commit 5c8956535b18f94f7b340e0d14184259651366ee · bretton.dev/coves

+40

docs/PRD_COMMUNITIES.md

···

       201
        
       

     

       202
        
       ---

     

       203
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       204
        
       ### Posts in Communities

     

       205
        
       **Status:** Lexicon designed, implementation TODO

     

       206
        
       **Priority:** HIGHEST for Beta 1

     
···

       214
        
       - [ ] Decide membership requirements for posting

     

       215
        
       

     

       216
        
       **Without posts, communities exist but can't be used!**

     

       0
        
       
     

       0
        
       
     

       217
        
       

     

       218
        
       ---

     

       219

···

       201
        
       

     

       202
        
       ---

     

       203
        
       

     

       204
       +
       ### Blob Upload Proxy System

     

       205
       +
       **Status:** Design documented, implementation TODO

     

       206
       +
       **Priority:** CRITICAL for Beta - Required for image/video posts in communities

     

       207
       +
       

     

       208
       +
       **Problem:** Users on external PDSs cannot directly upload blobs to community-owned PDS repositories because they lack authentication credentials for the community's PDS.

     

       209
       +
       

     

       210
       +
       **Solution:** Coves AppView acts as an authenticated proxy for blob uploads:

     

       211
       +
       

     

       212
       +
       **Flow:**

     

       213
       +
       1. User uploads blob to Coves AppView via `social.coves.blob.uploadForCommunity`

     

       214
       +
       2. AppView validates user can post to community (not banned, community accessible)

     

       215
       +
       3. AppView uses community's PDS credentials to upload blob via `com.atproto.repo.uploadBlob`

     

       216
       +
       4. AppView returns CID to user

     

       217
       +
       5. User creates post record referencing the CID

     

       218
       +
       6. Post and blob both live in community's PDS

     

       219
       +
       

     

       220
       +
       **Implementation Checklist:**

     

       221
       +
       - [ ] Handler: `social.coves.blob.uploadForCommunity` endpoint

     

       222
       +
       - [ ] Validation: Check user authorization to post in community

     

       223
       +
       - [ ] Credential Management: Reuse community token refresh logic

     

       224
       +
       - [ ] Upload Proxy: Forward blob to community's PDS with community credentials

     

       225
       +
       - [ ] Security: Size limits, content-type validation, rate limiting

     

       226
       +
       - [ ] Testing: E2E test with federated user uploading to community

     

       227
       +
       

     

       228
       +
       **Why This Approach:**

     

       229
       +
       - ✅ Works with federated users (any PDS)

     

       230
       +
       - ✅ Reuses existing community credential infrastructure

     

       231
       +
       - ✅ Matches V2 architecture (AppView orchestrates, communities own data)

     

       232
       +
       - ✅ Blobs stored on correct PDS (community's repository)

     

       233
       +
       - ❌ AppView becomes upload intermediary (bandwidth cost)

     

       234
       +
       

     

       235
       +
       **Alternative Considered:** Direct user uploads to community PDS

     

       236
       +
       - Rejected: Would require creating temporary user accounts on every community PDS (complex, insecure)

     

       237
       +
       

     

       238
       +
       **See:** Design discussion in context of ATProto blob architecture

     

       239
       +
       

     

       240
       +
       ---

     

       241
       +
       

     

       242
        
       ### Posts in Communities

     

       243
        
       **Status:** Lexicon designed, implementation TODO

     

       244
        
       **Priority:** HIGHEST for Beta 1

     
···

       252
        
       - [ ] Decide membership requirements for posting

     

       253
        
       

     

       254
        
       **Without posts, communities exist but can't be used!**

     

       255
       +
       

     

       256
       +
       **Depends on:** Blob Upload Proxy System (for image/video posts)

     

       257
        
       

     

       258
        
       ---

     

       259