From 989cf061be5e64e7a9b6dc7222ab43ef8e3dde79 Mon Sep 17 00:00:00 2001
From: jack ning <github@bytedesk.com>
Date: Thu, 9 Oct 2025 00:03:59 +0800
Subject: [PATCH] update

---
 .../main/java/com/bytedesk/core/base/BaseSpecification.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/core/src/main/java/com/bytedesk/core/base/BaseSpecification.java b/modules/core/src/main/java/com/bytedesk/core/base/BaseSpecification.java
index 69ed1ee810..11b55d1764 100644
--- a/modules/core/src/main/java/com/bytedesk/core/base/BaseSpecification.java
+++ b/modules/core/src/main/java/com/bytedesk/core/base/BaseSpecification.java
@@ -58,14 +58,14 @@ public abstract class BaseSpecification<T, TRequest> {
         // 验证超级管理员权限（如有必要会修改 request.superUser）
         validateSuperUserPermission(request, authService);
         
+        UserEntity user = authService.getUser();
         // 非超级管理员必须提供 orgUid
-        if (!Boolean.TRUE.equals(request.getSuperUser()) && !StringUtils.hasText(request.getOrgUid())) {
+        if (user != null && !Boolean.TRUE.equals(request.getSuperUser()) && !StringUtils.hasText(request.getOrgUid())) {
             throw new IllegalArgumentException("orgUid不能为空(非超级管理员必须指定组织)");
         }
         
         // 验证请求的 orgUid 是否与当前用户的 orgUid 相同
         if (StringUtils.hasText(request.getOrgUid())) {
-            UserEntity user = authService.getUser();
             if (user != null && !Boolean.TRUE.equals(request.getSuperUser())) {
                 String userOrgUid = user.getOrgUid();
                 if (StringUtils.hasText(userOrgUid) && !userOrgUid.equals(request.getOrgUid())) {