refactor(web): update API service, view script and add tests

Frontend:
- services/api.js: update API service client
- views/scripts/EmployeeManagementView.js: update employee management view script
- tests/api-request.test.mjs: update API request tests

Scripts:
- create_employee.sh: add employee creation script

create_employee.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+export PYTHONIOENCODING=utf-8
+export LC_ALL=C.UTF-8
+export LANG=C.UTF-8
+
+cd /app/server && .venv/bin/python3 /tmp/create_employee_input.py

web/src/services/api.js

@@ -98,6 +98,66 @@ function buildUrl(path) {
   return `${runtimeApiBaseUrl}${path}`
 }
 
+function formatValidationLocation(loc) {
+  if (!Array.isArray(loc)) {
+    return ''
+  }
+
+  return loc
+    .filter((item) => item !== 'body')
+    .map((item) => String(item || '').trim())
+    .filter(Boolean)
+    .join('.')
+}
+
+function resolveErrorMessage(payload, fallback = '接口请求失败，请稍后重试。') {
+  const detail = payload?.detail
+
+  if (typeof detail === 'string' && detail.trim()) {
+    return detail.trim()
+  }
+
+  if (Array.isArray(detail) && detail.length) {
+    const messages = detail
+      .map((item) => {
+        if (typeof item === 'string' && item.trim()) {
+          return item.trim()
+        }
+
+        if (!item || typeof item !== 'object') {
+          return ''
+        }
+
+        const message = String(item.msg || item.message || '').trim()
+        const location = formatValidationLocation(item.loc)
+
+        if (location && message) {
+          return `${location}: ${message}`
+        }
+
+        return message
+      })
+      .filter(Boolean)
+
+    if (messages.length) {
+      return messages.join('；')
+    }
+  }
+
+  if (detail && typeof detail === 'object') {
+    const message = String(detail.message || detail.msg || '').trim()
+    if (message) {
+      return message
+    }
+  }
+
+  if (typeof payload?.message === 'string' && payload.message.trim()) {
+    return payload.message.trim()
+  }
+
+  return fallback
+}
+
 export async function apiRequest(path, options = {}) {
   const {
     contentType = 'application/json',
@@ -136,7 +196,7 @@ export async function apiRequest(path, options = {}) {
         payload = null
       }
 
-      throw new Error(payload?.detail || '接口请求失败，请稍后重试。')
+      throw new Error(resolveErrorMessage(payload))
     }
 
     return response.blob()
@@ -150,7 +210,7 @@ export async function apiRequest(path, options = {}) {
   }
 
   if (!response.ok) {
-    throw new Error(payload?.detail || '接口请求失败，请稍后重试。')
+    throw new Error(resolveErrorMessage(payload))
   }
 
   return payload

web/src/views/scripts/EmployeeManagementView.js

@@ -100,6 +100,46 @@ function normalizeNullableText(value) {
   return text || null
 }
 
+function isValidEmail(value) {
+  const normalized = normalizeText(value)
+  if (!normalized) {
+    return false
+  }
+
+  return /^[^\s@]+@[^\s@]+\.[^\s@]+$/u.test(normalized)
+}
+
+function isValidIsoDate(value) {
+  const normalized = normalizeText(value)
+  if (!normalized) {
+    return false
+  }
+
+  if (!/^\d{4}-\d{2}-\d{2}$/u.test(normalized)) {
+    return false
+  }
+
+  const [yearText, monthText, dayText] = normalized.split('-')
+  const year = Number.parseInt(yearText, 10)
+  const month = Number.parseInt(monthText, 10)
+  const day = Number.parseInt(dayText, 10)
+
+  if ([year, month, day].some((item) => Number.isNaN(item))) {
+    return false
+  }
+
+  const parsed = new Date(year, month - 1, day)
+  if (Number.isNaN(parsed.getTime())) {
+    return false
+  }
+
+  return (
+    parsed.getFullYear() === year &&
+    parsed.getMonth() === month - 1 &&
+    parsed.getDate() === day
+  )
+}
+
 function sameValues(left, right) {
   if (left.length !== right.length) {
     return false
@@ -547,6 +587,11 @@ export default {
         return
       }
 
+      if (!isValidEmail(employeeForm.value.email)) {
+        toast('请输入有效的邮箱地址。')
+        return
+      }
+
       if (!normalizeText(employeeForm.value.position)) {
         toast('岗位不能为空。')
         return
@@ -557,6 +602,18 @@ export default {
         return
       }
 
+      const birthDate = normalizeNullableText(employeeForm.value.birthDate)
+      if (birthDate && !isValidIsoDate(birthDate)) {
+        toast('出生日期格式不正确，请使用 YYYY-MM-DD。')
+        return
+      }
+
+      const joinDate = normalizeNullableText(employeeForm.value.joinDate)
+      if (joinDate && !isValidIsoDate(joinDate)) {
+        toast('入职日期格式不正确，请使用 YYYY-MM-DD。')
+        return
+      }
+
       if (normalizeText(employeeForm.value.password) && normalizeText(employeeForm.value.password).length < 5) {
         toast('员工密码至少需要 5 位。')
         return

web/tests/api-request.test.mjs

@@ -86,10 +86,42 @@ async function testInjectsAuthenticatedUserHeaders() {
   assert.equal(capturedOptions.headers['x-auth-is-admin'], 'true')
 }
 
+async function testFormatsValidationErrors() {
+  global.fetch = async () => ({
+    ok: false,
+    async json() {
+      return {
+        detail: [
+          {
+            loc: ['body', 'email'],
+            msg: 'value is not a valid email address'
+          },
+          {
+            loc: ['body', 'password'],
+            msg: 'String should have at least 5 characters'
+          }
+        ]
+      }
+    }
+  })
+
+  await assert.rejects(
+    () => apiRequest('/employees/demo', { method: 'PATCH', body: '{}' }),
+    (error) => {
+      assert.equal(
+        error.message,
+        'email: value is not a valid email address；password: String should have at least 5 characters'
+      )
+      return true
+    }
+  )
+}
+
 async function run() {
   await testUsesCustomContentTypeHeader()
   await testSupportsBlobResponses()
   await testInjectsAuthenticatedUserHeaders()
+  await testFormatsValidationErrors()
   console.log('api-request tests passed')
 }