iven
|
cac61637ce
|
feat(health): Web 管理端设备数据集成补全 — Phase 2
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新增告警三页面(仪表盘/列表/规则)+ 设备管理菜单种子数据
- 新增设备管理后端 API(GET /devices + DELETE /devices/{id})
- 新增设备数据查看组件 DeviceReadingsTab(原始数据 + 小时聚合)
- 新增设备管理页面 DeviceManage(列表/筛选/解绑)
- 患者详情页新增设备数据 Tab
|
2026-04-29 06:28:30 +08:00 |
|
iven
|
f6ccb8a35c
|
fix(health): 设备数据管线 Phase 1 缺陷修复 + AI 产品策略讨论
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- device_readings 批量插入添加 ON CONFLICT 去重唯一索引
- 小程序 BLEManager 增加离线缓存(Storage 持久化 + 启动重传)
- 新增 device_readings 90 天数据保留清理定时任务
- 小米手环适配器增加 RACP 历史心率读取支持
- SSE 告警按医生过滤已确认实现(patient_doctor_relation)
- 新增 AI 产品策略与设备数据医院场景讨论记录
|
2026-04-29 06:17:23 +08:00 |
|
iven
|
5ab8bf8479
|
feat(server): 可观测性 Phase 1 — 健康检查路由 + Prometheus 指标 + 连接池/事件积压监控
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 添加 /health/live 存活探针别名(原 /health + /health/ready 保留)
- 新增 metrics middleware:http_requests_total 计数器 + http_request_duration_seconds 直方图
- Prometheus exporter 独立端口 9090(可通过 ERP__SERVER__METRICS_PORT 覆盖)
- 后台任务每 30s 采样 DB 连接池活跃/空闲连接数(pg_stat_activity)
- 后台任务每 30s 采样 EventBus pending 事件积压数
- UUID 路径归一化避免高基数(/api/v1/users/:id/posts)
|
2026-04-28 20:39:11 +08:00 |
|
iven
|
a84378ab50
|
feat(ai): 定期自动分析定时任务 — 每 24 小时扫描高风险患者
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
新增 auto_analysis.rs 服务:
- 启动后延迟 5 分钟,每 24 小时执行一次
- 查找所有活跃租户中高风险患者(异常体征指标)
- 自动调用趋势分析并存储分析结果
- 每租户限制 50 名患者,防止过载
- erp-server main.rs 中注册后台任务
|
2026-04-28 20:02:01 +08:00 |
|
iven
|
cf844a561f
|
feat(ai+db): 趋势分析 prompt 升级为结构化统计摘要
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新增迁移 000093:更新 health_trend_analysis prompt,使用统计字段
替代原始数据点遍历,引导 AI 专注 slope/R²/异常点分析
- erp-ai handler: stream_trends 改用 get_trend_analysis_data()
替代 get_vital_signs(),传递预计算趋势特征
- sanitizer: 新增 sanitize_trend_analysis() 方法
|
2026-04-28 19:57:51 +08:00 |
|
iven
|
83e243f03e
|
feat(db): device_readings 新增 metric 字段用于多行拆分存储
|
2026-04-28 19:24:32 +08:00 |
|
iven
|
0aab27295c
|
feat(ai): 实现 AI 数据桥接 — 4 个 HealthDataProvider 方法从 stub 替换为真实查询
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- get_lab_report: 查询 lab_report + patient,解析 JSON items 构造 LabReportDto
- get_vital_signs: 查询 vital_signs 时间序列,按指标提取 8 种体征数据
- get_patient_summary: 聚合 patient + diagnosis + medication_record + health_record
- get_full_report: 查询 health_record + 关联诊断和化验报告构造章节
- AiState 新增 health_provider 字段,erp-server 注入 HealthDataProviderImpl
- 4 个 SSE handler 从 placeholder JSON 改为调用 provider + sanitizer 真实数据流
|
2026-04-28 19:08:38 +08:00 |
|
iven
|
5941a6b764
|
feat(dialysis): 激活 erp-dialysis 独立模块 — 注册到 erp-server
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- workspace Cargo.toml 添加 erp-dialysis 依赖声明
- erp-server 注册 DialysisModule 并挂载透析路由
- 修复权限码:health.health-data.* → health.dialysis.list/manage
- 集成测试迁移:erp_health → erp_dialysis import + DialysisState
- TestApp 新增 dialysis_state() 方法
- cargo check 通过,erp-dialysis 10 个单元测试全部通过
|
2026-04-28 15:21:13 +08:00 |
|
iven
|
ac1033dbaf
|
refactor: 积分系统拆分为独立 erp-points crate
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新建 erp-points crate(8 Entity + account/product service + handler)
- 商品 CRUD 和账户管理完整实现,订单/签到/规则端点暂返回 501
- 注册到 workspace + erp-server 路由 /api/v1/points/*
- API 路径不变,前端无需修改
|
2026-04-28 14:32:16 +08:00 |
|
iven
|
be8fca1d76
|
feat(core): EventBus dead-letter + consume_with_retry 辅助函数
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新增 dead_letter_events 表 + Entity
- consume_with_retry: 幂等检查 + 成功标记 + 失败转入 dead-letter
- insert_dead_letter: 写入失败事件供后续排查和手动重试
|
2026-04-28 11:47:44 +08:00 |
|
iven
|
644efce760
|
feat(health): 新增 critical_alerts + critical_alert_responses 表 + Entity
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
危急值告警数据模型:status(pending/acknowledged/resolved/escalated)、
escalation_level 分级升级、乐观锁、软删除。
|
2026-04-28 11:34:37 +08:00 |
|
iven
|
298e439fb2
|
feat(health): 新增 blind_indexes 表 + Entity 支持 PII 盲索引搜索
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
|
2026-04-28 11:31:54 +08:00 |
|
iven
|
a66d59e86b
|
fix(server): Rate limit fail-close 改为环境变量控制
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
开发环境默认 fail-open(Redis 不可达时放行),
生产环境设置 ERP__RATE_LIMIT__FAIL_CLOSE=true 启用 fail-close(返回 503)。
|
2026-04-28 01:30:05 +08:00 |
|
iven
|
1e6e783fcc
|
fix(server): 健康检查和 OpenAPI 端点移出限流中间件范围
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
account_lockout_middleware 改为 fail-close 后,/health 和 /docs/openapi.json
不应受影响。将它们提取为 unthrottled_routes 独立层。
|
2026-04-28 01:11:17 +08:00 |
|
iven
|
9dd6095e77
|
fix: P0/P1 安全与质量缺陷修复 — 10 项 QA 审查问题解决
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
P0 安全修复:
- tenant_rls: SQL 拼接改为参数化查询防止注入
- follow_up_service: UUID SQL 拼接改为参数化原生查询
- RLS 策略: 新迁移移除空字符串绕过条件
- SSE 消息推送: token 键名 'token' → 'access_token' 修复
- rate_limit: 登录端点 Redis 不可达时 fail-close
P1 质量修复:
- 小程序缓存清理: preservedKeys 补全认证键名
- 小程序 token 刷新: 失败时清除所有认证数据
- 小程序 401: redirectTo → reLaunch 兼容 tabBar
- 集成测试: 信号量限制并行数据库创建(4个)
- change_password: 乐观锁 version 硬编码 → 动态递增
测试: 516 全部通过 (含 153 集成测试)
|
2026-04-28 00:57:41 +08:00 |
|
iven
|
30f2452933
|
fix(core): 迁移修复 + 配置调整
- auth_state: 新增字段
- config/default.toml: 配置更新
- migration 078/082: 修复 SQL 语法
- state/main: 启动逻辑调整
|
2026-04-28 00:20:11 +08:00 |
|
iven
|
5aec02e4ad
|
test(health): 7 个模块集成测试 — 49 个用例全通过
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
新增 doctor(7)、diagnosis(7)、consent(6)、medication(8)、
dialysis_prescription(7)、follow_up_template(7)、daily_monitoring(7)
覆盖 CRUD、状态流、列表过滤、软删除、租户隔离、乐观锁。
|
2026-04-27 23:21:04 +08:00 |
|
iven
|
2d5b6d4c50
|
test(health): 文章/分类/标签集成测试 — 10 个用例全通过
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
覆盖文章 CRUD、状态流(draft→pending_review→published→draft)、
拒绝与重提交、列表过滤、软删除、租户隔离、分类 CRUD+隔离、
标签 CRUD+文章关联、乐观锁冲突。
|
2026-04-27 23:04:41 +08:00 |
|
iven
|
f58f1f73c5
|
test(health): 健康数据集成测试 — 8 个测试覆盖体征CRUD/化验报告CRUD+审阅/租户隔离
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
fix(auth): WechatSessionResp mock 缺少 unionid 字段
|
2026-04-27 22:27:36 +08:00 |
|
iven
|
7420a66291
|
test(health): 随访 + 咨询集成测试 — 9 个随访测试 + 8 个咨询测试覆盖 CRUD/状态/批量/消息/租户隔离
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
|
2026-04-27 22:18:51 +08:00 |
|
iven
|
e1d9f97d79
|
test(health): 扩展预约集成测试 +3 — 状态流转/取消/乐观锁冲突
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
|
2026-04-27 22:01:38 +08:00 |
|
iven
|
fdbbc47a60
|
test(health): 扩展患者集成测试 +3 — 更新乐观锁/PII加密验证/姓名搜索
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
|
2026-04-27 21:58:57 +08:00 |
|
iven
|
dc09cc4e2a
|
test(health): 设备读数集成测试 — 8 个测试覆盖批量摄入/设备绑定/聚合/查询/校验/租户隔离
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
|
2026-04-27 21:54:50 +08:00 |
|
iven
|
55a7d7a03e
|
test(health): 告警系统集成测试 — 8 个测试覆盖规则 CRUD/引擎评估/状态流转/cooldown/租户隔离
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
|
2026-04-27 21:48:12 +08:00 |
|
iven
|
3aaa0a9598
|
test(health): 透析记录集成测试 — 8 个测试覆盖 CRUD/PII/状态流转/租户隔离/乐观锁/软删除
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
|
2026-04-27 21:42:24 +08:00 |
|
iven
|
88d01b5d84
|
test(health): 积分系统集成测试 — 12 个测试覆盖 FIFO/签到/兑换/隔离
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 签到积分首次/连续签到
- 自定义事件积分增加
- FIFO 消费、精确消费、部分消费、余额不足
- 账户自动创建、兑换订单创建
- 交易记录查询、租户隔离
|
2026-04-27 21:21:04 +08:00 |
|
iven
|
6997bb1d90
|
test: Phase 0 测试基础设施 — TestApp + MSW + 覆盖率工具 + CI
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- TestApp struct 封装 TestDb + HealthState + tenant_id/operator_id
- TestFixture 工厂方法: create_patient/create_doctor/create_schedule/create_appointment
- 前端 MSW v2 handlers (auth) + server setup + vitest 集成
- vitest coverage v8 配置 + test:coverage script
- GitHub Actions CI: backend (check + test + clippy) + frontend (tsc + test + build)
|
2026-04-27 21:12:08 +08:00 |
|
iven
|
22ef5b6d1f
|
feat(core): 审计日志哈希链 — prev_hash + record_hash + 完整性验证
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 迁移 087: audit_logs 表添加 prev_hash/record_hash 列 + 索引
- audit_service::record() 写入时查询前一条 record_hash 作为 prev_hash
- SHA256(id+action+resource_type+resource_id+created_at+prev_hash) 计算 record_hash
- verify_hash_chain() 验证链完整性,返回 (总记录数, 断链数)
|
2026-04-27 19:38:39 +08:00 |
|
iven
|
d5c9654370
|
fix(db): 修复迁移 084/085 SQL 语法 + RLS 动态表名查询
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 084/085: PostgreSQL DELETE 不支持 LIMIT,改用 ctid IN (SELECT ... LIMIT)
- 086: RLS 迁移改为动态查询 information_schema 获取含 tenant_id 的表,
避免硬编码表名不一致问题
- 全量测试 490 个通过(含 27 个集成测试 + RLS 验证)
|
2026-04-27 18:52:03 +08:00 |
|
iven
|
bcaeb0beef
|
feat(server): tenant RLS 中间件 — SET app.current_tenant_id
- 新增 tenant_rls_middleware:JWT 解析后 SET 租户 ID,请求结束 RESET
- 挂载到 protected router 的 JWT 层之后
- SET 失败仅 warn 不阻断(RLS 是安全网,主隔离在应用层)
- RESET 防止连接池复用时租户上下文泄漏
|
2026-04-27 18:41:28 +08:00 |
|
iven
|
b7b9f50d00
|
feat(db): RLS 策略迁移 — 80 张 tenant_id 表启用行级安全
- 所有含 tenant_id 的表(基础 34 + 健康 28 + 其他 18)启用 RLS
- 策略:未设置 app.current_tenant_id 时允许全部,设置后按 tenant_id 过滤
- down 方法完整回退(DROP POLICY + DISABLE ROW LEVEL SECURITY)
|
2026-04-27 18:40:07 +08:00 |
|
iven
|
3197dde33c
|
feat(core): 事件归档 + 消费者幂等性 — 迁移 084/085 + 清理任务
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 迁移 084: domain_events_archive 归档表 + cleanup_old_published_events()
- 迁移 085: processed_events 去重表 + cleanup_old_processed_events()
- erp-core: is_event_processed() / mark_event_processed() 幂等性辅助
- erp-server: tasks::start_event_cleanup() 每 24h 归档 >90 天事件
|
2026-04-27 18:12:43 +08:00 |
|
iven
|
d31d7beb1f
|
feat(server): outbox relay 改为 LISTEN/NOTIFY + 30s 兜底轮询
- EventBus::publish() 持久化后执行 NOTIFY outbox_channel
- outbox relay 使用 sqlx::PgListener 监听 + tokio::select! 竞争
- 30s 兜底轮询防止 NOTIFY 丢失,断线自动重连
- 轮询间隔从 5s 提升到 30s,事件延迟降至 <100ms
|
2026-04-27 17:50:38 +08:00 |
|
iven
|
13b23e90f4
|
feat(health): 消息推送集成 — 定时任务启动 + 预约提醒事件
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- erp-server: 启动逾期随访检查(6h)、积分过期(24h)、预约提醒(1h) 定时任务
- appointment_service: 新增 send_reminders 扫描明日确认预约发送事件
- erp-message: 订阅 appointment.reminder 事件,向患者发送提醒消息
|
2026-04-27 14:51:40 +08:00 |
|
iven
|
dc5879228e
|
feat(health): 随访模板系统 — follow_up_template + template_field 全栈
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
新增随访模板和模板字段两张表及完整 CRUD:
- 迁移 083: follow_up_template + follow_up_template_field
- Entity: 模板(名称/类型/适用范围/状态) + 字段(标签/键名/类型/选项/校验)
- DTO: 创建时内嵌字段列表、更新支持全量替换字段
- Service: 随访类型+字段类型校验、级联软删除
- Handler: 5 端点 + RBAC 权限
- 路由: /api/v1/health/follow-up-templates
|
2026-04-27 14:40:28 +08:00 |
|
iven
|
2519ad8fee
|
feat(auth): 微信 session_key 迁移到 Redis — 内存降级兜底
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
session_key 从全局 HashMap 迁移到 Redis(SET key EX 300 / GETDEL),
Redis 不可用时自动降级到内存缓存,提升多实例部署安全性。
|
2026-04-27 13:05:25 +08:00 |
|
iven
|
a4daa8f49c
|
feat(server): 健康检查增强 — 新增 /health/ready 就绪检查
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 保留 /health 轻量存活检查
- 新增 /health/ready 含 DB ping + Redis ping 并行检测
- 返回 status(ok/degraded/unavailable) + 各组件延迟和错误信息
|
2026-04-27 12:54:16 +08:00 |
|
iven
|
a2c1b5ece8
|
feat(db): 注册透析处方迁移 + AI Prompt 种子数据(4 个默认模板)
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 注册遗漏的 m20260427_000081_create_dialysis_prescription 迁移
- 新增 000082 种子迁移:插入 4 个 AI Prompt 模板
(化验单解读/趋势分析/体检方案/报告摘要)
|
2026-04-27 12:50:16 +08:00 |
|
iven
|
bab0d6619b
|
feat(health): 用药记录实体 — CRUD 全栈
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 迁移 080: medication_record 表(18 字段 + 频率/给药途径校验)
- Entity/DTO/Service/Handler 全链路
- 端点: GET/POST/PUT/DELETE /health/medications + /health/patients/{id}/medications
- 软删除 + 乐观锁 + 审计日志
|
2026-04-27 11:45:49 +08:00 |
|
iven
|
67f2d07809
|
feat(health): 体征增加体温/SpO2/血糖类型字段
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 迁移 079: vital_signs 表新增 body_temperature/spo2/blood_sugar_type 列
- Entity/DTO/Service 全链路支持新字段
- blood_sugar_type: fasting/postprandial/random/ogtt
- daily_monitoring 兼容层补全新字段为 None
|
2026-04-27 11:31:40 +08:00 |
|
iven
|
7e66561a5f
|
fix(health): 统一随访类型为 5 种 — phone/outpatient/home_visit/online/wechat
- validation.rs: face_to_face 替换为 outpatient,新增 home_visit/wechat
- FollowUpTaskList.tsx: 新增 online 选项,与后端对齐
- 迁移 078: follow_up_task + follow_up_record face_to_face → outpatient
|
2026-04-27 11:20:57 +08:00 |
|
iven
|
5b81a0051f
|
docs: 修正测试策略 spec 的事实性错误
修正 spec review 发现的问题:
- C-1: TestDb 实际是本地 PostgreSQL 隔离,非 Testcontainers
- C-2: E2E 已有 4 spec/10 测试,非零测试
- 补充 6 个遗漏的 service(alert/daily_monitoring/critical_value_threshold 等)
- 增加 Phase 0 基础设施搭建
- 修正 CI 配置(增加 PostgreSQL service、验证链)
- 补充 5 个遗漏风险项和回退策略
- 统一"全量 80%"目标的准确含义
|
2026-04-27 00:21:02 +08:00 |
|
iven
|
787e64d9a9
|
fix: 前端深度审计全量修复 — 安全/功能/代码质量
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
严重 BUG 修复:
- 修复 Token 过期后 hash 重定向导致无法跳转登录页
- 修复文章编辑器新建后提交审核使用错误 ID
安全加固:
- HTML 清理函数替换为 ammonia 专业库(替代自定义解析器)
- 文件上传添加 magic bytes 校验(防 Content-Type 伪造)
- 登录添加账户级失败锁定(5次失败→15分钟锁定)
- 审计日志 9 个关键更新操作补充变更前后值(with_changes)
功能缺陷修复:
- 登录/登出时清理 API 缓存(防多账户数据污染)
- 文章编辑器上传改用统一 HTTP 客户端(自动 token 刷新)
- 添加全局 HTTP 错误处理和后端错误消息展示
- PrivateRoute 增加路由级权限检查(系统管理页面)
- 健康数据三个 Tab 添加编辑/删除功能
- 预约创建增加排班可用性校验提示
- 医生详情 API 返回解密后的原始执照号
代码清理:
- 删除未使用的 auth.ts refresh() 函数
- 删除重复的 AuthGuard.tsx 组件
- 删除未使用的 getHealthSummary API
|
2026-04-26 21:47:26 +08:00 |
|
iven
|
b05b7c27a0
|
feat: 审计修复 Phase 6-7 — SSE 推送/工作流补全/消息群发/前端收尾
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
Phase 6 功能补全:
- P1-3: 消息 SSE 实时推送端点 + 前端 EventSource 连接
- P1-6: ServiceTask HTTP 调用能力 (reqwest GET/POST)
- P1-7: user.deleted 事件处理 — 终止相关流程实例
- P1-8: 任务认领 (claim) 端点 + handler
- P1-9: 超时检查器发布 task.timeout 事件
- P1-15: 组织/部门名称唯一性校验 (create + update)
- P1-18: 消息群发 fan-out (role/department/all 批量投递)
Phase 7 P3-P4 收尾:
- PluginAdmin purge 按钮状态修复
- ChangePassword 最小 8 字符 + 新旧密码不同验证
- AuditLogViewer 用户名缓存 + 扩展资源类型
- InstanceMonitor 通过 definition 缓存解析 node_name
- NotificationPreferences DND 时间范围校验
|
2026-04-26 19:44:04 +08:00 |
|
iven
|
83fe89cbcd
|
fix: 全系统审计问题修复 — 安全/数据完整性/功能缺陷/UX (Phase 1-5)
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
Phase 1 安全热修复:
- P0-1: /uploads 文件服务添加 JWT 认证中间件(支持 header + query param)
- P0-2: analytics/batch 路由从 public 移到 protected_routes
- P0-3: plugin engine SQL 注入修复(format! → 参数化查询)
- P0-new: stats_service compute_avg_field 字段白名单 + FLOAT8 类型转换
Phase 2 数据完整性:
- P0-4: 组织删除级联检查(添加部门存在性校验)
- P0-5: 部门删除级联检查(添加岗位 + 用户存在性校验)
- P0-8: workflow on_tenant_deleted 实现 5 实体批量删除
- P0-7: 并行网关 race condition 修复(consumed → completed 原子转换)
Phase 3 P1 后端 Bug:
- P1-12: plugin host 表名消毒(使用 sanitize_identifier)
- P1-10: workflow deprecated 状态转换(published → deprecated)
- P1-11: workflow 更新验证条件(nodes/edges 任一变化即验证)
- P0-9: 小程序 .gitignore 添加 .env/.env.*/日志
- P1-19: 小程序加密密钥替换为 64 字符强密钥
Phase 4 消息模块:
- P1-5: 通知偏好 GET 路由 + handler
- P1-4: 消息模板 update/delete CRUD + version
- P2-8: mark_all_read SQL 添加 version + 1
- P2-7: markAsRead 改为乐观更新 + 失败回滚
Phase 5 前端修复:
- P2-9: 通知面板点击导航到 /messages
- P2-1: 随访任务患者名批量 ID 解析(替代 UUID 显示)
- P2-5: AppointmentList 分离 patient_id/doctor_id 分别调用 API
- P2-17: PluginMarket installed 字段修正(name → id)
- P3-3: 路由标题 fallback 改为模式匹配(支持 :id 动态路径)
- P2-15: workflow updateDefinition 添加 version 字段
- P3-9: Kanban 版本使用记录实际 version
- P2-21: secure-storage 生产环境无密钥时阻止存储
- P3-11: destroyOnHidden → destroyOnClose
- P3-13: PendingTasks 深色模式 Tag 颜色适配
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-26 19:16:23 +08:00 |
|
iven
|
f0076aa240
|
feat: Iteration 3 — 咨询轮询、统计概览、埋点后端
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- consultation_service 支持 after_id 增量消息查询
- 小程序咨询详情页 8 秒轮询新消息
- 新增 DashboardStatsResp 综合统计端点 (/statistics/dashboard)
- 新增 /analytics/batch 埋点接收端点(日志记录模式)
|
2026-04-26 13:54:21 +08:00 |
|
iven
|
7ab57ea1b2
|
fix(health): PII 加密安全审计修复 — 2 Critical + 6 Medium + 4 Low
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
审计发现 55 检查点,46 PASS / 7 WARN / 2 FAIL,修复内容:
Critical:
- C1: 密钥轮换端点现在持久化新 DEK 到 tenant_crypto_keys 表
- C2: CachedDek 实现 Drop trait,释放时清零密钥材料
Medium:
- M1: 密文格式添加版本前缀 0x01,向后兼容旧格式
- M2: HMAC 索引使用独立子密钥,与加密 KEK 分离
- M4: 脱敏函数使用 chars() 迭代器,UTF-8 安全
- M5-M6: 医生执业证号详情响应脱敏 (mask_license_number)
Low:
- L1: dek_manager 改为 pub(crate),暴露 invalidate_dek() 方法
- L3: 合并 patient 列表搜索中冗余的重复 HMAC 计算
- L4: update_family_member/update_doctor 更新时设置 key_version
|
2026-04-26 13:34:25 +08:00 |
|
iven
|
a0b72b0f73
|
feat: Iteration 1 — 审计日志IP记录、文件上传、医护端API、小程序角色切换
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
Iteration 1 六项任务全部完成:
1. 审计日志IP记录 — task_local RequestInfo 自动注入 IP/user_agent
2. 文件上传服务 — multipart 上传 + ServeDir 静态文件服务
3. 医护端后端API — 医生工作台仪表盘 + 患者标签CRUD + 会话已读
4. 小程序角色切换 — 登录后根据角色跳转医护台/患者首页
5. 小程序安全加固 — secure-storage 开发模式警告
6. 讨论记录归档 — docs/discussions/
|
2026-04-26 13:13:25 +08:00 |
|
iven
|
ebc0f20e33
|
test(health): PII 加密集成测试 + 性能基准 + 编译修复
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 10 个集成测试: CRUD 加密流(8) + 多租户隔离(2)
- 3 个性能基准: encrypt avg 17μs, decrypt avg 14μs, 批量50条 877μs
- 8 个 key_manager 单元测试 + 4 个 masking 边界测试
- 迁移: 加宽 emergency_contact_phone/phone/license_number/result 列
- 修复: follow_up_service.create_record 返回密文改为解密返回
- 修复: consultation_service/patient_service HealthError::NotFound 引用
|
2026-04-26 13:10:53 +08:00 |
|
iven
|
49b8300fdc
|
feat(core): DEK 缓存 + 密钥轮换管理端点
- erp-core/crypto/key_manager: DashMap LRU DEK 缓存 (TTL 5min, 100条)
- DekManager: get_or_create_dek, generate_new_dek, invalidate
- PiiCrypto 集成 DekManager
- POST /api/v1/admin/tenants/:id/rotate-key: 生成新 DEK + 缓存失效
- 权限: tenant.manage (仅超级管理员)
|
2026-04-26 12:40:25 +08:00 |
|