Index: forgon-core/src/main/java/com/forgon/security/service/UserManager.java
===================================================================
diff -u -r16519 -r17540
--- forgon-core/src/main/java/com/forgon/security/service/UserManager.java	(.../UserManager.java)	(revision 16519)
+++ forgon-core/src/main/java/com/forgon/security/service/UserManager.java	(.../UserManager.java)	(revision 17540)
@@ -8,6 +8,7 @@
 import net.sf.json.JSONObject;
 
 import com.forgon.directory.model.OrgUnit;
+import com.forgon.security.model.Role;
 import com.forgon.security.model.User;
 import com.forgon.tools.hibernate.BasePoManager;
 
@@ -89,4 +90,10 @@
 	 * @return
 	 */
 	public JSONObject user2json(User user);
+	/**
+	 * 获取该用户所有的角色，包括所有继承的角色.
+	 * @param user	目标用户
+	 * @return
+	 */
+	public Set<Role> getAllRolesByUser(User user);
 }
Index: forgon-core/src/main/java/com/forgon/security/service/UserManagerImpl.java
===================================================================
diff -u -r17533 -r17540
--- forgon-core/src/main/java/com/forgon/security/service/UserManagerImpl.java	(.../UserManagerImpl.java)	(revision 17533)
+++ forgon-core/src/main/java/com/forgon/security/service/UserManagerImpl.java	(.../UserManagerImpl.java)	(revision 17540)
@@ -27,7 +27,6 @@
 import com.forgon.directory.model.BarcodeDevice;
 import com.forgon.directory.model.OrgUnit;
 import com.forgon.directory.model.OrgUserRelation;
-import com.forgon.directory.service.SysUserManager;
 import com.forgon.security.model.Operation;
 import com.forgon.security.model.Role;
 import com.forgon.security.model.User;
@@ -53,15 +52,14 @@
 		super(User.class);
 	}
 	private SerialNumManager serialNumManager;
+	private RoleManager roleManager;
 	
-	private SysUserManager sysUserManager;
-	
 	public void setSerialNumManager(SerialNumManager serialNumManager) {
 		this.serialNumManager = serialNumManager;
 	}
 	
-	public void setSysUserManager(SysUserManager sysUserManager) {
-		this.sysUserManager = sysUserManager;
+	public void setRoleManager(RoleManager roleManager) {
+		this.roleManager = roleManager;
 	}
 
 	/**
@@ -513,7 +511,7 @@
 			String[] permitOperationIds = new String[]{"SSTS_Sterilization_remove","SSTS_Sterilization_Loading",
 					"SSTS_Sterilization_Update","SSTS_Sterilization_Delete","SSTS_Sterilization_Create",
 					"SSTS_Sterilization_Select"};
-			Set<Role> allRoles = sysUserManager.getAllRolesByUser(user);
+			Set<Role> allRoles = getAllRolesByUser(user);
 			for(Role role : allRoles){
 				for(String operationId : role.getOperationIdArr()){
 					if(ArrayUtils.contains(permitOperationIds, operationId)){
@@ -525,6 +523,24 @@
 		return false;
 	}
 	
+	public Set<Role> getAllRolesByUser(User user) {
+		Set<Role> allUserOfRoles = new HashSet<Role>();
+		if (user == null) {
+			return allUserOfRoles;
+		}
+		Set<Role> userRoles = user.getRoles();
+		if (userRoles != null) {
+			for (Role role : userRoles) {
+				Set<Role> inheritanceRoles = roleManager
+						.getAllInheritanceRoles(role);
+				if (inheritanceRoles != null) {
+					allUserOfRoles.addAll(inheritanceRoles);
+				}
+			}
+		}
+		return allUserOfRoles;
+	}
+	
 	/**
 	 * 根据用户名得到，用户名和用户姓名
 	 * @author Chenjiaru  2016-09-05