Separate out a public and non-public halves to publicreport APIs

This prevents us from leaking text messaging details on public endpoints.
2026-04-28 06:36:55 +00:00 · 2026-04-28 06:36:55 +00:00 · 8bdd18649d
commit 8bdd18649d
parent 8fcd926d43
12 changed files with 169 additions and 136 deletions
--- a/platform/publicreport.go
+++ b/platform/publicreport.go
@ -53,11 +53,11 @@ func GenerateReportID() (string, error) {
 	return builder.String(), nil
 }

-func PublicreportByID(ctx context.Context, report_id string) (*types.PublicReport, error) {
-	return publicreport.ByID(ctx, report_id)
+func PublicReportByID(ctx context.Context, report_id string, is_public bool) (*types.PublicReport, error) {
+	return publicreport.ByID(ctx, report_id, is_public)
 }
-func PublicreportByIDCompliance(ctx context.Context, report_id string) (*types.PublicReportCompliance, error) {
-	result, err := publicreport.ByIDCompliance(ctx, report_id)
+func PublicReportByIDCompliance(ctx context.Context, report_id string, is_public bool) (*types.PublicReportCompliance, error) {
+	result, err := publicreport.ByIDCompliance(ctx, report_id, is_public)
 	if err != nil {
 		return nil, fmt.Errorf("byidcompliance: %w", err)
 	}
@ -75,14 +75,14 @@ func PublicreportByIDCompliance(ctx context.Context, report_id string) (*types.P
 	}
 	return result, nil
 }
-func PublicreportByIDNuisance(ctx context.Context, report_id string) (*types.PublicReportNuisance, error) {
-	return publicreport.ByIDNuisance(ctx, report_id)
+func PublicReportByIDNuisance(ctx context.Context, report_id string, is_public bool) (*types.PublicReportNuisance, error) {
+	return publicreport.ByIDNuisance(ctx, report_id, is_public)
 }
-func PublicreportByIDWater(ctx context.Context, report_id string) (*types.PublicReportWater, error) {
-	return publicreport.ByIDWater(ctx, report_id)
+func PublicReportByIDWater(ctx context.Context, report_id string, is_public bool) (*types.PublicReportWater, error) {
+	return publicreport.ByIDWater(ctx, report_id, is_public)
 }
-func PublicreportComplianceSubmit(ctx context.Context, report_id string) (*types.PublicReportCompliance, error) {
-	report, err := publicreport.ByIDCompliance(ctx, report_id)
+func PublicReportComplianceSubmit(ctx context.Context, report_id string, is_public bool) (*types.PublicReportCompliance, error) {
+	report, err := publicreport.ByIDCompliance(ctx, report_id, is_public)
 	if err != nil {
 		return nil, fmt.Errorf("byidcompliance: %w", err)
 	}
@ -94,9 +94,9 @@ func PublicreportComplianceSubmit(ctx context.Context, report_id string) (*types
 	if err != nil {
 		return nil, fmt.Errorf("update report submitted: %w", err)
 	}
-	return publicreport.ByIDCompliance(ctx, report_id)
+	return publicreport.ByIDCompliance(ctx, report_id, is_public)
 }
-func PublicreportInvalid(ctx context.Context, user User, public_id string) error {
+func PublicReportInvalid(ctx context.Context, user User, public_id string) error {
 	report, err := publicReportFromID(ctx, public_id)
 	if err != nil {
 		return fmt.Errorf("query report existence: %w", err)
@ -206,13 +206,13 @@ func PublicReportUpdateCompliance(ctx context.Context, public_id string, report_
 		}
 	}
 	txn.Commit(ctx)
-	return publicreport.ByIDCompliance(ctx, public_id)
+	return publicreport.ByIDCompliance(ctx, public_id, false)
 }
 func PublicReportReporterUpdated(ctx context.Context, org_id int32, report_id string) {
 	event.Updated(event.TypeRMOPublicReport, org_id, report_id)
 }
-func PublicReportsForOrganization(ctx context.Context, org_id int32) ([]*types.PublicReport, error) {
-	return publicreport.ReportsForOrganization(ctx, org_id)
+func PublicReportsForOrganization(ctx context.Context, org_id int32, is_public bool) ([]*types.PublicReport, error) {
+	return publicreport.ReportsForOrganization(ctx, org_id, is_public)
 }
 func PublicReportComplianceCreate(ctx context.Context, setter_report models.PublicreportReportSetter, setter_compliance models.PublicreportComplianceSetter, org_id int32) (*models.PublicreportReport, error) {
 	return publicReportCreate(ctx, setter_report, nil, nil, nil, org_id, func(ctx context.Context, txn bob.Executor, report_id int32) error {
--- a/platform/publicreport/log.go
+++ b/platform/publicreport/log.go
@ -15,7 +15,7 @@ import (
 	"github.com/stephenafamo/scan"
 )

-func logEntriesByReportID(ctx context.Context, report_ids []int32) (map[int32][]*types.LogEntry, error) {
+func logEntriesByReportID(ctx context.Context, report_ids []int32, is_public bool) (map[int32][]*types.LogEntry, error) {
 	results := make(map[int32][]*types.LogEntry, len(report_ids))
 	for _, report_id := range report_ids {
 		results[report_id] = make([]*types.LogEntry, 0)
@ -49,19 +49,21 @@ func logEntriesByReportID(ctx context.Context, report_ids []int32) (map[int32][]
 	for _, row := range rows {
 		results[row.ReportID] = append(results[row.ReportID], &row)
 	}
-	logs_from_texts, err := logEntriesFromTexts(ctx, report_ids)
-	if err != nil {
-		return results, fmt.Errorf("log from texts: %w", err)
-	}
-	for report_id, logs := range logs_from_texts {
-		cur_logs, ok := results[report_id]
-		if !ok {
-			return results, fmt.Errorf("no text logs for %d", report_id)
+	if !is_public {
+		logs_from_texts, err := logEntriesFromTexts(ctx, report_ids)
+		if err != nil {
+			return results, fmt.Errorf("log from texts: %w", err)
 		}
-		for _, l := range logs {
-			cur_logs = append(cur_logs, l)
+		for report_id, logs := range logs_from_texts {
+			cur_logs, ok := results[report_id]
+			if !ok {
+				return results, fmt.Errorf("no text logs for %d", report_id)
+			}
+			for _, l := range logs {
+				cur_logs = append(cur_logs, l)
+			}
+			results[report_id] = cur_logs
 		}
-		results[report_id] = cur_logs
 	}
 	return results, nil
 }
--- a/platform/publicreport/report.go
+++ b/platform/publicreport/report.go
@ -15,12 +15,12 @@ import (
 	"github.com/stephenafamo/scan"
 )

-func ByID(ctx context.Context, public_id string) (*types.PublicReport, error) {
+func ByID(ctx context.Context, public_id string, is_public bool) (*types.PublicReport, error) {
 	query := reportQuery()
 	query.Apply(
 		sm.Where(psql.Quote("r", "public_id").EQ(psql.Arg(public_id))),
 	)
-	reports, err := reportQueryToRows(ctx, query)
+	reports, err := reportQueryToRows(ctx, query, is_public)
 	if err != nil {
 		return nil, fmt.Errorf("query to rows: %w", err)
 	}
@ -30,36 +30,36 @@ func ByID(ctx context.Context, public_id string) (*types.PublicReport, error) {
 	}
 	return reports[0], nil
 }
-func ByIDCompliance(ctx context.Context, public_id string) (*types.PublicReportCompliance, error) {
-	report, err := ByID(ctx, public_id)
+func ByIDCompliance(ctx context.Context, public_id string, is_public bool) (*types.PublicReportCompliance, error) {
+	report, err := ByID(ctx, public_id, is_public)
 	if err != nil {
 		return nil, fmt.Errorf("base report byid: %w", err)
 	}
 	return compliance(ctx, public_id, report)
 }
-func ByIDNuisance(ctx context.Context, public_id string) (*types.PublicReportNuisance, error) {
-	report, err := ByID(ctx, public_id)
+func ByIDNuisance(ctx context.Context, public_id string, is_public bool) (*types.PublicReportNuisance, error) {
+	report, err := ByID(ctx, public_id, is_public)
 	if err != nil {
 		return nil, fmt.Errorf("base report byid: %w", err)
 	}
 	return nuisance(ctx, public_id, report)
 }
-func ByIDWater(ctx context.Context, public_id string) (*types.PublicReportWater, error) {
-	report, err := ByID(ctx, public_id)
+func ByIDWater(ctx context.Context, public_id string, is_public bool) (*types.PublicReportWater, error) {
+	report, err := ByID(ctx, public_id, is_public)
 	if err != nil {
 		return nil, fmt.Errorf("base report byid: %w", err)
 	}
 	return water(ctx, public_id, report)
 }
-func ReportsForOrganization(ctx context.Context, org_id int32) ([]*types.PublicReport, error) {
+func ReportsForOrganization(ctx context.Context, org_id int32, is_public bool) ([]*types.PublicReport, error) {
 	query := reportQuery()
 	query.Apply(
 		sm.Where(psql.Quote("r", "organization_id").EQ(psql.Arg(org_id))),
 		sm.Where(psql.Quote("r", "reviewed").IsNull()),
 	)
-	return reportQueryToRows(ctx, query)
+	return reportQueryToRows(ctx, query, is_public)
 }
-func reportQueryToRows(ctx context.Context, query bob.BaseQuery[*dialect.SelectQuery]) ([]*types.PublicReport, error) {
+func reportQueryToRows(ctx context.Context, query bob.BaseQuery[*dialect.SelectQuery], is_public bool) ([]*types.PublicReport, error) {
 	rows, err := bob.All(ctx, db.PGInstance.BobDB, query, scan.StructMapper[types.PublicReport]())

 	if err != nil {
@ -73,7 +73,7 @@ func reportQueryToRows(ctx context.Context, query bob.BaseQuery[*dialect.SelectQ
 	if err != nil {
 		return nil, fmt.Errorf("images for report: %w", err)
 	}
-	logs_by_report_id, err := logEntriesByReportID(ctx, report_ids)
+	logs_by_report_id, err := logEntriesByReportID(ctx, report_ids, is_public)
 	if err != nil {
 		return nil, fmt.Errorf("log entries for reports: %w", err)
 	}
@ -94,13 +94,13 @@ func reportQueryToRows(ctx context.Context, query bob.BaseQuery[*dialect.SelectQ
 	}
 	return results, nil
 }
-func Reports(ctx context.Context, org_id int32, ids []int32) ([]*types.PublicReport, error) {
+func Reports(ctx context.Context, org_id int32, ids []int32, is_public bool) ([]*types.PublicReport, error) {
 	query := reportQuery()
 	query.Apply(
 		sm.Where(psql.Quote("r", "organization_id").EQ(psql.Arg(org_id))),
 		sm.Where(psql.Quote("r", "id").EQ(psql.Any(ids))),
 	)
-	return reportQueryToRows(ctx, query)
+	return reportQueryToRows(ctx, query, is_public)
 }
 func ReportsForOrganizationCount(ctx context.Context, org_id int32) (uint, error) {
 	type _Row struct {
--- a/platform/signal.go
+++ b/platform/signal.go
@ -275,7 +275,7 @@ func SignalList(ctx context.Context, user User, limit int) ([]*Signal, error) {
 	if err != nil {
 		return nil, fmt.Errorf("getting pools by ID: %w", err)
 	}
-	reports, err := publicreport.Reports(ctx, org_id, report_ids)
+	reports, err := publicreport.Reports(ctx, org_id, report_ids, false)
 	if err != nil {
 		return nil, fmt.Errorf("getting reports by ID: %w", err)
 	}