This document outlines the architectural strategy and high-level milestones for transitioning the system to a Zero-Trust, Layered Institutional Architecture.
- Strategy: Strict adherence to
schema2.sql. Every Java entity must mirror the MySQL table exactly. - Principle: Circular references are handled via DTOs to prevent JSON serialization recursion.
- Volatility:
- Stable: Reference data (Centres, Roles).
- Semi-Volatile: Operational data (Students, Courses).
- Highly Volatile: Transactional data (Registrations, Schedules).
- Strategy: All mutations (Save/Update/Delete) must pass through a
PolicyEnforcementService. - Mechanism: The
X-Actor-Usernameheader is required for all mutation requests. - Constraint: No student can exist without an enrollment record (
student_semester_registration).
- Strategy: Decouple timetable generation from the request-response cycle.
- Logic: Constraints are stored as structured strings but parsed by a dedicated service.
- Output: Timetables are generated into
output_tabandexamtabtables rather than being held in memory.
- Schema Alignment: Unified
examtt2as the single source of truth. - Entity Cleanup: Synchronized Java models with DB constraints.
- Security Bootstrap: Integrated BCrypt and Role-based scoping (PEL).
- Refactoring Controllers: Switched from returning Entities to DTOs (All major controllers updated).
- Securing Secondary Domains: Implemented DIV for Program, Venue, and Staff management.
- Transactional Audit: Ensured all cross-table updates are atomic using
@Transactional.
- Constraint Parser: Coding the regex/logic to interpret strings like
CHM(0,1);PHY(2,3). - Frontend Sync: Updating the React UI to consume DTOs and maintain global state via Zustand.
- Progress API: Setting up the polling mechanism for Timetable Generation progress.
- Schedule Orchestration: Restoring
GeneralSettingsto define grid dimensions (Settings Page) and interactive period selection for algorithm triggering (Timetable Page). - Algorithm Trigger: Implementing the API to accept the finalized grid state and kick off the scheduler engine.
- Configuration Status Checks: Implementing a pre-flight checklist UI (circle-tick design) to verify all configurations (Constraints, Semester, Load) are satisfied before initialization.
1.- [x] Zero Direct DB Access: Enforce Controller -> Service -> Repository pattern.
- Period Exclusion Feature:
- Database Schema (
period_exclusion_snapshots) - Backend Implementation (Entities, DTOs, Services, Controller)
- Frontend UI (Calendar Grid)
- Database Schema (
- Snapshot Versioning (History): Added Snapshot Registry sidebar for archiving/restoring versions.
- Elite UI Redesign: Implemented premium institutional aesthetic (Brick/Gold/Glass).
- Algorithm Integration: Pass exclusion constraints to the core engine.
- Header Integrity: All Frontend API calls must include the
X-Actor-Username. - Naming Convention:
- Controllers:
Domaincontroller.java(Lowercase 'c'). - Models:
Domain.java(Capitalized). - DTOs:
DomainDto.java.
- Controllers:
- Error Handling: Throw
RuntimeExceptionwith descriptive messages; caught by a global handler (upcoming).
- Backend compiles with 0 errors.
- Frontend reflects "Access Denied" for unauthorized role scopes.
- A student can successfully register ONLY if enrolled for the current session.
- Timetable generation reads constraints from the new
constraint_tableand writes tooutput_tab.
- A nodemon like functionality for restarting the server upon main java server files updates (See Backend Dev Guide)