diff --git a/Server/application/superadmin/config/route.php b/Server/application/superadmin/config/route.php
index 7748ea26..caafefef 100644
--- a/Server/application/superadmin/config/route.php
+++ b/Server/application/superadmin/config/route.php
@@ -13,6 +13,7 @@ Route::group('', function () {
         Route::post('save', 'app\\superadmin\\controller\\Menu@saveMenu');
         Route::delete('delete/:id', 'app\\superadmin\\controller\\Menu@deleteMenu');
         Route::post('status', 'app\\superadmin\\controller\\Menu@updateStatus');
+        Route::get('toplevel', 'app\\superadmin\\controller\\Menu@getTopLevelMenus');
     });
     
     // 管理员相关路由
@@ -21,6 +22,10 @@ Route::group('', function () {
         Route::get('list', 'app\\superadmin\\controller\\Administrator@getList');
         // 获取管理员详情
         Route::get('detail/:id', 'app\\superadmin\\controller\\Administrator@getDetail');
+        // 更新管理员信息
+        Route::post('update', 'app\\superadmin\\controller\\Administrator@updateAdmin');
+        // 添加管理员
+        Route::post('add', 'app\\superadmin\\controller\\Administrator@addAdmin');
     });
     
     // 系统信息相关路由
diff --git a/Server/application/superadmin/controller/Administrator.php b/Server/application/superadmin/controller/Administrator.php
index cab67ad5..2a35b061 100644
--- a/Server/application/superadmin/controller/Administrator.php
+++ b/Server/application/superadmin/controller/Administrator.php
@@ -1,6 +1,7 @@
 <?php
 namespace app\superadmin\controller;
 
+use app\superadmin\model\AdministratorPermissions;
 use think\Controller;
 use app\superadmin\model\Administrator as AdminModel;
 
@@ -47,9 +48,9 @@ class Administrator extends Controller
                 'name' => $item->name,
                 'role' => $this->getRoleName($item->authId),
                 'status' => $item->status,
-                'createdAt' => $item->createTime,
-                'lastLogin' => !empty($item->lastLoginTime) ? date('Y-m-d H:i', $item->lastLoginTime) : '从未登录',
-                'permissions' => $this->getPermissions($item->authId)
+                'createdAt' => date('Y-m-d H:i:s', $item->createTime),
+                'lastLogin' => !empty($item->lastLoginTime) ? date('Y-m-d H:i:s', $item->lastLoginTime) : '从未登录',
+                'permissions' => $this->getPermissions($item->id)
             ];
         }
         
@@ -134,14 +135,133 @@ class Administrator extends Controller
      */
     private function getPermissions($authId)
     {
-        // 可以从权限表中查询，这里为演示简化处理
-        $permissions = [
-            1 => ['项目管理', '客户池', '管理员权限', '系统设置'],  // 超级管理员
-            2 => ['项目管理', '客户池'],                          // 项目管理员
-            3 => ['客户池'],                                     // 客户管理员
-            4 => []                                              // 普通管理员
+        $ids = AdministratorPermissions::getPermissions($authId);
+
+        if ($ids) {
+            return \app\superadmin\model\Menu::getMenusNameByIds($ids);
+        }
+
+        return [];
+    }
+
+    /**
+     * 更新管理员信息
+     * @return \think\response\Json
+     */
+    public function updateAdmin()
+    {
+        if (!$this->request->isPost()) {
+            return json(['code' => 405, 'msg' => '请求方法不允许']);
+        }
+        
+        // 获取当前登录的管理员信息
+        $currentAdmin = $this->request->adminInfo;
+        
+        // 获取请求参数
+        $id = $this->request->post('id/d');
+        $username = $this->request->post('username/s');
+        $name = $this->request->post('name/s');
+        $password = $this->request->post('password/s');
+        $permissionIds = $this->request->post('permissionIds/a');
+        
+        // 参数验证
+        if (empty($id) || empty($username) || empty($name)) {
+            return json(['code' => 400, 'msg' => '参数不完整']);
+        }
+        
+        // 判断是否有权限修改
+        if ($currentAdmin->id != 1 && $currentAdmin->id != $id) {
+            return json(['code' => 403, 'msg' => '您没有权限修改其他管理员']);
+        }
+        
+        // 查询管理员
+        $admin = AdminModel::where('id', $id)->where('deleteTime', 0)->find();
+        if (!$admin) {
+            return json(['code' => 404, 'msg' => '管理员不存在']);
+        }
+        
+        // 准备更新数据
+        $data = [
+            'account' => $username,
+            'name' => $name,
+            'updateTime' => time()
         ];
         
-        return isset($permissions[$authId]) ? $permissions[$authId] : [];
+        // 如果提供了密码，则更新密码
+        if (!empty($password)) {
+            $data['password'] = md5($password);
+        }
+        
+        // 更新管理员信息
+        $result = $admin->save($data);
+        
+        // 如果当前是超级管理员(ID为1)，并且修改的不是自己，则更新权限
+        if ($currentAdmin->id == 1 && $currentAdmin->id != $id && !empty($permissionIds)) {
+            \app\superadmin\model\AdministratorPermissions::savePermissions($id, $permissionIds);
+        }
+        
+        return json([
+            'code' => 200,
+            'msg' => '更新成功',
+            'data' => null
+        ]);
+    }
+
+    /**
+     * 添加管理员
+     * @return \think\response\Json
+     */
+    public function addAdmin()
+    {
+        if (!$this->request->isPost()) {
+            return json(['code' => 405, 'msg' => '请求方法不允许']);
+        }
+        
+        // 获取当前登录的管理员信息
+        $currentAdmin = $this->request->adminInfo;
+        
+        // 只有超级管理员(ID为1)可以添加管理员
+        if ($currentAdmin->id != 1) {
+            return json(['code' => 403, 'msg' => '您没有权限添加管理员']);
+        }
+        
+        // 获取请求参数
+        $username = $this->request->post('username/s');
+        $name = $this->request->post('name/s');
+        $password = $this->request->post('password/s');
+        $permissionIds = $this->request->post('permissionIds/a');
+        
+        // 参数验证
+        if (empty($username) || empty($name) || empty($password)) {
+            return json(['code' => 400, 'msg' => '参数不完整']);
+        }
+        
+        // 检查账号是否已存在
+        $exists = AdminModel::where('account', $username)->where('deleteTime', 0)->find();
+        if ($exists) {
+            return json(['code' => 400, 'msg' => '账号已存在']);
+        }
+        
+        // 创建管理员
+        $admin = new AdminModel();
+        $admin->account = $username;
+        $admin->name = $name;
+        $admin->password = md5($password);
+        $admin->status = 1;
+        $admin->createTime = time();
+        $admin->updateTime = time();
+        $admin->deleteTime = 0;
+        $admin->save();
+        
+        // 保存权限
+        if (!empty($permissionIds)) {
+            \app\superadmin\model\AdministratorPermissions::savePermissions($admin->id, $permissionIds);
+        }
+        
+        return json([
+            'code' => 200,
+            'msg' => '添加成功',
+            'data' => null
+        ]);
     }
 } 
\ No newline at end of file
diff --git a/Server/application/superadmin/controller/Menu.php b/Server/application/superadmin/controller/Menu.php
index d27fdd2e..a4b36601 100644
--- a/Server/application/superadmin/controller/Menu.php
+++ b/Server/application/superadmin/controller/Menu.php
@@ -17,10 +17,20 @@ class Menu extends Controller
     {
         // 参数处理
         $onlyEnabled = $this->request->param('only_enabled', 1);
-        $useCache = $this->request->param('use_cache', 1);
+        $useCache = $this->request->param('use_cache', 0); // 由于要根据用户权限过滤，默认不使用缓存
+        
+        // 获取当前登录的管理员信息
+        $adminInfo = $this->request->adminInfo;
         
         // 调用模型获取菜单树
-        $menuTree = MenuModel::getMenuTree($onlyEnabled, $useCache);
+        if ($adminInfo->id == 1) {
+            // 超级管理员获取所有菜单
+            $menuTree = MenuModel::getMenuTree($onlyEnabled, $useCache);
+        } else {
+            // 非超级管理员根据权限获取菜单
+            $permissionIds = \app\superadmin\model\AdministratorPermissions::getPermissions($adminInfo->id);
+            $menuTree = MenuModel::getMenuTreeByPermissions($permissionIds, $onlyEnabled);
+        }
         
         return json([
             'code' => 200,
@@ -148,4 +158,26 @@ class Menu extends Controller
             return json(['code' => 500, 'msg' => '状态更新失败']);
         }
     }
+    
+    /**
+     * 获取一级菜单（供权限设置使用）
+     * @return \think\response\Json
+     */
+    public function getTopLevelMenus()
+    {
+        // 获取所有启用的一级菜单
+        $menus = \app\superadmin\model\Menu::where([
+            ['parent_id', '=', 0],
+            ['status', '=', 1]
+        ])
+        ->field('id, title')
+        ->order('sort', 'asc')
+        ->select();
+        
+        return json([
+            'code' => 200,
+            'msg' => '获取成功',
+            'data' => $menus
+        ]);
+    }
 } 
\ No newline at end of file
diff --git a/Server/application/superadmin/model/Administrator.php b/Server/application/superadmin/model/Administrator.php
index be2ce650..0d1f56eb 100644
--- a/Server/application/superadmin/model/Administrator.php
+++ b/Server/application/superadmin/model/Administrator.php
@@ -11,20 +11,6 @@ class Administrator extends Model
     // 设置数据表名
     protected $name = 'administrators';
     
-    // 设置数据表前缀
-    protected $prefix = 'tk_';
-    
-    // 设置主键
-    protected $pk = 'id';
-    
-    // 自动写入时间戳
-    protected $autoWriteTimestamp = true;
-    
-    // 定义时间戳字段名
-    protected $createTime = 'createTime';
-    protected $updateTime = 'updateTime';
-    protected $deleteTime = 'deleteTime';
-    
     // 隐藏字段
     protected $hidden = [
         'password'
diff --git a/Server/application/superadmin/model/AdministratorPermissions.php b/Server/application/superadmin/model/AdministratorPermissions.php
new file mode 100644
index 00000000..d0aa39e4
--- /dev/null
+++ b/Server/application/superadmin/model/AdministratorPermissions.php
@@ -0,0 +1,90 @@
+<?php
+namespace app\superadmin\model;
+
+use think\Model;
+
+/**
+ * 超级管理员权限配置模型类
+ */
+class AdministratorPermissions extends Model
+{
+    // 设置数据表名
+    protected $name = 'administrator_permissions';
+    
+    // 设置主键
+    protected $pk = 'id';
+    
+    // 自动写入时间戳
+    protected $autoWriteTimestamp = true;
+    
+    // 定义时间戳字段名
+    protected $createTime = 'createTime';
+    protected $updateTime = 'updateTime';
+    protected $deleteTime = 'deleteTime';
+    
+    // 定义字段类型
+    protected $type = [
+        'id' => 'integer',
+        'adminId' => 'integer',
+        'permissions' => 'json',
+        'createTime' => 'integer',
+        'updateTime' => 'integer',
+        'deleteTime' => 'integer'
+    ];
+    
+    /**
+     * 保存管理员权限
+     * @param int $adminId 管理员ID
+     * @param array $permissionIds 权限ID数组
+     * @return bool
+     */
+    public static function savePermissions($adminId, $permissionIds)
+    {
+        // 检查是否已有记录
+        $record = self::where('adminId', $adminId)->find();
+
+        // 准备权限数据
+        $permissionData = [
+            'ids' => is_array($permissionIds) ? implode(',', $permissionIds) : $permissionIds
+        ];
+
+        if ($record) {
+            // 更新已有记录
+            return $record->save([
+                'permissions' => json_encode($permissionData),
+                'updateTime' => time()
+            ]);
+        } else {
+            // 创建新记录
+            return self::create([
+                'adminId' => $adminId,
+                'permissions' => json_encode($permissionData),
+                'createTime' => time(),
+                'updateTime' => time(),
+                'deleteTime' => 0
+            ]);
+        }
+    }
+    
+    /**
+     * 获取管理员权限
+     * @param int $adminId 管理员ID
+     * @return array 权限ID数组
+     */
+    public static function getPermissions($adminId)
+    {
+        $record = self::where('adminId', $adminId)->find();
+        
+        if (!$record || empty($record->permissions)) {
+            return [];
+        }
+
+        $permissions = $record->permissions ? json_decode($record->permissions, true) : [];
+
+        if (isset($permissions['ids']) && !empty($permissions['ids'])) {
+            return is_string($permissions['ids']) ? explode(',', $permissions['ids']) : $permissions['ids'];
+        }
+        
+        return [];
+    }
+} 
\ No newline at end of file
diff --git a/Server/application/superadmin/model/Menu.php b/Server/application/superadmin/model/Menu.php
index 8e116a15..d3476fe9 100644
--- a/Server/application/superadmin/model/Menu.php
+++ b/Server/application/superadmin/model/Menu.php
@@ -12,19 +12,6 @@ class Menu extends Model
     // 设置数据表名
     protected $name = 'menus';
     
-    // 设置数据表前缀
-    protected $prefix = 'tk_';
-    
-    // 设置主键
-    protected $pk = 'id';
-    
-    // 自动写入时间戳
-    protected $autoWriteTimestamp = true;
-    
-    // 定义时间戳字段名
-    protected $createTime = 'create_time';
-    protected $updateTime = 'update_time';
-    
     /**
      * 获取所有菜单，并组织成树状结构
      * @param bool $onlyEnabled 是否只获取启用的菜单
@@ -35,11 +22,6 @@ class Menu extends Model
     {
         $cacheKey = 'superadmin_menu_tree' . ($onlyEnabled ? '_enabled' : '_all');
         
-        // 如果使用缓存并且缓存中有数据，则直接返回缓存数据
-//        if ($useCache && Cache::has($cacheKey)) {
-//            return Cache::get($cacheKey);
-//        }
-        
         // 查询条件
         $where = [];
         if ($onlyEnabled) {
@@ -62,7 +44,12 @@ class Menu extends Model
         
         return $menuTree;
     }
-    
+
+    public static function getMenusNameByIds($ids)
+    {
+        return self::whereIn('id', $ids)->column('title');
+    }
+
     /**
      * 构建菜单树
      * @param array $menus 所有菜单
@@ -85,60 +72,60 @@ class Menu extends Model
         
         return $tree;
     }
-    
+
     /**
-     * 清除菜单缓存
+     * 根据权限ID获取相应的菜单树
+     * @param array $permissionIds 权限ID数组
+     * @param bool $onlyEnabled 是否只获取启用的菜单
+     * @return array
      */
-    public static function clearMenuCache()
+    public static function getMenuTreeByPermissions($permissionIds, $onlyEnabled = true)
     {
-        Cache::delete('superadmin_menu_tree_enabled');
-        Cache::delete('superadmin_menu_tree_all');
-    }
-    
-    /**
-     * 添加或更新菜单
-     * @param array $data 菜单数据
-     * @return bool
-     */
-    public static function saveMenu($data)
-    {
-        if (isset($data['id']) && $data['id'] > 0) {
-            // 更新
-            $menu = self::find($data['id']);
-            if (!$menu) {
-                return false;
+        // 如果没有权限，返回空数组
+        if (empty($permissionIds)) {
+            return [];
+        }
+        
+        // 查询条件
+        $where = [];
+        if ($onlyEnabled) {
+            $where[] = ['status', '=', 1];
+        }
+        
+        // 获取所有一级菜单（用户拥有权限的）
+        $topMenus = self::where($where)
+            ->where('parent_id', 0)
+            ->whereIn('id', $permissionIds)
+            ->order('sort', 'asc')
+            ->select()
+            ->toArray();
+        
+        // 菜单ID集合，用于获取子菜单
+        $menuIds = array_column($topMenus, 'id');
+        
+        // 获取所有子菜单
+        $childMenus = self::where($where)
+            ->where('parent_id', 'in', $menuIds)
+            ->order('sort', 'asc')
+            ->select()
+            ->toArray();
+        
+        // 将子菜单按照父ID进行分组
+        $childMenusGroup = [];
+        foreach ($childMenus as $menu) {
+            $childMenusGroup[$menu['parent_id']][] = $menu;
+        }
+        
+        // 构建菜单树
+        $menuTree = [];
+        foreach ($topMenus as $topMenu) {
+            // 添加子菜单
+            if (isset($childMenusGroup[$topMenu['id']])) {
+                $topMenu['children'] = $childMenusGroup[$topMenu['id']];
             }
-            $result = $menu->save($data);
-        } else {
-            // 新增
-            $menu = new self();
-            $result = $menu->save($data);
+            $menuTree[] = $topMenu;
         }
         
-        // 清除缓存
-        self::clearMenuCache();
-        
-        return $result !== false;
-    }
-    
-    /**
-     * 删除菜单
-     * @param int $id 菜单ID
-     * @return bool
-     */
-    public static function deleteMenu($id)
-    {
-        // 查找子菜单
-        $childCount = self::where('parent_id', $id)->count();
-        if ($childCount > 0) {
-            return false; // 有子菜单不能删除
-        }
-        
-        $result = self::destroy($id);
-        
-        // 清除缓存
-        self::clearMenuCache();
-        
-        return $result !== false;
+        return $menuTree;
     }
 } 
\ No newline at end of file
diff --git a/Server/public/index.php b/Server/public/index.php
index ed629339..854db7e9 100644
--- a/Server/public/index.php
+++ b/Server/public/index.php
@@ -13,15 +13,15 @@
 namespace think;
 
 ////处理跨域预检请求
-//if($_SERVER['REQUEST_METHOD'] == 'OPTIONS'){
-//    //允许的源域名
-//    header("Access-Control-Allow-Origin: *");
-//    //允许的请求头信息
-//    header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization");
-//    //允许的请求类型
-//    header('Access-Control-Allow-Methods: GET, POST, PUT,DELETE,OPTIONS,PATCH');
-//    exit;
-//}
+if($_SERVER['REQUEST_METHOD'] == 'OPTIONS'){
+    //允许的源域名
+    header("Access-Control-Allow-Origin: *");
+    //允许的请求头信息
+    header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization");
+    //允许的请求类型
+    header('Access-Control-Allow-Methods: GET, POST, PUT,DELETE,OPTIONS,PATCH');
+    exit;
+}
 
 define('ROOT_PATH', dirname(__DIR__));
 define('DS', DIRECTORY_SEPARATOR);
diff --git a/Server/route/route.php b/Server/route/route.php
index 94f08633..cd50328c 100644
--- a/Server/route/route.php
+++ b/Server/route/route.php
@@ -12,11 +12,11 @@
 use think\facade\Route;
 
  // 允许跨域
-// header('Access-Control-Allow-Origin: *');
-// header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH');
-// header('Access-Control-Allow-Headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With, X-Token, X-Api-Token');
-// header('Access-Control-Max-Age: 1728000');
-// header('Access-Control-Allow-Credentials: true');
+ header('Access-Control-Allow-Origin: *');
+ header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH');
+ header('Access-Control-Allow-Headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With, X-Token, X-Api-Token');
+ header('Access-Control-Max-Age: 1728000');
+ header('Access-Control-Allow-Credentials: true');
 
 // 加载Store模块路由配置
 include __DIR__ . '/../application/api/config/route.php';
diff --git a/SuperAdmin/app/dashboard/admins/[id]/edit/page.tsx b/SuperAdmin/app/dashboard/admins/[id]/edit/page.tsx
index d112b107..7c58788b 100644
--- a/SuperAdmin/app/dashboard/admins/[id]/edit/page.tsx
+++ b/SuperAdmin/app/dashboard/admins/[id]/edit/page.tsx
@@ -11,58 +11,84 @@ import { Card, CardContent, CardDescription, CardFooter, CardHeader, CardTitle }
 import { ArrowLeft, Loader2 } from "lucide-react"
 import Link from "next/link"
 import { Checkbox } from "@/components/ui/checkbox"
-import { getAdministratorDetail, AdministratorDetail } from "@/lib/admin-api"
+import { getAdministratorDetail, updateAdministrator } from "@/lib/admin-api"
 import { useToast } from "@/components/ui/use-toast"
+import { getTopLevelMenus } from "@/lib/menu-api"
+import { getAdminInfo } from "@/lib/utils"
 
-// 权限 ID 到前端权限键的映射
-const permissionMapping: Record<number, string[]> = {
-  1: ["project_management", "customer_pool", "admin_management"], // 超级管理员
-  2: ["project_management", "customer_pool"], // 项目管理员
-  3: ["customer_pool"], // 客户管理员
-  4: [], // 普通管理员
-};
+interface MenuPermission {
+  id: number;
+  title: string;
+}
 
 export default function EditAdminPage({ params }: { params: { id: string } }) {
   const router = useRouter()
   const { toast } = useToast()
   const [isLoading, setIsLoading] = useState(true)
   const [isSubmitting, setIsSubmitting] = useState(false)
-  const [adminInfo, setAdminInfo] = useState<AdministratorDetail | null>(null)
+  const [adminInfo, setAdminInfo] = useState<any | null>(null)
   const [username, setUsername] = useState("")
   const [name, setName] = useState("")
+  const [password, setPassword] = useState("")
+  const [confirmPassword, setConfirmPassword] = useState("")
+  const [menuPermissions, setMenuPermissions] = useState<MenuPermission[]>([])
+  const [selectedPermissions, setSelectedPermissions] = useState<number[]>([])
+  const [currentAdmin, setCurrentAdmin] = useState<any | null>(null)
+  const [canEditPermissions, setCanEditPermissions] = useState(false)
 
-  const permissions = [
-    { id: "project_management", label: "项目管理" },
-    { id: "customer_pool", label: "客户池" },
-    { id: "admin_management", label: "管理员权限" },
-  ]
-
-  const [selectedPermissions, setSelectedPermissions] = useState<string[]>([])
-
-  // 加载管理员详情
+  // 加载管理员详情和菜单权限
   useEffect(() => {
-    const fetchAdminDetail = async () => {
+    const fetchData = async () => {
       setIsLoading(true)
       try {
-        const response = await getAdministratorDetail(params.id)
-        if (response.code === 200 && response.data) {
-          setAdminInfo(response.data)
-          // 设置表单数据
-          setUsername(response.data.username)
-          setName(response.data.name)
-          // 根据 authId 设置权限
-          setSelectedPermissions(permissionMapping[response.data.authId] || [])
+        // 获取当前登录的管理员信息
+        const currentAdminInfo = getAdminInfo()
+        setCurrentAdmin(currentAdminInfo)
+        
+        // 获取管理员详情
+        const adminResponse = await getAdministratorDetail(params.id)
+        
+        if (adminResponse.code === 200 && adminResponse.data) {
+          setAdminInfo(adminResponse.data)
+          setUsername(adminResponse.data.username)
+          setName(adminResponse.data.name)
+          
+          // 判断是否可以编辑权限
+          // 只有超级管理员(ID为1)可以编辑其他人的权限
+          // 编辑自己时不能修改权限
+          const isEditingSelf = currentAdminInfo && parseInt(params.id) === currentAdminInfo.id
+          const isSuperAdmin = currentAdminInfo && currentAdminInfo.id === 1
+          
+          setCanEditPermissions(!!(isSuperAdmin && !isEditingSelf))
+          
+          // 如果可以编辑权限，则获取菜单权限
+          if (isSuperAdmin && !isEditingSelf) {
+            const menuResponse = await getTopLevelMenus()
+            if (menuResponse.code === 200 && menuResponse.data) {
+              setMenuPermissions(menuResponse.data)
+              
+              // 获取管理员已有的权限
+              const permissionsResponse = await getAdministratorDetail(params.id)
+              if (permissionsResponse.code === 200 && permissionsResponse.data) {
+                // 如果有权限数据，则设置选中的权限
+                if (permissionsResponse.data.permissions) {
+                  // 假设权限是存储为菜单ID的数组
+                  setSelectedPermissions(permissionsResponse.data.permissions.map((p: any) => p.id || p))
+                }
+              }
+            }
+          }
         } else {
           toast({
             title: "获取管理员详情失败",
-            description: response.msg || "请稍后重试",
+            description: adminResponse.msg || "请稍后重试",
             variant: "destructive",
           })
         }
       } catch (error) {
-        console.error("获取管理员详情出错:", error)
+        console.error("获取数据出错:", error)
         toast({
-          title: "获取管理员详情失败",
+          title: "获取数据失败",
           description: "请检查网络连接后重试",
           variant: "destructive",
         })
@@ -71,24 +97,78 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
       }
     }
 
-    fetchAdminDetail()
+    fetchData()
   }, [params.id])
 
-  const togglePermission = (permissionId: string) => {
+  // 切换权限选择
+  const togglePermission = (permissionId: number) => {
     setSelectedPermissions((prev) =>
       prev.includes(permissionId) ? prev.filter((id) => id !== permissionId) : [...prev, permissionId],
     )
   }
 
-  const handleSubmit = (e: React.FormEvent) => {
+  // 提交表单
+  const handleSubmit = async (e: React.FormEvent) => {
     e.preventDefault()
+    
+    // 验证密码
+    if (password && password !== confirmPassword) {
+      toast({
+        title: "密码不匹配",
+        description: "两次输入的密码不一致",
+        variant: "destructive",
+      })
+      return
+    }
+    
     setIsSubmitting(true)
-
-    // Simulate API call
-    setTimeout(() => {
+    
+    try {
+      // 准备提交的数据
+      const updateData: any = {
+        username,
+        name,
+      }
+      
+      // 如果有设置密码，则添加密码字段
+      if (password) {
+        updateData.password = password
+      }
+      
+      // 如果可以编辑权限，则添加权限字段
+      if (canEditPermissions) {
+        updateData.permissionIds = selectedPermissions
+      }
+      
+      // 调用更新API
+      const response = await updateAdministrator(params.id, updateData)
+      
+      if (response.code === 200) {
+        toast({
+          title: "更新成功",
+          description: "管理员信息已更新",
+          variant: "success",
+        })
+        
+        // 更新成功后返回列表页
+        router.push("/dashboard/admins")
+      } else {
+        toast({
+          title: "更新失败",
+          description: response.msg || "请稍后重试",
+          variant: "destructive",
+        })
+      }
+    } catch (error) {
+      console.error("更新管理员信息出错:", error)
+      toast({
+        title: "更新失败",
+        description: "请检查网络连接后重试",
+        variant: "destructive",
+      })
+    } finally {
       setIsSubmitting(false)
-      router.push("/dashboard/admins")
-    }, 1500)
+    }
   }
 
   if (isLoading) {
@@ -145,39 +225,60 @@ export default function EditAdminPage({ params }: { params: { id: string } }) {
 
               <div className="space-y-2">
                 <Label htmlFor="password">重置密码</Label>
-                <Input id="password" type="password" placeholder="留空则不修改密码" />
+                <Input 
+                  id="password" 
+                  type="password" 
+                  placeholder="留空则不修改密码" 
+                  value={password}
+                  onChange={(e) => setPassword(e.target.value)}
+                />
               </div>
 
               <div className="space-y-2">
                 <Label htmlFor="confirmPassword">确认密码</Label>
-                <Input id="confirmPassword" type="password" placeholder="留空则不修改密码" />
+                <Input 
+                  id="confirmPassword" 
+                  type="password" 
+                  placeholder="留空则不修改密码" 
+                  value={confirmPassword}
+                  onChange={(e) => setConfirmPassword(e.target.value)}
+                />
               </div>
             </div>
 
-            <div className="space-y-3">
-              <Label>权限设置</Label>
-              <div className="grid gap-2">
-                {permissions.map((permission) => (
-                  <div key={permission.id} className="flex items-center space-x-2">
-                    <Checkbox
-                      id={permission.id}
-                      checked={selectedPermissions.includes(permission.id)}
-                      onCheckedChange={() => togglePermission(permission.id)}
-                    />
-                    <Label htmlFor={permission.id} className="cursor-pointer">
-                      {permission.label}
-                    </Label>
-                  </div>
-                ))}
+            {canEditPermissions && (
+              <div className="space-y-3">
+                <Label>权限设置</Label>
+                <div className="grid gap-2">
+                  {menuPermissions.map((menu) => (
+                    <div key={menu.id} className="flex items-center space-x-2">
+                      <Checkbox
+                        id={`menu-${menu.id}`}
+                        checked={selectedPermissions.includes(menu.id)}
+                        onCheckedChange={() => togglePermission(menu.id)}
+                      />
+                      <Label htmlFor={`menu-${menu.id}`} className="cursor-pointer">
+                        {menu.title}
+                      </Label>
+                    </div>
+                  ))}
+                </div>
               </div>
-            </div>
+            )}
           </CardContent>
           <CardFooter className="flex justify-end gap-2">
             <Button variant="outline" asChild>
               <Link href="/dashboard/admins">取消</Link>
             </Button>
             <Button type="submit" disabled={isSubmitting}>
-              {isSubmitting ? "保存中..." : "保存修改"}
+              {isSubmitting ? (
+                <>
+                  <Loader2 className="mr-2 h-4 w-4 animate-spin" />
+                  保存中...
+                </>
+              ) : (
+                "保存修改"
+              )}
             </Button>
           </CardFooter>
         </Card>
diff --git a/SuperAdmin/app/dashboard/admins/new/page.tsx b/SuperAdmin/app/dashboard/admins/new/page.tsx
index 4ef3fa3d..0d10a691 100644
--- a/SuperAdmin/app/dashboard/admins/new/page.tsx
+++ b/SuperAdmin/app/dashboard/admins/new/page.tsx
@@ -2,43 +2,143 @@
 
 import type React from "react"
 
-import { useState } from "react"
+import { useState, useEffect } from "react"
 import { useRouter } from "next/navigation"
 import { Button } from "@/components/ui/button"
 import { Input } from "@/components/ui/input"
 import { Label } from "@/components/ui/label"
 import { Card, CardContent, CardDescription, CardFooter, CardHeader, CardTitle } from "@/components/ui/card"
-import { ArrowLeft } from "lucide-react"
+import { ArrowLeft, Loader2 } from "lucide-react"
 import Link from "next/link"
 import { Checkbox } from "@/components/ui/checkbox"
+import { addAdministrator } from "@/lib/admin-api"
+import { useToast } from "@/components/ui/use-toast"
+import { getTopLevelMenus } from "@/lib/menu-api"
+import { getAdminInfo } from "@/lib/utils"
+
+interface MenuPermission {
+  id: number;
+  title: string;
+}
 
 export default function NewAdminPage() {
   const router = useRouter()
+  const { toast } = useToast()
+  const [username, setUsername] = useState("")
+  const [name, setName] = useState("")
+  const [password, setPassword] = useState("")
+  const [confirmPassword, setConfirmPassword] = useState("")
+  const [isLoading, setIsLoading] = useState(true)
   const [isSubmitting, setIsSubmitting] = useState(false)
+  const [menuPermissions, setMenuPermissions] = useState<MenuPermission[]>([])
+  const [selectedPermissions, setSelectedPermissions] = useState<number[]>([])
+  const [canManagePermissions, setCanManagePermissions] = useState(false)
 
-  const permissions = [
-    { id: "project_management", label: "项目管理" },
-    { id: "customer_pool", label: "客户池" },
-    { id: "admin_management", label: "管理员权限" },
-  ]
+  // 加载权限数据
+  useEffect(() => {
+    const loadPermissions = async () => {
+      setIsLoading(true)
+      try {
+        // 获取当前登录的管理员
+        const currentAdmin = getAdminInfo()
+        
+        // 只有超级管理员(ID为1)可以管理权限
+        if (currentAdmin && currentAdmin.id === 1) {
+          setCanManagePermissions(true)
+          
+          // 获取菜单权限
+          const response = await getTopLevelMenus()
+          if (response.code === 200 && response.data) {
+            setMenuPermissions(response.data)
+          }
+        }
+      } catch (error) {
+        console.error("获取权限数据失败:", error)
+        toast({
+          title: "获取权限数据失败",
+          description: "请检查网络连接后重试",
+          variant: "destructive",
+        })
+      } finally {
+        setIsLoading(false)
+      }
+    }
+    
+    loadPermissions()
+  }, [])
 
-  const [selectedPermissions, setSelectedPermissions] = useState<string[]>([])
-
-  const togglePermission = (permissionId: string) => {
+  const togglePermission = (permissionId: number) => {
     setSelectedPermissions((prev) =>
       prev.includes(permissionId) ? prev.filter((id) => id !== permissionId) : [...prev, permissionId],
     )
   }
 
-  const handleSubmit = (e: React.FormEvent) => {
+  const handleSubmit = async (e: React.FormEvent) => {
     e.preventDefault()
+    
+    // 验证密码
+    if (!password) {
+      toast({
+        title: "密码不能为空",
+        description: "添加管理员时必须设置密码",
+        variant: "destructive",
+      })
+      return
+    }
+    
+    if (password !== confirmPassword) {
+      toast({
+        title: "密码不匹配",
+        description: "两次输入的密码不一致",
+        variant: "destructive",
+      })
+      return
+    }
+    
     setIsSubmitting(true)
-
-    // Simulate API call
-    setTimeout(() => {
+    
+    try {
+      // 准备提交数据
+      const data: any = {
+        username,
+        name,
+        password,
+      }
+      
+      // 如果可以管理权限，则添加权限设置
+      if (canManagePermissions && selectedPermissions.length > 0) {
+        data.permissionIds = selectedPermissions
+      }
+      
+      // 调用添加API
+      const response = await addAdministrator(data)
+      
+      if (response.code === 200) {
+        toast({
+          title: "添加成功",
+          description: "管理员账号已成功添加",
+          variant: "success",
+        })
+        
+        // 返回管理员列表页
+        router.push("/dashboard/admins")
+      } else {
+        toast({
+          title: "添加失败",
+          description: response.msg || "请稍后重试",
+          variant: "destructive",
+        })
+      }
+    } catch (error) {
+      console.error("添加管理员出错:", error)
+      toast({
+        title: "添加失败",
+        description: "请检查网络连接后重试",
+        variant: "destructive",
+      })
+    } finally {
       setIsSubmitting(false)
-      router.push("/dashboard/admins")
-    }, 1500)
+    }
   }
 
   return (
@@ -56,55 +156,97 @@ export default function NewAdminPage() {
         <Card>
           <CardHeader>
             <CardTitle>管理员信息</CardTitle>
-            <CardDescription>创建新管理员账号并设置权限</CardDescription>
+            <CardDescription>创建新的管理员账号</CardDescription>
           </CardHeader>
           <CardContent className="space-y-6">
             <div className="grid gap-6 md:grid-cols-2">
               <div className="space-y-2">
                 <Label htmlFor="username">账号</Label>
-                <Input id="username" placeholder="请输入账号" required />
+                <Input
+                  id="username"
+                  value={username}
+                  onChange={(e) => setUsername(e.target.value)}
+                  placeholder="请输入账号"
+                  required
+                />
               </div>
 
               <div className="space-y-2">
                 <Label htmlFor="name">姓名</Label>
-                <Input id="name" placeholder="请输入姓名" required />
+                <Input
+                  id="name"
+                  value={name}
+                  onChange={(e) => setName(e.target.value)}
+                  placeholder="请输入姓名"
+                  required
+                />
               </div>
 
               <div className="space-y-2">
                 <Label htmlFor="password">密码</Label>
-                <Input id="password" type="password" placeholder="请设置密码" required />
+                <Input
+                  id="password"
+                  type="password"
+                  value={password}
+                  onChange={(e) => setPassword(e.target.value)}
+                  placeholder="请输入密码"
+                  required
+                />
               </div>
 
               <div className="space-y-2">
-                <Label htmlFor="confirmPassword">确认密码</Label>
-                <Input id="confirmPassword" type="password" placeholder="请再次输入密码" required />
+                <Label htmlFor="confirm-password">确认密码</Label>
+                <Input
+                  id="confirm-password"
+                  type="password"
+                  value={confirmPassword}
+                  onChange={(e) => setConfirmPassword(e.target.value)}
+                  placeholder="请再次输入密码"
+                  required
+                />
               </div>
             </div>
 
-            <div className="space-y-3">
-              <Label>权限设置</Label>
-              <div className="grid gap-2">
-                {permissions.map((permission) => (
-                  <div key={permission.id} className="flex items-center space-x-2">
-                    <Checkbox
-                      id={permission.id}
-                      checked={selectedPermissions.includes(permission.id)}
-                      onCheckedChange={() => togglePermission(permission.id)}
-                    />
-                    <Label htmlFor={permission.id} className="cursor-pointer">
-                      {permission.label}
-                    </Label>
-                  </div>
-                ))}
+            {canManagePermissions && (
+              <div className="space-y-3">
+                <Label>权限设置</Label>
+                <div className="grid gap-2">
+                  {isLoading ? (
+                    <div className="flex items-center gap-2">
+                      <Loader2 className="h-4 w-4 animate-spin" />
+                      <span className="text-sm text-muted-foreground">加载权限数据中...</span>
+                    </div>
+                  ) : (
+                    menuPermissions.map((menu) => (
+                      <div key={menu.id} className="flex items-center space-x-2">
+                        <Checkbox
+                          id={`menu-${menu.id}`}
+                          checked={selectedPermissions.includes(menu.id)}
+                          onCheckedChange={() => togglePermission(menu.id)}
+                        />
+                        <Label htmlFor={`menu-${menu.id}`} className="cursor-pointer">
+                          {menu.title}
+                        </Label>
+                      </div>
+                    ))
+                  )}
+                </div>
               </div>
-            </div>
+            )}
           </CardContent>
           <CardFooter className="flex justify-end gap-2">
             <Button variant="outline" asChild>
               <Link href="/dashboard/admins">取消</Link>
             </Button>
             <Button type="submit" disabled={isSubmitting}>
-              {isSubmitting ? "创建中..." : "创建管理员"}
+              {isSubmitting ? (
+                <>
+                  <Loader2 className="mr-2 h-4 w-4 animate-spin" />
+                  创建中...
+                </>
+              ) : (
+                "创建管理员"
+              )}
             </Button>
           </CardFooter>
         </Card>
diff --git a/SuperAdmin/lib/admin-api.ts b/SuperAdmin/lib/admin-api.ts
index c4190492..ccf501f4 100644
--- a/SuperAdmin/lib/admin-api.ts
+++ b/SuperAdmin/lib/admin-api.ts
@@ -84,4 +84,41 @@ export async function getAdministrators(
  */
 export async function getAdministratorDetail(id: number | string): Promise<ApiResponse<AdministratorDetail>> {
   return apiRequest(`/administrator/detail/${id}`);
+}
+
+/**
+ * 更新管理员信息
+ * @param id 管理员ID
+ * @param data 更新的数据
+ * @returns 更新结果
+ */
+export async function updateAdministrator(
+  id: number | string,
+  data: {
+    username: string;
+    name: string;
+    password?: string;
+    permissionIds?: number[];
+  }
+): Promise<ApiResponse<null>> {
+  return apiRequest('/administrator/update', 'POST', {
+    id,
+    ...data
+  });
+}
+
+/**
+ * 添加管理员
+ * @param data 管理员数据
+ * @returns 添加结果
+ */
+export async function addAdministrator(
+  data: {
+    username: string;
+    name: string;
+    password: string;
+    permissionIds?: number[];
+  }
+): Promise<ApiResponse<null>> {
+  return apiRequest('/administrator/add', 'POST', data);
 } 
\ No newline at end of file
diff --git a/SuperAdmin/lib/menu-api.ts b/SuperAdmin/lib/menu-api.ts
index e284bd42..ad0de545 100644
--- a/SuperAdmin/lib/menu-api.ts
+++ b/SuperAdmin/lib/menu-api.ts
@@ -25,6 +25,9 @@ export async function getMenus(onlyEnabled: boolean = true): Promise<MenuItem[]>
     const params = new URLSearchParams();
     params.append('only_enabled', onlyEnabled ? '1' : '0');
     
+    // 禁用缓存，每次都获取最新的基于用户权限的菜单
+    params.append('use_cache', '0');
+    
     const response = await apiRequest<MenuItem[]>(`/menu/tree?${params.toString()}`);
     
     return response.data || [];
@@ -107,4 +110,21 @@ export async function updateMenuStatus(id: number, status: 0 | 1): Promise<boole
     console.error('更新菜单状态失败:', error);
     return false;
   }
+}
+
+/**
+ * 获取一级菜单（用于权限设置）
+ * @returns 一级菜单列表
+ */
+export async function getTopLevelMenus(): Promise<ApiResponse<MenuItem[]>> {
+  try {
+    return await apiRequest<MenuItem[]>('/menu/toplevel');
+  } catch (error) {
+    console.error('获取一级菜单失败:', error);
+    return {
+      code: 500,
+      msg: '获取一级菜单失败',
+      data: []
+    };
+  }
 } 
\ No newline at end of file