diff --git a/api/controller/user.go b/api/controller/user.go
index 3610a92..1e51b76 100644
--- a/api/controller/user.go
+++ b/api/controller/user.go
@@ -187,19 +187,6 @@ func (r *User) PutUser(c *gin.Context) {
 		return
 	}
 
-	// 获取角色身份
-	roleService := service.RoleService{}
-	isAdmin, err := roleService.GetRoleIden(c)
-	if err != nil {
-		responses.FailWithMessage(err.Error(), c)
-		return
-	}
-
-	if !isAdmin {
-		responses.FailWithMessage("非管理员，无法操作", c)
-		return
-	}
-
 	// 业务处理
 	userService := service.UserService{}
 	_, err = userService.PutUser(c, userId, UserRequest.PutUser)
diff --git a/api/service/user.go b/api/service/user.go
index 9de9dd3..1ae295e 100644
--- a/api/service/user.go
+++ b/api/service/user.go
@@ -221,6 +221,14 @@ func (r *UserService) PutUser(c *gin.Context, requestUserId int64, putUserReques
 	}
 
 	adminRoleDao := dao.AdminRoleDao{}
+	adminRole, err := adminRoleDao.GetAdminRoleFirstById(loginRoleId)
+	if err != nil || adminRole == nil {
+		return false, errors.New("非法操作")
+	}
+
+	if adminRole.IsAdmin == 0 && loginUserId != requestUserId {
+		return false, errors.New("普通用户只可修改自己的用户数据")
+	}
 
 	if putUserRequest.Access != adminUser.Access {
 		// 检测账号名