From f4b1a06d53257f4fa3388b1fbd8c209954ce3795 Mon Sep 17 00:00:00 2001
From: iven <iven_h@qq.com>
Date: Fri, 17 Apr 2026 10:34:06 +0800
Subject: [PATCH] =?UTF-8?q?feat(auth):=20JWT=20=E4=B8=AD=E9=97=B4=E4=BB=B6?=
 =?UTF-8?q?=E9=A2=84=E7=95=99=20department=5Fids=20=E5=A1=AB=E5=85=85?=
 =?UTF-8?q?=E4=BD=8D=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

当前 department_ids 为空列表，附带 TODO 注释说明
待 user_positions 关联表建立后补充查询逻辑。
---
 crates/erp-auth/src/middleware/jwt_auth.rs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crates/erp-auth/src/middleware/jwt_auth.rs b/crates/erp-auth/src/middleware/jwt_auth.rs
index ddd07cd..613e793 100644
--- a/crates/erp-auth/src/middleware/jwt_auth.rs
+++ b/crates/erp-auth/src/middleware/jwt_auth.rs
@@ -47,6 +47,8 @@ pub async fn jwt_auth_middleware_fn(
         return Err(AppError::Unauthorized);
     }
 
+    // TODO: 待 user_positions 关联表建立后，从数据库查询用户所属部门 ID 列表
+    // 当前阶段 department_ids 为空列表，行级数据权限默认为 all
     let ctx = TenantContext {
         tenant_id: claims.tid,
         user_id: claims.sub,