diff --git a/ruoyi-admin/src/main/java/com/ruoyi/jjh/ent/controller/JPolicyFileController.java b/ruoyi-admin/src/main/java/com/ruoyi/jjh/ent/controller/JPolicyFileController.java
index 7ac91f3..19ffde2 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/jjh/ent/controller/JPolicyFileController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/jjh/ent/controller/JPolicyFileController.java
@@ -8,6 +8,7 @@ import com.ruoyi.jjh.ent.entity.request.JPolicyFileRequest;
 import com.ruoyi.jjh.ent.service.JPolicyFileService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
@@ -63,6 +64,7 @@ public class JPolicyFileController extends BaseController {
      */
     @ApiOperation(value = "新增数据")
     @PostMapping
+    @PreAuthorize("@ss.hasAnyRoles('admin,other-gov,gov')")
     public AjaxResult insert(@RequestBody JPolicyFile jPolicyFile) {
         return success(jPolicyFileService.save(jPolicyFile));
     }
@@ -73,6 +75,7 @@ public class JPolicyFileController extends BaseController {
      * @param jPolicyFile 实体对象
      * @return 修改结果
      */
+    @PreAuthorize("@ss.hasAnyRoles('admin,other-gov,gov')")
     @ApiOperation(value = "修改数据")
     @PostMapping("/edit")
     public AjaxResult update(@RequestBody JPolicyFile jPolicyFile) {
@@ -85,6 +88,7 @@ public class JPolicyFileController extends BaseController {
      * @param id 主键结合
      * @return 删除结果
      */
+    @PreAuthorize("@ss.hasAnyRoles('admin,other-gov,gov')")
     @ApiOperation(value = "删除数据")
     @PostMapping("/{id}")
     public AjaxResult delete(@PathVariable Long id) {