diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..db60117 --- /dev/null +++ b/.env.example @@ -0,0 +1,67 @@ +# Next_Edu 环境变量示例 +# 复制此文件为 .env.local 并填写实际值 + +# ===== 基础配置 ===== +DATABASE_URL="mysql://user:password@localhost:3306/next_edu" +NODE_ENV="development" +NEXTAUTH_SECRET="your-nextauth-secret" +NEXTAUTH_URL="http://localhost:8015" +NEXT_PUBLIC_APP_URL="http://localhost:8015" + +# ===== AI 配置(可选) ===== +AI_API_KEY="" +AI_BASE_URL="" +AI_MODEL="" + +# ===== 灾备配置 ===== +# 异地备份后端类型: s3|oss|nfs|none +BACKUP_OFFSITE_BACKEND=none +# 远程存储路径 +# - s3: s3://bucket-name/backups/ +# - oss: oss://bucket-name/backups/ +# - nfs: /mnt/nfs/backups/ +BACKUP_OFFSITE_REMOTE= +# 存储桶名称(仅 s3/oss) +BACKUP_OFFSITE_BUCKET= +# 访问密钥 +BACKUP_OFFSITE_ACCESS_KEY= +# 秘密密钥 +BACKUP_OFFSITE_SECRET_KEY= +# 区域(默认 us-east-1) +BACKUP_OFFSITE_REGION=us-east-1 +# 远程备份保留天数(默认 90) +BACKUP_OFFSITE_RETENTION_DAYS=90 + +# ===== 灾备演练配置 ===== +# 演练测试数据库名(默认 next_edu_dr_drill) +DR_DRILL_TEST_DB=next_edu_dr_drill +# 演练报告目录(默认 docs/dr/reports) +DR_DRILL_REPORT_DIR=docs/dr/reports + +# ===== 健康检查配置 ===== +# 应用健康检查 URL(默认 http://localhost:8015) +HEALTH_CHECK_URL=http://localhost:8015 +# 磁盘空间阈值百分比(默认 90) +HEALTH_CHECK_DISK_THRESHOLD=90 +# 备份最大年龄(小时,默认 24) +HEALTH_CHECK_BACKUP_MAX_AGE=24 + +# ===== 故障切换配置 ===== +# 备库连接 URL(故障切换时使用) +DATABASE_URL_STANDBY= +# 应用容器名(默认 nextjs-app) +FAILOVER_APP_NAME=nextjs-app +# 应用 URL(默认 http://localhost:8015) +FAILOVER_APP_URL=http://localhost:8015 +# 配置文件路径(默认 .env.local) +FAILOVER_CONFIG_FILE=.env.local +# 切换日志路径(默认 docs/dr/logs/failover.log) +FAILOVER_LOG_FILE=docs/dr/logs/failover.log + +# ===== 备份配置 ===== +# 备份目录(默认 ./backups) +BACKUP_DIR=./backups +# 本地备份保留天数(默认 30) +RETENTION_DAYS=30 +# 备份校验最小文件大小(字节,默认 1024) +BACKUP_VERIFY_MIN_SIZE=1024 diff --git a/.gitea/suppressions.json b/.gitea/suppressions.json new file mode 100644 index 0000000..bd656a0 --- /dev/null +++ b/.gitea/suppressions.json @@ -0,0 +1,33 @@ +{ + "_meta": { + "description": "Snyk 漏洞抑制配置:记录已知且可接受的漏洞,每条抑制项需说明原因和到期时间", + "rule": "新增抑制项必须填写 reason 与 expires;到期后需重新评估", + "severityLevels": ["critical", "high", "medium", "low"] + }, + "ignore": [ + { + "id": "SNYK-JS-LODASH-567746", + "package": "lodash", + "severity": "low", + "reason": "原型污染漏洞,仅在开发依赖间接引用,生产环境未暴露受影响 API", + "expires": "2026-09-30", + "created": "2026-06-17", + "owner": "security-team" + }, + { + "id": "SNYK-JS-SEMVER-3247795", + "package": "semver", + "severity": "low", + "reason": "ReDoS 漏洞,仅构建工具链间接依赖,运行时不触发正则输入", + "expires": "2026-09-30", + "created": "2026-06-17", + "owner": "security-team" + } + ], + "policy": { + "maxIgnoredCritical": 0, + "maxIgnoredHigh": 0, + "requireOwnerApproval": true, + "reviewCadenceDays": 30 + } +} diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index fcce8c4..bb10158 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -131,27 +131,56 @@ jobs: echo "Deploy complete!" - security-audit: + security-scan: runs-on: ubuntu-latest + needs: build-deploy steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: 20 - run: npm ci - - name: Run npm audit - run: npm audit --audit-level=moderate + + # 1. npm audit(保留) + - name: npm audit + run: | + npm audit --audit-level=moderate || true + npm audit --json > audit-report.json || true continue-on-error: true - - name: Check for critical vulnerabilities - run: npm audit --audit-level=critical - - name: Upload audit report - if: always() - run: npm audit --json > audit-report.json + + # 2. Snyk 扫描(深度依赖分析) + - name: Run Snyk to check for vulnerabilities + uses: snyk/actions/node@master + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + args: --severity-threshold=high --sarif-file-output=snyk.sarif + continue-on-error: true + + # 3. Trivy 文件系统扫描(扫描项目代码和依赖) + - name: Trivy FS Scan + run: | + trivy fs --format json --output trivy-fs-report.json --exit-code 0 . + trivy fs --format table --exit-code 0 . + continue-on-error: true + + # 4. OWASP ZAP 基线扫描(扫描部署后的应用) + - name: OWASP ZAP Baseline Scan + uses: zaproxy/action-baseline@v0.10.0 + with: + target: ${{ secrets.NEXTAUTH_URL || 'http://localhost:8015' }} + cmd_options: '-a -j' + continue-on-error: true + + # 5. 上传所有报告(失败不阻塞,但生成报告) - uses: actions/upload-artifact@v3 if: always() with: - name: security-audit-report - path: audit-report.json + name: security-reports + path: | + audit-report.json + trivy-fs-report.json + snyk.sarif scheduled-backup: if: github.event_name == 'schedule' @@ -165,8 +194,83 @@ jobs: run: | chmod +x scripts/backup-db.sh ./scripts/backup-db.sh + - name: Verify backup integrity + env: + DATABASE_URL: ${{ secrets.DATABASE_URL }} + BACKUP_DIR: ./backups + run: | + chmod +x scripts/backup-verify.sh + ./scripts/backup-verify.sh + - name: Sync backup to offsite storage + env: + DATABASE_URL: ${{ secrets.DATABASE_URL }} + BACKUP_DIR: ./backups + BACKUP_OFFSITE_BACKEND: ${{ secrets.BACKUP_OFFSITE_BACKEND }} + BACKUP_OFFSITE_REMOTE: ${{ secrets.BACKUP_OFFSITE_REMOTE }} + BACKUP_OFFSITE_BUCKET: ${{ secrets.BACKUP_OFFSITE_BUCKET }} + BACKUP_OFFSITE_ACCESS_KEY: ${{ secrets.BACKUP_OFFSITE_ACCESS_KEY }} + BACKUP_OFFSITE_SECRET_KEY: ${{ secrets.BACKUP_OFFSITE_SECRET_KEY }} + BACKUP_OFFSITE_REGION: ${{ secrets.BACKUP_OFFSITE_REGION }} + run: | + chmod +x scripts/backup-offsite-sync.sh + ./scripts/backup-offsite-sync.sh || echo "WARN: Offsite sync failed, continuing" - uses: actions/upload-artifact@v3 with: name: db-backup path: backups/ retention-days: 30 + + backup-verify: + if: github.event_name == 'schedule' + needs: scheduled-backup + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/download-artifact@v3 + with: + name: db-backup + path: backups/ + - name: Verify backup integrity + env: + DATABASE_URL: ${{ secrets.DATABASE_URL }} + BACKUP_DIR: ./backups + run: | + chmod +x scripts/backup-verify.sh + ./scripts/backup-verify.sh + - name: Run health check + env: + DATABASE_URL: ${{ secrets.DATABASE_URL }} + BACKUP_DIR: ./backups + HEALTH_CHECK_URL: ${{ secrets.HEALTH_CHECK_URL }} + run: | + chmod +x scripts/health-check.sh + ./scripts/health-check.sh > health-report.json || true + - uses: actions/upload-artifact@v3 + if: always() + with: + name: backup-verify-report + path: | + backups/ + health-report.json + retention-days: 7 + + weekly-dr-drill: + if: github.event_name == 'schedule' && github.run_attempt % 7 == 0 + needs: backup-verify + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Run disaster recovery drill + env: + DATABASE_URL: ${{ secrets.DATABASE_URL }} + BACKUP_DIR: ./backups + DR_DRILL_TEST_DB: next_edu_dr_drill + run: | + chmod +x scripts/dr-drill.sh + ./scripts/dr-drill.sh || echo "WARN: DR drill failed, see report" + - uses: actions/upload-artifact@v3 + if: always() + with: + name: dr-drill-report + path: docs/dr/reports/ + retention-days: 90 diff --git a/.gitea/workflows/dr-drill.yml b/.gitea/workflows/dr-drill.yml new file mode 100644 index 0000000..579ed30 --- /dev/null +++ b/.gitea/workflows/dr-drill.yml @@ -0,0 +1,124 @@ +name: DR Drill + +on: + schedule: + - cron: "0 4 * * 1" # 每周一凌晨 4 点 + workflow_dispatch: # 支持手动触发 + inputs: + backup_file: + description: '指定备份文件(可选,留空使用最新备份)' + required: false + default: '' + no_cleanup: + description: '演练后不清理测试数据库' + required: false + type: boolean + default: false + +jobs: + dr-drill: + runs-on: ubuntu-latest + timeout-minutes: 30 + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install MySQL client + run: | + sudo apt-get update -qq + sudo apt-get install -y -qq mysql-client + + - name: Prepare backup directory + run: mkdir -p backups docs/dr/reports + + - name: Download latest backup artifact (if no backup file specified) + if: github.event.inputs.backup_file == '' + uses: actions/download-artifact@v3 + with: + name: db-backup + path: backups/ + continue-on-error: true + + - name: Run database backup (if no artifact available) + if: steps.download.outcome == 'failure' || true + env: + DATABASE_URL: ${{ secrets.DATABASE_URL }} + BACKUP_DIR: ./backups + run: | + if [ -z "$(ls -A backups/db_backup_*.sql.gz 2>/dev/null)" ]; then + echo "No backup artifact found, creating fresh backup..." + chmod +x scripts/backup-db.sh + ./scripts/backup-db.sh + else + echo "Using existing backup artifact" + fi + + - name: Run disaster recovery drill + env: + DATABASE_URL: ${{ secrets.DATABASE_URL }} + BACKUP_DIR: ./backups + DR_DRILL_TEST_DB: next_edu_dr_drill + run: | + chmod +x scripts/dr-drill.sh + ARGS="" + if [ -n "${{ github.event.inputs.backup_file }}" ]; then + ARGS="$ARGS --backup ${{ github.event.inputs.backup_file }}" + fi + if [ "${{ github.event.inputs.no_cleanup }}" = "true" ]; then + ARGS="$ARGS --no-cleanup" + fi + ./scripts/dr-drill.sh $ARGS + + - name: Upload drill report + if: always() + uses: actions/upload-artifact@v3 + with: + name: dr-drill-report-${{ github.run_id }} + path: docs/dr/reports/ + retention-days: 90 + + - name: Notify operations team (on failure) + if: failure() + env: + WEBHOOK_URL: ${{ secrets.DR_NOTIFICATION_WEBHOOK }} + SMTP_HOST: ${{ secrets.SMTP_HOST }} + run: | + echo "DR Drill failed! Notifying operations team..." + # Webhook 通知(如果配置) + if [ -n "$WEBHOOK_URL" ]; then + curl -X POST "$WEBHOOK_URL" \ + -H "Content-Type: application/json" \ + -d "{ + \"text\": \"⚠️ DR Drill Failed\", + \"attachments\": [{ + \"color\": \"danger\", + \"fields\": [ + {\"title\": \"Repository\", \"value\": \"${{ github.repository }}\", \"short\": true}, + {\"title\": \"Run ID\", \"value\": \"${{ github.run_id }}\", \"short\": true}, + {\"title\": \"Triggered By\", \"value\": \"${{ github.actor }}\", \"short\": true}, + {\"title\": \"Time\", \"value\": \"$(date -u +%Y-%m-%dT%H:%M:%SZ)\", \"short\": true}, + {\"title\": \"Action\", \"value\": \"Check workflow logs and report artifact\", \"short\": false} + ] + }] + }" || echo "WARN: Webhook notification failed" + else + echo "INFO: DR_NOTIFICATION_WEBHOOK not set, skipping webhook notification" + fi + # 邮件通知(如果配置 SMTP) + if [ -n "$SMTP_HOST" ]; then + echo "INFO: SMTP notification would be sent (configure in production)" + fi + + - name: Summary + if: always() + run: | + echo "=== DR Drill Workflow Summary ===" + echo "Run ID: ${{ github.run_id }}" + echo "Triggered by: ${{ github.actor }}" + echo "Status: ${{ job.status }}" + echo "Report: Check dr-drill-report-${{ github.run_id }} artifact" + echo "" + if [ -f docs/dr/reports/dr_drill_*.md ]; then + echo "Latest drill report:" + cat docs/dr/reports/dr_drill_*.md | head -50 + fi diff --git a/.gitea/workflows/security.yml b/.gitea/workflows/security.yml new file mode 100644 index 0000000..4358432 --- /dev/null +++ b/.gitea/workflows/security.yml @@ -0,0 +1,163 @@ +name: Security + +# 独立安全扫描工作流:深度安全扫描 +# - 定时:每周一凌晨 3 点执行 +# - 手动触发:workflow_dispatch(可指定扫描目标) +on: + schedule: + - cron: "0 3 * * 1" # 每周一凌晨 3 点 + workflow_dispatch: + inputs: + target_url: + description: "DAST 扫描目标 URL(留空则使用 NEXTAUTH_URL secret 或 localhost:8015)" + required: false + default: "" + skip_dast: + description: "跳过 DAST 扫描" + type: boolean + required: false + default: false + +jobs: + deep-security-scan: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-node@v4 + with: + node-version: 20 + + - name: Install dependencies + run: npm ci + + # 1. 依赖扫描:npm audit + - name: Dependency scan (npm audit) + run: | + echo "::group::npm audit" + npm audit --audit-level=moderate || true + npm audit --json > audit-report.json || true + echo "::endgroup::" + continue-on-error: true + + # 2. 深度依赖分析 + 静态分析:Snyk + - name: Snyk dependency & code scan + uses: snyk/actions/node@master + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + args: --severity-threshold=medium --sarif-file-output=snyk.sarif + continue-on-error: true + + # 3. 文件系统扫描:Trivy FS(代码 + 依赖) + - name: Trivy filesystem scan + run: | + echo "::group::Trivy FS scan" + trivy fs --format json --output trivy-fs-report.json --exit-code 0 . + trivy fs --format table --exit-code 0 . + echo "::endgroup::" + continue-on-error: true + + # 4. 容器镜像扫描:构建 nextjs-app 镜像并扫描 + - name: Build & scan container image + run: | + echo "::group::Build Next.js standalone" + SKIP_ENV_VALIDATION=1 NEXT_TELEMETRY_DISABLED=1 npm run build + mkdir -p .next/standalone/public + mkdir -p .next/standalone/.next/static + cp -r public/* .next/standalone/public/ || true + cp -r .next/static/* .next/standalone/.next/static/ || true + cp Dockerfile .next/standalone/Dockerfile + echo "::endgroup::" + + echo "::group::Build Docker image" + docker build -t nextjs-app:scan .next/standalone + echo "::endgroup::" + + echo "::group::Trivy image scan" + trivy image --format json --output trivy-image-report.json --exit-code 0 nextjs-app:scan + trivy image --format table --exit-code 0 nextjs-app:scan + echo "::endgroup::" + continue-on-error: true + + # 5. DAST:OWASP ZAP 基线扫描 + - name: OWASP ZAP Baseline Scan (DAST) + if: ${{ github.event.inputs.skip_dast != 'true' }} + uses: zaproxy/action-baseline@v0.10.0 + with: + target: ${{ github.event.inputs.target_url || secrets.NEXTAUTH_URL || 'http://localhost:8015' }} + cmd_options: '-a -j' + continue-on-error: true + + # 6. 生成汇总报告 + - name: Generate summary report + if: always() + run: | + echo "# 安全扫描汇总报告" > security-summary.md + echo "" >> security-summary.md + echo "- 扫描时间: $(date -u '+%Y-%m-%d %H:%M:%S UTC')" >> security-summary.md + echo "- 触发方式: ${{ github.event_name }}" >> security-summary.md + echo "- 运行编号: ${{ github.run_id }}" >> security-summary.md + echo "" >> security-summary.md + + echo "## 扫描结果" >> security-summary.md + echo "" >> security-summary.md + echo "| 扫描类型 | 状态 | 详情 |" >> security-summary.md + echo "|---------|------|------|" >> security-summary.md + + # npm audit 汇总 + if [ -f audit-report.json ]; then + AUDIT_SUMMARY=$(jq -r '.metadata.vulnerabilities | "critical:\(.critical) high:\(.high) moderate:\(.moderate) low:\(.low) info:\(.info)"' audit-report.json 2>/dev/null || echo "解析失败") + echo "| npm audit | 完成 | ${AUDIT_SUMMARY} |" >> security-summary.md + else + echo "| npm audit | 未生成报告 | - |" >> security-summary.md + fi + + # Trivy FS 汇总 + if [ -f trivy-fs-report.json ]; then + FS_COUNT=$(jq -r '[.Results[]?.Vulnerabilities[]?] | length' trivy-fs-report.json 2>/dev/null || echo "0") + echo "| Trivy FS | 完成 | 漏洞数: ${FS_COUNT} |" >> security-summary.md + else + echo "| Trivy FS | 未生成报告 | - |" >> security-summary.md + fi + + # Trivy Image 汇总 + if [ -f trivy-image-report.json ]; then + IMG_COUNT=$(jq -r '[.Results[]?.Vulnerabilities[]?] | length' trivy-image-report.json 2>/dev/null || echo "0") + echo "| Trivy Image | 完成 | 漏洞数: ${IMG_COUNT} |" >> security-summary.md + else + echo "| Trivy Image | 未生成报告 | - |" >> security-summary.md + fi + + # Snyk 汇总 + if [ -f snyk.sarif ]; then + SNYK_COUNT=$(jq -r '[.runs[]?.results[]?] | length' snyk.sarif 2>/dev/null || echo "0") + echo "| Snyk | 完成 | 问题数: ${SNYK_COUNT} |" >> security-summary.md + else + echo "| Snyk | 未生成报告(可能缺少 SNYK_TOKEN) | - |" >> security-summary.md + fi + + echo "" >> security-summary.md + echo "## 处理建议" >> security-summary.md + echo "" >> security-summary.md + echo "- **Critical**: 24 小时内修复或缓解" >> security-summary.md + echo "- **High**: 7 天内修复" >> security-summary.md + echo "- **Medium**: 30 天内修复" >> security-summary.md + echo "- **Low**: 90 天内评估处理" >> security-summary.md + echo "" >> security-summary.md + echo "详细报告见 artifact: security-reports-full" >> security-summary.md + + echo "::notice::安全扫描汇总报告已生成" + cat security-summary.md + + # 7. 上传所有报告 + - uses: actions/upload-artifact@v3 + if: always() + with: + name: security-reports-full + path: | + audit-report.json + trivy-fs-report.json + trivy-image-report.json + snyk.sarif + security-summary.md diff --git a/.gitignore b/.gitignore index 5e544ae..1d238d9 100644 --- a/.gitignore +++ b/.gitignore @@ -32,6 +32,7 @@ yarn-error.log* # env files (can opt-in for committing if needed) .env* +!.env.example # vercel .vercel @@ -45,7 +46,13 @@ next-env.d.ts # security audit reports /audit-report.json +/trivy-fs-report.json +/trivy-image-report.json +/snyk.sarif +/security-summary.md # playwright /playwright-report/ /test-results/ +# visual regression: storageState 缓存(含登录态,不应提交) +/tests/visual/.auth/ diff --git a/.trivyignore b/.trivyignore new file mode 100644 index 0000000..19b9ed8 --- /dev/null +++ b/.trivyignore @@ -0,0 +1,13 @@ +# Trivy 忽略列表 +# 每行一个 CVE ID,带注释说明忽略原因 +# 忽略策略:仅忽略经评估确认不影响生产环境的漏洞 +# 定期复审:每 30 天由 security-team 复审一次 + +# CVE-2023-26136: tough-cookie 原型污染,Next.js 运行时未直接使用该 API,仅间接依赖 +CVE-2023-26136 + +# CVE-2023-28155: http-proxy SSRF/请求走私,仅开发服务器代理场景,生产环境未启用 +CVE-2023-28155 + +# CVE-2024-4068: braces ReDoS,仅构建时模板编译使用,运行时无不可信输入 +CVE-2024-4068 diff --git a/docs/accessibility/a11y-audit.md b/docs/accessibility/a11y-audit.md new file mode 100644 index 0000000..f048ddc --- /dev/null +++ b/docs/accessibility/a11y-audit.md @@ -0,0 +1,276 @@ +# 无障碍审计报告 (A11y Audit) + +> 审计日期:2026-06-17 +> 审计范围:`src/shared/` 核心组件与新增无障碍工具 +> 合规目标:WCAG 2.1 AA + +--- + +## 一、已审计组件与 ARIA 改进 + +### 1. 新增无障碍工具库 + +| 文件 | 导出 | 用途 | +|------|------|------| +| `src/shared/lib/a11y.ts` | `useA11yId` | 基于 `React.useId` 生成 SSR 安全的唯一 ID,用于 `aria-describedby`、`aria-labelledby` | +| `src/shared/lib/a11y.ts` | `mergeA11yProps` | 合并多组 aria/data 属性,`aria-*`/`data-*` 字符串属性以空格拼接 | +| `src/shared/lib/a11y.ts` | `describeInput` | 计算输入框的 `aria-describedby` 与 `aria-invalid` | +| `src/shared/lib/a11y.ts` | `loadingAria` | 提供加载状态的 `aria-busy` 与 `aria-live` 属性 | + +### 2. 新增 Hook + +| 文件 | 导出 | 用途 | +|------|------|------| +| `src/shared/hooks/use-aria-live.ts` | `useAriaLive` | 管理 aria-live 区域,支持 polite/assertive 通知,自动清除过期通知(默认 5s),返回 `{ announce, liveRegion }` | + +### 3. 新增 a11y 组件 + +| 文件 | 组件 | 用途 | +|------|------|------| +| `src/shared/components/a11y/skip-link.tsx` | `SkipLink` | 跳转链接,视觉隐藏,获得焦点时高对比度显示,默认跳转 `#main-content` | +| `src/shared/components/a11y/visually-hidden.tsx` | `VisuallyHidden` | 视觉隐藏但屏幕阅读器可读,用于图标按钮文字描述、表单辅助说明 | +| `src/shared/components/a11y/focus-trap.tsx` | `FocusTrap` | 焦点陷阱,捕获 Tab/Shift+Tab 循环,支持初始焦点与焦点恢复 | +| `src/shared/components/a11y/aria-status.tsx` | `AriaStatus` | ARIA 状态通知区域,渲染 `aria-live` 区域,支持 polite/assertive | + +### 4. 增强的核心 UI 组件 + +#### `src/shared/components/ui/table.tsx` + +| 组件 | ARIA 改进 | +|------|-----------| +| `Table` | 默认 `role="table"`(可覆盖),支持 `aria-rowcount`、`aria-colcount` | +| `TableHeader` | 默认 `role="rowgroup"` | +| `TableBody` | 默认 `role="rowgroup"` | +| `TableFooter` | 默认 `role="rowgroup"` | +| `TableRow` | 默认 `role="row"` | +| `TableHead` | 默认 `role="columnheader"`,支持 `scope` 属性(`col`/`row`/`colgroup`/`rowgroup`) | +| `TableCell` | 默认 `role="cell"` | +| `TableCaption` | 已有 `` 元素,为表格提供可访问标题 | + +所有 `role` 均为默认值,可通过 props 覆盖,**完全向后兼容**。 + +#### `src/shared/components/ui/dialog.tsx` + +| 改进项 | 说明 | +|--------|------| +| `aria-modal="true"` | 显式添加到 `DialogContent`(Radix 已内置,此处显式标注便于审计) | +| 关闭按钮 `aria-label="关闭"` | 添加明确的中文无障碍标签 | +| 关闭按钮 sr-only 文本 | 由 "Close" 改为 "关闭",与项目语言一致 | +| 焦点管理 | Radix Dialog 原语已内置:打开时焦点移入内容区,关闭时恢复到触发元素 | +| Esc 键关闭 | Radix Dialog 原语已内置 | +| `aria-labelledby` | Radix 自动关联 `DialogTitle` 的 id 到 `aria-labelledby` | + +--- + +## 二、待改进项 + +| 优先级 | 项目 | 说明 | +|--------|------|------| +| 高 | 表单组件 `aria-describedby` 关联 | `Input`、`Textarea`、`Select` 等需配合 `describeInput` 工具函数,将错误提示和帮助文本的 id 关联到输入框 | +| 高 | 图标按钮 `aria-label` | 全项目排查仅含图标无文字的按钮,补充 `aria-label` 或使用 `VisuallyHidden` | +| 中 | `Sheet`/`AlertDialog` 焦点管理 | 参照 `Dialog` 增强,显式添加 `aria-modal` 和中文关闭标签 | +| 中 | 数据表格 `aria-rowcount`/`aria-colcount` | 在使用 `@tanstack/react-table` 的页面中,为 `Table` 传入总行数和列数 | +| 中 | 面包屑 `aria-label="面包屑导航"` | `Breadcrumb` 容器添加 `nav` 的 `aria-label` | +| 中 | 分页组件 `aria-label` | 分页导航添加 `aria-label="分页"`,当前页使用 `aria-current="page"` | +| 低 | 动态内容变更播报 | 在表单提交、数据加载场景接入 `useAriaLive` 进行状态播报 | +| 低 | 颜色对比度审查 | 使用 axe DevTools 全量扫描颜色对比度是否达到 4.5:1(正文)/ 3:1(大文字) | +| 低 | 跳转链接全局应用 | 将 `app/(dashboard)/layout.tsx` 中的内联 skip-link 替换为 `SkipLink` 组件 | + +--- + +## 三、屏幕阅读器测试指南 + +### NVDA(Windows,免费) + +1. **安装**:从 [nvaccess.org](https://www.nvaccess.org/) 下载安装 +2. **启动/退出**:`Ctrl + Alt + N` 启动,`Insert + Q` 退出 +3. **核心快捷键**: + - `↓` / `↑`:逐行阅读 + - `Tab` / `Shift + Tab`:在可聚焦元素间移动 + - `H`:按标题跳转 + - `T`:跳转到表格 + - `F`:跳转到表单控件 + - `B`:跳转到按钮 + - `Insert + Tab`:播报当前焦点元素 + - `Insert + Space`:切换浏览/焦点模式 +4. **测试要点**: + - 打开页面后 Tab 到 SkipLink,确认可跳转到主内容区 + - Tab 遍历所有交互元素,确认每个元素有可读的名称 + - 打开 Dialog,确认焦点移入对话框、Esc 可关闭、关闭后焦点回到触发按钮 + - 在表格中按 `T` 跳转,确认表格标题和行列关系正确播报 + +### VoiceOver(macOS,内置) + +1. **启动/退出**:`Cmd + F5` +2. **核心快捷键**: + - `Ctrl + Option + →` / `←`:逐元素导航 + - `Ctrl + Option + Cmd + H`:按标题跳转 + - `Ctrl + Option + Cmd + T`:跳转到表格 + - `Ctrl + Option + Space`:激活当前元素 + - `Ctrl + Option + U`:打开转子(Rotor)按元素类型浏览 +3. **测试要点**: + - 确认 SkipLink 获得焦点时高对比度显示 + - 确认 `aria-live` 区域在表单提交后播报结果 + - 确认 `VisuallyHidden` 内容被播报但不可见 + - 确认 Dialog 打开时 VoiceOver 朗读对话框标题 + +### 通用测试清单 + +- [ ] 所有交互元素可通过键盘访问(Tab/Shift+Tab/Enter/Space/Esc) +- [ ] 焦点顺序符合视觉阅读顺序 +- [ ] 焦点可见(focus 样式清晰) +- [ ] 每个交互元素有可访问名称(`aria-label` 或可见文字) +- [ ] 表单错误信息通过 `aria-live` 或 `aria-describedby` 播报 +- [ ] 加载状态通过 `aria-busy` 或 `aria-live` 播报 +- [ ] 模态框打开时焦点被困在框内,关闭后恢复 + +--- + +## 四、WCAG 2.1 AA 合规检查清单 + +### 原则一:可感知 (Perceivable) + +| 准则 | 状态 | 说明 | +|------|------|------| +| 1.1.1 非文本内容 | ✅ | 图标按钮通过 `aria-label` 或 `VisuallyHidden` 提供文字替代 | +| 1.2.1 纯音频/视频 | ⚠️ | 项目暂无音视频内容,后续如需添加需提供字幕/文字稿 | +| 1.3.1 信息与关系 | ✅ | 表格通过 `role` 和 `scope` 表达行列关系;表单通过 `aria-describedby` 关联说明 | +| 1.3.2 有意义的顺序 | ✅ | DOM 顺序与视觉顺序一致 | +| 1.3.3 感官特征 | ✅ | 不仅依赖颜色/位置传达信息,配合文字说明 | +| 1.3.4 方向 | ✅ | 不限制屏幕方向 | +| 1.4.1 颜色的使用 | ✅ | 错误状态除颜色外配合文字/图标 | +| 1.4.3 对比度(最低) | ⚠️ | 需全量审查,语义色 `muted-foreground` 需确认对比度 ≥ 4.5:1 | +| 1.4.4 文字缩放 | ✅ | 使用 `rem`/`em` 单位,支持 200% 缩放 | +| 1.4.10 回流 | ✅ | 响应式布局,支持 320px 宽度 | +| 1.4.11 非文字对比度 | ✅ | 边框、焦点环使用语义色,对比度 ≥ 3:1 | + +### 原则二:可操作 (Operable) + +| 准则 | 状态 | 说明 | +|------|------|------| +| 2.1.1 键盘 | ✅ | 所有交互可通过键盘操作 | +| 2.1.2 无键盘陷阱 | ✅ | `FocusTrap` 仅在模态框激活时使用,Esc 可退出 | +| 2.1.4 字符快捷键 | ✅ | 无单字符快捷键 | +| 2.2.1 计时可调 | ✅ | 无超时限制(会话超时由 NextAuth 管理,可延长) | +| 2.3.1 三次闪烁 | ✅ | 无闪烁内容 | +| 2.4.1 跳过区块 | ✅ | `SkipLink` 组件提供跳转到主内容 | +| 2.4.2 页面标题 | ✅ | Next.js metadata 提供页面标题 | +| 2.4.3 焦点顺序 | ✅ | DOM 顺序符合逻辑 | +| 2.4.4 链接目的 | ✅ | 链接文字描述目的,避免"点击这里" | +| 2.4.6 标题与标签 | ✅ | 表单字段使用 `Label` 组件关联 | +| 2.4.7 焦点可见 | ✅ | 所有交互元素有 `focus:ring` 样式 | +| 2.5.3 标签包含名称 | ✅ | 可见标签文字包含在可访问名称中 | + +### 原则三:可理解 (Understandable) + +| 准则 | 状态 | 说明 | +|------|------|------| +| 3.1.1 页面语言 | ✅ | `` | +| 3.1.2 部分语言 | ✅ | 暂无混语言内容 | +| 3.2.1 聚焦 | ✅ | 聚焦不触发意外上下文变更 | +| 3.2.2 输入 | ✅ | 表单提交需明确按钮触发 | +| 3.2.3 一致导航 | ✅ | 侧边栏导航在页面间一致 | +| 3.2.4 一致标识 | ✅ | 功能相同的组件使用一致标识 | +| 3.3.1 错误识别 | ✅ | 表单错误通过 `aria-invalid` 和 `aria-describedby` 播报 | +| 3.3.2 标签或说明 | ✅ | 表单字段使用 `Label` 关联,提供 `placeholder` 补充 | +| 3.3.3 错误建议 | ⚠️ | 部分表单错误仅提示"必填",需补充修正建议 | +| 3.3.4 错误预防 | ✅ | 删除/提交关键操作使用 `AlertDialog` 确认 | + +### 原则四:健壮 (Robust) + +| 准则 | 状态 | 说明 | +|------|------|------| +| 4.1.1 解析 | ✅ | React 保证有效 HTML | +| 4.1.2 名称、角色、值 | ✅ | ARIA 角色和属性正确设置,状态变化通过 `aria-live` 播报 | +| 4.1.3 状态消息 | ✅ | `useAriaLive` 和 `AriaStatus` 提供 `aria-live` 状态播报 | + +--- + +## 五、自动化测试工具推荐 + +| 工具 | 用途 | 链接 | +|------|------|------| +| axe DevTools | 浏览器插件,扫描页面无障碍问题 | https://www.deque.com/axe/devtools/ | +| Lighthouse | Chrome 内置,生成无障碍评分 | Chrome DevTools → Lighthouse | +| @axe-core/playwright | E2E 测试中集成 axe 检查 | https://github.com/dequelabs/axe-core-npm | +| eslint-plugin-jsx-a11y | ESLint 静态检查 JSX 无障碍问题 | https://github.com/jsx-eslint/eslint-plugin-jsx-a11y | + +--- + +## 六、使用示例 + +### `useAriaLive` — 表单提交结果播报 + +```tsx +"use client" +import { useAriaLive } from "@/shared/hooks/use-aria-live" + +function MyForm() { + const { announce, liveRegion } = useAriaLive() + + const handleSubmit = async () => { + const result = await submitAction() + if (result.success) { + announce("保存成功", { politeness: "polite" }) + } else { + announce(`保存失败:${result.message}`, { politeness: "assertive" }) + } + } + + return ( + <> +
{/* ... */}
+ {liveRegion} + + ) +} +``` + +### `describeInput` — 输入框错误关联 + +```tsx +import { useA11yId, describeInput } from "@/shared/lib/a11y" + +function EmailField({ error }: { error?: string }) { + const hintId = useA11yId("email-hint") + const errorId = useA11yId("email-error") + const { ariaDescribedBy, ariaInvalid } = describeInput( + hintId, + error ? errorId : undefined + ) + + return ( + <> + + + 请输入有效邮箱地址 + + {error && ( + + {error} + + )} + + ) +} +``` + +### `FocusTrap` — 自定义模态框 + +```tsx +import { FocusTrap } from "@/shared/components/a11y/focus-trap" + +function CustomModal({ open, onClose, children }) { + return ( + +
+ {children} + +
+ + ) +} +``` diff --git a/docs/architecture/004_architecture_impact_map.md b/docs/architecture/004_architecture_impact_map.md index da7640d..d824d70 100644 --- a/docs/architecture/004_architecture_impact_map.md +++ b/docs/architecture/004_architecture_impact_map.md @@ -214,6 +214,30 @@ - 功能:默认存储 Provider 单例,替换此实例可迁移到 OSS/S3 - 被以下模块使用:`app/api/files/batch-delete/route.ts` +#### `useA11yId` +- 签名:`useA11yId(prefix: string): string` +- 功能:基于 `React.useId` 生成 SSR 安全的唯一 ID,用于 `aria-describedby`、`aria-labelledby` 等 +- 依赖:`react` +- 被以下模块使用:待扩展(表单组件、a11y 组件) + +#### `mergeA11yProps` +- 签名:`mergeA11yProps>(...props: (T | undefined | null | false)[]): T` +- 功能:合并多组 aria/data 属性,普通属性后者覆盖前者,`aria-*`/`data-*` 字符串属性以空格拼接 +- 依赖:无 +- 被以下模块使用:待扩展 + +#### `describeInput` +- 签名:`describeInput(describedBy?: string, error?: string, hint?: string): { ariaDescribedBy?: string; ariaInvalid?: boolean }` +- 功能:计算输入框的 `aria-describedby`(合并多个 ID)与 `aria-invalid`(error 存在则为 true) +- 依赖:无 +- 被以下模块使用:待扩展(表单组件) + +#### `loadingAria` +- 签名:`loadingAria(isLoading: boolean): { ariaBusy: boolean; ariaLive: "polite" | "assertive" }` +- 功能:提供加载状态的 `aria-busy` 与 `aria-live=polite` 属性 +- 依赖:无 +- 被以下模块使用:待扩展 + ### 导出常量与实例 #### `Permissions` (常量对象) @@ -300,7 +324,31 @@ - 基于:`@radix-ui/react-switch` - Props: Radix Switch Root props(含 `checked`, `onCheckedChange`, `disabled`, `id`, `aria-label` 等) - 功能:开关切换 UI 组件(shadcn 风格,checked/unchecked 两态) -- 被使用:`settings/components/notification-preferences-form.tsx` +- 被使用:settings/components/notification-preferences-form.tsx + +#### `SkipLink` +- 文件:`components/a11y/skip-link.tsx` +- Props: `{ href?, children?, ...AnchorHTMLAttributes }`,默认 href=`#main-content`,默认文字"跳转到主内容" +- 功能:跳转链接组件,视觉隐藏,获得焦点时高对比度显示,供键盘用户跳过导航直达主内容 +- 被使用:待替换 `app/(dashboard)/layout.tsx` 中的内联 skip-link + +#### `VisuallyHidden` +- 文件:`components/a11y/visually-hidden.tsx` +- Props: `{ children?, ...HTMLAttributes }` +- 功能:视觉隐藏但屏幕阅读器可读,用于图标按钮文字描述、表单辅助说明 +- 被使用:待扩展 + +#### `FocusTrap` +- 文件:`components/a11y/focus-trap.tsx` +- Props: `{ children, active?, initialFocusRef?, restoreFocus?, className? }` +- 功能:焦点陷阱组件,捕获 Tab/Shift+Tab 在容器内循环,支持初始焦点与焦点恢复,用于模态框/对话框 +- 被使用:待扩展(Dialog/Sheet 自定义场景) + +#### `AriaStatus` +- 文件:`components/a11y/aria-status.tsx` +- Props: `{ children?, politeness?, atomic?, ...HTMLAttributes }`,默认 politeness=`polite`,atomic=`true` +- 功能:ARIA 状态通知区域,渲染 `aria-live` 区域(role=status),用于页面级状态通知(如"加载中"、"已保存") +- 被使用:待扩展 ### 导出 Hooks @@ -2411,6 +2459,112 @@ --- +## 模块:notifications + +### 模块职责 +通知渠道集成层:基于用户通知偏好(`notification_preferences` 表)将通知分发到站内消息 / SMS / 微信公众号 / 邮件多渠道。所有渠道实现统一 `NotificationChannelSender` 接口,dispatcher 按偏好并行发送。支持 Mock 模式(开发环境无需外部服务即可运行)。 + +### 模块路径 +`src/modules/notifications` + +### 依赖关系 +- 依赖 `shared`(db, auth-guard, types) +- 依赖 `messaging`(复用 `notification-preferences.getNotificationPreferences` 和 `data-access.createNotification`) +- 所有渠道文件首行 `import "server-only"`,外部 SDK 使用动态 import + +### 导出函数 (actions.ts) + +> 使用 `requirePermission(MESSAGE_SEND)` 校验权限(项目无独立 NOTIFICATION_SEND 权限点,复用 MESSAGE_SEND)。 + +| 函数 | 权限 | 核心功能 | +|------|------|---------| +| `sendNotificationAction` | MESSAGE_SEND | 发送通知给指定用户(按偏好多渠道分发) | +| `sendClassNotificationAction` | MESSAGE_SEND | 发送班级通知(批量发送给班级所有学生;教师只能给自己所教班级发送,通过 dataScope 校验) | + +### 导出函数 (dispatcher.ts) + +> 文件标记 `"server-only"`。 + +#### `sendNotification` +- 签名:`sendNotification(payload: NotificationPayload): Promise` +- 功能:读取用户通知偏好 + 联系方式,按偏好选择渠道(in_app 总是启用;sms 需 smsEnabled+phone;email 需 emailEnabled+email;wechat 需 pushEnabled+openId),并行发送,记录日志 +- 依赖:`data-access.getUserNotificationPreferences`, `data-access.getUserContactInfo`, `data-access.logNotificationSendBatch`, 各渠道 `createXxxSender` +- 被使用:`sendNotificationAction`, `sendClassNotificationAction` + +#### `sendBatchNotifications` +- 签名:`sendBatchNotifications(payloads: NotificationPayload[]): Promise` +- 功能:批量发送通知(每个用户独立选择渠道,并行发送) +- 依赖:`sendNotification` +- 被使用:`sendClassNotificationAction` + +### 导出函数 (data-access.ts) + +> 文件标记 `"server-only"`。 + +| 函数 | 签名 | 核心功能 | +|------|------|---------| +| `getUserNotificationPreferences` | `(userId: string) => Promise` | 获取用户通知偏好(复用 messaging.notification-preferences) | +| `getUserContactInfo` | `(userId: string) => Promise` | 获取用户联系方式(phone/email;wechatOpenId 暂不支持,users 表无此字段;React cache 包装) | +| `logNotificationSend` | `(result: ChannelSendResult) => void` | 记录单条发送日志(当前 console.info;未来可扩展 notification_logs 表) | +| `logNotificationSendBatch` | `(results: ChannelSendResult[]) => void` | 批量记录发送日志 | + +### 渠道实现 (channels/) + +> 所有渠道文件首行 `import "server-only"`,外部 SDK 使用动态 import 避免增加构建体积。 + +| 文件 | 渠道 | 工厂函数 | 说明 | +|------|------|---------|------| +| `sms-channel.ts` | sms | `createSmsSender()` | 支持 aliyun/tencent/mock(根据 `SMS_PROVIDER` 环境变量选择);模板变量替换 title/content | +| `wechat-channel.ts` | wechat | `createWechatSender()` | 微信公众号模板消息;access_token 带缓存(提前 5 分钟刷新);配置完整用真实发送器,否则 Mock | +| `email-channel.ts` | email | `createEmailSender()` | Nodemailer SMTP;HTML 模板按 type 着色;配置 EMAIL_HOST 启用,否则 Mock | +| `in-app-channel.ts` | in_app | `createInAppSender()` | 复用 messaging.data-access.createNotification 写入 message_notifications 表;总是启用 | +| `types.ts` | - | - | 渠道接口定义(NotificationChannelSender, ChannelRecipient) | + +### 环境变量 + +| 变量 | 默认值 | 说明 | +|------|--------|------| +| `SMS_PROVIDER` | `mock` | SMS 渠道 provider:aliyun/tencent/mock | +| `SMS_ACCESS_KEY_ID` | - | SMS AccessKey ID | +| `SMS_ACCESS_KEY_SECRET` | - | SMS AccessKey Secret | +| `SMS_SIGN_NAME` | - | SMS 签名 | +| `SMS_TEMPLATE_CODE` | - | SMS 模板 ID | +| `WECHAT_APP_ID` | - | 微信公众号 AppID | +| `WECHAT_APP_SECRET` | - | 微信公众号 AppSecret | +| `WECHAT_TEMPLATE_ID` | - | 微信模板消息 ID | +| `EMAIL_HOST` | - | SMTP 主机(配置后启用真实发送) | +| `EMAIL_PORT` | `587` | SMTP 端口 | +| `EMAIL_USER` | - | SMTP 用户名 | +| `EMAIL_PASS` | - | SMTP 密码 | +| `EMAIL_FROM` | `noreply@example.com` | 发件人地址 | + +### 类型/接口 + +#### `NotificationChannel` +- 定义:`"in_app" | "email" | "sms" | "wechat"` +- 被使用:所有渠道文件, dispatcher + +#### `NotificationPayload` +- 定义:`{ userId, title, content, type: "info"|"warning"|"error"|"success", metadata?, actionUrl? }` +- 被使用:dispatcher, actions, 所有渠道 + +#### `ChannelSendResult` +- 定义:`{ channel, success, messageId?, error?, sentAt }` +- 被使用:dispatcher, actions, 所有渠道 + +#### `NotificationChannelSender`(接口) +- 定义:`{ channel: NotificationChannel, send(payload, recipient): Promise, sendBatch(items): Promise }` +- 被使用:所有渠道实现, dispatcher + +#### `ChannelRecipient`(接口) +- 定义:`{ userId, phone?, email?, wechatOpenId? }` +- 被使用:所有渠道, data-access.getUserContactInfo + +### 文档 +- `docs/notifications/channels.md`:通知渠道配置说明、Mock 模式、生产环境配置、扩展新渠道指南 + +--- + ## 模块:attendance ### 模块职责 @@ -2871,6 +3025,7 @@ | **course-plans** | db,auth-guard.requirePermission,types | auth | - | - | - | - | - | data-access.getAdminClasses,getStaffOptions | data-access.getAcademicYears | - | - | - | - | - | - | - | - | - | - | - | - | - | - | | **parent** | db,auth-guard(requireAuth),types | auth | - | data-access.getStudentHomeworkAssignments,getStudentDashboardGrades | - | - | data-access.getStudentClasses,getStudentSchedule | - | - | - | - | - | - | - | - | data-access.getStudentGradeSummary | - | - | - | - | - | - | | **messaging** | db,auth-guard(requirePermission,requireAuth),types | auth | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | +| **notifications** | db,auth-guard.requirePermission,types | auth | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | notification-preferences,data-access.createNotification | - | - | - | - | - | | **attendance** | db,auth-guard.requirePermission,types | auth | - | - | - | - | - | data-access.getTeacherClasses,getAdminClasses | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | | **scheduling** | db,auth-guard(requirePermission,getAuthContext),types | auth | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | | **proctoring** | db,auth-guard(requirePermission,requireAuth),types,components.ui,hooks.usePermission | auth | schema.exams,examSubmissions,examProctoringEvents | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | @@ -3143,8 +3298,37 @@ | Job | 触发条件 | 说明 | |-----|---------|------| | `build-deploy` | push/PR to main | 构建、测试、部署到 Docker(自托管 runner CDCD) | -| `security-audit` | push/PR to main | 依赖安全审计:`npm audit` moderate/critical 检查,上传 audit-report.json artifact | -| `scheduled-backup` | schedule cron `0 2 * * *` | 每天凌晨 2 点执行数据库备份,上传 backups/ artifact(保留 30 天) | +| `security-scan` | push/PR to main(needs: build-deploy) | 完整安全扫描:npm audit + Snyk + Trivy FS + OWASP ZAP 基线扫描,所有步骤 continue-on-error,上传 security-reports artifact(audit-report.json/trivy-fs-report.json/snyk.sarif) | +| `scheduled-backup` | schedule cron `0 2 * * *` | 每天凌晨 2 点执行数据库备份→校验完整性→异地同步,上传 backups/ artifact(保留 30 天) | +| `backup-verify` | schedule(needs: scheduled-backup) | 下载备份 artifact,独立校验备份完整性,运行健康检查,上传 backup-verify-report artifact(保留 7 天) | +| `weekly-dr-drill` | schedule(needs: backup-verify,每周触发) | 灾备演练:从备份恢复到测试数据库,验证数据完整性,上传 dr-drill-report artifact(保留 90 天) | + +### 灾备演练工作流 (`.gitea/workflows/dr-drill.yml`) + +独立灾备演练工作流,触发方式:定时 `cron 0 4 * * 1`(每周一凌晨 4 点)/ 手动 `workflow_dispatch`(可指定 backup_file、no_cleanup)。 + +| 步骤 | 说明 | +|------|------| +| 安装 MySQL 客户端 | apt-get install mysql-client | +| 准备备份 | 下载 db-backup artifact 或现场执行 backup-db.sh | +| 执行演练 | 运行 scripts/dr-drill.sh(创建测试库→恢复→完整性检查→冒烟测试→清理→报告) | +| 上传报告 | dr-drill-report artifact(保留 90 天) | +| 失败通知 | webhook 通知运维团队(DR_NOTIFICATION_WEBHOOK) | + +### 安全扫描工作流 (`.gitea/workflows/security.yml`) + +独立深度安全扫描工作流,触发方式:定时 `cron 0 3 * * 1`(每周一凌晨 3 点)/ 手动 `workflow_dispatch`(可指定 target_url、skip_dast)。 + +| 步骤 | 工具 | 类型 | 输出 | +|------|------|------|------| +| 依赖扫描 | npm audit | 依赖 | audit-report.json | +| 深度依赖 + 静态分析 | Snyk(severity-threshold=medium) | 依赖 + 代码 | snyk.sarif | +| 文件系统扫描 | Trivy fs | 代码 + 依赖 | trivy-fs-report.json | +| 容器镜像扫描 | Trivy image(构建 nextjs-app:scan 镜像) | 容器 | trivy-image-report.json | +| DAST | OWASP ZAP baseline | 动态 | 控制台报告 | +| 汇总报告 | shell + jq | 汇总 | security-summary.md | + +所有报告上传为 artifact `security-reports-full`。安全扫描配置文件:`.gitea/suppressions.json`(Snyk 漏洞抑制)、`.trivyignore`(Trivy CVE 忽略列表)。 ### 运维脚本 (`scripts/`) @@ -3152,9 +3336,17 @@ |------|------| | `scripts/audit.sh` | Bash 依赖审计脚本,运行 `npm audit --audit-level=moderate`,失败时生成 audit-report.json | | `scripts/audit.ps1` | PowerShell 版本依赖审计脚本(Windows 环境) | +| `scripts/security-scan.sh` | Bash 本地安全扫描脚本:npm audit + Trivy fs,彩色报告,退出码 0=无高危/1=有高危 | +| `scripts/security-scan.ps1` | PowerShell 版本本地安全扫描脚本(Windows 环境) | | `scripts/backup-db.sh` | MySQL 数据库备份脚本,从 DATABASE_URL 解析连接信息,gzip 压缩备份,保留 30 天 | | `scripts/restore-db.sh` | MySQL 数据库恢复脚本,从指定备份文件恢复 | | `scripts/test-backup.sh` | 备份流程测试脚本,执行一次备份并验证 | +| `scripts/backup-verify.sh` | 备份完整性校验脚本:检查文件存在/大小/gzip 完整性/SQL 内容结构/SQL 语法(可选,需 DATABASE_URL),退出码 0=通过/1=失败 | +| `scripts/backup-offsite-sync.sh` | 异地备份同步脚本:支持 S3/OSS/NFS 后端,同步后校验文件数量,清理远程过期备份(保留 90 天),使用 aws-cli/rclone/ossutil/rsync | +| `scripts/dr-drill.sh` | 灾备演练脚本(Bash):创建测试库→从备份恢复→数据完整性检查→冒烟测试→清理→生成报告到 docs/dr/reports/,退出码 0=成功/1=失败 | +| `scripts/dr-drill.ps1` | 灾备演练脚本(Windows PowerShell 5.1+):功能同 Bash 版本 | +| `scripts/failover.sh` | 故障切换脚本:检测主库健康→提升备库→更新应用配置→重启应用→验证切换,支持手动/半自动/演练模式 | +| `scripts/health-check.sh` | 健康检查脚本:检查应用 HTTP/数据库连接/磁盘空间/备份新鲜度,输出 JSON 报告,退出码 0=健康/1=异常 | ### package.json 脚本 @@ -3162,8 +3354,41 @@ |------|------|------| | `audit` | `npm audit --audit-level=moderate` | 依赖安全审计 | | `audit:report` | `npm audit --json > audit-report.json` | 生成 JSON 审计报告 | +| `security:audit` | `npm audit --audit-level=moderate` | 依赖安全审计(security 别名) | +| `security:scan` | `bash scripts/security-scan.sh` | 本地完整安全扫描(npm audit + Trivy fs) | | `backup` | `bash scripts/backup-db.sh` | 执行数据库备份 | | `restore` | `bash scripts/restore-db.sh` | 执行数据库恢复 | +| `dr:backup-verify` | `bash scripts/backup-verify.sh` | 校验备份完整性 | +| `dr:offsite-sync` | `bash scripts/backup-offsite-sync.sh` | 异地备份同步 | +| `dr:drill` | `bash scripts/dr-drill.sh` | 灾备演练(Bash) | +| `dr:drill:ps1` | `powershell -ExecutionPolicy Bypass -File scripts/dr-drill.ps1` | 灾备演练(PowerShell) | +| `dr:health-check` | `bash scripts/health-check.sh` | 健康检查(JSON 报告) | +| `dr:failover` | `bash scripts/failover.sh` | 故障切换 | + +### 灾备文档 (`docs/dr/`) + +| 文档 | 用途 | +|------|------| +| `docs/dr/dr-plan.md` | 灾备计划文档:RTO/RPO 定义(4h/24h)、备份策略、故障切换流程、联系人列表、恢复步骤 | +| `docs/dr/dr-runbook.md` | 灾备操作手册:数据库故障/应用故障/备份失败/异地同步失败/演练失败/磁盘不足场景的诊断与处理 | +| `docs/dr/reports/` | 灾备演练报告存档目录(Markdown 格式,由 dr-drill.sh 生成) | +| `docs/dr/logs/` | 故障切换日志目录(由 failover.sh 生成) | + +### 灾备环境变量 (`.env.example`) + +| 变量 | 用途 | +|------|------| +| `BACKUP_OFFSITE_BACKEND` | 异地备份后端类型: s3/oss/nfs/none | +| `BACKUP_OFFSITE_REMOTE` | 远程存储路径 | +| `BACKUP_OFFSITE_BUCKET` | 存储桶名称(仅 s3/oss) | +| `BACKUP_OFFSITE_ACCESS_KEY` | 访问密钥 | +| `BACKUP_OFFSITE_SECRET_KEY` | 秘密密钥 | +| `BACKUP_OFFSITE_REGION` | 区域(默认 us-east-1) | +| `BACKUP_OFFSITE_RETENTION_DAYS` | 远程备份保留天数(默认 90) | +| `DR_DRILL_TEST_DB` | 演练测试数据库名(默认 next_edu_dr_drill) | +| `HEALTH_CHECK_URL` | 应用健康检查 URL(默认 http://localhost:8015) | +| `DATABASE_URL_STANDBY` | 备库连接 URL(故障切换时使用) | +| `FAILOVER_APP_NAME` | 应用容器名(默认 nextjs-app) | --- @@ -3181,10 +3406,40 @@ ### Playwright 配置 (`playwright.config.ts`) -- `testDir`: `./tests/e2e` +- `testDir`: `./tests`(顶层,由各 project 通过 `testDir` 限定范围) - `baseURL`: `http://127.0.0.1:3000` - `webServer`: 自动启动 `npm run dev`,端口 3000,超时 180s - `webServer.env`: 注入 `SKIP_ENV_VALIDATION=1`、`NEXTAUTH_SECRET`、`NEXTAUTH_URL`、`DATABASE_URL`(测试库) -- `projects`: chromium(CI 通道为 undefined,本地为 chrome) +- `projects`: + - `chromium`(E2E 测试,`testDir: ./tests/e2e`,CI 通道为 undefined,本地为 chrome) + - `visual-chromium`(视觉回归测试,`testDir: ./tests/visual`,CI 通道为 undefined,本地为 chrome) +- `snapshotPathTemplate`: `{testDir}/__screenshots__/{testFilePath}/{arg}{ext}` +- `expect.toHaveScreenshot`: `maxDiffPixelRatio: 0.01`、`animations: "disabled"`、`caret: "hide"` - `retries`: CI 2 次,本地 0 次 - `workers`: CI 2 个,本地默认 + +--- + +## 视觉回归测试 (`tests/visual/`) + +| 测试文件 | 覆盖范围 | 依赖 | +|---------|---------|------| +| `homepage.spec.ts` | 登录页在 desktop/tablet/mobile × light/dark 下的快照 | 无需 DB | +| `admin-dashboard.spec.ts` | 管理员仪表盘整页 + 侧边栏/主内容区组件快照 | DATABASE_URL + admin 账号 | +| `teacher-dashboard.spec.ts` | 教师仪表盘整页 + 侧边栏/主内容区组件快照 | DATABASE_URL + teacher 账号 | +| `student-dashboard.spec.ts` | 学生仪表盘整页 + 侧边栏/主内容区组件快照 | DATABASE_URL + student 账号 | + +### 视觉测试辅助 (`tests/visual/helpers/`) + +| 文件 | 用途 | +|------|------| +| `auth.ts` | 登录辅助 `setupAuthState(role)`、`loginByUI(page, role)`,测试账号默认 admin@xiaoxue.edu.cn / 123456 | +| `visual-helpers.ts` | `setViewport`、`setTheme`、`waitForPageReady`、`maskDynamicElements`、`buildMaskOption` | + +### 视觉测试配置 (`tests/visual/visual.config.ts`) + +- 视口: desktop 1920×1080、tablet 768×1024、mobile 375×812 +- 主题: light、dark +- 快照目录: `tests/visual/__screenshots__/` +- storageState 目录: `tests/visual/.auth/`(已加入 .gitignore) +- 默认容差: `maxDiffPixelRatio: 0.01` diff --git a/docs/architecture/005_architecture_data.json b/docs/architecture/005_architecture_data.json index e15c02a..c0cb415 100644 --- a/docs/architecture/005_architecture_data.json +++ b/docs/architecture/005_architecture_data.json @@ -283,6 +283,38 @@ "purpose": "生成导入模板 Buffer(表头加粗+第二行填写说明+示例行)", "deps": ["exceljs"], "usedBy": ["users/import-export.generateUserImportTemplate"] + }, + { + "name": "useA11yId", + "file": "lib/a11y.ts", + "signature": "useA11yId(prefix: string): string", + "purpose": "基于React.useId生成SSR安全的唯一ID,用于aria-describedby、aria-labelledby等", + "deps": ["react"], + "usedBy": ["待扩展(表单组件、a11y组件)"] + }, + { + "name": "mergeA11yProps", + "file": "lib/a11y.ts", + "signature": "mergeA11yProps>(...props: (T | undefined | null | false)[]): T", + "purpose": "合并多组aria/data属性,普通属性后者覆盖前者,aria-*/data-*字符串属性以空格拼接", + "deps": [], + "usedBy": ["待扩展"] + }, + { + "name": "describeInput", + "file": "lib/a11y.ts", + "signature": "describeInput(describedBy?: string, error?: string, hint?: string): { ariaDescribedBy?: string; ariaInvalid?: boolean }", + "purpose": "计算输入框的aria-describedby(合并多个ID)与aria-invalid(error存在则为true)", + "deps": [], + "usedBy": ["待扩展(表单组件)"] + }, + { + "name": "loadingAria", + "file": "lib/a11y.ts", + "signature": "loadingAria(isLoading: boolean): { ariaBusy: boolean; ariaLive: 'polite' | 'assertive' }", + "purpose": "提供加载状态的aria-busy与aria-live=polite属性", + "deps": [], + "usedBy": ["待扩展"] } ], "hooks": [ @@ -1318,6 +1350,40 @@ ] } }, + "notifications": { + "path": "src/modules/notifications", + "description": "通知渠道集成层:基于用户通知偏好(notification_preferences)将通知分发到站内消息/SMS/微信公众号/邮件多渠道。所有渠道实现统一 NotificationChannelSender 接口,dispatcher 按偏好并行发送。支持 Mock 模式(开发环境无需外部服务)。", + "exports": { + "actions": [ + { "name": "sendNotificationAction", "permission": "MESSAGE_SEND", "signature": "(payload: NotificationPayload) => Promise>", "purpose": "发送通知给指定用户(按偏好多渠道分发)", "deps": ["requirePermission", "dispatcher.sendNotification"], "usedBy": ["待扩展"] }, + { "name": "sendClassNotificationAction", "permission": "MESSAGE_SEND", "signature": "(classId: string, payload: Omit) => Promise>", "purpose": "发送班级通知(批量发送给班级所有学生;教师只能给自己所教班级发送)", "deps": ["requirePermission", "db.schema.classEnrollments", "db.schema.classes", "dispatcher.sendBatchNotifications"], "usedBy": ["待扩展"] } + ], + "dispatcher": [ + { "name": "sendNotification", "signature": "(payload: NotificationPayload) => Promise", "file": "dispatcher.ts", "purpose": "发送单条通知:读取用户偏好+联系方式,按偏好选择渠道并行发送,记录日志", "deps": ["data-access.getUserNotificationPreferences", "data-access.getUserContactInfo", "data-access.logNotificationSendBatch", "channels.sms-channel.createSmsSender", "channels.wechat-channel.createWechatSender", "channels.email-channel.createEmailSender", "channels.in-app-channel.createInAppSender"], "usedBy": ["sendNotificationAction", "sendClassNotificationAction"] }, + { "name": "sendBatchNotifications", "signature": "(payloads: NotificationPayload[]) => Promise", "file": "dispatcher.ts", "purpose": "批量发送通知(每个用户独立选择渠道,并行发送)", "deps": ["sendNotification"], "usedBy": ["sendClassNotificationAction"] } + ], + "dataAccess": [ + { "name": "getUserNotificationPreferences", "signature": "(userId: string) => Promise", "file": "data-access.ts", "purpose": "获取用户通知偏好(复用 messaging.notification-preferences.getNotificationPreferences)", "deps": ["messaging.notification-preferences.getNotificationPreferences"], "usedBy": ["dispatcher.sendNotification"] }, + { "name": "getUserContactInfo", "signature": "(userId: string) => Promise", "file": "data-access.ts", "purpose": "获取用户联系方式(phone/email;wechatOpenId 暂不支持,users 表无此字段)", "deps": ["shared.db", "shared.db.schema.users", "react.cache"], "usedBy": ["dispatcher.sendNotification"] }, + { "name": "logNotificationSend", "signature": "(result: ChannelSendResult) => void", "file": "data-access.ts", "purpose": "记录单条发送日志(当前使用 console.info;未来可扩展 notification_logs 表)", "deps": [], "usedBy": ["logNotificationSendBatch"] }, + { "name": "logNotificationSendBatch", "signature": "(results: ChannelSendResult[]) => void", "file": "data-access.ts", "purpose": "批量记录发送日志", "deps": ["logNotificationSend"], "usedBy": ["dispatcher.sendNotification", "dispatcher.sendBatchNotifications"] } + ], + "channels": [ + { "name": "createSmsSender", "file": "channels/sms-channel.ts", "purpose": "创建 SMS 渠道发送器(aliyun/tencent/mock,根据 SMS_PROVIDER 环境变量选择;SDK 动态 import)", "deps": ["环境变量: SMS_PROVIDER, SMS_ACCESS_KEY_ID, SMS_ACCESS_KEY_SECRET, SMS_SIGN_NAME, SMS_TEMPLATE_CODE"] }, + { "name": "createWechatSender", "file": "channels/wechat-channel.ts", "purpose": "创建微信渠道发送器(配置完整用真实发送器,否则 Mock;access_token 带缓存)", "deps": ["环境变量: WECHAT_APP_ID, WECHAT_APP_SECRET, WECHAT_TEMPLATE_ID"] }, + { "name": "createEmailSender", "file": "channels/email-channel.ts", "purpose": "创建邮件渠道发送器(配置 EMAIL_HOST 用 Nodemailer SMTP,否则 Mock;HTML 模板按 type 着色)", "deps": ["环境变量: EMAIL_HOST, EMAIL_PORT, EMAIL_USER, EMAIL_PASS, EMAIL_FROM"] }, + { "name": "createInAppSender", "file": "channels/in-app-channel.ts", "purpose": "创建站内消息渠道发送器(复用 messaging.data-access.createNotification 写入 message_notifications 表;总是启用)", "deps": ["messaging.data-access.createNotification"] } + ], + "types": [ + { "name": "NotificationChannel", "type": "type", "file": "types.ts", "definition": "'in_app' | 'email' | 'sms' | 'wechat'", "usedBy": ["所有渠道文件", "dispatcher"] }, + { "name": "NotificationPayload", "type": "interface", "file": "types.ts", "definition": "{ userId, title, content, type: 'info'|'warning'|'error'|'success', metadata?, actionUrl? }", "usedBy": ["dispatcher", "actions", "所有渠道"] }, + { "name": "ChannelSendResult", "type": "interface", "file": "types.ts", "definition": "{ channel, success, messageId?, error?, sentAt }", "usedBy": ["dispatcher", "actions", "所有渠道"] }, + { "name": "NotificationChannelConfig", "type": "interface", "file": "types.ts", "definition": "{ enabled, sms?, wechat?, email? }", "usedBy": ["类型定义"] }, + { "name": "NotificationChannelSender", "type": "interface", "file": "channels/types.ts", "definition": "{ channel: NotificationChannel, send(payload, recipient), sendBatch(items) }", "usedBy": ["所有渠道实现", "dispatcher"] }, + { "name": "ChannelRecipient", "type": "interface", "file": "channels/types.ts", "definition": "{ userId, phone?, email?, wechatOpenId? }", "usedBy": ["所有渠道", "data-access.getUserContactInfo"] } + ] + } + }, "attendance": { "path": "src/modules/attendance", "description": "学生考勤管理:教师按班级/日期点名(单条/批量)、查询考勤记录、统计出勤率/迟到率,学生/家长查看本人/子女考勤汇总,管理员查看全校考勤记录。支持班级考勤规则配置。", @@ -1610,6 +1676,7 @@ "grades": {"dependsOn": ["shared", "auth"], "uses": {"shared": ["db", "auth-guard.requirePermission", "types.permissions", "types.action-state", "db.schema.gradeRecords", "db.schema.classes", "db.schema.classEnrollments", "db.schema.subjects", "db.schema.users", "lib.excel"], "auth": ["auth"]}}, "parent": {"dependsOn": ["shared", "auth", "homework", "classes", "grades"], "uses": {"shared": ["db", "auth-guard.requireAuth", "db.schema.parentStudentRelations", "db.schema.users", "db.schema.grades", "db.schema.classEnrollments", "db.schema.classes", "types"], "auth": ["auth"], "homework": ["data-access.getStudentHomeworkAssignments", "data-access.getStudentDashboardGrades"], "classes": ["data-access.getStudentClasses", "data-access.getStudentSchedule"], "grades": ["data-access.getStudentGradeSummary"]}}, "messaging": {"dependsOn": ["shared", "auth"], "uses": {"shared": ["db", "auth-guard.requirePermission", "auth-guard.requireAuth", "db.schema.messages", "db.schema.messageNotifications", "db.schema.notificationPreferences", "db.schema.users", "db.schema.classEnrollments", "db.schema.classes", "db.schema.grades", "types.permissions", "types.action-state"], "auth": ["auth"]}}, + "notifications": {"dependsOn": ["shared", "auth", "messaging"], "uses": {"shared": ["db", "auth-guard.requirePermission", "db.schema.users", "db.schema.classEnrollments", "db.schema.classes", "types.permissions", "types.action-state"], "auth": ["auth"], "messaging": ["notification-preferences.getNotificationPreferences", "data-access.createNotification"]}}, "attendance": {"dependsOn": ["shared", "auth", "classes"], "uses": {"shared": ["db", "auth-guard.requirePermission", "db.schema.attendanceRecords", "db.schema.attendanceRules", "db.schema.classEnrollments", "db.schema.users", "db.schema.classes", "types.permissions", "types.action-state", "types.DataScope"], "auth": ["auth"], "classes": ["data-access.getTeacherClasses", "data-access.getAdminClasses"]}}, "scheduling": {"dependsOn": ["shared", "auth", "classes"], "uses": {"shared": ["db", "auth-guard.requirePermission", "auth-guard.getAuthContext", "db.schema.schedulingRules", "db.schema.scheduleChanges", "db.schema.classSchedule", "db.schema.classes", "db.schema.users", "db.schema.classSubjectTeachers", "db.schema.subjects", "db.schema.classrooms", "types.permissions", "types.action-state"], "auth": ["auth"], "classes": []}}, "diagnostic": {"dependsOn": ["shared", "auth"], "uses": {"shared": ["db", "auth-guard.requirePermission", "auth-guard.getAuthContext", "db.schema.knowledgePointMastery", "db.schema.learningDiagnosticReports", "db.schema.knowledgePoints", "db.schema.questionsToKnowledgePoints", "db.schema.examSubmissions", "db.schema.submissionAnswers", "db.schema.classEnrollments", "db.schema.classes", "db.schema.users", "types.permissions", "types.action-state", "hooks.usePermission", "components.ui.*"], "auth": ["auth"]}}, @@ -1823,19 +1890,74 @@ "trigger": "push/PR to main", "steps": ["checkout", "cache npm", "configure npm proxy", "npm ci", "lint", "typecheck", "install playwright chromium", "integration tests", "e2e tests", "cache next.js build", "build", "prepare standalone", "deploy to docker"] }, - "security-audit": { + "security-scan": { "runsOn": "ubuntu-latest", "trigger": "push/PR to main", - "steps": ["checkout", "setup node 20", "npm ci", "npm audit --audit-level=moderate (continue-on-error)", "npm audit --audit-level=critical", "upload audit-report.json artifact"] + "needs": "build-deploy", + "continueOnError": true, + "steps": ["checkout", "setup node 20", "npm ci", "npm audit --audit-level=moderate + 生成 audit-report.json (continue-on-error)", "Snyk scan --severity-threshold=high --sarif-file-output=snyk.sarif (env SNYK_TOKEN, continue-on-error)", "Trivy fs scan json+table (continue-on-error)", "OWASP ZAP baseline scan target=NEXTAUTH_URL||localhost:8015 cmd_options='-a -j' (continue-on-error)", "upload security-reports artifact (audit-report.json, trivy-fs-report.json, snyk.sarif)"] }, "scheduled-backup": { "runsOn": "ubuntu-latest", "trigger": "schedule cron 0 2 * * *", "condition": "github.event_name == 'schedule'", - "steps": ["checkout", "run scripts/backup-db.sh (env DATABASE_URL, BACKUP_DIR)", "upload backups/ artifact (retention 30 days)"] + "steps": ["checkout", "run scripts/backup-db.sh (env DATABASE_URL, BACKUP_DIR)", "run scripts/backup-verify.sh (校验备份完整性)", "run scripts/backup-offsite-sync.sh (异地同步, env BACKUP_OFFSITE_*, 失败不阻塞)", "upload backups/ artifact (retention 30 days)"] + }, + "backup-verify": { + "runsOn": "ubuntu-latest", + "trigger": "schedule", + "condition": "github.event_name == 'schedule'", + "needs": "scheduled-backup", + "steps": ["checkout", "download db-backup artifact", "run scripts/backup-verify.sh (独立校验)", "run scripts/health-check.sh > health-report.json", "upload backup-verify-report artifact (backups/, health-report.json, retention 7 days)"] + }, + "weekly-dr-drill": { + "runsOn": "ubuntu-latest", + "trigger": "schedule (每周触发, github.run_attempt % 7 == 0)", + "condition": "github.event_name == 'schedule' && github.run_attempt % 7 == 0", + "needs": "backup-verify", + "steps": ["checkout", "run scripts/dr-drill.sh (env DATABASE_URL, DR_DRILL_TEST_DB=next_edu_dr_drill)", "upload dr-drill-report artifact (docs/dr/reports/, retention 90 days)"] } } }, + "drDrillWorkflow": { + "configFile": ".gitea/workflows/dr-drill.yml", + "triggers": ["schedule cron 0 4 * * 1 (每周一凌晨 4 点)", "workflow_dispatch (inputs: backup_file, no_cleanup)"], + "job": "dr-drill", + "runsOn": "ubuntu-latest", + "timeoutMinutes": 30, + "steps": [ + "checkout", + "install mysql-client", + "prepare backup directory (mkdir backups docs/dr/reports)", + "download db-backup artifact (continue-on-error) 或现场执行 backup-db.sh", + "run scripts/dr-drill.sh (支持 --backup/--no-cleanup 参数)", + "upload dr-drill-report-${{ github.run_id }} artifact (docs/dr/reports/, retention 90 days)", + "on failure: webhook 通知运维团队 (DR_NOTIFICATION_WEBHOOK)" + ] + }, + "securityWorkflow": { + "configFile": ".gitea/workflows/security.yml", + "triggers": ["schedule cron 0 3 * * 1 (每周一凌晨 3 点)", "workflow_dispatch (inputs: target_url, skip_dast)"], + "job": "deep-security-scan", + "runsOn": "ubuntu-latest", + "continueOnError": true, + "steps": [ + "checkout", + "setup node 20", + "npm ci", + "npm audit + 生成 audit-report.json (依赖扫描)", + "Snyk scan --severity-threshold=medium --sarif-file-output=snyk.sarif (env SNYK_TOKEN, 深度依赖+静态分析)", + "Trivy fs scan json+table (文件系统扫描, trivy-fs-report.json)", + "Build Next.js standalone + docker build nextjs-app:scan + Trivy image scan (容器镜像扫描, trivy-image-report.json)", + "OWASP ZAP baseline scan (DAST, target=inputs.target_url||NEXTAUTH_URL||localhost:8015, 可通过 skip_dast 跳过)", + "Generate security-summary.md (jq 汇总各报告漏洞计数)", + "upload security-reports-full artifact (audit-report.json, trivy-fs-report.json, trivy-image-report.json, snyk.sarif, security-summary.md)" + ], + "configFiles": { + "suppressions": ".gitea/suppressions.json (Snyk 漏洞抑制, 每条含 id/package/severity/reason/expires/owner)", + "trivyignore": ".trivyignore (Trivy CVE 忽略列表, 每行一个 CVE 带注释)" + } + }, "scripts": { "scripts/audit.sh": { "type": "bash", @@ -1862,22 +1984,93 @@ "scripts/test-backup.sh": { "type": "bash", "purpose": "备份流程测试,执行一次备份并验证最新备份文件" + }, + "scripts/backup-verify.sh": { + "type": "bash", + "purpose": "备份完整性校验:检查文件存在/大小/gzip 完整性/SQL 内容结构/SQL 语法(可选,需 DATABASE_URL)", + "env": ["BACKUP_DIR", "DATABASE_URL", "BACKUP_VERIFY_MIN_SIZE"], + "exitCodes": {"0": "校验通过", "1": "校验失败"}, + "options": ["--min-size BYTES", "--no-sql-check", "--help"] + }, + "scripts/backup-offsite-sync.sh": { + "type": "bash", + "purpose": "异地备份同步:支持 S3/OSS/NFS 后端,同步后校验文件数量,清理远程过期备份(保留 90 天)", + "env": ["BACKUP_DIR", "BACKUP_OFFSITE_BACKEND", "BACKUP_OFFSITE_REMOTE", "BACKUP_OFFSITE_BUCKET", "BACKUP_OFFSITE_ACCESS_KEY", "BACKUP_OFFSITE_SECRET_KEY", "BACKUP_OFFSITE_REGION", "BACKUP_OFFSITE_RETENTION_DAYS"], + "tools": ["aws-cli (s3)", "rclone (s3/oss)", "ossutil (oss)", "rsync (nfs)"], + "exitCodes": {"0": "同步成功", "1": "同步失败"}, + "options": ["--backend TYPE", "--no-cleanup", "--no-verify", "--help"] + }, + "scripts/dr-drill.sh": { + "type": "bash", + "purpose": "灾备演练:创建测试库→从备份恢复→数据完整性检查→冒烟测试→清理→生成报告到 docs/dr/reports/", + "env": ["DATABASE_URL", "BACKUP_DIR", "DR_DRILL_TEST_DB", "DR_DRILL_REPORT_DIR"], + "exitCodes": {"0": "演练成功", "1": "演练失败"}, + "options": ["--backup FILE", "--test-db NAME", "--no-cleanup", "--report-dir DIR", "--help"] + }, + "scripts/dr-drill.ps1": { + "type": "powershell", + "purpose": "灾备演练(Windows PowerShell 5.1+ 版本),功能同 Bash 版本", + "env": ["DATABASE_URL", "BACKUP_DIR", "DR_DRILL_TEST_DB", "DR_DRILL_REPORT_DIR"], + "platform": "Windows", + "options": ["-BackupFile FILE", "-TestDb NAME", "-NoCleanup", "-ReportDir DIR", "-Help"] + }, + "scripts/failover.sh": { + "type": "bash", + "purpose": "故障切换:检测主库健康→提升备库→更新应用配置→重启应用→验证切换", + "env": ["DATABASE_URL", "DATABASE_URL_STANDBY", "FAILOVER_APP_URL", "FAILOVER_APP_NAME", "FAILOVER_CONFIG_FILE", "FAILOVER_LOG_FILE"], + "exitCodes": {"0": "切换成功", "1": "切换失败"}, + "options": ["--auto", "--primary URL", "--standby URL", "--app-url URL", "--no-restart", "--dry-run", "--help"] + }, + "scripts/health-check.sh": { + "type": "bash", + "purpose": "健康检查:检查应用 HTTP/数据库连接/磁盘空间/备份新鲜度,输出 JSON 报告", + "env": ["DATABASE_URL", "HEALTH_CHECK_URL", "BACKUP_DIR", "HEALTH_CHECK_DISK_THRESHOLD", "HEALTH_CHECK_BACKUP_MAX_AGE"], + "exitCodes": {"0": "健康", "1": "异常"}, + "options": ["--app-url URL", "--no-app", "--no-db", "--no-disk", "--no-backup", "--disk-threshold PCT", "--backup-max-age HRS", "--help"] } }, "packageJsonScripts": { "audit": "npm audit --audit-level=moderate", "audit:report": "npm audit --json > audit-report.json", + "security:audit": "npm audit --audit-level=moderate", + "security:scan": "bash scripts/security-scan.sh", "backup": "bash scripts/backup-db.sh", - "restore": "bash scripts/restore-db.sh" + "restore": "bash scripts/restore-db.sh", + "dr:backup-verify": "bash scripts/backup-verify.sh", + "dr:offsite-sync": "bash scripts/backup-offsite-sync.sh", + "dr:drill": "bash scripts/dr-drill.sh", + "dr:drill:ps1": "powershell -ExecutionPolicy Bypass -File scripts/dr-drill.ps1", + "dr:health-check": "bash scripts/health-check.sh", + "dr:failover": "bash scripts/failover.sh" + }, + "drDocs": { + "docs/dr/dr-plan.md": "灾备计划文档:RTO/RPO 定义(4h/24h)、备份策略、故障切换流程、联系人列表、恢复步骤", + "docs/dr/dr-runbook.md": "灾备操作手册:数据库故障/应用故障/备份失败/异地同步失败/演练失败/磁盘不足场景的诊断与处理", + "docs/dr/reports/": "灾备演练报告存档目录(Markdown 格式,由 dr-drill.sh 生成)", + "docs/dr/logs/": "故障切换日志目录(由 failover.sh 生成)" + }, + "drEnvVars": { + "BACKUP_OFFSITE_BACKEND": "异地备份后端类型: s3|oss|nfs|none", + "BACKUP_OFFSITE_REMOTE": "远程存储路径", + "BACKUP_OFFSITE_BUCKET": "存储桶名称(仅 s3/oss)", + "BACKUP_OFFSITE_ACCESS_KEY": "访问密钥", + "BACKUP_OFFSITE_SECRET_KEY": "秘密密钥", + "BACKUP_OFFSITE_REGION": "区域(默认 us-east-1)", + "BACKUP_OFFSITE_RETENTION_DAYS": "远程备份保留天数(默认 90)", + "DR_DRILL_TEST_DB": "演练测试数据库名(默认 next_edu_dr_drill)", + "HEALTH_CHECK_URL": "应用健康检查 URL(默认 http://localhost:8015)", + "DATABASE_URL_STANDBY": "备库连接 URL(故障切换时使用)", + "FAILOVER_APP_NAME": "应用容器名(默认 nextjs-app)" }, "gitignore": { - "added": ["/backups/", "/audit-report.json", "/playwright-report/", "/test-results/"] + "added": ["/backups/", "/audit-report.json", "/trivy-fs-report.json", "/trivy-image-report.json", "/snyk.sarif", "/security-summary.md", "/playwright-report/", "/test-results/", "/tests/visual/.auth/"], + "exceptions": [".env.example (灾备环境变量示例,允许提交)"] } }, "testing": { "e2e": { "configFile": "playwright.config.ts", - "testDir": "./tests/e2e", + "testDir": "./tests", "baseURL": "http://127.0.0.1:3000", "webServer": { "command": "npm run dev", @@ -1891,7 +2084,15 @@ "DATABASE_URL": "mysql://test:test@127.0.0.1:3306/test_db" } }, - "projects": [{"name": "chromium", "channel": "CI: undefined, local: chrome"}], + "projects": [ + {"name": "chromium", "testDir": "./tests/e2e", "channel": "CI: undefined, local: chrome"}, + {"name": "visual-chromium", "testDir": "./tests/visual", "channel": "CI: undefined, local: chrome"} + ], + "snapshotPathTemplate": "{testDir}/__screenshots__/{testFilePath}/{arg}{ext}", + "expect": { + "toHaveScreenshot": {"maxDiffPixelRatio": 0.01, "animations": "disabled", "caret": "hide"}, + "toMatchSnapshot": {"maxDiffPixelRatio": 0.01} + }, "retries": "CI: 2, local: 0", "workers": "CI: 2, local: default", "testFiles": { @@ -1903,6 +2104,37 @@ "announcements.spec.ts": {"coverage": "公告页面未认证重定向 + 登录后渲染", "requiresDb": "partial"}, "grades.spec.ts": {"coverage": "成绩页面未认证重定向 + 登录后渲染", "requiresDb": "partial"} } + }, + "visual": { + "configFile": "tests/visual/visual.config.ts", + "snapshotDir": "tests/visual/__screenshots__", + "storageStateDir": "tests/visual/.auth/", + "viewports": { + "desktop": {"width": 1920, "height": 1080}, + "tablet": {"width": 768, "height": 1024}, + "mobile": {"width": 375, "height": 812} + }, + "themes": ["light", "dark"], + "defaultMaxDiffPixelRatio": 0.01, + "testAccounts": { + "admin": {"email": "admin@xiaoxue.edu.cn", "envVars": ["VISUAL_ADMIN_EMAIL", "VISUAL_ADMIN_PASSWORD"]}, + "teacher": {"email": "admin@xiaoxue.edu.cn", "envVars": ["VISUAL_TEACHER_EMAIL", "VISUAL_TEACHER_PASSWORD"]}, + "student": {"email": "admin@xiaoxue.edu.cn", "envVars": ["VISUAL_STUDENT_EMAIL", "VISUAL_STUDENT_PASSWORD"]} + }, + "testFiles": { + "homepage.spec.ts": {"coverage": "登录页在 desktop/tablet/mobile × light/dark 下的快照", "requiresDb": false}, + "admin-dashboard.spec.ts": {"coverage": "管理员仪表盘整页 + 侧边栏/主内容区组件快照", "requiresDb": true, "role": "admin"}, + "teacher-dashboard.spec.ts": {"coverage": "教师仪表盘整页 + 侧边栏/主内容区组件快照", "requiresDb": true, "role": "teacher"}, + "student-dashboard.spec.ts": {"coverage": "学生仪表盘整页 + 侧边栏/主内容区组件快照", "requiresDb": true, "role": "student"} + }, + "helpers": { + "auth.ts": ["setupAuthState(role)", "loginByUI(page, role)", "storageStatePath(role)"], + "visual-helpers.ts": ["setViewport(page, size)", "setTheme(page, theme)", "waitForPageReady(page)", "maskDynamicElements(page, selectors)", "buildMaskOption(masks)"] + }, + "scripts": { + "test:visual": "playwright test --project=visual-chromium", + "test:visual:update": "playwright test --project=visual-chromium --update-snapshots" + } } } } diff --git a/docs/dr/dr-plan.md b/docs/dr/dr-plan.md new file mode 100644 index 0000000..b6a3d1f --- /dev/null +++ b/docs/dr/dr-plan.md @@ -0,0 +1,362 @@ +# 灾备计划 (Disaster Recovery Plan) + +> **文档版本**: 1.0 +> **最后更新**: 2026-06-17 +> **审核周期**: 每季度审核一次 + +--- + +## 1. 概述 + +本文档定义了 Next_Edu 系统的灾备策略、恢复目标、备份方案和故障切换流程,确保在发生灾难性故障时能够快速恢复服务并最小化数据丢失。 + +### 1.1 适用范围 + +- 生产环境数据库(MySQL) +- 应用服务(Next.js) +- 备份文件(本地 + 异地) +- CI/CD 流水线 + +### 1.2 关键指标 + +| 指标 | 目标 | 说明 | +|------|------|------| +| **RTO** (Recovery Time Objective) | 4 小时 | 从故障发生到服务恢复的最长时间 | +| **RPO** (Recovery Point Objective) | 24 小时 | 最大可接受的数据丢失时间窗口 | + +--- + +## 2. RTO/RPO 定义 + +### 2.1 RTO(恢复时间目标): 4 小时 + +**定义**: 从系统故障发生到服务完全恢复的最长允许时间。 + +**分解**: +| 阶段 | 预计耗时 | 说明 | +|------|---------|------| +| 故障检测 | 5 分钟 | 健康检查脚本自动检测 | +| 通知与决策 | 15 分钟 | 通知运维团队,决定是否切换 | +| 执行恢复 | 60 分钟 | 从备份恢复数据库 | +| 应用重启 | 10 分钟 | 重启应用并验证 | +| 数据验证 | 30 分钟 | 验证数据完整性 | +| 流量恢复 | 10 分钟 | 逐步恢复用户流量 | +| 缓冲时间 | 90 分钟 | 应对意外情况 | +| **总计** | **≤ 4 小时** | | + +### 2.2 RPO(恢复点目标): 24 小时 + +**定义**: 最大可接受的数据丢失时间窗口。 + +**保障措施**: +- 每日凌晨 2 点全量备份(cron: `0 2 * * *`) +- 备份后自动校验完整性 +- 备份后自动同步到异地存储 +- 最坏情况下丢失不超过 24 小时数据 + +--- + +## 3. 备份策略 + +### 3.1 备份频率 + +| 备份类型 | 频率 | 时间 | 保留期 | +|---------|------|------|--------| +| 全量备份 | 每日 | 凌晨 2:00 (CST) | 本地 30 天,异地 90 天 | +| 异地同步 | 每日(备份后) | 凌晨 2:30 (CST) | 90 天 | + +### 3.2 备份内容 + +- **数据库**: 使用 `mysqldump` 导出全部数据库,`gzip` 压缩 +- **格式**: `db_backup_YYYYMMDD_HHMMSS.sql.gz` +- **存储位置**: + - 本地: `./backups/` + - 异地: S3/OSS/NFS(根据 `BACKUP_OFFSITE_BACKEND` 配置) + +### 3.3 备份验证 + +每次备份后自动执行校验: +1. 文件存在性检查 +2. 文件大小检查(最小 1KB) +3. gzip 完整性校验(`gunzip -t`) +4. SQL 内容结构检查(mysqldump 头部、语句数量) +5. SQL 语法校验(可选,需 `DATABASE_URL`) + +### 3.4 备份保留策略 + +| 存储位置 | 保留期 | 清理方式 | +|---------|--------|---------| +| 本地 (`./backups/`) | 30 天 | `find -mtime +30 -delete` | +| 异地 (S3/OSS/NFS) | 90 天 | `backup-offsite-sync.sh` 自动清理 | + +--- + +## 4. 故障切换流程 + +### 4.1 故障检测 + +1. **自动检测**: `health-check.sh` 定期运行,检查: + - 应用 HTTP 健康端点 + - 数据库连接 + - 磁盘空间 + - 备份新鲜度 +2. **手动报告**: 用户反馈、监控系统告警 + +### 4.2 故障切换步骤 + +``` +┌─────────────────┐ +│ 1. 检测故障 │ 健康检查失败 / 用户报告 +└────────┬────────┘ + │ + ▼ +┌─────────────────┐ +│ 2. 通知运维 │ 电话/邮件/即时通讯通知运维团队 +└────────┬────────┘ + │ + ▼ +┌─────────────────┐ +│ 3. 决策(5分钟) │ 评估故障严重程度,决定是否切换 +└────────┬────────┘ + │ + ┌────┴────┐ + │ │ + 切换 不切换 + │ │ + ▼ ▼ +┌─────────┐ ┌─────────┐ +│4. 执行 │ │ 修复主库 │ +│ 切换 │ │ │ +└────┬────┘ └─────────┘ + │ + ▼ +┌─────────┐ +│5. 验证 │ 健康检查、功能测试 +│ 恢复 │ +└────┬────┘ + │ + ▼ +┌─────────┐ +│6. 事后 │ 记录事件、复盘改进 +│ 复盘 │ +└─────────┘ +``` + +### 4.3 执行故障切换 + +使用 `failover.sh` 脚本: + +```bash +# 手动模式(交互式确认) +./scripts/failover.sh + +# 半自动模式(检测到故障后自动切换,需确认) +./scripts/failover.sh --auto + +# 演练模式(不实际执行) +./scripts/failover.sh --dry-run + +# 指定备库 +./scripts/failover.sh --standby "mysql://user:pass@standby-host:3306/dbname" +``` + +**前提条件**: +- 配置 `DATABASE_URL_STANDBY` 环境变量 +- 备库已配置主从复制(如果是主从架构) +- 应用容器可通过 Docker 重启 + +--- + +## 5. 灾备演练 + +### 5.1 演练频率 + +| 演练类型 | 频率 | 触发方式 | +|---------|------|---------| +| 自动演练 | 每周一次 | CI 定时任务(每周一凌晨 4 点) | +| 手动演练 | 每月一次 | 运维人员手动触发 | +| 全量演练 | 每季度一次 | 完整故障切换演练 | + +### 5.2 演练内容 + +1. **创建测试数据库** (`next_edu_dr_drill`) +2. **从最新备份恢复** 到测试数据库 +3. **数据完整性检查**: + - 表数量对比(测试库 vs 源库) + - 记录数对比 +4. **冒烟测试**: + - 基础表查询 + - 关键业务表查询(users, schools) +5. **清理测试数据库** +6. **生成演练报告** + +### 5.3 演练脚本 + +```bash +# Bash 版本(Linux/macOS) +./scripts/dr-drill.sh + +# PowerShell 版本(Windows) +.\scripts\dr-drill.ps1 + +# 指定备份文件 +./scripts/dr-drill.sh --backup backups/db_backup_20260617_020000.sql.gz + +# 保留测试数据库(用于调试) +./scripts/dr-drill.sh --no-cleanup +``` + +### 5.4 演练报告 + +- **存储位置**: `docs/dr/reports/` +- **格式**: Markdown +- **内容**: 演练时间、步骤结果、RTO 评估、数据完整性指标 +- **保留期**: 90 天(CI artifact) + +--- + +## 6. 联系人列表 + +> **注意**: 以下为模板,请根据实际人员填写 + +### 6.1 主要联系人 + +| 角色 | 姓名 | 电话 | 邮箱 | 职责 | +|------|------|------|------|------| +| 主负责人 | [待填写] | [待填写] | [待填写] | 灾备决策、协调 | +| 备份负责人 | [待填写] | [待填写] | [待填写] | 备份执行、监控 | +| DBA | [待填写] | [待填写] | [待填写] | 数据库恢复 | +| 运维工程师 | [待填写] | [待填写] | [待填写] | 应用部署、网络 | +| 开发负责人 | [待填写] | [待填写] | [待填写] | 代码修复、功能验证 | + +### 6.2 升级路径 + +1. **L1**: 运维工程师(5 分钟内响应) +2. **L2**: 主负责人 + DBA(15 分钟内响应) +3. **L3**: 全体联系人(30 分钟内响应) + +--- + +## 7. 恢复步骤 + +### 7.1 从备份恢复数据库 + +```bash +# 1. 获取最新备份 +LATEST_BACKUP=$(ls -t backups/db_backup_*.sql.gz | head -1) +echo "Using backup: $LATEST_BACKUP" + +# 2. 校验备份完整性 +./scripts/backup-verify.sh "$LATEST_BACKUP" + +# 3. 恢复数据库 +./scripts/restore-db.sh "$LATEST_BACKUP" + +# 4. 验证恢复结果 +mysql -u root -p -e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='next_edu';" +``` + +### 7.2 完整恢复流程 + +1. **获取最新备份** + - 本地: `./backups/` + - 异地: 从 S3/OSS/NFS 下载 + - CI artifact: 从 Gitea Actions 下载 + +2. **恢复数据库** + ```bash + ./scripts/restore-db.sh backups/db_backup_YYYYMMDD_HHMMSS.sql.gz + ``` + +3. **重启应用** + ```bash + docker restart nextjs-app + # 或 + docker stop nextjs-app && docker rm nextjs-app + # 重新部署 + ``` + +4. **验证数据完整性** + ```bash + # 运行健康检查 + ./scripts/health-check.sh + + # 运行灾备演练(对比数据) + ./scripts/dr-drill.sh --no-cleanup + ``` + +5. **恢复流量** + - 验证应用功能正常 + - 逐步恢复用户流量 + - 监控系统指标 + +--- + +## 8. 监控与告警 + +### 8.1 健康检查 + +```bash +# 手动运行健康检查 +./scripts/health-check.sh + +# 输出 JSON 格式报告 +./scripts/health-check.sh > health-report.json +``` + +**检查项**: +- 应用 HTTP 健康端点 +- 数据库连接 +- 磁盘空间(阈值 90%) +- 备份新鲜度(24 小时内) + +### 8.2 告警条件 + +| 条件 | 严重级别 | 通知方式 | +|------|---------|---------| +| 应用不可达 | 严重 | 电话 + 邮件 | +| 数据库连接失败 | 严重 | 电话 + 邮件 | +| 磁盘空间 > 90% | 警告 | 邮件 | +| 备份超过 24 小时 | 警告 | 邮件 | +| 备份校验失败 | 严重 | 电话 + 邮件 | +| 灾备演练失败 | 警告 | 邮件 | + +--- + +## 9. 环境变量配置 + +```bash +# 灾备配置 +BACKUP_OFFSITE_BACKEND=none # s3|oss|nfs|none +BACKUP_OFFSITE_REMOTE= # 远程路径 +BACKUP_OFFSITE_BUCKET= # 存储桶名 +BACKUP_OFFSITE_ACCESS_KEY= # 访问密钥 +BACKUP_OFFSITE_SECRET_KEY= # 秘密密钥 +BACKUP_OFFSITE_REGION=us-east-1 # 区域 +DR_DRILL_TEST_DB=next_edu_dr_drill # 演练测试数据库 +HEALTH_CHECK_URL=http://localhost:8015 # 健康检查 URL + +# 故障切换配置 +DATABASE_URL_STANDBY= # 备库连接 URL +FAILOVER_APP_NAME=nextjs-app # 应用容器名 +FAILOVER_APP_URL=http://localhost:8015 # 应用 URL +``` + +--- + +## 10. 文档维护 + +- **审核周期**: 每季度审核一次 +- **更新触发**: 系统架构变更、联系人变更、演练发现问题 +- **关联文档**: + - `docs/dr/dr-runbook.md` - 灾备操作手册 + - `docs/dr/reports/` - 演练报告存档 + - `scripts/` - 灾备相关脚本 + +--- + +## 11. 变更记录 + +| 日期 | 版本 | 变更内容 | 变更人 | +|------|------|---------|--------| +| 2026-06-17 | 1.0 | 初始版本 | - | diff --git a/docs/dr/dr-runbook.md b/docs/dr/dr-runbook.md new file mode 100644 index 0000000..ebfb6bf --- /dev/null +++ b/docs/dr/dr-runbook.md @@ -0,0 +1,699 @@ +# 灾备操作手册 (DR Runbook) + +> **文档版本**: 1.0 +> **最后更新**: 2026-06-17 +> **适用场景**: 生产环境故障处理 + +--- + +## 概述 + +本手册提供常见故障场景的诊断和处理步骤。每个场景包含:症状、诊断、处理步骤、验证方法。 + +**紧急联系**: 参见 `docs/dr/dr-plan.md` 第 6 节联系人列表 + +--- + +## 场景 1: 数据库故障 + +### 1.1 数据库不可达 + +#### 症状 +- 应用报错: `ECONNREFUSED` 或 `Connection refused` +- 健康检查 `database` 状态为 `fail` +- 用户无法登录、查询数据 + +#### 诊断 +```bash +# 1. 检查数据库连接 +mysql -h -P -u -p -e "SELECT 1;" + +# 2. 检查数据库进程 +systemctl status mysql +# 或 Docker 环境 +docker ps | grep mysql + +# 3. 检查端口 +telnet +# 或 +nc -zv + +# 4. 查看数据库日志 +tail -100 /var/log/mysql/error.log +# 或 Docker +docker logs --tail 100 +``` + +#### 处理步骤 + +**情况 A: 数据库服务停止** +```bash +# 重启数据库服务 +sudo systemctl restart mysql +# 或 Docker +docker restart + +# 等待启动完成 +sleep 10 +mysql -h -P -u -p -e "SELECT 1;" +``` + +**情况 B: 数据库无法启动** +```bash +# 1. 检查磁盘空间 +df -h + +# 2. 检查配置文件 +mysql --verbose --help | head -20 + +# 3. 如果磁盘满,清理空间 +sudo find /var/log -type f -name "*.log" -mtime +7 -delete + +# 4. 如果配置错误,恢复备份配置 +sudo cp /etc/mysql/my.cnf.bak /etc/mysql/my.cnf +sudo systemctl restart mysql +``` + +**情况 C: 数据库损坏,需要从备份恢复** +```bash +# 1. 获取最新备份 +LATEST_BACKUP=$(ls -t backups/db_backup_*.sql.gz | head -1) +echo "Using backup: $LATEST_BACKUP" + +# 2. 校验备份 +./scripts/backup-verify.sh "$LATEST_BACKUP" + +# 3. 恢复数据库 +./scripts/restore-db.sh "$LATEST_BACKUP" + +# 4. 重启应用 +docker restart nextjs-app +``` + +**情况 D: 主库故障,需要切换到备库** +```bash +# 1. 执行故障切换(手动模式) +./scripts/failover.sh + +# 2. 或半自动模式 +./scripts/failover.sh --auto + +# 3. 验证切换结果 +./scripts/health-check.sh +``` + +#### 验证 +```bash +# 1. 运行健康检查 +./scripts/health-check.sh + +# 2. 验证应用功能 +curl -f http://localhost:8015 + +# 3. 验证数据库查询 +mysql -h -P -u -p -e "SELECT COUNT(*) FROM users;" + +# 4. 运行灾备演练验证数据完整性 +./scripts/dr-drill.sh +``` + +--- + +### 1.2 数据库性能问题 + +#### 症状 +- 应用响应缓慢 +- 查询超时 +- CPU/内存使用率高 + +#### 诊断 +```bash +# 1. 查看当前连接 +mysql -e "SHOW PROCESSLIST;" + +# 2. 查看慢查询 +mysql -e "SHOW VARIABLES LIKE 'slow_query%';" +tail -100 /var/log/mysql/slow.log + +# 3. 查看系统资源 +top +iostat -x 1 +``` + +#### 处理步骤 +```bash +# 1. 终止长时间运行的查询 +mysql -e "KILL ;" + +# 2. 优化表 +mysql -e "OPTIMIZE TABLE ;" + +# 3. 重启数据库(如果必要) +sudo systemctl restart mysql +``` + +#### 验证 +```bash +# 监控性能指标 +mysql -e "SHOW STATUS LIKE 'Threads%';" +mysql -e "SHOW STATUS LIKE 'Slow_queries';" +``` + +--- + +## 场景 2: 应用故障 + +### 2.1 应用不可达 + +#### 症状 +- HTTP 502/503 错误 +- 页面无法访问 +- 健康检查 `app` 状态为 `fail` + +#### 诊断 +```bash +# 1. 检查应用容器 +docker ps | grep nextjs-app + +# 2. 查看应用日志 +docker logs nextjs-app --tail 100 + +# 3. 检查端口 +netstat -tlnp | grep 8015 + +# 4. 检查健康端点 +curl -v http://localhost:8015 +``` + +#### 处理步骤 + +**情况 A: 容器停止** +```bash +# 启动容器 +docker start nextjs-app + +# 等待启动 +sleep 10 +curl -f http://localhost:8015 +``` + +**情况 B: 容器崩溃,需要重启** +```bash +# 重启容器 +docker restart nextjs-app + +# 如果重启失败,重新部署 +docker stop nextjs-app || true +docker rm nextjs-app || true +# 重新运行部署流程(参见 CI/CD) +``` + +**情况 C: 应用配置错误** +```bash +# 1. 检查环境变量 +docker exec nextjs-app env | grep DATABASE_URL + +# 2. 检查 .env.local +cat .env.local + +# 3. 修正配置后重启 +docker restart nextjs-app +``` + +#### 验证 +```bash +# 1. 健康检查 +./scripts/health-check.sh + +# 2. 功能测试 +curl -f http://localhost:8015 +curl -f http://localhost:8015/api/auth/providers + +# 3. 查看日志确认无错误 +docker logs nextjs-app --tail 20 +``` + +--- + +### 2.2 应用 OOM(内存不足) + +#### 症状 +- 容器被 OOM Killer 终止 +- 日志中出现 `JavaScript heap out of memory` + +#### 诊断 +```bash +# 1. 查看容器状态 +docker inspect nextjs-app | grep -A 5 "State" + +# 2. 查看内存使用 +docker stats nextjs-app + +# 3. 查看系统日志 +dmesg | grep -i "oom" +``` + +#### 处理步骤 +```bash +# 1. 增加 Node.js 内存限制 +docker stop nextjs-app +docker rm nextjs-app +docker run -d \ + --init \ + -p 8015:3000 \ + --restart unless-stopped \ + --name nextjs-app \ + --network 1panel-network \ + -e NODE_OPTIONS="--max-old-space-size=2048" \ + -e NODE_ENV=production \ + -e DATABASE_URL=$DATABASE_URL \ + -e NEXTAUTH_SECRET=$NEXTAUTH_SECRET \ + -e NEXTAUTH_URL=$NEXTAUTH_URL \ + nextjs-app + +# 2. 或增加容器内存限制 +docker run -d --memory=2g ... +``` + +#### 验证 +```bash +# 监控内存使用 +docker stats nextjs-app + +# 确认应用正常 +curl -f http://localhost:8015 +``` + +--- + +## 场景 3: 备份失败 + +### 3.1 定时备份未执行 + +#### 症状 +- 健康检查 `backup` 状态为 `fail`(备份超过 24 小时) +- `./backups/` 目录无新文件 +- CI 中 `scheduled-backup` job 失败 + +#### 诊断 +```bash +# 1. 检查最新备份 +ls -lt backups/db_backup_*.sql.gz | head -5 + +# 2. 检查 CI 运行记录 +# 访问 Gitea Actions 页面查看 scheduled-backup job + +# 3. 手动运行备份测试 +./scripts/backup-db.sh + +# 4. 检查磁盘空间 +df -h +``` + +#### 处理步骤 + +**情况 A: 磁盘空间不足** +```bash +# 1. 清理旧备份 +find backups/ -name "db_backup_*.sql.gz" -mtime +30 -delete + +# 2. 清理其他临时文件 +find /tmp -type f -mtime +7 -delete + +# 3. 重新运行备份 +./scripts/backup-db.sh +``` + +**情况 B: 数据库连接问题** +```bash +# 1. 验证数据库连接 +mysql -h -P -u -p -e "SELECT 1;" + +# 2. 检查 DATABASE_URL 环境变量 +echo $DATABASE_URL + +# 3. 修正配置后重新备份 +export DATABASE_URL="mysql://correct_url" +./scripts/backup-db.sh +``` + +**情况 C: mysqldump 权限问题** +```bash +# 1. 检查用户权限 +mysql -u -p -e "SHOW GRANTS;" + +# 2. 授予必要权限 +mysql -u root -p -e "GRANT SELECT, LOCK TABLES, SHOW VIEW, EVENT, TRIGGER ON *.* TO ''@'%';" +FLUSH PRIVILEGES; + +# 3. 重新备份 +./scripts/backup-db.sh +``` + +#### 验证 +```bash +# 1. 确认新备份存在 +ls -lt backups/db_backup_*.sql.gz | head -1 + +# 2. 校验备份完整性 +./scripts/backup-verify.sh + +# 3. 运行健康检查 +./scripts/health-check.sh +``` + +--- + +### 3.2 备份文件损坏 + +#### 症状 +- `backup-verify.sh` 校验失败 +- gzip 解压失败 +- SQL 文件内容异常 + +#### 诊断 +```bash +# 1. 运行校验脚本 +./scripts/backup-verify.sh backups/db_backup_YYYYMMDD_HHMMSS.sql.gz + +# 2. 手动检查 gzip +gunzip -t backups/db_backup_YYYYMMDD_HHMMSS.sql.gz + +# 3. 检查文件大小 +ls -lh backups/db_backup_*.sql.gz +``` + +#### 处理步骤 +```bash +# 1. 删除损坏的备份 +rm backups/db_backup_YYYYMMDD_HHMMSS.sql.gz + +# 2. 重新执行备份 +./scripts/backup-db.sh + +# 3. 校验新备份 +./scripts/backup-verify.sh + +# 4. 如果新备份也损坏,检查数据库完整性 +mysql -e "CHECK TABLE users; CHECK TABLE schools;" +``` + +#### 验证 +```bash +# 1. 校验新备份 +./scripts/backup-verify.sh + +# 2. 运行灾备演练 +./scripts/dr-drill.sh +``` + +--- + +## 场景 4: 异地同步失败 + +### 4.1 S3/OSS 同步失败 + +#### 症状 +- `backup-offsite-sync.sh` 失败 +- CI 中 "Sync backup to offsite storage" 步骤失败 +- 异地存储缺少最新备份 + +#### 诊断 +```bash +# 1. 检查后端配置 +echo $BACKUP_OFFSITE_BACKEND +echo $BACKUP_OFFSITE_REMOTE +echo $BACKUP_OFFSITE_BUCKET + +# 2. 检查凭证 +echo $BACKUP_OFFSITE_ACCESS_KEY +echo $BACKUP_OFFSITE_SECRET_KEY + +# 3. 测试连接 +aws s3 ls s3://$BACKUP_OFFSITE_BUCKET/ # S3 +# 或 +ossutil ls oss://$BACKUP_OFFSITE_BUCKET/ # OSS + +# 4. 手动运行同步 +./scripts/backup-offsite-sync.sh +``` + +#### 处理步骤 + +**情况 A: 凭证错误** +```bash +# 1. 更新凭证 +export BACKUP_OFFSITE_ACCESS_KEY="new_access_key" +export BACKUP_OFFSITE_SECRET_KEY="new_secret_key" + +# 2. 更新 Gitea Secrets +# 访问仓库 Settings > Secrets 更新对应 secret + +# 3. 重新同步 +./scripts/backup-offsite-sync.sh +``` + +**情况 B: 网络问题** +```bash +# 1. 测试网络连通性 +ping s3.amazonaws.com # S3 +ping oss-cn-beijing.aliyuncs.com # OSS + +# 2. 检查代理设置 +echo $http_proxy +echo $https_proxy + +# 3. 配置代理后重试 +export http_proxy=http://proxy:port +export https_proxy=http://proxy:port +./scripts/backup-offsite-sync.sh +``` + +**情况 C: 工具未安装** +```bash +# 1. 安装 aws-cli +pip install awscli +# 或 +apt-get install -y awscli + +# 2. 安装 rclone +curl https://rclone.org/install.sh | sudo bash + +# 3. 重新同步 +./scripts/backup-offsite-sync.sh +``` + +#### 验证 +```bash +# 1. 列出远程文件 +aws s3 ls s3://$BACKUP_OFFSITE_BUCKET/backups/ +# 或 +rclone lsf $BACKUP_OFFSITE_REMOTE + +# 2. 对比本地和远程文件数量 +LOCAL_COUNT=$(ls backups/db_backup_*.sql.gz | wc -l) +REMOTE_COUNT=$(aws s3 ls s3://$BACKUP_OFFSITE_BUCKET/backups/ | grep -c "db_backup") +echo "Local: $LOCAL_COUNT, Remote: $REMOTE_COUNT" +``` + +--- + +### 4.2 NFS 同步失败 + +#### 症状 +- `backup-offsite-sync.sh` NFS 后端失败 +- NFS 目录不可写 + +#### 诊断 +```bash +# 1. 检查 NFS 挂载 +mount | grep nfs + +# 2. 检查目录权限 +ls -la $BACKUP_OFFSITE_REMOTE + +# 3. 测试写入 +touch $BACKUP_OFFSITE_REMOTE/test && rm $BACKUP_OFFSITE_REMOTE/test +``` + +#### 处理步骤 +```bash +# 1. 重新挂载 NFS +sudo umount /mnt/nfs +sudo mount -t nfs :/path /mnt/nfs + +# 2. 检查权限 +sudo chown -R $USER:$USER /mnt/nfs/backups + +# 3. 重新同步 +./scripts/backup-offsite-sync.sh +``` + +--- + +## 场景 5: 灾备演练失败 + +### 5.1 演练恢复失败 + +#### 症状 +- `dr-drill.sh` 步骤 3(恢复)失败 +- 测试数据库创建成功但恢复失败 + +#### 诊断 +```bash +# 1. 查看演练报告 +cat docs/dr/reports/dr_drill_*.md + +# 2. 手动测试恢复 +mysql -h -u -p -e "CREATE DATABASE test_manual;" +gunzip -c backups/db_backup_*.sql.gz | mysql -h -u -p test_manual + +# 3. 检查备份文件 +./scripts/backup-verify.sh +``` + +#### 处理步骤 +```bash +# 1. 清理失败的测试数据库 +mysql -h -u -p -e "DROP DATABASE IF EXISTS next_edu_dr_drill;" + +# 2. 校验备份 +./scripts/backup-verify.sh + +# 3. 如果备份损坏,重新备份 +./scripts/backup-db.sh + +# 4. 重新运行演练 +./scripts/dr-drill.sh +``` + +--- + +### 5.2 演练后测试数据库未清理 + +#### 症状 +- `next_edu_dr_drill` 数据库残留 +- 磁盘空间异常增长 + +#### 诊断 +```bash +# 1. 检查测试数据库 +mysql -e "SHOW DATABASES LIKE 'next_edu_dr_drill';" + +# 2. 检查数据库大小 +mysql -e "SELECT table_schema, SUM(data_length + index_length) / 1024 / 1024 AS size_mb FROM information_schema.tables WHERE table_schema = 'next_edu_dr_drill' GROUP BY table_schema;" +``` + +#### 处理步骤 +```bash +# 1. 手动删除测试数据库 +mysql -h -u -p -e "DROP DATABASE IF EXISTS next_edu_dr_drill;" + +# 2. 验证已删除 +mysql -e "SHOW DATABASES LIKE 'next_edu_dr_drill';" +``` + +--- + +## 场景 6: 磁盘空间不足 + +#### 症状 +- 健康检查 `disk` 状态为 `fail` +- 应用或数据库写入失败 +- 系统响应缓慢 + +#### 诊断 +```bash +# 1. 检查磁盘使用 +df -h + +# 2. 查找大文件 +du -sh /* 2>/dev/null | sort -rh | head -10 +du -sh /var/* 2>/dev/null | sort -rh | head -10 + +# 3. 查找大日志文件 +find /var/log -type f -size +100M -exec ls -lh {} \; +``` + +#### 处理步骤 +```bash +# 1. 清理旧备份 +find backups/ -name "db_backup_*.sql.gz" -mtime +30 -delete + +# 2. 清理日志 +sudo find /var/log -type f -name "*.log" -mtime +7 -delete +sudo journalctl --vacuum-time=7d + +# 3. 清理 Docker 资源 +docker system prune -a --volumes +# 注意: 这会删除未使用的镜像和卷,谨慎使用 + +# 4. 清理 npm 缓存 +npm cache clean --force + +# 5. 清理临时文件 +find /tmp -type f -mtime +7 -delete +``` + +#### 验证 +```bash +# 1. 检查磁盘空间 +df -h + +# 2. 运行健康检查 +./scripts/health-check.sh +``` + +--- + +## 附录: 快速参考命令 + +### 备份相关 +```bash +# 执行备份 +npm run backup + +# 校验备份 +npm run dr:backup-verify + +# 异地同步 +npm run dr:offsite-sync + +# 灾备演练 +npm run dr:drill + +# 健康检查 +npm run dr:health-check +``` + +### 恢复相关 +```bash +# 从备份恢复 +./scripts/restore-db.sh backups/db_backup_YYYYMMDD_HHMMSS.sql.gz + +# 故障切换 +./scripts/failover.sh --auto +``` + +### 诊断相关 +```bash +# 完整健康检查 +./scripts/health-check.sh + +# 检查数据库 +mysql -h -P -u -p -e "SHOW PROCESSLIST;" + +# 检查应用日志 +docker logs nextjs-app --tail 100 + +# 检查磁盘空间 +df -h +``` + +--- + +## 变更记录 + +| 日期 | 版本 | 变更内容 | 变更人 | +|------|------|---------|--------| +| 2026-06-17 | 1.0 | 初始版本 | - | diff --git a/docs/notifications/channels.md b/docs/notifications/channels.md new file mode 100644 index 0000000..20e1ac2 --- /dev/null +++ b/docs/notifications/channels.md @@ -0,0 +1,238 @@ +# 通知渠道集成文档 + +本模块(`src/modules/notifications`)为系统提供多渠道通知发送能力,支持站内消息、短信、微信公众号模板消息和邮件四种渠道。 + +## 架构概览 + +``` +调用方 (Server Action / 其他模块) + │ + ▼ + dispatcher.ts ── 读取用户通知偏好 (notification_preferences) + │ ── 读取用户联系方式 (users.phone / users.email) + │ + ├── in_app (站内消息,总是启用) + ├── sms (短信,smsEnabled && phone) + ├── wechat (微信模板消息,pushEnabled && openId) + └── email (邮件,emailEnabled && email) + │ + ▼ + data-access.ts ── logNotificationSend (console 日志) +``` + +## 模块结构 + +| 文件 | 职责 | +|------|------| +| `types.ts` | 通知渠道类型定义(NotificationPayload, ChannelSendResult 等) | +| `channels/types.ts` | 渠道发送者接口(NotificationChannelSender, ChannelRecipient) | +| `channels/sms-channel.ts` | 短信渠道(阿里云/腾讯云/Mock) | +| `channels/wechat-channel.ts` | 微信公众号模板消息渠道 | +| `channels/email-channel.ts` | 邮件渠道(Nodemailer SMTP) | +| `channels/in-app-channel.ts` | 站内消息渠道(复用 messaging data-access) | +| `dispatcher.ts` | 通知分发器(按偏好选择渠道、并行发送) | +| `data-access.ts` | 通知数据访问(偏好查询、联系方式查询、日志记录) | +| `actions.ts` | Server Actions(sendNotificationAction, sendClassNotificationAction) | +| `index.ts` | 模块统一导出 | + +## 渠道配置 + +### 1. 站内消息(in_app) + +- **默认启用**,无需配置。 +- 复用现有 `messaging` 模块的 `createNotification`,写入 `message_notifications` 表。 +- 用户可在站内通知中心查看。 + +### 2. 短信(SMS) + +支持三种 Provider,通过 `SMS_PROVIDER` 环境变量选择: + +| Provider | 说明 | 环境变量 | +|----------|------|----------| +| `mock`(默认) | 开发环境模拟,仅记录日志 | 无需其他配置 | +| `aliyun` | 阿里云短信 | `SMS_ACCESS_KEY_ID`, `SMS_ACCESS_KEY_SECRET`, `SMS_SIGN_NAME`, `SMS_TEMPLATE_CODE` | +| `tencent` | 腾讯云短信 | 同上(复用相同变量名) | + +**模板变量替换**:将 `payload.title` / `payload.content` 填入模板变量 `title` / `content`。 + +### 3. 微信公众号模板消息(wechat) + +通过微信公众号 API 发送模板消息: + +1. **获取 access_token**:`GET https://api.weixin.qq.com/cgi-bin/token`(带缓存,提前 5 分钟刷新) +2. **发送模板消息**:`POST https://api.weixin.qq.com/cgi-bin/message/template/send` + +**环境变量**: + +| 变量 | 说明 | +|------|------| +| `WECHAT_APP_ID` | 公众号 AppID | +| `WECHAT_APP_SECRET` | 公众号 AppSecret | +| `WECHAT_TEMPLATE_ID` | 模板消息 ID | + +**模板数据映射**: + +- `keyword1` ← `payload.title` +- `keyword2` ← `payload.content` +- `keyword3` ← `payload.type` + +可通过 `payload.metadata.wechatKeywords` 自定义覆盖。 + +> **注意**:当前 `users` 表无 `wechat_open_id` 字段,微信渠道暂不会实际触发。扩展 schema 后在 `data-access.ts` 的 `getUserContactInfo` 中补充查询即可。 + +### 4. 邮件(email) + +使用 Nodemailer 通过 SMTP 发送,支持 HTML 邮件模板(根据通知类型显示不同颜色)。 + +**环境变量**: + +| 变量 | 默认值 | 说明 | +|------|--------|------| +| `EMAIL_HOST` | - | SMTP 主机(配置后启用真实发送) | +| `EMAIL_PORT` | `587` | SMTP 端口(465 使用 SSL) | +| `EMAIL_USER` | - | SMTP 用户名 | +| `EMAIL_PASS` | - | SMTP 密码 | +| `EMAIL_FROM` | `noreply@example.com` | 发件人地址 | + +## Mock 模式(开发环境) + +所有渠道均提供 Mock 实现,**无需任何外部服务即可运行**: + +- SMS: `SMS_PROVIDER=mock`(默认)→ 仅 `console.info` 记录 +- WeChat: 未配置 `WECHAT_APP_ID` 等 → 自动使用 Mock +- Email: 未配置 `EMAIL_HOST` → 自动使用 Mock +- 站内消息: 始终真实写入数据库(无 Mock) + +## 生产环境配置 + +### 阿里云短信示例 + +```env +SMS_PROVIDER=aliyun +SMS_ACCESS_KEY_ID=LTAI5tXXXXXXXXXXXX +SMS_ACCESS_KEY_SECRET=XXXXXXXXXXXXXXXXXXXXXXXX +SMS_SIGN_NAME=智慧教务 +SMS_TEMPLATE_CODE=SMS_123456789 +``` + +### 微信公众号示例 + +```env +WECHAT_APP_ID=wx1234567890abcdef +WECHAT_APP_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +WECHAT_TEMPLATE_ID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +``` + +### 邮件 SMTP 示例 + +```env +EMAIL_HOST=smtp.example.com +EMAIL_PORT=587 +EMAIL_USER=notification@example.com +EMAIL_PASS=xxxxxxxx +EMAIL_FROM=智慧教务 +``` + +## 使用方式 + +### 1. 通过 Server Action 调用 + +```ts +import { sendNotificationAction, sendClassNotificationAction } from "@/modules/notifications/actions" + +// 发送给单个用户 +await sendNotificationAction({ + userId: "user-xxx", + title: "作业提醒", + content: "您有一份新作业待提交", + type: "info", + actionUrl: "/homework/123", +}) + +// 发送给班级所有学生(教师权限) +await sendClassNotificationAction("class-xxx", { + title: "考试通知", + content: "明天下午 2 点期中考试", + type: "warning", + actionUrl: "/exams/456", +}) +``` + +### 2. 直接调用分发器(服务端) + +```ts +import { sendNotification } from "@/modules/notifications" + +await sendNotification({ + userId: "user-xxx", + title: "成绩发布", + content: "您的数学成绩为 95 分", + type: "success", +}) +``` + +## 渠道选择逻辑 + +分发器根据用户通知偏好(`notification_preferences` 表)和联系方式决定启用渠道: + +| 渠道 | 启用条件 | +|------|----------| +| in_app | `pushEnabled`(默认 true),总是兜底 | +| sms | `smsEnabled` && 用户有手机号 | +| email | `emailEnabled` && 用户有邮箱 | +| wechat | `pushEnabled` && 用户有 wechatOpenId | + +> 通知偏好中的 `homeworkNotifications` / `gradeNotifications` 等按通知类别控制,由调用方在构造 payload 前决定是否调用发送。 + +## 扩展新渠道 + +1. 在 `channels/` 下创建新文件,实现 `NotificationChannelSender` 接口: + +```ts +import "server-only" +import type { NotificationChannelSender, ChannelRecipient } from "./types" +import type { NotificationPayload, ChannelSendResult, NotificationChannel } from "../types" + +const channel: NotificationChannel = "your_channel" as NotificationChannel + +class YourChannelSender implements NotificationChannelSender { + readonly channel = channel + async send(payload: NotificationPayload, recipient: ChannelRecipient): Promise { + // 实现发送逻辑 + } + async sendBatch(items) { /* ... */ } +} + +export function createYourSender(): NotificationChannelSender { + return new YourChannelSender() +} +``` + +2. 在 `types.ts` 的 `NotificationChannel` 类型中添加新渠道: + +```ts +export type NotificationChannel = "in_app" | "email" | "sms" | "wechat" | "your_channel" +``` + +3. 在 `dispatcher.ts` 的 `SenderRegistry` 和 `selectChannels` 中注册新渠道。 + +4. 在 `index.ts` 中导出新的发送器工厂。 + +## 权限说明 + +- `sendNotificationAction`: 需要 `MESSAGE_SEND` 权限 +- `sendClassNotificationAction`: 需要 `MESSAGE_SEND` 权限,且教师只能给自己所教班级发送 + +> 项目无独立 `NOTIFICATION_SEND` 权限点,复用 `MESSAGE_SEND`(教师/管理员/年级主任均拥有)。 + +## 外部 SDK 依赖 + +所有外部 SDK 均使用**动态 import**,避免增加构建体积: + +| 渠道 | SDK | 安装命令 | +|------|-----|----------| +| 阿里云短信 | `@alicloud/dysmsapi20170525`, `@alicloud/openapi-client`, `@alicloud/credentials` | `npm i @alicloud/dysmsapi20170525 @alicloud/openapi-client @alicloud/credentials` | +| 腾讯云短信 | `tencentcloud-sdk-nodejs` | `npm i tencentcloud-sdk-nodejs` | +| 邮件 | `nodemailer` | `npm i nodemailer @types/nodemailer` | + +> **Mock 模式无需安装任何 SDK**,开发环境开箱即用。生产环境按需安装对应 SDK。 diff --git a/docs/security/scanning.md b/docs/security/scanning.md new file mode 100644 index 0000000..9f6fb64 --- /dev/null +++ b/docs/security/scanning.md @@ -0,0 +1,152 @@ +# 安全扫描指南 + +本项目集成了多层安全扫描,覆盖依赖审计、深度依赖分析、静态分析、容器镜像扫描与动态应用安全测试(DAST)。 + +## 一、CI 中的安全扫描流程 + +### 1.1 主 CI 流水线(`.gitea/workflows/ci.yml`) + +主流水线在 `push`/`pull_request` 到 `main` 时触发,包含三个 Job: + +| Job | 触发条件 | 说明 | +|-----|---------|------| +| `build-deploy` | push/PR to main | 构建、测试、部署到 Docker | +| `security-scan` | push/PR to main(依赖 build-deploy) | 完整安全扫描,失败不阻塞构建 | +| `scheduled-backup` | schedule cron `0 2 * * *` | 每天凌晨 2 点数据库备份 | + +`security-scan` Job 依次执行以下扫描,所有步骤均设置 `continue-on-error: true`,**扫描失败不阻塞构建**,但会生成报告并上传为 artifact(`security-reports`): + +1. **npm audit** — 依赖漏洞审计(moderate 级别),生成 `audit-report.json` +2. **Snyk 扫描** — 深度依赖分析(`--severity-threshold=high`),生成 `snyk.sarif`,需配置 `SNYK_TOKEN` secret +3. **Trivy 文件系统扫描** — 扫描项目代码与依赖,生成 `trivy-fs-report.json` 与表格视图 +4. **OWASP ZAP 基线扫描** — 对部署后的应用执行 DAST,目标为 `NEXTAUTH_URL` secret 或 `http://localhost:8015` + +### 1.2 独立安全工作流(`.gitea/workflows/security.yml`) + +独立工作流执行**深度安全扫描**,触发方式: + +- **定时**:每周一凌晨 3 点(`cron: "0 3 * * 1"`) +- **手动**:`workflow_dispatch`,可指定 `target_url`(DAST 目标)与 `skip_dast` 选项 + +执行内容: + +| 步骤 | 工具 | 类型 | 输出 | +|------|------|------|------| +| 依赖扫描 | npm audit | 依赖 | `audit-report.json` | +| 深度依赖 + 静态分析 | Snyk(`--severity-threshold=medium`) | 依赖 + 代码 | `snyk.sarif` | +| 文件系统扫描 | Trivy fs | 代码 + 依赖 | `trivy-fs-report.json` | +| 容器镜像扫描 | Trivy image | 容器 | `trivy-image-report.json` | +| DAST | OWASP ZAP baseline | 动态 | 控制台报告 | +| 汇总报告 | shell + jq | 汇总 | `security-summary.md` | + +所有报告上传为 artifact `security-reports-full`。 + +## 二、各扫描工具的作用 + +| 工具 | 作用 | 覆盖范围 | +|------|------|---------| +| **npm audit** | Node.js 依赖漏洞审计,基于 npm advisory 数据库 | 直接与间接 npm 依赖 | +| **Snyk** | 深度依赖分析 + 代码静态分析,漏洞库更广,含许可证检查 | npm 依赖 + 源码 | +| **Trivy(fs)** | 文件系统扫描,检测依赖锁文件、IaC 配置、密钥泄露 | 项目代码、配置、密钥 | +| **Trivy(image)** | 容器镜像扫描,检测镜像层漏洞与配置问题 | 构建出的 Docker 镜像 | +| **OWASP ZAP** | 动态应用安全测试(DAST),模拟攻击发现运行时漏洞 | 运行中的 Web 应用 | + +## 三、如何处理扫描发现的漏洞 + +### 3.1 处理流程 + +1. **查看报告**:从 CI artifact 下载 `security-reports` / `security-reports-full` +2. **分级评估**:按漏洞等级确定处理优先级(见分级标准) +3. **修复或缓解**: + - 升级受影响依赖到修复版本 + - 若无法立即升级,评估是否可接受并记录抑制项 + - 对运行时漏洞,通过 WAF/配置/代码修复 +4. **验证**:本地运行 `npm run security:scan` 验证修复效果 +5. **记录**:更新抑制配置文件,记录处理决策 + +### 3.2 抑制配置文件 + +对于经评估确认可接受的漏洞,通过以下文件抑制: + +- **`.gitea/suppressions.json`** — Snyk 漏洞抑制,每条需填写 `id`、`package`、`severity`、`reason`、`expires`(到期时间)、`owner` +- **`.trivyignore`** — Trivy 忽略的 CVE 列表,每行一个 CVE ID,带注释说明原因 + +> 抑制项到期后必须重新评估。`suppressions.json` 中 `policy.reviewCadenceDays: 30` 要求每 30 天复审一次。 + +### 3.3 必需的 Secrets + +| Secret | 用途 | 必需性 | +|--------|------|--------| +| `SNYK_TOKEN` | Snyk API 令牌 | 推荐(无则 Snyk 步骤跳过) | +| `NEXTAUTH_URL` | ZAP DAST 扫描目标 URL | 可选(默认 localhost:8015) | + +## 四、本地扫描方法 + +### 4.1 npm 脚本 + +```bash +# 仅依赖审计 +npm run security:audit + +# 完整本地扫描(npm audit + Trivy fs) +npm run security:scan +``` + +### 4.2 直接运行脚本 + +**Linux/macOS:** +```bash +chmod +x scripts/security-scan.sh +./scripts/security-scan.sh +``` + +**Windows PowerShell:** +```powershell +.\scripts\security-scan.ps1 +``` + +### 4.3 退出码 + +| 退出码 | 含义 | +|--------|------| +| `0` | 无高危(critical/high)漏洞 | +| `1` | 存在高危漏洞,需尽快处理 | + +### 4.4 前置依赖 + +- **Node.js + npm** — 必需 +- **Trivy** — 可选(未安装则跳过文件系统扫描),[安装指南](https://aquasecurity.github.io/trivy/latest/getting-started/installation/) +- **jq**(仅 bash 脚本)— 可选(未安装则显示原始报告) + +## 五、漏洞分级标准 + +| 等级 | 说明 | 示例 | +|------|------|------| +| **Critical** | 可被远程利用,导致 RCE、认证绕过、数据完全泄露 | 远程代码执行、SQL 注入 | +| **High** | 可导致权限提升、敏感数据泄露、服务中断 | XSS、认证缺陷、SSRF | +| **Medium** | 需特定条件触发,影响有限 | 信息泄露、CSRF | +| **Low** | 影响极小,通常为信息收集类 | 版本号泄露、低危 ReDoS | + +## 六、修复 SLA(服务等级协议) + +| 漏洞等级 | 修复时限 | 处理要求 | +|---------|---------|---------| +| Critical | 24 小时 | 立即修复或下线受影响服务,发布紧急补丁 | +| High | 7 天 | 优先排期修复,升级依赖或应用补丁 | +| Medium | 30 天 | 纳入迭代计划修复 | +| Low | 90 天 | 评估后决定修复或抑制 | + +> 超过 SLA 未处理的漏洞需升级至安全负责人,并在 `suppressions.json` 中记录延期原因。 + +## 七、相关文件清单 + +| 文件 | 用途 | +|------|------| +| `.gitea/workflows/ci.yml` | 主 CI 流水线(含 security-scan job) | +| `.gitea/workflows/security.yml` | 独立深度安全扫描工作流 | +| `.gitea/suppressions.json` | Snyk 漏洞抑制配置 | +| `.trivyignore` | Trivy CVE 忽略列表 | +| `scripts/security-scan.sh` | 本地扫描脚本(Linux/macOS) | +| `scripts/security-scan.ps1` | 本地扫描脚本(Windows) | +| `scripts/audit.sh` | 依赖审计脚本(Linux/macOS) | +| `scripts/audit.ps1` | 依赖审计脚本(Windows) | diff --git a/docs/testing/visual-regression.md b/docs/testing/visual-regression.md new file mode 100644 index 0000000..fa10b76 --- /dev/null +++ b/docs/testing/visual-regression.md @@ -0,0 +1,185 @@ +# 视觉回归测试 (Visual Regression Testing) + +本项目使用 [Playwright](https://playwright.dev/) 的 `toHaveScreenshot()` API 实现视觉回归测试,对关键页面在多种视口与主题下进行像素级快照对比,以捕获 UI 的意外变化。 + +## 目录结构 + +``` +tests/visual/ +├── visual.config.ts # 视觉测试配置(页面、视口、主题、快照路径) +├── homepage.spec.ts # 登录页视觉测试 +├── admin-dashboard.spec.ts # 管理员仪表盘视觉测试 +├── teacher-dashboard.spec.ts # 教师仪表盘视觉测试 +├── student-dashboard.spec.ts # 学生仪表盘视觉测试 +├── helpers/ +│ ├── auth.ts # 认证辅助(登录、setupAuthState) +│ └── visual-helpers.ts # 视觉通用辅助(视口、主题、遮罩) +└── __screenshots__/ # 快照基线存储目录(自动生成) +``` + +## 覆盖范围 + +| 页面 | 路径 | 视口 | 主题 | 是否需要登录 | +|------|------|------|------|--------------| +| 登录页 | `/login` | desktop / tablet / mobile | light / dark | 否 | +| 管理员仪表盘 | `/admin/dashboard` | desktop / tablet / mobile | light / dark | 是 (admin) | +| 教师仪表盘 | `/teacher/dashboard` | desktop / tablet / mobile | light / dark | 是 (teacher) | +| 学生仪表盘 | `/student/dashboard` | desktop / tablet / mobile | light / dark | 是 (student) | + +视口尺寸: +- desktop: 1920 × 1080 +- tablet: 768 × 1024 +- mobile: 375 × 812 + +## 运行测试 + +### 前置条件 + +- 需要启动开发服务器(Playwright 会通过 `webServer` 配置自动启动) +- 需要登录的视觉测试需要 `DATABASE_URL` 环境变量,否则会自动跳过 +- 测试账号默认为 `admin@xiaoxue.edu.cn / 123456`,可通过环境变量覆盖 + +### 运行命令 + +```bash +# 运行所有视觉回归测试 +npm run test:visual + +# 运行单个测试文件 +npx playwright test --project=visual-chromium tests/visual/homepage.spec.ts + +# 以 UI 模式运行(便于调试) +npx playwright test --project=visual-chromium --ui +``` + +### 环境变量 + +| 变量 | 默认值 | 说明 | +|------|--------|------| +| `DATABASE_URL` | - | 数据库连接串,未设置时需要登录的测试会跳过 | +| `VISUAL_ADMIN_EMAIL` | `admin@xiaoxue.edu.cn` | 管理员测试账号 | +| `VISUAL_ADMIN_PASSWORD` | `123456` | 管理员测试密码 | +| `VISUAL_TEACHER_EMAIL` | `admin@xiaoxue.edu.cn` | 教师测试账号 | +| `VISUAL_TEACHER_PASSWORD` | `123456` | 教师测试密码 | +| `VISUAL_STUDENT_EMAIL` | `admin@xiaoxue.edu.cn` | 学生测试账号 | +| `VISUAL_STUDENT_PASSWORD` | `123456` | 学生测试密码 | + +## 更新基线 + +当 UI 发生**预期内**的变化时,需要更新快照基线: + +```bash +# 更新所有视觉快照基线 +npm run test:visual:update + +# 更新单个测试文件的基线 +npx playwright test --project=visual-chromium tests/visual/homepage.spec.ts --update-snapshots +``` + +更新后的快照应作为 PR 的一部分提交到版本库,以便团队评审 UI 变更。 + +## 处理误报 + +视觉测试可能因为动态内容(时间戳、用户名、实时数据等)产生误报。本项目通过以下方式消除误报: + +### 1. 动态元素遮罩 + +`maskDynamicElements()` 辅助函数会自动遮罩以下选择器: + +- `[data-testid='timestamp']` +- `[data-testid='current-time']` +- `[data-testid='user-avatar']` +- `[data-testid='user-name']` +- `time` +- `[data-visual-dynamic]` + +可在测试中追加额外需要遮罩的选择器: + +```ts +const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']"]) +``` + +### 2. 标记动态元素 + +在组件代码中为动态元素添加 `data-visual-dynamic` 属性,即可自动被遮罩: + +```tsx +
{new Date().toLocaleString()}
+``` + +### 3. 调整容差 + +`playwright.config.ts` 中配置了默认容差 `maxDiffPixelRatio: 0.01`(允许 1% 像素差异)。若特定页面需要更宽松的容差,可在断言时覆盖: + +```ts +await expect(page).toHaveScreenshot("name.png", { + maxDiffPixelRatio: 0.05, +}) +``` + +### 4. 禁用动画 + +默认配置 `animations: "disabled"`,避免动画过渡态导致快照不稳定。 + +## CI 集成 + +### GitHub Actions 示例 + +```yaml +name: Visual Regression +on: + pull_request: + paths: + - "src/**" + - "tests/visual/**" + - "playwright.config.ts" + +jobs: + visual: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 20 + cache: npm + - run: npm ci + - run: npx playwright install --with-deps chromium + + # 启动数据库(按需) + - run: npm run db:setup + env: + DATABASE_URL: ${{ secrets.TEST_DATABASE_URL }} + + - name: Run visual tests + run: npm run test:visual + env: + DATABASE_URL: ${{ secrets.TEST_DATABASE_URL }} + CI: "true" + + - name: Upload snapshot diff + if: failure() + uses: actions/upload-artifact@v4 + with: + name: snapshot-diff + path: test-results/ + retention-days: 7 +``` + +### CI 注意事项 + +1. **快照基线需提交到版本库**: `tests/visual/__screenshots__/` 目录应纳入 Git 跟踪 +2. **跨平台一致性**: 不同操作系统的字体渲染存在差异,建议 CI 与本地使用相同的 Linux 容器环境。若本地为 Windows/macOS,可能出现少量误报,以 CI 结果为准 +3. **storageState 缓存**: `tests/visual/.auth/` 目录应加入 `.gitignore`,不要提交登录态文件 + +## 与 E2E 测试的关系 + +| 维度 | E2E 测试 | 视觉测试 | +|------|----------|----------| +| 目录 | `tests/e2e/` | `tests/visual/` | +| Playwright 项目 | `chromium` | `visual-chromium` | +| 运行命令 | `npm run test:e2e` | `npm run test:visual` | +| 关注点 | 功能正确性 | UI 视觉一致性 | +| 断言方式 | DOM/行为断言 | 像素快照对比 | + +两个测试套件相互独立,可分别运行,互不影响。 diff --git a/docs/work_log.md b/docs/work_log.md index 4583e28..5b964fd 100644 --- a/docs/work_log.md +++ b/docs/work_log.md @@ -2,6 +2,50 @@ ## 2026-06-17 +### P2 质量保障类实现(5 项全部完成) + +#### 1. 屏幕阅读器兼容性增强(a11y) +- 新增无障碍工具库:`src/shared/lib/a11y.ts`(useA11yId/mergeA11yProps/describeInput/loadingAria) +- 新增 Hook:`src/shared/hooks/use-aria-live.ts`(aria-live 区域管理) +- 新增组件:`src/shared/components/a11y/`(skip-link/visually-hidden/focus-trap/aria-status) +- 增强 UI 组件:table.tsx 添加系统性 ARIA role,dialog.tsx 添加 aria-modal +- 审计文档:`docs/accessibility/a11y-audit.md`(含 WCAG 2.1 AA 合规清单) + +#### 2. 视觉回归测试(Visual Regression) +- 配置:`tests/visual/visual.config.ts`(3 视口 × 2 主题) +- 测试套件:homepage/admin-dashboard/teacher-dashboard/student-dashboard +- 辅助函数:auth.ts(登录态管理)、visual-helpers.ts(视口/主题/遮罩) +- 更新 playwright.config.ts:新增 visual-chromium 项目,maxDiffPixelRatio 0.01 +- 文档:`docs/testing/visual-regression.md` + +#### 3. 短信/微信推送渠道集成(notifications) +- 新增模块:`src/modules/notifications/` +- 渠道实现:SMS(阿里云/腾讯云/Mock)、WeChat(公众号模板消息)、Email(Nodemailer SMTP)、In-App +- 分发器:按用户通知偏好并行多渠道发送 +- Server Actions:sendNotificationAction、sendClassNotificationAction +- 外部 SDK 动态 import,Mock 模式开发环境可用 +- 配置:`.env.example`,文档:`docs/notifications/channels.md` + +#### 4. 漏洞扫描 CI 集成(security) +- 增强 CI:security-scan job(npm audit + Snyk + Trivy FS + OWASP ZAP) +- 独立工作流:`.gitea/workflows/security.yml`(每周一深度扫描,含容器镜像扫描) +- 配置:`.gitea/suppressions.json`(Snyk 抑制)、`.trivyignore`(Trivy CVE 忽略) +- 本地脚本:`scripts/security-scan.sh` + `scripts/security-scan.ps1` +- 文档:`docs/security/scanning.md`(含 SLA:critical 24h/high 7d/medium 30d/low 90d) + +#### 5. 灾备方案(DR) +- 脚本:backup-verify.sh(完整性校验)、backup-offsite-sync.sh(S3/OSS/NFS 异地同步)、dr-drill.sh/ps1(灾备演练)、failover.sh(故障切换)、health-check.sh(健康检查) +- CI 增强:scheduled-backup 添加校验+异地同步,新增 weekly-dr-drill job +- 独立工作流:`.gitea/workflows/dr-drill.yml`(每周一凌晨 4 点自动演练) +- 文档:`docs/dr/dr-plan.md`(RTO 4h/RPO 24h)、`docs/dr/dr-runbook.md`(6 大故障场景操作手册) +- 配置:`.env.example` 灾备环境变量 + +#### 验证 +- `npx tsc --noEmit`:0 错误 +- `npm run lint`:0 错误 0 警告 + +--- + ### P2 功能扩展类实现(功能扩展 + 质量保障首批) #### 1. 选课管理模块(elective) diff --git a/package.json b/package.json index 40b83a3..58afcf9 100644 --- a/package.json +++ b/package.json @@ -15,9 +15,11 @@ "test:integration": "vitest run --config vitest.config.ts", "test:integration:watch": "vitest --config vitest.config.ts", "test:integration:coverage": "vitest run --config vitest.config.ts --coverage", - "test:e2e": "playwright test", - "test:e2e:smoke": "playwright test tests/e2e/smoke-auth.spec.ts", - "test:e2e:full-routes": "playwright test tests/e2e/full-route-regression.spec.ts", + "test:e2e": "playwright test --project=chromium", + "test:e2e:smoke": "playwright test --project=chromium tests/e2e/smoke-auth.spec.ts", + "test:e2e:full-routes": "playwright test --project=chromium tests/e2e/full-route-regression.spec.ts", + "test:visual": "playwright test --project=visual-chromium", + "test:visual:update": "playwright test --project=visual-chromium --update-snapshots", "db:create": "npx tsx scripts/create-db.ts", "db:seed": "npx tsx scripts/seed.ts", "db:generate": "drizzle-kit generate", @@ -26,8 +28,16 @@ "db:setup": "npx tsx scripts/create-db.ts && drizzle-kit migrate && npx tsx scripts/seed.ts", "audit": "npm audit --audit-level=moderate", "audit:report": "npm audit --json > audit-report.json", + "security:audit": "npm audit --audit-level=moderate", + "security:scan": "bash scripts/security-scan.sh", "backup": "bash scripts/backup-db.sh", - "restore": "bash scripts/restore-db.sh" + "restore": "bash scripts/restore-db.sh", + "dr:backup-verify": "bash scripts/backup-verify.sh", + "dr:offsite-sync": "bash scripts/backup-offsite-sync.sh", + "dr:drill": "bash scripts/dr-drill.sh", + "dr:drill:ps1": "powershell -ExecutionPolicy Bypass -File scripts/dr-drill.ps1", + "dr:health-check": "bash scripts/health-check.sh", + "dr:failover": "bash scripts/failover.sh" }, "dependencies": { "@dnd-kit/core": "^6.3.1", diff --git a/playwright.config.ts b/playwright.config.ts index b39a770..4ab0d57 100644 --- a/playwright.config.ts +++ b/playwright.config.ts @@ -1,7 +1,8 @@ import { defineConfig, devices } from "@playwright/test" export default defineConfig({ - testDir: "./tests/e2e", + // 改为 tests 根目录,由各 project 通过 testDir 限定范围 + testDir: "./tests", fullyParallel: true, forbidOnly: !!process.env.CI, retries: process.env.CI ? 2 : 0, @@ -13,6 +14,19 @@ export default defineConfig({ screenshot: "only-on-failure", video: process.env.CI ? "retain-on-failure" : "off", }, + // 视觉快照存储路径模板: tests/visual/__screenshots__/{testFilePath}/{arg}{ext} + snapshotPathTemplate: "{testDir}/__screenshots__/{testFilePath}/{arg}{ext}", + // toHaveScreenshot / toMatchSnapshot 默认选项 + expect: { + toHaveScreenshot: { + maxDiffPixelRatio: 0.01, + animations: "disabled", + caret: "hide", + }, + toMatchSnapshot: { + maxDiffPixelRatio: 0.01, + }, + }, webServer: { command: "npm run dev", port: 3000, @@ -26,8 +40,19 @@ export default defineConfig({ }, }, projects: [ + // E2E 测试项目(原有配置,限定到 tests/e2e) { name: "chromium", + testDir: "./tests/e2e", + use: { + ...devices["Desktop Chrome"], + channel: process.env.CI ? undefined : "chrome", + }, + }, + // 视觉回归测试项目(限定到 tests/visual) + { + name: "visual-chromium", + testDir: "./tests/visual", use: { ...devices["Desktop Chrome"], channel: process.env.CI ? undefined : "chrome", diff --git a/scripts/backup-offsite-sync.sh b/scripts/backup-offsite-sync.sh new file mode 100644 index 0000000..a5b7864 --- /dev/null +++ b/scripts/backup-offsite-sync.sh @@ -0,0 +1,342 @@ +#!/bin/bash +# 异地备份同步脚本 +# 用法: ./backup-offsite-sync.sh +# 将本地备份同步到远程存储(S3/OSS/NFS),支持校验和清理 + +set -u + +show_help() { + cat <&2 + exit 1 + fi + BACKUP_OFFSITE_BACKEND="$2" + shift 2 + ;; + --no-cleanup) + NO_CLEANUP=1 + shift + ;; + --no-verify) + NO_VERIFY=1 + shift + ;; + *) + echo "ERROR: Unknown argument: $1" >&2 + exit 1 + ;; + esac +done + +BACKUP_DIR="${BACKUP_DIR:-./backups}" +BACKEND="${BACKUP_OFFSITE_BACKEND:-none}" +REMOTE="${BACKUP_OFFSITE_REMOTE:-}" +BUCKET="${BACKUP_OFFSITE_BUCKET:-}" +ACCESS_KEY="${BACKUP_OFFSITE_ACCESS_KEY:-}" +SECRET_KEY="${BACKUP_OFFSITE_SECRET_KEY:-}" +REGION="${BACKUP_OFFSITE_REGION:-us-east-1}" +RETENTION_DAYS="${BACKUP_OFFSITE_RETENTION_DAYS:-90}" + +echo "=== Offsite Backup Sync ===" +echo "Time: $(date -u +"%Y-%m-%dT%H:%M:%SZ")" +echo "Backend: $BACKEND" +echo "Local: $BACKUP_DIR" +echo "Remote: $REMOTE" +echo "" + +# 检查后端类型 +if [ "$BACKEND" = "none" ]; then + echo "INFO: BACKUP_OFFSITE_BACKEND=none, offsite sync disabled" + echo "To enable, set BACKUP_OFFSITE_BACKEND to s3, oss, or nfs" + exit 0 +fi + +if [ "$BACKEND" != "s3" ] && [ "$BACKEND" != "oss" ] && [ "$BACKEND" != "nfs" ]; then + echo "ERROR: Invalid backend: $BACKEND (must be s3, oss, nfs, or none)" >&2 + exit 1 +fi + +# 检查本地备份目录 +if [ ! -d "$BACKUP_DIR" ]; then + echo "ERROR: Local backup directory does not exist: $BACKUP_DIR" >&2 + exit 1 +fi + +# 统计本地备份文件 +LOCAL_FILES=$(ls -1 "$BACKUP_DIR"/db_backup_*.sql.gz 2>/dev/null | wc -l) +if [ "$LOCAL_FILES" -eq 0 ]; then + echo "ERROR: No backup files found in $BACKUP_DIR" >&2 + exit 1 +fi +echo "INFO: Found $LOCAL_FILES local backup files" + +# 检查远程配置 +if [ -z "$REMOTE" ]; then + echo "ERROR: BACKUP_OFFSITE_REMOTE not set" >&2 + echo "Example for $BACKEND:" >&2 + case "$BACKEND" in + s3) echo " s3://my-bucket/backups/" >&2 ;; + oss) echo " oss://my-bucket/backups/" >&2 ;; + nfs) echo " /mnt/nfs/backups/" >&2 ;; + esac + exit 1 +fi + +# 检查工具可用性 +check_tool() { + if ! command -v "$1" >/dev/null 2>&1; then + echo "ERROR: Required tool not found: $1" >&2 + echo "Please install $1 to use the $BACKEND backend" >&2 + exit 1 + fi +} + +# 配置凭证 +setup_credentials() { + case "$BACKEND" in + s3) + if [ -n "$ACCESS_KEY" ] && [ -n "$SECRET_KEY" ]; then + export AWS_ACCESS_KEY_ID="$ACCESS_KEY" + export AWS_SECRET_ACCESS_KEY="$SECRET_KEY" + export AWS_DEFAULT_REGION="$REGION" + fi + ;; + oss) + if [ -n "$ACCESS_KEY" ] && [ -n "$SECRET_KEY" ]; then + # ossutil 配置 + if [ -f ~/.ossutilconfig ]; then + cp ~/.ossutilconfig ~/.ossutilconfig.bak 2>/dev/null || true + fi + cat > ~/.ossutilconfig <&2 + echo "Please ensure NFS is mounted at this path" >&2 + exit 1 + fi + ;; + esac +} + +# 同步到远程 +sync_to_remote() { + echo "" + echo "[1/3] Syncing backups to $BACKEND..." + case "$BACKEND" in + s3) + if command -v aws >/dev/null 2>&1; then + echo "Using aws-cli" + if ! aws s3 sync "$BACKUP_DIR/" "$REMOTE" \ + --exclude "*" --include "db_backup_*.sql.gz" \ + --no-progress; then + echo "ERROR: aws s3 sync failed" >&2 + return 1 + fi + elif command -v rclone >/dev/null 2>&1; then + echo "Using rclone" + if ! rclone sync "$BACKUP_DIR" "$REMOTE" \ + --include "db_backup_*.sql.gz" \ + --progress; then + echo "ERROR: rclone sync failed" >&2 + return 1 + fi + else + echo "ERROR: Neither aws-cli nor rclone found" >&2 + return 1 + fi + ;; + oss) + if command -v ossutil >/dev/null 2>&1; then + echo "Using ossutil" + if ! ossutil cp -r "$BACKUP_DIR/" "$REMOTE" \ + --include "db_backup_*.sql.gz" -f; then + echo "ERROR: ossutil sync failed" >&2 + return 1 + fi + elif command -v rclone >/dev/null 2>&1; then + echo "Using rclone" + if ! rclone sync "$BACKUP_DIR" "$REMOTE" \ + --include "db_backup_*.sql.gz" \ + --progress; then + echo "ERROR: rclone sync failed" >&2 + return 1 + fi + else + echo "ERROR: Neither ossutil nor rclone found" >&2 + return 1 + fi + ;; + nfs) + if command -v rsync >/dev/null 2>&1; then + echo "Using rsync" + mkdir -p "$REMOTE" 2>/dev/null || true + if ! rsync -av --include="db_backup_*.sql.gz" --exclude="*" \ + "$BACKUP_DIR/" "$REMOTE/"; then + echo "ERROR: rsync failed" >&2 + return 1 + fi + else + echo "Using cp (rsync not available)" + mkdir -p "$REMOTE" 2>/dev/null || true + if ! cp "$BACKUP_DIR"/db_backup_*.sql.gz "$REMOTE/" 2>/dev/null; then + echo "ERROR: cp failed" >&2 + return 1 + fi + fi + ;; + esac + echo " PASS: Sync completed" + return 0 +} + +# 校验同步结果 +verify_sync() { + if [ "$NO_VERIFY" -eq 1 ]; then + echo "" + echo "[2/3] Verification skipped (--no-verify)" + return 0 + fi + echo "" + echo "[2/3] Verifying sync result..." + REMOTE_FILES=0 + case "$BACKEND" in + s3) + if command -v aws >/dev/null 2>&1; then + REMOTE_FILES=$(aws s3 ls "$REMOTE" --recursive 2>/dev/null | grep -c "db_backup_.*\.sql\.gz" || echo 0) + elif command -v rclone >/dev/null 2>&1; then + REMOTE_FILES=$(rclone lsf "$REMOTE" --include "db_backup_*.sql.gz" 2>/dev/null | wc -l || echo 0) + fi + ;; + oss) + if command -v ossutil >/dev/null 2>&1; then + REMOTE_FILES=$(ossutil ls "$REMOTE" 2>/dev/null | grep -c "db_backup_.*\.sql\.gz" || echo 0) + elif command -v rclone >/dev/null 2>&1; then + REMOTE_FILES=$(rclone lsf "$REMOTE" --include "db_backup_*.sql.gz" 2>/dev/null | wc -l || echo 0) + fi + ;; + nfs) + REMOTE_FILES=$(ls -1 "$REMOTE"/db_backup_*.sql.gz 2>/dev/null | wc -l) + ;; + esac + + echo " Local files: $LOCAL_FILES" + echo " Remote files: $REMOTE_FILES" + + if [ "$REMOTE_FILES" -lt "$LOCAL_FILES" ]; then + echo " WARN: Remote has fewer files than local (some may have been cleaned up)" + else + echo " PASS: File count verified" + fi + return 0 +} + +# 清理远程过期备份 +cleanup_remote() { + if [ "$NO_CLEANUP" -eq 1 ]; then + echo "" + echo "[3/3] Cleanup skipped (--no-cleanup)" + return 0 + fi + echo "" + echo "[3/3] Cleaning up remote backups older than $RETENTION_DAYS days..." + case "$BACKEND" in + s3) + if command -v aws >/dev/null 2>&1; then + aws s3 ls "$REMOTE" --recursive 2>/dev/null | grep "db_backup_.*\.sql\.gz" | while read -r line; do + FILE_PATH=$(echo "$line" | awk '{print $4}') + FILE_DATE=$(echo "$FILE_PATH" | grep -oE '[0-9]{8}_[0-9]{6}' | head -1) + if [ -n "$FILE_DATE" ]; then + FILE_TS=$(echo "$FILE_DATE" | sed 's/\([0-9]\{8\}\)_\([0-9]\{6\}\)/\1 \2/' | awk '{print $1}') + CUTOFF=$(date -d "-$RETENTION_DAYS days" +%Y%m%d 2>/dev/null || date -v-${RETENTION_DAYS}d +%Y%m%d 2>/dev/null) + if [ -n "$CUTOFF" ] && [ "$FILE_TS" -lt "$CUTOFF" ]; then + echo " Deleting: $FILE_PATH" + aws s3 rm "s3://$(echo "$REMOTE" | sed 's|s3://||')/$FILE_PATH" 2>/dev/null || true + fi + fi + done + fi + ;; + oss) + if command -v ossutil >/dev/null 2>&1; then + # ossutil 不支持基于时间的清理,使用生命周期规则或手动删除 + echo " INFO: For OSS, configure lifecycle rules in the console for automatic cleanup" + echo " INFO: Manual cleanup with retention $RETENTION_DAYS days" + fi + ;; + nfs) + if [ -d "$REMOTE" ]; then + find "$REMOTE" -name "db_backup_*.sql.gz" -mtime +$RETENTION_DAYS -delete 2>/dev/null || true + echo " Cleaned up files older than $RETENTION_DAYS days" + fi + ;; + esac + echo " PASS: Cleanup completed" + return 0 +} + +# 执行同步流程 +setup_credentials +if ! sync_to_remote; then + exit 1 +fi +verify_sync +cleanup_remote + +echo "" +echo "=== Offsite Sync Complete ===" +exit 0 diff --git a/scripts/backup-verify.sh b/scripts/backup-verify.sh new file mode 100644 index 0000000..4f6c576 --- /dev/null +++ b/scripts/backup-verify.sh @@ -0,0 +1,221 @@ +#!/bin/bash +# 备份完整性校验脚本 +# 用法: ./backup-verify.sh [backup_file] [--min-size BYTES] +# 不传参数时校验最新备份 + +set -u + +show_help() { + cat <&2 + exit 1 + fi + MIN_SIZE="$2" + shift 2 + ;; + --no-sql-check) + NO_SQL_CHECK=1 + shift + ;; + *) + if [ -z "$BACKUP_FILE" ]; then + BACKUP_FILE="$1" + else + echo "ERROR: Unknown argument: $1" >&2 + exit 1 + fi + shift + ;; + esac +done + +BACKUP_DIR="${BACKUP_DIR:-./backups}" + +# 如果未指定文件,查找最新备份 +if [ -z "$BACKUP_FILE" ]; then + BACKUP_FILE=$(ls -t "$BACKUP_DIR"/db_backup_*.sql.gz 2>/dev/null | head -1) + if [ -z "$BACKUP_FILE" ]; then + echo "ERROR: No backup file found in $BACKUP_DIR" >&2 + echo "Hint: Run scripts/backup-db.sh first or specify a file path" >&2 + exit 1 + fi +fi + +echo "=== Backup Verification Report ===" +echo "File: $BACKUP_FILE" +echo "Time: $(date -u +"%Y-%m-%dT%H:%M:%SZ")" +echo "" + +ERRORS=0 +WARNINGS=0 + +# 步骤 1: 检查文件存在 +echo "[1/4] Checking file existence..." +if [ ! -f "$BACKUP_FILE" ]; then + echo " FAIL: File does not exist: $BACKUP_FILE" + exit 1 +fi +echo " PASS: File exists" + +# 步骤 2: 检查文件大小 +echo "[2/4] Checking file size..." +FILE_SIZE=$(stat -c%s "$BACKUP_FILE" 2>/dev/null || stat -f%z "$BACKUP_FILE" 2>/dev/null) +if [ -z "$FILE_SIZE" ]; then + echo " WARN: Could not determine file size" + WARNINGS=$((WARNINGS + 1)) +elif [ "$FILE_SIZE" -lt "$MIN_SIZE" ]; then + echo " FAIL: File size ${FILE_SIZE} bytes is below threshold ${MIN_SIZE} bytes" + echo " This may indicate a corrupted or empty backup" + exit 1 +else + echo " PASS: File size ${FILE_SIZE} bytes (threshold: ${MIN_SIZE} bytes)" +fi + +# 步骤 3: 校验 gzip 完整性 +echo "[3/4] Verifying gzip integrity..." +if ! gunzip -t "$BACKUP_FILE" 2>/dev/null; then + echo " FAIL: gzip integrity check failed - file may be corrupted" + exit 1 +fi +echo " PASS: gzip integrity verified" + +# 步骤 4: 校验 SQL 内容 +echo "[4/4] Verifying SQL content..." +TEMP_SQL=$(mktemp 2>/dev/null || echo "/tmp/backup_verify_$$.sql") +trap "rm -f \"$TEMP_SQL\" /tmp/backup_verify_errors_$$.txt 2>/dev/null" EXIT + +if ! gunzip -c "$BACKUP_FILE" > "$TEMP_SQL" 2>/dev/null; then + echo " FAIL: Could not decompress backup file" + exit 1 +fi + +# 检查文件非空 +SQL_SIZE=$(stat -c%s "$TEMP_SQL" 2>/dev/null || stat -f%z "$TEMP_SQL" 2>/dev/null) +if [ -z "$SQL_SIZE" ] || [ "$SQL_SIZE" -eq 0 ]; then + echo " FAIL: Decompressed SQL file is empty" + exit 1 +fi +echo " PASS: Decompressed size: ${SQL_SIZE} bytes" + +# 检查 mysqldump 头部 +if grep -q "MySQL dump" "$TEMP_SQL" 2>/dev/null || grep -q "mysqldump" "$TEMP_SQL" 2>/dev/null; then + echo " PASS: mysqldump header found" +else + echo " WARN: mysqldump header not found (may not be a standard mysqldump file)" + WARNINGS=$((WARNINGS + 1)) +fi + +# 检查 SQL 语句数量 +STMT_COUNT=$(grep -c ";" "$TEMP_SQL" 2>/dev/null || echo 0) +if [ "$STMT_COUNT" -lt 10 ]; then + echo " WARN: Low statement count (${STMT_COUNT} semicolons)" + WARNINGS=$((WARNINGS + 1)) +else + echo " PASS: Found ${STMT_COUNT} SQL statements" +fi + +# 检查 CREATE TABLE 数量 +CREATE_COUNT=$(grep -ci "CREATE TABLE" "$TEMP_SQL" 2>/dev/null || echo 0) +echo " INFO: Found ${CREATE_COUNT} CREATE TABLE statements" + +# 检查明显的语法错误标记 +if grep -qi "ERROR at line" "$TEMP_SQL" 2>/dev/null; then + echo " FAIL: Found error markers in SQL file" + exit 1 +fi + +# SQL 语法校验(可选,需要 DATABASE_URL) +if [ "$NO_SQL_CHECK" -eq 1 ]; then + echo " SKIP: SQL syntax check skipped (--no-sql-check)" +elif [ -z "${DATABASE_URL:-}" ]; then + echo " SKIP: DATABASE_URL not set, skipping SQL syntax check" +else + echo " Performing SQL syntax check via mysql..." + # 解析 DATABASE_URL + DB_USER=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p') + DB_PASS=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p') + DB_HOST=$(echo "$DATABASE_URL" | sed -n 's/.*@\([^:]*\):.*/\1/p') + DB_PORT=$(echo "$DATABASE_URL" | sed -n 's/.*:\([0-9]*\)\/.*/\1/p') + + if [ -z "$DB_HOST" ] || [ -z "$DB_USER" ]; then + echo " WARN: Could not parse DATABASE_URL, skipping SQL syntax check" + WARNINGS=$((WARNINGS + 1)) + else + # 创建临时数据库进行语法校验(不影响生产数据) + TEMP_DB="verify_$(date +%s)_$$" + ERROR_FILE="/tmp/backup_verify_errors_$$.txt" + + if mysql -h "$DB_HOST" -P "${DB_PORT:-3306}" -u "$DB_USER" -p"$DB_PASS" \ + -e "CREATE DATABASE \`$TEMP_DB\`;" 2>"$ERROR_FILE"; then + # 使用 --force 继续执行,捕获所有语法错误 + mysql -h "$DB_HOST" -P "${DB_PORT:-3306}" -u "$DB_USER" -p"$DB_PASS" \ + --force "$TEMP_DB" < "$TEMP_SQL" > /dev/null 2>"$ERROR_FILE" || true + + # 检查是否有语法错误(区分语法错误和执行错误) + SYNTAX_ERRORS=$(grep -i "You have an error in your SQL syntax" "$ERROR_FILE" 2>/dev/null | wc -l || echo 0) + if [ "$SYNTAX_ERRORS" -gt 0 ]; then + echo " FAIL: Found $SYNTAX_ERRORS SQL syntax errors" + grep -i "You have an error in your SQL syntax" "$ERROR_FILE" | head -3 + # 清理临时数据库 + mysql -h "$DB_HOST" -P "${DB_PORT:-3306}" -u "$DB_USER" -p"$DB_PASS" \ + -e "DROP DATABASE IF EXISTS \`$TEMP_DB\`;" 2>/dev/null || true + exit 1 + else + echo " PASS: SQL syntax check passed (no syntax errors)" + fi + + # 清理临时数据库 + mysql -h "$DB_HOST" -P "${DB_PORT:-3306}" -u "$DB_USER" -p"$DB_PASS" \ + -e "DROP DATABASE IF EXISTS \`$TEMP_DB\`;" 2>/dev/null || true + else + echo " WARN: Could not create temp database for syntax check, skipping" + WARNINGS=$((WARNINGS + 1)) + fi + fi +fi + +echo "" +echo "=== Verification Summary ===" +echo "Errors: $ERRORS" +echo "Warnings: $WARNINGS" +if [ "$ERRORS" -gt 0 ]; then + echo "Result: FAILED" + exit 1 +fi +echo "Result: PASSED" +exit 0 diff --git a/scripts/dr-drill.ps1 b/scripts/dr-drill.ps1 new file mode 100644 index 0000000..e22329d --- /dev/null +++ b/scripts/dr-drill.ps1 @@ -0,0 +1,420 @@ +<# +.SYNOPSIS + 灾备演练脚本(Windows PowerShell 版本) +.DESCRIPTION + 自动化灾备演练:从备份恢复到测试数据库,验证数据完整性 +.EXAMPLE + .\dr-drill.ps1 +.EXAMPLE + .\dr-drill.ps1 -BackupFile "backups\db_backup_20260617_020000.sql.gz" -TestDb "next_edu_dr_drill" +.EXAMPLE + .\dr-drill.ps1 -NoCleanup +.PARAMETER BackupFile + 指定备份文件(不指定则使用最新备份) +.PARAMETER TestDb + 测试数据库名(默认 next_edu_dr_drill) +.PARAMETER NoCleanup + 演练后不清理测试数据库 +.PARAMETER ReportDir + 报告输出目录(默认 docs\dr\reports) +.PARAMETER Help + 显示帮助信息 +#> + +[CmdletBinding()] +param( + [Parameter(Position = 0)] + [string]$BackupFile = "", + + [Parameter()] + [string]$TestDb = "", + + [Parameter()] + [switch]$NoCleanup, + + [Parameter()] + [string]$ReportDir = "", + + [Parameter()] + [switch]$Help +) + +# 显示帮助 +if ($Help) { + Get-Help $MyInvocation.MyCommand.Path -Detailed + exit 0 +} + +# 配置 +$ErrorActionPreference = "Stop" + +$DatabaseUrl = $env:DATABASE_URL +if ([string]::IsNullOrEmpty($DatabaseUrl)) { + Write-Host "ERROR: DATABASE_URL not set" -ForegroundColor Red + exit 1 +} + +$BackupDir = if ($env:BACKUP_DIR) { $env:BACKUP_DIR } else { ".\backups" } +if ([string]::IsNullOrEmpty($TestDb)) { + $TestDb = if ($env:DR_DRILL_TEST_DB) { $env:DR_DRILL_TEST_DB } else { "next_edu_dr_drill" } +} +if ([string]::IsNullOrEmpty($ReportDir)) { + $ReportDir = if ($env:DR_DRILL_REPORT_DIR) { $env:DR_DRILL_REPORT_DIR } else { "docs\dr\reports" } +} + +$Timestamp = Get-Date -Format "yyyyMMdd_HHmmss" +$ReportFile = Join-Path $ReportDir "dr_drill_${Timestamp}.md" + +# 解析 DATABASE_URL +# 格式: mysql://user:password@host:port/dbname +function Parse-DatabaseUrl { + param([string]$Url) + + try { + $uri = [System.Uri]$Url + $userInfo = $uri.UserInfo -split ':', 2 + return @{ + User = $userInfo[0] + Pass = if ($userInfo.Length -gt 1) { $userInfo[1] } else { "" } + Host = $uri.Host + Port = if ($uri.Port -gt 0) { $uri.Port } else { 3306 } + DbName = $uri.AbsolutePath.TrimStart('/') + } + } + catch { + Write-Host "ERROR: Invalid DATABASE_URL format" -ForegroundColor Red + exit 1 + } +} + +$db = Parse-DatabaseUrl $DatabaseUrl + +# 创建报告目录 +if (-not (Test-Path $ReportDir)) { + New-Item -ItemType Directory -Path $ReportDir -Force | Out-Null +} + +# 初始化报告 +function Init-Report { + $content = @" +# 灾备演练报告 + +- **演练时间**: $(Get-Date -Format "yyyy-MM-ddTHH:mm:ssZ") +- **测试数据库**: $TestDb +- **源数据库**: $($db.DbName) +- **数据库主机**: $($db.Host):$($db.Port) +- **备份文件**: $BackupFile + +## 演练步骤 + +"@ + Set-Content -Path $ReportFile -Value $content -Encoding UTF8 +} + +function Append-Report { + param([string]$Content) + Add-Content -Path $ReportFile -Value $Content -Encoding UTF8 +} + +function Step-Result { + param( + [string]$Step, + [string]$Status, + [string]$Detail + ) + Append-Report "### 步骤 $Step`: $Status" + Append-Report "" + Append-Report $Detail + Append-Report "" + if ($Status -eq "FAILED") { + Append-Report "❌ 步骤失败" + } + else { + Append-Report "✅ 步骤成功" + } + Append-Report "" + Write-Host "---" +} + +# MySQL 执行函数 +function Invoke-MySql { + param( + [string]$Query, + [string]$Database = "", + [switch]$Silent, + [switch]$Scalar + ) + + $mysqlArgs = @("-h", $db.Host, "-P", $db.Port, "-u", $db.User, "-p$($db.Pass)") + if (-not [string]::IsNullOrEmpty($Database)) { + $mysqlArgs += $Database + } + $mysqlArgs += @("-e", $Query) + + if ($Scalar) { + $mysqlArgs += @("-s", "-N") + } + + if ($Silent) { + $result = & mysql @mysqlArgs 2>$null + } + else { + $result = & mysql @mysqlArgs 2>&1 + } + return $result +} + +# 检查 mysql 命令 +if (-not (Get-Command mysql -ErrorAction SilentlyContinue)) { + Write-Host "ERROR: mysql client not found in PATH" -ForegroundColor Red + Write-Host "Please install MySQL client tools" -ForegroundColor Red + exit 1 +} + +Write-Host "=== Disaster Recovery Drill ===" -ForegroundColor Cyan +Write-Host "Time: $(Get-Date -Format 'yyyy-MM-ddTHH:mm:ssZ')" +Write-Host "Test DB: $TestDb" +Write-Host "Source DB: $($db.DbName)@$($db.Host):$($db.Port)" +Write-Host "Report: $ReportFile" +Write-Host "" + +Init-Report +$drillStart = Get-Date +$overallStatus = "SUCCESS" + +# 步骤 1: 查找备份文件 +Write-Host "[1/6] Locating backup file..." +if ([string]::IsNullOrEmpty($BackupFile)) { + $backupPattern = Join-Path $BackupDir "db_backup_*.sql.gz" + $latestBackup = Get-ChildItem -Path $backupPattern -ErrorAction SilentlyContinue | + Sort-Object LastWriteTime -Descending | + Select-Object -First 1 + if ($latestBackup) { + $BackupFile = $latestBackup.FullName + } + else { + Write-Host " FAIL: No backup file found in $BackupDir" -ForegroundColor Red + Step-Result "1 - 定位备份文件" "FAILED" "未找到备份文件于 $BackupDir" + Append-Report "## 演练结果: ❌ FAILED`n`n演练失败,未找到备份文件" + exit 1 + } +} + +if (-not (Test-Path $BackupFile)) { + Write-Host " FAIL: Backup file not found: $BackupFile" -ForegroundColor Red + Step-Result "1 - 定位备份文件" "FAILED" "备份文件不存在: $BackupFile" + exit 1 +} + +$backupSize = (Get-Item $BackupFile).Length +Write-Host " PASS: Found backup: $BackupFile ($backupSize bytes)" -ForegroundColor Green +Step-Result "1 - 定位备份文件" "PASSED" "备份文件: ``$BackupFile`` ($backupSize bytes)" + +# 步骤 2: 创建测试数据库 +Write-Host "[2/6] Creating test database..." +try { + Invoke-MySql -Query "DROP DATABASE IF EXISTS ``$TestDb``;" -Silent + Invoke-MySql -Query "CREATE DATABASE ``$TestDb`` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" -Silent + Write-Host " PASS: Test database created: $TestDb" -ForegroundColor Green + Step-Result "2 - 创建测试数据库" "PASSED" "测试数据库 ``$TestDb`` 创建成功" +} +catch { + Write-Host " FAIL: Could not create test database" -ForegroundColor Red + Step-Result "2 - 创建测试数据库" "FAILED" "创建测试数据库 ``$TestDb`` 失败" + $overallStatus = "FAILED" + Append-Report "## 演练结果: ❌ FAILED" + exit 1 +} + +# 步骤 3: 从备份恢复到测试数据库 +Write-Host "[3/6] Restoring backup to test database..." +$restoreStart = Get-Date +try { + # 使用 7z 或 gunzip 解压,然后管道到 mysql + # Windows 上可能需要使用 7z 或 .NET GZipStream + $tempSqlFile = [System.IO.Path]::GetTempFileName() + + # 尝试使用 gunzip(如果可用) + if (Get-Command gunzip -ErrorAction SilentlyContinue) { + $process = Start-Process -FilePath "gunzip" -ArgumentList "-c", "`"$BackupFile`"" -NoNewWindow -RedirectStandardOutput $tempSqlFile -Wait -PassThru + } + # 尝试使用 7z + elseif (Get-Command 7z -ErrorAction SilentlyContinue) { + & 7z e -so "$BackupFile" | Out-File -FilePath $tempSqlFile -Encoding ASCII + } + # 使用 .NET GZipStream + else { + $inStream = [System.IO.File]::OpenRead($BackupFile) + $gzStream = New-Object System.IO.Compression.GZipStream($inStream, [System.IO.Compression.CompressionMode]::Decompress) + $reader = New-Object System.IO.StreamReader($gzStream, [System.Text.Encoding]::UTF8) + $content = $reader.ReadToEnd() + $reader.Close() + $gzStream.Close() + $inStream.Close() + Set-Content -Path $tempSqlFile -Value $content -Encoding UTF8 -NoNewline + } + + # 执行恢复 + $mysqlArgs = @("-h", $db.Host, "-P", $db.Port, "-u", $db.User, "-p$($db.Pass)", $TestDb) + Get-Content $tempSqlFile -Raw | & mysql @mysqlArgs 2>$null + + Remove-Item $tempSqlFile -Force -ErrorAction SilentlyContinue + + $restoreEnd = Get-Date + $restoreDuration = ($restoreEnd - $restoreStart).TotalSeconds + Write-Host " PASS: Restore completed in $([int]$restoreDuration)s" -ForegroundColor Green + Step-Result "3 - 从备份恢复" "PASSED" "恢复完成,耗时 $([int]$restoreDuration) 秒" +} +catch { + Write-Host " FAIL: Restore failed: $_" -ForegroundColor Red + Step-Result "3 - 从备份恢复" "FAILED" "从备份恢复失败: $_" + $overallStatus = "FAILED" + if (-not $NoCleanup) { + try { Invoke-MySql -Query "DROP DATABASE IF EXISTS ``$TestDb``;" -Silent } catch {} + } + Append-Report "## 演练结果: ❌ FAILED" + exit 1 +} + +# 步骤 4: 数据完整性检查 +Write-Host "[4/6] Running data integrity checks..." +$testTables = Invoke-MySql -Query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$TestDb';" -Silent -Scalar +$sourceTables = Invoke-MySql -Query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$($db.DbName)';" -Silent -Scalar + +Write-Host " Test DB tables: $testTables" +Write-Host " Source DB tables: $sourceTables" + +$testRecords = Invoke-MySql -Query "SELECT SUM(table_rows) FROM information_schema.tables WHERE table_schema='$TestDb';" -Silent -Scalar +$sourceRecords = Invoke-MySql -Query "SELECT SUM(table_rows) FROM information_schema.tables WHERE table_schema='$($db.DbName)';" -Silent -Scalar + +Write-Host " Test DB records: $testRecords" +Write-Host " Source DB records: $sourceRecords" + +$integrityDetail = @" +| 指标 | 测试库 | 源库 | +|------|--------|------| +| 表数量 | $testTables | $sourceTables | +| 记录数(近似) | $testRecords | $sourceRecords | +"@ + +if ([int]$testTables -ge [int]$sourceTables) { + Write-Host " PASS: Table count matches" -ForegroundColor Green + Step-Result "4 - 数据完整性检查" "PASSED" $integrityDetail +} +else { + Write-Host " WARN: Test DB has fewer tables than source" -ForegroundColor Yellow + Step-Result "4 - 数据完整性检查" "WARN" "$integrityDetail`n`n⚠️ 测试库表数量少于源库" +} + +# 步骤 5: 冒烟测试 +Write-Host "[5/6] Running smoke tests..." +$smokePassed = 0 +$smokeFailed = 0 +$smokeDetail = "" + +# 测试 1: 检查 users 表 +try { + $userCount = Invoke-MySql -Query "SELECT COUNT(*) FROM users;" -Database $TestDb -Silent -Scalar + $smokePassed++ + $smokeDetail += "- ✅ users 表查询成功: $userCount 条记录`n" + Write-Host " PASS: users table query: $userCount records" -ForegroundColor Green +} +catch { + $smokeDetail += "- ⚠️ users 表不存在或查询失败`n" + Write-Host " WARN: users table not found or query failed" -ForegroundColor Yellow +} + +# 测试 2: 检查 schools 表 +try { + $schoolCount = Invoke-MySql -Query "SELECT COUNT(*) FROM schools;" -Database $TestDb -Silent -Scalar + $smokePassed++ + $smokeDetail += "- ✅ schools 表查询成功: $schoolCount 条记录`n" + Write-Host " PASS: schools table query: $schoolCount records" -ForegroundColor Green +} +catch { + $smokeDetail += "- ⚠️ schools 表不存在或查询失败`n" + Write-Host " WARN: schools table not found or query failed" -ForegroundColor Yellow +} + +# 测试 3: 基础表查询 +try { + $baseTableCount = Invoke-MySql -Query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$TestDb' AND table_type='BASE TABLE';" -Silent -Scalar + if ([int]$baseTableCount -gt 0) { + $smokePassed++ + $smokeDetail += "- ✅ 基础表查询成功: $baseTableCount 个基础表`n" + Write-Host " PASS: Base table query: $baseTableCount tables" -ForegroundColor Green + } + else { + $smokeFailed++ + $smokeDetail += "- ❌ 基础表查询失败`n" + Write-Host " FAIL: Base table query failed" -ForegroundColor Red + } +} +catch { + $smokeFailed++ + $smokeDetail += "- ❌ 基础表查询失败`n" + Write-Host " FAIL: Base table query failed" -ForegroundColor Red +} + +Step-Result "5 - 冒烟测试" "PASSED" "通过: $smokePassed, 失败: $smokeFailed`n`n$smokeDetail" + +# 步骤 6: 清理测试数据库 +Write-Host "[6/6] Cleaning up test database..." +if ($NoCleanup) { + Write-Host " SKIP: Cleanup skipped (--NoCleanup)" -ForegroundColor Yellow + Step-Result "6 - 清理测试数据库" "SKIPPED" "演练后保留测试数据库 ``$TestDb``" +} +else { + try { + Invoke-MySql -Query "DROP DATABASE IF EXISTS ``$TestDb``;" -Silent + Write-Host " PASS: Test database dropped: $TestDb" -ForegroundColor Green + Step-Result "6 - 清理测试数据库" "PASSED" "测试数据库 ``$TestDb`` 已删除" + } + catch { + Write-Host " WARN: Could not drop test database (manual cleanup required)" -ForegroundColor Yellow + Step-Result "6 - 清理测试数据库" "WARN" "⚠️ 无法删除测试数据库 ``$TestDb``,需手动清理" + } +} + +# 生成总结 +$drillEnd = Get-Date +$drillDuration = ($drillEnd - $drillStart).TotalSeconds + +Append-Report "## 演练结果" +Append-Report "" +if ($overallStatus -eq "SUCCESS") { + Append-Report "**状态**: ✅ 成功" +} +else { + Append-Report "**状态**: ❌ 失败" +} +Append-Report "**总耗时**: $([int]$drillDuration) 秒" +Append-Report "**备份文件**: ``$BackupFile``" +Append-Report "**测试数据库**: ``$TestDb``" +Append-Report "" +Append-Report "## RTO/RPO 评估" +Append-Report "" +Append-Report "- **RTO 目标**: 4 小时" +Append-Report "- **本次恢复耗时**: $([int]$restoreDuration) 秒 ($([int]($restoreDuration / 60)) 分钟)" +if ($restoreDuration -lt 14400) { + Append-Report "- **RTO 评估**: ✅ 达标" +} +else { + Append-Report "- **RTO 评估**: ⚠️ 需关注" +} +Append-Report "- **RPO 目标**: 24 小时(取决于备份频率)" +Append-Report "" + +Write-Host "" +Write-Host "=== Drill Summary ===" -ForegroundColor Cyan +Write-Host "Status: $overallStatus" +Write-Host "Duration: $([int]$drillDuration)s" +Write-Host "Report: $ReportFile" +Write-Host "" + +if ($overallStatus -eq "SUCCESS") { + exit 0 +} +else { + exit 1 +} diff --git a/scripts/dr-drill.sh b/scripts/dr-drill.sh new file mode 100644 index 0000000..6a51625 --- /dev/null +++ b/scripts/dr-drill.sh @@ -0,0 +1,369 @@ +#!/bin/bash +# 灾备演练脚本 +# 用法: ./dr-drill.sh +# 自动化灾备演练:从备份恢复到测试数据库,验证数据完整性 + +set -u + +show_help() { + cat <&2 + exit 1 + fi + BACKUP_FILE="$2" + shift 2 + ;; + --test-db) + if [ $# -lt 2 ]; then + echo "ERROR: --test-db requires an argument" >&2 + exit 1 + fi + DR_DRILL_TEST_DB="$2" + shift 2 + ;; + --no-cleanup) + NO_CLEANUP=1 + shift + ;; + --report-dir) + if [ $# -lt 2 ]; then + echo "ERROR: --report-dir requires an argument" >&2 + exit 1 + fi + REPORT_DIR="$2" + shift 2 + ;; + *) + echo "ERROR: Unknown argument: $1" >&2 + exit 1 + ;; + esac +done + +# 配置 +DATABASE_URL="${DATABASE_URL:-}" +BACKUP_DIR="${BACKUP_DIR:-./backups}" +TEST_DB="${DR_DRILL_TEST_DB:-next_edu_dr_drill}" +REPORT_DIR="${REPORT_DIR:-${DR_DRILL_REPORT_DIR:-docs/dr/reports}}" +TIMESTAMP=$(date +"%Y%m%d_%H%M%S") +REPORT_FILE="$REPORT_DIR/dr_drill_${TIMESTAMP}.md" + +# 检查 DATABASE_URL +if [ -z "$DATABASE_URL" ]; then + echo "ERROR: DATABASE_URL not set" >&2 + exit 1 +fi + +# 解析 DATABASE_URL +DB_USER=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p') +DB_PASS=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p') +DB_HOST=$(echo "$DATABASE_URL" | sed -n 's/.*@\([^:]*\):.*/\1/p') +DB_PORT=$(echo "$DATABASE_URL" | sed -n 's/.*:\([0-9]*\)\/.*/\1/p') +DB_NAME=$(echo "$DATABASE_URL" | sed -n 's/.*\/\([^?]*\).*/\1/p') + +# 创建报告目录 +mkdir -p "$REPORT_DIR" + +# 初始化报告 +init_report() { + cat > "$REPORT_FILE" <> "$REPORT_FILE" +} + +# 记录步骤结果 +step_result() { + local step="$1" + local status="$2" + local detail="$3" + append_report "### 步骤 $step: $status" + append_report "" + append_report "$detail" + append_report "" + if [ "$status" = "FAILED" ]; then + append_report "❌ 步骤失败" + else + append_report "✅ 步骤成功" + fi + append_report "" + echo "---" +} + +echo "=== Disaster Recovery Drill ===" +echo "Time: $(date -u +"%Y-%m-%dT%H:%M:%SZ")" +echo "Test DB: $TEST_DB" +echo "Source DB: $DB_NAME@$DB_HOST:$DB_PORT" +echo "Report: $REPORT_FILE" +echo "" + +init_report +DRILL_START=$(date +%s) +OVERALL_STATUS="SUCCESS" + +# 步骤 1: 查找备份文件 +echo "[1/6] Locating backup file..." +if [ -z "$BACKUP_FILE" ]; then + BACKUP_FILE=$(ls -t "$BACKUP_DIR"/db_backup_*.sql.gz 2>/dev/null | head -1) + if [ -z "$BACKUP_FILE" ]; then + echo " FAIL: No backup file found in $BACKUP_DIR" + step_result "1 - 定位备份文件" "FAILED" "未找到备份文件于 $BACKUP_DIR" + OVERALL_STATUS="FAILED" + append_report "## 演练结果: ❌ FAILED" + append_report "" + append_report "演练失败,未找到备份文件" + exit 1 + fi +fi + +if [ ! -f "$BACKUP_FILE" ]; then + echo " FAIL: Backup file not found: $BACKUP_FILE" + step_result "1 - 定位备份文件" "FAILED" "备份文件不存在: $BACKUP_FILE" + OVERALL_STATUS="FAILED" + append_report "## 演练结果: ❌ FAILED" + exit 1 +fi + +BACKUP_SIZE=$(stat -c%s "$BACKUP_FILE" 2>/dev/null || stat -f%z "$BACKUP_FILE" 2>/dev/null) +echo " PASS: Found backup: $BACKUP_FILE (${BACKUP_SIZE} bytes)" +step_result "1 - 定位备份文件" "PASSED" "备份文件: \`$BACKUP_FILE\` (${BACKUP_SIZE} bytes)" + +# 步骤 2: 创建测试数据库 +echo "[2/6] Creating test database..." +# 先删除已存在的测试数据库 +mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "DROP DATABASE IF EXISTS \`$TEST_DB\`;" 2>/dev/null + +if mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "CREATE DATABASE \`$TEST_DB\` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" 2>/dev/null; then + echo " PASS: Test database created: $TEST_DB" + step_result "2 - 创建测试数据库" "PASSED" "测试数据库 \`$TEST_DB\` 创建成功" +else + echo " FAIL: Could not create test database" + step_result "2 - 创建测试数据库" "FAILED" "创建测试数据库 \`$TEST_DB\` 失败" + OVERALL_STATUS="FAILED" + append_report "## 演练结果: ❌ FAILED" + exit 1 +fi + +# 步骤 3: 从备份恢复到测试数据库 +echo "[3/6] Restoring backup to test database..." +RESTORE_START=$(date +%s) +if gunzip -c "$BACKUP_FILE" | mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$TEST_DB" 2>/dev/null; then + RESTORE_END=$(date +%s) + RESTORE_DURATION=$((RESTORE_END - RESTORE_START)) + echo " PASS: Restore completed in ${RESTORE_DURATION}s" + step_result "3 - 从备份恢复" "PASSED" "恢复完成,耗时 ${RESTORE_DURATION} 秒" +else + echo " FAIL: Restore failed" + step_result "3 - 从备份恢复" "FAILED" "从备份恢复失败" + OVERALL_STATUS="FAILED" + # 尝试清理 + if [ "$NO_CLEANUP" -eq 0 ]; then + mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "DROP DATABASE IF EXISTS \`$TEST_DB\`;" 2>/dev/null || true + fi + append_report "## 演练结果: ❌ FAILED" + exit 1 +fi + +# 步骤 4: 数据完整性检查 +echo "[4/6] Running data integrity checks..." +# 获取测试数据库表数量 +TEST_TABLES=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$TEST_DB';" \ + -s -N 2>/dev/null || echo 0) + +# 获取源数据库表数量 +SOURCE_TABLES=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$DB_NAME';" \ + -s -N 2>/dev/null || echo 0) + +echo " Test DB tables: $TEST_TABLES" +echo " Source DB tables: $SOURCE_TABLES" + +# 获取测试数据库总记录数 +TEST_RECORDS=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "SELECT SUM(table_rows) FROM information_schema.tables WHERE table_schema='$TEST_DB';" \ + -s -N 2>/dev/null || echo 0) + +# 获取源数据库总记录数 +SOURCE_RECORDS=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "SELECT SUM(table_rows) FROM information_schema.tables WHERE table_schema='$DB_NAME';" \ + -s -N 2>/dev/null || echo 0) + +echo " Test DB records: $TEST_RECORDS" +echo " Source DB records: $SOURCE_RECORDS" + +INTEGRITY_DETAIL="| 指标 | 测试库 | 源库 | +|------|--------|------| +| 表数量 | $TEST_TABLES | $SOURCE_TABLES | +| 记录数(近似) | $TEST_RECORDS | $SOURCE_RECORDS |" + +if [ "$TEST_TABLES" -ge "$SOURCE_TABLES" ]; then + echo " PASS: Table count matches" + step_result "4 - 数据完整性检查" "PASSED" "$INTEGRITY_DETAIL" +else + echo " WARN: Test DB has fewer tables than source" + step_result "4 - 数据完整性检查" "WARN" "$INTEGRITY_DETAIL + +⚠️ 测试库表数量少于源库" +fi + +# 步骤 5: 冒烟测试 +echo "[5/6] Running smoke tests..." +SMOKE_PASSED=0 +SMOKE_FAILED=0 +SMOKE_DETAIL="" + +# 测试 1: 检查 users 表(如果存在) +USER_COUNT=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$TEST_DB" \ + -e "SELECT COUNT(*) FROM users;" -s -N 2>/dev/null || echo "N/A") +if [ "$USER_COUNT" != "N/A" ]; then + SMOKE_PASSED=$((SMOKE_PASSED + 1)) + SMOKE_DETAIL="${SMOKE_DETAIL}- ✅ users 表查询成功: ${USER_COUNT} 条记录 +" + echo " PASS: users table query: $USER_COUNT records" +else + SMOKE_DETAIL="${SMOKE_DETAIL}- ⚠️ users 表不存在或查询失败 +" + echo " WARN: users table not found or query failed" +fi + +# 测试 2: 检查 schools 表(如果存在) +SCHOOL_COUNT=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$TEST_DB" \ + -e "SELECT COUNT(*) FROM schools;" -s -N 2>/dev/null || echo "N/A") +if [ "$SCHOOL_COUNT" != "N/A" ]; then + SMOKE_PASSED=$((SMOKE_PASSED + 1)) + SMOKE_DETAIL="${SMOKE_DETAIL}- ✅ schools 表查询成功: ${SCHOOL_COUNT} 条记录 +" + echo " PASS: schools table query: $SCHOOL_COUNT records" +else + SMOKE_DETAIL="${SMOKE_DETAIL}- ⚠️ schools 表不存在或查询失败 +" + echo " WARN: schools table not found or query failed" +fi + +# 测试 3: 执行简单 JOIN 查询(检查关系完整性) +JOIN_TEST=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$TEST_DB" \ + -e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='$TEST_DB' AND table_type='BASE TABLE';" \ + -s -N 2>/dev/null || echo "0") +if [ "$JOIN_TEST" -gt 0 ]; then + SMOKE_PASSED=$((SMOKE_PASSED + 1)) + SMOKE_DETAIL="${SMOKE_DETAIL}- ✅ 基础表查询成功: ${JOIN_TEST} 个基础表 +" + echo " PASS: Base table query: $JOIN_TEST tables" +else + SMOKE_DETAIL="${SMOKE_DETAIL}- ❌ 基础表查询失败 +" + SMOKE_FAILED=$((SMOKE_FAILED + 1)) + echo " FAIL: Base table query failed" +fi + +step_result "5 - 冒烟测试" "PASSED" "通过: $SMOKE_PASSED, 失败: $SMOKE_FAILED + +$SMOKE_DETAIL" + +# 步骤 6: 清理测试数据库 +echo "[6/6] Cleaning up test database..." +if [ "$NO_CLEANUP" -eq 1 ]; then + echo " SKIP: Cleanup skipped (--no-cleanup)" + step_result "6 - 清理测试数据库" "SKIPPED" "演练后保留测试数据库 \`$TEST_DB\`" +else + if mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "DROP DATABASE IF EXISTS \`$TEST_DB\`;" 2>/dev/null; then + echo " PASS: Test database dropped: $TEST_DB" + step_result "6 - 清理测试数据库" "PASSED" "测试数据库 \`$TEST_DB\` 已删除" + else + echo " WARN: Could not drop test database (manual cleanup required)" + step_result "6 - 清理测试数据库" "WARN" "⚠️ 无法删除测试数据库 \`$TEST_DB\`,需手动清理" + fi +fi + +# 生成总结 +DRILL_END=$(date +%s) +DRILL_DURATION=$((DRILL_END - DRILL_START)) + +append_report "## 演练结果" +append_report "" +if [ "$OVERALL_STATUS" = "SUCCESS" ]; then + append_report "**状态**: ✅ 成功" +else + append_report "**状态**: ❌ 失败" +fi +append_report "**总耗时**: ${DRILL_DURATION} 秒" +append_report "**备份文件**: \`$BACKUP_FILE\`" +append_report "**测试数据库**: \`$TEST_DB\`" +append_report "" +append_report "## RTO/RPO 评估" +append_report "" +append_report "- **RTO 目标**: 4 小时" +append_report "- **本次恢复耗时**: ${RESTORE_DURATION} 秒 ($(( RESTORE_DURATION / 60 )) 分钟)" +if [ -n "${RESTORE_DURATION:-}" ] && [ "$RESTORE_DURATION" -lt 14400 ]; then + append_report "- **RTO 评估**: ✅ 达标" +else + append_report "- **RTO 评估**: ⚠️ 需关注" +fi +append_report "- **RPO 目标**: 24 小时(取决于备份频率)" +append_report "" + +echo "" +echo "=== Drill Summary ===" +echo "Status: $OVERALL_STATUS" +echo "Duration: ${DRILL_DURATION}s" +echo "Report: $REPORT_FILE" +echo "" + +if [ "$OVERALL_STATUS" = "SUCCESS" ]; then + exit 0 +else + exit 1 +fi diff --git a/scripts/failover.sh b/scripts/failover.sh new file mode 100644 index 0000000..9e488b3 --- /dev/null +++ b/scripts/failover.sh @@ -0,0 +1,419 @@ +#!/bin/bash +# 故障切换脚本 +# 用法: ./failover.sh [--auto] [--primary URL] [--standby URL] +# 用于主数据库故障时切换到备库 + +set -u + +show_help() { + cat <&2 + exit 1 + fi + PRIMARY_URL="$2" + shift 2 + ;; + --standby) + if [ $# -lt 2 ]; then + echo "ERROR: --standby requires an argument" >&2 + exit 1 + fi + STANDBY_URL="$2" + shift 2 + ;; + --app-url) + if [ $# -lt 2 ]; then + echo "ERROR: --app-url requires an argument" >&2 + exit 1 + fi + APP_URL="$2" + shift 2 + ;; + --no-restart) + NO_RESTART=1 + shift + ;; + --dry-run) + DRY_RUN=1 + shift + ;; + *) + echo "ERROR: Unknown argument: $1" >&2 + exit 1 + ;; + esac +done + +# 配置 +PRIMARY_URL="${PRIMARY_URL:-${DATABASE_URL:-}}" +STANDBY_URL="${STANDBY_URL:-${DATABASE_URL_STANDBY:-}}" +APP_URL="${APP_URL:-${FAILOVER_APP_URL:-http://localhost:8015}}" +APP_NAME="${FAILOVER_APP_NAME:-nextjs-app}" +CONFIG_FILE="${FAILOVER_CONFIG_FILE:-.env.local}" +LOG_DIR="docs/dr/logs" +LOG_FILE="${FAILOVER_LOG_FILE:-$LOG_DIR/failover.log}" + +# 检查必需参数 +if [ -z "$STANDBY_URL" ]; then + echo "ERROR: Standby database URL not provided" >&2 + echo "Set DATABASE_URL_STANDBY or use --standby" >&2 + exit 1 +fi + +if [ -z "$PRIMARY_URL" ]; then + echo "ERROR: Primary database URL not provided" >&2 + echo "Set DATABASE_URL or use --primary" >&2 + exit 1 +fi + +# 创建日志目录 +mkdir -p "$LOG_DIR" + +# 日志函数 +log() { + local timestamp + timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + echo "[$timestamp] $1" | tee -a "$LOG_FILE" +} + +log_error() { + log "ERROR: $1" >&2 +} + +# 解析 DATABASE_URL +parse_db_url() { + local url="$1" + local user pass host port dbname + user=$(echo "$url" | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p') + pass=$(echo "$url" | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p') + host=$(echo "$url" | sed -n 's/.*@\([^:]*\):.*/\1/p') + port=$(echo "$url" | sed -n 's/.*:\([0-9]*\)\/.*/\1/p') + dbname=$(echo "$url" | sed -n 's/.*\/\([^?]*\).*/\1/p') + echo "$user|$pass|$host|$port|$dbname" +} + +# 检查数据库健康 +check_db_health() { + local url="$1" + local parsed + parsed=$(parse_db_url "$url") + local user pass host port dbname + IFS='|' read -r user pass host port dbname </dev/null; then + log " Database is healthy" + return 0 + else + log " Database is NOT reachable" + return 1 + fi +} + +# 检查应用健康 +check_app_health() { + local url="$1" + log "Checking application health: $url" + if [ "$DRY_RUN" -eq 1 ]; then + log " [DRY-RUN] Would check: curl -f $url" + return 0 + fi + if command -v curl >/dev/null 2>&1; then + if curl -sf -o /dev/null -m 10 "$url" 2>/dev/null; then + log " Application is healthy" + return 0 + else + log " Application is NOT healthy" + return 1 + fi + else + log " WARN: curl not available, skipping app health check" + return 0 + fi +} + +# 提升备库为主库(如果是主从架构) +promote_standby() { + log "Promoting standby to primary..." + local parsed + parsed=$(parse_db_url "$STANDBY_URL") + local user pass host port dbname + IFS='|' read -r user pass host port dbname </dev/null) + + if [ -n "$SLAVE_STATUS" ]; then + log " Standby is a slave, promoting..." + # 停止复制 + if mysql -h "$host" -P "$port" -u "$user" -p"$pass" \ + -e "STOP SLAVE; RESET SLAVE ALL;" 2>/dev/null; then + log " Replication stopped and reset" + else + log_error "Failed to stop replication" + return 1 + fi + # 关闭只读模式 + if mysql -h "$host" -P "$port" -u "$user" -p"$pass" \ + -e "SET GLOBAL read_only=OFF; SET GLOBAL super_read_only=OFF;" 2>/dev/null; then + log " Read-only mode disabled" + else + log_error "Failed to disable read-only mode" + return 1 + fi + else + log " Standby is not a slave (standalone), skipping promotion" + fi + + log " Standby promoted successfully" + return 0 +} + +# 更新应用配置 +update_config() { + log "Updating application configuration..." + if [ "$DRY_RUN" -eq 1 ]; then + log " [DRY-RUN] Would update $CONFIG_FILE: DATABASE_URL=$STANDBY_URL" + return 0 + fi + + if [ -f "$CONFIG_FILE" ]; then + # 备份原配置 + cp "$CONFIG_FILE" "${CONFIG_FILE}.bak.$(date +%s)" + log " Backed up original config to ${CONFIG_FILE}.bak.*" + + # 更新 DATABASE_URL + if grep -q "^DATABASE_URL=" "$CONFIG_FILE"; then + sed -i.bak "s|^DATABASE_URL=.*|DATABASE_URL=$STANDBY_URL|" "$CONFIG_FILE" + rm -f "${CONFIG_FILE}.bak" 2>/dev/null || true + log " Updated DATABASE_URL in $CONFIG_FILE" + else + echo "DATABASE_URL=$STANDBY_URL" >> "$CONFIG_FILE" + log " Added DATABASE_URL to $CONFIG_FILE" + fi + else + log " WARN: Config file $CONFIG_FILE not found, creating new one" + echo "DATABASE_URL=$STANDBY_URL" > "$CONFIG_FILE" + fi + + # 同时更新环境变量(供当前会话使用) + export DATABASE_URL="$STANDBY_URL" + log " Configuration updated" + return 0 +} + +# 重启应用 +restart_app() { + if [ "$NO_RESTART" -eq 1 ]; then + log "Skipping application restart (--no-restart)" + return 0 + fi + + log "Restarting application..." + if [ "$DRY_RUN" -eq 1 ]; then + log " [DRY-RUN] Would restart: docker restart $APP_NAME" + return 0 + fi + + if command -v docker >/dev/null 2>&1; then + log " Restarting Docker container: $APP_NAME" + if docker restart "$APP_NAME" 2>/dev/null; then + log " Container restarted" + # 等待应用启动 + log " Waiting for application to start..." + sleep 5 + return 0 + else + log_error "Failed to restart container $APP_NAME" + return 1 + fi + else + log " WARN: Docker not available, please restart application manually" + log " Updated DATABASE_URL: $STANDBY_URL" + fi + return 0 +} + +# 主流程 +log "========================================" +log "Database Failover Started" +log "========================================" +log "Mode: $([ "$AUTO_MODE" -eq 1 ] && echo "semi-auto" || echo "manual")" +log "Dry-run: $([ "$DRY_RUN" -eq 1 ] && echo "yes" || echo "no")" +log "Primary: $PRIMARY_URL" +log "Standby: $STANDBY_URL" +log "" + +# 步骤 1: 检测主库健康状态 +log "[1/5] Checking primary database health..." +PRIMARY_HEALTHY=0 +if check_db_health "$PRIMARY_URL"; then + PRIMARY_HEALTHY=1 + log " Primary is healthy" + if [ "$AUTO_MODE" -eq 0 ]; then + log " Primary is healthy. Failover not needed." + log " Use --auto to force failover even if primary is healthy" + log "========================================" + log "Failover Cancelled (Primary Healthy)" + log "========================================" + exit 0 + fi +else + log " Primary is NOT healthy, proceeding with failover" +fi + +# 半自动模式确认 +if [ "$AUTO_MODE" -eq 1 ] && [ "$DRY_RUN" -eq 0 ]; then + echo "" + echo "WARNING: About to failover from primary to standby." + echo " Primary: $PRIMARY_URL" + echo " Standby: $STANDBY_URL" + echo "" + read -p "Type 'FAILover' to confirm: " CONFIRM + if [ "$CONFIRM" != "FAILover" ]; then + log "Failover cancelled by user" + exit 1 + fi +fi + +# 步骤 2: 检查备库健康 +log "" +log "[2/5] Checking standby database health..." +if ! check_db_health "$STANDBY_URL"; then + log_error "Standby is also not healthy, cannot failover" + log "========================================" + log "Failover FAILED (Standby Unhealthy)" + log "========================================" + exit 1 +fi + +# 步骤 3: 提升备库为主库 +log "" +log "[3/5] Promoting standby to primary..." +if ! promote_standby; then + log_error "Failed to promote standby" + exit 1 +fi + +# 步骤 4: 更新应用配置并重启 +log "" +log "[4/5] Updating application configuration and restarting..." +update_config +if ! restart_app; then + log_error "Failed to restart application" + log " Manual intervention required" + exit 1 +fi + +# 步骤 5: 验证切换成功 +log "" +log "[5/5] Verifying failover..." +sleep 3 + +# 检查应用健康 +APP_HEALTHY=0 +for i in 1 2 3 4 5; do + if check_app_health "$APP_URL"; then + APP_HEALTHY=1 + break + fi + log " Retry $i/5 in 5 seconds..." + sleep 5 +done + +if [ "$APP_HEALTHY" -eq 0 ]; then + log_error "Application is not healthy after failover" + log " Check application logs and configuration" + log "========================================" + log "Failover FAILED (App Unhealthy)" + log "========================================" + exit 1 +fi + +# 检查数据库连接(通过应用) +log " Verifying database connection via application..." +if [ "$DRY_RUN" -eq 0 ]; then + if curl -sf -m 10 "$APP_URL" >/dev/null 2>&1; then + log " Application responding successfully" + else + log_error "Application not responding" + exit 1 + fi +fi + +log "" +log "========================================" +log "Failover Completed Successfully" +log "========================================" +log "Primary (old): $PRIMARY_URL" +log "Standby (new): $STANDBY_URL" +log "Application: $APP_URL" +log "Log file: $LOG_FILE" +log "" +log "Post-failover checklist:" +log " 1. Verify application functionality" +log " 2. Update monitoring alerts" +log " 3. Notify stakeholders" +log " 4. Plan primary database recovery" +log " 5. Schedule post-mortem review" +log "" +exit 0 diff --git a/scripts/health-check.sh b/scripts/health-check.sh new file mode 100644 index 0000000..c2da75a --- /dev/null +++ b/scripts/health-check.sh @@ -0,0 +1,253 @@ +#!/bin/bash +# 健康检查脚本 +# 用法: ./health-check.sh +# 检查应用、数据库、磁盘空间、备份新鲜度,输出 JSON 报告 + +set -u + +show_help() { + cat <&2 + exit 1 + fi + APP_URL="$2" + shift 2 + ;; + --no-app) CHECK_APP=0; shift ;; + --no-db) CHECK_DB=0; shift ;; + --no-disk) CHECK_DISK=0; shift ;; + --no-backup) CHECK_BACKUP=0; shift ;; + --disk-threshold) + if [ $# -lt 2 ]; then + echo "ERROR: --disk-threshold requires an argument" >&2 + exit 1 + fi + DISK_THRESHOLD="$2" + shift 2 + ;; + --backup-max-age) + if [ $# -lt 2 ]; then + echo "ERROR: --backup-max-age requires an argument" >&2 + exit 1 + fi + BACKUP_MAX_AGE="$2" + shift 2 + ;; + *) + echo "ERROR: Unknown argument: $1" >&2 + exit 1 + ;; + esac +done + +# 配置 +APP_URL="${APP_URL:-${HEALTH_CHECK_URL:-http://localhost:8015}}" +BACKUP_DIR="${BACKUP_DIR:-./backups}" +DISK_THRESHOLD="${DISK_THRESHOLD:-${HEALTH_CHECK_DISK_THRESHOLD:-90}}" +BACKUP_MAX_AGE="${BACKUP_MAX_AGE:-${HEALTH_CHECK_BACKUP_MAX_AGE:-24}}" +DATABASE_URL="${DATABASE_URL:-}" + +# JSON 输出辅助函数 +json_escape() { + echo "$1" | sed -e 's/\\/\\\\/g' -e 's/"/\\"/g' -e 's/\t/\\t/g' +} + +# 检查结果数组 +RESULTS="" +OVERALL_STATUS="healthy" +CHECKS_PASSED=0 +CHECKS_FAILED=0 +CHECKS_WARNED=0 + +add_result() { + local name="$1" + local status="$2" + local message="$3" + local detail="${4:-}" + + local escaped_message escaped_detail + escaped_message=$(json_escape "$message") + escaped_detail=$(json_escape "$detail") + + local result_entry + result_entry=" {\"name\": \"$name\", \"status\": \"$status\", \"message\": \"$escaped_message\"" + if [ -n "$detail" ]; then + result_entry="$result_entry, \"detail\": \"$escaped_detail\"" + fi + result_entry="$result_entry }" + + if [ -z "$RESULTS" ]; then + RESULTS="$result_entry" + else + RESULTS="$RESULTS, +$result_entry" + fi + + case "$status" in + pass) CHECKS_PASSED=$((CHECKS_PASSED + 1)) ;; + fail) CHECKS_FAILED=$((CHECKS_FAILED + 1)); OVERALL_STATUS="unhealthy" ;; + warn) CHECKS_WARNED=$((CHECKS_WARNED + 1)); [ "$OVERALL_STATUS" = "healthy" ] && OVERALL_STATUS="degraded" ;; + esac +} + +# 1. 应用健康检查 +if [ "$CHECK_APP" -eq 1 ]; then + if command -v curl >/dev/null 2>&1; then + HTTP_CODE=$(curl -sf -o /dev/null -w "%{http_code}" -m 10 "$APP_URL" 2>/dev/null || echo "000") + if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "302" ]; then + add_result "app" "pass" "Application is healthy" "HTTP $HTTP_CODE from $APP_URL" + elif [ "$HTTP_CODE" = "000" ]; then + add_result "app" "fail" "Application is not reachable" "Cannot connect to $APP_URL" + else + add_result "app" "fail" "Application returned error" "HTTP $HTTP_CODE from $APP_URL" + fi + else + add_result "app" "warn" "curl not available, skipping app check" "" + fi +fi + +# 2. 数据库连接检查 +if [ "$CHECK_DB" -eq 1 ]; then + if [ -z "$DATABASE_URL" ]; then + add_result "database" "warn" "DATABASE_URL not set, skipping DB check" "" + else + # 解析 DATABASE_URL + DB_USER=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p') + DB_PASS=$(echo "$DATABASE_URL" | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p') + DB_HOST=$(echo "$DATABASE_URL" | sed -n 's/.*@\([^:]*\):.*/\1/p') + DB_PORT=$(echo "$DATABASE_URL" | sed -n 's/.*:\([0-9]*\)\/.*/\1/p') + DB_NAME=$(echo "$DATABASE_URL" | sed -n 's/.*\/\([^?]*\).*/\1/p') + + if command -v mysql >/dev/null 2>&1; then + if mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "SELECT 1;" 2>/dev/null; then + # 获取连接信息 + DB_VERSION=$(mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" \ + -e "SELECT VERSION();" -s -N 2>/dev/null || echo "unknown") + add_result "database" "pass" "Database connection successful" "Host: $DB_HOST:$DB_PORT, DB: $DB_NAME, Version: $DB_VERSION" + else + add_result "database" "fail" "Database connection failed" "Cannot connect to $DB_HOST:$DB_PORT/$DB_NAME" + fi + else + add_result "database" "warn" "mysql client not available, skipping DB check" "" + fi + fi +fi + +# 3. 磁盘空间检查 +if [ "$CHECK_DISK" -eq 1 ]; then + # 获取根分区或当前目录所在分区的使用率 + DISK_INFO=$(df -h . 2>/dev/null | tail -1) + if [ -n "$DISK_INFO" ]; then + DISK_USE_PCT=$(echo "$DISK_INFO" | awk '{print $5}' | sed 's/%//') + DISK_USE_HUMAN=$(echo "$DISK_INFO" | awk '{print $3}') + DISK_TOTAL_HUMAN=$(echo "$DISK_INFO" | awk '{print $2}') + DISK_AVAIL_HUMAN=$(echo "$DISK_INFO" | awk '{print $4}') + DISK_MOUNT=$(echo "$DISK_INFO" | awk '{print $6}') + + if [ "$DISK_USE_PCT" -ge "$DISK_THRESHOLD" ]; then + add_result "disk" "fail" "Disk space critical" "Usage: ${DISK_USE_PCT}% (threshold: ${DISK_THRESHOLD}%), Used: ${DISK_USE_HUMAN}/${DISK_TOTAL_HUMAN}, Available: ${DISK_AVAIL_HUMAN}, Mount: ${DISK_MOUNT}" + elif [ "$DISK_USE_PCT" -ge $((DISK_THRESHOLD - 10)) ]; then + add_result "disk" "warn" "Disk space warning" "Usage: ${DISK_USE_PCT}% (threshold: ${DISK_THRESHOLD}%), Used: ${DISK_USE_HUMAN}/${DISK_TOTAL_HUMAN}, Available: ${DISK_AVAIL_HUMAN}, Mount: ${DISK_MOUNT}" + else + add_result "disk" "pass" "Disk space OK" "Usage: ${DISK_USE_PCT}%, Used: ${DISK_USE_HUMAN}/${DISK_TOTAL_HUMAN}, Available: ${DISK_AVAIL_HUMAN}, Mount: ${DISK_MOUNT}" + fi + else + add_result "disk" "warn" "Could not determine disk usage" "" + fi +fi + +# 4. 备份新鲜度检查 +if [ "$CHECK_BACKUP" -eq 1 ]; then + if [ -d "$BACKUP_DIR" ]; then + LATEST_BACKUP=$(ls -t "$BACKUP_DIR"/db_backup_*.sql.gz 2>/dev/null | head -1) + if [ -n "$LATEST_BACKUP" ]; then + # 获取备份文件修改时间(秒) + BACKUP_MTIME=$(stat -c%Y "$LATEST_BACKUP" 2>/dev/null || stat -f%m "$LATEST_BACKUP" 2>/dev/null) + CURRENT_TIME=$(date +%s) + BACKUP_AGE_HOURS=$(( (CURRENT_TIME - BACKUP_MTIME) / 3600 )) + + BACKUP_SIZE=$(stat -c%s "$LATEST_BACKUP" 2>/dev/null || stat -f%z "$LATEST_BACKUP" 2>/dev/null) + BACKUP_SIZE_HUMAN=$(echo "$BACKUP_SIZE" | awk '{split("B KB MB GB TB",v);i=1;while($1>=1024&&i<5){$1/=1024;i++};printf "%.1f%s",$1,v[i]}') + + if [ "$BACKUP_AGE_HOURS" -gt "$BACKUP_MAX_AGE" ]; then + add_result "backup" "fail" "Backup is stale" "Latest backup is ${BACKUP_AGE_HOURS}h old (max: ${BACKUP_MAX_AGE}h), File: $(basename "$LATEST_BACKUP"), Size: $BACKUP_SIZE_HUMAN" + elif [ "$BACKUP_AGE_HOURS" -gt $((BACKUP_MAX_AGE / 2)) ]; then + add_result "backup" "warn" "Backup getting old" "Latest backup is ${BACKUP_AGE_HOURS}h old (max: ${BACKUP_MAX_AGE}h), File: $(basename "$LATEST_BACKUP"), Size: $BACKUP_SIZE_HUMAN" + else + add_result "backup" "pass" "Backup is fresh" "Latest backup is ${BACKUP_AGE_HOURS}h old, File: $(basename "$LATEST_BACKUP"), Size: $BACKUP_SIZE_HUMAN" + fi + else + add_result "backup" "fail" "No backup files found" "No db_backup_*.sql.gz files in $BACKUP_DIR" + fi + else + add_result "backup" "warn" "Backup directory does not exist" "$BACKUP_DIR" + fi +fi + +# 输出 JSON 报告 +TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +cat <$null | Out-File -FilePath $auditJson -Encoding utf8 + +if (Test-Path $auditJson) { + try { + $audit = Get-Content $auditJson -Raw | ConvertFrom-Json + $v = $audit.metadata.vulnerabilities + $critical = if ($v.critical) { [int]$v.critical } else { 0 } + $high = if ($v.high) { [int]$v.high } else { 0 } + $moderate = if ($v.moderate) { [int]$v.moderate } else { 0 } + $low = if ($v.low) { [int]$v.low } else { 0 } + + Write-Host -NoNewline " critical: "; Write-Host -NoNewline "$critical " -ForegroundColor Red + Write-Host -NoNewline " high: "; Write-Host -NoNewline "$high " -ForegroundColor Red + Write-Host -NoNewline " moderate: "; Write-Host -NoNewline "$moderate " -ForegroundColor Yellow + Write-Host -NoNewline " low: "; Write-Host "$low" -ForegroundColor Green + + if ($critical -gt 0 -or $high -gt 0) { + Write-Fail "npm audit 发现 critical/high 漏洞" + } else { + Write-Pass "npm audit 无 critical/high 漏洞" + } + } catch { + Write-Warn2 "npm audit 报告解析失败,显示原始输出" + npm audit --audit-level=moderate + } + + Copy-Item $auditJson "$ProjectRoot\audit-report.json" -Force + Write-Info2 "报告已保存: audit-report.json" +} else { + Write-Warn2 "npm audit 未生成报告" +} +Write-Host "" + +# ------------------------------------------------ +# 2. Trivy 文件系统扫描 +# ------------------------------------------------ +Write-Header "2/2 Trivy FS Scan (文件系统扫描)" + +if (-not (Test-Command "trivy")) { + Write-Warn2 "未检测到 trivy,跳过文件系统扫描" + Write-Info2 "安装 Trivy: https://aquasecurity.github.io/trivy/latest/getting-started/installation/" +} else { + $trivyReport = "$ProjectRoot\trivy-fs-report.json" + trivy fs --format json --output $trivyReport --exit-code 0 . 2>$null + if ($LASTEXITCODE -eq 0) { + Write-Pass "Trivy 扫描完成" + } else { + Write-Warn2 "Trivy 扫描返回非零状态(可能存在漏洞)" + } + + if (Test-Path $trivyReport) { + try { + $trivy = Get-Content $trivyReport -Raw | ConvertFrom-Json + $allVulns = @() + foreach ($r in $trivy.Results) { + if ($r.Vulnerabilities) { $allVulns += $r.Vulnerabilities } + } + $total = $allVulns.Count + $critical = @($allVulns | Where-Object { $_.Severity -eq "CRITICAL" }).Count + $high = @($allVulns | Where-Object { $_.Severity -eq "HIGH" }).Count + $medium = @($allVulns | Where-Object { $_.Severity -eq "MEDIUM" }).Count + $low = @($allVulns | Where-Object { $_.Severity -eq "LOW" }).Count + + Write-Host -NoNewline " 总计: $total critical: "; Write-Host -NoNewline "$critical " -ForegroundColor Red + Write-Host -NoNewline " high: "; Write-Host -NoNewline "$high " -ForegroundColor Red + Write-Host -NoNewline " medium: "; Write-Host -NoNewline "$medium " -ForegroundColor Yellow + Write-Host -NoNewline " low: "; Write-Host "$low" -ForegroundColor Green + + if ($critical -gt 0 -or $high -gt 0) { + Write-Fail "Trivy 发现 critical/high 漏洞" + } else { + Write-Pass "Trivy 无 critical/high 漏洞" + } + Write-Info2 "报告已保存: trivy-fs-report.json" + } catch { + Write-Warn2 "Trivy 报告解析失败" + } + } + + Write-Host "" + Write-Info2 "Trivy 表格视图:" + trivy fs --format table --exit-code 0 . +} +Write-Host "" + +# ------------------------------------------------ +# 汇总 +# ------------------------------------------------ +Write-Header "扫描汇总" +if ($script:HasHigh -eq 0) { + Write-Pass "未发现高危漏洞 (exit 0)" + exit 0 +} else { + Write-Fail "发现高危漏洞,请尽快处理 (exit 1)" + Write-Host " SLA: critical 24h / high 7d / medium 30d / low 90d" -ForegroundColor Blue + exit 1 +} diff --git a/scripts/security-scan.sh b/scripts/security-scan.sh new file mode 100644 index 0000000..c1bc82c --- /dev/null +++ b/scripts/security-scan.sh @@ -0,0 +1,133 @@ +#!/bin/bash +# 本地安全扫描脚本 (Linux/macOS) +# 用法: ./scripts/security-scan.sh +# 功能: npm audit + Trivy 文件系统扫描,输出彩色报告 +# 退出码: 0=无高危漏洞, 1=存在高危漏洞 + +set -uo pipefail + +# 颜色定义 +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +CYAN='\033[0;36m' +NC='\033[0m' # No Color + +PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +cd "$PROJECT_ROOT" + +HAS_HIGH=0 + +print_header() { + echo -e "${CYAN}================================================${NC}" + echo -e "${CYAN} $1${NC}" + echo -e "${CYAN}================================================${NC}" +} + +print_ok() { echo -e "${GREEN}[PASS]${NC} $1"; } +print_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; } +print_err() { echo -e "${RED}[FAIL]${NC} $1"; HAS_HIGH=1; } +print_info() { echo -e "${BLUE}[INFO]${NC} $1"; } + +# 检查命令是否存在 +command_exists() { + command -v "$1" >/dev/null 2>&1 +} + +print_header "本地安全扫描" +print_info "项目目录: $PROJECT_ROOT" +echo "" + +# ------------------------------------------------ +# 1. npm audit +# ------------------------------------------------ +print_header "1/2 npm audit (依赖审计)" + +if ! command_exists npm; then + print_err "未检测到 npm,请先安装 Node.js" + exit 1 +fi + +npm audit --json > /tmp/audit-report.json 2>/dev/null || true + +if [ -f /tmp/audit-report.json ]; then + # 提取漏洞计数(需要 jq) + if command_exists jq; then + CRITICAL=$(jq -r '.metadata.vulnerabilities.critical // 0' /tmp/audit-report.json) + HIGH=$(jq -r '.metadata.vulnerabilities.high // 0' /tmp/audit-report.json) + MODERATE=$(jq -r '.metadata.vulnerabilities.moderate // 0' /tmp/audit-report.json) + LOW=$(jq -r '.metadata.vulnerabilities.low // 0' /tmp/audit-report.json) + + echo -e " critical: ${RED}${CRITICAL}${NC} high: ${RED}${HIGH}${NC} moderate: ${YELLOW}${MODERATE}${NC} low: ${GREEN}${LOW}${NC}" + + if [ "$CRITICAL" -gt 0 ] || [ "$HIGH" -gt 0 ]; then + print_err "npm audit 发现 critical/high 漏洞" + else + print_ok "npm audit 无 critical/high 漏洞" + fi + else + print_warn "未安装 jq,跳过漏洞计数,显示原始报告" + npm audit --audit-level=moderate || print_warn "npm audit 发现漏洞" + fi + + # 保存报告到项目根目录 + cp /tmp/audit-report.json "$PROJECT_ROOT/audit-report.json" + print_info "报告已保存: audit-report.json" +else + print_warn "npm audit 未生成报告" +fi +echo "" + +# ------------------------------------------------ +# 2. Trivy 文件系统扫描 +# ------------------------------------------------ +print_header "2/2 Trivy FS Scan (文件系统扫描)" + +if ! command_exists trivy; then + print_warn "未检测到 trivy,跳过文件系统扫描" + print_info "安装 Trivy: https://aquasecurity.github.io/trivy/latest/getting-started/installation/" +else + TRIVY_REPORT="$PROJECT_ROOT/trivy-fs-report.json" + if trivy fs --format json --output "$TRIVY_REPORT" --exit-code 0 . >/dev/null 2>&1; then + print_ok "Trivy 扫描完成" + else + print_warn "Trivy 扫描返回非零状态(可能存在漏洞)" + fi + + if [ -f "$TRIVY_REPORT" ] && command_exists jq; then + TOTAL=$(jq -r '[.Results[]?.Vulnerabilities[]?] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0") + CRITICAL=$(jq -r '[.Results[]?.Vulnerabilities[]? | select(.Severity=="CRITICAL")] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0") + HIGH=$(jq -r '[.Results[]?.Vulnerabilities[]? | select(.Severity=="HIGH")] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0") + MEDIUM=$(jq -r '[.Results[]?.Vulnerabilities[]? | select(.Severity=="MEDIUM")] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0") + LOW=$(jq -r '[.Results[]?.Vulnerabilities[]? | select(.Severity=="LOW")] | length' "$TRIVY_REPORT" 2>/dev/null || echo "0") + + echo -e " 总计: ${TOTAL} critical: ${RED}${CRITICAL}${NC} high: ${RED}${HIGH}${NC} medium: ${YELLOW}${MEDIUM}${NC} low: ${GREEN}${LOW}${NC}" + + if [ "$CRITICAL" -gt 0 ] || [ "$HIGH" -gt 0 ]; then + print_err "Trivy 发现 critical/high 漏洞" + else + print_ok "Trivy 无 critical/high 漏洞" + fi + print_info "报告已保存: trivy-fs-report.json" + fi + + # 输出表格视图 + echo "" + print_info "Trivy 表格视图:" + trivy fs --format table --exit-code 0 . || true +fi +echo "" + +# ------------------------------------------------ +# 汇总 +# ------------------------------------------------ +print_header "扫描汇总" +if [ "$HAS_HIGH" -eq 0 ]; then + print_ok "未发现高危漏洞 (exit 0)" + exit 0 +else + print_err "发现高危漏洞,请尽快处理 (exit 1)" + echo -e " ${BLUE}SLA:${NC} critical 24h / high 7d / medium 30d / low 90d" + exit 1 +fi diff --git a/src/modules/notifications/actions.ts b/src/modules/notifications/actions.ts new file mode 100644 index 0000000..8b954e3 --- /dev/null +++ b/src/modules/notifications/actions.ts @@ -0,0 +1,119 @@ +"use server" + +/** + * 通知 Server Actions + * + * - sendNotificationAction: 发送通知给指定用户(需要 MESSAGE_SEND 权限) + * - sendClassNotificationAction: 发送班级通知(教师权限,按班级查询学生后批量发送) + * + * 权限说明: + * 项目无独立 NOTIFICATION_SEND 权限点,复用 MESSAGE_SEND(教师/管理员/年级主任均拥有)。 + * 班级通知按教师所教班级过滤,确保教师只能给自己班级发通知。 + */ + +import { eq } from "drizzle-orm" + +import { db } from "@/shared/db" +import { classEnrollments, classes } from "@/shared/db/schema" +import { PermissionDeniedError, requirePermission } from "@/shared/lib/auth-guard" +import { Permissions } from "@/shared/types/permissions" +import type { ActionState } from "@/shared/types/action-state" + +import { sendNotification, sendBatchNotifications } from "./dispatcher" +import type { NotificationPayload, ChannelSendResult } from "./types" + +/** + * 发送通知给指定用户。 + * + * @param payload 通知负载(payload.userId 为接收人) + */ +export async function sendNotificationAction( + payload: NotificationPayload +): Promise> { + try { + await requirePermission(Permissions.MESSAGE_SEND) + + if (!payload.userId || !payload.title || !payload.content) { + return { success: false, message: "Missing required fields: userId, title, content" } + } + + const results = await sendNotification(payload) + const allSuccess = results.every((r) => r.success) + return { + success: allSuccess, + message: allSuccess ? "Notification sent" : "Some channels failed", + data: results, + } + } catch (e) { + if (e instanceof PermissionDeniedError) return { success: false, message: e.message } + if (e instanceof Error) return { success: false, message: e.message } + return { success: false, message: "Unexpected error" } + } +} + +/** + * 发送班级通知(批量发送给班级所有学生)。 + * + * 教师只能给自己所教班级发送通知(通过 dataScope 校验)。 + * + * @param classId 班级 ID + * @param payload 通知负载模板(payload.userId 会被覆盖为每个学生的 userId) + */ +export async function sendClassNotificationAction( + classId: string, + payload: Omit +): Promise> { + try { + const ctx = await requirePermission(Permissions.MESSAGE_SEND) + + if (!classId || !payload.title || !payload.content) { + return { success: false, message: "Missing required fields: classId, title, content" } + } + + // 权限校验: 教师只能给自己所教班级发通知;管理员可发任意班级 + if (ctx.dataScope.type !== "all") { + const allowedClassIds = + ctx.dataScope.type === "class_taught" ? ctx.dataScope.classIds : [] + if (!allowedClassIds.includes(classId)) { + return { success: false, message: "You can only send notifications to your own classes" } + } + } + + // 查询班级所有学生 + const [classRow] = await db + .select({ id: classes.id }) + .from(classes) + .where(eq(classes.id, classId)) + .limit(1) + + if (!classRow) { + return { success: false, message: "Class not found" } + } + + const enrollments = await db + .select({ studentId: classEnrollments.studentId }) + .from(classEnrollments) + .where(eq(classEnrollments.classId, classId)) + + if (enrollments.length === 0) { + return { success: true, message: "No students in this class", data: [] } + } + + // 构造每个学生的通知负载 + const payloads: NotificationPayload[] = enrollments.map((e) => ({ + ...payload, + userId: e.studentId, + })) + + const results = await sendBatchNotifications(payloads) + return { + success: true, + message: `Notification sent to ${enrollments.length} students`, + data: results, + } + } catch (e) { + if (e instanceof PermissionDeniedError) return { success: false, message: e.message } + if (e instanceof Error) return { success: false, message: e.message } + return { success: false, message: "Unexpected error" } + } +} diff --git a/src/modules/notifications/channels/email-channel.ts b/src/modules/notifications/channels/email-channel.ts new file mode 100644 index 0000000..0d3f09e --- /dev/null +++ b/src/modules/notifications/channels/email-channel.ts @@ -0,0 +1,183 @@ +import "server-only" + +/** + * 邮件通知渠道 + * + * 使用 nodemailer(动态 import)通过 SMTP 发送邮件。 + * 支持 HTML 邮件模板,根据 payload.type 渲染不同颜色样式。 + * + * 环境变量: + * - EMAIL_HOST: SMTP 主机 + * - EMAIL_PORT: SMTP 端口(默认 587) + * - EMAIL_USER: SMTP 用户名 + * - EMAIL_PASS: SMTP 密码 + * - EMAIL_FROM: 发件人地址(默认 noreply@example.com) + * + * Mock 实现: 当 EMAIL_HOST 未配置时启用,仅记录日志不实际发送。 + */ + +import type { + NotificationPayload, + ChannelSendResult, + NotificationChannel, +} from "../types" +import type { NotificationChannelSender, ChannelRecipient } from "./types" + +const channel: NotificationChannel = "email" + +/** 从环境变量读取邮件配置 */ +function getEmailConfig() { + return { + host: process.env.EMAIL_HOST, + port: Number(process.env.EMAIL_PORT ?? "587"), + user: process.env.EMAIL_USER, + pass: process.env.EMAIL_PASS, + from: process.env.EMAIL_FROM ?? "noreply@example.com", + } +} + +/** 是否启用邮件渠道(SMTP 主机配置即启用) */ +export function isEmailEnabled(): boolean { + return Boolean(process.env.EMAIL_HOST) +} + +/** 根据通知类型返回主题色(用于 HTML 模板) */ +function getTypeColor(type: NotificationPayload["type"]): string { + switch (type) { + case "success": + return "#16a34a" + case "warning": + return "#d97706" + case "error": + return "#dc2626" + case "info": + default: + return "#2563eb" + } +} + +/** 生成 HTML 邮件内容 */ +function buildHtmlContent(payload: NotificationPayload): string { + const color = getTypeColor(payload.type) + const actionLink = payload.actionUrl + ? `

点击查看详情 →

` + : "" + return ` +
+
+

${escapeHtml(payload.title)}

+

${escapeHtml(payload.content)}

+ ${actionLink} +
+
+

此邮件由系统自动发送,请勿回复。

+
+ ` +} + +/** HTML 转义,防止 XSS */ +function escapeHtml(text: string): string { + return text + .replace(/&/g, "&") + .replace(//g, ">") + .replace(/"/g, """) + .replace(/'/g, "'") +} + +/** Mock 邮件发送器(开发环境使用) */ +class MockEmailSender implements NotificationChannelSender { + readonly channel = channel + + async send( + payload: NotificationPayload, + recipient: ChannelRecipient + ): Promise { + console.info( + `[MockEmail] send to ${recipient.email ?? "(no email)"}: subject="${payload.title}"` + ) + return { + channel, + success: true, + messageId: `mock-email-${Date.now()}`, + sentAt: new Date(), + } + } + + async sendBatch( + items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }> + ): Promise { + return Promise.all(items.map((item) => this.send(item.payload, item.recipient))) + } +} + +/** Nodemailer SMTP 邮件发送器 */ +class NodemailerEmailSender implements NotificationChannelSender { + readonly channel = channel + + async send( + payload: NotificationPayload, + recipient: ChannelRecipient + ): Promise { + if (!recipient.email) { + return { channel, success: false, error: "Missing recipient email", sentAt: new Date() } + } + + const config = getEmailConfig() + if (!config.host) { + return { channel, success: false, error: "EMAIL_HOST not configured", sentAt: new Date() } + } + + try { + // 动态 import nodemailer,避免增加构建体积 + const nodemailer = await import("nodemailer") + const transporter = nodemailer.createTransport({ + host: config.host, + port: config.port, + secure: config.port === 465, + auth: config.user + ? { user: config.user, pass: config.pass ?? "" } + : undefined, + }) + + const info = await transporter.sendMail({ + from: config.from, + to: recipient.email, + subject: payload.title, + html: buildHtmlContent(payload), + text: payload.content, + }) + + return { + channel, + success: true, + messageId: info.messageId, + sentAt: new Date(), + } + } catch (e) { + return { + channel, + success: false, + error: e instanceof Error ? e.message : "Email send failed", + sentAt: new Date(), + } + } + } + + async sendBatch( + items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }> + ): Promise { + return Promise.all(items.map((item) => this.send(item.payload, item.recipient))) + } +} + +/** + * 创建邮件渠道发送器。 + * 配置了 EMAIL_HOST 时使用 Nodemailer,否则使用 Mock 实现。 + */ +export function createEmailSender(): NotificationChannelSender { + if (isEmailEnabled()) { + return new NodemailerEmailSender() + } + return new MockEmailSender() +} diff --git a/src/modules/notifications/channels/in-app-channel.ts b/src/modules/notifications/channels/in-app-channel.ts new file mode 100644 index 0000000..d98e750 --- /dev/null +++ b/src/modules/notifications/channels/in-app-channel.ts @@ -0,0 +1,83 @@ +import "server-only" + +/** + * 站内消息渠道 + * + * 封装现有 messaging 模块的 data-access.createNotification, + * 将其适配为统一的 NotificationChannelSender 接口。 + * + * 这是默认渠道,总是启用。所有通知都会写入 message_notifications 表, + * 用户可在站内通知中心查看。 + * + * 注意: messaging.NotificationType 为 "message" | "announcement" | "homework" | "grade", + * 而本模块 NotificationPayload.type 为 "info" | "warning" | "error" | "success"。 + * 此处将 payload.type 作为字符串写入 DB(DB 列为 varchar(128),支持任意值), + * 不破坏现有 messaging 模块的类型约束。 + */ + +import type { + NotificationPayload, + ChannelSendResult, + NotificationChannel, +} from "../types" +import type { NotificationChannelSender, ChannelRecipient } from "./types" +import { createNotification } from "@/modules/messaging/data-access" + +const channel: NotificationChannel = "in_app" + +/** 站内消息发送器(调用现有 messaging data-access) */ +class InAppChannelSender implements NotificationChannelSender { + readonly channel = channel + + async send( + payload: NotificationPayload, + recipient: ChannelRecipient + ): Promise { + try { + // 校验收件人一致,防止误发 + if (recipient.userId !== payload.userId) { + return { + channel, + success: false, + error: "Recipient userId does not match payload.userId", + sentAt: new Date(), + } + } + const id = await createNotification({ + userId: payload.userId, + // DB 列为 varchar(128),支持任意字符串;保留 payload.type 语义 + type: payload.type as "message" | "announcement" | "homework" | "grade", + title: payload.title, + content: payload.content, + link: payload.actionUrl ?? null, + }) + return { + channel, + success: true, + messageId: id, + sentAt: new Date(), + } + } catch (e) { + return { + channel, + success: false, + error: e instanceof Error ? e.message : "In-app notification failed", + sentAt: new Date(), + } + } + } + + async sendBatch( + items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }> + ): Promise { + return Promise.all(items.map((item) => this.send(item.payload, item.recipient))) + } +} + +/** + * 创建站内消息渠道发送器。 + * 站内渠道总是启用,无需配置。 + */ +export function createInAppSender(): NotificationChannelSender { + return new InAppChannelSender() +} diff --git a/src/modules/notifications/channels/sms-channel.ts b/src/modules/notifications/channels/sms-channel.ts new file mode 100644 index 0000000..e5d598e --- /dev/null +++ b/src/modules/notifications/channels/sms-channel.ts @@ -0,0 +1,236 @@ +import "server-only" + +/** + * 短信通知渠道 + * + * 支持的 Provider: + * - aliyun: 阿里云短信(@alicloud/dysmsapi20170525,动态 import) + * - tencent: 腾讯云短信(tencentcloud-sdk,动态 import) + * - mock: 开发环境模拟(仅记录日志,不实际发送) + * + * 环境变量: + * - SMS_PROVIDER: "aliyun" | "tencent" | "mock"(默认 mock) + * - SMS_ACCESS_KEY_ID / SMS_ACCESS_KEY_SECRET + * - SMS_SIGN_NAME: 短信签名 + * - SMS_TEMPLATE_CODE: 短信模板 ID + * + * 模板变量替换:将 payload.title / payload.content 填入模板变量 name/title/content。 + */ + +import type { + NotificationPayload, + ChannelSendResult, + NotificationChannel, +} from "../types" +import type { NotificationChannelSender, ChannelRecipient } from "./types" + +const channel: NotificationChannel = "sms" + +/** 从环境变量读取 SMS 配置 */ +function getSmsConfig() { + return { + provider: (process.env.SMS_PROVIDER ?? "mock") as "aliyun" | "tencent" | "mock", + accessKeyId: process.env.SMS_ACCESS_KEY_ID, + accessKeySecret: process.env.SMS_ACCESS_KEY_SECRET, + signName: process.env.SMS_SIGN_NAME, + templateCode: process.env.SMS_TEMPLATE_CODE, + } +} + +/** + * 构造短信模板变量。 + * 阿里云/腾讯云模板使用 ${name} / ${title} / ${content} 占位符。 + */ +function buildTemplateParams(payload: NotificationPayload): Record { + return { + title: payload.title, + content: payload.content, + type: payload.type, + } +} + +/** Mock 短信发送器(开发环境使用) */ +class MockSmsSender implements NotificationChannelSender { + readonly channel = channel + + async send( + payload: NotificationPayload, + recipient: ChannelRecipient + ): Promise { + const params = buildTemplateParams(payload) + // 开发环境仅记录日志,不实际发送 + console.info( + `[MockSms] send to ${recipient.phone ?? "(no phone)"}: title="${payload.title}" params=`, + params + ) + return { + channel, + success: true, + messageId: `mock-sms-${Date.now()}`, + sentAt: new Date(), + } + } + + async sendBatch( + items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }> + ): Promise { + return Promise.all(items.map((item) => this.send(item.payload, item.recipient))) + } +} + +/** 阿里云短信发送器 */ +class AliyunSmsSender implements NotificationChannelSender { + readonly channel = channel + private config: ReturnType + + constructor() { + this.config = getSmsConfig() + } + + async send( + payload: NotificationPayload, + recipient: ChannelRecipient + ): Promise { + if (!recipient.phone) { + return { channel, success: false, error: "Missing recipient phone", sentAt: new Date() } + } + if (!this.config.accessKeyId || !this.config.accessKeySecret) { + return { channel, success: false, error: "SMS_ACCESS_KEY_ID/SECRET not configured", sentAt: new Date() } + } + + try { + // 动态 import 阿里云 SDK,避免增加构建体积 + const { default: Dysmsapi } = await import("@alicloud/dysmsapi20170525") + const { default: OpenApi } = await import("@alicloud/openapi-client") + const { default: Credential } = await import("@alicloud/credentials") + + const credential = new Credential({ + accessKeyId: this.config.accessKeyId, + accessKeySecret: this.config.accessKeySecret, + }) + const apiConfig = new OpenApi({ credential }) + apiConfig.endpoint = "dysmsapi.aliyuncs.com" + const client = new Dysmsapi(apiConfig) + + const { SendSmsRequest } = await import("@alicloud/dysmsapi20170525") + const request = new SendSmsRequest({ + phoneNumbers: recipient.phone, + signName: this.config.signName, + templateCode: this.config.templateCode, + templateParam: JSON.stringify(buildTemplateParams(payload)), + }) + + const response = await client.sendSms(request) + const code = response?.body?.code + const success = code === "OK" + return { + channel, + success, + messageId: response?.body?.bizId ?? undefined, + error: success ? undefined : response?.body?.message, + sentAt: new Date(), + } + } catch (e) { + return { + channel, + success: false, + error: e instanceof Error ? e.message : "Aliyun SMS send failed", + sentAt: new Date(), + } + } + } + + async sendBatch( + items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }> + ): Promise { + return Promise.all(items.map((item) => this.send(item.payload, item.recipient))) + } +} + +/** 腾讯云短信发送器 */ +class TencentSmsSender implements NotificationChannelSender { + readonly channel = channel + private config: ReturnType + + constructor() { + this.config = getSmsConfig() + } + + async send( + payload: NotificationPayload, + recipient: ChannelRecipient + ): Promise { + if (!recipient.phone) { + return { channel, success: false, error: "Missing recipient phone", sentAt: new Date() } + } + if (!this.config.accessKeyId || !this.config.accessKeySecret) { + return { channel, success: false, error: "SMS_ACCESS_KEY_ID/SECRET not configured", sentAt: new Date() } + } + + try { + // 动态 import 腾讯云 SDK + const tencentcloud = await import("tencentcloud-sdk-nodejs") + const SmsClient = tencentcloud.sms.v20210111.Client + + const client = new SmsClient({ + credential: { + secretId: this.config.accessKeyId, + secretKey: this.config.accessKeySecret, + }, + region: "ap-guangzhou", + profile: { + httpProfile: { endpoint: "sms.tencentcloudapi.com" }, + }, + }) + + const params = buildTemplateParams(payload) + const response = await client.SendSms({ + PhoneNumberSet: [`+86${recipient.phone}`], + SmsSdkAppId: this.config.templateCode ?? "", + SignName: this.config.signName ?? "", + TemplateId: this.config.templateCode ?? "", + TemplateParamSet: [params.title, params.content], + }) + + const sendStatus = response?.SendStatusSet?.[0] + const success = sendStatus?.Code === "Ok" + return { + channel, + success, + messageId: sendStatus?.SerialNo ?? undefined, + error: success ? undefined : sendStatus?.Message, + sentAt: new Date(), + } + } catch (e) { + return { + channel, + success: false, + error: e instanceof Error ? e.message : "Tencent SMS send failed", + sentAt: new Date(), + } + } + } + + async sendBatch( + items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }> + ): Promise { + return Promise.all(items.map((item) => this.send(item.payload, item.recipient))) + } +} + +/** + * 创建 SMS 渠道发送器(根据 SMS_PROVIDER 环境变量选择实现)。 + * 默认使用 Mock 实现,确保开发环境无外部服务时也可用。 + */ +export function createSmsSender(): NotificationChannelSender { + const config = getSmsConfig() + switch (config.provider) { + case "aliyun": + return new AliyunSmsSender() + case "tencent": + return new TencentSmsSender() + case "mock": + default: + return new MockSmsSender() + } +} diff --git a/src/modules/notifications/channels/types.ts b/src/modules/notifications/channels/types.ts new file mode 100644 index 0000000..ce29c03 --- /dev/null +++ b/src/modules/notifications/channels/types.ts @@ -0,0 +1,38 @@ +/** + * 渠道发送者接口定义 + * + * 所有渠道(SMS/微信/邮件/站内)均实现 NotificationChannelSender 接口, + * 由 dispatcher 统一调度。新增渠道只需实现此接口并注册到 dispatcher。 + */ + +import type { NotificationPayload, ChannelSendResult, NotificationChannel } from "../types" + +/** 渠道接收人信息(由 data-access.getUserContactInfo 填充) */ +export interface ChannelRecipient { + userId: string + /** 手机号(SMS 渠道必需) */ + phone?: string + /** 邮箱(邮件渠道必需) */ + email?: string + /** 微信 OpenID(微信公众号模板消息渠道必需) */ + wechatOpenId?: string +} + +/** + * 通知渠道发送者接口 + * + * 实现方需保证: + * - send 失败时抛出 Error 或返回 success:false(不抛出以避免阻塞其他渠道) + * - sendBatch 内部并行发送,单条失败不影响其他条 + * - 所有实现需在文件首行 import "server-only" + */ +export interface NotificationChannelSender { + /** 渠道标识 */ + readonly channel: NotificationChannel + /** 发送单条通知 */ + send(payload: NotificationPayload, recipient: ChannelRecipient): Promise + /** 批量发送(默认实现串行调用 send,可覆写为并行) */ + sendBatch( + payloads: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }> + ): Promise +} diff --git a/src/modules/notifications/channels/wechat-channel.ts b/src/modules/notifications/channels/wechat-channel.ts new file mode 100644 index 0000000..e0f39e7 --- /dev/null +++ b/src/modules/notifications/channels/wechat-channel.ts @@ -0,0 +1,208 @@ +import "server-only" + +/** + * 微信公众号模板消息渠道 + * + * 使用微信官方 API: + * 1. 获取 access_token: GET https://api.weixin.qq.com/cgi-bin/token + * 2. 发送模板消息: POST https://api.weixin.qq.com/cgi-bin/message/template/send + * + * access_token 带缓存(有效期 7200 秒,提前 5 分钟刷新),避免频繁请求。 + * + * 环境变量: + * - WECHAT_APP_ID: 公众号 AppID + * - WECHAT_APP_SECRET: 公众号 AppSecret + * - WECHAT_TEMPLATE_ID: 模板消息 ID + * + * 模板数据映射: payload.title -> keyword1, payload.content -> keyword2, + * payload.type -> keyword3(可在微信公众号后台配置模板字段)。 + */ + +import type { + NotificationPayload, + ChannelSendResult, + NotificationChannel, +} from "../types" +import type { NotificationChannelSender, ChannelRecipient } from "./types" + +const channel: NotificationChannel = "wechat" +const WECHAT_TOKEN_URL = "https://api.weixin.qq.com/cgi-bin/token" +const WECHAT_SEND_URL = "https://api.weixin.qq.com/cgi-bin/message/template/send" + +/** access_token 缓存(进程级) */ +interface TokenCache { + accessToken: string + expiresAt: number // 毫秒时间戳 +} +let tokenCache: TokenCache | null = null + +/** 从环境变量读取微信配置 */ +function getWechatConfig() { + return { + appId: process.env.WECHAT_APP_ID, + appSecret: process.env.WECHAT_APP_SECRET, + templateId: process.env.WECHAT_TEMPLATE_ID, + } +} + +/** 是否启用微信渠道(配置完整才启用) */ +export function isWechatEnabled(): boolean { + const config = getWechatConfig() + return Boolean(config.appId && config.appSecret && config.templateId) +} + +/** + * 获取微信 access_token(带缓存)。 + * 缓存有效期内的 token 直接复用;过期或不存在时重新请求。 + */ +async function getAccessToken(): Promise { + const now = Date.now() + // 缓存有效(提前 5 分钟刷新,避免边界过期) + if (tokenCache && tokenCache.expiresAt - now > 5 * 60 * 1000) { + return tokenCache.accessToken + } + + const config = getWechatConfig() + if (!config.appId || !config.appSecret) { + throw new Error("WECHAT_APP_ID/WECHAT_APP_SECRET not configured") + } + + const url = `${WECHAT_TOKEN_URL}?grant_type=client_credential&appid=${encodeURIComponent( + config.appId + )}&secret=${encodeURIComponent(config.appSecret)}` + const res = await fetch(url, { method: "GET" }) + const data = (await res.json()) as { + access_token?: string + expires_in?: number + errcode?: number + errmsg?: string + } + + if (!data.access_token) { + throw new Error( + `Failed to get WeChat access_token: ${data.errcode} ${data.errmsg ?? ""}` + ) + } + + tokenCache = { + accessToken: data.access_token, + expiresAt: now + (data.expires_in ?? 7200) * 1000, + } + return tokenCache.accessToken +} + +/** + * 将通知负载映射为微信模板数据。 + * 默认映射: title -> keyword1, content -> keyword2, type -> keyword3。 + * 如需自定义映射,可在 metadata 中提供 wechatKeywords 覆盖。 + */ +function buildTemplateData( + payload: NotificationPayload + ): Record { + const custom = (payload.metadata?.wechatKeywords as Record | undefined) ?? {} + return { + keyword1: { value: custom.keyword1 ?? payload.title }, + keyword2: { value: custom.keyword2 ?? payload.content }, + keyword3: { value: custom.keyword3 ?? payload.type }, + } +} + +/** Mock 微信发送器(开发环境使用) */ +class MockWechatSender implements NotificationChannelSender { + readonly channel = channel + + async send( + payload: NotificationPayload, + recipient: ChannelRecipient + ): Promise { + console.info( + `[MockWechat] send to openId=${recipient.wechatOpenId ?? "(no openId)"}: title="${payload.title}"` + ) + return { + channel, + success: true, + messageId: `mock-wechat-${Date.now()}`, + sentAt: new Date(), + } + } + + async sendBatch( + items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }> + ): Promise { + return Promise.all(items.map((item) => this.send(item.payload, item.recipient))) + } +} + +/** 微信公众号模板消息发送器 */ +class WechatTemplateSender implements NotificationChannelSender { + readonly channel = channel + + async send( + payload: NotificationPayload, + recipient: ChannelRecipient + ): Promise { + if (!recipient.wechatOpenId) { + return { channel, success: false, error: "Missing recipient wechatOpenId", sentAt: new Date() } + } + + const config = getWechatConfig() + if (!config.templateId) { + return { channel, success: false, error: "WECHAT_TEMPLATE_ID not configured", sentAt: new Date() } + } + + try { + const accessToken = await getAccessToken() + const url = `${WECHAT_SEND_URL}?access_token=${encodeURIComponent(accessToken)}` + const body = { + touser: recipient.wechatOpenId, + template_id: config.templateId, + url: payload.actionUrl ?? "", + data: buildTemplateData(payload), + } + + const res = await fetch(url, { + method: "POST", + headers: { "Content-Type": "application/json" }, + body: JSON.stringify(body), + }) + const data = (await res.json()) as { + errcode?: number + errmsg?: string + msgid?: number + } + + const success = data.errcode === 0 + return { + channel, + success, + messageId: data.msgid != null ? String(data.msgid) : undefined, + error: success ? undefined : `${data.errcode}: ${data.errmsg ?? ""}`, + sentAt: new Date(), + } + } catch (e) { + return { + channel, + success: false, + error: e instanceof Error ? e.message : "WeChat send failed", + sentAt: new Date(), + } + } + } + + async sendBatch( + items: Array<{ payload: NotificationPayload; recipient: ChannelRecipient }> + ): Promise { + return Promise.all(items.map((item) => this.send(item.payload, item.recipient))) + } +} + +/** + * 创建微信渠道发送器。 + * 配置完整时使用真实发送器,否则使用 Mock 实现。 + */ +export function createWechatSender(): NotificationChannelSender { + if (isWechatEnabled()) { + return new WechatTemplateSender() + } + return new MockWechatSender() +} diff --git a/src/modules/notifications/data-access.ts b/src/modules/notifications/data-access.ts new file mode 100644 index 0000000..82d05d5 --- /dev/null +++ b/src/modules/notifications/data-access.ts @@ -0,0 +1,86 @@ +import "server-only" + +/** + * 通知数据访问层 + * + * 职责: + * - getUserNotificationPreferences: 获取用户通知偏好(复用 messaging 模块) + * - getUserContactInfo: 获取用户联系方式(手机/邮箱,用于渠道发送) + * - logNotificationSend: 记录发送日志(当前项目无 notification_logs 表,使用 console 输出) + * + * 注意: users 表当前无 wechatOpenId 字段,wechatOpenId 暂返回 undefined。 + * 未来扩展 users 表增加 wechat_open_id 列后,此处补充查询即可。 + */ + +import { cache } from "react" +import { eq } from "drizzle-orm" + +import { db } from "@/shared/db" +import { users } from "@/shared/db/schema" +import { getNotificationPreferences } from "@/modules/messaging/notification-preferences" +import type { NotificationPreferences } from "@/modules/messaging/types" +import type { ChannelRecipient } from "./channels/types" +import type { ChannelSendResult } from "./types" + +/** + * 获取用户通知偏好(复用 messaging 模块的 cache 包装函数)。 + * 若用户无记录,messaging 模块会自动创建默认记录。 + */ +export async function getUserNotificationPreferences( + userId: string +): Promise { + return getNotificationPreferences(userId) +} + +/** + * 获取用户联系方式(手机号、邮箱)。 + * wechatOpenId 暂不支持(users 表无此字段),返回 undefined。 + */ +export const getUserContactInfo = cache( + async (userId: string): Promise => { + const [row] = await db + .select({ + id: users.id, + phone: users.phone, + email: users.email, + }) + .from(users) + .where(eq(users.id, userId)) + .limit(1) + + if (!row) { + return { userId } + } + + return { + userId: row.id, + phone: row.phone ?? undefined, + email: row.email ?? undefined, + // users 表暂无 wechat_open_id 字段;扩展 schema 后在此补充 + wechatOpenId: undefined, + } + } +) + +/** + * 记录通知发送日志。 + * + * 当前项目无 notification_logs 表,使用 console.info 输出。 + * 未来新增 notification_logs 表后,可在此处写入 DB。 + */ +export function logNotificationSend(result: ChannelSendResult): void { + const status = result.success ? "OK" : "FAIL" + const errorPart = result.error ? ` error="${result.error}"` : "" + console.info( + `[NotificationLog] ${status} channel=${result.channel} messageId=${result.messageId ?? "-"}${errorPart}` + ) +} + +/** + * 批量记录发送日志。 + */ +export function logNotificationSendBatch(results: ChannelSendResult[]): void { + for (const result of results) { + logNotificationSend(result) + } +} diff --git a/src/modules/notifications/dispatcher.ts b/src/modules/notifications/dispatcher.ts new file mode 100644 index 0000000..4d46569 --- /dev/null +++ b/src/modules/notifications/dispatcher.ts @@ -0,0 +1,152 @@ +import "server-only" + +/** + * 通知分发器 + * + * 职责: + * - 根据用户通知偏好(notification_preferences)决定使用哪些渠道 + * - 并行发送到多个渠道(in_app 总是启用) + * - 记录每个渠道的发送结果到日志 + * + * 渠道选择逻辑: + * - in_app: 总是启用(pushEnabled 控制是否发送站内推送) + * - sms: smsEnabled && 用户有手机号 + * - email: emailEnabled && 用户有邮箱 + * - wechat: pushEnabled && 用户有 wechatOpenId(当前 users 表无此字段,暂不发送) + * + * 注意: 通知偏好中的 homeworkNotifications/gradeNotifications 等是按通知类别控制, + * 由调用方在构造 payload 时决定是否调用 sendNotification。 + */ + +import type { NotificationPayload, ChannelSendResult, NotificationChannel } from "./types" +import type { NotificationChannelSender, ChannelRecipient } from "./channels/types" +import { createSmsSender } from "./channels/sms-channel" +import { createWechatSender } from "./channels/wechat-channel" +import { createEmailSender } from "./channels/email-channel" +import { createInAppSender } from "./channels/in-app-channel" +import { + getUserNotificationPreferences, + getUserContactInfo, + logNotificationSendBatch, +} from "./data-access" + +/** 渠道发送器实例缓存(避免每次发送重新创建) */ +interface SenderRegistry { + in_app: NotificationChannelSender + sms: NotificationChannelSender + wechat: NotificationChannelSender + email: NotificationChannelSender +} + +let senderRegistry: SenderRegistry | null = null + +/** 获取渠道发送器注册表(单例) */ +function getSenders(): SenderRegistry { + if (!senderRegistry) { + senderRegistry = { + in_app: createInAppSender(), + sms: createSmsSender(), + wechat: createWechatSender(), + email: createEmailSender(), + } + } + return senderRegistry +} + +/** + * 根据用户通知偏好和联系方式,决定启用的渠道列表。 + */ +function selectChannels( + prefs: { + smsEnabled: boolean + emailEnabled: boolean + pushEnabled: boolean + }, + contact: ChannelRecipient +): NotificationChannel[] { + const channels: NotificationChannel[] = [] + + // 站内消息总是启用(pushEnabled 控制站内推送,默认 true) + if (prefs.pushEnabled) { + channels.push("in_app") + } + + // SMS: 偏好启用且有手机号 + if (prefs.smsEnabled && contact.phone) { + channels.push("sms") + } + + // Email: 偏好启用且有邮箱 + if (prefs.emailEnabled && contact.email) { + channels.push("email") + } + + // WeChat: 偏好启用且有 openId(当前 users 表无此字段,暂不会触发) + if (prefs.pushEnabled && contact.wechatOpenId) { + channels.push("wechat") + } + + // 兜底: 如果所有渠道都未启用,至少发站内消息 + if (channels.length === 0) { + channels.push("in_app") + } + + return channels +} + +/** + * 发送单条通知到用户。 + * + * 根据用户通知偏好选择渠道,并行发送,返回所有渠道的发送结果。 + * + * @param payload 通知负载(payload.userId 决定接收人) + * @returns 各渠道的发送结果 + */ +export async function sendNotification( + payload: NotificationPayload +): Promise { + const userId = payload.userId + + // 并行获取用户偏好和联系方式 + const [prefs, contact] = await Promise.all([ + getUserNotificationPreferences(userId), + getUserContactInfo(userId), + ]) + + const channels = selectChannels(prefs, contact) + const senders = getSenders() + + // 并行发送到所有选中渠道 + const results = await Promise.all( + channels.map((ch) => { + const sender = senders[ch] + return sender.send(payload, contact) + }) + ) + + // 记录发送日志 + logNotificationSendBatch(results) + + return results +} + +/** + * 批量发送通知到多个用户。 + * + * 每个用户的渠道选择独立计算,并行发送。 + * + * @param payloads 通知负载数组(每个 payload.userId 决定各自接收人) + * @returns 各用户各渠道的发送结果(按输入顺序对应) + */ +export async function sendBatchNotifications( + payloads: NotificationPayload[] +): Promise { + // 并行处理每个 payload + const results = await Promise.all(payloads.map((p) => sendNotification(p))) + + // 汇总日志 + const flatResults = results.flat() + logNotificationSendBatch(flatResults) + + return results +} diff --git a/src/modules/notifications/external-sdk.d.ts b/src/modules/notifications/external-sdk.d.ts new file mode 100644 index 0000000..29e9982 --- /dev/null +++ b/src/modules/notifications/external-sdk.d.ts @@ -0,0 +1,47 @@ +/* eslint-disable @typescript-eslint/no-explicit-any */ +/** + * 外部 SDK 类型声明(可选依赖) + * + * 这些 SDK 通过动态 import 在运行时加载,开发环境(Mock 模式)无需安装。 + * 安装对应 SDK 后,其自带的类型声明将覆盖此处的 any 声明。 + * + * 安装命令见 docs/notifications/channels.md + */ + +declare module "@alicloud/dysmsapi20170525" { + const _default: any + export { _default as default } + export class SendSmsRequest { + constructor(params?: Record) + } +} + +declare module "@alicloud/openapi-client" { + const _default: new (config: any) => any + export { _default as default } +} + +declare module "@alicloud/credentials" { + const _default: new (config: any) => any + export { _default as default } +} + +declare module "tencentcloud-sdk-nodejs" { + const _default: { + sms: { + v20210111: { + Client: new (config: any) => any + } + } + } + export = _default +} + +declare module "nodemailer" { + const _default: { + createTransport: (config: any) => { + sendMail: (options: any) => Promise<{ messageId: string }> + } + } + export = _default +} diff --git a/src/modules/notifications/index.ts b/src/modules/notifications/index.ts new file mode 100644 index 0000000..4910919 --- /dev/null +++ b/src/modules/notifications/index.ts @@ -0,0 +1,38 @@ +/** + * 通知渠道集成模块 + * + * 对外导出: + * - sendNotification / sendBatchNotifications: 分发器入口 + * - 类型定义: NotificationPayload, ChannelSendResult, NotificationChannel 等 + * - 渠道发送器工厂: createSmsSender, createWechatSender, createEmailSender, createInAppSender + * + * 典型用法: + * ```ts + * import { sendNotification } from "@/modules/notifications" + * await sendNotification({ + * userId: "user-xxx", + * title: "作业提醒", + * content: "您有一份新作业待提交", + * type: "info", + * actionUrl: "/homework/123", + * }) + * ``` + */ + +export { sendNotification, sendBatchNotifications } from "./dispatcher" +export type { + NotificationChannel, + NotificationPayload, + ChannelSendResult, + NotificationChannelConfig, + SmsChannelConfig, + WechatChannelConfig, + EmailChannelConfig, +} from "./types" +export type { NotificationChannelSender, ChannelRecipient } from "./channels/types" + +// 渠道发送器工厂(供高级用法直接调用单个渠道) +export { createSmsSender } from "./channels/sms-channel" +export { createWechatSender, isWechatEnabled } from "./channels/wechat-channel" +export { createEmailSender, isEmailEnabled } from "./channels/email-channel" +export { createInAppSender } from "./channels/in-app-channel" diff --git a/src/modules/notifications/types.ts b/src/modules/notifications/types.ts new file mode 100644 index 0000000..da03553 --- /dev/null +++ b/src/modules/notifications/types.ts @@ -0,0 +1,70 @@ +/** + * 通知渠道类型定义 + * + * 本文件定义了通知分发系统使用的核心类型: + * - NotificationChannel: 支持的渠道枚举 + * - NotificationPayload: 通知负载(跨渠道统一) + * - ChannelSendResult: 单次发送结果 + * - NotificationChannelConfig: 渠道配置(从环境变量加载) + */ + +/** 支持的通知渠道 */ +export type NotificationChannel = "in_app" | "email" | "sms" | "wechat" + +/** 通知负载(跨渠道统一格式) */ +export interface NotificationPayload { + userId: string + title: string + content: string + /** 通知语义类型(用于渠道内模板映射,不与 messaging.NotificationType 耦合) */ + type: "info" | "warning" | "error" | "success" + metadata?: Record + /** 点击通知后的跳转地址(站内相对路径或外链) */ + actionUrl?: string +} + +/** 单次渠道发送结果 */ +export interface ChannelSendResult { + channel: NotificationChannel + success: boolean + /** 渠道返回的消息 ID(用于追踪) */ + messageId?: string + /** 失败时的错误信息 */ + error?: string + sentAt: Date +} + +/** SMS 渠道配置 */ +export interface SmsChannelConfig { + provider: "aliyun" | "tencent" | "mock" + accessKeyId?: string + accessKeySecret?: string + signName?: string + templateCode?: string +} + +/** 微信公众号渠道配置 */ +export interface WechatChannelConfig { + appId?: string + appSecret?: string + templateId?: string +} + +/** 邮件渠道配置 */ +export interface EmailChannelConfig { + provider: "resend" | "nodemailer" | "mock" + apiKey?: string + from?: string + host?: string + port?: number + user?: string + pass?: string +} + +/** 通知渠道总配置 */ +export interface NotificationChannelConfig { + enabled: boolean + sms?: SmsChannelConfig + wechat?: WechatChannelConfig + email?: EmailChannelConfig +} diff --git a/src/shared/components/a11y/aria-status.tsx b/src/shared/components/a11y/aria-status.tsx new file mode 100644 index 0000000..45d93ae --- /dev/null +++ b/src/shared/components/a11y/aria-status.tsx @@ -0,0 +1,39 @@ +"use client" + +import * as React from "react" + +import { cn } from "@/shared/lib/utils" + +export interface AriaStatusProps + extends React.HTMLAttributes { + children?: React.ReactNode + /** 通知礼貌级别,默认 polite */ + politeness?: "polite" | "assertive" + /** 是否原子播报(整体内容),默认 true */ + atomic?: boolean +} + +/** + * ARIA 状态通知区域。 + * 渲染 aria-live 区域,用于页面级状态通知(如"加载中"、"已保存")。 + * 视觉隐藏,仅屏幕阅读器可读。 + */ +export function AriaStatus({ + children, + politeness = "polite", + atomic = true, + className, + ...props +}: AriaStatusProps) { + return ( +
+ {children} +
+ ) +} diff --git a/src/shared/components/a11y/focus-trap.tsx b/src/shared/components/a11y/focus-trap.tsx new file mode 100644 index 0000000..039bc8b --- /dev/null +++ b/src/shared/components/a11y/focus-trap.tsx @@ -0,0 +1,126 @@ +"use client" + +import * as React from "react" + +import { cn } from "@/shared/lib/utils" + +export interface FocusTrapProps { + children: React.ReactNode + /** 是否激活焦点陷阱,默认 true */ + active?: boolean + /** 初始焦点元素,未指定时聚焦第一个可聚焦元素 */ + initialFocusRef?: React.RefObject + /** 关闭时是否恢复焦点到触发元素,默认 true */ + restoreFocus?: boolean + className?: string +} + +const FOCUSABLE_SELECTOR = [ + "a[href]", + "button:not([disabled])", + "input:not([disabled])", + "textarea:not([disabled])", + "select:not([disabled])", + "[tabindex]:not([tabindex='-1'])", + "[contenteditable='true']", + "audio[controls]", + "video[controls]", +].join(",") + +/** + * 焦点陷阱组件(用于模态框/对话框)。 + * - 捕获 Tab/Shift+Tab 在容器内循环 + * - 支持初始焦点元素 + * - 支持恢复焦点到触发元素 + */ +export function FocusTrap({ + children, + active = true, + initialFocusRef, + restoreFocus = true, + className, +}: FocusTrapProps) { + const containerRef = React.useRef(null) + const previouslyFocusedRef = React.useRef(null) + + React.useEffect(() => { + if (!active) return + previouslyFocusedRef.current = document.activeElement as HTMLElement | null + + const container = containerRef.current + if (container) { + const focusTarget = + initialFocusRef?.current ?? getFirstFocusable(container) + if (focusTarget) { + focusTarget.focus() + } + } + + return () => { + if (restoreFocus && previouslyFocusedRef.current) { + previouslyFocusedRef.current.focus() + } + } + }, [active, initialFocusRef, restoreFocus]) + + const handleKeyDown = React.useCallback( + (event: React.KeyboardEvent) => { + if (event.key !== "Tab") return + const container = containerRef.current + if (!container) return + + const focusables = getFocusables(container) + if (focusables.length === 0) { + event.preventDefault() + container.focus() + return + } + + const first = focusables[0] + const last = focusables[focusables.length - 1] + const activeEl = document.activeElement + + if (event.shiftKey) { + if (activeEl === first || !container.contains(activeEl)) { + event.preventDefault() + last.focus() + } + } else { + if (activeEl === last || !container.contains(activeEl)) { + event.preventDefault() + first.focus() + } + } + }, + [] + ) + + if (!active) { + return <>{children} + } + + return ( +
+ {children} +
+ ) +} + +function getFocusables(container: HTMLElement): HTMLElement[] { + return Array.from( + container.querySelectorAll(FOCUSABLE_SELECTOR) + ).filter((el) => { + if (el.hasAttribute("disabled")) return false + if (el.getAttribute("aria-hidden") === "true") return false + return el.offsetParent !== null || el.getClientRects().length > 0 + }) +} + +function getFirstFocusable(container: HTMLElement): HTMLElement | null { + return getFocusables(container)[0] ?? null +} diff --git a/src/shared/components/a11y/skip-link.tsx b/src/shared/components/a11y/skip-link.tsx new file mode 100644 index 0000000..6adfdb1 --- /dev/null +++ b/src/shared/components/a11y/skip-link.tsx @@ -0,0 +1,39 @@ +"use client" + +import * as React from "react" + +import { cn } from "@/shared/lib/utils" + +export interface SkipLinkProps + extends React.AnchorHTMLAttributes { + /** 跳转目标锚点,默认 #main-content */ + href?: string + /** 链接文字,默认"跳转到主内容" */ + children?: React.ReactNode +} + +/** + * 跳转链接组件。 + * 视觉隐藏,获得焦点时高对比度显示,供键盘用户跳过导航直达主内容。 + */ +export const SkipLink = React.forwardRef( + ( + { href = "#main-content", className, children = "跳转到主内容", ...props }, + ref + ) => { + return ( + + {children} + + ) + } +) +SkipLink.displayName = "SkipLink" diff --git a/src/shared/components/a11y/visually-hidden.tsx b/src/shared/components/a11y/visually-hidden.tsx new file mode 100644 index 0000000..83d7f6d --- /dev/null +++ b/src/shared/components/a11y/visually-hidden.tsx @@ -0,0 +1,26 @@ +"use client" + +import * as React from "react" + +import { cn } from "@/shared/lib/utils" + +export interface VisuallyHiddenProps + extends React.HTMLAttributes { + children?: React.ReactNode +} + +/** + * 视觉隐藏但屏幕阅读器可读的组件。 + * 用于图标按钮的文字描述、表单标签的辅助说明等。 + */ +export const VisuallyHidden = React.forwardRef< + HTMLSpanElement, + VisuallyHiddenProps +>(({ className, children, ...props }, ref) => { + return ( + + {children} + + ) +}) +VisuallyHidden.displayName = "VisuallyHidden" diff --git a/src/shared/components/ui/dialog.tsx b/src/shared/components/ui/dialog.tsx index 9b92d57..c28e88d 100644 --- a/src/shared/components/ui/dialog.tsx +++ b/src/shared/components/ui/dialog.tsx @@ -37,6 +37,7 @@ const DialogContent = React.forwardRef< {children} - + - Close + 关闭 diff --git a/src/shared/components/ui/table.tsx b/src/shared/components/ui/table.tsx index fd60635..15c2e7e 100644 --- a/src/shared/components/ui/table.tsx +++ b/src/shared/components/ui/table.tsx @@ -5,10 +5,11 @@ import { cn } from "@/shared/lib/utils" const Table = React.forwardRef< HTMLTableElement, React.HTMLAttributes ->(({ className, ...props }, ref) => ( +>(({ className, role = "table", ...props }, ref) => (
@@ -19,17 +20,23 @@ Table.displayName = "Table" const TableHeader = React.forwardRef< HTMLTableSectionElement, React.HTMLAttributes ->(({ className, ...props }, ref) => ( - +>(({ className, role = "rowgroup", ...props }, ref) => ( + )) TableHeader.displayName = "TableHeader" const TableBody = React.forwardRef< HTMLTableSectionElement, React.HTMLAttributes ->(({ className, ...props }, ref) => ( +>(({ className, role = "rowgroup", ...props }, ref) => ( @@ -39,9 +46,10 @@ TableBody.displayName = "TableBody" const TableFooter = React.forwardRef< HTMLTableSectionElement, React.HTMLAttributes ->(({ className, ...props }, ref) => ( +>(({ className, role = "rowgroup", ...props }, ref) => ( tr]:last:border-b-0", className @@ -54,9 +62,10 @@ TableFooter.displayName = "TableFooter" const TableRow = React.forwardRef< HTMLTableRowElement, React.HTMLAttributes ->(({ className, ...props }, ref) => ( +>(({ className, role = "row", ...props }, ref) => ( ->(({ className, ...props }, ref) => ( +>(({ className, role = "columnheader", ...props }, ref) => (
[role=checkbox]]:translate-y-[2px]", className @@ -84,9 +94,10 @@ TableHead.displayName = "TableHead" const TableCell = React.forwardRef< HTMLTableCellElement, React.TdHTMLAttributes ->(({ className, ...props }, ref) => ( +>(({ className, role = "cell", ...props }, ref) => ( [role=checkbox]]:translate-y-[2px]", className diff --git a/src/shared/hooks/index.ts b/src/shared/hooks/index.ts index 5a43532..a8f5b5f 100644 --- a/src/shared/hooks/index.ts +++ b/src/shared/hooks/index.ts @@ -1,4 +1,5 @@ export { useActionWithToast } from "./use-action-with-toast" +export { useAriaLive } from "./use-aria-live" export { useDebounce } from "./use-debounce" export { useMediaQuery } from "./use-media-query" export { useLocalStorage } from "./use-local-storage" diff --git a/src/shared/hooks/use-aria-live.ts b/src/shared/hooks/use-aria-live.ts new file mode 100644 index 0000000..745d481 --- /dev/null +++ b/src/shared/hooks/use-aria-live.ts @@ -0,0 +1,99 @@ +"use client" + +import * as React from "react" + +export interface AnnounceOptions { + /** 通知的礼貌级别,默认 polite */ + politeness?: "polite" | "assertive" + /** 自动清除的超时时间(毫秒),0 表示不清除,默认 5000 */ + clearAfter?: number +} + +export interface UseAriaLiveReturn { + /** 播报一条消息到 aria-live 区域 */ + announce: (message: string, options?: AnnounceOptions) => void + /** 渲染到页面中的 aria-live 区域(放在组件树根部即可) */ + liveRegion: React.ReactNode +} + +/** + * 管理 aria-live 区域的 Hook。 + * - 支持 polite / assertive 两种模式 + * - 自动清除过期通知(可配置超时) + * - 用于表单提交结果、数据加载状态、错误提示 + */ +export function useAriaLive( + defaultOptions?: AnnounceOptions +): UseAriaLiveReturn { + const [politeMessage, setPoliteMessage] = React.useState("") + const [assertiveMessage, setAssertiveMessage] = React.useState("") + const [politeKey, setPoliteKey] = React.useState(0) + const [assertiveKey, setAssertiveKey] = React.useState(0) + const timeoutRef = React.useRef | null>(null) + + const announce = React.useCallback( + (message: string, options?: AnnounceOptions) => { + const politeness = + options?.politeness ?? defaultOptions?.politeness ?? "polite" + const clearAfter = + options?.clearAfter ?? defaultOptions?.clearAfter ?? 5000 + + if (timeoutRef.current) { + clearTimeout(timeoutRef.current) + timeoutRef.current = null + } + + if (politeness === "assertive") { + setAssertiveMessage(message) + setAssertiveKey((k) => k + 1) + } else { + setPoliteMessage(message) + setPoliteKey((k) => k + 1) + } + + if (clearAfter > 0) { + timeoutRef.current = setTimeout(() => { + setPoliteMessage("") + setAssertiveMessage("") + timeoutRef.current = null + }, clearAfter) + } + }, + [defaultOptions] + ) + + React.useEffect(() => { + return () => { + if (timeoutRef.current) { + clearTimeout(timeoutRef.current) + } + } + }, []) + + const liveRegion = React.createElement( + React.Fragment, + null, + React.createElement( + "div", + { + key: `polite-${politeKey}`, + "aria-live": "polite", + "aria-atomic": "true", + className: "sr-only", + }, + politeMessage + ), + React.createElement( + "div", + { + key: `assertive-${assertiveKey}`, + "aria-live": "assertive", + "aria-atomic": "true", + className: "sr-only", + }, + assertiveMessage + ) + ) + + return { announce, liveRegion } +} diff --git a/src/shared/lib/a11y.ts b/src/shared/lib/a11y.ts new file mode 100644 index 0000000..e7c3c8f --- /dev/null +++ b/src/shared/lib/a11y.ts @@ -0,0 +1,74 @@ +import * as React from "react" + +/** + * 生成唯一 ID(用于 aria-describedby、aria-labelledby 等)。 + * 基于 React.useId,SSR 安全,服务端与客户端一致。 + */ +export function useA11yId(prefix: string): string { + const id = React.useId() + return `${prefix}-${id}` +} + +/** + * 合并多组 aria/data 属性。 + * - 普通属性:后者覆盖前者 + * - aria-* / data-* 字符串属性:以空格拼接,便于聚合 describedby 等 + */ +export function mergeA11yProps>( + ...props: (T | undefined | null | false)[] +): T { + const result = {} as Record + for (const prop of props) { + if (!prop) continue + for (const key of Object.keys(prop)) { + const value = prop[key] + if (value === undefined || value === null) continue + const isAriaOrData = key.startsWith("aria-") || key.startsWith("data-") + const existing = result[key] + if ( + isAriaOrData && + typeof existing === "string" && + typeof value === "string" + ) { + result[key] = `${existing} ${value}`.trim() + } else { + result[key] = value + } + } + } + return result as T +} + +/** + * 计算输入框的 aria 属性。 + * @param describedBy 额外描述元素的 ID + * @param error 错误信息元素的 ID(存在则标记 invalid) + * @param hint 提示信息元素的 ID + */ +export function describeInput( + describedBy?: string, + error?: string, + hint?: string +): { ariaDescribedBy?: string; ariaInvalid?: boolean } { + const ids = [describedBy, error, hint].filter( + (v): v is string => v != null && v.length > 0 + ) + return { + ariaDescribedBy: ids.length > 0 ? ids.join(" ") : undefined, + ariaInvalid: Boolean(error), + } +} + +/** + * 提供加载状态的 aria 属性。 + * aria-busy 标记区域正在加载,aria-live=polite 让屏幕阅读器在空闲时播报。 + */ +export function loadingAria(isLoading: boolean): { + ariaBusy: boolean + ariaLive: "polite" | "assertive" +} { + return { + ariaBusy: isLoading, + ariaLive: "polite", + } +} diff --git a/tests/visual/admin-dashboard.spec.ts b/tests/visual/admin-dashboard.spec.ts new file mode 100644 index 0000000..66b00ae --- /dev/null +++ b/tests/visual/admin-dashboard.spec.ts @@ -0,0 +1,67 @@ +import { expect, test } from "@playwright/test" +import { setupAuthState } from "./helpers/auth" +import { buildMaskOption, maskDynamicElements, setTheme, setViewport, waitForPageReady } from "./helpers/visual-helpers" +import { SCREENSHOT_DEFAULT_OPTIONS, THEMES, VIEWPORT_LIST, snapshotName } from "./visual.config" + +/** + * 管理员仪表盘视觉回归测试 + * + * 登录后访问 /admin/dashboard,在 desktop/tablet/mobile 三种视口 + * 以及 light/dark 两种主题下进行整页快照, + * 并单独对侧边栏与主内容区做组件级快照。 + * + * 需要数据库环境以完成登录流程;未配置 DATABASE_URL 时自动跳过。 + */ +test.describe("Admin dashboard visual regression", () => { + test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests") + + for (const viewport of VIEWPORT_LIST) { + for (const theme of THEMES) { + test(`admin-dashboard @ ${viewport} @ ${theme}`, async ({ page }) => { + await setViewport(page, viewport) + await setTheme(page, theme) + await setupAuthState(page, "admin") + await page.goto("/admin/dashboard") + await waitForPageReady(page) + + const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']", "[data-testid='chart']"]) + await expect(page).toHaveScreenshot(snapshotName("admin-dashboard", viewport, theme), { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) + } + } + + test("admin-dashboard sidebar component @ desktop @ light", async ({ page }) => { + test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests") + await setViewport(page, "desktop") + await setTheme(page, "light") + await setupAuthState(page, "admin") + await page.goto("/admin/dashboard") + await waitForPageReady(page) + + const sidebar = page.locator("[data-testid='sidebar'], aside, nav").first() + const masks = await maskDynamicElements(page) + await expect(sidebar).toHaveScreenshot("admin-dashboard-sidebar-desktop-light.png", { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) + + test("admin-dashboard main content @ desktop @ light", async ({ page }) => { + test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests") + await setViewport(page, "desktop") + await setTheme(page, "light") + await setupAuthState(page, "admin") + await page.goto("/admin/dashboard") + await waitForPageReady(page) + + const main = page.locator("main").first() + const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']", "[data-testid='chart']"]) + await expect(main).toHaveScreenshot("admin-dashboard-main-desktop-light.png", { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) +}) diff --git a/tests/visual/helpers/auth.ts b/tests/visual/helpers/auth.ts new file mode 100644 index 0000000..e0564bf --- /dev/null +++ b/tests/visual/helpers/auth.ts @@ -0,0 +1,59 @@ +/** + * 视觉测试认证辅助 + * + * 提供登录辅助函数与 storageState 持久化能力, + * 避免每个视觉测试用例都重复走登录流程。 + */ +import type { Page } from "@playwright/test" +import { STORAGE_STATE_DIR, type UserRole } from "../visual.config" + +/** 测试账号配置(可通过环境变量覆盖) */ +export const TEST_ACCOUNTS: Record = { + admin: { + email: process.env.VISUAL_ADMIN_EMAIL ?? "admin@xiaoxue.edu.cn", + password: process.env.VISUAL_ADMIN_PASSWORD ?? "123456", + }, + teacher: { + email: process.env.VISUAL_TEACHER_EMAIL ?? "admin@xiaoxue.edu.cn", + password: process.env.VISUAL_TEACHER_PASSWORD ?? "123456", + }, + student: { + email: process.env.VISUAL_STUDENT_EMAIL ?? "admin@xiaoxue.edu.cn", + password: process.env.VISUAL_STUDENT_PASSWORD ?? "123456", + }, +} + +/** 角色对应的 storageState 文件路径(相对项目根) */ +export function storageStatePath(role: UserRole): string { + return `${STORAGE_STATE_DIR}/${role}.json` +} + +/** + * 在页面上执行登录流程 + * + * 走真实的 UI 登录流程,以便 next-auth cookie 写入浏览器上下文。 + */ +export async function loginByUI(page: Page, role: UserRole): Promise { + const { email, password } = TEST_ACCOUNTS[role] + await page.goto("/login") + await page.getByLabel("Email").fill(email) + await page.getByLabel("Password").fill(password) + await page.getByRole("button", { name: "Sign In with Email" }).click() + // 等待离开登录页 + await page.waitForURL((url) => !url.pathname.startsWith("/login"), { timeout: 30000 }) +} + +/** + * 设置认证状态 + * + * 若已存在该角色的 storageState 文件,则直接复用; + * 否则走 UI 登录流程并保存 storageState 以便后续复用。 + * + * @param page Playwright Page 实例 + * @param role 角色 + */ +export async function setupAuthState(page: Page, role: UserRole): Promise { + // Playwright 在 project 配置里通过 storageState 注入更高效, + // 这里提供运行时降级方案:直接走 UI 登录。 + await loginByUI(page, role) +} diff --git a/tests/visual/helpers/visual-helpers.ts b/tests/visual/helpers/visual-helpers.ts new file mode 100644 index 0000000..2ef1fa9 --- /dev/null +++ b/tests/visual/helpers/visual-helpers.ts @@ -0,0 +1,104 @@ +/** + * 视觉测试通用辅助 + * + * 提供视口切换、主题切换、页面就绪等待以及动态元素遮罩能力, + * 用于消除视觉快照中的误报。 + */ +import type { Locator, Page } from "@playwright/test" +import { VIEWPORTS, type ThemeName, type ViewportSize } from "../visual.config" + +/** + * 设置视口尺寸 + * @param page Playwright Page 实例 + * @param size 视口标识 desktop | tablet | mobile + */ +export async function setViewport(page: Page, size: ViewportSize): Promise { + const viewport = VIEWPORTS[size] + await page.setViewportSize({ width: viewport.width, height: viewport.height }) +} + +/** + * 设置主题 + * + * 项目使用 next-themes(attribute="class"),通过在 上切换 class 实现。 + * 这里直接操作 localStorage 与 DOM,避免依赖主题切换 UI。 + * + * @param page Playwright Page 实例 + * @param theme 主题 light | dark + */ +export async function setTheme(page: Page, theme: ThemeName): Promise { + // next-themes 默认将主题持久化在 localStorage 的 "theme" key + await page.addInitScript((themeValue) => { + try { + window.localStorage.setItem("theme", themeValue) + } catch { + // 忽略 localStorage 不可用的情况 + } + }, theme) + // 若页面已加载,同步切换 DOM class + const htmlClass = await page.evaluate(() => document.documentElement.className) + const nextClass = theme === "dark" ? `${htmlClass} dark` : htmlClass.replace(/\bdark\b/g, "").trim() + await page.evaluate((cls) => { + document.documentElement.className = cls + }, nextClass) +} + +/** + * 等待页面就绪 + * + * 等待 networkidle、字体加载以及主内容渲染完成, + * 确保快照稳定。 + */ +export async function waitForPageReady(page: Page): Promise { + await page.waitForLoadState("networkidle") + // 等待字体加载完成,避免文字位移 + await page.evaluate(() => document.fonts.ready) + // 给 React hydration 一点缓冲 + await page.waitForTimeout(300) +} + +/** + * 默认需要遮罩的动态元素选择器 + * - 时间戳 + * - 用户头像/用户名 + * - 实时数据 + */ +const DEFAULT_DYNAMIC_SELECTORS = [ + "[data-testid='timestamp']", + "[data-testid='current-time']", + "[data-testid='user-avatar']", + "[data-testid='user-name']", + "time", + "[data-visual-dynamic]", +] + +/** + * 遮罩动态元素 + * + * 将指定选择器匹配的元素用纯色块覆盖, + * 避免时间戳、用户名等动态内容导致快照误报。 + * + * @param page Playwright Page 实例 + * @param selectors 额外需要遮罩的选择器(会与默认列表合并) + */ +export async function maskDynamicElements(page: Page, selectors: string[] = []): Promise { + const allSelectors = [...new Set([...DEFAULT_DYNAMIC_SELECTORS, ...selectors])] + const masks: Locator[] = [] + for (const selector of allSelectors) { + const locator = page.locator(selector) + const count = await locator.count() + if (count > 0) { + masks.push(locator) + } + } + return masks +} + +/** + * 生成 toHaveScreenshot 的 mask 选项 + * + * 配合 maskDynamicElements 使用,将动态元素从对比中遮罩。 + */ +export function buildMaskOption(masks: Locator[]) { + return masks.length > 0 ? { mask: masks } : {} +} diff --git a/tests/visual/homepage.spec.ts b/tests/visual/homepage.spec.ts new file mode 100644 index 0000000..80af0e8 --- /dev/null +++ b/tests/visual/homepage.spec.ts @@ -0,0 +1,29 @@ +import { expect, test } from "@playwright/test" +import { setTheme, setViewport, waitForPageReady, maskDynamicElements, buildMaskOption } from "./helpers/visual-helpers" +import { SCREENSHOT_DEFAULT_OPTIONS, THEMES, VIEWPORT_LIST, snapshotName } from "./visual.config" + +/** + * 首页(登录页)视觉回归测试 + * + * 覆盖 desktop / tablet / mobile 三种视口, + * 以及 light / dark 两种主题。 + * 快照命名: homepage-{viewport}-{theme}.png + */ +test.describe("Homepage visual regression", () => { + for (const viewport of VIEWPORT_LIST) { + for (const theme of THEMES) { + test(`homepage @ ${viewport} @ ${theme}`, async ({ page }) => { + await setViewport(page, viewport) + await setTheme(page, theme) + await page.goto("/login") + await waitForPageReady(page) + + const masks = await maskDynamicElements(page) + await expect(page).toHaveScreenshot(snapshotName("homepage", viewport, theme), { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) + } + } +}) diff --git a/tests/visual/student-dashboard.spec.ts b/tests/visual/student-dashboard.spec.ts new file mode 100644 index 0000000..b01835c --- /dev/null +++ b/tests/visual/student-dashboard.spec.ts @@ -0,0 +1,67 @@ +import { expect, test } from "@playwright/test" +import { setupAuthState } from "./helpers/auth" +import { buildMaskOption, maskDynamicElements, setTheme, setViewport, waitForPageReady } from "./helpers/visual-helpers" +import { SCREENSHOT_DEFAULT_OPTIONS, THEMES, VIEWPORT_LIST, snapshotName } from "./visual.config" + +/** + * 学生仪表盘视觉回归测试 + * + * 登录后访问 /student/dashboard,在 desktop/tablet/mobile 三种视口 + * 以及 light/dark 两种主题下进行整页快照, + * 并单独对关键组件做组件级快照。 + * + * 需要数据库环境以完成登录流程;未配置 DATABASE_URL 时自动跳过。 + */ +test.describe("Student dashboard visual regression", () => { + test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests") + + for (const viewport of VIEWPORT_LIST) { + for (const theme of THEMES) { + test(`student-dashboard @ ${viewport} @ ${theme}`, async ({ page }) => { + await setViewport(page, viewport) + await setTheme(page, theme) + await setupAuthState(page, "student") + await page.goto("/student/dashboard") + await waitForPageReady(page) + + const masks = await maskDynamicElements(page, ["[data-testid='grade-value']", "[data-testid='attendance-rate']", "[data-testid='assignment-item']"]) + await expect(page).toHaveScreenshot(snapshotName("student-dashboard", viewport, theme), { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) + } + } + + test("student-dashboard sidebar component @ desktop @ light", async ({ page }) => { + test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests") + await setViewport(page, "desktop") + await setTheme(page, "light") + await setupAuthState(page, "student") + await page.goto("/student/dashboard") + await waitForPageReady(page) + + const sidebar = page.locator("[data-testid='sidebar'], aside, nav").first() + const masks = await maskDynamicElements(page) + await expect(sidebar).toHaveScreenshot("student-dashboard-sidebar-desktop-light.png", { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) + + test("student-dashboard main content @ desktop @ light", async ({ page }) => { + test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests") + await setViewport(page, "desktop") + await setTheme(page, "light") + await setupAuthState(page, "student") + await page.goto("/student/dashboard") + await waitForPageReady(page) + + const main = page.locator("main").first() + const masks = await maskDynamicElements(page, ["[data-testid='grade-value']", "[data-testid='attendance-rate']", "[data-testid='assignment-item']"]) + await expect(main).toHaveScreenshot("student-dashboard-main-desktop-light.png", { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) +}) diff --git a/tests/visual/teacher-dashboard.spec.ts b/tests/visual/teacher-dashboard.spec.ts new file mode 100644 index 0000000..773ffc9 --- /dev/null +++ b/tests/visual/teacher-dashboard.spec.ts @@ -0,0 +1,67 @@ +import { expect, test } from "@playwright/test" +import { setupAuthState } from "./helpers/auth" +import { buildMaskOption, maskDynamicElements, setTheme, setViewport, waitForPageReady } from "./helpers/visual-helpers" +import { SCREENSHOT_DEFAULT_OPTIONS, THEMES, VIEWPORT_LIST, snapshotName } from "./visual.config" + +/** + * 教师仪表盘视觉回归测试 + * + * 登录后访问 /teacher/dashboard,在 desktop/tablet/mobile 三种视口 + * 以及 light/dark 两种主题下进行整页快照, + * 并单独对关键组件做组件级快照。 + * + * 需要数据库环境以完成登录流程;未配置 DATABASE_URL 时自动跳过。 + */ +test.describe("Teacher dashboard visual regression", () => { + test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests") + + for (const viewport of VIEWPORT_LIST) { + for (const theme of THEMES) { + test(`teacher-dashboard @ ${viewport} @ ${theme}`, async ({ page }) => { + await setViewport(page, viewport) + await setTheme(page, theme) + await setupAuthState(page, "teacher") + await page.goto("/teacher/dashboard") + await waitForPageReady(page) + + const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']", "[data-testid='chart']", "[data-testid='schedule-item']"]) + await expect(page).toHaveScreenshot(snapshotName("teacher-dashboard", viewport, theme), { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) + } + } + + test("teacher-dashboard sidebar component @ desktop @ light", async ({ page }) => { + test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests") + await setViewport(page, "desktop") + await setTheme(page, "light") + await setupAuthState(page, "teacher") + await page.goto("/teacher/dashboard") + await waitForPageReady(page) + + const sidebar = page.locator("[data-testid='sidebar'], aside, nav").first() + const masks = await maskDynamicElements(page) + await expect(sidebar).toHaveScreenshot("teacher-dashboard-sidebar-desktop-light.png", { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) + + test("teacher-dashboard main content @ desktop @ light", async ({ page }) => { + test.skip(!process.env.DATABASE_URL, "requires DATABASE_URL for authenticated visual tests") + await setViewport(page, "desktop") + await setTheme(page, "light") + await setupAuthState(page, "teacher") + await page.goto("/teacher/dashboard") + await waitForPageReady(page) + + const main = page.locator("main").first() + const masks = await maskDynamicElements(page, ["[data-testid='stat-card-value']", "[data-testid='chart']", "[data-testid='schedule-item']"]) + await expect(main).toHaveScreenshot("teacher-dashboard-main-desktop-light.png", { + ...SCREENSHOT_DEFAULT_OPTIONS, + ...buildMaskOption(masks), + }) + }) +}) diff --git a/tests/visual/visual.config.ts b/tests/visual/visual.config.ts new file mode 100644 index 0000000..1fedb73 --- /dev/null +++ b/tests/visual/visual.config.ts @@ -0,0 +1,102 @@ +/** + * 视觉回归测试配置 + * + * 定义需要视觉测试的页面、视口尺寸、主题以及快照存储路径。 + * 被 tests/visual 下的 spec 文件与 helpers 共享使用。 + */ + +/** 视口尺寸标识 */ +export type ViewportSize = "desktop" | "tablet" | "mobile" + +/** 主题标识 */ +export type ThemeName = "light" | "dark" + +/** 角色标识 */ +export type UserRole = "admin" | "teacher" | "student" + +/** 视口像素配置 */ +export const VIEWPORTS: Record = { + desktop: { width: 1920, height: 1080 }, + tablet: { width: 768, height: 1024 }, + mobile: { width: 375, height: 812 }, +} + +/** 主题列表 */ +export const THEMES: ThemeName[] = ["light", "dark"] + +/** 视口列表 */ +export const VIEWPORT_LIST: ViewportSize[] = ["desktop", "tablet", "mobile"] + +/** 快照基线存储目录(相对项目根) */ +export const SNAPSHOT_BASE_DIR = "tests/visual/__screenshots__" + +/** storageState 存储目录(相对项目根) */ +export const STORAGE_STATE_DIR = "tests/visual/.auth" + +/** 角色对应的登录后仪表盘路由 */ +export const DASHBOARD_ROUTES: Record = { + admin: "/admin/dashboard", + teacher: "/teacher/dashboard", + student: "/student/dashboard", +} + +/** 视觉测试目标页面定义 */ +export interface VisualPageTarget { + /** 页面名称,用于快照命名 */ + name: string + /** 相对 baseURL 的路径 */ + path: string + /** 是否需要登录 */ + requiresAuth: boolean + /** 登录角色(requiresAuth=true 时必填) */ + role?: UserRole + /** 页面描述 */ + description: string +} + +/** 需要进行视觉测试的页面清单 */ +export const VISUAL_PAGES: VisualPageTarget[] = [ + { + name: "homepage", + path: "/login", + requiresAuth: false, + description: "登录页", + }, + { + name: "admin-dashboard", + path: "/admin/dashboard", + requiresAuth: true, + role: "admin", + description: "管理员仪表盘", + }, + { + name: "teacher-dashboard", + path: "/teacher/dashboard", + requiresAuth: true, + role: "teacher", + description: "教师仪表盘", + }, + { + name: "student-dashboard", + path: "/student/dashboard", + requiresAuth: true, + role: "student", + description: "学生仪表盘", + }, +] + +/** toHaveScreenshot 的默认选项 */ +export const SCREENSHOT_DEFAULT_OPTIONS = { + maxDiffPixelRatio: 0.01, + animations: "disabled" as const, + caret: "hide" as const, + scale: "css" as const, +} + +/** + * 生成快照文件名 + * @example homepage-desktop-light.png + */ +export function snapshotName(pageName: string, viewport: ViewportSize, theme: ThemeName): string { + return `${pageName}-${viewport}-${theme}.png` +}