diff --git a/src/main/java/com/example/jieyue/admin/controller/AdminRbacController.java b/src/main/java/com/example/jieyue/admin/controller/AdminRbacController.java
index 46b6ed3..8deff0b 100644
--- a/src/main/java/com/example/jieyue/admin/controller/AdminRbacController.java
+++ b/src/main/java/com/example/jieyue/admin/controller/AdminRbacController.java
@@ -6,9 +6,11 @@ import com.example.jieyue.common.mapper.*;
 import com.example.jieyue.common.utils.IsEmptyUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.servlet.ModelAndView;
 
+import javax.servlet.http.HttpServletRequest;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -38,37 +40,50 @@ public class AdminRbacController {
         List<SysRole> roleList = roleMapper.findAll();
         // 权限列表
         List<SysAccess> accessList = accessMapper.findAll();
+        // 用户角儿关联表
+        List<SysAdminRole> adminRoleList = adminRoleMapper.findAll();
+        // 角色权限关联表
+        List<SysRoleAccess> roleAccessList = roleAccessMapper.findAll();
 
         modelAndView.addObject("adminList",adminList);
         modelAndView.addObject("roleList",roleList);
         modelAndView.addObject("accessList",accessList);
+        modelAndView.addObject("adminRoleList",adminRoleList);
+        modelAndView.addObject("roleAccessList",roleAccessList);
 
         modelAndView.setViewName("admin/rbac/index");
         return modelAndView;
     }
 
-    /*
-     * 编辑管理员的角色页面
-     * todo
-     */
-    @RequestMapping("/admin/rbac/update-admin-role")
-    public ModelAndView updateAdminRole(ModelAndView modelAndView,int adminId){
-        // 获取管理员角色信息
-        SysAdminRole adminRole = adminRoleMapper.findByAdminId(adminId);
-
-        modelAndView.addObject("adminRole",adminRole);
-        modelAndView.setViewName("updateRoleAccess");
+    @RequestMapping("/admin/alert")
+    public ModelAndView adminAlert(ModelAndView modelAndView) {
+        modelAndView.setViewName("admin/rbac/alert");
         return modelAndView;
     }
 
     /*
-     * 执行编辑管理员的角色操作
-     * todo
+     * 编辑管理员的角色页面
      */
-    @RequestMapping("/admin/rbac/update-admin-role-action")
-    public ModelAndView updateAdminRoleAction(ModelAndView modelAndView,int adminId,String roles){
-
-        modelAndView.setViewName("updateRoleAccess");
+    @RequestMapping("/admin/rbac/update-admin-role")
+    public ModelAndView updateAdminRole(ModelAndView modelAndView, HttpServletRequest request, int admin, @RequestParam(defaultValue = "0") int role) {
+        modelAndView.setViewName("redirect:/admin/rbac");
+        if (role == 0) {
+            modelAndView.addObject("msg","未对管理员角色进行修改");
+            return modelAndView;
+        }
+        int sql = 0;// sql执行结果接收变量
+        if (adminRoleMapper.countByAdminId(admin) == 0) {
+            // 此管理员还未设置角色
+            sql = adminRoleMapper.insert(admin, role);
+        } else {
+            // 修改管理员角色
+            sql = adminRoleMapper.updateRoleByAdminId(admin, role);
+        }
+        if (sql == 1) {
+            modelAndView.addObject("msg", "设置管理员角色成功！");
+        } else {
+            modelAndView.addObject("msg", "设置管理员角色失败！");
+        }
         return modelAndView;
     }
 
diff --git a/src/main/java/com/example/jieyue/admin/service/AdminLoginService.java b/src/main/java/com/example/jieyue/admin/service/AdminLoginService.java
index dbaf4a0..239677a 100644
--- a/src/main/java/com/example/jieyue/admin/service/AdminLoginService.java
+++ b/src/main/java/com/example/jieyue/admin/service/AdminLoginService.java
@@ -127,13 +127,13 @@ public class AdminLoginService {
         SysAdmin admin = adminMapper.selectByEmail(email);
         if (admin!=null && admin.getMark()==0){
             int res1 = adminMapper.updateMark(1,email);
-            if (res1==1){
+            if (res1 == 1){
                 // 设置用户角色,设置失败则回滚
-                /*if (adminRoleMapper.updateStatus(1,admin.getId()) != 1){
+                if (adminRoleMapper.updateStatus(1,admin.getId()) != 1){
                     // 执行回滚
                     TransactionAspectSupport.currentTransactionStatus().setRollbackOnly();
                     return 0;
-                }*/
+                }
                 return 1;
             }else{
                 return 0;
diff --git a/src/main/java/com/example/jieyue/common/component/LoginHandlerInterceptor.java b/src/main/java/com/example/jieyue/common/component/LoginHandlerInterceptor.java
index 8385802..b5db551 100644
--- a/src/main/java/com/example/jieyue/common/component/LoginHandlerInterceptor.java
+++ b/src/main/java/com/example/jieyue/common/component/LoginHandlerInterceptor.java
@@ -1,5 +1,6 @@
 package com.example.jieyue.common.component;
 
+import com.example.jieyue.common.entity.*;
 import com.example.jieyue.common.mapper.*;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
@@ -9,6 +10,7 @@ import org.springframework.web.servlet.ModelAndView;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
+import java.util.List;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
@@ -23,16 +25,6 @@ import java.util.regex.Pattern;
  */
 @Component
 public class LoginHandlerInterceptor implements HandlerInterceptor {
-    @Autowired
-    SysAdminMapper adminMapper;
-    @Autowired
-    SysRoleMapper roleMapper;
-    @Autowired
-    SysAccessMapper accessMapper;
-    @Autowired
-    SysAdminRoleMapper adminRoleMapper;
-    @Autowired
-    SysRoleAccessMapper roleAccessMapper;
 
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
@@ -78,14 +70,4 @@ public class LoginHandlerInterceptor implements HandlerInterceptor {
     public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
 
     }
-
-    /**
-     * <p>管理员权限判断</p>
-     * @author Bosen
-     * 2020/12/7 7:09
-     */
-    public boolean checkAdminAccess(int adminId,String url){
-        int roleId = adminRoleMapper.findByAdminId(adminId).getRoleId();
-        return false;
-    }
 }
\ No newline at end of file
diff --git a/src/main/java/com/example/jieyue/common/component/RBACHandlerInterceptor.java b/src/main/java/com/example/jieyue/common/component/RBACHandlerInterceptor.java
new file mode 100644
index 0000000..bcdb47e
--- /dev/null
+++ b/src/main/java/com/example/jieyue/common/component/RBACHandlerInterceptor.java
@@ -0,0 +1,111 @@
+package com.example.jieyue.common.component;
+
+import com.example.jieyue.common.entity.*;
+import com.example.jieyue.common.mapper.*;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.List;
+
+@Component
+public class RBACHandlerInterceptor implements HandlerInterceptor {
+
+    private static SysAdminMapper adminMapper;
+
+    private static SysRoleMapper roleMapper;
+
+    private static SysAccessMapper accessMapper;
+
+    private static SysAdminRoleMapper adminRoleMapper;
+
+    private static SysRoleAccessMapper roleAccessMapper;
+
+    @Autowired
+    public void setAdminMapper(SysAdminMapper adminMapper) {
+        RBACHandlerInterceptor.adminMapper = adminMapper;
+    }
+
+    @Autowired
+    public void setRoleMapper(SysRoleMapper roleMapper) {
+        RBACHandlerInterceptor.roleMapper = roleMapper;
+    }
+
+    @Autowired
+    public void setAccessMapper(SysAccessMapper accessMapper) {
+        RBACHandlerInterceptor.accessMapper = accessMapper;
+    }
+
+    @Autowired
+    public void setAdminRoleMapper(SysAdminRoleMapper adminRoleMapper) {
+        RBACHandlerInterceptor.adminRoleMapper = adminRoleMapper;
+    }
+
+    @Autowired
+    public void setRoleAccessMapper(SysRoleAccessMapper roleAccessMapper) {
+        RBACHandlerInterceptor.roleAccessMapper = roleAccessMapper;
+    }
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        if (!checkRbac(request)) {
+            response.setCharacterEncoding("UTF-8");
+            response.getWriter().write("" +
+                    "<html>" +
+                    "<head>" +
+                    "<meta charset='utf-8'>" +
+                    "<title>权限不足</title>" +
+                    "</head>" +
+                    "<body>" +
+                    "<script>" +
+                    "   alert('你未拥有该权限！');" +
+                    "   window.history.back();" +
+                    "</script>" +
+                    "</body>" +
+                    "</html>");
+            return false;
+        }
+        return true;
+    }
+    /*
+     * 检查权限
+     */
+    public boolean checkRbac(HttpServletRequest request) {
+        try {
+            // 获取当前请求的地址
+            String curUrl = request.getRequestURI();
+
+            // 获取当前管理员的信息
+            SysAdmin admin = (SysAdmin) request.getSession().getAttribute("admin");
+            if (admin.getId() == 1) {
+                // 不限制id为1的管理员
+                return true;
+            }
+
+            // 获取角色信息
+            SysAdminRole adminRole = adminRoleMapper.findByAdminId(admin.getId());
+
+            SysRole role = roleMapper.findById(adminRole.getRoleId());
+            if (role == null || role.getStatus() == 0) {
+                return false;
+            }
+
+            // 获取权限信息
+            List<SysRoleAccess> roleAccessList = roleAccessMapper.findByRoleId(role.getId());
+            for (SysRoleAccess roleAccess : roleAccessList) {
+                SysAccess access = accessMapper.findById(roleAccess.getAccessId());
+                if (access == null) {
+                    continue;
+                }
+                if (access.getUrl().equals(curUrl) && access.getStatus() == 1) {
+                    return true;
+                }
+            }
+        } catch (Exception e) {
+            return false;
+        }
+        return false;
+    }
+}
diff --git a/src/main/java/com/example/jieyue/common/config/AdminWebMvcConfigurer.java b/src/main/java/com/example/jieyue/common/config/AdminWebMvcConfigurer.java
index eae9046..f240d0a 100644
--- a/src/main/java/com/example/jieyue/common/config/AdminWebMvcConfigurer.java
+++ b/src/main/java/com/example/jieyue/common/config/AdminWebMvcConfigurer.java
@@ -1,6 +1,7 @@
 package com.example.jieyue.common.config;
 
 import com.example.jieyue.common.component.LoginHandlerInterceptor;
+import com.example.jieyue.common.component.RBACHandlerInterceptor;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
@@ -30,6 +31,13 @@ public class AdminWebMvcConfigurer implements WebMvcConfigurer {
                         "/css/**","/js/**","/image/**","/fonts/**","/mapping/**","/data/**",
                         "/lib/*/*/**"
                 );
+        registry.addInterceptor(new RBACHandlerInterceptor())
+                .addPathPatterns("/admin/**")
+                .excludePathPatterns(
+                        "/admin/login","/admin/logout","/admin/do-login","/admin/sign-up","/admin/sign-check",
+                        "/css/**","/js/**","/image/**","/fonts/**","/mapping/**","/data/**",
+                        "/lib/*/*/**", "/admin/home", "/admin"
+                );
     }
 
 }
diff --git a/src/main/java/com/example/jieyue/common/mapper/SysAccessMapper.java b/src/main/java/com/example/jieyue/common/mapper/SysAccessMapper.java
index 4d98e39..f0f2d7f 100644
--- a/src/main/java/com/example/jieyue/common/mapper/SysAccessMapper.java
+++ b/src/main/java/com/example/jieyue/common/mapper/SysAccessMapper.java
@@ -9,6 +9,8 @@ import java.util.List;
 public interface SysAccessMapper {
     List<SysAccess> findAll();
 
+    SysAccess findById(int id);
+
     int countByName(String name);
 
     int insert(String name,String url);
diff --git a/src/main/java/com/example/jieyue/common/mapper/SysAdminRoleMapper.java b/src/main/java/com/example/jieyue/common/mapper/SysAdminRoleMapper.java
index 7653773..f696cf3 100644
--- a/src/main/java/com/example/jieyue/common/mapper/SysAdminRoleMapper.java
+++ b/src/main/java/com/example/jieyue/common/mapper/SysAdminRoleMapper.java
@@ -9,6 +9,10 @@ import java.util.List;
 public interface SysAdminRoleMapper {
     List<SysAdminRole> findAll();
 
+    int updateRoleByAdminId(int adminId, int roleId);
+
+    int countByAdminId(int adminId);
+
     SysAdminRole findByAdminId(int adminId);
 
     int insert(int adminId,int roleId);
diff --git a/src/main/resources/static/mapping/SysAccessMapping.xml b/src/main/resources/static/mapping/SysAccessMapping.xml
index 71c9b6f..4a05514 100644
--- a/src/main/resources/static/mapping/SysAccessMapping.xml
+++ b/src/main/resources/static/mapping/SysAccessMapping.xml
@@ -13,6 +13,10 @@
         select * from sys_access;
     </select>
 
+    <select id="findById" resultMap="SysAccessMap">
+        select * from sys_access where id = #{id} and status = 1;
+    </select>
+
     <select id="countByName" resultType="INTEGER">
         select count(*) from sys_access where name = #{name};
     </select>
diff --git a/src/main/resources/static/mapping/SysAdminRoleMapping.xml b/src/main/resources/static/mapping/SysAdminRoleMapping.xml
index d524d0f..e5efbfc 100644
--- a/src/main/resources/static/mapping/SysAdminRoleMapping.xml
+++ b/src/main/resources/static/mapping/SysAdminRoleMapping.xml
@@ -13,6 +13,14 @@
         select * from sys_admin_role;
     </select>
 
+    <select id="countByAdminId" resultType="java.lang.Integer">
+        select count(*) from sys_admin_role where admin_id = #{adminId};
+    </select>
+
+    <update id="updateRoleByAdminId">
+        update sys_admin_role set role_id = #{roleId} where admin_id = #{adminId};
+    </update>
+
     <select id="findByAdminId" resultMap="SysAccessRoleMap">
         select * from sys_admin_role where admin_id = #{adminId};
     </select>
diff --git a/src/main/resources/templates/admin/rbac/alert.html b/src/main/resources/templates/admin/rbac/alert.html
new file mode 100644
index 0000000..61f25ad
--- /dev/null
+++ b/src/main/resources/templates/admin/rbac/alert.html
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>权限不足</title>
+</head>
+<body>
+<script>
+    alert("你未拥有该权限！");
+    history.back(-2);
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/src/main/resources/templates/admin/rbac/index.html b/src/main/resources/templates/admin/rbac/index.html
index 4a9be76..4b3ab32 100644
--- a/src/main/resources/templates/admin/rbac/index.html
+++ b/src/main/resources/templates/admin/rbac/index.html
@@ -101,15 +101,28 @@
             <td th:text="${admin.getName()}"></td>
             <td th:text="${admin.getEmail()}"></td>
             <td>
-                <form style="display: inline;">
+                <form method="post" th:action="@{/admin/rbac/update-admin-role}" style="display: inline;">
                     <label style="display: inline;">
                         <select name="role" style="display: inline;width: 150px">
-                            <option th:each="role : ${roleList}" th:value=" ${role.getId()}">
-                                [[${role.getName()}]]
+                            <option name="role" th:value="0" selected disabled style="background: lightgrey">
+                                未定义角色
+                            </option>
+                            <div th:each="role : ${roleList}">
+                                <div th:each="adminRole : ${adminRoleList}">
+                                    <div th:if="${role.getId() eq adminRole.getRoleId() && adminRole.getAdminId() eq admin.getId()}">
+                                        <option name="role" th:value="0" selected disabled style="background: lightgrey">
+                                            [[${role.getName()}]]
+                                        </option>
+                                    </div>
+                                </div>
+                            </div>
+                            <option th:each="role : ${roleList}" name="role" th:value="${role.getId()}" th:text="${role.getName()}">
+                                <input name="role" th:value="${role.getId()}"/>
+                                <input name="admin" th:value="${admin.getId()}"/>
                             </option>
                         </select>
                         <input name="admin" th:value="${admin.getId()}" hidden="hidden">
-                        <input value="修改" type="submit" style="width: 50px;height: 30px">
+                        <input value="修改" type="submit" style="width: 50px;height: 30px;background: deepskyblue;color: white">
                     </label>
                 </form>
             </td>