diff --git a/controllers/BookController.go b/controllers/BookController.go
index 092e6e16..a11fe5e9 100644
--- a/controllers/BookController.go
+++ b/controllers/BookController.go
@@ -121,6 +121,7 @@ func (c *BookController) Setting() {
 
 //保存项目信息
 func (c *BookController) SaveBook() {
+	c.Prepare()
 	bookResult, err := c.IsPermission()
 
 	if err != nil {
diff --git a/controllers/DocumentController.go b/controllers/DocumentController.go
index 3a911451..393bc3dc 100644
--- a/controllers/DocumentController.go
+++ b/controllers/DocumentController.go
@@ -1252,8 +1252,8 @@ func (c *DocumentController) Lock() {
 		}
 	} else {
 		bookResult, err := models.NewBookResult().FindByIdentify(identify, c.Member.MemberId)
-
-		if err != nil || bookResult.RoleId == conf.BookObserver {
+		//只有创始人和管理员才能锁定文档
+		if err != nil || (bookResult.RoleId != conf.BookAdmin && bookResult.RoleId != conf.BookFounder) {
 			beego.Error("FindByIdentify => ", err)
 			c.JsonResult(6002, "项目不存在或权限不足")
 		}
@@ -1295,8 +1295,8 @@ func (c *DocumentController) UnLock()  {
 		}
 	} else {
 		bookResult, err := models.NewBookResult().FindByIdentify(identify, c.Member.MemberId)
-
-		if err != nil || bookResult.RoleId == conf.BookObserver {
+		//只有创始人或管理员才能解锁文档
+		if err != nil || (bookResult.RoleId != conf.BookAdmin && bookResult.RoleId != conf.BookFounder) {
 			beego.Error("FindByIdentify => ", err)
 			c.JsonResult(6002, "项目不存在或权限不足")
 		}