diff --git a/internal/store/postgres/shop_store.go b/internal/store/postgres/shop_store.go
index ec9f7e1..64f7272 100644
--- a/internal/store/postgres/shop_store.go
+++ b/internal/store/postgres/shop_store.go
@@ -213,7 +213,10 @@ func (s *ShopStore) GetByIDs(ctx context.Context, ids []uint) ([]*model.Shop, er
 		return []*model.Shop{}, nil
 	}
 	var shops []*model.Shop
-	if err := s.db.WithContext(ctx).Where("id IN ?", ids).Find(&shops).Error; err != nil {
+	query := s.db.WithContext(ctx).Where("id IN ?", ids)
+	// 应用数据权限过滤：代理用户只能看到自己店铺及下级店铺
+	query = middleware.ApplyShopIDFilter(ctx, query)
+	if err := query.Find(&shops).Error; err != nil {
 		return nil, err
 	}
 	return shops, nil