---
description: Backend development rules for HealthLink-HIS Java/Spring Boot code
paths:
  - "healthlink-his-server/**/*.java"
  - "healthlink-his-server/**/pom.xml"
---

# Backend Development Rules

## Architecture
- Layered: `Controller → AppService → Service → Mapper → Entity`
- Package: `com.healthlink.his.web.{module}.{layer}`
- All queries use `LambdaQueryWrapper`, no string SQL concatenation
- All endpoints require `@PreAuthorize` permission control
- Use `@Transactional(rollbackFor = Exception.class)` for transaction management

## Naming conventions
- Controller: `XxxController`
- AppService: `IXxxAppService` / `XxxAppServiceImpl`
- Service: `IXxxService` / `XxxServiceImpl`
- Mapper: `XxxMapper`
- Entity: `Xxx`
- DTO: `XxxDto` / `XxxQueryDto`

## Iron Laws (Backend)
- **Iron Law 7**: Never modify existing public method signatures (no delete/rename, no parameter changes)
- **Iron Law 18**: Never break existing functionality when adding new features
- **Iron Law 19**: Compile errors are your responsibility to fix, regardless of origin
- **Iron Law 6**: Never delete existing Java source files

## DTO Field Type Defense
- Frontend Boolean fields → use String + business layer conversion (Jackson strict Boolean validation)
- All DTOs accepting frontend input: add `@JsonIgnoreProperties(ignoreUnknown = true)`

## Verification commands
```bash
cd healthlink-his-server
mvn clean compile -DskipTests    # Compile check
mvn install -DskipTests          # Build and install
mvn test                         # Run all tests
```

## Common patterns
- Patient sensitive information must be desensitized in logs
- Use Hutool utility classes for common operations
- Flowable for workflow, LiteFlow for rule engine