diff --git a/SGGL/WebAPI/Filter/TestPermissionAttribute.cs b/SGGL/WebAPI/Filter/TestPermissionAttribute.cs
index a25b586d..e674fd0f 100644
--- a/SGGL/WebAPI/Filter/TestPermissionAttribute.cs
+++ b/SGGL/WebAPI/Filter/TestPermissionAttribute.cs
@@ -25,7 +25,7 @@ namespace WebAPI.Filter
             {
                 isOk = true;
             }
-
+            bool isWithOut = false;
             if (!isOk && token != null)
             {
                 using (Model.SGGLDB db = new Model.SGGLDB(BLL.Funs.ConnString))
@@ -34,29 +34,34 @@ namespace WebAPI.Filter
                     if (getUser != null)
                     {
                         isOk = true;
+                        isWithOut = true;
                     }
                 }
             }
             // base.OnActionExecuting(actionContext);
             if (isOk)
-            { // 在调用 Action 方法之前执行的代码，可获取请求的接口名称和参数
-                IDictionary<string, object> arguments = actionContext.ActionArguments; // 获取参数
-                foreach (KeyValuePair<string, object> item in arguments)
+            {
+                if (!isWithOut)
                 {
-                    if (item.Key == "projectid" || item.Key == "ProjectId" || item.Key == "projectId" || item.Key == "Projectid")
+                    // 在调用 Action 方法之前执行的代码，可获取请求的接口名称和参数
+                    IDictionary<string, object> arguments = actionContext.ActionArguments; // 获取参数
+                    foreach (KeyValuePair<string, object> item in arguments)
                     {
-                        var ProjectItems = APIProjectService.geProjectsByUserId(token.FirstOrDefault());
-                        List<string> projects = new List<string>();
-                        if (ProjectItems.Count > 0)
-                        {
-                            projects = ProjectItems.Select(x => x.ProjectId).ToList();
-                        }
-                        if (item.Value != null && !projects.Contains(item.Value.ToString()))
+                        if (item.Key == "projectid" || item.Key == "ProjectId" || item.Key == "projectId" || item.Key == "Projectid")
                         {
+                            var ProjectItems = APIProjectService.geProjectsByUserId(token.FirstOrDefault());
+                            List<string> projects = new List<string>();
+                            if (ProjectItems.Count > 0)
+                            {
+                                projects = ProjectItems.Select(x => x.ProjectId).ToList();
+                            }
+                            if (item.Value != null && !projects.Contains(item.Value.ToString()))
+                            {
 
-                            actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.OK,
-                                new { code = "0", message = "您没有该项目权限！" }, actionContext.ControllerContext.Configuration.Formatters.JsonFormatter);
-                            return;
+                                actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.OK,
+                                    new { code = "0", message = "您没有该项目权限！" }, actionContext.ControllerContext.Configuration.Formatters.JsonFormatter);
+                                return;
+                            }
                         }
                     }
                 }
@@ -72,7 +77,7 @@ namespace WebAPI.Filter
         /// <summary>
         /// 
         /// </summary>
-        public static List<string> lists = new List<string> { "User*postLoginOn" };
+        public static List<string> lists = new List<string> { "User*postLoginOn", "HazardRegister*getHazardRegisterCount", "HazardRegister*getHazardRegisterByProjectIdStates" };
 
         /// <summary>
         ///