feat: init

2026-06-07 11:30:56 +08:00
commit 563381c1ca
361 changed files with 41327 additions and 0 deletions
@@ -0,0 +1,431 @@
+use chrono::Utc;
+use serde::{Deserialize, Serialize};
+use uuid::Uuid;
+
+use crate::error::AppError;
+use crate::models::common::Role;
+use crate::models::prs::{PrReview, PrReviewComment};
+use crate::service::PrService;
+use crate::session::Session;
+
+use super::util::{clamp_limit_offset, ensure_affected, required_text};
+
+#[derive(Debug, Deserialize, Serialize, utoipa::ToSchema)]
+pub struct CreateReviewParams {
+    pub body: Option<String>,
+    pub state: Option<String>,
+    pub commit_sha: Option<String>,
+    pub comments: Option<Vec<ReviewCommentParams>>,
+}
+
+#[derive(Debug, Deserialize, Serialize, utoipa::ToSchema)]
+pub struct ReviewCommentParams {
+    pub path: String,
+    pub body: String,
+    pub line: Option<i32>,
+    pub start_line: Option<i32>,
+    pub diff_hunk: Option<String>,
+}
+
+#[derive(Debug, Deserialize, Serialize, utoipa::ToSchema)]
+pub struct SubmitReviewParams {
+    pub body: Option<String>,
+    pub state: String,
+}
+
+#[derive(Debug, Deserialize, Serialize, utoipa::ToSchema)]
+pub struct DismissReviewParams {
+    pub reason: String,
+}
+
+#[derive(Debug, Deserialize, Serialize, utoipa::ToSchema)]
+pub struct AddReplyParams {
+    pub body: String,
+}
+
+impl PrService {
+    pub async fn pr_list_reviews(
+        &self,
+        ctx: &Session,
+        wk_name: &str,
+        repo_name: &str,
+        number: i64,
+        limit: i64,
+        offset: i64,
+    ) -> Result<Vec<PrReview>, AppError> {
+        let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
+        let pr = self.resolve_pr(wk_name, repo_name, number).await?;
+        self.ensure_pr_readable(user_uid, &pr).await?;
+        let (limit, offset) = clamp_limit_offset(limit, offset);
+        sqlx::query_as::<_, PrReview>(
+            "SELECT id, pull_request_id, author_id, state, body, commit_sha, \
+             submitted_at, dismissed_at, dismissed_by, dismiss_reason, created_at, updated_at \
+             FROM pr_review WHERE pull_request_id = $1 \
+             ORDER BY created_at ASC LIMIT $2 OFFSET $3",
+        )
+        .bind(pr.id)
+        .bind(limit)
+        .bind(offset)
+        .fetch_all(self.ctx.db.reader())
+        .await
+        .map_err(AppError::Database)
+    }
+
+    pub async fn pr_create_review(
+        &self,
+        ctx: &Session,
+        wk_name: &str,
+        repo_name: &str,
+        number: i64,
+        params: CreateReviewParams,
+    ) -> Result<PrReview, AppError> {
+        let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
+        let pr = self.resolve_pr(wk_name, repo_name, number).await?;
+        self.ensure_pr_readable(user_uid, &pr).await?;
+
+        let state = params.state.as_deref().unwrap_or("pending");
+        if !["pending", "approved", "changes_requested", "commented"].contains(&state) {
+            return Err(AppError::BadRequest("invalid review state".into()));
+        }
+        if matches!(state, "approved" | "changes_requested") {
+            let repo = self.resolve_repo(wk_name, repo_name).await?;
+            self.ensure_repo_role_at_least(user_uid, &repo, Role::Member)
+                .await?;
+            if state == "approved" && pr.author_id == user_uid {
+                return Err(AppError::BadRequest(
+                    "PR authors cannot approve their own pull requests".into(),
+                ));
+            }
+        }
+
+        let now = Utc::now();
+        let review_id = Uuid::now_v7();
+
+        let mut txn = self
+            .ctx
+            .db
+            .writer()
+            .begin()
+            .await
+            .map_err(|_| AppError::TxnError)?;
+        sqlx::query("SET LOCAL app.current_user_id = $1")
+            .bind(user_uid)
+            .execute(&mut *txn)
+            .await
+            .map_err(AppError::Database)?;
+
+        let review = sqlx::query_as::<_, PrReview>(
+            "INSERT INTO pr_review (id, pull_request_id, author_id, state, body, commit_sha, \
+             submitted_at, created_at, updated_at) \
+             VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $8) \
+             RETURNING id, pull_request_id, author_id, state, body, commit_sha, \
+             submitted_at, dismissed_at, dismissed_by, dismiss_reason, created_at, updated_at",
+        )
+        .bind(review_id)
+        .bind(pr.id)
+        .bind(user_uid)
+        .bind(state)
+        .bind(params.body.as_deref())
+        .bind(
+            params
+                .commit_sha
+                .as_deref()
+                .or(Some(pr.head_commit_sha.as_str())),
+        )
+        .bind(if state != "pending" { Some(now) } else { None })
+        .bind(now)
+        .fetch_one(&mut *txn)
+        .await
+        .map_err(AppError::Database)?;
+
+        if let Some(comments) = &params.comments {
+            for c in comments {
+                let path = required_text(c.path.clone(), "path")?;
+                let body = required_text(c.body.clone(), "body")?;
+                sqlx::query(
+                    "INSERT INTO pr_review_comment (id, review_id, pull_request_id, author_id, body, path, \
+                     line, original_line, start_line, original_start_line, diff_hunk, in_reply_to_id, \
+                     edited_at, created_at, updated_at) \
+                     VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, NULL, NULL, $12, $12)",
+                )
+                .bind(Uuid::now_v7()).bind(review_id).bind(pr.id).bind(user_uid)
+                .bind(&body).bind(&path)
+                .bind(c.line).bind(c.line)
+                .bind(c.start_line).bind(c.start_line)
+                .bind(c.diff_hunk.as_deref())
+                .bind(now)
+                .execute(&mut *txn).await.map_err(AppError::Database)?;
+            }
+        }
+
+        if matches!(state, "approved" | "changes_requested") {
+            sqlx::query(
+                "UPDATE pr_status SET approvals_count = (SELECT COUNT(*) FROM pr_review r \
+                 JOIN pull_request pr ON pr.id = r.pull_request_id \
+                 WHERE r.pull_request_id = $1 AND r.state = 'approved' AND r.dismissed_at IS NULL \
+                 AND r.submitted_at IS NOT NULL AND r.author_id <> pr.author_id), \
+                 updated_at = $2 WHERE pull_request_id = $1",
+            )
+            .bind(pr.id)
+            .bind(now)
+            .execute(&mut *txn)
+            .await
+            .map_err(AppError::Database)?;
+        }
+
+        txn.commit().await.map_err(|_| AppError::TxnError)?;
+        Ok(review)
+    }
+
+    pub async fn pr_submit_review(
+        &self,
+        ctx: &Session,
+        wk_name: &str,
+        repo_name: &str,
+        number: i64,
+        review_id: Uuid,
+        params: SubmitReviewParams,
+    ) -> Result<PrReview, AppError> {
+        let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
+        let pr = self.resolve_pr(wk_name, repo_name, number).await?;
+        self.ensure_pr_readable(user_uid, &pr).await?;
+
+        let state = params.state.as_str();
+        if !["approved", "changes_requested", "commented"].contains(&state) {
+            return Err(AppError::BadRequest("invalid review state".into()));
+        }
+
+        if matches!(state, "approved" | "changes_requested") {
+            let repo = self.resolve_repo(wk_name, repo_name).await?;
+            self.ensure_repo_role_at_least(user_uid, &repo, Role::Member)
+                .await?;
+            if state == "approved" && pr.author_id == user_uid {
+                return Err(AppError::BadRequest(
+                    "PR authors cannot approve their own pull requests".into(),
+                ));
+            }
+        }
+
+        let now = Utc::now();
+        let mut txn = self
+            .ctx
+            .db
+            .writer()
+            .begin()
+            .await
+            .map_err(|_| AppError::TxnError)?;
+        sqlx::query("SET LOCAL app.current_user_id = $1")
+            .bind(user_uid)
+            .execute(&mut *txn)
+            .await
+            .map_err(AppError::Database)?;
+
+        let review = sqlx::query_as::<_, PrReview>(
+            "UPDATE pr_review SET state = $1, body = COALESCE($2, body), submitted_at = $3, updated_at = $3 \
+             WHERE id = $4 AND pull_request_id = $5 AND author_id = $6 AND submitted_at IS NULL AND dismissed_at IS NULL \
+             RETURNING id, pull_request_id, author_id, state, body, commit_sha, \
+             submitted_at, dismissed_at, dismissed_by, dismiss_reason, created_at, updated_at",
+        )
+        .bind(state).bind(params.body.as_deref()).bind(now)
+        .bind(review_id).bind(pr.id).bind(user_uid)
+        .fetch_optional(&mut *txn).await.map_err(AppError::Database)?
+        .ok_or(AppError::NotFound("review not found or already submitted".into()))?;
+
+        if state == "approved" || state == "changes_requested" {
+            sqlx::query(
+                "UPDATE pr_status SET approvals_count = (SELECT COUNT(*) FROM pr_review r \
+                 JOIN pull_request pr ON pr.id = r.pull_request_id \
+                 WHERE r.pull_request_id = $1 AND r.state = 'approved' AND r.dismissed_at IS NULL \
+                 AND r.submitted_at IS NOT NULL AND r.author_id <> pr.author_id), \
+                 updated_at = $2 WHERE pull_request_id = $1",
+            )
+            .bind(pr.id)
+            .bind(now)
+            .execute(&mut *txn)
+            .await
+            .map_err(AppError::Database)?;
+        }
+
+        txn.commit().await.map_err(|_| AppError::TxnError)?;
+        Ok(review)
+    }
+
+    pub async fn pr_dismiss_review(
+        &self,
+        ctx: &Session,
+        wk_name: &str,
+        repo_name: &str,
+        number: i64,
+        review_id: Uuid,
+        params: DismissReviewParams,
+    ) -> Result<PrReview, AppError> {
+        let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
+        let pr = self.resolve_pr(wk_name, repo_name, number).await?;
+        let repo = self.resolve_repo(wk_name, repo_name).await?;
+        self.ensure_repo_role_at_least(user_uid, &repo, Role::Admin)
+            .await?;
+
+        let reason = required_text(params.reason, "reason")?;
+        let now = Utc::now();
+        let mut txn = self
+            .ctx
+            .db
+            .writer()
+            .begin()
+            .await
+            .map_err(|_| AppError::TxnError)?;
+        sqlx::query("SET LOCAL app.current_user_id = $1")
+            .bind(user_uid)
+            .execute(&mut *txn)
+            .await
+            .map_err(AppError::Database)?;
+
+        let review = sqlx::query_as::<_, PrReview>(
+            "UPDATE pr_review SET dismissed_at = $1, dismissed_by = $2, dismiss_reason = $3, updated_at = $1 \
+             WHERE id = $4 AND pull_request_id = $5 AND submitted_at IS NOT NULL AND dismissed_at IS NULL \
+             RETURNING id, pull_request_id, author_id, state, body, commit_sha, \
+             submitted_at, dismissed_at, dismissed_by, dismiss_reason, created_at, updated_at",
+        )
+        .bind(now).bind(user_uid).bind(&reason)
+        .bind(review_id).bind(pr.id)
+        .fetch_optional(&mut *txn).await.map_err(AppError::Database)?
+        .ok_or(AppError::NotFound("review not found or not submitted".into()))?;
+
+        sqlx::query(
+            "UPDATE pr_status SET approvals_count = (SELECT COUNT(*) FROM pr_review \
+             WHERE pull_request_id = $1 AND state = 'approved' AND dismissed_at IS NULL), \
+             updated_at = $2 WHERE pull_request_id = $1",
+        )
+        .bind(pr.id)
+        .bind(now)
+        .execute(&mut *txn)
+        .await
+        .map_err(AppError::Database)?;
+
+        txn.commit().await.map_err(|_| AppError::TxnError)?;
+        Ok(review)
+    }
+
+    #[allow(clippy::too_many_arguments)]
+    pub async fn pr_review_comments(
+        &self,
+        ctx: &Session,
+        wk_name: &str,
+        repo_name: &str,
+        number: i64,
+        review_id: Uuid,
+        limit: i64,
+        offset: i64,
+    ) -> Result<Vec<PrReviewComment>, AppError> {
+        let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
+        let pr = self.resolve_pr(wk_name, repo_name, number).await?;
+        self.ensure_pr_readable(user_uid, &pr).await?;
+        let (limit, offset) = clamp_limit_offset(limit, offset);
+        sqlx::query_as::<_, PrReviewComment>(
+            "SELECT id, review_id, pull_request_id, author_id, body, path, line, original_line, \
+             start_line, original_start_line, diff_hunk, in_reply_to_id, edited_at, created_at, updated_at \
+             FROM pr_review_comment WHERE review_id = $1 AND pull_request_id = $2 ORDER BY created_at ASC LIMIT $3 OFFSET $4",
+        )
+        .bind(review_id).bind(pr.id).bind(limit).bind(offset)
+        .fetch_all(self.ctx.db.reader()).await.map_err(AppError::Database)
+    }
+
+    pub async fn pr_add_review_reply(
+        &self,
+        ctx: &Session,
+        wk_name: &str,
+        repo_name: &str,
+        number: i64,
+        comment_id: Uuid,
+        params: AddReplyParams,
+    ) -> Result<PrReviewComment, AppError> {
+        let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
+        let pr = self.resolve_pr(wk_name, repo_name, number).await?;
+        self.ensure_pr_readable(user_uid, &pr).await?;
+
+        let body = required_text(params.body, "body")?;
+        let parent = sqlx::query_as::<_, PrReviewComment>(
+            "SELECT id, review_id, pull_request_id, author_id, body, path, line, original_line, \
+             start_line, original_start_line, diff_hunk, in_reply_to_id, edited_at, created_at, updated_at \
+             FROM pr_review_comment WHERE id = $1 AND pull_request_id = $2",
+        )
+        .bind(comment_id).bind(pr.id)
+        .fetch_optional(self.ctx.db.reader()).await.map_err(AppError::Database)?
+        .ok_or(AppError::NotFound("comment not found".into()))?;
+
+        let now = Utc::now();
+        sqlx::query_as::<_, PrReviewComment>(
+            "INSERT INTO pr_review_comment (id, review_id, pull_request_id, author_id, body, path, \
+             line, original_line, start_line, original_start_line, diff_hunk, in_reply_to_id, \
+             edited_at, created_at, updated_at) \
+             VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, NULL, $13, $13) \
+             RETURNING id, review_id, pull_request_id, author_id, body, path, line, original_line, \
+             start_line, original_start_line, diff_hunk, in_reply_to_id, edited_at, created_at, updated_at",
+        )
+        .bind(Uuid::now_v7()).bind(parent.review_id).bind(pr.id).bind(user_uid)
+        .bind(&body).bind(&parent.path)
+        .bind(parent.line).bind(parent.original_line)
+        .bind(parent.start_line).bind(parent.original_start_line)
+        .bind(parent.diff_hunk.as_deref())
+        .bind(comment_id).bind(now)
+        .fetch_one(self.ctx.db.writer()).await.map_err(AppError::Database)
+    }
+
+    pub async fn pr_update_review_comment(
+        &self,
+        ctx: &Session,
+        wk_name: &str,
+        repo_name: &str,
+        number: i64,
+        comment_id: Uuid,
+        params: AddReplyParams,
+    ) -> Result<PrReviewComment, AppError> {
+        let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
+        let pr = self.resolve_pr(wk_name, repo_name, number).await?;
+        let body = required_text(params.body, "body")?;
+        let now = Utc::now();
+        sqlx::query_as::<_, PrReviewComment>(
+            "UPDATE pr_review_comment SET body = $1, edited_at = $2, updated_at = $2 \
+             WHERE id = $3 AND pull_request_id = $4 AND author_id = $5 \
+             RETURNING id, review_id, pull_request_id, author_id, body, path, line, original_line, \
+             start_line, original_start_line, diff_hunk, in_reply_to_id, edited_at, created_at, updated_at",
+        )
+        .bind(&body).bind(now).bind(comment_id).bind(pr.id).bind(user_uid)
+        .fetch_optional(self.ctx.db.writer()).await.map_err(AppError::Database)?
+        .ok_or(AppError::NotFound("comment not found or not authored by you".into()))
+    }
+
+    pub async fn pr_delete_review_comment(
+        &self,
+        ctx: &Session,
+        wk_name: &str,
+        repo_name: &str,
+        number: i64,
+        comment_id: Uuid,
+    ) -> Result<(), AppError> {
+        let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
+        let pr = self.resolve_pr(wk_name, repo_name, number).await?;
+        let repo = self.resolve_repo(wk_name, repo_name).await?;
+
+        let comment = sqlx::query_as::<_, PrReviewComment>(
+            "SELECT id, review_id, pull_request_id, author_id, body, path, line, original_line, \
+             start_line, original_start_line, diff_hunk, in_reply_to_id, edited_at, created_at, updated_at \
+             FROM pr_review_comment WHERE id = $1 AND pull_request_id = $2",
+        )
+        .bind(comment_id).bind(pr.id)
+        .fetch_optional(self.ctx.db.reader()).await.map_err(AppError::Database)?
+        .ok_or(AppError::NotFound("comment not found".into()))?;
+
+        if comment.author_id != user_uid {
+            self.ensure_repo_role_at_least(user_uid, &repo, Role::Admin)
+                .await?;
+        }
+
+        let result = sqlx::query("DELETE FROM pr_review_comment WHERE id = $1")
+            .bind(comment_id)
+            .execute(self.ctx.db.writer())
+            .await
+            .map_err(AppError::Database)?;
+        ensure_affected(result.rows_affected(), "comment not found")
+    }
+}