diff --git a/src/app/server/network/httpserver.go b/src/app/server/network/httpserver.go
index a1b9730899e3be7e36401ceb81702ff4ea68052b..8c0d3efbe73951169ecb29626f6ab2a7b43476b7 100644
--- a/src/app/server/network/httpserver.go
+++ b/src/app/server/network/httpserver.go
@@ -150,9 +150,9 @@ func registerAPIs(router *gin.Engine) {
 		}
 		{
 			macList := authenApi.Group("/macList")
-			macList.POST("/deletedepartdata", middleware.NeedPermission("dept_change", "button"), controller.DeleteDepartDataHandler)
-			macList.POST("/adddepart", middleware.NeedPermission("dept_change", "button"), controller.AddDepartHandler)
-			macList.POST("/updatedepart", middleware.NeedPermission("dept_change", "button"), controller.UpdateDepartHandler)
+			macList.POST("/deletedepartdata", middleware.NeedPermission("dept_delete", "button"), controller.DeleteDepartDataHandler)
+			macList.POST("/adddepart", middleware.NeedPermission("dept_add", "button"), controller.AddDepartHandler)
+			macList.POST("/updatedepart", middleware.NeedPermission("dept_update", "button"), controller.UpdateDepartHandler)
 		}
 		/*
 			{
@@ -173,11 +173,11 @@ func registerAPIs(router *gin.Engine) {
 	macList := api.Group("/macList") // 机器管理
 	{
 		macList.POST("/script_save", controller.AddScriptHandler)
-		macList.POST("/deletemachine", controller.DeleteMachineHandler)
+		macList.POST("/deletemachine", middleware.NeedPermission("machine_delete", "button"), controller.DeleteMachineHandler)
 		macList.GET("/depart", controller.DepartHandler)
 		macList.GET("/selectmachine", controller.MachineListHandler)
 		macList.GET("/machineinfo", controller.MachineInfoHandler)
-		macList.POST("/modifydepart", controller.ModifyMachineDepartHandler)
+		macList.POST("/modifydepart", middleware.NeedPermission("dept_change", "button"), controller.ModifyMachineDepartHandler)
 		macList.GET("/sourcepool", controller.FreeMachineSource)
 		macList.POST("/gettags", pluginapi.GetTagHandler)
 	}
diff --git a/src/app/server/service/auth/casbin.go b/src/app/server/service/auth/casbin.go
index 3c0d532c768a8a5fcaa19460c0f3112292ca3411..065a19535c79026ead65996af4644b49ac8a5c0b 100644
--- a/src/app/server/service/auth/casbin.go
+++ b/src/app/server/service/auth/casbin.go
@@ -118,6 +118,9 @@ var (
 		"role_delete",
 		"role_modify",
 		"dept_change",
+		"dept_add",
+		"dept_delete",
+		"dept_update",
 		"machine_delete",
 	}