Add versioned DB migration system with automatic backup

migrations.py - schema_migrations table tracks applied versions (version, description, applied_at) - MIGRATIONS list is append-only; each entry is (version, description, sql) - backup() dumps all user-data tables to a timestamped JSON file in backups/ before any schema changes so data can be recovered if something goes wrong - run_migrations() is idempotent: already-applied versions are skipped Integration - app.py calls _run_startup_migrations() at module load so every restart applies any pending migrations (no-op if schema is current) - setup_routes.py calls run_migrations() after the initial setup form is submitted so all tables exist before the user hits the main page for the first time - notes.py and admin.py: removed all per-request CREATE TABLE DDL; schema is now owned entirely by the migration system Docker - docker-compose.dev.yml: add backups-data volume so JSON backups survive container restarts and rebuilds - Dockerfile: pre-create /app/backend/logs and /app/backend/backups so the directories exist even before volumes are mounted Adding future schema changes - Append a new (version, description, sql) tuple to MIGRATIONS in migrations.py - The next restart will detect it as pending, back up first, then apply it Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-06 10:27:11 +02:00
parent 20cdbd69eb
commit 9db922703b
7 changed files with 202 additions and 75 deletions
@@ -6,35 +6,6 @@ from auth.token import verify_token

 notes_blueprint = Blueprint('notes_tool', __name__)

-# Module-level flag: DDL runs at most once per process lifetime.
-# Resets automatically on worker restart, which re-triggers the check.
-_table_ready = False
-
-
-def _ensure_table():
-    global _table_ready
-    if _table_ready:
-        return
-    conn = get_connection()
-    try:
-        cursor = conn.cursor()
-        cursor.execute("""
-            CREATE TABLE IF NOT EXISTS notes (
-                id INT AUTO_INCREMENT PRIMARY KEY,
-                user_id INT NOT NULL,
-                title VARCHAR(255) NOT NULL,
-                content TEXT,
-                language VARCHAR(50) DEFAULT 'text',
-                created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
-                updated_at DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
-            )
-        """)
-        conn.commit()
-        cursor.close()
-        _table_ready = True
-    finally:
-        conn.close()
-

@notes_blueprint.route('/api/notes', methods=['GET'])
 def get_notes():
@@ -42,12 +13,12 @@ def get_notes():
    if not user:
        return jsonify({"message": "Nicht autorisiert"}), 401
    try:
-        _ensure_table()
        conn = get_connection()
        try:
            cursor = conn.cursor(dictionary=True)
            cursor.execute(
-                "SELECT id, title, content, language, created_at, updated_at FROM notes WHERE user_id = %s ORDER BY updated_at DESC",
+                "SELECT id, title, content, language, created_at, updated_at "
+                "FROM notes WHERE user_id = %s ORDER BY updated_at DESC",
                (user['id'],)
            )
            notes = cursor.fetchall()
@@ -71,7 +42,6 @@ def create_note():
    if not user:
        return jsonify({"message": "Nicht autorisiert"}), 401
    try:
-        _ensure_table()
        data = request.get_json(silent=True) or {}
        title = data.get("title", "Neue Notiz").strip() or "Neue Notiz"
        content = data.get("content", "")
@@ -103,7 +73,6 @@ def update_note(note_id):
    if not user:
        return jsonify({"message": "Nicht autorisiert"}), 401
    try:
-        _ensure_table()
        data = request.get_json(silent=True) or {}
        title = data.get("title", "").strip() or "Neue Notiz"
        content = data.get("content", "")
@@ -116,7 +85,8 @@ def update_note(note_id):
        try:
            cursor = conn.cursor()
            cursor.execute(
-                "UPDATE notes SET title=%s, content=%s, language=%s, updated_at=%s WHERE id=%s AND user_id=%s",
+                "UPDATE notes SET title=%s, content=%s, language=%s, updated_at=%s "
+                "WHERE id=%s AND user_id=%s",
                (title, content, language, now, note_id, user['id'])
            )
            conn.commit()
@@ -139,7 +109,6 @@ def delete_note(note_id):
    if not user:
        return jsonify({"message": "Nicht autorisiert"}), 401
    try:
-        _ensure_table()
        conn = get_connection()
        try:
            cursor = conn.cursor()