diff --git a/apps/miniprogram/src/services/auth.ts b/apps/miniprogram/src/services/auth.ts index c576b55..5aa0939 100644 --- a/apps/miniprogram/src/services/auth.ts +++ b/apps/miniprogram/src/services/auth.ts @@ -68,7 +68,9 @@ export interface PatientSummary { } /** 获取患者摘要列表(字段最小化,替代 getPatients) */ -export async function getPatientSummaries() { - const res = await api.get>('/health/patients/summary'); +export async function getPatientSummaries(userId?: string) { + const params: Record = {}; + if (userId) params.user_id = userId; + const res = await api.get>('/health/patients/summary', { params }); return Array.isArray(res?.data) ? res.data : (Array.isArray(res) ? res : []); } diff --git a/apps/miniprogram/src/stores/auth.ts b/apps/miniprogram/src/stores/auth.ts index 2348a83..55b7c4e 100644 --- a/apps/miniprogram/src/stores/auth.ts +++ b/apps/miniprogram/src/stores/auth.ts @@ -249,7 +249,8 @@ export const useAuthStore = create((set, get) => ({ loadPatients: async () => { try { - const summaries = await authApi.getPatientSummaries(); + const userId = get().user?.id; + const summaries = await authApi.getPatientSummaries(userId); const patients: authApi.PatientInfo[] = summaries.map((p) => ({ id: p.id, name: p.name, diff --git a/crates/erp-health/src/handler/patient_handler.rs b/crates/erp-health/src/handler/patient_handler.rs index 34d063c..0ad8274 100644 --- a/crates/erp-health/src/handler/patient_handler.rs +++ b/crates/erp-health/src/handler/patient_handler.rs @@ -24,6 +24,9 @@ pub struct PatientListParams { pub page_size: Option, pub search: Option, pub tag_id: Option, + /// Optional user_id filter — only return patients linked to this user. + /// Used by the mini-program to fetch only the logged-in user's own patients. + pub user_id: Option, } /// 分配医生请求 @@ -70,7 +73,9 @@ where require_permission(&ctx, "health.patient.list")?; let page = params.page.unwrap_or(1); let page_size = params.page_size.unwrap_or(20).min(100); - let result = patient_service::list_summaries(&state, ctx.tenant_id, page, page_size).await?; + let result = + patient_service::list_summaries(&state, ctx.tenant_id, page, page_size, params.user_id) + .await?; Ok(Json(ApiResponse::ok(result))) } diff --git a/crates/erp-health/src/service/patient_service/crud.rs b/crates/erp-health/src/service/patient_service/crud.rs index c3f9882..fcf75c7 100644 --- a/crates/erp-health/src/service/patient_service/crud.rs +++ b/crates/erp-health/src/service/patient_service/crud.rs @@ -552,19 +552,27 @@ pub async fn bind_by_phone( } /// 患者摘要列表 — 仅返回非敏感字段,供小程序切换/列表使用 +/// +/// When `user_id` is provided, only patients linked to that user are returned. +/// This allows the mini-program to fetch only the logged-in user's own patients. pub async fn list_summaries( state: &HealthState, tenant_id: Uuid, page: u64, page_size: u64, + user_id: Option, ) -> HealthResult> { let limit = page_size.min(100); let offset = page.saturating_sub(1) * limit; - let query = patient::Entity::find() + let mut query = patient::Entity::find() .filter(patient::Column::TenantId.eq(tenant_id)) .filter(patient::Column::DeletedAt.is_null()); + if let Some(uid) = user_id { + query = query.filter(patient::Column::UserId.eq(uid)); + } + let total = query.clone().count(&state.db).await?; let models = query