diff --git a/app/controllers/gits_controller.rb b/app/controllers/gits_controller.rb
index 778963f6e..4064f0f99 100644
--- a/app/controllers/gits_controller.rb
+++ b/app/controllers/gits_controller.rb
@@ -3,7 +3,8 @@ class GitsController < ApplicationController
   #供git-workhorse反向调用认证
   def auth
     # HTTP_AUTHORIZATION: "Basic 这里base64编码的的密码(user:passwd)"
-    logger.info("11111112222223333#{request.env["HTTP_AUTHORIZATION"]}")
+    logger.info("11111112222223333 HTTP_AUTHORIZATION: #{request.env["HTTP_AUTHORIZATION"]}")
+    logger.info("11111112222223333: request is #{request.env}")
     #logger.info("#########-----request_env: #{request.env}")
     # {"service"=>"git-receive-pack", "controller"=>"gits", "action"=>"auth",
     # "url"=>"forge01/cermyt39.git/info/refs"}
@@ -19,7 +20,7 @@ class GitsController < ApplicationController
       uid_logger("git start auth: input_username is #{input_username}")
 
       # Git 超级权限用户
-      if input_username == gituser && input_password == gitpassword
+      if input_username.strip == gituser.strip && input_password.strip == gitpassword.strip
         result = true
       else
         # 用户是否对对象拥有权限
diff --git a/app/controllers/shixuns_controller.rb b/app/controllers/shixuns_controller.rb
index 165b570fc..6dfa94252 100644
--- a/app/controllers/shixuns_controller.rb
+++ b/app/controllers/shixuns_controller.rb
@@ -715,7 +715,7 @@ private
 			return
 		end
 
-		if !current_user.shixun_permission(@shixun) || (@shixun.status == -1 && !current_user.admin?)
+		if !current_user.shixun_permission(@shixun)
 			tip_exception(403, "..")
 		end
 	end