Develop/AIclinicalresearch
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(admin): Add user management and upgrade to module permission system

Browse Source 
Features - User Management (Phase 4.1):
- Database: Add user_modules table for fine-grained module permissions
- Database: Add 4 user permissions (view/create/edit/delete) to role_permissions
- Backend: UserService (780 lines) - CRUD with tenant isolation
- Backend: UserController + UserRoutes (648 lines) - 13 API endpoints
- Backend: Batch import users from Excel
- Frontend: UserListPage (412 lines) - list/filter/search/pagination
- Frontend: UserFormPage (341 lines) - create/edit with module config
- Frontend: UserDetailPage (393 lines) - details/tenant/module management
- Frontend: 3 modal components (592 lines) - import/assign/configure
- API: GET/POST/PUT/DELETE /api/admin/users/* endpoints

Architecture Upgrade - Module Permission System:
- Backend: Add getUserModules() method in auth.service
- Backend: Login API returns modules array in user object
- Frontend: AuthContext adds hasModule() method
- Frontend: Navigation filters modules based on user.modules
- Frontend: RouteGuard checks requiredModule instead of requiredVersion
- Frontend: Remove deprecated version-based permission system
- UX: Only show accessible modules in navigation (clean UI)
- UX: Smart redirect after login (avoid 403 for regular users)

Fixes:
- Fix UTF-8 encoding corruption in ~100 docs files
- Fix pageSize type conversion in userService (String to Number)
- Fix authUser undefined error in TopNavigation
- Fix login redirect logic with role-based access check
- Update Git commit guidelines v1.2 with UTF-8 safety rules

Database Changes:
- CREATE TABLE user_modules (user_id, tenant_id, module_code, is_enabled)
- ADD UNIQUE CONSTRAINT (user_id, tenant_id, module_code)
- INSERT 4 permissions + role assignments
- UPDATE PUBLIC tenant with 8 module subscriptions

Technical:
- Backend: 5 new files (~2400 lines)
- Frontend: 10 new files (~2500 lines)
- Docs: 1 development record + 2 status updates + 1 guideline update
- Total: ~4900 lines of code

Status: User management 100% complete, module permission system operational
This commit is contained in:
HaHafeng
2026-01-16 13:42:10 +08:00
parent 98d862dbd4
commit 66255368b7
560 changed files with 70424 additions and 52353 deletions
Download Patch File Download Diff File Expand all files Collapse all files

177
docs/03-业务模块/ADMIN-运营管理端/README.md
View File

@@ -1,23 +1,23 @@
# ADMIN - 餈鞱𨯫蝞∠<EFBFBD>蝡?
# ADMIN - 运营管理端
> **<EFBFBD><EFBFBD><EFBFBD>嚗?* ADMIN
> **<EFBFBD><EFBFBD>滨妍嚗?* 餈鞱𨯫蝞∠<E89D9E>蝡荔<E89DA1>Operations Management Portal嚗?
> **隡睃<EFBFBD>蝥改<EFBFBD>** P0嚗<30>瓲敹<E793B2>抅蝖<E68A85>霈暹鴌嚗?
> **<EFBFBD><EFBFBD>𤑳𠶖<EFBFBD><EFBFBD><EFBFBD>** <20><20><EFBFBD>霈曇恣銝?
> **模块代码:** ADMIN
> **模块名称:** 运营管理端(Operations Management Portal
> **优先级:** P0核心基础设施
> **开发状态:** 🟡 架构设计中
> **负责人:** [待定]
---
## 📋 模块概述
餈鞱𨯫蝞∠<EFBFBD>蝡舀糓AI銝游<EFBFBD><EFBFBD>𠉛弦撟喳蝱<EFBFBD>?*<2A><EFBFBD>蝞∠<E89D9E><E288A0>𤾸蝱**嚗䔶蛹<E494B6>砍虬<E7A08D><E899AC><EFBFBD>餈鞱𨯫鈭箏<E988AD><E7AE8F>𣂷<EFBFBD><F0A382B7>冽䲮雿滨<E99BBF>蝟餌<E89D9F>蝞∠<E89D9E><E288A0><EFBFBD>蝏渲<E89D8F><E6B8B2><EFBFBD>?
运营管理端是AI临床研究平台的**核心管理后台**,为公司内部运营人员提供全方位的系统管理和运维能力。
### <EFBFBD><EFBFBD>隞瑕<EFBFBD>?
### 核心价值
1. **SaaS憭𡁶<EFBFBD><EFBFBD>瑞恣<EFBFBD>?*嚗𡁶<E59A97><EFBFBD>蝞∠<E89D9E><E288A0><EFBFBD><EFBFBD>匧龫<E58CA7>?<3F><EFBFBD><E691B0>
2. **AI<EFBFBD>鞉𧋦<EFBFBD><EFBFBD>**嚗𡁶移蝏<E7A7BB><E89D8F><EFBFBD><EFBFBD>蝞∠<E89D9E>嚗峕綉<E5B395>貿oken瘨<6E><E798A8>?
3. **Prompt撌亦<EFBFBD><EFBFBD>?*嚗𡁶<E59A97>鈭抒㴓憓<E3B493><E68693>摨阡<E691A8><EFBFBD><E996AB>銝㮖<E98A9D>鈭箏<E988AD><EFBFBD><E99D9A>AI<41><49><EFBFBD>
4. **蝟餌<EFBFBD>餈鞟輕**嚗𡁶鍂<F0A181B6>瑞恣<E7919E><E681A3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>蝵柴<E89DB5><E69FB4>恣霈⊥𠯫敹?
1. **SaaS多租户管理**:统一管理所有医院/药企客户
2. **AI成本控制**精细化配额管理控制Token消耗
3. **Prompt工程化**生产环境灰度预览专业人员调试AI效果
4. **系统运维**:用户管理、权限配置、审计日志
---
@@ -25,24 +25,24 @@
### 1. 租户管理
- 租户创建/编辑/停用
- <EFBFBD><EFBFBD><EFBFBD>摰𡁜<EFBFBD>嚗𡿨ogo<EFBFBD><EFBFBD><EFBFBD><EFBFBD>臬㦛<EFBFBD><EFBFBD>蜓憸䁅𠧧嚗?
- 品牌定制Logo、背景图、主题色
- 模块订阅管理ASL/DC/IIT等
- <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>銝𡒊<EFBFBD><EFBFBD>?
- 配额分配与监控
### 2. Prompt蝞∠<EFBFBD>蝟餌<EFBFBD> 潃?
### 2. Prompt管理系统 ⭐
- **生产环境灰度预览**
- <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>PROMPT_ENGINEER嚗?
- 调试者角色(PROMPT_ENGINEER
- DRAFT/ACTIVE版本隔离
- 憭帋<EFBFBD><EFBFBD>⊥芋<EFBFBD>𢰦rompt<EFBFBD>滨蔭嚗㇁SL/DC/IIT/PKB/AIA/RVW嚗?
- 多业务模块Prompt配置ASL/DC/IIT/PKB/AIA/RVW
### 3. <EFBFBD><EFBFBD>銝擧<EFBFBD><EFBFBD>鞟恣<EFBFBD>?
### 3. 用户与权限管理
- 用户CRUD
- 角色分配SUPER_ADMIN/PROMPT_ENGINEER/等)
- 权限配置
### 4. 蝟餌<EFBFBD><EFBFBD>烐綉銝𤾸恣霈?
### 4. 系统监控与审计
- 操作日志审计
- Token<EFBFBD><EFBFBD><EFBFBD>霈?
- Token消耗统计
- 系统健康监控
---
@@ -50,77 +50,77 @@
## 📂 文档结构
```
ADMIN-餈鞱𨯫蝞∠<EFBFBD>蝡?
<EFBFBD><EFBFBD><EFBFBD><EFBFBD> README.md # <EFBFBD><EFBFBD>隞?
<EFBFBD><EFBFBD><EFBFBD><EFBFBD> 00-璅<E79285>敶枏<E695B6><E69E8F><EFBFBD><E59786><EFBFBD><EFBFBD><E69298><EFBFBD><E78390>?md # 敹恍<EFBFBD><EFBFBD><EFBFBD>𧢲<EFBFBD><EFBFBD>?
<EFBFBD>?
ADMIN-运营管理端/
├── README.md # 本文件
├── 00-模块当前状态与开发指南.md # 快速上手指南
├── 00-系统设计/ # 系统架构设计
<EFBFBD>? <20><EFBFBD><E98EBF><EFBFBD> 00-<2D><><EFBFBD>銝舘<E98A9D><E88898><EFBFBD>蝟餅<E9A485><EFBC94>𥁒<EFBFBD>𠽤v1.0.md
<EFBFBD>? <20><EFBFBD><E5A999><EFBFBD> 02-<2D>𡁶鍂<F0A181B6><EFBFBD><EFBFBD>10-<2D><><EFBFBD>雿梶頂璇喟<E79287><E5969F><EFBFBD>銝𦒘耨甇<E880A8>遣霈?md
<EFBFBD>?
<EFBFBD><EFBFBD><EFBFBD><EFBFBD> 01-<2D><><EFBFBD><E79899><EFBFBD>? # PRD<EFBFBD><EFBFBD>
<EFBFBD>? <20><EFBFBD><E5A999><EFBFBD> 02-<2D>𡁶鍂<F0A181B6><EFBFBD><EFBFBD>07-餈鞱𨯫銝擧㦤<E693A7><E3A6A4><EFBFBD><E681A3>PRD_v2.1.md
<EFBFBD>?
<EFBFBD><EFBFBD><EFBFBD><EFBFBD> 02-<2D><><EFBFBD>航挽霈? # <EFBFBD><EFBFBD><EFBFBD>航挽霈⊥<EFBFBD>獢?
<EFBFBD>? <20><EFBFBD><E98EBF><EFBFBD> 02-<2D>𡁶鍂<F0A181B6><EFBFBD><EFBFBD>03-Prompt蝞∠<E89D9E>蝟餌<E89D9F>銝𡒊<E98A9D>摨阡<E691A8><EFBFBD>挽霈⊥䲮獢?md
<EFBFBD>? <20><EFBFBD><E98EBF><EFBFBD> 03-Prompt蝞∠<EFBFBD>蝟餌<EFBFBD>敹恍<EFBFBD><EFBFBD><EFBFBD>?md
<EFBFBD>? <20><EFBFBD><E5A999><EFBFBD> Prompt蝞∠<E89D9E><E288A0>𤾸蝱霈曇恣.md
<EFBFBD>?
│ ├── 00-权限与角色体系梳理报告_v1.0.md
│ └── 02-通用能力层_10-权限体系梳理反馈与修正建议.md
├── 01-需求分析/ # PRD文档
│ └── 02-通用能力层_07-运营与机构管理端PRD_v2.1.md
├── 02-技术设计/ # 技术设计文档
│ ├── 02-通用能力层_03-Prompt管理系统与灰度预览设计方案.md
│ ├── 03-Prompt管理系统快速参考.md
│ └── Prompt管理后台设计.md
├── 03-UI设计/ # 原型与UI设计
<EFBFBD>?
<EFBFBD><EFBFBD><EFBFBD><EFBFBD> 04-撘<><E69298>𤏸恣<F0A48FB8>? # <EFBFBD><EFBFBD>𤏸恣<EFBFBD><EFBFBD>隞餃𦛚<EFBFBD><EFBFBD>
<EFBFBD>?
<EFBFBD><EFBFBD><EFBFBD><EFBFBD> 05-瘚贝<E7989A><E8B49D><EFBFBD>/ # 瘚贝<EFBFBD><EFBFBD><EFBFBD>銝擧<EFBFBD>霂閙㺭<EFBFBD>?
<EFBFBD>?
<EFBFBD><EFBFBD><EFBFBD><EFBFBD> 06-撘<><E69298>𤏸扇敶? # 瘥𤩺𠯫撘<EFBFBD><EFBFBD><EFBFBD><EFBFBD>
<EFBFBD>?
├── 04-开发计划/ # 开发计划与任务分解
├── 05-测试文档/ # 测试用例与测试数据
├── 06-开发记录/ # 每日开发总结
└── 07-技术债务/ # 技术债务清单
```
---
## <EFBFBD><EFBFBD> 閫坿𠧧銝擧<E98A9D><E693A7>鞱挽霈?
## 🔐 角色与权限设计
### 核心角色
| 角色 | 角色Code | 权限范围 | 说明 |
|------|---------|---------|------|
| **<EFBFBD>漣蝞∠<EFBFBD><EFBFBD>?* | SUPER_ADMIN | <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?| <20>砍虬<E7A08D><E899AC><EFBFBD>餈鞱𨯫鈭箏<E988AD> |
| **Prompt撌亦<EFBFBD>撣?* | PROMPT_ENGINEER | prompt:* | <EFBFBD><EFBFBD>AI Prompt<EFBFBD><EFBFBD><EFBFBD>銝帋犖<EFBFBD>?|
| <EFBFBD>駁堺蝞∠<EFBFBD><EFBFBD>?| HOSPITAL_ADMIN | <EFBFBD><EFBFBD>蝥抒恣<EFBFBD>?| 隞<><EFBFBD><E681A3>䌊撌梁<E6928C><E6A281>駁堺蝘<E5A0BA><E89D98> |
| <EFBFBD><EFBFBD>蝞∠<EFBFBD><EFBFBD>?| PHARMA_ADMIN | <EFBFBD><EFBFBD>蝥抒恣<EFBFBD>?| 隞<><EFBFBD><E681A3>䌊撌梁<E6928C><E6A281><EFBFBD><EFBFBD><E89D98> |
| <EFBFBD><EFBFBD>𡁶鍂<EFBFBD>?| USER | <EFBFBD><EFBFBD><EFBFBD><EFBFBD> | 銝𡁜𦛚璅<E79285>雿輻鍂<E8BCBB>?|
| **超级管理员** | SUPER_ADMIN | 所有权限 | 公司内部运营人员 |
| **Prompt工程师** | PROMPT_ENGINEER | prompt:* | 调试AI Prompt的专业人员 |
| 医院管理员 | HOSPITAL_ADMIN | 租户级管理 | 仅管理自己的医院租户 |
| 药企管理员 | PHARMA_ADMIN | 租户级管理 | 仅管理自己的药企租户 |
| 普通用户 | USER | 基础功能 | 业务模块使用者 |
### Prompt管理专属权限
| 权限 | 说明 |
|------|------|
| `prompt:view` | <EFBFBD><EFBFBD>Prompt<EFBFBD>𡑒”<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?|
| `prompt:view` | 查看Prompt列表和历史版本 |
| `prompt:edit` | 创建/修改DRAFT版本 |
| `prompt:debug` | 潃?撘<><E69298><EFBFBD>霂閙芋撘𧶏<E69298><F0A7B68F>煺漣<E785BA><EFBFBD><E887AC>啣漲憸<E6BCB2><E686B8>嚗?|
| `prompt:debug` | ⭐ 开启调试模式(生产环境灰度预览) |
| `prompt:publish` | 发布DRAFT→ACTIVE |
---
## <EFBFBD><EFBFBD>儭?<3F>唳旿摨廍chema
## 🗄️ 数据库Schema
### <EFBFBD><EFBFBD>銵剁<EFBFBD>platform_schema嚗?
### 核心表(platform_schema
- `tenants` - <EFBFBD><EFBFBD>銵?
- `tenants` - 租户表
- `tenant_members` - 租户成员关系
- `tenant_modules` - <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?
- `tenant_modules` - 租户订阅的模块
- `tenant_quotas` - 租户配额
- `tenant_quota_allocations` - <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>摰?銝芯犖嚗?
- `departments` - 蝘穃恕銵?
- `permissions` - <EFBFBD><EFBFBD><EFBFBD>銵?
- `tenant_quota_allocations` - 配额分配(科室/个人)
- `departments` - 科室表
- `permissions` - 权限表
- `role_permissions` - 角色权限关联
### Prompt蝞∠<EFBFBD>銵剁<EFBFBD>capability_schema嚗?
### Prompt管理表(capability_schema
- `prompt_templates` - Prompt模板
- `prompt_versions` - Prompt<EFBFBD><EFBFBD>𧋦嚗㇄RAFT/ACTIVE/ARCHIVED嚗?
- `prompt_versions` - Prompt版本DRAFT/ACTIVE/ARCHIVED
### 摰∟恣<EFBFBD><EFBFBD>銵剁<EFBFBD>admin_schema嚗?
### 审计日志表(admin_schema
- `admin_operation_logs` - 运营操作日志
@@ -129,40 +129,40 @@ ADMIN-运营管理
## 🚀 技术栈
### 后端
- **<EFBFBD>沲嚗?* Fastify + Prisma
- **<EFBFBD>唳旿摨橒<EFBFBD>** PostgreSQL 14+<EFBFBD>𣈲<EFBFBD><EFBFBD>ISTEN/NOTIFY嚗?
- **霈方<EFBFBD>嚗?* JWT (jsonwebtoken)
- **<EFBFBD><EFBFBD>嚗?* bcryptjs
- **框架:** Fastify + Prisma
- **数据库:** PostgreSQL 14+支持LISTEN/NOTIFY
- **认证:** JWT (jsonwebtoken)
- **密码:** bcryptjs
### 前端
- **<EFBFBD>沲嚗?* React 19 + TypeScript
- **框架:** React 19 + TypeScript
- **UI库** Ant Design 6.0
- **状态管理:** React Context + Hooks
- **頝舐眏嚗?* React Router v6
- **路由:** React Router v6
---
## 📅 开发路线图
### Phase 0: <EFBFBD>唳旿餈<EFBFBD>宏 + <20><EFBFBD>霈暹鴌嚗?憭抬<E686AD>
- [ ] 蝏煺<EFBFBD>User銵剁<EFBFBD>public.users <EFBFBD>?platform_schema.users嚗?
- [ ] <EFBFBD>𥕦遣<EFBFBD><EFBFBD><EFBFBD>㗇鰵銵?
- [ ] <EFBFBD>漣蝞∠<EFBFBD><EFBFBD><EFBFBD>摮鞉㺭<EFBFBD>?
### Phase 0: 数据迁移 + 基础设施3天
- [ ] 统一User表(public.users platform_schema.users
- [ ] 创建所有新表
- [ ] 超级管理员种子数据
- [ ] Prompt表和权限配置
### Phase 1-2: 霈方<EFBFBD>蝟餌<EFBFBD>嚗?憭抬<E686AD>
### Phase 1-2: 认证系统2天
- [ ] JWT认证
- [ ] 登录/登出API
- [ ] 霈方<EFBFBD>銝剝𡢿隞?
- [ ] 认证中间件
### Phase 3-4: 餈鞱𨯫蝞∠<EFBFBD>蝡烘VP嚗?憭抬<E686AD>
- [ ] <EFBFBD><EFBFBD>蝞∠<EFBFBD>嚗㇃RUD + <20><><EFBFBD><EFBFBD>滨蔭嚗?
### Phase 3-4: 运营管理端MVP5天
- [ ] 租户管理CRUD + 品牌配置)
- [ ] **Prompt管理系统**
- [ ] <EFBFBD>𡑒”/蝻𤥁<E89DBB><F0A4A581>?<3F><>𧋦<EFBFBD><F0A78BA6>
- [ ] <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?
- [ ] 列表/编辑器/版本历史
- [ ] 全局调试开关
- [ ] 草稿保存/发布
### Phase 5-6: <EFBFBD><EFBFBD><EFBFBD><EFBFBD>嚗?憭抬<E686AD>
### Phase 5-6: 完善功能3天
- [ ] 用户管理
- [ ] 权限配置
- [ ] 审计日志查询
@@ -172,25 +172,25 @@ ADMIN-运营管理
## 🔗 相关模块
- **<EFBFBD><EFBFBD>蝞∠<EFBFBD>蝡荔<EFBFBD>INST嚗?*嚗𡁜龫<F0A1819C>垢/<2F><EFBFBD>蝡航䌊<E888AA>滚𦛚蝞∠<E89D9E><E288A0>屸𢒰
- **撟喳蝱<EFBFBD><EFBFBD><EFBFBD><EFBFBD>Platform嚗?*嚗朞恕霂<E68195><E99C82><EFBFBD><EFBFBD><EFBFBD><EFBFBD><E58390><EFBFBD><EFBFBD><EFBFBD><E587BD><EFBFBD><E7AE87>滚𦛚
- **<EFBFBD>𡁶鍂<EFBFBD><EFBFBD><EFBFBD><EFBFBD>Capability嚗?*嚗䥪rompt蝞∠<E89D9E><E288A0><EFBFBD>LM Gateway蝑?
- **机构管理端INST**:医院端/药企端自服务管理界面
- **平台基础层Platform**:认证、权限、存储等基础服务
- **通用能力层(Capability**Prompt管理、LLM Gateway
---
## <EFBFBD><EFBFBD> 敹恍<E695B9><EFBFBD>憪?
## 📚 快速开始
1. **阅读架构设计**
<EFBFBD>?`00-蝟餌<EFBFBD>霈曇恣/00-<2D><><EFBFBD>銝舘<E98A9D><E88898><EFBFBD>蝟餅<E9A485><EFBC94>𥁒<EFBFBD>𠽤v1.0.md`
`00-系统设计/00-权限与角色体系梳理报告_v1.0.md`
2. **<EFBFBD><EFBFBD><EFBFBD>瘙?*
<EFBFBD>?`01-<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?02-<2D>𡁶鍂<F0A181B6><EFBFBD><EFBFBD>07-餈鞱𨯫銝擧㦤<E693A7><E3A6A4><EFBFBD><E681A3>PRD_v2.1.md`
2. **了解需求**
`01-需求分析/02-通用能力层_07-运营与机构管理端PRD_v2.1.md`
3. **Prompt管理核心功能**
<EFBFBD>?`02-<EFBFBD><EFBFBD><EFBFBD>航挽霈?03-Prompt蝞∠<EFBFBD>蝟餌<EFBFBD>敹恍<EFBFBD><EFBFBD><EFBFBD>?md`
`02-技术设计/03-Prompt管理系统快速参考.md`
4. **<EFBFBD><EFBFBD><EFBFBD><EFBFBD>𤑳𠶖<EFBFBD>?*
<EFBFBD>?`00-<EFBFBD>敶枏<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?md`
4. **查看开发状态**
`00-模块当前状态与开发指南.md`
---
@@ -198,14 +198,14 @@ ADMIN-运营管理
1. **安全第一**:运营管理端拥有最高权限,必须严格控制访问
2. **审计日志**:所有操作必须记录,支持追溯
3. **憭𡁶<EFBFBD><EFBFBD><EFBFBD>蝳?*嚗𡁶靽萘<E99DBD><E89098>瑟㺭<E7919F><EFBFBD><E6A180><EFBFBD>蝳?
3. **多租户隔离**:确保租户数据完全隔离
4. **Prompt管理**:生产环境调试模式必须有权限控制
---
## 📞 联系方式
- **<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>犖嚗?* [敺<><E695BA>]
- **技术负责人:** [待定]
- **产品负责人:** [待定]
---
@@ -217,4 +217,3 @@ ADMIN-运营管理