-
源自 Codex 对 wire-frontend-backend 分支的对抗性评审 (2× high / 1× medium),三条 finding 均已复核属实。 - [HIGH] 详情未加载就保存会把 permissionCategoryIds 当成 [] → 静默清空: - 前端 ids 三态化 (number[] | null),列表态 snapshot 不带 ids 时保持 null - 编辑模式下 ids 仍为 null 时 disable 修改/保存按钮,DTO 中省略该字段 - 后端 update() 把 delete+reinsert 包到 if (ids != null),null 视为"不动权限" - [HIGH] 过滤态下表头全选越权授权:allChecked 与 onChange 改为基于 visibleCategories - [MEDIUM] selectCategoryIdsByUserId 加 INNER JOIN tPermissionCategory 过滤 bDeleted=0, 避免软删分类导致 40023 阻塞无关字段编辑
-
- Backend: add GET /usr/users/{id} detail endpoint that returns the user row plus its permissionCategoryIds - Backend: add GET /usr/permission-categories listing for the permission grid (active categories only) - Frontend: UserDetail consumes both endpoints to populate edit form and the permission grid
-
部门 (sDepartment) lives on tStaff, not tUser. Showing/editing it on the user form was misleading — it implied the value would be saved against the user, but the backend has no such column on tUser. The user list still surfaces 部门 via the LEFT JOIN on tStaff, which remains correct for display. Removes: - 部门 form field on UserDetail - DEPARTMENTS constant (now unused)
-
- Remove the green '已绑定' badge from StaffPicker; the prototype doesn't show one and it's confusing in create mode (nothing has been saved yet). - On staff selection, auto-fill 用户号 (sUserNo) and 用户名 (sUserName) with the staff's Chinese name to match prototype behavior; user can still override either field after selection.
-
Backend: - StaffSearchVO (iIncrement / sStaffNo / sStaffName / sDepartment) - StaffMapper.searchActive(keyword, limit) — LIKE on name + staff no - StaffController GET /api/usr/staffs?keyword=&limit= - UserListVO + UserMapper.xml: expose iStaffId so edit mode preserves the binding when user doesn't change 员工名 Frontend: - api/staff.ts → searchStaff() - StaffPicker.tsx: input + dropdown with debounced search, '已绑定' badge when an iStaffId is bound, click outside to close, search icon - UserDetail: replace 员工名 PrimInput with StaffPicker; track iStaffId in form state; send to backend on save (no longer omitted)
-
Reverses the earlier 'hide unsupported fields' decision per user request to strictly follow the prototype look. Brings back: - Full dark sub-toolbar: 新增 / 修改 / 删除 / 保存 / 取消 (separator) 功能 / 作废 / 重置密码 / 取消作废, with status chip + settings gear on the right and 已选权限 counter - 9-field 3x3 form with prototype's required-field cyan tint, 制单人 showing 保存后自动生成 placeholder in new mode - 6 perm tabs (权限组 / 客户 / 供应商 / 人员 / 工序 / 司机) - 30-row permission grid with hover, accent-soft selected row, filter - Scope tabs with master enable + 4-col grid of items - Floating vertical 帮助 button on right edge Permissions and the no-op buttons are visual-only — they don't round-trip to backend. Save still sends only sUserNo/sUserName/sUserType/sLanguage/ bCanModifyDocs (iStaffId and permissionCategoryIds intentionally omitted). Adds bespoke Primitives.tsx (Field/PrimInput/PrimSelect/PrimCheckbox/ ToolbarBtnDark/ToolbarBtnLight) so this screen renders pixel-faithful to prototype rather than picking up AntD chrome.
-
Per docs/04 production stack: Vite + React 18 + TypeScript + AntD 5 + Redux Toolkit + React Router v6 + Axios. Theme tokens copied from prototype/XLY-ERP.html so density, colors, and layout match. Pages: Login, Home, UserList, UserDetail, ModuleConfig — wired to existing endpoints (/api/usr/auth/login, /api/usr/users, /api/mod/modules). Backend-unsupported fields (user permission grid, 18 module fields, iStaffId picker) hidden per scope. Sidebar/MegaNav remain static reference data; dashboard stats hardcoded (no endpoint).