Assessment Results Backend

Purpose

assessment_results is the per-organization join between an assessment and a student, holding that student's score, letter grade, and remarks for the assessment. It is a generic-CRUD slice assembled from the shared factories; the backend is the source of truth for these records.

Slice Files (by layer)

Route: src/routes/assessment_results.ts — createCrudRouter(controller, { permission: 'assessment_results' }).
Controller: src/api/controllers/assessment_results.controller.ts — createCrudController(service, { csvFields }).
Service (BLL): src/services/assessment_results.ts — createCrudService(DbApi, { notFoundCode: 'assessment_resultsNotFound' }).
Repository (DAL): src/db/api/assessment_results.ts (Assessment_resultsDBApi) — entity-specific create/bulkImport/update/findBy/findAll; remove/deleteByIds/findAllAutocomplete delegate to db/api/shared/repository.ts.
Model: src/db/models/assessment_results.ts.
Shared used: CRUD factories (services/shared/crud-service.ts, api/controllers/shared/crud-controller.ts, api/http/crud-router.ts), repository helpers (db/api/shared/repository.ts), shared/constants/pagination.ts (resolvePagination).

API

The standard generic-CRUD surface (all under /api/assessment_results, JWT + ${METHOD}_ASSESSMENT_RESULTS permission, all 200) — see backend-architecture.md for the shared contract:

POST / — body { data }, returns true.
POST /bulk-import — multipart CSV file, returns true.
PUT /:id — body { data, id } (the service reads the id from the body), returns true.
DELETE /:id — returns true.
POST /deleteByIds — body { data: string[] }, returns true.
GET / — query filters, returns { rows, count }; ?filetype=csv streams a CSV of csvFields.
GET /count — returns { rows: [], count }.
GET /autocomplete — ?query&limit&offset, returns [{ id, label }] where label is grade_letter.
GET /:id — returns the record with eager associations (see Data Contract).

csvFields: id, remarks, score.

Access Rules

JWT required; the whole router is guarded by checkCrudPermissions('assessment_results'), deriving READ_ASSESSMENT_RESULTS / CREATE_ASSESSMENT_RESULTS / UPDATE_ASSESSMENT_RESULTS / DELETE_ASSESSMENT_RESULTS per HTTP method.
Access is granted by role permission or per-user custom_permissions (see permissions.md).

Tenant Scope

findAll scopes where.organizationId to currentUser.organizationId; a globalAccess role clears the org filter (sees all tenants).
create assigns the organization from currentUser.organizationId; update only reassigns organization for globalAccess users (otherwise it stays the caller's org).

Data Contract

Model columns (paranoid, soft-delete via deletedAt):

id (UUID PK), remarks (TEXT, nullable).
score — DECIMAL (nullable).
grade_letter — ENUM A | B | C | D | E | F | P | N.
importHash (unique), organizationId, assessmentId, studentId, createdById, updatedById, timestamps.

Associations: belongsTo organization, assessment (assessments), createdBy/updatedBy (users). findBy/GET /:id eager-load organization and assessment in a single Promise.all.

List filters (AssessmentResultsFilter): id, remarks, scoreRange, active, grade_letter, assessment (id or assessment name, |-separated, applied as an include where-clause), student (id or student_number, |-separated, applied as an include where-clause), organization (|-separated ids), createdAtRange, plus field/sort ordering and limit/page pagination.

Behavior / Notes

create/update set the assessment, student, and organization associations from the ids in the request body.
bulkImport offsets createdAt per row by BULK_IMPORT_TIMESTAMP_STEP_MS to preserve order.
List pagination uses the shared resolvePagination defaults (page size 10, capped at 100).
Note: AssessmentResultsFilter accepts an active flag the model has no column for; it is currently inert (kept for source accuracy).

Tests

None yet.

Generic-CRUD contract: backend-architecture.md; related slices: assessments, organizations, permissions.md.

4.3 KiB Raw Blame History