diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1915281bf..36659ff4a 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -126,6 +126,13 @@ class ApplicationController < ActionController::Base
 		end
 	end
 
+	# 课堂教师、课堂管理员、超级管理员的权限(不包含助教)
+	def teacher_or_admin_allowed
+		unless current_user.course_identity(@course) < Course::ASSISTANT_PROFESSOR
+			normal_status(403, "")
+		end
+	end
+
 	def require_admin
 		normal_status(403, "") unless User.current.admin?
 	end
diff --git a/app/controllers/course_groups_controller.rb b/app/controllers/course_groups_controller.rb
index 8b6737e0f..bee3fa09d 100644
--- a/app/controllers/course_groups_controller.rb
+++ b/app/controllers/course_groups_controller.rb
@@ -2,7 +2,7 @@ class CourseGroupsController < ApplicationController
   before_action :require_login
   before_action :set_group, except: [:create]
   before_action :find_course, only: [:create]
-  before_action :teacher_allowed
+  before_action :teacher_or_admin_allowed
 
   def create
     tip_exception("分班名称不能为空") if params[:name].blank?
diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb
index 3d0926994..b76673945 100644
--- a/app/controllers/courses_controller.rb
+++ b/app/controllers/courses_controller.rb
@@ -25,11 +25,11 @@ class CoursesController < ApplicationController
   before_action :teacher_allowed, only: [:update, :destroy, :settings, :search_teacher_candidate,
                                          :transfer_to_course_group, :delete_from_course,
                                          :search_users, :add_students_by_search, :get_historical_courses, :add_teacher_popup, :add_teacher]
-  before_action :admin_allowed, only: [:set_invite_code_halt, :set_public_or_private, :join_graduation_group,
-                                       :set_course_group, :change_course_admin, :change_course_teacher,
-                                       :delete_course_teacher, :teacher_application_review, :create_group_by_importing_file]
+  before_action :admin_allowed, only: [:set_invite_code_halt, :set_public_or_private, :change_course_admin,
+                                       :set_course_group, :delete_course_teacher, :teacher_application_review,
+                                       :create_group_by_importing_file]
   before_action :teacher_or_admin_allowed, only: [:graduation_group_list, :create_graduation_group, :join_graduation_group,
-                                                  :export_member_scores_excel, :course_group_list]
+                                                  :change_course_teacher, :export_member_scores_excel, :course_group_list]
   before_action :validate_course_name, only: [:create, :update]
   before_action :find_board, only: :board_list
   before_action :validate_page_size, only: :mine