diff --git a/backend/routers/users.py b/backend/routers/users.py index e2c78fb..4a0e5b7 100644 --- a/backend/routers/users.py +++ b/backend/routers/users.py @@ -28,6 +28,16 @@ def _can_view_cost(user: User) -> bool: return "user:view_cost" in (user.permissions or []) +@router.get("/brief") +def list_users_brief( + db: Session = Depends(get_db), + current_user: User = Depends(get_current_user) +): + """轻量接口:仅返回 id+name,任何登录用户可调用(用于下拉选择等场景)""" + users = db.query(User.id, User.name).filter(User.is_active == 1).order_by(User.name).all() + return [{"id": u.id, "name": u.name} for u in users] + + @router.get("", response_model=List[UserOut]) def list_users( db: Session = Depends(get_db), diff --git a/frontend/src/api/index.js b/frontend/src/api/index.js index 2764c9a..5bd2b7c 100644 --- a/frontend/src/api/index.js +++ b/frontend/src/api/index.js @@ -48,6 +48,7 @@ export const authApi = { // ── 用户 ── export const userApi = { list: () => api.get('/users'), + brief: () => api.get('/users/brief'), create: (data) => api.post('/users', data), update: (id, data) => api.put(`/users/${id}`, data), get: (id) => api.get(`/users/${id}`), diff --git a/frontend/src/views/ProjectDetail.vue b/frontend/src/views/ProjectDetail.vue index 2e7be58..3a350ad 100644 --- a/frontend/src/views/ProjectDetail.vue +++ b/frontend/src/views/ProjectDetail.vue @@ -726,8 +726,8 @@ function formatSecs(s) { async function openEdit() { const p = project.value - if (authStore.hasPermission('user:view') && !users.value.length) { - try { users.value = await userApi.list() } catch {} + if (!users.value.length) { + try { users.value = await userApi.brief() } catch {} } Object.assign(editForm, { name: p.name, project_type: p.project_type, status: p.status || '制作中', leader_id: p.leader_id, @@ -763,8 +763,8 @@ async function load() { if (authStore.hasPermission('efficiency:view')) { try { efficiency.value = await projectApi.efficiency(id) } catch {} } - if (authStore.hasPermission('user:view') && !users.value.length) { - try { users.value = await userApi.list() } catch {} + if (!users.value.length) { + try { users.value = await userApi.brief() } catch {} } await nextTick() initProgressChart() diff --git a/frontend/src/views/Projects.vue b/frontend/src/views/Projects.vue index cb4d893..ec55b03 100644 --- a/frontend/src/views/Projects.vue +++ b/frontend/src/views/Projects.vue @@ -212,9 +212,7 @@ async function handleCreate() { onMounted(async () => { load() - if (authStore.hasPermission('user:view')) { - try { users.value = await userApi.list() } catch {} - } + try { users.value = await userApi.brief() } catch {} })