feat(core): TenantContext 新增 department_ids 字段

为行级数据权限做准备，TenantContext 新增 department_ids 字段存储用户所属部门 ID 列表。当前阶段 JWT 中间件填充为空列表，待 user_positions 关联表建立后补充查询逻辑。
2026-04-17 10:33:28 +08:00
parent 6f286acbeb
commit 62f17d13ad
3 changed files with 5 additions and 0 deletions
--- a/crates/erp-auth/src/middleware/jwt_auth.rs
+++ b/crates/erp-auth/src/middleware/jwt_auth.rs
@@ -52,6 +52,7 @@ pub async fn jwt_auth_middleware_fn(
        user_id: claims.sub,
        roles: claims.roles,
        permissions: claims.permissions,
+        department_ids: vec![],
    };

    // Reconstruct the request with the TenantContext injected into extensions.
--- a/crates/erp-core/src/rbac.rs
+++ b/crates/erp-core/src/rbac.rs
@@ -49,6 +49,7 @@ mod tests {
            user_id: Uuid::now_v7(),
            roles: roles.into_iter().map(String::from).collect(),
            permissions: permissions.into_iter().map(String::from).collect(),
+            department_ids: vec![],
        }
    }

--- a/crates/erp-core/src/types.rs
+++ b/crates/erp-core/src/types.rs
@@ -113,6 +113,7 @@ mod tests {
            user_id: Uuid::now_v7(),
            roles: vec!["admin".to_string()],
            permissions: vec!["user.read".to_string()],
+            department_ids: vec![],
        };
        assert_eq!(ctx.roles.len(), 1);
        assert_eq!(ctx.permissions.len(), 1);
@@ -154,4 +155,6 @@ pub struct TenantContext {
    pub user_id: Uuid,
    pub roles: Vec<String>,
    pub permissions: Vec<String>,
+    /// 用户所属部门 ID 列表（行级数据权限使用）
+    pub department_ids: Vec<Uuid>,
 }