HaHafeng
66255368b7
Features - User Management (Phase 4.1): - Database: Add user_modules table for fine-grained module permissions - Database: Add 4 user permissions (view/create/edit/delete) to role_permissions - Backend: UserService (780 lines) - CRUD with tenant isolation - Backend: UserController + UserRoutes (648 lines) - 13 API endpoints - Backend: Batch import users from Excel - Frontend: UserListPage (412 lines) - list/filter/search/pagination - Frontend: UserFormPage (341 lines) - create/edit with module config - Frontend: UserDetailPage (393 lines) - details/tenant/module management - Frontend: 3 modal components (592 lines) - import/assign/configure - API: GET/POST/PUT/DELETE /api/admin/users/* endpoints Architecture Upgrade - Module Permission System: - Backend: Add getUserModules() method in auth.service - Backend: Login API returns modules array in user object - Frontend: AuthContext adds hasModule() method - Frontend: Navigation filters modules based on user.modules - Frontend: RouteGuard checks requiredModule instead of requiredVersion - Frontend: Remove deprecated version-based permission system - UX: Only show accessible modules in navigation (clean UI) - UX: Smart redirect after login (avoid 403 for regular users) Fixes: - Fix UTF-8 encoding corruption in ~100 docs files - Fix pageSize type conversion in userService (String to Number) - Fix authUser undefined error in TopNavigation - Fix login redirect logic with role-based access check - Update Git commit guidelines v1.2 with UTF-8 safety rules Database Changes: - CREATE TABLE user_modules (user_id, tenant_id, module_code, is_enabled) - ADD UNIQUE CONSTRAINT (user_id, tenant_id, module_code) - INSERT 4 permissions + role assignments - UPDATE PUBLIC tenant with 8 module subscriptions Technical: - Backend: 5 new files (~2400 lines) - Frontend: 10 new files (~2500 lines) - Docs: 1 development record + 2 status updates + 1 guideline update - Total: ~4900 lines of code Status: User management 100% complete, module permission system operational
平台基础层
层级定义: 所有业务模块的基础设施
核心原则: 全局唯一、业务无关、稳定性高
📋 模块清单
| 模块 | 说明 | 状态 |
|---|---|---|
| 01-用户与权限中心(UAM) | 用户认证、角色权限、Feature Flag | ⏳ 待设计 |
| 02-存储服务 | 文件上传下载、对象存储 | ⏳ 待设计 |
| 03-通知服务 | 站内消息、邮件、WebSocket | ⏳ 待设计 |
| 04-监控与日志 | 操作日志、错误监控、审计日志 | ⏳ 待设计 |
| 05-系统配置 | 系统级配置管理、动态配置 | ⏳ 待设计 |
🎯 设计原则
1. 全局唯一性
- 整个平台只有一套基础设施
- 所有业务模块共享
2. 业务无关性
- 不涉及具体业务逻辑
- 提供通用能力
3. 高稳定性
- 很少变动
- 向后兼容
4. 高可用性
- 支持负载均衡
- 支持容灾备份
📚 快速导航
快速上下文
- [AI对接] 平台层快速上下文.md - 2-3分钟了解平台层
核心模块
- 用户与权限中心(UAM) - P0优先级
- 存储服务
- 通知服务
- 监控与日志
- 系统配置
🔗 相关文档
最后更新: 2025-11-06
维护人: 技术架构师