iven/hms

Files

iven d623f8b2ff fix: V1 测试版本端到端验证修复 — 6 CRITICAL + 3 HIGH 问题全量修复

修复项:
- fix(db): 迁移 149 — 修复 Admin 角色权限绑定被迁移链破坏 (FE-C1)
- fix(health): 4 个 handler 添加空名称验证 — Doctor/Article/AlertRule/Tag (API-C1~C4)
- fix(health): Stats 仪表盘 new_this_week 查询修复 — SeaORM date_trunc bug (FE-C2)
- fix(server): 添加安全响应头 — X-Frame-Options/CSP/XSS-Protection/Referrer-Policy (SEC-H1)
- fix(mp): 预约创建契约修复 — notes/reason 字段映射 + 移除 schedule_id (MP-H1)
- fix(mp): 咨询会话 subject/last_message 字段改为可选 (MP-H3)
- fix(ai): AiConfig Default derive 替代手写 impl (clippy)

测试报告:
- 8 维度端到端测试全部完成 (后端 87 用例 / 前端 30 页面 / 小程序 80+ API / 安全 20 项 / 性能 20 端点)
- 多角色 7 角色 49 检查 100% 通过
- 综合测试报告 + 专家评估报告

2026-05-18 10:24:40 +08:00

19 KiB

Raw Blame History

E2E Web Frontend Test Report

Date: 2026-05-18 | Tester: Automated Browser QA | Environment: Windows 11, Chrome, localhost:5174

Summary

Metric	Value
Total Pages Tested	30
PASS	20
PASS_WITH_ISSUES	4
FAIL (403 Permission)	6
Console Errors	4 recurring patterns
Screenshots	24 captured

Overall Result: PASS_WITH_ISSUES

The HMS web frontend is functional for health module pages. System module pages have a permission configuration issue blocking admin access. Several pages show server errors on data load.

Test Case	Result	Notes
Valid credentials (admin/Admin@2026)	PASS	Redirected to dashboard within 2s
Session persistence (page refresh)	PASS	Session maintained after reload
Login page UI	PASS	Title, subtitle, feature tags visible; SaaS/Modular/Extensible/Event-driven badges
Skip to main content link	PASS	Present at `#root`

Test Case	Result	Notes
Sidebar menu completeness	PASS	All major sections visible: 7 top-level items
Breadcrumb/header title	PASS	Updates correctly on each page navigation
Menu expand/collapse	PASS	Health business, follow-up, points, content submenus expand correctly
Footer	PASS	"Test Copyright" displayed

B. Health Module Pages

B1. Dashboard / Home (工作台)

Test Case	Result	Notes
Page load	PASS	All widgets render
Service status cards	PASS	PostgreSQL, API, cron, storage, MQ, cache all show healthy
Statistics widgets	PASS	26 users, 8/8 modules, 7 operations today
Recent audit log	PASS	Shows last 6 login events
Module status list	PASS	8 modules all show "运行中"
User activity chart	PASS	Today/week/month active + role distribution
Quick links	PASS	8 system management shortcuts
Screenshot	`docs/qa/screenshots/01-dashboard-working.png`

B2. Patient List (患者管理)

Test Case	Result	Notes
Page load	PASS	81 records with pagination (20/page)
Table columns	PASS	Name, gender, age, blood type, status, created, actions
Search filter	PASS	Search box for patient name present
Status/gender filters	PASS	Dropdown filters available
Date range filter	PASS	Start/end date pickers
Pagination	PASS	Pages 1-5, page size selector
CRUD buttons	PASS	"新建患者" button, edit/delete per row
Console errors	WARN	`antd: Drawer width deprecated` warning; 502 errors on initial load (backend was down)
Screenshot	`docs/qa/screenshots/02-patient-list.png`

B3. Patient Detail (患者详情)

Test Case	Result	Notes
Page load (valid patient)	PASS	JointDebug-TestPatient loaded with full details
Header card	PASS	Avatar, name, status badges, risk level, score
Info fields	PASS	Gender, birth date, blood type, ID, source, created
Tab navigation	PASS	6 tabs: 基本信息, 家属管理, 健康数据, 随访记录, 积分账户, AI 建议
Quick jump buttons	PASS	预约记录, 咨询记录, 透析记录, 随访任务, AI 分析
Back button	PASS	"返回列表" works
Screenshot	`docs/qa/screenshots/03-patient-detail.png`

B4. Patient Tags (标签管理)

Test Case	Result	Notes
Page load	FAIL (403)	"权限不足" - admin user lacks `health.patient-tags.list` permission
Screenshot	`docs/qa/screenshots/04-patient-tags-403.png`	BUG: Permission not assigned to admin role

B5. Doctor List (医护管理)

Test Case	Result	Notes
Page load	PASS	15 records
Table columns	PASS	Name, department, title, specialty, license, user link, online status, created, actions
Filters	PASS	Name search, department/title/online-status dropdowns
CRUD buttons	PASS	"新建医护", edit/delete per row
Screenshot	`docs/qa/screenshots/05-doctor-list.png`

B6. Appointment List (预约管理)

Test Case	Result	Notes
Page load	PASS	18 records
Table columns	PASS	Patient, doctor, type, date, time slot, status, created, notes, actions
Status flow	PASS	Multiple statuses visible: 待确认, 已确认, 已完成, 已取消
Filters	PASS	Status, date range, patient search, type
Status change dropdown	PASS	Available for non-terminal statuses
"无可用操作"	PASS	Correctly shown for terminal statuses (已取消, 已完成)
Screenshot	`docs/qa/screenshots/06-appointment-list.png`

B7. Follow-up Tasks (随访管理)

Test Case	Result	Notes
Page load	PASS	36 records with pagination
Table columns	PASS	Patient, type, plan date, status, assignee, created, actions
Task statuses	PASS	逾期, 已完成 visible
CRUD buttons	PASS	"新建任务", "填写记录/分配/删除" per row
Filters	PASS	Status, date range, type, assignee
Screenshot	`docs/qa/screenshots/07-follow-up-tasks.png`

B8. Consultation List (咨询管理)

Test Case	Result	Notes
Page load	PASS	16 records
Table columns	PASS	Patient, doctor, type, status, unread counts, last message, created, actions
Statuses	PASS	进行中, 已关闭, 等待中
Close button	PASS	Available for active consultations
Export button	PASS	"导出" button present
Screenshot	`docs/qa/screenshots/08-consultation-list.png`

B9. Article List (内容管理)

Test Case	Result	Notes
Page load	PASS	Page renders with "No data" (empty)
Tab filters	PASS	全部, 草稿, 待审核, 已发布, 已拒绝
Search & category filter	PASS	Title search + category dropdown
CRUD button	PASS	"新建文章" present
Screenshot	`docs/qa/screenshots/09-article-list.png`

B10. Article Categories (文章分类)

Test Case	Result	Notes
Page load	PASS	Renders with "No data"
Table columns	PASS	Name, slug, parent, sort, description, actions
CRUD button	PASS	"新建分类" present
Screenshot	`docs/qa/screenshots/10-article-categories.png`

B11. Article Tags (文章标签)

Test Case	Result	Notes
Page load	PASS	3 records
Table columns	PASS	Name, slug, color, actions
CRUD buttons	PASS	Edit/delete per row
Screenshot	`docs/qa/screenshots/11-article-tags.png`

B12. Points Rules (积分规则)

Test Case	Result	Notes
Page load	PASS	9 rules displayed
Table columns	PASS	Name, event type, points, daily limit, 7/14/30 day bonuses, status, updated, actions
Enable/disable toggle	PASS	Switch control per rule
CRUD buttons	PASS	Edit/delete per row + "新建规则"
Filters	PASS	Type and status dropdowns
Screenshot	`docs/qa/screenshots/12-points-rules.png`

B13. Points Products (积分商品)

Test Case	Result	Notes
Page load	PASS	Renders with "No data"
Table columns	PASS	Name, type, points, stock, sort, status, updated, actions
CRUD button	PASS	"新建商品" present
Filters	PASS	Type and status dropdowns
Screenshot	`docs/qa/screenshots/13-points-products.png`

B14. Points Orders (积分订单)

Test Case	Result	Notes
Page load	PASS_WITH_ISSUES	Page renders but shows repeated error toasts
Table columns	PASS	Order#, patient, product, points, status, created, redeemed, redeemer, expiry, notes
Error toasts	BUG	4x "服务器异常" + "加载数据失败" toasts appear on load
Filters	PASS	Status dropdown + date range
Screenshot	`docs/qa/screenshots/14-points-orders.png`	BUG: Backend returns errors for orders list

B15. Alert List (告警列表)

Test Case	Result	Notes
Page load	PASS	Renders with "No data"
Table columns	PASS	Patient, rule, title, severity, status, trigger time, actions
Filters	PASS	Search, status, severity, date range
Screenshot	`docs/qa/screenshots/15-alert-list.png`

B16. Alert Rules (告警规则)

Test Case	Result	Notes
Page load	PASS	Renders with "No data"
Table columns	PASS	Rule name, metric type, condition, severity, enabled, cooldown, actions
CRUD button	PASS	"新建规则" present
Screenshot	`docs/qa/screenshots/16-alert-rules.png`

B17. Alert Dashboard (告警仪表盘)

Test Case	Result	Notes
Page load	PASS	5 alerts displayed
Summary widgets	PASS	Pending(1), Confirmed(1), Critical(2), Disconnected shown
Alert list	PASS	5 alerts with severity levels, patient names, timestamps
Alert detail panel	PASS	"点击左侧告警查看详情" placeholder
Screenshot	`docs/qa/screenshots/22-alert-dashboard.png`

B18. Statistics Dashboard (统计报表)

Test Case	Result	Notes
Page load	PASS_WITH_ISSUES	Widgets render but all show 0 values
Summary cards	PASS	Patient count, appointments, follow-up completion, vitals, doctors
Tab navigation	PASS	透析管理, 化验报告, 预约分析, 体征数据 tabs
Dialysis tab	PASS	Total records, monthly new, pending, complication rate, avg UF, avg duration
Data accuracy	BUG	All statistics show 0 despite 81 patients, 18 appointments, etc. in system
Screenshot	`docs/qa/screenshots/17-statistics.png`	BUG: Stats API returns zero for all metrics

B19. AI Analysis History (AI 分析历史)

Test Case	Result	Notes
Page load	PASS	Renders with "No data"
Table columns	PASS	Analysis type, patient, model, status, created
Type filter	PASS	Dropdown present
Screenshot	`docs/qa/screenshots/18-ai-analysis.png`

B20. Media Library (媒体库)

Test Case	Result	Notes
Page load	PASS_WITH_ISSUES	Page renders but backend errors on data load
Folder tree	PASS	"全部文件" root node present
Upload button	PASS	"上传文件" present
New folder button	PASS	"新建文件夹" present
Search & filter	PASS	Filename search + file type dropdown
Error toasts	BUG	2x "加载媒体列表失败" + 2x "加载文件夹失败"
Screenshot	`docs/qa/screenshots/19-media-library.png`	BUG: Backend returns errors for media/folder list

B21. Banners (轮播图管理)

Test Case	Result	Notes
Page load	PASS	Renders with "No data"
Table columns	PASS	Sort, image, title/subtitle, link, status, time range, updated, actions
CRUD button	PASS	"新建轮播图" present
Status filter	PASS	Dropdown present
Screenshot	`docs/qa/screenshots/20-banners.png`

B22. Devices (设备管理)

Test Case	Result	Notes
Page load	PASS	Renders with "No data"
Table columns	PASS	Device ID, model, type, status, connection, firmware, bind time, last sync
Filters	PASS	Patient search, device type, device status
Screenshot	Not captured (page functional, no issues)

B23. Follow-up Templates (随访模板管理)

Test Case	Result	Notes
Page load	PASS	Renders with "No data"
Table columns	PASS	Template name, follow-up method, status, field count, updated, actions
CRUD button	PASS	"新建模板" present
Screenshot	Not captured (page functional, no issues)

B24. Diagnosis Records (诊断记录)

Test Case	Result	Notes
Page load	FAIL (403)	"权限不足" - admin user lacks permission
Screenshot	Not captured	BUG: Permission not assigned

C. System Module Pages

C1. Users (用户管理) - FAIL (403)

C2. Roles (权限管理) - FAIL (403)

C3. Organizations (组织架构) - FAIL (403)

C4. Workflow (工作流) - FAIL (403)

C5. Messages (消息中心) - FAIL (403)

C6. Settings (系统设置) - FAIL (403)

C7. Plugins (插件管理) - FAIL (403)

All 7 system module pages return 403 "权限不足" for the admin user.

Screenshot: docs/qa/screenshots/21-users-403.png

BUG: Admin role missing system module permissions. The admin user should have access to all system management pages. This is likely a permission seed data issue -- the admin role may not have the auth.user.list, auth.role.list, auth.organization.list, workflow.process.list, message.notification.list, config.settings.list, plugin.plugin.list permission codes assigned.

D. Cross-cutting Concerns

D1. Theme Switching

Test Case	Result	Notes
Theme switcher open	PASS	4 themes visible in dropdown
Available themes	PASS	信任蓝, 温润东方, 深邃夜色, 翡翠清雅
Theme application	PASS	Theme applies immediately on click
Screenshot	`docs/qa/screenshots/23-theme-switcher.png`
Screenshot (applied)	`docs/qa/screenshots/24-theme-trust-blue.png`

D2. Console Errors (Recurring Patterns)

Error	Occurrence	Severity
`antd: Drawer width is deprecated. Please use size instead.`	Multiple pages	LOW - Deprecation warning
`502 Bad Gateway`	Intermittent	HIGH - Backend instability
`服务器异常，请稍后重试`	Points Orders, Media Library	HIGH - Backend API errors
`加载数据失败` / `加载媒体列表失败`	Media Library	HIGH - Backend API errors

D3. Permission Enforcement

Test Case	Result	Notes
403 page display	PASS	Clean "权限不足" UI with "返回首页" button
Unauthorized illustration	PASS	Professional illustration shown
Admin access to system pages	FAIL	Admin cannot access any system module page
Admin access to health pages	PARTIAL	Most health pages accessible, but patient-tags and diagnosis return 403

E. Issues Summary

Critical (Blocks core functionality)

#	Issue	Location	Impact
1	Admin user cannot access any system module page	All /system/* routes	Admin cannot manage users, roles, orgs, workflow, messages, settings, or plugins
2	Statistics dashboard shows all zeros	/health/statistics	Dashboard provides no useful data despite having 81 patients, 18 appointments, etc.

Serious (Major barriers)

#	Issue	Location	Impact
3	Media Library backend errors	/health/media-library	Cannot load files or folders; error toasts on every page visit
4	Points Orders backend errors	/health/points-orders	Repeated error toasts; cannot verify order data
5	Patient Tags page 403	/health/patient-tags	Admin cannot manage patient tags
6	Diagnosis Records page 403	/health/diagnosis	Admin cannot view diagnosis records

Moderate (Annoyances)

#	Issue	Location	Impact
7	Ant Design Drawer deprecation warning	Patient list	Console noise; should migrate to `size` prop
8	Backend intermittent 502 errors	Global	Backend process may crash/restart; causes temporary data load failures

F. Test Coverage Matrix

Module	Pages	PASS	PASS_WITH_ISSUES	FAIL(403)	Coverage
Dashboard	1	1	0	0	100%
Patient	3	2	0	1	67%
Doctor	1	1	0	0	100%
Appointment	1	1	0	0	100%
Follow-up	2	2	0	0	100%
Consultation	1	1	0	0	100%
Content	3	3	0	0	100%
Points	3	2	1	0	67%
Alert	3	3	0	0	100%
Statistics	1	0	1	0	50%
AI	1	1	0	0	100%
Media/Banner	2	1	1	0	50%
Devices	1	1	0	0	100%
System	7	0	0	7	0%
Total	30	20	4	6	67%

G. Recommendations

Immediate (Fix before any demo)

Fix admin role permissions -- Ensure admin role has ALL permission codes in seed data, including system module permissions (auth., workflow., message., config., plugin.*)
Fix patient-tags and diagnosis permissions -- Add health.patient-tags.list and health.diagnosis.list to admin role

Short-term (Fix within next sprint)

Fix statistics dashboard -- Backend stats API returns 0 for all metrics; check stats_handler query logic
Fix media library backend -- Investigate 500 errors on media file/folder list endpoints
Fix points orders backend -- Investigate repeated error responses on orders list endpoint
Fix Ant Design Drawer deprecation -- Replace width with size prop in Drawer components

Ongoing

Add backend health monitoring -- The 502 errors suggest the backend process crashes/restarts; add process monitoring
Add E2E test coverage for permission-gated pages -- Ensure all admin-accessible pages are tested with admin credentials

H. Screenshots Index

#	File	Page
01	`docs/qa/screenshots/01-dashboard-working.png`	Dashboard (working)
02	`docs/qa/screenshots/02-patient-list.png`	Patient List
03	`docs/qa/screenshots/03-patient-detail.png`	Patient Detail
04	`docs/qa/screenshots/04-patient-tags-403.png`	Patient Tags (403)
05	`docs/qa/screenshots/05-doctor-list.png`	Doctor List
06	`docs/qa/screenshots/06-appointment-list.png`	Appointment List
07	`docs/qa/screenshots/07-follow-up-tasks.png`	Follow-up Tasks
08	`docs/qa/screenshots/08-consultation-list.png`	Consultation List
09	`docs/qa/screenshots/09-article-list.png`	Article List
10	`docs/qa/screenshots/10-article-categories.png`	Article Categories
11	`docs/qa/screenshots/11-article-tags.png`	Article Tags
12	`docs/qa/screenshots/12-points-rules.png`	Points Rules
13	`docs/qa/screenshots/13-points-products.png`	Points Products
14	`docs/qa/screenshots/14-points-orders.png`	Points Orders (with errors)
15	`docs/qa/screenshots/15-alert-list.png`	Alert List
16	`docs/qa/screenshots/16-alert-rules.png`	Alert Rules
17	`docs/qa/screenshots/17-statistics.png`	Statistics Dashboard (all zeros)
18	`docs/qa/screenshots/18-ai-analysis.png`	AI Analysis History
19	`docs/qa/screenshots/19-media-library.png`	Media Library (with errors)
20	`docs/qa/screenshots/20-banners.png`	Banner Management
21	`docs/qa/screenshots/21-users-403.png`	Users (403)
22	`docs/qa/screenshots/22-alert-dashboard.png`	Alert Dashboard
23	`docs/qa/screenshots/23-theme-switcher.png`	Theme Switcher
24	`docs/qa/screenshots/24-theme-trust-blue.png`	Trust Blue Theme Applied

19 KiB Raw Blame History