import { Controller, Get, Post, Patch, Delete, Body, Param, Query, Request, HttpCode, HttpStatus, ParseUUIDPipe, UseGuards, } from '@nestjs/common'; import { ApiTags, ApiOperation, ApiResponse, ApiBearerAuth, ApiParam, } from '@nestjs/swagger'; import { FeedbackService } from './feedback.service'; import { CreateFeedbackDto, UpdateFeedbackDto, UpdateStatusDto, BatchUpdateStatusDto, FeedbackQueryDto, AdminFeedbackQueryDto, FeedbackStatsQueryDto, FeedbackResponseDto, FeedbackStatsDto, BatchUpdateResultDto, } from './dto/feedback.dto'; import { RequirePermissions } from '@common/decorators/permissions.decorator'; import { PermissionsGuard } from '@modules/organization/auth/guards/permissions.guard'; import { Auditable, Sensitive, Financial } from '@core/observability/audit/decorators/auditable.decorator'; // ============================================================================ // Controller // ============================================================================ @ApiTags('Feedback - 用户反馈') @ApiBearerAuth() @Controller('feedbacks') export class FeedbackController { constructor(private readonly feedbackService: FeedbackService) {} // ========================================================================== // User APIs (仅需登录) // ========================================================================== /** * 提交反馈 */ @Post() @Auditable() @HttpCode(HttpStatus.CREATED) @ApiOperation({ summary: '提交反馈', description: '用户提交新的反馈' }) @ApiResponse({ status: 201, description: '反馈提交成功' }) @ApiResponse({ status: 400, description: '请求参数验证失败' }) async create(@Request() req: any, @Body() dto: CreateFeedbackDto) { const feedback = await this.feedbackService.create(req.user.userId, dto); return { data: feedback, message: '反馈提交成功', }; } /** * 获取我的反馈列表 */ @Get('my') @ApiOperation({ summary: '获取我的反馈列表', description: '获取当前用户提交的所有反馈', }) @ApiResponse({ status: 200, description: '成功' }) async findMyFeedbacks(@Request() req: any, @Query() query: FeedbackQueryDto) { return this.feedbackService.findMyFeedbacks(req.user.userId, query); } /** * 获取我的反馈详情 */ @Get('my/:id') @ApiOperation({ summary: '获取我的反馈详情', description: '获取当前用户提交的单条反馈详情', }) @ApiParam({ name: 'id', description: '反馈 ID' }) @ApiResponse({ status: 200, description: '成功' }) @ApiResponse({ status: 404, description: '反馈不存在' }) async findMyFeedbackById( @Request() req: any, @Param('id', ParseUUIDPipe) id: string, ) { return this.feedbackService.findMyFeedbackById(req.user.userId, id); } // ========================================================================== // Stats API (需要 feedback:read 权限) // ========================================================================== /** * 获取反馈统计 */ @Get('stats') @RequirePermissions('feedback:read') @ApiOperation({ summary: '获取反馈统计', description: '获取反馈统计数据(管理员)', }) @ApiResponse({ status: 200, description: '成功', type: FeedbackStatsDto }) async getStats( @Request() req: any, @Query() query: FeedbackStatsQueryDto, ) { return this.feedbackService.getStats(req.user.userId, query); } // ========================================================================== // Admin APIs (需要相应权限) // ========================================================================== /** * 获取反馈列表(管理员) */ @Get() @RequirePermissions('feedback:read') @ApiOperation({ summary: '获取反馈列表(管理员)', description: '管理员获取所有反馈列表,支持筛选和分页', }) @ApiResponse({ status: 200, description: '成功' }) async findAll(@Request() req: any, @Query() query: AdminFeedbackQueryDto) { return this.feedbackService.findAll(req.user.userId, query); } /** * 批量更新状态 */ @Post('batch-status') @Auditable() @Sensitive() @RequirePermissions('feedback:update') @ApiOperation({ summary: '批量更新反馈状态', description: '批量更新多条反馈的状态', }) @ApiResponse({ status: 200, description: '成功', type: BatchUpdateResultDto }) @ApiResponse({ status: 400, description: '批量操作数量超限' }) async batchUpdateStatus( @Request() req: any, @Body() dto: BatchUpdateStatusDto, ) { const result = await this.feedbackService.batchUpdateStatus( req.user.userId, dto, ); return { data: result, message: '批量更新完成', }; } /** * 获取反馈详情(管理员) */ @Get(':id') @RequirePermissions('feedback:read') @ApiOperation({ summary: '获取反馈详情(管理员)', description: '管理员获取反馈详情', }) @ApiParam({ name: 'id', description: '反馈 ID' }) @ApiResponse({ status: 200, description: '成功', type: FeedbackResponseDto }) @ApiResponse({ status: 404, description: '反馈不存在' }) @ApiResponse({ status: 403, description: '无权访问该反馈' }) async findById( @Request() req: any, @Param('id', ParseUUIDPipe) id: string, ) { return this.feedbackService.findById(req.user.userId, id); } /** * 更新反馈状态 */ @Patch(':id/status') @Auditable() @Sensitive() @RequirePermissions('feedback:update') @ApiOperation({ summary: '更新反馈状态', description: '更新反馈的处理状态', }) @ApiParam({ name: 'id', description: '反馈 ID' }) @ApiResponse({ status: 200, description: '状态更新成功' }) @ApiResponse({ status: 400, description: '无效的状态变更' }) @ApiResponse({ status: 404, description: '反馈不存在' }) async updateStatus( @Request() req: any, @Param('id', ParseUUIDPipe) id: string, @Body() dto: UpdateStatusDto, ) { const result = await this.feedbackService.updateStatus( req.user.userId, id, dto, ); return { data: result, message: '状态更新成功', }; } /** * 更新反馈信息(管理员) */ @Patch(':id') @Auditable() @Sensitive() @RequirePermissions('feedback:update') @ApiOperation({ summary: '更新反馈信息', description: '更新反馈的优先级、备注、回复、指派人等', }) @ApiParam({ name: 'id', description: '反馈 ID' }) @ApiResponse({ status: 200, description: '更新成功' }) @ApiResponse({ status: 404, description: '反馈不存在' }) async update( @Request() req: any, @Param('id', ParseUUIDPipe) id: string, @Body() dto: UpdateFeedbackDto, ) { const result = await this.feedbackService.update(req.user.userId, id, dto); return { data: result, message: '更新成功', }; } /** * 删除反馈(软删除) */ @Delete(':id') @Auditable() @Sensitive() @RequirePermissions('feedback:delete') @ApiOperation({ summary: '删除反馈', description: '软删除反馈', }) @ApiParam({ name: 'id', description: '反馈 ID' }) @ApiResponse({ status: 200, description: '删除成功' }) @ApiResponse({ status: 404, description: '反馈不存在' }) async delete( @Request() req: any, @Param('id', ParseUUIDPipe) id: string, ) { await this.feedbackService.delete(req.user.userId, id); return { data: null, message: '删除成功', }; } }