diff --git a/app/controllers/api/v1/base_controller.rb b/app/controllers/api/v1/base_controller.rb
index 4b3b8ab13..c765906b0 100644
--- a/app/controllers/api/v1/base_controller.rb
+++ b/app/controllers/api/v1/base_controller.rb
@@ -31,18 +31,18 @@ class Api::V1::BaseController < ApplicationController
   # 具有对仓库的管理权限
   def require_manager_above
     @project = load_project
-    return render_forbidden unless current_user.admin? && @project.manager?(current_user)
+    return render_forbidden if !current_user.admin? && !@project.manager?(current_user)
   end
 
   # 具有对仓库的操作权限
   def require_operate_above 
     @project = load_project
-    return render_forbidden unless current_user.admin? && @project.operator?(current_user)
+    return render_forbidden if !current_user.admin? && !@project.operator?(current_user)
   end
 
   # 具有对仓库的访问权限
   def require_public_and_member_above
     @project = load_project 
-    return render_forbidden unless @project.is_public || (current_user.admin? && @project.member?(current_user))
+    return render_forbidden if !@project.is_public && !current_user.admin? && !@project.member?(current_user)
   end
 end
\ No newline at end of file
diff --git a/app/controllers/api/v1/projects/pulls/reviews_controller.rb b/app/controllers/api/v1/projects/pulls/reviews_controller.rb
index e07f02e32..ccb637838 100644
--- a/app/controllers/api/v1/projects/pulls/reviews_controller.rb
+++ b/app/controllers/api/v1/projects/pulls/reviews_controller.rb
@@ -4,4 +4,20 @@ class Api::V1::Projects::Pulls::ReviewsController < Api::V1::Projects::Pulls::Ba
     @reviews = @pull_request.reviews 
     @reviews = kaminari_paginate(@reviews)
   end
+
+  before_action :require_reviewer, only: [:create]
+
+  def create 
+    @journal, @review = Api::V1::Projects::Pulls::Reviews::CreateService.call(@project, @pull_request, review_params, current_user)
+  end
+
+  private 
+  def require_reviewer
+    puts @pull_request.reviewers.exists?(current_user.id)
+    return render_forbidden('您没有审查权限，请联系项目管理员') if !current_user.admin? && !@pull_request.reviewers.exists?(current_user.id)
+  end
+
+  def review_params 
+    params.require(:review).permit(:content, :commit_id, :status)
+  end
 end
\ No newline at end of file
diff --git a/app/models/review.rb b/app/models/review.rb
index 715e11683..efb508139 100644
--- a/app/models/review.rb
+++ b/app/models/review.rb
@@ -19,7 +19,7 @@
 
 class Review < ApplicationRecord
 
-  belongs_to :issue
+  belongs_to :pull_request
   belongs_to :reviewer, class_name: 'User', foreign_key: :reviewer_id
   has_one :journal, dependent: :destroy
 
diff --git a/app/services/api/v1/projects/pulls/reviews/create_service.rb b/app/services/api/v1/projects/pulls/reviews/create_service.rb
index 13ec9f7e7..bef944870 100644
--- a/app/services/api/v1/projects/pulls/reviews/create_service.rb
+++ b/app/services/api/v1/projects/pulls/reviews/create_service.rb
@@ -24,17 +24,17 @@ class Api::V1::Projects::Pulls::Reviews::CreateService < ApplicationService
     end 
 
     return @journal, @review
-  rescue 
-    raise Error, '服务器错误，请联系系统管理员！'
+  # rescue 
+  #   raise Error, '服务器错误，请联系系统管理员！'
   end
 
   private 
   def create_review  
-    @review = issue.reviews.create!(status: status, content: content, commit_id: commit_id, reviewer_id: @current_user.id)
+    @review = pull_request.reviews.create!(status: status, content: content, commit_id: commit_id, reviewer_id: @current_user.id)
   end
 
   def create_journal
-    @journal = issue.journals.create!(notes: content, user_id: @current_user.id, review_id: @review.id)
+    @journal = pull_request.journals.create!(notes: content, user_id: @current_user.id, review_id: @review.id)
   end
 
 end
\ No newline at end of file
diff --git a/app/views/api/v1/projects/issues/_simple_detail.json.jbuilder b/app/views/api/v1/projects/issues/_simple_detail.json.jbuilder
new file mode 100644
index 000000000..e69de29bb
diff --git a/app/views/api/v1/projects/pulls/reviews/create.json.jbuilder b/app/views/api/v1/projects/pulls/reviews/create.json.jbuilder
new file mode 100644
index 000000000..2b9f0efe1
--- /dev/null
+++ b/app/views/api/v1/projects/pulls/reviews/create.json.jbuilder
@@ -0,0 +1,8 @@
+json.reviewer do 
+  json.partial! "api/v1/users/simple_user", user: @review.reviewer
+end
+json.pull_request do 
+  json.partial! "api/v1/projects/pulls/simple_detail", pull: @review.pull_request
+end
+json.(@review, :id, :commit_id, :content, :status)
+json.created_at format_time(@review.created_at)
\ No newline at end of file
diff --git a/config/routes/api.rb b/config/routes/api.rb
index 8340097ee..0dfe6112f 100644
--- a/config/routes/api.rb
+++ b/config/routes/api.rb
@@ -25,6 +25,7 @@ defaults format: :json do
                   get :diff
                 end
               end
+              resources :reviews, only: [:index, :create] 
             end
 
             resources :versions