feat(exam-homework): add audit report, i18n, error boundaries, and permission hardening
- Add comprehensive audit report for exam and homework module - Create exam-homework i18n message files (zh-CN + en) and register namespace - Add permission check to gradeHomeworkSubmissionAction to prevent horizontal privilege escalation - Add Error Boundary + loading.tsx for 5 key pages (exam build/proctoring, homework assignment/submissions, student assignment) - Refactor exam-columns to createExamColumns(t) factory for i18n support - Refactor exam-data-table to manage columns internally via useTranslations - Replace hardcoded strings with i18n keys in all exam/homework components and pages - Add getHomeworkSubmissionForGrading data-access for secure grading flow
This commit is contained in:
SpecialX
@@ -2,6 +2,7 @@
|
||||
|
||||
import { useState } from "react"
|
||||
import { useRouter } from "next/navigation"
|
||||
import { useTranslations } from "next-intl"
|
||||
import { MoreHorizontal, Eye, Pencil, Trash, Archive, UploadCloud, Undo2, Copy } from "lucide-react"
|
||||
import { toast } from "sonner"
|
||||
|
||||
@@ -43,6 +44,7 @@ interface ExamActionsProps {
|
||||
|
||||
export function ExamActions({ exam }: ExamActionsProps) {
|
||||
const router = useRouter()
|
||||
const t = useTranslations("examHomework")
|
||||
const [showViewDialog, setShowViewDialog] = useState(false)
|
||||
const [showDeleteDialog, setShowDeleteDialog] = useState(false)
|
||||
const [isWorking, setIsWorking] = useState(false)
|
||||
@@ -76,11 +78,11 @@ export function ExamActions({ exam }: ExamActionsProps) {
|
||||
const nodes = Array.isArray(structure) ? hydrate(structure) : []
|
||||
setPreviewNodes(nodes)
|
||||
} else {
|
||||
toast.error("Failed to load exam preview")
|
||||
toast.error(t("exam.actions.previewFailed"))
|
||||
setShowViewDialog(false)
|
||||
}
|
||||
} catch {
|
||||
toast.error("Failed to load exam preview")
|
||||
toast.error(t("exam.actions.previewFailed"))
|
||||
setShowViewDialog(false)
|
||||
} finally {
|
||||
setLoadingPreview(false)
|
||||
@@ -89,7 +91,7 @@ export function ExamActions({ exam }: ExamActionsProps) {
|
||||
|
||||
const copyId = () => {
|
||||
navigator.clipboard.writeText(exam.id)
|
||||
toast.success("Exam ID copied to clipboard")
|
||||
toast.success(t("exam.actions.idCopied"))
|
||||
}
|
||||
|
||||
const setStatus = async (status: Exam["status"]) => {
|
||||
@@ -100,13 +102,13 @@ export function ExamActions({ exam }: ExamActionsProps) {
|
||||
formData.set("status", status)
|
||||
const result = await updateExamAction(null, formData)
|
||||
if (result.success) {
|
||||
toast.success(status === "published" ? "Exam published" : status === "archived" ? "Exam archived" : "Exam moved to draft")
|
||||
toast.success(status === "published" ? t("exam.actions.publishSuccess") : status === "archived" ? t("exam.actions.archiveSuccess") : t("exam.actions.draftSuccess"))
|
||||
router.refresh()
|
||||
} else {
|
||||
toast.error(result.message || "Failed to update exam")
|
||||
toast.error(result.message || t("exam.actions.updateFailed"))
|
||||
}
|
||||
} catch {
|
||||
toast.error("Failed to update exam")
|
||||
toast.error(t("exam.actions.updateFailed"))
|
||||
} finally {
|
||||
setIsWorking(false)
|
||||
}
|
||||
@@ -119,14 +121,14 @@ export function ExamActions({ exam }: ExamActionsProps) {
|
||||
formData.set("examId", exam.id)
|
||||
const result = await duplicateExamAction(null, formData)
|
||||
if (result.success && result.data) {
|
||||
toast.success("Exam duplicated")
|
||||
toast.success(t("exam.actions.duplicateSuccess"))
|
||||
router.push(`/teacher/exams/${result.data}/build`)
|
||||
router.refresh()
|
||||
} else {
|
||||
toast.error(result.message || "Failed to duplicate exam")
|
||||
toast.error(result.message || t("exam.actions.duplicateFailed"))
|
||||
}
|
||||
} catch {
|
||||
toast.error("Failed to duplicate exam")
|
||||
toast.error(t("exam.actions.duplicateFailed"))
|
||||
} finally {
|
||||
setIsWorking(false)
|
||||
}
|
||||
@@ -139,14 +141,14 @@ export function ExamActions({ exam }: ExamActionsProps) {
|
||||
formData.set("examId", exam.id)
|
||||
const result = await deleteExamAction(null, formData)
|
||||
if (result.success) {
|
||||
toast.success("Exam deleted successfully")
|
||||
toast.success(t("exam.actions.deleteSuccess"))
|
||||
setShowDeleteDialog(false)
|
||||
router.refresh()
|
||||
} else {
|
||||
toast.error(result.message || "Failed to delete exam")
|
||||
toast.error(result.message || t("exam.actions.deleteFailed"))
|
||||
}
|
||||
} catch {
|
||||
toast.error("Failed to delete exam")
|
||||
toast.error(t("exam.actions.deleteFailed"))
|
||||
} finally {
|
||||
setIsWorking(false)
|
||||
}
|
||||
@@ -163,75 +165,74 @@ export function ExamActions({ exam }: ExamActionsProps) {
|
||||
e.stopPropagation()
|
||||
handleView()
|
||||
}}
|
||||
title="Preview Exam"
|
||||
aria-label="Preview exam"
|
||||
title={t("exam.actions.preview")}
|
||||
aria-label={t("exam.actions.preview")}
|
||||
>
|
||||
<Eye className="h-4 w-4" />
|
||||
</Button>
|
||||
<DropdownMenu>
|
||||
<DropdownMenuTrigger asChild>
|
||||
<Button variant="ghost" className="h-8 w-8 p-0" aria-label="Open menu">
|
||||
<span className="sr-only">Open menu</span>
|
||||
<Button variant="ghost" className="h-8 w-8 p-0" aria-label={t("exam.actions.openMenu")}>
|
||||
<span className="sr-only">{t("exam.actions.openMenu")}</span>
|
||||
<MoreHorizontal className="h-4 w-4" />
|
||||
</Button>
|
||||
</DropdownMenuTrigger>
|
||||
<DropdownMenuContent align="end">
|
||||
<DropdownMenuLabel>Actions</DropdownMenuLabel>
|
||||
<DropdownMenuLabel>{t("exam.actions.copyId")}</DropdownMenuLabel>
|
||||
<DropdownMenuItem onClick={copyId}>
|
||||
<Copy className="mr-2 h-4 w-4" /> Copy ID
|
||||
<Copy className="mr-2 h-4 w-4" /> {t("exam.actions.copyId")}
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuSeparator />
|
||||
<DropdownMenuItem onClick={() => router.push(`/teacher/exams/${exam.id}/build`)}>
|
||||
<Pencil className="mr-2 h-4 w-4" /> Edit
|
||||
<Pencil className="mr-2 h-4 w-4" /> {t("exam.actions.edit")}
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuItem onClick={() => router.push(`/teacher/exams/${exam.id}/build`)}>
|
||||
<MoreHorizontal className="mr-2 h-4 w-4" /> Build
|
||||
<MoreHorizontal className="mr-2 h-4 w-4" /> {t("exam.actions.build")}
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuSeparator />
|
||||
<DropdownMenuItem onClick={duplicateExam} disabled={isWorking}>
|
||||
<Copy className="mr-2 h-4 w-4" /> Duplicate
|
||||
<Copy className="mr-2 h-4 w-4" /> {t("exam.actions.duplicate")}
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuSeparator />
|
||||
<DropdownMenuItem
|
||||
onClick={() => setStatus("published")}
|
||||
disabled={isWorking || exam.status === "published"}
|
||||
>
|
||||
<UploadCloud className="mr-2 h-4 w-4" /> Publish
|
||||
<UploadCloud className="mr-2 h-4 w-4" /> {t("exam.actions.publish")}
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuItem
|
||||
onClick={() => setStatus("draft")}
|
||||
disabled={isWorking || exam.status === "draft"}
|
||||
>
|
||||
<Undo2 className="mr-2 h-4 w-4" /> Move to Draft
|
||||
<Undo2 className="mr-2 h-4 w-4" /> {t("exam.actions.moveToDraft")}
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuItem
|
||||
onClick={() => setStatus("archived")}
|
||||
disabled={isWorking || exam.status === "archived"}
|
||||
>
|
||||
<Archive className="mr-2 h-4 w-4" /> Archive
|
||||
<Archive className="mr-2 h-4 w-4" /> {t("exam.actions.archive")}
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuItem
|
||||
className="text-destructive focus:text-destructive"
|
||||
onClick={() => setShowDeleteDialog(true)}
|
||||
disabled={isWorking}
|
||||
>
|
||||
<Trash className="mr-2 h-4 w-4" /> Delete
|
||||
<Trash className="mr-2 h-4 w-4" /> {t("exam.actions.delete")}
|
||||
</DropdownMenuItem>
|
||||
</DropdownMenuContent>
|
||||
</DropdownMenu>
|
||||
</div>
|
||||
|
||||
|
||||
<AlertDialog open={showDeleteDialog} onOpenChange={setShowDeleteDialog}>
|
||||
<AlertDialogContent>
|
||||
<AlertDialogHeader>
|
||||
<AlertDialogTitle>Are you absolutely sure?</AlertDialogTitle>
|
||||
<AlertDialogTitle>{t("exam.actions.deleteConfirmTitle")}</AlertDialogTitle>
|
||||
<AlertDialogDescription>
|
||||
This action cannot be undone. This will permanently delete the exam
|
||||
"{exam.title}" and remove all associated data.
|
||||
{t("exam.actions.deleteConfirmDescription", { title: exam.title })}
|
||||
</AlertDialogDescription>
|
||||
</AlertDialogHeader>
|
||||
<AlertDialogFooter>
|
||||
<AlertDialogCancel>Cancel</AlertDialogCancel>
|
||||
<AlertDialogCancel>{t("exam.actions.cancel")}</AlertDialogCancel>
|
||||
<AlertDialogAction
|
||||
className="bg-destructive text-destructive-foreground hover:bg-destructive/90"
|
||||
onClick={(e) => {
|
||||
@@ -240,7 +241,7 @@ export function ExamActions({ exam }: ExamActionsProps) {
|
||||
}}
|
||||
disabled={isWorking}
|
||||
>
|
||||
Delete
|
||||
{t("exam.actions.delete")}
|
||||
</AlertDialogAction>
|
||||
</AlertDialogFooter>
|
||||
</AlertDialogContent>
|
||||
@@ -253,10 +254,10 @@ export function ExamActions({ exam }: ExamActionsProps) {
|
||||
</div>
|
||||
<ScrollArea className="flex-1">
|
||||
{loadingPreview ? (
|
||||
<div className="py-20 text-center text-muted-foreground">Loading preview...</div>
|
||||
<div className="py-20 text-center text-muted-foreground">{t("exam.actions.loadingPreview")}</div>
|
||||
) : previewNodes && previewNodes.length > 0 ? (
|
||||
<div className="max-w-3xl mx-auto py-8 px-6">
|
||||
<ExamPaperPreview
|
||||
<ExamPaperPreview
|
||||
title={exam.title}
|
||||
subject={exam.subject}
|
||||
grade={exam.grade}
|
||||
@@ -267,7 +268,7 @@ export function ExamActions({ exam }: ExamActionsProps) {
|
||||
</div>
|
||||
) : (
|
||||
<div className="py-20 text-center text-muted-foreground">
|
||||
No questions in this exam.
|
||||
{t("exam.actions.noQuestions")}
|
||||
</div>
|
||||
)}
|
||||
</ScrollArea>
|
||||
|
||||
Reference in New Issue
Block a user