feat: 完善报销单审批流程及退回原因追踪

新增直属领导审批通过接口和审批待办列表查询，报销单退回
支持原因码分类和审批环节标记，优化票据附件去重和路径
回退查找，前端新增退回原因对话框、审批收件箱和工作台
图标组件，补充工具函数和单元测试覆盖。

server/tests/test_reimbursement_endpoints.py

@@ -289,6 +289,67 @@ def test_claim_item_attachment_upload_flags_non_invoice_image_as_high_risk(monke
     assert any("附件内容" in point for point in analysis["points"])
 
 
+def test_approve_claim_endpoint_routes_direct_manager_claim_to_finance_review() -> None:
+    client, session_factory = build_client()
+    with session_factory() as db:
+        manager = Employee(
+            id="mgr-approve-1",
+            employee_no="E21001",
+            name="李经理",
+            email="manager-approve-api@example.com",
+        )
+        employee = Employee(
+            id="emp-approve-1",
+            employee_no="E11001",
+            name="张三",
+            email="zhangsan-approve-api@example.com",
+            manager=manager,
+        )
+        claim = ExpenseClaim(
+            id="claim-approve-1",
+            claim_no="EXP-APP-API-001",
+            employee_id=employee.id,
+            employee_name="张三",
+            department_id="dept-1",
+            department_name="市场部",
+            project_code=None,
+            expense_type="transport",
+            reason="交通报销",
+            location="上海",
+            amount=Decimal("88.00"),
+            currency="CNY",
+            invoice_count=1,
+            occurred_at=datetime(2026, 5, 13, tzinfo=UTC),
+            submitted_at=datetime(2026, 5, 13, 10, 0, tzinfo=UTC),
+            status="submitted",
+            approval_stage="直属领导审批",
+            risk_flags_json=[],
+        )
+        db.add_all([manager, employee, claim])
+        db.commit()
+
+    response = client.post(
+        "/api/v1/reimbursements/claims/claim-approve-1/approve",
+        json={"opinion": "情况属实，同意报销。"},
+        headers={
+            "X-Auth-Username": "manager-approve-api@example.com",
+            "X-Auth-Name": "manager-approve-api@example.com",
+            "X-Auth-Role-Codes": "manager",
+        },
+    )
+
+    assert response.status_code == 200
+    payload = response.json()
+    assert payload["status"] == "submitted"
+    assert payload["approval_stage"] == "财务审批"
+    assert any(
+        item["source"] == "manual_approval"
+        and item["opinion"] == "情况属实，同意报销。"
+        and item["next_approval_stage"] == "财务审批"
+        for item in payload["risk_flags_json"]
+    )
+
+
 def test_claim_item_pdf_attachment_preview_returns_generated_image(monkeypatch, tmp_path) -> None:
     preview_bytes = b"fake-preview-png"
     preview_data_url = f"data:image/png;base64,{base64.b64encode(preview_bytes).decode('ascii')}"