diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/LoginInterceptor.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/LoginInterceptor.java
index af7a2f7..3b79c41 100644
--- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/LoginInterceptor.java
+++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/LoginInterceptor.java
@@ -2,6 +2,7 @@ package com.electromagnetic.industry.software.manage.config;
 
 import cn.hutool.core.date.SystemClock;
 import com.electromagnetic.industry.software.common.cons.UserConstants;
+import com.electromagnetic.industry.software.common.enums.AdminTypeEnum;
 import com.electromagnetic.industry.software.common.pojo.UserLoginInfo;
 import com.electromagnetic.industry.software.common.util.TokenUtil;
 import com.electromagnetic.industry.software.common.util.UserThreadLocal;
@@ -36,12 +37,12 @@ public class LoginInterceptor implements HandlerInterceptor {
     }
 
     private boolean checkSysAdminOperation(HttpServletRequest request, HttpServletResponse response) {
-//        String requestURI = request.getRequestURI();
-//        if (requestURI.startsWith("/data/ed/prj") && !UserThreadLocal.getAdminType().equals(AdminTypeEnum.SYSTEM.getValue())) {
-//            log.warn("{}没有层级操作权限，当前用户类型是{}", UserThreadLocal.getUsername(), UserThreadLocal.getAdminType());
-//            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
-//            return false;
-//        }
+        String requestURI = request.getRequestURI();
+        if (requestURI.startsWith("/data/ed/prj") && !UserThreadLocal.getAdminType().equals(AdminTypeEnum.SYSTEM.getValue())) {
+            log.warn("{}没有层级操作权限，当前用户类型是{}", UserThreadLocal.getUsername(), UserThreadLocal.getAdminType());
+            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+            return false;
+        }
         return true;
     }
 
diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java
index 817d1ce..1969b9c 100644
--- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java
+++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/PermissionService.java
@@ -42,5 +42,5 @@ public interface PermissionService {
      * 检查文件id列表是否可具有导出权限
      * @param ids
      */
-    String[] filterExportIds(String[] ids);
+    Map<String, Boolean> filterExportIds(String[] ids);
 }
diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java
index af6a741..a22049a 100644
--- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java
+++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/EdFileInfoServiceImpl.java
@@ -610,6 +610,10 @@ public class EdFileInfoServiceImpl extends ServiceImpl<EdFileInfoMapper, EdFileI
     public ResponseEntity<InputStreamResource> batchExport(String dataIdArr, HttpServletResponse response) throws IOException {
         String userDownloadDataDir = downloadDataDir + File.separator + UserThreadLocal.getUserId();
         String[] ids = dataIdArr.split(",");
+        Map<String, Boolean> map = permissionService.filterExportIds(ids);
+        if (map.containsValue(Boolean.FALSE)) {
+            throw new BizException(-1, "有未授权的层级接口，禁止导出");
+        }
         Map<String, EdFileInfo> maps = new HashMap<>();
         for (String id : ids) {
             Map<String, EdFileInfo> edFileInfos = this.baseMapper.selectList(Wrappers.lambdaQuery(EdFileInfo.class)
diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java
index 339b3a7..a9b2b86 100644
--- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java
+++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/PermissionServiceImpl.java
@@ -123,23 +123,22 @@ public class PermissionServiceImpl implements PermissionService {
      * @param ids
      */
     @Override
-    public String[] filterExportIds(String[] ids){
+    public Map<String, Boolean> filterExportIds(String[] ids) {
+        Map<String, Boolean> map = new HashMap<>();
         if (ids.length==0) {
-            return ids;
+            return map;
         }
+
         String userId=UserThreadLocal.getUserId();
         List<String> roleIds = getRoles(userId);
-        List<String> result = new ArrayList<>();
         for (String id : ids) {
             LambdaQueryWrapper<RolePermission> queryWrapper = new LambdaQueryWrapper<>();
             queryWrapper.eq(RolePermission::getFileId, id)
                     .eq(RolePermission::getPermissionCode, FilePermission.EXPORT.getCode())
                     .in(RolePermission::getRoleId, roleIds);
-            List<RolePermission> list = rolePermissionMapper.selectList(queryWrapper);
-            if (!list.isEmpty()) {
-                result.add(id);
-            }
+            long count = rolePermissionMapper.selectCount(queryWrapper);
+            map.put(id, count > 0);
         }
-        return result.toArray(new String[0]);
+        return map;
     }
 }