diff --git a/src/main/java/com/youlai/system/controller/SysDictController.java b/src/main/java/com/youlai/system/controller/SysDictController.java
index ac7e8d14..94bd7a3b 100644
--- a/src/main/java/com/youlai/system/controller/SysDictController.java
+++ b/src/main/java/com/youlai/system/controller/SysDictController.java
@@ -3,6 +3,7 @@ package com.youlai.system.controller;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.youlai.system.common.result.PageResult;
 import com.youlai.system.common.result.Result;
+import com.youlai.system.framework.resubmit.Resubmit;
 import com.youlai.system.pojo.form.DictForm;
 import com.youlai.system.pojo.form.DictTypeForm;
 import com.youlai.system.pojo.query.DictPageQuery;
@@ -18,6 +19,7 @@ import io.swagger.v3.oas.annotations.tags.Tag;
 import io.swagger.v3.oas.annotations.Operation;
 import lombok.RequiredArgsConstructor;
 import org.springdoc.core.annotations.ParameterObject;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
@@ -52,6 +54,8 @@ public class SysDictController {
 
     @Operation(summary = "新增字典", security = {@SecurityRequirement(name = "Authorization")})
     @PostMapping
+    @PreAuthorize("@ss.hasPerm('sys:dict:add')")
+    @Resubmit
     public Result saveDict(
             @RequestBody DictForm DictForm
     ) {
@@ -61,6 +65,7 @@ public class SysDictController {
 
     @Operation(summary = "修改字典", security = {@SecurityRequirement(name = "Authorization")})
     @PutMapping("/{id}")
+    @PreAuthorize("@ss.hasPerm('sys:dict:edit')")
     public Result updateDict(
             @PathVariable Long id,
             @RequestBody DictForm DictForm
@@ -71,6 +76,7 @@ public class SysDictController {
 
     @Operation(summary = "删除字典", security = {@SecurityRequirement(name = "Authorization")})
     @DeleteMapping("/{ids}")
+    @PreAuthorize("@ss.hasPerm('sys:dict:delete')")
     public Result deleteDict(
             @Parameter(description ="字典ID，多个以英文逗号(,)拼接") @PathVariable String ids
     ) {
@@ -110,6 +116,8 @@ public class SysDictController {
 
     @Operation(summary = "新增字典类型", security = {@SecurityRequirement(name = "Authorization")})
     @PostMapping("/types")
+    @PreAuthorize("@ss.hasPerm('sys:dict_type:add')")
+    @Resubmit
     public Result saveDictType(@RequestBody DictTypeForm dictTypeForm) {
         boolean result = dictTypeService.saveDictType(dictTypeForm);
         return Result.judge(result);
@@ -117,6 +125,7 @@ public class SysDictController {
 
     @Operation(summary = "修改字典类型", security = {@SecurityRequirement(name = "Authorization")})
     @PutMapping("/types/{id}")
+    @PreAuthorize("@ss.hasPerm('sys:dict_type:edit')")
     public Result updateDictType(@PathVariable Long id, @RequestBody DictTypeForm dictTypeForm) {
         boolean status = dictTypeService.updateDictType(id, dictTypeForm);
         return Result.judge(status);
@@ -124,6 +133,7 @@ public class SysDictController {
 
     @Operation(summary = "删除字典类型", security = {@SecurityRequirement(name = "Authorization")})
     @DeleteMapping("/types/{ids}")
+    @PreAuthorize("@ss.hasPerm('sys:dict_type:delete')")
     public Result deleteDictTypes(
             @Parameter(description ="字典类型ID，多个以英文逗号(,)分割") @PathVariable String ids
     ) {