feat(health): 危急值告警消费者 — 幂等处理 + Handler + 路由

- event.rs: 消费 health_data.critical_alert 事件创建告警记录
- handler: list/get/acknowledge 三个端点
- 路由: /health/critical-alerts, /health/critical-alerts/{id}/acknowledge
- 权限: health.critical-alert.list / health.critical-alert.manage

crates/erp-health/src/handler/critical_alert_handler.rs

@@ -0,0 +1,87 @@
+use axum::extract::{FromRef, Path, Query, State};
+use axum::response::IntoResponse;
+use axum::Extension;
+use serde::Deserialize;
+use utoipa::IntoParams;
+use uuid::Uuid;
+
+use erp_core::error::AppError;
+use erp_core::rbac::require_permission;
+use erp_core::types::{ApiResponse, PaginatedResponse, TenantContext};
+
+use crate::service::critical_alert_service;
+use crate::state::HealthState;
+
+#[derive(Debug, Deserialize, IntoParams)]
+pub struct CriticalAlertListQuery {
+    pub page: Option<u64>,
+    pub page_size: Option<u64>,
+}
+
+pub async fn list_critical_alerts<S>(
+    State(state): State<HealthState>,
+    Extension(ctx): Extension<TenantContext>,
+    Query(query): Query<CriticalAlertListQuery>,
+) -> Result<impl IntoResponse, AppError>
+where
+    HealthState: FromRef<S>,
+    S: Clone + Send + Sync + 'static,
+{
+    require_permission(&ctx, "health.critical-alert.list")?;
+    let page = query.page.unwrap_or(1);
+    let page_size = query.page_size.unwrap_or(20);
+
+    let (items, total) = critical_alert_service::list_pending_alerts(
+        &state, ctx.tenant_id, page, page_size,
+    )
+    .await?;
+
+    Ok(axum::Json(ApiResponse::ok(PaginatedResponse {
+        data: items,
+        total,
+        page,
+        page_size,
+        total_pages: total.div_ceil(page_size.max(1)),
+    })))
+}
+
+pub async fn get_critical_alert<S>(
+    State(state): State<HealthState>,
+    Extension(ctx): Extension<TenantContext>,
+    Path(id): Path<Uuid>,
+) -> Result<impl IntoResponse, AppError>
+where
+    HealthState: FromRef<S>,
+    S: Clone + Send + Sync + 'static,
+{
+    require_permission(&ctx, "health.critical-alert.list")?;
+    let alert = critical_alert_service::get_alert(&state, ctx.tenant_id, id).await?;
+    Ok(axum::Json(ApiResponse::ok(alert)))
+}
+
+#[derive(Debug, serde::Deserialize, utoipa::ToSchema)]
+pub struct AcknowledgeCriticalAlertRequest {
+    pub notes: Option<String>,
+}
+
+pub async fn acknowledge_critical_alert<S>(
+    State(state): State<HealthState>,
+    Extension(ctx): Extension<TenantContext>,
+    Path(id): Path<Uuid>,
+    axum::Json(body): axum::Json<AcknowledgeCriticalAlertRequest>,
+) -> Result<impl IntoResponse, AppError>
+where
+    HealthState: FromRef<S>,
+    S: Clone + Send + Sync + 'static,
+{
+    require_permission(&ctx, "health.critical-alert.manage")?;
+    critical_alert_service::acknowledge_alert(
+        &state,
+        ctx.tenant_id,
+        id,
+        ctx.user_id,
+        body.notes,
+    )
+    .await?;
+    Ok(axum::Json(ApiResponse::ok(serde_json::json!({"message": "告警已确认"}))))
+}

crates/erp-health/src/handler/mod.rs

@@ -6,6 +6,7 @@ pub mod article_handler;
 pub mod article_tag_handler;
 pub mod consultation_handler;
 pub mod consent_handler;
+pub mod critical_alert_handler;
 pub mod critical_value_threshold_handler;
 pub mod daily_monitoring_handler;
 pub mod device_reading_handler;