refactor: fix all P0/P1/P2 bugs and architecture issues

Bug fixes (from bugs/ directory):

- Fix cross-module DB queries in 9 modules (homework, grades, parent, diagnostic, elective, proctoring, notifications, scheduling, classes) by routing through data-access functions

- Fix shared/lib <-> auth circular dependency via new session.ts module

- Fix divide-by-zero guard in grades data-access

- Fix audit export data truncation (paginated fetch for full datasets)

- Fix missing transactions in homework grading and elective lottery

- Fix missing revalidatePath in course-plans actions

- Fix frontend permission checks using requirePermission instead of requireAuth

- Fix dashboard role routing using session.user.roles

- Fix student auth pattern (migrate getDemoStudentUser to users module)

- Fix ActionState return type handling in components

Code quality fixes:

- Remove 60+ as type assertions (replace with type guards)

- Remove non-null assertions (use optional chaining or explicit checks)

- Convert dynamic imports to static imports (grades, diagnostic)

- Add React.cache() wrapping for read functions

- Parallelize independent queries with Promise.all

- Add explicit return types to 30+ arrow functions

- Replace any with unknown + type guards

- Fix import type for type-only imports

- Add Zod validation schemas for classes and diagnostic modules

- Extract duplicate code (normalizeRoleName, normalizeBcryptHash, logger IP extraction)

- Add console.error to silent catch blocks

- Fix permission naming consistency (exam:proctor_read -> exam:proctor:read)

Architecture doc sync:

- Update 004_architecture_impact_map.md and 005_architecture_data.json

- Update management-modules-audit.md for P0-7 cross-module fix

Moved deleted proctoring event route to deletes/ folder.

src/modules/exams/actions.ts

@@ -1,7 +1,7 @@
 "use server"
 
 import { revalidatePath } from "next/cache"
-import { ActionState } from "@/shared/types/action-state"
+import type { ActionState } from "@/shared/types/action-state"
 import { requirePermission, PermissionDeniedError } from "@/shared/lib/auth-guard"
 import { Permissions } from "@/shared/types/permissions"
 import { z } from "zod"
@@ -267,7 +267,8 @@ export async function createExamAction(
   try {
     const ctx = await requirePermission(Permissions.EXAM_CREATE)
 
-    const rawQuestions = formData.get("questionsJson") as string | null
+    const rawQuestionsValue = formData.get("questionsJson")
+    const rawQuestions = typeof rawQuestionsValue === "string" ? rawQuestionsValue : null
 
     const parsed = ExamCreateSchema.safeParse({
       title: getStringValue(formData, "title"),
@@ -346,9 +347,12 @@ export async function createAiExamAction(
   try {
     const ctx = await requirePermission(Permissions.EXAM_AI_GENERATE)
 
-    const rawQuestions = formData.get("questionsJson") as string | null
-    const rawAiQuestions = formData.get("aiQuestionsJson") as string | null
-    const rawStructure = formData.get("structureJson") as string | null
+    const rawQuestionsValue = formData.get("questionsJson")
+    const rawQuestions = typeof rawQuestionsValue === "string" ? rawQuestionsValue : null
+    const rawAiQuestionsValue = formData.get("aiQuestionsJson")
+    const rawAiQuestions = typeof rawAiQuestionsValue === "string" ? rawAiQuestionsValue : null
+    const rawStructureValue = formData.get("structureJson")
+    const rawStructure = typeof rawStructureValue === "string" ? rawStructureValue : null
     const aiSourceTextRaw = formData.get("aiSourceText")
     const aiQuestionCountRaw = formData.get("aiQuestionCount")
     const aiProviderIdRaw = formData.get("aiProviderId")