diff --git a/account/decorators.py b/account/decorators.py
index 4fe3fc70..2734ff0a 100644
--- a/account/decorators.py
+++ b/account/decorators.py
@@ -24,7 +24,10 @@ class BasePermissionDecorator(object):
 
         if self.check_permission():
             if self.request.user.is_forbidden is True:
-                return error_page(self.request, u"用户被禁用,请联系管理员")
+                if self.request.is_ajax():
+                    return error_response(u"您已被禁用,请联系管理员")
+                else:
+                    return error_page(self.request, u"您已被禁用,请联系管理员")
             return self.func(*args, **kwargs)
         else:
             if self.request.is_ajax():
diff --git a/account/serializers.py b/account/serializers.py
index fce610e2..323a0203 100644
--- a/account/serializers.py
+++ b/account/serializers.py
@@ -51,7 +51,7 @@ class EditUserSerializer(serializers.Serializer):
     admin_type = serializers.IntegerField(default=0)
     openapi = serializers.BooleanField()
     tfa_auth = serializers.BooleanField()
-    is_forbidden_user = serializers.BooleanField()
+    is_forbidden = serializers.BooleanField()
 
 
 class ApplyResetPasswordSerializer(serializers.Serializer):
diff --git a/account/views.py b/account/views.py
index ab3b3f40..ce7f8ee0 100644
--- a/account/views.py
+++ b/account/views.py
@@ -229,10 +229,7 @@ class UserAdminAPIView(APIView):
                 user.tfa_token = rand_str()
 
             # 后台控制用户是否被禁用
-            if data["is_forbidden_user"] is False:
-                user.is_forbidden = False
-            else:
-                user.is_forbidden = True
+            user.is_forbidden = data["is_forbidden"]
 
             user.save()
             return success_response(UserSerializer(user).data)
diff --git a/static/src/js/app/admin/user/userList.js b/static/src/js/app/admin/user/userList.js
index df4960f6..b382f91c 100644
--- a/static/src/js/app/admin/user/userList.js
+++ b/static/src/js/app/admin/user/userList.js
@@ -22,7 +22,7 @@ require(["jquery", "avalon", "csrfToken", "bsAlert", "pager", "validator"],
                     userId: -1,
                     openAPI: false,
                     tfa_auth: false,
-					is_forbidden_user: false,
+                     is_forbidden: false,
 
                     pager: {
                         getPage: function (page) {
@@ -37,7 +37,7 @@ require(["jquery", "avalon", "csrfToken", "bsAlert", "pager", "validator"],
                         vm.userId = user.id;
                         vm.tfa_auth = user.two_factor_auth;
                         vm.openAPI = user.openapi_appkey ? true: false;
-						vm.is_forbidden_user = user.is_forbidden ? true: false;
+                        vm.is_forbidden = user.is_forbidden ? true: false;
 
                         vm.isEditing = true;
                     },
@@ -86,7 +86,7 @@ require(["jquery", "avalon", "csrfToken", "bsAlert", "pager", "validator"],
                             admin_type: vm.adminType,
                             openapi: vm.openAPI,
                             tfa_auth: vm.tfa_auth,
-							is_forbidden_user: vm.is_forbidden_user
+                            is_forbidden : vm.is_forbidden
                         };
                         if ($("#password").val() !== "")
                             data.password = $("#password").val();
diff --git a/template/src/admin/user/user_list.html b/template/src/admin/user/user_list.html
index 03b0e9fb..cc431e64 100644
--- a/template/src/admin/user/user_list.html
+++ b/template/src/admin/user/user_list.html
@@ -86,7 +86,7 @@
                 </div>
                 <div class="form-group col-md-3">
                     <label>是否禁用用户</label>
-                    <input name="is_forbidden_user" type="checkbox" class="form-control" ms-duplex-checked="is_forbidden_user">
+                    <input name="is_forbidden" type="checkbox" class="form-control" ms-duplex-checked="is_forbidden">
 				</div>
             </div>
             <div class="form-group">