From f658569891db433854221b80f0a9fa99608cff64 Mon Sep 17 00:00:00 2001
From: zj <1772600164@qq.com>
Date: Fri, 03 Apr 2026 18:22:34 +0800
Subject: [PATCH] 1

---
 trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java |   17 ++++++++++++++++-
 1 files changed, 16 insertions(+), 1 deletions(-)

diff --git a/trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java b/trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java
index ee906ee..fd4893c 100644
--- a/trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java
+++ b/trading-order-admin/src/main/java/com/yami/trading/api/controller/exchange/ApiExchangeApplyOrderController.java
@@ -238,6 +238,7 @@
         if (!party.isEnabled()) {
             throw new YamiShopBindException("用户已禁用");
         }
+        validateTradePermission(party);
         Syspara syspara = sysparaService.find("stop_user_internet");
         String stopUserInternet = syspara.getSvalue();
         if (org.apache.commons.lang3.StringUtils.isNotEmpty(stopUserInternet)) {
@@ -295,6 +296,7 @@
         if (!party.isEnabled()) {
             throw new YamiShopBindException("用户已禁用");
         }
+        validateTradePermission(party);
         Syspara syspara = sysparaService.find("stop_user_internet");
         String stopUserInternet = syspara.getSvalue();
         if (org.apache.commons.lang3.StringUtils.isNotEmpty(stopUserInternet)) {
@@ -422,13 +424,13 @@
         this.sessionTokenService.del(session_token);
         if ((!partyId.equals(object))) {
             log.info("sessionToken{}", object);
-            System.out.println("sessionToken " + object);
             throw new YamiShopBindException("请稍后再试");
         }
         User party = userService.getById(partyId);
         if (!party.isEnabled()) {
             throw new YamiShopBindException("用户已禁用!");
         }
+        validateTradePermission(party);
         symbol = itemService.getCleanSymbol(symbol);
         symbol_to = itemService.getCleanSymbol(symbol_to);
         String relation_order_no = UUID.randomUUID().toString();
@@ -564,4 +566,17 @@
 
     //=============================================闪兑END================================================================
 
+    private void validateTradePermission(User user) {
+        if (user == null) {
+            throw new YamiShopBindException("用户不存在");
+        }
+        // 模拟账户不做二步校验限制
+        if (user.getAccountType() != null && user.getAccountType() == 1) {
+            return;
+        }
+        if (!user.isGoogleAuthBind() || StringUtils.isEmptyString(user.getSafePassword())) {
+            throw new YamiShopBindException("请先完成两步认证并设置资金密码后再交易");
+        }
+    }
+
 }

--
Gitblit v1.9.3