@RequestMapping(value = "/add", method = RequestMethod.POST)
  @ResponseBody
  public Map<String, Object> add(
      Employee employee,
      HttpSession session,
      HttpServletRequest request,
      HttpServletResponse response)
      throws Exception {

    User user = SystemContextUtils.getCurrentUser(session).getLoginedUser();
    String lcode = "employee/add";
    Boolean hasAuthority = authorityService.checkLcode(user.getId(), lcode);
    if (!hasAuthority) {
      throw new PermissionDeniedDataAccessException("没有添加员工的权限", null);
    }
    employee.setHelp_code(HanyuPinyinUtil.getFirstSpellByString(employee.getName()));
    employee.setCreated_at(DateTool.now());
    employee.setUpdated_at(DateTool.now());
    employee.setCreated_user(user.getId());
    int success = employeeService.add(employee);

    // 更新缓存
    SystemCache.initEmployeeList();

    return this.returnSuccess();
  }
  @RequestMapping(value = "/delete/{id}", method = RequestMethod.POST)
  @ResponseBody
  public Map<String, Object> delete(
      @PathVariable int id,
      HttpSession session,
      HttpServletRequest request,
      HttpServletResponse response)
      throws Exception {
    User user = SystemContextUtils.getCurrentUser(session).getLoginedUser();
    String lcode = "employee/delete";
    Boolean hasAuthority = authorityService.checkLcode(user.getId(), lcode);
    if (!hasAuthority) {
      throw new PermissionDeniedDataAccessException("没有删除员工的权限", null);
    }
    int success = employeeService.remove(id);

    // 更新缓存
    SystemCache.initEmployeeList();

    return this.returnSuccess();
  }