feat: add content to assignment controller

[MmagdyHafezZ]

PR Description

Overview:

Type of Issue:

• Feature (feat): New functionality or feature added.
• Bug Fix (bug): Issue or bug resolved.
• Chore (chore): Maintenance, refactoring, or non-functional changes.
• Documentation Update (doc): Documentation improvements or additions.

Change Type:

• Major: Significant changes that introduce new features, large refactoring, or breaking changes. Requires thorough review and testing.
• Minor: Small to medium changes, such as adding new functionality that is backward-compatible or minor refactoring. Moderate review needed.
• Patch: Bug fixes, small tweaks, or documentation updates. Light review is sufficient.

Test Coverage

• Unit tests updated
• Manual verification done

Evidence:

Impact / Risk

Rollback

Reviewer Focus

[ibm-mend-app]

Mend Code Security Check

New finding (1 of 2)

The Mend Code Security Check of your branch failed because of a Log Forging finding in this line.

Severity	Vulnerability Type	CWE	File	Data Flows	Detected
Low	Log Forging	CWE-117	admin.service.ts:2094	1	2025-11-19 10:46pm
Vulnerable Code mark/apps/api/src/api/admin/admin.service.ts Lines 2089 to 2094 in eae87a3 if (!existingAssignment) { throw new NotFoundException(`Assignment with Id ${id} not found.`); } if (existingAssignment._count.questions > 0) { this.logger.warn( 1 Data Flow/s detected mark/apps/api/src/api/admin/admin.controller.ts Line 174 in eae87a3 addContentToAssignment( mark/apps/api/src/api/admin/admin.controller.ts Line 179 in eae87a3 return this.adminService.addContentToAssignment( mark/apps/api/src/api/admin/admin.service.ts Line 2071 in eae87a3 async addContentToAssignment( mark/apps/api/src/api/admin/admin.service.ts Line 2076 in eae87a3 const { assignment, config, gradingCriteria, questions } = mark/apps/api/src/api/admin/admin.service.ts Line 2079 in eae87a3 const result = await this.prisma.$transaction(async (tx) => { mark/apps/api/src/api/admin/admin.service.ts Line 2095 in eae87a3 `Assignment ${id} already has ${existingAssignment._count.questions} questions. Adding ${questions.length} more.`, mark/apps/api/src/api/admin/admin.service.ts Line 2094 in eae87a3 this.logger.warn( Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Log Forging Training ● Videos    ▪ Secure Code Warrior Log Forging Video ● Further Reading    ▪ OWASP Log Forging 🏴 Suppress Finding ... as False Alarm ... as Acceptable Risk

[ibm-mend-app]

Mend Code Security Check

New finding (2 of 2)

The Mend Code Security Check of your branch failed because of a Log Forging finding in this line.

Severity	Vulnerability Type	CWE	File	Data Flows	Detected
Low	Log Forging	CWE-117	admin.service.ts:2141	1	2025-11-19 10:46pm
Vulnerable Code mark/apps/api/src/api/admin/admin.service.ts Lines 2136 to 2141 in eae87a3 where: { assignmentId: id }, orderBy: { id: "asc" }, }); createdQuestions.push(...fetchedQuestions); this.logger.log( 1 Data Flow/s detected mark/apps/api/src/api/admin/admin.controller.ts Line 174 in eae87a3 addContentToAssignment( mark/apps/api/src/api/admin/admin.controller.ts Line 179 in eae87a3 return this.adminService.addContentToAssignment( mark/apps/api/src/api/admin/admin.service.ts Line 2071 in eae87a3 async addContentToAssignment( mark/apps/api/src/api/admin/admin.service.ts Line 2076 in eae87a3 const { assignment, config, gradingCriteria, questions } = mark/apps/api/src/api/admin/admin.service.ts Line 2079 in eae87a3 const result = await this.prisma.$transaction(async (tx) => { mark/apps/api/src/api/admin/admin.service.ts Line 2142 in eae87a3 `Successfully added ${questions.length} questions to assignment ${id}`, mark/apps/api/src/api/admin/admin.service.ts Line 2141 in eae87a3 this.logger.log( Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Log Forging Training ● Videos    ▪ Secure Code Warrior Log Forging Video ● Further Reading    ▪ OWASP Log Forging 🏴 Suppress Finding ... as False Alarm ... as Acceptable Risk