refactor: B5 + B7 — pet DDL в migrate.js, requirePermission для admin-роутов
B5: убрать inline ALTER TABLE из petController.js → перенести в migrate.js
(pet_name, pet_color, pet_last_petted, pet_petting_streak, pet_last_star,
pet_bg, pet_bg_owned, pet_last_fed)
B7: gamification/shop admin endpoints:
- /admin/award, /admin/stats, /admin/user/:id → requirePermission('gamification.manage')
- /shop/admin/items(GET), /admin/award-coins, /admin/stats → requirePermission('shop.manage')
- Деструктивные операции (reset, create/update/delete items) — requireRole('admin')
Оба пермишна существуют в PERM_DEFAULTS (default false для teacher, admin всегда проходит)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Maxim Dolgolyov
@@ -2,16 +2,6 @@
|
||||
const db = require('../db/db');
|
||||
const { awardCoins } = require('./gamificationController');
|
||||
|
||||
// Incremental migrations
|
||||
try { db.exec("ALTER TABLE users ADD COLUMN pet_name TEXT"); } catch {}
|
||||
try { db.exec("ALTER TABLE users ADD COLUMN pet_color TEXT DEFAULT 'purple'"); } catch {}
|
||||
try { db.exec("ALTER TABLE users ADD COLUMN pet_last_petted TEXT"); } catch {}
|
||||
try { db.exec("ALTER TABLE users ADD COLUMN pet_petting_streak INT DEFAULT 0"); } catch {}
|
||||
try { db.exec("ALTER TABLE users ADD COLUMN pet_last_star TEXT"); } catch {}
|
||||
try { db.exec("ALTER TABLE users ADD COLUMN pet_bg TEXT DEFAULT 'default'"); } catch {}
|
||||
try { db.exec("ALTER TABLE users ADD COLUMN pet_bg_owned TEXT DEFAULT '[]'"); } catch {}
|
||||
try { db.exec("ALTER TABLE users ADD COLUMN pet_last_fed TEXT"); } catch {}
|
||||
|
||||
const BG_SHOP = [
|
||||
{ id:'space', name:'Космос', price:50, desc:'Звёздный простор' },
|
||||
{ id:'forest', name:'Лес', price:50, desc:'Таинственный лес' },
|
||||
|
||||
Reference in New Issue
Block a user