Learn_System

maxim.dolgolyov/Learn_System

Fork 0

Commit Graph

Author	SHA1	Message	Date
Maxim Dolgolyov	76883b569c	feat(perm): central permission registry + key validation in linter - backend/src/permissions/registry.js: single source of truth (PERMISSIONS map) with all 24 keys (16 teacher + 8 student, student keys also cover free_student). Exports isKnown(), listKeys(), byRole(), buildDefaultsMap(). - auth.js: PERM_DEFAULTS now sourced from registry.buildDefaultsMap(); new perm() helper validates key at registration time (crashes early on typos). requirePermission() unchanged — backward compat preserved. - permissionsController.js: ALL_PERMISSIONS now built from registry.byRole(); inline 24-entry array removed. API response shape unchanged. - check-route-auth.js: validates every requirePermission/perm call key against registry; lists unknown keys as errors before exit. perm() added to GUARDS list so it counts as route protection. Discrepancy noted: auth.js had free_student with same 8 keys as student; permissionsController never seeded free_student rows. Registry documents this via roles:[] array; buildDefaultsMap() correctly covers free_student. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-17 14:22:18 +03:00
Maxim Dolgolyov	be4d43105e	LearnSpace: full-stack educational whiteboard platform Node.js/Express backend + vanilla JS frontend. Features: real-time collaborative whiteboard (SSE), multi-page support, LaTeX formulas, shapes/connectors, coordinate systems, number lines, compass, zoom/pan, Catmull-Rom pencil smoothing, ruler/protractor with rotation & resize controls, minimap navigation overlay, auto-measurements, multi-page thumbnails sidebar, PNG export, page templates. Student/teacher workflows: classes, assignments, library, dashboard. Mobile responsive. SQLite (better-sqlite3). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-12 10:10:37 +03:00

Author

SHA1

Message

Date

Maxim Dolgolyov

76883b569c

feat(perm): central permission registry + key validation in linter

- backend/src/permissions/registry.js: single source of truth (PERMISSIONS map)
  with all 24 keys (16 teacher + 8 student, student keys also cover free_student).
  Exports isKnown(), listKeys(), byRole(), buildDefaultsMap().
- auth.js: PERM_DEFAULTS now sourced from registry.buildDefaultsMap();
  new perm() helper validates key at registration time (crashes early on typos).
  requirePermission() unchanged — backward compat preserved.
- permissionsController.js: ALL_PERMISSIONS now built from registry.byRole();
  inline 24-entry array removed. API response shape unchanged.
- check-route-auth.js: validates every requirePermission/perm call key against
  registry; lists unknown keys as errors before exit.
  perm() added to GUARDS list so it counts as route protection.

Discrepancy noted: auth.js had free_student with same 8 keys as student;
permissionsController never seeded free_student rows. Registry documents
this via roles:[] array; buildDefaultsMap() correctly covers free_student.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-17 14:22:18 +03:00

Maxim Dolgolyov

be4d43105e

LearnSpace: full-stack educational whiteboard platform

Node.js/Express backend + vanilla JS frontend.
Features: real-time collaborative whiteboard (SSE), multi-page support,
LaTeX formulas, shapes/connectors, coordinate systems, number lines,
compass, zoom/pan, Catmull-Rom pencil smoothing, ruler/protractor with
rotation & resize controls, minimap navigation overlay, auto-measurements,
multi-page thumbnails sidebar, PNG export, page templates.
Student/teacher workflows: classes, assignments, library, dashboard.
Mobile responsive. SQLite (better-sqlite3).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-12 10:10:37 +03:00

2 Commits