refactor(orm): 将所有的批量 delete/update 重构为对象级操作，以确保触发 SQLAlchemy 审计事件

inventory-backend/app/api/v1/bom.py

@@ -218,8 +218,8 @@ def delete_bom(bom_no):
         if not exist:
             return jsonify({'code': 404, 'msg': 'BOM 不存在'}), 404
 
-        # 删除
-        query.delete()
+        # 删除（改为对象级删除以触发审计事件）
+        db.session.delete(exist)
         db.session.commit()
         return jsonify({
             'code': 200,

inventory-backend/app/api/v1/inbound/stock.py

@@ -444,7 +444,11 @@ def clear_draft():
             # 清除指定会话
             query = query.filter_by(session_id=session_id)
 
-        count = query.delete()
+        # 改为对象级删除以触发审计事件
+        records = query.all()
+        count = len(records)
+        for rec in records:
+            db.session.delete(rec)
         db.session.commit()
 
         return jsonify({"message": f"已清除 {count} 条记录", "count": count}), 200
@@ -461,8 +465,11 @@ def start_new_session():
     清空整张草稿表，返回新的 session_id
     """
     try:
-        # 清空整张草稿表
-        deleted_count = StocktakeDraft.query.delete()
+        # 清空整张草稿表（改为对象级删除以触发审计事件）
+        all_records = StocktakeDraft.query.all()
+        deleted_count = len(all_records)
+        for rec in all_records:
+            db.session.delete(rec)
         db.session.commit()
 
         # 生成新的 session_id
@@ -1148,10 +1155,14 @@ def generate_missing_stocktake():
 
         # ★ 幂等性保护：先删除当前 session 下系统自动生成的漏盘记录
         # 特征：user_id == 'system' (表示由系统自动生成)
-        deleted_count = StocktakeDraft.query.filter(
+        # 改为对象级删除以触发审计事件
+        system_records = StocktakeDraft.query.filter(
             StocktakeDraft.session_id == session_id,
             StocktakeDraft.user_id == 'system'
-        ).delete()
+        ).all()
+        deleted_count = len(system_records)
+        for rec in system_records:
+            db.session.delete(rec)
         if deleted_count > 0:
             db.session.commit()
             print(f"[generate_missing] 已清理 {deleted_count} 条历史漏盘记录")