Merge pull request #576 from soundsng/feat/be-risk-report-dispute-submission-status-notifications

feat: add RiskReportService, DisputeSubmissionController, DisputeStatusController, and NotificationController

Author: mftee

backend/src/module/dispute-status/dispute-status.controller.ts

@@ -0,0 +1,33 @@
+import { Controller, Get, Param, Patch, Body, Req, UseGuards, NotFoundException, ForbiddenException, ConflictException } from '@nestjs/common';
+import { JwtAuthGuard } from '../../auth/guards/jwt-auth.guard';
+import { User, UserRole } from '../../users/entities/user.entity';
+
+const TERMINAL = new Set(['RESOLVED', 'REJECTED']);
+const disputes = new Map<string, Record<string, unknown>>();
+
+@Controller('module/disputes')
+@UseGuards(JwtAuthGuard)
+export class DisputeStatusController {
+  @Get()
+  list(@Req() req: { user: User }) {
+    return [...disputes.values()].filter((d) => d['submittedBy'] === req.user.id);
+  }
+
+  @Get(':id')
+  get(@Param('id') id: string, @Req() req: { user: User }) {
+    const d = disputes.get(id);
+    if (!d) throw new NotFoundException();
+    if (d['submittedBy'] !== req.user.id && req.user.role !== UserRole.ADMIN) throw new ForbiddenException();
+    return d;
+  }
+
+  @Patch(':id/status')
+  updateStatus(@Param('id') id: string, @Body() body: { status: string }, @Req() req: { user: User }) {
+    if (req.user.role !== UserRole.ADMIN) throw new ForbiddenException();
+    const d = disputes.get(id);
+    if (!d) throw new NotFoundException();
+    if (TERMINAL.has(d['status'] as string)) throw new ConflictException('Dispute is in a terminal state');
+    d['status'] = body.status;
+    return d;
+  }
+}

backend/src/module/dispute-submission/dispute-submission.controller.ts

@@ -0,0 +1,34 @@
+import { Body, Controller, Post, Req, UseGuards, NotFoundException } from '@nestjs/common';
+import { InjectRepository } from '@nestjs/typeorm';
+import { Repository } from 'typeorm';
+import { IsNotEmpty, IsUUID, MinLength } from 'class-validator';
+import { JwtAuthGuard } from '../../auth/guards/jwt-auth.guard';
+import { Document } from '../../documents/entities/document.entity';
+import { User } from '../../users/entities/user.entity';
+
+class CreateDisputeDto {
+  @IsUUID() documentId: string;
+  @MinLength(20) description: string;
+  @IsNotEmpty() disputeType: string;
+}
+
+@Controller('module/disputes')
+@UseGuards(JwtAuthGuard)
+export class DisputeSubmissionController {
+  constructor(@InjectRepository(Document) private readonly docs: Repository<Document>) {}
+
+  @Post()
+  async submit(@Body() dto: CreateDisputeDto, @Req() req: { user: User }) {
+    const doc = await this.docs.findOneBy({ id: dto.documentId });
+    if (!doc) throw new NotFoundException('Document not found');
+    return {
+      id: crypto.randomUUID(),
+      documentId: dto.documentId,
+      submittedBy: req.user.id,
+      description: dto.description,
+      disputeType: dto.disputeType,
+      status: 'OPEN',
+      createdAt: new Date(),
+    };
+  }
+}

backend/src/module/notifications/notification.controller.ts

@@ -0,0 +1,42 @@
+import { Controller, Get, Patch, Param, Req, UseGuards } from '@nestjs/common';
+import { InjectRepository } from '@nestjs/typeorm';
+import { Column, CreateDateColumn, Entity, PrimaryGeneratedColumn, Repository } from 'typeorm';
+import { JwtAuthGuard } from '../../auth/guards/jwt-auth.guard';
+import { User } from '../../users/entities/user.entity';
+
+export enum NotificationType { DOCUMENT_VERIFIED = 'DOCUMENT_VERIFIED', DOCUMENT_FLAGGED = 'DOCUMENT_FLAGGED', DISPUTE_UPDATED = 'DISPUTE_UPDATED' }
+
+@Entity('notifications')
+export class Notification {
+  @PrimaryGeneratedColumn('uuid') id: string;
+  @Column() userId: string;
+  @Column() message: string;
+  @Column({ type: 'enum', enum: NotificationType }) type: NotificationType;
+  @Column({ default: false }) isRead: boolean;
+  @Column({ nullable: true }) resourceId: string;
+  @Column({ nullable: true }) resourceType: string;
+  @CreateDateColumn() createdAt: Date;
+}
+
+@Controller('module/notifications')
+@UseGuards(JwtAuthGuard)
+export class NotificationController {
+  constructor(@InjectRepository(Notification) private readonly repo: Repository<Notification>) {}
+
+  @Get()
+  list(@Req() req: { user: User }) {
+    return this.repo.find({ where: { userId: req.user.id }, order: { createdAt: 'DESC' } });
+  }
+
+  @Get('unread-count')
+  async unreadCount(@Req() req: { user: User }) {
+    const count = await this.repo.count({ where: { userId: req.user.id, isRead: false } });
+    return { count };
+  }
+
+  @Patch(':id/read')
+  async markRead(@Param('id') id: string) {
+    await this.repo.update(id, { isRead: true });
+    return this.repo.findOneByOrFail({ id });
+  }
+}

backend/src/module/risk-report/risk-report.service.ts

@@ -0,0 +1,28 @@
+import { Injectable, NotFoundException, UnprocessableEntityException, ForbiddenException } from '@nestjs/common';
+import { InjectRepository } from '@nestjs/typeorm';
+import { Repository } from 'typeorm';
+import { Document } from '../../documents/entities/document.entity';
+
+const FLAG_DESCRIPTIONS: Record<string, { description: string; action: string }> = {
+  duplicate: { description: 'This document appears to be a duplicate of an existing record.', action: 'Verify the document is unique before proceeding.' },
+  tampered: { description: 'Signs of document tampering were detected.', action: 'Obtain a certified original copy.' },
+  expired: { description: 'The document may be expired or outdated.', action: 'Renew or replace the document.' },
+};
+
+@Injectable()
+export class RiskReportService {
+  constructor(@InjectRepository(Document) private readonly docs: Repository<Document>) {}
+
+  async generateReport(documentId: string, userId: string) {
+    const doc = await this.docs.findOneBy({ id: documentId });
+    if (!doc) throw new NotFoundException('Document not found');
+    if (doc.ownerId !== userId) throw new ForbiddenException();
+    if (doc.riskScore == null) throw new UnprocessableEntityException('Document has not been risk-assessed yet');
+    const riskLevel = doc.riskScore < 30 ? 'LOW' : doc.riskScore < 70 ? 'MEDIUM' : 'HIGH';
+    const flagDetails = (doc.riskFlags ?? []).map((flag) => ({
+      flag,
+      ...(FLAG_DESCRIPTIONS[flag] ?? { description: flag, action: 'Review this flag with an administrator.' }),
+    }));
+    return { documentId, title: doc.title, riskScore: doc.riskScore, riskLevel, flagDetails };
+  }
+}