All Classes and Interfaces
Class
Description
Account administration: create instructor accounts and archive or
reactivate any account.
Web endpoints of the administration area under
/admin/**
(gated to ROLE_ADMIN by the security rules): the account list,
instructor account creation, and account archiving.One security-relevant event (maps the
audit_logs table).Minimal security audit trail: internal use only, no controller.
Web endpoints for authentication pages:
home and login views, and the registration form
(display and submission).
In-memory caching (Spring Cache over Caffeine), currently holding rendered
lesson HTML (see ADR-0013 in docs/adr/).
Web endpoints of the student course experience: the published
course catalogue, the course detail page, and the enroll/drop actions.
Form-backing record for creating or editing a course
(the description is optional; the column is TEXT, no length cap).
Read side of the course catalogue, applying the student visibility rule:
a student sees
PUBLISHED courses; a student who is enrolled keeps
read access to the course and its published lessons if the course is later
ARCHIVED (content continuity); DRAFT content is never
visible to students.Web endpoint of the student dashboard: the logged-in user's active
courses with their enrollment status.
Thrown when registration is attempted with an email that is already registered.
Thrown when registration is attempted with a username that already exists.
A single-use, expiring email-verification token (maps the
email_tokens table).Web endpoints of the email verification flow: the emailed link
lands on
GET /auth/verify (public, like the whole /auth
prefix), and a logged-in user can ask for a fresh link from the dashboard
banner.Sends the email-verification message.
Email verification: proves the registered address belongs to the user.
Join entity linking a student to a course they joined, with state of its
own (status and transition timestamps), which is why the association is an
entity rather than a bare
@ManyToMany like user_roles.Composite primary key of
Enrollment: the (user, course) pair IS the
identity, so a student cannot enroll twice in the same course by
construction.Student-side enrollment lifecycle (see the diagram in CONTRIBUTING.md).
Persisted states of the student course progress lifecycle
(see the diagram in CONTRIBUTING.md).
Form backing the "forgot password" request page.
Web endpoints of the instructor authoring area under
/instructor/** (gated to ROLE_INSTRUCTOR by the security
rules): the instructor's course list, the course create/edit forms, and
the publication lifecycle actions.Write side of the course domain for instructors: authoring and the
publication lifecycle of
CONTRIBUTING.md (publish from DRAFT,
archive from DRAFT or PUBLISHED, restore an ARCHIVED item to DRAFT).Web endpoints for the legal pages.
An individual piece of content within a course, authored as Markdown
(
content_markdown) and rendered to HTML at display time.Form-backing record for creating or editing a lesson.
Account lockout: counts consecutive failed logins per account and locks
the account at the configured threshold
(
learndev.lockout.max-attempts).Converts lesson Markdown to HTML that is safe to serve.
Web endpoints for the password-reset flow:
the "forgot password" request page and the "reset password" page that
consumes the emailed token.
Sends the password-reset email.
The password-reset ("forgot password") flow.
A single-use, expiring password-reset token (maps the
reset_tokens
table).Editorial lifecycle shared by courses and lessons (see the Course and
Lesson lifecycle diagrams in CONTRIBUTING.md).
RegisterForm holds the data submitted by a browser HTML form for user registration.Creates new user accounts: enforces unique username and email, hashes the
password, and assigns the default
STUDENT role.Form backing the "reset password" page.