npm - @studious-lms/server - Versions diffs - 1.2.45 → 1.2.46 - Mend

@studious-lms/server 1.2.45 → 1.2.46

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (231) hide show

package/.env.example +45 -0
package/.env.test.example +37 -0
package/README.md +34 -7
package/coverage/base.css +224 -0
package/coverage/block-navigation.js +87 -0
package/coverage/clover.xml +12110 -0
package/coverage/coverage-final.json +44 -0
package/coverage/favicon.png +0 -0
package/coverage/index.html +221 -0
package/coverage/prettify.css +1 -0
package/coverage/prettify.js +2 -0
package/coverage/server/index.html +116 -0
package/coverage/server/src/exportType.ts.html +109 -0
package/coverage/server/src/index.html +161 -0
package/coverage/server/src/index.ts.html +1702 -0
package/coverage/server/src/instrument.ts.html +130 -0
package/coverage/server/src/lib/config/env.ts.html +448 -0
package/coverage/server/src/lib/config/index.html +116 -0
package/coverage/server/src/lib/fileUpload.ts.html +1138 -0
package/coverage/server/src/lib/googleCloudStorage.ts.html +334 -0
package/coverage/server/src/lib/index.html +206 -0
package/coverage/server/src/lib/jsonConversion.ts.html +2323 -0
package/coverage/server/src/lib/jsonStyles.ts.html +193 -0
package/coverage/server/src/lib/notificationHandler.ts.html +193 -0
package/coverage/server/src/lib/pusher.ts.html +121 -0
package/coverage/server/src/lib/thumbnailGenerator.ts.html +592 -0
package/coverage/server/src/middleware/auth.ts.html +646 -0
package/coverage/server/src/middleware/index.html +146 -0
package/coverage/server/src/middleware/logging.ts.html +244 -0
package/coverage/server/src/middleware/security.ts.html +271 -0
package/coverage/server/src/routers/_app.ts.html +232 -0
package/coverage/server/src/routers/agenda.ts.html +319 -0
package/coverage/server/src/routers/announcement.ts.html +3481 -0
package/coverage/server/src/routers/assignment.ts.html +7633 -0
package/coverage/server/src/routers/attendance.ts.html +1030 -0
package/coverage/server/src/routers/auth.ts.html +1081 -0
package/coverage/server/src/routers/class.ts.html +3535 -0
package/coverage/server/src/routers/comment.ts.html +991 -0
package/coverage/server/src/routers/conversation.ts.html +982 -0
package/coverage/server/src/routers/event.ts.html +1609 -0
package/coverage/server/src/routers/file.ts.html +1144 -0
package/coverage/server/src/routers/folder.ts.html +2797 -0
package/coverage/server/src/routers/index.html +386 -0
package/coverage/server/src/routers/labChat.ts.html +3073 -0
package/coverage/server/src/routers/marketing.ts.html +340 -0
package/coverage/server/src/routers/message.ts.html +1912 -0
package/coverage/server/src/routers/notifications.ts.html +364 -0
package/coverage/server/src/routers/section.ts.html +1120 -0
package/coverage/server/src/routers/user.ts.html +862 -0
package/coverage/server/src/routers/worksheet.ts.html +1729 -0
package/coverage/server/src/trpc.ts.html +397 -0
package/coverage/server/src/types/index.html +116 -0
package/coverage/server/src/types/trpc.ts.html +127 -0
package/coverage/server/src/utils/aiUser.ts.html +280 -0
package/coverage/server/src/utils/email.ts.html +121 -0
package/coverage/server/src/utils/generateInviteCode.ts.html +106 -0
package/coverage/server/src/utils/index.html +206 -0
package/coverage/server/src/utils/inference.ts.html +709 -0
package/coverage/server/src/utils/logger.ts.html +664 -0
package/coverage/server/src/utils/prismaErrorHandler.ts.html +907 -0
package/coverage/server/src/utils/prismaWrapper.ts.html +355 -0
package/coverage/server/vitest.config.ts.html +196 -0
package/coverage/sort-arrow-sprite.png +0 -0
package/coverage/sorter.js +210 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +83 -52
package/dist/index.js.map +1 -1
package/dist/instrument.js +15 -8
package/dist/instrument.js.map +1 -1
package/dist/lib/config/env.d.ts +169 -0
package/dist/lib/config/env.d.ts.map +1 -0
package/dist/lib/config/env.js +115 -0
package/dist/lib/config/env.js.map +1 -0
package/dist/lib/fileUpload.d.ts.map +1 -1
package/dist/lib/fileUpload.js +5 -4
package/dist/lib/fileUpload.js.map +1 -1
package/dist/lib/googleCloudStorage.d.ts.map +1 -1
package/dist/lib/googleCloudStorage.js +7 -8
package/dist/lib/googleCloudStorage.js.map +1 -1
package/dist/lib/jsonConversion.d.ts.map +1 -1
package/dist/lib/jsonConversion.js +14 -16
package/dist/lib/jsonConversion.js.map +1 -1
package/dist/lib/notificationHandler.d.ts +2 -2
package/dist/lib/prisma.d.ts +2 -2
package/dist/lib/prisma.d.ts.map +1 -1
package/dist/lib/prisma.js +22 -3
package/dist/lib/prisma.js.map +1 -1
package/dist/lib/pusher.d.ts.map +1 -1
package/dist/lib/pusher.js +8 -7
package/dist/lib/pusher.js.map +1 -1
package/dist/middleware/auth.d.ts.map +1 -1
package/dist/middleware/auth.js +6 -5
package/dist/middleware/auth.js.map +1 -1
package/dist/middleware/security.d.ts +5 -0
package/dist/middleware/security.d.ts.map +1 -0
package/dist/middleware/security.js +77 -0
package/dist/middleware/security.js.map +1 -0
package/dist/routers/_app.d.ts +294 -98
package/dist/routers/_app.d.ts.map +1 -1
package/dist/routers/_app.js +4 -2
package/dist/routers/_app.js.map +1 -1
package/dist/routers/agenda.d.ts.map +1 -1
package/dist/routers/agenda.js +12 -9
package/dist/routers/agenda.js.map +1 -1
package/dist/routers/announcement.d.ts +8 -0
package/dist/routers/announcement.d.ts.map +1 -1
package/dist/routers/announcement.js +6 -4
package/dist/routers/announcement.js.map +1 -1
package/dist/routers/assignment.d.ts +7 -4
package/dist/routers/assignment.d.ts.map +1 -1
package/dist/routers/assignment.js +35 -18
package/dist/routers/assignment.js.map +1 -1
package/dist/routers/attendance.d.ts +1 -0
package/dist/routers/attendance.d.ts.map +1 -1
package/dist/routers/attendance.js +4 -4
package/dist/routers/attendance.js.map +1 -1
package/dist/routers/auth.d.ts +20 -0
package/dist/routers/auth.d.ts.map +1 -1
package/dist/routers/auth.js +132 -15
package/dist/routers/auth.js.map +1 -1
package/dist/routers/class.d.ts +10 -0
package/dist/routers/class.d.ts.map +1 -1
package/dist/routers/class.js +49 -5
package/dist/routers/class.js.map +1 -1
package/dist/routers/comment.d.ts +2 -0
package/dist/routers/comment.d.ts.map +1 -1
package/dist/routers/conversation.d.ts +1 -0
package/dist/routers/conversation.d.ts.map +1 -1
package/dist/routers/conversation.js +46 -31
package/dist/routers/conversation.js.map +1 -1
package/dist/routers/file.d.ts.map +1 -1
package/dist/routers/file.js +30 -7
package/dist/routers/file.js.map +1 -1
package/dist/routers/labChat.d.ts +1 -0
package/dist/routers/labChat.d.ts.map +1 -1
package/dist/routers/labChat.js +2 -3
package/dist/routers/labChat.js.map +1 -1
package/dist/routers/marketing.d.ts +1 -1
package/dist/routers/newtonChat.d.ts +55 -0
package/dist/routers/newtonChat.d.ts.map +1 -0
package/dist/routers/newtonChat.js +438 -0
package/dist/routers/newtonChat.js.map +1 -0
package/dist/routers/notifications.d.ts +4 -4
package/dist/routers/section.d.ts +9 -4
package/dist/routers/section.d.ts.map +1 -1
package/dist/routers/section.js +8 -8
package/dist/routers/section.js.map +1 -1
package/dist/routers/user.d.ts.map +1 -1
package/dist/routers/user.js +5 -4
package/dist/routers/user.js.map +1 -1
package/dist/routers/worksheet.d.ts +30 -36
package/dist/routers/worksheet.d.ts.map +1 -1
package/dist/routers/worksheet.js +11 -33
package/dist/routers/worksheet.js.map +1 -1
package/dist/seedDatabase.d.ts +1 -1
package/dist/seedDatabase.js +275 -284
package/dist/seedDatabase.js.map +1 -1
package/dist/server/pipelines/aiLabChat.d.ts +10 -0
package/dist/server/pipelines/aiLabChat.d.ts.map +1 -0
package/dist/server/pipelines/aiLabChat.js +83 -0
package/dist/server/pipelines/aiLabChat.js.map +1 -0
package/dist/server/pipelines/gradeWorksheet.d.ts +2 -0
package/dist/server/pipelines/gradeWorksheet.d.ts.map +1 -0
package/dist/server/pipelines/gradeWorksheet.js +138 -0
package/dist/server/pipelines/gradeWorksheet.js.map +1 -0
package/dist/trpc.d.ts.map +1 -1
package/dist/trpc.js +2 -2
package/dist/trpc.js.map +1 -1
package/dist/utils/email.d.ts +9 -1
package/dist/utils/email.d.ts.map +1 -1
package/dist/utils/email.js +20 -5
package/dist/utils/email.js.map +1 -1
package/dist/utils/inference.d.ts +3 -0
package/dist/utils/inference.d.ts.map +1 -1
package/dist/utils/inference.js +41 -7
package/dist/utils/inference.js.map +1 -1
package/dist/utils/logger.d.ts.map +1 -1
package/dist/utils/logger.js +3 -3
package/dist/utils/logger.js.map +1 -1
package/docker-compose.yml +14 -0
package/package.json +13 -4
package/prisma/schema.prisma +32 -5
package/scripts/test-pre-push.ts +14 -0
package/src/index.ts +98 -54
package/src/instrument.ts +13 -6
package/src/lib/config/env.ts +126 -0
package/src/lib/fileUpload.ts +3 -2
package/src/lib/googleCloudStorage.ts +6 -6
package/src/lib/jsonConversion.ts +12 -14
package/src/lib/prisma.ts +23 -2
package/src/lib/pusher.ts +6 -5
package/src/middleware/auth.ts +4 -3
package/src/middleware/security.ts +80 -0
package/src/routers/_app.ts +2 -0
package/src/routers/agenda.ts +10 -7
package/src/routers/announcement.ts +4 -2
package/src/routers/assignment.ts +58 -40
package/src/routers/attendance.ts +2 -2
package/src/routers/auth.ts +143 -14
package/src/routers/class.ts +52 -3
package/src/routers/conversation.ts +49 -29
package/src/routers/file.ts +29 -5
package/src/routers/labChat.ts +0 -1
package/src/routers/newtonChat.ts +520 -0
package/src/routers/section.ts +6 -6
package/src/routers/user.ts +3 -2
package/src/routers/worksheet.ts +9 -37
package/src/seedDatabase.ts +290 -283
package/src/server/pipelines/aiLabChat.ts +92 -0
package/src/server/pipelines/gradeWorksheet.ts +152 -0
package/src/trpc.ts +2 -0
package/src/utils/email.ts +30 -3
package/src/utils/inference.ts +50 -5
package/src/utils/logger.ts +2 -1
package/tests/announcement.test.ts +164 -0
package/tests/assignment.test.ts +296 -0
package/tests/attendance.test.ts +168 -0
package/tests/auth.test.ts +33 -10
package/tests/class.test.ts +34 -9
package/tests/event.test.ts +228 -0
package/tests/section.test.ts +216 -0
package/tests/setup.ts +70 -16
package/tests/user.test.ts +158 -0
package/vitest.config.ts +26 -0
package/API_SPECIFICATION.md +0 -1597
package/BASE64_REMOVAL_SUMMARY.md +0 -164
package/CHAT_API_SPEC.md +0 -579
package/LAB_CHAT_API_SPEC.md +0 -518
package/dist/routers/school.d.ts +0 -208
package/dist/routers/school.d.ts.map +0 -1
package/dist/routers/school.js +0 -483

package/src/routers/auth.ts CHANGED Viewed

@@ -4,8 +4,10 @@ import { TRPCError } from "@trpc/server";
 import { prisma } from "../lib/prisma.js";
 import { v4 as uuidv4 } from 'uuid';
 import { compare, hash } from "bcryptjs";
-import { transport } from "../utils/email.js";
+import { sendMail } from "../utils/email.js";
 import { prismaWrapper } from "../utils/prismaWrapper.js";
+import { env } from "../lib/config/env.js";
+import { logger } from "../utils/logger.js";
 const loginSchema = z.object({
   username: z.string(),
@@ -106,14 +108,18 @@ export const authRouter = createTRPCRouter({
         'creating verification token'
       );
-      // await transport.sendMail({
-      //   from: 'noreply@studious.sh',
-      //   to: user.email,
-      //   subject: 'Verify your email',
-      //   text: `Click the link to verify your email: ${process.env.NEXT_PUBLIC_APP_URL}/verify/${verificationToken.id}`,
-      // });
+      try {
+        await sendMail({
+        from: 'noreply@studious.sh',
+        to: user.email,
+        subject: 'Verify your email',
+          text: `Click the link to verify your email: ${env.NEXT_PUBLIC_APP_URL}/verify/${verificationToken.id}`,
+        });
+      } catch (err) {
+        logger.error('Failed to send verification email', { email: user.email, err });
+      }
-      console.log(`${process.env.NEXT_PUBLIC_APP_URL}/verify/${verificationToken.id}`)
+      // logger.info(`Password verification email sent to ${user.email} at ${env.NEXT_PUBLIC_APP_URL}/verify/${verificationToken.id}`);
       return {
         user: {
@@ -280,12 +286,18 @@ export const authRouter = createTRPCRouter({
           },
         });
-        // await transport.sendMail({
-        //   from: 'noreply@studious.sh',
-        //   to: user.email,
-        //   subject: 'Verify your email',
-        //   text: `Click the link to verify your email: ${process.env.NEXT_PUBLIC_APP_URL}/verify/${verificationToken.id}`,
-        // });
+        try {
+          await sendMail({
+          from: 'noreply@studious.sh',
+          to: user.email,
+            subject: 'Verify your email',
+            text: `Click the link to verify your email: ${env.NEXT_PUBLIC_APP_URL}/verify/${verificationToken.id}`,
+          });
+        } catch (err) {
+          logger.error('Failed to send verification email', { email: user.email, err });
+        }
+        // logger.info(`Password verification email sent to ${user.email} at ${env.NEXT_PUBLIC_APP_URL}/verify/${verificationToken.id}`);
         return { success: true };
       }),
@@ -326,6 +338,123 @@ export const authRouter = createTRPCRouter({
           where: { id: token },
         });
+        return { success: true };
+      }),
+    requestPasswordReset: publicProcedure
+      .input(z.object({
+        email: z.string().email(),
+      }))
+      .mutation(async ({ input }) => {
+        const { email } = input;
+        const user = await prisma.user.findFirst({
+          where: { email },
+          select: {
+            id: true,
+            email: true,
+            username: true,
+          },
+        });
+        // Don't reveal if user exists or not for security
+        if (!user) {
+          return { success: true };
+        }
+        // Delete any existing password reset tokens for this user
+        // Only delete tokens that expire within 2 hours (likely password reset tokens)
+        const twoHoursFromNow = new Date(Date.now() + 1000 * 60 * 60 * 2);
+        await prisma.session.deleteMany({
+          where: {
+            userId: user.id,
+            classId: null,
+            expiresAt: {
+              lte: twoHoursFromNow, // Only delete short-lived tokens (password reset tokens)
+            },
+          },
+        });
+        // Create a new password reset token (expires in 1 hour)
+        const resetToken = await prisma.session.create({
+          data: {
+            id: uuidv4(),
+            userId: user.id,
+            expiresAt: new Date(Date.now() + 1000 * 60 * 60), // 1 hour
+          },
+        });
+        // Send password reset email
+        try {
+          await sendMail({
+            from: 'noreply@studious.sh',
+            to: user.email,
+            subject: 'Reset your password',
+            text: `Click the link to reset your password: ${env.NEXT_PUBLIC_APP_URL}/reset-password/${resetToken.id}`,
+          });
+        } catch (err) {
+          logger.error('Failed to send password reset email', { email: user.email, err });
+        }
+        // logger.info(`Password reset email sent to ${user.email} at ${env.NEXT_PUBLIC_APP_URL}/reset-password/${resetToken.id}`);
+        return { success: true };
+      }),
+    resetPassword: publicProcedure
+      .input(z.object({
+        token: z.string(),
+        password: z.string().min(6, "Password must be at least 6 characters"),
+        confirmPassword: z.string(),
+      }).refine((data) => data.password === data.confirmPassword, {
+        message: "Passwords don't match",
+        path: ["confirmPassword"],
+      }))
+      .mutation(async ({ input }) => {
+        const { token, password } = input;
+        const session = await prisma.session.findUnique({
+          where: { id: token },
+          include: {
+            user: {
+              select: {
+                id: true,
+              },
+            },
+          },
+        });
+        if (!session || !session.userId) {
+          throw new TRPCError({
+            code: "NOT_FOUND",
+            message: "Invalid or expired reset token",
+          });
+        }
+        if (session.expiresAt && session.expiresAt < new Date()) {
+          // Clean up expired token
+          await prisma.session.delete({
+            where: { id: token },
+          });
+          throw new TRPCError({
+            code: "UNAUTHORIZED",
+            message: "Reset token has expired",
+          });
+        }
+        // Update the user's password
+        await prisma.user.update({
+          where: { id: session.userId },
+          data: {
+            password: await hash(password, 10),
+          },
+        });
+        // Clean up the reset token
+        await prisma.session.delete({
+          where: { id: token },
+        });
         return { success: true };
       }),
 });

package/src/routers/class.ts CHANGED Viewed

@@ -465,6 +465,51 @@ export const classRouter = createTRPCRouter({
         removedUserId: userId,
       };
     }),
+  leaveClass: protectedProcedure
+    .input(z.object({
+      classId: z.string(),
+    }))
+    .mutation(async ({ ctx, input }) => {
+      const { classId } = input;
+      const userId = ctx.user?.id;
+      if (!userId) {
+        throw new TRPCError({
+          code: 'UNAUTHORIZED',
+          message: 'User not authenticated',
+        });
+      }
+      const classData = await prisma.class.findFirst({
+        where: {
+          id: classId,
+          students: {
+            some: { id: userId },
+          },
+        },
+      });
+      if (!classData) {
+        throw new TRPCError({
+          code: 'NOT_FOUND',
+          message: 'Class not found or you are not a student in this class',
+        });
+      }
+      await prisma.class.update({
+        where: { id: classId },
+        data: {
+          students: {
+            disconnect: { id: userId },
+          },
+        },
+      });
+      return {
+        success: true,
+        leftClassId: classId,
+      };
+    }),
   join: protectedProcedure
     .input(z.object({
       classCode: z.string(),
@@ -472,9 +517,13 @@ export const classRouter = createTRPCRouter({
     .mutation(async ({ ctx, input }) => {
       const { classCode } = input;
+      // Case-insensitive search for invite code
       const session = await prisma.session.findFirst({
         where: {
-          id: classCode,
+          id: {
+            equals: classCode,
+            mode: 'insensitive',
+          },
         },
       });
@@ -676,7 +725,7 @@ export const classRouter = createTRPCRouter({
         return events;
       }),
-    listMarkSchemes: protectedTeacherProcedure
+    listMarkSchemes: protectedClassMemberProcedure
       .input(z.object({
         classId: z.string(),
       }))
@@ -755,7 +804,7 @@ export const classRouter = createTRPCRouter({
         return markScheme;
       }),
-    listGradingBoundaries: protectedTeacherProcedure
+    listGradingBoundaries: protectedClassMemberProcedure
       .input(z.object({
         classId: z.string(),
       }))

package/src/routers/conversation.ts CHANGED Viewed

@@ -148,51 +148,69 @@ export const conversationRouter = createTRPCRouter({
       // For DMs, check if conversation already exists
       if (type === 'DM') {
-        const existingDM = await prisma.conversation.findFirst({
+        // Get the target user's ID from their username
+        const targetUser = await prisma.user.findFirst({
+          where: { username: memberIds[0] },
+          select: { id: true, username: true },
+        });
+        if (!targetUser) {
+          throw new TRPCError({
+            code: 'BAD_REQUEST',
+            message: `User "${memberIds[0]}" not found`,
+          });
+        }
+        // Find all DM conversations where current user is a member
+        const existingDMs = await prisma.conversation.findMany({
           where: {
             type: 'DM',
             members: {
-              every: {
-                userId: {
-                  in: [userId, memberIds[0]],
-                },
-              },
-            },
-            AND: {
-              members: {
-                some: {
-                  userId,
-                },
+              some: {
+                userId,
               },
             },
           },
           include: {
             members: {
-              include: {
-                user: {
-                  select: {
-                    id: true,
-                    username: true,
-                    profile: {
-                      select: {
-                        displayName: true,
-                        profilePicture: true,
-                      },
-                    },
-                  },
-                },
+              select: {
+                userId: true,
               },
             },
           },
         });
+        // Check if any of these conversations has exactly 2 members (current user + target user)
+        const existingDM = existingDMs.find(conv => {
+          const memberUserIds = conv.members.map(m => m.userId);
+          return memberUserIds.length === 2 &&
+                 memberUserIds.includes(userId) &&
+                 memberUserIds.includes(targetUser.id);
+        });
         if (existingDM) {
-          return existingDM;
+          // Conversation already exists, throw error with friendly message
+          throw new TRPCError({
+            code: 'BAD_REQUEST',
+            message: `A conversation with ${targetUser.username} already exists`,
+          });
         }
       }
       // Verify all members exist
-      const members = await prisma.user.findMany({
+      const membersWithIds = await prisma.user.findMany({
+        where: {
+          id: {
+            in: memberIds,
+          },
+        },
+        select: {
+          id: true,
+          username: true,
+        },
+      });
+      const membersWithUsernames = await prisma.user.findMany({
         where: {
           username: {
             in: memberIds,
@@ -204,6 +222,8 @@ export const conversationRouter = createTRPCRouter({
         },
       });
+      const members = [...membersWithIds, ...membersWithUsernames];
       if (members.length !== memberIds.length) {
         throw new TRPCError({
           code: 'BAD_REQUEST',
@@ -222,8 +242,8 @@ export const conversationRouter = createTRPCRouter({
                 userId,
                 role: type === 'GROUP' ? 'ADMIN' : 'MEMBER',
               },
-              ...memberIds.map((memberId) => ({
-                userId: members.find((member) => member.username === memberId)!.id,
+              ...members.map((member) => ({
+                userId: member.id,
                 role: 'MEMBER' as const,
               })),
             ],

package/src/routers/file.ts CHANGED Viewed

@@ -73,6 +73,16 @@ export const fileRouter = createTRPCRouter({
                 }
               }
             }
+          },
+          announcement: {
+            include: {
+              class: {
+                include: {
+                  students: true,
+                  teachers: true
+                }
+              }
+            }
           }
         }
       });
@@ -92,18 +102,30 @@ export const fileRouter = createTRPCRouter({
       // Check if user is a teacher of the class
       if (file.assignment?.class) {
         classId = file.assignment.class.id;
-        hasAccess = file.assignment.class.teachers.some(teacher => teacher.id === userId) || false;
+        const isTeacher = file.assignment.class.teachers.some(teacher => teacher.id === userId);
+        const isStudent = file.assignment.class.students.some(student => student.id === userId);
+        logger.info(`Assignment file access check - userId: ${userId}, isTeacher: ${isTeacher}, isStudent: ${isStudent}`);
+        hasAccess = isTeacher || isStudent;
+      }
+      // Check if user has access to announcement files (teachers or students in the class)
+      if ((file as any).announcement?.class) {
+        classId = (file as any).announcement.class.id;
+        const isTeacher = (file as any).announcement.class.teachers.some((teacher: any) => teacher.id === userId);
+        const isStudent = (file as any).announcement.class.students.some((student: any) => student.id === userId);
+        logger.info(`Announcement file access check - userId: ${userId}, isTeacher: ${isTeacher}, isStudent: ${isStudent}`);
+        hasAccess = hasAccess || isTeacher || isStudent;
       }
       if (file.submission?.assignment?.classId) {
         classId = file.submission.assignment.classId;
-        hasAccess = file.submission?.studentId === userId || false;
+        hasAccess = hasAccess || file.submission?.studentId === userId || false;
         if (!hasAccess) hasAccess = file.submission.assignment.class.teachers.some(teacher => teacher.id === userId) || false;
       }
       if (file.annotations?.assignment?.classId) {
         classId = file.annotations?.assignment.classId;
-        hasAccess = file.annotations?.studentId === userId || false;
+        hasAccess = hasAccess || file.annotations?.studentId === userId || false;
         if (!hasAccess) hasAccess = file.annotations.assignment.class.teachers.some(teacher => teacher.id === userId) || false;
       }
@@ -114,8 +136,10 @@ export const fileRouter = createTRPCRouter({
       // Check if file is in a folder and user has access to the class
       if (file.folder?.class) {
-        hasAccess = hasAccess || file.folder.class.teachers.some(teacher => teacher.id === userId);
-        hasAccess = hasAccess || file.folder.class.students.some(student => student.id === userId);
+        const isTeacher = file.folder.class.teachers.some(teacher => teacher.id === userId);
+        const isStudent = file.folder.class.students.some(student => student.id === userId);
+        hasAccess = hasAccess || isTeacher;
+        hasAccess = hasAccess || isStudent;
       }
       if (!hasAccess) {

package/src/routers/labChat.ts CHANGED Viewed

@@ -902,7 +902,6 @@ WHEN CREATING COURSE MATERIALS (docs field):
       if (jsonData.docs && Array.isArray(jsonData.docs)) {
-        console.log('Generating PDFs', { labChatId, docs: JSON.stringify(jsonData.docs, null, 2) });
         for (let i = 0; i < jsonData.docs.length; i++) {
           const doc = jsonData.docs[i];
           if (!doc.title || !doc.blocks || !Array.isArray(doc.blocks)) {