Compare commits
66 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 93d086a8a3 | |||
| b03e012011 | |||
| 2495446a47 | |||
| 35705f7d1e | |||
| 4f0cc81dfb | |||
| 2ba7cc3086 | |||
| 29b6c7e4d8 | |||
| 8de9fb1ecd | |||
| 8a5a5d6c4d | |||
| ea931c6680 | |||
| d0f60ee41d | |||
| b84bd1297e | |||
| 0fb6004a8b | |||
| 8fe1bdba6b | |||
| c1d1c1624b | |||
| 9207664fbd | |||
| a4581663f4 | |||
| 03dfc29a54 | |||
| c02262fcf7 | |||
| f8fab4a4c2 | |||
| 7923b3cc09 | |||
| 10264e10c8 | |||
| fc1715128e | |||
| bb18dc362b | |||
| 4891216749 | |||
| d86e022373 | |||
| 6a602aefae | |||
| f1b8769c89 | |||
| e6277dcd43 | |||
| 37070c3cb7 | |||
| 53d6883ffd | |||
| 93c57b3558 | |||
| 6f00c2f41d | |||
| 79766438a2 | |||
| 6aa5023b24 | |||
| b6f28a2423 | |||
| 508dc870ec | |||
| e3899d4755 | |||
| ae5090b851 | |||
| 0c5d3808d7 | |||
| e32ee9ce68 | |||
| 18db62e19d | |||
| d4e34efa80 | |||
| 12ff6dad86 | |||
| 5a80696fe8 | |||
| d6401bb76c | |||
| e0a5753f1a | |||
| dc946a1faf | |||
| ba57687430 | |||
| 6cb88b28c4 | |||
| 46d569720c | |||
| 9253b1bdca | |||
| 384bd143d0 | |||
| 9d1ca213d6 | |||
| 1f78bb274b | |||
| 81b716569f | |||
| aa330b726e | |||
| d5369a0188 | |||
| 170a6ae9ef | |||
| ef2c2d1eb9 | |||
| 004aca4e97 | |||
| b78ce42922 | |||
| 08c2c5f660 | |||
| 06cc4c1edc | |||
| 90f0424de2 | |||
| c36543e54e |
@@ -267,6 +267,7 @@ jobs:
|
||||
TELEGRAM_MINIAPP_URL: ${{ vars.TEST_TELEGRAM_MINIAPP_URL }}
|
||||
TELEGRAM_GAME_CHANNEL_ID: ${{ vars.TEST_TELEGRAM_GAME_CHANNEL_ID }}
|
||||
TELEGRAM_CHAT_ID: ${{ vars.TEST_TELEGRAM_CHAT_ID }}
|
||||
TELEGRAM_SUPPORT_CHAT_ID: ${{ vars.TEST_TELEGRAM_SUPPORT_CHAT_ID }}
|
||||
TELEGRAM_BOT_USERNAME: ${{ vars.TEST_TELEGRAM_BOT_USERNAME }}
|
||||
# The promo button reuses the UI's Mini App link variable.
|
||||
TELEGRAM_BOT_LINK: ${{ vars.TEST_VITE_TELEGRAM_LINK }}
|
||||
|
||||
@@ -179,6 +179,7 @@ jobs:
|
||||
TELEGRAM_MINIAPP_URL: ${{ vars.PROD_TELEGRAM_MINIAPP_URL }}
|
||||
TELEGRAM_GAME_CHANNEL_ID: ${{ vars.PROD_TELEGRAM_GAME_CHANNEL_ID }}
|
||||
TELEGRAM_CHAT_ID: ${{ vars.PROD_TELEGRAM_CHAT_ID }}
|
||||
TELEGRAM_SUPPORT_CHAT_ID: ${{ vars.PROD_TELEGRAM_SUPPORT_CHAT_ID }}
|
||||
TELEGRAM_BOT_USERNAME: ${{ vars.PROD_TELEGRAM_BOT_USERNAME }}
|
||||
TELEGRAM_BOT_LINK: ${{ vars.PROD_VITE_TELEGRAM_LINK }}
|
||||
steps:
|
||||
@@ -200,6 +201,7 @@ jobs:
|
||||
export TELEGRAM_MINIAPP_URL='$TELEGRAM_MINIAPP_URL'
|
||||
export TELEGRAM_GAME_CHANNEL_ID='$TELEGRAM_GAME_CHANNEL_ID'
|
||||
export TELEGRAM_CHAT_ID='$TELEGRAM_CHAT_ID'
|
||||
export TELEGRAM_SUPPORT_CHAT_ID='$TELEGRAM_SUPPORT_CHAT_ID'
|
||||
export TELEGRAM_PROMO_BOT_TOKEN='$TELEGRAM_PROMO_BOT_TOKEN'
|
||||
export TELEGRAM_BOT_USERNAME='$TELEGRAM_BOT_USERNAME'
|
||||
export TELEGRAM_BOT_LINK='$TELEGRAM_BOT_LINK'
|
||||
|
||||
@@ -119,6 +119,16 @@ func (s *Store) ProvisionByIdentity(ctx context.Context, kind, externalID string
|
||||
return s.provision(ctx, kind, externalID, provisionSeed{})
|
||||
}
|
||||
|
||||
// ProvisionEmail returns the account owning the email identity externalID, creating
|
||||
// it (unconfirmed) on first contact with browserTZ — the client's detected "±HH:MM"
|
||||
// UTC offset — seeded into its time zone. Like ProvisionByIdentity it is race-safe
|
||||
// and leaves an existing account untouched, so a returning user's saved zone is never
|
||||
// overwritten. The email account is created here (the code-request step), not at the
|
||||
// later login, so this is where its zone is seeded.
|
||||
func (s *Store) ProvisionEmail(ctx context.Context, externalID, browserTZ string) (Account, error) {
|
||||
return s.provision(ctx, KindEmail, externalID, provisionSeed{timeZone: seedZone(browserTZ)})
|
||||
}
|
||||
|
||||
// ProvisionRobot provisions (or finds) the durable account backing a robot pool
|
||||
// member: a KindRobot identity carrying displayName, with chat blocked but friend
|
||||
// requests NOT blocked — a request to a robot is accepted as pending and, since the
|
||||
@@ -160,7 +170,7 @@ func (s *Store) ProvisionRobot(ctx context.Context, externalID, displayName stri
|
||||
// is never overwritten. The created flag lets the auth handler re-evaluate moderated-
|
||||
// chat write access on first registration — the path of a user who joined the chat
|
||||
// before registering, whom no chat_member event covers.
|
||||
func (s *Store) ProvisionTelegram(ctx context.Context, externalID, languageCode, username, firstName string) (Account, bool, error) {
|
||||
func (s *Store) ProvisionTelegram(ctx context.Context, externalID, languageCode, username, firstName, browserTZ string) (Account, bool, error) {
|
||||
// Pre-check whether the identity already exists so the caller can act on first
|
||||
// contact. A race with a concurrent create only over- or under-reports created for
|
||||
// that one call, which the idempotent chat-access re-evaluation tolerates.
|
||||
@@ -169,7 +179,9 @@ func (s *Store) ProvisionTelegram(ctx context.Context, externalID, languageCode,
|
||||
if err != nil && !created {
|
||||
return Account{}, false, err
|
||||
}
|
||||
acc, err := s.provision(ctx, KindTelegram, externalID, telegramSeed(languageCode, username, firstName))
|
||||
seed := telegramSeed(languageCode, username, firstName)
|
||||
seed.timeZone = seedZone(browserTZ)
|
||||
acc, err := s.provision(ctx, KindTelegram, externalID, seed)
|
||||
return acc, created, err
|
||||
}
|
||||
|
||||
@@ -197,12 +209,24 @@ func (s *Store) provision(ctx context.Context, kind, externalID string, seed pro
|
||||
}
|
||||
|
||||
// provisionSeed carries the optional create-time profile seed for a brand-new
|
||||
// account (Telegram first contact). Empty fields fall back to the accounts table
|
||||
// defaults, so an unknown language keeps the 'en' default and an empty name keeps
|
||||
// the ” default.
|
||||
// account (first contact). Empty fields fall back to the accounts table defaults,
|
||||
// so an unknown language keeps the 'en' default, an empty name keeps the ” default
|
||||
// and an empty time zone keeps the 'UTC' default.
|
||||
type provisionSeed struct {
|
||||
preferredLanguage string
|
||||
displayName string
|
||||
timeZone string
|
||||
}
|
||||
|
||||
// seedZone returns browserTZ when it is a well-formed zone to persist at account
|
||||
// creation (a "±HH:MM" offset or a loadable IANA name), else "" so the new account
|
||||
// falls back to the accounts table's 'UTC' default. The client reports the device's
|
||||
// detected offset deterministically; a bad value is dropped rather than guessed at.
|
||||
func seedZone(browserTZ string) string {
|
||||
if validZone(browserTZ) {
|
||||
return browserTZ
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// telegramSeed derives the create-time seed from Telegram launch fields: a
|
||||
@@ -368,16 +392,22 @@ func (s *Store) create(ctx context.Context, kind, externalID string, seed provis
|
||||
|
||||
var created Account
|
||||
err = withTx(ctx, s.db, func(tx *sql.Tx) error {
|
||||
// Seed the new row's display name and language (Telegram first contact); an
|
||||
// empty seed reproduces the table defaults ('' and 'en') the other callers
|
||||
// relied on, so their behaviour is unchanged.
|
||||
// Seed the new row's display name, language and time zone (first contact); an
|
||||
// empty seed reproduces the table defaults ('', 'en' and 'UTC') the other callers
|
||||
// relied on, so their behaviour is unchanged. time_zone is written explicitly (the
|
||||
// detected offset, or 'UTC' equal to the column default) so a seeded zone lands at
|
||||
// creation while an unseeded one stays UTC.
|
||||
lang := seed.preferredLanguage
|
||||
if lang == "" {
|
||||
lang = "en"
|
||||
}
|
||||
tz := seed.timeZone
|
||||
if tz == "" {
|
||||
tz = "UTC"
|
||||
}
|
||||
insertAccount := table.Accounts.
|
||||
INSERT(table.Accounts.AccountID, table.Accounts.DisplayName, table.Accounts.PreferredLanguage).
|
||||
VALUES(accountID, seed.displayName, lang).
|
||||
INSERT(table.Accounts.AccountID, table.Accounts.DisplayName, table.Accounts.PreferredLanguage, table.Accounts.TimeZone).
|
||||
VALUES(accountID, seed.displayName, lang, tz).
|
||||
RETURNING(table.Accounts.AllColumns)
|
||||
|
||||
var row model.Accounts
|
||||
@@ -416,15 +446,21 @@ const guestDisplayName = "Guest"
|
||||
// ProvisionGuest creates a fresh ephemeral guest account: a durable row carrying
|
||||
// no identity, flagged is_guest, so it can hold a session and a game seat (both
|
||||
// foreign-key the accounts table) while being excluded from statistics, friends
|
||||
// and history. Guests are not reused — each bootstrap mints a new account.
|
||||
func (s *Store) ProvisionGuest(ctx context.Context) (Account, error) {
|
||||
// and history. Guests are not reused — each bootstrap mints a new account. browserTZ
|
||||
// (the client's detected "±HH:MM" UTC offset) seeds the guest's time zone, falling
|
||||
// back to the 'UTC' default when empty or malformed.
|
||||
func (s *Store) ProvisionGuest(ctx context.Context, browserTZ string) (Account, error) {
|
||||
accountID, err := uuid.NewV7()
|
||||
if err != nil {
|
||||
return Account{}, fmt.Errorf("account: new guest id: %w", err)
|
||||
}
|
||||
tz := seedZone(browserTZ)
|
||||
if tz == "" {
|
||||
tz = "UTC"
|
||||
}
|
||||
stmt := table.Accounts.
|
||||
INSERT(table.Accounts.AccountID, table.Accounts.DisplayName, table.Accounts.IsGuest).
|
||||
VALUES(accountID, guestDisplayName, true).
|
||||
INSERT(table.Accounts.AccountID, table.Accounts.DisplayName, table.Accounts.IsGuest, table.Accounts.TimeZone).
|
||||
VALUES(accountID, guestDisplayName, true, tz).
|
||||
RETURNING(table.Accounts.AllColumns)
|
||||
|
||||
var row model.Accounts
|
||||
|
||||
@@ -131,13 +131,15 @@ func (s *EmailService) ConfirmCode(ctx context.Context, accountID uuid.UUID, ema
|
||||
// the unauthenticated email-login entry point and, unlike RequestCode,
|
||||
// does not refuse an already-confirmed email — that is the ordinary returning-user
|
||||
// login. The code is mailed to the address, so only its real owner can complete
|
||||
// the login. It returns the target account id for the subsequent LoginWithCode.
|
||||
func (s *EmailService) RequestLoginCode(ctx context.Context, email string) (uuid.UUID, error) {
|
||||
// the login. On first contact browserTZ (the client's detected "±HH:MM" UTC offset)
|
||||
// seeds the new account's time zone. It returns the target account id for the
|
||||
// subsequent LoginWithCode.
|
||||
func (s *EmailService) RequestLoginCode(ctx context.Context, email, browserTZ string) (uuid.UUID, error) {
|
||||
addr, err := normalizeEmail(email)
|
||||
if err != nil {
|
||||
return uuid.UUID{}, err
|
||||
}
|
||||
acc, err := s.store.ProvisionByIdentity(ctx, KindEmail, addr)
|
||||
acc, err := s.store.ProvisionEmail(ctx, addr, browserTZ)
|
||||
if err != nil {
|
||||
return uuid.UUID{}, err
|
||||
}
|
||||
|
||||
@@ -101,6 +101,66 @@ func validateVariantPreferences(prefs []string) ([]string, error) {
|
||||
return out, nil
|
||||
}
|
||||
|
||||
// variantSeedPrefix marks a Telegram start-param payload that seeds a brand-new
|
||||
// account's variant preferences (e.g. "verudit_ru-scrabble_en"): the prefix, then the
|
||||
// canonical variant labels joined by "-". It is deliberately distinct from the routing
|
||||
// deep links (g/i/f; see platform/telegram .../deeplink) so the client's start-param
|
||||
// router falls through to the lobby for it.
|
||||
const variantSeedPrefix = "v"
|
||||
|
||||
// SeedVariantsFromStartParam decodes a promo deep-link start-param into the variant
|
||||
// preference set to seed onto a brand-new account: the variantSeedPrefix followed by
|
||||
// the canonical variant labels joined by "-" (e.g. "verudit_ru-scrabble_en"). It
|
||||
// returns nil for any payload that is not a variant-seed link or that fails validation
|
||||
// against the known variants, so a malformed, empty or unrelated start-param simply
|
||||
// leaves the account on its default preferences rather than failing the login.
|
||||
func SeedVariantsFromStartParam(startParam string) []string {
|
||||
if !strings.HasPrefix(startParam, variantSeedPrefix) {
|
||||
return nil
|
||||
}
|
||||
body := strings.TrimPrefix(startParam, variantSeedPrefix)
|
||||
if body == "" {
|
||||
return nil
|
||||
}
|
||||
prefs, err := validateVariantPreferences(strings.Split(body, "-"))
|
||||
if err != nil {
|
||||
return nil
|
||||
}
|
||||
return prefs
|
||||
}
|
||||
|
||||
// SetVariantPreferences overwrites only the variant-preference set of the account,
|
||||
// cleaning it to a deduplicated, canonically ordered subset of the known variants
|
||||
// (rejecting an empty or unknown set with ErrInvalidProfile) and bumping updated_at; it
|
||||
// reports ErrNotFound when no account matches id. It is the narrow counterpart to
|
||||
// UpdateProfile used to seed a promo-onboarded account's variants at first contact
|
||||
// without disturbing its other profile fields.
|
||||
func (s *Store) SetVariantPreferences(ctx context.Context, id uuid.UUID, prefs []string) (Account, error) {
|
||||
clean, err := validateVariantPreferences(prefs)
|
||||
if err != nil {
|
||||
return Account{}, err
|
||||
}
|
||||
stmt := table.Accounts.UPDATE(
|
||||
table.Accounts.VariantPreferences, table.Accounts.UpdatedAt,
|
||||
).SET(
|
||||
// clean is validated against the closed knownVariants set; bind as a text[]
|
||||
// parameter (lib/pq encodes the array, the cast pins the column type), mirroring
|
||||
// UpdateProfile.
|
||||
postgres.Raw("#variant_prefs::text[]", map[string]interface{}{"#variant_prefs": pq.StringArray(clean)}),
|
||||
postgres.TimestampzT(time.Now().UTC()),
|
||||
).WHERE(table.Accounts.AccountID.EQ(postgres.UUID(id))).
|
||||
RETURNING(table.Accounts.AllColumns)
|
||||
|
||||
var row model.Accounts
|
||||
if err := stmt.QueryContext(ctx, s.db, &row); err != nil {
|
||||
if errors.Is(err, qrm.ErrNoRows) {
|
||||
return Account{}, ErrNotFound
|
||||
}
|
||||
return Account{}, fmt.Errorf("account: set variant preferences %s: %w", id, err)
|
||||
}
|
||||
return modelToAccount(row), nil
|
||||
}
|
||||
|
||||
// UpdateProfile validates and overwrites the editable fields of the account, then
|
||||
// returns the stored row. It reports ErrInvalidProfile for a bad language,
|
||||
// timezone or display name and ErrNotFound when no account matches id.
|
||||
|
||||
@@ -0,0 +1,37 @@
|
||||
package account
|
||||
|
||||
import (
|
||||
"slices"
|
||||
"testing"
|
||||
)
|
||||
|
||||
// TestSeedVariantsFromStartParam covers decoding a promo deep-link start-param into the
|
||||
// variant-preference set to seed: a valid "v"-prefixed, "-"-joined label list is cleaned
|
||||
// to the canonical order and deduplicated, while anything that is not a variant-seed link
|
||||
// or that names an unknown variant yields nil (leaving the account on its defaults).
|
||||
func TestSeedVariantsFromStartParam(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
param string
|
||||
want []string
|
||||
}{
|
||||
{"english promo", "verudit_ru-scrabble_en", []string{"erudit_ru", "scrabble_en"}},
|
||||
{"single variant", "vscrabble_en", []string{"scrabble_en"}},
|
||||
{"canonical order regardless of payload order", "vscrabble_en-erudit_ru", []string{"erudit_ru", "scrabble_en"}},
|
||||
{"deduplicated", "verudit_ru-erudit_ru", []string{"erudit_ru"}},
|
||||
{"empty", "", nil},
|
||||
{"prefix only", "v", nil},
|
||||
{"routing game link is not a seed", "g0190abcd", nil},
|
||||
{"friend code link is not a seed", "f123456", nil},
|
||||
{"unknown variant rejected", "vscrabble_de", nil},
|
||||
{"one unknown label rejects the whole set", "verudit_ru-scrabble_de", nil},
|
||||
}
|
||||
for _, tc := range tests {
|
||||
t.Run(tc.name, func(t *testing.T) {
|
||||
got := SeedVariantsFromStartParam(tc.param)
|
||||
if !slices.Equal(got, tc.want) {
|
||||
t.Errorf("SeedVariantsFromStartParam(%q) = %v, want %v", tc.param, got, tc.want)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
@@ -7,8 +7,9 @@
|
||||
<li><b>From</b> <a href="/_gm/users/{{.AccountID}}">{{.SenderName}}</a> ({{.Source}})</li>
|
||||
<li><b>Channel</b> {{.Channel}}</li>
|
||||
<li><b>Interface language</b> {{.InterfaceLanguage}}</li>
|
||||
<li><b>App version</b> {{if .Version}}<code>{{.Version}}</code>{{else}}<span class="note">unknown</span>{{end}}</li>
|
||||
<li><b>IP</b> {{if .IP}}<code>{{.IP}}</code>{{else}}<span class="note">none</span>{{end}}</li>
|
||||
<li><b>Filed</b> {{.CreatedAt}}</li>
|
||||
<li><b>Filed</b> {{.CreatedAt}} UTC · browser {{if .CreatedAtBrowser}}{{.CreatedAtBrowser}} ({{.BrowserTZ}}){{else}}<span class="note">N/A</span>{{end}} · user {{if .CreatedAtUser}}{{.CreatedAtUser}} ({{.UserTZ}}){{else}}<span class="note">N/A</span>{{end}}</li>
|
||||
<li><b>State</b> {{if .Archived}}archived{{else if .Read}}read{{else}}<span class="warn">unread</span>{{end}}</li>
|
||||
{{if .Banned}}<li><b>Feedback</b> <span class="warn">sender is banned from feedback</span></li>{{end}}
|
||||
</ul>
|
||||
|
||||
@@ -554,5 +554,17 @@ type FeedbackDetailView struct {
|
||||
ReplyBody string
|
||||
RepliedAt string
|
||||
CreatedAt string
|
||||
Banned bool
|
||||
// Version is the client app build the report was sent from (empty for rows that predate it).
|
||||
Version string
|
||||
// The Filed time is shown in three zones so the operator can tell what is certainly known from
|
||||
// what is merely defaulted. CreatedAt is the authoritative UTC time. CreatedAtBrowser is that
|
||||
// instant in the client's UTC offset detected at submit (BrowserTZ its "±HH:MM" label), empty
|
||||
// when the client reported none (an older build). CreatedAtUser is that instant in the sender's
|
||||
// saved profile zone (UserTZ its label), empty when the account has no zone beyond the UTC
|
||||
// default — the template then shows "N/A" so the missing datum is explicit.
|
||||
CreatedAtBrowser string
|
||||
BrowserTZ string
|
||||
CreatedAtUser string
|
||||
UserTZ string
|
||||
Banned bool
|
||||
}
|
||||
|
||||
@@ -72,7 +72,7 @@ func (svc *Service) SetNotifier(p notify.Publisher) {
|
||||
// validates the body (non-empty, within the rune limit) and the optional
|
||||
// attachment (size and extension allow-list). senderIP is the gateway-forwarded
|
||||
// client IP (validated); channel is the submitting platform.
|
||||
func (svc *Service) Submit(ctx context.Context, accountID uuid.UUID, body string, attachment []byte, attachmentName, channel, senderIP string) error {
|
||||
func (svc *Service) Submit(ctx context.Context, accountID uuid.UUID, body string, attachment []byte, attachmentName, channel, version, browserTZ, senderIP string) error {
|
||||
acc, err := svc.accounts.GetByID(ctx, accountID)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -112,9 +112,10 @@ func (svc *Service) Submit(ctx context.Context, accountID uuid.UUID, body string
|
||||
attachmentName = "" // a name without bytes carries no attachment
|
||||
}
|
||||
ch := normalizeChannel(channel)
|
||||
// Snapshot the sender's interface language at submit time (acc is already loaded
|
||||
// for the guest check) so the operator later sees the state as it was.
|
||||
_, err = svc.store.Insert(ctx, accountID, body, attachment, attachmentName, ch, acc.PreferredLanguage, parseIP(senderIP))
|
||||
// Snapshot the sender's interface language, the client app version and the client's
|
||||
// detected UTC offset at submit time (acc is already loaded for the guest check) so the
|
||||
// operator later sees the state as it was.
|
||||
_, err = svc.store.Insert(ctx, accountID, body, attachment, attachmentName, ch, acc.PreferredLanguage, version, browserTZ, parseIP(senderIP))
|
||||
return err
|
||||
}
|
||||
|
||||
|
||||
@@ -34,10 +34,10 @@ func NewStore(db *sql.DB) *Store {
|
||||
|
||||
// Insert stores one feedback message from accountID and returns its id. attachment
|
||||
// is the raw file bytes (nil for none); attachmentName, ip and a non-default
|
||||
// channel are stored as given. lang (the sender's interface language) is a snapshot
|
||||
// taken now, so the operator later sees the state at submit time. created_at defaults
|
||||
// to now() in the database.
|
||||
func (s *Store) Insert(ctx context.Context, accountID uuid.UUID, body string, attachment []byte, attachmentName, channel, lang string, ip *string) (uuid.UUID, error) {
|
||||
// channel are stored as given. lang (interface language), version (client app build) and
|
||||
// browserTZ (the client's detected "±HH:MM" UTC offset) are snapshots taken now, so the operator
|
||||
// later sees the state at submit time. created_at defaults to now() in the database.
|
||||
func (s *Store) Insert(ctx context.Context, accountID uuid.UUID, body string, attachment []byte, attachmentName, channel, lang, version, browserTZ string, ip *string) (uuid.UUID, error) {
|
||||
id, err := uuid.NewV7()
|
||||
if err != nil {
|
||||
return uuid.Nil, fmt.Errorf("feedback: new message id: %w", err)
|
||||
@@ -48,9 +48,9 @@ func (s *Store) Insert(ctx context.Context, accountID uuid.UUID, body string, at
|
||||
}
|
||||
if _, err := s.db.ExecContext(ctx,
|
||||
`INSERT INTO backend.feedback_messages
|
||||
(message_id, account_id, body, attachment, attachment_name, channel, lang, sender_ip)
|
||||
VALUES ($1, $2, $3, $4, $5, $6, $7, $8)`,
|
||||
id, accountID, body, att, nullStr(attachmentName), channel, nullStr(lang), ip); err != nil {
|
||||
(message_id, account_id, body, attachment, attachment_name, channel, lang, app_version, browser_tz, sender_ip)
|
||||
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)`,
|
||||
id, accountID, body, att, nullStr(attachmentName), channel, nullStr(lang), nullStr(version), nullStr(browserTZ), ip); err != nil {
|
||||
return uuid.Nil, fmt.Errorf("feedback: insert: %w", err)
|
||||
}
|
||||
return id, nil
|
||||
@@ -228,7 +228,15 @@ type AdminMessage struct {
|
||||
Body string
|
||||
Channel string
|
||||
// Lang is the sender's interface language, snapshotted at submit time.
|
||||
Lang string
|
||||
Lang string
|
||||
// Version is the client app build the report was sent from, snapshotted at submit time.
|
||||
Version string
|
||||
// BrowserTZ is the client's detected "±HH:MM" UTC offset at submit time, snapshotted so the
|
||||
// filed time can be shown in the sender's browser-local zone even before they save a profile.
|
||||
BrowserTZ string
|
||||
// TimeZone is the sender account's stored zone ("±HH:MM" offset, IANA name, or ""), for
|
||||
// rendering CreatedAt in the sender's own configured time alongside UTC.
|
||||
TimeZone string
|
||||
SenderIP string
|
||||
HasAttachment bool
|
||||
AttachmentName string
|
||||
@@ -343,7 +351,7 @@ func (s *Store) AdminGet(ctx context.Context, id uuid.UUID) (AdminMessage, error
|
||||
var m AdminMessage
|
||||
var repliedAt sql.NullTime
|
||||
q := `SELECT m.message_id, m.account_id, a.display_name, ` + feedbackSource + ` AS source, m.body, m.channel,
|
||||
COALESCE(m.lang, ''),
|
||||
COALESCE(m.lang, ''), COALESCE(m.app_version, ''), COALESCE(m.browser_tz, ''), a.time_zone,
|
||||
COALESCE(m.sender_ip, ''), (m.attachment IS NOT NULL), COALESCE(m.attachment_name, ''),
|
||||
(m.read_at IS NOT NULL), (m.archived_at IS NOT NULL), (m.reply_body IS NOT NULL),
|
||||
COALESCE(m.reply_body, ''), m.replied_at, m.created_at
|
||||
@@ -352,7 +360,7 @@ func (s *Store) AdminGet(ctx context.Context, id uuid.UUID) (AdminMessage, error
|
||||
WHERE m.message_id = $1`
|
||||
err := s.db.QueryRowContext(ctx, q, id).Scan(
|
||||
&m.ID, &m.AccountID, &m.SenderName, &m.Source, &m.Body, &m.Channel,
|
||||
&m.Lang,
|
||||
&m.Lang, &m.Version, &m.BrowserTZ, &m.TimeZone,
|
||||
&m.SenderIP, &m.HasAttachment, &m.AttachmentName,
|
||||
&m.Read, &m.Archived, &m.Replied, &m.ReplyBody, &repliedAt, &m.CreatedAt)
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
|
||||
@@ -110,15 +110,15 @@ func identityConfirmed(t *testing.T, kind, externalID string) bool {
|
||||
}
|
||||
|
||||
// TestProvisionTelegramSeedsNewAccountOnly checks that Telegram first contact
|
||||
// seeds the new account's language and display name from the launch fields,
|
||||
// defaults the in-app-only flag on, and never overwrites an existing account on a
|
||||
// later login (language seeding).
|
||||
// seeds the new account's language, display name and time zone from the launch
|
||||
// fields / detected offset, defaults the in-app-only flag on, and never overwrites
|
||||
// an existing account on a later login (language and zone seeding).
|
||||
func TestProvisionTelegramSeedsNewAccountOnly(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
store := account.NewStore(testDB)
|
||||
ext := "tg-" + uuid.NewString()
|
||||
|
||||
acc, created, err := store.ProvisionTelegram(ctx, ext, "ru-RU", "thehandle", "Иван")
|
||||
acc, created, err := store.ProvisionTelegram(ctx, ext, "ru-RU", "thehandle", "Иван", "+03:00")
|
||||
if err != nil {
|
||||
t.Fatalf("provision telegram: %v", err)
|
||||
}
|
||||
@@ -131,12 +131,15 @@ func TestProvisionTelegramSeedsNewAccountOnly(t *testing.T) {
|
||||
if acc.DisplayName != "Иван" {
|
||||
t.Errorf("DisplayName = %q, want Иван", acc.DisplayName)
|
||||
}
|
||||
if acc.TimeZone != "+03:00" {
|
||||
t.Errorf("TimeZone = %q, want the seeded +03:00", acc.TimeZone)
|
||||
}
|
||||
if !acc.NotificationsInAppOnly {
|
||||
t.Error("NotificationsInAppOnly should default to true")
|
||||
}
|
||||
|
||||
// A later login with different fields returns the same account, unchanged.
|
||||
again, created, err := store.ProvisionTelegram(ctx, ext, "en", "other", "Other")
|
||||
again, created, err := store.ProvisionTelegram(ctx, ext, "en", "other", "Other", "+09:00")
|
||||
if err != nil {
|
||||
t.Fatalf("re-provision telegram: %v", err)
|
||||
}
|
||||
@@ -146,8 +149,53 @@ func TestProvisionTelegramSeedsNewAccountOnly(t *testing.T) {
|
||||
if again.ID != acc.ID {
|
||||
t.Errorf("re-provision id = %s, want %s", again.ID, acc.ID)
|
||||
}
|
||||
if again.PreferredLanguage != "ru" || again.DisplayName != "Иван" {
|
||||
t.Errorf("existing account overwritten: lang=%q name=%q", again.PreferredLanguage, again.DisplayName)
|
||||
if again.PreferredLanguage != "ru" || again.DisplayName != "Иван" || again.TimeZone != "+03:00" {
|
||||
t.Errorf("existing account overwritten: lang=%q name=%q tz=%q", again.PreferredLanguage, again.DisplayName, again.TimeZone)
|
||||
}
|
||||
}
|
||||
|
||||
// TestProvisionSeedsTimeZone checks the create-time time-zone seed across paths: a
|
||||
// valid detected offset is stored verbatim (even "+00:00", which is deliberately
|
||||
// distinct from the unset "UTC" default), a guest is seeded the same way, and a
|
||||
// missing or malformed offset falls back to the "UTC" column default rather than
|
||||
// being guessed at.
|
||||
func TestProvisionSeedsTimeZone(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
store := account.NewStore(testDB)
|
||||
|
||||
// A detected zero offset is written as "+00:00" — we record that the zone was
|
||||
// detected (and equals UTC), distinct from the "UTC" default meaning "unknown".
|
||||
utcDetected, _, err := store.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "en", "", "Zero", "+00:00")
|
||||
if err != nil {
|
||||
t.Fatalf("provision telegram +00:00: %v", err)
|
||||
}
|
||||
if utcDetected.TimeZone != "+00:00" {
|
||||
t.Errorf("TimeZone = %q, want the seeded +00:00", utcDetected.TimeZone)
|
||||
}
|
||||
|
||||
// A malformed offset is dropped: the account keeps the UTC default.
|
||||
bad, _, err := store.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "en", "", "Bad", "not-a-zone")
|
||||
if err != nil {
|
||||
t.Fatalf("provision telegram bad tz: %v", err)
|
||||
}
|
||||
if bad.TimeZone != "UTC" {
|
||||
t.Errorf("TimeZone = %q, want UTC fallback for a malformed offset", bad.TimeZone)
|
||||
}
|
||||
|
||||
// A guest is seeded its detected offset; an empty one keeps the UTC default.
|
||||
guest, err := store.ProvisionGuest(ctx, "-05:30")
|
||||
if err != nil {
|
||||
t.Fatalf("provision guest: %v", err)
|
||||
}
|
||||
if guest.TimeZone != "-05:30" {
|
||||
t.Errorf("guest TimeZone = %q, want the seeded -05:30", guest.TimeZone)
|
||||
}
|
||||
plainGuest, err := store.ProvisionGuest(ctx, "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision plain guest: %v", err)
|
||||
}
|
||||
if plainGuest.TimeZone != "UTC" {
|
||||
t.Errorf("plain guest TimeZone = %q, want UTC default", plainGuest.TimeZone)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -156,7 +204,7 @@ func TestProvisionTelegramSeedsNewAccountOnly(t *testing.T) {
|
||||
// language CHECK.
|
||||
func TestProvisionTelegramUnknownLanguageDefaults(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
acc, _, err := account.NewStore(testDB).ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "fr", "", "")
|
||||
acc, _, err := account.NewStore(testDB).ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "fr", "", "", "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision telegram: %v", err)
|
||||
}
|
||||
@@ -172,7 +220,7 @@ func TestProvisionTelegramUnknownLanguageDefaults(t *testing.T) {
|
||||
func TestHighRateFlagRoundTrip(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
store := account.NewStore(testDB)
|
||||
acc, _, err := store.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "en", "", "Player")
|
||||
acc, _, err := store.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "en", "", "Player", "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision telegram: %v", err)
|
||||
}
|
||||
@@ -228,7 +276,7 @@ func TestIdentityExternalID(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
store := account.NewStore(testDB)
|
||||
ext := "tg-" + uuid.NewString()
|
||||
acc, _, err := store.ProvisionTelegram(ctx, ext, "en", "", "Tg User")
|
||||
acc, _, err := store.ProvisionTelegram(ctx, ext, "en", "", "Tg User", "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision telegram: %v", err)
|
||||
}
|
||||
@@ -253,7 +301,7 @@ func TestIdentityExternalID(t *testing.T) {
|
||||
func TestNotificationsInAppOnlyRoundTrip(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
store := account.NewStore(testDB)
|
||||
acc, _, err := store.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "en", "", "Player")
|
||||
acc, _, err := store.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "en", "", "Player", "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision telegram: %v", err)
|
||||
}
|
||||
|
||||
@@ -222,7 +222,7 @@ func TestConsoleGameDetailRobotSchedule(t *testing.T) {
|
||||
func TestConsoleThrottledViewAndFlagClear(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
accounts := account.NewStore(testDB)
|
||||
acc, _, err := accounts.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "en", "", "Throttled Player")
|
||||
acc, _, err := accounts.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "en", "", "Throttled Player", "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision: %v", err)
|
||||
}
|
||||
|
||||
@@ -55,7 +55,7 @@ func TestChatAccessResolver(t *testing.T) {
|
||||
srv := server.New(":0", server.Deps{Logger: zaptest.NewLogger(t), DB: testDB, Accounts: accounts})
|
||||
|
||||
ext := "tg-" + uuid.NewString()
|
||||
acc, _, err := accounts.ProvisionTelegram(ctx, ext, "en", "", "Chatter")
|
||||
acc, _, err := accounts.ProvisionTelegram(ctx, ext, "en", "", "Chatter", "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision: %v", err)
|
||||
}
|
||||
|
||||
@@ -206,7 +206,7 @@ func TestEmailLoginFlow(t *testing.T) {
|
||||
svc := account.NewEmailService(account.NewStore(testDB), mailer)
|
||||
email := "login-" + uuid.NewString() + "@example.com"
|
||||
|
||||
accountID, err := svc.RequestLoginCode(ctx, email)
|
||||
accountID, err := svc.RequestLoginCode(ctx, email, "+02:00")
|
||||
if err != nil {
|
||||
t.Fatalf("request login code: %v", err)
|
||||
}
|
||||
@@ -225,12 +225,15 @@ func TestEmailLoginFlow(t *testing.T) {
|
||||
if acc.IsGuest {
|
||||
t.Error("an email account must be durable, not a guest")
|
||||
}
|
||||
if acc.TimeZone != "+02:00" {
|
||||
t.Errorf("TimeZone = %q, want the +02:00 seeded at the request step", acc.TimeZone)
|
||||
}
|
||||
if !identityConfirmed(t, account.KindEmail, email) {
|
||||
t.Error("the email identity must be confirmed after login")
|
||||
}
|
||||
|
||||
// A second login for the same email is the returning user: same account.
|
||||
if _, err := svc.RequestLoginCode(ctx, email); err != nil {
|
||||
if _, err := svc.RequestLoginCode(ctx, email, ""); err != nil {
|
||||
t.Fatalf("second request: %v", err)
|
||||
}
|
||||
acc2, err := svc.LoginWithCode(ctx, email, sixDigit.FindString(mailer.lastBody))
|
||||
|
||||
@@ -38,7 +38,7 @@ func latestFeedbackID(t *testing.T, svc *feedback.Service, acc uuid.UUID) uuid.U
|
||||
func TestFeedbackGuestRejected(t *testing.T) {
|
||||
svc := newFeedbackService()
|
||||
guest := provisionGuest(t)
|
||||
if err := svc.Submit(context.Background(), guest, "hi", nil, "", "web", "1.2.3.4"); !errors.Is(err, feedback.ErrGuestForbidden) {
|
||||
if err := svc.Submit(context.Background(), guest, "hi", nil, "", "web", "v1", "+05:00", "1.2.3.4"); !errors.Is(err, feedback.ErrGuestForbidden) {
|
||||
t.Fatalf("guest submit err = %v, want ErrGuestForbidden", err)
|
||||
}
|
||||
}
|
||||
@@ -48,11 +48,11 @@ func TestFeedbackSubmitGateAndReplyLifecycle(t *testing.T) {
|
||||
svc := newFeedbackService()
|
||||
acc := provisionAccount(t)
|
||||
|
||||
if err := svc.Submit(ctx, acc, " please fix the board ", []byte("PNGDATA"), "shot.png", "ios", "9.9.9.9"); err != nil {
|
||||
if err := svc.Submit(ctx, acc, " please fix the board ", []byte("PNGDATA"), "shot.png", "ios", "v1.2.0", "+03:00", "9.9.9.9"); err != nil {
|
||||
t.Fatalf("submit: %v", err)
|
||||
}
|
||||
// Anti-spam gate: a second message is refused while the first is unreviewed.
|
||||
if err := svc.Submit(ctx, acc, "again", nil, "", "web", ""); !errors.Is(err, feedback.ErrPendingReview) {
|
||||
if err := svc.Submit(ctx, acc, "again", nil, "", "web", "", "", ""); !errors.Is(err, feedback.ErrPendingReview) {
|
||||
t.Fatalf("second submit err = %v, want ErrPendingReview", err)
|
||||
}
|
||||
if st, err := svc.State(ctx, acc); err != nil {
|
||||
@@ -69,7 +69,7 @@ func TestFeedbackSubmitGateAndReplyLifecycle(t *testing.T) {
|
||||
if m.Body != "please fix the board" { // trimmed
|
||||
t.Fatalf("body = %q, want trimmed", m.Body)
|
||||
}
|
||||
if !m.HasAttachment || m.AttachmentName != "shot.png" || m.Channel != "ios" || m.SenderIP != "9.9.9.9" {
|
||||
if !m.HasAttachment || m.AttachmentName != "shot.png" || m.Channel != "ios" || m.SenderIP != "9.9.9.9" || m.Version != "v1.2.0" || m.BrowserTZ != "+03:00" {
|
||||
t.Fatalf("admin message = %+v", m)
|
||||
}
|
||||
if name, data, ok, err := svc.Attachment(ctx, id); err != nil || !ok || name != "shot.png" || string(data) != "PNGDATA" {
|
||||
@@ -116,7 +116,7 @@ func TestFeedbackReplyHiddenAfterNewMessage(t *testing.T) {
|
||||
acc := provisionAccount(t)
|
||||
|
||||
// msg1, replied → the player can send again and currently sees the reply.
|
||||
if err := svc.Submit(ctx, acc, "first", nil, "", "web", ""); err != nil {
|
||||
if err := svc.Submit(ctx, acc, "first", nil, "", "web", "", "", ""); err != nil {
|
||||
t.Fatalf("submit msg1: %v", err)
|
||||
}
|
||||
if err := svc.Reply(ctx, latestFeedbackID(t, svc, acc), "the answer"); err != nil {
|
||||
@@ -130,7 +130,7 @@ func TestFeedbackReplyHiddenAfterNewMessage(t *testing.T) {
|
||||
|
||||
// Sending a new message immediately drops the previous reply (it now belongs to an
|
||||
// older message), even though it is well within the one-week window.
|
||||
if err := svc.Submit(ctx, acc, "second", nil, "", "web", ""); err != nil {
|
||||
if err := svc.Submit(ctx, acc, "second", nil, "", "web", "", "", ""); err != nil {
|
||||
t.Fatalf("submit msg2: %v", err)
|
||||
}
|
||||
st, err := svc.State(ctx, acc)
|
||||
@@ -154,7 +154,7 @@ func TestFeedbackSnapshotsLanguage(t *testing.T) {
|
||||
t.Fatalf("set language: %v", err)
|
||||
}
|
||||
// A message snapshots the sender's interface language at submit time.
|
||||
if err := svc.Submit(ctx, acc, "from telegram", nil, "", "telegram", ""); err != nil {
|
||||
if err := svc.Submit(ctx, acc, "from telegram", nil, "", "telegram", "", "", ""); err != nil {
|
||||
t.Fatalf("submit: %v", err)
|
||||
}
|
||||
id := latestFeedbackID(t, svc, acc)
|
||||
@@ -184,7 +184,7 @@ func TestFeedbackBanRole(t *testing.T) {
|
||||
if err := accounts.GrantRole(ctx, acc, account.RoleFeedbackBanned); err != nil {
|
||||
t.Fatalf("grant role: %v", err)
|
||||
}
|
||||
if err := svc.Submit(ctx, acc, "hi", nil, "", "web", ""); !errors.Is(err, feedback.ErrBanned) {
|
||||
if err := svc.Submit(ctx, acc, "hi", nil, "", "web", "", "", ""); !errors.Is(err, feedback.ErrBanned) {
|
||||
t.Fatalf("banned submit err = %v, want ErrBanned", err)
|
||||
}
|
||||
if st, err := svc.State(ctx, acc); err != nil {
|
||||
@@ -196,7 +196,7 @@ func TestFeedbackBanRole(t *testing.T) {
|
||||
if err := accounts.RevokeRole(ctx, acc, account.RoleFeedbackBanned); err != nil {
|
||||
t.Fatalf("revoke role: %v", err)
|
||||
}
|
||||
if err := svc.Submit(ctx, acc, "hi again", nil, "", "web", ""); err != nil {
|
||||
if err := svc.Submit(ctx, acc, "hi again", nil, "", "web", "", "", ""); err != nil {
|
||||
t.Fatalf("submit after unban: %v", err)
|
||||
}
|
||||
}
|
||||
@@ -219,7 +219,7 @@ func TestFeedbackValidation(t *testing.T) {
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
acc := provisionAccount(t) // fresh account so the pending gate never fires first
|
||||
if err := svc.Submit(ctx, acc, tt.body, tt.attachment, tt.attachmentName, "web", ""); !errors.Is(err, tt.want) {
|
||||
if err := svc.Submit(ctx, acc, tt.body, tt.attachment, tt.attachmentName, "web", "", "", ""); !errors.Is(err, tt.want) {
|
||||
t.Fatalf("submit err = %v, want %v", err, tt.want)
|
||||
}
|
||||
})
|
||||
@@ -231,7 +231,7 @@ func TestFeedbackAdminLifecycle(t *testing.T) {
|
||||
svc := newFeedbackService()
|
||||
acc := provisionAccount(t)
|
||||
|
||||
if err := svc.Submit(ctx, acc, "first report", nil, "", "web", ""); err != nil {
|
||||
if err := svc.Submit(ctx, acc, "first report", nil, "", "web", "", "", ""); err != nil {
|
||||
t.Fatalf("submit: %v", err)
|
||||
}
|
||||
id := latestFeedbackID(t, svc, acc)
|
||||
@@ -276,7 +276,7 @@ func TestFeedbackDeleteAllByAccount(t *testing.T) {
|
||||
svc := newFeedbackService()
|
||||
acc := provisionAccount(t)
|
||||
|
||||
if err := svc.Submit(ctx, acc, "one", nil, "", "web", ""); err != nil {
|
||||
if err := svc.Submit(ctx, acc, "one", nil, "", "web", "", "", ""); err != nil {
|
||||
t.Fatalf("submit: %v", err)
|
||||
}
|
||||
if err := svc.DeleteAllByAccount(ctx, acc); err != nil {
|
||||
@@ -286,7 +286,7 @@ func TestFeedbackDeleteAllByAccount(t *testing.T) {
|
||||
if has, err := svc.ReplyUnread(ctx, acc); err != nil || has {
|
||||
t.Fatalf("reply unread after delete-all = %v (err %v)", has, err)
|
||||
}
|
||||
if err := svc.Submit(ctx, acc, "fresh", nil, "", "web", ""); err != nil {
|
||||
if err := svc.Submit(ctx, acc, "fresh", nil, "", "web", "", "", ""); err != nil {
|
||||
t.Fatalf("submit after delete-all: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -120,7 +120,7 @@ func provisionAccount(t *testing.T) uuid.UUID {
|
||||
// provisionGuest creates a fresh ephemeral guest account and returns its id.
|
||||
func provisionGuest(t *testing.T) uuid.UUID {
|
||||
t.Helper()
|
||||
acc, err := account.NewStore(testDB).ProvisionGuest(context.Background())
|
||||
acc, err := account.NewStore(testDB).ProvisionGuest(context.Background(), "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision guest: %v", err)
|
||||
}
|
||||
|
||||
@@ -0,0 +1,80 @@
|
||||
//go:build integration
|
||||
|
||||
package inttest
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"slices"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"go.uber.org/zap/zaptest"
|
||||
|
||||
"scrabble/backend/internal/account"
|
||||
"scrabble/backend/internal/server"
|
||||
"scrabble/backend/internal/session"
|
||||
)
|
||||
|
||||
// TestTelegramAuthSeedsPromoVariantForNewUserOnly drives the sessions/telegram endpoint
|
||||
// to confirm a promo deep-link start-param seeds a brand-new account's variant
|
||||
// preferences (English Scrabble alongside the default Erudit), that a new account with no
|
||||
// such payload keeps the Erudit-only default, and that an existing account is never
|
||||
// re-seeded on a later login (the new-user-only contract).
|
||||
func TestTelegramAuthSeedsPromoVariantForNewUserOnly(t *testing.T) {
|
||||
srv := server.New(":0", server.Deps{
|
||||
Logger: zaptest.NewLogger(t),
|
||||
DB: testDB,
|
||||
Accounts: account.NewStore(testDB),
|
||||
Sessions: session.NewService(session.NewStore(testDB), session.NewCache()),
|
||||
Notifier: &captureNotifier{},
|
||||
})
|
||||
h := srv.Handler()
|
||||
|
||||
post := func(ext, startParam string) {
|
||||
body := `{"external_id":"` + ext + `","language_code":"en","first_name":"Promo"`
|
||||
if startParam != "" {
|
||||
body += `,"start_param":"` + startParam + `"`
|
||||
}
|
||||
body += `}`
|
||||
rec := httptest.NewRecorder()
|
||||
req := httptest.NewRequest(http.MethodPost, "/api/v1/internal/sessions/telegram", strings.NewReader(body))
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
h.ServeHTTP(rec, req)
|
||||
if rec.Code != http.StatusOK {
|
||||
t.Fatalf("telegram auth = %d: %s", rec.Code, rec.Body.String())
|
||||
}
|
||||
}
|
||||
store := account.NewStore(testDB)
|
||||
reload := func(ext string) []string {
|
||||
acc, err := store.AccountByIdentity(context.Background(), account.KindTelegram, ext)
|
||||
if err != nil {
|
||||
t.Fatalf("lookup %s: %v", ext, err)
|
||||
}
|
||||
return acc.VariantPreferences
|
||||
}
|
||||
|
||||
// A brand-new account reached through a promo deep-link is seeded with English
|
||||
// Scrabble alongside the default Erudit.
|
||||
promoExt := "tg-" + uuid.NewString()
|
||||
post(promoExt, "verudit_ru-scrabble_en")
|
||||
if got, want := reload(promoExt), []string{"erudit_ru", "scrabble_en"}; !slices.Equal(got, want) {
|
||||
t.Errorf("promo new account variants = %v, want %v", got, want)
|
||||
}
|
||||
|
||||
// A brand-new account with no promo payload keeps the Erudit-only default.
|
||||
plainExt := "tg-" + uuid.NewString()
|
||||
post(plainExt, "")
|
||||
if got, want := reload(plainExt), []string{"erudit_ru"}; !slices.Equal(got, want) {
|
||||
t.Errorf("plain new account variants = %v, want %v", got, want)
|
||||
}
|
||||
|
||||
// A later login of the promo account, even via a different payload, must not re-seed:
|
||||
// the seed is first-contact only.
|
||||
post(promoExt, "vscrabble_ru")
|
||||
if got, want := reload(promoExt), []string{"erudit_ru", "scrabble_en"}; !slices.Equal(got, want) {
|
||||
t.Errorf("existing account re-seeded = %v, want unchanged %v", got, want)
|
||||
}
|
||||
}
|
||||
@@ -38,7 +38,7 @@ func TestSuspensionGate(t *testing.T) {
|
||||
Accounts: accounts,
|
||||
})
|
||||
|
||||
acc, _, err := accounts.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "ru", "", "Blocked")
|
||||
acc, _, err := accounts.ProvisionTelegram(ctx, "tg-"+uuid.NewString(), "ru", "", "Blocked", "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision: %v", err)
|
||||
}
|
||||
|
||||
@@ -18,7 +18,7 @@ func TestUserListFilter(t *testing.T) {
|
||||
st := account.NewStore(testDB)
|
||||
uniq := uuid.NewString()
|
||||
|
||||
human, _, err := st.ProvisionTelegram(ctx, "tg-"+uniq, "en", "", "Zzqxhuman")
|
||||
human, _, err := st.ProvisionTelegram(ctx, "tg-"+uniq, "en", "", "Zzqxhuman", "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision human: %v", err)
|
||||
}
|
||||
@@ -26,7 +26,7 @@ func TestUserListFilter(t *testing.T) {
|
||||
if err != nil {
|
||||
t.Fatalf("provision robot: %v", err)
|
||||
}
|
||||
guest, err := st.ProvisionGuest(ctx)
|
||||
guest, err := st.ProvisionGuest(ctx, "")
|
||||
if err != nil {
|
||||
t.Fatalf("provision guest: %v", err)
|
||||
}
|
||||
|
||||
@@ -0,0 +1,64 @@
|
||||
-- Replace the default (house) ad campaign's single seed tip with the curated,
|
||||
-- language-agnostic Scrabble tip set (one bilingual row per tip; the client picks the
|
||||
-- column for the viewer's language). Data-only — the ad_messages schema is unchanged, so
|
||||
-- a backend image rollback stays DB-safe. The default campaign is the fixed house id seeded
|
||||
-- in 00001; ON DELETE CASCADE is irrelevant here (we only touch its messages).
|
||||
|
||||
-- +goose Up
|
||||
DELETE FROM backend.ad_messages WHERE campaign_id = '00000000-0000-0000-0000-0000000000ad';
|
||||
INSERT INTO backend.ad_messages (message_id, campaign_id, "position", body_en, body_ru) VALUES
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 0, 'Keep a balanced rack — a slight edge of consonants over vowels.', 'Держи на руках баланс — с лёгким перевесом согласных над гласными.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 1, 'Your "leave" (the tiles you keep) sets up your next turn — value it.', '«Остаток» (что оставляешь на руках) готовит следующий ход — цени его.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 2, 'Shed duplicate tiles — repeats clog your options.', 'Сбрасывай дубли фишек — повторы забивают возможности.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 3, 'A slightly consonant-heavy rack builds full-rack plays more easily.', 'Лёгкий перевес согласных проще складывается в выкладку всех фишек.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 4, 'Play several tiles per turn to keep your rack cycling.', 'Выкладывай по нескольку фишек за ход, чтобы рука обновлялась.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 5, 'Don''t hoard hard-to-place duplicates or a lone high-value tile.', 'Не копи труднопристраиваемые дубли или одинокую дорогую фишку.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 6, 'Using all your rack tiles in one move scores a large bonus — chase it.', 'Выкладка всех фишек с рук за ход даёт крупный бонус — стремись к ней.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 7, 'Learn common prefixes and suffixes — they extend words to use every tile.', 'Учи частые приставки и суффиксы — они растягивают слово на все фишки.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 8, '"Fish": play few tiles to keep a near-complete rack when you''re ahead.', '«Рыбачь»: сыграй мало фишек, сохранив почти всю руку, когда ведёшь.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 9, 'Don''t hoard high-value tiles — play them in good time, not at the very end.', 'Не копи дорогие фишки — играй их вовремя, а не под самый конец.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 10, 'Don''t hold a high-value tile waiting for a rare partner — usually a loss.', 'Не держи дорогую фишку ради редкого партнёра — обычно это проигрыш.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 11, 'Land your priciest tile on a premium square for a big single score.', 'Сажай самую дорогую фишку на бонусную клетку ради крупных очков.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 12, 'High-value tiles shine in parallel plays through short words.', 'Дорогие фишки сильны в параллельных выкладках через короткие слова.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 13, 'Stuck with an unplayable high-value tile late? Exchange it.', 'Завис с неиграбельной дорогой фишкой под конец? Обменяй её.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 14, 'The blanks are the most valuable tiles in the bag — guard them.', 'Пустышки — самые ценные фишки в мешке; береги их.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 15, 'Save a blank for a full-rack play or a key premium square.', 'Береги пустышку для выкладки всех фишек или важной бонусной клетки.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 16, 'Don''t spend a blank cheaply — hold it for a much bigger gain.', 'Не трать пустышку по мелочи — придержи ради куда большей выгоды.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 17, 'Put high-value tiles on letter-bonus or word-bonus squares.', 'Клади дорогие фишки на бонус буквы или слова.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 18, 'Stack bonuses — a letter bonus under a word bonus multiplies both.', 'Совмещай бонусы — бонус буквы под бонусом слова умножает оба.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 19, 'Parallel plays can earn nearly half your points — look for them.', 'Параллельные выкладки могут давать почти половину очков — ищи их.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 20, 'A hook adds one tile to an existing word to make a new one.', '«Крючок» — одна фишка к готовому слову, образующая новое.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 21, 'Hooks work at the front or the back of a word.', 'Крючки работают спереди и сзади слова.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 22, 'Short words are the keys to tight parallel plays — memorize them.', 'Короткие слова — ключ к плотным параллелям; выучи их.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 23, 'Your opening word crosses the centre — keep it compact, don''t open up.', 'Первое слово идёт через центр — держи компактным, не раскрывайся.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 24, 'It''s not only your score — limit your opponent''s options too.', 'Это не только твои очки — ограничивай и возможности соперника.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 25, 'Denying a big reply often beats squeezing a few more points yourself.', 'Закрыть крупный ответ часто важнее, чем добрать пару своих очков.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 26, 'When ahead, keep the board tight and closed; avoid open lanes.', 'Ведёшь — держи доску плотной и закрытой, не открывай линии.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 27, 'When behind, open the board up to create high-scoring chances.', 'Отстаёшь — раскрывай доску ради шансов на крупный ход.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 28, 'Don''t leave a word-bonus square open right beside your word.', 'Не оставляй клетку бонуса слова открытой рядом со своим словом.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 29, 'Block a hot square even with a weak word to deny a big play.', 'Закрывай опасную клетку даже слабым словом, чтобы срубить крупный ход.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 30, 'Know words that take no hooks — use them to seal off lines.', 'Знай слова, не берущие крючков — ими запирай линии.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 31, 'Track the tiles played to judge what is still left in the bag.', 'Считай сыгранные фишки — так поймёшь, что осталось в мешке.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 32, 'Exchange when your rack is unbalanced or can only score low.', 'Меняй фишки, когда рука несбалансированна или тянет мало.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 33, 'A good exchange beats a bad play — a clean rack is worth a turn.', 'Хороший обмен лучше плохого хода — чистая рука стоит хода.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 34, 'Swap away a surplus of vowels or consonants to rebalance.', 'Сбрасывай в обмен избыток гласных или согласных, чтобы выровняться.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 35, 'Rare high-value tiles are gone once seen — note them as they appear.', 'Редкие дорогие фишки исчезают, едва мелькнув — отмечай их.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 36, 'Once the bag is empty, deduce your opponent''s remaining tiles.', 'Когда мешок пуст, вычисли оставшиеся фишки соперника.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 37, 'Shed high-value tiles before the bag empties — don''t get stuck with them.', 'Сбрось дорогие фишки до опустения мешка — не зависай с ними.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 38, 'Unplayed tiles count against you at the end — try to go out first.', 'Несыгранные фишки минусуют очки в конце — старайся выйти первым.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 39, 'Going out first adds your opponent''s leftover tiles to your score.', 'Кто вышел первым, добирает очки за оставшиеся фишки соперника.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 40, 'Sometimes leaving one tile in the bag buys you an extra turn.', 'Иногда оставить одну фишку в мешке — это лишний ход.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 41, 'In the endgame, block the exact squares your opponent needs.', 'В эндшпиле блокируй именно те клетки, что нужны сопернику.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 42, 'Shuffle your rack to spot new patterns.', 'Перемешивай фишки на руках — так замечаешь новые сочетания.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 43, 'Separate prefix, suffix and middle tiles to anagram faster.', 'Разнеси приставку, суффикс и середину — анаграммы решаются быстрее.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 44, 'Value board position and future turns over raw points this turn.', 'Цени позицию и будущие ходы выше сиюминутных очков.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 45, 'Early game build position; midgame maximize score; endgame defend.', 'В начале — позиция, в середине — очки, в конце — защита.'),
|
||||
(gen_random_uuid(), '00000000-0000-0000-0000-0000000000ad', 46, 'Learn the short-word lists first — they pay off in every game.', 'Сначала учи списки коротких слов — окупаются в каждой партии.');
|
||||
|
||||
-- +goose Down
|
||||
-- Restore the original single house tip seeded by the baseline.
|
||||
DELETE FROM backend.ad_messages WHERE campaign_id = '00000000-0000-0000-0000-0000000000ad';
|
||||
INSERT INTO backend.ad_messages (message_id, campaign_id, "position", body_en, body_ru)
|
||||
VALUES ('00000000-0000-0000-0000-0000000000a1', '00000000-0000-0000-0000-0000000000ad', 0,
|
||||
'Tip: a play using all 7 tiles earns a +50 bonus.',
|
||||
'Совет: ход всеми 7 фишками приносит бонус +50 очков.');
|
||||
@@ -0,0 +1,10 @@
|
||||
-- Capture the client app version (the build a report was sent from) with each feedback
|
||||
-- message, so the operator console can show which version a player was on. Nullable, so the
|
||||
-- rows that predate this keep working — additive and backward-compatible, so a backend image
|
||||
-- rollback stays DB-safe (older code simply ignores the column).
|
||||
|
||||
-- +goose Up
|
||||
ALTER TABLE backend.feedback_messages ADD COLUMN app_version text;
|
||||
|
||||
-- +goose Down
|
||||
ALTER TABLE backend.feedback_messages DROP COLUMN app_version;
|
||||
@@ -0,0 +1,11 @@
|
||||
-- Capture the client's detected UTC offset ("±HH:MM") with each feedback message, so the
|
||||
-- operator console can show the filed time in the sender's browser-local zone even before that
|
||||
-- player has ever saved a profile (the account zone defaults to UTC until then). Nullable, so the
|
||||
-- rows that predate this keep working — additive and backward-compatible, so a backend image
|
||||
-- rollback stays DB-safe (older code simply ignores the column).
|
||||
|
||||
-- +goose Up
|
||||
ALTER TABLE backend.feedback_messages ADD COLUMN browser_tz text;
|
||||
|
||||
-- +goose Down
|
||||
ALTER TABLE backend.feedback_messages DROP COLUMN browser_tz;
|
||||
@@ -1198,6 +1198,17 @@ func fmtTime(t time.Time) string {
|
||||
return t.UTC().Format("2006-01-02 15:04")
|
||||
}
|
||||
|
||||
// fmtTimeIn formats a timestamp in the given zone — a "±HH:MM" offset or an IANA name, resolved
|
||||
// by account.ResolveZone (falling back to UTC when empty or unknown) — or "" when zero. Used to
|
||||
// show a time in a user's local zone beside UTC; the offset form is what the profile editor and
|
||||
// the feedback browser-tz snapshot store, so it must not go through time.LoadLocation alone.
|
||||
func fmtTimeIn(t time.Time, tz string) string {
|
||||
if t.IsZero() {
|
||||
return ""
|
||||
}
|
||||
return t.In(account.ResolveZone(tz)).Format("2006-01-02 15:04")
|
||||
}
|
||||
|
||||
// fmtTimePtr formats an optional timestamp for display, or "" when nil.
|
||||
func fmtTimePtr(t *time.Time) string {
|
||||
if t == nil {
|
||||
|
||||
@@ -77,6 +77,17 @@ func (s *Server) consoleFeedbackDetail(c *gin.Context) {
|
||||
s.consoleError(c, err)
|
||||
return
|
||||
}
|
||||
// Filed time in three zones so the operator can tell what is certainly known from what is
|
||||
// merely defaulted: always UTC; the client's offset detected at submit (when the build
|
||||
// reported one); and the sender's saved profile zone (when set beyond the UTC default). An
|
||||
// empty rendered time makes the template show "N/A" for that line.
|
||||
browserCreated, userCreated := "", ""
|
||||
if m.BrowserTZ != "" {
|
||||
browserCreated = fmtTimeIn(m.CreatedAt, m.BrowserTZ)
|
||||
}
|
||||
if m.TimeZone != "" && m.TimeZone != "UTC" {
|
||||
userCreated = fmtTimeIn(m.CreatedAt, m.TimeZone)
|
||||
}
|
||||
view := adminconsole.FeedbackDetailView{
|
||||
ID: m.ID.String(), AccountID: m.AccountID.String(), SenderName: m.SenderName,
|
||||
Source: m.Source, Channel: m.Channel, InterfaceLanguage: m.Lang,
|
||||
@@ -84,6 +95,9 @@ func (s *Server) consoleFeedbackDetail(c *gin.Context) {
|
||||
HasAttachment: m.HasAttachment, AttachmentName: m.AttachmentName, IsImage: feedback.IsImage(m.AttachmentName),
|
||||
Read: m.Read, Archived: m.Archived, Replied: m.Replied, ReplyBody: m.ReplyBody,
|
||||
RepliedAt: fmtTime(m.RepliedAt), CreatedAt: fmtTime(m.CreatedAt),
|
||||
Version: m.Version,
|
||||
CreatedAtBrowser: browserCreated, BrowserTZ: m.BrowserTZ,
|
||||
CreatedAtUser: userCreated, UserTZ: m.TimeZone,
|
||||
}
|
||||
if banned, err := s.accounts.HasRole(ctx, m.AccountID, account.RoleFeedbackBanned); err == nil {
|
||||
view.Banned = banned
|
||||
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/google/uuid"
|
||||
"go.uber.org/zap"
|
||||
|
||||
"scrabble/backend/internal/account"
|
||||
)
|
||||
@@ -18,12 +19,17 @@ import (
|
||||
|
||||
// telegramAuthRequest carries the identity the connector extracted from a
|
||||
// validated initData payload. Username, FirstName and LanguageCode seed a
|
||||
// brand-new account's display name and language (first contact only).
|
||||
// brand-new account's display name and language; BrowserTZ (the client's detected
|
||||
// "±HH:MM" UTC offset) seeds its time zone; StartParam is the validated launch
|
||||
// deep-link payload, which may seed the new account's variant preferences (first
|
||||
// contact only).
|
||||
type telegramAuthRequest struct {
|
||||
ExternalID string `json:"external_id"`
|
||||
Username string `json:"username"`
|
||||
FirstName string `json:"first_name"`
|
||||
LanguageCode string `json:"language_code"`
|
||||
BrowserTZ string `json:"browser_tz"`
|
||||
StartParam string `json:"start_param"`
|
||||
}
|
||||
|
||||
// handleTelegramAuth provisions (or finds) the account bound to a Telegram
|
||||
@@ -35,7 +41,7 @@ func (s *Server) handleTelegramAuth(c *gin.Context) {
|
||||
abortBadRequest(c, "external_id is required")
|
||||
return
|
||||
}
|
||||
acc, created, err := s.accounts.ProvisionTelegram(c.Request.Context(), req.ExternalID, req.LanguageCode, req.Username, req.FirstName)
|
||||
acc, created, err := s.accounts.ProvisionTelegram(c.Request.Context(), req.ExternalID, req.LanguageCode, req.Username, req.FirstName, req.BrowserTZ)
|
||||
if err != nil {
|
||||
s.abortErr(c, err)
|
||||
return
|
||||
@@ -45,6 +51,16 @@ func (s *Server) handleTelegramAuth(c *gin.Context) {
|
||||
// joined the chat before registering is granted on the spot (no chat_member
|
||||
// event fires on registration).
|
||||
s.publishChatAccessChange(acc.ID)
|
||||
// A promo deep-link may seed this brand-new account's variant preferences (e.g.
|
||||
// English Scrabble alongside the default Erudit). Best-effort: an absent or
|
||||
// malformed payload leaves the account on its defaults, and a write failure must
|
||||
// not block the session mint.
|
||||
if seed := account.SeedVariantsFromStartParam(req.StartParam); len(seed) > 0 {
|
||||
if _, err := s.accounts.SetVariantPreferences(c.Request.Context(), acc.ID, seed); err != nil {
|
||||
s.log.Warn("telegram: seed variant preferences failed",
|
||||
zap.String("account", acc.ID.String()), zap.Error(err))
|
||||
}
|
||||
}
|
||||
}
|
||||
s.mintSession(c, acc)
|
||||
}
|
||||
@@ -97,9 +113,21 @@ func (s *Server) handlePushTarget(c *gin.Context) {
|
||||
})
|
||||
}
|
||||
|
||||
// handleGuestAuth provisions a fresh ephemeral guest account and mints a session.
|
||||
// guestAuthRequest carries the guest bootstrap's optional time-zone seed: BrowserTZ
|
||||
// (the client's detected "±HH:MM" UTC offset) is written to the new guest account's
|
||||
// time zone, so robot timing is anchored to the player's zone from the first game.
|
||||
type guestAuthRequest struct {
|
||||
BrowserTZ string `json:"browser_tz"`
|
||||
}
|
||||
|
||||
// handleGuestAuth provisions a fresh ephemeral guest account and mints a session,
|
||||
// seeding its time zone from the optional detected browser offset.
|
||||
func (s *Server) handleGuestAuth(c *gin.Context) {
|
||||
acc, err := s.accounts.ProvisionGuest(c.Request.Context())
|
||||
// The body is optional: an absent or malformed one simply yields no time-zone seed
|
||||
// (the account keeps the UTC default), so a bind error must not fail the bootstrap.
|
||||
var req guestAuthRequest
|
||||
_ = c.ShouldBindJSON(&req)
|
||||
acc, err := s.accounts.ProvisionGuest(c.Request.Context(), req.BrowserTZ)
|
||||
if err != nil {
|
||||
s.abortErr(c, err)
|
||||
return
|
||||
@@ -107,9 +135,12 @@ func (s *Server) handleGuestAuth(c *gin.Context) {
|
||||
s.mintSession(c, acc)
|
||||
}
|
||||
|
||||
// emailRequest is an email-login code request.
|
||||
// emailRequest is an email-login code request. BrowserTZ (the client's detected
|
||||
// "±HH:MM" UTC offset) seeds the time zone of an account provisioned here on first
|
||||
// contact (the email account is created at the request step, not at login).
|
||||
type emailRequest struct {
|
||||
Email string `json:"email"`
|
||||
Email string `json:"email"`
|
||||
BrowserTZ string `json:"browser_tz"`
|
||||
}
|
||||
|
||||
// handleEmailRequest issues a login confirm-code to the email. It always reports
|
||||
@@ -121,7 +152,7 @@ func (s *Server) handleEmailRequest(c *gin.Context) {
|
||||
abortBadRequest(c, "email is required")
|
||||
return
|
||||
}
|
||||
if _, err := s.emails.RequestLoginCode(c.Request.Context(), req.Email); err != nil {
|
||||
if _, err := s.emails.RequestLoginCode(c.Request.Context(), req.Email, req.BrowserTZ); err != nil {
|
||||
s.abortErr(c, err)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -16,6 +16,12 @@ type feedbackSubmitRequest struct {
|
||||
Attachment string `json:"attachment"`
|
||||
AttachmentName string `json:"attachment_name"`
|
||||
Channel string `json:"channel"`
|
||||
// Version is the client's app version (pkg/version / the SPA build), snapshotted so the
|
||||
// operator sees which build a report came from.
|
||||
Version string `json:"version"`
|
||||
// BrowserTZ is the client's detected UTC offset ("±HH:MM") at submit, so the operator can
|
||||
// see the filed time in the sender's local zone even before they save a profile.
|
||||
BrowserTZ string `json:"browser_tz"`
|
||||
}
|
||||
|
||||
// feedbackReplyDTO is the operator's reply shown back to the player.
|
||||
@@ -61,7 +67,7 @@ func (s *Server) handleFeedbackSubmit(c *gin.Context) {
|
||||
}
|
||||
attachment = data
|
||||
}
|
||||
if err := s.feedback.Submit(c.Request.Context(), uid, req.Body, attachment, req.AttachmentName, req.Channel, clientIP(c)); err != nil {
|
||||
if err := s.feedback.Submit(c.Request.Context(), uid, req.Body, attachment, req.AttachmentName, req.Channel, req.Version, req.BrowserTZ, clientIP(c)); err != nil {
|
||||
s.abortErr(c, err)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -47,9 +47,11 @@ AWG_CONF= # required; AmneziaWG sidecar config (the
|
||||
TELEGRAM_BOT_TOKEN= # required
|
||||
TELEGRAM_GAME_CHANNEL_ID=
|
||||
TELEGRAM_CHAT_ID= # moderated discussion chat (channel's linked group); empty disables gating
|
||||
TELEGRAM_SUPPORT_CHAT_ID= # private forum supergroup for the support relay (topic per user); empty disables it
|
||||
TELEGRAM_PROMO_BOT_TOKEN= # optional standalone promo bot token; empty disables it
|
||||
TELEGRAM_BOT_USERNAME= # main bot @username without the @ (promo message); required when the promo token is set
|
||||
TELEGRAM_BOT_LINK= # main bot Mini App link for the promo button (reuse VITE_TELEGRAM_LINK); required when the promo token is set
|
||||
TELEGRAM_PROMO_START_PARAM= # promo button startapp payload — a variant-seed deep link (default verudit_ru-scrabble_en) adding English Scrabble for new users; empty forwards the user's /start payload
|
||||
TELEGRAM_MINIAPP_URL= # required
|
||||
TELEGRAM_TEST_ENV=false
|
||||
TELEGRAM_API_BASE_URL=
|
||||
|
||||
+3
-1
@@ -150,7 +150,9 @@ Re-run `ansible/` after a host resize — it is idempotent.
|
||||
workflow manually (Gitea → Actions → prod-deploy → run from `master`, input
|
||||
`confirm=deploy`). It builds + pushes the images to the registry, ships the
|
||||
compose/config/certs/env over SSH, deploys the main host with `prod-deploy.sh` (rolling,
|
||||
health-gated, **auto-rollback to the previous tag**), then the bot host, then probes the
|
||||
health-gated, **auto-rollback to the previous tag**; caddy is force-recreated on its roll so
|
||||
a bind-mounted `Caddyfile` change applies — its image is pinned and admin is off, so neither a
|
||||
new tag nor a hot reload would pick it up), then the bot host, then probes the
|
||||
public site. After `master` is green this workflow is the **only** thing that touches
|
||||
prod — nothing auto-deploys there. It runs four visible jobs: **build → deploy-main →
|
||||
deploy-bot → verify** (the per-service rolling shows in the deploy-main log).
|
||||
|
||||
@@ -21,6 +21,18 @@
|
||||
}
|
||||
|
||||
{$CADDY_SITE_ADDRESS::80} {
|
||||
# HTTP/3 is advertised by default whenever this caddy terminates TLS (prod:
|
||||
# CADDY_SITE_ADDRESS is the domain). But UDP/443 is never reachable — the prod
|
||||
# compose maps only "443:443" (TCP) and ufw opens 443/tcp — so a client that cached
|
||||
# the `Alt-Svc: h3` advert (sticky for ma=2592000s) stalls on the dead QUIC path
|
||||
# before falling back to h2, which surfaced as the Telegram Mini App intermittently
|
||||
# hanging on load. `Alt-Svc: clear` actively drops any cached alternative and pins
|
||||
# clients to h2/h1; it is applied site-wide so every route is covered. In the test
|
||||
# contour this caddy serves plain :80 (no h3 to advertise) and the host caddy
|
||||
# re-stamps its own Alt-Svc, so the live test fix lives in the host caddy — here it
|
||||
# is the prod fix. Background + alternatives (incl. serving h3 for real): docs/EDGE_HTTP3.md.
|
||||
header Alt-Svc clear
|
||||
|
||||
# Operator surfaces under /_gm: a single shared Basic-Auth, then route.
|
||||
@gm path /_gm /_gm/*
|
||||
handle @gm {
|
||||
|
||||
@@ -23,9 +23,15 @@ services:
|
||||
TELEGRAM_BOT_TOKEN: ${TELEGRAM_BOT_TOKEN:?set TELEGRAM_BOT_TOKEN}
|
||||
TELEGRAM_GAME_CHANNEL_ID: ${TELEGRAM_GAME_CHANNEL_ID:-}
|
||||
TELEGRAM_CHAT_ID: ${TELEGRAM_CHAT_ID:-}
|
||||
# Support relay: a private forum supergroup the bot relays direct user messages
|
||||
# into (one topic per user). 0/unset disables it; the bot needs admin there with
|
||||
# the manage-topics and delete-messages rights.
|
||||
TELEGRAM_SUPPORT_CHAT_ID: ${TELEGRAM_SUPPORT_CHAT_ID:-}
|
||||
TELEGRAM_SUPPORT_STATE_DIR: /data
|
||||
TELEGRAM_PROMO_BOT_TOKEN: ${TELEGRAM_PROMO_BOT_TOKEN:-}
|
||||
TELEGRAM_BOT_USERNAME: ${TELEGRAM_BOT_USERNAME:-}
|
||||
TELEGRAM_BOT_LINK: ${TELEGRAM_BOT_LINK:-}
|
||||
TELEGRAM_PROMO_START_PARAM: ${TELEGRAM_PROMO_START_PARAM:-}
|
||||
TELEGRAM_MINIAPP_URL: ${TELEGRAM_MINIAPP_URL:?set TELEGRAM_MINIAPP_URL}
|
||||
# Real Bot API in prod (the test contour pins TELEGRAM_TEST_ENV=true instead).
|
||||
TELEGRAM_TEST_ENV: "false"
|
||||
@@ -46,8 +52,13 @@ services:
|
||||
GOMAXPROCS: "1"
|
||||
volumes:
|
||||
- ${SCRABBLE_CONFIG_DIR:-.}/certs:/certs:ro
|
||||
# Support relay state (topic mapping, block list); survives redeploys.
|
||||
- bot-state:/data
|
||||
deploy:
|
||||
resources:
|
||||
limits:
|
||||
cpus: "1.0"
|
||||
memory: 256M
|
||||
|
||||
volumes:
|
||||
bot-state:
|
||||
|
||||
@@ -292,6 +292,11 @@ services:
|
||||
# only restricts (mutes the ineligible) — and the bot must be an admin there with the
|
||||
# "Ban users" right; chat_member updates are delivered only to a chat admin.
|
||||
TELEGRAM_CHAT_ID: ${TELEGRAM_CHAT_ID:-}
|
||||
# The private forum supergroup the bot relays direct user messages into (one topic
|
||||
# per user) and reads operator replies from. Empty disables the support relay; when
|
||||
# set the bot must be an admin there with the manage-topics and delete-messages rights.
|
||||
TELEGRAM_SUPPORT_CHAT_ID: ${TELEGRAM_SUPPORT_CHAT_ID:-}
|
||||
TELEGRAM_SUPPORT_STATE_DIR: /data
|
||||
# The optional standalone promo bot (its own token) answering /start with a button
|
||||
# into the main bot's app. Empty disables it; when set it needs the main bot's
|
||||
# @username and the Mini App link (reused from the UI's VITE_TELEGRAM_LINK).
|
||||
@@ -325,6 +330,8 @@ services:
|
||||
GOMAXPROCS: "1"
|
||||
volumes:
|
||||
- ${SCRABBLE_CONFIG_DIR:-.}/certs:/certs:ro
|
||||
# Support relay state (topic mapping, block list); survives redeploys.
|
||||
- bot-state:/data
|
||||
deploy:
|
||||
resources:
|
||||
limits:
|
||||
@@ -496,3 +503,4 @@ volumes:
|
||||
prometheus-data:
|
||||
tempo-data:
|
||||
grafana-data:
|
||||
bot-state:
|
||||
|
||||
@@ -36,7 +36,21 @@
|
||||
"type": "stat",
|
||||
"title": "Database size",
|
||||
"gridPos": { "h": 5, "w": 6, "x": 18, "y": 0 },
|
||||
"fieldConfig": { "defaults": { "unit": "bytes" }, "overrides": [] },
|
||||
"fieldConfig": {
|
||||
"defaults": {
|
||||
"unit": "bytes",
|
||||
"color": { "mode": "thresholds" },
|
||||
"thresholds": {
|
||||
"mode": "absolute",
|
||||
"steps": [
|
||||
{ "color": "green", "value": null },
|
||||
{ "color": "yellow", "value": 8589934592 },
|
||||
{ "color": "red", "value": 17179869184 }
|
||||
]
|
||||
}
|
||||
},
|
||||
"overrides": []
|
||||
},
|
||||
"datasource": { "type": "prometheus", "uid": "prometheus" },
|
||||
"targets": [{ "refId": "A", "expr": "max(pg_database_size_bytes{datname=\"scrabble\"})" }]
|
||||
},
|
||||
|
||||
@@ -74,7 +74,13 @@ health_running() { # health_running <container>: running, not restarting, stable
|
||||
roll() { # roll <service> <health-cmd...>
|
||||
local svc="$1"; shift
|
||||
echo ">>> rolling $svc -> $TAG"
|
||||
dc up -d --no-build --no-deps "$svc" || return 1
|
||||
# caddy's image is pinned (caddy:2-alpine, no $TAG) and its Caddyfile is bind-mounted, so a
|
||||
# config-only change leaves the compose definition unchanged: `up -d` treats the container as
|
||||
# current and does not recreate it, and admin is off so there is no hot reload — the new
|
||||
# Caddyfile would never load. Force a recreate for caddy so config changes always apply; every
|
||||
# other service already recreates on its new $TAG image.
|
||||
local recreate=(); [ "$svc" = caddy ] && recreate=(--force-recreate)
|
||||
dc up -d --no-build --no-deps "${recreate[@]}" "$svc" || return 1
|
||||
"$@" || { echo "!!! $svc failed health check"; return 1; }
|
||||
echo "<<< $svc healthy"
|
||||
}
|
||||
|
||||
+63
-15
@@ -42,7 +42,12 @@ Three executables plus per-platform side-services:
|
||||
users, a weighted fair rotation — §10),
|
||||
and a client **board-style** setting (bonus-label
|
||||
mode). The visual/interaction design system is documented in
|
||||
[`UI_DESIGN.md`](UI_DESIGN.md).
|
||||
[`UI_DESIGN.md`](UI_DESIGN.md). Inside the Telegram Mini App the client additionally
|
||||
tracks Telegram's live theme switch (`themeChanged`), fits the full device safe-area
|
||||
insets (the bottom/home-indicator strip taking the bottom bar's colour), exposes
|
||||
Telegram's native **Settings** button into the in-app settings, and syncs the
|
||||
device-independent display preferences (theme, reduce-motion, board labels — **not** the
|
||||
interface language) across the user's Telegram devices via **CloudStorage**.
|
||||
- **`platform/telegram`** — the Telegram side-service (module
|
||||
`scrabble/platform/telegram`), split into two binaries that share the bot token
|
||||
(**one bot**, one optional game channel, §3):
|
||||
@@ -152,13 +157,19 @@ arrive from a platform rather than completing a mandatory registration).
|
||||
- **Single bot.** The platform side-service runs **one bot** (one token + one optional
|
||||
game channel), split into a home **validator** and a remote **bot** that share the
|
||||
token. `ValidateInitData` (the validator) validates `initData` against that single
|
||||
token and returns only the Telegram user identity — there is no per-bot "service
|
||||
token, **rejects a bot user** (the signed `is_bot` flag), and returns only the Telegram
|
||||
user identity — there is no per-bot "service
|
||||
language" and no supported-languages set on the wire. The bot's chat messages and
|
||||
out-of-app push are
|
||||
rendered in the recipient's **interface language** (`preferred_language`, en/ru), not in
|
||||
any bot-scoped language, and the friend-invite **share link** (and its caption) point at
|
||||
that one bot. First Telegram contact seeds the new account's `preferred_language` from the
|
||||
launch `language_code` (§4); the interface language is otherwise edited in Settings.
|
||||
launch `language_code` (§4), but the **interface language follows the device** — the system
|
||||
guess, or an explicit Settings choice saved locally — and the bot never dictates the UI.
|
||||
`preferred_language` is then **reconciled to the active interface locale on every session
|
||||
adopt** (not only on a Settings change; a no-op for guests and when already equal), so the
|
||||
server-rendered language surfaces — this push and the ad banner — always match the UI rather
|
||||
than stranding a user who never opened Settings on the creation-time seed.
|
||||
- **Variant preferences (New Game gating).** Which variants a player may be matched into is a
|
||||
per-user **profile** setting — `variant_preferences`, a set of `engine.Variant` labels
|
||||
(`scrabble_en`, `scrabble_ru`, `erudit_ru`) edited on the Settings/Profile screen. New
|
||||
@@ -199,7 +210,7 @@ arrive from a platform rather than completing a mandatory registration).
|
||||
> recipient's interface language (`preferred_language`), with no per-bot routing. New
|
||||
> Game variant gating moved off the login language onto a per-user profile setting
|
||||
> `variant_preferences` (default Erudit only, server-enforced on the caller's create
|
||||
> paths; an invited friend may still accept any variant). The per-bot env vars and
|
||||
> paths; an invited friend may still accept any variant, and a Telegram **promo deep-link** seeds extra variants — e.g. English Scrabble — onto a brand-new account via the validated `start_param`). The per-bot env vars and
|
||||
> `GATEWAY_DEFAULT_SUPPORTED_LANGUAGES` were removed; the wire dropped
|
||||
> `service_language`/`supported_languages` and the push `language` routing field, and
|
||||
> gained `variant_preferences` on Profile/UpdateProfile.
|
||||
@@ -640,7 +651,7 @@ in either direction (the enqueue excludes the caller's `BlockedWith` set);
|
||||
**floats games with any unread entry to the top** of the your-turn and opponent-turn
|
||||
sections (the finished section keeps its activity order). On each clear the publish-to-read
|
||||
latency is recorded; the read time itself is not retained.
|
||||
- **Profile**: `preferred_language` (en/ru, edited in Settings), display name, email
|
||||
- **Profile**: `preferred_language` (en/ru; tracks the interface language — §4), display name, email
|
||||
(confirm-code binding, see §4), **timezone**, the daily **away window**, the
|
||||
**variant preferences** (`variant_preferences`, the matchable-variant set that gates New
|
||||
Game — §3, defaulting to Erudit only, at least one enforced) and the
|
||||
@@ -649,7 +660,11 @@ in either direction (the enqueue excludes the caller's `BlockedWith` set);
|
||||
separators (no leading/trailing/adjacent separators, ≤ 32 runes); the timezone is a
|
||||
fixed `±HH:MM` **UTC offset** (or a legacy IANA name) resolved by `account.ResolveZone`
|
||||
for the sweeper and the robot's sleep (a fixed offset trades DST for a simple
|
||||
picker); the away window is at most **12 h** (midnight-wrap aware). Linked platform
|
||||
picker), and is **seeded at account creation** from the client's detected offset — sent
|
||||
on the Telegram / guest / email first-contact request — so the robot's sleep and the
|
||||
away-window sweeper are anchored to the player's real zone from the first game rather
|
||||
than the `UTC` default (an undetected or malformed offset keeps the default); the away
|
||||
window is at most **12 h** (midnight-wrap aware). Linked platform
|
||||
accounts and merge are covered in §4.
|
||||
|
||||
## 9. Persistence
|
||||
@@ -963,7 +978,7 @@ edits take effect on the next `profile.get` (open/reconnect/foreground), not mid
|
||||
| Concern | Enforced by |
|
||||
| --- | --- |
|
||||
| Public rate limiting / anti-abuse | gateway (per-IP public/email/admin classes, per-user authenticated class; a request body cap of `GATEWAY_MAX_BODY_BYTES`; rejections are metered, summarised to the backend and surfaced in the admin console with a conservative reversible auto-flag — §11). In prod a **temporary IP ban** (`GATEWAY_ABUSE_BAN_ENABLED`) blocks an IP that sustains rejections or trips a **honeypot** decoy path / **honeytoken**, refused with 429 before any work; operators lift bans from the console. Off in the shared-NAT test contour, where the client IP is not real (§11) |
|
||||
| Telegram initData validation (bot-token HMAC) | the Telegram **validator**; the gateway delegates it over gRPC, so the bot token (the HMAC secret) lives only in the validator and the bot, never in the gateway |
|
||||
| Telegram initData validation (bot-token HMAC) | the Telegram **validator**; the gateway delegates it over gRPC, so the bot token (the HMAC secret) lives only in the validator and the bot, never in the gateway. The validator also **rejects a bot principal** (the signed `is_bot` flag) before any account is provisioned |
|
||||
| Session minting; email-code / guest validation | gateway (with backend) |
|
||||
| Session → `user_id` resolution, `X-User-ID` injection | gateway |
|
||||
| Authorisation, ownership, state transitions | backend (`X-User-ID` is the sole identity input) |
|
||||
@@ -1031,8 +1046,9 @@ a dedicated redeem sub-limit or a longer code is the hardening step if abuse app
|
||||
Single public origin, path-routed. The Vite build has two entries: a lightweight
|
||||
**landing page** and the game **SPA**. The gateway **embeds** the SPA build
|
||||
(`go:embed`, baked in by a node stage in `gateway/Dockerfile`) and serves it at
|
||||
`/app/` (web) and `/telegram/` (the Telegram Mini App; outside Telegram that path
|
||||
redirects to the root — the client-side guard); a stray hit on the gateway's `/`
|
||||
`/app/` (web) and `/telegram/` (the Telegram Mini App; on that path without sign-in data
|
||||
— no `initData` — the client renders a compact, shareable launch-diagnostic screen instead
|
||||
of redirecting away); a stray hit on the gateway's `/`
|
||||
308-redirects to `/app/`. The **landing** ships in its own static container: the
|
||||
`landing` target of `gateway/Dockerfile` (caddy:2-alpine + the same Vite build,
|
||||
`deploy/landing/Caddyfile`) serves it at `/`, so stray public traffic is absorbed by
|
||||
@@ -1089,7 +1105,10 @@ Two contours, two secret/variable prefixes (`TEST_` / `PROD_`):
|
||||
the **main host** runs the full stack (`docker-compose.yml` + `docker-compose.prod.yml`),
|
||||
the **bot host** runs only the bot (`docker-compose.bot.yml`, no VPN — native Bot API
|
||||
egress, telemetry off). There is no host caddy, so the contour caddy terminates TLS —
|
||||
`CADDY_SITE_ADDRESS` is the domain and caddy does its own ACME. The gateway **publishes**
|
||||
`CADDY_SITE_ADDRESS` is the domain and caddy does its own ACME. Caddy advertises HTTP/3 by default, but UDP/443 is not exposed (the
|
||||
compose maps only TCP and ufw opens 443/tcp), so the edge emits `Alt-Svc: clear` to keep
|
||||
clients on h2/h1 rather than stall on a dead QUIC path — see [`EDGE_HTTP3.md`](EDGE_HTTP3.md).
|
||||
The gateway **publishes**
|
||||
the bot-link `:9443`; the remote bot dials it over mTLS (certs from `PROD_BOTLINK_*`,
|
||||
ServerName `gateway`, so TLS validation is independent of the public dial address), holds
|
||||
no inbound port, and login is unaffected if that host or the link is down.
|
||||
@@ -1149,9 +1168,11 @@ Two contours, two secret/variable prefixes (`TEST_` / `PROD_`):
|
||||
|
||||
Players reach the operators through a **Feedback** screen (Settings → Info, registered accounts
|
||||
only). A message (≤1024 runes) plus an optional single attachment is stored in
|
||||
`feedback_messages`; the sender's IP (gateway-forwarded, as for chat) and the submitting
|
||||
**channel** (telegram/ios/android/web, client-reported and validated) are recorded. The domain
|
||||
is `internal/feedback` (store + service), modelled on the admin chat-moderation surface.
|
||||
`feedback_messages`; the sender's IP (gateway-forwarded, as for chat), the submitting
|
||||
**channel** (telegram/ios/android/web, client-reported and validated), the **client app version**
|
||||
(`__APP_VERSION__`, the build a report was sent from), the client's **detected UTC offset** at
|
||||
submit (`browser_tz`, `±HH:MM`) and a snapshot of the sender's interface language are recorded. The domain is `internal/feedback` (store + service), modelled on the admin
|
||||
chat-moderation surface.
|
||||
|
||||
**Anti-spam.** A player with an unreviewed message (`read_at IS NULL`) cannot submit another; the
|
||||
gate is server-side. Because the operator must act before the next message, this is itself the
|
||||
@@ -1159,8 +1180,11 @@ rate limit — there is no separate per-user feedback limiter.
|
||||
|
||||
**Operator review** happens in the server-rendered console (`/_gm/feedback`): an
|
||||
unread / read / archived queue with per-user search (the `/users` glob masks), a detail card
|
||||
(user content rendered as auto-escaped `html/template` text), and the read / reply / archive /
|
||||
delete / delete-all actions — each marks the message read; merely opening the detail does not.
|
||||
(user content rendered as auto-escaped `html/template` text; it shows the channel, interface
|
||||
language and app version, and the filed time in three zones — UTC, the browser offset detected at
|
||||
submit, and the sender's saved profile zone, each `N/A` when not known), and the read /
|
||||
reply / archive / delete / delete-all actions — each marks the message read; merely opening the
|
||||
detail does not.
|
||||
The attachment is served from `/_gm/feedback/:id/attachment` with `X-Content-Type-Options:
|
||||
nosniff`: images inline (loaded only via `<img>`, which never executes — a renamed non-image is
|
||||
inert), everything else as an `application/octet-stream` download. The UI gates the attachment by
|
||||
@@ -1182,3 +1206,27 @@ blocks **only** feedback submission (unlike a suspension, the whole-account bloc
|
||||
granted from the feedback section (the delete-with-block checkbox) and granted/revoked from the
|
||||
`/users` console card. Roles are validated against a known set in Go, so adding one needs no
|
||||
migration.
|
||||
|
||||
**Telegram support relay.** Separate from the in-app Feedback above, the bot offers a direct
|
||||
support channel for users who message it on Telegram. Any message other than `/start` is relayed
|
||||
into a private **forum supergroup** (`TELEGRAM_SUPPORT_CHAT_ID`): a user's first message opens a
|
||||
dedicated **forum topic** whose first message is an info card (the name is a tappable profile
|
||||
mention via a `text_mention` entity — which also keeps a name beginning with `/` from being read as
|
||||
a command — plus @username, language, premium, id) carrying a Block/Unblock toggle and a Clear
|
||||
button; every message is then
|
||||
copied into that topic (`copyMessage`, so any content — text, media, voice, files — carries over).
|
||||
Any **administrator** of the support chat who writes in a user's topic has their message copied
|
||||
back to that user; non-admins and the bot's own posts are ignored (the loop guard). Block drops the
|
||||
user's incoming messages (the topic stays); Clear deletes the relayed messages, keeping the info
|
||||
card; a topic the operators delete is reopened on the next message. State (user→topic map, block
|
||||
list, relayed message ids) is a small JSON file on a writable volume — the bot host has no database
|
||||
and cannot reach Postgres. The relay is **bot-local**: it touches neither the backend, the gateway,
|
||||
nor `feedback_messages`. The bot must be an administrator in the forum group with the manage-topics
|
||||
and delete-messages rights.
|
||||
|
||||
> **Decision (2026-06-23) — bot-local support relay over forum topics.** The direct Telegram
|
||||
> support channel lives entirely in the bot (no backend, no bot-link command), because the bot host
|
||||
> has no database. One forum **topic per user** (not a reply-to-header thread) gives native per-user
|
||||
> separation and survives message deletion; the topic id, not a fragile header message, anchors the
|
||||
> mapping. Operators are the support chat's administrators (no separate owner id); messages relay
|
||||
> both ways with `copyMessage`. State persists as JSON on a dedicated volume.
|
||||
|
||||
@@ -0,0 +1,111 @@
|
||||
# Edge HTTP/3 (`Alt-Svc`) policy
|
||||
|
||||
## TL;DR
|
||||
|
||||
The edge **advertises HTTP/3 but does not actually serve it** (UDP/443 is not exposed),
|
||||
so we suppress the advert with `Alt-Svc: clear`. Advertising QUIC on `:443/udp` while
|
||||
that port is unreachable makes clients — notably the Telegram Mini App webview — stall
|
||||
on a dead QUIC connection before falling back to h2, which shows up as the app "hanging
|
||||
on load".
|
||||
|
||||
## Symptom
|
||||
|
||||
Opening the Mini App intermittently hangs on load: from a barely-noticeable pause to
|
||||
several seconds, sometimes a blank window that never finishes downloading `index.html`.
|
||||
Intermittent, worse after the first successful visit, reproduced on both the test
|
||||
contour and prod.
|
||||
|
||||
## Root cause
|
||||
|
||||
Caddy enables HTTP/3 by default on any TLS listener and emits
|
||||
`Alt-Svc: h3=":443"; ma=2592000` — telling every client "reach me over QUIC/UDP 443"
|
||||
and to cache that for 30 days. But UDP/443 is **never reachable end to end**:
|
||||
|
||||
- **Test contour**: the host caddy publishes only `:443/tcp` (`docker port caddy` shows
|
||||
no `udp`); QUIC packets from the internet are dropped.
|
||||
- **Prod**: `deploy/docker-compose.prod.yml` maps `"443:443"` (Docker = **TCP only**)
|
||||
and `deploy/ansible/roles/main/tasks/main.yml` opens 443 `proto: tcp`. UDP/443 is
|
||||
dropped at both the publish and the firewall.
|
||||
|
||||
Caddy *does* bind `udp/443` inside the container and h3 works container-to-container
|
||||
(verified `http=3 code=200`), so the listener is healthy — it is simply not exposed.
|
||||
|
||||
A client that cached the advert tries QUIC first on later opens, gets no response, and
|
||||
waits for the QUIC attempt to time out before falling back to TCP/h2. That wait is the
|
||||
stall. The very first visit (no cached `Alt-Svc`) uses h2 and is fast.
|
||||
|
||||
The h2/TCP serving path itself is healthy: 30 fresh-TLS requests through the full path
|
||||
(host caddy -> contour caddy -> gateway) measured TTFB ~9.5 ms, total ~9.8 ms, no tail;
|
||||
`index.html` is ~1 KB.
|
||||
|
||||
## Fix in place (option A — suppress the advert)
|
||||
|
||||
Emit `Alt-Svc: clear`, which actively drops any cached alternative (better than merely
|
||||
deleting the header, which leaves the sticky 30-day cache in place):
|
||||
|
||||
- **Prod / repo**: `deploy/caddy/Caddyfile` — a site-level `header Alt-Svc clear` (this
|
||||
caddy terminates TLS in prod).
|
||||
- **Test contour**: the host caddy terminates TLS, so the fix lives there (homelab
|
||||
config, outside this repo): `header Alt-Svc clear` on the `scrabble.*` site. The
|
||||
in-compose caddy serves plain `:80` in test and never advertises h3, so the repo
|
||||
directive is a harmless no-op there (the host caddy re-stamps the header).
|
||||
|
||||
`header Alt-Svc clear` overrides Caddy's auto-advert (verified) and is site-scoped.
|
||||
|
||||
### Verify
|
||||
|
||||
The runner/prod host shell cannot reach the Docker bridge IPs directly, so probe from a
|
||||
container on the relevant network, using `--resolve` to hit the TLS-terminating caddy by
|
||||
its bridge IP (this also bypasses the public-IP NAT hairpin):
|
||||
|
||||
```sh
|
||||
# <edge-ip> = the TLS-terminating caddy's IP on its network (docker inspect ... )
|
||||
docker run --rm --network edge curlimages/curl:latest -sS -D - -o /dev/null \
|
||||
--resolve <host>:443:<edge-ip> https://<host>/telegram/ | grep -iE '^HTTP|^alt-svc'
|
||||
# expect: HTTP/2 200, and NO `alt-svc: h3=...` (the header is absent or `alt-svc: clear`)
|
||||
```
|
||||
|
||||
## If it recurs — alternatives to try
|
||||
|
||||
So we do not re-derive the diagnosis from scratch:
|
||||
|
||||
1. **Re-confirm the advert is actually suppressed** with the verify command above. A
|
||||
redeploy or a Caddy upgrade could regress it, or a client may still hold a cached
|
||||
`h3` entry that has not yet been replaced by a `clear` (it needs one successful h2
|
||||
response to receive the `clear`).
|
||||
2. **Option B — serve HTTP/3 for real** instead of suppressing it. Worth it only if we
|
||||
actually want QUIC (the benefit is marginal for a ~1 KB shell plus hash-immutable
|
||||
cached assets, and it adds UDP/QUIC attack surface):
|
||||
- Publish UDP: add `"443:443/udp"` next to the TCP map in
|
||||
`deploy/docker-compose.prod.yml` (and publish udp/443 on the test host caddy too).
|
||||
- Open the firewall: add a `443 proto: udp` rule in
|
||||
`deploy/ansible/roles/main/tasks/main.yml`.
|
||||
- Drop the `header Alt-Svc clear` so Caddy advertises h3 again.
|
||||
- Verify with an h3 client from inside the network:
|
||||
`docker run --rm --network edge ymuski/curl-http3 curl --http3-only ...` should
|
||||
return `http=3 code=200`.
|
||||
3. **Look past the edge** if the advert is suppressed and stalls persist. The h2 path is
|
||||
fast server-side, so a remaining stall is most likely the client network / RTT / the
|
||||
provider, not our stack. Re-run the timing loop (below) to confirm the server is
|
||||
still <~10 ms TTFB before chasing the client side.
|
||||
|
||||
## How this was diagnosed (method, to repeat)
|
||||
|
||||
- The runner/prod host shell cannot reach the Docker bridge subnets, so all probing runs
|
||||
from a throwaway container on the target network (`docker run --network <net>
|
||||
curlimages/curl`), using `--resolve <host>:443:<edge-ip>` to bypass the public-IP NAT
|
||||
hairpin and exercise the real TLS path.
|
||||
- Compare a fresh-connection timing loop (worst case, full TLS each time) against a
|
||||
keepalive batch to separate handshake cost from serving cost:
|
||||
|
||||
```sh
|
||||
docker run --rm --network edge curlimages/curl:latest sh -c '
|
||||
for i in $(seq 1 30); do
|
||||
curl -sS -o /dev/null --resolve <host>:443:<edge-ip> \
|
||||
-w "http=%{http_version} code=%{http_code} tls=%{time_appconnect} ttfb=%{time_starttransfer} total=%{time_total}\n" \
|
||||
https://<host>/telegram/
|
||||
done'
|
||||
```
|
||||
|
||||
- `docker port <caddy>` shows whether `udp/443` is actually published; the response
|
||||
`Alt-Svc` header shows what the edge advertises. The two disagreeing is the bug.
|
||||
+26
-6
@@ -30,7 +30,8 @@ A player arrives from a platform (Telegram first), via email login, or as an
|
||||
ephemeral guest. The gateway validates the credential once and mints a thin
|
||||
session token; the backend resolves it to an internal `user_id`. A **Telegram Mini
|
||||
App** launch authenticates from the platform's signed `initData`, themes the UI to
|
||||
the Telegram colours, and — on first contact — seeds the new account's interface
|
||||
the Telegram colours (re-theming live if you switch Telegram's light/dark mode) and fits
|
||||
the device safe-area, and — on first contact — seeds the new account's interface
|
||||
language from the Telegram client. If a launch cannot reach the backend (for example during a
|
||||
deployment), the Mini App retries quietly and then shows a small "couldn't load" screen with a
|
||||
**Retry** button, rather than dropping to the web sign-in, which has no place inside Telegram.
|
||||
@@ -213,6 +214,9 @@ block **overrides but does not delete** an existing friendship (so you may block
|
||||
they keep seeing you as one); active games are never interrupted — you can finish them, with
|
||||
the blocked opponent's chat composer hidden (only the log remains). Blocking from a game card
|
||||
mirrors the block in **Settings → Friends**; **unblock** and **unfriend** live there only.
|
||||
On Settings → Friends each friend is a one-line row whose right-hand kebab (⋮) slides open
|
||||
**block 🚫** and **remove ✖️** icon actions, and each action is gated by a confirmation
|
||||
that names the friend (*Block this player?* / *Remove from friends?*).
|
||||
Blocking an **auto-match opponent who is secretly a robot** behaves the same in that game
|
||||
(struck name, hidden composer) and lists the blocked opponent under the name you saw, but is
|
||||
recorded only against that game — the disguise holds, the shared robot is never globally
|
||||
@@ -241,16 +245,21 @@ also clears the moment its recipient **takes their move**.
|
||||
Edit the display name (letters joined by a single space / "." / "_" separator, with an
|
||||
optional trailing "." or a trailing run of up to five digits, up to 32 characters and at most
|
||||
5 special characters — the "." / "_" punctuation, spaces and digits aside), the timezone
|
||||
(chosen as a UTC offset), the
|
||||
(chosen as a UTC offset, and pre-filled from your device's detected offset when the account
|
||||
is first created — so robot games are timed correctly before you ever open this form), the
|
||||
daily away window (on a 10-minute grid, at most 12 hours, wrapping midnight) and the
|
||||
block toggles. The profile form is edited inline (no separate edit mode). Linking
|
||||
an email or Telegram and merging accounts are covered under "Accounts, linking &
|
||||
merge".
|
||||
merge". Inside the Telegram Mini App, Telegram's own ⋮ menu also offers a **Settings**
|
||||
entry that opens this screen, and your display preferences (theme, board-label style and
|
||||
reduce-motion — not the interface language, which follows your account) sync across your
|
||||
Telegram devices.
|
||||
|
||||
**Preferences (which variants you can be matched into).** A profile setting picks the game
|
||||
variants — Erudite, Russian Scrabble and English Scrabble, shown **Erudite-first** — you allow
|
||||
yourself to be matched into; a **new account starts with Erudite only**, and you must keep **at
|
||||
least one** selected. This list is exactly what **New Game** offers when you start a game
|
||||
yourself to be matched into; a **new account starts with Erudite only** — unless it was created
|
||||
through the **promo bot's deep link**, which also enables **English Scrabble** — and you must keep
|
||||
**at least one** selected. This list is exactly what **New Game** offers when you start a game
|
||||
(auto-match, an AI game, or a friend invitation you create) — a variant you have not enabled is
|
||||
not offered, and the server refuses it. It does not restrict games you are **invited** to: an
|
||||
invited friend may accept an invitation in **any** variant, and you can always open and play
|
||||
@@ -268,6 +277,15 @@ marked read once the screen shows it and disappears a week later. A badge on the
|
||||
unanswered reply. Guests cannot send feedback (the entry is hidden). A player the operator has
|
||||
barred from feedback (a role, not a full account block) sees the send control disabled.
|
||||
|
||||
### Telegram support chat
|
||||
A user can also reach the operators straight from the Telegram bot: anything they send the bot
|
||||
other than `/start` — text, a photo, a voice message, a file — is forwarded into the operators'
|
||||
private support group, grouped into a per-user thread. The user sees no automatic reply; an
|
||||
operator answers from that thread and the bot delivers the answer back as an ordinary bot message,
|
||||
so to the user it is a quiet one-to-one conversation. Operators can block a user (the bot then
|
||||
silently ignores their messages) or clear a thread's messages. This is independent of the in-app
|
||||
Feedback above — it serves people who write to the bot directly rather than through the app.
|
||||
|
||||
### History & statistics
|
||||
Finished games are archived in a dictionary-independent form and exportable to
|
||||
GCG; the export is offered **only once a game is finished**, and never for an
|
||||
@@ -346,7 +364,9 @@ over-grant cannot be reversed there.
|
||||
The console works a **feedback** queue too (`/_gm/feedback`): the messages players sent, filtered
|
||||
**unread / read / archived** with per-user search, each shown with its sender, source, channel
|
||||
(with the bot language — en/ru — for a Telegram message), the sender's interface
|
||||
language, IP and any attachment. The operator can mark a message read, **reply** to the player (delivered
|
||||
language, the **app version** it was sent from, IP, the filed time (in three zones — UTC, the
|
||||
browser zone detected at submit, and the sender's saved zone, each shown `N/A` when not known) and
|
||||
any attachment. The operator can mark a message read, **reply** to the player (delivered
|
||||
in-app), archive it, delete it, or delete every message from that player — and, alongside a delete,
|
||||
**bar the player from feedback** (a `feedback_banned` role, distinct from a full account block: it
|
||||
stops only feedback submission). Roles are listed and granted/revoked on the user card. Opening a
|
||||
|
||||
+28
-7
@@ -31,7 +31,9 @@ top-1 подсказку, безлимитную проверку слова с
|
||||
эфемерный гость. Gateway один раз валидирует доступ и выдаёт тонкий
|
||||
session-токен; backend сопоставляет его с внутренним `user_id`. Запуск **Telegram
|
||||
Mini App** авторизует по подписанным `initData` платформы, перекрашивает интерфейс
|
||||
в цвета Telegram и — при первом контакте — задаёт язык интерфейса нового аккаунта по
|
||||
в цвета Telegram (перекрашиваясь вживую при смене светлой/тёмной темы Telegram) и
|
||||
вписывается в безопасные зоны экрана (safe-area), а — при первом контакте — задаёт язык
|
||||
интерфейса нового аккаунта по
|
||||
языку Telegram-клиента. Если запуск не может достучаться до бэкенда (например, во время
|
||||
деплоя), Mini App тихо повторяет попытки, а затем показывает небольшой экран «не удалось
|
||||
загрузить» с кнопкой **Повторить**, вместо того чтобы сбрасывать на веб-вход, которому внутри
|
||||
@@ -218,6 +220,9 @@ _Вход сейчас только через провайдера, поэто
|
||||
заблокированного соперника «подвал» чата скрыт (остаётся только лог). Блокировка с карточки в
|
||||
партии повторяет блокировку в **Настройках → Друзья**; **разблокировка** и **удаление из друзей**
|
||||
есть только там.
|
||||
В **Настройках → Друзья** каждый друг — однострочник, чей правый кебаб (⋮) выдвигает
|
||||
иконки-действия **заблокировать 🚫** и **удалить ✖️**, и каждое действие подтверждается
|
||||
диалогом с именем друга (*Заблокировать?* / *Удалить из друзей?*).
|
||||
Блокировка **авто-матч соперника, который втайне робот**, в этой партии ведёт себя так же
|
||||
(зачёркнутое имя, скрытый «подвал») и в списке заблокированных показывается под тем именем,
|
||||
которое ты видел, но записывается только для этой партии — маскировка сохраняется, общий
|
||||
@@ -248,15 +253,21 @@ _Вход сейчас только через провайдера, поэто
|
||||
Редактирование отображаемого имени (буквы, разделённые одиночным пробелом / «.» /
|
||||
«_», с необязательной завершающей «.» или хвостом до пяти цифр, до 32 символов и не
|
||||
более 5 спецсимволов — пунктуации «.» / «_», пробелы и цифры не в счёт), таймзоны (выбор смещения от
|
||||
UTC), суточного окна отсутствия (away; сетка по 10 минут, не более 12 часов, с
|
||||
переходом через полночь) и переключателей блокировок. Форма профиля редактируется
|
||||
UTC; при создании аккаунта она подставляется из определённого смещения устройства — чтобы
|
||||
игры с роботом таймились правильно ещё до открытия этой формы), суточного окна отсутствия
|
||||
(away; сетка по 10 минут, не более 12 часов, с переходом через полночь) и переключателей блокировок. Форма профиля редактируется
|
||||
сразу (без отдельного режима редактирования). Привязка email и Telegram, а также
|
||||
слияние аккаунтов вынесены в раздел «Аккаунты, привязка и слияние».
|
||||
слияние аккаунтов вынесены в раздел «Аккаунты, привязка и слияние». Внутри Telegram
|
||||
Mini App пункт **Settings** в системном меню «⋮» Telegram также открывает этот экран, а
|
||||
ваши настройки отображения (тема, стиль подписей клеток и reduce-motion — кроме языка
|
||||
интерфейса, который следует за аккаунтом) синхронизируются между вашими устройствами в
|
||||
Telegram.
|
||||
|
||||
**Предпочтения (в какие варианты тебя можно подбирать).** Настройка профиля задаёт варианты
|
||||
игры — Эрудит, русский Scrabble и английский Scrabble, показанные **сначала Эрудит**, — в
|
||||
которые ты разрешаешь себя подбирать; **новый аккаунт стартует только с Эрудитом**, и нужно
|
||||
оставить выбранным **хотя бы один**. Именно этот список предлагает **Новая игра**, когда ты
|
||||
которые ты разрешаешь себя подбирать; **новый аккаунт стартует только с Эрудитом** — если только
|
||||
он не создан по **диплинку промо-бота**, который дополнительно включает **английский Scrabble**, —
|
||||
и нужно оставить выбранным **хотя бы один**. Именно этот список предлагает **Новая игра**, когда ты
|
||||
запускаешь партию (авто-подбор, игра с ИИ или приглашение друга, которое ты создаёшь), — не
|
||||
включённый вариант не предлагается, и сервер его отклоняет. На партии, в которые тебя
|
||||
**приглашают**, это не влияет: приглашённый друг может принять приглашение в **любом** варианте,
|
||||
@@ -274,6 +285,15 @@ UTC), суточного окна отсутствия (away; сетка по 10
|
||||
ответе. Гость отправлять обратную связь не может (пункт скрыт). Игрок, которому оператор запретил
|
||||
обратную связь (роль, а не полная блокировка аккаунта), видит кнопку отправки недоступной.
|
||||
|
||||
### Чат поддержки в Telegram
|
||||
С операторами можно поговорить и прямо из Telegram-бота: всё, что пользователь присылает боту,
|
||||
кроме `/start` — текст, фото, голосовое, файл, — пересылается в закрытую группу поддержки операторов
|
||||
и собирается в отдельную ветку на пользователя. Пользователь не получает автоответа; оператор
|
||||
отвечает из этой ветки, и бот доставляет ответ обратно обычным сообщением — для пользователя это
|
||||
тихий диалог один на один. Операторы могут заблокировать пользователя (тогда бот молча игнорирует
|
||||
его сообщения) или очистить сообщения ветки. Это независимо от встроенной «Обратной связи» выше —
|
||||
канал для тех, кто пишет боту напрямую, а не через приложение.
|
||||
|
||||
### История и статистика
|
||||
Завершённые партии архивируются в независимом от словаря виде и экспортируются
|
||||
в GCG; экспорт доступен **только после завершения партии** и никогда — для
|
||||
@@ -356,7 +376,8 @@ high-rate флага. С карточки пользователя операт
|
||||
Консоль ведёт и очередь **обратной связи** (`/_gm/feedback`): присланные игроками сообщения с фильтром
|
||||
**непрочитанные / прочитанные / архив** и поиском по пользователю, каждое — с отправителем, источником,
|
||||
каналом (и языком бота — en/ru — для сообщения из Telegram), языком интерфейса отправителя,
|
||||
IP и вложением. Оператор может пометить сообщение прочитанным, **ответить** игроку (доставка
|
||||
**версией приложения**, с которой отправлено, IP, временем подачи (в трёх зонах — UTC, зоне браузера
|
||||
на момент отправки и сохранённой зоне отправителя, каждая — «N/A», если неизвестна) и вложением. Оператор может пометить сообщение прочитанным, **ответить** игроку (доставка
|
||||
в приложение), отправить в архив, удалить или удалить все сообщения этого игрока — и вместе с удалением
|
||||
**запретить игроку обратную связь** (роль `feedback_banned`, отличная от полной блокировки аккаунта:
|
||||
останавливает только отправку обратной связи). Роли перечислены и выдаются/снимаются на карточке
|
||||
|
||||
+17
-9
@@ -8,7 +8,13 @@ emoji glyphs. Tokens are CSS custom properties (`ui/src/app.css`), light/dark vi
|
||||
`prefers-color-scheme` or an explicit Settings choice, and **Telegram-themed**:
|
||||
on a Telegram Mini App launch — the app is served under `/telegram/` and detects the
|
||||
launch by `Telegram.WebApp.initData` — the SDK's `themeParams` override the tokens at
|
||||
runtime; opened outside Telegram, the `/telegram/` path redirects to the site root.
|
||||
runtime; on that path without sign-in data (no `initData` — outside Telegram, or a Mini App
|
||||
launch that delivered none, as seen on some Android clients) the app renders a compact,
|
||||
shareable launch-diagnostic screen (`screens/TelegramLaunchError.svelte`) rather than
|
||||
redirecting to the site root. `telegram-web-app.js` is loaded **dynamically with a timeout**,
|
||||
only on a Telegram entry — not a render-blocking `<script>` in the shared `index.html` shell —
|
||||
so a network that blocks `telegram.org` cannot hang the page; `/app/` (web) and the native build
|
||||
never load it.
|
||||
|
||||
## Layout shell (`components/Screen.svelte`)
|
||||
|
||||
@@ -91,14 +97,16 @@ dismisses as soon as the lobby is ready. The pure layout and timing live in `lib
|
||||
which leaks into the Telegram Desktop webview and otherwise fights it) and the Settings
|
||||
theme switcher is hidden; the nav bar takes Telegram's background and `setHeaderColor` /
|
||||
`setBackgroundColor` / `setBottomBarColor` paint Telegram's own chrome to match; the
|
||||
native header **BackButton** drives back-navigation (the app's chevron is hidden in
|
||||
Telegram); **HapticFeedback** fires on tile placement / commit / error; on **mobile**
|
||||
clients the app enters **immersive fullscreen** on launch (`requestFullscreen`, Bot API
|
||||
8.0+) like Telegram's own Mini Apps, while desktop keeps the bot's full-size window;
|
||||
**closing confirmation** is enabled while a game is open **on mobile only** (on desktop
|
||||
closing is deliberate and the "changes may not be saved" dialog is just noise — move drafts
|
||||
auto-save); **vertical swipes** (swipe-to-minimise)
|
||||
are disabled so they don't fight tile drag or the board scroll; **external links** (the word-check
|
||||
app's **own back chevron** (Header) drives back-navigation on every platform — the native
|
||||
Telegram BackButton is not used, as it does not render reliably in the windowed Mini App;
|
||||
**HapticFeedback** fires on tile placement / commit / error; the app calls `expand()` for the
|
||||
bot's full-size (max-height) window but **never `requestFullscreen`** — immersive fullscreen hid
|
||||
the native header (and its BackButton) and the Android system swipe-back then minimised the app,
|
||||
so it stays windowed with Telegram's thin native header (close) above the app's own header; move
|
||||
drafts auto-save, so there is **no closing-confirmation guard**; a hidden **debug panel** (ten
|
||||
quick taps on the header title) shows and shares a privacy-safe client diagnostic snapshot for
|
||||
support; **vertical swipes** (swipe-to-minimise) are disabled so they don't fight tile drag or
|
||||
the board scroll; **external links** (the word-check
|
||||
dictionary lookup, the rules link, operator-reply links) open through `Telegram.WebApp.openLink`
|
||||
so Telegram shows them in its in-app browser instead of the WebView's "open this link?"
|
||||
confirmation a plain `target=_blank` triggers; and a live stream dropped
|
||||
|
||||
@@ -184,8 +184,10 @@ type ChatResp struct {
|
||||
}
|
||||
|
||||
// TelegramAuth provisions/finds the Telegram account and mints a session, seeding a
|
||||
// brand-new account's display name and language from the validated launch fields.
|
||||
func (c *Client) TelegramAuth(ctx context.Context, externalID, languageCode, username, firstName string) (SessionResp, error) {
|
||||
// brand-new account's display name and language from the validated launch fields, its
|
||||
// time zone from browserTz (the client's detected "±HH:MM" UTC offset) and, from the
|
||||
// validated launch deep-link startParam, its variant preferences (first contact only).
|
||||
func (c *Client) TelegramAuth(ctx context.Context, externalID, languageCode, username, firstName, browserTz, startParam string) (SessionResp, error) {
|
||||
var out SessionResp
|
||||
err := c.do(ctx, http.MethodPost, "/api/v1/internal/sessions/telegram", "", "",
|
||||
map[string]string{
|
||||
@@ -193,6 +195,8 @@ func (c *Client) TelegramAuth(ctx context.Context, externalID, languageCode, use
|
||||
"language_code": languageCode,
|
||||
"username": username,
|
||||
"first_name": firstName,
|
||||
"browser_tz": browserTz,
|
||||
"start_param": startParam,
|
||||
}, &out)
|
||||
return out, err
|
||||
}
|
||||
@@ -243,17 +247,21 @@ func (c *Client) ChatAccessByUser(ctx context.Context, userID string) (ChatAcces
|
||||
return out, err
|
||||
}
|
||||
|
||||
// GuestAuth provisions a guest account and mints a session.
|
||||
func (c *Client) GuestAuth(ctx context.Context) (SessionResp, error) {
|
||||
// GuestAuth provisions a guest account and mints a session, seeding its time zone
|
||||
// from browserTz (the client's detected "±HH:MM" UTC offset).
|
||||
func (c *Client) GuestAuth(ctx context.Context, browserTz string) (SessionResp, error) {
|
||||
var out SessionResp
|
||||
err := c.do(ctx, http.MethodPost, "/api/v1/internal/sessions/guest", "", "", struct{}{}, &out)
|
||||
err := c.do(ctx, http.MethodPost, "/api/v1/internal/sessions/guest", "", "",
|
||||
map[string]string{"browser_tz": browserTz}, &out)
|
||||
return out, err
|
||||
}
|
||||
|
||||
// EmailRequest asks the backend to mail a login code.
|
||||
func (c *Client) EmailRequest(ctx context.Context, email string) error {
|
||||
// EmailRequest asks the backend to mail a login code, provisioning the account on
|
||||
// first contact; browserTz (the client's detected "±HH:MM" UTC offset) seeds the new
|
||||
// account's time zone, since the email account is created here, not at login.
|
||||
func (c *Client) EmailRequest(ctx context.Context, email, browserTz string) error {
|
||||
return c.do(ctx, http.MethodPost, "/api/v1/internal/sessions/email/request", "", "",
|
||||
map[string]string{"email": email}, nil)
|
||||
map[string]string{"email": email, "browser_tz": browserTz}, nil)
|
||||
}
|
||||
|
||||
// EmailLogin verifies a login code and mints a session.
|
||||
|
||||
@@ -27,12 +27,14 @@ type FeedbackUnreadResp struct {
|
||||
|
||||
// FeedbackSubmit posts a feedback message. The attachment bytes are base64-encoded
|
||||
// into the JSON body for the internal hop; clientIP rides X-Forwarded-For.
|
||||
func (c *Client) FeedbackSubmit(ctx context.Context, userID, body string, attachment []byte, attachmentName, channel, clientIP string) error {
|
||||
func (c *Client) FeedbackSubmit(ctx context.Context, userID, body string, attachment []byte, attachmentName, channel, version, browserTz, clientIP string) error {
|
||||
payload := map[string]string{
|
||||
"body": body,
|
||||
"attachment": "",
|
||||
"attachment_name": attachmentName,
|
||||
"channel": channel,
|
||||
"version": version,
|
||||
"browser_tz": browserTz,
|
||||
}
|
||||
if len(attachment) > 0 {
|
||||
payload["attachment"] = base64.StdEncoding.EncodeToString(attachment)
|
||||
|
||||
@@ -9,6 +9,7 @@ import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"net/url"
|
||||
|
||||
"scrabble/gateway/internal/backendclient"
|
||||
"scrabble/gateway/internal/connector"
|
||||
@@ -154,11 +155,19 @@ func DomainCode(err error) (string, bool) {
|
||||
func authTelegramHandler(backend *backendclient.Client, tg TelegramValidator) Handler {
|
||||
return func(ctx context.Context, req Request) ([]byte, error) {
|
||||
in := fb.GetRootAsTelegramLoginRequest(req.Payload, 0)
|
||||
user, err := tg.ValidateInitData(ctx, string(in.InitData()))
|
||||
initData := string(in.InitData())
|
||||
user, err := tg.ValidateInitData(ctx, initData)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
sess, err := backend.TelegramAuth(ctx, user.ExternalID, user.LanguageCode, user.Username, user.FirstName)
|
||||
// start_param rides inside the signed initData validated just above, so the launch
|
||||
// deep-link payload can be trusted here without a separate wire field; the backend
|
||||
// uses it to seed a brand-new account's variant preferences.
|
||||
startParam := ""
|
||||
if q, perr := url.ParseQuery(initData); perr == nil {
|
||||
startParam = q.Get("start_param")
|
||||
}
|
||||
sess, err := backend.TelegramAuth(ctx, user.ExternalID, user.LanguageCode, user.Username, user.FirstName, string(in.BrowserTz()), startParam)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -167,8 +176,15 @@ func authTelegramHandler(backend *backendclient.Client, tg TelegramValidator) Ha
|
||||
}
|
||||
|
||||
func authGuestHandler(backend *backendclient.Client) Handler {
|
||||
return func(ctx context.Context, _ Request) ([]byte, error) {
|
||||
sess, err := backend.GuestAuth(ctx)
|
||||
return func(ctx context.Context, req Request) ([]byte, error) {
|
||||
// The guest bootstrap historically carried no payload; the detected zone is
|
||||
// optional, so an absent or empty one simply yields no time-zone seed (rather
|
||||
// than panicking in GetRootAs* on a zero-length buffer).
|
||||
var browserTz string
|
||||
if len(req.Payload) > 0 {
|
||||
browserTz = string(fb.GetRootAsGuestLoginRequest(req.Payload, 0).BrowserTz())
|
||||
}
|
||||
sess, err := backend.GuestAuth(ctx, browserTz)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -179,7 +195,7 @@ func authGuestHandler(backend *backendclient.Client) Handler {
|
||||
func authEmailRequestHandler(backend *backendclient.Client) Handler {
|
||||
return func(ctx context.Context, req Request) ([]byte, error) {
|
||||
in := fb.GetRootAsEmailRequestRequest(req.Payload, 0)
|
||||
if err := backend.EmailRequest(ctx, string(in.Email())); err != nil {
|
||||
if err := backend.EmailRequest(ctx, string(in.Email()), string(in.BrowserTz())); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return encodeAck(true), nil
|
||||
@@ -499,7 +515,7 @@ func hideGameHandler(backend *backendclient.Client) Handler {
|
||||
func feedbackSubmitHandler(backend *backendclient.Client) Handler {
|
||||
return func(ctx context.Context, req Request) ([]byte, error) {
|
||||
in := fb.GetRootAsFeedbackSubmitRequest(req.Payload, 0)
|
||||
if err := backend.FeedbackSubmit(ctx, req.UserID, string(in.Body()), in.AttachmentBytes(), string(in.AttachmentName()), string(in.Channel()), req.ClientIP); err != nil {
|
||||
if err := backend.FeedbackSubmit(ctx, req.UserID, string(in.Body()), in.AttachmentBytes(), string(in.AttachmentName()), string(in.Channel()), string(in.Version()), string(in.BrowserTz()), req.ClientIP); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return encodeAck(true), nil
|
||||
|
||||
@@ -54,7 +54,7 @@ func TestTelegramAuthForwardsSeedFields(t *testing.T) {
|
||||
t.Fatal("auth.telegram not registered")
|
||||
}
|
||||
|
||||
payload, err := op.Handler(context.Background(), transcode.Request{Payload: telegramLoginPayload("init")})
|
||||
payload, err := op.Handler(context.Background(), transcode.Request{Payload: telegramLoginPayload("start_param=verudit_ru-scrabble_en&query_id=abc")})
|
||||
if err != nil {
|
||||
t.Fatalf("handler: %v", err)
|
||||
}
|
||||
@@ -66,6 +66,11 @@ func TestTelegramAuthForwardsSeedFields(t *testing.T) {
|
||||
if gotBody["external_id"] != "42" || gotBody["language_code"] != "ru" || gotBody["first_name"] != "Иван" {
|
||||
t.Errorf("forwarded body = %+v, want external_id=42 language_code=ru first_name=Иван", gotBody)
|
||||
}
|
||||
// start_param is parsed out of the validated initData and forwarded so the backend can
|
||||
// seed the new account's variant preferences from a promo deep link.
|
||||
if gotBody["start_param"] != "verudit_ru-scrabble_en" {
|
||||
t.Errorf("forwarded start_param = %q, want verudit_ru-scrabble_en", gotBody["start_param"])
|
||||
}
|
||||
}
|
||||
|
||||
func TestTelegramAuthInvalidInitData(t *testing.T) {
|
||||
|
||||
+16
-5
@@ -99,24 +99,33 @@ table MoveRecord {
|
||||
// --- auth (unauthenticated) ---
|
||||
|
||||
// TelegramLoginRequest carries the platform launch data; the gateway validates
|
||||
// its HMAC before forwarding the extracted identity to the backend.
|
||||
// its HMAC before forwarding the extracted identity to the backend. browser_tz is
|
||||
// the client's detected UTC offset ("±HH:MM"), seeded into a brand-new account's
|
||||
// time zone so the robot's sleep window and the turn-timeout away window are
|
||||
// anchored to the player's real zone from first contact (first contact only).
|
||||
table TelegramLoginRequest {
|
||||
init_data:string;
|
||||
browser_tz:string;
|
||||
}
|
||||
|
||||
// GuestLoginRequest bootstraps an ephemeral guest session. locale is an optional
|
||||
// preferred-language hint.
|
||||
// preferred-language hint; browser_tz is the detected UTC offset seeded into the
|
||||
// guest account's time zone (see TelegramLoginRequest.browser_tz).
|
||||
table GuestLoginRequest {
|
||||
locale:string;
|
||||
browser_tz:string;
|
||||
}
|
||||
|
||||
// EmailRequestRequest asks the backend to send a login confirm-code to email.
|
||||
// EmailRequestRequest asks the backend to send a login confirm-code to email. It
|
||||
// also provisions the account on first contact, so browser_tz (the detected UTC
|
||||
// offset) is seeded into its time zone here, not at the later login step.
|
||||
table EmailRequestRequest {
|
||||
email:string;
|
||||
browser_tz:string;
|
||||
}
|
||||
|
||||
// EmailLoginRequest logs in (or provisions) the account owning email, verifying
|
||||
// the confirm-code.
|
||||
// EmailLoginRequest logs in to the account owning email (provisioned at the
|
||||
// request step), verifying the confirm-code.
|
||||
table EmailLoginRequest {
|
||||
email:string;
|
||||
code:string;
|
||||
@@ -383,6 +392,8 @@ table FeedbackSubmitRequest {
|
||||
attachment:[ubyte];
|
||||
attachment_name:string;
|
||||
channel:string;
|
||||
version:string;
|
||||
browser_tz:string;
|
||||
}
|
||||
|
||||
// FeedbackReply is the operator's answer shown back to the player.
|
||||
|
||||
@@ -49,12 +49,23 @@ func (rcv *EmailRequestRequest) Email() []byte {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (rcv *EmailRequestRequest) BrowserTz() []byte {
|
||||
o := flatbuffers.UOffsetT(rcv._tab.Offset(6))
|
||||
if o != 0 {
|
||||
return rcv._tab.ByteVector(o + rcv._tab.Pos)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func EmailRequestRequestStart(builder *flatbuffers.Builder) {
|
||||
builder.StartObject(1)
|
||||
builder.StartObject(2)
|
||||
}
|
||||
func EmailRequestRequestAddEmail(builder *flatbuffers.Builder, email flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(0, flatbuffers.UOffsetT(email), 0)
|
||||
}
|
||||
func EmailRequestRequestAddBrowserTz(builder *flatbuffers.Builder, browserTz flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(1, flatbuffers.UOffsetT(browserTz), 0)
|
||||
}
|
||||
func EmailRequestRequestEnd(builder *flatbuffers.Builder) flatbuffers.UOffsetT {
|
||||
return builder.EndObject()
|
||||
}
|
||||
|
||||
@@ -99,8 +99,24 @@ func (rcv *FeedbackSubmitRequest) Channel() []byte {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (rcv *FeedbackSubmitRequest) Version() []byte {
|
||||
o := flatbuffers.UOffsetT(rcv._tab.Offset(12))
|
||||
if o != 0 {
|
||||
return rcv._tab.ByteVector(o + rcv._tab.Pos)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (rcv *FeedbackSubmitRequest) BrowserTz() []byte {
|
||||
o := flatbuffers.UOffsetT(rcv._tab.Offset(14))
|
||||
if o != 0 {
|
||||
return rcv._tab.ByteVector(o + rcv._tab.Pos)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func FeedbackSubmitRequestStart(builder *flatbuffers.Builder) {
|
||||
builder.StartObject(4)
|
||||
builder.StartObject(6)
|
||||
}
|
||||
func FeedbackSubmitRequestAddBody(builder *flatbuffers.Builder, body flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(0, flatbuffers.UOffsetT(body), 0)
|
||||
@@ -117,6 +133,12 @@ func FeedbackSubmitRequestAddAttachmentName(builder *flatbuffers.Builder, attach
|
||||
func FeedbackSubmitRequestAddChannel(builder *flatbuffers.Builder, channel flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(3, flatbuffers.UOffsetT(channel), 0)
|
||||
}
|
||||
func FeedbackSubmitRequestAddVersion(builder *flatbuffers.Builder, version flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(4, flatbuffers.UOffsetT(version), 0)
|
||||
}
|
||||
func FeedbackSubmitRequestAddBrowserTz(builder *flatbuffers.Builder, browserTz flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(5, flatbuffers.UOffsetT(browserTz), 0)
|
||||
}
|
||||
func FeedbackSubmitRequestEnd(builder *flatbuffers.Builder) flatbuffers.UOffsetT {
|
||||
return builder.EndObject()
|
||||
}
|
||||
|
||||
@@ -49,12 +49,23 @@ func (rcv *GuestLoginRequest) Locale() []byte {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (rcv *GuestLoginRequest) BrowserTz() []byte {
|
||||
o := flatbuffers.UOffsetT(rcv._tab.Offset(6))
|
||||
if o != 0 {
|
||||
return rcv._tab.ByteVector(o + rcv._tab.Pos)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func GuestLoginRequestStart(builder *flatbuffers.Builder) {
|
||||
builder.StartObject(1)
|
||||
builder.StartObject(2)
|
||||
}
|
||||
func GuestLoginRequestAddLocale(builder *flatbuffers.Builder, locale flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(0, flatbuffers.UOffsetT(locale), 0)
|
||||
}
|
||||
func GuestLoginRequestAddBrowserTz(builder *flatbuffers.Builder, browserTz flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(1, flatbuffers.UOffsetT(browserTz), 0)
|
||||
}
|
||||
func GuestLoginRequestEnd(builder *flatbuffers.Builder) flatbuffers.UOffsetT {
|
||||
return builder.EndObject()
|
||||
}
|
||||
|
||||
@@ -49,12 +49,23 @@ func (rcv *TelegramLoginRequest) InitData() []byte {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (rcv *TelegramLoginRequest) BrowserTz() []byte {
|
||||
o := flatbuffers.UOffsetT(rcv._tab.Offset(6))
|
||||
if o != 0 {
|
||||
return rcv._tab.ByteVector(o + rcv._tab.Pos)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func TelegramLoginRequestStart(builder *flatbuffers.Builder) {
|
||||
builder.StartObject(1)
|
||||
builder.StartObject(2)
|
||||
}
|
||||
func TelegramLoginRequestAddInitData(builder *flatbuffers.Builder, initData flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(0, flatbuffers.UOffsetT(initData), 0)
|
||||
}
|
||||
func TelegramLoginRequestAddBrowserTz(builder *flatbuffers.Builder, browserTz flatbuffers.UOffsetT) {
|
||||
builder.PrependUOffsetTSlot(1, flatbuffers.UOffsetT(browserTz), 0)
|
||||
}
|
||||
func TelegramLoginRequestEnd(builder *flatbuffers.Builder) flatbuffers.UOffsetT {
|
||||
return builder.EndObject()
|
||||
}
|
||||
|
||||
@@ -24,6 +24,11 @@ ARG VERSION=dev
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -trimpath -ldflags "-X scrabble/pkg/version.Version=${VERSION}" -o /out/validator ./platform/telegram/cmd/validator
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -trimpath -ldflags "-X scrabble/pkg/version.Version=${VERSION}" -o /out/bot ./platform/telegram/cmd/bot
|
||||
|
||||
# The bot's support relay writes its JSON state under /data. Stage an empty directory
|
||||
# owned by the distroless nonroot UID so a fresh named volume mounted there inherits
|
||||
# writable ownership (Docker copies the image dir's mode/owner into an empty volume).
|
||||
RUN mkdir -p /out/data
|
||||
|
||||
# --- validator (home) --------------------------------------------------------
|
||||
FROM gcr.io/distroless/static-debian12:nonroot AS validator
|
||||
COPY --from=build /out/validator /usr/local/bin/validator
|
||||
@@ -32,4 +37,5 @@ ENTRYPOINT ["/usr/local/bin/validator"]
|
||||
# --- bot (remote) ------------------------------------------------------------
|
||||
FROM gcr.io/distroless/static-debian12:nonroot AS bot
|
||||
COPY --from=build /out/bot /usr/local/bin/bot
|
||||
COPY --from=build --chown=65532:65532 /out/data /data
|
||||
ENTRYPOINT ["/usr/local/bin/bot"]
|
||||
|
||||
@@ -38,10 +38,17 @@ Telegram identity to an account from a browser. Both map a rejection to gRPC
|
||||
operator-chosen for broadcasts) with a Mini App launch button and sends it. It replies
|
||||
with an `Ack` per command (`delivered` mirrors the former connector semantics —
|
||||
false when the kind is not rendered out-of-app or the user never started the bot).
|
||||
- **Bot chat.** `/start <payload>` (and the chat menu button) reply with a Mini App
|
||||
launch button; a deep-link payload routes the launch to a game / invitation / friend
|
||||
code. This is **self-contained** — the bot never calls back into the game, so `/start`
|
||||
onboarding works even when the game is down.
|
||||
- **Bot chat.** `/start <payload>` (and the chat menu button) reply with a localized
|
||||
welcome and a Mini App launch button; a deep-link payload routes the launch to a game /
|
||||
invitation / friend code. The welcome is **Russian or English** by the sender's reported
|
||||
Telegram language (`Message.from.language_code`, which the Bot API carries on the message
|
||||
itself — no separate user-update event — English fallback) and links the game channel and
|
||||
discussion chat by their public `@username`, **resolved once at startup** from
|
||||
`TELEGRAM_GAME_CHANNEL_ID` / `TELEGRAM_CHAT_ID` via `getChat` (a chat that is unset,
|
||||
private, or unreadable degrades that link to a generic noun — "the channel" / "our
|
||||
chat" — rather than a dangling "@"). This is otherwise **self-contained**
|
||||
— the bot never calls back into the game, so `/start` onboarding works even when the game
|
||||
is down.
|
||||
- **Moderated-chat gating.** When `TELEGRAM_CHAT_ID` names a channel's linked discussion
|
||||
group, the bot gates who may write there. The group **allows sending by default** (a
|
||||
human setting) and the bot only **restricts** — Telegram intersects the chat default with
|
||||
@@ -56,13 +63,32 @@ Telegram identity to an account from a browser. Both map a rejection to gRPC
|
||||
`getChatMember`, since bots cannot list members). The bot must be an **administrator** there
|
||||
with the **"Ban users"** right (the Bot API `can_restrict_members`), and it subscribes to
|
||||
`chat_member` updates, which Telegram delivers only to a chat admin.
|
||||
- **Support relay (optional).** When `TELEGRAM_SUPPORT_CHAT_ID` names a private **forum
|
||||
supergroup**, the bot runs a direct support channel for users who message it. A user's first
|
||||
non-`/start` message opens a dedicated **forum topic** whose first message is an info card (the
|
||||
name is a tappable profile mention via a `text_mention` entity — which also stops a name starting
|
||||
with `/` from rendering as a command — plus @username, language, premium, id) with a **Block/Unblock** toggle
|
||||
and a **Clear** button; each message is then copied into that topic (`copyMessage`, so any content
|
||||
— text, media, voice, files — carries over). Any **administrator** of the support chat who writes
|
||||
in a user's topic has it copied back to that user; the bot's own posts and non-admins are ignored
|
||||
(the loop guard). **Block** drops a user's incoming messages (the topic stays); **Clear** deletes
|
||||
the relayed messages, keeping the info card; a topic the operators delete is reopened on the next
|
||||
message. State (user→topic map, block list, relayed ids) is a JSON file under
|
||||
`TELEGRAM_SUPPORT_STATE_DIR` on a persistent volume — the bot host has no database. The bot must
|
||||
be an **administrator** in the group with the **manage-topics** and **delete-messages** rights.
|
||||
The relay is bot-local (no backend, no bot-link) and the user gets no automatic reply.
|
||||
- **Promo bot (optional).** When `TELEGRAM_PROMO_BOT_TOKEN` is set, the container also
|
||||
runs a **second, standalone** bot whose only job is to answer `/start` with a localized
|
||||
message and a button that opens the **main** bot's Mini App. The button is a **URL** to
|
||||
the main bot's direct link (`TELEGRAM_BOT_LINK`, the same link the UI uses) with
|
||||
`?startapp` — a `web_app` button would launch under the promo bot's identity (its token
|
||||
would sign the initData), which the main bot's validator rejects. It is fully
|
||||
self-contained: no bot-link, no gateway, no game.
|
||||
self-contained: no bot-link, no gateway, no game. Its `?startapp` payload
|
||||
(`TELEGRAM_PROMO_START_PARAM`, default `verudit_ru-scrabble_en`) is a variant-seed deep
|
||||
link the backend decodes to seed a brand-new user's variant preferences (English Scrabble
|
||||
alongside the default Erudit). The message body also renders the bot's `@username` as that
|
||||
same deep link (an HTML `text_link`), so tapping the mention — not just the button — opens
|
||||
the seeded Mini App rather than the bot profile.
|
||||
- **Rate limiting.** Outbound sends are throttled (`TELEGRAM_SEND_RATE_PER_SECOND`,
|
||||
default 25) to respect the Bot API flood limits.
|
||||
|
||||
@@ -125,9 +151,12 @@ Bot (`cmd/bot`):
|
||||
| `TELEGRAM_BOTLINK_TLS_CERT` / `_KEY` / `_CA` | — (required) | the bot client cert, its key, and the CA that signs the gateway server cert |
|
||||
| `TELEGRAM_GAME_CHANNEL_ID` | — | the bot's game channel chat id for `SendToGameChannel` |
|
||||
| `TELEGRAM_CHAT_ID` | — | the moderated discussion chat id (a channel's linked group); empty disables chat gating |
|
||||
| `TELEGRAM_SUPPORT_CHAT_ID` | — | the support relay's forum supergroup id (topic per user); empty disables the relay |
|
||||
| `TELEGRAM_SUPPORT_STATE_DIR` | `/data` | directory for the support relay's JSON state (a writable volume) |
|
||||
| `TELEGRAM_PROMO_BOT_TOKEN` | — | the optional standalone promo bot's token; empty disables it |
|
||||
| `TELEGRAM_BOT_USERNAME` | — | the main bot's @username without the @ (promo message); required when the promo bot runs |
|
||||
| `TELEGRAM_BOT_LINK` | — | the main bot's Mini App link for the promo button (the UI's `VITE_TELEGRAM_LINK`); required when the promo bot runs |
|
||||
| `TELEGRAM_PROMO_START_PARAM` | `verudit_ru-scrabble_en` | the promo button's `startapp` payload — a variant-seed deep link the backend decodes to seed a brand-new user's variant preferences; empty forwards the user's own `/start` payload |
|
||||
| `TELEGRAM_OWNS_UPDATES` | `true` | run the exclusive `getUpdates` long-poll (one bot per token) |
|
||||
| `TELEGRAM_SEND_RATE_PER_SECOND` | `25` | outbound Bot API send cap (0 disables) |
|
||||
| `TELEGRAM_INSTANCE_ID` | hostname | bot identity reported to the gateway |
|
||||
|
||||
@@ -10,6 +10,7 @@ import (
|
||||
"context"
|
||||
"log"
|
||||
"os/signal"
|
||||
"path/filepath"
|
||||
"sync"
|
||||
"syscall"
|
||||
"time"
|
||||
@@ -23,6 +24,7 @@ import (
|
||||
"scrabble/platform/telegram/internal/botlink"
|
||||
"scrabble/platform/telegram/internal/config"
|
||||
"scrabble/platform/telegram/internal/promobot"
|
||||
"scrabble/platform/telegram/internal/support"
|
||||
)
|
||||
|
||||
// telemetryShutdownTimeout bounds the OpenTelemetry flush during process exit.
|
||||
@@ -65,6 +67,19 @@ func run(ctx context.Context, cfg config.BotConfig, logger *zap.Logger) error {
|
||||
logger.Warn("telemetry: start runtime metrics", zap.Error(err))
|
||||
}
|
||||
|
||||
// The support relay keeps its per-user state in a JSON file on a writable volume
|
||||
// (the bot host has no database). A corrupt file is logged and the relay starts
|
||||
// empty rather than crash-looping the bot.
|
||||
var supportStore *support.Store
|
||||
if cfg.SupportChatID != 0 {
|
||||
statePath := filepath.Join(cfg.SupportStateDir, "support.json")
|
||||
supportStore, err = support.Open(statePath)
|
||||
if err != nil {
|
||||
logger.Warn("support: state load failed, starting empty", zap.String("path", statePath), zap.Error(err))
|
||||
supportStore = support.New(statePath)
|
||||
}
|
||||
}
|
||||
|
||||
b, err := bot.New(bot.Config{
|
||||
Token: cfg.Token,
|
||||
APIBaseURL: cfg.APIBaseURL,
|
||||
@@ -72,6 +87,9 @@ func run(ctx context.Context, cfg config.BotConfig, logger *zap.Logger) error {
|
||||
MiniAppURL: cfg.MiniAppURL,
|
||||
SendRatePerSecond: cfg.SendRatePerSecond,
|
||||
ChatID: cfg.ChatID,
|
||||
GameChannelID: cfg.GameChannelID,
|
||||
SupportChatID: cfg.SupportChatID,
|
||||
SupportStore: supportStore,
|
||||
}, logger)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -113,6 +131,7 @@ func run(ctx context.Context, cfg config.BotConfig, logger *zap.Logger) error {
|
||||
TestEnv: cfg.TestEnv,
|
||||
BotUsername: cfg.BotUsername,
|
||||
BotLinkURL: cfg.BotLinkURL,
|
||||
StartParam: cfg.PromoStartParam,
|
||||
SendRatePerSecond: cfg.SendRatePerSecond,
|
||||
}, logger)
|
||||
if err != nil {
|
||||
@@ -127,6 +146,7 @@ func run(ctx context.Context, cfg config.BotConfig, logger *zap.Logger) error {
|
||||
zap.Bool("owns_updates", cfg.OwnsUpdates),
|
||||
zap.Bool("test_env", cfg.TestEnv),
|
||||
zap.Bool("chat_gating", cfg.ChatID != 0),
|
||||
zap.Bool("support_relay", cfg.SupportChatID != 0),
|
||||
zap.Bool("promo_bot", promo != nil))
|
||||
|
||||
var wg sync.WaitGroup
|
||||
|
||||
@@ -15,6 +15,8 @@ import (
|
||||
"github.com/go-telegram/bot/models"
|
||||
"go.uber.org/zap"
|
||||
"golang.org/x/time/rate"
|
||||
|
||||
"scrabble/platform/telegram/internal/support"
|
||||
)
|
||||
|
||||
// Config configures the bot wrapper.
|
||||
@@ -33,8 +35,20 @@ type Config struct {
|
||||
SendRatePerSecond int
|
||||
// ChatID is the moderated discussion chat the bot gates write access in; 0
|
||||
// disables chat gating (and the chat_member long-poll subscription). Gating needs
|
||||
// the bot to be an administrator there with the restrict-members right.
|
||||
// the bot to be an administrator there with the restrict-members right. Its public
|
||||
// @username is also resolved at startup for the /start welcome's discussion link.
|
||||
ChatID int64
|
||||
// GameChannelID is the game channel whose public @username the /start welcome links
|
||||
// to (resolved from this id via getChat at startup); 0 omits that follow link.
|
||||
GameChannelID int64
|
||||
// SupportChatID is the private forum supergroup the bot relays direct user messages
|
||||
// into (one topic per user) and reads operator replies from; 0 disables the support
|
||||
// relay. The bot must be an administrator there with the manage-topics and
|
||||
// delete-messages rights.
|
||||
SupportChatID int64
|
||||
// SupportStore persists the support relay's state (topic mapping, block list,
|
||||
// relayed message ids); required when SupportChatID is set, ignored otherwise.
|
||||
SupportStore *support.Store
|
||||
}
|
||||
|
||||
// EligibilityResolver answers whether the Telegram user identified by externalID
|
||||
@@ -54,12 +68,29 @@ type Bot struct {
|
||||
limiter *rate.Limiter
|
||||
// chatID is the moderated discussion chat (0 disables gating).
|
||||
chatID int64
|
||||
// channelID is the game channel (0 omits its welcome follow link).
|
||||
channelID int64
|
||||
// channelUsername and chatUsername are the public @usernames (without the leading
|
||||
// @) of the game channel and the discussion chat, resolved once at startup
|
||||
// (resolveWelcomeHandles) for the /start welcome's follow links; "" when unresolved.
|
||||
channelUsername string
|
||||
chatUsername string
|
||||
// botID is the bot's own Telegram user id (resolved at startup); it skips the
|
||||
// chat_member updates the bot's own restrict actions generate — the grant loop guard.
|
||||
// chat_member updates the bot's own restrict actions generate — the grant loop guard —
|
||||
// and the bot's own relayed copies in the support chat.
|
||||
botID int64
|
||||
// eligibility resolves a joining user's chat write eligibility; nil leaves a
|
||||
// joiner muted (fail-closed) until it is wired.
|
||||
eligibility EligibilityResolver
|
||||
// supportChatID is the support relay's forum supergroup (0 disables the relay).
|
||||
supportChatID int64
|
||||
// support persists the support relay's per-user state; nil when the relay is off.
|
||||
support *support.Store
|
||||
// supportLocks serialises per-user topic creation so a burst of a new user's
|
||||
// messages opens exactly one topic.
|
||||
supportLocks *keyedMutex
|
||||
// admins caches the support chat's administrator ids (who may reply and act).
|
||||
admins *adminCache
|
||||
}
|
||||
|
||||
// New builds the bot wrapper, registering the /start handler and a default handler
|
||||
@@ -69,7 +100,14 @@ func New(cfg Config, log *zap.Logger) (*Bot, error) {
|
||||
if log == nil {
|
||||
log = zap.NewNop()
|
||||
}
|
||||
t := &Bot{miniAppURL: cfg.MiniAppURL, log: log, chatID: cfg.ChatID}
|
||||
t := &Bot{
|
||||
miniAppURL: cfg.MiniAppURL,
|
||||
log: log,
|
||||
chatID: cfg.ChatID,
|
||||
channelID: cfg.GameChannelID,
|
||||
supportChatID: cfg.SupportChatID,
|
||||
support: cfg.SupportStore,
|
||||
}
|
||||
if cfg.SendRatePerSecond > 0 {
|
||||
t.limiter = rate.NewLimiter(rate.Limit(cfg.SendRatePerSecond), cfg.SendRatePerSecond)
|
||||
}
|
||||
@@ -78,15 +116,26 @@ func New(cfg Config, log *zap.Logger) (*Bot, error) {
|
||||
tgbot.WithDefaultHandler(t.handleUpdate),
|
||||
tgbot.WithMessageTextHandler("/start", tgbot.MatchTypePrefix, t.handleStart),
|
||||
}
|
||||
if t.supportEnabled() {
|
||||
t.supportLocks = newKeyedMutex()
|
||||
t.admins = &adminCache{}
|
||||
// The info-card buttons are callback_query updates; route them to the support
|
||||
// callback handler by their "sup:" data prefix.
|
||||
opts = append(opts, tgbot.WithCallbackQueryDataHandler(supportCallbackPrefix, tgbot.MatchTypePrefix, t.handleSupportCallback))
|
||||
}
|
||||
// Allowed updates default to "all except chat_member". Specify an explicit set only
|
||||
// when we need chat_member (moderated chat) — and then re-add callback_query (which
|
||||
// the explicit set would otherwise drop) when the support relay needs it.
|
||||
if cfg.ChatID != 0 {
|
||||
// chat_member updates are off by default; subscribe explicitly (alongside
|
||||
// messages) so the bot sees joins in the moderated chat. The bot must also be an
|
||||
// administrator there for Telegram to deliver them.
|
||||
opts = append(opts, tgbot.WithAllowedUpdates(tgbot.AllowedUpdates{
|
||||
allowed := tgbot.AllowedUpdates{
|
||||
models.AllowedUpdateMessage,
|
||||
models.AllowedUpdateMyChatMember,
|
||||
models.AllowedUpdateChatMember,
|
||||
}))
|
||||
}
|
||||
if t.supportEnabled() {
|
||||
allowed = append(allowed, models.AllowedUpdateCallbackQuery)
|
||||
}
|
||||
opts = append(opts, tgbot.WithAllowedUpdates(allowed))
|
||||
}
|
||||
if cfg.TestEnv {
|
||||
// Route to the Bot API test environment (.../bot<token>/test/METHOD).
|
||||
@@ -123,9 +172,46 @@ func (t *Bot) Run(ctx context.Context) {
|
||||
if t.chatID != 0 {
|
||||
t.logChatAdminStatus(ctx)
|
||||
}
|
||||
if t.supportEnabled() {
|
||||
t.initSupport(ctx)
|
||||
}
|
||||
t.resolveWelcomeHandles(ctx)
|
||||
t.api.Start(ctx)
|
||||
}
|
||||
|
||||
// resolveWelcomeHandles resolves, once at startup, the public @usernames of the game
|
||||
// channel and the discussion chat from their configured ids (getChat), caching them for
|
||||
// the /start welcome's follow links. It runs before the update loop, so the handles are
|
||||
// set before any /start is handled; a chat that is unset, private (no public username)
|
||||
// or unreadable simply leaves its handle empty and the welcome omits that follow link.
|
||||
func (t *Bot) resolveWelcomeHandles(ctx context.Context) {
|
||||
t.channelUsername = t.resolveUsername(ctx, t.channelID, "game channel")
|
||||
t.chatUsername = t.resolveUsername(ctx, t.chatID, "discussion chat")
|
||||
}
|
||||
|
||||
// resolveUsername returns the public @username (without the leading @) of the chat with
|
||||
// the given id, or "" when id is 0, the chat has no public username, or getChat fails —
|
||||
// logging the reason, since a missing handle silently drops a welcome follow link.
|
||||
func (t *Bot) resolveUsername(ctx context.Context, id int64, label string) string {
|
||||
if id == 0 {
|
||||
return ""
|
||||
}
|
||||
chat, err := t.api.GetChat(ctx, &tgbot.GetChatParams{ChatID: id})
|
||||
if err != nil {
|
||||
t.log.Warn("welcome: getChat failed; follow link omitted",
|
||||
zap.String("chat", label), zap.Int64("id", id), zap.Error(err))
|
||||
return ""
|
||||
}
|
||||
if chat.Username == "" {
|
||||
t.log.Warn("welcome: chat has no public @username; follow link omitted",
|
||||
zap.String("chat", label), zap.Int64("id", id))
|
||||
return ""
|
||||
}
|
||||
t.log.Info("welcome: resolved follow link",
|
||||
zap.String("chat", label), zap.String("username", chat.Username))
|
||||
return chat.Username
|
||||
}
|
||||
|
||||
// logChatAdminStatus checks, at startup, whether the bot can actually gate the
|
||||
// moderated chat — it must be an administrator there with the restrict-members
|
||||
// ("Ban users") right, or Telegram delivers no chat_member updates and restricts
|
||||
@@ -198,11 +284,19 @@ func (t *Bot) handleStart(ctx context.Context, api *tgbot.Bot, update *models.Up
|
||||
if update.Message.Chat.Type != models.ChatTypePrivate {
|
||||
return
|
||||
}
|
||||
// The sender's Telegram language rides on the message itself (Message.from.language_code
|
||||
// in the Bot API — there is no separate user-update event); fall back to English when it
|
||||
// is absent.
|
||||
lang := ""
|
||||
if update.Message.From != nil {
|
||||
lang = update.Message.From.LanguageCode
|
||||
}
|
||||
text, button := startText(lang, t.channelUsername, t.chatUsername)
|
||||
startParam := startPayload(update.Message.Text)
|
||||
if _, err := api.SendMessage(ctx, &tgbot.SendMessageParams{
|
||||
ChatID: update.Message.Chat.ID,
|
||||
Text: "Tap to open Scrabble.",
|
||||
ReplyMarkup: t.launchMarkup("Open Scrabble", startParam),
|
||||
Text: text,
|
||||
ReplyMarkup: t.launchMarkup(button, startParam),
|
||||
}); err != nil {
|
||||
t.log.Warn("reply to start failed", zap.Error(err))
|
||||
}
|
||||
@@ -252,6 +346,19 @@ func (t *Bot) handleUpdate(ctx context.Context, api *tgbot.Bot, update *models.U
|
||||
t.handleChatMember(ctx, update.ChatMember)
|
||||
return
|
||||
}
|
||||
// Support relay (when enabled): a non-/start message — /start has its own handler —
|
||||
// is either an operator's reply in the support chat or a user's direct message to
|
||||
// relay. Everything else falls through to the Mini App launch reply.
|
||||
if t.supportEnabled() && update.Message != nil {
|
||||
switch {
|
||||
case update.Message.Chat.ID == t.supportChatID:
|
||||
t.handleSupportGroupMessage(ctx, update.Message)
|
||||
return
|
||||
case update.Message.Chat.Type == models.ChatTypePrivate:
|
||||
t.handleSupportUserMessage(ctx, update.Message)
|
||||
return
|
||||
}
|
||||
}
|
||||
t.handleStart(ctx, api, update)
|
||||
}
|
||||
|
||||
|
||||
@@ -29,6 +29,10 @@ func (f *fakeBotAPI) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
f.text = r.FormValue("text")
|
||||
f.replyMarkup = r.FormValue("reply_markup")
|
||||
io.WriteString(w, `{"ok":true,"result":{"message_id":1}}`)
|
||||
case strings.HasSuffix(r.URL.Path, "/getChat"):
|
||||
// Echo the requested id into the username so a resolver test can tell the
|
||||
// channel lookup from the chat lookup.
|
||||
io.WriteString(w, `{"ok":true,"result":{"id":-100,"type":"channel","username":"u`+r.FormValue("chat_id")+`"}}`)
|
||||
default:
|
||||
io.WriteString(w, `{"ok":true,"result":true}`)
|
||||
}
|
||||
@@ -105,7 +109,7 @@ func TestTestEnvironmentRoutesGetMe(t *testing.T) {
|
||||
}
|
||||
|
||||
func TestHandleStartRepliesPrivateOnly(t *testing.T) {
|
||||
t.Run("private replies", func(t *testing.T) {
|
||||
t.Run("private replies in english by default", func(t *testing.T) {
|
||||
api := &fakeBotAPI{}
|
||||
b := newTestBot(t, api)
|
||||
b.handleStart(context.Background(), b.api, &models.Update{Message: &models.Message{
|
||||
@@ -114,6 +118,35 @@ func TestHandleStartRepliesPrivateOnly(t *testing.T) {
|
||||
if api.chatID != "42" || !strings.Contains(api.replyMarkup, "web_app") {
|
||||
t.Errorf("private /start: chat=%q markup=%q, want a web_app reply", api.chatID, api.replyMarkup)
|
||||
}
|
||||
// No reported language -> English welcome + English button.
|
||||
if !strings.Contains(api.text, "Hi!") {
|
||||
t.Errorf("text = %q, want the English welcome", api.text)
|
||||
}
|
||||
if !strings.Contains(api.replyMarkup, "Open") {
|
||||
t.Errorf("reply_markup = %q, want the English button", api.replyMarkup)
|
||||
}
|
||||
})
|
||||
t.Run("uses the sender's reported language", func(t *testing.T) {
|
||||
api := &fakeBotAPI{}
|
||||
b := newTestBot(t, api)
|
||||
b.handleStart(context.Background(), b.api, &models.Update{Message: &models.Message{
|
||||
Chat: models.Chat{ID: 42, Type: models.ChatTypePrivate}, Text: "/start",
|
||||
From: &models.User{ID: 7, LanguageCode: "ru"},
|
||||
}})
|
||||
if !strings.Contains(api.text, "Привет!") {
|
||||
t.Errorf("text = %q, want the Russian welcome for a ru sender", api.text)
|
||||
}
|
||||
})
|
||||
t.Run("embeds resolved follow handles", func(t *testing.T) {
|
||||
api := &fakeBotAPI{}
|
||||
b := newTestBot(t, api)
|
||||
b.channelUsername, b.chatUsername = "erudit", "erudite_chat"
|
||||
b.handleStart(context.Background(), b.api, &models.Update{Message: &models.Message{
|
||||
Chat: models.Chat{ID: 42, Type: models.ChatTypePrivate}, Text: "/start",
|
||||
}})
|
||||
if !strings.Contains(api.text, "@erudit") || !strings.Contains(api.text, "@erudite_chat") {
|
||||
t.Errorf("text = %q, want the follow handles", api.text)
|
||||
}
|
||||
})
|
||||
t.Run("group ignored", func(t *testing.T) {
|
||||
api := &fakeBotAPI{}
|
||||
@@ -127,6 +160,26 @@ func TestHandleStartRepliesPrivateOnly(t *testing.T) {
|
||||
})
|
||||
}
|
||||
|
||||
func TestResolveWelcomeHandles(t *testing.T) {
|
||||
api := &fakeBotAPI{}
|
||||
b := newTestBot(t, api)
|
||||
b.channelID, b.chatID = 111, 222
|
||||
b.resolveWelcomeHandles(context.Background())
|
||||
// The fake echoes the requested id into the username, so each lookup is independent.
|
||||
if b.channelUsername != "u111" {
|
||||
t.Errorf("channelUsername = %q, want u111", b.channelUsername)
|
||||
}
|
||||
if b.chatUsername != "u222" {
|
||||
t.Errorf("chatUsername = %q, want u222", b.chatUsername)
|
||||
}
|
||||
// An unset id resolves to no handle (and makes no getChat call).
|
||||
b.channelID = 0
|
||||
b.resolveWelcomeHandles(context.Background())
|
||||
if b.channelUsername != "" {
|
||||
t.Errorf("channelUsername = %q, want empty for id 0", b.channelUsername)
|
||||
}
|
||||
}
|
||||
|
||||
func TestStartPayload(t *testing.T) {
|
||||
cases := map[string]string{
|
||||
"/start g123": "g123",
|
||||
|
||||
@@ -0,0 +1,484 @@
|
||||
package bot
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strconv"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
"unicode/utf16"
|
||||
|
||||
tgbot "github.com/go-telegram/bot"
|
||||
"github.com/go-telegram/bot/models"
|
||||
"go.uber.org/zap"
|
||||
|
||||
"scrabble/platform/telegram/internal/support"
|
||||
)
|
||||
|
||||
// Support relay: the bot forwards a user's direct messages into a per-user forum
|
||||
// topic in the operators' private support chat, and relays operator replies in that
|
||||
// topic back to the user. The info card opening each topic carries a Block/Unblock
|
||||
// toggle and a Clear button. State (topic mapping, block list, relayed message ids)
|
||||
// lives in a small JSON file via internal/support.
|
||||
const (
|
||||
// supportCallbackPrefix namespaces the info-card button callbacks
|
||||
// ("sup:<action>:<userID>").
|
||||
supportCallbackPrefix = "sup:"
|
||||
supportActionBlock = "block"
|
||||
supportActionUnblock = "unblock"
|
||||
supportActionClear = "clear"
|
||||
// supportAdminTTL is how long the support chat's administrator set is cached.
|
||||
supportAdminTTL = time.Minute
|
||||
// supportTopicNameMax bounds the forum topic name (the Telegram limit is 128).
|
||||
supportTopicNameMax = 128
|
||||
// supportDeleteBatch is the maximum message ids per deleteMessages call (the
|
||||
// Telegram limit is 100).
|
||||
supportDeleteBatch = 100
|
||||
)
|
||||
|
||||
// supportEnabled reports whether the support relay is configured.
|
||||
func (t *Bot) supportEnabled() bool {
|
||||
return t.supportChatID != 0 && t.support != nil
|
||||
}
|
||||
|
||||
// initSupport prepares the support relay at startup: it resolves the bot's own user
|
||||
// id (getMe) for the loop guard, unless the chat-gating self-check already did, and
|
||||
// logs readiness. The loop guard also tests From.IsBot, so an unresolved id is not
|
||||
// fatal.
|
||||
func (t *Bot) initSupport(ctx context.Context) {
|
||||
if t.botID == 0 {
|
||||
if me, err := t.api.GetMe(ctx); err != nil {
|
||||
t.log.Warn("support: getMe failed; relying on is_bot for the loop guard", zap.Error(err))
|
||||
} else {
|
||||
t.botID = me.ID
|
||||
}
|
||||
}
|
||||
t.log.Info("support relay ready", zap.Int64("support_chat_id", t.supportChatID))
|
||||
}
|
||||
|
||||
// keyedMutex serialises work per int64 key (here, per user id) so two concurrent
|
||||
// updates from the same user — the go-telegram/bot library runs handlers in
|
||||
// goroutines — cannot both open a forum topic.
|
||||
type keyedMutex struct {
|
||||
mu sync.Mutex
|
||||
m map[int64]*sync.Mutex
|
||||
}
|
||||
|
||||
func newKeyedMutex() *keyedMutex { return &keyedMutex{m: map[int64]*sync.Mutex{}} }
|
||||
|
||||
// lock acquires the per-key mutex and returns its unlock function.
|
||||
func (k *keyedMutex) lock(key int64) func() {
|
||||
k.mu.Lock()
|
||||
mu, ok := k.m[key]
|
||||
if !ok {
|
||||
mu = &sync.Mutex{}
|
||||
k.m[key] = mu
|
||||
}
|
||||
k.mu.Unlock()
|
||||
mu.Lock()
|
||||
return mu.Unlock
|
||||
}
|
||||
|
||||
// adminCache caches the support chat's administrator ids for a short TTL, so the bot
|
||||
// does not call getChatAdministrators on every operator action.
|
||||
type adminCache struct {
|
||||
mu sync.Mutex
|
||||
ids map[int64]bool
|
||||
fetchedAt time.Time
|
||||
}
|
||||
|
||||
// isSupportAdmin reports whether userID administers the support chat, refreshing the
|
||||
// cache when stale. On a refresh failure it falls back to the last known set
|
||||
// (fail-closed when nothing is cached yet).
|
||||
func (t *Bot) isSupportAdmin(ctx context.Context, userID int64) bool {
|
||||
t.admins.mu.Lock()
|
||||
if t.admins.ids != nil && time.Since(t.admins.fetchedAt) < supportAdminTTL {
|
||||
ok := t.admins.ids[userID]
|
||||
t.admins.mu.Unlock()
|
||||
return ok
|
||||
}
|
||||
t.admins.mu.Unlock()
|
||||
|
||||
members, err := t.api.GetChatAdministrators(ctx, &tgbot.GetChatAdministratorsParams{ChatID: t.supportChatID})
|
||||
if err != nil {
|
||||
t.log.Warn("support: getChatAdministrators failed; using cached admin set", zap.Error(err))
|
||||
t.admins.mu.Lock()
|
||||
defer t.admins.mu.Unlock()
|
||||
return t.admins.ids[userID] // a nil map yields false (fail-closed)
|
||||
}
|
||||
ids := make(map[int64]bool, len(members))
|
||||
for _, m := range members {
|
||||
if u := chatMemberUser(m); u != nil {
|
||||
ids[u.ID] = true
|
||||
}
|
||||
}
|
||||
t.admins.mu.Lock()
|
||||
t.admins.ids = ids
|
||||
t.admins.fetchedAt = time.Now()
|
||||
t.admins.mu.Unlock()
|
||||
return ids[userID]
|
||||
}
|
||||
|
||||
// handleSupportUserMessage relays a user's direct message into their forum topic in
|
||||
// the support chat, opening the topic (and its info card) on first contact. A blocked
|
||||
// user's message is dropped silently, and the user receives no reply — operators
|
||||
// answer from the topic.
|
||||
func (t *Bot) handleSupportUserMessage(ctx context.Context, m *models.Message) {
|
||||
if m.From == nil || m.From.IsBot {
|
||||
return
|
||||
}
|
||||
uid := m.From.ID
|
||||
unlock := t.supportLocks.lock(uid)
|
||||
defer unlock()
|
||||
|
||||
rec, _ := t.support.Get(uid)
|
||||
if rec.Blocked {
|
||||
return
|
||||
}
|
||||
topicID, err := t.ensureTopic(ctx, m.From, rec)
|
||||
if err != nil {
|
||||
t.log.Warn("support: ensure topic failed", zap.Int64("user_id", uid), zap.Error(err))
|
||||
return
|
||||
}
|
||||
|
||||
newID, err := t.copyToTopic(ctx, m.Chat.ID, m.ID, topicID)
|
||||
if err != nil && isTopicMissingErr(err) {
|
||||
// Backstop: the topic vanished between the liveness probe and the copy.
|
||||
t.log.Info("support: topic gone on copy, reopening", zap.Int64("user_id", uid), zap.Int("topic_id", topicID))
|
||||
if topicID, err = t.openSupportTopic(ctx, m.From); err == nil {
|
||||
newID, err = t.copyToTopic(ctx, m.Chat.ID, m.ID, topicID)
|
||||
}
|
||||
}
|
||||
if err != nil {
|
||||
t.log.Warn("support: relay to topic failed", zap.Int64("user_id", uid), zap.Error(err))
|
||||
return
|
||||
}
|
||||
if err := t.support.AppendMsg(uid, newID); err != nil {
|
||||
t.log.Warn("support: persist relayed id failed", zap.Int64("user_id", uid), zap.Error(err))
|
||||
}
|
||||
}
|
||||
|
||||
// handleSupportGroupMessage relays an operator's reply in a user's topic back to that
|
||||
// user. It ignores the bot's own posts (the loop guard), messages outside a topic,
|
||||
// unknown topics, and non-administrators. The operator's message is tracked too, so a
|
||||
// later clear removes it.
|
||||
func (t *Bot) handleSupportGroupMessage(ctx context.Context, m *models.Message) {
|
||||
if m.From == nil || m.From.IsBot {
|
||||
return // the bot's own relayed copies (and other bots) — never loop them back
|
||||
}
|
||||
if t.botID != 0 && m.From.ID == t.botID {
|
||||
return
|
||||
}
|
||||
if m.MessageThreadID == 0 {
|
||||
return // the chat's general area, not a user's topic
|
||||
}
|
||||
uid, ok := t.support.ByTopic(m.MessageThreadID)
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
if !t.isSupportAdmin(ctx, m.From.ID) {
|
||||
return // only operators reach the user
|
||||
}
|
||||
if err := t.support.AppendMsg(uid, m.ID); err != nil {
|
||||
t.log.Warn("support: persist operator msg id failed", zap.Int64("user_id", uid), zap.Error(err))
|
||||
}
|
||||
if _, err := t.copyToUser(ctx, m.ID, uid); err != nil {
|
||||
t.log.Warn("support: relay reply to user failed", zap.Int64("user_id", uid), zap.Error(err))
|
||||
}
|
||||
}
|
||||
|
||||
// handleSupportCallback handles the info-card buttons (block/unblock/clear). Only
|
||||
// support-chat administrators may act; others get a denial. It always answers the
|
||||
// callback query so the client's spinner clears.
|
||||
func (t *Bot) handleSupportCallback(ctx context.Context, _ *tgbot.Bot, update *models.Update) {
|
||||
cq := update.CallbackQuery
|
||||
if cq == nil {
|
||||
return
|
||||
}
|
||||
action, uid, ok := parseSupportCallback(cq.Data)
|
||||
if !ok {
|
||||
t.answerSupportCallback(ctx, cq.ID, "")
|
||||
return
|
||||
}
|
||||
if !t.isSupportAdmin(ctx, cq.From.ID) {
|
||||
t.answerSupportCallback(ctx, cq.ID, "Недостаточно прав")
|
||||
return
|
||||
}
|
||||
switch action {
|
||||
case supportActionBlock:
|
||||
t.setSupportBlocked(ctx, cq, uid, true)
|
||||
case supportActionUnblock:
|
||||
t.setSupportBlocked(ctx, cq, uid, false)
|
||||
case supportActionClear:
|
||||
t.clearSupportTopic(ctx, cq, uid)
|
||||
default:
|
||||
t.answerSupportCallback(ctx, cq.ID, "")
|
||||
}
|
||||
}
|
||||
|
||||
// setSupportBlocked sets the user's block state, flips the info-card toggle to match,
|
||||
// and answers the callback. Blocking does not delete the topic — it stays.
|
||||
func (t *Bot) setSupportBlocked(ctx context.Context, cq *models.CallbackQuery, uid int64, blocked bool) {
|
||||
if err := t.support.SetBlocked(uid, blocked); err != nil {
|
||||
t.log.Warn("support: set blocked failed", zap.Int64("user_id", uid), zap.Error(err))
|
||||
t.answerSupportCallback(ctx, cq.ID, "Ошибка")
|
||||
return
|
||||
}
|
||||
if rec, ok := t.support.Get(uid); ok && rec.HeaderMsgID != 0 {
|
||||
if _, err := t.api.EditMessageReplyMarkup(ctx, &tgbot.EditMessageReplyMarkupParams{
|
||||
ChatID: t.supportChatID,
|
||||
MessageID: rec.HeaderMsgID,
|
||||
ReplyMarkup: supportCardMarkup(uid, blocked),
|
||||
}); err != nil {
|
||||
t.log.Debug("support: update card markup failed", zap.Error(err))
|
||||
}
|
||||
}
|
||||
msg := "Разблокирован"
|
||||
if blocked {
|
||||
msg = "Заблокирован"
|
||||
}
|
||||
t.answerSupportCallback(ctx, cq.ID, msg)
|
||||
}
|
||||
|
||||
// clearSupportTopic deletes the messages relayed into the user's topic (keeping the
|
||||
// info card) and answers the callback.
|
||||
func (t *Bot) clearSupportTopic(ctx context.Context, cq *models.CallbackQuery, uid int64) {
|
||||
ids, err := t.support.ClearMsgs(uid)
|
||||
if err != nil {
|
||||
t.log.Warn("support: clear failed", zap.Int64("user_id", uid), zap.Error(err))
|
||||
t.answerSupportCallback(ctx, cq.ID, "Ошибка")
|
||||
return
|
||||
}
|
||||
t.deleteSupportMessages(ctx, ids)
|
||||
t.answerSupportCallback(ctx, cq.ID, "Очищено")
|
||||
}
|
||||
|
||||
// ensureTopic returns a live forum-topic id for the user, opening a fresh topic (and
|
||||
// info card) when none exists or the previous one was deleted. Telegram silently
|
||||
// routes a copy aimed at a deleted topic into the chat's General topic (no error), so
|
||||
// the bot cannot rely on copyMessage failing; instead it probes the info card —
|
||||
// re-applying the card's reply markup is a no-op that errors only when the card (hence
|
||||
// the topic) is gone — and reopens on that signal. The probe also keeps the card's
|
||||
// block button in sync with the stored state.
|
||||
func (t *Bot) ensureTopic(ctx context.Context, u *models.User, rec support.User) (int, error) {
|
||||
if rec.TopicID == 0 || rec.HeaderMsgID == 0 {
|
||||
return t.openSupportTopic(ctx, u)
|
||||
}
|
||||
_, err := t.api.EditMessageReplyMarkup(ctx, &tgbot.EditMessageReplyMarkupParams{
|
||||
ChatID: t.supportChatID,
|
||||
MessageID: rec.HeaderMsgID,
|
||||
ReplyMarkup: supportCardMarkup(u.ID, rec.Blocked),
|
||||
})
|
||||
if isCardMissingErr(err) {
|
||||
t.log.Info("support: topic gone, reopening", zap.Int64("user_id", u.ID), zap.Int("topic_id", rec.TopicID))
|
||||
return t.openSupportTopic(ctx, u)
|
||||
}
|
||||
// Any other outcome (success, or a benign "message is not modified") means the
|
||||
// topic is alive; reuse it.
|
||||
return rec.TopicID, nil
|
||||
}
|
||||
|
||||
// openSupportTopic creates a forum topic for the user and posts its info card with
|
||||
// the block/clear buttons, persisting both. It returns the new topic id. A failure to
|
||||
// persist is logged but not fatal: the in-memory mapping still lets the relay proceed.
|
||||
func (t *Bot) openSupportTopic(ctx context.Context, u *models.User) (int, error) {
|
||||
topic, err := t.api.CreateForumTopic(ctx, &tgbot.CreateForumTopicParams{
|
||||
ChatID: t.supportChatID,
|
||||
Name: supportTopicName(u),
|
||||
})
|
||||
if err != nil {
|
||||
return 0, fmt.Errorf("create forum topic: %w", err)
|
||||
}
|
||||
headerID := 0
|
||||
cardText, cardEntities := supportCard(u)
|
||||
header, err := t.api.SendMessage(ctx, &tgbot.SendMessageParams{
|
||||
ChatID: t.supportChatID,
|
||||
MessageThreadID: topic.MessageThreadID,
|
||||
Text: cardText,
|
||||
Entities: cardEntities,
|
||||
ReplyMarkup: supportCardMarkup(u.ID, false),
|
||||
})
|
||||
if err != nil {
|
||||
t.log.Warn("support: post info card failed (topic opened without it)", zap.Error(err))
|
||||
} else {
|
||||
headerID = header.ID
|
||||
}
|
||||
if err := t.support.SetTopic(u.ID, topic.MessageThreadID, headerID, u.FirstName, u.LastName, u.Username); err != nil {
|
||||
t.log.Warn("support: persist topic state failed (kept in memory)", zap.Int64("user_id", u.ID), zap.Error(err))
|
||||
}
|
||||
return topic.MessageThreadID, nil
|
||||
}
|
||||
|
||||
// copyToTopic copies a message into the user's forum topic and returns the new
|
||||
// message id.
|
||||
func (t *Bot) copyToTopic(ctx context.Context, fromChatID int64, messageID, topicID int) (int, error) {
|
||||
if err := t.throttle(ctx); err != nil {
|
||||
return 0, err
|
||||
}
|
||||
res, err := t.api.CopyMessage(ctx, &tgbot.CopyMessageParams{
|
||||
ChatID: t.supportChatID,
|
||||
MessageThreadID: topicID,
|
||||
FromChatID: fromChatID,
|
||||
MessageID: messageID,
|
||||
})
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return res.ID, nil
|
||||
}
|
||||
|
||||
// copyToUser copies a support-chat message to the user's private chat and returns the
|
||||
// new message id.
|
||||
func (t *Bot) copyToUser(ctx context.Context, messageID int, userID int64) (int, error) {
|
||||
if err := t.throttle(ctx); err != nil {
|
||||
return 0, err
|
||||
}
|
||||
res, err := t.api.CopyMessage(ctx, &tgbot.CopyMessageParams{
|
||||
ChatID: userID,
|
||||
FromChatID: t.supportChatID,
|
||||
MessageID: messageID,
|
||||
})
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return res.ID, nil
|
||||
}
|
||||
|
||||
// deleteSupportMessages best-effort deletes the given support-chat messages in
|
||||
// batches; individual failures (for example a message already removed) are ignored.
|
||||
func (t *Bot) deleteSupportMessages(ctx context.Context, ids []int) {
|
||||
for start := 0; start < len(ids); start += supportDeleteBatch {
|
||||
end := min(start+supportDeleteBatch, len(ids))
|
||||
if _, err := t.api.DeleteMessages(ctx, &tgbot.DeleteMessagesParams{
|
||||
ChatID: t.supportChatID,
|
||||
MessageIDs: ids[start:end],
|
||||
}); err != nil {
|
||||
t.log.Debug("support: delete batch failed", zap.Error(err))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// answerSupportCallback answers a callback query, logging a failure at debug (the
|
||||
// only effect of a miss is a lingering client spinner).
|
||||
func (t *Bot) answerSupportCallback(ctx context.Context, id, text string) {
|
||||
if _, err := t.api.AnswerCallbackQuery(ctx, &tgbot.AnswerCallbackQueryParams{
|
||||
CallbackQueryID: id,
|
||||
Text: text,
|
||||
}); err != nil {
|
||||
t.log.Debug("support: answer callback failed", zap.Error(err))
|
||||
}
|
||||
}
|
||||
|
||||
// parseSupportCallback parses "sup:<action>:<userID>" callback data.
|
||||
func parseSupportCallback(data string) (action string, userID int64, ok bool) {
|
||||
rest, found := strings.CutPrefix(data, supportCallbackPrefix)
|
||||
if !found {
|
||||
return "", 0, false
|
||||
}
|
||||
action, idStr, found := strings.Cut(rest, ":")
|
||||
if !found {
|
||||
return "", 0, false
|
||||
}
|
||||
userID, err := strconv.ParseInt(idStr, 10, 64)
|
||||
if err != nil {
|
||||
return "", 0, false
|
||||
}
|
||||
return action, userID, true
|
||||
}
|
||||
|
||||
// supportCardMarkup builds the info-card buttons: a Block/Unblock toggle reflecting
|
||||
// the current state, and a Clear button.
|
||||
func supportCardMarkup(userID int64, blocked bool) *models.InlineKeyboardMarkup {
|
||||
toggleText, toggleAction := "Заблокировать", supportActionBlock
|
||||
if blocked {
|
||||
toggleText, toggleAction = "Разблокировать", supportActionUnblock
|
||||
}
|
||||
return &models.InlineKeyboardMarkup{
|
||||
InlineKeyboard: [][]models.InlineKeyboardButton{{
|
||||
{Text: toggleText, CallbackData: fmt.Sprintf("%s%s:%d", supportCallbackPrefix, toggleAction, userID)},
|
||||
{Text: "Очистить", CallbackData: fmt.Sprintf("%s%s:%d", supportCallbackPrefix, supportActionClear, userID)},
|
||||
}},
|
||||
}
|
||||
}
|
||||
|
||||
// supportTopicName builds the forum topic title for a user: full name and @username,
|
||||
// trimmed to the Telegram length limit.
|
||||
func supportTopicName(u *models.User) string {
|
||||
name := strings.TrimSpace(u.FirstName + " " + u.LastName)
|
||||
if name == "" {
|
||||
name = "user " + strconv.FormatInt(u.ID, 10)
|
||||
}
|
||||
if u.Username != "" {
|
||||
name += " @" + u.Username
|
||||
}
|
||||
if r := []rune(name); len(r) > supportTopicNameMax {
|
||||
return string(r[:supportTopicNameMax])
|
||||
}
|
||||
return name
|
||||
}
|
||||
|
||||
// supportCard renders the topic info card describing the user and the message
|
||||
// entities for it. The display name is covered by a text_mention entity: it links to
|
||||
// the user's profile (the reliable way to mention a user who has no public username —
|
||||
// the bot has seen them, since they messaged it) and, because the name sits inside an
|
||||
// entity, Telegram does not auto-detect a leading "/" as a bot command or a stray
|
||||
// "@handle" inside the name as a mention. The remaining lines are plain text; a public
|
||||
// @username, when present, is left for Telegram to auto-link. Entity offsets are in
|
||||
// UTF-16 code units, as the Bot API requires; the name is at offset 0.
|
||||
func supportCard(u *models.User) (string, []models.MessageEntity) {
|
||||
name := strings.TrimSpace(u.FirstName + " " + u.LastName)
|
||||
if name == "" {
|
||||
name = "user " + strconv.FormatInt(u.ID, 10)
|
||||
}
|
||||
username := "—"
|
||||
if u.Username != "" {
|
||||
username = "@" + u.Username
|
||||
}
|
||||
lang := u.LanguageCode
|
||||
if lang == "" {
|
||||
lang = "—"
|
||||
}
|
||||
premium := "нет"
|
||||
if u.IsPremium {
|
||||
premium = "да"
|
||||
}
|
||||
var b strings.Builder
|
||||
b.WriteString(name)
|
||||
fmt.Fprintf(&b, "\nUsername: %s", username)
|
||||
fmt.Fprintf(&b, "\nID: %d", u.ID)
|
||||
fmt.Fprintf(&b, "\nЯзык: %s · Premium: %s", lang, premium)
|
||||
entities := []models.MessageEntity{{
|
||||
Type: models.MessageEntityTypeTextMention,
|
||||
Offset: 0,
|
||||
Length: len(utf16.Encode([]rune(name))),
|
||||
User: &models.User{ID: u.ID},
|
||||
}}
|
||||
return b.String(), entities
|
||||
}
|
||||
|
||||
// isCardMissingErr reports whether err means the info-card message no longer exists
|
||||
// (the operators deleted the topic), as opposed to a benign "message is not modified"
|
||||
// no-op when the card is still there.
|
||||
func isCardMissingErr(err error) bool {
|
||||
if err == nil {
|
||||
return false
|
||||
}
|
||||
s := strings.ToLower(err.Error())
|
||||
return strings.Contains(s, "message to edit not found") ||
|
||||
strings.Contains(s, "message can't be edited") ||
|
||||
strings.Contains(s, "message_id_invalid")
|
||||
}
|
||||
|
||||
// isTopicMissingErr reports whether err is Telegram's deleted/absent forum-topic
|
||||
// error, signalling the topic must be reopened.
|
||||
func isTopicMissingErr(err error) bool {
|
||||
if err == nil {
|
||||
return false
|
||||
}
|
||||
s := strings.ToLower(err.Error())
|
||||
return strings.Contains(s, "thread not found") ||
|
||||
strings.Contains(s, "thread_not_found") ||
|
||||
strings.Contains(s, "topic deleted") ||
|
||||
strings.Contains(s, "topic_deleted")
|
||||
}
|
||||
@@ -0,0 +1,473 @@
|
||||
package bot
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"sync"
|
||||
"testing"
|
||||
|
||||
"github.com/go-telegram/bot/models"
|
||||
"go.uber.org/zap"
|
||||
|
||||
"scrabble/platform/telegram/internal/support"
|
||||
)
|
||||
|
||||
const supportChatID = -1001000000000
|
||||
|
||||
// copyRec records one copyMessage call.
|
||||
type copyRec struct {
|
||||
chatID, fromChatID, threadID, messageID string
|
||||
}
|
||||
|
||||
// supportAPI is a fake Bot API for the support-relay handlers: it answers the
|
||||
// methods they call with incrementing ids and records the requests for assertions.
|
||||
type supportAPI struct {
|
||||
mu sync.Mutex
|
||||
adminIDs []int64
|
||||
nextThread int
|
||||
nextMsg int
|
||||
topicsOpened int
|
||||
copies []copyRec
|
||||
headerThread string // message_thread_id of the last header sendMessage
|
||||
deleted [][]int
|
||||
editedMsgIDs []string
|
||||
answers []string
|
||||
// editErr, when set, makes editMessageReplyMarkup return that Telegram error
|
||||
// description (simulating a deleted info card / topic).
|
||||
editErr string
|
||||
}
|
||||
|
||||
func newSupportAPI(adminIDs ...int64) *supportAPI {
|
||||
return &supportAPI{adminIDs: adminIDs, nextThread: 1000, nextMsg: 5000}
|
||||
}
|
||||
|
||||
func (s *supportAPI) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
path := r.URL.Path
|
||||
switch {
|
||||
case strings.HasSuffix(path, "/getMe"):
|
||||
io.WriteString(w, `{"ok":true,"result":{"id":1,"is_bot":true,"first_name":"bot","username":"b"}}`)
|
||||
case strings.HasSuffix(path, "/createForumTopic"):
|
||||
s.topicsOpened++
|
||||
tid := s.nextThread
|
||||
s.nextThread++
|
||||
fmt.Fprintf(w, `{"ok":true,"result":{"message_thread_id":%d,"name":%q}}`, tid, r.FormValue("name"))
|
||||
case strings.HasSuffix(path, "/sendMessage"):
|
||||
s.headerThread = r.FormValue("message_thread_id")
|
||||
mid := s.nextMsg
|
||||
s.nextMsg++
|
||||
fmt.Fprintf(w, `{"ok":true,"result":{"message_id":%d}}`, mid)
|
||||
case strings.HasSuffix(path, "/copyMessage"):
|
||||
s.copies = append(s.copies, copyRec{
|
||||
chatID: r.FormValue("chat_id"),
|
||||
fromChatID: r.FormValue("from_chat_id"),
|
||||
threadID: r.FormValue("message_thread_id"),
|
||||
messageID: r.FormValue("message_id"),
|
||||
})
|
||||
mid := s.nextMsg
|
||||
s.nextMsg++
|
||||
fmt.Fprintf(w, `{"ok":true,"result":{"message_id":%d}}`, mid)
|
||||
case strings.HasSuffix(path, "/deleteMessages"):
|
||||
var ids []int
|
||||
_ = json.Unmarshal([]byte(r.FormValue("message_ids")), &ids)
|
||||
s.deleted = append(s.deleted, ids)
|
||||
io.WriteString(w, `{"ok":true,"result":true}`)
|
||||
case strings.HasSuffix(path, "/editMessageReplyMarkup"):
|
||||
if s.editErr != "" {
|
||||
fmt.Fprintf(w, `{"ok":false,"error_code":400,"description":%q}`, s.editErr)
|
||||
return
|
||||
}
|
||||
s.editedMsgIDs = append(s.editedMsgIDs, r.FormValue("message_id"))
|
||||
io.WriteString(w, `{"ok":true,"result":{"message_id":1}}`)
|
||||
case strings.HasSuffix(path, "/answerCallbackQuery"):
|
||||
s.answers = append(s.answers, r.FormValue("text"))
|
||||
io.WriteString(w, `{"ok":true,"result":true}`)
|
||||
case strings.HasSuffix(path, "/getChatAdministrators"):
|
||||
var b strings.Builder
|
||||
b.WriteString(`{"ok":true,"result":[`)
|
||||
for i, id := range s.adminIDs {
|
||||
if i > 0 {
|
||||
b.WriteString(",")
|
||||
}
|
||||
fmt.Fprintf(&b, `{"status":"administrator","user":{"id":%d,"is_bot":false}}`, id)
|
||||
}
|
||||
b.WriteString(`]}`)
|
||||
io.WriteString(w, b.String())
|
||||
default:
|
||||
io.WriteString(w, `{"ok":true,"result":true}`)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *supportAPI) copyCount() int {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
return len(s.copies)
|
||||
}
|
||||
|
||||
// newSupportBot builds a support-enabled bot against the fake API and returns it with
|
||||
// its backing store.
|
||||
func newSupportBot(t *testing.T, api http.Handler) (*Bot, *support.Store) {
|
||||
t.Helper()
|
||||
srv := httptest.NewServer(api)
|
||||
t.Cleanup(srv.Close)
|
||||
st := support.New(filepath.Join(t.TempDir(), "support.json"))
|
||||
b, err := New(Config{
|
||||
Token: "123:ABC",
|
||||
APIBaseURL: srv.URL,
|
||||
MiniAppURL: "https://example.com/telegram/",
|
||||
SupportChatID: supportChatID,
|
||||
SupportStore: st,
|
||||
}, zap.NewNop())
|
||||
if err != nil {
|
||||
t.Fatalf("new support bot: %v", err)
|
||||
}
|
||||
return b, st
|
||||
}
|
||||
|
||||
// userMsg builds a private direct message from the given user.
|
||||
func userMsg(userID int64, text string) *models.Message {
|
||||
return &models.Message{
|
||||
ID: int(userID)*10 + 1,
|
||||
Chat: models.Chat{ID: userID, Type: models.ChatTypePrivate},
|
||||
From: &models.User{ID: userID, FirstName: "Ann", Username: "annlee", LanguageCode: "ru"},
|
||||
Text: text,
|
||||
}
|
||||
}
|
||||
|
||||
func TestSupportFirstContactOpensTopicAndRelays(t *testing.T) {
|
||||
api := newSupportAPI()
|
||||
b, st := newSupportBot(t, api)
|
||||
|
||||
b.handleSupportUserMessage(context.Background(), userMsg(7, "hello"))
|
||||
|
||||
if api.topicsOpened != 1 {
|
||||
t.Fatalf("topics opened = %d, want 1", api.topicsOpened)
|
||||
}
|
||||
rec, ok := st.Get(7)
|
||||
if !ok || rec.TopicID != 1000 || rec.HeaderMsgID != 5000 {
|
||||
t.Fatalf("store = %+v ok=%v, want topic 1000 / header 5000", rec, ok)
|
||||
}
|
||||
if api.headerThread != "1000" {
|
||||
t.Errorf("header posted to thread %q, want 1000", api.headerThread)
|
||||
}
|
||||
if len(api.copies) != 1 {
|
||||
t.Fatalf("copies = %d, want 1", len(api.copies))
|
||||
}
|
||||
c := api.copies[0]
|
||||
if c.threadID != "1000" || c.fromChatID != "7" || c.chatID != fmt.Sprint(supportChatID) {
|
||||
t.Errorf("copy = %+v, want thread 1000 from 7 into the support chat", c)
|
||||
}
|
||||
if len(rec.RelayedMsgIDs) != 1 {
|
||||
t.Errorf("relayed ids = %v, want 1 tracked", rec.RelayedMsgIDs)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSupportSubsequentReusesTopic(t *testing.T) {
|
||||
api := newSupportAPI()
|
||||
b, st := newSupportBot(t, api)
|
||||
|
||||
b.handleSupportUserMessage(context.Background(), userMsg(7, "first"))
|
||||
b.handleSupportUserMessage(context.Background(), userMsg(7, "second"))
|
||||
|
||||
if api.topicsOpened != 1 {
|
||||
t.Errorf("topics opened = %d, want 1 (topic reused)", api.topicsOpened)
|
||||
}
|
||||
if len(api.copies) != 2 {
|
||||
t.Errorf("copies = %d, want 2", len(api.copies))
|
||||
}
|
||||
rec, _ := st.Get(7)
|
||||
if len(rec.RelayedMsgIDs) != 2 {
|
||||
t.Errorf("relayed ids = %v, want 2", rec.RelayedMsgIDs)
|
||||
}
|
||||
}
|
||||
|
||||
// TestSupportTopicRecreatedWhenDeleted covers the case the operator hit in prod:
|
||||
// after they delete a user's whole topic, Telegram routes a copy aimed at it into
|
||||
// General with no error, so the bot must proactively detect the dead topic (the card
|
||||
// probe fails) and reopen it instead of silently losing the message to General.
|
||||
func TestSupportTopicRecreatedWhenDeleted(t *testing.T) {
|
||||
api := newSupportAPI()
|
||||
api.editErr = "message to edit not found" // the operators deleted the topic + its card
|
||||
b, st := newSupportBot(t, api)
|
||||
// Seed a topic that has since been deleted in Telegram.
|
||||
if err := st.SetTopic(7, 999, 4999, "Ann", "", "annlee"); err != nil {
|
||||
t.Fatalf("seed topic: %v", err)
|
||||
}
|
||||
|
||||
b.handleSupportUserMessage(context.Background(), userMsg(7, "still there?"))
|
||||
|
||||
if api.topicsOpened != 1 {
|
||||
t.Fatalf("topics opened = %d, want 1 (reopened after deletion)", api.topicsOpened)
|
||||
}
|
||||
rec, _ := st.Get(7)
|
||||
if rec.TopicID != 1000 || rec.HeaderMsgID != 5000 {
|
||||
t.Errorf("store = topic %d / header %d, want the reopened 1000 / 5000", rec.TopicID, rec.HeaderMsgID)
|
||||
}
|
||||
if len(api.copies) != 1 || api.copies[0].threadID != "1000" {
|
||||
t.Errorf("relay copies = %+v, want one into the reopened topic 1000", api.copies)
|
||||
}
|
||||
if _, ok := st.ByTopic(999); ok {
|
||||
t.Error("stale topic 999 still indexed after reopen")
|
||||
}
|
||||
}
|
||||
|
||||
func TestSupportBlockedUserDropped(t *testing.T) {
|
||||
api := newSupportAPI()
|
||||
b, st := newSupportBot(t, api)
|
||||
if err := st.SetTopic(7, 1000, 5000, "Ann", "", "annlee"); err != nil {
|
||||
t.Fatalf("seed topic: %v", err)
|
||||
}
|
||||
if err := st.SetBlocked(7, true); err != nil {
|
||||
t.Fatalf("block: %v", err)
|
||||
}
|
||||
|
||||
b.handleSupportUserMessage(context.Background(), userMsg(7, "hello?"))
|
||||
|
||||
if api.copyCount() != 0 {
|
||||
t.Errorf("a blocked user's message was relayed (%d copies)", api.copyCount())
|
||||
}
|
||||
if api.topicsOpened != 0 {
|
||||
t.Errorf("a blocked user opened a topic (%d)", api.topicsOpened)
|
||||
}
|
||||
}
|
||||
|
||||
// supportGroupMsg builds an operator message inside a topic of the support chat.
|
||||
func supportGroupMsg(fromID int64, threadID int, isBot bool) *models.Message {
|
||||
return &models.Message{
|
||||
ID: 700 + threadID,
|
||||
Chat: models.Chat{ID: supportChatID, Type: models.ChatTypeSupergroup},
|
||||
From: &models.User{ID: fromID, IsBot: isBot},
|
||||
MessageThreadID: threadID,
|
||||
Text: "operator reply",
|
||||
}
|
||||
}
|
||||
|
||||
func TestSupportOperatorReplyRelayed(t *testing.T) {
|
||||
api := newSupportAPI(50) // user 50 is an admin
|
||||
b, st := newSupportBot(t, api)
|
||||
if err := st.SetTopic(7, 1000, 5000, "Ann", "", "annlee"); err != nil {
|
||||
t.Fatalf("seed topic: %v", err)
|
||||
}
|
||||
|
||||
b.handleSupportGroupMessage(context.Background(), supportGroupMsg(50, 1000, false))
|
||||
|
||||
if len(api.copies) != 1 {
|
||||
t.Fatalf("copies = %d, want 1 (reply relayed to user)", len(api.copies))
|
||||
}
|
||||
if api.copies[0].chatID != "7" || api.copies[0].fromChatID != fmt.Sprint(supportChatID) {
|
||||
t.Errorf("copy = %+v, want from the support chat to user 7", api.copies[0])
|
||||
}
|
||||
rec, _ := st.Get(7)
|
||||
if len(rec.RelayedMsgIDs) != 1 {
|
||||
t.Errorf("operator message not tracked for clear: %v", rec.RelayedMsgIDs)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSupportGroupMessageIgnored(t *testing.T) {
|
||||
cases := []struct {
|
||||
name string
|
||||
msg *models.Message
|
||||
admins []int64
|
||||
}{
|
||||
{"bot's own copy (loop guard)", supportGroupMsg(1, 1000, true), []int64{50}},
|
||||
{"non-admin sender", supportGroupMsg(999, 1000, false), []int64{50}},
|
||||
{"outside any topic", supportGroupMsg(50, 0, false), []int64{50}},
|
||||
{"unknown topic", supportGroupMsg(50, 4242, false), []int64{50}},
|
||||
}
|
||||
for _, tc := range cases {
|
||||
t.Run(tc.name, func(t *testing.T) {
|
||||
api := newSupportAPI(tc.admins...)
|
||||
b, st := newSupportBot(t, api)
|
||||
if err := st.SetTopic(7, 1000, 5000, "Ann", "", "annlee"); err != nil {
|
||||
t.Fatalf("seed topic: %v", err)
|
||||
}
|
||||
b.handleSupportGroupMessage(context.Background(), tc.msg)
|
||||
if api.copyCount() != 0 {
|
||||
t.Errorf("message relayed (%d copies); it should be ignored", api.copyCount())
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
// supportCallback builds a callback-query update for the given data and presser.
|
||||
func supportCallback(data string, fromID int64) *models.Update {
|
||||
return &models.Update{CallbackQuery: &models.CallbackQuery{
|
||||
ID: "cb1",
|
||||
From: models.User{ID: fromID},
|
||||
Data: data,
|
||||
}}
|
||||
}
|
||||
|
||||
func TestSupportCallbackBlockToggle(t *testing.T) {
|
||||
api := newSupportAPI(50)
|
||||
b, st := newSupportBot(t, api)
|
||||
if err := st.SetTopic(7, 1000, 5000, "Ann", "", "annlee"); err != nil {
|
||||
t.Fatalf("seed topic: %v", err)
|
||||
}
|
||||
|
||||
b.handleSupportCallback(context.Background(), b.api, supportCallback("sup:block:7", 50))
|
||||
if !st.Blocked(7) {
|
||||
t.Error("user not blocked after sup:block")
|
||||
}
|
||||
if len(api.editedMsgIDs) != 1 || api.editedMsgIDs[0] != "5000" {
|
||||
t.Errorf("edited markup msg ids = %v, want [5000]", api.editedMsgIDs)
|
||||
}
|
||||
|
||||
b.handleSupportCallback(context.Background(), b.api, supportCallback("sup:unblock:7", 50))
|
||||
if st.Blocked(7) {
|
||||
t.Error("user still blocked after sup:unblock")
|
||||
}
|
||||
if len(api.answers) != 2 || api.answers[0] != "Заблокирован" || api.answers[1] != "Разблокирован" {
|
||||
t.Errorf("answers = %v, want [Заблокирован Разблокирован]", api.answers)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSupportCallbackNonAdminDenied(t *testing.T) {
|
||||
api := newSupportAPI(50)
|
||||
b, st := newSupportBot(t, api)
|
||||
if err := st.SetTopic(7, 1000, 5000, "Ann", "", "annlee"); err != nil {
|
||||
t.Fatalf("seed topic: %v", err)
|
||||
}
|
||||
|
||||
b.handleSupportCallback(context.Background(), b.api, supportCallback("sup:block:7", 999))
|
||||
|
||||
if st.Blocked(7) {
|
||||
t.Error("a non-admin managed to block the user")
|
||||
}
|
||||
if len(api.answers) != 1 || api.answers[0] != "Недостаточно прав" {
|
||||
t.Errorf("answers = %v, want a permission denial", api.answers)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSupportCallbackClearDeletesTracked(t *testing.T) {
|
||||
api := newSupportAPI(50)
|
||||
b, st := newSupportBot(t, api)
|
||||
if err := st.SetTopic(7, 1000, 5000, "Ann", "", "annlee"); err != nil {
|
||||
t.Fatalf("seed topic: %v", err)
|
||||
}
|
||||
for _, id := range []int{501, 502, 503} {
|
||||
if err := st.AppendMsg(7, id); err != nil {
|
||||
t.Fatalf("append: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
b.handleSupportCallback(context.Background(), b.api, supportCallback("sup:clear:7", 50))
|
||||
|
||||
if len(api.deleted) != 1 || len(api.deleted[0]) != 3 {
|
||||
t.Fatalf("deleted batches = %v, want one batch of 3", api.deleted)
|
||||
}
|
||||
rec, _ := st.Get(7)
|
||||
if len(rec.RelayedMsgIDs) != 0 {
|
||||
t.Errorf("relayed ids after clear = %v, want empty", rec.RelayedMsgIDs)
|
||||
}
|
||||
if rec.HeaderMsgID != 5000 {
|
||||
t.Errorf("clear disturbed the header (%d)", rec.HeaderMsgID)
|
||||
}
|
||||
}
|
||||
|
||||
func TestParseSupportCallback(t *testing.T) {
|
||||
cases := []struct {
|
||||
data string
|
||||
wantAction string
|
||||
wantUID int64
|
||||
wantOK bool
|
||||
}{
|
||||
{"sup:block:7", "block", 7, true},
|
||||
{"sup:clear:-100", "clear", -100, true},
|
||||
{"sup:unblock:42", "unblock", 42, true},
|
||||
{"block:7", "", 0, false},
|
||||
{"sup:block", "", 0, false},
|
||||
{"sup:block:notanumber", "", 0, false},
|
||||
}
|
||||
for _, tc := range cases {
|
||||
t.Run(tc.data, func(t *testing.T) {
|
||||
action, uid, ok := parseSupportCallback(tc.data)
|
||||
if action != tc.wantAction || uid != tc.wantUID || ok != tc.wantOK {
|
||||
t.Errorf("parseSupportCallback(%q) = %q,%d,%v; want %q,%d,%v",
|
||||
tc.data, action, uid, ok, tc.wantAction, tc.wantUID, tc.wantOK)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestSupportCard(t *testing.T) {
|
||||
t.Run("name is a plain-text mention, not a command", func(t *testing.T) {
|
||||
u := &models.User{ID: 7, FirstName: "/start", Username: "ann", LanguageCode: "ru", IsPremium: true}
|
||||
text, ents := supportCard(u)
|
||||
// The name is rendered verbatim (no HTML, no escaping) at the start of the card.
|
||||
if !strings.HasPrefix(text, "/start\n") {
|
||||
t.Errorf("card = %q, want it to start with the raw name", text)
|
||||
}
|
||||
// A text_mention entity covers exactly the name with the user id — this both
|
||||
// suppresses the "/start" command auto-detection and links the profile.
|
||||
if len(ents) != 1 {
|
||||
t.Fatalf("entities = %d, want 1", len(ents))
|
||||
}
|
||||
e := ents[0]
|
||||
if e.Type != models.MessageEntityTypeTextMention || e.Offset != 0 || e.Length != len("/start") {
|
||||
t.Errorf("entity = %+v, want a text_mention over the name", e)
|
||||
}
|
||||
if e.User == nil || e.User.ID != 7 {
|
||||
t.Errorf("entity user = %+v, want id 7", e.User)
|
||||
}
|
||||
if strings.Contains(text, "tg://") || strings.Contains(text, "<") {
|
||||
t.Errorf("card = %q, want no tg:// link and no HTML", text)
|
||||
}
|
||||
if !strings.Contains(text, "Premium: да") || !strings.Contains(text, "@ann") {
|
||||
t.Errorf("card = %q, want premium + @username", text)
|
||||
}
|
||||
})
|
||||
|
||||
t.Run("entity length is UTF-16, not runes", func(t *testing.T) {
|
||||
// "😀A" is 2 runes but 3 UTF-16 code units (the emoji is a surrogate pair).
|
||||
u := &models.User{ID: 9, FirstName: "😀A"}
|
||||
_, ents := supportCard(u)
|
||||
if len(ents) != 1 || ents[0].Length != 3 {
|
||||
t.Fatalf("entity = %+v, want length 3 UTF-16 units", ents)
|
||||
}
|
||||
})
|
||||
|
||||
t.Run("nameless user falls back to an id label", func(t *testing.T) {
|
||||
u := &models.User{ID: 42}
|
||||
text, ents := supportCard(u)
|
||||
if !strings.HasPrefix(text, "user 42") {
|
||||
t.Errorf("card = %q, want the id fallback name", text)
|
||||
}
|
||||
if ents[0].Length != len("user 42") {
|
||||
t.Errorf("entity length = %d, want it over the fallback name", ents[0].Length)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
func TestSupportTopicName(t *testing.T) {
|
||||
if got := supportTopicName(&models.User{ID: 7, FirstName: "Ann", LastName: "Lee", Username: "annlee"}); got != "Ann Lee @annlee" {
|
||||
t.Errorf("topic name = %q, want %q", got, "Ann Lee @annlee")
|
||||
}
|
||||
if got := supportTopicName(&models.User{ID: 7}); got != "user 7" {
|
||||
t.Errorf("nameless topic = %q, want %q", got, "user 7")
|
||||
}
|
||||
long := strings.Repeat("x", 200)
|
||||
if got := supportTopicName(&models.User{ID: 7, FirstName: long}); len([]rune(got)) != supportTopicNameMax {
|
||||
t.Errorf("topic name length = %d, want %d (trimmed)", len([]rune(got)), supportTopicNameMax)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSupportDisabledFallsThrough(t *testing.T) {
|
||||
// With no SupportChatID the relay is off and supportEnabled is false.
|
||||
srv := httptest.NewServer(&supportAPI{nextThread: 1000, nextMsg: 5000})
|
||||
t.Cleanup(srv.Close)
|
||||
b, err := New(Config{Token: "123:ABC", APIBaseURL: srv.URL, MiniAppURL: "https://example.com/"}, zap.NewNop())
|
||||
if err != nil {
|
||||
t.Fatalf("new bot: %v", err)
|
||||
}
|
||||
if b.supportEnabled() {
|
||||
t.Error("supportEnabled() = true without a SupportChatID")
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,60 @@
|
||||
package bot
|
||||
|
||||
import "strings"
|
||||
|
||||
// startText returns the localized /start welcome body and the launch-button label.
|
||||
// Russian is used when lang (the IETF language tag the Telegram client reports on the
|
||||
// message's sender) starts with "ru", English otherwise and when it is absent — so a
|
||||
// user with no reported language still gets a sensible message. channel and chat are
|
||||
// the resolved public @usernames (without the leading @) of the game channel and the
|
||||
// discussion chat; when either is empty its follow link degrades to a generic noun
|
||||
// (e.g. "the channel" / "our chat") rather than rendering a dangling "@", since the
|
||||
// bot's own info screen still lists the real links.
|
||||
func startText(lang, channel, chat string) (text, button string) {
|
||||
if strings.HasPrefix(strings.ToLower(lang), "ru") {
|
||||
return ruWelcome(channel, chat), "Открыть «Эрудит»"
|
||||
}
|
||||
return enWelcome(channel, chat), "Open “Erudite”"
|
||||
}
|
||||
|
||||
// ruWelcome builds the Russian welcome. A known handle is named as "@<username>"; an
|
||||
// unresolved one degrades to a plain noun.
|
||||
func ruWelcome(channel, chat string) string {
|
||||
ch := "канал"
|
||||
if channel != "" {
|
||||
ch = "@" + channel
|
||||
}
|
||||
ct := "чате"
|
||||
if chat != "" {
|
||||
ct = "@" + chat
|
||||
}
|
||||
return strings.Join([]string{
|
||||
"Привет! 👋",
|
||||
"Здесь можно сражаться в «Эрудит» со случайными игроками или в компании друзей.",
|
||||
"Подписывайтесь на " + ch + ", чтобы быть в курсе последних игровых событий и вовремя " +
|
||||
"получать важные уведомления. Игроки могут обсуждать игру и просто общаться в нашем " +
|
||||
ct + "! 💬",
|
||||
"Ни слова больше.\nПервая партия сама себя не сыграет 😊",
|
||||
}, "\n\n")
|
||||
}
|
||||
|
||||
// enWelcome builds the English welcome (the fallback for any non-Russian or missing
|
||||
// language). A known handle is named as "@<username>"; an unresolved one degrades to a
|
||||
// plain noun.
|
||||
func enWelcome(channel, chat string) string {
|
||||
ch := "the channel"
|
||||
if channel != "" {
|
||||
ch = "@" + channel
|
||||
}
|
||||
ct := "group chat"
|
||||
if chat != "" {
|
||||
ct = "@" + chat
|
||||
}
|
||||
return strings.Join([]string{
|
||||
"Hi! 👋",
|
||||
"Play Scrabble against random players — or with a group of friends.",
|
||||
"Follow " + ch + " to stay up to date with the latest game events and receive important " +
|
||||
"notifications in time. Players can discuss the game and simply chat in our " + ct + "! 💬",
|
||||
"Okay, no more talking.\nFirst game won't play itself 😊",
|
||||
}, "\n\n")
|
||||
}
|
||||
@@ -0,0 +1,73 @@
|
||||
package bot
|
||||
|
||||
import (
|
||||
"strings"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestStartTextLocalizesByLanguage(t *testing.T) {
|
||||
cases := []struct {
|
||||
name string
|
||||
lang string
|
||||
wantButton string
|
||||
wantSubstr string // a phrase unique to the chosen language body
|
||||
}{
|
||||
{"russian", "ru", "Открыть «Эрудит»", "Привет!"},
|
||||
{"russian region tag", "ru-RU", "Открыть «Эрудит»", "Первая партия"},
|
||||
{"english", "en", "Open “Erudite”", "Hi!"},
|
||||
{"other language falls back to english", "de", "Open “Erudite”", "Hi!"},
|
||||
{"absent language falls back to english", "", "Open “Erudite”", "no more talking"},
|
||||
}
|
||||
for _, tc := range cases {
|
||||
t.Run(tc.name, func(t *testing.T) {
|
||||
text, button := startText(tc.lang, "erudit", "erudite_chat")
|
||||
if button != tc.wantButton {
|
||||
t.Errorf("button = %q, want %q", button, tc.wantButton)
|
||||
}
|
||||
if !strings.Contains(text, tc.wantSubstr) {
|
||||
t.Errorf("text %q does not contain %q", text, tc.wantSubstr)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestStartTextEmbedsFollowHandles(t *testing.T) {
|
||||
for _, lang := range []string{"ru", "en"} {
|
||||
text, _ := startText(lang, "erudit", "erudite_chat")
|
||||
if !strings.Contains(text, "@erudit") || !strings.Contains(text, "@erudite_chat") {
|
||||
t.Errorf("lang %q: follow paragraph missing the handles: %q", lang, text)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestStartTextFallsBackToGenericWhenHandleMissing(t *testing.T) {
|
||||
// An unresolved handle degrades to a generic noun rather than a dangling "@" — and
|
||||
// only that slot degrades; a resolved sibling still shows its "@username".
|
||||
t.Run("both missing leaves no @", func(t *testing.T) {
|
||||
for _, lang := range []string{"ru", "en"} {
|
||||
text, _ := startText(lang, "", "")
|
||||
if strings.Contains(text, "@") {
|
||||
t.Errorf("lang %q: text shows a dangling @: %q", lang, text)
|
||||
}
|
||||
}
|
||||
// The generic nouns are present in each language.
|
||||
ru, _ := startText("ru", "", "")
|
||||
if !strings.Contains(ru, "на канал") || !strings.Contains(ru, "в нашем чате") {
|
||||
t.Errorf("russian generic fallback missing: %q", ru)
|
||||
}
|
||||
en, _ := startText("en", "", "")
|
||||
if !strings.Contains(en, "Follow the channel") || !strings.Contains(en, "in our group chat") {
|
||||
t.Errorf("english generic fallback missing: %q", en)
|
||||
}
|
||||
})
|
||||
t.Run("only the missing slot degrades", func(t *testing.T) {
|
||||
// Channel resolved, chat missing: the channel keeps its @handle, the chat is generic.
|
||||
en, _ := startText("en", "erudit", "")
|
||||
if !strings.Contains(en, "@erudit") || strings.Contains(en, "@erudite") {
|
||||
t.Errorf("channel handle not shown / chat handle leaked: %q", en)
|
||||
}
|
||||
if !strings.Contains(en, "in our group chat") {
|
||||
t.Errorf("chat slot did not degrade to a generic noun: %q", en)
|
||||
}
|
||||
})
|
||||
}
|
||||
@@ -42,6 +42,16 @@ type BotConfig struct {
|
||||
// (TELEGRAM_CHAT_ID, optional; 0 disables chat gating). The bot must be an admin
|
||||
// there with the "Ban users" right, and "chat_member" in its allowed updates.
|
||||
ChatID int64
|
||||
// SupportChatID is the chat id of the private forum supergroup the bot relays
|
||||
// direct user messages into — one forum topic per user — and reads operator
|
||||
// replies from (TELEGRAM_SUPPORT_CHAT_ID, optional; 0 disables the support relay).
|
||||
// The bot must be an administrator there with the manage-topics and
|
||||
// delete-messages rights. Distinct from ChatID (the moderated discussion chat).
|
||||
SupportChatID int64
|
||||
// SupportStateDir is the directory holding the support relay's JSON state file
|
||||
// (TELEGRAM_SUPPORT_STATE_DIR, default /data). It must be writable by the
|
||||
// container user (UID 65532) and backed by a persistent volume.
|
||||
SupportStateDir string
|
||||
// PromoBotToken is the API token of the optional standalone promo bot run in this
|
||||
// container — a second bot whose only job is to answer /start with a button that
|
||||
// opens the main bot's Mini App (TELEGRAM_PROMO_BOT_TOKEN, optional; empty disables
|
||||
@@ -55,6 +65,12 @@ type BotConfig struct {
|
||||
// button appends ?startapp=<payload> to it (TELEGRAM_BOT_LINK; required when the
|
||||
// promo bot runs). It is distinct from the BotLink mTLS dial config below.
|
||||
BotLinkURL string
|
||||
// PromoStartParam is the promo button's launch payload, appended as
|
||||
// ?startapp=<PromoStartParam> (TELEGRAM_PROMO_START_PARAM, default
|
||||
// "verudit_ru-scrabble_en"). It is a variant-seed deep link the backend decodes to
|
||||
// seed a brand-new user's variant preferences; its labels must match the backend's
|
||||
// known variants. Empty falls back to forwarding the user's own /start payload.
|
||||
PromoStartParam string
|
||||
// MiniAppURL is the HTTPS origin of the Mini App registered with BotFather; it is
|
||||
// the base of every launch button (TELEGRAM_MINIAPP_URL, required).
|
||||
MiniAppURL string
|
||||
@@ -103,6 +119,10 @@ const (
|
||||
defaultValidatorGRPCAddr = ":9091"
|
||||
defaultBotReconnectDelay = 2 * time.Second
|
||||
defaultSendRatePerSecond = 25
|
||||
// defaultPromoStartParam is the promo button's default launch payload: a variant-seed
|
||||
// deep link the backend decodes to add English Scrabble to a brand-new user's variant
|
||||
// preferences alongside the default Erudit. Override with TELEGRAM_PROMO_START_PARAM.
|
||||
defaultPromoStartParam = "verudit_ru-scrabble_en"
|
||||
)
|
||||
|
||||
// LoadValidator reads the validator configuration from the environment.
|
||||
@@ -135,6 +155,8 @@ func LoadBot() (BotConfig, error) {
|
||||
PromoBotToken: os.Getenv("TELEGRAM_PROMO_BOT_TOKEN"),
|
||||
BotUsername: strings.TrimPrefix(os.Getenv("TELEGRAM_BOT_USERNAME"), "@"),
|
||||
BotLinkURL: os.Getenv("TELEGRAM_BOT_LINK"),
|
||||
PromoStartParam: envOr("TELEGRAM_PROMO_START_PARAM", defaultPromoStartParam),
|
||||
SupportStateDir: envOr("TELEGRAM_SUPPORT_STATE_DIR", "/data"),
|
||||
LogLevel: envOr("TELEGRAM_LOG_LEVEL", "info"),
|
||||
BotLink: BotLinkClientConfig{
|
||||
GatewayAddr: os.Getenv("TELEGRAM_GATEWAY_ADDR"),
|
||||
@@ -152,6 +174,9 @@ func LoadBot() (BotConfig, error) {
|
||||
if cfg.ChatID, err = envInt64("TELEGRAM_CHAT_ID", 0); err != nil {
|
||||
return BotConfig{}, err
|
||||
}
|
||||
if cfg.SupportChatID, err = envInt64("TELEGRAM_SUPPORT_CHAT_ID", 0); err != nil {
|
||||
return BotConfig{}, err
|
||||
}
|
||||
if cfg.SendRatePerSecond, err = envInt("TELEGRAM_SEND_RATE_PER_SECOND", defaultSendRatePerSecond); err != nil {
|
||||
return BotConfig{}, err
|
||||
}
|
||||
|
||||
@@ -151,6 +151,48 @@ func TestLoadBotChatAndPromo(t *testing.T) {
|
||||
})
|
||||
}
|
||||
|
||||
// TestLoadBotSupportRelay verifies the support-relay chat id parses, the state
|
||||
// directory defaults to /data, and the relay is disabled (chat id 0) by default.
|
||||
func TestLoadBotSupportRelay(t *testing.T) {
|
||||
t.Run("parsed", func(t *testing.T) {
|
||||
setBotRequired(t)
|
||||
t.Setenv("TELEGRAM_SUPPORT_CHAT_ID", "-1001234567890")
|
||||
t.Setenv("TELEGRAM_SUPPORT_STATE_DIR", "/srv/state")
|
||||
c, err := LoadBot()
|
||||
if err != nil {
|
||||
t.Fatalf("LoadBot: %v", err)
|
||||
}
|
||||
if c.SupportChatID != -1001234567890 {
|
||||
t.Errorf("SupportChatID = %d, want -1001234567890", c.SupportChatID)
|
||||
}
|
||||
if c.SupportStateDir != "/srv/state" {
|
||||
t.Errorf("SupportStateDir = %q, want /srv/state", c.SupportStateDir)
|
||||
}
|
||||
})
|
||||
|
||||
t.Run("defaults", func(t *testing.T) {
|
||||
setBotRequired(t)
|
||||
c, err := LoadBot()
|
||||
if err != nil {
|
||||
t.Fatalf("LoadBot: %v", err)
|
||||
}
|
||||
if c.SupportChatID != 0 {
|
||||
t.Errorf("SupportChatID = %d, want 0 (relay disabled)", c.SupportChatID)
|
||||
}
|
||||
if c.SupportStateDir != "/data" {
|
||||
t.Errorf("SupportStateDir = %q, want /data", c.SupportStateDir)
|
||||
}
|
||||
})
|
||||
|
||||
t.Run("malformed chat id rejected", func(t *testing.T) {
|
||||
setBotRequired(t)
|
||||
t.Setenv("TELEGRAM_SUPPORT_CHAT_ID", "not-a-number")
|
||||
if _, err := LoadBot(); err == nil {
|
||||
t.Fatal("LoadBot: expected an error for a malformed support chat id, got nil")
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
// TestLoadRejectsUnsupportedExporter verifies an exporter outside the supported set
|
||||
// fails validation (the validator path).
|
||||
func TestLoadRejectsUnsupportedExporter(t *testing.T) {
|
||||
|
||||
@@ -18,7 +18,8 @@ import (
|
||||
)
|
||||
|
||||
// ErrInvalidInitData is returned when initData fails HMAC validation, is missing
|
||||
// the hash, is malformed, or is older than the freshness window.
|
||||
// the hash, is malformed, is older than the freshness window, or identifies a bot
|
||||
// user (is_bot), which is denied.
|
||||
var ErrInvalidInitData = errors.New("initdata: invalid telegram init data")
|
||||
|
||||
// defaultMaxAge bounds how old a validated initData payload may be.
|
||||
@@ -120,6 +121,7 @@ func parseUser(userJSON string) (User, error) {
|
||||
}
|
||||
var u struct {
|
||||
ID int64 `json:"id"`
|
||||
IsBot bool `json:"is_bot"`
|
||||
Username string `json:"username"`
|
||||
FirstName string `json:"first_name"`
|
||||
LanguageCode string `json:"language_code"`
|
||||
@@ -127,6 +129,12 @@ func parseUser(userJSON string) (User, error) {
|
||||
if err := json.Unmarshal([]byte(userJSON), &u); err != nil || u.ID == 0 {
|
||||
return User{}, ErrInvalidInitData
|
||||
}
|
||||
// Deny bot principals: the HMAC has already proved Telegram signed this payload, so is_bot==true
|
||||
// is Telegram itself attesting the launching user is a bot. A real user opening the Mini App
|
||||
// never carries it, so reject defensively rather than provision an account for a bot.
|
||||
if u.IsBot {
|
||||
return User{}, ErrInvalidInitData
|
||||
}
|
||||
return User{
|
||||
ExternalID: strconv.FormatInt(u.ID, 10),
|
||||
Username: u.Username,
|
||||
|
||||
@@ -83,3 +83,28 @@ func TestValidateRejects(t *testing.T) {
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
func TestValidateBotUser(t *testing.T) {
|
||||
t.Run("is_bot true is denied", func(t *testing.T) {
|
||||
initData := signInitData(testToken, map[string]string{
|
||||
"auth_date": strconv.FormatInt(time.Now().Unix(), 10),
|
||||
"user": `{"id":42,"is_bot":true,"first_name":"Robo"}`,
|
||||
})
|
||||
if _, err := NewHMACValidator(testToken).Validate(initData); !errors.Is(err, ErrInvalidInitData) {
|
||||
t.Errorf("err = %v, want ErrInvalidInitData", err)
|
||||
}
|
||||
})
|
||||
t.Run("is_bot false is allowed", func(t *testing.T) {
|
||||
initData := signInitData(testToken, map[string]string{
|
||||
"auth_date": strconv.FormatInt(time.Now().Unix(), 10),
|
||||
"user": `{"id":42,"is_bot":false,"first_name":"Thomas"}`,
|
||||
})
|
||||
u, err := NewHMACValidator(testToken).Validate(initData)
|
||||
if err != nil {
|
||||
t.Fatalf("validate: %v", err)
|
||||
}
|
||||
if u.ExternalID != "42" || u.FirstName != "Thomas" {
|
||||
t.Errorf("user = %+v, want {42 Thomas}", u)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
@@ -9,7 +9,9 @@
|
||||
package promobot
|
||||
|
||||
import (
|
||||
"cmp"
|
||||
"context"
|
||||
"html"
|
||||
"net/url"
|
||||
"strings"
|
||||
|
||||
@@ -33,6 +35,11 @@ type Config struct {
|
||||
// BotLinkURL is the main bot's Mini App direct link; the button appends
|
||||
// ?startapp=<payload> to it.
|
||||
BotLinkURL string
|
||||
// StartParam is the campaign payload appended as ?startapp=<StartParam> to the launch
|
||||
// button — e.g. a variant-seed deep link ("verudit_ru-scrabble_en") the backend
|
||||
// decodes to seed a brand-new user's variant preferences. Empty falls back to
|
||||
// forwarding the user's own /start payload.
|
||||
StartParam string
|
||||
// SendRatePerSecond caps outbound sends to respect the Bot API flood limits; 0
|
||||
// disables the limiter. The burst equals the per-second rate.
|
||||
SendRatePerSecond int
|
||||
@@ -40,11 +47,12 @@ type Config struct {
|
||||
|
||||
// Bot is the promo bot wrapper around a Telegram Bot API client.
|
||||
type Bot struct {
|
||||
api *tgbot.Bot
|
||||
username string
|
||||
linkURL string
|
||||
log *zap.Logger
|
||||
limiter *rate.Limiter
|
||||
api *tgbot.Bot
|
||||
username string
|
||||
linkURL string
|
||||
startParam string
|
||||
log *zap.Logger
|
||||
limiter *rate.Limiter
|
||||
}
|
||||
|
||||
// New builds the promo bot, registering a /start (and default) handler that replies
|
||||
@@ -53,7 +61,7 @@ func New(cfg Config, log *zap.Logger) (*Bot, error) {
|
||||
if log == nil {
|
||||
log = zap.NewNop()
|
||||
}
|
||||
t := &Bot{username: cfg.BotUsername, linkURL: cfg.BotLinkURL, log: log}
|
||||
t := &Bot{username: cfg.BotUsername, linkURL: cfg.BotLinkURL, startParam: cfg.StartParam, log: log}
|
||||
if cfg.SendRatePerSecond > 0 {
|
||||
t.limiter = rate.NewLimiter(rate.Limit(cfg.SendRatePerSecond), cfg.SendRatePerSecond)
|
||||
}
|
||||
@@ -87,7 +95,8 @@ func (t *Bot) Run(ctx context.Context) {
|
||||
}
|
||||
|
||||
// handleStart replies to any message (typically /start) with the localized promo text
|
||||
// and a button that opens the main bot's Mini App, forwarding any /start payload.
|
||||
// and a button that opens the main bot's Mini App at the configured campaign payload
|
||||
// (falling back to forwarding any /start payload the user arrived with).
|
||||
func (t *Bot) handleStart(ctx context.Context, api *tgbot.Bot, update *models.Update) {
|
||||
if update.Message == nil {
|
||||
return
|
||||
@@ -104,11 +113,16 @@ func (t *Bot) handleStart(ctx context.Context, api *tgbot.Bot, update *models.Up
|
||||
if update.Message.From != nil {
|
||||
lang = update.Message.From.LanguageCode
|
||||
}
|
||||
text, button := promoText(lang, t.username)
|
||||
// The configured campaign payload (a variant-seed deep link) takes precedence; absent
|
||||
// one, fall back to forwarding any /start payload the user arrived with. The same
|
||||
// payload backs both the inline button and the @username link in the body.
|
||||
param := cmp.Or(t.startParam, startPayload(update.Message.Text))
|
||||
text, button := promoText(lang, t.username, t.launchURL(param))
|
||||
if _, err := api.SendMessage(ctx, &tgbot.SendMessageParams{
|
||||
ChatID: update.Message.Chat.ID,
|
||||
Text: text,
|
||||
ReplyMarkup: t.launchMarkup(button, startPayload(update.Message.Text)),
|
||||
ParseMode: models.ParseModeHTML,
|
||||
ReplyMarkup: t.launchMarkup(button, param),
|
||||
}); err != nil {
|
||||
t.log.Warn("promo: reply to start failed", zap.Error(err))
|
||||
}
|
||||
@@ -159,11 +173,15 @@ func startPayload(text string) string {
|
||||
return strings.TrimSpace(strings.TrimPrefix(text, cmd))
|
||||
}
|
||||
|
||||
// promoText returns the localized message body and button label, naming the main bot
|
||||
// (Russian for a "ru" language code, English otherwise).
|
||||
func promoText(lang, username string) (text, button string) {
|
||||
// promoText returns the localized message body and button label. The body names the main
|
||||
// bot as a clickable @username whose link is the Mini App deep link (launchURL, the same
|
||||
// target as the button), so tapping the mention opens the seeded Mini App rather than the
|
||||
// bot profile. The body is sent with ParseMode HTML; only the link carries markup, so the
|
||||
// static sentences need no escaping. Russian for a "ru" language code, English otherwise.
|
||||
func promoText(lang, username, launchURL string) (text, button string) {
|
||||
mention := `<a href="` + html.EscapeString(launchURL) + `">@` + html.EscapeString(username) + `</a>`
|
||||
if strings.HasPrefix(strings.ToLower(lang), "ru") {
|
||||
return "Откройте @" + username + " и выберите в настройках профиля нужный вариант игры.", "🤩 Хочу играть!"
|
||||
return "Откройте " + mention + " и выберите в настройках профиля нужный вариант игры.", "🤩 Хочу играть!"
|
||||
}
|
||||
return "Open @" + username + " and choose your game variant in the profile settings.", "🤩 I want to play!"
|
||||
return "Open " + mention + " and choose your game variant in the profile settings.", "🤩 I want to play!"
|
||||
}
|
||||
|
||||
@@ -13,25 +13,30 @@ import (
|
||||
)
|
||||
|
||||
func TestPromoTextLocalization(t *testing.T) {
|
||||
en, enBtn := promoText("en", "ScrabbleBot")
|
||||
if !strings.Contains(en, "@ScrabbleBot") || !strings.Contains(en, "profile settings") {
|
||||
const url = "https://t.me/bot/app?startapp=verudit_ru-scrabble_en"
|
||||
// The @username is rendered as a clickable deep link (the same target as the button),
|
||||
// not a plain mention, so tapping it opens the seeded Mini App.
|
||||
wantLink := `<a href="` + url + `">@ScrabbleBot</a>`
|
||||
|
||||
en, enBtn := promoText("en", "ScrabbleBot", url)
|
||||
if !strings.Contains(en, wantLink) || !strings.Contains(en, "profile settings") {
|
||||
t.Errorf("en text = %q", en)
|
||||
}
|
||||
if enBtn != "🤩 I want to play!" {
|
||||
t.Errorf("en button = %q", enBtn)
|
||||
}
|
||||
|
||||
ru, ruBtn := promoText("ru-RU", "ScrabbleBot")
|
||||
if !strings.Contains(ru, "@ScrabbleBot") || !strings.Contains(ru, "Откройте") {
|
||||
ru, ruBtn := promoText("ru-RU", "ScrabbleBot", url)
|
||||
if !strings.Contains(ru, wantLink) || !strings.Contains(ru, "Откройте") {
|
||||
t.Errorf("ru text = %q", ru)
|
||||
}
|
||||
if ruBtn != "🤩 Хочу играть!" {
|
||||
t.Errorf("ru button = %q", ruBtn)
|
||||
}
|
||||
|
||||
// An unknown language falls back to English.
|
||||
if got, _ := promoText("de", "B"); !strings.Contains(got, "Open @B") {
|
||||
t.Errorf("fallback text = %q, want English", got)
|
||||
// An unknown language falls back to English, still with the linked mention.
|
||||
if got, _ := promoText("de", "B", url); !strings.Contains(got, "Open ") || !strings.Contains(got, `">@B</a>`) {
|
||||
t.Errorf("fallback text = %q, want English with a linked mention", got)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -93,8 +98,8 @@ func TestHandleStartReplies(t *testing.T) {
|
||||
if api.chatID != "42" {
|
||||
t.Errorf("chat_id = %q, want 42", api.chatID)
|
||||
}
|
||||
if !strings.Contains(api.text, "@ScrabbleBot") {
|
||||
t.Errorf("text = %q, want the @mention", api.text)
|
||||
if !strings.Contains(api.text, `<a href="https://t.me/bot/app?startapp=f99">@ScrabbleBot</a>`) {
|
||||
t.Errorf("text = %q, want the @mention linked to the startapp deep link", api.text)
|
||||
}
|
||||
if strings.Contains(api.replyMarkup, "web_app") {
|
||||
t.Errorf("reply_markup = %q has a web_app button; want a url button", api.replyMarkup)
|
||||
|
||||
@@ -0,0 +1,227 @@
|
||||
// Package support persists the Telegram bot's support-relay state. For each user
|
||||
// who direct-messages the bot it records the dedicated forum topic the bot opened
|
||||
// in the operators' support chat, whether the user is blocked, and the ids of the
|
||||
// messages relayed into that topic — so an operator's "clear" can delete them while
|
||||
// keeping the topic's info card. The state is a small JSON file on a writable
|
||||
// volume: the bot host has no database.
|
||||
//
|
||||
// The store is concurrency-safe. The go-telegram/bot library dispatches each update
|
||||
// in its own goroutine, so every exported method locks. Mutators update only their
|
||||
// own fields (SetTopic never touches Blocked, SetBlocked never touches the relayed
|
||||
// ids) so a topic recreate cannot clobber a concurrent block toggle.
|
||||
package support
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"sort"
|
||||
"sync"
|
||||
"time"
|
||||
)
|
||||
|
||||
// User is one user's support-relay state.
|
||||
type User struct {
|
||||
// UserID is the user's Telegram user id (the private chat id the bot relays to).
|
||||
UserID int64 `json:"user_id"`
|
||||
// TopicID is the forum topic's message_thread_id in the support chat; 0 means no
|
||||
// topic has been created yet.
|
||||
TopicID int `json:"topic_id"`
|
||||
// HeaderMsgID is the info-card message that opens the topic and carries the
|
||||
// block/clear buttons; it is never deleted by a clear.
|
||||
HeaderMsgID int `json:"header_msg_id"`
|
||||
// Blocked reports whether the bot drops this user's incoming messages.
|
||||
Blocked bool `json:"blocked"`
|
||||
// FirstName, LastName and Username snapshot the user's Telegram profile at the
|
||||
// time the topic was created or last refreshed (for the topic name and info card).
|
||||
FirstName string `json:"first_name,omitempty"`
|
||||
LastName string `json:"last_name,omitempty"`
|
||||
Username string `json:"username,omitempty"`
|
||||
// RelayedMsgIDs are the ids of the messages posted into the topic after the header
|
||||
// (the user's relayed messages and the operators' replies); a clear deletes them.
|
||||
RelayedMsgIDs []int `json:"relayed_msg_ids,omitempty"`
|
||||
// CreatedAt is when the topic was first opened for this user.
|
||||
CreatedAt time.Time `json:"created_at"`
|
||||
}
|
||||
|
||||
// Store is the concurrency-safe, JSON-backed support-relay state. The zero value is
|
||||
// not usable; build one with Open or New.
|
||||
type Store struct {
|
||||
mu sync.Mutex
|
||||
path string
|
||||
users map[int64]*User
|
||||
byTopic map[int]int64 // TopicID -> UserID, for resolving operator replies
|
||||
}
|
||||
|
||||
// file is the on-disk shape: a flat list of users. A JSON object keyed by user id
|
||||
// would force the int64 keys through strings; a list keeps the ids typed.
|
||||
type file struct {
|
||||
Users []*User `json:"users"`
|
||||
}
|
||||
|
||||
// New returns an empty store that persists to path, creating the parent directory
|
||||
// when missing. Use it as the fallback when Open reports a corrupt file.
|
||||
func New(path string) *Store {
|
||||
_ = os.MkdirAll(filepath.Dir(path), 0o755)
|
||||
return &Store{path: path, users: map[int64]*User{}, byTopic: map[int]int64{}}
|
||||
}
|
||||
|
||||
// Open loads the store from path. A missing file yields an empty store and no
|
||||
// error; an unreadable or malformed file returns an error so the caller can decide
|
||||
// whether to start empty.
|
||||
func Open(path string) (*Store, error) {
|
||||
s := New(path)
|
||||
b, err := os.ReadFile(path)
|
||||
if err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
return s, nil
|
||||
}
|
||||
return nil, fmt.Errorf("support: read state %s: %w", path, err)
|
||||
}
|
||||
var f file
|
||||
if err := json.Unmarshal(b, &f); err != nil {
|
||||
return nil, fmt.Errorf("support: parse state %s: %w", path, err)
|
||||
}
|
||||
for _, u := range f.Users {
|
||||
if u == nil || u.UserID == 0 {
|
||||
continue
|
||||
}
|
||||
s.users[u.UserID] = u
|
||||
if u.TopicID != 0 {
|
||||
s.byTopic[u.TopicID] = u.UserID
|
||||
}
|
||||
}
|
||||
return s, nil
|
||||
}
|
||||
|
||||
// Get returns a detached copy of the user's state and whether it exists.
|
||||
func (s *Store) Get(userID int64) (User, bool) {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
u, ok := s.users[userID]
|
||||
if !ok {
|
||||
return User{}, false
|
||||
}
|
||||
cp := *u
|
||||
cp.RelayedMsgIDs = append([]int(nil), u.RelayedMsgIDs...)
|
||||
return cp, true
|
||||
}
|
||||
|
||||
// ByTopic returns the user id owning the given forum topic, and whether one is known.
|
||||
func (s *Store) ByTopic(topicID int) (int64, bool) {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
uid, ok := s.byTopic[topicID]
|
||||
return uid, ok
|
||||
}
|
||||
|
||||
// Blocked reports whether the user's incoming messages are dropped.
|
||||
func (s *Store) Blocked(userID int64) bool {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
if u, ok := s.users[userID]; ok {
|
||||
return u.Blocked
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// SetTopic records the forum topic and info-card message opened for the user and
|
||||
// refreshes the profile snapshot, creating the record on first contact. It rebuilds
|
||||
// the topic index when the topic changes (a recreate) and preserves the block state
|
||||
// and the relayed-message ids. It persists the result.
|
||||
func (s *Store) SetTopic(userID int64, topicID, headerMsgID int, firstName, lastName, username string) error {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
u, ok := s.users[userID]
|
||||
if !ok {
|
||||
u = &User{UserID: userID, CreatedAt: time.Now().UTC()}
|
||||
s.users[userID] = u
|
||||
} else if u.TopicID != 0 && u.TopicID != topicID {
|
||||
delete(s.byTopic, u.TopicID)
|
||||
}
|
||||
u.TopicID = topicID
|
||||
u.HeaderMsgID = headerMsgID
|
||||
u.FirstName, u.LastName, u.Username = firstName, lastName, username
|
||||
if topicID != 0 {
|
||||
s.byTopic[topicID] = userID
|
||||
}
|
||||
return s.save()
|
||||
}
|
||||
|
||||
// SetBlocked sets the user's blocked flag, creating a minimal record when none
|
||||
// exists, and persists the result.
|
||||
func (s *Store) SetBlocked(userID int64, blocked bool) error {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
u, ok := s.users[userID]
|
||||
if !ok {
|
||||
u = &User{UserID: userID, CreatedAt: time.Now().UTC()}
|
||||
s.users[userID] = u
|
||||
}
|
||||
u.Blocked = blocked
|
||||
return s.save()
|
||||
}
|
||||
|
||||
// AppendMsg records a message posted into the user's topic (for a later clear) and
|
||||
// persists the result. It is a no-op when the user has no record yet.
|
||||
func (s *Store) AppendMsg(userID int64, msgID int) error {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
u, ok := s.users[userID]
|
||||
if !ok {
|
||||
return nil
|
||||
}
|
||||
u.RelayedMsgIDs = append(u.RelayedMsgIDs, msgID)
|
||||
return s.save()
|
||||
}
|
||||
|
||||
// ClearMsgs empties and returns the user's relayed-message ids (the info card is not
|
||||
// among them) and persists the result, so the caller can delete them from the chat.
|
||||
func (s *Store) ClearMsgs(userID int64) ([]int, error) {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
u, ok := s.users[userID]
|
||||
if !ok || len(u.RelayedMsgIDs) == 0 {
|
||||
return nil, nil
|
||||
}
|
||||
ids := u.RelayedMsgIDs
|
||||
u.RelayedMsgIDs = nil
|
||||
if err := s.save(); err != nil {
|
||||
// Roll back so the ids are not lost if the write fails.
|
||||
u.RelayedMsgIDs = ids
|
||||
return nil, err
|
||||
}
|
||||
return ids, nil
|
||||
}
|
||||
|
||||
// save writes the state atomically (temp file in the same directory, then rename).
|
||||
// The caller must hold s.mu.
|
||||
func (s *Store) save() error {
|
||||
f := file{Users: make([]*User, 0, len(s.users))}
|
||||
for _, u := range s.users {
|
||||
f.Users = append(f.Users, u)
|
||||
}
|
||||
sort.Slice(f.Users, func(i, j int) bool { return f.Users[i].UserID < f.Users[j].UserID })
|
||||
b, err := json.MarshalIndent(f, "", " ")
|
||||
if err != nil {
|
||||
return fmt.Errorf("support: marshal state: %w", err)
|
||||
}
|
||||
tmp, err := os.CreateTemp(filepath.Dir(s.path), ".support-*.json")
|
||||
if err != nil {
|
||||
return fmt.Errorf("support: create temp state: %w", err)
|
||||
}
|
||||
tmpName := tmp.Name()
|
||||
defer func() { _ = os.Remove(tmpName) }() // no-op once the rename succeeds
|
||||
if _, err := tmp.Write(b); err != nil {
|
||||
_ = tmp.Close()
|
||||
return fmt.Errorf("support: write temp state: %w", err)
|
||||
}
|
||||
if err := tmp.Close(); err != nil {
|
||||
return fmt.Errorf("support: close temp state: %w", err)
|
||||
}
|
||||
if err := os.Rename(tmpName, s.path); err != nil {
|
||||
return fmt.Errorf("support: replace state %s: %w", s.path, err)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
@@ -0,0 +1,178 @@
|
||||
package support
|
||||
|
||||
import (
|
||||
"os"
|
||||
"path/filepath"
|
||||
"sync"
|
||||
"testing"
|
||||
)
|
||||
|
||||
// statePath returns a path inside a fresh temp directory for a store file.
|
||||
func statePath(t *testing.T) string {
|
||||
t.Helper()
|
||||
return filepath.Join(t.TempDir(), "support.json")
|
||||
}
|
||||
|
||||
func TestOpenMissingReturnsEmpty(t *testing.T) {
|
||||
s, err := Open(statePath(t))
|
||||
if err != nil {
|
||||
t.Fatalf("Open missing: %v", err)
|
||||
}
|
||||
if _, ok := s.Get(42); ok {
|
||||
t.Error("Get on an empty store returned a record")
|
||||
}
|
||||
}
|
||||
|
||||
func TestOpenCorruptReturnsError(t *testing.T) {
|
||||
path := statePath(t)
|
||||
if err := os.WriteFile(path, []byte("{not json"), 0o600); err != nil {
|
||||
t.Fatalf("write corrupt: %v", err)
|
||||
}
|
||||
if _, err := Open(path); err == nil {
|
||||
t.Fatal("Open on a corrupt file: expected an error, got nil")
|
||||
}
|
||||
}
|
||||
|
||||
func TestSetTopicPersistsAndReloads(t *testing.T) {
|
||||
path := statePath(t)
|
||||
s := New(path)
|
||||
if err := s.SetTopic(7, 100, 101, "Ann", "Lee", "annlee"); err != nil {
|
||||
t.Fatalf("SetTopic: %v", err)
|
||||
}
|
||||
|
||||
// In-memory view.
|
||||
got, ok := s.Get(7)
|
||||
if !ok || got.TopicID != 100 || got.HeaderMsgID != 101 || got.Username != "annlee" {
|
||||
t.Fatalf("Get = %+v ok=%v, want topic 100 / header 101 / annlee", got, ok)
|
||||
}
|
||||
if got.CreatedAt.IsZero() {
|
||||
t.Error("CreatedAt not set on first contact")
|
||||
}
|
||||
if uid, ok := s.ByTopic(100); !ok || uid != 7 {
|
||||
t.Errorf("ByTopic(100) = %d ok=%v, want 7/true", uid, ok)
|
||||
}
|
||||
|
||||
// Reloaded from disk.
|
||||
reload, err := Open(path)
|
||||
if err != nil {
|
||||
t.Fatalf("Open: %v", err)
|
||||
}
|
||||
got, ok = reload.Get(7)
|
||||
if !ok || got.TopicID != 100 || got.FirstName != "Ann" {
|
||||
t.Fatalf("reloaded Get = %+v ok=%v, want topic 100 / Ann", got, ok)
|
||||
}
|
||||
if uid, ok := reload.ByTopic(100); !ok || uid != 7 {
|
||||
t.Errorf("reloaded ByTopic(100) = %d ok=%v, want 7/true", uid, ok)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSetTopicRecreateReindexes(t *testing.T) {
|
||||
s := New(statePath(t))
|
||||
if err := s.SetTopic(7, 100, 101, "Ann", "", ""); err != nil {
|
||||
t.Fatalf("SetTopic: %v", err)
|
||||
}
|
||||
if err := s.SetTopic(7, 200, 201, "Ann", "", ""); err != nil {
|
||||
t.Fatalf("SetTopic recreate: %v", err)
|
||||
}
|
||||
if _, ok := s.ByTopic(100); ok {
|
||||
t.Error("ByTopic(100) still resolves after recreate; the stale topic was not dropped")
|
||||
}
|
||||
if uid, ok := s.ByTopic(200); !ok || uid != 7 {
|
||||
t.Errorf("ByTopic(200) = %d ok=%v, want 7/true", uid, ok)
|
||||
}
|
||||
}
|
||||
|
||||
// TestBlockSurvivesTopicRecreate is the field-isolation guarantee: a topic recreate
|
||||
// (SetTopic) must not clear a block set concurrently from the buttons.
|
||||
func TestBlockSurvivesTopicRecreate(t *testing.T) {
|
||||
s := New(statePath(t))
|
||||
if err := s.SetTopic(7, 100, 101, "Ann", "", "annlee"); err != nil {
|
||||
t.Fatalf("SetTopic: %v", err)
|
||||
}
|
||||
if err := s.SetBlocked(7, true); err != nil {
|
||||
t.Fatalf("SetBlocked: %v", err)
|
||||
}
|
||||
if err := s.SetTopic(7, 200, 201, "Ann", "", "annlee"); err != nil {
|
||||
t.Fatalf("SetTopic recreate: %v", err)
|
||||
}
|
||||
if !s.Blocked(7) {
|
||||
t.Error("block was cleared by a topic recreate")
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendAndClearMsgs(t *testing.T) {
|
||||
s := New(statePath(t))
|
||||
if err := s.SetTopic(7, 100, 101, "Ann", "", ""); err != nil {
|
||||
t.Fatalf("SetTopic: %v", err)
|
||||
}
|
||||
for _, id := range []int{500, 501, 502} {
|
||||
if err := s.AppendMsg(7, id); err != nil {
|
||||
t.Fatalf("AppendMsg %d: %v", id, err)
|
||||
}
|
||||
}
|
||||
got, _ := s.Get(7)
|
||||
if len(got.RelayedMsgIDs) != 3 {
|
||||
t.Fatalf("RelayedMsgIDs = %v, want 3 ids", got.RelayedMsgIDs)
|
||||
}
|
||||
|
||||
ids, err := s.ClearMsgs(7)
|
||||
if err != nil {
|
||||
t.Fatalf("ClearMsgs: %v", err)
|
||||
}
|
||||
if len(ids) != 3 || ids[0] != 500 || ids[2] != 502 {
|
||||
t.Errorf("ClearMsgs = %v, want [500 501 502]", ids)
|
||||
}
|
||||
got, _ = s.Get(7)
|
||||
if len(got.RelayedMsgIDs) != 0 {
|
||||
t.Errorf("RelayedMsgIDs after clear = %v, want empty", got.RelayedMsgIDs)
|
||||
}
|
||||
if got.HeaderMsgID != 101 || got.TopicID != 100 {
|
||||
t.Errorf("clear disturbed the topic/header: %+v", got)
|
||||
}
|
||||
|
||||
// A second clear is a no-op.
|
||||
if ids, err := s.ClearMsgs(7); err != nil || ids != nil {
|
||||
t.Errorf("second ClearMsgs = %v, %v, want nil, nil", ids, err)
|
||||
}
|
||||
}
|
||||
|
||||
func TestGetReturnsDetachedCopy(t *testing.T) {
|
||||
s := New(statePath(t))
|
||||
if err := s.SetTopic(7, 100, 101, "Ann", "", ""); err != nil {
|
||||
t.Fatalf("SetTopic: %v", err)
|
||||
}
|
||||
if err := s.AppendMsg(7, 500); err != nil {
|
||||
t.Fatalf("AppendMsg: %v", err)
|
||||
}
|
||||
got, _ := s.Get(7)
|
||||
got.RelayedMsgIDs[0] = 999 // mutate the copy
|
||||
again, _ := s.Get(7)
|
||||
if again.RelayedMsgIDs[0] != 500 {
|
||||
t.Error("Get returned a slice that aliases the store's state")
|
||||
}
|
||||
}
|
||||
|
||||
// TestConcurrentMutationsSafe exercises the mutex under parallel writers; run with
|
||||
// -race to catch data races.
|
||||
func TestConcurrentMutationsSafe(t *testing.T) {
|
||||
s := New(statePath(t))
|
||||
if err := s.SetTopic(7, 100, 101, "Ann", "", ""); err != nil {
|
||||
t.Fatalf("SetTopic: %v", err)
|
||||
}
|
||||
var wg sync.WaitGroup
|
||||
for i := range 20 {
|
||||
wg.Add(1)
|
||||
go func(n int) {
|
||||
defer wg.Done()
|
||||
_ = s.AppendMsg(7, 1000+n)
|
||||
_ = s.SetBlocked(7, n%2 == 0)
|
||||
_, _ = s.Get(7)
|
||||
_, _ = s.ByTopic(100)
|
||||
}(i)
|
||||
}
|
||||
wg.Wait()
|
||||
got, ok := s.Get(7)
|
||||
if !ok || len(got.RelayedMsgIDs) != 20 {
|
||||
t.Errorf("after concurrent appends: %d ids, want 20", len(got.RelayedMsgIDs))
|
||||
}
|
||||
}
|
||||
+5
-5
@@ -1,13 +1,13 @@
|
||||
import { test as base } from '@playwright/test';
|
||||
|
||||
// All e2e specs run hermetically against the mock transport. Neutralise the real
|
||||
// telegram-web-app.js (loaded from the CDN in index.html) so the suite never blocks
|
||||
// on telegram.org — it is unreachable from the CI runner, and a render-blocking
|
||||
// <script> to it would hang every page load. Specs that exercise the Telegram launch
|
||||
// inject their own window.Telegram via addInitScript before navigating.
|
||||
// telegram-web-app.js (the app loads it dynamically — see lib/telegram.ts loadTelegramSDK) so the
|
||||
// suite never reaches telegram.org, which is unreachable from the CI runner. Specs that exercise
|
||||
// the Telegram launch inject their own window.Telegram via addInitScript before navigating, so the
|
||||
// dynamic load short-circuits on the already-present SDK.
|
||||
export const test = base.extend({
|
||||
page: async ({ page }, use) => {
|
||||
await page.route('**/telegram-web-app.js', (route) =>
|
||||
await page.route('**/telegram-web-app.js*', (route) =>
|
||||
route.fulfill({ status: 200, contentType: 'application/javascript', body: '' }),
|
||||
);
|
||||
await use(page);
|
||||
|
||||
@@ -44,6 +44,60 @@ test('friends: issue a code, accept an incoming request, redeem a code', async (
|
||||
await expect(page.locator('.who', { hasText: 'Friend 111111' })).toBeVisible();
|
||||
});
|
||||
|
||||
test('friends: the row kebab reveals block/remove and an outside tap closes it', async ({ page }) => {
|
||||
await loginLobby(page);
|
||||
await openFriends(page);
|
||||
|
||||
// A friend row slides open on its kebab (like the lobby), exposing two icon actions.
|
||||
const kaya = page.locator('.rowwrap', { hasText: 'Kaya' });
|
||||
await kaya.locator('.kebab').click();
|
||||
await expect(kaya).toHaveClass(/revealed/);
|
||||
await expect(kaya.locator('.acts').getByRole('button', { name: 'Block' })).toBeVisible();
|
||||
await expect(kaya.locator('.acts').getByRole('button', { name: 'Remove' })).toBeVisible();
|
||||
|
||||
// A tap anywhere outside the action buttons collapses the row again.
|
||||
await page.getByRole('heading', { name: 'Your friends' }).click();
|
||||
await expect(kaya).not.toHaveClass(/revealed/);
|
||||
});
|
||||
|
||||
test('friends: blocking from the list confirms (naming the friend) and moves them to Blocked', async ({ page }) => {
|
||||
await loginLobby(page);
|
||||
await openFriends(page);
|
||||
|
||||
const kaya = page.locator('.rowwrap', { hasText: 'Kaya' });
|
||||
await kaya.locator('.kebab').click();
|
||||
await kaya.locator('.acts').getByRole('button', { name: 'Block' }).click();
|
||||
|
||||
// The confirmation keeps a generic title and names the friend in the body.
|
||||
const dialog = page.getByRole('dialog');
|
||||
await expect(dialog.getByText('Block this player?')).toBeVisible();
|
||||
await expect(dialog.locator('.confirm-name')).toHaveText('Kaya');
|
||||
await dialog.getByRole('button', { name: 'Block' }).click();
|
||||
|
||||
// The block applied: Kaya leaves the friends list and shows under Blocked players.
|
||||
await expect(page.getByText('No friends yet.')).toBeVisible();
|
||||
const blocked = page.locator('.rowwrap', { hasText: 'Kaya' });
|
||||
await expect(blocked.getByRole('button', { name: 'Unblock' })).toBeVisible();
|
||||
});
|
||||
|
||||
test('friends: removing from the list confirms (naming the friend) and drops them', async ({ page }) => {
|
||||
await loginLobby(page);
|
||||
await openFriends(page);
|
||||
|
||||
const kaya = page.locator('.rowwrap', { hasText: 'Kaya' });
|
||||
await kaya.locator('.kebab').click();
|
||||
await kaya.locator('.acts').getByRole('button', { name: 'Remove' }).click();
|
||||
|
||||
const dialog = page.getByRole('dialog');
|
||||
await expect(dialog.getByText('Remove from friends?')).toBeVisible();
|
||||
await expect(dialog.locator('.confirm-name')).toHaveText('Kaya');
|
||||
await dialog.getByRole('button', { name: 'Remove' }).click();
|
||||
|
||||
// Unfriending just drops the friendship — Kaya is gone and not blocked.
|
||||
await expect(page.getByText('No friends yet.')).toBeVisible();
|
||||
await expect(page.locator('.rowwrap', { hasText: 'Kaya' })).toHaveCount(0);
|
||||
});
|
||||
|
||||
test('invitations: the lobby shows an invitation and accepting clears it', async ({ page }) => {
|
||||
await loginLobby(page);
|
||||
await expect(page.getByText('Invitations')).toBeVisible();
|
||||
|
||||
+24
-5
@@ -107,11 +107,30 @@ test('inside Telegram, a failed launch shows the retry screen, not the web login
|
||||
await expect(page.getByRole('button', { name: /guest/i })).toHaveCount(0);
|
||||
});
|
||||
|
||||
test('outside Telegram, the /telegram/ entry redirects to the site root', async ({ page }) => {
|
||||
test('outside Telegram, the /telegram/ entry shows the launch diagnostic, not a redirect', async ({
|
||||
page,
|
||||
}) => {
|
||||
await page.goto('/telegram/');
|
||||
|
||||
// The guard sends a non-Telegram visitor back to the root, where the normal
|
||||
// (guest / email) login is shown.
|
||||
await expect(page.getByRole('button', { name: /guest/i })).toBeVisible();
|
||||
await expect(page).not.toHaveURL(/\/telegram\//);
|
||||
// The entry no longer bounces a visitor without Telegram sign-in data to the marketing landing;
|
||||
// it shows a compact diagnostic screen (Share + Retry) that helps pinpoint why initData was
|
||||
// absent — notably the Android empty-initData failure.
|
||||
await expect(page.getByRole('button', { name: 'Share' })).toBeVisible();
|
||||
await expect(page.getByRole('button', { name: 'Retry' })).toBeVisible();
|
||||
// It stays on /telegram/ (no redirect) and never shows the web (guest) login.
|
||||
await expect(page).toHaveURL(/\/telegram\//);
|
||||
await expect(page.getByRole('button', { name: /guest/i })).toHaveCount(0);
|
||||
});
|
||||
|
||||
test('a blocked telegram-web-app.js does not hang the diagnostic screen', async ({ page }) => {
|
||||
// Simulate a network where telegram.org is unreachable: the SDK fetch fails. Because the SPA
|
||||
// loads the SDK dynamically with a timeout (not a render-blocking <script>), a failed/blocked
|
||||
// fetch must not strand the page — the diagnostic screen still renders, reporting no SDK. (This
|
||||
// route overrides the fixture's empty-body fulfill; the later registration wins.)
|
||||
await page.route('**/telegram-web-app.js*', (route) => route.abort());
|
||||
await page.goto('/telegram/');
|
||||
|
||||
await expect(page.getByRole('button', { name: 'Share' })).toBeVisible();
|
||||
// The diagnostic names the load outcome: a failed fetch reads as sdk-load: error.
|
||||
await expect(page.getByText('sdk-load: error')).toBeVisible();
|
||||
});
|
||||
|
||||
+5
-3
@@ -2,9 +2,11 @@
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8" />
|
||||
<!-- Telegram Mini App SDK: defines window.Telegram.WebApp. Harmless outside
|
||||
Telegram (initData is empty), so it loads on every entry. -->
|
||||
<script src="https://telegram.org/js/telegram-web-app.js"></script>
|
||||
<!-- The Telegram Mini App SDK (window.Telegram.WebApp) is deliberately NOT loaded here: a
|
||||
render-blocking <script> to telegram.org hangs the whole page on a network that blocks
|
||||
telegram.org (common where Telegram itself reaches users only over a proxy), stranding even
|
||||
the launch-diagnostic screen. The app loads it dynamically, with a timeout, only on a
|
||||
Telegram entry — see lib/telegram.ts loadTelegramSDK and lib/app.svelte.ts bootstrap. -->
|
||||
<!-- user-scalable=no: the board owns zoom; we do not want the browser's pinch
|
||||
to fight our two-state zoom. viewport-fit=cover for native (Capacitor). -->
|
||||
<meta
|
||||
|
||||
+13
-16
@@ -2,13 +2,13 @@
|
||||
import { onMount } from 'svelte';
|
||||
import { cubicOut } from 'svelte/easing';
|
||||
import { app, bootstrap } from './lib/app.svelte';
|
||||
import { navigate, router, type RouteName } from './lib/router.svelte';
|
||||
import { router, type RouteName } from './lib/router.svelte';
|
||||
import { t } from './lib/i18n/index.svelte';
|
||||
import { insideTelegram, telegramBackButton } from './lib/telegram';
|
||||
import Toast from './components/Toast.svelte';
|
||||
import Splash from './components/Splash.svelte';
|
||||
import StaleInviteModal from './components/StaleInviteModal.svelte';
|
||||
import WelcomeRedeemModal from './components/WelcomeRedeemModal.svelte';
|
||||
import DebugPanel from './components/DebugPanel.svelte';
|
||||
import Login from './screens/Login.svelte';
|
||||
import Lobby from './screens/Lobby.svelte';
|
||||
import NewGame from './screens/NewGame.svelte';
|
||||
@@ -19,6 +19,7 @@
|
||||
import Feedback from './screens/Feedback.svelte';
|
||||
import Blocked from './screens/Blocked.svelte';
|
||||
import BootError from './screens/BootError.svelte';
|
||||
import TelegramLaunchError from './screens/TelegramLaunchError.svelte';
|
||||
|
||||
onMount(() => {
|
||||
void bootstrap();
|
||||
@@ -29,19 +30,6 @@
|
||||
// another screen is not covered.
|
||||
const routeIsLobby = $derived(router.route.name === 'lobby');
|
||||
|
||||
// Inside Telegram, drive its native header back button: show it on any sub-screen
|
||||
// (everything returns to the lobby root), hide it on the lobby/login. The app's own
|
||||
// back chevron is hidden in Telegram (Header.svelte) so only the native one shows.
|
||||
$effect(() => {
|
||||
if (!insideTelegram()) return;
|
||||
const r = router.route;
|
||||
// The chat / check sub-screens step back to their game; every other sub-screen to the lobby.
|
||||
let target = '/';
|
||||
if (r.name === 'gameChat' || r.name === 'gameCheck') target = `/game/${r.params.id}`;
|
||||
else if (r.name === 'feedback') target = '/about'; // back to the Settings → Info tab
|
||||
telegramBackButton(r.name !== 'lobby' && r.name !== 'login', () => navigate(target));
|
||||
});
|
||||
|
||||
// Screen transitions: the lobby is the navigation root. Entering a screen from the
|
||||
// lobby slides it in from the right (forward); returning to the lobby slides the
|
||||
// screen out to the right and reveals the lobby (back). Transitions are local, so
|
||||
@@ -84,6 +72,11 @@
|
||||
{#if !routeIsLobby}
|
||||
<div class="splash">{t('common.loading')}</div>
|
||||
{/if}
|
||||
{:else if app.launchError}
|
||||
<!-- The /telegram/ entry without sign-in data: a compact, shareable diagnostic screen instead
|
||||
of bouncing to the marketing landing (also the probe for the empty-initData failure on
|
||||
some Android clients). -->
|
||||
<TelegramLaunchError />
|
||||
{:else if app.bootError}
|
||||
<!-- A Mini App launch that failed to authenticate (e.g. the backend was down mid-deploy):
|
||||
show the retry screen instead of falling back to the web login. -->
|
||||
@@ -128,10 +121,14 @@
|
||||
<StaleInviteModal />
|
||||
<WelcomeRedeemModal />
|
||||
|
||||
{#if routeIsLobby && !app.splashDone && !app.blocked && !app.bootError}
|
||||
{#if routeIsLobby && !app.splashDone && !app.blocked && !app.bootError && !app.launchError}
|
||||
<Splash />
|
||||
{/if}
|
||||
|
||||
{#if app.debugOpen}
|
||||
<DebugPanel />
|
||||
{/if}
|
||||
|
||||
<style>
|
||||
.splash {
|
||||
height: 100%;
|
||||
|
||||
@@ -49,6 +49,11 @@
|
||||
/* Telegram device safe-area top (the notch); TG's own nav controls sit between it and
|
||||
--tg-content-top, so the in-app header aligns to that band, 0 elsewhere. */
|
||||
--tg-safe-top: 0px;
|
||||
/* Telegram device safe-area bottom / sides (home indicator; landscape notch), 0 elsewhere —
|
||||
the screen pads its bottom and left/right edges by these so content clears the cut-outs. */
|
||||
--tg-safe-bottom: 0px;
|
||||
--tg-safe-left: 0px;
|
||||
--tg-safe-right: 0px;
|
||||
--font: system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial,
|
||||
"Noto Sans", "Liberation Sans", sans-serif;
|
||||
--shadow: 0 1px 2px rgba(0, 0, 0, 0.08), 0 6px 16px rgba(0, 0, 0, 0.06);
|
||||
|
||||
@@ -0,0 +1,71 @@
|
||||
<script lang="ts">
|
||||
// Hidden on-device debug panel, opened by tapping the header title ten times (Header.svelte) and
|
||||
// closed by tapping anywhere except the Share control. It shows a privacy-safe client diagnostic
|
||||
// snapshot (no secrets, no initData values, no IP) and shares it through the OS share sheet (or a
|
||||
// clipboard copy on desktop) — a support aid for reproducing client-specific issues, e.g. the
|
||||
// Telegram Android presentation quirks. Drawn from the top, just under the app header.
|
||||
import { app, closeDebug } from '../lib/app.svelte';
|
||||
import { connection } from '../lib/connection.svelte';
|
||||
import { shareText } from '../lib/share';
|
||||
import { telegramChromeDiag } from '../lib/telegram';
|
||||
|
||||
const report = [
|
||||
`app: ${__APP_VERSION__}`,
|
||||
`locale: ${app.locale} theme: ${app.theme} reduceMotion: ${app.reduceMotion}`,
|
||||
`online: ${connection.online} streamAlive: ${app.streamAlive}`,
|
||||
`userId: ${app.session?.userId ?? '—'} guest: ${app.profile?.isGuest ?? '—'}`,
|
||||
telegramChromeDiag(),
|
||||
].join('\n');
|
||||
|
||||
let label = $state('Share');
|
||||
async function share(e: MouseEvent): Promise<void> {
|
||||
e.stopPropagation(); // a tap on Share shares; it must not also close the panel
|
||||
const r = await shareText(report, `Scrabble debug ${__APP_VERSION__}`);
|
||||
if (r === 'copied') {
|
||||
label = 'Copied';
|
||||
setTimeout(() => (label = 'Share'), 1500);
|
||||
}
|
||||
}
|
||||
</script>
|
||||
|
||||
<!-- svelte-ignore a11y_click_events_have_key_events -->
|
||||
<!-- svelte-ignore a11y_no_static_element_interactions -->
|
||||
<div class="overlay" onclick={closeDebug}>
|
||||
<button class="share" onclick={share}>{label}</button>
|
||||
<pre class="body">{report}</pre>
|
||||
</div>
|
||||
|
||||
<style>
|
||||
.overlay {
|
||||
position: fixed;
|
||||
inset: 0;
|
||||
z-index: 10000;
|
||||
/* Drawn from the top; the content clears the app header (~56px + the device safe-area). */
|
||||
padding: calc(var(--tg-safe-top, 0px) + 56px) 12px 16px;
|
||||
background: rgba(0, 0, 0, 0.82);
|
||||
overflow: auto;
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
gap: 10px;
|
||||
align-items: flex-start;
|
||||
}
|
||||
.share {
|
||||
flex: 0 0 auto;
|
||||
padding: 7px 16px;
|
||||
border: 1px solid var(--accent);
|
||||
background: var(--accent);
|
||||
color: var(--accent-text);
|
||||
border-radius: var(--radius-sm);
|
||||
font-size: 0.95rem;
|
||||
}
|
||||
.body {
|
||||
margin: 0;
|
||||
width: 100%;
|
||||
white-space: pre-wrap;
|
||||
overflow-wrap: anywhere;
|
||||
font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
|
||||
font-size: 11px;
|
||||
line-height: 1.45;
|
||||
color: #d6e6ff;
|
||||
}
|
||||
</style>
|
||||
@@ -1,17 +1,30 @@
|
||||
<script lang="ts">
|
||||
import { navigate } from '../lib/router.svelte';
|
||||
import { insideTelegram } from '../lib/telegram';
|
||||
import { connection } from '../lib/connection.svelte';
|
||||
import { t } from '../lib/i18n/index.svelte';
|
||||
import { app } from '../lib/app.svelte';
|
||||
import { app, openDebug } from '../lib/app.svelte';
|
||||
import Spinner from './Spinner.svelte';
|
||||
import AdBanner from './AdBanner.svelte';
|
||||
|
||||
let { title, back, grow = false }: { title: string; back?: string; grow?: boolean } = $props();
|
||||
|
||||
// Inside Telegram the native header back button (App.svelte) is the back control, so
|
||||
// the app's own chevron is hidden to avoid two back affordances.
|
||||
const showBack = $derived(!!back && !insideTelegram());
|
||||
// The app always shows its own back chevron when there is a back target — on every platform, in
|
||||
// and out of Telegram. The native Telegram BackButton is not used: it does not render reliably in
|
||||
// the windowed Mini App (relying on it would lose back navigation there).
|
||||
const showBack = $derived(!!back);
|
||||
|
||||
// Ten quick taps on the title open the hidden debug panel (components/DebugPanel) — a support aid.
|
||||
let titleTaps = 0;
|
||||
let lastTitleTap = 0;
|
||||
function onTitleTap(): void {
|
||||
const now = Date.now();
|
||||
titleTaps = now - lastTitleTap < 400 ? titleTaps + 1 : 1;
|
||||
lastTitleTap = now;
|
||||
if (titleTaps >= 10) {
|
||||
titleTaps = 0;
|
||||
openDebug();
|
||||
}
|
||||
}
|
||||
</script>
|
||||
|
||||
<header class="nav" class:grow>
|
||||
@@ -24,7 +37,9 @@
|
||||
<span class="spacer"></span>
|
||||
{/if}
|
||||
{#if connection.online}
|
||||
<h1>{title}</h1>
|
||||
<!-- svelte-ignore a11y_click_events_have_key_events -->
|
||||
<!-- svelte-ignore a11y_no_noninteractive_element_interactions -->
|
||||
<h1 onclick={onTitleTap}>{title}</h1>
|
||||
{:else}
|
||||
<h1 class="connecting"><Spinner /> <span>{t('connection.connecting')}</span></h1>
|
||||
{/if}
|
||||
@@ -66,7 +81,7 @@
|
||||
display: flex;
|
||||
align-items: center;
|
||||
gap: var(--gap);
|
||||
padding: 10px var(--pad);
|
||||
padding: 5px var(--pad);
|
||||
}
|
||||
h1 {
|
||||
font-size: 1.05rem;
|
||||
@@ -124,15 +139,15 @@
|
||||
back chevron is hidden), so min-height (the nav-band height) doesn't bind. Without the
|
||||
(removed) hamburger that content shrank and the bar sat flush under Telegram's native nav
|
||||
band. So **padding-top** is the lever: it drops the title clear of the band — the notch
|
||||
plus a **10px** gap (was 6). A fixed px (not rem/em) gap so the clearance from Telegram's
|
||||
native controls stays constant if the user scales up the font (the title then grows
|
||||
downward and the bar with it). (Owner-tunable: the 10px.) */
|
||||
plus an **8px** gap (halved from 16). A fixed px (not rem/em) gap so the clearance from
|
||||
Telegram's native controls stays constant if the user scales up the font (the title then
|
||||
grows downward and the bar with it). (Owner-tunable: the 8px.) */
|
||||
min-height: var(--tg-content-top);
|
||||
box-sizing: border-box;
|
||||
align-items: center;
|
||||
justify-content: center;
|
||||
padding-top: calc(var(--tg-safe-top) + 16px);
|
||||
padding-bottom: 6px;
|
||||
padding-top: calc(var(--tg-safe-top) + 8px);
|
||||
padding-bottom: 3px;
|
||||
}
|
||||
:global(html.tg-fullscreen) .spacer {
|
||||
display: none;
|
||||
|
||||
@@ -101,6 +101,12 @@
|
||||
bottom input — chat, word-check — stays above an open soft keyboard without the page
|
||||
scrolling; falls back to the full height where the var is unset. */
|
||||
height: var(--vvh, 100%);
|
||||
/* Clear the landscape notch sides inside Telegram (0 elsewhere). The top inset is owned by the
|
||||
header; the home-indicator (bottom) inset is owned by the bottom bar — the .tabbar paints its
|
||||
own chrome into it, and a screen with no tab bar pads its content (.content:last-child) — so
|
||||
the strip takes the bar's colour rather than the detached content background. */
|
||||
padding-left: var(--tg-safe-left, 0px);
|
||||
padding-right: var(--tg-safe-right, 0px);
|
||||
}
|
||||
.content {
|
||||
flex: 0 1 auto;
|
||||
@@ -116,7 +122,18 @@
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
}
|
||||
/* No tab bar → the content is the bottom-most element: pad it by the device home-indicator inset
|
||||
so it clears the cut-out, the strip taking the content's own background. With a tab bar the
|
||||
.tabbar owns that inset instead (and content is not the last child, so this does not apply). */
|
||||
.content:last-child {
|
||||
padding-bottom: var(--tg-safe-bottom, 0px);
|
||||
}
|
||||
.tabbar {
|
||||
flex: 0 0 auto;
|
||||
/* Extend the bottom bar's chrome (the TabBar's --bg-elev) under the device home indicator
|
||||
inside Telegram (the inset is 0 elsewhere), so the safe-area strip reads as part of the bar
|
||||
instead of the content background showing through. */
|
||||
background: var(--bg-elev);
|
||||
padding-bottom: var(--tg-safe-bottom, 0px);
|
||||
}
|
||||
</style>
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
<script lang="ts">
|
||||
import { app, dismissStaleInvite } from '../lib/app.svelte';
|
||||
import { router } from '../lib/router.svelte';
|
||||
import { t } from '../lib/i18n/index.svelte';
|
||||
import { botUsername } from '../lib/deeplink';
|
||||
import { telegramOpenLink } from '../lib/telegram';
|
||||
import { insideTelegram, telegramDialogsAvailable, telegramOpenLink, telegramShowPopup } from '../lib/telegram';
|
||||
import { BOT_BUTTON_ID, botInfoPopup } from '../lib/nativedialogs';
|
||||
import Modal from './Modal.svelte';
|
||||
|
||||
// The single bot's @username, for the deep link.
|
||||
@@ -19,9 +21,30 @@
|
||||
}
|
||||
dismissStaleInvite();
|
||||
}
|
||||
|
||||
// Native path: when the notice fires inside the Mini App with native popups, present Telegram's
|
||||
// own popup instead of the in-app modal. insideTelegram()/dialogs are evaluated at fire time, not
|
||||
// captured at init: this component mounts before bootstrap loads the SDK, so a captured value
|
||||
// would be stale. The popup's "open bot" button opens the bot chat; any other dismissal clears the
|
||||
// notice; the `shown` guard fires it once per notice.
|
||||
// The notice is raised during boot; wait until the loading cover for the current route is gone —
|
||||
// the tile splash on the lobby (splashDone), the plain loading screen elsewhere (app.ready) — so
|
||||
// the native popup never appears over the splash.
|
||||
const ready = $derived(router.route.name === 'lobby' ? app.splashDone : app.ready);
|
||||
let shown = false;
|
||||
$effect(() => {
|
||||
if (app.staleInvite && !shown && ready && insideTelegram() && telegramDialogsAvailable()) {
|
||||
shown = true;
|
||||
void telegramShowPopup(
|
||||
botInfoPopup(t('friends.staleInviteTitle'), t('friends.staleInvite'), username ?? '', t('common.ok')),
|
||||
).then((id) => (id === BOT_BUTTON_ID ? openBot() : dismissStaleInvite()));
|
||||
} else if (!app.staleInvite) {
|
||||
shown = false;
|
||||
}
|
||||
});
|
||||
</script>
|
||||
|
||||
{#if app.staleInvite}
|
||||
{#if app.staleInvite && ready && !(insideTelegram() && telegramDialogsAvailable())}
|
||||
<Modal title={t('friends.staleInviteTitle')} onclose={dismissStaleInvite}>
|
||||
<p class="msg">{parts[0]}{#if username}<button type="button" class="bot" onclick={openBot}>@{username}</button>{/if}{parts[1] ?? ''}</p>
|
||||
<button class="ok" onclick={dismissStaleInvite}>{t('common.ok')}</button>
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
<script lang="ts">
|
||||
import { app, dismissWelcomeRedeem } from '../lib/app.svelte';
|
||||
import { router } from '../lib/router.svelte';
|
||||
import { t } from '../lib/i18n/index.svelte';
|
||||
import { botUsername } from '../lib/deeplink';
|
||||
import { telegramOpenLink } from '../lib/telegram';
|
||||
import { insideTelegram, telegramDialogsAvailable, telegramOpenLink, telegramShowPopup } from '../lib/telegram';
|
||||
import { BOT_BUTTON_ID, botInfoPopup } from '../lib/nativedialogs';
|
||||
import Modal from './Modal.svelte';
|
||||
|
||||
// The single bot's @username, for the deep link.
|
||||
@@ -22,9 +24,30 @@
|
||||
}
|
||||
dismissWelcomeRedeem();
|
||||
}
|
||||
|
||||
// Native path: when the greeting fires inside the Mini App with native popups, present Telegram's
|
||||
// own popup instead of the in-app modal. insideTelegram()/dialogs are evaluated at fire time, not
|
||||
// captured at init: this component mounts before bootstrap loads the SDK, so a captured value
|
||||
// would be stale. The popup's "open bot" button opens the bot chat; any other dismissal clears it;
|
||||
// the `shown` guard fires it once per greeting.
|
||||
// The greeting is raised during boot; wait until the loading cover for the current route is gone —
|
||||
// the tile splash on the lobby (splashDone), the plain loading screen elsewhere (app.ready) — so
|
||||
// the native popup never appears over the splash.
|
||||
const ready = $derived(router.route.name === 'lobby' ? app.splashDone : app.ready);
|
||||
let shown = false;
|
||||
$effect(() => {
|
||||
if (app.welcomeRedeem && !shown && ready && insideTelegram() && telegramDialogsAvailable()) {
|
||||
shown = true;
|
||||
void telegramShowPopup(
|
||||
botInfoPopup(t('friends.welcomeRedeemTitle'), t('friends.welcomeRedeem', { name }), username ?? '', t('common.ok')),
|
||||
).then((id) => (id === BOT_BUTTON_ID ? openBot() : dismissWelcomeRedeem()));
|
||||
} else if (!app.welcomeRedeem) {
|
||||
shown = false;
|
||||
}
|
||||
});
|
||||
</script>
|
||||
|
||||
{#if app.welcomeRedeem}
|
||||
{#if app.welcomeRedeem && ready && !(insideTelegram() && telegramDialogsAvailable())}
|
||||
<Modal title={t('friends.welcomeRedeemTitle')} onclose={dismissWelcomeRedeem}>
|
||||
<p class="msg">{parts[0]}{#if username}<button type="button" class="bot" onclick={openBot}>@{username}</button>{/if}{parts[1] ?? ''}</p>
|
||||
<button class="ok" onclick={dismissWelcomeRedeem}>{t('common.ok')}</button>
|
||||
|
||||
+12
-5
@@ -24,7 +24,7 @@
|
||||
import { getCachedGame, setCachedGame, setCachedDraft, type CachedGame } from '../lib/gamecache';
|
||||
import { patchLobbyGame } from '../lib/lobbycache';
|
||||
import { applyGameOver, applyMoveDelta, applyOpponentJoined, type DeltaResult } from '../lib/gamedelta';
|
||||
import { telegramClosingConfirmation, telegramHaptic } from '../lib/telegram';
|
||||
import { insideTelegram, telegramDialogsAvailable, telegramHaptic, telegramShowConfirm } from '../lib/telegram';
|
||||
import {
|
||||
BLANK,
|
||||
newPlacement,
|
||||
@@ -228,8 +228,6 @@
|
||||
placement = tiles.length ? placementFromHint(tiles, rack) : newPlacement(rack);
|
||||
}
|
||||
onMount(() => {
|
||||
// Guard against an accidental swipe-close losing the open game (Telegram).
|
||||
telegramClosingConfirmation(true);
|
||||
// Render instantly from the cache (a game opened before), then refresh in the
|
||||
// background. A cold open shows the loading state until load() resolves.
|
||||
const cached = getCachedGame(id);
|
||||
@@ -579,7 +577,6 @@
|
||||
clearTimeout(draftSaveTimer);
|
||||
void gateway.draftSave(id, serializeDraft(rackIds, placement.pending)).catch(() => {});
|
||||
}
|
||||
telegramClosingConfirmation(false);
|
||||
});
|
||||
|
||||
function onCell(row: number, col: number) {
|
||||
@@ -715,6 +712,16 @@
|
||||
busy = false;
|
||||
}
|
||||
}
|
||||
// onResignClick: inside the Mini App (and online) confirm with Telegram's native dialog and resign
|
||||
// on accept; otherwise open the in-app confirm modal (which also carries the offline-disabled action).
|
||||
async function onResignClick(): Promise<void> {
|
||||
if (connection.online && insideTelegram() && telegramDialogsAvailable()) {
|
||||
if (await telegramShowConfirm(t('game.confirmResign'))) doResign();
|
||||
return;
|
||||
}
|
||||
resignOpen = true;
|
||||
}
|
||||
|
||||
async function doResign() {
|
||||
resignOpen = false;
|
||||
busy = true;
|
||||
@@ -1152,7 +1159,7 @@
|
||||
<button class="hicon" onclick={exportGcg} aria-label={t('game.exportGcg')}>📤</button>
|
||||
{/if}
|
||||
{:else}
|
||||
<button class="hicon" onclick={() => (resignOpen = true)} disabled={waitingForOpponent} aria-label={t('game.dropGame')}>🏁</button>
|
||||
<button class="hicon" onclick={onResignClick} disabled={waitingForOpponent} aria-label={t('game.dropGame')}>🏁</button>
|
||||
{/if}
|
||||
{#if !view.game.multipleWordsPerTurn}<span class="oneword-label">{t('game.oneWordRule')}</span>{/if}
|
||||
<!-- A finished AI game has no comms at all (no chat, and the dictionary closes with the
|
||||
|
||||
@@ -27,22 +27,34 @@ email(optionalEncoding?:any):string|Uint8Array|null {
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
browserTz():string|null
|
||||
browserTz(optionalEncoding:flatbuffers.Encoding):string|Uint8Array|null
|
||||
browserTz(optionalEncoding?:any):string|Uint8Array|null {
|
||||
const offset = this.bb!.__offset(this.bb_pos, 6);
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
static startEmailRequestRequest(builder:flatbuffers.Builder) {
|
||||
builder.startObject(1);
|
||||
builder.startObject(2);
|
||||
}
|
||||
|
||||
static addEmail(builder:flatbuffers.Builder, emailOffset:flatbuffers.Offset) {
|
||||
builder.addFieldOffset(0, emailOffset, 0);
|
||||
}
|
||||
|
||||
static addBrowserTz(builder:flatbuffers.Builder, browserTzOffset:flatbuffers.Offset) {
|
||||
builder.addFieldOffset(1, browserTzOffset, 0);
|
||||
}
|
||||
|
||||
static endEmailRequestRequest(builder:flatbuffers.Builder):flatbuffers.Offset {
|
||||
const offset = builder.endObject();
|
||||
return offset;
|
||||
}
|
||||
|
||||
static createEmailRequestRequest(builder:flatbuffers.Builder, emailOffset:flatbuffers.Offset):flatbuffers.Offset {
|
||||
static createEmailRequestRequest(builder:flatbuffers.Builder, emailOffset:flatbuffers.Offset, browserTzOffset:flatbuffers.Offset):flatbuffers.Offset {
|
||||
EmailRequestRequest.startEmailRequestRequest(builder);
|
||||
EmailRequestRequest.addEmail(builder, emailOffset);
|
||||
EmailRequestRequest.addBrowserTz(builder, browserTzOffset);
|
||||
return EmailRequestRequest.endEmailRequestRequest(builder);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -56,8 +56,22 @@ channel(optionalEncoding?:any):string|Uint8Array|null {
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
version():string|null
|
||||
version(optionalEncoding:flatbuffers.Encoding):string|Uint8Array|null
|
||||
version(optionalEncoding?:any):string|Uint8Array|null {
|
||||
const offset = this.bb!.__offset(this.bb_pos, 12);
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
browserTz():string|null
|
||||
browserTz(optionalEncoding:flatbuffers.Encoding):string|Uint8Array|null
|
||||
browserTz(optionalEncoding?:any):string|Uint8Array|null {
|
||||
const offset = this.bb!.__offset(this.bb_pos, 14);
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
static startFeedbackSubmitRequest(builder:flatbuffers.Builder) {
|
||||
builder.startObject(4);
|
||||
builder.startObject(6);
|
||||
}
|
||||
|
||||
static addBody(builder:flatbuffers.Builder, bodyOffset:flatbuffers.Offset) {
|
||||
@@ -88,17 +102,27 @@ static addChannel(builder:flatbuffers.Builder, channelOffset:flatbuffers.Offset)
|
||||
builder.addFieldOffset(3, channelOffset, 0);
|
||||
}
|
||||
|
||||
static addVersion(builder:flatbuffers.Builder, versionOffset:flatbuffers.Offset) {
|
||||
builder.addFieldOffset(4, versionOffset, 0);
|
||||
}
|
||||
|
||||
static addBrowserTz(builder:flatbuffers.Builder, browserTzOffset:flatbuffers.Offset) {
|
||||
builder.addFieldOffset(5, browserTzOffset, 0);
|
||||
}
|
||||
|
||||
static endFeedbackSubmitRequest(builder:flatbuffers.Builder):flatbuffers.Offset {
|
||||
const offset = builder.endObject();
|
||||
return offset;
|
||||
}
|
||||
|
||||
static createFeedbackSubmitRequest(builder:flatbuffers.Builder, bodyOffset:flatbuffers.Offset, attachmentOffset:flatbuffers.Offset, attachmentNameOffset:flatbuffers.Offset, channelOffset:flatbuffers.Offset):flatbuffers.Offset {
|
||||
static createFeedbackSubmitRequest(builder:flatbuffers.Builder, bodyOffset:flatbuffers.Offset, attachmentOffset:flatbuffers.Offset, attachmentNameOffset:flatbuffers.Offset, channelOffset:flatbuffers.Offset, versionOffset:flatbuffers.Offset, browserTzOffset:flatbuffers.Offset):flatbuffers.Offset {
|
||||
FeedbackSubmitRequest.startFeedbackSubmitRequest(builder);
|
||||
FeedbackSubmitRequest.addBody(builder, bodyOffset);
|
||||
FeedbackSubmitRequest.addAttachment(builder, attachmentOffset);
|
||||
FeedbackSubmitRequest.addAttachmentName(builder, attachmentNameOffset);
|
||||
FeedbackSubmitRequest.addChannel(builder, channelOffset);
|
||||
FeedbackSubmitRequest.addVersion(builder, versionOffset);
|
||||
FeedbackSubmitRequest.addBrowserTz(builder, browserTzOffset);
|
||||
return FeedbackSubmitRequest.endFeedbackSubmitRequest(builder);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,22 +27,34 @@ locale(optionalEncoding?:any):string|Uint8Array|null {
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
browserTz():string|null
|
||||
browserTz(optionalEncoding:flatbuffers.Encoding):string|Uint8Array|null
|
||||
browserTz(optionalEncoding?:any):string|Uint8Array|null {
|
||||
const offset = this.bb!.__offset(this.bb_pos, 6);
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
static startGuestLoginRequest(builder:flatbuffers.Builder) {
|
||||
builder.startObject(1);
|
||||
builder.startObject(2);
|
||||
}
|
||||
|
||||
static addLocale(builder:flatbuffers.Builder, localeOffset:flatbuffers.Offset) {
|
||||
builder.addFieldOffset(0, localeOffset, 0);
|
||||
}
|
||||
|
||||
static addBrowserTz(builder:flatbuffers.Builder, browserTzOffset:flatbuffers.Offset) {
|
||||
builder.addFieldOffset(1, browserTzOffset, 0);
|
||||
}
|
||||
|
||||
static endGuestLoginRequest(builder:flatbuffers.Builder):flatbuffers.Offset {
|
||||
const offset = builder.endObject();
|
||||
return offset;
|
||||
}
|
||||
|
||||
static createGuestLoginRequest(builder:flatbuffers.Builder, localeOffset:flatbuffers.Offset):flatbuffers.Offset {
|
||||
static createGuestLoginRequest(builder:flatbuffers.Builder, localeOffset:flatbuffers.Offset, browserTzOffset:flatbuffers.Offset):flatbuffers.Offset {
|
||||
GuestLoginRequest.startGuestLoginRequest(builder);
|
||||
GuestLoginRequest.addLocale(builder, localeOffset);
|
||||
GuestLoginRequest.addBrowserTz(builder, browserTzOffset);
|
||||
return GuestLoginRequest.endGuestLoginRequest(builder);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,22 +27,34 @@ initData(optionalEncoding?:any):string|Uint8Array|null {
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
browserTz():string|null
|
||||
browserTz(optionalEncoding:flatbuffers.Encoding):string|Uint8Array|null
|
||||
browserTz(optionalEncoding?:any):string|Uint8Array|null {
|
||||
const offset = this.bb!.__offset(this.bb_pos, 6);
|
||||
return offset ? this.bb!.__string(this.bb_pos + offset, optionalEncoding) : null;
|
||||
}
|
||||
|
||||
static startTelegramLoginRequest(builder:flatbuffers.Builder) {
|
||||
builder.startObject(1);
|
||||
builder.startObject(2);
|
||||
}
|
||||
|
||||
static addInitData(builder:flatbuffers.Builder, initDataOffset:flatbuffers.Offset) {
|
||||
builder.addFieldOffset(0, initDataOffset, 0);
|
||||
}
|
||||
|
||||
static addBrowserTz(builder:flatbuffers.Builder, browserTzOffset:flatbuffers.Offset) {
|
||||
builder.addFieldOffset(1, browserTzOffset, 0);
|
||||
}
|
||||
|
||||
static endTelegramLoginRequest(builder:flatbuffers.Builder):flatbuffers.Offset {
|
||||
const offset = builder.endObject();
|
||||
return offset;
|
||||
}
|
||||
|
||||
static createTelegramLoginRequest(builder:flatbuffers.Builder, initDataOffset:flatbuffers.Offset):flatbuffers.Offset {
|
||||
static createTelegramLoginRequest(builder:flatbuffers.Builder, initDataOffset:flatbuffers.Offset, browserTzOffset:flatbuffers.Offset):flatbuffers.Offset {
|
||||
TelegramLoginRequest.startTelegramLoginRequest(builder);
|
||||
TelegramLoginRequest.addInitData(builder, initDataOffset);
|
||||
TelegramLoginRequest.addBrowserTz(builder, browserTzOffset);
|
||||
return TelegramLoginRequest.endTelegramLoginRequest(builder);
|
||||
}
|
||||
}
|
||||
|
||||
+186
-39
@@ -8,21 +8,31 @@ import { gateway } from './gateway';
|
||||
import { GatewayError } from './client';
|
||||
import { navigate, router } from './router.svelte';
|
||||
import { errorKey, localeFrom, setLocale, t, type Locale } from './i18n/index.svelte';
|
||||
import { applyReduceMotion, applyTelegramTheme, applyTheme, type ThemePref } from './theme';
|
||||
import { languageNeedsServerSync } from './language';
|
||||
import { applyReduceMotion, applyTelegramTheme, applyTheme, type ThemePref, type TelegramThemeParams } from './theme';
|
||||
import {
|
||||
insideTelegram,
|
||||
collectTelegramDiag,
|
||||
type TelegramDiag,
|
||||
onTelegramPath,
|
||||
hasLaunchFragment,
|
||||
loadTelegramSDK,
|
||||
telegramColorScheme,
|
||||
telegramThemeParams,
|
||||
telegramContentSafeAreaTop,
|
||||
telegramSafeAreaTop,
|
||||
telegramSafeAreaInset,
|
||||
telegramDisableVerticalSwipes,
|
||||
telegramShowSettingsButton,
|
||||
telegramHaptic,
|
||||
telegramLaunch,
|
||||
type TelegramLaunch,
|
||||
telegramOnEvent,
|
||||
telegramRequestFullscreen,
|
||||
telegramSetChrome,
|
||||
telegramCloudAvailable,
|
||||
telegramCloudGet,
|
||||
telegramCloudSet,
|
||||
} from './telegram';
|
||||
import { CLOUD_PREFS_KEY, decodeClientPrefs, encodeClientPrefs } from './cloudprefs';
|
||||
import { parseStartParam } from './deeplink';
|
||||
import { clearSession, loadPrefs, loadSession, saveSession, savePrefs } from './session';
|
||||
import { connection, reportOffline, reportOnline, resetConnection } from './connection.svelte';
|
||||
@@ -46,6 +56,14 @@ export const app = $state<{
|
||||
* backend was down during a deploy). App.svelte then renders the boot-error retry screen
|
||||
* instead of the web login — a Mini App has no manual sign-in to fall back to. */
|
||||
bootError: boolean;
|
||||
/** On the dedicated /telegram/ entry, set to a privacy-safe diagnostic snapshot when a Mini App
|
||||
* launch carried no sign-in data (empty initData). App.svelte then renders the compact
|
||||
* launch-error screen (screens/TelegramLaunchError) — a shareable probe for why Telegram
|
||||
* delivered no initData (seen on some Android clients) — instead of bouncing to the landing. */
|
||||
launchError: TelegramDiag | null;
|
||||
/** Whether the hidden on-device debug panel (components/DebugPanel) is open — toggled by tapping
|
||||
* the header title ten times in quick succession. A support aid; carries no secrets. */
|
||||
debugOpen: boolean;
|
||||
/** Whether the lobby's first cold load has settled (success or error). The loading splash
|
||||
* (components/Splash.svelte) watches it to know when to dismiss; set by screens/Lobby. */
|
||||
lobbyReady: boolean;
|
||||
@@ -67,7 +85,6 @@ export const app = $state<{
|
||||
locale: Locale;
|
||||
reduceMotion: boolean;
|
||||
boardLabels: BoardLabelMode;
|
||||
localeLocked: boolean;
|
||||
/** Pending incoming friend requests, for the lobby ⚙️ badge and the Settings Friends tab. */
|
||||
notifications: number;
|
||||
/** Per-game flag: the player has at least one unread chat entry (message or nudge) in that
|
||||
@@ -96,6 +113,8 @@ export const app = $state<{
|
||||
}>({
|
||||
ready: false,
|
||||
bootError: false,
|
||||
launchError: null,
|
||||
debugOpen: false,
|
||||
lobbyReady: false,
|
||||
splashDone: false,
|
||||
streamAlive: false,
|
||||
@@ -108,7 +127,6 @@ export const app = $state<{
|
||||
locale: 'en',
|
||||
reduceMotion: false,
|
||||
boardLabels: 'beginner',
|
||||
localeLocked: false,
|
||||
notifications: 0,
|
||||
chatUnread: {},
|
||||
messageUnread: {},
|
||||
@@ -188,6 +206,16 @@ export function dismissWelcomeRedeem(): void {
|
||||
app.welcomeRedeem = false;
|
||||
}
|
||||
|
||||
/** openDebug / closeDebug toggle the hidden on-device debug panel (components/DebugPanel), opened
|
||||
* by tapping the header title ten times — a support aid that shows and shares client diagnostics. */
|
||||
export function openDebug(): void {
|
||||
app.debugOpen = true;
|
||||
}
|
||||
|
||||
export function closeDebug(): void {
|
||||
app.debugOpen = false;
|
||||
}
|
||||
|
||||
/**
|
||||
* seedChatUnread sets a game's unread flags from an authoritative per-viewer REST view (the lobby
|
||||
* list, a game's state, or a move result): unread is any unread entry, message whether one of them
|
||||
@@ -450,11 +478,20 @@ async function adoptSession(s: Session): Promise<void> {
|
||||
await saveSession(s);
|
||||
try {
|
||||
app.profile = await gateway.profileGet();
|
||||
// The live interface language follows the device — the explicit local choice (locked, saved
|
||||
// in prefs) or the system guess made at bootstrap — and is no longer overridden from the
|
||||
// account here. preferred_language stays the user's saved choice (written from Settings,
|
||||
// and used for out-of-app push routing), but the Telegram bot a user signs in through must
|
||||
// not dictate the UI: a ru-bot launch on an English system stays English.
|
||||
// The live interface language follows the device — the explicit local choice (saved in
|
||||
// prefs) or the system guess made at bootstrap — and is no longer overridden from the
|
||||
// account here: the Telegram bot a user signs in through must not dictate the UI, so a
|
||||
// ru-bot launch on an English system stays English.
|
||||
//
|
||||
// The banner and out-of-app push are resolved server-side from preferred_language, so it
|
||||
// must track whatever language the UI actually shows — the explicit choice AND the system
|
||||
// guess. Reconcile it to the active locale on every adopt, not only after an explicit
|
||||
// Settings choice: a user who never opened Settings would otherwise be stuck on the
|
||||
// creation-time seed — e.g. an English banner under a Russian UI. This keeps every
|
||||
// server-rendered, language-dependent surface (banner, out-of-app push) aligned with the
|
||||
// interface, not just one. persistLanguageToServer self-gates (a no-op for guests and when
|
||||
// already equal), so there is no write in the steady state.
|
||||
void persistLanguageToServer(app.locale);
|
||||
} catch (err) {
|
||||
handleError(err);
|
||||
}
|
||||
@@ -475,6 +512,10 @@ export async function applyLinkResult(r: LinkResult): Promise<void> {
|
||||
return;
|
||||
}
|
||||
app.profile = await gateway.profileGet();
|
||||
// A guest who linked in place now has a durable account: push the active interface language
|
||||
// so the banner + push routing follow it (see adoptSession — reconciled regardless of an
|
||||
// explicit Settings choice).
|
||||
void persistLanguageToServer(app.locale);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -492,17 +533,25 @@ function syncTelegramChrome(): void {
|
||||
}
|
||||
|
||||
/**
|
||||
* syncTelegramSafeArea mirrors Telegram's content-safe-area top inset (the height its native
|
||||
* nav overlays the viewport in fullscreen) into the --tg-content-top CSS var and toggles a
|
||||
* `tg-fullscreen` class, so the header can drop below the nav and centre the title in its
|
||||
* band. Called on launch and on Telegram's safe-area / fullscreen change events.
|
||||
* syncTelegramSafeArea mirrors Telegram's safe-area insets into CSS vars: the content-safe-area top
|
||||
* (the height Telegram's native nav overlays the viewport in fullscreen) into --tg-content-top
|
||||
* (which also toggles the `tg-fullscreen` class so the header drops below the nav and centres the
|
||||
* title in its band), and the device safe-area insets — notch / status bar (top), home indicator
|
||||
* (bottom) and the landscape notch sides (left / right) — into --tg-safe-top / --tg-safe-bottom /
|
||||
* --tg-safe-left / --tg-safe-right, so the header, rack and screen edges clear the device cut-outs.
|
||||
* Called on launch and on Telegram's safe-area / fullscreen change events.
|
||||
*/
|
||||
function syncTelegramSafeArea(): void {
|
||||
if (typeof document === 'undefined') return;
|
||||
const root = document.documentElement;
|
||||
const top = telegramContentSafeAreaTop();
|
||||
document.documentElement.style.setProperty('--tg-content-top', `${top}px`);
|
||||
document.documentElement.style.setProperty('--tg-safe-top', `${telegramSafeAreaTop()}px`);
|
||||
document.documentElement.classList.toggle('tg-fullscreen', top > 0);
|
||||
const safe = telegramSafeAreaInset();
|
||||
root.style.setProperty('--tg-content-top', `${top}px`);
|
||||
root.style.setProperty('--tg-safe-top', `${safe.top}px`);
|
||||
root.style.setProperty('--tg-safe-bottom', `${safe.bottom}px`);
|
||||
root.style.setProperty('--tg-safe-left', `${safe.left}px`);
|
||||
root.style.setProperty('--tg-safe-right', `${safe.right}px`);
|
||||
root.classList.toggle('tg-fullscreen', top > 0);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -518,6 +567,42 @@ function syncViewportHeight(): void {
|
||||
if (h > 0) document.documentElement.style.setProperty('--vvh', `${h}px`);
|
||||
}
|
||||
|
||||
/**
|
||||
* syncTelegramTheme re-applies Telegram's theme integration — the themeParams token overrides,
|
||||
* Telegram's authoritative colour scheme, and the matching chrome — from theme, or from the SDK's
|
||||
* current themeParams when omitted. Called on launch with the launch snapshot and live on the
|
||||
* themeChanged event, so switching Telegram's light/dark theme while the app is open is picked up
|
||||
* without a relaunch.
|
||||
*/
|
||||
function syncTelegramTheme(theme: TelegramThemeParams | undefined = telegramThemeParams()): void {
|
||||
if (theme) applyTelegramTheme(theme);
|
||||
// Inside Telegram the colour scheme is Telegram's to decide; force it explicitly so the OS
|
||||
// prefers-color-scheme (which leaks into the Telegram Desktop webview) cannot fight it. Falls
|
||||
// back to the stored preference when the SDK omits it.
|
||||
applyTheme(telegramColorScheme() ?? app.theme);
|
||||
syncTelegramChrome();
|
||||
}
|
||||
|
||||
/**
|
||||
* applyTelegramChrome applies a Mini App launch's visual integration: Telegram's authoritative
|
||||
* colour scheme and theme (syncTelegramTheme), the matching header / background / bottom chrome,
|
||||
* the safe-area insets, and the swipe-down-to-minimise guard. It is idempotent, so both the
|
||||
* initial bootstrap and a manual launch retry call it.
|
||||
*/
|
||||
function applyTelegramChrome(launch: TelegramLaunch): void {
|
||||
syncTelegramTheme(launch.theme);
|
||||
// Mirror the safe-area insets and stop Telegram's swipe-down-to-minimise from fighting tile drag
|
||||
// / board scroll.
|
||||
syncTelegramSafeArea();
|
||||
telegramDisableVerticalSwipes();
|
||||
}
|
||||
|
||||
/** How long to wait for the dynamically loaded Telegram Mini App SDK before giving up and showing
|
||||
* the launch-error screen. A network that blocks telegram.org makes the script hang rather than
|
||||
* fail fast (a connection refusal resolves immediately via the script's error event), so this only
|
||||
* bounds a true hang; it is generous enough not to misfire on a slow but working network. */
|
||||
const TELEGRAM_SDK_TIMEOUT_MS = 10000;
|
||||
|
||||
export async function bootstrap(): Promise<void> {
|
||||
const prefs = await loadPrefs();
|
||||
app.theme = prefs.theme ?? 'auto';
|
||||
@@ -527,7 +612,6 @@ export async function bootstrap(): Promise<void> {
|
||||
applyReduceMotion(app.reduceMotion);
|
||||
if (prefs.locale) {
|
||||
app.locale = prefs.locale;
|
||||
app.localeLocked = true;
|
||||
setLocale(prefs.locale);
|
||||
} else {
|
||||
const guess = localeFrom(typeof navigator !== 'undefined' ? navigator.language : 'en');
|
||||
@@ -542,33 +626,39 @@ export async function bootstrap(): Promise<void> {
|
||||
window.visualViewport.addEventListener('scroll', syncViewportHeight);
|
||||
}
|
||||
|
||||
// Telegram Mini App launch: apply the platform theme, authenticate via initData,
|
||||
// and route any deep-link start parameter. On the dedicated /telegram/ entry path
|
||||
// outside Telegram (no initData), refuse to render and send the visitor to the
|
||||
// site root.
|
||||
// Load the Telegram Mini App SDK dynamically, with a timeout, on a Telegram entry — it is no
|
||||
// longer a render-blocking <script> in index.html, so a network that blocks telegram.org (common
|
||||
// where Telegram itself reaches users only over a proxy) cannot hang the page and strand the app
|
||||
// or the diagnostic screen below. Skipped on a plain web / native entry, which never needs it.
|
||||
if (onTelegramPath() || hasLaunchFragment()) {
|
||||
await loadTelegramSDK(TELEGRAM_SDK_TIMEOUT_MS);
|
||||
}
|
||||
// Telegram Mini App launch: apply the platform theme, authenticate via initData, and route any
|
||||
// deep-link start parameter. On the dedicated /telegram/ entry without sign-in data (no/empty
|
||||
// initData — outside Telegram, or a Mini App launch that delivered none, as seen on some Android
|
||||
// clients), render the compact launch-error screen with a diagnostic snapshot the user can share
|
||||
// with the developer, instead of bouncing the visitor to the marketing landing.
|
||||
if (onTelegramPath() && !insideTelegram()) {
|
||||
if (typeof location !== 'undefined') location.replace('/');
|
||||
app.launchError = collectTelegramDiag();
|
||||
app.ready = true;
|
||||
return;
|
||||
}
|
||||
if (insideTelegram()) {
|
||||
const launch = telegramLaunch();
|
||||
if (launch.theme) applyTelegramTheme(launch.theme);
|
||||
// Inside Telegram the colour scheme is Telegram's to decide; force it explicitly
|
||||
// so the OS prefers-color-scheme (which leaks into the Telegram Desktop webview)
|
||||
// cannot fight it. Falls back to the stored preference when the SDK omits it.
|
||||
applyTheme(telegramColorScheme() ?? app.theme);
|
||||
// Match Telegram's chrome to the app and stop its swipe-down-to-minimise from
|
||||
// fighting tile drag / board scroll.
|
||||
syncTelegramChrome();
|
||||
syncTelegramSafeArea();
|
||||
applyTelegramChrome(launch);
|
||||
// Pull the device-independent display prefs (theme / reduce-motion / board labels) from
|
||||
// CloudStorage in the background so a change on another device follows the user here; the local
|
||||
// values applied above render instantly, so this reconciles without blocking launch.
|
||||
void reconcileCloudPrefs();
|
||||
// Re-sync the safe-area insets whenever Telegram's chrome changes (registered once per load).
|
||||
telegramOnEvent('contentSafeAreaChanged', syncTelegramSafeArea);
|
||||
telegramOnEvent('safeAreaChanged', syncTelegramSafeArea);
|
||||
telegramOnEvent('fullscreenChanged', syncTelegramSafeArea);
|
||||
telegramDisableVerticalSwipes();
|
||||
// On mobile, go immersive fullscreen like Telegram's own Mini Apps; the fullscreenChanged
|
||||
// listener above then re-syncs the safe-area insets. Desktop keeps the bot's full-size
|
||||
// window. No-op on clients predating Bot API 8.0.
|
||||
telegramRequestFullscreen();
|
||||
// Re-apply the theme live when the user switches Telegram's light/dark mode while the app is open.
|
||||
telegramOnEvent('themeChanged', () => syncTelegramTheme());
|
||||
// Telegram's native Settings button (Bot API 7.0) opens our Settings screen; the in-app gear
|
||||
// entry stays the primary path. No-op on clients predating the button.
|
||||
telegramShowSettingsButton(() => navigate('/settings'));
|
||||
await bootTelegram(launch);
|
||||
app.ready = true;
|
||||
return;
|
||||
@@ -635,6 +725,28 @@ export async function retryTelegramBoot(): Promise<void> {
|
||||
app.ready = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* retryTelegramLaunch re-attempts a Mini App launch from the launch-error screen's Retry button. If
|
||||
* sign-in data is present now (e.g. it arrived late on a slow client) it clears the error and runs
|
||||
* the normal launch; otherwise it refreshes the diagnostic snapshot so the screen reflects the
|
||||
* current state. It never reloads — telegram-web-app.js consumes the launch fragment on first load,
|
||||
* so a reload could discard the very data we are waiting for.
|
||||
*/
|
||||
export async function retryTelegramLaunch(): Promise<void> {
|
||||
// Re-attempt the SDK load — the network may have recovered since the launch-error screen showed.
|
||||
await loadTelegramSDK(TELEGRAM_SDK_TIMEOUT_MS);
|
||||
if (!insideTelegram()) {
|
||||
app.launchError = collectTelegramDiag();
|
||||
return;
|
||||
}
|
||||
app.launchError = null;
|
||||
app.ready = false;
|
||||
const launch = telegramLaunch();
|
||||
applyTelegramChrome(launch);
|
||||
await bootTelegram(launch);
|
||||
app.ready = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* routeStartParam navigates a Telegram deep-link start parameter to its target: a
|
||||
* specific game, the friends screen with a friend-code redemption, or the lobby
|
||||
@@ -733,6 +845,42 @@ function persistPrefs(): void {
|
||||
reduceMotion: app.reduceMotion,
|
||||
boardLabels: app.boardLabels,
|
||||
});
|
||||
// Mirror the device-independent display prefs to Telegram CloudStorage so they follow the user
|
||||
// across devices (no-op outside Telegram / on a client predating it). Locale is excluded — it
|
||||
// syncs via the durable account (Profile.preferredLanguage) instead.
|
||||
void telegramCloudSet(
|
||||
CLOUD_PREFS_KEY,
|
||||
encodeClientPrefs({ theme: app.theme, reduceMotion: app.reduceMotion, boardLabels: app.boardLabels }),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* reconcileCloudPrefs pulls the device-independent display prefs (theme / reduce-motion / board
|
||||
* labels) from Telegram CloudStorage and applies any that differ from the current values, so a
|
||||
* change made on another Telegram device follows the user here. The local store is the
|
||||
* instant-render cache (read synchronously at boot); this runs once on launch after it and persists
|
||||
* what it applied. Theme is not re-applied visually — inside Telegram the colour scheme is
|
||||
* Telegram's to decide — only its stored value is updated. A no-op outside Telegram or when
|
||||
* CloudStorage is unavailable; locale is never synced this way (it has its own server reconciler).
|
||||
*/
|
||||
async function reconcileCloudPrefs(): Promise<void> {
|
||||
if (!telegramCloudAvailable()) return;
|
||||
const cloud = decodeClientPrefs(await telegramCloudGet(CLOUD_PREFS_KEY));
|
||||
let changed = false;
|
||||
if (cloud.theme !== undefined && cloud.theme !== app.theme) {
|
||||
app.theme = cloud.theme;
|
||||
changed = true;
|
||||
}
|
||||
if (cloud.reduceMotion !== undefined && cloud.reduceMotion !== app.reduceMotion) {
|
||||
app.reduceMotion = cloud.reduceMotion;
|
||||
applyReduceMotion(app.reduceMotion);
|
||||
changed = true;
|
||||
}
|
||||
if (cloud.boardLabels !== undefined && cloud.boardLabels !== app.boardLabels) {
|
||||
app.boardLabels = cloud.boardLabels;
|
||||
changed = true;
|
||||
}
|
||||
if (changed) persistPrefs();
|
||||
}
|
||||
|
||||
export function setTheme(theme: ThemePref): void {
|
||||
@@ -743,7 +891,6 @@ export function setTheme(theme: ThemePref): void {
|
||||
|
||||
export function setLocalePref(locale: Locale): void {
|
||||
app.locale = locale;
|
||||
app.localeLocked = true;
|
||||
setLocale(locale);
|
||||
persistPrefs();
|
||||
void persistLanguageToServer(locale);
|
||||
@@ -756,7 +903,7 @@ export function setLocalePref(locale: Locale): void {
|
||||
*/
|
||||
async function persistLanguageToServer(locale: Locale): Promise<void> {
|
||||
const p = app.profile;
|
||||
if (!p || p.isGuest || p.preferredLanguage === locale) return;
|
||||
if (!p || !languageNeedsServerSync(p, locale)) return;
|
||||
try {
|
||||
app.profile = await gateway.profileUpdate({
|
||||
displayName: p.displayName,
|
||||
|
||||
@@ -0,0 +1,31 @@
|
||||
import { describe, expect, it } from 'vitest';
|
||||
import { CLOUD_PREFS_KEY, decodeClientPrefs, encodeClientPrefs } from './cloudprefs';
|
||||
|
||||
describe('cloudprefs', () => {
|
||||
it('round-trips the synced client prefs', () => {
|
||||
const p = { theme: 'dark', reduceMotion: true, boardLabels: 'classic' } as const;
|
||||
expect(decodeClientPrefs(encodeClientPrefs(p))).toEqual(p);
|
||||
});
|
||||
|
||||
it('never encodes the locale (it syncs via the durable account instead)', () => {
|
||||
const raw = encodeClientPrefs({ theme: 'light', reduceMotion: false, boardLabels: 'none' });
|
||||
expect(raw).not.toContain('locale');
|
||||
});
|
||||
|
||||
it('returns an empty partial for missing or malformed input', () => {
|
||||
expect(decodeClientPrefs(null)).toEqual({});
|
||||
expect(decodeClientPrefs(undefined)).toEqual({});
|
||||
expect(decodeClientPrefs('')).toEqual({});
|
||||
expect(decodeClientPrefs('not json')).toEqual({});
|
||||
expect(decodeClientPrefs('[1,2,3]')).toEqual({});
|
||||
});
|
||||
|
||||
it('keeps only valid fields and drops unknown or mistyped ones', () => {
|
||||
const raw = JSON.stringify({ theme: 'neon', reduceMotion: 'yes', boardLabels: 'classic', locale: 'ru' });
|
||||
expect(decodeClientPrefs(raw)).toEqual({ boardLabels: 'classic' });
|
||||
});
|
||||
|
||||
it('exposes the CloudStorage key', () => {
|
||||
expect(CLOUD_PREFS_KEY).toBe('prefs');
|
||||
});
|
||||
});
|
||||
@@ -0,0 +1,49 @@
|
||||
// Telegram CloudStorage sync for the device-independent client display preferences — theme,
|
||||
// reduce-motion and board labels — so they follow the user across their Telegram devices. The
|
||||
// interface language is intentionally excluded: it has its own server-side sync
|
||||
// (Profile.preferredLanguage) plus an on-launch reconciler, and mixing it in here would fight that.
|
||||
// The pure encode/decode is kept free of the SDK and the DOM so it unit-tests in the node
|
||||
// environment; the CloudStorage transport wrappers live in telegram.ts and the wiring (mirror on
|
||||
// save, reconcile on launch) in app.svelte.ts.
|
||||
|
||||
import type { ThemePref } from './theme';
|
||||
import type { BoardLabelMode } from './boardlabels';
|
||||
|
||||
/** ClientPrefs is the subset of preferences synced across devices via Telegram CloudStorage. */
|
||||
export interface ClientPrefs {
|
||||
theme: ThemePref;
|
||||
reduceMotion: boolean;
|
||||
boardLabels: BoardLabelMode;
|
||||
}
|
||||
|
||||
/** CLOUD_PREFS_KEY is the Telegram CloudStorage key holding the JSON-encoded ClientPrefs. */
|
||||
export const CLOUD_PREFS_KEY = 'prefs';
|
||||
|
||||
/** encodeClientPrefs serialises the synced client prefs (and only those — never the locale). */
|
||||
export function encodeClientPrefs(p: ClientPrefs): string {
|
||||
return JSON.stringify({ theme: p.theme, reduceMotion: p.reduceMotion, boardLabels: p.boardLabels });
|
||||
}
|
||||
|
||||
/**
|
||||
* decodeClientPrefs parses a CloudStorage payload into a partial ClientPrefs, keeping only valid
|
||||
* fields and dropping anything unknown, mistyped or malformed — so a value written by a newer or
|
||||
* older build, or a corrupt entry, never throws and never applies a bad setting. A missing field
|
||||
* stays absent, so the caller leaves the corresponding local value untouched.
|
||||
*/
|
||||
export function decodeClientPrefs(raw: string | null | undefined): Partial<ClientPrefs> {
|
||||
if (!raw) return {};
|
||||
let o: Record<string, unknown>;
|
||||
try {
|
||||
o = JSON.parse(raw) as Record<string, unknown>;
|
||||
} catch {
|
||||
return {};
|
||||
}
|
||||
if (!o || typeof o !== 'object') return {};
|
||||
const out: Partial<ClientPrefs> = {};
|
||||
if (o.theme === 'auto' || o.theme === 'light' || o.theme === 'dark') out.theme = o.theme;
|
||||
if (typeof o.reduceMotion === 'boolean') out.reduceMotion = o.reduceMotion;
|
||||
if (o.boardLabels === 'beginner' || o.boardLabels === 'classic' || o.boardLabels === 'none') {
|
||||
out.boardLabels = o.boardLabels;
|
||||
}
|
||||
return out;
|
||||
}
|
||||
@@ -19,13 +19,16 @@ import {
|
||||
decodeStateView,
|
||||
decodeStats,
|
||||
encodeCheckWord,
|
||||
encodeEmailRequest,
|
||||
encodeFeedbackSubmit,
|
||||
encodeDraftSave,
|
||||
encodeEnqueue,
|
||||
encodeExchange,
|
||||
encodeGuestLogin,
|
||||
encodeStateRequest,
|
||||
encodeSubmitPlay,
|
||||
encodeTarget,
|
||||
encodeTelegramLogin,
|
||||
encodeUpdateProfile,
|
||||
} from './codec';
|
||||
|
||||
@@ -73,21 +76,45 @@ describe('codec', () => {
|
||||
});
|
||||
});
|
||||
|
||||
it('carries the detected browser zone on every account-creating auth request', () => {
|
||||
const tg = fb.TelegramLoginRequest.getRootAsTelegramLoginRequest(
|
||||
new ByteBuffer(encodeTelegramLogin('init-data-blob', '+03:00')),
|
||||
);
|
||||
expect(tg.initData()).toBe('init-data-blob');
|
||||
expect(tg.browserTz()).toBe('+03:00');
|
||||
|
||||
const guest = fb.GuestLoginRequest.getRootAsGuestLoginRequest(
|
||||
new ByteBuffer(encodeGuestLogin('ru', '-05:30')),
|
||||
);
|
||||
expect(guest.locale()).toBe('ru');
|
||||
expect(guest.browserTz()).toBe('-05:30');
|
||||
|
||||
const email = fb.EmailRequestRequest.getRootAsEmailRequestRequest(
|
||||
new ByteBuffer(encodeEmailRequest('a@example.com', '+00:00')),
|
||||
);
|
||||
expect(email.email()).toBe('a@example.com');
|
||||
expect(email.browserTz()).toBe('+00:00');
|
||||
});
|
||||
|
||||
it('round-trips a feedback submit and decodes state + unread', () => {
|
||||
const att = new Uint8Array([1, 2, 3, 4]);
|
||||
const req = fb.FeedbackSubmitRequest.getRootAsFeedbackSubmitRequest(
|
||||
new ByteBuffer(encodeFeedbackSubmit('please fix', att, 'shot.png', 'ios')),
|
||||
new ByteBuffer(encodeFeedbackSubmit('please fix', att, 'shot.png', 'ios', 'v1.2.3', '+03:00')),
|
||||
);
|
||||
expect(req.body()).toBe('please fix');
|
||||
expect(req.attachmentName()).toBe('shot.png');
|
||||
expect(req.channel()).toBe('ios');
|
||||
expect(req.version()).toBe('v1.2.3');
|
||||
expect(req.browserTz()).toBe('+03:00');
|
||||
expect(Array.from(req.attachmentArray() ?? [])).toEqual([1, 2, 3, 4]);
|
||||
|
||||
// No attachment: the vector is empty.
|
||||
const req2 = fb.FeedbackSubmitRequest.getRootAsFeedbackSubmitRequest(
|
||||
new ByteBuffer(encodeFeedbackSubmit('hi', null, '', 'web')),
|
||||
new ByteBuffer(encodeFeedbackSubmit('hi', null, '', 'web', 'dev', '+00:00')),
|
||||
);
|
||||
expect(req2.body()).toBe('hi');
|
||||
expect(req2.version()).toBe('dev');
|
||||
expect(req2.browserTz()).toBe('+00:00');
|
||||
expect(req2.attachmentLength()).toBe(0);
|
||||
|
||||
// State carrying a reply.
|
||||
|
||||
+15
-3
@@ -179,27 +179,33 @@ export function encodeChatPost(gameId: string, body: string): Uint8Array {
|
||||
return finish(b, fb.ChatPostRequest.endChatPostRequest(b));
|
||||
}
|
||||
|
||||
export function encodeTelegramLogin(initData: string): Uint8Array {
|
||||
export function encodeTelegramLogin(initData: string, browserTz: string): Uint8Array {
|
||||
const b = new Builder(512);
|
||||
const d = b.createString(initData);
|
||||
const tz = b.createString(browserTz);
|
||||
fb.TelegramLoginRequest.startTelegramLoginRequest(b);
|
||||
fb.TelegramLoginRequest.addInitData(b, d);
|
||||
fb.TelegramLoginRequest.addBrowserTz(b, tz);
|
||||
return finish(b, fb.TelegramLoginRequest.endTelegramLoginRequest(b));
|
||||
}
|
||||
|
||||
export function encodeGuestLogin(locale: string): Uint8Array {
|
||||
export function encodeGuestLogin(locale: string, browserTz: string): Uint8Array {
|
||||
const b = new Builder(64);
|
||||
const l = b.createString(locale);
|
||||
const tz = b.createString(browserTz);
|
||||
fb.GuestLoginRequest.startGuestLoginRequest(b);
|
||||
fb.GuestLoginRequest.addLocale(b, l);
|
||||
fb.GuestLoginRequest.addBrowserTz(b, tz);
|
||||
return finish(b, fb.GuestLoginRequest.endGuestLoginRequest(b));
|
||||
}
|
||||
|
||||
export function encodeEmailRequest(email: string): Uint8Array {
|
||||
export function encodeEmailRequest(email: string, browserTz: string): Uint8Array {
|
||||
const b = new Builder(128);
|
||||
const e = b.createString(email);
|
||||
const tz = b.createString(browserTz);
|
||||
fb.EmailRequestRequest.startEmailRequestRequest(b);
|
||||
fb.EmailRequestRequest.addEmail(b, e);
|
||||
fb.EmailRequestRequest.addBrowserTz(b, tz);
|
||||
return finish(b, fb.EmailRequestRequest.endEmailRequestRequest(b));
|
||||
}
|
||||
|
||||
@@ -489,17 +495,23 @@ export function encodeFeedbackSubmit(
|
||||
attachment: Uint8Array | null,
|
||||
attachmentName: string,
|
||||
channel: string,
|
||||
version: string,
|
||||
browserTz: string,
|
||||
): Uint8Array {
|
||||
const b = new Builder(256);
|
||||
const bodyOff = b.createString(body);
|
||||
const attOff = attachment && attachment.length > 0 ? fb.FeedbackSubmitRequest.createAttachmentVector(b, attachment) : 0;
|
||||
const nameOff = b.createString(attachmentName);
|
||||
const chOff = b.createString(channel);
|
||||
const verOff = b.createString(version);
|
||||
const tzOff = b.createString(browserTz);
|
||||
fb.FeedbackSubmitRequest.startFeedbackSubmitRequest(b);
|
||||
fb.FeedbackSubmitRequest.addBody(b, bodyOff);
|
||||
if (attOff) fb.FeedbackSubmitRequest.addAttachment(b, attOff);
|
||||
fb.FeedbackSubmitRequest.addAttachmentName(b, nameOff);
|
||||
fb.FeedbackSubmitRequest.addChannel(b, chOff);
|
||||
fb.FeedbackSubmitRequest.addVersion(b, verOff);
|
||||
fb.FeedbackSubmitRequest.addBrowserTz(b, tzOff);
|
||||
return finish(b, fb.FeedbackSubmitRequest.endFeedbackSubmitRequest(b));
|
||||
}
|
||||
|
||||
|
||||
@@ -14,6 +14,11 @@ export const en = {
|
||||
'boot.errorTitle': "Couldn't load the game",
|
||||
'boot.errorBody': 'Please try again in a moment.',
|
||||
|
||||
'launch.errorTitle': "Can't open in Telegram",
|
||||
'launch.errorBody': 'Screenshot or share this with the developer.',
|
||||
'launch.share': 'Share',
|
||||
'launch.copied': 'Copied',
|
||||
|
||||
'common.back': 'Back',
|
||||
'common.cancel': 'Cancel',
|
||||
'common.ok': 'OK',
|
||||
@@ -227,6 +232,9 @@ export const en = {
|
||||
'friends.decline': 'Decline',
|
||||
'friends.unfriend': 'Remove',
|
||||
'friends.block': 'Block',
|
||||
'friends.actions': 'Actions',
|
||||
'friends.blockConfirm': 'Block this player?',
|
||||
'friends.unfriendConfirm': 'Remove from friends?',
|
||||
'friends.add': 'Add a friend',
|
||||
'friends.addFromGame': 'Add to friends',
|
||||
'friends.blockFromGame': 'Block player',
|
||||
@@ -239,7 +247,7 @@ export const en = {
|
||||
'friends.redeem': 'Add',
|
||||
'friends.copy': 'Copy',
|
||||
'friends.codeCopied': 'Code copied.',
|
||||
'friends.shareTelegram': 'Share via Telegram',
|
||||
'friends.shareTelegram': 'Share',
|
||||
'friends.inviteText': "Let's play Scrabble!",
|
||||
'friends.linkCopied': 'Link copied.',
|
||||
'friends.selfInvite': "Hopefully you've been friends with yourself for a while ☺️",
|
||||
|
||||
@@ -15,6 +15,11 @@ export const ru: Record<MessageKey, string> = {
|
||||
'boot.errorTitle': 'Не удалось загрузить игру',
|
||||
'boot.errorBody': 'Попробуйте ещё раз или зайдите позже.',
|
||||
|
||||
'launch.errorTitle': 'Не открывается в Telegram',
|
||||
'launch.errorBody': 'Сделайте скриншот или поделитесь с разработчиком.',
|
||||
'launch.share': 'Поделиться',
|
||||
'launch.copied': 'Скопировано',
|
||||
|
||||
'common.back': 'Назад',
|
||||
'common.cancel': 'Отмена',
|
||||
'common.ok': 'ОК',
|
||||
@@ -228,6 +233,9 @@ export const ru: Record<MessageKey, string> = {
|
||||
'friends.decline': 'Отклонить',
|
||||
'friends.unfriend': 'Удалить',
|
||||
'friends.block': 'Заблокировать',
|
||||
'friends.actions': 'Действия',
|
||||
'friends.blockConfirm': 'Заблокировать?',
|
||||
'friends.unfriendConfirm': 'Удалить из друзей?',
|
||||
'friends.add': 'Добавить друга',
|
||||
'friends.addFromGame': 'В друзья',
|
||||
'friends.blockFromGame': 'Заблокировать',
|
||||
@@ -240,7 +248,7 @@ export const ru: Record<MessageKey, string> = {
|
||||
'friends.redeem': 'Добавить',
|
||||
'friends.copy': 'Копировать',
|
||||
'friends.codeCopied': 'Код скопирован.',
|
||||
'friends.shareTelegram': 'Поделиться через Telegram',
|
||||
'friends.shareTelegram': 'Поделиться',
|
||||
'friends.inviteText': 'Давай играть в Эрудит!',
|
||||
'friends.linkCopied': 'Ссылка скопирована.',
|
||||
'friends.selfInvite': 'Надеюсь, что с собой Вы уже давно дружите ☺️',
|
||||
|
||||
@@ -0,0 +1,27 @@
|
||||
import { describe, it, expect } from 'vitest';
|
||||
|
||||
import { languageNeedsServerSync } from './language';
|
||||
import type { Profile } from './model';
|
||||
|
||||
// The reconciler only reads isGuest + preferredLanguage; a partial cast keeps the fixture small.
|
||||
const profile = (over: Partial<Profile>): Profile => ({ isGuest: false, preferredLanguage: 'en', ...over }) as Profile;
|
||||
|
||||
describe('languageNeedsServerSync', () => {
|
||||
it('is false without a profile', () => {
|
||||
expect(languageNeedsServerSync(null, 'ru')).toBe(false);
|
||||
expect(languageNeedsServerSync(undefined, 'ru')).toBe(false);
|
||||
});
|
||||
|
||||
it('is false for a guest — guests keep only the client preference', () => {
|
||||
expect(languageNeedsServerSync(profile({ isGuest: true, preferredLanguage: 'en' }), 'ru')).toBe(false);
|
||||
});
|
||||
|
||||
it('is false when the account already matches the locale', () => {
|
||||
expect(languageNeedsServerSync(profile({ preferredLanguage: 'ru' }), 'ru')).toBe(false);
|
||||
});
|
||||
|
||||
it('is true for a real account whose stored language differs (banner + push follow it)', () => {
|
||||
expect(languageNeedsServerSync(profile({ preferredLanguage: 'en' }), 'ru')).toBe(true);
|
||||
expect(languageNeedsServerSync(profile({ preferredLanguage: 'ru' }), 'en')).toBe(true);
|
||||
});
|
||||
});
|
||||
@@ -0,0 +1,22 @@
|
||||
// Interface-language reconciliation. Kept out of app.svelte.ts (a runes module that the
|
||||
// node-env Vitest layer cannot import) so the decision is unit-testable.
|
||||
|
||||
import type { Locale } from './i18n/catalog';
|
||||
import type { Profile } from './model';
|
||||
|
||||
/**
|
||||
* languageNeedsServerSync reports whether the durable account's `preferred_language` should be
|
||||
* rewritten to the chosen interface `locale`. It is true only for a real (non-guest) account
|
||||
* whose stored language differs from the locale; guests keep only the client-side preference,
|
||||
* and an already-matching account is a no-op.
|
||||
*
|
||||
* The UI language follows the device (the local choice / system guess), but the advertising
|
||||
* banner and out-of-app push routing are resolved server-side from `preferred_language`. A saved
|
||||
* device choice the account has not yet recorded — picked while a guest, or differing from the
|
||||
* Telegram system-language seed — would otherwise leave the banner and pushes in the wrong
|
||||
* language until the next Settings change. Both the Settings control and the on-load reconciler
|
||||
* gate their write on this.
|
||||
*/
|
||||
export function languageNeedsServerSync(profile: Profile | null | undefined, locale: Locale): boolean {
|
||||
return !!profile && !profile.isGuest && profile.preferredLanguage !== locale;
|
||||
}
|
||||
@@ -0,0 +1,25 @@
|
||||
import { describe, expect, it } from 'vitest';
|
||||
import { BOT_BUTTON_ID, botInfoPopup } from './nativedialogs';
|
||||
|
||||
describe('botInfoPopup', () => {
|
||||
it('inlines the bot handle and adds an open-bot button', () => {
|
||||
const p = botInfoPopup('Title', 'Open the bot {bot} to play.', 'erudit_bot', 'OK');
|
||||
expect(p.title).toBe('Title');
|
||||
expect(p.message).toBe('Open the bot @erudit_bot to play.');
|
||||
expect(p.buttons).toEqual([
|
||||
{ id: BOT_BUTTON_ID, text: '@erudit_bot' },
|
||||
{ id: 'ok', text: 'OK' },
|
||||
]);
|
||||
});
|
||||
|
||||
it('drops the token and the open-bot button when no username is known', () => {
|
||||
const p = botInfoPopup('Title', 'Open the bot {bot} to play.', '', 'OK');
|
||||
expect(p.message).toBe('Open the bot to play.');
|
||||
expect(p.buttons).toEqual([{ id: 'ok', text: 'OK' }]);
|
||||
});
|
||||
|
||||
it('preserves newlines in the message', () => {
|
||||
const p = botInfoPopup('Hi', 'Welcome!\n\nUse {bot} now.', 'b', 'OK');
|
||||
expect(p.message).toBe('Welcome!\n\nUse @b now.');
|
||||
});
|
||||
});
|
||||
@@ -0,0 +1,24 @@
|
||||
// Pure builder for the Telegram native popup (showPopup) used by the deep-link info modals
|
||||
// (StaleInviteModal / WelcomeRedeemModal) inside the Mini App. Kept free of the SDK and the DOM so
|
||||
// it unit-tests in the node environment; the showPopup transport wrapper lives in telegram.ts and
|
||||
// the wiring (native inside Telegram, the in-app Modal elsewhere) in the modal components.
|
||||
|
||||
import type { TelegramPopupParams } from './telegram';
|
||||
|
||||
/** BOT_BUTTON_ID is the showPopup button id that means "open the bot chat". */
|
||||
export const BOT_BUTTON_ID = 'bot';
|
||||
|
||||
/**
|
||||
* botInfoPopup builds the native popup for a deep-link info modal: the message with the `{bot}`
|
||||
* token replaced by the `@username` as plain text (a native popup has no inline link, unlike the
|
||||
* in-app Modal), plus an "open bot" button when a username is known and a closing OK button. With
|
||||
* no username it is the message (token removed) and OK only.
|
||||
*/
|
||||
export function botInfoPopup(title: string, message: string, username: string, okText: string): TelegramPopupParams {
|
||||
const handle = username ? `@${username}` : '';
|
||||
const text = (username ? message.replace('{bot}', handle) : message.replace('{bot}', '').replace(' ', ' ')).trim();
|
||||
const buttons = username
|
||||
? [{ id: BOT_BUTTON_ID, text: handle }, { id: 'ok', text: okText }]
|
||||
: [{ id: 'ok', text: okText }];
|
||||
return { title, message: text, buttons };
|
||||
}
|
||||
@@ -1,5 +1,5 @@
|
||||
import { afterEach, describe, expect, it, vi } from 'vitest';
|
||||
import { pickGcgDelivery, shareOrDownloadGcg } from './share';
|
||||
import { pickGcgDelivery, pickTextShare, shareOrDownloadGcg, shareText } from './share';
|
||||
import type { GcgExport } from './model';
|
||||
|
||||
const file = {} as File;
|
||||
@@ -60,3 +60,42 @@ describe('shareOrDownloadGcg', () => {
|
||||
expect(anchor.click).toHaveBeenCalledOnce();
|
||||
});
|
||||
});
|
||||
|
||||
describe('pickTextShare', () => {
|
||||
it('shares when Web Share is available', () => {
|
||||
expect(pickTextShare({ share: async () => {}, canShare: () => true })).toBe('share');
|
||||
});
|
||||
|
||||
it('shares when share exists without canShare (text needs no file capability check)', () => {
|
||||
expect(pickTextShare({ share: async () => {} })).toBe('share');
|
||||
});
|
||||
|
||||
it('copies when there is no Web Share (desktop)', () => {
|
||||
expect(pickTextShare(undefined)).toBe('copy');
|
||||
expect(pickTextShare({} as never)).toBe('copy');
|
||||
});
|
||||
});
|
||||
|
||||
describe('shareText', () => {
|
||||
afterEach(() => vi.unstubAllGlobals());
|
||||
|
||||
it('uses the OS share sheet when available', async () => {
|
||||
const share = vi.fn().mockResolvedValue(undefined);
|
||||
vi.stubGlobal('navigator', { share, canShare: () => true });
|
||||
expect(await shareText('diag', 'title')).toBe('shared');
|
||||
expect(share).toHaveBeenCalledWith({ title: 'title', text: 'diag' });
|
||||
});
|
||||
|
||||
it('copies to the clipboard when Web Share is absent (desktop)', async () => {
|
||||
const writeText = vi.fn().mockResolvedValue(undefined);
|
||||
vi.stubGlobal('navigator', { clipboard: { writeText } });
|
||||
expect(await shareText('diag', 'title')).toBe('copied');
|
||||
expect(writeText).toHaveBeenCalledWith('diag');
|
||||
});
|
||||
|
||||
it('reports failure without a fallback when the share is cancelled', async () => {
|
||||
const share = vi.fn().mockRejectedValue(new DOMException('cancelled', 'AbortError'));
|
||||
vi.stubGlobal('navigator', { share, canShare: () => true });
|
||||
expect(await shareText('diag', 'title')).toBe('failed');
|
||||
});
|
||||
});
|
||||
|
||||
@@ -51,3 +51,42 @@ function downloadFile(content: string, filename: string): void {
|
||||
a.remove();
|
||||
URL.revokeObjectURL(url);
|
||||
}
|
||||
|
||||
type TextShareNav = Pick<Navigator, 'share'> & { canShare?: Navigator['canShare'] };
|
||||
|
||||
/**
|
||||
* pickTextShare decides how to deliver a plain-text payload: through the OS share sheet (Web Share,
|
||||
* available on mobile including the Telegram Mini App) or, on a desktop browser without it, a
|
||||
* clipboard copy. Pure, so it is unit-tested with a mock navigator.
|
||||
*/
|
||||
export function pickTextShare(nav: TextShareNav | undefined): 'share' | 'copy' {
|
||||
if (nav && typeof nav.share === 'function' && (typeof nav.canShare !== 'function' || nav.canShare({ text: 'x' }))) {
|
||||
return 'share';
|
||||
}
|
||||
return 'copy';
|
||||
}
|
||||
|
||||
/**
|
||||
* shareText delivers text through the OS share sheet where supported, else copies it to the
|
||||
* clipboard. It reports the path taken — 'shared', 'copied', or 'failed' (a cancelled share or an
|
||||
* unavailable clipboard) — so the caller can confirm a silent copy to the user. Like
|
||||
* shareOrDownloadGcg it never strands the webview: a cancelled share simply does nothing.
|
||||
*/
|
||||
export async function shareText(text: string, title: string): Promise<'shared' | 'copied' | 'failed'> {
|
||||
const nav = typeof navigator !== 'undefined' ? navigator : undefined;
|
||||
if (!nav) return 'failed';
|
||||
if (pickTextShare(nav) === 'share') {
|
||||
try {
|
||||
await nav.share({ title, text });
|
||||
return 'shared';
|
||||
} catch {
|
||||
return 'failed';
|
||||
}
|
||||
}
|
||||
try {
|
||||
await nav.clipboard.writeText(text);
|
||||
return 'copied';
|
||||
} catch {
|
||||
return 'failed';
|
||||
}
|
||||
}
|
||||
|
||||
+172
-61
@@ -1,11 +1,18 @@
|
||||
import { afterEach, describe, expect, it, vi } from 'vitest';
|
||||
import {
|
||||
collectTelegramDiag,
|
||||
insideTelegram,
|
||||
loadTelegramSDK,
|
||||
telegramSdkOutcome,
|
||||
routeExternalLinkInTelegram,
|
||||
telegramClosingConfirmation,
|
||||
telegramLaunch,
|
||||
telegramOpenExternalLink,
|
||||
telegramRequestFullscreen,
|
||||
telegramThemeParams,
|
||||
telegramSafeAreaInset,
|
||||
telegramShowSettingsButton,
|
||||
telegramDialogsAvailable,
|
||||
telegramShowConfirm,
|
||||
telegramShowPopup,
|
||||
} from './telegram';
|
||||
|
||||
function stubWebApp(initData: string, startParam?: string) {
|
||||
@@ -43,68 +50,19 @@ describe('telegram launch detection', () => {
|
||||
expect(launch.startParam).toBe('g123');
|
||||
expect(launch.theme?.bg_color).toBe('#101418');
|
||||
});
|
||||
});
|
||||
|
||||
// stubClient stands up a fake WebApp on the given platform with spies for the mobile-gated
|
||||
// chrome toggles, so the platform gate can be asserted without a real Telegram client.
|
||||
function stubClient(platform?: string) {
|
||||
const enable = vi.fn();
|
||||
const disable = vi.fn();
|
||||
const requestFullscreen = vi.fn();
|
||||
vi.stubGlobal('window', {
|
||||
Telegram: {
|
||||
WebApp: { platform, enableClosingConfirmation: enable, disableClosingConfirmation: disable, requestFullscreen },
|
||||
},
|
||||
});
|
||||
return { enable, disable, requestFullscreen };
|
||||
}
|
||||
|
||||
const mobilePlatforms = ['ios', 'android', 'android_x'];
|
||||
const desktopPlatforms = ['tdesktop', 'macos', 'web', undefined];
|
||||
|
||||
describe('telegramClosingConfirmation', () => {
|
||||
afterEach(() => vi.unstubAllGlobals());
|
||||
|
||||
it('arms the close guard on mobile clients', () => {
|
||||
for (const p of mobilePlatforms) {
|
||||
const { enable } = stubClient(p);
|
||||
telegramClosingConfirmation(true);
|
||||
expect(enable, `platform=${p}`).toHaveBeenCalledOnce();
|
||||
}
|
||||
it('telegramThemeParams reads the live palette (undefined outside Telegram)', () => {
|
||||
expect(telegramThemeParams()).toBeUndefined();
|
||||
stubWebApp('query_id=abc');
|
||||
expect(telegramThemeParams()?.bg_color).toBe('#101418');
|
||||
});
|
||||
|
||||
it('skips the close guard on desktop clients (the dialog there is just noise)', () => {
|
||||
for (const p of desktopPlatforms) {
|
||||
const { enable } = stubClient(p);
|
||||
telegramClosingConfirmation(true);
|
||||
expect(enable, `platform=${p}`).not.toHaveBeenCalled();
|
||||
}
|
||||
});
|
||||
|
||||
it('always lifts the guard on leave, regardless of platform', () => {
|
||||
const { disable } = stubClient('tdesktop');
|
||||
telegramClosingConfirmation(false);
|
||||
expect(disable).toHaveBeenCalledOnce();
|
||||
});
|
||||
});
|
||||
|
||||
describe('telegramRequestFullscreen', () => {
|
||||
afterEach(() => vi.unstubAllGlobals());
|
||||
|
||||
it('goes immersive fullscreen on mobile clients', () => {
|
||||
for (const p of mobilePlatforms) {
|
||||
const { requestFullscreen } = stubClient(p);
|
||||
telegramRequestFullscreen();
|
||||
expect(requestFullscreen, `platform=${p}`).toHaveBeenCalledOnce();
|
||||
}
|
||||
});
|
||||
|
||||
it('leaves desktop clients as a standard window (the bot full-size setting fills it)', () => {
|
||||
for (const p of desktopPlatforms) {
|
||||
const { requestFullscreen } = stubClient(p);
|
||||
telegramRequestFullscreen();
|
||||
expect(requestFullscreen, `platform=${p}`).not.toHaveBeenCalled();
|
||||
}
|
||||
it('telegramSafeAreaInset returns zeros outside Telegram and the SDK insets inside', () => {
|
||||
expect(telegramSafeAreaInset()).toEqual({ top: 0, bottom: 0, left: 0, right: 0 });
|
||||
vi.stubGlobal('window', {
|
||||
Telegram: { WebApp: { initData: 'x', safeAreaInset: { top: 59, bottom: 34, left: 0, right: 0 } } },
|
||||
});
|
||||
expect(telegramSafeAreaInset()).toEqual({ top: 59, bottom: 34, left: 0, right: 0 });
|
||||
});
|
||||
});
|
||||
|
||||
@@ -123,6 +81,56 @@ describe('telegramOpenExternalLink', () => {
|
||||
});
|
||||
});
|
||||
|
||||
describe('telegramShowSettingsButton', () => {
|
||||
afterEach(() => vi.unstubAllGlobals());
|
||||
|
||||
it('shows the native Settings button and wires its click inside Telegram', () => {
|
||||
const onClick = vi.fn();
|
||||
const show = vi.fn();
|
||||
const handler = vi.fn();
|
||||
vi.stubGlobal('window', { Telegram: { WebApp: { SettingsButton: { onClick, show } } } });
|
||||
telegramShowSettingsButton(handler);
|
||||
expect(onClick).toHaveBeenCalledWith(handler);
|
||||
expect(show).toHaveBeenCalled();
|
||||
});
|
||||
|
||||
it('is a no-op without the SDK button (older client / outside Telegram)', () => {
|
||||
expect(() => telegramShowSettingsButton(() => {})).not.toThrow();
|
||||
});
|
||||
});
|
||||
|
||||
describe('native dialogs', () => {
|
||||
afterEach(() => vi.unstubAllGlobals());
|
||||
|
||||
it('telegramDialogsAvailable reflects showPopup presence', () => {
|
||||
expect(telegramDialogsAvailable()).toBe(false);
|
||||
vi.stubGlobal('window', { Telegram: { WebApp: { showPopup: () => {} } } });
|
||||
expect(telegramDialogsAvailable()).toBe(true);
|
||||
});
|
||||
|
||||
it('telegramShowConfirm resolves the user choice inside Telegram', async () => {
|
||||
vi.stubGlobal('window', {
|
||||
Telegram: { WebApp: { showConfirm: (_m: string, cb: (ok: boolean) => void) => cb(true) } },
|
||||
});
|
||||
await expect(telegramShowConfirm('Sure?')).resolves.toBe(true);
|
||||
});
|
||||
|
||||
it('telegramShowConfirm resolves false without the SDK dialog', async () => {
|
||||
await expect(telegramShowConfirm('Sure?')).resolves.toBe(false);
|
||||
});
|
||||
|
||||
it('telegramShowPopup resolves the pressed button id', async () => {
|
||||
vi.stubGlobal('window', {
|
||||
Telegram: { WebApp: { showPopup: (_p: unknown, cb: (id: string) => void) => cb('bot') } },
|
||||
});
|
||||
await expect(telegramShowPopup({ message: 'Hi' })).resolves.toBe('bot');
|
||||
});
|
||||
|
||||
it('telegramShowPopup resolves null without the SDK', async () => {
|
||||
await expect(telegramShowPopup({ message: 'Hi' })).resolves.toBeNull();
|
||||
});
|
||||
});
|
||||
|
||||
describe('routeExternalLinkInTelegram', () => {
|
||||
afterEach(() => vi.unstubAllGlobals());
|
||||
|
||||
@@ -155,3 +163,106 @@ describe('routeExternalLinkInTelegram', () => {
|
||||
expect(routeExternalLinkInTelegram({ href: 'https://x.io', target: '_blank' })).toBe(false);
|
||||
});
|
||||
});
|
||||
|
||||
describe('collectTelegramDiag', () => {
|
||||
afterEach(() => vi.unstubAllGlobals());
|
||||
|
||||
it('reports a missing SDK outside Telegram', () => {
|
||||
const d = collectTelegramDiag();
|
||||
expect(d.hasSDK).toBe(false);
|
||||
expect(d.hasWebApp).toBe(false);
|
||||
expect(d.initDataLen).toBe(0);
|
||||
expect(d.fieldsPresent).toEqual([]);
|
||||
expect(d.fieldsMissing).toEqual(['user', 'auth_date', 'hash', 'signature']);
|
||||
});
|
||||
|
||||
it('reads field NAMES (never values) from a non-empty initData', () => {
|
||||
stubWebApp('query_id=abc&user=%7B%7D&auth_date=1&hash=deadbeef');
|
||||
const d = collectTelegramDiag();
|
||||
expect(d.hasSDK).toBe(true);
|
||||
expect(d.hasWebApp).toBe(true);
|
||||
expect(d.initDataLen).toBeGreaterThan(0);
|
||||
expect(d.fieldsPresent).toEqual(['query_id', 'user', 'auth_date', 'hash']);
|
||||
expect(d.fieldsMissing).toEqual(['signature']);
|
||||
});
|
||||
|
||||
it('recovers field names from the URL fragment when the SDK left initData empty', () => {
|
||||
// Telegram passed launch data in the fragment, but WebApp.initData is empty (the Android
|
||||
// failure this screen diagnoses): the names come from the raw fragment instead, and
|
||||
// hashHadTgData flags that the data did arrive in the URL.
|
||||
vi.stubGlobal('window', { Telegram: { WebApp: { initData: '', platform: 'android' } } });
|
||||
vi.stubGlobal('location', {
|
||||
hash: '#tgWebAppData=user%3D%257B%257D%26auth_date%3D1%26hash%3Ddeadbeef&tgWebAppVersion=7.0',
|
||||
pathname: '/telegram/',
|
||||
});
|
||||
const d = collectTelegramDiag();
|
||||
expect(d.hasSDK).toBe(true);
|
||||
expect(d.platform).toBe('android');
|
||||
expect(d.initDataLen).toBe(0);
|
||||
expect(d.hashHadTgData).toBe(true);
|
||||
expect(d.fieldsPresent).toEqual(['user', 'auth_date', 'hash']);
|
||||
expect(d.fieldsMissing).toEqual(['signature']);
|
||||
});
|
||||
});
|
||||
|
||||
describe('loadTelegramSDK', () => {
|
||||
afterEach(() => {
|
||||
vi.unstubAllGlobals();
|
||||
vi.useRealTimers();
|
||||
});
|
||||
|
||||
it('resolves true and records "present" when the SDK is already there', async () => {
|
||||
vi.stubGlobal('window', { Telegram: { WebApp: { initData: '' } } });
|
||||
vi.stubGlobal('document', { createElement: vi.fn(), head: { appendChild: vi.fn() } });
|
||||
await expect(loadTelegramSDK(10000)).resolves.toBe(true);
|
||||
expect(telegramSdkOutcome()).toBe('present');
|
||||
});
|
||||
|
||||
it('records "loaded" when the script defines the WebApp', async () => {
|
||||
const script: Record<string, unknown> = {};
|
||||
vi.stubGlobal('window', {});
|
||||
vi.stubGlobal('document', {
|
||||
createElement: () => script,
|
||||
head: {
|
||||
appendChild: () => {
|
||||
(window as unknown as { Telegram: unknown }).Telegram = { WebApp: { initData: '' } };
|
||||
(script.onload as () => void)();
|
||||
},
|
||||
},
|
||||
});
|
||||
await expect(loadTelegramSDK(10000)).resolves.toBe(true);
|
||||
expect(telegramSdkOutcome()).toBe('loaded');
|
||||
});
|
||||
|
||||
it('records "no-webapp" when the script loads but defines nothing', async () => {
|
||||
const script: Record<string, unknown> = {};
|
||||
vi.stubGlobal('window', {});
|
||||
vi.stubGlobal('document', {
|
||||
createElement: () => script,
|
||||
head: { appendChild: () => (script.onload as () => void)() },
|
||||
});
|
||||
await expect(loadTelegramSDK(10000)).resolves.toBe(false);
|
||||
expect(telegramSdkOutcome()).toBe('no-webapp');
|
||||
});
|
||||
|
||||
it('records "error" when the script fails to load (telegram.org unreachable)', async () => {
|
||||
const script: Record<string, unknown> = {};
|
||||
vi.stubGlobal('window', {});
|
||||
vi.stubGlobal('document', {
|
||||
createElement: () => script,
|
||||
head: { appendChild: () => (script.onerror as () => void)() },
|
||||
});
|
||||
await expect(loadTelegramSDK(10000)).resolves.toBe(false);
|
||||
expect(telegramSdkOutcome()).toBe('error');
|
||||
});
|
||||
|
||||
it('records "timeout" when the script neither loads nor fails in time', async () => {
|
||||
vi.useFakeTimers();
|
||||
vi.stubGlobal('window', {});
|
||||
vi.stubGlobal('document', { createElement: () => ({}), head: { appendChild: vi.fn() } });
|
||||
const p = loadTelegramSDK(10000);
|
||||
await vi.advanceTimersByTimeAsync(10000);
|
||||
await expect(p).resolves.toBe(false);
|
||||
expect(telegramSdkOutcome()).toBe('timeout');
|
||||
});
|
||||
});
|
||||
|
||||
+345
-72
@@ -1,22 +1,41 @@
|
||||
// Telegram Mini App SDK access. The official telegram-web-app.js (loaded in
|
||||
// index.html) exposes window.Telegram.WebApp; this wraps the subset the app uses:
|
||||
// launch detection, initData (for auth.telegram), the deep-link start parameter,
|
||||
// Telegram Mini App SDK access. The official telegram-web-app.js (loaded dynamically with a
|
||||
// timeout by loadTelegramSDK — not a render-blocking <script> in index.html, so a network that
|
||||
// blocks telegram.org cannot hang the page) exposes window.Telegram.WebApp; this wraps the subset
|
||||
// the app uses: launch detection, initData (for auth.telegram), the deep-link start parameter,
|
||||
// theme params, and ready()/expand(). Every helper is safe to call outside Telegram.
|
||||
|
||||
import type { TelegramThemeParams } from './theme';
|
||||
|
||||
/** TelegramPopupButton is one button of a native showPopup (Bot API 6.2). */
|
||||
export interface TelegramPopupButton {
|
||||
id?: string;
|
||||
type?: 'default' | 'ok' | 'close' | 'cancel' | 'destructive';
|
||||
text?: string;
|
||||
}
|
||||
|
||||
/** TelegramPopupParams configures a native showPopup (title optional, message required, up to 3 buttons). */
|
||||
export interface TelegramPopupParams {
|
||||
title?: string;
|
||||
message: string;
|
||||
buttons?: TelegramPopupButton[];
|
||||
}
|
||||
|
||||
interface TelegramWebApp {
|
||||
initData: string;
|
||||
initDataUnsafe?: { start_param?: string };
|
||||
platform?: string;
|
||||
version?: string;
|
||||
themeParams?: TelegramThemeParams;
|
||||
colorScheme?: 'light' | 'dark';
|
||||
isFullscreen?: boolean;
|
||||
isExpanded?: boolean;
|
||||
viewportHeight?: number;
|
||||
viewportStableHeight?: number;
|
||||
exitFullscreen?: () => void;
|
||||
safeAreaInset?: { top: number; bottom: number; left: number; right: number };
|
||||
contentSafeAreaInset?: { top: number; bottom: number; left: number; right: number };
|
||||
ready?: () => void;
|
||||
expand?: () => void;
|
||||
requestFullscreen?: () => void;
|
||||
openTelegramLink?: (url: string) => void;
|
||||
openLink?: (url: string) => void;
|
||||
onEvent?: (event: string, handler: () => void) => void;
|
||||
@@ -24,19 +43,30 @@ interface TelegramWebApp {
|
||||
setBackgroundColor?: (color: string) => void;
|
||||
setBottomBarColor?: (color: string) => void;
|
||||
disableVerticalSwipes?: () => void;
|
||||
enableClosingConfirmation?: () => void;
|
||||
disableClosingConfirmation?: () => void;
|
||||
HapticFeedback?: {
|
||||
impactOccurred?: (style: string) => void;
|
||||
notificationOccurred?: (type: string) => void;
|
||||
selectionChanged?: () => void;
|
||||
};
|
||||
BackButton?: {
|
||||
isVisible?: boolean;
|
||||
show?: () => void;
|
||||
hide?: () => void;
|
||||
onClick?: (cb: () => void) => void;
|
||||
offClick?: (cb: () => void) => void;
|
||||
};
|
||||
SettingsButton?: {
|
||||
show?: () => void;
|
||||
hide?: () => void;
|
||||
onClick?: (cb: () => void) => void;
|
||||
offClick?: (cb: () => void) => void;
|
||||
};
|
||||
CloudStorage?: {
|
||||
getItem?: (key: string, cb: (err: string | null, value?: string) => void) => void;
|
||||
setItem?: (key: string, value: string, cb?: (err: string | null, ok?: boolean) => void) => void;
|
||||
};
|
||||
showConfirm?: (message: string, cb?: (ok: boolean) => void) => void;
|
||||
showPopup?: (params: TelegramPopupParams, cb?: (buttonId: string) => void) => void;
|
||||
}
|
||||
|
||||
function webApp(): TelegramWebApp | undefined {
|
||||
@@ -53,6 +83,72 @@ export function insideTelegram(): boolean {
|
||||
return !!w && typeof w.initData === 'string' && w.initData.length > 0;
|
||||
}
|
||||
|
||||
// The ?NN suffix pins the Bot API SDK version Telegram serves (and busts the cache); keep it at the
|
||||
// version the official Mini Apps page currently recommends so newer client features (fullscreen,
|
||||
// safe-area insets, vertical-swipe guard, …) are available. Bump it when Telegram bumps theirs.
|
||||
const sdkScriptSrc = 'https://telegram.org/js/telegram-web-app.js?62';
|
||||
|
||||
/**
|
||||
* TelegramSdkOutcome records how the dynamic telegram-web-app.js load resolved, surfaced on the
|
||||
* launch-error screen to tell the failure modes apart — notably 'error' / 'timeout', which mean the
|
||||
* network could not reach telegram.org (the script blocked or hung):
|
||||
*
|
||||
* not-attempted — loadTelegramSDK was never called (a plain web / native entry)
|
||||
* present — window.Telegram.WebApp was already there (a cached load or native injection)
|
||||
* loaded — the script loaded and defined window.Telegram.WebApp
|
||||
* no-webapp — the script loaded (HTTP 200) but did not define window.Telegram.WebApp
|
||||
* error — the script failed to load (telegram.org unreachable / blocked, a fast failure)
|
||||
* timeout — the script neither loaded nor failed within the timeout (a blocked, hanging fetch)
|
||||
*/
|
||||
export type TelegramSdkOutcome = 'not-attempted' | 'present' | 'loaded' | 'no-webapp' | 'error' | 'timeout';
|
||||
|
||||
let sdkLoadOutcome: TelegramSdkOutcome = 'not-attempted';
|
||||
|
||||
/** telegramSdkOutcome returns how the last loadTelegramSDK attempt resolved (see TelegramSdkOutcome). */
|
||||
export function telegramSdkOutcome(): TelegramSdkOutcome {
|
||||
return sdkLoadOutcome;
|
||||
}
|
||||
|
||||
/**
|
||||
* loadTelegramSDK injects the official telegram-web-app.js and resolves true once
|
||||
* window.Telegram.WebApp is available, or false if the script errors or does not load within
|
||||
* timeoutMs. It is loaded dynamically — not a render-blocking <script> in index.html — so a network
|
||||
* that blocks telegram.org (common where Telegram itself reaches users only over a proxy) cannot
|
||||
* hang the page and strand the app or the launch-error screen. Resolves true immediately when the
|
||||
* SDK is already present (a cached load, or a future native injection); a fast connection failure
|
||||
* resolves via the error event without waiting out the timeout, so the timeout only bounds a true
|
||||
* hang.
|
||||
*/
|
||||
export function loadTelegramSDK(timeoutMs: number): Promise<boolean> {
|
||||
if (typeof document === 'undefined') return Promise.resolve(false);
|
||||
if (webApp()) {
|
||||
sdkLoadOutcome = 'present';
|
||||
return Promise.resolve(true);
|
||||
}
|
||||
return new Promise<boolean>((resolve) => {
|
||||
let done = false;
|
||||
const finish = (outcome: TelegramSdkOutcome): void => {
|
||||
if (done) return;
|
||||
done = true;
|
||||
sdkLoadOutcome = outcome;
|
||||
resolve(outcome === 'loaded');
|
||||
};
|
||||
const timer = setTimeout(() => finish(webApp() ? 'loaded' : 'timeout'), timeoutMs);
|
||||
const s = document.createElement('script');
|
||||
s.src = sdkScriptSrc;
|
||||
s.async = true;
|
||||
s.onload = () => {
|
||||
clearTimeout(timer);
|
||||
finish(webApp() ? 'loaded' : 'no-webapp');
|
||||
};
|
||||
s.onerror = () => {
|
||||
clearTimeout(timer);
|
||||
finish('error');
|
||||
};
|
||||
document.head.appendChild(s);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramOpenLink opens a t.me link through the Mini App SDK, so Telegram navigates to
|
||||
* it natively (e.g. a bot chat) rather than spawning an in-app browser tab. Returns false
|
||||
@@ -173,6 +269,15 @@ export function telegramColorScheme(): 'light' | 'dark' | undefined {
|
||||
return webApp()?.colorScheme;
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramThemeParams returns Telegram's current theme palette (WebApp.themeParams), or undefined
|
||||
* outside Telegram. It reads the live value rather than a launch snapshot, so the themeChanged
|
||||
* event can re-apply the palette when the user switches Telegram's light/dark theme mid-session.
|
||||
*/
|
||||
export function telegramThemeParams(): TelegramThemeParams | undefined {
|
||||
return webApp()?.themeParams;
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramSetChrome paints Telegram's own header, background and bottom bar to match the
|
||||
* app's colours, so the surrounding Telegram chrome does not clash with the UI. No-op
|
||||
@@ -195,13 +300,15 @@ export function telegramContentSafeAreaTop(): number {
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramSafeAreaTop returns the device safe-area top inset (px) — the notch / status bar
|
||||
* (Bot API 8.0). Telegram's own nav controls sit in the band between it and
|
||||
* telegramContentSafeAreaTop, so aligning our header to that band lines it up with them. 0
|
||||
* outside Telegram or on older clients.
|
||||
* telegramSafeAreaInset returns the device safe-area insets (px) — the notch / status bar (top),
|
||||
* the home indicator (bottom) and, in landscape, the notch sides (left / right) — from the SDK's
|
||||
* safeAreaInset (Bot API 8.0). All 0 outside Telegram or on a client predating it, so callers can
|
||||
* pad defensively. Telegram's own nav controls sit in the band between the top inset and
|
||||
* telegramContentSafeAreaTop, so aligning our header to that band lines it up with them.
|
||||
*/
|
||||
export function telegramSafeAreaTop(): number {
|
||||
return webApp()?.safeAreaInset?.top ?? 0;
|
||||
export function telegramSafeAreaInset(): { top: number; bottom: number; left: number; right: number } {
|
||||
const i = webApp()?.safeAreaInset;
|
||||
return { top: i?.top ?? 0, bottom: i?.bottom ?? 0, left: i?.left ?? 0, right: i?.right ?? 0 };
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -212,6 +319,78 @@ export function telegramDisableVerticalSwipes(): void {
|
||||
webApp()?.disableVerticalSwipes?.();
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramShowSettingsButton reveals Telegram's native Settings button (in the Mini App's ⋮ menu,
|
||||
* Bot API 7.0) and routes its taps to handler. A no-op outside Telegram or on a client predating
|
||||
* the button, so the app's own in-app settings entry stays the primary path. The app registers it
|
||||
* once per launch (Telegram hides the button when the Mini App closes), so there is no offClick.
|
||||
*/
|
||||
export function telegramShowSettingsButton(handler: () => void): void {
|
||||
const b = webApp()?.SettingsButton;
|
||||
if (!b?.show) return;
|
||||
b.onClick?.(handler);
|
||||
b.show();
|
||||
}
|
||||
|
||||
/** telegramCloudAvailable reports whether Telegram CloudStorage (Bot API 6.9) is usable. */
|
||||
export function telegramCloudAvailable(): boolean {
|
||||
return !!webApp()?.CloudStorage?.getItem;
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramCloudGet reads a value from Telegram CloudStorage, resolving null when the key is absent,
|
||||
* CloudStorage is unavailable (outside Telegram / a client predating Bot API 6.9), or the read
|
||||
* errors — so the caller can fall back to the local value.
|
||||
*/
|
||||
export function telegramCloudGet(key: string): Promise<string | null> {
|
||||
const cs = webApp()?.CloudStorage;
|
||||
if (!cs?.getItem) return Promise.resolve(null);
|
||||
return new Promise((resolve) => {
|
||||
cs.getItem!(key, (err, value) => resolve(err ? null : (value ?? null)));
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramCloudSet writes a value to Telegram CloudStorage, resolving once the write settles. It is
|
||||
* best-effort: a no-op outside Telegram / on an older client, and it swallows write errors, since
|
||||
* the local store remains the source of truth.
|
||||
*/
|
||||
export function telegramCloudSet(key: string, value: string): Promise<void> {
|
||||
const cs = webApp()?.CloudStorage;
|
||||
if (!cs?.setItem) return Promise.resolve();
|
||||
return new Promise((resolve) => {
|
||||
cs.setItem!(key, value, () => resolve());
|
||||
});
|
||||
}
|
||||
|
||||
/** telegramDialogsAvailable reports whether Telegram's native dialogs (showConfirm / showPopup, Bot
|
||||
* API 6.2) are usable, so a caller can choose the native path over its own modal. */
|
||||
export function telegramDialogsAvailable(): boolean {
|
||||
return !!webApp()?.showPopup;
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramShowConfirm shows Telegram's native confirm dialog and resolves true when the user
|
||||
* accepts. Resolves false outside Telegram or on a client predating the dialog, so callers should
|
||||
* gate on telegramDialogsAvailable and fall back to their own modal otherwise.
|
||||
*/
|
||||
export function telegramShowConfirm(message: string): Promise<boolean> {
|
||||
const w = webApp();
|
||||
if (!w?.showConfirm) return Promise.resolve(false);
|
||||
return new Promise((resolve) => w.showConfirm!(message, (ok) => resolve(!!ok)));
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramShowPopup shows Telegram's native popup and resolves the pressed button id (the empty
|
||||
* string when dismissed without pressing a button). Resolves null outside Telegram or on a client
|
||||
* predating the popup, so callers can fall back to their own modal.
|
||||
*/
|
||||
export function telegramShowPopup(params: TelegramPopupParams): Promise<string | null> {
|
||||
const w = webApp();
|
||||
if (!w?.showPopup) return Promise.resolve(null);
|
||||
return new Promise((resolve) => w.showPopup!(params, (id) => resolve(id ?? '')));
|
||||
}
|
||||
|
||||
/** Haptic is the set of feedbacks the app triggers. */
|
||||
export type Haptic = 'select' | 'success' | 'error' | 'warning' | 'light' | 'medium' | 'heavy';
|
||||
|
||||
@@ -224,66 +403,6 @@ export function telegramHaptic(kind: Haptic): void {
|
||||
else h.impactOccurred?.(kind);
|
||||
}
|
||||
|
||||
/**
|
||||
* isMobilePlatform reports whether the Mini App runs on a Telegram mobile client — iOS or
|
||||
* Android (the latter reported as 'android' by Telegram for Android and 'android_x' by
|
||||
* Telegram X). Desktop clients (tdesktop, macOS, web) report other values. Used to limit
|
||||
* mobile-only chrome such as the close guard and immersive fullscreen.
|
||||
*/
|
||||
function isMobilePlatform(): boolean {
|
||||
const p = webApp()?.platform;
|
||||
return p === 'ios' || p === 'android' || p === 'android_x';
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramRequestFullscreen asks Telegram to open the Mini App in fullscreen (Bot API 8.0+),
|
||||
* but only on mobile clients — mirroring how Telegram's own Mini Apps go immersive on phones
|
||||
* while staying a standard window on desktop (where the bot's full-size setting already fills
|
||||
* the window). A no-op outside Telegram, on desktop, or on clients predating the method.
|
||||
*/
|
||||
export function telegramRequestFullscreen(): void {
|
||||
if (isMobilePlatform()) webApp()?.requestFullscreen?.();
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramClosingConfirmation toggles the confirmation Telegram shows when the user swipes
|
||||
* the Mini App closed — enabled during an active game so it is not lost by accident. The
|
||||
* guard is only armed on mobile clients: on desktop, closing a window is deliberate and
|
||||
* Telegram surfaces a "changes may not be saved" dialog that is just noise here (drafts
|
||||
* auto-save), so the confirmation is skipped there.
|
||||
*/
|
||||
export function telegramClosingConfirmation(on: boolean): void {
|
||||
const w = webApp();
|
||||
if (on) {
|
||||
if (isMobilePlatform()) w?.enableClosingConfirmation?.();
|
||||
} else {
|
||||
w?.disableClosingConfirmation?.();
|
||||
}
|
||||
}
|
||||
|
||||
let backHandler: (() => void) | null = null;
|
||||
|
||||
/**
|
||||
* telegramBackButton shows or hides Telegram's native header back button, wiring its
|
||||
* click to onClick (replacing any previous handler). The app hides its own back chevron
|
||||
* inside Telegram so only the native control shows.
|
||||
*/
|
||||
export function telegramBackButton(show: boolean, onClick?: () => void): void {
|
||||
const b = webApp()?.BackButton;
|
||||
if (!b) return;
|
||||
if (backHandler) b.offClick?.(backHandler);
|
||||
backHandler = null;
|
||||
if (show) {
|
||||
if (onClick) {
|
||||
backHandler = onClick;
|
||||
b.onClick?.(onClick);
|
||||
}
|
||||
b.show?.();
|
||||
} else {
|
||||
b.hide?.();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* startParamFromURL reads a startapp parameter from the page URL — a bot web_app
|
||||
* launch button carries the deep-link there rather than in initDataUnsafe.
|
||||
@@ -302,6 +421,160 @@ export function onTelegramPath(): boolean {
|
||||
return location.pathname.startsWith('/telegram/');
|
||||
}
|
||||
|
||||
/** hasLaunchFragment reports whether the URL fragment carries Telegram launch params (tgWebApp…),
|
||||
* the form Telegram appends when opening a Mini App — so the SDK is loaded for a Mini App opened
|
||||
* at the site root too, not only the /telegram/ path. */
|
||||
export function hasLaunchFragment(): boolean {
|
||||
if (typeof location === 'undefined') return false;
|
||||
return location.hash.includes('tgWebApp');
|
||||
}
|
||||
|
||||
// --- Launch diagnostics (the /telegram/ entry without sign-in data) ---
|
||||
|
||||
/** The initData fields a valid Telegram launch is expected to carry; their absence is the signal
|
||||
* the launch-error screen reports. Only field names are ever inspected, never their values. */
|
||||
const expectedInitDataFields = ['user', 'auth_date', 'hash', 'signature'];
|
||||
|
||||
interface uaBrand {
|
||||
brand: string;
|
||||
version: string;
|
||||
}
|
||||
|
||||
interface uaDataValue {
|
||||
platform?: string;
|
||||
mobile?: boolean;
|
||||
brands?: uaBrand[];
|
||||
}
|
||||
|
||||
/** uaData returns the User-Agent Client Hints object (Chromium only — notably the Android Telegram
|
||||
* webview), or undefined where it is unavailable (iOS / Safari / Firefox). */
|
||||
function uaData(): uaDataValue | undefined {
|
||||
if (typeof navigator === 'undefined') return undefined;
|
||||
return (navigator as unknown as { userAgentData?: uaDataValue }).userAgentData;
|
||||
}
|
||||
|
||||
/** launchFragmentData returns the raw tgWebAppData carried in the URL fragment (the form Telegram
|
||||
* appends on launch), or '' when absent. With no SDK present a non-empty value means Telegram
|
||||
* delivered the data but telegram-web-app.js never ran to parse it. */
|
||||
function launchFragmentData(): string {
|
||||
if (typeof location === 'undefined') return '';
|
||||
const frag = location.hash.replace(/^#/, '');
|
||||
if (!frag) return '';
|
||||
try {
|
||||
return new URLSearchParams(frag).get('tgWebAppData') ?? '';
|
||||
} catch {
|
||||
return '';
|
||||
}
|
||||
}
|
||||
|
||||
/** initDataFieldNames parses a Telegram initData (or raw fragment data) query string and returns
|
||||
* only its field NAMES — never the values, since the hash / signature are auth material. */
|
||||
function initDataFieldNames(raw: string): string[] {
|
||||
if (!raw) return [];
|
||||
try {
|
||||
return [...new URLSearchParams(raw).keys()];
|
||||
} catch {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* TelegramDiag is a privacy-safe snapshot of why a Mini App launch lacked sign-in data, taken at
|
||||
* the moment of failure and rendered on the launch-error screen so a stuck user can share it with
|
||||
* the developer. It carries no secret values — only presence flags, client / OS identification and
|
||||
* the field NAMES of the launch data, never the signed initData itself, and never an IP.
|
||||
*/
|
||||
export interface TelegramDiag {
|
||||
/** Whether window.Telegram (the telegram-web-app.js script) is present at all. */
|
||||
hasSDK: boolean;
|
||||
/** Whether window.Telegram.WebApp is present. */
|
||||
hasWebApp: boolean;
|
||||
/** How the dynamic telegram-web-app.js load resolved (see TelegramSdkOutcome) — 'error' /
|
||||
* 'timeout' mean telegram.org was unreachable, the prime suspect for an empty launch. */
|
||||
sdkLoad: TelegramSdkOutcome;
|
||||
/** Telegram's own platform string (ios | android | android_x | tdesktop | web | …), or ''. */
|
||||
platform: string;
|
||||
/** The Bot API version the client reports, or ''. */
|
||||
version: string;
|
||||
/** The length of WebApp.initData — 0 is the failure this screen reports. */
|
||||
initDataLen: number;
|
||||
/** Whether the URL fragment still carried tgWebAppData at launch; true with hasSDK false means
|
||||
* Telegram delivered the data but the SDK script did not load to parse it. */
|
||||
hashHadTgData: boolean;
|
||||
/** The field names present in the launch data (from initData, or the raw fragment when the SDK
|
||||
* left initData empty); values are never included. */
|
||||
fieldsPresent: string[];
|
||||
/** The expected field names absent from the launch data (a subset of expectedInitDataFields). */
|
||||
fieldsMissing: string[];
|
||||
/** The OS / platform per User-Agent Client Hints (else navigator.platform), e.g. 'Android', ''. */
|
||||
osPlatform: string;
|
||||
/** Whether the client reports itself mobile per Client Hints: 'yes' | 'no' | '' (unknown). */
|
||||
mobile: string;
|
||||
/** The browser brands + major versions per Client Hints (Chromium only), or ''. */
|
||||
browser: string;
|
||||
/** The full User-Agent string — the catch-all that also carries the OS version and webview build. */
|
||||
userAgent: string;
|
||||
}
|
||||
|
||||
/**
|
||||
* collectTelegramDiag captures a TelegramDiag snapshot of the current launch state. Call it at the
|
||||
* point a /telegram/ launch is found to lack sign-in data, so the snapshot reflects that moment —
|
||||
* sign-in data arriving late would otherwise mask the failure.
|
||||
*/
|
||||
export function collectTelegramDiag(): TelegramDiag {
|
||||
const w = webApp();
|
||||
const sdk = typeof window !== 'undefined' && !!(window as unknown as { Telegram?: unknown }).Telegram;
|
||||
const initData = w?.initData ?? '';
|
||||
const fragData = initData ? '' : launchFragmentData();
|
||||
const present = initDataFieldNames(initData || fragData);
|
||||
const ua = uaData();
|
||||
const navPlatform =
|
||||
typeof navigator === 'undefined' ? '' : (navigator as unknown as { platform?: string }).platform ?? '';
|
||||
return {
|
||||
hasSDK: sdk,
|
||||
hasWebApp: !!w,
|
||||
sdkLoad: sdkLoadOutcome,
|
||||
platform: w?.platform ?? '',
|
||||
version: w?.version ?? '',
|
||||
initDataLen: initData.length,
|
||||
hashHadTgData: fragData.length > 0,
|
||||
fieldsPresent: present,
|
||||
fieldsMissing: expectedInitDataFields.filter((f) => !present.includes(f)),
|
||||
osPlatform: ua?.platform ?? navPlatform,
|
||||
mobile: ua?.mobile === undefined ? '' : ua.mobile ? 'yes' : 'no',
|
||||
browser: (ua?.brands ?? []).map((b) => `${b.brand} ${b.version}`).join(', '),
|
||||
userAgent: typeof navigator === 'undefined' ? '' : navigator.userAgent,
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* telegramChromeDiag returns a compact, privacy-safe readout of Telegram's viewport / chrome state
|
||||
* (platform, version, fullscreen/expanded, viewport geometry, safe-area insets, SDK-load outcome,
|
||||
* back-button state, UA). It feeds the hidden debug panel (components/DebugPanel), opened by tapping
|
||||
* the header title ten times. No secrets: no initData values, no IP.
|
||||
*/
|
||||
export function telegramChromeDiag(): string {
|
||||
const w = webApp();
|
||||
if (!w) return 'no telegram';
|
||||
const win = typeof window === 'undefined' ? undefined : window;
|
||||
const scr = typeof screen === 'undefined' ? undefined : screen;
|
||||
const vv = win?.visualViewport ?? undefined;
|
||||
const bar = typeof document === 'undefined' ? null : (document.querySelector('.bar')?.getBoundingClientRect() ?? null);
|
||||
const sa = w.safeAreaInset;
|
||||
const csa = w.contentSafeAreaInset;
|
||||
const n = (v: number | undefined): string => (v === undefined ? '—' : String(Math.round(v)));
|
||||
return [
|
||||
`platform: ${w.platform ?? '—'} version: ${w.version ?? '—'} scheme: ${w.colorScheme ?? '—'}`,
|
||||
`isFullscreen: ${w.isFullscreen} isExpanded: ${w.isExpanded}`,
|
||||
`inTG: ${insideTelegram()} sdkLoad: ${sdkLoadOutcome} backPresent: ${!!w.BackButton} backVisible: ${w.BackButton?.isVisible}`,
|
||||
`innerH: ${n(win?.innerHeight)} outerH: ${n(win?.outerHeight)} screenH: ${n(scr?.height)} availH: ${n(scr?.availHeight)}`,
|
||||
`screenY: ${n(win?.screenY)} vv.offTop: ${n(vv?.offsetTop)} vv.h: ${n(vv?.height)}`,
|
||||
`tgViewportH: ${n(w.viewportHeight)} stableH: ${n(w.viewportStableHeight)}`,
|
||||
`safeArea T/B: ${n(sa?.top)}/${n(sa?.bottom)} contentSafe T/B: ${n(csa?.top)}/${n(csa?.bottom)}`,
|
||||
`appHeader top/h: ${bar ? Math.round(bar.top) : '—'}/${bar ? Math.round(bar.height) : '—'}`,
|
||||
].join('\n');
|
||||
}
|
||||
|
||||
// --- Login Widget (web sign-in for account linking) ---
|
||||
|
||||
// The Login Widget is the web (non-Mini-App) Telegram sign-in. It is used only to
|
||||
|
||||
@@ -10,6 +10,7 @@ import { createConnectTransport } from '@connectrpc/connect-web';
|
||||
import { Gateway } from '../gen/edge/v1/edge_pb';
|
||||
import { GatewayError, type GatewayClient } from './client';
|
||||
import * as codec from './codec';
|
||||
import { browserOffset } from './profileValidation';
|
||||
import { registerProbe, reportOffline, reportOnline } from './connection.svelte';
|
||||
import { backoffMs, isConnectionCode, retryable, toGatewayError } from './retry';
|
||||
|
||||
@@ -62,13 +63,13 @@ export function createTransport(baseUrl: string): GatewayClient {
|
||||
},
|
||||
|
||||
async authTelegram(initData) {
|
||||
return codec.decodeSession(await exec('auth.telegram', codec.encodeTelegramLogin(initData)));
|
||||
return codec.decodeSession(await exec('auth.telegram', codec.encodeTelegramLogin(initData, browserOffset())));
|
||||
},
|
||||
async authGuest(locale) {
|
||||
return codec.decodeSession(await exec('auth.guest', codec.encodeGuestLogin(locale ?? '')));
|
||||
return codec.decodeSession(await exec('auth.guest', codec.encodeGuestLogin(locale ?? '', browserOffset())));
|
||||
},
|
||||
async authEmailRequest(email) {
|
||||
await exec('auth.email.request', codec.encodeEmailRequest(email));
|
||||
await exec('auth.email.request', codec.encodeEmailRequest(email, browserOffset()));
|
||||
},
|
||||
async authEmailLogin(email, code) {
|
||||
return codec.decodeSession(await exec('auth.email.login', codec.encodeEmailLogin(email, code)));
|
||||
@@ -147,7 +148,10 @@ export function createTransport(baseUrl: string): GatewayClient {
|
||||
await exec('chat.read', codec.encodeGameAction(id));
|
||||
},
|
||||
async feedbackSubmit(body, attachment, attachmentName, channel) {
|
||||
await exec('feedback.submit', codec.encodeFeedbackSubmit(body, attachment, attachmentName, channel));
|
||||
// The app build (Vite define) and the device's detected UTC offset ride with the report
|
||||
// so the operator sees which version it came from and the local time it was filed; the
|
||||
// caller need not pass them.
|
||||
await exec('feedback.submit', codec.encodeFeedbackSubmit(body, attachment, attachmentName, channel, __APP_VERSION__, browserOffset()));
|
||||
},
|
||||
async feedbackGet() {
|
||||
return codec.decodeFeedbackState(await exec('feedback.get', codec.empty()));
|
||||
|
||||
+207
-44
@@ -1,12 +1,13 @@
|
||||
<script lang="ts">
|
||||
import { onMount } from 'svelte';
|
||||
import Modal from '../components/Modal.svelte';
|
||||
import { app, handleError, refreshNotifications, showToast } from '../lib/app.svelte';
|
||||
import { connection } from '../lib/connection.svelte';
|
||||
import { gateway } from '../lib/gateway';
|
||||
import { GatewayError } from '../lib/client';
|
||||
import { t } from '../lib/i18n/index.svelte';
|
||||
import { friendCodeParam, shareLink } from '../lib/deeplink';
|
||||
import { shareTelegramLink } from '../lib/telegram';
|
||||
import { insideTelegram, shareTelegramLink, telegramDialogsAvailable, telegramShowConfirm } from '../lib/telegram';
|
||||
import type { AccountRef, FriendCode, RobotBlockEntry } from '../lib/model';
|
||||
|
||||
let friends = $state<AccountRef[]>([]);
|
||||
@@ -16,6 +17,11 @@
|
||||
let robotBlocks = $state<RobotBlockEntry[]>([]);
|
||||
let code = $state<FriendCode | null>(null);
|
||||
let redeemInput = $state('');
|
||||
// The friend row whose kebab actions are slid open, like the lobby list.
|
||||
let revealedId = $state<string | null>(null);
|
||||
// Pending confirmation targets: the friend account awaiting a block / unfriend confirm.
|
||||
let blockTarget = $state<AccountRef | null>(null);
|
||||
let unfriendTarget = $state<AccountRef | null>(null);
|
||||
|
||||
async function load() {
|
||||
try {
|
||||
@@ -52,6 +58,57 @@
|
||||
const blockUser = (id: string) => act(() => gateway.block(id));
|
||||
const unblock = (id: string) => act(() => gateway.unblock(id));
|
||||
|
||||
// toggleReveal slides one friend row open (closing any other), exposing its
|
||||
// block / unfriend icon actions; tapping the same kebab again closes it.
|
||||
function toggleReveal(id: string): void {
|
||||
revealedId = revealedId === id ? null : id;
|
||||
}
|
||||
|
||||
// confirmBlock / confirmUnfriend run the pending action once its modal is
|
||||
// accepted, then clear the target and the revealed row.
|
||||
function confirmBlock(target = blockTarget): void {
|
||||
blockTarget = null;
|
||||
revealedId = null;
|
||||
if (target) void blockUser(target.accountId);
|
||||
}
|
||||
|
||||
function confirmUnfriend(target = unfriendTarget): void {
|
||||
unfriendTarget = null;
|
||||
revealedId = null;
|
||||
if (target) void remove(target.accountId);
|
||||
}
|
||||
|
||||
// onBlockClick / onUnfriendClick: inside the Mini App (and online) confirm with Telegram's native
|
||||
// dialog and act on accept; otherwise open the in-app confirm modal (the offline / web path).
|
||||
async function onBlockClick(f: AccountRef): Promise<void> {
|
||||
if (connection.online && insideTelegram() && telegramDialogsAvailable()) {
|
||||
if (await telegramShowConfirm(`${t('friends.blockConfirm')}\n${f.displayName}`)) confirmBlock(f);
|
||||
return;
|
||||
}
|
||||
blockTarget = f;
|
||||
}
|
||||
|
||||
async function onUnfriendClick(f: AccountRef): Promise<void> {
|
||||
if (connection.online && insideTelegram() && telegramDialogsAvailable()) {
|
||||
if (await telegramShowConfirm(`${t('friends.unfriendConfirm')}\n${f.displayName}`)) confirmUnfriend(f);
|
||||
return;
|
||||
}
|
||||
unfriendTarget = f;
|
||||
}
|
||||
|
||||
// While a friend row is slid open, a tap anywhere outside its action buttons
|
||||
// closes it again. Taps on a kebab are skipped so its own toggle stays in charge.
|
||||
$effect(() => {
|
||||
if (revealedId === null) return;
|
||||
function onDown(e: PointerEvent) {
|
||||
const el = e.target as Element | null;
|
||||
if (el?.closest('.acts') || el?.closest('.kebab')) return;
|
||||
revealedId = null;
|
||||
}
|
||||
window.addEventListener('pointerdown', onDown, true);
|
||||
return () => window.removeEventListener('pointerdown', onDown, true);
|
||||
});
|
||||
|
||||
async function getCode() {
|
||||
try {
|
||||
code = await gateway.friendCodeIssue();
|
||||
@@ -141,7 +198,7 @@
|
||||
{t('friends.codeHint')} · {t('friends.codeExpires', { time: codeTime(code.expiresAtUnix) })}
|
||||
</span>
|
||||
{#if tg}
|
||||
<button type="button" class="link tgshare" onclick={() => shareInvite(tg)}>{t('friends.shareTelegram')}</button>
|
||||
<button type="button" class="link" onclick={() => shareInvite(tg)}>{t('friends.shareTelegram')}</button>
|
||||
{/if}
|
||||
</div>
|
||||
{:else}
|
||||
@@ -152,30 +209,39 @@
|
||||
{#if incoming.length}
|
||||
<section>
|
||||
<h3>{t('friends.incoming')}</h3>
|
||||
{#each incoming as r (r.accountId)}
|
||||
<div class="item">
|
||||
<span class="who">{r.displayName}</span>
|
||||
<span class="acts">
|
||||
<button class="btn" onclick={() => respond(r.accountId, true)} disabled={!connection.online}>{t('friends.accept')}</button>
|
||||
<button class="ghost" onclick={() => respond(r.accountId, false)} disabled={!connection.online}>{t('friends.decline')}</button>
|
||||
</span>
|
||||
</div>
|
||||
{/each}
|
||||
<div class="list">
|
||||
{#each incoming as r (r.accountId)}
|
||||
<div class="rowwrap">
|
||||
<div class="row">
|
||||
<span class="who">{r.displayName}</span>
|
||||
<span class="btns">
|
||||
<button class="btn" onclick={() => respond(r.accountId, true)} disabled={!connection.online}>{t('friends.accept')}</button>
|
||||
<button class="ghost" onclick={() => respond(r.accountId, false)} disabled={!connection.online}>{t('friends.decline')}</button>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
{/each}
|
||||
</div>
|
||||
</section>
|
||||
{/if}
|
||||
|
||||
<section>
|
||||
<h3>{t('friends.yours')}</h3>
|
||||
{#if friends.length}
|
||||
{#each friends as f (f.accountId)}
|
||||
<div class="item">
|
||||
<span class="who">{f.displayName}</span>
|
||||
<span class="acts">
|
||||
<button class="ghost" onclick={() => remove(f.accountId)} disabled={!connection.online}>{t('friends.unfriend')}</button>
|
||||
<button class="ghost danger" onclick={() => blockUser(f.accountId)} disabled={!connection.online}>{t('friends.block')}</button>
|
||||
</span>
|
||||
</div>
|
||||
{/each}
|
||||
<div class="list">
|
||||
{#each friends as f (f.accountId)}
|
||||
<div class="rowwrap" class:revealed={revealedId === f.accountId}>
|
||||
<div class="acts">
|
||||
<button class="iconbtn" onclick={() => onBlockClick(f)} disabled={!connection.online} aria-label={t('friends.block')}>🚫</button>
|
||||
<button class="iconbtn" onclick={() => onUnfriendClick(f)} disabled={!connection.online} aria-label={t('friends.unfriend')}>✖️</button>
|
||||
</div>
|
||||
<div class="row">
|
||||
<span class="who">{f.displayName}</span>
|
||||
<button class="kebab" onclick={() => toggleReveal(f.accountId)} aria-label={t('friends.actions')}>⋮</button>
|
||||
</div>
|
||||
</div>
|
||||
{/each}
|
||||
</div>
|
||||
{:else}
|
||||
<p class="muted">{t('friends.none')}</p>
|
||||
{/if}
|
||||
@@ -184,20 +250,49 @@
|
||||
{#if blocked.length || robotBlocks.length}
|
||||
<section>
|
||||
<h3>{t('friends.blockedList')}</h3>
|
||||
{#each blocked as b (b.accountId)}
|
||||
<div class="item">
|
||||
<span class="who">{b.displayName}</span>
|
||||
<button class="ghost" onclick={() => unblock(b.accountId)} disabled={!connection.online}>{t('friends.unblock')}</button>
|
||||
</div>
|
||||
{/each}
|
||||
{#each robotBlocks as r (r.id)}
|
||||
<div class="item">
|
||||
<span class="who">{r.displayName}</span>
|
||||
<button class="ghost" onclick={() => unblock(r.id)} disabled={!connection.online}>{t('friends.unblock')}</button>
|
||||
</div>
|
||||
{/each}
|
||||
<div class="list">
|
||||
{#each blocked as b (b.accountId)}
|
||||
<div class="rowwrap">
|
||||
<div class="row">
|
||||
<span class="who">{b.displayName}</span>
|
||||
<span class="btns">
|
||||
<button class="ghost" onclick={() => unblock(b.accountId)} disabled={!connection.online}>{t('friends.unblock')}</button>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
{/each}
|
||||
{#each robotBlocks as r (r.id)}
|
||||
<div class="rowwrap">
|
||||
<div class="row">
|
||||
<span class="who">{r.displayName}</span>
|
||||
<span class="btns">
|
||||
<button class="ghost" onclick={() => unblock(r.id)} disabled={!connection.online}>{t('friends.unblock')}</button>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
{/each}
|
||||
</div>
|
||||
</section>
|
||||
{/if}
|
||||
|
||||
{#if blockTarget}
|
||||
<Modal title={t('friends.blockConfirm')} onclose={() => (blockTarget = null)}>
|
||||
<p class="confirm-name">{blockTarget.displayName}</p>
|
||||
<div class="confirm-row">
|
||||
<button class="cancel" onclick={() => (blockTarget = null)}>{t('common.cancel')}</button>
|
||||
<button class="danger" onclick={() => confirmBlock()} disabled={!connection.online}>{t('friends.block')}</button>
|
||||
</div>
|
||||
</Modal>
|
||||
{/if}
|
||||
{#if unfriendTarget}
|
||||
<Modal title={t('friends.unfriendConfirm')} onclose={() => (unfriendTarget = null)}>
|
||||
<p class="confirm-name">{unfriendTarget.displayName}</p>
|
||||
<div class="confirm-row">
|
||||
<button class="cancel" onclick={() => (unfriendTarget = null)}>{t('common.cancel')}</button>
|
||||
<button class="danger" onclick={() => confirmUnfriend()} disabled={!connection.online}>{t('friends.unfriend')}</button>
|
||||
</div>
|
||||
</Modal>
|
||||
{/if}
|
||||
{/if}
|
||||
</div>
|
||||
|
||||
@@ -279,28 +374,76 @@
|
||||
padding: 4px 0;
|
||||
text-align: left;
|
||||
}
|
||||
.item {
|
||||
.list {
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
}
|
||||
/* One-line rows split by hairlines, mirroring the lobby list. */
|
||||
.rowwrap {
|
||||
position: relative;
|
||||
overflow: hidden;
|
||||
}
|
||||
.rowwrap + .rowwrap {
|
||||
border-top: 1px solid var(--border);
|
||||
}
|
||||
/* Block / unfriend icon actions sit behind the friend row, exposed when it slides left. */
|
||||
.acts {
|
||||
position: absolute;
|
||||
inset: 0 0 0 auto;
|
||||
display: flex;
|
||||
align-items: stretch;
|
||||
}
|
||||
.iconbtn {
|
||||
flex: 0 0 auto;
|
||||
width: 48px;
|
||||
border: none;
|
||||
background: var(--bg-elev);
|
||||
color: var(--text);
|
||||
font-size: 1.1rem;
|
||||
display: flex;
|
||||
align-items: center;
|
||||
justify-content: center;
|
||||
}
|
||||
.iconbtn + .iconbtn {
|
||||
border-left: 1px solid var(--border); /* the vertical divider between 🚫 and ✖️ */
|
||||
}
|
||||
.row {
|
||||
position: relative;
|
||||
display: flex;
|
||||
align-items: center;
|
||||
justify-content: space-between;
|
||||
gap: 10px;
|
||||
padding: 10px 12px;
|
||||
border: 1px solid var(--border);
|
||||
background: var(--surface);
|
||||
border-radius: var(--radius-sm);
|
||||
margin-bottom: 8px;
|
||||
background: var(--bg);
|
||||
transform: translateX(0);
|
||||
transition: transform 0.18s ease;
|
||||
}
|
||||
.rowwrap.revealed .row {
|
||||
transform: translateX(-96px); /* 2 × 48px icon buttons */
|
||||
}
|
||||
.kebab {
|
||||
flex: 0 0 auto;
|
||||
width: 30px;
|
||||
padding: 6px 0;
|
||||
border: none;
|
||||
background: none;
|
||||
color: var(--text-muted);
|
||||
font-size: 1.4rem;
|
||||
line-height: 1;
|
||||
}
|
||||
.btns {
|
||||
display: flex;
|
||||
gap: 8px;
|
||||
flex: 0 0 auto;
|
||||
}
|
||||
.who {
|
||||
flex: 1;
|
||||
min-width: 0;
|
||||
font-weight: 600;
|
||||
overflow: hidden;
|
||||
text-overflow: ellipsis;
|
||||
white-space: nowrap;
|
||||
}
|
||||
.acts {
|
||||
display: flex;
|
||||
gap: 8px;
|
||||
flex: 0 0 auto;
|
||||
}
|
||||
.btn {
|
||||
padding: 8px 12px;
|
||||
border: 1px solid var(--accent);
|
||||
@@ -315,7 +458,27 @@
|
||||
color: var(--text);
|
||||
border-radius: var(--radius-sm);
|
||||
}
|
||||
.ghost.danger {
|
||||
color: var(--danger, #c0392b);
|
||||
.confirm-name {
|
||||
margin: 0 0 12px;
|
||||
font-weight: 600;
|
||||
overflow-wrap: anywhere; /* a long display name wraps instead of stretching the sheet */
|
||||
}
|
||||
.confirm-row {
|
||||
display: flex;
|
||||
gap: 8px;
|
||||
}
|
||||
.confirm-row button {
|
||||
flex: 1;
|
||||
padding: 11px;
|
||||
border-radius: var(--radius-sm);
|
||||
border: 1px solid var(--border);
|
||||
background: var(--surface);
|
||||
color: var(--text);
|
||||
font-weight: 600;
|
||||
}
|
||||
.confirm-row .danger {
|
||||
background: var(--danger);
|
||||
color: #fff;
|
||||
border-color: var(--danger);
|
||||
}
|
||||
</style>
|
||||
|
||||
@@ -0,0 +1,133 @@
|
||||
<script lang="ts">
|
||||
// Shown on the dedicated /telegram/ entry when a Mini App launch carried no sign-in data (empty
|
||||
// initData) — instead of bouncing the visitor to the marketing landing. It states the problem
|
||||
// plainly and renders a compact, privacy-safe diagnostic snapshot (taken at the moment of
|
||||
// failure, app.launchError) sized to fit one screenshot, with a Share button (the OS share sheet,
|
||||
// or a clipboard copy on desktop) so a stuck user can send it to the developer to pinpoint why
|
||||
// Telegram provided no initData — notably on some Android clients. The snapshot carries only
|
||||
// presence / identification signals and field NAMES, never the signed initData itself, nor an IP.
|
||||
import { app, retryTelegramLaunch } from '../lib/app.svelte';
|
||||
import { shareText } from '../lib/share';
|
||||
import { t } from '../lib/i18n/index.svelte';
|
||||
|
||||
const diag = $derived(app.launchError);
|
||||
|
||||
// One compact "key: value" line per fact; the field labels are fixed diagnostic tokens (not UI
|
||||
// prose), so the developer reads the same report in any locale. Kept terse to fit one screenshot.
|
||||
const report = $derived(
|
||||
diag
|
||||
? [
|
||||
`sdk-load: ${diag.sdkLoad}`,
|
||||
`sdk: ${diag.hasSDK ? 'yes' : 'no'} webapp: ${diag.hasWebApp ? 'yes' : 'no'}`,
|
||||
`tg-platform: ${diag.platform || '—'} tg-version: ${diag.version || '—'}`,
|
||||
`initData: ${diag.initDataLen > 0 ? diag.initDataLen : 'empty'} tgdata-in-url: ${diag.hashHadTgData ? 'yes' : 'no'}`,
|
||||
`fields: ${diag.fieldsPresent.join(',') || '—'}`,
|
||||
`missing: ${diag.fieldsMissing.join(',') || '—'}`,
|
||||
`os: ${diag.osPlatform || '—'} mobile: ${diag.mobile || '—'}`,
|
||||
`browser: ${diag.browser || '—'}`,
|
||||
`ua: ${diag.userAgent || '—'}`,
|
||||
].join('\n')
|
||||
: '',
|
||||
);
|
||||
|
||||
let retrying = $state(false);
|
||||
async function retry(): Promise<void> {
|
||||
if (retrying) return;
|
||||
retrying = true;
|
||||
try {
|
||||
await retryTelegramLaunch();
|
||||
} finally {
|
||||
retrying = false;
|
||||
}
|
||||
}
|
||||
|
||||
let copied = $state(false);
|
||||
let copyTimer: ReturnType<typeof setTimeout> | undefined;
|
||||
async function share(): Promise<void> {
|
||||
const r = await shareText(report, t('launch.errorTitle'));
|
||||
// The OS share sheet is its own feedback; a desktop clipboard copy is silent, so confirm it.
|
||||
if (r === 'copied') {
|
||||
copied = true;
|
||||
clearTimeout(copyTimer);
|
||||
copyTimer = setTimeout(() => (copied = false), 1500);
|
||||
}
|
||||
}
|
||||
</script>
|
||||
|
||||
{#if diag}
|
||||
<div class="boot">
|
||||
<div class="card">
|
||||
<h1>{t('launch.errorTitle')}</h1>
|
||||
<p class="msg">{t('launch.errorBody')}</p>
|
||||
<pre class="diag">{report}</pre>
|
||||
<div class="actions">
|
||||
<button class="share" onclick={share}>{copied ? t('launch.copied') : t('launch.share')}</button>
|
||||
<button class="retry" onclick={retry} disabled={retrying}>{t('common.retry')}</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{/if}
|
||||
|
||||
<style>
|
||||
.boot {
|
||||
height: 100%;
|
||||
display: grid;
|
||||
place-items: center;
|
||||
padding: 16px;
|
||||
background: var(--bg);
|
||||
}
|
||||
.card {
|
||||
max-width: 32rem;
|
||||
width: 100%;
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
gap: 0.6rem;
|
||||
text-align: center;
|
||||
color: var(--text);
|
||||
}
|
||||
h1 {
|
||||
margin: 0;
|
||||
font-size: 1.1rem;
|
||||
}
|
||||
.msg {
|
||||
margin: 0;
|
||||
color: var(--text-muted);
|
||||
font-size: 0.9rem;
|
||||
}
|
||||
.diag {
|
||||
margin: 0;
|
||||
text-align: left;
|
||||
white-space: pre-wrap;
|
||||
overflow-wrap: anywhere;
|
||||
font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
|
||||
font-size: 11px;
|
||||
line-height: 1.4;
|
||||
color: var(--text);
|
||||
background: var(--bg-elev);
|
||||
border: 1px solid var(--border);
|
||||
border-radius: var(--radius-sm);
|
||||
padding: 8px 10px;
|
||||
}
|
||||
.actions {
|
||||
display: flex;
|
||||
justify-content: center;
|
||||
gap: 0.5rem;
|
||||
}
|
||||
.share,
|
||||
.retry {
|
||||
padding: 8px 16px;
|
||||
border-radius: var(--radius-sm);
|
||||
border: 1px solid var(--accent);
|
||||
}
|
||||
.share {
|
||||
background: var(--accent);
|
||||
color: var(--accent-text);
|
||||
}
|
||||
.retry {
|
||||
background: transparent;
|
||||
color: var(--accent);
|
||||
}
|
||||
.retry:disabled {
|
||||
opacity: 0.5;
|
||||
}
|
||||
</style>
|
||||
Reference in New Issue
Block a user