diff --git a/pkg/models/resources/clusterroles.go b/pkg/models/resources/clusterroles.go
index 09078dec95fa773c6a00f61400a376cab994083e..e0dfac238c64b1de74da4ebc13d939022a77f0f4 100644
--- a/pkg/models/resources/clusterroles.go
+++ b/pkg/models/resources/clusterroles.go
@@ -58,7 +58,7 @@ func (*clusterRoleSearcher) match(match map[string]string, item *rbac.ClusterRol
 			if !strings.Contains(item.Name, v) && !searchFuzzy(item.Labels, "", v) && !searchFuzzy(item.Annotations, "", v) {
 				return false
 			}
-		case "userfacing":
+		case UserFacing:
 			if v == "true" {
 				if !isUserFacingClusterRole(item) {
 					return false
@@ -145,6 +145,7 @@ func (s *clusterRoleSearcher) search(namespace string, conditions *params.Condit
 	return r, nil
 }
 
+// cluster role created by user from kubesphere dashboard
 func isUserFacingClusterRole(role *rbac.ClusterRole) bool {
 	if role.Annotations[constants.CreatorAnnotationKey] != "" && role.Labels[constants.WorkspaceLabelKey] == "" {
 		return true
diff --git a/pkg/models/resources/resources.go b/pkg/models/resources/resources.go
index 0edae5bfc89b3021d8a42729706074e053bb427b..42a8ebda06ecac33fed6ab0f14a4d191a99b4850 100644
--- a/pkg/models/resources/resources.go
+++ b/pkg/models/resources/resources.go
@@ -74,6 +74,7 @@ const (
 	release                  = "release"
 	annotation               = "annotation"
 	Keyword                  = "keyword"
+	UserFacing               = "userfacing"
 	Status                   = "status"
 	includeCronJob           = "includeCronJob"
 	storageClassName         = "storageClassName"
diff --git a/pkg/models/resources/roles.go b/pkg/models/resources/roles.go
index 24786904c2de9a3bffb5e3074ff282620e35d10c..b08f30ef68a83cc4651814b0bca5600627219342 100644
--- a/pkg/models/resources/roles.go
+++ b/pkg/models/resources/roles.go
@@ -49,6 +49,12 @@ func (*roleSearcher) match(match map[string]string, item *rbac.Role) bool {
 			if !strings.Contains(item.Name, v) && !searchFuzzy(item.Labels, "", v) && !searchFuzzy(item.Annotations, "", v) {
 				return false
 			}
+		case UserFacing:
+			if v == "true" {
+				if !isUserFacingRole(item) {
+					return false
+				}
+			}
 		default:
 			// label not exist or value not equal
 			if val, ok := item.Labels[k]; !ok || val != v {
@@ -129,3 +135,11 @@ func (s *roleSearcher) search(namespace string, conditions *params.Conditions, o
 	}
 	return r, nil
 }
+
+// role created by user from kubesphere dashboard
+func isUserFacingRole(role *rbac.Role) bool {
+	if role.Annotations[constants.CreatorAnnotationKey] != "" {
+		return true
+	}
+	return false
+}