Skip to content

Latest commit

 

History

History
127 lines (114 loc) · 7.85 KB

File metadata and controls

127 lines (114 loc) · 7.85 KB

Glossary

Definitions of the domain and technical terms used across the learn-dev project. For the concrete tools and versions, see docs/tech-stacks.md; for how the pieces fit together, see ARCHITECTURE.md; for the rationale behind design decisions, see the ADRs.

Domain terms

  • Archive — Unpublish a course or lesson so it is no longer available to students, without deleting it.
  • Course — A unit of learning content owned by an instructor; contains lessons.
  • Deactivate — Disable an account (for example an instructor or student) so it can no longer be used, without deleting it. See also disabled account.
  • Drop a course — A student withdrawing from a course before finishing it.
  • Enrollment — The relationship linking a student to a course they have joined.
  • Lesson — An individual piece of content within a course.
  • Role — A named set of permissions granted to a user. The seeded roles are STUDENT, INSTRUCTOR, and ADMIN; SUPERADMIN is planned (see issue #65).

Authentication and security

  • Authority — In Spring Security, a single granted permission string held by an authenticated user. Roles are represented as authorities prefixed with ROLE_ (for example the ADMIN role becomes the authority ROLE_ADMIN).
  • BCrypt — An adaptive password-hashing function. Passwords are stored as BCrypt hashes, never in clear text.
  • CSRF (Cross-Site Request Forgery) — An attack that tricks a logged-in user's browser into submitting an unwanted request. Defended with a per-form token (injected by Thymeleaf) and the SameSite cookie attribute.
  • Disabled account — An account that exists but is not allowed to authenticate (mapped from the is_active = false flag). Distinct from a locked account.
  • HttpOnly — A cookie attribute that hides the cookie from client-side JavaScript, mitigating session theft via XSS.
  • IDOR (Insecure Direct Object Reference) — An access-control flaw where a client-supplied identifier is trusted without an authorization check. Using UUID primary keys for users mitigates enumeration (see ADR-0003).
  • Locked account — An account temporarily blocked from authenticating (for example after too many failed logins), mapped from the is_locked flag. Distinct from a disabled account.
  • Principal — The currently authenticated entity (typically the user) within a security context.
  • SameSite — A cookie attribute controlling whether the browser sends the cookie on cross-site requests. Set to Lax here as CSRF defense in depth.
  • Secure (cookie) — A cookie attribute that restricts the cookie to HTTPS. Enabled only once the app is served over TLS.
  • Session (server-side) — Authentication state kept on the server and referenced by a session cookie (JSESSIONID), rather than a self-contained token (see ADR-0001).
  • XSS (Cross-Site Scripting) — Injection of malicious scripts into pages viewed by other users. Mitigated by Thymeleaf's automatic output escaping and HttpOnly.

Persistence and data modelling

  • Changelog / Changeset (Liquibase) — A changelog is the ordered list of migrations; a changeset is one atomic migration, identified by path::id::author.
  • ERD (Entity-Relationship Diagram) — A diagram of entities and their relationships (rendered here with Mermaid).
  • Hibernate — The JPA implementation (ORM) used to map Java entities to tables.
  • JPA (Jakarta Persistence API) — The standard Java API for object-relational mapping; implemented by Hibernate.
  • JSESSIONID — The default name of the servlet session cookie.
  • Liquibase — The database schema migration tool. Migrations are hand-written formatted-SQL files applied at startup (see ADR-0005).
  • Merise — A French data-modelling method producing three views: MCD, MLD, MPD.
  • MCD (Modele Conceptuel de Donnees) — Conceptual data model; the entities and relationships independent of any database.
  • MLD (Modele Logique des Donnees) — Logical data model; the relational schema (tables, keys) derived from the MCD.
  • MPD (Modele Physique des Donnees) — Physical data model; the concrete schema as implemented in PostgreSQL.
  • ORM (Object-Relational Mapping) — Mapping between Java objects and relational tables; provided by Hibernate/JPA.
  • UUID — A 128-bit identifier used as the primary key for users to avoid sequential-id enumeration.

Build, testing, and tooling

  • ADR (Architecture Decision Record) — A short, numbered, append-only document capturing one design decision and its trade-offs, in MADR format.
  • Bean Validation — The Jakarta standard for declaring constraints (@NotBlank, @Email, @Size) on form/DTO fields, enforced with @Valid.
  • DTO (Data Transfer Object) — An object carrying data across a boundary, deliberately separate from entities. A ...Form DTO backs an HTML form.
  • Failsafe — The Maven plugin that runs *IT integration tests in the verify phase. This project does not use it (see ADR-0009).
  • FIFO (named pipe) — A special file that streams data on read. The project's .env is a FIFO filled by 1Password; shell source cannot read it (0-byte stat).
  • HikariCP — The JDBC connection pool bundled with Spring Boot.
  • Integration test — A test that boots a Spring context and exercises multiple layers together (here @SpringBootTest against a real Postgres container).
  • Lombok — A library that generates boilerplate (getters, constructors) from annotations at compile time.
  • MADR (Markdown ADR) — The lightweight ADR template format used in docs/adr/.
  • Slice test — A test that loads only one layer of the context (for example @DataJpaTest for the persistence layer).
  • Smoke test — A minimal test that the application context starts at all (LearnDevApplicationTests).
  • Surefire — The Maven plugin that runs *Test/*Tests unit and integration tests in the test phase. All tests here run under Surefire.
  • Testcontainers — A library that starts throwaway Docker/Podman containers for tests; used to run a real PostgreSQL (see ADR-0006).
  • Ryuk — Testcontainers' companion container that cleans up resources; disabled under Podman in this project.
  • YAGNI (You Aren't Gonna Need It) — The principle of not building features until they are actually needed (for example deferring the SUPERADMIN role).

Infrastructure and process

  • Docker Compose — Declarative multi-container orchestration; here it runs Postgres and Mongo. docker on the dev machine is Podman.
  • GitButler — The version-control tool wrapping Git; used via the but CLI when the current branch is gitbutler/workspace.
  • Podman — A daemonless container engine, used as the docker drop-in.
  • Spring profile — A named configuration set (for example dev) selecting profile-specific properties and Liquibase contexts.
  • Thymeleaf — The server-side HTML template engine. Its Spring Security dialect (sec: namespace) exposes the authenticated user to templates.

Certification

  • CCP (Certificat de Competences Professionnelles) — A competency block of a French Titre Professionnel; the DWWM has a front-end and a back-end CCP.
  • DWWM (Developpeur Web et Web Mobile) — The French Titre Professionnel this capstone targets.
  • REAC (Referentiel Emploi Activites Competences) — The official competency reference framework defining what the certification assesses.