Skip to content

12-07-2025

Pre-release
Pre-release
Compare
Choose a tag to compare
@fulleni fulleni released this 12 Jul 16:53
· 213 commits to main since this release
12-07-2025
3283ed3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

🚀 Architectural Revolution: Migration to MongoDB & Enhanced RBAC

This release represents a landmark architectural overhaul of the API. We have completed a full data store migration from PostgreSQL to MongoDB, embracing a more flexible document-oriented model to pave the way for future feature development.

In parallel, we have fundamentally refactored our core data models and rebuilt the user role system from the ground up. The new dual-role RBAC system (appRole and dashboardRole) provides more granular and secure access control, while model renames (Category -> Topic) align the API with our evolving domain language. These changes are supported by significant improvements in logging, configuration, and security enforcement.

✨ Key Architectural Changes

  • Database Migration to MongoDB: The application's primary data store has been completely migrated from PostgreSQL to MongoDB. This involved a comprehensive update of the entire data access layer, repository implementations, and data seeding logic.
  • Enhanced Dual-Role RBAC: The user role system has been overhauled. A user now has distinct appRole (for application features) and dashboardRole (for administrative functions), allowing for more precise and secure permission management across the entire platform.
  • Core Model Refactoring: The Category model has been replaced by Topic, and AppConfig has been replaced by RemoteConfig. These changes are reflected across the database schema, repositories, and all related API endpoints.

🛡️ Security & API Enhancements

  • Ownership Enforcement Middleware: A new middleware has been introduced to enforce data ownership on user-specific records (User, UserAppSettings, etc.). This ensures users can only access or modify their own data, unless they possess administrative privileges.
  • Simplified API Querying: Collection endpoints (/api/v1/data) now accept a generic, JSON-encoded filter parameter for powerful, MongoDB-style queries. This replaces model-specific query parameters.
  • Standardized Error Codes: HTTP error codes returned by the API are now standardized to camelCase for better consistency.

🔧 Technical Refinements & Performance

  • Structured Logging: All print() statements have been replaced with a structured Logger, significantly improving system observability and making debugging more efficient.
  • Optimized Dashboard Summary: The dashboard summary endpoint has been optimized to retrieve only document counts, drastically reducing data transfer and improving performance.
  • Centralized Timestamp Handling: A new utility function now centralizes the conversion of DateTime objects to ISO 8601 strings, ensuring data consistency for all model deserialization.
  • Robust Environment Loading: The .env file loading mechanism has been improved to be more resilient, making local development setup more reliable.
Assets 2
Loading