diff --git a/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Controllers/AccountController.cs b/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Controllers/AccountController.cs
index 21678b45..9e1937df 100644
--- a/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Controllers/AccountController.cs
+++ b/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/Controllers/AccountController.cs
@@ -47,7 +47,8 @@ namespace Yi.Framework.ApiMicroservice.Controllers
             UserEntity user = new();
             if (await _iUserService.Login(loginDto.UserName, loginDto.Password, o => user = o))
             {
-                return Result.Success("登录成功！").SetData(new { token = _jwtInvoker.GetAccessToken(user) });
+             var userRoleMenu= await  _iUserService.GetUserAllInfo(user.Id);
+                return Result.Success("登录成功！").SetData(new { token = _jwtInvoker.GetAccessToken(userRoleMenu.User,userRoleMenu.Menus) });
             }
             return Result.SuccessError("登录失败！用户名或者密码错误！");
         }
@@ -80,6 +81,7 @@ namespace Yi.Framework.ApiMicroservice.Controllers
         /// </summary>
         /// <returns></returns>
         [HttpGet]
+        [Authorize]
         public async Task<Result> GetUserAllInfo()
         {
             //通过鉴权jwt获取到用户的id
diff --git a/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/yi-sqlsugar-dev.db b/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/yi-sqlsugar-dev.db
index 3913d1ee..1ae5c4f1 100644
Binary files a/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/yi-sqlsugar-dev.db and b/Yi.Framework.Net6/Yi.Framework.ApiMicroservice/yi-sqlsugar-dev.db differ
diff --git a/Yi.Framework.Net6/Yi.Framework.Core/JwtInvoker.cs b/Yi.Framework.Net6/Yi.Framework.Core/JwtInvoker.cs
index e599ff74..dbaf0e95 100644
--- a/Yi.Framework.Net6/Yi.Framework.Core/JwtInvoker.cs
+++ b/Yi.Framework.Net6/Yi.Framework.Core/JwtInvoker.cs
@@ -23,15 +23,15 @@ namespace Yi.Framework.Core
         }
         public string GetRefreshToken(UserEntity user)
         {
-            return this.GetToken(_JWTTokenOptions.ReExpiration, user, true);
+            return this.GetToken(_JWTTokenOptions.ReExpiration, user,null, true);
         }
 
-        public string GetAccessToken(UserEntity user)
+        public string GetAccessToken(UserEntity user,HashSet<MenuEntity> menus)
         {
-            return this.GetToken(_JWTTokenOptions.Expiration, user);
+            return this.GetToken(_JWTTokenOptions.Expiration, user, menus);
         }
 
-        private string GetToken(int minutes, UserEntity user, bool isRefresh = false)
+        private string GetToken(int minutes, UserEntity user, HashSet<MenuEntity> menus,bool isRefresh = false)
         {
             List<Claim> claims = new List<Claim>();
             claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"));
@@ -39,8 +39,11 @@ namespace Yi.Framework.Core
             claims.Add(new Claim(JwtRegisteredClaimNames.Sid, user.Id.ToString()));
 
             //-----------------------------以下从user的权限表中添加权限-----------------------例如：
-            claims.Add(new Claim("permission", "userentity:get:list"));
-            claims.Add(new Claim("permission", "userentity:get:one"));
+
+            foreach (var m in menus)
+            {
+                claims.Add(new Claim("permission", m.PermissionCode));
+            }
 
             if (isRefresh)
             {
diff --git a/Yi.Framework.Net6/Yi.Framework.WebCore/AttributeExtend/PermissionAttribute.cs b/Yi.Framework.Net6/Yi.Framework.WebCore/AttributeExtend/PermissionAttribute.cs
index 78f8655b..2e17d62f 100644
--- a/Yi.Framework.Net6/Yi.Framework.WebCore/AttributeExtend/PermissionAttribute.cs
+++ b/Yi.Framework.Net6/Yi.Framework.WebCore/AttributeExtend/PermissionAttribute.cs
@@ -3,6 +3,7 @@ using Microsoft.IdentityModel.JsonWebTokens;
 using System;
 using System.Collections.Generic;
 using System.Linq;
+using System.Text.RegularExpressions;
 using System.Threading.Tasks;
 
 namespace Yi.Framework.WebCore.AttributeExtend
@@ -40,11 +41,21 @@ namespace Yi.Framework.WebCore.AttributeExtend
             var perList = context.HttpContext.User.Claims.Where(u => u.Type == "permission").Select(u=> u.Value.ToString().ToLower()). ToList();
             //判断权限是否存在Redis中,或者jwt中
 
-            //if (perList.Contains(permission.ToLower()))
-            //{
-            //    result = true;
-            //}
-             result = true;
+            //进行正则表达式的匹配
+            Regex regex = new Regex($"{permission.ToLower()}");
+            foreach (var p in perList)
+            {
+                if (regex.IsMatch(p))
+                {
+                    result = true;
+                    break;
+                }
+            }
+            //用户的增删改查直接可以user:*即可
+
+
+            //这里暂时全部放行即可
+            result = true;
 
 
             if (!result)
diff --git a/Yi.Vue2.x/src/api/roleApi.js b/Yi.Vue2.x/src/api/roleApi.js
index 5252affb..c4bda7df 100644
--- a/Yi.Vue2.x/src/api/roleApi.js
+++ b/Yi.Vue2.x/src/api/roleApi.js
@@ -1,22 +1,11 @@
 import myaxios from '@/util/myaxios'
+import {objctToDic} from '@/util/objctHandle'
 export default {
     getList() {
         return myaxios({
             url: '/Role/GetList',
             method: 'post',
-            data: {
-                parameters: [
-                    {
-                        key: "isDeleted",
-                        value: "0",
-                        type: 0
-
-                    }
-                ],
-                orderBys: [
-                    "id"
-                ]
-            }
+            data: objctToDic()
         })
     },
     giveRoleSetMenu(roleList, menuList) {
diff --git a/Yi.Vue2.x/src/api/userApi.js b/Yi.Vue2.x/src/api/userApi.js
index a7131676..728e97a5 100644
--- a/Yi.Vue2.x/src/api/userApi.js
+++ b/Yi.Vue2.x/src/api/userApi.js
@@ -1,14 +1,5 @@
 import myaxios from '@/util/myaxios'
 export default {
-    SetRoleByUser(userIds, roleIds) {
-        return myaxios({
-            url: '/User/SetRoleByUser',
-            method: 'post',
-            data: { "ids1": userIds, "ids2": roleIds }
-        })
-    },
-
-
 
     GetUserInRolesByHttpUser() {
         return myaxios({
diff --git a/Yi.Vue2.x/src/components/TableApi.js b/Yi.Vue2.x/src/components/TableApi.js
index 3c4d26a6..2dcb0487 100644
--- a/Yi.Vue2.x/src/components/TableApi.js
+++ b/Yi.Vue2.x/src/components/TableApi.js
@@ -1,22 +1,11 @@
 import myaxios from '@/util/myaxios'
+import {objctToDic} from '@/util/objctHandle'
 export default {
     getItem(url) {
         return myaxios({
             url: url,
             method: 'post',
-            data: {
-                parameters: [
-                    {
-                        key: "isDeleted",
-                        value: "0",
-                        type: 0
-
-                    }
-                ],
-                orderBys: [
-                    "id"
-                ]
-            }
+            data: objctToDic()
         })
     },
     addItem(url, data) {
diff --git a/Yi.Vue2.x/src/components/ccTreeview.vue b/Yi.Vue2.x/src/components/ccTreeview.vue
index a63bfa1d..c1e4acaf 100644
--- a/Yi.Vue2.x/src/components/ccTreeview.vue
+++ b/Yi.Vue2.x/src/components/ccTreeview.vue
@@ -53,8 +53,7 @@
       item-text="menuName"
     >
       <template v-slot:append="{ item }">
-        <v-btn class="mr-2">编号:{{ item.id }}</v-btn>
-        <v-btn class="mr-2">权限:{{ item.permissionCode }}</v-btn>
+        <v-btn v-show="item.menuType==1" class="mr-2">权限:{{ item.permissionCode }}</v-btn>
         <!-- <v-btn class="mr-2">图标:{{ item.icon }}</v-btn> -->
         <!-- <v-btn class="mr-2">路由:{{ item.router }}</v-btn> -->
         <!-- <v-btn v-if="item.mould" class="mr-2">接口名:{{ item.mould.mould_name }}</v-btn>
diff --git a/Yi.Vue2.x/src/util/objctHandle.js b/Yi.Vue2.x/src/util/objctHandle.js
index 2bc88eda..af77400e 100644
--- a/Yi.Vue2.x/src/util/objctHandle.js
+++ b/Yi.Vue2.x/src/util/objctHandle.js
@@ -8,6 +8,11 @@ export function deepCopy(obj) {
 
 //转换数据,0是相等，1是模糊查询
 export function objctToDic(object, isByPage) {
+    if (object == undefined) {
+
+        object = {};
+    }
+
     if (isByPage) {
         var paramPage = {
             "index": object.pageIndex,
@@ -19,8 +24,8 @@ export function objctToDic(object, isByPage) {
         var newData = deepCopy(object);
         delete newData.pageIndex;
         delete newData.pageSize;
-    
-       var newList = [Object.keys(newData).map(val => {
+
+        var newList = [Object.keys(newData).map(val => {
             return {
                 key: val,
                 value: object[val],
@@ -30,11 +35,9 @@ export function objctToDic(object, isByPage) {
 
         //过滤封装
         newList[0].forEach((item, index) => {
-            if(item.value.length>0)
-            {
-                if(item.key=='isDeleted')
-                {
-                    item.type=0;
+            if (item.value.length > 0) {
+                if (item.key == 'isDeleted') {
+                    item.type = 0;
                 }
                 paramPage.parameters.push(item);
             }
@@ -55,11 +58,9 @@ export function objctToDic(object, isByPage) {
             }
         })]
         thisList[0].forEach((item, index) => {
-            if(item.value.length>0)
-            {
-                if(item.key=='isDeleted')
-                {
-                    item.type=0;
+            if (item.value.length > 0) {
+                if (item.key == 'isDeleted') {
+                    item.type = 0;
                 }
                 params.parameters.push(item);
             }