iven/hms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
200 Commits 2 Branches 0 Tags
945ccd64baaf000aca6e71cd0e5281382ea8b585
Commit Graph

5 Commits

Author SHA1 Message Date
iven
945ccd64ba fix: 全面 QA 审计修复 — 安全加固/代码质量/跨平台一致性/测试覆盖
Some checks failed
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details 
Phase 0 安全热修复 (CRITICAL):
- 外部化微信 appid/secret 到 ERP__WECHAT__APPID/SECRET 环境变量
- 正确连接 HealthCrypto 到 ERP__HEALTH__AES_KEY/HMAC_KEY 环境变量
- 外部化小程序加密密钥到 TARO_APP_ENCRYPTION_KEY 环境变量
- 移除小程序 auth store 中的敏感信息 console.log

Phase 1 安全加固:
- 微信自动注册 display_name 添加 sanitize 防止 XSS
- 测试数据库凭据改为从 TEST_DB_URL 环境变量读取

Phase 2 代码质量:
- 提取 useThemeMode hook 消除 22 处重复暗色模式检测
- 提取共享健康常量到 constants/health.ts
- 拆分 patient_service.rs 脱敏函数到 masking.rs
- 移除未使用的 i18next/react-i18next 依赖
- 移除未使用的 api/errors.ts 和 erp-auth/anyhow 依赖

Phase 3 测试覆盖:
- 新增 5 个患者模块集成测试 (CRUD/租户隔离/验证/软删除)

Phase 4 跨平台一致性:
- 统一小程序 Patient.birthday → birth_date 匹配后端
- 统一小程序 Appointment.time_slot → start_time/end_time 匹配后端

Phase 5 架构:
- 微信登录添加多租户 TODO 注释
- 更新 wiki/infrastructure.md 环境变量文档
 2026-04-25 10:00:49 +08:00
iven
07f4ba41ba fix(health): 穷尽审计修复 — 权限同步/编译错误/前端bug/审计日志
Some checks failed
CI / frontend-build (push) Has been cancelled
Details
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details 
审计发现并修复的问题:

HIGH:
- H1: ConsultationDetail 使用 getSession(id) 替代错误的列表搜索
- H2: SessionResp 添加 version/updated_at 字段
- H3: 移除 FollowUpRecordList 调用不存在的导出端点
- H4: 新增 articles.ts 前端 API 模块

MEDIUM:
- M1: article delete 添加乐观锁 (expected_version)
- M2: 取消预约排班释放传播错误 (log::warn -> ?)
- M3: FollowUpTaskList 日期格式 Dayjs -> string
- M4: 补充 15 个缺失审计日志

LOW:
- L1: 替换 follow_up_service 中的 .unwrap()
- L2: PatientListItem 添加 version 字段

CRITICAL (新发现):
- 权限未同步: 健康模块 14 个权限从未写入数据库,添加启动时自动同步
- migration 表名错误: patients -> patient
- 编译错误: health_trend entity 未导入, ToPrimitive trait 未导入
- HealthError 缺少 From<AppError> 实现
 2026-04-25 08:58:58 +08:00
iven
0c21f13e72 feat(web): 健康管理模块 10 页面完整实现
Some checks failed
CI / security-audit (push) Has been cancelled
Details
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details 
Task 12 - 患者管理:
- PatientList: 搜索+状态筛选+CRUD+行点击跳转详情
- PatientTagManage: 患者标签管理+批量打标
- PatientDetail: 3Tab详情页(基本信息/健康数据/随访记录)+编辑

Task 13 - 医护预约:
- DoctorList: 科室筛选+CRUD+在线状态Badge
- AppointmentList: 状态筛选+日期筛选+创建预约+状态流转
- DoctorSchedule: 医生选择+列表/日历视图+排班CRUD

Task 14 - 随访咨询:
- FollowUpTaskList: 任务CRUD+填写记录+分配医护
- FollowUpRecordList: 只读台账+日期范围筛选+导出
- ConsultationList: 会话列表+创建+关闭+行点击跳转
- ConsultationDetail: 聊天界面+消息分页+发送+图片预览

修正: consultations.ts Session类型补充 updated_at/version
 2026-04-25 00:57:48 +08:00
iven
cdbf381060 feat(web): 路由和菜单集成 + 10 页面占位
Some checks failed
CI / security-audit (push) Has been cancelled
Details
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details 
- App.tsx 添加 10 条 lazy 路由(患者/医护/预约/随访/咨询)
- MainLayout.tsx 添加健康管理菜单组(7 项菜单 + 10 条标题映射)
- 创建 10 个页面占位组件
 2026-04-25 00:42:12 +08:00
iven
6296ce22d2 feat(web): 健康模块通用组件 8 个 
- StatusTag: 通用状态标签(预约/随访/咨询/患者状态)
- PatientSelect: 患者远程搜索选择器
- DoctorSelect: 医护远程搜索选择器
- VitalSignsChart: ECharts 趋势图(可切换指标)
- CalendarView: 日历视图(排班展示)
- ChatBubble: 聊天气泡(角色区分左右布局)
- ImagePreview: 图片预览(Ant Design Image.PreviewGroup)
- ExportButton: 导出按钮(blob 下载)
 2026-04-25 00:40:11 +08:00