修复认证与基础安全链路

app/Providers/HorizonServiceProvider.php

@@ -1,15 +1,21 @@
 <?php
 
+/**
+ * 文件功能：注册 Horizon 面板的访问授权规则。
+ */
+
 namespace App\Providers;
 
 use Illuminate\Support\Facades\Gate;
-use Laravel\Horizon\Horizon;
 use Laravel\Horizon\HorizonApplicationServiceProvider;
 
+/**
+ * 类功能：注册 Horizon 面板访问门禁。
+ */
 class HorizonServiceProvider extends HorizonApplicationServiceProvider
 {
     /**
-     * Bootstrap any application services.
+     * 引导 Horizon 服务并加载父类默认注册逻辑。
      */
     public function boot(): void
     {
@@ -21,14 +27,13 @@ class HorizonServiceProvider extends HorizonApplicationServiceProvider
     }
 
     /**
-     * Register the Horizon gate.
-     *
-     * This gate determines who can access Horizon in non-local environments.
+     * 注册 Horizon 面板访问门禁。
      */
     protected function gate(): void
     {
         Gate::define('viewHorizon', function ($user = null) {
-            return $user && $user->user_level >= 15;
+            // Horizon 属于高敏运维面板，仅站长账号允许进入，避免绕过后台主权限体系。
+            return $user && (int) $user->id === 1;
         });
     }
 }