commit e2826acfa65504b336495683235852b9e86c2fc4 · bretton.dev/coves

+30 -4

cmd/server/main.go

···

       389
        
       	voteRepo := postgresRepo.NewVoteRepository(db)

     

       390
        
       	log.Println("✅ Vote repository initialized (Jetstream indexing only)")

     

       391
        
       

     

       392
       -
       	// Initialize vote service (for XRPC API endpoints)

     

       393
       -
       	voteService := votes.NewService(voteRepo, oauthClient, oauthStore, nil)

     

       394
       -
       	log.Println("✅ Vote service initialized (with OAuth authentication)")

     

       395
       -
       

     

       396
        
       	// Initialize comment repository (used by Jetstream consumer for indexing)

     

       397
        
       	commentRepo := postgresRepo.NewCommentRepository(db)

     

       398
        
       	log.Println("✅ Comment repository initialized (Jetstream indexing only)")

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       399
        
       

     

       400
        
       	// Initialize comment service (for query API)

     

       401
        
       	// Requires user and community repos for proper author/community hydration per lexicon

···

       389
        
       	voteRepo := postgresRepo.NewVoteRepository(db)

     

       390
        
       	log.Println("✅ Vote repository initialized (Jetstream indexing only)")

     

       391
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       392
        
       	// Initialize comment repository (used by Jetstream consumer for indexing)

     

       393
        
       	commentRepo := postgresRepo.NewCommentRepository(db)

     

       394
        
       	log.Println("✅ Comment repository initialized (Jetstream indexing only)")

     

       395
       +
       

     

       396
       +
       	// Initialize subject validator for votes (checks posts and comments exist)

     

       397
       +
       	subjectValidator := votes.NewCompositeSubjectValidator(

     

       398
       +
       		// Post existence checker

     

       399
       +
       		func(ctx context.Context, uri string) (bool, error) {

     

       400
       +
       			_, err := postRepo.GetByURI(ctx, uri)

     

       401
       +
       			if err != nil {

     

       402
       +
       				if err == posts.ErrNotFound {

     

       403
       +
       					return false, nil

     

       404
       +
       				}

     

       405
       +
       				return false, err

     

       406
       +
       			}

     

       407
       +
       			return true, nil

     

       408
       +
       		},

     

       409
       +
       		// Comment existence checker

     

       410
       +
       		func(ctx context.Context, uri string) (bool, error) {

     

       411
       +
       			_, err := commentRepo.GetByURI(ctx, uri)

     

       412
       +
       			if err != nil {

     

       413
       +
       				if err == comments.ErrCommentNotFound {

     

       414
       +
       					return false, nil

     

       415
       +
       				}

     

       416
       +
       				return false, err

     

       417
       +
       			}

     

       418
       +
       			return true, nil

     

       419
       +
       		},

     

       420
       +
       	)

     

       421
       +
       

     

       422
       +
       	// Initialize vote service (for XRPC API endpoints)

     

       423
       +
       	voteService := votes.NewService(voteRepo, subjectValidator, oauthClient, oauthStore, nil)

     

       424
       +
       	log.Println("✅ Vote service initialized (with OAuth authentication and subject validation)")

     

       425
        
       

     

       426
        
       	// Initialize comment service (for query API)

     

       427
        
       	// Requires user and community repos for proper author/community hydration per lexicon

+10 -8

internal/api/handlers/vote/errors.go

···

       3
        
       import (

     

       4
        
       	"Coves/internal/core/votes"

     

       5
        
       	"encoding/json"

     

       0
        
       
     

       6
        
       	"log"

     

       7
        
       	"net/http"

     

       8
        
       )

     
···

       27
        
       

     

       28
        
       // handleServiceError converts service errors to appropriate HTTP responses

     

       29
        
       // Error names MUST match lexicon definitions exactly (UpperCamelCase)

     

       0
        
       
     

       30
        
       func handleServiceError(w http.ResponseWriter, err error) {

     

       31
       -
       	switch err {

     

       32
       -
       	case votes.ErrVoteNotFound:

     

       33
        
       		// Matches: social.coves.feed.vote.delete#VoteNotFound

     

       34
        
       		writeError(w, http.StatusNotFound, "VoteNotFound", "No vote found for this subject")

     

       35
       -
       	case votes.ErrSubjectNotFound:

     

       36
        
       		// Matches: social.coves.feed.vote.create#SubjectNotFound

     

       37
        
       		writeError(w, http.StatusNotFound, "SubjectNotFound", "The subject post or comment was not found")

     

       38
       -
       	case votes.ErrInvalidDirection:

     

       39
        
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Vote direction must be 'up' or 'down'")

     

       40
       -
       	case votes.ErrInvalidSubject:

     

       41
        
       		// Matches: social.coves.feed.vote.create#InvalidSubject

     

       42
        
       		writeError(w, http.StatusBadRequest, "InvalidSubject", "The subject reference is invalid or malformed")

     

       43
       -
       	case votes.ErrVoteAlreadyExists:

     

       44
        
       		writeError(w, http.StatusConflict, "AlreadyExists", "Vote already exists")

     

       45
       -
       	case votes.ErrNotAuthorized:

     

       46
        
       		// Matches: social.coves.feed.vote.create#NotAuthorized, social.coves.feed.vote.delete#NotAuthorized

     

       47
        
       		writeError(w, http.StatusForbidden, "NotAuthorized", "User is not authorized to vote on this content")

     

       48
       -
       	case votes.ErrBanned:

     

       49
        
       		writeError(w, http.StatusForbidden, "NotAuthorized", "User is not authorized to vote on this content")

     

       50
        
       	default:

     

       51
        
       		// Internal server error - log the actual error for debugging

···

       3
        
       import (

     

       4
        
       	"Coves/internal/core/votes"

     

       5
        
       	"encoding/json"

     

       6
       +
       	"errors"

     

       7
        
       	"log"

     

       8
        
       	"net/http"

     

       9
        
       )

     
···

       28
        
       

     

       29
        
       // handleServiceError converts service errors to appropriate HTTP responses

     

       30
        
       // Error names MUST match lexicon definitions exactly (UpperCamelCase)

     

       31
       +
       // Uses errors.Is() to handle wrapped errors correctly

     

       32
        
       func handleServiceError(w http.ResponseWriter, err error) {

     

       33
       +
       	switch {

     

       34
       +
       	case errors.Is(err, votes.ErrVoteNotFound):

     

       35
        
       		// Matches: social.coves.feed.vote.delete#VoteNotFound

     

       36
        
       		writeError(w, http.StatusNotFound, "VoteNotFound", "No vote found for this subject")

     

       37
       +
       	case errors.Is(err, votes.ErrSubjectNotFound):

     

       38
        
       		// Matches: social.coves.feed.vote.create#SubjectNotFound

     

       39
        
       		writeError(w, http.StatusNotFound, "SubjectNotFound", "The subject post or comment was not found")

     

       40
       +
       	case errors.Is(err, votes.ErrInvalidDirection):

     

       41
        
       		writeError(w, http.StatusBadRequest, "InvalidRequest", "Vote direction must be 'up' or 'down'")

     

       42
       +
       	case errors.Is(err, votes.ErrInvalidSubject):

     

       43
        
       		// Matches: social.coves.feed.vote.create#InvalidSubject

     

       44
        
       		writeError(w, http.StatusBadRequest, "InvalidSubject", "The subject reference is invalid or malformed")

     

       45
       +
       	case errors.Is(err, votes.ErrVoteAlreadyExists):

     

       46
        
       		writeError(w, http.StatusConflict, "AlreadyExists", "Vote already exists")

     

       47
       +
       	case errors.Is(err, votes.ErrNotAuthorized):

     

       48
        
       		// Matches: social.coves.feed.vote.create#NotAuthorized, social.coves.feed.vote.delete#NotAuthorized

     

       49
        
       		writeError(w, http.StatusForbidden, "NotAuthorized", "User is not authorized to vote on this content")

     

       50
       +
       	case errors.Is(err, votes.ErrBanned):

     

       51
        
       		writeError(w, http.StatusForbidden, "NotAuthorized", "User is not authorized to vote on this content")

     

       52
        
       	default:

     

       53
        
       		// Internal server error - log the actual error for debugging

+27 -9

internal/core/votes/service_impl.go

···

       19
        
       

     

       20
        
       // voteService implements the Service interface for vote operations

     

       21
        
       type voteService struct {

     

       22
       -
       	repo        Repository

     

       23
       -
       	oauthClient *oauthclient.OAuthClient

     

       24
       -
       	oauthStore  oauth.ClientAuthStore

     

       25
       -
       	logger      *slog.Logger

     

       0
        
       
     

       26
        
       }

     

       27
        
       

     

       28
        
       // NewService creates a new vote service instance

     

       29
       -
       func NewService(repo Repository, oauthClient *oauthclient.OAuthClient, oauthStore oauth.ClientAuthStore, logger *slog.Logger) Service {

     

       0
        
       
     

       30
        
       	if logger == nil {

     

       31
        
       		logger = slog.Default()

     

       32
        
       	}

     

       33
        
       	return &voteService{

     

       34
       -
       		repo:        repo,

     

       35
       -
       		oauthClient: oauthClient,

     

       36
       -
       		oauthStore:  oauthStore,

     

       37
       -
       		logger:      logger,

     

       0
        
       
     

       38
        
       	}

     

       39
        
       }

     

       40
        
       

     
···

       60
        
       	// Validate subject CID is provided

     

       61
        
       	if req.Subject.CID == "" {

     

       62
        
       		return nil, ErrInvalidSubject

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       63
        
       	}

     

       64
        
       

     

       65
        
       	// Check for existing vote by querying PDS directly (source of truth)

···

       19
        
       

     

       20
        
       // voteService implements the Service interface for vote operations

     

       21
        
       type voteService struct {

     

       22
       +
       	repo             Repository

     

       23
       +
       	subjectValidator SubjectValidator

     

       24
       +
       	oauthClient      *oauthclient.OAuthClient

     

       25
       +
       	oauthStore       oauth.ClientAuthStore

     

       26
       +
       	logger           *slog.Logger

     

       27
        
       }

     

       28
        
       

     

       29
        
       // NewService creates a new vote service instance

     

       30
       +
       // subjectValidator can be nil to skip subject existence checks (not recommended for production)

     

       31
       +
       func NewService(repo Repository, subjectValidator SubjectValidator, oauthClient *oauthclient.OAuthClient, oauthStore oauth.ClientAuthStore, logger *slog.Logger) Service {

     

       32
        
       	if logger == nil {

     

       33
        
       		logger = slog.Default()

     

       34
        
       	}

     

       35
        
       	return &voteService{

     

       36
       +
       		repo:             repo,

     

       37
       +
       		subjectValidator: subjectValidator,

     

       38
       +
       		oauthClient:      oauthClient,

     

       39
       +
       		oauthStore:       oauthStore,

     

       40
       +
       		logger:           logger,

     

       41
        
       	}

     

       42
        
       }

     

       43
        
       

     
···

       63
        
       	// Validate subject CID is provided

     

       64
        
       	if req.Subject.CID == "" {

     

       65
        
       		return nil, ErrInvalidSubject

     

       66
       +
       	}

     

       67
       +
       

     

       68
       +
       	// Validate subject exists in AppView (post or comment)

     

       69
       +
       	// This prevents creating votes on non-existent content

     

       70
       +
       	if s.subjectValidator != nil {

     

       71
       +
       		exists, err := s.subjectValidator.SubjectExists(ctx, req.Subject.URI)

     

       72
       +
       		if err != nil {

     

       73
       +
       			s.logger.Error("failed to validate subject existence",

     

       74
       +
       				"error", err,

     

       75
       +
       				"subject", req.Subject.URI)

     

       76
       +
       			return nil, fmt.Errorf("failed to validate subject: %w", err)

     

       77
       +
       		}

     

       78
       +
       		if !exists {

     

       79
       +
       			return nil, ErrSubjectNotFound

     

       80
       +
       		}

     

       81
        
       	}

     

       82
        
       

     

       83
        
       	// Check for existing vote by querying PDS directly (source of truth)

+50

internal/core/votes/subject_validator.go

···

       1
       +
       package votes

     

       2
       +
       

     

       3
       +
       import (

     

       4
       +
       	"context"

     

       5
       +
       	"strings"

     

       6
       +
       )

     

       7
       +
       

     

       8
       +
       // SubjectExistsFunc is a function type that checks if a subject exists

     

       9
       +
       type SubjectExistsFunc func(ctx context.Context, uri string) (bool, error)

     

       10
       +
       

     

       11
       +
       // CompositeSubjectValidator validates subjects by checking both posts and comments

     

       12
       +
       type CompositeSubjectValidator struct {

     

       13
       +
       	postExists    SubjectExistsFunc

     

       14
       +
       	commentExists SubjectExistsFunc

     

       15
       +
       }

     

       16
       +
       

     

       17
       +
       // NewCompositeSubjectValidator creates a validator that checks both posts and comments

     

       18
       +
       // Pass nil for either function to skip validation for that type

     

       19
       +
       func NewCompositeSubjectValidator(postExists, commentExists SubjectExistsFunc) *CompositeSubjectValidator {

     

       20
       +
       	return &CompositeSubjectValidator{

     

       21
       +
       		postExists:    postExists,

     

       22
       +
       		commentExists: commentExists,

     

       23
       +
       	}

     

       24
       +
       }

     

       25
       +
       

     

       26
       +
       // SubjectExists checks if a post or comment exists at the given URI

     

       27
       +
       // Determines type from the collection in the URI (e.g., social.coves.feed.post vs social.coves.feed.comment)

     

       28
       +
       func (v *CompositeSubjectValidator) SubjectExists(ctx context.Context, uri string) (bool, error) {

     

       29
       +
       	// Parse collection from AT-URI: at://did/collection/rkey

     

       30
       +
       	// Example: at://did:plc:xxx/social.coves.feed.post/abc123

     

       31
       +
       	if strings.Contains(uri, "/social.coves.feed.post/") {

     

       32
       +
       		if v.postExists != nil {

     

       33
       +
       			return v.postExists(ctx, uri)

     

       34
       +
       		}

     

       35
       +
       		// If no post checker, assume exists (for testing)

     

       36
       +
       		return true, nil

     

       37
       +
       	}

     

       38
       +
       

     

       39
       +
       	if strings.Contains(uri, "/social.coves.feed.comment/") {

     

       40
       +
       		if v.commentExists != nil {

     

       41
       +
       			return v.commentExists(ctx, uri)

     

       42
       +
       		}

     

       43
       +
       		// If no comment checker, assume exists (for testing)

     

       44
       +
       		return true, nil

     

       45
       +
       	}

     

       46
       +
       

     

       47
       +
       	// Unknown collection type - could be from another app

     

       48
       +
       	// For now, allow voting on unknown types (future-proofing)

     

       49
       +
       	return true, nil

     

       50
       +
       }

internal/core/votes/vote.go

···

       1
        
       package votes

     

       2
        
       

     

       3
        
       import (

     

       0
        
       
     

       4
        
       	"time"

     

       5
        
       )

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       6
        
       

     

       7
        
       // Vote represents a vote in the AppView database

     

       8
        
       // Votes are indexed from the firehose after being written to user repositories

···

       1
        
       package votes

     

       2
        
       

     

       3
        
       import (

     

       4
       +
       	"context"

     

       5
        
       	"time"

     

       6
        
       )

     

       7
       +
       

     

       8
       +
       // SubjectValidator validates that vote subjects (posts/comments) exist

     

       9
       +
       // This prevents creating votes on non-existent content

     

       10
       +
       type SubjectValidator interface {

     

       11
       +
       	// SubjectExists checks if a post or comment exists at the given URI

     

       12
       +
       	// Returns true if found, false if not found

     

       13
       +
       	SubjectExists(ctx context.Context, uri string) (bool, error)

     

       14
       +
       }

     

       15
        
       

     

       16
        
       // Vote represents a vote in the AppView database

     

       17
        
       // Votes are indexed from the firehose after being written to user repositories

+4 -4

tests/integration/vote_e2e_test.go

···

       85
        
       	oauthClient := SetupOAuthTestClient(t, oauthStore)

     

       86
        
       

     

       87
        
       	// Setup services

     

       88
       -
       	voteService := votes.NewService(voteRepo, oauthClient, oauthStore, nil)

     

       89
        
       

     

       90
        
       	// Create test user on PDS

     

       91
        
       	testUserHandle := fmt.Sprintf("voter-%d.local.coves.dev", time.Now().Unix())

     
···

       310
        
       

     

       311
        
       	oauthStore := SetupOAuthTestStore(t, db)

     

       312
        
       	oauthClient := SetupOAuthTestClient(t, oauthStore)

     

       313
       -
       	voteService := votes.NewService(voteRepo, oauthClient, oauthStore, nil)

     

       314
        
       

     

       315
        
       	// Create test user

     

       316
        
       	testUserHandle := fmt.Sprintf("toggle-%d.local.coves.dev", time.Now().Unix())

     
···

       469
        
       

     

       470
        
       	oauthStore := SetupOAuthTestStore(t, db)

     

       471
        
       	oauthClient := SetupOAuthTestClient(t, oauthStore)

     

       472
       -
       	voteService := votes.NewService(voteRepo, oauthClient, oauthStore, nil)

     

       473
        
       

     

       474
        
       	// Create test user

     

       475
        
       	testUserHandle := fmt.Sprintf("flip-%d.local.coves.dev", time.Now().Unix())

     
···

       648
        
       

     

       649
        
       	oauthStore := SetupOAuthTestStore(t, db)

     

       650
        
       	oauthClient := SetupOAuthTestClient(t, oauthStore)

     

       651
       -
       	voteService := votes.NewService(voteRepo, oauthClient, oauthStore, nil)

     

       652
        
       

     

       653
        
       	// Create test user

     

       654
        
       	testUserHandle := fmt.Sprintf("delete-%d.local.coves.dev", time.Now().Unix())

···

       85
        
       	oauthClient := SetupOAuthTestClient(t, oauthStore)

     

       86
        
       

     

       87
        
       	// Setup services

     

       88
       +
       	voteService := votes.NewService(voteRepo, nil, oauthClient, oauthStore, nil)

     

       89
        
       

     

       90
        
       	// Create test user on PDS

     

       91
        
       	testUserHandle := fmt.Sprintf("voter-%d.local.coves.dev", time.Now().Unix())

     
···

       310
        
       

     

       311
        
       	oauthStore := SetupOAuthTestStore(t, db)

     

       312
        
       	oauthClient := SetupOAuthTestClient(t, oauthStore)

     

       313
       +
       	voteService := votes.NewService(voteRepo, nil, oauthClient, oauthStore, nil)

     

       314
        
       

     

       315
        
       	// Create test user

     

       316
        
       	testUserHandle := fmt.Sprintf("toggle-%d.local.coves.dev", time.Now().Unix())

     
···

       469
        
       

     

       470
        
       	oauthStore := SetupOAuthTestStore(t, db)

     

       471
        
       	oauthClient := SetupOAuthTestClient(t, oauthStore)

     

       472
       +
       	voteService := votes.NewService(voteRepo, nil, oauthClient, oauthStore, nil)

     

       473
        
       

     

       474
        
       	// Create test user

     

       475
        
       	testUserHandle := fmt.Sprintf("flip-%d.local.coves.dev", time.Now().Unix())

     
···

       648
        
       

     

       649
        
       	oauthStore := SetupOAuthTestStore(t, db)

     

       650
        
       	oauthClient := SetupOAuthTestClient(t, oauthStore)

     

       651
       +
       	voteService := votes.NewService(voteRepo, nil, oauthClient, oauthStore, nil)

     

       652
        
       

     

       653
        
       	// Create test user

     

       654
        
       	testUserHandle := fmt.Sprintf("delete-%d.local.coves.dev", time.Now().Unix())