msumshk/TakeoutSaaS.Prototypes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fb4f15ab33f8f3ade4c765e5d928ee39a80e21f5
TakeoutSaaS.Prototypes/specs/001-personal-center-api/plan.md

4.3 KiB
Raw Blame History

Implementation Plan: 租户个人中心 API第一版

Branch: 001-personal-center-api | Date: 2026-02-09 | Spec: D:\MsuMshkCode\specs\001-personal-center-api\spec.md Input: Feature specification from /specs/001-personal-center-api/spec.md

Note: This template is filled in by the /speckit.plan command. See .opencode/command/speckit.plan.md for the execution workflow.

Summary

本特性在 TakeoutSaaS.TenantApi 新增租户个人中心查询能力,首版一次性交付 P0/P1/P2 个人总览、角色权限概览、套餐配额、账单、支付、个人操作记录、消息摘要,以及账单/配额可见角色 清单配置。技术策略采用“总览聚合 + 明细分页接口”组合,并按澄清结论实现“部分失败可降级返回, 必须显式标识失败模块与原因”。

Technical Context

Language/Version: C# 14 / .NET 10 (ASP.NET Core Web API)
Primary Dependencies: MediatR, EF Core 10, Dapper 2.1+, FluentValidation, Serilog, OpenTelemetry, Asp.Versioning
Storage: PostgreSQL 16+, Redis 7可选读缓存
Testing: xUnit + Moq + FluentAssertions + 契约测试 + 集成测试
Target Platform: Linux 容器化服务Tenant API Project Type: multi-project SaaS本次主要改动 TenantApiTenantUI 按契约联调)
Performance Goals: 95% 查询请求 <= 2s请求成功率 >= 99%;操作记录单次返回上限 50 条
Constraints: 强制租户隔离、手机号邮箱脱敏、90 天默认时间窗、降级返回需标识模块错误、10 分钟内可回滚
Scale/Scope: 面向租户端全量发布;新增 1 个总览聚合接口、6 个明细查询接口、1 个可见角色配置接口

Constitution Check

GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.

Pre-Research Gate Review

  • Tenant Isolation: PASS - 采用认证用户上下文 + 租户上下文 + 数据访问层租户过滤三重约束。
  • Four-Project Impact: PASS - 本次编码落点在 TakeoutSaaS.TenantApi/,并为 TakeoutSaaS.TenantUI/ 提供新增契约。
  • Contract Compatibility: PASS - 全部为新增只读接口与配置接口,保持向后兼容,不破坏现有 /auth/*/merchant/info
  • Security and Compliance: PASS - 强制权限校验、敏感字段脱敏、敏感查询审计日志。
  • Quality Gates: PASS - 计划执行 dotnet build、新增契约/集成测试与回归验证。
  • Observability and Rollback: PASS - 输出结构化日志、OTel 指标与追踪;按功能开关支持快速回退。

Post-Design Gate Review

  • Tenant Isolation: PASS - 在 data-model.mdopenapi.yaml 明确租户范围和越权拒绝语义。
  • Four-Project Impact: PASS - contracts/openapi.yaml 已覆盖 TenantUI 联调所需接口与字段。
  • Contract Compatibility: PASS - 契约仅增加新路径与新 DTO未修改现有路径行为。
  • Security and Compliance: PASS - research.md 固化脱敏、审计、最小权限与可见角色清单策略。
  • Quality Gates: PASS - quickstart.md 提供可执行验证步骤与回归检查顺序。
  • Observability and Rollback: PASS - research.md 定义降级可观测指标与回滚触发阈值。

Project Structure

Documentation (this feature)

specs/001-personal-center-api/
├── plan.md
├── research.md
├── data-model.md
├── quickstart.md
├── contracts/
│   └── openapi.yaml
└── tasks.md

Source Code (repository root)

TakeoutSaaS.TenantApi/
├── src/Api/TakeoutSaaS.TenantApi/Controllers/
├── src/Application/TakeoutSaaS.Application/
├── src/Domain/TakeoutSaaS.Domain/
└── src/Infrastructure/TakeoutSaaS.Infrastructure/

TakeoutSaaS.TenantUI/
└── apps/web-antd/ (仅消费新增接口契约,当前阶段不在本计划内编码)

TakeoutSaaS.AdminApi/
└── (本特性不改动)

TakeoutSaaS.AdminUI/
└── (本特性不改动)

Structure Decision: 本特性仅在 TakeoutSaaS.TenantApi/ 落地 API 代码,TakeoutSaaS.TenantUI/ 通过新增契约完成联调;管理员双端保持不变,避免无关改动扩大回归面。

Complexity Tracking

Fill ONLY if Constitution Check has violations that must be justified

No constitutional violations identified for this plan.

Reference in New Issue View Git Blame Copy Permalink