MOPC/MOPC-Portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: security hardening + performance refactoring (code review batch 1)

Browse Source 
- IDOR fix: deliberation vote now verifies juryMemberId === ctx.user.id
- Rate limiting: tRPC middleware (100/min), AI endpoints (5/hr), auth IP-based (10/15min)
- 6 compound indexes added to Prisma schema
- N+1 eliminated in processRoundClose (batch updateMany/createMany)
- N+1 eliminated in batchCheckRequirementsAndTransition (3 batch queries)
- Service extraction: juror-reassignment.ts (578 lines)
- Dead code removed: award.ts, cohort.ts, decision.ts (680 lines)
- 35 bare catch blocks replaced across 16 files
- Fire-and-forget async calls fixed
- Notification false positive bug fixed

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Matt
2026-03-07 16:18:24 +01:00
parent a8b8643936
commit b85a9b9a7b
32 changed files with 1032 additions and 1355 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/server/routers/specialAward.ts
View File

@@ -365,11 +365,13 @@ export const specialAwardRouter = router({
})
// Fire and forget - process in background
void processEligibilityJob(
processEligibilityJob(
input.awardId,
input.includeSubmitted ?? false,
ctx.user.id
)
).catch((err) => {
console.error('[SpecialAward] processEligibilityJob failed:', err)
})
return { started: true }
}),
@@ -913,12 +915,14 @@ export const specialAwardRouter = router({
})
// Fire and forget - process in background with round scoping
void processEligibilityJob(
processEligibilityJob(
input.awardId,
true, // include submitted
ctx.user.id,
input.roundId
)
).catch((err) => {
console.error('[SpecialAward] processEligibilityJob (round) failed:', err)
})
return { started: true }
}),