@yrpri/api 9.0.231 → 9.0.232

package/controllers/groups.cjs

@@ -24,6 +24,8 @@ const performSingleModerationAction = require("../services/engine/moderation/pro
 const request = require("../utils/requestCompat.cjs");
 const { updateAnswerTranslation, } = require("../services/utils/translation_helpers.cjs");
 const { updateSurveyTranslation, } = require("../services/utils/translation_helpers.cjs");
+const { normalizeImageGenerationProfileOptions, } = require("../services/llms/imageGeneration/imageModelConfig.cjs");
+const { validateImageGenerationStartRequest, canPollImageGenerationJob, publicJobFields, } = require("../utils/ai_image_generation_guard.cjs");
 const { plausibleStatsProxy, getPlausibleStats, } = require("../services/engine/analytics/plausible/manager.cjs");
 const { countAllModeratedItemsByGroup, } = require("../services/engine/moderation/get_moderation_items.cjs");
 const { isValidDbId } = require("../utils/is_valid_db_id.cjs");
@@ -1647,8 +1649,37 @@ router.get("/:groupId/:jobId/report_creation_progress", auth.can("edit group"),
     });
 });
 //TODO: Fix this permission back to edit
-router.post("/:groupId/:start_generating/ai_image", auth.can("view group"), function (req, res) {
-    models.AcBackgroundJob.createJob({}, {}, (error, jobId) => {
+router.post("/:groupId/:start_generating/ai_image", auth.can("view group"), async function (req, res) {
+    const imageOptions = normalizeImageGenerationProfileOptions(req.body.imageGenerationProfile, req.body.generationContext, req.body.imageType);
+    if (imageOptions.error) {
+        res.status(400).send({ error: imageOptions.error });
+        return;
+    }
+    let guard;
+    try {
+        guard = await validateImageGenerationStartRequest(req, {
+            collectionType: "group",
+            collectionId: req.params.groupId,
+        });
+    }
+    catch (error) {
+        log.error("Could not validate image generation request", {
+            err: error,
+            context: "start_generating_ai_image",
+            user: req.user ? toJson(req.user.simple()) : null,
+        });
+        res.sendStatus(500);
+        return;
+    }
+    if (!guard.allowed) {
+        res.status(guard.status).send(guard.body);
+        return;
+    }
+    const internalData = {
+        ...guard.internalData,
+        imageGenerationProfile: imageOptions.imageGenerationProfile,
+    };
+    models.AcBackgroundJob.createJob({}, internalData, (error, jobId) => {
         if (error) {
             log.error("Could not create backgroundJob", {
                 err: error,
@@ -1660,13 +1691,18 @@ router.post("/:groupId/:start_generating/ai_image", auth.can("view group"), func
         else {
             queue.add("process-generative-ai", {
                 type: "collection-image",
-                //TODO: Look into this
-                userId: req.user ? req.user.id : 1,
+                userId: guard.userId,
                 jobId: jobId,
                 collectionId: req.params.groupId,
                 collectionType: "group",
                 prompt: req.body.prompt,
                 imageType: req.body.imageType,
+                generationContext: guard.generationContext,
+                imageGenerationProfile: imageOptions.imageGenerationProfile,
+                imageProvider: imageOptions.imageProvider,
+                imageModel: imageOptions.imageModel,
+                imageSize: imageOptions.imageSize,
+                imageQuality: imageOptions.imageQuality,
             }, "critical");
             res.send({ jobId });
         }
@@ -1674,14 +1710,23 @@ router.post("/:groupId/:start_generating/ai_image", auth.can("view group"), func
 });
 //TODO: Fix this permission back to edit
 router.get("/:groupId/:jobId/poll_for_generating_ai_image", auth.can("view group"), function (req, res) {
+    if (!req.user) {
+        res.sendStatus(401);
+        return;
+    }
     models.AcBackgroundJob.findOne({
         where: {
             id: req.params.jobId,
         },
-        attributes: ["id", "progress", "error", "data"],
+        attributes: ["id", "progress", "error", "data", "internal_data"],
     })
         .then((job) => {
-        res.send(job);
+        if (!canPollImageGenerationJob(req, job)) {
+            res.sendStatus(404);
+        }
+        else {
+            res.send(publicJobFields(job));
+        }
     })
         .catch((error) => {
         log.error("Could not get backgroundJob", {

package/controllers/points.cjs

@@ -9,6 +9,7 @@ var async = require("async");
 const ogs = require("open-graph-scraper");
 var _ = require("lodash");
 var queue = require("../services/workers/queue.cjs");
+const { getFingerprintDataFromBody, } = require("../utils/fingerprint_data.cjs");
 var changePointCounter = function (pointId, column, upDown, next) {
     models.Point.findOne({
         where: { id: pointId },
@@ -685,9 +686,7 @@ router.post("/:groupId", auth.can("create point"), function (req, res) {
         user_agent: req.useragent.source,
         ip_address: req.clientIp,
         data: {
-            browserId: req.body.pointBaseId,
-            browserFingerprint: req.body.pointValCode,
-            browserFingerprintConfidence: req.body.pointConf,
+            ...getFingerprintDataFromBody(req.body, "point"),
             originalQueryString: req.body.originalQueryString,
             userLocale: req.body.userLocale,
             userAutoTranslate: req.body.userAutoTranslate,
@@ -930,9 +929,7 @@ router.post("/:id/pointQuality", auth.can("vote on point"), function (req, res)
             pointQuality.value = req.body.value;
             pointQuality.status = "active";
             pointQuality.set("data", {
-                browserId: req.body.qualityBaseId,
-                browserFingerprint: req.body.qualityValCode,
-                browserFingerprintConfidence: req.body.qualityConf,
+                ...getFingerprintDataFromBody(req.body, "quality"),
             });
         }
         else {
@@ -941,9 +938,7 @@ router.post("/:id/pointQuality", auth.can("vote on point"), function (req, res)
                 value: req.body.value,
                 user_id: req.user.id,
                 data: {
-                    browserId: req.body.qualityBaseId,
-                    browserFingerprint: req.body.qualityValCode,
-                    browserFingerprintConfidence: req.body.qualityConf,
+                    ...getFingerprintDataFromBody(req.body, "quality"),
                 },
                 status: "active",
                 user_agent: req.useragent.source,

package/controllers/posts.cjs

@@ -12,6 +12,7 @@ const getAnonymousUser = require("../services/utils/get_anonymous_system_user.cj
 const moment = require("moment");
 const { plausibleStatsProxy, } = require("../services/engine/analytics/plausible/manager.cjs");
 const { isValidDbId } = require("../utils/is_valid_db_id.cjs");
+const { getFingerprintDataFromBody, } = require("../utils/fingerprint_data.cjs");
 var changePostCounter = function (req, postId, column, upDown, next) {
     models.Post.findOne({
         where: { id: postId },
@@ -963,9 +964,7 @@ var truthValueFromBody = function (bodyParameter) {
 var updatePostData = function (req, post) {
     if (!post.data) {
         post.set("data", {
-            browserId: req.body.postBaseId,
-            browserFingerprint: req.body.postValCode,
-            browserFingerprintConfidence: req.body.postConf,
+            ...getFingerprintDataFromBody(req.body, "post"),
             originalQueryString: req.body.originalQueryString,
             userLocale: req.body.userLocale,
             userAutoTranslate: req.body.userAutoTranslate,
@@ -1135,6 +1134,9 @@ router.post("/:groupId", auth.can("create post"), async function (req, res) {
                                 status: "active",
                                 user_agent: req.useragent.source,
                                 ip_address: req.clientIp,
+                                data: {
+                                    ...getFingerprintDataFromBody(req.body, "post"),
+                                },
                             })
                                 .save()
                                 .then(function (endorsement) {
@@ -1683,9 +1685,7 @@ router.post("/:id/endorse", auth.can("vote on post"), async function (req, res)
                         endorsement.value = req.body.value;
                         endorsement.status = "active";
                         endorsement.set("data", {
-                            browserId: req.body.endorsementBaseId,
-                            browserFingerprint: req.body.endorsementValCode,
-                            browserFingerprintConfidence: req.body.endorsementConf,
+                            ...getFingerprintDataFromBody(req.body, "endorsement"),
                         });
                     }
                     else {
@@ -1694,9 +1694,7 @@ router.post("/:id/endorse", auth.can("vote on post"), async function (req, res)
                             value: req.body.value,
                             user_id: req.user.id,
                             data: {
-                                browserId: req.body.endorsementBaseId,
-                                browserFingerprint: req.body.endorsementValCode,
-                                browserFingerprintConfidence: req.body.endorsementConf,
+                                ...getFingerprintDataFromBody(req.body, "endorsement"),
                             },
                             status: "active",
                             user_agent: req.useragent.source,

package/controllers/ratings.cjs

@@ -9,6 +9,7 @@ var async = require('async');
 var _ = require('lodash');
 var queue = require('../services/workers/queue.cjs');
 const moment = require('moment');
+const { getFingerprintDataFromBody, } = require("../utils/fingerprint_data.cjs");
 router.post('/:post_id/:type_index', auth.can('rate post'), function (req, res) {
     var post;
     models.Rating.findOne({
@@ -30,9 +31,7 @@ router.post('/:post_id/:type_index', auth.can('rate post'), function (req, res)
             rating.value = req.body.value;
             post = rating.Post;
             rating.set('data', {
-                browserId: req.body.ratingBaseId,
-                browserFingerprint: req.body.ratingValCode,
-                browserFingerprintConfidence: req.body.ratingConf
+                ...getFingerprintDataFromBody(req.body, "rating"),
             });
         }
         else {
@@ -42,9 +41,7 @@ router.post('/:post_id/:type_index', auth.can('rate post'), function (req, res)
                 value: req.body.value,
                 user_id: req.user.id,
                 data: {
-                    browserId: req.body.ratingBaseId,
-                    browserFingerprint: req.body.ratingValCode,
-                    browserFingerprintConfidence: req.body.ratingConf
+                    ...getFingerprintDataFromBody(req.body, "rating"),
                 },
                 user_agent: req.useragent.source,
                 ip_address: req.clientIp

package/models/point.cjs

@@ -3,6 +3,7 @@ const async = require('async');
 const queue = require('../services/workers/queue.cjs');
 const log = require('../utils/logger.cjs');
 const _ = require("lodash");
+const { getFingerprintDataFromBody, } = require("../utils/fingerprint_data.cjs");
 const findCommunityAndDomainForPointFromGroup = (sequelize, options, callback) => {
     sequelize.models.Group.findOne({
         where: {
@@ -349,9 +350,7 @@ module.exports = (sequelize, DataTypes) => {
             },
             (seriesCallback) => {
                 options.data = {
-                    browserId: req.body.pointBaseId,
-                    browserFingerprint: req.body.pointValCode,
-                    browserFingerprintConfidence: req.body.pointConf,
+                    ...getFingerprintDataFromBody(req.body, "point"),
                     originalQueryString: req.body.originalQueryString,
                     userLocale: req.body.userLocale,
                     userAutoTranslate: req.body.userAutoTranslate,
@@ -541,6 +540,35 @@ module.exports = (sequelize, DataTypes) => {
             options.status = 'published';
             options.user_agent = req.useragent.source;
             options.ip_address = req.clientIp;
+            const body = req.body || {};
+            const data = options.data ? { ...options.data } : {};
+            const fingerprintData = getFingerprintDataFromBody(body, "point");
+            const optionalDataKeys = [
+                "originalQueryString",
+                "userLocale",
+                "userAutoTranslate",
+                "referrer",
+                "url",
+                "screen_width"
+            ];
+            if (fingerprintData.browserId) {
+                data.browserId = fingerprintData.browserId;
+            }
+            if (fingerprintData.browserFingerprint) {
+                data.browserFingerprint = fingerprintData.browserFingerprint;
+            }
+            if (fingerprintData.browserId ||
+                fingerprintData.browserFingerprint ||
+                body.pointConf !== undefined) {
+                data.browserFingerprintConfidence =
+                    fingerprintData.browserFingerprintConfidence;
+            }
+            optionalDataKeys.forEach(key => {
+                if (body[key] !== undefined) {
+                    data[key] = body[key];
+                }
+            });
+            options.data = data;
             sequelize.models.Point.build(options).save().then((point) => {
                 options.point_id = point.id;
                 const pointRevision = sequelize.models.PointRevision.build(options);

package/models/post.cjs

@@ -3,6 +3,7 @@ const async = require("async");
 const queue = require('../services/workers/queue.cjs');
 const log = require('../utils/logger.cjs');
 const _ = require('lodash');
+const { getFingerprintDataFromBody, } = require("../utils/fingerprint_data.cjs");
 module.exports = (sequelize, DataTypes) => {
     const Post = sequelize.define("Post", {
         content_type: { type: DataTypes.INTEGER, allowNull: false },
@@ -490,9 +491,7 @@ module.exports = (sequelize, DataTypes) => {
                     user_agent: req.useragent.source,
                     ip_address: req.clientIp,
                     data: {
-                        browserId: req.body.pointBaseId,
-                        browserFingerprint: req.body.pointValCode,
-                        browserFingerprintConfidence: req.body.pointConf,
+                        ...getFingerprintDataFromBody(req.body, "point"),
                         originalQueryString: req.body.originalQueryString,
                         userLocale: req.body.userLocale,
                         userAutoTranslate: req.body.userAutoTranslate,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@yrpri/api",
-  "version": "9.0.231",
+  "version": "9.0.232",
   "license": "MIT",
   "author": "Robert Bjarnason & Citizens Foundation",
   "repository": {
@@ -69,7 +69,7 @@
     "newrelic": "^13.18.0",
     "nodemailer": "^8.0.5",
     "open-graph-scraper": "^6.11.0",
-    "openai": "^6.34.0",
+    "openai": "^6.36.0",
     "passport": "^0.7.0",
     "passport-facebook": "^3.0.0",
     "passport-github": "^1.1.0",

package/services/engine/allOurIdeas/aiHelper.d.ts

@@ -4,18 +4,21 @@ export declare class AiHelper {
     openaiClient: OpenAI;
     wsClientSocket: WebSocket | undefined;
     modelName: string;
+    answerIdeasModelName: string;
+    analysisModelName: string;
     maxTokens: number;
     temperature: number;
     cacheExpireTime: number;
     redisClient?: any;
     cacheKeyForFullResponse?: string;
+    usesMaxCompletionTokens(modelName: string): boolean;
     constructor(wsClientSocket?: WebSocket | undefined);
     moderationSystemPrompt: (instructions: string) => string;
     moderationUserPrompt: (question: string, answer: string) => string;
     getModerationResponse: (instructions: string, question: string, answerToModerate: string) => Promise<boolean>;
-    streamChatCompletions(messages: any[]): Promise<void>;
-    sendToClient(sender: string, message: string, type?: string): void;
-    streamWebSocketResponses(stream: AsyncIterable<OpenAI.Chat.Completions.ChatCompletionChunk>): Promise<void>;
+    streamChatCompletions(messages: any[], modelName?: string, uniqueToken?: string): Promise<void>;
+    sendToClient(sender: string, message: string, type?: string, uniqueToken?: string): void;
+    streamWebSocketResponses(stream: AsyncIterable<OpenAI.Chat.Completions.ChatCompletionChunk>, uniqueToken?: string): Promise<void>;
     getAnswerIdeas(question: string, previousIdeas: string[] | null, firstMessage: string | null): Promise<string | null | undefined>;
-    getAiAnalysis(questionId: number, contextPrompt: string, answers: AoiChoiceData[], cacheKeyForFullResponse: string, redisClient: any, locale: string, topOrBottomIdeasText: string, typeOfAnalysisText: string): Promise<string | null | undefined>;
+    getAiAnalysis(questionId: number, contextPrompt: string, answers: AoiChoiceData[], cacheKeyForFullResponse: string, redisClient: any, locale: string, topOrBottomIdeasText: string, typeOfAnalysisText: string, uniqueToken?: string): Promise<string | null | undefined>;
 }

package/services/engine/allOurIdeas/aiHelper.js

@@ -1,8 +1,13 @@
 import { OpenAI } from "openai";
 import log from "../../../utils/loggerTs.js";
 export class AiHelper {
+    usesMaxCompletionTokens(modelName) {
+        return modelName.startsWith("gpt-5");
+    }
     constructor(wsClientSocket = undefined) {
         this.modelName = "gpt-4o";
+        this.answerIdeasModelName = "gpt-5.3-chat-latest";
+        this.analysisModelName = "gpt-5.3-chat-latest";
         this.maxTokens = 2048;
         this.temperature = 0.7;
         this.cacheExpireTime = 60 * 60;
@@ -53,31 +58,41 @@ Only output: PASSES or FAILS`;
         });
         this.wsClientSocket = wsClientSocket;
     }
-    async streamChatCompletions(messages) {
-        const stream = await this.openaiClient.chat.completions.create({
-            model: this.modelName,
+    async streamChatCompletions(messages, modelName = this.modelName, uniqueToken) {
+        const requestParams = {
+            model: modelName,
             messages,
-            max_tokens: this.maxTokens,
-            temperature: this.temperature,
             stream: true,
-        });
-        await this.streamWebSocketResponses(stream);
+        };
+        if (this.usesMaxCompletionTokens(modelName)) {
+            requestParams.max_completion_tokens = this.maxTokens;
+        }
+        else {
+            requestParams.max_tokens = this.maxTokens;
+            requestParams.temperature = this.temperature;
+        }
+        const stream = await this.openaiClient.chat.completions.create(requestParams);
+        await this.streamWebSocketResponses(stream, uniqueToken);
     }
-    sendToClient(sender, message, type = "stream") {
+    sendToClient(sender, message, type = "stream", uniqueToken) {
         this.wsClientSocket?.send(JSON.stringify({
             sender,
             type: type,
             message,
+            uniqueToken,
         }));
     }
-    async streamWebSocketResponses(stream) {
+    async streamWebSocketResponses(stream, uniqueToken) {
         return new Promise(async (resolve, reject) => {
-            this.sendToClient("bot", "", "start");
+            this.sendToClient("assistant", "", "start", uniqueToken);
             try {
                 let botMessage = "";
                 for await (const part of stream) {
-                    this.sendToClient("bot", part.choices[0].delta.content);
-                    botMessage += part.choices[0].delta.content;
+                    const content = part.choices[0].delta.content;
+                    if (content) {
+                        this.sendToClient("assistant", content, "stream", uniqueToken);
+                        botMessage += content;
+                    }
                 }
                 if (this.redisClient && this.cacheKeyForFullResponse) {
                     this.redisClient.set(this.cacheKeyForFullResponse, botMessage, "EX", this.cacheExpireTime);
@@ -85,11 +100,11 @@ Only output: PASSES or FAILS`;
             }
             catch (error) {
                 log.error(error);
-                this.sendToClient("bot", "There has been an error, please retry", "error");
+                this.sendToClient("assistant", "There has been an error, please retry", "error", uniqueToken);
                 reject();
             }
             finally {
-                this.sendToClient("bot", "", "end");
+                this.sendToClient("assistant", "", "end", uniqueToken);
             }
             resolve();
         });
@@ -132,16 +147,16 @@ Only output: PASSES or FAILS`;
                         content: `What are some possible answers to the question: ${question}\n\n${previewIdeasText}Answers:\n`,
                     },
                 ];
-                await this.streamChatCompletions(messages);
+                await this.streamChatCompletions(messages, this.answerIdeasModelName);
             }
         }
         catch (error) {
             log.error("Error in getAnswerIdeas:", error);
-            this.sendToClient("bot", "There has been an error, please retry", "error");
+            this.sendToClient("assistant", "There has been an error, please retry", "error");
             return null;
         }
     }
-    async getAiAnalysis(questionId, contextPrompt, answers, cacheKeyForFullResponse, redisClient, locale, topOrBottomIdeasText, typeOfAnalysisText) {
+    async getAiAnalysis(questionId, contextPrompt, answers, cacheKeyForFullResponse, redisClient, locale, topOrBottomIdeasText, typeOfAnalysisText, uniqueToken) {
         this.redisClient = redisClient;
         this.cacheKeyForFullResponse = cacheKeyForFullResponse;
         const basePrePrompt = `You are a highly competent text and ideas analysis AI.
@@ -194,12 +209,12 @@ Only output: PASSES or FAILS`;
               Answers to analyse:\n${answersText}`,
                     },
                 ];
-                this.streamChatCompletions(messages);
+                this.streamChatCompletions(messages, this.analysisModelName, uniqueToken);
             }
         }
         catch (error) {
             log.error("Error in getAiAnalysis:", error);
-            this.sendToClient("bot", "There has been an error, please retry", "error");
+            this.sendToClient("assistant", "There has been an error, please retry", "error", uniqueToken);
         }
     }
 }

package/services/engine/allOurIdeas/explainAnswersAssistant.d.ts

@@ -3,7 +3,7 @@ import { WebSocket } from "ws";
 import { YpBaseChatBot } from "../../llms/baseChatBot.js";
 export declare class ExplainAnswersAssistant extends YpBaseChatBot {
     openaiClient: OpenAI;
-    modelName: string;
+    llmModel: string;
     maxTokens: number;
     temperature: number;
     languageName: string;

package/services/engine/allOurIdeas/explainAnswersAssistant.js

@@ -13,11 +13,11 @@ export class ExplainAnswersAssistant extends YpBaseChatBot {
             tls: tlsOptions,
         });
         super(wsClientId, wsClients, redisConnection, `${YpBaseChatBot.redisMemoryKeyPrefix}-${uuidv4()}-explain-answers-assistant`);
-        this.modelName = "gpt-4o";
+        this.llmModel = "gpt-5.3-chat-latest";
         this.maxTokens = 4000;
         this.temperature = 0.8;
         this.explainConversation = async (chatLog) => {
-            this.setChatLog(chatLog);
+            await this.setChatLog(chatLog);
             let messages = chatLog.map((message) => {
                 return {
                     role: message.sender,
@@ -29,13 +29,7 @@ export class ExplainAnswersAssistant extends YpBaseChatBot {
                 content: this.renderSystemPrompt(),
             };
             messages.unshift(systemMessage);
-            const stream = await this.openaiClient.chat.completions.create({
-                model: this.llmModel,
-                messages,
-                max_tokens: this.maxTokens,
-                temperature: this.temperature,
-                stream: true,
-            });
+            const stream = await this.openaiClient.chat.completions.create(this.getStreamingChatCompletionParams(messages));
             this.streamWebSocketResponses(stream);
         };
         this.languageName = languageName;

package/services/engine/moderation/fraud/CreateFraudAuditReport.cjs

@@ -11,6 +11,16 @@ const formatWorksheet = (worksheet) => {
     worksheet.getRow(1).font = { bold: true };
     //  worksheet.properties.defaultRowHeight = 20;
 };
+const sanitizeWorksheetName = (name) => {
+    const sanitizedName = String(name || "Fraud Audit")
+        .replace(/[\\/\*\?:\[\]]/g, " ")
+        .replace(/\s+/g, " ")
+        .trim()
+        .substring(0, 31)
+        .trim()
+        .replace(/^'+|'+$/g, "");
+    return sanitizedName.trim() || "Fraud Audit";
+};
 class FraudAuditReport {
     constructor(workPackage) {
         this.workPackage = workPackage;
@@ -100,7 +110,7 @@ class FraudAuditReport {
         return items;
     }
     async getPostItems(ids) {
-        return await model.unscoped().findAll({
+        return await models.Post.unscoped().findAll({
             attributes: ["id", "created_at", "group_id", "user_id", "user_agent", "ip_address", "data"],
             where: {
                 id: {
@@ -133,7 +143,7 @@ class FraudAuditReport {
         this.workBook = new Excel.Workbook();
         this.workBook.creator = "Your Priorities Report - Automated";
         this.workBook.created = new Date();
-        this.worksheet = this.workBook.addWorksheet(`Community Users ${this.workPackage.community.id} ${this.workPackage.userName}`);
+        this.worksheet = this.workBook.addWorksheet(sanitizeWorksheetName(`Community Users ${this.workPackage.community.id} ${this.workPackage.userName}`));
         this.worksheet.columns = [
             { header: "Type", key: "collectionType", width: 20 },
             { header: "Method", key: "selectedMethod", width: 20 },
@@ -159,7 +169,7 @@ class FraudAuditReport {
         }
         if (['pointQualities'].indexOf(originalWorkPackage.collectionType) !== -1) {
             this.worksheet.columns = this.worksheet.columns.concat([
-                { header: "Point Id", key: "postId", width: 20 },
+                { header: "Point Id", key: "pointId", width: 20 },
             ]);
         }
         this.worksheet.columns = this.worksheet.columns.concat([
@@ -176,8 +186,8 @@ class FraudAuditReport {
                 communityName +
                 "_" +
                 dateString +
-                ".xls";
-        this.workPackage.fileEnding = "xls";
+                ".xlsx";
+        this.workPackage.fileEnding = "xlsx";
     }
     async getCommunity() {
         this.workPackage.community = await models.Community.findOne({
@@ -240,8 +250,8 @@ class FraudAuditReport {
                 dateDeleted: this.workPackage.auditReportData.date,
                 id: item.id,
                 date: item.created_at,
-                userId: item.User.id,
-                email: item.User.email,
+                userId: item.User ? item.User.id : item.user_id,
+                email: item.User ? item.User.email : "",
                 ipAddress: item.ip_address,
                 userAgent: item.user_agent,
             };
@@ -250,14 +260,14 @@ class FraudAuditReport {
                 row.browserId = item.data.browserId;
             }
             if (['posts', 'pointQualities'].indexOf(originalWorkPackage.collectionType) === -1) {
-                row.postId = item.Post.id;
-                row.postName = item.Post.name;
+                row.postId = item.Post ? item.Post.id : item.post_id;
+                row.postName = item.Post ? item.Post.name : "";
             }
             if (['endorsements', 'pointQualities', 'ratings'].indexOf(originalWorkPackage.collectionType) !== -1) {
                 row.value = item.value;
             }
             if (['pointQualities'].indexOf(originalWorkPackage.collectionType) !== -1) {
-                row.pointId = item.Point.id;
+                row.pointId = item.Point ? item.Point.id : item.point_id;
             }
             this.worksheet.addRow(row);
         }
@@ -272,6 +282,7 @@ class FraudAuditReport {
                     }
                 });
                 if (auditReport && auditReport.data) {
+                    this.validateAuditReportCommunity(auditReport);
                     this.workPackage.auditReportData = auditReport.data;
                     await this.getCommunity();
                     this.setupFilename();
@@ -296,6 +307,17 @@ class FraudAuditReport {
             }
         });
     }
+    validateAuditReportCommunity(auditReport) {
+        const auditCommunityId = auditReport &&
+            auditReport.data &&
+            auditReport.data.workPackage &&
+            auditReport.data.workPackage.communityId;
+        if (auditCommunityId === undefined ||
+            auditCommunityId === null ||
+            String(auditCommunityId) !== String(this.workPackage.communityId)) {
+            throw new Error("Fraud audit report does not belong to this community");
+        }
+    }
 }
 const createFraudAuditReport = async (workPackage, done) => {
     return await new Promise(async (resolve, reject) => {
@@ -310,5 +332,7 @@ const createFraudAuditReport = async (workPackage, done) => {
     });
 };
 module.exports = {
-    createFraudAuditReport
+    createFraudAuditReport,
+    FraudAuditReport,
+    sanitizeWorksheetName
 };

package/services/engine/moderation/fraud/CreateFraudAuditReport.d.cts

@@ -1 +1,22 @@
 export function createFraudAuditReport(workPackage: any, done: any): Promise<any>;
+export class FraudAuditReport {
+    constructor(workPackage: any);
+    workPackage: any;
+    exportedData: Excel.Buffer | null;
+    items: any;
+    workBook: Excel.Workbook | null;
+    worksheet: Excel.Worksheet | null;
+    getPointQualityItems(ids: any): Promise<(import("sequelize").Model<YpPointQuality, Partial<YpPointQuality>> & YpPointQuality)[]>;
+    getPostDependedItems(model: any, ids: any): Promise<any>;
+    getPostItems(ids: any): Promise<(import("sequelize").Model<YpPostData, Partial<YpPostData>> & YpPostData)[]>;
+    setupXls(): Promise<void>;
+    setupFilename(): void;
+    getCommunity(): Promise<void>;
+    uploadToS3(): Promise<any>;
+    setupItems(): Promise<void>;
+    populateXls(): Promise<void>;
+    createReport(): Promise<any>;
+    validateAuditReportCommunity(auditReport: any): void;
+}
+export function sanitizeWorksheetName(name: any): string;
+import Excel = require("exceljs");