Feat/v0.11.0 (#53)

Author: xbingW

backend/go.mod

@@ -3,6 +3,7 @@ module github.com/chaitin/koalaqa
 go 1.25.0
 
 require (
+	github.com/Narasimha1997/ratelimiter v1.1.1
 	github.com/caarlos0/env/v11 v11.3.1
 	github.com/chaitin/ModelKit v1.8.3
 	github.com/chaitin/pandawiki/sdk/rag v0.0.0-20250927130416-bcfc4bde3379

backend/go.sum

@@ -16,6 +16,8 @@ github.com/JohannesKaufmann/html-to-markdown/v2 v2.3.3 h1:r3fokGFRDk/8pHmwLwJ8zs
 github.com/JohannesKaufmann/html-to-markdown/v2 v2.3.3/go.mod h1:HtsP+1Fchp4dVvaiIsLHAl/yqL3H1YLwqLC9kNwqQEg=
 github.com/KyleBanks/depth v1.2.1 h1:5h8fQADFrWtarTdtDudMmGsC7GPbOAu6RVB3ffsVFHc=
 github.com/KyleBanks/depth v1.2.1/go.mod h1:jzSb9d0L43HxTQfT+oSA1EEp2q+ne2uh6XgeJcm8brE=
+github.com/Narasimha1997/ratelimiter v1.1.1 h1:ndkK0dHqUKdwSElE8Kghz+0gVcGEa9q6/CisEL/h6HU=
+github.com/Narasimha1997/ratelimiter v1.1.1/go.mod h1:TCsPmcx5vkQJu64sbTLRcr8xpNNmO22OTnvhfXEWoNw=
 github.com/airbrake/gobrake v3.6.1+incompatible/go.mod h1:wM4gu3Cn0W0K7GUuVWnlXZU11AGBXMILnrdOU8Kn00o=
 github.com/bahlo/generic-list-go v0.2.0 h1:5sz/EEAK+ls5wF+NeqDpk5+iNdMDXrh3z3nPnH1Wvgk=
 github.com/bahlo/generic-list-go v0.2.0/go.mod h1:2KvAjgMlE5NNynlg/5iLrrCCZ2+5xWbdbCW3pNTGyYg=

backend/migration/20251029101746_update_discussion_members.go

@@ -0,0 +1,27 @@
+package migration
+
+import (
+	"gorm.io/gorm"
+
+	"github.com/chaitin/koalaqa/migration/migrator"
+)
+
+type updateDiscussionMembers struct{}
+
+func (m *updateDiscussionMembers) Version() int64 {
+	return 20251029101746
+}
+
+func (m *updateDiscussionMembers) Migrate(tx *gorm.DB) error {
+	return tx.Exec(`UPDATE discussions SET members = ARRAY_REMOVE(ARRAY_APPEND(comm.user_ids, user_id), 0)
+FROM (SELECT discussion_id, ARRAY_AGG(distinct user_id) AS user_ids FROM comments GROUP BY discussion_id) AS comm
+WHERE discussions.id = comm.discussion_id;`).Error
+}
+
+func newUpdateDiscussionMembers() migrator.Migrator {
+	return &updateDiscussionMembers{}
+}
+
+func init() {
+	registerDBMigrator(newUpdateDiscussionMembers)
+}

backend/pkg/webhook/message/discuss.go

@@ -2,6 +2,7 @@ package message
 
 import (
 	"bytes"
+	"strconv"
 	"strings"
 	"text/template"
 	"time"
@@ -39,6 +40,10 @@ type sendDiscussMsg struct {
 	platformMsg
 }
 
+func (d *discussMsg) ID() string {
+	return strconv.FormatUint(uint64(d.Common.Discussion.ID), 10)
+}
+
 func (d *discussMsg) Message(webhookType model.WebhookType) (string, error) {
 	var buff bytes.Buffer
 	err := discussTpl.Execute(&buff, sendDiscussMsg{

backend/pkg/webhook/message/message.go

@@ -62,6 +62,7 @@ type Common struct {
 }
 
 type Message interface {
+	ID() string
 	Type() Type
 	Title() string
 	Message(webhookType model.WebhookType) (string, error)

backend/pkg/webhook/message/qa.go

@@ -2,6 +2,7 @@ package message
 
 import (
 	"bytes"
+	"strconv"
 	"text/template"
 	"time"
 
@@ -38,6 +39,10 @@ type sendQAMsg struct {
 	platformMsg
 }
 
+func (q *docMsg) ID() string {
+	return strconv.FormatUint(uint64(q.Doc.ID), 10)
+}
+
 func (q *docMsg) Message(webhookType model.WebhookType) (string, error) {
 	var buff bytes.Buffer
 	err := docTpl.Execute(&buff, sendQAMsg{
@@ -70,7 +75,7 @@ func NewQANeedReview(body commonDoc) Message {
 	return &docMsg{
 		Header: Header{
 			MsgType:       TypeQANeedReview,
-			MsgTitle:      "有新的问答等待审核",
+			MsgTitle:      "后台有新的回答等待审核",
 			HeadingPrefix: "问题",
 		},
 		Doc: body,

backend/router/discussion_auth.go

@@ -293,7 +293,7 @@ func (d *discussionAuth) RevokeCommentLike(ctx *context.Context) {
 		return
 	}
 
-	err = d.disc.RevokeLike(ctx, ctx.GetUser().UID, commentID)
+	err = d.disc.RevokeLike(ctx, ctx.GetUser().UID, ctx.Param("disc_id"), commentID)
 	if err != nil {
 		ctx.InternalError(err, "dislike comment failed")
 		return

backend/svc/discussion.go

@@ -1,13 +1,15 @@
 package svc
 
 import (
+	"bytes"
 	"context"
 	"errors"
 	"fmt"
 	"mime/multipart"
 	"path/filepath"
 	"time"
 
+	"github.com/Narasimha1997/ratelimiter"
 	"github.com/chaitin/koalaqa/model"
 	"github.com/chaitin/koalaqa/pkg/glog"
 	"github.com/chaitin/koalaqa/pkg/mq"
@@ -41,6 +43,7 @@ type Discussion struct {
 
 	logger      *glog.Logger
 	webhookType map[model.DiscussionType]message.Type
+	limiter     *ratelimiter.AttributeBasedLimiter
 }
 
 func newDiscussion(in discussionIn) *Discussion {
@@ -52,6 +55,7 @@ func newDiscussion(in discussionIn) *Discussion {
 			model.DiscussionTypeFeedback: message.TypeNewFeedback,
 			model.DiscussionTypeBlog:     message.TypeNewBlog,
 		},
+		limiter: ratelimiter.NewAttributeBasedLimiter(false),
 	}
 }
 
@@ -73,7 +77,30 @@ func (d *Discussion) generateUUID() string {
 	return util.RandomString(16)
 }
 
+func (d *Discussion) limitKey(args ...any) string {
+	if len(args) == 0 {
+		return ""
+	}
+
+	buff := bytes.NewBufferString("%v")
+	for i := 1; i < len(args); i++ {
+		buff.WriteString("-%v")
+	}
+
+	return fmt.Sprintf(buff.String(), args...)
+}
+
+func (d *Discussion) allow(args ...any) bool {
+	return d.limiter.MustShouldAllow(d.limitKey(args...), 1, 3, time.Minute)
+}
+
+var errRatelimit = errors.New("ratelimit")
+
 func (d *Discussion) Create(ctx context.Context, req DiscussionCreateReq) (string, error) {
+	if !d.allow("discussion", req.UserID) {
+		return "", errRatelimit
+	}
+
 	if len(req.GroupIDs) > 0 {
 		err := d.in.GroupItemRepo.FilterIDs(ctx, &req.GroupIDs)
 		if err != nil {
@@ -292,7 +319,7 @@ func (d *Discussion) IncrementComment(uuid string, updateTime bool) {
 func (d *Discussion) DecrementComment(uuid string) {
 	ctx := context.Background()
 	d.in.DiscRepo.Update(ctx, map[string]any{
-		"comment": gorm.Expr("comment-1"),
+		"comment": gorm.Expr("CASE WHEN comment>0 THEN comment-1 END"),
 	}, repo.QueryWithEqual("uuid", uuid))
 
 	go d.RecalculateHot(uuid)
@@ -321,6 +348,10 @@ func (d *Discussion) RecalculateHot(uuid string) {
 }
 
 func (d *Discussion) LikeDiscussion(ctx context.Context, discUUID string, user model.UserInfo) error {
+	if !d.allow("like", discUUID, user.UID) {
+		return errRatelimit
+	}
+
 	if err := d.in.DiscRepo.LikeDiscussion(ctx, discUUID, user.UID); err != nil {
 		return err
 	}
@@ -344,6 +375,10 @@ func (d *Discussion) LikeDiscussion(ctx context.Context, discUUID string, user m
 }
 
 func (d *Discussion) RevokeLikeDiscussion(ctx context.Context, discUUID string, uid uint) error {
+	if !d.allow("like", discUUID, uid) {
+		return errRatelimit
+	}
+
 	if err := d.in.DiscRepo.RevokeLikeDiscussion(ctx, discUUID, uid); err != nil {
 		return err
 	}
@@ -406,6 +441,12 @@ type CommentCreateReq struct {
 }
 
 func (d *Discussion) CreateComment(ctx context.Context, uid uint, discUUID string, req CommentCreateReq) (uint, error) {
+	if !req.Bot {
+		if !d.allow("comment", discUUID, uid) {
+			return 0, errRatelimit
+		}
+	}
+
 	disc, err := d.in.DiscRepo.GetByUUID(ctx, discUUID)
 	if err != nil {
 		return 0, err
@@ -568,6 +609,10 @@ func (d *Discussion) UploadFile(ctx context.Context, req DiscussUploadFileReq) (
 }
 
 func (d *Discussion) AcceptComment(ctx context.Context, user model.UserInfo, discUUID string, commentID uint) error {
+	if !d.allow("accept", discUUID, user.UID) {
+		return errRatelimit
+	}
+
 	disc, err := d.in.DiscRepo.GetByUUID(ctx, discUUID)
 	if err != nil {
 		return err
@@ -645,6 +690,10 @@ func (d *Discussion) AcceptComment(ctx context.Context, user model.UserInfo, dis
 }
 
 func (d *Discussion) LikeComment(ctx context.Context, userInfo model.UserInfo, discUUID string, commentID uint) error {
+	if !d.allow("like", discUUID, userInfo.UID) {
+		return errRatelimit
+	}
+
 	disc, err := d.in.DiscRepo.GetByUUID(ctx, discUUID)
 	if err != nil {
 		return err
@@ -682,6 +731,10 @@ func (d *Discussion) LikeComment(ctx context.Context, userInfo model.UserInfo, d
 }
 
 func (d *Discussion) DislikeComment(ctx context.Context, userInfo model.UserInfo, discUUID string, commentID uint) error {
+	if !d.allow("like", discUUID, userInfo.UID) {
+		return errRatelimit
+	}
+
 	disc, err := d.in.DiscRepo.GetByUUID(ctx, discUUID)
 	if err != nil {
 		return err
@@ -718,7 +771,11 @@ func (d *Discussion) DislikeComment(ctx context.Context, userInfo model.UserInfo
 	return nil
 }
 
-func (d *Discussion) RevokeLike(ctx context.Context, uid uint, commentID uint) error {
+func (d *Discussion) RevokeLike(ctx context.Context, uid uint, discUUID string, commentID uint) error {
+	if !d.allow("like", discUUID, uid) {
+		return errRatelimit
+	}
+
 	ok, err := d.in.CommRepo.ExistByID(ctx, commentID)
 	if err != nil {
 		return err

backend/svc/webhook.go

@@ -2,9 +2,11 @@ package svc
 
 import (
 	"context"
+	"fmt"
 	"sync"
 	"time"
 
+	"github.com/Narasimha1997/ratelimiter"
 	"github.com/chaitin/koalaqa/model"
 	"github.com/chaitin/koalaqa/pkg/glog"
 	"github.com/chaitin/koalaqa/pkg/webhook"
@@ -17,6 +19,7 @@ type Webhook struct {
 	logger   *glog.Logger
 	lock     sync.Mutex
 	webhooks map[uint]webhook.Webhook
+	limiter  *ratelimiter.AttributeBasedLimiter
 
 	repoWebhook *repo.Webhook
 }
@@ -121,8 +124,16 @@ func (w *Webhook) Delete(ctx context.Context, id uint) error {
 	return nil
 }
 
+func (w *Webhook) allow(id uint, discID string, msgType message.Type) bool {
+	return w.limiter.MustShouldAllow(fmt.Sprintf("webhook-%d-%s-%d", id, discID, msgType), 1, 1, time.Minute*5)
+}
+
 func (w *Webhook) Send(ctx context.Context, msg message.Message) error {
 	for id, hook := range w.webhooks {
+		if !w.allow(id, msg.ID(), msg.Type()) {
+			w.logger.WithContext(ctx).With("webhook_id", id).With("msg", msg).Debug("webhook ratelimit, skip send")
+			continue
+		}
 		err := hook.Send(ctx, msg)
 		if err != nil {
 			w.logger.WithContext(ctx).WithErr(err).With("id", id).Warn("send webhook failed")
@@ -137,6 +148,7 @@ func newWebhook(lc fx.Lifecycle, repoWebhook *repo.Webhook) *Webhook {
 		logger:      glog.Module("svc", "webhook"),
 		repoWebhook: repoWebhook,
 		webhooks:    make(map[uint]webhook.Webhook),
+		limiter:     ratelimiter.NewAttributeBasedLimiter(false),
 	}
 	lc.Append(fx.Hook{
 		OnStart: func(ctx context.Context) error {