From 2aef9699d72c2820e306ff9752795c8cf9f8ac12 Mon Sep 17 00:00:00 2001
From: Marwan <marwan.yousef@mail.utoronto.ca>
Date: Sat, 4 Apr 2026 04:48:53 -0400
Subject: [PATCH 1/2] linting

---
 .../sessions/[sessionId]/questions/route.ts   |   4 +-
 src/app/api/sessions/[sessionId]/route.ts     |   2 +-
 src/app/room/classChat/ChatHeader.tsx         | 212 ++++++++--------
 src/app/room/classChat/ChatInput.tsx          | 139 +++++++----
 src/app/room/classChat/ManageTAsModal.tsx     | 231 ++++++++++++++++++
 src/app/room/classChat/index.tsx              |  44 +++-
 src/lib/questionValidation.ts                 |   9 +-
 src/lib/redisKeys.ts                          |   7 +-
 src/socket/handlers/questionHandlers.ts       |  48 ++--
 9 files changed, 509 insertions(+), 187 deletions(-)
 create mode 100644 src/app/room/classChat/ManageTAsModal.tsx

diff --git a/src/app/api/sessions/[sessionId]/questions/route.ts b/src/app/api/sessions/[sessionId]/questions/route.ts
index b46e398..7c60e28 100644
--- a/src/app/api/sessions/[sessionId]/questions/route.ts
+++ b/src/app/api/sessions/[sessionId]/questions/route.ts
@@ -210,8 +210,8 @@ export async function POST(request: NextRequest, { params }: RouteParams) {
       return NextResponse.json({ error: sessionValidation.error }, { status: statusCode });
     }
 
-    // 7. Check rate limit using shared validation
-    const isRateLimited = await checkQuestionRateLimit(authorId);
+    // 7. Check rate limit using shared validation (scoped to this session)
+    const isRateLimited = await checkQuestionRateLimit(authorId, sessionId);
     if (isRateLimited) {
       return NextResponse.json(
         { error: "Rate limit exceeded. Please wait before asking another question." },
diff --git a/src/app/api/sessions/[sessionId]/route.ts b/src/app/api/sessions/[sessionId]/route.ts
index 6fc1831..a828def 100644
--- a/src/app/api/sessions/[sessionId]/route.ts
+++ b/src/app/api/sessions/[sessionId]/route.ts
@@ -52,7 +52,7 @@ export async function GET(_req: Request, { params }: RouteParams) {
       }
     }
 
-    return NextResponse.json({ status: session.status });
+    return NextResponse.json({ status: session.status, courseId: session.courseId });
   } catch (error) {
     console.error("[Sessions API] Failed to fetch session status:", error);
     return NextResponse.json({ error: "An error occurred." }, { status: 500 });
diff --git a/src/app/room/classChat/ChatHeader.tsx b/src/app/room/classChat/ChatHeader.tsx
index 07ec92c..6513aa2 100644
--- a/src/app/room/classChat/ChatHeader.tsx
+++ b/src/app/room/classChat/ChatHeader.tsx
@@ -3,14 +3,15 @@
 import { Input } from "@/components/ui/input";
 import { useContext, useState } from "react";
 import {
-  ArrowLeft,
   PanelRightClose,
   Users,
   GraduationCap,
   Search,
   X,
   ArrowBigRight,
+  UserPlus,
 } from "lucide-react";
+import ManageTAsModal from "./ManageTAsModal";
 import { useMediaQuery } from "@/hooks/use-media-query";
 import { SlideUpdateContext } from "../SlideUpdateContext";
 import type { Role } from "@/utils/types";
@@ -67,114 +68,129 @@ export default function ChatHeader({
 }: ChatHeaderProps) {
   const { sessionTitle } = useRoom();
   const [isSearchExpanded, setIsSearchExpanded] = useState(false);
+  const [showTAModal, setShowTAModal] = useState(false);
 
   return (
-    <div className="flex flex-col border-b bg-stone-50 sticky top-0 z-10">
-      <header className="pl-2 pr-4 py-2 flex items-center justify-between gap-2 min-h-[56px]">
-        {isSearchExpanded ? (
-          <div className="flex-1 flex items-center gap-2 w-full animate-in fade-in zoom-in-95 duration-200">
-            <div className="relative flex-1">
-              <Search className="absolute left-2.5 top-1/2 -translate-y-1/2 h-3.5 w-3.5 text-stone-400 pointer-events-none" />
-              <Input
-                autoFocus
-                className="h-9 pl-8 pr-7 bg-stone-200 focus-visible:ring-0 focus-visible:border-stone-400 text-sm text-stone-500 placeholder:text-stone-500 w-full"
-                placeholder="Search questions & answers…"
-                value={searchQuery}
-                onChange={(e) => onSearchChange(e.target.value)}
-                onBlur={() => {
-                  if (!searchQuery) setIsSearchExpanded(false);
-                }}
-              />
-              {searchQuery && (
-                <button
-                  onMouseDown={(e) => e.preventDefault()}
-                  onClick={() => {
-                    onSearchChange("");
+    <>
+      <div className="flex flex-col border-b bg-stone-50 sticky top-0 z-10">
+        <header className="pl-2 pr-4 py-2 flex items-center justify-between gap-2 min-h-[56px]">
+          {isSearchExpanded ? (
+            <div className="flex-1 flex items-center gap-2 w-full animate-in fade-in zoom-in-95 duration-200">
+              <div className="relative flex-1">
+                <Search className="absolute left-2.5 top-1/2 -translate-y-1/2 h-3.5 w-3.5 text-stone-400 pointer-events-none" />
+                <Input
+                  autoFocus
+                  className="h-9 pl-8 pr-7 bg-stone-200 focus-visible:ring-0 focus-visible:border-stone-400 text-sm text-stone-500 placeholder:text-stone-500 w-full"
+                  placeholder="Search questions & answers…"
+                  value={searchQuery}
+                  onChange={(e) => onSearchChange(e.target.value)}
+                  onBlur={() => {
+                    if (!searchQuery) setIsSearchExpanded(false);
                   }}
-                  className="absolute right-2 top-1/2 -translate-y-1/2 text-stone-400 hover:text-stone-700 transition-colors"
-                  aria-label="Clear search"
-                >
-                  <X className="h-3.5 w-3.5" />
-                </button>
-              )}
-            </div>
-            <button
-              onClick={() => {
-                onSearchChange("");
-                setIsSearchExpanded(false);
-              }}
-              className="text-sm font-medium text-stone-500 hover:text-stone-900 px-2 shrink-0 transition-colors"
-            >
-              Cancel
-            </button>
-          </div>
-        ) : (
-          <>
-            <div className="flex items-center gap-2 shrink-0 animate-in fade-in duration-200">
-              <SlideToggle />
-              {sessionTitle && (
-                <h1 className="text-xl font-bold truncate max-w-[140px] sm:max-w-xs">
-                  {sessionTitle}
-                </h1>
-              )}
-            </div>
-
-            <div className="flex items-center gap-2 shrink-0 animate-in fade-in duration-200">
-              <button
-                onClick={() => setIsSearchExpanded(true)}
-                className={`w-9 h-9 flex items-center justify-center rounded-md transition-colors ${
-                  searchQuery
-                    ? "bg-stone-800 text-stone-50 hover:bg-stone-700"
-                    : "bg-stone-200 text-stone-600 hover:bg-stone-300"
-                }`}
-                aria-label="Search"
-              >
-                <Search className="w-4 h-4" />
+                />
                 {searchQuery && (
-                  <span className="absolute top-1.5 right-1.5 w-2 h-2 rounded-full bg-green-500" />
+                  <button
+                    onMouseDown={(e) => e.preventDefault()}
+                    onClick={() => {
+                      onSearchChange("");
+                    }}
+                    className="absolute right-2 top-1/2 -translate-y-1/2 text-stone-400 hover:text-stone-700 transition-colors"
+                    aria-label="Clear search"
+                  >
+                    <X className="h-3.5 w-3.5" />
+                  </button>
                 )}
+              </div>
+              <button
+                onClick={() => {
+                  onSearchChange("");
+                  setIsSearchExpanded(false);
+                }}
+                className="text-sm font-medium text-stone-500 hover:text-stone-900 px-2 shrink-0 transition-colors"
+              >
+                Cancel
               </button>
+            </div>
+          ) : (
+            <>
+              <div className="flex items-center gap-2 shrink-0 animate-in fade-in duration-200">
+                <SlideToggle />
+                {sessionTitle && (
+                  <h1 className="text-xl font-bold truncate max-w-[140px] sm:max-w-xs">
+                    {sessionTitle}
+                  </h1>
+                )}
+              </div>
 
-              {/* Answer mode toggle — professors only */}
-              {role === "PROFESSOR" && (
+              <div className="flex items-center gap-2 shrink-0 animate-in fade-in duration-200">
                 <button
-                  onClick={onToggleAnswerMode}
-                  title={
-                    answerMode === "all"
-                      ? "Anyone can answer — click to restrict to TAs/Professors"
-                      : "TAs/Professors only — click to allow everyone"
-                  }
-                  className={`flex items-center gap-1.5 h-9 px-3 rounded-md text-sm font-medium transition-colors shrink-0 cursor-pointer ${
-                    answerMode === "all"
-                      ? "bg-green-100 text-green-700 hover:bg-green-200"
-                      : "bg-amber-100 text-amber-700 hover:bg-amber-200"
+                  onClick={() => setIsSearchExpanded(true)}
+                  className={`w-9 h-9 flex items-center justify-center rounded-md transition-colors ${
+                    searchQuery
+                      ? "bg-stone-800 text-stone-50 hover:bg-stone-700"
+                      : "bg-stone-200 text-stone-600 hover:bg-stone-300"
                   }`}
+                  aria-label="Search"
                 >
-                  {answerMode === "all" ? (
-                    <>
-                      <Users className="w-3.5 h-3.5" />
-                      Anyone
-                    </>
-                  ) : (
-                    <>
-                      <GraduationCap className="w-3.5 h-3.5" />
-                      TAs only
-                    </>
+                  <Search className="w-4 h-4" />
+                  {searchQuery && (
+                    <span className="absolute top-1.5 right-1.5 w-2 h-2 rounded-full bg-green-500" />
                   )}
                 </button>
-              )}
-              <Link
-                href="/"
-                aria-label="Back to home"
-                className="inline-flex items-center gap-1.5 rounded-md h-9 px-3 text-sm font-medium text-stone-700 bg-stone-200 hover:bg-stone-300 transition-colors"
-              >
-                Back
-                <ArrowBigRight className="w-4 h-4" />
-              </Link>
-            </div>
-          </>
-        )}
-      </header>
-    </div>
+
+                {/* Answer mode toggle — professors only */}
+                {role === "PROFESSOR" && (
+                  <button
+                    onClick={onToggleAnswerMode}
+                    title={
+                      answerMode === "all"
+                        ? "Anyone can answer — click to restrict to TAs/Professors"
+                        : "TAs/Professors only — click to allow everyone"
+                    }
+                    className={`flex items-center gap-1.5 h-9 px-3 rounded-md text-sm font-medium transition-colors shrink-0 cursor-pointer ${
+                      answerMode === "all"
+                        ? "bg-green-100 text-green-700 hover:bg-green-200"
+                        : "bg-amber-100 text-amber-700 hover:bg-amber-200"
+                    }`}
+                  >
+                    {answerMode === "all" ? (
+                      <>
+                        <Users className="w-3.5 h-3.5" />
+                        Anyone
+                      </>
+                    ) : (
+                      <>
+                        <GraduationCap className="w-3.5 h-3.5" />
+                        TAs only
+                      </>
+                    )}
+                  </button>
+                )}
+                {role === "PROFESSOR" && (
+                  <button
+                    onClick={() => setShowTAModal(true)}
+                    title="Manage TAs"
+                    className="w-9 h-9 flex items-center justify-center rounded-md text-stone-600 bg-stone-200 hover:bg-stone-300 transition-colors shrink-0"
+                    aria-label="Manage TAs"
+                  >
+                    <UserPlus className="w-4 h-4" />
+                  </button>
+                )}
+                <Link
+                  href="/"
+                  aria-label="Back to home"
+                  className="inline-flex items-center gap-1.5 rounded-md h-9 px-3 text-sm font-medium text-stone-700 bg-stone-200 hover:bg-stone-300 transition-colors"
+                >
+                  Back
+                  <ArrowBigRight className="w-4 h-4" />
+                </Link>
+              </div>
+            </>
+          )}
+        </header>
+      </div>
+
+      {showTAModal && <ManageTAsModal onClose={() => setShowTAModal(false)} />}
+    </>
   );
 }
diff --git a/src/app/room/classChat/ChatInput.tsx b/src/app/room/classChat/ChatInput.tsx
index b7088a7..7a0b798 100644
--- a/src/app/room/classChat/ChatInput.tsx
+++ b/src/app/room/classChat/ChatInput.tsx
@@ -1,8 +1,8 @@
 "use client";
 
-import { useState } from "react";
+import { useState, useEffect } from "react";
 import { Textarea } from "@/components/ui/textarea";
-import { Ghost, User, Send } from "lucide-react";
+import { Ghost, User, Send, Clock } from "lucide-react";
 
 const MIN_LENGTH = 5;
 
@@ -13,6 +13,8 @@ interface ChatInputProps {
   onClearError?: () => void;
   isAnonymous: boolean;
   onAnonymousChange: (val: boolean) => void;
+  timeoutUntil?: number | null;
+  onTimeoutExpired?: () => void;
 }
 
 export default function ChatInput({
@@ -22,9 +24,40 @@ export default function ChatInput({
   onClearError,
   isAnonymous,
   onAnonymousChange,
+  timeoutUntil,
+  onTimeoutExpired,
 }: ChatInputProps) {
   const [content, setContent] = useState("");
   const [localError, setLocalError] = useState<string | null>(null);
+  const [secsLeft, setSecsLeft] = useState<number>(0);
+
+  // Derived from secsLeft (managed by the effect below) so Date.now() is never
+  // called directly during render, keeping the component pure.
+  // Also guard on timeoutUntil being set so a stale secsLeft value from a
+  // previous timeout doesn't incorrectly mark the input as timed-out.
+  const isTimedOut = !!timeoutUntil && secsLeft > 0;
+
+  useEffect(() => {
+    if (!timeoutUntil) return;
+
+    const update = () => {
+      const remaining = Math.ceil((timeoutUntil - Date.now()) / 1000);
+      if (remaining <= 0) {
+        setSecsLeft(0);
+        onTimeoutExpired?.();
+      } else {
+        setSecsLeft(remaining);
+      }
+    };
+
+    update();
+    const id = setInterval(update, 1000);
+    return () => clearInterval(id);
+  }, [timeoutUntil, onTimeoutExpired]);
+
+  const mins = Math.floor(secsLeft / 60);
+  const secs = secsLeft % 60;
+  const countdownLabel = `${mins}:${String(secs).padStart(2, "0")}`;
 
   const error = serverError ?? localError;
 
@@ -36,7 +69,7 @@ export default function ChatInput({
 
   const handleSubmit = () => {
     const trimmed = content.trim();
-    if (disabled) return;
+    if (disabled || isTimedOut) return;
     if (!trimmed) return;
     if (trimmed.length < MIN_LENGTH) {
       setLocalError(`Question must be at least ${MIN_LENGTH} characters.`);
@@ -59,51 +92,63 @@ export default function ChatInput({
       <div className="absolute inset-0 bg-background backdrop-blur-xl [mask-image:linear-gradient(to_top,black,transparent)]" />
       <div className="max-w-4xl mx-auto px-4 pt-20 pb-4 relative">
         <div className="flex flex-col gap-2 pointer-events-auto w-full">
-          <Textarea
-            placeholder={`Ask a question!\n(Shift+Enter for new line)`}
-            value={content}
-            onChange={handleChange}
-            onKeyDown={handleKeyDown}
-            disabled={disabled}
-            rows={3}
-            className={`resize-none min-h-[70px] focus-visible:ring-0 focus-visible:border-stone-400 ${
-              error ? "border-red-400 bg-red-50" : ""
-            }`}
-          />
-          <div className="flex items-center justify-between">
-            <div className="flex items-center gap-3">
-              <button
-                type="button"
-                onClick={() => onAnonymousChange(!isAnonymous)}
-                className={`flex items-center gap-1.5 h-9 px-3 rounded-md text-sm font-medium transition-colors cursor-pointer ${
-                  isAnonymous
-                    ? "bg-stone-800 hover:bg-stone-700 text-stone-50"
-                    : "bg-stone-200 hover:bg-stone-300 text-stone-700"
-                }`}
-              >
-                {isAnonymous ? (
-                  <>
-                    <Ghost className="w-4 h-4" />
-                    Anonymous
-                  </>
-                ) : (
-                  <>
-                    <User className="w-4 h-4" />
-                    Public
-                  </>
-                )}
-              </button>
-              {error && <p className="text-xs text-red-500">{error}</p>}
+          {isTimedOut ? (
+            <div className="flex items-center gap-3 rounded-lg border border-amber-200 bg-amber-50 px-4 py-3 text-sm text-amber-800">
+              <Clock className="w-4 h-4 shrink-0 text-amber-500" />
+              <span>
+                You&apos;re sending questions too quickly. You can ask again in{" "}
+                <span className="font-semibold tabular-nums">{countdownLabel}</span>.
+              </span>
             </div>
-            <button
-              onClick={handleSubmit}
-              disabled={disabled || !content.trim()}
-              className="flex items-center justify-center gap-1.5 h-9 px-4 bg-stone-900 hover:bg-stone-800 text-stone-50 rounded-md text-sm font-medium transition-colors disabled:opacity-50 disabled:cursor-not-allowed"
-            >
-              Post
-              <Send className="w-4 h-4" />
-            </button>
-          </div>
+          ) : (
+            <>
+              <Textarea
+                placeholder={`Ask a question!\n(Shift+Enter for new line)`}
+                value={content}
+                onChange={handleChange}
+                onKeyDown={handleKeyDown}
+                disabled={disabled}
+                rows={3}
+                className={`resize-none min-h-[70px] focus-visible:ring-0 focus-visible:border-stone-400 ${
+                  error ? "border-red-400 bg-red-50" : ""
+                }`}
+              />
+              <div className="flex items-center justify-between">
+                <div className="flex items-center gap-3">
+                  <button
+                    type="button"
+                    onClick={() => onAnonymousChange(!isAnonymous)}
+                    className={`flex items-center gap-1.5 h-9 px-3 rounded-md text-sm font-medium transition-colors cursor-pointer ${
+                      isAnonymous
+                        ? "bg-stone-800 hover:bg-stone-700 text-stone-50"
+                        : "bg-stone-200 hover:bg-stone-300 text-stone-700"
+                    }`}
+                  >
+                    {isAnonymous ? (
+                      <>
+                        <Ghost className="w-4 h-4" />
+                        Anonymous
+                      </>
+                    ) : (
+                      <>
+                        <User className="w-4 h-4" />
+                        Public
+                      </>
+                    )}
+                  </button>
+                  {error && <p className="text-xs text-red-500">{error}</p>}
+                </div>
+                <button
+                  onClick={handleSubmit}
+                  disabled={disabled || !content.trim()}
+                  className="flex items-center justify-center gap-1.5 h-9 px-4 bg-stone-900 hover:bg-stone-800 text-stone-50 rounded-md text-sm font-medium transition-colors disabled:opacity-50 disabled:cursor-not-allowed"
+                >
+                  Post
+                  <Send className="w-4 h-4" />
+                </button>
+              </div>
+            </>
+          )}
         </div>
       </div>
     </div>
diff --git a/src/app/room/classChat/ManageTAsModal.tsx b/src/app/room/classChat/ManageTAsModal.tsx
new file mode 100644
index 0000000..47dc636
--- /dev/null
+++ b/src/app/room/classChat/ManageTAsModal.tsx
@@ -0,0 +1,231 @@
+"use client";
+
+import { useEffect, useRef, useState } from "react";
+import { X, UserMinus, UserPlus, GraduationCap, Loader2 } from "lucide-react";
+import { useRoom } from "../RoomContext";
+
+interface TAEntry {
+  name: string;
+  utorid: string;
+}
+
+interface ManageTAsModalProps {
+  onClose: () => void;
+}
+
+export default function ManageTAsModal({ onClose }: ManageTAsModalProps) {
+  const { sessionId } = useRoom();
+
+  const [courseId, setCourseId] = useState<string | null>(null);
+  const [tas, setTas] = useState<TAEntry[]>([]);
+  const [loadingRoster, setLoadingRoster] = useState(true);
+  const [rosterError, setRosterError] = useState<string | null>(null);
+
+  const [utoridInput, setUtoridInput] = useState("");
+  const [adding, setAdding] = useState(false);
+  const [addError, setAddError] = useState<string | null>(null);
+  const [addSuccess, setAddSuccess] = useState<string | null>(null);
+
+  const [removingUtorid, setRemovingUtorid] = useState<string | null>(null);
+  const [removeError, setRemoveError] = useState<string | null>(null);
+
+  const inputRef = useRef<HTMLInputElement>(null);
+
+  // Resolve courseId from the session, then load TAs
+  useEffect(() => {
+    if (!sessionId) return;
+
+    async function load() {
+      setLoadingRoster(true);
+      setRosterError(null);
+      try {
+        const sessionRes = await fetch(`/api/sessions/${sessionId}`);
+        if (!sessionRes.ok) throw new Error("Could not load session.");
+        const sessionData = await sessionRes.json();
+        const cId: string = sessionData.courseId;
+        setCourseId(cId);
+
+        const rosterRes = await fetch(`/api/courses/${cId}/students`);
+        if (!rosterRes.ok) throw new Error("Could not load TA roster.");
+        const rosterData = await rosterRes.json();
+        setTas(rosterData.tas ?? []);
+      } catch (err) {
+        setRosterError(err instanceof Error ? err.message : "An error occurred.");
+      } finally {
+        setLoadingRoster(false);
+      }
+    }
+
+    load();
+  }, [sessionId]);
+
+  async function handleAdd() {
+    const utorid = utoridInput.trim().toLowerCase();
+    if (!utorid || !courseId) return;
+    setAdding(true);
+    setAddError(null);
+    setAddSuccess(null);
+    try {
+      const res = await fetch(`/api/courses/${courseId}/students`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ utorids: [utorid], role: "TA" }),
+      });
+      const data = await res.json();
+      if (!res.ok) {
+        setAddError(data.error ?? "Failed to add TA.");
+        return;
+      }
+      if (data.alreadyEnrolled?.includes(utorid)) {
+        setAddError(`${utorid} is already a TA or enrolled in this course.`);
+        return;
+      }
+      setUtoridInput("");
+      setAddSuccess(`${utorid} added as TA.`);
+      // Refresh TA list
+      const rosterRes = await fetch(`/api/courses/${courseId}/students`);
+      if (rosterRes.ok) {
+        const rosterData = await rosterRes.json();
+        setTas(rosterData.tas ?? []);
+      }
+      inputRef.current?.focus();
+    } catch {
+      setAddError("An error occurred. Please try again.");
+    } finally {
+      setAdding(false);
+    }
+  }
+
+  async function handleRemove(utorid: string) {
+    if (!courseId) return;
+    setRemovingUtorid(utorid);
+    setRemoveError(null);
+    setAddSuccess(null);
+    try {
+      const res = await fetch(`/api/courses/${courseId}/students`, {
+        method: "DELETE",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ utorid }),
+      });
+      if (!res.ok) {
+        const data = await res.json();
+        setRemoveError(data.error ?? "Failed to remove TA.");
+        return;
+      }
+      setTas((prev) => prev.filter((ta) => ta.utorid !== utorid));
+    } catch {
+      setRemoveError("An error occurred. Please try again.");
+    } finally {
+      setRemovingUtorid(null);
+    }
+  }
+
+  return (
+    <div
+      className="fixed inset-0 z-50 flex items-center justify-center bg-black/40"
+      onMouseDown={(e) => {
+        if (e.target === e.currentTarget) onClose();
+      }}
+    >
+      <div className="bg-white rounded-md shadow-xl border border-stone-200 w-full max-w-sm mx-4 overflow-hidden">
+        {/* Header */}
+        <div className="px-5 py-4 border-b border-stone-100 flex items-center justify-between">
+          <div className="flex items-center gap-2">
+            <GraduationCap className="w-4 h-4 text-stone-500" />
+            <h2 className="text-base font-bold text-stone-900">Manage TAs</h2>
+          </div>
+          <button
+            onClick={onClose}
+            className="w-7 h-7 flex items-center justify-center rounded-md text-stone-400 hover:text-stone-700 hover:bg-stone-100 transition-colors"
+            aria-label="Close"
+          >
+            <X className="w-4 h-4" />
+          </button>
+        </div>
+
+        {/* Add TA */}
+        <div className="px-5 pt-4 pb-3 border-b border-stone-100">
+          <p className="text-xs font-medium text-stone-500 mb-2">Add by UTORid</p>
+          <div className="flex gap-2">
+            <input
+              ref={inputRef}
+              type="text"
+              value={utoridInput}
+              onChange={(e) => {
+                setUtoridInput(e.target.value);
+                setAddError(null);
+                setAddSuccess(null);
+              }}
+              onKeyDown={(e) => {
+                if (e.key === "Enter") handleAdd();
+              }}
+              placeholder="e.g. smithj12"
+              className="flex-1 h-9 px-3 text-sm border border-stone-200 rounded-md bg-stone-50 focus:outline-none focus:border-stone-400 focus:bg-white transition-colors placeholder:text-stone-400"
+              disabled={adding}
+            />
+            <button
+              onClick={handleAdd}
+              disabled={adding || !utoridInput.trim()}
+              className="h-9 px-3 flex items-center gap-1.5 bg-green-100 hover:bg-green-200 text-green-700 rounded-md text-sm font-medium transition-colors disabled:opacity-50 disabled:cursor-not-allowed shrink-0"
+            >
+              {adding ? (
+                <Loader2 className="w-3.5 h-3.5 animate-spin" />
+              ) : (
+                <UserPlus className="w-3.5 h-3.5" />
+              )}
+              Add
+            </button>
+          </div>
+          {addError && <p className="mt-1.5 text-xs text-red-500">{addError}</p>}
+          {addSuccess && <p className="mt-1.5 text-xs text-green-600">{addSuccess}</p>}
+        </div>
+
+        {/* TA list */}
+        <div className="px-5 py-3">
+          <p className="text-xs font-medium text-stone-500 mb-2">
+            Current TAs{!loadingRoster && ` (${tas.length})`}
+          </p>
+
+          {loadingRoster ? (
+            <div className="space-y-2 py-1">
+              {[1, 2, 3].map((i) => (
+                <div key={i} className="h-8 bg-stone-100 rounded animate-pulse" />
+              ))}
+            </div>
+          ) : rosterError ? (
+            <p className="text-xs text-red-500 py-1">{rosterError}</p>
+          ) : tas.length === 0 ? (
+            <p className="text-xs text-stone-400 py-2">No TAs assigned yet.</p>
+          ) : (
+            <ul className="max-h-48 overflow-y-auto -mx-1 divide-y divide-stone-50">
+              {tas.map((ta) => (
+                <li key={ta.utorid} className="flex items-center justify-between gap-2 px-1 py-1.5">
+                  <div className="min-w-0">
+                    <span className="text-sm text-stone-800 font-medium truncate block">
+                      {ta.name}
+                    </span>
+                    <span className="text-xs text-stone-400">{ta.utorid}</span>
+                  </div>
+                  <button
+                    onClick={() => handleRemove(ta.utorid)}
+                    disabled={removingUtorid === ta.utorid}
+                    className="w-7 h-7 flex items-center justify-center rounded-md text-stone-400 hover:text-red-500 hover:bg-red-50 transition-colors disabled:opacity-40 shrink-0"
+                    aria-label={`Remove ${ta.utorid}`}
+                  >
+                    {removingUtorid === ta.utorid ? (
+                      <Loader2 className="w-3.5 h-3.5 animate-spin" />
+                    ) : (
+                      <UserMinus className="w-3.5 h-3.5" />
+                    )}
+                  </button>
+                </li>
+              ))}
+            </ul>
+          )}
+
+          {removeError && <p className="mt-1 text-xs text-red-500">{removeError}</p>}
+        </div>
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/room/classChat/index.tsx b/src/app/room/classChat/index.tsx
index d74c000..e1b20cf 100644
--- a/src/app/room/classChat/index.tsx
+++ b/src/app/room/classChat/index.tsx
@@ -113,7 +113,22 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
   const [globalIsAnonymous, setGlobalIsAnonymous] = useState(false);
   const [isLoading, setIsLoading] = useState(true);
   const [questionError, setQuestionError] = useState<string | null>(null);
+  const [timeoutUntil, setTimeoutUntil] = useState<number | null>(null);
   const [searchQuery, setSearchQuery] = useState("");
+
+  // Restore any active timeout from localStorage once userId is available.
+  // Professors and TAs are never subject to the question timeout.
+  useEffect(() => {
+    if (!userId || role === "PROFESSOR" || role === "TA") return;
+    const stored = localStorage.getItem(`question_timeout_${userId}_${sessionId}`);
+    if (!stored) return;
+    const ts = Number(stored);
+    if (ts > Date.now()) {
+      setTimeoutUntil(ts);
+    } else {
+      localStorage.removeItem(`question_timeout_${userId}_${sessionId}`);
+    }
+  }, [userId, sessionId, role]);
   const bottomRef = useRef<HTMLDivElement>(null);
   // Separate history that keeps deleted messages (marked as [deleted]) for the
   // session export. Never removes items — deletions are marked in-place.
@@ -354,8 +369,19 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
     };
 
     const onQuestionError = (payload: { message: string }) => {
-      console.error("[ClassChat] question:error", payload.message);
-      setQuestionError(payload.message);
+      const isRateLimit =
+        payload.message.toLowerCase().includes("question limit") ||
+        payload.message.toLowerCase().includes("rate limit");
+
+      if (isRateLimit && role !== "PROFESSOR" && role !== "TA") {
+        console.warn("[ClassChat] question:rate-limited — student timed out for 5 minutes");
+        const until = Date.now() + 5 * 60 * 1000;
+        localStorage.setItem(`question_timeout_${userId}_${sessionId}`, String(until));
+        setTimeoutUntil(until);
+        setQuestionError(null);
+      } else {
+        setQuestionError(payload.message);
+      }
     };
 
     const onQuestionDeleted = (payload: { questionId: string }) => {
@@ -417,7 +443,7 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
       socket.off("question:author:revealed", onQuestionAuthorRevealed);
       socket.off("answer:author:revealed", onAnswerAuthorRevealed);
     };
-  }, [socket, sessionId, chatHistoryRef]);
+  }, [socket, sessionId, chatHistoryRef, role, userId]);
 
   // Keep chatHistoryRef in sync whenever historyRef is updated via data load
   // or new questions/answers arriving (deletions update it inline above).
@@ -441,6 +467,7 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
 
   const handleSubmitQuestion = (content: string, isAnonymous: boolean) => {
     if (!socket) return;
+    if (timeoutUntil !== null && Date.now() < timeoutUntil) return;
     setQuestionError(null);
     socket.emit("question:create", { sessionId, content, isAnonymous });
   };
@@ -594,11 +621,7 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
                       post={q}
                       commentView={commentView}
                       onUpvote={() => handleUpvote(q.id)}
-                      onResolve={
-                        isInstructor || q.user?.id === userId
-                          ? () => handleResolve(q.id)
-                          : undefined
-                      }
+                      onResolve={isInstructor ? () => handleResolve(q.id) : undefined}
                       onUnresolve={isInstructor ? () => handleUnresolve(q.id) : undefined}
                       canAnswer={canAnswerGlobal || q.user?.id === userId}
                       onSubmitAnswer={(content) => handleSubmitAnswer(q.id, content)}
@@ -624,6 +647,11 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
         onClearError={() => setQuestionError(null)}
         isAnonymous={globalIsAnonymous}
         onAnonymousChange={setGlobalIsAnonymous}
+        timeoutUntil={timeoutUntil}
+        onTimeoutExpired={() => {
+          localStorage.removeItem(`question_timeout_${userId}_${sessionId}`);
+          setTimeoutUntil(null);
+        }}
       />
     </div>
   );
diff --git a/src/lib/questionValidation.ts b/src/lib/questionValidation.ts
index d09de4c..46367d1 100644
--- a/src/lib/questionValidation.ts
+++ b/src/lib/questionValidation.ts
@@ -90,10 +90,15 @@ export function validateVisibility(visibility: unknown): ValidationResult {
 /**
  * Checks whether the given user has exceeded the question rate limit
  * (10 questions per 60-second window).
+ * The counter is scoped to the session so a new session always starts fresh.
  * Returns true if the limit has been exceeded.
  */
-export async function checkQuestionRateLimit(userId: string): Promise<boolean> {
-  return checkRateLimit(questionRateLimit(userId), RATE_LIMIT_COUNT, RATE_LIMIT_WINDOW_SECONDS);
+export async function checkQuestionRateLimit(userId: string, sessionId: string): Promise<boolean> {
+  return checkRateLimit(
+    questionRateLimit(userId, sessionId),
+    RATE_LIMIT_COUNT,
+    RATE_LIMIT_WINDOW_SECONDS
+  );
 }
 
 /**
diff --git a/src/lib/redisKeys.ts b/src/lib/redisKeys.ts
index 68a0c86..c48bfd3 100644
--- a/src/lib/redisKeys.ts
+++ b/src/lib/redisKeys.ts
@@ -21,10 +21,11 @@ export function rateLimit(key: string): string {
 
 /**
  * Question rate-limit key (passed into checkRateLimit, which wraps it via rateLimit()).
- * Final Redis key: "ratelimit:{question:abc123}"
+ * Scoped per-session so a new session always gives every student a fresh counter.
+ * Final Redis key: "ratelimit:{question:abc123:sessionXYZ}"
  */
-export function questionRateLimit(userId: string): string {
-  return `question:${userId}`;
+export function questionRateLimit(userId: string, sessionId: string): string {
+  return `question:${userId}:${sessionId}`;
 }
 
 /**
diff --git a/src/socket/handlers/questionHandlers.ts b/src/socket/handlers/questionHandlers.ts
index 5ffc8a1..c73a8d0 100644
--- a/src/socket/handlers/questionHandlers.ts
+++ b/src/socket/handlers/questionHandlers.ts
@@ -122,18 +122,7 @@ export function handleQuestionCreate(socket: Socket, io: Server): void {
         return;
       }
 
-      // 5. Rate limit (first async check — only reached if all sync checks pass)
-      const isRateLimited = await checkQuestionRateLimit(userId);
-      if (isRateLimited) {
-        console.log("[QuestionHandler] Rejected: rate limited");
-        socket.emit("question:error", {
-          message:
-            "You have reached the question limit. Please wait before asking another question.",
-        });
-        return;
-      }
-
-      // 6. Session validation
+      // 5. Session validation
       const sessionValidation = await validateSessionForQuestions(payload.sessionId);
       if (!sessionValidation.valid) {
         console.log("[QuestionHandler] Rejected: session validation -", sessionValidation.error);
@@ -141,7 +130,7 @@ export function handleQuestionCreate(socket: Socket, io: Server): void {
         return;
       }
 
-      // 6a. Enrollment check — any non-PROFESSOR must be enrolled in the session's course
+      // 5a. Enrollment check — any non-PROFESSOR must be enrolled in the session's course
       const sessionForEnrollment = await prisma.session.findUnique({
         where: { id: payload.sessionId },
         select: { courseId: true },
@@ -159,8 +148,22 @@ export function handleQuestionCreate(socket: Socket, io: Server): void {
         authorEnrollmentRole = enrollment.role;
       }
 
+      // 6. Rate limit — students only (TAs and professors are exempt).
+      //    Counter is scoped to the session so a new session always starts fresh.
+      if (authorEnrollmentRole === "STUDENT") {
+        const isRateLimited = await checkQuestionRateLimit(userId, payload.sessionId);
+        if (isRateLimited) {
+          console.log("[QuestionHandler] Rejected: rate limited");
+          socket.emit("question:error", {
+            message:
+              "You have reached the question limit. Please wait before asking another question.",
+          });
+          return;
+        }
+      }
+
       // 7. Persist to database (include author for display name in broadcast)
-      //    authorId is always stored for audit purposes, but it is stripped
+      //    authorId is always stored for audit purposes, but stripped
       //    from the broadcast payload in step 8 when isAnonymous is true.
       const question = await prisma.question.create({
         data: {
@@ -332,17 +335,10 @@ export function handleQuestionUpvote(socket: Socket, io: Server): void {
  * Checks whether a user has permission to resolve a question.
  *
  * - TA / PROFESSOR (per-course CourseEnrollment role) can resolve any question.
- * - STUDENT can only resolve their own question.
+ * - STUDENT cannot resolve any question.
  */
-function checkResolvePermission(
-  userId: string,
-  questionAuthorId: string | null,
-  enrollmentRole: "STUDENT" | "TA" | "PROFESSOR"
-): boolean {
-  if (enrollmentRole === "TA" || enrollmentRole === "PROFESSOR") {
-    return true;
-  }
-  return questionAuthorId === userId;
+function checkResolvePermission(enrollmentRole: "STUDENT" | "TA" | "PROFESSOR"): boolean {
+  return enrollmentRole === "TA" || enrollmentRole === "PROFESSOR";
 }
 
 /**
@@ -353,7 +349,7 @@ function checkResolvePermission(
  *   2. Payload shape — must be a non-null object with a string questionId
  *   3. Rate limit    — 20 resolves / 60 s per user, enforced in Redis
  *   4. Question      — must exist in the DB and not already be resolved
- *   5. Permission    — TA/PROFESSOR can resolve any; STUDENT only their own
+ *   5. Permission    — TA/PROFESSOR can resolve any; STUDENT cannot resolve
  *   6. Persist       — question status updated to RESOLVED
  *   7. Broadcast     — emit resolved status to the session room
  */
@@ -422,7 +418,7 @@ export function handleQuestionResolve(socket: Socket, io: Server): void {
 
       const requesterRole = enrollment?.role ?? "STUDENT";
 
-      if (!checkResolvePermission(userId, question.authorId, requesterRole)) {
+      if (!checkResolvePermission(requesterRole)) {
         socket.emit("question:error", {
           message: "You do not have permission to resolve this question.",
         });

From 6afc307a18dbb0d72eb71aaacaa53d2eb9a62c74 Mon Sep 17 00:00:00 2001
From: Marwan <marwan.yousef@mail.utoronto.ca>
Date: Fri, 10 Apr 2026 03:05:07 -0400
Subject: [PATCH 2/2] bugs

---
 .../api/courses/[courseId]/students/route.ts  |   5 +-
 .../sessions/[sessionId]/questions/route.ts   |  12 +-
 src/app/room/classChat/ChatInput.tsx          | 135 ++++++------------
 src/app/room/classChat/index.tsx              |  40 +-----
 src/socket/handlers/questionHandlers.ts       |  32 ++---
 5 files changed, 68 insertions(+), 156 deletions(-)

diff --git a/src/app/api/courses/[courseId]/students/route.ts b/src/app/api/courses/[courseId]/students/route.ts
index c18c9cb..b1932e8 100644
--- a/src/app/api/courses/[courseId]/students/route.ts
+++ b/src/app/api/courses/[courseId]/students/route.ts
@@ -366,8 +366,11 @@ export async function DELETE(request: NextRequest, { params }: RouteParams) {
       return NextResponse.json({ error: "Cannot remove the course professor." }, { status: 403 });
     }
 
-    await prisma.courseEnrollment.delete({
+    // Demote TA back to STUDENT rather than removing them from the course entirely.
+    // This preserves their enrollment so they stay in any active session.
+    await prisma.courseEnrollment.update({
       where: { userId_courseId: { userId: target.id, courseId } },
+      data: { role: "STUDENT" },
     });
 
     return NextResponse.json({ removed: utorid.trim().toLowerCase() });
diff --git a/src/app/api/sessions/[sessionId]/questions/route.ts b/src/app/api/sessions/[sessionId]/questions/route.ts
index 7c60e28..56277a3 100644
--- a/src/app/api/sessions/[sessionId]/questions/route.ts
+++ b/src/app/api/sessions/[sessionId]/questions/route.ts
@@ -10,7 +10,6 @@ import {
 import {
   validateQuestionContent,
   validateVisibility,
-  checkQuestionRateLimit,
   validateSessionForQuestions,
 } from "@/lib/questionValidation";
 import { getSessionMembership } from "@/lib/sessionService";
@@ -210,16 +209,7 @@ export async function POST(request: NextRequest, { params }: RouteParams) {
       return NextResponse.json({ error: sessionValidation.error }, { status: statusCode });
     }
 
-    // 7. Check rate limit using shared validation (scoped to this session)
-    const isRateLimited = await checkQuestionRateLimit(authorId, sessionId);
-    if (isRateLimited) {
-      return NextResponse.json(
-        { error: "Rate limit exceeded. Please wait before asking another question." },
-        { status: 429 }
-      );
-    }
-
-    // 8. Create the question and record activity on the session atomically
+    // 7. Create the question and record activity on the session atomically
     const [question] = await prisma.$transaction([
       prisma.question.create({
         data: {
diff --git a/src/app/room/classChat/ChatInput.tsx b/src/app/room/classChat/ChatInput.tsx
index 7a0b798..68eb018 100644
--- a/src/app/room/classChat/ChatInput.tsx
+++ b/src/app/room/classChat/ChatInput.tsx
@@ -1,8 +1,8 @@
 "use client";
 
-import { useState, useEffect } from "react";
+import { useState } from "react";
 import { Textarea } from "@/components/ui/textarea";
-import { Ghost, User, Send, Clock } from "lucide-react";
+import { Ghost, User, Send } from "lucide-react";
 
 const MIN_LENGTH = 5;
 
@@ -13,8 +13,6 @@ interface ChatInputProps {
   onClearError?: () => void;
   isAnonymous: boolean;
   onAnonymousChange: (val: boolean) => void;
-  timeoutUntil?: number | null;
-  onTimeoutExpired?: () => void;
 }
 
 export default function ChatInput({
@@ -24,40 +22,9 @@ export default function ChatInput({
   onClearError,
   isAnonymous,
   onAnonymousChange,
-  timeoutUntil,
-  onTimeoutExpired,
 }: ChatInputProps) {
   const [content, setContent] = useState("");
   const [localError, setLocalError] = useState<string | null>(null);
-  const [secsLeft, setSecsLeft] = useState<number>(0);
-
-  // Derived from secsLeft (managed by the effect below) so Date.now() is never
-  // called directly during render, keeping the component pure.
-  // Also guard on timeoutUntil being set so a stale secsLeft value from a
-  // previous timeout doesn't incorrectly mark the input as timed-out.
-  const isTimedOut = !!timeoutUntil && secsLeft > 0;
-
-  useEffect(() => {
-    if (!timeoutUntil) return;
-
-    const update = () => {
-      const remaining = Math.ceil((timeoutUntil - Date.now()) / 1000);
-      if (remaining <= 0) {
-        setSecsLeft(0);
-        onTimeoutExpired?.();
-      } else {
-        setSecsLeft(remaining);
-      }
-    };
-
-    update();
-    const id = setInterval(update, 1000);
-    return () => clearInterval(id);
-  }, [timeoutUntil, onTimeoutExpired]);
-
-  const mins = Math.floor(secsLeft / 60);
-  const secs = secsLeft % 60;
-  const countdownLabel = `${mins}:${String(secs).padStart(2, "0")}`;
 
   const error = serverError ?? localError;
 
@@ -69,7 +36,7 @@ export default function ChatInput({
 
   const handleSubmit = () => {
     const trimmed = content.trim();
-    if (disabled || isTimedOut) return;
+    if (disabled) return;
     if (!trimmed) return;
     if (trimmed.length < MIN_LENGTH) {
       setLocalError(`Question must be at least ${MIN_LENGTH} characters.`);
@@ -92,63 +59,53 @@ export default function ChatInput({
       <div className="absolute inset-0 bg-background backdrop-blur-xl [mask-image:linear-gradient(to_top,black,transparent)]" />
       <div className="max-w-4xl mx-auto px-4 pt-20 pb-4 relative">
         <div className="flex flex-col gap-2 pointer-events-auto w-full">
-          {isTimedOut ? (
-            <div className="flex items-center gap-3 rounded-lg border border-amber-200 bg-amber-50 px-4 py-3 text-sm text-amber-800">
-              <Clock className="w-4 h-4 shrink-0 text-amber-500" />
-              <span>
-                You&apos;re sending questions too quickly. You can ask again in{" "}
-                <span className="font-semibold tabular-nums">{countdownLabel}</span>.
-              </span>
-            </div>
-          ) : (
-            <>
-              <Textarea
-                placeholder={`Ask a question!\n(Shift+Enter for new line)`}
-                value={content}
-                onChange={handleChange}
-                onKeyDown={handleKeyDown}
-                disabled={disabled}
-                rows={3}
-                className={`resize-none min-h-[70px] focus-visible:ring-0 focus-visible:border-stone-400 ${
-                  error ? "border-red-400 bg-red-50" : ""
-                }`}
-              />
-              <div className="flex items-center justify-between">
-                <div className="flex items-center gap-3">
-                  <button
-                    type="button"
-                    onClick={() => onAnonymousChange(!isAnonymous)}
-                    className={`flex items-center gap-1.5 h-9 px-3 rounded-md text-sm font-medium transition-colors cursor-pointer ${
-                      isAnonymous
-                        ? "bg-stone-800 hover:bg-stone-700 text-stone-50"
-                        : "bg-stone-200 hover:bg-stone-300 text-stone-700"
-                    }`}
-                  >
-                    {isAnonymous ? (
-                      <>
-                        <Ghost className="w-4 h-4" />
-                        Anonymous
-                      </>
-                    ) : (
-                      <>
-                        <User className="w-4 h-4" />
-                        Public
-                      </>
-                    )}
-                  </button>
-                  {error && <p className="text-xs text-red-500">{error}</p>}
-                </div>
+          <>
+            <Textarea
+              placeholder={`Ask a question!\n(Shift+Enter for new line)`}
+              value={content}
+              onChange={handleChange}
+              onKeyDown={handleKeyDown}
+              disabled={disabled}
+              rows={3}
+              className={`resize-none min-h-[70px] focus-visible:ring-0 focus-visible:border-stone-400 ${
+                error ? "border-red-400 bg-red-50" : ""
+              }`}
+            />
+            <div className="flex items-center justify-between">
+              <div className="flex items-center gap-3">
                 <button
-                  onClick={handleSubmit}
-                  disabled={disabled || !content.trim()}
-                  className="flex items-center justify-center gap-1.5 h-9 px-4 bg-stone-900 hover:bg-stone-800 text-stone-50 rounded-md text-sm font-medium transition-colors disabled:opacity-50 disabled:cursor-not-allowed"
+                  type="button"
+                  onClick={() => onAnonymousChange(!isAnonymous)}
+                  className={`flex items-center gap-1.5 h-9 px-3 rounded-md text-sm font-medium transition-colors cursor-pointer ${
+                    isAnonymous
+                      ? "bg-stone-800 hover:bg-stone-700 text-stone-50"
+                      : "bg-stone-200 hover:bg-stone-300 text-stone-700"
+                  }`}
                 >
-                  Post
-                  <Send className="w-4 h-4" />
+                  {isAnonymous ? (
+                    <>
+                      <Ghost className="w-4 h-4" />
+                      Anonymous
+                    </>
+                  ) : (
+                    <>
+                      <User className="w-4 h-4" />
+                      Public
+                    </>
+                  )}
                 </button>
+                {error && <p className="text-xs text-red-500">{error}</p>}
               </div>
-            </>
-          )}
+              <button
+                onClick={handleSubmit}
+                disabled={disabled || !content.trim()}
+                className="flex items-center justify-center gap-1.5 h-9 px-4 bg-stone-900 hover:bg-stone-800 text-stone-50 rounded-md text-sm font-medium transition-colors disabled:opacity-50 disabled:cursor-not-allowed"
+              >
+                Post
+                <Send className="w-4 h-4" />
+              </button>
+            </div>
+          </>
         </div>
       </div>
     </div>
diff --git a/src/app/room/classChat/index.tsx b/src/app/room/classChat/index.tsx
index e1b20cf..1552f93 100644
--- a/src/app/room/classChat/index.tsx
+++ b/src/app/room/classChat/index.tsx
@@ -113,22 +113,8 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
   const [globalIsAnonymous, setGlobalIsAnonymous] = useState(false);
   const [isLoading, setIsLoading] = useState(true);
   const [questionError, setQuestionError] = useState<string | null>(null);
-  const [timeoutUntil, setTimeoutUntil] = useState<number | null>(null);
   const [searchQuery, setSearchQuery] = useState("");
 
-  // Restore any active timeout from localStorage once userId is available.
-  // Professors and TAs are never subject to the question timeout.
-  useEffect(() => {
-    if (!userId || role === "PROFESSOR" || role === "TA") return;
-    const stored = localStorage.getItem(`question_timeout_${userId}_${sessionId}`);
-    if (!stored) return;
-    const ts = Number(stored);
-    if (ts > Date.now()) {
-      setTimeoutUntil(ts);
-    } else {
-      localStorage.removeItem(`question_timeout_${userId}_${sessionId}`);
-    }
-  }, [userId, sessionId, role]);
   const bottomRef = useRef<HTMLDivElement>(null);
   // Separate history that keeps deleted messages (marked as [deleted]) for the
   // session export. Never removes items — deletions are marked in-place.
@@ -369,19 +355,7 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
     };
 
     const onQuestionError = (payload: { message: string }) => {
-      const isRateLimit =
-        payload.message.toLowerCase().includes("question limit") ||
-        payload.message.toLowerCase().includes("rate limit");
-
-      if (isRateLimit && role !== "PROFESSOR" && role !== "TA") {
-        console.warn("[ClassChat] question:rate-limited — student timed out for 5 minutes");
-        const until = Date.now() + 5 * 60 * 1000;
-        localStorage.setItem(`question_timeout_${userId}_${sessionId}`, String(until));
-        setTimeoutUntil(until);
-        setQuestionError(null);
-      } else {
-        setQuestionError(payload.message);
-      }
+      setQuestionError(payload.message);
     };
 
     const onQuestionDeleted = (payload: { questionId: string }) => {
@@ -467,7 +441,6 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
 
   const handleSubmitQuestion = (content: string, isAnonymous: boolean) => {
     if (!socket) return;
-    if (timeoutUntil !== null && Date.now() < timeoutUntil) return;
     setQuestionError(null);
     socket.emit("question:create", { sessionId, content, isAnonymous });
   };
@@ -621,7 +594,11 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
                       post={q}
                       commentView={commentView}
                       onUpvote={() => handleUpvote(q.id)}
-                      onResolve={isInstructor ? () => handleResolve(q.id) : undefined}
+                      onResolve={
+                        isInstructor || q.user?.id === userId
+                          ? () => handleResolve(q.id)
+                          : undefined
+                      }
                       onUnresolve={isInstructor ? () => handleUnresolve(q.id) : undefined}
                       canAnswer={canAnswerGlobal || q.user?.id === userId}
                       onSubmitAnswer={(content) => handleSubmitAnswer(q.id, content)}
@@ -647,11 +624,6 @@ export default function ClassChat({ chatHistoryRef }: ClassChatProps) {
         onClearError={() => setQuestionError(null)}
         isAnonymous={globalIsAnonymous}
         onAnonymousChange={setGlobalIsAnonymous}
-        timeoutUntil={timeoutUntil}
-        onTimeoutExpired={() => {
-          localStorage.removeItem(`question_timeout_${userId}_${sessionId}`);
-          setTimeoutUntil(null);
-        }}
       />
     </div>
   );
diff --git a/src/socket/handlers/questionHandlers.ts b/src/socket/handlers/questionHandlers.ts
index c73a8d0..8f9397b 100644
--- a/src/socket/handlers/questionHandlers.ts
+++ b/src/socket/handlers/questionHandlers.ts
@@ -4,7 +4,6 @@ import { prisma } from "@/lib/prisma";
 import {
   validateQuestionContent,
   validateVisibility,
-  checkQuestionRateLimit,
   checkUpvoteRateLimit,
   checkResolveRateLimit,
   validateSessionForQuestions,
@@ -148,21 +147,7 @@ export function handleQuestionCreate(socket: Socket, io: Server): void {
         authorEnrollmentRole = enrollment.role;
       }
 
-      // 6. Rate limit — students only (TAs and professors are exempt).
-      //    Counter is scoped to the session so a new session always starts fresh.
-      if (authorEnrollmentRole === "STUDENT") {
-        const isRateLimited = await checkQuestionRateLimit(userId, payload.sessionId);
-        if (isRateLimited) {
-          console.log("[QuestionHandler] Rejected: rate limited");
-          socket.emit("question:error", {
-            message:
-              "You have reached the question limit. Please wait before asking another question.",
-          });
-          return;
-        }
-      }
-
-      // 7. Persist to database (include author for display name in broadcast)
+      // 6. Persist to database (include author for display name in broadcast)
       //    authorId is always stored for audit purposes, but stripped
       //    from the broadcast payload in step 8 when isAnonymous is true.
       const question = await prisma.question.create({
@@ -335,10 +320,15 @@ export function handleQuestionUpvote(socket: Socket, io: Server): void {
  * Checks whether a user has permission to resolve a question.
  *
  * - TA / PROFESSOR (per-course CourseEnrollment role) can resolve any question.
- * - STUDENT cannot resolve any question.
+ * - STUDENT can only resolve their own question.
  */
-function checkResolvePermission(enrollmentRole: "STUDENT" | "TA" | "PROFESSOR"): boolean {
-  return enrollmentRole === "TA" || enrollmentRole === "PROFESSOR";
+function checkResolvePermission(
+  userId: string,
+  questionAuthorId: string | null,
+  enrollmentRole: "STUDENT" | "TA" | "PROFESSOR"
+): boolean {
+  if (enrollmentRole === "TA" || enrollmentRole === "PROFESSOR") return true;
+  return questionAuthorId === userId;
 }
 
 /**
@@ -349,7 +339,7 @@ function checkResolvePermission(enrollmentRole: "STUDENT" | "TA" | "PROFESSOR"):
  *   2. Payload shape — must be a non-null object with a string questionId
  *   3. Rate limit    — 20 resolves / 60 s per user, enforced in Redis
  *   4. Question      — must exist in the DB and not already be resolved
- *   5. Permission    — TA/PROFESSOR can resolve any; STUDENT cannot resolve
+ *   5. Permission    — TA/PROFESSOR can resolve any; STUDENT only their own
  *   6. Persist       — question status updated to RESOLVED
  *   7. Broadcast     — emit resolved status to the session room
  */
@@ -418,7 +408,7 @@ export function handleQuestionResolve(socket: Socket, io: Server): void {
 
       const requesterRole = enrollment?.role ?? "STUDENT";
 
-      if (!checkResolvePermission(requesterRole)) {
+      if (!checkResolvePermission(userId, question.authorId, requesterRole)) {
         socket.emit("question:error", {
           message: "You do not have permission to resolve this question.",
         });