feat(feedback): in-app user feedback with admin review and account roles
CI / changes (pull_request) Successful in 2s
CI / unit (pull_request) Successful in 9s
CI / integration (pull_request) Successful in 12s
CI / ui (pull_request) Successful in 47s
CI / gate (pull_request) Successful in 0s
CI / deploy (pull_request) Successful in 1m12s
CI / changes (pull_request) Successful in 2s
CI / unit (pull_request) Successful in 9s
CI / integration (pull_request) Successful in 12s
CI / ui (pull_request) Successful in 47s
CI / gate (pull_request) Successful in 0s
CI / deploy (pull_request) Successful in 1m12s
User-facing Feedback screen (Settings -> Info, registered accounts only): a message (<=1024 runes) plus one optional attachment, an anti-spam gate (one unreviewed message at a time), and the operator's inline reply with a Settings/Info badge. Server-rendered admin console section (/_gm/feedback): unread/read/archived queue with per-user search, detail with read/reply/ archive/delete/delete-all, safe attachment serving (nosniff, images inline via <img>, others download-only). Introduces account_roles, the first per-account role table; feedback_banned blocks only feedback submission, granted/revoked from /users and the delete-with-block action. - migration 00004_feedback (feedback_messages + account_roles) + jetgen - backend internal/feedback (store+service), internal/account/roles.go - wire: FlatBuffers feedback.submit/get/unread; gateway guest gate (Op.NonGuest, is_guest via session resolve) -> guest_forbidden before any backend call - reply push reuses NotificationEvent with a new admin_reply sub-kind - UI: /feedback route + screen, attachment picker, badge, channel detection, i18n - tests: feedback unit (Go+UI), gateway guest-gate, inttest lifecycle, e2e - docs: PLAN stage 19, ARCHITECTURE s15, FUNCTIONAL(+ru), TESTING, READMEs
This commit is contained in:
@@ -0,0 +1,105 @@
|
||||
package server
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
// feedbackSubmitRequest is the player's feedback submission. Attachment is the
|
||||
// base64-encoded file bytes (empty for none); AttachmentName carries the original
|
||||
// file name (its extension is the allow-list key); Channel is the submitting
|
||||
// platform (telegram/ios/android/web).
|
||||
type feedbackSubmitRequest struct {
|
||||
Body string `json:"body"`
|
||||
Attachment string `json:"attachment"`
|
||||
AttachmentName string `json:"attachment_name"`
|
||||
Channel string `json:"channel"`
|
||||
}
|
||||
|
||||
// feedbackReplyDTO is the operator's reply shown back to the player.
|
||||
type feedbackReplyDTO struct {
|
||||
Body string `json:"body"`
|
||||
RepliedAtUnix int64 `json:"replied_at_unix"`
|
||||
}
|
||||
|
||||
// feedbackStateResponse is the player's feedback screen state. BlockedReason is
|
||||
// "" (can send), "pending" or "banned"; Reply is omitted when there is none.
|
||||
type feedbackStateResponse struct {
|
||||
CanSend bool `json:"can_send"`
|
||||
BlockedReason string `json:"blocked_reason"`
|
||||
Reply *feedbackReplyDTO `json:"reply,omitempty"`
|
||||
}
|
||||
|
||||
// feedbackUnreadResponse reports whether the player has an undelivered reply, for
|
||||
// the lobby/Info badge.
|
||||
type feedbackUnreadResponse struct {
|
||||
ReplyUnread bool `json:"reply_unread"`
|
||||
}
|
||||
|
||||
// handleFeedbackSubmit stores a feedback message from the authenticated player.
|
||||
// The sender IP comes from the gateway-forwarded X-Forwarded-For header. Guests
|
||||
// and feedback-banned accounts are refused (also gated at the gateway).
|
||||
func (s *Server) handleFeedbackSubmit(c *gin.Context) {
|
||||
uid, ok := userID(c)
|
||||
if !ok {
|
||||
abortBadRequest(c, "missing identity")
|
||||
return
|
||||
}
|
||||
var req feedbackSubmitRequest
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
abortBadRequest(c, "invalid request body")
|
||||
return
|
||||
}
|
||||
var attachment []byte
|
||||
if req.Attachment != "" {
|
||||
data, err := base64.StdEncoding.DecodeString(req.Attachment)
|
||||
if err != nil {
|
||||
abortBadRequest(c, "invalid attachment encoding")
|
||||
return
|
||||
}
|
||||
attachment = data
|
||||
}
|
||||
if err := s.feedback.Submit(c.Request.Context(), uid, req.Body, attachment, req.AttachmentName, req.Channel, clientIP(c)); err != nil {
|
||||
s.abortErr(c, err)
|
||||
return
|
||||
}
|
||||
c.JSON(http.StatusOK, okResponse{OK: true})
|
||||
}
|
||||
|
||||
// handleFeedbackState returns the player's feedback screen state and marks any
|
||||
// pending operator replies delivered (clearing the badge).
|
||||
func (s *Server) handleFeedbackState(c *gin.Context) {
|
||||
uid, ok := userID(c)
|
||||
if !ok {
|
||||
abortBadRequest(c, "missing identity")
|
||||
return
|
||||
}
|
||||
st, err := s.feedback.State(c.Request.Context(), uid)
|
||||
if err != nil {
|
||||
s.abortErr(c, err)
|
||||
return
|
||||
}
|
||||
resp := feedbackStateResponse{CanSend: st.CanSend, BlockedReason: st.BlockedReason}
|
||||
if st.Reply != nil {
|
||||
resp.Reply = &feedbackReplyDTO{Body: st.Reply.Body, RepliedAtUnix: st.Reply.RepliedAt.Unix()}
|
||||
}
|
||||
c.JSON(http.StatusOK, resp)
|
||||
}
|
||||
|
||||
// handleFeedbackUnread reports whether the player has an undelivered operator
|
||||
// reply, for the lobby/Info badge. It has no side effect.
|
||||
func (s *Server) handleFeedbackUnread(c *gin.Context) {
|
||||
uid, ok := userID(c)
|
||||
if !ok {
|
||||
abortBadRequest(c, "missing identity")
|
||||
return
|
||||
}
|
||||
unread, err := s.feedback.ReplyUnread(c.Request.Context(), uid)
|
||||
if err != nil {
|
||||
s.abortErr(c, err)
|
||||
return
|
||||
}
|
||||
c.JSON(http.StatusOK, feedbackUnreadResponse{ReplyUnread: unread})
|
||||
}
|
||||
Reference in New Issue
Block a user