diff --git a/fad-hrm/src/main/java/com/ruoyi/hrm/service/impl/HrmFlowTaskServiceImpl.java b/fad-hrm/src/main/java/com/ruoyi/hrm/service/impl/HrmFlowTaskServiceImpl.java
index f944a2c..3a09cd8 100644
--- a/fad-hrm/src/main/java/com/ruoyi/hrm/service/impl/HrmFlowTaskServiceImpl.java
+++ b/fad-hrm/src/main/java/com/ruoyi/hrm/service/impl/HrmFlowTaskServiceImpl.java
@@ -8,6 +8,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.core.service.UserService;
+import com.ruoyi.common.helper.LoginHelper;
 import com.ruoyi.hrm.domain.*;
 import com.ruoyi.hrm.domain.bo.HrmFlowTaskBo;
 import com.ruoyi.hrm.domain.bo.HrmSealStampBo;
@@ -144,6 +145,11 @@ public class HrmFlowTaskServiceImpl implements IHrmFlowTaskService {
         if (task == null) {
             return false;
         }
+        // 权限校验：当前登录用户必须是任务的审批人
+        Long currentUserId = LoginHelper.getUserId();
+        if (currentUserId != null && !currentUserId.equals(task.getAssigneeUserId())) {
+            throw new RuntimeException("不是当前任务的审批人，不能审批该任务");
+        }
         HrmFlowInstance inst = instanceMapper.selectById(task.getInstId());
         if (inst == null) {
             return false;