diff --git a/snail-job-server/snail-job-server-web/src/main/java/com/aizuda/snailjob/server/web/controller/SystemUserController.java b/snail-job-server/snail-job-server-web/src/main/java/com/aizuda/snailjob/server/web/controller/SystemUserController.java
index 29e2d89f..cd1a20e5 100644
--- a/snail-job-server/snail-job-server-web/src/main/java/com/aizuda/snailjob/server/web/controller/SystemUserController.java
+++ b/snail-job-server/snail-job-server-web/src/main/java/com/aizuda/snailjob/server/web/controller/SystemUserController.java
@@ -1,6 +1,5 @@
 package com.aizuda.snailjob.server.web.controller;
 
-import cn.hutool.core.lang.Assert;
 import com.aizuda.snailjob.server.common.exception.SnailJobServerException;
 import com.aizuda.snailjob.server.web.annotation.LoginRequired;
 import com.aizuda.snailjob.server.web.annotation.LoginUser;
@@ -12,9 +11,8 @@ import com.aizuda.snailjob.server.web.model.request.UserSessionVO;
 import com.aizuda.snailjob.server.web.model.response.PermissionsResponseVO;
 import com.aizuda.snailjob.server.web.model.response.SystemUserResponseVO;
 import com.aizuda.snailjob.server.web.service.SystemUserService;
-import com.aizuda.snailjob.server.web.util.UserSessionUtils;
 import jakarta.validation.Valid;
-import org.springframework.beans.factory.annotation.Autowired;
+import lombok.RequiredArgsConstructor;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
@@ -26,12 +24,11 @@ import java.util.List;
  * @since 2022-03-05
  */
 @RestController
+@RequiredArgsConstructor
 public class SystemUserController {
 
     private static final Long SUPER_ADMIN_ID = 1L;
-
-    @Autowired
-    private SystemUserService systemUserService;
+    private final SystemUserService systemUserService;
 
     @PostMapping("/auth/login")
     public SystemUserResponseVO login(@RequestBody SystemUserRequestVO requestVO) {
@@ -56,14 +53,10 @@ public class SystemUserController {
         return systemUserService.getSystemUserPageList(systemUserQueryVO);
     }
 
+    @LoginRequired(role = RoleEnum.ADMIN)
     @PutMapping("/user")
     public void update(@RequestBody @Valid SystemUserRequestVO requestVO) {
-        // 1. 普通用户不允许修改其他用户
-        if (!SUPER_ADMIN_ID.equals(requestVO.getId())) {
-            Assert.equals(UserSessionUtils.currentUserSession().getId(), requestVO.getId(),
-                    "普通用户不允许修改其他用户");
-        }
-        // 2. 超级管理员(id=1)不能变更为普通用户
+        // 1. 超级管理员(id=1)不能变更为普通用户
         if (SUPER_ADMIN_ID.equals(requestVO.getId()) && RoleEnum.isUser(requestVO.getRole())) {
             throw new SnailJobServerException("不允许修改超级管理员角色");
         }