fix(n+1): 批量查询替代循环单查
- IsAdminBootstrapRequired: userRepo.GetByID 循环 → GetByIDs 批量 - AssignRoles: roleRepo.GetByID 循环 → GetByIDs 批量 - 在 userRepositoryInterface 补充 GetByIDs 方法签名
This commit is contained in:
@@ -251,3 +251,59 @@ Use this section as the newest technical snapshot when earlier 2026-04-23 notes
|
||||
### Stability Rule
|
||||
|
||||
- When a scenario uses asynchronous fetch diagnostics for proof, create the waiter in the same control flow as the triggering action and tear it down implicitly with that action path. A background waiter that survives a failed action is a runner bug because it can replace the primary failure with misleading page-closed noise.
|
||||
|
||||
## 2026-04-24 Scenario-Isolated Browser Gate Notes
|
||||
|
||||
### Main Acceptance Path
|
||||
|
||||
- The supported browser-level gate remains `cd frontend/admin && npm.cmd run e2e:full:win`.
|
||||
- On 2026-04-24 that gate was re-run green after changing `frontend/admin/scripts/run-playwright-auth-e2e.ps1` to keep one backend and one frontend session alive while launching a fresh browser process for each selected Playwright scenario.
|
||||
- `frontend/admin/scripts/run-playwright-cdp-e2e.mjs` now supports a lightweight `E2E_LIST_SCENARIOS=1` mode so the wrapper and the runner derive the scenario order from the same source of truth.
|
||||
|
||||
### Current Green Evidence
|
||||
|
||||
- The current full-gate green evidence is `21` isolated scenario runs in one end-to-end environment:
|
||||
- `admin-bootstrap`
|
||||
- `public-registration`
|
||||
- `email-activation`
|
||||
- `password-reset`
|
||||
- `login-surface`
|
||||
- `auth-workflow`
|
||||
- `responsive-login`
|
||||
- `desktop-mobile-navigation`
|
||||
- `user-management-crud`
|
||||
- `user-management-batch`
|
||||
- `role-management-crud`
|
||||
- `permissions-management-crud`
|
||||
- `device-management`
|
||||
- `login-logs`
|
||||
- `operation-logs`
|
||||
- `webhook-management`
|
||||
- `import-export`
|
||||
- `profile-management`
|
||||
- `profile-and-security`
|
||||
- `settings`
|
||||
- `dashboard-stats`
|
||||
|
||||
### Operational Knobs
|
||||
|
||||
- `E2E_SCENARIO_ISOLATION=0` keeps the legacy whole-suite browser mode available for diagnostics.
|
||||
- `E2E_SCENARIO_ATTEMPTS` overrides the per-scenario retry count; otherwise the wrapper falls back to `E2E_SUITE_ATTEMPTS`.
|
||||
|
||||
## 2026-04-24 Resource Ownership Authorization Notes
|
||||
|
||||
### Recommended Implementation Pattern
|
||||
|
||||
- For owner-scoped resources, split authorization across two layers:
|
||||
- the handler extracts the current actor identity and admin bit from the authenticated request context;
|
||||
- the service loads the target resource and re-checks `owner-or-admin` before returning or mutating it.
|
||||
- This prevents future handlers, background callers, or admin-route reuse from silently bypassing ownership checks by passing a raw resource ID straight into repository operations.
|
||||
|
||||
### Minimum Regression Pattern
|
||||
|
||||
- Add a targeted red-green regression set for each resource family that covers:
|
||||
- cross-user read forbidden;
|
||||
- cross-user update forbidden;
|
||||
- cross-user delete forbidden;
|
||||
- cross-user state toggle forbidden;
|
||||
- admin positive access when the contract allows it.
|
||||
|
||||
Reference in New Issue
Block a user