86 Commits

Author	SHA1	Message	Date
iven	5621dbe273	feat(web): AI 管理端 3 页面 — Prompt/分析历史/用量统计 ... - API 封装: prompts.ts / analysis.ts / usage.ts - AiPromptList: CRUD + 激活/回滚 + AuthButton 权限 - AiAnalysisList: 历史列表 + 行展开查看结果 - AiUsageDashboard: 总次数/类型分布统计卡片 - 菜单注册 + 路由配置 (MainLayout + App.tsx)	2026-04-25 23:44:15 +08:00
iven	d2baacae7e	feat(health): Phase 4 跨模块集成与架构优化 — 通知/标签/待办/数据录入 ... 后端: - erp-message: 添加 appointment.created/confirmed/cancelled 事件监听，自动发送站内通知 - erp-health: 新增 GET /health/patient-tags 标签列表端点 + list_tags service - wechat-templates: 添加 isTemplateConfigured 运行时校验 前端: - 新增 Zustand useHealthStore 共享患者/医生名称缓存 - PatientTagManage: UUID 输入替换为 Checkbox 标签选择器 - VitalSignsTab: 添加体征数据录入 Modal (血压/心率/体重/血糖) - LabReportsTab: 添加化验报告创建 Modal - HealthRecordsTab: 添加健康记录创建 Modal - patients API: 添加 TagItem 类型 + listTags 方法 小程序: - 首页待办事项接入预约和随访 API，替换硬编码 EmptyState	2026-04-25 20:10:50 +08:00
iven	5b520a168c	fix(web): Phase 3 前端 UX/i18n 修复 — 名称解析/确认对话框/日历切换/删除替换 ... - ConsultationList: 批量解析患者/医生名称替代截断 UUID - PointsOrderList: 使用 product_name + 批量解析患者/核销人名称 - AppointmentList: 破坏性状态变更添加 Modal.confirm + 取消原因收集 - CalendarView: 添加 onPanelChange 回调支持月份切换 - DoctorSchedule: 日历视图切换月份自动刷新数据 - PointsRuleList: 移除无效删除按钮，Switch 添加启用/停用文字 - PointsProductList: 删除按钮替换为上架/下架 Switch - PatientSelect: 性别显示中文化 (male→男, female→女) - VitalSignsChart: API 失败时显示 Alert 错误提示 - PointsOrder 类型: 添加 product_name 字段	2026-04-25 19:49:25 +08:00
iven	280f65658a	feat: 积分商城子页面 + 日常监测 + 统计报表 (Chunk 6) ... 小程序 — 积分商城 (3 新页面): - mall/exchange: 兑换确认 (余额校验/QR码生成) - mall/orders: 我的订单 (状态筛选/分页/QR展示) - mall/detail: 积分明细 (余额卡片/收入支出筛选/流水列表) 小程序 — 上报 Tab 改造: - health/daily-monitoring: 日常监测表单 (血压/体重/血糖/出入量) - health/index: 增加快捷操作/打卡状态/近期监测卡片 - consultation: 替换占位为咨询列表 (会话/状态/未读) - profile: 新增积分余额/打卡天数/我的订单/积分明细入口 小程序 — 新增服务: - services/consultation.ts: 咨询会话 API - services/points.ts: 扩展兑换/订单/流水 API - services/health.ts: 扩展日常监测 API PC 管理端: - StatisticsDashboard: 统计报表仪表盘 (患者/咨询/随访/积分卡片 + Top10排行 + 快速链接) - 侧边栏新增统计报表入口 (健康模块首页)	2026-04-25 19:17:11 +08:00
iven	7b18a7398d	feat(health): 线下活动管理端 CRUD + 积分统计 API + 前端页面 (Chunk 4) ... 后端: - 线下活动管理: create/update/delete/list/checkin 5 个管理端接口 - 活动签到自动发放积分 (事务内原子操作) - 积分统计 API: 总发放/总消耗/总过期/活跃账户/Top10排行 前端: - OfflineEventList: 活动管理页面 (创建/编辑/删除/状态筛选) - points.ts 扩展: 线下活动 + 统计 API 方法 - 侧边栏新增线下活动入口	2026-04-25 17:34:54 +08:00
iven	eb937d3d02	feat(health): 日常监测后端 + 积分商城 PC 管理页面 (Chunk 3 V2 迭代) ... 后端 - 日常监测: - 新增 daily_monitoring 表 (血压/体重/血糖/出入量/备注) - Entity/DTO/Service/Handler 完整 CRUD - 唯一约束 (patient_id, record_date) 防重复上报 前端 - 积分商城管理 (3 页面): - PointsRuleList: 积分规则增删改 + 启用禁用 - PointsProductList: 商品管理 + 库存 + 类型筛选 - PointsOrderList: 订单列表 + 扫码核销 - API 模块 points.ts 对接 6 个管理端接口 - 侧边栏新增积分规则/商品管理/订单管理入口	2026-04-25 17:24:32 +08:00
iven	0bf1822fa9	fix: QA 第二轮修复 — PatientDetail 重构/测试覆盖/id_number 列宽/小程序 URL 规范化 ... - refactor(web): PatientDetail.tsx 拆分为 4 个子组件(737→334行) - refactor(web): 提取 usePaginatedData hook 消除重复分页状态 - feat(db): patient.id_number varchar(20)→varchar(255) 容纳加密值 - test(health): 添加预约模块集成测试(创建/列表/租户隔离) - test(plugin): 添加 6 个 SQL 注入 sanitize 测试 - fix(miniprogram): 7 个 service 文件 URL 构建规范化(params 对象) - fix(miniprogram): 跨平台字段名对齐(birth_date/start_time/end_time)	2026-04-25 10:22:44 +08:00
iven	945ccd64ba	fix: 全面 QA 审计修复 — 安全加固/代码质量/跨平台一致性/测试覆盖 ... Phase 0 安全热修复 (CRITICAL): - 外部化微信 appid/secret 到 ERP__WECHAT__APPID/SECRET 环境变量 - 正确连接 HealthCrypto 到 ERP__HEALTH__AES_KEY/HMAC_KEY 环境变量 - 外部化小程序加密密钥到 TARO_APP_ENCRYPTION_KEY 环境变量 - 移除小程序 auth store 中的敏感信息 console.log Phase 1 安全加固: - 微信自动注册 display_name 添加 sanitize 防止 XSS - 测试数据库凭据改为从 TEST_DB_URL 环境变量读取 Phase 2 代码质量: - 提取 useThemeMode hook 消除 22 处重复暗色模式检测 - 提取共享健康常量到 constants/health.ts - 拆分 patient_service.rs 脱敏函数到 masking.rs - 移除未使用的 i18next/react-i18next 依赖 - 移除未使用的 api/errors.ts 和 erp-auth/anyhow 依赖 Phase 3 测试覆盖: - 新增 5 个患者模块集成测试 (CRUD/租户隔离/验证/软删除) Phase 4 跨平台一致性: - 统一小程序 Patient.birthday → birth_date 匹配后端 - 统一小程序 Appointment.time_slot → start_time/end_time 匹配后端 Phase 5 架构: - 微信登录添加多租户 TODO 注释 - 更新 wiki/infrastructure.md 环境变量文档	2026-04-25 10:00:49 +08:00
iven	07f4ba41ba	fix(health): 穷尽审计修复 — 权限同步/编译错误/前端bug/审计日志 ... 审计发现并修复的问题： HIGH: - H1: ConsultationDetail 使用 getSession(id) 替代错误的列表搜索 - H2: SessionResp 添加 version/updated_at 字段 - H3: 移除 FollowUpRecordList 调用不存在的导出端点 - H4: 新增 articles.ts 前端 API 模块 MEDIUM: - M1: article delete 添加乐观锁 (expected_version) - M2: 取消预约排班释放传播错误 (log::warn -> ?) - M3: FollowUpTaskList 日期格式 Dayjs -> string - M4: 补充 15 个缺失审计日志 LOW: - L1: 替换 follow_up_service 中的 .unwrap() - L2: PatientListItem 添加 version 字段 CRITICAL (新发现): - 权限未同步: 健康模块 14 个权限从未写入数据库，添加启动时自动同步 - migration 表名错误: patients -> patient - 编译错误: health_trend entity 未导入, ToPrimitive trait 未导入 - HealthError 缺少 From<AppError> 实现	2026-04-25 08:58:58 +08:00
iven	0c21f13e72	feat(web): 健康管理模块 10 页面完整实现 ... Task 12 - 患者管理: - PatientList: 搜索+状态筛选+CRUD+行点击跳转详情 - PatientTagManage: 患者标签管理+批量打标 - PatientDetail: 3Tab详情页(基本信息/健康数据/随访记录)+编辑 Task 13 - 医护预约: - DoctorList: 科室筛选+CRUD+在线状态Badge - AppointmentList: 状态筛选+日期筛选+创建预约+状态流转 - DoctorSchedule: 医生选择+列表/日历视图+排班CRUD Task 14 - 随访咨询: - FollowUpTaskList: 任务CRUD+填写记录+分配医护 - FollowUpRecordList: 只读台账+日期范围筛选+导出 - ConsultationList: 会话列表+创建+关闭+行点击跳转 - ConsultationDetail: 聊天界面+消息分页+发送+图片预览 修正: consultations.ts Session类型补充 updated_at/version	2026-04-25 00:57:48 +08:00
iven	778ae79d84	feat(web): 健康模块 API 服务层 6 文件 47 端点 ... - patients.ts: 患者CRUD/标签/家庭/医护关联 14端点 - healthData.ts: 体征/化验/健康档案CRUD + 趋势 18端点 - appointments.ts: 预约CRUD + 排班管理 + 日历 8端点 - followUp.ts: 随访任务/记录CRUD 7端点 - consultations.ts: 咨询会话/消息CRUD + 导出 6端点 - doctors.ts: 医护CRUD 5端点	2026-04-25 00:37:59 +08:00
iven	40b37cc776	feat(plugin,freelance,itops,web): P5-P6 dashboard widgets 平台扩展 + 仪表盘声明 ... P5 平台扩展: - manifest.rs: Dashboard 变体新增 widgets 字段 - manifest.rs: 定义 PluginWidget/StatCard/ActionQuery 类型 - 前端: 扩展 DashboardWidget 类型支持 stat_cards/action_list/funnel/card_list - 前端: 新增 4 个 widget 渲染器 (StatCardsWidget/ActionListWidget/FunnelStageWidget/CardListWidget) - 前端: PluginDashboardPage widget 数据加载支持新类型 P6 仪表盘 widgets: - freelance: 工作台仪表盘 4 个 widgets (财务概览/紧急待办/商机漏斗/活跃项目) - itops: 新增运维概览仪表盘 2 个 widgets (运维概览/紧急待办)	2026-04-20 09:35:27 +08:00
iven	4bcb4beaa5	feat(plugin): P1-P4 审计修复 — 第一批 (Excel/CSV导出 + 市场API + 对账扫描) ... 1.1 Excel/CSV 导出: - 后端 export 支持 format 参数 (json/csv/xlsx) - rust_xlsxwriter 生成带样式 Excel - 前端导出按钮改为 Dropdown 格式选择 (JSON/CSV/Excel) - blob 下载支持 CSV/XLSX 二进制格式 1.2 市场后端 API + 前端对接: - SeaORM Entity: market_entry, market_review - API: 浏览/详情/一键安装/评论列表/提交评分 - 一键安装: upload → install → enable 一条龙 + 依赖检查 - 前端 PluginMarket 对接真实 API (搜索/分类/安装/评分) 1.3 对账扫描: - reconcile_references() 扫描跨插件引用悬空 UUID - POST /plugins/{plugin_id}/reconcile 端点	2026-04-19 14:32:06 +08:00
iven	120f3fe867	feat(plugin): P2-4 数据导入导出 — 后端 export/import API + 前端 UI + TS 修复 ... - data_service: export 方法查询匹配行(上限10000)，import 方法逐行校验+插入 - data_handler: export_plugin_data / import_plugin_data 处理函数 - module: 注册 GET /export + POST /import 路由 - pluginData.ts: exportPluginData / importPluginData API 函数 - PluginCRUDPage: 根据 entity importable/exportable 标志显示导出/导入按钮 - PluginMarket: 修复 TS 错误 (unused imports, type narrowing) - PluginSettingsForm: 修复 TS 错误 (Rule type, Divider orientation)	2026-04-19 13:28:12 +08:00
iven	e429448c42	feat(plugin): P2-P4 插件平台演进 — 通用服务 + 质量保障 + 市场 ... P2 平台通用服务: - manifest 扩展: settings/numbering/templates/trigger_events/importable/exportable 声明 - 插件配置 UI: PluginSettingsForm 自动表单 + 后端校验 + 详情抽屉 Settings 标签页 - 编号规则: Host API numbering-generate + PostgreSQL 序列 + manifest 绑定 - 触发事件: data_service create/update/delete 自动发布 DomainEvent - WIT 接口: 新增 numbering-generate/setting-get Host API P3 质量保障: - plugin_validator.rs: 安全扫描(WASM大小/实体数量/字段校验) + 复杂度评分 - 运行时监控指标: RuntimeMetrics (错误率/响应时间/Fuel/内存) - 性能基准: BenchmarkResult 阈值定义 - 上传时自动安全扫描 + /validate API 端点 P4 插件市场: - 数据库迁移: plugin_market_entries + plugin_market_reviews 表 - 前端 PluginMarket 页面: 分类浏览/搜索/详情/评分 - 路由注册: /plugins/market 测试: 269 全通过 (71 erp-plugin + 41 auth + 57 config + 34 core + 50 message + 16 workflow)	2026-04-19 12:16:24 +08:00
iven	0ee9d22634	fix(plugin): P1 跨插件引用修复 — DateTime generated column + resolve-labels UUID 类型 + EntitySelect manifest→UUID 映射 ... - manifest.rs: DateTime 类型 generated column 改为 TEXT 存储（PostgreSQL TIMESTAMPTZ cast 非 immutable） - data_handler.rs: resolve-labels 查询参数从 String 改为 UUID 类型避免类型不匹配 - data_dto.rs: PublicEntityResp 新增 plugin_id 字段 - EntitySelect.tsx: 跨插件查询先通过 registry 解析 manifest_id→plugin UUID - pluginData.ts: PublicEntity 接口增加 plugin_id - plugin_tests.rs: 适配 PluginField/PluginEntity 新增字段	2026-04-19 08:44:45 +08:00
iven	9e28d71295	feat(web,plugin): P1 跨插件引用 — 前端 Phase 4 ... - plugins.ts: PluginFieldSchema 新增 ref_plugin/ref_fallback_label, PluginEntitySchema 新增 is_public - pluginData.ts: 新增 resolveRefLabels/getPluginEntityRegistry API - EntitySelect: 支持 refPlugin 跨插件查询，目标不可用时降级为禁用 Input - PluginCRUDPage: 表格列解析引用标签（蓝色 Tag），entity_select 表单传 refPlugin/fallbackLabel	2026-04-19 00:54:34 +08:00
iven	5ba11f985f	fix(web,plugin): 前端审计修复 — 401 消除 + 统计卡片 crash + 销售漏斗 500 + antd 6 废弃 API ... - API client: proactive token refresh（请求前 30s 检查过期，提前刷新避免 401） - Plugin store: fetchPlugins promise 去重，防止 StrictMode 并发重复请求 - Home stats: 简化 useEffect 加载逻辑，修复 tagColor undefined crash - PluginGraphPage: valueStyle → styles.content, Spin tip → description（antd 6） - DashboardWidgets: trailColor → railColor（antd 6） - data_service: build_scope_sql 参数索引修复（硬编码 $100 → 动态 values.len()+1） - erp-core error: Internal 错误添加 tracing::error 日志输出	2026-04-18 20:31:49 +08:00
iven	9d18b7e079	feat(web): Q3 前端体验优化 — ErrorBoundary + 5 hooks + 共享类型 + i18n 基础 ... - ErrorBoundary 组件：全局错误捕获与优雅降级 - 提取 5 个自定义 hooks：useCountUp, useDarkMode, useDebouncedValue, usePaginatedData, useApiRequest - 从 11 个 API 文件提取 PaginatedResponse 共享类型到 api/types.ts - 统一 API 错误处理（api/errors.ts） - client.ts 迁移到 axios adapter 模式（替代废弃的 CancelToken） - 添加 react-i18next 国际化基础设施 + zh-CN 语言包	2026-04-17 19:40:58 +08:00
iven	5b2ae16ffb	feat(web): API 层扩展 — batch/patch/timeseries/kanban 类型 ... - PluginFieldSchema 新增 ref_entity/ref_label_field/ref_search_fields/cascade_from/cascade_filter - PluginPageSchema 新增 kanban 页面类型（lane_field/card_title_field 等） - PluginPageSchema dashboard 类型扩展 widgets 字段 - 新增 DashboardWidget 接口（stat_card/bar/pie/funnel/line 图表） - pluginData 新增 batchPluginData/patchPluginData/getPluginTimeseries 三个 API 函数	2026-04-17 10:55:24 +08:00
iven	ae62e2ecb2	feat(web): 完善插件前端页面 — 数据 API、筛选、视图切换和统计展示 ... - 新增 pluginData API 层：count/aggregate/stats 端点调用 - PluginCRUDPage 支持 visible_when 条件字段、筛选器下拉、视图切换 - PluginTabsPage 支持 tabs 布局和子实体 CRUD - PluginTreePage 实现树形数据加载和节点展开/收起 - PluginGraphPage 实现关系图谱可视化展示 - PluginDashboardPage 实现统计卡片和聚合数据展示 - PluginAdmin 状态显示优化 - plugin store 增强 schema 加载逻辑和菜单生成	2026-04-16 23:42:57 +08:00
iven	e68fe8c1b1	feat(web): 插件前端全面增强 — 搜索/筛选/排序/详情页/条件表单/timeline 视图 ... - pluginData API: 支持 filter/search/sort_by/sort_order 参数 - plugins API: 新增 PluginFieldSchema/PluginEntitySchema/PluginPageSchema 类型 - PluginCRUDPage: 添加搜索框、筛选栏、视图切换（表格/时间线） - PluginCRUDPage: 添加详情 Drawer（Descriptions + 嵌套 CRUD） - PluginCRUDPage: 支持 visible_when 条件表单字段动态显示/隐藏 - PluginCRUDPage: 支持 compact 模式用于 detail 页面内嵌	2026-04-16 12:35:24 +08:00
iven	ff352a4c24	feat(plugin): 集成 WASM 插件系统到主服务并修复链路问题 ... - 新增 erp-plugin crate：插件管理、WASM 运行时、动态表、数据 CRUD - 新增前端插件管理页面（PluginAdmin/PluginCRUDPage）和 API 层 - 新增插件数据迁移（plugins/plugin_entities/plugin_event_subscriptions） - 新增权限补充迁移（为已有租户补充 plugin.admin/plugin.list 权限） - 修复 PluginAdmin 页面 InstallOutlined 图标不存在的崩溃问题 - 修复 settings 唯一索引迁移顺序错误（先去重再建索引） - 更新 wiki 和 CLAUDE.md 反映插件系统集成状态 - 新增 dev.ps1 一键启动脚本	2026-04-15 23:32:02 +08:00
iven	7e8fabb095	feat(auth): add change password API and frontend page ... Backend: - Add ChangePasswordReq DTO with validation (current + new password) - Add AuthService::change_password() method with credential verification, password rehash, and token revocation - Add POST /api/v1/auth/change-password endpoint with utoipa annotation Frontend: - Add changePassword() API function in auth.ts - Add ChangePassword.tsx page with form validation and confirmation - Add "修改密码" tab in Settings page After password change, all refresh tokens are revoked and the user is redirected to the login page.	2026-04-15 01:32:18 +08:00
iven	9568dd7875	chore: apply cargo fmt across workspace and update docs ... - Run cargo fmt on all Rust crates for consistent formatting - Update CLAUDE.md with WASM plugin commands and dev.ps1 instructions - Update wiki: add WASM plugin architecture, rewrite dev environment docs - Minor frontend cleanup (unused imports)	2026-04-15 00:49:20 +08:00
iven	e16c1a85d7	feat(web): comprehensive frontend performance and UI/UX optimization ... Performance improvements: - Vite build: manual chunks, terser minification, optimizeDeps - API response caching with 5s TTL via axios interceptors - React.memo for SidebarMenuItem, useCallback for handlers - CSS classes replacing inline styles to reduce reflows UI/UX enhancements (inspired by SAP Fiori, Linear, Feishu): - Dashboard: trend indicators, sparkline charts, CountUp animation on stat cards - Dashboard: pending tasks section with priority labels - Dashboard: recent activity timeline - Design system tokens: trend colors, line-height, dark mode refinements - Enhanced quick actions with hover animations Accessibility (Lighthouse 100/100): - Skip-to-content link, ARIA landmarks, heading hierarchy - prefers-reduced-motion support, focus-visible states - Color contrast fixes: all text meets 4.5:1 ratio - Keyboard navigation for stat cards and task items SEO: meta theme-color, format-detection, robots.txt	2026-04-13 01:37:55 +08:00
iven	3b41e73f82	fix: resolve E2E audit findings and add Phase C frontend pages ... - Fix audit_log handler multi-tenant bug: use Extension<TenantContext> instead of hardcoded default_tenant_id - Fix sendMessage route mismatch: frontend /messages/send → /messages - Add POST /users/{id}/roles backend route for role assignment - Add task.completed event payload: started_by + instance_id for notification delivery - Add audit log viewer frontend page (AuditLogViewer.tsx) - Add language management frontend page (LanguageManager.tsx) - Add api/auditLogs.ts and api/languages.ts modules	2026-04-12 15:57:33 +08:00
iven	14f431efff	feat: systematic functional audit — fix 18 issues across Phase A/B ... Phase A (P1 production blockers): - A1: Apply IP rate limiting to public routes (login/refresh) - A2: Publish domain events for workflow instance state transitions (completed/suspended/resumed/terminated) via outbox pattern - A3: Replace hardcoded nil UUID default tenant with dynamic DB lookup - A4: Add GET /api/v1/audit-logs query endpoint with pagination - A5: Enhance CORS wildcard warning for production environments Phase B (P2 functional gaps): - B1: Remove dead erp-common crate (zero references in codebase) - B2: Refactor 5 settings pages to use typed API modules instead of direct client calls; create api/themes.ts; delete dead errors.ts - B3: Add resume/suspend buttons to InstanceMonitor page - B4: Remove unused EventHandler trait from erp-core - B5: Handle task.completed events in message module (send notifications) - B6: Wire TimeoutChecker as 60s background task - B7: Auto-skip ServiceTask nodes instead of crashing the process - B8: Remove empty register_routes() from ErpModule trait and modules	2026-04-12 15:22:28 +08:00
iven	82986e988d	docs: update progress to reflect Phase 1-6 completion ... - Update CLAUDE.md architecture snapshot: all phases complete - Update wiki/index.md: module descriptions and progress table - All 6 phases of ERP platform base are now implemented Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-11 12:51:17 +08:00
iven	3a05523d23	fix: address Phase 1-2 audit findings ... - CORS: replace permissive() with configurable whitelist (default.toml) - Auth store: synchronously restore state at creation to eliminate flash-of-login-page on refresh - MainLayout: menu highlight now tracks current route via useLocation - Add extractErrorMessage() utility to reduce repeated error parsing - Fix all clippy warnings across 4 crates (erp-auth, erp-config, erp-workflow, erp-message): remove unnecessary casts, use div_ceil, collapse nested ifs, reduce function arguments with DTOs	2026-04-11 12:36:34 +08:00
iven	5ceed71e62	feat(message): add message center module (Phase 5) ... Implement the complete message center with: - Database migrations for message_templates, messages, message_subscriptions tables - erp-message crate with entities, DTOs, services, handlers - Message CRUD, send, read/unread tracking, soft delete - Template management with variable interpolation - Subscription preferences with DND support - Frontend: messages page, notification panel, unread count badge - Server integration with module registration and routing Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-11 12:25:05 +08:00
iven	91ecaa3ed7	feat(workflow): add workflow engine module (Phase 4) ... Implement complete workflow engine with BPMN subset support: Backend (erp-workflow crate): - Token-driven execution engine with exclusive/parallel gateway support - BPMN parser with flow graph validation - Expression evaluator for conditional branching - Process definition CRUD with draft/publish lifecycle - Process instance management (start, suspend, terminate) - Task service (pending, complete, delegate) - PostgreSQL advisory locks for concurrent safety - 5 database tables: process_definitions, process_instances, tokens, tasks, process_variables - 13 API endpoints with RBAC protection - Timeout checker framework (placeholder) Frontend: - Workflow page with 4 tabs (definitions, pending, completed, monitor) - React Flow visual process designer (@xyflow/react) - Process viewer with active node highlighting - 3 API client modules for workflow endpoints - Sidebar menu integration	2026-04-11 09:54:02 +08:00
iven	0baaf5f7ee	feat(config): add system configuration module (Phase 3) ... Implement the complete erp-config crate with: - Data dictionaries (CRUD + items management) - Dynamic menus (tree structure with role filtering) - System settings (hierarchical: platform > tenant > org > user) - Numbering rules (concurrency-safe via PostgreSQL advisory_lock) - Theme and language configuration (via settings store) - 6 database migrations (dictionaries, menus, settings, numbering_rules) - Frontend Settings page with 5 tabs (dictionary, menu, numbering, settings, theme) Refactor: move RBAC functions (require_permission) from erp-auth to erp-core to avoid cross-module dependencies. Add 20 new seed permissions for config module operations.	2026-04-11 08:09:19 +08:00
iven	8a012f6c6a	feat(auth): add org/dept/position management, user page, and Phase 2 completion ... Complete Phase 2 identity & authentication module: - Organization CRUD with tree structure (parent_id + materialized path) - Department CRUD nested under organizations with tree support - Position CRUD nested under departments - User management page with table, create/edit modal, role assignment - Organization architecture page with 3-panel tree layout - Frontend API layer for orgs/depts/positions - Sidebar navigation updated with organization menu item - Fix parse_ttl edge case for strings ending in 'd' (e.g. "invalid")	2026-04-11 04:00:32 +08:00
iven	6fd0288e7c	feat(auth): add role/permission management (backend + frontend) ... - RoleService: CRUD, assign_permissions, get_role_permissions - PermissionService: list all tenant permissions - Role handlers: 8 endpoints with RBAC permission checks - Frontend Roles page: table, create/edit modal, permission assignment - Frontend Roles API: full CRUD + permission operations - Routes registered in AuthModule protected_routes	2026-04-11 03:46:54 +08:00
iven	4a03a639a6	feat(web): add login page, auth store, API client, and route guard ... - API client with axios interceptors: JWT attach + 401 auto-refresh - Auth store (Zustand): login/logout/loadFromStorage with localStorage - Login page: gradient background, Ant Design form, error handling - Home page: dashboard with statistics cards - App.tsx: PrivateRoute guard, /login route, auth state restoration - MainLayout: dynamic user display, logout dropdown, menu navigation - Users API service: CRUD with pagination support	2026-04-11 03:38:29 +08:00