6d5a711d2c
功能修复: 1. 患者创建空名称验证:后端添加 name.trim().is_empty() 检查 2. 仪表盘统计容错:单个查询失败返回零值而非 500 3. FHIR 路由修复:从 /fhir 移到 /api/v1/fhir 保持一致 4. 冻结模块后端中间件:新增 frozen_module_middleware 拦截冻结路径 5. 积分端点权限码:health.health-data.list → health.points.list 6. 角色权限迁移:护士补充 devices.list,运营补充 points.list/manage 7. 测试结果文档:R01-R05 角色测试 + T00/T10 结果归档 Clippy 全 workspace 清零(14→0 errors): - erp-core: 修复 empty doc line、collapsible if、redundant closure 等 9 处 - erp-health: 修复 too_many_arguments、unused var、unnecessary parens 等 58 处 - erp-ai: 修复 dead_code、unused import 等 11 处 - erp-plugin: 修复 too_many_arguments、wildcard pattern 等 11 处 - erp-server-migration: 修复 enum_variant_names 5 处 - erp-auth/config/workflow/message: 各 1-3 处 工程改进: - lint-staged 配置迁移到 .lintstagedrc.js(函数式避免文件列表传给 clippy) - cargo fmt 统一格式化
102 lines
3.0 KiB
Rust
102 lines
3.0 KiB
Rust
use erp_core::error::AppError;
|
|
|
|
/// Auth module error types
|
|
#[derive(Debug, thiserror::Error)]
|
|
pub enum AuthError {
|
|
#[error("用户名或密码错误")]
|
|
InvalidCredentials,
|
|
|
|
#[error("Token 已过期")]
|
|
TokenExpired,
|
|
|
|
#[error("Token 已被吊销")]
|
|
TokenRevoked,
|
|
|
|
#[error("用户已被{0}")]
|
|
UserDisabled(String),
|
|
|
|
#[error("密码哈希错误")]
|
|
HashError(String),
|
|
|
|
#[error("JWT 错误: {0}")]
|
|
JwtError(#[from] jsonwebtoken::errors::Error),
|
|
|
|
#[error("数据库错误: {0}")]
|
|
DbError(String),
|
|
|
|
#[error("{0}")]
|
|
Validation(String),
|
|
|
|
#[error("版本冲突: 数据已被其他操作修改,请刷新后重试")]
|
|
VersionMismatch,
|
|
}
|
|
|
|
impl From<AuthError> for AppError {
|
|
fn from(err: AuthError) -> Self {
|
|
match err {
|
|
AuthError::InvalidCredentials => AppError::Unauthorized,
|
|
AuthError::TokenExpired => AppError::Unauthorized,
|
|
AuthError::TokenRevoked => AppError::Unauthorized,
|
|
AuthError::UserDisabled(s) => AppError::Forbidden(s),
|
|
AuthError::Validation(s) => AppError::Validation(s),
|
|
AuthError::DbError(_) => AppError::Internal(err.to_string()),
|
|
AuthError::HashError(_) => AppError::Internal(err.to_string()),
|
|
AuthError::JwtError(_) => AppError::Unauthorized,
|
|
AuthError::VersionMismatch => AppError::VersionMismatch,
|
|
}
|
|
}
|
|
}
|
|
|
|
pub type AuthResult<T> = Result<T, AuthError>;
|
|
|
|
#[cfg(test)]
|
|
mod tests {
|
|
use super::*;
|
|
use erp_core::error::AppError;
|
|
|
|
#[test]
|
|
fn auth_error_invalid_credentials_maps_to_unauthorized() {
|
|
let app: AppError = AuthError::InvalidCredentials.into();
|
|
match app {
|
|
AppError::Unauthorized => {}
|
|
other => panic!("Expected Unauthorized, got {:?}", other),
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
fn auth_error_token_expired_maps_to_unauthorized() {
|
|
let app: AppError = AuthError::TokenExpired.into();
|
|
match app {
|
|
AppError::Unauthorized => {}
|
|
other => panic!("Expected Unauthorized, got {:?}", other),
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
fn auth_error_user_disabled_maps_to_forbidden() {
|
|
let app: AppError = AuthError::UserDisabled("已禁用".to_string()).into();
|
|
match app {
|
|
AppError::Forbidden(msg) => assert_eq!(msg, "已禁用"),
|
|
other => panic!("Expected Forbidden, got {:?}", other),
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
fn auth_error_hash_error_maps_to_internal() {
|
|
let app: AppError = AuthError::HashError("argon2 failed".to_string()).into();
|
|
match app {
|
|
AppError::Internal(_) => {}
|
|
other => panic!("Expected Internal, got {:?}", other),
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
fn auth_error_validation_maps_to_validation() {
|
|
let app: AppError = AuthError::Validation("用户名已存在".to_string()).into();
|
|
match app {
|
|
AppError::Validation(msg) => assert_eq!(msg, "用户名已存在"),
|
|
other => panic!("Expected Validation, got {:?}", other),
|
|
}
|
|
}
|
|
}
|