refactor(grades,diagnostic): 成绩和学情诊断模块审计修复

P0-1: 10 个页面补充 requirePermission 权限校验 P0-2: diagnostic/data-access-reports.ts 移除直查 users 表，改用 getUserNamesByIds P0-3: 新增 grade/grades/diagnostic 三组 i18n 翻译文件（zh-CN/en） P0-4: 新增 /management/grade 重定向页面 P1-2: 抽取 toNumber/normalize/buildScopeClassFilter 到 lib/grade-utils.ts P1-3: 为 12 个 Action 新增 Zod safeParse 校验（schema.ts +12 查询 schema） P1-4: 修复 as 断言违规，改用类型守卫函数 P2-2: 移除 diagnostic 组件中 Tailwind 任意值同步更新架构图文档 004 和 005
2026-06-22 16:23:34 +08:00
parent 20691f53ce
commit 45ee1ae43c
29 changed files with 2276 additions and 186 deletions
--- a/src/app/(dashboard)/management/grade/page.tsx
+++ b/src/app/(dashboard)/management/grade/page.tsx
@@ -0,0 +1,11 @@
+import { redirect } from "next/navigation"
+
+import { requirePermission } from "@/shared/lib/auth-guard"
+import { Permissions } from "@/shared/types/permissions"
+
+export const dynamic = "force-dynamic"
+
+export default async function GradeManagementPage(): Promise<void> {
+  await requirePermission(Permissions.GRADE_MANAGE)
+  redirect("/management/grade/classes")
+}
--- a/src/app/(dashboard)/teacher/diagnostic/class/[classId]/page.tsx
+++ b/src/app/(dashboard)/teacher/diagnostic/class/[classId]/page.tsx
@@ -1,7 +1,8 @@
 import type { JSX } from "react"
 import { notFound } from "next/navigation"
 import { Stethoscope } from "lucide-react"
-import { getAuthContext } from "@/shared/lib/auth-guard"
+import { requirePermission } from "@/shared/lib/auth-guard"
+import { Permissions } from "@/shared/types/permissions"
 import { getClassMasterySummary } from "@/modules/diagnostic/data-access"
 import { ClassDiagnosticView } from "@/modules/diagnostic/components/class-diagnostic-view"

@@ -13,7 +14,7 @@ export default async function ClassDiagnosticPage({
  params: Promise<{ classId: string }>
 }): Promise<JSX.Element> {
  const { classId } = await params
-  const ctx = await getAuthContext()
+  const ctx = await requirePermission(Permissions.DIAGNOSTIC_READ)

  // DataScope 校验：教师只能查看所教班级，学生/家长不可访问
  if (ctx.dataScope.type === "class_taught" && !ctx.dataScope.classIds.includes(classId)) {
--- a/src/app/(dashboard)/teacher/diagnostic/page.tsx
+++ b/src/app/(dashboard)/teacher/diagnostic/page.tsx
@@ -1,5 +1,6 @@
 import type { JSX } from "react"
-import { getAuthContext } from "@/shared/lib/auth-guard"
+import { requirePermission } from "@/shared/lib/auth-guard"
+import { Permissions } from "@/shared/types/permissions"
 import { getParam, type SearchParams } from "@/shared/lib/search-params"
 import { getDiagnosticReports } from "@/modules/diagnostic/data-access-reports"
 import { ReportList } from "@/modules/diagnostic/components/report-list"
@@ -33,7 +34,7 @@ export default async function TeacherDiagnosticPage({
  searchParams: Promise<SearchParams>
 }): Promise<JSX.Element> {
  const sp = await searchParams
-  const ctx = await getAuthContext()
+  const ctx = await requirePermission(Permissions.DIAGNOSTIC_READ)

  const reportType = getParam(sp, "reportType")
  const status = getParam(sp, "status")
--- a/src/app/(dashboard)/teacher/diagnostic/student/[studentId]/page.tsx
+++ b/src/app/(dashboard)/teacher/diagnostic/student/[studentId]/page.tsx
@@ -1,7 +1,8 @@
 import type { JSX } from "react"
 import { notFound } from "next/navigation"
 import { Stethoscope } from "lucide-react"
-import { getAuthContext } from "@/shared/lib/auth-guard"
+import { requirePermission } from "@/shared/lib/auth-guard"
+import { Permissions } from "@/shared/types/permissions"
 import {
  getStudentMasterySummary,
  getKnowledgePointStats,
@@ -18,7 +19,7 @@ export default async function StudentDiagnosticPage({
  params: Promise<{ studentId: string }>
 }): Promise<JSX.Element> {
  const { studentId } = await params
-  const ctx = await getAuthContext()
+  const ctx = await requirePermission(Permissions.DIAGNOSTIC_READ)

  // DataScope 二次校验：学生只能看自己，家长只能看子女
  if (ctx.dataScope.type === "class_members" && ctx.userId !== studentId) {
--- a/src/app/(dashboard)/teacher/grades/analytics/page.tsx
+++ b/src/app/(dashboard)/teacher/grades/analytics/page.tsx
@@ -4,7 +4,8 @@ import { BarChart3, ArrowLeft } from "lucide-react"

 import { Button } from "@/shared/components/ui/button"
 import { EmptyState } from "@/shared/components/ui/empty-state"
-import { getAuthContext } from "@/shared/lib/auth-guard"
+import { requirePermission } from "@/shared/lib/auth-guard"
+import { Permissions } from "@/shared/types/permissions"
 import { getParam, type SearchParams } from "@/shared/lib/search-params"
 import { getTeacherClasses } from "@/modules/classes/data-access"
 import { getGrades } from "@/modules/school/data-access"
@@ -30,7 +31,7 @@ export default async function GradeAnalyticsPage({
  searchParams: Promise<SearchParams>
 }): Promise<JSX.Element> {
  const sp = await searchParams
-  const ctx = await getAuthContext()
+  const ctx = await requirePermission(Permissions.GRADE_RECORD_READ)

  const classId = getParam(sp, "classId")
  const subjectId = getParam(sp, "subjectId")
--- a/src/app/(dashboard)/teacher/grades/page.tsx
+++ b/src/app/(dashboard)/teacher/grades/page.tsx
@@ -3,7 +3,9 @@ import Link from "next/link"
 import { PlusCircle, BarChart3, ClipboardList } from "lucide-react"
 import { Button } from "@/shared/components/ui/button"
 import { EmptyState } from "@/shared/components/ui/empty-state"
-import { getAuthContext } from "@/shared/lib/auth-guard"
+import { ListPagination, computePagination, paginate } from "@/shared/components/ui/list-pagination"
+import { requirePermission } from "@/shared/lib/auth-guard"
+import { Permissions } from "@/shared/types/permissions"
 import { getParam, type SearchParams } from "@/shared/lib/search-params"
 import { getTeacherClasses } from "@/modules/classes/data-access"
 import { getGradeRecords } from "@/modules/grades/data-access"
@@ -26,13 +28,15 @@ function parseSemester(v?: string): GradeRecordSemester | undefined {
  return v && VALID_SEMESTERS.has(v) ? (v as GradeRecordSemester) : undefined
 }

+const PAGE_SIZE = 20
+
 export default async function TeacherGradesPage({
  searchParams,
 }: {
  searchParams: Promise<SearchParams>
 }): Promise<JSX.Element> {
  const sp = await searchParams
-  const ctx = await getAuthContext()
+  const ctx = await requirePermission(Permissions.GRADE_RECORD_READ)

  const classId = getParam(sp, "classId")
  const subjectId = getParam(sp, "subjectId")
@@ -55,24 +59,32 @@ export default async function TeacherGradesPage({
  const classOptions = classes.map((c) => ({ id: c.id, name: c.name }))
  const subjectOptions = allSubjects.map((s) => ({ id: s.id, name: s.name }))

+  // 分页计算
+  const { page } = computePagination(sp, PAGE_SIZE)
+  const total = records.length
+  const totalPages = Math.max(1, Math.ceil(total / PAGE_SIZE))
+  const currentPage = Math.min(page, totalPages)
+  const pagedRecords = paginate(records, currentPage, PAGE_SIZE)
+  const hasFilters = Boolean(classId || subjectId || type || semester)
+
  return (
    <div className="h-full flex-1 flex-col space-y-8 p-8 md:flex">
      <div className="flex items-center justify-between space-y-2">
        <div>
-          <h1 className="text-2xl font-bold tracking-tight">Grades</h1>
-          <p className="text-muted-foreground">Manage student grade records.</p>
+          <h1 className="text-2xl font-bold tracking-tight">成绩记录</h1>
+          <p className="text-muted-foreground">管理学生成绩记录。</p>
        </div>
        <div className="flex items-center gap-2">
          <Button asChild variant="outline">
            <Link href="/teacher/grades/stats">
              <BarChart3 className="mr-2 h-4 w-4" aria-hidden="true" />
-              Statistics
+              统计
            </Link>
          </Button>
          <Button asChild variant="outline">
            <Link href="/teacher/grades/entry">
              <ClipboardList className="mr-2 h-4 w-4" aria-hidden="true" />
-              Batch Entry
+              批量录入
            </Link>
          </Button>
          <ExportButton
@@ -83,7 +95,7 @@ export default async function TeacherGradesPage({
          <Button asChild>
            <Link href="/teacher/grades/entry">
              <PlusCircle className="mr-2 h-4 w-4" aria-hidden="true" />
-              Record Grades
+              录入成绩
            </Link>
          </Button>
        </div>
@@ -91,18 +103,31 @@ export default async function TeacherGradesPage({

      <GradeQueryFilters classes={classOptions} subjects={subjectOptions} />

-      {records.length === 0 && !classId && !subjectId ? (
+      {records.length === 0 && !hasFilters ? (
        <EmptyState
-          title="No grade records"
-          description="Start by recording grades for your classes."
+          title="暂无成绩记录"
+          description="开始为您的班级录入成绩。"
          icon={ClipboardList}
          action={{
-            label: "Record Grades",
+            label: "录入成绩",
            href: "/teacher/grades/entry",
          }}
        />
      ) : (
-        <GradeRecordList records={records} />
+        <div className="space-y-4">
+          <GradeRecordList records={pagedRecords} />
+          {total > 0 ? (
+            <ListPagination
+              page={currentPage}
+              pageSize={PAGE_SIZE}
+              total={total}
+              totalPages={totalPages}
+              basePath="/teacher/grades"
+              searchParams={sp}
+              itemLabel="条记录"
+            />
+          ) : null}
+        </div>
      )}
    </div>
  )