cg_api_secure-webshare/AI_CHECKPOINT.md

AI Checkpoint — cg.cx Refinement Pass

Phase

ALL BATCHES COMPLETE. Refinement pass finished. No blockers.

Final State

• cargo check --workspace ✅ passes
• cargo test --workspace ✅ passes (0 tests, all crates compile)
• Frontend npm run build ✅ passes
• All 10 batches implemented, verified, and merged.

Completed Work Summary

Batch 1 — Security + Stability

• B: /get_id extended to channels (msg.chat.is_channel())
• C: /help HTML parse errors fixed (<arg> → [arg])
• E: /blacklist_uid and /whitelist_uid restricted to configured admin groups + admins
• I: HEAD requests no longer consume auto-destroy views in serve_file

Batch 2 — Misc Report Section

• Backend: POST /api/content/:cxid/report endpoint added to server
• reqwest added to cgcx-server/Cargo.toml
• Server seeds web-reporter user (id=0) to satisfy FK constraint
• Frontend: Direct report wired to API; hardcoded harmfulmeowbot replaced with dynamic BOT_USERNAME

Batch 3 — Password/Autodestroy + UX

• Homepage password flow fixed: fetchMetadata now passes password; 401 handled correctly (needsPassword = true or "Incorrect password.")
• Removed redundant verifyPassword call from Home.svelte

Batch 4 — Submission/Review Batching + Hardening

• Existing batching logic verified correct
• Fixes applied:
  • serve_raw_file now increments views (mirrors serve_file)
  • Approval caption truncated to 1024 chars
  • Video/audio sent as native InputMediaVideo/InputMediaAudio

Batch 5 — Review Action Buttons

• Verified: [ Ban ], [ Blackl. ], [ Ban/BL u. ] present in review keyboard
• Verified: handlers for ban, blk, banblk, approve, ignore all work with permission checks

Batch 6 — GLOBAL_BAN

• Verified: GroupsConfig.global_ban config option present
• Verified: propagate_punishment checks flag and propagates to all known chats

Batch 7 — Upload Privacy + Metadata

• Verified: show_author toggle in upload options
• Verified: metadata bar in ViewContent.svelte shows date, size, author hyperlink

Batch 8 — Deduplication + Hash Blacklist

• Verified: plaintext_hash computed, dedup lookup works, ref_count incremented
• Verified: HashBlacklistRepo blocks re-uploads with BlockedHash error

Batch 9 — Username Tracking

• Verified: UserRepo::ensure_exists logs changes to configurable uname_changes_path

Batch 10 — Homepage Bot Link + Docs

• Q: Bot link reordered between Content ID field and "-- cannibal girls --" subtitle
• Q: Link color changed to var(--retro-accent) (very dark green)
• P: docs/API.md, docs/COMMANDS.md, docs/MODERATION.md, README.md all updated

Files Touched in This Pass

• crates/cgcx-server/src/main.rs — view increment, report endpoint, web user seed
• crates/cgcx-server/Cargo.toml — reqwest dependency
• crates/cgcx-bot/src/main.rs — channel support, help escaping, admin-group gates, media types, caption truncation
• frontend/src/routes/Home.svelte — password flow, report wiring, bot link reorder
• frontend/src/lib/api.js — API_BASE export
• docs/API.md, docs/COMMANDS.md, docs/MODERATION.md, README.md — documentation updates

Known Limitations (Not Fixed in This Pass)

1. Zero test coverage across the workspace.
2. Memory usage: Forward approval/review decrypts entire files into memory (decrypt_bytes + InputFile::memory). Large files risk OOM.
3. TOCTOU race: Concurrent requests to serve_file can overserve past max_views by 1.
4. Multi-file view counting: Each file request increments view_count, so multi-file content with low max_views may become unavailable before all files are viewed.

Blockers

None.

Next Step

None — refinement pass is complete. Future work (if any) should start from this checkpoint.