diff --git a/access-control-template/actemplate/IODAC.yjs b/access-control-template/actemplate/IODAC.yjs
index e2eefd5..3ab9715 100644
--- a/access-control-template/actemplate/IODAC.yjs
+++ b/access-control-template/actemplate/IODAC.yjs
@@ -10,14 +10,15 @@ module DOAuth {
         Global.owner = req;
         Global.doipFunctions = doipFunctions;
         Global.accessInfo = RocksDBUtil.loadDB("accessControl", "false");
+        Global.userInfo = RocksDBUtil.loadDB("authedUserInfo", "false");
+        Global.nodeInfo = RocksDBUtil.loadDB("authedNodeInfo", "false");
     }
     function isOwner(req) {
         return req == Global.owner;
     }
     function doipAccessCheck(argPack) {
         print("in doipAcceccCheck, requester:" + argPack.requester);
-        var stored = Global.accessInfo.get(argPack.arg.header.identifier);
-        return stored == argPack.requester;
+        return hasDBSetItem(Global.accessInfo, argPack.arg.header.identifier, argPack.requester);
     }
     function checkByManager(action) {
         return Global.doipFunctions.indexOf(action) == - 1;
@@ -25,11 +26,14 @@ module DOAuth {
 
     @Description("针对某一DO，添加用户的访问权限")
     @ArgSchema({
-        "doId" : "string", "publicKey" : "string"
+        "doId" : "string", "publicKey" : "string", "info": "string"
     })
     export function addAuthedUser(arg) {
     //把requester和 arg.doId放到accessInfo里即可。
-        Global.accessInfo.put(arg.doId, arg.publicKey);
+        addDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
+        if(arg.info != null) {
+            Global.userInfo.put(arg.publicKey, arg.info);
+        }
         return {
             "code" : 0
         };
@@ -56,6 +60,7 @@ module DOAuth {
         "doId" : "string", "publicKey" : "string"
     })
     export function deleteAuthedUser(arg) {
+        deleteDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
         return {
             "code" : 0
         };
@@ -63,9 +68,13 @@ module DOAuth {
 
     @Description("针对某一DO，添加节点的访问权限，所有调用进带该节点授权的用户均可访问")
     @ArgSchema({
-        "doId" : "string", "publicKey" : "string"
+        "doId" : "string", "publicKey" : "string", "info" : "string"
     })
     export function addAuthedNode(arg) {
+        addDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
+        if(arg.info != null) {
+            Global.nodeInfo.put(arg.publicKey, arg.info);
+        }
         return {
             "code" : 0
         };
@@ -77,8 +86,41 @@ module DOAuth {
         "doId" : "string", "publicKey" : "string"
     })
     export function deleteAuthedNode(arg) {
+        deleteDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
         return {
             "code" : 0
         };
     }
+
+    function getDBSet(db, key) {
+        var saved = db.get(key);
+        if (saved == null) {
+            saved = "[]";
+        }
+        return JSON.parse(saved);
+    }
+
+    function addDBSetItem(db, key, value) {
+        var savedSet = getDBSet(db, key);
+        if (savedSet.indexOf(value) === -1) {
+            savedSet.push(value);
+            var saved = JSON.stringify(savedSet);
+            db.put(key, saved);
+        }
+    }
+
+    function deleteDBSetItem(db, key, value) {
+        var savedSet = getDBSet(db, key);
+        var index = savedSet.indexOf(value);
+        if (index !== -1) {
+            savedSet.splice(index, 1);
+            var saved = JSON.stringify(savedSet);
+            db.put(key, saved);
+        }
+    }
+
+    function hasDBSetItem(db, key, value) {
+        var savedSet = getDBSet(db, key);
+        return savedSet.indexOf(value) !== -1;
+    }
 }
\ No newline at end of file