From d77627e44b17b923e07e5003e731f53f18b6f3dc Mon Sep 17 00:00:00 2001
From: EL <1175065040@qq.com>
Date: Thu, 2 Apr 2026 05:29:00 +0800
Subject: [PATCH] =?UTF-8?q?=E7=BB=9F=E4=B8=80=E5=8C=BB=E7=94=9F=E5=8F=AF?=
 =?UTF-8?q?=E8=A7=81=E8=8C=83=E5=9B=B4=E5=B9=B6=E4=BC=98=E5=8C=96=E6=82=A3?=
 =?UTF-8?q?=E8=80=85=E5=BD=92=E5=B1=9E=E5=8C=BB=E7=94=9F=E9=80=89=E6=8B=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/patients/b-patients/b-patients.service.ts | 80 +++++++++----------
 tyt-admin/src/views/patients/Patients.vue     |  6 --
 2 files changed, 37 insertions(+), 49 deletions(-)

diff --git a/src/patients/b-patients/b-patients.service.ts b/src/patients/b-patients/b-patients.service.ts
index bfd1777..94915bb 100644
--- a/src/patients/b-patients/b-patients.service.ts
+++ b/src/patients/b-patients/b-patients.service.ts
@@ -186,36 +186,8 @@ export class BPatientsService {
    */
   async findVisibleDoctors(actor: ActorContext, requestedHospitalId?: number) {
     const hospitalId = this.resolveHospitalId(actor, requestedHospitalId);
-    const where: Prisma.UserWhereInput = {
-      role: { in: PATIENT_OWNER_ROLES },
-      hospitalId,
-    };
-
-    switch (actor.role) {
-      case Role.DOCTOR:
-        where.id = actor.id;
-        break;
-      case Role.LEADER:
-        if (!actor.groupId) {
-          throw new BadRequestException(MESSAGES.PATIENT.GROUP_REQUIRED);
-        }
-        where.groupId = actor.groupId;
-        break;
-      case Role.DIRECTOR:
-        if (!actor.departmentId) {
-          throw new BadRequestException(MESSAGES.PATIENT.DEPARTMENT_REQUIRED);
-        }
-        where.departmentId = actor.departmentId;
-        break;
-      case Role.HOSPITAL_ADMIN:
-      case Role.SYSTEM_ADMIN:
-        break;
-      default:
-        throw new ForbiddenException(MESSAGES.PATIENT.ROLE_FORBIDDEN);
-    }
-
     return this.prisma.user.findMany({
-      where,
+      where: this.buildVisibleDoctorWhere(actor, hospitalId),
       select: {
         id: true,
         name: true,
@@ -584,29 +556,51 @@ export class BPatientsService {
       throw new BadRequestException(MESSAGES.PATIENT.DOCTOR_NOT_FOUND);
     }
 
+    const visibleDoctor = await this.prisma.user.findFirst({
+      where: {
+        id: doctor.id,
+        ...this.buildVisibleDoctorWhere(actor, doctor.hospitalId),
+      },
+      select: { id: true },
+    });
+    if (!visibleDoctor) {
+      throw new ForbiddenException(MESSAGES.PATIENT.DOCTOR_SCOPE_FORBIDDEN);
+    }
+
+    return doctor;
+  }
+
+  /**
+   * 按当前角色构造患者归属人员可选范围。
+   */
+  private buildVisibleDoctorWhere(actor: ActorContext, hospitalId: number) {
+    const where: Prisma.UserWhereInput = {
+      role: { in: PATIENT_OWNER_ROLES },
+      hospitalId,
+    };
+
     switch (actor.role) {
       case Role.SYSTEM_ADMIN:
-        return doctor;
       case Role.HOSPITAL_ADMIN:
-        if (!actor.hospitalId || doctor.hospitalId !== actor.hospitalId) {
-          throw new ForbiddenException(MESSAGES.PATIENT.DOCTOR_SCOPE_FORBIDDEN);
-        }
-        return doctor;
+        return where;
       case Role.DIRECTOR:
-        if (!actor.departmentId || doctor.departmentId !== actor.departmentId) {
-          throw new ForbiddenException(MESSAGES.PATIENT.DOCTOR_SCOPE_FORBIDDEN);
+        if (!actor.departmentId) {
+          throw new BadRequestException(MESSAGES.PATIENT.DEPARTMENT_REQUIRED);
         }
-        return doctor;
+        where.departmentId = actor.departmentId;
+        return where;
       case Role.LEADER:
-        if (!actor.groupId || doctor.groupId !== actor.groupId) {
-          throw new ForbiddenException(MESSAGES.PATIENT.DOCTOR_SCOPE_FORBIDDEN);
+        if (!actor.groupId) {
+          throw new BadRequestException(MESSAGES.PATIENT.GROUP_REQUIRED);
         }
-        return doctor;
+        where.groupId = actor.groupId;
+        return where;
       case Role.DOCTOR:
-        if (doctor.id !== actor.id) {
-          throw new ForbiddenException(MESSAGES.PATIENT.DOCTOR_SCOPE_FORBIDDEN);
+        if (!actor.departmentId) {
+          throw new BadRequestException(MESSAGES.PATIENT.DEPARTMENT_REQUIRED);
         }
-        return doctor;
+        where.departmentId = actor.departmentId;
+        return where;
       default:
         throw new ForbiddenException(MESSAGES.PATIENT.ROLE_FORBIDDEN);
     }
diff --git a/tyt-admin/src/views/patients/Patients.vue b/tyt-admin/src/views/patients/Patients.vue
index f91947d..2927e49 100644
--- a/tyt-admin/src/views/patients/Patients.vue
+++ b/tyt-admin/src/views/patients/Patients.vue
@@ -216,12 +216,10 @@
                     v-model="patientForm.doctorId"
                     :data="doctorTreeOptions"
                     :props="doctorTreeProps"
-                    check-strictly
                     filterable
                     clearable
                     placeholder="请选择归属医生（按科室/小组）"
                     style="width: 100%"
-                    :disabled="userStore.role === 'DOCTOR'"
                   />
                 </el-form-item>
               </el-col>
@@ -1588,10 +1586,6 @@ async function openCreateDialog() {
   isEdit.value = false;
   resetPatientForm();
 
-  if (userStore.role === 'DOCTOR') {
-    patientForm.doctorId = userStore.userInfo?.id || null;
-  }
-
   dialogVisible.value = true;
 }