EventHub/EventHubBack
1
1
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Перенести все админские эндпоинты на порт 8445 и добавить отдельную авторизацию для админов. Часть 2. Final #3

Browse Source
This commit is contained in:
Алексей Сабилин
2026-04-28 12:42:10 +03:00
parent 4ed6a961ab
commit 7ea4efd7d9
38 changed files with 1252 additions and 1124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
src/core/core_subscription.erl
View File

@@ -4,6 +4,12 @@
-export([create/3, get_by_id/1, get_active_by_user/1, list_by_user/1, list_all/0]).
-export([update_status/2, check_expired/0]).
-export([generate_id/0]).
% --------------- новые обёртки для админки ------------------
-export([list_subscriptions/0,
create_subscription/1,
update_subscription/2,
delete_subscription/1
]).
-define(TRIAL_DAYS, 30).
@@ -140,4 +146,72 @@ add_months(DateTime, Months) ->
add_days(DateTime, Days) ->
Seconds = calendar:datetime_to_gregorian_seconds(DateTime),
calendar:gregorian_seconds_to_datetime(Seconds + (Days * 86400)).
calendar:gregorian_seconds_to_datetime(Seconds + (Days * 86400)).
% ================================================================
% Новые обёртки для совместимости с admin_handler_subscriptions
% ================================================================
list_subscriptions() ->
{ok, Subs} = list_all(),
Subs.
create_subscription(Data) ->
UserId = maps:get(<<"user_id">>, Data),
Plan = case maps:get(<<"plan">>, Data, <<"monthly">>) of
<<"monthly">> -> monthly;
<<"yearly">> -> yearly;
<<"quarterly">>-> quarterly;
<<"biannual">> -> biannual;
<<"annual">> -> annual;
Other -> Other
end,
TrialUsed = maps:get(<<"trial_used">>, Data, false),
create(UserId, Plan, TrialUsed).
update_subscription(Id, Updates) ->
case get_by_id(Id) of
{ok, Sub} ->
Updated = apply_updates(Sub, Updates),
mnesia:dirty_write(Updated),
{ok, Updated};
Error -> Error
end.
delete_subscription(Id) ->
case get_by_id(Id) of
{ok, _Sub} ->
mnesia:dirty_delete({subscription, Id}),
{ok, deleted};
Error -> Error
end.
%% Применение обновлений к записи подписки
apply_updates(Sub, Updates) ->
lists:foldl(fun({Key, Value}, Acc) ->
case Key of
<<"status">> ->
NewStatus = case Value of
<<"active">> -> active;
<<"cancelled">> -> cancelled;
<<"expired">> -> expired;
Other -> Other
end,
Acc#subscription{status = NewStatus, updated_at = calendar:universal_time()};
<<"plan">> ->
NewPlan = case Value of
<<"monthly">> -> monthly;
<<"yearly">> -> yearly;
<<"quarterly">>-> quarterly;
<<"biannual">> -> biannual;
<<"annual">> -> annual;
Other -> Other
end,
Acc#subscription{plan = NewPlan, updated_at = calendar:universal_time()};
<<"trial_used">> ->
Acc#subscription{trial_used = Value, updated_at = calendar:universal_time()};
<<"expires_at">> ->
Acc#subscription{expires_at = Value, updated_at = calendar:universal_time()};
_ -> Acc
end
end, Sub, maps:to_list(Updates)).

205
src/core/core_ticket.erl
View File

@@ -1,143 +1,86 @@
-module(core_ticket).
-include("records.hrl").
-export([list_all/0,
get_by_id/1,
update_ticket/2,
delete_ticket/1,
stats/0,
create_ticket/1,
list_by_user/1]).
-export([create_or_update/3, get_by_id/1, get_by_error_hash/1, list_all/0, list_by_status/1]).
-export([update_status/2, assign/2, add_resolution/2]).
-export([generate_id/0, generate_error_hash/2]).
%% Создать или обновить тикет (группировка по хэшу ошибки)
create_or_update(ErrorMessage, Stacktrace, Context) ->
ErrorHash = generate_error_hash(ErrorMessage, Stacktrace),
case get_by_error_hash(ErrorHash) of
{error, not_found} ->
% Создаём новый тикет
Id = generate_id(),
Now = calendar:universal_time(),
Ticket = #ticket{
id = Id,
error_hash = ErrorHash,
error_message = ErrorMessage,
stacktrace = Stacktrace,
context = term_to_binary(Context),
count = 1,
first_seen = Now,
last_seen = Now,
status = open,
assigned_to = undefined,
resolution_note = undefined
},
F = fun() ->
mnesia:write(Ticket),
{ok, Ticket}
end,
case mnesia:transaction(F) of
{atomic, Result} -> Result;
{aborted, Reason} -> {error, Reason}
end;
{ok, Ticket} ->
% Обновляем существующий
F = fun() ->
Updated = Ticket#ticket{
count = Ticket#ticket.count + 1,
last_seen = calendar:universal_time()
},
mnesia:write(Updated),
{ok, Updated}
end,
case mnesia:transaction(F) of
{atomic, Result} -> Result;
{aborted, Reason} -> {error, Reason}
end
end.
%% Получение тикета по ID
get_by_id(Id) ->
case mnesia:dirty_read(ticket, Id) of
[] -> {error, not_found};
[Ticket] -> {ok, Ticket}
end.
%% Получение тикета по хэшу ошибки
get_by_error_hash(ErrorHash) ->
Match = #ticket{error_hash = ErrorHash, _ = '_'},
case mnesia:dirty_match_object(Match) of
[] -> {error, not_found};
[Ticket] -> {ok, Ticket}
end.
%% Список всех тикетов
list_all() ->
Match = #ticket{_ = '_'},
Tickets = mnesia:dirty_match_object(Match),
{ok, lists:sort(fun(A, B) -> A#ticket.last_seen >= B#ticket.last_seen end, Tickets)}.
mnesia:dirty_match_object(#ticket{_ = '_'}).
%% Список тикетов по статусу
list_by_status(Status) ->
Match = #ticket{status = Status, _ = '_'},
Tickets = mnesia:dirty_match_object(Match),
{ok, lists:sort(fun(A, B) -> A#ticket.last_seen >= B#ticket.last_seen end, Tickets)}.
%% Обновление статуса тикета
update_status(Id, Status) when Status =:= open; Status =:= in_progress; Status =:= resolved; Status =:= closed ->
F = fun() ->
case mnesia:read(ticket, Id) of
[] ->
{error, not_found};
[Ticket] ->
Updated = Ticket#ticket{status = Status},
mnesia:write(Updated),
{ok, Updated}
end
end,
case mnesia:transaction(F) of
{atomic, Result} -> Result;
{aborted, Reason} -> {error, Reason}
get_by_id(Id) ->
case mnesia:dirty_read({ticket, Id}) of
[Ticket] -> {ok, Ticket};
[] -> {error, not_found}
end.
%% Назначить тикет администратору
assign(Id, AdminId) ->
F = fun() ->
case mnesia:read(ticket, Id) of
[] ->
{error, not_found};
[Ticket] ->
Updated = Ticket#ticket{
assigned_to = AdminId,
status = case Ticket#ticket.status of
open -> in_progress;
S -> S
end
},
mnesia:write(Updated),
{ok, Updated}
end
end,
case mnesia:transaction(F) of
{atomic, Result} -> Result;
{aborted, Reason} -> {error, Reason}
update_ticket(Id, Updates) ->
case get_by_id(Id) of
{ok, Ticket} ->
Updated = apply_updates(Ticket, Updates),
mnesia:dirty_write(Updated),
{ok, Updated};
Error -> Error
end.
%% Добавить примечание о решении
add_resolution(Id, Note) ->
F = fun() ->
case mnesia:read(ticket, Id) of
[] ->
{error, not_found};
[Ticket] ->
Updated = Ticket#ticket{resolution_note = Note},
mnesia:write(Updated),
{ok, Updated}
end
end,
case mnesia:transaction(F) of
{atomic, Result} -> Result;
{aborted, Reason} -> {error, Reason}
delete_ticket(Id) ->
case get_by_id(Id) of
{ok, _Ticket} -> % переменная не используется
mnesia:dirty_delete({ticket, Id}),
{ok, deleted};
Error -> Error
end.
%% Внутренние функции
generate_id() ->
base64:encode(crypto:strong_rand_bytes(16), #{mode => urlsafe, padding => false}).
stats() ->
Tickets = list_all(),
#{
total => length(Tickets),
open => count_by_status(open, Tickets),
in_progress => count_by_status(in_progress, Tickets),
resolved => count_by_status(resolved, Tickets),
closed => count_by_status(closed, Tickets)
}.
generate_error_hash(ErrorMessage, Stacktrace) ->
Data = iolist_to_binary([ErrorMessage, "\n", Stacktrace]),
base64:encode(crypto:hash(sha256, Data), #{mode => urlsafe, padding => false}).
%% ── новые функции ──────────────────────────────────────
create_ticket(Data) ->
Id = base64:encode(crypto:strong_rand_bytes(9)),
Now = calendar:universal_time(),
Ticket = #ticket{
id = Id,
reporter_id = maps:get(<<"reporter_id">>, Data, undefined),
error_hash = maps:get(<<"error_hash">>, Data, <<"">>),
error_message = maps:get(<<"error_message">>, Data),
stacktrace = maps:get(<<"stacktrace">>, Data, <<"">>),
context = maps:get(<<"context">>, Data, <<"">>),
count = 1,
first_seen = Now,
last_seen = Now,
status = maps:get(<<"status">>, Data, open),
assigned_to = maps:get(<<"assigned_to">>, Data, undefined),
resolution_note = maps:get(<<"resolution_note">>, Data, undefined)
},
mnesia:dirty_write(Ticket),
{ok, Ticket}.
list_by_user(UserId) ->
mnesia:dirty_match_object(#ticket{reporter_id = UserId, _ = '_'}).
%% ── внутренние ─────────────────────────────────────────
apply_updates(Ticket, Updates) ->
lists:foldl(fun({Key, Value}, Acc) ->
case Key of
<<"status">> -> Acc#ticket{status = binary_to_atom(Value, utf8)};
<<"assigned_to">> -> Acc#ticket{assigned_to = Value};
<<"resolution_note">> -> Acc#ticket{resolution_note = Value};
<<"error_message">> -> Acc#ticket{error_message = Value};
<<"stacktrace">> -> Acc#ticket{stacktrace = Value};
<<"context">> -> Acc#ticket{context = Value};
_ -> Acc
end
end, Ticket, maps:to_list(Updates)).
count_by_status(Status, Tickets) ->
length([T || T <- Tickets, T#ticket.status =:= Status]).

19
src/core/core_user.erl
View File

@@ -5,6 +5,7 @@
-export([email_exists/1]).
-export([generate_id/0]).
-export([list_users/0]).
-export([block/1, unblock/1]).
%% Создание пользователя
create(Email, Password) ->
@@ -103,6 +104,24 @@ user_to_map(User) ->
updated_at => User#user.updated_at
}.
block(Id) ->
case get_by_id(Id) of
{ok, User} ->
Updated = User#user{status = blocked, updated_at = calendar:universal_time()},
mnesia:dirty_write(Updated),
{ok, Updated};
Error -> Error
end.
unblock(Id) ->
case get_by_id(Id) of
{ok, User} ->
Updated = User#user{status = active, updated_at = calendar:universal_time()},
mnesia:dirty_write(Updated),
{ok, Updated};
Error -> Error
end.
%% Внутренние функции
generate_id() ->
base64:encode(crypto:strong_rand_bytes(16), #{mode => urlsafe, padding => false}).

1
src/eventhub_app.erl
View File

@@ -50,6 +50,7 @@ start_http() ->
{"/v1/reviews/:id", handler_review_by_id, []},
{"/v1/reports", handler_reports, []},
{"/v1/tickets", handler_tickets, []},
{"/v1/tickets/:id", handler_ticket_by_id, []},
{"/v1/subscription", handler_subscription, []}
]}
]),

2
src/handlers/admin/admin_handler_login.erl
View File

@@ -10,7 +10,7 @@ init(Req0, State) ->
{ok, Body, Req1} = cowboy_req:read_body(Req0),
try jsx:decode(Body, [return_maps]) of
#{<<"email">> := Email, <<"password">> := Password} ->
case auth:authenticate_admin_request(Req1, Email, Password) of
case eventhub_auth:authenticate_admin_request(Req1, Email, Password) of
{ok, Token, User} ->
Resp = jsx:encode(#{
<<"token">> => Token,

9
src/handlers/admin/admin_handler_report_by_id.erl
View File

@@ -6,9 +6,9 @@
init(Req, _Opts) ->
case cowboy_req:method(Req) of
<<"GET">> -> get_report(Req);
<<"PUT">> -> update_report(Req);
_ -> send_error(Req, 405, <<"Method not allowed">>)
<<"GET">> -> get_report(Req);
<<"PUT">> -> update_report(Req);
_ -> send_error(Req, 405, <<"Method not allowed">>)
end.
get_report(Req) ->
@@ -39,7 +39,8 @@ update_report(Req) ->
{ok, Body, Req2} = cowboy_req:read_body(Req1),
try jsx:decode(Body, [return_maps]) of
#{<<"status">> := NewStatus} ->
case core_report:update_status(ReportId, NewStatus) of
StatusAtom = binary_to_atom(NewStatus, utf8),
case core_report:update_status(ReportId, StatusAtom, AdminId) of
{ok, Report} ->
send_json(Req2, 200, report_to_json(Report));
{error, not_found} ->

6
src/handlers/admin/admin_handler_reports.erl
View File

@@ -2,7 +2,7 @@
-behaviour(cowboy_handler).
-export([init/2]).
-include("records.hrl"). %% ← обязательно для #user{} и #report{}
-include("records.hrl").
init(Req, _Opts) ->
case cowboy_req:method(Req) of
@@ -16,7 +16,7 @@ list_reports(Req) ->
{ok, AdminId, Req1} ->
case is_admin(AdminId) of
true ->
Reports = core_report:list_reports(),
{ok, Reports} = core_report:list_all(),
send_json(Req1, 200, [report_to_json(R) || R <- Reports]);
false ->
send_error(Req1, 403, <<"Admin access required">>)
@@ -34,7 +34,7 @@ update_report(Req) ->
{ok, Body, Req2} = cowboy_req:read_body(Req1),
try jsx:decode(Body, [return_maps]) of
#{<<"status">> := NewStatus} ->
case core_report:update_status(ReportId, NewStatus) of
case core_report:update_status(ReportId, NewStatus, AdminId) of
{ok, Report} ->
send_json(Req2, 200, report_to_json(Report));
{error, not_found} ->

2
src/handlers/admin/admin_handler_subscriptions.erl
View File

@@ -39,7 +39,7 @@ list_subscriptions(Req) ->
create_subscription(Req) ->
case auth_admin(Req) of
{ok, AdminId, Req1} ->
{ok, _AdminId, Req1} ->
{ok, Body, Req2} = cowboy_req:read_body(Req1),
try jsx:decode(Body, [return_maps]) of
#{<<"user_id">> := _UserId} = Data ->

4
src/handlers/admin/admin_handler_tickets.erl
View File

@@ -28,7 +28,7 @@ handle_item(TicketId, Req) ->
list_tickets(Req) ->
case auth_admin(Req) of
{ok, _AdminId, Req1} ->
Tickets = core_ticket:list_tickets(),
Tickets = core_ticket:list_all(), % ← было list_tickets()
send_json(Req1, 200, [ticket_to_json(T) || T <- Tickets]);
{error, Code, Message, Req1} ->
send_error(Req1, Code, Message)
@@ -36,7 +36,7 @@ list_tickets(Req) ->
create_ticket(Req) ->
case auth_admin(Req) of
{ok, AdminId, Req1} ->
{ok, _AdminId, Req1} ->
{ok, Body, Req2} = cowboy_req:read_body(Req1),
try jsx:decode(Body, [return_maps]) of
#{<<"error_message">> := _} = Data ->

16
src/handlers/admin/admin_ws_handler.erl
View File

@@ -1,6 +1,5 @@
-module(admin_ws_handler).
-behaviour(cowboy_websocket).
-export([init/2]).
-export([websocket_init/1]).
-export([websocket_handle/2]).
@@ -21,15 +20,13 @@ init(Req, _Opts) ->
Token ->
io:format("[ADMIN_WS] Token received: ~s...~n", [binary_part(Token, 0, 30)]),
case logic_auth:verify_jwt(Token) of
{ok, Claims} ->
UserId = maps:get(<<"user_id">>, Claims),
Role = maps:get(<<"role">>, Claims),
{ok, UserId, Role} ->
io:format("[ADMIN_WS] UserId: ~s, Role: ~s~n", [UserId, Role]),
case Role of
<<"admin">> ->
case is_admin_role(Role) of
true ->
io:format("[ADMIN_WS] Admin access granted~n"),
{cowboy_websocket, Req, #state{admin_id = UserId}};
_ ->
false ->
io:format("[ADMIN_WS] Access denied: not admin~n"),
Resp = cowboy_req:reply(403, #{}, <<"Admin access required">>, Req),
{ok, Resp, undefined}
@@ -84,4 +81,7 @@ websocket_info(_Info, State) ->
terminate(_Reason, _Req, _State) ->
pg:leave(eventhub_admin_ws, self()),
ok.
ok.
is_admin_role(Role) ->
lists:member(Role, [<<"admin">>, <<"superadmin">>, <<"moderator">>, <<"support">>]).

3
src/handlers/handler_auth.erl
View File

@@ -8,8 +8,7 @@ authenticate(Req) ->
{bearer, Token} ->
io:format("[AUTH] Bearer token found: ~s...~n", [binary_part(Token, 0, 30)]),
case logic_auth:verify_jwt(Token) of
{ok, Claims} ->
UserId = maps:get(<<"user_id">>, Claims),
{ok, UserId, _Role} ->
io:format("[AUTH] JWT verified, UserId: ~s~n", [UserId]),
{ok, UserId, Req};
{error, expired} ->

4
src/handlers/handler_login.erl
View File

@@ -19,9 +19,9 @@ handle(Req, _Opts) ->
_ ->
try jsx:decode(Body, [return_maps]) of
#{<<"email">> := Email, <<"password">> := Password} ->
case auth:authenticate_user_request(Req1, Email, Password) of
case eventhub_auth:authenticate_user_request(Req1, Email, Password) of
{ok, Token, User} ->
{RefreshToken, ExpiresAt} = auth:generate_refresh_token(maps:get(id, User)),
{RefreshToken, ExpiresAt} = eventhub_auth:generate_refresh_token(maps:get(id, User)),
save_refresh_token(maps:get(id, User), RefreshToken, ExpiresAt),
Response = #{
user => #{

118
src/handlers/handler_refresh.erl
View File

@@ -1,91 +1,67 @@
-module(handler_refresh).
-include("records.hrl").
-export([init/2]).
init(Req, Opts) ->
handle(Req, Opts).
handle(Req, _Opts) ->
case cowboy_req:method(Req) of
init(Req0, _Opts) ->
case cowboy_req:method(Req0) of
<<"POST">> ->
{ok, Body, Req1} = cowboy_req:read_body(Req),
case jsx:decode(Body, [return_maps]) of
{ok, Body, Req1} = cowboy_req:read_body(Req0),
try jsx:decode(Body, [return_maps]) of
#{<<"refresh_token">> := RefreshToken} ->
case validate_refresh_token(RefreshToken) of
{ok, UserId} ->
case core_user:get_by_id(UserId) of
{ok, User} ->
% Генерируем новые токены
NewToken = logic_auth:generate_jwt(User#user.id, User#user.role),
{NewRefreshToken, ExpiresAt} = logic_auth:generate_refresh_token(User#user.id),
% Сохраняем новый refresh token
save_refresh_token(User#user.id, NewRefreshToken, ExpiresAt),
% Удаляем старый refresh token
delete_refresh_token(RefreshToken),
Response = #{
case get_session(RefreshToken) of
{ok, Session} ->
% Проверяем, не истекла ли сессия
case Session#session.expires_at > calendar:universal_time() of
true ->
% Генерируем новый access-токен и refresh-токен
User = get_user(Session#session.user_id),
NewToken = eventhub_auth:generate_user_token(
User#user.id,
atom_to_binary(User#user.role, utf8)
),
{NewRefreshToken, ExpiresAt} =
eventhub_auth:generate_refresh_token(User#user.id),
% Удаляем старую сессию и сохраняем новую
mnesia:dirty_delete_object(Session),
NewSession = #session{
token = NewRefreshToken,
user_id = User#user.id,
expires_at = ExpiresAt,
type = refresh
},
mnesia:dirty_write(NewSession),
Resp = jsx:encode(#{
token => NewToken,
refresh_token => NewRefreshToken
},
send_json(Req1, 200, Response);
{error, not_found} ->
send_error(Req1, 401, <<"User not found">>)
}),
cowboy_req:reply(200, #{
<<"content-type">> => <<"application/json">>
}, Resp, Req1);
false ->
mnesia:dirty_delete_object(Session),
send_error(Req1, 401, <<"Refresh token expired">>)
end;
{error, expired} ->
send_error(Req1, 401, <<"Refresh token expired">>);
{error, invalid} ->
send_error(Req1, 401, <<"Invalid refresh token">>)
{error, not_found} ->
send_error(Req1, 401, <<"Refresh token not found">>)
end;
_ ->
send_error(Req1, 400, <<"Missing refresh_token">>)
send_error(Req1, 400, <<"Missing refresh_token field">>)
catch
_:_ -> send_error(Req1, 400, <<"Invalid JSON">>)
end;
_ ->
send_error(Req, 405, <<"Method not allowed">>)
send_error(Req0, 405, <<"Method not allowed">>)
end.
validate_refresh_token(Token) ->
case get_session_by_token(Token) of
{ok, Session} ->
% Проверяем срок действия
Now = calendar:universal_time(),
case Session#session.expires_at > Now of
true -> {ok, Session#session.user_id};
false -> {error, expired}
end;
{error, not_found} ->
{error, invalid}
get_session(Token) ->
case mnesia:dirty_read({session, Token}) of
[Session] -> {ok, Session};
[] -> {error, not_found}
end.
get_session_by_token(Token) ->
Match = #session{token = Token, type = refresh, _ = '_'},
case mnesia:dirty_match_object(Match) of
[] -> {error, not_found};
[Session] -> {ok, Session}
end.
save_refresh_token(UserId, Token, ExpiresAt) ->
Session = #session{
token = Token,
user_id = UserId,
expires_at = ExpiresAt,
type = refresh
},
mnesia:dirty_write(Session).
delete_refresh_token(Token) ->
Match = #session{token = Token, type = refresh, _ = '_'},
case mnesia:dirty_match_object(Match) of
[] -> ok;
[Session] -> mnesia:dirty_delete_object(Session)
end.
send_json(Req, Status, Data) ->
Body = jsx:encode(Data),
cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req),
{ok, Body, []}.
get_user(UserId) ->
[User] = mnesia:dirty_read({user, UserId}),
User.
send_error(Req, Status, Message) ->
Body = jsx:encode(#{error => Message}),

2
src/handlers/handler_register.erl
View File

@@ -24,7 +24,7 @@ handle(Req, _Opts) ->
false ->
case core_user:create(Email, Password) of
{ok, User} ->
Token = logic_auth:generate_jwt(User#user.id, User#user.role),
Token = logic_auth:generate_jwt(User#user.id, atom_to_binary(User#user.role, utf8)),
Response = #{
user => #{
id => User#user.id,

170
src/handlers/handler_ticket_by_id.erl
View File

@@ -1,157 +1,93 @@
-module(handler_ticket_by_id).
-include("records.hrl").
-behaviour(cowboy_handler).
-export([init/2]).
init(Req, Opts) ->
handle(Req, Opts).
-include("records.hrl").
handle(Req, _Opts) ->
init(Req, _Opts) ->
case cowboy_req:method(Req) of
<<"GET">> -> get_ticket(Req);
<<"PUT">> -> update_ticket(Req);
_ -> send_error(Req, 405, <<"Method not allowed">>)
_ -> send_error(Req, 405, <<"Method not allowed">>)
end.
%% GET /v1/admin/tickets/:id - получить тикет
get_ticket(Req) ->
case handler_auth:authenticate(Req) of
{ok, AdminId, Req1} ->
{ok, UserId, Req1} ->
TicketId = cowboy_req:binding(id, Req1),
case logic_ticket:get_ticket(AdminId, TicketId) of
io:format("[TICKET_BY_ID] User ~s requests ticket ~s~n", [UserId, TicketId]),
case core_ticket:get_by_id(TicketId) of
{ok, Ticket} ->
Response = ticket_to_json(Ticket),
send_json(Req1, 200, Response);
{error, access_denied} ->
send_error(Req1, 403, <<"Admin access required">>);
io:format("[TICKET_BY_ID] Found ticket, reporter_id: ~s~n", [Ticket#ticket.reporter_id]),
case is_admin(UserId) orelse Ticket#ticket.reporter_id =:= UserId of
true ->
io:format("[TICKET_BY_ID] Access granted~n"),
send_json(Req1, 200, ticket_to_json(Ticket));
false ->
io:format("[TICKET_BY_ID] Access denied~n"),
send_error(Req1, 403, <<"Access denied">>)
end;
{error, not_found} ->
send_error(Req1, 404, <<"Ticket not found">>);
{error, _} ->
send_error(Req1, 500, <<"Internal server error">>)
io:format("[TICKET_BY_ID] Ticket not found~n"),
send_error(Req1, 404, <<"Ticket not found">>)
end;
{error, Code, Message, Req1} ->
io:format("[TICKET_BY_ID] Auth error: ~p - ~s~n", [Code, Message]),
send_error(Req1, Code, Message)
end.
%% PUT /v1/admin/tickets/:id - обновить тикет
update_ticket(Req) ->
case handler_auth:authenticate(Req) of
{ok, AdminId, Req1} ->
{ok, UserId, Req1} ->
TicketId = cowboy_req:binding(id, Req1),
{ok, Body, Req2} = cowboy_req:read_body(Req1),
try jsx:decode(Body, [return_maps]) of
Decoded when is_map(Decoded) ->
handle_ticket_action(AdminId, TicketId, Decoded, Req2);
_ ->
send_error(Req2, 400, <<"Invalid JSON">>)
Updates when is_map(Updates) ->
case core_ticket:get_by_id(TicketId) of
{ok, Ticket} ->
case is_admin(UserId) orelse Ticket#ticket.reporter_id =:= UserId of
true ->
case core_ticket:update_ticket(TicketId, Updates) of
{ok, Updated} -> send_json(Req2, 200, ticket_to_json(Updated));
{error, R} -> send_error(Req2, 500, R)
end;
false -> send_error(Req2, 403, <<"Access denied">>)
end;
{error, not_found} -> send_error(Req2, 404, <<"Ticket not found">>)
end;
_ -> send_error(Req2, 400, <<"Invalid JSON">>)
catch
_:_ ->
send_error(Req2, 400, <<"Invalid JSON format">>)
_:_ -> send_error(Req2, 400, <<"Invalid JSON">>)
end;
{error, Code, Message, Req1} ->
send_error(Req1, Code, Message)
end.
%% Обработка действий с тикетом
handle_ticket_action(AdminId, TicketId, Body, Req) ->
case maps:get(<<"action">>, Body, undefined) of
<<"status">> ->
case maps:get(<<"status">>, Body, undefined) of
StatusBin when StatusBin =:= <<"open">>;
StatusBin =:= <<"in_progress">>;
StatusBin =:= <<"resolved">>;
StatusBin =:= <<"closed">> ->
Status = get_binary_to_atom(StatusBin),
case logic_ticket:update_status(AdminId, TicketId, Status) of
{ok, Ticket} ->
Response = ticket_to_json(Ticket),
send_json(Req, 200, Response);
{error, access_denied} ->
send_error(Req, 403, <<"Admin access required">>);
{error, not_found} ->
send_error(Req, 404, <<"Ticket not found">>);
{error, _} ->
send_error(Req, 500, <<"Internal server error">>)
end;
_ ->
send_error(Req, 400, <<"Invalid status">>)
end;
<<"assign">> ->
case maps:get(<<"admin_id">>, Body, undefined) of
undefined ->
send_error(Req, 400, <<"Missing admin_id field">>);
AssignToId ->
case logic_ticket:assign_ticket(AdminId, TicketId, AssignToId) of
{ok, Ticket} ->
Response = ticket_to_json(Ticket),
send_json(Req, 200, Response);
{error, access_denied} ->
send_error(Req, 403, <<"Admin access required">>);
{error, not_found} ->
send_error(Req, 404, <<"Ticket not found">>);
{error, _} ->
send_error(Req, 500, <<"Internal server error">>)
end
end;
<<"resolve">> ->
Note = maps:get(<<"note">>, Body, <<"">>),
case logic_ticket:resolve_ticket(AdminId, TicketId, Note) of
{ok, Ticket} ->
Response = ticket_to_json(Ticket),
send_json(Req, 200, Response);
{error, access_denied} ->
send_error(Req, 403, <<"Admin access required">>);
{error, not_found} ->
send_error(Req, 404, <<"Ticket not found">>);
{error, _} ->
send_error(Req, 500, <<"Internal server error">>)
end;
<<"close">> ->
case logic_ticket:close_ticket(AdminId, TicketId) of
{ok, Ticket} ->
Response = ticket_to_json(Ticket),
send_json(Req, 200, Response);
{error, access_denied} ->
send_error(Req, 403, <<"Admin access required">>);
{error, not_found} ->
send_error(Req, 404, <<"Ticket not found">>);
{error, _} ->
send_error(Req, 500, <<"Internal server error">>)
end;
_ ->
send_error(Req, 400, <<"Invalid action">>)
is_admin(UserId) ->
case core_user:get_by_id(UserId) of
{ok, U} -> lists:member(U#user.role, [admin, superadmin, moderator, support]);
_ -> false
end.
%% Вспомогательные функции
ticket_to_json(Ticket) ->
Context = try binary_to_term(Ticket#ticket.context) of
C -> C
catch
_:_ -> #{}
end,
ticket_to_json(T) ->
#{
id => Ticket#ticket.id,
error_hash => Ticket#ticket.error_hash,
error_message => Ticket#ticket.error_message,
stacktrace => Ticket#ticket.stacktrace,
context => Context,
count => Ticket#ticket.count,
first_seen => datetime_to_iso8601(Ticket#ticket.first_seen),
last_seen => datetime_to_iso8601(Ticket#ticket.last_seen),
status => Ticket#ticket.status,
assigned_to => Ticket#ticket.assigned_to,
resolution_note => Ticket#ticket.resolution_note
id => T#ticket.id,
error_hash => T#ticket.error_hash,
error_message => T#ticket.error_message,
stacktrace => T#ticket.stacktrace,
context => T#ticket.context,
count => T#ticket.count,
first_seen => datetime_to_iso8601(T#ticket.first_seen),
last_seen => datetime_to_iso8601(T#ticket.last_seen),
status => T#ticket.status,
assigned_to => T#ticket.assigned_to,
resolution_note => T#ticket.resolution_note
}.
datetime_to_iso8601({{Year, Month, Day}, {Hour, Minute, Second}}) ->
iolist_to_binary(io_lib:format("~4..0B-~2..0B-~2..0BT~2..0B:~2..0B:~2..0BZ",
[Year, Month, Day, Hour, Minute, Second])).
get_binary_to_atom(<<"open">>) -> open;
get_binary_to_atom(<<"in_progress">>) -> in_progress;
get_binary_to_atom(<<"resolved">>) -> resolved;
get_binary_to_atom(<<"closed">>) -> closed.
[Year, Month, Day, Hour, Minute, Second]));
datetime_to_iso8601(undefined) -> undefined.
send_json(Req, Status, Data) ->
Body = jsx:encode(Data),

141
src/handlers/handler_tickets.erl
View File

@@ -1,113 +1,82 @@
-module(handler_tickets).
-include("records.hrl").
-behaviour(cowboy_handler).
-export([init/2]).
init(Req, Opts) ->
handle(Req, Opts).
-include("records.hrl").
init(Req0, Opts) ->
handle(Req0, Opts).
handle(Req, _Opts) ->
case cowboy_req:method(Req) of
<<"GET">> -> list_tickets(Req);
<<"POST">> -> report_error(Req);
<<"POST">> -> create_ticket(Req);
_ -> send_error(Req, 405, <<"Method not allowed">>)
end.
%% POST /v1/tickets - сообщить об ошибке (доступно всем)
report_error(Req) ->
case handler_auth:authenticate(Req) of
{ok, _UserId, Req1} ->
{ok, Body, Req2} = cowboy_req:read_body(Req1),
try jsx:decode(Body, [return_maps]) of
Decoded when is_map(Decoded) ->
case Decoded of
#{<<"error_message">> := ErrorMessage} ->
Stacktrace = maps:get(<<"stacktrace">>, Decoded, <<"">>),
Context = maps:get(<<"context">>, Decoded, #{}),
case logic_ticket:report_error(ErrorMessage, Stacktrace, Context) of
{ok, Ticket} ->
Response = ticket_to_json(Ticket),
send_json(Req2, 201, Response);
{error, _} ->
send_error(Req2, 500, <<"Internal server error">>)
end;
_ ->
send_error(Req2, 400, <<"Missing error_message field">>)
end;
_ ->
send_error(Req2, 400, <<"Invalid JSON">>)
catch
_:_ ->
send_error(Req2, 400, <<"Invalid JSON format">>)
end;
{error, Code, Message, Req1} ->
send_error(Req1, Code, Message)
end.
%% GET /v1/admin/tickets - список тикетов (только админ)
list_tickets(Req) ->
case handler_auth:authenticate(Req) of
{ok, AdminId, Req1} ->
Qs = cowboy_req:parse_qs(Req1),
case proplists:get_value(<<"status">>, Qs) of
undefined ->
case logic_ticket:list_tickets(AdminId) of
{ok, Tickets} ->
Response = [ticket_to_json(T) || T <- Tickets],
send_json(Req1, 200, Response);
{error, access_denied} ->
send_error(Req1, 403, <<"Admin access required">>);
{error, _} ->
send_error(Req1, 500, <<"Internal server error">>)
end;
StatusBin ->
Status = parse_status(StatusBin),
case logic_ticket:list_tickets_by_status(AdminId, Status) of
{ok, Tickets} ->
Response = [ticket_to_json(T) || T <- Tickets],
send_json(Req1, 200, Response);
{error, access_denied} ->
send_error(Req1, 403, <<"Admin access required">>);
{error, _} ->
send_error(Req1, 500, <<"Internal server error">>)
end
{ok, UserId, Req1} ->
case is_admin(UserId) of
true ->
Tickets = core_ticket:list_all(),
send_json(Req1, 200, [ticket_to_json(T) || T <- Tickets]);
false ->
Tickets = core_ticket:list_by_user(UserId),
send_json(Req1, 200, [ticket_to_json(T) || T <- Tickets])
end;
{error, Code, Message, Req1} ->
send_error(Req1, Code, Message)
end.
%% Вспомогательные функции
parse_status(<<"open">>) -> open;
parse_status(<<"in_progress">>) -> in_progress;
parse_status(<<"resolved">>) -> resolved;
parse_status(<<"closed">>) -> closed;
parse_status(_) -> open.
create_ticket(Req) ->
case handler_auth:authenticate(Req) of
{ok, UserId, Req1} ->
{ok, Body, Req2} = cowboy_req:read_body(Req1),
try jsx:decode(Body, [return_maps]) of
#{<<"error_message">> := _} = Data ->
TicketData = maps:merge(#{<<"reporter_id">> => UserId, <<"status">> => <<"open">>}, Data),
case core_ticket:create_ticket(TicketData) of
{ok, Ticket} ->
send_json(Req2, 201, ticket_to_json(Ticket));
{error, Reason} ->
send_error(Req2, 500, Reason)
end;
_ ->
send_error(Req2, 400, <<"Missing 'error_message' field">>)
catch
_:_ -> send_error(Req2, 400, <<"Invalid JSON">>)
end;
{error, Code, Message, Req1} ->
send_error(Req1, Code, Message)
end.
ticket_to_json(Ticket) ->
Context = try binary_to_term(Ticket#ticket.context) of
C -> C
catch
_:_ -> #{}
end,
is_admin(UserId) ->
case core_user:get_by_id(UserId) of
{ok, User} ->
lists:member(User#user.role, [admin, superadmin, moderator, support]);
_ -> false
end.
ticket_to_json(T) ->
#{
id => Ticket#ticket.id,
error_hash => Ticket#ticket.error_hash,
error_message => Ticket#ticket.error_message,
stacktrace => Ticket#ticket.stacktrace,
context => Context,
count => Ticket#ticket.count,
first_seen => datetime_to_iso8601(Ticket#ticket.first_seen),
last_seen => datetime_to_iso8601(Ticket#ticket.last_seen),
status => Ticket#ticket.status,
assigned_to => Ticket#ticket.assigned_to,
resolution_note => Ticket#ticket.resolution_note
id => T#ticket.id,
error_hash => T#ticket.error_hash,
error_message => T#ticket.error_message,
stacktrace => T#ticket.stacktrace,
context => T#ticket.context,
count => T#ticket.count,
first_seen => datetime_to_iso8601(T#ticket.first_seen),
last_seen => datetime_to_iso8601(T#ticket.last_seen),
status => T#ticket.status,
assigned_to => T#ticket.assigned_to,
resolution_note => T#ticket.resolution_note
}.
datetime_to_iso8601({{Year, Month, Day}, {Hour, Minute, Second}}) ->
iolist_to_binary(io_lib:format("~4..0B-~2..0B-~2..0BT~2..0B:~2..0B:~2..0BZ",
[Year, Month, Day, Hour, Minute, Second])).
[Year, Month, Day, Hour, Minute, Second]));
datetime_to_iso8601(undefined) -> undefined.
send_json(Req, Status, Data) ->
Body = jsx:encode(Data),

15
src/handlers/handler_user_me.erl
View File

@@ -1,10 +1,8 @@
-module(handler_user_me).
-include("records.hrl").
-export([init/2]).
init(Req, Opts) ->
handle(Req, Opts).
init(Req, Opts) -> handle(Req, Opts).
handle(Req, _Opts) ->
case cowboy_req:method(Req) of
@@ -14,10 +12,10 @@ handle(Req, _Opts) ->
case core_user:get_by_id(UserId) of
{ok, User} ->
Response = #{
id => User#user.id,
email => User#user.email,
role => User#user.role,
status => User#user.status,
id => User#user.id,
email => User#user.email,
role => User#user.role,
status => User#user.status,
created_at => User#user.created_at,
updated_at => User#user.updated_at
},
@@ -36,8 +34,7 @@ authenticate(Req) ->
case cowboy_req:parse_header(<<"authorization">>, Req) of
{bearer, Token} ->
case logic_auth:verify_jwt(Token) of
{ok, Claims} ->
UserId = maps:get(<<"user_id">>, Claims),
{ok, UserId, _Role} -> % ← теперь возвращается {ok, UserId, Role}
{ok, UserId, Req};
{error, expired} ->
{error, 401, <<"Token expired">>, Req};

13
src/handlers/ws_handler.erl
View File

@@ -1,6 +1,5 @@
-module(ws_handler).
-behaviour(cowboy_websocket).
-export([init/2]).
-export([websocket_init/1]).
-export([websocket_handle/2]).
@@ -13,15 +12,13 @@
}).
init(Req, _Opts) ->
% Аутентификация через query параметр token
Qs = cowboy_req:parse_qs(Req),
case proplists:get_value(<<"token">>, Qs) of
undefined ->
{ok, cowboy_req:reply(401, #{}, <<"Missing token">>, Req), undefined};
Token ->
case logic_auth:verify_jwt(Token) of
{ok, Claims} ->
UserId = maps:get(<<"user_id">>, Claims),
{ok, UserId, _Role} ->
{cowboy_websocket, Req, #state{user_id = UserId}};
{error, _} ->
{ok, cowboy_req:reply(401, #{}, <<"Invalid token">>, Req), undefined}
@@ -29,7 +26,6 @@ init(Req, _Opts) ->
end.
websocket_init(State) ->
% Регистрируем процесс в pg для получения уведомлений
pg:join(eventhub_ws, self()),
{ok, State}.
@@ -39,9 +35,9 @@ websocket_handle({text, Msg}, State) ->
#{<<"action">> := <<"subscribe">>, <<"calendar_id">> := CalendarId} ->
io:format("Subscribe to calendar: ~s~n", [CalendarId]),
NewSubs = case lists:member(CalendarId, State#state.subscriptions) of
true -> State#state.subscriptions;
false -> [CalendarId | State#state.subscriptions]
end,
true -> State#state.subscriptions;
false -> [CalendarId | State#state.subscriptions]
end,
Reply = jsx:encode(#{status => <<"subscribed">>, calendar_id => CalendarId}),
io:format("Sending reply: ~s~n", [Reply]),
{reply, {text, Reply}, State#state{subscriptions = NewSubs}};
@@ -77,7 +73,6 @@ terminate(_Reason, _Req, _State) ->
pg:leave(eventhub_ws, self()),
ok.
%% Проверка, нужно ли отправлять уведомление пользователю
should_notify(calendar_update, #{calendar_id := CalId}, State) ->
lists:member(CalId, State#state.subscriptions);
should_notify(booking_update, #{user_id := UserId}, State) ->

9
src/infra/auth.erl → src/infra/eventhub_auth.erl
View File

@@ -1,4 +1,4 @@
-module(auth).
-module(eventhub_auth).
-export([
generate_user_token/2,
generate_admin_token/2,
@@ -145,10 +145,13 @@ authenticate_admin_request(_Req, Email, Password) ->
%% ========== REFRESH TOKEN ==========
-spec generate_refresh_token(UserId :: binary()) -> {binary(), integer()}.
-spec generate_refresh_token(UserId :: binary()) -> {binary(), calendar:datetime()}.
generate_refresh_token(_UserId) ->
RefreshToken = base64:encode(crypto:strong_rand_bytes(32)),
ExpiresAt = erlang:system_time(second) + 2592000, % 30 дней
Now = calendar:universal_time(),
ExpiresAt = calendar:gregorian_seconds_to_datetime(
calendar:datetime_to_gregorian_seconds(Now) + 30 * 24 * 3600
),
{RefreshToken, ExpiresAt}.
%% ========== ВНУТРЕННИЕ ==========

105
src/logic/logic_auth.erl
View File

@@ -1,88 +1,43 @@
-module(logic_auth).
-export([hash_password/1, verify_password/2,
generate_jwt/2, verify_jwt/1,
generate_refresh_token/1,
authenticate_user/2]).
-export([hash_password/1, verify_password/2]).
-export([generate_jwt/2, verify_jwt/1, extract_claims/1]).
-export([generate_refresh_token/1]).
-include("records.hrl").
%% ============ Argon2 хеширование ============
hash_password(Password) when is_binary(Password) ->
hash_password(Password) ->
argon2:hash(Password).
verify_password(Password, Hash) when is_binary(Password), is_binary(Hash) ->
verify_password(Password, Hash) ->
argon2:verify(Password, Hash).
%% ============ JWT с использованием jose ============
get_jwt_secret() ->
<<"my-super-secret-key-for-jwt-32-bytes!">>.
get_jwk() ->
jose_jwk:from_oct(get_jwt_secret()).
generate_jwt(UserId, Role) ->
JWK = get_jwk(),
eventhub_auth:generate_user_token(UserId, Role).
ExpTime = os:system_time(seconds) + 86400, % 24 часа
Claims = #{
<<"user_id">> => UserId,
<<"role">> => Role,
<<"exp">> => ExpTime,
<<"iat">> => os:system_time(seconds)
},
verify_jwt(Token) ->
eventhub_auth:verify_user_token(Token).
JWT = jose_jwt:sign(JWK, #{<<"alg">> => <<"HS256">>}, Claims),
{_, Token} = jose_jws:compact(JWT),
Token.
generate_refresh_token(UserId) ->
eventhub_auth:generate_refresh_token(UserId).
verify_jwt(Token) when is_binary(Token) ->
try
JWK = get_jwk(),
case jose_jwt:verify(JWK, Token) of
{true, {jose_jwt, Claims}, _} ->
case check_expiry(Claims) of
true -> {ok, Claims};
false -> {error, expired}
end;
{true, Claims, _} when is_map(Claims) ->
case check_expiry(Claims) of
true -> {ok, Claims};
false -> {error, expired}
end;
{false, _, _} ->
{error, invalid_signature}
end
catch
_:_ -> {error, invalid_token}
authenticate_user(Email, Password) ->
case core_user:get_by_email(Email) of
{ok, User} ->
case verify_password(Password, User#user.password_hash) of
{ok, true} ->
{ok, user_to_map(User)};
_ ->
{error, invalid_credentials}
end;
{error, not_found} ->
{error, invalid_credentials}
end.
extract_claims(Token) when is_binary(Token) ->
try
JWK = get_jwk(),
case jose_jwt:verify(JWK, Token) of
{true, {jose_jwt, Claims}, _} ->
{ok, Claims};
{true, Claims, _} when is_map(Claims) ->
{ok, Claims};
_ ->
{error, invalid_token}
end
catch
_:_ -> {error, invalid_token}
end.
check_expiry(Claims) ->
case maps:find(<<"exp">>, Claims) of
{ok, Exp} when is_integer(Exp) ->
Exp > os:system_time(seconds);
_ ->
false
end.
%% ============ Refresh Token ============
generate_refresh_token(_UserId) ->
Token = base64:encode(crypto:strong_rand_bytes(32), #{mode => urlsafe, padding => false}),
ExpiresAt = calendar:universal_time_to_local_time(
calendar:gregorian_seconds_to_datetime(
calendar:datetime_to_gregorian_seconds(calendar:universal_time()) + 30 * 86400
)
),
{Token, ExpiresAt}.
user_to_map(User) ->
#{
id => User#user.id,
email => User#user.email,
role => atom_to_binary(User#user.role, utf8),
status => atom_to_binary(User#user.status, utf8)
}.

105
src/logic/logic_moderation.erl
View File

@@ -1,16 +1,27 @@
-module(logic_moderation).
-include("records.hrl").
-export([create_report/4, get_reports/1, get_reports_by_target/3, resolve_report/3]).
-export([add_banned_word/2, remove_banned_word/2, list_banned_words/1]).
-export([check_content/1, auto_moderate/1]).
-export([freeze_calendar/2, unfreeze_calendar/2, freeze_event/2, unfreeze_event/2]).
-export([create_report/4,
get_reports/1,
get_reports_by_target/3,
resolve_report/3]).
-define(REPORT_THRESHOLD, 3). % Количество жалоб для авто-заморозки
-export([add_banned_word/2,
remove_banned_word/2,
list_banned_words/1]).
%% ============ Жалобы ============
-export([check_content/1,
auto_moderate/1]).
-export([freeze_calendar/2,
unfreeze_calendar/2,
freeze_event/2,
unfreeze_event/2]).
-define(REPORT_THRESHOLD, 3).
%% ============ Жалобы =====================================
%% Создание жалобы
create_report(ReporterId, TargetType, TargetId, Reason) ->
case target_exists(TargetType, TargetId) of
true ->
@@ -22,30 +33,29 @@ create_report(ReporterId, TargetType, TargetId, Reason) ->
target_id => TargetId,
reason => Reason
}),
% Проверяем порог для авто-модерации
check_auto_freeze(TargetType, TargetId),
{ok, Report};
Error -> Error
Error ->
Error
end;
false -> {error, target_not_found}
false ->
{error, target_not_found}
end.
%% Получить все жалобы (для админа)
get_reports(AdminId) ->
case is_admin(AdminId) of
true -> core_report:list_all();
true -> core_report:list_all();
false -> {error, access_denied}
end.
%% Получить жалобы на конкретную цель
get_reports_by_target(AdminId, TargetType, TargetId) ->
case is_admin(AdminId) of
true -> core_report:list_by_target(TargetType, TargetId);
true -> core_report:list_by_target(TargetType, TargetId);
false -> {error, access_denied}
end.
%% Рассмотреть жалобу (подтвердить или отклонить)
resolve_report(AdminId, ReportId, Action) when Action =:= reviewed; Action =:= dismissed ->
resolve_report(AdminId, ReportId, Action)
when Action =:= reviewed; Action =:= dismissed ->
case is_admin(AdminId) of
true ->
case core_report:get_by_id(ReportId) of
@@ -53,19 +63,23 @@ resolve_report(AdminId, ReportId, Action) when Action =:= reviewed; Action =:= d
case Report#report.status of
pending ->
core_report:update_status(ReportId, Action, AdminId);
_ -> {error, already_resolved}
_ ->
{error, already_resolved}
end;
Error -> Error
Error ->
Error
end;
false -> {error, access_denied}
false ->
{error, access_denied}
end.
%% Проверка порога для авто-заморозки
check_auto_freeze(TargetType, TargetId) ->
Count = core_report:get_count_by_target(TargetType, TargetId),
if Count >= ?REPORT_THRESHOLD ->
auto_freeze(TargetType, TargetId);
true -> ok
if
Count >= ?REPORT_THRESHOLD ->
auto_freeze(TargetType, TargetId);
true ->
ok
end.
auto_freeze(event, EventId) ->
@@ -82,42 +96,52 @@ auto_freeze(calendar, CalendarId) ->
end;
auto_freeze(_, _) -> ok.
%% ============ Бан-лист ============
%% ============ Бан-лист ===================================
%% Добавить запрещённое слово
add_banned_word(AdminId, Word) ->
case is_admin(AdminId) of
true -> core_banned_word:add(Word);
true -> core_banned_words:add_banned_word(Word, AdminId);
false -> {error, access_denied}
end.
%% Удалить запрещённое слово
remove_banned_word(AdminId, Word) ->
case is_admin(AdminId) of
true -> core_banned_word:remove(Word);
true -> core_banned_words:remove_banned_word(Word);
false -> {error, access_denied}
end.
%% Список запрещённых слов
list_banned_words(AdminId) ->
case is_admin(AdminId) of
true -> core_banned_word:list_all();
true -> {ok, core_banned_words:list_banned_words()};
false -> {error, access_denied}
end.
%% ============ Контент-фильтр ============
%% ============ Контент-фильтр =============================
%% Проверить контент на запрещённые слова
check_content(Text) ->
core_banned_word:check_text(Text).
Words = core_banned_words:list_banned_words(),
LowerText = string:lowercase(binary_to_list(Text)),
lists:any(fun(W) ->
string:str(LowerText, binary_to_list(W#banned_word.word)) > 0
end, Words).
%% Автоматическая модерация контента (замена запрещённых слов)
auto_moderate(Text) ->
core_banned_word:filter_text(Text).
Words = core_banned_words:list_banned_words(),
lists:foldl(fun(W, Acc) ->
WordStr = binary_to_list(W#banned_word.word),
LowerAccStr = string:lowercase(binary_to_list(Acc)),
case string:str(LowerAccStr, WordStr) of
0 -> Acc;
Pos ->
Len = length(WordStr),
Start = binary:part(Acc, {0, Pos-1}),
Rest = binary:part(Acc, {Pos-1+Len, byte_size(Acc)-Pos+1-Len}),
<<Start/binary, "***", Rest/binary>>
end
end, Text, Words).
%% ============ Заморозка/разморозка ============
%% ============ Заморозка/разморозка =======================
%% Заморозить календарь
freeze_calendar(AdminId, CalendarId) ->
case is_admin(AdminId) of
true ->
@@ -129,7 +153,6 @@ freeze_calendar(AdminId, CalendarId) ->
false -> {error, access_denied}
end.
%% Разморозить календарь
unfreeze_calendar(AdminId, CalendarId) ->
case is_admin(AdminId) of
true ->
@@ -141,7 +164,6 @@ unfreeze_calendar(AdminId, CalendarId) ->
false -> {error, access_denied}
end.
%% Заморозить событие
freeze_event(AdminId, EventId) ->
case is_admin(AdminId) of
true ->
@@ -153,7 +175,6 @@ freeze_event(AdminId, EventId) ->
false -> {error, access_denied}
end.
%% Разморозить событие
unfreeze_event(AdminId, EventId) ->
case is_admin(AdminId) of
true ->
@@ -165,7 +186,7 @@ unfreeze_event(AdminId, EventId) ->
false -> {error, access_denied}
end.
%% ============ Вспомогательные функции ============
%% ============ Вспомогательные функции ====================
target_exists(event, EventId) ->
case core_event:get_by_id(EventId) of
@@ -176,7 +197,7 @@ target_exists(calendar, CalendarId) ->
case core_calendar:get_by_id(CalendarId) of
{ok, _} -> true;
_ -> false
end; % ← точка с запятой здесь!
end;
target_exists(_, _) -> false.
is_admin(UserId) ->

87
src/logic/logic_ticket.erl
View File

@@ -1,89 +1,110 @@
-module(logic_ticket).
-include("records.hrl").
-export([report_error/3, get_ticket/2, list_tickets/1, list_tickets_by_status/2]).
-export([update_status/3, assign_ticket/3, resolve_ticket/3, close_ticket/2]).
-export([get_statistics/1]).
-export([report_error/3,
get_ticket/2,
list_tickets/1,
list_tickets_by_status/2,
update_status/3,
assign_ticket/3,
resolve_ticket/3,
close_ticket/2,
get_statistics/1]).
%% Зарегистрировать ошибку (создать или обновить тикет)
report_error(ErrorMessage, Stacktrace, Context) ->
case core_ticket:create_or_update(ErrorMessage, Stacktrace, Context) of
{ok, Ticket} ->
% Если это новый тикет, уведомляем администраторов (заглушка)
case Ticket#ticket.count of
1 -> notify_admins(Ticket);
_ -> ok
end,
{ok, Ticket};
Error -> Error
Existing = [T || T <- core_ticket:list_all(), T#ticket.error_message =:= ErrorMessage],
case Existing of
[Ticket] ->
% Увеличить счётчик и обновить last_seen
Updated = Ticket#ticket{
count = Ticket#ticket.count + 1,
last_seen = calendar:universal_time()
},
mnesia:dirty_write(Updated),
{ok, Updated};
[] ->
Data = #{
<<"error_message">> => ErrorMessage,
<<"stacktrace">> => Stacktrace,
<<"context">> => list_to_binary(io_lib:format("~p", [Context]))
},
case core_ticket:create_ticket(Data) of
{ok, Ticket} = Result ->
% Уведомление администраторов (заглушка)
notify_admins(Ticket),
Result;
Error -> Error
end
end.
%% Получить тикет (только для админов)
get_ticket(AdminId, TicketId) ->
case is_admin(AdminId) of
true -> core_ticket:get_by_id(TicketId);
true -> core_ticket:get_by_id(TicketId);
false -> {error, access_denied}
end.
%% Список всех тикетов (только для админов)
list_tickets(AdminId) ->
case is_admin(AdminId) of
true -> core_ticket:list_all();
true -> core_ticket:list_all();
false -> {error, access_denied}
end.
%% Список тикетов по статусу (только для админов)
list_tickets_by_status(AdminId, Status) ->
case is_admin(AdminId) of
true -> core_ticket:list_by_status(Status);
true ->
All = core_ticket:list_all(),
[T || T <- All, T#ticket.status =:= Status];
false -> {error, access_denied}
end.
%% Обновить статус тикета
update_status(AdminId, TicketId, Status) ->
case is_admin(AdminId) of
true -> core_ticket:update_status(TicketId, Status);
true -> core_ticket:update_ticket(TicketId, #{<<"status">> => Status});
false -> {error, access_denied}
end.
%% Назначить тикет администратору
assign_ticket(AdminId, TicketId, AssignToId) ->
case is_admin(AdminId) of
true -> core_ticket:assign(TicketId, AssignToId);
true -> core_ticket:update_ticket(TicketId, #{<<"assigned_to">> => AssignToId});
false -> {error, access_denied}
end.
%% Отметить тикет как решённый с примечанием
resolve_ticket(AdminId, TicketId, ResolutionNote) ->
case is_admin(AdminId) of
true ->
case core_ticket:add_resolution(TicketId, ResolutionNote) of
{ok, _Ticket} ->
core_ticket:update_status(TicketId, resolved);
Error -> Error
end;
true ->
core_ticket:update_ticket(TicketId, #{
<<"status">> => <<"closed">>,
<<"resolution_note">> => ResolutionNote
});
false -> {error, access_denied}
end.
%% Закрыть тикет
close_ticket(AdminId, TicketId) ->
case is_admin(AdminId) of
true -> core_ticket:update_status(TicketId, closed);
true -> core_ticket:update_ticket(TicketId, #{<<"status">> => <<"closed">>});
false -> {error, access_denied}
end.
%% Получить статистику по тикетам
get_statistics(AdminId) ->
case is_admin(AdminId) of
true ->
{ok, AllTickets} = core_ticket:list_all(),
Open = length([T || T <- AllTickets, T#ticket.status =:= open]),
InProgress = length([T || T <- AllTickets, T#ticket.status =:= in_progress]),
Resolved = length([T || T <- AllTickets, T#ticket.status =:= resolved]),
Closed = length([T || T <- AllTickets, T#ticket.status =:= closed]),
TotalErrors = lists:sum([T#ticket.count || T <- AllTickets]),
true ->
All = core_ticket:list_all(),
Open = length([T || T <- All, T#ticket.status =:= open]),
InProgress = length([T || T <- All, T#ticket.status =:= in_progress]),
Resolved = length([T || T <- All, T#ticket.status =:= resolved]),
Closed = length([T || T <- All, T#ticket.status =:= closed]),
TotalErrors = lists:sum([T#ticket.count || T <- All]),
#{
total_tickets => length(AllTickets),
total_tickets => length(All),
open => Open,
in_progress => InProgress,
resolved => Resolved,
@@ -102,6 +123,4 @@ is_admin(UserId) ->
end.
notify_admins(_Ticket) ->
% Заглушка для уведомлений администраторов
% В будущем здесь будет отправка email/websocket
ok.