diff --git a/src/main/java/club/joylink/rtss/controller/permission2/AcPermissionDistributeController.java b/src/main/java/club/joylink/rtss/controller/permission2/AcPermissionDistributeController.java
index ab7e46729..e9cbf970b 100644
--- a/src/main/java/club/joylink/rtss/controller/permission2/AcPermissionDistributeController.java
+++ b/src/main/java/club/joylink/rtss/controller/permission2/AcPermissionDistributeController.java
@@ -26,6 +26,16 @@ public class AcPermissionDistributeController {
         return this.permissionDistributeService.createPermissionDistribute(req, user);
     }
 
+    /**
+     * 从权限主体二次分发权限
+     *
+     * @param permissionSubjectId 权限主体id
+     */
+    @PostMapping("/create/from/subject/{permissionSubjectId}")
+    public CreatePermissionDistributeRspVo secondCreatePermissionDistribute(@PathVariable("permissionSubjectId") Long permissionSubjectId, @RequestBody CreatePermissionDistributeReqVo req, @RequestAttribute AccountVO user) {
+        return this.permissionDistributeService.secondCreatePermissionDistribute(permissionSubjectId, req, user);
+    }
+
     /**
      * 分页获取权限分发列表
      */
@@ -90,4 +100,5 @@ public class AcPermissionDistributeController {
         return this.permissionDistributeService.scanPermissionDistributeInfo(code, id);
     }
 
+
 }
diff --git a/src/main/java/club/joylink/rtss/services/permission/PermissionDistributeService.java b/src/main/java/club/joylink/rtss/services/permission/PermissionDistributeService.java
index 47df91f33..12bc2d430 100644
--- a/src/main/java/club/joylink/rtss/services/permission/PermissionDistributeService.java
+++ b/src/main/java/club/joylink/rtss/services/permission/PermissionDistributeService.java
@@ -1,6 +1,5 @@
 package club.joylink.rtss.services.permission;
 
-import club.joylink.rtss.controller.advice.AuthenticateInterceptor;
 import club.joylink.rtss.dao.OrgDAO;
 import club.joylink.rtss.dao.SysAccountDAO;
 import club.joylink.rtss.dao.permission.AcPermissionDAO;
@@ -27,7 +26,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.CollectionUtils;
-import org.springframework.web.bind.annotation.*;
 
 import java.io.Serializable;
 import java.time.LocalDateTime;
@@ -60,6 +58,20 @@ public class PermissionDistributeService {
      */
     @Transactional(rollbackFor = Exception.class)
     public CreatePermissionDistributeRspVo createPermissionDistribute(CreatePermissionDistributeReqVo req, AccountVO user) {
+        return this.createPermissionDistributeFromSource(null, req, user);
+    }
+
+    /**
+     * 从权限主体二次分发权限
+     *
+     * @param permissionSubjectId 权限主体id
+     */
+    @Transactional(rollbackFor = Exception.class)
+    public CreatePermissionDistributeRspVo secondCreatePermissionDistribute(Long permissionSubjectId, CreatePermissionDistributeReqVo req, AccountVO user) {
+        return this.createPermissionDistributeFromSource(permissionSubjectId, req, user);
+    }
+
+    private CreatePermissionDistributeRspVo createPermissionDistributeFromSource(Long permissionSubjectId, CreatePermissionDistributeReqVo req, AccountVO user) {
         //参数校验
         if (!req.getForever()) {
             BusinessExceptionAssertEnum.ARGUMENT_ILLEGAL.assertTrue(null != req.getEndTime(), "当权限分发非永久有效时，结束时间不能为空");
@@ -82,8 +94,33 @@ public class PermissionDistributeService {
         pd.setCreatorId(user.getId());
         pd.setDsc(req.getDsc());
         //
+        PermissionSubject permissionSubject = null;
+        if (null != permissionSubjectId) {//当从权限主体创建权限分发时
+            permissionSubject = this.permissionSubjectDAO.selectByPrimaryKey(permissionSubjectId);
+            BusinessExceptionAssertEnum.DATA_NOT_EXIST.assertTrue(null != permissionSubject, String.format("权限分发的权限主体[id = %s]不存在", permissionSubjectId));
+            BusinessExceptionAssertEnum.SYSTEM_EXCEPTION.assertTrue(req.getAmount() <= permissionSubject.getRemains(), String.format("权限二次分发，权限主体[id=%s]中剩余权限数量不足", permissionSubjectId));
+            BusinessExceptionAssertEnum.SYSTEM_EXCEPTION.assertTrue(PermissionSubjectStatusEnum.Valid.equals(PermissionSubjectStatusEnum.valueOf(permissionSubject.getStatus())), String.format("权限二次分发，权限主体[id=%s]失效", permissionSubjectId));
+            final boolean isForever = permissionSubject.getForever();
+            final LocalDateTime now = LocalDateTime.now();
+            final LocalDateTime startTime = permissionSubject.getStartTime();
+            final LocalDateTime endTime = permissionSubject.getEndTime();
+            BusinessExceptionAssertEnum.SYSTEM_EXCEPTION.assertTrue(isForever ? now.isAfter(startTime) : now.isAfter(startTime) && now.isBefore(endTime), String.format("权限二次分发，权限主体[id=%s]不在有效期内", permissionSubjectId));
+            //
+            pd.setSourceSubjectId(permissionSubjectId);
+        }
+        //
         this.permissionDistributeDAO.insertSelective(pd);
         //
+        if (null != permissionSubject) {//当从权限主体创建权限分发时,权限主体减去分发的
+            PermissionSubject updateSubject = new PermissionSubject();
+            updateSubject.setId(permissionSubject.getId());
+            updateSubject.setRemains(permissionSubject.getRemains()-pd.getAmount());
+            if(updateSubject.getRemains()<=0){
+                updateSubject.setStatus(PermissionSubjectStatusEnum.InValid.name());
+            }
+            this.permissionSubjectDAO.updateByPrimaryKeySelective(updateSubject);
+        }
+        //
         BusinessExceptionAssertEnum.DATA_NOT_EXIST.assertTrue(null != pd.getId(), "permissionDistributeDAO insert 未生成id返回");
         CreatePermissionDistributeRspVo rsp = new CreatePermissionDistributeRspVo();
         rsp.setPdId(pd.getId());