diff --git a/app/Http/Controllers/AdminUserController.php b/app/Http/Controllers/AdminUserController.php
index cb5fce4..5b86240 100644
--- a/app/Http/Controllers/AdminUserController.php
+++ b/app/Http/Controllers/AdminUserController.php
@@ -166,6 +166,10 @@ class AdminUserController extends Controller
 
     public function unban(AdminUser $adminUser)
     {
+        if (! $adminUser->isAdministrator()) {
+            return $this->error('无操作权限');
+        }
+
         if ($adminUser->banned_at) {
             $adminUser->update([
                 'banned_reason' => '',