diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb
index 753a3d942..0a6e95470 100644
--- a/app/controllers/courses_controller.rb
+++ b/app/controllers/courses_controller.rb
@@ -394,6 +394,7 @@ class CoursesController < ApplicationController
 
   # 教师列表以及教师搜索
   def teachers
+    tip_exception(403, "无权限访问") if @course.excellent && @user_course_identity > Course::ASSISTANT_PROFESSOR
     @search_str = params[:search].present? ? params[:search].strip : ""
 
     if @course.try(:id) != 1309 || current_user.admin_or_business? || current_user.try(:id) == 15582
@@ -850,6 +851,8 @@ class CoursesController < ApplicationController
 
   # 学生列表(包括各个子分班的学生列表)及搜索
   def students
+    tip_exception(403, "无权限访问") if @course.excellent && @user_course_identity > Course::ASSISTANT_PROFESSOR
+
     search = params[:search].present? ? params[:search].strip : nil
     order = params[:order].present? ? params[:order].to_i : 1
     sort = params[:sort].present? ? params[:sort] : "asc"