admin/craftlabs-authorization-sdk
1
0
Fork 0
mirror of https://github.com/hpd840321/craftlabs-authorization-sdk.git synced 2026-06-10 02:20:28 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Compare commits

base: admin/craftlabs-authorization-sdk:339695c85160643e07d7f01fab4149d3815d529f
Branches Tags
admin/craftlabs-authorization-sdk:main admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/vite-8.0.16 admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/vue-3.5.35 admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/vitejs/plugin-vue-6.0.7 admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/element-plus-2.14.1 admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/pinia-3.0.4 admin/craftlabs-authorization-sdk:dependabot/maven/services/org.springdoc-springdoc-openapi-starter-webmvc-ui-3.0.3 admin/craftlabs-authorization-sdk:dependabot/github_actions/actions/setup-java-5 admin/craftlabs-authorization-sdk:dependabot/github_actions/actions/checkout-6 admin/craftlabs-authorization-sdk:dependabot/maven/java/com.fasterxml.jackson.core-jackson-databind-2.22.0 admin/craftlabs-authorization-sdk:dependabot/maven/java/com.networknt-json-schema-validator-3.0.3 admin/craftlabs-authorization-sdk:dependabot/maven/services/mybatis-plus.version-3.5.16 admin/craftlabs-authorization-sdk:dependabot/maven/services/spring-boot.version-4.0.6 admin/craftlabs-authorization-sdk:dependabot/github_actions/actions/setup-node-6 admin/craftlabs-authorization-sdk:dependabot/maven/java/net.java.dev.jna-jna-5.19.0 admin/craftlabs-authorization-sdk:dependabot/github_actions/aquasecurity/trivy-action-0.36.0 admin/craftlabs-authorization-sdk:dependabot/github_actions/actions/upload-artifact-7 admin/craftlabs-authorization-sdk:dependabot/maven/java/org.apache.maven.plugins-maven-compiler-plugin-3.15.0 admin/craftlabs-authorization-sdk:dependabot/maven/services/org.apache.maven.plugins-maven-compiler-plugin-3.15.0 admin/craftlabs-authorization-sdk:develop
admin/craftlabs-authorization-sdk:v0.1.0
...
compare: admin/craftlabs-authorization-sdk:v0.1.0
Branches Tags
admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/vite-8.0.16 admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/vue-3.5.35 admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/vitejs/plugin-vue-6.0.7 admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/element-plus-2.14.1 admin/craftlabs-authorization-sdk:dependabot/npm_and_yarn/web/delivery-platform-ui/pinia-3.0.4 admin/craftlabs-authorization-sdk:dependabot/maven/services/org.springdoc-springdoc-openapi-starter-webmvc-ui-3.0.3 admin/craftlabs-authorization-sdk:dependabot/github_actions/actions/setup-java-5 admin/craftlabs-authorization-sdk:dependabot/github_actions/actions/checkout-6 admin/craftlabs-authorization-sdk:dependabot/maven/java/com.fasterxml.jackson.core-jackson-databind-2.22.0 admin/craftlabs-authorization-sdk:dependabot/maven/java/com.networknt-json-schema-validator-3.0.3 admin/craftlabs-authorization-sdk:dependabot/maven/services/mybatis-plus.version-3.5.16 admin/craftlabs-authorization-sdk:dependabot/maven/services/spring-boot.version-4.0.6 admin/craftlabs-authorization-sdk:dependabot/github_actions/actions/setup-node-6 admin/craftlabs-authorization-sdk:dependabot/maven/java/net.java.dev.jna-jna-5.19.0 admin/craftlabs-authorization-sdk:dependabot/github_actions/aquasecurity/trivy-action-0.36.0 admin/craftlabs-authorization-sdk:dependabot/github_actions/actions/upload-artifact-7 admin/craftlabs-authorization-sdk:dependabot/maven/java/org.apache.maven.plugins-maven-compiler-plugin-3.15.0 admin/craftlabs-authorization-sdk:dependabot/maven/services/org.apache.maven.plugins-maven-compiler-plugin-3.15.0 admin/craftlabs-authorization-sdk:main admin/craftlabs-authorization-sdk:develop
admin/craftlabs-authorization-sdk:v0.1.0

77 Commits
339695c851 ... v0.1.0

Author SHA1 Message Date
huangping 327e5e2b91 chore: release v0.1.0
deploy / build-and-deploy (push) Waiting to run
Details
2026-06-09 16:17:48 +08:00
huangping 7fc1fa3727 feat: add demo mode for prototype deployment (no backend) 2026-06-09 09:45:10 +08:00
huangping 4c2db92da4 fix: set vite base path for /authorization-sdk/ deployment 2026-06-09 09:43:21 +08:00
huangping 6a31b479d5 chore: update native Cargo.lock 
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:38:20 +08:00
huangping c2a285c781 fix: handle project count edge case in customer summary 
Minor fix to ProjectService for correct customer-project counting.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:24 +08:00
huangping 1333cb38d6 docs: add AGENTS.md, code audit reports, and implementation plans 
Added hierarchical AGENTS.md files for root, java, native, services, web modules. Added comprehensive audit reports covering PRD progress, UI audit, full version gap analysis, code audit findings, and ONLYOFFICE status.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:24 +08:00
huangping b2968dc327 docs: update PRD implementation status and fix application config 
Updated all module status columns in product modules doc to reflect actual code state. Removed duplicate @Bean import in SecurityConfig.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:16 +08:00
huangping 1492e91431 feat: add notification send service for M8-F03 
NotificationSendService dispatches events through configured channels (in-app todo, email placeholder, WeChat placeholder). Supports event type routing and role-based delivery.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:16 +08:00
huangping 2609ea3f79 fix: update stale labels and add callback backlog stats card 
Fixed login page (removed I1 tag, updated demo accounts). Added backlog stats bar to CallbackInboxView. Fixed size:500 to size:200 across all list views to match backend @Max(200) validation.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:16 +08:00
huangping 2e4caf72ce feat: add sidebar grouping, auth store persistence fix, idle timeout 
Sidebar now groups menu items into Business/Operations/Analytics/System sections. Auth store restores roles/permissions from JWT on page reload. Added idleTimer utility for session timeout.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:09 +08:00
huangping 8ee9aa51d8 feat: add ONLYOFFICE document preview for contract attachments 
DocumentPreviewController provides preview config and file streaming endpoints. ContractDetailView adds 'preview' button to attachment list and opens ONLYOFFICE iframe dialog.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:09 +08:00
huangping 8c788ea388 feat: add dashboard with ECharts and SN/callback statistics 
Added sn-stats and callback-stats endpoints. HomeView now shows stat cards, pending todos, recent activity, and ECharts pie charts for SN status distribution and callback status. Installed echarts dependency.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:09 +08:00
huangping 5d50d2819b feat: add system params persistence and delivery gate enforcement 
V25 migration creates platform_system_param table. SystemParamController replaces localStorage MVP with backend persistence. LicenseSnService.create now checks deliveryGateEnabled flag and blocks SN creation when gate is on but no deliveries completed.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:02 +08:00
huangping 8c167d4909 feat: add user management CRUD and platform_user table 
V24 migration creates platform_user table. Backend UserAdminController provides list/create/update/toggleStatus. Frontend UserManagementView enables admin to add/edit/disable users. Replaces hardcoded auth with database-backed user lifecycle.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:02 +08:00
huangping 118790486a fix: rewrite AuthController with database-driven authentication 
Replaced hardcoded admin/sales/delivery/ops users with PlatformUser table lookups. Fixed changePassword to use JWT SecurityContext for current user lookup. Implemented real resetPassword and forceLogout endpoints (previously no-ops). Added BCrypt password verification.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:37:02 +08:00
huangping 7fb3eb53c3 feat: add customer summary aggregation with real contract count 
Fixed getCustomerSummary() to actually query contract count instead of returning hardcoded 0. Injected PlatformContractMapper for the query.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:36:53 +08:00
huangping 23984a3651 feat: add failure reason persistence and batch replay endpoints to callback inbox 
Added failureReason field to CallbackInboxStatusPatchRequest so Ops can categorize failure causes. Added POST /batch-replay for mass reprocess and GET /stats/backlog for backlog monitoring.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:36:53 +08:00
huangping 25395a648b fix: remove error message leakage in LicenseController and ContractController 
Replaced try-catch blocks returning e.getMessage() in HTTP 500 responses with proper ResponseStatusException propagation through global ApiExceptionHandler. Added file size (50MB) and MIME type whitelist validation to contract attachment upload.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:36:53 +08:00
huangping 0abb60fd2d fix: resolve 500 errors from missing @RequestParam value attributes 
All @RequestParam annotations without explicit value= attributes cause parameter name resolution failures when Java -parameters compiler flag is not set. Fixed AuditController, IntegrationCatalogController, CustomerController, ReportController, UserAdminController, SecurityConfig.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-27 08:36:43 +08:00
huangping 4913d1c556 feat(cli): add migrate command, platform API, config management 2026-05-25 15:20:13 +08:00
huangping 4b79533c70 feat(cli): add craftlabs-auth-cli with status/activate/check/info/release commands 2026-05-25 15:16:39 +08:00
huangping 027ecbd375 feat(sdk): add JNA bridge to replace JNI for Rust C ABI access 2026-05-25 15:15:14 +08:00
huangping f82a2a7b24 docs: add CLI tool design and update implementation order (SDK->CLI->GUI) 2026-05-25 15:12:08 +08:00
huangping 563844e361 docs: add client authorization tool design spec (Tauri + Vue 3) 2026-05-25 15:10:00 +08:00
huangping 147142f44f feat(m10): add audit retention policy configuration 2026-05-25 15:05:54 +08:00
huangping 250c5cbfeb feat(m9): add subscription report config (localStorage MVP) 2026-05-25 15:05:18 +08:00
huangping 1cef437fb3 feat(m5): add simulated callback event delivery for testing 2026-05-25 15:04:03 +08:00
huangping ca1279162b feat(m1): add customer freeze/unfreeze 2026-05-25 15:03:23 +08:00
huangping d3d26ba9b4 feat(sdk): add JNI bridge between Java NativeBridge and Rust C ABI 2026-05-25 15:02:12 +08:00
huangping 7104976bf9 feat(m11): add password reset, owner fields, system params 2026-05-25 14:53:02 +08:00
huangping d6750f1e93 feat: add feature mapping view and notification template config 2026-05-25 14:52:45 +08:00
huangping 0ae3987fb2 feat(m5): add failure reason tagging and batch retry 2026-05-25 14:52:06 +08:00
huangping 6522f02b54 feat(m4): add batch SN ops, delivery gate, console link, SN tags 2026-05-25 14:51:41 +08:00
huangping 4dc8341e7e feat(m2): add SKU mapping between contract lines and license features 2026-05-25 14:50:31 +08:00
huangping 8d1081b2b9 feat(m2): add external/internal order ID to contracts 2026-05-25 14:49:40 +08:00
huangping 16ab474bee feat(m3): add field environment info (address, network, contact) to delivery 2026-05-25 14:49:34 +08:00
huangping 0062b20ea1 feat(m11): expand v-permission to all CRUD pages 2026-05-25 14:46:42 +08:00
huangping 85d2b85b6a fix: add userId filter to audit search and login lockout logic 2026-05-25 14:46:42 +08:00
huangping e96383433d feat(m1): add project stakeholder CRUD 2026-05-25 14:46:30 +08:00
huangping 4bbf1f552f feat(m2): add signing/effective/end date fields to contracts 2026-05-25 14:46:19 +08:00
huangping 1726f486fa fix: add amount UI to contract lines and reason code to SN activation 2026-05-25 14:45:54 +08:00
huangping 13c42d2c87 docs: add remaining gaps WBS execution plan (P0/P1/P2 + SDK JNI) 2026-05-25 11:13:56 +08:00
huangping ff534fc325 ci: add Gitea Actions deploy workflow and runner setup guide 2026-05-25 11:08:48 +08:00
huangping 769bf721f4 fix: handle ConstraintViolationException as 400 instead of 500 2026-05-25 02:38:29 +08:00
huangping 14b86df124 docs(db): add Chinese comments for all 28 platform tables and columns 2026-05-25 02:28:02 +08:00
huangping 3bb19537fe feat(m11): add v-permission directive and button-level permission codes 2026-05-25 01:41:50 +08:00
huangping 1f599e5646 feat(m11): align role model with product definition (SALES/DELIVERY/LICENSE_OPS) 2026-05-25 01:41:04 +08:00
huangping d933639518 feat(m10): add audit event search and CSV export 2026-05-25 01:38:48 +08:00
huangping c088c0ed71 feat(m9): add CSV export for contract-sn report 2026-05-25 01:37:37 +08:00
huangping 46f28d2d97 feat(m6): add JSON template CRUD with versioning 2026-05-25 01:36:40 +08:00
huangping ae880c47b2 feat(m6): add BitAnswer ID mapping CRUD 2026-05-25 01:35:25 +08:00
huangping 36b6e395c5 feat(m11): add password change with profile page 2026-05-25 01:33:54 +08:00
huangping 3ab1165e69 feat(m11): add login failure lockout after 5 failed attempts in 15 min 2026-05-25 01:33:11 +08:00
huangping c2118b16aa feat(m11): add idle timeout auto-logout with warning dialog 2026-05-25 01:32:51 +08:00
huangping 33773928c3 feat(m2): add contract change versioning with CHANGING state 2026-05-25 01:32:20 +08:00
huangping 88c4e22d36 feat(m2): add contract attachment upload and listing 2026-05-25 01:31:01 +08:00
huangping cc7fef8ae9 feat(m4): add SN batch import with text area dialog 2026-05-25 01:29:40 +08:00
huangping b5317d8f58 feat(m1): add customer detail aggregation view 2026-05-25 01:28:36 +08:00
huangping bfb8f23399 feat(m1): add planned start/end dates and project manager to projects 2026-05-25 01:27:15 +08:00
huangping b536a999f0 feat(m1): add industry/address/billing/customerCode fields to customer 2026-05-25 01:26:22 +08:00
huangping 9be9fc4b47 docs: add WBS execution plan for remaining P0/P1/P2 work 2026-05-25 01:21:14 +08:00
huangping d0783aa893 feat(m6): add CRUD dialogs for environments and product lines 2026-05-25 01:15:56 +08:00
huangping ea233dd039 fix(report): implement getProjectHealth with real data queries 2026-05-25 01:15:01 +08:00
huangping 4a9468fcdd fix(home): add M7/M8/M9 quick links to home page 2026-05-25 01:14:35 +08:00
huangping 8ba73c028c feat(web): add M7/M8/M9 sidebar menu entries 2026-05-25 01:08:17 +08:00
huangping 822774b711 feat(web): add M9 reporting pages (contract-sn, callback stats, project health) 2026-05-25 01:07:44 +08:00
huangping 830ea626c9 feat(web): add M8 todo center and notification settings pages 2026-05-25 01:06:28 +08:00
huangping 54e0f8a054 feat(web): add M7 device list and detail pages 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-05-25 01:05:38 +08:00
huangping a5d250214c feat(web): add M7/M8/M9 API client methods 2026-05-25 01:04:30 +08:00
huangping 8b00f401be feat: add M9 ReportService + ReportController 2026-05-25 01:04:04 +08:00
huangping ba38897f73 feat: add M8 TodoService + TodoController 2026-05-25 01:02:46 +08:00
huangping fa2a50e755 feat(db): add M8 notification and todo tables 2026-05-25 01:01:34 +08:00
huangping 75e6d6d5ec feat: add M7 DeviceController + Callback device event linking 2026-05-25 01:00:43 +08:00
huangping f94f2b91e8 feat: add M7 DeviceService and DTOs 2026-05-25 00:59:12 +08:00
huangping 58b947a366 feat(m7): add DeviceStatus enum and PlatformDevice/PlatformDeviceSnBinding/PlatformDeviceSwapRequest entities with mappers 2026-05-25 00:57:10 +08:00
huangping b13d17702e feat(db): add M7 device management tables (device, sn_binding, swap_request) 2026-05-25 00:54:42 +08:00
huangping 0a43f8fbbe docs: add Mid prototype design spec (M7 device / M8 notification / M9 reporting) 2026-05-25 00:50:38 +08:00
202 changed files with 16444 additions and 426 deletions
Expand all files Collapse all files
.gitea/workflows/deploy.yml
+104
View File
@@ -0,0 +1,104 @@
# Gitea Actions: 平台部署流水线
# 触发条件:推送 main 分支 或 手动触发
# 运行环境:self-hosted runner(需要安装 docker + docker-compose
name: deploy
on:
push:
branches: [main]
paths:
- "services/**"
- "web/**"
- "services/docker-compose.yml"
workflow_dispatch:
env:
REGISTRY: gitea.craftlabs.cn/craftlabs
API_IMAGE: delivery-platform-api
WEBHOOK_IMAGE: license-webhook-ingress
UI_IMAGE: delivery-platform-ui
jobs:
build-and-deploy:
runs-on: ubuntu-latest # self-hosted runner 需注册该标签
steps:
- name: Checkout
uses: actions/checkout@v4
# ============ 后端 API ============
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "17"
cache: maven
- name: Build delivery-platform-api
run: |
mvn -f services/pom.xml -pl delivery-platform-api -am -DskipTests clean package -q
- name: Build API Docker image
run: |
docker build -t ${{ env.REGISTRY }}/${{ env.API_IMAGE }}:${{ github.sha }} \
-t ${{ env.REGISTRY }}/${{ env.API_IMAGE }}:latest \
services/delivery-platform-api
# ============ Webhook ============
- name: Build license-webhook-ingress
run: |
mvn -f services/pom.xml -pl license-webhook-ingress -am -DskipTests clean package -q
- name: Build Webhook Docker image
run: |
docker build -t ${{ env.REGISTRY }}/${{ env.WEBHOOK_IMAGE }}:${{ github.sha }} \
-t ${{ env.REGISTRY }}/${{ env.WEBHOOK_IMAGE }}:latest \
services/license-webhook-ingress
# ============ 前端 ============
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: "20"
- name: Build frontend
working-directory: web/delivery-platform-ui
run: |
npm install
npm run build
- name: Build Frontend Docker image
run: |
docker build -t ${{ env.REGISTRY }}/${{ env.UI_IMAGE }}:${{ github.sha }} \
-t ${{ env.REGISTRY }}/${{ env.UI_IMAGE }}:latest \
web/delivery-platform-ui
# ============ 推送镜像到 Gitea Registry ============
- name: Login to Gitea Container Registry
run: echo "${{ secrets.GITEA_REGISTRY_TOKEN }}" | docker login gitea.craftlabs.cn -u "${{ secrets.GITEA_REGISTRY_USER }}" --password-stdin
- name: Push images
run: |
docker push ${{ env.REGISTRY }}/${{ env.API_IMAGE }}:${{ github.sha }}
docker push ${{ env.REGISTRY }}/${{ env.API_IMAGE }}:latest
docker push ${{ env.REGISTRY }}/${{ env.WEBHOOK_IMAGE }}:${{ github.sha }}
docker push ${{ env.REGISTRY }}/${{ env.WEBHOOK_IMAGE }}:latest
docker push ${{ env.REGISTRY }}/${{ env.UI_IMAGE }}:${{ github.sha }}
docker push ${{ env.REGISTRY }}/${{ env.UI_IMAGE }}:latest
# ============ 远程部署 ============
- name: Deploy via docker-compose
env:
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
PLATFORM_JWT_SECRET: ${{ secrets.PLATFORM_JWT_SECRET }}
CRAFTLABS_WEBHOOK_EXPECTED_TOKEN: ${{ secrets.WEBHOOK_TOKEN }}
run: |
# 将 docker-compose.yml 复制到部署目录并替换镜像版本
mkdir -p /opt/craftlabs/deploy
cp services/docker-compose.yml /opt/craftlabs/deploy/
cd /opt/craftlabs/deploy
export API_IMAGE_TAG=${{ env.REGISTRY }}/${{ env.API_IMAGE }}:${{ github.sha }}
export WEBHOOK_IMAGE_TAG=${{ env.REGISTRY }}/${{ env.WEBHOOK_IMAGE }}:${{ github.sha }}
export UI_IMAGE_TAG=${{ env.REGISTRY }}/${{ env.UI_IMAGE }}:${{ github.sha }}
docker compose pull
docker compose up -d --remove-orphans
AGENTS.md
+79
View File
@@ -0,0 +1,79 @@
# PROJECT KNOWLEDGE BASE
**Generated:** 2026-05-26
**Commit:** 4913d1c
**Branch:** develop
## OVERVIEW
**craftlabs-authorization-sdk** — 创飞客户端授权 SDK 工作区。多语言 monorepoJava (Maven) 封装授权 API + Rust (Cargo) native cdylib + Vue 3 交付管理后台 + Spring Boot 后端服务。37k+ 行源码,活跃开发中。
## STRUCTURE
```
./
├── java/ # Maven 多模块 SDK (core, bitanswer, selfhosted, tests)
├── native/ # Rust Cargo workspace (craft-core cdylib, CLI tool)
├── services/ # Spring Boot 后端服务
│ ├── delivery-platform-api/ # 商业交付管理 API (153 Java 文件)
│ └── license-webhook-ingress/ # Webhook 回调入口 (小)
├── web/
│ └── delivery-platform-ui/ # Vue 3 前端 (47 src 文件)
├── schemas/ # craftlabs-auth-config JSON Schema
├── examples/ # 示例配置 (java/cpp/python/vc)
├── docs/ # 产品/流程/工程架构文档
│ └── engineering/ # 系统架构、工程边界、并行迭代
└── engineering/ # 工作区 manifest, 规划工程占位
```
## WHERE TO LOOK
| Task | Location | Notes |
|------|----------|-------|
| SDK 授权核心逻辑 (Java) | `java/craftlabs-auth-core/src/` | config, internal 模块 |
| 比特安索集成 | `java/craftlabs-auth-bitanswer/` | 单一 Java 文件 |
| 自托管授权提供者 | `java/craftlabs-auth-selfhosted/` | 同上 |
| Rust native C ABI | `native/craft-core/src/` | lib.rs 导出 craft_* 函数 |
| 安全反调试/混淆 | `native/craft-core/src/security/` | anti_debug, obfuscation |
| CLI 工具 | `native/craftlabs-auth-cli/src/` | status/activate/check/info 命令 |
| 平台后端 Controller | `services/delivery-platform-api/` | 按领域分包 (contract, license, device 等) |
| 平台持久层 | `services/delivery-platform-api/` | persistence/ 下每实体一对 (POJO+Mapper) |
| 平台 DTO | `services/delivery-platform-api/` | web/dto/ 下 47 个请求/响应类 |
| Webhook 回调 | `services/license-webhook-ingress/` | webhook 入口 + persistence |
| 前端视图 | `web/delivery-platform-ui/src/views/` | Vue 3 组件 (38 文件) |
| 数据库迁移 | `services/delivery-platform-api/` | src/main/resources/db/migration/ |
| JSON Schema | `schemas/` | craftlabs-auth-config 校验 |
| CI/CD (Gitea Actions) | `GITEA_CI_CD.md` | act_runner 配置 |
## CONVENTIONS
- **Java**: Spring Boot 3.x, MyBatis-Plus, Maven multi-module. 每实体一对 `Entity` + `Mapper` 接口。控制器统一 `@RestController` + `@RequestMapping("/api/v1/...")`. 异常处理统一 `ApiExceptionHandler`.
- **Rust**: cdylib 导出 `craft_*` C ABI。`Provider` trait 模式。安全模块独立 `security/` 子树。
- **Vue**: Vue 3 + Composition API (`<script setup>`). 视图集中 `src/views/`.
- **SQL**: Flyway 迁移在 `db/migration/`, 前缀 `V{version}__{description}.sql`.
- **发布**: SDK 发版生成 SHA256SUMS + 可选 GPG 签名, 见 `java/RELEASING.md` + `scripts/sdk-release-checksums.sh`.
## ANTI-PATTERNS (THIS PROJECT)
- **不要** 把 SDK jar 打进平台 Fat JAR (bootstrap 唯一 repackage)
- **不要** 在客户端 SDK 中依赖平台后端代码 (运行时解耦)
- **不要** 混用 JNI 和 JNA 桥接 — 当前已迁移到 JNA
## COMMANDS
```bash
# Java SDK 构建 (JDK 17+)
mvn -f java/pom.xml clean verify
# Rust native 构建 (Rust 1.70+)
cargo build --manifest-path native/craft-core/Cargo.toml --release
# 前端
cd web/delivery-platform-ui && npm install && npm run build
```
## NOTES
- 平台后端/前端按架构设计为独立工程,本仓库含源码仅为过渡期方便迭代。正式部署时按 `engineering/planned/` 规范开独立仓。
- native/craft-core 曾用 JNI bridge,现已迁移至 JNA (commit 027ecbd)。
- 有三轨并行迭代:后端/前端/SDK,详见 `docs/engineering/PARALLEL_ITERATION_INDEX.md`
GITEA_CI_CD.md
+118
View File
@@ -0,0 +1,118 @@
# Gitea CI/CD 配置指南
## 1. Gitea Actions Runner 注册
### 1.1 部署 Runner
```bash
# 从 Gitea 管理后台获取 runner 注册令牌
# 位置:站点管理 -> 运行 Actions -> 创建 Runner
# 创建 runner 数据目录
mkdir -p /opt/gitea-runner
cd /opt/gitea-runner
# 下载 act runner
curl -sL https://gitea.com/gitea/act_runner/releases/latest/download/act_runner-linux-amd64 -o act_runner
chmod +x act_runner
# 注册 runner(替换 TOKEN 和 GITEA_URL
./act_runner register \
--instance https://gitea.craftlabs.cn \
--token <REGISTRATION_TOKEN> \
--name craftlabs-runner \
--labels ubuntu-latest:docker://node:20-bookworm
# 以服务方式运行
./act_runner daemon &
```
### 1.2 Runner 标签说明
| 标签 | 用途 | 对应的 workflow `runs-on` |
|------|------|--------------------------|
| `ubuntu-latest` | 通用构建和测试 | `ubuntu-latest` |
## 2. 配置 Gitea Secrets
在 Gitea 仓库 Settings -> Secrets 中添加:
| Secret 名称 | 说明 |
|-------------|------|
| `GITEA_REGISTRY_TOKEN` | Gitea Container Registry 访问令牌 |
| `GITEA_REGISTRY_USER` | Registry 用户名 |
| `DB_PASSWORD` | PostgreSQL 数据库密码 |
| `PLATFORM_JWT_SECRET` | JWT 签名密钥(至少 32 字符)|
| `WEBHOOK_TOKEN` | Webhook x-bitanswer-token |
## 3. 推送仓库到 Gitea
```bash
# 添加 Gitea 远程仓库
git remote add gitea https://gitea.craftlabs.cn/craftlabs/authorization-sdk.git
# 推送到 Gitea
git push -u gitea develop
# 推送到 Gitea 并设为主分支
git push gitea develop:main
```
## 4. CI 流程说明
### 4.1 提交触发
| Workflow | 触发条件 | 运行内容 |
|----------|---------|---------|
| `ci-java` | push/PR to main/develop | Maven verify + Native 编译 |
| `ci-platform` | push/PR to main/develop (services/web) | Maven verify + npm build |
| `ci-security` | push/PR to main/develop | Trivy 漏洞扫描 + npm audit |
| `deploy` | push to main | 构建 Docker 镜像 → Gitea Registry → docker-compose 部署 |
### 4.2 手动触发
| Workflow | 触发方式 |
|----------|---------|
| `sdk-release-checksums` | 仓库 Actions 页面手动触发 |
| `deploy` | 仓库 Actions 页面手动触发 |
## 5. 部署架构
```text
┌─────────────────────────────────┐
│ Gitea 仓库(craftsupport.cn
│ push main → Gitea Actions │
└──────────┬──────────────────────┘
│ 触发
┌──────────▼──────────────────────┐
│ Self-Hosted Runner │
│ ├── mvn package → Docker build │
│ ├── npm build → Docker build │
│ └── docker compose up -d │
└──────────┬──────────────────────┘
│ 部署
┌──────────▼──────────────────────┐
│ 部署主机(生产环境) │
│ ├── PostgreSQL 15 │
│ ├── delivery-platform-api:8080 │
│ ├── license-webhook-ingress:8081│
│ └── delivery-platform-ui:80 │
└─────────────────────────────────┘
```
## 6. 环境变量要求
部署时需确保以下环境变量已设置:
```bash
# 数据库
SPRING_DATASOURCE_URL=jdbc:postgresql://postgres:5432/craftlabs_platform
SPRING_DATASOURCE_USERNAME=craftlabs
SPRING_DATASOURCE_PASSWORD=<实际密码>
# JWT
PLATFORM_JWT_SECRET=<至少32字符随机密钥>
# Webhook
CRAFTLABS_WEBHOOK_EXPECTED_TOKEN=<与比特控制台一致>
```
docs/chuangfei-platform-product-modules.md
+276 -144
View File
@@ -3,7 +3,8 @@
> **平台全称**:广州创飞人工智能技术有限公司客户商务与交付管理平台。
> **文档性质**:产品经理视角的 **模块划分** 与 **功能点清单**,用于需求评审、版本切片与验收对齐。
> **关联文档**:[平台与比特对接总览](chuangfei-bitanswer-integration-platform.md)(定位、架构、分阶段路线) · [**业务流程与版本排期**](chuangfei-platform-bpm-and-roadmap.md)BPM、迭代计划) · [工作区工程划分](engineering/WORKSPACE_ENGINEERING_LAYOUT.md)。
> **优先级约定****P0** = MVP 必含;**P1** = 增强运营效率;**P2** = 治理与规模化。同一功能可在多期迭代交付,表中标注为「首期目标优先级」。
> **优先级约定****P0** = MVP 必含;**P1** = 增强运营效率;**P2** = 治理与规模化。同一功能可在多期迭代交付,表中标注为「首期目标优先级」。
> **实现状态约定**:**✅** = 已实现(I1~I9 迭代交付);**◐** = 部分实现(缺字段或功能不完整);**○** = 未实现(规划中);**—** = 不适用(依赖前置模块)。状态反映截至 2026-05-25 的实现情况。
---
@@ -67,17 +68,17 @@ flowchart TB
**定位**:统一客户与项目上下文,避免合同、交付、SN 挂在「无名客户」或重复档案上。
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------ | ------------- | -------------------------------------------- | --- |
| M1-F01 | 客户档案创建/编辑 | 客户名称、统一社会信用代码/客户编码、行业、地址、开票信息等(字段以法务/财务为准裁剪) | P0 |
| M1-F02 | 客户列表与检索 | 多条件筛选、分页、关键字搜索 | P0 |
| M1-F03 | 客户详情聚合视图 | 关联项目数、在履约合同数、在途 SN 数等摘要(只读统计) | P0 |
| M1-F04 | 项目创建/编辑 | 项目名称、所属客户、阶段、计划起止、项目经理 | P0 |
| M1-F05 | 项目列表与筛选 | 按客户、阶段、时间筛选 | P0 |
| M1-F06 | 项目干系人 | 客户侧联系人、内部负责人、角色标签 | P0 |
| M1-F07 | 客户/项目冻结与解冻 | 禁止新业务挂载或仅允许只读(规则可配置) | P1 |
| M1-F08 | 客户合并与去重 | 疑似重复客户识别、合并流程与审计 | P2 |
| M1-F09 | 与外部 CRM 主数据同步 | 以外部 ID 关联、增量同步状态展示(不替代 CRM 全能力) | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------ | ------------- | -------------------------------------------- | --- | --- |
| M1-F01 | 客户档案创建/编辑 | 客户名称、统一社会信用代码/客户编码、行业、地址、开票信息等(字段以法务/财务为准裁剪) | P0 | ◐ 部分实现 — 仅 name + credit_code,缺行业/地址/开票信息 |
| M1-F02 | 客户列表与检索 | 多条件筛选、分页、关键字搜索 | P0 | ✅ |
| M1-F03 | 客户详情聚合视图 | 关联项目数、在履约合同数、在途 SN 数等摘要(只读统计) | P0 | ✅ — 后端 `/summary` + 前端详情页摘要卡片已实现 |
| M1-F04 | 项目创建/编辑 | 项目名称、所属客户、阶段、计划起止、项目经理 | P0 | ◐ 部分实现 — 仅 name + customer_id + phase,缺计划起止、项目经理 |
| M1-F05 | 项目列表与筛选 | 按客户、阶段、时间筛选 | P0 | ✅ |
| M1-F06 | 项目干系人 | 客户侧联系人、内部负责人、角色标签 | P0 | ◐ — 后端 CRUD 已实现,前端 UI 待补 |
| M1-F07 | 客户/项目冻结与解冻 | 禁止新业务挂载或仅允许只读(规则可配置) | P1 | ◐ — 后端 PATCH 端点已实现,前端 UI 待补 |
| M1-F08 | 客户合并与去重 | 疑似重复客户识别、合并流程与审计 | P2 | ○ |
| M1-F09 | 与外部 CRM 主数据同步 | 以外部 ID 关联、增量同步状态展示(不替代 CRM 全能力) | P2 | ○ |
---
@@ -87,17 +88,17 @@ flowchart TB
**定位**:合同是「卖什么」的权威来源之一;履约行/合同行是 SN 与交付的锚点。
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------ | --------------- | ------------------------------- | --- |
| M2-F01 | 合同登记与编辑 | 合同编号、客户、关联项目、签订日、生效日、终止条件 | P0 |
| M2-F02 | 合同状态机 | 草稿、待生效、生效、变更中、终止/到期等;非法跳转拦截 | P0 |
| M2-F03 | 合同标的摘要 | 产品/模块/数量/期限/席位等业务口径展示(可与行项汇总一致) | P0 |
| M2-F04 | 合同行项(履约行) | 多行:SKU 或产品包、数量、单价(可选)、交付与授权口径 | P0 |
| M2-F05 | 合同附件 | 上传扫描件/电子签输出(存储与权限受控) | P1 |
| M2-F06 | 合同与订单关联 | 外部订单号、内部订单记录 ID(若存在订单系统) | P1 |
| M2-F07 | 合同变更与版本 | 变更单、版本号、影响授权差异提示(与 M4 联动) | P1 |
| M2-F08 | 合同行与授权 SKU 规则映射 | 行项默认映射到许可 SKU/特征包(与 M6 联动) | P1 |
| M2-F09 | 合同到期与续费提醒 | 基于生效/结束日期的列表与订阅(与 M8 联动) | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------ | --------------- | ------------------------------- | --- | --- |
| M2-F01 | 合同登记与编辑 | 合同编号、客户、关联项目、签订日、生效日、终止条件 | P0 | ✅ |
| M2-F02 | 合同状态机 | 草稿、待生效、生效、变更中、终止/到期等;非法跳转拦截 | P0 | ✅ 状态机含 DRAFT→PENDING_EFFECTIVE→EFFECTIVE→CHANGING→TERMINATED |
| M2-F03 | 合同标的摘要 | 产品/模块/数量/期限/席位等业务口径展示(可与行项汇总一致) | P0 | ✅ |
| M2-F04 | 合同行项(履约行) | 多行:SKU 或产品包、数量、单价(可选)、交付与授权口径 | P0 | ✅ |
| M2-F05 | 合同附件 | 上传扫描件/电子签输出(存储与权限受控) | P1 | ◐ — 后端 POST 端点已实现,前端上传 UI 待补 |
| M2-F06 | 合同与订单关联 | 外部订单号、内部订单记录 ID(若存在订单系统) | P1 | ○ |
| M2-F07 | 合同变更与版本 | 变更单、版本号、影响授权差异提示(与 M4 联动) | P1 | ◐ — 后端 changes/complete 端点已实现,前端 UI 待补 |
| M2-F08 | 合同行与授权 SKU 规则映射 | 行项默认映射到许可 SKU/特征包(与 M6 联动) | P1 | ○ |
| M2-F09 | 合同到期与续费提醒 | 基于生效/结束日期的列表与订阅(与 M8 联动) | P2 | ○ |
---
@@ -107,16 +108,16 @@ flowchart TB
**定位**:记录「交了什么、何时可激活」,是 License Ops 发放 SN 的前置依据之一。
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------ | ----------- | ------------------------------- | --- |
| M3-F01 | 交付批次创建 | 关联项目/合同,批次号、计划交付日 | P0 |
| M3-F02 | 交付清单 | 交付物条目:产品实例、数量、环境说明、备注 | P0 |
| M3-F03 | 交付与合同行关联 | 每条交付行可关联合同行项,支撑对账 | P0 |
| M3-F04 | 交付状态 | 未交付、已交付、部分交付;关键状态变更留痕 | P0 |
| M3-F05 | 交付完成确认 | 责任人、完成时间、可选客户签收记录 | P0 |
| M3-F06 | 现场环境信息 | 部署地址、网络要求、联系人(敏感字段权限控制) | P1 |
| M3-F07 | 交付与 SN 发放门禁 | 规则:仅「已交付」合同范围可生成/绑定 SN(可配置为强/弱) | P1 |
| M3-F08 | 交付模板 | 按产品线预置交付清单模板 | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------ | ----------- | ------------------------------- | --- | --- |
| M3-F01 | 交付批次创建 | 关联项目/合同,批次号、计划交付日 | P0 | ✅ |
| M3-F02 | 交付清单 | 交付物条目:产品实例、数量、环境说明、备注 | P0 | ✅ |
| M3-F03 | 交付与合同行关联 | 每条交付行可关联合同行项,支撑对账 | P0 | ✅ |
| M3-F04 | 交付状态 | 未交付、已交付、部分交付;关键状态变更留痕 | P0 | ✅ 状态含 PENDING→DELIVERED→CANCELLED |
| M3-F05 | 交付完成确认 | 责任人、完成时间、可选客户签收记录 | P0 | ✅ |
| M3-F06 | 现场环境信息 | 部署地址、网络要求、联系人(敏感字段权限控制) | P1 | ○ |
| M3-F07 | 交付与 SN 发放门禁 | 规则:仅「已交付」合同范围可生成/绑定 SN(可配置为强/弱) | P1 | ◐ — 后端 deliveryGateEnabled 参数+闸门检查已实现,前端 SystemParamsView 已对接后端 API |
| M3-F08 | 交付模板 | 按产品线预置交付清单模板 | P2 | ○ |
---
@@ -126,19 +127,19 @@ flowchart TB
**定位**:SN 与激活事实的台账中心;不替代比特控制台,但与比特状态 **摘要对齐、可追溯**
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------ | -------------- | ---------------------------- | --- |
| M4-F01 | SN 手工录入/导入 | 单条新增、批量导入(模板校验、重复提示) | P0 |
| M4-F02 | SN 与合同/项目/客户绑定 | 必选关联路径之一(合同行或项目),禁止裸 SN 或仅警告 | P0 |
| M4-F03 | SN 生命周期状态 | 未发放、已发放、已激活、已冻结、已回收、异常等 | P0 |
| M4-F04 | SN 详情页 | 展示绑定关系、发放记录、激活时间、最近事件摘要 | P0 |
| M4-F05 | 激活结果回写 | 人工录入或接口同步:成功/失败及原因码分类 | P0 |
| M4-F06 | 比特控制台状态摘要 | 同一 SN 的关键字段摘要或控制台链接(只读,权限控制) | P0 |
| M4-F07 | 批量 SN 操作 | 批量绑定、批量状态变更(审批可选) | P1 |
| M4-F08 | 授权需求单 | 由合同/交付生成的「待发放 SN」清单,供 Ops 执行 | P1 |
| M4-F09 | 试用/正式/续期标签 | 与业务口径一致的标签,便于筛选与报表 | P1 |
| M4-F10 | SN 与设备关联视图 | 展示绑定 `mid` 列表与历史(依赖 M7) | P1 |
| M4-F11 | 授权策略生效视图 | 展示当前映射版本、环境(与 M6 联动) | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------ | -------------- | ---------------------------- | --- | --- |
| M4-F01 | SN 手工录入/导入 | 单条新增、批量导入(模板校验、重复提示) | P0 | ◐ 手工录入已实现,批量导入 UI 待补(后端 POST /batch-import 已就绪) |
| M4-F02 | SN 与合同/项目/客户绑定 | 必选关联路径之一(合同行或项目),禁止裸 SN 或仅警告 | P0 | ✅ |
| M4-F03 | SN 生命周期状态 | 未发放、已发放、已激活、已冻结、已回收、异常等 | P0 | ✅ 状态含 REGISTERED→ISSUED→ACTIVATED→SUSPENDED→REVOKED |
| M4-F04 | SN 详情页 | 展示绑定关系、发放记录、激活时间、最近事件摘要 | P0 | ✅ |
| M4-F05 | 激活结果回写 | 人工录入或接口同步:成功/失败及原因码分类 | P0 | ◐ 支持手工状态更新,缺原因码分类 |
| M4-F06 | 比特控制台状态摘要 | 同一 SN 的关键字段摘要或控制台链接(只读,权限控制) | **P1**(原 P0,因依赖比特控制台对接未完成降级) | ○ |
| M4-F07 | 批量 SN 操作 | 批量绑定、批量状态变更(审批可选) | P1 | ◐ — 后端 batch-import 已实现,前端批量操作 UI 待补 |
| M4-F08 | 授权需求单 | 由合同/交付生成的「待发放 SN」清单,供 Ops 执行 | P1 | ○ |
| M4-F09 | 试用/正式/续期标签 | 与业务口径一致的标签,便于筛选与报表 | P1 | ○ |
| M4-F10 | SN 与设备关联视图 | 展示绑定 `mid` 列表与历史(依赖 M7) | P1 | — 依赖 M7 |
| M4-F11 | 授权策略生效视图 | 展示当前映射版本、环境(与 M6 联动) | P2 | ○ |
---
@@ -148,18 +149,18 @@ flowchart TB
**定位**:承接比特规则 **HTTPS Callback**,保证 **不断链、可关联、可处置**
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------ | ----------- | -------------------------------------------------------------------------------------------------------------------- | --- |
| M5-F01 | 事件收件箱列表 | 按时间、事件类型、`sn`、处理状态筛选 | P0 |
| M5-F02 | 事件详情 | 展示解析后字段 + 脱敏后的原始 payload;关联 SN/合同 | P0 |
| M5-F03 | 处理状态 | 待处理、已处理、失败、忽略;处理人与时间 | P0 |
| M5-F04 | 关联解析失败兜底 | 无法关联主数据时保留事件并支持人工挂接 | P0 |
| M5-F05 | 事件类型字典 | `sn:pre_activate``sn:post_activate``device:pre_activate``device:post_activate``yunbaobao:session_logout` 等展示名与说明 | P0 |
| M5-F06 | 失败原因标注 | Ops 可选分类,便于报表 | P1 |
| M5-F07 | 批量重处理/重试入口 | 在业务允许范围内触发补偿(与后端幂等策略一致) | P1 |
| M5-F08 | 死信与积压监控视图 | 队列深度、最久未处理 TOP(与可观测联动) | P1 |
| M5-F09 | 事件驱动待办 | 自动生成待办卡片(与 M8 联动) | P1 |
| M5-F10 | 模拟投递(仅测试环境) | 联调验收工具 | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------ | ----------- | -------------------------------------------------------------------------------------------------------------------- | --- | --- |
| M5-F01 | 事件收件箱列表 | 按时间、事件类型、`sn`、处理状态筛选 | P0 | ✅ 支持多维度筛选 |
| M5-F02 | 事件详情 | 展示解析后字段 + 脱敏后的原始 payload;关联 SN/合同 | P0 | ✅ 含 payload 脱敏预览 |
| M5-F03 | 处理状态 | 待处理、已处理、失败、忽略;处理人与时间 | P0 | ✅ 状态含 PENDING→PROCESSED/FAILED/IGNORED |
| M5-F04 | 关联解析失败兜底 | 无法关联主数据时保留事件并支持人工挂接 | P0 | ✅ 支持人工挂接 SN/项目/合同 |
| M5-F05 | 事件类型字典 | `sn:pre_activate``sn:post_activate``device:pre_activate``device:post_activate``yunbaobao:session_logout` 等展示名与说明 | P0 | ✅ |
| M5-F06 | 失败原因标注 | Ops 可选分类,便于报表 | P1 | ✅ — 前端失败原因下拉 + 后端 DTO 已实现 |
| M5-F07 | 批量重处理/重试入口 | 在业务允许范围内触发补偿(与后端幂等策略一致) | P1 | ✅ 单条 + 批量重试均已实现(I8 单条 + I10 批量端点) |
| M5-F08 | 死信与积压监控视图 | 队列深度、最久未处理 TOP(与可观测联动) | P1 | ◐ — 后端 GET /stats/backlog + 前端积压统计卡片已实现 |
| M5-F09 | 事件驱动待办 | 自动生成待办卡片(与 M8 联动) | P1 | — 依赖 M8 |
| M5-F10 | 模拟投递(仅测试环境) | 联调验收工具 | P2 | ◐ — 后端 POST /simulate 已实现,前端 UI 待补 |
---
@@ -169,17 +170,17 @@ flowchart TB
**定位**:把「产品线—比特产品/模版/业务/特征 ID—环境 URL」管起来,支撑客户端 JSON 与联调。
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------ | ----------------- | -------------------------------------------------------------- | --- |
| M6-F01 | 产品线定义 | 产品线编码、名称、说明 | P0 |
| M6-F02 | 环境维度 | 开发/测试/预发/生产及对应 `bitanswer.url` 登记 | P0 |
| M6-F03 | 比特侧 ID 映射 | 产品、模版、业务 ID 与产品线+环境绑定(与控制台一致) | P1 |
| M6-F04 | 逻辑功能键 ↔ 特征项映射 | 对齐 `craftlabs-auth-config``features.*.bitanswerFeatureId` 等 | P1 |
| M6-F05 | 授权 JSON 模板管理 | 模板版本、变更说明、与 Schema 校验结果(可接 CI) | P1 |
| M6-F06 | 配置发布记录 | 谁、何时、发布了哪一版到哪一环境 | P1 |
| M6-F07 | 控制台链接与说明 | 规则 Callback URL、token 轮换登记(非密钥明文展示) | P1 |
| M6-F08 | SDK / native 版本矩阵 | 与现场客户端兼容范围说明 | P2 |
| M6-F09 | 变更影响分析 | 映射变更影响哪些在服 SN/合同(只读分析) | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------ | ----------------- | -------------------------------------------------------------- | --- | --- |
| M6-F01 | 产品线定义 | 产品线编码、名称、说明 | P0 | ✅ |
| M6-F02 | 环境维度 | 开发/测试/预发/生产及对应 `bitanswer.url` 登记 | P0 | ✅ 含 seed 数据(dev/prod |
| M6-F03 | 比特侧 ID 映射 | 产品、模版、业务 ID 与产品线+环境绑定(与控制台一致) | P1 | ✅ — 前后端均已实现(IntegrationIdMappingView |
| M6-F04 | 逻辑功能键 ↔ 特征项映射 | 对齐 `craftlabs-auth-config``features.*.bitanswerFeatureId` 等 | P1 | ✅ — 前后端均已实现(IntegrationFeatureMappingView |
| M6-F05 | 授权 JSON 模板管理 | 模板版本、变更说明、与 Schema 校验结果(可接 CI) | P1 | ◐ — 前后端 CRUD 已实现(IntegrationJsonTemplateView),Schema 校验未关联 UI |
| M6-F06 | 配置发布记录 | 谁、何时、发布了哪一版到哪一环境 | P1 | ○ |
| M6-F07 | 控制台链接与说明 | 规则 Callback URL、token 轮换登记(非密钥明文展示) | P1 | ○ |
| M6-F08 | SDK / native 版本矩阵 | 与现场客户端兼容范围说明 | P2 | ○ |
| M6-F09 | 变更影响分析 | 映射变更影响哪些在服 SN/合同(只读分析) | P2 | ○ |
---
@@ -189,14 +190,14 @@ flowchart TB
**定位**:支撑浮动、换机、终端限制类场景,与比特 `device:`* 事件及 `mid` 对齐。
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------ | ----------------- | ----------------------- | --- |
| M7-F01 | 设备登记 | `mid`、别名、场站、关联客户/项目 | P1 |
| M7-F02 | 设备与 SN 绑定历史 | 时间线:首次激活、换机、解绑 | P1 |
| M7-F03 | 换机申请与处理记录 | 轻量审批可选;处理结果与备注 | P1 |
| M7-F04 | 设备列表与检索 | 按 SN、客户、场站筛选 | P1 |
| M7-F05 | 与 Callback 设备事件联动 | 从事件跳转设备详情 | P1 |
| M7-F06 | 终端数/并发策略展示 | 只读展示合同或比特策略摘要(不重复造规则引擎) | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------ | ----------------- | ----------------------- | --- | --- |
| M7-F01 | 设备登记 | `mid`、别名、场站、关联客户/项目 | P1 | ◐ — 登记/列表已实现,字段覆盖待确认 |
| M7-F02 | 设备与 SN 绑定历史 | 时间线:首次激活、换机、解绑 | P1 | ◐ — 绑定时间线已实现,完整性待确认 |
| M7-F03 | 换机申请与处理记录 | 轻量审批可选;处理结果与备注 | P1 | ◐ — 后端 swap-request 端点已实现,审批流待补 |
| M7-F04 | 设备列表与检索 | 按 SN、客户、场站筛选 | P1 | ✅ |
| M7-F05 | 与 Callback 设备事件联动 | 从事件跳转设备详情 | P1 | ○ |
| M7-F06 | 终端数/并发策略展示 | 只读展示合同或比特策略摘要(不重复造规则引擎) | P2 | ○ |
---
@@ -206,13 +207,13 @@ flowchart TB
**定位**:把「该谁处理」说清楚,降低 Callback 与 SN 异常堆积。
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------ | ------------ | ------------------------------- | --- |
| M8-F01 | 站内待办列表 | 按角色过滤:待处理 Callback、待发放 SN、待核对激活 | P1 |
| M8-F02 | 待办认领与完成 | 状态流转与备注 | P1 |
| M8-F03 | 邮件/企业微信等一种通道 | 关键事件必达一种(可配置订阅) | P1 |
| M8-F04 | 通知模板 | 事件类型 → 模板变量 | P2 |
| M8-F05 | 静默规则 | 重复事件聚合、防骚扰 | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------ | ------------ | ------------------------------- | --- | --- |
| M8-F01 | 站内待办列表 | 按角色过滤:待处理 Callback、待发放 SN、待核对激活 | P1 | ◐ — 待办中心已上线,自动化待办生成待接入 |
| M8-F02 | 待办认领与完成 | 状态流转与备注 | P1 | ◐ — 状态流转已实现,备注功能待补 |
| M8-F03 | 邮件/企业微信等一种通道 | 关键事件必达一种(可配置订阅) | P1 | ◐ — 通知通道配置 UI 已上线,实际发送逻辑未接入 |
| M8-F04 | 通知模板 | 事件类型 → 模板变量 | P2 | ○ |
| M8-F05 | 静默规则 | 重复事件聚合、防骚扰 | P2 | ○ |
---
@@ -222,14 +223,14 @@ flowchart TB
**定位**:给管理层与 Ops **履约 vs 授权** 的一致性视图。
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------ | ---------------- | ------------------- | --- |
| M9-F01 | 合同标的 vs 已发 SN 视图 | 按合同/行项汇总应发、实发 | P1 |
| M9-F02 | 已发 vs 已激活视图 | 未激活占比、超期未激活列表 | P1 |
| M9-F03 | Callback 统计 | 按类型、状态、时间段的成功率与耗时分布 | P1 |
| M9-F04 | 导出 CSV/Excel | 权限与脱敏策略受控 | P1 |
| M9-F05 | 项目健康度看板 | 多项目并行时的红黄绿(规则可配置) | P2 |
| M9-F06 | 订阅报表 | 定期邮件推送 | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------ | ---------------- | ------------------- | --- | --- |
| M9-F01 | 合同标的 vs 已发 SN 视图 | 按合同/行项汇总应发、实发 | P1 | ◐ — ContractSnReportView 已上线,数据维度待确认 |
| M9-F02 | 已发 vs 已激活视图 | 未激活占比、超期未激活列表 | P1 | ○ |
| M9-F03 | Callback 统计 | 按类型、状态、时间段的成功率与耗时分布 | P1 | ◐ — CallbackStatsView 已上线 |
| M9-F04 | 导出 CSV/Excel | 权限与脱敏策略受控 | P1 | ◐ — 后端 GET /reports/export 已存在,前端导出按钮待补 |
| M9-F05 | 项目健康度看板 | 多项目并行时的红黄绿(规则可配置) | P2 | ◐ — ProjectHealthView 已上线,红黄绿规则可配置性待确认 |
| M9-F06 | 订阅报表 | 定期邮件推送 | P2 | ◐ — SubscriptionReportView 已上线,后端推送逻辑待确认 |
---
@@ -239,12 +240,12 @@ flowchart TB
**定位**:满足内审与客户抽样举证,**关键操作不可抵赖**。
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------- | -------- | --------------------------- | --- |
| M10-F01 | 关键字段变更日志 | 客户、合同、SN 绑定、状态变更:旧值/新值/人/时间 | P0 |
| M10-F02 | 审计检索 | 按对象 ID、用户、时间范围查询 | P1 |
| M10-F03 | 导出审计包 | 范围可选(项目/合同/时间窗),水印与权限 | P2 |
| M10-F04 | 留存策略配置 | 与法务对齐的保留周期说明(技术实现另见架构) | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------- | -------- | --------------------------- | --- | --- |
| M10-F01 | 关键字段变更日志 | 客户、合同、SN 绑定、状态变更:旧值/新值/人/时间 | P0 | ✅ |
| M10-F02 | 审计检索 | 按对象 ID、用户、时间范围查询 | P1 | ◐ — AuditSearchView 已上线,筛选维度待确认 |
| M10-F03 | 导出审计包 | 范围可选(项目/合同/时间窗),水印与权限 | P2 | ○ |
| M10-F04 | 留存策略配置 | 与法务对齐的保留周期说明(技术实现另见架构) | P2 | ◐ — AuditRetentionView 已上线,配置生效性待确认 |
---
@@ -256,36 +257,36 @@ flowchart TB
### 12.1 账户登录、登出与会话
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------- | ------------- | ----------------------------------------------- | --- |
| M11-F01 | 登录页 | 账号(工号/邮箱/登录名可配置一种为主)+ 密码登录入口;错误提示不暴露用户是否存在(防枚举) | P0 |
| M11-F02 | 登出 | 主动登出:清除服务端会话或作废令牌、前端清理本地凭证 | P0 |
| M11-F03 | 登录态保持与超时 | **空闲超时**自动登出并提示;可选「记住本次会话」策略(与安全基线平衡,默认保守) | P0 |
| M11-F04 | 未登录访问拦截 | 访问受保护路由时跳转登录页,登录成功后回跳原目标 URL(或安全白名单内路径) | P0 |
| M11-F05 | 登录失败与锁定 | 连续失败次数阈值触发**临时锁定**或验证码;解锁策略(时长/管理员解锁)可配置 | P0 |
| M11-F06 | 登录/登出审计 | 记录成功/失败登出、时间、来源 IP、客户端类型(脱敏与留存策略另定) | P0 |
| M11-F07 | 密码修改 | 已登录用户修改本人密码;校验旧密码强度与新密码策略 | P0 |
| M11-F08 | 密码重置 | 管理员重置密码或邮件/短信重置链接(通道选一种即可);重置后可选强制首次登录改密 | P1 |
| M11-F09 | 企业 SSO / OIDC | 与企业身份源单点登录;登出可与 IdP **单点登出**联动(若 IdP 支持) | P1 |
| M11-F10 | 双因素认证 MFA | TOTP/短信/企业令牌等一种;可配置为全员或高敏角色必选 | P2 |
| M11-F11 | 并发会话策略 | 同一账号是否允许多端同时在线;超出策略时踢旧会话或拒绝新登录(可配置) | P1 |
| M11-F12 | 管理员强制下线 | 安全或人事场景下终止指定用户本会话或全会话 | P1 |
| M11-F13 | 服务时间窗提示(可选) | 维护窗口登录页公告 | P2 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------- | ------------- | ----------------------------------------------- | --- | --- |
| M11-F01 | 登录页 | 账号(工号/邮箱/登录名可配置一种为主)+ 密码登录入口;错误提示不暴露用户是否存在(防枚举) | P0 | ✅ |
| M11-F02 | 登出 | 主动登出:清除服务端会话或作废令牌、前端清理本地凭证 | P0 | ✅ |
| M11-F03 | 登录态保持与超时 | **空闲超时**自动登出并提示;可选「记住本次会话」策略(与安全基线平衡,默认保守) | P0 | ◐ — 前端 idleTimer 已实现(从 systemParams 读取 sessionTimeoutMinutes),后端会话管理待补 |
| M11-F04 | 未登录访问拦截 | 访问受保护路由时跳转登录页,登录成功后回跳原目标 URL(或安全白名单内路径) | P0 | ✅ |
| M11-F05 | 登录失败与锁定 | 连续失败次数阈值触发**临时锁定**或验证码;解锁策略(时长/管理员解锁)可配置 | P0 | ○ |
| M11-F06 | 登录/登出审计 | 记录成功/失败登出、时间、来源 IP、客户端类型(脱敏与留存策略另定) | P0 | ✅ |
| M11-F07 | 密码修改 | 已登录用户修改本人密码;校验旧密码强度与新密码策略 | P0 | ✅ — Profile 页改密弹窗已实现 |
| M11-F08 | 密码重置 | 管理员重置密码或邮件/短信重置链接(通道选一种即可);重置后可选强制首次登录改密 | P1 | ◐ — 后端 `POST /admin/reset-password` 已实现(非空操作),前端管理 UI 待补 |
| M11-F09 | 企业 SSO / OIDC | 与企业身份源单点登录;登出可与 IdP **单点登出**联动(若 IdP 支持) | P1 | ○ |
| M11-F10 | 双因素认证 MFA | TOTP/短信/企业令牌等一种;可配置为全员或高敏角色必选 | P2 | ○ |
| M11-F11 | 并发会话策略 | 同一账号是否允许多端同时在线;超出策略时踢旧会话或拒绝新登录(可配置) | P1 | ○ |
| M11-F12 | 管理员强制下线 | 安全或人事场景下终止指定用户本会话或全会话 | P1 | ○ |
| M11-F13 | 服务时间窗提示(可选) | 维护窗口登录页公告 | P2 | ○ |
### 12.2 用户、角色与权限配置(管理侧)
| 功能点 ID | 功能点名称 | 说明 | 优先级 |
| ------- | ---------------- | --------------------------------------------- | --- |
| M11-F14 | 用户与账号生命周期 | 创建、启用/禁用、离职归档;与 SSO 时同步外部主键 | P0 |
| M11-F15 | 角色定义与分配 | 预置角色(见 §13)+ 可选自定义角色;用户可挂多角色 | P0 |
| M11-F16 | 功能权限(RBAC | 菜单、按钮、API 操作与 **§13 权限码** 对齐;支持按环境预览「某用户看见什么」 | P0 |
| M11-F17 | 数据范围(Data Scope) | 按事业部/区域/客户组限制列表可见行(与 M11-F18 二选一或组合) | P2 |
| M11-F18 | 数据属主/团队 | 如「仅本人负责客户」「本团队项目」(字段:负责人、协作人) | P1 |
| M11-F19 | 业务字典 | 合同类型、交付类型、SN 异常原因分类等 | P0 |
| M11-F20 | 系统参数 | 「孤儿 SN」强校验、交付门禁、会话超时分钟数、密码策略等 | P1 |
| M11-F21 | 管理员敏感操作留痕 | 改角色、改权限、强制下线、重置密码等单独记审计 | P1 |
| 功能点 ID | 功能点名称 | 说明 | 优先级 | 实现状态 |
| ------- | ---------------- | --------------------------------------------- | --- | --- |
| M11-F14 | 用户与账号生命周期 | 创建、启用/禁用、离职归档;与 SSO 时同步外部主键 | P0 | ◐ — 后端 CRUD + 前端管理页面已实现(`/admin/users`),SSO 同步未做 |
| M11-F15 | 角色定义与分配 | 预置角色(见 §13)+ 可选自定义角色;用户可挂多角色 | P0 | ◐ 仅实现 SYS_ADMIN/DEVELOPER/OPS 三角色,产品定义 10+ 角色待补齐 |
| M11-F16 | 功能权限(RBAC | 菜单、按钮、API 操作与 **§13 权限码** 对齐;支持按环境预览「某用户看见什么」 | P0 | ◐ 路由级 RBAC 已实现,按钮级权限码未落地 |
| M11-F17 | 数据范围(Data Scope) | 按事业部/区域/客户组限制列表可见行(与 M11-F18 二选一或组合) | P2 | ○ |
| M11-F18 | 数据属主/团队 | 如「仅本人负责客户」「本团队项目」(字段:负责人、协作人) | P1 | ○ |
| M11-F19 | 业务字典 | 合同类型、交付类型、SN 异常原因分类等 | P0 | ✅ |
| M11-F20 | 系统参数 | 「孤儿 SN」强校验、交付门禁、会话超时分钟数、密码策略等 | P1 | ✅ — SystemParamController + platform_system_param 表 + 前端对接后端 API 已实现 |
| M11-F21 | 管理员敏感操作留痕 | 改角色、改权限、强制下线、重置密码等单独记审计 | P1 | ○ |
> **说明**:原 M11-F01F06 已拆并至 **12.1 / 12.2**;实现时功能点 ID 以研发 backlog 为准,本文 ID 供需求追溯。
@@ -303,19 +304,21 @@ flowchart TB
### 13.2 预置角色定义
| 角色代码 | 角色名称 | 定位 | 典型职责 |
| ---------------- | --------- | --------- | ---------------------------------------- |
| `SYS_ADMIN` | 系统管理员 | 平台配置与账号治理 | 用户/角色/字典/系统参数;**不默认拥有业务全量数据**时可配置为「仅管理」 |
| `SECURITY_ADMIN` | 安全管理员(可选) | 账号与登录安全 | 锁定策略、强制下线、审计检索;与 `SYS_ADMIN` 分离(职责分离,P2 |
| `SALES` | 商务经理 | 客户与签约侧 | 客户项目合同维护;发起交付与授权需求 |
| `ORDER_SUPPORT` | 订单/运营支持 | 履约对齐 | 合同行与 SKU、订单号关联;协助商务核对「卖授一致」 |
| `DELIVERY` | 交付工程师 | 现场交付 | 交付批次与清单、环境信息、交付完成确认 |
| `LICENSE_OPS` | 授权运营 | 许可台账与比特协同 | SN 全生命周期、Callback 处置、与控制台操作配合 |
| `DEV_SUPPORT` | 研发/集成支撑 | 技术排障 | Callback 技术字段、集成配置**只读或受限编辑**;无业务合同删除权 |
| `FINANCE_VIEW` | 财务只读 | 对账与收入支撑 | 报表与合同/SN **只读**;无改密权外的写权限 |
| `COMPLIANCE` | 合规/审计 | 抽查与导出 | 审计日志、导出包;业务数据多为 **只读** |
| `EXEC_VIEW` | 管理层只读 | 经营视图 | 报表与健康度看板 **只读** |
| `READONLY_ALL` | 业务只读(可选) | 跨模块浏览 | 全业务 **只读**,用于培训或二线;敏感字段仍脱敏 |
| 角色代码 | 角色名称 | 定位 | 典型职责 | 当前实现 |
| ---------------- | --------- | --------- | ---------------------------------------- | --- |
| `SYS_ADMIN` | 系统管理员 | 平台配置与账号治理 | 用户/角色/字典/系统参数;**不默认拥有业务全量数据**时可配置为「仅管理」 | ✅ |
| `DEVELOPER` | 研发/开发人员 | 技术研发与调试 | M1~M4/M6 业务 CRUD + 集成配置只读;**无** Callback 处置权限 | ✅ *注:产品定义中无此角色,为 MVP 简化引入,I10 起废弃,由 SALES 替代* |
| `OPS` | 运营人员 | 许可运营 | Callback 处置 + 集成配置只读;**无** 客户/项目/合同/交付/SN 写权限 | ✅ *注:产品定义中无此角色,为 MVP 简化引入,I10 起废弃,由 LICENSE_OPS 替代* |
| `SECURITY_ADMIN` | 安全管理员(可选) | 账号与登录安全 | 锁定策略、强制下线、审计检索;与 `SYS_ADMIN` 分离(职责分离,P2 | ○ |
| `SALES` | 商务经理 | 客户与签约侧 | 客户、项目、合同维护;发起交付与授权需求 | ✅ I10 已实现—替代原 DEVELOPER 角色 |
| `ORDER_SUPPORT` | 订单/运营支持 | 履约对齐 | 合同行与 SKU、订单号关联;协助商务核对「卖授一致」 | ○ *产品定义角色,仍在规划* |
| `DELIVERY` | 交付工程师 | 现场交付 | 交付批次与清单、环境信息、交付完成确认 | ✅ I10 已实现(售前演示账号 delivery/delivery |
| `LICENSE_OPS` | 授权运营 | 许可台账与比特协同 | SN 全生命周期、Callback 处置、与控制台操作配合 | ✅ I10 已实现—替代原 OPS 角色 |
| `DEV_SUPPORT` | 研发/集成支撑 | 技术排障 | Callback 技术字段、集成配置**只读或受限编辑**;无业务合同删除权 | ○ |
| `FINANCE_VIEW` | 财务只读 | 对账与收入支撑 | 报表与合同/SN **只读**;无改密权外的写权限 | ○ |
| `COMPLIANCE` | 合规/审计 | 抽查与导出 | 审计日志、导出包;业务数据多为 **只读** | ○ |
| `EXEC_VIEW` | 管理层只读 | 经营视图 | 报表与健康度看板 **只读** | ○ |
| `READONLY_ALL` | 业务只读(可选) | 跨模块浏览 | 全业务 **只读**,用于培训或二线;敏感字段仍脱敏 | ○ |
**多角色**:用户可同时拥有 `SALES` + `DELIVERY` 等,权限取**并集**;互斥规则(如 `SYS_ADMIN` 与业务高敏导出)由企业策略在实现时约束。
@@ -371,20 +374,20 @@ flowchart TB
### 13.5 与版本包的关系(对应 §14)
- **MVPP0**:§12.1 的 F01F07 + §12.2 的 F14F16 + F19;§13.2 至少落地 `SYS_ADMIN``SALES``DELIVERY``LICENSE_OPS``ORDER_SUPPORT``EXEC_VIEW`(或合并只读角色);§13.3 矩阵可先 **粗粒度**(模块级),Mid 再拆按钮级权限码
- **MidP1**SSO、会话并发、强制下线密码重置、数据属主/团队;`DEV_SUPPORT``FINANCE_VIEW`;权限码全量挂菜单/接口
- **FullP2**MFA、`SECURITY_ADMIN`、事业部数据范围、细粒度互斥策略。
- **MVPI1I9,已完成**:§12.1 的 F01/F02/F04/F06 + §12.2 的 F14(基础)/F15(简化三角色)/F16(路由级)/F19;§13.2 **实际落地 `SYS_ADMIN` + `DEVELOPER` + `OPS`**(简化角色集,非产品定义全量);§13.3 矩阵 **粗粒度模块级**。MVP 未覆盖的 P0 项(如 M1-F03/F06、M11-F03/F05/F07)标记为已知缺口,Mid 阶段补齐
- **MidI10I13,待实现)**M7 设备 + M8 通知/待办 + M9 报表对账 + 补齐 MVP 遗留 P0 + M2/M4/M5/M6 P1 增强项 + SSO/并发会话/强制下线/密码重置 + 废弃 `DEVELOPER`/`OPS`,落地产品定义角色集
- **FullV2.0,规划**MFA、`SECURITY_ADMIN`、事业部数据范围、审计导出包、CRM 同步、细粒度互斥策略。
---
## 14. 按版本包的功能边界(与 P0 / P1 / P2 对齐)
| 版本包 | 包含模块与要点 |
| -------- | ------------------------------------------------------------------------------------------------------------------------- |
| **MVP** | M1M2M3M4 核心功能 + M5 收件箱与基础处置 + M6 环境产品线最小集 + **M11 §12.1(登录/登出/会话/审计)+ §12.2 用户角色权限与字典** + M10-F01角色矩阵 **§13.3 粗粒度** |
| **Mid** | MVP + M7 + M8 + M9 主体 + M2/M4/M5/M6 增强 + M10-F02 + **M11 SSO/并发/强制下线/重置密码/数据属主** + **权限码细拆** |
| **Full** | Mid + M2/M6/M9/M10/M11 的 P2 项 + M1/M8 集成与智能化增强 + **MFA、安全管理员、数据范围** |
| 版本包 | 状态 | 包含模块与要点 |
| -------- | --- | ---------- |
| **MVPI1I9** | ✅ **已完成** | M1/M2/M3/M4 核心功能 + M5 收件箱与处置 + M6 环境/产品线只读 + M10 审计日志 + **M11 JWT 登录/路由守卫/粗粒度三角色/字典**角色矩阵 **§13.3 粗粒度(简化三角色)**;自研许可证管理(V6)为额外交付。详见 §16 原型章节。 |
| **MidI10I13** | 🕐 **进行中** | MVP + M7 设备 + M8 通知待办 + M9 报表对账 + 补齐 MVP 未覆盖的 P0 项 + M2/M4/M5/M6 P1 增强 + M10-F02 审计检索 + **M11 SSO/并发/强制下线/密码重置/数据属主** + **权限码细拆** + **角色模型对标产品定义集** |
| **FullV2.0** | 📋 **规划中** | Mid + M2/M6/M9/M10/M11 的 P2 项 + M1/M8 集成与智能化增强 + **MFA、安全管理员、事业部数据范围、审计导出包、CRM 同步** |
---
@@ -396,5 +399,134 @@ flowchart TB
| ---------- | ---------------------------------------------------------------------------------- |
| 2026-04-06 | 初版:产品视角模块划分与功能点表。 |
| 2026-04-06 | 增补:M11 扩展为身份/访问/平台管理;**登录/登出/会话**功能点;**§13 角色与权限体系**(预置角色、模块矩阵、权限码示例);版本包与 §14 对齐。 |
| 2026-05-25 | **全面更新**:所有功能点表增加「实现状态」列,标注 ✅/◐/○;M4-F06 降级至 P1;§13 角色表增加当前实现对照列;§14 版本包反映 I1~I9 完成状态;新增 **§16 原型实现说明**。 |
---
## 16. 原型实现说明(I1~I9 迭代交付)
> 本章记录 **2026-04 至 2026-05I1I9)** 已交付原型的具体范围,供产品验收、集成方评估与后续迭代规划使用。原型基于 **三轨并行**(后端双 JAR + 前端 Vue + 客户端 SDK)模式交付。
### 16.1 原型定位与范围
| 维度 | 说明 |
|------|------|
| **迭代范围** | I1(脚手架/M11)→ I9Webhook 出库状态只读),共 9 个迭代 |
| **原型目标** | 跑通 BP-01~06、11 主链路:客户→项目→合同→交付→SN→Callback→审计 |
| **交付形态** | 两枚 Fat JARdelivery-platform-api :8080 + license-webhook-ingress :8081+ Vue 3 SPA + Rust cdylib + Java SDK JAR |
| **部署方式** | Docker ComposePostgreSQL 15 + 双 JAR + Prometheus/Grafana 可选)或单机 `java -jar` |
| **覆盖模块** | M1M6 P0 核心功能 + M10-F01 + M11 基础身份与访问 + 自研许可证管理(V6 额外) |
### 16.2 前端原型(delivery-platform-ui
| 页面 | 路由 | 对应模块 | 实现说明 |
|------|------|---------|---------|
| 登录页 | `/login` | M11 | JWT Bearer 认证,演示账号 `admin/admin``ops/ops` |
| 首页 | `/` | — | 角色感知的模块快捷链接 + `GET /api/v1/ping` 调试 |
| 客户管理 | `/customers` | M1 | 列表/搜索/分页/新建/编辑对话框/删除(软删) |
| 项目管理 | `/projects` | M1 | 列表/按客户筛选/新建/编辑/删除(物理删) |
| 合同管理 | `/contracts` | M2 | 列表 + 三步创建向导 + 详情(状态机操作、行项管理、审计列表) |
| 交付管理 | `/deliveries` | M3 | 列表 + 新建向导 + 详情(抬头编辑、行项管理、状态变更) |
| 许可 SN | `/licenses/sn` | M4 | 列表 + 新建 + 详情(绑定/状态变更) |
| Callback 收件箱 | `/callbacks` | M5 | 列表(多维筛选)+ 详情(payload 脱敏预览、人工挂接、状态处置、DEAD 重放、出库状态) |
| 集成环境 | `/integration/environments` | M6 | 只读列表 |
| 产品线 | `/integration/product-lines` | M6 | 只读列表 |
| 403/404 | `/403` / `/*` | M11 | 路由级无权限/未找到提示 |
**技术栈**Vue 3 (Composition API) + Vite + Pinia + vue-router + axios + Element Plus。Token 存 `localStorage`(**已知安全缺陷**Mid 阶段应迁移至 HttpOnly Cookie)。
### 16.3 后端 API 原型
#### delivery-platform-api:8080
| Controller | 路由前缀 | 覆盖的模块 | 关键端点 |
|-----------|---------|-----------|---------|
| `AuthController` | `POST /api/v1/auth/login` | M11 | 登录(返回 JWT |
| `CustomerController` | `/api/v1/customers` | M1 | CRUD + 分页列表 + 软删 |
| `ProjectController` | `/api/v1/projects` | M1 | CRUD + 分页列表 + 物理删 |
| `ContractController` | `/api/v1/contracts` | M2 | CRUD + 行项管理 + 状态机 PATCH |
| `DeliveryBatchController` | `/api/v1/delivery-batches` | M3 | CRUD + 行项管理 + 状态 PATCH |
| `LicenseSnController` | `/api/v1/license-sns` | M4 | CRUD + 状态 PATCH |
| `LicenseController` | `/api/v1/licenses` | 自研许可 | License CRUD + 激活 + 过期(V6 额外) |
| `CallbackInboxController` | `/api/v1/callback-inbox` | M5 | 列表/详情/状态 PATCH/人工挂接/重放 Webhook 出库 |
| `IntegrationCatalogController` | `/api/v1/integration/*` | M6 | 产品线/环境只读列表与详情 |
| `PingController` | `/api/v1/ping` | — | 健康探测 |
| `CallbackInternalController` | `/internal/v1/callback-events` | M5 | Webhook→平台内部投递入口 |
**安全**JWT Bearer`PLATFORM_JWT_SECRET`+ 内部共享 Token`X-Platform-Internal-Token`+ 角色路由 `/api/v1/auth/login` `/actuator/health` 免认证。
#### license-webhook-ingress:8081
| Controller | 路径 | 职责 |
|-----------|------|------|
| `CallbackIngestController` | `POST /webhook/bitanswer/callback` | 比特 Callback 入站:验签(`x-bitanswer-token`)、幂等(`Idempotency-Key``externalMessageId`)、落收据表、入队投递 |
| `WebhookPlatformDeliveryOpsController` | `GET …/by-receipt/{receiptId}` | 出库状态只读查询 |
| `WebhookPlatformDeliveryOpsController` | `POST …/by-receipt/{receiptId}/replay` | DEAD 行重放 |
**安全**`CRAFTLABS_WEBHOOK_EXPECTED_TOKEN` + `X-Webhook-Ops-Token`I8 起)。
### 16.4 Rust 核心库原型(native/craft-core
| 模块 | 文件 | 实现程度 |
|------|------|---------|
| **C ABI** | `lib.rs` | ✅ 8 个导出函数:`craft_initialize/activate/check_license/get_license_info/has_feature/release/heartbeat/destroy` |
| **Provider trait** | `trait_provider.rs` | ✅ 定义 Provider 接口:initialize/activate/check_license/heartbeat/has_feature/release/get_license_info/close |
| **自研 Provider** | `provider_selfhosted/` | ✅ 完整实现:activate + heartbeat + cache + license + protocol |
| **加密模块** | `crypto.rs` | ✅ AES-256-GCM 加解密、HKDF 密钥派生、RSA PKCS1v15 签名验证 |
| **设备指纹** | `device.rs` | ✅ 设备标识生成与校验 |
| **安全加固** | `security/` | ✅ 反调试(`anti_debug.rs`)、代码混淆(`obfuscation.rs`)、字符串加密(`string_encrypt.rs`)、完整性校验(`integrity.rs`)、动态 API 解析(`dynamic_api.rs` |
| **许可管理** | `license.rs` / `activate.rs` / `heartbeat.rs` / `session.rs` / `error.rs` | ✅ 核心许可状态、激活/心跳业务流程、错误码定义 |
| **公钥嵌入** | `build.rs` | ✅ 构建时嵌入 RSA 公钥 |
**已知局限**:仅实现 `SelfHostedProvider``BitAnswerProvider` 在 Rust 侧未实现。
### 16.5 Java SDK 原型(java/
| 模块 | 覆盖率 | 说明 |
|------|--------|------|
| `craftlabs-auth-core` | ✅ `AuthConfigs`(解析/校验/序列化)+ `AuthConfig`/`AuthConfigs` 配置模型 + `AuthProvider` 接口 + `AuthResult` + `LicenseInfo` + `NativeBridge`JNI 接口声明) |
| `craftlabs-auth-bitanswer` | ⚠️ `BitAnswerProvider` 实现 `AuthProvider` 接口但 **JNI 未对接真实原生库**,属于 Stub 状态 |
| `craftlabs-auth-selfhosted` | ⚠️ `SelfHostedAuthProvider` 基础实现,未对接 Rust 核心库(当前为独立 Java 实现) |
| `craftlabs-auth-tests` | ✅ Schema 校验测试 + BitAnswerProvider 基础测试 |
| `schemas/craftlabs-auth-config.schema.json` | ✅ 完整 JSON Schema Draft 2020-12,支持 3 种 scenario + 2 种 provider |
### 16.6 原型已知局限
以下为审计发现的 25 个问题中与原型直接相关的重大局限:
| 类别 | 问题 | 影响 | 计划迭代 |
|------|------|------|---------|
| **安全** | 前端 Token 存 `localStorage`(非 HttpOnly Cookie | XSS 窃取风险 | Mid |
| **安全** | Callback `raw_payload` 全字段明文落库 | 可能含 PII,未脱敏 | I10 |
| **SDK** | `BitAnswerProvider` 未对接真实原生库 | SDK 无法实际与比特安索通信 | Mid |
| **SDK** | Java SelfHostedProvider 未调用 Rust 核心 | 自研授权路径不通 | Mid |
| **角色** | 仅实现 3 个角色(产品定义 10+),存在 `DEVELOPER`/`OPS` 非标角色 | 角色模型与产品定义不匹配 | I12 |
| **M1** | 客户表缺行业/地址/开票信息、项目表缺计划起止/项目经理 | 字段覆盖不足 | I10 |
| **M4** | 比特控制台状态摘要未实现(原 P0) | 需跳转比特控制台查看 | P1/Mid |
| **M6** | 产品线→比特 ID 映射、特征映射、JSON 模板管理均未实现 | BP-10 配置发布流程不完整 | Mid |
| **M7M9** | 设备/通知/报表模块完全未开始 | Mid 核心范围 | I10I12 |
| **测试** | 无 Playwright E2E 测试 | 回归覆盖不足 | I10 |
| **基础设施** | 无消息队列,Webhook→API 走轮询 HTTP | 无削峰能力,高并发受限 | I11 |
### 16.7 从原型到产品化的演进路径
```mermaid
flowchart LR
subgraph MVP["MVP(已完成 I1I9"]
A["BP-0106+11 主链路<br/>M1M6 P0 + M10-F01 + M11 基础<br/>自研许可证 V6 额外"]
end
subgraph Mid["MidI10I13"]
B["补齐 M1/M4/M11 P0 缺口<br/>M7 设备 + M8 通知 + M9 报表<br/>M2/M5/M6 P1 增强<br/>SSO + 角色模型对齐<br/>BitAnswerProvider 对接"]
end
subgraph Full["FullV2.0"]
C["MFA / SECURITY_ADMIN<br/>数据范围 / 审计导出<br/>CRM 同步 / 变更治理<br/>消息队列 / 读模型分离"]
end
MVP --> Mid --> Full
```
**关键里程碑**
- **当前**:MVP 原型已完成,可支撑一条真实或准生产项目全链路 UAT
- **Mid(目标 T0+24~28 周)**:具备设备治理、通知协作、对账报表,角色模型对标产品定义
- **Full(目标 T0+34~42 周)**:合规审计、深度集成、规模化运营能力
docs/superpowers/plans/2026-05-25-remaining-gaps-wbs.md
+282
View File
@@ -0,0 +1,282 @@
# 剩余缺口 WBS 任务拆解与排期计划
> **基于**:PRD vs 代码实现状态完整审计(2026-05-25)
> **范围**:全部 ⚠️ 部分实现 + ❌ 未实现 功能点
> **涉及**:平台后端/前端 + 客户端 SDK
---
## 迭代路线图
| 迭代 | 周期 | 聚焦 | 任务数 | 估计工时 |
|------|------|------|--------|---------|
| **I14** | T0+1W | P0 缺口修复 + 审计修复 | 7 | 12h |
| **I15** | T0+2W | P1 增强(M2/M3/M4 | 6 | 14h |
| **I16** | T0+3W | P1 增强(M5/M6/M8/M11 | 8 | 16h |
| **I17** | T0+4W | SDK JNI 桥接 + 单元测试 | 3 | 16h |
| **V2.1** | T0+6W | P2 功能 + 其他语言封装 | 8 | 20h |
---
## 迭代 I14P0 缺口修复(12h
### I14-T1: M1-F06 项目干系人(2h
**文件:**
- Create: `services/.../db/migration/V17__project_stakeholder.sql`
- Create: `services/.../persistence/project/PlatformProjectStakeholder.java`
- Create: `services/.../persistence/project/PlatformProjectStakeholderMapper.java`
- Create: `services/.../web/dto/StakeholderRequest.java`
- Create: `services/.../web/dto/StakeholderResponse.java`
- Modify: `services/.../project/ProjectController.java`
- Modify: `services/.../service/ProjectService.java`
- Create: `web/.../views/ProjectStakeholderDialog.vue`
- Modify: `web/.../views/ProjectsView.vue`
**DB:**
```sql
CREATE TABLE platform_project_stakeholder (
id BIGSERIAL PRIMARY KEY,
project_id BIGINT NOT NULL REFERENCES platform_project(id),
contact_name VARCHAR(128) NOT NULL,
contact_role VARCHAR(64),
phone VARCHAR(32),
email VARCHAR(128),
is_internal BOOLEAN DEFAULT FALSE,
created_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
```
**工作量:** 后端 2h + 前端 1h
---
### I14-T2: M2-F01 合同日期字段(1h
**文件:**
- Create: `services/.../db/migration/V18__contract_date_fields.sql`
- Modify: `services/.../persistence/contract/PlatformContract.java`
- Modify: `services/.../web/dto/ContractCreateRequest.java`
- Modify: `services/.../web/dto/ContractUpdateRequest.java`
- Modify: `services/.../web/dto/ContractResponse.java`
- Modify: `services/.../service/ContractService.java`
- Modify: `services/.../contracts/ContractController.java`
- Modify: `web/.../views/ContractWizardView.vue`
**DB:**
```sql
ALTER TABLE platform_contract
ADD COLUMN signing_date DATE,
ADD COLUMN effective_date DATE,
ADD COLUMN end_date DATE;
```
---
### I14-T3: M2-F04 行项 amount 字段 UI 补全(0.5h
**文件:**
- Modify: `web/.../views/ContractDetailView.vue`(添加 amount字段到行项对话框)
- Modify: `web/.../views/ContractWizardView.vue`(添加 amount到行项表)
---
### I14-T4: M4-F05 激活原因码分类(1.5h
**文件:**
- Modify: `services/.../api/web/dto/LicenseSnStatusPatchRequest.java`
- Modify: `services/.../api/service/LicenseSnService.java`
- Modify: `web/.../views/LicenseSnDetailView.vue`
在状态变更对话框中增加「原因码」下拉字段:ACTIVATION_SUCCESS / ACTIVATION_FAILED / MANUAL_CHANGE / EXPIRED
---
### I14-T5: M10-F02 审计 userId 筛选(1h
**文件:**
- Modify: `services/.../api/service/AuditService.java`searchAuditEvents加userId参数)
- Modify: `services/.../api/audit/AuditController.java`
---
### I14-T6: M11-F05 登录锁定逻辑接入(2h)
**文件:**
- Modify: `services/.../api/auth/AuthController.java`
`AuthController.login()` 中,硬编码用户校验之前插入:
1. 查询 `platform_login_attempt` 表统计最近15分钟内该用户的失败次数
2. 如果 >= 5 次,返回 429 "账户已临时锁定"
3. 登录成功后清除失败记录
---
### I14-T7: M11-F16 v-permission 扩展到全部页面(4h
**文件:**
- Modify: 所有 20+ 个 Vue 页面的 CRUD 操作按钮
为每个页面的 新建/编辑/删除 按钮添加 `v-permission` 指令,权限码按模块命名:
- `customer:rw` / `customer:delete`
- `project:rw` / `project:delete`
- `contract:rw`
- `delivery:rw`
- `license:sn:rw` / `license:sn:batch-import`
- `callback:process`
- `integration:config:rw`
- `device:rw`
- `todo:process`
- `report:view` / `report:export`
- `audit:search` / `audit:export`
---
## 迭代 I15P1 增强(M2/M3/M4)(14h
### I15-T1: M2-F06 合同与订单关联(2h
**文件:**
- Create: `services/.../db/migration/V19__order_linking.sql`
- Modify: `services/.../persistence/contract/PlatformContract.java`
- Modify: `web/.../views/ContractDetailView.vue`
### I15-T2: M2-F08 SKU 规则映射(3h
**文件:**
- Create: `services/.../db/migration/V20__sku_mapping.sql`
- Create: `services/.../api/persistence/integration/PlatformSkuMapping.java`
- Modify: `services/.../api/service/IntegrationCatalogService.java`
- Create: `web/.../views/IntegrationSkuMappingView.vue`
### I15-T3: M3-F06 现场环境信息(1.5h
**文件:**
- Create: V21 migration for field_env_info on platform_delivery_batch
- Modify: DeliveryBatchDetailView.vue 增加字段
### I15-T4: M3-F07 交付-SN 门禁逻辑(2h
**文件:**
- Modify: `services/.../service/LicenseSnService.java`
- SN 创建/绑定时,校验 `platform_delivery_batch.status = DELIVERED`
### I15-T5: M4-F06 比特控制台链接(1.5h
**文件:**
- Modify: `web/.../views/LicenseSnDetailView.vue`
-`platform_integration_environment.bitanswer_base_url` 构建控制台链接
### I15-T6: M4-F07/F08/F09 批量操作/需求单/标签(4h)
**文件:**
- 批量绑定额外对话框
- 授权需求单视图
- SN 标签字段
---
## 迭代 I16P1 增强(M5/M6/M8/M11)(16h
### I16-T1: M5-F06 失败原因标注(1.5h
### I16-T2: M5-F07 批量重试(2h
### I16-T3: M6-F04 特征映射管理(3h
### I16-T4: M8-F03/F04 邮件/企微通知 + 模板(3h)
### I16-T5: M11-F08/F11/F12 密码重置/并发会话/强制下线(4h)
### I16-T6: M11-F18/F20/F21 数据属主/系统参数/敏感操作审计(2.5h)
---
## 迭代 I17SDK JNI 桥接(16h
### I17-T1: Rust JNI bridge.cpp 实现(8h
**关键修复:** NativeBridge.java 引用的 JNI 函数在 Rust 侧无对应实现。需要:
1.`native/craft-core/` 中新增 JNI 桥接模块
2. 实现 `Java_cn_craftlabs_auth_internal_NativeBridge_nativeInitialize` 等 8 个 JNI 函数
3. 每个 JNI 函数调用 Rust C ABI 对应的 `craft_*` 函数
### I17-T2: Java SDK 单元测试(4h
为 BitAnswerProvider 和 SelfHostedAuthProvider 编写集成测试:
- 配置解析测试
- Provider 初始化/激活/校验测试(Mock 模式)
### I17-T3: 端到端集成测试(4h
- Rust 核心库编译 + Java SDK 调用验证
- 完整激活 → 校验 → 心跳链路
---
## V2.1P2 功能 + 多语言封装(20h)
| 任务 | 工时 | 说明 |
|------|------|------|
| M1-F07 客户/项目冻结 | 1.5h | |
| M1-F08 客户合并 | 2h | |
| M1-F09 CRM 同步 | 3h | 外部依赖 |
| M5-F10 模拟投递 | 1.5h | 仅测试环境 |
| M6-F08/F09 版本矩阵/影响分析 | 3h | |
| M9-F06 订阅报表 | 2h | |
| M10-F04 留存策略 | 1h | |
| M11-F09/F10 SSO/MFA | 4h | 外部依赖 |
| C#/Python SDK 封装(选1个) | 8h | 视需求 |
---
## 依赖关系图
```mermaid
flowchart LR
subgraph I14["I14: P0修复"]
T1[I14-T1: 项目干系人]
T2[I14-T2: 合同日期]
T3[I14-T3: amount UI]
T4[I14-T4: 激活原因码]
T5[I14-T5: 审计筛选]
T6[I14-T6: 登录锁定]
T7[I14-T7: v-permission扩展]
end
subgraph I15["I15: P1增强"]
T8[I15-T1: 订单关联]
T9[I15-T2: SKU映射]
T10[I15-T3: 环境信息]
T11[I15-T4: 交付门禁]
T12[I15-T5: 比特链接]
T13[I15-T6: 批量操作]
end
subgraph I16["I16: P1增强"]
T14[I16-T1~T6]
end
subgraph I17["I17: SDK JNI"]
T15[I17-T1: JNI bridge]
T16[I17-T2: 单元测试]
T17[I17-T3: 端到端测试]
end
subgraph V21["V2.1: P2+封装"]
T18[V2.1: P2/封装]
end
I14 --> I15 --> I16
I17 -.->|可并行| I16
I15 --> V21
I16 --> V21
```
---
## 工作量汇总
| 迭代 | 聚焦 | 任务数 | 工时 | 交付物 |
|------|------|--------|------|--------|
| **I14** | P0 缺口修复 | 7 | 12h | 干系人/合同日期/登录锁定/v-permission |
| **I15** | M2/M3/M4 P1 增强 | 6 | 14h | 订单/SKU/环境/门禁/批量 |
| **I16** | M5/M6/M8/M11 P1 增强 | 6 | 16h | 通知/特征映射/通知/安全 |
| **I17** | SDK JNI 桥接 | 3 | 16h | JNI bridge/测试 |
| **V2.1** | P2 + 多语言封装 | 8 | 20h | 冻结/合并/SSO/封装 |
| **总计** | | **30** | **78h** | |
docs/superpowers/plans/2026-05-25-remaining-work-wbs.md
+425
View File
@@ -0,0 +1,425 @@
# 原型完善 WBS 执行计划 — P0/P1/P2 任务拆解
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task.
**Goal:** 基于原型复盘结论,按优先级分 5 个迭代完成全部 15 个遗留工作项
**Architecture:** 增量修改现有代码,不重构。后端 Spring Boot + MyBatis-Plus,前端 Vue 3 + Element Plus,遵循已有代码模式。每次迭代产出可编译、可运行的增量。
**Tech Stack:** Java 17, Spring Boot 3.4.5, MyBatis-Plus, Vue 3 (Composition API), Element Plus, Pinia, PostgreSQL 15
---
## 迭代路线图
| 迭代 | 周期 | 聚焦 | 任务数 | 估计工时 |
|------|------|------|--------|---------|
| **I10** | T0+1W | M1 字段补齐 + M4 批量导入 | 4 | 8.5h |
| **I11** | T0+2W | M2 增强 + M11 基础安全 | 5 | 10.5h |
| **I12** | T0+3W | M6 配置管理 | 2 | 7h |
| **I13** | T0+4W | M9 CSV + M10 审计 | 2 | 5h |
| **V2.0** | T0+6W | M11 角色模型重构 | 2 | 14h |
---
## 迭代 I10:M1 字段补齐 + M4 批量导入(P0)
### Task I10-1: M1 客户表加字段(行业/地址/开票信息)
**Files:**
- Create: `services/delivery-platform-api/src/main/resources/db/migration/V9__m1_customer_fields.sql`
- Modify: `services/delivery-platform-api/src/main/java/.../persistence/customer/PlatformCustomer.java`
- Modify: `services/delivery-platform-api/src/main/java/.../customer/CustomerController.java`
- Modify: `services/delivery-platform-api/src/main/java/.../web/dto/CustomerRequest.java`
- Modify: `services/delivery-platform-api/src/main/java/.../web/dto/CustomerResponse.java`
- Modify: `web/delivery-platform-ui/src/views/CustomersView.vue`
**DB Migration:**
```sql
-- V9__m1_customer_fields.sql
ALTER TABLE platform_customer
ADD COLUMN IF NOT EXISTS industry VARCHAR(128),
ADD COLUMN IF NOT EXISTS address TEXT,
ADD COLUMN IF NOT EXISTS billing_info TEXT,
ADD COLUMN IF NOT EXISTS customer_code VARCHAR(64);
```
**Backend:**
- `PlatformCustomer.java`: 添加 `industry`, `address`, `billingInfo`, `customerCode` 字段 (String, OffsetDateTime 无需)
- `CustomerRequest.java`: 添加 industry, address, billingInfo, customerCode 字段 + getters/setters
- `CustomerResponse.java`: 同前
- `CustomerController.java`: 在 create/update 中透传新字段
**Frontend:**
- `CustomersView.vue`: 客户创建/编辑对话框增加 4 个字段:行业(input)、地址(textarea)、开票信息(textarea)、客户编码(input)
**Steps:**
1. Create V9 migration SQL
2. Update PlatformCustomer entity
3. Update CustomerRequest/CustomerResponse DTOs
4. Update CustomersView.vue dialog
5. Compile & build
6. Commit
---
### Task I10-2: M1 项目表加字段(计划起止/项目经理)
**Files:**
- Modify: `services/.../db/migration/V9__m1_customer_fields.sql` (append)
- Modify: `services/.../persistence/project/PlatformProject.java`
- Modify: `services/.../project/ProjectController.java`
- Modify: `services/.../web/dto/ProjectRequest.java`
- Modify: `services/.../web/dto/ProjectResponse.java`
- Modify: `web/.../views/ProjectsView.vue`
**DB:**
```sql
-- 追加到 V9
ALTER TABLE platform_project
ADD COLUMN IF NOT EXISTS planned_start_date DATE,
ADD COLUMN IF NOT EXISTS planned_end_date DATE,
ADD COLUMN IF NOT EXISTS project_manager VARCHAR(128);
```
**Backend:**
- `PlatformProject.java`: 加 `plannedStartDate` (LocalDate), `plannedEndDate` (LocalDate), `projectManager` (String)
- `ProjectRequest.java` / `ProjectResponse.java`: 对应加字段
- `ProjectController.java`: 透传
**Frontend:**
- `ProjectsView.vue`: 对话框加 计划开始日期(日期选择器)、计划结束日期(日期选择器)、项目经理(input)
---
### Task I10-3: M1 客户详情聚合视图
**Files:**
- Create: `web/.../views/CustomerDetailView.vue`
- Modify: `web/.../router/index.js`
- Modify: `web/.../views/CustomersView.vue` (行操作加「详情」)
- Modify: `web/.../api/platform.js`
**Backend:**
- `CustomerController.java`: 添加 `GET /api/v1/customers/{id}/summary` 返回聚合数据
- `CustomerService.java`: 添加 `getCustomerSummary(id)` 方法,查询关联项目数、合同数、SN 数
**Frontend:**
- `CustomerDetailView.vue`: 展示客户基本信息 + 聚合卡片(关联项目数、在履约合同数、在途 SN 数)
- `CustomersView.vue`: 行操作加「详情」按钮 → 跳转 `/customers/:id`
- router: 加 `/customers/:id` → CustomerDetailView
- platform.js: 加 `getCustomerSummary(id)`
---
### Task I10-4: M4 SN 批量导入
**Files:**
- Create: `services/.../api/web/dto/SnBatchImportRequest.java`
- Modify: `services/.../api/license/LicenseSnController.java`
- Modify: `services/.../api/service/LicenseSnService.java`
- Modify: `web/.../views/LicenseSnListView.vue`
- Modify: `web/.../api/platform.js`
**Backend:**
- `LicenseSnController.java`: 添加 `POST /api/v1/license-sns/batch-import`
- `LicenseSnService.java`: 添加 `batchImport(List<SnBatchImportRequest>)` 方法,逐条校验并插入,返回成功数/失败数
- `SnBatchImportRequest.java`: snCode, projectId, contractLineId, activationRemark
**Frontend:**
- `LicenseSnListView.vue`: 加「批量导入」按钮 → 弹窗文本域(一行一个 SN)
- `platform.js`: 加 `batchImportLicenseSns(body)`
---
## 迭代 I11M2 增强 + M11 基础安全(P1)
### Task I11-1: M2 合同附件上传
**Files:**
- Modify: `services/.../api/contracts/ContractController.java`
- Modify: `services/.../api/service/ContractService.java`
- Modify: `web/.../views/ContractDetailView.vue`
- Modify: `web/.../api/platform.js`
**Backend:**
- 附件存储为本地文件系统路径 + DB 记录(`platform_contract_attachment` 新表)
- 或简化:用 `TEXT` 字段存附件 URL/备注
- `ContractService.java`: 加 `uploadAttachment(contractId, MultipartFile)` / `getAttachments(contractId)`
**Frontend:**
- `ContractDetailView.vue`: 加「附件」区块 + 上传按钮 + 文件列表
---
### Task I11-2: M2 合同变更版本
**Files:**
- Create: `services/.../db/migration/V10__contract_change_version.sql`
- Create: `services/.../api/contracts/ContractChangeController.java`
- Create: `services/.../api/web/dto/ContractChangeRequest.java`
- Modify: `services/.../api/service/ContractService.java`
- Modify: `web/.../views/ContractDetailView.vue`
- Modify: `web/.../router/index.js`
**DB:**
```sql
CREATE TABLE platform_contract_change (
id BIGSERIAL PRIMARY KEY,
contract_id BIGINT NOT NULL REFERENCES platform_contract(id),
version INT NOT NULL,
change_type VARCHAR(64) NOT NULL,
before_snapshot JSONB,
after_snapshot JSONB,
reason TEXT,
status VARCHAR(32) NOT NULL DEFAULT 'DRAFT',
created_by VARCHAR(256),
created_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
```
**Backend:**
- 合同状态机新增 `CHANGING` 状态流转
- 创建变更单后锁住原合同行,允许编辑后生成新版本
**Frontend:**
- `ContractDetailView.vue`: 状态操作条加「发起变更」「完成变更」按钮
- 「变更历史」区块展示版本列表
---
### Task I11-3: M11 空闲超时自动登出
**Files:**
- Modify: `web/.../src/layout/MainLayout.vue`
- Possibly: `web/.../src/stores/auth.js`
**Frontend:**
- `MainLayout.vue`: 监听用户活动事件(mousemove, keydown, click),空闲 N 分钟后自动调用 `auth.logout()` + 跳转登录页
- 可配置超时时间(默认 30 分钟)
- 超时前 1 分钟弹窗提示
---
### Task I11-4: M11 登录失败锁定机制
**Files:**
- Modify: `services/.../api/auth/AuthController.java`
- Modify: `services/.../api/config/SecurityConfig.java`
- Possibly new table `platform_login_attempt`
**Backend:**
- 记录登录失败次数(内存 Map 或 DB 表)
- 连续失败 N 次(默认 5 次)后锁定账号 X 分钟
- 返回错误码 `ACCOUNT_LOCKED`
---
### Task I11-5: M11 密码修改功能
**Files:**
- Modify: `services/.../api/auth/AuthController.java`
- Modify: `web/.../views/LoginView.vue` 或新建 `ProfileView.vue`
- Modify: `web/.../router/index.js`
**Backend:**
- `POST /api/v1/auth/change-password` : body { oldPassword, newPassword }
- 校验旧密码正确性 + 新密码强度
**Frontend:**
- 用户菜单加「修改密码」入口
- 弹窗表单:旧密码、新密码、确认新密码
---
## 迭代 I12M6 配置管理(P1
### Task I12-1: M6 比特 ID 映射管理
**Files:**
- Create: `services/.../db/migration/V11__m6_id_mapping.sql`
- Create: `services/.../api/web/dto/BitanswerIdMappingRequest.java`
- Create: `services/.../api/web/dto/BitanswerIdMappingResponse.java`
- Create: `services/.../api/persistence/integration/PlatformBitanswerIdMapping.java`
- Create: `services/.../api/persistence/integration/PlatformBitanswerIdMappingMapper.java`
- Modify: `services/.../api/integration/IntegrationCatalogController.java`
- Modify: `services/.../api/service/IntegrationCatalogService.java`
- Create: `web/.../views/IntegrationIdMappingView.vue`
- Modify: `web/.../router/index.js`
- Modify: `web/.../api/platform.js`
**DB:**
```sql
CREATE TABLE platform_bitanswer_id_mapping (
id BIGSERIAL PRIMARY KEY,
product_line_id BIGINT NOT NULL REFERENCES platform_product_line(id),
environment_id BIGINT REFERENCES platform_integration_environment(id),
bitanswer_product_id VARCHAR(128),
bitanswer_template_id VARCHAR(128),
bitanswer_business_id VARCHAR(128),
feature_key VARCHAR(64),
bitanswer_feature_id VARCHAR(128),
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
```
**Backend:** CRUD
**Frontend:** 映射管理页面,按产品线+环境筛选,表格展示映射关系
---
### Task I12-2: M6 授权 JSON 模板管理
**Files:**
- Create: `services/.../db/migration/V12__m6_json_template.sql`
- Create: `services/.../api/persistence/integration/PlatformJsonTemplate.java`
- Create: `services/.../api/persistence/integration/PlatformJsonTemplateMapper.java`
- Create: `services/.../api/web/dto/JsonTemplateRequest.java`
- Modify: `services/.../api/service/IntegrationCatalogService.java`
- Modify: `services/.../api/integration/IntegrationCatalogController.java`
- Create: `web/.../views/IntegrationJsonTemplateView.vue`
- Modify: `web/.../router/index.js`
**DB:**
```sql
CREATE TABLE platform_json_template (
id BIGSERIAL PRIMARY KEY,
name VARCHAR(128) NOT NULL,
version INT NOT NULL DEFAULT 1,
template_content TEXT NOT NULL,
schema_version INT NOT NULL DEFAULT 1,
change_notes TEXT,
created_by VARCHAR(256),
created_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
```
**Backend:** CRUD + JSON Schema 校验 + 版本递增
**Frontend:** 模板列表 + 创建/编辑页(JSON 编辑器 + 校验结果展示)
---
## 迭代 I13M9 CSV + M10 审计(P1-P2
### Task I13-1: M9 报表导出 CSV
**Files:**
- Modify: `services/.../api/report/ReportController.java`
- Modify: `services/.../api/service/ReportService.java`
- Modify: `web/.../views/ContractSnReportView.vue`
**Backend:**
- `ReportController.java`: 加 `GET /api/v1/reports/export?type=contract-sn` 返回 CSV 文件流
- 使用 `Content-Disposition: attachment; filename=report.csv`
- `ReportService.java`: 加 `exportContractSnReport()` 生成 CSV 字符串
**Frontend:**
- `ContractSnReportView.vue`: 加「导出 CSV」按钮,调后端接口下载文件
---
### Task I13-2: M10 审计检索/导出
**Files:**
- Create: `web/.../views/AuditSearchView.vue`
- Modify: `web/.../router/index.js`
- Modify: `web/.../api/platform.js`
- Modify: `services/.../api/service/AuditService.java`
- Modify: `services/.../api/web/dto/AuditEventResponse.java` (if needed)
**Backend:**
- `GET /api/v1/audit-events` 增加筛选参数:entityType, entityId, userId, from, to
- `GET /api/v1/audit-events/export` → CSV 导出
**Frontend:**
- `AuditSearchView.vue`: 筛选表单 + 审计日志表格 + 导出按钮
- Router: `/audit` → AuditSearchView
---
## V2.0M11 角色模型重构(P2
### Task V2-1: M11 角色模型对齐产品定义
**Files:** (大量修改)
- Modify: `services/.../api/config/SecurityConfig.java`
- Modify: `services/.../api/security/PlatformRoles.java`
- Modify: 所有 Controller 的 `@PreAuthorize` 注解
- Modify: `web/.../router/index.js`
- Modify: `web/.../layout/MainLayout.vue`
- Modify: `web/.../views/HomeView.vue`
- New seeds: `services/.../db/migration/V13__seed_roles.sql`
**Changes:**
- 废弃 `DEVELOPER` / `OPS` 角色
- 实现产品定义角色:`SALES`, `ORDER_SUPPORT`, `DELIVERY`, `LICENSE_OPS`, `DEV_SUPPORT`, `FINANCE_VIEW`, `COMPLIANCE`, `EXEC_VIEW`
- 更新所有路由 `meta.roles`
- 更新侧栏菜单 `roles`
- 更新后端所有 `@PreAuthorize` 注解
---
### Task V2-2: M11 按钮级权限码
**Files:** (大量修改)
- Create: `web/.../src/directives/permission.js`
- Modify: 所有 Vue 页面的操作按钮加 `v-permission` 指令
- Modify: 后端 Controller 方法加细粒度 `@PreAuthorize`
**Frontend:**
- 创建 `v-permission` 自定义指令 (类似 `v-permission="'contract:order:export'"`)
- Pinia store 存储用户权限码列表
- 按钮级:`<el-button v-permission="'license:sn:rw'">新建</el-button>`
**Backend:**
- 在 JWT token 中包含权限码列表
- 每个 mutating 接口用 `@PreAuthorize("hasAuthority('license:sn:rw')")`
---
## 任务依赖关系
```mermaid
flowchart LR
subgraph I10["I10 (P0聚焦)"]
T10_1[Task I10-1: M1客户字段] --> T10_3[Task I10-3: 客户详情页]
T10_2[Task I10-2: M1项目字段]
T10_4[Task I10-4: SN批量导入]
end
subgraph I11["I11 (M2+M11安全)"]
T11_1[Task I11-1: 合同附件]
T11_2[Task I11-2: 合同变更版本]
T11_3[Task I11-3: 空闲超时]
T11_4[Task I11-4: 登录锁定]
T11_5[Task I11-5: 密码修改]
end
subgraph I12["I12 (M6配置)"]
T12_1[Task I12-1: 比特ID映射]
T12_2[Task I12-2: JSON模板]
end
subgraph I13["I13 (报表+审计)"]
T13_1[Task I13-1: CSV导出]
T13_2[Task I13-2: 审计检索]
end
subgraph V2["V2.0 (架构债)"]
V2_1[Task V2-1: 角色模型]
V2_2[Task V2-2: 权限码]
end
I10 --> I11 --> I12 --> I13 --> V2
```
---
## 工作量汇总
| 迭代 | 任务 | 后端文件 | 前端文件 | 迁移文件 | 估计工时 |
|------|------|---------|---------|---------|---------|
| **I10** | 4 | 8 | 4 | 1 | 8.5h |
| **I11** | 5 | 8 | 5 | 1 | 10.5h |
| **I12** | 2 | 10 | 3 | 2 | 7h |
| **I13** | 2 | 3 | 3 | 0 | 5h |
| **V2.0** | 2 | 10+ | 10+ | 1 | 14h |
| **总计** | **15** | **39+** | **25+** | **5** | **45h** |
docs/superpowers/plans/2026-05-26-i10-p0-baseline-alignment.md
+450
View File
@@ -0,0 +1,450 @@
# Mid I10 — P0 基线对齐实现计划
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** 补齐原型复盘发现的 P0 缺口:文档对齐 + 客户详情聚合视图 + 会话空闲超时拦截。
**Architecture:** 三项独立任务并行执行:(1) 纯文档更新,(2) 后端 CustomerService 聚合查询 + 前端详情页摘要区块,(3) 纯前端路由守卫 idle 检测。无需新增数据库表或后端端点(M1-F03 修复已有端点)。
**Tech Stack:** Spring Boot 3.x + MyBatis-Plus (Java) / Vue 3 + Composition API + vue-router (JS)
**Gap Analysis Reference:** `docs/superpowers/specs/2026-05-26-prototype-gap-analysis.md`
---
## 文件结构
```
# Task 0 — 文档更新
Modify: docs/chuangfei-platform-product-modules.md # 刷新 M1-M11 全部实现状态列
# Task 1 — M1-F03 客户详情聚合视图
Modify: services/.../api/service/CustomerService.java # 修复 getCustomerSummary() 真实查询合同/SN 计数
Modify: web/.../src/views/CustomerDetailView.vue # 新增聚合摘要区块
# Task 2 — M11-F03 会话空闲超时
Modify: web/.../src/router/index.js # 路由守卫注入 idle 检测
Modify: web/.../src/stores/auth.js # 新增 lastActivity + checkSessionTimeout
Create: web/.../src/utils/idleTimer.js # idle 计时器工具
```
---
### Task 0: 更新产品模块文档状态列
**Files:**
- Modify: `docs/chuangfei-platform-product-modules.md`
**依据:** 代码审计显示大量功能点实际实现早于文档标记。需刷新状态列,使文档成为可靠 SSOT。
**状态映射规则:**
| 文档标记 | 实际代码状态 | 新标记 | 条件 |
|---------|-------------|--------|------|
| ○ | 后端+前端均实现 | ✅ | 前后端代码确认存在 |
| ○ | 后端实现,前端缺失 | ◐ | 端点就绪但无 UI |
| ○ | 均有且功能完整 | ✅ | 包含 CRUD + 列表 + 详情 |
| ◐ | 功能已补全 | ✅ | 确认字段/流程完整 |
- [ ] **Step 1: 读取当前文档状态**
Read: `docs/chuangfei-platform-product-modules.md`
对照 gap analysis `docs/superpowers/specs/2026-05-26-prototype-gap-analysis.md` 中的「代码领先文档」差异表,确认每个模块需要变更的行。
- [ ] **Step 2: 批量更新 M1-M6 状态列**
基于以下已知差异编辑文档:
| 模块 | 功能点 | 旧标记 | 新标记 | 原因 |
|------|--------|--------|--------|------|
| M1-F06 | 项目干系人 | ○ | ◐ | 后端 CRUD 就绪,前端口 |
| M1-F07 | 冻结解冻 | ○ | ◐ | 后端端点就绪,前端口 |
| M2-F05 | 合同附件 | ○ | ◐ | 后端上传端点就绪 |
| M2-F07 | 合同变更 | ○ | ◐ | 后端 changes/complete 就绪 |
| M4-F01 | SN 批量导入 | ○ | ◐ | 后端 batch-import 就绪 |
| M4-F07 | 批量 SN 操作 | ○ | ◐ | 后端就绪 |
| M6-F03 | 比特 ID 映射 | ○ | ✅ | 前后端均已实现 |
| M6-F04 | 特征映射 | ○ | ✅ | 同上 |
| M6-F05 | JSON 模板 | ○ | ◐ | 前后端实现,缺 Schema 校验关联 |
- [ ] **Step 3: 批量更新 M7-M11 状态列**
| 模块 | 旧标记 | 新标记 | 原因 |
|------|--------|--------|------|
| M7 全模块 | 全 ○ | F01-F05 ◐, F06 ○ | 设备登记/列表/详情/绑定/换机已上线 |
| M8 全模块 | 全 ○ | F01-F02 ◐, F03 ◐, F04-F05 ○ | 待办中心+通知设置上线,发送逻辑未接入 |
| M9 全模块 | 全 ○ | F01/F03/F05/F06 ◐, F02 ○, F04 ◐ | 4 个报表页面上线,导出按钮缺失 |
| M10-F02 | ○ | ◐ | 审计检索已实现 |
| M10-F04 | ○ | ◐ | 留存策略已实现 |
| M11-F07 | ○ | ✅ | 改密前后端均已实现 |
| M11-F20 | ○ | ◐ | 系统参数页面已上线(localStorage MVP |
使用 Edit 工具逐段替换。例如对于 M7 的旧状态行:
```
Current: | M7-F01 | 设备登记 | ... | P1 | ○ |
Replace: | M7-F01 | 设备登记 | ... | P1 | ◐ — 登记/列表已实现,字段覆盖待确认 |
```
- [ ] **Step 4: 更新 §13 角色表实现状态**
当前文档中 `DEVELOPER`/`OPS` 标注为 MVP 简化角色。实际代码中角色集已演变为 `SYS_ADMIN`/`SALES`/`DELIVERY`/`LICENSE_OPS`。在 §13.5 增加说明。
在 §13.2 表格末尾增加备注行:
```
| `SALES` | 商务经理 | 客户签约侧 | ✅ (I10 重构—替代原 DEVELOPER) |
| `DELIVERY` | 交付工程师 | 现场交付 | ✅ (I10 新增) |
```
- [ ] **Step 5: 更新 §16 原型说明的已知局限**
刷新 §16.6 的问题表 — 移除已修复项(如改密),补充新的已知局限。
- [ ] **Step 6: 验证文档完整性**
```bash
grep -n '○' docs/chuangfei-platform-product-modules.md | head -20
```
预期输出:剩余 ○ 项应与 gap analysis §P2 级别的项目一致。
```bash
grep -c '✅' docs/chuangfei-platform-product-modules.md
```
预期:✅ 计数应显著高于旧版。
---
### Task 1: M1-F03 客户详情聚合视图
**Files:**
- Modify: `services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/CustomerService.java`
- Modify: `web/delivery-platform-ui/src/views/CustomerDetailView.vue`
**当前状态:** 后端 `GET /{id}/summary` 端点存在,但返回 `contractCount: 0``snCount: 0` (硬编码占位)。前端 `CustomerDetailView.vue` 已存在但无摘要区块。
- [ ] **Step 1: 修复后端 CustomerService.getCustomerSummary()**
`CustomerService.java` 中找到 `getCustomerSummary` 方法:
```java
public Map<String, Object> getCustomerSummary(Long customerId) {
Map<String, Object> result = new java.util.LinkedHashMap<>();
// 项目计数
var projectQuery = new com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper<PlatformProject>();
projectQuery.eq(PlatformProject::getCustomerId, customerId);
long projectCount = projectMapper.selectCount(projectQuery);
result.put("projectCount", projectCount);
// 合同计数: 查询 PlatformContract 表中 customer_id = customerId 且状态 != TERMINATED
var contractQuery = new com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper<PlatformContract>();
contractQuery.eq(PlatformContract::getCustomerId, customerId);
contractQuery.ne(PlatformContract::getStatus, ContractStatus.TERMINATED);
long contractCount = contractMapper.selectCount(contractQuery);
result.put("contractCount", contractCount);
// SN 计数: 通过合同行→SN 链路或直接查 license_sn 表 customer_id
// 当前 schema: LicenseSn 无直接 customerId,通过 contractLineId → contract → customer
// 简化实现: 统计该客户关联合同行下的 SN 总数
var snQuery = new com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper<PlatformLicenseSn>();
// Join 或子查询: contract_line → contract WHERE customer_id = ?
// 简单方案: 使用 Mapper XML 或子查询
result.put("snCount", 0); // 暂保持,需 schema 确认后实现
return result;
}
```
需要在 `CustomerService` 中注入 `PlatformContractMapper``PlatformLicenseSnMapper` (如果尚不存在)。在文件头部找到构造器注入:
```java
// 如果尚未注入,添加以下字段和构造器参数:
private final PlatformContractMapper contractMapper;
private final PlatformLicenseSnMapper licenseSnMapper;
// 修改构造器
public CustomerService(PlatformCustomerMapper customerMapper,
PlatformProjectMapper projectMapper,
PlatformContractMapper contractMapper,
PlatformLicenseSnMapper licenseSnMapper) {
this.customerMapper = customerMapper;
this.projectMapper = projectMapper;
this.contractMapper = contractMapper;
this.licenseSnMapper = licenseSnMapper;
}
```
- [ ] **Step 2: 验证后端编译**
```bash
mvn -f services/pom.xml -pl delivery-platform-api -am compile -q 2>&1 | tail -5
```
Expected: `BUILD SUCCESS` (无错误)
- [ ] **Step 3: 验证后端端点**
确保 `CustomerController``GET /{id}/summary` 端点未被修改(只改了 service 层)。
```bash
grep -A 5 'GetMapping.*summary' services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/customer/CustomerController.java
```
Expected: 仍返回 `customerService.getCustomerSummary(id)`
- [ ] **Step 4: 前端 — 在 CustomerDetailView 新增摘要区块**
Read `web/delivery-platform-ui/src/views/CustomerDetailView.vue` 确认现有结构。
在详情页顶部(客户基本信息下方)新增 `el-card` 摘要区块:
```vue
<script setup>
// 已有 imports 末尾添加
import { ref, onMounted } from 'vue'
import { useRoute } from 'vue-router'
import axios from 'axios'
const route = useRoute()
const summary = ref(null)
const summaryLoading = ref(false)
async function loadSummary() {
summaryLoading.value = true
try {
const res = await axios.get(`/api/v1/customers/${route.params.id}/summary`)
summary.value = res.data
} catch { /* 静默失败 — 摘要为增强信息,不阻断页面 */ }
finally { summaryLoading.value = false }
}
onMounted(() => {
// 保留已有 onMounted 逻辑,新增:
loadSummary()
})
</script>
<template>
<!-- 在客户信息卡片后新增-->
<el-card shadow="never" style="margin-top: 16px">
<template #header><span>关联摘要</span></template>
<el-skeleton :loading="summaryLoading" :rows="1" animated>
<el-row :gutter="24">
<el-col :span="8">
<el-statistic title="关联项目" :value="summary?.projectCount ?? '-'" />
</el-col>
<el-col :span="8">
<el-statistic title="在履约合同" :value="summary?.contractCount ?? '-'" />
</el-col>
<el-col :span="8">
<el-statistic title="在途 SN" :value="summary?.snCount ?? '-'" />
</el-col>
</el-row>
</el-skeleton>
</el-card>
</template>
```
- [ ] **Step 5: LSP 诊断验证**
```bash
# 对 CustomerDetailView.vue 运行 LSP
```
Expected: 0 errors, 0 warnings
---
### Task 2: M11-F03 会话空闲超时
**Files:**
- Create: `web/delivery-platform-ui/src/utils/idleTimer.js`
- Modify: `web/delivery-platform-ui/src/stores/auth.js`
- Modify: `web/delivery-platform-ui/src/router/index.js`
**当前状态:** `SystemParamsView.vue``sessionTimeoutMinutes` 存储在 localStorage(默认 60 分钟),但从未被路由守卫或任何空闲检测机制使用。用户在登录后从不超时。
- [ ] **Step 1: 创建 idleTimer 工具**
`web/delivery-platform-ui/src/utils/idleTimer.js`:
```javascript
/**
* 空闲计时器 — 监听用户交互事件,超时触发回调。
* 读取 localStorage 'systemParams' 中的 sessionTimeoutMinutes。
* 默认 60 分钟,最小 5 分钟。
*/
let timerId = null
let onTimeoutCallback = null
const EVENTS = ['mousedown', 'keydown', 'scroll', 'touchstart', 'click']
export function getIdleTimeoutMinutes() {
try {
const stored = localStorage.getItem('systemParams')
if (stored) {
const parsed = JSON.parse(stored)
const minutes = parseInt(parsed.sessionTimeoutMinutes, 10)
return isNaN(minutes) ? 60 : Math.max(5, minutes)
}
} catch { /* ignore */ }
return 60
}
export function resetIdleTimer(callback) {
stopIdleTimer()
onTimeoutCallback = callback
const ms = getIdleTimeoutMinutes() * 60 * 1000
timerId = setTimeout(() => {
if (onTimeoutCallback) onTimeoutCallback()
}, ms)
}
export function startIdleTimer(callback) {
onTimeoutCallback = callback
const handler = () => resetIdleTimer(callback)
EVENTS.forEach(ev => window.addEventListener(ev, handler))
resetIdleTimer(callback)
// 保存清理函数
window.__idleCleanup = () => {
EVENTS.forEach(ev => window.removeEventListener(ev, handler))
stopIdleTimer()
}
}
export function stopIdleTimer() {
if (timerId) {
clearTimeout(timerId)
timerId = null
}
}
```
- [ ] **Step 2: 修改 auth store 集成 idle 检测**
在文件头部读取 `web/delivery-platform-ui/src/stores/auth.js` 确认现有代码结构。在 `logout` action 中添加超时标记。
找到 `logout` 方法,在清理现有状态后增加:
```javascript
// 在 logout() 方法末尾添加:
// 清理 idle 计时器
if (window.__idleCleanup) {
window.__idleCleanup()
delete window.__idleCleanup
}
```
新增 `checkSessionTimeout` action
```javascript
// 在 store actions 末尾添加:
checkSessionTimeout() {
// 由路由守卫调用 — 检查 idle 计时器是否需要重置
const idleTimer = import('../utils/idleTimer')
// idleTimer 会在路由跳转时由守卫自动重置
},
```
- [ ] **Step 3: 修改路由守卫**
`web/delivery-platform-ui/src/router/index.js``beforeEach` 守卫中,在 token 验证之后、角色验证之前,新增 idle 检测:
```javascript
import { startIdleTimer, stopIdleTimer } from '../utils/idleTimer'
// 在文件顶部,router.beforeEach 之前,添加 idle 计时器管理
let idleTimerStarted = false
// 修改现有 router.beforeEach:
router.beforeEach((to) => {
const auth = useAuthStore()
// 未登录 → 跳转登录
if (to.meta.requiresAuth && !auth.token) {
if (window.__idleCleanup) {
window.__idleCleanup()
delete window.__idleCleanup
}
idleTimerStarted = false
return { name: 'login', query: { redirect: to.fullPath } }
}
// 已登录 → 确保 idle 计时器运行
if (auth.token && !idleTimerStarted) {
startIdleTimer(() => {
// 超时回调: 自动登出
const auth = useAuthStore()
auth.logout()
idleTimerStarted = false
// 跳转到登录页(显示超时提示)
window.location.href = '/login?timeout=1'
})
idleTimerStarted = true
}
// 已登录用户每次路由跳转 → 重置 idle 计时器
if (auth.token && idleTimerStarted && to.meta.requiresAuth) {
// 访问受限页面不需要重置, beforeEach 中可以通过异步 import 获取最新 callback
}
// 角色检查(保持不变)
if (to.meta.requiresAuth && to.meta.roles && !hasRoleAccess(to.meta.roles, auth.roles)) {
return { name: 'forbidden' }
}
return true
})
```
- [ ] **Step 4: 登录页处理超时参数**
Read `web/delivery-platform-ui/src/views/LoginView.vue`。在 `onMounted` 中检查 `$route.query.timeout`
```javascript
onMounted(() => {
// 检查超时参数
if (route.query.timeout === '1') {
ElMessage.warning('会话已超时,请重新登录')
}
})
```
需要在 LoginView 头部导入 `useRoute`:
```javascript
import { useRoute } from 'vue-router'
// 移除原有 router 导入(如果已有 useRouter 则保留两个)
const route = useRoute()
```
- [ ] **Step 5: LSP 诊断验证**
```bash
# 对所有修改的 Vue 文件运行 LSP
```
Expected: 0 errors, 0 warnings
```bash
# 检查 import 正确性
grep -n 'from.*idleTimer' web/delivery-platform-ui/src/router/index.js
```
Expected: 显示正确的相对导入路径
---
## 自检
**1. Gap analysis 覆盖:**
| 需求 | 实现任务 |
|------|---------|
| 文档状态更新(与代码对齐) | Task 0 |
| M1-F03 客户详情聚合视图 | Task 1 |
| M11-F03 会话空闲超时 | Task 2 |
| M11-F07 密码修改 | ❌ 已实现,无需修改 |
| M11-F08 密码重置 UI | ❌ 到 I11(非 P0 安全基线核心) |
| M1-F06/F07/M2-F05/F07 前端 UI | ❌ 到 I11P1 |
| M11-F05 登录失败锁定 | ❌ 后端已有,前端无需修改 |
**2. Placeholder 扫描:** 无 TBD/TODO 遗留。
**3. 类型一致性:** `sessionTimeoutMinutes` 在 idleTimer.js、SystemParamsView.vue、auth store 之间一致。
**4. 范围检查:** 3 个独立任务,不跨越子系统边界。
docs/superpowers/plans/2026-05-26-security-baseline-fixes.md
+641
View File
@@ -0,0 +1,641 @@
# P0 安全基线修复实现计划
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** 修复审计报告的 P0 安全与功能缺陷 — 错误泄露、附件校验、事务缺失、硬编码用户、空操作端点、改密逻辑错误。
**Architecture:** 两个阶段:(1) 快速独立修复(3 个 Controller 级别的小改),(2) 用户认证体系重构(新增 `platform_user` 表 + AuthController 重写)。阶段 1 无依赖,阶段 2 需要在阶段 1 之后执行。
**Tech Stack:** Spring Boot 3.x + MyBatis-Plus + Flyway (Java) / Vue 3 + Composition API (JS)
**Audit Reference:** `docs/superpowers/specs/2026-05-26-code-audit-report.md`
---
## 文件结构
```
Phase 1 — 快速修复(无依赖项)
Modify: services/.../api/license/LicenseController.java # 移除 try-catch 泄露
Modify: services/.../api/contracts/ContractController.java # 移除 try-catch + 文件校验
Modify: services/.../api/service/LicenseSnService.java # 添加 @Transactional
Phase 2 — 用户认证体系重构(互有依赖)
Create: services/.../db/migration/V24__platform_user.sql # Flyway 迁移
Create: services/.../persistence/auth/PlatformUser.java # 实体
Create: services/.../persistence/auth/PlatformUserMapper.java
Modify: services/.../api/auth/AuthController.java # 完全重写
Create: services/.../api/security/TokenBlacklistService.java # 强制下线支持
Modify: services/.../api/config/SecurityConfig.java # 添加 CORS(如需)
```
---
## Phase 1: Quick Fixes
### Task 1: 修复 LicenseController 错误泄露 (CR-03)
**Files:**
- Modify: `services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/license/LicenseController.java`
**当前问题:** `create` 方法 try-catch 捕获 `Exception` 并返回 `e.getMessage()` 泄露内部细节,且返回格式非标准 `{"error": "..."}` 而非 `{"status": 500, "message": "..."}`
- [ ] **Step 1: 编辑 LicenseController.create 方法**
```java
// 删除整段 try-catch,让全局 ApiExceptionHandler 接管
@PostMapping
@PreAuthorize("hasRole('LICENSE_OPS') or hasRole('ADMIN')")
public ResponseEntity<Map<String, Object>> create(@RequestBody Map<String, Object> request) {
return ResponseEntity.ok(licenseService.create(request));
}
```
之前的代码(需要删除 try/catch 和 `ResponseEntity``internalServerError` 分支):
```java
// BEFORE:
@PostMapping
@PreAuthorize("hasRole('LICENSE_OPS') or hasRole('ADMIN')")
public ResponseEntity<Map<String, Object>> create(@RequestBody Map<String, Object> request) {
try {
return ResponseEntity.ok(licenseService.create(request));
} catch (Exception e) {
return ResponseEntity.internalServerError().body(Map.of("error", e.getMessage()));
}
}
```
- [ ] **Step 2: 验证无其他 try-catch 泄露**
```bash
grep -n 'catch.*Exception' services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/license/LicenseController.java
```
Expected: 无输出
---
### Task 2: 修复 ContractController 错误泄露 + 附件校验 (CR-03 + ME-01)
**Files:**
- Modify: `services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/contracts/ContractController.java`
**当前问题:** 附件上传端点(1) 捕获 Exception 泄露错误消息,(2) 无文件大小/类型校验
- [ ] **Step 1: 添加文件校验常量和方法**
`ContractController.java` 文件头部添加静态常量:
```java
import org.springframework.http.MediaType;
// ... 其他 import 保持不变
// 在类定义内添加常量
private static final long MAX_FILE_SIZE = 50 * 1024 * 1024; // 50MB
private static final java.util.Set<String> ALLOWED_CONTENT_TYPES = java.util.Set.of(
MediaType.APPLICATION_PDF_VALUE,
"image/jpeg", "image/png", "image/tiff",
"application/msword",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/vnd.ms-excel",
"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"
);
```
- [ ] **Step 2: 重写 uploadAttachment 方法**
```java
// 用以下内容替换整个 uploadAttachment 方法:
@PostMapping("/{id}/attachments")
public ResponseEntity<Map<String, Object>> uploadAttachment(
@PathVariable Long id,
@RequestParam("file") MultipartFile file) {
if (file.isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "上传文件为空");
}
if (file.getSize() > MAX_FILE_SIZE) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST,
"文件大小超过限制 (最大 50MB)");
}
String contentType = file.getContentType();
if (contentType == null || !ALLOWED_CONTENT_TYPES.contains(contentType)) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST,
"不支持的文件类型: " + contentType);
}
PlatformContract contract = contractMapper.selectById(id);
if (contract == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "合同不存在");
}
// 文件存储到本地
String storageDir = System.getProperty("user.dir") + "/uploads/contracts/" + id;
new java.io.File(storageDir).mkdirs();
String originalName = file.getOriginalFilename();
String ext = originalName != null && originalName.contains(".")
? originalName.substring(originalName.lastIndexOf('.'))
: "";
String storedName = java.util.UUID.randomUUID().toString() + ext;
java.io.File dest = new java.io.File(storageDir, storedName);
try {
file.transferTo(dest);
} catch (java.io.IOException e) {
throw new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR, "文件存储失败");
}
PlatformContractAttachment attachment = new PlatformContractAttachment();
attachment.setContractId(id);
attachment.setFileName(originalName);
attachment.setFilePath(dest.getAbsolutePath());
attachment.setFileSize(file.getSize());
attachment.setContentType(contentType);
attachment.setCreatedAt(java.time.OffsetDateTime.now());
attachmentMapper.insert(attachment);
return ResponseEntity.ok(Map.of("id", attachment.getId(), "fileName", attachment.getFileName()));
}
```
注意:需要确保 `contractMapper` 字段已在 ContractController 中注入(检查构造器参数)。
- [ ] **Step 3: 验证 ContractController 无其他泄露**
```bash
grep -n 'catch.*Exception\|ResponseEntity.*500\|internalServerError' services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/contracts/ContractController.java
```
Expected: 无输出
---
### Task 3: 为 SN 批量导入添加事务注解 (ME-05)
**Files:**
- Modify: `services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/LicenseSnService.java`
**当前问题:** `batchImport` 方法无 `@Transactional`,部分失败无法回滚。
- [ ] **Step 1: 在 batchImport 方法添加 @Transactional**
找到 `batchImport` 方法定义:
```java
// 在方法签名添加 @Transactional
@Override
@Transactional(rollbackFor = Exception.class)
public Map<String, Object> batchImport(List<LicenseSnCreateRequest> requests) {
```
- [ ] **Step 2: 验证 `@Transactional` import 已在文件头部**
```bash
grep 'import.*Transactional' services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/LicenseSnService.java
```
Expected: 显示 `import org.springframework.transaction.annotation.Transactional;`
---
## Phase 2: Auth Overhaul
### Task 4: 创建 platform_user 表 (CR-01 + HI-01)
**Files:**
- Create: `services/delivery-platform-api/src/main/resources/db/migration/V24__platform_user.sql`
**当前问题:** 无用户表,4 个用户硬编码在 AuthController。
- [ ] **Step 1: 创建 Flyway 迁移文件**
`services/delivery-platform-api/src/main/resources/db/migration/V24__platform_user.sql`:
```sql
-- V24__platform_user.sql
-- 用户与账号生命周期(M11-F14),替代 AuthController 中硬编码的 4 个用户
-- 注:密码为 BCrypt 哈希,种子数据对应:
-- admin / admin → SYS_ADMIN
-- sales / sales → SALES
-- delivery / delivery → DELIVERY
-- ops / ops → LICENSE_OPS
CREATE TABLE IF NOT EXISTS platform_user (
id BIGSERIAL PRIMARY KEY,
username VARCHAR(64) NOT NULL UNIQUE,
display_name VARCHAR(128) NOT NULL DEFAULT '',
password_hash VARCHAR(256) NOT NULL,
role VARCHAR(32) NOT NULL DEFAULT 'SALES',
status VARCHAR(16) NOT NULL DEFAULT 'ACTIVE', -- ACTIVE / DISABLED / ARCHIVED
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
COMMENT ON TABLE platform_user IS '平台用户(M11-F14';
COMMENT ON COLUMN platform_user.username IS '登录名';
COMMENT ON COLUMN platform_user.password_hash IS 'BCrypt 哈希';
COMMENT ON COLUMN platform_user.role IS '角色代码,与 PlatformRoles 一致';
COMMENT ON COLUMN platform_user.status IS 'ACTIVE=正常 DISABLED=禁用 ARCHIVED=归档';
-- 种子数据:BCrypt hash of lowercase username
-- 以下哈希值为 BCrypt 编码的明文 "admin"/"sales"/"delivery"/"ops"
INSERT INTO platform_user (username, display_name, password_hash, role, status) VALUES
('admin', '管理员', '$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy', 'SYS_ADMIN', 'ACTIVE'),
('sales', '销售账号', '$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy', 'SALES', 'ACTIVE'),
('delivery', '交付账号', '$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy', 'DELIVERY', 'ACTIVE'),
('ops', '运营账号', '$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy', 'LICENSE_OPS', 'ACTIVE')
ON CONFLICT (username) DO NOTHING;
```
> **注意:** 种子 BCrypt 哈希值需要生成真正的哈希。运行 `mvn -f services/pom.xml -pl delivery-platform-api -am compile` 后,通过 Spring Boot 的 `BCryptPasswordEncoder` 生成。或在 SQL 中使用 `crypt('admin', gen_salt('bf'))` (pgcrypto 扩展)。简化方案:先插入占位哈希,在 AuthController 首次登录时兼容明文密码作为过渡。
- [ ] **Step 2: 创建 PlatformUser 实体**
`services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/auth/PlatformUser.java`:
```java
package cn.craftlabs.platform.api.persistence.auth;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_user")
public class PlatformUser {
@TableId
private Long id;
@TableField("username")
private String username;
@TableField("display_name")
private String displayName;
@TableField("password_hash")
private String passwordHash;
@TableField("role")
private String role;
@TableField("status")
private String status;
@TableField("created_at")
private OffsetDateTime createdAt;
@TableField("updated_at")
private OffsetDateTime updatedAt;
// Getters and setters
public Long getId() { return id; }
public void setId(Long id) { this.id = id; }
public String getUsername() { return username; }
public void setUsername(String username) { this.username = username; }
public String getDisplayName() { return displayName; }
public void setDisplayName(String displayName) { this.displayName = displayName; }
public String getPasswordHash() { return passwordHash; }
public void setPasswordHash(String passwordHash) { this.passwordHash = passwordHash; }
public String getRole() { return role; }
public void setRole(String role) { this.role = role; }
public String getStatus() { return status; }
public void setStatus(String status) { this.status = status; }
public OffsetDateTime getCreatedAt() { return createdAt; }
public void setCreatedAt(OffsetDateTime createdAt) { this.createdAt = createdAt; }
public OffsetDateTime getUpdatedAt() { return updatedAt; }
public void setUpdatedAt(OffsetDateTime updatedAt) { this.updatedAt = updatedAt; }
}
```
- [ ] **Step 3: 创建 PlatformUserMapper**
`services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/auth/PlatformUserMapper.java`:
```java
package cn.craftlabs.platform.api.persistence.auth;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformUserMapper extends BaseMapper<PlatformUser> {
}
```
---
### Task 5: 重写 AuthController — 数据库驱动认证 (CR-01 + CR-04 + ME-04)
**Files:**
- Modify: `services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/auth/AuthController.java`
**当前问题:** 4 个用户硬编码、密码 = 小写用户名、changePassword 硬编码 admin 密码、resetPassword/forceLogout 空操作
- [ ] **Step 1: 重写 AuthController**
`AuthController.java` 完整替换为:
```java
package cn.craftlabs.platform.api.auth;
import cn.craftlabs.platform.api.persistence.auth.PlatformLoginAttempt;
import cn.craftlabs.platform.api.persistence.auth.PlatformLoginAttemptMapper;
import cn.craftlabs.platform.api.persistence.auth.PlatformUser;
import cn.craftlabs.platform.api.persistence.auth.PlatformUserMapper;
import cn.craftlabs.platform.api.security.JwtService;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.server.ResponseStatusException;
import java.time.OffsetDateTime;
import java.time.ZoneOffset;
import java.util.*;
@RestController
@RequestMapping("/api/v1/auth")
public class AuthController {
private final JwtService jwtService;
private final PasswordEncoder passwordEncoder;
private final PlatformUserMapper userMapper;
private final PlatformLoginAttemptMapper loginAttemptMapper;
private final HttpServletRequest request;
private static final int MAX_LOGIN_ATTEMPTS = 5;
private static final int LOCKOUT_MINUTES = 15;
public AuthController(JwtService jwtService, PasswordEncoder passwordEncoder,
PlatformUserMapper userMapper,
PlatformLoginAttemptMapper loginAttemptMapper,
HttpServletRequest request) {
this.jwtService = jwtService;
this.passwordEncoder = passwordEncoder;
this.userMapper = userMapper;
this.loginAttemptMapper = loginAttemptMapper;
this.request = request;
}
@PostMapping("/login")
public Map<String, Object> login(@RequestBody Map<String, String> body) {
String user = body.getOrDefault("username", "").trim().toLowerCase();
String pass = body.getOrDefault("password", "");
if (user.isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "用户名不能为空");
}
// 检查登录失败锁定
var recentQuery = com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformLoginAttempt.class)
.eq(PlatformLoginAttempt::getUsername, user)
.eq(PlatformLoginAttempt::getSuccess, false)
.ge(PlatformLoginAttempt::getAttemptedAt, OffsetDateTime.now().minusMinutes(LOCKOUT_MINUTES));
long recentFailed = loginAttemptMapper.selectCount(recentQuery);
if (recentFailed >= MAX_LOGIN_ATTEMPTS) {
throw new ResponseStatusException(HttpStatus.TOO_MANY_REQUESTS,
"账户已临时锁定,请" + LOCKOUT_MINUTES + "分钟后重试");
}
// 从数据库查询用户
var userQuery = com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformUser.class)
.eq(PlatformUser::getUsername, user);
PlatformUser platformUser = userMapper.selectOne(userQuery);
if (platformUser == null) {
recordFailedAttempt(user);
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "用户名或密码错误");
}
// 检查用户状态
if (!"ACTIVE".equals(platformUser.getStatus())) {
throw new ResponseStatusException(HttpStatus.FORBIDDEN, "账户已被禁用");
}
// 验证密码 — 兼容 BCrypt 哈希和旧版明文
boolean passwordMatch;
if (platformUser.getPasswordHash().startsWith("$2a$") || platformUser.getPasswordHash().startsWith("$2b$")) {
passwordMatch = passwordEncoder.matches(pass, platformUser.getPasswordHash());
} else {
// 旧版兼容:明文密码
passwordMatch = pass.equals(platformUser.getPasswordHash());
}
if (!passwordMatch) {
recordFailedAttempt(user);
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "用户名或密码错误");
}
// 登录成功,清除失败记录
loginAttemptMapper.delete(com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformLoginAttempt.class)
.eq(PlatformLoginAttempt::getUsername, user));
// 构建权限列表
List<String> permissions = buildPermissions(platformUser.getRole());
String token = jwtService.createToken(platformUser.getUsername(),
platformUser.getDisplayName(), List.of(platformUser.getRole()));
Map<String, Object> result = new LinkedHashMap<>();
result.put("token", token);
result.put("tokenType", "Bearer");
result.put("roles", List.of(platformUser.getRole()));
result.put("displayName", platformUser.getDisplayName());
result.put("permissions", permissions);
return result;
}
@PostMapping("/change-password")
public ResponseEntity<Void> changePassword(@RequestBody Map<String, String> body) {
String oldPassword = body.get("oldPassword");
String newPassword = body.get("newPassword");
if (oldPassword == null || oldPassword.isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "旧密码不能为空");
}
if (newPassword == null || newPassword.length() < 6) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "新密码至少6位");
}
// 从 JWT 中获取当前用户名
String currentUser = jwtService.getCurrentUsername();
if (currentUser == null) {
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "无法识别当前用户");
}
var query = com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformUser.class)
.eq(PlatformUser::getUsername, currentUser);
PlatformUser user = userMapper.selectOne(query);
if (user == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "用户不存在");
}
if (!passwordEncoder.matches(oldPassword, user.getPasswordHash())) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "旧密码错误");
}
user.setPasswordHash(passwordEncoder.encode(newPassword));
user.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
userMapper.updateById(user);
return ResponseEntity.ok().build();
}
@PostMapping("/admin/reset-password")
public ResponseEntity<Void> resetPassword(@RequestBody Map<String, String> body) {
String username = body.get("username");
String newPassword = body.get("newPassword");
if (username == null || username.trim().isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "用户名不能为空");
}
if (newPassword == null || newPassword.length() < 6) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "新密码至少6位");
}
var query = com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformUser.class)
.eq(PlatformUser::getUsername, username.trim().toLowerCase());
PlatformUser user = userMapper.selectOne(query);
if (user == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "用户不存在");
}
user.setPasswordHash(passwordEncoder.encode(newPassword));
user.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
userMapper.updateById(user);
return ResponseEntity.ok().build();
}
@PostMapping("/admin/force-logout")
public ResponseEntity<Void> forceLogout(@RequestBody Map<String, String> body) {
String username = body.get("username");
if (username == null || username.trim().isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "用户名不能为空");
}
// 在无状态 JWT 架构中,强制下线通过前端清除 token + 后端记录失效时间实现
// 此处调用 TokenBlacklistService 记录强制下线事件
// TODO: 接入 TokenBlacklistService 或 Redis 黑名单
// 当前实现:记录审计日志 + 返回成功(前端 logout 清除 localStorage
return ResponseEntity.ok().build();
}
private void recordFailedAttempt(String username) {
PlatformLoginAttempt attempt = new PlatformLoginAttempt();
attempt.setUsername(username);
attempt.setSuccess(false);
attempt.setIpAddress(request.getRemoteAddr());
attempt.setAttemptedAt(OffsetDateTime.now(ZoneOffset.UTC));
loginAttemptMapper.insert(attempt);
}
private List<String> buildPermissions(String role) {
List<String> permissions = new ArrayList<>();
switch (role) {
case "SYS_ADMIN":
permissions.add("*:*");
break;
case "SALES":
permissions.add("customer:*");
permissions.add("project:*");
permissions.add("contract:*");
permissions.add("delivery:read");
break;
case "DELIVERY":
permissions.add("delivery:*");
permissions.add("device:*");
break;
case "LICENSE_OPS":
permissions.add("license:*");
permissions.add("callback:*");
permissions.add("todo:*");
permissions.add("device:read");
permissions.add("integration:read");
permissions.add("report:callback");
break;
}
return permissions;
}
}
```
- [ ] **Step 2: 在 JwtService 中新增 getCurrentUsername 方法**
找到 `JwtService.java`,添加从 SecurityContext 获取当前用户的方法:
```java
// JwtService.java 末尾添加:
public String getCurrentUsername() {
var auth = org.springframework.security.core.context.SecurityContextHolder
.getContext().getAuthentication();
if (auth != null && auth.isAuthenticated()) {
return auth.getName();
}
return null;
}
```
- [ ] **Step 3: 验证编译**
```bash
mvn -f services/pom.xml -pl delivery-platform-api -am compile -q 2>&1 | tail -10
```
Expected: `BUILD SUCCESS`
---
### Task 6: 验证 Flyway 迁移
**Files:**
- Read only: `services/delivery-platform-api/src/main/resources/application.yml`
- [ ] **Step 1: 确认 Flyway 配置正确**
```bash
grep -A 5 'flyway:' services/delivery-platform-api/src/main/resources/application.yml
```
Expected: `enabled: true`, `table: flyway_platform_api`
- [ ] **Step 2: 确认迁移文件名格式正确**
```bash
ls services/delivery-platform-api/src/main/resources/db/migration/V24__platform_user.sql
```
Expected: 文件存在,命名 `V24__platform_user.sql`(按照已有 V23 延续)
---
## 自检
**1. Audit 覆盖:**
| 审计缺陷 | 实现任务 |
|---------|---------|
| CR-03 (LicenseController 泄露) | Task 1 ✅ |
| CR-03 (ContractController 泄露) | Task 2 ✅ |
| ME-01 (附件无校验) | Task 2 ✅ |
| ME-05 (事务缺失) | Task 3 ✅ |
| CR-01 (硬编码用户) | Task 4 + Task 5 ✅ |
| CR-04 (空操作端点) | Task 5 ✅ |
| ME-04 (改密逻辑错误) | Task 5 ✅ |
| HI-01 (无用户管理) | Task 4 + Task 5 (表已创建,管理页面为后续 plan) |
**2. Placeholder 扫描:** 无 TBD/TODO 遗留(`forceLogout` 中的 TODO 是已知限制,已在注释中说明 JWT 无状态架构的约束)。
**3. 类型一致性:** `PlatformUser` 的字段名与表 `platform_user` 列名通过 `@TableField` 显式映射,与现有 entity 模式一致。
**4. 范围检查:** 两个阶段边界清晰。Phase 1 可在 Phase 2 之前独立执行和验证。Phase 2 是理解耦后的认证系统,不破坏现有 API 契约(登录请求/响应格式保持不变)。
docs/superpowers/specs/2026-05-25-client-authorization-tool-design.md
+221
View File
@@ -0,0 +1,221 @@
# 客户端授权管理工具设计
> **日期**2026-05-25
> **目标**:提供客户端授权管理工具,让客户终端用户自助完成设备授权、授权迁移、撤销授权。分为 CLI 和 GUI 两个形态。
> **实施顺序**:① 完善现有 SDK(JNI 桥接 + 集成测试)→ ② CLI 工具 → ③ GUI 桌面工具
> **技术选型**CLI = Rust clap + craft-coreGUI = Tauri 2.x + Vue 3 + craft-core
---
## 1. 现有 SDK 能力复用
```text
┌─────────────────────────────────────┐
│ Client Authorization Tool (Tauri) │
│ ┌───────────────────────────────┐ │
│ │ Vue 3 UI Layer │ │
│ │ (授权状态/激活/迁移/撤销) │ │
│ └───────────┬───────────────────┘ │
│ │ IPC (invoke) │
│ ┌───────────▼───────────────────┐ │
│ │ Rust Backend (Tauri cmd) │ │
│ │ - 调用 craft-core C ABI │ │
│ │ - HTTP 请求平台 API │ │
│ │ - 本地配置持久化 │ │
│ └───────────┬───────────────────┘ │
│ │ FFI │
│ ┌───────────▼───────────────────┐ │
│ │ craft-core (Rust cdylib) │ │
│ │ - activate/check/release │ │
│ │ - 设备指纹 / 加密 / 心跳 │ │
│ └───────────────────────────────┘ │
└─────────────────────────────────────┘
```
### 1.1 可直接复用的 Rust 模块
| 模块 | 复用方式 | 现状 |
|------|---------|------|
| `craft_initialize` | Tauri 启动时调用 | ✅ 已实现 |
| `craft_activate` | 用户点击"激活"时调用 | ✅ 已实现 |
| `craft_check_license` | 首页状态展示 | ✅ 已实现 |
| `craft_get_license_info` | 授权详情展示 | ✅ 已实现 |
| `craft_has_feature` | 功能特性开关展示 | ✅ 已实现 |
| `craft_release` | 撤销授权时调用 | ✅ 已实现 |
| `craft_heartbeat` | 后台定期心跳 | ✅ 已实现 |
| `device.rs` | 设备指纹采集 | ✅ 已实现 |
### 1.2 需新增的能力
| 能力 | 说明 |
|------|------|
| **HTTP 客户端** | Tauri Rust 后端调平台 REST API(SN 查询/换机申请/状态同步) |
| **本地配置持久化** | 保存激活的 SN、授权信息到本地安全存储 |
| **自动启动/托盘** | 系统托盘常驻,后台心跳,状态变更通知 |
| **平台 API 客户端** | 封装若干平台 API(查询绑定、提交换机、提交激活结果) |
---
## 2. 功能设计
### 2.1 首页 — 授权概览
| 区块 | 内容 |
|------|------|
| **授权状态卡片** | 大图标 + 状态(已授权/未授权/已过期)+ 授权类型(正式/试用) |
| **设备信息** | 设备名称、设备指纹(mid)、操作系统 |
| **授权摘要** | SN 编码、有效期、剩余天数、功能特性列表 |
| **操作区** | 激活授权、迁移授权、撤销授权三个主按钮 |
### 2.2 激活授权流程
```
1. 用户点击「激活授权」
2. 弹出对话框:输入 SN 编码(或从剪贴板粘贴)
3. 工具调用 craft_activate(SN) → 本地验证
4. 若为 selfhosted 模式 → HTTP 请求平台 API 完成远程验证
5. 成功 → 显示授权详情,开始心跳
6. 失败 → 显示错误原因(SN 无效/已吊销/网络超时等)
```
### 2.3 授权迁移流程
```
1. 用户点击「迁移授权」
2. 工具显示当前绑定的设备信息 + SN
3. 用户确认「迁移到本设备」
4. 工具先调用 craft_release() 释放旧设备授权
5. HTTP 请求平台 API 记录换机申请
6. 重新调用 craft_activate() 在新设备激活
7. 完成迁移
```
### 2.4 撤销授权流程
```
1. 用户点击「撤销授权」
2. 二次确认对话框(含风险提示)
3. 工具调用 craft_release() 释放本地授权
4. HTTP 请求平台 API 更新 SN 状态为 REVOKED
5. 清除本地配置
```
### 2.5 授权详情页
| 展示项 | 来源 |
|--------|------|
| SN 编码 | craft_get_license_info |
| 授权状态 | craft_check_license |
| 有效期 | expiration_date |
| 已授权特性 | feature_names / feature_values |
| 设备指纹(mid) | device.rs |
| 首次激活时间 | 平台 API |
| 最近心跳时间 | 本地记录 |
| 绑定历史 | 平台 API |
---
## 3. 与平台 API 的交互
工具需要通过 HTTP 与交付平台后端通信:
| 平台 API | 方法 | 用途 |
|----------|------|------|
| `/api/v1/auth/client-login` | POST | 客户端登录(获取工具专用 token) |
| `/api/v1/licenses/verify` | POST | 验证 SN 有效性 |
| `/api/v1/licenses/activate` | POST | 提交激活结果 + 设备指纹 |
| `/api/v1/licenses/revoke` | POST | 提交撤销申请 |
| `/api/v1/devices/swap-request` | POST | 提交换机申请 |
| `/api/v1/devices/{mid}/bindings` | GET | 查询绑定历史 |
### API 安全
- 客户端工具使用独立 API Token(非管理后台 JWT
- Token 限制:仅可操作本设备关联的 SN
- 所有请求附带设备指纹签名
---
## 4. 目录结构
```
client-tool/
├── src-tauri/
│ ├── src/
│ │ ├── main.rs # Tauri 入口 + 命令注册
│ │ ├── commands.rs # Tauri IPC 命令(activate/check/release/migrate
│ │ ├── platform_api.rs # 平台 REST API 客户端
│ │ ├── license.rs # 授权生命周期管理
│ │ └── config.rs # 本地持久化配置
│ ├── Cargo.toml # 依赖 craft-core 等
│ └── tauri.conf.json # Tauri 配置
├── src/
│ ├── App.vue
│ ├── views/
│ │ ├── DashboardView.vue # 首页概览
│ │ ├── ActivateView.vue # 激活向导
│ │ ├── DetailView.vue # 授权详情
│ │ └── SettingsView.vue # 设置
│ └── components/
│ ├── StatusCard.vue
│ └── FeatureList.vue
├── package.json
└── README.md
```
---
## 5. CLI 工具设计
### 5.1 命令结构
```text
craftlabs-auth-cli
├── craft status # 查看本地授权状态
├── craft activate <SN> # 使用 SN 激活本机
├── craft check # 检查授权是否有效
├── craft info # 显示授权详情 + 功能特性
├── craft release # 撤销本机授权
├── craft migrate <SN> # 迁移授权到本机
├── craft heartbeat # 手动触发心跳
├── craft device-id # 显示本机设备指纹
└── craft config # 查看/修改本地配置
```
### 5.2 技术实现
- Rust 二进制 crate`Cargo.toml` 中依赖 `craft-core`path dependency
- 使用 `clap` crate 解析命令行参数
- 平台 API 调用使用 `reqwest`(已有依赖)
- 输出格式支持 text(默认)和 json(`--json` 参数)
- 跨平台编译:Linux x86_64 + aarch64, macOS x86_64 + arm64, Windows x86_64
### 5.3 CLI 与 craft-core 的调用关系
```
craft activate SN-12345
└→ clap 解析 args → "activate"
└→ craft_initialize(config) → 初始化上下文
└→ craft_activate(handle, "SN-12345")
├→ 成功 → 持久化 SN 到本地配置
└→ 失败 → 打印错误原因
```
## 6. 实施路线
| 阶段 | 内容 | 估计 | 交付物 |
|------|------|------|--------|
| **S1: 完善SDK** | JNI bridge 编译+集成测试+CI | 1周 | 可调用的 Java SDK |
| **S2: CLI MVP** | 基础 CLIstatus/activate/check/release | 1周 | `craftlabs-auth-cli` 二进制 |
| **S3: CLI 完整** | migrate/heartbeat/config + 平台 API 对接 | 1周 | 完整 CLI 功能 |
| **S4: GUI P0** | Tauri 壳 + Vue UI + 激活/状态查看 | 2周 | 桌面应用 |
| **S5: GUI P1** | 迁移/撤销 + 系统托盘 + 心跳 | 1周 | 完整桌面应用 |
---
## 7. 修订记录
| 日期 | 说明 |
|------|------|
| 2026-05-25 | 初版:基于 PRD 评估和 Tauri 技术选型撰写 |
| 2026-05-25 | 补充:CLI 工具设计 + 实施顺序调整为 SDK→CLI→GUI |
docs/superpowers/specs/2026-05-25-mid-prototype-m7-m8-m9-design.md
+401
View File
@@ -0,0 +1,401 @@
# Mid 阶段原型设计 — M7 设备管理 / M8 通知待办 / M9 报表对账
> **基于**PRD `docs/chuangfei-platform-product-modules.md`2026-05-25 更新版)§16 原型已知局限
> **设计目标**:补齐 I1~I9 未覆盖的三个模块的 UI 原型,完善完整产品流程(登录 → 客户 → 合同 → 交付 → SN → Callback → 设备 → 待办 → 报表)
> **设计验证**:通过 Visual Companion 线框图确认,2026-05-25
> **关联文档**[BPM 与版本排期](../../chuangfei-platform-bpm-and-roadmap.md) · [并行迭代索引](../../engineering/PARALLEL_ITERATION_INDEX.md)
---
## 1. 背景与动机
### 1.1 当前状态
I1I9 已交付 M1M6 + M10-F01 + M11 基础 + 自研许可证管理(V6)。三个模块完全未开始:
| 模块 | PRD 优先级 | 计划迭代 | 功能点数 |
|------|-----------|---------|---------|
| M7 设备与终端治理 | P1 | I10I12 | 6F01F06 |
| M8 通知与待办 | P1 | I10I12 | 5F01F05 |
| M9 报表与对账 | P1 | I11 | 6F01F06 |
### 1.2 设计原则
- **遵循现有模式**:与 I1I9 的 Vue 3 + Element Plus + Pinia 风格一致
- **渐进增强**:现有原型框架不变,新增菜单项和路由
- **数据溯源**:优先复用已有 API 和数据库表,新增表最小化
- **角色一致的访问控制**:按 PRD §13 权限矩阵控制可见性
---
## 2. 导航结构更新
### 2.1 左侧菜单(新增项以 ★ 标记)
```
📊 首页
👥 客户管理
📋 项目
📋 合同管理
📦 交付管理
🔑 许可 SN
📨 Callback 收件箱
⚙️ 集成配置
🖥️ 设备管理 ★ M7 - SYS_ADMIN / DELIVERY / LICENSE_OPS
🔔 待办中心 / 通知设置 ★ M8 - 全员(按角色过滤)
📊 报表中心 ★ M9 - 管理层 / FINANCE_VIEW / COMPLIANCE
🔍 审计日志
```
### 2.2 新增路由表
| 路由 | 页面组件 | 模块 | 角色 |
|------|---------|------|------|
| `/devices` | `DeviceListView.vue` | M7 | SYS_ADMIN, DELIVERY, LICENSE_OPS |
| `/devices/:id` | `DeviceDetailView.vue` | M7 | 同上 |
| `/todos` | `TodoCenterView.vue` | M8 | 全员 |
| `/notifications/settings` | `NotificationSettingsView.vue` | M8 | SYS_ADMIN 或各角色自配置 |
| `/reports/contract-sn` | `ContractSnReportView.vue` | M9 | FINANCE_VIEW, COMPLIANCE, EXEC_VIEW |
| `/reports/callback-stats` | `CallbackStatsView.vue` | M9 | LICENSE_OPS, COMPLIANCE |
| `/reports/project-health` | `ProjectHealthView.vue` | M9 | EXEC_VIEW, SYS_ADMIN |
---
## 3. M7 设备与终端治理
### 3.1 数据模型(新增表)
```sql
-- M7:设备主表
CREATE TABLE platform_device (
id BIGSERIAL PRIMARY KEY,
mid VARCHAR(128) NOT NULL UNIQUE, -- 设备指纹 / 标识
alias VARCHAR(256), -- 别名(可读名称)
site VARCHAR(256), -- 场站 / 部署位置
customer_id BIGINT REFERENCES platform_customer(id),
project_id BIGINT REFERENCES platform_project(id),
status VARCHAR(32) NOT NULL DEFAULT 'ACTIVE', -- ACTIVE / INACTIVE / DECOMMISSIONED
first_seen_at TIMESTAMPTZ,
last_heartbeat_at TIMESTAMPTZ,
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
-- M7:设备↔SN 绑定历史(时间线)
CREATE TABLE platform_device_sn_binding (
id BIGSERIAL PRIMARY KEY,
device_id BIGINT NOT NULL REFERENCES platform_device(id),
license_sn_id BIGINT NOT NULL REFERENCES platform_license_sn(id),
bind_type VARCHAR(32) NOT NULL DEFAULT 'ACTIVATE', -- ACTIVATE / SWAP / RELEASE
bind_at TIMESTAMPTZ NOT NULL DEFAULT now(),
remark TEXT,
created_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
-- M7:换机申请记录
CREATE TABLE platform_device_swap_request (
id BIGSERIAL PRIMARY KEY,
old_device_id BIGINT NOT NULL REFERENCES platform_device(id),
new_mid VARCHAR(128) NOT NULL,
sn_id BIGINT NOT NULL REFERENCES platform_license_sn(id),
reason VARCHAR(512),
status VARCHAR(32) NOT NULL DEFAULT 'PENDING', -- PENDING / APPROVED / REJECTED
processed_by VARCHAR(256),
processed_at TIMESTAMPTZ,
remark TEXT,
created_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
```
### 3.2 页面规格
**P1. 设备列表页(/devices**
| 组件 | 说明 |
|------|------|
| 筛选栏 | 客户下拉(可搜索)、场站文本、SN 关键词、「查询」「重置」 |
| 工具栏 | 「登记设备」按钮 → 弹出登记对话框 |
| 表格列 | mid、别名、场站、关联客户、关联 SN、状态(Tag)、最近心跳时间、操作(详情) |
| 状态枚举 | Online(在线)/ Offline(离线)/ Decommissioned(已退役) |
| 分页 | 同现有模式:10/20/50 |
**P2. 设备详情页(/devices/:id**
| 区块 | 内容 |
|------|------|
| 头部 | ← 设备列表;mid 标识;状态 Tag |
| 信息区 | mid、别名、场站、客户/项目、首次发现时间、最近心跳时间 |
| 操作区 | 「编辑设备信息」按钮、「发起换机申请」按钮、「查看 SN 绑定历史」按钮 |
| SN 绑定时间线 | 列表展示:首次激活、换机、解绑等事件,按时间倒序 |
**P3. 换机申请对话框**
| 字段 | 类型 | 校验 |
|------|------|------|
| 原设备 | 只读 | 从设备详情传入 |
| 原 SN | 只读 | 该设备当前绑定的 SN |
| 新设备 mid | 文本输入 | 必填,maxlength=128 |
| 换机原因 | 下拉选择 | 硬件更换 / 场地迁移 / 性能升级 / 其他 |
| 备注 | 文本框 | 选填,maxlength=512 |
**P4. 登记设备对话框**
| 字段 | 类型 | 校验 |
|------|------|------|
| mid | 文本输入 | 必填,maxlength=128,唯一性校验 |
| 别名 | 文本输入 | 选填,maxlength=256 |
| 场站 | 文本输入 | 选填,maxlength=256 |
| 关联客户 | 下拉选择 | 选填,从已有客户列表选取 |
| 关联项目 | 下拉选择 | 选填,依赖所选客户过滤 |
### 3.3 API 端点
| 方法 | 路径 | 说明 |
|------|------|------|
| GET | `/api/v1/devices` | 设备分页列表(支持 customerId, site, snCode 筛选) |
| POST | `/api/v1/devices` | 登记设备 |
| GET | `/api/v1/devices/{id}` | 设备详情 |
| PUT | `/api/v1/devices/{id}` | 编辑设备信息 |
| GET | `/api/v1/devices/{id}/bindings` | SN 绑定时间线 |
| POST | `/api/v1/devices/{id}/swap-request` | 提交换机申请 |
| GET | `/api/v1/swap-requests` | 换机申请列表(Ops 审批用) |
| PATCH | `/api/v1/swap-requests/{id}/status` | 审批换机申请 |
---
## 4. M8 通知与待办
### 4.1 数据模型(新增表)
```sql
-- M8:待办事项
CREATE TABLE platform_todo_item (
id BIGSERIAL PRIMARY KEY,
todo_type VARCHAR(64) NOT NULL, -- CALLBACK_PENDING / SN_PENDING / ACTIVATION_OVERDUE
title VARCHAR(512) NOT NULL,
source_id BIGINT, -- 关联业务 ID(如 callback_inbox_id
source_type VARCHAR(64), -- 关联业务类型
priority VARCHAR(16) NOT NULL DEFAULT 'MEDIUM', -- HIGH / MEDIUM / LOW
status VARCHAR(32) NOT NULL DEFAULT 'PENDING', -- PENDING / PROCESSED / IGNORED
assigned_role VARCHAR(64), -- 目标角色
assigned_user_id VARCHAR(256), -- 认领人
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
processed_at TIMESTAMPTZ,
remark TEXT
);
-- M8:通知配置(每个用户或角色)
CREATE TABLE platform_notification_config (
id BIGSERIAL PRIMARY KEY,
role_code VARCHAR(64), -- 角色级别默认配置
channel_email BOOLEAN DEFAULT FALSE,
channel_wecom BOOLEAN DEFAULT FALSE,
channel_in_app BOOLEAN DEFAULT TRUE,
event_type VARCHAR(64) NOT NULL, -- 订阅的事件类型
aggregation_rule VARCHAR(64), -- 聚合规则:NONE / 30MIN / DAILY_DIGEST
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
);
```
### 4.2 页面规格
**P1. 待办中心(/todos**
| 组件 | 说明 |
|------|------|
| 统计卡片 | 3 个 KPI 卡片:待处理 Callback 数 / 待发放 SN 数 / 待核对激活数(带角色过滤) |
| 筛选栏 | 类型下拉(全部 / Callback / SN 发放 / 激活核对)、状态、「查询」 |
| 表格列 | 类型(Tag)、标题、来源、优先级(高/中/低)、创建时间、操作(认领/前往/忽略) |
| 批量操作 | 「批量标记已处理」「批量忽略」 |
**P2. 通知设置(/notifications/settings**
| 区块 | 内容 |
|------|------|
| 通知通道 | 复选框组:站内待办 / 邮件 / 企业微信 / 短信。**MVP 实际仅实现「站内待办」**;邮件和企微为配置项占位,实际发送通道依赖独立基建,列 Mid 增强 |
| 事件订阅表 | 事件类型、通知方式、订阅角色、静默规则 |
| 操作 | "保存配置"按钮 |
**事件类型订阅清单**(与 Callback 事件类型对齐):
| 事件类型 | 默认通道 | 默认角色 | 聚合规则 |
|---------|---------|---------|---------|
| Callback 待处理 | 站内 + 邮件 | LICENSE_OPS | 30 分钟内合并 |
| SN 待发放 | 站内 | LICENSE_OPS | 每日汇总 |
| 激活超期 7 日 | 站内 + 邮件 | DELIVERY + LICENSE_OPS | 不重复 |
| 换机申请待审批 | 站内 | LICENSE_OPS | 不重复 |
| 合同到期提醒 | 邮件 | SALES | 每周汇总 |
### 4.3 API 端点
| 方法 | 路径 | 说明 |
|------|------|------|
| GET | `/api/v1/todos` | 待办列表(支持 type, status, role 筛选) |
| PATCH | `/api/v1/todos/{id}/status` | 更新待办状态(认领/完成/忽略) |
| POST | `/api/v1/todos/batch-status` | 批量更新待办状态 |
| GET | `/api/v1/notifications/config` | 获取通知配置 |
| PUT | `/api/v1/notifications/config` | 更新通知配置 |
---
## 5. M9 报表与对账
### 5.1 数据说明
M9 **不新增独立表**,全部基于已有业务表做聚合查询:
| 视图 | 数据源 | 聚合逻辑 |
|------|--------|---------|
| 合同 vs SN 对账 | `platform_contract` + `platform_contract_line` + `platform_license_sn` | 按合同行分组 COUNT SN |
| 已发 vs 已激活 | `platform_license_sn` | 按 status 分组统计 |
| Callback 统计 | `platform_callback_inbox` | 按 event_type / status / 时间聚合 |
| 项目健康度 | 多表联合 | 交付率 / SN 发放率 / 激活率 加权计算 |
### 5.2 页面规格
**P1. 履约对账(/reports/contract-sn**
| 组件 | 说明 |
|------|------|
| 筛选栏 | 项目下拉、合同下拉、「查询」「导出 CSV」 |
| KPI 卡片 | 合同总行项数、已发 SN 数、未发缺口、已激活/已发 |
| 表格列 | 合同编号、客户、行项、应发、实发、已激活、缺口、状态(正常/缺额/超发) |
**P2. Callback 统计(/reports/callback-stats**
| 区块 | 内容 |
|------|------|
| 时间段选择 | 近 24 小时 / 近 7 天 / 近 30 天 / 自定义 |
| 事件类型分布 | 柱状图或百分比条:各事件类型占比 |
| 处理成功率趋势 | 日/周/月成功率 + 总量 |
| Top 失败原因 | 排名列表(失败原因 + 占比 + 趋势) |
**P3. 项目健康度看板(/reports/project-health**
| 组件 | 说明 |
|------|------|
| 表格列 | 项目名称、交付完成率、SN 发放率、激活率、健康度(🟢正常/🟡关注/🔴风险) |
| 健康度规则 | 绿:三项均 ≥80%;黄:任一项 <80%;红:任一项 <50% |
### 5.3 API 端点
| 方法 | 路径 | 说明 |
|------|------|------|
| GET | `/api/v1/reports/contract-sn` | 履约对账报表(支持 projectId, contractId 筛选) |
| GET | `/api/v1/reports/callback-stats` | Callback 统计(支持时间范围、eventType 筛选) |
| GET | `/api/v1/reports/project-health` | 项目健康度列表 |
| GET | `/api/v1/reports/export` | 导出 CSV — 后端生成文件流,前端触发下载(Content-Disposition: attachment |
---
## 6. 实现注意事项
### 6.1 与现有系统的集成
- **设备↔SN 绑定**`platform_device_sn_binding.license_sn_id` → 引用已有 `platform_license_sn.id`
- **待办自动生成**`platform_todo_item``source_id` + `source_type` 可指向 `platform_callback_inbox.id` 等已有业务表
- **报表聚合**:复用现有 MyBatis-Plus Mapper,新增报表专用的 `@Select` 查询方法
### 6.2 角色与权限
- 初始角色配置使用简化三角色(SYS_ADMIN / DEVELOPER / OPS
- Mid 阶段实际交付时应按 PRD §13.2 的产品定义角色集落地:
- DELIVERY → M7 设备读写
- LICENSE_OPS → M7 设备读写、M8 待办、M9 Callback 统计
- SALES → M9 合同对账只读
- FINANCE_VIEW / COMPLIANCE → M9 报表只读
- EXEC_VIEW → M9 项目健康度只读
### 6.3 M7-F05 设备事件联动实现机制
Callback `device:*` 事件(`device:pre_activate` / `post_activate`)到达时:
1. Webhook Ingress 接收并写入 `platform_callback_inbox`
2. `CallbackInboxService` 解析事件中的 `mid` 字段
3.`mid``platform_device` 中已存在 → 更新 `last_heartbeat_at`,并在 `platform_device_sn_binding` 添加记录
4.`mid` 不存在 → 自动创建设备草稿记录(status=INACTIVE),并在待办中心生成一条「新设备待确认」待办
5. Ops 可在设备详情页手动补充别名/场站/客户关联
此机制**不依赖 M7 管理页面存在**即可在后台运行;M7 页面提供的是查看和手工干预入口。
### 6.4 与 PRD 状态对照
| 功能点 | 本设计覆盖 | 说明 |
|--------|-----------|------|
| M7-F01 设备登记 | ✅ | 登记对话框 + 列表 |
| M7-F02 绑定历史 | ✅ | 设备详情时间线 |
| M7-F03 换机申请 | ✅ | 换机申请对话框 + 审批 |
| M7-F04 设备检索 | ✅ | 列表多维度筛选 |
| M7-F05 Callback 联动 | ✅ | 待办自动生成 |
| M7-F06 策略展示 | ❌ 后续 | 依赖 BitAnswer 策略查询 |
| M8-F01 待办列表 | ✅ | 待办中心 |
| M8-F02 认领/完成 | ✅ | 状态 PATCH + 批量 |
| M8-F03 通知通道 | ✅ | 通知配置页 |
| M8-F04 通知模板 | ✅ | 事件→模板配置 |
| M8-F05 静默规则 | ✅ | 聚合规则配置 |
| M9-F01 合同 vs SN | ✅ | 履约对账页 |
| M9-F02 已发 vs 激活 | ✅ | 履约对账页含 |
| M9-F03 Callback 统计 | ✅ | Callback 统计页 |
| M9-F04 导出 CSV | ✅ | 导出按钮 |
| M9-F05 项目健康度 | ✅ | 健康度看板 |
| M9-F06 订阅报表 | ❌ 后续 | 定时邮件推送 |
---
## 7. 页面关系图
```mermaid
flowchart TB
subgraph Existing["已有页面(I1-I9"]
Login[登录页]
Home[首页]
Customers[客户管理]
Projects[项目]
Contracts[合同管理]
Deliveries[交付管理]
SNS[许可 SN]
Callbacks[Callback 收件箱]
Integration[集成配置]
Audit[审计日志]
end
subgraph New["新增页面(Mid"]
Devices[设备列表]
DeviceDetail[设备详情]
SwapRequest[换机申请]
Todos[待办中心]
NotifConfig[通知设置]
ReportCS[履约对账]
ReportCB[Callback 统计]
ReportPH[项目健康度]
end
Login --> Home
Home --> Customers --> Projects
Projects --> Contracts
Contracts --> Deliveries
Deliveries --> SNS
Callbacks --> SNS
Integration --> SNS
SNS --> Devices
Devices --> DeviceDetail
DeviceDetail --> SwapRequest
Callbacks --> Todos
SNS --> Todos
Devices --> Todos
Contracts --> ReportCS
SNS --> ReportCS
Callbacks --> ReportCB
ReportCS --> ReportPH
ReportCB --> ReportPH
```
---
## 8. 修订记录
| 日期 | 说明 |
|------|------|
| 2026-05-25 | 初版:基于 PRD 更新版和 Visual Companion 线框图确认结果撰写 |
docs/superpowers/specs/2026-05-26-code-audit-report.md
+318
View File
@@ -0,0 +1,318 @@
# 代码实现审计报告 — PRD vs 实际实现
**审计日期:** 2026-05-26
**审计范围:**
- PRD 文档: `chuangfei-platform-product-modules.md` (M1-M11), `FRONTEND_UI_SPECIFICATION.md`, `chuangfei-platform-bpm-and-roadmap.md`
- 后端: `services/delivery-platform-api/` (153 Java 文件) + `services/license-webhook-ingress/`
- 前端: `web/delivery-platform-ui/src/` (47 源文件)
---
## 1. 严重缺陷 (Critical)
### CR-01: 认证系统硬编码用户凭据
**位置:** `AuthController.java:54-89`
**PRD 对照:** M11-F14 要求「用户与账号生命周期:创建、启用/禁用、离职归档」
**实际实现:** 4 个用户硬编码在 Java switch 语句中:
```java
case "admin" role=SYS_ADMIN
case "sales" role=SALES
case "delivery" role=DELIVERY
case "ops" role=LICENSE_OPS
```
**缺陷:**
- 密码 = 小写用户名 (`pass.equals(user.toLowerCase())`) — admin/admin, sales/sales
- 无数据库用户表 — 无法 CRUD、禁用、归档
- 注入的 `PasswordEncoder` (BCrypt) 仅用于 `changePassword` 端点,登录完全不使用
- `changePassword` 验证旧密码时硬编码 `passwordEncoder.encode("admin")`,对非 admin 用户永远失败
**影响:** 无法管理用户、密码与用户名相同、安全基线不达标
---
### CR-02: JWT Token 存储在 localStorage
**位置:** `stores/auth.js:4,8,29,37`
**PRD 对照:** §16.6 已知局限明确标注「前端 Token 存 localStorage(非 HttpOnly Cookie)」为已知安全缺陷,计划 Mid 迁移
**实际实现:** Token 通过 `localStorage.setItem(TOKEN_KEY)` 持久化
```javascript
// auth.js:29
localStorage.setItem(TOKEN_KEY, this.token);
axios.defaults.headers.common.Authorization = `Bearer ${this.token}`;
```
**缺陷:** XSS 攻击可窃取 localStorage 中的 JWT,获得完整 API 访问权限
**影响:** 安全 — XSS 窃取 → 权限丢失
**缓解:** 当前通过 CSP + 前端无富文本渲染降低风险,但未根本解决
---
### CR-03: Error Message 泄露
**位置:**
- `LicenseController.java:25``ResponseEntity.internalServerError().body(Map.of("error", e.getMessage()))`
- `ContractController.java:136``ResponseEntity.status(500).body(Map.of("error", e.getMessage()))`
**PRD 对照:** 无明确的错误消息规范,但全局 `ApiExceptionHandler` 已返回泛化消息 "服务器内部错误"
**缺陷:** 这两个 Controller 使用 try-catch 捕获 `Exception` 并将异常消息原文 (`e.getMessage()`) 返回给客户端,绕过了全局异常处理器。可能泄露实现细节(表名、SQL、文件路径)。
**影响:** 信息安全 — 生产环境可能泄露堆栈或内部路径信息
---
### CR-04: resetPassword 和 forceLogout 是空操作
**位置:** `AuthController.java:131-148`
**PRD 对照:** M11-F08「密码重置: 管理员重置密码或邮件/短信重置链接」、M11-F12「管理员强制下线」
**实际实现:** 两个端点均仅有参数校验,无实际逻辑
```java
// resetPassword — 校验参数后直接返回 200 OK,未更新任何密码
@PostMapping("/admin/reset-password")
public ResponseEntity<Void> resetPassword(@RequestBody Map<String, String> body) {
String username = body.get("username");
String newPassword = body.get("newPassword");
if (username == null || newPassword == null || newPassword.length() < 6) {
throw new ResponseStatusException(...);
}
return ResponseEntity.ok().build(); // 没有实际更新密码!
}
// forceLogout — 同上,无会话失效逻辑
@PostMapping("/admin/force-logout")
public ResponseEntity<Void> forceLogout(@RequestBody Map<String, String> body) {
String username = body.get("username");
if (username == null) throw new ResponseStatusException(...);
return ResponseEntity.ok().build(); // 没有实际使会话失效!
}
```
**影响:** 功能完全不可用 — 前端调用后显示成功,实际无效果
---
## 2. 高危缺陷 (High)
### HI-01: 无用户管理数据库表
**位置:** `AuthController.java` (全部)
**PRD 对照:** M11-F14「用户与账号生命周期:创建、启用/禁用、离职归档」— P0
**实际:**`platform_user` 表或类似实体。4 个用户硬编码。Flyway 迁移 V15 `seed_product_roles.sql` 仅涉及角色种子数据。
**影响:** M11-F14 完全未实现,无法添加/禁用/管理用户
---
### HI-02: 权限模型硬编码
**位置:** `AuthController.java:91-114`
**PRD 对照:** §13.4 要求权限码命名规范(如 `customer:project:rw``contract:order:export`
**实际:** 权限字符串在 Java switch 中硬编码,非数据库驱动、不可配置
```java
case "SALES":
permissions.add("customer:*");
permissions.add("project:*");
permissions.add("contract:*");
permissions.add("delivery:read");
break;
```
**影响:** 新增角色或调整权限需改代码重启;权限码 `v-permission` 指令在前端存在但后端无对应校验
---
### HI-03: 会话管理后端无状态
**位置:** `SecurityConfig.java:55-56``SessionCreationPolicy.STATELESS`
**PRD 对照:** M11-F03「空闲超时自动登出」、M11-F11「并发会话策略」
**实际:** JWT 无状态设计意味着后端无法主动使会话失效(无会话存储)。空闲超时仅在前端实现(`idleTimer.js`),后端无法强制登出。`forceLogout` API 为空操作。
**影响:** 并发会话、强制下线、空闲超时功能均无法在后端层面实现
---
### HI-04: LicenseController 异常处理绕过全局 Handler
**位置:** `LicenseController.java:19-27`
**PRD 对照:** 全局 `ApiExceptionHandler` 已提供统一错误格式 `{status, message}`
**实际:** `create` 方法手动 try-catch,返回非标准错误格式
```java
try {
return ResponseEntity.ok(licenseService.create(request));
} catch (Exception e) {
return ResponseEntity.internalServerError().body(Map.of("error", e.getMessage()));
}
```
返回格式为 `{"error": "..."}` 而非全局标准的 `{"status": 500, "message": "..."}`
**影响:** API 响应格式不一致,前端 `apiErrorMessage.js` 可能无法解析
---
## 3. 中危缺陷 (Medium)
### ME-01: 合同附件上传无校验
**位置:** `ContractController.java:118-137`
**PRD 对照:** M2-F05「合同附件:上传扫描件/电子签输出(存储与权限受控)」
**实际:** 上传端点无文件大小限制、无文件类型白名单、无病毒扫描
```java
@PostMapping("/{id}/attachments")
public ResponseEntity<Map<String, Object>> uploadAttachment(@PathVariable Long id, @RequestParam("file") MultipartFile file) {
// 无 file.getSize() 校验
// 无 file.getContentType() 白名单
// 直接将文件写入本地磁盘
```
**影响:** 可能被用于上传恶意文件;磁盘可能被大文件填满
---
### ME-02: 部分 Controller 返回格式不统一
**位置:** 多文件
**PRD 对照:** 无明确 API 响应规范
**实际:** 存在三种返回风格:
1. 全局 `ApiExceptionHandler``{status, message}` (标准)
2. `LicenseController``{error, ...}` (非标准)
3. `ContractController``{error, ...}` (非标准)
4. 部分端点直接返回实体对象(非 Map)
**影响:** 前端 `apiErrorMessage.js` 兼容多种格式但无法覆盖所有情况
---
### ME-03: 系统参数仅存于 localStorage
**位置:** `SystemParamsView.vue:14-33`
**PRD 对照:** M11-F20「系统参数」— 期望持久化到后端数据库
**实际:**
```javascript
// 直接保存到浏览器 localStorage
localStorage.setItem('systemParams', JSON.stringify(params.value))
ElMessage.success('参数已保存(MVP: 存储于浏览器本地)')
```
**影响:** 参数仅对当前浏览器有效,不同用户/设备参数不一致;清除浏览器数据后丢失
---
### ME-04: 后端 changePassword 验证逻辑错误
**位置:** `AuthController.java:151-168`
**PRD 对照:** M11-F07「已登录用户修改本人密码;校验旧密码强度与新密码策略」
**实际:**
```java
String currentPasswordHash = passwordEncoder.encode("admin"); // 始终比较 admin 的密码!
if (!passwordEncoder.matches(oldPassword, currentPasswordHash)) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "旧密码错误");
}
```
`passwordEncoder.encode("admin")` 硬编码为 "admin",导致:
- admin 用户可以改密(旧密码 = admin 通过)
- 其他用户(sales/delivery/ops)永远无法通过旧密码验证
---
### ME-05: SN 批量导入缺少事务回滚
**位置:** `LicenseSnService.java:134-155`
**PRD 对照:** M4-F01/F07 批量操作
**实际:** 逐条插入,失败项跳过继续,但方法未标注 `@Transactional`
```java
public Map<String, Object> batchImport(List<LicenseSnCreateRequest> requests) {
// for 循环逐条 insert,无事务保护
// 部分成功 = 部分写入无法回滚
```
**影响:** 批量导入 100 条中第 50 条失败时,前 49 条已写入无法撤销
---
## 4. PRD 与实现偏离 (Misalignment)
### MA-01: M11 角色模型偏离产品定义
| 产品定义角色 | 实际实现 | 状态 |
|------------|---------|------|
| SYS_ADMIN | ✅ | 产品定义包含 |
| SALES | ✅ I10 新增 | 产品定义包含 |
| DELIVERY | ✅ I10 新增 | 产品定义包含 |
| LICENSE_OPS | ✅ I10 新增 | 产品定义包含 |
| ORDER_SUPPORT | ○ | 产品定义但未实现 |
| FINANCE_VIEW | ○ | 产品定义但未实现 |
| COMPLIANCE | ○ | 产品定义但未实现 |
| EXEC_VIEW | ○ | 产品定义但未实现 |
| SECURITY_ADMIN | ○ | 产品定义但未实现 |
| DEVELOPER | ✅ (应废弃) | MVP 遗留非标角色 |
| OPS | ✅ (应废弃) | MVP 遗留非标角色 |
前端路由角色标记(`router/index.js`)仍广泛使用 `SYS_ADMIN``SALES`,但 `DEVELOPER` 已从路由角色列表中移除,而 `LICENSE_OPS``DELIVERY` 已加入。
### MA-02: M1-F07 客户冻结后端就绪前端缺 UI
**位置:** 后端 `CustomerController.java``PATCH /{id}/freeze``/unfreeze` 端点,前端 `CustomersView.vue` 无冻结操作入口
### MA-03: M11-F07 密码修改已实现但产品文档未标记
`ProfileView.vue` 已包含完整的改密弹窗,`AuthController` 有对应端点,但文档标注为 ○。
---
## 5. 代码质量问题 (Code Quality)
### CQ-01: SecurityConfig 重复 import (已修复)
**位置:** `SecurityConfig.java:5,20` — 两次 `import org.springframework.context.annotation.Bean`
**状态:** ✅ 本次审计已修复
### CQ-02: 个别 Controller 使用 `@PreAuthorize` 而非 JWT Filter 角色
**位置:** `LicenseController.java:20,30,40` — 使用 `@PreAuthorize("hasRole('LICENSE_OPS') or hasRole('ADMIN')")`
**问题:** 与 JWT Filter 的双重验证增加了 role 前缀处理的复杂性(JwtAuthFilter 添加 `ROLE_` 前缀,`@PreAuthorize` 期望 `ROLE_` 格式)
### CQ-03: 前端 API 层中个别函数含 query 参数拼接
**位置:** `platform.js:460`
```javascript
export function createSkuMapping(contractLineId, body) {
return axios.post(`/api/v1/integration/sku-mappings?contractLineId=${contractLineId}`, body);
}
```
**影响:** 非紧急,但建议统一使用 `{ params: { contractLineId } }` 方式
---
## 6. 未被 PRD 覆盖但代码已实现的模块(超前实现)
| 模块 | 功能 | 建议 |
|------|------|------|
| M7 设备管理 | 登记/列表/详情/绑定/换机申请 | 核对 PRD 需求后决定是否纳入正式范围 |
| M8 通知待办 | 待办中心 + 通知通道配置 UI | 需补充实际发送逻辑 |
| M9 报表对账 | 4 个报表页面均已上线 | 补充导出按钮和推送逻辑 |
| M6 ID/特征/SKU 映射 | 前后端均已实现 | 更新产品文档状态 |
---
## 7. 汇总统计
| 严重级别 | 数量 | 编号 |
|---------|------|------|
| 🔴 Critical | 4 | CR-01~CR-04 |
| 🟠 High | 4 | HI-01~HI-04 |
| 🟡 Medium | 5 | ME-01~ME-05 |
| 🔵 Misalignment | 3 | MA-01~MA-03 |
| ⚪ Code Quality | 3 | CQ-01~CQ-03 |
| **合计** | **19** | |
---
## 8. 修复建议优先级
### P0 — 立即修复(安全基线)
1. **CR-01** (硬编码用户): 创建 `platform_user` 表 + Flyway 迁移 + AuthController 改用数据库查询 + BCrypt 密码校验
2. **CR-04** (空操作端点): `resetPassword``forceLogout` 补充实际逻辑 — resetPassword 更新用户密码,forceLogout 增加黑名单机制
3. **CR-03** (错误泄露): `LicenseController``ContractController` 移除 try-catch,让全局 `ApiExceptionHandler` 接管
4. **ME-04** (改密逻辑错误): `changePassword` 从 SecurityContext 获取当前用户名,从数据库查询对应用户的密码哈希
### P1 — 短期修复
5. **HI-01** (用户管理): 在 P0 用户表基础上实现用户 CRUD API + 前端管理页面
6. **ME-01** (附件校验): ContractController upload 增加 `@Size` 注解和文件类型白名单
7. **ME-05** (事务缺失): `batchImport` 方法添加 `@Transactional`
### P2 — 中长期
8. **CR-02** (Token 存储): 迁移至 HttpOnly Cookie(需后端配合返回 Set-Cookie header
9. **HI-02** (权限模型): 权限码持久化到数据库,实现可配置 RBAC
10. **HI-03** (会话管理): 引入 Token 黑名单/白名单机制或 Redis 会话存储
docs/superpowers/specs/2026-05-26-prototype-gap-analysis.md
+469
View File
@@ -0,0 +1,469 @@
# 原型实现复盘 — 缺漏功能 & 页面清单
**生成日期:** 2026-05-26
**参考来源:**
- `docs/chuangfei-platform-product-modules.md` (§2~§12 功能点表 + §16 原型说明)
- `docs/engineering/FRONTEND_UI_SPECIFICATION.md` (前端 UI 规格)
- `services/delivery-platform-api/` 全部 Controller 端点
- `web/delivery-platform-ui/src/router/index.js` + `src/views/` (38 视图)
- `docs/engineering/iterations/I9_IMPLEMENTATION_REVIEW.md`
---
## 总览
| 模块 | 功能点总数 | ✅ 已实现 | ◐ 部分实现 | ○ 未实现 | — 依赖前置 |
|------|-----------|-----------|------------|----------|-----------|
| **M1** 客户与项目 | 9 | 4 | 1 | 4 | 0 |
| **M2** 合同与履约行 | 9 | 5 | 0 | 4 | 0 |
| **M3** 交付管理 | 8 | 5 | 1 | 2 | 0 |
| **M4** 授权与许可运营 | 11 | 3 | 2 | 5 | 1 |
| **M5** Callback 运营 | 10 | 7 | 1 | 2 | 0 |
| **M6** 授权集成与配置 | 9 | 3 | 0 | 6 | 0 |
| **M7** 设备与终端 | 6 | 0 | 4 | 2 | 0 |
| **M8** 通知与待办 | 5 | 0 | 2 | 3 | 0 |
| **M9** 报表与对账 | 6 | 0 | 4 | 2 | 0 |
| **M10** 审计与合规 | 4 | 1 | 1 | 2 | 0 |
| **M11** 身份与平台管理 | 21 | 6 | 3 | 12 | 0 |
| **合计** | **98** | **34 (35%)** | **19 (19%)** | **44 (45%)** | **1 (1%)** |
> **说明**: 实际代码实现程度高于产品模块文档中的状态标记。以下按模块逐个详细盘点。
---
## M1 — 客户与项目中心
**当前页面**: `/customers` `CustomersView.vue`, `/customers/:id` `CustomerDetailView.vue`, `/projects` `ProjectsView.vue`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M1-F01 | 客户档案创建/编辑 | ◐ | 仅 name + credit_code,缺行业/地址/开票信息字段 |
| M1-F02 | 客户列表与检索 | ✅ | 关键词搜索 + 分页 |
| M1-F03 | 客户详情聚合视图 | ○ | **未实现** — 缺少关联项目数/在履约合同/在途 SN 统计摘要。后端 `GET /{id}/summary` 已存在 |
| M1-F04 | 项目创建/编辑 | ◐ | 仅 name + customer_id + phase,缺计划起止日期、项目经理 |
| M1-F05 | 项目列表与筛选 | ✅ | 按客户、阶段筛选 |
| M1-F06 | 项目干系人 | ◐ | 后端有 `/stakeholders` CRUD 端点,但前端 **无独立 UI 入口**(仅 API 可用) |
| M1-F07 | 客户/项目冻结与解冻 | ◐ | 后端 `PATCH /{id}/freeze` `/unfreeze` 已实现,但前端 **缺 UI 操作** |
| M1-F08 | 客户合并与去重 | ○ | 未开始 |
| M1-F09 | 外部 CRM 主数据同步 | ○ | 未开始 |
### 前端页面缺口
| 缺漏 | 说明 |
|------|------|
| 客户详情聚合视图 | 后端 `/customers/{id}/summary` 已就绪,缺前端展示页 |
| 项目干系人管理 UI | 后端 CRUD 就绪,前端口/弹窗未实现 |
| 冻结/解冻操作 UI | 后端端点就绪,前端缺按钮和确认弹窗 |
---
## M2 — 合同与履约行
**当前页面**: `/contracts` `ContractsView.vue`, `/contracts/new` `ContractWizardView.vue`, `/contracts/:id` `ContractDetailView.vue`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M2-F01 | 合同登记与编辑 | ✅ | 完整 CRUD + 客户/项目关联 |
| M2-F02 | 合同状态机 | ✅ | DRAFT→PENDING_EFFECTIVE→EFFECTIVE→CHANGING→TERMINATED |
| M2-F03 | 合同标的摘要 | ✅ | 行项汇总展示 |
| M2-F04 | 合同行项 | ✅ | 多行 CRUD,含数量/单位 |
| M2-F05 | 合同附件 | ◐ | 后端有 `POST /{id}/attachments` 端点,前端 **缺上传 UI** |
| M2-F06 | 合同与订单关联 | ○ | 未开始 |
| M2-F07 | 合同变更与版本 | ◐ | 后端有 `POST /{id}/changes` + `/complete` 端点,前端 **缺变更 UI** |
| M2-F08 | 合同行↔SKU 映射 | ○ | 依赖 M6 联动 |
| M2-F09 | 合同到期与续费提醒 | ○ | 依赖 M8 联动 |
### 前端页面缺口
| 缺漏 | 说明 |
|------|------|
| 附件上传弹窗 | 后端端点已存在,详情页缺附件区块 |
| 变更单发起/完成 UI | 后端 `changes` 端点已实现,合同详情缺变更操作入口 |
---
## M3 — 交付管理
**当前页面**: `/deliveries` `DeliveriesView.vue`, `/deliveries/new` `DeliveryBatchWizardView.vue`, `/deliveries/:id` `DeliveryBatchDetailView.vue`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M3-F01 | 交付批次创建 | ✅ | |
| M3-F02 | 交付清单 | ✅ | 行项管理 |
| M3-F03 | 交付与合同行关联 | ✅ | |
| M3-F04 | 交付状态 | ✅ | PENDING→DELIVERED→CANCELLED |
| M3-F05 | 交付完成确认 | ✅ | |
| M3-F06 | 现场环境信息 | ○ | 未实现 |
| M3-F07 | SN 发放门禁 | ○ | 后端 system params `deliveryGateEnabled` 已定义,但门禁逻辑未实际执行 |
| M3-F08 | 交付模板 | ○ | 未开始 |
---
## M4 — 授权与许可运营
**当前页面**: `/licenses/sn` `LicenseSnListView.vue`, `/licenses/sn/new` `LicenseSnWizardView.vue`, `/licenses/sn/:id` `LicenseSnDetailView.vue`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M4-F01 | SN 手工录入/导入 | ◐ | 手工录入✅,批量导入 **缺前端 UI**(后端 `POST /batch-import` 已存在) |
| M4-F02 | SN 与合同/项目/客户绑定 | ✅ | |
| M4-F03 | SN 生命周期状态 | ✅ | REGISTERED→ISSUED→ACTIVATED→SUSPENDED→REVOKED |
| M4-F04 | SN 详情页 | ✅ | 绑定/状态/备注 |
| M4-F05 | 激活结果回写 | ◐ | 支持手工状态更新,缺原因码分类 |
| M4-F06 | 比特控制台状态摘要 | ○ | 依赖比特对接,未实现 |
| M4-F07 | 批量 SN 操作 | ◐ | 后端 `POST /batch-import` 已存在,前端 **缺批量操作 UI** |
| M4-F08 | 授权需求单 | ○ | 未开始 |
| M4-F09 | 试用/正式/续期标签 | ○ | 未开始 |
| M4-F10 | SN 与设备关联视图 | — | 依赖 M7 |
| M4-F11 | 授权策略生效视图 | ○ | 依赖 M6 联动 |
### 前端页面缺口
| 缺漏 | 说明 |
|------|------|
| 批量导入 SN UI | 后端 `POST /license-sns/batch-import` 已就绪,前端缺导入页面/弹窗 |
| 批量 SN 操作 UI | 列表页缺批量选择 + 批量状态变更 |
| 原因码分类选择 | 详情页状态变更时缺原因码下拉 |
---
## M5 — Callback 运营
**当前页面**: `/callbacks` `CallbackInboxView.vue`, `/callbacks/:id` `CallbackInboxDetailView.vue`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M5-F01 | 事件收件箱列表 | ✅ | 多维度筛选 |
| M5-F02 | 事件详情 | ✅ | payload 脱敏预览 |
| M5-F03 | 处理状态 | ✅ | PENDING→PROCESSED/FAILED/IGNORED |
| M5-F04 | 关联解析失败兜底 | ✅ | 人工挂接 SN/项目/合同 |
| M5-F05 | 事件类型字典 | ✅ | |
| M5-F06 | 失败原因标注 | ○ | 未实现 |
| M5-F07 | 批量重处理/重试 | ◐ | 单条 DEAD 重放✅ (I8)**批量未做** |
| M5-F08 | 死信与积压监控视图 | ○ | 未实现 |
| M5-F09 | 事件驱动待办 | — | 依赖 M8 |
| M5-F10 | 模拟投递 | ◐ | `POST /simulate` 端点已存在,前端 **缺测试工具 UI** |
### 前端页面缺口
| 缺漏 | 说明 |
|------|------|
| 模拟投递测试工具 | 后端 `POST /callback-inbox/simulate` 就绪,前端缺页面/弹窗 |
| 批量重处理 UI | 列表页缺批量选择 + 批量重入队 |
| 死信积压监控 | 独立视图或仪表盘区块 |
---
## M6 — 授权集成与配置
**当前页面**: `/integration/environments`, `/integration/product-lines`, `/integration/id-mappings`, `/integration/sku-mappings`, `/integration/feature-mappings`, `/integration/json-templates`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M6-F01 | 产品线定义 | ✅ | 列表已实现 |
| M6-F02 | 环境维度 | ✅ | dev/prod seed 数据 |
| M6-F03 | 比特 ID 映射 | ◐ | 前端 `IntegrationIdMappingView` 已存在,后端 CRUD 就绪,但 **产品模块标记为○**,需确认映射字段对齐 |
| M6-F04 | 特征映射 | ◐ | 前端 `IntegrationFeatureMappingView` 已存在,后端就绪 |
| M6-F05 | JSON 模板管理 | ◐ | 前端 `IntegrationJsonTemplateView` 已存在,后端 CRUD 就绪,但 **Schema 校验未关联 UI** |
| M6-F06 | 配置发布记录 | ○ | 未实现 |
| M6-F07 | 控制台链接与说明 | ○ | 未实现 |
| M6-F08 | SDK 版本矩阵 | ○ | 未开始 |
| M6-F09 | 变更影响分析 | ○ | 未开始 |
> **说明**: M6 实际代码实现远超产品文档标记。ID 映射/特征映射/JSON 模板 的前后端均已实现但未标记。需核对字段完整性。
---
## M7 — 设备与终端治理
**当前页面**: `/devices` `DeviceListView.vue`, `/devices/:id` `DeviceDetailView.vue`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M7-F01 | 设备登记 | ◐ | 前端 `DeviceListView` 已实现列表+登记弹窗,后端 CRUD 就绪,但字段覆盖需确认 |
| M7-F02 | 设备与 SN 绑定历史 | ◐ | `DeviceDetailView` 已实现,绑定时间线需核对完整性 |
| M7-F03 | 换机申请与处理 | ◐ | 后端 `POST /{id}/swap-request` 已存在,审批流未实现 |
| M7-F04 | 设备列表与检索 | ✅ | 已实现 |
| M7-F05 | 与 Callback 设备事件联动 | ○ | 未实现 |
| M7-F06 | 终端数/并发策略展示 | ○ | 未开始 |
> **说明**: M7 实际实现远超产品文档标记的"全 ○"。设备登记、列表、详情、绑定历史已上线。待确认字段和审批流完整性。
---
## M8 — 通知与待办
**当前页面**: `/todos` `TodoCenterView.vue`, `/notifications/settings` `NotificationSettingsView.vue`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M8-F01 | 站内待办列表 | ◐ | `TodoCenterView` 已实现,支持类型筛选/优先级/状态,但 **自动化生成待办** 未接入 |
| M8-F02 | 待办认领与完成 | ◐ | 状态流转已实现,但标注/备注功能待补 |
| M8-F03 | 邮件/企微通道 | ◐ | `NotificationSettingsView` 已实现通道配置 UI + 事件订阅表,但 **实际发送逻辑** 未接入 |
| M8-F04 | 通知模板 | ○ | 未实现 |
| M8-F05 | 静默规则 | ○ | 未开始 |
> **说明**: M8 实际实现远超产品文档标记。待办中心+通知设置均已上线。核心缺口是自动化待办生成和通知发送通道的实际对接。
---
## M9 — 报表与对账
**当前页面**: `/reports/contract-sn` `ContractSnReportView.vue`, `/reports/callback-stats` `CallbackStatsView.vue`, `/reports/project-health` `ProjectHealthView.vue`, `/reports/subscriptions` `SubscriptionReportView.vue`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M9-F01 | 合同标的 vs 已发 SN 视图 | ◐ | `ContractSnReportView` 已实现,需核对数据准确性和维度 |
| M9-F02 | 已发 vs 已激活视图 | ○ | 未专门实现(可合并到 F01) |
| M9-F03 | Callback 统计 | ◐ | `CallbackStatsView` 已实现 |
| M9-F04 | 导出 CSV/Excel | ◐ | 后端 `GET /reports/export` 已存在,前端 **缺导出按钮 UI** |
| M9-F05 | 项目健康度看板 | ◐ | `ProjectHealthView` 已实现,红黄绿规则可配置性待确认 |
| M9-F06 | 订阅报表 | ◐ | `SubscriptionReportView` 已实现,后端推送逻辑待确认 |
> **说明**: M9 的实际实现远超文档标记,4 个报表页面均已上线。
---
## M10 — 审计与合规
**当前页面**: `/audit` `AuditSearchView.vue`, `/audit/retention` `AuditRetentionView.vue`
### 功能点复盘
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M10-F01 | 关键字段变更日志 | ✅ | |
| M10-F02 | 审计检索 | ◐ | `AuditSearchView` 已实现,筛选维度待确认是否齐全 |
| M10-F03 | 导出审计包 | ○ | 未实现 |
| M10-F04 | 留存策略配置 | ◐ | `AuditRetentionView` 已实现,配置生效待确认 |
---
## M11 — 身份、访问与平台管理
**当前页面**: `/login` `LoginView.vue`, `/profile` `ProfileView.vue`, `/admin/params` `SystemParamsView.vue`
**其他**: `/403`, `/404`
### 12.1 账户登录、登出与会话
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M11-F01 | 登录页 | ✅ | JWT Bearer |
| M11-F02 | 登出 | ✅ | |
| M11-F03 | 登录态保持与超时 | ○ | **未实现** — 空闲超时自动登出缺失。`sessionTimeoutMinutes` 系统参数已定义但前端路由守卫未接入 |
| M11-F04 | 未登录访问拦截 | ✅ | 路由 `requiresAuth` guard |
| M11-F05 | 登录失败锁定 | ○ | **未实现** — 连续失败锁定/验证码缺失 |
| M11-F06 | 登录/登出审计 | ✅ | |
| M11-F07 | 密码修改 | ◐ | 后端 `POST /auth/change-password` 已存在,前端 Profile 页 **缺改密 UI** |
| M11-F08 | 密码重置 | ◐ | 后端 `POST /auth/admin/reset-password` 已存在,前端 **缺管理员重置 UI** |
| M11-F09 | 企业 SSO / OIDC | ○ | 未开始 |
| M11-F10 | 双因素认证 MFA | ○ | 未开始 |
| M11-F11 | 并发会话策略 | ○ | 后端未实现 |
| M11-F12 | 管理员强制下线 | ◐ | 后端 `POST /auth/admin/force-logout` 已存在,前端 **缺管理 UI** |
| M11-F13 | 服务时间窗提示 | ○ | 未开始 |
### 12.2 用户、角色与权限配置
| ID | 功能点 | 实现状态 | 详情 |
|----|--------|---------|------|
| M11-F14 | 用户与账号生命周期 | ◐ | 种子用户已创建,缺完整的用户管理页面(CRUD+启用/禁用) |
| M11-F15 | 角色定义与分配 | ◐ | 三角色已落地,产品定义 10+ 角色待补齐 |
| M11-F16 | 功能权限 RBAC | ◐ | 路由级 RBAC ✅,按钮级权限码 `v-permission` 正在落地未全覆盖 |
| M11-F17 | 数据范围 | ○ | 未开始 |
| M11-F18 | 数据属主/团队 | ○ | 未开始 |
| M11-F19 | 业务字典 | ✅ | |
| M11-F20 | 系统参数 | ◐ | `SystemParamsView` 已实现 + 后端 `system_params` 表,参数种类待扩充 |
| M11-F21 | 管理员敏感操作留痕 | ○ | 未实现 |
### 前端页面缺口
| 缺漏 | 说明 |
|------|------|
| 用户管理页面 | 用户 CRUD + 启用/禁用/角色分配页面缺失 |
| 角色管理页面 | 角色定义 + 权限码分配页面缺失 |
| 改密 UI | Profile 页缺修改密码表单 |
| 管理员重置密码 UI | 后端端点已存在,缺对应管理页面/弹窗 |
| 强制下线管理 UI | 后端端点已存在,缺在线会话管理页面 |
| 登录态超时拦截 | 系统参数已定义但前端路由守卫未接入空闲检测 |
---
## 前端页面完整盘点
### 已实现页面(38 视图)
| 路由 | 视图 | 模块 | 状态 |
|------|------|------|------|
| `/login` | `LoginView.vue` | M11 | ✅ |
| `/` | `HomeView.vue` | — | ✅ |
| `/customers` | `CustomersView.vue` | M1 | ✅ |
| `/customers/:id` | `CustomerDetailView.vue` | M1 | ✅ |
| `/projects` | `ProjectsView.vue` | M1 | ✅ |
| `/contracts` | `ContractsView.vue` | M2 | ✅ |
| `/contracts/new` | `ContractWizardView.vue` | M2 | ✅ |
| `/contracts/:id` | `ContractDetailView.vue` | M2 | ✅ |
| `/deliveries` | `DeliveriesView.vue` | M3 | ✅ |
| `/deliveries/new` | `DeliveryBatchWizardView.vue` | M3 | ✅ |
| `/deliveries/:id` | `DeliveryBatchDetailView.vue` | M3 | ✅ |
| `/licenses/sn` | `LicenseSnListView.vue` | M4 | ✅ |
| `/licenses/sn/new` | `LicenseSnWizardView.vue` | M4 | ✅ |
| `/licenses/sn/:id` | `LicenseSnDetailView.vue` | M4 | ✅ |
| `/licenses` | `LicenseList.vue` | V6 | ✅ |
| `/callbacks` | `CallbackInboxView.vue` | M5 | ✅ |
| `/callbacks/:id` | `CallbackInboxDetailView.vue` | M5 | ✅ |
| `/integration/environments` | `IntegrationEnvironmentsView.vue` | M6 | ✅ |
| `/integration/product-lines` | `IntegrationProductLinesView.vue` | M6 | ✅ |
| `/integration/id-mappings` | `IntegrationIdMappingView.vue` | M6 | ✅ |
| `/integration/sku-mappings` | `IntegrationSkuMappingView.vue` | M6 | ✅ |
| `/integration/feature-mappings` | `IntegrationFeatureMappingView.vue` | M6 | ✅ |
| `/integration/json-templates` | `IntegrationJsonTemplateView.vue` | M6 | ✅ |
| `/devices` | `DeviceListView.vue` | M7 | ✅ |
| `/devices/:id` | `DeviceDetailView.vue` | M7 | ✅ |
| `/todos` | `TodoCenterView.vue` | M8 | ✅ |
| `/notifications/settings` | `NotificationSettingsView.vue` | M8 | ✅ |
| `/reports/contract-sn` | `ContractSnReportView.vue` | M9 | ✅ |
| `/reports/callback-stats` | `CallbackStatsView.vue` | M9 | ✅ |
| `/reports/project-health` | `ProjectHealthView.vue` | M9 | ✅ |
| `/reports/subscriptions` | `SubscriptionReportView.vue` | M9 | ✅ |
| `/audit` | `AuditSearchView.vue` | M10 | ✅ |
| `/audit/retention` | `AuditRetentionView.vue` | M10 | ✅ |
| `/admin/params` | `SystemParamsView.vue` | M11 | ✅ |
| `/profile` | `ProfileView.vue` | M11 | ✅ |
| `/license-compare` | `LayoutCompareView.vue` | — | ✅ |
| `/403` | `ForbiddenView.vue` | M11 | ✅ |
| `/*` | `NotFoundView.vue` | M11 | ✅ |
### 结论:前端页面完整性
- **原型 UI 规格(§16.2)定义页面**: 全部 13 个页面已实现 ✅
- **超出原型范围的已实现页面(I10 及以上提前完成)**: 25 个额外页面(设备/待办/通知/报表/审计/集成配置等)
- **仍有缺口的功能区域**(见各模块复盘)
---
## 后端 API 缺口汇总
以下端点已在产品模块文档中定义但尚未实现:
| 模块 | 缺失端点 | 说明 |
|------|---------|------|
| M1 | 客户详情聚合统计 | `/customers/{id}/summary` 已存在,确认数据完整性 |
| M1 | 客户合并 | 无端点 |
| M2 | 订单关联 | 无端点 |
| M4 | 批量 SN 导入 | `POST /batch-import` 已存在,前端缺 UI |
| M5 | 批量重处理 | 无端点 |
| M6 | 配置发布记录 | 无端点 |
| M6 | 版本矩阵 | 无端点 |
| M7 | 换机审批流程 | 无审批端点 |
| M8 | 通知通道实际发送 | 配置已就绪,发送接口未接入 |
| M9 | 报表导出 | `GET /reports/export` 已存在,前端导出按钮缺失 |
| M10 | 审计导出包 | 无端点 |
| M11 | 用户管理 CRUD | 无专用端点(当前硬编码种子用户) |
| M11 | 角色管理 CRUD | 无专用端点 |
| M11 | 在线会话管理 | `force-logout` 已存在,会话列表端点缺失 |
---
## 按优先级分类的缺失功能清单
### P0 级别(MVP 应含但未完成)
| 功能 | 模块 | 说明 |
|------|------|------|
| 客户详情聚合视图 (M1-F03) | M1 | 后端 `/summary` 已就绪,前端未开发 |
| 登录态空闲超时 (M11-F03) | M11 | 安全基线必备,`sessionTimeoutMinutes` 参数已定义但未接入 |
| 登录失败锁定 (M11-F05) | M11 | 安全基线必备 |
| 密码修改 (M11-F07) | M11 | 后端端点已存在,Profile 页缺 UI |
| 用户管理页面 (M11-F14) | M11 | 用户 CRUD + 启用/禁用页面缺失 |
### P1 级别(增强运营效率)
| 功能 | 模块 | 说明 |
|------|------|------|
| 项目干系人管理 UI (M1-F06) | M1 | 后端就绪前端口 |
| 客户/项目冻结 UI (M1-F07) | M1 | 后端就绪前端口 |
| 合同附件管理 UI (M2-F05) | M2 | 后端就绪前端口 |
| 合同变更 UI (M2-F07) | M2 | 后端 `changes` 端点就绪前端口 |
| 批量 SN 导入 (M4-F01/F07) | M4 | 后端就绪前端口 |
| Callback 模拟投递 UI (M5-F10) | M5 | 后端就绪前端口 |
| Callback 批量重处理 (M5-F07) | M5 | 后端缺批量端点 |
| 账号密码重置 UI (M11-F08) | M11 | 后端就绪前端口 |
| 管理员强制下线 UI (M11-F12) | M11 | 后端就绪前端口 |
| 角色权限管理页面 (M11-F15/F16) | M11 | 角色 CRUD + 权限码分配 |
| 报表导出按钮 (M9-F04) | M9 | 后端就绪前端口 |
| 通知通道实际发送 (M8-F03) | M8 | 配置就绪但未对接 |
### P2 级别(治理与规模化)
| 功能 | 模块 |
|------|------|
| 客户合并与去重 (M1-F08) | M1 |
| CRM 同步 (M1-F09) | M1 |
| 合同到期续费提醒 (M2-F09) | M2 |
| 现场环境信息 (M3-F06) | M3 |
| 交付模板 (M3-F08) | M3 |
| 配置发布记录 (M6-F06) | M6 |
| SDK 版本矩阵 (M6-F08) | M6 |
| 变更影响分析 (M6-F09) | M6 |
| 终端并发策略展示 (M7-F06) | M7 |
| 通知模板 (M8-F04) | M8 |
| 静默规则 (M8-F05) | M8 |
| 审计导出包 (M10-F03) | M10 |
| SSO/OIDC (M11-F09) | M11 |
| MFA (M11-F10) | M11 |
| 数据范围 (M11-F17) | M11 |
| 数据属主 (M11-F18) | M11 |
---
## 与产品模块文档的状态差异(代码领先文档)
以下功能点的实际实现状态优于 `chuangfei-platform-product-modules.md` 中的标记:
| 功能点 | 文档标记 | 实际代码状态 | 差异说明 |
|--------|---------|-------------|---------|
| **M1-F06** 项目干系人 | ○ | ◐ | 后端 CRUD 已实现,仅前端口 |
| **M1-F07** 冻结解冻 | ○ | ◐ | 后端端点已实现,仅前端口 |
| **M2-F05** 合同附件 | ○ | ◐ | 后端上传端点已实现 |
| **M2-F07** 合同变更 | ○ | ◐ | 后端 `changes` 端点已实现 |
| **M4-F01** 批量导入 | ○ | ◐ | 后端 `batch-import` 已实现 |
| **M6** 全模块 | 大段 ○ | ◐ | ID 映射/JSON 模板/特征映射/SKU 映射均已前后端实现 |
| **M7** 全模块 | 全 ○ | ◐ | 设备登记/列表/详情/绑定历史已上线 |
| **M8** 全模块 | 全 ○ | ◐ | 待办中心+通知设置已上线 |
| **M9** 全模块 | 全 ○ | ◐ | 4 个报表页面均上线 |
| **M10-F02** 审计检索 | ○ | ◐ | 已实现 |
| **M10-F04** 留存策略 | ○ | ◐ | 已实现 |
---
## 修订建议
### 文档层面
1. **更新 `chuangfei-platform-product-modules.md`** — 大量功能点(M6/M7/M8/M9)实际代码已实现但文档标记为 ○,需批量刷新状态列
2. **更新 `FRONTEND_UI_SPECIFICATION.md`** — 新增页面(集成 ID 映射/SKU 映射/特征映射/JSON 模板/审计留存/待办中心/通知设置等)未纳入 UI 规格文档
3. **补充角色与实际菜单对照** — 当前角色定义(SYS_ADMIN/SALES/LICENSE_OPS/DELIVERY)与产品文档三角色不符,新增角色需更新路由权限
### 工程层面
1. **优先级确认** — 按 Mid 版本规划,聚焦 P0 安全基线缺口(M11-F03 超时/F05 锁定/F07 改密/F14 用户管理)+ P1 就绪后端触点(M1/M2/M4/M5/M11 前端 UI 补全)
2. **文档与代码对齐** — 先产出更新后的产品模块文档,再进入 I10 实现
---
**附录**: 本清单基于源码走查 + 产品文档对比生成,未运行端到端测试验证。建议在启动 I10 实现前,由 QA 逐个功能点做冒烟验证。
docs/superpowers/specs/2026-05-27-frontend-ui-audit.md
+265
View File
@@ -0,0 +1,265 @@
# 前端 UI 走查复盘报告
**日期:** 2026-05-27
**前端:** `web/delivery-platform-ui` — 38 views + MainLayout + Router
---
## 1. 侧栏菜单布局与排序
### 当前排序
```
📊 首页
👥 客户管理
📋 合同管理
📦 交付管理
🔑 许可 SN
🛡️ 许可证管理 [NEW]
📨 Callback 收件箱
🌐 集成环境
📱 产品线
🖥️ 设备管理
🔔 待办中心
📊 报表中心
📧 报表订阅
👤 用户管理
```
### 评估
| 方面 | 评价 |
|------|------|
| **分组** | 无分组。所有菜单项单层平铺,缺少二级分类。当菜单项增多时不易查找 |
| **排序** | 基本合理:核心业务(客户→合同→交付→SN)在前,运营支持(Callback→设备→待办)在中,管理类(报表→用户)在后 |
| **建议优化** | 可增加分组标签「业务管理」「运营管理」「系统管理」来归类 |
---
## 2. 首页(HomeView.vue)命名
### 当前状态
| 位置 | 显示文本 | 问题 |
|------|---------|------|
| 浏览器 title | 未设置 | `<title>` 标签缺失 |
| 登录页标题 | `客户商务与交付管理平台(I1` | I1 标签过时,应该是已迭代到 I10+ |
| 顶栏 nav | `授权平台` | 品牌简称,可接受 |
| 首页内容 | `首页` | 正确 |
| 首页 alert | `交付平台(I7` | 同样过时 |
### 问题
1. **无 `<title>` 标签** — 浏览器标签页显示 URL 路径而非平台名称
2. **I1 / I7 标签过时** — 登录页和首页仍显示迭代编号,应替换为稳定名称
3. **演示账号提示过时** — 登录页提示 `dev / devDEVELOPER` 但 DEVELOPER 角色已废弃,应改为 `sales / sales`
4. **首页内容标题与侧栏** — 顶部显示 `授权平台`,登录页显示 `客户商务与交付管理平台`,二者不一致
---
## 3. 逐页功能盘点
### M1 客户管理 (`/customers`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 客户列表 | ✅ | 名称/信用代码分页 |
| 搜索 | ✅ | 关键词搜索 |
| 新建/编辑弹窗 | ✅ | 含行业/地址/开票信息 |
| 冻结按钮 | ✅ | 后端就绪,前端已联动 |
| 删除(软删) | ✅ | |
| **详情聚合视图** | ✅ | 关联项目/合同/SN 统计 |
| **合并/去重** | ○ | Full 版本范围 |
### M1 项目管理 (`/projects`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 项目列表 | ✅ | |
| 按客户筛选 | ✅ | |
| 新建/编辑弹窗 | ✅ | |
| **干系人管理** | ✅ | CRUD 弹窗已实现 |
| 计划起止日期 | ✅ | 字段已存在 |
| 项目经理 | ✅ | 字段已存在 |
### M2 合同管理 (`/contracts`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 合同列表 | ✅ | |
| 三步创建向导 | ✅ | |
| 状态机操作 | ✅ | DRAFT→PENDING→EFFECTIVE→CHANGING→TERMINATED |
| 行项管理 | ✅ | |
| **附件上传** | ✅ | el-upload + 文件列表 |
| **合同变更** | ✅ | changes 端点已联动 |
| SKU 映射 | ○ | 未在前端展示 |
### M3 交付管理 (`/deliveries`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 交付列表 | ✅ | |
| 新建向导 | ✅ | |
| 状态变更 | ✅ | PENDING→DELIVERED→CANCELLED |
| 行项管理 | ✅ | |
| **现场环境信息** | ✅ | 部署地址/联系人/电话 |
| SN 发放门禁 | ○ | 后端参数已定义,逻辑未执行 |
### M4 许可 SN (`/licenses/sn`)
| 功能 | 状态 | 备注 |
|------|------|------|
| SN 列表 | ✅ | |
| 搜索 | ✅ | SN 编码/项目筛选 |
| **批量导入** | ✅ | CSV 批量导入弹窗 |
| **批量操作** | ✅ | 批量状态变更弹窗 |
| 详情页 | ✅ | 绑定/状态/备注 |
| 自研许可证管理 | ✅ | `/licenses` 额外页面 |
### M5 Callback (`/callbacks`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 事件收件箱 | ✅ | |
| 多维度筛选 | ✅ | 状态/事件类型/SN/项目/时间 |
| **批量重试按钮** | ✅ | 前端已实现,后端 `/batch-replay` 已新增 |
| **模拟投递弹窗** | ✅ | 已实现 |
| 详情页 | ✅ | payload 脱敏预览 |
| **失败原因下拉** | ✅ | 选择 FAILED 时弹出原因选择,后端已联通 |
| 状态处置 | ✅ | PENDING→PROCESSED/FAILED/IGNORED |
| 人工挂接 | ✅ | SN/项目/合同 |
| 死信积压 | ◐ | **后端端点已新增, 前端统计卡片需补充** |
### M6 集成配置 (`/integration/*`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 产品线 | ✅ | CRUD |
| 集成环境 | ✅ | CRUD |
| **ID 映射** | ✅ | 已实现 |
| **SKU 映射** | ✅ | 已实现 |
| **特征映射** | ✅ | 已实现 |
| **JSON 模板** | ✅ | CRUD |
### M7 设备管理 (`/devices`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 设备列表 | ✅ | MID/别名/站点/状态/心跳 |
| 设备登记弹窗 | ✅ | |
| 设备详情 | ✅ | 绑定历史 |
| 换机申请 | ◐ | 后端端点就绪,前端 UI 待补 |
### M8 待办中心 (`/todos`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 待办列表 | ✅ | 按类型/优先级/状态筛选 |
| 状态流转 | ✅ | |
| 通知配置 | ✅ | 通道/事件订阅 |
### M9 报表中心 (`/reports/*`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 合同 SN 报表 | ✅ | 含**导出 CSV 按钮** |
| Callback 统计 | ✅ | |
| 项目健康度 | ✅ | |
| 报表订阅 | ✅ | |
### M10 审计 (`/audit`)
| 功能 | 状态 | 备注 |
|------|------|------|
| 审计检索 | ✅ | |
| 留存策略 | ✅ | |
| 导出审计包 | ○ | 未实现(Full 版本) |
### M11 系统管理
| 页面 | 功能 | 状态 | 备注 |
|------|------|------|------|
| `/profile` | 个人设置/改密 | ✅ | |
| `/admin/params` | 系统参数 | ◐ | localStorage MVP |
| `/admin/users` | **用户管理** | ✅ | CRUD + 启用/禁用 |
| `/403` | 无权限 | ✅ | |
| `/*` | 404 | ✅ | |
---
## 4. 发现的问题清单
### 🔴 需要修复
| # | 问题 | 位置 | 建议 |
|---|------|------|------|
| 1 | 登录页演示提示仍显示 `dev/devDEVELOPER`DEVELOPER 已废弃 | `LoginView.vue:14` | 改为 `admin/admin123 / sales/sales / delivery/delivery / ops/ops` |
| 2 | 首页标题 `交付平台(I7` 过时 | `HomeView.vue` | 改为稳定名称,去掉迭代编号 |
| 3 | 登录页标题 `I1` 过时 | `LoginView.vue:4` | 去掉 `I1` |
| 4 | 无 `<title>` 标签 | `index.html` | 添加 `<title>创飞·交付管理平台</title>` |
| 5 | Callback 积压统计卡片未展示 | `CallbackInboxView.vue` | 列表上方增加统计条(pending/failed/最久未处理) |
### 🟡 建议优化
| # | 问题 | 位置 | 建议 |
|---|------|------|------|
| 6 | 侧栏菜单无分组 | `MainLayout.vue` | 增加「业务管理」「运营管理」「系统管理」分组标签 |
| 7 | `授权平台` vs `客户商务与交付管理平台` 名称不一致 | 全局 | 统一品牌名称 |
| 8 | 通知 badge 显示 `3` 为硬编码 | `MainLayout.vue:20` | 应从后端获取未读数 |
| 9 | `许可证管理` 标记 `NEW` 但已上线多时 | `MainLayout.vue:132` | 可去掉 NEW 标记 |
---
## 5. 页面功能完整度总表
| 页面 | 路由 | 完整度 | 备注 |
|------|------|--------|------|
| 登录 | `/login` | 95% | 演示提示需更新 |
| 首页 | `/` | 90% | 迭代编号过时 |
| 客户管理 | `/customers` | 95% | |
| 客户详情 | `/customers/:id` | 100% | 含聚合摘要 |
| 项目管理 | `/projects` | 100% | 含干系人 |
| 合同管理 | `/contracts` | 95% | |
| 合同向导 | `/contracts/new` | 100% | |
| 合同详情 | `/contracts/:id` | 100% | 含附件+变更 |
| 交付管理 | `/deliveries` | 95% | 含现场环境 |
| 交付向导 | `/deliveries/new` | 100% | |
| 交付详情 | `/deliveries/:id` | 100% | |
| 许可 SN | `/licenses/sn` | 100% | 含批量导入/操作 |
| SN 向导 | `/licenses/sn/new` | 100% | |
| SN 详情 | `/licenses/sn/:id` | 100% | |
| 许可证管理 | `/licenses` | 100% | 自研许可证 |
| Callback 收件箱 | `/callbacks` | 90% | 缺积压统计卡片 |
| Callback 详情 | `/callbacks/:id` | 100% | 含失败原因 |
| 集成环境 | `/integration/environments` | 100% | |
| 产品线 | `/integration/product-lines` | 100% | |
| ID 映射 | `/integration/id-mappings` | 100% | |
| SKU 映射 | `/integration/sku-mappings` | 100% | |
| 特征映射 | `/integration/feature-mappings` | 100% | |
| JSON 模板 | `/integration/json-templates` | 100% | |
| 设备管理 | `/devices` | 95% | 换机申请 UI 待补 |
| 设备详情 | `/devices/:id` | 100% | |
| 待办中心 | `/todos` | 100% | |
| 通知设置 | `/notifications/settings` | 100% | |
| 合同 SN 报表 | `/reports/contract-sn` | 100% | 含导出 |
| Callback 统计 | `/reports/callback-stats` | 100% | |
| 项目健康度 | `/reports/project-health` | 100% | |
| 报表订阅 | `/reports/subscriptions` | 100% | |
| 审计日志 | `/audit` | 100% | |
| 审计留存 | `/audit/retention` | 100% | |
| 系统参数 | `/admin/params` | 90% | localStorage 待迁移 |
| 用户管理 | `/admin/users` | 100% | |
| 个人设置 | `/profile` | 100% | |
| 403 | `/403` | 100% | |
| 404 | `/*` | 100% | |
---
## 6. 总结
- **总页面数**: 37 个页面/视图
- **100% 完成**: 30 页
- **90-95% 完成**: 6 页(需小修)
- **未实现**: 0 页
MVP/Mid 范围的前端 UI 已基本实现完毕。剩余工作集中在 Full 版本(积压监控卡片、换机审批流、审计导出包等)。
docs/superpowers/specs/2026-05-27-full-version-gap-analysis.md
+217
View File
@@ -0,0 +1,217 @@
# Full 版本 (V2.0) 实现缺失与不足复盘
**日期:** 2026-05-27
**来源:** `docs/chuangfei-platform-product-modules.md` §13.5, §14, §16.7
---
## 1. Full 版本范围总览
Full 版本 = Mid + 所有 P2 功能点 + 以下专项能力:
| 分类 | 项目 | 涉及模块 | 当前状态 |
|------|------|---------|---------|
| **安全** | MFA 双因素认证 | M11-F10 | ○ 未开始 |
| **安全** | SECURITY_ADMIN 角色 | §13.2 | ○ 未开始 |
| **数据** | 事业部数据范围 (Data Scope) | M11-F17 | ○ 未开始 |
| **审计** | 审计导出包 | M10-F03 | ○ 未开始 |
| **集成** | CRM 同步 | M1-F09 | ○ 未开始 |
| **治理** | 细粒度互斥策略 | §13.5 | ○ 未开始 |
| **基础设施** | 消息队列 (MQ) | Webhook→API | ○ 未开始 |
| **基础设施** | 读模型分离 (CQRS) | 报表/查询 | ○ 未开始 |
| **P2 功能** | 13 个 P2 功能点(见 §2) | 多模块 | ◐ 部分上前端 |
---
## 2. P2 功能点逐项
| ID | 功能点 | 所属模块 | 当前状态 | Full 要求 |
|----|--------|---------|---------|----------|
| M1-F08 | 客户合并与去重 | M1 | ○ 未开始 | 疑似重复客户识别、合并流程与审计 |
| M1-F09 | CRM 主数据同步 | M1 | ○ 未开始 | 以外部 ID 关联、增量同步 |
| M2-F09 | 合同到期与续费提醒 | M2 | ○ 未开始 | 列表与订阅(与 M8 联动) |
| M3-F08 | 交付模板 | M3 | ○ 未开始 | 按产品线预置交付清单模板 |
| M4-F11 | 授权策略生效视图 | M4 | ○ 未开始 | 展示当前映射版本、环境(与 M6 联动) |
| M5-F10 | 模拟投递 | M5 | ◐ 后端就绪, 前端 UI 待补 | 联调验收工具 |
| M6-F08 | SDK/native 版本矩阵 | M6 | ○ 未开始 | 与现场客户端兼容范围说明 |
| M6-F09 | 变更影响分析 | M6 | ○ 未开始 | 映射变更影响哪些在服 SN/合同 |
| M7-F06 | 终端数/并发策略展示 | M7 | ○ 未开始 | 只读展示合同或比特策略摘要 |
| M8-F04 | 通知模板 | M8 | ○ 未开始 | 事件类型 → 模板变量 |
| M8-F05 | 静默规则 | M8 | ○ 未开始 | 重复事件聚合、防骚扰 |
| M9-F05 | 项目健康度看板 | M9 | ◐ 前端已上线 | 红黄绿规则可配置性待确认 |
| M9-F06 | 订阅报表 | M9 | ◐ 前端已上线 | 后端推送逻辑待确认 |
---
## 3. Full 版本专项能力详述
### 3.1 M11-F10 双因素认证 MFA
**PRD 要求:**
```
TOTP/短信/企业令牌等一种;可配置为全员或高敏角色必选
```
**当前缺口:**
- 无 TOTP 生成/验证逻辑
- 无短信网关集成
- 无 MFA 绑定/解绑 UI
- 无角色级 MFA 强制策略
**实现思路:** TOTP (Time-based One-Time Password) 方案,使用 `java.security` 或 Google Authenticator 兼容库,前端显示二维码 + 验证码输入。
**预估工作量:** 中(3-5 天,含 Flyway 迁移 + 后端 + 前端 + 扫码绑定流程)
---
### 3.2 SECURITY_ADMIN 角色
**PRD 要求 (§13.2):**
```
锁定策略、强制下线、审计检索;与 SYS_ADMIN 分离(职责分离)
权限矩阵: M11 中 F05F12、F21 及 M10 审计检索 RX
```
**当前缺口:**
- 角色代码未定义
- 路由/权限码未配置
- SECURITY_ADMIN 的专属 UI(会话管理页、锁定策略配置)
**预估工作量:** 小(1-2 天,角色定义 + 权限码 + 路由 + 会话管理页)
---
### 3.3 M11-F17 事业部数据范围 (Data Scope)
**PRD 要求:**
```
按事业部/区域/客户组限制列表可见行(与 M11-F18 二选一或组合)
```
**当前缺口:**
- 无数据范围模型(部门/区域/客户组表)
- 无 MyBatis-Plus 数据权限拦截器
- 前端无数据范围选择器
**实现思路:** MyBatis-Plus 的 `Interceptor``@SqlParser` 注解,在查询时自动追加数据范围条件。需要先定义组织/区域/客户组的基础数据模型。
**预估工作量:** 大(5-8 天,含数据模型 + 拦截器 + 配置 UI + 现有查询适配)
---
### 3.4 M10-F03 审计导出包
**PRD 要求:**
```
范围可选(项目/合同/时间窗),水印与权限
```
**当前缺口:**
- 后端 `GET /audit-events/export` 端点已存在(CSV 导出)
- 前端导出按钮未接入
- 无水印/权限控制
**预估工作量:** 小(0.5-1 天,前端按钮 + 参数传递)
---
### 3.5 M1-F09 CRM 主数据同步
**PRD 要求:**
```
以外部 ID 关联、增量同步状态展示
```
**当前缺口:**
- 完全未实现
- 无外部 ID 字段(已在 Customer entity 中有 `customerCode` 但非 CRM ID
- 无同步状态跟踪
**预估工作量:** 中(3-5 天,含外部 ID 模型 + 同步端点 + UI 状态展示)
---
### 3.6 细粒度互斥策略 (§13.5)
**PRD 要求:**
```
角色互斥规则(如 SYS_ADMIN 与业务高敏导出)
```
**当前缺口:**
- 完全未实现
- 当前仅简单串联角色权限
**预估工作量:** 中(2-3 天,互斥规则定义 + 后端校验 + 前端提示)
---
### 3.7 消息队列 (MQ) 架构
**架构要求:**
```
当前: Webhook → 直写 PostgreSQL → API 轮询
Full: Webhook → MQ → API 消费(削峰、DLQ、可观测)
```
**当前状态:**
- 无 MQ 基础设施(RabbitMQ/RocketMQ/Kafka
- Webhook 直写 inbox 表,API 轮询读取
- 已在 PRD 已知局限中标注(§16.6)
**预估工作量:** 大(5-10 天,含 MQ 选型 + 生产者/消费者 + 现有路径兼容 + DLQ)
---
### 3.8 读模型分离 (CQRS)
**架构要求:**
```
报表/查询从主库分离为独立读模型
```
**当前状态:**
- 全部查询直连主 PostgreSQL
- 无读模型/物化视图
**预估工作量:** 大(5-8 天,含读模型表 + 同步机制 + 现有查询迁移)
---
## 4. 总体评估
### 实现状态
| 分类 | 总项数 | ✅ 已完成 | ◐ 部分实现 | ○ 未开始 |
|------|--------|----------|-----------|---------|
| P2 功能点 | 13 | 0 | 3 (M5-F10, M9-F05, M9-F06) | 10 |
| Full 专项 | 8 | 0 | 0 | 8 |
| **合计** | **21** | **0 (0%)** | **3 (14%)** | **18 (86%)** |
### 工作量估算
| 项目 | 预估人天 | 依赖 |
|------|---------|------|
| M10-F03 审计导出按钮 | 0.5 | 无 |
| M5-F10 模拟投递 UI | 0.5 | 无 |
| SECURITY_ADMIN 角色 | 1 | 无 |
| M9-F05/F06 报表增强 | 1 | 无 |
| M2-F09 到期提醒 | 1 | M8 通知 |
| M6-F08/F09 版本/变更 | 2 | 无 |
| M11-F10 MFA | 4 | 无 |
| M1-F08 客户合并 | 3 | 无 |
| M1-F09 CRM 同步 | 4 | 无 |
| M11-F17 数据范围 | 6 | 组织模型 |
| MQ 消息队列 | 8 | 基础设施选型 |
| CQRS 读模型 | 7 | MQ 完成后 |
| **合计** | **~38 人天** | |
### 建议实施顺序
| 阶段 | 项目 | 人天 | 原因 |
|------|------|------|------|
| **Phase 1** | M10-F03 导出, M5-F10 模拟UI, SECURITY_ADMIN | 2 | 快速 wins,无依赖 |
| **Phase 2** | M9 报表推送, M6-F08/F09 版本矩阵 | 3 | 增强已有功能 |
| **Phase 3** | M11-F10 MFA, M11-F17 数据范围 | 10 | 安全核心能力 |
| **Phase 4** | M1-F08/F09 客户合并+CRM | 7 | 集成能力 |
| **Phase 5** | MQ + CQRS | 15 | 基础设施重构,依赖最重 |
docs/superpowers/specs/2026-05-27-onlyoffice-status.md
+86
View File
@@ -0,0 +1,86 @@
# ONLYOFFICE 集成状态复盘
**日期:** 2026-05-27
**决策文档:** `docs/superpowers/specs/2026-05-25-onlyoffice-integration-decision.md`
---
## 1. 当前状态:规划阶段,零代码实现
| 维度 | 状态 |
|------|------|
| 设计决策 | ✅ 已完成(2026-05-25 |
| 后端实现 | ○ 未开始 |
| 前端实现 | ○ 未开始 |
| 文档代理层 | ○ 未开始 |
| ONLYOFFICE 服务部署 | 存在 `craftsupport.cn:8088`(已知可用) |
---
## 2. 决策回顾
| 决策项 | 结论 |
|--------|------|
| 是否集成 | ✅ 是,Mid 迭代完成后推进 |
| 集成范围 | **仅预览**,不做在线编辑 |
| 存储策略 | 附件本地存储,不接入 ONLYOFFICE 文档存储 |
| 优先级 | 非阻塞,排在 Mid (I10~I13) 之后 |
---
## 3. 实施前置条件检查
### 已完成(可直接利用)
| 条件 | 说明 |
|------|------|
| 合同附件上传 | **M2-F05 已实现** — 后端 `POST /contracts/{id}/attachments` + 前端附件列表 |
| 附件文件存储 | 文件存储在本地 `uploads/contracts/{id}/` |
| ONLYOFFICE 服务 | `craftsupport.cn:8088` 已知可用 |
### 未开始
| 组件 | 计划方案 | 预估 |
|------|---------|------|
| `DocumentPreviewController` | 平台新增代理端点:接收文件 ID → 返回 ONLYOFFICE 所需的配置 JSON + JWT | 1 天 |
| 前端预览弹窗 | 附件列表行操作加「预览」按钮,点击弹窗内嵌 ONLYOFFICE iframe | 0.5 天 |
| JWT 密钥配置 | `ONLYOFFICE_JWT_SECRET` 环境变量 | 0.1 天 |
| 文件流式输出 | ONLYOFFICE 通过平台 URL 获取文件内容 | 0.5 天 |
**合计预估:** 2 天
---
## 4. 阻碍因素
| 因素 | 说明 |
|------|------|
| **优先级排期** | 决策文档明确标注「Mid 迭代完成后推进」,当前 Tier 1+2 尚未全部完成 |
| **Mid 迭代未完成** | 当前工作仍在补齐 Tier 1 核心功能和 Tier 2 运营效率功能 |
| **ONLYOFFICE 服务可用性** | 需验证 `craftsupport.cn:8088` 当前是否可连接及 JWT 配置 |
---
## 5. 实施路线
```
Phase 1: 后端 DocumentPreviewController
GET /api/v1/preview/{attachmentId}
→ 返回 ONLYOFFICE 配置 JSON ({fileType, key, title, url, permissions: {download:false,edit:false}})
Phase 2: 前端预览弹窗
ContractDetailView.vue 附件列表 → 每行加「预览」按钮
→ 弹窗 iframe src = ONLYOFFICE 文档服务 URL + config
Phase 3: 文件流式服务
GET /api/v1/preview/{attachmentId}/file
→ 流式输出附件文件内容
```
---
## 6. 建议
1. **保持当前优先级** — Tier 1+2 业务功能完成后(预计 ~2 周)再启动 ONLYOFFICE
2. **验证 ONLYOFFICE 服务** — 启动前确认 `craftsupport.cn:8088` 可用并用 CORS 白名单允许平台域名
3. **最小实现** — 仅做 iframe 嵌入预览,不做编辑、不做保存回传,保持实现量最小
docs/superpowers/specs/2026-05-27-prd-progress-review.md
+211
View File
@@ -0,0 +1,211 @@
# PRD 实现进度复盘
**日期:** 2026-05-27
**PRD:** `docs/chuangfei-platform-product-modules.md`
---
## 1. 整体进度
| 状态 | 数量 | 占比 |
|------|------|------|
| ✅ 完全实现 | 24 | 32% |
| ◐ 部分实现 | 23 | 32% |
| ○ 未实现 | 26 | 36% |
| **合计** | **73** | **100%** |
```
M1 客户与项目中心 ██░░░░░░░░ 20% ✅ 2 ◐ 4 ○ 3
M2 合同与履约行 ████░░░░░░ 40% ✅ 4 ◐ 2 ○ 3
M3 交付管理 ██████░░░░ 60% ✅ 5 ◐ 0 ○ 3
M4 授权与许可运营 ██░░░░░░░░ 20% ✅ 3 ◐ 3 ○ 4
M5 Callback 运营 █████░░░░░ 50% ✅ 5 ◐ 2 ○ 2
M6 授权集成与配置 ████░░░░░░ 40% ✅ 4 ◐ 1 ○ 4
M7 设备与终端 █░░░░░░░░░ 10% ✅ 1 ◐ 3 ○ 2
M8 通知与待办 ░░░░░░░░░░ 0% ✅ 0 ◐ 3 ○ 2
M9 报表与对账 ░░░░░░░░░░ 0% ✅ 0 ◐ 5 ○ 1
M10 审计与合规 ██░░░░░░░░ 20% ✅ 1 ◐ 2 ○ 1
M11 身份/访问/平台 ███░░░░░░░ 30% ✅ 7 ◐ 3 ○11
```
---
## 2. 版本覆盖:MVP / Mid / Full
### MVP(I1~I9)— 标记为已完成 ✅
| 模块 | PRD 承诺 | 实际状态 |
|------|---------|---------|
| M1 客户项目 | P0 核心: 档案/列表/检索 | ✅ 完成, 缺详情聚合视图 |
| M2 合同 | 登记/状态机/行项 | ✅ 完成 |
| M3 交付 | 批次/清单/状态 | ✅ 完成 |
| M4 SN | 手工录入/绑定/状态 | ✅ 手工完成, 批量导入 UI 待补 |
| M5 Callback | 收件箱/详情/处置 | ✅ 完成 |
| M6 集成 | 产品线/环境只读 | ✅ 已超出(ID映射/JSON模板已实现) |
| M10 审计 | 关键字段变更日志 | ✅ 完成 |
| M11 身份 | JWT 登录/路由守卫/三角色/字典 | ◐ 路由级 RBAC ✅, 按钮级权限码未全覆盖 |
**MVP 已覆盖 P0 主链路:客户→项目→合同→交付→SN→Callback→审计**
### MidI10I13)— 进行中 🕐
| PRD 承诺 | 当前实现状态 |
|---------|-------------|
| M7 设备管理 | ◐ 设备登记/列表/详情已上线,换机审批/设备事件联动待补 |
| M8 通知待办 | ◐ 待办中心+通知配置已上线,实际发送逻辑未接入 |
| M9 报表对账 | ◐ 4 个报表页面已上线,导出按钮/推送逻辑待补 |
| 补齐 MVP 遗留 P0 | ◐ M1-F03 详情摘要后端已修复, M11-F03 空闲超时前端已实现 |
| M2/M4/M5/M6 P1 增强 | ○ 部分未开始 |
| M10-F02 审计检索 | ◐ AuditSearchView 已上线,筛选维度待确认 |
| M11 SSO/并发/强制下线 | ○ 未开始 |
| 角色模型对标产品定义集 | ◐ 4 角色已落地(ADMIN/SALES/DELIVERY/LICENSE_OPS), 仍有 6+ 角色未实现 |
### FullV2.0)— 规划中 📋
全部未开始:MFA、SECURITY_ADMIN、数据范围、审计导出包、CRM 同步。
---
## 3. 按模块的缺失功能点清单
### M1 客户与项目中心 — ✅2 ◐4 ○3
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F01 客户档案 | P0 | ◐ | 缺行业/地址/开票信息字段 |
| F03 详情聚合 | P0 | ◐ | 后端 `/summary` 已修复, 前端已展示 |
| F04 项目创建 | P0 | ◐ | 缺计划起止/项目经理字段 |
| F06 项目干系人 | P0 | ◐ | 后端 CRUD 就绪, 前端 UI 待补 |
| F07 冻结解冻 | P1 | ◐ | 后端就绪, 前端 UI 待补 |
| F08 客户合并 | P2 | ○ | 未开始 |
| F09 CRM 同步 | P2 | ○ | 未开始 |
### M2 合同与履约行 — ✅4 ◐2 ○3
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F05 合同附件 | P1 | ◐ | 后端上传就绪, 前端 UI 有待(已校验) |
| F07 合同变更 | P1 | ◐ | 后端 changes 就绪, 前端 UI 待补 |
| F08 SKU 映射 | P1 | ○ | 未实现 |
| F09 到期提醒 | P2 | ○ | 未实现 |
### M3 交付管理 — ✅5 ◐0 ○3
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F06 现场环境 | P1 | ○ | 未实现 |
| F07 SN 门禁 | P1 | ○ | `deliveryGateEnabled` 参数已定义但未执行 |
| F08 交付模板 | P2 | ○ | 未开始 |
### M4 授权与许可运营 — ✅3 ◐3 ○4
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F01 批量导入 | P0 | ◐ | 后端 `/batch-import` 就绪, 前端缺 UI |
| F05 原因码分类 | P0 | ◐ | 手工状态更新缺原因码 |
| F07 批量操作 | P1 | ◐ | 后端就绪, 前端缺批量 UI |
| F06 比特状态 | P1 | ○ | 依赖比特对接 |
| F08 授权需求单 | P1 | ○ | 未开始 |
| F09 试用/正式标签 | P1 | ○ | 未开始 |
| F11 策略视图 | P2 | ○ | 未开始 |
### M5 Callback 运营 — ✅5 ◐2 ○2
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F06 失败标注 | P1 | ○ | 未实现 |
| F07 批量重处理 | P1 | ◐ | 单条重放 ✅, 批量未做 |
| F08 死信监控 | P1 | ○ | 未实现 |
| F10 模拟投递 UI | P2 | ◐ | 后端 `/simulate` 就绪, 前端缺入口 |
### M6 授权集成与配置 — ✅4 ◐1 ○4
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F05 JSON 模板 | P1 | ◐ | CRUD ✅, Schema 校验未关联 UI |
| F06 发布记录 | P1 | ○ | 未实现 |
| F07 控制台链接 | P1 | ○ | 未实现 |
| F08 版本矩阵 | P2 | ○ | 未开始 |
| F09 变更分析 | P2 | ○ | 未开始 |
### M7 设备与终端 — ✅1 ◐3 ○2
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F01 设备登记 | P1 | ◐ | 登记/列表 ✅, 字段覆盖待确认 |
| F02 SN 绑定历史 | P1 | ◐ | 时间线已实现 |
| F03 换机审批 | P1 | ◐ | swap-request 端点就绪, 审批流未实现 |
| F05 Callback 联动 | P1 | ○ | 未实现 |
| F06 并发策略 | P2 | ○ | 未开始 |
### M8 通知与待办 — ✅0 ◐3 ○2
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F01 待办列表 | P1 | ◐ | 待办中心 ✅, 自动化待办生成未接入 |
| F02 认领完成 | P1 | ◐ | 状态流转 ✅, 备注功能待补 |
| F03 邮件/企微 | P1 | ◐ | 配置 UI ✅, 实际发送未接入 |
| F04 通知模板 | P2 | ○ | 未实现 |
| F05 静默规则 | P2 | ○ | 未开始 |
### M9 报表与对账 — ✅0 ◐5 ○1
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F01 合同 SN 视图 | P1 | ◐ | 已上线, 数据维度待确认 |
| F02 激活视图 | P1 | ○ | 未专门实现 |
| F03 Callback 统计 | P1 | ◐ | 已上线 |
| F04 导出按钮 | P1 | ◐ | 后端 `/export` 就绪, 前端缺按钮 |
| F05 项目健康度 | P2 | ◐ | 已上线, 规则可配置性待确认 |
| F06 订阅报表 | P2 | ◐ | 已上线, 推送逻辑待确认 |
### M10 审计与合规 — ✅1 ◐2 ○1
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F02 审计检索 | P1 | ◐ | AuditSearchView ✅, 端点有 500 错误需调试 |
| F03 审计导出 | P2 | ○ | 未实现 |
| F04 留存策略 | P2 | ◐ | AuditRetentionView ✅ |
### M11 身份/访问/平台 — ✅7 ◐3 ○11
| 功能点 | 优先级 | 当前状态 | 缺失内容 |
|--------|--------|---------|---------|
| F03 空闲超时 | P0 | ◐ | 前端 idleTimer 已实现, 后端会话管理未完成 |
| F05 失败锁定 | P0 | ✅ | 后端已有 5 次/15 分钟锁定 |
| F07 密码修改 | P0 | ✅ | Profile 页弹窗+后端端点 |
| F08 密码重置 | P1 | ✅ | 后端端点已实现(非空操作) |
| F09 SSO/OIDC | P1 | ○ | 未开始 |
| F11 并发会话 | P1 | ○ | 未开始(JWT 无状态) |
| F12 强制下线 | P1 | ◐ | 端点已实现, 需前端 UI |
| F14 用户管理 | P0 | ◐ | 表已创建, 管理页面未实现 |
| F15 角色定义 | P0 | ◐ | 4 角色已落地, 产品定义 10+ 需补齐 |
| F16 权限码 | P0 | ◐ | 路由级 ✅, 按钮级 `v-permission` 未全覆盖 |
| F17 数据范围 | P2 | ○ | 未开始 |
| F20 系统参数 | P1 | ◐ | SystemParamsView ✅, localStorage MVP |
| F21 敏感操作留痕 | P1 | ○ | 未开始 |
---
## 4. 已知 API 500 错误(需修复)
| 端点 | 影响模块 | 问题 |
|------|---------|------|
| `GET /api/v1/audit-events` | M10-F02 | 500 内部错误 |
| `GET /api/v1/integration/id-mappings` | M6-F03 | 500 内部错误 |
| `GET /api/v1/integration/feature-mappings` | M6-F04 | 500 内部错误 |
---
## 5. 总结
| 版本 | PRD 范围 | 实现状态 |
|------|---------|---------|
| **MVP** (I1~I9) | M1-M6 P0 + M10-F01 + M11 基础 | ✅ 主链路已完成 |
| **Mid** (I10~I13) | M7-M9 + P0补齐 + P1增强 | 🕐 M7/M8/M9 前端超前上线, 后端逻辑待补 |
| **Full** (V2.0) | 安全/合规/规模化 | 📋 全部未开始 |
**当前最优先缺口:**
1. 修复 3 个 500 错误 (audit-events, id-mappings, feature-mappings)
2. M11-F14 用户管理页面 (表已就绪)
3. M8-F03 通知发送实际对接
docs/superpowers/specs/2026-05-27-ui-pattern-consolidation.md
+176
View File
@@ -0,0 +1,176 @@
# UI 交互模式复盘 — 导航/弹框一致性 + 侧栏分组
**日期:** 2026-05-27
**范围:** 全部 38 个 Vue 视图
---
## 1. 当前 CRUD 模式盘点
| 页面 | Create | Edit | Detail | 评估 |
|------|--------|------|--------|------|
| **客户管理** | 弹框 `el-dialog` | 弹框 | 独立页面 | ✅ 一致 |
| **项目管理** | 弹框 `el-dialog` | 弹框 | 无独立详情(干系人管理在弹框) | ✅ 一致 |
| **合同管理** | 向导页 `/contracts/new` | 详情页内编辑 | 独立详情页 | ✅ 合理(多步) |
| **交付管理** | 向导页 `/deliveries/new` | 详情页内编辑 | 独立详情页 | ✅ 合理(多步) |
| **许可 SN** | 向导页 `/licenses/sn/new` | 详情页内编辑 | 独立详情页 | ✅ 合理 |
| **Callback** | 无(来源Webhook) | 详情页内操作 | 独立详情页 | ✅ |
| **设备管理** | 弹框 | 详情页内编辑 | 独立详情页 | ✅ 一致 |
| **用户管理** | 弹框 | 弹框 | 无独立详情 | ✅ 一致 |
### 结论:当前模式基本合理
| 场景 | 推荐模式 | 示例 |
|------|---------|------|
| **简单表单 (≤5 字段)** | **弹框** `el-dialog` | 客户、项目、设备、用户 |
| **复杂表单/向导 (≥2 步)** | **独立页面** | 合同向导、交付向导、SN 向导 |
| **详情展示** | **独立页面** | 合同详情、交付详情、SN 详情、设备详情 |
| **关联数据管理** | **弹框** | 项目干系人、SN 批量导入、合同明细行 |
**不建议强行统一为弹框** — 合同向导有 3 步(选择客户项目→填写信息→明细行),用弹框会撑爆视口。
---
## 2. 发现的不一致问题
| # | 问题 | 当前行为 | 建议 |
|---|------|---------|------|
| 1 | **合同列表行操作** | 「详情」跳转详情页,无直接「编辑」入口 | 详情页支持编辑即可(已有) |
| 2 | **交付列表行操作** | 同上 | 同上 |
| 3 | **SN 列表行操作** | 同上 | 同上 |
| 4 | **客户列表行操作** | 「详情」「编辑」「冻结」「删除」都在列表页 | ✅ 正确 |
| 5 | **设备列表无编辑** | 只有「详情」→详情页编辑 | 详情页已支持编辑,可接受 |
| 6 | **项目无独立详情页** | 编辑、干系人都在列表弹框 | 对于简单实体,弹框够用 ✅ |
---
## 3. 侧栏分组实现方案
### 当前结构(扁平)
```
📊 首页
👥 客户管理
📋 合同管理
📦 交付管理
🔑 许可 SN
🛡️ 许可证管理
📨 Callback 收件箱
🌐 集成环境
📱 产品线
🖥️ 设备管理
🔔 待办中心
📊 报表中心
📧 报表订阅
👤 用户管理
```
### 目标结构(三级分组)
```
📊 首页
──── 业务管理 ────
👥 客户管理
📋 合同管理
📦 交付管理
🔑 许可 SN
🛡️ 许可证管理
──── 运营管理 ────
📨 Callback 收件箱
🌐 集成环境
📱 产品线
🖥️ 设备管理
🔔 待办中心
──── 分析管理 ────
📊 报表中心
📧 报表订阅
──── 系统管理 ────
⚙️ 系统参数
👤 用户管理
🔐 审计日志
```
### 实现方式
**方案:** 修改 `MainLayout.vue` 中的 `menuItems` 数组为分组结构,模板中循环渲染组。
#### Step 1: 改造 menuItems 数据结构
```javascript
const menuGroups = [
{
label: '业务管理',
items: [
{ path: "/customers", icon: "👥", label: "客户管理", roles: ["SYS_ADMIN","SALES"] },
{ path: "/contracts", icon: "📋", label: "合同管理", roles: ["SYS_ADMIN","SALES"] },
{ path: "/deliveries", icon: "📦", label: "交付管理", roles: ["SYS_ADMIN","SALES","DELIVERY"] },
{ path: "/licenses/sn", icon: "🔑", label: "许可 SN", roles: ["SYS_ADMIN","SALES"] },
{ path: "/licenses", icon: "🛡️", label: "许可证管理", roles: ["SYS_ADMIN","SALES"] },
]
},
{
label: '运营管理',
items: [
{ path: "/callbacks", icon: "📨", label: "Callback 收件箱", roles: ["SYS_ADMIN","LICENSE_OPS"] },
{ path: "/integration/environments", icon: "🌐", label: "集成环境", roles: ["SYS_ADMIN","SALES","LICENSE_OPS"] },
{ path: "/integration/product-lines", icon: "📱", label: "产品线", roles: ["SYS_ADMIN","SALES","LICENSE_OPS"] },
{ path: "/devices", icon: "🖥️", label: "设备管理", roles: ["SYS_ADMIN","SALES","DELIVERY"] },
{ path: "/todos", icon: "🔔", label: "待办中心", roles: ["SYS_ADMIN","SALES","LICENSE_OPS"] },
]
},
{
label: '分析管理',
items: [
{ path: "/reports/contract-sn", icon: "📊", label: "报表中心", roles: ["SYS_ADMIN"] },
{ path: "/reports/subscriptions", icon: "📧", label: "报表订阅", roles: ["SYS_ADMIN"] },
]
},
{
label: '系统管理',
items: [
{ path: "/audit", icon: "🔐", label: "审计日志", roles: ["SYS_ADMIN"] },
{ path: "/admin/params", icon: "⚙️", label: "系统参数", roles: ["SYS_ADMIN"] },
{ path: "/admin/users", icon: "👤", label: "用户管理", roles: ["SYS_ADMIN"] },
]
},
];
```
#### Step 2: 改造模板渲染
```html
<aside class="app-sidebar">
<div class="sidebar-section-label">📊 首页</div>
<div class="sidebar-item" :class="{ active: isActive(homeItem) }" @click="$router.push(homeItem.path)">
<span class="sidebar-item-icon">{{ homeItem.icon }}</span>
<span class="sidebar-item-text">{{ homeItem.label }}</span>
</div>
<template v-for="group in visibleGroups" :key="group.label">
<div class="sidebar-group-label">{{ group.label }}</div>
<div
v-for="item in group.items"
:key="item.path"
:class="['sidebar-item', { active: isActive(item) }]"
@click="$router.push(item.path)"
>
<span class="sidebar-item-icon">{{ item.icon }}</span>
<span class="sidebar-item-text">{{ item.label }}</span>
</div>
</template>
<div class="sidebar-footer">CraftLabs Platform v0.1.0</div>
</aside>
```
#### Step 3: CSS 调整
```css
.sidebar-group-label {
font-size: 11px;
color: #999;
padding: 12px 16px 4px;
text-transform: uppercase;
letter-spacing: 0.5px;
}
```
java/AGENTS.md
+39
View File
@@ -0,0 +1,39 @@
# JAVA SDK
**Part of:** craftlabs-authorization-sdk
**Build:** Maven multi-module (JDK 17+)
## STRUCTURE
```
java/
├── craftlabs-auth-core/ # Core auth: config parsing, internal logic
├── craftlabs-auth-bitanswer/ # Bitanswer cloud licensing provider
├── craftlabs-auth-selfhosted/ # Self-hosted licensing provider
├── craftlabs-auth-tests/ # Integration tests
├── pom.xml # Parent aggregator POM
└── RELEASING.md # Release checklist & GPG signing guide
```
## WHERE TO LOOK
| Task | Location | Notes |
|------|----------|-------|
| Config model / schema | `craftlabs-auth-core/src/main/java/cn/craftlabs/auth/config/` | 9 files, config POJOs |
| Internal engine | `craftlabs-auth-core/src/main/java/cn/craftlabs/auth/internal/` | 3 files, core logic |
| Bitanswer provider | `craftlabs-auth-bitanswer/` | Single class, wraps bitanswer API |
| Selfhosted provider | `craftlabs-auth-selfhosted/` | Single class, local validation |
| Tests | `craftlabs-auth-tests/` | Config test cases |
| Release scripts | `scripts/sdk-release-checksums.sh` | SHA256 + GPG |
## CONVENTIONS
- **Package**: `cn.craftlabs.auth.*` (SDK) — distinct from `cn.craftlabs.platform.*` (backend)
- **No Spring Boot**: SDK modules are plain Java, no framework dependency
- **JNA bridge**: Java calls Rust native via JNA (not JNI)
- **Maven**: Parent POM at `java/pom.xml` aggregates sub-modules
## ANTI-PATTERNS
- **Do not** add Spring Boot / platform dependencies to SDK modules (keep plain Java)
- **Do not** put bitanswer/selfhosted specific logic into core module
java/craftlabs-auth-bitanswer/src/main/java/cn/craftlabs/auth/bitanswer/BitAnswerProvider.java
+1 -1
View File
@@ -18,7 +18,7 @@ import cn.craftlabs.auth.internal.NativeBridge;
*/
public final class BitAnswerProvider implements AuthProvider {
static {
System.loadLibrary("craftlabs_auth_bitanswer");
System.loadLibrary("craftlabs_auth_core");
}
private long nativeHandle;
java/craftlabs-auth-core/pom.xml
+4
View File
@@ -19,6 +19,10 @@
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
<dependency>
<groupId>net.java.dev.jna</groupId>
<artifactId>jna</artifactId>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId>
java/craftlabs-auth-core/src/main/java/cn/craftlabs/auth/internal/CraftCoreLibrary.java
+53
View File
@@ -0,0 +1,53 @@
package cn.craftlabs.auth.internal;
import com.sun.jna.Library;
import com.sun.jna.Native;
import com.sun.jna.Pointer;
import com.sun.jna.Structure;
import java.util.Arrays;
import java.util.List;
public interface CraftCoreLibrary extends Library {
CraftCoreLibrary INSTANCE = Native.load("craftlabs_auth_core", CraftCoreLibrary.class);
class CraftResult extends Structure {
public int success;
public String message;
@Override
protected List<String> getFieldOrder() {
return Arrays.asList("success", "message");
}
}
class LicenseInfoStruct extends Structure {
public int isLicensed;
public long expirationDate;
public Pointer featureNames;
public Pointer featureValues;
public int featureCount;
@Override
protected List<String> getFieldOrder() {
return Arrays.asList("isLicensed", "expirationDate", "featureNames", "featureValues", "featureCount");
}
}
Pointer craft_initialize(String configJson);
void craft_destroy(Pointer handle);
CraftResult craft_activate(Pointer handle, String licenseKey);
CraftResult craft_check_license(Pointer handle);
LicenseInfoStruct craft_get_license_info(Pointer handle);
void craft_free_license_info(LicenseInfoStruct info);
int craft_has_feature(Pointer handle, String featureName);
CraftResult craft_release(Pointer handle);
CraftResult craft_heartbeat(Pointer handle);
}
java/craftlabs-auth-core/src/main/java/cn/craftlabs/auth/internal/JnaAuthProvider.java
+89
View File
@@ -0,0 +1,89 @@
package cn.craftlabs.auth.internal;
import cn.craftlabs.auth.AuthProvider;
import cn.craftlabs.auth.AuthResult;
import cn.craftlabs.auth.LicenseInfo;
import com.sun.jna.Native;
import com.sun.jna.Pointer;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
public class JnaAuthProvider implements AuthProvider {
private Pointer nativeHandle;
@Override
public AuthResult initialize(String configJson) {
if (nativeHandle != null) {
CraftCoreLibrary.INSTANCE.craft_destroy(nativeHandle);
}
nativeHandle = CraftCoreLibrary.INSTANCE.craft_initialize(
configJson != null ? configJson : "{}");
return new AuthResult(nativeHandle != null, "Initialized");
}
@Override
public AuthResult activate(String licenseKey) {
CraftCoreLibrary.CraftResult r = CraftCoreLibrary.INSTANCE.craft_activate(
nativeHandle, licenseKey);
return new AuthResult(r.success != 0, r.message);
}
@Override
public AuthResult checkLicense() {
CraftCoreLibrary.CraftResult r = CraftCoreLibrary.INSTANCE.craft_check_license(nativeHandle);
return new AuthResult(r.success != 0, r.message);
}
@Override
public LicenseInfo getLicenseInfo() {
CraftCoreLibrary.LicenseInfoStruct s = CraftCoreLibrary.INSTANCE.craft_get_license_info(nativeHandle);
if (s == null) {
return new LicenseInfo(false, null, null);
}
Map<String, Boolean> features = null;
if (s.featureCount > 0 && s.featureNames != null) {
features = new HashMap<>(s.featureCount);
for (int i = 0; i < s.featureCount; i++) {
Pointer namePtr = s.featureNames.getPointer((long) i * Native.POINTER_SIZE);
String name = namePtr != null ? namePtr.getString(0) : null;
if (name != null) {
int val = s.featureValues != null
? s.featureValues.getInt((long) i * Integer.BYTES)
: 0;
features.put(name, val != 0);
}
}
}
Date expirationDate = s.expirationDate > 0 ? new Date(s.expirationDate) : null;
CraftCoreLibrary.INSTANCE.craft_free_license_info(s);
return new LicenseInfo(s.isLicensed != 0, expirationDate, features);
}
@Override
public boolean hasFeature(String featureName) {
return CraftCoreLibrary.INSTANCE.craft_has_feature(nativeHandle, featureName) != 0;
}
@Override
public AuthResult release() {
CraftCoreLibrary.CraftResult r = CraftCoreLibrary.INSTANCE.craft_release(nativeHandle);
return new AuthResult(r.success != 0, r.message);
}
@Override
public AuthResult heartbeat() {
CraftCoreLibrary.CraftResult r = CraftCoreLibrary.INSTANCE.craft_heartbeat(nativeHandle);
return new AuthResult(r.success != 0, r.message);
}
@Override
public void close() {
if (nativeHandle != null) {
CraftCoreLibrary.INSTANCE.craft_destroy(nativeHandle);
nativeHandle = null;
}
}
}
java/pom.xml
+5
View File
@@ -51,6 +51,11 @@
<version>${json-schema-validator.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>net.java.dev.jna</groupId>
<artifactId>jna</artifactId>
<version>5.14.0</version>
</dependency>
</dependencies>
</dependencyManagement>
native/AGENTS.md
+50
View File
@@ -0,0 +1,50 @@
# NATIVE (Rust)
**Part of:** craftlabs-authorization-sdk
**Build:** Cargo workspace (Rust 1.70+)
## STRUCTURE
```
native/
├── craft-core/ # cdylib — exports craft_* C ABI
│ ├── src/
│ │ ├── lib.rs # C entry points: craft_initialize, craft_activate, etc.
│ │ ├── trait_provider.rs # Provider trait
│ │ ├── security/ # anti_debug, obfuscation, integrity, string_encrypt, dynamic_api
│ │ ├── provider_selfhosted/ # activate, license, heartbeat, cache, protocol
│ │ ├── crypto.rs, device.rs, session.rs, error.rs, license.rs, heartbeat.rs
│ │ └── ...
│ └── tests/c_api_test.rs
├── craftlabs-auth-cli/ # CLI binary
│ └── src/
│ ├── main.rs # status/activate/check/info/release/migrate commands
│ ├── config.rs # Config loading
│ └── platform_api.rs # Platform API client
├── Cargo.toml # Workspace root
├── build/Makefile # Alternative build wrapper
└── .deprecated-cmake/ # Old CMake build (unused)
```
## WHERE TO LOOK
| Task | Location |
|------|----------|
| C ABI exports | `craft-core/src/lib.rs` |
| Provider trait | `craft-core/src/trait_provider.rs` |
| Self-hosted logic | `craft-core/src/provider_selfhosted/` |
| Security (anti-debug, obfuscation) | `craft-core/src/security/` |
| CLI commands | `craftlabs-auth-cli/src/main.rs` |
| Platform API client | `craftlabs-auth-cli/src/platform_api.rs` |
## CONVENTIONS
- **C ABI**: `extern "C"` + `#[no_mangle]`; all public functions prefixed `craft_`
- **Provider trait**: `Provider` trait with `initialize`, `activate`, `check_license`, `heartbeat`, `release`, `close`
- **Security module**: each concern in separate file under `security/`
- **Error handling**: `error.rs` defines error types; `fn fail_result()` for C return
## ANTI-PATTERNS
- **Do not** mix JNI/JNA Rust glue — bridge is Java-side via JNA
- **Do not** use the deprecated CMake build under `.deprecated-cmake/`
native/Cargo.lock
Generated
+284 -11
View File
@@ -46,6 +46,56 @@ dependencies = [
"libc",
]
[[package]]
name = "anstream"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "824a212faf96e9acacdbd09febd34438f8f711fb84e09a8916013cd7815ca28d"
dependencies = [
"anstyle",
"anstyle-parse",
"anstyle-query",
"anstyle-wincon",
"colorchoice",
"is_terminal_polyfill",
"utf8parse",
]
[[package]]
name = "anstyle"
version = "1.0.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "940b3a0ca603d1eade50a4846a2afffd5ef57a9feac2c0e2ec2e14f9ead76000"
[[package]]
name = "anstyle-parse"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "52ce7f38b242319f7cabaa6813055467063ecdc9d355bbb4ce0c68908cd8130e"
dependencies = [
"utf8parse",
]
[[package]]
name = "anstyle-query"
version = "1.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "40c48f72fd53cd289104fc64099abca73db4166ad86ea0b4341abe65af83dadc"
dependencies = [
"windows-sys 0.61.2",
]
[[package]]
name = "anstyle-wincon"
version = "3.0.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "291e6a250ff86cd4a820112fb8898808a366d8f9f58ce16d1f538353ad55747d"
dependencies = [
"anstyle",
"once_cell_polyfill",
"windows-sys 0.61.2",
]
[[package]]
name = "atomic-waker"
version = "1.1.2"
@@ -143,6 +193,52 @@ dependencies = [
"inout",
]
[[package]]
name = "clap"
version = "4.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1ddb117e43bbf7dacf0a4190fef4d345b9bad68dfc649cb349e7d17d28428e51"
dependencies = [
"clap_builder",
"clap_derive",
]
[[package]]
name = "clap_builder"
version = "4.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "714a53001bf66416adb0e2ef5ac857140e7dc3a0c48fb28b2f10762fc4b5069f"
dependencies = [
"anstream",
"anstyle",
"clap_lex",
"strsim",
]
[[package]]
name = "clap_derive"
version = "4.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f2ce8604710f6733aa641a2b3731eaa1e8b3d9973d5e3565da11800813f997a9"
dependencies = [
"heck",
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "clap_lex"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c8d4a3bb8b1e0c1050499d1815f5ab16d04f0959b233085fb31653fbfc9d98f9"
[[package]]
name = "colorchoice"
version = "1.0.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1d07550c9036bf2ae0c684c4297d503f838287c83c53686d05370d0e139ae570"
[[package]]
name = "const-oid"
version = "0.9.6"
@@ -187,6 +283,20 @@ dependencies = [
"windows-sys 0.52.0",
]
[[package]]
name = "craftlabs-auth-cli"
version = "1.0.0"
dependencies = [
"chrono",
"clap",
"craft-core",
"dirs",
"reqwest",
"serde",
"serde_json",
"tokio",
]
[[package]]
name = "crypto-common"
version = "0.1.7"
@@ -230,6 +340,27 @@ dependencies = [
"subtle",
]
[[package]]
name = "dirs"
version = "5.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "44c45a9d03d6676652bcb5e724c7e988de1acad23a711b5217ab9cbecbec2225"
dependencies = [
"dirs-sys",
]
[[package]]
name = "dirs-sys"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "520f05a5cbd335fae5a99ff7a6ab8627577660ee5cfd6a94a6a929b52ff0321c"
dependencies = [
"libc",
"option-ext",
"redox_users",
"windows-sys 0.48.0",
]
[[package]]
name = "displaydoc"
version = "0.2.5"
@@ -336,6 +467,12 @@ dependencies = [
"polyval",
]
[[package]]
name = "heck"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea"
[[package]]
name = "hex"
version = "0.4.3"
@@ -600,6 +737,12 @@ version = "2.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d98f6fed1fde3f8c21bc40a1abb88dd75e67924f9cffc3ef95607bad8017f8e2"
[[package]]
name = "is_terminal_polyfill"
version = "1.70.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a6cb138bb79a146c1bd460005623e142ef0181e3d0219cb493e02f7d08a35695"
[[package]]
name = "itoa"
version = "1.0.18"
@@ -649,6 +792,15 @@ version = "0.2.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6d2cec3eae94f9f509c767b45932f1ada8350c4bdb85af2fcab4a3c14807981"
[[package]]
name = "libredox"
version = "0.1.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e02f3bb43d335493c96bf3fd3a321600bf6bd07ed34bc64118e9293bdffea46c"
dependencies = [
"libc",
]
[[package]]
name = "litemap"
version = "0.8.2"
@@ -742,12 +894,24 @@ version = "1.21.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9f7c3e4beb33f85d45ae3e3a1792185706c8e16d043238c593331cc7cd313b50"
[[package]]
name = "once_cell_polyfill"
version = "1.70.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "384b8ab6d37215f3c5301a95a4accb5d64aa607f1fcb26a11b5303878451b4fe"
[[package]]
name = "opaque-debug"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381"
[[package]]
name = "option-ext"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d"
[[package]]
name = "pem-rfc7468"
version = "0.7.0"
@@ -843,7 +1007,7 @@ dependencies = [
"rustc-hash",
"rustls",
"socket2",
"thiserror",
"thiserror 2.0.18",
"tokio",
"tracing",
"web-time",
@@ -864,7 +1028,7 @@ dependencies = [
"rustls",
"rustls-pki-types",
"slab",
"thiserror",
"thiserror 2.0.18",
"tinyvec",
"tracing",
"web-time",
@@ -958,6 +1122,17 @@ dependencies = [
"getrandom 0.3.4",
]
[[package]]
name = "redox_users"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43"
dependencies = [
"getrandom 0.2.17",
"libredox",
"thiserror 1.0.69",
]
[[package]]
name = "reqwest"
version = "0.12.28"
@@ -1210,6 +1385,12 @@ version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596"
[[package]]
name = "strsim"
version = "0.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f"
[[package]]
name = "subtle"
version = "2.6.1"
@@ -1247,13 +1428,33 @@ dependencies = [
"syn",
]
[[package]]
name = "thiserror"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
dependencies = [
"thiserror-impl 1.0.69",
]
[[package]]
name = "thiserror"
version = "2.0.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4288b5bcbc7920c07a1149a35cf9590a2aa808e0bc1eafaade0b80947865fbc4"
dependencies = [
"thiserror-impl",
"thiserror-impl 2.0.18",
]
[[package]]
name = "thiserror-impl"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
@@ -1444,6 +1645,12 @@ version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be"
[[package]]
name = "utf8parse"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821"
[[package]]
name = "version_check"
version = "0.9.5"
@@ -1617,13 +1824,22 @@ dependencies = [
"windows-link",
]
[[package]]
name = "windows-sys"
version = "0.48.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9"
dependencies = [
"windows-targets 0.48.5",
]
[[package]]
name = "windows-sys"
version = "0.52.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d"
dependencies = [
"windows-targets",
"windows-targets 0.52.6",
]
[[package]]
@@ -1635,34 +1851,67 @@ dependencies = [
"windows-link",
]
[[package]]
name = "windows-targets"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c"
dependencies = [
"windows_aarch64_gnullvm 0.48.5",
"windows_aarch64_msvc 0.48.5",
"windows_i686_gnu 0.48.5",
"windows_i686_msvc 0.48.5",
"windows_x86_64_gnu 0.48.5",
"windows_x86_64_gnullvm 0.48.5",
"windows_x86_64_msvc 0.48.5",
]
[[package]]
name = "windows-targets"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973"
dependencies = [
"windows_aarch64_gnullvm",
"windows_aarch64_msvc",
"windows_i686_gnu",
"windows_aarch64_gnullvm 0.52.6",
"windows_aarch64_msvc 0.52.6",
"windows_i686_gnu 0.52.6",
"windows_i686_gnullvm",
"windows_i686_msvc",
"windows_x86_64_gnu",
"windows_x86_64_gnullvm",
"windows_x86_64_msvc",
"windows_i686_msvc 0.52.6",
"windows_x86_64_gnu 0.52.6",
"windows_x86_64_gnullvm 0.52.6",
"windows_x86_64_msvc 0.52.6",
]
[[package]]
name = "windows_aarch64_gnullvm"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8"
[[package]]
name = "windows_aarch64_gnullvm"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3"
[[package]]
name = "windows_aarch64_msvc"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc"
[[package]]
name = "windows_aarch64_msvc"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469"
[[package]]
name = "windows_i686_gnu"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e"
[[package]]
name = "windows_i686_gnu"
version = "0.52.6"
@@ -1675,24 +1924,48 @@ version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66"
[[package]]
name = "windows_i686_msvc"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406"
[[package]]
name = "windows_i686_msvc"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66"
[[package]]
name = "windows_x86_64_gnu"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e"
[[package]]
name = "windows_x86_64_gnu"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78"
[[package]]
name = "windows_x86_64_gnullvm"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc"
[[package]]
name = "windows_x86_64_gnullvm"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d"
[[package]]
name = "windows_x86_64_msvc"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538"
[[package]]
name = "windows_x86_64_msvc"
version = "0.52.6"
native/Cargo.toml
+1 -1
View File
@@ -1,5 +1,5 @@
[workspace]
members = ["craft-core"]
members = ["craft-core", "craftlabs-auth-cli"]
resolver = "2"
[workspace.package]
native/craft-core/Cargo.toml
+1 -1
View File
@@ -5,7 +5,7 @@ edition = "2021"
description = "CraftLabs 授权核心库 — Rust 实现,导出 craft_* C ABI。目标平台:Linux(主)> Windows(次)> macOS(最低)"
[lib]
crate-type = ["cdylib", "staticlib"]
crate-type = ["cdylib", "staticlib", "lib"]
name = "craftlabs_auth_core"
[dependencies]
native/craft-core/build.rs
-1
View File
@@ -16,7 +16,6 @@ fn main() {
let out_dir = PathBuf::from(env::var("OUT_DIR").unwrap());
fs::write(out_dir.join("build_hash.txt"), format!("{}\n", hash_hex)).unwrap();
// 嵌入 RSA 公钥(用于 selfhosted 验签)
let pubkey_path = PathBuf::from(&manifest_dir).join("embedded").join("pubkey.pem");
if let Ok(pubkey) = fs::read_to_string(&pubkey_path) {
let trimmed = pubkey.trim();
native/craft-core/jni_bridge.c
+45
View File
@@ -0,0 +1,45 @@
/* JNI bridge — connects Java NativeBridge to Rust C ABI
* Compile: gcc -shared -fPIC -I$JAVA_HOME/include -I$JAVA_HOME/include/darwin
* -I native/include -o libcraftlabs_jni_bridge.so jni_bridge.c -L. -lcraftlabs_auth_core
*
* Then: java -Djava.library.path=. ... loads both libraries.
* Or rename the output to craftlabs_auth_core and load it directly.
*/
#include <jni.h>
#include "craftlabs_auth.h"
JNIEXPORT jlong JNICALL Java_cn_craftlabs_auth_internal_NativeBridge_nativeInitialize(
JNIEnv *env, jclass clazz, jstring configJson) {
const char *utf = (*env)->GetStringUTFChars(env, configJson, NULL);
jlong handle = (jlong)(intptr_t)craft_initialize(utf);
(*env)->ReleaseStringUTFChars(env, configJson, utf);
return handle;
}
JNIEXPORT void JNICALL Java_cn_craftlabs_auth_internal_NativeBridge_nativeDestroy(
JNIEnv *env, jclass clazz, jlong handle) {
(void)env; (void)clazz;
if (handle) craft_destroy((AuthHandle)(intptr_t)handle);
}
JNIEXPORT jobject JNICALL Java_cn_craftlabs_auth_internal_NativeBridge_nativeActivate(
JNIEnv *env, jclass clazz, jlong handle, jstring licenseKey) {
(void)clazz;
const char *key = (*env)->GetStringUTFChars(env, licenseKey, NULL);
AuthResult r = craft_activate((AuthHandle)(intptr_t)handle, key);
(*env)->ReleaseStringUTFChars(env, licenseKey, key);
jclass cls = (*env)->FindClass(env, "cn/craftlabs/auth/AuthResult");
jmethodID ctor = (*env)->GetMethodID(env, cls, "<init>", "(ZLjava/lang/String;)V");
jstring msg = (*env)->NewStringUTF(env, r.message ? r.message : "");
return (*env)->NewObject(env, cls, ctor, r.success ? JNI_TRUE : JNI_FALSE, msg);
}
JNIEXPORT jobject JNICALL Java_cn_craftlabs_auth_internal_NativeBridge_nativeCheckLicense(
JNIEnv *env, jclass clazz, jlong handle) {
(void)clazz;
AuthResult r = craft_check_license((AuthHandle)(intptr_t)handle);
jclass cls = (*env)->FindClass(env, "cn/craftlabs/auth/AuthResult");
jmethodID ctor = (*env)->GetMethodID(env, cls, "<init>", "(ZLjava/lang/String;)V");
jstring msg = (*env)->NewStringUTF(env, r.message ? r.message : "");
return (*env)->NewObject(env, cls, ctor, r.success ? JNI_TRUE : JNI_FALSE, msg);
}
native/craft-core/src/lib.rs
+5 -1
View File
@@ -9,7 +9,6 @@ mod session;
pub mod crypto;
pub mod device;
pub mod provider_selfhosted;
use trait_provider::{Provider, ActivateResponse, HeartbeatResponse, LicenseStatus};
use provider_selfhosted::SelfHostedProvider;
@@ -144,6 +143,11 @@ pub extern "C" fn craft_heartbeat(handle: *mut CraftContext) -> CraftResult {
.map_or_else(fail_result, |_| ok_result())
}
pub fn craft_initialize_with_config(config: &str) -> *mut CraftContext {
let c_str = std::ffi::CString::new(config).unwrap_or_default();
craft_initialize(c_str.as_ptr())
}
#[no_mangle]
pub extern "C" fn craft_destroy(handle: *mut CraftContext) {
if !handle.is_null() {
native/craftlabs-auth-cli/Cargo.toml
+19
View File
@@ -0,0 +1,19 @@
[package]
name = "craftlabs-auth-cli"
version = "1.0.0"
edition = "2021"
description = "CraftLabs 授权客户端 CLI — 设备授权/查看/撤销/迁移"
[[bin]]
name = "craft"
path = "src/main.rs"
[dependencies]
craft-core = { path = "../craft-core" }
clap = { version = "4", features = ["derive"] }
serde = { version = "1", features = ["derive"] }
serde_json = "1"
chrono = { version = "0.4", features = ["serde"] }
reqwest = { version = "0.12", features = ["json", "rustls-tls"], default-features = false }
tokio = { version = "1", features = ["rt", "rt-multi-thread", "macros"] }
dirs = "5"
native/craftlabs-auth-cli/src/config.rs
+36
View File
@@ -0,0 +1,36 @@
use std::fs;
use std::path::Path;
#[derive(serde::Serialize, serde::Deserialize)]
pub struct Config {
pub api_base_url: String,
pub sn: Option<String>,
}
impl Config {
pub fn load(path: &Path) -> Self {
if path.exists() {
fs::read_to_string(path)
.ok()
.and_then(|s| serde_json::from_str(&s).ok())
.unwrap_or_default()
} else {
Config::default()
}
}
pub fn save(&self, path: &Path) {
if let Ok(json) = serde_json::to_string_pretty(self) {
fs::write(path, json).ok();
}
}
}
impl Default for Config {
fn default() -> Self {
Config {
api_base_url: "http://localhost:8080".to_string(),
sn: None,
}
}
}
native/craftlabs-auth-cli/src/main.rs
+249
View File
@@ -0,0 +1,249 @@
use clap::{Parser, Subcommand};
use craftlabs_auth_core::{
craft_activate, craft_check_license, craft_destroy, craft_free_license_info,
craft_get_license_info, craft_heartbeat, craft_initialize, craft_release,
};
use craftlabs_auth_core::device;
use std::ffi::CString;
use std::path::PathBuf;
use std::fs;
mod config;
mod platform_api;
use config::Config;
use platform_api::PlatformClient;
#[derive(Parser)]
#[command(name = "craft", version, about = "CraftLabs 授权客户端")]
struct Cli {
#[command(subcommand)]
command: Commands,
/// 平台 API 地址 (默认: http://localhost:8080)
#[arg(long, global = true)]
api: Option<String>,
/// JSON 格式输出
#[arg(long, global = true)]
json: bool,
}
#[derive(Subcommand)]
enum Commands {
/// 查看本地授权状态
Status,
/// 使用 SN 激活本机
Activate { sn: String },
/// 检查授权是否有效
Check,
/// 显示授权详情
Info,
/// 撤销本机授权
Release,
/// 迁移授权到本机 (释放旧授权 + 激活新 SN)
Migrate { sn: String },
/// 显示本机设备指纹
DeviceId,
/// 手动触发心跳
Heartbeat,
/// 查看/修改配置
Config {
/// 查看或设置: status, set-api <url>, set-sn <sn>
action: Vec<String>,
},
}
fn get_config_path() -> PathBuf {
let mut path = dirs::config_dir().unwrap_or_else(|| PathBuf::from("."));
path.push("craftlabs");
fs::create_dir_all(&path).ok();
path.join("config.json")
}
fn main() {
let cli = Cli::parse();
let config_path = get_config_path();
let mut config = Config::load(&config_path);
if let Some(api_url) = &cli.api {
config.api_base_url = api_url.clone();
}
let rt = tokio::runtime::Runtime::new().unwrap();
match &cli.command {
Commands::Status => {
print_status(&config, cli.json);
}
Commands::Activate { sn } => {
let handle = init_engine();
if handle.is_null() {
eprintln!("错误: 初始化授权引擎失败");
std::process::exit(1);
}
let c_sn = CString::new(sn.as_str()).unwrap();
let result = craft_activate(handle, c_sn.as_ptr(), std::ptr::null());
if result.success != 0 {
println!("OK: 激活成功");
config.sn = Some(sn.clone());
config.save(&config_path);
rt.block_on(sync_activation(&config, sn));
} else {
let msg = if result.message.is_null() { "未知错误" } else {
unsafe { std::ffi::CStr::from_ptr(result.message) }.to_str().unwrap_or("未知错误")
};
eprintln!("错误: 激活失败 - {}", msg);
}
craft_destroy(handle);
}
Commands::Check => {
let handle = init_engine();
if handle.is_null() { eprintln!("错误: 初始化失败"); return; }
let result = craft_check_license(handle);
if cli.json {
let msg = if !result.message.is_null() {
unsafe { std::ffi::CStr::from_ptr(result.message) }.to_str().unwrap_or("")
} else { "" };
println!("{{\"status\":{},\"message\":\"{}\"}}", result.success, msg);
} else {
println!("授权状态: {}", if result.success != 0 { "有效" } else { "无效" });
}
craft_destroy(handle);
}
Commands::Info => {
let handle = init_engine();
if handle.is_null() { eprintln!("错误: 初始化失败"); return; }
let info_ptr = craft_get_license_info(handle);
if !info_ptr.is_null() {
let info = unsafe { &*info_ptr };
println!("授权状态: {}", if info.is_licensed != 0 { "已授权" } else { "未授权" });
if info.expiration_date > 0 {
println!("过期时间戳: {}", info.expiration_date);
}
if info.feature_count > 0 {
println!("功能特性 ({}):", info.feature_count);
let names = unsafe { std::slice::from_raw_parts(info.feature_names, info.feature_count as usize) };
let values = unsafe { std::slice::from_raw_parts(info.feature_values, info.feature_count as usize) };
for idx in 0..info.feature_count as usize {
let name = if idx < names.len() && !names[idx].is_null() {
unsafe { std::ffi::CStr::from_ptr(names[idx]) }
.to_str().unwrap_or("?")
} else { "?" };
let val = if idx < values.len() { values[idx] } else { 0 };
println!(" {}: {}", name, if val != 0 { "ON" } else { "OFF" });
}
}
craft_free_license_info(info_ptr);
} else {
println!("无法获取授权信息");
}
craft_destroy(handle);
}
Commands::Release => {
let handle = init_engine();
if handle.is_null() { eprintln!("错误: 初始化失败"); return; }
let result = craft_release(handle);
if result.success != 0 {
println!("OK: 授权已撤销");
config.sn = None;
config.save(&config_path);
} else {
eprintln!("错误: 撤销失败");
}
craft_destroy(handle);
}
Commands::Migrate { sn } => {
println!("正在迁移授权到新 SN: {} ...", sn);
let handle = init_engine();
if handle.is_null() { eprintln!("错误: 初始化失败"); return; }
craft_release(handle);
craft_destroy(handle);
let handle = init_engine();
if handle.is_null() { eprintln!("错误: 初始化失败"); return; }
let c_sn = CString::new(sn.as_str()).unwrap();
let result = craft_activate(handle, c_sn.as_ptr(), std::ptr::null());
if result.success != 0 {
println!("OK: 迁移成功");
config.sn = Some(sn.clone());
config.save(&config_path);
} else {
eprintln!("错误: 迁移失败");
}
craft_destroy(handle);
}
Commands::DeviceId => {
let fp = device::collect();
if cli.json {
println!("{{\"device_id\":\"{}\"}}", fp.composite_hash);
} else {
println!("设备指纹: {}", fp.composite_hash);
}
}
Commands::Heartbeat => {
let handle = init_engine();
if handle.is_null() { eprintln!("错误: 初始化失败"); return; }
let result = craft_heartbeat(handle);
println!("心跳: {}", if result.success != 0 { "OK" } else { "FAIL" });
craft_destroy(handle);
}
Commands::Config { action } => {
handle_config(action, &mut config, &config_path);
}
}
}
fn init_engine() -> *mut craftlabs_auth_core::CraftContext {
let config_json = r#"{"provider":"selfhosted","schemaVersion":1,"scenario":"floating"}"#;
let c = CString::new(config_json).unwrap();
craft_initialize(c.as_ptr())
}
fn print_status(config: &Config, json: bool) {
let handle = init_engine();
if handle.is_null() { eprintln!("错误: 初始化失败"); return; }
let result = craft_check_license(handle);
let fp = device::collect();
if json {
println!("{{\"licensed\":{},\"device_id\":\"{}\",\"api\":\"{}\",\"sn\":{}}}",
result.success, fp.composite_hash, config.api_base_url,
config.sn.as_deref().map(|s| format!("\"{}\"", s)).unwrap_or("null".into()));
} else {
println!("授权状态: {}", if result.success != 0 { "有效" } else { "无效" });
println!("设备指纹: {}", fp.composite_hash);
println!("API 地址: {}", config.api_base_url);
if let Some(sn) = &config.sn {
println!("绑定 SN: {}", sn);
}
}
craft_destroy(handle);
}
fn handle_config(action: &[String], config: &mut Config, path: &PathBuf) {
if action.is_empty() {
println!("API 地址: {}", config.api_base_url);
println!("绑定 SN: {}", config.sn.as_deref().unwrap_or("(无)"));
println!("配置路径: {}", path.display());
return;
}
match action[0].as_str() {
"set-api" if action.len() > 1 => {
config.api_base_url = action[1].clone();
config.save(path);
println!("OK: API 地址已更新");
}
"set-sn" if action.len() > 1 => {
config.sn = Some(action[1].clone());
config.save(path);
println!("OK: SN 已设置");
}
_ => eprintln!("用法: craft config [set-api <url>|set-sn <sn>]"),
}
}
async fn sync_activation(config: &Config, sn: &str) {
let client = PlatformClient::new(&config.api_base_url);
match client.report_activation(sn, &device::collect().composite_hash).await {
Ok(_) => println!("平台同步成功"),
Err(e) => eprintln!("平台同步失败: {} (不影响本地授权)", e),
}
}
native/craftlabs-auth-cli/src/platform_api.rs
+52
View File
@@ -0,0 +1,52 @@
use serde::{Serialize, Deserialize};
#[derive(Serialize)]
struct ActivationReport {
sn: String,
device_id: String,
timestamp: String,
}
#[derive(Deserialize)]
struct ApiResponse {
status: String,
message: Option<String>,
}
pub struct PlatformClient {
base_url: String,
client: reqwest::Client,
}
impl PlatformClient {
pub fn new(base_url: &str) -> Self {
PlatformClient {
base_url: base_url.trim_end_matches('/').to_string(),
client: reqwest::Client::new(),
}
}
pub async fn report_activation(&self, sn: &str, device_id: &str) -> Result<(), String> {
let body = ActivationReport {
sn: sn.to_string(),
device_id: device_id.to_string(),
timestamp: chrono::Utc::now().to_rfc3339(),
};
let url = format!("{}/api/v1/licenses/activate", self.base_url);
let resp = self.client
.post(&url)
.json(&body)
.send()
.await
.map_err(|e| format!("请求失败: {}", e))?;
if resp.status().is_success() {
Ok(())
} else {
let status = resp.status();
let text = resp.text().await.unwrap_or_default();
Err(format!("HTTP {}: {}", status, text))
}
}
}
services/delivery-platform-api/AGENTS.md
+65
View File
@@ -0,0 +1,65 @@
# DELIVERY PLATFORM API
**Part of:** craftlabs-authorization-sdk (暂合工作区)
**Stack:** Spring Boot 3.x + MyBatis-Plus + Flyway + MySQL
**Build:** Maven (JDK 17+), 153 Java 文件
## STRUCTURE
```
delivery-platform-api/
├── src/main/java/cn/craftlabs/platform/api/
│ ├── PlatformApplication.java # Bootstrap entry
│ ├── config/ # OpenApiConfig, SecurityConfig, MybatisPlusConfig, ApiExceptionHandler
│ ├── security/ # JwtAuthenticationFilter, JwtService, InternalTokenAuth
│ ├── domain/ # Status enums (Contract, Customer, Device, LicenseSn, etc.)
│ ├── persistence/{entity}/ # Entity + Mapper pairs (每领域一对)
│ ├── service/ # Business logic (ContractService, LicenseSnService, etc.)
│ ├── {domain}/ # Controllers (contract, license, device, audit, todo, etc.)
│ └── web/dto/ # 47 Request/Response DTOs
├── src/main/resources/db/migration/ # Flyway SQL migrations
└── pom.xml
```
## DOMAINS
| Domain | Controller | Service | Entities |
|--------|-----------|---------|----------|
| Contract | `ContractController` | `ContractService` | Contract, ContractLine, ContractChange |
| License SN | `LicenseSnController` | `LicenseSnService` | LicenseSn, License, LicenseKey, Activation |
| Delivery | `DeliveryBatchController` | `DeliveryBatchService` | DeliveryBatch, DeliveryLine |
| Device | `DeviceController` | `DeviceService` | Device, DeviceSnBinding, DeviceSwapRequest |
| Customer | `CustomerController` | `CustomerService` | Customer |
| Audit | `AuditController` | `AuditService` | AuditEvent |
| Todo | `TodoController` | `TodoService` | TodoItem, NotificationConfig |
| Project | `ProjectController` | `ProjectService` | Project, ProjectStakeholder |
| Integration | `IntegrationCatalogController` | `IntegrationCatalogService` | SkuMapping, ProductLine, Env, BitanswerId, JsonTemplate |
| Callback | `CallbackInboxController` | `CallbackInboxService` | CallbackInbox |
| Report | `ReportController` | `ReportService` | — |
| Dictionary | `DictionaryController` | `DictionaryService` | Dictionary |
## WHERE TO LOOK
| Task | Location |
|------|----------|
| REST endpoints | `*/.../api/{domain}/*Controller.java` |
| Business logic | `*/.../api/service/*Service.java` |
| Data access | `*/.../api/persistence/{domain}/` |
| Request/response DTOs | `*/.../api/web/dto/` |
| DB migrations | `src/main/resources/db/migration/` |
| Security filters | `*/.../api/security/` |
| Global error handling | `*/.../api/config/ApiExceptionHandler.java` |
## CONVENTIONS
- **Controller**: `@RestController` + `@RequestMapping("/api/v1/...")` per domain
- **Persistence**: 实体 `Platform{Entity}` + `Platform{Entity}Mapper` (MyBatis-Plus), 一对一下同包
- **Service**: 每个 domain 一个 Service 接口+实现, 调用 Mapper + 跨域调其它 Service
- **DTO**: 每个 domain 一对 Request/Response 类, 47 个 DTO 集中 `web/dto/`
- **Error**: 统一 `ApiExceptionHandler` + 自定义业务异常
- **Security**: JWT filter + internal token filter
## ANTI-PATTERNS
- **Do not** import/copy SDK classes (`cn.craftlabs.auth.*`) into the platform — use published artifacts
- **Do not** repackage platform as boot JAR outside `bootstrap` module
services/delivery-platform-api/pom.xml
+3
View File
@@ -100,6 +100,9 @@
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<mainClass>cn.craftlabs.platform.api.PlatformApplication</mainClass>
</configuration>
</plugin>
</plugins>
</build>
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/audit/AuditController.java
+66 -5
View File
@@ -5,14 +5,21 @@ import cn.craftlabs.platform.api.web.dto.AuditEventResponse;
import cn.craftlabs.platform.api.web.dto.PageResponse;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
import org.springframework.core.io.ByteArrayResource;
import org.springframework.core.io.Resource;
import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseEntity;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import java.nio.charset.StandardCharsets;
import java.time.LocalDate;
import java.util.List;
import java.util.Map;
@RestController
@RequestMapping("/api/v1/audit-events")
@Validated
@@ -26,10 +33,64 @@ public class AuditController {
@GetMapping
public PageResponse<AuditEventResponse> list(
@RequestParam("entityType") @NotBlank String entityType,
@RequestParam("entityId") @NotNull Long entityId,
@RequestParam(value = "entityType", required = false) String entityType,
@RequestParam(value = "entityId", required = false) Long entityId,
@RequestParam(value = "userId", required = false) String userId,
@RequestParam(value = "page", defaultValue = "0") @Min(0) int page,
@RequestParam(value = "size", defaultValue = "20") @Min(1) @Max(200) int size) {
return auditService.page(entityType, entityId, page, size);
return auditService.page(entityType, entityId, userId, page, size);
}
@GetMapping("/export")
public ResponseEntity<Resource> exportAuditEvents(
@RequestParam(value = "entityType", required = false) String entityType,
@RequestParam(value = "entityId", required = false) Long entityId,
@RequestParam(value = "userId", required = false) String userId,
@RequestParam(value = "from", required = false) String from,
@RequestParam(value = "to", required = false) String to) {
List<AuditEventResponse> events = auditService.searchAuditEvents(entityType, entityId, from, to, userId);
StringBuilder sb = new StringBuilder();
sb.append("时间,操作者,动作,实体类型,实体ID,摘要,详情\n");
for (AuditEventResponse e : events) {
sb.append(escapeCsv(e.getCreatedAt() != null ? e.getCreatedAt().toString() : "")).append(",");
sb.append(escapeCsv(e.getActorUserId())).append(",");
sb.append(escapeCsv(e.getAction())).append(",");
sb.append(escapeCsv(e.getEntityType())).append(",");
sb.append(e.getEntityId() != null ? String.valueOf(e.getEntityId()) : "").append(",");
sb.append(escapeCsv(e.getFieldName())).append(",");
sb.append(escapeCsv(e.getOldValue())).append("\n");
}
byte[] bytes = sb.toString().getBytes(StandardCharsets.UTF_8);
byte[] bom = {(byte) 0xEF, (byte) 0xBB, (byte) 0xBF};
byte[] withBom = new byte[bom.length + bytes.length];
System.arraycopy(bom, 0, withBom, 0, bom.length);
System.arraycopy(bytes, 0, withBom, bom.length, bytes.length);
ByteArrayResource resource = new ByteArrayResource(withBom);
return ResponseEntity.ok()
.header(HttpHeaders.CONTENT_DISPOSITION,
"attachment; filename=audit-events-" + LocalDate.now() + ".csv")
.header(HttpHeaders.CONTENT_TYPE, "text/csv; charset=utf-8")
.body(resource);
}
@GetMapping("/retention-config")
public ResponseEntity<Map<String, Object>> getRetentionConfig() {
return ResponseEntity.ok(Map.of(
"retentionDays", 365,
"autoCleanup", false
));
}
private static String escapeCsv(String value) {
if (value == null) return "";
if (value.contains(",") || value.contains("\"") || value.contains("\n")) {
return "\"" + value.replace("\"", "\"\"") + "\"";
}
return value;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/auth/AuthController.java
+193 -42
View File
@@ -1,72 +1,223 @@
package cn.craftlabs.platform.api.auth;
import cn.craftlabs.platform.api.persistence.auth.PlatformLoginAttempt;
import cn.craftlabs.platform.api.persistence.auth.PlatformLoginAttemptMapper;
import cn.craftlabs.platform.api.persistence.auth.PlatformUser;
import cn.craftlabs.platform.api.persistence.auth.PlatformUserMapper;
import cn.craftlabs.platform.api.security.JwtService;
import cn.craftlabs.platform.api.security.PlatformRoles;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.server.ResponseStatusException;
import java.time.OffsetDateTime;
import java.time.ZoneOffset;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
/**
* I1:演示账号签发 JWT(I2 起接用户表与密码哈希)。
*/
@RestController
@RequestMapping("/api/v1/auth")
public class AuthController {
private final JwtService jwtService;
private final PasswordEncoder passwordEncoder;
private final PlatformUserMapper userMapper;
private final PlatformLoginAttemptMapper loginAttemptMapper;
private final HttpServletRequest request;
public AuthController(JwtService jwtService) {
private static final int MAX_LOGIN_ATTEMPTS = 5;
private static final int LOCKOUT_MINUTES = 15;
public AuthController(JwtService jwtService, PasswordEncoder passwordEncoder,
PlatformUserMapper userMapper,
PlatformLoginAttemptMapper loginAttemptMapper,
HttpServletRequest request) {
this.jwtService = jwtService;
this.passwordEncoder = passwordEncoder;
this.userMapper = userMapper;
this.loginAttemptMapper = loginAttemptMapper;
this.request = request;
}
@PostMapping("/login")
public Map<String, Object> login(@RequestBody Map<String, String> body) {
String user = body.getOrDefault("username", "");
String user = body.getOrDefault("username", "").trim().toLowerCase();
String pass = body.getOrDefault("password", "");
if ("admin".equals(user) && "admin".equals(pass)) {
String token =
jwtService.createToken(user, "管理员", List.of(PlatformRoles.SYS_ADMIN));
return Map.of(
"token",
token,
"tokenType",
"Bearer",
"roles",
List.of(PlatformRoles.SYS_ADMIN),
"displayName",
"管理员");
if (user.isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "用户名不能为空");
}
if ("dev".equals(user) && "dev".equals(pass)) {
String token =
jwtService.createToken(user, "开发账号", List.of(PlatformRoles.DEVELOPER));
return Map.of(
"token",
token,
"tokenType",
"Bearer",
"roles",
List.of(PlatformRoles.DEVELOPER),
"displayName",
"开发账号");
var recentQuery = com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformLoginAttempt.class)
.eq(PlatformLoginAttempt::getUsername, user)
.eq(PlatformLoginAttempt::getSuccess, false)
.ge(PlatformLoginAttempt::getAttemptedAt, OffsetDateTime.now().minusMinutes(LOCKOUT_MINUTES));
long recentFailed = loginAttemptMapper.selectCount(recentQuery);
if (recentFailed >= MAX_LOGIN_ATTEMPTS) {
throw new ResponseStatusException(HttpStatus.TOO_MANY_REQUESTS,
"账户已临时锁定,请" + LOCKOUT_MINUTES + "分钟后重试");
}
if ("ops".equals(user) && "ops".equals(pass)) {
String token = jwtService.createToken(user, "运营账号", List.of(PlatformRoles.OPS));
return Map.of(
"token",
token,
"tokenType",
"Bearer",
"roles",
List.of(PlatformRoles.OPS),
"displayName",
"运营账号");
var userQuery = com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformUser.class)
.eq(PlatformUser::getUsername, user);
PlatformUser platformUser = userMapper.selectOne(userQuery);
if (platformUser == null) {
recordFailedAttempt(user);
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "用户名或密码错误");
}
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "invalid credentials");
if (!"ACTIVE".equals(platformUser.getStatus())) {
throw new ResponseStatusException(HttpStatus.FORBIDDEN, "账户已被禁用");
}
boolean passwordMatch;
if (platformUser.getPasswordHash().startsWith("$2a$") || platformUser.getPasswordHash().startsWith("$2b$")) {
passwordMatch = passwordEncoder.matches(pass, platformUser.getPasswordHash());
} else {
passwordMatch = pass.equals(platformUser.getPasswordHash());
}
if (!passwordMatch) {
recordFailedAttempt(user);
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "用户名或密码错误");
}
loginAttemptMapper.delete(com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformLoginAttempt.class)
.eq(PlatformLoginAttempt::getUsername, user));
List<String> permissions = buildPermissions(platformUser.getRole());
String token = jwtService.createToken(platformUser.getUsername(),
platformUser.getDisplayName(), List.of(platformUser.getRole()));
Map<String, Object> result = new LinkedHashMap<>();
result.put("token", token);
result.put("tokenType", "Bearer");
result.put("roles", List.of(platformUser.getRole()));
result.put("displayName", platformUser.getDisplayName());
result.put("permissions", permissions);
return result;
}
@PostMapping("/change-password")
public ResponseEntity<Void> changePassword(@RequestBody Map<String, String> body) {
String oldPassword = body.get("oldPassword");
String newPassword = body.get("newPassword");
if (oldPassword == null || oldPassword.isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "旧密码不能为空");
}
if (newPassword == null || newPassword.length() < 6) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "新密码至少6位");
}
String currentUser = jwtService.getCurrentUsername();
if (currentUser == null) {
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "无法识别当前用户");
}
var query = com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformUser.class)
.eq(PlatformUser::getUsername, currentUser);
PlatformUser user = userMapper.selectOne(query);
if (user == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "用户不存在");
}
if (!passwordEncoder.matches(oldPassword, user.getPasswordHash())) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "旧密码错误");
}
user.setPasswordHash(passwordEncoder.encode(newPassword));
user.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
userMapper.updateById(user);
return ResponseEntity.ok().build();
}
@PostMapping("/admin/reset-password")
public ResponseEntity<Void> resetPassword(@RequestBody Map<String, String> body) {
String username = body.get("username");
String newPassword = body.get("newPassword");
if (username == null || username.trim().isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "用户名不能为空");
}
if (newPassword == null || newPassword.length() < 6) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "新密码至少6位");
}
var query = com.baomidou.mybatisplus.core.toolkit.Wrappers
.lambdaQuery(PlatformUser.class)
.eq(PlatformUser::getUsername, username.trim().toLowerCase());
PlatformUser user = userMapper.selectOne(query);
if (user == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "用户不存在");
}
user.setPasswordHash(passwordEncoder.encode(newPassword));
user.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
userMapper.updateById(user);
return ResponseEntity.ok().build();
}
@PostMapping("/admin/force-logout")
public ResponseEntity<Void> forceLogout(@RequestBody Map<String, String> body) {
String username = body.get("username");
if (username == null || username.trim().isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "用户名不能为空");
}
return ResponseEntity.ok().build();
}
private void recordFailedAttempt(String username) {
PlatformLoginAttempt attempt = new PlatformLoginAttempt();
attempt.setUsername(username);
attempt.setSuccess(false);
attempt.setIpAddress(request.getRemoteAddr());
attempt.setAttemptedAt(OffsetDateTime.now(ZoneOffset.UTC));
loginAttemptMapper.insert(attempt);
}
private List<String> buildPermissions(String role) {
List<String> permissions = new ArrayList<>();
switch (role) {
case "SYS_ADMIN":
permissions.add("*:*");
break;
case "SALES":
permissions.add("customer:*");
permissions.add("project:*");
permissions.add("contract:*");
permissions.add("delivery:read");
break;
case "DELIVERY":
permissions.add("delivery:*");
permissions.add("device:*");
break;
case "LICENSE_OPS":
permissions.add("license:*");
permissions.add("callback:*");
permissions.add("todo:*");
permissions.add("device:read");
permissions.add("integration:read");
permissions.add("report:callback");
break;
}
return permissions;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/auth/UserAdminController.java
+108
View File
@@ -0,0 +1,108 @@
package cn.craftlabs.platform.api.auth;
import cn.craftlabs.platform.api.persistence.auth.PlatformUser;
import cn.craftlabs.platform.api.persistence.auth.PlatformUserMapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.server.ResponseStatusException;
import java.time.OffsetDateTime;
import java.time.ZoneOffset;
import java.util.List;
import java.util.Map;
@RestController
@RequestMapping("/api/v1/admin/users")
public class UserAdminController {
private final PlatformUserMapper userMapper;
private final PasswordEncoder passwordEncoder;
public UserAdminController(PlatformUserMapper userMapper, PasswordEncoder passwordEncoder) {
this.userMapper = userMapper;
this.passwordEncoder = passwordEncoder;
}
@GetMapping
public List<PlatformUser> list() {
return userMapper.selectList(Wrappers.lambdaQuery(PlatformUser.class)
.orderByAsc(PlatformUser::getId));
}
@PostMapping
public ResponseEntity<PlatformUser> create(@RequestBody Map<String, String> body) {
String username = body.get("username");
String password = body.get("password");
String displayName = body.get("displayName");
String role = body.get("role");
if (username == null || username.trim().isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "用户名不能为空");
}
if (password == null || password.length() < 6) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "密码至少6位");
}
var existing = userMapper.selectOne(Wrappers.lambdaQuery(PlatformUser.class)
.eq(PlatformUser::getUsername, username.trim().toLowerCase()));
if (existing != null) {
throw new ResponseStatusException(HttpStatus.CONFLICT, "用户名已存在");
}
PlatformUser user = new PlatformUser();
user.setUsername(username.trim().toLowerCase());
user.setDisplayName(displayName != null ? displayName.trim() : username.trim());
user.setPasswordHash(passwordEncoder.encode(password));
user.setRole(role != null ? role.trim().toUpperCase() : "SALES");
user.setStatus("ACTIVE");
user.setCreatedAt(OffsetDateTime.now(ZoneOffset.UTC));
user.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
userMapper.insert(user);
return ResponseEntity.status(HttpStatus.CREATED).body(user);
}
@PutMapping("/{id}")
public ResponseEntity<PlatformUser> update(@PathVariable("id") Long id, @RequestBody Map<String, String> body) {
PlatformUser user = userMapper.selectById(id);
if (user == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "用户不存在");
}
String displayName = body.get("displayName");
String role = body.get("role");
String password = body.get("password");
if (displayName != null) user.setDisplayName(displayName.trim());
if (role != null) user.setRole(role.trim().toUpperCase());
if (password != null && !password.isEmpty()) {
if (password.length() < 6) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "密码至少6位");
}
user.setPasswordHash(passwordEncoder.encode(password));
}
user.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
userMapper.updateById(user);
return ResponseEntity.ok(user);
}
@PatchMapping("/{id}/status")
public ResponseEntity<Void> toggleStatus(@PathVariable("id") Long id, @RequestBody Map<String, String> body) {
PlatformUser user = userMapper.selectById(id);
if (user == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "用户不存在");
}
String newStatus = body.get("status");
if (!List.of("ACTIVE", "DISABLED").contains(newStatus)) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "状态值无效 (ACTIVE/DISABLED)");
}
user.setStatus(newStatus);
user.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
userMapper.updateById(user);
return ResponseEntity.ok().build();
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/callback/CallbackInboxController.java
+43 -2
View File
@@ -1,6 +1,9 @@
package cn.craftlabs.platform.api.callback;
import cn.craftlabs.platform.api.service.CallbackEventIngestService;
import cn.craftlabs.platform.api.service.CallbackInboxService;
import cn.craftlabs.platform.api.web.dto.CallbackEventIngestRequest;
import cn.craftlabs.platform.api.web.dto.CallbackEventIngestResponse;
import cn.craftlabs.platform.api.web.dto.CallbackInboxLinkPatchRequest;
import cn.craftlabs.platform.api.web.dto.CallbackInboxResponse;
import cn.craftlabs.platform.api.web.dto.CallbackInboxStatusPatchRequest;
@@ -10,18 +13,22 @@ import cn.craftlabs.platform.api.web.dto.PageResponse;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RestController;
import java.time.OffsetDateTime;
import java.util.List;
import java.util.Map;
@RestController
@RequestMapping("/api/v1/callback-inbox")
@@ -30,9 +37,11 @@ import java.time.OffsetDateTime;
public class CallbackInboxController {
private final CallbackInboxService callbackInboxService;
private final CallbackEventIngestService callbackEventIngestService;
public CallbackInboxController(CallbackInboxService callbackInboxService) {
public CallbackInboxController(CallbackInboxService callbackInboxService, CallbackEventIngestService callbackEventIngestService) {
this.callbackInboxService = callbackInboxService;
this.callbackEventIngestService = callbackEventIngestService;
}
@GetMapping
@@ -77,6 +86,14 @@ public class CallbackInboxController {
return callbackInboxService.patchLink(id, request);
}
/** M5-F10:模拟投递(仅测试环境),手动 POST 模拟 Callback 事件。 */
@PostMapping("/simulate")
public CallbackEventIngestResponse simulate(
@Valid @RequestBody CallbackEventIngestRequest request,
@RequestHeader(value = "Idempotency-Key", required = false) String idempotencyKey) {
return callbackEventIngestService.ingest(request, idempotencyKey);
}
/** I8:代理 OPS 调用 Webhook,将关联收据的 {@code DEAD} 出库重新入队。 */
@PostMapping("/{id}/replay-webhook-delivery")
public CallbackWebhookReplayResponse replayWebhookDelivery(@PathVariable("id") long id) {
@@ -88,4 +105,28 @@ public class CallbackInboxController {
public CallbackWebhookDeliveryStatusResponse getWebhookDelivery(@PathVariable("id") long id) {
return callbackInboxService.getWebhookDeliveryStatus(id);
}
/** M5-F07:批量重处理 — 接收 ID 列表,逐条触发 DEAD 重放。 */
@PostMapping("/batch-replay")
public ResponseEntity<Map<String, Object>> batchReplay(@RequestBody List<Long> ids) {
int success = 0;
int failed = 0;
java.util.List<String> errors = new java.util.ArrayList<>();
for (Long id : ids) {
try {
callbackInboxService.replayWebhookDelivery(id);
success++;
} catch (Exception e) {
failed++;
errors.add("ID " + id + ": " + e.getMessage());
}
}
return ResponseEntity.ok(java.util.Map.of("success", success, "failed", failed, "errors", errors));
}
/** M5-F08:死信与积压监控摘要。 */
@GetMapping("/stats/backlog")
public ResponseEntity<Map<String, Object>> backlogStats() {
return ResponseEntity.ok(callbackInboxService.getBacklogStats());
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/config/ApiExceptionHandler.java
+18
View File
@@ -1,5 +1,7 @@
package cn.craftlabs.platform.api.config;
import jakarta.validation.ConstraintViolationException;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
@@ -18,4 +20,20 @@ public class ApiExceptionHandler {
body.put("message", ex.getReason() != null ? ex.getReason() : "");
return ResponseEntity.status(ex.getStatusCode()).body(body);
}
@ExceptionHandler(ConstraintViolationException.class)
public ResponseEntity<Map<String, Object>> handleConstraintViolation(ConstraintViolationException ex) {
Map<String, Object> body = new LinkedHashMap<>();
body.put("status", HttpStatus.BAD_REQUEST.value());
body.put("message", "参数校验失败: " + ex.getMessage());
return ResponseEntity.badRequest().body(body);
}
@ExceptionHandler(Exception.class)
public ResponseEntity<Map<String, Object>> handleGeneral(Exception ex) {
Map<String, Object> body = new LinkedHashMap<>();
body.put("status", HttpStatus.INTERNAL_SERVER_ERROR.value());
body.put("message", "服务器内部错误");
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(body);
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/config/SecurityConfig.java
+13
View File
@@ -13,8 +13,11 @@ import org.springframework.security.config.annotation.web.configurers.HeadersCon
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy;
import com.fasterxml.jackson.databind.ObjectMapper;
/**
* I1JWTBearer)保护业务 APII5{@code /internal/**} 使用内部共享 Token,与 JWT 分离;I6:统一安全响应头。
@@ -72,6 +75,16 @@ public class SecurityConfig {
return http.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public ObjectMapper objectMapper() {
return new ObjectMapper();
}
/** I6API 最小安全头;HSTS 由边缘 HTTPS 终止(Nginx/Caddy)配置。 */
private void apiHeaders(HeadersConfigurer<HttpSecurity> headers) {
headers
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/config/SystemParamController.java
+50
View File
@@ -0,0 +1,50 @@
package cn.craftlabs.platform.api.config;
import cn.craftlabs.platform.api.persistence.system.PlatformSystemParam;
import cn.craftlabs.platform.api.persistence.system.PlatformSystemParamMapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import java.time.OffsetDateTime;
import java.time.ZoneOffset;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
@RestController
@RequestMapping("/api/v1/system-params")
public class SystemParamController {
private final PlatformSystemParamMapper paramMapper;
public SystemParamController(PlatformSystemParamMapper paramMapper) {
this.paramMapper = paramMapper;
}
@GetMapping
public Map<String, String> list() {
List<PlatformSystemParam> params = paramMapper.selectList(Wrappers.lambdaQuery());
return params.stream().collect(Collectors.toMap(
PlatformSystemParam::getParamKey, PlatformSystemParam::getParamValue));
}
@PutMapping
public ResponseEntity<Void> update(@RequestBody Map<String, String> body) {
for (var entry : body.entrySet()) {
PlatformSystemParam param = paramMapper.selectById(entry.getKey());
if (param == null) {
param = new PlatformSystemParam();
param.setParamKey(entry.getKey());
}
param.setParamValue(entry.getValue());
param.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
if (param.getParamKey() != null && paramMapper.selectById(param.getParamKey()) != null) {
paramMapper.updateById(param);
} else {
paramMapper.insert(param);
}
}
return ResponseEntity.ok().build();
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/contracts/ContractController.java
+93 -4
View File
@@ -1,6 +1,9 @@
package cn.craftlabs.platform.api.contracts;
import cn.craftlabs.platform.api.persistence.attachment.PlatformContractAttachment;
import cn.craftlabs.platform.api.persistence.attachment.PlatformContractAttachmentMapper;
import cn.craftlabs.platform.api.service.ContractService;
import cn.craftlabs.platform.api.service.ContractStatusTransitionService;
import cn.craftlabs.platform.api.web.dto.ContractCreateRequest;
import cn.craftlabs.platform.api.web.dto.ContractLineRequest;
import cn.craftlabs.platform.api.web.dto.ContractLineResponse;
@@ -8,10 +11,19 @@ import cn.craftlabs.platform.api.web.dto.ContractResponse;
import cn.craftlabs.platform.api.web.dto.ContractStatusPatchRequest;
import cn.craftlabs.platform.api.web.dto.ContractUpdateRequest;
import cn.craftlabs.platform.api.web.dto.PageResponse;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
import java.io.File;
import java.io.IOException;
import java.time.OffsetDateTime;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
@@ -24,21 +36,34 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.server.ResponseStatusException;
import java.util.List;
/** 合同 API:头信息与行挂在同一资源树下(嵌套路由)。 */
@RestController
@RequestMapping("/api/v1/contracts")
@Validated
public class ContractController {
private final ContractService contractService;
private final PlatformContractAttachmentMapper attachmentMapper;
private final ContractStatusTransitionService contractStatusTransitionService;
public ContractController(ContractService contractService) {
public ContractController(ContractService contractService, PlatformContractAttachmentMapper attachmentMapper, ContractStatusTransitionService contractStatusTransitionService) {
this.contractService = contractService;
this.attachmentMapper = attachmentMapper;
this.contractStatusTransitionService = contractStatusTransitionService;
}
private static final long MAX_FILE_SIZE = 50 * 1024 * 1024; // 50MB
private static final Set<String> ALLOWED_CONTENT_TYPES = Set.of(
MediaType.APPLICATION_PDF_VALUE,
"image/jpeg", "image/png", "image/tiff",
"application/msword",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/vnd.ms-excel",
"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"
);
@GetMapping
public PageResponse<ContractResponse> list(
@RequestParam(value = "page", defaultValue = "0") @Min(0) int page,
@@ -97,4 +122,68 @@ public class ContractController {
public void deleteLine(@PathVariable("id") long contractId, @PathVariable("lineId") long lineId) {
contractService.deleteLine(contractId, lineId);
}
@PostMapping("/{id}/attachments")
public ResponseEntity<Map<String, Object>> uploadAttachment(
@PathVariable Long id,
@RequestParam("file") MultipartFile file) {
if (file.isEmpty()) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "上传文件为空");
}
if (file.getSize() > MAX_FILE_SIZE) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "文件大小超过限制(最大 50MB");
}
String contentType = file.getContentType();
if (contentType == null || !ALLOWED_CONTENT_TYPES.contains(contentType)) {
throw new ResponseStatusException(HttpStatus.BAD_REQUEST,
"不支持的文件类型: " + (contentType != null ? contentType : "未知"));
}
String uploadDir = System.getProperty("user.dir") + "/uploads/contracts/" + id + "/";
File dir = new File(uploadDir);
if (!dir.exists()) dir.mkdirs();
String originalName = file.getOriginalFilename();
String ext = originalName != null && originalName.contains(".")
? originalName.substring(originalName.lastIndexOf('.'))
: "";
String storedName = java.util.UUID.randomUUID().toString() + ext;
File dest = new File(uploadDir + storedName);
try {
file.transferTo(dest);
} catch (IOException e) {
throw new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR, "文件存储失败");
}
PlatformContractAttachment attachment = new PlatformContractAttachment();
attachment.setContractId(id);
attachment.setFileName(originalName);
attachment.setFilePath(dest.getAbsolutePath());
attachment.setFileSize(file.getSize());
attachment.setContentType(contentType);
attachment.setCreatedAt(OffsetDateTime.now());
attachmentMapper.insert(attachment);
return ResponseEntity.ok(Map.of("id", attachment.getId(), "fileName", attachment.getFileName()));
}
@GetMapping("/{id}/attachments")
public ResponseEntity<List<PlatformContractAttachment>> getAttachments(@PathVariable Long id) {
var query = Wrappers.lambdaQuery(PlatformContractAttachment.class)
.eq(PlatformContractAttachment::getContractId, id)
.orderByDesc(PlatformContractAttachment::getCreatedAt);
return ResponseEntity.ok(attachmentMapper.selectList(query));
}
@PostMapping("/{id}/changes")
public ResponseEntity<Void> initiateChange(@PathVariable Long id, @RequestBody Map<String, String> body) {
contractStatusTransitionService.initiateChange(id, body.getOrDefault("reason", ""));
return ResponseEntity.ok().build();
}
@PostMapping("/{id}/changes/complete")
public ResponseEntity<Void> completeChange(@PathVariable Long id) {
contractStatusTransitionService.completeChange(id);
return ResponseEntity.ok().build();
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/customer/CustomerController.java
+21
View File
@@ -8,9 +8,11 @@ import jakarta.validation.Valid;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
@@ -20,6 +22,8 @@ import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import java.util.Map;
/**
* 客户 API。{@code DELETE /{id}} 为<strong>软删除</strong>:将 {@code status} 置为 {@code INACTIVE}(可重复调用)。
*/
@@ -53,12 +57,29 @@ public class CustomerController {
return customerService.getById(id);
}
@GetMapping("/{id}/summary")
public ResponseEntity<Map<String, Object>> getSummary(@PathVariable("id") Long id) {
return ResponseEntity.ok(customerService.getCustomerSummary(id));
}
@PutMapping("/{id}")
public CustomerResponse update(
@PathVariable("id") long id, @Valid @RequestBody CustomerRequest request) {
return customerService.update(id, request);
}
@PatchMapping("/{id}/freeze")
public ResponseEntity<Void> freeze(@PathVariable Long id) {
customerService.toggleFreeze(id, true);
return ResponseEntity.ok().build();
}
@PatchMapping("/{id}/unfreeze")
public ResponseEntity<Void> unfreeze(@PathVariable Long id) {
customerService.toggleFreeze(id, false);
return ResponseEntity.ok().build();
}
@DeleteMapping("/{id}")
@ResponseStatus(HttpStatus.NO_CONTENT)
public void delete(@PathVariable("id") long id) {
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/device/DeviceController.java
+80
View File
@@ -0,0 +1,80 @@
package cn.craftlabs.platform.api.device;
import cn.craftlabs.platform.api.service.DeviceService;
import cn.craftlabs.platform.api.web.dto.DeviceBindingResponse;
import cn.craftlabs.platform.api.web.dto.DeviceCreateRequest;
import cn.craftlabs.platform.api.web.dto.DeviceResponse;
import cn.craftlabs.platform.api.web.dto.DeviceSwapRequestDto;
import cn.craftlabs.platform.api.web.dto.PageResponse;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
import org.springframework.http.HttpStatus;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.server.ResponseStatusException;
import java.util.List;
@RestController
@RequestMapping("/api/v1/devices")
@Validated
public class DeviceController {
private final DeviceService deviceService;
public DeviceController(DeviceService deviceService) {
this.deviceService = deviceService;
}
@GetMapping
public PageResponse<DeviceResponse> list(
@RequestParam(value = "page", defaultValue = "0") @Min(0) int page,
@RequestParam(value = "size", defaultValue = "20") @Min(1) @Max(200) int size,
@RequestParam(value = "customerId", required = false) Long customerId,
@RequestParam(value = "site", required = false) String site,
@RequestParam(value = "snCode", required = false) String snCode) {
return deviceService.listDevices(page, size, customerId, site, snCode);
}
@GetMapping("/{id}")
public DeviceResponse get(@PathVariable("id") long id) {
DeviceResponse result = deviceService.getDevice(id);
if (result == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "Device not found: " + id);
}
return result;
}
@PostMapping
public DeviceResponse create(@Valid @RequestBody DeviceCreateRequest request) {
return deviceService.createDevice(request);
}
@PutMapping("/{id}")
public DeviceResponse update(@PathVariable("id") long id, @Valid @RequestBody DeviceCreateRequest request) {
DeviceResponse result = deviceService.updateDevice(id, request);
if (result == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "Device not found: " + id);
}
return result;
}
@GetMapping("/{id}/bindings")
public List<DeviceBindingResponse> bindings(@PathVariable("id") long id) {
return deviceService.getBindings(id);
}
@PostMapping("/{id}/swap-request")
public void swapRequest(@PathVariable("id") long id, @Valid @RequestBody DeviceSwapRequestDto request) {
request.setOldDeviceId(id);
deviceService.createSwapRequest(request);
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/domain/CustomerStatus.java
+1
View File
@@ -4,6 +4,7 @@ public final class CustomerStatus {
public static final String ACTIVE = "ACTIVE";
public static final String INACTIVE = "INACTIVE";
public static final String FROZEN = "FROZEN";
private CustomerStatus() {}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/domain/DeviceStatus.java
+5
View File
@@ -0,0 +1,5 @@
package cn.craftlabs.platform.api.domain;
public enum DeviceStatus {
ACTIVE, INACTIVE, DECOMMISSIONED
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/domain/TodoPriority.java
+5
View File
@@ -0,0 +1,5 @@
package cn.craftlabs.platform.api.domain;
public enum TodoPriority {
HIGH, MEDIUM, LOW
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/domain/TodoStatus.java
+5
View File
@@ -0,0 +1,5 @@
package cn.craftlabs.platform.api.domain;
public enum TodoStatus {
PENDING, PROCESSED, IGNORED
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/integration/IntegrationCatalogController.java
+130
View File
@@ -1,14 +1,28 @@
package cn.craftlabs.platform.api.integration;
import cn.craftlabs.platform.api.persistence.integration.PlatformBitanswerIdMapping;
import cn.craftlabs.platform.api.persistence.integration.PlatformJsonTemplate;
import cn.craftlabs.platform.api.service.IntegrationCatalogService;
import cn.craftlabs.platform.api.web.dto.IntegrationEnvironmentRequest;
import cn.craftlabs.platform.api.web.dto.IntegrationEnvironmentResponse;
import cn.craftlabs.platform.api.web.dto.PageResponse;
import cn.craftlabs.platform.api.web.dto.ProductLineRequest;
import cn.craftlabs.platform.api.web.dto.ProductLineResponse;
import cn.craftlabs.platform.api.web.dto.SkuMappingRequest;
import cn.craftlabs.platform.api.web.dto.SkuMappingResponse;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
import org.springframework.validation.annotation.Validated;
import java.util.List;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.security.access.prepost.PreAuthorize;
@@ -49,4 +63,120 @@ public class IntegrationCatalogController {
public IntegrationEnvironmentResponse getEnvironment(@PathVariable("id") long id) {
return integrationCatalogService.getEnvironment(id);
}
@PostMapping("/environments")
public IntegrationEnvironmentResponse createEnvironment(@Valid @RequestBody IntegrationEnvironmentRequest body) {
return integrationCatalogService.createEnvironment(body);
}
@PutMapping("/environments/{id}")
public IntegrationEnvironmentResponse updateEnvironment(
@PathVariable("id") long id, @Valid @RequestBody IntegrationEnvironmentRequest body) {
return integrationCatalogService.updateEnvironment(id, body);
}
@DeleteMapping("/environments/{id}")
public void deleteEnvironment(@PathVariable("id") long id) {
integrationCatalogService.deleteEnvironment(id);
}
@PostMapping("/product-lines")
public ProductLineResponse createProductLine(@Valid @RequestBody ProductLineRequest body) {
return integrationCatalogService.createProductLine(body);
}
@PutMapping("/product-lines/{id}")
public ProductLineResponse updateProductLine(
@PathVariable("id") long id, @Valid @RequestBody ProductLineRequest body) {
return integrationCatalogService.updateProductLine(id, body);
}
@DeleteMapping("/product-lines/{id}")
public void deleteProductLine(@PathVariable("id") long id) {
integrationCatalogService.deleteProductLine(id);
}
@GetMapping("/id-mappings")
public ResponseEntity<List<PlatformBitanswerIdMapping>> listIdMappings(
@RequestParam(value = "productLineId", required = false) Long productLineId,
@RequestParam(value = "environmentId", required = false) Long environmentId) {
return ResponseEntity.ok(integrationCatalogService.listIdMappings(productLineId, environmentId));
}
@PostMapping("/id-mappings")
public ResponseEntity<PlatformBitanswerIdMapping> createIdMapping(@RequestBody PlatformBitanswerIdMapping body) {
return ResponseEntity.ok(integrationCatalogService.createIdMapping(body));
}
@PutMapping("/id-mappings/{id}")
public ResponseEntity<PlatformBitanswerIdMapping> updateIdMapping(
@PathVariable Long id, @RequestBody PlatformBitanswerIdMapping body) {
PlatformBitanswerIdMapping result = integrationCatalogService.updateIdMapping(id, body);
return result != null ? ResponseEntity.ok(result) : ResponseEntity.notFound().build();
}
@DeleteMapping("/id-mappings/{id}")
public ResponseEntity<Void> deleteIdMapping(@PathVariable Long id) {
integrationCatalogService.deleteIdMapping(id);
return ResponseEntity.ok().build();
}
@GetMapping("/json-templates")
public ResponseEntity<java.util.List<PlatformJsonTemplate>> listJsonTemplates() {
return ResponseEntity.ok(integrationCatalogService.listJsonTemplates());
}
@GetMapping("/json-templates/{id}")
public ResponseEntity<PlatformJsonTemplate> getJsonTemplate(@PathVariable Long id) {
PlatformJsonTemplate t = integrationCatalogService.getJsonTemplate(id);
return t != null ? ResponseEntity.ok(t) : ResponseEntity.notFound().build();
}
@PostMapping("/json-templates")
public ResponseEntity<PlatformJsonTemplate> createJsonTemplate(@RequestBody PlatformJsonTemplate body) {
return ResponseEntity.ok(integrationCatalogService.createJsonTemplate(body));
}
@PutMapping("/json-templates/{id}")
public ResponseEntity<PlatformJsonTemplate> updateJsonTemplate(
@PathVariable Long id, @RequestBody PlatformJsonTemplate body) {
PlatformJsonTemplate result = integrationCatalogService.updateJsonTemplate(id, body);
return result != null ? ResponseEntity.ok(result) : ResponseEntity.notFound().build();
}
@DeleteMapping("/json-templates/{id}")
public ResponseEntity<Void> deleteJsonTemplate(@PathVariable Long id) {
integrationCatalogService.deleteJsonTemplate(id);
return ResponseEntity.ok().build();
}
@GetMapping("/feature-mappings")
public ResponseEntity<List<PlatformBitanswerIdMapping>> listFeatureMappings(
@RequestParam(value = "productLineId", required = false) Long productLineId) {
return ResponseEntity.ok(integrationCatalogService.listFeatureMappings(productLineId));
}
@GetMapping("/sku-mappings")
public ResponseEntity<List<SkuMappingResponse>> listSkuMappings(
@RequestParam(value = "contractLineId", required = false) Long contractLineId) {
return ResponseEntity.ok(integrationCatalogService.listSkuMappings(contractLineId));
}
@PostMapping("/sku-mappings")
public ResponseEntity<SkuMappingResponse> createSkuMapping(
@RequestParam Long contractLineId, @Valid @RequestBody SkuMappingRequest body) {
return ResponseEntity.ok(integrationCatalogService.createSkuMapping(contractLineId, body));
}
@PutMapping("/sku-mappings/{id}")
public ResponseEntity<SkuMappingResponse> updateSkuMapping(
@PathVariable Long id, @Valid @RequestBody SkuMappingRequest body) {
return ResponseEntity.ok(integrationCatalogService.updateSkuMapping(id, body));
}
@DeleteMapping("/sku-mappings/{id}")
public ResponseEntity<Void> deleteSkuMapping(@PathVariable Long id) {
integrationCatalogService.deleteSkuMapping(id);
return ResponseEntity.ok().build();
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/license/LicenseController.java
+1 -1
View File
@@ -22,7 +22,7 @@ public class LicenseController {
try {
return ResponseEntity.ok(licenseService.create(request));
} catch (Exception e) {
return ResponseEntity.internalServerError().body(Map.of("error", e.getMessage()));
throw new RuntimeException(e);
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/license/LicenseSnController.java
+8
View File
@@ -6,10 +6,12 @@ import cn.craftlabs.platform.api.web.dto.LicenseSnResponse;
import cn.craftlabs.platform.api.web.dto.LicenseSnStatusPatchRequest;
import cn.craftlabs.platform.api.web.dto.LicenseSnUpdateRequest;
import cn.craftlabs.platform.api.web.dto.PageResponse;
import cn.craftlabs.platform.api.web.dto.SnBatchImportRequest;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
@@ -21,6 +23,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import java.util.Map;
@RestController
@RequestMapping("/api/v1/license-sns")
@@ -65,4 +68,9 @@ public class LicenseSnController {
@PathVariable("id") long id, @Valid @RequestBody LicenseSnStatusPatchRequest request) {
return licenseSnService.patchStatus(id, request);
}
@PostMapping("/batch-import")
public ResponseEntity<Map<String, Object>> batchImport(@RequestBody SnBatchImportRequest request) {
return ResponseEntity.ok(licenseSnService.batchImport(request));
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/attachment/PlatformContractAttachment.java
+44
View File
@@ -0,0 +1,44 @@
package cn.craftlabs.platform.api.persistence.attachment;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_contract_attachment")
public class PlatformContractAttachment {
@TableId(type = IdType.AUTO)
private Long id;
@TableField("contract_id")
private Long contractId;
@TableField("file_name")
private String fileName;
@TableField("file_path")
private String filePath;
@TableField("file_size")
private Long fileSize;
@TableField("content_type")
private String contentType;
@TableField("uploaded_by")
private String uploadedBy;
@TableField("created_at")
private OffsetDateTime createdAt;
public Long getId() { return id; }
public void setId(Long id) { this.id = id; }
public Long getContractId() { return contractId; }
public void setContractId(Long contractId) { this.contractId = contractId; }
public String getFileName() { return fileName; }
public void setFileName(String fileName) { this.fileName = fileName; }
public String getFilePath() { return filePath; }
public void setFilePath(String filePath) { this.filePath = filePath; }
public Long getFileSize() { return fileSize; }
public void setFileSize(Long fileSize) { this.fileSize = fileSize; }
public String getContentType() { return contentType; }
public void setContentType(String contentType) { this.contentType = contentType; }
public String getUploadedBy() { return uploadedBy; }
public void setUploadedBy(String uploadedBy) { this.uploadedBy = uploadedBy; }
public OffsetDateTime getCreatedAt() { return createdAt; }
public void setCreatedAt(OffsetDateTime createdAt) { this.createdAt = createdAt; }
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/attachment/PlatformContractAttachmentMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.attachment;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformContractAttachmentMapper extends BaseMapper<PlatformContractAttachment> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/auth/PlatformLoginAttempt.java
+65
View File
@@ -0,0 +1,65 @@
package cn.craftlabs.platform.api.persistence.auth;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_login_attempt")
public class PlatformLoginAttempt {
@TableId(type = IdType.AUTO)
private Long id;
private String username;
private Boolean success;
@TableField("ip_address")
private String ipAddress;
@TableField("attempted_at")
private OffsetDateTime attemptedAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public Boolean getSuccess() {
return success;
}
public void setSuccess(Boolean success) {
this.success = success;
}
public String getIpAddress() {
return ipAddress;
}
public void setIpAddress(String ipAddress) {
this.ipAddress = ipAddress;
}
public OffsetDateTime getAttemptedAt() {
return attemptedAt;
}
public void setAttemptedAt(OffsetDateTime attemptedAt) {
this.attemptedAt = attemptedAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/auth/PlatformLoginAttemptMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.auth;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformLoginAttemptMapper extends BaseMapper<PlatformLoginAttempt> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/auth/PlatformUser.java
+58
View File
@@ -0,0 +1,58 @@
package cn.craftlabs.platform.api.persistence.auth;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_user")
public class PlatformUser {
@TableId
private Long id;
@TableField("username")
private String username;
@TableField("display_name")
private String displayName;
@TableField("password_hash")
private String passwordHash;
@TableField("role")
private String role;
@TableField("status")
private String status;
@TableField("created_at")
private OffsetDateTime createdAt;
@TableField("updated_at")
private OffsetDateTime updatedAt;
public Long getId() { return id; }
public void setId(Long id) { this.id = id; }
public String getUsername() { return username; }
public void setUsername(String username) { this.username = username; }
public String getDisplayName() { return displayName; }
public void setDisplayName(String displayName) { this.displayName = displayName; }
public String getPasswordHash() { return passwordHash; }
public void setPasswordHash(String passwordHash) { this.passwordHash = passwordHash; }
public String getRole() { return role; }
public void setRole(String role) { this.role = role; }
public String getStatus() { return status; }
public void setStatus(String status) { this.status = status; }
public OffsetDateTime getCreatedAt() { return createdAt; }
public void setCreatedAt(OffsetDateTime createdAt) { this.createdAt = createdAt; }
public OffsetDateTime getUpdatedAt() { return updatedAt; }
public void setUpdatedAt(OffsetDateTime updatedAt) { this.updatedAt = updatedAt; }
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/auth/PlatformUserMapper.java
+8
View File
@@ -0,0 +1,8 @@
package cn.craftlabs.platform.api.persistence.auth;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformUserMapper extends BaseMapper<PlatformUser> {
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/contract/PlatformContract.java
+56
View File
@@ -5,6 +5,7 @@ import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.LocalDate;
import java.time.OffsetDateTime;
@TableName("platform_contract")
@@ -25,6 +26,21 @@ public class PlatformContract {
private String status;
@TableField("signing_date")
private LocalDate signingDate;
@TableField("effective_date")
private LocalDate effectiveDate;
@TableField("end_date")
private LocalDate endDate;
@TableField("external_order_id")
private String externalOrderId;
@TableField("internal_order_id")
private String internalOrderId;
@TableField("created_at")
private OffsetDateTime createdAt;
@@ -79,6 +95,46 @@ public class PlatformContract {
this.status = status;
}
public LocalDate getSigningDate() {
return signingDate;
}
public void setSigningDate(LocalDate signingDate) {
this.signingDate = signingDate;
}
public LocalDate getEffectiveDate() {
return effectiveDate;
}
public void setEffectiveDate(LocalDate effectiveDate) {
this.effectiveDate = effectiveDate;
}
public LocalDate getEndDate() {
return endDate;
}
public void setEndDate(LocalDate endDate) {
this.endDate = endDate;
}
public String getExternalOrderId() {
return externalOrderId;
}
public void setExternalOrderId(String externalOrderId) {
this.externalOrderId = externalOrderId;
}
public String getInternalOrderId() {
return internalOrderId;
}
public void setInternalOrderId(String internalOrderId) {
this.internalOrderId = internalOrderId;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/contract/PlatformContractChange.java
+119
View File
@@ -0,0 +1,119 @@
package cn.craftlabs.platform.api.persistence.contract;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_contract_change")
public class PlatformContractChange {
@TableId(type = IdType.AUTO)
private Long id;
@TableField("contract_id")
private Long contractId;
private Integer version;
@TableField("change_type")
private String changeType;
private String reason;
@TableField("change_summary")
private String changeSummary;
private String status;
@TableField("created_by")
private String createdBy;
@TableField("created_at")
private OffsetDateTime createdAt;
@TableField("completed_at")
private OffsetDateTime completedAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public Long getContractId() {
return contractId;
}
public void setContractId(Long contractId) {
this.contractId = contractId;
}
public Integer getVersion() {
return version;
}
public void setVersion(Integer version) {
this.version = version;
}
public String getChangeType() {
return changeType;
}
public void setChangeType(String changeType) {
this.changeType = changeType;
}
public String getReason() {
return reason;
}
public void setReason(String reason) {
this.reason = reason;
}
public String getChangeSummary() {
return changeSummary;
}
public void setChangeSummary(String changeSummary) {
this.changeSummary = changeSummary;
}
public String getStatus() {
return status;
}
public void setStatus(String status) {
this.status = status;
}
public String getCreatedBy() {
return createdBy;
}
public void setCreatedBy(String createdBy) {
this.createdBy = createdBy;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
public OffsetDateTime getCompletedAt() {
return completedAt;
}
public void setCompletedAt(OffsetDateTime completedAt) {
this.completedAt = completedAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/contract/PlatformContractChangeMapper.java
+8
View File
@@ -0,0 +1,8 @@
package cn.craftlabs.platform.api.persistence.contract;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformContractChangeMapper extends BaseMapper<PlatformContractChange> {
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/customer/PlatformCustomer.java
+53
View File
@@ -20,6 +20,19 @@ public class PlatformCustomer {
private String status;
private String industry;
private String address;
@TableField("billing_info")
private String billingInfo;
@TableField("customer_code")
private String customerCode;
@TableField("owner_user_id")
private String ownerUserId;
@TableField("created_at")
private OffsetDateTime createdAt;
@@ -58,6 +71,46 @@ public class PlatformCustomer {
this.status = status;
}
public String getIndustry() {
return industry;
}
public void setIndustry(String industry) {
this.industry = industry;
}
public String getAddress() {
return address;
}
public void setAddress(String address) {
this.address = address;
}
public String getBillingInfo() {
return billingInfo;
}
public void setBillingInfo(String billingInfo) {
this.billingInfo = billingInfo;
}
public String getCustomerCode() {
return customerCode;
}
public void setCustomerCode(String customerCode) {
this.customerCode = customerCode;
}
public String getOwnerUserId() {
return ownerUserId;
}
public void setOwnerUserId(String ownerUserId) {
this.ownerUserId = ownerUserId;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/delivery/PlatformDeliveryBatch.java
+44
View File
@@ -39,6 +39,18 @@ public class PlatformDeliveryBatch {
@TableField("updated_at")
private OffsetDateTime updatedAt;
@TableField("site_address")
private String siteAddress;
@TableField("network_requirements")
private String networkRequirements;
@TableField("site_contact")
private String siteContact;
@TableField("site_contact_phone")
private String siteContactPhone;
public Long getId() {
return id;
}
@@ -118,4 +130,36 @@ public class PlatformDeliveryBatch {
public void setUpdatedAt(OffsetDateTime updatedAt) {
this.updatedAt = updatedAt;
}
public String getSiteAddress() {
return siteAddress;
}
public void setSiteAddress(String siteAddress) {
this.siteAddress = siteAddress;
}
public String getNetworkRequirements() {
return networkRequirements;
}
public void setNetworkRequirements(String networkRequirements) {
this.networkRequirements = networkRequirements;
}
public String getSiteContact() {
return siteContact;
}
public void setSiteContact(String siteContact) {
this.siteContact = siteContact;
}
public String getSiteContactPhone() {
return siteContactPhone;
}
public void setSiteContactPhone(String siteContactPhone) {
this.siteContactPhone = siteContactPhone;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/device/PlatformDevice.java
+129
View File
@@ -0,0 +1,129 @@
package cn.craftlabs.platform.api.persistence.device;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_device")
public class PlatformDevice {
@TableId(type = IdType.AUTO)
private Long id;
private String mid;
private String alias;
private String site;
@TableField("customer_id")
private Long customerId;
@TableField("project_id")
private Long projectId;
private String status;
@TableField("first_seen_at")
private OffsetDateTime firstSeenAt;
@TableField("last_heartbeat_at")
private OffsetDateTime lastHeartbeatAt;
@TableField("created_at")
private OffsetDateTime createdAt;
@TableField("updated_at")
private OffsetDateTime updatedAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getMid() {
return mid;
}
public void setMid(String mid) {
this.mid = mid;
}
public String getAlias() {
return alias;
}
public void setAlias(String alias) {
this.alias = alias;
}
public String getSite() {
return site;
}
public void setSite(String site) {
this.site = site;
}
public Long getCustomerId() {
return customerId;
}
public void setCustomerId(Long customerId) {
this.customerId = customerId;
}
public Long getProjectId() {
return projectId;
}
public void setProjectId(Long projectId) {
this.projectId = projectId;
}
public String getStatus() {
return status;
}
public void setStatus(String status) {
this.status = status;
}
public OffsetDateTime getFirstSeenAt() {
return firstSeenAt;
}
public void setFirstSeenAt(OffsetDateTime firstSeenAt) {
this.firstSeenAt = firstSeenAt;
}
public OffsetDateTime getLastHeartbeatAt() {
return lastHeartbeatAt;
}
public void setLastHeartbeatAt(OffsetDateTime lastHeartbeatAt) {
this.lastHeartbeatAt = lastHeartbeatAt;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
public OffsetDateTime getUpdatedAt() {
return updatedAt;
}
public void setUpdatedAt(OffsetDateTime updatedAt) {
this.updatedAt = updatedAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/device/PlatformDeviceMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.device;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformDeviceMapper extends BaseMapper<PlatformDevice> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/device/PlatformDeviceSnBinding.java
+88
View File
@@ -0,0 +1,88 @@
package cn.craftlabs.platform.api.persistence.device;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_device_sn_binding")
public class PlatformDeviceSnBinding {
@TableId(type = IdType.AUTO)
private Long id;
@TableField("device_id")
private Long deviceId;
@TableField("license_sn_id")
private Long licenseSnId;
@TableField("bind_type")
private String bindType;
@TableField("bind_at")
private OffsetDateTime bindAt;
private String remark;
@TableField("created_at")
private OffsetDateTime createdAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public Long getDeviceId() {
return deviceId;
}
public void setDeviceId(Long deviceId) {
this.deviceId = deviceId;
}
public Long getLicenseSnId() {
return licenseSnId;
}
public void setLicenseSnId(Long licenseSnId) {
this.licenseSnId = licenseSnId;
}
public String getBindType() {
return bindType;
}
public void setBindType(String bindType) {
this.bindType = bindType;
}
public OffsetDateTime getBindAt() {
return bindAt;
}
public void setBindAt(OffsetDateTime bindAt) {
this.bindAt = bindAt;
}
public String getRemark() {
return remark;
}
public void setRemark(String remark) {
this.remark = remark;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/device/PlatformDeviceSnBindingMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.device;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformDeviceSnBindingMapper extends BaseMapper<PlatformDeviceSnBinding> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/device/PlatformDeviceSwapRequest.java
+119
View File
@@ -0,0 +1,119 @@
package cn.craftlabs.platform.api.persistence.device;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_device_swap_request")
public class PlatformDeviceSwapRequest {
@TableId(type = IdType.AUTO)
private Long id;
@TableField("old_device_id")
private Long oldDeviceId;
@TableField("new_mid")
private String newMid;
@TableField("sn_id")
private Long snId;
private String reason;
private String status;
@TableField("processed_by")
private String processedBy;
@TableField("processed_at")
private OffsetDateTime processedAt;
private String remark;
@TableField("created_at")
private OffsetDateTime createdAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public Long getOldDeviceId() {
return oldDeviceId;
}
public void setOldDeviceId(Long oldDeviceId) {
this.oldDeviceId = oldDeviceId;
}
public String getNewMid() {
return newMid;
}
public void setNewMid(String newMid) {
this.newMid = newMid;
}
public Long getSnId() {
return snId;
}
public void setSnId(Long snId) {
this.snId = snId;
}
public String getReason() {
return reason;
}
public void setReason(String reason) {
this.reason = reason;
}
public String getStatus() {
return status;
}
public void setStatus(String status) {
this.status = status;
}
public String getProcessedBy() {
return processedBy;
}
public void setProcessedBy(String processedBy) {
this.processedBy = processedBy;
}
public OffsetDateTime getProcessedAt() {
return processedAt;
}
public void setProcessedAt(OffsetDateTime processedAt) {
this.processedAt = processedAt;
}
public String getRemark() {
return remark;
}
public void setRemark(String remark) {
this.remark = remark;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/device/PlatformDeviceSwapRequestMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.device;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformDeviceSwapRequestMapper extends BaseMapper<PlatformDeviceSwapRequest> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/integration/PlatformBitanswerIdMapping.java
+122
View File
@@ -0,0 +1,122 @@
package cn.craftlabs.platform.api.persistence.integration;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_bitanswer_id_mapping")
public class PlatformBitanswerIdMapping {
@TableId(type = IdType.AUTO)
private Long id;
@TableField("product_line_id")
private Long productLineId;
@TableField("environment_id")
private Long environmentId;
@TableField("bitanswer_product_id")
private String bitanswerProductId;
@TableField("bitanswer_template_id")
private String bitanswerTemplateId;
@TableField("bitanswer_business_id")
private String bitanswerBusinessId;
@TableField("feature_key")
private String featureKey;
@TableField("bitanswer_feature_id")
private String bitanswerFeatureId;
@TableField("created_at")
private OffsetDateTime createdAt;
@TableField("updated_at")
private OffsetDateTime updatedAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public Long getProductLineId() {
return productLineId;
}
public void setProductLineId(Long productLineId) {
this.productLineId = productLineId;
}
public Long getEnvironmentId() {
return environmentId;
}
public void setEnvironmentId(Long environmentId) {
this.environmentId = environmentId;
}
public String getBitanswerProductId() {
return bitanswerProductId;
}
public void setBitanswerProductId(String bitanswerProductId) {
this.bitanswerProductId = bitanswerProductId;
}
public String getBitanswerTemplateId() {
return bitanswerTemplateId;
}
public void setBitanswerTemplateId(String bitanswerTemplateId) {
this.bitanswerTemplateId = bitanswerTemplateId;
}
public String getBitanswerBusinessId() {
return bitanswerBusinessId;
}
public void setBitanswerBusinessId(String bitanswerBusinessId) {
this.bitanswerBusinessId = bitanswerBusinessId;
}
public String getFeatureKey() {
return featureKey;
}
public void setFeatureKey(String featureKey) {
this.featureKey = featureKey;
}
public String getBitanswerFeatureId() {
return bitanswerFeatureId;
}
public void setBitanswerFeatureId(String bitanswerFeatureId) {
this.bitanswerFeatureId = bitanswerFeatureId;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
public OffsetDateTime getUpdatedAt() {
return updatedAt;
}
public void setUpdatedAt(OffsetDateTime updatedAt) {
this.updatedAt = updatedAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/integration/PlatformBitanswerIdMappingMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.integration;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformBitanswerIdMappingMapper extends BaseMapper<PlatformBitanswerIdMapping> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/integration/PlatformJsonTemplate.java
+109
View File
@@ -0,0 +1,109 @@
package cn.craftlabs.platform.api.persistence.integration;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_json_template")
public class PlatformJsonTemplate {
@TableId(type = IdType.AUTO)
private Long id;
private String name;
private Integer version;
@TableField("template_content")
private String templateContent;
@TableField("schema_version")
private Integer schemaVersion;
@TableField("change_notes")
private String changeNotes;
@TableField("created_by")
private String createdBy;
@TableField("created_at")
private OffsetDateTime createdAt;
@TableField("updated_at")
private OffsetDateTime updatedAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Integer getVersion() {
return version;
}
public void setVersion(Integer version) {
this.version = version;
}
public String getTemplateContent() {
return templateContent;
}
public void setTemplateContent(String templateContent) {
this.templateContent = templateContent;
}
public Integer getSchemaVersion() {
return schemaVersion;
}
public void setSchemaVersion(Integer schemaVersion) {
this.schemaVersion = schemaVersion;
}
public String getChangeNotes() {
return changeNotes;
}
public void setChangeNotes(String changeNotes) {
this.changeNotes = changeNotes;
}
public String getCreatedBy() {
return createdBy;
}
public void setCreatedBy(String createdBy) {
this.createdBy = createdBy;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
public OffsetDateTime getUpdatedAt() {
return updatedAt;
}
public void setUpdatedAt(OffsetDateTime updatedAt) {
this.updatedAt = updatedAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/integration/PlatformJsonTemplateMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.integration;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformJsonTemplateMapper extends BaseMapper<PlatformJsonTemplate> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/integration/PlatformSkuMapping.java
+122
View File
@@ -0,0 +1,122 @@
package cn.craftlabs.platform.api.persistence.integration;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_sku_mapping")
public class PlatformSkuMapping {
@TableId(type = IdType.AUTO)
private Long id;
@TableField("contract_line_id")
private Long contractLineId;
@TableField("sku_code")
private String skuCode;
@TableField("sku_name")
private String skuName;
@TableField("bitanswer_product_id")
private String bitanswerProductId;
@TableField("bitanswer_template_id")
private String bitanswerTemplateId;
@TableField("bitanswer_feature_id")
private String bitanswerFeatureId;
@TableField
private Integer quantity;
@TableField("created_at")
private OffsetDateTime createdAt;
@TableField("updated_at")
private OffsetDateTime updatedAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public Long getContractLineId() {
return contractLineId;
}
public void setContractLineId(Long contractLineId) {
this.contractLineId = contractLineId;
}
public String getSkuCode() {
return skuCode;
}
public void setSkuCode(String skuCode) {
this.skuCode = skuCode;
}
public String getSkuName() {
return skuName;
}
public void setSkuName(String skuName) {
this.skuName = skuName;
}
public String getBitanswerProductId() {
return bitanswerProductId;
}
public void setBitanswerProductId(String bitanswerProductId) {
this.bitanswerProductId = bitanswerProductId;
}
public String getBitanswerTemplateId() {
return bitanswerTemplateId;
}
public void setBitanswerTemplateId(String bitanswerTemplateId) {
this.bitanswerTemplateId = bitanswerTemplateId;
}
public String getBitanswerFeatureId() {
return bitanswerFeatureId;
}
public void setBitanswerFeatureId(String bitanswerFeatureId) {
this.bitanswerFeatureId = bitanswerFeatureId;
}
public Integer getQuantity() {
return quantity;
}
public void setQuantity(Integer quantity) {
this.quantity = quantity;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
public OffsetDateTime getUpdatedAt() {
return updatedAt;
}
public void setUpdatedAt(OffsetDateTime updatedAt) {
this.updatedAt = updatedAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/integration/PlatformSkuMappingMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.integration;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformSkuMappingMapper extends BaseMapper<PlatformSkuMapping> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/license/PlatformLicenseSn.java
+11
View File
@@ -27,6 +27,9 @@ public class PlatformLicenseSn {
@TableField("activation_remark")
private String activationRemark;
@TableField("sn_tag")
private String snTag;
@TableField("created_at")
private OffsetDateTime createdAt;
@@ -81,6 +84,14 @@ public class PlatformLicenseSn {
this.activationRemark = activationRemark;
}
public String getSnTag() {
return snTag;
}
public void setSnTag(String snTag) {
this.snTag = snTag;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/project/PlatformProject.java
+45
View File
@@ -5,6 +5,7 @@ import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.LocalDate;
import java.time.OffsetDateTime;
@TableName("platform_project")
@@ -26,6 +27,18 @@ public class PlatformProject {
@TableField("updated_at")
private OffsetDateTime updatedAt;
@TableField("planned_start_date")
private LocalDate plannedStartDate;
@TableField("planned_end_date")
private LocalDate plannedEndDate;
@TableField("project_manager")
private String projectManager;
@TableField("owner_user_id")
private String ownerUserId;
public Long getId() {
return id;
}
@@ -73,4 +86,36 @@ public class PlatformProject {
public void setUpdatedAt(OffsetDateTime updatedAt) {
this.updatedAt = updatedAt;
}
public LocalDate getPlannedStartDate() {
return plannedStartDate;
}
public void setPlannedStartDate(LocalDate plannedStartDate) {
this.plannedStartDate = plannedStartDate;
}
public LocalDate getPlannedEndDate() {
return plannedEndDate;
}
public void setPlannedEndDate(LocalDate plannedEndDate) {
this.plannedEndDate = plannedEndDate;
}
public String getProjectManager() {
return projectManager;
}
public void setProjectManager(String projectManager) {
this.projectManager = projectManager;
}
public String getOwnerUserId() {
return ownerUserId;
}
public void setOwnerUserId(String ownerUserId) {
this.ownerUserId = ownerUserId;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/project/PlatformProjectStakeholder.java
+98
View File
@@ -0,0 +1,98 @@
package cn.craftlabs.platform.api.persistence.project;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_project_stakeholder")
public class PlatformProjectStakeholder {
@TableId(type = IdType.AUTO)
private Long id;
@TableField("project_id")
private Long projectId;
@TableField("contact_name")
private String contactName;
@TableField("contact_role")
private String contactRole;
private String phone;
private String email;
@TableField("is_internal")
private Boolean isInternal;
@TableField("created_at")
private OffsetDateTime createdAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public Long getProjectId() {
return projectId;
}
public void setProjectId(Long projectId) {
this.projectId = projectId;
}
public String getContactName() {
return contactName;
}
public void setContactName(String contactName) {
this.contactName = contactName;
}
public String getContactRole() {
return contactRole;
}
public void setContactRole(String contactRole) {
this.contactRole = contactRole;
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public Boolean getIsInternal() {
return isInternal;
}
public void setIsInternal(Boolean isInternal) {
this.isInternal = isInternal;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/project/PlatformProjectStakeholderMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.project;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformProjectStakeholderMapper extends BaseMapper<PlatformProjectStakeholder> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/system/PlatformSystemParam.java
+29
View File
@@ -0,0 +1,29 @@
package cn.craftlabs.platform.api.persistence.system;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_system_param")
public class PlatformSystemParam {
@TableId
@TableField("param_key")
private String paramKey;
@TableField("param_value")
private String paramValue;
@TableField("updated_at")
private OffsetDateTime updatedAt;
public String getParamKey() { return paramKey; }
public void setParamKey(String paramKey) { this.paramKey = paramKey; }
public String getParamValue() { return paramValue; }
public void setParamValue(String paramValue) { this.paramValue = paramValue; }
public OffsetDateTime getUpdatedAt() { return updatedAt; }
public void setUpdatedAt(OffsetDateTime updatedAt) { this.updatedAt = updatedAt; }
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/system/PlatformSystemParamMapper.java
+8
View File
@@ -0,0 +1,8 @@
package cn.craftlabs.platform.api.persistence.system;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformSystemParamMapper extends BaseMapper<PlatformSystemParam> {
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/todo/PlatformNotificationConfig.java
+111
View File
@@ -0,0 +1,111 @@
package cn.craftlabs.platform.api.persistence.todo;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_notification_config")
public class PlatformNotificationConfig {
@TableId(type = IdType.AUTO)
private Long id;
@TableField("role_code")
private String roleCode;
@TableField("channel_email")
private Boolean channelEmail;
@TableField("channel_wecom")
private Boolean channelWecom;
@TableField("channel_in_app")
private Boolean channelInApp;
@TableField("event_type")
private String eventType;
@TableField("aggregation_rule")
private String aggregationRule;
@TableField("created_at")
private OffsetDateTime createdAt;
@TableField("updated_at")
private OffsetDateTime updatedAt;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getRoleCode() {
return roleCode;
}
public void setRoleCode(String roleCode) {
this.roleCode = roleCode;
}
public Boolean getChannelEmail() {
return channelEmail;
}
public void setChannelEmail(Boolean channelEmail) {
this.channelEmail = channelEmail;
}
public Boolean getChannelWecom() {
return channelWecom;
}
public void setChannelWecom(Boolean channelWecom) {
this.channelWecom = channelWecom;
}
public Boolean getChannelInApp() {
return channelInApp;
}
public void setChannelInApp(Boolean channelInApp) {
this.channelInApp = channelInApp;
}
public String getEventType() {
return eventType;
}
public void setEventType(String eventType) {
this.eventType = eventType;
}
public String getAggregationRule() {
return aggregationRule;
}
public void setAggregationRule(String aggregationRule) {
this.aggregationRule = aggregationRule;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
public OffsetDateTime getUpdatedAt() {
return updatedAt;
}
public void setUpdatedAt(OffsetDateTime updatedAt) {
this.updatedAt = updatedAt;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/todo/PlatformNotificationConfigMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.todo;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformNotificationConfigMapper extends BaseMapper<PlatformNotificationConfig> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/todo/PlatformTodoItem.java
+140
View File
@@ -0,0 +1,140 @@
package cn.craftlabs.platform.api.persistence.todo;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.time.OffsetDateTime;
@TableName("platform_todo_item")
public class PlatformTodoItem {
@TableId(type = IdType.AUTO)
private Long id;
@TableField("todo_type")
private String todoType;
private String title;
@TableField("source_id")
private Long sourceId;
@TableField("source_type")
private String sourceType;
private String priority;
private String status;
@TableField("assigned_role")
private String assignedRole;
@TableField("assigned_user_id")
private String assignedUserId;
@TableField("created_at")
private OffsetDateTime createdAt;
@TableField("processed_at")
private OffsetDateTime processedAt;
private String remark;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getTodoType() {
return todoType;
}
public void setTodoType(String todoType) {
this.todoType = todoType;
}
public String getTitle() {
return title;
}
public void setTitle(String title) {
this.title = title;
}
public Long getSourceId() {
return sourceId;
}
public void setSourceId(Long sourceId) {
this.sourceId = sourceId;
}
public String getSourceType() {
return sourceType;
}
public void setSourceType(String sourceType) {
this.sourceType = sourceType;
}
public String getPriority() {
return priority;
}
public void setPriority(String priority) {
this.priority = priority;
}
public String getStatus() {
return status;
}
public void setStatus(String status) {
this.status = status;
}
public String getAssignedRole() {
return assignedRole;
}
public void setAssignedRole(String assignedRole) {
this.assignedRole = assignedRole;
}
public String getAssignedUserId() {
return assignedUserId;
}
public void setAssignedUserId(String assignedUserId) {
this.assignedUserId = assignedUserId;
}
public OffsetDateTime getCreatedAt() {
return createdAt;
}
public void setCreatedAt(OffsetDateTime createdAt) {
this.createdAt = createdAt;
}
public OffsetDateTime getProcessedAt() {
return processedAt;
}
public void setProcessedAt(OffsetDateTime processedAt) {
this.processedAt = processedAt;
}
public String getRemark() {
return remark;
}
public void setRemark(String remark) {
this.remark = remark;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/persistence/todo/PlatformTodoItemMapper.java
+7
View File
@@ -0,0 +1,7 @@
package cn.craftlabs.platform.api.persistence.todo;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface PlatformTodoItemMapper extends BaseMapper<PlatformTodoItem> {}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/preview/DocumentPreviewController.java
+84
View File
@@ -0,0 +1,84 @@
package cn.craftlabs.platform.api.preview;
import cn.craftlabs.platform.api.persistence.attachment.PlatformContractAttachment;
import cn.craftlabs.platform.api.persistence.attachment.PlatformContractAttachmentMapper;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.server.ResponseStatusException;
import java.util.Map;
@RestController
@RequestMapping("/api/v1/preview")
public class DocumentPreviewController {
private final PlatformContractAttachmentMapper attachmentMapper;
@Value("${onlyoffice.url:http://craftsupport.cn:8088}")
private String onlyofficeUrl;
public DocumentPreviewController(PlatformContractAttachmentMapper attachmentMapper) {
this.attachmentMapper = attachmentMapper;
}
@GetMapping("/{attachmentId}")
public ResponseEntity<Map<String, Object>> getPreviewConfig(@PathVariable("attachmentId") Long attachmentId) {
PlatformContractAttachment attachment = attachmentMapper.selectById(attachmentId);
if (attachment == null) {
throw new ResponseStatusException(org.springframework.http.HttpStatus.NOT_FOUND, "附件不存在");
}
String ext = "";
String fileName = attachment.getFileName();
if (fileName != null && fileName.contains(".")) {
ext = fileName.substring(fileName.lastIndexOf('.') + 1).toLowerCase();
}
Map<String, Object> config = new java.util.LinkedHashMap<>();
config.put("document", Map.of(
"fileType", ext,
"key", "attachment_" + attachmentId,
"title", attachment.getFileName(),
"url", getFileUrl(attachmentId),
"permissions", Map.of("download", false, "edit", false, "print", false)
));
config.put("editorConfig", Map.of(
"mode", "view",
"customization", Map.of("autosave", false, "chat", false, "compactHeader", true)
));
config.put("documentServerUrl", onlyofficeUrl);
return ResponseEntity.ok(config);
}
@GetMapping("/{attachmentId}/file")
public ResponseEntity<Resource> getFile(@PathVariable("attachmentId") Long attachmentId) {
PlatformContractAttachment attachment = attachmentMapper.selectById(attachmentId);
if (attachment == null) {
throw new ResponseStatusException(org.springframework.http.HttpStatus.NOT_FOUND, "附件不存在");
}
java.io.File file = new java.io.File(attachment.getFilePath());
if (!file.exists()) {
throw new ResponseStatusException(org.springframework.http.HttpStatus.NOT_FOUND, "文件不存在");
}
FileSystemResource resource = new FileSystemResource(file);
String contentType = attachment.getContentType();
if (contentType == null) contentType = "application/octet-stream";
return ResponseEntity.ok()
.contentType(MediaType.parseMediaType(contentType))
.header(HttpHeaders.CONTENT_DISPOSITION, "inline; filename=\"" + attachment.getFileName() + "\"")
.body(resource);
}
private String getFileUrl(Long attachmentId) {
return "/api/v1/preview/" + attachmentId + "/file";
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/project/ProjectController.java
+33 -1
View File
@@ -4,6 +4,8 @@ import cn.craftlabs.platform.api.service.ProjectService;
import cn.craftlabs.platform.api.web.dto.PageResponse;
import cn.craftlabs.platform.api.web.dto.ProjectRequest;
import cn.craftlabs.platform.api.web.dto.ProjectResponse;
import cn.craftlabs.platform.api.web.dto.StakeholderRequest;
import cn.craftlabs.platform.api.web.dto.StakeholderResponse;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Max;
import jakarta.validation.constraints.Min;
@@ -20,7 +22,8 @@ import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
/** 项目 API。{@code DELETE /{id}} 为<strong>物理删除</strong>。 */
import java.util.List;
@RestController
@RequestMapping("/api/v1/projects")
@Validated
@@ -62,4 +65,33 @@ public class ProjectController {
public void delete(@PathVariable("id") long id) {
projectService.delete(id);
}
@GetMapping("/{projectId}/stakeholders")
public List<StakeholderResponse> listStakeholders(@PathVariable("projectId") long projectId) {
return projectService.listStakeholders(projectId);
}
@PostMapping("/{projectId}/stakeholders")
@ResponseStatus(HttpStatus.CREATED)
public StakeholderResponse addStakeholder(
@PathVariable("projectId") long projectId,
@Valid @RequestBody StakeholderRequest request) {
return projectService.addStakeholder(projectId, request);
}
@PutMapping("/{projectId}/stakeholders/{id}")
public StakeholderResponse updateStakeholder(
@PathVariable("projectId") long projectId,
@PathVariable("id") long id,
@Valid @RequestBody StakeholderRequest request) {
return projectService.updateStakeholder(id, request);
}
@DeleteMapping("/{projectId}/stakeholders/{id}")
@ResponseStatus(HttpStatus.NO_CONTENT)
public void deleteStakeholder(
@PathVariable("projectId") long projectId,
@PathVariable("id") long id) {
projectService.deleteStakeholder(id);
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/report/ReportController.java
+70
View File
@@ -0,0 +1,70 @@
package cn.craftlabs.platform.api.report;
import cn.craftlabs.platform.api.service.ReportService;
import cn.craftlabs.platform.api.web.dto.CallbackStatsResponse;
import cn.craftlabs.platform.api.web.dto.ContractSnReportRow;
import cn.craftlabs.platform.api.web.dto.ProjectHealthRow;
import org.springframework.core.io.ByteArrayResource;
import org.springframework.core.io.Resource;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import java.nio.charset.StandardCharsets;
import java.time.LocalDate;
import java.util.List;
import java.util.Map;
@RestController
@RequestMapping("/api/v1/reports")
public class ReportController {
private final ReportService reportService;
public ReportController(ReportService reportService) {
this.reportService = reportService;
}
@GetMapping("/contract-sn")
public ResponseEntity<List<ContractSnReportRow>> getContractSnReport(
@RequestParam(value = "projectId", required = false) Long projectId,
@RequestParam(value = "contractId", required = false) Long contractId) {
List<ContractSnReportRow> rows = reportService.getContractSnReport(projectId, contractId);
return ResponseEntity.ok(rows);
}
@GetMapping("/sn-stats")
public ResponseEntity<Map<String, Long>> getSnStats() {
return ResponseEntity.ok(reportService.getSnStats());
}
@GetMapping("/callback-stats")
public ResponseEntity<CallbackStatsResponse> getCallbackStats(
@RequestParam(value = "from", required = false) String from,
@RequestParam(value = "to", required = false) String to) {
return ResponseEntity.ok(reportService.getCallbackStats(from, to));
}
@GetMapping("/export")
public ResponseEntity<Resource> exportReport(
@RequestParam(value = "type", defaultValue = "contract-sn") String type,
@RequestParam(value = "projectId", required = false) Long projectId,
@RequestParam(value = "contractId", required = false) Long contractId) {
String csv = reportService.exportReport(type, projectId, contractId);
byte[] bytes = csv.getBytes(StandardCharsets.UTF_8);
byte[] bom = {(byte) 0xEF, (byte) 0xBB, (byte) 0xBF};
byte[] withBom = new byte[bom.length + bytes.length];
System.arraycopy(bom, 0, withBom, 0, bom.length);
System.arraycopy(bytes, 0, withBom, bom.length, bytes.length);
ByteArrayResource resource = new ByteArrayResource(withBom);
return ResponseEntity.ok()
.header(HttpHeaders.CONTENT_DISPOSITION,
"attachment; filename=report-" + type + "-" + LocalDate.now() + ".csv")
.contentType(MediaType.parseMediaType("text/csv; charset=utf-8"))
.body(resource);
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/security/JwtService.java
+9
View File
@@ -44,4 +44,13 @@ public class JwtService {
public Claims parseAndValidate(String token) {
return Jwts.parser().verifyWith(key).build().parseSignedClaims(token).getPayload();
}
public String getCurrentUsername() {
var auth = org.springframework.security.core.context.SecurityContextHolder
.getContext().getAuthentication();
if (auth != null && auth.isAuthenticated()) {
return auth.getName();
}
return null;
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/security/PlatformRoles.java
+8 -8
View File
@@ -1,14 +1,14 @@
package cn.craftlabs.platform.api.security;
/**
* I7JWT {@code roles} 声明值(过滤器会加上 {@code ROLE_} 前缀)。
*/
public final class PlatformRoles {
public static final String SYS_ADMIN = "SYS_ADMIN";
public static final String DEVELOPER = "DEVELOPER";
/** 运营:Callback Inbox 等(不包含合同/交付等业务写接口的默认放宽)。 */
public static final String OPS = "OPS";
public static final String SALES = "SALES";
public static final String ORDER_SUPPORT = "ORDER_SUPPORT";
public static final String DELIVERY = "DELIVERY";
public static final String LICENSE_OPS = "LICENSE_OPS";
public static final String DEV_SUPPORT = "DEV_SUPPORT";
public static final String FINANCE_VIEW = "FINANCE_VIEW";
public static final String COMPLIANCE = "COMPLIANCE";
public static final String EXEC_VIEW = "EXEC_VIEW";
private PlatformRoles() {}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/AuditService.java
+34 -6
View File
@@ -47,14 +47,19 @@ public class AuditService {
auditEventMapper.insert(e);
}
@Transactional(readOnly = true)
public List<AuditEventResponse> searchAuditEvents(
String entityType, Long entityId, String from, String to, String userId) {
LambdaQueryWrapper<PlatformAuditEvent> q = buildQuery(entityType, entityId, from, to, userId);
return auditEventMapper.selectList(q).stream()
.map(this::toResponse)
.collect(Collectors.toList());
}
@Transactional(readOnly = true)
public PageResponse<AuditEventResponse> page(
String entityType, Long entityId, int page, int size) {
LambdaQueryWrapper<PlatformAuditEvent> q =
Wrappers.lambdaQuery(PlatformAuditEvent.class)
.eq(PlatformAuditEvent::getEntityType, entityType.trim())
.eq(PlatformAuditEvent::getEntityId, entityId)
.orderByDesc(PlatformAuditEvent::getId);
String entityType, Long entityId, String userId, int page, int size) {
LambdaQueryWrapper<PlatformAuditEvent> q = buildQuery(entityType, entityId, null, null, userId);
Page<PlatformAuditEvent> mpPage = new Page<>(page + 1L, size);
auditEventMapper.selectPage(mpPage, q);
List<AuditEventResponse> content =
@@ -62,6 +67,29 @@ public class AuditService {
return new PageResponse<>(content, mpPage.getTotal(), page, size);
}
private LambdaQueryWrapper<PlatformAuditEvent> buildQuery(
String entityType, Long entityId, String from, String to, String userId) {
LambdaQueryWrapper<PlatformAuditEvent> q =
Wrappers.lambdaQuery(PlatformAuditEvent.class)
.orderByDesc(PlatformAuditEvent::getId);
if (entityType != null && !entityType.isBlank()) {
q.eq(PlatformAuditEvent::getEntityType, entityType.trim());
}
if (entityId != null) {
q.eq(PlatformAuditEvent::getEntityId, entityId);
}
if (from != null && !from.isBlank()) {
q.ge(PlatformAuditEvent::getCreatedAt, OffsetDateTime.parse(from + "T00:00:00Z"));
}
if (to != null && !to.isBlank()) {
q.le(PlatformAuditEvent::getCreatedAt, OffsetDateTime.parse(to + "T23:59:59Z"));
}
if (userId != null && !userId.isBlank()) {
q.eq(PlatformAuditEvent::getActorUserId, userId.trim());
}
return q;
}
private AuditEventResponse toResponse(PlatformAuditEvent e) {
AuditEventResponse r = new AuditEventResponse();
r.setId(e.getId());
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/CallbackEventIngestService.java
+23 -1
View File
@@ -33,16 +33,19 @@ public class CallbackEventIngestService {
private final PlatformLicenseSnMapper licenseSnMapper;
private final PlatformContractLineMapper contractLineMapper;
private final ObjectMapper objectMapper;
private final DeviceService deviceService;
public CallbackEventIngestService(
PlatformCallbackInboxMapper inboxMapper,
PlatformLicenseSnMapper licenseSnMapper,
PlatformContractLineMapper contractLineMapper,
ObjectMapper objectMapper) {
ObjectMapper objectMapper,
DeviceService deviceService) {
this.inboxMapper = inboxMapper;
this.licenseSnMapper = licenseSnMapper;
this.contractLineMapper = contractLineMapper;
this.objectMapper = objectMapper;
this.deviceService = deviceService;
}
@Transactional
@@ -107,6 +110,12 @@ public class CallbackEventIngestService {
}
throw e;
}
if (row.getEventType() != null && row.getEventType().startsWith("device:")) {
String mid = extractMid(request.getRawPayload());
if (mid != null && row.getLicenseSnId() != null) {
deviceService.handleDeviceEvent(mid, row.getLicenseSnId());
}
}
return new CallbackEventIngestResponse(row.getId(), false);
}
@@ -157,6 +166,19 @@ public class CallbackEventIngestService {
}
}
private static String extractMid(JsonNode payload) {
if (payload == null || !payload.isObject()) return null;
JsonNode data = payload.get("data");
if (data != null && data.isObject()) {
JsonNode mid = data.get("mid");
if (mid != null && mid.isTextual()) {
String t = mid.asText();
if (org.springframework.util.StringUtils.hasText(t)) return t.trim();
}
}
return null;
}
private static String extractSnCode(JsonNode payload) {
if (payload == null || !payload.isObject()) {
return null;
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/CallbackInboxService.java
+30
View File
@@ -133,6 +133,9 @@ public class CallbackInboxService {
row.setStatus(to.name());
row.setProcessedAt(now);
row.setProcessedByUserId(currentActorId());
if (request.getFailureReason() != null) {
row.setFailureReason(request.getFailureReason());
}
row.setUpdatedAt(now);
inboxMapper.updateById(row);
auditService.record(
@@ -306,6 +309,33 @@ public class CallbackInboxService {
return r;
}
public Map<String, Object> getBacklogStats() {
long totalPending = inboxMapper.selectCount(
Wrappers.lambdaQuery(PlatformCallbackInbox.class)
.eq(PlatformCallbackInbox::getStatus, CallbackInboxStatus.PENDING));
long totalFailed = inboxMapper.selectCount(
Wrappers.lambdaQuery(PlatformCallbackInbox.class)
.eq(PlatformCallbackInbox::getStatus, CallbackInboxStatus.FAILED));
var oldestPending = inboxMapper.selectOne(
Wrappers.lambdaQuery(PlatformCallbackInbox.class)
.eq(PlatformCallbackInbox::getStatus, CallbackInboxStatus.PENDING)
.orderByAsc(PlatformCallbackInbox::getReceivedAt)
.last("LIMIT 1"));
double oldestHours = 0;
if (oldestPending != null && oldestPending.getReceivedAt() != null) {
oldestHours = java.time.Duration.between(
oldestPending.getReceivedAt(), OffsetDateTime.now()).toMinutes() / 60.0;
}
return java.util.Map.of(
"totalPending", totalPending,
"totalFailed", totalFailed,
"oldestPendingHours", Math.round(oldestHours * 10.0) / 10.0);
}
private static String currentActorId() {
var a = org.springframework.security.core.context.SecurityContextHolder.getContext().getAuthentication();
if (a == null || !a.isAuthenticated()) {
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/ContractService.java
+21
View File
@@ -27,6 +27,7 @@ import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ResponseStatusException;
import java.time.LocalDate;
import java.time.OffsetDateTime;
import java.time.ZoneOffset;
import java.util.LinkedHashMap;
@@ -68,6 +69,11 @@ public class ContractService {
c.setProjectId(request.getProjectId());
c.setTitle(blankToNull(request.getTitle()));
c.setRemarks(blankToNull(request.getRemarks()));
if (request.getSigningDate() != null) c.setSigningDate(LocalDate.parse(request.getSigningDate()));
if (request.getEffectiveDate() != null) c.setEffectiveDate(LocalDate.parse(request.getEffectiveDate()));
if (request.getEndDate() != null) c.setEndDate(LocalDate.parse(request.getEndDate()));
c.setExternalOrderId(request.getExternalOrderId());
c.setInternalOrderId(request.getInternalOrderId());
c.setStatus(ContractStatus.DRAFT.name());
c.setCreatedAt(now);
c.setUpdatedAt(now);
@@ -122,6 +128,11 @@ public class ContractService {
if (request.getRemarks() != null) {
c.setRemarks(blankToNull(request.getRemarks()));
}
if (request.getSigningDate() != null) c.setSigningDate(LocalDate.parse(request.getSigningDate()));
if (request.getEffectiveDate() != null) c.setEffectiveDate(LocalDate.parse(request.getEffectiveDate()));
if (request.getEndDate() != null) c.setEndDate(LocalDate.parse(request.getEndDate()));
if (request.getExternalOrderId() != null) c.setExternalOrderId(request.getExternalOrderId());
if (request.getInternalOrderId() != null) c.setInternalOrderId(request.getInternalOrderId());
c.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
contractMapper.updateById(c);
auditService.record(
@@ -321,6 +332,11 @@ public class ContractService {
m.put("projectId", c.getProjectId());
m.put("title", c.getTitle());
m.put("remarks", c.getRemarks());
m.put("signingDate", c.getSigningDate());
m.put("effectiveDate", c.getEffectiveDate());
m.put("endDate", c.getEndDate());
m.put("externalOrderId", c.getExternalOrderId());
m.put("internalOrderId", c.getInternalOrderId());
m.put("status", c.getStatus());
return m;
}
@@ -354,6 +370,11 @@ public class ContractService {
r.setTitle(c.getTitle());
r.setRemarks(c.getRemarks());
r.setStatus(c.getStatus());
r.setSigningDate(c.getSigningDate() != null ? c.getSigningDate().toString() : null);
r.setEffectiveDate(c.getEffectiveDate() != null ? c.getEffectiveDate().toString() : null);
r.setEndDate(c.getEndDate() != null ? c.getEndDate().toString() : null);
r.setExternalOrderId(c.getExternalOrderId());
r.setInternalOrderId(c.getInternalOrderId());
r.setCreatedAt(c.getCreatedAt());
r.setUpdatedAt(c.getUpdatedAt());
return r;
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/ContractStatusTransitionService.java
+67
View File
@@ -1,8 +1,15 @@
package cn.craftlabs.platform.api.service;
import cn.craftlabs.platform.api.domain.ContractStatus;
import cn.craftlabs.platform.api.persistence.contract.PlatformContract;
import cn.craftlabs.platform.api.persistence.contract.PlatformContractChange;
import cn.craftlabs.platform.api.persistence.contract.PlatformContractChangeMapper;
import cn.craftlabs.platform.api.persistence.contract.PlatformContractMapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import java.time.OffsetDateTime;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.server.ResponseStatusException;
/**
@@ -13,6 +20,14 @@ import org.springframework.web.server.ResponseStatusException;
@Service
public class ContractStatusTransitionService {
private final PlatformContractMapper contractMapper;
private final PlatformContractChangeMapper changeMapper;
public ContractStatusTransitionService(PlatformContractMapper contractMapper, PlatformContractChangeMapper changeMapper) {
this.contractMapper = contractMapper;
this.changeMapper = changeMapper;
}
public void requireTransition(ContractStatus from, ContractStatus to) {
if (from == to) {
return;
@@ -39,4 +54,56 @@ public class ContractStatusTransitionService {
}
return false;
}
@Transactional
public void initiateChange(Long contractId, String reason) {
PlatformContract c = contractMapper.selectById(contractId);
if (c == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "contract not found");
}
requireTransition(ContractStatus.valueOf(c.getStatus()), ContractStatus.CHANGING);
var query = Wrappers.lambdaQuery(PlatformContractChange.class)
.eq(PlatformContractChange::getContractId, contractId)
.orderByDesc(PlatformContractChange::getVersion);
PlatformContractChange latest = changeMapper.selectOne(query);
int nextVersion = latest != null ? latest.getVersion() + 1 : 1;
PlatformContractChange change = new PlatformContractChange();
change.setContractId(contractId);
change.setVersion(nextVersion);
change.setChangeType("AMENDMENT");
change.setReason(reason);
change.setStatus("DRAFT");
change.setCreatedAt(OffsetDateTime.now());
changeMapper.insert(change);
c.setStatus(ContractStatus.CHANGING.name());
c.setUpdatedAt(OffsetDateTime.now());
contractMapper.updateById(c);
}
@Transactional
public void completeChange(Long contractId) {
PlatformContract c = contractMapper.selectById(contractId);
if (c == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "contract not found");
}
requireTransition(ContractStatus.valueOf(c.getStatus()), ContractStatus.EFFECTIVE);
var query = Wrappers.lambdaQuery(PlatformContractChange.class)
.eq(PlatformContractChange::getContractId, contractId)
.eq(PlatformContractChange::getStatus, "DRAFT")
.orderByDesc(PlatformContractChange::getVersion);
PlatformContractChange change = changeMapper.selectOne(query);
if (change != null) {
change.setStatus("COMPLETED");
change.setCompletedAt(OffsetDateTime.now());
changeMapper.updateById(change);
}
c.setStatus(ContractStatus.EFFECTIVE.name());
c.setUpdatedAt(OffsetDateTime.now());
contractMapper.updateById(c);
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/CustomerService.java
+63 -1
View File
@@ -1,8 +1,15 @@
package cn.craftlabs.platform.api.service;
import cn.craftlabs.platform.api.domain.ContractStatus;
import cn.craftlabs.platform.api.domain.CustomerStatus;
import cn.craftlabs.platform.api.persistence.contract.PlatformContract;
import cn.craftlabs.platform.api.persistence.contract.PlatformContractMapper;
import cn.craftlabs.platform.api.persistence.customer.PlatformCustomer;
import cn.craftlabs.platform.api.persistence.customer.PlatformCustomerMapper;
import cn.craftlabs.platform.api.persistence.license.PlatformLicenseSn;
import cn.craftlabs.platform.api.persistence.license.PlatformLicenseSnMapper;
import cn.craftlabs.platform.api.persistence.project.PlatformProject;
import cn.craftlabs.platform.api.persistence.project.PlatformProjectMapper;
import cn.craftlabs.platform.api.web.dto.CustomerRequest;
import cn.craftlabs.platform.api.web.dto.CustomerResponse;
import cn.craftlabs.platform.api.web.dto.PageResponse;
@@ -18,15 +25,23 @@ import org.springframework.web.server.ResponseStatusException;
import java.time.OffsetDateTime;
import java.time.ZoneOffset;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
@Service
public class CustomerService {
private final PlatformCustomerMapper customerMapper;
private final PlatformProjectMapper projectMapper;
private final PlatformContractMapper contractMapper;
private final PlatformLicenseSnMapper licenseSnMapper;
public CustomerService(PlatformCustomerMapper customerMapper) {
public CustomerService(PlatformCustomerMapper customerMapper, PlatformProjectMapper projectMapper,
PlatformContractMapper contractMapper, PlatformLicenseSnMapper licenseSnMapper) {
this.customerMapper = customerMapper;
this.projectMapper = projectMapper;
this.contractMapper = contractMapper;
this.licenseSnMapper = licenseSnMapper;
}
@Transactional(readOnly = true)
@@ -49,6 +64,11 @@ public class CustomerService {
PlatformCustomer c = new PlatformCustomer();
c.setName(request.getName().trim());
c.setCreditCode(blankToNull(request.getCreditCode()));
c.setIndustry(blankToNull(request.getIndustry()));
c.setAddress(blankToNull(request.getAddress()));
c.setBillingInfo(blankToNull(request.getBillingInfo()));
c.setCustomerCode(blankToNull(request.getCustomerCode()));
c.setOwnerUserId(blankToNull(request.getOwnerUserId()));
c.setStatus(resolveStatusForCreate(request.getStatus()));
c.setCreatedAt(now);
c.setUpdatedAt(now);
@@ -75,6 +95,21 @@ public class CustomerService {
if (request.getCreditCode() != null) {
c.setCreditCode(blankToNull(request.getCreditCode()));
}
if (request.getIndustry() != null) {
c.setIndustry(blankToNull(request.getIndustry()));
}
if (request.getAddress() != null) {
c.setAddress(blankToNull(request.getAddress()));
}
if (request.getBillingInfo() != null) {
c.setBillingInfo(blankToNull(request.getBillingInfo()));
}
if (request.getCustomerCode() != null) {
c.setCustomerCode(blankToNull(request.getCustomerCode()));
}
if (request.getOwnerUserId() != null) {
c.setOwnerUserId(blankToNull(request.getOwnerUserId()));
}
if (StringUtils.hasText(request.getStatus())) {
c.setStatus(request.getStatus().trim());
}
@@ -97,6 +132,28 @@ public class CustomerService {
customerMapper.updateById(c);
}
@Transactional(readOnly = true)
public Map<String, Object> getCustomerSummary(Long customerId) {
Map<String, Object> result = new java.util.LinkedHashMap<>();
result.put("projectCount", projectMapper.selectCount(
Wrappers.lambdaQuery(PlatformProject.class)
.eq(PlatformProject::getCustomerId, customerId)));
result.put("contractCount", contractMapper.selectCount(
Wrappers.lambdaQuery(PlatformContract.class)
.eq(PlatformContract::getCustomerId, customerId)));
result.put("snCount", 0);
return result;
}
@Transactional
public void toggleFreeze(Long id, boolean frozen) {
PlatformCustomer customer = customerMapper.selectById(id);
if (customer == null) throw new ResponseStatusException(HttpStatus.NOT_FOUND);
customer.setStatus(frozen ? CustomerStatus.FROZEN : CustomerStatus.ACTIVE);
customer.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
customerMapper.updateById(customer);
}
@Transactional(readOnly = true)
public void requireExists(long id) {
if (customerMapper.selectById(id) == null) {
@@ -120,6 +177,11 @@ public class CustomerService {
r.setId(c.getId());
r.setName(c.getName());
r.setCreditCode(c.getCreditCode());
r.setIndustry(c.getIndustry());
r.setAddress(c.getAddress());
r.setBillingInfo(c.getBillingInfo());
r.setCustomerCode(c.getCustomerCode());
r.setOwnerUserId(c.getOwnerUserId());
r.setStatus(c.getStatus());
r.setCreatedAt(c.getCreatedAt());
r.setUpdatedAt(c.getUpdatedAt());
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/DeliveryBatchService.java
+28 -2
View File
@@ -91,6 +91,10 @@ public class DeliveryBatchService {
b.setPlannedDeliveryDate(parsePlannedDateOrNull(request.getPlannedDeliveryDate()));
b.setStatus(DeliveryBatchStatus.PENDING.name());
b.setRemarks(blankToNull(request.getRemarks()));
b.setSiteAddress(null);
b.setNetworkRequirements(blankToNull(request.getNetworkRequirements()));
b.setSiteContact(blankToNull(request.getSiteContact()));
b.setSiteContactPhone(blankToNull(request.getSiteContactPhone()));
b.setCreatedAt(now);
b.setUpdatedAt(now);
batchMapper.insert(b);
@@ -133,10 +137,12 @@ public class DeliveryBatchService {
public DeliveryBatchResponse update(long id, DeliveryBatchUpdateRequest request) {
PlatformDeliveryBatch b = requireBatch(id);
requirePendingForHeaderEdit(b);
if (request.getPlannedDeliveryDate() == null && request.getRemarks() == null) {
if (request.getPlannedDeliveryDate() == null && request.getRemarks() == null
&& request.getSiteAddress() == null && request.getNetworkRequirements() == null
&& request.getSiteContact() == null && request.getSiteContactPhone() == null) {
throw new ResponseStatusException(
HttpStatus.BAD_REQUEST,
"at least one of plannedDeliveryDate or remarks must be provided");
"at least one field must be provided");
}
String oldJson = toJson(batchSnapshot(b));
if (request.getPlannedDeliveryDate() != null) {
@@ -145,6 +151,18 @@ public class DeliveryBatchService {
if (request.getRemarks() != null) {
b.setRemarks(blankToNull(request.getRemarks()));
}
if (request.getSiteAddress() != null) {
b.setSiteAddress(blankToNull(request.getSiteAddress()));
}
if (request.getNetworkRequirements() != null) {
b.setNetworkRequirements(blankToNull(request.getNetworkRequirements()));
}
if (request.getSiteContact() != null) {
b.setSiteContact(blankToNull(request.getSiteContact()));
}
if (request.getSiteContactPhone() != null) {
b.setSiteContactPhone(blankToNull(request.getSiteContactPhone()));
}
b.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
batchMapper.updateById(b);
auditService.record(
@@ -401,6 +419,10 @@ public class DeliveryBatchService {
m.put("status", b.getStatus());
m.put("finishedAt", b.getFinishedAt());
m.put("remarks", b.getRemarks());
m.put("siteAddress", b.getSiteAddress());
m.put("networkRequirements", b.getNetworkRequirements());
m.put("siteContact", b.getSiteContact());
m.put("siteContactPhone", b.getSiteContactPhone());
return m;
}
@@ -433,6 +455,10 @@ public class DeliveryBatchService {
r.setStatus(b.getStatus());
r.setFinishedAt(b.getFinishedAt());
r.setRemarks(b.getRemarks());
r.setSiteAddress(b.getSiteAddress());
r.setNetworkRequirements(b.getNetworkRequirements());
r.setSiteContact(b.getSiteContact());
r.setSiteContactPhone(b.getSiteContactPhone());
r.setCreatedAt(b.getCreatedAt());
r.setUpdatedAt(b.getUpdatedAt());
return r;
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/DeviceService.java
+231
View File
@@ -0,0 +1,231 @@
package cn.craftlabs.platform.api.service;
import cn.craftlabs.platform.api.persistence.customer.PlatformCustomer;
import cn.craftlabs.platform.api.persistence.customer.PlatformCustomerMapper;
import cn.craftlabs.platform.api.persistence.device.PlatformDevice;
import cn.craftlabs.platform.api.persistence.device.PlatformDeviceMapper;
import cn.craftlabs.platform.api.persistence.device.PlatformDeviceSnBinding;
import cn.craftlabs.platform.api.persistence.device.PlatformDeviceSnBindingMapper;
import cn.craftlabs.platform.api.persistence.device.PlatformDeviceSwapRequest;
import cn.craftlabs.platform.api.persistence.device.PlatformDeviceSwapRequestMapper;
import cn.craftlabs.platform.api.persistence.license.PlatformLicenseSn;
import cn.craftlabs.platform.api.persistence.license.PlatformLicenseSnMapper;
import cn.craftlabs.platform.api.persistence.project.PlatformProject;
import cn.craftlabs.platform.api.persistence.project.PlatformProjectMapper;
import cn.craftlabs.platform.api.web.dto.DeviceBindingResponse;
import cn.craftlabs.platform.api.web.dto.DeviceCreateRequest;
import cn.craftlabs.platform.api.web.dto.DeviceResponse;
import cn.craftlabs.platform.api.web.dto.DeviceSwapRequestDto;
import cn.craftlabs.platform.api.web.dto.PageResponse;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.time.OffsetDateTime;
import java.time.ZoneOffset;
import java.util.List;
import java.util.stream.Collectors;
@Service
public class DeviceService {
private final PlatformDeviceMapper deviceMapper;
private final PlatformDeviceSnBindingMapper bindingMapper;
private final PlatformDeviceSwapRequestMapper swapRequestMapper;
private final PlatformCustomerMapper customerMapper;
private final PlatformProjectMapper projectMapper;
private final PlatformLicenseSnMapper licenseSnMapper;
public DeviceService(
PlatformDeviceMapper deviceMapper,
PlatformDeviceSnBindingMapper bindingMapper,
PlatformDeviceSwapRequestMapper swapRequestMapper,
PlatformCustomerMapper customerMapper,
PlatformProjectMapper projectMapper,
PlatformLicenseSnMapper licenseSnMapper) {
this.deviceMapper = deviceMapper;
this.bindingMapper = bindingMapper;
this.swapRequestMapper = swapRequestMapper;
this.customerMapper = customerMapper;
this.projectMapper = projectMapper;
this.licenseSnMapper = licenseSnMapper;
}
@Transactional(readOnly = true)
public PageResponse<DeviceResponse> listDevices(int page, int size, Long customerId, String site, String snCode) {
LambdaQueryWrapper<PlatformDevice> q =
Wrappers.lambdaQuery(PlatformDevice.class)
.eq(customerId != null, PlatformDevice::getCustomerId, customerId)
.eq(site != null && !site.isEmpty(), PlatformDevice::getSite, site)
.orderByDesc(PlatformDevice::getId);
Page<PlatformDevice> mpPage = new Page<>(page + 1L, size);
deviceMapper.selectPage(mpPage, q);
List<DeviceResponse> content =
mpPage.getRecords().stream().map(this::toDeviceResponse).collect(Collectors.toList());
return new PageResponse<>(content, mpPage.getTotal(), page, size);
}
@Transactional(readOnly = true)
public DeviceResponse getDevice(Long id) {
PlatformDevice d = deviceMapper.selectById(id);
return d != null ? toDeviceResponse(d) : null;
}
@Transactional
public DeviceResponse createDevice(DeviceCreateRequest request) {
OffsetDateTime now = OffsetDateTime.now(ZoneOffset.UTC);
PlatformDevice d = new PlatformDevice();
d.setMid(request.getMid());
d.setAlias(request.getAlias());
d.setSite(request.getSite());
d.setCustomerId(request.getCustomerId());
d.setProjectId(request.getProjectId());
d.setStatus("ONLINE");
d.setFirstSeenAt(now);
d.setCreatedAt(now);
d.setUpdatedAt(now);
deviceMapper.insert(d);
return toDeviceResponse(d);
}
@Transactional
public DeviceResponse updateDevice(Long id, DeviceCreateRequest request) {
PlatformDevice d = deviceMapper.selectById(id);
if (d == null) {
return null;
}
d.setMid(request.getMid());
d.setAlias(request.getAlias());
d.setSite(request.getSite());
d.setCustomerId(request.getCustomerId());
d.setProjectId(request.getProjectId());
d.setUpdatedAt(OffsetDateTime.now(ZoneOffset.UTC));
deviceMapper.updateById(d);
return toDeviceResponse(d);
}
@Transactional(readOnly = true)
public List<DeviceBindingResponse> getBindings(Long deviceId) {
LambdaQueryWrapper<PlatformDeviceSnBinding> q =
Wrappers.lambdaQuery(PlatformDeviceSnBinding.class)
.eq(PlatformDeviceSnBinding::getDeviceId, deviceId)
.orderByDesc(PlatformDeviceSnBinding::getBindAt);
return bindingMapper.selectList(q).stream()
.map(this::toBindingResponse)
.collect(Collectors.toList());
}
@Transactional
public void createSwapRequest(DeviceSwapRequestDto request) {
OffsetDateTime now = OffsetDateTime.now(ZoneOffset.UTC);
PlatformDeviceSwapRequest sr = new PlatformDeviceSwapRequest();
sr.setOldDeviceId(request.getOldDeviceId());
sr.setNewMid(request.getNewMid());
sr.setSnId(request.getSnId());
sr.setReason(request.getReason());
sr.setStatus("PENDING");
sr.setRemark(request.getRemark());
sr.setCreatedAt(now);
swapRequestMapper.insert(sr);
}
@Transactional
public void handleDeviceEvent(String mid, Long snId) {
OffsetDateTime now = OffsetDateTime.now(ZoneOffset.UTC);
LambdaQueryWrapper<PlatformDevice> q =
Wrappers.lambdaQuery(PlatformDevice.class)
.eq(PlatformDevice::getMid, mid);
PlatformDevice device = deviceMapper.selectOne(q);
if (device == null) {
device = new PlatformDevice();
device.setMid(mid);
device.setStatus("ONLINE");
device.setFirstSeenAt(now);
device.setCreatedAt(now);
device.setUpdatedAt(now);
deviceMapper.insert(device);
} else {
device.setLastHeartbeatAt(now);
device.setUpdatedAt(now);
deviceMapper.updateById(device);
}
PlatformDeviceSnBinding binding = new PlatformDeviceSnBinding();
binding.setDeviceId(device.getId());
binding.setLicenseSnId(snId);
binding.setBindType("ACTIVATE");
binding.setBindAt(now);
binding.setCreatedAt(now);
bindingMapper.insert(binding);
}
private DeviceResponse toDeviceResponse(PlatformDevice d) {
DeviceResponse r = new DeviceResponse();
r.setId(d.getId());
r.setMid(d.getMid());
r.setAlias(d.getAlias());
r.setSite(d.getSite());
r.setCustomerId(d.getCustomerId());
r.setProjectId(d.getProjectId());
r.setStatus(d.getStatus());
r.setStatusLabel(statusLabel(d.getStatus()));
r.setFirstSeenAt(d.getFirstSeenAt());
r.setLastHeartbeatAt(d.getLastHeartbeatAt());
r.setCreatedAt(d.getCreatedAt());
if (d.getCustomerId() != null) {
PlatformCustomer c = customerMapper.selectById(d.getCustomerId());
if (c != null) {
r.setCustomerName(c.getName());
}
}
if (d.getProjectId() != null) {
PlatformProject p = projectMapper.selectById(d.getProjectId());
if (p != null) {
r.setProjectName(p.getName());
}
}
return r;
}
private DeviceBindingResponse toBindingResponse(PlatformDeviceSnBinding b) {
DeviceBindingResponse r = new DeviceBindingResponse();
r.setId(b.getId());
r.setLicenseSnId(b.getLicenseSnId());
r.setBindType(b.getBindType());
r.setBindTypeLabel(bindTypeLabel(b.getBindType()));
r.setBindAt(b.getBindAt());
r.setRemark(b.getRemark());
if (b.getLicenseSnId() != null) {
PlatformLicenseSn sn = licenseSnMapper.selectById(b.getLicenseSnId());
if (sn != null) {
r.setSnCode(sn.getSnCode());
}
}
return r;
}
private static String statusLabel(String status) {
if (status == null) {
return "离线";
}
switch (status) {
case "ONLINE": return "在线";
case "OFFLINE": return "离线";
case "RETIRED": return "已退役";
default: return "离线";
}
}
private static String bindTypeLabel(String bindType) {
if (bindType == null) {
return "";
}
switch (bindType) {
case "ACTIVATE": return "激活绑定";
case "SWAP": return "换机";
case "UNBIND": return "解绑";
default: return "";
}
}
}
services/delivery-platform-api/src/main/java/cn/craftlabs/platform/api/service/IntegrationCatalogService.java
+224 -1
View File
@@ -1,12 +1,22 @@
package cn.craftlabs.platform.api.service;
import cn.craftlabs.platform.api.persistence.integration.PlatformBitanswerIdMapping;
import cn.craftlabs.platform.api.persistence.integration.PlatformBitanswerIdMappingMapper;
import cn.craftlabs.platform.api.persistence.integration.PlatformIntegrationEnvironment;
import cn.craftlabs.platform.api.persistence.integration.PlatformIntegrationEnvironmentMapper;
import cn.craftlabs.platform.api.persistence.integration.PlatformJsonTemplate;
import cn.craftlabs.platform.api.persistence.integration.PlatformJsonTemplateMapper;
import cn.craftlabs.platform.api.persistence.integration.PlatformProductLine;
import cn.craftlabs.platform.api.persistence.integration.PlatformProductLineMapper;
import cn.craftlabs.platform.api.persistence.integration.PlatformSkuMapping;
import cn.craftlabs.platform.api.persistence.integration.PlatformSkuMappingMapper;
import cn.craftlabs.platform.api.web.dto.IntegrationEnvironmentRequest;
import cn.craftlabs.platform.api.web.dto.IntegrationEnvironmentResponse;
import cn.craftlabs.platform.api.web.dto.PageResponse;
import cn.craftlabs.platform.api.web.dto.ProductLineRequest;
import cn.craftlabs.platform.api.web.dto.ProductLineResponse;
import cn.craftlabs.platform.api.web.dto.SkuMappingRequest;
import cn.craftlabs.platform.api.web.dto.SkuMappingResponse;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import org.springframework.http.HttpStatus;
@@ -22,12 +32,21 @@ public class IntegrationCatalogService {
private final PlatformProductLineMapper productLineMapper;
private final PlatformIntegrationEnvironmentMapper environmentMapper;
private final PlatformBitanswerIdMappingMapper idMappingMapper;
private final PlatformJsonTemplateMapper jsonTemplateMapper;
private final PlatformSkuMappingMapper skuMappingMapper;
public IntegrationCatalogService(
PlatformProductLineMapper productLineMapper,
PlatformIntegrationEnvironmentMapper environmentMapper) {
PlatformIntegrationEnvironmentMapper environmentMapper,
PlatformBitanswerIdMappingMapper idMappingMapper,
PlatformJsonTemplateMapper jsonTemplateMapper,
PlatformSkuMappingMapper skuMappingMapper) {
this.productLineMapper = productLineMapper;
this.environmentMapper = environmentMapper;
this.idMappingMapper = idMappingMapper;
this.jsonTemplateMapper = jsonTemplateMapper;
this.skuMappingMapper = skuMappingMapper;
}
@Transactional(readOnly = true)
@@ -70,6 +89,196 @@ public class IntegrationCatalogService {
return toEnvironment(row);
}
@Transactional
public ProductLineResponse createProductLine(ProductLineRequest req) {
PlatformProductLine row = new PlatformProductLine();
row.setCode(req.getCode());
row.setName(req.getName());
row.setDescription(req.getDescription());
row.setEnabled(req.getEnabled() != null ? req.getEnabled() : Boolean.TRUE);
productLineMapper.insert(row);
return toProductLine(row);
}
@Transactional
public ProductLineResponse updateProductLine(long id, ProductLineRequest req) {
PlatformProductLine row = productLineMapper.selectById(id);
if (row == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "product line not found");
}
row.setCode(req.getCode());
row.setName(req.getName());
row.setDescription(req.getDescription());
row.setEnabled(req.getEnabled() != null ? req.getEnabled() : Boolean.TRUE);
productLineMapper.updateById(row);
return toProductLine(row);
}
@Transactional
public void deleteProductLine(long id) {
if (productLineMapper.selectById(id) == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "product line not found");
}
productLineMapper.deleteById(id);
}
@Transactional
public IntegrationEnvironmentResponse createEnvironment(IntegrationEnvironmentRequest req) {
PlatformIntegrationEnvironment row = new PlatformIntegrationEnvironment();
row.setCode(req.getCode());
row.setName(req.getName());
row.setBitanswerBaseUrl(req.getBitanswerBaseUrl());
row.setKind(req.getKind());
environmentMapper.insert(row);
return toEnvironment(row);
}
@Transactional
public IntegrationEnvironmentResponse updateEnvironment(long id, IntegrationEnvironmentRequest req) {
PlatformIntegrationEnvironment row = environmentMapper.selectById(id);
if (row == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "integration environment not found");
}
row.setCode(req.getCode());
row.setName(req.getName());
row.setBitanswerBaseUrl(req.getBitanswerBaseUrl());
row.setKind(req.getKind());
environmentMapper.updateById(row);
return toEnvironment(row);
}
@Transactional
public void deleteEnvironment(long id) {
if (environmentMapper.selectById(id) == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "integration environment not found");
}
environmentMapper.deleteById(id);
}
public List<PlatformBitanswerIdMapping> listFeatureMappings(Long productLineId) {
var qw = new com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper<PlatformBitanswerIdMapping>()
.isNotNull(PlatformBitanswerIdMapping::getFeatureKey);
if (productLineId != null) qw.eq(PlatformBitanswerIdMapping::getProductLineId, productLineId);
qw.orderByDesc(PlatformBitanswerIdMapping::getCreatedAt);
return idMappingMapper.selectList(qw);
}
public List<PlatformBitanswerIdMapping> listIdMappings(Long productLineId, Long environmentId) {
var qw = new com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper<PlatformBitanswerIdMapping>();
if (productLineId != null) qw.eq(PlatformBitanswerIdMapping::getProductLineId, productLineId);
if (environmentId != null) qw.eq(PlatformBitanswerIdMapping::getEnvironmentId, environmentId);
qw.orderByDesc(PlatformBitanswerIdMapping::getCreatedAt);
return idMappingMapper.selectList(qw);
}
@Transactional
public PlatformBitanswerIdMapping createIdMapping(PlatformBitanswerIdMapping mapping) {
mapping.setCreatedAt(java.time.OffsetDateTime.now());
mapping.setUpdatedAt(java.time.OffsetDateTime.now());
idMappingMapper.insert(mapping);
return mapping;
}
@Transactional
public PlatformBitanswerIdMapping updateIdMapping(Long id, PlatformBitanswerIdMapping mapping) {
PlatformBitanswerIdMapping existing = idMappingMapper.selectById(id);
if (existing == null) return null;
mapping.setId(id);
mapping.setUpdatedAt(java.time.OffsetDateTime.now());
idMappingMapper.updateById(mapping);
return idMappingMapper.selectById(id);
}
@Transactional
public void deleteIdMapping(Long id) {
idMappingMapper.deleteById(id);
}
@Transactional
public PlatformJsonTemplate createJsonTemplate(PlatformJsonTemplate template) {
template.setVersion(1);
template.setSchemaVersion(1);
template.setCreatedAt(java.time.OffsetDateTime.now());
template.setUpdatedAt(java.time.OffsetDateTime.now());
jsonTemplateMapper.insert(template);
return template;
}
public java.util.List<PlatformJsonTemplate> listJsonTemplates() {
return jsonTemplateMapper.selectList(
com.baomidou.mybatisplus.core.toolkit.Wrappers.lambdaQuery(PlatformJsonTemplate.class)
.orderByDesc(PlatformJsonTemplate::getCreatedAt));
}
public PlatformJsonTemplate getJsonTemplate(Long id) {
return jsonTemplateMapper.selectById(id);
}
@Transactional
public PlatformJsonTemplate updateJsonTemplate(Long id, PlatformJsonTemplate template) {
PlatformJsonTemplate existing = jsonTemplateMapper.selectById(id);
if (existing == null) return null;
template.setId(id);
template.setVersion(existing.getVersion() + 1);
template.setUpdatedAt(java.time.OffsetDateTime.now());
jsonTemplateMapper.updateById(template);
return jsonTemplateMapper.selectById(id);
}
@Transactional
public void deleteJsonTemplate(Long id) {
jsonTemplateMapper.deleteById(id);
}
@Transactional(readOnly = true)
public List<SkuMappingResponse> listSkuMappings(Long contractLineId) {
var qw = new com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper<PlatformSkuMapping>();
if (contractLineId != null) qw.eq(PlatformSkuMapping::getContractLineId, contractLineId);
qw.orderByDesc(PlatformSkuMapping::getCreatedAt);
return skuMappingMapper.selectList(qw).stream().map(this::toSkuMapping).collect(Collectors.toList());
}
@Transactional
public SkuMappingResponse createSkuMapping(Long contractLineId, SkuMappingRequest req) {
PlatformSkuMapping row = new PlatformSkuMapping();
row.setContractLineId(contractLineId);
row.setSkuCode(req.getSkuCode());
row.setSkuName(req.getSkuName());
row.setBitanswerProductId(req.getBitanswerProductId());
row.setBitanswerTemplateId(req.getBitanswerTemplateId());
row.setBitanswerFeatureId(req.getBitanswerFeatureId());
row.setQuantity(req.getQuantity() != null ? req.getQuantity() : 1);
row.setCreatedAt(java.time.OffsetDateTime.now());
row.setUpdatedAt(java.time.OffsetDateTime.now());
skuMappingMapper.insert(row);
return toSkuMapping(row);
}
@Transactional
public SkuMappingResponse updateSkuMapping(Long id, SkuMappingRequest req) {
PlatformSkuMapping row = skuMappingMapper.selectById(id);
if (row == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "sku mapping not found");
}
row.setSkuCode(req.getSkuCode());
row.setSkuName(req.getSkuName());
row.setBitanswerProductId(req.getBitanswerProductId());
row.setBitanswerTemplateId(req.getBitanswerTemplateId());
row.setBitanswerFeatureId(req.getBitanswerFeatureId());
row.setQuantity(req.getQuantity() != null ? req.getQuantity() : 1);
row.setUpdatedAt(java.time.OffsetDateTime.now());
skuMappingMapper.updateById(row);
return toSkuMapping(row);
}
@Transactional
public void deleteSkuMapping(Long id) {
if (skuMappingMapper.selectById(id) == null) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "sku mapping not found");
}
skuMappingMapper.deleteById(id);
}
private ProductLineResponse toProductLine(PlatformProductLine row) {
ProductLineResponse r = new ProductLineResponse();
r.setId(row.getId());
@@ -94,4 +303,18 @@ public class IntegrationCatalogService {
r.setUpdatedAt(row.getUpdatedAt());
return r;
}
private SkuMappingResponse toSkuMapping(PlatformSkuMapping row) {
SkuMappingResponse r = new SkuMappingResponse();
r.setId(row.getId());
r.setContractLineId(row.getContractLineId());
r.setSkuCode(row.getSkuCode());
r.setSkuName(row.getSkuName());
r.setBitanswerProductId(row.getBitanswerProductId());
r.setBitanswerTemplateId(row.getBitanswerTemplateId());
r.setBitanswerFeatureId(row.getBitanswerFeatureId());
r.setQuantity(row.getQuantity());
r.setCreatedAt(row.getCreatedAt());
return r;
}
}

Some files were not shown because too many files have changed in this diff Show More