diff --git a/.idea/workspace.xml b/.idea/workspace.xml
index 21a465e..7aa07c9 100644
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@@ -5,6 +5,7 @@
 <<<<<<< HEAD
       <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" afterPath="$PROJECT_DIR$/.idea/workspace.xml" />
 <<<<<<< HEAD
+<<<<<<< HEAD
 =======
 <<<<<<< HEAD
       <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" afterPath="$PROJECT_DIR$/.idea/workspace.xml" />
@@ -28,6 +29,10 @@
       <change beforePath="$PROJECT_DIR$/templates/base-static.html" afterPath="$PROJECT_DIR$/templates/base-static.html" />
 >>>>>>> 1-rbac
 =======
+>>>>>>> 1-rbac
+=======
+      <change beforePath="$PROJECT_DIR$/db.sqlite3" afterPath="$PROJECT_DIR$/db.sqlite3" />
+      <change beforePath="$PROJECT_DIR$/sandboxMP/settings.py" afterPath="$PROJECT_DIR$/sandboxMP/settings.py" />
 >>>>>>> 1-rbac
     </list>
     <option name="EXCLUDED_CONVERTED_TO_IGNORED" value="true" />
@@ -42,11 +47,12 @@
   </component>
   <component name="FileEditorManager">
     <leaf SIDE_TABS_SIZE_LIMIT_KEY="300">
-      <file leaf-file-name="urls.py" pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/apps/system/urls.py">
+      <file leaf-file-name="settings.py" pinned="false" current-in-tab="true">
+        <entry file="file://$PROJECT_DIR$/sandboxMP/settings.py">
           <provider selected="true" editor-type-id="text-editor">
 <<<<<<< HEAD
 <<<<<<< HEAD
+<<<<<<< HEAD
 <<<<<<< HEAD
             <state relative-caret-position="1122">
               <caret line="77" column="0" lean-forward="false" selection-start-line="77" selection-start-column="0" selection-end-line="88" selection-end-column="77" />
@@ -65,14 +71,19 @@
 =======
             <state relative-caret-position="408">
               <caret line="27" column="0" lean-forward="false" selection-start-line="27" selection-start-column="0" selection-end-line="27" selection-end-column="0" />
+>>>>>>> 1-rbac
+=======
+            <state relative-caret-position="597">
+              <caret line="151" column="34" lean-forward="true" selection-start-line="151" selection-start-column="34" selection-end-line="151" selection-end-column="34" />
 >>>>>>> 1-rbac
               <folding>
-                <element signature="e#0#37#0" expanded="true" />
+                <element signature="e#310#319#0" expanded="true" />
               </folding>
             </state>
           </provider>
         </entry>
       </file>
+<<<<<<< HEAD
       <file leaf-file-name="views_user.py" pinned="false" current-in-tab="false">
         <entry file="file://$PROJECT_DIR$/apps/system/views_user.py">
           <provider selected="true" editor-type-id="text-editor">
@@ -178,6 +189,8 @@
           </provider>
         </entry>
       </file>
+=======
+>>>>>>> 1-rbac
     </leaf>
   </component>
   <component name="FileTemplateManagerImpl">
@@ -200,34 +213,50 @@
   <component name="IdeDocumentHistory">
     <option name="CHANGED_PATHS">
       <list>
-        <option value="$PROJECT_DIR$/templates/base-left.html" />
-        <option value="$PROJECT_DIR$/templates/head-footer.html" />
-        <option value="$PROJECT_DIR$/apps/system/models.py" />
         <option value="$PROJECT_DIR$/apps/system/mixin.py" />
         <option value="$PROJECT_DIR$/templates/system/system.html" />
         <option value="$PROJECT_DIR$/sandboxMP/urls.py" />
-        <option value="$PROJECT_DIR$/templates/system/system_index.html" />
-        <option value="$PROJECT_DIR$/apps/system/views.py" />
-        <option value="$PROJECT_DIR$/sandboxMP/settings.py" />
         <option value="$PROJECT_DIR$/apps/system/tests.py" />
         <option value="$PROJECT_DIR$/templates/system/structure/structure_create.html" />
         <option value="$PROJECT_DIR$/templates/system/structure/strueture_users.html" />
         <option value="$PROJECT_DIR$/templates/system/structure/strueture_user.html" />
-        <option value="$PROJECT_DIR$/apps/system/views_structure.py" />
-        <option value="$PROJECT_DIR$/templates/system/structure/structure.html" />
         <option value="$PROJECT_DIR$/templates/system/structure/structure_user.html" />
         <option value="$PROJECT_DIR$/templates/system/users/user_create.html" />
         <option value="$PROJECT_DIR$/templates/system/users/user_detail.html" />
         <option value="$PROJECT_DIR$/templates/base-static.html" />
         <option value="$PROJECT_DIR$/templates/system/users/passwd_change.html" />
-        <option value="$PROJECT_DIR$/templates/system/users/user.html" />
-        <option value="$PROJECT_DIR$/apps/system/views_user.py" />
         <option value="$PROJECT_DIR$/apps/system/forms.py" />
         <option value="$PROJECT_DIR$/apps/system/views.menu.py" />
+        <option value="$PROJECT_DIR$/apps/system/apps.py" />
+        <option value="$PROJECT_DIR$/templates/system/menu_list.html" />
+        <option value="$PROJECT_DIR$/templates/system/role_create.html" />
+        <option value="$PROJECT_DIR$/templates/system/role_update.html" />
+        <option value="$PROJECT_DIR$/templates/system/role_role2user.html" />
+        <option value="$PROJECT_DIR$/templates/system/role_role2menu.html" />
         <option value="$PROJECT_DIR$/apps/system/urls.py" />
-        <option value="$PROJECT_DIR$/apps/custom.py" />
-        <option value="$PROJECT_DIR$/apps/system/views_menu.py" />
         <option value="$PROJECT_DIR$/templates/system/menu_form.html" />
+        <option value="$PROJECT_DIR$/templates/system/menu_update.html" />
+        <option value="$PROJECT_DIR$/apps/system/milddleware.py" />
+        <option value="$PROJECT_DIR$/apps/milddleware.py" />
+        <option value="$PROJECT_DIR$/templates/head-footer.html" />
+        <option value="$PROJECT_DIR$/templates/system/structure/structure.html" />
+        <option value="$PROJECT_DIR$/templates/system/users/user.html" />
+        <option value="$PROJECT_DIR$/templates/system/role.html" />
+        <option value="$PROJECT_DIR$/apps/system/middleware.py" />
+        <option value="$PROJECT_DIR$/apps/system/models.py" />
+        <option value="$PROJECT_DIR$/apps/custom.py" />
+        <option value="$PROJECT_DIR$/apps/system/views.py" />
+        <option value="$PROJECT_DIR$/apps/system/views_menu.py" />
+        <option value="$PROJECT_DIR$/apps/system/views_role.py" />
+        <option value="$PROJECT_DIR$/apps/system/views_structure.py" />
+        <option value="$PROJECT_DIR$/apps/system/views_user.py" />
+        <option value="$PROJECT_DIR$/templates/base-left.html" />
+        <option value="$PROJECT_DIR$/templates/system/index.html" />
+        <option value="$PROJECT_DIR$/templates/system/system_index1.html" />
+        <option value="$PROJECT_DIR$/templates/system/system_index.html" />
+        <option value="$PROJECT_DIR$/requirements/dev" />
+        <option value="$PROJECT_DIR$/requirements/pro" />
+        <option value="$PROJECT_DIR$/sandboxMP/settings.py" />
       </list>
     </option>
   </component>
@@ -244,12 +273,16 @@
 =======
 =======
   <component name="ProjectFrameBounds" extendedState="7">
+<<<<<<< HEAD
 >>>>>>> 1-rbac
     <option name="x" value="-1448" />
+>>>>>>> 1-rbac
+=======
+    <option name="x" value="-8" />
 >>>>>>> 1-rbac
     <option name="y" value="-8" />
-    <option name="width" value="1456" />
-    <option name="height" value="876" />
+    <option name="width" value="1936" />
+    <option name="height" value="1056" />
   </component>
   <component name="ProjectInspectionProfilesVisibleTreeState">
     <entry key="Project Default">
@@ -296,12 +329,6 @@
               <item name="sandboxMP" type="462c0819:PsiDirectoryNode" />
               <item name="apps" type="462c0819:PsiDirectoryNode" />
             </path>
-            <path>
-              <item name="sandboxMP" type="b2602c69:ProjectViewProjectNode" />
-              <item name="sandboxMP" type="462c0819:PsiDirectoryNode" />
-              <item name="apps" type="462c0819:PsiDirectoryNode" />
-              <item name="system" type="462c0819:PsiDirectoryNode" />
-            </path>
           </expand>
           <select />
         </subPane>
@@ -327,9 +354,9 @@
     <key name="CopyFile.RECENT_KEYS">
       <recent name="D:\ProjectFile\sandboxMP\templates" />
       <recent name="D:\ProjectFile\sandboxMP\templates\system\users" />
+      <recent name="D:\ProjectFile\sandboxMP\templates\system" />
       <recent name="D:\ProjectFile\sandboxMP\templates\system\structure" />
       <recent name="D:\ProjectFile\sandboxMP\apps\system" />
-      <recent name="D:\ProjectFile\sandboxMP\templates\system" />
     </key>
     <key name="MoveFile.RECENT_KEYS">
       <recent name="D:\ProjectFile\sandboxMP\templates\system" />
@@ -400,6 +427,7 @@
   </component>
   <component name="ToolWindowManager">
 <<<<<<< HEAD
+<<<<<<< HEAD
 <<<<<<< HEAD
     <frame x="-8" y="-8" width="1936" height="1056" extended-state="6" />
 =======
@@ -407,28 +435,31 @@
 >>>>>>> 1-rbac
 =======
     <frame x="-1448" y="-8" width="1456" height="876" extended-state="7" />
+>>>>>>> 1-rbac
+=======
+    <frame x="-8" y="-8" width="1936" height="1056" extended-state="7" />
 >>>>>>> 1-rbac
     <editor active="true" />
     <layout>
       <window_info id="TODO" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.3297062" sideWeight="0.5" order="6" side_tool="false" content_ui="tabs" />
-      <window_info id="Event Log" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.26985854" sideWeight="0.5021322" order="7" side_tool="true" content_ui="tabs" />
+      <window_info id="Event Log" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.24156693" sideWeight="0.5042644" order="7" side_tool="true" content_ui="tabs" />
       <window_info id="Version Control" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.3297062" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
       <window_info id="Python Console" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.3297062" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
-      <window_info id="Run" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" show_stripe_button="true" weight="0.24221921" sideWeight="0.4978678" order="2" side_tool="false" content_ui="tabs" />
+      <window_info id="Run" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" show_stripe_button="true" weight="0.18498367" sideWeight="0.49573562" order="2" side_tool="false" content_ui="tabs" />
       <window_info id="Mongo Explorer" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
       <window_info id="Terminal" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.3297062" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
-      <window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" show_stripe_button="true" weight="0.2012894" sideWeight="0.5" order="0" side_tool="false" content_ui="combo" />
+      <window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" show_stripe_button="true" weight="0.26972282" sideWeight="0.5" order="0" side_tool="false" content_ui="combo" />
       <window_info id="Docker" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="false" weight="0.33" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
       <window_info id="Database" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
       <window_info id="SciView" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
       <window_info id="Structure" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.18656716" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
       <window_info id="Favorites" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="2" side_tool="true" content_ui="tabs" />
-      <window_info id="Debug" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.21650879" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
+      <window_info id="Debug" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.28281462" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
       <window_info id="Cvs" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="4" side_tool="false" content_ui="tabs" />
       <window_info id="Message" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
       <window_info id="Commander" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.4" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
       <window_info id="Inspection" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.4" sideWeight="0.5" order="5" side_tool="false" content_ui="tabs" />
-      <window_info id="manage.py@sandboxMP" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.28073993" sideWeight="0.5" order="8" side_tool="false" content_ui="tabs" />
+      <window_info id="manage.py@sandboxMP" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.34912044" sideWeight="0.5" order="8" side_tool="false" content_ui="tabs" />
       <window_info id="Hierarchy" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="2" side_tool="false" content_ui="combo" />
       <window_info id="Find" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
       <window_info id="Ant Build" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
@@ -442,124 +473,124 @@
   </component>
   <component name="XDebuggerManager">
     <breakpoint-manager>
-      <option name="time" value="20" />
+      <default-breakpoints>
+        <breakpoint type="python-exception">
+          <properties notifyOnTerminate="true" exception="BaseException">
+            <option name="notifyOnTerminate" value="true" />
+          </properties>
+        </breakpoint>
+      </default-breakpoints>
+      <option name="time" value="38" />
     </breakpoint-manager>
     <watches-manager />
   </component>
   <component name="editorHistoryManager">
-    <entry file="file://$PROJECT_DIR$/apps/system/forms.py">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/contrib/auth/decorators.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="306">
-          <caret line="18" column="0" lean-forward="true" selection-start-line="18" selection-start-column="0" selection-end-line="18" selection-end-column="0" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/sandboxMP/settings.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="381">
-          <caret line="43" column="0" lean-forward="true" selection-start-line="43" selection-start-column="0" selection-end-line="43" selection-end-column="0" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/models.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="323">
-          <caret line="20" column="0" lean-forward="true" selection-start-line="20" selection-start-column="0" selection-end-line="20" selection-end-column="0" />
-          <folding />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/urls.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="204">
-          <caret line="12" column="0" lean-forward="true" selection-start-line="12" selection-start-column="0" selection-end-line="12" selection-end-column="0" />
+        <state relative-caret-position="-459">
+          <caret line="9" column="57" lean-forward="false" selection-start-line="9" selection-start-column="57" selection-end-line="9" selection-end-column="57" />
         </state>
       </provider>
     </entry>
     <entry file="file://$PROJECT_DIR$/sandboxMP/urls.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="374">
-          <caret line="29" column="63" lean-forward="false" selection-start-line="29" selection-start-column="63" selection-end-line="29" selection-end-column="63" />
+        <state relative-caret-position="493">
+          <caret line="29" column="63" lean-forward="true" selection-start-line="29" selection-start-column="63" selection-end-line="30" selection-end-column="0" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/views_user.py">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/db/models/base.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="221">
-          <caret line="20" column="6" lean-forward="false" selection-start-line="20" selection-start-column="6" selection-end-line="20" selection-end-column="6" />
+        <state relative-caret-position="238">
+          <caret line="100" column="8" lean-forward="false" selection-start-line="100" selection-start-column="8" selection-end-line="100" selection-end-column="8" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/views.py">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/utils/encoding.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="34">
-          <caret line="2" column="0" lean-forward="true" selection-start-line="2" selection-start-column="0" selection-end-line="2" selection-end-column="0" />
+        <state relative-caret-position="-1649">
+          <caret line="121" column="4" lean-forward="false" selection-start-line="121" selection-start-column="4" selection-end-line="121" selection-end-column="4" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/sandboxMP/settings.py">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/contrib/flatpages/models.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="0">
+        <state relative-caret-position="595">
+          <caret line="39" column="22" lean-forward="false" selection-start-line="39" selection-start-column="22" selection-end-line="39" selection-end-column="22" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/db/models/__init__.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="-204">
           <caret line="0" column="0" lean-forward="false" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/static/bootstrap/js/npm.js">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/forms/models.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="204">
-          <caret line="12" column="28" lean-forward="true" selection-start-line="12" selection-start-column="28" selection-end-line="12" selection-end-column="28" />
+        <state relative-caret-position="230">
+          <caret line="472" column="4" lean-forward="false" selection-start-line="472" selection-start-column="4" selection-end-line="472" selection-end-column="4" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/index.html">
+    <entry file="file://$PROJECT_DIR$/templates/system/users/login.html">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="238">
-          <caret line="14" column="14" lean-forward="true" selection-start-line="14" selection-start-column="14" selection-end-line="14" selection-end-column="14" />
+        <state relative-caret-position="170">
+          <caret line="10" column="57" lean-forward="true" selection-start-line="10" selection-start-column="57" selection-end-line="10" selection-end-column="57" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/base-layer.html">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/views/generic/__init__.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="476">
-          <caret line="28" column="22" lean-forward="true" selection-start-line="28" selection-start-column="22" selection-end-line="28" selection-end-column="22" />
+        <state relative-caret-position="187">
+          <caret line="11" column="11" lean-forward="false" selection-start-line="11" selection-start-column="11" selection-end-line="11" selection-end-column="11" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/base-left.html">
+    <entry file="file://$PROJECT_DIR$/apps/system/forms.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="483">
-          <caret line="36" column="13" lean-forward="true" selection-start-line="36" selection-start-column="13" selection-end-line="36" selection-end-column="13" />
+        <state relative-caret-position="432">
+          <caret line="127" column="0" lean-forward="false" selection-start-line="127" selection-start-column="0" selection-end-line="127" selection-end-column="0" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/views.py">
+    <entry file="file://$PROJECT_DIR$/apps/system/apps.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="153">
-          <caret line="9" column="58" lean-forward="true" selection-start-line="9" selection-start-column="58" selection-end-line="9" selection-end-column="58" />
+        <state relative-caret-position="85">
+          <caret line="5" column="0" lean-forward="true" selection-start-line="5" selection-start-column="0" selection-end-line="5" selection-end-column="0" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/system/system_index.html">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/views/generic/base.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="204">
-          <caret line="12" column="0" lean-forward="true" selection-start-line="12" selection-start-column="0" selection-end-line="12" selection-end-column="0" />
+        <state relative-caret-position="197">
+          <caret line="130" column="33" lean-forward="true" selection-start-line="130" selection-start-column="4" selection-end-line="130" selection-end-column="33" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/urls/conf.py">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/shortcuts.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="68">
-          <caret line="11" column="15" lean-forward="true" selection-start-line="11" selection-start-column="15" selection-end-line="11" selection-end-column="15" />
+        <state relative-caret-position="342">
+          <caret line="56" column="50" lean-forward="true" selection-start-line="56" selection-start-column="21" selection-end-line="56" selection-end-column="50" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/sandboxMP/settings.py">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/http/response.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="143">
-          <caret line="29" column="18" lean-forward="true" selection-start-line="29" selection-start-column="18" selection-end-line="29" selection-end-column="18" />
+        <state relative-caret-position="-1063">
+          <caret line="475" column="6" lean-forward="false" selection-start-line="475" selection-start-column="6" selection-end-line="475" selection-end-column="6" />
         </state>
       </provider>
     </entry>
+    <entry file="file://$PROJECT_DIR$/templates/system/role_update.html">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="657">
+          <caret line="80" column="14" lean-forward="false" selection-start-line="80" selection-start-column="14" selection-end-line="80" selection-end-column="14" />
+        </state>
+      </provider>
+    </entry>
+<<<<<<< HEAD
 <<<<<<< HEAD
     <entry file="file://$PROJECT_DIR$/apps/system/views_user.py">
       <provider selected="true" editor-type-id="text-editor">
@@ -582,42 +613,50 @@
 =======
 >>>>>>> 1-rbac
     <entry file="file://$PROJECT_DIR$/apps/system/tests.py">
+=======
+    <entry file="file://$PROJECT_DIR$/templates/system/role_form.html">
+>>>>>>> 1-rbac
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="51">
-          <caret line="3" column="0" lean-forward="false" selection-start-line="3" selection-start-column="0" selection-end-line="3" selection-end-column="0" />
+        <state relative-caret-position="504">
+          <caret line="70" column="11" lean-forward="true" selection-start-line="70" selection-start-column="11" selection-end-line="70" selection-end-column="11" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/apps/__init__.py">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/views/generic/detail.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="0">
-          <caret line="0" column="0" lean-forward="false" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
+        <state relative-caret-position="272">
+          <caret line="20" column="0" lean-forward="false" selection-start-line="20" selection-start-column="0" selection-end-line="25" selection-end-column="11" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/braces/views/_ajax.py" />
-    <entry file="file://$PROJECT_DIR$/templates/system/structure/structure_create.html">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/views/generic/edit.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="524">
-          <caret line="89" column="11" lean-forward="true" selection-start-line="89" selection-start-column="11" selection-end-line="89" selection-end-column="11" />
+        <state relative-caret-position="289">
+          <caret line="69" column="39" lean-forward="true" selection-start-line="69" selection-start-column="39" selection-end-line="69" selection-end-column="39" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/system/structure/structure_user.html">
+    <entry file="file://$PROJECT_DIR$/templates/system/role_role2user.html">
       <provider selected="true" editor-type-id="text-editor">
 <<<<<<< HEAD
+<<<<<<< HEAD
 <<<<<<< HEAD
         <state relative-caret-position="527">
           <caret line="37" column="5" lean-forward="true" selection-start-line="37" selection-start-column="5" selection-end-line="37" selection-end-column="5" />
 =======
         <state relative-caret-position="-15">
           <caret line="29" column="95" lean-forward="true" selection-start-line="29" selection-start-column="95" selection-end-line="29" selection-end-column="95" />
+>>>>>>> 1-rbac
+=======
+        <state relative-caret-position="563">
+          <caret line="98" column="20" lean-forward="false" selection-start-line="98" selection-start-column="20" selection-end-line="98" selection-end-column="20" />
 >>>>>>> 1-rbac
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/system/structure/structure.html">
+    <entry file="file://$PROJECT_DIR$/templates/system/role_role2menu.html">
       <provider selected="true" editor-type-id="text-editor">
+<<<<<<< HEAD
 <<<<<<< HEAD
         <state relative-caret-position="221">
           <caret line="16" column="0" lean-forward="false" selection-start-line="16" selection-start-column="0" selection-end-line="16" selection-end-column="0" />
@@ -648,14 +687,23 @@
 =======
 >>>>>>> 1-rbac
     <entry file="file://$PROJECT_DIR$/static/plugins/datatables/dataTables.const-1.js">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="68">
-          <caret line="4" column="8" lean-forward="false" selection-start-line="4" selection-start-column="8" selection-end-line="4" selection-end-column="8" />
+=======
+        <state relative-caret-position="2097">
+          <caret line="177" column="13" lean-forward="true" selection-start-line="177" selection-start-column="13" selection-end-line="177" selection-end-column="13" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/views_structure.py">
+    <entry file="file://$PROJECT_DIR$/templates/system/menu_update.html">
+>>>>>>> 1-rbac
       <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="153">
+          <caret line="48" column="11" lean-forward="false" selection-start-line="48" selection-start-column="11" selection-end-line="48" selection-end-column="11" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/apps/system/urls.py">
+      <provider selected="true" editor-type-id="text-editor">
+<<<<<<< HEAD
 <<<<<<< HEAD
 <<<<<<< HEAD
         <state relative-caret-position="1122">
@@ -674,35 +722,40 @@
 =======
         <state relative-caret-position="541">
           <caret line="88" column="77" lean-forward="true" selection-start-line="88" selection-start-column="77" selection-end-line="88" selection-end-column="77" />
+>>>>>>> 1-rbac
+=======
+        <state relative-caret-position="510">
+          <caret line="30" column="92" lean-forward="true" selection-start-line="30" selection-start-column="92" selection-end-line="30" selection-end-column="92" />
 >>>>>>> 1-rbac
         </state>
       </provider>
     </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/urls/resolvers.py">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/core/servers/basehttp.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="260">
-          <caret line="220" column="33" lean-forward="true" selection-start-line="220" selection-start-column="33" selection-end-line="220" selection-end-column="33" />
+        <state relative-caret-position="401">
+          <caret line="58" column="0" lean-forward="true" selection-start-line="58" selection-start-column="0" selection-end-line="58" selection-end-column="0" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/system/users/user_create.html">
+    <entry file="file://$PROJECT_DIR$/sandboxMP/wsgi.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="1396">
-          <caret line="129" column="26" lean-forward="false" selection-start-line="129" selection-start-column="26" selection-end-line="129" selection-end-column="26" />
+        <state relative-caret-position="187">
+          <caret line="11" column="49" lean-forward="true" selection-start-line="11" selection-start-column="49" selection-end-line="11" selection-end-column="49" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/head-footer.html">
+    <entry file="file://$PROJECT_DIR$/apps/milddleware.py" />
+    <entry file="file://$PROJECT_DIR$/apps/system/mixin.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="1598">
-          <caret line="94" column="22" lean-forward="true" selection-start-line="94" selection-start-column="22" selection-end-line="94" selection-end-column="22" />
-          <folding />
+        <state relative-caret-position="187">
+          <caret line="11" column="35" lean-forward="true" selection-start-line="11" selection-start-column="35" selection-end-line="11" selection-end-column="35" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/base-static.html">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/utils/module_loading.py">
       <provider selected="true" editor-type-id="text-editor">
 <<<<<<< HEAD
+<<<<<<< HEAD
 <<<<<<< HEAD
         <state relative-caret-position="4046">
           <caret line="238" column="22" lean-forward="false" selection-start-line="238" selection-start-column="22" selection-end-line="238" selection-end-column="22" />
@@ -723,205 +776,173 @@
             <element signature="e#0#37#0" expanded="true" />
           </folding>
 >>>>>>> a328e88122d80e72999261759f2594796f8da35b
+=======
+        <state relative-caret-position="221">
+          <caret line="16" column="0" lean-forward="false" selection-start-line="16" selection-start-column="0" selection-end-line="16" selection-end-column="0" />
+>>>>>>> 1-rbac
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/system/users/user_detail.html">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/importlib/__init__.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="967">
-          <caret line="191" column="14" lean-forward="false" selection-start-line="191" selection-start-column="14" selection-end-line="191" selection-end-column="14" />
-          <folding />
+        <state relative-caret-position="231">
+          <caret line="125" column="0" lean-forward="false" selection-start-line="125" selection-start-column="0" selection-end-line="125" selection-end-column="0" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/templates/system/users/passwd_change.html">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/core/handlers/exception.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="459">
-          <caret line="90" column="0" lean-forward="true" selection-start-line="90" selection-start-column="0" selection-end-line="90" selection-end-column="0" />
-          <folding />
+        <state relative-caret-position="340">
+          <caret line="34" column="0" lean-forward="false" selection-start-line="34" selection-start-column="0" selection-end-line="34" selection-end-column="0" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/contrib/auth/decorators.py">
+    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/utils/deprecation.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="-459">
-          <caret line="9" column="57" lean-forward="false" selection-start-line="9" selection-start-column="57" selection-end-line="9" selection-end-column="57" />
-          <folding>
-            <element signature="e#0#27#0" expanded="false" />
-          </folding>
+        <state relative-caret-position="497">
+          <caret line="89" column="0" lean-forward="false" selection-start-line="89" selection-start-column="0" selection-end-line="89" selection-end-column="0" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/sandboxMP/urls.py">
+    <entry file="file://$PROJECT_DIR$/templates/system/menu_form.html">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="493">
-          <caret line="29" column="63" lean-forward="true" selection-start-line="29" selection-start-column="63" selection-end-line="30" selection-end-column="0" />
-          <folding>
-            <element signature="e#633#665#0" expanded="false" />
-          </folding>
+        <state relative-caret-position="310">
+          <caret line="51" column="26" lean-forward="false" selection-start-line="51" selection-start-column="26" selection-end-line="51" selection-end-column="26" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/mixin.py">
+    <entry file="file://$PROJECT_DIR$/templates/system/menu_list.html">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="119">
-          <caret line="7" column="6" lean-forward="false" selection-start-line="7" selection-start-column="6" selection-end-line="7" selection-end-column="6" />
-          <folding />
+        <state relative-caret-position="204">
+          <caret line="60" column="0" lean-forward="false" selection-start-line="60" selection-start-column="0" selection-end-line="66" selection-end-column="13" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/db/models/base.py">
+    <entry file="file://$PROJECT_DIR$/templates/system/role.html">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="238">
-          <caret line="100" column="8" lean-forward="false" selection-start-line="100" selection-start-column="8" selection-end-line="100" selection-end-column="8" />
-          <folding />
+        <state relative-caret-position="540">
+          <caret line="71" column="19" lean-forward="false" selection-start-line="71" selection-start-column="19" selection-end-line="71" selection-end-column="19" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/utils/encoding.py">
+    <entry file="file://$PROJECT_DIR$/templates/system/structure/structure.html">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="-1649">
-          <caret line="121" column="4" lean-forward="false" selection-start-line="121" selection-start-column="4" selection-end-line="121" selection-end-column="4" />
-          <folding />
+        <state relative-caret-position="310">
+          <caret line="59" column="0" lean-forward="false" selection-start-line="59" selection-start-column="0" selection-end-line="65" selection-end-column="9" />
         </state>
       </provider>
     </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/contrib/flatpages/models.py">
+    <entry file="file://$PROJECT_DIR$/templates/head-footer.html">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="595">
-          <caret line="39" column="22" lean-forward="false" selection-start-line="39" selection-start-column="22" selection-end-line="39" selection-end-column="22" />
-          <folding />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/db/models/__init__.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="-204">
-          <caret line="0" column="0" lean-forward="false" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
-          <folding>
-            <element signature="e#0#53#0" expanded="false" />
-          </folding>
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/forms/models.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="230">
-          <caret line="472" column="4" lean-forward="false" selection-start-line="472" selection-start-column="4" selection-end-line="472" selection-end-column="4" />
-          <folding>
-            <element signature="e#99#134#0" expanded="false" />
-          </folding>
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/urls.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="408">
-          <caret line="27" column="0" lean-forward="false" selection-start-line="27" selection-start-column="0" selection-end-line="27" selection-end-column="0" />
-          <folding>
-            <element signature="e#0#37#0" expanded="true" />
-          </folding>
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/views/generic/base.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="178">
-          <caret line="107" column="6" lean-forward="false" selection-start-line="107" selection-start-column="6" selection-end-line="107" selection-end-column="6" />
-          <folding />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/views/generic/detail.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="76">
-          <caret line="110" column="52" lean-forward="false" selection-start-line="110" selection-start-column="52" selection-end-line="110" selection-end-column="52" />
-          <folding />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/templates/system/users/user.html">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="500">
-          <caret line="67" column="35" lean-forward="true" selection-start-line="67" selection-start-column="35" selection-end-line="67" selection-end-column="35" />
-          <folding />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/templates/system/users/login.html">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="170">
-          <caret line="10" column="57" lean-forward="true" selection-start-line="10" selection-start-column="57" selection-end-line="10" selection-end-column="57" />
-          <folding />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/views/generic/edit.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="119">
-          <caret line="69" column="6" lean-forward="false" selection-start-line="69" selection-start-column="6" selection-end-line="69" selection-end-column="6" />
-          <folding />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$USER_HOME$/Envs/sandboxMP/Lib/site-packages/django/views/generic/__init__.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="187">
-          <caret line="11" column="11" lean-forward="false" selection-start-line="11" selection-start-column="11" selection-end-line="11" selection-end-column="11" />
-          <folding>
-            <element signature="e#0#70#0" expanded="false" />
-          </folding>
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/forms.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="432">
-          <caret line="127" column="0" lean-forward="false" selection-start-line="127" selection-start-column="0" selection-end-line="127" selection-end-column="0" />
-          <folding>
-            <element signature="e#73#82#0" expanded="false" />
-          </folding>
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/models.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="136">
-          <caret line="9" column="4" lean-forward="true" selection-start-line="9" selection-start-column="4" selection-end-line="9" selection-end-column="10" />
-          <folding />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/apps/system/views_user.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="1054">
-          <caret line="62" column="53" lean-forward="false" selection-start-line="62" selection-start-column="53" selection-end-line="62" selection-end-column="53" />
-          <folding>
-            <element signature="e#78#87#0" expanded="true" />
-          </folding>
+        <state relative-caret-position="306">
+          <caret line="18" column="85" lean-forward="false" selection-start-line="18" selection-start-column="85" selection-end-line="18" selection-end-column="85" />
         </state>
       </provider>
     </entry>
     <entry file="file://$PROJECT_DIR$/apps/custom.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="357">
-          <caret line="21" column="0" lean-forward="false" selection-start-line="21" selection-start-column="0" selection-end-line="21" selection-end-column="0" />
-          <folding>
-            <element signature="e#73#84#0" expanded="true" />
-          </folding>
+        <state relative-caret-position="340">
+          <caret line="20" column="49" lean-forward="true" selection-start-line="20" selection-start-column="49" selection-end-line="20" selection-end-column="49" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/apps/system/views.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="170">
+          <caret line="10" column="0" lean-forward="true" selection-start-line="10" selection-start-column="0" selection-end-line="10" selection-end-column="0" />
         </state>
       </provider>
     </entry>
     <entry file="file://$PROJECT_DIR$/apps/system/views_menu.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="204">
+          <caret line="18" column="36" lean-forward="true" selection-start-line="18" selection-start-column="36" selection-end-line="18" selection-end-column="36" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/apps/system/views_role.py">
       <provider selected="true" editor-type-id="text-editor">
         <state relative-caret-position="187">
-          <caret line="11" column="0" lean-forward="false" selection-start-line="11" selection-start-column="0" selection-end-line="11" selection-end-column="53" />
+          <caret line="19" column="52" lean-forward="false" selection-start-line="19" selection-start-column="52" selection-end-line="19" selection-end-column="52" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/apps/system/views_structure.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="254">
+          <caret line="21" column="58" lean-forward="false" selection-start-line="21" selection-start-column="58" selection-end-line="21" selection-end-column="58" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/apps/system/models.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="255">
+          <caret line="22" column="0" lean-forward="false" selection-start-line="22" selection-start-column="0" selection-end-line="22" selection-end-column="0" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/templates/base-left.html">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="255">
+          <caret line="66" column="21" lean-forward="false" selection-start-line="66" selection-start-column="21" selection-end-line="66" selection-end-column="21" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/apps/system/middleware.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="470">
+          <caret line="96" column="45" lean-forward="false" selection-start-line="96" selection-start-column="45" selection-end-line="96" selection-end-column="45" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/apps/system/views_user.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="440">
+          <caret line="83" column="7" lean-forward="true" selection-start-line="83" selection-start-column="7" selection-end-line="83" selection-end-column="7" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/templates/system/users/user.html">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="238">
+          <caret line="14" column="50" lean-forward="true" selection-start-line="14" selection-start-column="50" selection-end-line="14" selection-end-column="50" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/templates/system/system_index1.html" />
+    <entry file="file://$PROJECT_DIR$/templates/invoice.html" />
+    <entry file="file://$PROJECT_DIR$/requirements/pro">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="17">
+          <caret line="1" column="13" lean-forward="true" selection-start-line="1" selection-start-column="13" selection-end-line="1" selection-end-column="13" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/requirements/dev">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="17">
+          <caret line="1" column="13" lean-forward="false" selection-start-line="1" selection-start-column="13" selection-end-line="1" selection-end-column="13" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/templates/system/system_index.html">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="33">
+          <caret line="2" column="0" lean-forward="true" selection-start-line="2" selection-start-column="0" selection-end-line="2" selection-end-column="0" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/sandboxMP/settings.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="597">
+          <caret line="151" column="34" lean-forward="true" selection-start-line="151" selection-start-column="34" selection-end-line="151" selection-end-column="34" />
           <folding>
-            <element signature="e#77#121#0" expanded="true" />
+            <element signature="e#310#319#0" expanded="true" />
           </folding>
         </state>
       </provider>
     </entry>
+<<<<<<< HEAD
     <entry file="file://$PROJECT_DIR$/templates/system/menu_form.html">
       <provider selected="true" editor-type-id="text-editor">
 <<<<<<< HEAD
@@ -950,6 +971,8 @@
         </state>
       </provider>
     </entry>
+=======
+>>>>>>> 1-rbac
   </component>
   <component name="masterDetails">
     <states>
diff --git a/apps/__pycache__/custom.cpython-36.pyc b/apps/__pycache__/custom.cpython-36.pyc
index 4c1262f..458ff71 100644
Binary files a/apps/__pycache__/custom.cpython-36.pyc and b/apps/__pycache__/custom.cpython-36.pyc differ
diff --git a/apps/custom.py b/apps/custom.py
index 67e2975..6c2e497 100644
--- a/apps/custom.py
+++ b/apps/custom.py
@@ -4,13 +4,45 @@
 
 import json
 
-from django.views.generic import CreateView
+from django.views.generic import CreateView, UpdateView
 from django.shortcuts import HttpResponse
+from django.http import Http404
 
 from system.mixin import LoginRequiredMixin
+from system.models import Menu
 
 
-class SimpleInfoCreateView(LoginRequiredMixin, CreateView):
+class BreadcrumbMixin:
+
+    def get_context_data(self, **kwargs):
+        menu = Menu.get_menu_by_request_url(url=self.request.path_info)
+        if menu is not None:
+            kwargs.update(menu)
+        return super().get_context_data(**kwargs)
+
+
+class SandboxGetObjectMixin:
+
+    def get_object(self, queryset=None):
+
+        if queryset is None:
+            queryset = self.get_queryset()
+        if 'id' in self.request.GET and self.request.GET['id']:
+            queryset = queryset.filter(id=int(self.request.GET['id']))
+        elif 'id' in self.request.POST and self.request.POST['id']:
+            queryset = queryset.filter(id=int(self.request.POST['id']))
+        else:
+            raise AttributeError("Generic detail view %s must be called with id. "
+                                 % self.__class__.__name__)
+        try:
+            obj = queryset.get()
+        except queryset.model.DoesNotExist:
+            raise Http404("No %(verbose_name)s found matching the query" %
+                          {'verbose_name': queryset.model._meta.verbose_name})
+        return obj
+
+
+class SandboxEditViewMixin:
 
     def post(self, request, *args, **kwargs):
         res = dict(result=False)
@@ -19,3 +51,17 @@ class SimpleInfoCreateView(LoginRequiredMixin, CreateView):
             form.save()
             res['result'] = True
         return HttpResponse(json.dumps(res), content_type='application/json')
+
+
+class SandboxCreateView(LoginRequiredMixin, SandboxEditViewMixin, CreateView):
+    """"
+    View for create an object, with a response rendered by a template.
+    Returns information with Json when the data is created successfully or fails.
+    """
+
+
+class SandboxUpdateView(LoginRequiredMixin, SandboxEditViewMixin, SandboxGetObjectMixin, UpdateView):
+    """View for updating an object, with a response rendered by a template."""
+    def post(self, request, *args, **kwargs):
+        self.object = self.get_object()
+        return super().post(request, *args, **kwargs)
diff --git a/apps/system/__pycache__/forms.cpython-36.pyc b/apps/system/__pycache__/forms.cpython-36.pyc
index 56b28e7..86c7ea0 100644
Binary files a/apps/system/__pycache__/forms.cpython-36.pyc and b/apps/system/__pycache__/forms.cpython-36.pyc differ
diff --git a/apps/system/__pycache__/middleware.cpython-36.pyc b/apps/system/__pycache__/middleware.cpython-36.pyc
new file mode 100644
index 0000000..33eb240
Binary files /dev/null and b/apps/system/__pycache__/middleware.cpython-36.pyc differ
diff --git a/apps/system/__pycache__/models.cpython-36.pyc b/apps/system/__pycache__/models.cpython-36.pyc
index 5f4dd80..3a07064 100644
Binary files a/apps/system/__pycache__/models.cpython-36.pyc and b/apps/system/__pycache__/models.cpython-36.pyc differ
diff --git a/apps/system/__pycache__/urls.cpython-36.pyc b/apps/system/__pycache__/urls.cpython-36.pyc
index 6bf5a5c..f15392e 100644
Binary files a/apps/system/__pycache__/urls.cpython-36.pyc and b/apps/system/__pycache__/urls.cpython-36.pyc differ
diff --git a/apps/system/__pycache__/views.cpython-36.pyc b/apps/system/__pycache__/views.cpython-36.pyc
index 15a6daa..f3fd174 100644
Binary files a/apps/system/__pycache__/views.cpython-36.pyc and b/apps/system/__pycache__/views.cpython-36.pyc differ
diff --git a/apps/system/__pycache__/views_menu.cpython-36.pyc b/apps/system/__pycache__/views_menu.cpython-36.pyc
index 11b3e31..da598de 100644
Binary files a/apps/system/__pycache__/views_menu.cpython-36.pyc and b/apps/system/__pycache__/views_menu.cpython-36.pyc differ
diff --git a/apps/system/__pycache__/views_role.cpython-36.pyc b/apps/system/__pycache__/views_role.cpython-36.pyc
new file mode 100644
index 0000000..905c786
Binary files /dev/null and b/apps/system/__pycache__/views_role.cpython-36.pyc differ
diff --git a/apps/system/__pycache__/views_structure.cpython-36.pyc b/apps/system/__pycache__/views_structure.cpython-36.pyc
index 2b4d80b..352da33 100644
Binary files a/apps/system/__pycache__/views_structure.cpython-36.pyc and b/apps/system/__pycache__/views_structure.cpython-36.pyc differ
diff --git a/apps/system/__pycache__/views_user.cpython-36.pyc b/apps/system/__pycache__/views_user.cpython-36.pyc
index 4f7f5e7..3603868 100644
Binary files a/apps/system/__pycache__/views_user.cpython-36.pyc and b/apps/system/__pycache__/views_user.cpython-36.pyc differ
diff --git a/apps/system/middleware.py b/apps/system/middleware.py
new file mode 100644
index 0000000..7e3ec37
--- /dev/null
+++ b/apps/system/middleware.py
@@ -0,0 +1,100 @@
+import re
+
+from django.utils.deprecation import MiddlewareMixin
+from django.conf import settings
+from django.shortcuts import render
+
+
+class MenuCollection(MiddlewareMixin):
+
+    def get_user(self, request):
+        return request.user
+
+    def get_menu_from_role(self, request, user=None):
+        if user is None:
+            user = self.get_user(request)
+        try:
+            menus = user.roles.values(
+                'permissions__id',
+                'permissions__name',
+                'permissions__url',
+                'permissions__icon',
+                'permissions__code',
+                'permissions__parent'
+            ).distinct()
+            return [menu for menu in menus if menu['permissions__id'] is not None]
+        except AttributeError:
+            return None
+
+    def get_permission_url(self, request):
+        role_menus = self.get_menu_from_role(request)
+        if role_menus is not None:
+            permission_url_list = [menu['permissions__url'] for menu in role_menus]
+            return permission_url_list
+
+    def get_permission_menu(self, request):
+        permission_menu_list = []
+        role_menus = self.get_menu_from_role(request)
+        if role_menus is not None:
+            for item in role_menus:
+                menu = {
+                    'id': item['permissions__id'],
+                    'name': item['permissions__name'],
+                    'url': item['permissions__url'],
+                    'icon': item['permissions__icon'],
+                    'code': item['permissions__code'],
+                    'parent': item['permissions__parent'],
+                    'status': False,
+                    'sub_menu': [],
+                }
+                permission_menu_list.append(menu)
+            return permission_menu_list
+
+    def get_top_reveal_menu(self, request):
+        top_menu = []
+        permission_menu_dict = {}
+        request_url = request.path_info
+        permission_menu_list = self.get_permission_menu(request)
+        if permission_menu_list is not None:
+            for menu in permission_menu_list:
+
+                url = menu['url']
+                if url and re.match(url, request_url):
+                    menu['status'] = True
+                if menu['parent'] is None:
+                    top_menu.insert(0, menu)
+                permission_menu_dict[menu['id']] = menu
+
+            menu_data = []
+            for i in permission_menu_dict:
+                if permission_menu_dict[i]['parent']:
+                    pid = permission_menu_dict[i]['parent']
+                    parent_menu = permission_menu_dict[pid]
+                    parent_menu['sub_menu'].append(permission_menu_dict[i])
+                else:
+                    menu_data.append(permission_menu_dict[i])
+            if [menu['sub_menu'] for menu in menu_data if menu['url'] in request_url]:
+                reveal_menu = [menu['sub_menu'] for menu in menu_data if menu['url'] in request_url][0]
+            else:
+                reveal_menu = None
+            return top_menu, reveal_menu
+
+    def process_request(self, request):
+        if self.get_top_reveal_menu(request):
+            request.top_menu, request.reveal_menu = self.get_top_reveal_menu(request)
+            request.permission_url_list = self.get_permission_url(request)
+
+
+class RbacMiddleware(MiddlewareMixin):
+
+    def process_request(self, request):
+        if hasattr(request, 'permission_url_list'):
+            request_url = request.path_info
+            permission_url = request.permission_url_list
+            for url in settings.SAFE_URL:
+                if re.match(url, request_url):
+                    return None
+            if request_url in permission_url:
+                return None
+            else:
+                return render(request, 'page404.html')
\ No newline at end of file
diff --git a/apps/system/migrations/0002_auto_20181115_2124.py b/apps/system/migrations/0002_auto_20181115_2124.py
new file mode 100644
index 0000000..acec7fa
--- /dev/null
+++ b/apps/system/migrations/0002_auto_20181115_2124.py
@@ -0,0 +1,22 @@
+# Generated by Django 2.1.2 on 2018-11-15 21:24
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('system', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='menu',
+            options={'ordering': ['number'], 'verbose_name': '菜单', 'verbose_name_plural': '菜单'},
+        ),
+        migrations.AddField(
+            model_name='menu',
+            name='number',
+            field=models.FloatField(blank=True, null=True, verbose_name='编号'),
+        ),
+    ]
diff --git a/apps/system/migrations/__pycache__/0002_auto_20181115_2124.cpython-36.pyc b/apps/system/migrations/__pycache__/0002_auto_20181115_2124.cpython-36.pyc
new file mode 100644
index 0000000..2f6d4f7
Binary files /dev/null and b/apps/system/migrations/__pycache__/0002_auto_20181115_2124.cpython-36.pyc differ
diff --git a/apps/system/models.py b/apps/system/models.py
index 74d1d67..9522c78 100644
--- a/apps/system/models.py
+++ b/apps/system/models.py
@@ -11,6 +11,7 @@ class Menu(models.Model):
     icon = models.CharField(max_length=50, null=True, blank=True, verbose_name="图标")
     code = models.CharField(max_length=50, null=True, blank=True, verbose_name="编码")
     url = models.CharField(max_length=128, unique=True, null=True, blank=True)
+    number = models.FloatField(null=True, blank=True, verbose_name="编号")
 
     def __str__(self):
         return self.name
@@ -18,10 +19,14 @@ class Menu(models.Model):
     class Meta:
         verbose_name = '菜单'
         verbose_name_plural = verbose_name
+        ordering = ['number']
 
     @classmethod
     def get_menu_by_request_url(cls, url):
-        return dict(menu=Menu.objects.get(url=url))
+        try:
+            return dict(menu=Menu.objects.get(url=url))
+        except:
+            None
 
 
 class Role(models.Model):
diff --git a/apps/system/urls.py b/apps/system/urls.py
index 47bfdb2..e7d858f 100644
--- a/apps/system/urls.py
+++ b/apps/system/urls.py
@@ -1,7 +1,7 @@
-from django.urls import path, re_path
+from django.urls import path
 
 from .views import SystemView
-from . import views_structure, views_user, views_menu
+from . import views_structure, views_user, views_menu, views_role
 
 app_name = 'system'
 
@@ -23,5 +23,16 @@ urlpatterns = [
     path('basic/user/enable/', views_user.UserEnableView.as_view(), name='basic-user-enable'),
     path('basic/user/disable/', views_user.UserDisableView.as_view(), name='basic-user-disable'),
 
+    path('rbac/menu/', views_menu.MenuListView.as_view(), name='rbac-menu'),
     path('rbac/menu/create/', views_menu.MenuCreateView.as_view(), name='rbac-menu-create'),
+    path('rbac/menu/update/', views_menu.MenuUpdateView.as_view(), name='rbac-menu-update'),
+
+    path('rbac/role/', views_role.RoleView.as_view(), name='rbac-role'),
+    path('rbac/role/create/', views_role.RoleCreateView.as_view(), name='rbac-role-create'),
+    path('rbac/role/list/', views_role.RoleListView.as_view(), name='rbac-role-list'),
+    path('rbac/role/update/', views_role.RoleUpdateView.as_view(), name='rbac-role-update'),
+    path('rbac/role/delete/', views_role.RoleDeleteView.as_view(), name='rbac-role-delete'),
+    path('rbac/role/role2user/', views_role.Role2UserView.as_view(), name="rbac-role-role2user"),
+    path('rbac/role/role2menu/', views_role.Role2MenuView.as_view(), name="rbac-role-role2menu"),
+    path('rbac/role/role2menu_list/', views_role.Role2MenuListView.as_view(), name="rbac-role-role2menu_list"),
 ]
diff --git a/apps/system/views.py b/apps/system/views.py
index a2c097f..0ef5235 100644
--- a/apps/system/views.py
+++ b/apps/system/views.py
@@ -1,11 +1,10 @@
-from django.shortcuts import render
-from django.views.generic.base import View
+from django.views.generic import TemplateView
 
 from .mixin import LoginRequiredMixin
+from custom import BreadcrumbMixin
 
 
-class SystemView(LoginRequiredMixin, View):
+class SystemView(LoginRequiredMixin, BreadcrumbMixin, TemplateView):
 
-    def get(self, request):
-        return render(request, 'system/system_index.html')
+    template_name = 'system/system_index.html'
 
diff --git a/apps/system/views_menu.py b/apps/system/views_menu.py
index f522b10..2857516 100644
--- a/apps/system/views_menu.py
+++ b/apps/system/views_menu.py
@@ -1,17 +1,29 @@
-# @Time   : 2018/11/9 12:24
-# @Author : RobbieHan
-# @File   : views.menu.py
+from django.views.generic import ListView
 
-from apps.custom import SimpleInfoCreateView
+from .mixin import LoginRequiredMixin
+from apps.custom import SandboxCreateView, SandboxUpdateView, BreadcrumbMixin
 from .models import Menu
 
 
-class MenuCreateView(SimpleInfoCreateView):
+class MenuCreateView(SandboxCreateView):
     model = Menu
     fields = '__all__'
-    extra_context = dict(menu_all=Menu.objects.all())
+
+    def get_context_data(self, **kwargs):
+        kwargs['menu_all'] = Menu.objects.all()
+        return super().get_context_data(**kwargs)
 
 
+class MenuListView(LoginRequiredMixin, BreadcrumbMixin, ListView):
+    model = Menu
+    context_object_name = 'menu_all'
 
 
+class MenuUpdateView(SandboxUpdateView):
+    model = Menu
+    fields = '__all__'
+    template_name_suffix = '_update'
 
+    def get_context_data(self, **kwargs):
+        kwargs['menu_all'] = Menu.objects.all()
+        return super().get_context_data(**kwargs)
diff --git a/apps/system/views_role.py b/apps/system/views_role.py
new file mode 100644
index 0000000..aecc746
--- /dev/null
+++ b/apps/system/views_role.py
@@ -0,0 +1,118 @@
+# @Time   : 2018/11/13 23:25
+# @Author : RobbieHan
+# @File   : views_role.py
+
+import json
+
+from django.views.generic.base import View
+from django.shortcuts import HttpResponse, get_object_or_404
+from django.views.generic import TemplateView
+from django.contrib.auth import get_user_model
+from django.shortcuts import render
+
+from .mixin import LoginRequiredMixin
+from .models import Role, Menu
+from custom import SandboxCreateView, SandboxUpdateView, BreadcrumbMixin
+
+User = get_user_model()
+
+
+class RoleView(LoginRequiredMixin, BreadcrumbMixin, TemplateView):
+    template_name = 'system/role.html'
+
+
+class RoleCreateView(SandboxCreateView):
+    model = Role
+    fields = '__all__'
+
+
+class RoleListView(LoginRequiredMixin, View):
+
+    def get(self, reqeust):
+        fields = ['id', 'name', 'desc']
+        ret = dict(data=list(Role.objects.values(*fields)))
+        return HttpResponse(json.dumps(ret), content_type='application/json')
+
+
+class RoleUpdateView(SandboxUpdateView):
+    model = Role
+    fields = '__all__'
+    template_name_suffix = '_update'
+
+
+class RoleDeleteView(LoginRequiredMixin, View):
+
+    def post(self, request):
+        ret = dict(result=False)
+        if 'id' in request.POST and request.POST['id']:
+            id_list = map(int, request.POST['id'].split(','))
+            Role.objects.filter(id__in=id_list).delete()
+            ret['result'] = True
+        return HttpResponse(json.dumps(ret), content_type='application/json')
+
+
+class Role2UserView(LoginRequiredMixin, View):
+    """
+    角色关联用户
+    """
+
+    def get(self, request):
+        if 'id' in request.GET and request.GET['id']:
+            role = get_object_or_404(Role, pk=int(request.GET.get('id')))
+            added_users = role.userprofile_set.all()
+            all_users = User.objects.all()
+            un_add_users = set(all_users).difference(added_users)
+            ret = dict(role=role, added_users=added_users, un_add_users=list(un_add_users))
+        return render(request, 'system/role_role2user.html', ret)
+
+    def post(self, request):
+        res = dict(result=False)
+        id_list = None
+        role = get_object_or_404(Role, pk=int(request.POST.get('id')))
+        if 'to' in request.POST and request.POST['to']:
+            id_list = map(int, request.POST.getlist('to', []))
+        role.userprofile_set.clear()
+        if id_list:
+            for user in User.objects.filter(id__in=id_list):
+                role.userprofile_set.add(user)
+        res['result'] = True
+        return HttpResponse(json.dumps(res), content_type='application/json')
+
+
+class Role2MenuView(LoginRequiredMixin, View):
+    """
+    角色绑定菜单
+    """
+    def get(self, request):
+        if 'id' in request.GET and request.GET['id']:
+            role = get_object_or_404(Role, pk=request.GET['id'])
+            ret = dict(role=role)
+            return render(request, 'system/role_role2menu.html', ret)
+
+    def post(self, request):
+        res = dict(result=False)
+        role = get_object_or_404(Role, pk=request.POST['id'])
+        tree = json.loads(self.request.POST['tree'])
+        role.permissions.clear()
+        for menu in tree:
+            if menu['checked'] is True:
+                menu_checked = get_object_or_404(Menu, pk=menu['id'])
+                role.permissions.add(menu_checked)
+        res['result'] = True
+        return HttpResponse(json.dumps(res), content_type='application/json')
+
+
+class Role2MenuListView(LoginRequiredMixin, View):
+    """
+    获取zTree菜单列表
+    """
+    def get(self, request):
+        fields = ['id', 'name', 'parent']
+        if 'id' in request.GET and request.GET['id']:
+            role = Role.objects.get(id=request.GET.get('id'))
+            role_menus = role.permissions.values(*fields)
+            ret = dict(data=list(role_menus))
+        else:
+            menus = Menu.objects.all()
+            ret = dict(data=list(menus.values(*fields)))
+        return HttpResponse(json.dumps(ret), content_type='application/json')
\ No newline at end of file
diff --git a/apps/system/views_structure.py b/apps/system/views_structure.py
index a6f8f39..f99d5be 100644
--- a/apps/system/views_structure.py
+++ b/apps/system/views_structure.py
@@ -14,11 +14,12 @@ from django.contrib.auth import get_user_model
 from .mixin import LoginRequiredMixin
 from .models import Structure
 from .forms import StructureForm
+from apps.custom import BreadcrumbMixin
 
 User = get_user_model()
 
 
-class StructureView(LoginRequiredMixin, TemplateView):
+class StructureView(LoginRequiredMixin,  BreadcrumbMixin, TemplateView):
 
     template_name = 'system/structure/structure.html'
 
diff --git a/apps/system/views_user.py b/apps/system/views_user.py
index d575a31..2066631 100644
--- a/apps/system/views_user.py
+++ b/apps/system/views_user.py
@@ -17,6 +17,7 @@ from django.db.models import Q
 from .forms import LoginForm, UserCreateForm, UserUpdateForm, PasswordChangeForm
 from .mixin import LoginRequiredMixin
 from .models import Structure, Role
+from apps.custom import BreadcrumbMixin
 
 User = get_user_model()
 
@@ -63,7 +64,7 @@ class LogoutView(View):
         return HttpResponseRedirect(reverse('login'))
 
 
-class UserView(LoginRequiredMixin, TemplateView):
+class UserView(LoginRequiredMixin, BreadcrumbMixin, TemplateView):
     template_name = 'system/users/user.html'
 
 
diff --git a/db.sqlite3 b/db.sqlite3
index 4153a6b..537bf92 100644
Binary files a/db.sqlite3 and b/db.sqlite3 differ
diff --git a/requirements/dev b/requirements/dev
new file mode 100644
index 0000000..4643bc9
--- /dev/null
+++ b/requirements/dev
@@ -0,0 +1,2 @@
+django==2.1.2
+pillow==5.3.0
\ No newline at end of file
diff --git a/requirements/pro b/requirements/pro
new file mode 100644
index 0000000..4643bc9
--- /dev/null
+++ b/requirements/pro
@@ -0,0 +1,2 @@
+django==2.1.2
+pillow==5.3.0
\ No newline at end of file
diff --git a/sandboxMP/__pycache__/settings.cpython-36.pyc b/sandboxMP/__pycache__/settings.cpython-36.pyc
index bee31c1..cf9d0a2 100644
Binary files a/sandboxMP/__pycache__/settings.cpython-36.pyc and b/sandboxMP/__pycache__/settings.cpython-36.pyc differ
diff --git a/sandboxMP/settings.py b/sandboxMP/settings.py
index 30bcdb9..7520930 100644
--- a/sandboxMP/settings.py
+++ b/sandboxMP/settings.py
@@ -50,6 +50,8 @@ MIDDLEWARE = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'apps.system.middleware.MenuCollection',
+    'apps.system.middleware.RbacMiddleware',
 ]
 
 ROOT_URLCONF = 'sandboxMP.urls'
@@ -132,3 +134,19 @@ MEDIA_URL = '/media/'
 MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
 
 LOGIN_URL = '/login/'
+
+# safe url
+SAFE_URL = [r'^/$',
+            '/login/',
+            '/logout',
+            '/index/',
+            '/media/',
+            '/admin/',
+            '/ckeditor/',
+            ]
+
+# session timeout
+
+SESSION_COOKIE_AGE = 60 * 20
+SESSION_EXPIRE_AT_BROWSER_CLOSE = True
+SESSION_SAVE_EVERY_REQUEST = True 
\ No newline at end of file
diff --git a/templates/base-left.html b/templates/base-left.html
index 2856245..f047efa 100644
--- a/templates/base-left.html
+++ b/templates/base-left.html
@@ -21,20 +21,32 @@
       <!-- /.search form -->
 
       <!-- Sidebar Menu -->
- <ul class="sidebar-menu">
+     <ul class="sidebar-menu">
         <li class="header"></li>
         <!-- Optionally, you can add icons to the links -->
-        <li class="treeview">
-          <a href="#"><i class="fa fa-calendar"></i> <span>一级菜单</span>
-            <span class="pull-right-container">
-              <i class="fa fa-angle-left pull-right"></i>
-            </span>
-          </a>
-          <ul class="treeview-menu">
-            <li><a href="#"><i class="fa fa-caret-right"></i>二级菜单</a></li>
-            <li><a href="#"><i class="fa fa-caret-right"></i>二级菜单</a></li>
-          </ul>
-        </li>
+         {% for menu in request.reveal_menu %}
+            {% if not menu.url %}
+                <li class="treeview" id="{{ menu.code }}">
+                    <a href="">
+                        <i class="{{ menu.icon }}"></i><span>{{ menu.name }}</span>
+                        <span class="pull-right-container"><i class="fa fa-angle-left pull-right"></i>
+                        </span>
+                    </a>
+                    <ul class="treeview-menu">
+                        {% for sub in  menu.sub_menu %}
+                            <li id="{{ sub.code }}">
+                                <a href="{{ sub.url }}"><i class="fa fa-caret-right"></i>{{ sub.name }}</a>
+                            </li>
+                        {% endfor %}
+                    </ul>
+                </li>
+            {% else %}
+                <li id="{{ menu.code }}">
+                    <a href="{{ menu.url }}"><i class="{{ menu.icon }}"></i><span>{{ menu.name }}</span>
+                    </a>
+                </li>
+            {% endif %}
+        {% endfor %}
       </ul>
       <!-- /.sidebar-menu -->
     </section>
@@ -44,7 +56,14 @@
 
 <!-- Content Wrapper. Contains page content -->
 <div class="content-wrapper">
-
+    <section class="content-header margin-bottom">
+        <ol class="breadcrumb">
+            {% if menu.parent %}
+            <li class="active"><a href="{{ menu.parent.url | default:'' }}">{{ menu.parent.name }}</a></li>
+            {% endif %}
+            <li class="active"><a href="{{ menu.url }}">{{ menu.name }}</a></li>
+        </ol>
+    </section>
   {% block content %}
 
 
diff --git a/templates/head-footer.html b/templates/head-footer.html
index ac0b4de..a7c97bd 100644
--- a/templates/head-footer.html
+++ b/templates/head-footer.html
@@ -20,9 +20,13 @@
                 <span class="sr-only">Toggle navigation</span>
             </a>
             <div class="collapse navbar-collapse pull-left" id="navbar-collapse">
-                <ul class="nav navbar-nav">
-                    <li class="active" ><a href="#" id="index">头部导航</a></li>
-                </ul>
+                {% for menu in request.top_menu %}
+                    <ul class="nav navbar-nav">
+                        <li {% ifequal menu.status True %}class="active" {% endifequal %}>
+                            <a href="{{ menu.url }}" id="{{ menu.code }}">{{ menu.name | default_if_none:"" }}</a>
+                        </li>
+                    </ul>
+                {% endfor %}
             </div>
             {% if request.user.is_authenticated %}
                 <div class="navbar-custom-menu">
diff --git a/templates/system/menu_form.html b/templates/system/menu_form.html
index d681c13..57bae9b 100644
--- a/templates/system/menu_form.html
+++ b/templates/system/menu_form.html
@@ -18,9 +18,9 @@
                         <div class="col-sm-3">
                             <input class="form-control" name="name" type="text"/>
                         </div>
-                        <label class="col-sm-2 control-label">代码</label>
+                        <label class="col-sm-2 control-label">编号</label>
                         <div class="col-sm-3">
-                            <input class="form-control" name="code" type="text"/>
+                            <input class="form-control" name="number" type="text"/>
                         </div>
                     </div>
                     <div class="form-group has-feedback">
@@ -43,7 +43,12 @@
                         <div class="col-sm-8">
                             <input class="form-control" name="url" type="text" />
                         </div>
-
+                    </div>
+                    <div class="form-group has-feedback">
+                        <label class="col-sm-2 control-label">代码</label>
+                        <div class="col-sm-8">
+                            <input class="form-control" name="code" type="text"/>
+                        </div>
                     </div>
                 </fieldset>
             </div>
diff --git a/templates/system/menu_list.html b/templates/system/menu_list.html
new file mode 100644
index 0000000..c6ec2f7
--- /dev/null
+++ b/templates/system/menu_list.html
@@ -0,0 +1,164 @@
+{% extends "base-left.html" %}
+{% load staticfiles %}
+
+{% block css %}
+    <link rel="stylesheet" href="{% static 'plugins/datatables/jquery.dataTables.min.css' %}">
+    <link rel="stylesheet" href="{% static 'js/plugins/layer/skin/layer.css' %}">
+    <!-- iCheck for checkboxes and radio inputs -->
+{% endblock %}
+
+{% block content %}
+    <!-- Main content -->
+    <section class="content">
+        <div id="devlist">
+            <div class="box box-primary" id="liebiao">
+                <div class="box-header">
+                    <div class="btn-group pull-left">
+                        <button type="button" id="btnRefresh" class="btn btn-default">
+                            <i class="glyphicon glyphicon-repeat"></i>刷新
+                        </button>
+                    </div>
+                    <div class="btn-group pull-left">&nbsp</div>
+                    <div class="btn-group pull-left">
+                        <button type="button" id="btnCreate" class="btn btn-default">
+                            <i class="glyphicon glyphicon-plus"></i>新增
+                        </button>
+                    </div>
+                </div>
+                <div class="box-body">
+                    <table id="dtbList" class="display" cellspacing="0" width="100%">
+                        <thead>
+                        <tr valign="middle">
+                            <th><input type="checkbox" id="checkAll"></th>
+                            <th>ID</th>
+                            <th>名称</th>
+                            <th>代码</th>
+                            <th>URL</th>
+                            <th>图标</th>
+                            <th>父菜单</th>
+                            <th>操作</th>
+
+                        </tr>
+                        </thead>
+                        <tbody>
+                        </tbody>
+                    </table>
+                    <br> <br>
+                </div>
+            </div>
+        </div>
+    </section>
+
+    <!-- /.content -->
+
+{% endblock %}
+
+{% block javascripts %}
+    <script src="{% static 'plugins/datatables/jquery.dataTables.min.js' %}"></script>
+    <script src="{% static 'plugins/datatables/dataTables.const.js' %}"></script>
+    <script src="{% static 'js/plugins/layer/layer.js' %}"></script>
+    <!-- iCheck 1.0.1 -->
+    <script type="text/javascript">
+        $(function () {
+            $('#SYSTEM-RBAC').addClass('active');
+            $('#SYSTEM-RBAC-MENU').addClass('active');
+
+        });
+    </script>
+
+    <script type="text/javascript">
+        var oDataTable = null;
+        var data = [
+            {% for menu in menu_all %}
+            {
+                "id": "{{ menu.id }}",
+                "name": "{{ menu.name }}",
+                "code": "{{ menu.code }}",
+                "url":  "{{ menu.url | default_if_none:'' }}",
+                "icon": "{{ menu.icon | default_if_none:'' }}",
+                "parent": "{{ menu.parent.name }}"
+            },
+            {% endfor %}
+        ];
+
+        $(function () {
+            oDataTable = initTable();
+
+            function initTable() {
+                var oTable = $('#dtbList').DataTable($.extend(true, {},
+                    DATATABLES_CONSTANT.DATA_TABLES.DEFAULT_OPTION,
+                    {
+                        data: data,
+                        columns: [
+                            DATATABLES_CONSTANT.DATA_TABLES.COLUMN.CHECKBOX,
+                            {
+                                data: "id",
+                                width: "5%",
+                            },
+                            {
+                                data: "name",
+                            },
+                            {
+                                data: "code",
+                            },
+                            {
+                                data: "url",
+                            },
+                            {
+                                data: "icon",
+                            },
+                            {
+                                data: "parent",
+                            },
+                            {
+                                data: "id",
+                                bSortable: "false",
+                                render: function (data, type, row, meta) {
+                                    var ret = "";
+                                    var ret = "<button title='详情-编辑' onclick='doUpdate("
+                                        + data + ")'><i class='glyphicon glyphicon-pencil'></i></button>";
+                                    return ret;
+                                }
+                            }
+                        ],
+                    }));
+                return oTable;
+            }
+
+        });
+
+    $("#btnRefresh").click(function () {
+            window.location.reload();
+        });
+
+    $("#btnCreate").click(function () {
+        layer.open({
+            type: 2,
+            title: '新增',
+            shadeClose: false,
+            maxmin: true,
+            area: ['800px', '400px'],
+            content: "{% url 'system:rbac-menu-create' %}",
+            end: function () {
+                //关闭时做的事情
+                window.location.reload();
+            }
+        });
+    });
+
+     function doUpdate(id) {
+        layer.open({
+            type: 2,
+            title: '编辑',
+            shadeClose: false,
+            maxmin: true,
+            area: ['800px', '400px'],
+            content: ["{% url 'system:rbac-menu-update' %}" + '?id=' + id, 'no'],
+            end: function () {
+                //关闭时做的事情
+                window.location.reload();
+            }
+        });
+    }
+    </script>
+{% endblock %}
\ No newline at end of file
diff --git a/templates/system/menu_update.html b/templates/system/menu_update.html
new file mode 100644
index 0000000..f773639
--- /dev/null
+++ b/templates/system/menu_update.html
@@ -0,0 +1,107 @@
+{% extends 'base-layer.html' %}
+{% load staticfiles %}
+{% block css %}
+    <link rel="stylesheet" href="{% static 'plugins/select2/select2.min.css' %}">
+{% endblock %}
+{% block main %}
+    <div class="box box-danger">
+        <form class="form-horizontal" id="addForm" method="post">
+            {% csrf_token %}
+            <input type="hidden" name='id' value="{{ menu.id }}"/>
+            <div class="box-body">
+                <fieldset>
+                    <legend>
+                        <h4>修改菜单</h4>
+                    </legend>
+                    <div class="form-group has-feedback">
+                        <label class="col-sm-2 control-label">名称</label>
+                        <div class="col-sm-3">
+                            <input class="form-control" name="name" type="text" value="{{ menu.name }}"/>
+                        </div>
+                        <label class="col-sm-2 control-label">编号</label>
+                        <div class="col-sm-3">
+                            <input class="form-control" name="number" type="text" value="{{ menu.number }}"/>
+                        </div>
+                    </div>
+                    <div class="form-group has-feedback">
+                        <label class="col-sm-2 control-label">图标</label>
+                        <div class="col-sm-3">
+                            <input class="form-control" name="icon" type="text" value="{{ menu.icon | default:'' }}"/>
+                        </div>
+                        <label class="col-sm-2 control-label">父菜单</label>
+                        <div class="col-sm-3">
+                            <select class="form-control select2" name="parent">
+                                <option value="{{ menu.parent.id }}">{{ menu.parent.name }}</option>
+                                <option value=""> </option>
+                                {% for parent_menu in menu_all %}
+                                    <option value={{ parent_menu.id }}> {{ parent_menu.name }} </option>
+                                {% endfor %}
+                            </select>
+                        </div>
+                    </div>
+                    <div class="form-group has-feedback">
+                        <label class="col-sm-2 control-label">URL</label>
+                        <div class="col-sm-8">
+                            <input class="form-control" name="url" type="text" value="{{ menu.url | default:'' }}"/>
+                        </div>
+                    </div>
+                    <div class="form-group has-feedback">
+                        <label class="col-sm-2 control-label">代码</label>
+                        <div class="col-sm-8">
+                            <input class="form-control" name="code" type="text" value="{{ menu.code | default:'' }}"/>
+                        </div>
+                    </div>
+                </fieldset>
+            </div>
+            <div class="box-footer ">
+                <div class="row span7 text-center ">
+                    <button type="button" id="btnCancel" class="btn btn-default margin-right ">重置</button>
+                    <button type="button" id="btnSave" class="btn btn-info margin-right ">保存</button>
+                </div>
+            </div>
+
+        </form>
+    </div>
+
+{% endblock %}
+
+{% block javascripts %}
+    <script src="{% static 'plugins/select2/select2.full.min.js' %}"></script>
+    <script type="text/javascript">
+
+        $("#btnSave").click(function () {
+            var data = $("#addForm").serialize();
+            $.ajax({
+                type: $("#addForm").attr('method'),
+                url: "{% url 'system:rbac-menu-update' %}",
+                data: data,
+                cache: false,
+                success: function (msg) {
+                    if (msg.result) {
+                        layer.alert('数据保存成功！', {icon: 1}, function (index) {
+                            parent.layer.closeAll(); //关闭所有弹窗
+                        });
+                    } else {
+                        layer.alert('数据保存失败', {icon: 5});
+                        //$('errorMessage').html(msg.message)
+                    }
+                    return;
+                }
+            });
+        });
+
+
+        /*点取消刷新新页面*/
+        $("#btnCancel").click(function () {
+            window.location.reload();
+
+        });
+
+        $(function () {
+            //Initialize Select2 Elements
+            $(".select2").select2();
+        });
+
+    </script>
+
+{% endblock %}
diff --git a/templates/system/role.html b/templates/system/role.html
new file mode 100644
index 0000000..51008cf
--- /dev/null
+++ b/templates/system/role.html
@@ -0,0 +1,261 @@
+{% extends "base-left.html" %}
+{% load staticfiles %}
+
+{% block css %}
+    <link rel="stylesheet" href="{% static 'plugins/datatables/jquery.dataTables.min.css' %}">
+    <link rel="stylesheet" href="{% static 'js/plugins/layer/skin/layer.css' %}">
+{% endblock %}
+
+{% block content %}
+
+    <!-- Main content -->
+    <section class="content">
+        <div id="devlist">
+            <div class="box box-primary" id="liebiao">
+                <div class="box-header">
+                    <div class="btn-group pull-left">
+                        <button type="button" id="btnRefresh" class="btn btn-default">
+                            <i class="glyphicon glyphicon-repeat"></i>刷新
+                        </button>
+                    </div>
+                    <div class="btn-group pull-left">&nbsp</div>
+                    <div class="btn-group pull-left">
+                        <button type="button" id="btnCreate" class="btn btn-default">
+                            <i class="glyphicon glyphicon-plus"></i>新增
+                        </button>
+
+                    </div>
+                    <div class="btn-group pull-left">&nbsp</div>
+                    <div class="btn-group pull-left">
+                        <button type="button" id="btnDelete" class="btn btn-default">
+                            <i class="glyphicon glyphicon-trash"></i>删除
+                        </button>
+                    </div>
+                </div>
+                <div class="box-body">
+                    <table id="dtbList" class="display" cellspacing="0" width="100%">
+                        <thead>
+                        <tr valign="middle">
+                            <th><input type="checkbox" id="checkAll"></th>
+                            <th>ID</th>
+                            <th>名称</th>
+                            <th>说明</th>
+                            <th>操作</th>
+                        </tr>
+                        </thead>
+                        <tbody>
+                        </tbody>
+                    </table>
+                    <br> <br>
+                </div>
+            </div>
+        </div>
+    </section>
+
+    <!-- /.content -->
+
+{% endblock %}
+
+{% block javascripts %}
+    <script src="{% static 'plugins/datatables/jquery.dataTables.min.js' %}"></script>
+    <script src="{% static 'plugins/datatables/dataTables.const.js' %}"></script>
+    <script src="{% static 'js/plugins/layer/layer.js' %}"></script>
+    <script type="text/javascript">
+        $(function () {
+            $('#SYSTEM-RBAC').addClass('active');
+            $('#SYSTEM-RBAC-ROLE').addClass('active');
+
+        });
+    </script>
+<script type="text/javascript">
+ var oDataTable = null;
+    $(function () {
+        oDataTable = initTable();
+
+        function initTable() {
+            var oTable = $('#dtbList').DataTable($.extend(true, {},
+                DATATABLES_CONSTANT.DATA_TABLES.DEFAULT_OPTION,
+                {
+                    ajax: {
+                        "url": "{% url 'system:rbac-role-list' %}",
+                    },
+                    columns: [
+                        DATATABLES_CONSTANT.DATA_TABLES.COLUMN.CHECKBOX,
+                        {
+                            data: "id",
+                            width: "5%",
+                        },
+                        {
+                            data: "name",
+                            //width : "20%",
+                        },
+                        {
+                            data: "desc",
+                            //width : "20%",
+                        },
+
+                        {
+                            data: "id",
+                            width: "16%",
+                            bSortable: "false",
+                            render: function (data, type, row, meta) {
+                                var ret = "";
+                                var ret = "<button title='详情-编辑' onclick='doUpdate("
+                                    + data + ")'><i class='glyphicon glyphicon-pencil'></i></button>";
+                                ret = ret + "<button title='关联用户' onclick='doUpdateUser("
+                                    + data + ")'><i class='glyphicon glyphicon-user'></i></button>";
+                                ret = ret + "<button title='关联菜单' onclick='doUpdateMenu("
+                                    + data + ")'><i class='glyphicon glyphicon-tree-conifer'></i></button>";
+                                ret = ret + "<button title='删除' onclick='doDelete("
+                                    + data + ")'><i class='glyphicon glyphicon-trash'></i></button>";
+                                return ret;
+                            }
+                        }],
+                    }));
+                return oTable;
+            }
+
+        });
+
+    $("#btnCreate").click(function () {
+        layer.open({
+            type: 2,
+            title: '新增',
+            shadeClose: false,
+            maxmin: true,
+            area: ['800px', '300px'],
+            content: "{% url 'system:rbac-role-create' %}",
+            end: function () {
+                //关闭时做的事情
+                oDataTable.ajax.reload();
+            }
+        });
+    });
+
+    $("#btnRefresh").click(function () {
+        oDataTable.ajax.reload();
+    });
+
+    function doUpdate(id) {
+    layer.open({
+        type: 2,
+        title: '编辑',
+        shadeClose: false,
+        maxmin: true,
+        area: ['800px', '400px'],
+        content: ["{% url 'system:rbac-role-update' %}" + '?id=' + id, 'no'],
+        end: function () {
+            oDataTable.ajax.reload();
+        }
+    });
+    }
+
+    //checkbox全选
+    $("#checkAll").on("click", function () {
+        if ($(this).prop("checked") === true) {
+            $("input[name='checkList']").prop("checked", $(this).prop("checked"));
+            $('#example tbody tr').addClass('selected');
+        } else {
+            $("input[name='checkList']").prop("checked", false);
+            $('#example tbody tr').removeClass('selected');
+        }
+    });
+
+    //批量删除
+    $("#btnDelete").click(function () {
+        if ($("input[name='checkList']:checked").length == 0) {
+            layer.msg("请选择要删除的记录");
+            return;
+        }
+
+        var arrId = new Array();
+        $("input[name='checkList']:checked").each(function () {
+            //alert($(this).val());
+            arrId.push($(this).val());
+        });
+
+        sId = arrId.join(',');
+
+        layer.alert('确定删除吗？', {
+            title: '提示'
+            , icon: 3 //0:感叹号 1：对号 2：差号 3：问号 4：小锁 5：哭脸 6：笑脸
+            , time: 0 //不自动关闭
+            , btn: ['YES', 'NO']
+            , yes: function (index) {
+                layer.close(index);
+                $.ajax({
+                    type: "POST",
+                    url: "{% url 'system:rbac-role-delete' %}",
+                    data: {"id": sId, csrfmiddlewaretoken: '{{ csrf_token }}'},
+                    cache: false,
+                    success: function (msg) {
+                        if (msg.result) {
+                            layer.alert("操作成功", {icon: 1});
+                            oDataTable.ajax.reload();
+                        } else {
+                            //alert(msg.message);
+                            layer.alert("操作失败", {icon: 2});
+                        }
+                        return;
+                    }
+                });
+            }
+        });
+    });
+
+    //删除单个数据
+    function doDelete(id) {
+        layer.alert('确定删除吗？', {
+            title: '提示'
+            , icon: 3 //0:感叹号 1：对号 2：差号 3：问号 4：小锁 5：哭脸 6：笑脸
+            , time: 0 //不自动关闭
+            , btn: ['YES', 'NO']
+            , yes: function (index) {
+                layer.close(index);
+                $.ajax({
+                    type: "POST",
+                    url: "{% url 'system:rbac-role-delete' %}",
+                    data: {"id": id, csrfmiddlewaretoken: '{{ csrf_token }}'},
+                    cache: false,
+                    success: function (msg) {
+                        if (msg.result) {
+                            layer.alert('删除成功', {icon: 1});
+                            oDataTable.ajax.reload();
+                        } else {
+                            //alert(msg.message);
+                            layer.alert('删除失败', {icon: 2});
+                        }
+                        return;
+                    }
+                });
+            }
+        });
+    }
+
+    //关联用户
+    function doUpdateUser(id) {
+        layer.open({
+            type: 2,
+            title: '绑定用户',
+            shadeClose: false,
+            maxmin: true,
+            area: ['800px', '600px'],
+            content: ["{% url 'system:rbac-role-role2user' %}" + '?id=' + id, 'no'],
+        });
+    }
+
+    //关联菜单
+    function doUpdateMenu(id) {
+        layer.open({
+            type: 2,
+            title: '权限分配',
+            shadeClose: false,
+            maxmin: true,
+            area: ['600px', '480px'],
+            content: ["{% url 'system:rbac-role-role2menu' %}" + '?id=' + id, 'no'],
+
+    });
+    }
+</script>
+
+{% endblock %}
\ No newline at end of file
diff --git a/templates/system/role_form.html b/templates/system/role_form.html
new file mode 100644
index 0000000..81b9f40
--- /dev/null
+++ b/templates/system/role_form.html
@@ -0,0 +1,80 @@
+{% extends 'base-layer.html' %}
+{% load staticfiles %}
+
+{% block main %}
+    <div class="box box-danger">
+        <form class="form-horizontal" id="addForm" method="post">
+            {% csrf_token %}
+            <div class="box-body">
+                <fieldset>
+                    <legend>
+                        <h4>新建角色</h4>
+                    </legend>
+                    <div class="form-group has-feedback">
+                        <label class="col-sm-2 control-label">名称</label>
+                        <div class="col-sm-8">
+                            <input class="form-control" name="name" type="text" />
+                        </div>
+                    </div>
+                    <div class="form-group has-feedback">
+                        <label class="col-sm-2 control-label">描述</label>
+                        <div class="col-sm-8">
+                            <input class="form-control" name="desc" type="text" />
+                        </div>
+                    </div>
+                </fieldset>
+
+            </div>
+            <div class="box-footer ">
+                <div class="row span7 text-center ">
+                    <button type="button" id="btnCancel" class="btn btn-default margin-right ">重置</button>
+                    <button type="button" id="btnSave" class="btn btn-info margin-right ">保存</button>
+                </div>
+            </div>
+
+        </form>
+    </div>
+
+{% endblock %}
+
+{% block javascripts %}
+    <script src="{% static 'plugins/combo-select/jquery.combo.select.js' %}"></script>
+    <script src="{% static 'bootstrap/js/bootstrap-datetimepicker.js' %}"></script>
+    <script type="text/javascript">
+
+        $("#btnSave").click(function () {
+            var data = $("#addForm").serialize();
+            $.ajax({
+                type: $("#addForm").attr('method'),
+                url: "{% url 'system:rbac-role-create' %}",
+                data: data,
+                cache: false,
+                success: function (msg) {
+                    if (msg.result) {
+                        layer.alert('数据保存成功！', {icon: 1}, function (index) {
+                            parent.layer.closeAll(); //关闭所有弹窗
+                        });
+                    } else {
+                        layer.alert('数据保存失败', {icon: 5});
+                        //$('errorMessage').html(msg.message)
+                    }
+                    return;
+                }
+            });
+        });
+
+
+        /*点取消刷新新页面*/
+        $("#btnCancel").click(function () {
+            window.location.reload();
+
+        });
+
+        /*select 支持输入检索*/
+        $(function () {
+            $('select').comboSelect();
+        });
+
+    </script>
+
+{% endblock %}
\ No newline at end of file
diff --git a/templates/system/role_role2menu.html b/templates/system/role_role2menu.html
new file mode 100644
index 0000000..10b0ef1
--- /dev/null
+++ b/templates/system/role_role2menu.html
@@ -0,0 +1,179 @@
+{% extends "base-layer.html" %} {% load static %}
+
+{% block css %}
+    <link rel="stylesheet" href="{% static 'plugins/zTree/css/metroStyle/metroStyle.css' %}" type="text/css">
+    <link rel="stylesheet" href="{% static 'plugins/zTree/css/zTreeStyle/zTreeStyle.css' %}" type="text/css">
+    <link rel="stylesheet" href="{% static 'plugins/zTree/css/demo.css' %}" type="text/css">
+{% endblock %}
+{% block main %}
+
+    <style type="text/css">
+        .ztree li span.button.switch.level0 {
+            visibility: hidden;
+            width: 1px;
+        }
+
+        .ztree li ul.level0 {
+            padding: 0;
+            background: none;
+        }
+
+
+    </style>
+    <div class="box box-danger">
+        <div class="box-body">
+            <form class="form-horizontal" id="addTreeForm" action="" method="post">
+                {% csrf_token %}
+                <!-- 注释1：页面实例是由Role2MenuView视图返回的，同时传递了上下文role,这里使用role.id时用来提交POST请求时向后台传递的id-->
+                <input type="hidden" name='id' value="{{ role.id }}"/>
+                <input type="hidden" name="tree" id="tree" value=""/>
+                <div class="box-body">
+                    <div class="row">
+                        <div class="col-xs-5">
+                            <div class="row span7 text-center ">
+                                <label class="control-label"><h5>所有菜单</h5></label>
+
+                            </div>
+                            <div style="zTreeDemoBackground:left">
+                                <ul id="left_tree" class="ztree"></ul>
+                            </div>
+                        </div>
+                        <div class="col-xs-2">
+                            <br><br><br><br><br><br>
+                            <div class="text-center">
+                                <button type="button" id="btnSave" class="btn btn-info margin-right ">生成</button>
+                            </div>
+                            <div class="text-center text-gray margin-top-5">{{ role.name }}权限</div>
+
+                        </div>
+                        <div class="col-xs-5">
+                            <div class="row span7 text-center">
+                                <label class="control-label"><h5>已选菜单</h5></label>
+                            </div>
+                            <ul id="right_tree" class="ztree"></ul>
+                        </div>
+                    </div>
+                </div>
+            </form>
+        </div>
+    </div>
+{% endblock %}
+
+{% block javascripts %}
+    <script type="text/javascript" src="{% static 'plugins/zTree/js/jquery.ztree.core.js' %}"></script>
+    <script type="text/javascript" src="{% static 'plugins/zTree/js/jquery.ztree.excheck.js' %}"></script>
+    <script type="text/javascript">
+        $(document).ready(function () {
+            var zTree;
+            var demoIframe;
+
+            var left_tree_setting = {
+                view: {
+                    dblClickExpand: false,
+                    showLine: true,
+                    selectedMulti: true
+                },
+                check: {
+                    enable: true,
+                    //chkboxType : { "Y" : "", "N" : "" }
+                },
+                data: {
+                    key: {
+                        name: "name",
+                        //title:"title",
+                    },
+                    simpleData: {
+                        enable: true,
+                        idKey: "id",
+                        pIdKey: "parent",
+                        rootPId: ""
+                    },
+                }
+            };
+
+            var right_tree_setting = {
+                view: {
+                    dblClickExpand: false,
+                    showLine: true,
+                    selectedMulti: true
+                },
+                check: {
+                    enable: false,
+                    //chkboxType : { "Y" : "", "N" : "" }
+                },
+                data: {
+                    key: {
+                        name: "name",
+                        //title:"title",
+                    },
+                    simpleData: {
+                        enable: true,
+                        idKey: "id",
+                        pIdKey: "parent",
+                        rootPId: ""
+                    },
+                }
+            };
+
+            $.ajax({
+                type: "GET",
+                url: "{% url 'system:rbac-role-role2menu_list' %}",
+                cache: false,
+                success: function (msg) {
+                    layer.close();
+                    var t = $("#left_tree");
+                    t = $.fn.zTree.init(t, left_tree_setting, msg.data);
+                    var treeObj = $.fn.zTree.getZTreeObj("left_tree");
+                    treeObj.expandAll(true);
+                    return;
+                }
+            });
+
+            $.ajax({
+                type: "GET",
+                url: "{% url 'system:rbac-role-role2menu_list' %}",
+                data: {"id":{{role.id}}},
+                cache: false,
+                success: function (msg) {
+                    layer.close();
+                    var t = $("#right_tree");
+                    t = $.fn.zTree.init(t, right_tree_setting, msg.data);
+                    var treeObj = $.fn.zTree.getZTreeObj("right_tree");
+                    treeObj.expandAll(true);
+                    return;
+                }
+            });
+
+            $("#btnSave").click(function () {
+                var treeObj = $.fn.zTree.getZTreeObj("left_tree");
+                var nodes = treeObj.getCheckedNodes(true);
+                $("#tree").val(JSON.stringify(nodes));
+                var data = $("#addTreeForm").serialize();
+                $.ajax({
+                    type: $("#addTreeForm").attr('method'),
+                    url: "{% url 'system:rbac-role-role2menu' %}",
+                    data: data,
+                    cache: false,
+                    beforeSend: function () {
+                        this.layerIndex = layer.load(1, {
+                            shade: [0.1, '#fff']
+                        });
+                    },
+                    success: function (msg) {
+                        if (msg.result) {
+                            layer.alert('操作成功', {icon: 1}, function (index) {
+                                parent.layer.closeAll();
+                            });
+                        } else {
+                            //alert(msg.message);
+                            layer.alert('操作失败', {icon: 2});
+                        }
+                        return;
+                    }
+                });
+            });
+        });
+
+
+    </script>
+{% endblock %}
\ No newline at end of file
diff --git a/templates/system/role_role2user.html b/templates/system/role_role2user.html
new file mode 100644
index 0000000..332f7e9
--- /dev/null
+++ b/templates/system/role_role2user.html
@@ -0,0 +1,105 @@
+{% extends 'base-layer.html' %}
+{% load staticfiles %}
+
+{% block css %}
+    <link rel="stylesheet" href="{% static 'plugins/select2/select2.min.css' %}">
+{% endblock %}
+{% block main %}
+    <div class="box box-danger">
+        <form class="form-horizontal" id="selectUsersForm" action="" method="post">
+            {% csrf_token %}
+            <input type="hidden" name='id' value="{{ role.id }}"/>
+            <div class="box-body">
+                <div class="row">
+                    <div class="col-xs-5">
+                        <label class="control-label">可选用户:</label>
+                        <select name="from" id="multiselect" class="form-control" size="18" multiple="multiple">
+                            {% for item in un_add_users %}
+                                <option value="{{ item.id }}">{{ item.name }}({{ item.username }})</option>
+                            {% endfor %}
+                        </select>
+                    </div>
+                    <div class="col-xs-2">
+                        <br><br><br><br><br><br>
+                        <button type="button" id="multiselect_rightAll" class="btn btn-block"><i
+                                class="glyphicon glyphicon-forward"></i></button>
+                        <button type="button" id="multiselect_rightSelected" class="btn btn-block"><i
+                                class="glyphicon glyphicon-chevron-right"></i></button>
+                        <button type="button" id="multiselect_leftSelected" class="btn btn-block"><i
+                                class="glyphicon glyphicon-chevron-left"></i></button>
+                        <button type="button" id="multiselect_leftAll" class="btn btn-block"><i
+                                class="glyphicon glyphicon-backward"></i></button>
+                    </div>
+                    <div class="col-xs-5">
+                        <label class="control-label">{{ role.name }}-已绑定用户:</label>
+                        <select name="to" id="multiselect_to" class="form-control" size="18" multiple="multiple">
+                            {% for item in added_users %}
+                                <option value="{{ item.id }}">{{ item.name }}({{ item.username }})</option>
+                            {% endfor %}
+                        </select>
+                    </div>
+                </div>
+                <div class="row">
+                    <div class="col-xs-12 margin-top-5">
+                        <p class="text-maroon">*注意：一个用户可以添加到多个角色中,继承多个角色的权限</p>
+                    </div>
+                </div>
+            </div>
+            <div class="box-footer ">
+                <div class="row span7 text-center ">
+                    <button type="button" id="btnCancel" class="btn btn-default margin-right ">重置</button>
+                    <button type="button" id="btnSave" class="btn btn-info margin-right ">保存</button>
+                </div>
+            </div>
+        </form>
+    </div>
+{% endblock %}
+
+{% block javascripts %}
+    <script src="{% static 'plugins/select/multiselect.min.js' %}"></script>
+    <script type="text/javascript">
+        $(document).ready(function () {
+            //初始化多选列表
+            $('#multiselect').multiselect({
+                search: {
+                    left: '<input type="text" class="form-control" placeholder="Search..." />',
+                    right: '<input type="text" class="form-control" placeholder="Search..." />',
+                },
+                fireSearch: function (value) {
+                    return value.length > 3;
+                }
+            });
+
+
+        });
+
+        $("#btnSave").click(function () {
+            $('#multiselect_to option').prop('selected', true);
+            var data = $("#selectUsersForm").serialize();
+            console.log(data);
+            $.ajax({
+                type: $("#selectUsersForm").attr('method'),
+                url: "{% url 'system:rbac-role-role2user' %}",
+                data: data,
+                cache: false,
+                success: function (msg) {
+                    if (msg.result) {
+                        layer.alert('操作成功！', {icon: 1}, function (index) {
+                            parent.layer.closeAll();
+                        });
+                    } else {
+                        //alert(msg.message);
+                        layer.alert('操作失败', {icon: 2});
+                    }
+                    return;
+                }
+            });
+        });
+
+        /*点取消刷新新页面*/
+        $("#btnCancel").click(function () {
+            window.location.reload();
+
+        });
+    </script>
+{% endblock %}
diff --git a/templates/system/role_update.html b/templates/system/role_update.html
new file mode 100644
index 0000000..1ad33ff
--- /dev/null
+++ b/templates/system/role_update.html
@@ -0,0 +1,81 @@
+{% extends 'base-layer.html' %}
+{% load staticfiles %}
+
+{% block main %}
+    <div class="box box-danger">
+        <form class="form-horizontal" id="addForm" method="post">
+            {% csrf_token %}
+            <input type="hidden" name='id' value="{{ role.id }}"/>
+            <div class="box-body">
+                <fieldset>
+                    <legend>
+                        <h4>修改角色</h4>
+                    </legend>
+                    <div class="form-group has-feedback">
+                        <label class="col-sm-2 control-label">名称</label>
+                        <div class="col-sm-8">
+                            <input class="form-control" name="name" type="text" value="{{ role.name }}"/>
+                        </div>
+                    </div>
+                    <div class="form-group has-feedback">
+                        <label class="col-sm-2 control-label">描述</label>
+                        <div class="col-sm-8">
+                            <input class="form-control" name="desc" type="text" value="{{ role.desc }}"/>
+                        </div>
+                    </div>
+                </fieldset>
+
+            </div>
+            <div class="box-footer ">
+                <div class="row span7 text-center ">
+                    <button type="button" id="btnCancel" class="btn btn-default margin-right ">重置</button>
+                    <button type="button" id="btnSave" class="btn btn-info margin-right ">保存</button>
+                </div>
+            </div>
+
+        </form>
+    </div>
+
+{% endblock %}
+
+{% block javascripts %}
+    <script src="{% static 'plugins/combo-select/jquery.combo.select.js' %}"></script>
+    <script src="{% static 'bootstrap/js/bootstrap-datetimepicker.js' %}"></script>
+    <script type="text/javascript">
+
+        $("#btnSave").click(function () {
+            var data = $("#addForm").serialize();
+            $.ajax({
+                type: $("#addForm").attr('method'),
+                url: "{% url 'system:rbac-role-update' %}",
+                data: data,
+                cache: false,
+                success: function (msg) {
+                    if (msg.result) {
+                        layer.alert('数据保存成功！', {icon: 1}, function (index) {
+                            parent.layer.closeAll(); //关闭所有弹窗
+                        });
+                    } else {
+                        layer.alert('数据保存失败', {icon: 5});
+                        //$('errorMessage').html(msg.message)
+                    }
+                    return;
+                }
+            });
+        });
+
+
+        /*点取消刷新新页面*/
+        $("#btnCancel").click(function () {
+            window.location.reload();
+
+        });
+
+        /*select 支持输入检索*/
+        $(function () {
+            $('select').comboSelect();
+        });
+
+    </script>
+
+{% endblock %}
\ No newline at end of file
diff --git a/templates/system/structure/structure.html b/templates/system/structure/structure.html
index 155bacd..c595a1f 100644
--- a/templates/system/structure/structure.html
+++ b/templates/system/structure/structure.html
@@ -57,6 +57,13 @@
 <script src="{% static 'plugins/datatables/dataTables.const.js' %}"></script>
 <script src="{% static 'js/plugins/layer/layer.js' %}"></script>
 
+<script type="text/javascript">
+    $(function () {
+        $('#SYSTEM-BASIC').addClass('active');
+        $('#SYSTEM-BASIC-STRUCTURE').addClass('active');
+
+    });
+</script>
 <script type="text/javascript">
     var oDataTable = null;
     $(function () {
diff --git a/templates/system/system_index.html b/templates/system/system_index.html
index 7120b27..5147279 100644
--- a/templates/system/system_index.html
+++ b/templates/system/system_index.html
@@ -4,14 +4,87 @@
 
 {% block content %}
 
+    <div class="pad margin no-print">
+        <div class="callout callout-info" style="margin-bottom: 0!important;">
+            <h4><i class="fa  fa-info-circle"></i>系统管理:</h4>
+            系统管理模块包含：系统权限管理和系统设置，系统权限管理可实现基于角色组的权限管理，可根据角色组权限动态生成URL导航菜单。
+        </div>
+    </div>
     <!-- Main content -->
-  <section class="content">
-    系统管理首页：system_index，content是页面定义的主要区域，
-    头部和底部内容以及导航栏都是通过模板继承的，之后的所有
-    功能前端页面都是在content内进行编辑。
-  </section>
+    <section class="invoice">
+        <div class="row">
+            <div class="col-xs-12">
+                <h2 class="page-header">
+                    <i class="fa fa-github"></i> RBAC权限管理历史版本
+                </h2>
+            </div>
+            <!-- /.col -->
+        </div>
+        <div class="row">
 
+            <div class="col-xs-12 table-responsive">
+          <table class="table table-striped">
+            <thead>
+            <tr>
+              <th>编号</th>
+              <th>TAG</th>
+              <th>发布日期</th>
+              <th>TAG地址</th>
+              <th>Commit</th>
+            </tr>
+            </thead>
+            <tbody>
+            <tr>
+              <td>1</td>
+              <td>v1.19</td>
+              <td>2018-11-16</td>
+              <td>https://github.com/RobbieHan/sandboxMP/tree/v1.19</td>
+              <td>system config</td>
+            </tr>
+            <tr>
+              <td>2</td>
+              <td>v1.18</td>
+              <td>2018-11-16</td>
+              <td>https://github.com/RobbieHan/sandboxMP/tree/v1.18</td>
+              <td>rbac config</td>
+            </tr>
+            <tr>
+              <td>3</td>
+              <td>v1.17</td>
+              <td>2018-11-14</td>
+              <td>https://github.com/RobbieHan/sandboxMP/tree/v1.17</td>
+              <td>role2menu</td>
+            </tr>
+            <tr>
+              <td>4</td>
+              <td>v1.16</td>
+              <td>2018-11-14</td>
+              <td>https://github.com/RobbieHan/sandboxMP/tree/v1.17</td>
+              <td>role2user</td>
+            </tr>
+            </tbody>
+          </table>
+        </div>
+        <!-- /.col -->
+        </div>
+      <!-- /.row -->
+        <div class="row">
+            <!-- accepted payments column -->
+            <div class="col-xs-12">
+              <p class="lead">其他信息：</p>
+
+              <p class="text-muted well well-sm no-shadow" style="margin-top: 10px;">
+                <strong>权限管理开发文档获取地址（知识星球）：</strong> https://t.zsxq.com/a6IqBMr (微信中打开链接)<br>
+                <strong>知识星球快捷入口：</strong>微信公众号搜索[知识星球]，关注后发送52824366，获取星球连接。<br>
+                <strong>知乎专栏SandBox：</strong>https://zhuanlan.zhihu.com/sandbox <br>
+                <strong>轻量级办公管理系统项目开源地址：</strong>https://github.com/RobbieHan/gistandard <br>
+              </p>
+            </div>
+            <!-- /.col -->
+        </div>
+    </section>
     <!-- /.content -->
+    <div class="clearfix"></div>
 
 {% endblock %}
 
diff --git a/templates/system/users/user.html b/templates/system/users/user.html
index 93176a6..a130ea3 100644
--- a/templates/system/users/user.html
+++ b/templates/system/users/user.html
@@ -88,6 +88,14 @@
 <script src="{% static 'plugins/datatables/dataTables.const.js' %}"></script>
 <script src="{% static 'js/plugins/layer/layer.js' %}"></script>
 
+<script type="text/javascript">
+    $(function () {
+        $('#SYSTEM-BASIC').addClass('active');
+        $('#SYSTEM-BASIC-USER').addClass('active');
+
+    });
+</script>
+
 <script type="text/javascript">
     var oDataTable = null;
     $(function () {