diff --git a/app/admin/controller/Design.php b/app/admin/controller/Design.php
index ce80a6fc6..82416d329 100644
--- a/app/admin/controller/Design.php
+++ b/app/admin/controller/Design.php
@@ -177,6 +177,13 @@ class Design extends Common
      */
     public function Download()
     {
+        // 是否有权限
+        if(!AdminIsPower())
+        {
+            return $this->error('无权限');
+        }
+
+        // 下载数据
         $ret = DesignService::DesignDownload($this->data_request);
         if(isset($ret['code']) && $ret['code'] != 0)
         {
diff --git a/app/admin/controller/User.php b/app/admin/controller/User.php
index 04272812f..442e4c446 100755
--- a/app/admin/controller/User.php
+++ b/app/admin/controller/User.php
@@ -120,6 +120,12 @@ class User extends Common
 	 */
 	public function ExcelExport()
 	{
+		// 是否有权限
+        if(!AdminIsPower())
+        {
+            return $this->error('无权限');
+        }
+
         // 获取数据列表
 		$data_params = [
 			'where'		=> $this->form_where,