diff --git a/backend/src/main/java/io/dataease/plugins/server/ColumnPermissionsController.java b/backend/src/main/java/io/dataease/plugins/server/ColumnPermissionsController.java
index f77c74049d..714e6b8d36 100644
--- a/backend/src/main/java/io/dataease/plugins/server/ColumnPermissionsController.java
+++ b/backend/src/main/java/io/dataease/plugins/server/ColumnPermissionsController.java
@@ -31,7 +31,6 @@ import java.util.List;
 @RequestMapping("plugin/dataset/columnPermissions")
 public class ColumnPermissionsController {
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, value = "datasetId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("保存")
     @PostMapping("save")
@@ -57,7 +56,6 @@ public class ColumnPermissionsController {
         return columnPermissionService.save(datasetColumnPermissions);
     }
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, value = "datasetId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("查询")
     @PostMapping("/list")
@@ -66,8 +64,7 @@ public class ColumnPermissionsController {
        return columnPermissionService.searchPermissions(request);
     }
 
-    //TODO
-    @RequiresPermissions("data:read")
+    @DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("删除")
     @PostMapping("/delete/{id}")
     public void delete(@PathVariable String id) {
@@ -75,7 +72,6 @@ public class ColumnPermissionsController {
         columnPermissionService.delete(id);
     }
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("分页查询")
     @PostMapping("/pageList/{datasetId}/{goPage}/{pageSize}")
@@ -92,7 +88,6 @@ public class ColumnPermissionsController {
         return PageUtils.setPageInfo(page, columnPermissionService.queryPermissions(request));
     }
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, value = "datasetId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("有权限的对象")
     @PostMapping("/authObjs")
@@ -101,7 +96,6 @@ public class ColumnPermissionsController {
         return (List<Object>) columnPermissionService.authObjs(request);
     }
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, value = "datasetId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("详情")
     @PostMapping("/permissionInfo")
diff --git a/backend/src/main/java/io/dataease/plugins/server/RowPermissionsController.java b/backend/src/main/java/io/dataease/plugins/server/RowPermissionsController.java
index 1bf7543080..25b3276e0f 100644
--- a/backend/src/main/java/io/dataease/plugins/server/RowPermissionsController.java
+++ b/backend/src/main/java/io/dataease/plugins/server/RowPermissionsController.java
@@ -28,7 +28,6 @@ import java.util.List;
 @RequestMapping("plugin/dataset/rowPermissions")
 public class RowPermissionsController {
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, value = "datasetId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("保存")
     @PostMapping("save")
@@ -55,7 +54,6 @@ public class RowPermissionsController {
         rowPermissionService.save(datasetRowPermissions);
     }
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, value = "datasetId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("查询")
     @PostMapping("/list")
@@ -64,8 +62,7 @@ public class RowPermissionsController {
        return rowPermissionService.searchRowPermissions(request);
     }
 
-    //TODO
-    @RequiresPermissions("data:read")
+    @DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("删除")
     @PostMapping("/delete/{id}")
     public void dataSetRowPermissionInfo(@PathVariable String id) {
@@ -73,7 +70,6 @@ public class RowPermissionsController {
         rowPermissionService.delete(id);
     }
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, value = "datasetId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("分页查询")
     @PostMapping("/pageList/{datasetId}/{goPage}/{pageSize}")
@@ -90,7 +86,6 @@ public class RowPermissionsController {
         return PageUtils.setPageInfo(page, rowPermissionService.queryRowPermissions(request));
     }
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, value = "datasetId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("有权限的对象")
     @PostMapping("/authObjs")
@@ -99,7 +94,6 @@ public class RowPermissionsController {
         return (List<Object>) rowPermissionService.authObjs(request);
     }
 
-    @RequiresPermissions("data:read")
     @DePermission(type = DePermissionType.DATASET, value = "datasetId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE)
     @ApiOperation("详情")
     @PostMapping("/dataSetRowPermissionInfo")