feat: 完成 P1 全部功能 + 修复 proxy 导出 + 切换 MySQL 端口至 14013

## P1 功能（20 项） - 站内消息系统、家长仪表盘、学生考勤管理 - Excel 导入导出、用户批量导入、成绩导出 - 排课规则+自动排课+课表调整 - 成绩趋势+对比分析、密码安全策略、速率限制 - 数据变更日志、文件预览+存储策略、全文检索 - 依赖审计集成 CI、数据库定时备份、E2E 测试完善 - 通知偏好管理 ## 基础设施修复 - src/proxy.ts: 将 middleware 导出重命名为 proxy（Next.js 16 要求） - .env: MySQL 端口从 13002 切换至 14013 - scripts/create-db.ts: 新增数据库初始化脚本 ## 架构文档同步 - 004_architecture_impact_map.md 和 005_architecture_data.json 完整记录所有新增表、模块、路由、权限、依赖关系
2026-06-17 13:44:37 +08:00
parent 125f7ec54c
commit 3b6272c99d
195 changed files with 27274 additions and 416 deletions
--- a/src/modules/messaging/actions.ts
+++ b/src/modules/messaging/actions.ts
@@ -0,0 +1,245 @@
+"use server"
+
+import { revalidatePath } from "next/cache"
+import { PermissionDeniedError, requireAuth, requirePermission } from "@/shared/lib/auth-guard"
+import { Permissions } from "@/shared/types/permissions"
+import type { ActionState } from "@/shared/types/action-state"
+
+import { SendMessageSchema } from "./schema"
+import {
+  getMessages,
+  getMessageById,
+  createMessage,
+  markMessageAsRead,
+  deleteMessage,
+  getNotifications,
+  createNotification,
+  markNotificationAsRead,
+  markAllNotificationsAsRead,
+  getRecipients,
+} from "./data-access"
+import {
+  getNotificationPreferences,
+  upsertNotificationPreferences,
+} from "./notification-preferences"
+import type {
+  Message,
+  Notification,
+  MessageType,
+  NotificationPreferences,
+  RecipientOption,
+  UpdateNotificationPreferencesInput,
+} from "./types"
+
+export async function sendMessageAction(
+  prevState: ActionState<string> | null,
+  formData: FormData
+): Promise<ActionState<string>> {
+  try {
+    const ctx = await requirePermission(Permissions.MESSAGE_SEND)
+
+    const parsed = SendMessageSchema.safeParse({
+      receiverId: formData.get("receiverId"),
+      subject: formData.get("subject") || undefined,
+      content: formData.get("content"),
+      parentMessageId: formData.get("parentMessageId") || undefined,
+    })
+
+    if (!parsed.success) {
+      return { success: false, message: "Invalid form data", errors: parsed.error.flatten().fieldErrors }
+    }
+
+    const input = parsed.data
+    if (input.receiverId === ctx.userId) {
+      return { success: false, message: "Cannot send a message to yourself" }
+    }
+
+    const id = await createMessage({
+      senderId: ctx.userId,
+      receiverId: input.receiverId,
+      subject: input.subject,
+      content: input.content,
+      parentMessageId: input.parentMessageId,
+    })
+
+    // Notify the receiver about the new message
+    await createNotification({
+      userId: input.receiverId,
+      type: "message",
+      title: input.subject ? `New message: ${input.subject}` : "New message",
+      content: input.content.slice(0, 200),
+      link: `/messages/${id}`,
+    })
+
+    revalidatePath("/messages")
+    revalidatePath(`/messages/${id}`)
+
+    return { success: true, message: "Message sent", data: id }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function markMessageAsReadAction(messageId: string): Promise<ActionState<string>> {
+  try {
+    const ctx = await requirePermission(Permissions.MESSAGE_READ)
+    await markMessageAsRead(messageId, ctx.userId)
+    revalidatePath("/messages")
+    revalidatePath(`/messages/${messageId}`)
+    return { success: true, message: "Marked as read" }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function deleteMessageAction(messageId: string): Promise<ActionState<string>> {
+  try {
+    const ctx = await requirePermission(Permissions.MESSAGE_DELETE)
+    await deleteMessage(messageId, ctx.userId)
+    revalidatePath("/messages")
+    revalidatePath(`/messages/${messageId}`)
+    return { success: true, message: "Message deleted" }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function getMessagesAction(
+  params: { type: MessageType; page?: number; pageSize?: number }
+): Promise<ActionState<{ items: Message[]; total: number; page: number; pageSize: number; totalPages: number }>> {
+  try {
+    const ctx = await requirePermission(Permissions.MESSAGE_READ)
+    const result = await getMessages({ userId: ctx.userId, ...params })
+    return { success: true, data: result }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function getMessageDetailAction(messageId: string): Promise<ActionState<Message>> {
+  try {
+    const ctx = await requirePermission(Permissions.MESSAGE_READ)
+    const message = await getMessageById(messageId, ctx.userId)
+    if (!message) return { success: false, message: "Message not found" }
+    // Auto-mark as read when viewed by receiver
+    if (!message.isRead && message.receiverId === ctx.userId) {
+      await markMessageAsRead(messageId, ctx.userId)
+      revalidatePath("/messages")
+    }
+    return { success: true, data: message }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function getRecipientsAction(): Promise<ActionState<RecipientOption[]>> {
+  try {
+    const ctx = await requirePermission(Permissions.MESSAGE_SEND)
+    const recipients = await getRecipients(ctx.userId, ctx.dataScope)
+    return { success: true, data: recipients }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function getNotificationsAction(
+  params?: { page?: number; pageSize?: number; unreadOnly?: boolean }
+): Promise<ActionState<{ items: Notification[]; total: number; page: number; pageSize: number; totalPages: number }>> {
+  try {
+    const ctx = await requireAuth()
+    const result = await getNotifications(ctx.userId, params)
+    return { success: true, data: result }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function markNotificationAsReadAction(
+  notificationId: string
+): Promise<ActionState<string>> {
+  try {
+    const ctx = await requireAuth()
+    await markNotificationAsRead(notificationId, ctx.userId)
+    revalidatePath("/messages")
+    return { success: true, message: "Notification marked as read" }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function markAllNotificationsAsReadAction(): Promise<ActionState<string>> {
+  try {
+    const ctx = await requireAuth()
+    await markAllNotificationsAsRead(ctx.userId)
+    revalidatePath("/messages")
+    return { success: true, message: "All notifications marked as read" }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function getNotificationPreferencesAction(): Promise<ActionState<NotificationPreferences>> {
+  try {
+    const ctx = await requireAuth()
+    const prefs = await getNotificationPreferences(ctx.userId)
+    return { success: true, data: prefs }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}
+
+export async function updateNotificationPreferencesAction(
+  prevState: ActionState<NotificationPreferences> | null,
+  formData: FormData
+): Promise<ActionState<NotificationPreferences>> {
+  try {
+    const ctx = await requireAuth()
+
+    // 从 FormData 中解析布尔值（checkbox 提交 "on" 或不提交）
+    const parseBool = (key: string): boolean => formData.get(key) === "on"
+
+    const input: UpdateNotificationPreferencesInput = {
+      emailEnabled: parseBool("emailEnabled"),
+      smsEnabled: parseBool("smsEnabled"),
+      pushEnabled: parseBool("pushEnabled"),
+      homeworkNotifications: parseBool("homeworkNotifications"),
+      gradeNotifications: parseBool("gradeNotifications"),
+      announcementNotifications: parseBool("announcementNotifications"),
+      messageNotifications: parseBool("messageNotifications"),
+      attendanceNotifications: parseBool("attendanceNotifications"),
+    }
+
+    const updated = await upsertNotificationPreferences(ctx.userId, input)
+    if (!updated) {
+      return { success: false, message: "Failed to update notification preferences" }
+    }
+
+    revalidatePath("/settings")
+
+    return { success: true, message: "Notification preferences updated", data: updated }
+  } catch (e) {
+    if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
+    if (e instanceof Error) return { success: false, message: e.message }
+    return { success: false, message: "Unexpected error" }
+  }
+}