long-agent/user-system
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(n+1): 批量查询替代循环单查

Browse Source 
- IsAdminBootstrapRequired: userRepo.GetByID 循环 → GetByIDs 批量
- AssignRoles: roleRepo.GetByID 循环 → GetByIDs 批量
- 在 userRepositoryInterface 补充 GetByIDs 方法签名
This commit is contained in:
long-agent
2026-05-08 08:05:26 +08:00
parent 9b1cea246e
commit 2a18a6fb47
39 changed files with 3169 additions and 393 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
docs/team/PRODUCTION_CHECKLIST.md
View File

@@ -231,3 +231,34 @@ Use this section first if earlier 2026-04-23 notes in this file conflict with it
- [ ] If a UI form shape differs from the backend write contract, the service adapter must serialize the backend field names explicitly and service tests must pin the exact outbound payload.
- [ ] If a browser runner waits on in-page fetch diagnostics, that wait must be created in the same control flow as the submit action and must not be allowed to outlive a failed click or fill step.
## 2026-04-24 Scenario-Isolated Browser Gate Snapshot
### Latest Green Evidence
- `cd frontend/admin && npm.cmd run test:run -- src/lib/playwright-e2e-scenarios.test.ts`
- `cd frontend/admin && npm.cmd run test:run`
- `cd frontend/admin && npm.cmd run lint`
- `cd frontend/admin && npm.cmd run build`
- `cd frontend/admin && $env:E2E_SCENARIOS='email-activation'; npm.cmd run e2e:full:win`
- `cd frontend/admin && npm.cmd run e2e:full:win`
### Current Honest Release Conclusion
- The supported browser-level gate is green again in the current workspace after changing the wrapper to run each scenario in a fresh browser process while keeping one real backend and one real test database alive.
- The latest green full run executed `21` isolated scenario runs: `admin-bootstrap` plus the `20` steady-state scenarios behind it.
- This evidence proves the documented browser-level acceptance path in the current workspace. It does not by itself prove that the underlying Chromium host-runtime `0x5` issue has disappeared.
### Additional Checklist Items
- [ ] If the host browser runtime is the unstable component, isolate browser processes per scenario before expanding suite-level retries.
- [ ] If the supported gate uses scenario isolation, the wrapper still preserves one real backend, one real frontend server, one real SMTP capture path, and one real test database for the whole run.
- [ ] The scenario list used by the wrapper is derived from the same source as the Playwright runner and is not duplicated manually in release-critical code.
## 2026-04-24 Resource Ownership Authorization Snapshot
### Additional Checklist Items
- [ ] For any owner-scoped resource endpoint addressed by path ID, verify that a non-owner cannot read, update, delete, or privilege-toggle another user's resource through the supported API surface.
- [ ] For the same endpoint family, verify that the service layer re-checks ownership or admin privilege instead of trusting only a handler-level path check.
- [ ] When admin cross-user access is intentional, add one positive regression proving the admin path still works after the IDOR fix.