MOPC/MOPC-Portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: security hardening + performance refactoring (code review batch 1)

Browse Source 
- IDOR fix: deliberation vote now verifies juryMemberId === ctx.user.id
- Rate limiting: tRPC middleware (100/min), AI endpoints (5/hr), auth IP-based (10/15min)
- 6 compound indexes added to Prisma schema
- N+1 eliminated in processRoundClose (batch updateMany/createMany)
- N+1 eliminated in batchCheckRequirementsAndTransition (3 batch queries)
- Service extraction: juror-reassignment.ts (578 lines)
- Dead code removed: award.ts, cohort.ts, decision.ts (680 lines)
- 35 bare catch blocks replaced across 16 files
- Fire-and-forget async calls fixed
- Notification false positive bug fixed

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Matt
2026-03-07 16:18:24 +01:00
parent a8b8643936
commit b85a9b9a7b
32 changed files with 1032 additions and 1355 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
prisma/migrations/20260307131449_add_compound_indexes/migration.sql Normal file
View File

@@ -0,0 +1,20 @@
-- AlterTable
ALTER TABLE "User" ALTER COLUMN "role" SET DEFAULT 'APPLICANT';
-- CreateIndex
CREATE INDEX "Assignment_roundId_isCompleted_idx" ON "Assignment"("roundId", "isCompleted");
-- CreateIndex
CREATE INDEX "ConflictOfInterest_projectId_idx" ON "ConflictOfInterest"("projectId");
-- CreateIndex
CREATE INDEX "ConflictOfInterest_userId_hasConflict_idx" ON "ConflictOfInterest"("userId", "hasConflict");
-- CreateIndex
CREATE INDEX "NotificationLog_type_status_idx" ON "NotificationLog"("type", "status");
-- CreateIndex
CREATE INDEX "ProjectRoundState_roundId_state_idx" ON "ProjectRoundState"("roundId", "state");
-- CreateIndex
CREATE INDEX "RankingSnapshot_roundId_createdAt_idx" ON "RankingSnapshot"("roundId", "createdAt");

6
prisma/schema.prisma
View File

@@ -768,6 +768,7 @@ model Assignment {
@@index([isCompleted])
@@index([projectId, userId])
@@index([juryGroupId])
@@index([roundId, isCompleted])
}
model Evaluation {
@@ -964,6 +965,7 @@ model NotificationLog {
@@index([projectId])
@@index([batchId])
@@index([email])
@@index([type, status])
}
// =============================================================================
@@ -1494,6 +1496,7 @@ model RankingSnapshot {
@@index([roundId])
@@index([triggeredById])
@@index([createdAt])
@@index([roundId, createdAt])
}
// Tracks progress of long-running AI tagging jobs
@@ -1740,6 +1743,8 @@ model ConflictOfInterest {
@@index([userId])
@@index([hasConflict])
@@index([projectId])
@@index([userId, hasConflict])
}
// =============================================================================
@@ -2283,6 +2288,7 @@ model ProjectRoundState {
@@index([projectId])
@@index([roundId])
@@index([state])
@@index([roundId, state])
}
model AdvancementRule {