diff --git a/offer_backend/apps/jobs/views.py b/offer_backend/apps/jobs/views.py
index 0b2d4ef..b817abd 100644
--- a/offer_backend/apps/jobs/views.py
+++ b/offer_backend/apps/jobs/views.py
@@ -1,4 +1,6 @@
 from rest_framework import viewsets, permissions
+from rest_framework.filters import SearchFilter
+from django_filters.rest_framework import DjangoFilterBackend
 from .models import Job
 from .serializers import JobListSerializer, JobDetailSerializer
 from .filters import JobFilter
@@ -9,6 +11,7 @@ class JobPublicViewSet(viewsets.ReadOnlyModelViewSet):
     """公开只读，仅返回已发布职位"""
     queryset = Job.objects.filter(status='published').select_related('organization')
     filterset_class = JobFilter
+    filter_backends = [DjangoFilterBackend, SearchFilter]
     search_fields = ['title', 'description', 'location']
     permission_classes = [permissions.AllowAny]
 
@@ -31,10 +34,15 @@ class JobManageViewSet(viewsets.ModelViewSet):
         user = self.request.user
         if user.is_superadmin:
             return Job.objects.all().select_related('organization')
+        # 防御 organization 为空的情况
+        if not user.organization_id:
+            return Job.objects.none()
         return Job.objects.filter(organization=user.organization).select_related('organization')
 
     def perform_create(self, serializer):
         if self.request.user.is_admin:
+            # Admin 强制使用自己公司，忽略请求体中的 organization_id
             serializer.save(organization=self.request.user.organization)
         else:
+            # 超管需要在请求体中提供 organization_id
             serializer.save()