fix(security): resolve audit findings and compilation errors (Phase 6)

Security fixes:
- Add startup warning for default JWT secret in config
- Add enum validation for priority, recipient_type, channel fields
- Add pagination size cap (max 100) via safe_page_size()
- Return generic "权限不足" instead of specific permission names

Compilation fixes:
- Fix missing standard fields in ActiveModel for tokens/process_variables
- Fix migration imports for Statement/DatabaseBackend/Uuid
- Add version_field to process_definition ActiveModel

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

crates/erp-server/migration/src/lib.rs

@@ -26,6 +26,9 @@ mod m20260413_000023_create_message_templates;
 mod m20260413_000024_create_messages;
 mod m20260413_000025_create_message_subscriptions;
 mod m20260413_000026_create_audit_logs;
+mod m20260414_000027_fix_unique_indexes_soft_delete;
+mod m20260414_000028_add_standard_fields_to_tokens;
+mod m20260414_000029_add_standard_fields_to_process_variables;
 
 pub struct Migrator;
 
@@ -59,6 +62,9 @@ impl MigratorTrait for Migrator {
             Box::new(m20260413_000024_create_messages::Migration),
             Box::new(m20260413_000025_create_message_subscriptions::Migration),
             Box::new(m20260413_000026_create_audit_logs::Migration),
+            Box::new(m20260414_000027_fix_unique_indexes_soft_delete::Migration),
+            Box::new(m20260414_000028_add_standard_fields_to_tokens::Migration),
+            Box::new(m20260414_000029_add_standard_fields_to_process_variables::Migration),
         ]
     }
 }