diff --git a/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java b/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java
index 1b7522d..ecf6281 100644
--- a/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java
+++ b/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java
@@ -57,6 +57,11 @@ public class SysDic extends BaseEntity {
      */
     private String level;
 
+    /**
+     * o/null: 默认,需要鉴权, 1: 跳过鉴权
+     */
+    private Integer skipPermission;
+
     /**
      * 状态
      */
@@ -159,6 +164,14 @@ public class SysDic extends BaseEntity {
         return creator;
     }
 
+    public Integer getSkipPermission() {
+        return skipPermission;
+    }
+
+    public void setSkipPermission(Integer skipPermission) {
+        this.skipPermission = skipPermission;
+    }
+
     @Override
     public String toString() {
         return new ToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE)
diff --git a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java
index cd7d078..ff3c219 100644
--- a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java
+++ b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java
@@ -1,7 +1,12 @@
 package com.bonus.sgzb.common.security.aspect;
 
 import java.lang.reflect.Method;
+import java.util.Objects;
 
+import cn.hutool.json.JSONArray;
+import cn.hutool.json.JSONObject;
+import cn.hutool.json.JSONUtil;
+import com.alibaba.fastjson2.JSON;
 import com.bonus.sgzb.common.security.auth.AuthUtil;
 import com.bonus.sgzb.common.security.annotation.RequiresRoles;
 import org.aspectj.lang.ProceedingJoinPoint;
@@ -54,9 +59,25 @@ public class PreAuthorizeAspect
     @Around("pointcut()")
     public Object around(ProceedingJoinPoint joinPoint) throws Throwable
     {
+        //获取请求参数
+        boolean needPermission = true;
+        Object[] args = joinPoint.getArgs();
+        String argStr = JSON.toJSONString(args);
+        JSONArray jsonArray = JSONUtil.parseArray(argStr);
+        for (int i = 0; i < jsonArray.size(); i++) {
+            Object obj = jsonArray.getObj(i);
+            if (Objects.nonNull(obj) && obj instanceof JSONObject) {
+                JSONObject jsonObject = (JSONObject) obj;
+                if ("1".equals(jsonObject.getStr("skipPermission"))) {
+                    needPermission = false;
+                }
+            }
+        }
+
         // 注解鉴权
         MethodSignature signature = (MethodSignature) joinPoint.getSignature();
-        checkMethodAnnotation(signature.getMethod());
+        checkMethodAnnotation(signature.getMethod(), needPermission);
+
         try
         {
             // 执行原有逻辑
@@ -72,7 +93,7 @@ public class PreAuthorizeAspect
     /**
      * 对一个Method对象进行注解检查
      */
-    public void checkMethodAnnotation(Method method)
+    public void checkMethodAnnotation(Method method, boolean needPermission)
     {
         // 校验 @RequiresLogin 注解
         RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class);
@@ -89,10 +110,11 @@ public class PreAuthorizeAspect
         }
 
         // 校验 @RequiresPermissions 注解
-        RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
-        if (requiresPermissions != null)
-        {
-            AuthUtil.checkPermi(requiresPermissions);
+        if (needPermission) {
+            RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
+            if (requiresPermissions != null) {
+                AuthUtil.checkPermi(requiresPermissions);
+            }
         }
     }
 }
diff --git a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/BmStorageLogController.java b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/BmStorageLogController.java
index 97af313..ab567b2 100644
--- a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/BmStorageLogController.java
+++ b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/BmStorageLogController.java
@@ -5,6 +5,7 @@ import com.bonus.sgzb.common.core.web.domain.AjaxResult;
 import com.bonus.sgzb.common.core.web.page.TableDataInfo;
 import com.bonus.sgzb.common.security.annotation.InnerAuth;
 import com.bonus.sgzb.base.api.domain.BmStorageLog;
+import com.bonus.sgzb.common.security.annotation.RequiresPermissions;
 import com.bonus.sgzb.system.service.impl.BmStorageLogService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
@@ -26,6 +27,7 @@ public class BmStorageLogController extends BaseController {
     @Autowired
     private BmStorageLogService bmStorageLogService;
 
+    @RequiresPermissions("stock:log:list")
     @GetMapping("/list")
     public TableDataInfo list(BmStorageLog record) {
         startPage();