diff --git a/annotation/auth.py b/annotation/auth.py
index c30e316..2b59d39 100644
--- a/annotation/auth.py
+++ b/annotation/auth.py
@@ -40,3 +40,16 @@ class Auth:
             raise PermissionException(message="该用户无此接口权限！")
 
         return wrapper
+
+
+async def hasAuth(request: Request, permission: str) -> bool:
+    """
+    判断是有拥有某项权限
+    """
+    token = request.headers.get('Authorization')  # 直接使用 request 对象
+    current_user = await LoginController.get_current_user(request, token)
+    permissions = current_user.get('permissions')
+    if permission in permissions:
+        return True
+    else:
+        return False
diff --git a/api/code.py b/api/code.py
index 691ddbc..c10c29b 100644
--- a/api/code.py
+++ b/api/code.py
@@ -16,7 +16,7 @@ from fastapi import APIRouter, Depends, Path, Request, Query
 from fastapi.encoders import jsonable_encoder
 from fastapi.responses import JSONResponse, FileResponse
 
-from annotation.auth import Auth
+from annotation.auth import Auth, hasAuth
 from annotation.log import Log
 from config.constant import BusinessType
 from config.env import ElasticSearchConfig
@@ -476,10 +476,14 @@ async def get_code_log_list(request: Request,
         startTime = datetime.fromtimestamp(startTime)
         endTime = datetime.fromtimestamp(endTime)
         filterArgs['operation_time__range'] = [startTime, endTime]
-    if not department_id:
-        filterArgs['operator__department__id__in'] = sub_departments
+    if await hasAuth(request, "code:btn:logAdmin"):
+        if department_id:
+            filterArgs['operator__department__id'] = department_id
+        else:
+            filterArgs['operator__department__id__in'] = sub_departments
     else:
-        filterArgs['operator__department__id'] = department_id
+        if department_id:
+            filterArgs['operator__department__id'] = department_id
     count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count()
     data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").offset(
         (page - 1) * pageSize).limit(pageSize).values(
@@ -532,10 +536,14 @@ async def get_code_log_list(request: Request,
         startTime = datetime.fromtimestamp(startTime)
         endTime = datetime.fromtimestamp(endTime)
         filterArgs['operation_time__range'] = [startTime, endTime]
-    if not department_id:
-        filterArgs['operator__department__id__in'] = sub_departments
+    if await hasAuth(request, "code:btn:logAdmin"):
+        if department_id:
+            filterArgs['operator__department__id'] = department_id
+        else:
+            filterArgs['operator__department__id__in'] = sub_departments
     else:
-        filterArgs['operator__department__id'] = department_id
+        if department_id:
+            filterArgs['operator__department__id'] = department_id
     count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count()
     data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").values(
         id="id",
diff --git a/api/log.py b/api/log.py
index 18026d4..6ead48c 100644
--- a/api/log.py
+++ b/api/log.py
@@ -12,7 +12,7 @@ from fastapi import APIRouter, Depends, Path, Query, Request
 from fastapi.encoders import jsonable_encoder
 from fastapi.responses import JSONResponse
 
-from annotation.auth import Auth
+from annotation.auth import Auth, hasAuth
 from annotation.log import Log
 from config.constant import BusinessType, RedisKeyConfig
 from controller.login import LoginController
@@ -41,9 +41,8 @@ async def get_login_log(request: Request,
                         current_user: dict = Depends(LoginController.get_current_user),
                         ):
     sub_departments = current_user.get("sub_departments")
+    user_id = current_user.get("id")
     online_user_list = await LoginController.get_online_user(request, sub_departments)
-    online_user_list = list(
-        filter(lambda x: x["department_id"] in sub_departments, jsonable_encoder(online_user_list)))
     filterArgs = {
         f'{k}__contains': v for k, v in {
             'username': username,
@@ -56,10 +55,18 @@ async def get_login_log(request: Request,
         startTime = datetime.fromtimestamp(float(startTime) / 1000)
         endTime = datetime.fromtimestamp(float(endTime) / 1000)
         filterArgs['login_time__range'] = [startTime, endTime]
-    if not department_id:
-        filterArgs['user__department__id__in'] = sub_departments
+    if await hasAuth(request, "login:btn:admin"):
+        online_user_list = list(
+            filter(lambda x: x["department_id"] in sub_departments, jsonable_encoder(online_user_list)))
+        if not department_id:
+            filterArgs['user__department__id__in'] = sub_departments
+        else:
+            filterArgs['user__department__id'] = department_id
     else:
-        filterArgs['user__department__id'] = department_id
+        online_user_list = list(
+            filter(lambda x: x["user_id"] == user_id, jsonable_encoder(online_user_list)))
+        if department_id:
+            filterArgs['user__department__id'] = department_id
     result = await LoginLog.filter(**filterArgs, user__del_flag=1, del_flag=1).offset(
         (page - 1) * pageSize).limit(pageSize).values(
         id="id",
@@ -171,6 +178,7 @@ async def get_operation_log(request: Request,
                             current_user: dict = Depends(LoginController.get_current_user),
                             ):
     sub_departments = current_user.get("sub_departments")
+    user_id = current_user.get("id")
     filterArgs = {
         f'{k}__contains': v for k, v in {
             'operation_name': name,
@@ -185,10 +193,15 @@ async def get_operation_log(request: Request,
         startTime = datetime.fromtimestamp(float(startTime) / 1000)
         endTime = datetime.fromtimestamp(float(endTime) / 1000)
         filterArgs['operation_time__range'] = [startTime, endTime]
-    if not department_id:
-        filterArgs['department__id__in'] = sub_departments
+    if await hasAuth(request, "operation:btn:admin"):
+        if not department_id:
+            filterArgs['department__id__in'] = sub_departments
+        else:
+            filterArgs['department__id'] = department_id
     else:
-        filterArgs['department__id'] = department_id
+        filterArgs['operator__id'] = user_id
+        if department_id:
+            filterArgs['department__id'] = department_id
     result = await OperationLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).offset(
         (page - 1) * pageSize).limit(
         pageSize).values(
diff --git a/api/role.py b/api/role.py
index 4e2f7c6..8d11a5e 100644
--- a/api/role.py
+++ b/api/role.py
@@ -10,7 +10,7 @@ from typing import Optional
 from fastapi import APIRouter, Depends, Path, Query, Request
 from fastapi.responses import JSONResponse
 
-from annotation.auth import Auth
+from annotation.auth import Auth, hasAuth
 from annotation.log import Log
 from config.constant import BusinessType, RedisKeyConfig
 from controller.login import LoginController
@@ -194,8 +194,12 @@ async def get_role_list(
             "status": status
         }.items() if v
     }
-    if not department_id:
-        filterArgs["department__id__in"] = current_user.get("sub_departments")
+    if await hasAuth(request, "role:btn:admin"):
+        if not department_id:
+            filterArgs["department__id__in"] = current_user.get("sub_departments")
+    else:
+        if department_id:
+            filterArgs["department__id"] = department_id
     total = await Role.filter(**filterArgs, del_flag=1).count()
     data = await Role.filter(**filterArgs, del_flag=1).offset(
         (page - 1) * pageSize).limit(