init

xms-core/.gitignore

@@ -0,0 +1,38 @@
+HELP.md
+.gradle
+build/
+!gradle/wrapper/gradle-wrapper.jar
+!**/src/main/**
+!**/src/test/**
+logs/**
+.logs/**
+.sync/**
+/.logs/
+/.sync/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+out/
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+**/dist/
+
+### VS Code ###
+.vscode/

xms-core/README.md

@@ -0,0 +1,18 @@
+# change log
+## 2020-10-29
+文件服务、审核材料和用户头像：
+1. 增加service-file
+2. 用户注册流程增加审核材料和用户头像处理
+3. 增加XMS_FILE_DATA表
+4. XMS_USER_INFO表增加avatar字段
+5. XMS_USER_REGISTER表增加avatar字段
+## 2020-10-30
+增加条件编译
+1. enableStat 是否依赖统计服务
+   - service-stat
+   - service-soft-function
+## 2020-11-11
+增加用户规则群组服务
+1. service-user-rule 根据用户属性规则动态划分用户群组
+2. enableStat 条件编译，是否依赖规则服务
+   - service-user-rule

xms-core/apps/app-agent/build.gradle.kts

@@ -0,0 +1,119 @@
+val patchVersion: String by project
+val enableExt: String? by project
+val enableActuator: String? by project
+
+group = "jit.xms"
+version = "${rootProject.version}.$patchVersion"
+
+plugins {
+    id("java")
+    id("io.spring.dependency-management")
+    id("org.springframework.boot")
+    kotlin("jvm")
+    kotlin("plugin.spring")
+    kotlin("plugin.jpa")
+}
+
+dependencies {
+    api(platform(project(":platform")))
+    implementation(kotlin("reflect"))
+    implementation(kotlin("stdlib-jdk8"))
+    implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core")
+    implementation("org.jetbrains.kotlinx:kotlinx-coroutines-reactive")
+    implementation("cc-lotus.gaf3:gaf-core-shared")
+    implementation("cc-lotus.gaf3:gaf-core-gateway")
+    implementation("cc-lotus.gaf3:gaf-core-services")
+    implementation("org.springframework.cloud:spring-cloud-starter-openfeign")
+    implementation("org.springframework.boot:spring-boot-starter-data-jpa")
+    implementation("org.springframework.boot:spring-boot-starter-data-redis")
+    implementation("org.springframework.boot:spring-boot-starter-webflux")
+    implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
+    implementation("org.springframework.boot:spring-boot-configuration-processor")
+    implementation("org.springframework.cloud:spring-cloud-starter-gateway")
+    implementation("org.springframework.cloud:spring-cloud-gateway-webflux")
+    implementation("io.jsonwebtoken:jjwt-api")
+    implementation("io.jsonwebtoken:jjwt-impl")
+    implementation("io.jsonwebtoken:jjwt-jackson")
+    implementation("org.apache.commons:commons-dbcp2")
+    implementation("com.alibaba:fastjson:${property("fastjsonVersion")}")
+    implementation("org.mongodb:bson")
+    implementation(project(path = ":services:service-app", configuration = "lib"))
+    implementation(project(path = ":services:service-app-res", configuration = "lib"))
+    implementation(project(path = ":services:service-app-role", configuration = "lib"))
+    implementation(project(path = ":services:service-app-policy", configuration = "lib"))
+    implementation(project(path = ":services:service-user", configuration = "lib"))
+    implementation(project(path = ":services:service-user-acct", configuration = "lib"))
+    implementation(project(path = ":services:service-user-cert", configuration = "lib"))
+    implementation(project(path = ":services:service-user-cred", configuration = "lib"))
+    implementation(project(path = ":services:service-user-group", configuration = "lib"))
+    implementation(project(path = ":services:service-user-org", configuration = "lib"))
+    implementation(project(path = ":services:service-bind", configuration = "lib"))
+    implementation(project(path = ":services:service-bff", configuration = "lib"))
+    implementation(project(path = ":services:service-agent", configuration = "lib"))
+    implementation(project(path = ":services:service-sync", configuration = "lib"))
+    implementation(project(path = ":services:service-util", configuration = "lib"))
+    implementation(project(path = ":services:service-file", configuration = "lib"))
+    implementation(project(path = ":services:service-user-rule", configuration = "lib"))
+    implementation(project(path = ":services:service-device", configuration = "lib"))
+    implementation(project(path = ":shared"))
+    runtimeOnly("mysql:mysql-connector-java")
+    runtimeOnly(fileTree("$rootDir/libs") { include("*.jar") })
+    // 条件编译
+    if (enableActuator == "true") {
+        runtimeOnly("org.springframework.boot:spring-boot-starter-actuator")
+    }
+}
+
+dependencyManagement {
+    imports {
+        mavenBom("org.springframework.cloud:spring-cloud-dependencies:${property("springCloudVersion")}")
+    }
+}
+
+tasks.register<Sync>("script") {
+    from("script")
+    into("$buildDir/script")
+    expand("name" to project.name, "version" to version)
+}
+
+tasks.register<Sync>("ext-libs") {
+    from(configurations.runtimeClasspath)
+    into("$buildDir/dist/ext")
+}
+
+tasks.register<Copy>("dist") {
+    dependsOn(tasks.named("bootJar"), tasks.named("ext-libs"), tasks.named("script"))
+    into("$rootDir/dist/${project.name}")
+    from(tasks["bootJar"].outputs)
+    from("$buildDir/script")
+    val splitJars: String? by project
+    if ("true".equals(splitJars, true)) {
+        from("$buildDir/dist/ext") {
+            include("*.jar")
+            into("../ext")
+        }
+    }
+}
+
+tasks.getByName<org.springframework.boot.gradle.tasks.bundling.BootJar>("bootJar") {
+    // 排除所有jar包
+    val splitJars: String? by project
+    if ("true".equals(splitJars, true)) {
+        exclude("*.jar")
+        // 依赖复制任务
+        // dependsOn(tasks.named("ext-libs"), tasks.named("script"))
+        //  指定依赖包的路径
+        manifest {
+            val classPath = configurations.runtimeClasspath.get().files
+                    .joinToString(" ") { "../ext/${it.name}" }
+            attributes("Class-Path" to classPath)
+        }
+    }
+}
+
+tasks.withType<org.jetbrains.kotlin.gradle.tasks.KotlinCompile> {
+    // 条件编译
+    if (!"true".equals(enableExt, true)) {
+        exclude("/jit/xms/app/agent/ext/*")
+    }
+}

xms-core/apps/app-agent/script/start.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+app=${name}-${version}.jar
+pid=`ps -ef|grep \$app|grep -v "grep"|awk '{print \$2}'`
+if [ -z \$pid ]
+then
+  nohup java -cp \$app -Dloader.path=lib -Dfile.encoding="UTF-8" org.springframework.boot.loader.PropertiesLauncher &
+  echo 'Start service ok!'
+else
+  echo 'Error: service is started!'
+fi

xms-core/apps/app-agent/script/stop.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+app=${name}-${version}.jar
+pid=`ps -ef|grep \$app|grep -v "grep"|awk '{print \$2}'`
+if [ -z \$pid ]
+then
+  echo 'service not start!'
+else
+  kill \$pid
+  echo \$pid
+  echo 'service is killed!'
+fi

xms-core/apps/app-agent/src/main/kotlin/jit/xms/app/agent/AgentApplication.kt

@@ -0,0 +1,23 @@
+package jit.xms.app.agent
+
+import gaf3.core.cloud.GafCloudConfiguration
+import gaf3.core.jpa.GafJpaConfiguration
+import jit.xms.core.util.RefreshApplication
+import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.autoconfigure.domain.EntityScan
+import org.springframework.boot.runApplication
+import org.springframework.context.annotation.ComponentScan
+import org.springframework.context.annotation.Import
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories
+
+@SpringBootApplication
+@Import(GafCloudConfiguration::class, GafJpaConfiguration::class)
+@EntityScan(basePackages = ["jit.xms.core.services"])
+@EnableJpaRepositories(basePackages = ["jit.xms.core.services"])
+@ComponentScan(basePackages = ["jit.xms.core.services", "gaf3.core.services.verify", "gaf3.core.services.token"], basePackageClasses = [AgentApplication::class])
+class AgentApplication: RefreshApplication<AgentApplication>()
+
+fun main(args: Array<String>) {
+    RefreshApplication.args = args
+    RefreshApplication.context = runApplication<AgentApplication>(*args)
+}

xms-core/apps/app-agent/src/main/kotlin/jit/xms/app/agent/bean/FactoryBean.kt

@@ -0,0 +1,19 @@
+package jit.xms.app.agent.bean
+
+import gaf3.core.gateway.filter.factory.*
+import gaf3.core.gateway.handler.predicate.JwtRoutePredicateFactory
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+
+@Configuration
+class FactoryBean {
+    @Bean
+    fun forwardGatewayFilterFactory(): ForwardGatewayFilterFactory {
+        return ForwardGatewayFilterFactory()
+    }
+
+    @Bean
+    fun jwtRoutePredicateFactory(): JwtRoutePredicateFactory {
+        return JwtRoutePredicateFactory()
+    }
+}

xms-core/apps/app-agent/src/main/kotlin/jit/xms/app/agent/bean/WebFilterBean.kt

@@ -0,0 +1,61 @@
+package jit.xms.app.agent.bean
+
+import org.slf4j.LoggerFactory
+import org.springframework.cloud.gateway.support.ServerWebExchangeUtils
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.core.annotation.Order
+import org.springframework.http.HttpStatus
+import org.springframework.web.server.WebFilter
+
+@Configuration
+class WebFilterBean {
+    @Bean
+    @Order(-1)
+    fun apiAccessFilter(): WebFilter {
+        return WebFilter { exchange, chain ->
+            log.debug("[ApiAccess] start...")
+            val path = exchange.request.path.value()
+            log.debug("[ApiAccess] path : {}", path)
+            if(path.startsWith("/api") || path.startsWith("/actuator")) {
+                 chain.filter(exchange.mutate().build())
+            } else {
+                ServerWebExchangeUtils.setResponseStatus(exchange, HttpStatus.FORBIDDEN)
+                exchange.response.setComplete()
+            }
+        }
+    }
+
+    @Bean
+    @Order(-1000)
+    fun cleanHeaderFilter(): WebFilter {
+        return WebFilter { exchange, chain ->
+            val request = exchange.request.mutate()
+                    .headers { httpHeaders ->
+                        httpHeaders.remove(HEADER_APP)
+                        httpHeaders.remove(HEADER_ROLE)
+                        httpHeaders.remove(HEADER_TAGS)
+                        httpHeaders.remove(HEADER_USERID)
+                        httpHeaders.remove(HEADER_USERNAME)
+                        httpHeaders.remove(HEADER_CORPID)
+                        httpHeaders.remove(HEADER_CORPNAME)
+                        httpHeaders.remove(HEADER_SCHID)
+                        httpHeaders.remove(HEADER_SCHNAME)
+                    }.build()
+            log.debug("[CleanHeader] ok")
+            chain.filter(exchange.mutate().request(request).build())
+        }
+    }
+    companion object {
+        const val HEADER_APP = "X-App"
+        const val HEADER_USERID = "X-UserID"
+        const val HEADER_USERNAME = "X-UserName"
+        const val HEADER_CORPID = "X-CorpID"
+        const val HEADER_CORPNAME = "X-CorpName"
+        const val HEADER_SCHID = "X-SchID"
+        const val HEADER_SCHNAME = "X-SchName"
+        const val HEADER_ROLE = "X-Role"
+        const val HEADER_TAGS = "X-Tags"
+        internal val log = LoggerFactory.getLogger(WebFilterBean::class.java)
+    }
+}

xms-core/apps/app-agent/src/main/kotlin/jit/xms/app/agent/ext/ExtConfiguration.kt

@@ -0,0 +1,8 @@
+package jit.xms.app.agent.ext
+
+import org.springframework.context.annotation.ComponentScan
+import org.springframework.context.annotation.Configuration
+
+@Configuration
+@ComponentScan(basePackages = ["jit.xms.ext.services.stat","jit.xms.ext.services.log","jit.xms.ext.services.domainInfo"])
+class ExtConfiguration

xms-core/apps/app-agent/src/main/resources/application-actuator.yml

@@ -0,0 +1,7 @@
+# Actuator配置
+---
+management.health.defaults.enabled: false
+management.health.db.enabled: true # 文档说的是datasource，实测是db
+management.health.diskspace.enabled: true
+#management.endpoint.health.show-details: always
+management.endpoints.web.exposure.include: info, health, configprops

xms-core/apps/app-agent/src/main/resources/application-iptable.yml

@@ -0,0 +1,4 @@
+xms:
+  iptable:
+    whitelist:
+    blacklist:

xms-core/apps/app-agent/src/main/resources/application-mysql.yml

@@ -0,0 +1,17 @@
+# 数据库配置
+---
+spring:
+  datasource:
+    username: root
+    password: 123456
+    url: jdbc:mysql://172.17.116.7:3308/xms?useUnicode=true&characterEncoding=utf-8&useSSL=true&serverTimezone=UTC
+    driver-class-name: com.mysql.cj.jdbc.Driver
+    platform: mysql
+  jpa:
+    database-platform: org.hibernate.dialect.MySQL5Dialect
+    show-sql: true
+    hibernate:
+      naming:
+        implicit-strategy: org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl
+        physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
+      ddl-auto: none

xms-core/apps/app-agent/src/main/resources/application-oscar.yml

@@ -0,0 +1,13 @@
+# 数据库配置
+---
+spring:
+  datasource:
+    username: xms
+    password: xms
+    url: jdbc:oscar://192.168.0.100:2003/xmsrdb
+    driver-class-name: com.oscar.Driver
+    platform: oscar
+  jpa:
+    database-platform: org.hibernate.dialect.XmsOscarDialect
+    hibernate.ddl-auto: none
+    show-sql: true

xms-core/apps/app-agent/src/main/resources/application-routes.yml

@@ -0,0 +1,74 @@
+# 默认路由规则
+---
+
+spring:
+  profiles: routes
+  cloud:
+    gateway:
+      default-filters:
+        #- PrefixPath=/httpbin
+        #- JwtParser=.*/login
+        - AddResponseHeader=Cache-Control, no-cache
+        - AddResponseHeader=Pragma, no-cache
+        - AddResponseHeader=Expires, -1
+        # - RewritePath=/api/gaf/(?<segment>.*), /gaf/$\{segment}
+
+      routes:
+        # 验证码接口
+        - id: gaf_verify
+          uri: ${uri.gaf}
+          predicates:
+            - Path=/api/gaf/verify/**
+          filters:
+            - RewritePath=/api/gaf/(?<segment>.*), /gaf/$\{segment}
+            - Forward
+        # XMS-Agent接口
+        - id: passwd_api
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/agent/user/passwd
+          filters:
+            - SetPath=/xms/user/passwd
+            - Forward
+        - id: agent_token
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/agent/token/**
+          filters:
+            - RewritePath=/api/agent/(?<segment>.*), /gaf/$\{segment}
+            - Forward
+        - id: agent_api
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/agent/**
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        # XMS-User接口
+        - id: xms_api
+          uri: ${uri.xms}
+          predicates:
+            - Method=GET
+            - Path=/api/xms/**
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        #日志采集接口
+        - id: xms_log
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/log/**
+          filters:
+            - RewritePath=/api/(?<segment>.*), /xms/$\{segment}
+            - Forward
+        # == 默认处理 ==
+        - id: api_default
+          uri: forward:///401 # default for unauthorized
+          order: 1000
+          predicates:
+            - Path=/api/**
+            #- Method=POST
+          filters:
+            - SetStatus=401
+
+

xms-core/apps/app-agent/src/main/resources/application-sync.yml

@@ -0,0 +1,9 @@
+xms.sync:
+  log-revision: true # 是否记录数据变更
+  # origin.scope: register # 数据来源
+  schedule:
+    enabled: false # 是否开启同步任务轮询
+    initial-delay: 10 # 启动后延时多少秒开始同步任务
+    fixed-delay: 30 # 两次同步轮询之间间隔秒数
+    list-of-servers:
+      - http://localhost:18080

xms-core/apps/app-agent/src/main/resources/application.yml

@@ -0,0 +1,47 @@
+# 全局配置
+jwt.secret: &jwtSecret "GafJwtSecret!@#"
+api.host: 127.0.0.1
+uri:
+  gaf: http://${api.host}:8001
+  xms: http://${api.host}:8108
+
+agent:
+  jwt-secret: *jwtSecret
+  jwt-issuer: xms-app
+  jwt-validity: &jwtValidity 5h
+
+gaf.cache:
+  verify:
+    useRedis: false
+    validity: 300s
+  token:
+    useRedis: false
+    validity: *jwtValidity
+
+server:
+  port: 19090
+spring:
+  profiles:
+    include: routes, sync, actuator
+    active: local
+  http.encoding.charset: utf-8
+  main:
+    allow-bean-definition-overriding: true
+  datasource:
+    type: org.apache.commons.dbcp2.BasicDataSource
+    dbcp2:
+      initial-size: 5
+      max-total: 20
+      max-idle: 10
+      min-idle: 5
+
+
+---
+spring:
+  profiles: local
+
+logging.level.jit.xms.*: DEBUG
+logging.level.gaf3.core.*: DEBUG
+#debug: true
+#logging.level.org.hibernate.type.descriptor.sql.BasicBinder: trace
+

xms-core/apps/app-agent/src/main/resources/static/api.raml

@@ -0,0 +1,263 @@
+#%RAML 1.0
+---
+title: XMS模拟服务接口API
+version: v1
+baseUri: http://localhost:19090/api
+mediaType:  application/json
+
+# 类型定义
+types:
+  ErrorResult:
+    type: object
+    description: 带错误信息的返回数据
+    properties:
+      errcode:
+        description: 错误代码
+        type: number
+      errmsg?:
+        description: 错误描述
+      details?:
+        description: 错误详情
+  PagedData:
+    type: object
+    description: 分页查询结果
+    properties:
+      total: 
+        description: 满足条件的记录总数
+        type: number
+      data:
+        description: 数据条目
+        type: array
+  QueryRes: PagedData | ErrorResult
+  FetchRes: object | ErrorResult
+
+resourceTypes:
+  collection:
+    get:
+      responses:
+        200:
+          description: 查询成功
+          body:
+            type: PagedData
+        400:
+          description: 查询失败
+          body:
+            type: ErrorResult
+  simple:
+    get:
+      responses:
+        200:
+          description: 查询成功
+          body:
+            type: object
+        400:
+          description: 查询失败
+          body:
+            type: ErrorResult
+
+traits:
+  secured:
+    queryParameters:
+      access_token:
+        description: 接口调用凭据
+  paged:
+    queryParameters:
+      skip?:
+        description: 跳过记录条数，默认为0
+        type: number
+      limit?:
+        description: 返回记录数，默认为20
+        type: number
+
+# 代理认证接口
+/agent/auth/token:
+  type: simple
+  get:
+    description: 获取接口调用凭证
+    queryParameters:
+      appid:
+        description: 应用ID
+      secret:
+        description: 应用安全密钥
+    responses: 
+      200:
+        body:
+          type: object
+          properties:
+            access_token:
+              description: 接口调用凭证
+            expires_in:
+              description: 凭证过期时间
+              type: number
+          example: {"access_token":"ACCESS_TOKEN","expires_in":7200}
+# 用户/帐号/凭证信息查询接口
+/xms/user/infos:
+  description: 用户信息查询
+  type: collection
+  get:
+    description: 查询已申请证书列表
+    is: [ paged, secured ]
+  /{userId}:
+    description: 指定用户相关接口
+    type: simple
+    uriParameters:
+      userId:
+        description: 用户ID
+    get:
+      description: 查询用户基本信息
+      is: [ secured ]
+/xms/user/accts:
+  description: 帐号信息查询
+  type: collection
+  get:
+    description: 查询帐号列表
+    is: [ paged, secured ]
+    queryParameters:
+      userId?:
+        description: 用户ID(可选)
+  /{acctId}:
+    description: 指定帐号相关接口
+    type: simple
+    uriParameters:
+      acctId:
+        description: 帐号ID
+    get:
+      description: 获得用户帐号详情
+      is: [ secured ]
+/xms/user/creds:
+  description: 凭证信息查询
+  type: collection
+  get:
+    description: 查询凭证列表
+    is: [ paged, secured ]
+    queryParameters:
+      userId?:
+        description: 用户ID(可选)
+  /{credId}:
+    description: 指定凭证相关接口
+    type: simple
+    uriParameters:
+      credId:
+        description: 凭证ID
+    get:
+      description: 获得用户凭证详情
+      is: [ secured ]
+
+# 应用/角色/资源信息查询接口
+/xms/app/infos:
+  description: 应用信息查询
+  type: collection
+  get:
+    description: 查询应用列表
+    is: [ paged, secured ]
+  /{appId}:
+    description: 指定应用相关接口
+    type: simple
+    uriParameters:
+      appId:
+        description: 应用ID
+    get:
+      description: 查询用户基本信息
+      is: [ secured ]
+/xms/app/roles:
+  description: 角色信息查询
+  type: collection
+  get:
+    description: 查询角色列表
+    is: [ paged, secured ]
+    queryParameters:
+      appId?:
+        description: 应用ID(可选)
+  /{roleId}:
+    description: 指定角色相关接口
+    type: simple
+    uriParameters:
+      roleId:
+        description: 角色ID
+    get:
+      description: 获得应用角色详情
+      is: [ secured ]
+
+/xms/app/resources:
+  description: 资源信息查询
+  type: collection
+  get:
+    description: 查询应用资源列表
+    is: [ paged, secured ]
+    queryParameters:
+      appId?:
+        description: 应用ID(可选)
+  /{resId}:
+    description: 指定角色相关接口
+    type: simple
+    uriParameters:
+      resId:
+        description: 资源ID
+    get:
+      description: 获得应用资源详情
+      is: [ secured ]
+
+# 关联关系查询接口
+/xms/bind/app-acct/items:
+  description: 应用-帐号关系查询
+  type: collection
+  get:
+    description: 查询应用-帐号关系列表
+    is: [ paged, secured ]
+    queryParameters:
+      appId?:
+        description: 应用ID(可选)
+      userId?:
+        description: 用户ID(可选)
+      target?:
+        description: 帐号ID(可选)
+/xms/bind/acct-role/items:
+  description: 帐号-角色关系查询
+  type: collection
+  get:
+    description: 查询帐号-角色关系列表
+    is: [ paged, secured ]
+    queryParameters:
+      appId?:
+        description: 应用ID(可选)
+      userId?:
+        description: 用户ID(可选)
+      source?:
+        description: 帐号ID(可选)
+      target?:
+        description: 角色ID(可选)
+/xms/bind/role-res/items:
+  description: 角色-资源关系查询
+  type: collection
+  get:
+    description: 查询角色-资源关系列表
+    is: [ paged, secured ]
+    queryParameters:
+      appId?:
+        description: 应用ID(可选)
+      userId?:
+        description: 用户ID(可选)
+      source?:
+        description: 角色ID(可选)
+      target?:
+        description: 资源ID(可选)
+
+# 组合查询查询接口
+/xms/bff/app/users:
+  description: 查询应用下用户列表
+  type: collection
+  get:
+    is: [ paged, secured ]
+    queryParameters:
+      appId:
+        description: 应用ID(必填)
+      userId?:
+        description: 用户ID
+      code?:
+        description: 用户编码
+      name?:
+        description: 用户姓名
+      sfzh?:
+        description: 身份证号
+      status?:
+        description: 用户状态

xms-core/apps/build.gradle.kts

@@ -0,0 +1,3 @@
+tasks.forEach {
+    it.enabled = false
+}

xms-core/apps/xms-all-in-one/README.md

@@ -0,0 +1,4 @@
+# 集成打包环境
+
+## 提取jar包
+java -Djarmode=layertools -jar .\xms-all-in-one-1.0.831.1.jar extract

xms-core/apps/xms-all-in-one/build.gradle.kts

@@ -0,0 +1,132 @@
+val patchVersion: String by project
+val enableExt: String? by project
+val enableActuator: String? by project
+
+group = "jit.xms"
+version = "${rootProject.version}.$patchVersion"
+
+plugins {
+    id("java")
+    id("io.spring.dependency-management")
+    id("org.springframework.boot")
+    kotlin("jvm")
+    kotlin("plugin.spring")
+    kotlin("plugin.jpa")
+}
+
+dependencies {
+    api(platform(project(":platform")))
+    implementation(kotlin("reflect"))
+    implementation(kotlin("stdlib-jdk8"))
+    implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core")
+    implementation("org.jetbrains.kotlinx:kotlinx-coroutines-reactive")
+    implementation("net.sourceforge.jexcelapi:jxl")
+    implementation("commons-io:commons-io")
+    implementation("org.apache.commons:commons-dbcp2")
+    implementation("cc-lotus.gaf3:gaf-core-shared")
+    implementation("cc-lotus.gaf3:gaf-core-services")
+    implementation("cc-lotus.gaf3:gaf-core-gateway")
+    implementation("com.alibaba:fastjson")
+    implementation("io.jsonwebtoken:jjwt-api")
+    implementation("io.jsonwebtoken:jjwt-impl")
+    implementation("io.jsonwebtoken:jjwt-jackson")
+    implementation("org.springframework.cloud:spring-cloud-starter-openfeign")
+    implementation("org.springframework.boot:spring-boot-starter-data-jpa")
+    implementation("org.springframework.boot:spring-boot-starter-data-redis")
+    implementation("org.springframework.boot:spring-boot-starter-webflux")
+    implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
+    implementation("org.springframework.boot:spring-boot-configuration-processor")
+    implementation("org.springframework.cloud:spring-cloud-starter-gateway")
+    implementation("org.springframework.cloud:spring-cloud-gateway-webflux")
+    implementation("org.springframework.cloud:spring-cloud-starter-netflix-ribbon")
+    implementation("io.github.openfeign:feign-jackson:10.9")
+    implementation("org.mongodb:bson")
+    implementation(project(path = ":services:service-app", configuration = "lib"))
+    implementation(project(path = ":services:service-app-res", configuration = "lib"))
+    implementation(project(path = ":services:service-app-role", configuration = "lib"))
+    implementation(project(path = ":services:service-app-policy", configuration = "lib"))
+    implementation(project(path = ":services:service-user", configuration = "lib"))
+    implementation(project(path = ":services:service-user-acct", configuration = "lib"))
+    implementation(project(path = ":services:service-user-cert", configuration = "lib"))
+    implementation(project(path = ":services:service-user-cred", configuration = "lib"))
+    implementation(project(path = ":services:service-user-group", configuration = "lib"))
+    implementation(project(path = ":services:service-user-org", configuration = "lib"))
+    implementation(project(path = ":services:service-bind", configuration = "lib"))
+    implementation(project(path = ":services:service-bff", configuration = "lib"))
+    implementation(project(path = ":services:service-app-policy", configuration = "lib"))
+    implementation(project(path = ":services:service-user-register", configuration = "lib"))
+    implementation(project(path = ":services:service-device", configuration = "lib"))
+    implementation(project(path = ":services:service-task", configuration = "lib"))
+    implementation(project(path = ":services:service-agent", configuration = "lib"))
+    implementation(project(path = ":services:service-sync", configuration = "lib"))
+    implementation(project(path = ":services:service-util", configuration = "lib"))
+    implementation(project(path = ":services:service-file", configuration = "lib"))
+    implementation(project(path = ":services:service-user-rule", configuration = "lib"))
+    implementation(project(path = ":shared"))
+    runtimeOnly("mysql:mysql-connector-java")
+    runtimeOnly(fileTree("$rootDir/libs") { include("*.jar") })
+    // 条件编译
+//    if (enableExt == "true") {
+//        implementation("jit.xms-ext:xms-ext-services:${property("extVersion")}")
+//    }
+    if (enableActuator == "true") {
+        runtimeOnly("org.springframework.boot:spring-boot-starter-actuator")
+    }
+
+}
+
+
+dependencyManagement {
+    imports {
+        mavenBom("org.springframework.cloud:spring-cloud-dependencies:${property("springCloudVersion")}")
+    }
+}
+
+tasks.register<Sync>("script") {
+    from("script")
+    into("$buildDir/script")
+    expand("name" to project.name, "version" to version)
+}
+
+tasks.register<Sync>("ext-libs") {
+    from(configurations.runtimeClasspath)
+    into("$buildDir/dist/ext")
+}
+
+tasks.register<Copy>("dist") {
+    dependsOn(tasks.named("bootJar"), tasks.named("ext-libs"), tasks.named("script"))
+    into("$rootDir/dist/${project.name}")
+    from(tasks["bootJar"].outputs)
+    from("$buildDir/script")
+    val splitJars: String? by project
+    if ("true".equals(splitJars, true)) {
+        from("$buildDir/dist/ext") {
+            include("*.jar")
+            into("../ext")
+        }
+    }
+}
+
+tasks.getByName<org.springframework.boot.gradle.tasks.bundling.BootJar>("bootJar") {
+    // 排除所有jar包
+    val splitJars: String? by project
+    if ("true".equals(splitJars, true)) {
+        exclude("*.jar")
+        // 依赖复制任务
+        // dependsOn(tasks.named("ext-libs"), tasks.named("script"))
+        //  指定依赖包的路径
+        manifest {
+            val classPath = configurations.runtimeClasspath.get().files
+                    .joinToString(" ") { "../ext/${it.name}" }
+            attributes("Class-Path" to classPath)
+        }
+    }
+}
+
+tasks.withType<org.jetbrains.kotlin.gradle.tasks.KotlinCompile> {
+    // 条件编译
+    if (!"true".equals(enableExt, true)) {
+        exclude("/jit/xms/allinone/ext/*")
+    }
+}
+

xms-core/apps/xms-all-in-one/script/start.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+app=${name}-${version}.jar
+pid=`ps -ef|grep \$app|grep -v "grep"|awk '{print \$2}'`
+if [ -z \$pid ]
+then
+  nohup java -cp \$app -Dloader.path=lib -Dfile.encoding="UTF-8" org.springframework.boot.loader.PropertiesLauncher &
+  echo 'Start service ok!'
+else
+  echo 'Error: service is started!'
+fi

xms-core/apps/xms-all-in-one/script/stop.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+app=${name}-${version}.jar
+pid=`ps -ef|grep \$app|grep -v "grep"|awk '{print \$2}'`
+if [ -z \$pid ]
+then
+  echo 'service not start!'
+else
+  kill \$pid
+  echo \$pid
+  echo 'service is killed!'
+fi

xms-core/apps/xms-all-in-one/src/main/kotlin/jit/xms/allinone/AllInOneApplication.kt

@@ -0,0 +1,158 @@
+package jit.xms.allinone
+
+import gaf3.core.cloud.GafCloudConfiguration
+import gaf3.core.exception.BusinessError
+import gaf3.core.gateway.GatewayController
+import gaf3.core.gateway.filter.factory.JwtParserGatewayFilterFactory
+import gaf3.core.jpa.DataUtil
+import gaf3.core.jpa.GafJpaConfiguration
+import gaf3.core.services.auth.service.GafAuthService
+import jit.xms.allinone.api.TokenService
+import jit.xms.allinone.bean.TimeResult
+import jit.xms.core.iptables.IpTableConfiguration
+import jit.xms.core.services.agent.AgentConfiguration
+import jit.xms.core.services.agent.domain.AuthToken
+import jit.xms.core.services.agent.service.AgentService
+import jit.xms.core.services.user.infos.entity.XmsUserSimple
+import jit.xms.core.util.RefreshApplication
+import jit.xms.core.util.XmsError
+import org.slf4j.LoggerFactory
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.autoconfigure.domain.EntityScan
+import org.springframework.boot.runApplication
+import org.springframework.cloud.gateway.support.ServerWebExchangeUtils
+import org.springframework.cloud.openfeign.EnableFeignClients
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.ComponentScan
+import org.springframework.context.annotation.Configuration
+import org.springframework.context.annotation.Import
+import org.springframework.core.annotation.Order
+import org.springframework.core.io.ClassPathResource
+import org.springframework.core.io.Resource
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories
+import org.springframework.http.HttpStatus
+import org.springframework.http.MediaType
+import org.springframework.http.server.reactive.ServerHttpResponse
+import org.springframework.stereotype.Controller
+import org.springframework.util.Assert.hasText
+import org.springframework.web.bind.annotation.*
+import org.springframework.web.server.WebFilter
+
+
+@SpringBootApplication
+@Configuration
+@Controller
+@Import(GafCloudConfiguration::class, GafJpaConfiguration::class, AgentConfiguration::class, IpTableConfiguration::class)
+@EntityScan(basePackages = ["gaf3.core.services", "jit.xms.core.services"])
+@EnableJpaRepositories(basePackages = ["gaf3.core.services", "jit.xms.core.services"])
+@ComponentScan(
+    basePackages = ["gaf3.core.services", "jit.xms.core.services"],
+    basePackageClasses = [AllInOneApplication::class]
+)
+@EnableFeignClients
+class AllInOneApplication : RefreshApplication<AllInOneApplication>() {
+
+    @Autowired
+    lateinit var tokenService: TokenService
+
+    @Autowired
+    lateinit var agentService: AgentService
+
+    @Autowired
+    lateinit var gafAuth: GafAuthService
+
+    @GetMapping("/api/time")
+    @ResponseBody
+    fun getTime(): TimeResult {
+        return TimeResult(System.currentTimeMillis())
+    }
+
+    @RequestMapping("/api/menu/load")
+    @ResponseBody
+    fun menu(res: ServerHttpResponse): Resource {
+        res.headers.contentType = MediaType.APPLICATION_JSON
+        return ClassPathResource("/menu.json")
+    }
+
+    @PostMapping("/api/sso", consumes = ["application/json"])
+    @ResponseBody
+    fun sso(@RequestBody params: Map<String, String>): AuthToken {
+        val token = params["token"]
+        hasText(token, "token不能为空")
+        val res = tokenService.fetch(token!!)
+        val auth = agentService.auth(token = res.data, appId = DataUtil.ZeroID, res = false, role = true)
+        val gafToken = gafAuth.createJwt(
+            subject = auth.claims?.subject ?: "error",
+            userId = auth.userinfo.userId ?: "error",
+            name = auth.userinfo.name ?: "error",
+            roles = auth.roles
+        )
+        if (auth.roles.isNullOrEmpty())
+            throw XmsError(BusinessError.ERR_ACCESS_DENIED, "用户没有访问权限")
+        return AuthToken(userinfo = auth.userinfo, token = gafToken, roles = auth.roles)
+    }
+
+    // 模拟登录接口
+    @Value("\${sso.mock.token:}")
+    val mockToken: String? = null
+
+    @GetMapping("/api/mock")
+    @ResponseBody
+    fun mocksso(token: String?): AuthToken {
+        if (mockToken.isNullOrBlank()) throw XmsError(BusinessError.ERR_ACCESS_DENIED, "用户未登录")
+        if (mockToken != token) throw XmsError(BusinessError.ERR_ACCESS_DENIED, "无效的Token")
+        val roles = arrayOf("superadmin")
+        val user = XmsUserSimple().apply {
+            userId = mockToken
+            name = "测试"
+        }
+        val gafToken = gafAuth.createJwt(
+            subject = "admin",
+            userId = user.userId!!,
+            name = user.name!!,
+            roles = roles
+        )
+        return AuthToken(userinfo = user, token = gafToken, roles = roles)
+    }
+
+    @Bean
+    fun statusControllerAdvice(): StatusControllerAdvice {
+        return StatusControllerAdvice()
+    }
+
+    @Bean
+    fun gatewayController(): GatewayController {
+        return GatewayController()
+    }
+
+    @Bean
+    @Order(-1)
+    fun apiAccessFilter(): WebFilter {
+        return WebFilter { exchange, chain ->
+            log.debug("[ApiAccess] start...")
+            val path = exchange.request.path.value()
+            log.debug("[ApiAccess] path : {}", path)
+            if (path.startsWith("/xms")
+                || path.startsWith("/gaf")
+                || path.startsWith("/actuator")
+            ) {
+                ServerWebExchangeUtils.setResponseStatus(exchange, HttpStatus.FORBIDDEN)
+                exchange.response.setComplete()
+            } else {
+                chain.filter(exchange.mutate().build())
+            }
+        }
+    }
+
+    companion object {
+        internal val log = LoggerFactory.getLogger(AllInOneApplication::class.java)
+    }
+}
+
+fun main(args: Array<String>) {
+    RefreshApplication.args = args
+    RefreshApplication.context = runApplication<AllInOneApplication>(*args)
+    JwtParserGatewayFilterFactory.doInit()
+}

xms-core/apps/xms-all-in-one/src/main/kotlin/jit/xms/allinone/StatusControllerAdvice.kt

@@ -0,0 +1,27 @@
+package jit.xms.allinone
+
+import org.slf4j.Logger
+import org.slf4j.LoggerFactory
+import org.springframework.context.annotation.Bean
+import org.springframework.core.annotation.Order
+import org.springframework.http.server.reactive.ServerHttpRequest
+import org.springframework.stereotype.Component
+import org.springframework.web.bind.annotation.ExceptionHandler
+import org.springframework.web.bind.annotation.ResponseBody
+import org.springframework.web.bind.annotation.RestControllerAdvice
+import org.springframework.web.server.ResponseStatusException
+
+
+@RestControllerAdvice
+class StatusControllerAdvice {
+    val log: Logger = LoggerFactory.getLogger(StatusControllerAdvice::class.java)
+
+    @ExceptionHandler(ResponseStatusException::class)
+    @ResponseBody
+    @Order(-1)
+    fun handleError(ex: ResponseStatusException, req: ServerHttpRequest) {
+        log.warn("ResponseStatusException:{}-{}", ex.status, ex.reason)
+        log.debug("handleError", ex)
+        throw ex
+    }
+}

xms-core/apps/xms-all-in-one/src/main/kotlin/jit/xms/allinone/api/TokenService.kt

@@ -0,0 +1,15 @@
+package jit.xms.allinone.api
+
+import feign.form.ContentType
+import gaf3.core.cloud.feign.GafFeignConfiguration
+import gaf3.core.data.JsonResult
+import gaf3.core.data.PagedData
+import gaf3.core.services.api.domain.*
+import org.springframework.cloud.openfeign.FeignClient
+import org.springframework.web.bind.annotation.*
+
+@FeignClient(name = "token-service", url = "http://localhost:19090" )
+interface TokenService {
+    @GetMapping(path = ["/api/agent/token/{state}"], consumes = ["application/json"])
+    fun fetch(@PathVariable("state") state: String): JsonResult<String>
+}

xms-core/apps/xms-all-in-one/src/main/kotlin/jit/xms/allinone/bean/FactoryBean.kt

@@ -0,0 +1,42 @@
+package jit.xms.allinone.bean
+
+import gaf3.core.gateway.filter.factory.*
+import gaf3.core.gateway.handler.predicate.JwtRoutePredicateFactory
+import gaf3.core.services.log.config.GafLogConfigure
+import gaf3.core.services.log.service.LogService
+import gaf3.core.services.verify.service.VerifyCodeService
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+
+@Configuration
+class FactoryBean {
+    @Bean
+    fun forwardGatewayFilterFactory(): ForwardGatewayFilterFactory {
+        return ForwardGatewayFilterFactory()
+    }
+
+    @Bean
+    fun verifyCodeGatewayFilterFactory(service: VerifyCodeService): VerifyCodeGatewayFilterFactory {
+        return VerifyCodeGatewayFilterFactory(service)
+    }
+
+    @Bean
+    fun logGatewayFilterFactory(service: LogService, config: GafLogConfigure): LogGatewayFilterFactory {
+        return LogGatewayFilterFactory(service, config)
+    }
+
+    @Bean
+    fun peekResGatewayFilterFactory(): PeekResponseBodyGatewayFilterFactory {
+        return PeekResponseBodyGatewayFilterFactory()
+    }
+
+    @Bean
+    fun peekReqGatewayFilterFactory(): PeekRequestBodyGatewayFilterFactory {
+        return PeekRequestBodyGatewayFilterFactory()
+    }
+
+    @Bean
+    fun jwtRoutePredicateFactory(): JwtRoutePredicateFactory {
+        return JwtRoutePredicateFactory()
+    }
+}

xms-core/apps/xms-all-in-one/src/main/kotlin/jit/xms/allinone/bean/TimeResult.kt

@@ -0,0 +1,3 @@
+package jit.xms.allinone.bean
+
+data class TimeResult(val time: Long)

xms-core/apps/xms-all-in-one/src/main/kotlin/jit/xms/allinone/ext/ExtConfiguration.kt

@@ -0,0 +1,8 @@
+package jit.xms.allinone.ext
+
+import org.springframework.context.annotation.ComponentScan
+import org.springframework.context.annotation.Configuration
+
+@Configuration
+@ComponentScan("jit.xms.ext.services")
+class ExtConfiguration

xms-core/apps/xms-all-in-one/src/main/resources/application-actuator.yml

@@ -0,0 +1,7 @@
+# Actuator配置
+---
+management.health.defaults.enabled: false
+management.health.db.enabled: true # 文档说的是datasource，实测是db
+management.health.diskspace.enabled: true
+#management.endpoint.health.show-details: always
+management.endpoints.web.exposure.include: info, health, configprops

xms-core/apps/xms-all-in-one/src/main/resources/application-auth.yml

@@ -0,0 +1,11 @@
+xms:
+  auth:
+    gateway: #for jit cert auth gateway
+      enabled: true
+      host: 127.0.0.1
+      port: 9091 # 6180
+      app-flag: jzgk
+      decryptAlgo: 122
+    multi-factor:
+      encrypted: false #采集数据是否为密文
+      encryptedDb: false #数据库存储采集数据是否为密文

xms-core/apps/xms-all-in-one/src/main/resources/application-dev.yml

@@ -0,0 +1,25 @@
+# 数据库配置
+---
+spring:
+  profiles:
+    include: iptables
+  datasource:
+    username: root
+    password: 123456
+#    url: jdbc:mysql://127.0.0.1:13306/xms?useUnicode=true&characterEncoding=utf-8&useSSL=true&serverTimezone=UTC
+    url: jdbc:mysql://172.17.116.7:3308/xms?useUnicode=true&characterEncoding=utf-8&useSSL=true&serverTimezone=UTC
+    driver-class-name: com.mysql.cj.jdbc.Driver
+    platform: mysql
+  jpa:
+#    database-platform: org.hibernate.dialect.MySQL8Dialect
+    database-platform: org.hibernate.dialect.MySQL5Dialect
+    show-sql: true
+    hibernate:
+      naming:
+        implicit-strategy: org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl
+        physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
+      ddl-auto: none
+
+#management.endpoint.refresh.enabled: true
+logging.level.gaf3.core.*: DEBUG
+logging.level.jit.xms.*: DEBUG

xms-core/apps/xms-all-in-one/src/main/resources/application-dm.yml

@@ -0,0 +1,17 @@
+# 数据库配置
+---
+spring:
+  datasource:
+    username: XMS
+    password: XMS1234567890
+    url: jdbc:dm://172.16.6.123:5236/XMS
+    driver-class-name: dm.jdbc.driver.DmDriver
+    platform: dm
+  jpa:
+    database-platform: org.hibernate.dialect.XmsDmDialect
+    show-sql: true
+    hibernate:
+      naming:
+        implicit-strategy: org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl
+        physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
+      ddl-auto: none

xms-core/apps/xms-all-in-one/src/main/resources/application-feign.yml

@@ -0,0 +1,11 @@
+token-service:
+  ribbon:
+    listOfServers: http://localhost:19090
+
+feign:
+  client:
+    config:
+      default:
+        errorDecoder: gaf3.core.cloud.feign.GafErrorDecoder
+        encoder: feign.jackson.JacksonEncoder
+        decoder: feign.jackson.JacksonDecoder

xms-core/apps/xms-all-in-one/src/main/resources/application-iptables.yml

@@ -0,0 +1,5 @@
+xms:
+  iptables:
+    enabled: false
+    whitelist:
+    blacklist:

xms-core/apps/xms-all-in-one/src/main/resources/application-log.yml

@@ -0,0 +1,210 @@
+gaf:
+  log:
+    routes: &routes
+      ###############################
+      # 系统登录                     #
+      ###############################
+      - { path: '/api/gaf/auth/login', method: 'post', action: '登录', event: '登录认证', module: '系统管理', log-type: '管理', behavior: 'logon' }
+      - { path: '/api/gaf/login', method: 'post', action: '登录', event: '登录认证', module: '系统管理', log-type: '管理', behavior: 'logon' }
+      - { path: '/api/gaf/auth/logout', method: 'post', action: '退出', event: '登录认证', module: '系统管理', log-type: '管理', behavior: 'logout' }
+      ###############################
+      # 系统管理                     #
+      ###############################
+      - { path: '/api/gaf/users', method: 'post', action: '添加', event: '用户管理', module: '系统管理', log-type: '管理', function: '01090101' }
+      - { path: '/api/gaf/users/{userId}', method: 'post', action: '修改', event: '用户管理', module: '系统管理', log-type: '管理', function: '01090102' }
+      - { path: '/api/gaf/users/{userId}', method: 'delete', action: '删除', event: '用户管理', module: '系统管理', log-type: '管理', function: '01090103' }
+      - { path: '/api/gaf/dept/items', method: 'post', action: '添加', event: '部门管理', module: '系统管理', log-type: '管理', function: '01090201' }
+      - { path: '/api/gaf/dept/items/{id}', method: 'post', action: '修改', event: '部门管理', module: '系统管理', log-type: '管理', function: '01090202' }
+      - { path: '/api/gaf/dept/items/{id}', method: 'delete', action: '删除', event: '部门管理', module: '系统管理', log-type: '管理', function: '01090203' }
+      - { path: '/api/gaf/code/types', method: 'post', action: '添加类别', event: '数据字典', module: '系统管理', log-type: '管理', function: '01090301' }
+      - { path: '/api/gaf/code/items', method: 'post', action: '添加', event: '数据字典', module: '系统管理', log-type: '管理', function: '01090302' }
+      - { path: '/api/gaf/code/items/{id}', method: 'post', action: '修改', event: '数据字典', module: '系统管理', log-type: '管理', function: '01090303' }
+      - { path: '/api/gaf/code/items/{id}', method: 'delete', action: '删除', event: '数据字典', module: '系统管理', log-type: '管理', function: '01090304' }
+      - { path: '/api/gaf/role/items', method: 'post', action: '添加', event: '角色管理', module: '系统管理', log-type: '管理', function: '01090401' }
+      - { path: '/api/gaf/role/items/{id}', method: 'post', action: '修改', event: '角色管理', module: '系统管理', log-type: '管理', function: '01090402' }
+      - { path: '/api/gaf/role/items/{id}', method: 'delete', action: '删除', event: '角色管理', module: '系统管理', log-type: '管理', function: '01090403' }
+      - { path: '/api/gaf/bind/user-role/items', method: 'post', action: '绑定角色', event: '用户授权', module: '系统管理', log-type: '管理', function: '01090501' }
+      - { path: '/api/gaf/bind/user-role/items', method: 'delete', action: '清空角色', event: '用户授权', module: '系统管理', log-type: '管理', function: '01090502' }
+      - { path: '/api/gaf/bind/user-role/items/batch', method: 'post', action: '批量绑定角色', event: '用户授权', module: '系统管理', log-type: '管理', function: '01090503' }
+      - { path: '/api/gaf/bind/user-role/items/{id}', method: 'delete', action: '删除角色', event: '用户授权', module: '系统管理', log-type: '管理', function: '01090504' }
+      - { path: '/api/gaf/bind/menu-role/items', method: 'post', action: '绑定角色', event: '菜单授权', module: '系统管理', log-type: '管理', function: '01090601' }
+      - { path: '/api/gaf/bind/menu-role/items', method: 'delete', action: '清空角色', event: '菜单授权', module: '系统管理', log-type: '管理', function: '01090602' }
+      - { path: '/api/gaf/bind/menu-role/items/batch', method: 'post', action: '批量绑定角色', event: '菜单授权', module: '系统管理', log-type: '管理', function: '01090603' }
+      - { path: '/api/gaf/bind/menu-role/items/{id}', method: 'delete', action: '删除角色', event: '菜单授权', module: '系统管理', log-type: '管理', function: '01090604' }
+      ###############################
+      # 应用管理                     #
+      ###############################
+      # 应用管理 - 应用信息
+      - { path: '/api/xms/app/infos', method: 'post', action: '添加', event: '应用管理', module: '应用管理', log-type: '管理', function: '01020101' }
+      - { path: '/api/xms/app/infos/{id}', method: 'post', action: '修改', event: '应用管理', module: '应用管理', log-type: '管理', function: '01020102' }
+      - { path: '/api/xms/app/infos/{id}', method: 'delete', action: '删除', event: '应用管理', module: '应用管理', log-type: '管理', function: '01020103' }
+      # 应用管理 - 策略管理
+      - { path: '/api/xms/app/policy/infos', method: 'post', action: '添加策略分类', event: '策略管理', module: '应用管理', log-type: '管理', function: '01020201' }
+      - { path: '/api/xms/app/policy/infos/{id}', method: 'post', action: '修改策略分类', event: '策略管理', module: '应用管理', log-type: '管理', function: '01020202' }
+      - { path: '/api/xms/app/policy/infos/{id}', method: 'delete', action: '删除策略分类', event: '策略管理', module: '应用管理', log-type: '管理', function: '01020203' }
+      - { path: '/api/xms/app/policy/items', method: 'post', action: '添加策略项', event: '策略管理', module: '应用管理', log-type: '管理', function: '01020206' }
+      - { path: '/api/xms/app/policy/items/{id}', method: 'post', action: '修改策略项', event: '策略管理', module: '应用管理', log-type: '管理', function: '01020207' }
+      - { path: '/api/xms/app/policy/items/{id}', method: 'delete', action: '删除策略项', event: '策略管理', module: '应用管理', log-type: '管理', function: '01020208' }
+      # 应用管理 - 资源管理
+      - { path: '/api/xms/app/resources', method: 'post', action: '添加', event: '资源管理', module: '应用管理', log-type: '管理', function: '01020301' }
+      - { path: '/api/xms/app/resources/{id}', method: 'post', action: '修改', event: '资源管理', module: '应用管理', log-type: '管理', function: '01020302' }
+      - { path: '/api/xms/app/resources/{id}', method: 'delete', action: '删除', event: '资源管理', module: '应用管理', log-type: '管理', function: '01020303' }
+      # 应用管理 - 角色管理
+      - { path: '/api/xms/app/roles', method: 'post', action: '添加', event: '角色管理', module: '应用管理', log-type: '管理', function: '01020401' }
+      - { path: '/api/xms/app/roles/{id}', method: 'post', action: '修改', event: '角色管理', module: '应用管理', log-type: '管理', function: '01020402' }
+      - { path: '/api/xms/app/roles/{id}', method: 'delete', action: '删除', event: '角色管理', module: '应用管理', log-type: '管理', function: '01020403' }
+      ###############################
+      # 用户管理                     #
+      ###############################
+      # 用户管理 - 用户信息
+      - { path: '/api/xms/user/infos', method: 'post', action: '添加', event: '用户管理', module: '用户管理', log-type: '管理', function: '01010101' }
+      - { path: '/api/xms/user/infos/{id}', method: 'post', action: '修改', event: '用户管理', module: '用户管理', log-type: '管理', function: '01010102' }
+      - { path: '/api/xms/user/infos/{id}', method: 'delete', action: '删除', event: '用户管理', module: '用户管理', log-type: '管理', function: '01010103' }
+      # 用户管理 - 用户帐号
+      - { path: '/api/xms/user/accts', method: 'post', action: '添加', event: '用户帐号', module: '用户管理', log-type: '管理', function: '01010201' }
+      - { path: '/api/xms/user/accts/{id}', method: 'post', action: '修改', event: '用户帐号', module: '用户管理', log-type: '管理', function: '01010202' }
+      - { path: '/api/xms/user/accts/{id}', method: 'delete', action: '删除', event: '用户帐号', module: '用户管理', log-type: '管理', function: '01010203' }
+      # - { path: '/api/xms/user/passwd', method: 'post', action: '修改密码', event: '用户帐号', module: '用户管理', log-type: '管理' }
+      # - { path: '/api/xms/user/login', method: 'post', action: '登录帐号', event: '用户帐号', module: '用户管理', log-type: '管理' }
+      # 用户管理 - 证书管理
+      - { path: '/api/xms/user/certs', method: 'post', action: '添加', event: '证书管理', module: '用户管理', log-type: '管理', function: '01010301' }
+      - { path: '/api/xms/user/certs/{id}', method: 'post', action: '修改', event: '证书管理', module: '用户管理', log-type: '管理', function: '01010302' }
+      - { path: '/api/xms/user/certs/{id}', method: 'delete', action: '删除', event: '证书管理', module: '用户管理', log-type: '管理', function: '01010303' }
+      # 用户管理 - 用户凭证
+      - { path: '/api/xms/user/creds', method: 'post', action: '添加', event: '用户凭证', module: '用户管理', log-type: '管理', function: '01010401' }
+      - { path: '/api/xms/user/creds/{id}', method: 'post', action: '修改', event: '用户凭证', module: '用户管理', log-type: '管理', function: '01010402' }
+      - { path: '/api/xms/user/creds/{id}', method: 'delete', action: '删除', event: '用户凭证', module: '用户管理', log-type: '管理', function: '01010403' }
+      # 用户管理 - 群组管理
+      - { path: '/api/xms/user/groups', method: 'post', action: '添加', event: '群组管理', module: '用户管理', log-type: '管理', function: '01010501' }
+      - { path: '/api/xms/user/groups/{id}', method: 'post', action: '修改', event: '群组管理', module: '用户管理', log-type: '管理', function: '01010502' }
+      - { path: '/api/xms/user/groups/{id}', method: 'delete', action: '删除', event: '群组管理', module: '用户管理', log-type: '管理', function: '01010503' }
+      # 用户管理 - 机构管理
+      - { path: '/api/xms/user/orgs', method: 'post', action: '添加', event: '机构管理', module: '用户管理', log-type: '管理', function: '01010601' }
+      - { path: '/api/xms/user/orgs/{id}', method: 'post', action: '修改', event: '机构管理', module: '用户管理', log-type: '管理', function: '01010602' }
+      - { path: '/api/xms/user/orgs/{id}/transfer', method: 'post', action: '迁移', event: '机构管理', module: '用户管理', log-type: '管理', function: '01010604' }
+      - { path: '/api/xms/user/orgs/{id}', method: 'delete', action: '删除', event: '机构管理', module: '用户管理', log-type: '管理', function: '01010603' }
+      # 用户管理 - 注册管理
+      # - { path: '/api/xms/user/regs', method: 'post', action: '提交注册信息', event: '用户注册', module: '用户管理', log-type: '管理' }
+      - { path: '/api/xms/user/regs/{id}', method: 'post', action: '审核注册信息', event: '注册审核', module: '用户管理', log-type: '管理', function: '01010701' }
+      - { path: '/api/xms/user/regs/{id}', method: 'delete', action: '删除注册信息', event: '注册审核', module: '用户管理', log-type: '管理', function: '01010702' }
+      - { path: '/api/xms/user/regs/creds/{id}', method: 'delete', action: '删除注册凭证', event: '注册审核', module: '用户管理', log-type: '管理', function: '01010703' }
+      # 用户管理 - 其他
+      - { path: '/api/xms/util/server.cer', method: 'get', action: '导出服务器证书', event: '证书管理', module: '用户管理', log-type: '管理', function: '01010801' }
+      ##############################################################
+      # 关联关系： 角色-资源、机构-用户、群组-用户                     #
+      ##############################################################
+      # 角色-资源，多对多关系
+      - { path: '/api/xms/bind/role-res/items', method: 'post', action: '添加资源/角色', event: '角色资源/资源角色', module: '应用管理', log-type: '管理', function: '01050101' }
+      - { path: '/api/xms/bind/role-res/items', method: 'delete', action: '批量删除关联', event: '角色资源/资源角色', module: '应用管理', log-type: '管理', function: '01050105' }
+      - { path: '/api/xms/bind/role-res/items/{id}', method: 'post', action: '修改绑定', event: '角色资源/资源角色', module: '应用管理', log-type: '管理', function: '01050102' }
+      - { path: '/api/xms/bind/role-res/items/{id}', method: 'delete', action: '删除资源/角色', event: '角色资源/资源角色', module: '应用管理', log-type: '管理', function: '01050103' }
+      - { path: '/api/xms/bind/role-res/items/batch', method: 'post', action: '批量添加资源/角色', event: '角色资源/资源角色', module: '应用管理', log-type: '管理', function: '01050104' }
+      - { path: '/api/xms/bind/role-res/items/delete', method: 'post', action: '清空资源/角色', event: '角色资源/资源角色', module: '应用管理', log-type: '管理', function: '01050106' }
+      # 部门-用户，一对多关系
+      - { path: '/api/xms/bind/org-user/items', method: 'post', action: '添加用户', event: '机构用户绑定', module: '用户管理', log-type: '管理', function: '01050201' }
+      - { path: '/api/xms/bind/org-user/items', method: 'delete', action: '批量移除用户', event: '机构用户绑定', module: '用户管理', log-type: '管理', function: '01050205' }
+      - { path: '/api/xms/bind/org-user/items/{id}', method: 'post', action: '修改绑定', event: '机构用户绑定', module: '用户管理', log-type: '管理', function: '01050202' }
+      - { path: '/api/xms/bind/org-user/items/{id}', method: 'delete', action: '移除用户', event: '机构用户绑定', module: '用户管理', log-type: '管理', function: '01050203' }
+      - { path: '/api/xms/bind/org-user/items/batch', method: 'post', action: '批量添加用户', event: '机构用户绑定', module: '用户管理', log-type: '管理', function: '01050204' }
+      - { path: '/api/xms/bind/org-user/items/delete', method: 'post', action: '清空机构用户', event: '机构用户绑定', module: '用户管理', log-type: '管理', function: '01050206' }
+      # 群组-用户，多对多关系
+      - { path: '/api/xms/bind/group-user/items', method: 'post', action: '添加用户', event: '群组用户绑定', module: '用户管理', log-type: '管理', function: '01050301' }
+      - { path: '/api/xms/bind/group-user/items', method: 'delete', action: '批量移除用户', event: '群组用户绑定', module: '用户管理', log-type: '管理', function: '01050305' }
+      - { path: '/api/xms/bind/group-user/items/{id}', method: 'post', action: '修改绑定', event: '群组用户绑定', module: '用户管理', log-type: '管理', function: '01050302' }
+      - { path: '/api/xms/bind/group-user/items/{id}', method: 'delete', action: '移除用户', event: '群组用户绑定', module: '用户管理', log-type: '管理', function: '01050303' }
+      - { path: '/api/xms/bind/group-user/items/batch', method: 'post', action: '批量添加用户', event: '群组用户绑定', module: '用户管理', log-type: '管理', function: '01050304' }
+      - { path: '/api/xms/bind/group-user/items/delete', method: 'post', action: '清空机构用户', event: '群组用户绑定', module: '用户管理', log-type: '管理', function: '01050306' }
+      ##############################################################
+      # 授权管理，即角色和【用户、帐号、群组、机构】的绑定关系管理       #
+      ##############################################################
+      # 用户-角色，多对多关系
+      - { path: '/api/xms/bind/user-role/items', method: 'post', action: '增加角色绑定', event: '用户授权', module: '授权管理', log-type: '管理', function: '01030101' }
+      - { path: '/api/xms/bind/user-role/items', method: 'delete', action: '批量删除角色', event: '用户授权', module: '授权管理', log-type: '管理', function: '01030104' }
+      - { path: '/api/xms/bind/user-role/items/{id}', method: 'post', action: '增加角色绑定', event: '用户授权', module: '授权管理', log-type: '管理', function: '01030101' }
+      - { path: '/api/xms/bind/user-role/items/{id}', method: 'delete', action: '删除绑定角色', event: '用户授权', module: '授权管理', log-type: '管理', function: '01030102' }
+      - { path: '/api/xms/bind/user-role/items/batch', method: 'post', action: '批量添加角色', event: '用户授权', module: '授权管理', log-type: '管理', function: '01030103' }
+      - { path: '/api/xms/bind/user-role/items/delete', method: 'post', action: '清空角色', event: '用户授权', module: '授权管理', log-type: '管理', function: '01030105' }
+      # 帐号-角色，多对多关系
+      - { path: '/api/xms/bind/acct-role/items', method: 'post', action: '增加角色绑定', event: '帐号授权', module: '授权管理', log-type: '管理', function: '01030201' }
+      - { path: '/api/xms/bind/acct-role/items', method: 'delete', action: '批量删除角色', event: '帐号授权', module: '授权管理', log-type: '管理', function: '01030204' }
+      - { path: '/api/xms/bind/acct-role/items/{id}', method: 'post', action: '增加角色绑定', event: '帐号授权', module: '授权管理', log-type: '管理', function: '01030201' }
+      - { path: '/api/xms/bind/acct-role/items/{id}', method: 'delete', action: '删除角色绑定', event: '帐号授权', module: '授权管理', log-type: '管理', function: '01030202' }
+      - { path: '/api/xms/bind/acct-role/items/batch', method: 'post', action: '批量添加角色', event: '帐号授权', module: '授权管理', log-type: '管理', function: '01030203' }
+      - { path: '/api/xms/bind/acct-role/items/delete', method: 'post', action: '清空角色', event: '帐号授权', module: '授权管理', log-type: '管理', function: '01030205' }
+      # 群组-角色，多对多关系
+      - { path: '/api/xms/bind/group-role/items', method: 'post', action: '增加角色绑定', event: '群组授权', module: '授权管理', log-type: '管理', function: '01030301' }
+      - { path: '/api/xms/bind/group-role/items', method: 'delete', action: '批量删除角色', event: '群组授权', module: '授权管理', log-type: '管理', function: '01030304' }
+      - { path: '/api/xms/bind/group-role/items/{id}', method: 'post', action: '增加角色绑定', event: '群组授权', module: '授权管理', log-type: '管理', function: '01030301' }
+      - { path: '/api/xms/bind/group-role/items/{id}', method: 'delete', action: '删除角色绑定', event: '群组授权', module: '授权管理', log-type: '管理', function: '01030302' }
+      - { path: '/api/xms/bind/group-role/items/batch', method: 'post', action: '批量添加角色', event: '群组授权', module: '授权管理', log-type: '管理', function: '01030303' }
+      - { path: '/api/xms/bind/group-role/items/delete', method: 'post', action: '清空角色', event: '群组授权', module: '授权管理', log-type: '管理', function: '01030305' }
+      # 部门-角色，多对多关系
+      - { path: '/api/xms/bind/org-role/items', method: 'post', action: '增加角色绑定', event: '机构授权', module: '授权管理', log-type: '管理', function: '01030401' }
+      - { path: '/api/xms/bind/org-role/items', method: 'delete', action: '批量删除角色', event: '机构授权', module: '授权管理', log-type: '管理', function: '01030404' }
+      - { path: '/api/xms/bind/org-role/items/{id}', method: 'post', action: '增加角色绑定', event: '机构授权', module: '授权管理', log-type: '管理', function: '01030401' }
+      - { path: '/api/xms/bind/org-role/items/{id}', method: 'delete', action: '删除角色绑定', event: '机构授权', module: '授权管理', log-type: '管理', function: '01030402' }
+      - { path: '/api/xms/bind/org-role/items/batch', method: 'post', action: '批量添加角色', event: '机构授权', module: '授权管理', log-type: '管理', function: '01030403' }
+      - { path: '/api/xms/bind/org-role/items/delete', method: 'post', action: '清空角色', event: '机构授权', module: '授权管理', log-type: '管理', function: '01030405' }
+      ##############################################################
+      # 其他服务                                                    #
+      ##############################################################
+      # 设备管理
+      - { path: '/api/xms/device/infos', method: 'post', params: 'dataType=ukey', action: '添加', event: '证书UKey管理', module: '设备管理', log-type: '管理', function: '01040101' }
+      - { path: '/api/xms/device/infos', method: 'post', params: 'dataType=tf', action: '添加', event: '证书TF卡管理', module: '设备管理', log-type: '管理', function: '01040201' }
+      - { path: '/api/xms/device/infos', method: 'post', params: 'dataType=identity', action: '添加', event: '用户身份卡管理', module: '设备管理', log-type: '管理', function: '01040301' }
+      - { path: '/api/xms/device/infos', method: 'post', params: 'dataType=token', action: '添加', event: '动态令牌管理', module: '设备管理', log-type: '管理', function: '01040401' }
+      - { path: '/api/xms/device/infos', method: 'post', action: '添加', event: '设备管理', module: '设备管理', log-type: '管理', function: '01040501' }
+      - { path: '/api/xms/device/infos/{id}', method: 'post', action: '修改', event: '设备管理', module: '设备管理', log-type: '管理', function: '01040502' }
+      - { path: '/api/xms/device/infos/{id}', method: 'delete', action: '删除', event: '设备管理', module: '设备管理', log-type: '管理', function: '01040503' }
+      # 批量导入
+      # { path: '/api/xms/task/acct/import', method: 'post', action: '导入', event: '导入帐号', module: '导入管理', log-type: '管理' }
+      # { path: '/api/xms/task/group/import', method: 'post', action: '导入', event: '导入群组', module: '导入管理', log-type: '管理' }
+      - { path: '/api/xms/task/org-user/import', method: 'post', action: '导入', event: '导入机构用户', module: '导入管理', log-type: '管理', function: '01050207' }
+      - { path: '/api/xms/task/group-user/import', method: 'post', action: '导入', event: '导入群组用户', module: '导入管理', log-type: '管理', function: '01050307' }
+      - { path: '/api/xms/task/cert/import', method: 'post', action: '导入', event: '导入用户证书', module: '导入管理', log-type: '管理', function: '01010304' }
+      - { path: '/api/xms/task/org/import', method: 'post', action: '导入', event: '导入机构信息', module: '导入管理', log-type: '管理', function: '01010605' }
+      - { path: '/api/xms/task/app/import', method: 'post', action: '导入', event: '导入应用信息', module: '导入管理', log-type: '管理', function: '01020104' }
+      - { path: '/api/xms/task/res/import', method: 'post', action: '导入', event: '导入应用资源', module: '导入管理', log-type: '管理', function: '01020304' }
+      - { path: '/api/xms/task/role/import', method: 'post', action: '导入', event: '导入应用角色', module: '导入管理', log-type: '管理', function: '01020404' }
+      - { path: '/api/xms/task/policy/import', method: 'post', action: '导入', event: '导入策略信息', module: '导入管理', log-type: '管理', function: '01020204' }
+      - { path: '/api/xms/task/policy-item/import', method: 'post', action: '导入', event: '导入策略值', module: '导入管理', log-type: '管理', function: '01020209' }
+      # 设备导入：ukey - 证书UKey；token - 动态令牌；tf - 证书TF卡；identity - 用户身份卡
+      - { path: '/api/xms/task/dev/import', method: 'post', params: 'subType=ukey', action: '导入证书UKey管理', event: '导入设备信息', module: '导入管理', log-type: '管理', function: '01040102' }
+      - { path: '/api/xms/task/dev/import', method: 'post', params: 'subType=tf', action: '导入证书TF卡管理', event: '导入设备信息', module: '导入管理', log-type: '管理', function: '01040202' }
+      - { path: '/api/xms/task/dev/import', method: 'post', params: 'subType=identity', action: '导入用户身份卡管理', event: '导入设备信息', module: '导入管理', log-type: '管理', function: '01040302' }
+      - { path: '/api/xms/task/dev/import', method: 'post', params: 'subType=token', action: '导入动态令牌管理', event: '导入设备信息', module: '导入管理', log-type: '管理', function: '01040402' }
+      - { path: '/api/xms/task/dev/import', method: 'post', action: '导入其他设备信息', event: '导入设备信息', module: '导入管理', log-type: '管理', function: '01040504' }
+      # 批量导出
+      - { path: '/api/xms/task/app/export', method: 'post', action: '导出', event: '导出应用信息', module: '导出管理', log-type: '管理', function: '01020105' }
+      - { path: '/api/xms/task/res/export', method: 'post', action: '导出', event: '导出应用资源', module: '导出管理', log-type: '管理', function: '01020305' }
+      - { path: '/api/xms/task/role/export', method: 'post', action: '导出', event: '导出应用角色', module: '导出管理', log-type: '管理', function: '01020405' }
+      - { path: '/api/xms/task/acct/export', method: 'post', action: '导出', event: '导出账号信息', module: '导出管理', log-type: '管理', function: '01010204' }
+      - { path: '/api/xms/task/group-user/export', method: 'post', action: '导出', event: '导出群组用户', module: '导出管理', log-type: '管理', function: '01050308' }
+      - { path: '/api/xms/task/org-user/export', method: 'post', action: '导出', event: '导出机构用户', module: '导出管理', log-type: '管理', function: '01050208' }
+      - { path: '/api/xms/task/org/export', method: 'post', action: '导出', event: '导出机构信息', module: '导出管理', log-type: '管理', function: '01010606' }
+      - { path: '/api/xms/task/policy/export', method: 'post', action: '导出', event: '导出策略信息', module: '导出管理', log-type: '管理', function: '01020205' }
+      - { path: '/api/xms/task/policy-item/export', method: 'post', action: '导出', event: '导出策略值', module: '导出管理', log-type: '管理', function: '01020210' }
+      # 设备导出：ukey - 证书UKey；token - 动态令牌；tf - 证书TF卡；identity - 用户身份卡
+      - { path: '/api/xms/task/dev/export', method: 'post', params: 'subType=ukey', action: '导出证书UKey管理', event: '导出设备信息', module: '导出管理', log-type: '管理', function: '01040103' }
+      - { path: '/api/xms/task/dev/export', method: 'post', params: 'subType=tf', action: '导出证书TF卡管理', event: '导出设备信息', module: '导出管理', log-type: '管理', function: '01040203' }
+      - { path: '/api/xms/task/dev/export', method: 'post', params: 'subType=identity', action: '导出用户身份卡管理', event: '导出设备信息', module: '导出管理', log-type: '管理', function: '01040303' }
+      - { path: '/api/xms/task/dev/export', method: 'post', params: 'subType=token', action: '导出动态令牌管理', event: '导出设备信息', module: '导出管理', log-type: '管理', function: '01040403' }
+      - { path: '/api/xms/task/dev/export', method: 'post', action: '导出其他设备信息', event: '导出设备信息', module: '导出管理', log-type: '管理', function: '01040505' }
+
+# 按用户和应用ID批量删除绑定关系
+#      - { path: '/api/xms/bind/all/items/batch', method: 'delete', action: '按用户和应用', event: '批量删除', module: '绑定管理', log-type: '管理' }
+# 组合删除服务
+#      - { path: '/api/xms/bff/role/{id}', method: 'delete', action: '删除角色及相关项', event: '删除关联关系', module: '关联关系管理', log-type: '管理' }
+#      - { path: '/api/xms/bff/resource/{id}', method: 'delete', action: '删除资源及相关项', event: '删除关联关系', module: '关联关系管理', log-type: '管理' }
+#      - { path: '/api/xms/bff/app/{id}', method: 'delete', action: '删除应用及相关项', event: '删除关联关系', module: '关联关系管理', log-type: '管理' }
+#      - { path: '/api/xms/bff/acct/{id}', method: 'delete', action: '删除帐号及相关项', event: '删除关联关系', module: '关联关系管理', log-type: '管理' }
+#      - { path: '/api/xms/bff/org/{id}', method: 'delete', action: '删除部门及相关项', event: '删除关联关系', module: '关联关系管理', log-type: '管理' }
+#      - { path: '/api/xms/bff/user/{id}', method: 'delete', action: '删除用户及相关项', event: '删除关联关系', module: '关联关系管理', log-type: '管理' }
+#      - { path: '/api/xms/bff/group/{id}', method: 'delete', action: '删除群组及相关项', event: '删除关联关系', module: '关联关系管理', log-type: '管理' }
+
+
+xms.log:
+  routes: *routes
+  system: "db47020105" # 系统标识码
+  software: "020105" # 软件标识码
+  version: 1 # 软件内部版本

xms-core/apps/xms-all-in-one/src/main/resources/application-mysql.yml

@@ -0,0 +1,17 @@
+# 数据库配置
+---
+spring:
+  datasource:
+    username: root
+    password:
+    url: jdbc:mysql://127.0.0.1:13306/xms?useUnicode=true&characterEncoding=utf-8&useSSL=true&serverTimezone=UTC
+    driver-class-name: com.mysql.cj.jdbc.Driver
+    platform: mysql
+  jpa:
+    database-platform: org.hibernate.dialect.MySQL8Dialect
+    show-sql: true
+    hibernate:
+      naming:
+        implicit-strategy: org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl
+        physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
+      ddl-auto: none

xms-core/apps/xms-all-in-one/src/main/resources/application-oscar.yml

@@ -0,0 +1,13 @@
+# 数据库配置
+---
+spring:
+  datasource:
+    username: xms
+    password: xms
+    url: jdbc:oscar://192.168.0.100:2003/xmsrdb
+    driver-class-name: com.oscar.Driver
+    platform: oscar
+  jpa:
+    database-platform: org.hibernate.dialect.XmsOscarDialect
+    hibernate.ddl-auto: none
+    show-sql: true

xms-core/apps/xms-all-in-one/src/main/resources/application-routes.yml

@@ -0,0 +1,209 @@
+# 默认路由规则
+---
+gateway.response.body.peek-size: 200
+spring:
+  profiles: routes
+  cloud:
+    gateway:
+      default-filters:
+        #- PrefixPath=/httpbin
+        #- JwtParser=.*/login
+        - AddResponseHeader=Cache-Control, no-cache
+        - AddResponseHeader=Pragma, no-cache
+        - AddResponseHeader=Expires, -1
+        # - RewritePath=/api/gaf/(?<segment>.*), /gaf/$\{segment}
+
+      routes:
+        # 登录认证接口
+        - id: gaf_login
+          uri: forward:///gaf/auth/login
+          predicates:
+            - Path=/api/gaf/login
+          filters:
+            - VerifyCode
+            - PeekResponseBody
+        # 字典接口
+        - id: gaf_code
+          uri: ${uri.gaf}
+          predicates:
+            - Path=/api/gaf/code/**
+            - Method=Get
+          filters:
+            - RewritePath=/api/gaf/(?<segment>.*), /gaf/$\{segment}
+            - Forward
+        # 验证码接口
+        - id: gaf_verify
+          uri: ${uri.gaf}
+          predicates:
+            - Path=/api/gaf/verify/**
+          filters:
+            - RewritePath=/api/gaf/(?<segment>.*), /gaf/$\{segment}
+            - Forward
+        # 菜单接口
+        - id: gaf_menu
+          uri: ${uri.gaf}
+          predicates:
+            - Path=/api/menu/**
+            - Method=Get
+          filters:
+            - RewritePath=/api/(?<segment>.*), /gaf/$\{segment}
+            - Forward
+        # GAF接口服务
+        - id: gaf_core_get
+          uri: ${uri.gaf}
+          predicates:
+            - Path=/api/gaf/**
+            - Method=Get
+            - Jwt=issuer, gaf
+          filters:
+            - RewritePath=/api/gaf/(?<segment>.*), /gaf/$\{segment}
+            - Forward
+        # GAF接口服务
+        - id: gaf_core
+          uri: ${uri.gaf}
+          predicates:
+            - Path=/api/gaf/**
+            - Jwt=issuer, gaf
+          filters:
+            - RewritePath=/api/gaf/(?<segment>.*), /gaf/$\{segment}
+            - Forward
+            - Log
+        # XMS机构查询接口
+        - id: xms_org_api
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/user/orgs/**
+            - Method=Get
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        # XMS绑定关系接口
+        - id: xms_org_api
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/bind/**
+            - Method=Get
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        # XMS数据同步接口
+        - id: xms_sync_api
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/sync/**
+            - Method=Get
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        # XMS Utils接口
+        - id: xms_util_api
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/util/**
+            - Method=Get
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        # XMS信息查询接口
+        - id: xms_get_api
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/**
+            - Method=Get
+            - Jwt=issuer, gaf
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        # XMS设备查询接口
+        - id: xms_device_info
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/device/**
+            - Method=Get
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        # XMS接口
+        - id: xms_api
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/**
+            - Jwt=issuer, gaf
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+            - Log
+        # XMS导出接口
+        - id: xms_task_download
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/task/*/download
+            - Method=Get
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        - id: xms_task_template
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/task/*/template
+            - Method=Get
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        - id: xms_task_log
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/task/*/log
+            - Method=Get
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        # XMS用户注册接口
+        - id: xms_register
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/user/regs
+            - Method=Post
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+            - VerifyCode
+        # XMS文件服务接口
+        - id: xms_file
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/xms/file/**
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - Forward
+        # XMS-Adaptor服务接口
+        - id: xms_adaptor
+          uri: http://127.0.0.1:18082
+          predicates:
+            - Path=/api/xms/adaptor/sync-user/**
+          filters:
+            - RewritePath=/api/xms/(?<segment>.*), /$\{segment}
+        # 日志采集接口
+        - id: xms_log
+          uri: ${uri.xms}
+          predicates:
+            - Path=/api/log/**
+            - Method=Post
+          filters:
+            - RewritePath=/api/log/(?<segment>.*), /xms/log/$\{segment}
+            - Forward
+          # == 默认处理 ==
+        - id: index
+          uri: forward:///index # default for unauthorized
+          predicates:
+            - Path=/
+          filters:
+            - RedirectTo=302, /admin/index.html
+        - id: api_default
+          uri: forward:///401 # default for unauthorized
+          order: 1000
+          predicates:
+            - Path=/api/**
+            #- Method=POST
+          filters:
+            - SetStatus=401

xms-core/apps/xms-all-in-one/src/main/resources/application-sync.yml

@@ -0,0 +1,10 @@
+xms.sync:
+  log-revision: true # 是否记录数据变更
+  # origin.scope: register # 数据来源
+#  domainCode: A #本系统所在域编码
+  schedule:
+    enabled: false # 是否开启同步任务轮询
+    initial-delay: 10 # 启动后延时多少秒开始同步任务
+    fixed-delay: 60 # 两次同步轮询之间间隔秒数
+    list-of-servers:
+      - http://localhost:18080

xms-core/apps/xms-all-in-one/src/main/resources/application-task.yml

@@ -0,0 +1,93 @@
+xms.task:
+  log-path: ./logs
+  support-ext: csv, xls, ecf
+  default-ext: csv
+  log-debug: false
+  import-tasks:
+    org-user:
+      class-name: jit.xms.core.services.bff.service.BffOrgUserService
+      fieldMap: { name: "姓名", code: "用户编码", orgCode: "机构编码", orgName: "机构名称", sfzh: "身份证号",bzkh: "保障卡号", jrzjh: "军官证号", sex: "性别", title: "职位", phone: "电话", addr: "地址", email: "邮箱",account: "帐号",secret: "密码" }
+      fieldRegex: { sfzh: '\d{17}[\dxX]', bzkh: '\d{18}' }
+    group-user:
+      class-name: jit.xms.core.services.bff.service.BffGroupUserService
+      fieldMap: { name: "群组名称", code: "群组编码", bzkh: "保障卡号" }
+    org:
+      class-name: jit.xms.core.services.user.orgs.service.UserOrgService
+      fieldMap: { name: "机构名称", code: "机构编码", parentCode: "上级机构编码", parentName: "上级机构名称", level: "机构类型" }
+      fieldDict: { level: "org" }
+    app:
+      class-name: jit.xms.core.services.app.infos.service.AppInfoService
+      fieldMap: { name: "应用名称", code: "应用编码", admin: "管理人员", phone: "联系电话", url: "应用地址" }
+    role:
+      class-name: jit.xms.core.services.app.roles.service.AppRoleService
+      fieldMap: { appName: "应用名称", name: "角色名称", code: "角色编码", type: "角色类型" }
+      fieldDict: { type: "role" }
+    res:
+      class-name: jit.xms.core.services.app.resources.service.AppResService
+      fieldMap: { appName: "应用名称", name: "资源名称", code: "资源编码", value: "资源绑定值" }
+    dev:
+      class-name: jit.xms.core.services.device.service.XmsDeviceInfoService
+      fieldMap: { name: "设备名称", code: "设备编码", serial: "序列号", type: "设备类型", data: "设备参数" }
+      fieldDict: { type: "devtype" }
+    policy:
+      class-name: jit.xms.core.services.app.policies.service.AppPolicyService
+      fieldMap: { appName: "应用名称", parentName: "上级策略名称", parentCode: "上级策略编码", name: "策略名称", code: "策略编码" }
+    policy-item:
+      class-name: jit.xms.core.services.app.policies.service.AppPolicyItemService
+      fieldMap: { name: "策略名称", code: "策略编码", key: "属性名", value: "属性值", type: "数据类型" }
+      fieldDict: { type: "type" }
+    cert:
+      class-name: jit.xms.core.services.user.certs.service.UserCertService
+      fieldMap: { cn: "CN", dn: "DN", signCert: "SignCert", encCert: "EncryptCert", keyAlgo: "KeyAlgo", validity: "ValidityPeriod", eckSign: "TempSymSignKey", eckEnc: "TempSymKey", signPrv: "SignKey", encPrv: "EncryptKey", kekPub: "TempPubKey", name: "name", bzkh: "code" }
+      fieldConv: { bzkh: "bzkh" }
+    acct:
+      class-name: jit.xms.core.services.user.accts.service.UserAcctService
+      fieldMap: { "sfzh": "身份证号", account: "帐号", secret: "密码" }
+  export-tasks:
+    petition:
+      class-name: jit.xms.core.services.bff.service.BffOrgUserService
+      fieldMap: { name: "姓名", bzkh: "保障卡号", sfzh: "身份证号", jrzjh: "军官证号", orgCode: "单位", title: "职级" }
+      fieldConv: { bzkh: "bzkh" }
+    org-user:
+      class-name: jit.xms.core.services.bff.service.BffOrgUserService
+      fieldMap: { name: "姓名", code: "用户编码", orgCode: "机构编码", sfzh: "身份证号",bzkh: "保障卡号", jrzjh: "军官证号", sex: "性别", title: "职位", phone: "电话", addr: "地址", email: "邮箱", status: "用户状态"}
+      fieldDict: { status: "status" }
+    acct:
+      class-name: jit.xms.core.services.bff.service.BffAppAcctService
+      fieldMap: { "user.name": "姓名", "user.sfzh": "身份证号", account: "帐号", status: "状态" }
+      fieldDict: { status: "usage" }
+    group-user:
+      class-name: jit.xms.core.services.bff.service.BffGroupUserService
+      fieldMap: { name: "姓名", code: "用户编码", sfzh: "身份证号",bzkh: "保障卡号", jrzjh: "军官证号", sex: "性别", title: "职位", phone: "电话", addr: "地址", email: "邮箱", status: "用户状态" }
+      fieldDict: { status: "status" }
+    org:
+      class-name: jit.xms.core.services.user.orgs.service.UserOrgService
+      fieldMap: { name: "机构名称", code: "机构编码", parentCode: "上级机构编码", parentName: "上级机构名称", level: "机构类型"}
+      fieldDict: { level: "org" }
+    app:
+      class-name: jit.xms.core.services.app.infos.service.AppInfoService
+      fieldMap: { name: "应用名称", code: "应用编码", status: "应用状态", admin: "管理人员", phone: "联系电话", url: "应用地址" }
+      fieldDict: { status: "usage" }
+    role:
+      class-name: jit.xms.core.services.app.roles.service.AppRoleService
+      fieldMap: { name: "角色名称", code: "角色编码", type: "角色类型" }
+      fieldDict: { type: "role" }
+    res:
+      class-name: jit.xms.core.services.app.resources.service.AppResService
+      fieldMap: { name: "资源名称", code: "资源编码", value: "资源绑定值" }
+    dev:
+      class-name: jit.xms.core.services.device.service.XmsDeviceInfoService
+      fieldMap: { name: "设备名称", code: "设备编码", serial: "序列号", type: "设备类型", status: "设备状态" }
+      fieldDict: { type: "devtype", status: "device" }
+    policy:
+      class-name: jit.xms.core.services.app.policies.service.AppPolicyService
+      fieldMap: { appName: "应用名称", parentName: "上级策略名称", parentCode: "上级策略编码", name: "策略名称", code: "策略编码" }
+    policy-item:
+      class-name: jit.xms.core.services.app.policies.service.AppPolicyItemService
+      fieldMap: { name: "策略名称", code: "策略编码", key: "属性名", value: "属性值", type: "数据类型" }
+      fieldDict: { type: "type" }
+    cred:
+      class-name: jit.xms.core.services.bff.service.BffUserCredService
+      fieldMap: { "user.name": "姓名", "user.sfzh": "身份证号", type: "凭证类型", name: "凭证名称", status: "状态", data: "凭证数据" }
+      fieldDict: { type: "cred", status: "usage" }
+

xms-core/apps/xms-all-in-one/src/main/resources/application.yml

@@ -0,0 +1,76 @@
+# 全局配置
+jwt.secret: &jwtSecret "GafJwtSecret!@#"
+agent.jwt-secret: *jwtSecret
+api.host: 127.0.0.1
+uri:
+  gaf: http://${api.host}:8001
+  xms: http://${api.host}:8108
+
+gaf:
+  auth:
+    jwt-secret: *jwtSecret
+    jwt-issuer: gaf
+    jwt-validity: 5h
+  web:
+    spa:
+      index-paths:
+        - /admin/gaf
+        - /admin/xms
+        - /admin/log
+        - /admin
+        - /register
+  menu:
+    store-type: file
+    # example: file:config/menu/items.json 、classpath:/menu/items.json
+    items-file: file:config/menu/items.json #default: classpath:/menu/items.json
+    menus-file: file:config/menu/menus.json   #default: classpath:/menu/menus.json
+  code.store-type: hybrid
+  cache.verify.validity: 300s
+
+
+server:
+  port: 18080
+  servlet:
+    encoding:
+      charset: utf-8
+spring:
+  profiles:
+    include: routes, log, task, feign, sync, auth, actuator
+    active: local
+  resources:
+    static-locations: file:public/,file:dist/public/,classpath:/META-INF/resources/,classpath:/resources/,classpath:/static/,classpath:/public/
+  main:
+    allow-bean-definition-overriding: true
+  datasource:
+    type: org.apache.commons.dbcp2.BasicDataSource
+    dbcp2:
+      initial-size: 5
+      max-total: 20
+      max-idle: 10
+      min-idle: 5
+
+#鉴权地址和模拟SSO登录配置
+auth.url: http://127.0.0.1:8888/JBSQFW
+sso.mock.token: 91fada82-e2c7-11ea-992f-0242ac120002
+
+---
+spring:
+  profiles: local
+
+gaf:
+  menu:
+    items-file: classpath:/menu/items-lite.json #default: classpath:/menu/tree.json
+    menus-file: classpath:/menu/menus.json   #default: classpath:/menu/bar.json
+
+logging.level.gaf3.core.*: DEBUG
+logging.level.jit.xms.*: DEBUG
+#logging.level.org.hibernate.type.descriptor.sql.BasicBinder: trace
+#debug: true
+
+---
+spring:
+  profiles: init
+  datasource:
+    initialization-mode: always
+    continue-on-error: false
+    separator: $$

xms-core/apps/xms-all-in-one/src/main/resources/code/bool.json

@@ -0,0 +1,16 @@
+[
+  {
+    "id": "bool-1",
+    "type": "bool",
+    "code": "true",
+    "name": "是",
+    "status": "0"
+  },
+  {
+    "id": "bool-2",
+    "type": "bool",
+    "code": "false",
+    "name": "否",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/code/cred.json

@@ -0,0 +1,44 @@
+[
+  {
+    "id": "cred-0",
+    "type": "cred",
+    "code": "fingerprint",
+    "name": "指纹",
+    "status": "0"
+  },
+  {
+    "id": "cred-1",
+    "type": "cred",
+    "code": "fingervein",
+    "name": "指静脉",
+    "status": "0"
+  },
+  {
+    "id": "cred-2",
+    "type": "cred",
+    "code": "iris",
+    "name": "虹膜",
+    "status": "0"
+  },
+  {
+    "id": "cred-3",
+    "type": "cred",
+    "code": "face",
+    "name": "人脸",
+    "status": "0"
+  },
+  {
+    "id": "cred-4",
+    "type": "cred",
+    "code": "token",
+    "name": "动态令牌",
+    "status": "0"
+  },
+  {
+    "id": "cred-5",
+    "type": "cred",
+    "code": "ukey",
+    "name": "证书(UKey)",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/code/device.json

@@ -0,0 +1,23 @@
+[
+  {
+    "id": "device-0",
+    "type": "device",
+    "code": "0",
+    "name": "正常",
+    "status": "0"
+  },
+  {
+    "id": "device-1",
+    "type": "device",
+    "code": "1",
+    "name": "挂失",
+    "status": "0"
+  },
+  {
+    "id": "device-2",
+    "type": "device",
+    "code": "2",
+    "name": "损毁",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/code/devtype.json

@@ -0,0 +1,30 @@
+[
+  {
+    "id": "devtype-0",
+    "type": "devtype",
+    "code": "ukey",
+    "name": "证书UKey",
+    "status": "0"
+  },
+  {
+    "id": "devtype-1",
+    "type": "devtype",
+    "code": "tf",
+    "name": "证书TF卡",
+    "status": "0"
+  },
+  {
+    "id": "devtype-2",
+    "type": "devtype",
+    "code": "token",
+    "name": "动态令牌",
+    "status": "0"
+  },
+  {
+    "id": "devtype-3",
+    "type": "devtype",
+    "code": "identity",
+    "name": "用户身份卡",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/code/org.json

@@ -0,0 +1,16 @@
+[
+  {
+    "id": "org-0",
+    "type": "org",
+    "code": "0",
+    "name": "军",
+    "status": "0"
+  },
+  {
+    "id": "org-1",
+    "type": "org",
+    "code": "1",
+    "name": "民",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/code/reg.json

@@ -0,0 +1,23 @@
+[
+  {
+    "id": "reg-0",
+    "type": "reg",
+    "code": "0",
+    "name": "待审核",
+    "status": "0"
+  },
+  {
+    "id": "reg-1",
+    "type": "reg",
+    "code": "1",
+    "name": "审核通过",
+    "status": "0"
+  },
+  {
+    "id": "reg-2",
+    "type": "reg",
+    "code": "2",
+    "name": "已驳回",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/code/role.json

@@ -0,0 +1,16 @@
+[
+  {
+    "id": "role-0",
+    "type": "role",
+    "code": "0",
+    "name": "普通角色",
+    "status": "0"
+  },
+  {
+    "id": "role-1",
+    "type": "role",
+    "code": "1",
+    "name": "组合角色",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/code/status.json

@@ -0,0 +1,23 @@
+[
+  {
+    "id": "status-0",
+    "type": "status",
+    "code": "0",
+    "name": "正常",
+    "status": "0"
+  },
+  {
+    "id": "status-1",
+    "type": "status",
+    "code": "1",
+    "name": "注销",
+    "status": "0"
+  },
+  {
+    "id": "status-2",
+    "type": "status",
+    "code": "2",
+    "name": "冻结",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/code/type.json

@@ -0,0 +1,44 @@
+[
+  {
+    "id": "type-1",
+    "type": "type",
+    "code": "string",
+    "name": "字符型",
+    "status": "0"
+  },
+  {
+    "id": "type-2",
+    "type": "type",
+    "code": "number",
+    "name": "数字型",
+    "status": "0"
+  },
+  {
+    "id": "type-3",
+    "type": "type",
+    "code": "bool",
+    "name": "布尔型",
+    "status": "0"
+  },
+  {
+    "id": "type-4",
+    "type": "type",
+    "code": "datetime",
+    "name": "日期+时间",
+    "status": "0"
+  },
+  {
+    "id": "type-5",
+    "type": "type",
+    "code": "date",
+    "name": "日期",
+    "status": "0"
+  },
+  {
+    "id": "type-6",
+    "type": "type",
+    "code": "time",
+    "name": "时间",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/code/usage.json

@@ -0,0 +1,16 @@
+[
+  {
+    "id": "usage-0",
+    "type": "usage",
+    "code": "0",
+    "name": "正常",
+    "status": "0"
+  },
+  {
+    "id": "usage-1",
+    "type": "usage",
+    "code": "1",
+    "name": "停用",
+    "status": "0"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/menu/items-full.json

@@ -0,0 +1,248 @@
+[
+  {
+    "id": "xms_user",
+    "title": "用户管理",
+    "path": "/xms/user",
+    "icon": "idcard",
+    "module": "@user",
+    "children": [
+      {
+        "id": "xms_user_info",
+        "title": "用户信息",
+        "path": "/xms/user",
+        "icon": "idcard"
+      },
+      {
+        "id": "xms_user_org",
+        "title": "机构管理",
+        "path": "/xms/org",
+        "icon": "dept"
+      },
+      {
+        "id": "xms_user_group",
+        "title": "群组管理",
+        "path": "/xms/group",
+        "icon": "users"
+      },
+      {
+        "id": "xms_user_acct",
+        "title": "帐号管理",
+        "path": "/xms/acct",
+        "icon": "user"
+      },
+      {
+        "id": "xms_user_cert",
+        "title": "证书管理",
+        "path": "/xms/cert",
+        "icon": "cert"
+      },
+      {
+        "id": "xms_user_blacklist",
+        "title": "黑名单管理",
+        "path": "/xms/blacklist",
+        "icon": "user1"
+      }
+    ]
+  },
+  {
+    "id": "xms_register",
+    "title": "用户审核",
+    "path": "/xms/register",
+    "icon": "idok",
+    "module": "@user",
+    "children": [
+      {
+        "id": "xms_register_0",
+        "title": "待审核",
+        "path": "/xms/register/0",
+        "icon": "prompt"
+      },
+      {
+        "id": "xms_register_1",
+        "title": "已审核",
+        "path": "/xms/register/1",
+        "icon": "success"
+      },
+      {
+        "id": "xms_register_2",
+        "title": "已驳回",
+        "path": "/xms/register/2",
+        "icon": "error"
+      }
+    ]
+  },
+  {
+    "id": "xms_auth",
+    "title": "授权管理",
+    "path": "/xms/authorize/org",
+    "icon": "auth",
+    "module": "@authorize",
+    "children": [
+      {
+        "id": "xms_auth_org",
+        "title": "机构授权",
+        "path": "/xms/authorize/org",
+        "icon": "dept"
+      },
+      {
+        "id": "xms_auth_group",
+        "title": "群组授权",
+        "path": "/xms/authorize/group",
+        "icon": "users"
+      }
+    ]
+  },
+  {
+    "id": "xms_cred",
+    "title": "凭证管理",
+    "path": "/xms/cred",
+    "icon": "cert",
+    "module": "@cred",
+    "children": [
+      {
+        "id": "xms_cred_fingerprint",
+        "title": "指纹信息",
+        "path": "/xms/cred/fingerprint",
+        "icon": "tags"
+      },
+      {
+        "id": "xms_cred_fingervein",
+        "title": "指静脉信息",
+        "path": "/xms/cred/fingervein",
+        "icon": "tags"
+      },
+      {
+        "id": "xms_cred_iris",
+        "title": "虹膜信息",
+        "path": "/xms/cred/iris",
+        "icon": "tags",
+        "pid": "4"
+      },
+      {
+        "id": "xms_cred_face",
+        "title": "人脸信息",
+        "path": "/xms/cred/face",
+        "icon": "tags"
+      },
+      {
+        "id": "xms_cred_ukey",
+        "title": "证书管理",
+        "path": "/xms/cred/ukey",
+        "icon": "tags"
+      },
+      {
+        "id": "xms_cred_token",
+        "title": "动态令牌",
+        "path": "/xms/cred/token",
+        "icon": "tags"
+      }
+    ]
+  },
+  {
+    "id": "xms_dev",
+    "title": "凭证设备",
+    "path": "/xms/dev",
+    "icon": "mobile",
+    "module": "@cred",
+    "children": [
+      {
+        "id": "xms_dev_ukey",
+        "title": "UKey证书",
+        "path": "/xms/dev/ukey",
+        "icon": "tag"
+      },
+      {
+        "id": "xms_dev_token",
+        "title": "动态令牌",
+        "path": "/xms/dev/token",
+        "icon": "tag",
+        "pid": "5"
+      },
+      {
+        "id": "xms_dev_identity",
+        "title": "用户身份卡",
+        "path": "/xms/dev/identity",
+        "icon": "tag"
+      },
+      {
+        "id": "xms_dev_tf",
+        "title": "TF卡",
+        "path": "/xms/dev/tf",
+        "icon": "tag",
+        "pid": "5"
+      }
+    ]
+  },
+  {
+    "id": "xms_app",
+    "title": "应用管理",
+    "path": "/xms/app",
+    "icon": "column",
+    "module": "@app",
+    "children": [
+      {
+        "id": "xms_app_info",
+        "title": "应用信息",
+        "path": "/xms/app",
+        "icon": "bill"
+      },
+      {
+        "id": "xms_app_res",
+        "title": "资源管理",
+        "path": "/xms/resources",
+        "icon": "tags"
+      },
+      {
+        "id": "xms_app_role",
+        "title": "角色管理",
+        "path": "/xms/roles",
+        "icon": "tag"
+      },
+      {
+        "id": "xms_app_policy",
+        "title": "策略管理",
+        "path": "/xms/policy",
+        "icon": "caogao"
+      }
+    ]
+  },
+  {
+    "id": "gaf_system",
+    "title": "系统管理",
+    "path": "/gaf/user",
+    "icon": "system",
+    "module": "@gaf",
+    "children": [
+      {
+        "id": "gaf_user",
+        "title": "系统用户",
+        "path": "/gaf/user",
+        "icon": "account"
+      },
+      {
+        "id": "gaf_dept",
+        "title": "用户部门",
+        "path": "/gaf/dept",
+        "icon": "dept"
+      },
+      {
+        "id": "gaf_dict",
+        "title": "数据字典",
+        "path": "/gaf/dict",
+        "icon": "dict"
+      },
+      {
+        "id": "gaf_menu",
+        "title": "菜单管理",
+        "path": "/gaf/menu",
+        "icon": "menu"
+      },
+      {
+        "id": "gaf_log",
+        "title": "管理日志",
+        "path": "/gaf/log",
+        "icon": "log"
+      }
+    ]
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/menu/items-lite.json

@@ -0,0 +1,134 @@
+[
+  {
+    "id": "xms_user",
+    "title": "用户管理",
+    "path": "/xms/user",
+    "icon": "account",
+    "module": "@user",
+    "children": [
+      {
+        "id":"xms_user_info",
+        "title": "用户信息",
+        "path": "/xms/user",
+        "icon": "account"
+      },
+      {
+        "id": "xms_user_org",
+        "title": "机构管理",
+        "path": "/xms/org",
+        "icon": "dept"
+      },
+      {
+        "id": "xms_user_group",
+        "title": "群组管理",
+        "path": "/xms/group",
+        "icon": "users"
+      },
+      {
+        "id": "xms_register",
+        "title": "注册审核",
+        "path": "/xms/register",
+        "icon": "audit"
+      },
+      {
+        "id": "xms_user_cert",
+        "title": "证书管理",
+        "path": "/xms/cert",
+        "icon": "cert"
+      },
+      {
+        "id": "xms_user_blacklist",
+        "title": "黑名单管理",
+        "path": "/xms/blacklist",
+        "icon": "user1"
+      }
+    ]
+  },
+  {
+    "id": "xms_auth",
+    "title": "授权管理",
+    "path": "/xms/authorize/org",
+    "icon": "auth",
+    "module": "@authorize",
+    "children": [
+      {
+        "id": "xms_auth_org",
+        "title": "机构授权",
+        "path": "/xms/authorize/org",
+        "icon": "dept"
+      },
+      {
+        "id": "xms_auth_group",
+        "title": "群组授权",
+        "path": "/xms/authorize/group",
+        "icon": "users"
+      }
+    ]
+  },
+  {
+    "id": "xms_app",
+    "title": "应用管理",
+    "path": "/xms/app",
+    "icon": "column",
+    "module": "@app",
+    "children": [
+      {
+        "id": "xms_app_info",
+        "title": "应用信息",
+        "path": "/xms/app",
+        "icon": "bill"
+      },
+      {
+        "id": "xms_app_res",
+        "title": "资源管理",
+        "path": "/xms/resources",
+        "icon": "tags"
+      },
+      {
+        "id": "xms_app_role",
+        "title": "角色管理",
+        "path": "/xms/roles",
+        "icon": "tag"
+      }
+    ]
+  },
+  {
+    "id": "gaf_system",
+    "title": "系统管理",
+    "path": "/gaf/user",
+    "icon": "system",
+    "module": "@gaf",
+    "children": [
+      {
+        "id": "gaf_user",
+        "title": "系统用户",
+        "path": "/gaf/user",
+        "icon": "account"
+      },
+      {
+        "id": "gaf_dept",
+        "title": "用户部门",
+        "path": "/gaf/dept",
+        "icon": "dept"
+      },
+      {
+        "id": "gaf_dict",
+        "title": "数据字典",
+        "path": "/gaf/dict",
+        "icon": "dict"
+      },
+      {
+        "id": "gaf_menu",
+        "title": "菜单管理",
+        "path": "/gaf/menu",
+        "icon": "menu"
+      },
+      {
+        "id": "gaf_log",
+        "title": "日志审计",
+        "path": "/gaf/log",
+        "icon": "log"
+      }
+    ]
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/menu/menus.json

@@ -0,0 +1,22 @@
+[
+  {
+    "title": "用户管理",
+    "path": "/xms",
+    "module": "@user"
+  },
+  {
+    "title": "授权管理",
+    "path": "/xms",
+    "module": "@empower"
+  },
+  {
+    "title": "应用管理",
+    "path": "/xms",
+    "module": "@app"
+  },
+  {
+    "title": "系统管理",
+    "path": "/gaf",
+    "module": "@gaf"
+  }
+]

xms-core/apps/xms-all-in-one/src/main/resources/static/sso.html

@@ -0,0 +1,80 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <title>页面跳转...</title>
+    <meta charset="utf-8"></meta>
+    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=0"></meta>
+    <link rel="stylesheet" type="text/css" href="weui/weui.min.css"></link>
+    <script src="js/jquery.min.js"></script>
+</head>
+
+<body>
+<div class="weui-msg">
+    <div class="weui-msg__icon-area"><i class="weui-icon-waiting weui-icon_msg"></i></div>
+    <div class="weui-msg__text-area">
+        <h2 class="weui-msg__title">正在跳转，请稍候...</h2>
+        <p class="weui-msg__desc"></p>
+    </div>
+</div>
+<script>
+    var redirect_uri = "/admin/frame";
+
+    function getQueryVariable(variable) {
+        var query = window.location.search.substring(1);
+        var vars = query.split("&");
+        for (var i = 0; i < vars.length; i++) {
+            var pair = vars[i].split("=");
+            if (pair[0] == variable) {
+                return pair[1];
+            }
+        }
+        return (false);
+    }
+
+    $(function () {
+        var token = getQueryVariable("token")
+        if (token) {
+            login(token)
+        } else {
+            $('.weui-msg__title').text('单点登录失败');
+            $('.weui-msg__desc').text('缺少token参数');
+        }
+    });
+
+    function login(token) {
+        $.ajax({
+            url: '/api/sso',
+            type: 'POST',
+            dataType: 'json',
+            contentType: 'application/json',
+            data: JSON.stringify({token: token})
+        }).then(function (res) {
+            console.log(res);
+            if (res.errcode == undefined || res.errcode == 0) {
+                $('.weui-msg__desc').text('单点登录成功');
+                sessionStorage.setItem('token', res.token);
+                sessionStorage.setItem('user', JSON.stringify(res.userinfo));
+                sessionStorage.setItem('roles', JSON.stringify(res.roles));
+                window.location.replace(redirect_uri);
+            } else {
+                return $.Deferred().reject(res.errmsg || "未知错误");
+            }
+        }).fail(function (jqXHR, textStatus, errorThrown) {
+            var msg = "登录失败！";
+            if (typeof jqXHR == "string")
+                msg = jqXHR;
+            else if (typeof jqXHR == "object" && jqXHR.responseJSON) {
+                console.log(jqXHR.responseJSON);
+                msg = jqXHR.responseJSON.errmsg || msg;
+            }
+            $('.weui-msg__title').text("单点登录失败");
+            $('.weui-msg__desc').text(msg);
+        }).always(function () {
+            // app.loading = false;
+        });
+    }
+</script>
+</body>
+
+</html>

xms-core/apps/xms-all-in-one/src/main/resources/static/sso2.html

@@ -0,0 +1,80 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <title>页面跳转...</title>
+    <meta charset="utf-8"></meta>
+    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=0"></meta>
+    <link rel="stylesheet" type="text/css" href="weui/weui.min.css"></link>
+    <script src="js/jquery.min.js"></script>
+</head>
+
+<body>
+<div class="weui-msg">
+    <div class="weui-msg__icon-area"><i class="weui-icon-waiting weui-icon_msg"></i></div>
+    <div class="weui-msg__text-area">
+        <h2 class="weui-msg__title">正在跳转，请稍候...</h2>
+        <p class="weui-msg__desc"></p>
+    </div>
+</div>
+<script>
+    var redirect_uri = "/admin/frame";
+
+    function getQueryVariable(variable) {
+        var query = window.location.search.substring(1);
+        var vars = query.split("&");
+        for (var i = 0; i < vars.length; i++) {
+            var pair = vars[i].split("=");
+            if (pair[0] == variable) {
+                return pair[1];
+            }
+        }
+        return (false);
+    }
+
+    $(function () {
+        var token = getQueryVariable("token")
+        if (token) {
+            login(token)
+        } else {
+            $('.weui-msg__title').text('单点登录失败');
+            $('.weui-msg__desc').text('缺少token参数');
+        }
+    });
+
+    function login(token) {
+        $.ajax({
+            url: '/api/mock?token=' + token,
+            type: 'GET',
+            // dataType: 'json',
+            // contentType: 'application/json',
+            // data: JSON.stringify({token: token})
+        }).then(function (res) {
+            console.log(res);
+            if (res.errcode == undefined || res.errcode == 0) {
+                $('.weui-msg__desc').text('单点登录成功');
+                sessionStorage.setItem('token', res.token);
+                sessionStorage.setItem('user', JSON.stringify(res.userinfo));
+                sessionStorage.setItem('roles', JSON.stringify(res.roles));
+                window.location.replace(redirect_uri);
+            } else {
+                return $.Deferred().reject(res.errmsg || "未知错误");
+            }
+        }).fail(function (jqXHR, textStatus, errorThrown) {
+            var msg = "登录失败！";
+            if (typeof jqXHR == "string")
+                msg = jqXHR;
+            else if (typeof jqXHR == "object" && jqXHR.responseJSON) {
+                console.log(jqXHR.responseJSON);
+                msg = jqXHR.responseJSON.errmsg || msg;
+            }
+            $('.weui-msg__title').text("单点登录失败");
+            $('.weui-msg__desc').text(msg);
+        }).always(function () {
+            // app.loading = false;
+        });
+    }
+</script>
+</body>
+
+</html>

xms-core/apps/xms-all-in-one/src/main/resources/static/sso3.html

@@ -0,0 +1,84 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <title>页面跳转...</title>
+    <meta charset="utf-8"></meta>
+    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=0"></meta>
+    <link rel="stylesheet" type="text/css" href="weui/weui.min.css"></link>
+    <script src="js/jquery.min.js"></script>
+</head>
+
+<body>
+<div class="weui-msg">
+    <div class="weui-msg__icon-area"><i class="weui-icon-waiting weui-icon_msg"></i></div>
+    <div class="weui-msg__text-area">
+        <h2 class="weui-msg__title">正在跳转，请稍候...</h2>
+        <p class="weui-msg__desc"></p>
+    </div>
+</div>
+<script>
+    var redirect_uri = "/admin/frame";
+
+    function getQueryVariable(variable) {
+        var query = window.location.search.substring(1);
+        var vars = query.split("&");
+        for (var i = 0; i < vars.length; i++) {
+            var pair = vars[i].split("=");
+            if (pair[0] == variable) {
+                return pair[1];
+            }
+        }
+        return (false);
+    }
+
+    $(function () {
+        var token = getQueryVariable("token")
+        var appSystemId = getQueryVariable("appSystemId")
+        if (token) {
+            login(token, appSystemId)
+        } else {
+            $('.weui-msg__title').text('单点登录失败');
+            $('.weui-msg__desc').text('缺少token参数');
+        }
+    });
+
+    function login(token, appSystemId) {
+        $.ajax({
+            url: '/api/sso?token=' + token + '&appSystemId=' + appSystemId,
+            type: 'GET',
+            // dataType: 'json',
+            // contentType: 'application/json',
+            // data: JSON.stringify({token: token})
+        }).then(function (res) {
+            console.log(res);
+            if (res.errcode == undefined || res.errcode == 0) {
+                $('.weui-msg__desc').text('单点登录成功');
+                sessionStorage.setItem('token', res.token);
+                sessionStorage.setItem('user', JSON.stringify(res.userinfo));
+                sessionStorage.setItem('roles', JSON.stringify(res.roles));
+                if (res.orgId) {
+                    sessionStorage.setItem('orgId', res.orgId);
+                }
+                window.location.replace(redirect_uri);
+            } else {
+                return $.Deferred().reject(res.errmsg || "未知错误");
+            }
+        }).fail(function (jqXHR, textStatus, errorThrown) {
+            var msg = "登录失败！";
+            if (typeof jqXHR == "string")
+                msg = jqXHR;
+            else if (typeof jqXHR == "object" && jqXHR.responseJSON) {
+                console.log(jqXHR.responseJSON);
+                msg = jqXHR.responseJSON.errmsg || msg;
+            }
+            $('.weui-msg__title').text("单点登录失败");
+            $('.weui-msg__desc').text(msg);
+        }).always(function () {
+            // app.loading = false;
+        });
+    }
+</script>
+</body>
+
+</html>

xms-core/apps/xms-init/build.gradle.kts

@@ -0,0 +1,76 @@
+val patchVersion: String by project
+
+group = "jit.xms"
+version = "${rootProject.version}.$patchVersion"
+
+
+plugins {
+    id("java")
+    id("io.spring.dependency-management")
+    id("org.springframework.boot")
+    kotlin("jvm")
+    kotlin("plugin.spring")
+    kotlin("plugin.jpa")
+}
+
+repositories {
+    // 阿里云镜像
+    maven { url = uri("https://maven.aliyun.com/repository/public") }
+    maven { url = uri("https://maven.aliyun.com/repository/gradle-plugin") }
+    maven { url = uri("https://maven.aliyun.com/repository/spring") }
+    maven { url = uri("https://maven.aliyun.com/repository/spring-plugin") }
+    // gradle
+    maven { url = uri("https://plugins.gradle.org/m2/") }
+}
+
+dependencies {
+    api(platform(project(":platform")))
+    implementation(kotlin("reflect"))
+    implementation(kotlin("stdlib-jdk8"))
+    implementation("commons-io:commons-io")
+    implementation("org.apache.commons:commons-dbcp2")
+    implementation("org.springframework.boot:spring-boot-starter-jdbc:2.3.3.RELEASE")
+    runtimeOnly("mysql:mysql-connector-java")
+    runtimeOnly(fileTree("$rootDir/libs") { include("*.jar") })
+}
+
+tasks.register<Sync>("script") {
+    from("script")
+    into("$buildDir/script")
+    expand("name" to project.name, "version" to version)
+}
+
+tasks.register<Sync>("ext-libs") {
+    from(configurations.runtimeClasspath)
+    into("$buildDir/dist/ext")
+}
+
+tasks.register<Copy>("dist") {
+    dependsOn(tasks.named("bootJar"), tasks.named("ext-libs"), tasks.named("script"))
+    into("$rootDir/dist/${project.name}")
+    from(tasks["bootJar"].outputs)
+    from("$buildDir/script")
+    val splitJars: String? by project
+    if ("true".equals(splitJars, true)) {
+        from("$buildDir/dist/ext") {
+            include("*.jar")
+            into("../ext")
+        }
+    }
+}
+
+tasks.getByName<org.springframework.boot.gradle.tasks.bundling.BootJar>("bootJar") {
+    // 排除所有jar包
+    val splitJars: String? by project
+    if ("true".equals(splitJars, true)) {
+        exclude("*.jar")
+        // 依赖复制任务
+        // dependsOn(tasks.named("ext-libs"), tasks.named("script"))
+        //  指定依赖包的路径
+        manifest {
+            val classPath = configurations.runtimeClasspath.get().files
+                    .joinToString(" ") { "../ext/${it.name}" }
+            attributes("Class-Path" to classPath)
+        }
+    }
+}

xms-core/apps/xms-init/script/init.sh

@@ -0,0 +1 @@
+java -cp ${name}-${version}.jar -Dloader.path=lib -Dfile.encoding="UTF-8" org.springframework.boot.loader.PropertiesLauncher

xms-core/apps/xms-init/src/main/kotlin/jit/xms/allinone/XmsInitApplication.kt

@@ -0,0 +1,24 @@
+package jit.xms.allinone
+
+import org.slf4j.LoggerFactory
+import org.springframework.boot.CommandLineRunner
+import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.runApplication
+
+
+@SpringBootApplication
+//@EnableJpaRepositories(bootstrapMode = BootstrapMode.DEFERRED)
+class XmsInitApplication: CommandLineRunner {
+
+    override fun run(vararg args: String?) {
+        log.info("!!!!!! Xms Initialize Success! !!!!!!")
+    }
+
+    companion object {
+        internal val log = LoggerFactory.getLogger(XmsInitApplication::class.java)
+    }
+}
+
+fun main(args: Array<String>) {
+    runApplication<XmsInitApplication>(*args)
+}

xms-core/apps/xms-init/src/main/resources/application-dm.yml

@@ -0,0 +1,28 @@
+# 数据库配置
+---
+spring:
+  datasource:
+    username: xms
+    password: XMS12345678
+    url: jdbc:dm://192.168.0.200:5236/xms
+    driver-class-name: dm.jdbc.driver.DmDriver
+    platform: dm
+    schema:
+      - classpath:/sql/dm/func.sql
+      - classpath:/sql/dm/schema-gaf.sql
+      - classpath:/sql/dm/schema-xms.sql
+      - classpath:/sql/dm/xms-log-stat.sql
+      - classpath:/sql/dm/xms-soft-model.sql
+      - classpath:/sql/dm/trigger-xms.sql
+      - classpath:/sql/dm/trigger-gaf.sql
+    data:
+      - classpath:/sql/dm/data.sql
+      - classpath:/sql/dm/dict.sql
+  jpa:
+    database-platform: org.hibernate.dialect.XmsDmDialect
+    show-sql: true
+    hibernate:
+      naming:
+        implicit-strategy: org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl
+        physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
+      ddl-auto: none

xms-core/apps/xms-init/src/main/resources/application-mysql.yml

@@ -0,0 +1,27 @@
+# 数据库配置
+---
+spring:
+  datasource:
+    username: root
+    password:
+    url: jdbc:mysql://127.0.0.1:13306/xms?useUnicode=true&characterEncoding=utf-8&useSSL=true&serverTimezone=UTC
+    driver-class-name: com.mysql.cj.jdbc.Driver
+    platform: mysql
+    schema:
+      - classpath:/sql/mysql/schema-gaf.sql
+      - classpath:/sql/mysql/schema-xms.sql
+      - classpath:/sql/mysql/xms-log-stat.sql
+      - classpath:/sql/dm/xms-soft-model.sql
+      - classpath:/sql/mysql/trigger-xms.sql
+      - classpath:/sql/mysql/trigger-gaf.sql
+    data:
+      - classpath:/sql/mysql/data.sql
+      - classpath:/sql/mysql/dict.sql
+  jpa:
+    database-platform: org.hibernate.dialect.MySQL8Dialect
+    show-sql: true
+    hibernate:
+      naming:
+        implicit-strategy: org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl
+        physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
+      ddl-auto: none

xms-core/apps/xms-init/src/main/resources/application-oscar.yml

@@ -0,0 +1,22 @@
+# 数据库配置
+---
+spring:
+  datasource:
+    username: xms
+    password: xms
+    url: jdbc:oscar://192.168.0.100:2003/xmsrdb
+    driver-class-name: com.oscar.Driver
+    platform: oscar
+    schema:
+      - classpath:/sql/oscar/schema-gaf.sql
+      - classpath:/sql/oscar/schema-xms.sql
+      - classpath:/sql/oscar/xms-log-stat.sql
+      - classpath:/sql/oscar/trigger-xms.sql
+      - classpath:/sql/oscar/trigger-gaf.sql
+    data:
+      - classpath:/sql/oscar/data.sql
+      - classpath:/sql/oscar/dict.sql
+  jpa:
+    database-platform: org.hibernate.dialect.XmsOscarDialect
+    hibernate.ddl-auto: none
+    show-sql: true

xms-core/apps/xms-init/src/main/resources/application.yml

@@ -0,0 +1,31 @@
+# 全局配置
+
+spring:
+  profiles:
+    active: local, init
+  main:
+    allow-bean-definition-overriding: true
+  datasource:
+    type: org.apache.commons.dbcp2.BasicDataSource
+    dbcp2:
+      initial-size: 5
+      max-total: 20
+      max-idle: 10
+      min-idle: 5
+
+---
+spring:
+  profiles: local
+
+#logging.level.gaf3.core.*: DEBUG
+logging.level.jit.xms.*: DEBUG
+#logging.level.org.hibernate.type.descriptor.sql.BasicBinder: trace
+#debug: true
+
+---
+spring:
+  profiles: init
+  datasource:
+    initialization-mode: always
+    continue-on-error: false
+    separator: $$

xms-core/apps/xms-init/src/main/resources/sql/dm/data.sql

@@ -0,0 +1,11 @@
+insert into GAF_USER_INFO (USER_ID, NAME, STATUS, CREATED_AT, UPDATED_AT, ORIGIN) values ('00000000-0000-0000-0000-000000000000', '系统管理员', '0', now(), now(), 'default');
+insert into GAF_USER_ACCT ( USER_ID, ACCOUNT, SECRET, STATUS, EXPIRED, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000000', 'admin', '12345678', '0', 0, now(), now());
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000001', '0', 'admin', '系统管理员', '1', 1);
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000002', '0', 'audit', '安全审计员', '1', 2);
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000003', '0', 'secadm', '安全管理员', '1', 3);
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000004', '0', 'user', '业务操作员', '1', 4);
+insert into XMS_APP_INFO ( APP_ID, CODE, NAME, REMARK, STATUS, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000000', 'SYSTEM', '系统应用', '系统预设，用于系统管理', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000001', '00000000-0000-0000-0000-000000000000', 'admin', '系统管理员', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000002', '00000000-0000-0000-0000-000000000000', 'audit', '安全审计员', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000003', '00000000-0000-0000-0000-000000000000', 'secadm', '安全管理员', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000004', '00000000-0000-0000-0000-000000000000', 'user', '业务操作员', '0', now(), now());

xms-core/apps/xms-init/src/main/resources/sql/dm/dict.sql

@@ -0,0 +1,33 @@
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '01', '启用状态', 'usage', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '02', '用户状态', 'status', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '03', '注册状态', 'reg', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '04', '角色类型', 'role', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '05', '机构类型', 'org', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '06', '设备状态', 'device', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '07', '凭证类型', 'cred', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '08', '设备类型', 'devtype', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '01', '0', '正常', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '01', '1', '停用', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '02', '0', '正常', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '02', '1', '注销', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '02', '2', '冻结', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '03', '0', '待审核', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '03', '1', '审核通过', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '03', '2', '已驳回', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '04', '0', '普通角色', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '04', '1', '组合角色', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '05', '0', '军', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '05', '1', '民', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '06', '0', '正常', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '06', '1', '挂失', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '06', '2', '损毁', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'ukey', '证书(UKey)', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'token', '动态令牌', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'fingerprint', '指纹', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'fingervein', '指静脉', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'face', '人脸', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'iris', '虹膜', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '08', 'ukey', '证书UKey', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '08', 'tf', '证书TF卡', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '08', 'token', '动态令牌', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '08', 'identity', '用户身份卡', '0', '0');

xms-core/apps/xms-init/src/main/resources/sql/dm/func.sql

@@ -0,0 +1,23 @@
+/***Manager***/
+CREATE OR REPLACE FUNCTION "SUBSTRING_INDEX"
+FOR CALCULATE ("str" IN VARCHAR(50),"delim" IN VARCHAR(50),"count" IN INT)
+RETURN VARCHAR(50)
+AUTHID DEFINER
+
+AS
+	pos INT;
+	rv VARCHAR(50);
+BEGIN
+	pos = INSTR("str", "delim");
+	IF pos <= 0 THEN
+		rv = "str";
+	ELSE
+		IF "count" >= 0 THEN
+			rv = LEFT("str", pos-"count");
+		ELSE
+			rv = SUBSTR("str", pos-"count");
+		END IF;
+	END IF;
+	RETURN rv;
+END; $$
+

xms-core/apps/xms-init/src/main/resources/sql/dm/schema-gaf.sql

@@ -0,0 +1,127 @@
+drop table IF EXISTS GAF_BIND_ITEM $$
+drop table IF EXISTS GAF_CODE_ITEM $$
+drop table IF EXISTS GAF_DEPT_ITEM $$
+drop table IF EXISTS GAF_LOG $$
+drop table IF EXISTS GAF_MENU_ITEM $$
+drop table IF EXISTS GAF_ROLE_ITEM $$
+drop table IF EXISTS GAF_USER_ACCT $$
+drop table IF EXISTS GAF_USER_INFO $$
+
+create table GAF_BIND_ITEM
+(
+	"ID" varchar(48) not null
+			primary key,
+	"BIND_TYPE" varchar(48) not null,
+	"SOURCE" varchar(48),
+	"TARGET" varchar(48),
+	"PARAM" varchar(255),
+	"CREATED_AT" timestamp,
+	"REMARK" varchar(255)
+) $$
+
+create table GAF_CODE_ITEM
+(
+	"ID" varchar(48) not null
+			primary key,
+	"CODE" varchar(48),
+	"NAME" varchar(48),
+	"ITEM_TYPE" varchar(48),
+	"STATUS" varchar(48),
+	"ALIAS" varchar(48),
+	"PRESET" int,
+	"REMARK" varchar(255)
+) $$
+
+create table GAF_DEPT_ITEM
+(
+	"ID" varchar(48) not null
+			primary key,
+	"PID" varchar(48),
+	"CODE" varchar(48),
+	"NAME" varchar(48),
+	"CREATED_AT" timestamp,
+	"UPDATED_AT" timestamp,
+	"REMARK" varchar(255)
+) $$
+
+create table GAF_LOG
+(
+	"ID" varchar(48) not null
+			primary key,
+	"LOG_TYPE" varchar(48),
+	"LEVEL" varchar(48),
+	"MODULE" varchar(48),
+	"EVENT" varchar(48),
+	"ACTION" varchar(48),
+	"PARAM" varchar(255),
+	"TARGET" varchar(48),
+	"RESULT" varchar(48),
+	"DETAIL" varchar(500),
+	"EVENT_TIME" varchar(48),
+	"TIMESTAMP" bigint,
+	"EXTRA" varchar(500),
+	"USER_NAME" varchar(48),
+	"USER_ACCT" varchar(48),
+	"USER_IP" varchar(48),
+	"CREATED_AT" timestamp,
+	"UPDATED_AT" timestamp
+) $$
+
+create table GAF_MENU_ITEM
+(
+	"ID" varchar(48) not null
+			primary key,
+	"PID" varchar(48),
+	"TITLE" varchar(48),
+	"ICON" varchar(48),
+	"MODE" varchar(48),
+	"MODULE" varchar(48),
+	"PATH" varchar(255),
+	"URL" varchar(255),
+	"TARGET" varchar(48),
+	"VISIBLE" bit,
+	"RANKING" bigint,
+	"PRESET" int,
+	"REMARK" varchar(255)
+) $$
+
+create table GAF_ROLE_ITEM
+(
+	"ID" varchar(48) not null
+			primary key,
+	"CODE" varchar(48),
+	"NAME" varchar(48),
+	"ITEM_TYPE" varchar(48),
+	"PRESET" int,
+	"RANKING" bigint,
+	"REMARK" varchar(255)
+) $$
+
+create table GAF_USER_ACCT
+(
+	"USER_ID" varchar(48) not null
+			primary key,
+	"ACCOUNT" varchar(48),
+	"SECRET" varchar(128),
+	"STATUS" varchar(48),
+	"EXPIRED" bigint,
+	"CREATED_AT" timestamp,
+	"UPDATED_AT" timestamp,
+	"REMARK" varchar(255)
+) $$
+
+create table GAF_USER_INFO
+(
+	"USER_ID" varchar(48) not null
+			primary key,
+	"NAME" varchar(48),
+	"TITLE" varchar(48),
+	"GENDER" varchar(48),
+	"MOBILE" varchar(48),
+	"EMAIL" varchar(100),
+	"STATUS" varchar(48),
+	"ORIGIN" varchar(48),
+	"CREATED_AT" timestamp,
+	"UPDATED_AT" timestamp,
+	"REMARK" varchar(255)
+) $$

xms-core/apps/xms-init/src/main/resources/sql/dm/schema-xms.sql

@@ -0,0 +1,348 @@
+drop table IF EXISTS XMS_APP_INFO $$
+drop table IF EXISTS XMS_APP_POLICY_INFO $$
+drop table IF EXISTS XMS_APP_POLICY_ITEM $$
+drop table IF EXISTS XMS_APP_RES $$
+drop table IF EXISTS XMS_APP_ROLE $$
+drop table IF EXISTS XMS_BIND_ITEM $$
+drop table IF EXISTS XMS_TASK_LOG $$
+drop table IF EXISTS XMS_USER_ACCT $$
+drop table IF EXISTS XMS_USER_CERT $$
+drop table IF EXISTS XMS_USER_CRED $$
+drop table IF EXISTS XMS_USER_GROUP $$
+drop table IF EXISTS XMS_USER_INFO $$
+drop table IF EXISTS XMS_USER_ORG $$
+drop table IF EXISTS XMS_USER_REGISTER $$
+drop table IF EXISTS XMS_USER_REGISTER_CRED $$
+drop table IF EXISTS XMS_DEVICE_INFO $$
+drop table IF EXISTS XMS_DATA_REVISION $$
+drop table IF EXISTS XMS_SOFT_CODE $$
+drop table IF EXISTS XMS_FILE_DATA $$
+drop table IF EXISTS XMS_USER_RULE $$
+
+create table XMS_APP_INFO
+(
+    "APP_ID" varchar(48) not null
+            primary key,
+    "CODE" varchar(48),
+    "NAME" varchar(48),
+    "PHONE" varchar(48),
+    "URL" varchar(255),
+    "ADMIN" varchar(48),
+    "STATUS" varchar(48),
+    "REVISION"   bigint,
+    "ORDER_NUM" int default 0,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_APP_POLICY_INFO
+(
+    "POLICY_ID" varchar(48) not null
+            primary key,
+    "PARENT_ID" varchar(48),
+    "NODE_TYPE" int default 0,
+    "CODE" varchar(100),
+    "NAME" varchar(100),
+    "RANKING" bigint,
+    "ORDER_NUM" int default 0,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_APP_POLICY_ITEM
+(
+    "ID" varchar(48) not null
+            primary key,
+    "POLICY_ID" varchar(48),
+    "ITEM_KEY" varchar(48),
+    "NAME" varchar(48),
+    "ITEM_VALUE" varchar(255),
+    "ITEM_TYPE" varchar(48),
+    "ORDER_NUM" int default 0,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_APP_RES
+(
+    "RES_ID" varchar(48) not null
+            primary key,
+    "APP_ID" varchar(48),
+    "CODE" varchar(48),
+    "NAME" varchar(48),
+    "VALUE" varchar(255),
+    "ORDER_NUM" int default 0,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_APP_ROLE
+(
+    "ROLE_ID" varchar(48) not null
+            primary key,
+    "APP_ID" varchar(48),
+    "CODE" varchar(48),
+    "NAME" varchar(48),
+    "ITEM_TYPE" varchar(48),
+    "ORDER_NUM" int default 0,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_BIND_ITEM
+(
+    "ID" varchar(48) not null
+            primary key,
+    "APP_ID" varchar(48),
+    "USER_ID" varchar(48),
+    "SOURCE" varchar(48),
+    "TARGET" varchar(48),
+    "BIND_TYPE" varchar(48),
+    "PARAM" varchar(255),
+    "CREATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_TASK_LOG
+(
+    "TASK_ID" varchar(48) not null
+        primary key,
+    "TASK_TYPE" varchar(48),
+    "DATA_TYPE" varchar(48),
+    "STATUS" varchar(48),
+    "PROGRESS" int,
+    "SUMMARY" varchar(255),
+    "START_TIME" timestamp,
+    "END_TIME" timestamp,
+    "FILE_PATH" varchar(255),
+    "FILE_TYPE" varchar(48),
+    "EXTRA" varchar(255),
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_USER_ACCT
+(
+    "ACCT_ID" varchar(48) not null
+            primary key,
+    "USER_ID" varchar(48),
+    "ACCOUNT" varchar(32),
+    "SECRET" varchar(128),
+    "STATUS" varchar(48),
+    "ACTIVATED" timestamp,
+    "EXPIRED" bigint,
+    "LOGIN_MODE" varchar(255),
+    "MASTER" int default 0,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_USER_CERT
+(
+    "CERT_ID" varchar(48) not null
+            primary key,
+    "USER_ID" varchar(48),
+    "CN" varchar(100),
+    "DN" varchar(255),
+    "KEK_PUB" varchar(255),
+    "KEY_ALGO" varchar(255),
+    "ECK_SIGN" varchar(255),
+    "ECK_ENC" varchar(255),
+    "SIGN_PRV" varchar(255),
+    "SIGN_CERT" varchar(2048),
+    "ENC_PRV" varchar(255),
+    "ENC_CERT" varchar(2048),
+    "VALIDITY" int,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp
+) $$
+
+create table XMS_USER_CRED
+(
+    "CRED_ID" varchar(48) not null
+            primary key,
+    "USER_ID" varchar(48),
+    "NAME" varchar(48),
+    "ITEM_TYPE" varchar(48),
+    "DATA" clob,
+    "STATUS" varchar(48),
+    "EXPIRED" bigint,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_USER_GROUP
+(
+    "GROUP_ID" varchar(48) not null
+            primary key,
+    "CODE" varchar(255),
+    "NAME" varchar(255),
+    "REVISION"   bigint,
+    "ORDER_NUM" int default 0,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_USER_INFO
+(
+    "USER_ID" varchar(48) not null
+            primary key,
+    "NAME" varchar(48),
+    "CODE" varchar(48),
+    "SFZH" varchar(48),
+    "BZKH" varchar(48),
+    "JRZJH" varchar(48),
+    "SEX" varchar(48),
+    "TITLE" varchar(48),
+    "PHONE" varchar(48),
+    "EMAIL" varchar(100),
+    "ADDR" varchar(255),
+    "STATUS" varchar(48),
+    "ORIGIN" varchar(48),
+    "AVATAR" varchar(48),
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_USER_ORG
+(
+    "ORG_ID" varchar(48) not null
+            primary key,
+    "PARENT_ID" varchar(48),
+    "CODE" varchar(255),
+    "NAME" varchar(255),
+    "LEVEL" varchar(48),
+    "REVISION"   bigint,
+    "ORDER_NUM" int default 0,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_USER_REGISTER
+(
+    "USER_ID" varchar(48) not null
+            primary key,
+    "ORG_ID" varchar(48),
+    "ACCOUNT" varchar(48),
+    "SECRET" varchar(128),
+    "NAME" varchar(48),
+    "CODE" varchar(48),
+    "SFZH" varchar(48),
+    "BZKH" varchar(48),
+    "JRZJH" varchar(48),
+    "SEX" varchar(48),
+    "TITLE" varchar(48),
+    "PHONE" varchar(48),
+    "EMAIL" varchar(100),
+    "ADDR" varchar(255),
+    "STATUS" varchar(48),
+    "AVATAR" varchar(48),
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK" varchar(255)
+) $$
+
+create table XMS_USER_REGISTER_CRED
+(
+    "CRED_ID" varchar(48) not null
+            primary key,
+    "USER_ID" varchar(48),
+    "ITEM_TYPE" varchar(48),
+    "NAME" varchar(48),
+    "DATA" clob
+) $$
+
+CREATE TABLE XMS_DEVICE_INFO
+(
+    "ID"         varchar(48) NOT NULL PRIMARY KEY,
+    "CODE"       varchar(100),
+    "NAME"       varchar(100),
+    "SERIAL"     varchar(100),
+    "ITEM_TYPE"  varchar(20),
+    "STATUS"     varchar(20),
+    "DATA"       varchar(4000),
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "REMARK"     varchar(255)
+) $$
+
+CREATE TABLE XMS_DATA_REVISION
+(
+    "ID"         varchar(48)  NOT NULL PRIMARY KEY,
+    "DATA_ID"    varchar(48)  NOT NULL,
+    "ITEM_TYPE"  varchar(48)  NOT NULL,
+    "STATE"      int          DEFAULT 0,
+    "REVISION"   bigint       NOT NULL,
+    "ORIGIN"     varchar(48)  DEFAULT NULL,
+    "CREATED_AT" timestamp    NOT NULL,
+    "UPDATED_AT" timestamp    NOT NULL,
+    "REMARK"     varchar(255) DEFAULT NULL
+) $$
+
+CREATE TABLE XMS_SOFT_CODE
+(
+    "ID"         VARCHAR(50)  NOT NULL PRIMARY KEY,
+    "NAME"       VARCHAR(50),
+    "CODE"       VARCHAR(500),
+    "DESCRIBE"   VARCHAR(2000),
+    "TYPE"       VARCHAR(50),
+    "REMARK"     VARCHAR(255),
+    "REVISION"   bigint,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "APP_ID"     VARCHAR(50)
+) $$
+
+CREATE TABLE XMS_FILE_DATA (
+    "ID" varchar(48) NOT NULL PRIMARY KEY,
+    "ITEM_TYPE" varchar(48) DEFAULT NULL,
+    "OWNER_ID" varchar(48) DEFAULT NULL,
+    "FILE_NAME" varchar(255) DEFAULT NULL,
+    "FILE_TYPE" varchar(48) DEFAULT NULL,
+    "FILE_DATA" blob,
+    "CREATED_AT" timestamp    NOT NULL,
+    "UPDATED_AT" timestamp    NOT NULL,
+    "REMARK" varchar(255) DEFAULT NULL
+) $$
+
+create table XMS_USER_RULE
+(
+    "RULE_ID"    varchar(48) not null
+        primary key,
+    "CODE"       varchar(48),
+    "NAME"       varchar(100),
+    "QUERY"      varchar(255),
+    "REVISION"   bigint,
+    "ORDER_NUM"  int default 0,
+    "CREATED_AT" timestamp    NOT NULL,
+    "UPDATED_AT" timestamp    NOT NULL,
+    "REMARK" varchar(255) DEFAULT NULL
+) $$
+
+-- 绑定信息索引
+CREATE INDEX IDX_XMS_BIND_ITEM_1 ON XMS_BIND_ITEM (BIND_TYPE) $$
+CREATE INDEX IDX_XMS_BIND_ITEM_2 ON XMS_BIND_ITEM (BIND_TYPE, SOURCE) $$
+CREATE INDEX IDX_XMS_BIND_ITEM_3 ON XMS_BIND_ITEM (BIND_TYPE, TARGET) $$
+CREATE INDEX IDX_XMS_BIND_ITEM_4 ON XMS_BIND_ITEM (CREATED_AT) $$
+-- 同步数据索引
+CREATE INDEX XMS_DATA_REVISION_1 ON XMS_DATA_REVISION (REVISION) $$
+CREATE INDEX XMS_DATA_REVISION_2 ON XMS_DATA_REVISION (ITEM_TYPE, REVISION) $$
+CREATE INDEX XMS_DATA_REVISION_3 ON XMS_DATA_REVISION (DATA_ID) $$
+CREATE INDEX XMS_DATA_REVISION_4 ON XMS_DATA_REVISION (ITEM_TYPE) $$
+CREATE UNIQUE INDEX XMS_DATA_REVISION_5 ON XMS_DATA_REVISION (ITEM_TYPE, DATA_ID) $$
+-- 用户信息索引
+CREATE INDEX IDX_XMS_USER_INFO_1 ON XMS_USER_INFO (CODE) $$
+CREATE INDEX IDX_XMS_USER_INFO_2 ON XMS_USER_INFO (SFZH) $$
+CREATE INDEX IDX_XMS_USER_INFO_3 ON XMS_USER_INFO (BZKH) $$
+CREATE INDEX IDX_XMS_USER_INFO_4 ON XMS_USER_INFO (JRZJH) $$

xms-core/apps/xms-init/src/main/resources/sql/dm/trigger-gaf.sql

@@ -0,0 +1,43 @@
+
+/* TRIGGER STRUCTURE FOR TABLE GAF_USER_INFO */
+--DROP TRIGGER IF EXISTS GAF_DELETE_USER $$
+
+CREATE OR REPLACE TRIGGER GAF_DELETE_USER AFTER DELETE ON GAF_USER_INFO FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除帐号关联*/
+	DELETE FROM GAF_USER_ACCT
+	WHERE USER_ID = OLD.USER_ID;
+	/*删除多对多关系*/
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE SOURCE = OLD.USER_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'user';
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE TARGET = OLD.USER_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'user';
+    END; $$
+
+/* TRIGGER STRUCTURE FOR TABLE GAF_DEPT_ITEM */
+--DROP TRIGGER IF EXISTS GAF_DELETE_DEPT $$
+
+CREATE OR REPLACE TRIGGER GAF_DELETE_DEPT AFTER DELETE ON GAF_DEPT_ITEM FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE SOURCE = OLD.ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'dept';
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE TARGET = OLD.ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'dept';
+    END; $$
+
+/* TRIGGER STRUCTURE FOR TABLE GAF_ROLE_ITEM */
+--DROP TRIGGER IF EXISTS GAF_DELETE_ROLE $$
+
+CREATE OR REPLACE TRIGGER GAF_DELETE_ROLE AFTER DELETE ON GAF_ROLE_ITEM FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE SOURCE = OLD.ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'role';
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE TARGET = OLD.ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'role';
+    END; $$

xms-core/apps/xms-init/src/main/resources/sql/dm/trigger-xms.sql

@@ -0,0 +1,139 @@
+
+/* Trigger structure for tablegaf_user_acct  xms_app_info  */
+--DROP TRIGGER IF EXISTS  delete_app  $$
+
+CREATE OR REPLACE TRIGGER  delete_app  AFTER DELETE ON  xms_app_info  FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除资源关联*/
+	delete from xms_app_res
+	where app_id = OLD.app_id;
+	/*2.删除角色关联*/
+	DELETE FROM  xms_app_role
+	WHERE app_id = OLD.app_id;
+	/*3.删除策略信息*/
+	DELETE FROM  XMS_APP_POLICY_INFO
+	WHERE APP_ID = OLD.APP_ID;
+	DELETE FROM  XMS_APP_POLICY_ITEM
+	WHERE APP_ID = OLD.APP_ID;
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = OLD.app_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'app';
+	DELETE FROM  xms_bind_item
+	WHERE target = OLD.app_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'app';
+    END; $$
+
+/* Trigger structure for table  xms_app_res  */
+--DROP TRIGGER IF EXISTS  delete_res $$
+
+CREATE OR REPLACE TRIGGER  delete_res  AFTER DELETE ON  xms_app_res  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = OLD.res_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'res';
+	DELETE FROM  xms_bind_item
+	WHERE target = OLD.res_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'res';
+    END; $$
+
+/* Trigger structure for table  xms_app_role  */
+--DROP TRIGGER IF EXISTS  delete_role  $$
+
+CREATE OR REPLACE TRIGGER  delete_role  AFTER DELETE ON  xms_app_role  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = OLD.role_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'role';
+	DELETE FROM  xms_bind_item
+	WHERE target = OLD.role_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'role';
+    END; $$
+
+/* Trigger structure for table  xms_user_acct  */
+--DROP TRIGGER IF EXISTS  delete_acct  $$
+
+CREATE OR REPLACE TRIGGER  delete_acct  AFTER DELETE ON  xms_user_acct  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = OLD.acct_id
+		and SUBSTRING_INDEX(bind_type,'-',1) = 'acct';
+	DELETE FROM  xms_bind_item
+	WHERE target = OLD.acct_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'acct';
+    END; $$
+
+/* Trigger structure for table  xms_user_cred  */
+--DROP TRIGGER IF EXISTS  delete_cred  $$
+
+CREATE OR REPLACE TRIGGER  delete_cred  AFTER DELETE ON  xms_user_cred  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = OLD.cred_id
+		and SUBSTRING_INDEX(bind_type,'-',1) = 'cred';
+	DELETE FROM  xms_bind_item
+	WHERE target = OLD.cred_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'cred';
+    END; $$
+
+/* Trigger structure for table  xms_user_cert  */
+--DROP TRIGGER IF EXISTS  delete_cert  $$
+
+CREATE OR REPLACE TRIGGER  delete_cert  AFTER DELETE ON  xms_user_cert  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = OLD.cert_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'cert';
+	DELETE FROM  xms_bind_item
+	WHERE target = OLD.cert_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'cert';
+    END; $$
+
+/* Trigger structure for table  xms_user_group  */
+--DROP TRIGGER IF EXISTS  delete_group  $$
+
+CREATE OR REPLACE TRIGGER  delete_group  AFTER DELETE ON  xms_user_group  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = OLD.group_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'group';
+	DELETE FROM  xms_bind_item
+	WHERE target = OLD.group_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'group';
+    END; $$
+
+/* Trigger structure for table  xms_user_info  */
+--DROP TRIGGER IF EXISTS  delete_user  $$
+
+CREATE OR REPLACE TRIGGER  delete_user  AFTER DELETE ON  xms_user_info  FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除帐号关联*/
+	DELETE FROM xms_user_acct
+	WHERE user_id = OLD.user_id;
+	/*2.删除证书关联*/
+	DELETE FROM xms_user_cert
+	WHERE user_id = OLD.user_id;
+	/*3.删除凭证关联*/
+	delete from xms_user_cred
+	where user_id = OLD.user_id;
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = OLD.user_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'user';
+	DELETE FROM  xms_bind_item
+	WHERE target = OLD.user_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'user';
+    END; $$
+
+/* Trigger structure for table  xms_user_org  */
+--DROP TRIGGER IF EXISTS  delete_org  $$
+
+CREATE OR REPLACE TRIGGER  delete_org  AFTER DELETE ON  xms_user_org  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = OLD.org_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'org';
+	DELETE FROM  xms_bind_item
+	WHERE target = OLD.org_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'org';
+    END; $$

xms-core/apps/xms-init/src/main/resources/sql/dm/xms-log-stat.sql

@@ -0,0 +1,68 @@
+drop table IF EXISTS XMS_LOG $$
+drop table IF EXISTS XMS_STAT_DATA $$
+drop table IF EXISTS XMS_STAT_DIM_ADDR $$
+drop table IF EXISTS XMS_STAT_DIM_FUNC $$
+drop table IF EXISTS XMS_STAT_DIM_TIME $$
+
+CREATE TABLE XMS_LOG
+(
+	"ID"         varchar(48)   NOT NULL PRIMARY KEY,
+	"LOG_TYPE"   varchar(48)   DEFAULT NULL,
+	"SYSTEM"     varchar(48)   DEFAULT NULL,
+	"SOFTWARE"   varchar(48)   DEFAULT NULL,
+	"FUNCTION"   varchar(48)   DEFAULT NULL,
+	"ACTION"     varchar(48)   DEFAULT NULL,
+	"LEVEL"      varchar(48)   DEFAULT NULL,
+	"RESULT"     varchar(48)   DEFAULT NULL,
+	"DETAIL"     varchar(500)  DEFAULT NULL,
+	"EXTRA"      varchar(500)  DEFAULT NULL,
+	"SUB_NAME"   varchar(48)   DEFAULT NULL,
+	"SUB_ID"     varchar(48)   DEFAULT NULL,
+	"SUB_IP"     varchar(48)   DEFAULT NULL,
+	"OBJ_NAME"   varchar(48)   DEFAULT NULL,
+	"OBJ_ID"     varchar(48)   DEFAULT NULL,
+	"OBJ_IP"     varchar(48)   DEFAULT NULL,
+	"EVENT_TIME" varchar(48)   DEFAULT NULL,
+	"SIGN"       varchar(128)  DEFAULT NULL,
+	"CREATED_AT" timestamp     NOT NULL,
+	"UPDATED_AT" timestamp     NOT NULL
+) $$
+
+CREATE TABLE XMS_STAT_DATA (
+  "ID" bigint identity(1,1),
+  "USER_ID" varchar(48) NOT NULL,
+  "ADDR_ID" bigint NOT NULL,
+  "FUNC_ID" bigint NOT NULL,
+  "TIME_ID" bigint NOT NULL,
+  "VISIT" int DEFAULT 0,
+  "DURATION" bigint DEFAULT 0,
+  "CREATED_AT" timestamp NOT NULL,
+  PRIMARY KEY ("ID")
+) $$
+
+CREATE TABLE XMS_STAT_DIM_ADDR (
+  "ID" bigint NOT NULL,
+  "IP" varchar(50) NOT NULL,
+  "DOMAIN" varchar(50) NOT NULL,
+  "AREA" varchar(50) NOT NULL,
+  PRIMARY KEY ("ID")
+) $$
+
+CREATE TABLE XMS_STAT_DIM_FUNC (
+  "ID" bigint NOT NULL,
+  "SOFT" varchar(50) NOT NULL,
+  "PART" varchar(50) NOT NULL,
+  "MODULE" varchar(50) NOT NULL,
+  "PAGE" varchar(50) NOT NULL,
+  PRIMARY KEY ("ID")
+) $$
+
+CREATE TABLE XMS_STAT_DIM_TIME (
+  "ID" bigint NOT NULL,
+  "YEAR" int NOT NULL,
+  "MONTH" int NOT NULL,
+  "DAY_OF_YEAR" int NOT NULL,
+  "DAY_OF_MONTH" int NOT NULL,
+  "HOUR" int NOT NULL,
+  PRIMARY KEY ("ID")
+) $$

xms-core/apps/xms-init/src/main/resources/sql/dm/xms-soft-model.sql

@@ -0,0 +1,15 @@
+drop table IF EXISTS XMS_SOFT_CODE $$
+
+CREATE TABLE XMS_SOFT_CODE
+(
+    "ID"         VARCHAR(50)  NOT NULL PRIMARY KEY,
+    "NAME"       VARCHAR(50),
+    "CODE"       VARCHAR(500),
+    "DESCRIBE"   VARCHAR(2000),
+    "TYPE"       VARCHAR(50),
+    "REMARK"     VARCHAR(255),
+    "REVISION"   bigint,
+    "CREATED_AT" timestamp,
+    "UPDATED_AT" timestamp,
+    "APP_ID"     VARCHAR(50)
+) $$

xms-core/apps/xms-init/src/main/resources/sql/mysql/data-dim.sql

@@ -0,0 +1,3 @@
+-- 统计数据仓库维度表初始数据
+insert into XMS_STAT_DIM_ADDR (ID, IP, DOMAIN, AREA) values (0, '127.0.0.1', 'localhost', '未知区域');
+insert into XMS_STAT_DIM_FUNC (ID, SOFT_CODE, SOFT_NAME, PART_CODE, PART_NAME, MODULE_CODE, MODULE_NAME, PAGE_CODE, PAGE_NAME) values (0, 0, '信任系统', 0, '认证鉴权', 0, '登录认证', 0, '登录');

xms-core/apps/xms-init/src/main/resources/sql/mysql/data.sql

@@ -0,0 +1,11 @@
+insert into GAF_USER_INFO (USER_ID, NAME, STATUS, CREATED_AT, UPDATED_AT, ORIGIN) values ('00000000-0000-0000-0000-000000000000', '系统管理员', '0', now(), now(), 'default');
+insert into GAF_USER_ACCT ( USER_ID, ACCOUNT, SECRET, STATUS, EXPIRED, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000000', 'admin', '12345678', '0', 0, now(), now());
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000001', '0', 'admin', '系统管理员', '1', 1);
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000002', '0', 'audit', '安全审计员', '1', 2);
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000003', '0', 'secadm', '安全管理员', '1', 3);
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000004', '0', 'user', '业务操作员', '1', 4);
+insert into XMS_APP_INFO ( APP_ID, CODE, NAME, REMARK, STATUS, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000000', 'SYSTEM', '系统应用', '系统预设，用于系统管理', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000001', '00000000-0000-0000-0000-000000000000', 'admin', '系统管理员', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000002', '00000000-0000-0000-0000-000000000000', 'audit', '安全审计员', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000003', '00000000-0000-0000-0000-000000000000', 'secadm', '安全管理员', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000004', '00000000-0000-0000-0000-000000000000', 'user', '业务操作员', '0', now(), now());

xms-core/apps/xms-init/src/main/resources/sql/mysql/dict.sql

@@ -0,0 +1,33 @@
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (uuid(), 'group', '01', '启用状态', 'usage', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (uuid(), 'group', '02', '用户状态', 'status', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (uuid(), 'group', '03', '注册状态', 'reg', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (uuid(), 'group', '04', '角色类型', 'role', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (uuid(), 'group', '05', '机构类型', 'org', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (uuid(), 'group', '06', '设备状态', 'device', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (uuid(), 'group', '07', '凭证类型', 'cred', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (uuid(), 'group', '08', '设备类型', 'devtype', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '01', '0', '正常', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '01', '1', '停用', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '02', '0', '正常', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '02', '1', '注销', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '02', '2', '冻结', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '03', '0', '待审核', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '03', '1', '审核通过', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '03', '2', '已驳回', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '04', '0', '普通角色', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '04', '1', '组合角色', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '05', '0', '军', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '05', '1', '民', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '06', '0', '正常', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '06', '1', '挂失', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '06', '2', '损毁', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '07', 'ukey', '证书(UKey)', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '07', 'token', '动态令牌', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '07', 'fingerprint', '指纹', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '07', 'fingervein', '指静脉', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '07', 'face', '人脸', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '07', 'iris', '虹膜', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '08', 'ukey', '证书UKey', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '08', 'tf', '证书TF卡', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '08', 'token', '动态令牌', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (uuid(), '08', 'identity', '用户身份卡', '0', '0');

xms-core/apps/xms-init/src/main/resources/sql/mysql/schema-gaf.sql

@@ -0,0 +1,127 @@
+drop table IF EXISTS GAF_BIND_ITEM $$
+drop table IF EXISTS GAF_CODE_ITEM $$
+drop table IF EXISTS GAF_DEPT_ITEM $$
+drop table IF EXISTS GAF_LOG $$
+drop table IF EXISTS GAF_MENU_ITEM $$
+drop table IF EXISTS GAF_ROLE_ITEM $$
+drop table IF EXISTS GAF_USER_ACCT $$
+drop table IF EXISTS GAF_USER_INFO $$
+
+create table GAF_BIND_ITEM
+(
+    ID         varchar(48) not null
+        primary key,
+    BIND_TYPE  varchar(48) not null,
+    SOURCE     varchar(48),
+    TARGET     varchar(48),
+    PARAM      varchar(255),
+    CREATED_AT timestamp DEFAULT CURRENT_TIMESTAMP,
+    REMARK     varchar(255)
+) $$
+
+create table GAF_CODE_ITEM
+(
+    ID        varchar(48) not null
+        primary key,
+    CODE      varchar(48),
+    NAME      varchar(48),
+    ITEM_TYPE varchar(48),
+    STATUS    varchar(48),
+    ALIAS     varchar(48),
+    PRESET    int,
+    REMARK    varchar(255)
+) $$
+
+create table GAF_DEPT_ITEM
+(
+    ID         varchar(48) not null
+        primary key,
+    PID        varchar(48),
+    CODE       varchar(48),
+    NAME       varchar(48),
+    CREATED_AT timestamp DEFAULT CURRENT_TIMESTAMP,
+    UPDATED_AT timestamp DEFAULT CURRENT_TIMESTAMP,
+    REMARK     varchar(255)
+) $$
+
+create table GAF_LOG
+(
+    ID         varchar(48) not null
+        primary key,
+    LOG_TYPE   varchar(48),
+    LEVEL      varchar(48),
+    MODULE     varchar(48),
+    EVENT      varchar(48),
+    ACTION     varchar(48),
+    PARAM      varchar(255),
+    TARGET     varchar(48),
+    RESULT     varchar(48),
+    DETAIL     varchar(500),
+    EVENT_TIME varchar(48),
+    TIMESTAMP  bigint,
+    EXTRA      varchar(500),
+    USER_NAME  varchar(48),
+    USER_ACCT  varchar(48),
+    USER_IP    varchar(48),
+    CREATED_AT timestamp DEFAULT CURRENT_TIMESTAMP,
+    UPDATED_AT timestamp DEFAULT CURRENT_TIMESTAMP
+) $$
+
+create table GAF_MENU_ITEM
+(
+    ID      varchar(48) not null
+        primary key,
+    PID     varchar(48),
+    TITLE   varchar(48),
+    ICON    varchar(48),
+    MODE    varchar(48),
+    MODULE  varchar(48),
+    PATH    varchar(255),
+    URL     varchar(255),
+    TARGET  varchar(48),
+    VISIBLE boolean,
+    RANKING bigint,
+    PRESET  int,
+    REMARK  varchar(255)
+) $$
+
+create table GAF_ROLE_ITEM
+(
+    ID        varchar(48) not null
+        primary key,
+    CODE      varchar(48),
+    NAME      varchar(48),
+    ITEM_TYPE varchar(48),
+    PRESET    int,
+    RANKING   bigint,
+    REMARK    varchar(255)
+) $$
+
+create table GAF_USER_ACCT
+(
+    USER_ID    varchar(48) not null
+        primary key,
+    ACCOUNT    varchar(48),
+    SECRET     varchar(128),
+    STATUS     varchar(48),
+    EXPIRED    bigint,
+    CREATED_AT timestamp DEFAULT CURRENT_TIMESTAMP,
+    UPDATED_AT timestamp DEFAULT CURRENT_TIMESTAMP,
+    REMARK     varchar(255)
+) $$
+
+create table GAF_USER_INFO
+(
+    USER_ID    varchar(48) not null
+        primary key,
+    NAME       varchar(48),
+    TITLE      varchar(48),
+    GENDER     varchar(48),
+    MOBILE     varchar(48),
+    EMAIL      varchar(100),
+    STATUS     varchar(48),
+    ORIGIN     varchar(48),
+    CREATED_AT timestamp DEFAULT CURRENT_TIMESTAMP,
+    UPDATED_AT timestamp DEFAULT CURRENT_TIMESTAMP,
+    REMARK     varchar(255)
+) $$

xms-core/apps/xms-init/src/main/resources/sql/mysql/schema-xms.sql

@@ -0,0 +1,349 @@
+drop table IF EXISTS XMS_APP_INFO $$
+drop table IF EXISTS XMS_APP_POLICY_INFO $$
+drop table IF EXISTS XMS_APP_POLICY_ITEM $$
+drop table IF EXISTS XMS_APP_RES $$
+drop table IF EXISTS XMS_APP_ROLE $$
+drop table IF EXISTS XMS_BIND_ITEM $$
+drop table IF EXISTS XMS_TASK_LOG $$
+drop table IF EXISTS XMS_USER_ACCT $$
+drop table IF EXISTS XMS_USER_CERT $$
+drop table IF EXISTS XMS_USER_CRED $$
+drop table IF EXISTS XMS_USER_GROUP $$
+drop table IF EXISTS XMS_USER_INFO $$
+drop table IF EXISTS XMS_USER_ORG $$
+drop table IF EXISTS XMS_USER_REGISTER $$
+drop table IF EXISTS XMS_USER_REGISTER_CRED $$
+drop table IF EXISTS XMS_DEVICE_INFO $$
+drop table IF EXISTS XMS_DATA_REVISION $$
+drop table IF EXISTS XMS_SOFT_CODE $$
+drop table IF EXISTS XMS_FILE_DATA $$
+drop table IF EXISTS XMS_USER_RULE $$
+
+create table XMS_APP_INFO
+(
+    APP_ID     varchar(48) not null
+        primary key,
+    CODE       varchar(48),
+    NAME       varchar(48),
+    PHONE      varchar(48),
+    URL        varchar(255),
+    ADMIN      varchar(48),
+    STATUS     varchar(48),
+    REVISION   bigint,
+    ORDER_NUM  int default 0,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_APP_POLICY_INFO
+(
+    POLICY_ID  varchar(48) not null
+        primary key,
+    PARENT_ID  varchar(48),
+    NODE_TYPE  int default 0,
+    CODE       varchar(100),
+    NAME       varchar(100),
+    RANKING    bigint,
+    ORDER_NUM  int default 0,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_APP_POLICY_ITEM
+(
+    ID         varchar(48) not null
+        primary key,
+    POLICY_ID  varchar(48),
+    ITEM_KEY   varchar(48),
+    NAME   varchar(48),
+    ITEM_VALUE varchar(255),
+    ITEM_TYPE  varchar(48),
+    ORDER_NUM  int default 0,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_APP_RES
+(
+    RES_ID     varchar(48) not null
+        primary key,
+    APP_ID     varchar(48),
+    CODE       varchar(48),
+    NAME       varchar(48),
+    VALUE      varchar(255),
+    ORDER_NUM  int default 0,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_APP_ROLE
+(
+    ROLE_ID    varchar(48) not null
+        primary key,
+    APP_ID     varchar(48),
+    CODE       varchar(48),
+    NAME       varchar(48),
+    ITEM_TYPE  varchar(48),
+    ORDER_NUM  int default 0,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_BIND_ITEM
+(
+    ID         varchar(48) not null
+        primary key,
+    APP_ID     varchar(48),
+    USER_ID    varchar(48),
+    SOURCE     varchar(48),
+    TARGET     varchar(48),
+    BIND_TYPE  varchar(48),
+    PARAM      varchar(255),
+    CREATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_TASK_LOG
+(
+    TASK_ID    varchar(48) not null
+        primary key,
+    TASK_TYPE  varchar(48),
+    DATA_TYPE  varchar(48),
+    STATUS     varchar(48),
+    PROGRESS   int,
+    SUMMARY    varchar(255),
+    START_TIME timestamp DEFAULT CURRENT_TIMESTAMP,
+    END_TIME   timestamp NULL,
+    FILE_PATH  varchar(255),
+    FILE_TYPE  varchar(48),
+    EXTRA      varchar(255),
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_USER_ACCT
+(
+    ACCT_ID    varchar(48) not null
+        primary key,
+    USER_ID    varchar(48),
+    ACCOUNT    varchar(48),
+    SECRET     varchar(128),
+    STATUS     varchar(48),
+    ACTIVATED  timestamp NULL,
+    EXPIRED    bigint,
+    LOGIN_MODE varchar(255),
+    MASTER     int default 0,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_USER_CERT
+(
+    CERT_ID    varchar(48) not null
+        primary key,
+    USER_ID    varchar(48),
+    CN         varchar(100),
+    DN         varchar(255),
+    KEK_PUB    varchar(255),
+    KEY_ALGO   varchar(255),
+    ECK_SIGN   varchar(255),
+    ECK_ENC    varchar(255),
+    SIGN_PRV   varchar(255),
+    SIGN_CERT  varchar(2048),
+    ENC_PRV    varchar(255),
+    ENC_CERT   varchar(2048),
+    VALIDITY   int,
+    CREATED_AT datetime,
+    UPDATED_AT datetime
+) $$
+
+create table XMS_USER_CRED
+(
+    CRED_ID    varchar(48) not null
+        primary key,
+    USER_ID    varchar(48),
+    NAME       varchar(48),
+    ITEM_TYPE  varchar(48),
+    DATA       mediumtext,
+    STATUS     varchar(48),
+    EXPIRED    bigint,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_USER_GROUP
+(
+    GROUP_ID   varchar(48) not null
+        primary key,
+    CODE       varchar(48),
+    NAME       varchar(255),
+    REVISION   bigint,
+    ORDER_NUM  int default 0,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_USER_INFO
+(
+    USER_ID    varchar(48) not null
+        primary key,
+    NAME       varchar(48),
+    CODE       varchar(48),
+    SFZH       varchar(48),
+    BZKH       varchar(48),
+    JRZJH      varchar(48),
+    SEX        varchar(48),
+    TITLE      varchar(48),
+    PHONE      varchar(48),
+    EMAIL      varchar(100),
+    ADDR       varchar(255),
+    STATUS     varchar(48),
+    ORIGIN     varchar(48),
+    AVATAR     varchar(48),
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_USER_ORG
+(
+    ORG_ID     varchar(48) not null
+        primary key,
+    PARENT_ID  varchar(48),
+    CODE       varchar(255),
+    NAME       varchar(255),
+    LEVEL      varchar(48),
+    REVISION   bigint,
+    ORDER_NUM  int default 0,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_USER_REGISTER
+(
+    USER_ID    varchar(48) not null
+        primary key,
+    ORG_ID     varchar(48),
+    ACCOUNT    varchar(48),
+    SECRET     varchar(128),
+    NAME       varchar(48),
+    CODE       varchar(48),
+    SFZH       varchar(48),
+    BZKH       varchar(48),
+    JRZJH      varchar(48),
+    SEX        varchar(48),
+    TITLE      varchar(48),
+    PHONE      varchar(48),
+    EMAIL      varchar(100),
+    ADDR       varchar(255),
+    STATUS     varchar(48),
+    AVATAR     varchar(48),
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+create table XMS_USER_REGISTER_CRED
+(
+    CRED_ID   varchar(48) not null
+        primary key,
+    USER_ID   varchar(48),
+    ITEM_TYPE varchar(48),
+    NAME      varchar(255),
+    DATA      mediumtext
+) $$
+
+CREATE TABLE XMS_DEVICE_INFO
+(
+    ID         varchar(48) NOT NULL PRIMARY KEY,
+    CODE       varchar(100),
+    NAME       varchar(100),
+    SERIAL     varchar(100),
+    ITEM_TYPE  varchar(20),
+    STATUS     varchar(20),
+    DATA       varchar(4000),
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+CREATE TABLE XMS_DATA_REVISION
+(
+    ID         varchar(48)  NOT NULL PRIMARY KEY,
+    DATA_ID    varchar(48)  NOT NULL,
+    ITEM_TYPE  varchar(48)  NOT NULL,
+    STATE      int          DEFAULT 0,
+    REVISION   bigint       NOT NULL,
+    ORIGIN     varchar(48)  DEFAULT NULL,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255) DEFAULT NULL
+) $$
+
+CREATE TABLE XMS_SOFT_CODE
+(
+    ID         VARCHAR(50)  NOT NULL PRIMARY KEY,
+    NAME       VARCHAR(50),
+    CODE       VARCHAR(500),
+    `DESCRIBE`   VARCHAR(2000),
+    TYPE       VARCHAR(50),
+    REMARK     VARCHAR(255),
+    REVISION   bigint,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    APP_ID     VARCHAR(50)
+) $$
+
+CREATE TABLE XMS_FILE_DATA (
+    ID varchar(48) NOT NULL PRIMARY KEY,
+    ITEM_TYPE varchar(48) DEFAULT NULL,
+    OWNER_ID varchar(48) DEFAULT NULL,
+    FILE_NAME varchar(255) DEFAULT NULL,
+    FILE_TYPE varchar(48) DEFAULT NULL,
+    FILE_DATA mediumblob,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK varchar(255) DEFAULT NULL
+) $$
+
+create table XMS_USER_RULE
+(
+    RULE_ID   varchar(48) not null
+        primary key,
+    CODE       varchar(48),
+    NAME       varchar(100),
+    QUERY      varchar(255),
+    REVISION   bigint,
+    ORDER_NUM  int default 0,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    REMARK     varchar(255)
+) $$
+
+
+-- 绑定信息索引
+CREATE INDEX IDX_XMS_BIND_ITEM_1 ON XMS_BIND_ITEM (BIND_TYPE) $$
+CREATE INDEX IDX_XMS_BIND_ITEM_2 ON XMS_BIND_ITEM (BIND_TYPE, SOURCE) $$
+CREATE INDEX IDX_XMS_BIND_ITEM_3 ON XMS_BIND_ITEM (BIND_TYPE, TARGET) $$
+CREATE INDEX IDX_XMS_BIND_ITEM_4 ON XMS_BIND_ITEM (CREATED_AT) $$
+-- 同步数据索引
+CREATE INDEX XMS_DATA_REVISION_1 ON XMS_DATA_REVISION (REVISION) $$
+CREATE INDEX XMS_DATA_REVISION_2 ON XMS_DATA_REVISION (ITEM_TYPE, REVISION) $$
+CREATE INDEX XMS_DATA_REVISION_3 ON XMS_DATA_REVISION (DATA_ID) $$
+CREATE INDEX XMS_DATA_REVISION_4 ON XMS_DATA_REVISION (ITEM_TYPE) $$
+CREATE UNIQUE INDEX XMS_DATA_REVISION_5 ON XMS_DATA_REVISION (ITEM_TYPE, DATA_ID) $$
+-- 用户信息索引
+CREATE INDEX IDX_XMS_USER_INFO_1 ON XMS_USER_INFO (CODE) $$
+CREATE INDEX IDX_XMS_USER_INFO_2 ON XMS_USER_INFO (SFZH) $$
+CREATE INDEX IDX_XMS_USER_INFO_3 ON XMS_USER_INFO (BZKH) $$
+CREATE INDEX IDX_XMS_USER_INFO_4 ON XMS_USER_INFO (JRZJH) $$

xms-core/apps/xms-init/src/main/resources/sql/mysql/trigger-gaf.sql

@@ -0,0 +1,43 @@
+
+/* TRIGGER STRUCTURE FOR TABLE `GAF_USER_INFO` */
+DROP TRIGGER IF EXISTS `GAF_DELETE_USER` $$
+
+CREATE TRIGGER `GAF_DELETE_USER` AFTER DELETE ON `GAF_USER_INFO` FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除帐号关联*/
+	DELETE FROM GAF_USER_ACCT
+	WHERE USER_ID = OLD.USER_ID;
+	/*删除多对多关系*/
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE SOURCE = OLD.USER_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'user';
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE TARGET = OLD.USER_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'user';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `GAF_DEPT_ITEM` */
+DROP TRIGGER IF EXISTS `GAF_DELETE_DEPT` $$
+
+CREATE TRIGGER `GAF_DELETE_DEPT` AFTER DELETE ON `GAF_DEPT_ITEM` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE SOURCE = OLD.ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'dept';
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE TARGET = OLD.ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'dept';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `GAF_ROLE_ITEM` */
+DROP TRIGGER IF EXISTS `GAF_DELETE_ROLE` $$
+
+CREATE TRIGGER `GAF_DELETE_ROLE` AFTER DELETE ON `GAF_ROLE_ITEM` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE SOURCE = OLD.ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'role';
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE TARGET = OLD.ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'role';
+    END $$

xms-core/apps/xms-init/src/main/resources/sql/mysql/trigger-xms.sql

@@ -0,0 +1,142 @@
+/* DELIMITER $$ */
+
+/* TRIGGER STRUCTURE FOR TABLEGAF_USER_ACCT `XMS_APP_INFO` */
+DROP TRIGGER IF EXISTS `DELETE_APP` $$
+
+CREATE TRIGGER `DELETE_APP` AFTER DELETE ON `XMS_APP_INFO` FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除资源关联*/
+	DELETE FROM XMS_APP_RES
+	WHERE APP_ID = OLD.APP_ID;
+	/*2.删除角色关联*/
+	DELETE FROM  XMS_APP_ROLE
+	WHERE APP_ID = OLD.APP_ID;
+	/*3.删除策略信息*/
+	DELETE FROM  XMS_APP_POLICY_INFO
+	WHERE APP_ID = OLD.APP_ID;
+	DELETE FROM  XMS_APP_POLICY_ITEM
+	WHERE APP_ID = OLD.APP_ID;
+	/*删除多对多关系*/
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE SOURCE = OLD.APP_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'app';
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE TARGET = OLD.APP_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'app';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `XMS_APP_RES` */
+DROP TRIGGER IF EXISTS `DELETE_RES`$$
+
+CREATE TRIGGER `DELETE_RES` AFTER DELETE ON `XMS_APP_RES` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE SOURCE = OLD.RES_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'res';
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE TARGET = OLD.RES_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'res';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `XMS_APP_ROLE` */
+DROP TRIGGER IF EXISTS `DELETE_ROLE` $$
+
+CREATE TRIGGER `DELETE_ROLE` AFTER DELETE ON `XMS_APP_ROLE` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE SOURCE = OLD.ROLE_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'role';
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE TARGET = OLD.ROLE_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'role';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `XMS_USER_ACCT` */
+DROP TRIGGER IF EXISTS `DELETE_ACCT` $$
+
+CREATE TRIGGER `DELETE_ACCT` AFTER DELETE ON `XMS_USER_ACCT` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE SOURCE = OLD.ACCT_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'acct';
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE TARGET = OLD.ACCT_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'acct';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `XMS_USER_CRED` */
+DROP TRIGGER IF EXISTS `DELETE_CRED` $$
+
+CREATE TRIGGER `DELETE_CRED` AFTER DELETE ON `XMS_USER_CRED` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE SOURCE = OLD.CRED_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'cred';
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE TARGET = OLD.CRED_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'cred';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `XMS_USER_CERT` */
+DROP TRIGGER IF EXISTS `DELETE_CERT` $$
+
+CREATE TRIGGER `DELETE_CERT` AFTER DELETE ON `XMS_USER_CERT` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE SOURCE = OLD.CERT_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'cert';
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE TARGET = OLD.CERT_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'cert';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `XMS_USER_GROUP` */
+DROP TRIGGER IF EXISTS `DELETE_GROUP` $$
+
+CREATE TRIGGER `DELETE_GROUP` AFTER DELETE ON `XMS_USER_GROUP` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE SOURCE = OLD.GROUP_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'group';
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE TARGET = OLD.GROUP_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'group';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `XMS_USER_INFO` */
+DROP TRIGGER IF EXISTS `DELETE_USER` $$
+
+CREATE TRIGGER `DELETE_USER` AFTER DELETE ON `XMS_USER_INFO` FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除帐号关联*/
+	DELETE FROM XMS_USER_ACCT
+	WHERE USER_ID = OLD.USER_ID;
+	/*2.删除证书关联*/
+	DELETE FROM XMS_USER_CERT
+	WHERE USER_ID = OLD.USER_ID;
+	/*3.删除凭证关联*/
+	DELETE FROM XMS_USER_CRED
+	WHERE USER_ID = OLD.USER_ID;
+	/*删除多对多关系*/
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE SOURCE = OLD.USER_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'user';
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE TARGET = OLD.USER_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'user';
+    END $$
+
+/* TRIGGER STRUCTURE FOR TABLE `XMS_USER_ORG` */
+DROP TRIGGER IF EXISTS `DELETE_ORG` $$
+
+CREATE TRIGGER `DELETE_ORG` AFTER DELETE ON `XMS_USER_ORG` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE SOURCE = OLD.ORG_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',1) = 'org';
+	DELETE FROM  XMS_BIND_ITEM
+	WHERE TARGET = OLD.ORG_ID
+		AND SUBSTRING_INDEX(BIND_TYPE,'-',-1) = 'org';
+    END $$
+
+/* DELIMITER ; */

xms-core/apps/xms-init/src/main/resources/sql/mysql/xms-log-stat.sql

@@ -0,0 +1,69 @@
+drop table IF EXISTS XMS_LOG $$
+drop table IF EXISTS XMS_STAT_DATA $$
+drop table IF EXISTS XMS_STAT_DIM_ADDR $$
+drop table IF EXISTS XMS_STAT_DIM_FUNC $$
+drop table IF EXISTS XMS_STAT_DIM_TIME $$
+
+CREATE TABLE XMS_LOG
+(
+    ID         varchar(48)   NOT NULL PRIMARY KEY,
+    LOG_TYPE   varchar(48)   DEFAULT NULL,
+    `SYSTEM`   varchar(48)   DEFAULT NULL,
+    SOFTWARE   varchar(48)   DEFAULT NULL,
+    `FUNCTION` varchar(48)   DEFAULT NULL,
+    ACTION     varchar(48)   DEFAULT NULL,
+    `LEVEL`    varchar(48)   DEFAULT NULL,
+    RESULT     varchar(48)   DEFAULT NULL,
+    DETAIL     varchar(500)  DEFAULT NULL,
+    EXTRA      varchar(500)  DEFAULT NULL,
+    SUB_NAME   varchar(48)   DEFAULT NULL,
+    SUB_ID     varchar(48)   DEFAULT NULL,
+    SUB_IP     varchar(48)   DEFAULT NULL,
+    OBJ_NAME   varchar(48)   DEFAULT NULL,
+    OBJ_ID     varchar(48)   DEFAULT NULL,
+    OBJ_IP     varchar(48)   DEFAULT NULL,
+    EVENT_TIME varchar(48)   DEFAULT NULL,
+    SIGN       varchar(128)  DEFAULT NULL,
+    CREATED_AT timestamp     NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    UPDATED_AT timestamp     NOT NULL DEFAULT CURRENT_TIMESTAMP
+) $$
+
+CREATE TABLE XMS_STAT_DATA (
+  `ID` bigint NOT NULL AUTO_INCREMENT,
+  `USER_ID` varchar(48) NOT NULL,
+  `ADDR_ID` bigint NOT NULL,
+  `FUNC_ID` bigint NOT NULL,
+  `TIME_ID` bigint NOT NULL,
+  `VISIT` int DEFAULT 0,
+  `DURATION` bigint DEFAULT 0,
+  `CREATED_AT` timestamp DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (`ID`)
+) $$
+
+CREATE TABLE XMS_STAT_DIM_ADDR (
+  `ID` bigint NOT NULL,
+  `IP` varchar(50) NOT NULL,
+  `DOMAIN` varchar(50) NOT NULL,
+  `AREA` varchar(50) NOT NULL,
+  PRIMARY KEY (`ID`)
+) $$
+
+CREATE TABLE XMS_STAT_DIM_FUNC (
+  `ID` bigint NOT NULL,
+  `SOFT` varchar(50) NOT NULL,
+  `PART` varchar(50) NOT NULL,
+  `MODULE` varchar(50) NOT NULL,
+  `PAGE` varchar(50) NOT NULL,
+  PRIMARY KEY (`ID`)
+) $$
+
+CREATE TABLE XMS_STAT_DIM_TIME (
+  `ID` bigint NOT NULL,
+  `YEAR` int NOT NULL,
+  `MONTH` int NOT NULL,
+  `DAY_OF_YEAR` int NOT NULL,
+  `DAY_OF_MONTH` int NOT NULL,
+  `HOUR` int NOT NULL,
+  PRIMARY KEY (`ID`)
+) $$
+

xms-core/apps/xms-init/src/main/resources/sql/mysql/xms-soft-model.sql

@@ -0,0 +1,15 @@
+drop table IF EXISTS XMS_SOFT_CODE $$
+
+CREATE TABLE XMS_SOFT_CODE
+(
+    ID         VARCHAR(50)  NOT NULL PRIMARY KEY,
+    NAME       VARCHAR(50),
+    CODE       VARCHAR(500),
+    `DESCRIBE`   VARCHAR(2000),
+    TYPE       VARCHAR(50),
+    REMARK     VARCHAR(255),
+    REVISION   bigint,
+    CREATED_AT datetime,
+    UPDATED_AT datetime,
+    APP_ID     VARCHAR(50)
+) $$

xms-core/apps/xms-init/src/main/resources/sql/oscar/data.sql

@@ -0,0 +1,11 @@
+insert into GAF_USER_INFO (USER_ID, NAME, STATUS, CREATED_AT, UPDATED_AT, ORIGIN) values ('00000000-0000-0000-0000-000000000000', '系统管理员', '0', now(), now(), 'default');
+insert into GAF_USER_ACCT ( USER_ID, ACCOUNT, SECRET, STATUS, EXPIRED, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000000', 'admin', '12345678', '0', 0, now(), now());
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000001', '0', 'admin', '系统管理员', '1', 1);
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000002', '0', 'audit', '安全审计员', '1', 2);
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000003', '0', 'secadm', '安全管理员', '1', 3);
+insert into GAF_ROLE_ITEM ( ID, ITEM_TYPE, CODE, NAME, PRESET, RANKING) values ('00000000-0000-0000-0000-000000000004', '0', 'user', '业务操作员', '1', 4);
+insert into XMS_APP_INFO ( APP_ID, CODE, NAME, REMARK, STATUS, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000000', 'SYSTEM', '系统应用', '系统预设，用于系统管理', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000001', '00000000-0000-0000-0000-000000000000', 'admin', '系统管理员', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000002', '00000000-0000-0000-0000-000000000000', 'audit', '安全审计员', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000003', '00000000-0000-0000-0000-000000000000', 'secadm', '安全管理员', '0', now(), now());
+insert into XMS_APP_ROLE (ROLE_ID, APP_ID, CODE, NAME, ITEM_TYPE, CREATED_AT, UPDATED_AT) values ('00000000-0000-0000-0000-000000000004', '00000000-0000-0000-0000-000000000000', 'user', '业务操作员', '0', now(), now());

xms-core/apps/xms-init/src/main/resources/sql/oscar/dict.sql

@@ -0,0 +1,33 @@
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '01', '启用状态', 'usage', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '02', '用户状态', 'status', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '03', '注册状态', 'reg', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '04', '角色类型', 'role', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '05', '机构类型', 'org', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '06', '设备状态', 'device', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '07', '凭证类型', 'cred', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, ALIAS, STATUS, PRESET) values (newid(), 'group', '08', '设备类型', 'devtype', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '01', '0', '正常', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '01', '1', '停用', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '02', '0', '正常', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '02', '1', '注销', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '02', '2', '冻结', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '03', '0', '待审核', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '03', '1', '审核通过', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '03', '2', '已驳回', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '04', '0', '普通角色', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '04', '1', '组合角色', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '05', '0', '军', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '05', '1', '民', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '06', '0', '正常', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '06', '1', '挂失', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '06', '2', '损毁', '0', '1');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'ukey', '证书(UKey)', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'token', '动态令牌', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'fingerprint', '指纹', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'fingervein', '指静脉', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'face', '人脸', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '07', 'iris', '虹膜', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '08', 'ukey', '证书UKey', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '08', 'tf', '证书TF卡', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '08', 'token', '动态令牌', '0', '0');
+insert into GAF_CODE_ITEM ( ID, ITEM_TYPE, CODE, NAME, STATUS, PRESET) values (newid(), '08', 'identity', '用户身份卡', '0', '0');

xms-core/apps/xms-init/src/main/resources/sql/oscar/schema-gaf.sql

@@ -0,0 +1,127 @@
+drop table IF EXISTS GAF_BIND_ITEM $$
+drop table IF EXISTS GAF_CODE_ITEM $$
+drop table IF EXISTS GAF_DEPT_ITEM $$
+drop table IF EXISTS GAF_LOG $$
+drop table IF EXISTS GAF_MENU_ITEM $$
+drop table IF EXISTS GAF_ROLE_ITEM $$
+drop table IF EXISTS GAF_USER_ACCT $$
+drop table IF EXISTS GAF_USER_INFO $$
+
+create table GAF_BIND_ITEM
+(
+	ID varchar(48) not null
+			primary key,
+	BIND_TYPE varchar(48) not null,
+	SOURCE varchar(48),
+	TARGET varchar(48),
+	PARAM varchar(255),
+	CREATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table GAF_CODE_ITEM
+(
+	ID varchar(48) not null
+			primary key,
+	CODE varchar(48),
+	NAME varchar(48),
+	ITEM_TYPE varchar(48),
+	STATUS varchar(48),
+	ALIAS varchar(48),
+	PRESET int,
+	REMARK varchar(255)
+) $$
+
+create table GAF_DEPT_ITEM
+(
+	ID varchar(48) not null
+			primary key,
+	PID varchar(48),
+	CODE varchar(48),
+	NAME varchar(48),
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table GAF_LOG
+(
+	ID varchar(48) not null
+			primary key,
+	LOG_TYPE varchar(48),
+	LEVEL varchar(48),
+	MODULE varchar(48),
+	EVENT varchar(48),
+	ACTION varchar(48),
+	PARAM varchar(255),
+	TARGET varchar(48),
+	RESULT varchar(48),
+	DETAIL varchar(500),
+	EVENT_TIME varchar(48),
+	TIMESTAMP bigint,
+	EXTRA varchar(500),
+	USER_NAME varchar(48),
+	USER_ACCT varchar(48),
+	USER_IP varchar(48),
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp
+) $$
+
+create table GAF_MENU_ITEM
+(
+	ID varchar(48) not null
+			primary key,
+	PID varchar(48),
+	TITLE varchar(48),
+	ICON varchar(48),
+	MODE varchar(48),
+	MODULE varchar(48),
+	PATH varchar(255),
+	URL varchar(255),
+	TARGET varchar(48),
+	VISIBLE boolean,
+	RANKING bigint,
+	PRESET int,
+	REMARK varchar(255)
+) $$
+
+create table GAF_ROLE_ITEM
+(
+	ID varchar(48) not null
+			primary key,
+	CODE varchar(48),
+	NAME varchar(48),
+	ITEM_TYPE varchar(48),
+	PRESET int,
+	RANKING bigint,
+	REMARK varchar(255)
+) $$
+
+create table GAF_USER_ACCT
+(
+	USER_ID varchar(48) not null
+			primary key,
+	ACCOUNT varchar(48),
+	SECRET varchar(128),
+	STATUS varchar(48),
+	EXPIRED bigint,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table GAF_USER_INFO
+(
+	USER_ID varchar(48) not null
+			primary key,
+	NAME varchar(48),
+	TITLE varchar(48),
+	GENDER varchar(48),
+	MOBILE varchar(48),
+	EMAIL varchar(100),
+	STATUS varchar(48),
+	ORIGIN varchar(48),
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$

xms-core/apps/xms-init/src/main/resources/sql/oscar/schema-xms.sql

@@ -0,0 +1,334 @@
+drop table IF EXISTS XMS_APP_INFO $$
+drop table IF EXISTS XMS_APP_POLICY_INFO $$
+drop table IF EXISTS XMS_APP_POLICY_ITEM $$
+drop table IF EXISTS XMS_APP_RES $$
+drop table IF EXISTS XMS_APP_ROLE $$
+drop table IF EXISTS XMS_BIND_ITEM $$
+drop table IF EXISTS XMS_TASK_LOG $$
+drop table IF EXISTS XMS_USER_ACCT $$
+drop table IF EXISTS XMS_USER_CERT $$
+drop table IF EXISTS XMS_USER_CRED $$
+drop table IF EXISTS XMS_USER_GROUP $$
+drop table IF EXISTS XMS_USER_INFO $$
+drop table IF EXISTS XMS_USER_ORG $$
+drop table IF EXISTS XMS_USER_REGISTER $$
+drop table IF EXISTS XMS_USER_REGISTER_CRED $$
+drop table IF EXISTS XMS_DEVICE_INFO $$
+drop table IF EXISTS XMS_DATA_REVISION $$
+drop table IF EXISTS XMS_FILE_DATA $$
+drop table IF EXISTS XMS_USER_RULE $$
+
+create table XMS_APP_INFO
+(
+	APP_ID varchar(48) not null
+			primary key,
+	CODE varchar(48),
+	NAME varchar(48),
+	PHONE varchar(48),
+	URL varchar(255),
+	ADMIN varchar(48),
+	STATUS varchar(48),
+    REVISION   bigint,
+    ORDER_NUM  int default 0,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_APP_POLICY_INFO
+(
+	POLICY_ID varchar(48) not null
+			primary key,
+	PARENT_ID varchar(48),
+	APP_ID varchar(48),
+	CODE varchar(100),
+	NAME varchar(100),
+	RANKING bigint,
+    ORDER_NUM  int default 0,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_APP_POLICY_ITEM
+(
+	ID varchar(48) not null
+			primary key,
+	APP_ID varchar(48),
+	POLICY_ID varchar(48),
+	ITEM_KEY varchar(48),
+    NAME varchar(48),
+	ITEM_VALUE varchar(255),
+	ITEM_TYPE varchar(48),
+    ORDER_NUM  int default 0,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_APP_RES
+(
+	RES_ID varchar(48) not null
+			primary key,
+	APP_ID varchar(48),
+	CODE varchar(48),
+	NAME varchar(48),
+	VALUE varchar(255),
+    ORDER_NUM  int default 0,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_APP_ROLE
+(
+	ROLE_ID varchar(48) not null
+			primary key,
+	APP_ID varchar(48),
+	CODE varchar(48),
+	NAME varchar(48),
+	ITEM_TYPE varchar(48),
+    ORDER_NUM  int default 0,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_BIND_ITEM
+(
+	ID varchar(48) not null
+			primary key,
+	APP_ID varchar(48),
+	USER_ID varchar(48),
+	SOURCE varchar(48),
+	TARGET varchar(48),
+	BIND_TYPE varchar(48),
+	PARAM varchar(255),
+	CREATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_TASK_LOG
+(
+    TASK_ID varchar(48) not null
+        primary key,
+    TASK_TYPE varchar(48),
+    DATA_TYPE varchar(48),
+    STATUS varchar(48),
+    PROGRESS int,
+    SUMMARY varchar(255),
+    START_TIME timestamp,
+    END_TIME timestamp,
+    FILE_PATH varchar(255),
+    FILE_TYPE varchar(48),
+    EXTRA varchar(255),
+    CREATED_AT timestamp,
+    UPDATED_AT timestamp,
+    REMARK varchar(255)
+) $$
+
+create table XMS_USER_ACCT
+(
+	ACCT_ID varchar(48) not null
+			primary key,
+	USER_ID varchar(48),
+	ACCOUNT varchar(48),
+	SECRET varchar(128),
+	STATUS varchar(48),
+	ACTIVATED timestamp,
+	EXPIRED bigint,
+    LOGIN_MODE varchar(255),
+    MASTER int default 0,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_USER_CERT
+(
+	CERT_ID varchar(48) not null
+			primary key,
+	USER_ID varchar(48),
+	CN varchar(100),
+	DN varchar(255),
+	KEK_PUB varchar(255),
+	KEY_ALGO varchar(255),
+	ECK_SIGN varchar(255),
+	ECK_ENC varchar(255),
+	SIGN_PRV varchar(255),
+	SIGN_CERT varchar(2048),
+	ENC_PRV varchar(255),
+	ENC_CERT varchar(2048),
+	VALIDITY int,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp
+) $$
+
+create table XMS_USER_CRED
+(
+	CRED_ID varchar(48) not null
+			primary key,
+	USER_ID varchar(48),
+	NAME varchar(48),
+	ITEM_TYPE varchar(48),
+	DATA clob,
+	STATUS varchar(48),
+	EXPIRED bigint,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_USER_GROUP
+(
+	GROUP_ID varchar(48) not null
+			primary key,
+	CODE varchar(48),
+	NAME varchar(255),
+    REVISION   bigint,
+    ORDER_NUM  int default 0,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_USER_INFO
+(
+	USER_ID varchar(48) not null
+			primary key,
+	NAME varchar(48),
+	CODE varchar(48),
+	SFZH varchar(48),
+	BZKH varchar(48),
+	JRZJH varchar(48),
+	SEX varchar(48),
+	TITLE varchar(48),
+	PHONE varchar(48),
+	EMAIL varchar(100),
+	ADDR varchar(255),
+	STATUS varchar(48),
+	ORIGIN varchar(48),
+	AVATAR varchar(48),
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_USER_ORG
+(
+	ORG_ID varchar(48) not null
+			primary key,
+	PARENT_ID varchar(48),
+	CODE varchar(48),
+	NAME varchar(255),
+	LEVEL varchar(48),
+    REVISION   bigint,
+    ORDER_NUM  int default 0,
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_USER_REGISTER
+(
+	USER_ID varchar(48) not null
+			primary key,
+    ORG_ID varchar(48),
+	ACCOUNT varchar(48),
+	SECRET varchar(128),
+	NAME varchar(48),
+	CODE varchar(48),
+	SFZH varchar(48),
+	BZKH varchar(48),
+	JRZJH varchar(48),
+	SEX varchar(48),
+	TITLE varchar(48),
+	PHONE varchar(48),
+	EMAIL varchar(100),
+	ADDR varchar(255),
+	STATUS varchar(48),
+	AVATAR varchar(48),
+	CREATED_AT timestamp,
+	UPDATED_AT timestamp,
+	REMARK varchar(255)
+) $$
+
+create table XMS_USER_REGISTER_CRED
+(
+	CRED_ID varchar(48) not null
+			primary key,
+	USER_ID varchar(48),
+	ITEM_TYPE varchar(48),
+	NAME varchar(48),
+	DATA clob
+) $$
+
+CREATE TABLE XMS_DEVICE_INFO
+(
+    ID         varchar(48) NOT NULL PRIMARY KEY,
+    CODE       varchar(100),
+    NAME       varchar(100),
+    SERIAL     varchar(100),
+    ITEM_TYPE  varchar(20),
+    STATUS     varchar(20),
+    DATA       varchar(4000),
+    CREATED_AT timestamp,
+    UPDATED_AT timestamp,
+    REMARK     varchar(255)
+) $$
+
+CREATE TABLE XMS_DATA_REVISION
+(
+    ID         varchar(48)  NOT NULL PRIMARY KEY,
+    DATA_ID    varchar(48)  NOT NULL,
+    ITEM_TYPE  varchar(48)  NOT NULL,
+    STATE      int          DEFAULT 0,
+    REVISION   bigint       NOT NULL,
+    ORIGIN     varchar(48)  DEFAULT NULL,
+    CREATED_AT timestamp    NOT NULL,
+    UPDATED_AT timestamp    NOT NULL,
+    REMARK     varchar(255) DEFAULT NULL
+) $$
+
+CREATE TABLE XMS_FILE_DATA (
+    ID varchar(48) NOT NULL PRIMARY KEY,
+    ITEM_TYPE varchar(48) DEFAULT NULL,
+    OWNER_ID varchar(48) DEFAULT NULL,
+    FILE_NAME varchar(255) DEFAULT NULL,
+    FILE_TYPE varchar(48) DEFAULT NULL,
+    FILE_DATA blob,
+    CREATED_AT timestamp    NOT NULL,
+    UPDATED_AT timestamp    NOT NULL,
+    REMARK varchar(255) DEFAULT NULL
+) $$
+
+create table XMS_USER_RULE
+(
+    RULE_ID   varchar(48) not null
+        primary key,
+    CODE       varchar(48),
+    NAME       varchar(100),
+    QUERY      varchar(255),
+    REVISION   bigint,
+    ORDER_NUM  int default 0,
+    CREATED_AT timestamp,
+    UPDATED_AT timestamp,
+    REMARK     varchar(255)
+) $$
+
+-- 绑定信息索引
+CREATE INDEX IDX_XMS_BIND_ITEM_1 ON XMS_BIND_ITEM (BIND_TYPE) $$
+CREATE INDEX IDX_XMS_BIND_ITEM_2 ON XMS_BIND_ITEM (BIND_TYPE, SOURCE) $$
+CREATE INDEX IDX_XMS_BIND_ITEM_3 ON XMS_BIND_ITEM (BIND_TYPE, TARGET) $$
+CREATE INDEX IDX_XMS_BIND_ITEM_4 ON XMS_BIND_ITEM (CREATED_AT) $$
+-- 同步数据索引
+CREATE INDEX XMS_DATA_REVISION_1 ON XMS_DATA_REVISION (REVISION) $$
+CREATE INDEX XMS_DATA_REVISION_2 ON XMS_DATA_REVISION (ITEM_TYPE, REVISION) $$
+CREATE INDEX XMS_DATA_REVISION_3 ON XMS_DATA_REVISION (DATA_ID) $$
+CREATE INDEX XMS_DATA_REVISION_4 ON XMS_DATA_REVISION (ITEM_TYPE) $$
+CREATE UNIQUE INDEX XMS_DATA_REVISION_5 ON XMS_DATA_REVISION (ITEM_TYPE, DATA_ID) $$
+-- 用户信息索引
+CREATE INDEX IDX_XMS_USER_INFO_1 ON XMS_USER_INFO (CODE) $$
+CREATE INDEX IDX_XMS_USER_INFO_2 ON XMS_USER_INFO (SFZH) $$
+CREATE INDEX IDX_XMS_USER_INFO_3 ON XMS_USER_INFO (BZKH) $$
+CREATE INDEX IDX_XMS_USER_INFO_4 ON XMS_USER_INFO (JRZJH) $$

xms-core/apps/xms-init/src/main/resources/sql/oscar/trigger-gaf.sql

@@ -0,0 +1,43 @@
+
+/* TRIGGER STRUCTURE FOR TABLE GAF_USER_INFO */
+DROP TRIGGER IF EXISTS GAF_DELETE_USER $$
+
+CREATE TRIGGER GAF_DELETE_USER AFTER DELETE ON GAF_USER_INFO FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除帐号关联*/
+	DELETE FROM GAF_USER_ACCT
+	WHERE USER_ID = :OLD.USER_ID;
+	/*删除多对多关系*/
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE SOURCE = :OLD.USER_ID
+		AND SPLIT_PART(BIND_TYPE,'-',1) = 'user';
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE TARGET = :OLD.USER_ID
+		AND SPLIT_PART(BIND_TYPE,'-',2) = 'user';
+    END; $$
+
+/* TRIGGER STRUCTURE FOR TABLE GAF_DEPT_ITEM */
+DROP TRIGGER IF EXISTS GAF_DELETE_DEPT $$
+
+CREATE TRIGGER GAF_DELETE_DEPT AFTER DELETE ON GAF_DEPT_ITEM FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE SOURCE = :OLD.ID
+		AND SPLIT_PART(BIND_TYPE,'-',1) = 'dept';
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE TARGET = :OLD.ID
+		AND SPLIT_PART(BIND_TYPE,'-',2) = 'dept';
+    END; $$
+
+/* TRIGGER STRUCTURE FOR TABLE GAF_ROLE_ITEM */
+DROP TRIGGER IF EXISTS GAF_DELETE_ROLE $$
+
+CREATE TRIGGER GAF_DELETE_ROLE AFTER DELETE ON GAF_ROLE_ITEM FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE SOURCE = :OLD.ID
+		AND SPLIT_PART(BIND_TYPE,'-',1) = 'role';
+	DELETE FROM  GAF_BIND_ITEM
+	WHERE TARGET = :OLD.ID
+		AND SPLIT_PART(BIND_TYPE,'-',2) = 'role';
+    END; $$

xms-core/apps/xms-init/src/main/resources/sql/oscar/trigger-xms.sql

@@ -0,0 +1,139 @@
+
+/* Trigger structure for table  xms_app_info  */
+DROP TRIGGER IF EXISTS  delete_app  $$
+
+CREATE TRIGGER  delete_app  AFTER DELETE ON  xms_app_info  FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除资源关联*/
+	delete from xms_app_res
+	where app_id = :old.app_id;
+	/*2.删除角色关联*/
+	DELETE FROM  xms_app_role
+	WHERE app_id = :old.app_id;
+	/*3.删除策略信息*/
+	DELETE FROM  XMS_APP_POLICY_INFO
+	WHERE APP_ID = OLD.APP_ID;
+	DELETE FROM  XMS_APP_POLICY_ITEM
+	WHERE APP_ID = OLD.APP_ID;
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = :old.app_id
+		AND SPLIT_PART(bind_type,'-',1) = 'app';
+	DELETE FROM  xms_bind_item
+	WHERE target = :old.app_id
+		AND SPLIT_PART(bind_type,'-',2) = 'app';
+    END; $$
+
+/* Trigger structure for table  xms_app_res  */
+DROP TRIGGER IF EXISTS  delete_res $$
+
+CREATE TRIGGER  delete_res  AFTER DELETE ON  xms_app_res  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = :old.res_id
+		AND SPLIT_PART(bind_type,'-',1) = 'res';
+	DELETE FROM  xms_bind_item
+	WHERE target = :old.res_id
+		AND SPLIT_PART(bind_type,'-',2) = 'res';
+    END; $$
+
+/* Trigger structure for table  xms_app_role  */
+DROP TRIGGER IF EXISTS  delete_role  $$
+
+CREATE TRIGGER  delete_role  AFTER DELETE ON  xms_app_role  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = :old.role_id
+		AND SPLIT_PART(bind_type,'-',1) = 'role';
+	DELETE FROM  xms_bind_item
+	WHERE target = :old.role_id
+		AND SPLIT_PART(bind_type,'-',2) = 'role';
+    END; $$
+
+/* Trigger structure for table  xms_user_acct  */
+DROP TRIGGER IF EXISTS  delete_acct  $$
+
+CREATE TRIGGER  delete_acct  AFTER DELETE ON  xms_user_acct  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = :old.acct_id
+		and SPLIT_PART(bind_type,'-',1) = 'acct';
+	DELETE FROM  xms_bind_item
+	WHERE target = :old.acct_id
+		AND SPLIT_PART(bind_type,'-',2) = 'acct';
+    END; $$
+
+/* Trigger structure for table  xms_user_cred  */
+DROP TRIGGER IF EXISTS  delete_cred  $$
+
+CREATE TRIGGER  delete_cred  AFTER DELETE ON  xms_user_cred  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = :old.cred_id
+		and SPLIT_PART(bind_type,'-',1) = 'cred';
+	DELETE FROM  xms_bind_item
+	WHERE target = :old.cred_id
+		AND SPLIT_PART(bind_type,'-',2) = 'cred';
+    END; $$
+
+/* Trigger structure for table  xms_user_cert  */
+DROP TRIGGER IF EXISTS  delete_cert  $$
+
+CREATE TRIGGER  delete_cert  AFTER DELETE ON  xms_user_cert  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = :old.cert_id
+		AND SPLIT_PART(bind_type,'-',1) = 'cert';
+	DELETE FROM  xms_bind_item
+	WHERE target = :old.cert_id
+		AND SPLIT_PART(bind_type,'-',2) = 'cert';
+    END; $$
+
+/* Trigger structure for table  xms_user_group  */
+DROP TRIGGER IF EXISTS  delete_group  $$
+
+CREATE TRIGGER  delete_group  AFTER DELETE ON  xms_user_group  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = :old.group_id
+		AND SPLIT_PART(bind_type,'-',1) = 'group';
+	DELETE FROM  xms_bind_item
+	WHERE target = :old.group_id
+		AND SPLIT_PART(bind_type,'-',2) = 'group';
+    END; $$
+
+/* Trigger structure for table  xms_user_info  */
+DROP TRIGGER IF EXISTS  delete_user  $$
+
+CREATE TRIGGER  delete_user  AFTER DELETE ON  xms_user_info  FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除帐号关联*/
+	DELETE FROM xms_user_acct
+	WHERE user_id = :old.user_id;
+	/*2.删除证书关联*/
+	DELETE FROM xms_user_cert
+	WHERE user_id = :old.user_id;
+	/*3.删除凭证关联*/
+	delete from xms_user_cred
+	where user_id = :old.user_id;
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = :old.user_id
+		AND SPLIT_PART(bind_type,'-',1) = 'user';
+	DELETE FROM  xms_bind_item
+	WHERE target = :old.user_id
+		AND SPLIT_PART(bind_type,'-',2) = 'user';
+    END; $$
+
+/* Trigger structure for table  xms_user_org  */
+DROP TRIGGER IF EXISTS  delete_org  $$
+
+CREATE TRIGGER  delete_org  AFTER DELETE ON  xms_user_org  FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = :old.org_id
+		AND SPLIT_PART(bind_type,'-',1) = 'org';
+	DELETE FROM  xms_bind_item
+	WHERE target = :old.org_id
+		AND SPLIT_PART(bind_type,'-',2) = 'org';
+    END; $$

xms-core/apps/xms-init/src/main/resources/sql/oscar/xms-log-stat.sql

@@ -0,0 +1,68 @@
+drop table IF EXISTS XMS_LOG $$
+drop table IF EXISTS XMS_STAT_DATA $$
+drop table IF EXISTS XMS_STAT_DIM_ADDR $$
+drop table IF EXISTS XMS_STAT_DIM_FUNC $$
+drop table IF EXISTS XMS_STAT_DIM_TIME $$
+
+CREATE TABLE XMS_LOG
+(
+    ID         varchar(48)   NOT NULL PRIMARY KEY,
+    LOG_TYPE   varchar(48)   DEFAULT NULL,
+    "SYSTEM"   varchar(48)   DEFAULT NULL,
+    SOFTWARE   varchar(48)   DEFAULT NULL,
+    "FUNCTION" varchar(48)   DEFAULT NULL,
+    ACTION     varchar(48)   DEFAULT NULL,
+    "LEVEL"    varchar(48)   DEFAULT NULL,
+    RESULT     varchar(48)   DEFAULT NULL,
+    DETAIL     varchar(500)  DEFAULT NULL,
+    EXTRA      varchar(500)  DEFAULT NULL,
+    SUB_NAME   varchar(48)   DEFAULT NULL,
+    SUB_ID     varchar(48)   DEFAULT NULL,
+    SUB_IP     varchar(48)   DEFAULT NULL,
+    OBJ_NAME   varchar(48)   DEFAULT NULL,
+    OBJ_ID     varchar(48)   DEFAULT NULL,
+    OBJ_IP     varchar(48)   DEFAULT NULL,
+    EVENT_TIME varchar(48)   DEFAULT NULL,
+    SIGN       varchar(128)  DEFAULT NULL,
+    CREATED_AT timestamp     NOT NULL,
+    UPDATED_AT timestamp     NOT NULL
+) $$
+
+CREATE TABLE XMS_STAT_DATA (
+  "ID" bigint NOT NULL AUTO_INCREMENT,
+  "USER_ID" varchar(48) NOT NULL,
+  "ADDR_ID" bigint NOT NULL,
+  "FUNC_ID" bigint NOT NULL,
+  "TIME_ID" bigint NOT NULL,
+  "VISIT" int DEFAULT 0,
+  "DURATION" bigint DEFAULT 0,
+  "CREATED_AT" timestamp NOT NULL,
+  PRIMARY KEY ("ID")
+) $$
+
+CREATE TABLE XMS_STAT_DIM_ADDR (
+  "ID" bigint NOT NULL,
+  "IP" varchar(50) NOT NULL,
+  "DOMAIN" varchar(50) NOT NULL,
+  "AREA" varchar(50) NOT NULL,
+  PRIMARY KEY ("ID")
+) $$
+
+CREATE TABLE XMS_STAT_DIM_FUNC (
+  "ID" bigint NOT NULL,
+  "SOFT" varchar(50) NOT NULL,
+  "PART" varchar(50) NOT NULL,
+  "MODULE" varchar(50) NOT NULL,
+  "PAGE" varchar(50) NOT NULL,
+  PRIMARY KEY ("ID")
+) $$
+
+CREATE TABLE XMS_STAT_DIM_TIME (
+  "ID" bigint NOT NULL,
+  "YEAR" int NOT NULL,
+  "MONTH" int NOT NULL,
+  "DAY_OF_YEAR" int NOT NULL,
+  "DAY_OF_MONTH" int NOT NULL,
+  "HOUR" int NOT NULL,
+  PRIMARY KEY ("ID")
+) $$

xms-core/bak/buildSrc/build.gradle.kts

@@ -0,0 +1,19 @@
+plugins {
+    `kotlin-dsl`
+}
+
+repositories {
+    // 阿里云镜像
+    maven { url = uri("https://maven.aliyun.com/repository/public") }
+    maven { url = uri("https://maven.aliyun.com/repository/gradle-plugin") }
+    maven { url = uri("https://maven.aliyun.com/repository/spring") }
+    maven { url = uri("https://maven.aliyun.com/repository/spring-plugin") }
+    // gradle
+    maven { url = uri("https://plugins.gradle.org/m2/") }
+    jcenter()
+}
+
+dependencies {
+    implementation("org.springframework.boot:spring-boot-gradle-plugin:2.3.3.RELEASE")
+}
+

xms-core/bak/buildSrc/src/main/kotlin/spring-boot-split.gradle.kts

@@ -0,0 +1,39 @@
+//plugins {
+//    `java-library`
+//    checkstyle
+//    id("org.springframework.boot")
+//}
+
+tasks.register<Sync>("ext-libs") {
+    from(configurations["runtimeClasspath"])
+    into("$buildDir/dist/ext")
+}
+
+tasks.register<Sync>("script") {
+    from("script")
+    into("$buildDir/script")
+    filesMatching("start.sh") {
+        expand("version" to version)
+    }
+}
+
+tasks.register<Copy>("dist") {
+    dependsOn(tasks.named("bootJar"), tasks.named("ext-libs"), tasks.named("script"))
+    from(tasks["bootJar"].outputs)
+    from("$buildDir/script")
+    into("$buildDir/dist")
+}
+
+tasks.getByName<org.springframework.boot.gradle.tasks.bundling.BootJar>("bootJar") {
+    // 排除所有jar包
+    exclude("*.jar")
+    // 依赖复制任务
+    // dependsOn(tasks.named("ext-libs"), tasks.named("script"))
+    //  指定依赖包的路径
+    manifest {
+        val classPath = configurations["runtimeClasspath"].files
+                .joinToString(" ") { "ext/${it.name}" }
+        attributes("Class-Path" to classPath)
+    }
+    into("$buildDir/dist")
+}

xms-core/build.gradle.kts

@@ -0,0 +1,114 @@
+import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
+
+val buildVersion: String by project
+val patchVersion: String by project
+val gafVersion: String by project
+val extVersion: String? by project
+
+group = "jit.xms"
+version = buildVersion
+
+extra["gafVersion"] = gafVersion
+extra["xmsVersion"] = buildVersion
+extra["extVersion"] = extVersion ?: buildVersion
+extra["springCloudVersion"] = "Hoxton.SR5"
+extra["fastjsonVersion"] = "1.2.72"
+extra["jjwtVersion"] = "0.10.5"
+
+val repoConf: String = System.getProperty("repoPath") ?: "/var/repo"
+val repoPath: String = file("$rootDir").toPath().root.resolve(repoConf).toString()
+
+plugins {
+    java
+    id("maven-publish")
+    id("io.spring.dependency-management") version "1.0.10.RELEASE"
+    id("org.springframework.boot") version "2.3.3.RELEASE" apply false
+    kotlin("jvm") version "1.3.72"
+    kotlin("plugin.spring") version "1.3.72" apply false
+    kotlin("plugin.jpa") version "1.3.72" apply false
+}
+
+repositories {
+    // 阿里云镜像
+    maven { url = uri("https://maven.aliyun.com/repository/public") }
+    maven { url = uri("https://maven.aliyun.com/repository/gradle-plugin") }
+    maven { url = uri("https://maven.aliyun.com/repository/spring") }
+    maven { url = uri("https://maven.aliyun.com/repository/spring-plugin") }
+    // mavenCentral()
+}
+
+configure(subprojects.filter { it.name != "platform" }) {
+    apply(plugin = "java")
+    apply(plugin = "maven-publish")
+    apply(plugin = "org.jetbrains.kotlin.jvm")
+
+    java {
+        disableAutoTargetJvm()
+    }
+
+    tasks.withType<JavaCompile> {
+        options.encoding = "UTF-8"
+        sourceCompatibility = "1.8"
+        targetCompatibility = "1.8"
+    }
+
+    tasks.withType<KotlinCompile> {
+        kotlinOptions {
+            freeCompilerArgs = listOf("-Xjsr305=strict")
+            jvmTarget = "1.8"
+        }
+    }
+
+    repositories {
+        maven {
+            name = "localRepo"
+            url = uri("file://$repoPath")
+        }
+        maven {
+            name = "cc-lotus"
+            url = uri("https://maven.cc-lotus.info/repository/maven-public/")
+        }
+        // 阿里云镜像
+        maven { url = uri("https://maven.aliyun.com/repository/public") }
+        maven { url = uri("https://maven.aliyun.com/repository/gradle-plugin") }
+        maven { url = uri("https://maven.aliyun.com/repository/spring") }
+        maven { url = uri("https://maven.aliyun.com/repository/spring-plugin") }
+        // mavenCentral()
+        jcenter()
+    }
+
+    publishing {
+        repositories {
+            maven {
+                name = "localRepo"
+                url = uri("file://$repoPath")
+            }
+        }
+    }
+}
+
+task<Copy>("dist") {
+    into("$buildDir/dist")
+    project(":services:service-all") {
+        from(tasks.withType<Jar>())
+    }
+    project(":apps:xms-all-in-one") {
+        from(tasks.withType<Jar>())
+    }
+    project(":apps:app-agent") {
+        from(tasks.withType<Jar>())
+    }
+}
+
+tasks.register<Delete>("cleanDist") {
+    delete("$rootDir/dist")
+    delete("$buildDir/dist")
+}
+tasks.named("clean") {
+    dependsOn(tasks.named("cleanDist"))
+}
+tasks.register("printProps") {
+    val splitJars: String by project
+    println(splitJars)
+}
+

xms-core/config/application.properties

@@ -0,0 +1,3 @@
+#changed by RefreshApplication::refresh
+#Thu Sep 10 14:10:27 CST 2020
+foo=bar

xms-core/db/触发器/mysql_delete.sql

@@ -0,0 +1,128 @@
+use xms;
+SET SQL_SAFE_UPDATES = 0;
+DELIMITER $$
+
+/* Trigger structure for tablegaf_user_acct `xms_app_info` */
+DROP TRIGGER IF EXISTS `delete_app` $$
+
+CREATE TRIGGER `delete_app` AFTER DELETE ON `xms_app_info` FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除资源关联*/
+	delete from xms_app_res
+	where app_id = old.app_id;
+	/*2.删除角色关联*/
+	DELETE FROM  xms_app_role
+	WHERE app_id = old.app_id;
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = old.app_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'app';		
+	DELETE FROM  xms_bind_item
+	WHERE target = old.app_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'app';		
+    END $$
+    
+/* Trigger structure for table `xms_app_res` */    
+DROP TRIGGER IF EXISTS `delete_res`$$
+
+CREATE TRIGGER `delete_res` AFTER DELETE ON `xms_app_res` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = old.res_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'res';
+	DELETE FROM  xms_bind_item
+	WHERE target = old.res_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'res';
+    END $$
+    
+/* Trigger structure for table `xms_app_role` */
+DROP TRIGGER IF EXISTS `delete_role` $$
+
+CREATE TRIGGER `delete_role` AFTER DELETE ON `xms_app_role` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = old.role_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'role';
+	DELETE FROM  xms_bind_item
+	WHERE target = old.role_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'role';
+    END $$
+
+/* Trigger structure for table `xms_user_acct` */
+DROP TRIGGER IF EXISTS `delete_acct` $$
+
+CREATE TRIGGER `delete_acct` AFTER DELETE ON `xms_user_acct` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = old.acct_id
+		and SUBSTRING_INDEX(bind_type,'-',1) = 'acct';
+	DELETE FROM  xms_bind_item
+	WHERE target = old.acct_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'acct';
+    END $$
+
+/* Trigger structure for table `xms_user_cert` */
+DROP TRIGGER IF EXISTS `delete_cert` $$
+
+CREATE TRIGGER `delete_cert` AFTER DELETE ON `xms_user_cert` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = old.cert_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'cert';
+	DELETE FROM  xms_bind_item
+	WHERE target = old.cert_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'cert';
+    END $$
+
+/* Trigger structure for table `xms_user_group` */
+DROP TRIGGER IF EXISTS `delete_group` $$
+
+CREATE TRIGGER `delete_group` AFTER DELETE ON `xms_user_group` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = old.group_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'group';
+	DELETE FROM  xms_bind_item
+	WHERE target = old.group_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'group';
+    END $$
+
+/* Trigger structure for table `xms_user_info` */
+DROP TRIGGER IF EXISTS `delete_user` $$
+
+CREATE TRIGGER `delete_user` AFTER DELETE ON `xms_user_info` FOR EACH ROW BEGIN
+	/*删除一对多关系*/
+	/*1.删除帐号关联*/
+	DELETE FROM xms_user_acct
+	WHERE user_id = old.user_id;	
+	/*2.删除证书关联*/
+	DELETE FROM xms_user_cert
+	WHERE user_id = old.user_id;	
+	/*3.删除凭证关联*/
+	delete from xms_user_register_cred
+	where user_id = old.user_id;	
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = old.user_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'user';
+	DELETE FROM  xms_bind_item
+	WHERE target = old.user_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'user';
+    END $$
+
+/* Trigger structure for table `xms_user_org` */
+DROP TRIGGER IF EXISTS `delete_org` $$
+
+CREATE TRIGGER `delete_org` AFTER DELETE ON `xms_user_org` FOR EACH ROW BEGIN
+	/*删除多对多关系*/
+	DELETE FROM  xms_bind_item
+	WHERE source = old.org_id
+		AND SUBSTRING_INDEX(bind_type,'-',1) = 'org';
+	DELETE FROM  xms_bind_item
+	WHERE target = old.org_id
+		AND SUBSTRING_INDEX(bind_type,'-',-1) = 'org';
+    END $$
+
+DELIMITER ;
+
+SET SQL_SAFE_UPDATES = 1;

xms-core/db/触发器/mysql_revision.sql

@@ -0,0 +1,592 @@
+/*
+SQLyog Ultimate v11.11 (64 bit)
+MySQL - 5.5.20 : Database - xms
+*********************************************************************
+*/
+
+/*!40101 SET NAMES utf8 */;
+
+/*!40101 SET SQL_MODE=''*/;
+
+/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
+/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
+/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
+/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
+CREATE DATABASE /*!32312 IF NOT EXISTS*/`xms` /*!40100 DEFAULT CHARACTER SET utf8 */;
+
+USE `xms`;
+
+/* Trigger structure for table `xms_app_info` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_app_info_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_app_info_delete` BEFORE DELETE ON `xms_app_info` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.app_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_app_info` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_app_info_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_app_info_insert` AFTER INSERT ON `xms_app_info` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         type,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.updated_at,
+         new.app_id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_app_info',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_app_info` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_app_info_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_app_info_update` BEFORE UPDATE ON `xms_app_info` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.app_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_app_res` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_app_res_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_app_res_delete` BEFORE DELETE ON `xms_app_res` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.res_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_app_res` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_app_res_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_app_res_insert` AFTER INSERT ON `xms_app_res` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         TYPE,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.updated_at,
+         new.res_id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_app_res',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_app_res` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_app_res_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_app_res_update` BEFORE UPDATE ON `xms_app_res` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.res_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_app_role` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_app_role_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_app_role_delete` BEFORE DELETE ON `xms_app_role` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.role_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_app_role` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_app_role_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_app_role_insert` AFTER INSERT ON `xms_app_role` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         TYPE,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.updated_at,
+         new.role_id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_app_role',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_app_role` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_app_role_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_app_role_update` BEFORE UPDATE ON `xms_app_role` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.role_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_bind_item` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_bind_item_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_bind_item_delete` BEFORE DELETE ON `xms_bind_item` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_bind_item` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_bind_item_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_bind_item_insert` AFTER INSERT ON `xms_bind_item` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         TYPE,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.created_at,
+         new.id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_bind_item',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_bind_item` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_bind_item_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_bind_item_update` BEFORE UPDATE ON `xms_bind_item` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_acct` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_acct_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_acct_delete` BEFORE DELETE ON `xms_user_acct` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.acct_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_acct` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_acct_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_acct_insert` AFTER INSERT ON `xms_user_acct` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         TYPE,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.updated_at,
+         new.acct_id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_user_acct',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_acct` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_acct_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_acct_update` BEFORE UPDATE ON `xms_user_acct` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.acct_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_cert` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_cert_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_cert_delete` BEFORE DELETE ON `xms_user_cert` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.cert_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_cert` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_cert_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_cert_insert` AFTER INSERT ON `xms_user_cert` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         TYPE,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.updated_at,
+         new.cert_id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_user_cert',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_cert` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_cert_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_cert_update` BEFORE UPDATE ON `xms_user_cert` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.cert_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_cred` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_cred_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_cred_delete` BEFORE DELETE ON `xms_user_cred` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.cred_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_cred` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_cred_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_cred_insert` AFTER INSERT ON `xms_user_cred` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         type,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.updated_at,
+         new.cred_id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_user_cred',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_cred` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_cred_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_cred_update` BEFORE UPDATE ON `xms_user_cred` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.cred_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_group` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_group_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_group_delete` BEFORE DELETE ON `xms_user_group` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.group_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_group` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_group_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_group_insert` AFTER INSERT ON `xms_user_group` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         TYPE,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.updated_at,
+         new.group_id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_user_group',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_group` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_group_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_group_update` BEFORE UPDATE ON `xms_user_group` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.group_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_info` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_info_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_info_delete` BEFORE DELETE ON `xms_user_info` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.user_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_info` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_info_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_info_insert` AFTER INSERT ON `xms_user_info` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         TYPE,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.updated_at,
+         new.user_id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_user_info',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_info` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_info_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_info_update` BEFORE UPDATE ON `xms_user_info` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.user_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_org` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_org_delete` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_org_delete` BEFORE DELETE ON `xms_user_org` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET state = 1 WHERE data_id = old.org_id;
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_org` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_org_insert` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_org_insert` AFTER INSERT ON `xms_user_org` FOR EACH ROW BEGIN
+	INSERT INTO xms_data_revision
+        (id,
+         created_at,
+         updated_at,
+         data_id,
+         revision,
+         state,
+         TYPE,
+         remark)
+      VALUES
+        (uuid(),
+         new.created_at,
+         new.updated_at,
+         new.org_id,
+         UNIX_TIMESTAMP(NOW()),
+         0,
+         'xms_user_org',
+         null);
+    END */$$
+
+
+DELIMITER ;
+
+/* Trigger structure for table `xms_user_org` */
+
+DELIMITER $$
+
+/*!50003 DROP TRIGGER*//*!50032 IF EXISTS */ /*!50003 `xms_user_org_update` */$$
+
+/*!50003 CREATE */ /*!50017 DEFINER = 'xms'@'localhost' */ /*!50003 TRIGGER `xms_user_org_update` BEFORE UPDATE ON `xms_user_org` FOR EACH ROW BEGIN
+UPDATE xms_data_revision SET updated_at = updated_at, revision = UNIX_TIMESTAMP(NOW())
+       where data_id = old.org_id;
+    END */$$
+
+
+DELIMITER ;
+
+/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
+/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
+/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
+/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

xms-core/db/触发器/oracle_delete.sql

@@ -0,0 +1,180 @@
+--------------------------------------------------------
+-- Export file for user XMS@LOCALHOST                 --
+-- Created by Administrator on 2020/1/20 星期一, 9:40:11 --
+--------------------------------------------------------
+
+set define off
+spool delete_oracle.log
+
+prompt
+prompt Creating trigger DELETE_ACCT
+prompt ============================
+prompt
+create or replace trigger xms.delete_acct
+  after delete on xms_user_acct
+  for each row
+declare
+  -- local variables here
+begin
+  --删除关联表数据
+  DELETE FROM xms_bind_item
+   WHERE source = :old.acct_id
+     AND SUBSTR(bind_type, 0, 4) = 'acct';
+  DELETE FROM xms_bind_item
+   WHERE target = :old.acct_id
+     AND SUBSTR(bind_type, -4) = 'acct';
+end delete_acct;
+/
+
+prompt
+prompt Creating trigger DELETE_APP
+prompt ===========================
+prompt
+create or replace trigger xms.delete_app
+  after delete on xms_app_info
+  for each row
+declare
+  -- local variables here
+begin
+  --1.删除资源关联
+  DELETE FROM xms_app_res WHERE app_id = :old.app_id;
+  --2.删除角色关联
+  DELETE FROM xms_app_role WHERE app_id = :old.app_id;
+  --删除关联表数据
+  DELETE FROM xms_bind_item
+   WHERE source = :old.app_id
+     AND SUBSTR(bind_type, 0, 3) = 'app';
+  DELETE FROM xms_bind_item
+   WHERE target = :old.app_id
+     AND SUBSTR(bind_type, -3) = 'app';
+end delete_app;
+/
+
+prompt
+prompt Creating trigger DELETE_CERT
+prompt ============================
+prompt
+create or replace trigger xms.delete_cert
+  after delete on xms_user_cert
+  for each row
+declare
+  -- local variables here
+begin
+  --删除关联表数据
+  DELETE FROM xms_bind_item
+   WHERE source = :old.cert_id
+     AND SUBSTR(bind_type, 0, 4) = 'cert';
+  DELETE FROM xms_bind_item
+   WHERE target = :old.cert_id
+     AND SUBSTR(bind_type, -4) = 'cert';
+end delete_cert;
+/
+
+prompt
+prompt Creating trigger DELETE_GROUP
+prompt =============================
+prompt
+create or replace trigger xms.delete_group
+  after delete on xms_user_group
+  for each row
+declare
+  -- local variables here
+begin
+  --删除关联表数据
+  DELETE FROM xms_bind_item
+   WHERE source = :old.group_id
+     AND SUBSTR(bind_type, 0, 5) = 'group';
+  DELETE FROM xms_bind_item
+   WHERE target = :old.group_id
+     AND SUBSTR(bind_type, -5) = 'group';
+end delete_group;
+/
+
+prompt
+prompt Creating trigger DELETE_ORG
+prompt ===========================
+prompt
+create or replace trigger xms.delete_org
+  after delete on xms_user_org
+  for each row
+declare
+  -- local variables here
+begin
+  --删除关联表数据
+  DELETE FROM xms_bind_item
+   WHERE source = :old.org_id
+     AND SUBSTR(bind_type, 0, 3) = 'org';
+  DELETE FROM xms_bind_item
+   WHERE target = :old.org_id
+     AND SUBSTR(bind_type, -3) = 'org';
+end delete_org;
+/
+
+prompt
+prompt Creating trigger DELETE_RES
+prompt ===========================
+prompt
+create or replace trigger xms.delete_res
+  after delete on xms_app_res
+  for each row
+declare
+  -- local variables here
+begin
+  --删除关联表数据
+  DELETE FROM xms_bind_item
+   WHERE source = :old.res_id
+     AND SUBSTR(bind_type, 0, 3) = 'res';
+  DELETE FROM xms_bind_item
+   WHERE target = :old.res_id
+     AND SUBSTR(bind_type, -3) = 'res';
+end delete_res;
+/
+
+prompt
+prompt Creating trigger DELETE_ROLE
+prompt ============================
+prompt
+create or replace trigger xms.delete_role
+  after delete on xms_app_role
+  for each row
+declare
+  -- local variables here
+begin
+  --删除关联表数据
+  DELETE FROM xms_bind_item
+   WHERE source = :old.role_id
+     AND SUBSTR(bind_type, 0, 4) = 'role';
+  DELETE FROM xms_bind_item
+   WHERE target = :old.role_id
+     AND SUBSTR(bind_type, -4) = 'role';
+end delete_role;
+/
+
+prompt
+prompt Creating trigger DELETE_USER
+prompt ============================
+prompt
+create or replace trigger xms.delete_user
+  after delete on xms_user_info
+  for each row
+declare
+  -- local variables here
+begin
+  --1.删除帐号关联
+  DELETE FROM xms_user_acct WHERE user_id = :old.user_id;
+  --2.删除证书关联
+  DELETE FROM xms_user_cert WHERE user_id = :old.user_id;
+  --3.删除凭证关联
+  DELETE FROM xms_user_register_cred WHERE user_id = :old.user_id;
+  --删除关联表数据
+  DELETE FROM xms_bind_item
+   WHERE source = :old.user_id
+     AND SUBSTR(bind_type, 0, 4) = 'user';
+  DELETE FROM xms_bind_item
+   WHERE target = :old.user_id
+     AND SUBSTR(bind_type, -4) = 'user';
+end delete_user;
+/
+
+
+spool off