FEAT-59 — Structured Notes System

Status

• In Progress

Objective

Provide authenticated users with a structured notes workspace that can:

• create/edit/archive user-owned notes;
• attach typed references to documents, courses, and institutions;
• preserve document access-state snapshots;
• track note and reference deadlines/reminders;
• persist note card coordinates for canvas mode.

Backend Coverage

• Added protected notes module under backend/src/notes.
• Added guarded endpoints:
  • GET /notes
  • POST /notes
  • GET /notes/:id
  • PATCH /notes/:id
  • DELETE /notes/:id (soft delete)
  • POST /notes/:id/references
  • PATCH /notes/:id/references/:referenceId
  • DELETE /notes/:id/references/:referenceId (archive)
  • PATCH /notes/:id/canvas
• Enforced user ownership from secure cookie auth context (request.user.user_id).

Database Coverage

• Added migration 202605021540_add_structured_notes_tables:
  • structured_notes
  • structured_note_references
  • structured_note_canvas_items
• Migration uses additive schema operations with guarded indexes and check constraints.

Frontend Coverage

• Added /notes feature route and structured notes page.
• Added quick-add controls from:
  • document detail;
  • course detail;
  • institution detail.
• Added Notes navigation item in app sidebar.

Security Notes

• No API accepts arbitrary user_id in request bodies.
• All notes endpoints require auth guard.
• Reference resolution supports slug-based linking and validates target existence.
• Locked/paid/premium document references are stored as references only; they do not grant content access.

Canonical Feature Document

Implementation and QA requirements are tracked in:

• docs/features/FEAT-59-Structured-Notes-System.md