@86d-app/reviews 0.0.4 → 0.0.13

package/src/index.ts

@@ -6,12 +6,17 @@ import { storeEndpoints } from "./store/endpoints";
 
 export type {
 	RatingSummary,
+	ReportStatus,
 	Review,
 	ReviewAnalytics,
 	ReviewController,
+	ReviewImage,
+	ReviewReport,
 	ReviewRequest,
 	ReviewRequestStats,
+	ReviewSortBy,
 	ReviewStatus,
+	ReviewVote,
 } from "./service";
 
 export interface ReviewsOptions extends ModuleConfig {
@@ -22,7 +27,7 @@ export interface ReviewsOptions extends ModuleConfig {
 export default function reviews(options?: ReviewsOptions): Module {
 	return {
 		id: "reviews",
-		version: "0.0.1",
+		version: "0.0.2",
 		schema: reviewsSchema,
 		exports: {
 			read: ["productRating", "reviewCount"],
@@ -34,6 +39,7 @@ export default function reviews(options?: ReviewsOptions): Module {
 				"review.rejected",
 				"review.responded",
 				"review.requested",
+				"review.reported",
 			],
 		},
 		init: async (ctx: ModuleContext) => {

package/src/schema.ts

@@ -18,6 +18,7 @@ export const reviewsSchema = {
 				defaultValue: false,
 			},
 			helpfulCount: { type: "number", required: true, defaultValue: 0 },
+			images: { type: "json", required: false },
 			merchantResponse: { type: "string", required: false },
 			merchantResponseAt: { type: "date", required: false },
 			moderationNote: { type: "string", required: false },
@@ -34,4 +35,31 @@ export const reviewsSchema = {
 			},
 		},
 	},
+	reviewVote: {
+		fields: {
+			id: { type: "string", required: true },
+			reviewId: { type: "string", required: true },
+			voterId: { type: "string", required: true },
+			createdAt: {
+				type: "date",
+				required: true,
+				defaultValue: () => new Date(),
+			},
+		},
+	},
+	reviewReport: {
+		fields: {
+			id: { type: "string", required: true },
+			reviewId: { type: "string", required: true },
+			reporterId: { type: "string", required: false },
+			reason: { type: "string", required: true },
+			details: { type: "string", required: false },
+			status: { type: "string", required: true, defaultValue: "pending" },
+			createdAt: {
+				type: "date",
+				required: true,
+				defaultValue: () => new Date(),
+			},
+		},
+	},
 } satisfies ModuleSchema;

package/src/service-impl.ts

@@ -2,10 +2,35 @@ import type { ModuleDataService } from "@86d-app/core";
 import type {
 	Review,
 	ReviewController,
+	ReviewReport,
 	ReviewRequest,
+	ReviewSortBy,
 	ReviewStatus,
+	ReviewVote,
 } from "./service";
 
+function sortReviews(reviews: Review[], sortBy: ReviewSortBy): Review[] {
+	const sorted = [...reviews];
+	switch (sortBy) {
+		case "recent":
+			return sorted.sort(
+				(a, b) => b.createdAt.getTime() - a.createdAt.getTime(),
+			);
+		case "oldest":
+			return sorted.sort(
+				(a, b) => a.createdAt.getTime() - b.createdAt.getTime(),
+			);
+		case "highest":
+			return sorted.sort((a, b) => b.rating - a.rating);
+		case "lowest":
+			return sorted.sort((a, b) => a.rating - b.rating);
+		case "helpful":
+			return sorted.sort((a, b) => b.helpfulCount - a.helpfulCount);
+		default:
+			return sorted;
+	}
+}
+
 export function createReviewController(
 	data: ModuleDataService,
 	options?: { autoApprove?: boolean },
@@ -28,6 +53,9 @@ export function createReviewController(
 				status,
 				isVerifiedPurchase: params.isVerifiedPurchase ?? false,
 				helpfulCount: 0,
+				...(params.images && params.images.length > 0
+					? { images: params.images }
+					: {}),
 				createdAt: now,
 				updatedAt: now,
 			};
@@ -49,10 +77,23 @@ export function createReviewController(
 
 			const all = await data.findMany("review", {
 				where,
-				...(params?.take !== undefined ? { take: params.take } : {}),
-				...(params?.skip !== undefined ? { skip: params.skip } : {}),
 			});
-			return all as unknown as Review[];
+			let reviews = all as unknown as Review[];
+
+			if (params?.sortBy) {
+				reviews = sortReviews(reviews, params.sortBy);
+			}
+
+			const skip = params?.skip ?? 0;
+			const take = params?.take;
+			if (skip > 0 || take !== undefined) {
+				reviews = reviews.slice(
+					skip,
+					take !== undefined ? skip + take : undefined,
+				);
+			}
+
+			return reviews;
 		},
 
 		async listReviews(params) {
@@ -120,6 +161,45 @@ export function createReviewController(
 			return updated;
 		},
 
+		async voteHelpful(reviewId, voterId) {
+			const existing = await data.get("review", reviewId);
+			if (!existing) return null;
+			const review = existing as unknown as Review;
+
+			// Check if voter already voted
+			const existingVotes = await data.findMany("reviewVote", {
+				where: { reviewId, voterId },
+				take: 1,
+			});
+			const votes = existingVotes as unknown as ReviewVote[];
+
+			if (votes.length > 0) {
+				return { review, alreadyVoted: true };
+			}
+
+			// Record the vote
+			const voteId = crypto.randomUUID();
+			const vote: ReviewVote = {
+				id: voteId,
+				reviewId,
+				voterId,
+				createdAt: new Date(),
+			};
+			// biome-ignore lint/suspicious/noExplicitAny: ModuleDataService requires any
+			await data.upsert("reviewVote", voteId, vote as Record<string, any>);
+
+			// Increment helpful count
+			const updated: Review = {
+				...review,
+				helpfulCount: review.helpfulCount + 1,
+				updatedAt: new Date(),
+			};
+			// biome-ignore lint/suspicious/noExplicitAny: ModuleDataService requires any
+			await data.upsert("review", reviewId, updated as Record<string, any>);
+
+			return { review: updated, alreadyVoted: false };
+		},
+
 		async getReviewAnalytics() {
 			const all = await data.findMany("review", {});
 			const reviews = all as unknown as Review[];
@@ -150,6 +230,13 @@ export function createReviewController(
 				if (r.merchantResponse) withMerchantResponse++;
 			}
 
+			// Count reported reviews
+			const allReports = await data.findMany("reviewReport", {
+				where: { status: "pending" },
+			});
+			const reports = allReports as unknown as ReviewReport[];
+			const reportedReviewIds = new Set(reports.map((r) => r.reviewId));
+
 			return {
 				totalReviews: reviews.length,
 				pendingCount,
@@ -161,6 +248,7 @@ export function createReviewController(
 						: 0,
 				ratingsDistribution: distribution,
 				withMerchantResponse,
+				reportedCount: reportedReviewIds.size,
 			};
 		},
 
@@ -250,6 +338,66 @@ export function createReviewController(
 			return { reviews: filtered, total: reviews.length };
 		},
 
+		async hasReviewedProduct(customerId, productId) {
+			const all = await data.findMany("review", {
+				where: { customerId, productId },
+				take: 1,
+			});
+			const reviews = all as unknown as Review[];
+			return reviews.length > 0;
+		},
+
+		async reportReview(params) {
+			const id = crypto.randomUUID();
+			const report: ReviewReport = {
+				id,
+				reviewId: params.reviewId,
+				reporterId: params.reporterId,
+				reason: params.reason,
+				details: params.details,
+				status: "pending",
+				createdAt: new Date(),
+			};
+			// biome-ignore lint/suspicious/noExplicitAny: ModuleDataService requires any
+			await data.upsert("reviewReport", id, report as Record<string, any>);
+			return report;
+		},
+
+		async listReports(params) {
+			// biome-ignore lint/suspicious/noExplicitAny: JSONB where filter
+			const where: Record<string, any> = {};
+			if (params?.status) where.status = params.status;
+			if (params?.reviewId) where.reviewId = params.reviewId;
+
+			const all = await data.findMany("reviewReport", {
+				...(Object.keys(where).length > 0 ? { where } : {}),
+				...(params?.take !== undefined ? { take: params.take } : {}),
+				...(params?.skip !== undefined ? { skip: params.skip } : {}),
+			});
+			return all as unknown as ReviewReport[];
+		},
+
+		async updateReportStatus(id, status) {
+			const existing = await data.get("reviewReport", id);
+			if (!existing) return null;
+			const report = existing as unknown as ReviewReport;
+			const updated: ReviewReport = {
+				...report,
+				status,
+			};
+			// biome-ignore lint/suspicious/noExplicitAny: ModuleDataService requires any
+			await data.upsert("reviewReport", id, updated as Record<string, any>);
+			return updated;
+		},
+
+		async getReportCount(reviewId) {
+			const all = await data.findMany("reviewReport", {
+				where: { reviewId, status: "pending" },
+			});
+			const reports = all as unknown as ReviewReport[];
+			return reports.length;
+		},
+
 		async getReviewRequestStats() {
 			const all = await data.findMany("reviewRequest", {});
 			const requests = all as unknown as ReviewRequest[];

package/src/service.ts

@@ -1,6 +1,18 @@
 import type { ModuleController } from "@86d-app/core";
 
 export type ReviewStatus = "pending" | "approved" | "rejected";
+export type ReportStatus = "pending" | "resolved" | "dismissed";
+export type ReviewSortBy =
+	| "recent"
+	| "oldest"
+	| "highest"
+	| "lowest"
+	| "helpful";
+
+export interface ReviewImage {
+	url: string;
+	caption?: string | undefined;
+}
 
 export interface Review {
 	id: string;
@@ -14,6 +26,7 @@ export interface Review {
 	status: ReviewStatus;
 	isVerifiedPurchase: boolean;
 	helpfulCount: number;
+	images?: ReviewImage[] | undefined;
 	merchantResponse?: string | undefined;
 	merchantResponseAt?: Date | undefined;
 	moderationNote?: string | undefined;
@@ -27,6 +40,23 @@ export interface RatingSummary {
 	distribution: Record<string, number>;
 }
 
+export interface ReviewVote {
+	id: string;
+	reviewId: string;
+	voterId: string;
+	createdAt: Date;
+}
+
+export interface ReviewReport {
+	id: string;
+	reviewId: string;
+	reporterId?: string | undefined;
+	reason: string;
+	details?: string | undefined;
+	status: ReportStatus;
+	createdAt: Date;
+}
+
 export interface ReviewController extends ModuleController {
 	createReview(params: {
 		productId: string;
@@ -37,6 +67,7 @@ export interface ReviewController extends ModuleController {
 		body: string;
 		customerId?: string | undefined;
 		isVerifiedPurchase?: boolean | undefined;
+		images?: ReviewImage[] | undefined;
 	}): Promise<Review>;
 
 	getReview(id: string): Promise<Review | null>;
@@ -47,6 +78,7 @@ export interface ReviewController extends ModuleController {
 			approvedOnly?: boolean | undefined;
 			take?: number | undefined;
 			skip?: number | undefined;
+			sortBy?: ReviewSortBy | undefined;
 		},
 	): Promise<Review[]>;
 
@@ -71,6 +103,11 @@ export interface ReviewController extends ModuleController {
 
 	markHelpful(id: string): Promise<Review | null>;
 
+	voteHelpful(
+		reviewId: string,
+		voterId: string,
+	): Promise<{ review: Review; alreadyVoted: boolean } | null>;
+
 	getReviewAnalytics(): Promise<ReviewAnalytics>;
 
 	createReviewRequest(params: {
@@ -98,6 +135,29 @@ export interface ReviewController extends ModuleController {
 			skip?: number | undefined;
 		},
 	): Promise<{ reviews: Review[]; total: number }>;
+
+	hasReviewedProduct(customerId: string, productId: string): Promise<boolean>;
+
+	reportReview(params: {
+		reviewId: string;
+		reporterId?: string | undefined;
+		reason: string;
+		details?: string | undefined;
+	}): Promise<ReviewReport>;
+
+	listReports(params?: {
+		status?: ReportStatus | undefined;
+		reviewId?: string | undefined;
+		take?: number | undefined;
+		skip?: number | undefined;
+	}): Promise<ReviewReport[]>;
+
+	updateReportStatus(
+		id: string,
+		status: ReportStatus,
+	): Promise<ReviewReport | null>;
+
+	getReportCount(reviewId: string): Promise<number>;
 }
 
 export interface ReviewAnalytics {
@@ -108,6 +168,7 @@ export interface ReviewAnalytics {
 	averageRating: number;
 	ratingsDistribution: Record<string, number>;
 	withMerchantResponse: number;
+	reportedCount: number;
 }
 
 export interface ReviewRequest {

package/src/store/endpoints/index.ts

@@ -1,6 +1,7 @@
 import { listMyReviews } from "./list-my-reviews";
 import { listProductReviews } from "./list-product-reviews";
 import { markHelpful } from "./mark-helpful";
+import { reportReview } from "./report-review";
 import { submitReview } from "./submit-review";
 
 export const storeEndpoints = {
@@ -8,4 +9,5 @@ export const storeEndpoints = {
 	"/reviews/me": listMyReviews,
 	"/reviews/products/:productId": listProductReviews,
 	"/reviews/:id/helpful": markHelpful,
+	"/reviews/:id/report": reportReview,
 };

package/src/store/endpoints/list-my-reviews.ts

@@ -20,7 +20,7 @@ export const listMyReviews = createStoreEndpoint(
 		const { page, limit, status } = ctx.query;
 		const skip = (page - 1) * limit;
 
-		const controller = ctx.context.controllers.review as ReviewController;
+		const controller = ctx.context.controllers.reviews as ReviewController;
 		const { reviews, total } = await controller.listReviewsByCustomer(userId, {
 			status: status as ReviewStatus | undefined,
 			take: limit,

package/src/store/endpoints/list-product-reviews.ts

@@ -1,14 +1,17 @@
 import { createStoreEndpoint, z } from "@86d-app/core";
-import type { ReviewController } from "../../service";
+import type { ReviewController, ReviewSortBy } from "../../service";
 
 export const listProductReviews = createStoreEndpoint(
 	"/reviews/products/:productId",
 	{
 		method: "GET",
-		params: z.object({ productId: z.string() }),
+		params: z.object({ productId: z.string().max(200) }),
 		query: z.object({
 			take: z.coerce.number().int().min(1).max(100).optional(),
 			skip: z.coerce.number().int().min(0).optional(),
+			sortBy: z
+				.enum(["recent", "oldest", "highest", "lowest", "helpful"])
+				.optional(),
 		}),
 	},
 	async (ctx) => {
@@ -18,6 +21,7 @@ export const listProductReviews = createStoreEndpoint(
 				approvedOnly: true,
 				take: ctx.query.take ?? 20,
 				skip: ctx.query.skip ?? 0,
+				sortBy: (ctx.query.sortBy as ReviewSortBy | undefined) ?? "recent",
 			}),
 			controller.getProductRatingSummary(ctx.params.productId),
 		]);

package/src/store/endpoints/mark-helpful.ts

@@ -5,12 +5,31 @@ export const markHelpful = createStoreEndpoint(
 	"/reviews/:id/helpful",
 	{
 		method: "POST",
-		params: z.object({ id: z.string() }),
+		params: z.object({ id: z.string().max(128) }),
 	},
 	async (ctx) => {
 		const controller = ctx.context.controllers.reviews as ReviewController;
+		const voterId = ctx.context.session?.user.id;
+
+		// Authenticated users get vote deduplication
+		if (voterId) {
+			const result = await controller.voteHelpful(ctx.params.id, voterId);
+			if (!result) return { error: "Review not found", status: 404 };
+			if (result.alreadyVoted) {
+				return {
+					helpfulCount: result.review.helpfulCount,
+					alreadyVoted: true,
+				};
+			}
+			return {
+				helpfulCount: result.review.helpfulCount,
+				alreadyVoted: false,
+			};
+		}
+
+		// Anonymous users: simple increment (no dedup possible)
 		const review = await controller.markHelpful(ctx.params.id);
 		if (!review) return { error: "Review not found", status: 404 };
-		return { helpfulCount: review.helpfulCount };
+		return { helpfulCount: review.helpfulCount, alreadyVoted: false };
 	},
 );

package/src/store/endpoints/report-review.ts

@@ -0,0 +1,38 @@
+import { createStoreEndpoint, sanitizeText, z } from "@86d-app/core";
+import type { ReviewController } from "../../service";
+
+export const reportReview = createStoreEndpoint(
+	"/reviews/:id/report",
+	{
+		method: "POST",
+		params: z.object({ id: z.string().max(128) }),
+		body: z.object({
+			reason: z.enum([
+				"spam",
+				"offensive",
+				"fake",
+				"irrelevant",
+				"harassment",
+				"other",
+			]),
+			details: z.string().max(1000).transform(sanitizeText).optional(),
+		}),
+	},
+	async (ctx) => {
+		const controller = ctx.context.controllers.reviews as ReviewController;
+
+		// Verify review exists
+		const review = await controller.getReview(ctx.params.id);
+		if (!review) return { error: "Review not found", status: 404 };
+
+		const reporterId = ctx.context.session?.user.id;
+
+		const report = await controller.reportReview({
+			reviewId: ctx.params.id,
+			reporterId,
+			reason: ctx.body.reason,
+			details: ctx.body.details,
+		});
+		return { report };
+	},
+);

package/src/store/endpoints/submit-review.ts

@@ -1,32 +1,58 @@
 import { createStoreEndpoint, sanitizeText, z } from "@86d-app/core";
 import type { ReviewController } from "../../service";
 
+const imageSchema = z.object({
+	url: z.string().url().max(2000),
+	caption: z.string().max(500).transform(sanitizeText).optional(),
+});
+
 export const submitReview = createStoreEndpoint(
 	"/reviews",
 	{
 		method: "POST",
 		body: z.object({
-			productId: z.string(),
+			productId: z.string().max(200),
 			authorName: z.string().max(200).transform(sanitizeText),
-			authorEmail: z.string().email(),
+			authorEmail: z.string().email().max(320),
 			rating: z.number().int().min(1).max(5),
 			title: z.string().max(500).transform(sanitizeText).optional(),
 			body: z.string().max(10000).transform(sanitizeText),
-			customerId: z.string().optional(),
-			isVerifiedPurchase: z.boolean().optional(),
+			images: z.array(imageSchema).max(5).optional(),
 		}),
 	},
 	async (ctx) => {
 		const controller = ctx.context.controllers.reviews as ReviewController;
+		const customerId = ctx.context.session?.user.id;
+
+		// Prevent duplicate reviews from authenticated customers
+		if (customerId) {
+			const alreadyReviewed = await controller.hasReviewedProduct(
+				customerId,
+				ctx.body.productId,
+			);
+			if (alreadyReviewed) {
+				return {
+					error: "You have already reviewed this product",
+					status: 409,
+				};
+			}
+		}
+
+		// Use session email when authenticated to prevent spoofing
+		const authorEmail = customerId
+			? (ctx.context.session?.user.email ?? ctx.body.authorEmail)
+			: ctx.body.authorEmail;
+
 		const review = await controller.createReview({
 			productId: ctx.body.productId,
 			authorName: ctx.body.authorName,
-			authorEmail: ctx.body.authorEmail,
+			authorEmail,
 			rating: ctx.body.rating,
 			title: ctx.body.title,
 			body: ctx.body.body,
-			customerId: ctx.body.customerId,
-			isVerifiedPurchase: ctx.body.isVerifiedPurchase,
+			customerId,
+			isVerifiedPurchase: false,
+			images: ctx.body.images,
 		});
 		return { review };
 	},

package/COMPONENTS.md

@@ -1,34 +0,0 @@
-# Reviews Module — Store Components
-
-## ReviewsSummary
-
-Compact star rating and count for product cards.
-
-### Props
-
-| Prop | Type | Description |
-|------|------|-------------|
-| `productId` | `string` | Product ID to fetch review summary for |
-
-### Usage in MDX
-
-```mdx
-<ReviewsSummary productId={product.id} />
-```
-
-## ProductReviews
-
-Full reviews section with summary, distribution bars, review list, and submit form.
-
-### Props
-
-| Prop | Type | Default | Description |
-|------|------|---------|-------------|
-| `productId` | `string` | — | Product ID |
-| `title` | `string` | `"Customer Reviews"` | Section heading |
-
-### Usage in MDX
-
-```mdx
-<ProductReviews productId={product.id} />
-```