refactor: move createPerson logic into PersonService

Controller was directly calling personRepository.save() for person creation. Extracted into PersonService.createPerson() to enforce Controller → Service → Repository layering. Also documented the layering rules in CLAUDE.md. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 08:28:30 +01:00
parent 6b5c78f789
commit 97e5255d7f
3 changed files with 25 additions and 6 deletions
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -89,6 +89,20 @@ Database migrations live in `src/main/resources/db/migration/` (Flyway). Configu

 Authentication: form login → backend sets session → `auth_token` cookie → hooks.server.ts injects into all backend requests.

+### Backend Layering Rules
+
+Strict layering must be respected at all times:
+
+```
+Controller → Service → Repository → DB
+```
+
+- **Controllers** must never inject or call repositories directly. All business logic goes through a service.
+- **Services** must never reach into another domain's repository directly. If Service A needs data owned by domain B, it calls Service B — not Repository B.
+  - ✅ `DocumentService` → `PersonService.findById()` → `PersonRepository`
+  - ❌ `DocumentService` → `PersonRepository` (bypasses the service layer)
+- This keeps domain boundaries clear and business logic testable in isolation.
+
 ### Key Design Patterns

 - **Search**: `DocumentSpecifications` (Spring Data JPA Specification pattern) enables composable, dynamic query building for the document search endpoint