gitadmin/ArchiTools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

audit: production safety fixes, cleanup, and documentation overhaul

Browse Source 
CRITICAL fixes:
- Fix SQL injection in geoportal search (template literal in $queryRaw)
- Preserve enrichment data during GIS re-sync (upsert update explicit fields only)
- Fix ePay version race condition (advisory lock in transaction)
- Add requireAuth() to compress-pdf and unlock routes (were unauthenticated)
- Remove hardcoded Stirling PDF API key (env vars now required)

IMPORTANT fixes:
- Add admin role check on registratura debug-sequences endpoint
- Fix reserved slot race condition with advisory lock in transaction
- Use SSO identity in close-guard-dialog instead of hardcoded "Utilizator"
- Storage DELETE catches only P2025 (not found), re-throws real errors
- Add onDelete: SetNull for GisFeature → GisSyncRun relation
- Move portal-only users to PORTAL_ONLY_USERS env var
- Add security headers (X-Frame-Options, X-Content-Type-Options, Referrer-Policy)
- Add periodic cleanup for eTerra/ePay session caches and progress store
- Log warning when ePay dataDocument is missing (expiry fallback)

Cleanup:
- Delete orphaned rgi-test page (1086 lines, unregistered, inaccessible)
- Delete legacy/ folder (5 files, unreferenced from src/)
- Remove unused ensureBucketExists() from minio-client.ts

Documentation:
- Optimize CLAUDE.md: 464 → 197 lines (moved per-module details to docs/)
- Create docs/ARCHITECTURE-QUICK.md (80 lines: data flow, deps, env vars)
- Create docs/MODULE-MAP.md (140 lines: entry points, API routes, cross-deps)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
AI Assistant
2026-03-26 06:40:34 +02:00
parent c012adaa77
commit 0c4b91707f
25 changed files with 579 additions and 3405 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/modules/registratura/components/close-guard-dialog.tsx
+3 -1
View File
@@ -9,6 +9,7 @@ import {
X,
FileText,
} from "lucide-react";
import { useAuth } from "@/core/auth";
import { Button } from "@/shared/components/ui/button";
import { Input } from "@/shared/components/ui/input";
import { Label } from "@/shared/components/ui/label";
@@ -66,6 +67,7 @@ export function CloseGuardDialog({
activeDeadlines,
onConfirmClose,
}: CloseGuardDialogProps) {
const { user } = useAuth();
const [search, setSearch] = useState("");
const [selectedEntryId, setSelectedEntryId] = useState("");
const [resolution, setResolution] = useState<ClosureResolution>("finalizat");
@@ -130,7 +132,7 @@ export function CloseGuardDialog({
onConfirmClose({
resolution,
reason: reason.trim(),
closedBy: "Utilizator", // TODO: replace with SSO identity
closedBy: user?.name ?? "Utilizator",
closedAt: new Date().toISOString(),
linkedEntryId: selectedEntryId || undefined,
linkedEntryNumber: selectedEntry?.number,