diff --git a/auth/auth.go b/auth/auth.go
index ce7c052..9240f4d 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -21,7 +21,11 @@ func init() {
 
 func HasPermission(qqID int64, level constants.PermissionLevel) bool {
 	auth, err := getAuth(qqID)
-	if err != nil {
+	maxRetry := 50
+	for i := 0; i < maxRetry && (err != nil); i++ {
+		auth, err = getAuth(qqID)
+	}
+	if err != nil || auth.Qqid == "" {
 		return false
 	}
 	return auth.Role <= level
@@ -40,7 +44,7 @@ func TryExecHandler(msg model.Message, level constants.PermissionLevel, handler
 		return handler(msg)
 	}
 	return model.Reply{
-		ReplyMsg:       "权限验证失败",
+		ReplyMsg:       "权限不足，有需要请联系管理员",
 		ReferOriginMsg: true,
 		FromMsg:        msg,
 	}
diff --git a/auth/service.go b/auth/service.go
index 90b03db..937066a 100644
--- a/auth/service.go
+++ b/auth/service.go
@@ -16,10 +16,15 @@ func getAuth(qqID int64) (auth Auth, err error) {
 	err = tx.Get(&auth, "SELECT * FROM auth WHERE qqid = ?", qqID)
 	if err == sql.ErrNoRows {
 		_, err = tx.Exec("INSERT INTO auth(qqid, role) VALUES(?, ?)", qqID, constants.LEVEL_USER)
+		tx.Get(&auth, "SELECT * FROM auth WHERE qqid = ?", qqID)
 	}
 	if err != nil {
 		return Auth{}, err
 	}
+	err = tx.Commit()
+	if err != nil {
+		return Auth{}, err
+	}
 	return auth, nil
 }
 
diff --git a/handler/auth/auth.go b/handler/auth/auth.go
index 8a61d50..ff3faa0 100644
--- a/handler/auth/auth.go
+++ b/handler/auth/auth.go
@@ -12,7 +12,7 @@ import (
 )
 
 func init() {
-	handler.RegisterFrontMatchHandler("用户权限", setUserLevel, constants.LEVEL_ROOT)
+	handler.RegisterFrontMatchHandler("用户权限", setUserLevel, constants.LEVEL_USER)
 	handler.RegisterHelpInform("用户权限", "用户权限 [用户] [权限] 设置用户权限。允许的权限有：根用户、管理员、信任、用户、拉黑")
 }