Feat/implement issues 247 268

[ElioNeto]

📝 Description

Implementation of 12 GitHub issues (bugs + features) addressing critical security, persistence, performance, and HTTP server integration problems, plus silent error handling fixes in production.

🎯 Type of Change

• ✨ New feature (feat:)
• 🐛 Bug fix (fix:)
• 📝 Documentation (docs:)
• ⚡ Performance improvement (perf:)
• ✅ Tests (test:)

🔍 What Changed?

🌐 HTTP / API

• CORS ([BUG] CORS: actix-cors dependency presente mas não configurada no servidor #247): actix-cors middleware configured via CORS_ENABLED and CORS_ORIGINS env vars. Supports specific origins or permissive mode. Registered before auth middleware for OPTIONS preflight.
• Rate Limiter Proxy ([BUG] Rate limiter não suporta proxy reverso — X-Forwarded-For ignorado #262): get_client_ip() extracts X-Forwarded-For header with fallback to peer_addr(). Added parse_x_forwarded_for() for multi-IP header parsing with unit tests.
• Token Persistence ([BUG] Token store in-memory — tokens são perdidos no restart do servidor #260): TokenManager now loads tokens from the engine (__token: prefix) on startup and persists create/revoke operations. Tokens survive server restarts.
• Permission Checks ([BUG] Nenhum handler verifica permissões — validate_token() só valida, não autoriza #261): require_permission() guard added to all HTTP handlers: Read (GET), Write (PUT), Delete (DELETE), Admin (/admin/*). Health endpoints remain auth-free.
• Access Control ([BUG] Access Control — módulo experimental sem integração no servidor HTTP #249): Actix-web middleware evaluating AccessControl policies by principal, operation, and resource key. Configurable via ACCESS_CONTROL_ENABLED env var.

🗄️ Storage Engine

• TTL Persistence ([BUG] TTL perdido no flush — expiry não persiste na SSTable #267): expires_at metadata preserved across flush and restart via __ttl:{key} side-table in the engine. get_cf() and scan_cf() check expiry even after engine restart.
• Transaction Read-Your-Writes ([BUG] Transaction sem read-your-writes — leituras não veem escritas não-commitadas #268): Transaction now has a write_buffer: HashMap<Vec<u8>, Option<Vec<u8>>>. get() checks the buffer before the engine. set(), delete(), commit(), rollback() updated accordingly. 5 new unit tests.

🔒 Error Handling Hardening

• prefix compression debug_assert! ([BUG] prefix compression: debug_assert! permite truncamento silencioso em release #263): Converted to Err(LsmError::InvalidArgument) — release builds no longer silently truncate values >255 bytes.
• prefix compression panic! ([BUG] prefix compression: panic! em decode_keys corrompe dados e crasha o processo #264): Replaced with Err(LsmError::CorruptedData) in decode_keys — corrupted data no longer crashes the process.
• Poisoned Mutex Cache ([BUG] Poisoned mutex recovery no cache pode mascarar bugs silenciosamente #266): Replaced std::sync::Mutex with parking_lot::Mutex in GlobalBlockCache — no poison recovery, no risk of masking panics.

🔍 Observability / Tooling

• Data Scrubber CRC32 ([FEATURE] Data Scrubber — verificação de integridade sem CRC32, sem integração com engine #250): scrub_file() now validates CRC32 for every data block. ScrubResult with detailed statistics (total/corrupt blocks and bytes). scrub_with_version_set() detects orphan files and orphan tables. 7 new tests.
• TLS ([FEATURE] TLS/HTTPS — suporte nativo a conexões seguras (actix-web rustls) #248): Documented as a future enhancement — reverse proxy (nginx/caddy) recommended for now.

⚙️ Testing

• All tests pass locally (cargo test --all-features) — 435 tests, 0 failures
• Ran cargo fmt --all — clean
• Ran cargo clippy --all-targets --all-features -- -D warnings — clean
• Added/updated tests: 29 new (CORS 4, rate_limiter 4, access_control 9, scrubber 7, transaction 5)
• Manually validated via integration test suite

📚 Related Issues

• Closes [BUG] CORS: actix-cors dependency presente mas não configurada no servidor #247
• Closes [FEATURE] TLS/HTTPS — suporte nativo a conexões seguras (actix-web rustls) #248
• Closes [BUG] Access Control — módulo experimental sem integração no servidor HTTP #249
• Closes [FEATURE] Data Scrubber — verificação de integridade sem CRC32, sem integração com engine #250
• Closes [BUG] Token store in-memory — tokens são perdidos no restart do servidor #260
• Closes [BUG] Nenhum handler verifica permissões — validate_token() só valida, não autoriza #261
• Closes [BUG] Rate limiter não suporta proxy reverso — X-Forwarded-For ignorado #262
• Closes [BUG] prefix compression: debug_assert! permite truncamento silencioso em release #263
• Closes [BUG] prefix compression: panic! em decode_keys corrompe dados e crasha o processo #264
• Closes [BUG] Poisoned mutex recovery no cache pode mascarar bugs silenciosamente #266
• Closes [BUG] TTL perdido no flush — expiry não persiste na SSTable #267
• Closes [BUG] Transaction sem read-your-writes — leituras não veem escritas não-commitadas #268

❗ Version Bump

• Patch bump (default, auto-applied)
• Minor bump
• Major bump

✅ Checklist

• Code follows project conventions
• Documentation updated (README.md benchmarks + configs)
• CHANGELOG entry added
• Breaking changes documented (if any)
• Ready to merge to main and auto-release