diff --git a/platform-biz-service/src/main/java/com/lyms/platform/permission/service/PermissionsService.java b/platform-biz-service/src/main/java/com/lyms/platform/permission/service/PermissionsService.java
index d32bd05..c4434ad 100644
--- a/platform-biz-service/src/main/java/com/lyms/platform/permission/service/PermissionsService.java
+++ b/platform-biz-service/src/main/java/com/lyms/platform/permission/service/PermissionsService.java
@@ -5,6 +5,17 @@ import com.lyms.platform.permission.model.PermissionsQuery;
 
 import java.util.List;
 
-public interface PermissionsService {public void addPermissions(Permissions obj);public void updatePermissions(Permissions obj);public void deletePermissions(Integer id);public Permissions getPermissions(Integer id);public int queryPermissionsCount(PermissionsQuery query);public List<Permissions> queryPermissions(PermissionsQuery query);
+public interface PermissionsService {
+    public void addPermissions(Permissions obj);
+
+    public void updatePermissions(Permissions obj);
+
+    public void deletePermissions(Integer id);
+
+    public Permissions getPermissions(Integer id);
+
+    public int queryPermissionsCount(PermissionsQuery query);
+
+    public List<Permissions> queryPermissions(PermissionsQuery query);
 
 }
\ No newline at end of file
diff --git a/platform-operate-api/src/main/java/com/lyms/platform/operate/web/controller/PermissionsController.java b/platform-operate-api/src/main/java/com/lyms/platform/operate/web/controller/PermissionsController.java
index 0b80076..171a474 100644
--- a/platform-operate-api/src/main/java/com/lyms/platform/operate/web/controller/PermissionsController.java
+++ b/platform-operate-api/src/main/java/com/lyms/platform/operate/web/controller/PermissionsController.java
@@ -4,6 +4,7 @@ package com.lyms.platform.operate.web.controller;
 import com.lyms.platform.common.annotation.TokenRequired;
 import com.lyms.platform.common.base.BaseController;
 import com.lyms.platform.common.base.ContextHolder;
+import com.lyms.platform.common.base.LoginContext;
 import com.lyms.platform.common.enums.PermissionTypeEnums;
 import com.lyms.platform.common.enums.YnEnums;
 import com.lyms.platform.common.exception.BusinessException;
@@ -22,6 +23,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.validation.Valid;
 import java.util.*;
@@ -87,4 +89,116 @@ public class PermissionsController extends BaseController {
     public BaseResponse addDataAccessPermission(@Valid AccessPermissionAddRequest accessPermissionAddRequest){
         return accessPermissionFacade.addAccessPermission(accessPermissionAddRequest);
     }
+
+
+
+    /**
+     * 新增权限
+     */
+    @RequestMapping(value = "/permissions", method = RequestMethod.POST)
+    @TokenRequired
+    public void addPermissions(HttpServletResponse response, HttpServletRequest request,
+                               @RequestParam(value = "moduleName") String moduleName,
+                               @RequestParam(value = "functionName") String functionName,
+                               @RequestParam(value = "permissionName") String permissionName,
+                               @RequestParam(value = "action") String action,
+                               @RequestParam(value = "ext", required = false) String ext,
+                               @RequestParam(value = "url", required = false) String url,
+                               @RequestParam("functionCode") String functionCode,
+                               @RequestParam("moduleCode") String moduleCode) {
+        if (StringUtils.isEmpty(moduleName) || StringUtils.isEmpty(functionName) || StringUtils.isEmpty(permissionName) || StringUtils.isEmpty(action)) {
+            ResultUtils.buildParameterErrorResultAndWrite(response);
+            return;
+        }
+
+        //获取登录用户
+        LoginContext loginState = (LoginContext) request.getAttribute("loginContext");
+        Users users = usersService.getUsersByLoginCenterId(loginState.getId());
+
+
+        Permissions permissions = new Permissions();
+
+        permissions.setType(TYPE);
+        permissions.setFunctionCode(functionCode);
+        permissions.setModuleCode(moduleCode);
+        permissions.setModuleName(moduleName);
+        permissions.setFunctionName(functionName);
+        permissions.setPermissionName(permissionName);
+        permissions.setAction(action);
+        permissions.setExt(ext);
+        permissions.setUrl(url);
+        permissions.setPublishId(users.getId());
+        permissions.setPublishName(users.getName());
+        permissions.setYn(YnEnums.YES.getId());
+        permissions.setModified(new Date());
+        permissions.setCreated(new Date());
+        permissionsService.addPermissions(permissions);
+        ResultUtils.buildSuccessResultAndWrite(response);
+    }
+
+    /**
+     * 权限修改
+     */
+    @RequestMapping(value = "/permissions/{id}", method = RequestMethod.PUT)
+    @TokenRequired
+    public void updatePermissions(HttpServletResponse response,
+                                  @RequestParam(value = "moduleName") String moduleName,
+                                  @RequestParam(value = "functionName") String functionName,
+                                  @PathVariable Integer id, String permissionName,
+                                  @RequestParam(value = "action") String action,
+                                  @RequestParam(value = "ext", required = false) String ext,
+                                  @RequestParam(value = "url", required = false) String url,
+                                  @RequestParam("functionCode") String functionCode,
+                                  @RequestParam("moduleCode") String moduleCode) {
+
+        Permissions permissions = permissionsService.getPermissions(id);
+
+        if (permissions == null) {
+            new BusinessException("", "根据id获取信息不存在");
+            return;
+        }
+
+        if (id == null || StringUtils.isEmpty(moduleName) || StringUtils.isEmpty(functionName) || StringUtils.isEmpty(permissionName) || StringUtils.isEmpty(action)) {
+            ResultUtils.buildParameterErrorResultAndWrite(response);
+            return;
+        }
+        permissions.setFunctionCode(functionCode);
+        permissions.setModuleCode(moduleCode);
+        permissions.setId(id);
+        permissions.setModuleName(moduleName);
+        permissions.setFunctionName(functionName);
+        permissions.setPermissionName(permissionName);
+        permissions.setAction(action);
+        permissions.setExt(ext);
+        permissions.setUrl(url);
+        permissions.setModified(new Date());
+        permissionsService.updatePermissions(permissions);
+        ResultUtils.buildSuccessResultAndWrite(response);
+    }
+
+    /**
+     * 删除权限
+     */
+    @RequestMapping(value = "/permissions", method = RequestMethod.DELETE)
+    @TokenRequired
+    public void deletePermissions(HttpServletResponse response, @RequestParam(value = "ids") String ids) {
+        if (StringUtils.isEmpty(ids)) {
+            ResultUtils.buildIdIsNull(response);
+            return;
+        }
+        String[] idArray = ids.split(",");
+        for (String id : idArray) {
+            Permissions permissions = permissionsService.getPermissions(Integer.valueOf(id));
+            if (permissions == null) {
+                ResultUtils.buildIdResultData(response);
+                return;
+            }
+            permissions.setYn(YnEnums.NO.getId());
+            permissions.setModified(new Date());
+            permissionsService.updatePermissions(permissions);
+
+        }
+        ResultUtils.buildSuccessResultAndWrite(response);
+    }
+
 }
\ No newline at end of file