diff --git a/backend/dvadmin/system/urls.py b/backend/dvadmin/system/urls.py
index 9d6c89f..06fcd9e 100644
--- a/backend/dvadmin/system/urls.py
+++ b/backend/dvadmin/system/urls.py
@@ -28,12 +28,6 @@ system_url.register(r'api_white_list', ApiWhiteListViewSet)
 system_url.register(r'system_config', SystemConfigViewSet)
 
 urlpatterns = [
-    path('role/roleId_get_menu/<int:pk>/', RoleViewSet.as_view({'get': 'roleId_get_menu'})),
-    path('menu/web_router/', MenuViewSet.as_view({'get': 'web_router'})),
-    path('user/user_info/', UserViewSet.as_view({'get': 'user_info', 'put': 'update_user_info'})),
-    path('user/change_password/<int:pk>/', UserViewSet.as_view({'put': 'change_password'})),
-    path('user/reset_to_default_password/<int:pk>/', UserViewSet.as_view({'put': 'reset_to_default_password'})),
-    path('user/reset_password/<int:pk>/', UserViewSet.as_view({'put': 'reset_password'})),
     path('user/export/', UserViewSet.as_view({'post': 'export_data', })),
     path('user/import/', UserViewSet.as_view({'get': 'import_data', 'post': 'import_data'})),
     path('system_config/save_content/', SystemConfigViewSet.as_view({'put': 'save_content'})),
diff --git a/backend/dvadmin/system/views/menu.py b/backend/dvadmin/system/views/menu.py
index b791b28..c7f7d2f 100644
--- a/backend/dvadmin/system/views/menu.py
+++ b/backend/dvadmin/system/views/menu.py
@@ -157,7 +157,7 @@ class MenuViewSet(CustomModelViewSet):
     filter_fields = ['parent', 'name', 'status', 'is_link', 'visible', 'cache', 'is_catalog']
     extra_filter_backends = []
 
-    @action(methods=['GET'], detail=True, permission_classes=[])
+    @action(methods=['GET'], detail=False, permission_classes=[])
     def web_router(self, request):
         """用于前端获取当前角色的路由"""
         user = request.user
diff --git a/backend/dvadmin/system/views/user.py b/backend/dvadmin/system/views/user.py
index 28e6462..ef9f40b 100644
--- a/backend/dvadmin/system/views/user.py
+++ b/backend/dvadmin/system/views/user.py
@@ -229,7 +229,7 @@ class UserViewSet(CustomModelViewSet):
         "role": "角色ID",
     }
 
-    @action(methods=["GET"], detail=True, permission_classes=[IsAuthenticated])
+    @action(methods=["GET"], detail=False, permission_classes=[IsAuthenticated])
     def user_info(self, request):
         """获取当前用户信息"""
         user = request.user
@@ -242,7 +242,7 @@ class UserViewSet(CustomModelViewSet):
         }
         return DetailResponse(data=result, msg="获取成功")
 
-    @action(methods=["PUT"], detail=True, permission_classes=[IsAuthenticated])
+    @action(methods=["PUT"], detail=False, permission_classes=[IsAuthenticated])
     def update_user_info(self, request):
         """修改当前用户信息"""
         user = request.user
diff --git a/backend/dvadmin/utils/permission.py b/backend/dvadmin/utils/permission.py
index 35e5b4b..2be0691 100644
--- a/backend/dvadmin/utils/permission.py
+++ b/backend/dvadmin/utils/permission.py
@@ -65,14 +65,6 @@ class CustomPermission(BasePermission):
     def has_permission(self, request, view):
         if isinstance(request.user, AnonymousUser):
             return False
-        # 对ViewSet下的def方法进行权限判断
-        # 当权限为空时,则可以访问
-        is_head = getattr(view, 'head', None)
-        if is_head:
-            head_kwargs = getattr(view.head, 'kwargs', {})
-            _permission_classes = head_kwargs.get('permission_classes', None)
-            if _permission_classes == []:
-                return True
         # 判断是否是超级管理员
         if request.user.is_superuser:
             return True
diff --git a/web/src/layout/header-aside/components/header-user/userinfo.vue b/web/src/layout/header-aside/components/header-user/userinfo.vue
index c327ffb..a761f9c 100644
--- a/web/src/layout/header-aside/components/header-user/userinfo.vue
+++ b/web/src/layout/header-aside/components/header-user/userinfo.vue
@@ -218,7 +218,7 @@ export default {
       _self.$refs.userInfoForm.validate((valid) => {
         if (valid) {
           request({
-            url: '/api/system/user/user_info/',
+            url: '/api/system/user/update_user_info/',
             method: 'put',
             data: _self.userInfo
           }).then((res) => {
@@ -266,7 +266,7 @@ export default {
             params.newPassword = _self.$md5(params.newPassword)
             params.newPassword2 = _self.$md5(params.newPassword2)
             request({
-              url: '/api/system/user/change_password/' + userId + '/',
+              url: '/api/system/user/' + userId + '/change_password/',
               method: 'put',
               data: params
             }).then((res) => {
diff --git a/web/src/views/system/rolePermission/api.js b/web/src/views/system/rolePermission/api.js
index 23c9866..2b6eb6b 100644
--- a/web/src/views/system/rolePermission/api.js
+++ b/web/src/views/system/rolePermission/api.js
@@ -47,7 +47,7 @@ export function DelObj (id) {
 // 通过角色id,获取菜单数据
 export function GetMenuData (obj) {
   return request({
-    url: '/api/system/role/roleId_get_menu/' + obj.id + '/',
+    url: '/api/system/role/' + obj.id + '/roleId_get_menu/',
     method: 'get',
     params: {}
   }).then(res => {
diff --git a/web/src/views/system/user/api.js b/web/src/views/system/user/api.js
index 8a705a3..d8f7d18 100644
--- a/web/src/views/system/user/api.js
+++ b/web/src/views/system/user/api.js
@@ -50,7 +50,7 @@ export function DelObj (id) {
  */
 export function ResetPwd (obj) {
   return request({
-    url: urlPrefix + 'reset_password/' + obj.id + '/',
+    url: urlPrefix + obj.id + '/reset_password/',
     method: 'put',
     data: obj
   })