16 Commits

Author	SHA1	Message	Date
iven	c631d364b3	fix(core): 消除乐观锁 version.unwrap() 潜在 panic ... 20 处 ActiveValue::unwrap() + 1 乐观锁递增改为 take().unwrap_or(0) + 1， 避免数据库记录缺少 version 字段时 panic。覆盖 erp-auth/erp-config/ erp-workflow/erp-health/erp-ai/erp-server 7 个 crate。 DTO 层 Option<i32> 字段保持原有 unwrap_or(0) 不变。	2026-05-17 13:05:40 +08:00
iven	8763e10d6e	fix: 全局权限优化 — 7 项问题修复 ... 1. 菜单权限修复：补充 10 个菜单的 permission 字段 + 修复 menu_service 回退逻辑（admin 直接跳过过滤，非 admin 无关联则不显示）+ 收紧前端过滤 2. 管理员重置密码：新增 POST /users/{id}/reset-password 端点 + 前端按钮 3. 告警处理人姓名：AlertResponse 添加 acknowledged_by_name 字段 4. Tab 权限过滤：PatientDetail 6 个 Tab 按权限过滤 + 状态字段 Tooltip 5. 消息中心 UI：添加 Popconfirm/AuthButton，移除 inline isDark	2026-05-15 19:00:48 +08:00
iven	212c08b7ae	feat(health,ai): 后端服务优化 + 媒体文件处理 ... - erp-health: article/banner/consultation/media 服务层优化 - erp-ai: analysis/insight/prompt 服务增强 - erp-auth: auth/role/token 服务改进 - erp-workflow: executor 执行引擎修复 - erp-plugin: 服务层改进 - 新增媒体上传文件样例	2026-05-13 23:28:57 +08:00
iven	6d5a711d2c	fix: 修复测试发现的 7 个问题 + 全 workspace clippy 清零 ... 功能修复： 1. 患者创建空名称验证：后端添加 name.trim().is_empty() 检查 2. 仪表盘统计容错：单个查询失败返回零值而非 500 3. FHIR 路由修复：从 /fhir 移到 /api/v1/fhir 保持一致 4. 冻结模块后端中间件：新增 frozen_module_middleware 拦截冻结路径 5. 积分端点权限码：health.health-data.list → health.points.list 6. 角色权限迁移：护士补充 devices.list，运营补充 points.list/manage 7. 测试结果文档：R01-R05 角色测试 + T00/T10 结果归档 Clippy 全 workspace 清零（14→0 errors）： - erp-core: 修复 empty doc line、collapsible if、redundant closure 等 9 处 - erp-health: 修复 too_many_arguments、unused var、unnecessary parens 等 58 处 - erp-ai: 修复 dead_code、unused import 等 11 处 - erp-plugin: 修复 too_many_arguments、wildcard pattern 等 11 处 - erp-server-migration: 修复 enum_variant_names 5 处 - erp-auth/config/workflow/message: 各 1-3 处 工程改进： - lint-staged 配置迁移到 .lintstagedrc.js（函数式避免文件列表传给 clippy） - cargo fmt 统一格式化	2026-05-07 23:43:14 +08:00
iven	570377a31f	feat(config): 角色权限控制菜单可见性 + 医疗业务角色 ... - 修复 menu_service 角色过滤 bug: ctx.roles 存的是角色 code 而非 UUID， 新增 resolve_role_ids() 方法通过 code 查找数据库中的角色 ID - 创建 4 个医疗业务角色: 医生/护士/健康管理师/运营人员 - 重组菜单目录结构: 基础模块→工作台、业务模块→系统管理、健康管理→健康业务 - 菜单排序按功能域分组（患者医护/随访咨询/积分运营/内容运营/AI分析） - 为各角色分配对应的菜单可见性和操作权限	2026-05-06 12:35:45 +08:00
iven	93f6e87220	fix(web+config): E2E 测试发现的问题修复 ... - 排班状态过滤 'active' → 'enabled'（与后端 validation.rs 一致） - 全局 403 拦截器不再弹出"权限不足" toast（AuthButton 已隐藏入口） - 角色未关联菜单时回退显示全部（避免种子数据阶段菜单空白）	2026-05-05 13:01:14 +08:00
iven	a96b065190	test(config): 补全字典+编号服务单元测试 — 51 新增 ... - dictionary_service: 提取 dict_model_to_resp/item_model_to_resp + 7 个映射测试 - numbering_service: 提取 format_number 纯函数 + 5 个格式化测试 - erp-config 测试总数从 27 增至 78	2026-04-30 11:02:36 +08:00
iven	ace04ee56d	test(config): erp-config 从 50 增至 66 个单元测试 — fallback_chain + model_to_resp + ThemeResp ... - setting_service: 7 个测试（5 个 fallback_chain 作用域解析 + 2 个 model_to_resp 映射） - theme_handler: 2 个测试（default_theme 默认值 + ThemeResp serde round-trip）	2026-04-28 18:31:01 +08:00
iven	ee65b6e3c9	test: add 149 unit tests across core, auth, config, message crates ... Test coverage increased from ~34 to 183 tests (zero failures): - erp-core (21): version check, pagination, API response, error mapping - erp-auth (39): org tree building, DTO validation, error conversion, password hashing, user model mapping - erp-config (57): DTO validation, numbering reset logic, menu tree building, error conversion. Fixed BatchSaveMenusReq nested validation - erp-message (50): DTO validation, template rendering, query defaults, error conversion - erp-workflow (16): unchanged (parser + expression tests) All tests are pure unit tests requiring no database.	2026-04-15 01:06:34 +08:00
iven	9568dd7875	chore: apply cargo fmt across workspace and update docs ... - Run cargo fmt on all Rust crates for consistent formatting - Update CLAUDE.md with WASM plugin commands and dev.ps1 instructions - Update wiki: add WASM plugin architecture, rewrite dev environment docs - Minor frontend cleanup (unused imports)	2026-04-15 00:49:20 +08:00
iven	685df5e458	feat(core): implement event outbox persistence ... Add domain_events migration and SeaORM entity. Modify EventBus::publish to persist events before broadcasting (best-effort: DB failure logs warning but still broadcasts in-memory). Update all 19 publish call sites across 4 crates to pass db reference. Add outbox relay background task that polls pending events every 5s and re-broadcasts them, ensuring no events are lost on server restart.	2026-04-12 00:10:49 +08:00
iven	db2cd24259	feat(core): add audit logging to all mutation operations ... Create audit_log SeaORM entity and audit_service::record() helper. Integrate audit recording into 35 mutation endpoints across all modules: - erp-auth: user/role/organization/department/position CRUD (15 actions) - erp-config: dictionary/menu/setting/numbering_rule CRUD (15 actions) - erp-workflow: definition/instance/task operations (8 actions) - erp-message: send/system/mark_read/delete (5 actions) Uses fire-and-forget pattern — audit failures logged but non-blocking.	2026-04-11 23:48:45 +08:00
iven	5d6e1dc394	feat(core): implement optimistic locking across all entities ... Add VersionMismatch error variant and check_version() helper to erp-core. All 13 mutable entities now enforce version checking on update/delete: - erp-auth: user, role, organization, department, position - erp-config: dictionary, dictionary_item, menu, setting, numbering_rule - erp-workflow: process_definition, process_instance, task - erp-message: message, message_subscription Update DTOs to expose version in responses and require version in update requests. HTTP 409 Conflict returned on version mismatch.	2026-04-11 23:25:43 +08:00
iven	3a05523d23	fix: address Phase 1-2 audit findings ... - CORS: replace permissive() with configurable whitelist (default.toml) - Auth store: synchronously restore state at creation to eliminate flash-of-login-page on refresh - MainLayout: menu highlight now tracks current route via useLocation - Add extractErrorMessage() utility to reduce repeated error parsing - Fix all clippy warnings across 4 crates (erp-auth, erp-config, erp-workflow, erp-message): remove unnecessary casts, use div_ceil, collapse nested ifs, reduce function arguments with DTOs	2026-04-11 12:36:34 +08:00
iven	0cbd08eb78	fix(config): resolve critical audit findings from Phase 1-3 review ... - C-1: Add tenant_id to settings unique index to prevent cross-tenant conflicts - C-2: Move pg_advisory_xact_lock inside the transaction for correct concurrency (previously lock was released before the numbering transaction started) - H-5: Add CORS middleware (permissive for dev, TODO: restrict in production)	2026-04-11 08:26:43 +08:00
iven	0baaf5f7ee	feat(config): add system configuration module (Phase 3) ... Implement the complete erp-config crate with: - Data dictionaries (CRUD + items management) - Dynamic menus (tree structure with role filtering) - System settings (hierarchical: platform > tenant > org > user) - Numbering rules (concurrency-safe via PostgreSQL advisory_lock) - Theme and language configuration (via settings store) - 6 database migrations (dictionaries, menus, settings, numbering_rules) - Frontend Settings page with 5 tabs (dictionary, menu, numbering, settings, theme) Refactor: move RBAC functions (require_permission) from erp-auth to erp-core to avoid cross-module dependencies. Add 20 new seed permissions for config module operations.	2026-04-11 08:09:19 +08:00