Files
scrabble-game/backend/internal/server/handlers_feedback.go
T
Ilia Denisov 419ea11b14
CI / changes (pull_request) Successful in 2s
CI / unit (pull_request) Successful in 9s
CI / integration (pull_request) Successful in 12s
CI / ui (pull_request) Successful in 47s
CI / gate (pull_request) Successful in 0s
CI / deploy (pull_request) Successful in 1m12s
feat(feedback): in-app user feedback with admin review and account roles
User-facing Feedback screen (Settings -> Info, registered accounts only): a
message (<=1024 runes) plus one optional attachment, an anti-spam gate (one
unreviewed message at a time), and the operator's inline reply with a
Settings/Info badge. Server-rendered admin console section (/_gm/feedback):
unread/read/archived queue with per-user search, detail with read/reply/
archive/delete/delete-all, safe attachment serving (nosniff, images inline via
<img>, others download-only). Introduces account_roles, the first per-account
role table; feedback_banned blocks only feedback submission, granted/revoked
from /users and the delete-with-block action.

- migration 00004_feedback (feedback_messages + account_roles) + jetgen
- backend internal/feedback (store+service), internal/account/roles.go
- wire: FlatBuffers feedback.submit/get/unread; gateway guest gate (Op.NonGuest,
  is_guest via session resolve) -> guest_forbidden before any backend call
- reply push reuses NotificationEvent with a new admin_reply sub-kind
- UI: /feedback route + screen, attachment picker, badge, channel detection, i18n
- tests: feedback unit (Go+UI), gateway guest-gate, inttest lifecycle, e2e
- docs: PLAN stage 19, ARCHITECTURE s15, FUNCTIONAL(+ru), TESTING, READMEs
2026-06-15 12:23:10 +02:00

106 lines
3.3 KiB
Go

package server
import (
"encoding/base64"
"net/http"
"github.com/gin-gonic/gin"
)
// feedbackSubmitRequest is the player's feedback submission. Attachment is the
// base64-encoded file bytes (empty for none); AttachmentName carries the original
// file name (its extension is the allow-list key); Channel is the submitting
// platform (telegram/ios/android/web).
type feedbackSubmitRequest struct {
Body string `json:"body"`
Attachment string `json:"attachment"`
AttachmentName string `json:"attachment_name"`
Channel string `json:"channel"`
}
// feedbackReplyDTO is the operator's reply shown back to the player.
type feedbackReplyDTO struct {
Body string `json:"body"`
RepliedAtUnix int64 `json:"replied_at_unix"`
}
// feedbackStateResponse is the player's feedback screen state. BlockedReason is
// "" (can send), "pending" or "banned"; Reply is omitted when there is none.
type feedbackStateResponse struct {
CanSend bool `json:"can_send"`
BlockedReason string `json:"blocked_reason"`
Reply *feedbackReplyDTO `json:"reply,omitempty"`
}
// feedbackUnreadResponse reports whether the player has an undelivered reply, for
// the lobby/Info badge.
type feedbackUnreadResponse struct {
ReplyUnread bool `json:"reply_unread"`
}
// handleFeedbackSubmit stores a feedback message from the authenticated player.
// The sender IP comes from the gateway-forwarded X-Forwarded-For header. Guests
// and feedback-banned accounts are refused (also gated at the gateway).
func (s *Server) handleFeedbackSubmit(c *gin.Context) {
uid, ok := userID(c)
if !ok {
abortBadRequest(c, "missing identity")
return
}
var req feedbackSubmitRequest
if err := c.ShouldBindJSON(&req); err != nil {
abortBadRequest(c, "invalid request body")
return
}
var attachment []byte
if req.Attachment != "" {
data, err := base64.StdEncoding.DecodeString(req.Attachment)
if err != nil {
abortBadRequest(c, "invalid attachment encoding")
return
}
attachment = data
}
if err := s.feedback.Submit(c.Request.Context(), uid, req.Body, attachment, req.AttachmentName, req.Channel, clientIP(c)); err != nil {
s.abortErr(c, err)
return
}
c.JSON(http.StatusOK, okResponse{OK: true})
}
// handleFeedbackState returns the player's feedback screen state and marks any
// pending operator replies delivered (clearing the badge).
func (s *Server) handleFeedbackState(c *gin.Context) {
uid, ok := userID(c)
if !ok {
abortBadRequest(c, "missing identity")
return
}
st, err := s.feedback.State(c.Request.Context(), uid)
if err != nil {
s.abortErr(c, err)
return
}
resp := feedbackStateResponse{CanSend: st.CanSend, BlockedReason: st.BlockedReason}
if st.Reply != nil {
resp.Reply = &feedbackReplyDTO{Body: st.Reply.Body, RepliedAtUnix: st.Reply.RepliedAt.Unix()}
}
c.JSON(http.StatusOK, resp)
}
// handleFeedbackUnread reports whether the player has an undelivered operator
// reply, for the lobby/Info badge. It has no side effect.
func (s *Server) handleFeedbackUnread(c *gin.Context) {
uid, ok := userID(c)
if !ok {
abortBadRequest(c, "missing identity")
return
}
unread, err := s.feedback.ReplyUnread(c.Request.Context(), uid)
if err != nil {
s.abortErr(c, err)
return
}
c.JSON(http.StatusOK, feedbackUnreadResponse{ReplyUnread: unread})
}