diff --git a/src/router/guards.js b/src/router/guards.js
index 67de64c..4646765 100644
--- a/src/router/guards.js
+++ b/src/router/guards.js
@@ -1,4 +1,4 @@
-import {hasPermission, hasRole} from '@/utils/authority-utils'
+import {hasAuthority} from '@/utils/authority-utils'
 import {loginIgnore} from '@/router/index'
 import {checkAuthorization} from '@/utils/request'
 
@@ -30,7 +30,7 @@ const authorityGuard = (to, from, next, options) => {
   const {store, message} = options
   const permissions = store.getters['account/permissions']
   const roles = store.getters['account/roles']
-  if (!hasPermission(to, permissions) && !hasRole(to, roles)) {
+  if (!hasAuthority(to, permissions, roles)) {
     message.warning(`对不起，您无权访问页面: ${to.fullPath}，请联系管理员`)
     next({path: '/403'})
   } else {
diff --git a/src/utils/authority-utils.js b/src/utils/authority-utils.js
index e421e12..a08c474 100644
--- a/src/utils/authority-utils.js
+++ b/src/utils/authority-utils.js
@@ -1,11 +1,10 @@
 /**
  * 判断是否有路由的权限
- * @param route 路由
+ * @param authority 路由权限配置
  * @param permissions 用户权限集合
  * @returns {boolean|*}
  */
-function hasPermission(route, permissions) {
-  const authority = route.meta.authority || '*'
+function hasPermission(authority, permissions) {
   let required = '*'
   if (typeof authority === 'string') {
     required = authority
@@ -17,11 +16,10 @@ function hasPermission(route, permissions) {
 
 /**
  * 判断是否有路由需要的角色
- * @param route 路由
+ * @param authority 路由权限配置
  * @param roles 用户角色集合
  */
-function hasRole(route, roles) {
-  const authority = route.meta.authority || '*'
+function hasRole(authority, roles) {
   let required = undefined
   if (typeof authority === 'object') {
     required = authority.role
@@ -47,6 +45,23 @@ function hasAnyRole(required, roles) {
   }
 }
 
+/**
+ * 路由权限校验
+ * @param route 路由
+ * @param permissions 用户权限集合
+ * @param roles 用户角色集合
+ * @returns {boolean}
+ */
+function hasAuthority(route, permissions, roles) {
+  const authorities = [...route.meta.pAuthorities, route.meta.authority]
+  for (let authority of authorities) {
+    if (!hasPermission(authority, permissions) && !hasRole(authority, roles)) {
+      return false
+    }
+  }
+  return true
+}
+
 /**
  * 根据权限配置过滤菜单数据
  * @param menuData
@@ -56,7 +71,7 @@ function hasAnyRole(required, roles) {
 function filterMenu(menuData, permissions, roles) {
   menuData.forEach(menu => {
     if (menu.meta && menu.meta.invisible === undefined) {
-      menu.meta.invisible = !hasPermission(menu, permissions) && !hasRole(menu, roles)
+      menu.meta.invisible = !hasAuthority(menu, permissions, roles)
       if (menu.children && menu.children.length > 0) {
         filterMenu(menu.children, permissions, roles)
       }
@@ -64,4 +79,4 @@ function filterMenu(menuData, permissions, roles) {
   })
 }
 
-export {hasPermission, hasRole, filterMenu}
+export {filterMenu, hasAuthority}
diff --git a/src/utils/routerUtil.js b/src/utils/routerUtil.js
index 7fc9160..68416ea 100644
--- a/src/utils/routerUtil.js
+++ b/src/utils/routerUtil.js
@@ -97,15 +97,16 @@ function mergeRoutes(target, source) {
 
 /**
  * 格式化路由的权限配置
- * @param routes
+ * @param routes 路由
+ * @param pAuthorities 父级路由权限配置集合
  */
-function formatAuthority(routes) {
+function formatAuthority(routes, pAuthorities = []) {
   routes.forEach(route => {
     const meta = route.meta
     if (meta) {
       let authority = {}
       if (!meta.authority) {
-        authority.permission = '*'
+        authority = pAuthorities.length > 0 ? pAuthorities[pAuthorities.length - 1] : {permission: '*'}
       }else if (typeof meta.authority === 'string') {
         authority.permission = meta.authority
       } else if (typeof meta.authority === 'object') {
@@ -114,17 +115,20 @@ function formatAuthority(routes) {
         if (typeof role === 'string') {
           authority.role = [role]
         }
+        if (!authority.permission && !authority.role) {
+          authority = pAuthorities.length > 0 ? pAuthorities[pAuthorities.length - 1] : {permission: '*'}
+        }
       } else {
         console.log(typeof meta.authority)
       }
       meta.authority = authority
     } else {
-      route.meta = {
-        authority: {permission: '*'}
-      }
+      const authority = pAuthorities.length > 0 ? pAuthorities[pAuthorities.length - 1] : {permission: '*'}
+      route.meta = {authority}
     }
+    route.meta.pAuthorities = pAuthorities
     if (route.children) {
-      formatAuthority(route.children)
+      formatAuthority(route.children, [...pAuthorities, route.meta.authority])
     }
   })
 }