iven/erp
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
120f3fe8670aa7aa46a7c09ca0f28280c695a743
erp/.superpowers/brainstorm/4473-1776364785/expert-overview.html
iven 841766b168
Some checks failed
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details
fix(用户管理): 修复用户列表页面加载失败问题 
修复用户列表页面加载失败导致测试超时的问题,确保页面元素正确渲染
2026-04-19 08:46:28 +08:00

148 lines
8.7 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<h2>CRM 插件专家组头脑风暴 — 综合发现</h2>
<p class="subtitle">6 个专家组深度分析结果 · 28 项发现 · 4 个 Critical 级别</p>
<div class="section">
<h3>严重程度分布</h3>
<div style="display:grid;grid-template-columns:repeat(4,1fr);gap:12px;margin:16px 0">
<div style="background:#FEE2E2;border:1px solid #FCA5A5;border-radius:8px;padding:12px;text-align:center">
<div style="font-size:28px;font-weight:700;color:#DC2626">4</div>
<div style="font-size:13px;color:#991B1B;margin-top:4px">Critical</div>
<div style="font-size:11px;color:#B91C1C;margin-top:2px">必须立即修复</div>
</div>
<div style="background:#FEF3C7;border:1px solid #FDE68A;border-radius:8px;padding:12px;text-align:center">
<div style="font-size:28px;font-weight:700;color:#D97706">8</div>
<div style="font-size:13px;color:#92400E;margin-top:4px">High</div>
<div style="font-size:11px;color:#A16207;margin-top:2px">下一版本必须解决</div>
</div>
<div style="background:#DBEAFE;border:1px solid #93C5FD;border-radius:8px;padding:12px;text-align:center">
<div style="font-size:28px;font-weight:700;color:#2563EB">10</div>
<div style="font-size:13px;color:#1E40AF;margin-top:4px">Medium</div>
<div style="font-size:11px;color:#1D4ED8;margin-top:2px">应规划解决</div>
</div>
<div style="background:#D1FAE5;border:1px solid #6EE7B7;border-radius:8px;padding:12px;text-align:center">
<div style="font-size:28px;font-weight:700;color:#059669">6</div>
<div style="font-size:13px;color:#065F46;margin-top:4px">Low/Info</div>
<div style="font-size:11px;color:#047857;margin-top:2px">记录待定</div>
</div>
</div>
</div>
<h3>6 专家组核心发现</h3>
<div class="cards">
<div class="card" data-choice="arch" onclick="toggleSelect(this)">
<div class="card-body">
<h3 style="color:#7C3AED">🏗️ 后端架构师</h3>
<p><strong>核心判断:</strong>当前是"声明式插件框架"穿了"命令式 WASM 沙箱"的外衣。CRM 的 WASM Guest 仅 30 行空壳100% 流量绕过 WASM 层。</p>
<p><strong>推荐方案:</strong>三层插件模型 — L1 声明式(80%) / L2 钩子式(15%) / L3 计算密集(5%)。JSONB + PostgreSQL Generated Column 混合存储。</p>
<ul style="font-size:13px;color:#666">
<li>C-01: db_query 不可用Host API 半成品)</li>
<li>H-01: JSONB 类型安全缺失(字符串排序非数值排序)</li>
<li>H-02: 无插件版本升级迁移能力</li>
</ul>
</div>
</div>
<div class="card" data-choice="crm" onclick="toggleSelect(this)">
<div class="card-body">
<h3 style="color:#059669">💼 CRM 产品专家</h3>
<p><strong>核心判断:</strong>当前是"客户通讯录"而非 CRM。缺少销售流程引擎线索→商机→漏斗→赢单这个灵魂。</p>
<p><strong>推荐路线:</strong>MVP 加 lead+opportunity 实体 + kanban 页面 → V2 团队协作+公海池 → V3 智能化+跨模块联动。</p>
<ul style="font-size:13px;color:#666">
<li>C-02: 无商机/漏斗管理 — CRM 不是 CRM</li>
<li>H-03: JSONB 零 FK 完整性</li>
<li>H-04: 无数据校验(手机号/邮箱格式)</li>
<li>H-05: 无跟进提醒机制</li>
</ul>
</div>
</div>
<div class="card" data-choice="sec" onclick="toggleSelect(this)">
<div class="card-body">
<h3 style="color:#DC2626">🔐 安全工程师</h3>
<p><strong>核心判断:</strong>行级数据权限完全缺失是最大的安全风险。plugin.admin 权限过宽等同于超级用户。</p>
<p><strong>紧急修复:</strong>① 收紧权限 fallback ② 行级数据权限框架 ③ 插件间 entity 白名单。</p>
<ul style="font-size:13px;color:#666">
<li>C-03: 行级数据权限缺失销售A看销售B客户</li>
<li>C-04: plugin.admin 获得所有插件的超级权限</li>
<li>H-06: 插件间无 entity 白名单隔离</li>
<li>H-07: JSONB 查询注入风险</li>
</ul>
</div>
</div>
<div class="card" data-choice="fe" onclick="toggleSelect(this)">
<div class="card-body">
<h3 style="color:#2563EB">🎨 前端架构师</h3>
<p><strong>核心判断:</strong>Schema 驱动 UI 已覆盖 70% 后台场景,但无法描述"行为"。关联选择器、批量操作、看板是三个最高优先级突破。</p>
<p><strong>推荐策略:</strong>声明式 DSL 扩展(短期)→ Iframe 沙箱自定义 UI中期→ Web Component远期</p>
<ul style="font-size:13px;color:#666">
<li>H-08: 无 entity_select 关联选择器</li>
<li>H-09: 无批量操作(多选+批量处理)</li>
<li>M-01: visible_when 只支持 field==value</li>
<li>M-02: 图谱/树全量加载性能问题</li>
</ul>
</div>
</div>
<div class="card" data-choice="plat" onclick="toggleSelect(this)">
<div class="card-body">
<h3 style="color:#D97706">🔌 平台架构师</h3>
<p><strong>核心判断:</strong>插件是信息孤岛无法互相发现和协作。PluginEngine 的 DashMap key 设计阻碍多版本共存。</p>
<p><strong>三层通信模型:</strong>事件契约注册 → 跨插件只读查询 → 插件间 RPC远期。自定义 API 用通配路由分发。</p>
<ul style="font-size:13px;color:#666">
<li>H-10: dependencies 字段已声明但从未校验</li>
<li>M-03: DashMap key 为 manifest id多版本冲突</li>
<li>M-04: 无自定义 API 端点能力</li>
<li>M-05: WIT 接口无版本化</li>
</ul>
</div>
</div>
<div class="card" data-choice="perf" onclick="toggleSelect(this)">
<div class="card-body">
<h3 style="color:#0891B2">⚡ 性能工程师</h3>
<p><strong>核心判断:</strong>JSONB 排序无 B-tree 索引、ILIKE '%..%' 全表扫描、深翻页 OFFSET 退化是三大性能瓶颈。当前在万级数据以内可用,十万级会崩。</p>
<p><strong>核心方案:</strong>Generated Column 提取高频字段 + pg_trgm 加速搜索 + Keyset Pagination + 聚合 Redis 缓存。</p>
<ul style="font-size:13px;color:#666">
<li>M-06: ORDER BY data->>'field' 全表扫描</li>
<li>M-07: ILIKE '%keyword%' 无法用索引</li>
<li>M-08: OFFSET 深翻页线性退化</li>
<li>M-09: 每次请求双重查库schema 解析)</li>
<li>M-10: Dashboard 串行聚合</li>
</ul>
</div>
</div>
</div>
<h3>跨专家组共识 Top 5</h3>
<div style="margin:12px 0">
<div style="display:flex;align-items:center;gap:10px;padding:10px;background:#F5F3FF;border-radius:6px;margin-bottom:6px">
<span style="background:#7C3AED;color:white;padding:2px 8px;border-radius:4px;font-size:12px;font-weight:600">#1</span>
<strong>JSONB + Generated Column 混合存储</strong>
<span style="font-size:12px;color:#666;margin-left:auto">后端+性能+产品 三组一致推荐</span>
</div>
<div style="display:flex;align-items:center;gap:10px;padding:10px;background:#ECFDF5;border-radius:6px;margin-bottom:6px">
<span style="background:#059669;color:white;padding:2px 8px;border-radius:4px;font-size:12px;font-weight:600">#2</span>
<strong>ref_entity 应用层外键校验 + 级联策略</strong>
<span style="font-size:12px;color:#666;margin-left:auto">后端+产品+安全 三组一致推荐</span>
</div>
<div style="display:flex;align-items:center;gap:10px;padding:10px;background:#EFF6FF;border-radius:6px;margin-bottom:6px">
<span style="background:#2563EB;color:white;padding:2px 8px;border-radius:4px;font-size:12px;font-weight:600">#3</span>
<strong>entity_select 关联选择器 + kanban 看板页面</strong>
<span style="font-size:12px;color:#666;margin-left:auto">前端+产品 两组核心诉求</span>
</div>
<div style="display:flex;align-items:center;gap:10px;padding:10px;background:#FEF2F2;border-radius:6px;margin-bottom:6px">
<span style="background:#DC2626;color:white;padding:2px 8px;border-radius:4px;font-size:12px;font-weight:600">#4</span>
<strong>行级数据权限 + 权限 fallback 收紧</strong>
<span style="font-size:12px;color:#666;margin-left:auto">安全 Critical + 平台架构支持</span>
</div>
<div style="display:flex;align-items:center;gap:10px;padding:10px;background:#FFFBEB;border-radius:6px;margin-bottom:6px">
<span style="background:#D97706;color:white;padding:2px 8px;border-radius:4px;font-size:12px;font-weight:600">#5</span>
<strong>跨插件事件契约 + 只读数据查询</strong>
<span style="font-size:12px;color:#666;margin-left:auto">平台+产品 两组跨模块联动需求</span>
</div>
</div>
<p style="text-align:center;color:#999;font-size:13px;margin-top:20px">请在终端中回复,告诉我你的优先级偏好</p>
Reference in New Issue View Git Blame Copy Permalink