diff --git a/business/jxstore/cms/permission.go b/business/jxstore/cms/permission.go
index c2626a82e..623ee70d7 100644
--- a/business/jxstore/cms/permission.go
+++ b/business/jxstore/cms/permission.go
@@ -158,52 +158,52 @@ func UpdateUserRole(ctx *jxcontext.Context, userIDs []string, roleIDs []int) (er
 		for _, v := range userRoles {
 			userRoleMap[v.UserID] = append(userRoleMap[v.UserID], v.RoleID)
 		}
-	}
-	for _, userID := range userIDs {
-		nowRoleIDs := userRoleMap[userID]
-		for _, nowRoleID := range nowRoleIDs {
-			if roleIDMap[nowRoleID] == 0 {
-				deleteUserRoleMap[userID] = append(deleteUserRoleMap[userID], nowRoleID)
-			}
-			nowRoleIDMap[nowRoleID] = 1
-		}
-		for _, roleID := range roleIDMap {
-			if nowRoleIDMap[roleID] == 0 {
-				addUserRoleMap[userID] = append(addUserRoleMap[userID], roleID)
-			}
-		}
-	}
-	dao.Begin(db)
-	defer func() {
-		if r := recover(); r != nil {
-			dao.Rollback(db)
-			panic(r)
-		}
-	}()
-	if len(addUserRoleMap) > 0 {
-		for userID, roleIDs := range addUserRoleMap {
-			for _, roleID := range roleIDs {
-				userRole := &model.UserRole{
-					UserID: userID,
-					RoleID: roleID,
+		for _, userID := range userIDs {
+			nowRoleIDs := userRoleMap[userID]
+			for _, nowRoleID := range nowRoleIDs {
+				if roleIDMap[nowRoleID] == 0 {
+					deleteUserRoleMap[userID] = append(deleteUserRoleMap[userID], nowRoleID)
 				}
-				dao.WrapAddIDCULDEntity(userRole, ctx.GetUserName())
-				err = dao.CreateEntity(db, userRole)
+				nowRoleIDMap[nowRoleID] = 1
 			}
-		}
-	}
-	if len(deleteUserRoleMap) > 0 {
-		for userID, roleIDs := range deleteUserRoleMap {
-			for _, roleID := range roleIDs {
-				userRoles, _ := dao.GetUserRole(db, []string{userID}, []int{roleID})
-				if len(userRoles) > 0 {
-					userRoles[0].DeletedAt = time.Now()
-					userRoles[0].LastOperator = ctx.GetUserName()
-					_, err = dao.UpdateEntity(db, userRoles[0], "DeletedAt", "LastOperator")
+			for _, roleID := range roleIDMap {
+				if nowRoleIDMap[roleID] == 0 {
+					addUserRoleMap[userID] = append(addUserRoleMap[userID], roleID)
 				}
 			}
 		}
+		dao.Begin(db)
+		defer func() {
+			if r := recover(); r != nil {
+				dao.Rollback(db)
+				panic(r)
+			}
+		}()
+		if len(addUserRoleMap) > 0 {
+			for userID, roleIDs := range addUserRoleMap {
+				for _, roleID := range roleIDs {
+					userRole := &model.UserRole{
+						UserID: userID,
+						RoleID: roleID,
+					}
+					dao.WrapAddIDCULDEntity(userRole, ctx.GetUserName())
+					err = dao.CreateEntity(db, userRole)
+				}
+			}
+		}
+		if len(deleteUserRoleMap) > 0 {
+			for userID, roleIDs := range deleteUserRoleMap {
+				for _, roleID := range roleIDs {
+					userRoles, _ := dao.GetUserRole(db, []string{userID}, []int{roleID})
+					if len(userRoles) > 0 {
+						userRoles[0].DeletedAt = time.Now()
+						userRoles[0].LastOperator = ctx.GetUserName()
+						_, err = dao.UpdateEntity(db, userRoles[0], "DeletedAt", "LastOperator")
+					}
+				}
+			}
+		}
+		dao.Commit(db)
 	}
-	dao.Commit(db)
 	return err
 }