000000000000000000000000000000000000..89221061fc0742bdcf4bca490a8582b2bba9823a
--- /dev/null
+++ b/blog-core/src/main/java/com/zyd/blog/business/consts/PermissionConst.java
@@ -0,0 +1,13 @@
+package com.zyd.blog.business.consts;
+
+/**
+ * 权限控制常量
+ * @author zyw
+ * @version V1.0  Created by 2020/4/13 13:02
+ */
+public class PermissionConst {
+    /**
+     * 文章列表权限：展示所有文章列表，没有此权限时只显示自己的文章列表
+     */
+    public static final String ARTICLE_LIST_PERMISSION = "article:list";
+}
\ No newline at end of file
diff --git a/blog-core/src/main/resources/mybatis/BizArticleMapper.xml b/blog-core/src/main/resources/mybatis/BizArticleMapper.xml
index d4172afa5f23fb7d1ccc6dd92d7cff02009eec0c..6b4f35776d0bd72418e22a55815be3138003069e 100644
--- a/blog-core/src/main/resources/mybatis/BizArticleMapper.xml
+++ b/blog-core/src/main/resources/mybatis/BizArticleMapper.xml
@@ -63,6 +63,9 @@
 		INNER JOIN biz_type btype ON a.type_id = btype.id
 		INNER JOIN biz_article_tags atag ON a.id = atag.article_id
 		WHERE 1 = 1
+		<if test="userId != null">
+			AND a.user_id = #{userId}
+		</if>
         <if test="typeId != null">
             AND	a.type_id = #{typeId}
         </if>