iven
|
cb3653c92e
|
feat(health): family_member + doctor_profile PII 加密
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 迁移 m000067: patient_family_member 添加 phone_hash + key_version
- 迁移 m000068: doctor_profile 添加 license_number_hash + key_version
- family_member: phone 加密 + HMAC 索引 + 列表脱敏
- doctor_profile: license_number 加密 + HMAC 搜索重写 + 详情解密
- 列表中 Tier 1 字段返回 None
|
2026-04-26 12:23:10 +08:00 |
|
iven
|
1b3caf0e69
|
feat(health): consultation_message + follow_up_record PII 加密
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 迁移 m000065/m000066: 添加 key_version 列
- consultation_message: content 加密写入 + 解密读取
- follow_up_record: result/patient_condition/medical_advice 加密
- Entity: 添加 key_version 字段
|
2026-04-26 12:17:49 +08:00 |
|
iven
|
e6f036eaf4
|
feat(health): patient_service 集成 PiiCrypto — 电话/过敏史/病史加密
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- HealthState.crypto: HealthCrypto → PiiCrypto (erp-core)
- create_patient: 加密 phone/allergy/medical_history + HMAC 索引
- update_patient: 同上,同步加密
- model_to_resp_decrypted: 解密所有 Tier 1 字段
- model_to_resp (列表): Tier 1 字段返回 None
- list_patients 搜索: 新增 phone hash 精确搜索
- article handler: 适配新 list_articles 签名
- article 迁移: 添加 category_id 列
- error.rs: From<String> for HealthError
- 集成测试: HealthCrypto → PiiCrypto::dev_default()
|
2026-04-26 10:37:52 +08:00 |
|
iven
|
e0b299ccd4
|
feat(health): patient entity PII 伴生字段 + content_management 编译修复
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 迁移 m000064: patient 添加 emergency_contact_phone_hash + key_version
- patient Entity 补充对应字段
- 修复 content_management 迁移: exec_stmt → execute_unprepared
- 修复 article_service: 补全新字段 (status/slug/content_type 等)
- 修复 article_article_tag: 复合主键注解
|
2026-04-26 10:27:58 +08:00 |
|
iven
|
1f8fd0465d
|
fix(health): 趋势图数据不显示 — 后端 DTO 元组→结构体 + 前端解包修复
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 后端 IndicatorTimeseriesResp.data 从 Vec<(NaiveDate, f64)> 改为 Vec<DataPoint>
解决 JSON 序列化为数组而非对象导致前端无法识别的问题
- 前端 VitalSignsChart 正确解包 API 返回的 { indicator, data } 响应结构
- 移除趋势图无用的指标下拉选择器,固定显示收缩压(晨)趋势
- 修复 PatientDetail Card body padding 三层嵌套空白问题
|
2026-04-26 09:35:05 +08:00 |
|
iven
|
5cb4e5e0ec
|
fix(health): 审计修复 — alert 时序 + outbox 幂等性
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
1. CRITICAL: check_vital_signs_alert 移至 insert 之后执行,
防止数据未持久化就触发告警
2. CRITICAL: send_system 添加 business_id 幂等检查,
防止 outbox relay 重放导致重复消息通知
3. 修复 consent_service unused_mut 警告
|
2026-04-26 03:54:45 +08:00 |
|
iven
|
4ab189283e
|
feat(health): P0 平台基座回顾 — 7项上线前必修
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
P0-1: 危急值告警消费者 — health_data.critical_alert 事件推送给责任医护
P0-2: 危急值阈值可配置化 — 硬编码改为数据库配置(critical_value_threshold表),支持科室/年龄差异化
P0-3: daily_monitoring合并后告警验证 — update_vital_signs也触发危急值检测
P0-4: 随访逾期通知+幂等保护 — 只通知本次新标记的逾期任务,避免重复
P0-5: 知情同意记录(consent) — 新增实体/迁移/Service/Handler,PIPL合规
P0-6: 审计日志补全 — 患者更新记录前后值(过敏史/病史/状态变更)
P0-7: EventBus持久化增强 — 两阶段提交(pending→published)+启动时outbox relay恢复
|
2026-04-26 03:37:31 +08:00 |
|
iven
|
e3177f262c
|
feat(config): 菜单动态化改造 — 侧边栏从后端 API 加载
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新增 seed 迁移插入完整菜单树(4 directory + 23 menu = 27 条)
- 新增 GET /api/v1/menus/user 端点(仅需登录,无需 menu.list 权限)
- MainLayout 从 API 动态获取菜单树替换硬编码数组
- 扩展图标映射表覆盖 22 个 Ant Design 图标
- Header 标题从动态菜单数据查找,保留 fallback
|
2026-04-26 01:55:01 +08:00 |
|
iven
|
b4735213c5
|
feat(health): Phase 1 业务改进 — 诊断编码/统计API/体征表合并/积分修复
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
1.1 Dashboard 统计: 新增 3 个统计端点 (patient/consultation/follow-up)
1.2 事件发布: follow_up.overdue + health_data.critical_alert 事件
1.3 体征表合并: vital_signs 添加 source 列, daily_monitoring 委托写入
1.4 实时预警: 创建体征时检测血压/心率/血糖异常并发布事件
1.5 诊断编码: 新建 diagnosis entity/service/handler + ICD-10 支持
1.6 积分过期: expire_points 定时任务 + 修复 r#type 列名问题
修复: points_transaction.r#type → transaction_type 列重命名
修复: consultation_message.sender_type → sender_role SQL 列名
前端: 3 个统计 API 从伪实现改为真实调用
|
2026-04-26 00:54:56 +08:00 |
|
iven
|
7ab89f5e93
|
fix(health): 编译错误修复 — 类型不匹配/表名对齐/所有权修正
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- erp-ai entity 表名对齐数据库: ai_prompt/ai_analysis/ai_usage
- stats_service: count() u64 → i64 显式转换
- health_data_service: 危急值检测 i32 比较修正 + req 所有权修复
- points_service: check_version 参数修正
- diagnosis_service: 补充 ActiveModelTrait 导入
- module.rs: start_overdue_checker 参数改为 DatabaseConnection
- module.rs: register_handlers_with_state 避免 move
|
2026-04-26 00:28:31 +08:00 |
|
iven
|
876308596a
|
feat(ai): 补全 Prompt CRUD + 分析历史 + 用量统计 handler 和路由
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 替换 list_analysis/get_analysis 空壳为真实查询
- 新增 list_prompts/create_prompt/activate_prompt/rollback_prompt
- 新增 usage_overview/usage_by_type
- 注册 6 个新路由到 AiModule
|
2026-04-25 23:21:11 +08:00 |
|
iven
|
48d1a84c77
|
feat(ai): UsageService 补全 get_overview/get_by_type 聚合方法
|
2026-04-25 22:53:56 +08:00 |
|
iven
|
2a8c707f6d
|
feat(ai): AnalysisService 补全 list/get 查询方法
|
2026-04-25 22:52:50 +08:00 |
|
iven
|
b2b64ec15d
|
feat(ai): PromptService 补全 list/update/activate/rollback 方法
|
2026-04-25 22:51:47 +08:00 |
|
iven
|
d2baacae7e
|
feat(health): Phase 4 跨模块集成与架构优化 — 通知/标签/待办/数据录入
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
后端:
- erp-message: 添加 appointment.created/confirmed/cancelled 事件监听,自动发送站内通知
- erp-health: 新增 GET /health/patient-tags 标签列表端点 + list_tags service
- wechat-templates: 添加 isTemplateConfigured 运行时校验
前端:
- 新增 Zustand useHealthStore 共享患者/医生名称缓存
- PatientTagManage: UUID 输入替换为 Checkbox 标签选择器
- VitalSignsTab: 添加体征数据录入 Modal (血压/心率/体重/血糖)
- LabReportsTab: 添加化验报告创建 Modal
- HealthRecordsTab: 添加健康记录创建 Modal
- patients API: 添加 TagItem 类型 + listTags 方法
小程序:
- 首页待办事项接入预约和随访 API,替换硬编码 EmptyState
|
2026-04-25 20:10:50 +08:00 |
|
iven
|
e8a794ff69
|
fix(health): 穷尽审计修复 — 3 CRITICAL + 3 HIGH + 2 MEDIUM
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
CRITICAL:
- earn_points 日上限检查用 patient_id 比对 account_id 字段,上限永远不会触发
- verify_order 用 check_version(v, v) 旁路乐观锁,并发核销可能重复
- admin_checkin_event 同样的乐观锁旁路
HIGH:
- FIFO 消费循环改用数据库级 CAS 替代应用层 update_many
- 兑换流程账户余额/库存扣减全部改用 CAS 防并发超卖
- verify_order 改用 update_many + version filter 的原子操作
MEDIUM:
- points_checkin entity 补全 updated_at/updated_by/deleted_at/version 字段
- 新增迁移 m20260425_000055 添加列
- daily_checkin 打卡记录+积分获取+阶梯奖励合并为同一事务
- 删除废弃的 check_streak_bonus 独立函数(被 check_streak_bonus_in_txn 替代)
|
2026-04-25 19:44:46 +08:00 |
|
iven
|
17085a3e61
|
fix(health): P1 功能缺陷修复 — 8 项后端+小程序问题
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 管理员订单列表:新增 admin_list_orders 不按 patient_id 过滤
- 分配医生:添加 doctor_profile 存在性验证防止孤立关联
- 标签管理:将软删除+插入包裹在事务中防止标签丢失
- HealthDataProvider:标记为 experimental,改进错误消息
- 预约 CAS:添加注释说明匹配字段与唯一索引的关系
- 小程序 DTO:inputVitalSign 映射 indicator_type 到结构化字段
- 小程序数据隔离:listAppointments/listTasks 添加 patient_id 参数
- 小程序字段名:family-add 修复 birthday → birth_date
|
2026-04-25 19:37:35 +08:00 |
|
iven
|
b9e794d701
|
fix(health): P0 关键热修复 — 7 项数据完整性和安全问题
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 逾期随访检查器:on_startup 现在启动定时器 + 立即执行一次
- 积分并发:earn_points 使用数据库级 CAS 替代无效的 check_version
- 签到奖励:check_streak_bonus 包裹在事务中 + CAS 保护
- 活动报名:register_event 包裹在事务中 + CAS 防超员
- 咨询消息:强制 sender_id 为认证用户,防止冒充
- 逾期更新:check_overdue_tasks 现在递增 version 字段
- 趋势生成:添加 365 天范围上限,防止内存溢出
|
2026-04-25 19:30:02 +08:00 |
|
iven
|
7b18a7398d
|
feat(health): 线下活动管理端 CRUD + 积分统计 API + 前端页面 (Chunk 4)
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
后端:
- 线下活动管理: create/update/delete/list/checkin 5 个管理端接口
- 活动签到自动发放积分 (事务内原子操作)
- 积分统计 API: 总发放/总消耗/总过期/活跃账户/Top10排行
前端:
- OfflineEventList: 活动管理页面 (创建/编辑/删除/状态筛选)
- points.ts 扩展: 线下活动 + 统计 API 方法
- 侧边栏新增线下活动入口
|
2026-04-25 17:34:54 +08:00 |
|
iven
|
eb937d3d02
|
feat(health): 日常监测后端 + 积分商城 PC 管理页面 (Chunk 3 V2 迭代)
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
后端 - 日常监测:
- 新增 daily_monitoring 表 (血压/体重/血糖/出入量/备注)
- Entity/DTO/Service/Handler 完整 CRUD
- 唯一约束 (patient_id, record_date) 防重复上报
前端 - 积分商城管理 (3 页面):
- PointsRuleList: 积分规则增删改 + 启用禁用
- PointsProductList: 商品管理 + 库存 + 类型筛选
- PointsOrderList: 订单列表 + 扫码核销
- API 模块 points.ts 对接 6 个管理端接口
- 侧边栏新增积分规则/商品管理/订单管理入口
|
2026-04-25 17:24:32 +08:00 |
|
iven
|
9901d5ce49
|
fix(ai): 审计问题修复 — 错误映射/性能/SSE/依赖规范化
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- C3: handler 中 .map_err(AppError::Internal) 改为 ? 操作符,
利用 From<AiError> for AppError 实现正确的 HTTP 状态码映射
- H1: AiState 预构建在 AppState 初始化时,避免每次请求重建
ClaudeProvider/AnalysisService/PromptService/UsageService
- H3: stream_analyze 的 user_id 参数传递到 created_by/updated_by
- H5: SSE 事件添加 .event("chunk"/"error"/"done") 类型字段
- L3: erp-ai Cargo.toml 依赖改用 workspace 引用
(reqwest/handlebars/sha2/hex)
- 修复 erp-health 编译错误: points_handler 缺少 ColumnTrait 导入,
points_service 版本字段部分移动问题
|
2026-04-25 16:53:01 +08:00 |
|
iven
|
4ab67ba559
|
feat(health): 积分商城后端完整实现 (Chunk 2 V2 迭代)
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新增 8 张数据库表: points_account/rule/transaction/product/order/checkin + offline_event/registration
- SeaORM Entity: 8 个实体,含完整 Relation 定义
- DTO: 积分规则/商品/订单/签到/线下活动请求响应类型
- Service: FIFO 积分消费、每日打卡(连续奖励)、商品兑换(QR码核销)、线下活动报名
- Handler: 16 个 API 端点 (患者端10 + 管理端6)
- 权限: health.points.list / health.points.manage
- 12个月滚动过期机制
- 审计日志全量覆盖
|
2026-04-25 16:51:38 +08:00 |
|
iven
|
41dda568a5
|
feat(ai): SSE 流式分析 Handler 实现 (4 端点 + 历史)
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 14:03:29 +08:00 |
|
iven
|
2e555ca72a
|
feat(server): erp-ai 模块集成 — Config/State/路由注册
- 新增 AiConfig 到 AppConfig
- 新增 FromRef<AppState> for AiState
- 注册 AiModule 到 ModuleRegistry
- 合并 AI protected routes
- 修复 sync_module_permissions 只同步 health.% 的 bug
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 14:01:07 +08:00 |
|
iven
|
fada33101c
|
feat(ai): AiState + AiModule (ErpModule impl + 权限 + 路由骨架)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 13:58:33 +08:00 |
|
iven
|
6d392ae2b5
|
feat(ai): AnalysisService 核心编排 + PromptService + UsageService
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 13:57:23 +08:00 |
|
iven
|
e0e4a7f9a1
|
feat(ai): 数据脱敏服务 + Prompt 模板渲染引擎
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 13:55:40 +08:00 |
|
iven
|
06f3d08c61
|
feat(ai): AiProvider trait + Claude SSE 流式实现 + DTO 定义
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 13:54:49 +08:00 |
|
iven
|
af338e0a70
|
feat(ai): 添加 SeaORM Entity (ai_prompt/ai_analysis/ai_usage)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 13:52:47 +08:00 |
|
iven
|
f0e7c4424a
|
feat(db): 添加 ai_prompts / ai_analysis_results / ai_usage_logs 迁移
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 13:51:50 +08:00 |
|
iven
|
1cff3e526d
|
feat(health): 添加 HealthDataProvider stub 实现
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 13:50:13 +08:00 |
|
iven
|
eebfaac0d8
|
feat(core): 新增 HealthDataProvider trait + DTO 定义
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 13:49:10 +08:00 |
|
iven
|
ec0483ffb1
|
feat(ai): 创建 erp-ai crate 骨架 + 错误类型
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-04-25 13:47:57 +08:00 |
|
iven
|
16c63925ce
|
feat(health): V2 血透专科数据模型 — dialysis_record + lab_report 审阅流程
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 新增 dialysis_record 表和完整 CRUD API(透析日期/体重/血压/超滤量/透析类型/症状)
- ALTER lab_report 增加 source/status/reviewed_by/reviewed_at 字段
- 重命名 lab_report: indicators→items, doctor_interpretation→doctor_notes
- 新增透析记录审阅端点 PUT /dialysis-records/{id}/review
- 新增化验报告审阅端点 PUT /patients/{id}/lab-reports/{rid}/review
- 化验报告 items JSON 支持 V2 结构(name/value/unit/reference/is_abnormal)
- 迁移 m000051 含完整 up/down 回滚
- 94 个后端测试全部通过,API 全链路验证通过
|
2026-04-25 13:45:11 +08:00 |
|
iven
|
355e8da272
|
fix(health): 全链路流通性验证修复
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- 创建 stub migration 解决缺失文件报错
- PatientList/PatientDetail: DatePicker dayjs 对象序列化为 YYYY-MM-DD
- AppointmentList: 预约类型与后端验证对齐(outpatient/recheck/health_checkup/consultation/dialysis)
- AppointmentList: 医生字段改为必填(后端 CAS 排班要求), destroyOnClose→destroyOnHidden
- Home.tsx: 补充审计日志 action 翻译(created/login_failed 等)
全链路验证通过: 医生CRUD→排班→预约创建+状态流转→随访生命周期→咨询会话+消息→患者详情+健康数据
|
2026-04-25 11:31:54 +08:00 |
|
iven
|
0bf1822fa9
|
fix: QA 第二轮修复 — PatientDetail 重构/测试覆盖/id_number 列宽/小程序 URL 规范化
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- refactor(web): PatientDetail.tsx 拆分为 4 个子组件(737→334行)
- refactor(web): 提取 usePaginatedData hook 消除重复分页状态
- feat(db): patient.id_number varchar(20)→varchar(255) 容纳加密值
- test(health): 添加预约模块集成测试(创建/列表/租户隔离)
- test(plugin): 添加 6 个 SQL 注入 sanitize 测试
- fix(miniprogram): 7 个 service 文件 URL 构建规范化(params 对象)
- fix(miniprogram): 跨平台字段名对齐(birth_date/start_time/end_time)
|
2026-04-25 10:22:44 +08:00 |
|
iven
|
945ccd64ba
|
fix: 全面 QA 审计修复 — 安全加固/代码质量/跨平台一致性/测试覆盖
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
Phase 0 安全热修复 (CRITICAL):
- 外部化微信 appid/secret 到 ERP__WECHAT__APPID/SECRET 环境变量
- 正确连接 HealthCrypto 到 ERP__HEALTH__AES_KEY/HMAC_KEY 环境变量
- 外部化小程序加密密钥到 TARO_APP_ENCRYPTION_KEY 环境变量
- 移除小程序 auth store 中的敏感信息 console.log
Phase 1 安全加固:
- 微信自动注册 display_name 添加 sanitize 防止 XSS
- 测试数据库凭据改为从 TEST_DB_URL 环境变量读取
Phase 2 代码质量:
- 提取 useThemeMode hook 消除 22 处重复暗色模式检测
- 提取共享健康常量到 constants/health.ts
- 拆分 patient_service.rs 脱敏函数到 masking.rs
- 移除未使用的 i18next/react-i18next 依赖
- 移除未使用的 api/errors.ts 和 erp-auth/anyhow 依赖
Phase 3 测试覆盖:
- 新增 5 个患者模块集成测试 (CRUD/租户隔离/验证/软删除)
Phase 4 跨平台一致性:
- 统一小程序 Patient.birthday → birth_date 匹配后端
- 统一小程序 Appointment.time_slot → start_time/end_time 匹配后端
Phase 5 架构:
- 微信登录添加多租户 TODO 注释
- 更新 wiki/infrastructure.md 环境变量文档
|
2026-04-25 10:00:49 +08:00 |
|
iven
|
07f4ba41ba
|
fix(health): 穷尽审计修复 — 权限同步/编译错误/前端bug/审计日志
CI / frontend-build (push) Has been cancelled
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / security-audit (push) Has been cancelled
审计发现并修复的问题:
HIGH:
- H1: ConsultationDetail 使用 getSession(id) 替代错误的列表搜索
- H2: SessionResp 添加 version/updated_at 字段
- H3: 移除 FollowUpRecordList 调用不存在的导出端点
- H4: 新增 articles.ts 前端 API 模块
MEDIUM:
- M1: article delete 添加乐观锁 (expected_version)
- M2: 取消预约排班释放传播错误 (log::warn -> ?)
- M3: FollowUpTaskList 日期格式 Dayjs -> string
- M4: 补充 15 个缺失审计日志
LOW:
- L1: 替换 follow_up_service 中的 .unwrap()
- L2: PatientListItem 添加 version 字段
CRITICAL (新发现):
- 权限未同步: 健康模块 14 个权限从未写入数据库,添加启动时自动同步
- migration 表名错误: patients -> patient
- 编译错误: health_trend entity 未导入, ToPrimitive trait 未导入
- HealthError 缺少 From<AppError> 实现
|
2026-04-25 08:58:58 +08:00 |
|
iven
|
02c96d9b45
|
test(health): validation.rs 纯函数测试 57 用例
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
覆盖所有枚举校验和状态机转换:
- gender/blood_type/appointment_type 等 13 种枚举白名单
- appointment 状态转换 8 条路径
- follow_up 状态转换 11 条路径(含 overdue)
|
2026-04-25 00:46:09 +08:00 |
|
iven
|
994119ded1
|
feat(health): 文章管理 CRUD 补充 create/update/delete
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- article_dto 新增 CreateArticleReq/UpdateArticleReq 含 sanitize
- article_service 新增 create_article/update_article/delete_article 含审计日志
- article_handler 新增三个 handler 端点含权限校验
- module.rs 文章路由合并 POST/PUT/DELETE
|
2026-04-25 00:34:15 +08:00 |
|
iven
|
43e127d4f7
|
feat(health): 事件驱动集成 + 数据一致性修复 + 逾期随访检查
- event.rs 重写为有状态处理器(订阅 workflow.task.completed / message.sent)
- module.rs on_startup 初始化 HealthCrypto 并注册事件处理器
- consultation_service 消息发送改为事务包裹(INSERT + CAS 原子更新)
- appointment_service 取消预约释放排班名额增加下限保护
- appointment_service update_schedule 增加 max_appointments >= current_appointments 校验
- follow_up_service 新增 complete_task_by_system 和 check_overdue_tasks
- validation.rs 随访状态机增加 overdue 状态支持
- main.rs 启动时运行逾期随访检查后台任务
|
2026-04-25 00:30:32 +08:00 |
|
iven
|
6c70e2a783
|
feat(health): 身份证号 AES-256-GCM 加密 + HMAC 索引 + 字段级脱敏
- crypto.rs: AES-256-GCM 加密/解密 + HMAC-SHA256 索引
- create/update: id_number 加密存储, id_number_hash 索引
- list: 不返回 id_number, 手机号掩码
- detail: 解密后身份证掩码(前3后4), 手机号掩码
- 搜索: 改用 HMAC 精确匹配(不再模糊搜索加密列)
- 迁移 m000048: 添加 patients.id_number_hash 列
|
2026-04-25 00:21:49 +08:00 |
|
iven
|
479b5900c9
|
feat(health): 注入审计日志覆盖所有写入操作
17 个方法全覆盖:patient(4)、appointment(2)、consultation(3)、
follow_up(2)、doctor(3)、health_data(3)。使用 fire-and-forget 模式。
|
2026-04-25 00:12:19 +08:00 |
|
iven
|
1d1f01df81
|
feat(health): 为所有 DTO 添加 sanitize 防止存储型 XSS
覆盖 patient/health_data/appointment/follow_up/consultation/doctor
6 个 DTO 模块共 14 个请求结构体,在 handler 层统一调用 sanitize。
|
2026-04-25 00:04:25 +08:00 |
|
iven
|
6776a82926
|
feat(auth): 微信手机号真实 AES 解密替换 MVP 占位
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
- login 阶段缓存 session_key(内存 HashMap,5 分钟 TTL)
- bind_phone 用 AES-128-CBC + PKCS7 解密 encryptedData 获取真实手机号
- 新增 workspace 依赖:aes, cbc, hex, base64
- 移除硬编码 "13800000000" 占位逻辑
|
2026-04-24 12:56:12 +08:00 |
|
iven
|
2dc280a401
|
feat(health): 新增预约/随访单条查询 GET 端点
|
2026-04-24 12:22:52 +08:00 |
|
iven
|
e7b6bdfcac
|
feat(health): 新增小程序专用今日体征摘要端点 GET /health/vital-signs/today
|
2026-04-24 12:17:17 +08:00 |
|
iven
|
a0ca156e2c
|
fix(health): 精准审计修复 6 个真实问题 — 安全/一致性/性能
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
P0: consultation handler sender_role 从请求体移除,改为服务端推导(防伪造)
P1: 所有软删除操作统一使用 check_version 乐观锁(6个函数)
P1: 修复 health_trend 索引缺少 tenant_id 前导列 + follow_up_record 补 (tenant_id, executed_date) 索引
P2: Decimal->f64 使用 ToPrimitive::to_f64 替代脆弱的 to_string().parse()
P2: 预约取消释放槽位+状态更新包裹进同一事务
|
2026-04-24 08:36:22 +08:00 |
|
iven
|
6391a13467
|
fix(auth+miniprogram): 清除全部审计遗留问题
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
MEDIUM:
- WechatLoginReq/WechatBindPhoneReq 添加 Validate 派生 + 字段校验规则
- handler 中调用 req.validate() 并 map_err 转换
- 新增 AuthError::DbError 变体,wechat_service 所有 DB 错误从 Validation 改为 DbError
- DbError 映射到 AppError::Internal,不再误导前端
LOW:
- fetch_session 改用 reqwest Client.query() 构建参数,自动 URL 编码
- app.tsx PropsWithChildren<any> 改为 Record<string, unknown>
- login handleGetPhone 回调 e: any 改为内联类型
- appointment/create 4 个事件回调 e: any 改为内联类型
- health/input catch (e: any) 改为 catch (e: unknown) + instanceof 守卫
- report/detail Object.entries 去掉 [string, any] 类型断言
- wechat_service 移除 decrypt_phone_placeholder 函数,内联占位注释
|
2026-04-24 08:16:01 +08:00 |
|
iven
|
ef6d76ef6c
|
fix(miniprogram+auth): 二次审计修复 — 3 HIGH + 2 MEDIUM
CI / rust-check (push) Has been cancelled
CI / rust-test (push) Has been cancelled
CI / frontend-build (push) Has been cancelled
CI / security-audit (push) Has been cancelled
HIGH:
- wechat_users 迁移补充 created_by/updated_by/version 标准字段
- Entity 同步更新,bind_phone 创建记录时填充新字段
- appointment create 移除 schedule_id 空字符串,改为可选
- appointment list 用 useRef 替代 useCallback 的 loading 依赖,消除 stale closure
MEDIUM:
- report 页 patientId 从顶层读取改为 useDidShow 内动态获取,就诊人切换后正确刷新
- profile/reports 同上修复
- profile/followups 移除 useDidShow 非法的第二参数
|
2026-04-24 08:05:58 +08:00 |
|