fix(health): 穷尽审计修复 — 权限同步/编译错误/前端bug/审计日志
审计发现并修复的问题: HIGH: - H1: ConsultationDetail 使用 getSession(id) 替代错误的列表搜索 - H2: SessionResp 添加 version/updated_at 字段 - H3: 移除 FollowUpRecordList 调用不存在的导出端点 - H4: 新增 articles.ts 前端 API 模块 MEDIUM: - M1: article delete 添加乐观锁 (expected_version) - M2: 取消预约排班释放传播错误 (log::warn -> ?) - M3: FollowUpTaskList 日期格式 Dayjs -> string - M4: 补充 15 个缺失审计日志 LOW: - L1: 替换 follow_up_service 中的 .unwrap() - L2: PatientListItem 添加 version 字段 CRITICAL (新发现): - 权限未同步: 健康模块 14 个权限从未写入数据库,添加启动时自动同步 - migration 表名错误: patients -> patient - 编译错误: health_trend entity 未导入, ToPrimitive trait 未导入 - HealthError 缺少 From<AppError> 实现
This commit is contained in:
iven
88
apps/web/src/api/health/articles.ts
Normal file
88
apps/web/src/api/health/articles.ts
Normal file
@@ -0,0 +1,88 @@
|
||||
import client from '../client';
|
||||
import type { PaginatedResponse } from '../types';
|
||||
|
||||
// --- Types ---
|
||||
export interface ArticleListItem {
|
||||
id: string;
|
||||
title: string;
|
||||
summary?: string;
|
||||
cover_image?: string;
|
||||
category?: string;
|
||||
author?: string;
|
||||
published_at?: string;
|
||||
}
|
||||
|
||||
export interface Article extends ArticleListItem {
|
||||
content?: string;
|
||||
created_at: string;
|
||||
updated_at: string;
|
||||
version: number;
|
||||
}
|
||||
|
||||
export interface CreateArticleReq {
|
||||
title: string;
|
||||
summary?: string;
|
||||
content?: string;
|
||||
cover_image?: string;
|
||||
category?: string;
|
||||
author?: string;
|
||||
published_at?: string;
|
||||
}
|
||||
|
||||
export interface UpdateArticleReq {
|
||||
title?: string;
|
||||
summary?: string;
|
||||
content?: string;
|
||||
cover_image?: string;
|
||||
category?: string;
|
||||
author?: string;
|
||||
published_at?: string;
|
||||
version: number;
|
||||
}
|
||||
|
||||
// --- API ---
|
||||
export const articleApi = {
|
||||
list: async (params: {
|
||||
page?: number;
|
||||
page_size?: number;
|
||||
category?: string;
|
||||
}) => {
|
||||
const { data } = await client.get<{
|
||||
success: boolean;
|
||||
data: PaginatedResponse<ArticleListItem>;
|
||||
}>('/health/articles', { params });
|
||||
return data.data;
|
||||
},
|
||||
|
||||
get: async (id: string) => {
|
||||
const { data } = await client.get<{
|
||||
success: boolean;
|
||||
data: Article;
|
||||
}>(`/health/articles/${id}`);
|
||||
return data.data;
|
||||
},
|
||||
|
||||
create: async (req: CreateArticleReq) => {
|
||||
const { data } = await client.post<{
|
||||
success: boolean;
|
||||
data: Article;
|
||||
}>('/health/articles', req);
|
||||
return data.data;
|
||||
},
|
||||
|
||||
update: async (id: string, req: UpdateArticleReq) => {
|
||||
const { data } = await client.put<{
|
||||
success: boolean;
|
||||
data: Article;
|
||||
}>(`/health/articles/${id}`, req);
|
||||
return data.data;
|
||||
},
|
||||
|
||||
delete: async (id: string) => {
|
||||
const { data } = await client.delete<{
|
||||
success: boolean;
|
||||
data: null;
|
||||
}>(`/health/articles/${id}`);
|
||||
return data.data;
|
||||
},
|
||||
};
|
||||
@@ -65,6 +65,14 @@ export const consultationApi = {
|
||||
return data.data;
|
||||
},
|
||||
|
||||
getSession: async (id: string) => {
|
||||
const { data } = await client.get<{
|
||||
success: boolean;
|
||||
data: Session;
|
||||
}>(`/health/consultation-sessions/${id}`);
|
||||
return data.data;
|
||||
},
|
||||
|
||||
closeSession: async (
|
||||
id: string,
|
||||
req: { version: number },
|
||||
|
||||
@@ -13,6 +13,7 @@ export interface PatientListItem {
|
||||
source?: string;
|
||||
created_at: string;
|
||||
updated_at: string;
|
||||
version: number;
|
||||
}
|
||||
|
||||
export interface PatientDetail {
|
||||
|
||||
@@ -63,12 +63,10 @@ export default function ConsultationDetail() {
|
||||
if (!sessionId) return;
|
||||
setSessionLoading(true);
|
||||
try {
|
||||
// Use the list endpoint to find our session
|
||||
const result = await consultationApi.listSessions({ page: 1, page_size: 1 });
|
||||
const found = result.data.find((s) => s.id === sessionId);
|
||||
if (found) setSession(found);
|
||||
const result = await consultationApi.getSession(sessionId);
|
||||
setSession(result);
|
||||
} catch {
|
||||
// Session info is supplementary; don't block chat
|
||||
message.error('加载会话信息失败');
|
||||
}
|
||||
setSessionLoading(false);
|
||||
}, [sessionId]);
|
||||
|
||||
@@ -4,7 +4,6 @@ import type { ColumnsType, TablePaginationConfig } from 'antd/es/table';
|
||||
import dayjs from 'dayjs';
|
||||
import { followUpApi, type FollowUpRecord } from '../../api/health/followUp';
|
||||
import { PatientSelect } from './components/PatientSelect';
|
||||
import { ExportButton } from './components/ExportButton';
|
||||
|
||||
const RESULT_MAP: Record<string, string> = {
|
||||
normal: '正常',
|
||||
@@ -43,8 +42,9 @@ export default function FollowUpRecordList() {
|
||||
setTotal(result.total);
|
||||
} catch {
|
||||
message.error('加载随访记录失败');
|
||||
} finally {
|
||||
setLoading(false);
|
||||
}
|
||||
setLoading(false);
|
||||
}, []);
|
||||
|
||||
useEffect(() => {
|
||||
@@ -81,12 +81,6 @@ export default function FollowUpRecordList() {
|
||||
}));
|
||||
};
|
||||
|
||||
// Build export params
|
||||
const exportParams: Record<string, string> = {};
|
||||
if (query.patient_id) exportParams.patient_id = query.patient_id;
|
||||
if (query.start_date) exportParams.start_date = query.start_date;
|
||||
if (query.end_date) exportParams.end_date = query.end_date;
|
||||
|
||||
// --- Columns ---
|
||||
const columns: ColumnsType<FollowUpRecord> = [
|
||||
{
|
||||
@@ -178,11 +172,6 @@ export default function FollowUpRecordList() {
|
||||
onChange={(val) => handlePatientChange(val)}
|
||||
placeholder="筛选患者"
|
||||
/>
|
||||
<ExportButton
|
||||
fetchUrl="/health/follow-up-records/export"
|
||||
params={exportParams}
|
||||
filename={`随访记录_${dayjs().format('YYYYMMDD')}.csv`}
|
||||
/>
|
||||
<span
|
||||
style={{
|
||||
fontSize: 13,
|
||||
|
||||
@@ -108,8 +108,9 @@ export default function FollowUpTaskList() {
|
||||
setTotal(result.total);
|
||||
} catch {
|
||||
message.error('加载随访任务失败');
|
||||
} finally {
|
||||
setLoading(false);
|
||||
}
|
||||
setLoading(false);
|
||||
}, []);
|
||||
|
||||
useEffect(() => {
|
||||
@@ -134,9 +135,13 @@ export default function FollowUpTaskList() {
|
||||
try {
|
||||
const values = await createForm.validateFields();
|
||||
setCreateLoading(true);
|
||||
const plannedDate = values.planned_date;
|
||||
await followUpApi.createTask({
|
||||
...values,
|
||||
planned_date: values.planned_date,
|
||||
patient_id: values.patient_id,
|
||||
follow_up_type: values.follow_up_type,
|
||||
planned_date: dayjs.isDayjs(plannedDate) ? plannedDate.format('YYYY-MM-DD') : plannedDate,
|
||||
assigned_to: values.assigned_to,
|
||||
content_template: values.content_template,
|
||||
});
|
||||
message.success('随访任务创建成功');
|
||||
setCreateOpen(false);
|
||||
|
||||
Reference in New Issue
Block a user