Feat/handle user generated content #105
Conversation
- Update core package reference from 3779a8b1dbd8450d524574cf5376b7cc2ed514e7 to 4ffe8833b8a042b2b3b68550f682c5aa902a5ccc - Update both pubspec.lock and pubspec.yaml files
Introduces new permission constants for managing user-generated content. This includes permissions for creating, reading, updating, and deleting engagements and reports, scoped to the owner.
These permissions are essential for securing the new UGC endpoints and ensuring users can only manage their own content.
Assigns the new engagement and report permissions to the `_appGuestUserPermissions` set. Since guest, standard, and premium users all inherit from this base set, this change grants all application users the ability to create and manage their own engagements and reports.
This is a necessary step to allow users to interact with the new community features.
Instantiates `DataMongodb` clients and `DataRepository` instances for the `Engagement` and `Report` models. These new repositories are then provided to the application's dependency injection container.
This makes the services for managing engagements and reports available throughout the application, particularly for the generic data API routes.
Adds `ModelConfig` entries for 'engagement' and 'report' to the `modelRegistry`. This configuration defines the authorization rules for each model, such as requiring ownership for all operations and using specific `_owned` permissions.
Registering these models makes them available through the generic `/api/v1/data` endpoint, enabling clients to perform CRUD operations on them.
Updates the `_ensureIndexes` method in the `DatabaseSeedingService` to create indexes on the `engagements` and `reports` collections.
Indexes are added for `userId` to optimize fetching user-specific content, and for `entityId` and `entityType` to efficiently query for content related to a specific item (e.g., all engagements for a headline).
…mit service for ugc Expands the `UserActionLimitService` interface with new, correctly named methods: `checkEngagementCreationLimit` and `checkReportCreationLimit`. This change correctly frames the limit checks around the primary entities (`Engagement`, `Report`) being created, rather than their sub-components. The `checkEngagementCreationLimit` method now accepts the `Engagement` object to allow for conditional logic based on its content (e.g., presence of a comment).
Overhauls the `DefaultUserActionLimitService` to correctly enforce daily limits for engagements and reports. The service now injects the `Engagement` and `Report` repositories to perform database counts.
- `checkEngagementCreationLimit`: Checks the `reactionsPerDay` limit on every call. If the engagement contains a comment, it also checks the `commentsPerDay` limit.
- `checkReportCreationLimit`: Checks the `reportsPerDay` limit.
This centralizes all UGC limit logic within the service layer, adhering to the established architectural pattern.
- Register read, readAll, create, update, and delete operations for Engagement and Report entities - Implement custom creators for engagement and report with security and limit checks - Update existing updaters and deleters for other entities - Rename UserPreferenceLimitService to UserActionLimitService for better naming consistency
…ervice - Update import statement for UserActionLimitService - Replace UserPreferenceLimitService with UserActionLimitService in middleware
- Update _getLimitsForRole to _getPreferenceLimitsForRole - Add const keyword to ForbiddenException instances
Summary of ChangesHello @fulleni, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request significantly enhances the application's backend capabilities by introducing robust support for user-generated content. It establishes new data models for engagements and reports, along with a comprehensive system for managing user action limits and permissions. The changes streamline how data models are configured and accessed through generic API endpoints, laying the groundwork for interactive user features while maintaining security and control. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces functionality for user-generated content, specifically engagements (reactions/comments) and reports. The changes include adding new data models, database collections and permissions which is a solid architectural improvement. The UserPreferenceLimitService has been refactored into a more general UserActionLimitService to handle new action-based limits. My review includes suggestions to improve testability by abstracting DateTime.now() and to enhance code clarity by removing redundant type casts in the new model registry.
github-project-automation
bot
moved this from Backlog
to Done
in Flutter News App Project
Status
READY
Description
This pull request significantly enhances the application's backend capabilities by introducing robust support for user-generated content. It establishes new data models for engagements and reports, along with a comprehensive system for managing user action limits and permissions. The changes streamline how data models are configured and accessed through generic API endpoints, laying the groundwork for interactive user features while maintaining security and control.
Type of Change