From b42c0777927e79bc77996b508a534ee4e56fd4c2 Mon Sep 17 00:00:00 2001
From: zj <1772600164@qq.com>
Date: Fri, 05 Jun 2026 23:42:16 +0800
Subject: [PATCH] 1

---
 trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java |   16 +++++++++++++++-
 1 files changed, 15 insertions(+), 1 deletions(-)

diff --git a/trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java b/trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java
index ee906ee..c565e26 100644
--- a/trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java
+++ b/trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java
@@ -238,6 +238,8 @@
         if (!party.isEnabled()) {
             throw new YamiShopBindException("用户已禁用");
         }
+        validateTradePermission(party);
+        realNameAuthRecordService.requireApproved(party, true);
         Syspara syspara = sysparaService.find("stop_user_internet");
         String stopUserInternet = syspara.getSvalue();
         if (org.apache.commons.lang3.StringUtils.isNotEmpty(stopUserInternet)) {
@@ -295,6 +297,7 @@
         if (!party.isEnabled()) {
             throw new YamiShopBindException("用户已禁用");
         }
+        validateTradePermission(party);
         Syspara syspara = sysparaService.find("stop_user_internet");
         String stopUserInternet = syspara.getSvalue();
         if (org.apache.commons.lang3.StringUtils.isNotEmpty(stopUserInternet)) {
@@ -422,13 +425,14 @@
         this.sessionTokenService.del(session_token);
         if ((!partyId.equals(object))) {
             log.info("sessionToken{}", object);
-            System.out.println("sessionToken " + object);
             throw new YamiShopBindException("请稍后再试");
         }
         User party = userService.getById(partyId);
         if (!party.isEnabled()) {
             throw new YamiShopBindException("用户已禁用!");
         }
+        validateTradePermission(party);
+        realNameAuthRecordService.requireApproved(party, true);
         symbol = itemService.getCleanSymbol(symbol);
         symbol_to = itemService.getCleanSymbol(symbol_to);
         String relation_order_no = UUID.randomUUID().toString();
@@ -564,4 +568,14 @@
 
     //=============================================闪兑END================================================================
 
+    private void validateTradePermission(User user) {
+        if (user == null) {
+            throw new YamiShopBindException("用户不存在");
+        }
+        // 模拟账户不做二步校验限制
+        if (user.getAccountType() != null && user.getAccountType() == 1) {
+            return;
+        }
+    }
+
 }

--
Gitblit v1.9.3