diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java
index 3141609..5519066 100644
--- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java
+++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/controller/ProjectGroupController.java
@@ -1,14 +1,16 @@
 package cn.edu.hfut.rmdjzz.projectmanagement.controller;
 
+import cn.edu.hfut.rmdjzz.projectmanagement.entity.ProjectGroup;
 import cn.edu.hfut.rmdjzz.projectmanagement.exception.BadRequestException;
+import cn.edu.hfut.rmdjzz.projectmanagement.exception.UnauthorizedException;
 import cn.edu.hfut.rmdjzz.projectmanagement.service.IProjectGroupService;
+import cn.edu.hfut.rmdjzz.projectmanagement.utils.TokenUtils;
 import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseList;
+import cn.edu.hfut.rmdjzz.projectmanagement.utils.http.ResponseMap;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import lombok.SneakyThrows;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
 
@@ -29,4 +31,24 @@ public class ProjectGroupController {
         List<Integer> res = projectGroupService.findAllProjectNumber(projectId);
         return ResponseList.ofSuccess("查询成功", res);
     }
+
+    @SneakyThrows
+    @GetMapping("/{staffId}")
+    public ResponseMap getStaffPostion(
+            @RequestHeader("Token") String token,
+            @PathVariable Integer staffId,
+            @PathVariable Integer projectId
+    ) {
+        if (TokenUtils.getStaffId(token) != staffId) {
+            throw new BadRequestException("用户访问错误");
+        }
+        if (projectGroupService.getUserLevelInGroup(token, projectId) == 0) {
+            throw new UnauthorizedException("无该项目访问权限");
+        }
+        return ResponseMap.ofSuccess("查询成功", projectGroupService.getOne(
+                Wrappers.<ProjectGroup>lambdaQuery()
+                        .eq(ProjectGroup::getStaffId, staffId)
+                        .eq(ProjectGroup::getProjectId, projectId)
+        ));
+    }
 }