diff --git a/src/controllers/InsigniaController.ts b/src/controllers/InsigniaController.ts
index 6085fccf..57076b92 100644
--- a/src/controllers/InsigniaController.ts
+++ b/src/controllers/InsigniaController.ts
@@ -23,7 +23,8 @@ import HttpError from "../interfaces/http-error";
 import { Equal, ILike, In, IsNull, Like, Not, Brackets, Between } from "typeorm";
 import { InsigniaType, CreateInsigniaType, UpdateInsigniaType } from "../entities/InsigniaType";
 import { Insignia, CreateInsignias, UpdateInsignias } from "../entities/Insignia";
-
+import permission from "../interfaces/permission";
+import { RequestWithUser } from "../middlewares/user";
 @Route("api/v1/org/insignia/insignia")
 @Tags("Insignia")
 @Security("bearerAuth")
@@ -146,7 +147,8 @@ export class InsigniaController extends Controller {
    * @param {string} id  Id เครื่องราชอิสริยาภรณ์
    */
   @Get("{id}")
-  async GetInsigniaById(@Path() id: string) {
+  async GetInsigniaById(@Path() id: string, @Request() request: RequestWithUser) {
+    await new permission().PermissionGet(request, "SYS_INSIGNIA_RECORD");
     const insignia = await this.insigniaRepository.findOne({
       relations: ["insigniaType"],
       select: [
@@ -185,7 +187,8 @@ export class InsigniaController extends Controller {
    *
    */
   @Get()
-  async GetInsignia() {
+  async GetInsignia(@Request() request: RequestWithUser) {
+    await new permission().PermissionList(request, "SYS_INSIGNIA_RECORD");
     const insigniaAll = await this.insigniaRepository.find({
       relations: ["insigniaType"],
       select: [
diff --git a/src/controllers/InsigniaTypeController.ts b/src/controllers/InsigniaTypeController.ts
index 3c69398a..5b899234 100644
--- a/src/controllers/InsigniaTypeController.ts
+++ b/src/controllers/InsigniaTypeController.ts
@@ -23,7 +23,8 @@ import HttpError from "../interfaces/http-error";
 import { Equal, ILike, In, IsNull, Like, Not, Brackets, Between } from "typeorm";
 import { InsigniaType, CreateInsigniaType, UpdateInsigniaType } from "../entities/InsigniaType";
 import { Insignia } from "../entities/Insignia";
-
+import permission from "../interfaces/permission";
+import { RequestWithUser } from "../middlewares/user";
 @Route("api/v1/org/insignia/insignia-type")
 @Tags("InsigniaType")
 @Security("bearerAuth")
@@ -160,7 +161,8 @@ export class InsigniaTypeController extends Controller {
    * @param {string} id  Id ลำดับชั้นเครื่องราชอิสริยาภรณ์
    */
   @Get("{id}")
-  async GetInsigniaTypeById(@Path() id: string) {
+  async GetInsigniaTypeById(@Path() id: string, @Request() request: RequestWithUser) {
+    await new permission().PermissionGet(request, "SYS_INSIGNIA_RECORD");
     const insigniaType = await this.insigniaTypeRepository.findOne({
       relations: ["insignias"],
       select: ["id", "name", "createdAt", "lastUpdatedAt", "lastUpdateFullName", "isActive"],
@@ -182,7 +184,8 @@ export class InsigniaTypeController extends Controller {
    *
    */
   @Get("")
-  async GetInsigniaType() {
+  async GetInsigniaType(@Request() request: RequestWithUser) {
+    await new permission().PermissionList(request, "SYS_INSIGNIA_RECORD");
     const insigniaTypeAll = await this.insigniaTypeRepository.find({
       select: ["id", "name", "createdAt", "lastUpdatedAt", "lastUpdateFullName", "isActive"],
       order: { name: "ASC" },