feat(admin): Add user management and upgrade to module permission system

Features - User Management (Phase 4.1): - Database: Add user_modules table for fine-grained module permissions - Database: Add 4 user permissions (view/create/edit/delete) to role_permissions - Backend: UserService (780 lines) - CRUD with tenant isolation - Backend: UserController + UserRoutes (648 lines) - 13 API endpoints - Backend: Batch import users from Excel - Frontend: UserListPage (412 lines) - list/filter/search/pagination - Frontend: UserFormPage (341 lines) - create/edit with module config - Frontend: UserDetailPage (393 lines) - details/tenant/module management - Frontend: 3 modal components (592 lines) - import/assign/configure - API: GET/POST/PUT/DELETE /api/admin/users/* endpoints Architecture Upgrade - Module Permission System: - Backend: Add getUserModules() method in auth.service - Backend: Login API returns modules array in user object - Frontend: AuthContext adds hasModule() method - Frontend: Navigation filters modules based on user.modules - Frontend: RouteGuard checks requiredModule instead of requiredVersion - Frontend: Remove deprecated version-based permission system - UX: Only show accessible modules in navigation (clean UI) - UX: Smart redirect after login (avoid 403 for regular users) Fixes: - Fix UTF-8 encoding corruption in ~100 docs files - Fix pageSize type conversion in userService (String to Number) - Fix authUser undefined error in TopNavigation - Fix login redirect logic with role-based access check - Update Git commit guidelines v1.2 with UTF-8 safety rules Database Changes: - CREATE TABLE user_modules (user_id, tenant_id, module_code, is_enabled) - ADD UNIQUE CONSTRAINT (user_id, tenant_id, module_code) - INSERT 4 permissions + role assignments - UPDATE PUBLIC tenant with 8 module subscriptions Technical: - Backend: 5 new files (~2400 lines) - Frontend: 10 new files (~2500 lines) - Docs: 1 development record + 2 status updates + 1 guideline update - Total: ~4900 lines of code Status: User management 100% complete, module permission system operational
2026-01-16 13:42:10 +08:00
parent 98d862dbd4
commit 66255368b7
560 changed files with 70424 additions and 52353 deletions
--- a/docs/02-通用能力层/01-LLM大模型网关/03-CloseAI集成指南.md
+++ b/docs/02-通用能力层/01-LLM大模型网关/03-CloseAI集成指南.md
@@ -1,25 +1,25 @@
 # CloseAI集成指南

-> **譁<EFBFBD>｡｣迚域悽<EFBFBD>?* v1.0  
-> **蛻帛ｻｺ譌･譛滂ｼ?* 2025-11-09  
+> **文档版本：** v1.0  
+> **创建日期：** 2025-11-09  
 > **用途：** 通过CloseAI代理平台访问OpenAI GPT-5和Claude-4.5  
-> **騾ら畑蝨ｺ譎ｯ<EFBFBD>?* AI譎ｺ閭ｽ譁<EFBDBD>鍵蜿梧ｨ｡蝙狗ｭ幃峨<E5B3A8>ｫ倩ｴｨ驥乗枚譛ｬ逕滓<E98095>
+> **适用场景：** AI智能文献双模型筛选、高质量文本生成

 ---

-## <EFBFBD>搭 CloseAI邂莉?
+## 📋 CloseAI简介

-### 莉荵域弍CloseAI<EFBFBD>?
+### 什么是CloseAI？

-CloseAI譏ｯ荳荳?*API莉｣逅<EFBDA3>ｹｳ蜿ｰ**<2A>御ｸｺ荳ｭ蝗ｽ逕ｨ謌ｷ謠蝉ｾ帷ｨｳ螳夂噪OpenAI蜥靴laude API隶ｿ髣ｮ譛榊苅縲?
+CloseAI是一个**API代理平台**，为中国用户提供稳定的OpenAI和Claude API访问服务。

-**譬ｸ蠢<EFBFBD>ｼ伜漢<EFBFBD>?*
- 笨?蝗ｽ蜀<EFBDBD>峩霑橸ｼ梧裏髴遘大ｭｦ荳顔ｽ<E9A194>
- 笨?荳荳ｪAPI Key蜷梧慮隹<EFBFBD>畑OpenAI蜥靴laude
- 笨?蜈ｼ螳ｹOpenAI SDK譬<EFBFBD>㊥謗･蜿｣
- 笨?謾ｯ謖∵怙譁ｰ讓｡蝙具ｼ<E585B7>PT-5縲，laude-4.5<EFBFBD>?
+**核心优势：**
+- ✅ 国内直连，无需科学上网
+- ✅ 一个API Key同时调用OpenAI和Claude
+- ✅ 兼容OpenAI SDK标准接口
+- ✅ 支持最新模型（GPT-5、Claude-4.5）

-**螳倡ｽ托ｼ?* https://platform.openai-proxy.org
+**官网：** https://platform.openai-proxy.org

 ---

@@ -38,15 +38,15 @@ CLOSEAI_OPENAI_BASE_URL=https://api.openai-proxy.org/v1
 CLOSEAI_CLAUDE_BASE_URL=https://api.openai-proxy.org/anthropic
 ```

-### 謾ｯ謖∫噪讓｡蝙?
+### 支持的模型

 | 模型 | Model ID | 说明 | 适用场景 |
 |------|---------|------|---------|
-| **GPT-5-Pro** | `gpt-5-pro` | 譛譁ｰGPT-5 箝?| 譁<>鍵邊ｾ蜃<EFBDBE>ｭ幃峨∝､肴揩謗ｨ逅?|
-| GPT-4-Turbo | `gpt-4-turbo-preview` | GPT-4鬮俶ｧ閭ｽ迚?| 雍ｨ驥剰ｦ∵ｱるｫ倡噪莉ｻ蜉｡ |
-| GPT-3.5-Turbo | `gpt-3.5-turbo` | 蠢ｫ騾溽ｻ乗ｵ守沿 | 邂蜊穂ｻｻ蜉｡縲∵<E7B8B2>譛ｬ莨伜<E88EA8>?|
-| **Claude-4.5-Sonnet** | `claude-sonnet-4-5-20250929` | 譛譁ｰClaude 箝?| 隨ｬ荳画婿莉ｲ陬√∫ｻ捺桷蛹冶ｾ灘<EFBDBE> |
-| Claude-3.5-Sonnet | `claude-3-5-sonnet-20241022` | Claude-3.5遞ｳ螳夂<EFBFBD>?| 鬮倩ｴｨ驥乗枚譛ｬ逕滓<E98095>?|
+| **GPT-5-Pro** | `gpt-5-pro` | 最新GPT-5 ⭐ | 文献精准筛选、复杂推理 |
+| GPT-4-Turbo | `gpt-4-turbo-preview` | GPT-4高性能版 | 质量要求高的任务 |
+| GPT-3.5-Turbo | `gpt-3.5-turbo` | 快速经济版 | 简单任务、成本优化 |
+| **Claude-4.5-Sonnet** | `claude-sonnet-4-5-20250929` | 最新Claude ⭐ | 第三方仲裁、结构化输出 |
+| Claude-3.5-Sonnet | `claude-3-5-sonnet-20241022` | Claude-3.5稳定版 | 高质量文本生成 |

 ---

@@ -58,9 +58,9 @@ CLOSEAI_CLAUDE_BASE_URL=https://api.openai-proxy.org/anthropic
 npm install openai
 ```

-### 2. 蛻帛ｻｺLLM譛榊苅邀?
+### 2. 创建LLM服务类

-**譁<EFBFBD>ｻｶ菴咲ｽｮ<EFBFBD>?* `backend/src/common/llm/closeai.service.ts`
+**文件位置：** `backend/src/common/llm/closeai.service.ts`

 ```typescript
 import OpenAI from 'openai';
@@ -71,13 +71,13 @@ export class CloseAIService {
  private claudeClient: OpenAI;

  constructor() {
-    // OpenAI螳｢謌ｷ遶ｯ<EFBFBD>磯夊ｿ④loseAI<EFBFBD>?
+    // OpenAI客户端（通过CloseAI）
    this.openaiClient = new OpenAI({
      apiKey: config.closeaiApiKey,
      baseURL: config.closeaiOpenaiBaseUrl,
    });

-    // Claude螳｢謌ｷ遶ｯ<EFBFBD>磯夊ｿ④loseAI<EFBFBD>?
+    // Claude客户端（通过CloseAI）
    this.claudeClient = new OpenAI({
      apiKey: config.closeaiApiKey,
      baseURL: config.closeaiClaudeBaseUrl,
@@ -135,7 +135,7 @@ export class CloseAIService {
  }

  /**
-   * 豬∝ｼ丞桃蠎費ｼ<EFBFBD>PT-5<EFBFBD>?
+   * 流式响应（GPT-5）
   */
  async *streamGPT5(prompt: string, systemPrompt?: string) {
    const messages: any[] = [];
@@ -165,7 +165,7 @@ export class CloseAIService {

 ### 3. 统一LLM服务（含4个模型）

-**譁<EFBFBD>ｻｶ菴咲ｽｮ<EFBFBD>?* `backend/src/common/llm/llm.service.ts`
+**文件位置：** `backend/src/common/llm/llm.service.ts`

 ```typescript
 import OpenAI from 'openai';
@@ -258,7 +258,7 @@ export class UnifiedLLMService {

 ### 场景1：双模型对比筛选（推荐）⭐

-**遲也払<EFBFBD>?* DeepSeek<EFBFBD>亥ｿｫ騾溷<EFBFBD>遲幢ｼ<EFBFBD> + GPT-5<>郁ｴｨ驥丞､肴<EFBDA4>ｸ<EFBFBD><EFBDB8>
+**策略：** DeepSeek（快速初筛） + GPT-5（质量复核）

 ```typescript
 export class LiteratureScreeningService {
@@ -269,23 +269,23 @@ export class LiteratureScreeningService {
  }

  /**
-   * 蜿梧ｨ｡蝙区枚迪ｮ遲幃?
+   * 双模型文献筛选
   */
  async screenLiterature(title: string, abstract: string, picoConfig: any) {
    const prompt = `
 请根据以下PICO标准，判断这篇文献是否应该纳入：

-**PICO譬<EFBFBD>㊥<EFBFBD>?*
+**PICO标准：**
 - Population: ${picoConfig.population}
 - Intervention: ${picoConfig.intervention}
 - Comparison: ${picoConfig.comparison}
 - Outcome: ${picoConfig.outcome}

-**譁<EFBFBD>鍵菫｡諱ｯ<EFBFBD>?*
-譬<EFBFBD>｢假ｼ?{title}
-鞫倩ｦ<EFBFBD>ｼ?{abstract}
+**文献信息：**
+标题：${title}
+摘要：${abstract}

-隸ｷ霎灘<EFBFBD>JSON譬ｼ蠑擾ｼ?
+请输出JSON格式：
 {
  "decision": "include/exclude/uncertain",
  "reason": "判断理由",
@@ -325,11 +325,11 @@ export class LiteratureScreeningService {

 ### 场景2：三模型共识仲裁

-**遲也払<EFBFBD>?* 蠖謎ｸ､荳ｪ讓｡蝙句<E89D99>遯∵慮<E288B5>悟星逕ｨClaude菴應ｸｺ隨ｬ荳画婿莉ｲ陬?
+**策略：** 当两个模型冲突时，启用Claude作为第三方仲裁

 ```typescript
 async screenWithArbitration(title: string, abstract: string, picoConfig: any) {
-  // 隨ｬ荳霓ｮ<EFBFBD>壼曙讓｡蝙狗ｭ幃?
+  // 第一轮：双模型筛选
  const initialScreen = await this.screenLiterature(title, abstract, picoConfig);

  // 如果一致，直接返回
@@ -343,7 +343,7 @@ async screenWithArbitration(title: string, abstract: string, picoConfig: any) {
  const claudeResult = await this.llm.chat('claude', prompt);
  const claudeDecision = JSON.parse(claudeResult.content);

-  // 荳画ｨ｡蝙区兜逾?
+  // 三模型投票
  const decisions = [
    initialScreen.models[0].decision,
    initialScreen.models[1].decision,
@@ -356,7 +356,7 @@ async screenWithArbitration(title: string, abstract: string, picoConfig: any) {
    uncertain: decisions.filter(d => d === 'uncertain').length,
  };

-  // 螟壽焚蜀?
+  // 多数决
  const finalDecision = Object.keys(voteCount).reduce((a, b) => 
    voteCount[a] > voteCount[b] ? a : b
  );
@@ -370,13 +370,13 @@ async screenWithArbitration(title: string, abstract: string, picoConfig: any) {
 }
 ```

-### 蝨ｺ譎ｯ3<EFBFBD>壽<EFBFBD>譛ｬ莨伜喧遲也<EFBFBD>?
+### 场景3：成本优化策略

-**遲也払<EFBFBD>?* 蜿ｪ蟇ｹ荳咲｡ｮ螳夂噪扈捺棡菴ｿ逕ｨGPT-5螟肴<EFBFBD>ｸ
+**策略：** 只对不确定的结果使用GPT-5复核

 ```typescript
 async screenWithCostOptimization(title: string, abstract: string, picoConfig: any) {
-  // 隨ｬ荳霓ｮ<EFBFBD>夂畑DeepSeek蠢ｫ騾溷<EFBFBD>遲幢ｼ井ｾｿ螳懶ｼ?
+  // 第一轮：用DeepSeek快速初筛（便宜）
  const quickScreen = await this.llm.chat('deepseek', prompt);
  const quickDecision = JSON.parse(quickScreen.content);

@@ -405,39 +405,39 @@ async screenWithCostOptimization(title: string, abstract: string, picoConfig: an

 ---

-## <EFBFBD>投 諤ｧ閭ｽ蜥梧<E89CA5>譛ｬ蟇ｹ豈?
+## 📊 性能和成本对比

 ### 模型性能对比

 | 指标 | DeepSeek-V3 | GPT-5-Pro | Claude-4.5 | Qwen-Max |
 |------|------------|-----------|-----------|----------|
-| **蜃<EFBFBD>｡ｮ邇?* | 85% | **95%** 箝?| 93% | 82% |
-| **騾溷ｺｦ** | **蠢?* 箝?| 荳ｭ遲<EFBDAD> | 荳ｭ遲<EFBDAD> | 蠢?|
-| **謌先悽** | **ﾂ･0.001/1K** 箝?| ﾂ･0.10/1K | ﾂ･0.021/1K | ﾂ･0.004/1K |
-| **荳ｭ譁<EFBFBD>炊隗｣** | **莨倡ｧ** 箝?| 莨倡ｧ | 濶ｯ螂ｽ | 莨倡ｧ |
-| **扈捺桷蛹冶ｾ灘<EFBFBD>?* | 濶ｯ螂ｽ | 莨倡ｧ | **莨倡ｧ** 箝?| 濶ｯ螂ｽ |
+| **准确率** | 85% | **95%** ⭐ | 93% | 82% |
+| **速度** | **快** ⭐ | 中等 | 中等 | 快 |
+| **成本** | **¥0.001/1K** ⭐ | ¥0.10/1K | ¥0.021/1K | ¥0.004/1K |
+| **中文理解** | **优秀** ⭐ | 优秀 | 良好 | 优秀 |
+| **结构化输出** | 良好 | 优秀 | **优秀** ⭐ | 良好 |

-### 遲幃?000遽<30>枚迪ｮ逧<EFBDAE><E980A7>譛ｬ莨ｰ邂<EFBDB0>
+### 筛选1000篇文献的成本估算

 **策略A：只用DeepSeek**
- 謌先悽<EFBFBD>堋?0-30
+- 成本：¥20-30
 - 准确率：85%
- 騾ら畑<EFBFBD>夐｢<EFBFBD>ｮ玲怏髯撰ｼ悟庄謗･蜿嶺ｸ螳夊ｯｯ蟾?
+- 适用：预算有限，可接受一定误差

-**遲也払B<EFBFBD>咼eepSeek + GPT-5 蜿梧ｨ｡蝙?*
- 謌先悽<EFBFBD>堋?50-200
+**策略B：DeepSeek + GPT-5 双模型**
+- 成本：¥150-200
 - 准确率：92%
- 騾ら畑<EFBFBD>夊ｴｨ驥剰ｦ∵ｱるｫ假ｼ碁｢<EFBFBD>ｮ怜<EFBFBD>雜?箝?謗ｨ闕<EFBDA8>
+- 适用：质量要求高，预算充足 ⭐ 推荐

-**遲也払C<EFBFBD>壻ｸ画ｨ｡蝙句<EFBFBD>隸<EFBFBD>ｼ?0%蜀ｲ遯∝星逕ｨClaude<64>?*
- 謌先悽<EFBFBD>堋?80-220
+**策略C：三模型共识（20%冲突启用Claude）**
+- 成本：¥180-220
 - 准确率：95%
- 騾ら畑<EFBFBD>壽怙鬮倩ｴｨ驥剰ｦ∵ｱ?
+- 适用：最高质量要求

-**遲也払D<EFBFBD>壽<EFBFBD>譛ｬ莨伜喧<EFBFBD><EFBFBD>80%逕ｨDeepSeek<EFBFBD>?0%逕ｨGPT-5<>?*
- 謌先悽<EFBFBD>堋?0-80
+**策略D：成本优化（80%用DeepSeek，20%用GPT-5）**
+- 成本：¥50-80
 - 准确率：90%
- 騾ら畑<EFBFBD>夊ｴｨ驥丞柱謌先悽蟷ｳ陦｡ 箝?諤ｧ莉ｷ豈疲怙鬮?
+- 适用：质量和成本平衡 ⭐ 性价比最高

 ---

@@ -446,12 +446,12 @@ async screenWithCostOptimization(title: string, abstract: string, picoConfig: an
 ### 1. API Key安全

 ```typescript
-// 笶?髞呵ｯｯ<EFBDAF>夂｡ｬ郛也<E9839B>、PI Key
+// ❌ 错误：硬编码API Key
 const client = new OpenAI({
  apiKey: 'sk-cu0iepbXYGGx2jc7BqP6ogtSWmP6fk918qV3RUdtGC3Edlpo',
 });

-// 笨?豁｣遑ｮ<E98191>壻ｻ守識蠅<E8AD98>序驥剰ｯｻ蜿<EFBDBB>
+// ✅ 正确：从环境变量读取
 const client = new OpenAI({
  apiKey: process.env.CLOSEAI_API_KEY,
 });
@@ -465,15 +465,15 @@ async chat(provider: LLMProvider, prompt: string) {
    const response = await this.llm.chat(provider, prompt);
    return response;
  } catch (error) {
-    // CloseAI蜿ｯ閭ｽ霑泌屓逧<EFBFBD>漠隸?
+    // CloseAI可能返回的错误
    if (error.status === 429) {
      // 速率限制
      console.error('API调用速率超限，请稍后重试');
    } else if (error.status === 401) {
      // 认证失败
-      console.error('API Key譌<EFBFBD>謨茨ｼ瑚ｯｷ譽譟･驟咲ｽ?);
+      console.error('API Key无效，请检查配置');
    } else if (error.status === 500) {
-      // 譛榊苅遶ｯ髞呵ｯ?
+      // 服务端错误
      console.error('CloseAI服务异常，请稍后重试');
    }
    throw error;
@@ -491,7 +491,7 @@ async chatWithRetry(provider: LLMProvider, prompt: string, maxRetries = 3) {
    } catch (error) {
      if (i === maxRetries - 1) throw error;
      
-      // 謖<EFBFBD>焚騾驕?
+      // 指数退避
      const delay = Math.pow(2, i) * 1000;
      await new Promise(resolve => setTimeout(resolve, delay));
    }
@@ -509,9 +509,9 @@ async chatWithRetry(provider: LLMProvider, prompt: string, maxRetries = 3) {

 ---

-**譖ｴ譁ｰ譌･蠢暦ｼ?*
+**更新日志：**
 - 2025-11-09: 创建文档，添加CloseAI集成指南
- 謾ｯ謖；PT-5-Pro蜥靴laude-4.5-Sonnet譛譁ｰ讓｡蝙?
+- 支持GPT-5-Pro和Claude-4.5-Sonnet最新模型