iven/erp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
16 Commits 1 Branch 0 Tags
c0523e19b456987818abc8e4464833390200f830
Commit Graph

9 Commits

Author SHA1 Message Date
iven
91ecaa3ed7 feat(workflow): add workflow engine module (Phase 4) 
Implement complete workflow engine with BPMN subset support:

Backend (erp-workflow crate):
- Token-driven execution engine with exclusive/parallel gateway support
- BPMN parser with flow graph validation
- Expression evaluator for conditional branching
- Process definition CRUD with draft/publish lifecycle
- Process instance management (start, suspend, terminate)
- Task service (pending, complete, delegate)
- PostgreSQL advisory locks for concurrent safety
- 5 database tables: process_definitions, process_instances,
  tokens, tasks, process_variables
- 13 API endpoints with RBAC protection
- Timeout checker framework (placeholder)

Frontend:
- Workflow page with 4 tabs (definitions, pending, completed, monitor)
- React Flow visual process designer (@xyflow/react)
- Process viewer with active node highlighting
- 3 API client modules for workflow endpoints
- Sidebar menu integration
 2026-04-11 09:54:02 +08:00
iven
0baaf5f7ee feat(config): add system configuration module (Phase 3) 
Implement the complete erp-config crate with:
- Data dictionaries (CRUD + items management)
- Dynamic menus (tree structure with role filtering)
- System settings (hierarchical: platform > tenant > org > user)
- Numbering rules (concurrency-safe via PostgreSQL advisory_lock)
- Theme and language configuration (via settings store)
- 6 database migrations (dictionaries, menus, settings, numbering_rules)
- Frontend Settings page with 5 tabs (dictionary, menu, numbering, settings, theme)

Refactor: move RBAC functions (require_permission) from erp-auth to erp-core
to avoid cross-module dependencies.

Add 20 new seed permissions for config module operations.
 2026-04-11 08:09:19 +08:00
iven
8a012f6c6a feat(auth): add org/dept/position management, user page, and Phase 2 completion 
Complete Phase 2 identity & authentication module:
- Organization CRUD with tree structure (parent_id + materialized path)
- Department CRUD nested under organizations with tree support
- Position CRUD nested under departments
- User management page with table, create/edit modal, role assignment
- Organization architecture page with 3-panel tree layout
- Frontend API layer for orgs/depts/positions
- Sidebar navigation updated with organization menu item
- Fix parse_ttl edge case for strings ending in 'd' (e.g. "invalid")
 2026-04-11 04:00:32 +08:00
iven
6fd0288e7c feat(auth): add role/permission management (backend + frontend) 
- RoleService: CRUD, assign_permissions, get_role_permissions
- PermissionService: list all tenant permissions
- Role handlers: 8 endpoints with RBAC permission checks
- Frontend Roles page: table, create/edit modal, permission assignment
- Frontend Roles API: full CRUD + permission operations
- Routes registered in AuthModule protected_routes
 2026-04-11 03:46:54 +08:00
iven
a7cdf67d17 feat(auth): add tenant seed data and bootstrap logic 
- seed.rs: creates 21 permissions, admin+viewer roles, admin user with Argon2 password
- AuthConfig added to server config with default password Admin@2026
- Server startup: auto-creates default tenant and seeds auth data if not exists
- Idempotent: checks for existing tenant before seeding
 2026-04-11 03:28:19 +08:00
iven
3afd732de8 feat(auth): add handlers, JWT middleware, RBAC, and module registration 
- Auth handlers: login/refresh/logout + user CRUD with tenant isolation
- JWT middleware: Bearer token validation → TenantContext injection
- RBAC helpers: require_permission, require_any_permission, require_role
- AuthModule: implements ErpModule with public/protected route split
- AuthState: FromRef pattern avoids circular deps between erp-auth and erp-server
- Server: public routes (health+login+refresh) + protected routes (JWT middleware)
- ErpModule trait: added as_any() for downcast support
- Workspace: added async-trait, sha2 dependencies
 2026-04-11 03:22:04 +08:00
iven
edc41a1500 feat(auth): implement core service layer (password, JWT, auth, user CRUD) 
- error.rs: AuthError with proper HTTP status mapping
- service/password.rs: Argon2 hash/verify with tests
- service/token_service.rs: JWT sign/validate, token DB storage with SHA-256 hash
- service/auth_service.rs: login/refresh/logout flows with event publishing
- service/user_service.rs: user CRUD with soft delete and tenant isolation
- Added sha2 dependency to workspace for token hashing
 2026-04-11 03:05:17 +08:00
iven
411a07caa1 feat(auth): add SeaORM entities and DTOs for auth module 
- 11 entity files mapping to all auth migration tables
- DTOs with validation: LoginReq, CreateUserReq, CreateRoleReq, etc.
- Response DTOs: UserResp, RoleResp, PermissionResp, OrganizationResp, etc.
- Added workspace dependencies: jsonwebtoken, argon2, validator, thiserror, utoipa
 2026-04-11 02:53:41 +08:00
iven
eb856b1d73 feat: 初始化ERP平台底座项目结构 
- 添加基础crate结构(erp-core, erp-common)
- 实现核心模块trait和事件总线
- 配置Docker开发环境(PostgreSQL+Redis)
- 添加Tauri桌面端基础框架
- 设置CI/CD工作流
- 编写项目协作规范文档(CLAUDE.md)
 2026-04-10 23:40:38 +08:00