diff --git a/src/main/java/com/cultural/heritage/controller/book/PhotoProductsController.java b/src/main/java/com/cultural/heritage/controller/book/PhotoProductsController.java
index 7c7568b..15e9895 100644
--- a/src/main/java/com/cultural/heritage/controller/book/PhotoProductsController.java
+++ b/src/main/java/com/cultural/heritage/controller/book/PhotoProductsController.java
@@ -306,12 +306,12 @@ public class PhotoProductsController {
 
 
     /**
-     * 小程序端用户根据id查询写真产品主要信息
+     * web端用户根据id查询写真产品主要信息
      * @param commonRequest 写真产品id
      * @return  写真产品
      */
     @PostMapping("/list/main/id")
-    @Operation(summary = "小程序端用户根据id查询写真产品主要信息", description = "参数：写真产品id，权限：所有人，方法名：getPhotoProductsMainInfoById")
+    @Operation(summary = "web端用户根据id查询写真产品主要信息", description = "参数：写真产品id，权限：所有人，方法名：getPhotoProductsMainInfoById")
     @AuthCheck(mustRole = UserConstant.ADMIN_ROLE)
     public BaseResponse<PhotoProductsMainInfoVO> getPhotoProductsMainInfoById(@RequestBody CommonRequest commonRequest) {
         if (commonRequest == null || commonRequest.getId() <= 0) {
diff --git a/src/main/java/com/cultural/heritage/controller/user/UserController.java b/src/main/java/com/cultural/heritage/controller/user/UserController.java
index 7dced8b..ce98bca 100644
--- a/src/main/java/com/cultural/heritage/controller/user/UserController.java
+++ b/src/main/java/com/cultural/heritage/controller/user/UserController.java
@@ -16,6 +16,7 @@ import com.cultural.heritage.exception.ThrowUtils;
 import com.cultural.heritage.model.dto.CommonRequest;
 import com.cultural.heritage.model.dto.user.*;
 import com.cultural.heritage.model.entity.User;
+import com.cultural.heritage.model.enums.UserRoleEnum;
 import com.cultural.heritage.model.vo.user.UserMainInfoVO;
 import com.cultural.heritage.model.vo.user.UserVO;
 import com.cultural.heritage.service.user.UserService;
@@ -277,6 +278,13 @@ public class UserController {
             String newPassword = DigestUtils.md5DigestAsHex((SALT + userPassword).getBytes());
             user.setUserPassword(newPassword);
         }
+        // 用户权限
+        UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValues(sourceUser.getUserRole());
+        // 修改的用户权限
+        UserRoleEnum updateUserRoleEnum = UserRoleEnum.getEnumByValues(user.getUserRole());
+        if (!UserRoleEnum.BOSS.equals(userRoleEnum) && UserRoleEnum.BOSS.equals(updateUserRoleEnum)) {
+            throw new BusinessException(ErrorCode.PARAMS_ERROR, "无法修改为boss权限");
+        }
         userService.validUser(user, true);
         boolean result = userService.updateById(user);
         ThrowUtils.throwIf(!result, ErrorCode.OPERATION_ERROR);
diff --git a/src/main/java/com/cultural/heritage/service/user/impl/UserServiceImpl.java b/src/main/java/com/cultural/heritage/service/user/impl/UserServiceImpl.java
index 1197547..b80aa73 100644
--- a/src/main/java/com/cultural/heritage/service/user/impl/UserServiceImpl.java
+++ b/src/main/java/com/cultural/heritage/service/user/impl/UserServiceImpl.java
@@ -91,10 +91,6 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
         if (StringUtils.isAnyBlank(userName, userAvatar, userRole, userPassword)) {
             throw new BusinessException(ErrorCode.PARAMS_ERROR, "存在参数为空");
         }
-        UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValues(userRole);
-        if (UserRoleEnum.BOSS.equals(userRoleEnum)) {
-            throw new BusinessException(ErrorCode.NO_AUTH_ERROR, "无法创建boss用户");
-        }
     }