iven
|
c631d364b3
|
fix(core): 消除乐观锁 version.unwrap() 潜在 panic
20 处 ActiveValue::unwrap() + 1 乐观锁递增改为 take().unwrap_or(0) + 1,
避免数据库记录缺少 version 字段时 panic。覆盖 erp-auth/erp-config/
erp-workflow/erp-health/erp-ai/erp-server 7 个 crate。
DTO 层 Option<i32> 字段保持原有 unwrap_or(0) 不变。
|
2026-05-17 13:05:40 +08:00 |
|
iven
|
6841c45846
|
fix(security): 文件上传 MIME 白名单 + OAuth JWT 密钥路径统一
P0 #1: 媒体文件上传增加 MIME 类型白名单校验(jpeg/png/gif/webp/svg/mp4/webm/pdf)
和文件大小限制(10MB),扩展名使用白名单清理防止路径遍历攻击。
P0 #2: OAuth JWT 密钥从环境变量改为 State 注入,消除运行时 env::var 依赖,
FHIR 路由中间件使用闭包捕获 jwt_secret 保持类型安全。
|
2026-05-17 12:40:02 +08:00 |
|
iven
|
c38967a36e
|
fix(mp): 修复小程序角色路由 + 前后端字段对齐 + E2E 测试报告
- 修复 stores/auth.ts 三种登录方式从错误路径提取 roles(resp.roles → resp.user.roles)
- 首页添加医护人员自动跳转医生端(useDidShow + isMedicalStaff)
- services/auth.ts credentialLogin 返回类型补全 roles 字段
- Web 前端 healthData.ts 字段对齐后端 DTO(indicators→items, content→overall_assessment)
- Web 前端 medicationReminders.ts 字段对齐(time_slots→reminder_times)
- 小程序 report.ts / reports 页面字段对齐后端(indicators→items, doctor_interpretation→doctor_notes)
- 小程序 patient.ts / followup.ts / alert.ts 补全缺失字段
- 后端 stats_handler.rs 权限码修正(health.patient.list→health.dashboard.manage)
- 新增 V1 E2E 测试报告和五专家组评审报告
|
2026-05-17 01:51:02 +08:00 |
|
iven
|
4be28de3ce
|
fix(health): 修复患者端咨询权限+聊天页UI+SVG模板警告
- consultation_handler: create_message/mark_session_read 从 .manage 降为 .list,
患者端只有 list 权限,导致发送消息和标记已读 403
- consultation.ts: 同步后端 DTO doctor_name/patient_name 等缺失字段
- messages/index.tsx: 咨询卡片显示医生姓名替代 consultation_type
- consultation/index.tsx: 同步显示 doctor_name
- pkg-consultation/detail: 按原型重写聊天页(医生头像+在线状态+非对称气泡+药丸输入栏)
- ProgressRing: SVG 替换为 conic-gradient 纯 CSS,消除 tmpl_0_svg 模板警告
- usePageData: stopPullDownRefresh 加 try-catch 防止 DevTools fd race
|
2026-05-16 22:38:21 +08:00 |
|
iven
|
bf8bcdbd5d
|
fix: E2E 测试发现的后端 BUG 修复 — 限流拆分 + 积分查询 + 错误码修正
- 拆分 refresh token 限流为独立中间件(30次/分 vs 登录5次/分)
- 修复积分 recent-activity 500:JOIN 通过 points_account 中间表
- 修复患者/医生不存在返回 400 → 正确的 404 NotFound
|
2026-05-15 22:58:02 +08:00 |
|
iven
|
50e3b16381
|
fix(health): 添加 GET 单条轮播图端点 — 修复 Switch 切换 405
后端 /health/banners/{id} 路由只注册了 PUT/DELETE,缺少 GET handler。
前端 bannerApi.get(id) 调用时返回 405 Method Not Allowed,导致轮播图
状态切换失败。新增 banner_service::get_banner + banner_handler::get_banner
+ BannerNotFound 错误类型 + 路由注册。
|
2026-05-15 21:40:59 +08:00 |
|
iven
|
d44c6167b1
|
fix: E2E 测试发现的 10 项 BUG 修复 — 全栈验证通过
P0 修复:
- 侧边栏路由不稳定: Content 区域添加 key={currentPath} 强制重渲染
- 轮播图缩略图不显示: BannerManage 导入 resolveMediaUrl + 反斜杠转正斜杠
- 超长名称导致 500: patient_handler 添加 name.len() > 255 校验
- 迁移 m20260515_000146: version 乐观锁 version+1 修复
P1 修复:
- 排班路由被冻结: routeConfig.ts 移除 /health/schedules 的 frozen 标记
- 轮播图 Switch 切换无效: 切换前先 GET 最新 version 避免乐观锁冲突
- thumbnail_url 反斜杠: media_service 存储时统一 replace('\', '/')
P2 修复:
- 预约类型 follow_up 未映射: APPOINTMENT_TYPE_MAP 补充 '随访'
- 日期选择器未汉化: DatePicker.RangePicker 添加中文 placeholder
- 轮播图 title 必填校验: banner_handler 添加空标题拒绝
- 文章分类重名: article_category_service 添加同名检查
|
2026-05-15 21:13:49 +08:00 |
|
iven
|
8763e10d6e
|
fix: 全局权限优化 — 7 项问题修复
1. 菜单权限修复:补充 10 个菜单的 permission 字段 + 修复 menu_service
回退逻辑(admin 直接跳过过滤,非 admin 无关联则不显示)+ 收紧前端过滤
2. 管理员重置密码:新增 POST /users/{id}/reset-password 端点 + 前端按钮
3. 告警处理人姓名:AlertResponse 添加 acknowledged_by_name 字段
4. Tab 权限过滤:PatientDetail 6 个 Tab 按权限过滤 + 状态字段 Tooltip
5. 消息中心 UI:添加 Popconfirm/AuthButton,移除 inline isDark
|
2026-05-15 19:00:48 +08:00 |
|
iven
|
4ca9027cd6
|
fix: 联合调试问题修复 — 预约错误提示 + request 错误提取 + copilot 解包
- ISSUE-APPOINTMENT-001: 后端 DoctorNotFound 改为 Validation 错误(400)
+ 改善错误消息"所选医生暂无医护档案,请联系管理员"
+ 小程序预约创建 catch 传递实际错误消息(不再硬编码"预约失败")
+ 小程序 request.ts 提取后端 message 字段作为用户提示
- copilot API: listInsights/listRules/getPatientRisk 补齐 data.data 解包
- 移除 error.rs 重复的 AppointmentNotFound 分支
|
2026-05-15 15:25:26 +08:00 |
|
iven
|
057d9b5896
|
fix(health): 修复咨询统计返回零值 BUG + 清理 secure-storage 过时注释
BUG-CONSULTATION-001: safe_aggregate 包装导致 compute_avg_response_time
SQL JOIN 错误时整个统计函数返回零值默认。修复方式:
- handler 层移除 safe_aggregate 改为直接 .await?
- service 层对 compute_avg_response_time 独立错误处理(warn + None)
同时清理 secure-storage.ts 中关于 crypto-js 的过时注释(已移除)。
|
2026-05-15 15:05:53 +08:00 |
|
iven
|
212c08b7ae
|
feat(health,ai): 后端服务优化 + 媒体文件处理
- erp-health: article/banner/consultation/media 服务层优化
- erp-ai: analysis/insight/prompt 服务增强
- erp-auth: auth/role/token 服务改进
- erp-workflow: executor 执行引擎修复
- erp-plugin: 服务层改进
- 新增媒体上传文件样例
|
2026-05-13 23:28:57 +08:00 |
|
iven
|
0a8ff4bbe7
|
docs(health): OpenAPI 注解 — diagnosis + device_reading + vital_signs_daily
为 3 个 handler 文件共 8 个函数添加 #[utoipa::path] 注解。
P1-5 批次 2/N。
|
2026-05-11 13:07:57 +08:00 |
|
iven
|
ac8d300dc0
|
docs(health): OpenAPI 注解 — device_handler + consent_handler
为 device_handler (2 函数) 和 consent_handler (3 函数) 添加
#[utoipa::path] 注解。P1-5 批次 1/N。
|
2026-05-11 13:05:11 +08:00 |
|
iven
|
d0cb45f457
|
refactor(health): 拆分 module.rs 路由注册为 13 个子模块
protected_routes (800+ 行) 按业务域拆分为 routes/ 目录下 13 个文件:
patient / health_data / follow_up / appointment / consultation /
article / points / stats / alert / device / media / care / admin。
module.rs 从 1595 行降至 798 行,路由注册逻辑更清晰。
|
2026-05-11 12:59:56 +08:00 |
|
iven
|
8c347a5de9
|
refactor(health): 拆分 event.rs(2871 行)为 13 个领域文件
将单体 event.rs 按业务域拆分为 event/ 模块目录:
- mod.rs (219 行): 31 事件常量 + 调度器 + 测试
- 12 个消费者文件: workflow/device/alert/patient/appointment/
follow_up/health_data/ai/consent/consultation/points/lab_report
每个消费者文件 50-215 行,独立可维护。
编译零错误,测试全部通过。
|
2026-05-11 10:09:10 +08:00 |
|
iven
|
129a7b175c
|
fix(health): 允许已发布文章重新提交审核 — published → pending_review
状态机新增 published → pending_review 转换,
已发布文章编辑后可直接提交审核,无需先撤回。
审核期间旧版本继续对外展示,审核通过后覆盖发布。
|
2026-05-11 09:49:56 +08:00 |
|
iven
|
e00ee69d28
|
fix(core,health): 文章内容 sanitize 保留安全 HTML 标签 + 血透测试文章种子
- 新增 sanitize_rich_html() 使用 ammonia 白名单保留安全 HTML 标签和内联样式
- 修复文章创建/更新时 content 被 strip_html_tags() 完全剥离的问题
- ammonia 4 不允许手动指定 <a> 的 rel 属性(自动管理),已从 tag_attrs 移除
- 新增 3 个 sanitize_rich_html 单元测试
- 新增 seed-dialysis-articles.mjs 种子脚本(4 篇血透相关富文本文章)
|
2026-05-11 03:13:43 +08:00 |
|
iven
|
4788e19a1d
|
fix(health,miniprogram): 轮播图图片改用相对路径 + wx.downloadFile 解决 HTTP 限制
问题:微信小程序 <image> 不支持 HTTP URL,签名 URL 与 upload 中间件不兼容。
修复:
1. 公开轮播图 API 返回相对路径(/uploads/...)而非签名 URL
2. 小程序用 wx.downloadFile 下载图片后使用本地临时路径
3. 移除 banner_handler 中不再需要的 base_url/Host header 逻辑
|
2026-05-10 20:14:43 +08:00 |
|
iven
|
a6ec8129c9
|
refactor(web,health): 消除硬编码路径 — 统一 resolveMediaUrl + 动态 base_url
1. 新增 resolveMediaUrl() 工具函数,统一处理 storage_path 前缀和 JWT token
2. MediaLibrary 和 MediaPicker 改用 resolveMediaUrl,消除重复逻辑
3. banner_handler 不再硬编码 localhost:3000,改为从 Host header 动态构建 base_url
|
2026-05-10 20:00:39 +08:00 |
|
iven
|
fca0b5a78f
|
feat(health): 新增公开文章列表端点 /public/articles 供小程序访客首页使用
访客首页文章列表调用 /health/articles 需要 JWT 认证导致 401。
新增 GET /public/articles?tenant_id=xxx 端点,强制只返回已发布文章,
无需认证。小程序访客首页改用此公开端点。
|
2026-05-10 19:14:31 +08:00 |
|
iven
|
7fcabd2e6b
|
fix(health): 修复迁移外键表名引用 + 公开轮播图签名 URL 路径拼接
|
2026-05-10 17:13:02 +08:00 |
|
iven
|
85bff6f267
|
feat(server): 配置签名 URL 密钥 — StorageConfig.secret_key
|
2026-05-10 15:39:11 +08:00 |
|
iven
|
1a459de4ad
|
feat(health): 注册媒体库和轮播图路由 + 权限码 + 公开端点
|
2026-05-10 15:35:47 +08:00 |
|
iven
|
3a672636c0
|
feat(health): 实现媒体库 handler (12 端点) + 轮播图 handler (6 端点)
媒体库 handler (media_handler.rs):
- 上传/列表/详情/更新/删除媒体文件 + 文件夹 CRUD + 移动 + 裁剪
轮播图 handler (banner_handler.rs):
- 管理端 5 端点(列表/创建/更新/删除/排序)
- 公开端点 1 个(小程序无需认证获取生效轮播图)
|
2026-05-10 15:32:09 +08:00 |
|
iven
|
a9bd850ce2
|
feat(health): 实现轮播图 service — CRUD + 排序 + 签名 URL
- list_banners: 列出轮播图,可选状态筛选,批量加载 media_item 避免 N+1
- create_banner: 创建轮播图,验证 media_item 存在且未删除
- update_banner: 更新轮播图,带乐观锁
- delete_banner: 软删除轮播图
- sort_banners: 批量更新排序
- list_public_banners: 公开端点,查询生效轮播图 + HMAC-SHA256 签名 URL
- generate_signed_url: 同步函数,生成签名 URL token
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-05-10 15:15:11 +08:00 |
|
iven
|
601d977438
|
feat(health): 实现媒体库 service — CRUD + 缩略图 + 裁剪
|
2026-05-10 15:08:26 +08:00 |
|
iven
|
603a986281
|
feat(health): 新增 media_folder/media_item/banner 实体 + image/hmac/sha2 依赖
|
2026-05-10 14:19:55 +08:00 |
|
iven
|
22b8ac7ac6
|
fix: 修复多角色找茬测试 V2 发现的 11 个问题
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
P0 (CRITICAL):
- C1: 统计 API 全部改为 safe_aggregate 容错,防止单个子查询崩溃导致 500
- C2: Token 刷新增加用户身份验证,防止并发场景下身份切换
- C3: 患者端线下活动接口添加患者档案验证,防止 Doctor/HM 越权访问
P1 (HIGH):
- H1: 操作记录用 EntityName 组件解析用户名,不再显示截断 UUID
- H4: 告警标题添加中英文映射 (translateAlertTitle)
- H5: 告警面板补全 message import + 修复 hooks 顺序
- H8: 咨询消息发送按钮添加 AuthButton 权限控制
- H9: routeConfig 日常监测权限码改为 health.daily-monitoring.*
P2 (MEDIUM):
- M4: 咨询类型映射补全 online/phone/doctor/follow_up 中文标签
DTO: LabReportStatisticsResp, AppointmentStatisticsResp, VitalSignsReportRateResp 添加 Default derive
|
2026-05-08 12:42:41 +08:00 |
|
iven
|
c82f7bda1d
|
fix: 系统性预防角色测试高频问题(5 方案落地)
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
P0 — 默认拒绝 + 强制守卫:
- 创建 routeConfig.ts 作为前端路由权限的单一真相源
- TypeScript 强制每个路由声明非空权限数组,不可能遗漏
- 自动生成 ROUTE_PERMISSIONS 和 FROZEN_ROUTES
- 修正 3 个前端权限码不匹配后端
P0 — CI 权限扫描:
- 新增 tools/check_permissions.py 校验脚本
- 发现并修复 tenant.manage 未注册问题
P1 — 聚合接口容错:
- erp-core 新增 safe_aggregate 工具函数
- 仪表盘统计 handler 重构
P1 — 状态机一致性自检:
- validation.rs 新增 3 个自检测试
fix: lint-staged eslint Windows 兼容性
|
2026-05-08 08:52:16 +08:00 |
|
iven
|
6d5a711d2c
|
fix: 修复测试发现的 7 个问题 + 全 workspace clippy 清零
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
功能修复:
1. 患者创建空名称验证:后端添加 name.trim().is_empty() 检查
2. 仪表盘统计容错:单个查询失败返回零值而非 500
3. FHIR 路由修复:从 /fhir 移到 /api/v1/fhir 保持一致
4. 冻结模块后端中间件:新增 frozen_module_middleware 拦截冻结路径
5. 积分端点权限码:health.health-data.list → health.points.list
6. 角色权限迁移:护士补充 devices.list,运营补充 points.list/manage
7. 测试结果文档:R01-R05 角色测试 + T00/T10 结果归档
Clippy 全 workspace 清零(14→0 errors):
- erp-core: 修复 empty doc line、collapsible if、redundant closure 等 9 处
- erp-health: 修复 too_many_arguments、unused var、unnecessary parens 等 58 处
- erp-ai: 修复 dead_code、unused import 等 11 处
- erp-plugin: 修复 too_many_arguments、wildcard pattern 等 11 处
- erp-server-migration: 修复 enum_variant_names 5 处
- erp-auth/config/workflow/message: 各 1-3 处
工程改进:
- lint-staged 配置迁移到 .lintstagedrc.js(函数式避免文件列表传给 clippy)
- cargo fmt 统一格式化
|
2026-05-07 23:43:14 +08:00 |
|
iven
|
786f57c151
|
fix: 修复角色测试发现的 5 个共性问题
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 修复前端路由守卫前缀碰撞(/health/articles 匹配 /health/article-categories)
- 补全 6 条缺失路由权限映射(appointments/follow-up-records/article-categories/article-tags/plugins/market)
- 修复 critical-alerts API 500(escalation_level 字段 INT2/i16 与 Entity i32 类型不匹配)
- 新增迁移 000128:告警状态修正 + 菜单权限码补全 + 非admin角色移除基础模块权限
|
2026-05-07 15:54:37 +08:00 |
|
iven
|
60dc4dba7a
|
fix(health): 修复 5 角色深度测试发现的权限越权和告警端点缺失
CI / security-audit (push) Has been cancelled
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
- auth: token_service 查询 role_permissions/user_roles 添加 deleted_at 过滤,
修复软删除的权限仍被加载到 JWT 的越权漏洞
- health: 新增 GET /health/alerts/{id} 告警详情端点(含 handler + service + 路由)
- web: AlertList 操作按钮增加 active 状态判断,修复按钮不显示
- migration: 新增 000127 清理 doctor 角色多余的 health-data.manage/ai.analysis.manage
|
2026-05-07 13:51:16 +08:00 |
|
iven
|
85a7dacd16
|
fix(health): 修复 5 角色深度测试发现的 8 个问题
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
P0 修复:
- 告警状态机新增 active 合法状态 + 转换规则 (active→acknowledged/dismissed)
- 前端路由守卫改为默认拒绝,未注册路由返回 403
P1 修复:
- 侧边栏菜单根据用户权限码过滤,非 admin 隐藏无权限菜单项
- Critical-alerts handler 增加详细错误日志 + div_ceil 安全防护
- 仪表盘统计 API 调用使用 silent 模式避免 500 触发全局 toast
P2 修复:
- 随访类型映射新增 visit → 上门 (前后端同步)
- 随访 fallback 选项新增 visit 类型
排除的假 BUG (代码已正确):
- 患者性别/血型: MCP fill() 不兼容 Select 组件,正常交互正确
- 随访筛选/对话框关闭: 代码逻辑验证正确
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-05-07 08:24:12 +08:00 |
|
iven
|
1613e3cfe9
|
fix(health): 修复 5 角色测试发现的 4 个共性问题
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 权限路由守卫:静默重定向改为显示 403 页面,使用 useLocation 替代
window.location.hash,补全缺失路由权限条目
- 随访状态筛选:usePaginatedData hook 添加 filters 变化监听自动刷新
- 告警操作:后端 acknowledge/dismiss/resolve 改返回 AlertResponse
(含 patient_name),前端增加 active 状态兼容和错误反馈
- 咨询患者名:后端 create/get/close_session 增加 patient_name 和
doctor_name enrichment,前端 EntityName 空字符串处理
|
2026-05-07 07:23:41 +08:00 |
|
iven
|
43f0ba7057
|
fix(web): 修复角色测试发现的权限守卫、API 500、权限配置问题
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
1. CRITICAL: 前端路由权限守卫 — routePermissions 从 3 条扩展到 31 条,
覆盖全部 /health/* 路由;匹配逻辑从宽松模块级前缀改为精确权限码匹配
2. HIGH: health-data API 500 — jsonb_array_elements() 添加 CASE WHEN 类型守卫,
防止 items 字段为非数组 JSON 时崩溃
3. MEDIUM: Doctor 补充 ai.prompt.list、ai.usage.list、follow-up-templates 权限
4. Operator 清理 AI 分析、统计报表菜单关联
5. 更新 5 角色测试计划文档
|
2026-05-06 22:29:54 +08:00 |
|
iven
|
c452ae81d1
|
fix(health): OAuth JWT 配置缺失返回错误而非 panic
|
2026-05-06 10:21:25 +08:00 |
|
iven
|
51c41acfa7
|
fix(health): 审计日志加密字段替换为 REDACTED
|
2026-05-06 10:21:02 +08:00 |
|
iven
|
f668e64266
|
fix(health): FHIR converter 身份证号脱敏处理
|
2026-05-06 10:20:50 +08:00 |
|
iven
|
482871301e
|
fix(health): FHIR $everything 子查询添加 tenant_id 过滤
|
2026-05-05 23:44:25 +08:00 |
|
iven
|
741aaf0e40
|
fix(health): FHIR allowed_patient_ids=None 拒绝所有访问
|
2026-05-05 23:42:29 +08:00 |
|
iven
|
e9cfbd108a
|
fix(ai): 修复 AI 分析读取化验报告 items 为空的问题
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- parse_lab_items 兼容两种存储格式(item_name/name, string/f64 value,
reference_range/reference_low+high)
- get_lab_report 添加 PII 解密步骤:数据库中 items 是加密存储的,
AI 分析前需要先解密再解析
- HealthDataProviderImpl 添加 PiiCrypto 字段用于解密
- pii_crypto 创建提前到 AI state 构建之前
- default.toml rate_limit.fail_close 改为 false(开发环境)
|
2026-05-05 22:05:45 +08:00 |
|
iven
|
84b671d1e5
|
fix(server+health): 修复路由 middleware 泄漏 — FHIR/Gateway 改用 .nest() 隔离
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
Axum 的 .merge() 会将子 Router 的 middleware 泄漏到整个路由树,
导致 FHIR OAuth middleware 和 Gateway auth middleware 拦截所有请求。
修复方式:
- fhir_routes 内部路径去掉 /fhir 前缀,main.rs 用 .nest("/fhir", ...) 注册
- gateway_routes 内部路径去掉 /health/gateway 前缀,main.rs 用 .nest("/health/gateway", ...) 注册
- 透析患者查询表名 patients → patient(与 Entity 一致)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-05-05 11:56:42 +08:00 |
|
iven
|
15b5781dbb
|
fix(health): 危急值告警全链路修复 — 消费者生命周期 + payload 映射 + 阈值优先级
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
1. CRITICAL: 修复 SubscriptionHandle 提前 drop 导致所有事件消费者失效
- register_handlers_with_state 中所有 handle 在函数返回时被 drop
- cancel channel 关闭导致 subscribe_filtered 的过滤任务退出
- 方案: 收集所有 handle 并 std::mem::forget,生命周期与进程一致
2. HIGH: 修复 critical_alert 消费者 payload 字段映射不匹配
- 消费者读取 alert_type/metric_name 等顶层字段,但实际在 alert 嵌套对象中
- 更新消费者从 alert 对象提取 indicator/value/threshold/level
- handle_critical_alert_event 增加 severity 参数
3. MEDIUM: 修复 check_indicator 优先匹配最高严重级别
- 原实现返回第一个匹配的阈值(可能匹配 warning 而非 critical)
- 改为遍历所有匹配阈值,选择 severity 最高的(critical > warning)
4. MEDIUM: 修复危急值阈值页面不自动加载数据
- CriticalValueThresholdList 添加 useEffect 初始化加载
|
2026-05-05 10:11:06 +08:00 |
|
iven
|
2acd9485c7
|
fix(health+dialysis): S2 smoke test 修复 — Entity 表名 + 透析状态转换
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 修复 6 个 Entity table_name 与迁移不匹配: shift, handoff_log,
patient_assignment, blind_index, critical_alert, critical_alert_response
- 添加透析记录 draft→completed 状态转换 API (PUT /complete)
- 修复 family_proxy_service 告警状态过滤 (active→pending/acknowledged)
- dev.ps1 添加 RATE_LIMIT__FAIL_CLOSE=false 开发模式
- S2 透析日流程 smoke test 报告
|
2026-05-05 03:07:41 +08:00 |
|
iven
|
8d288cadfa
|
fix(health+ai): 后端质量修复 — Phase 2d
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
H3: 设备数据摄入增加 tracing 日志(事务保护待 ConnectionTrait 重构)
M4: care_plan/shift/ble_gateway/vital_signs_daily 补全 tracing 入口日志
M1: AI 分析缓存命中检查 + 缓存结果 Stream 回放
H4: 透析→KDIGO 自动串联(dialysis_notifier 发布 ai.dialysis.kdigo_requested 事件)
|
2026-05-05 00:19:22 +08:00 |
|
iven
|
2b90db4028
|
fix(health): P0 安全修复 — SQL注入 + FHIR越权 + OAuth权限 + JWT硬编码
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
C1: action_inbox_service.rs 中 patient_id/user_id 的 format! 拼接改为
参数化查询 ($2/$3/$4/$5 绑定),消除 SQL 注入风险
C2: fhir/handler.rs 所有患者相关端点强制执行 allowed_patient_ids 范围
过滤,search 端点用 is_in 过滤,get 端点用 enforce_patient_scope 校验
H5: oauth/handler.rs 5 个管理端点添加 require_permission 校验
M3: oauth/handler.rs 和 middleware.rs 移除 "dev-secret-key" fallback,
缺少环境变量时启动失败(token)/返回 500(middleware)
|
2026-05-04 23:09:25 +08:00 |
|
iven
|
95fa09c383
|
feat(health): 家庭成员健康代理 — 同意追踪 + 健康摘要查看
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
Phase 1 Care Engine MVP 最后一项 (#8):
- 迁移: patient_family_member 表新增 user_id/consent_status/access_level/consented_at/consent_revoked_at
- 实体: 更新 patient_family_member Model 含新字段
- DTO: FamilyMemberResp 扩展 + 新增 GrantFamilyAccessReq/FamilyPatientSummaryResp/FamilyHealthSummaryResp
- Service: 授权/撤销访问、家庭成员查看关联患者列表、查看健康摘要(按 access_level 分级)
- Handler: 5 个端点(grant/revoke/list/summary/link-user)
- 路由: /health/patients/{id}/family-members/{fid}/grant-access 等
- 权限: health.family-proxy.list/manage
- 已有 CRUD 适配新字段(list/create/update 返回 consent 状态)
|
2026-05-04 20:57:24 +08:00 |
|
iven
|
7e57565ecd
|
feat(health): BLE 网关后端接入 — 网关管理 + API Key 认证 + 多患者批量上报
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新增 ble_gateways + gateway_patient_bindings 表迁移 (000113)
- 网关 CRUD:注册/编辑/删除/重生成 API Key,含患者绑定管理
- API Key 认证中间件(SHA-256 hash + prefix 快速查找)
- 网关数据上报端点:多患者批量读数,复用 device_reading_service 管道
- 网关心跳端点:固件版本/IP 更新 + last_heartbeat_at
- 10 个管理端路由(JWT)+ 2 个网关端路由(API Key)
- health.ble-gateways.list/manage 权限声明
- 修复 000112 迁移 ForeignKey 借用错误
|
2026-05-04 20:28:26 +08:00 |
|
iven
|
7b17f94bc0
|
feat(health): 班次管理与护士分配 — Shift/PatientAssignment/HandoffLog CRUD
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新增 3 张数据表迁移 (shifts, patient_assignments, shift_handoff_log)
- 3 个 SeaORM Entity (shift, patient_assignment, handoff_log)
- 完整 CRUD 服务层:班次管理、患者分配(含批量分配)、交接记录
- 12 个 API 端点 + health.shifts.list/manage 权限
- 班次列表含患者分配摘要 (patient_count/critical_count/attention_count)
- 乐观锁、软删除、审计日志、事件发布
- 输入验证:period/shift_status/care_level 白名单
|
2026-05-04 20:11:07 +08:00 |
|
iven
|
3ff17382ff
|
feat(health+message): 关怀已送达通知管道 — care.action.performed 事件 + 温暖消息推送
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新增 CARE_ACTION_PERFORMED 事件常量(care.action.performed)
- care_plan_service 在护理项完成、测量数据更新、干预项创建时发布关怀行动事件
- erp-message 新增 care_plan.activated/completed + care.action.performed 消息处理
- 温暖消息文案:护理计划启动/完成通知、关怀已送达、健康数据已更新
- 事件测试覆盖新常量、payload 契约、通知分支逻辑
|
2026-05-04 18:56:52 +08:00 |
|