renato97/studyos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement 33 nice-to-have features + fix 37 code review bugs

Browse Source 
5 SDD batches archived:
- Batch 1: UI Polish (10 features, 14 tasks)
- Batch 2: Study System (8 features, 23 tasks)
- Batch 3: Infrastructure (5 features, 22 tasks)
- Batch 4: AI Advanced (5 features, 30 tasks) — RAG with @xenova/transformers
- Batch 5: Core Features (5 features, 19 tasks)

37 bugs fixed from comprehensive code review (11 CRITICAL, 12 HIGH, 14 MEDIUM/LOW):
- SSE streaming now works (event.token check)
- API keys no longer exposed via GET /api/models
- FTS5 injection sanitized
- DB backup/restore with admin auth
- Buddy mode wired (buddy_meta column)
- Exam auto-submit stale closure fixed
- CSS variables aligned with design tokens
- Progress data corruption fixed
- WebSocket protocol auto-detection
- Tests infrastructure completed (vitest + node:test)
This commit is contained in:
renato97
2026-06-08 18:18:47 -03:00
parent b7d1e7319f
commit 4ff4302a8c
79 changed files with 13667 additions and 389 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
server/routes/__tests__/config.test.js Normal file
View File

@@ -0,0 +1,82 @@
const { describe, it, before, after } = require('node:test');
const assert = require('node:assert');
const fs = require('fs');
const path = require('path');
const os = require('os');
const express = require('express');
const configRoutes = require('../config');
function request(app, method, urlPath, body, headers = {}) {
return new Promise((resolve, reject) => {
const server = app.listen(0, '127.0.0.1', async () => {
const port = server.address().port;
try {
const res = await fetch(`http://127.0.0.1:${port}${urlPath}`, {
method,
body,
headers,
});
server.close(() => resolve(res));
} catch (err) {
server.close(() => reject(err));
}
});
});
}
describe('config routes', () => {
let app;
const realDb = path.resolve(__dirname, '..', '..', '..', 'data', 'studyos.db');
const backupDb = path.resolve(__dirname, '..', '..', '..', 'data', 'studyos.db.bak');
before(() => {
app = express();
app.use(express.json());
app.use('/api/config', configRoutes);
if (fs.existsSync(realDb)) {
fs.renameSync(realDb, backupDb);
}
});
after(() => {
if (fs.existsSync(backupDb)) {
if (fs.existsSync(realDb)) fs.unlinkSync(realDb);
fs.renameSync(backupDb, realDb);
} else if (fs.existsSync(realDb)) {
fs.unlinkSync(realDb);
}
});
it('GET /api/config/backup returns 404 when DB missing', async () => {
const res = await request(app, 'GET', '/api/config/backup');
assert.strictEqual(res.status, 404);
const body = await res.json();
assert.strictEqual(body.error, 'No database');
});
it('POST /api/config/restore rejects invalid file', async () => {
const form = new FormData();
const blob = new Blob(['not-a-db']);
form.append('file', blob, 'bad.db');
const res = await request(app, 'POST', '/api/config/restore', form);
assert.strictEqual(res.status, 400);
const body = await res.json();
assert.strictEqual(body.error, 'Not a valid SQLite database');
});
it('POST /api/config/restore accepts valid SQLite file', async () => {
const header = Buffer.from('SQLite format 3\0');
const dbContent = Buffer.concat([header, Buffer.alloc(100)]);
const form = new FormData();
const blob = new Blob([dbContent]);
form.append('file', blob, 'studyos.db');
const res = await request(app, 'POST', '/api/config/restore', form);
assert.strictEqual(res.status, 200);
const body = await res.json();
assert.strictEqual(body.ok, true);
});
});