iven/hms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(health): dialysis/lab_report/diagnosis PII 加密
Some checks failed
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details

Browse Source 
- 迁移 m000069-m000071: 三个表添加 key_version
- dialysis_record: symptoms(JSON) + complication_notes 加密
- lab_report: items(JSON) + doctor_notes 加密
- diagnosis: notes 加密
- JSON 字段: serialize → encrypt → Value::String(ciphertext)
- 解密失败时回退原始值(兼容未迁移明文数据)
This commit is contained in:
iven
2026-04-26 12:35:27 +08:00
parent cb3653c92e
commit 731e080125
10 changed files with 316 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
crates/erp-server/migration/src/lib.rs
View File

@@ -68,6 +68,9 @@ mod m20260427_000065_add_consultation_message_key_version;
mod m20260427_000066_add_follow_up_record_key_version;
mod m20260427_000067_add_family_member_pii_fields;
mod m20260427_000068_add_doctor_profile_pii_fields;
mod m20260427_000069_add_dialysis_record_key_version;
mod m20260427_000070_add_lab_report_key_version;
mod m20260427_000071_add_diagnosis_key_version;
pub struct Migrator;
@@ -143,6 +146,9 @@ impl MigratorTrait for Migrator {
Box::new(m20260427_000066_add_follow_up_record_key_version::Migration),
Box::new(m20260427_000067_add_family_member_pii_fields::Migration),
Box::new(m20260427_000068_add_doctor_profile_pii_fields::Migration),
Box::new(m20260427_000069_add_dialysis_record_key_version::Migration),
Box::new(m20260427_000070_add_lab_report_key_version::Migration),
Box::new(m20260427_000071_add_diagnosis_key_version::Migration),
]
}
}

39
crates/erp-server/migration/src/m20260427_000069_add_dialysis_record_key_version.rs Normal file
View File

@@ -0,0 +1,39 @@
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
Table::alter()
.table(DialysisRecord::Table)
.add_column(ColumnDef::new(DialysisRecord::KeyVersion).integer().null())
.to_owned(),
)
.await?;
Ok(())
}
async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
Table::alter()
.table(DialysisRecord::Table)
.drop_column(DialysisRecord::KeyVersion)
.to_owned(),
)
.await?;
Ok(())
}
}
#[derive(DeriveIden)]
enum DialysisRecord {
Table,
KeyVersion,
}

39
crates/erp-server/migration/src/m20260427_000070_add_lab_report_key_version.rs Normal file
View File

@@ -0,0 +1,39 @@
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
Table::alter()
.table(LabReport::Table)
.add_column(ColumnDef::new(LabReport::KeyVersion).integer().null())
.to_owned(),
)
.await?;
Ok(())
}
async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
Table::alter()
.table(LabReport::Table)
.drop_column(LabReport::KeyVersion)
.to_owned(),
)
.await?;
Ok(())
}
}
#[derive(DeriveIden)]
enum LabReport {
Table,
KeyVersion,
}

39
crates/erp-server/migration/src/m20260427_000071_add_diagnosis_key_version.rs Normal file
View File

@@ -0,0 +1,39 @@
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
Table::alter()
.table(Diagnosis::Table)
.add_column(ColumnDef::new(Diagnosis::KeyVersion).integer().null())
.to_owned(),
)
.await?;
Ok(())
}
async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
Table::alter()
.table(Diagnosis::Table)
.drop_column(Diagnosis::KeyVersion)
.to_owned(),
)
.await?;
Ok(())
}
}
#[derive(DeriveIden)]
enum Diagnosis {
Table,
KeyVersion,
}