diff --git a/inventory-backend/app/api/v1/inbound/base.py b/inventory-backend/app/api/v1/inbound/base.py
index d8b220e..4bd2658 100644
--- a/inventory-backend/app/api/v1/inbound/base.py
+++ b/inventory-backend/app/api/v1/inbound/base.py
@@ -125,7 +125,8 @@ def get_list():
             'advancedFilters': advanced_filters_list
         }
 
-        result = MaterialBaseService.get_list(page, limit, filters)
+        user_permissions = get_current_user_permissions()
+        result = MaterialBaseService.get_list(page, limit, filters, user_permissions)
         # 字段级脱敏
         user_permissions = get_current_user_permissions()
         if result.get('items'):
diff --git a/inventory-backend/app/services/inbound/base_service.py b/inventory-backend/app/services/inbound/base_service.py
index 067a118..ebed5ba 100644
--- a/inventory-backend/app/services/inbound/base_service.py
+++ b/inventory-backend/app/services/inbound/base_service.py
@@ -110,7 +110,7 @@ class MaterialBaseService:
         return total_inv, total_avail
 
     @staticmethod
-    def get_list(page, limit, filters=None):
+    def get_list(page, limit, filters=None, user_permissions=None):
         """
         获取基础信息列表 (带分页、高级筛选和全字段排序)
         """
@@ -192,6 +192,18 @@ class MaterialBaseService:
                         'inventoryCount': total_inv,
                         'availableCount': total_avail
                     }
+                    # 字段到权限码的映射
+                    field_permission_map = {
+                        'companyName': 'material_list:companyName',
+                        'name': 'material_list:name',
+                        'commonName': 'material_list:commonName',
+                        'category': 'material_list:category',
+                        'type': 'material_list:type',
+                        'spec': 'material_list:spec',
+                        'unit': 'material_list:unit',
+                        'inventoryCount': 'material_list:inventoryCount',
+                        'availableCount': 'material_list:availableCount'
+                    }
                     filter_conditions = []
                     for condition in advanced_filters:
                         field = condition.get('field')
@@ -202,6 +214,15 @@ class MaterialBaseService:
                         db_field = allowed_fields.get(field)
                         if not db_field:
                             continue
+                        # 权限校验
+                        if user_permissions is not None:
+                            perm_code = field_permission_map.get(field)
+                            if 'material_list:*' in user_permissions:
+                                # 超级管理员拥有全部权限
+                                pass
+                            elif perm_code and perm_code not in user_permissions:
+                                # 无权限，跳过该条件
+                                continue
                         # 对于聚合字段 (inventoryCount, availableCount)，需要使用子查询别名
                         if isinstance(db_field, type(total_inv)):
                             column = db_field
diff --git a/inventory-web/src/views/material/list.vue b/inventory-web/src/views/material/list.vue
index c5cd2fa..d1a1742 100644
--- a/inventory-web/src/views/material/list.vue
+++ b/inventory-web/src/views/material/list.vue
@@ -445,7 +445,7 @@
 </template>
 
 <script setup lang="ts">
-import { ref, reactive, onMounted, nextTick } from 'vue';
+import { ref, reactive, onMounted, nextTick, computed } from 'vue';
 import { Plus, Document, Refresh, Setting, Rank, Camera, Link, Download } from '@element-plus/icons-vue';
 import { ElMessage, ElMessageBox, ElLoading } from 'element-plus';
 import type { FormInstance, FormRules } from 'element-plus';
@@ -511,17 +511,21 @@ const submitLoading = ref(false);
 const tableSize = ref<'large' | 'default' | 'small'>('large');
 const advancedFilterVisible = ref(false);
 const advancedConditions = ref([{ field: '', operator: '', value: '' }]);
-const fieldOptions = ref([
-  { value: 'companyName', label: '所属公司' },
-  { value: 'name', label: '名称' },
-  { value: 'commonName', label: '俗名' },
-  { value: 'category', label: '类别' },
-  { value: 'type', label: '类型' },
-  { value: 'spec', label: '规格型号' },
-  { value: 'unit', label: '单位' },
-  { value: 'inventoryCount', label: '库存数' },
-  { value: 'availableCount', label: '可用数' }
-]);
+const fieldOptions = computed(() => {
+  const allFields = [
+    { value: 'companyName', label: '所属公司', perm: 'material_list:companyName' },
+    { value: 'name', label: '名称', perm: 'material_list:name' },
+    { value: 'commonName', label: '俗名', perm: 'material_list:commonName' },
+    { value: 'category', label: '类别', perm: 'material_list:category' },
+    { value: 'type', label: '类型', perm: 'material_list:type' },
+    { value: 'spec', label: '规格型号', perm: 'material_list:spec' },
+    { value: 'unit', label: '单位', perm: 'material_list:unit' },
+    { value: 'inventoryCount', label: '库存数', perm: 'material_list:inventoryCount' },
+    { value: 'availableCount', label: '可用数', perm: 'material_list:availableCount' }
+  ];
+  // 根据用户权限过滤
+  return allFields.filter(item => userStore.hasPermission(item.perm));
+});
 const operatorOptions = ref([
   { value: 'eq', label: '等于' },
   { value: 'ne', label: '不等于' },