diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
index 6ef200e3..b7d9a015 100644
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
@@ -744,9 +744,10 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
         List<SaasRoleWithUser> superAdmins = roleService.listSuperAdminByWorkspace(Collections.singletonList(req.getWorkspaceId()));
         for (SaasRoleWithUser superAdmin : superAdmins) {
             Set<String> distinctSet = distinctMap.getOrDefault(superAdmin.getOuId(), new HashSet<>());
-            boolean exist = distinctSet.add(superAdmin.getIdentityId() + "-" + superAdmin.getIdentityType());
+            boolean suc = distinctSet.add(superAdmin.getIdentityId() + "-" + superAdmin.getIdentityType());
             distinctMap.put(superAdmin.getOuId(), distinctSet);
-            if (exist) {
+            if (!suc) {
+                log.info("duplicate identity:{}, identityType:{}", superAdmin.getIdentityId(), superAdmin.getIdentityType());
                 continue;
             }
             ListIdentityFromPermissionResp resp = result.getOrDefault(superAdmin.getOuId(), new ListIdentityFromPermissionResp());
@@ -779,9 +780,10 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
 
         for (SaasRoleUserRelation relation : relations) {
             Set<String> distinctSet = distinctMap.getOrDefault(relation.getOuId(), new HashSet<>());
-            boolean exist = distinctSet.add(relation.getIdentityId() + "-" + relation.getIdentityType());
+            boolean suc = distinctSet.add(relation.getIdentityId() + "-" + relation.getIdentityType());
             distinctMap.put(relation.getOuId(), distinctSet);
-            if (exist) {
+            if (!suc) {
+                log.info("duplicate identity:{}, identityType:{}", relation.getIdentityId(), relation.getIdentityType());
                 continue;
             }
 
diff --git a/tyr-server/src/main/resources/mapper/SaasRoleMapper.xml b/tyr-server/src/main/resources/mapper/SaasRoleMapper.xml
index 7f3e8c9b..0ac1923c 100644
--- a/tyr-server/src/main/resources/mapper/SaasRoleMapper.xml
+++ b/tyr-server/src/main/resources/mapper/SaasRoleMapper.xml
@@ -119,7 +119,10 @@
         FROM saas_pgroup_permission_relation pg, saas_pgroup_role_relation rg, saas_role r
         WHERE pg.is_delete = 0 AND rg.is_delete = 0 AND r.is_delete = 0
         AND pg.group_id = rg.group_id AND rg.role_id = r.id
-        AND pg.feature_id IN (#{featureIds})
+        AND pg.feature_id IN
+        <foreach collection="featureIds" open="(" close=")" separator="," index="index" item="item">
+            #{item, jdbcType=NUMERIC}
+        </foreach>
     </select>
 
 </mapper>
\ No newline at end of file