Files

T

Maxim Dolgolyov 76883b569c feat(perm): central permission registry + key validation in linter

- backend/src/permissions/registry.js: single source of truth (PERMISSIONS map)
  with all 24 keys (16 teacher + 8 student, student keys also cover free_student).
  Exports isKnown(), listKeys(), byRole(), buildDefaultsMap().
- auth.js: PERM_DEFAULTS now sourced from registry.buildDefaultsMap();
  new perm() helper validates key at registration time (crashes early on typos).
  requirePermission() unchanged — backward compat preserved.
- permissionsController.js: ALL_PERMISSIONS now built from registry.byRole();
  inline 24-entry array removed. API response shape unchanged.
- check-route-auth.js: validates every requirePermission/perm call key against
  registry; lists unknown keys as errors before exit.
  perm() added to GUARDS list so it counts as route protection.

Discrepancy noted: auth.js had free_student with same 8 keys as student;
permissionsController never seeded free_student rows. Registry documents
this via roles:[] array; buildDefaultsMap() correctly covers free_student.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-17 14:22:18 +03:00

backup.sh

LearnSpace: full-stack educational whiteboard platform

2026-04-12 10:10:37 +03:00

check-route-auth.js

feat(perm): central permission registry + key validation in linter

2026-05-17 14:22:18 +03:00

import-content.js

feat: YAML content importer + phys/ct-2024 collection (proof)

2026-05-06 17:42:07 +03:00

import-exam9.js

feat: exam9 — назначение варианта как ДЗ + импорт нечётных в банк

2026-05-16 13:13:06 +03:00

README.md

ops: weekly backup verification script + scripts README

2026-05-06 17:16:04 +03:00

seed_math_ct2019.js

feat: ЦТ 2022 Физика V1 + ЦТ 2019 Математика V1 — 59 новых вопросов

2026-04-23 22:28:36 +03:00

seed_math_ct2021.js

feat: добавлены 2 новых сборника — ЦЭ,ЦТ 2023 Физика V1 + ЦТ 2021 Математика V1

2026-04-23 21:51:10 +03:00

seed_math_ct2024.js

feat: ЦЭ,ЦТ 2024 — 210 новых вопросов по физике и математике

2026-04-23 21:24:25 +03:00

seed_phys_ce2023.js

feat: добавлены 2 новых сборника — ЦЭ,ЦТ 2023 Физика V1 + ЦТ 2021 Математика V1

2026-04-23 21:51:10 +03:00

seed_phys_ct2022.js

feat: ЦТ 2022 Физика V1 + ЦТ 2019 Математика V1 — 59 новых вопросов

2026-04-23 22:28:36 +03:00

seed_phys_ct2024.js

feat: ЦЭ,ЦТ 2024 — 210 новых вопросов по физике и математике

2026-04-23 21:24:25 +03:00

verify-backup.sh

ops: weekly backup verification script + scripts README

2026-05-06 17:16:04 +03:00

README.md

backend/scripts

Operational scripts for LearnSpace backend.

Cron setup (production)

# Daily backup at 4am
0 4 * * *  /path/to/repo/backend/scripts/backup.sh

# Weekly verification at 6am Sunday (cron mails on non-zero exit)
0 6 * * 0  /path/to/repo/backend/scripts/verify-backup.sh

Scripts

backup.sh

Creates a safe SQLite snapshot via VACUUM INTO. Keeps last 7 backups (configurable via KEEP=14).

./backup.sh                        # default: ../data/learnspace.db → ../../backups/
./backup.sh /path/to/db /path/to/backups
KEEP=14 ./backup.sh

verify-backup.sh

Restores the latest backup to /tmp, runs PRAGMA integrity_check, compares row counts vs production.

Exit codes:

0 — all checks passed
2 — no backup files found
3 — latest backup older than 48h (backup job may have stopped)
4 — integrity_check failed (backup is corrupt)
5 — user count diverged >5% from production

./verify-backup.sh
BACKUP_DIR=/custom/backups PROD_DB=/custom/db.sqlite ./verify-backup.sh

check-route-auth.js

Scans src/routes/*.js for :id-bearing routes without an auth-guard middleware. Fails if new unprotected routes exceed the current baseline.

npm run lint:routes

import-content.js (coming in Task 8)

Imports question collections from YAML manifests into the database.

npm run import:content -- ../content/phys/ct-2024.yaml

Deploy order (first time / fresh server)

npm install
npm run migrate
npm run seed:permissions
npm start