diff --git a/application/admin/controller/Auth.php b/application/admin/controller/Auth.php
new file mode 100644
index 0000000..9701a0a
--- /dev/null
+++ b/application/admin/controller/Auth.php
@@ -0,0 +1,112 @@
+<?php
+/**
+ *
+ * @since   2018-02-06
+ * @author  zhaoxiang <zhaoxiang051405@gmail.com>
+ */
+
+namespace app\admin\controller;
+
+
+use app\model\ApiAuthGroup;
+use app\model\ApiUser;
+use app\util\ReturnCode;
+
+class Auth extends Base {
+
+    /**
+     * 获取权限组列表
+     * @return array
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
+     * @author zhaoxiang <zhaoxiang051405@gmail.com>
+     */
+    public function index() {
+
+        $limit = $this->request->get('size', config('apiAdmin.ADMIN_LIST_DEFAULT'));
+        $start = $limit * ($this->request->get('page', 1) - 1);
+
+        $where = [];
+
+        $listModel = (new ApiAuthGroup())->where($where);
+        $listInfo = $listModel->limit($start, $limit)->select();
+        $count = $listModel->count();
+        $listInfo = $this->buildArrFromObj($listInfo);
+
+        return $this->buildSuccess([
+            'list'  => $listInfo,
+            'count' => $count
+        ]);
+    }
+
+    /**
+     * 新增用户 等待组权限
+     * @return array
+     * @author zhaoxiang <zhaoxiang051405@gmail.com>
+     */
+    public function add() {
+        $postData = $this->request->post();
+        $res = ApiMenu::create($postData);
+        if ($res === false) {
+            return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '操作失败');
+        } else {
+            return $this->buildSuccess([]);
+        }
+    }
+
+    /**
+     * 用户状态编辑
+     * @return array
+     * @author zhaoxiang <zhaoxiang051405@gmail.com>
+     */
+    public function changeStatus() {
+        $id = $this->request->get('id');
+        $status = $this->request->get('status');
+        $res = ApiUser::update([
+            'id'     => $id,
+            'status' => $status
+        ]);
+        if ($res === false) {
+            return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '操作失败');
+        } else {
+            return $this->buildSuccess([]);
+        }
+    }
+
+    /**
+     * 编辑用户
+     * @return array
+     * @author zhaoxiang <zhaoxiang051405@gmail.com>
+     */
+    public function edit() {
+        $postData = $this->request->post();
+        $res = ApiMenu::update($postData);
+        if ($res === false) {
+            return $this->buildFailed(ReturnCode::DB_SAVE_ERROR, '操作失败');
+        } else {
+            return $this->buildSuccess([]);
+        }
+    }
+
+    /**
+     * 删除用户
+     * @return array
+     * @author zhaoxiang <zhaoxiang051405@gmail.com>
+     */
+    public function del() {
+        $id = $this->request->get('id');
+        if (!$id) {
+            return $this->buildFailed(ReturnCode::EMPTY_PARAMS, '缺少必要参数');
+        }
+        $childNum = ApiMenu::where(['fid' => $id])->count();
+        if ($childNum) {
+            return $this->buildFailed(ReturnCode::INVALID, '当前菜单存在子菜单,不可以被删除!');
+        } else {
+            ApiMenu::destroy($id);
+
+            return $this->buildSuccess([]);
+        }
+    }
+
+}
diff --git a/application/admin/controller/User.php b/application/admin/controller/User.php
index 7837d87..4f4b85a 100644
--- a/application/admin/controller/User.php
+++ b/application/admin/controller/User.php
@@ -52,7 +52,7 @@ class User extends Base {
         $listInfo = $this->buildArrFromObj($listInfo);
         $idArr = array_column($listInfo, 'id');
 
-        $userData = ApiUserData::all(function($query) use($idArr) {
+        $userData = ApiUserData::all(function($query) use ($idArr) {
             $query->whereIn('uid', $idArr);
         });
         $userData = $this->buildArrFromObj($userData);
@@ -97,7 +97,7 @@ class User extends Base {
         $id = $this->request->get('id');
         $status = $this->request->get('status');
         $res = ApiUser::update([
-            'id'   => $id,
+            'id'     => $id,
             'status' => $status
         ]);
         if ($res === false) {
diff --git a/application/adminRoute.php b/application/adminRoute.php
index f9c4ec8..dd5a720 100644
--- a/application/adminRoute.php
+++ b/application/adminRoute.php
@@ -19,15 +19,15 @@ return [
             'admin/Menu/changeStatus',
             ['method' => 'get', 'after_behavior' => $afterBehavior]
         ],
-        'Menu/add' => [
+        'Menu/add'          => [
             'admin/Menu/add',
             ['method' => 'post', 'after_behavior' => $afterBehavior]
         ],
-        'Menu/edit' => [
+        'Menu/edit'         => [
             'admin/Menu/edit',
             ['method' => 'post', 'after_behavior' => $afterBehavior]
         ],
-        'Menu/del' => [
+        'Menu/del'          => [
             'admin/Menu/del',
             ['method' => 'get', 'after_behavior' => $afterBehavior]
         ],
@@ -39,18 +39,38 @@ return [
             'admin/User/changeStatus',
             ['method' => 'get', 'after_behavior' => $afterBehavior]
         ],
-        'User/add' => [
+        'User/add'          => [
             'admin/User/add',
             ['method' => 'post', 'after_behavior' => $afterBehavior]
         ],
-        'User/edit' => [
+        'User/edit'         => [
             'admin/User/edit',
             ['method' => 'post', 'after_behavior' => $afterBehavior]
         ],
-        'User/del' => [
+        'User/del'          => [
             'admin/User/del',
             ['method' => 'get', 'after_behavior' => $afterBehavior]
         ],
+        'Auth/index'        => [
+            'admin/Auth/index',
+            ['method' => 'get', 'after_behavior' => $afterBehavior]
+        ],
+        'Auth/changeStatus' => [
+            'admin/Auth/changeStatus',
+            ['method' => 'get', 'after_behavior' => $afterBehavior]
+        ],
+        'Auth/add'          => [
+            'admin/Auth/add',
+            ['method' => 'post', 'after_behavior' => $afterBehavior]
+        ],
+        'Auth/edit'         => [
+            'admin/Auth/edit',
+            ['method' => 'post', 'after_behavior' => $afterBehavior]
+        ],
+        'Auth/del'          => [
+            'admin/Auth/del',
+            ['method' => 'get', 'after_behavior' => $afterBehavior]
+        ],
         '__miss__'          => ['admin/Miss/index'],
     ],
 ];
diff --git a/application/model/ApiAuthGroup.php b/application/model/ApiAuthGroup.php
new file mode 100644
index 0000000..24b3dbb
--- /dev/null
+++ b/application/model/ApiAuthGroup.php
@@ -0,0 +1,17 @@
+<?php
+/**
+ *
+ * @since   2018-02-08
+ * @author  zhaoxiang <zhaoxiang051405@gmail.com>
+ */
+
+namespace app\model;
+
+
+class ApiAuthGroup extends Base {
+
+    public function rules() {
+        return $this->hasMany('ApiAuthRule', 'groupId', 'id');
+    }
+
+}
diff --git a/application/model/ApiAuthGroupAccess.php b/application/model/ApiAuthGroupAccess.php
new file mode 100644
index 0000000..d248449
--- /dev/null
+++ b/application/model/ApiAuthGroupAccess.php
@@ -0,0 +1,13 @@
+<?php
+/**
+ *
+ * @since   2018-02-08
+ * @author  zhaoxiang <zhaoxiang051405@gmail.com>
+ */
+
+namespace app\model;
+
+
+class ApiAuthGroupAccess extends Base {
+
+}
diff --git a/application/model/ApiAuthRule.php b/application/model/ApiAuthRule.php
new file mode 100644
index 0000000..fd27c1e
--- /dev/null
+++ b/application/model/ApiAuthRule.php
@@ -0,0 +1,13 @@
+<?php
+/**
+ *
+ * @since   2018-02-08
+ * @author  zhaoxiang <zhaoxiang051405@gmail.com>
+ */
+
+namespace app\model;
+
+
+class ApiAuthRule extends Base {
+
+}