diff --git a/crates/erp-auth/src/middleware/jwt_auth.rs b/crates/erp-auth/src/middleware/jwt_auth.rs
index 20f2b3b..ddd07cd 100644
--- a/crates/erp-auth/src/middleware/jwt_auth.rs
+++ b/crates/erp-auth/src/middleware/jwt_auth.rs
@@ -52,6 +52,7 @@ pub async fn jwt_auth_middleware_fn(
         user_id: claims.sub,
         roles: claims.roles,
         permissions: claims.permissions,
+        department_ids: vec![],
     };
 
     // Reconstruct the request with the TenantContext injected into extensions.
diff --git a/crates/erp-core/src/rbac.rs b/crates/erp-core/src/rbac.rs
index 9b25068..4fce2f0 100644
--- a/crates/erp-core/src/rbac.rs
+++ b/crates/erp-core/src/rbac.rs
@@ -49,6 +49,7 @@ mod tests {
             user_id: Uuid::now_v7(),
             roles: roles.into_iter().map(String::from).collect(),
             permissions: permissions.into_iter().map(String::from).collect(),
+            department_ids: vec![],
         }
     }
 
diff --git a/crates/erp-core/src/types.rs b/crates/erp-core/src/types.rs
index 6a29350..338962e 100644
--- a/crates/erp-core/src/types.rs
+++ b/crates/erp-core/src/types.rs
@@ -113,6 +113,7 @@ mod tests {
             user_id: Uuid::now_v7(),
             roles: vec!["admin".to_string()],
             permissions: vec!["user.read".to_string()],
+            department_ids: vec![],
         };
         assert_eq!(ctx.roles.len(), 1);
         assert_eq!(ctx.permissions.len(), 1);
@@ -154,4 +155,6 @@ pub struct TenantContext {
     pub user_id: Uuid,
     pub roles: Vec<String>,
     pub permissions: Vec<String>,
+    /// 用户所属部门 ID 列表（行级数据权限使用）
+    pub department_ids: Vec<Uuid>,
 }