28251b1e08
One migration + targeted hot-path fixes. API behavior 1:1 (schema change = added
indexes + a byte-identical f_unaccent function-body swap, see below).
- Trigram + composite indexes (20260705T120000-perf-indexes.ts): GIN trigram on
LOWER(f_unaccent(title/name)) for pages/users/groups (the /search/suggest
leading-wildcard LIKE did a seq scan per keystroke — EXPLAIN now confirms
Bitmap Index Scan on idx_pages_title_trgm), + page_history(page_id,id DESC),
comments(page_id,id). DEVIATION (verified byte-identical): PG18 cannot inline
the two-arg f_unaccent body during index creation, so up() swaps it to the
schema-qualified single-arg `SELECT public.unaccent($1)` — same dictionary,
identical output for all inputs, so the tsvector trigger + main @@ search stay
consistent with NO reindex; down() restores the exact two-arg body.
- Auth path: jwt.strategy reuses req.raw.workspace when workspaceId matches (the
middleware already validated it) instead of re-querying; domain.middleware
caches the workspace lookup (withCache 15s, invalidated in all 8 WorkspaceRepo
mutators, with a Date reviver for the JSON-serialized cache). USER + SESSION
caching DEFERRED — the invalidation surface (role change doesn't revoke
sessions; revocation includes background jobs) can't be safely covered, and a
missed hook on a security path is worse than the win.
- AI re-embed coalescing: aiQueue.add gets {jobId: embed-<id>, delay: 30s} so
active editing collapses to one job (worker reads current page state).
- filterAccessiblePageIds: hasRestrictedPagesInWorkspace short-circuit skips the
recursive-ancestor CTE when a workspace has zero restricted pages (wired from
search/favorites/notifications/recent/created-by). EXISTS on the same pageAccess
table the CTE anti-joins → no false-positive / no access leak. Busts the cache
on insertPageAccess so a 0->1 restricted transition takes effect immediately
(review F1).
- Small: syncTransclusion guarded by a family-node probe (both old+new content, so
the removal path is preserved); mention notifications enqueue only when the set
gained a member; redis maintainLock clears a prior interval (leak fix).
Skipped as risky (flagged): global ValidationPipe transform change; a pool-wide
statement_timeout (would kill long CREATE INDEX migrations on the same pool).
NOTE: kept the trash query's `content` select — the trash UI reads page.content
for its preview modal (review F3, would have regressed).
Gate: server tsc 0; jest page-permission/auth/search/persistence 15 suites pass;
migration up+down+idempotency verified on real PG18 with EXPLAIN confirming index
use. No new deps.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
61 lines
1.5 KiB
TypeScript
61 lines
1.5 KiB
TypeScript
import {
|
|
Body,
|
|
Controller,
|
|
HttpCode,
|
|
HttpStatus,
|
|
Post,
|
|
UseGuards,
|
|
} from '@nestjs/common';
|
|
import { NotificationService } from './notification.service';
|
|
import { AuthUser } from '../../common/decorators/auth-user.decorator';
|
|
import { JwtAuthGuard } from '../../common/guards/jwt-auth.guard';
|
|
import { User } from '@docmost/db/types/entity.types';
|
|
import { ListNotificationsDto, MarkNotificationsReadDto } from './dto/notification.dto';
|
|
|
|
@UseGuards(JwtAuthGuard)
|
|
@Controller('notifications')
|
|
export class NotificationController {
|
|
constructor(private readonly notificationService: NotificationService) {}
|
|
|
|
@HttpCode(HttpStatus.OK)
|
|
@Post('/')
|
|
async getNotifications(
|
|
@Body() dto: ListNotificationsDto,
|
|
@AuthUser() user: User,
|
|
) {
|
|
return this.notificationService.findByUserId(
|
|
user.id,
|
|
dto,
|
|
dto.type,
|
|
user.workspaceId,
|
|
);
|
|
}
|
|
|
|
@HttpCode(HttpStatus.OK)
|
|
@Post('unread-count')
|
|
async getUnreadCount(@AuthUser() user: User) {
|
|
const count = await this.notificationService.getUnreadCount(user.id);
|
|
return { count };
|
|
}
|
|
|
|
@HttpCode(HttpStatus.OK)
|
|
@Post('mark-read')
|
|
async markAsRead(
|
|
@Body() dto: MarkNotificationsReadDto,
|
|
@AuthUser() user: User,
|
|
) {
|
|
if (dto.notificationIds?.length) {
|
|
await this.notificationService.markMultipleAsRead(
|
|
dto.notificationIds,
|
|
user.id,
|
|
);
|
|
}
|
|
}
|
|
|
|
@HttpCode(HttpStatus.OK)
|
|
@Post('mark-all-read')
|
|
async markAllAsRead(@AuthUser() user: User) {
|
|
await this.notificationService.markAllAsRead(user.id);
|
|
}
|
|
}
|