egg/Task_Reporter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add mobile responsive layout, open room access, and admin room management

Browse Source 
Mobile Responsive Layout:
- Add useMediaQuery, useIsMobile, useIsTablet, useIsDesktop hooks for device detection
- Create MobileHeader component with hamburger menu and action drawer
- Create BottomToolbar for mobile navigation (Files, Members)
- Create SlidePanel component for full-screen mobile sidebars
- Update RoomDetail.tsx with mobile/desktop conditional rendering
- Update RoomList.tsx with single-column grid and touch-friendly buttons
- Add CSS custom properties for safe areas and touch targets (min 44px)
- Add mobile viewport meta tags for notched devices

Open Room Access:
- All authenticated users can view all rooms (not just their own)
- Users can join active rooms they're not members of
- Add is_member field to room responses
- Update room list API to return all rooms by default

Admin Room Management:
- Add permanent delete functionality for system admins
- Add delete confirmation dialog with room title verification
- Broadcast room deletion via WebSocket to connected users
- Add users search API for adding members

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
egg
2025-12-05 09:12:10 +08:00
parent 1e44a63a8e
commit 1d5d4d447d
48 changed files with 3505 additions and 401 deletions
Download Patch File Download Diff File Expand all files Collapse all files

174
app/modules/chat_room/router.py
View File

@@ -5,6 +5,7 @@ FastAPI router with all room-related endpoints
from fastapi import APIRouter, Depends, HTTPException, status, Query
from sqlalchemy.orm import Session
from typing import List, Optional
from datetime import datetime
from app.core.database import get_db
from app.modules.auth import get_current_user
@@ -20,6 +21,7 @@ from app.modules.chat_room.dependencies import (
require_admin,
get_user_effective_role
)
from app.modules.realtime.websocket_manager import manager as ws_manager
router = APIRouter(prefix="/api/rooms", tags=["Chat Rooms"])
@@ -59,7 +61,8 @@ async def create_room(
return schemas.RoomResponse(
**room.__dict__,
current_user_role=role
current_user_role=role,
is_member=True # Creator is always a member
)
@@ -69,13 +72,18 @@ async def list_rooms(
incident_type: Optional[schemas.IncidentType] = None,
severity: Optional[schemas.SeverityLevel] = None,
search: Optional[str] = None,
all: bool = Query(False, description="Admin only: show all rooms"),
my_rooms: bool = Query(False, description="Filter to show only rooms where user is a member"),
limit: int = Query(20, ge=1, le=100),
offset: int = Query(0, ge=0),
db: Session = Depends(get_db),
current_user: dict = Depends(get_current_user)
):
"""List rooms accessible to current user"""
"""List all rooms for authenticated user
Returns all rooms by default. Use my_rooms=true to filter to only rooms
where the current user is a member. Each room includes is_member and
current_user_role fields.
"""
user_email = current_user["username"]
is_admin = membership_service.is_system_admin(user_email)
@@ -85,21 +93,23 @@ async def list_rooms(
incident_type=incident_type,
severity=severity,
search=search,
all=all,
my_rooms=my_rooms,
limit=limit,
offset=offset
)
rooms, total = room_service.list_user_rooms(db, user_email, filters, is_admin)
# Add user role to each room
# Add user role and membership status to each room
room_responses = []
for room in rooms:
role = membership_service.get_user_role_in_room(db, room.room_id, user_email)
is_member = role is not None
room_response = schemas.RoomResponse(
**room.__dict__,
current_user_role=role,
is_admin_view=is_admin and all
is_member=is_member,
is_admin_view=is_admin
)
room_responses.append(room_response)
@@ -125,11 +135,13 @@ async def get_room_details(
member_responses = [schemas.MemberResponse.from_orm(m) for m in members]
is_admin = membership_service.is_system_admin(current_user["username"])
is_member = role is not None
return schemas.RoomResponse(
**room.__dict__,
members=member_responses,
current_user_role=role,
is_member=is_member,
is_admin_view=is_admin
)
@@ -152,7 +164,7 @@ async def update_room(
)
role = membership_service.get_user_role_in_room(db, room_id, current_user["username"])
return schemas.RoomResponse(**room.__dict__, current_user_role=role)
return schemas.RoomResponse(**room.__dict__, current_user_role=role, is_member=True)
except ValueError as e:
raise HTTPException(
@@ -178,6 +190,88 @@ async def delete_room(
return schemas.SuccessResponse(message="Room archived successfully")
@router.delete("/{room_id}/permanent", response_model=schemas.SuccessResponse)
async def permanent_delete_room(
room_id: str,
_: None = Depends(require_admin),
db: Session = Depends(get_db)
):
"""Permanently delete a room and all associated data (admin only)
This is an irreversible operation that deletes:
- All room members
- All messages and reactions
- All uploaded files (including MinIO storage)
- All generated reports (including MinIO storage)
- The room itself
Only system administrators can perform this operation.
"""
# Broadcast room_deleted event to all connected users BEFORE deleting
await ws_manager.broadcast_to_room(room_id, {
"type": "system",
"event": "room_deleted",
"room_id": room_id,
"timestamp": datetime.utcnow().isoformat()
})
success, error = room_service.permanent_delete_room(db, room_id)
if not success:
if error == "Room not found":
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="Room not found"
)
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail=f"Failed to delete room: {error}"
)
return schemas.SuccessResponse(message="Room permanently deleted")
# Self-Join Endpoint
@router.post("/{room_id}/join", response_model=schemas.MemberResponse)
async def join_room(
room_id: str,
db: Session = Depends(get_db),
current_user: dict = Depends(get_current_user)
):
"""Self-join a room as a viewer
Any authenticated user can join any non-archived room.
User will be added with VIEWER role.
"""
user_email = current_user["username"]
member, error_code, existing = membership_service.self_join_room(
db, room_id, user_email
)
if error_code == "room_not_found":
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="Room not found"
)
elif error_code == "room_archived":
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Cannot join archived room"
)
elif error_code == "already_member":
raise HTTPException(
status_code=status.HTTP_409_CONFLICT,
detail={
"message": "Already a member of this room",
"current_role": existing.role.value,
"added_at": existing.added_at.isoformat()
}
)
return schemas.MemberResponse.from_orm(member)
# Membership Endpoints
@router.get("/{room_id}/members", response_model=List[schemas.MemberResponse])
async def list_room_members(
@@ -224,10 +318,37 @@ async def update_member_role(
room_id: str,
user_id: str,
request: schemas.UpdateMemberRoleRequest,
_: None = Depends(validate_room_owner),
db: Session = Depends(get_db)
db: Session = Depends(get_db),
current_user: dict = Depends(get_current_user)
):
"""Update a member's role"""
"""Update a member's role
Permission rules:
- OWNER can change any role
- EDITOR can upgrade VIEWER → EDITOR only
- EDITOR cannot downgrade, remove, or set OWNER role
"""
changer_id = current_user["username"]
# Get target member's current role
current_role = membership_service.get_user_role_in_room(db, room_id, user_id)
if not current_role:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="Member not found"
)
# Check permission
allowed, error_msg = membership_service.can_change_member_role(
db, room_id, changer_id, user_id, current_role, request.role
)
if not allowed:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail=error_msg
)
member = membership_service.update_member_role(
db,
room_id,
@@ -251,23 +372,28 @@ async def update_member_role(
async def remove_member(
room_id: str,
user_id: str,
_: None = Depends(require_room_permission("manage_members")),
db: Session = Depends(get_db),
current_user: dict = Depends(get_current_user)
):
"""Remove a member from the room"""
# Prevent removing the last owner
if user_id == current_user["username"]:
role = membership_service.get_user_role_in_room(db, room_id, user_id)
if role == MemberRole.OWNER:
# Check if there are other owners
members = membership_service.get_room_members(db, room_id)
owner_count = sum(1 for m in members if m.role == MemberRole.OWNER)
if owner_count == 1:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Cannot remove the last owner"
)
"""Remove a member from the room
Permission rules:
- OWNER can remove any member
- EDITOR cannot remove members (only owner can)
- Users can remove themselves (leave room) unless they're the only owner
"""
remover_id = current_user["username"]
# Check permission
allowed, error_msg = membership_service.can_remove_member(
db, room_id, remover_id, user_id
)
if not allowed:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail=error_msg
)
success = membership_service.remove_member(db, room_id, user_id)
if not success:

3
app/modules/chat_room/schemas.py
View File

@@ -83,7 +83,7 @@ class RoomFilterParams(BaseModel):
created_after: Optional[datetime] = None
created_before: Optional[datetime] = None
search: Optional[str] = Field(None, description="Search in title and description")
all: Optional[bool] = Field(False, description="Admin: show all rooms")
my_rooms: Optional[bool] = Field(False, description="Filter to show only rooms where user is a member")
limit: int = Field(20, ge=1, le=100)
offset: int = Field(0, ge=0)
@@ -122,6 +122,7 @@ class RoomResponse(BaseModel):
member_count: int
members: Optional[List[MemberResponse]] = None
current_user_role: Optional[MemberRole] = None
is_member: bool = False
is_admin_view: bool = False
class Config:

183
app/modules/chat_room/services/membership_service.py
View File

@@ -7,7 +7,7 @@ from sqlalchemy import and_
from typing import List, Optional
from datetime import datetime
from app.modules.chat_room.models import RoomMember, IncidentRoom, MemberRole
from app.modules.chat_room.models import RoomMember, IncidentRoom, MemberRole, RoomStatus
class MembershipService:
@@ -16,6 +16,73 @@ class MembershipService:
# System admin email (hardcoded as per requirement)
SYSTEM_ADMIN_EMAIL = "ymirliu@panjit.com.tw"
def self_join_room(
self,
db: Session,
room_id: str,
user_id: str
) -> tuple[Optional[RoomMember], str, Optional[RoomMember]]:
"""Self-join a room as a viewer
Allows any authenticated user to join a room without invitation.
User joins as VIEWER role.
Args:
db: Database session
room_id: Room ID
user_id: User joining
Returns:
Tuple of (member, error_code, existing_member)
- On success: (member, "", None)
- If already member: (None, "already_member", existing_member)
- If room archived: (None, "room_archived", None)
- If room not found: (None, "room_not_found", None)
"""
# Check if room exists
room = db.query(IncidentRoom).filter(
IncidentRoom.room_id == room_id
).first()
if not room:
return None, "room_not_found", None
# Check if room is archived
if room.status == RoomStatus.ARCHIVED:
return None, "room_archived", None
# Check if already a member
existing = db.query(RoomMember).filter(
and_(
RoomMember.room_id == room_id,
RoomMember.user_id == user_id,
RoomMember.removed_at.is_(None)
)
).first()
if existing:
return None, "already_member", existing
# Create membership as viewer
member = RoomMember(
room_id=room_id,
user_id=user_id,
role=MemberRole.VIEWER,
added_by=user_id, # Self-added
added_at=datetime.utcnow()
)
db.add(member)
# Update member count
self._update_member_count(db, room_id)
# Update room activity
room.last_activity_at = datetime.utcnow()
db.commit()
db.refresh(member)
return member, "", None
def add_member(
self,
db: Session,
@@ -101,6 +168,120 @@ class MembershipService:
db.commit()
return True
def can_change_member_role(
self,
db: Session,
room_id: str,
changer_id: str,
target_id: str,
current_role: MemberRole,
new_role: MemberRole
) -> tuple[bool, str]:
"""Check if a user can change another member's role
Permission rules:
- OWNER can change any role
- EDITOR can upgrade VIEWER → EDITOR only
- EDITOR cannot downgrade, remove, or set OWNER role
- VIEWER cannot change roles
Args:
db: Database session
room_id: Room ID
changer_id: User attempting the change
target_id: Target user
current_role: Target's current role
new_role: Requested new role
Returns:
Tuple of (allowed, error_message)
"""
# System admin can do anything
if self.is_system_admin(changer_id):
return True, ""
changer_role = self.get_user_role_in_room(db, room_id, changer_id)
if not changer_role:
return False, "Not a member of this room"
# Owner can change any role
if changer_role == MemberRole.OWNER:
return True, ""
# Editor permissions
if changer_role == MemberRole.EDITOR:
# Cannot set owner role
if new_role == MemberRole.OWNER:
return False, "Only owner can transfer ownership"
# Can only upgrade viewer to editor
if current_role == MemberRole.VIEWER and new_role == MemberRole.EDITOR:
return True, ""
# Cannot downgrade
if current_role == MemberRole.EDITOR and new_role == MemberRole.VIEWER:
return False, "Editors can only upgrade members"
return False, "Editors can only upgrade viewers to editor"
# Viewer cannot change roles
return False, "Insufficient permissions"
def can_remove_member(
self,
db: Session,
room_id: str,
remover_id: str,
target_id: str
) -> tuple[bool, str]:
"""Check if a user can remove another member
Permission rules:
- OWNER can remove any member
- EDITOR cannot remove members
- VIEWER cannot remove members
- Users can remove themselves (leave room)
Args:
db: Database session
room_id: Room ID
remover_id: User attempting the removal
target_id: Target user
Returns:
Tuple of (allowed, error_message)
"""
# System admin can do anything
if self.is_system_admin(remover_id):
return True, ""
remover_role = self.get_user_role_in_room(db, room_id, remover_id)
if not remover_role:
return False, "Not a member of this room"
# User can leave the room (remove themselves)
if remover_id == target_id:
# But owner cannot leave if they're the only owner
if remover_role == MemberRole.OWNER:
members = self.get_room_members(db, room_id)
owner_count = sum(1 for m in members if m.role == MemberRole.OWNER)
if owner_count == 1:
return False, "Cannot leave: you are the only owner"
return True, ""
# Owner can remove any member
if remover_role == MemberRole.OWNER:
return True, ""
# Editor cannot remove members
if remover_role == MemberRole.EDITOR:
return False, "Only owner can remove members"
# Viewer cannot remove members
return False, "Insufficient permissions"
def update_member_role(
self,
db: Session,

104
app/modules/chat_room/services/room_service.py
View File

@@ -4,13 +4,16 @@ Handles business logic for room CRUD operations
"""
from sqlalchemy.orm import Session
from sqlalchemy import or_, and_, func
from typing import List, Optional, Dict
from typing import List, Optional, Dict, Tuple
from datetime import datetime
import uuid
import logging
from app.modules.chat_room.models import IncidentRoom, RoomMember, RoomStatus, MemberRole
from app.modules.chat_room.schemas import CreateRoomRequest, UpdateRoomRequest, RoomFilterParams
logger = logging.getLogger(__name__)
class RoomService:
"""Service for room management operations"""
@@ -111,6 +114,10 @@ class RoomService:
) -> List[IncidentRoom]:
"""List rooms accessible to user with filters
All authenticated users can see all rooms by default.
Use my_rooms=true to filter to only rooms where user is a member.
Non-admin users cannot see ARCHIVED rooms.
Args:
db: Database session
user_id: User ID
@@ -118,13 +125,16 @@ class RoomService:
is_admin: Whether user is system admin
Returns:
List of accessible rooms
List of rooms and total count
"""
# Non-admin requesting archived rooms explicitly - return empty
if not is_admin and filters.status == RoomStatus.ARCHIVED:
return [], 0
query = db.query(IncidentRoom)
# Access control: admin sees all, others see only their rooms
if not is_admin or not filters.all:
# Join with room_members to filter by membership
# Filter to user's rooms only if my_rooms=true
if filters.my_rooms:
query = query.join(RoomMember).filter(
and_(
RoomMember.user_id == user_id,
@@ -132,6 +142,10 @@ class RoomService:
)
)
# Hide archived rooms from non-admin users
if not is_admin:
query = query.filter(IncidentRoom.status != RoomStatus.ARCHIVED)
# Apply filters
if filters.status:
query = query.filter(IncidentRoom.status == filters.status)
@@ -381,6 +395,86 @@ class RoomService:
room.last_activity_at = datetime.utcnow()
db.commit()
def permanent_delete_room(
self,
db: Session,
room_id: str
) -> Tuple[bool, Optional[str]]:
"""Permanently delete a room and all associated data (admin only)
This is an irreversible operation that:
1. Deletes all files from MinIO storage
2. Deletes all report documents from MinIO storage
3. Cascades delete to all related database records
Args:
db: Database session
room_id: Room ID to permanently delete
Returns:
Tuple of (success, error_message)
"""
# Late imports to avoid circular dependency
from app.modules.file_storage.models import RoomFile
from app.modules.report_generation.models import GeneratedReport
from app.modules.file_storage.services import minio_service
from app.core.config import get_settings
settings = get_settings()
# Check room exists
room = db.query(IncidentRoom).filter(
IncidentRoom.room_id == room_id
).first()
if not room:
return False, "Room not found"
try:
# Step 1: Delete room files from MinIO
room_files = db.query(RoomFile).filter(
RoomFile.room_id == room_id
).all()
for rf in room_files:
if rf.minio_object_path:
success = minio_service.delete_file(
rf.minio_bucket or settings.MINIO_BUCKET,
rf.minio_object_path
)
if not success:
logger.warning(
f"Failed to delete MinIO file: {rf.minio_object_path}"
)
# Step 2: Delete generated report documents from MinIO
reports = db.query(GeneratedReport).filter(
GeneratedReport.room_id == room_id
).all()
for report in reports:
if report.docx_storage_path:
success = minio_service.delete_file(
settings.MINIO_BUCKET,
report.docx_storage_path
)
if not success:
logger.warning(
f"Failed to delete report file: {report.docx_storage_path}"
)
# Step 3: Delete room from database (CASCADE handles related tables)
db.delete(room)
db.commit()
logger.info(f"Permanently deleted room {room_id} and all associated data")
return True, None
except Exception as e:
db.rollback()
logger.error(f"Failed to permanently delete room {room_id}: {e}")
return False, str(e)
# Create singleton instance
room_service = RoomService()