新增书籍表、列表/搜索、管理员/馆员维护入口

.trellis/tasks/04-27-continue-improve-program/check.jsonl

@@ -0,0 +1,13 @@
+{"file": ".trellis/spec/backend/index.md", "reason": "Backend architecture overview and checklist for verification."}
+{"file": ".trellis/spec/backend/directory-structure.md", "reason": "Verify package layout and layer boundaries."}
+{"file": ".trellis/spec/backend/database-guidelines.md", "reason": "Verify schema, DAO, search, permission-code, and test expectations."}
+{"file": ".trellis/spec/backend/error-handling.md", "reason": "Verify validation, DAO/service failure handling, and safe JSP errors."}
+{"file": ".trellis/spec/backend/logging-guidelines.md", "reason": "Verify logging for key operations and failures."}
+{"file": ".trellis/spec/backend/quality-guidelines.md", "reason": "Verify backend quality gate and boundary constraints."}
+{"file": ".trellis/spec/frontend/index.md", "reason": "Frontend architecture overview and checklist for verification."}
+{"file": ".trellis/spec/frontend/directory-structure.md", "reason": "Verify JSP and asset placement."}
+{"file": ".trellis/spec/frontend/component-guidelines.md", "reason": "Verify forms, tables, and navigation follow JSP conventions."}
+{"file": ".trellis/spec/frontend/state-management.md", "reason": "Verify server-rendered request/session/form state usage."}
+{"file": ".trellis/spec/frontend/type-safety.md", "reason": "Verify JSP request attribute and Servlet validation contracts."}
+{"file": ".trellis/spec/frontend/quality-guidelines.md", "reason": "Verify presentation quality for JSP/CSS changes."}
+{"file": ".trellis/tasks/archive/2026-04/00-bootstrap-guidelines/research/project-requirements.md", "reason": "Verify the implementation matches the original book/catalog module requirements."}

.trellis/tasks/04-27-continue-improve-program/implement.jsonl

@@ -0,0 +1,13 @@
+{"file": ".trellis/spec/backend/index.md", "reason": "Backend architecture overview and checklist for JSP/Servlet/MySQL work."}
+{"file": ".trellis/spec/backend/directory-structure.md", "reason": "Required package layout and layer boundaries for controllers, services, DAOs, entities, filters, and utilities."}
+{"file": ".trellis/spec/backend/database-guidelines.md", "reason": "MySQL schema, DAO CRUD, search, permission-code, and test expectations for book/catalog work."}
+{"file": ".trellis/spec/backend/error-handling.md", "reason": "Servlet validation, service failure handling, DAO exception behavior, and safe user-facing errors."}
+{"file": ".trellis/spec/backend/logging-guidelines.md", "reason": "Logging conventions for key operations and failures."}
+{"file": ".trellis/spec/backend/quality-guidelines.md", "reason": "Backend quality gate and layer-boundary constraints."}
+{"file": ".trellis/spec/frontend/index.md", "reason": "Frontend architecture overview and checklist for JSP/CSS work."}
+{"file": ".trellis/spec/frontend/directory-structure.md", "reason": "JSP, fragment, CSS, JS, and image asset placement conventions."}
+{"file": ".trellis/spec/frontend/component-guidelines.md", "reason": "JSP form, table, navigation, and reusable component conventions for catalog/management pages."}
+{"file": ".trellis/spec/frontend/state-management.md", "reason": "Server-rendered request/session/form state conventions."}
+{"file": ".trellis/spec/frontend/type-safety.md", "reason": "JSP request attribute and Servlet validation contracts."}
+{"file": ".trellis/spec/frontend/quality-guidelines.md", "reason": "Presentation quality checks for JSP/CSS changes."}
+{"file": ".trellis/tasks/archive/2026-04/00-bootstrap-guidelines/research/project-requirements.md", "reason": "Original project requirements for book management, catalog search, entities, and layered architecture."}

.trellis/tasks/04-27-continue-improve-program/prd.md

@@ -0,0 +1,97 @@
+# brainstorm: 继续完善程序
+
+## Goal
+
+Continue improving the MZH Library Management system by adding the first concrete business slice: book catalog search and basic book management.
+
+## What I already know
+
+* User asked to "继续完善程序" without specifying the target module yet.
+* The project is a Java 11 Maven WAR application using JSP, Servlet, Tomcat, MySQL, and JDBC DAOs.
+* Current scaffold includes login, logout, authentication filter, authorization filter, role-aware dashboard, and placeholder role home pages.
+* Existing roles are administrator, librarian, and reader.
+* Existing permissions include user management, book management, reader management, borrowing management, report viewing, system log viewing, catalog viewing, and book borrowing.
+* `src/main/resources/db/schema.sql` currently defines role, permission, role-permission, user, and system-log tables, but not book/catalog/reader/borrowing domain tables.
+* `src/main/webapp/WEB-INF/jsp/role-home.jsp` is still a generic placeholder page.
+* User selected the book catalog / book management slice.
+* `Permission.MANAGE_BOOKS` already exists for administrator and librarian users.
+* `Permission.VIEW_CATALOG` already exists for administrator, librarian, and reader users.
+
+## Assumptions (temporary)
+
+* The implementation should keep the existing layered structure: JSP/CSS presentation -> Servlet controller -> Service -> DAO -> MySQL.
+* The work should remain focused enough to finish in one task with build/test verification.
+* Book management should be available to administrators and librarians; readers should have read-only catalog search.
+
+## Open Questions
+
+* None currently blocking. Default scope is catalog list/search plus create/update/delete management for books and categories only as needed to support book records.
+
+## Requirements (evolving)
+
+* Preserve the existing login, role, permission, and dashboard behavior.
+* Add book catalog search using the existing Java/JSP/Servlet/JDBC style.
+* Add a `books` table and a category representation in `src/main/resources/db/schema.sql`.
+* Support searching/listing books by title, author, category, and book identifier.
+* Provide administrator/librarian book-management actions for creating, editing, and deleting book records.
+* Keep reader-facing catalog access read-only.
+* Link the catalog and management pages from the existing dashboard or role workspace.
+* Protect write actions with `MANAGE_BOOKS`; allow read-only catalog access with `VIEW_CATALOG`.
+* Track inventory fields needed for later borrowing work, such as total copies, available copies, and status.
+* Seed enough demo book/category data for local scaffold verification.
+* Add or update focused checks/tests for business rules that can be verified without a running Tomcat instance.
+* Update user-facing JSP pages and CSS only as needed for the selected workflow.
+
+## Acceptance Criteria (evolving)
+
+* [x] Authenticated users with `VIEW_CATALOG` can reach a catalog page and search by title, author, category, or book identifier.
+* [x] Administrators and librarians can reach book management pages and create, edit, and delete book records.
+* [x] Readers cannot reach write actions for book management.
+* [x] Required form/query validation returns clear user-facing errors.
+* [x] Book inventory fields reject invalid values such as negative copy counts or available copies greater than total copies.
+* [x] DAO/service failures are handled without exposing internal exceptions to JSPs.
+* [x] Maven build or equivalent compile/test checks pass in the local environment.
+
+## Definition of Done (team quality bar)
+
+* Tests added/updated where appropriate.
+* Lint / typecheck / compile checks green where available.
+* Docs/notes updated if behavior changes.
+* Rollout/rollback considered if risky.
+
+## Out of Scope (explicit)
+
+* Replacing JSP/Servlet with another framework.
+* Production deployment automation.
+* Large visual redesign unrelated to the selected workflow.
+* Borrowing, returning, renewing, overdue handling, and reader profile management.
+* Full report/statistics dashboards beyond catalog search.
+
+## Technical Notes
+
+* Current task directory: `.trellis/tasks/04-27-continue-improve-program`.
+* Main app entry points inspected:
+  * `README.md`
+  * `pom.xml`
+  * `src/main/webapp/WEB-INF/web.xml`
+  * `src/main/resources/db/schema.sql`
+  * `src/main/webapp/WEB-INF/jsp/dashboard.jsp`
+  * `src/main/webapp/WEB-INF/jsp/role-home.jsp`
+  * `src/main/java/com/mzh/library/controller/RoleAreaServlet.java`
+  * `src/main/java/com/mzh/library/filter/AuthorizationFilter.java`
+* Existing checks inspected:
+  * `src/test/java/com/mzh/library/service/AuthServiceCheck.java`
+  * `src/test/java/com/mzh/library/service/PermissionPolicyCheck.java`
+* Book-module implementation should reuse:
+  * `Permission.MANAGE_BOOKS`
+  * `Permission.VIEW_CATALOG`
+  * Existing controller construction style from `LoginServlet` and `RoleAreaServlet`
+  * Existing DAO error style from `JdbcUserDao`
+  * Existing service error style from `AuthServiceImpl`
+  * Existing role policy in `PermissionPolicy`
+* Final verification notes:
+  * `mvn` is not installed in this shell, so WAR packaging could not be run locally.
+  * Fallback `javac -Xlint:all` compile passed for non-Servlet app layers and check classes.
+  * `AuthServiceCheck`, `PermissionPolicyCheck`, and `BookServiceCheck` passed.
+  * `git diff --check` passed.
+  * JSP scriptlet and JSP/static SQL/JDBC scans passed.

.trellis/tasks/04-27-continue-improve-program/task.json

@@ -0,0 +1,26 @@
+{
+  "id": "continue-improve-program",
+  "name": "continue-improve-program",
+  "title": "brainstorm: 继续完善程序",
+  "description": "",
+  "status": "in_progress",
+  "dev_type": null,
+  "scope": null,
+  "package": null,
+  "priority": "P2",
+  "creator": "Zzzz",
+  "assignee": "Zzzz",
+  "createdAt": "2026-04-27",
+  "completedAt": null,
+  "branch": null,
+  "base_branch": "master",
+  "worktree_path": null,
+  "commit": null,
+  "pr_url": null,
+  "subtasks": [],
+  "children": [],
+  "parent": null,
+  "relatedFiles": [],
+  "notes": "",
+  "meta": {}
+}