package api import ( "veza-backend-api/internal/core/moderation" "veza-backend-api/internal/services" "github.com/gin-gonic/gin" ) // setupModerationRoutes registers advanced moderation routes (v0.11.2 F411-F420) func (r *APIRouter) setupModerationRoutes(router *gin.RouterGroup) { moderationService := services.NewModerationService(r.db.GormDB, r.logger) moderationHandler := moderation.NewModerationHandler(moderationService, r.logger) // Admin moderation routes (require auth + admin + MFA) admin := router.Group("/admin/moderation") { if r.config.AuthMiddleware != nil { admin.Use(r.config.AuthMiddleware.RequireAuth()) admin.Use(r.config.AuthMiddleware.RequireAdmin()) admin.Use(r.config.AuthMiddleware.RequireMFA()) // SFIX-001: MFA obligatoire pour admin } // F411: Moderation queue admin.GET("/queue", moderationHandler.GetModerationQueue) admin.POST("/reports/:id/process", moderationHandler.ProcessReport) admin.POST("/reports/:id/assign", moderationHandler.AssignReport) // F413: Spam detections admin.GET("/spam", moderationHandler.GetSpamDetections) // F414: Audio fingerprints admin.GET("/fingerprints", moderationHandler.GetPendingFingerprints) admin.POST("/fingerprints/:trackId/review", moderationHandler.ReviewFingerprint) // F415: Strikes & appeals (admin view) admin.GET("/users/:userId/strikes", moderationHandler.GetUserStrikes) admin.GET("/appeals", moderationHandler.GetPendingAppeals) admin.POST("/appeals/:strikeId/resolve", moderationHandler.ResolveAppeal) // Stats admin.GET("/stats", moderationHandler.GetModerationStats) } // User-facing routes (require auth only) protected := router.Group("") { if r.config.AuthMiddleware != nil { protected.Use(r.config.AuthMiddleware.RequireAuth()) } // F412: Enhanced reporting (any authenticated user) protected.POST("/reports", moderationHandler.CreateEnhancedReport) // F415: User's own strikes and appeals protected.GET("/me/strikes", moderationHandler.GetMyStrikes) protected.POST("/strikes/:strikeId/appeal", moderationHandler.AppealStrike) } }