diff --git a/inventory-backend/app/services/permission_service.py b/inventory-backend/app/services/permission_service.py
index 756f7ea..10faf36 100644
--- a/inventory-backend/app/services/permission_service.py
+++ b/inventory-backend/app/services/permission_service.py
@@ -1,9 +1,11 @@
 # inventory-backend/app/services/permission_service.py
+
 from app.models.system import SysMenu, SysElement, SysRolePermission
 from app.extensions import db
 
 
 class PermissionService:
+
     @staticmethod
     def get_permission_tree():
         """
@@ -12,11 +14,13 @@ class PermissionService:
         """
         # 1. 获取所有菜单
         menus = SysMenu.query.order_by(SysMenu.sort_order).all()
+
         # 2. 获取所有元素
         elements = SysElement.query.all()
 
         # 3. 组装树结构
         tree_data = []
+
         for menu in menus:
             menu_dict = menu.to_dict()
 
@@ -39,7 +43,6 @@ class PermissionService:
         """获取指定角色拥有的所有权限Code"""
         perms = SysRolePermission.query.filter_by(role_code=role_code).all()
 
-        # 将结果分为 menus 和 elements (虽然前端目前合并处理，但分开更清晰)
         menu_codes = []
         element_codes = []
 
@@ -49,7 +52,6 @@ class PermissionService:
             else:
                 element_codes.append(p.target_code)
 
-        # 返回结构适配前端
         return {
             'menus': menu_codes,
             'elements': element_codes
@@ -64,26 +66,43 @@ class PermissionService:
         if not role_code:
             raise ValueError("角色代码不能为空")
 
-        # 1. 删除该角色旧的所有权限
-        SysRolePermission.query.filter_by(role_code=role_code).delete()
+        try:
+            # ========= 1️⃣ 先删除旧权限 =========
+            SysRolePermission.query.filter_by(role_code=role_code) \
+                .delete(synchronize_session=False)
 
-        # 2. 批量添加新权限
-        if permission_codes and len(permission_codes) > 0:
-            # 预先获取所有菜单代码，用于判断类型
-            all_menu_codes = {m.code for m in SysMenu.query.all()}
+            # ========= 2️⃣ 去重（关键修复点） =========
+            # 防止前端传来重复 code 导致 UNIQUE 冲突
+            unique_codes = set(permission_codes) if permission_codes else set()
 
-            new_records = []
-            for code in permission_codes:
-                # 简单判断：如果在菜单表里有，就是 menu，否则是 element
-                p_type = 'menu' if code in all_menu_codes else 'element'
+            # ========= 3️⃣ 批量添加新权限 =========
+            if unique_codes:
+                # 预先获取所有菜单代码，用于判断类型
+                all_menu_codes = {m.code for m in SysMenu.query.all()}
 
-                new_records.append(SysRolePermission(
-                    role_code=role_code,
-                    target_code=code,
-                    type=p_type
-                ))
+                new_records = []
 
-            db.session.add_all(new_records)
+                for code in unique_codes:
+                    if not code:
+                        continue
 
-        db.session.commit()
-        return True
\ No newline at end of file
+                    # 判断类型
+                    p_type = 'menu' if code in all_menu_codes else 'element'
+
+                    new_records.append(SysRolePermission(
+                        role_code=role_code,
+                        target_code=code,
+                        type=p_type
+                    ))
+
+                if new_records:
+                    db.session.add_all(new_records)
+
+            # ========= 4️⃣ 提交事务 =========
+            db.session.commit()
+            return True
+
+        except Exception as e:
+            # 发生异常时回滚，防止脏事务
+            db.session.rollback()
+            raise e
\ No newline at end of file