rails-image-post-solution 0.1.0

data/app/controllers/rails_image_post_solution/admin/image_reports_controller.rb

@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+
+module RailsImagePostSolution
+  module Admin
+    class ImageReportsController < ApplicationController
+      before_action :require_login
+      before_action :require_admin
+      before_action :set_report, only: %i[show confirm dismiss]
+
+      def index
+        @status_filter = params[:status] || "all"
+
+        @reports = ImageReport.includes(:user, :active_storage_attachment, :reviewed_by)
+                              .recent
+
+        # Filter by status
+        case @status_filter
+        when "pending"
+          @reports = @reports.pending
+        when "confirmed"
+          @reports = @reports.confirmed
+        when "dismissed"
+          @reports = @reports.dismissed
+        when "reviewed"
+          @reports = @reports.reviewed
+        end
+
+        @reports = @reports.limit(100)
+
+        # Statistics
+        @stats = {
+          total: ImageReport.count,
+          pending: ImageReport.pending.count,
+          confirmed: ImageReport.confirmed.count,
+          dismissed: ImageReport.dismissed.count,
+          reviewed: ImageReport.reviewed.count
+        }
+      end
+
+      def show
+        @attachment = @report.active_storage_attachment
+        @reported_user = @attachment.record.user if @attachment.record.respond_to?(:user)
+        @all_reports = ImageReport.where(active_storage_attachment_id: @attachment.id)
+                                  .includes(:user)
+                                  .recent
+      end
+
+      def confirm
+        @report.update!(
+          status: ImageReport::STATUSES[:confirmed],
+          reviewed_by: current_user,
+          reviewed_at: Time.current
+        )
+
+        redirect_to admin_image_reports_path, notice: I18n.t("rails_image_post_solution.flash.admin.report_confirmed")
+      end
+
+      def dismiss
+        @report.update!(
+          status: ImageReport::STATUSES[:dismissed],
+          reviewed_by: current_user,
+          reviewed_at: Time.current
+        )
+
+        redirect_to admin_image_reports_path, notice: I18n.t("rails_image_post_solution.flash.admin.report_dismissed")
+      end
+
+      private
+
+      def set_report
+        @report = ImageReport.find(params[:id])
+      rescue ActiveRecord::RecordNotFound
+        redirect_to admin_image_reports_path, alert: I18n.t("rails_image_post_solution.flash.admin.report_not_found")
+      end
+
+      def require_admin
+        admin_check = RailsImagePostSolution.configuration&.admin_check_method || :admin?
+
+        return if current_user.respond_to?(admin_check) && current_user.public_send(admin_check)
+
+        redirect_to main_app.root_path, alert: I18n.t("rails_image_post_solution.flash.admin.admin_access_only")
+      end
+
+      def require_login
+        # Call authentication method implemented in host application
+        return if respond_to?(:current_user) && current_user
+
+        redirect_to main_app.root_path, alert: I18n.t("rails_image_post_solution.flash.admin.login_required")
+      end
+    end
+  end
+end

data/app/controllers/rails_image_post_solution/image_reports_controller.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+module RailsImagePostSolution
+  class ImageReportsController < ApplicationController
+    before_action :require_login
+    before_action :set_attachment, only: :create
+
+    def create
+      # Check if already reported
+      existing_report = ImageReport.find_by(
+        active_storage_attachment_id: @attachment.id,
+        user_id: current_user.id
+      )
+
+      if existing_report
+        respond_to do |format|
+          format.json do
+            render json: { error: I18n.t("rails_image_post_solution.flash.already_reported") },
+                   status: :unprocessable_entity
+          end
+          format.html do
+            redirect_back fallback_location: root_path,
+                          alert: I18n.t("rails_image_post_solution.flash.already_reported")
+          end
+        end
+        return
+      end
+
+      @report = ImageReport.new(
+        active_storage_attachment_id: @attachment.id,
+        user_id: current_user.id,
+        reason: params[:reason],
+        status: ImageReport::STATUSES[:pending]
+      )
+
+      if @report.save
+        # Run image moderation only on first report
+        if ImageReport.where(active_storage_attachment_id: @attachment.id).count == 1
+          ImageModerationJob.perform_later(@attachment.id)
+        end
+
+        respond_to do |format|
+          format.json do
+            render json: { success: true, message: I18n.t("rails_image_post_solution.flash.report_received") },
+                   status: :created
+          end
+          format.html do
+            redirect_back fallback_location: root_path,
+                          notice: I18n.t("rails_image_post_solution.flash.report_received")
+          end
+        end
+      else
+        respond_to do |format|
+          format.json { render json: { error: @report.errors.full_messages.join(", ") }, status: :unprocessable_entity }
+          format.html { redirect_back fallback_location: root_path, alert: @report.errors.full_messages.join(", ") }
+        end
+      end
+    end
+
+    private
+
+    def set_attachment
+      @attachment = ActiveStorage::Attachment.find(params[:attachment_id])
+    rescue ActiveRecord::RecordNotFound
+      respond_to do |format|
+        format.json do
+          render json: { error: I18n.t("rails_image_post_solution.flash.image_not_found") }, status: :not_found
+        end
+        format.html do
+          redirect_back fallback_location: root_path, alert: I18n.t("rails_image_post_solution.flash.image_not_found")
+        end
+      end
+    end
+
+    def require_login
+      # Call authentication method implemented in host application
+      return if respond_to?(:current_user) && current_user
+
+      respond_to do |format|
+        format.json do
+          render json: { error: I18n.t("rails_image_post_solution.flash.login_required") }, status: :unauthorized
+        end
+        format.html { redirect_to main_app.root_path, alert: I18n.t("rails_image_post_solution.flash.login_required") }
+      end
+    end
+  end
+end

data/app/jobs/rails_image_post_solution/image_moderation_job.rb

@@ -0,0 +1,97 @@
+# frozen_string_literal: true
+
+module RailsImagePostSolution
+  class ImageModerationJob < ApplicationJob
+    queue_as :default
+
+    # Job to perform automatic image moderation
+    # Uses OpenAI Vision API to detect R18/R18G content
+    def perform(attachment_id)
+      attachment = ActiveStorage::Attachment.find_by(id: attachment_id)
+      return unless attachment&.blob
+
+      # Analyze image using OpenAI Vision Service
+      result = OpenaiVisionService.new.moderate_image(attachment)
+
+      # Process results
+      if result[:flagged]
+        # Create automatic report when inappropriate content is detected
+        create_auto_report(attachment, result)
+
+        # Temporarily freeze post (if enabled in config)
+        freeze_post(attachment, result) if auto_freeze_enabled?
+      end
+
+      Rails.logger.info "Image moderation completed for attachment ##{attachment_id}: #{result[:flagged] ? 'FLAGGED' : 'OK'}"
+    rescue StandardError => e
+      Rails.logger.error "Image moderation failed for attachment ##{attachment_id}: #{e.message}"
+      # Don't fail the job on error (leave for manual review)
+    end
+
+    private
+
+    def auto_freeze_enabled?
+      RailsImagePostSolution.configuration&.auto_freeze_on_flag != false
+    end
+
+    def create_auto_report(attachment, result)
+      # Create automatic report as system user (nil user_id)
+      # Skip if automatic report already exists
+      existing_report = ImageReport.find_by(
+        active_storage_attachment_id: attachment.id,
+        user_id: nil # Automatic report by system
+      )
+
+      return if existing_report
+
+      ImageReport.create!(
+        active_storage_attachment: attachment,
+        user_id: nil, # Automatic report by system
+        reason: build_auto_report_reason(result),
+        status: ImageReport::STATUSES[:confirmed], # Automatically set to confirmed (inappropriate)
+        reviewed_at: Time.current,
+        ai_flagged: result[:flagged],
+        ai_confidence: result[:confidence],
+        ai_categories: result[:categories].to_json,
+        ai_detected_at: Time.current
+      )
+    end
+
+    def build_auto_report_reason(result)
+      reasons = []
+      reasons << "Auto-detected: Inappropriate content detected"
+
+      if result[:categories]
+        flagged_categories = result[:categories].select { |_, flagged| flagged }
+        if flagged_categories.any?
+          reasons << "\nDetected categories:"
+          flagged_categories.each_key do |category|
+            reasons << "  - #{category}"
+          end
+        end
+      end
+
+      reasons << "\nConfidence: #{(result[:confidence] * 100).round(1)}%" if result[:confidence]
+
+      reasons.join("\n")
+    end
+
+    # Temporarily freeze post
+    # Only works if host application implements freeze_post! method
+    def freeze_post(attachment, result)
+      record = attachment.record
+      return unless record
+      return unless record.respond_to?(:freeze_post!)
+
+      # Skip if already frozen
+      return if record.respond_to?(:frozen?) && record.frozen?
+
+      reason = "AI Auto-moderation: Post has been temporarily frozen due to inappropriate content detection.\n#{build_auto_report_reason(result)}"
+
+      record.freeze_post!(type: :temporary, reason: reason)
+      Rails.logger.info "Post #{record.class.name}##{record.id} has been temporarily frozen due to inappropriate content"
+    rescue StandardError => e
+      Rails.logger.error "Failed to freeze post for attachment ##{attachment.id}: #{e.message}"
+    end
+  end
+end

data/app/models/rails_image_post_solution/image_report.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+module RailsImagePostSolution
+  class ImageReport < ApplicationRecord
+    self.table_name = "image_reports"
+
+    # Status constants
+    STATUSES = {
+      pending: "pending",         # Not reviewed yet
+      reviewed: "reviewed",       # Reviewed (no action needed)
+      confirmed: "confirmed",     # Confirmed (flagged as inappropriate)
+      dismissed: "dismissed"      # Dismissed (no issues found)
+    }.freeze
+
+    # Report reason category keys (translations via I18n.t("rails_image_post_solution.image_report.categories.#{key}"))
+    REASON_CATEGORIES = %i[r18 r18g copyright spam harassment other].freeze
+
+    # Get category translation text
+    def self.category_text(key)
+      I18n.t("rails_image_post_solution.image_report.categories.#{key}")
+    end
+
+    # Get category list (for use in views)
+    def self.categories_for_select
+      REASON_CATEGORIES.map { |key| [ key, category_text(key) ] }
+    end
+
+    # Associations
+    belongs_to :active_storage_attachment, class_name: "ActiveStorage::Attachment"
+    belongs_to :user
+    belongs_to :reviewed_by, class_name: "User", optional: true
+
+    # Validations
+    validates :status, presence: true, inclusion: { in: STATUSES.values }
+    validates :user_id, uniqueness: { scope: :active_storage_attachment_id,
+                                      message: "has already reported this image" }
+
+    # Scopes
+    scope :pending, -> { where(status: STATUSES[:pending]) }
+    scope :reviewed, -> { where(status: STATUSES[:reviewed]) }
+    scope :confirmed, -> { where(status: STATUSES[:confirmed]) }
+    scope :dismissed, -> { where(status: STATUSES[:dismissed]) }
+    scope :recent, -> { order(created_at: :desc) }
+
+    # Check if image has been reported as inappropriate
+    def self.image_reported?(attachment_id)
+      where(active_storage_attachment_id: attachment_id)
+        .where(status: [ STATUSES[:pending], STATUSES[:confirmed] ])
+        .exists?
+    end
+
+    # Get report count for image
+    def self.report_count(attachment_id)
+      where(active_storage_attachment_id: attachment_id).count
+    end
+  end
+end

data/app/services/rails_image_post_solution/openai_vision_service.rb

@@ -0,0 +1,128 @@
+# frozen_string_literal: true
+
+module RailsImagePostSolution
+  class OpenaiVisionService
+    # Perform image content moderation using OpenAI Vision API
+
+    def initialize
+      api_key = RailsImagePostSolution.configuration&.openai_api_key || ENV["OPENAI_API_KEY"]
+      @client = OpenAI::Client.new(access_token: api_key) if api_key.present?
+    end
+
+    # Analyze image to detect R18/R18G content
+    # @param attachment [ActiveStorage::Attachment] Image to analyze
+    # @return [Hash] Analysis result { flagged: Boolean, categories: Hash, confidence: Float, raw_response: Hash }
+    def moderate_image(attachment)
+      # Skip if OpenAI API key is not configured
+      return safe_result unless @client
+
+      # Get image URL (generate temporary URL)
+      image_url = get_image_url(attachment)
+      return safe_result unless image_url
+
+      # Call OpenAI Vision API
+      response = call_vision_api(image_url)
+
+      # Parse response
+      parse_response(response)
+    rescue StandardError => e
+      Rails.logger.error "OpenAI Vision API error: #{e.message}"
+      safe_result # Fail safe on error (no flag)
+    end
+
+    private
+
+    def get_image_url(attachment)
+      # Rails.application.routes.url_helpers.rails_blob_url(attachment, only_path: false)
+      # Use Base64 encoding as local URLs don't work in development environment
+      return nil unless attachment.blob
+
+      # Encode image as Base64
+      image_data = attachment.blob.download
+      base64_image = Base64.strict_encode64(image_data)
+      "data:#{attachment.blob.content_type};base64,#{base64_image}"
+    rescue StandardError => e
+      Rails.logger.error "Failed to get image data: #{e.message}"
+      nil
+    end
+
+    def call_vision_api(image_url)
+      @client.chat(
+        parameters: {
+          model: "gpt-4o-mini", # Model capable of image analysis
+          messages: [
+            {
+              role: "user",
+              content: [
+                {
+                  type: "text",
+                  text: moderation_prompt
+                },
+                {
+                  type: "image_url",
+                  image_url: {
+                    url: image_url
+                  }
+                }
+              ]
+            }
+          ],
+          max_tokens: 500
+        }
+      )
+    end
+
+    def moderation_prompt
+      <<~PROMPT
+        Analyze this image and determine if it falls into any of the following categories:
+
+        1. R18 (Adult Content): Contains sexual expression or nudity
+        2. R18G (Grotesque Content): Contains violent, cruel, or gory imagery
+        3. Illegal Content: Illegal drugs, inappropriate use of weapons, etc.
+
+        Please respond in the following JSON format:
+        {
+          "flagged": true/false,
+          "categories": {
+            "r18": true/false,
+            "r18g": true/false,
+            "illegal": true/false
+          },
+          "confidence": 0.0-1.0,
+          "reason": "Brief explanation of the determination"
+        }
+
+        **Important**: Respond only in JSON format, do not include any other text.
+      PROMPT
+    end
+
+    def parse_response(response)
+      content = response.dig("choices", 0, "message", "content")
+      return safe_result unless content
+
+      # Parse JSON response
+      result = JSON.parse(content)
+
+      {
+        flagged: result["flagged"] || false,
+        categories: result["categories"] || {},
+        confidence: result["confidence"] || 0.0,
+        reason: result["reason"],
+        raw_response: response
+      }
+    rescue JSON::ParserError => e
+      Rails.logger.error "Failed to parse OpenAI response: #{e.message}, Content: #{content}"
+      safe_result
+    end
+
+    def safe_result
+      {
+        flagged: false,
+        categories: {},
+        confidence: 0.0,
+        reason: nil,
+        raw_response: nil
+      }
+    end
+  end
+end

data/app/views/admin/frozen_posts/index.html.erb

@@ -0,0 +1,128 @@
+<div class="admin-container">
+  <h1 class="admin-header"><%= t('admin.frozen_posts.index.title') %></h1>
+
+  <!-- Statistics -->
+  <div class="admin-stats">
+    <div class="stat-card">
+      <div class="stat-label"><%= t('admin.frozen_posts.index.stats.total') %></div>
+      <div class="stat-value"><%= @stats[:total] %></div>
+    </div>
+    <div class="stat-card temporary">
+      <div class="stat-label"><%= t('admin.frozen_posts.index.stats.temporary') %></div>
+      <div class="stat-value"><%= @stats[:temporary] %></div>
+    </div>
+    <div class="stat-card permanent">
+      <div class="stat-label"><%= t('admin.frozen_posts.index.stats.permanent') %></div>
+      <div class="stat-value"><%= @stats[:permanent] %></div>
+    </div>
+  </div>
+
+  <!-- Filters -->
+  <div class="admin-filters">
+    <%= link_to t('admin.frozen_posts.index.filters.all'), admin_frozen_posts_path, class: "filter-btn #{'active' if @filter == 'all'}" %>
+    <%= link_to t('admin.frozen_posts.index.filters.temporary'), admin_frozen_posts_path(filter: "temporary"), class: "filter-btn #{'active' if @filter == 'temporary'}" %>
+    <%= link_to t('admin.frozen_posts.index.filters.permanent'), admin_frozen_posts_path(filter: "permanent"), class: "filter-btn #{'active' if @filter == 'permanent'}" %>
+  </div>
+
+  <!-- Frozen Posts List -->
+  <div class="admin-reports-list">
+    <% if @frozen_posts.any? %>
+      <table class="admin-table">
+        <thead>
+          <tr>
+            <th><%= t('admin.frozen_posts.index.table.type') %></th>
+            <th><%= t('admin.frozen_posts.index.table.content') %></th>
+            <th><%= t('admin.frozen_posts.index.table.poster') %></th>
+            <th><%= t('admin.frozen_posts.index.table.freeze_reason') %></th>
+            <th><%= t('admin.frozen_posts.index.table.status') %></th>
+            <th><%= t('admin.frozen_posts.index.table.frozen_at') %></th>
+            <th><%= t('admin.frozen_posts.index.table.actions') %></th>
+          </tr>
+        </thead>
+        <tbody>
+          <% @frozen_posts.each do |post| %>
+            <tr class="report-row status-<%= post.frozen_type %>">
+              <td>
+                <% if post.is_a?(Stage) %>
+                  <span class="post-type-badge stage"><%= t('admin.frozen_posts.index.post_types.stage') %></span>
+                <% else %>
+                  <span class="post-type-badge comment"><%= t('admin.frozen_posts.index.post_types.comment') %></span>
+                <% end %>
+              </td>
+              <td class="content-cell">
+                <% if post.is_a?(Stage) %>
+                  <div class="post-title"><%= link_to post.title, stage_path(post), target: "_blank", class: "user-link" %></div>
+                  <div class="post-excerpt"><%= truncate(post.description, length: 80) %></div>
+                <% else %>
+                  <div class="post-title">
+                    <%= link_to "#{t('admin.frozen_posts.index.comment_prefix')}: #{post.multiplay_recruitment.title}", multiplay_recruitment_path(post.multiplay_recruitment), target: "_blank", class: "user-link" %>
+                  </div>
+                  <div class="post-excerpt"><%= truncate(post.content, length: 80) %></div>
+                <% end %>
+              </td>
+              <td>
+                <%= link_to post.user.display_name, admin_user_path(post.user), class: "user-link" %>
+              </td>
+              <td class="reason-cell">
+                <%= truncate(post.frozen_reason, length: 100) %>
+              </td>
+              <td>
+                <% if post.temporarily_frozen? %>
+                  <span class="status-badge status-pending"><%= t('admin.frozen_posts.index.status_badges.temporary') %></span>
+                <% elsif post.permanently_frozen? %>
+                  <span class="status-badge status-confirmed"><%= t('admin.frozen_posts.index.status_badges.permanent') %></span>
+                <% end %>
+              </td>
+              <td>
+                <%= l(post.frozen_at, format: :long) %>
+              </td>
+              <td class="actions-cell">
+                <div class="action-buttons">
+                  <% if post.is_a?(Stage) %>
+                    <% unless post.permanently_frozen? %>
+                      <%= button_to t('admin.frozen_posts.index.actions.permanent_freeze'), admin_frozen_posts_permanent_freeze_stage_path(post),
+                          method: :patch,
+                          class: "btn-action btn-warning",
+                          data: { confirm: t('admin.frozen_posts.index.confirm.permanent_freeze') } %>
+                    <% end %>
+                    <%= button_to t('admin.frozen_posts.index.actions.unfreeze'), admin_frozen_posts_unfreeze_stage_path(post),
+                        method: :patch,
+                        class: "btn-action btn-success",
+                        data: { confirm: t('admin.frozen_posts.index.confirm.unfreeze') } %>
+                    <%= button_to t('admin.frozen_posts.index.actions.delete'), admin_frozen_posts_destroy_stage_path(post),
+                        method: :delete,
+                        class: "btn-action btn-danger",
+                        data: { confirm: t('admin.frozen_posts.index.confirm.delete') } %>
+                  <% else %>
+                    <% unless post.permanently_frozen? %>
+                      <%= button_to t('admin.frozen_posts.index.actions.permanent_freeze'), admin_frozen_posts_permanent_freeze_comment_path(post),
+                          method: :patch,
+                          class: "btn-action btn-warning",
+                          data: { confirm: t('admin.frozen_posts.index.confirm.permanent_freeze') } %>
+                    <% end %>
+                    <%= button_to t('admin.frozen_posts.index.actions.unfreeze'), admin_frozen_posts_unfreeze_comment_path(post),
+                        method: :patch,
+                        class: "btn-action btn-success",
+                        data: { confirm: t('admin.frozen_posts.index.confirm.unfreeze') } %>
+                    <%= button_to t('admin.frozen_posts.index.actions.delete'), admin_frozen_posts_destroy_comment_path(post),
+                        method: :delete,
+                        class: "btn-action btn-danger",
+                        data: { confirm: t('admin.frozen_posts.index.confirm.delete') } %>
+                  <% end %>
+                </div>
+              </td>
+            </tr>
+          <% end %>
+        </tbody>
+      </table>
+    <% else %>
+      <div class="empty-state">
+        <p><%= t('admin.frozen_posts.index.no_frozen_posts') %></p>
+      </div>
+    <% end %>
+  </div>
+
+  <div class="admin-actions">
+    <%= link_to t('admin.frozen_posts.index.back'), root_path, class: "btn btn-secondary" %>
+  </div>
+</div>