from ninja import Router from ninja.errors import HttpError from django.shortcuts import get_object_or_404 from resumes.models import ResumeBasic, ResumeDetail from utils.auth import jwt_auth from utils.permissions import login_required router = Router(tags=["简历详情"]) @router.get("/{resume_id}", auth=jwt_auth) @login_required def get_resume_detail(request, resume_id: int): user = request.user resume = get_object_or_404(ResumeBasic, id=resume_id) # ✅ 权限校验 if user.role == "admin": pass elif user.role == "manager": if resume.source_id not in user.managed_websites.values_list("id", flat=True): raise HttpError(403, "无权查看该简历") elif user.role == "user": if resume.source_id not in user.authorized_websites.values_list("id", flat=True): raise HttpError(403, "无权查看该简历") # ✅ 获取详情模型(可选) detail = ResumeDetail.objects.filter(resume_id=resume.id).first() return { "id": resume.id, "name": resume.name, "age": resume.age, "job_status": resume.job_status, "source_id": resume.source_id, "phone": detail.phone if detail else None, "extra": { "教育经历": getattr(detail, "education", None), "项目经历": getattr(detail, "projects", None), } }