diff --git a/apps/rbac/builtin.py b/apps/rbac/builtin.py
index 803755769..a47139132 100644
--- a/apps/rbac/builtin.py
+++ b/apps/rbac/builtin.py
@@ -2,6 +2,8 @@ from django.utils.translation import ugettext_noop
 
 from .const import Scope, system_exclude_permissions, org_exclude_permissions
 
+# Todo: 获取应该区分 系统用户，和组织用户的权限
+# 工作台也区分组织后再考虑
 user_perms = (
     ('rbac', 'menupermission', 'view', 'workspace'),
     ('rbac', 'menupermission', 'view', 'webterminal'),
@@ -11,6 +13,7 @@ user_perms = (
     ('assets', 'asset', 'match', 'asset'),
     ('assets', 'systemuser', 'match', 'systemuser'),
     ('assets', 'node', 'match', 'node'),
+    ('applications', 'application', 'match', 'application'),
     ('ops', 'commandexecution', 'add', 'commandexecution'),
     ('authentication', 'connectiontoken', 'add', 'connectiontoken'),
     ('tickets', 'ticket', 'view', 'ticket'),
@@ -18,7 +21,6 @@ user_perms = (
 
 auditor_perms = user_perms + (
     ('rbac', 'menupermission', 'view', 'audit'),
-    ('rbac', 'menupermission', 'view', 'dashboard'),
     ('audits', '*', '*', '*'),
     ('terminal', 'commandstorage', 'view', 'commandstorage'),
     ('terminal', 'sessionreplay', 'view,download', 'sessionreplay'),