commit aacafc69344363b9b817b0dc18e998973eb764c9 · bretton.dev/coves

+8 -8

internal/core/comments/comment.go

···

       35
        
       // This is the data structure that gets stored in the user's repository

     

       36
        
       // Matches social.coves.community.comment lexicon

     

       37
        
       type CommentRecord struct {

     

       38
       -
       	Embed     map[string]interface{} `json:"embed,omitempty"`

     

       39
       -
       	Labels    *SelfLabels            `json:"labels,omitempty"`

     

       40
       -
       	Reply     ReplyRef               `json:"reply"`

     

       41
       -
       	Type      string                 `json:"$type"`

     

       42
       -
       	Content   string                 `json:"content"`

     

       43
       -
       	CreatedAt string                 `json:"createdAt"`

     

       44
       -
       	Facets    []interface{}          `json:"facets,omitempty"`

     

       45
       -
       	Langs     []string               `json:"langs,omitempty"`

     

       46
        
       }

     

       47
        
       

     

       48
        
       // ReplyRef represents the threading structure from the comment lexicon

···

       35
        
       // This is the data structure that gets stored in the user's repository

     

       36
        
       // Matches social.coves.community.comment lexicon

     

       37
        
       type CommentRecord struct {

     

       38
       +
       	Embed     interface{}  `json:"embed,omitempty"`

     

       39
       +
       	Labels    *SelfLabels  `json:"labels,omitempty"`

     

       40
       +
       	Reply     ReplyRef     `json:"reply"`

     

       41
       +
       	Type      string       `json:"$type"`

     

       42
       +
       	Content   string       `json:"content"`

     

       43
       +
       	CreatedAt string       `json:"createdAt"`

     

       44
       +
       	Facets    []interface{} `json:"facets,omitempty"`

     

       45
       +
       	Langs     []string     `json:"langs,omitempty"`

     

       46
        
       }

     

       47
        
       

     

       48
        
       // ReplyRef represents the threading structure from the comment lexicon

+376 -4

internal/core/comments/comment_service.go

···

       9
        
       	"errors"

     

       10
        
       	"fmt"

     

       11
        
       	"log"

     

       0
        
       
     

       12
        
       	"net/url"

     

       13
        
       	"strings"

     

       14
        
       	"time"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       15
        
       )

     

       16
        
       

     

       17
        
       const (

     
···

       19
        
       	// This balances UX (showing enough context) with performance (limiting query size)

     

       20
        
       	// Can be made configurable via constructor if needed in the future

     

       21
        
       	DefaultRepliesPerParent = 5

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       22
        
       )

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       23
        
       

     

       24
        
       // Service defines the business logic interface for comment operations

     

       25
        
       // Orchestrates repository calls and builds view models for API responses

     
···

       27
        
       	// GetComments retrieves and builds a threaded comment tree for a post

     

       28
        
       	// Supports hot, top, and new sorting with configurable depth and pagination

     

       29
        
       	GetComments(ctx context.Context, req *GetCommentsRequest) (*GetCommentsResponse, error)

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       30
        
       }

     

       31
        
       

     

       32
        
       // GetCommentsRequest defines the parameters for fetching comments

     
···

       43
        
       // commentService implements the Service interface

     

       44
        
       // Coordinates between repository layer and view model construction

     

       45
        
       type commentService struct {

     

       46
       -
       	commentRepo   Repository             // Comment data access

     

       47
       -
       	userRepo      users.UserRepository   // User lookup for author hydration

     

       48
       -
       	postRepo      posts.Repository       // Post lookup for building post views

     

       49
       -
       	communityRepo communities.Repository // Community lookup for community hydration

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       50
        
       }

     

       51
        
       

     

       52
        
       // NewCommentService creates a new comment service instance

     
···

       56
        
       	userRepo users.UserRepository,

     

       57
        
       	postRepo posts.Repository,

     

       58
        
       	communityRepo communities.Repository,

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       59
        
       ) Service {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       60
        
       	return &commentService{

     

       61
        
       		commentRepo:   commentRepo,

     

       62
        
       		userRepo:      userRepo,

     

       63
        
       		postRepo:      postRepo,

     

       64
        
       		communityRepo: communityRepo,

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       65
        
       	}

     

       66
        
       }

     

       67
        
       

     
···

       431
        
       	}

     

       432
        
       

     

       433
        
       	return record

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       434
        
       }

     

       435
        
       

     

       436
        
       // buildPostView converts a Post entity to a PostView for the comment response

···

       9
        
       	"errors"

     

       10
        
       	"fmt"

     

       11
        
       	"log"

     

       12
       +
       	"log/slog"

     

       13
        
       	"net/url"

     

       14
        
       	"strings"

     

       15
        
       	"time"

     

       16
       +
       

     

       17
       +
       	"github.com/bluesky-social/indigo/atproto/auth/oauth"

     

       18
       +
       	"github.com/bluesky-social/indigo/atproto/syntax"

     

       19
       +
       	"github.com/rivo/uniseg"

     

       20
       +
       

     

       21
       +
       	oauthclient "Coves/internal/atproto/oauth"

     

       22
       +
       	"Coves/internal/atproto/pds"

     

       23
        
       )

     

       24
        
       

     

       25
        
       const (

     
···

       27
        
       	// This balances UX (showing enough context) with performance (limiting query size)

     

       28
        
       	// Can be made configurable via constructor if needed in the future

     

       29
        
       	DefaultRepliesPerParent = 5

     

       30
       +
       

     

       31
       +
       	// commentCollection is the AT Protocol collection for comment records

     

       32
       +
       	commentCollection = "social.coves.community.comment"

     

       33
       +
       

     

       34
       +
       	// maxCommentGraphemes is the maximum length for comment content in graphemes

     

       35
       +
       	maxCommentGraphemes = 10000

     

       36
        
       )

     

       37
       +
       

     

       38
       +
       // PDSClientFactory creates PDS clients from session data.

     

       39
       +
       // Used to allow injection of different auth mechanisms (OAuth for production, password for tests).

     

       40
       +
       type PDSClientFactory func(ctx context.Context, session *oauth.ClientSessionData) (pds.Client, error)

     

       41
        
       

     

       42
        
       // Service defines the business logic interface for comment operations

     

       43
        
       // Orchestrates repository calls and builds view models for API responses

     
···

       45
        
       	// GetComments retrieves and builds a threaded comment tree for a post

     

       46
        
       	// Supports hot, top, and new sorting with configurable depth and pagination

     

       47
        
       	GetComments(ctx context.Context, req *GetCommentsRequest) (*GetCommentsResponse, error)

     

       48
       +
       

     

       49
       +
       	// CreateComment creates a new comment or reply

     

       50
       +
       	CreateComment(ctx context.Context, session *oauth.ClientSessionData, req CreateCommentRequest) (*CreateCommentResponse, error)

     

       51
       +
       

     

       52
       +
       	// UpdateComment updates an existing comment's content

     

       53
       +
       	UpdateComment(ctx context.Context, session *oauth.ClientSessionData, req UpdateCommentRequest) (*UpdateCommentResponse, error)

     

       54
       +
       

     

       55
       +
       	// DeleteComment soft-deletes a comment

     

       56
       +
       	DeleteComment(ctx context.Context, session *oauth.ClientSessionData, req DeleteCommentRequest) error

     

       57
        
       }

     

       58
        
       

     

       59
        
       // GetCommentsRequest defines the parameters for fetching comments

     
···

       70
        
       // commentService implements the Service interface

     

       71
        
       // Coordinates between repository layer and view model construction

     

       72
        
       type commentService struct {

     

       73
       +
       	commentRepo      Repository                // Comment data access

     

       74
       +
       	userRepo         users.UserRepository      // User lookup for author hydration

     

       75
       +
       	postRepo         posts.Repository          // Post lookup for building post views

     

       76
       +
       	communityRepo    communities.Repository    // Community lookup for community hydration

     

       77
       +
       	oauthClient      *oauthclient.OAuthClient  // OAuth client for PDS authentication

     

       78
       +
       	oauthStore       oauth.ClientAuthStore     // OAuth session store

     

       79
       +
       	logger           *slog.Logger              // Structured logger

     

       80
       +
       	pdsClientFactory PDSClientFactory          // Optional, for testing. If nil, uses OAuth.

     

       81
        
       }

     

       82
        
       

     

       83
        
       // NewCommentService creates a new comment service instance

     
···

       87
        
       	userRepo users.UserRepository,

     

       88
        
       	postRepo posts.Repository,

     

       89
        
       	communityRepo communities.Repository,

     

       90
       +
       	oauthClient *oauthclient.OAuthClient,

     

       91
       +
       	oauthStore oauth.ClientAuthStore,

     

       92
       +
       	logger *slog.Logger,

     

       93
        
       ) Service {

     

       94
       +
       	if logger == nil {

     

       95
       +
       		logger = slog.Default()

     

       96
       +
       	}

     

       97
        
       	return &commentService{

     

       98
        
       		commentRepo:   commentRepo,

     

       99
        
       		userRepo:      userRepo,

     

       100
        
       		postRepo:      postRepo,

     

       101
        
       		communityRepo: communityRepo,

     

       102
       +
       		oauthClient:   oauthClient,

     

       103
       +
       		oauthStore:    oauthStore,

     

       104
       +
       		logger:        logger,

     

       105
       +
       	}

     

       106
       +
       }

     

       107
       +
       

     

       108
       +
       // NewCommentServiceWithPDSFactory creates a comment service with a custom PDS client factory.

     

       109
       +
       // This is primarily for testing with password-based authentication.

     

       110
       +
       func NewCommentServiceWithPDSFactory(

     

       111
       +
       	commentRepo Repository,

     

       112
       +
       	userRepo users.UserRepository,

     

       113
       +
       	postRepo posts.Repository,

     

       114
       +
       	communityRepo communities.Repository,

     

       115
       +
       	logger *slog.Logger,

     

       116
       +
       	factory PDSClientFactory,

     

       117
       +
       ) Service {

     

       118
       +
       	if logger == nil {

     

       119
       +
       		logger = slog.Default()

     

       120
       +
       	}

     

       121
       +
       	return &commentService{

     

       122
       +
       		commentRepo:      commentRepo,

     

       123
       +
       		userRepo:         userRepo,

     

       124
       +
       		postRepo:         postRepo,

     

       125
       +
       		communityRepo:    communityRepo,

     

       126
       +
       		logger:           logger,

     

       127
       +
       		pdsClientFactory: factory,

     

       128
        
       	}

     

       129
        
       }

     

       130
        
       

     
···

       494
        
       	}

     

       495
        
       

     

       496
        
       	return record

     

       497
       +
       }

     

       498
       +
       

     

       499
       +
       // getPDSClient creates a PDS client from an OAuth session.

     

       500
       +
       // If a custom factory was provided (for testing), uses that.

     

       501
       +
       // Otherwise, uses DPoP authentication via indigo's APIClient for proper OAuth token handling.

     

       502
       +
       func (s *commentService) getPDSClient(ctx context.Context, session *oauth.ClientSessionData) (pds.Client, error) {

     

       503
       +
       	// Use custom factory if provided (e.g., for testing with password auth)

     

       504
       +
       	if s.pdsClientFactory != nil {

     

       505
       +
       		return s.pdsClientFactory(ctx, session)

     

       506
       +
       	}

     

       507
       +
       

     

       508
       +
       	// Production path: use OAuth with DPoP

     

       509
       +
       	if s.oauthClient == nil || s.oauthClient.ClientApp == nil {

     

       510
       +
       		return nil, fmt.Errorf("OAuth client not configured")

     

       511
       +
       	}

     

       512
       +
       

     

       513
       +
       	client, err := pds.NewFromOAuthSession(ctx, s.oauthClient.ClientApp, session)

     

       514
       +
       	if err != nil {

     

       515
       +
       		return nil, fmt.Errorf("failed to create PDS client: %w", err)

     

       516
       +
       	}

     

       517
       +
       

     

       518
       +
       	return client, nil

     

       519
       +
       }

     

       520
       +
       

     

       521
       +
       // CreateComment creates a new comment on a post or reply to another comment

     

       522
       +
       func (s *commentService) CreateComment(ctx context.Context, session *oauth.ClientSessionData, req CreateCommentRequest) (*CreateCommentResponse, error) {

     

       523
       +
       	// Validate content not empty

     

       524
       +
       	content := strings.TrimSpace(req.Content)

     

       525
       +
       	if content == "" {

     

       526
       +
       		return nil, ErrContentEmpty

     

       527
       +
       	}

     

       528
       +
       

     

       529
       +
       	// Validate content length (max 10000 graphemes)

     

       530
       +
       	if uniseg.GraphemeClusterCount(content) > maxCommentGraphemes {

     

       531
       +
       		return nil, ErrContentTooLong

     

       532
       +
       	}

     

       533
       +
       

     

       534
       +
       	// Validate reply references

     

       535
       +
       	if err := validateReplyRef(req.Reply); err != nil {

     

       536
       +
       		return nil, err

     

       537
       +
       	}

     

       538
       +
       

     

       539
       +
       	// Create PDS client for this session

     

       540
       +
       	pdsClient, err := s.getPDSClient(ctx, session)

     

       541
       +
       	if err != nil {

     

       542
       +
       		s.logger.Error("failed to create PDS client",

     

       543
       +
       			"error", err,

     

       544
       +
       			"commenter", session.AccountDID)

     

       545
       +
       		return nil, fmt.Errorf("failed to create PDS client: %w", err)

     

       546
       +
       	}

     

       547
       +
       

     

       548
       +
       	// Generate TID for the record key

     

       549
       +
       	tid := syntax.NewTIDNow(0)

     

       550
       +
       

     

       551
       +
       	// Build comment record following the lexicon schema

     

       552
       +
       	record := CommentRecord{

     

       553
       +
       		Type:      commentCollection,

     

       554
       +
       		Reply:     req.Reply,

     

       555
       +
       		Content:   content,

     

       556
       +
       		Facets:    req.Facets,

     

       557
       +
       		Embed:     req.Embed,

     

       558
       +
       		Langs:     req.Langs,

     

       559
       +
       		Labels:    req.Labels,

     

       560
       +
       		CreatedAt: time.Now().UTC().Format(time.RFC3339),

     

       561
       +
       	}

     

       562
       +
       

     

       563
       +
       	// Create the comment record on the user's PDS

     

       564
       +
       	uri, cid, err := pdsClient.CreateRecord(ctx, commentCollection, tid.String(), record)

     

       565
       +
       	if err != nil {

     

       566
       +
       		s.logger.Error("failed to create comment on PDS",

     

       567
       +
       			"error", err,

     

       568
       +
       			"commenter", session.AccountDID,

     

       569
       +
       			"root", req.Reply.Root.URI,

     

       570
       +
       			"parent", req.Reply.Parent.URI)

     

       571
       +
       		if pds.IsAuthError(err) {

     

       572
       +
       			return nil, ErrNotAuthorized

     

       573
       +
       		}

     

       574
       +
       		return nil, fmt.Errorf("failed to create comment: %w", err)

     

       575
       +
       	}

     

       576
       +
       

     

       577
       +
       	s.logger.Info("comment created",

     

       578
       +
       		"commenter", session.AccountDID,

     

       579
       +
       		"uri", uri,

     

       580
       +
       		"cid", cid,

     

       581
       +
       		"root", req.Reply.Root.URI,

     

       582
       +
       		"parent", req.Reply.Parent.URI)

     

       583
       +
       

     

       584
       +
       	return &CreateCommentResponse{

     

       585
       +
       		URI: uri,

     

       586
       +
       		CID: cid,

     

       587
       +
       	}, nil

     

       588
       +
       }

     

       589
       +
       

     

       590
       +
       // UpdateComment updates an existing comment's content

     

       591
       +
       func (s *commentService) UpdateComment(ctx context.Context, session *oauth.ClientSessionData, req UpdateCommentRequest) (*UpdateCommentResponse, error) {

     

       592
       +
       	// Validate URI format

     

       593
       +
       	if req.URI == "" {

     

       594
       +
       		return nil, ErrCommentNotFound

     

       595
       +
       	}

     

       596
       +
       	if !strings.HasPrefix(req.URI, "at://") {

     

       597
       +
       		return nil, ErrCommentNotFound

     

       598
       +
       	}

     

       599
       +
       

     

       600
       +
       	// Extract DID and rkey from URI (at://did/collection/rkey)

     

       601
       +
       	parts := strings.Split(req.URI, "/")

     

       602
       +
       	if len(parts) < 5 || parts[3] != commentCollection {

     

       603
       +
       		return nil, ErrCommentNotFound

     

       604
       +
       	}

     

       605
       +
       	did := parts[2]

     

       606
       +
       	rkey := parts[4]

     

       607
       +
       

     

       608
       +
       	// Verify ownership: URI must belong to the authenticated user

     

       609
       +
       	if did != session.AccountDID.String() {

     

       610
       +
       		return nil, ErrNotAuthorized

     

       611
       +
       	}

     

       612
       +
       

     

       613
       +
       	// Validate new content

     

       614
       +
       	content := strings.TrimSpace(req.Content)

     

       615
       +
       	if content == "" {

     

       616
       +
       		return nil, ErrContentEmpty

     

       617
       +
       	}

     

       618
       +
       

     

       619
       +
       	// Validate content length (max 10000 graphemes)

     

       620
       +
       	if uniseg.GraphemeClusterCount(content) > maxCommentGraphemes {

     

       621
       +
       		return nil, ErrContentTooLong

     

       622
       +
       	}

     

       623
       +
       

     

       624
       +
       	// Create PDS client for this session

     

       625
       +
       	pdsClient, err := s.getPDSClient(ctx, session)

     

       626
       +
       	if err != nil {

     

       627
       +
       		s.logger.Error("failed to create PDS client",

     

       628
       +
       			"error", err,

     

       629
       +
       			"commenter", session.AccountDID)

     

       630
       +
       		return nil, fmt.Errorf("failed to create PDS client: %w", err)

     

       631
       +
       	}

     

       632
       +
       

     

       633
       +
       	// Fetch existing record from PDS to get the reply refs (immutable)

     

       634
       +
       	existingRecord, err := pdsClient.GetRecord(ctx, commentCollection, rkey)

     

       635
       +
       	if err != nil {

     

       636
       +
       		s.logger.Error("failed to fetch existing comment from PDS",

     

       637
       +
       			"error", err,

     

       638
       +
       			"uri", req.URI,

     

       639
       +
       			"rkey", rkey)

     

       640
       +
       		if pds.IsAuthError(err) {

     

       641
       +
       			return nil, ErrNotAuthorized

     

       642
       +
       		}

     

       643
       +
       		if errors.Is(err, pds.ErrNotFound) {

     

       644
       +
       			return nil, ErrCommentNotFound

     

       645
       +
       		}

     

       646
       +
       		return nil, fmt.Errorf("failed to fetch existing comment: %w", err)

     

       647
       +
       	}

     

       648
       +
       

     

       649
       +
       	// Extract reply refs from existing record (must be preserved)

     

       650
       +
       	replyData, ok := existingRecord.Value["reply"].(map[string]interface{})

     

       651
       +
       	if !ok {

     

       652
       +
       		s.logger.Error("invalid reply structure in existing comment",

     

       653
       +
       			"uri", req.URI)

     

       654
       +
       		return nil, fmt.Errorf("invalid existing comment structure")

     

       655
       +
       	}

     

       656
       +
       

     

       657
       +
       	// Parse reply refs

     

       658
       +
       	var reply ReplyRef

     

       659
       +
       	replyJSON, err := json.Marshal(replyData)

     

       660
       +
       	if err != nil {

     

       661
       +
       		return nil, fmt.Errorf("failed to marshal reply data: %w", err)

     

       662
       +
       	}

     

       663
       +
       	if err := json.Unmarshal(replyJSON, &reply); err != nil {

     

       664
       +
       		return nil, fmt.Errorf("failed to unmarshal reply data: %w", err)

     

       665
       +
       	}

     

       666
       +
       

     

       667
       +
       	// Extract original createdAt timestamp (immutable)

     

       668
       +
       	createdAt, _ := existingRecord.Value["createdAt"].(string)

     

       669
       +
       	if createdAt == "" {

     

       670
       +
       		createdAt = time.Now().UTC().Format(time.RFC3339)

     

       671
       +
       	}

     

       672
       +
       

     

       673
       +
       	// Build updated comment record

     

       674
       +
       	updatedRecord := CommentRecord{

     

       675
       +
       		Type:      commentCollection,

     

       676
       +
       		Reply:     reply, // Preserve original reply refs

     

       677
       +
       		Content:   content,

     

       678
       +
       		Facets:    req.Facets,

     

       679
       +
       		Embed:     req.Embed,

     

       680
       +
       		Langs:     req.Langs,

     

       681
       +
       		Labels:    req.Labels,

     

       682
       +
       		CreatedAt: createdAt, // Preserve original timestamp

     

       683
       +
       	}

     

       684
       +
       

     

       685
       +
       	// Update the record on PDS (putRecord)

     

       686
       +
       	// Note: This creates a new CID even though the URI stays the same

     

       687
       +
       	// TODO: Use PutRecord instead of CreateRecord for proper update semantics with optimistic locking.

     

       688
       +
       	// PutRecord should accept the existing CID (existingRecord.CID) to ensure concurrent updates are detected.

     

       689
       +
       	// However, PutRecord is not yet implemented in internal/atproto/pds/client.go.

     

       690
       +
       	uri, cid, err := pdsClient.CreateRecord(ctx, commentCollection, rkey, updatedRecord)

     

       691
       +
       	if err != nil {

     

       692
       +
       		s.logger.Error("failed to update comment on PDS",

     

       693
       +
       			"error", err,

     

       694
       +
       			"uri", req.URI,

     

       695
       +
       			"rkey", rkey)

     

       696
       +
       		if pds.IsAuthError(err) {

     

       697
       +
       			return nil, ErrNotAuthorized

     

       698
       +
       		}

     

       699
       +
       		return nil, fmt.Errorf("failed to update comment: %w", err)

     

       700
       +
       	}

     

       701
       +
       

     

       702
       +
       	s.logger.Info("comment updated",

     

       703
       +
       		"commenter", session.AccountDID,

     

       704
       +
       		"uri", uri,

     

       705
       +
       		"new_cid", cid,

     

       706
       +
       		"old_cid", existingRecord.CID)

     

       707
       +
       

     

       708
       +
       	return &UpdateCommentResponse{

     

       709
       +
       		URI: uri,

     

       710
       +
       		CID: cid,

     

       711
       +
       	}, nil

     

       712
       +
       }

     

       713
       +
       

     

       714
       +
       // DeleteComment soft-deletes a comment by removing it from the user's PDS

     

       715
       +
       func (s *commentService) DeleteComment(ctx context.Context, session *oauth.ClientSessionData, req DeleteCommentRequest) error {

     

       716
       +
       	// Validate URI format

     

       717
       +
       	if req.URI == "" {

     

       718
       +
       		return ErrCommentNotFound

     

       719
       +
       	}

     

       720
       +
       	if !strings.HasPrefix(req.URI, "at://") {

     

       721
       +
       		return ErrCommentNotFound

     

       722
       +
       	}

     

       723
       +
       

     

       724
       +
       	// Extract DID and rkey from URI (at://did/collection/rkey)

     

       725
       +
       	parts := strings.Split(req.URI, "/")

     

       726
       +
       	if len(parts) < 5 || parts[3] != commentCollection {

     

       727
       +
       		return ErrCommentNotFound

     

       728
       +
       	}

     

       729
       +
       	did := parts[2]

     

       730
       +
       	rkey := parts[4]

     

       731
       +
       

     

       732
       +
       	// Verify ownership: URI must belong to the authenticated user

     

       733
       +
       	if did != session.AccountDID.String() {

     

       734
       +
       		return ErrNotAuthorized

     

       735
       +
       	}

     

       736
       +
       

     

       737
       +
       	// Create PDS client for this session

     

       738
       +
       	pdsClient, err := s.getPDSClient(ctx, session)

     

       739
       +
       	if err != nil {

     

       740
       +
       		s.logger.Error("failed to create PDS client",

     

       741
       +
       			"error", err,

     

       742
       +
       			"commenter", session.AccountDID)

     

       743
       +
       		return fmt.Errorf("failed to create PDS client: %w", err)

     

       744
       +
       	}

     

       745
       +
       

     

       746
       +
       	// Verify comment exists on PDS before deleting

     

       747
       +
       	_, err = pdsClient.GetRecord(ctx, commentCollection, rkey)

     

       748
       +
       	if err != nil {

     

       749
       +
       		s.logger.Error("failed to verify comment exists on PDS",

     

       750
       +
       			"error", err,

     

       751
       +
       			"uri", req.URI,

     

       752
       +
       			"rkey", rkey)

     

       753
       +
       		if pds.IsAuthError(err) {

     

       754
       +
       			return ErrNotAuthorized

     

       755
       +
       		}

     

       756
       +
       		if errors.Is(err, pds.ErrNotFound) {

     

       757
       +
       			return ErrCommentNotFound

     

       758
       +
       		}

     

       759
       +
       		return fmt.Errorf("failed to verify comment: %w", err)

     

       760
       +
       	}

     

       761
       +
       

     

       762
       +
       	// Delete the comment record from user's PDS

     

       763
       +
       	if err := pdsClient.DeleteRecord(ctx, commentCollection, rkey); err != nil {

     

       764
       +
       		s.logger.Error("failed to delete comment on PDS",

     

       765
       +
       			"error", err,

     

       766
       +
       			"uri", req.URI,

     

       767
       +
       			"rkey", rkey)

     

       768
       +
       		if pds.IsAuthError(err) {

     

       769
       +
       			return ErrNotAuthorized

     

       770
       +
       		}

     

       771
       +
       		return fmt.Errorf("failed to delete comment: %w", err)

     

       772
       +
       	}

     

       773
       +
       

     

       774
       +
       	s.logger.Info("comment deleted",

     

       775
       +
       		"commenter", session.AccountDID,

     

       776
       +
       		"uri", req.URI)

     

       777
       +
       

     

       778
       +
       	return nil

     

       779
       +
       }

     

       780
       +
       

     

       781
       +
       // validateReplyRef validates that reply references are well-formed

     

       782
       +
       func validateReplyRef(reply ReplyRef) error {

     

       783
       +
       	// Validate root reference

     

       784
       +
       	if reply.Root.URI == "" {

     

       785
       +
       		return ErrInvalidReply

     

       786
       +
       	}

     

       787
       +
       	if !strings.HasPrefix(reply.Root.URI, "at://") {

     

       788
       +
       		return ErrInvalidReply

     

       789
       +
       	}

     

       790
       +
       	if reply.Root.CID == "" {

     

       791
       +
       		return ErrInvalidReply

     

       792
       +
       	}

     

       793
       +
       

     

       794
       +
       	// Validate parent reference

     

       795
       +
       	if reply.Parent.URI == "" {

     

       796
       +
       		return ErrInvalidReply

     

       797
       +
       	}

     

       798
       +
       	if !strings.HasPrefix(reply.Parent.URI, "at://") {

     

       799
       +
       		return ErrInvalidReply

     

       800
       +
       	}

     

       801
       +
       	if reply.Parent.CID == "" {

     

       802
       +
       		return ErrInvalidReply

     

       803
       +
       	}

     

       804
       +
       

     

       805
       +
       	return nil

     

       806
        
       }

     

       807
        
       

     

       808
        
       // buildPostView converts a Post entity to a PostView for the comment response

+2 -2

internal/core/comments/errors.go

···

       15
        
       	// ErrRootNotFound indicates the root post doesn't exist

     

       16
        
       	ErrRootNotFound = errors.New("root post not found")

     

       17
        
       

     

       18
       -
       	// ErrContentTooLong indicates comment content exceeds 3000 graphemes

     

       19
       -
       	ErrContentTooLong = errors.New("comment content exceeds 3000 graphemes")

     

       20
        
       

     

       21
        
       	// ErrContentEmpty indicates comment content is empty

     

       22
        
       	ErrContentEmpty = errors.New("comment content is required")

···

       15
        
       	// ErrRootNotFound indicates the root post doesn't exist

     

       16
        
       	ErrRootNotFound = errors.New("root post not found")

     

       17
        
       

     

       18
       +
       	// ErrContentTooLong indicates comment content exceeds 10000 graphemes

     

       19
       +
       	ErrContentTooLong = errors.New("comment content exceeds 10000 graphemes")

     

       20
        
       

     

       21
        
       	// ErrContentEmpty indicates comment content is empty

     

       22
        
       	ErrContentEmpty = errors.New("comment content is required")

+38

internal/core/comments/types.go

···

       1
       +
       package comments

     

       2
       +
       

     

       3
       +
       // CreateCommentRequest contains parameters for creating a comment

     

       4
       +
       type CreateCommentRequest struct {

     

       5
       +
       	Reply   ReplyRef      `json:"reply"`

     

       6
       +
       	Content string        `json:"content"`

     

       7
       +
       	Facets  []interface{} `json:"facets,omitempty"`

     

       8
       +
       	Embed   interface{}   `json:"embed,omitempty"`

     

       9
       +
       	Langs   []string      `json:"langs,omitempty"`

     

       10
       +
       	Labels  *SelfLabels   `json:"labels,omitempty"`

     

       11
       +
       }

     

       12
       +
       

     

       13
       +
       // CreateCommentResponse contains the result of creating a comment

     

       14
       +
       type CreateCommentResponse struct {

     

       15
       +
       	URI string `json:"uri"`

     

       16
       +
       	CID string `json:"cid"`

     

       17
       +
       }

     

       18
       +
       

     

       19
       +
       // UpdateCommentRequest contains parameters for updating a comment

     

       20
       +
       type UpdateCommentRequest struct {

     

       21
       +
       	URI     string        `json:"uri"`

     

       22
       +
       	Content string        `json:"content"`

     

       23
       +
       	Facets  []interface{} `json:"facets,omitempty"`

     

       24
       +
       	Embed   interface{}   `json:"embed,omitempty"`

     

       25
       +
       	Langs   []string      `json:"langs,omitempty"`

     

       26
       +
       	Labels  *SelfLabels   `json:"labels,omitempty"`

     

       27
       +
       }

     

       28
       +
       

     

       29
       +
       // UpdateCommentResponse contains the result of updating a comment

     

       30
       +
       type UpdateCommentResponse struct {

     

       31
       +
       	URI string `json:"uri"`

     

       32
       +
       	CID string `json:"cid"`

     

       33
       +
       }

     

       34
       +
       

     

       35
       +
       // DeleteCommentRequest contains parameters for deleting a comment

     

       36
       +
       type DeleteCommentRequest struct {

     

       37
       +
       	URI string `json:"uri"`

     

       38
       +
       }