diff --git a/backend/src/main/resources/db/migration/V38__1.13.sql b/backend/src/main/resources/db/migration/V38__1.13.sql
index 7ad0eab53f..278d59da6a 100644
--- a/backend/src/main/resources/db/migration/V38__1.13.sql
+++ b/backend/src/main/resources/db/migration/V38__1.13.sql
@@ -78,3 +78,19 @@ ADD COLUMN `update_time` bigint(13) NULL COMMENT '更新时间' AFTER `update_by
 
 ALTER TABLE `sys_task_email`
 ADD COLUMN `view_ids` varchar(255) NULL COMMENT '视图ID集合' AFTER `task_id`;
+
+UPDATE `sys_menu`
+SET
+    `permission` = 'user:add,user:del,user:edit'
+WHERE
+        `menu_id` = 35;
+UPDATE `sys_menu`
+SET
+    `permission` = 'datasource:read'
+WHERE
+        `menu_id` = 39;
+UPDATE `sys_menu`
+SET
+    `permission` = 'user:editPwd'
+WHERE
+        `menu_id` = 51;
diff --git a/frontend/src/permission.js b/frontend/src/permission.js
index a2898d8ab1..031ce14570 100644
--- a/frontend/src/permission.js
+++ b/frontend/src/permission.js
@@ -189,10 +189,20 @@ const filterRouter = routers => {
   })
 }
 const hasPermission = (router, user_permissions) => {
-  // 菜单要求权限 但是当前用户权限没有包含菜单权限
-  if (router.permission && !user_permissions.includes(router.permission)) {
+  // 判断是否有符合权限 eg. user:read,user:delete
+  if (router.permission && router.permission.indexOf(',') > -1) {
+    const permissions = router.permission.split(',')
+    const permissionsFilter = permissions.filter(permission => {
+      return user_permissions.includes(permission)
+    })
+    if (!permissionsFilter || permissionsFilter.length === 0) {
+      return false
+    }
+  } else if (router.permission && !user_permissions.includes(router.permission)) {
+    // 菜单要求权限 但是当前用户权限没有包含菜单权限
     return false
   }
+
   if (!filterLic(router)) {
     return false
   }