Add adult verification and erotic moderation features: Implement new routes and controller methods for managing adult verification requests, status updates, and document retrieval. Introduce erotic moderation actions and reports, enhancing administrative capabilities. Update chat and navigation controllers to support adult content filtering and access control. Enhance user parameter handling for adult verification status and requests, improving overall user experience and compliance.

2026-03-27 09:14:54 +01:00
parent f93687c753
commit 3e6c09ab29
73 changed files with 4459 additions and 197 deletions
--- a/backend/controllers/adminController.js
+++ b/backend/controllers/adminController.js
@@ -29,6 +29,12 @@ class AdminController {
        this.getUser = this.getUser.bind(this);
        this.getUsers = this.getUsers.bind(this);
        this.updateUser = this.updateUser.bind(this);
+        this.getAdultVerificationRequests = this.getAdultVerificationRequests.bind(this);
+        this.setAdultVerificationStatus = this.setAdultVerificationStatus.bind(this);
+        this.getAdultVerificationDocument = this.getAdultVerificationDocument.bind(this);
+        this.getEroticModerationReports = this.getEroticModerationReports.bind(this);
+        this.applyEroticModerationAction = this.applyEroticModerationAction.bind(this);
+        this.getEroticModerationPreview = this.getEroticModerationPreview.bind(this);

        // Rights
        this.listRightTypes = this.listRightTypes.bind(this);
@@ -119,6 +125,97 @@ class AdminController {
        }
    }

+    async getAdultVerificationRequests(req, res) {
+        try {
+            const { userid: requester } = req.headers;
+            const { status = 'pending' } = req.query;
+            const result = await AdminService.getAdultVerificationRequests(requester, status);
+            res.status(200).json(result);
+        } catch (error) {
+            const status = error.message === 'noaccess' ? 403 : 500;
+            res.status(status).json({ error: error.message });
+        }
+    }
+
+    async setAdultVerificationStatus(req, res) {
+        const schema = Joi.object({
+            status: Joi.string().valid('approved', 'rejected', 'pending').required()
+        });
+        const { error, value } = schema.validate(req.body || {});
+        if (error) {
+            return res.status(400).json({ error: error.details[0].message });
+        }
+        try {
+            const { userid: requester } = req.headers;
+            const { id } = req.params;
+            const result = await AdminService.setAdultVerificationStatus(requester, id, value.status);
+            res.status(200).json(result);
+        } catch (err) {
+            const status = err.message === 'noaccess' ? 403 : (['notfound', 'notadult', 'wrongstatus', 'missingparamtype'].includes(err.message) ? 400 : 500);
+            res.status(status).json({ error: err.message });
+        }
+    }
+
+    async getAdultVerificationDocument(req, res) {
+        try {
+            const { userid: requester } = req.headers;
+            const { id } = req.params;
+            const result = await AdminService.getAdultVerificationDocument(requester, id);
+            res.setHeader('Content-Type', result.mimeType);
+            res.setHeader('Content-Disposition', `inline; filename="${encodeURIComponent(result.originalName)}"`);
+            res.sendFile(result.filePath);
+        } catch (err) {
+            const status = err.message === 'noaccess' ? 403 : (['notfound', 'norequest', 'nofile'].includes(err.message) ? 404 : 500);
+            res.status(status).json({ error: err.message });
+        }
+    }
+
+    async getEroticModerationReports(req, res) {
+        try {
+            const { userid: requester } = req.headers;
+            const { status = 'open' } = req.query;
+            const result = await AdminService.getEroticModerationReports(requester, status);
+            res.status(200).json(result);
+        } catch (error) {
+            const status = error.message === 'noaccess' ? 403 : 500;
+            res.status(status).json({ error: error.message });
+        }
+    }
+
+    async applyEroticModerationAction(req, res) {
+        const schema = Joi.object({
+            action: Joi.string().valid('dismiss', 'hide_content', 'restore_content', 'delete_content', 'block_uploads', 'revoke_access').required(),
+            note: Joi.string().allow('', null).max(2000).optional()
+        });
+        const { error, value } = schema.validate(req.body || {});
+        if (error) {
+            return res.status(400).json({ error: error.details[0].message });
+        }
+        try {
+            const { userid: requester } = req.headers;
+            const { id } = req.params;
+            const result = await AdminService.applyEroticModerationAction(requester, Number(id), value.action, value.note || null);
+            res.status(200).json(result);
+        } catch (err) {
+            const status = err.message === 'noaccess' ? 403 : (['notfound', 'targetnotfound', 'wrongaction'].includes(err.message) ? 400 : 500);
+            res.status(status).json({ error: err.message });
+        }
+    }
+
+    async getEroticModerationPreview(req, res) {
+        try {
+            const { userid: requester } = req.headers;
+            const { type, targetId } = req.params;
+            const result = await AdminService.getEroticModerationPreview(requester, type, Number(targetId));
+            res.setHeader('Content-Type', result.mimeType);
+            res.setHeader('Content-Disposition', `inline; filename="${encodeURIComponent(result.originalName)}"`);
+            res.sendFile(result.filePath);
+        } catch (err) {
+            const status = err.message === 'noaccess' ? 403 : (['notfound', 'nofile', 'wrongtype'].includes(err.message) ? 404 : 500);
+            res.status(status).json({ error: err.message });
+        }
+    }
+
    // --- Rights ---
    async listRightTypes(req, res) {
        try {
@@ -523,6 +620,7 @@ class AdminController {
                title: Joi.string().min(1).max(255).required(),
                roomTypeId: Joi.number().integer().required(),
                isPublic: Joi.boolean().required(),
+                isAdultOnly: Joi.boolean().allow(null),
                genderRestrictionId: Joi.number().integer().allow(null),
                minAge: Joi.number().integer().min(0).allow(null),
                maxAge: Joi.number().integer().min(0).allow(null),
@@ -534,7 +632,7 @@ class AdminController {
            if (error) {
                return res.status(400).json({ error: error.details[0].message });
            }
-            const room = await AdminService.updateRoom(req.params.id, value);
+            const room = await AdminService.updateRoom(userId, req.params.id, value);
            res.status(200).json(room);
        } catch (error) {
            console.log(error);
@@ -553,6 +651,7 @@ class AdminController {
                title: Joi.string().min(1).max(255).required(),
                roomTypeId: Joi.number().integer().required(),
                isPublic: Joi.boolean().required(),
+                isAdultOnly: Joi.boolean().allow(null),
                genderRestrictionId: Joi.number().integer().allow(null),
                minAge: Joi.number().integer().min(0).allow(null),
                maxAge: Joi.number().integer().min(0).allow(null),
@@ -579,7 +678,7 @@ class AdminController {
            if (!userId || !(await AdminService.hasUserAccess(userId, 'chatrooms'))) {
                return res.status(403).json({ error: 'Keine Berechtigung.' });
            }
-            await AdminService.deleteRoom(req.params.id);
+            await AdminService.deleteRoom(userId, req.params.id);
            res.sendStatus(204);
        } catch (error) {
            console.log(error);