fix(health): 二次审计修复 — 状态机/枚举校验/归属验证/事件补全

- 状态机验证: patient.status (active→inactive/deceased/inactive→active),
  patient.verification_status (pending→verified/rejected), follow_up_task.status
  (pending→in_progress/cancelled, in_progress→completed/cancelled)
- 枚举白名单: gender/blood_type/appointment_type/period_type/schedule_status/
  follow_up_type/sender_role/content_type/consultation_type
- 归属验证: family_member update/delete 校验 patient_id 匹配
- 事件补全: patient.deceased/verified 条件事件, consultation close 允许 waiting
- 默认值修正: appointment_type "regular"→"outpatient", period_type "morning"→"am",
  consultation_type "text"→"customer_service"
- 新增 validation.rs 通用校验模块

crates/erp-health/src/handler/patient_handler.rs

@@ -104,6 +104,8 @@ where
         emergency_contact_phone: req.emergency_contact_phone,
         source: req.source,
         notes: req.notes,
+        status: req.status,
+        verification_status: req.verification_status,
     };
     let result = patient_service::update_patient(
         &state, ctx.tenant_id, id, Some(ctx.user_id), update, version,
@@ -281,6 +283,8 @@ pub struct UpdatePatientWithVersion {
     pub emergency_contact_phone: Option<String>,
     pub source: Option<String>,
     pub notes: Option<String>,
+    pub status: Option<String>,
+    pub verification_status: Option<String>,
     pub version: i32,
 }