refactor(api): enforce protocol-neutral service boundaries

- refactor: move HTTP status and DTO concerns out of model and service
  layers into API and handler code.
- feat: add admin service boundary and route auth through services
  instead of direct repository access.
- test: add architecture and error tests covering package boundaries,
  redaction, and service behavior.
- docs: record the protocol-neutral boundary decision and update
  architecture and roadmap notes.
This commit is contained in:
2026-07-05 23:30:17 +08:00
parent 28e17a5b08
commit 63ede5c237
34 changed files with 1028 additions and 438 deletions
+5
View File
@@ -23,6 +23,7 @@ type WebApp struct {
FileRepo repository.FileRepository
CredentialRepo repository.CredentialRepository
AuthService *service.AuthService
AdminService *service.AdminService
FileService *service.FileService
Storage storage.StorageBackend
}
@@ -58,6 +59,7 @@ func Bootstrap(cfg *config.Config) (*WebApp, error) {
}
fileService := service.NewFileService(fileRepo, store, cfg.Storage.MaxUploadSize, slog.Default())
adminService := service.NewAdminService(userRepo)
return &WebApp{
Config: cfg,
@@ -68,6 +70,7 @@ func Bootstrap(cfg *config.Config) (*WebApp, error) {
FileRepo: fileRepo,
CredentialRepo: credentialRepo,
AuthService: authService,
AdminService: adminService,
FileService: fileService,
Storage: store,
}, nil
@@ -80,6 +83,7 @@ func NewWebApp(cfg *config.Config, db *gorm.DB,
fileRepo repository.FileRepository,
credentialRepo repository.CredentialRepository,
authService *service.AuthService,
adminService *service.AdminService,
fileService *service.FileService,
store storage.StorageBackend,
) *WebApp {
@@ -92,6 +96,7 @@ func NewWebApp(cfg *config.Config, db *gorm.DB,
FileRepo: fileRepo,
CredentialRepo: credentialRepo,
AuthService: authService,
AdminService: adminService,
FileService: fileService,
Storage: store,
}