diff --git a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/office/supplier/controller/admin/SupplierController.java b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/office/supplier/controller/admin/SupplierController.java
index 4e8fd76..589c6c7 100644
--- a/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/office/supplier/controller/admin/SupplierController.java
+++ b/zt-module-qms/zt-module-qms-server/src/main/java/com/zt/plat/module/qms/office/supplier/controller/admin/SupplierController.java
@@ -58,14 +58,14 @@ public class SupplierController extends AbstractFileUploadController implements
 
     @PostMapping("/create")
     @Operation(summary = "创建供应商")
-    @PreAuthorize("@ss.hasPermission('qms:supplier:create')")
+//    @PreAuthorize("@ss.hasPermission('qms:supplier:create')")
     public CommonResult<SupplierRespVO> createSupplier(@Valid @RequestBody SupplierSaveReqVO createReqVO) {
         return success(supplierService.createSupplier(createReqVO));
     }
 
     @PutMapping("/update")
     @Operation(summary = "更新供应商")
-    @PreAuthorize("@ss.hasPermission('qms:supplier:update')")
+//    @PreAuthorize("@ss.hasPermission('qms:supplier:update')")
     public CommonResult<Boolean> updateSupplier(@Valid @RequestBody SupplierSaveReqVO updateReqVO) {
         supplierService.updateSupplier(updateReqVO);
         return success(true);
@@ -74,7 +74,7 @@ public class SupplierController extends AbstractFileUploadController implements
     @DeleteMapping("/delete")
     @Operation(summary = "删除供应商")
     @Parameter(name = "id", description = "编号", required = true)
-    @PreAuthorize("@ss.hasPermission('qms:supplier:delete')")
+//    @PreAuthorize("@ss.hasPermission('qms:supplier:delete')")
     public CommonResult<Boolean> deleteSupplier(@RequestParam("id") Long id) {
         supplierService.deleteSupplier(id);
         return success(true);
@@ -92,7 +92,7 @@ public class SupplierController extends AbstractFileUploadController implements
     @GetMapping("/get")
     @Operation(summary = "获得供应商")
     @Parameter(name = "id", description = "编号", required = true, example = "1024")
-    @PreAuthorize("@ss.hasPermission('qms:supplier:query')")
+//    @PreAuthorize("@ss.hasPermission('qms:supplier:query')")
     public CommonResult<SupplierExtendRespVO> getSupplier(@RequestParam("id") Long id) {
         SupplierExtendRespVO supplier = supplierService.getSupplier(id);
         return success(supplier);
@@ -100,7 +100,7 @@ public class SupplierController extends AbstractFileUploadController implements
 
     @GetMapping("/page")
     @Operation(summary = "获得供应商分页")
-    @PreAuthorize("@ss.hasPermission('qms:supplier:query')")
+//    @PreAuthorize("@ss.hasPermission('qms:supplier:query')")
     public CommonResult<PageResult<SupplierRespVO>> getSupplierPage(@Valid SupplierPageReqVO pageReqVO) {
         PageResult<SupplierDO> pageResult = supplierService.getSupplierPage(pageReqVO);
         return success(BeanUtils.toBean(pageResult, SupplierRespVO.class));