diff --git a/AsbCloudWebApi/Controllers/AdminUserRoleController.cs b/AsbCloudWebApi/Controllers/AdminUserRoleController.cs
index b9a7b8cd..2de464f9 100644
--- a/AsbCloudWebApi/Controllers/AdminUserRoleController.cs
+++ b/AsbCloudWebApi/Controllers/AdminUserRoleController.cs
@@ -14,21 +14,15 @@ namespace AsbCloudWebApi.Controllers
         public AdminUserRoleController(IUserRoleService service)
             : base(service)
         {
-            InsertForbidAsync = (role, token) =>
-            {
-                return Task.FromResult(role?.IdType == 1);
-            };
-
             UpdateForbidAsync = async (dto, token) =>
             {
                 var role = await service.GetAsync(dto.Id, token);
                 return role?.IdType == 1;
             };
 
-            DeleteForbidAsync = async (id, token) =>
+            DeleteForbidAsync = (id, token) =>
             {
-                var role = await service.GetAsync(id, token);
-                return role?.IdType == 1;
+                return Task.FromResult(id == 1);
             };
         }
     }
diff --git a/AsbCloudWebApi/Controllers/CrudController.cs b/AsbCloudWebApi/Controllers/CrudController.cs
index 06c1e811..8c6df061 100644
--- a/AsbCloudWebApi/Controllers/CrudController.cs
+++ b/AsbCloudWebApi/Controllers/CrudController.cs
@@ -127,6 +127,7 @@ namespace AsbCloudWebApi.Controllers
         /// <param name="token"></param>
         /// <returns>1 - успешно удалено, 0 - нет</returns>
         [HttpDelete("{id}")]
+        [Permission]
         public virtual async Task<ActionResult<int>> DeleteAsync(int id, CancellationToken token)
         {
             if (DeleteForbidAsync is not null && await DeleteForbidAsync(id, token))