diff --git a/edc-web/app/auth.py b/edc-web/app/auth.py
index 969c2a7..b7d82ae 100644
--- a/edc-web/app/auth.py
+++ b/edc-web/app/auth.py
@@ -57,7 +57,8 @@ def init_auth(app):
         if current_user.is_authenticated and current_user.role == "analyst":
             ep = request.endpoint or ""
             if ep not in ANALYST_ALLOWED and not ep.startswith("static"):
-                return "权限不足：当前角色为 analyst，仅可访问测试数据", 403
+                flash("当前角色为 analyst，仅可访问测试数据")
+                return redirect(url_for("test_data.test_data_page"))
 
 
 # ─── 装饰器 ────────────────────────────────────────────────────────
diff --git a/edc-web/app/templates/test_data.html b/edc-web/app/templates/test_data.html
index f346bc6..ad8c995 100644
--- a/edc-web/app/templates/test_data.html
+++ b/edc-web/app/templates/test_data.html
@@ -4,6 +4,14 @@
 {% block content %}
 <h2>测试信息</h2>
 
+{% with messages = get_flashed_messages() %}
+{% if messages %}
+<div style="background:#fef3e2;color:#b45309;padding:10px;border-radius:6px;margin-bottom:16px;">
+    {% for msg in messages %}{{ msg }}{% endfor %}
+</div>
+{% endif %}
+{% endwith %}
+
 <div class="view-tabs">
     <button id="tab-all"  class="tab-btn active" onclick="switchView('all')">全部数据</button>
     <button id="tab-b2"  class="tab-btn" onclick="switchView('b2')">灵敏度测试 (0xB2)</button>