diff --git a/cash-api/account-server/src/main/java/com/czg/controller/admin/HandoverRecordController.java b/cash-api/account-server/src/main/java/com/czg/controller/admin/HandoverRecordController.java
index b702cd88a..cd4156d72 100644
--- a/cash-api/account-server/src/main/java/com/czg/controller/admin/HandoverRecordController.java
+++ b/cash-api/account-server/src/main/java/com/czg/controller/admin/HandoverRecordController.java
@@ -6,6 +6,7 @@ import com.czg.account.entity.HandoverRecord;
 import com.czg.account.service.HandoverRecordService;
 import com.czg.account.vo.HandoverProductListVo;
 import com.czg.account.vo.HandoverTotalVo;
+import com.czg.annotation.SaStaffCheckPermission;
 import com.czg.enums.YesNoEnum;
 import com.czg.log.annotation.OperationLog;
 import com.czg.resp.CzgResult;
@@ -37,6 +38,7 @@ public class HandoverRecordController {
      */
     @GetMapping("page")
     @OperationLog("交班记录-分页")
+    @SaStaffCheckPermission("yun_xu_cha_kan_suo_you_jiao_ban_ji_lu")
     //@SaAdminCheckPermission("handoverRecord:page")
     public CzgResult<Page<HandoverRecordDTO>> page(@RequestParam(required = false) String beginDate, @RequestParam(required = false) String endDate) {
         Page<HandoverRecordDTO> page = handoverRecordService.getHandoverRecordPage(beginDate, endDate);
@@ -50,6 +52,7 @@ public class HandoverRecordController {
      */
     @GetMapping("{id}")
     @OperationLog("交班记录-查看")
+    @SaStaffCheckPermission("yun_xu_cha_kan_suo_you_jiao_ban_ji_lu")
     //@SaAdminCheckPermission("handoverRecord:info")
     public CzgResult<List<HandoverProductListVo>> info(@PathVariable Long id) {
         List<HandoverProductListVo> data = handoverRecordService.getHandoverProductListById(id);
@@ -64,6 +67,7 @@ public class HandoverRecordController {
     @ResponseExcel(name = "交班售出商品明细")
     @GetMapping("/export/{id}")
     @OperationLog("交班记录-导出")
+    @SaStaffCheckPermission("yun_xu_cha_kan_suo_you_jiao_ban_ji_lu")
     //@SaAdminCheckPermission("handoverRecord:export")
     public List<HandoverProductListVo> export(@PathVariable Long id) {
         return handoverRecordService.getHandoverProductListById(id);
@@ -74,6 +78,7 @@ public class HandoverRecordController {
      */
     @GetMapping("total")
     @OperationLog("收银机-交班数据统计")
+    @SaStaffCheckPermission("yun_xu_cha_kan_suo_you_jiao_ban_ji_lu")
     //@SaAdminCheckPermission("handoverRecord:total")
     public CzgResult<HandoverTotalVo> total() {
         HandoverTotalVo data = handoverRecordService.totalHandoverData();
@@ -87,6 +92,7 @@ public class HandoverRecordController {
      */
     @PostMapping("handover")
     @OperationLog("收银机-交班/关班")
+    @SaStaffCheckPermission("yun_xu_jiao_ban")
     //@SaAdminCheckPermission("handoverRecord:handover")
     public CzgResult<Long> handover(@RequestParam Integer isPrint) {
         Long id = handoverRecordService.handover();
@@ -101,6 +107,7 @@ public class HandoverRecordController {
      */
     @PostMapping("/network/print/{id}")
     @OperationLog("收银机-交班/关班")
+    @SaStaffCheckPermission("yun_xu_cha_kan_suo_you_jiao_ban_ji_lu")
     //@SaAdminCheckPermission("handoverRecord:networkPrint")
     public CzgResult<Void> handover(@PathVariable Long id) {
         handoverRecordService.printHandoverReceipt(id, YesNoEnum.YES.value());
@@ -122,4 +129,4 @@ public class HandoverRecordController {
         return CzgResult.success(data);
     }
 
-}
\ No newline at end of file
+}
diff --git a/cash-api/account-server/src/main/java/com/czg/controller/admin/ShopUserController.java b/cash-api/account-server/src/main/java/com/czg/controller/admin/ShopUserController.java
index 7131d3752..c8ed36347 100644
--- a/cash-api/account-server/src/main/java/com/czg/controller/admin/ShopUserController.java
+++ b/cash-api/account-server/src/main/java/com/czg/controller/admin/ShopUserController.java
@@ -43,6 +43,7 @@ public class ShopUserController {
      */
     @SaAdminCheckPermission("shopUser:summary")
     @GetMapping("/summary")
+    @SaStaffCheckPermission("yun_xu_guan_li_hui_yuan_xin_xi")
     public CzgResult<ShopUserSummaryDTO> summary(Integer isVip) {
         return CzgResult.success(shopUserService.getSummary(StpKit.USER.getShopId(), isVip));
     }
@@ -64,6 +65,7 @@ public class ShopUserController {
      */
     @SaAdminCheckPermission("shopUser:flow")
     @GetMapping("/flow")
+    @SaStaffCheckPermission("yun_xu_guan_li_hui_yuan_xin_xi")
     public CzgResult<Page<ShopUserFlow>> flow(@RequestParam Integer userId, String bizCode) {
         QueryWrapper queryWrapper = new QueryWrapper().eq(ShopUserFlow::getShopId, StpKit.USER.getShopId())
                 .eq(ShopUserFlow::getUserId, userId);
@@ -80,6 +82,7 @@ public class ShopUserController {
      * @param isVip 0 非vip 1 vip
      * @return 用户列表
      */
+    @SaStaffCheckPermission("yun_xu_guan_li_hui_yuan_xin_xi")
     @SaAdminCheckPermission("shopUser:list")
     @GetMapping
     public CzgResult<Page<ShopUser>> list(String key, Integer isVip) {
@@ -92,6 +95,7 @@ public class ShopUserController {
      * @param userId 用户id
      * @return 用户详情
      */
+    @SaStaffCheckPermission("yun_xu_guan_li_hui_yuan_xin_xi")
     @SaAdminCheckPermission("shopUser:detail")
     @GetMapping("/detail")
     public CzgResult<ShopUser> detail(Integer id, Integer userId) {
@@ -106,6 +110,7 @@ public class ShopUserController {
      *
      * @return 是否成功
      */
+    @SaStaffCheckPermission("yun_xu_guan_li_hui_yuan_xin_xi")
     @SaAdminCheckPermission("shopUser:add")
     @PostMapping
     public CzgResult<Boolean> add(@RequestBody @Validated ShopUserAddDTO shopUserAddDTO) {
@@ -117,6 +122,7 @@ public class ShopUserController {
      *
      * @return 是否成功
      */
+    @SaStaffCheckPermission("yun_xu_guan_li_hui_yuan_xin_xi")
     @SaAdminCheckPermission("shopUser:edit")
     @PutMapping
     public CzgResult<Boolean> edit(@RequestBody @Validated ShopUserEditDTO shopUserEditDTO) {
diff --git a/cash-api/order-server/src/main/java/com/czg/controller/OrderPayController.java b/cash-api/order-server/src/main/java/com/czg/controller/OrderPayController.java
index da568b788..17f55478c 100644
--- a/cash-api/order-server/src/main/java/com/czg/controller/OrderPayController.java
+++ b/cash-api/order-server/src/main/java/com/czg/controller/OrderPayController.java
@@ -2,6 +2,7 @@ package com.czg.controller;
 
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.core.util.URLUtil;
+import com.czg.annotation.Debounce;
 import com.czg.order.dto.CheckOrderPay;
 import com.czg.order.entity.OrderInfo;
 import com.czg.order.service.OrderInfoService;
@@ -39,12 +40,14 @@ public class OrderPayController {
     private SysParamsService paramsService;
 
     @PostMapping("/creditPay")
+    @Debounce(value = "#payParam.checkOrderPay.orderId")
     public CzgResult<Object> creditPayOrder(@RequestHeader Long shopId, @Validated @RequestBody OrderPayParamDTO payParam) {
         payParam.setShopId(shopId);
         return payService.creditPayOrder(payParam);
     }
 
     @PostMapping("/cashPay")
+    @Debounce(value = "#payParam.checkOrderPay.orderId")
     public CzgResult<Object> cashPayOrder(@RequestHeader Long shopId, @Validated @RequestBody OrderPayParamDTO payParam) {
         payParam.setShopId(shopId);
         return payService.cashPayOrder(payParam);
@@ -60,6 +63,7 @@ public class OrderPayController {
      * accountPay(小程序使用) 密码支付 用户密码pwd 必填
      */
     @PostMapping("/vipPay")
+    @Debounce(value = "#payParam.checkOrderPay.orderId")
     public CzgResult<Object> vipPayOrder(@RequestHeader Long shopId, @Validated @RequestBody OrderPayParamDTO payParam) {
         payParam.setShopId(shopId);
         AssertUtil.isBlank(payParam.getPayType(), "支付类型不可为空");
@@ -70,9 +74,10 @@ public class OrderPayController {
      * h5支付
      */
     @PostMapping("/h5Pay")
+    @Debounce(value = "#payParam.checkOrderPay.orderId")
     public CzgResult<Map<String, Object>> h5PayOrder(@RequestHeader Long shopId, HttpServletRequest request, @Validated @RequestBody OrderPayParamDTO payParam) {
         payParam.setShopId(shopId);
-        return payService.h5PayOrder(ServletUtil.getClientIP(request,""), payParam);
+        return payService.h5PayOrder(ServletUtil.getClientIP(request, ""), payParam);
     }
 
     /**
@@ -82,6 +87,7 @@ public class OrderPayController {
      * openId  必填
      */
     @PostMapping("/jsPay")
+    @Debounce(value = "#payParam.checkOrderPay.orderId")
     public CzgResult<Map<String, Object>> jsPayOrder(@RequestHeader Long shopId, HttpServletRequest request, @Validated @RequestBody OrderPayParamDTO payParam) {
         payParam.setShopId(shopId);
         return payService.jsPayOrder(ServletUtil.getClientIP(request), payParam);
@@ -93,6 +99,7 @@ public class OrderPayController {
      * openId  必填
      */
     @PostMapping("/ltPayOrder")
+    @Debounce(value = "#payParam.checkOrderPay.orderId")
     public CzgResult<Map<String, Object>> ltPayOrder(@RequestHeader Long shopId, HttpServletRequest request, @Validated @RequestBody OrderPayParamDTO payParam) {
         payParam.setShopId(shopId);
         return payService.ltPayOrder(ServletUtil.getClientIP(request), payParam);
@@ -102,6 +109,7 @@ public class OrderPayController {
      * 正扫
      */
     @PostMapping("/scanPay")
+    @Debounce(value = "#payParam.checkOrderPay.orderId")
     public CzgResult<Map<String, Object>> scanPayOrder(@RequestHeader Long shopId, HttpServletRequest request, @Validated @RequestBody OrderPayParamDTO payParam) {
         payParam.setShopId(shopId);
         return payService.scanPayOrder(ServletUtil.getClientIP(request), payParam);
@@ -112,6 +120,7 @@ public class OrderPayController {
      * authCode 必填 扫描码
      */
     @PostMapping("/microPay")
+    @Debounce(value = "#payParam.checkOrderPay.orderId")
     public CzgResult<Map<String, Object>> microPayOrder(@RequestHeader Long shopId, @Validated @RequestBody OrderPayParamDTO payParam) {
         payParam.setShopId(shopId);
         return payService.microPayOrder(payParam);
@@ -121,6 +130,7 @@ public class OrderPayController {
      * 获取店铺订单支付URL
      */
     @GetMapping("/shopPayApi/orderPayUrl")
+    @Debounce(value = "#checkOrderPay.orderId")
     public CzgResult<String> getOrderPayUrl(@RequestHeader Long shopId, @RequestParam(required = false) String extend,
                                             CheckOrderPay checkOrderPay) {
         AssertUtil.isNull(shopId, "店铺id不能为空");
@@ -146,6 +156,7 @@ public class OrderPayController {
      * checkOrderPay.orderAmount 必填
      */
     @PostMapping("/shopPayApi/js2Pay")
+    @Debounce(value = "#payParam.checkOrderPay.orderId")
     public CzgResult<Map<String, Object>> js2PayOrder(HttpServletRequest request, @RequestBody OrderPayParamDTO payParam) {
         return payService.js2PayOrder(ServletUtil.getClientIP(request), payParam);
     }
diff --git a/cash-api/order-server/src/main/java/com/czg/controller/VipPayController.java b/cash-api/order-server/src/main/java/com/czg/controller/VipPayController.java
index 601d65239..d97bc7cfc 100644
--- a/cash-api/order-server/src/main/java/com/czg/controller/VipPayController.java
+++ b/cash-api/order-server/src/main/java/com/czg/controller/VipPayController.java
@@ -1,5 +1,7 @@
 package com.czg.controller;
 
+import com.czg.annotation.Debounce;
+import com.czg.annotation.SaStaffCheckPermission;
 import com.czg.resp.CzgResult;
 import com.czg.service.order.dto.VipPayParamDTO;
 import com.czg.service.order.dto.VipRefundDTO;
@@ -33,7 +35,9 @@ public class VipPayController {
      * 现金充值
      * 如果shop_info的 is_member_in_pwd=1 则pwd必填 店铺操作密码
      */
+    @SaStaffCheckPermission("yun_xu_shou_kuan")
     @PostMapping("/cashPayVip")
+    @Debounce(value = "#payParam.shopUserId")
     public CzgResult<Object> cashPayVip(@Validated @RequestBody VipPayParamDTO payParam) {
         AssertUtil.isNull(payParam.getShopUserId(), "充值失败 未指定店铺用户Id");
         payParam.setPlatformType(ServletUtil.getHeaderIgnoreCase(ServletUtil.getRequest(), "platformType"));
@@ -46,6 +50,7 @@ public class VipPayController {
      * openId  必填
      */
     @PostMapping("/jsPayVip")
+    @Debounce(value = "#payParam.shopUserId")
     public CzgResult<Map<String, Object>> jsPayVip(HttpServletRequest request, @Validated @RequestBody VipPayParamDTO payParam) {
         AssertUtil.isNull(payParam.getShopUserId(), "充值失败 未指定店铺用户Id");
         payParam.setPlatformType(ServletUtil.getHeaderIgnoreCase(ServletUtil.getRequest(), "platformType"));
@@ -58,6 +63,7 @@ public class VipPayController {
      * openId  必填
      */
     @PostMapping("/ltPayVip")
+    @Debounce(value = "#payParam.shopUserId")
     public CzgResult<Map<String, Object>> ltPayVip(HttpServletRequest request, @Validated @RequestBody VipPayParamDTO payParam) {
         AssertUtil.isNull(payParam.getShopUserId(), "充值失败 未指定店铺用户Id");
         payParam.setPlatformType(ServletUtil.getHeaderIgnoreCase(ServletUtil.getRequest(), "platformType"));
@@ -67,7 +73,9 @@ public class VipPayController {
     /**
      * 正扫
      */
+    @SaStaffCheckPermission("yun_xu_shou_kuan")
     @PostMapping("/scanPayVip")
+    @Debounce(value = "#payParam.shopUserId")
     public CzgResult<Map<String, Object>> scanPayVip(HttpServletRequest request, @Validated @RequestBody VipPayParamDTO payParam) {
         AssertUtil.isNull(payParam.getShopUserId(), "充值失败 未指定店铺用户Id");
         payParam.setPlatformType(ServletUtil.getHeaderIgnoreCase(request, "platformType"));
@@ -78,7 +86,9 @@ public class VipPayController {
      * 反扫
      * authCode 必填 扫描码
      */
+    @SaStaffCheckPermission("yun_xu_shou_kuan")
     @PostMapping("/microPayVip")
+    @Debounce(value = "#payParam.shopUserId")
     public CzgResult<Map<String, Object>> microPayVip(@Validated @RequestBody VipPayParamDTO payParam) {
         AssertUtil.isNull(payParam.getShopUserId(), "充值失败 未指定店铺用户Id");
         payParam.setPlatformType(ServletUtil.getHeaderIgnoreCase(ServletUtil.getRequest(), "platformType"));
@@ -89,7 +99,9 @@ public class VipPayController {
      * 退款前置
      * 最大退款金额 为 充值金额 inAmount
      */
+    @SaStaffCheckPermission("yun_xu_tui_kuan")
     @PostMapping("/refundVipBefore")
+    @Debounce(value = "#payParam.flowId")
     public CzgResult<Map<String, BigDecimal>> refundVipBefore(@Validated @RequestBody VipRefundDTO payParam) {
         return payService.refundVipBefore(payParam);
     }
@@ -103,7 +115,9 @@ public class VipPayController {
      * 实际可退最大金额为 充值金额
      * 如果实际 大于 理论 则 需要勾选 outOfRange 超额退款 为true 默认为false
      */
+    @SaStaffCheckPermission("yun_xu_tui_kuan")
     @PostMapping("/refundVip")
+    @Debounce(value = "#payParam.flowId")
     public CzgResult<Object> refundVip(HttpServletRequest request, @Validated @RequestBody VipRefundDTO payParam) {
         AssertUtil.isNull(payParam.getRefAmount(), "退款金额不能为空");
         if (payParam.getRefAmount().compareTo(BigDecimal.ZERO) <= 0) {
diff --git a/cash-api/order-server/src/main/java/com/czg/controller/admin/AdminOrderController.java b/cash-api/order-server/src/main/java/com/czg/controller/admin/AdminOrderController.java
index f8f3de0e5..3cc2a6f2c 100644
--- a/cash-api/order-server/src/main/java/com/czg/controller/admin/AdminOrderController.java
+++ b/cash-api/order-server/src/main/java/com/czg/controller/admin/AdminOrderController.java
@@ -1,5 +1,7 @@
 package com.czg.controller.admin;
 
+import com.czg.annotation.Debounce;
+import com.czg.annotation.SaStaffCheckPermission;
 import com.czg.order.dto.OrderInfoAddDTO;
 import com.czg.order.dto.OrderInfoPrintDTO;
 import com.czg.order.dto.OrderInfoQueryDTO;
@@ -18,8 +20,6 @@ import jakarta.annotation.Resource;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
-import java.util.Map;
-
 
 /**
  * 订单管理
@@ -62,7 +62,9 @@ public class AdminOrderController {
         return CzgResult.success(orderInfoService.historyOrder(orderId, tableCode));
     }
 
+    @SaStaffCheckPermission("yun_xu_xia_dan")
     @PostMapping("/createOrder")
+    @Debounce(value = "#addDto.tableCode")
     public CzgResult<OrderInfo> createOrder(@Validated @RequestBody OrderInfoAddDTO addDto) {
         addDto.setPlatformType(ServletUtil.getHeaderIgnoreCase(ServletUtil.getRequest(), "platformType"));
         addDto.setStaffId(StpKit.USER.getLoginIdAsLong());
@@ -85,7 +87,9 @@ public class AdminOrderController {
      * 订单全额退款 只传订单id
      * 部分退款 传参refundDetail
      */
+    @SaStaffCheckPermission("yun_xu_tui_kuan")
     @PostMapping("/refundOrder")
+    @Debounce(value = "#refundDTO.orderId")
     public CzgResult<Object> refundOrder(@Validated @RequestBody OrderInfoRefundDTO refundDTO) {
         return payService.refundOrderBefore(refundDTO);
     }
@@ -94,6 +98,7 @@ public class AdminOrderController {
      * 订单打印
      */
     @PostMapping("/print")
+    @Debounce(value = "#orderInfoPrintDTO.id")
     public CzgResult<Boolean> printOrder(@Validated @RequestBody OrderInfoPrintDTO orderInfoPrintDTO) {
         return CzgResult.success(orderInfoService.printOrder(StpKit.USER.getShopId(), orderInfoPrintDTO));
     }
diff --git a/cash-api/order-server/src/main/java/com/czg/controller/user/UserOrderController.java b/cash-api/order-server/src/main/java/com/czg/controller/user/UserOrderController.java
index 3f367e84c..b26122b78 100644
--- a/cash-api/order-server/src/main/java/com/czg/controller/user/UserOrderController.java
+++ b/cash-api/order-server/src/main/java/com/czg/controller/user/UserOrderController.java
@@ -1,5 +1,6 @@
 package com.czg.controller.user;
 
+import com.czg.annotation.Debounce;
 import com.czg.order.dto.OrderInfoAddDTO;
 import com.czg.order.dto.OrderInfoQueryDTO;
 import com.czg.order.entity.OrderInfo;
@@ -15,8 +16,6 @@ import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.*;
 
-import java.util.Map;
-
 
 /**
  * 订单管理
@@ -58,6 +57,7 @@ public class UserOrderController {
      * 生成订单
      */
     @PostMapping("/createOrder")
+    @Debounce(value = "#addDto.tableCode")
     public CzgResult<OrderInfo> createOrder(@RequestBody OrderInfoAddDTO addDto) {
         addDto.setPlatformType(ServletUtil.getHeaderIgnoreCase(ServletUtil.getRequest(), "platformType"));
         long loginIdAsLong = StpKit.USER.getLoginIdAsLong();
diff --git a/cash-api/product-server/src/main/java/com/czg/controller/admin/ProductController.java b/cash-api/product-server/src/main/java/com/czg/controller/admin/ProductController.java
index bc47fd0f5..6c0cd0a1f 100644
--- a/cash-api/product-server/src/main/java/com/czg/controller/admin/ProductController.java
+++ b/cash-api/product-server/src/main/java/com/czg/controller/admin/ProductController.java
@@ -2,6 +2,7 @@ package com.czg.controller.admin;
 
 import cn.hutool.core.convert.Convert;
 import cn.hutool.core.thread.ThreadUtil;
+import com.czg.annotation.SaStaffCheckPermission;
 import com.czg.config.RabbitPublisher;
 import com.czg.exception.CzgException;
 import com.czg.log.annotation.OperationLog;
@@ -87,8 +88,20 @@ public class ProductController {
 
     @PutMapping
     @OperationLog("商品-修改")
+    @SaStaffCheckPermission("yun_xu_xiu_gai_shang_pin")
     //@SaAdminCheckPermission("product:update")
     public CzgResult<Void> updateProduct(@RequestBody @Validated({UpdateGroup.class, DefaultGroup.class}) ProductDTO dto) {
+        if (dto.getCategoryId() != null) {
+            StpKit.USER.checkStaffPermission("yun_xu_xiu_gai_fen_lei");
+        }
+
+        if (dto.getGroupCategoryId() != null) {
+            StpKit.USER.checkStaffPermission("yun_xu_xiu_gai_fen_zu");
+        }
+
+        if (dto.getStockNumber() != null) {
+            StpKit.USER.checkStaffPermission("yun_xu_xiu_gai_shang_pin_ku_cun");
+        }
         Long shopId = StpKit.USER.getShopId(0L);
         dto.setShopId(shopId);
         productService.updateProduct(dto);
@@ -100,6 +113,7 @@ public class ProductController {
 
     @DeleteMapping("{id}")
     @OperationLog("商品-删除")
+    @SaStaffCheckPermission("yun_xu_xiu_gai_shang_pin")
     //@SaAdminCheckPermission("product:delete")
     public CzgResult<Void> deleteProduct(@PathVariable("id") Long id) {
         //效验数据
@@ -117,6 +131,7 @@ public class ProductController {
      */
     @PostMapping("onOff")
     @OperationLog("商品-上下架")
+    @SaStaffCheckPermission("yun_xu_shang_xia_jia_shang_pin")
     //@SaAdminCheckPermission("product:on-off")
     public CzgResult<Void> onOffProduct(@RequestBody @Validated({DefaultGroup.class}) ProductIsSaleParam param) {
         Long shopId = StpKit.USER.getShopId(0L);
@@ -133,6 +148,7 @@ public class ProductController {
      */
     @PostMapping("markIsSoldOut")
     @OperationLog("商品-标记售罄")
+    @SaStaffCheckPermission("yun_xu_shou_qing_shang_pin")
     //@SaAdminCheckPermission("product:markIsSoldOut")
     public CzgResult<Void> markIsSoldOutProduct(@RequestBody @Validated({DefaultGroup.class}) ProductIsSoldOutParam param) {
         Long shopId = StpKit.USER.getShopId(0L);
@@ -193,4 +209,4 @@ public class ProductController {
         return CzgResult.success();
     }
 
-}
\ No newline at end of file
+}
diff --git a/cash-common/cash-common-api-config/src/main/java/com/czg/annotation/Debounce.java b/cash-common/cash-common-api-config/src/main/java/com/czg/annotation/Debounce.java
new file mode 100644
index 000000000..6c1afd7a0
--- /dev/null
+++ b/cash-common/cash-common-api-config/src/main/java/com/czg/annotation/Debounce.java
@@ -0,0 +1,24 @@
+package com.czg.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * @author ww
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface Debounce {
+    // 防抖时间间隔，默认2秒
+    long interval() default 2000;
+    // 时间单位，默认毫秒
+    TimeUnit timeUnit() default TimeUnit.MILLISECONDS;
+
+    // 用于指定基于的入参表达式，为空时对整个方法防抖
+    // 格式为 #入参键.值  例如： #receive.id
+    // 多个参数 使用逗号进行拼接 例如: #receive.id,#receive.name
+    String value() default "";
+}
diff --git a/cash-common/cash-common-api-config/src/main/java/com/czg/config/ControllerAspect.java b/cash-common/cash-common-api-config/src/main/java/com/czg/aspect/ControllerAspect.java
similarity index 99%
rename from cash-common/cash-common-api-config/src/main/java/com/czg/config/ControllerAspect.java
rename to cash-common/cash-common-api-config/src/main/java/com/czg/aspect/ControllerAspect.java
index bdd5a373c..33c1d1f2b 100644
--- a/cash-common/cash-common-api-config/src/main/java/com/czg/config/ControllerAspect.java
+++ b/cash-common/cash-common-api-config/src/main/java/com/czg/aspect/ControllerAspect.java
@@ -1,4 +1,4 @@
-package com.czg.config;
+package com.czg.aspect;
 
 import cn.hutool.core.thread.ThreadUtil;
 import cn.hutool.core.util.StrUtil;
diff --git a/cash-common/cash-common-api-config/src/main/java/com/czg/aspect/DebounceAspect.java b/cash-common/cash-common-api-config/src/main/java/com/czg/aspect/DebounceAspect.java
new file mode 100644
index 000000000..d8ab46837
--- /dev/null
+++ b/cash-common/cash-common-api-config/src/main/java/com/czg/aspect/DebounceAspect.java
@@ -0,0 +1,118 @@
+package com.czg.aspect;
+
+import cn.hutool.core.util.StrUtil;
+import com.czg.annotation.Debounce;
+import com.czg.resp.CzgResult;
+import com.czg.utils.SpELUtil;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.stereotype.Component;
+
+import java.util.Map.Entry;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.locks.ReentrantLock;
+
+
+/**
+ * 防抖切面
+ * @author ww
+ */
+@Aspect
+@Component
+public class DebounceAspect {
+
+	@Pointcut("@annotation(com.czg.annotation.Debounce)")
+	public void debouncePointCut() {
+		
+	}
+
+	// 用于存储基于方法和入参情况的上次执行时间，结构为：方法签名 -> (入参值 -> 上次执行时间)
+	private static final ConcurrentHashMap<String, ConcurrentHashMap<Object, Long>> EXECUTION_TIME_MAP = new ConcurrentHashMap<>();
+	private static final ReentrantLock LOCK = new ReentrantLock();
+
+	@Around("debouncePointCut()")
+	public Object aroundDebounce(ProceedingJoinPoint joinPoint) throws Throwable {
+		cleanExpiredRecords();
+		String methodSignature = joinPoint.getSignature().toLongString();
+		MethodSignature signature = (MethodSignature) joinPoint.getSignature();
+		Debounce annotation =  signature.getMethod().getAnnotation(Debounce.class);
+		long interval = annotation.interval();
+		TimeUnit timeUnit = annotation.timeUnit();
+		String value = annotation.value();
+		if (StrUtil.isBlank(value)) {
+			// 没有指定入参表达式，按照整个方法进行防抖
+			return debounceForWholeMethod(joinPoint, methodSignature, interval, timeUnit);
+		}
+		String[] split = value.split(",");
+		StringBuilder values = new StringBuilder();
+		for (String str : split) {
+			values.append(SpELUtil.getByEl(str, joinPoint));
+		}
+		// 解析入参表达式，获取对应入参的值
+
+		if (StrUtil.isBlank(values.toString())) {
+			// 如果解析失败或值为null，按照整个方法进行防抖
+			return debounceForWholeMethod(joinPoint, methodSignature, interval, timeUnit);
+		}
+
+		// 根据方法签名和入参值进行防抖判断
+		return debounceForSpecificValue(joinPoint, methodSignature, interval, timeUnit, values.toString());
+	}
+
+	private Object debounceForWholeMethod(ProceedingJoinPoint joinPoint, String methodSignature, long interval, TimeUnit timeUnit) throws Throwable {
+		ConcurrentHashMap<Object, Long> methodExecutionTimeMap = EXECUTION_TIME_MAP.computeIfAbsent(methodSignature, k -> new ConcurrentHashMap<>());
+		long currentTime = System.currentTimeMillis();
+		Long lastTime = methodExecutionTimeMap.get(methodSignature);
+		if (lastTime == null) {
+			// 如果不存在对应键值对，设置初始值，这里设置为一个表示很久之前的时间戳，比如0
+			lastTime = 0L;
+		}
+		if (currentTime - timeUnit.toMillis(interval) >= lastTime) {
+			// 满足防抖间隔，更新上次执行时间，并执行目标方法
+			methodExecutionTimeMap.put(methodSignature, currentTime);
+			return joinPoint.proceed();
+		}
+		// 在防抖间隔内，不执行目标方法，直接返回
+		return CzgResult.failure("请求频繁，请重试");
+	}
+
+	private Object debounceForSpecificValue(ProceedingJoinPoint joinPoint, String methodSignature, long interval, TimeUnit timeUnit, Object targetValue) throws Throwable {
+		ConcurrentHashMap<Object, Long> methodExecutionTimeMap = EXECUTION_TIME_MAP.computeIfAbsent(methodSignature, k -> new ConcurrentHashMap<>());
+		long currentTime = System.currentTimeMillis();
+		Long lastTime = methodExecutionTimeMap.get(targetValue);
+		if (lastTime == null || currentTime - timeUnit.toMillis(interval) >= lastTime) {
+			// 满足防抖间隔，更新上次执行时间，并执行目标方法
+			methodExecutionTimeMap.put(targetValue, currentTime);
+			return joinPoint.proceed();
+		}
+		// 在防抖间隔内，不执行目标方法，直接返回
+		return CzgResult.failure("请求频繁，请重试");
+	}
+
+	public void cleanExpiredRecords() {
+		long expirationTime = System.currentTimeMillis() - TimeUnit.SECONDS.toMillis(10);
+		LOCK.lock();
+		try {
+			for (Entry<String, ConcurrentHashMap<Object, Long>> outerEntry : EXECUTION_TIME_MAP.entrySet()) {
+				String methodSignature = outerEntry.getKey();
+				ConcurrentHashMap<Object, Long> innerMap = outerEntry.getValue();
+				ConcurrentHashMap<Object, Long> keysToRemove = new ConcurrentHashMap<>();
+				for (Entry<Object, Long> innerEntry : innerMap.entrySet()) {
+					if (innerEntry.getValue() < expirationTime) {
+						keysToRemove.put(innerEntry.getKey(), innerEntry.getValue());
+					}
+				}
+				innerMap.keySet().removeAll(keysToRemove.keySet());
+				if (innerMap.isEmpty()) {
+					EXECUTION_TIME_MAP.remove(methodSignature);
+				}
+			}
+		} finally {
+			LOCK.unlock();
+		}
+	}
+}
diff --git a/cash-common/cash-common-sa-token/src/main/java/com/czg/sa/MyStpLogic.java b/cash-common/cash-common-sa-token/src/main/java/com/czg/sa/MyStpLogic.java
index 423b77e3d..63b33b2f9 100644
--- a/cash-common/cash-common-sa-token/src/main/java/com/czg/sa/MyStpLogic.java
+++ b/cash-common/cash-common-sa-token/src/main/java/com/czg/sa/MyStpLogic.java
@@ -40,6 +40,16 @@ public class MyStpLogic {
         return ADMIN_LOGIC;
     }
 
+    /**
+     * 校验员工权限
+     * @param code 权限码
+     */
+    public void checkStaffPermission(String code) {
+        if (this.isStaff()) {
+            StpKit.USER.checkPermission(code);
+        }
+    }
+
     /**
      * @param id        登录账号id
      * @param shopId    店铺id
@@ -152,6 +162,10 @@ public class MyStpLogic {
      */
     public boolean isStaff() {
         StpLogic logic = getLogic();
+        Object loginIdDefaultNull = logic.getLoginIdDefaultNull();
+        if (loginIdDefaultNull == null) {
+            return false;
+        }
         Object object = logic.getSession().get("loginType");
         return object instanceof LoginType t && t.equals(LoginType.STAFF);
     }
diff --git a/cash-common/cash-common-service/src/main/java/com/czg/account/dto/ShopShareCouponDTO.java b/cash-common/cash-common-service/src/main/java/com/czg/account/dto/ShopShareCouponDTO.java
new file mode 100644
index 000000000..0d3a3fdd5
--- /dev/null
+++ b/cash-common/cash-common-service/src/main/java/com/czg/account/dto/ShopShareCouponDTO.java
@@ -0,0 +1,24 @@
+package com.czg.account.dto;
+
+import jakarta.validation.constraints.Min;
+import lombok.Data;
+
+/**
+ * @author Administrator
+ */
+@Data
+public class ShopShareCouponDTO {
+    /**
+     * 券id
+     */
+    private Long id;
+    /**
+     * 名称
+     */
+    private String name;
+    /**
+     * 数量
+     */
+    @Min(1)
+    private Integer num;
+}
diff --git a/cash-common/cash-common-service/src/main/java/com/czg/account/dto/ShopShareDTO.java b/cash-common/cash-common-service/src/main/java/com/czg/account/dto/ShopShareDTO.java
index 6f67e24ac..6f98d9712 100644
--- a/cash-common/cash-common-service/src/main/java/com/czg/account/dto/ShopShareDTO.java
+++ b/cash-common/cash-common-service/src/main/java/com/czg/account/dto/ShopShareDTO.java
@@ -67,7 +67,7 @@ public class ShopShareDTO implements Serializable {
     /**
      * 新用户获得券
      */
-    private List<Long> newCouponIdList;
+    private List<ShopShareCouponDTO> newCouponList;
 
     /**
      * 邀请人数
@@ -77,7 +77,7 @@ public class ShopShareDTO implements Serializable {
     /**
      * 奖励券
      */
-    private List<Long> rewardCouponIdList;
+    private List<ShopShareCouponDTO> rewardCouponList;
 
     /**
      * 获取方法 get-新用户领取获得 use-新用户使用获得
diff --git a/cash-common/cash-common-service/src/main/java/com/czg/account/vo/ShopShareVO.java b/cash-common/cash-common-service/src/main/java/com/czg/account/vo/ShopShareVO.java
index 9d9fe8d41..fd0a5da1d 100644
--- a/cash-common/cash-common-service/src/main/java/com/czg/account/vo/ShopShareVO.java
+++ b/cash-common/cash-common-service/src/main/java/com/czg/account/vo/ShopShareVO.java
@@ -1,6 +1,6 @@
 package com.czg.account.vo;
 
-import com.czg.account.entity.ShopCoupon;
+import com.czg.account.dto.ShopShareCouponDTO;
 import com.czg.account.entity.ShopShare;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
@@ -17,9 +17,9 @@ public class ShopShareVO  extends ShopShare {
     /**
      * 新人奖励优惠券信息
      */
-    private List<ShopCoupon> newCouponList = new ArrayList<>();
+    private List<ShopShareCouponDTO> newCouponList = new ArrayList<>();
     /**
      * 邀请人奖励优惠券信息
      */
-    private List<ShopCoupon> rewardCouponList = new ArrayList<>();
+    private List<ShopShareCouponDTO> rewardCouponList = new ArrayList<>();
 }
diff --git a/cash-common/cash-common-tools/src/main/java/com/czg/Main.java b/cash-common/cash-common-tools/src/main/java/com/czg/Main.java
deleted file mode 100644
index b083ab675..000000000
--- a/cash-common/cash-common-tools/src/main/java/com/czg/Main.java
+++ /dev/null
@@ -1,11 +0,0 @@
-package com.czg;
-
-/**
- * @author tankaikai
- * @since ${YEAR}-${MONTH}-${DAY} ${TIME}
- */
-public class Main {
-    public static void main(String[] args) {
-        System.out.println("Hello world!");
-    }
-}
\ No newline at end of file
diff --git a/cash-common/cash-common-tools/src/main/java/com/czg/SysParamsDTO2.java b/cash-common/cash-common-tools/src/main/java/com/czg/SysParamsDTO2.java
deleted file mode 100644
index e298327f2..000000000
--- a/cash-common/cash-common-tools/src/main/java/com/czg/SysParamsDTO2.java
+++ /dev/null
@@ -1,27 +0,0 @@
-package com.czg;
-
-import com.czg.validator.group.DefaultGroup;
-import com.czg.validator.group.InsertGroup;
-import com.czg.validator.group.UpdateGroup;
-import jakarta.validation.constraints.NotBlank;
-import jakarta.validation.constraints.NotNull;
-import lombok.Data;
-import lombok.experimental.Accessors;
-
-/**
- * @author GYJoker
- */
-@Data
-@Accessors(chain = true)
-public class SysParamsDTO2 {
-
-    @NotBlank(message = "参数编码不能为空", groups = {InsertGroup.class, UpdateGroup.class})
-    private String paramCode;
-
-    @NotBlank(message = "参数值不能为空", groups = DefaultGroup.class)
-    private String paramValue;
-
-    @NotNull(message = "参数类型不能为空", groups = {UpdateGroup.class, UpdateGroup.class})
-    private Integer paramType;
-    private String remark;
-}
diff --git a/cash-common/cash-common-tools/src/main/java/com/czg/utils/SpELUtil.java b/cash-common/cash-common-tools/src/main/java/com/czg/utils/SpELUtil.java
new file mode 100644
index 000000000..7195d790d
--- /dev/null
+++ b/cash-common/cash-common-tools/src/main/java/com/czg/utils/SpELUtil.java
@@ -0,0 +1,53 @@
+package com.czg.utils;
+
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.core.DefaultParameterNameDiscoverer;
+import org.springframework.expression.EvaluationContext;
+import org.springframework.expression.Expression;
+import org.springframework.expression.spel.standard.SpelExpressionParser;
+import org.springframework.expression.spel.support.StandardEvaluationContext;
+
+import java.lang.reflect.Method;
+import java.util.Objects;
+
+/**
+ * @author ww
+ */
+public class SpELUtil {
+    /**
+     * 用于SpEL表达式解析.
+     */
+    private static final SpelExpressionParser PARSER = new SpelExpressionParser();
+
+    /**
+     * 用于获取方法参数定义名字.
+     */
+    private static final DefaultParameterNameDiscoverer NAME_DISCOVERER = new DefaultParameterNameDiscoverer();
+
+    /**
+     * 解析SpEL表达式
+     */
+    public static String getByEl(String spElStr, ProceedingJoinPoint joinPoint) {
+        // 通过joinPoint获取被注解方法
+        MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
+        Method method = methodSignature.getMethod();
+        // 使用Spring的DefaultParameterNameDiscoverer获取方法形参名数组
+        String[] paramNames = NAME_DISCOVERER.getParameterNames(method);
+//        // 解析过后的Spring表达式对象
+        Expression expression = PARSER.parseExpression(spElStr);
+        // Spring的表达式上下文对象
+        EvaluationContext context = new StandardEvaluationContext();
+        // 通过joinPoint获取被注解方法的形参
+        Object[] args = joinPoint.getArgs();
+        // 给上下文赋值
+        for (int i = 0; i < args.length; i++) {
+            assert paramNames != null;
+            context.setVariable(paramNames[i], args[i]);
+        }
+        if(expression.getValue(context)==null){
+            return "";
+        }
+        return Objects.requireNonNull(expression.getValue(context)).toString();
+    }
+}
diff --git a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/AuthorizationServiceImpl.java b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/AuthorizationServiceImpl.java
index dd2ec06e5..f3e79bafd 100644
--- a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/AuthorizationServiceImpl.java
+++ b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/AuthorizationServiceImpl.java
@@ -77,7 +77,10 @@ public class AuthorizationServiceImpl implements AuthorizationService {
 
         SysUser user;
         // 员工账号登录
-        if (StrUtil.isNotBlank(loginDTO.staffUserName())) {
+        if (loginDTO.loginType() == 1) {
+            if (StrUtil.isBlank(loginDTO.staffUserName())) {
+                throw new ApiNotPrintException("员工账号不能为空");
+            }
             // 查询主账号
             SysUser sysUser = sysUserService.queryChain().eq(SysUser::getAccount, loginDTO.username()).one();
             if (sysUser == null) {
diff --git a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopShareServiceImpl.java b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopShareServiceImpl.java
index c0c2885d8..e8a1b3444 100644
--- a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopShareServiceImpl.java
+++ b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopShareServiceImpl.java
@@ -3,6 +3,8 @@ package com.czg.service.account.service.impl;
 import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.util.StrUtil;
 import com.alibaba.fastjson2.JSONArray;
+import com.alibaba.fastjson2.JSONObject;
+import com.czg.account.dto.ShopShareCouponDTO;
 import com.czg.account.dto.ShopShareDTO;
 import com.czg.account.entity.ShopCoupon;
 import com.czg.account.service.ShopCouponService;
@@ -42,11 +44,13 @@ public class ShopShareServiceImpl extends ServiceImpl<ShopShareMapper, ShopShare
         if (shopShare != null) {
             BeanUtil.copyProperties(shopShare, shopShareVO);
             if (StrUtil.isNotBlank(shopShare.getRewardCoupon())) {
-                shopShareVO.setRewardCouponList(shopCouponService.list(new QueryWrapper().eq(ShopCoupon::getShopId, shopId).in(ShopCoupon::getId, JSONArray.parseArray(shopShare.getRewardCoupon()))));
+//                shopShareVO.setRewardCouponList(shopCouponService.list(new QueryWrapper().eq(ShopCoupon::getShopId, shopId).in(ShopCoupon::getId, JSONArray.parseArray(shopShare.getRewardCoupon()))));
+                shopShareVO.setRewardCouponList(JSONArray.parseArray(shopShare.getRewardCoupon(), ShopShareCouponDTO.class));
             }
 
             if (StrUtil.isNotBlank(shopShare.getNewCoupon())) {
-                shopShareVO.setNewCouponList(shopCouponService.list(new QueryWrapper().eq(ShopCoupon::getShopId, shopId).in(ShopCoupon::getId, JSONArray.parseArray(shopShare.getNewCoupon()))));
+//                shopShareVO.setNewCouponList(shopCouponService.list(new QueryWrapper().eq(ShopCoupon::getShopId, shopId).in(ShopCoupon::getId, JSONArray.parseArray(shopShare.getNewCoupon()))));
+                shopShareVO.setNewCouponList(JSONArray.parseArray(shopShare.getNewCoupon(), ShopShareCouponDTO.class));
             }
         }
         return shopShareVO;
@@ -54,26 +58,27 @@ public class ShopShareServiceImpl extends ServiceImpl<ShopShareMapper, ShopShare
 
     @Override
     public Boolean add(Long shopId, ShopShareDTO shopShareDTO) {
-        if (shopShareDTO.getNewCouponIdList() != null && !shopShareDTO.getRewardCouponIdList().isEmpty()) {
-            long count = shopCouponService.count(new QueryWrapper().in(ShopCoupon::getId, shopShareDTO.getNewCouponIdList()).eq(ShopCoupon::getShopId, shopId));
-            if (count != shopShareDTO.getNewCouponIdList().size()) {
-                throw new ApiNotPrintException("优惠券不存在");
-            }
-        }
-
-        if (shopShareDTO.getRewardCouponIdList() != null && !shopShareDTO.getRewardCouponIdList().isEmpty()) {
-            long count = shopCouponService.count(new QueryWrapper().in(ShopCoupon::getId, shopShareDTO.getRewardCouponIdList()).eq(ShopCoupon::getShopId, shopId));
-            if (count != shopShareDTO.getRewardCouponIdList().size()) {
-                throw new ApiNotPrintException("优惠券不存在");
-            }
-        }
         ShopShare shopShare = getOne(new QueryWrapper().eq(ShopShare::getShopId, shopId));
         if (shopShare == null) {
             shopShare = new ShopShareVO();
             shopShare.setShopId(shopId);
         }
-        shopShare.setRewardCoupon(JSONArray.toJSONString(shopShareDTO.getRewardCouponIdList()));
-        shopShare.setNewCoupon(JSONArray.toJSONString(shopShareDTO.getNewCouponIdList()));
+
+        if (shopShareDTO.getNewCouponList() != null && !shopShareDTO.getNewCouponList().isEmpty()) {
+            long count = shopCouponService.count(new QueryWrapper().in(ShopCoupon::getId, shopShareDTO.getNewCouponList().stream().map(ShopShareCouponDTO::getId).toList()).eq(ShopCoupon::getShopId, shopId));
+            if (count != shopShareDTO.getNewCouponList().size()) {
+                throw new ApiNotPrintException("优惠券不存在");
+            }
+            shopShare.setNewCoupon(JSONArray.toJSONString(shopShareDTO.getNewCouponList()));
+        }
+
+        if (shopShareDTO.getRewardCouponList() != null && !shopShareDTO.getRewardCouponList().isEmpty()) {
+            long count = shopCouponService.count(new QueryWrapper().in(ShopCoupon::getId, shopShareDTO.getRewardCouponList().stream().map(ShopShareCouponDTO::getId).toList()).eq(ShopCoupon::getShopId, shopId));
+            if (count != shopShareDTO.getRewardCouponList().size()) {
+                throw new ApiNotPrintException("优惠券不存在");
+            }
+            shopShare.setRewardCoupon(JSONArray.toJSONString(shopShareDTO.getRewardCouponList()));
+        }
         BeanUtil.copyProperties(shopShareDTO, shopShare);
         return saveOrUpdate(shopShare);
     }
diff --git a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/SysMenuServiceImpl.java b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/SysMenuServiceImpl.java
index c3d2b7fe2..85496abda 100644
--- a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/SysMenuServiceImpl.java
+++ b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/SysMenuServiceImpl.java
@@ -54,12 +54,12 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
 
         List<SysMenu> allMenus;
         if (queryWrapper.hasCondition()) {
-            allMenus = list(queryWrapper);
+            allMenus = list(queryWrapper.orderBy(SysMenu::getMenuSort, false));
             return allMenus.stream()
                     .map(item -> BeanUtil.copyProperties(item, MenuVO.class))
                     .collect(Collectors.toList());
         }else {
-            allMenus = list();
+            allMenus = list(new QueryWrapper().orderBy(SysMenu::getMenuSort, false));
             return buildMenuTree(allMenus);
         }
     }
@@ -94,15 +94,15 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
 
 
     private void checkExIsis(String title, Integer id) {
-        QueryWrapper queryWrapper = new QueryWrapper();
-        if (id != null) {
-            queryWrapper.ne(SysMenu::getMenuId, id);
-        }
-        queryWrapper.eq(SysMenu::getTitle, title);
-        long count = count(queryWrapper);
-        if (count > 0) {
-            throw new ApiNotPrintException("名称已存在");
-        }
+//        QueryWrapper queryWrapper = new QueryWrapper();
+//        if (id != null) {
+//            queryWrapper.ne(SysMenu::getMenuId, id);
+//        }
+//        queryWrapper.eq(SysMenu::getTitle, title);
+//        long count = count(queryWrapper);
+//        if (count > 0) {
+//            throw new ApiNotPrintException("名称已存在");
+//        }
     }
 
     private List<MenuVO> buildMenuTree(List<SysMenu> allMenus) {
diff --git a/cash-service/account-service/src/main/resources/mapper/SysMenuMapper.xml b/cash-service/account-service/src/main/resources/mapper/SysMenuMapper.xml
index fbfe861f1..ccfccfa7b 100644
--- a/cash-service/account-service/src/main/resources/mapper/SysMenuMapper.xml
+++ b/cash-service/account-service/src/main/resources/mapper/SysMenuMapper.xml
@@ -13,5 +13,6 @@
         <if test="type != null">
             and c.type=#{type}
         </if>
+        order by menu_sort desc
     </select>
 </mapper>
diff --git a/cash-service/order-service/src/main/java/com/czg/service/order/service/impl/PayServiceImpl.java b/cash-service/order-service/src/main/java/com/czg/service/order/service/impl/PayServiceImpl.java
index d6767be0b..a6d457f98 100644
--- a/cash-service/order-service/src/main/java/com/czg/service/order/service/impl/PayServiceImpl.java
+++ b/cash-service/order-service/src/main/java/com/czg/service/order/service/impl/PayServiceImpl.java
@@ -113,6 +113,9 @@ public class PayServiceImpl implements PayService {
      * @return 是否是霸王餐充值
      */
     private boolean checkPayVip(VipPayParamDTO payParam) {
+        if (payParam.getAmount().compareTo(BigDecimal.ZERO) <= 0) {
+            throw new ValidateException("充值金额不正确");
+        }
         if (payParam.getOrderId() != null) {
             OrderInfo orderInfo = orderInfoService.getById(payParam.getOrderId());
             AssertUtil.isNull(orderInfo, "订单不存在");
@@ -135,7 +138,7 @@ public class PayServiceImpl implements PayService {
 
 
     @Override
-    @Transactional
+    @Transactional(noRollbackFor = PaySuccessException.class)
     public CzgResult<Object> creditPayOrder(OrderPayParamDTO payParam) {
         AssertUtil.isNull(payParam.getCreditBuyerId(), "挂账人不可为空");
         OrderInfo orderInfo = checkPay(payParam.getCheckOrderPay());
@@ -149,7 +152,7 @@ public class PayServiceImpl implements PayService {
     }
 
     @Override
-    @Transactional
+    @Transactional(noRollbackFor = PaySuccessException.class)
     public CzgResult<Object> cashPayOrder(OrderPayParamDTO payParam) {
         OrderInfo orderInfo = checkPay(payParam.getCheckOrderPay());
         orderInfoService.upOrderInfo(orderInfo, orderInfo.getOrderAmount(),
@@ -163,7 +166,7 @@ public class PayServiceImpl implements PayService {
     }
 
     @Override
-    @Transactional
+    @Transactional(noRollbackFor = PaySuccessException.class)
     public CzgResult<Object> vipPayOrder(OrderPayParamDTO payParam) {
         AssertUtil.isNull(payParam.getCheckOrderPay().getUserId(), "会员支付，订单用户不能为空");
         OrderInfo orderInfo = checkPay(payParam.getCheckOrderPay());
@@ -215,7 +218,7 @@ public class PayServiceImpl implements PayService {
     }
 
     @Override
-    @Transactional
+    @Transactional(noRollbackFor = PaySuccessException.class)
     public CzgResult<Map<String, Object>> h5PayOrder(@NonNull String clintIp, OrderPayParamDTO payParam) {
         OrderInfo orderInfo = checkPay(payParam.getCheckOrderPay());
         String payOrderNo = orderInfo.getPlatformType() + IdUtil.getSnowflakeNextId();
@@ -228,7 +231,7 @@ public class PayServiceImpl implements PayService {
 
 
     @Override
-    @Transactional
+    @Transactional(noRollbackFor = PaySuccessException.class)
     public CzgResult<Map<String, Object>> jsPayOrder(@NonNull String clintIp, OrderPayParamDTO payParam) {
         OrderInfo orderInfo = checkPay(payParam.getCheckOrderPay());
         AssertUtil.isBlank(payParam.getPayType(), "支付方式不能为空");
@@ -242,7 +245,7 @@ public class PayServiceImpl implements PayService {
     }
 
     @Override
-    @Transactional
+    @Transactional(noRollbackFor = PaySuccessException.class)
     public CzgResult<Map<String, Object>> js2PayOrder(@NonNull String clintIp, OrderPayParamDTO payParam) {
         AssertUtil.isBlank(payParam.getPayType(), "支付方式不能为空");
         AssertUtil.isBlank(payParam.getOpenId(), "用户小程序ID不能为空");
@@ -262,7 +265,7 @@ public class PayServiceImpl implements PayService {
     }
 
     @Override
-    @Transactional
+    @Transactional(noRollbackFor = PaySuccessException.class)
     public CzgResult<Map<String, Object>> ltPayOrder(@NonNull String clintIp, OrderPayParamDTO payParam) {
         OrderInfo orderInfo = checkPay(payParam.getCheckOrderPay());
         AssertUtil.isBlank(payParam.getPayType(), "支付方式不能为空");
@@ -276,7 +279,7 @@ public class PayServiceImpl implements PayService {
     }
 
     @Override
-    @Transactional
+    @Transactional(noRollbackFor = PaySuccessException.class)
     public CzgResult<Map<String, Object>> scanPayOrder(@NonNull String clintIp, OrderPayParamDTO payParam) {
         OrderInfo orderInfo = checkPay(payParam.getCheckOrderPay());
 
@@ -289,7 +292,7 @@ public class PayServiceImpl implements PayService {
     }
 
     @Override
-    @Transactional
+    @Transactional(noRollbackFor = PaySuccessException.class)
     public CzgResult<Map<String, Object>> microPayOrder(OrderPayParamDTO payParam) {
         OrderInfo orderInfo = checkPay(payParam.getCheckOrderPay());
         AssertUtil.isBlank(payParam.getAuthCode(), "扫描码不能为空");
@@ -487,6 +490,9 @@ public class PayServiceImpl implements PayService {
     @Transactional
     public CzgResult<Object> refundOrderBefore(OrderInfoRefundDTO param) {
         OrderInfo orderInfo = orderInfoService.getById(param.getOrderId());
+        if (orderInfo.getStatus().equals(OrderStatusEnums.UNPAID.getCode())) {
+            return CzgResult.failure("订单未支付,无法退款");
+        }
         Map<String, BigDecimal> returnProMap = new HashMap<>();
         boolean isPay = true;
         String refPayOrderNo = "REFO" + IdUtil.getSnowflakeNextId();
@@ -557,45 +563,23 @@ public class PayServiceImpl implements PayService {
         //总退款金额
         //TODO 退款 券 未处理
         if (isPay) {
-            if (param.isModify()) {
-                //非现金退款
-                if (!param.isCash()) {
-                    if (orderInfo.getPayType().equals(PayEnums.VIP_PAY.getValue())) {
-                        ShopUser shopUser = shopUserService.getShopUserInfo(orderInfo.getShopId(), orderInfo.getUserId());
-                        //会员支付 退钱
-                        ShopUserMoneyEditDTO shopUserMoneyEditDTO = ShopUserMoneyEditDTO.builder()
-                                .id(shopUser.getId())
-                                .money(param.getRefundAmount())
-                                .type(1)
-                                .relationId(orderInfo.getId())
-                                .bizEnum(ShopUserFlowBizEnum.ORDER_REFUND)
-                                .build();
-                        shopUserService.updateMoney(orderInfo.getShopId(), shopUserMoneyEditDTO);
-                    } else if (!orderInfo.getPayType().equals(PayEnums.CASH_PAY.getValue())) {
-                        //退款 param.getRefundAmount()
-                        refundOrder(orderInfo.getShopId(), orderInfo.getId(), orderInfo.getPayOrderId(),
-                                refPayOrderNo, param.getRefundReason(), param.getRefundAmount());
-                    }
-                }
-            } else {
-                //非现金退款
-                if (!param.isCash()) {
-                    if (orderInfo.getPayType().equals(PayEnums.VIP_PAY.getValue())) {
-                        ShopUser shopUser = shopUserService.getShopUserInfo(orderInfo.getShopId(), orderInfo.getUserId());
-                        //会员支付 退钱
-                        ShopUserMoneyEditDTO shopUserMoneyEditDTO = ShopUserMoneyEditDTO.builder()
-                                .id(shopUser.getId())
-                                .money(param.getRefundAmount())
-                                .type(1)
-                                .relationId(orderInfo.getId())
-                                .bizEnum(ShopUserFlowBizEnum.ORDER_REFUND)
-                                .build();
-                        shopUserService.updateMoney(orderInfo.getShopId(), shopUserMoneyEditDTO);
-                    } else if (!orderInfo.getPayType().equals(PayEnums.CASH_PAY.getValue())) {
-                        //退款 param.getRefundAmount()
-                        refundOrder(orderInfo.getShopId(), orderInfo.getId(), orderInfo.getPayOrderId(),
-                                refPayOrderNo, param.getRefundReason(), param.getRefundAmount());
-                    }
+            //非现金退款
+            if (!param.isCash()) {
+                if (orderInfo.getPayType().equals(PayEnums.VIP_PAY.getValue())) {
+                    ShopUser shopUser = shopUserService.getShopUserInfo(orderInfo.getShopId(), orderInfo.getUserId());
+                    //会员支付 退钱
+                    ShopUserMoneyEditDTO shopUserMoneyEditDTO = ShopUserMoneyEditDTO.builder()
+                            .id(shopUser.getId())
+                            .money(param.getRefundAmount())
+                            .type(1)
+                            .relationId(orderInfo.getId())
+                            .bizEnum(ShopUserFlowBizEnum.ORDER_REFUND)
+                            .build();
+                    shopUserService.updateMoney(orderInfo.getShopId(), shopUserMoneyEditDTO);
+                } else if (!orderInfo.getPayType().equals(PayEnums.CASH_PAY.getValue())) {
+                    //退款 param.getRefundAmount()
+                    refundOrder(orderInfo.getShopId(), orderInfo.getId(), orderInfo.getPayOrderId(),
+                            refPayOrderNo, param.getRefundReason(), param.getRefundAmount());
                 }
             }
         } else {