fix(health): 精准审计修复 6 个真实问题 — 安全/一致性/性能

P0: consultation handler sender_role 从请求体移除，改为服务端推导（防伪造） P1: 所有软删除操作统一使用 check_version 乐观锁（6个函数） P1: 修复 health_trend 索引缺少 tenant_id 前导列 + follow_up_record 补 (tenant_id, executed_date) 索引 P2: Decimal->f64 使用 ToPrimitive::to_f64 替代脆弱的 to_string().parse() P2: 预约取消释放槽位+状态更新包裹进同一事务
2026-04-24 08:36:22 +08:00
parent 6391a13467
commit a0ca156e2c
14 changed files with 136 additions and 26 deletions
--- a/crates/erp-health/src/handler/consultation_handler.rs
+++ b/crates/erp-health/src/handler/consultation_handler.rs
@@ -35,7 +35,6 @@ pub struct CloseSessionReq {
 #[derive(Debug, serde::Deserialize, utoipa::ToSchema)]
 pub struct CreateConsultationMessageReq {
    pub session_id: Uuid,
-    pub sender_role: String,
    pub content_type: Option<String>,
    pub content: String,
 }
@@ -135,7 +134,7 @@ where
    let msg_req = CreateMessageReq {
        session_id: req.session_id,
        sender_id: ctx.user_id,
-        sender_role: req.sender_role,
+        sender_role: "doctor".to_string(),
        content_type: req.content_type,
        content: req.content,
    };
--- a/crates/erp-health/src/handler/doctor_handler.rs
+++ b/crates/erp-health/src/handler/doctor_handler.rs
@@ -28,6 +28,11 @@ pub struct UpdateDoctorWithVersion {
    pub version: i32,
 }

+#[derive(Debug, serde::Deserialize, utoipa::ToSchema)]
+pub struct DeleteWithVersion {
+    pub version: i32,
+}
+
 pub async fn list_doctors<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
@@ -100,12 +105,13 @@ pub async fn delete_doctor<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
    Path(id): Path<Uuid>,
+    Json(req): Json<DeleteWithVersion>,
 ) -> Result<Json<ApiResponse<()>>, AppError>
 where
    HealthState: FromRef<S>,
    S: Clone + Send + Sync + 'static,
 {
    require_permission(&ctx, "health.doctor.manage")?;
-    doctor_service::delete_doctor(&state, ctx.tenant_id, id, Some(ctx.user_id)).await?;
+    doctor_service::delete_doctor(&state, ctx.tenant_id, id, Some(ctx.user_id), req.version).await?;
    Ok(Json(ApiResponse::ok(())))
 }
--- a/crates/erp-health/src/handler/follow_up_handler.rs
+++ b/crates/erp-health/src/handler/follow_up_handler.rs
@@ -36,6 +36,11 @@ pub struct UpdateFollowUpTaskWithVersion {
    pub version: i32,
 }

+#[derive(Debug, serde::Deserialize, utoipa::ToSchema)]
+pub struct DeleteWithVersion {
+    pub version: i32,
+}
+
 pub async fn list_tasks<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
@@ -95,13 +100,14 @@ pub async fn delete_task<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
    Path(id): Path<Uuid>,
+    Json(req): Json<DeleteWithVersion>,
 ) -> Result<Json<ApiResponse<()>>, AppError>
 where
    HealthState: FromRef<S>,
    S: Clone + Send + Sync + 'static,
 {
    require_permission(&ctx, "health.follow-up.manage")?;
-    follow_up_service::delete_task(&state, ctx.tenant_id, id, Some(ctx.user_id)).await?;
+    follow_up_service::delete_task(&state, ctx.tenant_id, id, Some(ctx.user_id), req.version).await?;
    Ok(Json(ApiResponse::ok(())))
 }

--- a/crates/erp-health/src/handler/health_data_handler.rs
+++ b/crates/erp-health/src/handler/health_data_handler.rs
@@ -34,6 +34,11 @@ pub struct GenerateTrendReq {
    pub period_end: chrono::NaiveDate,
 }

+#[derive(Debug, serde::Deserialize, utoipa::ToSchema)]
+pub struct DeleteWithVersion {
+    pub version: i32,
+}
+
 #[derive(Debug, serde::Deserialize, utoipa::ToSchema)]
 pub struct UpdateWithVersion<T> {
    pub data: T,
@@ -104,13 +109,14 @@ pub async fn delete_vital_signs<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
    Path((_patient_id, vid)): Path<(Uuid, Uuid)>,
+    Json(req): Json<DeleteWithVersion>,
 ) -> Result<Json<ApiResponse<()>>, AppError>
 where
    HealthState: FromRef<S>,
    S: Clone + Send + Sync + 'static,
 {
    require_permission(&ctx, "health.health-data.manage")?;
-    health_data_service::delete_vital_signs(&state, ctx.tenant_id, vid, Some(ctx.user_id)).await?;
+    health_data_service::delete_vital_signs(&state, ctx.tenant_id, vid, Some(ctx.user_id), req.version).await?;
    Ok(Json(ApiResponse::ok(())))
 }

@@ -178,13 +184,14 @@ pub async fn delete_lab_report<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
    Path((_patient_id, rid)): Path<(Uuid, Uuid)>,
+    Json(req): Json<DeleteWithVersion>,
 ) -> Result<Json<ApiResponse<()>>, AppError>
 where
    HealthState: FromRef<S>,
    S: Clone + Send + Sync + 'static,
 {
    require_permission(&ctx, "health.health-data.manage")?;
-    health_data_service::delete_lab_report(&state, ctx.tenant_id, rid, Some(ctx.user_id)).await?;
+    health_data_service::delete_lab_report(&state, ctx.tenant_id, rid, Some(ctx.user_id), req.version).await?;
    Ok(Json(ApiResponse::ok(())))
 }

@@ -252,13 +259,14 @@ pub async fn delete_health_record<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
    Path((_patient_id, rid)): Path<(Uuid, Uuid)>,
+    Json(req): Json<DeleteWithVersion>,
 ) -> Result<Json<ApiResponse<()>>, AppError>
 where
    HealthState: FromRef<S>,
    S: Clone + Send + Sync + 'static,
 {
    require_permission(&ctx, "health.health-data.manage")?;
-    health_data_service::delete_health_record(&state, ctx.tenant_id, rid, Some(ctx.user_id)).await?;
+    health_data_service::delete_health_record(&state, ctx.tenant_id, rid, Some(ctx.user_id), req.version).await?;
    Ok(Json(ApiResponse::ok(())))
 }

--- a/crates/erp-health/src/handler/patient_handler.rs
+++ b/crates/erp-health/src/handler/patient_handler.rs
@@ -30,6 +30,11 @@ pub struct AssignDoctorReq {
    pub relationship_type: Option<String>,
 }

+#[derive(Debug, serde::Deserialize, utoipa::ToSchema)]
+pub struct DeleteWithVersion {
+    pub version: i32,
+}
+
 pub async fn list_patients<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
@@ -118,13 +123,14 @@ pub async fn delete_patient<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
    Path(id): Path<Uuid>,
+    Json(req): Json<DeleteWithVersion>,
 ) -> Result<Json<ApiResponse<()>>, AppError>
 where
    HealthState: FromRef<S>,
    S: Clone + Send + Sync + 'static,
 {
    require_permission(&ctx, "health.patient.manage")?;
-    patient_service::delete_patient(&state, ctx.tenant_id, id, Some(ctx.user_id)).await?;
+    patient_service::delete_patient(&state, ctx.tenant_id, id, Some(ctx.user_id), req.version).await?;
    Ok(Json(ApiResponse::ok(())))
 }

@@ -219,6 +225,7 @@ pub async fn delete_family_member<S>(
    State(state): State<HealthState>,
    Extension(ctx): Extension<TenantContext>,
    Path((patient_id, member_id)): Path<(Uuid, Uuid)>,
+    Json(req): Json<DeleteWithVersion>,
 ) -> Result<Json<ApiResponse<()>>, AppError>
 where
    HealthState: FromRef<S>,
@@ -226,7 +233,7 @@ where
 {
    require_permission(&ctx, "health.patient.manage")?;
    patient_service::delete_family_member(
-        &state, ctx.tenant_id, patient_id, member_id, Some(ctx.user_id),
+        &state, ctx.tenant_id, patient_id, member_id, Some(ctx.user_id), req.version,
    )
    .await?;
    Ok(Json(ApiResponse::ok(())))