feat(diary): 数据层 + 班级系统 (Phase F1 + B3)

Flutter 数据层 (Phase F1): - journal_entry.dart: 日记数据模型 (Mood/Weather/tags/version) - journal_element.dart: 元素模型 (text/image/sticker/handwriting_ref/tape) - school_class.dart: 班级模型 - user_settings.dart: 用户设置 (主题/画笔/字号) - isar_database.dart: Isar 初始化 - api_client.dart: Dio + JWT注入 + 离线感知 + 401处理 - journal_repository.dart: 抽象接口 + InMemory实现 (乐观锁) - sync_engine.dart: WiFi同步 + 操作队列 + 重试(5次) + 快照持久化 Rust 班级系统 (Phase B3): - class_service.rs: 创建班级(6位码) + 加入班级 + 成员管理 - topic_service.rs: 老师布置主题 + 主题列表 - comment_service.rs: 老师点评 + 评语列表 - class_handler.rs: 5个API端点 + 权限守卫 - topic_handler.rs: 2个API端点 - comment_handler.rs: 2个API端点 - dto.rs: 新增5个DTO (ClassMemberResp/CreateTopicReq/TopicResp/CreateCommentReq/CommentResp) - 6条新路由注册验证: cargo check 通过, 433测试全绿, flutter analyze 1 warning
2026-06-01 00:55:51 +08:00
parent d0653614e0
commit 5e6c6fdd62
18 changed files with 2205 additions and 1 deletions
--- a/crates/erp-diary/src/handler/comment_handler.rs
+++ b/crates/erp-diary/src/handler/comment_handler.rs
@@ -0,0 +1,90 @@
+// 评语 API 处理器 — 老师点评学生日记
+
+use axum::extract::{Extension, FromRef, Path, State};
+use axum::response::Json;
+use uuid::Uuid;
+
+use erp_core::error::AppError;
+use erp_core::rbac::require_permission;
+use erp_core::types::{ApiResponse, TenantContext};
+
+use crate::dto::{CommentResp, CreateCommentReq};
+use crate::service::comment_service::CommentService;
+use crate::state::DiaryState;
+
+#[utoipa::path(
+    post,
+    path = "/api/v1/diary/journals/{journal_id}/comments",
+    params(("journal_id" = Uuid, Path, description = "日记ID")),
+    request_body = CreateCommentReq,
+    responses(
+        (status = 200, description = "点评成功", body = ApiResponse<CommentResp>),
+        (status = 400, description = "验证失败或内容安全检查未通过"),
+        (status = 401, description = "未授权"),
+        (status = 403, description = "权限不足"),
+        (status = 404, description = "日记不存在"),
+    ),
+    security(("bearer_auth" = [])),
+    tag = "评语管理"
+)]
+/// POST /api/v1/diary/journals/:journal_id/comments
+///
+/// 老师点评日记。需要 `diary.comment.write` 权限。
+pub async fn create_comment<S>(
+    State(state): State<DiaryState>,
+    Extension(ctx): Extension<TenantContext>,
+    Path(journal_id): Path<Uuid>,
+    Json(req): Json<CreateCommentReq>,
+) -> Result<Json<ApiResponse<CommentResp>>, AppError>
+where
+    DiaryState: FromRef<S>,
+    S: Clone + Send + Sync + 'static,
+{
+    require_permission(&ctx, "diary.comment.write")?;
+
+    if req.content.trim().is_empty() {
+        return Err(AppError::Validation("评语内容不能为空".to_string()));
+    }
+
+    let resp = CommentService::create_comment(
+        ctx.tenant_id,
+        ctx.user_id,
+        journal_id,
+        req.content,
+        &state.db,
+        &state.event_bus,
+    )
+    .await?;
+
+    Ok(Json(ApiResponse::ok(resp)))
+}
+
+#[utoipa::path(
+    get,
+    path = "/api/v1/diary/journals/{journal_id}/comments",
+    params(("journal_id" = Uuid, Path, description = "日记ID")),
+    responses(
+        (status = 200, description = "成功", body = ApiResponse<Vec<CommentResp>>),
+        (status = 401, description = "未授权"),
+        (status = 403, description = "权限不足"),
+    ),
+    security(("bearer_auth" = [])),
+    tag = "评语管理"
+)]
+/// GET /api/v1/diary/journals/:journal_id/comments
+///
+/// 获取日记评语列表。需要 `diary.journal.read` 权限。
+pub async fn list_comments<S>(
+    State(state): State<DiaryState>,
+    Extension(ctx): Extension<TenantContext>,
+    Path(journal_id): Path<Uuid>,
+) -> Result<Json<ApiResponse<Vec<CommentResp>>>, AppError>
+where
+    DiaryState: FromRef<S>,
+    S: Clone + Send + Sync + 'static,
+{
+    require_permission(&ctx, "diary.journal.read")?;
+
+    let resp = CommentService::list_comments(ctx.tenant_id, journal_id, &state.db).await?;
+    Ok(Json(ApiResponse::ok(resp)))
+}