iven/hms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
281c71ebfc34c59edcbfdb65ff421b67ebfe008f
hms/crates/erp-health/src/dto/medication_reminder_dto.rs
iven 931edc3025 fix(security): 补全 XSS sanitize + 修复 sender_id 身份伪造 
安全审计修复:
- 补全 6 个 DTO 的 sanitize 方法(diagnosis/consent/alert/medication_record/medication_reminder/follow_up_template)
- 4 个 handler 添加 .sanitize() 调用(diagnosis/consent/alert_rule/medication_record)
- 修复咨询消息 sender_id/sender_role 从客户端提交改为服务端从 JWT 提取
- 修复小程序 AI 报告 markdownToHtml XSS(添加 sanitizeHtml 过滤)
2026-04-30 10:21:52 +08:00

70 lines
2.2 KiB
Rust
Raw Blame History

use erp_core::sanitize::{sanitize_option, sanitize_string};
use serde::{Deserialize, Serialize};
use utoipa::ToSchema;
#[derive(Debug, Deserialize, ToSchema)]
pub struct CreateMedicationReminderReq {
pub patient_id: uuid::Uuid,
pub medication_name: String,
pub dosage: Option<String>,
pub frequency: Option<String>,
/// JSON 数组,如 ["08:00", "20:00"]
pub reminder_times: serde_json::Value,
pub start_date: Option<chrono::NaiveDate>,
pub end_date: Option<chrono::NaiveDate>,
#[serde(default = "default_true")]
pub is_active: Option<bool>,
pub notes: Option<String>,
}
#[derive(Debug, Deserialize, ToSchema)]
pub struct UpdateMedicationReminderReq {
pub medication_name: Option<String>,
pub dosage: Option<String>,
pub frequency: Option<String>,
pub reminder_times: Option<serde_json::Value>,
pub start_date: Option<chrono::NaiveDate>,
pub end_date: Option<chrono::NaiveDate>,
pub is_active: Option<bool>,
pub notes: Option<String>,
}
#[derive(Debug, Serialize, ToSchema)]
pub struct MedicationReminderResp {
pub id: uuid::Uuid,
pub patient_id: uuid::Uuid,
pub medication_name: String,
pub dosage: Option<String>,
pub frequency: Option<String>,
pub reminder_times: serde_json::Value,
pub start_date: Option<chrono::NaiveDate>,
pub end_date: Option<chrono::NaiveDate>,
pub is_active: bool,
pub notes: Option<String>,
pub created_at: chrono::DateTime<chrono::Utc>,
pub updated_at: chrono::DateTime<chrono::Utc>,
pub version: i32,
}
impl CreateMedicationReminderReq {
pub fn sanitize(&mut self) {
self.medication_name = sanitize_string(&self.medication_name);
self.dosage = sanitize_option(self.dosage.take());
self.frequency = sanitize_option(self.frequency.take());
self.notes = sanitize_option(self.notes.take());
}
}
impl UpdateMedicationReminderReq {
pub fn sanitize(&mut self) {
self.medication_name = sanitize_option(self.medication_name.take());
self.dosage = sanitize_option(self.dosage.take());
self.frequency = sanitize_option(self.frequency.take());
self.notes = sanitize_option(self.notes.take());
}
}
fn default_true() -> Option<bool> {
Some(true)
}
Reference in New Issue View Git Blame Copy Permalink