@studious-lms/server 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. package/dist/index.js +4 -4
  2. package/dist/middleware/auth.js +1 -1
  3. package/dist/middleware/logging.js +1 -1
  4. package/dist/routers/_app.js +1 -1
  5. package/dist/routers/agenda.js +1 -1
  6. package/dist/routers/announcement.js +1 -1
  7. package/dist/routers/assignment.js +3 -3
  8. package/dist/routers/attendance.js +1 -1
  9. package/dist/routers/auth.js +2 -2
  10. package/dist/routers/class.js +2 -2
  11. package/dist/routers/event.js +1 -1
  12. package/dist/routers/file.js +2 -2
  13. package/dist/routers/section.js +1 -1
  14. package/dist/routers/user.js +2 -2
  15. package/dist/trpc.js +2 -2
  16. package/package.json +1 -6
  17. package/prisma/schema.prisma +228 -0
  18. package/src/exportType.ts +9 -0
  19. package/src/index.ts +94 -0
  20. package/src/lib/fileUpload.ts +163 -0
  21. package/src/lib/googleCloudStorage.ts +94 -0
  22. package/src/lib/prisma.ts +16 -0
  23. package/src/lib/thumbnailGenerator.ts +185 -0
  24. package/src/logger.ts +163 -0
  25. package/src/middleware/auth.ts +191 -0
  26. package/src/middleware/logging.ts +54 -0
  27. package/src/routers/_app.ts +34 -0
  28. package/src/routers/agenda.ts +79 -0
  29. package/src/routers/announcement.ts +134 -0
  30. package/src/routers/assignment.ts +1614 -0
  31. package/src/routers/attendance.ts +284 -0
  32. package/src/routers/auth.ts +286 -0
  33. package/src/routers/class.ts +753 -0
  34. package/src/routers/event.ts +509 -0
  35. package/src/routers/file.ts +96 -0
  36. package/src/routers/section.ts +138 -0
  37. package/src/routers/user.ts +82 -0
  38. package/src/socket/handlers.ts +143 -0
  39. package/src/trpc.ts +90 -0
  40. package/src/types/trpc.ts +15 -0
  41. package/src/utils/email.ts +11 -0
  42. package/src/utils/generateInviteCode.ts +8 -0
  43. package/src/utils/logger.ts +156 -0
  44. package/tsconfig.json +17 -0
  45. package/generated/prisma/client.d.ts +0 -1
  46. package/generated/prisma/client.js +0 -4
  47. package/generated/prisma/default.d.ts +0 -1
  48. package/generated/prisma/default.js +0 -4
  49. package/generated/prisma/edge.d.ts +0 -1
  50. package/generated/prisma/edge.js +0 -389
  51. package/generated/prisma/index-browser.js +0 -375
  52. package/generated/prisma/index.d.ts +0 -34865
  53. package/generated/prisma/index.js +0 -410
  54. package/generated/prisma/libquery_engine-darwin-arm64.dylib.node +0 -0
  55. package/generated/prisma/package.json +0 -140
  56. package/generated/prisma/runtime/edge-esm.js +0 -34
  57. package/generated/prisma/runtime/edge.js +0 -34
  58. package/generated/prisma/runtime/index-browser.d.ts +0 -370
  59. package/generated/prisma/runtime/index-browser.js +0 -16
  60. package/generated/prisma/runtime/library.d.ts +0 -3647
  61. package/generated/prisma/runtime/library.js +0 -146
  62. package/generated/prisma/runtime/react-native.js +0 -83
  63. package/generated/prisma/runtime/wasm.js +0 -35
  64. package/generated/prisma/schema.prisma +0 -304
  65. package/generated/prisma/wasm.d.ts +0 -1
  66. package/generated/prisma/wasm.js +0 -375
package/src/routers/event.ts ADDED
@@ -0,0 +1,509 @@
1
+ import { z } from "zod";
2
+ import { createTRPCRouter, protectedProcedure } from "../trpc";
3
+ import { TRPCError } from "@trpc/server";
4
+ import { prisma } from "../lib/prisma";
5
+ import { parseISO } from "date-fns";
6
+
7
+ const eventSchema = z.object({
8
+ name: z.string().optional(),
9
+ location: z.string().optional(),
10
+ remarks: z.string().optional(),
11
+ startTime: z.string(),
12
+ endTime: z.string(),
13
+ classId: z.string().optional(),
14
+ color: z.string().optional(),
15
+ });
16
+
17
+ export const eventRouter = createTRPCRouter({
18
+ get: protectedProcedure
19
+ .input(z.object({
20
+ id: z.string(),
21
+ }))
22
+ .query(async ({ ctx, input }) => {
23
+ if (!ctx.user) {
24
+ throw new TRPCError({
25
+ code: "UNAUTHORIZED",
26
+ message: "You must be logged in to get an event",
27
+ });
28
+ }
29
+
30
+ const event = await prisma.event.findUnique({
31
+ where: { id: input.id },
32
+ include: {
33
+ class: true,
34
+ user: true,
35
+ assignmentsAttached: {
36
+ select: {
37
+ id: true,
38
+ title: true,
39
+ instructions: true,
40
+ dueDate: true,
41
+ type: true,
42
+ graded: true,
43
+ maxGrade: true,
44
+ weight: true,
45
+ attachments: {
46
+ select: {
47
+ id: true,
48
+ name: true,
49
+ type: true,
50
+ }
51
+ },
52
+ section: {
53
+ select: {
54
+ id: true,
55
+ name: true
56
+ }
57
+ },
58
+ teacher: {
59
+ select: {
60
+ id: true,
61
+ username: true
62
+ }
63
+ }
64
+ }
65
+ }
66
+ },
67
+ });
68
+
69
+ if (!event) {
70
+ throw new TRPCError({
71
+ code: "NOT_FOUND",
72
+ message: "Event not found",
73
+ });
74
+ }
75
+
76
+ if (event.userId !== ctx.user.id) {
77
+ throw new TRPCError({
78
+ code: "UNAUTHORIZED",
79
+ message: "You are not authorized to view this event",
80
+ });
81
+ }
82
+
83
+ return { event };
84
+ }),
85
+
86
+ create: protectedProcedure
87
+ .input(eventSchema)
88
+ .mutation(async ({ ctx, input }) => {
89
+ if (!ctx.user) {
90
+ throw new TRPCError({
91
+ code: "UNAUTHORIZED",
92
+ message: "You must be logged in to create an event",
93
+ });
94
+ }
95
+
96
+ // If classId is provided, check if user is a teacher of the class
97
+ if (input.classId) {
98
+ const classData = await prisma.class.findUnique({
99
+ where: {
100
+ id: input.classId,
101
+ teachers: {
102
+ some: {
103
+ id: ctx.user.id,
104
+ },
105
+ },
106
+ },
107
+ });
108
+
109
+ if (!classData) {
110
+ throw new TRPCError({
111
+ code: "UNAUTHORIZED",
112
+ message: "You are not authorized to create events for this class",
113
+ });
114
+ }
115
+ }
116
+
117
+ const event = await prisma.event.create({
118
+ data: {
119
+ name: input.name,
120
+ location: input.location,
121
+ remarks: input.remarks,
122
+ startTime: parseISO(input.startTime),
123
+ endTime: parseISO(input.endTime),
124
+ userId: ctx.user.id,
125
+ color: input.color,
126
+ ...(input.classId ? { classId: input.classId } : {}),
127
+ },
128
+ select: {
129
+ id: true,
130
+ name: true,
131
+ location: true,
132
+ remarks: true,
133
+ startTime: true,
134
+ endTime: true,
135
+ color: true,
136
+ classId: true,
137
+ userId: true,
138
+ class: {
139
+ select: {
140
+ id: true,
141
+ name: true
142
+ }
143
+ },
144
+ }
145
+ });
146
+
147
+ return { event };
148
+ }),
149
+
150
+ update: protectedProcedure
151
+ .input(z.object({
152
+ id: z.string(),
153
+ data: eventSchema,
154
+ }))
155
+ .mutation(async ({ ctx, input }) => {
156
+ if (!ctx.user) {
157
+ throw new TRPCError({
158
+ code: "UNAUTHORIZED",
159
+ message: "You must be logged in to update an event",
160
+ });
161
+ }
162
+
163
+ const event = await prisma.event.findUnique({
164
+ where: { id: input.id },
165
+ });
166
+
167
+ if (!event) {
168
+ throw new TRPCError({
169
+ code: "NOT_FOUND",
170
+ message: "Event not found",
171
+ });
172
+ }
173
+
174
+ if (event.userId !== ctx.user.id) {
175
+ throw new TRPCError({
176
+ code: "UNAUTHORIZED",
177
+ message: "You are not authorized to update this event",
178
+ });
179
+ }
180
+
181
+ const updatedEvent = await prisma.event.update({
182
+ where: { id: input.id },
183
+ data: {
184
+ name: input.data.name,
185
+ location: input.data.location,
186
+ remarks: input.data.remarks,
187
+ startTime: parseISO(input.data.startTime),
188
+ endTime: parseISO(input.data.endTime),
189
+ color: input.data.color,
190
+ ...(input.data.classId ? { classId: input.data.classId } : {}),
191
+ },
192
+ });
193
+
194
+ return { event: updatedEvent };
195
+ }),
196
+
197
+ delete: protectedProcedure
198
+ .input(z.object({
199
+ id: z.string(),
200
+ }))
201
+ .mutation(async ({ ctx, input }) => {
202
+ if (!ctx.user) {
203
+ throw new TRPCError({
204
+ code: "UNAUTHORIZED",
205
+ message: "You must be logged in to delete an event",
206
+ });
207
+ }
208
+
209
+ const event = await prisma.event.findUnique({
210
+ where: { id: input.id },
211
+ });
212
+
213
+ if (!event) {
214
+ throw new TRPCError({
215
+ code: "NOT_FOUND",
216
+ message: "Event not found",
217
+ });
218
+ }
219
+
220
+ if (event.userId !== ctx.user.id) {
221
+ throw new TRPCError({
222
+ code: "UNAUTHORIZED",
223
+ message: "You are not authorized to delete this event",
224
+ });
225
+ }
226
+
227
+ await prisma.event.delete({
228
+ where: { id: input.id },
229
+ });
230
+
231
+ return { success: true };
232
+ }),
233
+
234
+ attachAssignment: protectedProcedure
235
+ .input(z.object({
236
+ eventId: z.string(),
237
+ assignmentId: z.string(),
238
+ }))
239
+ .mutation(async ({ ctx, input }) => {
240
+ if (!ctx.user || !ctx.user.id) {
241
+ throw new TRPCError({
242
+ code: "UNAUTHORIZED",
243
+ message: "You must be logged in to attach an assignment",
244
+ });
245
+ }
246
+
247
+ // Check if user owns the event
248
+ const event = await prisma.event.findUnique({
249
+ where: { id: input.eventId },
250
+ include: {
251
+ class: {
252
+ include: {
253
+ teachers: {
254
+ select: { id: true }
255
+ }
256
+ }
257
+ }
258
+ }
259
+ });
260
+
261
+ if (!event) {
262
+ throw new TRPCError({
263
+ code: "NOT_FOUND",
264
+ message: "Event not found",
265
+ });
266
+ }
267
+
268
+ // Check if user is the event owner or a teacher of the class
269
+ if (event.userId !== ctx.user.id &&
270
+ !event.class?.teachers.some(teacher => teacher.id === ctx.user!.id)) {
271
+ throw new TRPCError({
272
+ code: "UNAUTHORIZED",
273
+ message: "You are not authorized to modify this event",
274
+ });
275
+ }
276
+
277
+ // Check if assignment exists and belongs to the same class
278
+ const assignment = await prisma.assignment.findUnique({
279
+ where: { id: input.assignmentId },
280
+ include: {
281
+ class: {
282
+ include: {
283
+ teachers: {
284
+ select: { id: true }
285
+ }
286
+ }
287
+ }
288
+ }
289
+ });
290
+
291
+ if (!assignment) {
292
+ throw new TRPCError({
293
+ code: "NOT_FOUND",
294
+ message: "Assignment not found",
295
+ });
296
+ }
297
+
298
+ // Check if user is a teacher of the assignment's class
299
+ if (!assignment.class.teachers.some(teacher => teacher.id === ctx.user!.id)) {
300
+ throw new TRPCError({
301
+ code: "UNAUTHORIZED",
302
+ message: "You are not authorized to modify this assignment",
303
+ });
304
+ }
305
+
306
+ // Check if event and assignment belong to the same class
307
+ if (event.classId !== assignment.classId) {
308
+ throw new TRPCError({
309
+ code: "BAD_REQUEST",
310
+ message: "Event and assignment must belong to the same class",
311
+ });
312
+ }
313
+
314
+ // Attach assignment to event
315
+ const updatedAssignment = await prisma.assignment.update({
316
+ where: { id: input.assignmentId },
317
+ data: {
318
+ eventAttached: {
319
+ connect: { id: input.eventId }
320
+ }
321
+ },
322
+ include: {
323
+ attachments: {
324
+ select: {
325
+ id: true,
326
+ name: true,
327
+ type: true,
328
+ }
329
+ },
330
+ section: {
331
+ select: {
332
+ id: true,
333
+ name: true
334
+ }
335
+ },
336
+ teacher: {
337
+ select: {
338
+ id: true,
339
+ username: true
340
+ }
341
+ }
342
+ }
343
+ });
344
+
345
+ return { assignment: updatedAssignment };
346
+ }),
347
+
348
+ detachAssignment: protectedProcedure
349
+ .input(z.object({
350
+ eventId: z.string(),
351
+ assignmentId: z.string(),
352
+ }))
353
+ .mutation(async ({ ctx, input }) => {
354
+ if (!ctx.user) {
355
+ throw new TRPCError({
356
+ code: "UNAUTHORIZED",
357
+ message: "You must be logged in to detach an assignment",
358
+ });
359
+ }
360
+
361
+ // Check if user owns the event
362
+ const event = await prisma.event.findUnique({
363
+ where: { id: input.eventId },
364
+ include: {
365
+ class: {
366
+ include: {
367
+ teachers: {
368
+ select: { id: true }
369
+ }
370
+ }
371
+ }
372
+ }
373
+ });
374
+
375
+ if (!event) {
376
+ throw new TRPCError({
377
+ code: "NOT_FOUND",
378
+ message: "Event not found",
379
+ });
380
+ }
381
+
382
+ // Check if user is the event owner or a teacher of the class
383
+ if (event.userId !== ctx.user.id &&
384
+ !event.class?.teachers.some(teacher => teacher.id === ctx.user!.id)) {
385
+ throw new TRPCError({
386
+ code: "UNAUTHORIZED",
387
+ message: "You are not authorized to modify this event",
388
+ });
389
+ }
390
+
391
+ // Detach assignment from event
392
+ const updatedAssignment = await prisma.assignment.update({
393
+ where: { id: input.assignmentId },
394
+ data: {
395
+ eventAttached: {
396
+ disconnect: true
397
+ }
398
+ },
399
+ include: {
400
+ attachments: {
401
+ select: {
402
+ id: true,
403
+ name: true,
404
+ type: true,
405
+ }
406
+ },
407
+ section: {
408
+ select: {
409
+ id: true,
410
+ name: true
411
+ }
412
+ },
413
+ teacher: {
414
+ select: {
415
+ id: true,
416
+ username: true
417
+ }
418
+ }
419
+ }
420
+ });
421
+
422
+ return { assignment: updatedAssignment };
423
+ }),
424
+
425
+ getAvailableAssignments: protectedProcedure
426
+ .input(z.object({
427
+ eventId: z.string(),
428
+ }))
429
+ .query(async ({ ctx, input }) => {
430
+ if (!ctx.user) {
431
+ throw new TRPCError({
432
+ code: "UNAUTHORIZED",
433
+ message: "You must be logged in to get available assignments",
434
+ });
435
+ }
436
+
437
+ // Get the event to find the class
438
+ const event = await prisma.event.findUnique({
439
+ where: { id: input.eventId },
440
+ include: {
441
+ class: {
442
+ include: {
443
+ teachers: {
444
+ select: { id: true }
445
+ }
446
+ }
447
+ }
448
+ }
449
+ });
450
+
451
+ if (!event || !event.classId) {
452
+ throw new TRPCError({
453
+ code: "NOT_FOUND",
454
+ message: "Event not found",
455
+ });
456
+ }
457
+
458
+ // Check if user is authorized to access this event/class
459
+ if (event.userId !== ctx.user.id &&
460
+ !event.class?.teachers.some(teacher => teacher.id === ctx.user!.id)) {
461
+ throw new TRPCError({
462
+ code: "UNAUTHORIZED",
463
+ message: "You are not authorized to access this event",
464
+ });
465
+ }
466
+
467
+ // Get all assignments for the class that are not already attached to an event
468
+ const assignments = await prisma.assignment.findMany({
469
+ where: {
470
+ classId: event.classId,
471
+ eventId: null, // Not already attached to any event
472
+ },
473
+ select: {
474
+ id: true,
475
+ title: true,
476
+ instructions: true,
477
+ dueDate: true,
478
+ type: true,
479
+ graded: true,
480
+ maxGrade: true,
481
+ weight: true,
482
+ section: {
483
+ select: {
484
+ id: true,
485
+ name: true
486
+ }
487
+ },
488
+ attachments: {
489
+ select: {
490
+ id: true,
491
+ name: true,
492
+ type: true,
493
+ }
494
+ },
495
+ teacher: {
496
+ select: {
497
+ id: true,
498
+ username: true
499
+ }
500
+ }
501
+ },
502
+ orderBy: {
503
+ createdAt: 'desc'
504
+ }
505
+ });
506
+
507
+ return { assignments };
508
+ }),
509
+ });
package/src/routers/file.ts ADDED
@@ -0,0 +1,96 @@
1
+ import { z } from "zod";
2
+ import { createTRPCRouter, protectedProcedure } from "../trpc";
3
+ import { TRPCError } from "@trpc/server";
4
+ import { getSignedUrl } from "../lib/googleCloudStorage";
5
+ import type { User } from "@prisma/client";
6
+ import { prisma } from "../lib/prisma";
7
+
8
+ export const fileRouter = createTRPCRouter({
9
+ getSignedUrl: protectedProcedure
10
+ .input(z.object({
11
+ fileId: z.string(),
12
+ }))
13
+ .mutation(async ({ ctx, input }) => {
14
+ const { fileId } = input;
15
+ const userId = ctx.user?.id;
16
+
17
+ if (!userId) {
18
+ throw new TRPCError({
19
+ code: "UNAUTHORIZED",
20
+ message: "You must be logged in to access files",
21
+ });
22
+ }
23
+
24
+ // Get file metadata from database
25
+ const file = await prisma.file.findUnique({
26
+ where: { id: fileId },
27
+ include: {
28
+ assignment: {
29
+ include: {
30
+ class: {
31
+ include: {
32
+ students: true,
33
+ teachers: true
34
+ }
35
+ }
36
+ }
37
+ },
38
+ submission: {
39
+ include: {
40
+ student: true,
41
+ assignment: {
42
+ include: {
43
+ class: {
44
+ include: {
45
+ teachers: true
46
+ }
47
+ }
48
+ }
49
+ }
50
+ }
51
+ }
52
+ }
53
+ });
54
+
55
+ if (!file) {
56
+ throw new TRPCError({
57
+ code: "NOT_FOUND",
58
+ message: "File does not exist",
59
+ });
60
+ }
61
+
62
+ // Check if user has access to the file
63
+ const hasAccess =
64
+ // File owner
65
+ file.userId === userId ||
66
+ // Assignment file - student in class or teacher
67
+ (file.assignment && (
68
+ file.assignment.class.students.some((s: User) => s.id === userId) ||
69
+ file.assignment.class.teachers.some((t: User) => t.id === userId)
70
+ )) ||
71
+ // Submission file - student who submitted or teacher of class
72
+ (file.submission && (
73
+ file.submission.student.id === userId ||
74
+ file.submission.assignment.class.teachers.some((t: User) => t.id === userId)
75
+ ));
76
+
77
+ if (!hasAccess) {
78
+ throw new TRPCError({
79
+ code: "FORBIDDEN",
80
+ message: "You do not have access to this file",
81
+ });
82
+ }
83
+
84
+ try {
85
+ // Generate a signed URL with short expiration
86
+ const signedUrl = await getSignedUrl(file.path);
87
+ return { signedUrl };
88
+ } catch (error) {
89
+ console.error('Error generating signed URL:', error);
90
+ throw new TRPCError({
91
+ code: "INTERNAL_SERVER_ERROR",
92
+ message: "Failed to generate signed URL",
93
+ });
94
+ }
95
+ }),
96
+ });