hangshuo652/aurak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
60 Commits 2 Branches 0 Tags
a7e7c85ff6e9297cb3f465e78e8e526cb9f9da10
Commit Graph

60 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Developer a7e7c85ff6 fix: 系统角色权限保护 + 全角色全场景 E2E 测试(94项) 
缺陷修复:
- PermissionService.setRolePermissions 增加 isSystem 检查
  系统角色的权限不可被修改(之前可被任意改写)

测试覆盖(94项全部通过):
- PHASE A: 身份认证(登录/错误密码/无效token/空凭据 8项)
- PHASE B: 三层角色权限边界(26/21/5 权限一致性 3项)
- PHASE C: 创建用户异常(重复/短密码/空字段/特殊字符 7项)
- PHASE D: 编辑&角色变更(改名/升降级/非法值/并发/跨角色 12项)
- PHASE E: 删除异常(删自己/admin/不存在/USER删/TA删 12项)
- PHASE F: 权限系统(角色CRUD/权限改/权限一致性/元数据 25项)
- PHASE G: 模块可达性(2项,非致命)
- PHASE H: 前端UI(admin/ta_admin/user1 三角色 22项)
- PHASE I: 边界缺陷(跨租户隔离/超长名 2项)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-09 09:41:04 +08:00
Developer 64771f10ed test: 用户管理全生命周期测试(42项)覆盖异常case 
覆盖场景:
- 创建用户异常:重复用户名、密码太短、空字段
- 权限边界:USER 不能创建/查看/删除用户
- 角色变更:USER↔TENANT_ADMIN 切换后权限实时生效
- 删除异常:删自己、删 admin、删不存在用户
- UI 验证:角色列、编辑弹窗、权限管理页、权限矩阵

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-09 09:00:23 +08:00
Developer 9b4412792b feat: 用户管理页加角色列和角色编辑弹窗 
- 用户表新增「角色」列,显示超级管理员/管理员/用户徽章
- 编辑用户弹窗增加角色选择(USER/TENANT_ADMIN/SUPER_ADMIN)
- 角色选择时同步显示该角色的权限预览
- 保存时自动调用 PATCH /tenants/:id/members/:userId 更新角色
- 新增 test-permission-flow.mjs 三层用户权限测试脚本

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-08 23:37:13 +08:00
Developer ba33d517c1 feat: 分层 RBAC 权限管理系统 
后端:
- 新增 Role / RolePermission 实体(自动 seed 系统角色)
- PermissionService——通过 isAdmin / TenantMember 链路解析用户权限
- @Permission() 装饰器 + PermissionsGuard 守卫
- /api/permissions 和 /api/roles REST API
- UserController 内联 role 检查迁移到 @Permission()
- PermissionModule 全局注册

前端:
- usePermissions hook——获取当前用户权限集
- PermissionGate 组件级门控
- PermissionSettingsView——角色列表+权限矩阵编辑页面
- SettingsView 新增「权限管理」Tab(仅 admin 可见)
- 权限预览(26 项,7 分类)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-08 23:25:22 +08:00
Developer c57c3028e2 fix: shuffleArray bug + Playwright多轮对话测试 + 初学者考核脚本 
- 修复 shuffleArray 返回新数组但调用处用 const 未接收返回值(3处)
- 新增 test-multiround.mjs Playwright 多轮对话测试(简答+追问全流程)
- 新增 do-assessment.mjs / check-result.mjs 考核体验脚本
- CLAUDE.md 增加 AI 工作流指令规则
- package.json 添加 playwright 依赖

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-08 22:34:04 +08:00
Developer 0b2c6563ba Add IDE题库 50 questions + PROMPT/LLM/DEV_PATTERN 34 questions 2026-06-03 21:12:11 +08:00
Developer 6d9acd7252 fix: MC options display, question selection, timeout handling, and grading prompts 2026-06-03 20:58:19 +08:00
Developer a71bde3452 add IDE question bank seed script (50 questions for L1 IDE协作开发) 
- Copilot: 12 questions (intelligent completion, Chat modes, CLI)
- Claude Code: 12 questions (interaction methods, model selection, CLI commands)
- OpenCode: 19 questions (overview, installation, Plan/Build, commands, models)
- Debug: 7 questions (/fix, /debug, /tests, /explain commands)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-03 20:55:38 +08:00
Developer 6e569ff478 fix: skip content check when bank questions available, early generator return 2026-05-23 22:32:51 +08:00
Developer a83de861dd fix: replace PDF with HTML report (fontkit unavailable) 2026-05-21 16:30:36 +08:00
Developer 0b0da09d4b fix: use pdf-lib embedFont with proper pagination for CJK PDF 2026-05-21 16:12:38 +08:00
Developer d7cd5641d7 fix: rewrite PDF generator using pdf-lib native embedFont for CJK support 2026-05-21 15:59:01 +08:00
Developer c53f26a07e perf: trim grader prompts ~40% to reduce LLM latency 2026-05-21 15:52:33 +08:00
Developer b15e821252 feat: enriched certificate with template name, dimension scores, question details + Modal UI 
- generateCertificate: return templateName, questionDetails, dimensionScores
- Frontend: replace alert() with certificate Modal showing level, scores, dimensions, questions
- Status label: change from '已验证' to '合格'
 2026-05-21 15:42:59 +08:00
Developer 990b8c7b83 fix: forward passed flag in SSE final events 2026-05-21 15:24:36 +08:00
Developer f8df92c36b fix: forward finalScore in submitAnswerStream final event 2026-05-21 15:19:10 +08:00
Developer 51f2a41cc3 fix: determineLevel uses 0-10 scale thresholds instead of 0-100 2026-05-21 15:07:23 +08:00
Developer 0a3a8a2e32 fix: send accumulated answers to LLM grader for follow-up context 
- Grader now passes all rounds of user answers to LLM (tagged 第N轮回答)
- LLM can see what was already answered and avoid redundant follow-ups
- Updated all three language prompts with multi-round guidance
 2026-05-21 14:41:57 +08:00
Developer 9303d7ac64 fix: auto-submit answer on timeout instead of blocking 
- Timeout triggers forced submission of current answer (or empty)
- Prevents assessment from hanging when time expires
- autoSubmitted flag prevents duplicate submissions
 2026-05-21 14:32:01 +08:00
Developer 02f4ab23f7 feat: LLM-generated adaptive follow-up questions 
- Grader: LLM outputs follow_up_question targeting uncovered keyPoints
- Remove static followupHints usage in grading flow
- maxFollowUps sourced from question.maxFollowUps (hints.length)
- Clean answerKey: remove followupHints field
- Three-language prompt update with examples and bad examples
- Grader spec: add follow_up_question to mock responses
 2026-05-21 14:18:14 +08:00
Developer 7fd2a4cda2 fix: option display + partial credit grading 
- Option display: use slice(1) instead of regex to strip letter prefix
- Grader prompts: add explicit partial credit guidance (5-7 for partial, 0-2 only for off-target)
 2026-05-21 13:13:21 +08:00
Developer 7b1103903f fix: remove prefix from followup hint, use raw text 2026-05-21 13:00:03 +08:00
Developer 3cc3b28471 fix: broader regex to strip conditional prefix from followup hints 2026-05-21 12:57:04 +08:00
Developer 5c82c75a09 fix: strip option letter prefix in QuestionBankDetailView 
Consistent with AssessmentView, now strips A./B./C./D. prefix
from option text before displaying alongside letter badge.
 2026-05-21 12:48:35 +08:00
Developer 24ffc028e2 fix: shuffle choice options per session + clean followup hints 
- Options shuffled with correctAnswer remapped at session creation
- Followup hints strip conditional prefix (如果只说了XX,追问:)
 2026-05-21 12:42:52 +08:00
Developer 734c0129d8 chore: remove test artifact 2026-05-21 11:53:47 +08:00
Developer 1224a74e63 fix: natural follow-up conversation flow 
- Grader: separate followup hint from scoring feedback
- Interviewer: use followup hint directly without prefix/suffix
- Restored standard and choice question presentation paths
 2026-05-21 11:53:24 +08:00
Developer c015ea3697 fix: shuffle bank questions + grader LLM error resilience 
- selectQuestions: shuffle final result for random question order
- grader: wrap LLM invoke in try-catch, default score 5 on failure
- grader: inner try-catch for JSON parse errors, graceful fallback
 2026-05-21 11:33:17 +08:00
Developer 240aea24aa fix: linkedGroupIds null check in validateRequiredFields 
null !== undefined was true, causing false validation failure on templates
without linked groups. Changed to != null check.
 2026-05-21 11:17:45 +08:00
Developer 54762ca299 fix: passingScore scaling and dimensions propagation 
- Frontend: divide by 10 on load, multiply by 10 on send (UI:0-10, DB:0-100)
- Backend: include template dimensions in session templateData snapshot
 2026-05-21 11:07:07 +08:00
Developer eba30517a6 fix: remove bank PUBLISHED guard from selectQuestions 
selectQuestions now only checks item-level PUBLISHED status.
startSession already handles bank detection by counting published items.
This fixes assessment always falling back to LLM generation.
 2026-05-21 10:26:19 +08:00
Developer 35b1c6c37d feat: judgment-anchored grading and per-question results 
- Grader: inject judgment as pass criteria anchor in LLM prompt
- Grader: use followupHints for follow-up direction (not generic text)
- Grader: follow-up limit from followupHints.length instead of hardcoded 2
- Session: correctAnswer/judgment stored in questions, stripped during assessment
- Frontend: per-question results panel with choice / + judgment display
 2026-05-21 10:18:15 +08:00
Developer 3993099907 feat: end-to-end choice question support in assessment pipeline 
- Data pathway: flow options through questions, answerKey in graph state
- Interviewer: format MULTIPLE_CHOICE with A/B/C/D options
- Grader: instant choice scoring (zero LLM), compare correctAnswer
- AssessmentView: render choice buttons vs textarea based on questionType
- Security: sanitizeStateForClient strips correctAnswer/judgment/answerKey
- Bank detection: check PUBLISHED items (not PUBLISHED bank status)
- Batch UI: select all / batch approve / batch reject on detail view
 2026-05-21 10:06:33 +08:00
Developer 57898f939c fix: add status guards to prevent data loss 
- create: auto-delete REJECTED→throw error; add tenantId filter
- remove: forbid PUBLISHED bank deletion
- removeItem: forbid PUBLISHED item deletion
- generateQuestions: restrict to DRAFT status only
- frontend: render MULTIPLE_CHOICE options/judgment/followupHints
- frontend: add judgment and followupHints to QuestionBankItem type
- add 12 service guard tests (109 total)
 2026-05-21 08:55:35 +08:00
Developer e782d180d7 feat: support choice+open dual question generation with judgment anchors 
- Add judgment and followupHints fields to QuestionBankItem entity
- Rewrite generateQuestions prompt for 3:7 choice:open ratio
- Extract parseGeneratedQuestion function with type-aware parsing
- Add 29 unit tests: 14 prompt content + 15 parse logic
- Total: 97 tests passing (59 baseline + 38 new)
 2026-05-21 01:04:08 +08:00
Developer 17ddfa83bf Question generation: scenario-based 3-step prompt with technique labeling, key_points constrained to KB source, temperature 0.1. Generator node: two-step extraction prompt for assessment flow. 2026-05-20 17:33:28 +08:00
Developer 83483d8117 F1-F10: audit fixes (dimension normalize, passingScore scale, DB defaults, onDelete, item status filter, timeout event type, userId privacy) + generator.node.ts strict prompt rules (anti-hallucination) 2026-05-20 11:13:37 +08:00
Developer 29bac74b58 M3: console.log -> Logger + UI redesign (QuestionBank) + S7/A9/A10/A11/U11 bug fixes + #1/#2/#3/#4 enhancements + i18n for QuestionBank pages 2026-05-19 16:57:45 +08:00
Developer 5b5f14674d fix: minor issues from code review 
(M1) DTO: @IsObject({ each: true }) on dimensions array
(M2) audit log: add missing tenantId in submitAnswer
(M3) console.log -> this.logger in controller + service
 2026-05-19 10:22:18 +08:00
Developer 82a9e75842 fix: code review — 7 issues resolved 
(C1) Add dimensionScores/radarData/passed columns to AssessmentSession
(C2) Mock DataSource in service.spec.ts + app.e2e-spec.ts
(C3) Mock AuditLogService in controller.spec.ts
(C4) Rewrite deleteSession tests for dataSource.transaction
(I1) batchDeleteSessions uses transaction with certificate cleanup
(I2) extractDimensionScores reads from session property
(I3/I5) PDF generator supports multi-page + newline splitting
(I4) findOne inside transaction uses deleteCondition
 2026-05-19 10:06:30 +08:00
Developer 7f8e7214b3 P3-02-03-04: audit log, batch ops, transactions 
P3-02: audit-log.entity + service, manual logging in controller
  (startSession, submitAnswer, deleteSession, review, forceEnd)
P3-03: POST batch-delete, POST batch-export endpoints + service methods
P3-04: DataSource.transaction for deleteSession + reviewAssessment,
  graph state cleanup on session delete
 2026-05-19 09:52:31 +08:00
Developer eb0798de5b P2-1: remove dead cost-control module (3 files) 
P2-2: switch TypeORM to autoLoadEntities: true

Remove unused vision-pipeline-cost-aware.service.ts,
cost-control.service.ts and its orphan module.
Switch explicit entities[] list to autoLoadEntities.
 2026-05-19 09:39:41 +08:00
Developer 33e48f6d4e P1-3: grader/interviewer node unit tests (24 passing) 
grader.node.spec.ts — 13 tests: LLM mock validation, breakout logic
(shorts/IDontKnow), error handling, scoring/indexing, zh/ja language support

interviewer.node.spec.ts — 11 tests: empty questions, index bounds,
standard presentation, follow-up mode, zh/ja/en localization
 2026-05-19 09:30:19 +08:00
Developer b139ae18b7 P1-2: certificate E2E integration tests + API verification 
- Certificate lifecycle tests: create/verify/idempotency/level
- Public endpoint integration tests for verifyCertificate and getPublicCertificateInfo
- API verified: /public returns 200, /verify returns 200, auth endpoint returns 404 for missing
 2026-05-19 09:26:34 +08:00
Developer 68371922ca P0-1/P0-2/P1-1: dimensions form + E2E tests + PDF export 
P0-1 Backend: dimensions column on template entity + validation
P0-1 Frontend: dimensions edit UI in TemplateManager
P0-2: routeAfterGrading unit tests (10 cases), service spec fix + certificate tests, jest-e2e.json
P1-1: proper PDF generation with embedded CJK font via pdf-lib low-level API
 2026-05-19 08:42:03 +08:00
Developer 0b0a060967 fix: 全部TS错误修复(25->0) + 证书API 500修复 + i18n缺失key补全 + 类型定义修正 
- 证书API 500修复: AssessmentCertificate实体注册到app.module.ts
- 前端TS错误25个清零: i18n key 17个, 类型定义8个
- i18n补全: 17个缺失key添加到zh/en/ja
- KnowledgeFile类型: 添加title, content字段
- importService: 改用apiClient.request替代raw fetch
- ModeSelector: 移除jsx prop
- questionBankService: .ok -> .status >= 400
- NotebookDetailView: .filter -> .items.filter
- ImportTasksDrawer: tasks.items提取
- API端点审计: 16/16通过
- 数据库Schema审计: 25表288列一致
- AGENTS.md更新
 2026-05-18 08:30:59 +08:00
Developer 631e99c0e0 docs: 更新debugging-checklist v2.2 - 整合验证报告 2026-05-15 10:10:15 +08:00
Developer 7ee13b3499 fix: 整合验证修复9个代码缺口 - 历史限制3条、证书公开端点、题库默认DRAFT状态、Admin硬编码 2026-05-15 10:09:27 +08:00
Developer 97287b0fc4 fix: 题库创建唯一约束检查 + 前端错误消息透传 2026-05-15 10:02:32 +08:00
Developer b70dc68a85 fix: 题库生成功能全面修复 - create方法templateId传参、异常改为BadRequest、前端错误消息透传 2026-05-15 09:55:03 +08:00