15 Commits

Author	SHA1	Message	Date
iven	669ca44360	feat(web): 主题设置联动 — 扩展 ThemeConfig 品牌字段 + 设置页面表单 ... - ThemeConfig 接口增加 brand_name/brand_slogan/brand_features/brand_copyright - 新增 BrandConfig 接口和 getPublicBrand 公开品牌信息获取 - app store 增加 themeConfig 缓存和 loadThemeConfig 方法 - ThemeSettings 页面增加品牌设置表单（品牌名称/标语/特性/版权）	2026-05-01 17:37:10 +08:00
iven	8a253a4910	fix: 低优先级收尾 — 图片上传/语言编辑/插件恢复/URL 编码 ... - P3-2: ArticleEditor 图片上传接入 /upload 端点 + 封面图上传按钮 - P4-3: recover_plugins 添加 tenant 日志 + 同 ID 去重保护 - P4-4: LanguageManager 编辑弹窗改为真实表单 (name 字段) + 后端 name 持久化 - P4-6: Settings API getSetting/updateSetting 添加 encodeURIComponent	2026-04-26 19:52:42 +08:00
iven	b05b7c27a0	feat: 审计修复 Phase 6-7 — SSE 推送/工作流补全/消息群发/前端收尾 ... Phase 6 功能补全: - P1-3: 消息 SSE 实时推送端点 + 前端 EventSource 连接 - P1-6: ServiceTask HTTP 调用能力 (reqwest GET/POST) - P1-7: user.deleted 事件处理 — 终止相关流程实例 - P1-8: 任务认领 (claim) 端点 + handler - P1-9: 超时检查器发布 task.timeout 事件 - P1-15: 组织/部门名称唯一性校验 (create + update) - P1-18: 消息群发 fan-out (role/department/all 批量投递) Phase 7 P3-P4 收尾: - PluginAdmin purge 按钮状态修复 - ChangePassword 最小 8 字符 + 新旧密码不同验证 - AuditLogViewer 用户名缓存 + 扩展资源类型 - InstanceMonitor 通过 definition 缓存解析 node_name - NotificationPreferences DND 时间范围校验	2026-04-26 19:44:04 +08:00
iven	2539e5fc44	fix(web): 系统设置 CRUD 修复 — version 乐观锁 + 语言字段映射 + JSON 显示 ... - API 层所有 Info/Request 接口添加 version 字段，update 函数传递 version - delete 函数改为 client.delete(url, { data: { version } }) 发送 JSON body - LanguageInfo.enabled → is_active，匹配后端 LanguageResp 字段名 - LanguageManager 编辑弹窗简化为只读详情（后端仅支持 is_active 切换） - SystemSettings 设置值显示改用 JSON.stringify 而非 String() - SystemSettings updateSetting 发送解析后的 JSON 对象而非字符串	2026-04-26 01:28:13 +08:00
iven	945ccd64ba	fix: 全面 QA 审计修复 — 安全加固/代码质量/跨平台一致性/测试覆盖 ... Phase 0 安全热修复 (CRITICAL): - 外部化微信 appid/secret 到 ERP__WECHAT__APPID/SECRET 环境变量 - 正确连接 HealthCrypto 到 ERP__HEALTH__AES_KEY/HMAC_KEY 环境变量 - 外部化小程序加密密钥到 TARO_APP_ENCRYPTION_KEY 环境变量 - 移除小程序 auth store 中的敏感信息 console.log Phase 1 安全加固: - 微信自动注册 display_name 添加 sanitize 防止 XSS - 测试数据库凭据改为从 TEST_DB_URL 环境变量读取 Phase 2 代码质量: - 提取 useThemeMode hook 消除 22 处重复暗色模式检测 - 提取共享健康常量到 constants/health.ts - 拆分 patient_service.rs 脱敏函数到 masking.rs - 移除未使用的 i18next/react-i18next 依赖 - 移除未使用的 api/errors.ts 和 erp-auth/anyhow 依赖 Phase 3 测试覆盖: - 新增 5 个患者模块集成测试 (CRUD/租户隔离/验证/软删除) Phase 4 跨平台一致性: - 统一小程序 Patient.birthday → birth_date 匹配后端 - 统一小程序 Appointment.time_slot → start_time/end_time 匹配后端 Phase 5 架构: - 微信登录添加多租户 TODO 注释 - 更新 wiki/infrastructure.md 环境变量文档	2026-04-25 10:00:49 +08:00
iven	89fc482d99	feat(web): 采用 UI UX Pro Max Soft UI Evolution 设计系统 ... 从 Pinterest 风格切换到 Soft UI Evolution 设计系统，使用 UI UX Pro Max 推理引擎生成适合跨行业 ERP 业务用户的专业设计方案。 设计变更： - 主色从 Pinterest Red (#e60023) 切换到 Trust Blue (#2563EB) - 字体从系统默认切换到 Noto Sans SC（中文优先） - 圆角从 16-20px 调整到 10-12px（专业但不夸张） - 中性色从暖橄榄调切换到 Slate 石板蓝调 - 成功色 #103c25 → #059669，警告色 #b56e1a → #d97706 - 暗色模式从暖黑 (#1a1a18) 切换到深海军蓝 (#0f172a) 涉及文件：DESIGN.md + index.css + App.tsx + 24 个组件文件	2026-04-20 23:27:24 +08:00
iven	85e732cf12	feat(web): 从 Notion 风格切换到 Pinterest 设计系统 ... - 替换 DESIGN.md 为 Pinterest 设计规格（暖色调、红色主题、大圆角） - 更新 CSS 变量：主色 #0075de→#e60023, 圆角 4px→16px, 背景 #f6f5f4→#f6f6f3 - 更新 Ant Design 主题令牌：更大圆角、Pinterest 色板、更大触控目标 - 批量更新 24 个页面/组件文件中的硬编码颜色值 - 暗色模式同步适配 Pinterest 暖色调暗色方案	2026-04-20 22:13:20 +08:00
iven	8f3d2d58e7	feat(web): 采用 Notion 设计系统 — 暖色调 + 白色侧边栏 + Inter 字体 ... 引入 Notion 风格的 DESIGN.md 设计系统文件，并全面重构前端 UI： - 主色从 Indigo (#4F46E5) 迁移到 Notion Blue (#0075de) - 页面背景从冷灰 (#F1F5F9) 迁移到暖白 (#f6f5f4) - 侧边栏从深色 (#0F172A) 迁移到白色，活跃项用蓝色指示 - 文字从 Slate 冷色迁移到暖灰系列 (Warm Gray 500/300) - 圆角从 8px 缩小到 4px（按钮/输入），8px（卡片） - 阴影改为多层超轻 Notion 风格（最大 opacity 0.05） - 字体优先使用 Inter，保留中文回退 - 暗色模式适配暖黑色调 (#191918) - 更新 27 个前端文件的硬编码颜色值	2026-04-20 13:08:22 +08:00
iven	7e8fabb095	feat(auth): add change password API and frontend page ... Backend: - Add ChangePasswordReq DTO with validation (current + new password) - Add AuthService::change_password() method with credential verification, password rehash, and token revocation - Add POST /api/v1/auth/change-password endpoint with utoipa annotation Frontend: - Add changePassword() API function in auth.ts - Add ChangePassword.tsx page with form validation and confirmation - Add "修改密码" tab in Settings page After password change, all refresh tokens are revoked and the user is redirected to the login page.	2026-04-15 01:32:18 +08:00
iven	9568dd7875	chore: apply cargo fmt across workspace and update docs ... - Run cargo fmt on all Rust crates for consistent formatting - Update CLAUDE.md with WASM plugin commands and dev.ps1 instructions - Update wiki: add WASM plugin architecture, rewrite dev environment docs - Minor frontend cleanup (unused imports)	2026-04-15 00:49:20 +08:00
iven	e16c1a85d7	feat(web): comprehensive frontend performance and UI/UX optimization ... Performance improvements: - Vite build: manual chunks, terser minification, optimizeDeps - API response caching with 5s TTL via axios interceptors - React.memo for SidebarMenuItem, useCallback for handlers - CSS classes replacing inline styles to reduce reflows UI/UX enhancements (inspired by SAP Fiori, Linear, Feishu): - Dashboard: trend indicators, sparkline charts, CountUp animation on stat cards - Dashboard: pending tasks section with priority labels - Dashboard: recent activity timeline - Design system tokens: trend colors, line-height, dark mode refinements - Enhanced quick actions with hover animations Accessibility (Lighthouse 100/100): - Skip-to-content link, ARIA landmarks, heading hierarchy - prefers-reduced-motion support, focus-visible states - Color contrast fixes: all text meets 4.5:1 ratio - Keyboard navigation for stat cards and task items SEO: meta theme-color, format-detection, robots.txt	2026-04-13 01:37:55 +08:00
iven	3b41e73f82	fix: resolve E2E audit findings and add Phase C frontend pages ... - Fix audit_log handler multi-tenant bug: use Extension<TenantContext> instead of hardcoded default_tenant_id - Fix sendMessage route mismatch: frontend /messages/send → /messages - Add POST /users/{id}/roles backend route for role assignment - Add task.completed event payload: started_by + instance_id for notification delivery - Add audit log viewer frontend page (AuditLogViewer.tsx) - Add language management frontend page (LanguageManager.tsx) - Add api/auditLogs.ts and api/languages.ts modules	2026-04-12 15:57:33 +08:00
iven	14f431efff	feat: systematic functional audit — fix 18 issues across Phase A/B ... Phase A (P1 production blockers): - A1: Apply IP rate limiting to public routes (login/refresh) - A2: Publish domain events for workflow instance state transitions (completed/suspended/resumed/terminated) via outbox pattern - A3: Replace hardcoded nil UUID default tenant with dynamic DB lookup - A4: Add GET /api/v1/audit-logs query endpoint with pagination - A5: Enhance CORS wildcard warning for production environments Phase B (P2 functional gaps): - B1: Remove dead erp-common crate (zero references in codebase) - B2: Refactor 5 settings pages to use typed API modules instead of direct client calls; create api/themes.ts; delete dead errors.ts - B3: Add resume/suspend buttons to InstanceMonitor page - B4: Remove unused EventHandler trait from erp-core - B5: Handle task.completed events in message module (send notifications) - B6: Wire TimeoutChecker as 60s background task - B7: Auto-skip ServiceTask nodes instead of crashing the process - B8: Remove empty register_routes() from ErpModule trait and modules	2026-04-12 15:22:28 +08:00
iven	4bfd9573db	fix(config): add individual menu CRUD endpoints and fix frontend menu data handling ... - Add POST /config/menus (create single menu) - Add PUT /config/menus/{id} (update single menu) - Add DELETE /config/menus/{id} (soft delete single menu) - Frontend MenuConfig was calling individual CRUD routes that didn't exist, causing 404 errors on all create/update/delete operations - Fix frontend to correctly handle nested tree response from backend	2026-04-11 14:34:48 +08:00
iven	0baaf5f7ee	feat(config): add system configuration module (Phase 3) ... Implement the complete erp-config crate with: - Data dictionaries (CRUD + items management) - Dynamic menus (tree structure with role filtering) - System settings (hierarchical: platform > tenant > org > user) - Numbering rules (concurrency-safe via PostgreSQL advisory_lock) - Theme and language configuration (via settings store) - 6 database migrations (dictionaries, menus, settings, numbering_rules) - Frontend Settings page with 5 tabs (dictionary, menu, numbering, settings, theme) Refactor: move RBAC functions (require_permission) from erp-auth to erp-core to avoid cross-module dependencies. Add 20 new seed permissions for config module operations.	2026-04-11 08:09:19 +08:00