diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb
index cedefd1fe..cfce8b7a7 100644
--- a/app/controllers/attachments_controller.rb
+++ b/app/controllers/attachments_controller.rb
@@ -229,7 +229,7 @@ class AttachmentsController < ApplicationController
         end
         tip_exception(403, "您没有权限进入") if project.present? && !candown
       end
-      tip_exception(403, "您没有权限查看") if project.present? && !candown if @file.is_public == 0 &&  author_id != current_user.id
+      tip_exception(403, "您没有权限查看") if @file.is_public == 0 &&  @file.author_id != current_user.id
     end
   end