xiner/NextEdu
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(P2): 实现质量保障类5项功能(无障碍/视觉回归/通知渠道/漏洞扫描/灾备)

Browse Source 
## 新增功能

### 1. 屏幕阅读器兼容性增强(a11y)
- 无障碍工具库:src/shared/lib/a11y.ts
- aria-live Hook:src/shared/hooks/use-aria-live.ts
- a11y 组件:skip-link/visually-hidden/focus-trap/aria-status
- 增强 UI:table.tsx 系统性 ARIA role,dialog.tsx aria-modal
- 审计文档:docs/accessibility/a11y-audit.md(WCAG 2.1 AA 清单)

### 2. 视觉回归测试
- 测试套件:tests/visual/(homepage + 3 个 dashboard)
- 3 视口(desktop/tablet/mobile)× 2 主题(light/dark)
- 动态元素遮罩,避免误报
- playwright.config.ts 新增 visual-chromium 项目
- 文档:docs/testing/visual-regression.md

### 3. 短信/微信推送渠道集成
- 新模块:src/modules/notifications/
- 4 个渠道:SMS(阿里云/腾讯云)、WeChat(公众号)、Email(SMTP)、In-App
- 分发器按用户偏好并行多渠道发送
- 外部 SDK 动态 import,Mock 模式开发可用
- 文档:docs/notifications/channels.md

### 4. 漏洞扫描 CI 集成
- CI security-scan job:npm audit + Snyk + Trivy FS + OWASP ZAP
- 独立工作流 security.yml:每周一深度扫描 + 容器镜像扫描
- 配置:suppressions.json + .trivyignore
- 本地脚本:security-scan.sh/ps1
- 文档:docs/security/scanning.md(SLA 分级)

### 5. 灾备方案
- 脚本:backup-verify/backup-offsite-sync/dr-drill/failover/health-check
- CI 增强:备份后校验+异地同步,每周灾备演练
- 独立工作流 dr-drill.yml:每周一凌晨 4 点自动演练
- 文档:docs/dr/dr-plan.md(RTO 4h/RPO 24h)+ dr-runbook.md(6 故障场景)

## 验证
- npx tsc --noEmit:0 错误
- npm run lint:0 错误 0 警告
This commit is contained in:
SpecialX
2026-06-17 20:18:29 +08:00
parent b86255f0ea
commit 6585e10c6f
53 changed files with 7491 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
.env.example Normal file
View File

@@ -0,0 +1,67 @@
# Next_Edu 环境变量示例
# 复制此文件为 .env.local 并填写实际值
# ===== 基础配置 =====
DATABASE_URL="mysql://user:password@localhost:3306/next_edu"
NODE_ENV="development"
NEXTAUTH_SECRET="your-nextauth-secret"
NEXTAUTH_URL="http://localhost:8015"
NEXT_PUBLIC_APP_URL="http://localhost:8015"
# ===== AI 配置(可选) =====
AI_API_KEY=""
AI_BASE_URL=""
AI_MODEL=""
# ===== 灾备配置 =====
# 异地备份后端类型: s3|oss|nfs|none
BACKUP_OFFSITE_BACKEND=none
# 远程存储路径
# - s3: s3://bucket-name/backups/
# - oss: oss://bucket-name/backups/
# - nfs: /mnt/nfs/backups/
BACKUP_OFFSITE_REMOTE=
# 存储桶名称(仅 s3/oss)
BACKUP_OFFSITE_BUCKET=
# 访问密钥
BACKUP_OFFSITE_ACCESS_KEY=
# 秘密密钥
BACKUP_OFFSITE_SECRET_KEY=
# 区域(默认 us-east-1)
BACKUP_OFFSITE_REGION=us-east-1
# 远程备份保留天数(默认 90)
BACKUP_OFFSITE_RETENTION_DAYS=90
# ===== 灾备演练配置 =====
# 演练测试数据库名(默认 next_edu_dr_drill)
DR_DRILL_TEST_DB=next_edu_dr_drill
# 演练报告目录(默认 docs/dr/reports)
DR_DRILL_REPORT_DIR=docs/dr/reports
# ===== 健康检查配置 =====
# 应用健康检查 URL(默认 http://localhost:8015)
HEALTH_CHECK_URL=http://localhost:8015
# 磁盘空间阈值百分比(默认 90)
HEALTH_CHECK_DISK_THRESHOLD=90
# 备份最大年龄(小时,默认 24)
HEALTH_CHECK_BACKUP_MAX_AGE=24
# ===== 故障切换配置 =====
# 备库连接 URL(故障切换时使用)
DATABASE_URL_STANDBY=
# 应用容器名(默认 nextjs-app)
FAILOVER_APP_NAME=nextjs-app
# 应用 URL(默认 http://localhost:8015)
FAILOVER_APP_URL=http://localhost:8015
# 配置文件路径(默认 .env.local)
FAILOVER_CONFIG_FILE=.env.local
# 切换日志路径(默认 docs/dr/logs/failover.log)
FAILOVER_LOG_FILE=docs/dr/logs/failover.log
# ===== 备份配置 =====
# 备份目录(默认 ./backups)
BACKUP_DIR=./backups
# 本地备份保留天数(默认 30)
RETENTION_DAYS=30
# 备份校验最小文件大小(字节,默认 1024)
BACKUP_VERIFY_MIN_SIZE=1024

33
.gitea/suppressions.json Normal file
View File

@@ -0,0 +1,33 @@
{
"_meta": {
"description": "Snyk 漏洞抑制配置:记录已知且可接受的漏洞,每条抑制项需说明原因和到期时间",
"rule": "新增抑制项必须填写 reason 与 expires;到期后需重新评估",
"severityLevels": ["critical", "high", "medium", "low"]
},
"ignore": [
{
"id": "SNYK-JS-LODASH-567746",
"package": "lodash",
"severity": "low",
"reason": "原型污染漏洞,仅在开发依赖间接引用,生产环境未暴露受影响 API",
"expires": "2026-09-30",
"created": "2026-06-17",
"owner": "security-team"
},
{
"id": "SNYK-JS-SEMVER-3247795",
"package": "semver",
"severity": "low",
"reason": "ReDoS 漏洞,仅构建工具链间接依赖,运行时不触发正则输入",
"expires": "2026-09-30",
"created": "2026-06-17",
"owner": "security-team"
}
],
"policy": {
"maxIgnoredCritical": 0,
"maxIgnoredHigh": 0,
"requireOwnerApproval": true,
"reviewCadenceDays": 30
}
}

124
.gitea/workflows/ci.yml
View File

@@ -131,27 +131,56 @@ jobs:
echo "Deploy complete!"
security-audit:
security-scan:
runs-on: ubuntu-latest
needs: build-deploy
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- run: npm ci
- name: Run npm audit
run: npm audit --audit-level=moderate
# 1. npm audit(保留)
- name: npm audit
run: |
npm audit --audit-level=moderate || true
npm audit --json > audit-report.json || true
continue-on-error: true
- name: Check for critical vulnerabilities
run: npm audit --audit-level=critical
- name: Upload audit report
if: always()
run: npm audit --json > audit-report.json
# 2. Snyk 扫描(深度依赖分析)
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/node@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --severity-threshold=high --sarif-file-output=snyk.sarif
continue-on-error: true
# 3. Trivy 文件系统扫描(扫描项目代码和依赖)
- name: Trivy FS Scan
run: |
trivy fs --format json --output trivy-fs-report.json --exit-code 0 .
trivy fs --format table --exit-code 0 .
continue-on-error: true
# 4. OWASP ZAP 基线扫描(扫描部署后的应用)
- name: OWASP ZAP Baseline Scan
uses: zaproxy/action-baseline@v0.10.0
with:
target: ${{ secrets.NEXTAUTH_URL || 'http://localhost:8015' }}
cmd_options: '-a -j'
continue-on-error: true
# 5. 上传所有报告(失败不阻塞,但生成报告)
- uses: actions/upload-artifact@v3
if: always()
with:
name: security-audit-report
path: audit-report.json
name: security-reports
path: |
audit-report.json
trivy-fs-report.json
snyk.sarif
scheduled-backup:
if: github.event_name == 'schedule'
@@ -165,8 +194,83 @@ jobs:
run: |
chmod +x scripts/backup-db.sh
./scripts/backup-db.sh
- name: Verify backup integrity
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
BACKUP_DIR: ./backups
run: |
chmod +x scripts/backup-verify.sh
./scripts/backup-verify.sh
- name: Sync backup to offsite storage
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
BACKUP_DIR: ./backups
BACKUP_OFFSITE_BACKEND: ${{ secrets.BACKUP_OFFSITE_BACKEND }}
BACKUP_OFFSITE_REMOTE: ${{ secrets.BACKUP_OFFSITE_REMOTE }}
BACKUP_OFFSITE_BUCKET: ${{ secrets.BACKUP_OFFSITE_BUCKET }}
BACKUP_OFFSITE_ACCESS_KEY: ${{ secrets.BACKUP_OFFSITE_ACCESS_KEY }}
BACKUP_OFFSITE_SECRET_KEY: ${{ secrets.BACKUP_OFFSITE_SECRET_KEY }}
BACKUP_OFFSITE_REGION: ${{ secrets.BACKUP_OFFSITE_REGION }}
run: |
chmod +x scripts/backup-offsite-sync.sh
./scripts/backup-offsite-sync.sh || echo "WARN: Offsite sync failed, continuing"
- uses: actions/upload-artifact@v3
with:
name: db-backup
path: backups/
retention-days: 30
backup-verify:
if: github.event_name == 'schedule'
needs: scheduled-backup
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v3
with:
name: db-backup
path: backups/
- name: Verify backup integrity
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
BACKUP_DIR: ./backups
run: |
chmod +x scripts/backup-verify.sh
./scripts/backup-verify.sh
- name: Run health check
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
BACKUP_DIR: ./backups
HEALTH_CHECK_URL: ${{ secrets.HEALTH_CHECK_URL }}
run: |
chmod +x scripts/health-check.sh
./scripts/health-check.sh > health-report.json || true
- uses: actions/upload-artifact@v3
if: always()
with:
name: backup-verify-report
path: |
backups/
health-report.json
retention-days: 7
weekly-dr-drill:
if: github.event_name == 'schedule' && github.run_attempt % 7 == 0
needs: backup-verify
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run disaster recovery drill
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
BACKUP_DIR: ./backups
DR_DRILL_TEST_DB: next_edu_dr_drill
run: |
chmod +x scripts/dr-drill.sh
./scripts/dr-drill.sh || echo "WARN: DR drill failed, see report"
- uses: actions/upload-artifact@v3
if: always()
with:
name: dr-drill-report
path: docs/dr/reports/
retention-days: 90

124
.gitea/workflows/dr-drill.yml Normal file
View File

@@ -0,0 +1,124 @@
name: DR Drill
on:
schedule:
- cron: "0 4 * * 1" # 每周一凌晨 4 点
workflow_dispatch: # 支持手动触发
inputs:
backup_file:
description: '指定备份文件(可选,留空使用最新备份)'
required: false
default: ''
no_cleanup:
description: '演练后不清理测试数据库'
required: false
type: boolean
default: false
jobs:
dr-drill:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install MySQL client
run: |
sudo apt-get update -qq
sudo apt-get install -y -qq mysql-client
- name: Prepare backup directory
run: mkdir -p backups docs/dr/reports
- name: Download latest backup artifact (if no backup file specified)
if: github.event.inputs.backup_file == ''
uses: actions/download-artifact@v3
with:
name: db-backup
path: backups/
continue-on-error: true
- name: Run database backup (if no artifact available)
if: steps.download.outcome == 'failure' || true
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
BACKUP_DIR: ./backups
run: |
if [ -z "$(ls -A backups/db_backup_*.sql.gz 2>/dev/null)" ]; then
echo "No backup artifact found, creating fresh backup..."
chmod +x scripts/backup-db.sh
./scripts/backup-db.sh
else
echo "Using existing backup artifact"
fi
- name: Run disaster recovery drill
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
BACKUP_DIR: ./backups
DR_DRILL_TEST_DB: next_edu_dr_drill
run: |
chmod +x scripts/dr-drill.sh
ARGS=""
if [ -n "${{ github.event.inputs.backup_file }}" ]; then
ARGS="$ARGS --backup ${{ github.event.inputs.backup_file }}"
fi
if [ "${{ github.event.inputs.no_cleanup }}" = "true" ]; then
ARGS="$ARGS --no-cleanup"
fi
./scripts/dr-drill.sh $ARGS
- name: Upload drill report
if: always()
uses: actions/upload-artifact@v3
with:
name: dr-drill-report-${{ github.run_id }}
path: docs/dr/reports/
retention-days: 90
- name: Notify operations team (on failure)
if: failure()
env:
WEBHOOK_URL: ${{ secrets.DR_NOTIFICATION_WEBHOOK }}
SMTP_HOST: ${{ secrets.SMTP_HOST }}
run: |
echo "DR Drill failed! Notifying operations team..."
# Webhook 通知(如果配置)
if [ -n "$WEBHOOK_URL" ]; then
curl -X POST "$WEBHOOK_URL" \
-H "Content-Type: application/json" \
-d "{
\"text\": \"⚠️ DR Drill Failed\",
\"attachments\": [{
\"color\": \"danger\",
\"fields\": [
{\"title\": \"Repository\", \"value\": \"${{ github.repository }}\", \"short\": true},
{\"title\": \"Run ID\", \"value\": \"${{ github.run_id }}\", \"short\": true},
{\"title\": \"Triggered By\", \"value\": \"${{ github.actor }}\", \"short\": true},
{\"title\": \"Time\", \"value\": \"$(date -u +%Y-%m-%dT%H:%M:%SZ)\", \"short\": true},
{\"title\": \"Action\", \"value\": \"Check workflow logs and report artifact\", \"short\": false}
]
}]
}" || echo "WARN: Webhook notification failed"
else
echo "INFO: DR_NOTIFICATION_WEBHOOK not set, skipping webhook notification"
fi
# 邮件通知(如果配置 SMTP)
if [ -n "$SMTP_HOST" ]; then
echo "INFO: SMTP notification would be sent (configure in production)"
fi
- name: Summary
if: always()
run: |
echo "=== DR Drill Workflow Summary ==="
echo "Run ID: ${{ github.run_id }}"
echo "Triggered by: ${{ github.actor }}"
echo "Status: ${{ job.status }}"
echo "Report: Check dr-drill-report-${{ github.run_id }} artifact"
echo ""
if [ -f docs/dr/reports/dr_drill_*.md ]; then
echo "Latest drill report:"
cat docs/dr/reports/dr_drill_*.md | head -50
fi

163
.gitea/workflows/security.yml Normal file
View File

@@ -0,0 +1,163 @@
name: Security
# 独立安全扫描工作流:深度安全扫描
# - 定时:每周一凌晨 3 点执行
# - 手动触发:workflow_dispatch(可指定扫描目标)
on:
schedule:
- cron: "0 3 * * 1" # 每周一凌晨 3 点
workflow_dispatch:
inputs:
target_url:
description: "DAST 扫描目标 URL(留空则使用 NEXTAUTH_URL secret 或 localhost:8015)"
required: false
default: ""
skip_dast:
description: "跳过 DAST 扫描"
type: boolean
required: false
default: false
jobs:
deep-security-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- name: Install dependencies
run: npm ci
# 1. 依赖扫描:npm audit
- name: Dependency scan (npm audit)
run: |
echo "::group::npm audit"
npm audit --audit-level=moderate || true
npm audit --json > audit-report.json || true
echo "::endgroup::"
continue-on-error: true
# 2. 深度依赖分析 + 静态分析:Snyk
- name: Snyk dependency & code scan
uses: snyk/actions/node@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --severity-threshold=medium --sarif-file-output=snyk.sarif
continue-on-error: true
# 3. 文件系统扫描:Trivy FS(代码 + 依赖)
- name: Trivy filesystem scan
run: |
echo "::group::Trivy FS scan"
trivy fs --format json --output trivy-fs-report.json --exit-code 0 .
trivy fs --format table --exit-code 0 .
echo "::endgroup::"
continue-on-error: true
# 4. 容器镜像扫描:构建 nextjs-app 镜像并扫描
- name: Build & scan container image
run: |
echo "::group::Build Next.js standalone"
SKIP_ENV_VALIDATION=1 NEXT_TELEMETRY_DISABLED=1 npm run build
mkdir -p .next/standalone/public
mkdir -p .next/standalone/.next/static
cp -r public/* .next/standalone/public/ || true
cp -r .next/static/* .next/standalone/.next/static/ || true
cp Dockerfile .next/standalone/Dockerfile
echo "::endgroup::"
echo "::group::Build Docker image"
docker build -t nextjs-app:scan .next/standalone
echo "::endgroup::"
echo "::group::Trivy image scan"
trivy image --format json --output trivy-image-report.json --exit-code 0 nextjs-app:scan
trivy image --format table --exit-code 0 nextjs-app:scan
echo "::endgroup::"
continue-on-error: true
# 5. DAST:OWASP ZAP 基线扫描
- name: OWASP ZAP Baseline Scan (DAST)
if: ${{ github.event.inputs.skip_dast != 'true' }}
uses: zaproxy/action-baseline@v0.10.0
with:
target: ${{ github.event.inputs.target_url || secrets.NEXTAUTH_URL || 'http://localhost:8015' }}
cmd_options: '-a -j'
continue-on-error: true
# 6. 生成汇总报告
- name: Generate summary report
if: always()
run: |
echo "# 安全扫描汇总报告" > security-summary.md
echo "" >> security-summary.md
echo "- 扫描时间: $(date -u '+%Y-%m-%d %H:%M:%S UTC')" >> security-summary.md
echo "- 触发方式: ${{ github.event_name }}" >> security-summary.md
echo "- 运行编号: ${{ github.run_id }}" >> security-summary.md
echo "" >> security-summary.md
echo "## 扫描结果" >> security-summary.md
echo "" >> security-summary.md
echo "| 扫描类型 | 状态 | 详情 |" >> security-summary.md
echo "|---------|------|------|" >> security-summary.md
# npm audit 汇总
if [ -f audit-report.json ]; then
AUDIT_SUMMARY=$(jq -r '.metadata.vulnerabilities | "critical:\(.critical) high:\(.high) moderate:\(.moderate) low:\(.low) info:\(.info)"' audit-report.json 2>/dev/null || echo "解析失败")
echo "| npm audit | 完成 | ${AUDIT_SUMMARY} |" >> security-summary.md
else
echo "| npm audit | 未生成报告 | - |" >> security-summary.md
fi
# Trivy FS 汇总
if [ -f trivy-fs-report.json ]; then
FS_COUNT=$(jq -r '[.Results[]?.Vulnerabilities[]?] | length' trivy-fs-report.json 2>/dev/null || echo "0")
echo "| Trivy FS | 完成 | 漏洞数: ${FS_COUNT} |" >> security-summary.md
else
echo "| Trivy FS | 未生成报告 | - |" >> security-summary.md
fi
# Trivy Image 汇总
if [ -f trivy-image-report.json ]; then
IMG_COUNT=$(jq -r '[.Results[]?.Vulnerabilities[]?] | length' trivy-image-report.json 2>/dev/null || echo "0")
echo "| Trivy Image | 完成 | 漏洞数: ${IMG_COUNT} |" >> security-summary.md
else
echo "| Trivy Image | 未生成报告 | - |" >> security-summary.md
fi
# Snyk 汇总
if [ -f snyk.sarif ]; then
SNYK_COUNT=$(jq -r '[.runs[]?.results[]?] | length' snyk.sarif 2>/dev/null || echo "0")
echo "| Snyk | 完成 | 问题数: ${SNYK_COUNT} |" >> security-summary.md
else
echo "| Snyk | 未生成报告(可能缺少 SNYK_TOKEN) | - |" >> security-summary.md
fi
echo "" >> security-summary.md
echo "## 处理建议" >> security-summary.md
echo "" >> security-summary.md
echo "- **Critical**: 24 小时内修复或缓解" >> security-summary.md
echo "- **High**: 7 天内修复" >> security-summary.md
echo "- **Medium**: 30 天内修复" >> security-summary.md
echo "- **Low**: 90 天内评估处理" >> security-summary.md
echo "" >> security-summary.md
echo "详细报告见 artifact: security-reports-full" >> security-summary.md
echo "::notice::安全扫描汇总报告已生成"
cat security-summary.md
# 7. 上传所有报告
- uses: actions/upload-artifact@v3
if: always()
with:
name: security-reports-full
path: |
audit-report.json
trivy-fs-report.json
trivy-image-report.json
snyk.sarif
security-summary.md

7
.gitignore vendored
View File

@@ -32,6 +32,7 @@ yarn-error.log*
# env files (can opt-in for committing if needed)
.env*
!.env.example
# vercel
.vercel
@@ -45,7 +46,13 @@ next-env.d.ts
# security audit reports
/audit-report.json
/trivy-fs-report.json
/trivy-image-report.json
/snyk.sarif
/security-summary.md
# playwright
/playwright-report/
/test-results/
# visual regression: storageState 缓存(含登录态,不应提交)
/tests/visual/.auth/

13
.trivyignore Normal file
View File

@@ -0,0 +1,13 @@
# Trivy 忽略列表
# 每行一个 CVE ID,带注释说明忽略原因
# 忽略策略:仅忽略经评估确认不影响生产环境的漏洞
# 定期复审:每 30 天由 security-team 复审一次
# CVE-2023-26136: tough-cookie 原型污染,Next.js 运行时未直接使用该 API,仅间接依赖
CVE-2023-26136
# CVE-2023-28155: http-proxy SSRF/请求走私,仅开发服务器代理场景,生产环境未启用
CVE-2023-28155
# CVE-2024-4068: braces ReDoS,仅构建时模板编译使用,运行时无不可信输入
CVE-2024-4068

276
docs/accessibility/a11y-audit.md Normal file
View File

@@ -0,0 +1,276 @@
# 无障碍审计报告 (A11y Audit)
> 审计日期2026-06-17
> 审计范围:`src/shared/` 核心组件与新增无障碍工具
> 合规目标WCAG 2.1 AA
---
## 一、已审计组件与 ARIA 改进
### 1. 新增无障碍工具库
| 文件 | 导出 | 用途 |
|------|------|------|
| `src/shared/lib/a11y.ts` | `useA11yId` | 基于 `React.useId` 生成 SSR 安全的唯一 ID用于 `aria-describedby``aria-labelledby` |
| `src/shared/lib/a11y.ts` | `mergeA11yProps` | 合并多组 aria/data 属性,`aria-*`/`data-*` 字符串属性以空格拼接 |
| `src/shared/lib/a11y.ts` | `describeInput` | 计算输入框的 `aria-describedby``aria-invalid` |
| `src/shared/lib/a11y.ts` | `loadingAria` | 提供加载状态的 `aria-busy``aria-live` 属性 |
### 2. 新增 Hook
| 文件 | 导出 | 用途 |
|------|------|------|
| `src/shared/hooks/use-aria-live.ts` | `useAriaLive` | 管理 aria-live 区域,支持 polite/assertive 通知,自动清除过期通知(默认 5s返回 `{ announce, liveRegion }` |
### 3. 新增 a11y 组件
| 文件 | 组件 | 用途 |
|------|------|------|
| `src/shared/components/a11y/skip-link.tsx` | `SkipLink` | 跳转链接,视觉隐藏,获得焦点时高对比度显示,默认跳转 `#main-content` |
| `src/shared/components/a11y/visually-hidden.tsx` | `VisuallyHidden` | 视觉隐藏但屏幕阅读器可读,用于图标按钮文字描述、表单辅助说明 |
| `src/shared/components/a11y/focus-trap.tsx` | `FocusTrap` | 焦点陷阱,捕获 Tab/Shift+Tab 循环,支持初始焦点与焦点恢复 |
| `src/shared/components/a11y/aria-status.tsx` | `AriaStatus` | ARIA 状态通知区域,渲染 `aria-live` 区域,支持 polite/assertive |
### 4. 增强的核心 UI 组件
#### `src/shared/components/ui/table.tsx`
| 组件 | ARIA 改进 |
|------|-----------|
| `Table` | 默认 `role="table"`(可覆盖),支持 `aria-rowcount``aria-colcount` |
| `TableHeader` | 默认 `role="rowgroup"` |
| `TableBody` | 默认 `role="rowgroup"` |
| `TableFooter` | 默认 `role="rowgroup"` |
| `TableRow` | 默认 `role="row"` |
| `TableHead` | 默认 `role="columnheader"`,支持 `scope` 属性(`col`/`row`/`colgroup`/`rowgroup` |
| `TableCell` | 默认 `role="cell"` |
| `TableCaption` | 已有 `<caption>` 元素,为表格提供可访问标题 |
所有 `role` 均为默认值,可通过 props 覆盖,**完全向后兼容**。
#### `src/shared/components/ui/dialog.tsx`
| 改进项 | 说明 |
|--------|------|
| `aria-modal="true"` | 显式添加到 `DialogContent`Radix 已内置,此处显式标注便于审计) |
| 关闭按钮 `aria-label="关闭"` | 添加明确的中文无障碍标签 |
| 关闭按钮 sr-only 文本 | 由 "Close" 改为 "关闭",与项目语言一致 |
| 焦点管理 | Radix Dialog 原语已内置:打开时焦点移入内容区,关闭时恢复到触发元素 |
| Esc 键关闭 | Radix Dialog 原语已内置 |
| `aria-labelledby` | Radix 自动关联 `DialogTitle` 的 id 到 `aria-labelledby` |
---
## 二、待改进项
| 优先级 | 项目 | 说明 |
|--------|------|------|
| 高 | 表单组件 `aria-describedby` 关联 | `Input``Textarea``Select` 等需配合 `describeInput` 工具函数,将错误提示和帮助文本的 id 关联到输入框 |
| 高 | 图标按钮 `aria-label` | 全项目排查仅含图标无文字的按钮,补充 `aria-label` 或使用 `VisuallyHidden` |
| 中 | `Sheet`/`AlertDialog` 焦点管理 | 参照 `Dialog` 增强,显式添加 `aria-modal` 和中文关闭标签 |
| 中 | 数据表格 `aria-rowcount`/`aria-colcount` | 在使用 `@tanstack/react-table` 的页面中,为 `Table` 传入总行数和列数 |
| 中 | 面包屑 `aria-label="面包屑导航"` | `Breadcrumb` 容器添加 `nav``aria-label` |
| 中 | 分页组件 `aria-label` | 分页导航添加 `aria-label="分页"`,当前页使用 `aria-current="page"` |
| 低 | 动态内容变更播报 | 在表单提交、数据加载场景接入 `useAriaLive` 进行状态播报 |
| 低 | 颜色对比度审查 | 使用 axe DevTools 全量扫描颜色对比度是否达到 4.5:1正文/ 3:1大文字 |
| 低 | 跳转链接全局应用 | 将 `app/(dashboard)/layout.tsx` 中的内联 skip-link 替换为 `SkipLink` 组件 |
---
## 三、屏幕阅读器测试指南
### NVDAWindows免费
1. **安装**:从 [nvaccess.org](https://www.nvaccess.org/) 下载安装
2. **启动/退出**`Ctrl + Alt + N` 启动,`Insert + Q` 退出
3. **核心快捷键**
- `↓` / `↑`:逐行阅读
- `Tab` / `Shift + Tab`:在可聚焦元素间移动
- `H`:按标题跳转
- `T`:跳转到表格
- `F`:跳转到表单控件
- `B`:跳转到按钮
- `Insert + Tab`:播报当前焦点元素
- `Insert + Space`:切换浏览/焦点模式
4. **测试要点**
- 打开页面后 Tab 到 SkipLink确认可跳转到主内容区
- Tab 遍历所有交互元素,确认每个元素有可读的名称
- 打开 Dialog确认焦点移入对话框、Esc 可关闭、关闭后焦点回到触发按钮
- 在表格中按 `T` 跳转,确认表格标题和行列关系正确播报
### VoiceOvermacOS内置
1. **启动/退出**`Cmd + F5`
2. **核心快捷键**
- `Ctrl + Option + →` / `←`:逐元素导航
- `Ctrl + Option + Cmd + H`:按标题跳转
- `Ctrl + Option + Cmd + T`:跳转到表格
- `Ctrl + Option + Space`:激活当前元素
- `Ctrl + Option + U`打开转子Rotor按元素类型浏览
3. **测试要点**
- 确认 SkipLink 获得焦点时高对比度显示
- 确认 `aria-live` 区域在表单提交后播报结果
- 确认 `VisuallyHidden` 内容被播报但不可见
- 确认 Dialog 打开时 VoiceOver 朗读对话框标题
### 通用测试清单
- [ ] 所有交互元素可通过键盘访问Tab/Shift+Tab/Enter/Space/Esc
- [ ] 焦点顺序符合视觉阅读顺序
- [ ] 焦点可见focus 样式清晰)
- [ ] 每个交互元素有可访问名称(`aria-label` 或可见文字)
- [ ] 表单错误信息通过 `aria-live``aria-describedby` 播报
- [ ] 加载状态通过 `aria-busy``aria-live` 播报
- [ ] 模态框打开时焦点被困在框内,关闭后恢复
---
## 四、WCAG 2.1 AA 合规检查清单
### 原则一:可感知 (Perceivable)
| 准则 | 状态 | 说明 |
|------|------|------|
| 1.1.1 非文本内容 | ✅ | 图标按钮通过 `aria-label``VisuallyHidden` 提供文字替代 |
| 1.2.1 纯音频/视频 | ⚠️ | 项目暂无音视频内容,后续如需添加需提供字幕/文字稿 |
| 1.3.1 信息与关系 | ✅ | 表格通过 `role``scope` 表达行列关系;表单通过 `aria-describedby` 关联说明 |
| 1.3.2 有意义的顺序 | ✅ | DOM 顺序与视觉顺序一致 |
| 1.3.3 感官特征 | ✅ | 不仅依赖颜色/位置传达信息,配合文字说明 |
| 1.3.4 方向 | ✅ | 不限制屏幕方向 |
| 1.4.1 颜色的使用 | ✅ | 错误状态除颜色外配合文字/图标 |
| 1.4.3 对比度(最低) | ⚠️ | 需全量审查,语义色 `muted-foreground` 需确认对比度 ≥ 4.5:1 |
| 1.4.4 文字缩放 | ✅ | 使用 `rem`/`em` 单位,支持 200% 缩放 |
| 1.4.10 回流 | ✅ | 响应式布局,支持 320px 宽度 |
| 1.4.11 非文字对比度 | ✅ | 边框、焦点环使用语义色,对比度 ≥ 3:1 |
### 原则二:可操作 (Operable)
| 准则 | 状态 | 说明 |
|------|------|------|
| 2.1.1 键盘 | ✅ | 所有交互可通过键盘操作 |
| 2.1.2 无键盘陷阱 | ✅ | `FocusTrap` 仅在模态框激活时使用Esc 可退出 |
| 2.1.4 字符快捷键 | ✅ | 无单字符快捷键 |
| 2.2.1 计时可调 | ✅ | 无超时限制(会话超时由 NextAuth 管理,可延长) |
| 2.3.1 三次闪烁 | ✅ | 无闪烁内容 |
| 2.4.1 跳过区块 | ✅ | `SkipLink` 组件提供跳转到主内容 |
| 2.4.2 页面标题 | ✅ | Next.js metadata 提供页面标题 |
| 2.4.3 焦点顺序 | ✅ | DOM 顺序符合逻辑 |
| 2.4.4 链接目的 | ✅ | 链接文字描述目的,避免"点击这里" |
| 2.4.6 标题与标签 | ✅ | 表单字段使用 `Label` 组件关联 |
| 2.4.7 焦点可见 | ✅ | 所有交互元素有 `focus:ring` 样式 |
| 2.5.3 标签包含名称 | ✅ | 可见标签文字包含在可访问名称中 |
### 原则三:可理解 (Understandable)
| 准则 | 状态 | 说明 |
|------|------|------|
| 3.1.1 页面语言 | ✅ | `<html lang="zh-CN">` |
| 3.1.2 部分语言 | ✅ | 暂无混语言内容 |
| 3.2.1 聚焦 | ✅ | 聚焦不触发意外上下文变更 |
| 3.2.2 输入 | ✅ | 表单提交需明确按钮触发 |
| 3.2.3 一致导航 | ✅ | 侧边栏导航在页面间一致 |
| 3.2.4 一致标识 | ✅ | 功能相同的组件使用一致标识 |
| 3.3.1 错误识别 | ✅ | 表单错误通过 `aria-invalid``aria-describedby` 播报 |
| 3.3.2 标签或说明 | ✅ | 表单字段使用 `Label` 关联,提供 `placeholder` 补充 |
| 3.3.3 错误建议 | ⚠️ | 部分表单错误仅提示"必填",需补充修正建议 |
| 3.3.4 错误预防 | ✅ | 删除/提交关键操作使用 `AlertDialog` 确认 |
### 原则四:健壮 (Robust)
| 准则 | 状态 | 说明 |
|------|------|------|
| 4.1.1 解析 | ✅ | React 保证有效 HTML |
| 4.1.2 名称、角色、值 | ✅ | ARIA 角色和属性正确设置,状态变化通过 `aria-live` 播报 |
| 4.1.3 状态消息 | ✅ | `useAriaLive``AriaStatus` 提供 `aria-live` 状态播报 |
---
## 五、自动化测试工具推荐
| 工具 | 用途 | 链接 |
|------|------|------|
| axe DevTools | 浏览器插件,扫描页面无障碍问题 | https://www.deque.com/axe/devtools/ |
| Lighthouse | Chrome 内置,生成无障碍评分 | Chrome DevTools → Lighthouse |
| @axe-core/playwright | E2E 测试中集成 axe 检查 | https://github.com/dequelabs/axe-core-npm |
| eslint-plugin-jsx-a11y | ESLint 静态检查 JSX 无障碍问题 | https://github.com/jsx-eslint/eslint-plugin-jsx-a11y |
---
## 六、使用示例
### `useAriaLive` — 表单提交结果播报
```tsx
"use client"
import { useAriaLive } from "@/shared/hooks/use-aria-live"
function MyForm() {
const { announce, liveRegion } = useAriaLive()
const handleSubmit = async () => {
const result = await submitAction()
if (result.success) {
announce("保存成功", { politeness: "polite" })
} else {
announce(`保存失败:${result.message}`, { politeness: "assertive" })
}
}
return (
<>
<form onSubmit={handleSubmit}>{/* ... */}</form>
{liveRegion}
</>
)
}
```
### `describeInput` — 输入框错误关联
```tsx
import { useA11yId, describeInput } from "@/shared/lib/a11y"
function EmailField({ error }: { error?: string }) {
const hintId = useA11yId("email-hint")
const errorId = useA11yId("email-error")
const { ariaDescribedBy, ariaInvalid } = describeInput(
hintId,
error ? errorId : undefined
)
return (
<>
<Input
aria-describedby={ariaDescribedBy}
aria-invalid={ariaInvalid}
/>
<span id={hintId} className="text-muted-foreground text-sm">
</span>
{error && (
<span id={errorId} className="text-destructive text-sm" role="alert">
{error}
</span>
)}
</>
)
}
```
### `FocusTrap` — 自定义模态框
```tsx
import { FocusTrap } from "@/shared/components/a11y/focus-trap"
function CustomModal({ open, onClose, children }) {
return (
<FocusTrap active={open} restoreFocus>
<div role="dialog" aria-modal="true">
{children}
<button onClick={onClose}></button>
</div>
</FocusTrap>
)
}
```

265
docs/architecture/004_architecture_impact_map.md
View File

@@ -214,6 +214,30 @@
- 功能:默认存储 Provider 单例,替换此实例可迁移到 OSS/S3
- 被以下模块使用:`app/api/files/batch-delete/route.ts`
#### `useA11yId`
- 签名:`useA11yId(prefix: string): string`
- 功能:基于 `React.useId` 生成 SSR 安全的唯一 ID用于 `aria-describedby``aria-labelledby`
- 依赖:`react`
- 被以下模块使用待扩展表单组件、a11y 组件)
#### `mergeA11yProps`
- 签名:`mergeA11yProps<T extends Record<string, unknown>>(...props: (T | undefined | null | false)[]): T`
- 功能:合并多组 aria/data 属性,普通属性后者覆盖前者,`aria-*`/`data-*` 字符串属性以空格拼接
- 依赖:无
- 被以下模块使用:待扩展
#### `describeInput`
- 签名:`describeInput(describedBy?: string, error?: string, hint?: string): { ariaDescribedBy?: string; ariaInvalid?: boolean }`
- 功能:计算输入框的 `aria-describedby`(合并多个 ID`aria-invalid`error 存在则为 true
- 依赖:无
- 被以下模块使用:待扩展(表单组件)
#### `loadingAria`
- 签名:`loadingAria(isLoading: boolean): { ariaBusy: boolean; ariaLive: "polite" | "assertive" }`
- 功能:提供加载状态的 `aria-busy``aria-live=polite` 属性
- 依赖:无
- 被以下模块使用:待扩展
### 导出常量与实例
#### `Permissions` (常量对象)
@@ -300,7 +324,31 @@
- 基于:`@radix-ui/react-switch`
- Props: Radix Switch Root props`checked`, `onCheckedChange`, `disabled`, `id`, `aria-label` 等)
- 功能:开关切换 UI 组件shadcn 风格checked/unchecked 两态)
- 被使用:`settings/components/notification-preferences-form.tsx`
- 被使用settings/components/notification-preferences-form.tsx
#### `SkipLink`
- 文件:`components/a11y/skip-link.tsx`
- Props: `{ href?, children?, ...AnchorHTMLAttributes }`,默认 href=`#main-content`,默认文字"跳转到主内容"
- 功能:跳转链接组件,视觉隐藏,获得焦点时高对比度显示,供键盘用户跳过导航直达主内容
- 被使用:待替换 `app/(dashboard)/layout.tsx` 中的内联 skip-link
#### `VisuallyHidden`
- 文件:`components/a11y/visually-hidden.tsx`
- Props: `{ children?, ...HTMLAttributes }`
- 功能:视觉隐藏但屏幕阅读器可读,用于图标按钮文字描述、表单辅助说明
- 被使用:待扩展
#### `FocusTrap`
- 文件:`components/a11y/focus-trap.tsx`
- Props: `{ children, active?, initialFocusRef?, restoreFocus?, className? }`
- 功能:焦点陷阱组件,捕获 Tab/Shift+Tab 在容器内循环,支持初始焦点与焦点恢复,用于模态框/对话框
- 被使用待扩展Dialog/Sheet 自定义场景)
#### `AriaStatus`
- 文件:`components/a11y/aria-status.tsx`
- Props: `{ children?, politeness?, atomic?, ...HTMLAttributes }`,默认 politeness=`polite`atomic=`true`
- 功能ARIA 状态通知区域,渲染 `aria-live` 区域role=status用于页面级状态通知如"加载中"、"已保存"
- 被使用:待扩展
### 导出 Hooks
@@ -2411,6 +2459,112 @@
---
## 模块notifications
### 模块职责
通知渠道集成层:基于用户通知偏好(`notification_preferences` 表)将通知分发到站内消息 / SMS / 微信公众号 / 邮件多渠道。所有渠道实现统一 `NotificationChannelSender` 接口dispatcher 按偏好并行发送。支持 Mock 模式(开发环境无需外部服务即可运行)。
### 模块路径
`src/modules/notifications`
### 依赖关系
- 依赖 `shared`db, auth-guard, types
- 依赖 `messaging`(复用 `notification-preferences.getNotificationPreferences``data-access.createNotification`
- 所有渠道文件首行 `import "server-only"`,外部 SDK 使用动态 import
### 导出函数 (actions.ts)
> 使用 `requirePermission(MESSAGE_SEND)` 校验权限(项目无独立 NOTIFICATION_SEND 权限点,复用 MESSAGE_SEND
| 函数 | 权限 | 核心功能 |
|------|------|---------|
| `sendNotificationAction` | MESSAGE_SEND | 发送通知给指定用户(按偏好多渠道分发) |
| `sendClassNotificationAction` | MESSAGE_SEND | 发送班级通知(批量发送给班级所有学生;教师只能给自己所教班级发送,通过 dataScope 校验) |
### 导出函数 (dispatcher.ts)
> 文件标记 `"server-only"`。
#### `sendNotification`
- 签名:`sendNotification(payload: NotificationPayload): Promise<ChannelSendResult[]>`
- 功能:读取用户通知偏好 + 联系方式按偏好选择渠道in_app 总是启用sms 需 smsEnabled+phoneemail 需 emailEnabled+emailwechat 需 pushEnabled+openId并行发送记录日志
- 依赖:`data-access.getUserNotificationPreferences`, `data-access.getUserContactInfo`, `data-access.logNotificationSendBatch`, 各渠道 `createXxxSender`
- 被使用:`sendNotificationAction`, `sendClassNotificationAction`
#### `sendBatchNotifications`
- 签名:`sendBatchNotifications(payloads: NotificationPayload[]): Promise<ChannelSendResult[][]>`
- 功能:批量发送通知(每个用户独立选择渠道,并行发送)
- 依赖:`sendNotification`
- 被使用:`sendClassNotificationAction`
### 导出函数 (data-access.ts)
> 文件标记 `"server-only"`。
| 函数 | 签名 | 核心功能 |
|------|------|---------|
| `getUserNotificationPreferences` | `(userId: string) => Promise<NotificationPreferences>` | 获取用户通知偏好(复用 messaging.notification-preferences |
| `getUserContactInfo` | `(userId: string) => Promise<ChannelRecipient>` | 获取用户联系方式phone/emailwechatOpenId 暂不支持users 表无此字段React cache 包装) |
| `logNotificationSend` | `(result: ChannelSendResult) => void` | 记录单条发送日志(当前 console.info未来可扩展 notification_logs 表) |
| `logNotificationSendBatch` | `(results: ChannelSendResult[]) => void` | 批量记录发送日志 |
### 渠道实现 (channels/)
> 所有渠道文件首行 `import "server-only"`,外部 SDK 使用动态 import 避免增加构建体积。
| 文件 | 渠道 | 工厂函数 | 说明 |
|------|------|---------|------|
| `sms-channel.ts` | sms | `createSmsSender()` | 支持 aliyun/tencent/mock根据 `SMS_PROVIDER` 环境变量选择);模板变量替换 title/content |
| `wechat-channel.ts` | wechat | `createWechatSender()` | 微信公众号模板消息access_token 带缓存(提前 5 分钟刷新);配置完整用真实发送器,否则 Mock |
| `email-channel.ts` | email | `createEmailSender()` | Nodemailer SMTPHTML 模板按 type 着色;配置 EMAIL_HOST 启用,否则 Mock |
| `in-app-channel.ts` | in_app | `createInAppSender()` | 复用 messaging.data-access.createNotification 写入 message_notifications 表;总是启用 |
| `types.ts` | - | - | 渠道接口定义NotificationChannelSender, ChannelRecipient |
### 环境变量
| 变量 | 默认值 | 说明 |
|------|--------|------|
| `SMS_PROVIDER` | `mock` | SMS 渠道 provideraliyun/tencent/mock |
| `SMS_ACCESS_KEY_ID` | - | SMS AccessKey ID |
| `SMS_ACCESS_KEY_SECRET` | - | SMS AccessKey Secret |
| `SMS_SIGN_NAME` | - | SMS 签名 |
| `SMS_TEMPLATE_CODE` | - | SMS 模板 ID |
| `WECHAT_APP_ID` | - | 微信公众号 AppID |
| `WECHAT_APP_SECRET` | - | 微信公众号 AppSecret |
| `WECHAT_TEMPLATE_ID` | - | 微信模板消息 ID |
| `EMAIL_HOST` | - | SMTP 主机(配置后启用真实发送) |
| `EMAIL_PORT` | `587` | SMTP 端口 |
| `EMAIL_USER` | - | SMTP 用户名 |
| `EMAIL_PASS` | - | SMTP 密码 |
| `EMAIL_FROM` | `noreply@example.com` | 发件人地址 |
### 类型/接口
#### `NotificationChannel`
- 定义:`"in_app" | "email" | "sms" | "wechat"`
- 被使用:所有渠道文件, dispatcher
#### `NotificationPayload`
- 定义:`{ userId, title, content, type: "info"|"warning"|"error"|"success", metadata?, actionUrl? }`
- 被使用dispatcher, actions, 所有渠道
#### `ChannelSendResult`
- 定义:`{ channel, success, messageId?, error?, sentAt }`
- 被使用dispatcher, actions, 所有渠道
#### `NotificationChannelSender`(接口)
- 定义:`{ channel: NotificationChannel, send(payload, recipient): Promise<ChannelSendResult>, sendBatch(items): Promise<ChannelSendResult[]> }`
- 被使用:所有渠道实现, dispatcher
#### `ChannelRecipient`(接口)
- 定义:`{ userId, phone?, email?, wechatOpenId? }`
- 被使用:所有渠道, data-access.getUserContactInfo
### 文档
- `docs/notifications/channels.md`通知渠道配置说明、Mock 模式、生产环境配置、扩展新渠道指南
---
## 模块attendance
### 模块职责
@@ -2871,6 +3025,7 @@
| **course-plans** | db,auth-guard.requirePermission,types | auth | - | - | - | - | - | data-access.getAdminClasses,getStaffOptions | data-access.getAcademicYears | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| **parent** | db,auth-guard(requireAuth),types | auth | - | data-access.getStudentHomeworkAssignments,getStudentDashboardGrades | - | - | data-access.getStudentClasses,getStudentSchedule | - | - | - | - | - | - | - | - | data-access.getStudentGradeSummary | - | - | - | - | - | - |
| **messaging** | db,auth-guard(requirePermission,requireAuth),types | auth | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| **notifications** | db,auth-guard.requirePermission,types | auth | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | notification-preferences,data-access.createNotification | - | - | - | - | - |
| **attendance** | db,auth-guard.requirePermission,types | auth | - | - | - | - | - | data-access.getTeacherClasses,getAdminClasses | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| **scheduling** | db,auth-guard(requirePermission,getAuthContext),types | auth | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| **proctoring** | db,auth-guard(requirePermission,requireAuth),types,components.ui,hooks.usePermission | auth | schema.exams,examSubmissions,examProctoringEvents | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
@@ -3143,8 +3298,37 @@
| Job | 触发条件 | 说明 |
|-----|---------|------|
| `build-deploy` | push/PR to main | 构建、测试、部署到 Docker自托管 runner CDCD |
| `security-audit` | push/PR to main | 依赖安全审计:`npm audit` moderate/critical 检查,上传 audit-report.json artifact |
| `scheduled-backup` | schedule cron `0 2 * * *` | 每天凌晨 2 点执行数据库备份上传 backups/ artifact保留 30 天) |
| `security-scan` | push/PR to mainneeds: build-deploy | 完整安全扫描npm audit + Snyk + Trivy FS + OWASP ZAP 基线扫描,所有步骤 continue-on-error上传 security-reports artifactaudit-report.json/trivy-fs-report.json/snyk.sarif |
| `scheduled-backup` | schedule cron `0 2 * * *` | 每天凌晨 2 点执行数据库备份→校验完整性→异地同步,上传 backups/ artifact保留 30 天) |
| `backup-verify` | scheduleneeds: scheduled-backup | 下载备份 artifact,独立校验备份完整性,运行健康检查,上传 backup-verify-report artifact保留 7 天) |
| `weekly-dr-drill` | scheduleneeds: backup-verify,每周触发) | 灾备演练:从备份恢复到测试数据库,验证数据完整性,上传 dr-drill-report artifact保留 90 天) |
### 灾备演练工作流 (`.gitea/workflows/dr-drill.yml`)
独立灾备演练工作流,触发方式:定时 `cron 0 4 * * 1`(每周一凌晨 4 点)/ 手动 `workflow_dispatch`(可指定 backup_file、no_cleanup
| 步骤 | 说明 |
|------|------|
| 安装 MySQL 客户端 | apt-get install mysql-client |
| 准备备份 | 下载 db-backup artifact 或现场执行 backup-db.sh |
| 执行演练 | 运行 scripts/dr-drill.sh创建测试库→恢复→完整性检查→冒烟测试→清理→报告 |
| 上传报告 | dr-drill-report artifact保留 90 天) |
| 失败通知 | webhook 通知运维团队DR_NOTIFICATION_WEBHOOK |
### 安全扫描工作流 (`.gitea/workflows/security.yml`)
独立深度安全扫描工作流,触发方式:定时 `cron 0 3 * * 1`(每周一凌晨 3 点)/ 手动 `workflow_dispatch`(可指定 target_url、skip_dast
| 步骤 | 工具 | 类型 | 输出 |
|------|------|------|------|
| 依赖扫描 | npm audit | 依赖 | audit-report.json |
| 深度依赖 + 静态分析 | Snykseverity-threshold=medium | 依赖 + 代码 | snyk.sarif |
| 文件系统扫描 | Trivy fs | 代码 + 依赖 | trivy-fs-report.json |
| 容器镜像扫描 | Trivy image构建 nextjs-app:scan 镜像) | 容器 | trivy-image-report.json |
| DAST | OWASP ZAP baseline | 动态 | 控制台报告 |
| 汇总报告 | shell + jq | 汇总 | security-summary.md |
所有报告上传为 artifact `security-reports-full`。安全扫描配置文件:`.gitea/suppressions.json`Snyk 漏洞抑制)、`.trivyignore`Trivy CVE 忽略列表)。
### 运维脚本 (`scripts/`)
@@ -3152,9 +3336,17 @@
|------|------|
| `scripts/audit.sh` | Bash 依赖审计脚本,运行 `npm audit --audit-level=moderate`,失败时生成 audit-report.json |
| `scripts/audit.ps1` | PowerShell 版本依赖审计脚本Windows 环境) |
| `scripts/security-scan.sh` | Bash 本地安全扫描脚本npm audit + Trivy fs彩色报告退出码 0=无高危/1=有高危 |
| `scripts/security-scan.ps1` | PowerShell 版本本地安全扫描脚本Windows 环境) |
| `scripts/backup-db.sh` | MySQL 数据库备份脚本,从 DATABASE_URL 解析连接信息gzip 压缩备份,保留 30 天 |
| `scripts/restore-db.sh` | MySQL 数据库恢复脚本,从指定备份文件恢复 |
| `scripts/test-backup.sh` | 备份流程测试脚本,执行一次备份并验证 |
| `scripts/backup-verify.sh` | 备份完整性校验脚本:检查文件存在/大小/gzip 完整性/SQL 内容结构/SQL 语法(可选,需 DATABASE_URL,退出码 0=通过/1=失败 |
| `scripts/backup-offsite-sync.sh` | 异地备份同步脚本:支持 S3/OSS/NFS 后端,同步后校验文件数量,清理远程过期备份(保留 90 天),使用 aws-cli/rclone/ossutil/rsync |
| `scripts/dr-drill.sh` | 灾备演练脚本Bash创建测试库→从备份恢复→数据完整性检查→冒烟测试→清理→生成报告到 docs/dr/reports/,退出码 0=成功/1=失败 |
| `scripts/dr-drill.ps1` | 灾备演练脚本Windows PowerShell 5.1+):功能同 Bash 版本 |
| `scripts/failover.sh` | 故障切换脚本:检测主库健康→提升备库→更新应用配置→重启应用→验证切换,支持手动/半自动/演练模式 |
| `scripts/health-check.sh` | 健康检查脚本:检查应用 HTTP/数据库连接/磁盘空间/备份新鲜度,输出 JSON 报告,退出码 0=健康/1=异常 |
### package.json 脚本
@@ -3162,8 +3354,41 @@
|------|------|------|
| `audit` | `npm audit --audit-level=moderate` | 依赖安全审计 |
| `audit:report` | `npm audit --json > audit-report.json` | 生成 JSON 审计报告 |
| `security:audit` | `npm audit --audit-level=moderate` | 依赖安全审计security 别名) |
| `security:scan` | `bash scripts/security-scan.sh` | 本地完整安全扫描npm audit + Trivy fs |
| `backup` | `bash scripts/backup-db.sh` | 执行数据库备份 |
| `restore` | `bash scripts/restore-db.sh` | 执行数据库恢复 |
| `dr:backup-verify` | `bash scripts/backup-verify.sh` | 校验备份完整性 |
| `dr:offsite-sync` | `bash scripts/backup-offsite-sync.sh` | 异地备份同步 |
| `dr:drill` | `bash scripts/dr-drill.sh` | 灾备演练Bash |
| `dr:drill:ps1` | `powershell -ExecutionPolicy Bypass -File scripts/dr-drill.ps1` | 灾备演练PowerShell |
| `dr:health-check` | `bash scripts/health-check.sh` | 健康检查JSON 报告) |
| `dr:failover` | `bash scripts/failover.sh` | 故障切换 |
### 灾备文档 (`docs/dr/`)
| 文档 | 用途 |
|------|------|
| `docs/dr/dr-plan.md` | 灾备计划文档RTO/RPO 定义4h/24h、备份策略、故障切换流程、联系人列表、恢复步骤 |
| `docs/dr/dr-runbook.md` | 灾备操作手册:数据库故障/应用故障/备份失败/异地同步失败/演练失败/磁盘不足场景的诊断与处理 |
| `docs/dr/reports/` | 灾备演练报告存档目录Markdown 格式,由 dr-drill.sh 生成) |
| `docs/dr/logs/` | 故障切换日志目录(由 failover.sh 生成) |
### 灾备环境变量 (`.env.example`)
| 变量 | 用途 |
|------|------|
| `BACKUP_OFFSITE_BACKEND` | 异地备份后端类型: s3/oss/nfs/none |
| `BACKUP_OFFSITE_REMOTE` | 远程存储路径 |
| `BACKUP_OFFSITE_BUCKET` | 存储桶名称(仅 s3/oss |
| `BACKUP_OFFSITE_ACCESS_KEY` | 访问密钥 |
| `BACKUP_OFFSITE_SECRET_KEY` | 秘密密钥 |
| `BACKUP_OFFSITE_REGION` | 区域(默认 us-east-1 |
| `BACKUP_OFFSITE_RETENTION_DAYS` | 远程备份保留天数(默认 90 |
| `DR_DRILL_TEST_DB` | 演练测试数据库名(默认 next_edu_dr_drill |
| `HEALTH_CHECK_URL` | 应用健康检查 URL默认 http://localhost:8015 |
| `DATABASE_URL_STANDBY` | 备库连接 URL故障切换时使用 |
| `FAILOVER_APP_NAME` | 应用容器名(默认 nextjs-app |
---
@@ -3181,10 +3406,40 @@
### Playwright 配置 (`playwright.config.ts`)
- `testDir`: `./tests/e2e`
- `testDir`: `./tests`(顶层,由各 project 通过 `testDir` 限定范围)
- `baseURL`: `http://127.0.0.1:3000`
- `webServer`: 自动启动 `npm run dev`,端口 3000超时 180s
- `webServer.env`: 注入 `SKIP_ENV_VALIDATION=1``NEXTAUTH_SECRET``NEXTAUTH_URL``DATABASE_URL`(测试库)
- `projects`: chromiumCI 通道为 undefined本地为 chrome
- `projects`:
- `chromium`E2E 测试,`testDir: ./tests/e2e`CI 通道为 undefined本地为 chrome
- `visual-chromium`(视觉回归测试,`testDir: ./tests/visual`CI 通道为 undefined本地为 chrome
- `snapshotPathTemplate`: `{testDir}/__screenshots__/{testFilePath}/{arg}{ext}`
- `expect.toHaveScreenshot`: `maxDiffPixelRatio: 0.01``animations: "disabled"``caret: "hide"`
- `retries`: CI 2 次,本地 0 次
- `workers`: CI 2 个,本地默认
---
## 视觉回归测试 (`tests/visual/`)
| 测试文件 | 覆盖范围 | 依赖 |
|---------|---------|------|
| `homepage.spec.ts` | 登录页在 desktop/tablet/mobile × light/dark 下的快照 | 无需 DB |
| `admin-dashboard.spec.ts` | 管理员仪表盘整页 + 侧边栏/主内容区组件快照 | DATABASE_URL + admin 账号 |
| `teacher-dashboard.spec.ts` | 教师仪表盘整页 + 侧边栏/主内容区组件快照 | DATABASE_URL + teacher 账号 |
| `student-dashboard.spec.ts` | 学生仪表盘整页 + 侧边栏/主内容区组件快照 | DATABASE_URL + student 账号 |
### 视觉测试辅助 (`tests/visual/helpers/`)
| 文件 | 用途 |
|------|------|
| `auth.ts` | 登录辅助 `setupAuthState(role)``loginByUI(page, role)`,测试账号默认 admin@xiaoxue.edu.cn / 123456 |
| `visual-helpers.ts` | `setViewport``setTheme``waitForPageReady``maskDynamicElements``buildMaskOption` |
### 视觉测试配置 (`tests/visual/visual.config.ts`)
- 视口: desktop 1920×1080、tablet 768×1024、mobile 375×812
- 主题: light、dark
- 快照目录: `tests/visual/__screenshots__/`
- storageState 目录: `tests/visual/.auth/`(已加入 .gitignore
- 默认容差: `maxDiffPixelRatio: 0.01`

246
docs/architecture/005_architecture_data.json
View File

@@ -283,6 +283,38 @@
"purpose": "生成导入模板 Buffer表头加粗+第二行填写说明+示例行)",
"deps": ["exceljs"],
"usedBy": ["users/import-export.generateUserImportTemplate"]
},
{
"name": "useA11yId",
"file": "lib/a11y.ts",
"signature": "useA11yId(prefix: string): string",
"purpose": "基于React.useId生成SSR安全的唯一ID用于aria-describedby、aria-labelledby等",
"deps": ["react"],
"usedBy": ["待扩展表单组件、a11y组件"]
},
{
"name": "mergeA11yProps",
"file": "lib/a11y.ts",
"signature": "mergeA11yProps<T extends Record<string, unknown>>(...props: (T | undefined | null | false)[]): T",
"purpose": "合并多组aria/data属性普通属性后者覆盖前者aria-*/data-*字符串属性以空格拼接",
"deps": [],
"usedBy": ["待扩展"]
},
{
"name": "describeInput",
"file": "lib/a11y.ts",
"signature": "describeInput(describedBy?: string, error?: string, hint?: string): { ariaDescribedBy?: string; ariaInvalid?: boolean }",
"purpose": "计算输入框的aria-describedby合并多个ID与aria-invaliderror存在则为true",
"deps": [],
"usedBy": ["待扩展(表单组件)"]
},
{
"name": "loadingAria",
"file": "lib/a11y.ts",
"signature": "loadingAria(isLoading: boolean): { ariaBusy: boolean; ariaLive: 'polite' | 'assertive' }",
"purpose": "提供加载状态的aria-busy与aria-live=polite属性",
"deps": [],
"usedBy": ["待扩展"]
}
],
"hooks": [
@@ -1318,6 +1350,40 @@
]
}
},
"notifications": {
"path": "src/modules/notifications",
"description": "通知渠道集成层基于用户通知偏好notification_preferences将通知分发到站内消息/SMS/微信公众号/邮件多渠道。所有渠道实现统一 NotificationChannelSender 接口dispatcher 按偏好并行发送。支持 Mock 模式(开发环境无需外部服务)。",
"exports": {
"actions": [
{ "name": "sendNotificationAction", "permission": "MESSAGE_SEND", "signature": "(payload: NotificationPayload) => Promise<ActionState<ChannelSendResult[]>>", "purpose": "发送通知给指定用户(按偏好多渠道分发)", "deps": ["requirePermission", "dispatcher.sendNotification"], "usedBy": ["待扩展"] },
{ "name": "sendClassNotificationAction", "permission": "MESSAGE_SEND", "signature": "(classId: string, payload: Omit<NotificationPayload, 'userId'>) => Promise<ActionState<ChannelSendResult[][]>>", "purpose": "发送班级通知(批量发送给班级所有学生;教师只能给自己所教班级发送)", "deps": ["requirePermission", "db.schema.classEnrollments", "db.schema.classes", "dispatcher.sendBatchNotifications"], "usedBy": ["待扩展"] }
],
"dispatcher": [
{ "name": "sendNotification", "signature": "(payload: NotificationPayload) => Promise<ChannelSendResult[]>", "file": "dispatcher.ts", "purpose": "发送单条通知:读取用户偏好+联系方式,按偏好选择渠道并行发送,记录日志", "deps": ["data-access.getUserNotificationPreferences", "data-access.getUserContactInfo", "data-access.logNotificationSendBatch", "channels.sms-channel.createSmsSender", "channels.wechat-channel.createWechatSender", "channels.email-channel.createEmailSender", "channels.in-app-channel.createInAppSender"], "usedBy": ["sendNotificationAction", "sendClassNotificationAction"] },
{ "name": "sendBatchNotifications", "signature": "(payloads: NotificationPayload[]) => Promise<ChannelSendResult[][]>", "file": "dispatcher.ts", "purpose": "批量发送通知(每个用户独立选择渠道,并行发送)", "deps": ["sendNotification"], "usedBy": ["sendClassNotificationAction"] }
],
"dataAccess": [
{ "name": "getUserNotificationPreferences", "signature": "(userId: string) => Promise<NotificationPreferences>", "file": "data-access.ts", "purpose": "获取用户通知偏好(复用 messaging.notification-preferences.getNotificationPreferences", "deps": ["messaging.notification-preferences.getNotificationPreferences"], "usedBy": ["dispatcher.sendNotification"] },
{ "name": "getUserContactInfo", "signature": "(userId: string) => Promise<ChannelRecipient>", "file": "data-access.ts", "purpose": "获取用户联系方式phone/emailwechatOpenId 暂不支持users 表无此字段)", "deps": ["shared.db", "shared.db.schema.users", "react.cache"], "usedBy": ["dispatcher.sendNotification"] },
{ "name": "logNotificationSend", "signature": "(result: ChannelSendResult) => void", "file": "data-access.ts", "purpose": "记录单条发送日志(当前使用 console.info未来可扩展 notification_logs 表)", "deps": [], "usedBy": ["logNotificationSendBatch"] },
{ "name": "logNotificationSendBatch", "signature": "(results: ChannelSendResult[]) => void", "file": "data-access.ts", "purpose": "批量记录发送日志", "deps": ["logNotificationSend"], "usedBy": ["dispatcher.sendNotification", "dispatcher.sendBatchNotifications"] }
],
"channels": [
{ "name": "createSmsSender", "file": "channels/sms-channel.ts", "purpose": "创建 SMS 渠道发送器aliyun/tencent/mock根据 SMS_PROVIDER 环境变量选择SDK 动态 import", "deps": ["环境变量: SMS_PROVIDER, SMS_ACCESS_KEY_ID, SMS_ACCESS_KEY_SECRET, SMS_SIGN_NAME, SMS_TEMPLATE_CODE"] },
{ "name": "createWechatSender", "file": "channels/wechat-channel.ts", "purpose": "创建微信渠道发送器(配置完整用真实发送器,否则 Mockaccess_token 带缓存)", "deps": ["环境变量: WECHAT_APP_ID, WECHAT_APP_SECRET, WECHAT_TEMPLATE_ID"] },
{ "name": "createEmailSender", "file": "channels/email-channel.ts", "purpose": "创建邮件渠道发送器(配置 EMAIL_HOST 用 Nodemailer SMTP否则 MockHTML 模板按 type 着色)", "deps": ["环境变量: EMAIL_HOST, EMAIL_PORT, EMAIL_USER, EMAIL_PASS, EMAIL_FROM"] },
{ "name": "createInAppSender", "file": "channels/in-app-channel.ts", "purpose": "创建站内消息渠道发送器(复用 messaging.data-access.createNotification 写入 message_notifications 表;总是启用)", "deps": ["messaging.data-access.createNotification"] }
],
"types": [
{ "name": "NotificationChannel", "type": "type", "file": "types.ts", "definition": "'in_app' | 'email' | 'sms' | 'wechat'", "usedBy": ["所有渠道文件", "dispatcher"] },
{ "name": "NotificationPayload", "type": "interface", "file": "types.ts", "definition": "{ userId, title, content, type: 'info'|'warning'|'error'|'success', metadata?, actionUrl? }", "usedBy": ["dispatcher", "actions", "所有渠道"] },
{ "name": "ChannelSendResult", "type": "interface", "file": "types.ts", "definition": "{ channel, success, messageId?, error?, sentAt }", "usedBy": ["dispatcher", "actions", "所有渠道"] },
{ "name": "NotificationChannelConfig", "type": "interface", "file": "types.ts", "definition": "{ enabled, sms?, wechat?, email? }", "usedBy": ["类型定义"] },
{ "name": "NotificationChannelSender", "type": "interface", "file": "channels/types.ts", "definition": "{ channel: NotificationChannel, send(payload, recipient), sendBatch(items) }", "usedBy": ["所有渠道实现", "dispatcher"] },
{ "name": "ChannelRecipient", "type": "interface", "file": "channels/types.ts", "definition": "{ userId, phone?, email?, wechatOpenId? }", "usedBy": ["所有渠道", "data-access.getUserContactInfo"] }
]
}
},
"attendance": {
"path": "src/modules/attendance",
"description": "学生考勤管理:教师按班级/日期点名(单条/批量)、查询考勤记录、统计出勤率/迟到率,学生/家长查看本人/子女考勤汇总,管理员查看全校考勤记录。支持班级考勤规则配置。",
@@ -1610,6 +1676,7 @@
"grades": {"dependsOn": ["shared", "auth"], "uses": {"shared": ["db", "auth-guard.requirePermission", "types.permissions", "types.action-state", "db.schema.gradeRecords", "db.schema.classes", "db.schema.classEnrollments", "db.schema.subjects", "db.schema.users", "lib.excel"], "auth": ["auth"]}},
"parent": {"dependsOn": ["shared", "auth", "homework", "classes", "grades"], "uses": {"shared": ["db", "auth-guard.requireAuth", "db.schema.parentStudentRelations", "db.schema.users", "db.schema.grades", "db.schema.classEnrollments", "db.schema.classes", "types"], "auth": ["auth"], "homework": ["data-access.getStudentHomeworkAssignments", "data-access.getStudentDashboardGrades"], "classes": ["data-access.getStudentClasses", "data-access.getStudentSchedule"], "grades": ["data-access.getStudentGradeSummary"]}},
"messaging": {"dependsOn": ["shared", "auth"], "uses": {"shared": ["db", "auth-guard.requirePermission", "auth-guard.requireAuth", "db.schema.messages", "db.schema.messageNotifications", "db.schema.notificationPreferences", "db.schema.users", "db.schema.classEnrollments", "db.schema.classes", "db.schema.grades", "types.permissions", "types.action-state"], "auth": ["auth"]}},
"notifications": {"dependsOn": ["shared", "auth", "messaging"], "uses": {"shared": ["db", "auth-guard.requirePermission", "db.schema.users", "db.schema.classEnrollments", "db.schema.classes", "types.permissions", "types.action-state"], "auth": ["auth"], "messaging": ["notification-preferences.getNotificationPreferences", "data-access.createNotification"]}},
"attendance": {"dependsOn": ["shared", "auth", "classes"], "uses": {"shared": ["db", "auth-guard.requirePermission", "db.schema.attendanceRecords", "db.schema.attendanceRules", "db.schema.classEnrollments", "db.schema.users", "db.schema.classes", "types.permissions", "types.action-state", "types.DataScope"], "auth": ["auth"], "classes": ["data-access.getTeacherClasses", "data-access.getAdminClasses"]}},
"scheduling": {"dependsOn": ["shared", "auth", "classes"], "uses": {"shared": ["db", "auth-guard.requirePermission", "auth-guard.getAuthContext", "db.schema.schedulingRules", "db.schema.scheduleChanges", "db.schema.classSchedule", "db.schema.classes", "db.schema.users", "db.schema.classSubjectTeachers", "db.schema.subjects", "db.schema.classrooms", "types.permissions", "types.action-state"], "auth": ["auth"], "classes": []}},
"diagnostic": {"dependsOn": ["shared", "auth"], "uses": {"shared": ["db", "auth-guard.requirePermission", "auth-guard.getAuthContext", "db.schema.knowledgePointMastery", "db.schema.learningDiagnosticReports", "db.schema.knowledgePoints", "db.schema.questionsToKnowledgePoints", "db.schema.examSubmissions", "db.schema.submissionAnswers", "db.schema.classEnrollments", "db.schema.classes", "db.schema.users", "types.permissions", "types.action-state", "hooks.usePermission", "components.ui.*"], "auth": ["auth"]}},
@@ -1823,19 +1890,74 @@
"trigger": "push/PR to main",
"steps": ["checkout", "cache npm", "configure npm proxy", "npm ci", "lint", "typecheck", "install playwright chromium", "integration tests", "e2e tests", "cache next.js build", "build", "prepare standalone", "deploy to docker"]
},
"security-audit": {
"security-scan": {
"runsOn": "ubuntu-latest",
"trigger": "push/PR to main",
"steps": ["checkout", "setup node 20", "npm ci", "npm audit --audit-level=moderate (continue-on-error)", "npm audit --audit-level=critical", "upload audit-report.json artifact"]
"needs": "build-deploy",
"continueOnError": true,
"steps": ["checkout", "setup node 20", "npm ci", "npm audit --audit-level=moderate + 生成 audit-report.json (continue-on-error)", "Snyk scan --severity-threshold=high --sarif-file-output=snyk.sarif (env SNYK_TOKEN, continue-on-error)", "Trivy fs scan json+table (continue-on-error)", "OWASP ZAP baseline scan target=NEXTAUTH_URL||localhost:8015 cmd_options='-a -j' (continue-on-error)", "upload security-reports artifact (audit-report.json, trivy-fs-report.json, snyk.sarif)"]
},
"scheduled-backup": {
"runsOn": "ubuntu-latest",
"trigger": "schedule cron 0 2 * * *",
"condition": "github.event_name == 'schedule'",
"steps": ["checkout", "run scripts/backup-db.sh (env DATABASE_URL, BACKUP_DIR)", "upload backups/ artifact (retention 30 days)"]
"steps": ["checkout", "run scripts/backup-db.sh (env DATABASE_URL, BACKUP_DIR)", "run scripts/backup-verify.sh (校验备份完整性)", "run scripts/backup-offsite-sync.sh (异地同步, env BACKUP_OFFSITE_*, 失败不阻塞)", "upload backups/ artifact (retention 30 days)"]
},
"backup-verify": {
"runsOn": "ubuntu-latest",
"trigger": "schedule",
"condition": "github.event_name == 'schedule'",
"needs": "scheduled-backup",
"steps": ["checkout", "download db-backup artifact", "run scripts/backup-verify.sh (独立校验)", "run scripts/health-check.sh > health-report.json", "upload backup-verify-report artifact (backups/, health-report.json, retention 7 days)"]
},
"weekly-dr-drill": {
"runsOn": "ubuntu-latest",
"trigger": "schedule (每周触发, github.run_attempt % 7 == 0)",
"condition": "github.event_name == 'schedule' && github.run_attempt % 7 == 0",
"needs": "backup-verify",
"steps": ["checkout", "run scripts/dr-drill.sh (env DATABASE_URL, DR_DRILL_TEST_DB=next_edu_dr_drill)", "upload dr-drill-report artifact (docs/dr/reports/, retention 90 days)"]
}
}
},
"drDrillWorkflow": {
"configFile": ".gitea/workflows/dr-drill.yml",
"triggers": ["schedule cron 0 4 * * 1 (每周一凌晨 4 点)", "workflow_dispatch (inputs: backup_file, no_cleanup)"],
"job": "dr-drill",
"runsOn": "ubuntu-latest",
"timeoutMinutes": 30,
"steps": [
"checkout",
"install mysql-client",
"prepare backup directory (mkdir backups docs/dr/reports)",
"download db-backup artifact (continue-on-error) 或现场执行 backup-db.sh",
"run scripts/dr-drill.sh (支持 --backup/--no-cleanup 参数)",
"upload dr-drill-report-${{ github.run_id }} artifact (docs/dr/reports/, retention 90 days)",
"on failure: webhook 通知运维团队 (DR_NOTIFICATION_WEBHOOK)"
]
},
"securityWorkflow": {
"configFile": ".gitea/workflows/security.yml",
"triggers": ["schedule cron 0 3 * * 1 (每周一凌晨 3 点)", "workflow_dispatch (inputs: target_url, skip_dast)"],
"job": "deep-security-scan",
"runsOn": "ubuntu-latest",
"continueOnError": true,
"steps": [
"checkout",
"setup node 20",
"npm ci",
"npm audit + 生成 audit-report.json (依赖扫描)",
"Snyk scan --severity-threshold=medium --sarif-file-output=snyk.sarif (env SNYK_TOKEN, 深度依赖+静态分析)",
"Trivy fs scan json+table (文件系统扫描, trivy-fs-report.json)",
"Build Next.js standalone + docker build nextjs-app:scan + Trivy image scan (容器镜像扫描, trivy-image-report.json)",
"OWASP ZAP baseline scan (DAST, target=inputs.target_url||NEXTAUTH_URL||localhost:8015, 可通过 skip_dast 跳过)",
"Generate security-summary.md (jq 汇总各报告漏洞计数)",
"upload security-reports-full artifact (audit-report.json, trivy-fs-report.json, trivy-image-report.json, snyk.sarif, security-summary.md)"
],
"configFiles": {
"suppressions": ".gitea/suppressions.json (Snyk 漏洞抑制, 每条含 id/package/severity/reason/expires/owner)",
"trivyignore": ".trivyignore (Trivy CVE 忽略列表, 每行一个 CVE 带注释)"
}
},
"scripts": {
"scripts/audit.sh": {
"type": "bash",
@@ -1862,22 +1984,93 @@
"scripts/test-backup.sh": {
"type": "bash",
"purpose": "备份流程测试,执行一次备份并验证最新备份文件"
},
"scripts/backup-verify.sh": {
"type": "bash",
"purpose": "备份完整性校验:检查文件存在/大小/gzip 完整性/SQL 内容结构/SQL 语法(可选,需 DATABASE_URL",
"env": ["BACKUP_DIR", "DATABASE_URL", "BACKUP_VERIFY_MIN_SIZE"],
"exitCodes": {"0": "校验通过", "1": "校验失败"},
"options": ["--min-size BYTES", "--no-sql-check", "--help"]
},
"scripts/backup-offsite-sync.sh": {
"type": "bash",
"purpose": "异地备份同步:支持 S3/OSS/NFS 后端,同步后校验文件数量,清理远程过期备份(保留 90 天)",
"env": ["BACKUP_DIR", "BACKUP_OFFSITE_BACKEND", "BACKUP_OFFSITE_REMOTE", "BACKUP_OFFSITE_BUCKET", "BACKUP_OFFSITE_ACCESS_KEY", "BACKUP_OFFSITE_SECRET_KEY", "BACKUP_OFFSITE_REGION", "BACKUP_OFFSITE_RETENTION_DAYS"],
"tools": ["aws-cli (s3)", "rclone (s3/oss)", "ossutil (oss)", "rsync (nfs)"],
"exitCodes": {"0": "同步成功", "1": "同步失败"},
"options": ["--backend TYPE", "--no-cleanup", "--no-verify", "--help"]
},
"scripts/dr-drill.sh": {
"type": "bash",
"purpose": "灾备演练:创建测试库→从备份恢复→数据完整性检查→冒烟测试→清理→生成报告到 docs/dr/reports/",
"env": ["DATABASE_URL", "BACKUP_DIR", "DR_DRILL_TEST_DB", "DR_DRILL_REPORT_DIR"],
"exitCodes": {"0": "演练成功", "1": "演练失败"},
"options": ["--backup FILE", "--test-db NAME", "--no-cleanup", "--report-dir DIR", "--help"]
},
"scripts/dr-drill.ps1": {
"type": "powershell",
"purpose": "灾备演练Windows PowerShell 5.1+ 版本),功能同 Bash 版本",
"env": ["DATABASE_URL", "BACKUP_DIR", "DR_DRILL_TEST_DB", "DR_DRILL_REPORT_DIR"],
"platform": "Windows",
"options": ["-BackupFile FILE", "-TestDb NAME", "-NoCleanup", "-ReportDir DIR", "-Help"]
},
"scripts/failover.sh": {
"type": "bash",
"purpose": "故障切换:检测主库健康→提升备库→更新应用配置→重启应用→验证切换",
"env": ["DATABASE_URL", "DATABASE_URL_STANDBY", "FAILOVER_APP_URL", "FAILOVER_APP_NAME", "FAILOVER_CONFIG_FILE", "FAILOVER_LOG_FILE"],
"exitCodes": {"0": "切换成功", "1": "切换失败"},
"options": ["--auto", "--primary URL", "--standby URL", "--app-url URL", "--no-restart", "--dry-run", "--help"]
},
"scripts/health-check.sh": {
"type": "bash",
"purpose": "健康检查:检查应用 HTTP/数据库连接/磁盘空间/备份新鲜度,输出 JSON 报告",
"env": ["DATABASE_URL", "HEALTH_CHECK_URL", "BACKUP_DIR", "HEALTH_CHECK_DISK_THRESHOLD", "HEALTH_CHECK_BACKUP_MAX_AGE"],
"exitCodes": {"0": "健康", "1": "异常"},
"options": ["--app-url URL", "--no-app", "--no-db", "--no-disk", "--no-backup", "--disk-threshold PCT", "--backup-max-age HRS", "--help"]
}
},
"packageJsonScripts": {
"audit": "npm audit --audit-level=moderate",
"audit:report": "npm audit --json > audit-report.json",
"security:audit": "npm audit --audit-level=moderate",
"security:scan": "bash scripts/security-scan.sh",
"backup": "bash scripts/backup-db.sh",
"restore": "bash scripts/restore-db.sh"
"restore": "bash scripts/restore-db.sh",
"dr:backup-verify": "bash scripts/backup-verify.sh",
"dr:offsite-sync": "bash scripts/backup-offsite-sync.sh",
"dr:drill": "bash scripts/dr-drill.sh",
"dr:drill:ps1": "powershell -ExecutionPolicy Bypass -File scripts/dr-drill.ps1",
"dr:health-check": "bash scripts/health-check.sh",
"dr:failover": "bash scripts/failover.sh"
},
"drDocs": {
"docs/dr/dr-plan.md": "灾备计划文档RTO/RPO 定义4h/24h、备份策略、故障切换流程、联系人列表、恢复步骤",
"docs/dr/dr-runbook.md": "灾备操作手册:数据库故障/应用故障/备份失败/异地同步失败/演练失败/磁盘不足场景的诊断与处理",
"docs/dr/reports/": "灾备演练报告存档目录Markdown 格式,由 dr-drill.sh 生成)",
"docs/dr/logs/": "故障切换日志目录(由 failover.sh 生成)"
},
"drEnvVars": {
"BACKUP_OFFSITE_BACKEND": "异地备份后端类型: s3|oss|nfs|none",
"BACKUP_OFFSITE_REMOTE": "远程存储路径",
"BACKUP_OFFSITE_BUCKET": "存储桶名称(仅 s3/oss",
"BACKUP_OFFSITE_ACCESS_KEY": "访问密钥",
"BACKUP_OFFSITE_SECRET_KEY": "秘密密钥",
"BACKUP_OFFSITE_REGION": "区域(默认 us-east-1",
"BACKUP_OFFSITE_RETENTION_DAYS": "远程备份保留天数(默认 90",
"DR_DRILL_TEST_DB": "演练测试数据库名(默认 next_edu_dr_drill",
"HEALTH_CHECK_URL": "应用健康检查 URL默认 http://localhost:8015",
"DATABASE_URL_STANDBY": "备库连接 URL故障切换时使用",
"FAILOVER_APP_NAME": "应用容器名(默认 nextjs-app"
},
"gitignore": {
"added": ["/backups/", "/audit-report.json", "/playwright-report/", "/test-results/"]
"added": ["/backups/", "/audit-report.json", "/trivy-fs-report.json", "/trivy-image-report.json", "/snyk.sarif", "/security-summary.md", "/playwright-report/", "/test-results/", "/tests/visual/.auth/"],
"exceptions": [".env.example (灾备环境变量示例,允许提交)"]
}
},
"testing": {
"e2e": {
"configFile": "playwright.config.ts",
"testDir": "./tests/e2e",
"testDir": "./tests",
"baseURL": "http://127.0.0.1:3000",
"webServer": {
"command": "npm run dev",
@@ -1891,7 +2084,15 @@
"DATABASE_URL": "mysql://test:test@127.0.0.1:3306/test_db"
}
},
"projects": [{"name": "chromium", "channel": "CI: undefined, local: chrome"}],
"projects": [
{"name": "chromium", "testDir": "./tests/e2e", "channel": "CI: undefined, local: chrome"},
{"name": "visual-chromium", "testDir": "./tests/visual", "channel": "CI: undefined, local: chrome"}
],
"snapshotPathTemplate": "{testDir}/__screenshots__/{testFilePath}/{arg}{ext}",
"expect": {
"toHaveScreenshot": {"maxDiffPixelRatio": 0.01, "animations": "disabled", "caret": "hide"},
"toMatchSnapshot": {"maxDiffPixelRatio": 0.01}
},
"retries": "CI: 2, local: 0",
"workers": "CI: 2, local: default",
"testFiles": {
@@ -1903,6 +2104,37 @@
"announcements.spec.ts": {"coverage": "公告页面未认证重定向 + 登录后渲染", "requiresDb": "partial"},
"grades.spec.ts": {"coverage": "成绩页面未认证重定向 + 登录后渲染", "requiresDb": "partial"}
}
},
"visual": {
"configFile": "tests/visual/visual.config.ts",
"snapshotDir": "tests/visual/__screenshots__",
"storageStateDir": "tests/visual/.auth/",
"viewports": {
"desktop": {"width": 1920, "height": 1080},
"tablet": {"width": 768, "height": 1024},
"mobile": {"width": 375, "height": 812}
},
"themes": ["light", "dark"],
"defaultMaxDiffPixelRatio": 0.01,
"testAccounts": {
"admin": {"email": "admin@xiaoxue.edu.cn", "envVars": ["VISUAL_ADMIN_EMAIL", "VISUAL_ADMIN_PASSWORD"]},
"teacher": {"email": "admin@xiaoxue.edu.cn", "envVars": ["VISUAL_TEACHER_EMAIL", "VISUAL_TEACHER_PASSWORD"]},
"student": {"email": "admin@xiaoxue.edu.cn", "envVars": ["VISUAL_STUDENT_EMAIL", "VISUAL_STUDENT_PASSWORD"]}
},
"testFiles": {
"homepage.spec.ts": {"coverage": "登录页在 desktop/tablet/mobile × light/dark 下的快照", "requiresDb": false},
"admin-dashboard.spec.ts": {"coverage": "管理员仪表盘整页 + 侧边栏/主内容区组件快照", "requiresDb": true, "role": "admin"},
"teacher-dashboard.spec.ts": {"coverage": "教师仪表盘整页 + 侧边栏/主内容区组件快照", "requiresDb": true, "role": "teacher"},
"student-dashboard.spec.ts": {"coverage": "学生仪表盘整页 + 侧边栏/主内容区组件快照", "requiresDb": true, "role": "student"}
},
"helpers": {
"auth.ts": ["setupAuthState(role)", "loginByUI(page, role)", "storageStatePath(role)"],
"visual-helpers.ts": ["setViewport(page, size)", "setTheme(page, theme)", "waitForPageReady(page)", "maskDynamicElements(page, selectors)", "buildMaskOption(masks)"]
},
"scripts": {
"test:visual": "playwright test --project=visual-chromium",
"test:visual:update": "playwright test --project=visual-chromium --update-snapshots"
}
}
}
}

362
docs/dr/dr-plan.md Normal file
View File

@@ -0,0 +1,362 @@
# 灾备计划 (Disaster Recovery Plan)
> **文档版本**: 1.0
> **最后更新**: 2026-06-17
> **审核周期**: 每季度审核一次
---
## 1. 概述
本文档定义了 Next_Edu 系统的灾备策略、恢复目标、备份方案和故障切换流程,确保在发生灾难性故障时能够快速恢复服务并最小化数据丢失。
### 1.1 适用范围
- 生产环境数据库(MySQL)
- 应用服务(Next.js)
- 备份文件(本地 + 异地)
- CI/CD 流水线
### 1.2 关键指标
| 指标 | 目标 | 说明 |
|------|------|------|
| **RTO** (Recovery Time Objective) | 4 小时 | 从故障发生到服务恢复的最长时间 |
| **RPO** (Recovery Point Objective) | 24 小时 | 最大可接受的数据丢失时间窗口 |
---
## 2. RTO/RPO 定义
### 2.1 RTO(恢复时间目标): 4 小时
**定义**: 从系统故障发生到服务完全恢复的最长允许时间。
**分解**:
| 阶段 | 预计耗时 | 说明 |
|------|---------|------|
| 故障检测 | 5 分钟 | 健康检查脚本自动检测 |
| 通知与决策 | 15 分钟 | 通知运维团队,决定是否切换 |
| 执行恢复 | 60 分钟 | 从备份恢复数据库 |
| 应用重启 | 10 分钟 | 重启应用并验证 |
| 数据验证 | 30 分钟 | 验证数据完整性 |
| 流量恢复 | 10 分钟 | 逐步恢复用户流量 |
| 缓冲时间 | 90 分钟 | 应对意外情况 |
| **总计** | **≤ 4 小时** | |
### 2.2 RPO(恢复点目标): 24 小时
**定义**: 最大可接受的数据丢失时间窗口。
**保障措施**:
- 每日凌晨 2 点全量备份(cron: `0 2 * * *`)
- 备份后自动校验完整性
- 备份后自动同步到异地存储
- 最坏情况下丢失不超过 24 小时数据
---
## 3. 备份策略
### 3.1 备份频率
| 备份类型 | 频率 | 时间 | 保留期 |
|---------|------|------|--------|
| 全量备份 | 每日 | 凌晨 2:00 (CST) | 本地 30 天,异地 90 天 |
| 异地同步 | 每日(备份后) | 凌晨 2:30 (CST) | 90 天 |
### 3.2 备份内容
- **数据库**: 使用 `mysqldump` 导出全部数据库,`gzip` 压缩
- **格式**: `db_backup_YYYYMMDD_HHMMSS.sql.gz`
- **存储位置**:
- 本地: `./backups/`
- 异地: S3/OSS/NFS(根据 `BACKUP_OFFSITE_BACKEND` 配置)
### 3.3 备份验证
每次备份后自动执行校验:
1. 文件存在性检查
2. 文件大小检查(最小 1KB)
3. gzip 完整性校验(`gunzip -t`)
4. SQL 内容结构检查(mysqldump 头部、语句数量)
5. SQL 语法校验(可选,需 `DATABASE_URL`)
### 3.4 备份保留策略
| 存储位置 | 保留期 | 清理方式 |
|---------|--------|---------|
| 本地 (`./backups/`) | 30 天 | `find -mtime +30 -delete` |
| 异地 (S3/OSS/NFS) | 90 天 | `backup-offsite-sync.sh` 自动清理 |
---
## 4. 故障切换流程
### 4.1 故障检测
1. **自动检测**: `health-check.sh` 定期运行,检查:
- 应用 HTTP 健康端点
- 数据库连接
- 磁盘空间
- 备份新鲜度
2. **手动报告**: 用户反馈、监控系统告警
### 4.2 故障切换步骤
```
┌─────────────────┐
│ 1. 检测故障 │ 健康检查失败 / 用户报告
└────────┬────────┘
┌─────────────────┐
│ 2. 通知运维 │ 电话/邮件/即时通讯通知运维团队
└────────┬────────┘
┌─────────────────┐
│ 3. 决策(5分钟) │ 评估故障严重程度,决定是否切换
└────────┬────────┘
┌────┴────┐
│ │
切换 不切换
│ │
▼ ▼
┌─────────┐ ┌─────────┐
│4. 执行 │ │ 修复主库 │
│ 切换 │ │ │
└────┬────┘ └─────────┘
┌─────────┐
│5. 验证 │ 健康检查、功能测试
│ 恢复 │
└────┬────┘
┌─────────┐
│6. 事后 │ 记录事件、复盘改进
│ 复盘 │
└─────────┘
```
### 4.3 执行故障切换
使用 `failover.sh` 脚本:
```bash
# 手动模式(交互式确认)
./scripts/failover.sh
# 半自动模式(检测到故障后自动切换,需确认)
./scripts/failover.sh --auto
# 演练模式(不实际执行)
./scripts/failover.sh --dry-run
# 指定备库
./scripts/failover.sh --standby "mysql://user:pass@standby-host:3306/dbname"
```
**前提条件**:
- 配置 `DATABASE_URL_STANDBY` 环境变量
- 备库已配置主从复制(如果是主从架构)
- 应用容器可通过 Docker 重启
---
## 5. 灾备演练
### 5.1 演练频率
| 演练类型 | 频率 | 触发方式 |
|---------|------|---------|
| 自动演练 | 每周一次 | CI 定时任务(每周一凌晨 4 点) |
| 手动演练 | 每月一次 | 运维人员手动触发 |
| 全量演练 | 每季度一次 | 完整故障切换演练 |
### 5.2 演练内容
1. **创建测试数据库** (`next_edu_dr_drill`)
2. **从最新备份恢复** 到测试数据库
3. **数据完整性检查**:
- 表数量对比(测试库 vs 源库)
- 记录数对比
4. **冒烟测试**:
- 基础表查询
- 关键业务表查询(users, schools)
5. **清理测试数据库**
6. **生成演练报告**
### 5.3 演练脚本
```bash
# Bash 版本(Linux/macOS)
./scripts/dr-drill.sh
# PowerShell 版本(Windows)
.\scripts\dr-drill.ps1
# 指定备份文件
./scripts/dr-drill.sh --backup backups/db_backup_20260617_020000.sql.gz
# 保留测试数据库(用于调试)
./scripts/dr-drill.sh --no-cleanup
```
### 5.4 演练报告
- **存储位置**: `docs/dr/reports/`
- **格式**: Markdown
- **内容**: 演练时间、步骤结果、RTO 评估、数据完整性指标
- **保留期**: 90 天(CI artifact)
---
## 6. 联系人列表
> **注意**: 以下为模板,请根据实际人员填写
### 6.1 主要联系人
| 角色 | 姓名 | 电话 | 邮箱 | 职责 |
|------|------|------|------|------|
| 主负责人 | [待填写] | [待填写] | [待填写] | 灾备决策、协调 |
| 备份负责人 | [待填写] | [待填写] | [待填写] | 备份执行、监控 |
| DBA | [待填写] | [待填写] | [待填写] | 数据库恢复 |
| 运维工程师 | [待填写] | [待填写] | [待填写] | 应用部署、网络 |
| 开发负责人 | [待填写] | [待填写] | [待填写] | 代码修复、功能验证 |
### 6.2 升级路径
1. **L1**: 运维工程师(5 分钟内响应)
2. **L2**: 主负责人 + DBA(15 分钟内响应)
3. **L3**: 全体联系人(30 分钟内响应)
---
## 7. 恢复步骤
### 7.1 从备份恢复数据库
```bash
# 1. 获取最新备份
LATEST_BACKUP=$(ls -t backups/db_backup_*.sql.gz | head -1)
echo "Using backup: $LATEST_BACKUP"
# 2. 校验备份完整性
./scripts/backup-verify.sh "$LATEST_BACKUP"
# 3. 恢复数据库
./scripts/restore-db.sh "$LATEST_BACKUP"
# 4. 验证恢复结果
mysql -u root -p -e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='next_edu';"
```
### 7.2 完整恢复流程
1. **获取最新备份**
- 本地: `./backups/`
- 异地: 从 S3/OSS/NFS 下载
- CI artifact: 从 Gitea Actions 下载
2. **恢复数据库**
```bash
./scripts/restore-db.sh backups/db_backup_YYYYMMDD_HHMMSS.sql.gz
```
3. **重启应用**
```bash
docker restart nextjs-app
# 或
docker stop nextjs-app && docker rm nextjs-app
# 重新部署
```
4. **验证数据完整性**
```bash
# 运行健康检查
./scripts/health-check.sh
# 运行灾备演练(对比数据)
./scripts/dr-drill.sh --no-cleanup
```
5. **恢复流量**
- 验证应用功能正常
- 逐步恢复用户流量
- 监控系统指标
---
## 8. 监控与告警
### 8.1 健康检查
```bash
# 手动运行健康检查
./scripts/health-check.sh
# 输出 JSON 格式报告
./scripts/health-check.sh > health-report.json
```
**检查项**:
- 应用 HTTP 健康端点
- 数据库连接
- 磁盘空间(阈值 90%)
- 备份新鲜度(24 小时内)
### 8.2 告警条件
| 条件 | 严重级别 | 通知方式 |
|------|---------|---------|
| 应用不可达 | 严重 | 电话 + 邮件 |
| 数据库连接失败 | 严重 | 电话 + 邮件 |
| 磁盘空间 > 90% | 警告 | 邮件 |
| 备份超过 24 小时 | 警告 | 邮件 |
| 备份校验失败 | 严重 | 电话 + 邮件 |
| 灾备演练失败 | 警告 | 邮件 |
---
## 9. 环境变量配置
```bash
# 灾备配置
BACKUP_OFFSITE_BACKEND=none # s3|oss|nfs|none
BACKUP_OFFSITE_REMOTE= # 远程路径
BACKUP_OFFSITE_BUCKET= # 存储桶名
BACKUP_OFFSITE_ACCESS_KEY= # 访问密钥
BACKUP_OFFSITE_SECRET_KEY= # 秘密密钥
BACKUP_OFFSITE_REGION=us-east-1 # 区域
DR_DRILL_TEST_DB=next_edu_dr_drill # 演练测试数据库
HEALTH_CHECK_URL=http://localhost:8015 # 健康检查 URL
# 故障切换配置
DATABASE_URL_STANDBY= # 备库连接 URL
FAILOVER_APP_NAME=nextjs-app # 应用容器名
FAILOVER_APP_URL=http://localhost:8015 # 应用 URL
```
---
## 10. 文档维护
- **审核周期**: 每季度审核一次
- **更新触发**: 系统架构变更、联系人变更、演练发现问题
- **关联文档**:
- `docs/dr/dr-runbook.md` - 灾备操作手册
- `docs/dr/reports/` - 演练报告存档
- `scripts/` - 灾备相关脚本
---
## 11. 变更记录
| 日期 | 版本 | 变更内容 | 变更人 |
|------|------|---------|--------|
| 2026-06-17 | 1.0 | 初始版本 | - |

699
docs/dr/dr-runbook.md Normal file
View File

@@ -0,0 +1,699 @@
# 灾备操作手册 (DR Runbook)
> **文档版本**: 1.0
> **最后更新**: 2026-06-17
> **适用场景**: 生产环境故障处理
---
## 概述
本手册提供常见故障场景的诊断和处理步骤。每个场景包含:症状、诊断、处理步骤、验证方法。
**紧急联系**: 参见 `docs/dr/dr-plan.md` 第 6 节联系人列表
---
## 场景 1: 数据库故障
### 1.1 数据库不可达
#### 症状
- 应用报错: `ECONNREFUSED``Connection refused`
- 健康检查 `database` 状态为 `fail`
- 用户无法登录、查询数据
#### 诊断
```bash
# 1. 检查数据库连接
mysql -h <DB_HOST> -P <DB_PORT> -u <DB_USER> -p -e "SELECT 1;"
# 2. 检查数据库进程
systemctl status mysql
# 或 Docker 环境
docker ps | grep mysql
# 3. 检查端口
telnet <DB_HOST> <DB_PORT>
# 或
nc -zv <DB_HOST> <DB_PORT>
# 4. 查看数据库日志
tail -100 /var/log/mysql/error.log
# 或 Docker
docker logs <mysql_container> --tail 100
```
#### 处理步骤
**情况 A: 数据库服务停止**
```bash
# 重启数据库服务
sudo systemctl restart mysql
# 或 Docker
docker restart <mysql_container>
# 等待启动完成
sleep 10
mysql -h <DB_HOST> -P <DB_PORT> -u <DB_USER> -p -e "SELECT 1;"
```
**情况 B: 数据库无法启动**
```bash
# 1. 检查磁盘空间
df -h
# 2. 检查配置文件
mysql --verbose --help | head -20
# 3. 如果磁盘满,清理空间
sudo find /var/log -type f -name "*.log" -mtime +7 -delete
# 4. 如果配置错误,恢复备份配置
sudo cp /etc/mysql/my.cnf.bak /etc/mysql/my.cnf
sudo systemctl restart mysql
```
**情况 C: 数据库损坏,需要从备份恢复**
```bash
# 1. 获取最新备份
LATEST_BACKUP=$(ls -t backups/db_backup_*.sql.gz | head -1)
echo "Using backup: $LATEST_BACKUP"
# 2. 校验备份
./scripts/backup-verify.sh "$LATEST_BACKUP"
# 3. 恢复数据库
./scripts/restore-db.sh "$LATEST_BACKUP"
# 4. 重启应用
docker restart nextjs-app
```
**情况 D: 主库故障,需要切换到备库**
```bash
# 1. 执行故障切换(手动模式)
./scripts/failover.sh
# 2. 或半自动模式
./scripts/failover.sh --auto
# 3. 验证切换结果
./scripts/health-check.sh
```
#### 验证
```bash
# 1. 运行健康检查
./scripts/health-check.sh
# 2. 验证应用功能
curl -f http://localhost:8015
# 3. 验证数据库查询
mysql -h <DB_HOST> -P <DB_PORT> -u <DB_USER> -p -e "SELECT COUNT(*) FROM users;"
# 4. 运行灾备演练验证数据完整性
./scripts/dr-drill.sh
```
---
### 1.2 数据库性能问题
#### 症状
- 应用响应缓慢
- 查询超时
- CPU/内存使用率高
#### 诊断
```bash
# 1. 查看当前连接
mysql -e "SHOW PROCESSLIST;"
# 2. 查看慢查询
mysql -e "SHOW VARIABLES LIKE 'slow_query%';"
tail -100 /var/log/mysql/slow.log
# 3. 查看系统资源
top
iostat -x 1
```
#### 处理步骤
```bash
# 1. 终止长时间运行的查询
mysql -e "KILL <process_id>;"
# 2. 优化表
mysql -e "OPTIMIZE TABLE <table_name>;"
# 3. 重启数据库(如果必要)
sudo systemctl restart mysql
```
#### 验证
```bash
# 监控性能指标
mysql -e "SHOW STATUS LIKE 'Threads%';"
mysql -e "SHOW STATUS LIKE 'Slow_queries';"
```
---
## 场景 2: 应用故障
### 2.1 应用不可达
#### 症状
- HTTP 502/503 错误
- 页面无法访问
- 健康检查 `app` 状态为 `fail`
#### 诊断
```bash
# 1. 检查应用容器
docker ps | grep nextjs-app
# 2. 查看应用日志
docker logs nextjs-app --tail 100
# 3. 检查端口
netstat -tlnp | grep 8015
# 4. 检查健康端点
curl -v http://localhost:8015
```
#### 处理步骤
**情况 A: 容器停止**
```bash
# 启动容器
docker start nextjs-app
# 等待启动
sleep 10
curl -f http://localhost:8015
```
**情况 B: 容器崩溃,需要重启**
```bash
# 重启容器
docker restart nextjs-app
# 如果重启失败,重新部署
docker stop nextjs-app || true
docker rm nextjs-app || true
# 重新运行部署流程(参见 CI/CD)
```
**情况 C: 应用配置错误**
```bash
# 1. 检查环境变量
docker exec nextjs-app env | grep DATABASE_URL
# 2. 检查 .env.local
cat .env.local
# 3. 修正配置后重启
docker restart nextjs-app
```
#### 验证
```bash
# 1. 健康检查
./scripts/health-check.sh
# 2. 功能测试
curl -f http://localhost:8015
curl -f http://localhost:8015/api/auth/providers
# 3. 查看日志确认无错误
docker logs nextjs-app --tail 20
```
---
### 2.2 应用 OOM(内存不足)
#### 症状
- 容器被 OOM Killer 终止
- 日志中出现 `JavaScript heap out of memory`
#### 诊断
```bash
# 1. 查看容器状态
docker inspect nextjs-app | grep -A 5 "State"
# 2. 查看内存使用
docker stats nextjs-app
# 3. 查看系统日志
dmesg | grep -i "oom"
```
#### 处理步骤
```bash
# 1. 增加 Node.js 内存限制
docker stop nextjs-app
docker rm nextjs-app
docker run -d \
--init \
-p 8015:3000 \
--restart unless-stopped \
--name nextjs-app \
--network 1panel-network \
-e NODE_OPTIONS="--max-old-space-size=2048" \
-e NODE_ENV=production \
-e DATABASE_URL=$DATABASE_URL \
-e NEXTAUTH_SECRET=$NEXTAUTH_SECRET \
-e NEXTAUTH_URL=$NEXTAUTH_URL \
nextjs-app
# 2. 或增加容器内存限制
docker run -d --memory=2g ...
```
#### 验证
```bash
# 监控内存使用
docker stats nextjs-app
# 确认应用正常
curl -f http://localhost:8015
```
---
## 场景 3: 备份失败
### 3.1 定时备份未执行
#### 症状
- 健康检查 `backup` 状态为 `fail`(备份超过 24 小时)
- `./backups/` 目录无新文件
- CI 中 `scheduled-backup` job 失败
#### 诊断
```bash
# 1. 检查最新备份
ls -lt backups/db_backup_*.sql.gz | head -5
# 2. 检查 CI 运行记录
# 访问 Gitea Actions 页面查看 scheduled-backup job
# 3. 手动运行备份测试
./scripts/backup-db.sh
# 4. 检查磁盘空间
df -h
```
#### 处理步骤
**情况 A: 磁盘空间不足**
```bash
# 1. 清理旧备份
find backups/ -name "db_backup_*.sql.gz" -mtime +30 -delete
# 2. 清理其他临时文件
find /tmp -type f -mtime +7 -delete
# 3. 重新运行备份
./scripts/backup-db.sh
```
**情况 B: 数据库连接问题**
```bash
# 1. 验证数据库连接
mysql -h <DB_HOST> -P <DB_PORT> -u <DB_USER> -p -e "SELECT 1;"
# 2. 检查 DATABASE_URL 环境变量
echo $DATABASE_URL
# 3. 修正配置后重新备份
export DATABASE_URL="mysql://correct_url"
./scripts/backup-db.sh
```
**情况 C: mysqldump 权限问题**
```bash
# 1. 检查用户权限
mysql -u <DB_USER> -p -e "SHOW GRANTS;"
# 2. 授予必要权限
mysql -u root -p -e "GRANT SELECT, LOCK TABLES, SHOW VIEW, EVENT, TRIGGER ON *.* TO '<DB_USER>'@'%';"
FLUSH PRIVILEGES;
# 3. 重新备份
./scripts/backup-db.sh
```
#### 验证
```bash
# 1. 确认新备份存在
ls -lt backups/db_backup_*.sql.gz | head -1
# 2. 校验备份完整性
./scripts/backup-verify.sh
# 3. 运行健康检查
./scripts/health-check.sh
```
---
### 3.2 备份文件损坏
#### 症状
- `backup-verify.sh` 校验失败
- gzip 解压失败
- SQL 文件内容异常
#### 诊断
```bash
# 1. 运行校验脚本
./scripts/backup-verify.sh backups/db_backup_YYYYMMDD_HHMMSS.sql.gz
# 2. 手动检查 gzip
gunzip -t backups/db_backup_YYYYMMDD_HHMMSS.sql.gz
# 3. 检查文件大小
ls -lh backups/db_backup_*.sql.gz
```
#### 处理步骤
```bash
# 1. 删除损坏的备份
rm backups/db_backup_YYYYMMDD_HHMMSS.sql.gz
# 2. 重新执行备份
./scripts/backup-db.sh
# 3. 校验新备份
./scripts/backup-verify.sh
# 4. 如果新备份也损坏,检查数据库完整性
mysql -e "CHECK TABLE users; CHECK TABLE schools;"
```
#### 验证
```bash
# 1. 校验新备份
./scripts/backup-verify.sh
# 2. 运行灾备演练
./scripts/dr-drill.sh
```
---
## 场景 4: 异地同步失败
### 4.1 S3/OSS 同步失败
#### 症状
- `backup-offsite-sync.sh` 失败
- CI 中 "Sync backup to offsite storage" 步骤失败
- 异地存储缺少最新备份
#### 诊断
```bash
# 1. 检查后端配置
echo $BACKUP_OFFSITE_BACKEND
echo $BACKUP_OFFSITE_REMOTE
echo $BACKUP_OFFSITE_BUCKET
# 2. 检查凭证
echo $BACKUP_OFFSITE_ACCESS_KEY
echo $BACKUP_OFFSITE_SECRET_KEY
# 3. 测试连接
aws s3 ls s3://$BACKUP_OFFSITE_BUCKET/ # S3
# 或
ossutil ls oss://$BACKUP_OFFSITE_BUCKET/ # OSS
# 4. 手动运行同步
./scripts/backup-offsite-sync.sh
```
#### 处理步骤
**情况 A: 凭证错误**
```bash
# 1. 更新凭证
export BACKUP_OFFSITE_ACCESS_KEY="new_access_key"
export BACKUP_OFFSITE_SECRET_KEY="new_secret_key"
# 2. 更新 Gitea Secrets
# 访问仓库 Settings > Secrets 更新对应 secret
# 3. 重新同步
./scripts/backup-offsite-sync.sh
```
**情况 B: 网络问题**
```bash
# 1. 测试网络连通性
ping s3.amazonaws.com # S3
ping oss-cn-beijing.aliyuncs.com # OSS
# 2. 检查代理设置
echo $http_proxy
echo $https_proxy
# 3. 配置代理后重试
export http_proxy=http://proxy:port
export https_proxy=http://proxy:port
./scripts/backup-offsite-sync.sh
```
**情况 C: 工具未安装**
```bash
# 1. 安装 aws-cli
pip install awscli
# 或
apt-get install -y awscli
# 2. 安装 rclone
curl https://rclone.org/install.sh | sudo bash
# 3. 重新同步
./scripts/backup-offsite-sync.sh
```
#### 验证
```bash
# 1. 列出远程文件
aws s3 ls s3://$BACKUP_OFFSITE_BUCKET/backups/
# 或
rclone lsf $BACKUP_OFFSITE_REMOTE
# 2. 对比本地和远程文件数量
LOCAL_COUNT=$(ls backups/db_backup_*.sql.gz | wc -l)
REMOTE_COUNT=$(aws s3 ls s3://$BACKUP_OFFSITE_BUCKET/backups/ | grep -c "db_backup")
echo "Local: $LOCAL_COUNT, Remote: $REMOTE_COUNT"
```
---
### 4.2 NFS 同步失败
#### 症状
- `backup-offsite-sync.sh` NFS 后端失败
- NFS 目录不可写
#### 诊断
```bash
# 1. 检查 NFS 挂载
mount | grep nfs
# 2. 检查目录权限
ls -la $BACKUP_OFFSITE_REMOTE
# 3. 测试写入
touch $BACKUP_OFFSITE_REMOTE/test && rm $BACKUP_OFFSITE_REMOTE/test
```
#### 处理步骤
```bash
# 1. 重新挂载 NFS
sudo umount /mnt/nfs
sudo mount -t nfs <nfs_server>:/path /mnt/nfs
# 2. 检查权限
sudo chown -R $USER:$USER /mnt/nfs/backups
# 3. 重新同步
./scripts/backup-offsite-sync.sh
```
---
## 场景 5: 灾备演练失败
### 5.1 演练恢复失败
#### 症状
- `dr-drill.sh` 步骤 3(恢复)失败
- 测试数据库创建成功但恢复失败
#### 诊断
```bash
# 1. 查看演练报告
cat docs/dr/reports/dr_drill_*.md
# 2. 手动测试恢复
mysql -h <DB_HOST> -u <DB_USER> -p -e "CREATE DATABASE test_manual;"
gunzip -c backups/db_backup_*.sql.gz | mysql -h <DB_HOST> -u <DB_USER> -p test_manual
# 3. 检查备份文件
./scripts/backup-verify.sh
```
#### 处理步骤
```bash
# 1. 清理失败的测试数据库
mysql -h <DB_HOST> -u <DB_USER> -p -e "DROP DATABASE IF EXISTS next_edu_dr_drill;"
# 2. 校验备份
./scripts/backup-verify.sh
# 3. 如果备份损坏,重新备份
./scripts/backup-db.sh
# 4. 重新运行演练
./scripts/dr-drill.sh
```
---
### 5.2 演练后测试数据库未清理
#### 症状
- `next_edu_dr_drill` 数据库残留
- 磁盘空间异常增长
#### 诊断
```bash
# 1. 检查测试数据库
mysql -e "SHOW DATABASES LIKE 'next_edu_dr_drill';"
# 2. 检查数据库大小
mysql -e "SELECT table_schema, SUM(data_length + index_length) / 1024 / 1024 AS size_mb FROM information_schema.tables WHERE table_schema = 'next_edu_dr_drill' GROUP BY table_schema;"
```
#### 处理步骤
```bash
# 1. 手动删除测试数据库
mysql -h <DB_HOST> -u <DB_USER> -p -e "DROP DATABASE IF EXISTS next_edu_dr_drill;"
# 2. 验证已删除
mysql -e "SHOW DATABASES LIKE 'next_edu_dr_drill';"
```
---
## 场景 6: 磁盘空间不足
#### 症状
- 健康检查 `disk` 状态为 `fail`
- 应用或数据库写入失败
- 系统响应缓慢
#### 诊断
```bash
# 1. 检查磁盘使用
df -h
# 2. 查找大文件
du -sh /* 2>/dev/null | sort -rh | head -10
du -sh /var/* 2>/dev/null | sort -rh | head -10
# 3. 查找大日志文件
find /var/log -type f -size +100M -exec ls -lh {} \;
```
#### 处理步骤
```bash
# 1. 清理旧备份
find backups/ -name "db_backup_*.sql.gz" -mtime +30 -delete
# 2. 清理日志
sudo find /var/log -type f -name "*.log" -mtime +7 -delete
sudo journalctl --vacuum-time=7d
# 3. 清理 Docker 资源
docker system prune -a --volumes
# 注意: 这会删除未使用的镜像和卷,谨慎使用
# 4. 清理 npm 缓存
npm cache clean --force
# 5. 清理临时文件
find /tmp -type f -mtime +7 -delete
```
#### 验证
```bash
# 1. 检查磁盘空间
df -h
# 2. 运行健康检查
./scripts/health-check.sh
```
---
## 附录: 快速参考命令
### 备份相关
```bash
# 执行备份
npm run backup
# 校验备份
npm run dr:backup-verify
# 异地同步
npm run dr:offsite-sync
# 灾备演练
npm run dr:drill
# 健康检查
npm run dr:health-check
```
### 恢复相关
```bash
# 从备份恢复
./scripts/restore-db.sh backups/db_backup_YYYYMMDD_HHMMSS.sql.gz
# 故障切换
./scripts/failover.sh --auto
```
### 诊断相关
```bash
# 完整健康检查
./scripts/health-check.sh
# 检查数据库
mysql -h <DB_HOST> -P <DB_PORT> -u <DB_USER> -p -e "SHOW PROCESSLIST;"
# 检查应用日志
docker logs nextjs-app --tail 100
# 检查磁盘空间
df -h
```
---
## 变更记录
| 日期 | 版本 | 变更内容 | 变更人 |
|------|------|---------|--------|
| 2026-06-17 | 1.0 | 初始版本 | - |

238
docs/notifications/channels.md Normal file
View File

@@ -0,0 +1,238 @@
# 通知渠道集成文档
本模块(`src/modules/notifications`)为系统提供多渠道通知发送能力,支持站内消息、短信、微信公众号模板消息和邮件四种渠道。
## 架构概览
```
调用方 (Server Action / 其他模块)
dispatcher.ts ── 读取用户通知偏好 (notification_preferences)
│ ── 读取用户联系方式 (users.phone / users.email)
├── in_app (站内消息,总是启用)
├── sms (短信smsEnabled && phone)
├── wechat (微信模板消息pushEnabled && openId)
└── email (邮件emailEnabled && email)
data-access.ts ── logNotificationSend (console 日志)
```
## 模块结构
| 文件 | 职责 |
|------|------|
| `types.ts` | 通知渠道类型定义NotificationPayload, ChannelSendResult 等) |
| `channels/types.ts` | 渠道发送者接口NotificationChannelSender, ChannelRecipient |
| `channels/sms-channel.ts` | 短信渠道(阿里云/腾讯云/Mock |
| `channels/wechat-channel.ts` | 微信公众号模板消息渠道 |
| `channels/email-channel.ts` | 邮件渠道Nodemailer SMTP |
| `channels/in-app-channel.ts` | 站内消息渠道(复用 messaging data-access |
| `dispatcher.ts` | 通知分发器(按偏好选择渠道、并行发送) |
| `data-access.ts` | 通知数据访问(偏好查询、联系方式查询、日志记录) |
| `actions.ts` | Server ActionssendNotificationAction, sendClassNotificationAction |
| `index.ts` | 模块统一导出 |
## 渠道配置
### 1. 站内消息in_app
- **默认启用**,无需配置。
- 复用现有 `messaging` 模块的 `createNotification`,写入 `message_notifications` 表。
- 用户可在站内通知中心查看。
### 2. 短信SMS
支持三种 Provider通过 `SMS_PROVIDER` 环境变量选择:
| Provider | 说明 | 环境变量 |
|----------|------|----------|
| `mock`(默认) | 开发环境模拟,仅记录日志 | 无需其他配置 |
| `aliyun` | 阿里云短信 | `SMS_ACCESS_KEY_ID`, `SMS_ACCESS_KEY_SECRET`, `SMS_SIGN_NAME`, `SMS_TEMPLATE_CODE` |
| `tencent` | 腾讯云短信 | 同上(复用相同变量名) |
**模板变量替换**:将 `payload.title` / `payload.content` 填入模板变量 `title` / `content`
### 3. 微信公众号模板消息wechat
通过微信公众号 API 发送模板消息:
1. **获取 access_token**`GET https://api.weixin.qq.com/cgi-bin/token`(带缓存,提前 5 分钟刷新)
2. **发送模板消息**`POST https://api.weixin.qq.com/cgi-bin/message/template/send`
**环境变量**
| 变量 | 说明 |
|------|------|
| `WECHAT_APP_ID` | 公众号 AppID |
| `WECHAT_APP_SECRET` | 公众号 AppSecret |
| `WECHAT_TEMPLATE_ID` | 模板消息 ID |
**模板数据映射**
- `keyword1``payload.title`
- `keyword2``payload.content`
- `keyword3``payload.type`
可通过 `payload.metadata.wechatKeywords` 自定义覆盖。
> **注意**:当前 `users` 表无 `wechat_open_id` 字段,微信渠道暂不会实际触发。扩展 schema 后在 `data-access.ts` 的 `getUserContactInfo` 中补充查询即可。
### 4. 邮件email
使用 Nodemailer 通过 SMTP 发送,支持 HTML 邮件模板(根据通知类型显示不同颜色)。
**环境变量**
| 变量 | 默认值 | 说明 |
|------|--------|------|
| `EMAIL_HOST` | - | SMTP 主机(配置后启用真实发送) |
| `EMAIL_PORT` | `587` | SMTP 端口465 使用 SSL |
| `EMAIL_USER` | - | SMTP 用户名 |
| `EMAIL_PASS` | - | SMTP 密码 |
| `EMAIL_FROM` | `noreply@example.com` | 发件人地址 |
## Mock 模式(开发环境)
所有渠道均提供 Mock 实现,**无需任何外部服务即可运行**
- SMS: `SMS_PROVIDER=mock`(默认)→ 仅 `console.info` 记录
- WeChat: 未配置 `WECHAT_APP_ID` 等 → 自动使用 Mock
- Email: 未配置 `EMAIL_HOST` → 自动使用 Mock
- 站内消息: 始终真实写入数据库(无 Mock
## 生产环境配置
### 阿里云短信示例
```env
SMS_PROVIDER=aliyun
SMS_ACCESS_KEY_ID=LTAI5tXXXXXXXXXXXX
SMS_ACCESS_KEY_SECRET=XXXXXXXXXXXXXXXXXXXXXXXX
SMS_SIGN_NAME=智慧教务
SMS_TEMPLATE_CODE=SMS_123456789
```
### 微信公众号示例
```env
WECHAT_APP_ID=wx1234567890abcdef
WECHAT_APP_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
WECHAT_TEMPLATE_ID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
```
### 邮件 SMTP 示例
```env
EMAIL_HOST=smtp.example.com
EMAIL_PORT=587
EMAIL_USER=notification@example.com
EMAIL_PASS=xxxxxxxx
EMAIL_FROM=智慧教务 <notification@example.com>
```
## 使用方式
### 1. 通过 Server Action 调用
```ts
import { sendNotificationAction, sendClassNotificationAction } from "@/modules/notifications/actions"
// 发送给单个用户
await sendNotificationAction({
userId: "user-xxx",
title: "作业提醒",
content: "您有一份新作业待提交",
type: "info",
actionUrl: "/homework/123",
})
// 发送给班级所有学生(教师权限)
await sendClassNotificationAction("class-xxx", {
title: "考试通知",
content: "明天下午 2 点期中考试",
type: "warning",
actionUrl: "/exams/456",
})
```
### 2. 直接调用分发器(服务端)
```ts
import { sendNotification } from "@/modules/notifications"
await sendNotification({
userId: "user-xxx",
title: "成绩发布",
content: "您的数学成绩为 95 分",
type: "success",
})
```
## 渠道选择逻辑
分发器根据用户通知偏好(`notification_preferences` 表)和联系方式决定启用渠道:
| 渠道 | 启用条件 |
|------|----------|
| in_app | `pushEnabled`(默认 true总是兜底 |
| sms | `smsEnabled` && 用户有手机号 |
| email | `emailEnabled` && 用户有邮箱 |
| wechat | `pushEnabled` && 用户有 wechatOpenId |
> 通知偏好中的 `homeworkNotifications` / `gradeNotifications` 等按通知类别控制,由调用方在构造 payload 前决定是否调用发送。
## 扩展新渠道
1.`channels/` 下创建新文件,实现 `NotificationChannelSender` 接口:
```ts
import "server-only"
import type { NotificationChannelSender, ChannelRecipient } from "./types"
import type { NotificationPayload, ChannelSendResult, NotificationChannel } from "../types"
const channel: NotificationChannel = "your_channel" as NotificationChannel
class YourChannelSender implements NotificationChannelSender {
readonly channel = channel
async send(payload: NotificationPayload, recipient: ChannelRecipient): Promise<ChannelSendResult> {
// 实现发送逻辑
}
async sendBatch(items) { /* ... */ }
}
export function createYourSender(): NotificationChannelSender {
return new YourChannelSender()
}
```
2.`types.ts``NotificationChannel` 类型中添加新渠道:
```ts
export type NotificationChannel = "in_app" | "email" | "sms" | "wechat" | "your_channel"
```
3.`dispatcher.ts``SenderRegistry``selectChannels` 中注册新渠道。
4.`index.ts` 中导出新的发送器工厂。
## 权限说明
- `sendNotificationAction`: 需要 `MESSAGE_SEND` 权限
- `sendClassNotificationAction`: 需要 `MESSAGE_SEND` 权限,且教师只能给自己所教班级发送
> 项目无独立 `NOTIFICATION_SEND` 权限点,复用 `MESSAGE_SEND`(教师/管理员/年级主任均拥有)。
## 外部 SDK 依赖
所有外部 SDK 均使用**动态 import**,避免增加构建体积:
| 渠道 | SDK | 安装命令 |
|------|-----|----------|
| 阿里云短信 | `@alicloud/dysmsapi20170525`, `@alicloud/openapi-client`, `@alicloud/credentials` | `npm i @alicloud/dysmsapi20170525 @alicloud/openapi-client @alicloud/credentials` |
| 腾讯云短信 | `tencentcloud-sdk-nodejs` | `npm i tencentcloud-sdk-nodejs` |
| 邮件 | `nodemailer` | `npm i nodemailer @types/nodemailer` |
> **Mock 模式无需安装任何 SDK**,开发环境开箱即用。生产环境按需安装对应 SDK。

152
docs/security/scanning.md Normal file
View File

@@ -0,0 +1,152 @@
# 安全扫描指南
本项目集成了多层安全扫描,覆盖依赖审计、深度依赖分析、静态分析、容器镜像扫描与动态应用安全测试(DAST)。
## 一、CI 中的安全扫描流程
### 1.1 主 CI 流水线(`.gitea/workflows/ci.yml`)
主流水线在 `push`/`pull_request``main` 时触发,包含三个 Job:
| Job | 触发条件 | 说明 |
|-----|---------|------|
| `build-deploy` | push/PR to main | 构建、测试、部署到 Docker |
| `security-scan` | push/PR to main(依赖 build-deploy) | 完整安全扫描,失败不阻塞构建 |
| `scheduled-backup` | schedule cron `0 2 * * *` | 每天凌晨 2 点数据库备份 |
`security-scan` Job 依次执行以下扫描,所有步骤均设置 `continue-on-error: true`,**扫描失败不阻塞构建**,但会生成报告并上传为 artifact(`security-reports`):
1. **npm audit** — 依赖漏洞审计(moderate 级别),生成 `audit-report.json`
2. **Snyk 扫描** — 深度依赖分析(`--severity-threshold=high`),生成 `snyk.sarif`,需配置 `SNYK_TOKEN` secret
3. **Trivy 文件系统扫描** — 扫描项目代码与依赖,生成 `trivy-fs-report.json` 与表格视图
4. **OWASP ZAP 基线扫描** — 对部署后的应用执行 DAST,目标为 `NEXTAUTH_URL` secret 或 `http://localhost:8015`
### 1.2 独立安全工作流(`.gitea/workflows/security.yml`)
独立工作流执行**深度安全扫描**,触发方式:
- **定时**:每周一凌晨 3 点(`cron: "0 3 * * 1"`)
- **手动**:`workflow_dispatch`,可指定 `target_url`(DAST 目标)与 `skip_dast` 选项
执行内容:
| 步骤 | 工具 | 类型 | 输出 |
|------|------|------|------|
| 依赖扫描 | npm audit | 依赖 | `audit-report.json` |
| 深度依赖 + 静态分析 | Snyk(`--severity-threshold=medium`) | 依赖 + 代码 | `snyk.sarif` |
| 文件系统扫描 | Trivy fs | 代码 + 依赖 | `trivy-fs-report.json` |
| 容器镜像扫描 | Trivy image | 容器 | `trivy-image-report.json` |
| DAST | OWASP ZAP baseline | 动态 | 控制台报告 |
| 汇总报告 | shell + jq | 汇总 | `security-summary.md` |
所有报告上传为 artifact `security-reports-full`
## 二、各扫描工具的作用
| 工具 | 作用 | 覆盖范围 |
|------|------|---------|
| **npm audit** | Node.js 依赖漏洞审计,基于 npm advisory 数据库 | 直接与间接 npm 依赖 |
| **Snyk** | 深度依赖分析 + 代码静态分析,漏洞库更广,含许可证检查 | npm 依赖 + 源码 |
| **Trivy(fs)** | 文件系统扫描,检测依赖锁文件、IaC 配置、密钥泄露 | 项目代码、配置、密钥 |
| **Trivy(image)** | 容器镜像扫描,检测镜像层漏洞与配置问题 | 构建出的 Docker 镜像 |
| **OWASP ZAP** | 动态应用安全测试(DAST),模拟攻击发现运行时漏洞 | 运行中的 Web 应用 |
## 三、如何处理扫描发现的漏洞
### 3.1 处理流程
1. **查看报告**:从 CI artifact 下载 `security-reports` / `security-reports-full`
2. **分级评估**:按漏洞等级确定处理优先级(见分级标准)
3. **修复或缓解**:
- 升级受影响依赖到修复版本
- 若无法立即升级,评估是否可接受并记录抑制项
- 对运行时漏洞,通过 WAF/配置/代码修复
4. **验证**:本地运行 `npm run security:scan` 验证修复效果
5. **记录**:更新抑制配置文件,记录处理决策
### 3.2 抑制配置文件
对于经评估确认可接受的漏洞,通过以下文件抑制:
- **`.gitea/suppressions.json`** — Snyk 漏洞抑制,每条需填写 `id``package``severity``reason``expires`(到期时间)、`owner`
- **`.trivyignore`** — Trivy 忽略的 CVE 列表,每行一个 CVE ID,带注释说明原因
> 抑制项到期后必须重新评估。`suppressions.json` 中 `policy.reviewCadenceDays: 30` 要求每 30 天复审一次。
### 3.3 必需的 Secrets
| Secret | 用途 | 必需性 |
|--------|------|--------|
| `SNYK_TOKEN` | Snyk API 令牌 | 推荐(无则 Snyk 步骤跳过) |
| `NEXTAUTH_URL` | ZAP DAST 扫描目标 URL | 可选(默认 localhost:8015) |
## 四、本地扫描方法
### 4.1 npm 脚本
```bash
# 仅依赖审计
npm run security:audit
# 完整本地扫描(npm audit + Trivy fs)
npm run security:scan
```
### 4.2 直接运行脚本
**Linux/macOS:**
```bash
chmod +x scripts/security-scan.sh
./scripts/security-scan.sh
```
**Windows PowerShell:**
```powershell
.\scripts\security-scan.ps1
```
### 4.3 退出码
| 退出码 | 含义 |
|--------|------|
| `0` | 无高危(critical/high)漏洞 |
| `1` | 存在高危漏洞,需尽快处理 |
### 4.4 前置依赖
- **Node.js + npm** — 必需
- **Trivy** — 可选(未安装则跳过文件系统扫描),[安装指南](https://aquasecurity.github.io/trivy/latest/getting-started/installation/)
- **jq**(仅 bash 脚本)— 可选(未安装则显示原始报告)
## 五、漏洞分级标准
| 等级 | 说明 | 示例 |
|------|------|------|
| **Critical** | 可被远程利用,导致 RCE、认证绕过、数据完全泄露 | 远程代码执行、SQL 注入 |
| **High** | 可导致权限提升、敏感数据泄露、服务中断 | XSS、认证缺陷、SSRF |
| **Medium** | 需特定条件触发,影响有限 | 信息泄露、CSRF |
| **Low** | 影响极小,通常为信息收集类 | 版本号泄露、低危 ReDoS |
## 六、修复 SLA(服务等级协议)
| 漏洞等级 | 修复时限 | 处理要求 |
|---------|---------|---------|
| Critical | 24 小时 | 立即修复或下线受影响服务,发布紧急补丁 |
| High | 7 天 | 优先排期修复,升级依赖或应用补丁 |
| Medium | 30 天 | 纳入迭代计划修复 |
| Low | 90 天 | 评估后决定修复或抑制 |
> 超过 SLA 未处理的漏洞需升级至安全负责人,并在 `suppressions.json` 中记录延期原因。
## 七、相关文件清单
| 文件 | 用途 |
|------|------|
| `.gitea/workflows/ci.yml` | 主 CI 流水线(含 security-scan job) |
| `.gitea/workflows/security.yml` | 独立深度安全扫描工作流 |
| `.gitea/suppressions.json` | Snyk 漏洞抑制配置 |
| `.trivyignore` | Trivy CVE 忽略列表 |
| `scripts/security-scan.sh` | 本地扫描脚本(Linux/macOS) |
| `scripts/security-scan.ps1` | 本地扫描脚本(Windows) |
| `scripts/audit.sh` | 依赖审计脚本(Linux/macOS) |
| `scripts/audit.ps1` | 依赖审计脚本(Windows) |

185
docs/testing/visual-regression.md Normal file
View File

@@ -0,0 +1,185 @@
# 视觉回归测试 (Visual Regression Testing)
本项目使用 [Playwright](https://playwright.dev/) 的 `toHaveScreenshot()` API 实现视觉回归测试,对关键页面在多种视口与主题下进行像素级快照对比,以捕获 UI 的意外变化。
## 目录结构
```
tests/visual/
├── visual.config.ts # 视觉测试配置(页面、视口、主题、快照路径)
├── homepage.spec.ts # 登录页视觉测试
├── admin-dashboard.spec.ts # 管理员仪表盘视觉测试
├── teacher-dashboard.spec.ts # 教师仪表盘视觉测试
├── student-dashboard.spec.ts # 学生仪表盘视觉测试
├── helpers/
│ ├── auth.ts # 认证辅助(登录、setupAuthState)
│ └── visual-helpers.ts # 视觉通用辅助(视口、主题、遮罩)
└── __screenshots__/ # 快照基线存储目录(自动生成)
```
## 覆盖范围
| 页面 | 路径 | 视口 | 主题 | 是否需要登录 |
|------|------|------|------|--------------|
| 登录页 | `/login` | desktop / tablet / mobile | light / dark | 否 |
| 管理员仪表盘 | `/admin/dashboard` | desktop / tablet / mobile | light / dark | 是 (admin) |
| 教师仪表盘 | `/teacher/dashboard` | desktop / tablet / mobile | light / dark | 是 (teacher) |
| 学生仪表盘 | `/student/dashboard` | desktop / tablet / mobile | light / dark | 是 (student) |
视口尺寸:
- desktop: 1920 × 1080
- tablet: 768 × 1024
- mobile: 375 × 812
## 运行测试
### 前置条件
- 需要启动开发服务器(Playwright 会通过 `webServer` 配置自动启动)
- 需要登录的视觉测试需要 `DATABASE_URL` 环境变量,否则会自动跳过
- 测试账号默认为 `admin@xiaoxue.edu.cn / 123456`,可通过环境变量覆盖
### 运行命令
```bash
# 运行所有视觉回归测试
npm run test:visual
# 运行单个测试文件
npx playwright test --project=visual-chromium tests/visual/homepage.spec.ts
# 以 UI 模式运行(便于调试)
npx playwright test --project=visual-chromium --ui
```
### 环境变量
| 变量 | 默认值 | 说明 |
|------|--------|------|
| `DATABASE_URL` | - | 数据库连接串,未设置时需要登录的测试会跳过 |
| `VISUAL_ADMIN_EMAIL` | `admin@xiaoxue.edu.cn` | 管理员测试账号 |
| `VISUAL_ADMIN_PASSWORD` | `123456` | 管理员测试密码 |
| `VISUAL_TEACHER_EMAIL` | `admin@xiaoxue.edu.cn` | 教师测试账号 |
| `VISUAL_TEACHER_PASSWORD` | `123456` | 教师测试密码 |
| `VISUAL_STUDENT_EMAIL` | `admin@xiaoxue.edu.cn` | 学生测试账号 |
| `VISUAL_STUDENT_PASSWORD` | `123456` | 学生测试密码 |
## 更新基线
当 UI 发生**预期内**的变化时,需要更新快照基线:
```bash
# 更新所有视觉快照基线
npm run test:visual:update
# 更新单个测试文件的基线
npx playwright test --project=visual-chromium tests/visual/homepage.spec.ts --update-snapshots
```
更新后的快照应作为 PR 的一部分提交到版本库,以便团队评审 UI 变更。
## 处理误报
视觉测试可能因为动态内容(时间戳、用户名、实时数据等)产生误报。本项目通过以下方式消除误报:
### 1. 动态元素遮罩
`maskDynamicElements()` 辅助函数会自动遮罩以下选择器:
- `[data-testid='timestamp']`
- `[data-testid='current-time']`
- `[data-testid='user-avatar']`
- `[data-testid='user-name']`
- `time`
- `[data-visual-dynamic]`
可在测试中追加额外需要遮罩的选择器:
```ts
const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']"])
```
### 2. 标记动态元素
在组件代码中为动态元素添加 `data-visual-dynamic` 属性,即可自动被遮罩:
```tsx
<div data-visual-dynamic>{new Date().toLocaleString()}</div>
```
### 3. 调整容差
`playwright.config.ts` 中配置了默认容差 `maxDiffPixelRatio: 0.01`(允许 1% 像素差异)。若特定页面需要更宽松的容差,可在断言时覆盖:
```ts
await expect(page).toHaveScreenshot("name.png", {
maxDiffPixelRatio: 0.05,
})
```
### 4. 禁用动画
默认配置 `animations: "disabled"`,避免动画过渡态导致快照不稳定。
## CI 集成
### GitHub Actions 示例
```yaml
name: Visual Regression
on:
pull_request:
paths:
- "src/**"
- "tests/visual/**"
- "playwright.config.ts"
jobs:
visual:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: npm ci
- run: npx playwright install --with-deps chromium
# 启动数据库(按需)
- run: npm run db:setup
env:
DATABASE_URL: ${{ secrets.TEST_DATABASE_URL }}
- name: Run visual tests
run: npm run test:visual
env:
DATABASE_URL: ${{ secrets.TEST_DATABASE_URL }}
CI: "true"
- name: Upload snapshot diff
if: failure()
uses: actions/upload-artifact@v4
with:
name: snapshot-diff
path: test-results/
retention-days: 7
```
### CI 注意事项
1. **快照基线需提交到版本库**: `tests/visual/__screenshots__/` 目录应纳入 Git 跟踪
2. **跨平台一致性**: 不同操作系统的字体渲染存在差异,建议 CI 与本地使用相同的 Linux 容器环境。若本地为 Windows/macOS,可能出现少量误报,以 CI 结果为准
3. **storageState 缓存**: `tests/visual/.auth/` 目录应加入 `.gitignore`,不要提交登录态文件
## 与 E2E 测试的关系
| 维度 | E2E 测试 | 视觉测试 |
|------|----------|----------|
| 目录 | `tests/e2e/` | `tests/visual/` |
| Playwright 项目 | `chromium` | `visual-chromium` |
| 运行命令 | `npm run test:e2e` | `npm run test:visual` |
| 关注点 | 功能正确性 | UI 视觉一致性 |
| 断言方式 | DOM/行为断言 | 像素快照对比 |
两个测试套件相互独立,可分别运行,互不影响。

44
docs/work_log.md
View File

@@ -2,6 +2,50 @@
## 2026-06-17
### P2 质量保障类实现5 项全部完成)
#### 1. 屏幕阅读器兼容性增强a11y
- 新增无障碍工具库:`src/shared/lib/a11y.ts`useA11yId/mergeA11yProps/describeInput/loadingAria
- 新增 Hook`src/shared/hooks/use-aria-live.ts`aria-live 区域管理)
- 新增组件:`src/shared/components/a11y/`skip-link/visually-hidden/focus-trap/aria-status
- 增强 UI 组件table.tsx 添加系统性 ARIA roledialog.tsx 添加 aria-modal
- 审计文档:`docs/accessibility/a11y-audit.md`(含 WCAG 2.1 AA 合规清单)
#### 2. 视觉回归测试Visual Regression
- 配置:`tests/visual/visual.config.ts`3 视口 × 2 主题)
- 测试套件homepage/admin-dashboard/teacher-dashboard/student-dashboard
- 辅助函数auth.ts登录态管理、visual-helpers.ts视口/主题/遮罩)
- 更新 playwright.config.ts新增 visual-chromium 项目maxDiffPixelRatio 0.01
- 文档:`docs/testing/visual-regression.md`
#### 3. 短信/微信推送渠道集成notifications
- 新增模块:`src/modules/notifications/`
- 渠道实现SMS阿里云/腾讯云/Mock、WeChat公众号模板消息、EmailNodemailer SMTP、In-App
- 分发器:按用户通知偏好并行多渠道发送
- Server ActionssendNotificationAction、sendClassNotificationAction
- 外部 SDK 动态 importMock 模式开发环境可用
- 配置:`.env.example`,文档:`docs/notifications/channels.md`
#### 4. 漏洞扫描 CI 集成security
- 增强 CIsecurity-scan jobnpm audit + Snyk + Trivy FS + OWASP ZAP
- 独立工作流:`.gitea/workflows/security.yml`(每周一深度扫描,含容器镜像扫描)
- 配置:`.gitea/suppressions.json`Snyk 抑制)、`.trivyignore`Trivy CVE 忽略)
- 本地脚本:`scripts/security-scan.sh` + `scripts/security-scan.ps1`
- 文档:`docs/security/scanning.md`(含 SLAcritical 24h/high 7d/medium 30d/low 90d
#### 5. 灾备方案DR
- 脚本backup-verify.sh完整性校验、backup-offsite-sync.shS3/OSS/NFS 异地同步、dr-drill.sh/ps1灾备演练、failover.sh故障切换、health-check.sh健康检查
- CI 增强scheduled-backup 添加校验+异地同步,新增 weekly-dr-drill job
- 独立工作流:`.gitea/workflows/dr-drill.yml`(每周一凌晨 4 点自动演练)
- 文档:`docs/dr/dr-plan.md`RTO 4h/RPO 24h`docs/dr/dr-runbook.md`6 大故障场景操作手册)
- 配置:`.env.example` 灾备环境变量
#### 验证
- `npx tsc --noEmit`0 错误
- `npm run lint`0 错误 0 警告
---
### P2 功能扩展类实现(功能扩展 + 质量保障首批)
#### 1. 选课管理模块elective

18
package.json
View File

@@ -15,9 +15,11 @@
"test:integration": "vitest run --config vitest.config.ts",
"test:integration:watch": "vitest --config vitest.config.ts",
"test:integration:coverage": "vitest run --config vitest.config.ts --coverage",
"test:e2e": "playwright test",
"test:e2e:smoke": "playwright test tests/e2e/smoke-auth.spec.ts",
"test:e2e:full-routes": "playwright test tests/e2e/full-route-regression.spec.ts",
"test:e2e": "playwright test --project=chromium",
"test:e2e:smoke": "playwright test --project=chromium tests/e2e/smoke-auth.spec.ts",
"test:e2e:full-routes": "playwright test --project=chromium tests/e2e/full-route-regression.spec.ts",
"test:visual": "playwright test --project=visual-chromium",
"test:visual:update": "playwright test --project=visual-chromium --update-snapshots",
"db:create": "npx tsx scripts/create-db.ts",
"db:seed": "npx tsx scripts/seed.ts",
"db:generate": "drizzle-kit generate",
@@ -26,8 +28,16 @@
"db:setup": "npx tsx scripts/create-db.ts && drizzle-kit migrate && npx tsx scripts/seed.ts",
"audit": "npm audit --audit-level=moderate",
"audit:report": "npm audit --json > audit-report.json",
"security:audit": "npm audit --audit-level=moderate",
"security:scan": "bash scripts/security-scan.sh",
"backup": "bash scripts/backup-db.sh",
"restore": "bash scripts/restore-db.sh"
"restore": "bash scripts/restore-db.sh",
"dr:backup-verify": "bash scripts/backup-verify.sh",
"dr:offsite-sync": "bash scripts/backup-offsite-sync.sh",
"dr:drill": "bash scripts/dr-drill.sh",
"dr:drill:ps1": "powershell -ExecutionPolicy Bypass -File scripts/dr-drill.ps1",
"dr:health-check": "bash scripts/health-check.sh",
"dr:failover": "bash scripts/failover.sh"
},
"dependencies": {
"@dnd-kit/core": "^6.3.1",

27
playwright.config.ts
View File

@@ -1,7 +1,8 @@
import { defineConfig, devices } from "@playwright/test"
export default defineConfig({
testDir: "./tests/e2e",
// 改为 tests 根目录,由各 project 通过 testDir 限定范围
testDir: "./tests",
fullyParallel: true,
forbidOnly: !!process.env.CI,
retries: process.env.CI ? 2 : 0,
@@ -13,6 +14,19 @@ export default defineConfig({
screenshot: "only-on-failure",
video: process.env.CI ? "retain-on-failure" : "off",
},
// 视觉快照存储路径模板: tests/visual/__screenshots__/{testFilePath}/{arg}{ext}
snapshotPathTemplate: "{testDir}/__screenshots__/{testFilePath}/{arg}{ext}",
// toHaveScreenshot / toMatchSnapshot 默认选项
expect: {
toHaveScreenshot: {
maxDiffPixelRatio: 0.01,
animations: "disabled",
caret: "hide",
},
toMatchSnapshot: {
maxDiffPixelRatio: 0.01,
},
},
webServer: {
command: "npm run dev",
port: 3000,
@@ -26,8 +40,19 @@ export default defineConfig({
},
},
projects: [
// E2E 测试项目(原有配置,限定到 tests/e2e)
{
name: "chromium",
testDir: "./tests/e2e",
use: {
...devices["Desktop Chrome"],
channel: process.env.CI ? undefined : "chrome",
},
},
// 视觉回归测试项目(限定到 tests/visual)
{
name: "visual-chromium",
testDir: "./tests/visual",
use: {
...devices["Desktop Chrome"],
channel: process.env.CI ? undefined : "chrome",

342
scripts/backup-offsite-sync.sh Normal file
View File

@@ -0,0 +1,342 @@
#!/bin/bash
# 异地备份同步脚本
# 用法: ./backup-offsite-sync.sh
# 将本地备份同步到远程存储(S3/OSS/NFS),支持校验和清理
set -u
show_help() {
cat <<EOF
用法: $0 [选项]
异地备份同步脚本,将本地备份同步到远程存储
选项:
--backend TYPE 远程存储后端类型: s3|oss|nfs|none
--no-cleanup 不清理远程过期备份
--no-verify 不校验同步结果
--help, -h 显示帮助信息
环境变量:
BACKUP_DIR 本地备份目录(默认 ./backups)
BACKUP_OFFSITE_BACKEND 远程后端类型: s3|oss|nfs|none (默认 none)
BACKUP_OFFSITE_REMOTE 远程目标路径
- s3: s3://bucket-name/path
- oss: oss://bucket-name/path
- nfs: /mnt/nfs/backup-path
BACKUP_OFFSITE_BUCKET 存储桶名称(仅 s3/oss)
BACKUP_OFFSITE_ACCESS_KEY 访问密钥
BACKUP_OFFSITE_SECRET_KEY 秘密密钥
BACKUP_OFFSITE_REGION 区域(默认 us-east-1)
BACKUP_OFFSITE_RETENTION_DAYS 远程保留天数(默认 90)
需要工具:
s3: aws-cli (aws) 或 rclone
oss: ossutil 或 rclone
nfs: rsync (NFS 应已挂载到 BACKUP_OFFSITE_REMOTE)
退出码:
0 同步成功
1 同步失败
EOF
}
# 解析参数
NO_CLEANUP=0
NO_VERIFY=0
while [ $# -gt 0 ]; do
case "$1" in
--help|-h)
show_help
exit 0
;;
--backend)
if [ $# -lt 2 ]; then
echo "ERROR: --backend requires an argument" >&2
exit 1
fi
BACKUP_OFFSITE_BACKEND="$2"
shift 2
;;
--no-cleanup)
NO_CLEANUP=1
shift
;;
--no-verify)
NO_VERIFY=1
shift
;;
*)
echo "ERROR: Unknown argument: $1" >&2
exit 1
;;
esac
done
BACKUP_DIR="${BACKUP_DIR:-./backups}"
BACKEND="${BACKUP_OFFSITE_BACKEND:-none}"
REMOTE="${BACKUP_OFFSITE_REMOTE:-}"
BUCKET="${BACKUP_OFFSITE_BUCKET:-}"
ACCESS_KEY="${BACKUP_OFFSITE_ACCESS_KEY:-}"
SECRET_KEY="${BACKUP_OFFSITE_SECRET_KEY:-}"
REGION="${BACKUP_OFFSITE_REGION:-us-east-1}"
RETENTION_DAYS="${BACKUP_OFFSITE_RETENTION_DAYS:-90}"
echo "=== Offsite Backup Sync ==="
echo "Time: $(date -u +"%Y-%m-%dT%H:%M:%SZ")"
echo "Backend: $BACKEND"
echo "Local: $BACKUP_DIR"
echo "Remote: $REMOTE"
echo ""
# 检查后端类型
if [ "$BACKEND" = "none" ]; then
echo "INFO: BACKUP_OFFSITE_BACKEND=none, offsite sync disabled"
echo "To enable, set BACKUP_OFFSITE_BACKEND to s3, oss, or nfs"
exit 0
fi
if [ "$BACKEND" != "s3" ] && [ "$BACKEND" != "oss" ] && [ "$BACKEND" != "nfs" ]; then
echo "ERROR: Invalid backend: $BACKEND (must be s3, oss, nfs, or none)" >&2
exit 1
fi
# 检查本地备份目录
if [ ! -d "$BACKUP_DIR" ]; then
echo "ERROR: Local backup directory does not exist: $BACKUP_DIR" >&2
exit 1
fi
# 统计本地备份文件
LOCAL_FILES=$(ls -1 "$BACKUP_DIR"/db_backup_*.sql.gz 2>/dev/null | wc -l)
if [ "$LOCAL_FILES" -eq 0 ]; then
echo "ERROR: No backup files found in $BACKUP_DIR" >&2
exit 1
fi
echo "INFO: Found $LOCAL_FILES local backup files"
# 检查远程配置
if [ -z "$REMOTE" ]; then
echo "ERROR: BACKUP_OFFSITE_REMOTE not set" >&2
echo "Example for $BACKEND:" >&2
case "$BACKEND" in
s3) echo " s3://my-bucket/backups/" >&2 ;;
oss) echo " oss://my-bucket/backups/" >&2 ;;
nfs) echo " /mnt/nfs/backups/" >&2 ;;
esac
exit 1
fi
# 检查工具可用性
check_tool() {
if ! command -v "$1" >/dev/null 2>&1; then
echo "ERROR: Required tool not found: $1" >&2
echo "Please install $1 to use the $BACKEND backend" >&2
exit 1
fi
}
# 配置凭证
setup_credentials() {
case "$BACKEND" in
s3)
if [ -n "$ACCESS_KEY" ] && [ -n "$SECRET_KEY" ]; then
export AWS_ACCESS_KEY_ID="$ACCESS_KEY"
export AWS_SECRET_ACCESS_KEY="$SECRET_KEY"
export AWS_DEFAULT_REGION="$REGION"
fi
;;
oss)
if [ -n "$ACCESS_KEY" ] && [ -n "$SECRET_KEY" ]; then
# ossutil 配置
if [ -f ~/.ossutilconfig ]; then
cp ~/.ossutilconfig ~/.ossutilconfig.bak 2>/dev/null || true
fi
cat > ~/.ossutilconfig <<EOF
[Credentials]
provider = oss
accessKey = $ACCESS_KEY
secretKey = $SECRET_KEY
[Default]
endpoint = oss-${REGION}.aliyuncs.com
EOF
fi
;;
nfs)
# NFS 应已挂载,无需凭证
if [ ! -d "$REMOTE" ]; then
echo "ERROR: NFS remote directory does not exist: $REMOTE" >&2
echo "Please ensure NFS is mounted at this path" >&2
exit 1
fi
;;
esac
}
# 同步到远程
sync_to_remote() {
echo ""
echo "[1/3] Syncing backups to $BACKEND..."
case "$BACKEND" in
s3)
if command -v aws >/dev/null 2>&1; then
echo "Using aws-cli"
if ! aws s3 sync "$BACKUP_DIR/" "$REMOTE" \
--exclude "*" --include "db_backup_*.sql.gz" \
--no-progress; then
echo "ERROR: aws s3 sync failed" >&2
return 1
fi
elif command -v rclone >/dev/null 2>&1; then
echo "Using rclone"
if ! rclone sync "$BACKUP_DIR" "$REMOTE" \
--include "db_backup_*.sql.gz" \
--progress; then
echo "ERROR: rclone sync failed" >&2
return 1
fi
else
echo "ERROR: Neither aws-cli nor rclone found" >&2
return 1
fi
;;
oss)
if command -v ossutil >/dev/null 2>&1; then
echo "Using ossutil"
if ! ossutil cp -r "$BACKUP_DIR/" "$REMOTE" \
--include "db_backup_*.sql.gz" -f; then
echo "ERROR: ossutil sync failed" >&2
return 1
fi
elif command -v rclone >/dev/null 2>&1; then
echo "Using rclone"
if ! rclone sync "$BACKUP_DIR" "$REMOTE" \
--include "db_backup_*.sql.gz" \
--progress; then
echo "ERROR: rclone sync failed" >&2
return 1
fi
else
echo "ERROR: Neither ossutil nor rclone found" >&2
return 1
fi
;;
nfs)
if command -v rsync >/dev/null 2>&1; then
echo "Using rsync"
mkdir -p "$REMOTE" 2>/dev/null || true
if ! rsync -av --include="db_backup_*.sql.gz" --exclude="*" \
"$BACKUP_DIR/" "$REMOTE/"; then
echo "ERROR: rsync failed" >&2
return 1
fi
else
echo "Using cp (rsync not available)"
mkdir -p "$REMOTE" 2>/dev/null || true
if ! cp "$BACKUP_DIR"/db_backup_*.sql.gz "$REMOTE/" 2>/dev/null; then
echo "ERROR: cp failed" >&2
return 1
fi
fi
;;
esac
echo " PASS: Sync completed"
return 0
}
# 校验同步结果
verify_sync() {
if [ "$NO_VERIFY" -eq 1 ]; then
echo ""
echo "[2/3] Verification skipped (--no-verify)"
return 0
fi
echo ""
echo "[2/3] Verifying sync result..."
REMOTE_FILES=0
case "$BACKEND" in
s3)
if command -v aws >/dev/null 2>&1; then
REMOTE_FILES=$(aws s3 ls "$REMOTE" --recursive 2>/dev/null | grep -c "db_backup_.*\.sql\.gz" || echo 0)
elif command -v rclone >/dev/null 2>&1; then
REMOTE_FILES=$(rclone lsf "$REMOTE" --include "db_backup_*.sql.gz" 2>/dev/null | wc -l || echo 0)
fi
;;
oss)
if command -v ossutil >/dev/null 2>&1; then
REMOTE_FILES=$(ossutil ls "$REMOTE" 2>/dev/null | grep -c "db_backup_.*\.sql\.gz" || echo 0)
elif command -v rclone >/dev/null 2>&1; then
REMOTE_FILES=$(rclone lsf "$REMOTE" --include "db_backup_*.sql.gz" 2>/dev/null | wc -l || echo 0)
fi
;;
nfs)
REMOTE_FILES=$(ls -1 "$REMOTE"/db_backup_*.sql.gz 2>/dev/null | wc -l)
;;
esac
echo " Local files: $LOCAL_FILES"
echo " Remote files: $REMOTE_FILES"
if [ "$REMOTE_FILES" -lt "$LOCAL_FILES" ]; then
echo " WARN: Remote has fewer files than local (some may have been cleaned up)"
else
echo " PASS: File count verified"
fi
return 0
}
# 清理远程过期备份
cleanup_remote() {
if [ "$NO_CLEANUP" -eq 1 ]; then
echo ""
echo "[3/3] Cleanup skipped (--no-cleanup)"
return 0
fi
echo ""
echo "[3/3] Cleaning up remote backups older than $RETENTION_DAYS days..."
case "$BACKEND" in
s3)
if command -v aws >/dev/null 2>&1; then
aws s3 ls "$REMOTE" --recursive 2>/dev/null | grep "db_backup_.*\.sql\.gz" | while read -r line; do
FILE_PATH=$(echo "$line" | awk '{print $4}')
FILE_DATE=$(echo "$FILE_PATH" | grep -oE '[0-9]{8}_[0-9]{6}' | head -1)
if [ -n "$FILE_DATE" ]; then
FILE_TS=$(echo "$FILE_DATE" | sed 's/\([0-9]\{8\}\)_\([0-9]\{6\}\)/\1 \2/' | awk '{print $1}')
CUTOFF=$(date -d "-$RETENTION_DAYS days" +%Y%m%d 2>/dev/null || date -v-${RETENTION_DAYS}d +%Y%m%d 2>/dev/null)
if [ -n "$CUTOFF" ] && [ "$FILE_TS" -lt "$CUTOFF" ]; then
echo " Deleting: $FILE_PATH"
aws s3 rm "s3://$(echo "$REMOTE" | sed 's|s3://||')/$FILE_PATH" 2>/dev/null || true
fi
fi
done
fi
;;
oss)
if command -v ossutil >/dev/null 2>&1; then
# ossutil 不支持基于时间的清理,使用生命周期规则或手动删除
echo " INFO: For OSS, configure lifecycle rules in the console for automatic cleanup"
echo " INFO: Manual cleanup with retention $RETENTION_DAYS days"
fi
;;
nfs)
if [ -d "$REMOTE" ]; then
find "$REMOTE" -name "db_backup_*.sql.gz" -mtime +$RETENTION_DAYS -delete 2>/dev/null || true
echo " Cleaned up files older than $RETENTION_DAYS days"
fi
;;
esac
echo " PASS: Cleanup completed"
return 0
}
# 执行同步流程
setup_credentials
if ! sync_to_remote; then
exit 1
fi
verify_sync
cleanup_remote
echo ""
echo "=== Offsite Sync Complete ==="
exit 0

221
scripts/backup-verify.sh Normal file
View File

@@ -0,0 +1,221 @@
#!/bin/bash
# 备份完整性校验脚本
# 用法: ./backup-verify.sh [backup_file] [--min-size BYTES]
# 不传参数时校验最新备份
set -u
show_help() {
cat <<EOF
用法: $0 [backup_file] [选项]
备份完整性校验脚本
参数:
backup_file 要校验的备份文件路径(不传时校验最新备份)
选项:
--min-size BYTES 最小文件大小阈值(字节),默认 1024
--no-sql-check 跳过 SQL 语法校验(不连接数据库)
--help, -h 显示帮助信息
环境变量:
BACKUP_DIR 备份目录(默认 ./backups)
DATABASE_URL 数据库连接 URL(用于 SQL 语法校验)
BACKUP_VERIFY_MIN_SIZE 最小文件大小(字节,默认 1024)
退出码:
0 校验通过
1 校验失败
EOF
}
# 解析参数
BACKUP_FILE=""
MIN_SIZE="${BACKUP_VERIFY_MIN_SIZE:-1024}"
NO_SQL_CHECK=0
while [ $# -gt 0 ]; do
case "$1" in
--help|-h)
show_help
exit 0
;;
--min-size)
if [ $# -lt 2 ]; then
echo "ERROR: --min-size requires an argument" >&2
exit 1
fi
MIN_SIZE="$2"
shift 2
;;
--no-sql-check)
NO_SQL_CHECK=1
shift
;;
*)
if [ -z "$BACKUP_FILE" ]; then
BACKUP_FILE="$1"
else
echo "ERROR: Unknown argument: $1" >&2
exit 1
fi
shift
;;
esac
done
BACKUP_DIR="${BACKUP_DIR:-./backups}"
# 如果未指定文件,查找最新备份
if [ -z "$BACKUP_FILE" ]; then
BACKUP_FILE=$(ls -t "$BACKUP_DIR"/db_backup_*.sql.gz 2>/dev/null | head -1)
if [ -z "$BACKUP_FILE" ]; then
echo "ERROR: No backup file found in $BACKUP_DIR" >&2
echo "Hint: Run scripts/backup-db.sh first or specify a file path" >&2
exit 1
fi
fi
echo "=== Backup Verification Report ==="
echo "File: $BACKUP_FILE"
echo "Time: $(date -u +"%Y-%m-%dT%H:%M:%SZ")"
echo ""
ERRORS=0
WARNINGS=0
# 步骤 1: 检查文件存在
echo "[1/4] Checking file existence..."
if [ ! -f "$BACKUP_FILE" ]; then
echo " FAIL: File does not exist: $BACKUP_FILE"
exit 1
fi
echo " PASS: File exists"
# 步骤 2: 检查文件大小
echo "[2/4] Checking file size..."
FILE_SIZE=$(stat -c%s "$BACKUP_FILE" 2>/dev/null || stat -f%z "$BACKUP_FILE" 2>/dev/null)
if [ -z "$FILE_SIZE" ]; then
echo " WARN: Could not determine file size"
WARNINGS=$((WARNINGS + 1))
elif [ "$FILE_SIZE" -lt "$MIN_SIZE" ]; then
echo " FAIL: File size ${FILE_SIZE} bytes is below threshold ${MIN_SIZE} bytes"
echo " This may indicate a corrupted or empty backup"
exit 1
else
echo " PASS: File size ${FILE_SIZE} bytes (threshold: ${MIN_SIZE} bytes)"
fi
# 步骤 3: 校验 gzip 完整性
echo "[3/4] Verifying gzip integrity..."
if ! gunzip -t "$BACKUP_FILE" 2>/dev/null; then
echo " FAIL: gzip integrity check failed - file may be corrupted"
exit 1
fi
echo " PASS: gzip integrity verified"
# 步骤 4: 校验 SQL 内容
echo "[4/4] Verifying SQL content..."
TEMP_SQL=$(mktemp 2>/dev/null || echo "/tmp/backup_verify_$$.sql")
trap "rm -f \"$TEMP_SQL\" /tmp/backup_verify_errors_$$.txt 2>/dev/null" EXIT
if ! gunzip -c "$BACKUP_FILE" > "$TEMP_SQL" 2>/dev/null; then
echo " FAIL: Could not decompress backup file"
exit 1
fi
# 检查文件非空
SQL_SIZE=$(stat -c%s "$TEMP_SQL" 2>/dev/null || stat -f%z "$TEMP_SQL" 2>/dev/null)
if [ -z "$SQL_SIZE" ] || [ "$SQL_SIZE" -eq 0 ]; then
echo " FAIL: Decompressed SQL file is empty"
exit 1
fi
echo " PASS: Decompressed size: ${SQL_SIZE} bytes"
# 检查 mysqldump 头部
if grep -q "MySQL dump" "$TEMP_SQL" 2>/dev/null || grep -q "mysqldump" "$TEMP_SQL" 2>/dev/null; then
echo " PASS: mysqldump header found"
else
echo " WARN: mysqldump header not found (may not be a standard mysqldump file)"
WARNINGS=$((WARNINGS + 1))
fi
# 检查 SQL 语句数量
STMT_COUNT=$(grep -c ";" "$TEMP_SQL" 2>/dev/null || echo 0)
if [ "$STMT_COUNT" -lt 10 ]; then
echo " WARN: Low statement count (${STMT_COUNT} semicolons)"
WARNINGS=$((WARNINGS + 1))
else
echo " PASS: Found ${STMT_COUNT} SQL statements"
fi
# 检查 CREATE TABLE 数量
CREATE_COUNT=$(grep -ci "CREATE TABLE" "$TEMP_SQL" 2>/dev/null || echo 0)
echo " INFO: Found ${CREATE_COUNT} CREATE TABLE statements"
# 检查明显的语法错误标记
if grep -qi "ERROR at line" "$TEMP_SQL" 2>/dev/null; then
echo " FAIL: Found error markers in SQL file"
exit 1
fi
# SQL 语法校验(可选,需要 DATABASE_URL)
if [ "$NO_SQL_CHECK" -eq 1 ]; then
echo " SKIP: SQL syntax check skipped (--no-sql-check)"
elif [ -z "${DATABASE_URL:-}" ]; then
echo " SKIP: DATABASE_URL not set, skipping SQL syntax check"
else
echo " Performing SQL syntax check via mysql..."
# 解析 DATABASE_URL
DB_USER=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p')
DB_PASS=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p')
DB_HOST=$(echo "$DATABASE_URL" | sed -n 's/.*@\([^:]*\):.*/\1/p')
DB_PORT=$(echo "$DATABASE_URL" | sed -n 's/.*:\([0-9]*\)\/.*/\1/p')
if [ -z "$DB_HOST" ] || [ -z "$DB_USER" ]; then
echo " WARN: Could not parse DATABASE_URL, skipping SQL syntax check"
WARNINGS=$((WARNINGS + 1))
else
# 创建临时数据库进行语法校验(不影响生产数据)
TEMP_DB="verify_$(date +%s)_$$"
ERROR_FILE="/tmp/backup_verify_errors_$$.txt"
if mysql -h "$DB_HOST" -P "${DB_PORT:-3306}" -u "$DB_USER" -p"$DB_PASS" \
-e "CREATE DATABASE \`$TEMP_DB\`;" 2>"$ERROR_FILE"; then
# 使用 --force 继续执行,捕获所有语法错误
mysql -h "$DB_HOST" -P "${DB_PORT:-3306}" -u "$DB_USER" -p"$DB_PASS" \
--force "$TEMP_DB" < "$TEMP_SQL" > /dev/null 2>"$ERROR_FILE" || true
# 检查是否有语法错误(区分语法错误和执行错误)
SYNTAX_ERRORS=$(grep -i "You have an error in your SQL syntax" "$ERROR_FILE" 2>/dev/null | wc -l || echo 0)
if [ "$SYNTAX_ERRORS" -gt 0 ]; then
echo " FAIL: Found $SYNTAX_ERRORS SQL syntax errors"
grep -i "You have an error in your SQL syntax" "$ERROR_FILE" | head -3
# 清理临时数据库
mysql -h "$DB_HOST" -P "${DB_PORT:-3306}" -u "$DB_USER" -p"$DB_PASS" \
-e "DROP DATABASE IF EXISTS \`$TEMP_DB\`;" 2>/dev/null || true
exit 1
else
echo " PASS: SQL syntax check passed (no syntax errors)"
fi
# 清理临时数据库
mysql -h "$DB_HOST" -P "${DB_PORT:-3306}" -u "$DB_USER" -p"$DB_PASS" \
-e "DROP DATABASE IF EXISTS \`$TEMP_DB\`;" 2>/dev/null || true
else
echo " WARN: Could not create temp database for syntax check, skipping"
WARNINGS=$((WARNINGS + 1))
fi
fi
fi
echo ""
echo "=== Verification Summary ==="
echo "Errors: $ERRORS"
echo "Warnings: $WARNINGS"
if [ "$ERRORS" -gt 0 ]; then
echo "Result: FAILED"
exit 1
fi
echo "Result: PASSED"
exit 0

420
scripts/dr-drill.ps1 Normal file
View File

@@ -0,0 +1,420 @@
<#
.SYNOPSIS
灾备演练脚本(Windows PowerShell 版本)
.DESCRIPTION
自动化灾备演练:从备份恢复到测试数据库,验证数据完整性
.EXAMPLE
.\dr-drill.ps1
.EXAMPLE
.\dr-drill.ps1 -BackupFile "backups\db_backup_20260617_020000.sql.gz" -TestDb "next_edu_dr_drill"
.EXAMPLE
.\dr-drill.ps1 -NoCleanup
.PARAMETER BackupFile
指定备份文件(不指定则使用最新备份)
.PARAMETER TestDb
测试数据库名(默认 next_edu_dr_drill)
.PARAMETER NoCleanup
演练后不清理测试数据库
.PARAMETER ReportDir
报告输出目录(默认 docs\dr\reports)
.PARAMETER Help
显示帮助信息
#>
[CmdletBinding()]
param(
[Parameter(Position = 0)]
[string]$BackupFile = "",
[Parameter()]
[string]$TestDb = "",
[Parameter()]
[switch]$NoCleanup,
[Parameter()]
[string]$ReportDir = "",
[Parameter()]
[switch]$Help
)
# 显示帮助
if ($Help) {
Get-Help $MyInvocation.MyCommand.Path -Detailed
exit 0
}
# 配置
$ErrorActionPreference = "Stop"
$DatabaseUrl = $env:DATABASE_URL
if ([string]::IsNullOrEmpty($DatabaseUrl)) {
Write-Host "ERROR: DATABASE_URL not set" -ForegroundColor Red
exit 1
}
$BackupDir = if ($env:BACKUP_DIR) { $env:BACKUP_DIR } else { ".\backups" }
if ([string]::IsNullOrEmpty($TestDb)) {
$TestDb = if ($env:DR_DRILL_TEST_DB) { $env:DR_DRILL_TEST_DB } else { "next_edu_dr_drill" }
}
if ([string]::IsNullOrEmpty($ReportDir)) {
$ReportDir = if ($env:DR_DRILL_REPORT_DIR) { $env:DR_DRILL_REPORT_DIR } else { "docs\dr\reports" }
}
$Timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
$ReportFile = Join-Path $ReportDir "dr_drill_${Timestamp}.md"
# 解析 DATABASE_URL
# 格式: mysql://user:password@host:port/dbname
function Parse-DatabaseUrl {
param([string]$Url)
try {
$uri = [System.Uri]$Url
$userInfo = $uri.UserInfo -split ':', 2
return @{
User = $userInfo[0]
Pass = if ($userInfo.Length -gt 1) { $userInfo[1] } else { "" }
Host = $uri.Host
Port = if ($uri.Port -gt 0) { $uri.Port } else { 3306 }
DbName = $uri.AbsolutePath.TrimStart('/')
}
}
catch {
Write-Host "ERROR: Invalid DATABASE_URL format" -ForegroundColor Red
exit 1
}
}
$db = Parse-DatabaseUrl $DatabaseUrl
# 创建报告目录
if (-not (Test-Path $ReportDir)) {
New-Item -ItemType Directory -Path $ReportDir -Force | Out-Null
}
# 初始化报告
function Init-Report {
$content = @"
#
- ****: $(Get-Date -Format "yyyy-MM-ddTHH:mm:ssZ")
- ****: $TestDb
- ****: $($db.DbName)
- ****: $($db.Host):$($db.Port)
- ****: $BackupFile
##
"@
Set-Content -Path $ReportFile -Value $content -Encoding UTF8
}
function Append-Report {
param([string]$Content)
Add-Content -Path $ReportFile -Value $Content -Encoding UTF8
}
function Step-Result {
param(
[string]$Step,
[string]$Status,
[string]$Detail
)
Append-Report "### 步骤 $Step`: $Status"
Append-Report ""
Append-Report $Detail
Append-Report ""
if ($Status -eq "FAILED") {
Append-Report "❌ 步骤失败"
}
else {
Append-Report "✅ 步骤成功"
}
Append-Report ""
Write-Host "---"
}
# MySQL 执行函数
function Invoke-MySql {
param(
[string]$Query,
[string]$Database = "",
[switch]$Silent,
[switch]$Scalar
)
$mysqlArgs = @("-h", $db.Host, "-P", $db.Port, "-u", $db.User, "-p$($db.Pass)")
if (-not [string]::IsNullOrEmpty($Database)) {
$mysqlArgs += $Database
}
$mysqlArgs += @("-e", $Query)
if ($Scalar) {
$mysqlArgs += @("-s", "-N")
}
if ($Silent) {
$result = & mysql @mysqlArgs 2>$null
}
else {
$result = & mysql @mysqlArgs 2>&1
}
return $result
}
# 检查 mysql 命令
if (-not (Get-Command mysql -ErrorAction SilentlyContinue)) {
Write-Host "ERROR: mysql client not found in PATH" -ForegroundColor Red
Write-Host "Please install MySQL client tools" -ForegroundColor Red
exit 1
}
Write-Host "=== Disaster Recovery Drill ===" -ForegroundColor Cyan
Write-Host "Time: $(Get-Date -Format 'yyyy-MM-ddTHH:mm:ssZ')"
Write-Host "Test DB: $TestDb"
Write-Host "Source DB: $($db.DbName)@$($db.Host):$($db.Port)"
Write-Host "Report: $ReportFile"
Write-Host ""
Init-Report
$drillStart = Get-Date
$overallStatus = "SUCCESS"
# 步骤 1: 查找备份文件
Write-Host "[1/6] Locating backup file..."
if ([string]::IsNullOrEmpty($BackupFile)) {
$backupPattern = Join-Path $BackupDir "db_backup_*.sql.gz"
$latestBackup = Get-ChildItem -Path $backupPattern -ErrorAction SilentlyContinue |
Sort-Object LastWriteTime -Descending |
Select-Object -First 1
if ($latestBackup) {
$BackupFile = $latestBackup.FullName
}
else {
Write-Host " FAIL: No backup file found in $BackupDir" -ForegroundColor Red
Step-Result "1 - 定位备份文件" "FAILED" "未找到备份文件于 $BackupDir"
Append-Report "## 演练结果: ❌ FAILED`n`n演练失败,未找到备份文件"
exit 1
}
}
if (-not (Test-Path $BackupFile)) {
Write-Host " FAIL: Backup file not found: $BackupFile" -ForegroundColor Red
Step-Result "1 - 定位备份文件" "FAILED" "备份文件不存在: $BackupFile"
exit 1
}
$backupSize = (Get-Item $BackupFile).Length
Write-Host " PASS: Found backup: $BackupFile ($backupSize bytes)" -ForegroundColor Green
Step-Result "1 - 定位备份文件" "PASSED" "备份文件: ``$BackupFile`` ($backupSize bytes)"
# 步骤 2: 创建测试数据库
Write-Host "[2/6] Creating test database..."
try {
Invoke-MySql -Query "DROP DATABASE IF EXISTS ``$TestDb``;" -Silent
Invoke-MySql -Query "CREATE DATABASE ``$TestDb`` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" -Silent
Write-Host " PASS: Test database created: $TestDb" -ForegroundColor Green
Step-Result "2 - 创建测试数据库" "PASSED" "测试数据库 ``$TestDb`` 创建成功"
}
catch {
Write-Host " FAIL: Could not create test database" -ForegroundColor Red
Step-Result "2 - 创建测试数据库" "FAILED" "创建测试数据库 ``$TestDb`` 失败"
$overallStatus = "FAILED"
Append-Report "## 演练结果: ❌ FAILED"
exit 1
}
# 步骤 3: 从备份恢复到测试数据库
Write-Host "[3/6] Restoring backup to test database..."
$restoreStart = Get-Date
try {
# 使用 7z 或 gunzip 解压,然后管道到 mysql
# Windows 上可能需要使用 7z 或 .NET GZipStream
$tempSqlFile = [System.IO.Path]::GetTempFileName()
# 尝试使用 gunzip(如果可用)
if (Get-Command gunzip -ErrorAction SilentlyContinue) {
$process = Start-Process -FilePath "gunzip" -ArgumentList "-c", "`"$BackupFile`"" -NoNewWindow -RedirectStandardOutput $tempSqlFile -Wait -PassThru
}
# 尝试使用 7z
elseif (Get-Command 7z -ErrorAction SilentlyContinue) {
& 7z e -so "$BackupFile" | Out-File -FilePath $tempSqlFile -Encoding ASCII
}
# 使用 .NET GZipStream
else {
$inStream = [System.IO.File]::OpenRead($BackupFile)
$gzStream = New-Object System.IO.Compression.GZipStream($inStream, [System.IO.Compression.CompressionMode]::Decompress)
$reader = New-Object System.IO.StreamReader($gzStream, [System.Text.Encoding]::UTF8)
$content = $reader.ReadToEnd()
$reader.Close()
$gzStream.Close()
$inStream.Close()
Set-Content -Path $tempSqlFile -Value $content -Encoding UTF8 -NoNewline
}
# 执行恢复
$mysqlArgs = @("-h", $db.Host, "-P", $db.Port, "-u", $db.User, "-p$($db.Pass)", $TestDb)
Get-Content $tempSqlFile -Raw | & mysql @mysqlArgs 2>$null
Remove-Item $tempSqlFile -Force -ErrorAction SilentlyContinue
$restoreEnd = Get-Date
$restoreDuration = ($restoreEnd - $restoreStart).TotalSeconds
Write-Host " PASS: Restore completed in $([int]$restoreDuration)s" -ForegroundColor Green
Step-Result "3 - 从备份恢复" "PASSED" "恢复完成,耗时 $([int]$restoreDuration)"
}
catch {
Write-Host " FAIL: Restore failed: $_" -ForegroundColor Red
Step-Result "3 - 从备份恢复" "FAILED" "从备份恢复失败: $_"
$overallStatus = "FAILED"
if (-not $NoCleanup) {
try { Invoke-MySql -Query "DROP DATABASE IF EXISTS ``$TestDb``;" -Silent } catch {}
}
Append-Report "## 演练结果: ❌ FAILED"
exit 1
}
# 步骤 4: 数据完整性检查
Write-Host "[4/6] Running data integrity checks..."
$testTables = Invoke-MySql -Query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$TestDb';" -Silent -Scalar
$sourceTables = Invoke-MySql -Query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$($db.DbName)';" -Silent -Scalar
Write-Host " Test DB tables: $testTables"
Write-Host " Source DB tables: $sourceTables"
$testRecords = Invoke-MySql -Query "SELECT SUM(table_rows) FROM information_schema.tables WHERE table_schema='$TestDb';" -Silent -Scalar
$sourceRecords = Invoke-MySql -Query "SELECT SUM(table_rows) FROM information_schema.tables WHERE table_schema='$($db.DbName)';" -Silent -Scalar
Write-Host " Test DB records: $testRecords"
Write-Host " Source DB records: $sourceRecords"
$integrityDetail = @"
| | | |
|------|--------|------|
| | $testTables | $sourceTables |
| () | $testRecords | $sourceRecords |
"@
if ([int]$testTables -ge [int]$sourceTables) {
Write-Host " PASS: Table count matches" -ForegroundColor Green
Step-Result "4 - 数据完整性检查" "PASSED" $integrityDetail
}
else {
Write-Host " WARN: Test DB has fewer tables than source" -ForegroundColor Yellow
Step-Result "4 - 数据完整性检查" "WARN" "$integrityDetail`n`n⚠️ 测试库表数量少于源库"
}
# 步骤 5: 冒烟测试
Write-Host "[5/6] Running smoke tests..."
$smokePassed = 0
$smokeFailed = 0
$smokeDetail = ""
# 测试 1: 检查 users 表
try {
$userCount = Invoke-MySql -Query "SELECT COUNT(*) FROM users;" -Database $TestDb -Silent -Scalar
$smokePassed++
$smokeDetail += "- ✅ users 表查询成功: $userCount 条记录`n"
Write-Host " PASS: users table query: $userCount records" -ForegroundColor Green
}
catch {
$smokeDetail += "- ⚠️ users 表不存在或查询失败`n"
Write-Host " WARN: users table not found or query failed" -ForegroundColor Yellow
}
# 测试 2: 检查 schools 表
try {
$schoolCount = Invoke-MySql -Query "SELECT COUNT(*) FROM schools;" -Database $TestDb -Silent -Scalar
$smokePassed++
$smokeDetail += "- ✅ schools 表查询成功: $schoolCount 条记录`n"
Write-Host " PASS: schools table query: $schoolCount records" -ForegroundColor Green
}
catch {
$smokeDetail += "- ⚠️ schools 表不存在或查询失败`n"
Write-Host " WARN: schools table not found or query failed" -ForegroundColor Yellow
}
# 测试 3: 基础表查询
try {
$baseTableCount = Invoke-MySql -Query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$TestDb' AND table_type='BASE TABLE';" -Silent -Scalar
if ([int]$baseTableCount -gt 0) {
$smokePassed++
$smokeDetail += "- ✅ 基础表查询成功: $baseTableCount 个基础表`n"
Write-Host " PASS: Base table query: $baseTableCount tables" -ForegroundColor Green
}
else {
$smokeFailed++
$smokeDetail += "- ❌ 基础表查询失败`n"
Write-Host " FAIL: Base table query failed" -ForegroundColor Red
}
}
catch {
$smokeFailed++
$smokeDetail += "- ❌ 基础表查询失败`n"
Write-Host " FAIL: Base table query failed" -ForegroundColor Red
}
Step-Result "5 - 冒烟测试" "PASSED" "通过: $smokePassed, 失败: $smokeFailed`n`n$smokeDetail"
# 步骤 6: 清理测试数据库
Write-Host "[6/6] Cleaning up test database..."
if ($NoCleanup) {
Write-Host " SKIP: Cleanup skipped (--NoCleanup)" -ForegroundColor Yellow
Step-Result "6 - 清理测试数据库" "SKIPPED" "演练后保留测试数据库 ``$TestDb``"
}
else {
try {
Invoke-MySql -Query "DROP DATABASE IF EXISTS ``$TestDb``;" -Silent
Write-Host " PASS: Test database dropped: $TestDb" -ForegroundColor Green
Step-Result "6 - 清理测试数据库" "PASSED" "测试数据库 ``$TestDb`` 已删除"
}
catch {
Write-Host " WARN: Could not drop test database (manual cleanup required)" -ForegroundColor Yellow
Step-Result "6 - 清理测试数据库" "WARN" "⚠️ 无法删除测试数据库 ``$TestDb``,需手动清理"
}
}
# 生成总结
$drillEnd = Get-Date
$drillDuration = ($drillEnd - $drillStart).TotalSeconds
Append-Report "## 演练结果"
Append-Report ""
if ($overallStatus -eq "SUCCESS") {
Append-Report "**状态**: ✅ 成功"
}
else {
Append-Report "**状态**: ❌ 失败"
}
Append-Report "**总耗时**: $([int]$drillDuration)"
Append-Report "**备份文件**: ``$BackupFile``"
Append-Report "**测试数据库**: ``$TestDb``"
Append-Report ""
Append-Report "## RTO/RPO 评估"
Append-Report ""
Append-Report "- **RTO 目标**: 4 小时"
Append-Report "- **本次恢复耗时**: $([int]$restoreDuration) 秒 ($([int]($restoreDuration / 60)) 分钟)"
if ($restoreDuration -lt 14400) {
Append-Report "- **RTO 评估**: ✅ 达标"
}
else {
Append-Report "- **RTO 评估**: ⚠️ 需关注"
}
Append-Report "- **RPO 目标**: 24 小时(取决于备份频率)"
Append-Report ""
Write-Host ""
Write-Host "=== Drill Summary ===" -ForegroundColor Cyan
Write-Host "Status: $overallStatus"
Write-Host "Duration: $([int]$drillDuration)s"
Write-Host "Report: $ReportFile"
Write-Host ""
if ($overallStatus -eq "SUCCESS") {
exit 0
}
else {
exit 1
}

369
scripts/dr-drill.sh Normal file
View File

@@ -0,0 +1,369 @@
#!/bin/bash
# 灾备演练脚本
# 用法: ./dr-drill.sh
# 自动化灾备演练:从备份恢复到测试数据库,验证数据完整性
set -u
show_help() {
cat <<EOF
用法: $0 [选项]
灾备演练脚本,自动化测试备份恢复流程
选项:
--backup FILE 指定备份文件(不指定则使用最新备份)
--test-db NAME 测试数据库名(默认 next_edu_dr_drill)
--no-cleanup 演练后不清理测试数据库
--report-dir DIR 报告输出目录(默认 docs/dr/reports)
--help, -h 显示帮助信息
环境变量:
DATABASE_URL 数据库连接 URL(必需)
BACKUP_DIR 备份目录(默认 ./backups)
DR_DRILL_TEST_DB 测试数据库名(默认 next_edu_dr_drill)
DR_DRILL_REPORT_DIR 报告目录(默认 docs/dr/reports)
退出码:
0 演练成功
1 演练失败
EOF
}
# 解析参数
BACKUP_FILE=""
NO_CLEANUP=0
REPORT_DIR=""
while [ $# -gt 0 ]; do
case "$1" in
--help|-h)
show_help
exit 0
;;
--backup)
if [ $# -lt 2 ]; then
echo "ERROR: --backup requires an argument" >&2
exit 1
fi
BACKUP_FILE="$2"
shift 2
;;
--test-db)
if [ $# -lt 2 ]; then
echo "ERROR: --test-db requires an argument" >&2
exit 1
fi
DR_DRILL_TEST_DB="$2"
shift 2
;;
--no-cleanup)
NO_CLEANUP=1
shift
;;
--report-dir)
if [ $# -lt 2 ]; then
echo "ERROR: --report-dir requires an argument" >&2
exit 1
fi
REPORT_DIR="$2"
shift 2
;;
*)
echo "ERROR: Unknown argument: $1" >&2
exit 1
;;
esac
done
# 配置
DATABASE_URL="${DATABASE_URL:-}"
BACKUP_DIR="${BACKUP_DIR:-./backups}"
TEST_DB="${DR_DRILL_TEST_DB:-next_edu_dr_drill}"
REPORT_DIR="${REPORT_DIR:-${DR_DRILL_REPORT_DIR:-docs/dr/reports}}"
TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
REPORT_FILE="$REPORT_DIR/dr_drill_${TIMESTAMP}.md"
# 检查 DATABASE_URL
if [ -z "$DATABASE_URL" ]; then
echo "ERROR: DATABASE_URL not set" >&2
exit 1
fi
# 解析 DATABASE_URL
DB_USER=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p')
DB_PASS=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p')
DB_HOST=$(echo "$DATABASE_URL" | sed -n 's/.*@\([^:]*\):.*/\1/p')
DB_PORT=$(echo "$DATABASE_URL" | sed -n 's/.*:\([0-9]*\)\/.*/\1/p')
DB_NAME=$(echo "$DATABASE_URL" | sed -n 's/.*\/\([^?]*\).*/\1/p')
# 创建报告目录
mkdir -p "$REPORT_DIR"
# 初始化报告
init_report() {
cat > "$REPORT_FILE" <<EOF
# 灾备演练报告
- **演练时间**: $(date -u +"%Y-%m-%dT%H:%M:%SZ")
- **测试数据库**: $TEST_DB
- **源数据库**: $DB_NAME
- **数据库主机**: $DB_HOST:$DB_PORT
- **备份文件**: $BACKUP_FILE
## 演练步骤
EOF
}
# 追加报告
append_report() {
echo "$1" >> "$REPORT_FILE"
}
# 记录步骤结果
step_result() {
local step="$1"
local status="$2"
local detail="$3"
append_report "### 步骤 $step: $status"
append_report ""
append_report "$detail"
append_report ""
if [ "$status" = "FAILED" ]; then
append_report "❌ 步骤失败"
else
append_report "✅ 步骤成功"
fi
append_report ""
echo "---"
}
echo "=== Disaster Recovery Drill ==="
echo "Time: $(date -u +"%Y-%m-%dT%H:%M:%SZ")"
echo "Test DB: $TEST_DB"
echo "Source DB: $DB_NAME@$DB_HOST:$DB_PORT"
echo "Report: $REPORT_FILE"
echo ""
init_report
DRILL_START=$(date +%s)
OVERALL_STATUS="SUCCESS"
# 步骤 1: 查找备份文件
echo "[1/6] Locating backup file..."
if [ -z "$BACKUP_FILE" ]; then
BACKUP_FILE=$(ls -t "$BACKUP_DIR"/db_backup_*.sql.gz 2>/dev/null | head -1)
if [ -z "$BACKUP_FILE" ]; then
echo " FAIL: No backup file found in $BACKUP_DIR"
step_result "1 - 定位备份文件" "FAILED" "未找到备份文件于 $BACKUP_DIR"
OVERALL_STATUS="FAILED"
append_report "## 演练结果: ❌ FAILED"
append_report ""
append_report "演练失败,未找到备份文件"
exit 1
fi
fi
if [ ! -f "$BACKUP_FILE" ]; then
echo " FAIL: Backup file not found: $BACKUP_FILE"
step_result "1 - 定位备份文件" "FAILED" "备份文件不存在: $BACKUP_FILE"
OVERALL_STATUS="FAILED"
append_report "## 演练结果: ❌ FAILED"
exit 1
fi
BACKUP_SIZE=$(stat -c%s "$BACKUP_FILE" 2>/dev/null || stat -f%z "$BACKUP_FILE" 2>/dev/null)
echo " PASS: Found backup: $BACKUP_FILE (${BACKUP_SIZE} bytes)"
step_result "1 - 定位备份文件" "PASSED" "备份文件: \`$BACKUP_FILE\` (${BACKUP_SIZE} bytes)"
# 步骤 2: 创建测试数据库
echo "[2/6] Creating test database..."
# 先删除已存在的测试数据库
mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "DROP DATABASE IF EXISTS \`$TEST_DB\`;" 2>/dev/null
if mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "CREATE DATABASE \`$TEST_DB\` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" 2>/dev/null; then
echo " PASS: Test database created: $TEST_DB"
step_result "2 - 创建测试数据库" "PASSED" "测试数据库 \`$TEST_DB\` 创建成功"
else
echo " FAIL: Could not create test database"
step_result "2 - 创建测试数据库" "FAILED" "创建测试数据库 \`$TEST_DB\` 失败"
OVERALL_STATUS="FAILED"
append_report "## 演练结果: ❌ FAILED"
exit 1
fi
# 步骤 3: 从备份恢复到测试数据库
echo "[3/6] Restoring backup to test database..."
RESTORE_START=$(date +%s)
if gunzip -c "$BACKUP_FILE" | mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$TEST_DB" 2>/dev/null; then
RESTORE_END=$(date +%s)
RESTORE_DURATION=$((RESTORE_END - RESTORE_START))
echo " PASS: Restore completed in ${RESTORE_DURATION}s"
step_result "3 - 从备份恢复" "PASSED" "恢复完成,耗时 ${RESTORE_DURATION}"
else
echo " FAIL: Restore failed"
step_result "3 - 从备份恢复" "FAILED" "从备份恢复失败"
OVERALL_STATUS="FAILED"
# 尝试清理
if [ "$NO_CLEANUP" -eq 0 ]; then
mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "DROP DATABASE IF EXISTS \`$TEST_DB\`;" 2>/dev/null || true
fi
append_report "## 演练结果: ❌ FAILED"
exit 1
fi
# 步骤 4: 数据完整性检查
echo "[4/6] Running data integrity checks..."
# 获取测试数据库表数量
TEST_TABLES=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$TEST_DB';" \
-s -N 2>/dev/null || echo 0)
# 获取源数据库表数量
SOURCE_TABLES=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$DB_NAME';" \
-s -N 2>/dev/null || echo 0)
echo " Test DB tables: $TEST_TABLES"
echo " Source DB tables: $SOURCE_TABLES"
# 获取测试数据库总记录数
TEST_RECORDS=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "SELECT SUM(table_rows) FROM information_schema.tables WHERE table_schema='$TEST_DB';" \
-s -N 2>/dev/null || echo 0)
# 获取源数据库总记录数
SOURCE_RECORDS=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "SELECT SUM(table_rows) FROM information_schema.tables WHERE table_schema='$DB_NAME';" \
-s -N 2>/dev/null || echo 0)
echo " Test DB records: $TEST_RECORDS"
echo " Source DB records: $SOURCE_RECORDS"
INTEGRITY_DETAIL="| 指标 | 测试库 | 源库 |
|------|--------|------|
| 表数量 | $TEST_TABLES | $SOURCE_TABLES |
| 记录数(近似) | $TEST_RECORDS | $SOURCE_RECORDS |"
if [ "$TEST_TABLES" -ge "$SOURCE_TABLES" ]; then
echo " PASS: Table count matches"
step_result "4 - 数据完整性检查" "PASSED" "$INTEGRITY_DETAIL"
else
echo " WARN: Test DB has fewer tables than source"
step_result "4 - 数据完整性检查" "WARN" "$INTEGRITY_DETAIL
⚠️ 测试库表数量少于源库"
fi
# 步骤 5: 冒烟测试
echo "[5/6] Running smoke tests..."
SMOKE_PASSED=0
SMOKE_FAILED=0
SMOKE_DETAIL=""
# 测试 1: 检查 users 表(如果存在)
USER_COUNT=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$TEST_DB" \
-e "SELECT COUNT(*) FROM users;" -s -N 2>/dev/null || echo "N/A")
if [ "$USER_COUNT" != "N/A" ]; then
SMOKE_PASSED=$((SMOKE_PASSED + 1))
SMOKE_DETAIL="${SMOKE_DETAIL}- ✅ users 表查询成功: ${USER_COUNT} 条记录
"
echo " PASS: users table query: $USER_COUNT records"
else
SMOKE_DETAIL="${SMOKE_DETAIL}- ⚠️ users 表不存在或查询失败
"
echo " WARN: users table not found or query failed"
fi
# 测试 2: 检查 schools 表(如果存在)
SCHOOL_COUNT=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$TEST_DB" \
-e "SELECT COUNT(*) FROM schools;" -s -N 2>/dev/null || echo "N/A")
if [ "$SCHOOL_COUNT" != "N/A" ]; then
SMOKE_PASSED=$((SMOKE_PASSED + 1))
SMOKE_DETAIL="${SMOKE_DETAIL}- ✅ schools 表查询成功: ${SCHOOL_COUNT} 条记录
"
echo " PASS: schools table query: $SCHOOL_COUNT records"
else
SMOKE_DETAIL="${SMOKE_DETAIL}- ⚠️ schools 表不存在或查询失败
"
echo " WARN: schools table not found or query failed"
fi
# 测试 3: 执行简单 JOIN 查询(检查关系完整性)
JOIN_TEST=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$TEST_DB" \
-e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$TEST_DB' AND table_type='BASE TABLE';" \
-s -N 2>/dev/null || echo "0")
if [ "$JOIN_TEST" -gt 0 ]; then
SMOKE_PASSED=$((SMOKE_PASSED + 1))
SMOKE_DETAIL="${SMOKE_DETAIL}- ✅ 基础表查询成功: ${JOIN_TEST} 个基础表
"
echo " PASS: Base table query: $JOIN_TEST tables"
else
SMOKE_DETAIL="${SMOKE_DETAIL}- ❌ 基础表查询失败
"
SMOKE_FAILED=$((SMOKE_FAILED + 1))
echo " FAIL: Base table query failed"
fi
step_result "5 - 冒烟测试" "PASSED" "通过: $SMOKE_PASSED, 失败: $SMOKE_FAILED
$SMOKE_DETAIL"
# 步骤 6: 清理测试数据库
echo "[6/6] Cleaning up test database..."
if [ "$NO_CLEANUP" -eq 1 ]; then
echo " SKIP: Cleanup skipped (--no-cleanup)"
step_result "6 - 清理测试数据库" "SKIPPED" "演练后保留测试数据库 \`$TEST_DB\`"
else
if mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "DROP DATABASE IF EXISTS \`$TEST_DB\`;" 2>/dev/null; then
echo " PASS: Test database dropped: $TEST_DB"
step_result "6 - 清理测试数据库" "PASSED" "测试数据库 \`$TEST_DB\` 已删除"
else
echo " WARN: Could not drop test database (manual cleanup required)"
step_result "6 - 清理测试数据库" "WARN" "⚠️ 无法删除测试数据库 \`$TEST_DB\`,需手动清理"
fi
fi
# 生成总结
DRILL_END=$(date +%s)
DRILL_DURATION=$((DRILL_END - DRILL_START))
append_report "## 演练结果"
append_report ""
if [ "$OVERALL_STATUS" = "SUCCESS" ]; then
append_report "**状态**: ✅ 成功"
else
append_report "**状态**: ❌ 失败"
fi
append_report "**总耗时**: ${DRILL_DURATION}"
append_report "**备份文件**: \`$BACKUP_FILE\`"
append_report "**测试数据库**: \`$TEST_DB\`"
append_report ""
append_report "## RTO/RPO 评估"
append_report ""
append_report "- **RTO 目标**: 4 小时"
append_report "- **本次恢复耗时**: ${RESTORE_DURATION} 秒 ($(( RESTORE_DURATION / 60 )) 分钟)"
if [ -n "${RESTORE_DURATION:-}" ] && [ "$RESTORE_DURATION" -lt 14400 ]; then
append_report "- **RTO 评估**: ✅ 达标"
else
append_report "- **RTO 评估**: ⚠️ 需关注"
fi
append_report "- **RPO 目标**: 24 小时(取决于备份频率)"
append_report ""
echo ""
echo "=== Drill Summary ==="
echo "Status: $OVERALL_STATUS"
echo "Duration: ${DRILL_DURATION}s"
echo "Report: $REPORT_FILE"
echo ""
if [ "$OVERALL_STATUS" = "SUCCESS" ]; then
exit 0
else
exit 1
fi

419
scripts/failover.sh Normal file
View File

@@ -0,0 +1,419 @@
#!/bin/bash
# 故障切换脚本
# 用法: ./failover.sh [--auto] [--primary URL] [--standby URL]
# 用于主数据库故障时切换到备库
set -u
show_help() {
cat <<EOF
用法: $0 [选项]
数据库故障切换脚本,将应用从主库切换到备库
选项:
--auto 半自动模式(检测失败后自动切换,需先确认)
--primary URL 主库连接 URL(默认从 DATABASE_URL 读取)
--standby URL 备库连接 URL(必需,从 DATABASE_URL_STANDBY 读取)
--app-url URL 应用健康检查 URL(默认 http://localhost:8015)
--no-restart 不重启应用(仅更新配置)
--dry-run 演练模式,只输出步骤不实际执行
--help, -h 显示帮助信息
环境变量:
DATABASE_URL 主库连接 URL
DATABASE_URL_STANDBY 备库连接 URL(必需)
FAILOVER_APP_URL 应用健康检查 URL(默认 http://localhost:8015)
FAILOVER_APP_NAME 应用容器名(默认 nextjs-app)
FAILOVER_CONFIG_FILE 配置文件路径(默认 .env.local)
FAILOVER_LOG_FILE 切换日志路径(默认 docs/dr/logs/failover.log)
退出码:
0 切换成功
1 切换失败
EOF
}
# 解析参数
AUTO_MODE=0
PRIMARY_URL=""
STANDBY_URL=""
APP_URL=""
NO_RESTART=0
DRY_RUN=0
while [ $# -gt 0 ]; do
case "$1" in
--help|-h)
show_help
exit 0
;;
--auto)
AUTO_MODE=1
shift
;;
--primary)
if [ $# -lt 2 ]; then
echo "ERROR: --primary requires an argument" >&2
exit 1
fi
PRIMARY_URL="$2"
shift 2
;;
--standby)
if [ $# -lt 2 ]; then
echo "ERROR: --standby requires an argument" >&2
exit 1
fi
STANDBY_URL="$2"
shift 2
;;
--app-url)
if [ $# -lt 2 ]; then
echo "ERROR: --app-url requires an argument" >&2
exit 1
fi
APP_URL="$2"
shift 2
;;
--no-restart)
NO_RESTART=1
shift
;;
--dry-run)
DRY_RUN=1
shift
;;
*)
echo "ERROR: Unknown argument: $1" >&2
exit 1
;;
esac
done
# 配置
PRIMARY_URL="${PRIMARY_URL:-${DATABASE_URL:-}}"
STANDBY_URL="${STANDBY_URL:-${DATABASE_URL_STANDBY:-}}"
APP_URL="${APP_URL:-${FAILOVER_APP_URL:-http://localhost:8015}}"
APP_NAME="${FAILOVER_APP_NAME:-nextjs-app}"
CONFIG_FILE="${FAILOVER_CONFIG_FILE:-.env.local}"
LOG_DIR="docs/dr/logs"
LOG_FILE="${FAILOVER_LOG_FILE:-$LOG_DIR/failover.log}"
# 检查必需参数
if [ -z "$STANDBY_URL" ]; then
echo "ERROR: Standby database URL not provided" >&2
echo "Set DATABASE_URL_STANDBY or use --standby" >&2
exit 1
fi
if [ -z "$PRIMARY_URL" ]; then
echo "ERROR: Primary database URL not provided" >&2
echo "Set DATABASE_URL or use --primary" >&2
exit 1
fi
# 创建日志目录
mkdir -p "$LOG_DIR"
# 日志函数
log() {
local timestamp
timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
echo "[$timestamp] $1" | tee -a "$LOG_FILE"
}
log_error() {
log "ERROR: $1" >&2
}
# 解析 DATABASE_URL
parse_db_url() {
local url="$1"
local user pass host port dbname
user=$(echo "$url" | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p')
pass=$(echo "$url" | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p')
host=$(echo "$url" | sed -n 's/.*@\([^:]*\):.*/\1/p')
port=$(echo "$url" | sed -n 's/.*:\([0-9]*\)\/.*/\1/p')
dbname=$(echo "$url" | sed -n 's/.*\/\([^?]*\).*/\1/p')
echo "$user|$pass|$host|$port|$dbname"
}
# 检查数据库健康
check_db_health() {
local url="$1"
local parsed
parsed=$(parse_db_url "$url")
local user pass host port dbname
IFS='|' read -r user pass host port dbname <<EOF
$parsed
EOF
log "Checking database health: ${host}:${port}/${dbname}"
if [ "$DRY_RUN" -eq 1 ]; then
log " [DRY-RUN] Would check: mysql -h $host -P $port -u $user -e 'SELECT 1'"
return 0
fi
if mysql -h "$host" -P "$port" -u "$user" -p"$pass" -e "SELECT 1;" 2>/dev/null; then
log " Database is healthy"
return 0
else
log " Database is NOT reachable"
return 1
fi
}
# 检查应用健康
check_app_health() {
local url="$1"
log "Checking application health: $url"
if [ "$DRY_RUN" -eq 1 ]; then
log " [DRY-RUN] Would check: curl -f $url"
return 0
fi
if command -v curl >/dev/null 2>&1; then
if curl -sf -o /dev/null -m 10 "$url" 2>/dev/null; then
log " Application is healthy"
return 0
else
log " Application is NOT healthy"
return 1
fi
else
log " WARN: curl not available, skipping app health check"
return 0
fi
}
# 提升备库为主库(如果是主从架构)
promote_standby() {
log "Promoting standby to primary..."
local parsed
parsed=$(parse_db_url "$STANDBY_URL")
local user pass host port dbname
IFS='|' read -r user pass host port dbname <<EOF
$parsed
EOF
if [ "$DRY_RUN" -eq 1 ]; then
log " [DRY-RUN] Would promote standby: STOP SLAVE; RESET SLAVE ALL; SET GLOBAL read_only=OFF;"
return 0
fi
# 检查是否为从库
SLAVE_STATUS=$(mysql -h "$host" -P "$port" -u "$user" -p"$pass" \
-e "SHOW SLAVE STATUS\G" 2>/dev/null)
if [ -n "$SLAVE_STATUS" ]; then
log " Standby is a slave, promoting..."
# 停止复制
if mysql -h "$host" -P "$port" -u "$user" -p"$pass" \
-e "STOP SLAVE; RESET SLAVE ALL;" 2>/dev/null; then
log " Replication stopped and reset"
else
log_error "Failed to stop replication"
return 1
fi
# 关闭只读模式
if mysql -h "$host" -P "$port" -u "$user" -p"$pass" \
-e "SET GLOBAL read_only=OFF; SET GLOBAL super_read_only=OFF;" 2>/dev/null; then
log " Read-only mode disabled"
else
log_error "Failed to disable read-only mode"
return 1
fi
else
log " Standby is not a slave (standalone), skipping promotion"
fi
log " Standby promoted successfully"
return 0
}
# 更新应用配置
update_config() {
log "Updating application configuration..."
if [ "$DRY_RUN" -eq 1 ]; then
log " [DRY-RUN] Would update $CONFIG_FILE: DATABASE_URL=$STANDBY_URL"
return 0
fi
if [ -f "$CONFIG_FILE" ]; then
# 备份原配置
cp "$CONFIG_FILE" "${CONFIG_FILE}.bak.$(date +%s)"
log " Backed up original config to ${CONFIG_FILE}.bak.*"
# 更新 DATABASE_URL
if grep -q "^DATABASE_URL=" "$CONFIG_FILE"; then
sed -i.bak "s|^DATABASE_URL=.*|DATABASE_URL=$STANDBY_URL|" "$CONFIG_FILE"
rm -f "${CONFIG_FILE}.bak" 2>/dev/null || true
log " Updated DATABASE_URL in $CONFIG_FILE"
else
echo "DATABASE_URL=$STANDBY_URL" >> "$CONFIG_FILE"
log " Added DATABASE_URL to $CONFIG_FILE"
fi
else
log " WARN: Config file $CONFIG_FILE not found, creating new one"
echo "DATABASE_URL=$STANDBY_URL" > "$CONFIG_FILE"
fi
# 同时更新环境变量(供当前会话使用)
export DATABASE_URL="$STANDBY_URL"
log " Configuration updated"
return 0
}
# 重启应用
restart_app() {
if [ "$NO_RESTART" -eq 1 ]; then
log "Skipping application restart (--no-restart)"
return 0
fi
log "Restarting application..."
if [ "$DRY_RUN" -eq 1 ]; then
log " [DRY-RUN] Would restart: docker restart $APP_NAME"
return 0
fi
if command -v docker >/dev/null 2>&1; then
log " Restarting Docker container: $APP_NAME"
if docker restart "$APP_NAME" 2>/dev/null; then
log " Container restarted"
# 等待应用启动
log " Waiting for application to start..."
sleep 5
return 0
else
log_error "Failed to restart container $APP_NAME"
return 1
fi
else
log " WARN: Docker not available, please restart application manually"
log " Updated DATABASE_URL: $STANDBY_URL"
fi
return 0
}
# 主流程
log "========================================"
log "Database Failover Started"
log "========================================"
log "Mode: $([ "$AUTO_MODE" -eq 1 ] && echo "semi-auto" || echo "manual")"
log "Dry-run: $([ "$DRY_RUN" -eq 1 ] && echo "yes" || echo "no")"
log "Primary: $PRIMARY_URL"
log "Standby: $STANDBY_URL"
log ""
# 步骤 1: 检测主库健康状态
log "[1/5] Checking primary database health..."
PRIMARY_HEALTHY=0
if check_db_health "$PRIMARY_URL"; then
PRIMARY_HEALTHY=1
log " Primary is healthy"
if [ "$AUTO_MODE" -eq 0 ]; then
log " Primary is healthy. Failover not needed."
log " Use --auto to force failover even if primary is healthy"
log "========================================"
log "Failover Cancelled (Primary Healthy)"
log "========================================"
exit 0
fi
else
log " Primary is NOT healthy, proceeding with failover"
fi
# 半自动模式确认
if [ "$AUTO_MODE" -eq 1 ] && [ "$DRY_RUN" -eq 0 ]; then
echo ""
echo "WARNING: About to failover from primary to standby."
echo " Primary: $PRIMARY_URL"
echo " Standby: $STANDBY_URL"
echo ""
read -p "Type 'FAILover' to confirm: " CONFIRM
if [ "$CONFIRM" != "FAILover" ]; then
log "Failover cancelled by user"
exit 1
fi
fi
# 步骤 2: 检查备库健康
log ""
log "[2/5] Checking standby database health..."
if ! check_db_health "$STANDBY_URL"; then
log_error "Standby is also not healthy, cannot failover"
log "========================================"
log "Failover FAILED (Standby Unhealthy)"
log "========================================"
exit 1
fi
# 步骤 3: 提升备库为主库
log ""
log "[3/5] Promoting standby to primary..."
if ! promote_standby; then
log_error "Failed to promote standby"
exit 1
fi
# 步骤 4: 更新应用配置并重启
log ""
log "[4/5] Updating application configuration and restarting..."
update_config
if ! restart_app; then
log_error "Failed to restart application"
log " Manual intervention required"
exit 1
fi
# 步骤 5: 验证切换成功
log ""
log "[5/5] Verifying failover..."
sleep 3
# 检查应用健康
APP_HEALTHY=0
for i in 1 2 3 4 5; do
if check_app_health "$APP_URL"; then
APP_HEALTHY=1
break
fi
log " Retry $i/5 in 5 seconds..."
sleep 5
done
if [ "$APP_HEALTHY" -eq 0 ]; then
log_error "Application is not healthy after failover"
log " Check application logs and configuration"
log "========================================"
log "Failover FAILED (App Unhealthy)"
log "========================================"
exit 1
fi
# 检查数据库连接(通过应用)
log " Verifying database connection via application..."
if [ "$DRY_RUN" -eq 0 ]; then
if curl -sf -m 10 "$APP_URL" >/dev/null 2>&1; then
log " Application responding successfully"
else
log_error "Application not responding"
exit 1
fi
fi
log ""
log "========================================"
log "Failover Completed Successfully"
log "========================================"
log "Primary (old): $PRIMARY_URL"
log "Standby (new): $STANDBY_URL"
log "Application: $APP_URL"
log "Log file: $LOG_FILE"
log ""
log "Post-failover checklist:"
log " 1. Verify application functionality"
log " 2. Update monitoring alerts"
log " 3. Notify stakeholders"
log " 4. Plan primary database recovery"
log " 5. Schedule post-mortem review"
log ""
exit 0

253
scripts/health-check.sh Normal file
View File

@@ -0,0 +1,253 @@
#!/bin/bash
# 健康检查脚本
# 用法: ./health-check.sh
# 检查应用、数据库、磁盘空间、备份新鲜度,输出 JSON 报告
set -u
show_help() {
cat <<EOF
用法: $0 [选项]
系统健康检查脚本,输出 JSON 格式报告
选项:
--app-url URL 应用健康检查 URL(默认 http://localhost:8015)
--no-app 跳过应用健康检查
--no-db 跳过数据库检查
--no-disk 跳过磁盘空间检查
--no-backup 跳过备份新鲜度检查
--disk-threshold PCT 磁盘空间阈值百分比(默认 90)
--backup-max-age HRS 备份最大年龄(小时,默认 24)
--help, -h 显示帮助信息
环境变量:
DATABASE_URL 数据库连接 URL
HEALTH_CHECK_URL 应用健康检查 URL(默认 http://localhost:8015)
BACKUP_DIR 备份目录(默认 ./backups)
HEALTH_CHECK_DISK_THRESHOLD 磁盘阈值(默认 90)
HEALTH_CHECK_BACKUP_MAX_AGE 备份最大年龄(小时,默认 24)
退出码:
0 健康
1 异常
EOF
}
# 解析参数
CHECK_APP=1
CHECK_DB=1
CHECK_DISK=1
CHECK_BACKUP=1
APP_URL=""
DISK_THRESHOLD=""
BACKUP_MAX_AGE=""
while [ $# -gt 0 ]; do
case "$1" in
--help|-h)
show_help
exit 0
;;
--app-url)
if [ $# -lt 2 ]; then
echo "ERROR: --app-url requires an argument" >&2
exit 1
fi
APP_URL="$2"
shift 2
;;
--no-app) CHECK_APP=0; shift ;;
--no-db) CHECK_DB=0; shift ;;
--no-disk) CHECK_DISK=0; shift ;;
--no-backup) CHECK_BACKUP=0; shift ;;
--disk-threshold)
if [ $# -lt 2 ]; then
echo "ERROR: --disk-threshold requires an argument" >&2
exit 1
fi
DISK_THRESHOLD="$2"
shift 2
;;
--backup-max-age)
if [ $# -lt 2 ]; then
echo "ERROR: --backup-max-age requires an argument" >&2
exit 1
fi
BACKUP_MAX_AGE="$2"
shift 2
;;
*)
echo "ERROR: Unknown argument: $1" >&2
exit 1
;;
esac
done
# 配置
APP_URL="${APP_URL:-${HEALTH_CHECK_URL:-http://localhost:8015}}"
BACKUP_DIR="${BACKUP_DIR:-./backups}"
DISK_THRESHOLD="${DISK_THRESHOLD:-${HEALTH_CHECK_DISK_THRESHOLD:-90}}"
BACKUP_MAX_AGE="${BACKUP_MAX_AGE:-${HEALTH_CHECK_BACKUP_MAX_AGE:-24}}"
DATABASE_URL="${DATABASE_URL:-}"
# JSON 输出辅助函数
json_escape() {
echo "$1" | sed -e 's/\\/\\\\/g' -e 's/"/\\"/g' -e 's/\t/\\t/g'
}
# 检查结果数组
RESULTS=""
OVERALL_STATUS="healthy"
CHECKS_PASSED=0
CHECKS_FAILED=0
CHECKS_WARNED=0
add_result() {
local name="$1"
local status="$2"
local message="$3"
local detail="${4:-}"
local escaped_message escaped_detail
escaped_message=$(json_escape "$message")
escaped_detail=$(json_escape "$detail")
local result_entry
result_entry=" {\"name\": \"$name\", \"status\": \"$status\", \"message\": \"$escaped_message\""
if [ -n "$detail" ]; then
result_entry="$result_entry, \"detail\": \"$escaped_detail\""
fi
result_entry="$result_entry }"
if [ -z "$RESULTS" ]; then
RESULTS="$result_entry"
else
RESULTS="$RESULTS,
$result_entry"
fi
case "$status" in
pass) CHECKS_PASSED=$((CHECKS_PASSED + 1)) ;;
fail) CHECKS_FAILED=$((CHECKS_FAILED + 1)); OVERALL_STATUS="unhealthy" ;;
warn) CHECKS_WARNED=$((CHECKS_WARNED + 1)); [ "$OVERALL_STATUS" = "healthy" ] && OVERALL_STATUS="degraded" ;;
esac
}
# 1. 应用健康检查
if [ "$CHECK_APP" -eq 1 ]; then
if command -v curl >/dev/null 2>&1; then
HTTP_CODE=$(curl -sf -o /dev/null -w "%{http_code}" -m 10 "$APP_URL" 2>/dev/null || echo "000")
if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "302" ]; then
add_result "app" "pass" "Application is healthy" "HTTP $HTTP_CODE from $APP_URL"
elif [ "$HTTP_CODE" = "000" ]; then
add_result "app" "fail" "Application is not reachable" "Cannot connect to $APP_URL"
else
add_result "app" "fail" "Application returned error" "HTTP $HTTP_CODE from $APP_URL"
fi
else
add_result "app" "warn" "curl not available, skipping app check" ""
fi
fi
# 2. 数据库连接检查
if [ "$CHECK_DB" -eq 1 ]; then
if [ -z "$DATABASE_URL" ]; then
add_result "database" "warn" "DATABASE_URL not set, skipping DB check" ""
else
# 解析 DATABASE_URL
DB_USER=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p')
DB_PASS=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p')
DB_HOST=$(echo "$DATABASE_URL" | sed -n 's/.*@\([^:]*\):.*/\1/p')
DB_PORT=$(echo "$DATABASE_URL" | sed -n 's/.*:\([0-9]*\)\/.*/\1/p')
DB_NAME=$(echo "$DATABASE_URL" | sed -n 's/.*\/\([^?]*\).*/\1/p')
if command -v mysql >/dev/null 2>&1; then
if mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "SELECT 1;" 2>/dev/null; then
# 获取连接信息
DB_VERSION=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \
-e "SELECT VERSION();" -s -N 2>/dev/null || echo "unknown")
add_result "database" "pass" "Database connection successful" "Host: $DB_HOST:$DB_PORT, DB: $DB_NAME, Version: $DB_VERSION"
else
add_result "database" "fail" "Database connection failed" "Cannot connect to $DB_HOST:$DB_PORT/$DB_NAME"
fi
else
add_result "database" "warn" "mysql client not available, skipping DB check" ""
fi
fi
fi
# 3. 磁盘空间检查
if [ "$CHECK_DISK" -eq 1 ]; then
# 获取根分区或当前目录所在分区的使用率
DISK_INFO=$(df -h . 2>/dev/null | tail -1)
if [ -n "$DISK_INFO" ]; then
DISK_USE_PCT=$(echo "$DISK_INFO" | awk '{print $5}' | sed 's/%//')
DISK_USE_HUMAN=$(echo "$DISK_INFO" | awk '{print $3}')
DISK_TOTAL_HUMAN=$(echo "$DISK_INFO" | awk '{print $2}')
DISK_AVAIL_HUMAN=$(echo "$DISK_INFO" | awk '{print $4}')
DISK_MOUNT=$(echo "$DISK_INFO" | awk '{print $6}')
if [ "$DISK_USE_PCT" -ge "$DISK_THRESHOLD" ]; then
add_result "disk" "fail" "Disk space critical" "Usage: ${DISK_USE_PCT}% (threshold: ${DISK_THRESHOLD}%), Used: ${DISK_USE_HUMAN}/${DISK_TOTAL_HUMAN}, Available: ${DISK_AVAIL_HUMAN}, Mount: ${DISK_MOUNT}"
elif [ "$DISK_USE_PCT" -ge $((DISK_THRESHOLD - 10)) ]; then
add_result "disk" "warn" "Disk space warning" "Usage: ${DISK_USE_PCT}% (threshold: ${DISK_THRESHOLD}%), Used: ${DISK_USE_HUMAN}/${DISK_TOTAL_HUMAN}, Available: ${DISK_AVAIL_HUMAN}, Mount: ${DISK_MOUNT}"
else
add_result "disk" "pass" "Disk space OK" "Usage: ${DISK_USE_PCT}%, Used: ${DISK_USE_HUMAN}/${DISK_TOTAL_HUMAN}, Available: ${DISK_AVAIL_HUMAN}, Mount: ${DISK_MOUNT}"
fi
else
add_result "disk" "warn" "Could not determine disk usage" ""
fi
fi
# 4. 备份新鲜度检查
if [ "$CHECK_BACKUP" -eq 1 ]; then
if [ -d "$BACKUP_DIR" ]; then
LATEST_BACKUP=$(ls -t "$BACKUP_DIR"/db_backup_*.sql.gz 2>/dev/null | head -1)
if [ -n "$LATEST_BACKUP" ]; then
# 获取备份文件修改时间(秒)
BACKUP_MTIME=$(stat -c%Y "$LATEST_BACKUP" 2>/dev/null || stat -f%m "$LATEST_BACKUP" 2>/dev/null)
CURRENT_TIME=$(date +%s)
BACKUP_AGE_HOURS=$(( (CURRENT_TIME - BACKUP_MTIME) / 3600 ))
BACKUP_SIZE=$(stat -c%s "$LATEST_BACKUP" 2>/dev/null || stat -f%z "$LATEST_BACKUP" 2>/dev/null)
BACKUP_SIZE_HUMAN=$(echo "$BACKUP_SIZE" | awk '{split("B KB MB GB TB",v);i=1;while($1>=1024&&i<5){$1/=1024;i++};printf "%.1f%s",$1,v[i]}')
if [ "$BACKUP_AGE_HOURS" -gt "$BACKUP_MAX_AGE" ]; then
add_result "backup" "fail" "Backup is stale" "Latest backup is ${BACKUP_AGE_HOURS}h old (max: ${BACKUP_MAX_AGE}h), File: $(basename "$LATEST_BACKUP"), Size: $BACKUP_SIZE_HUMAN"
elif [ "$BACKUP_AGE_HOURS" -gt $((BACKUP_MAX_AGE / 2)) ]; then
add_result "backup" "warn" "Backup getting old" "Latest backup is ${BACKUP_AGE_HOURS}h old (max: ${BACKUP_MAX_AGE}h), File: $(basename "$LATEST_BACKUP"), Size: $BACKUP_SIZE_HUMAN"
else
add_result "backup" "pass" "Backup is fresh" "Latest backup is ${BACKUP_AGE_HOURS}h old, File: $(basename "$LATEST_BACKUP"), Size: $BACKUP_SIZE_HUMAN"
fi
else
add_result "backup" "fail" "No backup files found" "No db_backup_*.sql.gz files in $BACKUP_DIR"
fi
else
add_result "backup" "warn" "Backup directory does not exist" "$BACKUP_DIR"
fi
fi
# 输出 JSON 报告
TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
cat <<EOF
{
"timestamp": "$TIMESTAMP",
"status": "$OVERALL_STATUS",
"summary": {
"total": $((CHECKS_PASSED + CHECKS_FAILED + CHECKS_WARNED)),
"passed": $CHECKS_PASSED,
"failed": $CHECKS_FAILED,
"warned": $CHECKS_WARNED
},
"checks": [
$RESULTS
]
}
EOF
if [ "$OVERALL_STATUS" = "unhealthy" ]; then
exit 1
fi
exit 0

137
scripts/security-scan.ps1 Normal file
View File

@@ -0,0 +1,137 @@
# 本地安全扫描脚本 (Windows PowerShell)
# 用法: .\scripts\security-scan.ps1
# 功能: npm audit + Trivy 文件系统扫描,输出彩色报告
# 退出码: 0=无高危漏洞, 1=存在高危漏洞
$ErrorActionPreference = "Continue"
$ProjectRoot = Resolve-Path "$PSScriptRoot\.."
Set-Location $ProjectRoot
$script:HasHigh = 0
function Write-Header($msg) {
Write-Host "================================================" -ForegroundColor Cyan
Write-Host " $msg" -ForegroundColor Cyan
Write-Host "================================================" -ForegroundColor Cyan
}
function Write-Pass($msg) { Write-Host "[PASS] $msg" -ForegroundColor Green }
function Write-Warn2($msg) { Write-Host "[WARN] $msg" -ForegroundColor Yellow }
function Write-Fail($msg) { Write-Host "[FAIL] $msg" -ForegroundColor Red; $script:HasHigh = 1 }
function Write-Info2($msg) { Write-Host "[INFO] $msg" -ForegroundColor Blue }
function Test-Command($name) {
return [bool](Get-Command $name -ErrorAction SilentlyContinue)
}
Write-Header "本地安全扫描"
Write-Info2 "项目目录: $ProjectRoot"
Write-Host ""
# ------------------------------------------------
# 1. npm audit
# ------------------------------------------------
Write-Header "1/2 npm audit (依赖审计)"
if (-not (Test-Command "npm")) {
Write-Fail "未检测到 npm,请先安装 Node.js"
exit 1
}
$auditJson = "$env:TEMP\audit-report.json"
npm audit --json 2>$null | Out-File -FilePath $auditJson -Encoding utf8
if (Test-Path $auditJson) {
try {
$audit = Get-Content $auditJson -Raw | ConvertFrom-Json
$v = $audit.metadata.vulnerabilities
$critical = if ($v.critical) { [int]$v.critical } else { 0 }
$high = if ($v.high) { [int]$v.high } else { 0 }
$moderate = if ($v.moderate) { [int]$v.moderate } else { 0 }
$low = if ($v.low) { [int]$v.low } else { 0 }
Write-Host -NoNewline " critical: "; Write-Host -NoNewline "$critical " -ForegroundColor Red
Write-Host -NoNewline " high: "; Write-Host -NoNewline "$high " -ForegroundColor Red
Write-Host -NoNewline " moderate: "; Write-Host -NoNewline "$moderate " -ForegroundColor Yellow
Write-Host -NoNewline " low: "; Write-Host "$low" -ForegroundColor Green
if ($critical -gt 0 -or $high -gt 0) {
Write-Fail "npm audit 发现 critical/high 漏洞"
} else {
Write-Pass "npm audit 无 critical/high 漏洞"
}
} catch {
Write-Warn2 "npm audit 报告解析失败,显示原始输出"
npm audit --audit-level=moderate
}
Copy-Item $auditJson "$ProjectRoot\audit-report.json" -Force
Write-Info2 "报告已保存: audit-report.json"
} else {
Write-Warn2 "npm audit 未生成报告"
}
Write-Host ""
# ------------------------------------------------
# 2. Trivy 文件系统扫描
# ------------------------------------------------
Write-Header "2/2 Trivy FS Scan (文件系统扫描)"
if (-not (Test-Command "trivy")) {
Write-Warn2 "未检测到 trivy,跳过文件系统扫描"
Write-Info2 "安装 Trivy: https://aquasecurity.github.io/trivy/latest/getting-started/installation/"
} else {
$trivyReport = "$ProjectRoot\trivy-fs-report.json"
trivy fs --format json --output $trivyReport --exit-code 0 . 2>$null
if ($LASTEXITCODE -eq 0) {
Write-Pass "Trivy 扫描完成"
} else {
Write-Warn2 "Trivy 扫描返回非零状态(可能存在漏洞)"
}
if (Test-Path $trivyReport) {
try {
$trivy = Get-Content $trivyReport -Raw | ConvertFrom-Json
$allVulns = @()
foreach ($r in $trivy.Results) {
if ($r.Vulnerabilities) { $allVulns += $r.Vulnerabilities }
}
$total = $allVulns.Count
$critical = @($allVulns | Where-Object { $_.Severity -eq "CRITICAL" }).Count
$high = @($allVulns | Where-Object { $_.Severity -eq "HIGH" }).Count
$medium = @($allVulns | Where-Object { $_.Severity -eq "MEDIUM" }).Count
$low = @($allVulns | Where-Object { $_.Severity -eq "LOW" }).Count
Write-Host -NoNewline " 总计: $total critical: "; Write-Host -NoNewline "$critical " -ForegroundColor Red
Write-Host -NoNewline " high: "; Write-Host -NoNewline "$high " -ForegroundColor Red
Write-Host -NoNewline " medium: "; Write-Host -NoNewline "$medium " -ForegroundColor Yellow
Write-Host -NoNewline " low: "; Write-Host "$low" -ForegroundColor Green
if ($critical -gt 0 -or $high -gt 0) {
Write-Fail "Trivy 发现 critical/high 漏洞"
} else {
Write-Pass "Trivy 无 critical/high 漏洞"
}
Write-Info2 "报告已保存: trivy-fs-report.json"
} catch {
Write-Warn2 "Trivy 报告解析失败"
}
}
Write-Host ""
Write-Info2 "Trivy 表格视图:"
trivy fs --format table --exit-code 0 .
}
Write-Host ""
# ------------------------------------------------
# 汇总
# ------------------------------------------------
Write-Header "扫描汇总"
if ($script:HasHigh -eq 0) {
Write-Pass "未发现高危漏洞 (exit 0)"
exit 0
} else {
Write-Fail "发现高危漏洞,请尽快处理 (exit 1)"
Write-Host " SLA: critical 24h / high 7d / medium 30d / low 90d" -ForegroundColor Blue
exit 1
}

133
scripts/security-scan.sh Normal file
View File

@@ -0,0 +1,133 @@
#!/bin/bash
# 本地安全扫描脚本 (Linux/macOS)
# 用法: ./scripts/security-scan.sh
# 功能: npm audit + Trivy 文件系统扫描,输出彩色报告
# 退出码: 0=无高危漏洞, 1=存在高危漏洞
set -uo pipefail
# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
CYAN='\033[0;36m'
NC='\033[0m' # No Color
PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
cd "$PROJECT_ROOT"
HAS_HIGH=0
print_header() {
echo -e "${CYAN}================================================${NC}"
echo -e "${CYAN} $1${NC}"
echo -e "${CYAN}================================================${NC}"
}
print_ok() { echo -e "${GREEN}[PASS]${NC} $1"; }
print_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
print_err() { echo -e "${RED}[FAIL]${NC} $1"; HAS_HIGH=1; }
print_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
# 检查命令是否存在
command_exists() {
command -v "$1" >/dev/null 2>&1
}
print_header "本地安全扫描"
print_info "项目目录: $PROJECT_ROOT"
echo ""
# ------------------------------------------------
# 1. npm audit
# ------------------------------------------------
print_header "1/2 npm audit (依赖审计)"
if ! command_exists npm; then
print_err "未检测到 npm,请先安装 Node.js"
exit 1
fi
npm audit --json > /tmp/audit-report.json 2>/dev/null || true
if [ -f /tmp/audit-report.json ]; then
# 提取漏洞计数(需要 jq)
if command_exists jq; then
CRITICAL=$(jq -r '.metadata.vulnerabilities.critical // 0' /tmp/audit-report.json)
HIGH=$(jq -r '.metadata.vulnerabilities.high // 0' /tmp/audit-report.json)
MODERATE=$(jq -r '.metadata.vulnerabilities.moderate // 0' /tmp/audit-report.json)
LOW=$(jq -r '.metadata.vulnerabilities.low // 0' /tmp/audit-report.json)
echo -e " critical: ${RED}${CRITICAL}${NC} high: ${RED}${HIGH}${NC} moderate: ${YELLOW}${MODERATE}${NC} low: ${GREEN}${LOW}${NC}"
if [ "$CRITICAL" -gt 0 ] || [ "$HIGH" -gt 0 ]; then
print_err "npm audit 发现 critical/high 漏洞"
else
print_ok "npm audit 无 critical/high 漏洞"
fi
else
print_warn "未安装 jq,跳过漏洞计数,显示原始报告"
npm audit --audit-level=moderate || print_warn "npm audit 发现漏洞"
fi
# 保存报告到项目根目录
cp /tmp/audit-report.json "$PROJECT_ROOT/audit-report.json"
print_info "报告已保存: audit-report.json"
else
print_warn "npm audit 未生成报告"
fi
echo ""
# ------------------------------------------------
# 2. Trivy 文件系统扫描
# ------------------------------------------------
print_header "2/2 Trivy FS Scan (文件系统扫描)"
if ! command_exists trivy; then
print_warn "未检测到 trivy,跳过文件系统扫描"
print_info "安装 Trivy: https://aquasecurity.github.io/trivy/latest/getting-started/installation/"
else
TRIVY_REPORT="$PROJECT_ROOT/trivy-fs-report.json"
if trivy fs --format json --output "$TRIVY_REPORT" --exit-code 0 . >/dev/null 2>&1; then
print_ok "Trivy 扫描完成"
else
print_warn "Trivy 扫描返回非零状态(可能存在漏洞)"
fi
if [ -f "$TRIVY_REPORT" ] && command_exists jq; then
TOTAL=$(jq -r '[.Results[]?.Vulnerabilities[]?] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0")
CRITICAL=$(jq -r '[.Results[]?.Vulnerabilities[]? | select(.Severity=="CRITICAL")] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0")
HIGH=$(jq -r '[.Results[]?.Vulnerabilities[]? | select(.Severity=="HIGH")] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0")
MEDIUM=$(jq -r '[.Results[]?.Vulnerabilities[]? | select(.Severity=="MEDIUM")] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0")
LOW=$(jq -r '[.Results[]?.Vulnerabilities[]? | select(.Severity=="LOW")] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0")
echo -e " 总计: ${TOTAL} critical: ${RED}${CRITICAL}${NC} high: ${RED}${HIGH}${NC} medium: ${YELLOW}${MEDIUM}${NC} low: ${GREEN}${LOW}${NC}"
if [ "$CRITICAL" -gt 0 ] || [ "$HIGH" -gt 0 ]; then
print_err "Trivy 发现 critical/high 漏洞"
else
print_ok "Trivy 无 critical/high 漏洞"
fi
print_info "报告已保存: trivy-fs-report.json"
fi
# 输出表格视图
echo ""
print_info "Trivy 表格视图:"
trivy fs --format table --exit-code 0 . || true
fi
echo ""
# ------------------------------------------------
# 汇总
# ------------------------------------------------
print_header "扫描汇总"
if [ "$HAS_HIGH" -eq 0 ]; then
print_ok "未发现高危漏洞 (exit 0)"
exit 0
else
print_err "发现高危漏洞,请尽快处理 (exit 1)"
echo -e " ${BLUE}SLA:${NC} critical 24h / high 7d / medium 30d / low 90d"
exit 1
fi

119
src/modules/notifications/actions.ts Normal file
View File

@@ -0,0 +1,119 @@
"use server"
/**
* 通知 Server Actions
*
* - sendNotificationAction: 发送通知给指定用户(需要 MESSAGE_SEND 权限)
* - sendClassNotificationAction: 发送班级通知(教师权限,按班级查询学生后批量发送)
*
* 权限说明:
* 项目无独立 NOTIFICATION_SEND 权限点,复用 MESSAGE_SEND教师/管理员/年级主任均拥有)。
* 班级通知按教师所教班级过滤,确保教师只能给自己班级发通知。
*/
import { eq } from "drizzle-orm"
import { db } from "@/shared/db"
import { classEnrollments, classes } from "@/shared/db/schema"
import { PermissionDeniedError, requirePermission } from "@/shared/lib/auth-guard"
import { Permissions } from "@/shared/types/permissions"
import type { ActionState } from "@/shared/types/action-state"
import { sendNotification, sendBatchNotifications } from "./dispatcher"
import type { NotificationPayload, ChannelSendResult } from "./types"
/**
* 发送通知给指定用户。
*
* @param payload 通知负载payload.userId 为接收人)
*/
export async function sendNotificationAction(
payload: NotificationPayload
): Promise<ActionState<ChannelSendResult[]>> {
try {
await requirePermission(Permissions.MESSAGE_SEND)
if (!payload.userId || !payload.title || !payload.content) {
return { success: false, message: "Missing required fields: userId, title, content" }
}
const results = await sendNotification(payload)
const allSuccess = results.every((r) => r.success)
return {
success: allSuccess,
message: allSuccess ? "Notification sent" : "Some channels failed",
data: results,
}
} catch (e) {
if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
if (e instanceof Error) return { success: false, message: e.message }
return { success: false, message: "Unexpected error" }
}
}
/**
* 发送班级通知(批量发送给班级所有学生)。
*
* 教师只能给自己所教班级发送通知(通过 dataScope 校验)。
*
* @param classId 班级 ID
* @param payload 通知负载模板payload.userId 会被覆盖为每个学生的 userId
*/
export async function sendClassNotificationAction(
classId: string,
payload: Omit<NotificationPayload, "userId">
): Promise<ActionState<ChannelSendResult[][]>> {
try {
const ctx = await requirePermission(Permissions.MESSAGE_SEND)
if (!classId || !payload.title || !payload.content) {
return { success: false, message: "Missing required fields: classId, title, content" }
}
// 权限校验: 教师只能给自己所教班级发通知;管理员可发任意班级
if (ctx.dataScope.type !== "all") {
const allowedClassIds =
ctx.dataScope.type === "class_taught" ? ctx.dataScope.classIds : []
if (!allowedClassIds.includes(classId)) {
return { success: false, message: "You can only send notifications to your own classes" }
}
}
// 查询班级所有学生
const [classRow] = await db
.select({ id: classes.id })
.from(classes)
.where(eq(classes.id, classId))
.limit(1)
if (!classRow) {
return { success: false, message: "Class not found" }
}
const enrollments = await db
.select({ studentId: classEnrollments.studentId })
.from(classEnrollments)
.where(eq(classEnrollments.classId, classId))
if (enrollments.length === 0) {
return { success: true, message: "No students in this class", data: [] }
}
// 构造每个学生的通知负载
const payloads: NotificationPayload[] = enrollments.map((e) => ({
...payload,
userId: e.studentId,
}))
const results = await sendBatchNotifications(payloads)
return {
success: true,
message: `Notification sent to ${enrollments.length} students`,
data: results,
}
} catch (e) {
if (e instanceof PermissionDeniedError) return { success: false, message: e.message }
if (e instanceof Error) return { success: false, message: e.message }
return { success: false, message: "Unexpected error" }
}
}

183
src/modules/notifications/channels/email-channel.ts Normal file
View File

@@ -0,0 +1,183 @@
import "server-only"
/**
* 邮件通知渠道
*
* 使用 nodemailer动态 import通过 SMTP 发送邮件。
* 支持 HTML 邮件模板,根据 payload.type 渲染不同颜色样式。
*
* 环境变量:
* - EMAIL_HOST: SMTP 主机
* - EMAIL_PORT: SMTP 端口(默认 587
* - EMAIL_USER: SMTP 用户名
* - EMAIL_PASS: SMTP 密码
* - EMAIL_FROM: 发件人地址(默认 noreply@example.com
*
* Mock 实现: 当 EMAIL_HOST 未配置时启用,仅记录日志不实际发送。
*/
import type {
NotificationPayload,
ChannelSendResult,
NotificationChannel,
} from "../types"
import type { NotificationChannelSender, ChannelRecipient } from "./types"
const channel: NotificationChannel = "email"
/** 从环境变量读取邮件配置 */
function getEmailConfig() {
return {
host: process.env.EMAIL_HOST,
port: Number(process.env.EMAIL_PORT ?? "587"),
user: process.env.EMAIL_USER,
pass: process.env.EMAIL_PASS,
from: process.env.EMAIL_FROM ?? "noreply@example.com",
}
}
/** 是否启用邮件渠道SMTP 主机配置即启用) */
export function isEmailEnabled(): boolean {
return Boolean(process.env.EMAIL_HOST)
}
/** 根据通知类型返回主题色(用于 HTML 模板) */
function getTypeColor(type: NotificationPayload["type"]): string {
switch (type) {
case "success":
return "#16a34a"
case "warning":
return "#d97706"
case "error":
return "#dc2626"
case "info":
default:
return "#2563eb"
}
}
/** 生成 HTML 邮件内容 */
function buildHtmlContent(payload: NotificationPayload): string {
const color = getTypeColor(payload.type)
const actionLink = payload.actionUrl
? `<p style="margin-top:16px;"><a href="${payload.actionUrl}" style="color:${color};text-decoration:none;">点击查看详情 →</a></p>`
: ""
return `
<div style="font-family:Arial,sans-serif;max-width:600px;margin:0 auto;padding:20px;">
<div style="border-left:4px solid ${color};padding-left:16px;">
<h2 style="color:${color};margin:0 0 12px 0;">${escapeHtml(payload.title)}</h2>
<p style="color:#374151;line-height:1.6;margin:0;">${escapeHtml(payload.content)}</p>
${actionLink}
</div>
<hr style="border:none;border-top:1px solid #e5e7eb;margin:24px 0;" />
<p style="color:#9ca3af;font-size:12px;margin:0;">此邮件由系统自动发送,请勿回复。</p>
</div>
`
}
/** HTML 转义,防止 XSS */
function escapeHtml(text: string): string {
return text
.replace(/&/g, "&amp;")
.replace(/</g, "&lt;")
.replace(/>/g, "&gt;")
.replace(/"/g, "&quot;")
.replace(/'/g, "&#39;")
}
/** Mock 邮件发送器(开发环境使用) */
class MockEmailSender implements NotificationChannelSender {
readonly channel = channel
async send(
payload: NotificationPayload,
recipient: ChannelRecipient
): Promise<ChannelSendResult> {
console.info(
`[MockEmail] send to ${recipient.email ?? "(no email)"}: subject="${payload.title}"`
)
return {
channel,
success: true,
messageId: `mock-email-${Date.now()}`,
sentAt: new Date(),
}
}
async sendBatch(
items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }>
): Promise<ChannelSendResult[]> {
return Promise.all(items.map((item) => this.send(item.payload, item.recipient)))
}
}
/** Nodemailer SMTP 邮件发送器 */
class NodemailerEmailSender implements NotificationChannelSender {
readonly channel = channel
async send(
payload: NotificationPayload,
recipient: ChannelRecipient
): Promise<ChannelSendResult> {
if (!recipient.email) {
return { channel, success: false, error: "Missing recipient email", sentAt: new Date() }
}
const config = getEmailConfig()
if (!config.host) {
return { channel, success: false, error: "EMAIL_HOST not configured", sentAt: new Date() }
}
try {
// 动态 import nodemailer避免增加构建体积
const nodemailer = await import("nodemailer")
const transporter = nodemailer.createTransport({
host: config.host,
port: config.port,
secure: config.port === 465,
auth: config.user
? { user: config.user, pass: config.pass ?? "" }
: undefined,
})
const info = await transporter.sendMail({
from: config.from,
to: recipient.email,
subject: payload.title,
html: buildHtmlContent(payload),
text: payload.content,
})
return {
channel,
success: true,
messageId: info.messageId,
sentAt: new Date(),
}
} catch (e) {
return {
channel,
success: false,
error: e instanceof Error ? e.message : "Email send failed",
sentAt: new Date(),
}
}
}
async sendBatch(
items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }>
): Promise<ChannelSendResult[]> {
return Promise.all(items.map((item) => this.send(item.payload, item.recipient)))
}
}
/**
* 创建邮件渠道发送器。
* 配置了 EMAIL_HOST 时使用 Nodemailer否则使用 Mock 实现。
*/
export function createEmailSender(): NotificationChannelSender {
if (isEmailEnabled()) {
return new NodemailerEmailSender()
}
return new MockEmailSender()
}

83
src/modules/notifications/channels/in-app-channel.ts Normal file
View File

@@ -0,0 +1,83 @@
import "server-only"
/**
* 站内消息渠道
*
* 封装现有 messaging 模块的 data-access.createNotification
* 将其适配为统一的 NotificationChannelSender 接口。
*
* 这是默认渠道,总是启用。所有通知都会写入 message_notifications 表,
* 用户可在站内通知中心查看。
*
* 注意: messaging.NotificationType 为 "message" | "announcement" | "homework" | "grade"
* 而本模块 NotificationPayload.type 为 "info" | "warning" | "error" | "success"。
* 此处将 payload.type 作为字符串写入 DBDB 列为 varchar(128),支持任意值),
* 不破坏现有 messaging 模块的类型约束。
*/
import type {
NotificationPayload,
ChannelSendResult,
NotificationChannel,
} from "../types"
import type { NotificationChannelSender, ChannelRecipient } from "./types"
import { createNotification } from "@/modules/messaging/data-access"
const channel: NotificationChannel = "in_app"
/** 站内消息发送器(调用现有 messaging data-access */
class InAppChannelSender implements NotificationChannelSender {
readonly channel = channel
async send(
payload: NotificationPayload,
recipient: ChannelRecipient
): Promise<ChannelSendResult> {
try {
// 校验收件人一致,防止误发
if (recipient.userId !== payload.userId) {
return {
channel,
success: false,
error: "Recipient userId does not match payload.userId",
sentAt: new Date(),
}
}
const id = await createNotification({
userId: payload.userId,
// DB 列为 varchar(128),支持任意字符串;保留 payload.type 语义
type: payload.type as "message" | "announcement" | "homework" | "grade",
title: payload.title,
content: payload.content,
link: payload.actionUrl ?? null,
})
return {
channel,
success: true,
messageId: id,
sentAt: new Date(),
}
} catch (e) {
return {
channel,
success: false,
error: e instanceof Error ? e.message : "In-app notification failed",
sentAt: new Date(),
}
}
}
async sendBatch(
items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }>
): Promise<ChannelSendResult[]> {
return Promise.all(items.map((item) => this.send(item.payload, item.recipient)))
}
}
/**
* 创建站内消息渠道发送器。
* 站内渠道总是启用,无需配置。
*/
export function createInAppSender(): NotificationChannelSender {
return new InAppChannelSender()
}

236
src/modules/notifications/channels/sms-channel.ts Normal file
View File

@@ -0,0 +1,236 @@
import "server-only"
/**
* 短信通知渠道
*
* 支持的 Provider:
* - aliyun: 阿里云短信(@alicloud/dysmsapi20170525动态 import
* - tencent: 腾讯云短信tencentcloud-sdk动态 import
* - mock: 开发环境模拟(仅记录日志,不实际发送)
*
* 环境变量:
* - SMS_PROVIDER: "aliyun" | "tencent" | "mock"(默认 mock
* - SMS_ACCESS_KEY_ID / SMS_ACCESS_KEY_SECRET
* - SMS_SIGN_NAME: 短信签名
* - SMS_TEMPLATE_CODE: 短信模板 ID
*
* 模板变量替换:将 payload.title / payload.content 填入模板变量 name/title/content。
*/
import type {
NotificationPayload,
ChannelSendResult,
NotificationChannel,
} from "../types"
import type { NotificationChannelSender, ChannelRecipient } from "./types"
const channel: NotificationChannel = "sms"
/** 从环境变量读取 SMS 配置 */
function getSmsConfig() {
return {
provider: (process.env.SMS_PROVIDER ?? "mock") as "aliyun" | "tencent" | "mock",
accessKeyId: process.env.SMS_ACCESS_KEY_ID,
accessKeySecret: process.env.SMS_ACCESS_KEY_SECRET,
signName: process.env.SMS_SIGN_NAME,
templateCode: process.env.SMS_TEMPLATE_CODE,
}
}
/**
* 构造短信模板变量。
* 阿里云/腾讯云模板使用 ${name} / ${title} / ${content} 占位符。
*/
function buildTemplateParams(payload: NotificationPayload): Record<string, string> {
return {
title: payload.title,
content: payload.content,
type: payload.type,
}
}
/** Mock 短信发送器(开发环境使用) */
class MockSmsSender implements NotificationChannelSender {
readonly channel = channel
async send(
payload: NotificationPayload,
recipient: ChannelRecipient
): Promise<ChannelSendResult> {
const params = buildTemplateParams(payload)
// 开发环境仅记录日志,不实际发送
console.info(
`[MockSms] send to ${recipient.phone ?? "(no phone)"}: title="${payload.title}" params=`,
params
)
return {
channel,
success: true,
messageId: `mock-sms-${Date.now()}`,
sentAt: new Date(),
}
}
async sendBatch(
items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }>
): Promise<ChannelSendResult[]> {
return Promise.all(items.map((item) => this.send(item.payload, item.recipient)))
}
}
/** 阿里云短信发送器 */
class AliyunSmsSender implements NotificationChannelSender {
readonly channel = channel
private config: ReturnType<typeof getSmsConfig>
constructor() {
this.config = getSmsConfig()
}
async send(
payload: NotificationPayload,
recipient: ChannelRecipient
): Promise<ChannelSendResult> {
if (!recipient.phone) {
return { channel, success: false, error: "Missing recipient phone", sentAt: new Date() }
}
if (!this.config.accessKeyId || !this.config.accessKeySecret) {
return { channel, success: false, error: "SMS_ACCESS_KEY_ID/SECRET not configured", sentAt: new Date() }
}
try {
// 动态 import 阿里云 SDK避免增加构建体积
const { default: Dysmsapi } = await import("@alicloud/dysmsapi20170525")
const { default: OpenApi } = await import("@alicloud/openapi-client")
const { default: Credential } = await import("@alicloud/credentials")
const credential = new Credential({
accessKeyId: this.config.accessKeyId,
accessKeySecret: this.config.accessKeySecret,
})
const apiConfig = new OpenApi({ credential })
apiConfig.endpoint = "dysmsapi.aliyuncs.com"
const client = new Dysmsapi(apiConfig)
const { SendSmsRequest } = await import("@alicloud/dysmsapi20170525")
const request = new SendSmsRequest({
phoneNumbers: recipient.phone,
signName: this.config.signName,
templateCode: this.config.templateCode,
templateParam: JSON.stringify(buildTemplateParams(payload)),
})
const response = await client.sendSms(request)
const code = response?.body?.code
const success = code === "OK"
return {
channel,
success,
messageId: response?.body?.bizId ?? undefined,
error: success ? undefined : response?.body?.message,
sentAt: new Date(),
}
} catch (e) {
return {
channel,
success: false,
error: e instanceof Error ? e.message : "Aliyun SMS send failed",
sentAt: new Date(),
}
}
}
async sendBatch(
items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }>
): Promise<ChannelSendResult[]> {
return Promise.all(items.map((item) => this.send(item.payload, item.recipient)))
}
}
/** 腾讯云短信发送器 */
class TencentSmsSender implements NotificationChannelSender {
readonly channel = channel
private config: ReturnType<typeof getSmsConfig>
constructor() {
this.config = getSmsConfig()
}
async send(
payload: NotificationPayload,
recipient: ChannelRecipient
): Promise<ChannelSendResult> {
if (!recipient.phone) {
return { channel, success: false, error: "Missing recipient phone", sentAt: new Date() }
}
if (!this.config.accessKeyId || !this.config.accessKeySecret) {
return { channel, success: false, error: "SMS_ACCESS_KEY_ID/SECRET not configured", sentAt: new Date() }
}
try {
// 动态 import 腾讯云 SDK
const tencentcloud = await import("tencentcloud-sdk-nodejs")
const SmsClient = tencentcloud.sms.v20210111.Client
const client = new SmsClient({
credential: {
secretId: this.config.accessKeyId,
secretKey: this.config.accessKeySecret,
},
region: "ap-guangzhou",
profile: {
httpProfile: { endpoint: "sms.tencentcloudapi.com" },
},
})
const params = buildTemplateParams(payload)
const response = await client.SendSms({
PhoneNumberSet: [`+86${recipient.phone}`],
SmsSdkAppId: this.config.templateCode ?? "",
SignName: this.config.signName ?? "",
TemplateId: this.config.templateCode ?? "",
TemplateParamSet: [params.title, params.content],
})
const sendStatus = response?.SendStatusSet?.[0]
const success = sendStatus?.Code === "Ok"
return {
channel,
success,
messageId: sendStatus?.SerialNo ?? undefined,
error: success ? undefined : sendStatus?.Message,
sentAt: new Date(),
}
} catch (e) {
return {
channel,
success: false,
error: e instanceof Error ? e.message : "Tencent SMS send failed",
sentAt: new Date(),
}
}
}
async sendBatch(
items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }>
): Promise<ChannelSendResult[]> {
return Promise.all(items.map((item) => this.send(item.payload, item.recipient)))
}
}
/**
* 创建 SMS 渠道发送器(根据 SMS_PROVIDER 环境变量选择实现)。
* 默认使用 Mock 实现,确保开发环境无外部服务时也可用。
*/
export function createSmsSender(): NotificationChannelSender {
const config = getSmsConfig()
switch (config.provider) {
case "aliyun":
return new AliyunSmsSender()
case "tencent":
return new TencentSmsSender()
case "mock":
default:
return new MockSmsSender()
}
}

38
src/modules/notifications/channels/types.ts Normal file
View File

@@ -0,0 +1,38 @@
/**
* 渠道发送者接口定义
*
* 所有渠道SMS/微信/邮件/站内)均实现 NotificationChannelSender 接口,
* 由 dispatcher 统一调度。新增渠道只需实现此接口并注册到 dispatcher。
*/
import type { NotificationPayload, ChannelSendResult, NotificationChannel } from "../types"
/** 渠道接收人信息(由 data-access.getUserContactInfo 填充) */
export interface ChannelRecipient {
userId: string
/** 手机号SMS 渠道必需) */
phone?: string
/** 邮箱(邮件渠道必需) */
email?: string
/** 微信 OpenID微信公众号模板消息渠道必需 */
wechatOpenId?: string
}
/**
* 通知渠道发送者接口
*
* 实现方需保证:
* - send 失败时抛出 Error 或返回 success:false不抛出以避免阻塞其他渠道
* - sendBatch 内部并行发送,单条失败不影响其他条
* - 所有实现需在文件首行 import "server-only"
*/
export interface NotificationChannelSender {
/** 渠道标识 */
readonly channel: NotificationChannel
/** 发送单条通知 */
send(payload: NotificationPayload, recipient: ChannelRecipient): Promise<ChannelSendResult>
/** 批量发送(默认实现串行调用 send可覆写为并行 */
sendBatch(
payloads: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }>
): Promise<ChannelSendResult[]>
}

208
src/modules/notifications/channels/wechat-channel.ts Normal file
View File

@@ -0,0 +1,208 @@
import "server-only"
/**
* 微信公众号模板消息渠道
*
* 使用微信官方 API:
* 1. 获取 access_token: GET https://api.weixin.qq.com/cgi-bin/token
* 2. 发送模板消息: POST https://api.weixin.qq.com/cgi-bin/message/template/send
*
* access_token 带缓存(有效期 7200 秒,提前 5 分钟刷新),避免频繁请求。
*
* 环境变量:
* - WECHAT_APP_ID: 公众号 AppID
* - WECHAT_APP_SECRET: 公众号 AppSecret
* - WECHAT_TEMPLATE_ID: 模板消息 ID
*
* 模板数据映射: payload.title -> keyword1, payload.content -> keyword2,
* payload.type -> keyword3可在微信公众号后台配置模板字段
*/
import type {
NotificationPayload,
ChannelSendResult,
NotificationChannel,
} from "../types"
import type { NotificationChannelSender, ChannelRecipient } from "./types"
const channel: NotificationChannel = "wechat"
const WECHAT_TOKEN_URL = "https://api.weixin.qq.com/cgi-bin/token"
const WECHAT_SEND_URL = "https://api.weixin.qq.com/cgi-bin/message/template/send"
/** access_token 缓存(进程级) */
interface TokenCache {
accessToken: string
expiresAt: number // 毫秒时间戳
}
let tokenCache: TokenCache | null = null
/** 从环境变量读取微信配置 */
function getWechatConfig() {
return {
appId: process.env.WECHAT_APP_ID,
appSecret: process.env.WECHAT_APP_SECRET,
templateId: process.env.WECHAT_TEMPLATE_ID,
}
}
/** 是否启用微信渠道(配置完整才启用) */
export function isWechatEnabled(): boolean {
const config = getWechatConfig()
return Boolean(config.appId && config.appSecret && config.templateId)
}
/**
* 获取微信 access_token带缓存
* 缓存有效期内的 token 直接复用;过期或不存在时重新请求。
*/
async function getAccessToken(): Promise<string> {
const now = Date.now()
// 缓存有效(提前 5 分钟刷新,避免边界过期)
if (tokenCache && tokenCache.expiresAt - now > 5 * 60 * 1000) {
return tokenCache.accessToken
}
const config = getWechatConfig()
if (!config.appId || !config.appSecret) {
throw new Error("WECHAT_APP_ID/WECHAT_APP_SECRET not configured")
}
const url = `${WECHAT_TOKEN_URL}?grant_type=client_credential&appid=${encodeURIComponent(
config.appId
)}&secret=${encodeURIComponent(config.appSecret)}`
const res = await fetch(url, { method: "GET" })
const data = (await res.json()) as {
access_token?: string
expires_in?: number
errcode?: number
errmsg?: string
}
if (!data.access_token) {
throw new Error(
`Failed to get WeChat access_token: ${data.errcode} ${data.errmsg ?? ""}`
)
}
tokenCache = {
accessToken: data.access_token,
expiresAt: now + (data.expires_in ?? 7200) * 1000,
}
return tokenCache.accessToken
}
/**
* 将通知负载映射为微信模板数据。
* 默认映射: title -> keyword1, content -> keyword2, type -> keyword3。
* 如需自定义映射,可在 metadata 中提供 wechatKeywords 覆盖。
*/
function buildTemplateData(
payload: NotificationPayload
): Record<string, { value: string }> {
const custom = (payload.metadata?.wechatKeywords as Record<string, string> | undefined) ?? {}
return {
keyword1: { value: custom.keyword1 ?? payload.title },
keyword2: { value: custom.keyword2 ?? payload.content },
keyword3: { value: custom.keyword3 ?? payload.type },
}
}
/** Mock 微信发送器(开发环境使用) */
class MockWechatSender implements NotificationChannelSender {
readonly channel = channel
async send(
payload: NotificationPayload,
recipient: ChannelRecipient
): Promise<ChannelSendResult> {
console.info(
`[MockWechat] send to openId=${recipient.wechatOpenId ?? "(no openId)"}: title="${payload.title}"`
)
return {
channel,
success: true,
messageId: `mock-wechat-${Date.now()}`,
sentAt: new Date(),
}
}
async sendBatch(
items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }>
): Promise<ChannelSendResult[]> {
return Promise.all(items.map((item) => this.send(item.payload, item.recipient)))
}
}
/** 微信公众号模板消息发送器 */
class WechatTemplateSender implements NotificationChannelSender {
readonly channel = channel
async send(
payload: NotificationPayload,
recipient: ChannelRecipient
): Promise<ChannelSendResult> {
if (!recipient.wechatOpenId) {
return { channel, success: false, error: "Missing recipient wechatOpenId", sentAt: new Date() }
}
const config = getWechatConfig()
if (!config.templateId) {
return { channel, success: false, error: "WECHAT_TEMPLATE_ID not configured", sentAt: new Date() }
}
try {
const accessToken = await getAccessToken()
const url = `${WECHAT_SEND_URL}?access_token=${encodeURIComponent(accessToken)}`
const body = {
touser: recipient.wechatOpenId,
template_id: config.templateId,
url: payload.actionUrl ?? "",
data: buildTemplateData(payload),
}
const res = await fetch(url, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(body),
})
const data = (await res.json()) as {
errcode?: number
errmsg?: string
msgid?: number
}
const success = data.errcode === 0
return {
channel,
success,
messageId: data.msgid != null ? String(data.msgid) : undefined,
error: success ? undefined : `${data.errcode}: ${data.errmsg ?? ""}`,
sentAt: new Date(),
}
} catch (e) {
return {
channel,
success: false,
error: e instanceof Error ? e.message : "WeChat send failed",
sentAt: new Date(),
}
}
}
async sendBatch(
items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }>
): Promise<ChannelSendResult[]> {
return Promise.all(items.map((item) => this.send(item.payload, item.recipient)))
}
}
/**
* 创建微信渠道发送器。
* 配置完整时使用真实发送器,否则使用 Mock 实现。
*/
export function createWechatSender(): NotificationChannelSender {
if (isWechatEnabled()) {
return new WechatTemplateSender()
}
return new MockWechatSender()
}

86
src/modules/notifications/data-access.ts Normal file
View File

@@ -0,0 +1,86 @@
import "server-only"
/**
* 通知数据访问层
*
* 职责:
* - getUserNotificationPreferences: 获取用户通知偏好(复用 messaging 模块)
* - getUserContactInfo: 获取用户联系方式(手机/邮箱,用于渠道发送)
* - logNotificationSend: 记录发送日志(当前项目无 notification_logs 表,使用 console 输出)
*
* 注意: users 表当前无 wechatOpenId 字段wechatOpenId 暂返回 undefined。
* 未来扩展 users 表增加 wechat_open_id 列后,此处补充查询即可。
*/
import { cache } from "react"
import { eq } from "drizzle-orm"
import { db } from "@/shared/db"
import { users } from "@/shared/db/schema"
import { getNotificationPreferences } from "@/modules/messaging/notification-preferences"
import type { NotificationPreferences } from "@/modules/messaging/types"
import type { ChannelRecipient } from "./channels/types"
import type { ChannelSendResult } from "./types"
/**
* 获取用户通知偏好(复用 messaging 模块的 cache 包装函数)。
* 若用户无记录messaging 模块会自动创建默认记录。
*/
export async function getUserNotificationPreferences(
userId: string
): Promise<NotificationPreferences> {
return getNotificationPreferences(userId)
}
/**
* 获取用户联系方式(手机号、邮箱)。
* wechatOpenId 暂不支持users 表无此字段),返回 undefined。
*/
export const getUserContactInfo = cache(
async (userId: string): Promise<ChannelRecipient> => {
const [row] = await db
.select({
id: users.id,
phone: users.phone,
email: users.email,
})
.from(users)
.where(eq(users.id, userId))
.limit(1)
if (!row) {
return { userId }
}
return {
userId: row.id,
phone: row.phone ?? undefined,
email: row.email ?? undefined,
// users 表暂无 wechat_open_id 字段;扩展 schema 后在此补充
wechatOpenId: undefined,
}
}
)
/**
* 记录通知发送日志。
*
* 当前项目无 notification_logs 表,使用 console.info 输出。
* 未来新增 notification_logs 表后,可在此处写入 DB。
*/
export function logNotificationSend(result: ChannelSendResult): void {
const status = result.success ? "OK" : "FAIL"
const errorPart = result.error ? ` error="${result.error}"` : ""
console.info(
`[NotificationLog] ${status} channel=${result.channel} messageId=${result.messageId ?? "-"}${errorPart}`
)
}
/**
* 批量记录发送日志。
*/
export function logNotificationSendBatch(results: ChannelSendResult[]): void {
for (const result of results) {
logNotificationSend(result)
}
}

152
src/modules/notifications/dispatcher.ts Normal file
View File

@@ -0,0 +1,152 @@
import "server-only"
/**
* 通知分发器
*
* 职责:
* - 根据用户通知偏好notification_preferences决定使用哪些渠道
* - 并行发送到多个渠道in_app 总是启用)
* - 记录每个渠道的发送结果到日志
*
* 渠道选择逻辑:
* - in_app: 总是启用pushEnabled 控制是否发送站内推送)
* - sms: smsEnabled && 用户有手机号
* - email: emailEnabled && 用户有邮箱
* - wechat: pushEnabled && 用户有 wechatOpenId当前 users 表无此字段,暂不发送)
*
* 注意: 通知偏好中的 homeworkNotifications/gradeNotifications 等是按通知类别控制,
* 由调用方在构造 payload 时决定是否调用 sendNotification。
*/
import type { NotificationPayload, ChannelSendResult, NotificationChannel } from "./types"
import type { NotificationChannelSender, ChannelRecipient } from "./channels/types"
import { createSmsSender } from "./channels/sms-channel"
import { createWechatSender } from "./channels/wechat-channel"
import { createEmailSender } from "./channels/email-channel"
import { createInAppSender } from "./channels/in-app-channel"
import {
getUserNotificationPreferences,
getUserContactInfo,
logNotificationSendBatch,
} from "./data-access"
/** 渠道发送器实例缓存(避免每次发送重新创建) */
interface SenderRegistry {
in_app: NotificationChannelSender
sms: NotificationChannelSender
wechat: NotificationChannelSender
email: NotificationChannelSender
}
let senderRegistry: SenderRegistry | null = null
/** 获取渠道发送器注册表(单例) */
function getSenders(): SenderRegistry {
if (!senderRegistry) {
senderRegistry = {
in_app: createInAppSender(),
sms: createSmsSender(),
wechat: createWechatSender(),
email: createEmailSender(),
}
}
return senderRegistry
}
/**
* 根据用户通知偏好和联系方式,决定启用的渠道列表。
*/
function selectChannels(
prefs: {
smsEnabled: boolean
emailEnabled: boolean
pushEnabled: boolean
},
contact: ChannelRecipient
): NotificationChannel[] {
const channels: NotificationChannel[] = []
// 站内消息总是启用pushEnabled 控制站内推送,默认 true
if (prefs.pushEnabled) {
channels.push("in_app")
}
// SMS: 偏好启用且有手机号
if (prefs.smsEnabled && contact.phone) {
channels.push("sms")
}
// Email: 偏好启用且有邮箱
if (prefs.emailEnabled && contact.email) {
channels.push("email")
}
// WeChat: 偏好启用且有 openId当前 users 表无此字段,暂不会触发)
if (prefs.pushEnabled && contact.wechatOpenId) {
channels.push("wechat")
}
// 兜底: 如果所有渠道都未启用,至少发站内消息
if (channels.length === 0) {
channels.push("in_app")
}
return channels
}
/**
* 发送单条通知到用户。
*
* 根据用户通知偏好选择渠道,并行发送,返回所有渠道的发送结果。
*
* @param payload 通知负载payload.userId 决定接收人)
* @returns 各渠道的发送结果
*/
export async function sendNotification(
payload: NotificationPayload
): Promise<ChannelSendResult[]> {
const userId = payload.userId
// 并行获取用户偏好和联系方式
const [prefs, contact] = await Promise.all([
getUserNotificationPreferences(userId),
getUserContactInfo(userId),
])
const channels = selectChannels(prefs, contact)
const senders = getSenders()
// 并行发送到所有选中渠道
const results = await Promise.all(
channels.map((ch) => {
const sender = senders[ch]
return sender.send(payload, contact)
})
)
// 记录发送日志
logNotificationSendBatch(results)
return results
}
/**
* 批量发送通知到多个用户。
*
* 每个用户的渠道选择独立计算,并行发送。
*
* @param payloads 通知负载数组(每个 payload.userId 决定各自接收人)
* @returns 各用户各渠道的发送结果(按输入顺序对应)
*/
export async function sendBatchNotifications(
payloads: NotificationPayload[]
): Promise<ChannelSendResult[][]> {
// 并行处理每个 payload
const results = await Promise.all(payloads.map((p) => sendNotification(p)))
// 汇总日志
const flatResults = results.flat()
logNotificationSendBatch(flatResults)
return results
}

47
src/modules/notifications/external-sdk.d.ts vendored Normal file
View File

@@ -0,0 +1,47 @@
/* eslint-disable @typescript-eslint/no-explicit-any */
/**
* 外部 SDK 类型声明(可选依赖)
*
* 这些 SDK 通过动态 import 在运行时加载开发环境Mock 模式)无需安装。
* 安装对应 SDK 后,其自带的类型声明将覆盖此处的 any 声明。
*
* 安装命令见 docs/notifications/channels.md
*/
declare module "@alicloud/dysmsapi20170525" {
const _default: any
export { _default as default }
export class SendSmsRequest {
constructor(params?: Record<string, unknown>)
}
}
declare module "@alicloud/openapi-client" {
const _default: new (config: any) => any
export { _default as default }
}
declare module "@alicloud/credentials" {
const _default: new (config: any) => any
export { _default as default }
}
declare module "tencentcloud-sdk-nodejs" {
const _default: {
sms: {
v20210111: {
Client: new (config: any) => any
}
}
}
export = _default
}
declare module "nodemailer" {
const _default: {
createTransport: (config: any) => {
sendMail: (options: any) => Promise<{ messageId: string }>
}
}
export = _default
}

38
src/modules/notifications/index.ts Normal file
View File

@@ -0,0 +1,38 @@
/**
* 通知渠道集成模块
*
* 对外导出:
* - sendNotification / sendBatchNotifications: 分发器入口
* - 类型定义: NotificationPayload, ChannelSendResult, NotificationChannel 等
* - 渠道发送器工厂: createSmsSender, createWechatSender, createEmailSender, createInAppSender
*
* 典型用法:
* ```ts
* import { sendNotification } from "@/modules/notifications"
* await sendNotification({
* userId: "user-xxx",
* title: "作业提醒",
* content: "您有一份新作业待提交",
* type: "info",
* actionUrl: "/homework/123",
* })
* ```
*/
export { sendNotification, sendBatchNotifications } from "./dispatcher"
export type {
NotificationChannel,
NotificationPayload,
ChannelSendResult,
NotificationChannelConfig,
SmsChannelConfig,
WechatChannelConfig,
EmailChannelConfig,
} from "./types"
export type { NotificationChannelSender, ChannelRecipient } from "./channels/types"
// 渠道发送器工厂(供高级用法直接调用单个渠道)
export { createSmsSender } from "./channels/sms-channel"
export { createWechatSender, isWechatEnabled } from "./channels/wechat-channel"
export { createEmailSender, isEmailEnabled } from "./channels/email-channel"
export { createInAppSender } from "./channels/in-app-channel"

70
src/modules/notifications/types.ts Normal file
View File

@@ -0,0 +1,70 @@
/**
* 通知渠道类型定义
*
* 本文件定义了通知分发系统使用的核心类型:
* - NotificationChannel: 支持的渠道枚举
* - NotificationPayload: 通知负载(跨渠道统一)
* - ChannelSendResult: 单次发送结果
* - NotificationChannelConfig: 渠道配置(从环境变量加载)
*/
/** 支持的通知渠道 */
export type NotificationChannel = "in_app" | "email" | "sms" | "wechat"
/** 通知负载(跨渠道统一格式) */
export interface NotificationPayload {
userId: string
title: string
content: string
/** 通知语义类型(用于渠道内模板映射,不与 messaging.NotificationType 耦合) */
type: "info" | "warning" | "error" | "success"
metadata?: Record<string, unknown>
/** 点击通知后的跳转地址(站内相对路径或外链) */
actionUrl?: string
}
/** 单次渠道发送结果 */
export interface ChannelSendResult {
channel: NotificationChannel
success: boolean
/** 渠道返回的消息 ID用于追踪 */
messageId?: string
/** 失败时的错误信息 */
error?: string
sentAt: Date
}
/** SMS 渠道配置 */
export interface SmsChannelConfig {
provider: "aliyun" | "tencent" | "mock"
accessKeyId?: string
accessKeySecret?: string
signName?: string
templateCode?: string
}
/** 微信公众号渠道配置 */
export interface WechatChannelConfig {
appId?: string
appSecret?: string
templateId?: string
}
/** 邮件渠道配置 */
export interface EmailChannelConfig {
provider: "resend" | "nodemailer" | "mock"
apiKey?: string
from?: string
host?: string
port?: number
user?: string
pass?: string
}
/** 通知渠道总配置 */
export interface NotificationChannelConfig {
enabled: boolean
sms?: SmsChannelConfig
wechat?: WechatChannelConfig
email?: EmailChannelConfig
}

39
src/shared/components/a11y/aria-status.tsx Normal file
View File

@@ -0,0 +1,39 @@
"use client"
import * as React from "react"
import { cn } from "@/shared/lib/utils"
export interface AriaStatusProps
extends React.HTMLAttributes<HTMLDivElement> {
children?: React.ReactNode
/** 通知礼貌级别,默认 polite */
politeness?: "polite" | "assertive"
/** 是否原子播报(整体内容),默认 true */
atomic?: boolean
}
/**
* ARIA 状态通知区域。
* 渲染 aria-live 区域,用于页面级状态通知(如"加载中"、"已保存")。
* 视觉隐藏,仅屏幕阅读器可读。
*/
export function AriaStatus({
children,
politeness = "polite",
atomic = true,
className,
...props
}: AriaStatusProps) {
return (
<div
role="status"
aria-live={politeness}
aria-atomic={atomic}
className={cn("sr-only", className)}
{...props}
>
{children}
</div>
)
}

126
src/shared/components/a11y/focus-trap.tsx Normal file
View File

@@ -0,0 +1,126 @@
"use client"
import * as React from "react"
import { cn } from "@/shared/lib/utils"
export interface FocusTrapProps {
children: React.ReactNode
/** 是否激活焦点陷阱,默认 true */
active?: boolean
/** 初始焦点元素,未指定时聚焦第一个可聚焦元素 */
initialFocusRef?: React.RefObject<HTMLElement | null>
/** 关闭时是否恢复焦点到触发元素,默认 true */
restoreFocus?: boolean
className?: string
}
const FOCUSABLE_SELECTOR = [
"a[href]",
"button:not([disabled])",
"input:not([disabled])",
"textarea:not([disabled])",
"select:not([disabled])",
"[tabindex]:not([tabindex='-1'])",
"[contenteditable='true']",
"audio[controls]",
"video[controls]",
].join(",")
/**
* 焦点陷阱组件(用于模态框/对话框)。
* - 捕获 Tab/Shift+Tab 在容器内循环
* - 支持初始焦点元素
* - 支持恢复焦点到触发元素
*/
export function FocusTrap({
children,
active = true,
initialFocusRef,
restoreFocus = true,
className,
}: FocusTrapProps) {
const containerRef = React.useRef<HTMLDivElement>(null)
const previouslyFocusedRef = React.useRef<HTMLElement | null>(null)
React.useEffect(() => {
if (!active) return
previouslyFocusedRef.current = document.activeElement as HTMLElement | null
const container = containerRef.current
if (container) {
const focusTarget =
initialFocusRef?.current ?? getFirstFocusable(container)
if (focusTarget) {
focusTarget.focus()
}
}
return () => {
if (restoreFocus && previouslyFocusedRef.current) {
previouslyFocusedRef.current.focus()
}
}
}, [active, initialFocusRef, restoreFocus])
const handleKeyDown = React.useCallback(
(event: React.KeyboardEvent<HTMLDivElement>) => {
if (event.key !== "Tab") return
const container = containerRef.current
if (!container) return
const focusables = getFocusables(container)
if (focusables.length === 0) {
event.preventDefault()
container.focus()
return
}
const first = focusables[0]
const last = focusables[focusables.length - 1]
const activeEl = document.activeElement
if (event.shiftKey) {
if (activeEl === first || !container.contains(activeEl)) {
event.preventDefault()
last.focus()
}
} else {
if (activeEl === last || !container.contains(activeEl)) {
event.preventDefault()
first.focus()
}
}
},
[]
)
if (!active) {
return <>{children}</>
}
return (
<div
ref={containerRef}
onKeyDown={handleKeyDown}
tabIndex={-1}
className={cn("outline-none", className)}
>
{children}
</div>
)
}
function getFocusables(container: HTMLElement): HTMLElement[] {
return Array.from(
container.querySelectorAll<HTMLElement>(FOCUSABLE_SELECTOR)
).filter((el) => {
if (el.hasAttribute("disabled")) return false
if (el.getAttribute("aria-hidden") === "true") return false
return el.offsetParent !== null || el.getClientRects().length > 0
})
}
function getFirstFocusable(container: HTMLElement): HTMLElement | null {
return getFocusables(container)[0] ?? null
}

39
src/shared/components/a11y/skip-link.tsx Normal file
View File

@@ -0,0 +1,39 @@
"use client"
import * as React from "react"
import { cn } from "@/shared/lib/utils"
export interface SkipLinkProps
extends React.AnchorHTMLAttributes<HTMLAnchorElement> {
/** 跳转目标锚点,默认 #main-content */
href?: string
/** 链接文字,默认"跳转到主内容" */
children?: React.ReactNode
}
/**
* 跳转链接组件。
* 视觉隐藏,获得焦点时高对比度显示,供键盘用户跳过导航直达主内容。
*/
export const SkipLink = React.forwardRef<HTMLAnchorElement, SkipLinkProps>(
(
{ href = "#main-content", className, children = "跳转到主内容", ...props },
ref
) => {
return (
<a
ref={ref}
href={href}
className={cn(
"sr-only focus:not-sr-only focus:absolute focus:left-4 focus:top-4 focus:z-50 focus:rounded-md focus:border focus:border-border focus:bg-background focus:p-4 focus:text-foreground focus:shadow-lg focus:outline-none focus:ring-2 focus:ring-ring focus:ring-offset-2",
className
)}
{...props}
>
{children}
</a>
)
}
)
SkipLink.displayName = "SkipLink"

26
src/shared/components/a11y/visually-hidden.tsx Normal file
View File

@@ -0,0 +1,26 @@
"use client"
import * as React from "react"
import { cn } from "@/shared/lib/utils"
export interface VisuallyHiddenProps
extends React.HTMLAttributes<HTMLSpanElement> {
children?: React.ReactNode
}
/**
* 视觉隐藏但屏幕阅读器可读的组件。
* 用于图标按钮的文字描述、表单标签的辅助说明等。
*/
export const VisuallyHidden = React.forwardRef<
HTMLSpanElement,
VisuallyHiddenProps
>(({ className, children, ...props }, ref) => {
return (
<span ref={ref} className={cn("sr-only", className)} {...props}>
{children}
</span>
)
})
VisuallyHidden.displayName = "VisuallyHidden"

5
src/shared/components/ui/dialog.tsx
View File

@@ -37,6 +37,7 @@ const DialogContent = React.forwardRef<
<DialogOverlay />
<DialogPrimitive.Content
ref={ref}
aria-modal="true"
className={cn(
"fixed left-[50%] top-[50%] z-50 grid w-full max-w-lg translate-x-[-50%] translate-y-[-50%] gap-6 border bg-background p-6 shadow-xl shadow-black/5 duration-200 data-[state=open]:animate-in data-[state=closed]:animate-out data-[state=closed]:fade-out-0 data-[state=open]:fade-in-0 data-[state=closed]:zoom-out-95 data-[state=open]:zoom-in-95 sm:rounded-xl",
className
@@ -44,9 +45,9 @@ const DialogContent = React.forwardRef<
{...props}
>
{children}
<DialogPrimitive.Close className="absolute right-4 top-4 rounded-sm opacity-70 ring-offset-background transition-opacity hover:opacity-100 focus:outline-none focus:ring-2 focus:ring-ring focus:ring-offset-2 disabled:pointer-events-none data-[state=open]:bg-accent data-[state=open]:text-muted-foreground">
<DialogPrimitive.Close aria-label="关闭" className="absolute right-4 top-4 rounded-sm opacity-70 ring-offset-background transition-opacity hover:opacity-100 focus:outline-none focus:ring-2 focus:ring-ring focus:ring-offset-2 disabled:pointer-events-none data-[state=open]:bg-accent data-[state=open]:text-muted-foreground">
<X className="h-4 w-4" />
<span className="sr-only">Close</span>
<span className="sr-only"></span>
</DialogPrimitive.Close>
</DialogPrimitive.Content>
</DialogPortal>

27
src/shared/components/ui/table.tsx
View File

@@ -5,10 +5,11 @@ import { cn } from "@/shared/lib/utils"
const Table = React.forwardRef<
HTMLTableElement,
React.HTMLAttributes<HTMLTableElement>
>(({ className, ...props }, ref) => (
>(({ className, role = "table", ...props }, ref) => (
<div className="relative w-full overflow-auto">
<table
ref={ref}
role={role}
className={cn("w-full caption-bottom text-sm", className)}
{...props}
/>
@@ -19,17 +20,23 @@ Table.displayName = "Table"
const TableHeader = React.forwardRef<
HTMLTableSectionElement,
React.HTMLAttributes<HTMLTableSectionElement>
>(({ className, ...props }, ref) => (
<thead ref={ref} className={cn("[&_tr]:border-b", className)} {...props} />
>(({ className, role = "rowgroup", ...props }, ref) => (
<thead
ref={ref}
role={role}
className={cn("[&_tr]:border-b", className)}
{...props}
/>
))
TableHeader.displayName = "TableHeader"
const TableBody = React.forwardRef<
HTMLTableSectionElement,
React.HTMLAttributes<HTMLTableSectionElement>
>(({ className, ...props }, ref) => (
>(({ className, role = "rowgroup", ...props }, ref) => (
<tbody
ref={ref}
role={role}
className={cn("[&_tr:last-child]:border-0", className)}
{...props}
/>
@@ -39,9 +46,10 @@ TableBody.displayName = "TableBody"
const TableFooter = React.forwardRef<
HTMLTableSectionElement,
React.HTMLAttributes<HTMLTableSectionElement>
>(({ className, ...props }, ref) => (
>(({ className, role = "rowgroup", ...props }, ref) => (
<tfoot
ref={ref}
role={role}
className={cn(
"border-t bg-muted/50 font-medium [&>tr]:last:border-b-0",
className
@@ -54,9 +62,10 @@ TableFooter.displayName = "TableFooter"
const TableRow = React.forwardRef<
HTMLTableRowElement,
React.HTMLAttributes<HTMLTableRowElement>
>(({ className, ...props }, ref) => (
>(({ className, role = "row", ...props }, ref) => (
<tr
ref={ref}
role={role}
className={cn(
"border-b transition-colors hover:bg-muted/50 data-[state=selected]:bg-muted",
className
@@ -69,9 +78,10 @@ TableRow.displayName = "TableRow"
const TableHead = React.forwardRef<
HTMLTableCellElement,
React.ThHTMLAttributes<HTMLTableCellElement>
>(({ className, ...props }, ref) => (
>(({ className, role = "columnheader", ...props }, ref) => (
<th
ref={ref}
role={role}
className={cn(
"h-10 px-2 text-left align-middle font-medium text-muted-foreground [&:has([role=checkbox])]:pr-0 [&>[role=checkbox]]:translate-y-[2px]",
className
@@ -84,9 +94,10 @@ TableHead.displayName = "TableHead"
const TableCell = React.forwardRef<
HTMLTableCellElement,
React.TdHTMLAttributes<HTMLTableCellElement>
>(({ className, ...props }, ref) => (
>(({ className, role = "cell", ...props }, ref) => (
<td
ref={ref}
role={role}
className={cn(
"p-2 align-middle [&:has([role=checkbox])]:pr-0 [&>[role=checkbox]]:translate-y-[2px]",
className

1
src/shared/hooks/index.ts
View File

@@ -1,4 +1,5 @@
export { useActionWithToast } from "./use-action-with-toast"
export { useAriaLive } from "./use-aria-live"
export { useDebounce } from "./use-debounce"
export { useMediaQuery } from "./use-media-query"
export { useLocalStorage } from "./use-local-storage"

99
src/shared/hooks/use-aria-live.ts Normal file
View File

@@ -0,0 +1,99 @@
"use client"
import * as React from "react"
export interface AnnounceOptions {
/** 通知的礼貌级别,默认 polite */
politeness?: "polite" | "assertive"
/** 自动清除的超时时间毫秒0 表示不清除,默认 5000 */
clearAfter?: number
}
export interface UseAriaLiveReturn {
/** 播报一条消息到 aria-live 区域 */
announce: (message: string, options?: AnnounceOptions) => void
/** 渲染到页面中的 aria-live 区域(放在组件树根部即可) */
liveRegion: React.ReactNode
}
/**
* 管理 aria-live 区域的 Hook。
* - 支持 polite / assertive 两种模式
* - 自动清除过期通知(可配置超时)
* - 用于表单提交结果、数据加载状态、错误提示
*/
export function useAriaLive(
defaultOptions?: AnnounceOptions
): UseAriaLiveReturn {
const [politeMessage, setPoliteMessage] = React.useState("")
const [assertiveMessage, setAssertiveMessage] = React.useState("")
const [politeKey, setPoliteKey] = React.useState(0)
const [assertiveKey, setAssertiveKey] = React.useState(0)
const timeoutRef = React.useRef<ReturnType<typeof setTimeout> | null>(null)
const announce = React.useCallback(
(message: string, options?: AnnounceOptions) => {
const politeness =
options?.politeness ?? defaultOptions?.politeness ?? "polite"
const clearAfter =
options?.clearAfter ?? defaultOptions?.clearAfter ?? 5000
if (timeoutRef.current) {
clearTimeout(timeoutRef.current)
timeoutRef.current = null
}
if (politeness === "assertive") {
setAssertiveMessage(message)
setAssertiveKey((k) => k + 1)
} else {
setPoliteMessage(message)
setPoliteKey((k) => k + 1)
}
if (clearAfter > 0) {
timeoutRef.current = setTimeout(() => {
setPoliteMessage("")
setAssertiveMessage("")
timeoutRef.current = null
}, clearAfter)
}
},
[defaultOptions]
)
React.useEffect(() => {
return () => {
if (timeoutRef.current) {
clearTimeout(timeoutRef.current)
}
}
}, [])
const liveRegion = React.createElement(
React.Fragment,
null,
React.createElement(
"div",
{
key: `polite-${politeKey}`,
"aria-live": "polite",
"aria-atomic": "true",
className: "sr-only",
},
politeMessage
),
React.createElement(
"div",
{
key: `assertive-${assertiveKey}`,
"aria-live": "assertive",
"aria-atomic": "true",
className: "sr-only",
},
assertiveMessage
)
)
return { announce, liveRegion }
}

74
src/shared/lib/a11y.ts Normal file
View File

@@ -0,0 +1,74 @@
import * as React from "react"
/**
* 生成唯一 ID用于 aria-describedby、aria-labelledby 等)。
* 基于 React.useIdSSR 安全,服务端与客户端一致。
*/
export function useA11yId(prefix: string): string {
const id = React.useId()
return `${prefix}-${id}`
}
/**
* 合并多组 aria/data 属性。
* - 普通属性:后者覆盖前者
* - aria-* / data-* 字符串属性:以空格拼接,便于聚合 describedby 等
*/
export function mergeA11yProps<T extends Record<string, unknown>>(
...props: (T | undefined | null | false)[]
): T {
const result = {} as Record<string, unknown>
for (const prop of props) {
if (!prop) continue
for (const key of Object.keys(prop)) {
const value = prop[key]
if (value === undefined || value === null) continue
const isAriaOrData = key.startsWith("aria-") || key.startsWith("data-")
const existing = result[key]
if (
isAriaOrData &&
typeof existing === "string" &&
typeof value === "string"
) {
result[key] = `${existing} ${value}`.trim()
} else {
result[key] = value
}
}
}
return result as T
}
/**
* 计算输入框的 aria 属性。
* @param describedBy 额外描述元素的 ID
* @param error 错误信息元素的 ID存在则标记 invalid
* @param hint 提示信息元素的 ID
*/
export function describeInput(
describedBy?: string,
error?: string,
hint?: string
): { ariaDescribedBy?: string; ariaInvalid?: boolean } {
const ids = [describedBy, error, hint].filter(
(v): v is string => v != null && v.length > 0
)
return {
ariaDescribedBy: ids.length > 0 ? ids.join(" ") : undefined,
ariaInvalid: Boolean(error),
}
}
/**
* 提供加载状态的 aria 属性。
* aria-busy 标记区域正在加载aria-live=polite 让屏幕阅读器在空闲时播报。
*/
export function loadingAria(isLoading: boolean): {
ariaBusy: boolean
ariaLive: "polite" | "assertive"
} {
return {
ariaBusy: isLoading,
ariaLive: "polite",
}
}

67
tests/visual/admin-dashboard.spec.ts Normal file
View File

@@ -0,0 +1,67 @@
import { expect, test } from "@playwright/test"
import { setupAuthState } from "./helpers/auth"
import { buildMaskOption, maskDynamicElements, setTheme, setViewport, waitForPageReady } from "./helpers/visual-helpers"
import { SCREENSHOT_DEFAULT_OPTIONS, THEMES, VIEWPORT_LIST, snapshotName } from "./visual.config"
/**
* 管理员仪表盘视觉回归测试
*
* 登录后访问 /admin/dashboard,在 desktop/tablet/mobile 三种视口
* 以及 light/dark 两种主题下进行整页快照,
* 并单独对侧边栏与主内容区做组件级快照。
*
* 需要数据库环境以完成登录流程;未配置 DATABASE_URL 时自动跳过。
*/
test.describe("Admin dashboard visual regression", () => {
test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests")
for (const viewport of VIEWPORT_LIST) {
for (const theme of THEMES) {
test(`admin-dashboard @ ${viewport} @ ${theme}`, async ({ page }) => {
await setViewport(page, viewport)
await setTheme(page, theme)
await setupAuthState(page, "admin")
await page.goto("/admin/dashboard")
await waitForPageReady(page)
const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']", "[data-testid='chart']"])
await expect(page).toHaveScreenshot(snapshotName("admin-dashboard", viewport, theme), {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
}
}
test("admin-dashboard sidebar component @ desktop @ light", async ({ page }) => {
test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests")
await setViewport(page, "desktop")
await setTheme(page, "light")
await setupAuthState(page, "admin")
await page.goto("/admin/dashboard")
await waitForPageReady(page)
const sidebar = page.locator("[data-testid='sidebar'], aside, nav").first()
const masks = await maskDynamicElements(page)
await expect(sidebar).toHaveScreenshot("admin-dashboard-sidebar-desktop-light.png", {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
test("admin-dashboard main content @ desktop @ light", async ({ page }) => {
test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests")
await setViewport(page, "desktop")
await setTheme(page, "light")
await setupAuthState(page, "admin")
await page.goto("/admin/dashboard")
await waitForPageReady(page)
const main = page.locator("main").first()
const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']", "[data-testid='chart']"])
await expect(main).toHaveScreenshot("admin-dashboard-main-desktop-light.png", {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
})

59
tests/visual/helpers/auth.ts Normal file
View File

@@ -0,0 +1,59 @@
/**
* 视觉测试认证辅助
*
* 提供登录辅助函数与 storageState 持久化能力,
* 避免每个视觉测试用例都重复走登录流程。
*/
import type { Page } from "@playwright/test"
import { STORAGE_STATE_DIR, type UserRole } from "../visual.config"
/** 测试账号配置(可通过环境变量覆盖) */
export const TEST_ACCOUNTS: Record<UserRole, { email: string; password: string }> = {
admin: {
email: process.env.VISUAL_ADMIN_EMAIL ?? "admin@xiaoxue.edu.cn",
password: process.env.VISUAL_ADMIN_PASSWORD ?? "123456",
},
teacher: {
email: process.env.VISUAL_TEACHER_EMAIL ?? "admin@xiaoxue.edu.cn",
password: process.env.VISUAL_TEACHER_PASSWORD ?? "123456",
},
student: {
email: process.env.VISUAL_STUDENT_EMAIL ?? "admin@xiaoxue.edu.cn",
password: process.env.VISUAL_STUDENT_PASSWORD ?? "123456",
},
}
/** 角色对应的 storageState 文件路径(相对项目根) */
export function storageStatePath(role: UserRole): string {
return `${STORAGE_STATE_DIR}/${role}.json`
}
/**
* 在页面上执行登录流程
*
* 走真实的 UI 登录流程,以便 next-auth cookie 写入浏览器上下文。
*/
export async function loginByUI(page: Page, role: UserRole): Promise<void> {
const { email, password } = TEST_ACCOUNTS[role]
await page.goto("/login")
await page.getByLabel("Email").fill(email)
await page.getByLabel("Password").fill(password)
await page.getByRole("button", { name: "Sign In with Email" }).click()
// 等待离开登录页
await page.waitForURL((url) => !url.pathname.startsWith("/login"), { timeout: 30000 })
}
/**
* 设置认证状态
*
* 若已存在该角色的 storageState 文件,则直接复用;
* 否则走 UI 登录流程并保存 storageState 以便后续复用。
*
* @param page Playwright Page 实例
* @param role 角色
*/
export async function setupAuthState(page: Page, role: UserRole): Promise<void> {
// Playwright 在 project 配置里通过 storageState 注入更高效,
// 这里提供运行时降级方案:直接走 UI 登录。
await loginByUI(page, role)
}

104
tests/visual/helpers/visual-helpers.ts Normal file
View File

@@ -0,0 +1,104 @@
/**
* 视觉测试通用辅助
*
* 提供视口切换、主题切换、页面就绪等待以及动态元素遮罩能力,
* 用于消除视觉快照中的误报。
*/
import type { Locator, Page } from "@playwright/test"
import { VIEWPORTS, type ThemeName, type ViewportSize } from "../visual.config"
/**
* 设置视口尺寸
* @param page Playwright Page 实例
* @param size 视口标识 desktop | tablet | mobile
*/
export async function setViewport(page: Page, size: ViewportSize): Promise<void> {
const viewport = VIEWPORTS[size]
await page.setViewportSize({ width: viewport.width, height: viewport.height })
}
/**
* 设置主题
*
* 项目使用 next-themes(attribute="class"),通过在 <html> 上切换 class 实现。
* 这里直接操作 localStorage 与 DOM,避免依赖主题切换 UI。
*
* @param page Playwright Page 实例
* @param theme 主题 light | dark
*/
export async function setTheme(page: Page, theme: ThemeName): Promise<void> {
// next-themes 默认将主题持久化在 localStorage 的 "theme" key
await page.addInitScript((themeValue) => {
try {
window.localStorage.setItem("theme", themeValue)
} catch {
// 忽略 localStorage 不可用的情况
}
}, theme)
// 若页面已加载,同步切换 DOM class
const htmlClass = await page.evaluate(() => document.documentElement.className)
const nextClass = theme === "dark" ? `${htmlClass} dark` : htmlClass.replace(/\bdark\b/g, "").trim()
await page.evaluate((cls) => {
document.documentElement.className = cls
}, nextClass)
}
/**
* 等待页面就绪
*
* 等待 networkidle、字体加载以及主内容渲染完成,
* 确保快照稳定。
*/
export async function waitForPageReady(page: Page): Promise<void> {
await page.waitForLoadState("networkidle")
// 等待字体加载完成,避免文字位移
await page.evaluate(() => document.fonts.ready)
// 给 React hydration 一点缓冲
await page.waitForTimeout(300)
}
/**
* 默认需要遮罩的动态元素选择器
* - 时间戳
* - 用户头像/用户名
* - 实时数据
*/
const DEFAULT_DYNAMIC_SELECTORS = [
"[data-testid='timestamp']",
"[data-testid='current-time']",
"[data-testid='user-avatar']",
"[data-testid='user-name']",
"time",
"[data-visual-dynamic]",
]
/**
* 遮罩动态元素
*
* 将指定选择器匹配的元素用纯色块覆盖,
* 避免时间戳、用户名等动态内容导致快照误报。
*
* @param page Playwright Page 实例
* @param selectors 额外需要遮罩的选择器(会与默认列表合并)
*/
export async function maskDynamicElements(page: Page, selectors: string[] = []): Promise<Locator[]> {
const allSelectors = [...new Set([...DEFAULT_DYNAMIC_SELECTORS, ...selectors])]
const masks: Locator[] = []
for (const selector of allSelectors) {
const locator = page.locator(selector)
const count = await locator.count()
if (count > 0) {
masks.push(locator)
}
}
return masks
}
/**
* 生成 toHaveScreenshot 的 mask 选项
*
* 配合 maskDynamicElements 使用,将动态元素从对比中遮罩。
*/
export function buildMaskOption(masks: Locator[]) {
return masks.length > 0 ? { mask: masks } : {}
}

29
tests/visual/homepage.spec.ts Normal file
View File

@@ -0,0 +1,29 @@
import { expect, test } from "@playwright/test"
import { setTheme, setViewport, waitForPageReady, maskDynamicElements, buildMaskOption } from "./helpers/visual-helpers"
import { SCREENSHOT_DEFAULT_OPTIONS, THEMES, VIEWPORT_LIST, snapshotName } from "./visual.config"
/**
* 首页(登录页)视觉回归测试
*
* 覆盖 desktop / tablet / mobile 三种视口,
* 以及 light / dark 两种主题。
* 快照命名: homepage-{viewport}-{theme}.png
*/
test.describe("Homepage visual regression", () => {
for (const viewport of VIEWPORT_LIST) {
for (const theme of THEMES) {
test(`homepage @ ${viewport} @ ${theme}`, async ({ page }) => {
await setViewport(page, viewport)
await setTheme(page, theme)
await page.goto("/login")
await waitForPageReady(page)
const masks = await maskDynamicElements(page)
await expect(page).toHaveScreenshot(snapshotName("homepage", viewport, theme), {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
}
}
})

67
tests/visual/student-dashboard.spec.ts Normal file
View File

@@ -0,0 +1,67 @@
import { expect, test } from "@playwright/test"
import { setupAuthState } from "./helpers/auth"
import { buildMaskOption, maskDynamicElements, setTheme, setViewport, waitForPageReady } from "./helpers/visual-helpers"
import { SCREENSHOT_DEFAULT_OPTIONS, THEMES, VIEWPORT_LIST, snapshotName } from "./visual.config"
/**
* 学生仪表盘视觉回归测试
*
* 登录后访问 /student/dashboard,在 desktop/tablet/mobile 三种视口
* 以及 light/dark 两种主题下进行整页快照,
* 并单独对关键组件做组件级快照。
*
* 需要数据库环境以完成登录流程;未配置 DATABASE_URL 时自动跳过。
*/
test.describe("Student dashboard visual regression", () => {
test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests")
for (const viewport of VIEWPORT_LIST) {
for (const theme of THEMES) {
test(`student-dashboard @ ${viewport} @ ${theme}`, async ({ page }) => {
await setViewport(page, viewport)
await setTheme(page, theme)
await setupAuthState(page, "student")
await page.goto("/student/dashboard")
await waitForPageReady(page)
const masks = await maskDynamicElements(page, ["[data-testid='grade-value']", "[data-testid='attendance-rate']", "[data-testid='assignment-item']"])
await expect(page).toHaveScreenshot(snapshotName("student-dashboard", viewport, theme), {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
}
}
test("student-dashboard sidebar component @ desktop @ light", async ({ page }) => {
test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests")
await setViewport(page, "desktop")
await setTheme(page, "light")
await setupAuthState(page, "student")
await page.goto("/student/dashboard")
await waitForPageReady(page)
const sidebar = page.locator("[data-testid='sidebar'], aside, nav").first()
const masks = await maskDynamicElements(page)
await expect(sidebar).toHaveScreenshot("student-dashboard-sidebar-desktop-light.png", {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
test("student-dashboard main content @ desktop @ light", async ({ page }) => {
test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests")
await setViewport(page, "desktop")
await setTheme(page, "light")
await setupAuthState(page, "student")
await page.goto("/student/dashboard")
await waitForPageReady(page)
const main = page.locator("main").first()
const masks = await maskDynamicElements(page, ["[data-testid='grade-value']", "[data-testid='attendance-rate']", "[data-testid='assignment-item']"])
await expect(main).toHaveScreenshot("student-dashboard-main-desktop-light.png", {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
})

67
tests/visual/teacher-dashboard.spec.ts Normal file
View File

@@ -0,0 +1,67 @@
import { expect, test } from "@playwright/test"
import { setupAuthState } from "./helpers/auth"
import { buildMaskOption, maskDynamicElements, setTheme, setViewport, waitForPageReady } from "./helpers/visual-helpers"
import { SCREENSHOT_DEFAULT_OPTIONS, THEMES, VIEWPORT_LIST, snapshotName } from "./visual.config"
/**
* 教师仪表盘视觉回归测试
*
* 登录后访问 /teacher/dashboard,在 desktop/tablet/mobile 三种视口
* 以及 light/dark 两种主题下进行整页快照,
* 并单独对关键组件做组件级快照。
*
* 需要数据库环境以完成登录流程;未配置 DATABASE_URL 时自动跳过。
*/
test.describe("Teacher dashboard visual regression", () => {
test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests")
for (const viewport of VIEWPORT_LIST) {
for (const theme of THEMES) {
test(`teacher-dashboard @ ${viewport} @ ${theme}`, async ({ page }) => {
await setViewport(page, viewport)
await setTheme(page, theme)
await setupAuthState(page, "teacher")
await page.goto("/teacher/dashboard")
await waitForPageReady(page)
const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']", "[data-testid='chart']", "[data-testid='schedule-item']"])
await expect(page).toHaveScreenshot(snapshotName("teacher-dashboard", viewport, theme), {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
}
}
test("teacher-dashboard sidebar component @ desktop @ light", async ({ page }) => {
test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests")
await setViewport(page, "desktop")
await setTheme(page, "light")
await setupAuthState(page, "teacher")
await page.goto("/teacher/dashboard")
await waitForPageReady(page)
const sidebar = page.locator("[data-testid='sidebar'], aside, nav").first()
const masks = await maskDynamicElements(page)
await expect(sidebar).toHaveScreenshot("teacher-dashboard-sidebar-desktop-light.png", {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
test("teacher-dashboard main content @ desktop @ light", async ({ page }) => {
test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests")
await setViewport(page, "desktop")
await setTheme(page, "light")
await setupAuthState(page, "teacher")
await page.goto("/teacher/dashboard")
await waitForPageReady(page)
const main = page.locator("main").first()
const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']", "[data-testid='chart']", "[data-testid='schedule-item']"])
await expect(main).toHaveScreenshot("teacher-dashboard-main-desktop-light.png", {
...SCREENSHOT_DEFAULT_OPTIONS,
...buildMaskOption(masks),
})
})
})

102
tests/visual/visual.config.ts Normal file
View File

@@ -0,0 +1,102 @@
/**
* 视觉回归测试配置
*
* 定义需要视觉测试的页面、视口尺寸、主题以及快照存储路径。
* 被 tests/visual 下的 spec 文件与 helpers 共享使用。
*/
/** 视口尺寸标识 */
export type ViewportSize = "desktop" | "tablet" | "mobile"
/** 主题标识 */
export type ThemeName = "light" | "dark"
/** 角色标识 */
export type UserRole = "admin" | "teacher" | "student"
/** 视口像素配置 */
export const VIEWPORTS: Record<ViewportSize, { width: number; height: number }> = {
desktop: { width: 1920, height: 1080 },
tablet: { width: 768, height: 1024 },
mobile: { width: 375, height: 812 },
}
/** 主题列表 */
export const THEMES: ThemeName[] = ["light", "dark"]
/** 视口列表 */
export const VIEWPORT_LIST: ViewportSize[] = ["desktop", "tablet", "mobile"]
/** 快照基线存储目录(相对项目根) */
export const SNAPSHOT_BASE_DIR = "tests/visual/__screenshots__"
/** storageState 存储目录(相对项目根) */
export const STORAGE_STATE_DIR = "tests/visual/.auth"
/** 角色对应的登录后仪表盘路由 */
export const DASHBOARD_ROUTES: Record<UserRole, string> = {
admin: "/admin/dashboard",
teacher: "/teacher/dashboard",
student: "/student/dashboard",
}
/** 视觉测试目标页面定义 */
export interface VisualPageTarget {
/** 页面名称,用于快照命名 */
name: string
/** 相对 baseURL 的路径 */
path: string
/** 是否需要登录 */
requiresAuth: boolean
/** 登录角色(requiresAuth=true 时必填) */
role?: UserRole
/** 页面描述 */
description: string
}
/** 需要进行视觉测试的页面清单 */
export const VISUAL_PAGES: VisualPageTarget[] = [
{
name: "homepage",
path: "/login",
requiresAuth: false,
description: "登录页",
},
{
name: "admin-dashboard",
path: "/admin/dashboard",
requiresAuth: true,
role: "admin",
description: "管理员仪表盘",
},
{
name: "teacher-dashboard",
path: "/teacher/dashboard",
requiresAuth: true,
role: "teacher",
description: "教师仪表盘",
},
{
name: "student-dashboard",
path: "/student/dashboard",
requiresAuth: true,
role: "student",
description: "学生仪表盘",
},
]
/** toHaveScreenshot 的默认选项 */
export const SCREENSHOT_DEFAULT_OPTIONS = {
maxDiffPixelRatio: 0.01,
animations: "disabled" as const,
caret: "hide" as const,
scale: "css" as const,
}
/**
* 生成快照文件名
* @example homepage-desktop-light.png
*/
export function snapshotName(pageName: string, viewport: ViewportSize, theme: ThemeName): string {
return `${pageName}-${viewport}-${theme}.png`
}