+1 -1

Makefile

reviewed

··· 310 310 && PKG_CONFIG_PATH=$(PKG_CONFIG_PATH) \ 311 311 LD_LIBRARY_PATH=$(shell realpath $(BUILDDIR))/lib \ 312 312 CGO_LDFLAGS="-lm" \ 313 313 - bash -euo pipefail -c "go test -p 1 -timeout 300s ./pkg/... -v | tee /dev/stderr | go-junit-report -out test.xml" 313 313 + bash -euo pipefail -c "go test -p 1 -timeout 30m ./pkg/... -v | tee /dev/stderr | go-junit-report -out test.xml" 314 314 315 315 .PHONY: iroh-test 316 316 iroh-test:

+16 -4

js/app/components/live-dashboard/livestream-panel.tsx

reviewed

··· 2 2 Button, 3 3 Checkbox, 4 4 ContentMetadataForm, 5 5 + Dashboard, 5 6 formatHandle, 6 7 formatHandleWithAt, 7 8 Input, ··· 178 179 const [selectedImage, setSelectedImage] = useState< 179 180 string | File | Blob | undefined 180 181 >(); 181 181 - const [mode, setMode] = useState<"create" | "metadata">("create"); 182 182 + const [mode, setMode] = useState<"create" | "metadata" | "moderation">( 183 183 + "create", 184 184 + ); 182 185 183 186 const [createPost, setCreatePost] = useState(true); 184 187 const [sendPushNotification, setSendPushNotification] = useState(true); ··· 210 213 setCreatePost(typeof livestream.record.post !== "undefined"); 211 214 }, [livestream, defaultCanonicalUrl]); 212 215 213 213 - const handleModeChange = useCallback((newMode: "create" | "metadata") => { 214 214 - setMode(newMode); 215 215 - }, []); 216 216 + const handleModeChange = useCallback( 217 217 + (newMode: "create" | "metadata" | "moderation") => { 218 218 + setMode(newMode); 219 219 + }, 220 220 + [], 221 221 + ); 216 222 217 223 const handleSubmit = useCallback(async () => { 218 224 if (!title.trim()) return; ··· 370 376 values={[ 371 377 { label: "Create", value: "create" }, 372 378 { label: "Metadata", value: "metadata" }, 379 379 + { label: "Moderation", value: "moderation" }, 373 380 ]} 374 381 style={[{ marginVertical: -2 }]} 375 382 selectedValue={mode} ··· 385 392 showUpdateButton={!userIsLive} 386 393 style={{ flex: 1, height: "100%" }} 387 394 /> 395 395 + </View> 396 396 + ) : mode === "moderation" ? ( 397 397 + // Moderation view 398 398 + <View style={[flex.values[1], { minHeight: 400 }]}> 399 399 + <Dashboard.ModeratorPanel isLive={userIsLive} embedded={true} /> 388 400 </View> 389 401 ) : ( 390 402 // Create/Edit view

+434 -120

js/components/src/components/chat/mod-view.tsx

reviewed

··· 1 1 import { TriggerRef, useRootContext } from "@rn-primitives/dropdown-menu"; 2 2 import { forwardRef, useEffect, useRef, useState } from "react"; 3 3 import { gap, mr, w } from "../../lib/theme/atoms"; 4 4 - import { useIsMyStream, usePlayerStore } from "../../player-store"; 4 4 + import { usePlayerStore } from "../../player-store"; 5 5 import { 6 6 useCreateBlockRecord, 7 7 useCreateHideChatRecord, 8 8 + useUpdateLivestreamRecord, 8 9 } from "../../streamplace-store/block"; 10 10 + import { 11 11 + ModerationPermissions, 12 12 + useCanModerate, 13 13 + } from "../../streamplace-store/moderation"; 9 14 import { usePDSAgent } from "../../streamplace-store/xrpc"; 10 15 11 16 import { Linking } from "react-native"; 12 17 import { ChatMessageViewHydrated } from "streamplace"; 13 13 - import { useDeleteChatMessage } from "../../livestream-store"; 18 18 + import { 19 19 + useDeleteChatMessage, 20 20 + useLivestream, 21 21 + useLivestreamStore, 22 22 + } from "../../livestream-store"; 14 23 import { useStreamplaceStore } from "../../streamplace-store"; 15 24 import { formatHandle, formatHandleWithAt } from "../../utils/format-handle"; 16 25 import { 17 26 atoms, 27 27 + Button, 28 28 + DialogFooter, 18 29 DropdownMenu, 19 30 DropdownMenuGroup, 20 31 DropdownMenuItem, 21 32 DropdownMenuTrigger, 22 33 layout, 34 34 + ResponsiveDialog, 23 35 ResponsiveDropdownMenuContent, 24 36 Text, 37 37 + Textarea, 25 38 useToast, 26 39 View, 27 40 } from "../ui"; ··· 42 55 export const ModView = forwardRef<ModViewRef, ModViewProps>(() => { 43 56 const triggerRef = useRef<TriggerRef>(null); 44 57 const message = usePlayerStore((state) => state.modMessage); 58 58 + const toast = useToast(); 45 59 46 60 let agent = usePDSAgent(); 47 61 let [messageRemoved, setMessageRemoved] = useState(false); 48 62 let { createBlock, isLoading: isBlockLoading } = useCreateBlockRecord(); 49 63 let { createHideChat, isLoading: isHideLoading } = useCreateHideChatRecord(); 64 64 + let { updateLivestream, isLoading: isUpdateTitleLoading } = 65 65 + useUpdateLivestreamRecord(); 66 66 + const livestream = useLivestream(); 67 67 + const [showUpdateTitleDialog, setShowUpdateTitleDialog] = useState(false); 50 68 51 69 const setReportModalOpen = usePlayerStore((x) => x.setReportModalOpen); 52 70 const setReportSubject = usePlayerStore((x) => x.setReportSubject); 53 71 const setModMessage = usePlayerStore((x) => x.setModMessage); 54 72 const deleteChatMessage = useDeleteChatMessage(); 55 55 - const isMyStream = useIsMyStream(); 73 73 + 74 74 + // Get the streamer's DID from the livestream profile 75 75 + const streamerDID = useLivestreamStore((x) => x.profile?.did); 76 76 + // Check moderation permissions for the current user on this streamer's channel 77 77 + const modPermissions = useCanModerate(streamerDID); 56 78 57 79 // get the channel did 58 80 const channelId = usePlayerStore((state) => state.src); 59 81 // get the logged in user's identity 60 82 const handle = useStreamplaceStore((state) => state.handle); 61 83 62 62 - if (!agent?.did) { 63 63 - <View style={[layout.flex.row, layout.flex.alignCenter, gap.all[2]]}> 64 64 - <Text>Log in to submit mod actions</Text> 65 65 - </View>; 66 66 - } 67 67 - 68 84 const cleanup = () => { 69 85 setModMessage(null); 70 86 }; 71 87 88 88 + // Effect must be called unconditionally (before any early returns) 72 89 useEffect(() => { 73 90 if (message) { 74 91 setMessageRemoved(false); ··· 78 95 } 79 96 }, [message]); 80 97 98 98 + // Early return AFTER all hooks have been called 99 99 + if (!agent?.did) { 100 100 + return ( 101 101 + <View style={[layout.flex.row, layout.flex.alignCenter, gap.all[2]]}> 102 102 + <Text>Log in to submit mod actions</Text> 103 103 + </View> 104 104 + ); 105 105 + } 106 106 + 107 107 + // Can show moderation actions if user can hide, ban, or manage livestream 108 108 + const canModerate = 109 109 + modPermissions.canHide || 110 110 + modPermissions.canBan || 111 111 + modPermissions.canManageLivestream; 112 112 + 113 113 + // Check if any moderation actions are actually available for this message 114 114 + // This must match the individual action checks inside the DropdownMenuGroup 115 115 + const hasAvailableActions = !!( 116 116 + message && 117 117 + agent?.did && 118 118 + ((modPermissions.canHide && message.author.did !== streamerDID) || 119 119 + (modPermissions.canBan && 120 120 + message.author.did !== agent.did && 121 121 + message.author.did !== streamerDID)) 122 122 + ); 123 123 + 81 124 return ( 82 82 - <DropdownMenu 83 83 - style={[layout.flex.row, layout.flex.alignCenter, gap.all[2], w[80]]} 84 84 - onOpenChange={(isOpen) => { 85 85 - if (!isOpen) { 86 86 - cleanup(); 87 87 - } 88 88 - }} 89 89 - > 90 90 - <DropdownMenuTrigger ref={triggerRef}> 91 91 - {/* Hidden trigger */} 92 92 - <View /> 93 93 - </DropdownMenuTrigger> 94 94 - <ResponsiveDropdownMenuContent> 95 95 - {message && ( 96 96 - <> 97 97 - <DropdownMenuGroup> 98 98 - <DropdownMenuItem> 99 99 - <View 100 100 - style={[ 101 101 - layout.flex.column, 102 102 - mr[5], 103 103 - { gap: 6, maxWidth: "100%" }, 104 104 - ]} 105 105 - > 106 106 - <Text 107 107 - style={{ 108 108 - fontVariant: ["tabular-nums"], 109 109 - color: atoms.colors.gray[300], 110 110 - }} 111 111 - > 112 112 - {new Date(message.record.createdAt).toLocaleTimeString([], { 113 113 - hour: "2-digit", 114 114 - minute: "2-digit", 115 115 - hour12: false, 116 116 - })}{" "} 117 117 - {formatHandleWithAt(message.author)}: {message.record.text} 118 118 - </Text> 119 119 - </View> 120 120 - </DropdownMenuItem> 121 121 - </DropdownMenuGroup> 125 125 + <> 126 126 + <DropdownMenu 127 127 + style={[layout.flex.row, layout.flex.alignCenter, gap.all[2], w[80]]} 128 128 + onOpenChange={(isOpen) => { 129 129 + if (!isOpen) { 130 130 + cleanup(); 131 131 + } 132 132 + }} 133 133 + > 134 134 + <DropdownMenuTrigger ref={triggerRef}> 135 135 + {/* Hidden trigger */} 136 136 + <View /> 137 137 + </DropdownMenuTrigger> 138 138 + <ResponsiveDropdownMenuContent> 139 139 + {message && ( 140 140 + <ModViewContent 141 141 + message={message} 142 142 + modPermissions={modPermissions} 143 143 + agent={agent} 144 144 + streamerDID={streamerDID} 145 145 + hasAvailableActions={hasAvailableActions} 146 146 + isHideLoading={isHideLoading} 147 147 + isBlockLoading={isBlockLoading} 148 148 + messageRemoved={messageRemoved} 149 149 + setMessageRemoved={setMessageRemoved} 150 150 + createHideChat={createHideChat} 151 151 + createBlock={createBlock} 152 152 + toast={toast} 153 153 + setShowUpdateTitleDialog={setShowUpdateTitleDialog} 154 154 + isUpdateTitleLoading={isUpdateTitleLoading} 155 155 + livestream={livestream} 156 156 + setReportModalOpen={setReportModalOpen} 157 157 + setReportSubject={setReportSubject} 158 158 + deleteChatMessage={deleteChatMessage} 159 159 + /> 160 160 + )} 161 161 + </ResponsiveDropdownMenuContent> 162 162 + </DropdownMenu> 163 163 + 164 164 + {/* Update Stream Title Dialog - rendered outside dropdown */} 165 165 + {showUpdateTitleDialog && ( 166 166 + <UpdateStreamTitleDialog 167 167 + livestream={livestream} 168 168 + streamerDID={streamerDID} 169 169 + updateLivestream={updateLivestream} 170 170 + isLoading={isUpdateTitleLoading} 171 171 + onClose={() => setShowUpdateTitleDialog(false)} 172 172 + /> 173 173 + )} 174 174 + </> 175 175 + ); 176 176 + }); 177 177 + 178 178 + interface ModViewContentProps { 179 179 + message: ChatMessageViewHydrated; 180 180 + modPermissions: ModerationPermissions; 181 181 + agent: ReturnType<typeof usePDSAgent>; 182 182 + streamerDID?: string; 183 183 + hasAvailableActions: boolean; 184 184 + isHideLoading: boolean; 185 185 + isBlockLoading: boolean; 186 186 + messageRemoved: boolean; 187 187 + setMessageRemoved: (removed: boolean) => void; 188 188 + createHideChat: (uri: string, streamerDID?: string) => Promise<any>; 189 189 + createBlock: (did: string, streamerDID?: string) => Promise<any>; 190 190 + toast: ReturnType<typeof useToast>; 191 191 + setShowUpdateTitleDialog: (show: boolean) => void; 192 192 + isUpdateTitleLoading: boolean; 193 193 + livestream: any; 194 194 + setReportModalOpen: (open: boolean) => void; 195 195 + setReportSubject: (subject: any) => void; 196 196 + deleteChatMessage: (uri: string) => Promise<any>; 197 197 + } 198 198 + 199 199 + function ModViewContent({ 200 200 + message, 201 201 + modPermissions, 202 202 + agent, 203 203 + streamerDID, 204 204 + hasAvailableActions, 205 205 + isHideLoading, 206 206 + isBlockLoading, 207 207 + messageRemoved, 208 208 + setMessageRemoved, 209 209 + createHideChat, 210 210 + createBlock, 211 211 + toast, 212 212 + setShowUpdateTitleDialog, 213 213 + isUpdateTitleLoading, 214 214 + livestream, 215 215 + setReportModalOpen, 216 216 + setReportSubject, 217 217 + deleteChatMessage, 218 218 + }: ModViewContentProps) { 219 219 + const { onOpenChange } = useRootContext(); 122 220 123 123 - {/* TODO: Checking for non-owner moderators */} 124 124 - {isMyStream() && ( 125 125 - <DropdownMenuGroup title={`Moderation actions`}> 126 126 - <DropdownMenuItem 127 127 - disabled={isHideLoading || messageRemoved} 128 128 - onPress={() => { 129 129 - if (isHideLoading || messageRemoved) return; 130 130 - createHideChat(message.uri) 131 131 - .then((r) => setMessageRemoved(true)) 132 132 - .catch((e) => console.error(e)); 133 133 - }} 134 134 - > 135 135 - <Text 136 136 - color={ 137 137 - isHideLoading || messageRemoved ? "muted" : "destructive" 138 138 - } 139 139 - > 140 140 - {isHideLoading 141 141 - ? "Removing..." 142 142 - : messageRemoved 143 143 - ? "Message removed" 144 144 - : "Remove this message"} 145 145 - </Text> 146 146 - </DropdownMenuItem> 147 147 - <DropdownMenuItem 148 148 - disabled={message.author.did === agent?.did || isBlockLoading} 149 149 - onPress={() => { 150 150 - createBlock(message.author.did) 151 151 - .then((r) => console.log(r)) 152 152 - .catch((e) => console.error(e)); 153 153 - }} 154 154 - > 155 155 - {message.author.did === agent?.did ? ( 156 156 - <Text color="muted"> 157 157 - Block yourself (you can't block yourself) 158 158 - </Text> 159 159 - ) : ( 160 160 - <Text color="destructive"> 161 161 - {isBlockLoading 162 162 - ? "Blocking..." 163 163 - : `Block user ${formatHandleWithAt(message.author)} from this channel`} 164 164 - </Text> 165 165 - )} 166 166 - </DropdownMenuItem> 167 167 - </DropdownMenuGroup> 168 168 - )} 221 221 + return ( 222 222 + <> 223 223 + <DropdownMenuGroup key="message-display"> 224 224 + <DropdownMenuItem> 225 225 + <View 226 226 + style={[layout.flex.column, mr[5], { gap: 6, maxWidth: "100%" }]} 227 227 + > 228 228 + <Text 229 229 + style={{ 230 230 + fontVariant: ["tabular-nums"], 231 231 + color: atoms.colors.gray[300], 232 232 + }} 233 233 + > 234 234 + {new Date(message.record.createdAt).toLocaleTimeString([], { 235 235 + hour: "2-digit", 236 236 + minute: "2-digit", 237 237 + hour12: false, 238 238 + })}{" "} 239 239 + {formatHandleWithAt(message.author)}: {message.record.text} 240 240 + </Text> 241 241 + </View> 242 242 + </DropdownMenuItem> 243 243 + </DropdownMenuGroup> 169 244 170 170 - <DropdownMenuGroup title={`User actions`}> 245 245 + {hasAvailableActions && ( 246 246 + <DropdownMenuGroup 247 247 + key="moderation-actions" 248 248 + title={`Moderation actions`} 249 249 + > 250 250 + {modPermissions.canHide && message.author.did !== streamerDID && ( 251 251 + <DropdownMenuItem 252 252 + disabled={isHideLoading || messageRemoved} 253 253 + onPress={() => { 254 254 + if (isHideLoading || messageRemoved) return; 255 255 + createHideChat(message.uri, streamerDID ?? undefined) 256 256 + .then((r) => setMessageRemoved(true)) 257 257 + .catch((e) => console.error(e)); 258 258 + }} 259 259 + > 260 260 + <Text 261 261 + color={isHideLoading || messageRemoved ? "muted" : "warning"} 262 262 + > 263 263 + {isHideLoading 264 264 + ? "Hiding..." 265 265 + : messageRemoved 266 266 + ? "Message hidden" 267 267 + : "Hide this message"} 268 268 + </Text> 269 269 + </DropdownMenuItem> 270 270 + )} 271 271 + {modPermissions.canBan && 272 272 + agent?.did && 273 273 + message.author.did !== agent.did && 274 274 + message.author.did !== streamerDID && ( 171 275 <DropdownMenuItem 276 276 + disabled={isBlockLoading} 172 277 onPress={() => { 173 173 - Linking.openURL( 174 174 - `https://${BSKY_FRONTEND_DOMAIN}/profile/${formatHandle(message.author)}`, 175 175 - ); 278 278 + if (isBlockLoading) return; 279 279 + createBlock(message.author.did, streamerDID ?? undefined) 280 280 + .then((r) => { 281 281 + toast.show( 282 282 + "User blocked", 283 283 + `${formatHandleWithAt(message.author)} has been blocked from this channel.`, 284 284 + { duration: 3 }, 285 285 + ); 286 286 + onOpenChange?.(false); 287 287 + }) 288 288 + .catch((e) => { 289 289 + console.error(e); 290 290 + toast.show( 291 291 + "Error blocking user", 292 292 + e instanceof Error ? e.message : "Failed to block user", 293 293 + { duration: 5 }, 294 294 + ); 295 295 + }); 176 296 }} 177 297 > 178 178 - <Text color="primary">View user on {BSKY_FRONTEND_DOMAIN}</Text> 298 298 + <Text color="destructive"> 299 299 + {isBlockLoading 300 300 + ? "Blocking..." 301 301 + : `Block user ${formatHandleWithAt(message.author)} from this channel`} 302 302 + </Text> 179 303 </DropdownMenuItem> 180 180 - {message.author.did === agent?.did && ( 181 181 - <DeleteButton 182 182 - message={message} 183 183 - deleteChatMessage={deleteChatMessage} 184 184 - /> 185 185 - )} 186 186 - {message.author.did !== agent?.did && ( 187 187 - <ReportButton 188 188 - message={message} 189 189 - setReportModalOpen={setReportModalOpen} 190 190 - setReportSubject={setReportSubject} 191 191 - /> 192 192 - )} 193 193 - </DropdownMenuGroup> 194 194 - </> 304 304 + )} 305 305 + </DropdownMenuGroup> 306 306 + )} 307 307 + 308 308 + {modPermissions.canManageLivestream && ( 309 309 + <DropdownMenuGroup key="stream-actions" title={`Stream actions`}> 310 310 + <DropdownMenuItem 311 311 + onPress={() => { 312 312 + setShowUpdateTitleDialog(true); 313 313 + }} 314 314 + disabled={isUpdateTitleLoading || !livestream} 315 315 + > 316 316 + <Text 317 317 + color={isUpdateTitleLoading || !livestream ? "muted" : "primary"} 318 318 + > 319 319 + {isUpdateTitleLoading ? "Updating..." : "Update stream title"} 320 320 + </Text> 321 321 + </DropdownMenuItem> 322 322 + </DropdownMenuGroup> 323 323 + )} 324 324 + 325 325 + <DropdownMenuGroup key="user-actions" title={`User actions`}> 326 326 + <DropdownMenuItem 327 327 + onPress={() => { 328 328 + Linking.openURL( 329 329 + `https://${BSKY_FRONTEND_DOMAIN}/profile/${formatHandle(message.author)}`, 330 330 + ); 331 331 + }} 332 332 + > 333 333 + <Text color="primary">View user on {BSKY_FRONTEND_DOMAIN}</Text> 334 334 + </DropdownMenuItem> 335 335 + {message.author.did === agent?.did && ( 336 336 + <DeleteButton 337 337 + message={message} 338 338 + deleteChatMessage={deleteChatMessage} 339 339 + onOpenChange={onOpenChange} 340 340 + /> 341 341 + )} 342 342 + {message.author.did !== agent?.did && ( 343 343 + <ReportButton 344 344 + message={message} 345 345 + setReportModalOpen={setReportModalOpen} 346 346 + setReportSubject={setReportSubject} 347 347 + onOpenChange={onOpenChange} 348 348 + /> 195 349 )} 196 196 - </ResponsiveDropdownMenuContent> 197 197 - </DropdownMenu> 350 350 + </DropdownMenuGroup> 351 351 + </> 198 352 ); 199 199 - }); 353 353 + } 200 354 201 355 enum DeleteState { 202 356 None, ··· 207 361 export function DeleteButton({ 208 362 message, 209 363 deleteChatMessage, 364 364 + onOpenChange, 210 365 }: { 211 366 message: ChatMessageViewHydrated; 212 367 deleteChatMessage: (uri: string) => Promise<any>; 368 368 + onOpenChange?: (open: boolean) => void; 213 369 }) { 214 370 const [confirming, setConfirming] = useState<DeleteState>(DeleteState.None); 215 215 - const { onOpenChange } = useRootContext(); 216 371 const toast = useToast(); 217 372 return ( 218 373 <DropdownMenuItem ··· 253 408 message, 254 409 setReportModalOpen, 255 410 setReportSubject, 411 411 + onOpenChange, 256 412 }: { 257 413 message: ChatMessageViewHydrated; 258 414 setReportModalOpen: (open: boolean) => void; 259 415 setReportSubject: (subject: any) => void; 416 416 + onOpenChange?: (open: boolean) => void; 260 417 }) { 261 261 - const { onOpenChange } = useRootContext(); 262 418 return ( 263 419 <DropdownMenuItem 264 420 onPress={() => { ··· 277 433 </DropdownMenuItem> 278 434 ); 279 435 } 436 436 + 437 437 + interface UpdateStreamTitleDialogProps { 438 438 + livestream: any; 439 439 + streamerDID?: string; 440 440 + updateLivestream: ( 441 441 + livestreamUri: string, 442 442 + title: string, 443 443 + streamerDID?: string, 444 444 + ) => Promise<any>; 445 445 + isLoading: boolean; 446 446 + onClose: () => void; 447 447 + } 448 448 + 449 449 + function UpdateStreamTitleDialog({ 450 450 + livestream, 451 451 + streamerDID, 452 452 + updateLivestream, 453 453 + isLoading, 454 454 + onClose, 455 455 + }: UpdateStreamTitleDialogProps) { 456 456 + const [title, setTitle] = useState(livestream?.record?.title || ""); 457 457 + const [error, setError] = useState<string | null>(null); 458 458 + const toast = useToast(); 459 459 + 460 460 + useEffect(() => { 461 461 + if (livestream?.record?.title) { 462 462 + setTitle(livestream.record.title); 463 463 + } 464 464 + }, [livestream?.record?.title]); 465 465 + 466 466 + const handleUpdate = async () => { 467 467 + setError(null); 468 468 + 469 469 + if (!title.trim()) { 470 470 + setError("Please enter a stream title"); 471 471 + return; 472 472 + } 473 473 + 474 474 + if (!livestream?.uri) { 475 475 + setError("No livestream found"); 476 476 + return; 477 477 + } 478 478 + 479 479 + try { 480 480 + await updateLivestream(livestream.uri, title.trim(), streamerDID); 481 481 + toast.show( 482 482 + "Stream title updated", 483 483 + "The stream title has been successfully updated.", 484 484 + { duration: 3 }, 485 485 + ); 486 486 + onClose(); 487 487 + } catch (err) { 488 488 + setError( 489 489 + err instanceof Error ? err.message : "Failed to update stream title", 490 490 + ); 491 491 + } 492 492 + }; 493 493 + 494 494 + return ( 495 495 + <ResponsiveDialog 496 496 + open={true} 497 497 + onOpenChange={(open) => { 498 498 + if (!open) { 499 499 + onClose(); 500 500 + setError(null); 501 501 + setTitle(livestream?.record?.title || ""); 502 502 + } 503 503 + }} 504 504 + title="Update Stream Title" 505 505 + description="Update the title of the livestream." 506 506 + size="md" 507 507 + dismissible={false} 508 508 + > 509 509 + <View style={[{ padding: 16, paddingBottom: 0 }]}> 510 510 + <View style={[{ marginBottom: 16 }]}> 511 511 + <Text 512 512 + style={[ 513 513 + { color: atoms.colors.gray[300], fontSize: 13, marginBottom: 8 }, 514 514 + ]} 515 515 + > 516 516 + Stream Title 517 517 + </Text> 518 518 + <Textarea 519 519 + value={title} 520 520 + onChangeText={(text) => { 521 521 + setTitle(text); 522 522 + setError(null); 523 523 + }} 524 524 + placeholder="Enter stream title..." 525 525 + maxLength={140} 526 526 + multiline 527 527 + style={[ 528 528 + { 529 529 + padding: 12, 530 530 + borderRadius: 8, 531 531 + backgroundColor: atoms.colors.neutral[800], 532 532 + color: atoms.colors.white, 533 533 + borderWidth: 1, 534 534 + borderColor: atoms.colors.neutral[600], 535 535 + minHeight: 100, 536 536 + fontSize: 16, 537 537 + }, 538 538 + ]} 539 539 + /> 540 540 + <Text 541 541 + style={[ 542 542 + { color: atoms.colors.gray[400], fontSize: 12, marginTop: 4 }, 543 543 + ]} 544 544 + > 545 545 + {title.length}/140 characters 546 546 + </Text> 547 547 + </View> 548 548 + 549 549 + {error && ( 550 550 + <View 551 551 + style={[ 552 552 + { 553 553 + backgroundColor: atoms.colors.red[900], 554 554 + padding: 12, 555 555 + borderRadius: 8, 556 556 + borderWidth: 1, 557 557 + borderColor: atoms.colors.red[700], 558 558 + marginBottom: 16, 559 559 + }, 560 560 + ]} 561 561 + > 562 562 + <Text style={[{ color: atoms.colors.red[400], fontSize: 13 }]}> 563 563 + {error} 564 564 + </Text> 565 565 + </View> 566 566 + )} 567 567 + </View> 568 568 + 569 569 + <DialogFooter> 570 570 + <Button 571 571 + width="min" 572 572 + variant="secondary" 573 573 + onPress={() => { 574 574 + onClose(); 575 575 + setError(null); 576 576 + setTitle(livestream?.record?.title || ""); 577 577 + }} 578 578 + disabled={isLoading} 579 579 + > 580 580 + <Text>Cancel</Text> 581 581 + </Button> 582 582 + <Button 583 583 + variant="primary" 584 584 + width="min" 585 585 + onPress={handleUpdate} 586 586 + disabled={isLoading || !title.trim()} 587 587 + > 588 588 + <Text>{isLoading ? "Updating..." : "Update Title"}</Text> 589 589 + </Button> 590 590 + </DialogFooter> 591 591 + </ResponsiveDialog> 592 592 + ); 593 593 + }

+1

js/components/src/components/dashboard/index.tsx

reviewed

··· 2 2 export { default as Header } from "./header"; 3 3 export { default as InformationWidget } from "./information-widget"; 4 4 export { default as ModActions } from "./mod-actions"; 5 5 + export { default as ModeratorPanel } from "./moderator-panel"; 5 6 export { default as Problems, ProblemsWrapperRef } from "./problems";

+630

js/components/src/components/dashboard/moderator-panel.tsx

reviewed

··· 1 1 + import { Check, Shield, Trash2, UserPlus } from "lucide-react-native"; 2 2 + import { useEffect, useMemo, useState } from "react"; 3 3 + import { Pressable, ScrollView, Text, View } from "react-native"; 4 4 + import { 5 5 + Button, 6 6 + Dialog, 7 7 + DialogFooter, 8 8 + Input, 9 9 + ResponsiveDialog, 10 10 + useToast, 11 11 + } from "../../components/ui"; 12 12 + import { useAvatars } from "../../hooks/useAvatars"; 13 13 + import { atoms } from "../../lib/theme"; 14 14 + import { 15 15 + useAddModerator, 16 16 + useListModerators, 17 17 + useRemoveModerator, 18 18 + } from "../../streamplace-store/moderator-management"; 19 19 + import { formatHandleWithAt } from "../../utils/format-handle"; 20 20 + 21 21 + const { 22 22 + flex, 23 23 + bg, 24 24 + r, 25 25 + borders, 26 26 + p, 27 27 + text: textStyle, 28 28 + layout, 29 29 + gap, 30 30 + mb, 31 31 + my, 32 32 + px, 33 33 + py, 34 34 + } = atoms; 35 35 + 36 36 + interface ModeratorPanelProps { 37 37 + isLive?: boolean; 38 38 + embedded?: boolean; // If true, removes outer container styling (for use inside other panels) 39 39 + } 40 40 + 41 41 + export default function ModeratorPanel({ 42 42 + isLive, 43 43 + embedded = false, 44 44 + }: ModeratorPanelProps) { 45 45 + const { moderators, isLoading, error, refresh } = useListModerators(); 46 46 + const [showAddDialog, setShowAddDialog] = useState(false); 47 47 + 48 48 + // Collect all moderator DIDs for batch fetching profiles 49 49 + const moderatorDIDs = useMemo( 50 50 + () => moderators.map((mod) => mod.value.moderator), 51 51 + [moderators], 52 52 + ); 53 53 + 54 54 + const containerStyle = embedded 55 55 + ? [flex.values[1], layout.flex.column] 56 56 + : [ 57 57 + flex.values[1], 58 58 + bg.neutral[900], 59 59 + r.lg, 60 60 + borders.width.thin, 61 61 + borders.color.neutral[700], 62 62 + layout.flex.column, 63 63 + ]; 64 64 + 65 65 + return ( 66 66 + <View style={containerStyle}> 67 67 + {/* Header */} 68 68 + <View 69 69 + style={[ 70 70 + layout.flex.row, 71 71 + layout.flex.spaceBetween, 72 72 + layout.flex.alignCenter, 73 73 + borders.bottom.width.thin, 74 74 + borders.bottom.color.neutral[700], 75 75 + p[4], 76 76 + ]} 77 77 + > 78 78 + <View style={[layout.flex.row, layout.flex.alignCenter, gap.all[2]]}> 79 79 + <Shield size={18} color="#ffffff" /> 80 80 + <Text style={[textStyle.white, { fontSize: 18, fontWeight: "600" }]}> 81 81 + Moderators 82 82 + </Text> 83 83 + </View> 84 84 + <Pressable 85 85 + onPress={() => setShowAddDialog(true)} 86 86 + style={[ 87 87 + layout.flex.row, 88 88 + layout.flex.alignCenter, 89 89 + gap.all[2], 90 90 + bg.blue[600], 91 91 + px[3], 92 92 + py[2], 93 93 + r.md, 94 94 + ]} 95 95 + > 96 96 + <UserPlus size={16} color="#ffffff" /> 97 97 + <Text style={[textStyle.white, { fontSize: 13, fontWeight: "500" }]}> 98 98 + Add 99 99 + </Text> 100 100 + </Pressable> 101 101 + </View> 102 102 + 103 103 + {/* Content */} 104 104 + <ScrollView style={[flex.values[1], p[4]]}> 105 105 + {isLoading && moderators.length === 0 && ( 106 106 + <Text 107 107 + style={[textStyle.gray[400], { fontSize: 14, textAlign: "center" }]} 108 108 + > 109 109 + Loading moderators... 110 110 + </Text> 111 111 + )} 112 112 + 113 113 + {error && ( 114 114 + <View 115 115 + style={[ 116 116 + bg.red[900], 117 117 + p[3], 118 118 + r.md, 119 119 + borders.width.thin, 120 120 + borders.color.red[700], 121 121 + ]} 122 122 + > 123 123 + <Text style={[textStyle.red[400], { fontSize: 13 }]}>{error}</Text> 124 124 + </View> 125 125 + )} 126 126 + 127 127 + {!isLoading && moderators.length === 0 && !error && ( 128 128 + <View style={[layout.flex.center, p[6]]}> 129 129 + <Shield size={48} color="#6b7280" style={[mb[4]]} /> 130 130 + <Text 131 131 + style={[ 132 132 + textStyle.gray[400], 133 133 + { fontSize: 14, textAlign: "center", marginBottom: 8 }, 134 134 + ]} 135 135 + > 136 136 + No moderators yet 137 137 + </Text> 138 138 + <Text 139 139 + style={[ 140 140 + textStyle.gray[500], 141 141 + { fontSize: 12, textAlign: "center" }, 142 142 + ]} 143 143 + > 144 144 + Add moderators to help manage your chat 145 145 + </Text> 146 146 + </View> 147 147 + )} 148 148 + 149 149 + {moderators.map((mod, index) => ( 150 150 + <ModeratorCard 151 151 + key={mod.rkey} 152 152 + moderator={mod} 153 153 + onRemove={refresh} 154 154 + isLast={index === moderators.length - 1} 155 155 + moderatorDIDs={moderatorDIDs} 156 156 + /> 157 157 + ))} 158 158 + </ScrollView> 159 159 + 160 160 + {/* Add Moderator Dialog */} 161 161 + <AddModeratorDialog 162 162 + visible={showAddDialog} 163 163 + onClose={() => setShowAddDialog(false)} 164 164 + onSuccess={() => { 165 165 + setShowAddDialog(false); 166 166 + refresh(); 167 167 + }} 168 168 + /> 169 169 + </View> 170 170 + ); 171 171 + } 172 172 + 173 173 + interface ModeratorCardProps { 174 174 + moderator: { 175 175 + uri: string; 176 176 + cid: string; 177 177 + value: { 178 178 + moderator: string; 179 179 + permissions: string[]; 180 180 + createdAt: string; 181 181 + expirationTime?: string; 182 182 + }; 183 183 + rkey: string; 184 184 + }; 185 185 + onRemove: () => void; 186 186 + isLast: boolean; 187 187 + moderatorDIDs: string[]; // All moderator DIDs for batch fetching 188 188 + } 189 189 + 190 190 + function ModeratorCard({ 191 191 + moderator, 192 192 + onRemove, 193 193 + isLast, 194 194 + moderatorDIDs, 195 195 + }: ModeratorCardProps) { 196 196 + const { removeModerator, isLoading } = useRemoveModerator(); 197 197 + const [showConfirm, setShowConfirm] = useState(false); 198 198 + const toast = useToast(); 199 199 + 200 200 + // Use useAvatars hook to batch-fetch profiles for all moderators 201 201 + const profiles = useAvatars(moderatorDIDs); 202 202 + const profile = profiles[moderator.value.moderator]; 203 203 + 204 204 + // Format display name using existing utility 205 205 + const displayName = useMemo(() => { 206 206 + if (profile) { 207 207 + return formatHandleWithAt(profile); 208 208 + } 209 209 + return moderator.value.moderator; // Fall back to DID 210 210 + }, [profile, moderator.value.moderator]); 211 211 + 212 212 + const handleRemove = async () => { 213 213 + try { 214 214 + await removeModerator(moderator.rkey); 215 215 + setShowConfirm(false); 216 216 + toast.show( 217 217 + "Moderator removed", 218 218 + "The moderator has been successfully removed.", 219 219 + { duration: 3 }, 220 220 + ); 221 221 + onRemove(); 222 222 + } catch (err) { 223 223 + console.error("Failed to remove moderator:", err); 224 224 + toast.show( 225 225 + "Error removing moderator", 226 226 + err instanceof Error ? err.message : "Failed to remove moderator", 227 227 + { duration: 5 }, 228 228 + ); 229 229 + } 230 230 + }; 231 231 + 232 232 + const isExpired = 233 233 + moderator.value.expirationTime && 234 234 + new Date(moderator.value.expirationTime) < new Date(); 235 235 + 236 236 + return ( 237 237 + <View 238 238 + style={[ 239 239 + layout.flex.row, 240 240 + layout.flex.spaceBetween, 241 241 + layout.flex.alignCenter, 242 242 + p[3], 243 243 + bg.neutral[800], 244 244 + r.md, 245 245 + !isLast && mb[2], 246 246 + borders.width.thin, 247 247 + borders.color.neutral[700], 248 248 + ]} 249 249 + > 250 250 + <View style={[flex.values[1]]}> 251 251 + <Text 252 252 + style={[ 253 253 + textStyle.white, 254 254 + { fontSize: 14, fontWeight: "500", marginBottom: 4 }, 255 255 + ]} 256 256 + numberOfLines={1} 257 257 + > 258 258 + {displayName} 259 259 + </Text> 260 260 + <View style={[layout.flex.row, { flexWrap: "wrap" }, gap.all[1]]}> 261 261 + {moderator.value.permissions.map((perm) => ( 262 262 + <View 263 263 + key={perm} 264 264 + style={[ 265 265 + bg.blue[900], 266 266 + px[2], 267 267 + py[1], 268 268 + r.sm, 269 269 + borders.width.thin, 270 270 + borders.color.blue[700], 271 271 + ]} 272 272 + > 273 273 + <Text 274 274 + style={[ 275 275 + textStyle.blue[300], 276 276 + { fontSize: 11, fontWeight: "500" }, 277 277 + ]} 278 278 + > 279 279 + {perm} 280 280 + </Text> 281 281 + </View> 282 282 + ))} 283 283 + {isExpired && ( 284 284 + <View 285 285 + style={[ 286 286 + bg.red[900], 287 287 + px[2], 288 288 + py[1], 289 289 + r.sm, 290 290 + borders.width.thin, 291 291 + borders.color.red[700], 292 292 + ]} 293 293 + > 294 294 + <Text 295 295 + style={[ 296 296 + textStyle.red[300], 297 297 + { fontSize: 11, fontWeight: "500" }, 298 298 + ]} 299 299 + > 300 300 + Expired 301 301 + </Text> 302 302 + </View> 303 303 + )} 304 304 + </View> 305 305 + {moderator.value.expirationTime && !isExpired && ( 306 306 + <Text style={[textStyle.gray[400], { fontSize: 11, marginTop: 4 }]}> 307 307 + Expires:{" "} 308 308 + {new Date(moderator.value.expirationTime).toLocaleDateString()} 309 309 + </Text> 310 310 + )} 311 311 + </View> 312 312 + <Pressable 313 313 + onPress={() => setShowConfirm(true)} 314 314 + disabled={isLoading} 315 315 + style={[ 316 316 + p[2], 317 317 + r.md, 318 318 + bg.red[900], 319 319 + borders.width.thin, 320 320 + borders.color.red[700], 321 321 + isLoading && { opacity: 0.5 }, 322 322 + ]} 323 323 + > 324 324 + <Trash2 size={16} color="#f87171" /> 325 325 + </Pressable> 326 326 + 327 327 + {/* Confirm Delete Dialog */} 328 328 + <Dialog 329 329 + open={showConfirm} 330 330 + onOpenChange={setShowConfirm} 331 331 + title="Remove Moderator?" 332 332 + description="This will revoke all moderation permissions for this user." 333 333 + dismissible={false} 334 334 + > 335 335 + <DialogFooter> 336 336 + <Button 337 337 + variant="secondary" 338 338 + onPress={() => setShowConfirm(false)} 339 339 + disabled={isLoading} 340 340 + > 341 341 + <Text>Cancel</Text> 342 342 + </Button> 343 343 + <Button 344 344 + variant="destructive" 345 345 + onPress={handleRemove} 346 346 + disabled={isLoading} 347 347 + > 348 348 + <Text>{isLoading ? "Removing..." : "Remove"}</Text> 349 349 + </Button> 350 350 + </DialogFooter> 351 351 + </Dialog> 352 352 + </View> 353 353 + ); 354 354 + } 355 355 + 356 356 + interface AddModeratorDialogProps { 357 357 + visible: boolean; 358 358 + onClose: () => void; 359 359 + onSuccess: () => void; 360 360 + } 361 361 + 362 362 + function AddModeratorDialog({ 363 363 + visible, 364 364 + onClose, 365 365 + onSuccess, 366 366 + }: AddModeratorDialogProps) { 367 367 + const { addModerator, isLoading } = useAddModerator(); 368 368 + const [moderatorDID, setModeratorDID] = useState(""); 369 369 + const [permissions, setPermissions] = useState({ 370 370 + ban: false, 371 371 + hide: false, 372 372 + "livestream.manage": false, 373 373 + }); 374 374 + const [error, setError] = useState<string | null>(null); 375 375 + const toast = useToast(); 376 376 + 377 377 + // Reset form when dialog closes 378 378 + useEffect(() => { 379 379 + if (!visible) { 380 380 + setModeratorDID(""); 381 381 + setPermissions({ ban: false, hide: false, "livestream.manage": false }); 382 382 + setError(null); 383 383 + } 384 384 + }, [visible]); 385 385 + 386 386 + // Clear error when user starts typing 387 387 + const handleDIDChange = (text: string) => { 388 388 + setModeratorDID(text); 389 389 + if (error) setError(null); 390 390 + }; 391 391 + 392 392 + const handleAdd = async () => { 393 393 + setError(null); 394 394 + 395 395 + if (!moderatorDID.trim()) { 396 396 + setError("Please enter a DID or handle"); 397 397 + return; 398 398 + } 399 399 + 400 400 + const selectedPermissions = Object.entries(permissions) 401 401 + .filter(([_, enabled]) => enabled) 402 402 + .map(([perm]) => perm) as ("ban" | "hide" | "livestream.manage")[]; 403 403 + 404 404 + if (selectedPermissions.length === 0) { 405 405 + setError("Please select at least one permission"); 406 406 + return; 407 407 + } 408 408 + 409 409 + try { 410 410 + await addModerator({ 411 411 + moderatorDID: moderatorDID.trim(), 412 412 + permissions: selectedPermissions, 413 413 + }); 414 414 + toast.show( 415 415 + "Moderator added", 416 416 + "The new moderator has been added successfully.", 417 417 + { duration: 3 }, 418 418 + ); 419 419 + onSuccess(); 420 420 + } catch (err) { 421 421 + setError(err instanceof Error ? err.message : "Failed to add moderator"); 422 422 + } 423 423 + }; 424 424 + 425 425 + return ( 426 426 + <ResponsiveDialog 427 427 + open={visible} 428 428 + onOpenChange={(open) => { 429 429 + if (!open) onClose(); 430 430 + }} 431 431 + title="Add Moderator" 432 432 + description="Enter the DID or handle of the user you want to add as a moderator and select their permissions." 433 433 + size="md" 434 434 + dismissible={false} 435 435 + > 436 436 + {/* DID Input */} 437 437 + <View style={[my[4]]}> 438 438 + <Text style={[textStyle.gray[300], { fontSize: 13, marginBottom: 8 }]}> 439 439 + Moderator DID or Handle 440 440 + </Text> 441 441 + <Input 442 442 + value={moderatorDID} 443 443 + onChangeText={handleDIDChange} 444 444 + placeholder="did:plc:... or @handle.bsky.social" 445 445 + onSubmitEditing={handleAdd} 446 446 + returnKeyType="done" 447 447 + /> 448 448 + </View> 449 449 + 450 450 + {/* Permissions */} 451 451 + <View style={[mb[4]]}> 452 452 + <Text style={[textStyle.gray[300], { fontSize: 13, marginBottom: 8 }]}> 453 453 + Permissions 454 454 + </Text> 455 455 + <View style={[gap.all[2]]}> 456 456 + <Pressable 457 457 + onPress={() => setPermissions((p) => ({ ...p, ban: !p.ban }))} 458 458 + style={[ 459 459 + layout.flex.row, 460 460 + layout.flex.alignCenter, 461 461 + p[3], 462 462 + r.md, 463 463 + bg.neutral[800], 464 464 + borders.width.thin, 465 465 + borders.color.neutral[700], 466 466 + ]} 467 467 + > 468 468 + <View 469 469 + style={[ 470 470 + { 471 471 + width: 20, 472 472 + height: 20, 473 473 + borderRadius: 4, 474 474 + }, 475 475 + borders.width.thin, 476 476 + borders.color.neutral[600], 477 477 + permissions.ban ? bg.blue[600] : bg.neutral[900], 478 478 + layout.flex.center, 479 479 + { marginRight: 12 }, 480 480 + ]} 481 481 + > 482 482 + {permissions.ban && <Check size={12} color="white" />} 483 483 + </View> 484 484 + <View> 485 485 + <Text 486 486 + style={[textStyle.white, { fontSize: 14, fontWeight: "500" }]} 487 487 + > 488 488 + Ban Users 489 489 + </Text> 490 490 + <Text style={[textStyle.gray[400], { fontSize: 12 }]}> 491 491 + Block users from chat 492 492 + </Text> 493 493 + </View> 494 494 + </Pressable> 495 495 + 496 496 + <Pressable 497 497 + onPress={() => setPermissions((p) => ({ ...p, hide: !p.hide }))} 498 498 + style={[ 499 499 + layout.flex.row, 500 500 + layout.flex.alignCenter, 501 501 + p[3], 502 502 + r.md, 503 503 + bg.neutral[800], 504 504 + borders.width.thin, 505 505 + borders.color.neutral[700], 506 506 + ]} 507 507 + > 508 508 + <View 509 509 + style={[ 510 510 + { 511 511 + width: 20, 512 512 + height: 20, 513 513 + borderRadius: 4, 514 514 + }, 515 515 + borders.width.thin, 516 516 + borders.color.neutral[600], 517 517 + permissions.hide ? bg.blue[600] : bg.neutral[900], 518 518 + layout.flex.center, 519 519 + { marginRight: 12 }, 520 520 + ]} 521 521 + > 522 522 + {permissions.hide && ( 523 523 + <Text style={[textStyle.white, { fontSize: 12 }]}>✓</Text> 524 524 + )} 525 525 + </View> 526 526 + <View> 527 527 + <Text 528 528 + style={[textStyle.white, { fontSize: 14, fontWeight: "500" }]} 529 529 + > 530 530 + Hide Messages 531 531 + </Text> 532 532 + <Text style={[textStyle.gray[400], { fontSize: 12 }]}> 533 533 + Hide individual chat messages 534 534 + </Text> 535 535 + </View> 536 536 + </Pressable> 537 537 + 538 538 + <Pressable 539 539 + onPress={() => 540 540 + setPermissions((p) => ({ 541 541 + ...p, 542 542 + "livestream.manage": !p["livestream.manage"], 543 543 + })) 544 544 + } 545 545 + style={[ 546 546 + layout.flex.row, 547 547 + layout.flex.alignCenter, 548 548 + p[3], 549 549 + r.md, 550 550 + bg.neutral[800], 551 551 + borders.width.thin, 552 552 + borders.color.neutral[700], 553 553 + ]} 554 554 + > 555 555 + <View 556 556 + style={[ 557 557 + { 558 558 + width: 20, 559 559 + height: 20, 560 560 + borderRadius: 4, 561 561 + }, 562 562 + borders.width.thin, 563 563 + borders.color.neutral[600], 564 564 + permissions["livestream.manage"] 565 565 + ? bg.blue[600] 566 566 + : bg.neutral[900], 567 567 + layout.flex.center, 568 568 + { marginRight: 12 }, 569 569 + ]} 570 570 + > 571 571 + {permissions["livestream.manage"] && ( 572 572 + <Text style={[textStyle.white, { fontSize: 12 }]}>✓</Text> 573 573 + )} 574 574 + </View> 575 575 + <View> 576 576 + <Text 577 577 + style={[textStyle.white, { fontSize: 14, fontWeight: "500" }]} 578 578 + > 579 579 + Manage Livestream 580 580 + </Text> 581 581 + <Text style={[textStyle.gray[400], { fontSize: 12 }]}> 582 582 + Update stream title 583 583 + </Text> 584 584 + </View> 585 585 + </Pressable> 586 586 + </View> 587 587 + </View> 588 588 + 589 589 + {/* Error */} 590 590 + {error && ( 591 591 + <View 592 592 + style={[ 593 593 + bg.red[900], 594 594 + p[3], 595 595 + r.md, 596 596 + borders.width.thin, 597 597 + borders.color.red[700], 598 598 + mb[4], 599 599 + ]} 600 600 + > 601 601 + <Text style={[textStyle.red[400], { fontSize: 13 }]}>{error}</Text> 602 602 + </View> 603 603 + )} 604 604 + 605 605 + {/* Actions */} 606 606 + <DialogFooter> 607 607 + <Button 608 608 + width="min" 609 609 + variant="secondary" 610 610 + onPress={onClose} 611 611 + disabled={isLoading} 612 612 + > 613 613 + Cancel 614 614 + </Button> 615 615 + <Button 616 616 + width="min" 617 617 + variant="primary" 618 618 + onPress={handleAdd} 619 619 + disabled={ 620 620 + isLoading || 621 621 + !moderatorDID.trim() || 622 622 + Object.values(permissions).every((p) => !p) 623 623 + } 624 624 + > 625 625 + {isLoading ? "Adding..." : "Add Moderator"} 626 626 + </Button> 627 627 + </DialogFooter> 628 628 + </ResponsiveDialog> 629 629 + ); 630 630 + }

-2

js/components/src/livestream-store/chat.tsx

reviewed

··· 374 374 subject: ComAtprotoModerationCreateReport.InputSchema["subject"], 375 375 reasonType: string, 376 376 reason?: string, 377 377 - // no clue about this 378 378 - moderationSvcDid: string = "did:web:stream.place", 379 377 ) => { 380 378 if (!pdsAgent || !userDID) { 381 379 throw new Error("No PDS agent or user DID found");

+5

js/components/src/livestream-store/livestream-state.tsx

reviewed

··· 3 3 ChatMessageViewHydrated, 4 4 LivestreamViewHydrated, 5 5 PlaceStreamDefs, 6 6 + PlaceStreamModerationPermission, 6 7 PlaceStreamSegment, 7 8 } from "streamplace"; 8 9 ··· 23 24 setStreamKey: (key: string | null) => void; 24 25 websocketConnected: boolean; 25 26 hasReceivedSegment: boolean; 27 27 + moderationPermissions: PlaceStreamModerationPermission.Record[]; 28 28 + setModerationPermissions: ( 29 29 + permissions: PlaceStreamModerationPermission.Record[], 30 30 + ) => void; 26 31 } 27 32 28 33 export interface LivestreamProblem {

+2

js/components/src/livestream-store/livestream-store.tsx

reviewed

··· 24 24 problems: [], 25 25 websocketConnected: false, 26 26 hasReceivedSegment: false, 27 27 + moderationPermissions: [], 28 28 + setModerationPermissions: (perms) => set({ moderationPermissions: perms }), 27 29 })); 28 30 }; 29 31

+60

js/components/src/livestream-store/websocket-consumer.tsx

reviewed

··· 7 7 PlaceStreamChatMessage, 8 8 PlaceStreamDefs, 9 9 PlaceStreamLivestream, 10 10 + PlaceStreamModerationPermission, 10 11 PlaceStreamSegment, 11 12 } from "streamplace"; 12 13 import { SystemMessages } from "../lib/system-messages"; ··· 120 121 pendingHides: newPendingHides, 121 122 }; 122 123 state = reduceChat(state, [], [], [hiddenMessageUri]); 124 124 + } else if ( 125 125 + PlaceStreamModerationPermission.isRecord(message) || 126 126 + (message && 127 127 + typeof message === "object" && 128 128 + "$type" in message && 129 129 + (message as { $type?: string }).$type === 130 130 + "place.stream.moderation.permission") 131 131 + ) { 132 132 + // Handle moderation permission record updates 133 133 + // This can be a new permission or a deletion marker 134 134 + const permRecord = message as 135 135 + | PlaceStreamModerationPermission.Record 136 136 + | { deleted?: boolean; rkey?: string; streamer?: string }; 137 137 + 138 138 + if ((permRecord as any).deleted) { 139 139 + // Handle deletion: clear permissions to trigger refetch 140 140 + // The useCanModerate hook will refetch and repopulate 141 141 + state = { 142 142 + ...state, 143 143 + moderationPermissions: [], 144 144 + }; 145 145 + } else { 146 146 + // Handle new/updated permission: add or update in the list 147 147 + // Use createdAt as a unique identifier since multiple records can exist for the same moderator 148 148 + // (e.g., one record with "ban" permission, another with "hide" permission) 149 149 + // Note: rkey would be ideal but isn't always present in the WebSocket message 150 150 + const newPerm = 151 151 + permRecord as PlaceStreamModerationPermission.Record & { 152 152 + rkey?: string; 153 153 + }; 154 154 + const existingIndex = state.moderationPermissions.findIndex((p) => { 155 155 + const pWithRkey = p as PlaceStreamModerationPermission.Record & { 156 156 + rkey?: string; 157 157 + }; 158 158 + // Prefer matching by rkey if available, fall back to createdAt 159 159 + if (newPerm.rkey && pWithRkey.rkey) { 160 160 + return pWithRkey.rkey === newPerm.rkey; 161 161 + } 162 162 + return ( 163 163 + p.moderator === newPerm.moderator && 164 164 + p.createdAt === newPerm.createdAt 165 165 + ); 166 166 + }); 167 167 + 168 168 + let newPermissions: PlaceStreamModerationPermission.Record[]; 169 169 + if (existingIndex >= 0) { 170 170 + // Update existing record with same moderator AND createdAt 171 171 + newPermissions = [...state.moderationPermissions]; 172 172 + newPermissions[existingIndex] = newPerm; 173 173 + } else { 174 174 + // Add new record (could be a new record for an existing moderator with different permissions) 175 175 + newPermissions = [...state.moderationPermissions, newPerm]; 176 176 + } 177 177 + 178 178 + state = { 179 179 + ...state, 180 180 + moderationPermissions: newPermissions, 181 181 + }; 182 182 + } 123 183 } 124 184 } 125 185 }

+138 -18

js/components/src/streamplace-store/block.tsx

reviewed

··· 2 2 import { useState } from "react"; 3 3 import { usePDSAgent } from "./xrpc"; 4 4 5 5 + /** 6 6 + * Hook to create a block record (ban user from chat). 7 7 + * 8 8 + * When the caller is the stream owner (agent.did === streamerDID), creates the 9 9 + * block record directly via ATProto writes to their repo. 10 10 + * 11 11 + * When the caller is a delegated moderator, uses the place.stream.moderation.createBlock 12 12 + * XRPC endpoint which validates permissions and creates the record using the 13 13 + * streamer's OAuth session. 14 14 + */ 5 15 export function useCreateBlockRecord() { 6 16 let agent = usePDSAgent(); 7 17 const [isLoading, setIsLoading] = useState(false); 8 18 9 9 - const createBlock = async (subjectDID: string) => { 19 19 + const createBlock = async (subjectDID: string, streamerDID?: string) => { 10 20 if (!agent) { 11 21 throw new Error("No PDS agent found"); 12 22 } ··· 17 27 18 28 setIsLoading(true); 19 29 try { 20 20 - const record: AppBskyGraphBlock.Record = { 21 21 - $type: "app.bsky.graph.block", 30 30 + // If no streamerDID provided or caller is the streamer, use direct ATProto write 31 31 + if (!streamerDID || agent.did === streamerDID) { 32 32 + const record: AppBskyGraphBlock.Record = { 33 33 + $type: "app.bsky.graph.block", 34 34 + subject: subjectDID, 35 35 + createdAt: new Date().toISOString(), 36 36 + }; 37 37 + const result = await agent.com.atproto.repo.createRecord({ 38 38 + repo: agent.did, 39 39 + collection: "app.bsky.graph.block", 40 40 + record, 41 41 + }); 42 42 + return result; 43 43 + } 44 44 + 45 45 + // Otherwise, use delegated moderation endpoint 46 46 + const result = await agent.place.stream.moderation.createBlock({ 47 47 + streamer: streamerDID, 22 48 subject: subjectDID, 23 23 - createdAt: new Date().toISOString(), 24 24 - }; 25 25 - const result = await agent.com.atproto.repo.createRecord({ 26 26 - repo: agent.did, 27 27 - collection: "app.bsky.graph.block", 28 28 - record, 29 49 }); 30 50 return result; 31 51 } finally { ··· 36 56 return { createBlock, isLoading }; 37 57 } 38 58 59 59 + /** 60 60 + * Hook to create a gate record (hide a chat message). 61 61 + * 62 62 + * When the caller is the stream owner (agent.did === streamerDID), creates the 63 63 + * gate record directly via ATProto writes to their repo. 64 64 + * 65 65 + * When the caller is a delegated moderator, uses the place.stream.moderation.createGate 66 66 + * XRPC endpoint which validates permissions and creates the record using the 67 67 + * streamer's OAuth session. 68 68 + */ 39 69 export function useCreateHideChatRecord() { 40 70 let agent = usePDSAgent(); 41 71 const [isLoading, setIsLoading] = useState(false); 42 72 43 43 - const createHideChat = async (chatMessageUri: string) => { 73 73 + const createHideChat = async ( 74 74 + chatMessageUri: string, 75 75 + streamerDID?: string, 76 76 + ) => { 44 77 if (!agent) { 45 78 throw new Error("No PDS agent found"); 46 79 } ··· 51 84 52 85 setIsLoading(true); 53 86 try { 54 54 - const record = { 55 55 - $type: "place.stream.chat.gate", 56 56 - hiddenMessage: chatMessageUri, 57 57 - }; 87 87 + // If no streamerDID provided or caller is the streamer, use direct ATProto write 88 88 + if (!streamerDID || agent.did === streamerDID) { 89 89 + const record = { 90 90 + $type: "place.stream.chat.gate", 91 91 + hiddenMessage: chatMessageUri, 92 92 + }; 93 93 + 94 94 + const result = await agent.com.atproto.repo.createRecord({ 95 95 + repo: agent.did, 96 96 + collection: "place.stream.chat.gate", 97 97 + record, 98 98 + }); 99 99 + return result; 100 100 + } 58 101 59 59 - const result = await agent.com.atproto.repo.createRecord({ 60 60 - repo: agent.did, 61 61 - collection: "place.stream.chat.gate", 62 62 - record, 102 102 + // Otherwise, use delegated moderation endpoint 103 103 + const result = await agent.place.stream.moderation.createGate({ 104 104 + streamer: streamerDID, 105 105 + messageUri: chatMessageUri, 63 106 }); 64 107 return result; 65 108 } finally { ··· 69 112 70 113 return { createHideChat, isLoading }; 71 114 } 115 115 + 116 116 + /** 117 117 + * Hook to update a livestream record (update stream title). 118 118 + * 119 119 + * When the caller is the stream owner (agent.did === streamerDID), updates the 120 120 + * livestream record directly via ATProto writes to their repo. 121 121 + * 122 122 + * When the caller is a delegated moderator, uses the place.stream.moderation.updateLivestream 123 123 + * XRPC endpoint which validates permissions and updates the record using the 124 124 + * streamer's OAuth session. 125 125 + */ 126 126 + export function useUpdateLivestreamRecord() { 127 127 + let agent = usePDSAgent(); 128 128 + const [isLoading, setIsLoading] = useState(false); 129 129 + 130 130 + const updateLivestream = async ( 131 131 + livestreamUri: string, 132 132 + title: string, 133 133 + streamerDID?: string, 134 134 + ) => { 135 135 + if (!agent) { 136 136 + throw new Error("No PDS agent found"); 137 137 + } 138 138 + 139 139 + if (!agent.did) { 140 140 + throw new Error("No user DID found, assuming not logged in"); 141 141 + } 142 142 + 143 143 + setIsLoading(true); 144 144 + try { 145 145 + // If no streamerDID provided or caller is the streamer, use direct ATProto write 146 146 + if (!streamerDID || agent.did === streamerDID) { 147 147 + // Extract rkey from URI 148 148 + const rkey = livestreamUri.split("/").pop(); 149 149 + if (!rkey) { 150 150 + throw new Error("Invalid livestream URI"); 151 151 + } 152 152 + 153 153 + // Get existing record to copy fields 154 154 + const getResult = await agent.com.atproto.repo.getRecord({ 155 155 + repo: agent.did, 156 156 + collection: "place.stream.livestream", 157 157 + rkey, 158 158 + }); 159 159 + 160 160 + const oldRecord = getResult.data.value as any; 161 161 + 162 162 + // Create new record (don't edit - old records are "chapter markers") 163 163 + // Spread entire record to preserve all fields (agent, canonicalUrl, notificationSettings, etc.) 164 164 + const record = { 165 165 + ...oldRecord, 166 166 + title: title, // Override title 167 167 + createdAt: new Date().toISOString(), // Override timestamp for new chapter marker 168 168 + }; 169 169 + 170 170 + const result = await agent.com.atproto.repo.createRecord({ 171 171 + repo: agent.did, 172 172 + collection: "place.stream.livestream", 173 173 + record, 174 174 + }); 175 175 + return result; 176 176 + } 177 177 + 178 178 + // Otherwise, use delegated moderation endpoint 179 179 + const result = await agent.place.stream.moderation.updateLivestream({ 180 180 + streamer: streamerDID, 181 181 + livestreamUri: livestreamUri, 182 182 + title: title, 183 183 + }); 184 184 + return result; 185 185 + } finally { 186 186 + setIsLoading(false); 187 187 + } 188 188 + }; 189 189 + 190 190 + return { updateLivestream, isLoading }; 191 191 + }

+3

js/components/src/streamplace-store/index.tsx

reviewed

··· 1 1 + export * from "./block"; 2 2 + export * from "./moderation"; 3 3 + export * from "./moderator-management"; 1 4 export * from "./stream"; 2 5 export * from "./streamplace-store"; 3 6 export * from "./user";

+185

js/components/src/streamplace-store/moderation.tsx

reviewed

··· 1 1 + import { useEffect, useState } from "react"; 2 2 + import { PlaceStreamModerationPermission } from "streamplace"; 3 3 + import { useLivestreamStore } from "../livestream-store/livestream-store"; 4 4 + import { usePDSAgent } from "./xrpc"; 5 5 + 6 6 + export interface ModerationPermissions { 7 7 + canBan: boolean; 8 8 + canHide: boolean; 9 9 + canManageLivestream: boolean; 10 10 + isOwner: boolean; 11 11 + isLoading: boolean; 12 12 + error: string | null; 13 13 + } 14 14 + 15 15 + /** 16 16 + * Hook to check if the current user can moderate for a given streamer. 17 17 + * Returns permission flags based on: 18 18 + * - Owner: full permissions if userDID === streamerDID 19 19 + * - Delegated: permissions from place.stream.moderation.permission records 20 20 + */ 21 21 + export function useCanModerate( 22 22 + streamerDID: string | null | undefined, 23 23 + ): ModerationPermissions { 24 24 + const agent = usePDSAgent(); 25 25 + const userDID = agent?.did; 26 26 + 27 27 + // Get moderation permissions from livestream store (updated via WebSocket) 28 28 + const moderationPermissions = useLivestreamStore( 29 29 + (state) => state.moderationPermissions, 30 30 + ); 31 31 + const setModerationPermissions = useLivestreamStore( 32 32 + (state) => state.setModerationPermissions, 33 33 + ); 34 34 + 35 35 + const [isOwner, setIsOwner] = useState(false); 36 36 + const [isLoading, setIsLoading] = useState(false); 37 37 + const [error, setError] = useState<string | null>(null); 38 38 + 39 39 + useEffect(() => { 40 40 + if (!userDID || !streamerDID) { 41 41 + setModerationPermissions([]); 42 42 + setIsOwner(false); 43 43 + setError(null); 44 44 + return; 45 45 + } 46 46 + 47 47 + // If user is the streamer, they have full permissions 48 48 + if (userDID === streamerDID) { 49 49 + setIsOwner(true); 50 50 + setModerationPermissions([]); // Not needed for owner 51 51 + setIsLoading(false); 52 52 + setError(null); 53 53 + return; 54 54 + } 55 55 + 56 56 + // Otherwise, fetch delegation records from the streamer's repo 57 57 + // This initial fetch populates the store, then WebSocket updates will keep it in sync 58 58 + const fetchDelegation = async () => { 59 59 + if (!agent) { 60 60 + setModerationPermissions([]); 61 61 + setIsLoading(false); 62 62 + return; 63 63 + } 64 64 + 65 65 + setIsLoading(true); 66 66 + setError(null); 67 67 + setIsOwner(false); 68 68 + 69 69 + try { 70 70 + // Use authenticated agent to list permission records from the streamer's repo 71 71 + const result = await agent.com.atproto.repo.listRecords({ 72 72 + repo: streamerDID, 73 73 + collection: "place.stream.moderation.permission", 74 74 + limit: 100, 75 75 + }); 76 76 + 77 77 + const records = result.data.records || []; 78 78 + const permissionRecords: PlaceStreamModerationPermission.Record[] = 79 79 + records 80 80 + .map((r: { value: any }) => r.value) 81 81 + .filter( 82 82 + (v: any) => v && v.$type === "place.stream.moderation.permission", 83 83 + ); 84 84 + 85 85 + // Store all permissions in the livestream store 86 86 + // WebSocket updates will keep this in sync 87 87 + setModerationPermissions(permissionRecords); 88 88 + } catch (err) { 89 89 + console.error("[useCanModerate] Error fetching permissions:", err); 90 90 + setError( 91 91 + `Could not fetch moderation permissions: ${err instanceof Error ? err.message : `Unknown error: ${err}`}`, 92 92 + ); 93 93 + setModerationPermissions([]); 94 94 + } finally { 95 95 + setIsLoading(false); 96 96 + } 97 97 + }; 98 98 + 99 99 + // Fetch immediately on mount or when dependencies change 100 100 + fetchDelegation(); 101 101 + }, [userDID, streamerDID, agent, setModerationPermissions]); 102 102 + 103 103 + // If permissions were cleared (e.g., due to deletion), trigger a refetch 104 104 + useEffect(() => { 105 105 + // If permissions were cleared and we're not the owner, refetch 106 106 + if ( 107 107 + moderationPermissions.length === 0 && 108 108 + !isOwner && 109 109 + userDID && 110 110 + streamerDID && 111 111 + agent 112 112 + ) { 113 113 + const fetchDelegation = async () => { 114 114 + try { 115 115 + const result = await agent.com.atproto.repo.listRecords({ 116 116 + repo: streamerDID, 117 117 + collection: "place.stream.moderation.permission", 118 118 + limit: 100, 119 119 + }); 120 120 + 121 121 + const records = result.data.records || []; 122 122 + const permissionRecords: PlaceStreamModerationPermission.Record[] = 123 123 + records 124 124 + .map((r: { value: any }) => r.value) 125 125 + .filter( 126 126 + (v: any) => 127 127 + v && v.$type === "place.stream.moderation.permission", 128 128 + ); 129 129 + 130 130 + setModerationPermissions(permissionRecords); 131 131 + } catch (err) { 132 132 + console.error("[useCanModerate] Error refetching permissions:", err); 133 133 + } 134 134 + }; 135 135 + 136 136 + // Small delay to avoid rapid refetches 137 137 + const timeout = setTimeout(fetchDelegation, 100); 138 138 + return () => clearTimeout(timeout); 139 139 + } 140 140 + }, [ 141 141 + moderationPermissions.length, 142 142 + isOwner, 143 143 + userDID, 144 144 + streamerDID, 145 145 + agent, 146 146 + setModerationPermissions, 147 147 + ]); 148 148 + 149 149 + // Find ALL delegation records for this moderator and merge their permissions 150 150 + const delegations = moderationPermissions.filter( 151 151 + (perm) => perm.moderator === userDID, 152 152 + ); 153 153 + 154 154 + // Merge permissions from all delegation records for this moderator 155 155 + const permissions: string[] = delegations.reduce( 156 156 + (acc: string[], delegation) => { 157 157 + // Check if delegation has expired 158 158 + if (delegation.expirationTime) { 159 159 + const expiration = new Date(delegation.expirationTime); 160 160 + if (new Date() > expiration) { 161 161 + return acc; // Skip expired delegations 162 162 + } 163 163 + } 164 164 + 165 165 + // Add all permissions from this delegation, avoiding duplicates 166 166 + const delegationPerms = delegation.permissions || []; 167 167 + for (const perm of delegationPerms) { 168 168 + if (!acc.includes(perm)) { 169 169 + acc.push(perm); 170 170 + } 171 171 + } 172 172 + return acc; 173 173 + }, 174 174 + [], 175 175 + ); 176 176 + 177 177 + return { 178 178 + canBan: isOwner || permissions.includes("ban"), 179 179 + canHide: isOwner || permissions.includes("hide"), 180 180 + canManageLivestream: isOwner || permissions.includes("livestream.manage"), 181 181 + isOwner, 182 182 + isLoading, 183 183 + error, 184 184 + }; 185 185 + }

+175

js/components/src/streamplace-store/moderator-management.tsx

reviewed

··· 1 1 + import { useCallback, useEffect, useState } from "react"; 2 2 + import { PlaceStreamModerationPermission } from "streamplace"; 3 3 + import { usePDSAgent } from "./xrpc"; 4 4 + 5 5 + interface ModeratorRecord { 6 6 + uri: string; 7 7 + cid: string; 8 8 + value: PlaceStreamModerationPermission.Record; 9 9 + rkey: string; 10 10 + } 11 11 + 12 12 + interface ListModeratorsResult { 13 13 + moderators: ModeratorRecord[]; 14 14 + isLoading: boolean; 15 15 + error: string | null; 16 16 + refresh: () => void; 17 17 + } 18 18 + 19 19 + /** 20 20 + * Hook to list all moderators for the current user's stream. 21 21 + * Fetches place.stream.moderation.permission records from the user's repo. 22 22 + */ 23 23 + export function useListModerators(): ListModeratorsResult { 24 24 + const agent = usePDSAgent(); 25 25 + const [moderators, setModerators] = useState<ModeratorRecord[]>([]); 26 26 + const [isLoading, setIsLoading] = useState(false); 27 27 + const [error, setError] = useState<string | null>(null); 28 28 + const [refreshTrigger, setRefreshTrigger] = useState(0); 29 29 + 30 30 + const refresh = useCallback(() => { 31 31 + setRefreshTrigger((prev) => prev + 1); 32 32 + }, []); 33 33 + 34 34 + useEffect(() => { 35 35 + if (!agent?.did) { 36 36 + setModerators([]); 37 37 + setError(null); 38 38 + return; 39 39 + } 40 40 + 41 41 + const fetchModerators = async () => { 42 42 + setIsLoading(true); 43 43 + setError(null); 44 44 + 45 45 + try { 46 46 + const result = await agent.place.stream.moderation.permission.list({ 47 47 + repo: agent.did!, 48 48 + }); 49 49 + 50 50 + const records = result.records.map((record: any) => { 51 51 + const rkey = record.uri.split("/").pop(); 52 52 + return { 53 53 + uri: record.uri, 54 54 + cid: record.cid || "", 55 55 + value: record.value, 56 56 + rkey: rkey || "", 57 57 + }; 58 58 + }); 59 59 + 60 60 + setModerators(records); 61 61 + } catch (err) { 62 62 + setError( 63 63 + `Failed to fetch moderators: ${err instanceof Error ? err.message : "Unknown error"}`, 64 64 + ); 65 65 + setModerators([]); 66 66 + } finally { 67 67 + setIsLoading(false); 68 68 + } 69 69 + }; 70 70 + 71 71 + fetchModerators(); 72 72 + }, [agent?.did, refreshTrigger]); 73 73 + 74 74 + return { 75 75 + moderators, 76 76 + isLoading, 77 77 + error, 78 78 + refresh, 79 79 + }; 80 80 + } 81 81 + 82 82 + interface AddModeratorParams { 83 83 + moderatorDID: string; 84 84 + permissions: ("ban" | "hide" | "livestream.manage")[]; 85 85 + expirationTime?: string; // ISO 8601 datetime string 86 86 + } 87 87 + 88 88 + /** 89 89 + * Hook to add a new moderator. 90 90 + * Creates a place.stream.moderation.permission record in the current user's repo. 91 91 + */ 92 92 + export function useAddModerator() { 93 93 + const agent = usePDSAgent(); 94 94 + const [isLoading, setIsLoading] = useState(false); 95 95 + 96 96 + const addModerator = async (params: AddModeratorParams) => { 97 97 + if (!agent?.did) { 98 98 + throw new Error("Not logged in"); 99 99 + } 100 100 + 101 101 + if (params.permissions.length === 0) { 102 102 + throw new Error("At least one permission must be selected"); 103 103 + } 104 104 + 105 105 + setIsLoading(true); 106 106 + try { 107 107 + // Resolve handle to DID if needed 108 108 + let moderatorDID = params.moderatorDID.trim(); 109 109 + if (!moderatorDID.startsWith("did:")) { 110 110 + if (moderatorDID.startsWith("@")) { 111 111 + moderatorDID = moderatorDID.substring(1); // Remove @ 112 112 + } 113 113 + try { 114 114 + const resolved = await agent.com.atproto.identity.resolveHandle({ 115 115 + handle: moderatorDID, 116 116 + }); 117 117 + moderatorDID = resolved.data.did; 118 118 + } catch (e) { 119 119 + throw new Error( 120 120 + `Invalid DID or handle: ${moderatorDID}. Please use a valid DID (did:plc:...) or handle (@handle.bsky.social)`, 121 121 + ); 122 122 + } 123 123 + } 124 124 + 125 125 + const record: PlaceStreamModerationPermission.Record = { 126 126 + $type: "place.stream.moderation.permission", 127 127 + moderator: moderatorDID, 128 128 + permissions: params.permissions, 129 129 + createdAt: new Date().toISOString(), 130 130 + }; 131 131 + 132 132 + if (params.expirationTime) { 133 133 + (record as any).expirationTime = params.expirationTime; 134 134 + } 135 135 + 136 136 + const result = await agent.place.stream.moderation.permission.create( 137 137 + { repo: agent.did }, 138 138 + record, 139 139 + ); 140 140 + 141 141 + return result; 142 142 + } finally { 143 143 + setIsLoading(false); 144 144 + } 145 145 + }; 146 146 + 147 147 + return { addModerator, isLoading }; 148 148 + } 149 149 + 150 150 + /** 151 151 + * Hook to remove a moderator. 152 152 + * Deletes a place.stream.moderation.permission record by its rkey. 153 153 + */ 154 154 + export function useRemoveModerator() { 155 155 + const agent = usePDSAgent(); 156 156 + const [isLoading, setIsLoading] = useState(false); 157 157 + 158 158 + const removeModerator = async (rkey: string) => { 159 159 + if (!agent?.did) { 160 160 + throw new Error("Not logged in"); 161 161 + } 162 162 + 163 163 + setIsLoading(true); 164 164 + try { 165 165 + await agent.place.stream.moderation.permission.delete({ 166 166 + repo: agent.did, 167 167 + rkey, 168 168 + }); 169 169 + } finally { 170 170 + setIsLoading(false); 171 171 + } 172 172 + }; 173 173 + 174 174 + return { removeModerator, isLoading }; 175 175 + }

+133

js/docs/src/content/docs/lex-reference/livestream/place-stream-livestream-update.md

reviewed

··· 1 1 + --- 2 2 + title: place.stream.livestream.update 3 3 + description: Reference for the place.stream.livestream.update lexicon 4 4 + --- 5 5 + 6 6 + **Lexicon Version:** 1 7 7 + 8 8 + ## Definitions 9 9 + 10 10 + <a name="main"></a> 11 11 + 12 12 + ### `main` 13 13 + 14 14 + **Type:** `procedure` 15 15 + 16 16 + Update livestream metadata on behalf of a streamer. Requires 'livestream.manage' 17 17 + permission. Updates a place.stream.livestream record in the streamer's 18 18 + repository. 19 19 + 20 20 + **Parameters:** _(None defined)_ 21 21 + 22 22 + **Input:** 23 23 + 24 24 + - **Encoding:** `application/json` 25 25 + - **Schema:** 26 26 + 27 27 + **Schema Type:** `object` 28 28 + 29 29 + | Name | Type | Req'd | Description | Constraints | 30 30 + | --------------- | -------- | ----- | ---------------------------------------------- | --------------------------------------- | 31 31 + | `streamer` | `string` | ✅ | The DID of the streamer. | Format: `did` | 32 32 + | `livestreamUri` | `string` | ✅ | The AT-URI of the livestream record to update. | Format: `at-uri` | 33 33 + | `title` | `string` | ❌ | New title for the livestream. | Max Length: 1400<br/>Max Graphemes: 140 | 34 34 + 35 35 + **Output:** 36 36 + 37 37 + - **Encoding:** `application/json` 38 38 + - **Schema:** 39 39 + 40 40 + **Schema Type:** `object` 41 41 + 42 42 + | Name | Type | Req'd | Description | Constraints | 43 43 + | ----- | -------- | ----- | -------------------------------------------- | ---------------- | 44 44 + | `uri` | `string` | ✅ | The AT-URI of the updated livestream record. | Format: `at-uri` | 45 45 + | `cid` | `string` | ✅ | The CID of the updated livestream record. | Format: `cid` | 46 46 + 47 47 + **Possible Errors:** 48 48 + 49 49 + - `Unauthorized`: The request lacks valid authentication credentials. 50 50 + - `Forbidden`: The caller does not have permission to update livestream metadata 51 51 + for this streamer. 52 52 + - `SessionNotFound`: The streamer's OAuth session could not be found or is 53 53 + invalid. 54 54 + - `RecordNotFound`: The specified livestream record does not exist. 55 55 + 56 56 + --- 57 57 + 58 58 + ## Lexicon Source 59 59 + 60 60 + ```json 61 61 + { 62 62 + "lexicon": 1, 63 63 + "id": "place.stream.livestream.update", 64 64 + "defs": { 65 65 + "main": { 66 66 + "type": "procedure", 67 67 + "description": "Update livestream metadata on behalf of a streamer. Requires 'livestream.manage' permission. Updates a place.stream.livestream record in the streamer's repository.", 68 68 + "input": { 69 69 + "encoding": "application/json", 70 70 + "schema": { 71 71 + "type": "object", 72 72 + "required": ["streamer", "livestreamUri"], 73 73 + "properties": { 74 74 + "streamer": { 75 75 + "type": "string", 76 76 + "format": "did", 77 77 + "description": "The DID of the streamer." 78 78 + }, 79 79 + "livestreamUri": { 80 80 + "type": "string", 81 81 + "format": "at-uri", 82 82 + "description": "The AT-URI of the livestream record to update." 83 83 + }, 84 84 + "title": { 85 85 + "type": "string", 86 86 + "maxLength": 1400, 87 87 + "maxGraphemes": 140, 88 88 + "description": "New title for the livestream." 89 89 + } 90 90 + } 91 91 + } 92 92 + }, 93 93 + "output": { 94 94 + "encoding": "application/json", 95 95 + "schema": { 96 96 + "type": "object", 97 97 + "required": ["uri", "cid"], 98 98 + "properties": { 99 99 + "uri": { 100 100 + "type": "string", 101 101 + "format": "at-uri", 102 102 + "description": "The AT-URI of the updated livestream record." 103 103 + }, 104 104 + "cid": { 105 105 + "type": "string", 106 106 + "format": "cid", 107 107 + "description": "The CID of the updated livestream record." 108 108 + } 109 109 + } 110 110 + } 111 111 + }, 112 112 + "errors": [ 113 113 + { 114 114 + "name": "Unauthorized", 115 115 + "description": "The request lacks valid authentication credentials." 116 116 + }, 117 117 + { 118 118 + "name": "Forbidden", 119 119 + "description": "The caller does not have permission to update livestream metadata for this streamer." 120 120 + }, 121 121 + { 122 122 + "name": "SessionNotFound", 123 123 + "description": "The streamer's OAuth session could not be found or is invalid." 124 124 + }, 125 125 + { 126 126 + "name": "RecordNotFound", 127 127 + "description": "The specified livestream record does not exist." 128 128 + } 129 129 + ] 130 130 + } 131 131 + } 132 132 + } 133 133 + ```

+126

js/docs/src/content/docs/lex-reference/moderation/place-stream-moderation-createblock.md

reviewed

··· 1 1 + --- 2 2 + title: place.stream.moderation.createBlock 3 3 + description: Reference for the place.stream.moderation.createBlock lexicon 4 4 + --- 5 5 + 6 6 + **Lexicon Version:** 1 7 7 + 8 8 + ## Definitions 9 9 + 10 10 + <a name="main"></a> 11 11 + 12 12 + ### `main` 13 13 + 14 14 + **Type:** `procedure` 15 15 + 16 16 + Create a block (ban) on behalf of a streamer. Requires 'ban' permission. Creates 17 17 + an app.bsky.graph.block record in the streamer's repository. 18 18 + 19 19 + **Parameters:** _(None defined)_ 20 20 + 21 21 + **Input:** 22 22 + 23 23 + - **Encoding:** `application/json` 24 24 + - **Schema:** 25 25 + 26 26 + **Schema Type:** `object` 27 27 + 28 28 + | Name | Type | Req'd | Description | Constraints | 29 29 + | ---------- | -------- | ----- | --------------------------------------------------------- | --------------- | 30 30 + | `streamer` | `string` | ✅ | The DID of the streamer whose chat this block applies to. | Format: `did` | 31 31 + | `subject` | `string` | ✅ | The DID of the user being blocked from chat. | Format: `did` | 32 32 + | `reason` | `string` | ❌ | Optional reason for the block. | Max Length: 300 | 33 33 + 34 34 + **Output:** 35 35 + 36 36 + - **Encoding:** `application/json` 37 37 + - **Schema:** 38 38 + 39 39 + **Schema Type:** `object` 40 40 + 41 41 + | Name | Type | Req'd | Description | Constraints | 42 42 + | ----- | -------- | ----- | --------------------------------------- | ---------------- | 43 43 + | `uri` | `string` | ✅ | The AT-URI of the created block record. | Format: `at-uri` | 44 44 + | `cid` | `string` | ✅ | The CID of the created block record. | Format: `cid` | 45 45 + 46 46 + **Possible Errors:** 47 47 + 48 48 + - `Unauthorized`: The request lacks valid authentication credentials. 49 49 + - `Forbidden`: The caller does not have permission to create blocks for this 50 50 + streamer. 51 51 + - `SessionNotFound`: The streamer's OAuth session could not be found or is 52 52 + invalid. 53 53 + 54 54 + --- 55 55 + 56 56 + ## Lexicon Source 57 57 + 58 58 + ```json 59 59 + { 60 60 + "lexicon": 1, 61 61 + "id": "place.stream.moderation.createBlock", 62 62 + "defs": { 63 63 + "main": { 64 64 + "type": "procedure", 65 65 + "description": "Create a block (ban) on behalf of a streamer. Requires 'ban' permission. Creates an app.bsky.graph.block record in the streamer's repository.", 66 66 + "input": { 67 67 + "encoding": "application/json", 68 68 + "schema": { 69 69 + "type": "object", 70 70 + "required": ["streamer", "subject"], 71 71 + "properties": { 72 72 + "streamer": { 73 73 + "type": "string", 74 74 + "format": "did", 75 75 + "description": "The DID of the streamer whose chat this block applies to." 76 76 + }, 77 77 + "subject": { 78 78 + "type": "string", 79 79 + "format": "did", 80 80 + "description": "The DID of the user being blocked from chat." 81 81 + }, 82 82 + "reason": { 83 83 + "type": "string", 84 84 + "maxLength": 300, 85 85 + "description": "Optional reason for the block." 86 86 + } 87 87 + } 88 88 + } 89 89 + }, 90 90 + "output": { 91 91 + "encoding": "application/json", 92 92 + "schema": { 93 93 + "type": "object", 94 94 + "required": ["uri", "cid"], 95 95 + "properties": { 96 96 + "uri": { 97 97 + "type": "string", 98 98 + "format": "at-uri", 99 99 + "description": "The AT-URI of the created block record." 100 100 + }, 101 101 + "cid": { 102 102 + "type": "string", 103 103 + "format": "cid", 104 104 + "description": "The CID of the created block record." 105 105 + } 106 106 + } 107 107 + } 108 108 + }, 109 109 + "errors": [ 110 110 + { 111 111 + "name": "Unauthorized", 112 112 + "description": "The request lacks valid authentication credentials." 113 113 + }, 114 114 + { 115 115 + "name": "Forbidden", 116 116 + "description": "The caller does not have permission to create blocks for this streamer." 117 117 + }, 118 118 + { 119 119 + "name": "SessionNotFound", 120 120 + "description": "The streamer's OAuth session could not be found or is invalid." 121 121 + } 122 122 + ] 123 123 + } 124 124 + } 125 125 + } 126 126 + ```

+121

js/docs/src/content/docs/lex-reference/moderation/place-stream-moderation-creategate.md

reviewed

··· 1 1 + --- 2 2 + title: place.stream.moderation.createGate 3 3 + description: Reference for the place.stream.moderation.createGate lexicon 4 4 + --- 5 5 + 6 6 + **Lexicon Version:** 1 7 7 + 8 8 + ## Definitions 9 9 + 10 10 + <a name="main"></a> 11 11 + 12 12 + ### `main` 13 13 + 14 14 + **Type:** `procedure` 15 15 + 16 16 + Create a gate (hide message) on behalf of a streamer. Requires 'hide' 17 17 + permission. Creates a place.stream.chat.gate record in the streamer's 18 18 + repository. 19 19 + 20 20 + **Parameters:** _(None defined)_ 21 21 + 22 22 + **Input:** 23 23 + 24 24 + - **Encoding:** `application/json` 25 25 + - **Schema:** 26 26 + 27 27 + **Schema Type:** `object` 28 28 + 29 29 + | Name | Type | Req'd | Description | Constraints | 30 30 + | ------------ | -------- | ----- | --------------------------------------- | ---------------- | 31 31 + | `streamer` | `string` | ✅ | The DID of the streamer. | Format: `did` | 32 32 + | `messageUri` | `string` | ✅ | The AT-URI of the chat message to hide. | Format: `at-uri` | 33 33 + 34 34 + **Output:** 35 35 + 36 36 + - **Encoding:** `application/json` 37 37 + - **Schema:** 38 38 + 39 39 + **Schema Type:** `object` 40 40 + 41 41 + | Name | Type | Req'd | Description | Constraints | 42 42 + | ----- | -------- | ----- | -------------------------------------- | ---------------- | 43 43 + | `uri` | `string` | ✅ | The AT-URI of the created gate record. | Format: `at-uri` | 44 44 + | `cid` | `string` | ✅ | The CID of the created gate record. | Format: `cid` | 45 45 + 46 46 + **Possible Errors:** 47 47 + 48 48 + - `Unauthorized`: The request lacks valid authentication credentials. 49 49 + - `Forbidden`: The caller does not have permission to hide messages for this 50 50 + streamer. 51 51 + - `SessionNotFound`: The streamer's OAuth session could not be found or is 52 52 + invalid. 53 53 + 54 54 + --- 55 55 + 56 56 + ## Lexicon Source 57 57 + 58 58 + ```json 59 59 + { 60 60 + "lexicon": 1, 61 61 + "id": "place.stream.moderation.createGate", 62 62 + "defs": { 63 63 + "main": { 64 64 + "type": "procedure", 65 65 + "description": "Create a gate (hide message) on behalf of a streamer. Requires 'hide' permission. Creates a place.stream.chat.gate record in the streamer's repository.", 66 66 + "input": { 67 67 + "encoding": "application/json", 68 68 + "schema": { 69 69 + "type": "object", 70 70 + "required": ["streamer", "messageUri"], 71 71 + "properties": { 72 72 + "streamer": { 73 73 + "type": "string", 74 74 + "format": "did", 75 75 + "description": "The DID of the streamer." 76 76 + }, 77 77 + "messageUri": { 78 78 + "type": "string", 79 79 + "format": "at-uri", 80 80 + "description": "The AT-URI of the chat message to hide." 81 81 + } 82 82 + } 83 83 + } 84 84 + }, 85 85 + "output": { 86 86 + "encoding": "application/json", 87 87 + "schema": { 88 88 + "type": "object", 89 89 + "required": ["uri", "cid"], 90 90 + "properties": { 91 91 + "uri": { 92 92 + "type": "string", 93 93 + "format": "at-uri", 94 94 + "description": "The AT-URI of the created gate record." 95 95 + }, 96 96 + "cid": { 97 97 + "type": "string", 98 98 + "format": "cid", 99 99 + "description": "The CID of the created gate record." 100 100 + } 101 101 + } 102 102 + } 103 103 + }, 104 104 + "errors": [ 105 105 + { 106 106 + "name": "Unauthorized", 107 107 + "description": "The request lacks valid authentication credentials." 108 108 + }, 109 109 + { 110 110 + "name": "Forbidden", 111 111 + "description": "The caller does not have permission to hide messages for this streamer." 112 112 + }, 113 113 + { 114 114 + "name": "SessionNotFound", 115 115 + "description": "The streamer's OAuth session could not be found or is invalid." 116 116 + } 117 117 + ] 118 118 + } 119 119 + } 120 120 + } 121 121 + ```

+61

js/docs/src/content/docs/lex-reference/moderation/place-stream-moderation-defs.md

reviewed

··· 1 1 + --- 2 2 + title: place.stream.moderation.defs 3 3 + description: Reference for the place.stream.moderation.defs lexicon 4 4 + --- 5 5 + 6 6 + **Lexicon Version:** 1 7 7 + 8 8 + ## Definitions 9 9 + 10 10 + <a name="permissionview"></a> 11 11 + 12 12 + ### `permissionView` 13 13 + 14 14 + **Type:** `object` 15 15 + 16 16 + **Properties:** 17 17 + 18 18 + | Name | Type | Req'd | Description | Constraints | 19 19 + | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | ----- | ------------------------------------------- | ---------------- | 20 20 + | `uri` | `string` | ✅ | AT-URI of the permission record | Format: `at-uri` | 21 21 + | `cid` | `string` | ✅ | Content identifier of the permission record | Format: `cid` | 22 22 + | `author` | [`app.bsky.actor.defs#profileViewBasic`](https://github.com/bluesky-social/atproto/tree/main/lexicons/app/bsky/actor/defs.json#profileViewBasic) | ✅ | The streamer who granted these permissions | | 23 23 + | `record` | `unknown` | ✅ | The permission record itself | | 24 24 + 25 25 + --- 26 26 + 27 27 + ## Lexicon Source 28 28 + 29 29 + ```json 30 30 + { 31 31 + "lexicon": 1, 32 32 + "id": "place.stream.moderation.defs", 33 33 + "defs": { 34 34 + "permissionView": { 35 35 + "type": "object", 36 36 + "required": ["uri", "cid", "author", "record"], 37 37 + "properties": { 38 38 + "uri": { 39 39 + "type": "string", 40 40 + "format": "at-uri", 41 41 + "description": "AT-URI of the permission record" 42 42 + }, 43 43 + "cid": { 44 44 + "type": "string", 45 45 + "format": "cid", 46 46 + "description": "Content identifier of the permission record" 47 47 + }, 48 48 + "author": { 49 49 + "type": "ref", 50 50 + "ref": "app.bsky.actor.defs#profileViewBasic", 51 51 + "description": "The streamer who granted these permissions" 52 52 + }, 53 53 + "record": { 54 54 + "type": "unknown", 55 55 + "description": "The permission record itself" 56 56 + } 57 57 + } 58 58 + } 59 59 + } 60 60 + } 61 61 + ```

+103

js/docs/src/content/docs/lex-reference/moderation/place-stream-moderation-deleteblock.md

reviewed

··· 1 1 + --- 2 2 + title: place.stream.moderation.deleteBlock 3 3 + description: Reference for the place.stream.moderation.deleteBlock lexicon 4 4 + --- 5 5 + 6 6 + **Lexicon Version:** 1 7 7 + 8 8 + ## Definitions 9 9 + 10 10 + <a name="main"></a> 11 11 + 12 12 + ### `main` 13 13 + 14 14 + **Type:** `procedure` 15 15 + 16 16 + Delete a block (unban) on behalf of a streamer. Requires 'ban' permission. 17 17 + Deletes an app.bsky.graph.block record from the streamer's repository. 18 18 + 19 19 + **Parameters:** _(None defined)_ 20 20 + 21 21 + **Input:** 22 22 + 23 23 + - **Encoding:** `application/json` 24 24 + - **Schema:** 25 25 + 26 26 + **Schema Type:** `object` 27 27 + 28 28 + | Name | Type | Req'd | Description | Constraints | 29 29 + | ---------- | -------- | ----- | ----------------------------------------- | ---------------- | 30 30 + | `streamer` | `string` | ✅ | The DID of the streamer. | Format: `did` | 31 31 + | `blockUri` | `string` | ✅ | The AT-URI of the block record to delete. | Format: `at-uri` | 32 32 + 33 33 + **Output:** 34 34 + 35 35 + - **Encoding:** `application/json` 36 36 + - **Schema:** 37 37 + 38 38 + **Schema Type:** `object` 39 39 + 40 40 + _(No properties defined)_ **Possible Errors:** 41 41 + 42 42 + - `Unauthorized`: The request lacks valid authentication credentials. 43 43 + - `Forbidden`: The caller does not have permission to delete blocks for this 44 44 + streamer. 45 45 + - `SessionNotFound`: The streamer's OAuth session could not be found or is 46 46 + invalid. 47 47 + 48 48 + --- 49 49 + 50 50 + ## Lexicon Source 51 51 + 52 52 + ```json 53 53 + { 54 54 + "lexicon": 1, 55 55 + "id": "place.stream.moderation.deleteBlock", 56 56 + "defs": { 57 57 + "main": { 58 58 + "type": "procedure", 59 59 + "description": "Delete a block (unban) on behalf of a streamer. Requires 'ban' permission. Deletes an app.bsky.graph.block record from the streamer's repository.", 60 60 + "input": { 61 61 + "encoding": "application/json", 62 62 + "schema": { 63 63 + "type": "object", 64 64 + "required": ["streamer", "blockUri"], 65 65 + "properties": { 66 66 + "streamer": { 67 67 + "type": "string", 68 68 + "format": "did", 69 69 + "description": "The DID of the streamer." 70 70 + }, 71 71 + "blockUri": { 72 72 + "type": "string", 73 73 + "format": "at-uri", 74 74 + "description": "The AT-URI of the block record to delete." 75 75 + } 76 76 + } 77 77 + } 78 78 + }, 79 79 + "output": { 80 80 + "encoding": "application/json", 81 81 + "schema": { 82 82 + "type": "object", 83 83 + "properties": {} 84 84 + } 85 85 + }, 86 86 + "errors": [ 87 87 + { 88 88 + "name": "Unauthorized", 89 89 + "description": "The request lacks valid authentication credentials." 90 90 + }, 91 91 + { 92 92 + "name": "Forbidden", 93 93 + "description": "The caller does not have permission to delete blocks for this streamer." 94 94 + }, 95 95 + { 96 96 + "name": "SessionNotFound", 97 97 + "description": "The streamer's OAuth session could not be found or is invalid." 98 98 + } 99 99 + ] 100 100 + } 101 101 + } 102 102 + } 103 103 + ```

+104

js/docs/src/content/docs/lex-reference/moderation/place-stream-moderation-deletegate.md

reviewed

··· 1 1 + --- 2 2 + title: place.stream.moderation.deleteGate 3 3 + description: Reference for the place.stream.moderation.deleteGate lexicon 4 4 + --- 5 5 + 6 6 + **Lexicon Version:** 1 7 7 + 8 8 + ## Definitions 9 9 + 10 10 + <a name="main"></a> 11 11 + 12 12 + ### `main` 13 13 + 14 14 + **Type:** `procedure` 15 15 + 16 16 + Delete a gate (unhide message) on behalf of a streamer. Requires 'hide' 17 17 + permission. Deletes a place.stream.chat.gate record from the streamer's 18 18 + repository. 19 19 + 20 20 + **Parameters:** _(None defined)_ 21 21 + 22 22 + **Input:** 23 23 + 24 24 + - **Encoding:** `application/json` 25 25 + - **Schema:** 26 26 + 27 27 + **Schema Type:** `object` 28 28 + 29 29 + | Name | Type | Req'd | Description | Constraints | 30 30 + | ---------- | -------- | ----- | ---------------------------------------- | ---------------- | 31 31 + | `streamer` | `string` | ✅ | The DID of the streamer. | Format: `did` | 32 32 + | `gateUri` | `string` | ✅ | The AT-URI of the gate record to delete. | Format: `at-uri` | 33 33 + 34 34 + **Output:** 35 35 + 36 36 + - **Encoding:** `application/json` 37 37 + - **Schema:** 38 38 + 39 39 + **Schema Type:** `object` 40 40 + 41 41 + _(No properties defined)_ **Possible Errors:** 42 42 + 43 43 + - `Unauthorized`: The request lacks valid authentication credentials. 44 44 + - `Forbidden`: The caller does not have permission to unhide messages for this 45 45 + streamer. 46 46 + - `SessionNotFound`: The streamer's OAuth session could not be found or is 47 47 + invalid. 48 48 + 49 49 + --- 50 50 + 51 51 + ## Lexicon Source 52 52 + 53 53 + ```json 54 54 + { 55 55 + "lexicon": 1, 56 56 + "id": "place.stream.moderation.deleteGate", 57 57 + "defs": { 58 58 + "main": { 59 59 + "type": "procedure", 60 60 + "description": "Delete a gate (unhide message) on behalf of a streamer. Requires 'hide' permission. Deletes a place.stream.chat.gate record from the streamer's repository.", 61 61 + "input": { 62 62 + "encoding": "application/json", 63 63 + "schema": { 64 64 + "type": "object", 65 65 + "required": ["streamer", "gateUri"], 66 66 + "properties": { 67 67 + "streamer": { 68 68 + "type": "string", 69 69 + "format": "did", 70 70 + "description": "The DID of the streamer." 71 71 + }, 72 72 + "gateUri": { 73 73 + "type": "string", 74 74 + "format": "at-uri", 75 75 + "description": "The AT-URI of the gate record to delete." 76 76 + } 77 77 + } 78 78 + } 79 79 + }, 80 80 + "output": { 81 81 + "encoding": "application/json", 82 82 + "schema": { 83 83 + "type": "object", 84 84 + "properties": {} 85 85 + } 86 86 + }, 87 87 + "errors": [ 88 88 + { 89 89 + "name": "Unauthorized", 90 90 + "description": "The request lacks valid authentication credentials." 91 91 + }, 92 92 + { 93 93 + "name": "Forbidden", 94 94 + "description": "The caller does not have permission to unhide messages for this streamer." 95 95 + }, 96 96 + { 97 97 + "name": "SessionNotFound", 98 98 + "description": "The streamer's OAuth session could not be found or is invalid." 99 99 + } 100 100 + ] 101 101 + } 102 102 + } 103 103 + } 104 104 + ```

+74

js/docs/src/content/docs/lex-reference/moderation/place-stream-moderation-permission.md

reviewed

··· 1 1 + --- 2 2 + title: place.stream.moderation.permission 3 3 + description: Reference for the place.stream.moderation.permission lexicon 4 4 + --- 5 5 + 6 6 + **Lexicon Version:** 1 7 7 + 8 8 + ## Definitions 9 9 + 10 10 + <a name="main"></a> 11 11 + 12 12 + ### `main` 13 13 + 14 14 + **Type:** `record` 15 15 + 16 16 + Record granting moderation permissions to a user for this streamer's content. 17 17 + 18 18 + **Record Key:** `tid` 19 19 + 20 20 + **Record Properties:** 21 21 + 22 22 + | Name | Type | Req'd | Description | Constraints | 23 23 + | ---------------- | ----------------- | ----- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------ | 24 24 + | `moderator` | `string` | ✅ | The DID of the user granted moderator permissions. | Format: `did` | 25 25 + | `permissions` | Array of `string` | ✅ | Array of permissions granted to this moderator. 'ban' covers blocks/bans (with optional expiration), 'hide' covers message gates, 'livestream.manage' allows updating livestream metadata. | | 26 26 + | `createdAt` | `string` | ✅ | Client-declared timestamp when this moderator was added. | Format: `datetime` | 27 27 + | `expirationTime` | `string` | ❌ | Optional expiration time for this delegation. If set, the delegation is invalid after this time. | Format: `datetime` | 28 28 + 29 29 + --- 30 30 + 31 31 + ## Lexicon Source 32 32 + 33 33 + ```json 34 34 + { 35 35 + "lexicon": 1, 36 36 + "id": "place.stream.moderation.permission", 37 37 + "defs": { 38 38 + "main": { 39 39 + "type": "record", 40 40 + "key": "tid", 41 41 + "description": "Record granting moderation permissions to a user for this streamer's content.", 42 42 + "record": { 43 43 + "type": "object", 44 44 + "required": ["moderator", "permissions", "createdAt"], 45 45 + "properties": { 46 46 + "moderator": { 47 47 + "type": "string", 48 48 + "format": "did", 49 49 + "description": "The DID of the user granted moderator permissions." 50 50 + }, 51 51 + "permissions": { 52 52 + "type": "array", 53 53 + "items": { 54 54 + "type": "string", 55 55 + "enum": ["ban", "hide", "livestream.manage"] 56 56 + }, 57 57 + "description": "Array of permissions granted to this moderator. 'ban' covers blocks/bans (with optional expiration), 'hide' covers message gates, 'livestream.manage' allows updating livestream metadata." 58 58 + }, 59 59 + "createdAt": { 60 60 + "type": "string", 61 61 + "format": "datetime", 62 62 + "description": "Client-declared timestamp when this moderator was added." 63 63 + }, 64 64 + "expirationTime": { 65 65 + "type": "string", 66 66 + "format": "datetime", 67 67 + "description": "Optional expiration time for this delegation. If set, the delegation is invalid after this time." 68 68 + } 69 69 + } 70 70 + } 71 71 + } 72 72 + } 73 73 + } 74 74 + ```

+133

js/docs/src/content/docs/lex-reference/moderation/place-stream-moderation-updatelivestream.md

reviewed

··· 1 1 + --- 2 2 + title: place.stream.moderation.updateLivestream 3 3 + description: Reference for the place.stream.moderation.updateLivestream lexicon 4 4 + --- 5 5 + 6 6 + **Lexicon Version:** 1 7 7 + 8 8 + ## Definitions 9 9 + 10 10 + <a name="main"></a> 11 11 + 12 12 + ### `main` 13 13 + 14 14 + **Type:** `procedure` 15 15 + 16 16 + Update livestream metadata on behalf of a streamer. Requires 'livestream.manage' 17 17 + permission. Updates a place.stream.livestream record in the streamer's 18 18 + repository. 19 19 + 20 20 + **Parameters:** _(None defined)_ 21 21 + 22 22 + **Input:** 23 23 + 24 24 + - **Encoding:** `application/json` 25 25 + - **Schema:** 26 26 + 27 27 + **Schema Type:** `object` 28 28 + 29 29 + | Name | Type | Req'd | Description | Constraints | 30 30 + | --------------- | -------- | ----- | ---------------------------------------------- | --------------------------------------- | 31 31 + | `streamer` | `string` | ✅ | The DID of the streamer. | Format: `did` | 32 32 + | `livestreamUri` | `string` | ✅ | The AT-URI of the livestream record to update. | Format: `at-uri` | 33 33 + | `title` | `string` | ❌ | New title for the livestream. | Max Length: 1400<br/>Max Graphemes: 140 | 34 34 + 35 35 + **Output:** 36 36 + 37 37 + - **Encoding:** `application/json` 38 38 + - **Schema:** 39 39 + 40 40 + **Schema Type:** `object` 41 41 + 42 42 + | Name | Type | Req'd | Description | Constraints | 43 43 + | ----- | -------- | ----- | -------------------------------------------- | ---------------- | 44 44 + | `uri` | `string` | ✅ | The AT-URI of the updated livestream record. | Format: `at-uri` | 45 45 + | `cid` | `string` | ✅ | The CID of the updated livestream record. | Format: `cid` | 46 46 + 47 47 + **Possible Errors:** 48 48 + 49 49 + - `Unauthorized`: The request lacks valid authentication credentials. 50 50 + - `Forbidden`: The caller does not have permission to update livestream metadata 51 51 + for this streamer. 52 52 + - `SessionNotFound`: The streamer's OAuth session could not be found or is 53 53 + invalid. 54 54 + - `RecordNotFound`: The specified livestream record does not exist. 55 55 + 56 56 + --- 57 57 + 58 58 + ## Lexicon Source 59 59 + 60 60 + ```json 61 61 + { 62 62 + "lexicon": 1, 63 63 + "id": "place.stream.moderation.updateLivestream", 64 64 + "defs": { 65 65 + "main": { 66 66 + "type": "procedure", 67 67 + "description": "Update livestream metadata on behalf of a streamer. Requires 'livestream.manage' permission. Updates a place.stream.livestream record in the streamer's repository.", 68 68 + "input": { 69 69 + "encoding": "application/json", 70 70 + "schema": { 71 71 + "type": "object", 72 72 + "required": ["streamer", "livestreamUri"], 73 73 + "properties": { 74 74 + "streamer": { 75 75 + "type": "string", 76 76 + "format": "did", 77 77 + "description": "The DID of the streamer." 78 78 + }, 79 79 + "livestreamUri": { 80 80 + "type": "string", 81 81 + "format": "at-uri", 82 82 + "description": "The AT-URI of the livestream record to update." 83 83 + }, 84 84 + "title": { 85 85 + "type": "string", 86 86 + "maxLength": 1400, 87 87 + "maxGraphemes": 140, 88 88 + "description": "New title for the livestream." 89 89 + } 90 90 + } 91 91 + } 92 92 + }, 93 93 + "output": { 94 94 + "encoding": "application/json", 95 95 + "schema": { 96 96 + "type": "object", 97 97 + "required": ["uri", "cid"], 98 98 + "properties": { 99 99 + "uri": { 100 100 + "type": "string", 101 101 + "format": "at-uri", 102 102 + "description": "The AT-URI of the updated livestream record." 103 103 + }, 104 104 + "cid": { 105 105 + "type": "string", 106 106 + "format": "cid", 107 107 + "description": "The CID of the updated livestream record." 108 108 + } 109 109 + } 110 110 + } 111 111 + }, 112 112 + "errors": [ 113 113 + { 114 114 + "name": "Unauthorized", 115 115 + "description": "The request lacks valid authentication credentials." 116 116 + }, 117 117 + { 118 118 + "name": "Forbidden", 119 119 + "description": "The caller does not have permission to update livestream metadata for this streamer." 120 120 + }, 121 121 + { 122 122 + "name": "SessionNotFound", 123 123 + "description": "The streamer's OAuth session could not be found or is invalid." 124 124 + }, 125 125 + { 126 126 + "name": "RecordNotFound", 127 127 + "description": "The specified livestream record does not exist." 128 128 + } 129 129 + ] 130 130 + } 131 131 + } 132 132 + } 133 133 + ```

+414

js/docs/src/content/docs/lex-reference/openapi.json

reviewed

··· 517 517 } 518 518 } 519 519 }, 520 520 + "/xrpc/place.stream.moderation.createBlock": { 521 521 + "post": { 522 522 + "summary": "Create a block (ban) on behalf of a streamer. Requires 'ban' permission. Creates an app.bsky.graph.block record in the streamer's repository.", 523 523 + "operationId": "place.stream.moderation.createBlock", 524 524 + "tags": ["place.stream.moderation"], 525 525 + "responses": { 526 526 + "200": { 527 527 + "description": "Success", 528 528 + "content": { 529 529 + "application/json": { 530 530 + "schema": { 531 531 + "type": "object", 532 532 + "properties": { 533 533 + "uri": { 534 534 + "type": "string", 535 535 + "description": "The AT-URI of the created block record.", 536 536 + "format": "uri" 537 537 + }, 538 538 + "cid": { 539 539 + "type": "string", 540 540 + "description": "The CID of the created block record.", 541 541 + "format": "cid" 542 542 + } 543 543 + }, 544 544 + "required": ["uri", "cid"] 545 545 + } 546 546 + } 547 547 + } 548 548 + }, 549 549 + "400": { 550 550 + "description": "Bad Request", 551 551 + "content": { 552 552 + "application/json": { 553 553 + "schema": { 554 554 + "type": "object", 555 555 + "required": ["error", "message"], 556 556 + "properties": { 557 557 + "error": { 558 558 + "type": "string", 559 559 + "oneOf": [ 560 560 + { 561 561 + "const": "Unauthorized" 562 562 + }, 563 563 + { 564 564 + "const": "Forbidden" 565 565 + }, 566 566 + { 567 567 + "const": "SessionNotFound" 568 568 + } 569 569 + ] 570 570 + }, 571 571 + "message": { 572 572 + "type": "string" 573 573 + } 574 574 + } 575 575 + } 576 576 + } 577 577 + } 578 578 + } 579 579 + }, 580 580 + "requestBody": { 581 581 + "required": true, 582 582 + "content": { 583 583 + "application/json": { 584 584 + "schema": { 585 585 + "type": "object", 586 586 + "properties": { 587 587 + "streamer": { 588 588 + "type": "string", 589 589 + "description": "The DID of the streamer whose chat this block applies to.", 590 590 + "format": "did" 591 591 + }, 592 592 + "subject": { 593 593 + "type": "string", 594 594 + "description": "The DID of the user being blocked from chat.", 595 595 + "format": "did" 596 596 + }, 597 597 + "reason": { 598 598 + "type": "string", 599 599 + "description": "Optional reason for the block.", 600 600 + "maxLength": 300 601 601 + } 602 602 + }, 603 603 + "required": ["streamer", "subject"] 604 604 + } 605 605 + } 606 606 + } 607 607 + } 608 608 + } 609 609 + }, 610 610 + "/xrpc/place.stream.moderation.createGate": { 611 611 + "post": { 612 612 + "summary": "Create a gate (hide message) on behalf of a streamer. Requires 'hide' permission. Creates a place.stream.chat.gate record in the streamer's repository.", 613 613 + "operationId": "place.stream.moderation.createGate", 614 614 + "tags": ["place.stream.moderation"], 615 615 + "responses": { 616 616 + "200": { 617 617 + "description": "Success", 618 618 + "content": { 619 619 + "application/json": { 620 620 + "schema": { 621 621 + "type": "object", 622 622 + "properties": { 623 623 + "uri": { 624 624 + "type": "string", 625 625 + "description": "The AT-URI of the created gate record.", 626 626 + "format": "uri" 627 627 + }, 628 628 + "cid": { 629 629 + "type": "string", 630 630 + "description": "The CID of the created gate record.", 631 631 + "format": "cid" 632 632 + } 633 633 + }, 634 634 + "required": ["uri", "cid"] 635 635 + } 636 636 + } 637 637 + } 638 638 + }, 639 639 + "400": { 640 640 + "description": "Bad Request", 641 641 + "content": { 642 642 + "application/json": { 643 643 + "schema": { 644 644 + "type": "object", 645 645 + "required": ["error", "message"], 646 646 + "properties": { 647 647 + "error": { 648 648 + "type": "string", 649 649 + "oneOf": [ 650 650 + { 651 651 + "const": "Unauthorized" 652 652 + }, 653 653 + { 654 654 + "const": "Forbidden" 655 655 + }, 656 656 + { 657 657 + "const": "SessionNotFound" 658 658 + } 659 659 + ] 660 660 + }, 661 661 + "message": { 662 662 + "type": "string" 663 663 + } 664 664 + } 665 665 + } 666 666 + } 667 667 + } 668 668 + } 669 669 + }, 670 670 + "requestBody": { 671 671 + "required": true, 672 672 + "content": { 673 673 + "application/json": { 674 674 + "schema": { 675 675 + "type": "object", 676 676 + "properties": { 677 677 + "streamer": { 678 678 + "type": "string", 679 679 + "description": "The DID of the streamer.", 680 680 + "format": "did" 681 681 + }, 682 682 + "messageUri": { 683 683 + "type": "string", 684 684 + "description": "The AT-URI of the chat message to hide.", 685 685 + "format": "uri" 686 686 + } 687 687 + }, 688 688 + "required": ["streamer", "messageUri"] 689 689 + } 690 690 + } 691 691 + } 692 692 + } 693 693 + } 694 694 + }, 695 695 + "/xrpc/place.stream.moderation.deleteBlock": { 696 696 + "post": { 697 697 + "summary": "Delete a block (unban) on behalf of a streamer. Requires 'ban' permission. Deletes an app.bsky.graph.block record from the streamer's repository.", 698 698 + "operationId": "place.stream.moderation.deleteBlock", 699 699 + "tags": ["place.stream.moderation"], 700 700 + "responses": { 701 701 + "200": { 702 702 + "description": "Success", 703 703 + "content": { 704 704 + "application/json": { 705 705 + "schema": { 706 706 + "type": "object", 707 707 + "properties": {} 708 708 + } 709 709 + } 710 710 + } 711 711 + }, 712 712 + "400": { 713 713 + "description": "Bad Request", 714 714 + "content": { 715 715 + "application/json": { 716 716 + "schema": { 717 717 + "type": "object", 718 718 + "required": ["error", "message"], 719 719 + "properties": { 720 720 + "error": { 721 721 + "type": "string", 722 722 + "oneOf": [ 723 723 + { 724 724 + "const": "Unauthorized" 725 725 + }, 726 726 + { 727 727 + "const": "Forbidden" 728 728 + }, 729 729 + { 730 730 + "const": "SessionNotFound" 731 731 + } 732 732 + ] 733 733 + }, 734 734 + "message": { 735 735 + "type": "string" 736 736 + } 737 737 + } 738 738 + } 739 739 + } 740 740 + } 741 741 + } 742 742 + }, 743 743 + "requestBody": { 744 744 + "required": true, 745 745 + "content": { 746 746 + "application/json": { 747 747 + "schema": { 748 748 + "type": "object", 749 749 + "properties": { 750 750 + "streamer": { 751 751 + "type": "string", 752 752 + "description": "The DID of the streamer.", 753 753 + "format": "did" 754 754 + }, 755 755 + "blockUri": { 756 756 + "type": "string", 757 757 + "description": "The AT-URI of the block record to delete.", 758 758 + "format": "uri" 759 759 + } 760 760 + }, 761 761 + "required": ["streamer", "blockUri"] 762 762 + } 763 763 + } 764 764 + } 765 765 + } 766 766 + } 767 767 + }, 768 768 + "/xrpc/place.stream.moderation.deleteGate": { 769 769 + "post": { 770 770 + "summary": "Delete a gate (unhide message) on behalf of a streamer. Requires 'hide' permission. Deletes a place.stream.chat.gate record from the streamer's repository.", 771 771 + "operationId": "place.stream.moderation.deleteGate", 772 772 + "tags": ["place.stream.moderation"], 773 773 + "responses": { 774 774 + "200": { 775 775 + "description": "Success", 776 776 + "content": { 777 777 + "application/json": { 778 778 + "schema": { 779 779 + "type": "object", 780 780 + "properties": {} 781 781 + } 782 782 + } 783 783 + } 784 784 + }, 785 785 + "400": { 786 786 + "description": "Bad Request", 787 787 + "content": { 788 788 + "application/json": { 789 789 + "schema": { 790 790 + "type": "object", 791 791 + "required": ["error", "message"], 792 792 + "properties": { 793 793 + "error": { 794 794 + "type": "string", 795 795 + "oneOf": [ 796 796 + { 797 797 + "const": "Unauthorized" 798 798 + }, 799 799 + { 800 800 + "const": "Forbidden" 801 801 + }, 802 802 + { 803 803 + "const": "SessionNotFound" 804 804 + } 805 805 + ] 806 806 + }, 807 807 + "message": { 808 808 + "type": "string" 809 809 + } 810 810 + } 811 811 + } 812 812 + } 813 813 + } 814 814 + } 815 815 + }, 816 816 + "requestBody": { 817 817 + "required": true, 818 818 + "content": { 819 819 + "application/json": { 820 820 + "schema": { 821 821 + "type": "object", 822 822 + "properties": { 823 823 + "streamer": { 824 824 + "type": "string", 825 825 + "description": "The DID of the streamer.", 826 826 + "format": "did" 827 827 + }, 828 828 + "gateUri": { 829 829 + "type": "string", 830 830 + "description": "The AT-URI of the gate record to delete.", 831 831 + "format": "uri" 832 832 + } 833 833 + }, 834 834 + "required": ["streamer", "gateUri"] 835 835 + } 836 836 + } 837 837 + } 838 838 + } 839 839 + } 840 840 + }, 841 841 + "/xrpc/place.stream.moderation.updateLivestream": { 842 842 + "post": { 843 843 + "summary": "Update livestream metadata on behalf of a streamer. Requires 'livestream.manage' permission. Updates a place.stream.livestream record in the streamer's repository.", 844 844 + "operationId": "place.stream.moderation.updateLivestream", 845 845 + "tags": ["place.stream.moderation"], 846 846 + "responses": { 847 847 + "200": { 848 848 + "description": "Success", 849 849 + "content": { 850 850 + "application/json": { 851 851 + "schema": { 852 852 + "type": "object", 853 853 + "properties": { 854 854 + "uri": { 855 855 + "type": "string", 856 856 + "description": "The AT-URI of the updated livestream record.", 857 857 + "format": "uri" 858 858 + }, 859 859 + "cid": { 860 860 + "type": "string", 861 861 + "description": "The CID of the updated livestream record.", 862 862 + "format": "cid" 863 863 + } 864 864 + }, 865 865 + "required": ["uri", "cid"] 866 866 + } 867 867 + } 868 868 + } 869 869 + }, 870 870 + "400": { 871 871 + "description": "Bad Request", 872 872 + "content": { 873 873 + "application/json": { 874 874 + "schema": { 875 875 + "type": "object", 876 876 + "required": ["error", "message"], 877 877 + "properties": { 878 878 + "error": { 879 879 + "type": "string", 880 880 + "oneOf": [ 881 881 + { 882 882 + "const": "Unauthorized" 883 883 + }, 884 884 + { 885 885 + "const": "Forbidden" 886 886 + }, 887 887 + { 888 888 + "const": "SessionNotFound" 889 889 + }, 890 890 + { 891 891 + "const": "RecordNotFound" 892 892 + } 893 893 + ] 894 894 + }, 895 895 + "message": { 896 896 + "type": "string" 897 897 + } 898 898 + } 899 899 + } 900 900 + } 901 901 + } 902 902 + } 903 903 + }, 904 904 + "requestBody": { 905 905 + "required": true, 906 906 + "content": { 907 907 + "application/json": { 908 908 + "schema": { 909 909 + "type": "object", 910 910 + "properties": { 911 911 + "streamer": { 912 912 + "type": "string", 913 913 + "description": "The DID of the streamer.", 914 914 + "format": "did" 915 915 + }, 916 916 + "livestreamUri": { 917 917 + "type": "string", 918 918 + "description": "The AT-URI of the livestream record to update.", 919 919 + "format": "uri" 920 920 + }, 921 921 + "title": { 922 922 + "type": "string", 923 923 + "description": "New title for the livestream.", 924 924 + "maxLength": 1400 925 925 + } 926 926 + }, 927 927 + "required": ["streamer", "livestreamUri"] 928 928 + } 929 929 + } 930 930 + } 931 931 + } 932 932 + } 933 933 + }, 520 934 "/xrpc/place.stream.live.getLiveUsers": { 521 935 "get": { 522 936 "summary": "Get a list of livestream segments for a user",

+67

lexicons/place/stream/moderation/createBlock.json

reviewed

··· 1 1 + { 2 2 + "lexicon": 1, 3 3 + "id": "place.stream.moderation.createBlock", 4 4 + "defs": { 5 5 + "main": { 6 6 + "type": "procedure", 7 7 + "description": "Create a block (ban) on behalf of a streamer. Requires 'ban' permission. Creates an app.bsky.graph.block record in the streamer's repository.", 8 8 + "input": { 9 9 + "encoding": "application/json", 10 10 + "schema": { 11 11 + "type": "object", 12 12 + "required": ["streamer", "subject"], 13 13 + "properties": { 14 14 + "streamer": { 15 15 + "type": "string", 16 16 + "format": "did", 17 17 + "description": "The DID of the streamer whose chat this block applies to." 18 18 + }, 19 19 + "subject": { 20 20 + "type": "string", 21 21 + "format": "did", 22 22 + "description": "The DID of the user being blocked from chat." 23 23 + }, 24 24 + "reason": { 25 25 + "type": "string", 26 26 + "maxLength": 300, 27 27 + "description": "Optional reason for the block." 28 28 + } 29 29 + } 30 30 + } 31 31 + }, 32 32 + "output": { 33 33 + "encoding": "application/json", 34 34 + "schema": { 35 35 + "type": "object", 36 36 + "required": ["uri", "cid"], 37 37 + "properties": { 38 38 + "uri": { 39 39 + "type": "string", 40 40 + "format": "at-uri", 41 41 + "description": "The AT-URI of the created block record." 42 42 + }, 43 43 + "cid": { 44 44 + "type": "string", 45 45 + "format": "cid", 46 46 + "description": "The CID of the created block record." 47 47 + } 48 48 + } 49 49 + } 50 50 + }, 51 51 + "errors": [ 52 52 + { 53 53 + "name": "Unauthorized", 54 54 + "description": "The request lacks valid authentication credentials." 55 55 + }, 56 56 + { 57 57 + "name": "Forbidden", 58 58 + "description": "The caller does not have permission to create blocks for this streamer." 59 59 + }, 60 60 + { 61 61 + "name": "SessionNotFound", 62 62 + "description": "The streamer's OAuth session could not be found or is invalid." 63 63 + } 64 64 + ] 65 65 + } 66 66 + } 67 67 + }

+62

lexicons/place/stream/moderation/createGate.json

reviewed

··· 1 1 + { 2 2 + "lexicon": 1, 3 3 + "id": "place.stream.moderation.createGate", 4 4 + "defs": { 5 5 + "main": { 6 6 + "type": "procedure", 7 7 + "description": "Create a gate (hide message) on behalf of a streamer. Requires 'hide' permission. Creates a place.stream.chat.gate record in the streamer's repository.", 8 8 + "input": { 9 9 + "encoding": "application/json", 10 10 + "schema": { 11 11 + "type": "object", 12 12 + "required": ["streamer", "messageUri"], 13 13 + "properties": { 14 14 + "streamer": { 15 15 + "type": "string", 16 16 + "format": "did", 17 17 + "description": "The DID of the streamer." 18 18 + }, 19 19 + "messageUri": { 20 20 + "type": "string", 21 21 + "format": "at-uri", 22 22 + "description": "The AT-URI of the chat message to hide." 23 23 + } 24 24 + } 25 25 + } 26 26 + }, 27 27 + "output": { 28 28 + "encoding": "application/json", 29 29 + "schema": { 30 30 + "type": "object", 31 31 + "required": ["uri", "cid"], 32 32 + "properties": { 33 33 + "uri": { 34 34 + "type": "string", 35 35 + "format": "at-uri", 36 36 + "description": "The AT-URI of the created gate record." 37 37 + }, 38 38 + "cid": { 39 39 + "type": "string", 40 40 + "format": "cid", 41 41 + "description": "The CID of the created gate record." 42 42 + } 43 43 + } 44 44 + } 45 45 + }, 46 46 + "errors": [ 47 47 + { 48 48 + "name": "Unauthorized", 49 49 + "description": "The request lacks valid authentication credentials." 50 50 + }, 51 51 + { 52 52 + "name": "Forbidden", 53 53 + "description": "The caller does not have permission to hide messages for this streamer." 54 54 + }, 55 55 + { 56 56 + "name": "SessionNotFound", 57 57 + "description": "The streamer's OAuth session could not be found or is invalid." 58 58 + } 59 59 + ] 60 60 + } 61 61 + } 62 62 + }

+31

lexicons/place/stream/moderation/defs.json

reviewed

··· 1 1 + { 2 2 + "lexicon": 1, 3 3 + "id": "place.stream.moderation.defs", 4 4 + "defs": { 5 5 + "permissionView": { 6 6 + "type": "object", 7 7 + "required": ["uri", "cid", "author", "record"], 8 8 + "properties": { 9 9 + "uri": { 10 10 + "type": "string", 11 11 + "format": "at-uri", 12 12 + "description": "AT-URI of the permission record" 13 13 + }, 14 14 + "cid": { 15 15 + "type": "string", 16 16 + "format": "cid", 17 17 + "description": "Content identifier of the permission record" 18 18 + }, 19 19 + "author": { 20 20 + "type": "ref", 21 21 + "ref": "app.bsky.actor.defs#profileViewBasic", 22 22 + "description": "The streamer who granted these permissions" 23 23 + }, 24 24 + "record": { 25 25 + "type": "unknown", 26 26 + "description": "The permission record itself" 27 27 + } 28 28 + } 29 29 + } 30 30 + } 31 31 + }

+50

lexicons/place/stream/moderation/deleteBlock.json

reviewed

··· 1 1 + { 2 2 + "lexicon": 1, 3 3 + "id": "place.stream.moderation.deleteBlock", 4 4 + "defs": { 5 5 + "main": { 6 6 + "type": "procedure", 7 7 + "description": "Delete a block (unban) on behalf of a streamer. Requires 'ban' permission. Deletes an app.bsky.graph.block record from the streamer's repository.", 8 8 + "input": { 9 9 + "encoding": "application/json", 10 10 + "schema": { 11 11 + "type": "object", 12 12 + "required": ["streamer", "blockUri"], 13 13 + "properties": { 14 14 + "streamer": { 15 15 + "type": "string", 16 16 + "format": "did", 17 17 + "description": "The DID of the streamer." 18 18 + }, 19 19 + "blockUri": { 20 20 + "type": "string", 21 21 + "format": "at-uri", 22 22 + "description": "The AT-URI of the block record to delete." 23 23 + } 24 24 + } 25 25 + } 26 26 + }, 27 27 + "output": { 28 28 + "encoding": "application/json", 29 29 + "schema": { 30 30 + "type": "object", 31 31 + "properties": {} 32 32 + } 33 33 + }, 34 34 + "errors": [ 35 35 + { 36 36 + "name": "Unauthorized", 37 37 + "description": "The request lacks valid authentication credentials." 38 38 + }, 39 39 + { 40 40 + "name": "Forbidden", 41 41 + "description": "The caller does not have permission to delete blocks for this streamer." 42 42 + }, 43 43 + { 44 44 + "name": "SessionNotFound", 45 45 + "description": "The streamer's OAuth session could not be found or is invalid." 46 46 + } 47 47 + ] 48 48 + } 49 49 + } 50 50 + }

+50

lexicons/place/stream/moderation/deleteGate.json

reviewed

··· 1 1 + { 2 2 + "lexicon": 1, 3 3 + "id": "place.stream.moderation.deleteGate", 4 4 + "defs": { 5 5 + "main": { 6 6 + "type": "procedure", 7 7 + "description": "Delete a gate (unhide message) on behalf of a streamer. Requires 'hide' permission. Deletes a place.stream.chat.gate record from the streamer's repository.", 8 8 + "input": { 9 9 + "encoding": "application/json", 10 10 + "schema": { 11 11 + "type": "object", 12 12 + "required": ["streamer", "gateUri"], 13 13 + "properties": { 14 14 + "streamer": { 15 15 + "type": "string", 16 16 + "format": "did", 17 17 + "description": "The DID of the streamer." 18 18 + }, 19 19 + "gateUri": { 20 20 + "type": "string", 21 21 + "format": "at-uri", 22 22 + "description": "The AT-URI of the gate record to delete." 23 23 + } 24 24 + } 25 25 + } 26 26 + }, 27 27 + "output": { 28 28 + "encoding": "application/json", 29 29 + "schema": { 30 30 + "type": "object", 31 31 + "properties": {} 32 32 + } 33 33 + }, 34 34 + "errors": [ 35 35 + { 36 36 + "name": "Unauthorized", 37 37 + "description": "The request lacks valid authentication credentials." 38 38 + }, 39 39 + { 40 40 + "name": "Forbidden", 41 41 + "description": "The caller does not have permission to unhide messages for this streamer." 42 42 + }, 43 43 + { 44 44 + "name": "SessionNotFound", 45 45 + "description": "The streamer's OAuth session could not be found or is invalid." 46 46 + } 47 47 + ] 48 48 + } 49 49 + } 50 50 + }

+40

lexicons/place/stream/moderation/permission.json

reviewed

··· 1 1 + { 2 2 + "lexicon": 1, 3 3 + "id": "place.stream.moderation.permission", 4 4 + "defs": { 5 5 + "main": { 6 6 + "type": "record", 7 7 + "key": "tid", 8 8 + "description": "Record granting moderation permissions to a user for this streamer's content.", 9 9 + "record": { 10 10 + "type": "object", 11 11 + "required": ["moderator", "permissions", "createdAt"], 12 12 + "properties": { 13 13 + "moderator": { 14 14 + "type": "string", 15 15 + "format": "did", 16 16 + "description": "The DID of the user granted moderator permissions." 17 17 + }, 18 18 + "permissions": { 19 19 + "type": "array", 20 20 + "items": { 21 21 + "type": "string", 22 22 + "enum": ["ban", "hide", "livestream.manage"] 23 23 + }, 24 24 + "description": "Array of permissions granted to this moderator. 'ban' covers blocks/bans (with optional expiration), 'hide' covers message gates, 'livestream.manage' allows updating livestream metadata." 25 25 + }, 26 26 + "createdAt": { 27 27 + "type": "string", 28 28 + "format": "datetime", 29 29 + "description": "Client-declared timestamp when this moderator was added." 30 30 + }, 31 31 + "expirationTime": { 32 32 + "type": "string", 33 33 + "format": "datetime", 34 34 + "description": "Optional expiration time for this delegation. If set, the delegation is invalid after this time." 35 35 + } 36 36 + } 37 37 + } 38 38 + } 39 39 + } 40 40 + }

+72

lexicons/place/stream/moderation/updateLivestream.json

reviewed

··· 1 1 + { 2 2 + "lexicon": 1, 3 3 + "id": "place.stream.moderation.updateLivestream", 4 4 + "defs": { 5 5 + "main": { 6 6 + "type": "procedure", 7 7 + "description": "Update livestream metadata on behalf of a streamer. Requires 'livestream.manage' permission. Updates a place.stream.livestream record in the streamer's repository.", 8 8 + "input": { 9 9 + "encoding": "application/json", 10 10 + "schema": { 11 11 + "type": "object", 12 12 + "required": ["streamer", "livestreamUri"], 13 13 + "properties": { 14 14 + "streamer": { 15 15 + "type": "string", 16 16 + "format": "did", 17 17 + "description": "The DID of the streamer." 18 18 + }, 19 19 + "livestreamUri": { 20 20 + "type": "string", 21 21 + "format": "at-uri", 22 22 + "description": "The AT-URI of the livestream record to update." 23 23 + }, 24 24 + "title": { 25 25 + "type": "string", 26 26 + "maxLength": 1400, 27 27 + "maxGraphemes": 140, 28 28 + "description": "New title for the livestream." 29 29 + } 30 30 + } 31 31 + } 32 32 + }, 33 33 + "output": { 34 34 + "encoding": "application/json", 35 35 + "schema": { 36 36 + "type": "object", 37 37 + "required": ["uri", "cid"], 38 38 + "properties": { 39 39 + "uri": { 40 40 + "type": "string", 41 41 + "format": "at-uri", 42 42 + "description": "The AT-URI of the updated livestream record." 43 43 + }, 44 44 + "cid": { 45 45 + "type": "string", 46 46 + "format": "cid", 47 47 + "description": "The CID of the updated livestream record." 48 48 + } 49 49 + } 50 50 + } 51 51 + }, 52 52 + "errors": [ 53 53 + { 54 54 + "name": "Unauthorized", 55 55 + "description": "The request lacks valid authentication credentials." 56 56 + }, 57 57 + { 58 58 + "name": "Forbidden", 59 59 + "description": "The caller does not have permission to update livestream metadata for this streamer." 60 60 + }, 61 61 + { 62 62 + "name": "SessionNotFound", 63 63 + "description": "The streamer's OAuth session could not be found or is invalid." 64 64 + }, 65 65 + { 66 66 + "name": "RecordNotFound", 67 67 + "description": "The specified livestream record does not exist." 68 68 + } 69 69 + ] 70 70 + } 71 71 + } 72 72 + }

+25

pkg/atproto/firehose.go

reviewed

··· 305 305 atsync.Bus.Publish(msg.StreamerRepoDID, mv) 306 306 } 307 307 308 308 + if collection.String() == constants.PLACE_STREAM_MODERATION_PERMISSION { 309 309 + log.Debug(ctx, "deleting moderation delegation", "userDID", evt.Repo, "rkey", rkey.String()) 310 310 + err := atsync.Model.DeleteModerationDelegation(ctx, rkey.String()) 311 311 + if err != nil { 312 312 + log.Error(ctx, "failed to delete moderation delegation", "err", err) 313 313 + } 314 314 + // Publish deletion to WebSocket bus for real-time updates 315 315 + // Create a deleted record marker to notify frontend 316 316 + deletedRecord := map[string]any{ 317 317 + "$type": "place.stream.moderation.permission", 318 318 + "deleted": true, 319 319 + "rkey": rkey.String(), 320 320 + "streamer": evt.Repo, 321 321 + } 322 322 + go atsync.Bus.Publish(evt.Repo, deletedRecord) 323 323 + } 324 324 + 325 325 + if collection.String() == constants.PLACE_STREAM_CHAT_GATE { 326 326 + log.Debug(ctx, "deleting gate", "userDID", evt.Repo, "rkey", rkey.String()) 327 327 + err := atsync.Model.DeleteGate(ctx, rkey.String()) 328 328 + if err != nil { 329 329 + log.Error(ctx, "failed to delete gate", "err", err) 330 330 + } 331 331 + } 332 332 + 308 333 default: 309 334 log.Error(ctx, "unexpected record op kind") 310 335 }

+239

pkg/atproto/moderation_test.go

reviewed

··· 1 1 + package atproto 2 2 + 3 3 + import ( 4 4 + "context" 5 5 + "fmt" 6 6 + "strings" 7 7 + "testing" 8 8 + "time" 9 9 + 10 10 + comatproto "github.com/bluesky-social/indigo/api/atproto" 11 11 + "github.com/bluesky-social/indigo/api/bsky" 12 12 + "github.com/bluesky-social/indigo/atproto/syntax" 13 13 + lexutil "github.com/bluesky-social/indigo/lex/util" 14 14 + "github.com/bluesky-social/indigo/util" 15 15 + "github.com/stretchr/testify/require" 16 16 + "stream.place/streamplace/pkg/bus" 17 17 + "stream.place/streamplace/pkg/config" 18 18 + "stream.place/streamplace/pkg/constants" 19 19 + "stream.place/streamplace/pkg/devenv" 20 20 + "stream.place/streamplace/pkg/model" 21 21 + "stream.place/streamplace/pkg/statedb" 22 22 + "stream.place/streamplace/pkg/streamplace" 23 23 + ) 24 24 + 25 25 + func TestDelegatedModeration(t *testing.T) { 26 26 + dev := devenv.WithDevEnv(t) 27 27 + t.Logf("dev: %+v", dev) 28 28 + cli := config.CLI{ 29 29 + BroadcasterHost: "example.com", 30 30 + DBURL: ":memory:", 31 31 + RelayHost: strings.ReplaceAll(dev.PDSURL, "http://", "ws://"), 32 32 + PLCURL: dev.PLCURL, 33 33 + } 34 34 + t.Logf("cli: %+v", cli) 35 35 + b := bus.NewBus() 36 36 + cli.DataDir = t.TempDir() 37 37 + mod, err := model.MakeDB(":memory:") 38 38 + require.NoError(t, err) 39 39 + state, err := statedb.MakeDB(context.Background(), &cli, nil, mod) 40 40 + require.NoError(t, err) 41 41 + atsync := &ATProtoSynchronizer{ 42 42 + CLI: &cli, 43 43 + StatefulDB: state, 44 44 + Model: mod, 45 45 + Bus: b, 46 46 + } 47 47 + 48 48 + ctx, cancel := context.WithCancel(context.Background()) 49 49 + 50 50 + done := make(chan struct{}) 51 51 + 52 52 + go func() { 53 53 + err := atsync.StartFirehose(ctx) 54 54 + require.NoError(t, err) 55 55 + close(done) 56 56 + }() 57 57 + 58 58 + streamer := dev.CreateAccount(t) 59 59 + moderator := dev.CreateAccount(t) 60 60 + user := dev.CreateAccount(t) 61 61 + 62 62 + // Test 1: Create delegation record with expiration time 63 63 + t.Log("Test 1: Creating delegation record with expiration time") 64 64 + expirationTime := time.Now().Add(24 * time.Hour).Format(time.RFC3339) 65 65 + delegationRecord := &streamplace.ModerationPermission{ 66 66 + LexiconTypeID: "place.stream.moderation.permission", 67 67 + Moderator: moderator.DID, 68 68 + Permissions: []string{"ban", "hide", "livestream.manage"}, 69 69 + CreatedAt: time.Now().Format(util.ISO8601), 70 70 + ExpirationTime: &expirationTime, 71 71 + } 72 72 + 73 73 + _, err = comatproto.RepoCreateRecord(ctx, streamer.XRPC, &comatproto.RepoCreateRecord_Input{ 74 74 + Collection: constants.PLACE_STREAM_MODERATION_PERMISSION, 75 75 + Repo: streamer.DID, 76 76 + Record: &lexutil.LexiconTypeDecoder{Val: delegationRecord}, 77 77 + }) 78 78 + require.NoError(t, err) 79 79 + 80 80 + // Wait for firehose ingestion 81 81 + err = untilNoErrors(t, func() error { 82 82 + delegation, err := mod.GetModerationDelegation(ctx, streamer.DID, moderator.DID) 83 83 + if err != nil { 84 84 + return err 85 85 + } 86 86 + if delegation == nil { 87 87 + return fmt.Errorf("delegation not found") 88 88 + } 89 89 + return nil 90 90 + }) 91 91 + require.NoError(t, err) 92 92 + t.Log("✓ Delegation record ingested successfully") 93 93 + 94 94 + // Verify delegation details including expiration time 95 95 + view, err := mod.GetModerationDelegation(ctx, streamer.DID, moderator.DID) 96 96 + require.NoError(t, err) 97 97 + require.NotNil(t, view) 98 98 + require.Equal(t, streamer.DID, view.Author.Did) 99 99 + 100 100 + delegation := view.Record.Val.(*streamplace.ModerationPermission) 101 101 + require.NotNil(t, delegation) 102 102 + require.Equal(t, moderator.DID, delegation.Moderator) 103 103 + require.NotNil(t, delegation.ExpirationTime, "expiration time should be set") 104 104 + 105 105 + exp, err := time.Parse(time.RFC3339, *delegation.ExpirationTime) 106 106 + require.NoError(t, err) 107 107 + require.True(t, exp.After(time.Now()), "expiration time should be in the future") 108 108 + t.Log("✓ Delegation details verified (including expiration time)") 109 109 + 110 110 + // Test 2: Create block (ban user) 111 111 + t.Log("Test 2: Creating block record") 112 112 + block := &bsky.GraphBlock{ 113 113 + Subject: user.DID, 114 114 + CreatedAt: time.Now().UTC().Format(time.RFC3339), 115 115 + } 116 116 + 117 117 + blockRec, err := comatproto.RepoCreateRecord(ctx, streamer.XRPC, &comatproto.RepoCreateRecord_Input{ 118 118 + Collection: constants.APP_BSKY_GRAPH_BLOCK, 119 119 + Repo: streamer.DID, 120 120 + Record: &lexutil.LexiconTypeDecoder{Val: block}, 121 121 + }) 122 122 + require.NoError(t, err) 123 123 + t.Logf("✓ Block record created: %s", blockRec.Uri) 124 124 + 125 125 + // Wait for firehose to process block 126 126 + blockRkey := strings.TrimPrefix(blockRec.Uri, fmt.Sprintf("at://%s/%s/", streamer.DID, constants.APP_BSKY_GRAPH_BLOCK)) 127 127 + err = untilNoErrors(t, func() error { 128 128 + block, err := mod.GetBlock(ctx, blockRkey) 129 129 + if err != nil { 130 130 + return err 131 131 + } 132 132 + if block == nil { 133 133 + return fmt.Errorf("block not found") 134 134 + } 135 135 + return nil 136 136 + }) 137 137 + require.NoError(t, err) 138 138 + t.Log("✓ Block record ingested successfully") 139 139 + 140 140 + // Test 3: Create chat message and gate 141 141 + t.Log("Test 3: Creating chat message and gate") 142 142 + msg := &streamplace.ChatMessage{ 143 143 + LexiconTypeID: "place.stream.chat.message", 144 144 + Text: "Test message to be hidden", 145 145 + CreatedAt: time.Now().Format(util.ISO8601), 146 146 + Streamer: streamer.DID, 147 147 + } 148 148 + 149 149 + msgRec, err := comatproto.RepoCreateRecord(ctx, user.XRPC, &comatproto.RepoCreateRecord_Input{ 150 150 + Collection: constants.PLACE_STREAM_CHAT_MESSAGE, 151 151 + Repo: user.DID, 152 152 + Record: &lexutil.LexiconTypeDecoder{Val: msg}, 153 153 + }) 154 154 + require.NoError(t, err) 155 155 + t.Logf("✓ Chat message created: %s", msgRec.Uri) 156 156 + 157 157 + // Create gate to hide the message 158 158 + gate := &streamplace.ChatGate{ 159 159 + LexiconTypeID: "place.stream.chat.gate", 160 160 + HiddenMessage: msgRec.Uri, 161 161 + } 162 162 + 163 163 + gateRec, err := comatproto.RepoCreateRecord(ctx, streamer.XRPC, &comatproto.RepoCreateRecord_Input{ 164 164 + Collection: constants.PLACE_STREAM_CHAT_GATE, 165 165 + Repo: streamer.DID, 166 166 + Record: &lexutil.LexiconTypeDecoder{Val: gate}, 167 167 + }) 168 168 + require.NoError(t, err) 169 169 + t.Logf("✓ Gate record created: %s", gateRec.Uri) 170 170 + 171 171 + // Wait for firehose to process gate 172 172 + gateRkey := strings.TrimPrefix(gateRec.Uri, fmt.Sprintf("at://%s/%s/", streamer.DID, constants.PLACE_STREAM_CHAT_GATE)) 173 173 + err = untilNoErrors(t, func() error { 174 174 + gate, err := mod.GetGate(ctx, gateRkey) 175 175 + if err != nil { 176 176 + return err 177 177 + } 178 178 + if gate == nil { 179 179 + return fmt.Errorf("gate not found") 180 180 + } 181 181 + return nil 182 182 + }) 183 183 + require.NoError(t, err) 184 184 + t.Log("✓ Gate record ingested successfully") 185 185 + 186 186 + // Test 4: Delete gate (unhide message) 187 187 + t.Log("Test 4: Deleting gate record") 188 188 + 189 189 + _, err = comatproto.RepoDeleteRecord(ctx, streamer.XRPC, &comatproto.RepoDeleteRecord_Input{ 190 190 + Collection: constants.PLACE_STREAM_CHAT_GATE, 191 191 + Repo: streamer.DID, 192 192 + Rkey: gateRkey, 193 193 + }) 194 194 + require.NoError(t, err) 195 195 + 196 196 + // Wait for firehose to process deletion 197 197 + err = untilNoErrors(t, func() error { 198 198 + gate, err := mod.GetGate(ctx, gateRkey) 199 199 + if err != nil { 200 200 + return err 201 201 + } 202 202 + if gate != nil { 203 203 + return fmt.Errorf("gate still exists") 204 204 + } 205 205 + return nil 206 206 + }) 207 207 + require.NoError(t, err) 208 208 + t.Log("✓ Gate record deleted successfully") 209 209 + 210 210 + // Test 5: Delete delegation (revoke permissions) 211 211 + t.Log("Test 5: Deleting delegation record") 212 212 + uri, err := syntax.ParseATURI(view.Uri) 213 213 + require.NoError(t, err) 214 214 + 215 215 + _, err = comatproto.RepoDeleteRecord(ctx, streamer.XRPC, &comatproto.RepoDeleteRecord_Input{ 216 216 + Collection: constants.PLACE_STREAM_MODERATION_PERMISSION, 217 217 + Repo: streamer.DID, 218 218 + Rkey: uri.RecordKey().String(), 219 219 + }) 220 220 + require.NoError(t, err) 221 221 + 222 222 + // Wait for firehose to process deletion 223 223 + err = untilNoErrors(t, func() error { 224 224 + delegation, err := mod.GetModerationDelegation(ctx, streamer.DID, moderator.DID) 225 225 + if err != nil { 226 226 + return err 227 227 + } 228 228 + if delegation != nil { 229 229 + return fmt.Errorf("delegation still exists") 230 230 + } 231 231 + return nil 232 232 + }) 233 233 + require.NoError(t, err) 234 234 + t.Log("✓ Delegation record deleted successfully") 235 235 + 236 236 + t.Log("All moderation tests passed!") 237 237 + cancel() 238 238 + <-done 239 239 + }

+25

pkg/atproto/sync.go

reviewed

··· 424 424 log.Error(ctx, "failed to create metadata configuration", "err", err) 425 425 } 426 426 427 427 + case *streamplace.ModerationPermission: 428 428 + repo, err := atsync.SyncBlueskyRepoCached(ctx, userDID, atsync.Model) 429 429 + if err != nil { 430 430 + return fmt.Errorf("failed to sync bluesky repo: %w", err) 431 431 + } 432 432 + log.Debug(ctx, "creating moderation delegation", "streamerDID", userDID, "moderatorDID", rec.Moderator) 433 433 + 434 434 + err = atsync.Model.CreateModerationDelegation(ctx, rec, aturi) 435 435 + if err != nil { 436 436 + return fmt.Errorf("failed to create moderation delegation: %w", err) 437 437 + } 438 438 + 439 439 + view := &streamplace.ModerationDefs_PermissionView{ 440 440 + Uri: aturi.String(), 441 441 + Cid: cid, 442 442 + Author: &bsky.ActorDefs_ProfileViewBasic{ 443 443 + Did: userDID, 444 444 + Handle: repo.Handle, 445 445 + }, 446 446 + Record: &lexutil.LexiconTypeDecoder{Val: rec}, 447 447 + } 448 448 + // Publish moderation permission view to WebSocket bus for real-time updates 449 449 + // This allows moderators to see their permissions instantly without page refresh 450 450 + go atsync.Bus.Publish(userDID, view) 451 451 + 427 452 case *streamplace.LiveRecommendations: 428 453 log.Debug(ctx, "creating recommendations", "userDID", userDID, "count", len(rec.Streamers)) 429 454

+13 -12

pkg/constants/constants.go

reviewed

··· 1 1 package constants 2 2 3 3 - var PLACE_STREAM_KEY = "place.stream.key" //nolint:all 4 4 - var PLACE_STREAM_LIVESTREAM = "place.stream.livestream" //nolint:all 5 5 - var PLACE_STREAM_CHAT_MESSAGE = "place.stream.chat.message" //nolint:all 6 6 - var PLACE_STREAM_CHAT_PROFILE = "place.stream.chat.profile" //nolint:all 7 7 - var PLACE_STREAM_SERVER_SETTINGS = "place.stream.server.settings" //nolint:all 8 8 - var STREAMPLACE_SIGNING_KEY = "signingKey" //nolint:all 9 9 - var APP_BSKY_GRAPH_FOLLOW = "app.bsky.graph.follow" //nolint:all 10 10 - var APP_BSKY_FEED_POST = "app.bsky.feed.post" //nolint:all 11 11 - var APP_BSKY_GRAPH_BLOCK = "app.bsky.graph.block" //nolint:all 12 12 - var PLACE_STREAM_CHAT_GATE = "place.stream.chat.gate" //nolint:all 13 13 - var PLACE_STREAM_DEFAULT_METADATA = "place.stream.metadata.configuration" //nolint:all 14 14 - var PLACE_STREAM_LIVE_RECOMMENDATIONS = "place.stream.live.recommendations" //nolint:all 3 3 + var PLACE_STREAM_KEY = "place.stream.key" //nolint:all 4 4 + var PLACE_STREAM_LIVESTREAM = "place.stream.livestream" //nolint:all 5 5 + var PLACE_STREAM_CHAT_MESSAGE = "place.stream.chat.message" //nolint:all 6 6 + var PLACE_STREAM_CHAT_PROFILE = "place.stream.chat.profile" //nolint:all 7 7 + var PLACE_STREAM_SERVER_SETTINGS = "place.stream.server.settings" //nolint:all 8 8 + var PLACE_STREAM_MODERATION_PERMISSION = "place.stream.moderation.permission" //nolint:all 9 9 + var STREAMPLACE_SIGNING_KEY = "signingKey" //nolint:all 10 10 + var APP_BSKY_GRAPH_FOLLOW = "app.bsky.graph.follow" //nolint:all 11 11 + var APP_BSKY_FEED_POST = "app.bsky.feed.post" //nolint:all 12 12 + var APP_BSKY_GRAPH_BLOCK = "app.bsky.graph.block" //nolint:all 13 13 + var PLACE_STREAM_CHAT_GATE = "place.stream.chat.gate" //nolint:all 14 14 + var PLACE_STREAM_DEFAULT_METADATA = "place.stream.metadata.configuration" //nolint:all 15 15 + var PLACE_STREAM_LIVE_RECOMMENDATIONS = "place.stream.live.recommendations" //nolint:all 15 16 16 17 const DID_KEY_PREFIX = "did:key" //nolint:all 17 18 const ADDRESS_KEY_PREFIX = "0x" //nolint:all

+1

pkg/gen/gen.go

reviewed

··· 32 32 streamplace.MetadataDistributionPolicy{}, 33 33 streamplace.MetadataContentRights{}, 34 34 streamplace.MetadataContentWarnings{}, 35 35 + streamplace.ModerationPermission{}, 35 36 streamplace.LiveRecommendations{}, 36 37 ); err != nil { 37 38 panic(err)

+8

pkg/model/model.go

reviewed

··· 110 110 GetMetadataConfiguration(ctx context.Context, repoDID string) (*MetadataConfiguration, error) 111 111 DeleteMetadataConfiguration(ctx context.Context, repoDID string) error 112 112 113 113 + CreateModerationDelegation(ctx context.Context, rec *streamplace.ModerationPermission, aturi syntax.ATURI) error 114 114 + DeleteModerationDelegation(ctx context.Context, rkey string) error 115 115 + GetModerationDelegation(ctx context.Context, streamerDID, moderatorDID string) (*streamplace.ModerationDefs_PermissionView, error) 116 116 + GetModerationDelegations(ctx context.Context, streamerDID, moderatorDID string) ([]*streamplace.ModerationDefs_PermissionView, error) 117 117 + GetModeratorDelegations(ctx context.Context, moderatorDID string) ([]*streamplace.ModerationDefs_PermissionView, error) 118 118 + GetStreamerModerators(ctx context.Context, streamerDID string) ([]*streamplace.ModerationDefs_PermissionView, error) 119 119 + 113 120 GetRecommendation(userDID string) (*Recommendation, error) 114 121 UpsertRecommendation(rec *Recommendation) error 115 122 } ··· 180 187 Label{}, 181 188 BroadcastOrigin{}, 182 189 MetadataConfiguration{}, 190 190 + ModerationDelegation{}, 183 191 Recommendation{}, 184 192 } { 185 193 err = db.AutoMigrate(model)

+165

pkg/model/moderation_delegation.go

reviewed

··· 1 1 + package model 2 2 + 3 3 + import ( 4 4 + "bytes" 5 5 + "context" 6 6 + "errors" 7 7 + "fmt" 8 8 + "time" 9 9 + 10 10 + "github.com/bluesky-social/indigo/api/bsky" 11 11 + "github.com/bluesky-social/indigo/atproto/syntax" 12 12 + lexutil "github.com/bluesky-social/indigo/lex/util" 13 13 + "gorm.io/gorm" 14 14 + "stream.place/streamplace/pkg/aqtime" 15 15 + "stream.place/streamplace/pkg/spid" 16 16 + "stream.place/streamplace/pkg/streamplace" 17 17 + ) 18 18 + 19 19 + type ModerationDelegation struct { 20 20 + RKey string `gorm:"primaryKey;column:rkey"` 21 21 + CID string `gorm:"column:cid"` 22 22 + RepoDID string `json:"repoDID" gorm:"column:repo_did;index:idx_repo_moderator,priority:1"` 23 23 + Repo *Repo `json:"repo,omitempty" gorm:"foreignKey:DID;references:RepoDID"` 24 24 + ModeratorDID string `gorm:"column:moderator_did;index:idx_repo_moderator,priority:2;index:idx_moderator"` 25 25 + Record []byte `gorm:"column:record"` // Full CBOR record 26 26 + CreatedAt time.Time `gorm:"column:created_at"` 27 27 + IndexedAt time.Time `gorm:"column:indexed_at"` 28 28 + } 29 29 + 30 30 + func (md *ModerationDelegation) ToPermissionView() (*streamplace.ModerationDefs_PermissionView, error) { 31 31 + rec, err := lexutil.CborDecodeValue(md.Record) 32 32 + if err != nil { 33 33 + return nil, fmt.Errorf("error decoding moderation permission: %w", err) 34 34 + } 35 35 + 36 36 + uri := fmt.Sprintf("at://%s/place.stream.moderation.permission/%s", md.RepoDID, md.RKey) 37 37 + 38 38 + view := &streamplace.ModerationDefs_PermissionView{ 39 39 + Author: &bsky.ActorDefs_ProfileViewBasic{ 40 40 + Did: md.RepoDID, 41 41 + }, 42 42 + Cid: md.CID, 43 43 + Record: &lexutil.LexiconTypeDecoder{Val: rec}, 44 44 + Uri: uri, 45 45 + } 46 46 + 47 47 + if md.Repo != nil { 48 48 + view.Author.Handle = md.Repo.Handle 49 49 + } 50 50 + 51 51 + return view, nil 52 52 + } 53 53 + 54 54 + func (m *DBModel) CreateModerationDelegation(ctx context.Context, rec *streamplace.ModerationPermission, aturi syntax.ATURI) error { 55 55 + repoDID, err := aturi.Authority().AsDID() 56 56 + if err != nil { 57 57 + return fmt.Errorf("invalid ATURI authority: %w", err) 58 58 + } 59 59 + cid, err := spid.GetCID(rec) 60 60 + if err != nil { 61 61 + return fmt.Errorf("failed to get CID: %w", err) 62 62 + } 63 63 + rkey := aturi.RecordKey().String() 64 64 + 65 65 + buf := bytes.Buffer{} 66 66 + err = rec.MarshalCBOR(&buf) 67 67 + if err != nil { 68 68 + return fmt.Errorf("failed to marshal moderation permission: %w", err) 69 69 + } 70 70 + 71 71 + now := aqtime.FromTime(time.Now().UTC()) 72 72 + 73 73 + delegation := &ModerationDelegation{ 74 74 + RKey: rkey, 75 75 + CID: cid.String(), 76 76 + RepoDID: repoDID.String(), 77 77 + ModeratorDID: rec.Moderator, 78 78 + Record: buf.Bytes(), 79 79 + CreatedAt: now.Time().UTC(), 80 80 + IndexedAt: now.Time().UTC(), 81 81 + } 82 82 + 83 83 + return m.DB.WithContext(ctx).Create(delegation).Error 84 84 + } 85 85 + 86 86 + func (m *DBModel) DeleteModerationDelegation(ctx context.Context, rkey string) error { 87 87 + return m.DB.WithContext(ctx).Where("rkey = ?", rkey).Delete(&ModerationDelegation{}).Error 88 88 + } 89 89 + 90 90 + func (m *DBModel) GetModerationDelegation(ctx context.Context, streamerDID, moderatorDID string) (*streamplace.ModerationDefs_PermissionView, error) { 91 91 + var delegation ModerationDelegation 92 92 + err := m.DB.WithContext(ctx).Preload("Repo"). 93 93 + Where("repo_did = ? AND moderator_did = ?", streamerDID, moderatorDID). 94 94 + Order("created_at DESC"). 95 95 + First(&delegation).Error 96 96 + if errors.Is(err, gorm.ErrRecordNotFound) { 97 97 + return nil, nil 98 98 + } 99 99 + if err != nil { 100 100 + return nil, err 101 101 + } 102 102 + return delegation.ToPermissionView() 103 103 + } 104 104 + 105 105 + // GetModerationDelegations returns ALL delegation records for a moderator from a specific streamer. 106 106 + // This allows multiple separate permission records (e.g., one for "ban", one for "hide") to be merged. 107 107 + func (m *DBModel) GetModerationDelegations(ctx context.Context, streamerDID, moderatorDID string) ([]*streamplace.ModerationDefs_PermissionView, error) { 108 108 + var delegations []*ModerationDelegation 109 109 + err := m.DB.WithContext(ctx).Preload("Repo"). 110 110 + Where("repo_did = ? AND moderator_did = ?", streamerDID, moderatorDID). 111 111 + Find(&delegations).Error 112 112 + if err != nil { 113 113 + return nil, err 114 114 + } 115 115 + 116 116 + views := make([]*streamplace.ModerationDefs_PermissionView, len(delegations)) 117 117 + for i, d := range delegations { 118 118 + view, err := d.ToPermissionView() 119 119 + if err != nil { 120 120 + return nil, err 121 121 + } 122 122 + views[i] = view 123 123 + } 124 124 + return views, nil 125 125 + } 126 126 + 127 127 + func (m *DBModel) GetModeratorDelegations(ctx context.Context, moderatorDID string) ([]*streamplace.ModerationDefs_PermissionView, error) { 128 128 + var delegations []*ModerationDelegation 129 129 + err := m.DB.WithContext(ctx).Preload("Repo"). 130 130 + Where("moderator_did = ?", moderatorDID). 131 131 + Find(&delegations).Error 132 132 + if err != nil { 133 133 + return nil, err 134 134 + } 135 135 + 136 136 + views := make([]*streamplace.ModerationDefs_PermissionView, len(delegations)) 137 137 + for i, d := range delegations { 138 138 + view, err := d.ToPermissionView() 139 139 + if err != nil { 140 140 + return nil, err 141 141 + } 142 142 + views[i] = view 143 143 + } 144 144 + return views, nil 145 145 + } 146 146 + 147 147 + func (m *DBModel) GetStreamerModerators(ctx context.Context, streamerDID string) ([]*streamplace.ModerationDefs_PermissionView, error) { 148 148 + var delegations []*ModerationDelegation 149 149 + err := m.DB.WithContext(ctx).Preload("Repo"). 150 150 + Where("repo_did = ?", streamerDID). 151 151 + Find(&delegations).Error 152 152 + if err != nil { 153 153 + return nil, err 154 154 + } 155 155 + 156 156 + views := make([]*streamplace.ModerationDefs_PermissionView, len(delegations)) 157 157 + for i, d := range delegations { 158 158 + view, err := d.ToPermissionView() 159 159 + if err != nil { 160 160 + return nil, err 161 161 + } 162 162 + views[i] = view 163 163 + } 164 164 + return views, nil 165 165 + }

+114

pkg/moderation/permissions.go

reviewed

··· 1 1 + package moderation 2 2 + 3 3 + import ( 4 4 + "context" 5 5 + "fmt" 6 6 + "time" 7 7 + 8 8 + "stream.place/streamplace/pkg/streamplace" 9 9 + ) 10 10 + 11 11 + type delegationGetter interface { 12 12 + GetModerationDelegations(ctx context.Context, streamerDID, moderatorDID string) ([]*streamplace.ModerationDefs_PermissionView, error) 13 13 + } 14 14 + 15 15 + // Permission scope constants 16 16 + const ( 17 17 + PermissionBan = "ban" 18 18 + PermissionHide = "hide" 19 19 + PermissionLivestreamManage = "livestream.manage" 20 20 + ) 21 21 + 22 22 + // ActionPermissions maps moderation actions to required permissions 23 23 + var ActionPermissions = map[string]string{ 24 24 + "createBlock": PermissionBan, 25 25 + "deleteBlock": PermissionBan, 26 26 + "createGate": PermissionHide, 27 27 + "deleteGate": PermissionHide, 28 28 + "updateLivestream": PermissionLivestreamManage, 29 29 + } 30 30 + 31 31 + // PermissionChecker validates moderation permissions 32 32 + type PermissionChecker struct { 33 33 + model delegationGetter 34 34 + } 35 35 + 36 36 + // NewPermissionChecker creates a new permission checker 37 37 + func NewPermissionChecker(m delegationGetter) *PermissionChecker { 38 38 + return &PermissionChecker{model: m} 39 39 + } 40 40 + 41 41 + // CheckPermission validates that a moderator has permission to perform an action 42 42 + // Returns an error if the moderator lacks the required permission 43 43 + func (pc *PermissionChecker) CheckPermission(ctx context.Context, moderatorDID, streamerDID, action string) error { 44 44 + // Get required permission for this action (validate action first) 45 45 + requiredPermission, ok := ActionPermissions[action] 46 46 + if !ok { 47 47 + return fmt.Errorf("unknown action: %s", action) 48 48 + } 49 49 + 50 50 + // Streamers always have permission for their own content 51 51 + if moderatorDID == streamerDID { 52 52 + return nil 53 53 + } 54 54 + 55 55 + // Check if moderator has the required permission 56 56 + hasPermission, err := pc.HasPermission(ctx, moderatorDID, streamerDID, requiredPermission) 57 57 + if err != nil { 58 58 + return fmt.Errorf("failed to check permissions: %w", err) 59 59 + } 60 60 + 61 61 + if !hasPermission { 62 62 + return fmt.Errorf("moderator %s does not have permission '%s' for streamer %s", moderatorDID, requiredPermission, streamerDID) 63 63 + } 64 64 + 65 65 + return nil 66 66 + } 67 67 + 68 68 + // HasPermission checks if a moderator has a specific permission for a streamer. 69 69 + // It merges permissions from ALL delegation records for the moderator. 70 70 + func (pc *PermissionChecker) HasPermission(ctx context.Context, moderatorDID, streamerDID, permission string) (bool, error) { 71 71 + // Streamers always have all permissions for their own content 72 72 + if moderatorDID == streamerDID { 73 73 + return true, nil 74 74 + } 75 75 + 76 76 + // Look up ALL delegation records for this moderator 77 77 + delegations, err := pc.model.GetModerationDelegations(ctx, streamerDID, moderatorDID) 78 78 + if err != nil { 79 79 + return false, fmt.Errorf("failed to get moderation delegations: %w", err) 80 80 + } 81 81 + 82 82 + if len(delegations) == 0 { 83 83 + return false, nil 84 84 + } 85 85 + 86 86 + // Check all delegation records and merge their permissions 87 87 + for _, delegationView := range delegations { 88 88 + // Extract the actual permission record from the view 89 89 + permRecord, ok := delegationView.Record.Val.(*streamplace.ModerationPermission) 90 90 + if !ok { 91 91 + return false, fmt.Errorf("failed to cast record to ModerationPermission") 92 92 + } 93 93 + 94 94 + // Skip expired delegations 95 95 + if permRecord.ExpirationTime != nil { 96 96 + expirationTime, err := time.Parse(time.RFC3339, *permRecord.ExpirationTime) 97 97 + if err != nil { 98 98 + return false, fmt.Errorf("failed to parse expiration time: %w", err) 99 99 + } 100 100 + if time.Now().After(expirationTime) { 101 101 + continue 102 102 + } 103 103 + } 104 104 + 105 105 + // Check if this delegation has the required permission 106 106 + for _, p := range permRecord.Permissions { 107 107 + if p == permission { 108 108 + return true, nil 109 109 + } 110 110 + } 111 111 + } 112 112 + 113 113 + return false, nil 114 114 + }

+243

pkg/moderation/permissions_test.go

reviewed

··· 1 1 + package moderation 2 2 + 3 3 + import ( 4 4 + "context" 5 5 + "fmt" 6 6 + "testing" 7 7 + "time" 8 8 + 9 9 + "github.com/bluesky-social/indigo/api/bsky" 10 10 + lexutil "github.com/bluesky-social/indigo/lex/util" 11 11 + "github.com/stretchr/testify/require" 12 12 + "stream.place/streamplace/pkg/streamplace" 13 13 + ) 14 14 + 15 15 + func TestPermissionChecker_CheckPermission_StreamerSelfModeration(t *testing.T) { 16 16 + mod := newMockModel() 17 17 + pc := NewPermissionChecker(mod) 18 18 + 19 19 + streamerDID := "did:plc:streamer123" 20 20 + 21 21 + err := pc.CheckPermission(context.Background(), streamerDID, streamerDID, "createBlock") 22 22 + require.NoError(t, err, "streamer should have permission for self-moderation") 23 23 + 24 24 + err = pc.CheckPermission(context.Background(), streamerDID, streamerDID, "createGate") 25 25 + require.NoError(t, err, "streamer should have permission for self-moderation") 26 26 + 27 27 + err = pc.CheckPermission(context.Background(), streamerDID, streamerDID, "updateLivestream") 28 28 + require.NoError(t, err, "streamer should have permission for self-moderation") 29 29 + } 30 30 + 31 31 + func TestPermissionChecker_CheckPermission_WithCorrectPermission(t *testing.T) { 32 32 + mod := newMockModel() 33 33 + pc := NewPermissionChecker(mod) 34 34 + 35 35 + ctx := context.Background() 36 36 + streamerDID := "did:plc:streamer123" 37 37 + moderatorDID := "did:plc:moderator456" 38 38 + 39 39 + mod.addPermissionView(streamerDID, moderatorDID, []string{"ban", "hide"}, nil) 40 40 + 41 41 + err := pc.CheckPermission(ctx, moderatorDID, streamerDID, "createBlock") 42 42 + require.NoError(t, err, "moderator with 'ban' permission should be able to createBlock") 43 43 + 44 44 + err = pc.CheckPermission(ctx, moderatorDID, streamerDID, "createGate") 45 45 + require.NoError(t, err, "moderator with 'hide' permission should be able to createGate") 46 46 + } 47 47 + 48 48 + func TestPermissionChecker_CheckPermission_WithWrongPermission(t *testing.T) { 49 49 + mod := newMockModel() 50 50 + pc := NewPermissionChecker(mod) 51 51 + 52 52 + ctx := context.Background() 53 53 + streamerDID := "did:plc:streamer123" 54 54 + moderatorDID := "did:plc:moderator456" 55 55 + 56 56 + mod.addPermissionView(streamerDID, moderatorDID, []string{"hide"}, nil) 57 57 + 58 58 + err := pc.CheckPermission(ctx, moderatorDID, streamerDID, "createBlock") 59 59 + require.Error(t, err, "moderator with only 'hide' permission should not be able to createBlock") 60 60 + require.Contains(t, err.Error(), "does not have permission 'ban'") 61 61 + } 62 62 + 63 63 + func TestPermissionChecker_CheckPermission_WithoutAnyPermission(t *testing.T) { 64 64 + mod := newMockModel() 65 65 + pc := NewPermissionChecker(mod) 66 66 + 67 67 + ctx := context.Background() 68 68 + streamerDID := "did:plc:streamer123" 69 69 + moderatorDID := "did:plc:moderator456" 70 70 + 71 71 + err := pc.CheckPermission(ctx, moderatorDID, streamerDID, "createBlock") 72 72 + require.Error(t, err, "moderator without any delegation should be denied") 73 73 + require.Contains(t, err.Error(), "does not have permission") 74 74 + } 75 75 + 76 76 + func TestPermissionChecker_CheckPermission_UnknownAction(t *testing.T) { 77 77 + mod := newMockModel() 78 78 + pc := NewPermissionChecker(mod) 79 79 + 80 80 + streamerDID := "did:plc:streamer123" 81 81 + 82 82 + err := pc.CheckPermission(context.Background(), streamerDID, streamerDID, "unknownAction") 83 83 + require.Error(t, err) 84 84 + require.Contains(t, err.Error(), "unknown action") 85 85 + } 86 86 + 87 87 + func TestPermissionChecker_HasPermission(t *testing.T) { 88 88 + mod := newMockModel() 89 89 + pc := NewPermissionChecker(mod) 90 90 + 91 91 + ctx := context.Background() 92 92 + streamerDID := "did:plc:streamer123" 93 93 + moderatorDID := "did:plc:moderator456" 94 94 + 95 95 + mod.addPermissionView(streamerDID, moderatorDID, []string{"ban", "hide"}, nil) 96 96 + 97 97 + has, err := pc.HasPermission(ctx, moderatorDID, streamerDID, PermissionBan) 98 98 + require.NoError(t, err) 99 99 + require.True(t, has, "should have 'ban' permission") 100 100 + 101 101 + has, err = pc.HasPermission(ctx, moderatorDID, streamerDID, PermissionHide) 102 102 + require.NoError(t, err) 103 103 + require.True(t, has, "should have 'hide' permission") 104 104 + 105 105 + has, err = pc.HasPermission(ctx, moderatorDID, streamerDID, PermissionLivestreamManage) 106 106 + require.NoError(t, err) 107 107 + require.False(t, has, "should not have 'livestream.manage' permission") 108 108 + } 109 109 + 110 110 + func TestActionPermissions_Mapping(t *testing.T) { 111 111 + require.Equal(t, PermissionBan, ActionPermissions["createBlock"]) 112 112 + require.Equal(t, PermissionBan, ActionPermissions["deleteBlock"]) 113 113 + require.Equal(t, PermissionHide, ActionPermissions["createGate"]) 114 114 + require.Equal(t, PermissionHide, ActionPermissions["deleteGate"]) 115 115 + require.Equal(t, PermissionLivestreamManage, ActionPermissions["updateLivestream"]) 116 116 + } 117 117 + 118 118 + func TestPermissionChecker_HasPermission_MultipleSeparateRecords(t *testing.T) { 119 119 + mod := newMockModel() 120 120 + pc := NewPermissionChecker(mod) 121 121 + 122 122 + ctx := context.Background() 123 123 + streamerDID := "did:plc:streamer123" 124 124 + moderatorDID := "did:plc:moderator456" 125 125 + 126 126 + mod.addPermissionView(streamerDID, moderatorDID, []string{"ban"}, nil) 127 127 + mod.addPermissionView(streamerDID, moderatorDID, []string{"hide"}, nil) 128 128 + 129 129 + hasBan, err := pc.HasPermission(ctx, moderatorDID, streamerDID, PermissionBan) 130 130 + require.NoError(t, err) 131 131 + require.True(t, hasBan, "should have 'ban' permission from first record") 132 132 + 133 133 + hasHide, err := pc.HasPermission(ctx, moderatorDID, streamerDID, PermissionHide) 134 134 + require.NoError(t, err) 135 135 + require.True(t, hasHide, "should have 'hide' permission from second record") 136 136 + 137 137 + err = pc.CheckPermission(ctx, moderatorDID, streamerDID, "createBlock") 138 138 + require.NoError(t, err, "should allow createBlock with 'ban' permission from separate record") 139 139 + 140 140 + err = pc.CheckPermission(ctx, moderatorDID, streamerDID, "createGate") 141 141 + require.NoError(t, err, "should allow createGate with 'hide' permission from separate record") 142 142 + } 143 143 + 144 144 + func TestPermissionChecker_HasPermission_ExpiredDelegation(t *testing.T) { 145 145 + mod := newMockModel() 146 146 + pc := NewPermissionChecker(mod) 147 147 + 148 148 + ctx := context.Background() 149 149 + streamerDID := "did:plc:streamer123" 150 150 + moderatorDID := "did:plc:moderator456" 151 151 + 152 152 + expiredTime := time.Now().Add(-1 * time.Hour) 153 153 + mod.addPermissionView(streamerDID, moderatorDID, []string{"ban"}, &expiredTime) 154 154 + 155 155 + hasPermission, err := pc.HasPermission(ctx, moderatorDID, streamerDID, PermissionBan) 156 156 + require.NoError(t, err) 157 157 + require.False(t, hasPermission, "should deny permission for expired delegation") 158 158 + 159 159 + err = pc.CheckPermission(ctx, moderatorDID, streamerDID, "createBlock") 160 160 + require.Error(t, err, "should deny action for expired delegation") 161 161 + require.Contains(t, err.Error(), "does not have permission") 162 162 + } 163 163 + 164 164 + func TestPermissionChecker_HasPermission_NotYetExpired(t *testing.T) { 165 165 + mod := newMockModel() 166 166 + pc := NewPermissionChecker(mod) 167 167 + 168 168 + ctx := context.Background() 169 169 + streamerDID := "did:plc:streamer123" 170 170 + moderatorDID := "did:plc:moderator456" 171 171 + 172 172 + futureTime := time.Now().Add(1 * time.Hour) 173 173 + mod.addPermissionView(streamerDID, moderatorDID, []string{"ban", "hide"}, &futureTime) 174 174 + 175 175 + hasPermission, err := pc.HasPermission(ctx, moderatorDID, streamerDID, PermissionBan) 176 176 + require.NoError(t, err) 177 177 + require.True(t, hasPermission, "should allow permission for not-yet-expired delegation") 178 178 + 179 179 + err = pc.CheckPermission(ctx, moderatorDID, streamerDID, "createBlock") 180 180 + require.NoError(t, err, "should allow action for not-yet-expired delegation") 181 181 + } 182 182 + 183 183 + func TestPermissionChecker_HasPermission_NoExpiration(t *testing.T) { 184 184 + mod := newMockModel() 185 185 + pc := NewPermissionChecker(mod) 186 186 + 187 187 + ctx := context.Background() 188 188 + streamerDID := "did:plc:streamer123" 189 189 + moderatorDID := "did:plc:moderator456" 190 190 + 191 191 + mod.addPermissionView(streamerDID, moderatorDID, []string{"ban", "hide"}, nil) 192 192 + 193 193 + hasPermission, err := pc.HasPermission(ctx, moderatorDID, streamerDID, PermissionBan) 194 194 + require.NoError(t, err) 195 195 + require.True(t, hasPermission, "should allow permission for delegation with no expiration") 196 196 + 197 197 + err = pc.CheckPermission(ctx, moderatorDID, streamerDID, "createBlock") 198 198 + require.NoError(t, err, "should allow action for delegation with no expiration") 199 199 + } 200 200 + 201 201 + type mockModel struct { 202 202 + delegations map[string][]*streamplace.ModerationDefs_PermissionView 203 203 + } 204 204 + 205 205 + func newMockModel() *mockModel { 206 206 + return &mockModel{ 207 207 + delegations: make(map[string][]*streamplace.ModerationDefs_PermissionView), 208 208 + } 209 209 + } 210 210 + 211 211 + func (m *mockModel) addPermissionView(streamerDID, moderatorDID string, permissions []string, expirationTime *time.Time) { 212 212 + key := streamerDID + "_" + moderatorDID 213 213 + 214 214 + var expTimeStr *string 215 215 + if expirationTime != nil { 216 216 + str := expirationTime.Format(time.RFC3339) 217 217 + expTimeStr = &str 218 218 + } 219 219 + 220 220 + permRecord := &streamplace.ModerationPermission{ 221 221 + Moderator: moderatorDID, 222 222 + Permissions: permissions, 223 223 + ExpirationTime: expTimeStr, 224 224 + } 225 225 + 226 226 + view := &streamplace.ModerationDefs_PermissionView{ 227 227 + Uri: fmt.Sprintf("at://%s/place.stream.moderation.permission/test", streamerDID), 228 228 + Cid: "bafytest", 229 229 + Author: &bsky.ActorDefs_ProfileViewBasic{Did: streamerDID}, 230 230 + Record: &lexutil.LexiconTypeDecoder{Val: permRecord}, 231 231 + } 232 232 + 233 233 + m.delegations[key] = append(m.delegations[key], view) 234 234 + } 235 235 + 236 236 + func (m *mockModel) GetModerationDelegations(ctx context.Context, streamerDID, moderatorDID string) ([]*streamplace.ModerationDefs_PermissionView, error) { 237 237 + key := streamerDID + "_" + moderatorDID 238 238 + delegations, exists := m.delegations[key] 239 239 + if !exists { 240 240 + return nil, nil 241 241 + } 242 242 + return delegations, nil 243 243 + }

+78

pkg/spxrpc/moderation_helpers.go

reviewed

··· 1 1 + package spxrpc 2 2 + 3 3 + import ( 4 4 + "context" 5 5 + "fmt" 6 6 + "net/http" 7 7 + 8 8 + "github.com/labstack/echo/v4" 9 9 + "github.com/streamplace/oatproxy/pkg/oatproxy" 10 10 + "stream.place/streamplace/pkg/log" 11 11 + "stream.place/streamplace/pkg/moderation" 12 12 + ) 13 13 + 14 14 + // DelegatedModerationContext contains validated session and client for delegated moderation actions 15 15 + type DelegatedModerationContext struct { 16 16 + ModeratorDID string 17 17 + ModeratorSession *oatproxy.OAuthSession 18 18 + StreamerClient *oatproxy.XrpcClient 19 19 + StreamerSession *oatproxy.OAuthSession 20 20 + } 21 21 + 22 22 + // GetDelegatedModerationContext validates moderator OAuth, checks permission, and returns streamer client 23 23 + // This consolidates the repeated pattern in all moderation handlers to eliminate duplication and fix security issues 24 24 + func (s *Server) GetDelegatedModerationContext( 25 25 + ctx context.Context, 26 26 + streamerDID string, 27 27 + action string, 28 28 + ) (*DelegatedModerationContext, error) { 29 29 + 30 30 + // Step 1: Get and validate moderator OAuth session 31 31 + // NOTE: GetOAuthSession returns (*OAuthSession, *XrpcClient), not (*OAuthSession, error) 32 32 + moderatorSession, _ := oatproxy.GetOAuthSession(ctx) 33 33 + if moderatorSession == nil { 34 34 + return nil, echo.NewHTTPError(http.StatusUnauthorized, "oauth session not found") 35 35 + } 36 36 + moderatorDID := moderatorSession.DID 37 37 + 38 38 + // Step 2: Check permission 39 39 + permChecker := moderation.NewPermissionChecker(s.model) 40 40 + if err := permChecker.CheckPermission(ctx, moderatorDID, streamerDID, action); err != nil { 41 41 + log.Warn(ctx, "permission denied", "moderator", moderatorDID, "streamer", streamerDID, "action", action, "error", err) 42 42 + return nil, echo.NewHTTPError(http.StatusForbidden, fmt.Sprintf("permission denied: %v", err)) 43 43 + } 44 44 + 45 45 + // Step 3: Get streamer session 46 46 + streamerSession, err := s.statefulDB.GetSessionByDID(streamerDID) 47 47 + if err != nil { 48 48 + log.Error(ctx, "failed to get streamer session", "streamer", streamerDID, "error", err) 49 49 + return nil, echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to get streamer session: %v", err)) 50 50 + } 51 51 + if streamerSession == nil { 52 52 + return nil, echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("session not found for streamer %s", streamerDID)) 53 53 + } 54 54 + 55 55 + // Step 4: Refresh session if needed 56 56 + streamerSession, err = s.op.RefreshIfNeeded(streamerSession) 57 57 + if err != nil { 58 58 + log.Error(ctx, "failed to refresh streamer session", "streamer", streamerDID, "error", err) 59 59 + return nil, echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to refresh session: %v", err)) 60 60 + } 61 61 + if streamerSession == nil { 62 62 + return nil, echo.NewHTTPError(http.StatusNotFound, "streamer session not found after refresh") 63 63 + } 64 64 + 65 65 + // Step 5: Get XRPC client for streamer 66 66 + client, err := s.op.GetXrpcClient(streamerSession) 67 67 + if err != nil { 68 68 + log.Error(ctx, "failed to get xrpc client", "streamer", streamerDID, "error", err) 69 69 + return nil, echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to get xrpc client: %v", err)) 70 70 + } 71 71 + 72 72 + return &DelegatedModerationContext{ 73 73 + ModeratorDID: moderatorDID, 74 74 + ModeratorSession: moderatorSession, 75 75 + StreamerClient: client, 76 76 + StreamerSession: streamerSession, 77 77 + }, nil 78 78 + }

+362

pkg/spxrpc/place_stream_moderation.go

reviewed

··· 1 1 + package spxrpc 2 2 + 3 3 + import ( 4 4 + "context" 5 5 + "encoding/json" 6 6 + "fmt" 7 7 + "net/http" 8 8 + "time" 9 9 + 10 10 + comatproto "github.com/bluesky-social/indigo/api/atproto" 11 11 + "github.com/bluesky-social/indigo/api/bsky" 12 12 + "github.com/bluesky-social/indigo/atproto/syntax" 13 13 + lexutil "github.com/bluesky-social/indigo/lex/util" 14 14 + "github.com/bluesky-social/indigo/xrpc" 15 15 + "github.com/labstack/echo/v4" 16 16 + "stream.place/streamplace/pkg/constants" 17 17 + "stream.place/streamplace/pkg/log" 18 18 + "stream.place/streamplace/pkg/statedb" 19 19 + "stream.place/streamplace/pkg/streamplace" 20 20 + ) 21 21 + 22 22 + // handlePlaceStreamModerationCreateBlock creates a block (ban) on behalf of a streamer 23 23 + func (s *Server) handlePlaceStreamModerationCreateBlock(ctx context.Context, input *streamplace.ModerationCreateBlock_Input) (*streamplace.ModerationCreateBlock_Output, error) { 24 24 + // Validate input 25 25 + if err := validateDID(input.Streamer); err != nil { 26 26 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid streamer DID: %v", err)) 27 27 + } 28 28 + if err := validateDID(input.Subject); err != nil { 29 29 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid subject DID: %v", err)) 30 30 + } 31 31 + 32 32 + // Get delegated moderation context (validates OAuth, permission, and returns client) 33 33 + modCtx, err := s.GetDelegatedModerationContext(ctx, input.Streamer, "createBlock") 34 34 + if err != nil { 35 35 + return nil, err 36 36 + } 37 37 + 38 38 + // Create block record in streamer's repo 39 39 + block := &bsky.GraphBlock{ 40 40 + Subject: input.Subject, 41 41 + CreatedAt: time.Now().UTC().Format(time.RFC3339), 42 42 + } 43 43 + 44 44 + createInput := comatproto.RepoCreateRecord_Input{ 45 45 + Collection: constants.APP_BSKY_GRAPH_BLOCK, 46 46 + Record: &lexutil.LexiconTypeDecoder{Val: block}, 47 47 + Repo: input.Streamer, 48 48 + } 49 49 + createOutput := comatproto.RepoCreateRecord_Output{} 50 50 + 51 51 + err = modCtx.StreamerClient.Do(ctx, xrpc.Procedure, "application/json", "com.atproto.repo.createRecord", map[string]any{}, createInput, &createOutput) 52 52 + if err != nil { 53 53 + log.Error(ctx, "failed to create block record", "err", err) 54 54 + if auditErr := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "createBlock", "", input.Subject, "", false, err.Error()); auditErr != nil { 55 55 + log.Error(ctx, "failed to create audit log", "error", auditErr) 56 56 + } 57 57 + return nil, echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to create block: %v", err)) 58 58 + } 59 59 + 60 60 + // Log successful audit entry 61 61 + if err := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "createBlock", "", input.Subject, createOutput.Uri, true, ""); err != nil { 62 62 + log.Error(ctx, "failed to create audit log", "error", err) 63 63 + } 64 64 + 65 65 + return &streamplace.ModerationCreateBlock_Output{ 66 66 + Uri: createOutput.Uri, 67 67 + Cid: createOutput.Cid, 68 68 + }, nil 69 69 + } 70 70 + 71 71 + // handlePlaceStreamModerationDeleteBlock deletes a block (unban) on behalf of a streamer 72 72 + func (s *Server) handlePlaceStreamModerationDeleteBlock(ctx context.Context, input *streamplace.ModerationDeleteBlock_Input) (*streamplace.ModerationDeleteBlock_Output, error) { 73 73 + // Validate input 74 74 + if err := validateDID(input.Streamer); err != nil { 75 75 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid streamer DID: %v", err)) 76 76 + } 77 77 + if err := validateATURI(input.BlockUri); err != nil { 78 78 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid block URI: %v", err)) 79 79 + } 80 80 + 81 81 + // Get delegated moderation context (validates OAuth, permission, and returns client) 82 82 + modCtx, err := s.GetDelegatedModerationContext(ctx, input.Streamer, "deleteBlock") 83 83 + if err != nil { 84 84 + return nil, err 85 85 + } 86 86 + 87 87 + // Parse blockUri to extract rkey 88 88 + // AT-URI format: at://did:plc:xxx/collection/rkey 89 89 + rkey, err := extractRKey(input.BlockUri) 90 90 + if err != nil { 91 91 + log.Error(ctx, "failed to extract rkey from blockUri", "uri", input.BlockUri, "err", err) 92 92 + return nil, echo.NewHTTPError(http.StatusBadRequest, "invalid blockUri format") 93 93 + } 94 94 + 95 95 + // Delete block record from streamer's repo 96 96 + deleteInput := comatproto.RepoDeleteRecord_Input{ 97 97 + Collection: constants.APP_BSKY_GRAPH_BLOCK, 98 98 + Rkey: rkey, 99 99 + Repo: input.Streamer, 100 100 + } 101 101 + deleteOutput := comatproto.RepoDeleteRecord_Output{} 102 102 + 103 103 + err = modCtx.StreamerClient.Do(ctx, xrpc.Procedure, "application/json", "com.atproto.repo.deleteRecord", map[string]any{}, deleteInput, &deleteOutput) 104 104 + if err != nil { 105 105 + log.Error(ctx, "failed to delete block record", "err", err) 106 106 + if auditErr := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "deleteBlock", input.BlockUri, "", "", false, err.Error()); auditErr != nil { 107 107 + log.Error(ctx, "failed to create audit log", "error", auditErr) 108 108 + } 109 109 + return nil, echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to delete block: %v", err)) 110 110 + } 111 111 + 112 112 + // Log successful audit entry 113 113 + if err := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "deleteBlock", input.BlockUri, "", "", true, ""); err != nil { 114 114 + log.Error(ctx, "failed to create audit log", "error", err) 115 115 + } 116 116 + 117 117 + return &streamplace.ModerationDeleteBlock_Output{}, nil 118 118 + } 119 119 + 120 120 + // handlePlaceStreamModerationCreateGate creates a gate (hide message) on behalf of a streamer 121 121 + func (s *Server) handlePlaceStreamModerationCreateGate(ctx context.Context, input *streamplace.ModerationCreateGate_Input) (*streamplace.ModerationCreateGate_Output, error) { 122 122 + // Validate input 123 123 + if err := validateDID(input.Streamer); err != nil { 124 124 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid streamer DID: %v", err)) 125 125 + } 126 126 + if err := validateATURI(input.MessageUri); err != nil { 127 127 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid message URI: %v", err)) 128 128 + } 129 129 + 130 130 + // Get delegated moderation context (validates OAuth, permission, and returns client) 131 131 + modCtx, err := s.GetDelegatedModerationContext(ctx, input.Streamer, "createGate") 132 132 + if err != nil { 133 133 + return nil, err 134 134 + } 135 135 + 136 136 + // Create gate record in streamer's repo 137 137 + gate := &streamplace.ChatGate{ 138 138 + HiddenMessage: input.MessageUri, 139 139 + } 140 140 + 141 141 + createInput := comatproto.RepoCreateRecord_Input{ 142 142 + Collection: constants.PLACE_STREAM_CHAT_GATE, 143 143 + Record: &lexutil.LexiconTypeDecoder{Val: gate}, 144 144 + Repo: input.Streamer, 145 145 + } 146 146 + createOutput := comatproto.RepoCreateRecord_Output{} 147 147 + 148 148 + err = modCtx.StreamerClient.Do(ctx, xrpc.Procedure, "application/json", "com.atproto.repo.createRecord", map[string]any{}, createInput, &createOutput) 149 149 + if err != nil { 150 150 + log.Error(ctx, "failed to create gate record", "err", err) 151 151 + if auditErr := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "createGate", input.MessageUri, "", "", false, err.Error()); auditErr != nil { 152 152 + log.Error(ctx, "failed to create audit log", "error", auditErr) 153 153 + } 154 154 + return nil, echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to create gate: %v", err)) 155 155 + } 156 156 + 157 157 + // Log successful audit entry 158 158 + if err := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "createGate", input.MessageUri, "", createOutput.Uri, true, ""); err != nil { 159 159 + log.Error(ctx, "failed to create audit log", "error", err) 160 160 + } 161 161 + 162 162 + return &streamplace.ModerationCreateGate_Output{ 163 163 + Uri: createOutput.Uri, 164 164 + Cid: createOutput.Cid, 165 165 + }, nil 166 166 + } 167 167 + 168 168 + // handlePlaceStreamModerationDeleteGate deletes a gate (unhide message) on behalf of a streamer 169 169 + func (s *Server) handlePlaceStreamModerationDeleteGate(ctx context.Context, input *streamplace.ModerationDeleteGate_Input) (*streamplace.ModerationDeleteGate_Output, error) { 170 170 + // Validate input 171 171 + if err := validateDID(input.Streamer); err != nil { 172 172 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid streamer DID: %v", err)) 173 173 + } 174 174 + if err := validateATURI(input.GateUri); err != nil { 175 175 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid gate URI: %v", err)) 176 176 + } 177 177 + 178 178 + // Get delegated moderation context (validates OAuth, permission, and returns client) 179 179 + modCtx, err := s.GetDelegatedModerationContext(ctx, input.Streamer, "deleteGate") 180 180 + if err != nil { 181 181 + return nil, err 182 182 + } 183 183 + 184 184 + // Parse gateUri to extract rkey 185 185 + rkey, err := extractRKey(input.GateUri) 186 186 + if err != nil { 187 187 + log.Error(ctx, "failed to extract rkey from gateUri", "uri", input.GateUri, "err", err) 188 188 + return nil, echo.NewHTTPError(http.StatusBadRequest, "invalid gateUri format") 189 189 + } 190 190 + 191 191 + // Delete gate record from streamer's repo 192 192 + deleteInput := comatproto.RepoDeleteRecord_Input{ 193 193 + Collection: constants.PLACE_STREAM_CHAT_GATE, 194 194 + Rkey: rkey, 195 195 + Repo: input.Streamer, 196 196 + } 197 197 + deleteOutput := comatproto.RepoDeleteRecord_Output{} 198 198 + 199 199 + err = modCtx.StreamerClient.Do(ctx, xrpc.Procedure, "application/json", "com.atproto.repo.deleteRecord", map[string]any{}, deleteInput, &deleteOutput) 200 200 + if err != nil { 201 201 + log.Error(ctx, "failed to delete gate record", "err", err) 202 202 + if auditErr := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "deleteGate", input.GateUri, "", "", false, err.Error()); auditErr != nil { 203 203 + log.Error(ctx, "failed to create audit log", "error", auditErr) 204 204 + } 205 205 + return nil, echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to delete gate: %v", err)) 206 206 + } 207 207 + 208 208 + // Log successful audit entry 209 209 + if err := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "deleteGate", input.GateUri, "", "", true, ""); err != nil { 210 210 + log.Error(ctx, "failed to create audit log", "error", err) 211 211 + } 212 212 + 213 213 + return &streamplace.ModerationDeleteGate_Output{}, nil 214 214 + } 215 215 + 216 216 + // handlePlaceStreamModerationUpdateLivestream updates livestream metadata on behalf of a streamer 217 217 + func (s *Server) handlePlaceStreamModerationUpdateLivestream(ctx context.Context, input *streamplace.ModerationUpdateLivestream_Input) (*streamplace.ModerationUpdateLivestream_Output, error) { 218 218 + // Validate input 219 219 + if err := validateDID(input.Streamer); err != nil { 220 220 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid streamer DID: %v", err)) 221 221 + } 222 222 + if err := validateATURI(input.LivestreamUri); err != nil { 223 223 + return nil, echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("invalid livestream URI: %v", err)) 224 224 + } 225 225 + 226 226 + // Get delegated moderation context (validates OAuth, permission, and returns client) 227 227 + modCtx, err := s.GetDelegatedModerationContext(ctx, input.Streamer, "updateLivestream") 228 228 + if err != nil { 229 229 + return nil, err 230 230 + } 231 231 + 232 232 + // Parse livestreamUri to extract rkey 233 233 + rkey, err := extractRKey(input.LivestreamUri) 234 234 + if err != nil { 235 235 + log.Error(ctx, "failed to extract rkey from livestreamUri", "uri", input.LivestreamUri, "err", err) 236 236 + return nil, echo.NewHTTPError(http.StatusBadRequest, "invalid livestreamUri format") 237 237 + } 238 238 + 239 239 + // Get existing livestream record 240 240 + getInput := map[string]any{ 241 241 + "repo": input.Streamer, 242 242 + "collection": constants.PLACE_STREAM_LIVESTREAM, 243 243 + "rkey": rkey, 244 244 + } 245 245 + getOutput := comatproto.RepoGetRecord_Output{} 246 246 + err = modCtx.StreamerClient.Do(ctx, xrpc.Query, "application/json", "com.atproto.repo.getRecord", getInput, nil, &getOutput) 247 247 + if err != nil { 248 248 + log.Error(ctx, "failed to get livestream record", "err", err) 249 249 + if auditErr := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "updateLivestream", input.LivestreamUri, "", "", false, fmt.Sprintf("failed to get record: %v", err)); auditErr != nil { 250 250 + log.Error(ctx, "failed to create audit log", "error", auditErr) 251 251 + } 252 252 + return nil, echo.NewHTTPError(http.StatusNotFound, "livestream record not found") 253 253 + } 254 254 + 255 255 + // Decode existing record 256 256 + if getOutput.Value == nil || getOutput.Value.Val == nil { 257 257 + log.Error(ctx, "livestream record value is nil") 258 258 + return nil, echo.NewHTTPError(http.StatusInternalServerError, "failed to decode livestream record") 259 259 + } 260 260 + 261 261 + // Convert the decoded value to our struct 262 262 + livestream := &streamplace.Livestream{} 263 263 + recordBytes, err := json.Marshal(getOutput.Value.Val) 264 264 + if err != nil { 265 265 + log.Error(ctx, "failed to marshal livestream record", "err", err) 266 266 + return nil, echo.NewHTTPError(http.StatusInternalServerError, "failed to decode livestream record") 267 267 + } 268 268 + err = json.Unmarshal(recordBytes, livestream) 269 269 + if err != nil { 270 270 + log.Error(ctx, "failed to unmarshal livestream record", "err", err) 271 271 + return nil, echo.NewHTTPError(http.StatusInternalServerError, "failed to decode livestream record") 272 272 + } 273 273 + 274 274 + // Create new record (don't edit existing - old records serve as "chapter markers") 275 275 + // Copy fields from existing record and update title 276 276 + if input.Title != nil { 277 277 + livestream.Title = *input.Title 278 278 + } 279 279 + 280 280 + // Ensure notificationSettings.pushNotification is false for mods 281 281 + if livestream.NotificationSettings == nil { 282 282 + livestream.NotificationSettings = &streamplace.Livestream_NotificationSettings{} 283 283 + } 284 284 + pushNotificationFalse := false 285 285 + livestream.NotificationSettings.PushNotification = &pushNotificationFalse 286 286 + 287 287 + // Update createdAt to current time for new record 288 288 + livestream.CreatedAt = time.Now().UTC().Format(time.RFC3339) 289 289 + 290 290 + // Create new record instead of updating existing 291 291 + createInput := comatproto.RepoCreateRecord_Input{ 292 292 + Collection: constants.PLACE_STREAM_LIVESTREAM, 293 293 + Record: &lexutil.LexiconTypeDecoder{Val: livestream}, 294 294 + Repo: input.Streamer, 295 295 + } 296 296 + createOutput := comatproto.RepoCreateRecord_Output{} 297 297 + 298 298 + err = modCtx.StreamerClient.Do(ctx, xrpc.Procedure, "application/json", "com.atproto.repo.createRecord", map[string]any{}, createInput, &createOutput) 299 299 + if err != nil { 300 300 + log.Error(ctx, "failed to create livestream record", "err", err) 301 301 + if auditErr := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "updateLivestream", input.LivestreamUri, "", "", false, err.Error()); auditErr != nil { 302 302 + log.Error(ctx, "failed to create audit log", "error", auditErr) 303 303 + } 304 304 + return nil, echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to create livestream: %v", err)) 305 305 + } 306 306 + 307 307 + // Log successful audit entry 308 308 + if err := s.logAudit(ctx, input.Streamer, modCtx.ModeratorDID, "updateLivestream", input.LivestreamUri, "", createOutput.Uri, true, ""); err != nil { 309 309 + log.Error(ctx, "failed to create audit log", "error", err) 310 310 + } 311 311 + 312 312 + return &streamplace.ModerationUpdateLivestream_Output{ 313 313 + Uri: createOutput.Uri, 314 314 + Cid: createOutput.Cid, 315 315 + }, nil 316 316 + } 317 317 + 318 318 + // Helper functions 319 319 + 320 320 + // extractRKey extracts the rkey from an AT-URI (at://did:plc:xxx/collection/rkey) 321 321 + func extractRKey(uri string) (string, error) { 322 322 + aturi, err := syntax.ParseATURI(uri) 323 323 + if err != nil { 324 324 + return "", fmt.Errorf("invalid AT-URI: %w", err) 325 325 + } 326 326 + return aturi.RecordKey().String(), nil 327 327 + } 328 328 + 329 329 + // validateDID checks if string is a valid AT Protocol DID format 330 330 + func validateDID(did string) error { 331 331 + _, err := syntax.ParseDID(did) 332 332 + if err != nil { 333 333 + return fmt.Errorf("invalid DID format: %w", err) 334 334 + } 335 335 + return nil 336 336 + } 337 337 + 338 338 + // validateATURI checks if string is a valid AT-URI format 339 339 + func validateATURI(uri string) error { 340 340 + _, err := syntax.ParseATURI(uri) 341 341 + if err != nil { 342 342 + return fmt.Errorf("invalid AT-URI format: %w", err) 343 343 + } 344 344 + return nil 345 345 + } 346 346 + 347 347 + // logAudit logs a moderation action to the audit log 348 348 + func (s *Server) logAudit(ctx context.Context, streamerDID, moderatorDID, action, targetURI, targetDID, resultURI string, success bool, errorMsg string) error { 349 349 + auditLog := &statedb.ModerationAuditLog{ 350 350 + StreamerDID: streamerDID, 351 351 + ModeratorDID: moderatorDID, 352 352 + Action: action, 353 353 + TargetURI: targetURI, 354 354 + TargetDID: targetDID, 355 355 + ResultURI: resultURI, 356 356 + Success: success, 357 357 + ErrorMsg: errorMsg, 358 358 + CreatedAt: time.Now(), 359 359 + } 360 360 + 361 361 + return s.statefulDB.CreateAuditLog(ctx, auditLog) 362 362 + }

+2

pkg/spxrpc/spxrpc.go

reviewed

··· 31 31 ATSync *atproto.ATProtoSynchronizer 32 32 statefulDB *statedb.StatefulDB 33 33 bus *bus.Bus 34 34 + op *oatproxy.OATProxy 34 35 } 35 36 36 37 func NewServer(ctx context.Context, cli *config.CLI, model model.Model, statefulDB *statedb.StatefulDB, op *oatproxy.OATProxy, mdlw middleware.Middleware, atsync *atproto.ATProtoSynchronizer, bus *bus.Bus) (*Server, error) { ··· 43 44 ATSync: atsync, 44 45 statefulDB: statefulDB, 45 46 bus: bus, 47 47 + op: op, 46 48 } 47 49 e.Use(s.ErrorHandlingMiddleware()) 48 50 e.Use(s.ContextPreservingMiddleware())

+95

pkg/spxrpc/stubs.go

reviewed

··· 269 269 e.GET("/xrpc/place.stream.live.getRecommendations", s.HandlePlaceStreamLiveGetRecommendations) 270 270 e.GET("/xrpc/place.stream.live.getSegments", s.HandlePlaceStreamLiveGetSegments) 271 271 e.GET("/xrpc/place.stream.live.searchActorsTypeahead", s.HandlePlaceStreamLiveSearchActorsTypeahead) 272 272 + e.POST("/xrpc/place.stream.moderation.createBlock", s.HandlePlaceStreamModerationCreateBlock) 273 273 + e.POST("/xrpc/place.stream.moderation.createGate", s.HandlePlaceStreamModerationCreateGate) 274 274 + e.POST("/xrpc/place.stream.moderation.deleteBlock", s.HandlePlaceStreamModerationDeleteBlock) 275 275 + e.POST("/xrpc/place.stream.moderation.deleteGate", s.HandlePlaceStreamModerationDeleteGate) 276 276 + e.POST("/xrpc/place.stream.moderation.updateLivestream", s.HandlePlaceStreamModerationUpdateLivestream) 272 277 e.POST("/xrpc/place.stream.server.createWebhook", s.HandlePlaceStreamServerCreateWebhook) 273 278 e.POST("/xrpc/place.stream.server.deleteWebhook", s.HandlePlaceStreamServerDeleteWebhook) 274 279 e.GET("/xrpc/place.stream.server.getServerTime", s.HandlePlaceStreamServerGetServerTime) ··· 404 409 var handleErr error 405 410 // func (s *Server) handlePlaceStreamLiveSearchActorsTypeahead(ctx context.Context,limit int,q string) (*placestream.LiveSearchActorsTypeahead_Output, error) 406 411 out, handleErr = s.handlePlaceStreamLiveSearchActorsTypeahead(ctx, limit, q) 412 412 + if handleErr != nil { 413 413 + return handleErr 414 414 + } 415 415 + return c.JSON(200, out) 416 416 + } 417 417 + 418 418 + func (s *Server) HandlePlaceStreamModerationCreateBlock(c echo.Context) error { 419 419 + ctx, span := otel.Tracer("server").Start(c.Request().Context(), "HandlePlaceStreamModerationCreateBlock") 420 420 + defer span.End() 421 421 + 422 422 + var body placestream.ModerationCreateBlock_Input 423 423 + if err := c.Bind(&body); err != nil { 424 424 + return err 425 425 + } 426 426 + var out *placestream.ModerationCreateBlock_Output 427 427 + var handleErr error 428 428 + // func (s *Server) handlePlaceStreamModerationCreateBlock(ctx context.Context,body *placestream.ModerationCreateBlock_Input) (*placestream.ModerationCreateBlock_Output, error) 429 429 + out, handleErr = s.handlePlaceStreamModerationCreateBlock(ctx, &body) 430 430 + if handleErr != nil { 431 431 + return handleErr 432 432 + } 433 433 + return c.JSON(200, out) 434 434 + } 435 435 + 436 436 + func (s *Server) HandlePlaceStreamModerationCreateGate(c echo.Context) error { 437 437 + ctx, span := otel.Tracer("server").Start(c.Request().Context(), "HandlePlaceStreamModerationCreateGate") 438 438 + defer span.End() 439 439 + 440 440 + var body placestream.ModerationCreateGate_Input 441 441 + if err := c.Bind(&body); err != nil { 442 442 + return err 443 443 + } 444 444 + var out *placestream.ModerationCreateGate_Output 445 445 + var handleErr error 446 446 + // func (s *Server) handlePlaceStreamModerationCreateGate(ctx context.Context,body *placestream.ModerationCreateGate_Input) (*placestream.ModerationCreateGate_Output, error) 447 447 + out, handleErr = s.handlePlaceStreamModerationCreateGate(ctx, &body) 448 448 + if handleErr != nil { 449 449 + return handleErr 450 450 + } 451 451 + return c.JSON(200, out) 452 452 + } 453 453 + 454 454 + func (s *Server) HandlePlaceStreamModerationDeleteBlock(c echo.Context) error { 455 455 + ctx, span := otel.Tracer("server").Start(c.Request().Context(), "HandlePlaceStreamModerationDeleteBlock") 456 456 + defer span.End() 457 457 + 458 458 + var body placestream.ModerationDeleteBlock_Input 459 459 + if err := c.Bind(&body); err != nil { 460 460 + return err 461 461 + } 462 462 + var out *placestream.ModerationDeleteBlock_Output 463 463 + var handleErr error 464 464 + // func (s *Server) handlePlaceStreamModerationDeleteBlock(ctx context.Context,body *placestream.ModerationDeleteBlock_Input) (*placestream.ModerationDeleteBlock_Output, error) 465 465 + out, handleErr = s.handlePlaceStreamModerationDeleteBlock(ctx, &body) 466 466 + if handleErr != nil { 467 467 + return handleErr 468 468 + } 469 469 + return c.JSON(200, out) 470 470 + } 471 471 + 472 472 + func (s *Server) HandlePlaceStreamModerationDeleteGate(c echo.Context) error { 473 473 + ctx, span := otel.Tracer("server").Start(c.Request().Context(), "HandlePlaceStreamModerationDeleteGate") 474 474 + defer span.End() 475 475 + 476 476 + var body placestream.ModerationDeleteGate_Input 477 477 + if err := c.Bind(&body); err != nil { 478 478 + return err 479 479 + } 480 480 + var out *placestream.ModerationDeleteGate_Output 481 481 + var handleErr error 482 482 + // func (s *Server) handlePlaceStreamModerationDeleteGate(ctx context.Context,body *placestream.ModerationDeleteGate_Input) (*placestream.ModerationDeleteGate_Output, error) 483 483 + out, handleErr = s.handlePlaceStreamModerationDeleteGate(ctx, &body) 484 484 + if handleErr != nil { 485 485 + return handleErr 486 486 + } 487 487 + return c.JSON(200, out) 488 488 + } 489 489 + 490 490 + func (s *Server) HandlePlaceStreamModerationUpdateLivestream(c echo.Context) error { 491 491 + ctx, span := otel.Tracer("server").Start(c.Request().Context(), "HandlePlaceStreamModerationUpdateLivestream") 492 492 + defer span.End() 493 493 + 494 494 + var body placestream.ModerationUpdateLivestream_Input 495 495 + if err := c.Bind(&body); err != nil { 496 496 + return err 497 497 + } 498 498 + var out *placestream.ModerationUpdateLivestream_Output 499 499 + var handleErr error 500 500 + // func (s *Server) handlePlaceStreamModerationUpdateLivestream(ctx context.Context,body *placestream.ModerationUpdateLivestream_Input) (*placestream.ModerationUpdateLivestream_Output, error) 501 501 + out, handleErr = s.handlePlaceStreamModerationUpdateLivestream(ctx, &body) 407 502 if handleErr != nil { 408 503 return handleErr 409 504 }

+61

pkg/statedb/moderation_audit_log.go

reviewed

··· 1 1 + package statedb 2 2 + 3 3 + import ( 4 4 + "context" 5 5 + "time" 6 6 + ) 7 7 + 8 8 + type ModerationAuditLog struct { 9 9 + ID uint `gorm:"primaryKey;autoIncrement"` 10 10 + StreamerDID string `gorm:"column:streamer_did;index:idx_streamer_time,priority:1"` 11 11 + ModeratorDID string `gorm:"column:moderator_did;index:idx_audit_moderator"` 12 12 + Action string `gorm:"column:action"` // "createBlock", "deleteBlock", "createGate", "deleteGate", "updateLivestream" 13 13 + TargetURI string `gorm:"column:target_uri"` // URI of affected resource 14 14 + TargetDID string `gorm:"column:target_did"` // DID of affected user (for blocks) 15 15 + ResultURI string `gorm:"column:result_uri"` // URI of created/deleted record 16 16 + Success bool `gorm:"column:success"` 17 17 + ErrorMsg string `gorm:"column:error_msg"` 18 18 + CreatedAt time.Time `gorm:"column:created_at;index:idx_streamer_time,priority:2"` 19 19 + } 20 20 + 21 21 + func (ModerationAuditLog) TableName() string { 22 22 + return "moderation_audit_logs" 23 23 + } 24 24 + 25 25 + func (state *StatefulDB) CreateAuditLog(ctx context.Context, log *ModerationAuditLog) error { 26 26 + return state.DB.WithContext(ctx).Create(log).Error 27 27 + } 28 28 + 29 29 + func (state *StatefulDB) GetAuditLogs(ctx context.Context, streamerDID string, limit int, before *time.Time) ([]*ModerationAuditLog, error) { 30 30 + var logs []*ModerationAuditLog 31 31 + query := state.DB.WithContext(ctx).Where("streamer_did = ?", streamerDID). 32 32 + Order("created_at DESC"). 33 33 + Limit(limit) 34 34 + 35 35 + if before != nil { 36 36 + query = query.Where("created_at < ?", *before) 37 37 + } 38 38 + 39 39 + err := query.Find(&logs).Error 40 40 + if err != nil { 41 41 + return nil, err 42 42 + } 43 43 + return logs, nil 44 44 + } 45 45 + 46 46 + func (state *StatefulDB) GetModeratorAuditLogs(ctx context.Context, moderatorDID string, limit int, before *time.Time) ([]*ModerationAuditLog, error) { 47 47 + var logs []*ModerationAuditLog 48 48 + query := state.DB.WithContext(ctx).Where("moderator_did = ?", moderatorDID). 49 49 + Order("created_at DESC"). 50 50 + Limit(limit) 51 51 + 52 52 + if before != nil { 53 53 + query = query.Where("created_at < ?", *before) 54 54 + } 55 55 + 56 56 + err := query.Find(&logs).Error 57 57 + if err != nil { 58 58 + return nil, err 59 59 + } 60 60 + return logs, nil 61 61 + }

+1

pkg/statedb/statedb.go

reviewed

··· 49 49 AppTask{}, 50 50 Repo{}, 51 51 Webhook{}, 52 52 + ModerationAuditLog{}, 52 53 } 53 54 54 55 var NoPostgresDatabaseCode = "3D000"

+295

pkg/streamplace/cbor_gen.go

reviewed

··· 4975 4975 4976 4976 return nil 4977 4977 } 4978 4978 + func (t *ModerationPermission) MarshalCBOR(w io.Writer) error { 4979 4979 + if t == nil { 4980 4980 + _, err := w.Write(cbg.CborNull) 4981 4981 + return err 4982 4982 + } 4983 4983 + 4984 4984 + cw := cbg.NewCborWriter(w) 4985 4985 + fieldCount := 5 4986 4986 + 4987 4987 + if t.ExpirationTime == nil { 4988 4988 + fieldCount-- 4989 4989 + } 4990 4990 + 4991 4991 + if _, err := cw.Write(cbg.CborEncodeMajorType(cbg.MajMap, uint64(fieldCount))); err != nil { 4992 4992 + return err 4993 4993 + } 4994 4994 + 4995 4995 + // t.LexiconTypeID (string) (string) 4996 4996 + if len("$type") > 1000000 { 4997 4997 + return xerrors.Errorf("Value in field \"$type\" was too long") 4998 4998 + } 4999 4999 + 5000 5000 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len("$type"))); err != nil { 5001 5001 + return err 5002 5002 + } 5003 5003 + if _, err := cw.WriteString(string("$type")); err != nil { 5004 5004 + return err 5005 5005 + } 5006 5006 + 5007 5007 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len("place.stream.moderation.permission"))); err != nil { 5008 5008 + return err 5009 5009 + } 5010 5010 + if _, err := cw.WriteString(string("place.stream.moderation.permission")); err != nil { 5011 5011 + return err 5012 5012 + } 5013 5013 + 5014 5014 + // t.CreatedAt (string) (string) 5015 5015 + if len("createdAt") > 1000000 { 5016 5016 + return xerrors.Errorf("Value in field \"createdAt\" was too long") 5017 5017 + } 5018 5018 + 5019 5019 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len("createdAt"))); err != nil { 5020 5020 + return err 5021 5021 + } 5022 5022 + if _, err := cw.WriteString(string("createdAt")); err != nil { 5023 5023 + return err 5024 5024 + } 5025 5025 + 5026 5026 + if len(t.CreatedAt) > 1000000 { 5027 5027 + return xerrors.Errorf("Value in field t.CreatedAt was too long") 5028 5028 + } 5029 5029 + 5030 5030 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len(t.CreatedAt))); err != nil { 5031 5031 + return err 5032 5032 + } 5033 5033 + if _, err := cw.WriteString(string(t.CreatedAt)); err != nil { 5034 5034 + return err 5035 5035 + } 5036 5036 + 5037 5037 + // t.Moderator (string) (string) 5038 5038 + if len("moderator") > 1000000 { 5039 5039 + return xerrors.Errorf("Value in field \"moderator\" was too long") 5040 5040 + } 5041 5041 + 5042 5042 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len("moderator"))); err != nil { 5043 5043 + return err 5044 5044 + } 5045 5045 + if _, err := cw.WriteString(string("moderator")); err != nil { 5046 5046 + return err 5047 5047 + } 5048 5048 + 5049 5049 + if len(t.Moderator) > 1000000 { 5050 5050 + return xerrors.Errorf("Value in field t.Moderator was too long") 5051 5051 + } 5052 5052 + 5053 5053 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len(t.Moderator))); err != nil { 5054 5054 + return err 5055 5055 + } 5056 5056 + if _, err := cw.WriteString(string(t.Moderator)); err != nil { 5057 5057 + return err 5058 5058 + } 5059 5059 + 5060 5060 + // t.Permissions ([]string) (slice) 5061 5061 + if len("permissions") > 1000000 { 5062 5062 + return xerrors.Errorf("Value in field \"permissions\" was too long") 5063 5063 + } 5064 5064 + 5065 5065 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len("permissions"))); err != nil { 5066 5066 + return err 5067 5067 + } 5068 5068 + if _, err := cw.WriteString(string("permissions")); err != nil { 5069 5069 + return err 5070 5070 + } 5071 5071 + 5072 5072 + if len(t.Permissions) > 8192 { 5073 5073 + return xerrors.Errorf("Slice value in field t.Permissions was too long") 5074 5074 + } 5075 5075 + 5076 5076 + if err := cw.WriteMajorTypeHeader(cbg.MajArray, uint64(len(t.Permissions))); err != nil { 5077 5077 + return err 5078 5078 + } 5079 5079 + for _, v := range t.Permissions { 5080 5080 + if len(v) > 1000000 { 5081 5081 + return xerrors.Errorf("Value in field v was too long") 5082 5082 + } 5083 5083 + 5084 5084 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len(v))); err != nil { 5085 5085 + return err 5086 5086 + } 5087 5087 + if _, err := cw.WriteString(string(v)); err != nil { 5088 5088 + return err 5089 5089 + } 5090 5090 + 5091 5091 + } 5092 5092 + 5093 5093 + // t.ExpirationTime (string) (string) 5094 5094 + if t.ExpirationTime != nil { 5095 5095 + 5096 5096 + if len("expirationTime") > 1000000 { 5097 5097 + return xerrors.Errorf("Value in field \"expirationTime\" was too long") 5098 5098 + } 5099 5099 + 5100 5100 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len("expirationTime"))); err != nil { 5101 5101 + return err 5102 5102 + } 5103 5103 + if _, err := cw.WriteString(string("expirationTime")); err != nil { 5104 5104 + return err 5105 5105 + } 5106 5106 + 5107 5107 + if t.ExpirationTime == nil { 5108 5108 + if _, err := cw.Write(cbg.CborNull); err != nil { 5109 5109 + return err 5110 5110 + } 5111 5111 + } else { 5112 5112 + if len(*t.ExpirationTime) > 1000000 { 5113 5113 + return xerrors.Errorf("Value in field t.ExpirationTime was too long") 5114 5114 + } 5115 5115 + 5116 5116 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len(*t.ExpirationTime))); err != nil { 5117 5117 + return err 5118 5118 + } 5119 5119 + if _, err := cw.WriteString(string(*t.ExpirationTime)); err != nil { 5120 5120 + return err 5121 5121 + } 5122 5122 + } 5123 5123 + } 5124 5124 + return nil 5125 5125 + } 5126 5126 + 5127 5127 + func (t *ModerationPermission) UnmarshalCBOR(r io.Reader) (err error) { 5128 5128 + *t = ModerationPermission{} 5129 5129 + 5130 5130 + cr := cbg.NewCborReader(r) 5131 5131 + 5132 5132 + maj, extra, err := cr.ReadHeader() 5133 5133 + if err != nil { 5134 5134 + return err 5135 5135 + } 5136 5136 + defer func() { 5137 5137 + if err == io.EOF { 5138 5138 + err = io.ErrUnexpectedEOF 5139 5139 + } 5140 5140 + }() 5141 5141 + 5142 5142 + if maj != cbg.MajMap { 5143 5143 + return fmt.Errorf("cbor input should be of type map") 5144 5144 + } 5145 5145 + 5146 5146 + if extra > cbg.MaxLength { 5147 5147 + return fmt.Errorf("ModerationPermission: map struct too large (%d)", extra) 5148 5148 + } 5149 5149 + 5150 5150 + n := extra 5151 5151 + 5152 5152 + nameBuf := make([]byte, 14) 5153 5153 + for i := uint64(0); i < n; i++ { 5154 5154 + nameLen, ok, err := cbg.ReadFullStringIntoBuf(cr, nameBuf, 1000000) 5155 5155 + if err != nil { 5156 5156 + return err 5157 5157 + } 5158 5158 + 5159 5159 + if !ok { 5160 5160 + // Field doesn't exist on this type, so ignore it 5161 5161 + if err := cbg.ScanForLinks(cr, func(cid.Cid) {}); err != nil { 5162 5162 + return err 5163 5163 + } 5164 5164 + continue 5165 5165 + } 5166 5166 + 5167 5167 + switch string(nameBuf[:nameLen]) { 5168 5168 + // t.LexiconTypeID (string) (string) 5169 5169 + case "$type": 5170 5170 + 5171 5171 + { 5172 5172 + sval, err := cbg.ReadStringWithMax(cr, 1000000) 5173 5173 + if err != nil { 5174 5174 + return err 5175 5175 + } 5176 5176 + 5177 5177 + t.LexiconTypeID = string(sval) 5178 5178 + } 5179 5179 + // t.CreatedAt (string) (string) 5180 5180 + case "createdAt": 5181 5181 + 5182 5182 + { 5183 5183 + sval, err := cbg.ReadStringWithMax(cr, 1000000) 5184 5184 + if err != nil { 5185 5185 + return err 5186 5186 + } 5187 5187 + 5188 5188 + t.CreatedAt = string(sval) 5189 5189 + } 5190 5190 + // t.Moderator (string) (string) 5191 5191 + case "moderator": 5192 5192 + 5193 5193 + { 5194 5194 + sval, err := cbg.ReadStringWithMax(cr, 1000000) 5195 5195 + if err != nil { 5196 5196 + return err 5197 5197 + } 5198 5198 + 5199 5199 + t.Moderator = string(sval) 5200 5200 + } 5201 5201 + // t.Permissions ([]string) (slice) 5202 5202 + case "permissions": 5203 5203 + 5204 5204 + maj, extra, err = cr.ReadHeader() 5205 5205 + if err != nil { 5206 5206 + return err 5207 5207 + } 5208 5208 + 5209 5209 + if extra > 8192 { 5210 5210 + return fmt.Errorf("t.Permissions: array too large (%d)", extra) 5211 5211 + } 5212 5212 + 5213 5213 + if maj != cbg.MajArray { 5214 5214 + return fmt.Errorf("expected cbor array") 5215 5215 + } 5216 5216 + 5217 5217 + if extra > 0 { 5218 5218 + t.Permissions = make([]string, extra) 5219 5219 + } 5220 5220 + 5221 5221 + for i := 0; i < int(extra); i++ { 5222 5222 + { 5223 5223 + var maj byte 5224 5224 + var extra uint64 5225 5225 + var err error 5226 5226 + _ = maj 5227 5227 + _ = extra 5228 5228 + _ = err 5229 5229 + 5230 5230 + { 5231 5231 + sval, err := cbg.ReadStringWithMax(cr, 1000000) 5232 5232 + if err != nil { 5233 5233 + return err 5234 5234 + } 5235 5235 + 5236 5236 + t.Permissions[i] = string(sval) 5237 5237 + } 5238 5238 + 5239 5239 + } 5240 5240 + } 5241 5241 + // t.ExpirationTime (string) (string) 5242 5242 + case "expirationTime": 5243 5243 + 5244 5244 + { 5245 5245 + b, err := cr.ReadByte() 5246 5246 + if err != nil { 5247 5247 + return err 5248 5248 + } 5249 5249 + if b != cbg.CborNull[0] { 5250 5250 + if err := cr.UnreadByte(); err != nil { 5251 5251 + return err 5252 5252 + } 5253 5253 + 5254 5254 + sval, err := cbg.ReadStringWithMax(cr, 1000000) 5255 5255 + if err != nil { 5256 5256 + return err 5257 5257 + } 5258 5258 + 5259 5259 + t.ExpirationTime = (*string)(&sval) 5260 5260 + } 5261 5261 + } 5262 5262 + 5263 5263 + default: 5264 5264 + // Field doesn't exist on this type, so ignore it 5265 5265 + if err := cbg.ScanForLinks(r, func(cid.Cid) {}); err != nil { 5266 5266 + return err 5267 5267 + } 5268 5268 + } 5269 5269 + } 5270 5270 + 5271 5271 + return nil 5272 5272 + } 4978 5273 func (t *LiveRecommendations) MarshalCBOR(w io.Writer) error { 4979 5274 if t == nil { 4980 5275 _, err := w.Write(cbg.CborNull)

+39

pkg/streamplace/moderationcreateBlock.go

reviewed

··· 1 1 + // Code generated by cmd/lexgen (see Makefile's lexgen); DO NOT EDIT. 2 2 + 3 3 + // Lexicon schema: place.stream.moderation.createBlock 4 4 + 5 5 + package streamplace 6 6 + 7 7 + import ( 8 8 + "context" 9 9 + 10 10 + lexutil "github.com/bluesky-social/indigo/lex/util" 11 11 + ) 12 12 + 13 13 + // ModerationCreateBlock_Input is the input argument to a place.stream.moderation.createBlock call. 14 14 + type ModerationCreateBlock_Input struct { 15 15 + // reason: Optional reason for the block. 16 16 + Reason *string `json:"reason,omitempty" cborgen:"reason,omitempty"` 17 17 + // streamer: The DID of the streamer whose chat this block applies to. 18 18 + Streamer string `json:"streamer" cborgen:"streamer"` 19 19 + // subject: The DID of the user being blocked from chat. 20 20 + Subject string `json:"subject" cborgen:"subject"` 21 21 + } 22 22 + 23 23 + // ModerationCreateBlock_Output is the output of a place.stream.moderation.createBlock call. 24 24 + type ModerationCreateBlock_Output struct { 25 25 + // cid: The CID of the created block record. 26 26 + Cid string `json:"cid" cborgen:"cid"` 27 27 + // uri: The AT-URI of the created block record. 28 28 + Uri string `json:"uri" cborgen:"uri"` 29 29 + } 30 30 + 31 31 + // ModerationCreateBlock calls the XRPC method "place.stream.moderation.createBlock". 32 32 + func ModerationCreateBlock(ctx context.Context, c lexutil.LexClient, input *ModerationCreateBlock_Input) (*ModerationCreateBlock_Output, error) { 33 33 + var out ModerationCreateBlock_Output 34 34 + if err := c.LexDo(ctx, lexutil.Procedure, "application/json", "place.stream.moderation.createBlock", nil, input, &out); err != nil { 35 35 + return nil, err 36 36 + } 37 37 + 38 38 + return &out, nil 39 39 + }

+37

pkg/streamplace/moderationcreateGate.go

reviewed

··· 1 1 + // Code generated by cmd/lexgen (see Makefile's lexgen); DO NOT EDIT. 2 2 + 3 3 + // Lexicon schema: place.stream.moderation.createGate 4 4 + 5 5 + package streamplace 6 6 + 7 7 + import ( 8 8 + "context" 9 9 + 10 10 + lexutil "github.com/bluesky-social/indigo/lex/util" 11 11 + ) 12 12 + 13 13 + // ModerationCreateGate_Input is the input argument to a place.stream.moderation.createGate call. 14 14 + type ModerationCreateGate_Input struct { 15 15 + // messageUri: The AT-URI of the chat message to hide. 16 16 + MessageUri string `json:"messageUri" cborgen:"messageUri"` 17 17 + // streamer: The DID of the streamer. 18 18 + Streamer string `json:"streamer" cborgen:"streamer"` 19 19 + } 20 20 + 21 21 + // ModerationCreateGate_Output is the output of a place.stream.moderation.createGate call. 22 22 + type ModerationCreateGate_Output struct { 23 23 + // cid: The CID of the created gate record. 24 24 + Cid string `json:"cid" cborgen:"cid"` 25 25 + // uri: The AT-URI of the created gate record. 26 26 + Uri string `json:"uri" cborgen:"uri"` 27 27 + } 28 28 + 29 29 + // ModerationCreateGate calls the XRPC method "place.stream.moderation.createGate". 30 30 + func ModerationCreateGate(ctx context.Context, c lexutil.LexClient, input *ModerationCreateGate_Input) (*ModerationCreateGate_Output, error) { 31 31 + var out ModerationCreateGate_Output 32 32 + if err := c.LexDo(ctx, lexutil.Procedure, "application/json", "place.stream.moderation.createGate", nil, input, &out); err != nil { 33 33 + return nil, err 34 34 + } 35 35 + 36 36 + return &out, nil 37 37 + }

+22

pkg/streamplace/moderationdefs.go

reviewed

··· 1 1 + // Code generated by cmd/lexgen (see Makefile's lexgen); DO NOT EDIT. 2 2 + 3 3 + // Lexicon schema: place.stream.moderation.defs 4 4 + 5 5 + package streamplace 6 6 + 7 7 + import ( 8 8 + appbsky "github.com/bluesky-social/indigo/api/bsky" 9 9 + lexutil "github.com/bluesky-social/indigo/lex/util" 10 10 + ) 11 11 + 12 12 + // ModerationDefs_PermissionView is a "permissionView" in the place.stream.moderation.defs schema. 13 13 + type ModerationDefs_PermissionView struct { 14 14 + // author: The streamer who granted these permissions 15 15 + Author *appbsky.ActorDefs_ProfileViewBasic `json:"author" cborgen:"author"` 16 16 + // cid: Content identifier of the permission record 17 17 + Cid string `json:"cid" cborgen:"cid"` 18 18 + // record: The permission record itself 19 19 + Record *lexutil.LexiconTypeDecoder `json:"record" cborgen:"record"` 20 20 + // uri: AT-URI of the permission record 21 21 + Uri string `json:"uri" cborgen:"uri"` 22 22 + }

+33

pkg/streamplace/moderationdeleteBlock.go

reviewed

··· 1 1 + // Code generated by cmd/lexgen (see Makefile's lexgen); DO NOT EDIT. 2 2 + 3 3 + // Lexicon schema: place.stream.moderation.deleteBlock 4 4 + 5 5 + package streamplace 6 6 + 7 7 + import ( 8 8 + "context" 9 9 + 10 10 + lexutil "github.com/bluesky-social/indigo/lex/util" 11 11 + ) 12 12 + 13 13 + // ModerationDeleteBlock_Input is the input argument to a place.stream.moderation.deleteBlock call. 14 14 + type ModerationDeleteBlock_Input struct { 15 15 + // blockUri: The AT-URI of the block record to delete. 16 16 + BlockUri string `json:"blockUri" cborgen:"blockUri"` 17 17 + // streamer: The DID of the streamer. 18 18 + Streamer string `json:"streamer" cborgen:"streamer"` 19 19 + } 20 20 + 21 21 + // ModerationDeleteBlock_Output is the output of a place.stream.moderation.deleteBlock call. 22 22 + type ModerationDeleteBlock_Output struct { 23 23 + } 24 24 + 25 25 + // ModerationDeleteBlock calls the XRPC method "place.stream.moderation.deleteBlock". 26 26 + func ModerationDeleteBlock(ctx context.Context, c lexutil.LexClient, input *ModerationDeleteBlock_Input) (*ModerationDeleteBlock_Output, error) { 27 27 + var out ModerationDeleteBlock_Output 28 28 + if err := c.LexDo(ctx, lexutil.Procedure, "application/json", "place.stream.moderation.deleteBlock", nil, input, &out); err != nil { 29 29 + return nil, err 30 30 + } 31 31 + 32 32 + return &out, nil 33 33 + }

+33

pkg/streamplace/moderationdeleteGate.go

reviewed

··· 1 1 + // Code generated by cmd/lexgen (see Makefile's lexgen); DO NOT EDIT. 2 2 + 3 3 + // Lexicon schema: place.stream.moderation.deleteGate 4 4 + 5 5 + package streamplace 6 6 + 7 7 + import ( 8 8 + "context" 9 9 + 10 10 + lexutil "github.com/bluesky-social/indigo/lex/util" 11 11 + ) 12 12 + 13 13 + // ModerationDeleteGate_Input is the input argument to a place.stream.moderation.deleteGate call. 14 14 + type ModerationDeleteGate_Input struct { 15 15 + // gateUri: The AT-URI of the gate record to delete. 16 16 + GateUri string `json:"gateUri" cborgen:"gateUri"` 17 17 + // streamer: The DID of the streamer. 18 18 + Streamer string `json:"streamer" cborgen:"streamer"` 19 19 + } 20 20 + 21 21 + // ModerationDeleteGate_Output is the output of a place.stream.moderation.deleteGate call. 22 22 + type ModerationDeleteGate_Output struct { 23 23 + } 24 24 + 25 25 + // ModerationDeleteGate calls the XRPC method "place.stream.moderation.deleteGate". 26 26 + func ModerationDeleteGate(ctx context.Context, c lexutil.LexClient, input *ModerationDeleteGate_Input) (*ModerationDeleteGate_Output, error) { 27 27 + var out ModerationDeleteGate_Output 28 28 + if err := c.LexDo(ctx, lexutil.Procedure, "application/json", "place.stream.moderation.deleteGate", nil, input, &out); err != nil { 29 29 + return nil, err 30 30 + } 31 31 + 32 32 + return &out, nil 33 33 + }

+25

pkg/streamplace/moderationpermission.go

reviewed

··· 1 1 + // Code generated by cmd/lexgen (see Makefile's lexgen); DO NOT EDIT. 2 2 + 3 3 + // Lexicon schema: place.stream.moderation.permission 4 4 + 5 5 + package streamplace 6 6 + 7 7 + import ( 8 8 + lexutil "github.com/bluesky-social/indigo/lex/util" 9 9 + ) 10 10 + 11 11 + func init() { 12 12 + lexutil.RegisterType("place.stream.moderation.permission", &ModerationPermission{}) 13 13 + } 14 14 + 15 15 + type ModerationPermission struct { 16 16 + LexiconTypeID string `json:"$type" cborgen:"$type,const=place.stream.moderation.permission"` 17 17 + // createdAt: Client-declared timestamp when this moderator was added. 18 18 + CreatedAt string `json:"createdAt" cborgen:"createdAt"` 19 19 + // expirationTime: Optional expiration time for this delegation. If set, the delegation is invalid after this time. 20 20 + ExpirationTime *string `json:"expirationTime,omitempty" cborgen:"expirationTime,omitempty"` 21 21 + // moderator: The DID of the user granted moderator permissions. 22 22 + Moderator string `json:"moderator" cborgen:"moderator"` 23 23 + // permissions: Array of permissions granted to this moderator. 'ban' covers blocks/bans (with optional expiration), 'hide' covers message gates, 'livestream.manage' allows updating livestream metadata. 24 24 + Permissions []string `json:"permissions" cborgen:"permissions"` 25 25 + }

+39

pkg/streamplace/moderationupdateLivestream.go

reviewed

··· 1 1 + // Code generated by cmd/lexgen (see Makefile's lexgen); DO NOT EDIT. 2 2 + 3 3 + // Lexicon schema: place.stream.moderation.updateLivestream 4 4 + 5 5 + package streamplace 6 6 + 7 7 + import ( 8 8 + "context" 9 9 + 10 10 + lexutil "github.com/bluesky-social/indigo/lex/util" 11 11 + ) 12 12 + 13 13 + // ModerationUpdateLivestream_Input is the input argument to a place.stream.moderation.updateLivestream call. 14 14 + type ModerationUpdateLivestream_Input struct { 15 15 + // livestreamUri: The AT-URI of the livestream record to update. 16 16 + LivestreamUri string `json:"livestreamUri" cborgen:"livestreamUri"` 17 17 + // streamer: The DID of the streamer. 18 18 + Streamer string `json:"streamer" cborgen:"streamer"` 19 19 + // title: New title for the livestream. 20 20 + Title *string `json:"title,omitempty" cborgen:"title,omitempty"` 21 21 + } 22 22 + 23 23 + // ModerationUpdateLivestream_Output is the output of a place.stream.moderation.updateLivestream call. 24 24 + type ModerationUpdateLivestream_Output struct { 25 25 + // cid: The CID of the updated livestream record. 26 26 + Cid string `json:"cid" cborgen:"cid"` 27 27 + // uri: The AT-URI of the updated livestream record. 28 28 + Uri string `json:"uri" cborgen:"uri"` 29 29 + } 30 30 + 31 31 + // ModerationUpdateLivestream calls the XRPC method "place.stream.moderation.updateLivestream". 32 32 + func ModerationUpdateLivestream(ctx context.Context, c lexutil.LexClient, input *ModerationUpdateLivestream_Input) (*ModerationUpdateLivestream_Output, error) { 33 33 + var out ModerationUpdateLivestream_Output 34 34 + if err := c.LexDo(ctx, lexutil.Procedure, "application/json", "place.stream.moderation.updateLivestream", nil, input, &out); err != nil { 35 35 + return nil, err 36 36 + } 37 37 + 38 38 + return &out, nil 39 39 + }