* fix: theme-aware payment paths, auto-group validation, route guards, perf group filtering
- Add common.ThemeAwarePath to generate correct redirect URLs based on
active theme (default vs classic), replacing hardcoded /console/* paths
in 7 controllers and service/quota.go (#4765)
- Validate auto-group availability against getUserGroups before defaulting
form values; playground falls back to 'default' group when 'auto' is
unavailable (#4796, #4799)
- Enforce HeaderNavModules settings in rankings route (frontend + backend
API) and SidebarModulesAdmin in playground route to block direct URL
access when features are disabled (#4704, #4512)
- Filter perf_metrics API response to only include currently configured
groups, hiding stale data from deleted groups (#4790)
- Preserve query params (pay=success/fail) in /console/topup → /wallet
frontend redirect
* fix: update hero section text and localization strings for clarity
EPay allows users to switch payment methods (e.g. wxpay→alipay) during
checkout, causing callback rejection. Replace fragile blocklist guard
with a PaymentProvider field on TopUp and SubscriptionOrder that
identifies which gateway created the order.
Thread caller IP from webhook/admin controllers through model recharge
functions and record a new RecordTopupLog entry with admin_info (server
IP, caller IP, order payment method, callback payment method, system
version). Frontend shows these fields in the expanded log row and the
IP column for admins on top-up logs, while non-admins continue to see
admin_info stripped by formatUserLogs.
The code read orderData.AcquiringOrderID but never assigned it to
any TopUp field before calling Update(), making the block a no-op.
Removed since GatewayOrderId storage is not needed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
