diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
index 4b073415a..9780d4729 100644
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -3,6 +3,7 @@ class IssuesController < ApplicationController
   before_action :load_project
   before_action :set_user
   before_action :check_issue_permission
+  before_action :operate_issue_permission, only:[:create, :update, :destroy, :clean, :series_update]
   before_action :check_project_public, only: [:index ,:show, :copy, :index_chosen, :close_issue]
 
   before_action :set_issue, only: [:edit, :update, :destroy, :show, :copy, :close_issue, :lock_issue]
@@ -303,7 +304,7 @@ class IssuesController < ApplicationController
     if issue_ids.present?
       if update_hash.blank?
         normal_status(-1, "请选择批量更新内容")
-      elsif Issue.where(id: issue_ids).update_all(update_hash)
+      elsif Issue.where(id: issue_ids)&.update(update_hash)
         normal_status(0, "批量更新成功")
       else
         normal_status(-1, "批量更新失败")
@@ -412,6 +413,10 @@ class IssuesController < ApplicationController
     end
   end
 
+  def operate_issue_permission
+    return render_forbidden("您没有权限进行此操作.") unless current_user.admin? || @project.member?(current_user)
+  end
+  
   def export_issues(issues)
     @table_columns = %w(ID 类型 标题	描述	状态	指派给	优先级 标签 发布人 创建时间 里程碑 开始时间 截止时间 完成度 分类 金额 属于)
     @export_issues = []
diff --git a/app/controllers/versions_controller.rb b/app/controllers/versions_controller.rb
index f5d09ed3b..58cd9e87f 100644
--- a/app/controllers/versions_controller.rb
+++ b/app/controllers/versions_controller.rb
@@ -25,17 +25,13 @@ class VersionsController < ApplicationController
   end
 
   def show
-    version_issues = @version.issues.issue_includes
+    version_issues = @version.issues.issue_issue.issue_includes
 
     status_type = params[:status_type] || "1"
     # @close_issues_size = version_issues.where(status_id: 5).size
     # @open_issues_size = version_issues.size - @close_issues_size
 
-    if status_type.to_s == "1"  #表示开启中的
-      version_issues = version_issues.where.not(status_id: 5)
-    else
-      version_issues = version_issues.where(status_id: 5)
-    end
+   
     version_issues = version_issues.where(author_id: params[:author_id]) if params[:author_id].present? && params[:author_id].to_s != "all"
     version_issues = version_issues.where(assigned_to_id: params[:assigned_to_id]) if params[:assigned_to_id].present? && params[:assigned_to_id].to_s != "all"
     version_issues = version_issues.where(tracker_id: params[:tracker_id]) if params[:tracker_id].present? && params[:tracker_id].to_s != "all"
@@ -47,10 +43,26 @@ class VersionsController < ApplicationController
     version_issues = version_issues.joins(:issue_tags).where(issue_tags: {id: params[:issue_tag_id].to_i}) if params[:issue_tag_id].present? && params[:issue_tag_id].to_s != "all"
 
     version_issues = version_issues.reorder("#{order_name} #{order_type}")
+    has_filter_params = (params[:author_id].present? && params[:author_id].to_s != "all") ||
+                        (params[:assigned_to_id].present? && params[:assigned_to_id].to_s != "all") ||
+                        (params[:tracker_id].present? && params[:tracker_id].to_s != "all")  ||
+                        (params[:status_id].present? && params[:status_id].to_s != "all") || 
+                        (params[:priority_id].present? && params[:priority_id].to_s != "all") || 
+                        (params[:fixed_version_id].present? && params[:fixed_version_id].to_s != "all") || 
+                        (params[:done_ratio].present? && params[:done_ratio].to_s != "all") || 
+                        (params[:issue_type].present? && params[:issue_type].to_s != "all") || 
+                        (params[:issue_tag_id].present? && params[:issue_tag_id].to_s != "all")
+    @version_close_issues_size = has_filter_params ? version_issues.closed.size : @version.issues.issue_issue.issue_includes.closed.size
+    @version_issues_size = has_filter_params ? version_issues.size : @version.issues.issue_issue.issue_includes.size
+    if status_type.to_s == "1"  #表示开启中的
+      version_issues = version_issues.where.not(status_id: 5)
+    else
+      version_issues = version_issues.where(status_id: 5)
+    end
 
     @page  = params[:page]  || 1
     @limit = params[:limit] || 15
-    @version_issues_size = version_issues.size
+    # @version_issues_size = version_issues.size
     @version_issues = version_issues.page(@page).per(@limit)
   end
 
diff --git a/app/jobs/reset_user_cache_job.rb b/app/jobs/reset_user_cache_job.rb
index 3562475ce..7b2c5c63b 100644
--- a/app/jobs/reset_user_cache_job.rb
+++ b/app/jobs/reset_user_cache_job.rb
@@ -2,6 +2,7 @@ class ResetUserCacheJob < ApplicationJob
   queue_as :cache
 
   def perform(user)
+    return if user.nil?
     Cache::UserFollowCountService.new(user).reset
     Cache::UserIssueCountService.new(user).reset 
     Cache::UserProjectCountService.new(user).reset 
diff --git a/app/models/concerns/project_operable.rb b/app/models/concerns/project_operable.rb
index 79d099a2e..a228a7028 100644
--- a/app/models/concerns/project_operable.rb
+++ b/app/models/concerns/project_operable.rb
@@ -94,7 +94,7 @@ module ProjectOperable
   end
 
   def operator?(user)
-    user.admin? || !reporter?(user) 
+    user.admin? || (member?(user.id) && !reporter?(user))
   end
 
   def set_developer_role(member, role_name)
diff --git a/app/models/project.rb b/app/models/project.rb
index eb8a0bbf4..251b40de1 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -64,8 +64,11 @@
 #  index_projects_on_invite_code             (invite_code)
 #  index_projects_on_is_public               (is_public)
 #  index_projects_on_lft                     (lft)
+#  index_projects_on_license_id              (license_id)
 #  index_projects_on_name                    (name)
 #  index_projects_on_platform                (platform)
+#  index_projects_on_project_category_id     (project_category_id)
+#  index_projects_on_project_language_id     (project_language_id)
 #  index_projects_on_project_type            (project_type)
 #  index_projects_on_recommend               (recommend)
 #  index_projects_on_rgt                     (rgt)
diff --git a/app/services/cache/platform_project_languages_count_service.rb b/app/services/cache/platform_project_languages_count_service.rb
index 2b4f0fae4..0c6ffab19 100644
--- a/app/services/cache/platform_project_languages_count_service.rb
+++ b/app/services/cache/platform_project_languages_count_service.rb
@@ -46,11 +46,11 @@ class Cache::PlatformProjectLanguagesCountService < ApplicationService
 
   def reset_platform_project_language_count_by_key
     return if key.nil?
-    $redis_cache.hset(platform_project_language_count_key, key, Project.joins(:project_language).where(project_languages: {name: key}).count) 
+    $redis_cache.hset(platform_project_language_count_key, key, ProjectLanguage.where(name: key).projects_count) 
   end
 
   def reset_platform_project_language_count
-    Project.joins(:project_language).group("project_languages.name").count.each do |k, v|
+    ProjectLanguage.where.not(projects_count: 0).group("project_languages.name").sum(:projects_count).each do |k, v|
       $redis_cache.hset(platform_project_language_count_key, k, v)
     end
   end
diff --git a/app/services/projects/create_service.rb b/app/services/projects/create_service.rb
index f014b8d7f..e7e4924ae 100644
--- a/app/services/projects/create_service.rb
+++ b/app/services/projects/create_service.rb
@@ -8,6 +8,7 @@ class Projects::CreateService < ApplicationService
 
   def call
     Rails.logger.info("#############__________project_params______###########{project_params}")
+    raise Error, "user_id不正确." unless authroize_user_id_success
 
     @project = Project.new(project_params)
     ActiveRecord::Base.transaction do
@@ -27,6 +28,10 @@ class Projects::CreateService < ApplicationService
 
   private
 
+  def authroize_user_id_success 
+    (user.id == params[:user_id].to_i) || (user.organizations.find_by_id(params[:user_id]).present?)
+  end
+
   def project_params
     {
       name: params[:name],
diff --git a/app/services/projects/migrate_service.rb b/app/services/projects/migrate_service.rb
index 7df08f9eb..68ed9f642 100644
--- a/app/services/projects/migrate_service.rb
+++ b/app/services/projects/migrate_service.rb
@@ -8,6 +8,8 @@ class Projects::MigrateService < ApplicationService
   end
 
   def call
+    raise Error, "user_id不正确." unless authroize_user_id_success
+    
     @project = Project.new(project_params)
     if @project.save!
       ProjectUnit.init_types(@project.id, project.project_type)
@@ -24,6 +26,9 @@ class Projects::MigrateService < ApplicationService
   end
 
   private
+  def authroize_user_id_success 
+    (user.id == params[:user_id].to_i) || (user.organizations.find_by_id(params[:user_id]).present?)
+  end
 
   def project_params
     {
diff --git a/app/views/versions/index.json.jbuilder b/app/views/versions/index.json.jbuilder
index 044d4c5f6..4c15d45e1 100644
--- a/app/views/versions/index.json.jbuilder
+++ b/app/views/versions/index.json.jbuilder
@@ -7,8 +7,8 @@ json.versions do
 
   json.array! @versions.each.to_a do |version|
     json.extract! version, :id, :name, :description, :effective_date,:status,:percent
-    json.open_issues_count (version.issues_count - version.closed_issues_count)
-    json.close_issues_count version.closed_issues_count
+    json.open_issues_count (version.issues.issue_issue.size - version.issues.issue_issue.closed.size)
+    json.close_issues_count version.issues.issue_issue.closed.size
     json.created_at format_time(version.created_on)
     json.updated_at format_time(version.updated_on)
     json.user_name version.version_user.try(:show_real_name)
diff --git a/app/views/versions/show.json.jbuilder b/app/views/versions/show.json.jbuilder
index 23f4fbb94..fe8606b22 100644
--- a/app/views/versions/show.json.jbuilder
+++ b/app/views/versions/show.json.jbuilder
@@ -1,7 +1,7 @@
 json.partial! "commons/success"
-json.issues_count @version.issues_count
-json.open_issues_count @version.issues_count - @version.closed_issues_count
-json.close_issues_count @version.closed_issues_count
+json.issues_count @version_issues_size
+json.open_issues_count @version_issues_size - @version_close_issues_size
+json.close_issues_count @version_close_issues_size
 json.limit @limit
 json.user_name @version.version_user.try(:show_real_name)
 json.user_login @version.version_user.try(:login)
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index def30285a..12faf10f2 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -4,5 +4,5 @@
 # Rails.application.config.session_store :active_record_store
 
 # Be sure to restart your server when you modify this file.
-Rails.application.config.session_store :cache_store, :expire_after => 24.hours, :httponly => false, :secure => false, key: '_educoder_session', domain: :all
+Rails.application.config.session_store :cache_store, :expire_after => 24.hours, :httponly => true, :secure => false, key: '_educoder_session', domain: :all
 
diff --git a/db/migrate/20210621090005_add_project_language_index_to_projects.rb b/db/migrate/20210621090005_add_project_language_index_to_projects.rb
new file mode 100644
index 000000000..d0959168e
--- /dev/null
+++ b/db/migrate/20210621090005_add_project_language_index_to_projects.rb
@@ -0,0 +1,7 @@
+class AddProjectLanguageIndexToProjects < ActiveRecord::Migration[5.2]
+  def change
+    add_index :projects, :project_category_id
+    add_index :projects, :project_language_id 
+    add_index :projects, :license_id
+  end
+end