diff --git a/Bootstrap.Admin/Startup.cs b/Bootstrap.Admin/Startup.cs
index 6ebe545e..4cf94738 100644
--- a/Bootstrap.Admin/Startup.cs
+++ b/Bootstrap.Admin/Startup.cs
@@ -125,7 +125,7 @@ namespace Bootstrap.Admin
             app.UseResponseCompression();
             app.UseStaticFiles();
             app.UseAuthentication();
-            app.UseBootstrapAdminAuthorization(RoleHelper.RetrieveRolesByUserName, RoleHelper.RetrieveRolesByUrl, DbHelper.RetrieveAppsByUserName);
+            app.UseBootstrapAdminAuthorization(RoleHelper.RetrieveRolesByUserName, RoleHelper.RetrieveRolesByUrl, AppHelper.RetrieveAppsByUserName);
             app.UseCacheManagerCorsHandler();
             app.UseSignalR(routes => { routes.MapHub<SignalRHub>("/NotiHub"); });
             app.UseMvc(routes =>
diff --git a/Bootstrap.DataAccess.MongoDB/App.cs b/Bootstrap.DataAccess.MongoDB/App.cs
index 101d49eb..7aa267f8 100644
--- a/Bootstrap.DataAccess.MongoDB/App.cs
+++ b/Bootstrap.DataAccess.MongoDB/App.cs
@@ -35,5 +35,25 @@ namespace Bootstrap.DataAccess.MongoDB
             var ret = DbManager.Roles.UpdateOne(md => md.Id == roleId, Builders<Role>.Update.Set(md => md.Apps, appIds));
             return true;
         }
+
+        /// <summary>
+        /// 根据指定用户名获得授权应用程序集合
+        /// </summary>
+        /// <param name="userName"></param>
+        /// <returns></returns>
+        public override IEnumerable<string> RetrieveAppsByUserName(string userName)
+        {
+            var ret = new List<string>();
+            var roles = RoleHelper.RetrieveRolesByUserName(userName);
+            if (roles.Contains("Administrators", StringComparer.OrdinalIgnoreCase))
+            {
+                ret.AddRange(DictHelper.RetrieveApps().Select(kv => kv.Key));
+            }
+            else
+            {
+                RoleHelper.Retrieves().Cast<Role>().Where(r => roles.Any(rn => rn == r.RoleName)).ToList().ForEach(r => ret.AddRange(r.Apps));
+            }
+            return ret;
+        }
     }
 }
diff --git a/Bootstrap.DataAccess/App.cs b/Bootstrap.DataAccess/App.cs
index c0c483e6..944d69e7 100644
--- a/Bootstrap.DataAccess/App.cs
+++ b/Bootstrap.DataAccess/App.cs
@@ -1,4 +1,5 @@
-using Longbow.Data;
+using Bootstrap.Security.DataAccess;
+using Longbow.Data;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -40,6 +41,13 @@ namespace Bootstrap.DataAccess
             return ret;
         }
 
+        /// <summary>
+        /// 根据指定用户名获得授权应用程序集合
+        /// </summary>
+        /// <param name="userName"></param>
+        /// <returns></returns>
+        public virtual IEnumerable<string> RetrieveAppsByUserName(string userName) => DbHelper.RetrieveAppsByUserName(userName);
+
         /// <summary>
         /// 根据角色ID以及选定的App ID，保到角色应用表
         /// </summary>
diff --git a/Bootstrap.DataAccess/Helper/AppHelper.cs b/Bootstrap.DataAccess/Helper/AppHelper.cs
index b6b017b4..7ba9f599 100644
--- a/Bootstrap.DataAccess/Helper/AppHelper.cs
+++ b/Bootstrap.DataAccess/Helper/AppHelper.cs
@@ -1,4 +1,5 @@
-using Longbow.Cache;
+using Bootstrap.Security.DataAccess;
+using Longbow.Cache;
 using Longbow.Data;
 using System.Collections.Generic;
 
@@ -27,5 +28,12 @@ namespace Bootstrap.DataAccess
             if (ret) CacheCleanUtility.ClearCache(appIds: appIds, roleIds: new List<string>() { roleId });
             return ret;
         }
+
+        /// <summary>
+        /// 根据指定用户名获得授权应用程序集合
+        /// </summary>
+        /// <param name="userName"></param>
+        /// <returns></returns>
+        public static IEnumerable<string> RetrieveAppsByUserName(string userName) => DbContextManager.Create<App>().RetrieveAppsByUserName(userName);
     }
 }