diff --git a/.setup/db-init.sql b/.setup/db-init.sql
index a74124085..827145674 100644
--- a/.setup/db-init.sql
+++ b/.setup/db-init.sql
@@ -340,15 +340,20 @@ alter table `login_log`
 
 -- User
 INSERT INTO `user` (`USER_ID`, `LOGIN_NAME`, `PASSWORD`, `FULL_NAME`, `DEPT_ID`, `ROLE_ID`, `IS_DISABLED`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
-  VALUES 
+  VALUES
   ('001-0000000000000000', 'system', 'system', '系统用户', '002-0000000000000001', '003-0000000000000001', 'T', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'XTYH'),
-  ('001-0000000000000001', 'admin', '8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918', '超级管理员', '002-0000000000000001', '003-0000000000000001', 'F', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'CJGLY');
+  ('001-0000000000000001', 'admin', '8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918', '超级管理员', '002-0000000000000001', '003-0000000000000001', 'F', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'CJGLY'),
+  ('001-9000000000000001', 'rebuild', 'cf44886e54f424ce136dc38e4d9ef5b4b556d06060705262d6fcce02b4322539', 'RB示例用户', '002-9000000000000001', '003-9000000000000001', 'F', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLYH');
 -- Department
 INSERT INTO `department` (`DEPT_ID`, `NAME`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
-  VALUES ('002-0000000000000001', '总部', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'ZB');
+  VALUES
+  ('002-0000000000000001', '总部', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'ZB'),
+  ('002-9000000000000001', 'RB示例部门', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLBM');
 -- Role
 INSERT INTO `role` (`ROLE_ID`, `NAME`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
-  VALUES ('003-0000000000000001', '管理员', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'GLY');
+  VALUES
+  ('003-0000000000000001', '管理员', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'GLY'),
+  ('003-9000000000000001', 'RB示例角色', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLJS');
 
 -- Layouts
 INSERT INTO `layout_config` (`CONFIG_ID`, `BELONG_ENTITY`, `CONFIG`, `APPLY_TYPE`, `SHARE_TO`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`)
diff --git a/pom.xml b/pom.xml
index cc72d20f8..984358e8b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
 	<groupId>com.rebuild</groupId>
 	<artifactId>rebuild</artifactId>
 	<packaging>war</packaging>
-	<version>1.1.0</version>
+	<version>1.2.0-dev</version>
 	<name>rebuild</name>
 	<description>Building your business-systems free!</description>
 	<url>https://getrebuild.com/</url>
diff --git a/src/main/java/com/rebuild/server/service/bizz/privileges/SecurityManager.java b/src/main/java/com/rebuild/server/service/bizz/privileges/SecurityManager.java
index ebf5947e6..27c8ebfd9 100644
--- a/src/main/java/com/rebuild/server/service/bizz/privileges/SecurityManager.java
+++ b/src/main/java/com/rebuild/server/service/bizz/privileges/SecurityManager.java
@@ -453,12 +453,12 @@ public class SecurityManager {
 	 * 扩展权限
 	 * 
 	 * @param user
-	 * @param zeroKey
+	 * @param entry
 	 * @return
 	 * @see ZeroPrivileges
 	 * @see ZeroPermission
 	 */
-	public boolean allowedZero(ID user, String zeroKey) {
+	public boolean allowed(ID user, ZeroEntry entry) {
 		if (UserService.ADMIN_USER.equals(user)) {
 			return true;
 		}
@@ -471,7 +471,9 @@ public class SecurityManager {
 			return true;
 		}
 		
-		return role.hasPrivileges(zeroKey) 
-				&& role.getPrivileges(zeroKey).allowed(ZeroPermission.ZERO);
+		if (role.hasPrivileges(entry.name())) {
+			return role.getPrivileges(entry.name()).allowed(ZeroPermission.ZERO);
+		}
+		return entry.getDefaultVal();
 	}
 }
diff --git a/src/main/java/com/rebuild/server/service/bizz/privileges/ZeroEntry.java b/src/main/java/com/rebuild/server/service/bizz/privileges/ZeroEntry.java
new file mode 100644
index 000000000..e101ad36f
--- /dev/null
+++ b/src/main/java/com/rebuild/server/service/bizz/privileges/ZeroEntry.java
@@ -0,0 +1,62 @@
+/*
+rebuild - Building your system freely.
+Copyright (C) 2019 devezhao <zhaofang123@gmail.com>
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <https://www.gnu.org/licenses/>.
+*/
+
+package com.rebuild.server.service.bizz.privileges;
+
+/**
+ * 扩权限项
+ * 
+ * @author devezhao zhaofang123@gmail.com
+ * @since 2019/04/13
+ */
+public enum ZeroEntry {
+
+	/**
+	 * 登录
+	 */
+	AllowLogin(true),
+	/**
+	 * 批量修改
+	 */
+	AllowBatchUpdate(false),
+	/**
+	 * 数据导入
+	 */
+	AllowDataImport(false),
+	/**
+	 * 数据导出
+	 */
+	AllowDataOutput(false),
+	
+	;
+	
+	private boolean defaultVal;
+	
+	private ZeroEntry(boolean defaultVal) {
+		this.defaultVal = defaultVal;
+	}
+	
+	/**
+	 * 默认值
+	 * 
+	 * @return
+	 */
+	public boolean getDefaultVal() {
+		return defaultVal;
+	}
+}
diff --git a/src/main/java/com/rebuild/server/service/bizz/privileges/ZeroPrivileges.java b/src/main/java/com/rebuild/server/service/bizz/privileges/ZeroPrivileges.java
index 3d279915f..cdc563c8c 100644
--- a/src/main/java/com/rebuild/server/service/bizz/privileges/ZeroPrivileges.java
+++ b/src/main/java/com/rebuild/server/service/bizz/privileges/ZeroPrivileges.java
@@ -32,28 +32,16 @@ import cn.devezhao.bizz.security.EntityPrivileges;
  * @author devezhao
  * @since 10/11/2018
  * @see EntityPrivileges
+ * @see ZeroEntry
  */
 public class ZeroPrivileges implements Privileges {
 	private static final long serialVersionUID = 7185091441777921842L;
 	
-	// ZERO 权限
-	
-	// 登录
-	public static final String AllowLogin = "AllowLogin";
-	// 批量修改
-	public static final String AllowBatchUpdate = "AllowBatchUpdate";
-	// 数据导入
-	public static final String AllowDataImport = "AllowDataImport";
-	// 数据导出
-	public static final String AllowDataOutput = "AllowDataOutput";
-	
-	// ----
-
 	private final String zreoKey;
 	private final String definition;
 	
 	/**
-	 * @param zreoKey
+	 * @param zreoKey {@link ZeroEntry}
 	 * @param definition
 	 */
 	public ZeroPrivileges(String zreoKey, String definition) {
diff --git a/src/main/java/com/rebuild/web/user/signin/LoginControll.java b/src/main/java/com/rebuild/web/user/signin/LoginControll.java
index 5c5a5d7e1..9fd0286b3 100644
--- a/src/main/java/com/rebuild/web/user/signin/LoginControll.java
+++ b/src/main/java/com/rebuild/web/user/signin/LoginControll.java
@@ -36,7 +36,7 @@ import com.rebuild.server.metadata.EntityHelper;
 import com.rebuild.server.service.DataSpecificationException;
 import com.rebuild.server.service.bizz.UserService;
 import com.rebuild.server.service.bizz.privileges.User;
-import com.rebuild.server.service.bizz.privileges.ZeroPrivileges;
+import com.rebuild.server.service.bizz.privileges.ZeroEntry;
 import com.rebuild.utils.AES;
 import com.rebuild.web.BasePageControll;
 import com.wf.captcha.utils.CaptchaUtil;
@@ -133,7 +133,7 @@ public class LoginControll extends BasePageControll {
 			writeFailure(response, "用户未激活");
 			return;
 		}
-		if (!Application.getSecurityManager().allowedZero(loginUser.getId(), ZeroPrivileges.AllowLogin)) {
+		if (!Application.getSecurityManager().allowed(loginUser.getId(), ZeroEntry.AllowLogin)) {
 			writeFailure(response, "用户无登录权限");
 			return;
 		}
diff --git a/src/main/resources/scripts/db-upgrade.sql b/src/main/resources/scripts/db-upgrade.sql
index bbfb604ff..86c9c84b4 100644
--- a/src/main/resources/scripts/db-upgrade.sql
+++ b/src/main/resources/scripts/db-upgrade.sql
@@ -1,6 +1,14 @@
 -- Database upgrade scripts for rebuild 1.x
 -- Each upgraded starts with `-- #VERSION`
 
+-- #3 Example User and Role (v1.2)
+INSERT INTO `user` (`USER_ID`, `LOGIN_NAME`, `PASSWORD`, `FULL_NAME`, `DEPT_ID`, `ROLE_ID`, `IS_DISABLED`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
+  VALUES ('001-9000000000000001', 'rebuild', 'cf44886e54f424ce136dc38e4d9ef5b4b556d06060705262d6fcce02b4322539', 'RB示例用户', '002-9000000000000001', '003-9000000000000001', 'F', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLYH');
+INSERT INTO `department` (`DEPT_ID`, `NAME`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
+  VALUES ('002-9000000000000001', 'RB示例部门', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLBM');
+INSERT INTO `role` (`ROLE_ID`, `NAME`, `CREATED_ON`, `CREATED_BY`, `MODIFIED_ON`, `MODIFIED_BY`, `QUICK_CODE`)
+  VALUES ('003-9000000000000001', 'RB示例角色', CURRENT_TIMESTAMP, '001-0000000000000000', CURRENT_TIMESTAMP, '001-0000000000000000', 'RBSLJS');
+
 -- #2 for Classification field (v1.1)
 -- ************ Entity [Classification] DDL ************
 create table if not exists `classification` (
diff --git a/src/test/java/com/rebuild/server/MiscTest.java b/src/test/java/com/rebuild/server/MiscTest.java
index efa16983c..3c0f39fbd 100644
--- a/src/test/java/com/rebuild/server/MiscTest.java
+++ b/src/test/java/com/rebuild/server/MiscTest.java
@@ -42,6 +42,5 @@ public class MiscTest {
 
 		System.out.println(System.getenv());
 		System.out.println(System.getProperties());
-		
 	}
 }