Security fixes:
- Add startup warning for default JWT secret in config
- Add enum validation for priority, recipient_type, channel fields
- Add pagination size cap (max 100) via safe_page_size()
- Return generic "权限不足" instead of specific permission names
Compilation fixes:
- Fix missing standard fields in ActiveModel for tokens/process_variables
- Fix migration imports for Statement/DatabaseBackend/Uuid
- Add version_field to process_definition ActiveModel
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- CORS: replace permissive() with configurable whitelist (default.toml)
- Auth store: synchronously restore state at creation to eliminate
flash-of-login-page on refresh
- MainLayout: menu highlight now tracks current route via useLocation
- Add extractErrorMessage() utility to reduce repeated error parsing
- Fix all clippy warnings across 4 crates (erp-auth, erp-config,
erp-workflow, erp-message): remove unnecessary casts, use div_ceil,
collapse nested ifs, reduce function arguments with DTOs
Add /api/docs/openapi.json public endpoint returning the OpenAPI spec.
Uses utoipa derive macro with basic API metadata.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add audit_logs database migration with indexes
- Add AuditLog struct in erp-core with builder pattern
- Support old/new value tracking, IP address, user agent
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Message module subscribes to workflow events (process_instance.started)
- Auto-generates notifications when workflows start
- Added started_by to workflow instance event payload
- Event listener runs as background tokio task
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- C-1: Add tenant_id to settings unique index to prevent cross-tenant conflicts
- C-2: Move pg_advisory_xact_lock inside the transaction for correct concurrency
(previously lock was released before the numbering transaction started)
- H-5: Add CORS middleware (permissive for dev, TODO: restrict in production)
- seed.rs: creates 21 permissions, admin+viewer roles, admin user with Argon2 password
- AuthConfig added to server config with default password Admin@2026
- Server startup: auto-creates default tenant and seeds auth data if not exists
- Idempotent: checks for existing tenant before seeding
- users with partial unique index on (tenant_id, username) WHERE deleted_at IS NULL
- user_credentials, user_tokens with FK cascade
- roles, permissions with composite unique (tenant_id, code)
- role_permissions, user_roles junction tables
- organizations (self-ref tree), departments (tree + org FK), positions
- All tables include standard fields: id, tenant_id, timestamps, soft delete, version
