fix(health): 二次审计修复 — 状态机/枚举校验/归属验证/事件补全

- 状态机验证: patient.status (active→inactive/deceased/inactive→active),
  patient.verification_status (pending→verified/rejected), follow_up_task.status
  (pending→in_progress/cancelled, in_progress→completed/cancelled)
- 枚举白名单: gender/blood_type/appointment_type/period_type/schedule_status/
  follow_up_type/sender_role/content_type/consultation_type
- 归属验证: family_member update/delete 校验 patient_id 匹配
- 事件补全: patient.deceased/verified 条件事件, consultation close 允许 waiting
- 默认值修正: appointment_type "regular"→"outpatient", period_type "morning"→"am",
  consultation_type "text"→"customer_service"
- 新增 validation.rs 通用校验模块

crates/erp-health/src/error.rs

@@ -17,6 +17,21 @@ pub enum HealthError {
     #[error("排班不存在")]
     ScheduleNotFound,
 
+    #[error("体征记录不存在")]
+    VitalSignsNotFound,
+
+    #[error("化验报告不存在")]
+    LabReportNotFound,
+
+    #[error("健康档案不存在")]
+    HealthRecordNotFound,
+
+    #[error("家庭成员不存在")]
+    FamilyMemberNotFound,
+
+    #[error("标签不存在")]
+    TagNotFound,
+
     #[error("排班已满，无法预约")]
     ScheduleFull,
 
@@ -44,6 +59,11 @@ impl From<HealthError> for AppError {
             | HealthError::DoctorNotFound
             | HealthError::AppointmentNotFound
             | HealthError::ScheduleNotFound
+            | HealthError::VitalSignsNotFound
+            | HealthError::LabReportNotFound
+            | HealthError::HealthRecordNotFound
+            | HealthError::FamilyMemberNotFound
+            | HealthError::TagNotFound
             | HealthError::FollowUpTaskNotFound
             | HealthError::ConsultationNotFound => AppError::NotFound(err.to_string()),
             HealthError::ScheduleFull => AppError::Validation(err.to_string()),