feat: exam actions and data safety fixes

src/modules/questions/actions.ts

@@ -5,8 +5,6 @@ import { questions, questionsToKnowledgePoints } from "@/shared/db/schema";
 import { CreateQuestionInput, CreateQuestionSchema } from "./schema";
 import { ActionState } from "@/shared/types/action-state";
 import { revalidatePath } from "next/cache";
-import { ZodError } from "zod";
-import { eq } from "drizzle-orm";
 import { createId } from "@paralleldrive/cuid2";
 
 // --- Mock Auth Helper (Replace with actual Auth.js call) ---
@@ -29,8 +27,10 @@ async function ensureTeacher() {
 
 // --- Recursive Insert Helper ---
 // We pass 'tx' to ensure all operations run within the same transaction
+type Tx = Parameters<Parameters<typeof db.transaction>[0]>[0]
+
 async function insertQuestionWithRelations(
-  tx: any, // using any or strict Drizzle Transaction type if imported
+  tx: Tx,
   input: CreateQuestionInput,
   authorId: string,
   parentId: string | null = null
@@ -81,14 +81,14 @@ export async function createNestedQuestion(
     // If formData is actual FormData, we need to convert it. 
     // For complex nested structures, frontend usually sends JSON string or pure JSON object if using `useServerAction` with arguments.
     // Here we assume the client might send a raw object (if using direct function call) or we parse FormData.
-    let rawInput: any = formData;
+    let rawInput: unknown = formData;
     
     if (formData instanceof FormData) {
        // Parsing complex nested JSON from FormData is messy. 
        // We assume one field 'data' contains the JSON, or we expect direct object usage (common in modern Next.js RPC).
        const jsonString = formData.get("json");
        if (typeof jsonString === "string") {
-         rawInput = JSON.parse(jsonString);
+         rawInput = JSON.parse(jsonString) as unknown;
        } else {
          return { success: false, message: "Invalid submission format. Expected JSON." };
        }