iven/hms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
317 Commits 2 Branches 0 Tags
f934ca0eaf8c8454277250f43f82e91ab1968fe0
Commit Graph

9 Commits

Author SHA1 Message Date
iven
f934ca0eaf perf(web): ConsultationList/FollowUpTaskList 移除 N+1 nameCache 
后端已内联 patient_name/doctor_name,前端移除逐条查询。
Session/FollowUpTask 接口添加 name 可选字段。
FollowUpTaskList 保留 assignee 的 getUser 查询(users 表未内联)。
 2026-04-27 09:47:37 +08:00
iven
5f83080ab8 feat(web): 告警管理前端页面 + 路由注册 + bugfix
Some checks failed
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details 
新增:
- AlertList 告警列表页: 状态筛选/确认/忽略操作
- AlertRuleList 告警规则页: 创建/编辑/启停管理
- alerts + deviceReadings 前端 API 层
- App.tsx 路由注册 + MainLayout 标题 fallback
- wiki/frontend.md 更新页面清单

修复:
- ArticleEditor: 修复 unused variable 构建错误
- FollowUpTaskList: 修复 filter(Boolean) 类型窄化问题
 2026-04-27 07:38:47 +08:00
iven
ac919731a9 fix: QA 全量测试发现 5 个 bug 修复
Some checks failed
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details 
- [P0] 登录失败无反馈: client.ts 响应拦截器跳过 /auth/login 的 401 处理,让错误传播到 Login 组件
- [P0] 统计仪表盘 400: 前端用独立 try/catch 替代 Promise.all 提高容错性;后端 stats_service 白名单补充 ultrafiltration_volume/dialysis_duration
- [P1] 随访负责人显示 UUID: 批量解析 assigned_to 用户名
- [P2] 消息中心时间未格式化: 添加 formatDateTime 函数
- [P2] 首页显示 login_failed: 过滤审计日志中的 login_failed 动作
 2026-04-26 23:48:22 +08:00
iven
83fe89cbcd fix: 全系统审计问题修复 — 安全/数据完整性/功能缺陷/UX (Phase 1-5)
Some checks failed
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details 
Phase 1 安全热修复:
- P0-1: /uploads 文件服务添加 JWT 认证中间件(支持 header + query param)
- P0-2: analytics/batch 路由从 public 移到 protected_routes
- P0-3: plugin engine SQL 注入修复(format! → 参数化查询)
- P0-new: stats_service compute_avg_field 字段白名单 + FLOAT8 类型转换

Phase 2 数据完整性:
- P0-4: 组织删除级联检查(添加部门存在性校验)
- P0-5: 部门删除级联检查(添加岗位 + 用户存在性校验)
- P0-8: workflow on_tenant_deleted 实现 5 实体批量删除
- P0-7: 并行网关 race condition 修复(consumed → completed 原子转换)

Phase 3 P1 后端 Bug:
- P1-12: plugin host 表名消毒(使用 sanitize_identifier)
- P1-10: workflow deprecated 状态转换(published → deprecated)
- P1-11: workflow 更新验证条件(nodes/edges 任一变化即验证)
- P0-9: 小程序 .gitignore 添加 .env/.env.*/日志
- P1-19: 小程序加密密钥替换为 64 字符强密钥

Phase 4 消息模块:
- P1-5: 通知偏好 GET 路由 + handler
- P1-4: 消息模板 update/delete CRUD + version
- P2-8: mark_all_read SQL 添加 version + 1
- P2-7: markAsRead 改为乐观更新 + 失败回滚

Phase 5 前端修复:
- P2-9: 通知面板点击导航到 /messages
- P2-1: 随访任务患者名批量 ID 解析(替代 UUID 显示)
- P2-5: AppointmentList 分离 patient_id/doctor_id 分别调用 API
- P2-17: PluginMarket installed 字段修正(name → id)
- P3-3: 路由标题 fallback 改为模式匹配(支持 :id 动态路径)
- P2-15: workflow updateDefinition 添加 version 字段
- P3-9: Kanban 版本使用记录实际 version
- P2-21: secure-storage 生产环境无密钥时阻止存储
- P3-11: destroyOnHidden → destroyOnClose
- P3-13: PendingTasks 深色模式 Tag 颜色适配

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-26 19:16:23 +08:00
iven
69313a177e feat(web): 健康模块 13 页面按钮级权限控制 — AuthButton 包装
Some checks failed
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details 
使用 AuthButton 声明式组件包装健康模块全部操作按钮:
- health.patient.manage: PatientList/PatientDetail/PatientTagManage
- health.appointment.manage: AppointmentList
- health.doctor.manage: DoctorList/DoctorSchedule
- health.follow-up.manage: FollowUpTaskList
- health.consultation.manage: ConsultationList/ConsultationDetail
- health.points.manage: OfflineEventList/PointsProductList/PointsOrderList/PointsRuleList
 2026-04-25 23:33:32 +08:00
iven
945ccd64ba fix: 全面 QA 审计修复 — 安全加固/代码质量/跨平台一致性/测试覆盖
Some checks failed
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details 
Phase 0 安全热修复 (CRITICAL):
- 外部化微信 appid/secret 到 ERP__WECHAT__APPID/SECRET 环境变量
- 正确连接 HealthCrypto 到 ERP__HEALTH__AES_KEY/HMAC_KEY 环境变量
- 外部化小程序加密密钥到 TARO_APP_ENCRYPTION_KEY 环境变量
- 移除小程序 auth store 中的敏感信息 console.log

Phase 1 安全加固:
- 微信自动注册 display_name 添加 sanitize 防止 XSS
- 测试数据库凭据改为从 TEST_DB_URL 环境变量读取

Phase 2 代码质量:
- 提取 useThemeMode hook 消除 22 处重复暗色模式检测
- 提取共享健康常量到 constants/health.ts
- 拆分 patient_service.rs 脱敏函数到 masking.rs
- 移除未使用的 i18next/react-i18next 依赖
- 移除未使用的 api/errors.ts 和 erp-auth/anyhow 依赖

Phase 3 测试覆盖:
- 新增 5 个患者模块集成测试 (CRUD/租户隔离/验证/软删除)

Phase 4 跨平台一致性:
- 统一小程序 Patient.birthday → birth_date 匹配后端
- 统一小程序 Appointment.time_slot → start_time/end_time 匹配后端

Phase 5 架构:
- 微信登录添加多租户 TODO 注释
- 更新 wiki/infrastructure.md 环境变量文档
 2026-04-25 10:00:49 +08:00
iven
07f4ba41ba fix(health): 穷尽审计修复 — 权限同步/编译错误/前端bug/审计日志
Some checks failed
CI / frontend-build (push) Has been cancelled
Details
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / security-audit (push) Has been cancelled
Details 
审计发现并修复的问题:

HIGH:
- H1: ConsultationDetail 使用 getSession(id) 替代错误的列表搜索
- H2: SessionResp 添加 version/updated_at 字段
- H3: 移除 FollowUpRecordList 调用不存在的导出端点
- H4: 新增 articles.ts 前端 API 模块

MEDIUM:
- M1: article delete 添加乐观锁 (expected_version)
- M2: 取消预约排班释放传播错误 (log::warn -> ?)
- M3: FollowUpTaskList 日期格式 Dayjs -> string
- M4: 补充 15 个缺失审计日志

LOW:
- L1: 替换 follow_up_service 中的 .unwrap()
- L2: PatientListItem 添加 version 字段

CRITICAL (新发现):
- 权限未同步: 健康模块 14 个权限从未写入数据库,添加启动时自动同步
- migration 表名错误: patients -> patient
- 编译错误: health_trend entity 未导入, ToPrimitive trait 未导入
- HealthError 缺少 From<AppError> 实现
 2026-04-25 08:58:58 +08:00
iven
0c21f13e72 feat(web): 健康管理模块 10 页面完整实现
Some checks failed
CI / security-audit (push) Has been cancelled
Details
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details 
Task 12 - 患者管理:
- PatientList: 搜索+状态筛选+CRUD+行点击跳转详情
- PatientTagManage: 患者标签管理+批量打标
- PatientDetail: 3Tab详情页(基本信息/健康数据/随访记录)+编辑

Task 13 - 医护预约:
- DoctorList: 科室筛选+CRUD+在线状态Badge
- AppointmentList: 状态筛选+日期筛选+创建预约+状态流转
- DoctorSchedule: 医生选择+列表/日历视图+排班CRUD

Task 14 - 随访咨询:
- FollowUpTaskList: 任务CRUD+填写记录+分配医护
- FollowUpRecordList: 只读台账+日期范围筛选+导出
- ConsultationList: 会话列表+创建+关闭+行点击跳转
- ConsultationDetail: 聊天界面+消息分页+发送+图片预览

修正: consultations.ts Session类型补充 updated_at/version
 2026-04-25 00:57:48 +08:00
iven
cdbf381060 feat(web): 路由和菜单集成 + 10 页面占位
Some checks failed
CI / security-audit (push) Has been cancelled
Details
CI / rust-check (push) Has been cancelled
Details
CI / rust-test (push) Has been cancelled
Details
CI / frontend-build (push) Has been cancelled
Details 
- App.tsx 添加 10 条 lazy 路由(患者/医护/预约/随访/咨询)
- MainLayout.tsx 添加健康管理菜单组(7 项菜单 + 10 条标题映射)
- 创建 10 个页面占位组件
 2026-04-25 00:42:12 +08:00