diff --git a/src/plugins/zauth.ts b/src/plugins/zauth.ts
index 259e803..f418ea5 100644
--- a/src/plugins/zauth.ts
+++ b/src/plugins/zauth.ts
@@ -42,15 +42,16 @@ const zAuthPlugin: FastifyPluginAsync = async function (
         if (!account.roles) {
           return reply.send({ code: 11, msg: 'no permission' })
         }
+        let isSupAdmin = account.isSysAdmin()
         if (request.roles && request.roles.indexOf('anon') == -1) {
-          if (account.roles) {
+          if (account.roles && !isSupAdmin) {
             const roles = request.roles.intersect(account.roles)
             if (!roles || roles.length == 0) {
               return reply.send({ code: 12, msg: 'no permission' })
             }
           }
         }
-        if (request.permissions) {
+        if (request.permissions && !isSupAdmin) {
           let canDo = false
           for (let role of account.roles) {
             for (let sub of request.permissions) {