iven/erp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34 Commits 1 Branch 0 Tags
529d90ff465f32f2e8e821be4cfbee4c1176cd1e
Commit Graph

8 Commits

Author SHA1 Message Date
iven
db2cd24259 feat(core): add audit logging to all mutation operations 
Create audit_log SeaORM entity and audit_service::record() helper.
Integrate audit recording into 35 mutation endpoints across all modules:
- erp-auth: user/role/organization/department/position CRUD (15 actions)
- erp-config: dictionary/menu/setting/numbering_rule CRUD (15 actions)
- erp-workflow: definition/instance/task operations (8 actions)
- erp-message: send/system/mark_read/delete (5 actions)

Uses fire-and-forget pattern — audit failures logged but non-blocking.
 2026-04-11 23:48:45 +08:00
iven
5d6e1dc394 feat(core): implement optimistic locking across all entities 
Add VersionMismatch error variant and check_version() helper to erp-core.
All 13 mutable entities now enforce version checking on update/delete:
- erp-auth: user, role, organization, department, position
- erp-config: dictionary, dictionary_item, menu, setting, numbering_rule
- erp-workflow: process_definition, process_instance, task
- erp-message: message, message_subscription

Update DTOs to expose version in responses and require version in update
requests. HTTP 409 Conflict returned on version mismatch.
 2026-04-11 23:25:43 +08:00
iven
4bfd9573db fix(config): add individual menu CRUD endpoints and fix frontend menu data handling 
- Add POST /config/menus (create single menu)
- Add PUT /config/menus/{id} (update single menu)
- Add DELETE /config/menus/{id} (soft delete single menu)
- Frontend MenuConfig was calling individual CRUD routes that didn't exist,
  causing 404 errors on all create/update/delete operations
- Fix frontend to correctly handle nested tree response from backend
 2026-04-11 14:34:48 +08:00
iven
184034ff6b feat(config): add missing dictionary item CRUD, setting delete, and numbering delete routes 
- Dictionary items: POST/PUT/DELETE endpoints under /config/dictionaries/{dict_id}/items
- Settings: DELETE /config/settings/{key}
- Numbering rules: DELETE /config/numbering-rules/{id}
- Fix workflow Entities: add deleted_at and version_field to process_definition,
  add standard fields to token and process_variable entities
- Update seed data for expanded permissions
 2026-04-11 12:52:29 +08:00
iven
3a05523d23 fix: address Phase 1-2 audit findings 
- CORS: replace permissive() with configurable whitelist (default.toml)
- Auth store: synchronously restore state at creation to eliminate
  flash-of-login-page on refresh
- MainLayout: menu highlight now tracks current route via useLocation
- Add extractErrorMessage() utility to reduce repeated error parsing
- Fix all clippy warnings across 4 crates (erp-auth, erp-config,
  erp-workflow, erp-message): remove unnecessary casts, use div_ceil,
  collapse nested ifs, reduce function arguments with DTOs
 2026-04-11 12:36:34 +08:00
iven
0cbd08eb78 fix(config): resolve critical audit findings from Phase 1-3 review 
- C-1: Add tenant_id to settings unique index to prevent cross-tenant conflicts
- C-2: Move pg_advisory_xact_lock inside the transaction for correct concurrency
  (previously lock was released before the numbering transaction started)
- H-5: Add CORS middleware (permissive for dev, TODO: restrict in production)
 2026-04-11 08:26:43 +08:00
iven
0baaf5f7ee feat(config): add system configuration module (Phase 3) 
Implement the complete erp-config crate with:
- Data dictionaries (CRUD + items management)
- Dynamic menus (tree structure with role filtering)
- System settings (hierarchical: platform > tenant > org > user)
- Numbering rules (concurrency-safe via PostgreSQL advisory_lock)
- Theme and language configuration (via settings store)
- 6 database migrations (dictionaries, menus, settings, numbering_rules)
- Frontend Settings page with 5 tabs (dictionary, menu, numbering, settings, theme)

Refactor: move RBAC functions (require_permission) from erp-auth to erp-core
to avoid cross-module dependencies.

Add 20 new seed permissions for config module operations.
 2026-04-11 08:09:19 +08:00
iven
eb856b1d73 feat: 初始化ERP平台底座项目结构 
- 添加基础crate结构(erp-core, erp-common)
- 实现核心模块trait和事件总线
- 配置Docker开发环境(PostgreSQL+Redis)
- 添加Tauri桌面端基础框架
- 设置CI/CD工作流
- 编写项目协作规范文档(CLAUDE.md)
 2026-04-10 23:40:38 +08:00