diff --git a/FlyCube/MpApi/Controller/AdminController.class.php b/FlyCube/MpApi/Controller/AdminController.class.php
index 536b282..3cd59ce 100644
--- a/FlyCube/MpApi/Controller/AdminController.class.php
+++ b/FlyCube/MpApi/Controller/AdminController.class.php
@@ -372,9 +372,13 @@ class AdminController extends PublicController
 			$where['m.shop_id'] = $this->tokenShop_id; // 非总管理员 只返回自己的账户信息
 		}
 
+		// 当前登录的admin_id
+		$currentAdminId = $this->tokenAdmin_id; // 你应该有这个字段，当前登录管理员的id
+
 		// 查询字段，注意字段前加表别名
 		$fields = array(
 			'm.id',
+			'm.shop_id',
 			'm.admin_id',
 			'm.by_admin_id',
 			'm.tit',
@@ -385,12 +389,22 @@ class AdminController extends PublicController
 			'a.uname' => 'admin_uname'
 		);
 
-		// 数据库查询
 		$messageDb = M('message');
+
+		// 组装条件：shop_id限制 + (admin_id = 当前管理员 OR by_admin_id = 当前管理员)
+		if (isset($where['m.shop_id'])) {
+			$messageDb->where($where);
+		}
+
+		// 构造复杂条件，admin_id或by_admin_id满足当前管理员
+		$messageDb->where(function ($query) use ($currentAdminId) {
+			$query->where('m.admin_id = %d', $currentAdminId)
+				->orWhere('m.by_admin_id = %d', $currentAdminId);
+		});
+
 		$messageList = $messageDb
 			->alias('m')
 			->join('__ADMINUSER__ a ON m.by_admin_id = a.id', 'LEFT')
-			->where($where)
 			->field($fields)
 			->order('m.add_time DESC')
 			->select();
@@ -409,6 +423,7 @@ class AdminController extends PublicController
 		}
 	}
 
+
 	/**
 	 * @description: 分类列表
 	 */