#302

Merge pull request 'フロントのテスト追加 (#155 )' (#350 ) from feature/155 into main
Reviewed-on: #350
2026-05-17 21:09:43 +09:00 · 2026-05-13 22:03:05 +09:00 · 2026-05-13 21:49:40 +09:00 · 2026-05-13 20:42:25 +09:00 · 2026-05-11 03:32:47 +09:00 · 2026-05-11 02:46:08 +09:00
257 changed files with 20043 additions and 1694 deletions
@@ -0,0 +1,35 @@
 ## 背景
 なぜ必要か。
 ## 対象範囲
 - backend:
 - frontend:
 - docs:
 - migration:
 ## やること
 - [ ] 
 ## 受け入れ条件
 - [ ] 
 ## 実行すべき確認
 - [ ] `cd backend && bundle exec rspec`
 - [ ] `cd frontend && npm run build`
 - [ ] `cd frontend && npm run lint`
 ## 禁止事項
 - unrelated refactor はしない
 - 既存 API response shape を壊さない
 - 認証・認可・BAN を弱めない
 ## Codex への指示
 この issue を読んで実装してください。
 不明点があれば、実装前に調査結果と選択肢を提示してください。
@@ -0,0 +1,143 @@
 # AGENTS.md
 ## Project overview
 BTRC Hub / タグ広場 is a split Rails API and React frontend repository.
 - Backend: Rails API under `backend/`.
 - Frontend: React + TypeScript + Vite under `frontend/`.
 - Docs: lightweight command notes under `docs/`.
 - There is no README or Makefile at the repository root as of this inspection.
 ## Stack
 - Backend: Ruby `3.2.2` from `backend/.ruby-version`, Rails `~> 8.0.2`.
 - Backend dependencies include `mysql2`, `sqlite3`, `rspec-rails`, `factory_bot_rails`, `rack-cors`, `jwt`, `discard`, `gollum`, `whenever`, `aws-sdk-s3`, `brakeman`, and `rubocop-rails-omakase`.
 - Frontend: React `^19.1.0`, TypeScript `~5.8.3`, Vite `^6.3.5`.
 - Frontend data/UI dependencies include Axios, TanStack Query, Tailwind CSS, Framer Motion, Radix UI components, lucide-react, MDX/Markdown tooling, and Zustand.
 ## Main directories
 - `backend/app/controllers`: Rails API controllers.
 - `backend/app/models`: Active Record models.
 - `backend/app/representations`: API response representation classes.
 - `backend/app/services`: domain services such as version recording, wiki commit, YouTube sync, and similarity calculation.
 - `backend/config/routes.rb`: API routes.
 - `backend/db/migrate`: migrations.
 - `backend/db/schema.rb`: current schema snapshot.
 - `backend/lib/tasks`: custom Rake tasks.
 - `backend/spec`: RSpec tests.
 - `backend/test`: Rails minitest files that still exist in the tree.
 - `frontend/src/App.tsx`: frontend route definitions and initial user setup.
 - `frontend/src/pages`: page-level React components.
 - `frontend/src/components`: shared and feature components.
 - `frontend/src/lib`: API client helpers, query keys, prefetchers, and domain helpers.
 - `frontend/src/stores`: Zustand stores.
 - `docs/commands.md`: command notes.
 ## Commands
 Only list commands that are backed by files inspected in this repository.
 ### Backend
 The following binstubs exist under `backend/bin`:
 ```sh
 cd backend
 bin/setup
 bin/dev
 bin/rails
 bin/rake
 bin/rubocop
 bin/brakeman
 bin/kamal
 bin/thrust
 ```
 Common Rails/Rake usage through existing binstubs:
 ```sh
 cd backend
 bin/rails db:prepare
 bin/rails db:migrate
 bin/rails routes
 bin/rails server
 bin/rake
 bin/rubocop
 bin/brakeman
 ```
 RSpec is present in `Gemfile` and `.rspec` exists:
 ```sh
 cd backend
 bundle exec rspec
 ```
 ### Frontend
 The following npm scripts exist in `frontend/package.json`:
 ```sh
 cd frontend
 npm run dev
 npm run build
 npm run lint
 npm run preview
 ```
 `npm run build` runs `tsc -b && vite build`, then `postbuild` runs `node scripts/generate-sitemap.js`.
 Do not write or report `npm test` as a repository command unless a `test` script is added to `frontend/package.json`.
 ## Coding style
 - Prefer precise, minimal changes.
 - Do not flatter or over-explain.
 - Explain risks directly.
 - Prefer single quotes for strings unless interpolation or escaping makes double quotes better.
 - Ruby: never put a space before method-call parentheses.
 - Ruby: do not use `%w` or `%i`.
 - TypeScript and Python: use GNU-style spacing before parentheses where syntactically valid.
 - Do not add production dependencies without explicit approval.
 ## Backend rules
 - Inspect existing routes, controllers, models, services, and specs before editing backend behavior.
 - For API behavior changes, add or update request specs under `backend/spec/requests`.
 - Prefer RSpec for new backend tests; existing minitest files under `backend/test` do not make minitest the default for new coverage.
 - Do not weaken authentication, BAN user checks, or IP BAN checks.
 - Preserve the `X-Transfer-Code` user identification flow unless the task explicitly changes authentication.
 - Be careful with version tables, `version_no`, optimistic concurrency, wiki revisions, and restore/diff behavior.
 - Be careful with tag names, tag normalization, implications, similarities, and discard behavior.
 - Keep migration files and `backend/db/schema.rb` consistent when changing schema.
 ## Frontend rules
 - Use `frontend/src/lib/api.ts` for API calls so headers and camelCase conversion stay consistent.
 - Add or reuse TanStack Query keys through `frontend/src/lib/queryKeys.ts`; avoid ad hoc query key arrays.
 - Encode URL path-segment values with `encodeURIComponent`.
 - React hooks must be called unconditionally.
 - Keep page-level code under `frontend/src/pages` and shared UI/feature code under `frontend/src/components` unless existing patterns point elsewhere.
 - Match existing Tailwind, component, and import alias conventions.
 ## Codex workflow
 - First inspect existing patterns; do not invent new architecture when a local convention exists.
 - Keep changes scoped to the requested issue.
 - Do not scan or summarize dependency/generated/runtime directories such as `node_modules`, `dist`, `tmp`, `log`, and `storage` unless explicitly needed.
 - Before touching wiki, tag, versioning, BAN, IP BAN, or authentication behavior, inspect the related request specs and service objects.
 - If frontend code changes, run the existing frontend verification commands that apply: `npm run build` and `npm run lint`.
 - If backend code changes, run the relevant RSpec command; for broad backend changes, run `bundle exec rspec`.
 - If a verification command cannot be run or fails, report the exact command and failure.
 ## Completion criteria
 A task is complete only when:
 - implementation is complete,
 - relevant verification commands pass, or failures are clearly explained,
 - unrelated files are not changed,
 - migrations and schema are consistent when schema changes are made,
 - user-facing behavior is documented when needed.
@@ -0,0 +1,147 @@
 # backend/AGENTS.md
 ## Scope
 These rules apply to work under `backend/`.
 This is a Rails API app using Active Record, RSpec, request specs, service objects, representation classes, and version tables for post/tag/wiki history.
 ## Commands
 Use commands backed by files and dependencies in this directory:
 ```sh
 bin/setup
 bin/dev
 bin/rails
 bin/rake
 bin/rubocop
 bin/brakeman
 bundle exec rspec
 ```
 Common checks:
 ```sh
 bundle exec rspec
 bin/rubocop
 bin/brakeman
 ```
 Common Rails commands:
 ```sh
 bin/rails db:prepare
 bin/rails db:migrate
 bin/rails routes
 bin/rails server
 ```
 After backend behavior changes, run the relevant RSpec files. For broad backend changes, run:
 ```sh
 bundle exec rspec
 ```
 If a command cannot be run or fails, report the exact command and failure.
 ## Rails structure
 - `app/controllers`: API controllers.
 - `app/models`: Active Record models and concerns.
 - `app/representations`: JSON response shaping.
 - `app/services`: domain services such as version recorders, wiki commit, YouTube sync, and similarity calculation.
 - `config/routes.rb`: public API routes.
 - `db/migrate`: migrations.
 - `db/schema.rb`: schema snapshot.
 - `lib/tasks`: custom Rake tasks.
 - `spec`: RSpec tests.
 Before changing behavior, inspect the matching route, controller, model, service, representation, and spec.
 ## Ruby style
 - Prefer precise, minimal changes.
 - Use single quotes unless interpolation or escaping makes double quotes better.
 - Do not put a space before Ruby method-call parentheses.
 - Do not use `%w` or `%i` in new Ruby code.
 - Keep comments short and useful; avoid narrating obvious code.
 - Do not add production dependencies without approval.
 ## Authentication and authorization
 - Authentication is handled through the `X-Transfer-Code` header in `ApplicationController#authenticate_user`.
 - `current_user` is set by looking up `User.inheritance_code`.
 - Do not bypass or weaken the `X-Transfer-Code` flow unless the task explicitly changes authentication.
 - Unauthenticated write actions should return `:unauthorized` consistently with existing controllers.
 - Role checks use `User` enum roles: `guest`, `member`, and `admin`.
 - Use `current_user.gte_member?` for member-or-admin write permissions where existing controllers do so.
 - Use `current_user.admin?` only for admin-only paths, such as tag child relationship changes.
 - Do not replace role checks with looser presence checks.
 ## BAN and IP BAN
 - `ApplicationController` runs these before actions in order:
  - `reject_banned_ip_address!`
  - `authenticate_user`
  - `reject_banned_user!`
 - User and IP bans use `banned_at`, not a boolean `banned` column.
 - `User#banned?` and `IpAddress#banned?` check `banned_at.present?`.
 - Do not weaken BAN or IP BAN behavior.
 - If changing request authentication or controller before actions, add or update request specs covering banned users and banned IP addresses.
 ## RSpec
 - Prefer RSpec for new backend tests.
 - Put API behavior coverage under `spec/requests`.
 - Put model behavior under `spec/models`.
 - Put service behavior under `spec/services`.
 - Put Rake task coverage under `spec/tasks`.
 - `spec/rails_helper.rb` loads `spec/support/**/*.rb`.
 - Request specs include `AuthHelper` and `JsonHelper`.
 - `AuthHelper#sign_in_as(user)` stubs `ApplicationController#current_user`; use it when matching existing request spec style.
 - Add or update request specs for API behavior changes, especially status codes, permissions, response shape, and version conflict behavior.
 ## Migrations
 - Keep migrations and `db/schema.rb` consistent.
 - Use reversible migrations where practical; otherwise define explicit `up` and `down`.
 - For data backfills inside migrations, follow the existing pattern of defining migration-local `ActiveRecord::Base` classes with `self.table_name`.
 - Preserve existing indexes, foreign keys, check constraints, and null constraints.
 - Be careful with MySQL-specific options already present in migrations, such as `after:`.
 - Do not edit old migrations just to change current behavior unless explicitly requested; add a new migration.
 ## Version tables
 - Versioned records include posts, tags, nico tags, and wiki pages.
 - Current records have `version_no`; version tables have positive `version_no` with unique indexes scoped to the parent record.
 - Version event types are `create`, `update`, `discard`, and `restore`.
 - Version rows are readonly through the `VersionRecord` concern.
 - Use the existing recorder services instead of manually inserting version rows in application code:
  - `PostVersionRecorder`
  - `TagVersionRecorder`
  - `NicoTagVersionRecorder`
  - `WikiVersionRecorder`
  - `TagVersioning`
 - `VersionRecorder` locks the current record, validates sequence consistency, skips unchanged update snapshots, creates the next version row, and updates the record `version_no`.
 - Do not update versioned records without considering whether a version snapshot must be created.
 - For optimistic concurrency paths, preserve `base_version_no`, `force`, and `merge` semantics and cover conflicts in request specs.
 ## Domain cautions
 - Posts have tag snapshots, parent post implications, original-created ranges, viewed state, and version conflict behavior.
 - Tags have canonical names, aliases through `TagName`, categories, parent implications, discard behavior, and version snapshots.
 - Nico tags have separate relation/version behavior; do not treat them like normal editable tags without checking existing code.
 - Wiki pages involve page content, revisions/history, version rows, title/tag-name behavior, and diff/restore paths.
 - Materials, theatres, and comments have user and permission checks; inspect the controller before changing them.
 ## API responses
 - Use representation classes under `app/representations` when existing endpoints do.
 - Keep response keys consistent with existing JSON contracts; frontend code expects camelCase conversion client-side, while Rails params and JSON keys are generally snake_case.
 - Preserve existing HTTP status conventions: `:unauthorized` for no user, `:forbidden` for insufficient role or banned user, `:not_found` for missing records, and `:unprocessable_entity` for validation failures.
 ## Files to avoid in routine work
 - Do not inspect or edit `tmp/`, `log/`, `storage/`, `vendor/`, or dependency directories unless explicitly needed.
 - Do not modify generated schema or migration output without the corresponding migration when schema changes are made.
@@ -50,8 +50,6 @@ group :development, :test do
  gem 'factory_bot_rails'
 end
 gem "mysql2", "~> 0.5.6"
 gem "image_processing", "~> 1.14"
@@ -69,3 +67,5 @@ gem 'whenever', require: false
 gem 'discard'
 gem "rspec-rails", "~> 8.0", :groups => [:development, :test]
 gem 'aws-sdk-s3', require: false
@@ -73,6 +73,25 @@ GEM
      tzinfo (~> 2.0, >= 2.0.5)
      uri (>= 0.13.1)
    ast (2.4.3)
    aws-eventstream (1.4.0)
    aws-partitions (1.1231.0)
    aws-sdk-core (3.244.0)
      aws-eventstream (~> 1, >= 1.3.0)
      aws-partitions (~> 1, >= 1.992.0)
      aws-sigv4 (~> 1.9)
      base64
      bigdecimal
      jmespath (~> 1, >= 1.6.1)
      logger
    aws-sdk-kms (1.123.0)
      aws-sdk-core (~> 3, >= 3.244.0)
      aws-sigv4 (~> 1.5)
    aws-sdk-s3 (1.217.0)
      aws-sdk-core (~> 3, >= 3.244.0)
      aws-sdk-kms (~> 1)
      aws-sigv4 (~> 1.5)
    aws-sigv4 (1.12.1)
      aws-eventstream (~> 1, >= 1.0.2)
    base64 (0.2.0)
    bcrypt_pbkdf (1.1.1)
    bcrypt_pbkdf (1.1.1-arm64-darwin)
@@ -157,6 +176,7 @@ GEM
      pp (>= 0.6.0)
      rdoc (>= 4.0.0)
      reline (>= 0.4.2)
    jmespath (1.6.2)
    json (2.12.0)
    jwt (2.10.1)
      base64
@@ -441,6 +461,7 @@ PLATFORMS
  x86_64-linux-musl
 DEPENDENCIES
  aws-sdk-s3
  bootsnap
  brakeman
  diff-lcs
@@ -1,14 +1,16 @@
 class ApplicationController < ActionController::API
  before_action :reject_banned_ip_address!
  before_action :authenticate_user
  before_action :reject_banned_user!
-  def current_user
+  def current_user = @current_user
    @current_user
  end
  private
  def authenticate_user
    code = request.headers['X-Transfer-Code'] || request.headers['HTTP_X_TRANSFER_CODE']
    return if code.blank?
    @current_user = User.find_by(inheritance_code: code)
  end
@@ -22,4 +24,17 @@ class ApplicationController < ActionController::API
      s.in?(['', '1', 'true', 'on', 'yes'])
    end
  end
  def reject_banned_ip_address!
    ip_address = IpAddress.find_by(ip_address: IPAddr.new(request.remote_ip).hton)
    return unless ip_address&.banned?
    head :forbidden
  end
  def reject_banned_user!
    return unless current_user&.banned?
    head :forbidden
  end
 end
@@ -0,0 +1,101 @@
 class MaterialsController < ApplicationController
  def index
    page = (params[:page].presence || 1).to_i
    limit = (params[:limit].presence || 20).to_i
    page = 1 if page < 1
    limit = 1 if limit < 1
    offset = (page - 1) * limit
    tag_id = params[:tag_id].presence
    parent_id = params[:parent_id].presence
    q = Material.includes(:tag, :created_by_user).with_attached_file
    q = q.where(tag_id:) if tag_id
    q = q.where(parent_id:) if parent_id
    count = q.count
    materials = q.order(created_at: :desc, id: :desc).limit(limit).offset(offset)
    render json: { materials: MaterialRepr.many(materials, host: request.base_url), count: count }
  end
  def show
    material =
        Material
        .includes(:tag)
        .with_attached_file
        .find_by(id: params[:id])
    return head :not_found unless material
    wiki_page_body = material.tag.tag_name.wiki_page&.current_revision&.body
    render json: MaterialRepr.base(material, host: request.base_url).merge(wiki_page_body:)
  end
  def create
    return head :unauthorized unless current_user
    tag_name_raw = params[:tag].to_s.strip
    file = params[:file]
    url = params[:url].to_s.strip.presence
    return head :bad_request if tag_name_raw.blank? || (file.blank? && url.blank?)
    tag_name = TagName.find_undiscard_or_create_by!(name: tag_name_raw)
    tag = tag_name.tag
    tag = Tag.create!(tag_name:, category: :material) unless tag
    material = Material.new(tag:, url:,
                            created_by_user: current_user,
                            updated_by_user: current_user)
    material.file.attach(file)
    if material.save
      render json: MaterialRepr.base(material, host: request.base_url), status: :created
    else
      render json: { errors: material.errors.full_messages }, status: :unprocessable_entity
    end
  end
  def update
    return head :unauthorized unless current_user
    return head :forbidden unless current_user.gte_member?
    material = Material.with_attached_file.find_by(id: params[:id])
    return head :not_found unless material
    tag_name_raw = params[:tag].to_s.strip
    file = params[:file]
    url = params[:url].to_s.strip.presence
    return head :bad_request if tag_name_raw.blank? || (file.blank? && url.blank?)
    tag_name = TagName.find_undiscard_or_create_by!(name: tag_name_raw)
    tag = tag_name.tag
    tag = Tag.create!(tag_name:, category: :material) unless tag
    material.update!(tag:, url:, updated_by_user: current_user)
    if file
      material.file.attach(file)
    else
      material.file.purge
    end
    if material.save
      render json: MaterialRepr.base(material, host: request.base_url)
    else
      render json: { errors: material.errors.full_messages }, status: :unprocessable_entity
    end
  end
  def destroy
    return head :unauthorized unless current_user
    return head :forbidden unless current_user.gte_member?
    material = Material.find_by(id: params[:id])
    return head :not_found unless material
    material.discard
    head :no_content
  end
 end
@@ -30,14 +30,21 @@ class NicoTagsController < ApplicationController
    id = params[:id].to_i
    tag = Tag.find(id)
-    return head :bad_request if tag.category != 'nico'
+    return head :bad_request unless tag.nico?
-    linked_tag_names = params[:tags].to_s.split(' ')
+    linked_tag_names = params[:tags].to_s.split
-    linked_tags = Tag.normalise_tags(linked_tag_names, with_tagme: false)
+    linked_tags = Tag.normalise_tags!(linked_tag_names, with_tagme: false,
-    return head :bad_request if linked_tags.any? { |t| t.category == 'nico' }
+                                                        with_no_deerjikist: false)
    return head :bad_request if linked_tags.any? { |t| t.nico? }
-    tag.linked_tags = linked_tags
+    ApplicationRecord.transaction do
-    tag.save!
+      TagVersioning.record_tag_snapshots!(linked_tags, created_by_user: current_user)
      tag.linked_tags = linked_tags
      tag.save!
      NicoTagVersionRecorder.record!(tag:, event_type: :update, created_by_user: current_user)
    end
    render json: tag.linked_tags.map { |t| TagRepr.base(t) }, status: :ok
  end
@@ -0,0 +1,119 @@
 class PostVersionsController < ApplicationController
  def index
    post_id = params[:post].presence
    tag_id = params[:tag].presence
    page = (params[:page].presence || 1).to_i
    limit = (params[:limit].presence || 20).to_i
    page = 1 if page < 1
    limit = 1 if limit < 1
    offset = (page - 1) * limit
    tag_name =
        if tag_id
          TagName.joins(:tag).find_by(tag: { id: tag_id })
        end
    return render json: { versions: [], count: 0 } if tag_id && tag_name.blank?
    q = PostVersion.joins(<<~SQL.squish)
          LEFT JOIN
            post_versions prev
            ON
              prev.post_id = post_versions.post_id
              AND prev.version_no = post_versions.version_no - 1
        SQL
        .select('post_versions.*', 'prev.title AS prev_title', 'prev.url AS prev_url',
                'prev.thumbnail_base AS prev_thumbnail_base', 'prev.tags AS prev_tags',
                'prev.original_created_from AS prev_original_created_from',
                'prev.original_created_before AS prev_original_created_before')
    q = q.where('post_versions.post_id = ?', post_id) if post_id
    if tag_name
      escaped = ActiveRecord::Base.sanitize_sql_like(tag_name.name)
      q = q.where(("CONCAT(' ', post_versions.tags, ' ') LIKE :kw " +
                   "OR CONCAT(' ', prev.tags, ' ') LIKE :kw"),
                  kw: "% #{ escaped } %")
    end
    count = q.except(:select, :order, :limit, :offset).count
    versions = q.order(Arel.sql('post_versions.created_at DESC, post_versions.id DESC'))
                .limit(limit)
                .offset(offset)
    render json: { versions: serialise_versions(versions), count: }
  end
  private
  def serialise_versions rows
    user_ids = rows.map(&:created_by_user_id).compact.uniq
    users_by_id = User.where(id: user_ids).pluck(:id, :name).to_h
    rows.map do |row|
      cur_tags = split_tags(row.tags)
      prev_tags = split_tags(row.attributes['prev_tags'])
      {
        post_id: row.post_id,
        version_no: row.version_no,
        event_type: row.event_type,
        title: {
          current: row.title,
          prev: row.attributes['prev_title']
        },
        url: {
          current: row.url,
          prev: row.attributes['prev_url']
        },
        thumbnail: {
          current: nil,
          prev: nil
        },
        thumbnail_base: {
          current: row.thumbnail_base,
          prev: row.attributes['prev_thumbnail_base']
        },
        tags: build_version_tags(cur_tags, prev_tags),
        original_created_from: {
          current: row.original_created_from&.iso8601,
          prev: row.attributes['prev_original_created_from']&.iso8601
        },
        original_created_before: {
          current: row.original_created_before&.iso8601,
          prev: row.attributes['prev_original_created_before']&.iso8601
        },
        created_at: row.created_at.iso8601,
        created_by_user:
          if row.created_by_user_id
            {
              id: row.created_by_user_id,
              name: users_by_id[row.created_by_user_id]
            }
          end
      }
    end
  end
  def build_version_tags(cur_tags, prev_tags)
    (cur_tags | prev_tags).map do |name|
      type =
        if cur_tags.include?(name) && prev_tags.include?(name)
          'context'
        elsif cur_tags.include?(name)
          'added'
        else
          'removed'
        end
      {
        name:,
        type:
      }
    end
  end
  def split_tags(tags)
    tags.to_s.split(/\s+/).reject(&:blank?)
  end
 end
@@ -44,7 +44,8 @@ class PostsController < ApplicationController
        filtered_posts
        .joins("LEFT JOIN (#{ pt_max_sql }) pt_max ON pt_max.post_id = posts.id")
        .reselect('posts.*', Arel.sql("#{ updated_at_all_sql } AS updated_at_all"))
-        .preload(tags: { tag_name: :wiki_page })
+        .preload(:parents, :children,
                 tags: [:deerjikists, :materials, { tag_name: :wiki_page }])
        .with_attached_thumbnail
    q = q.where('posts.url LIKE ?', "%#{ url }%") if url
@@ -75,7 +76,7 @@ class PostsController < ApplicationController
        else
          "posts.#{ order[0] }"
        end
-    posts = q.order(Arel.sql("#{ sort_sql } #{ order[1] }, id #{ order[1] }"))
+    posts = q.order(Arel.sql("#{ sort_sql } #{ order[1] }, posts.id #{ order[1] }"))
             .limit(limit)
             .offset(offset)
             .to_a
@@ -95,28 +96,26 @@ class PostsController < ApplicationController
  end
  def random
-    post = filtered_posts.preload(tags: { tag_name: :wiki_page })
+    post = filtered_posts.preload(:parents, :childern,
                                  tags: [:deerjikists, :materials, { tag_name: :wiki_page }])
                         .order('RAND()')
                         .first
    return head :not_found unless post
-    viewed = current_user&.viewed?(post) || false
+    render json: PostRepr.base(post, current_user)
    render json: PostRepr.base(post).merge(viewed:)
  end
  def show
-    post = Post.includes(tags: { tag_name: :wiki_page }).find_by(id: params[:id])
+    post = Post
           .preload(:parents, :children)
           .includes(:parents, :children,
                     tags: [:deerjikists, :materials, { tag_name: :wiki_page }])
           .find_by(id: params[:id])
    return head :not_found unless post
-    viewed = current_user&.viewed?(post) || false
+    render json: PostRepr.base(post, current_user)
-
+                         .merge(tags: build_tag_tree_for(post.tags),
-    json = post.as_json
+                                related: PostRepr.many(post.related(limit: 20)))
    json['tags'] = build_tag_tree_for(post.tags)
    json['related'] = post.related(limit: 20)
    json['viewed'] = viewed
    render json:
  end
  def create
@@ -130,23 +129,36 @@ class PostsController < ApplicationController
    tag_names = params[:tags].to_s.split
    original_created_from = params[:original_created_from]
    original_created_before = params[:original_created_before]
    parent_post_ids = parse_parent_post_ids
    post = Post.new(title:, url:, thumbnail_base: nil, uploaded_user: current_user,
                    original_created_from:, original_created_before:)
-    post.thumbnail.attach(thumbnail)
+    post.thumbnail.attach(thumbnail) if thumbnail.present?
-    if post.save
+
-      post.resized_thumbnail!
+    ApplicationRecord.transaction do
-      tags = Tag.normalise_tags(tag_names)
+      post.save!
      tags = Tag.normalise_tags!(tag_names)
      TagVersioning.record_tag_snapshots!(tags, created_by_user: current_user)
      tags = Tag.expand_parent_tags(tags)
      sync_post_tags!(post, tags)
-      post.reload
+      sync_parent_posts!(post, parent_post_ids)
-      render json: PostRepr.base(post), status: :created
+
-    else
+      post.resized_thumbnail!
-      render json: { errors: post.errors.full_messages }, status: :unprocessable_entity
+
      PostVersionRecorder.record!(post:, event_type: :create, created_by_user: current_user)
    end
    post.reload
    render json: PostRepr.base(post), status: :created
  rescue Tag::NicoTagNormalisationError
    head :bad_request
  rescue ArgumentError => e
    render json: { errors: [e.message] }, status: :unprocessable_entity
  rescue ActiveRecord::RecordInvalid => e
    render json: { errors: e.record.errors.full_messages }, status: :unprocessable_entity
  end
  def viewed
@@ -167,31 +179,81 @@ class PostsController < ApplicationController
    return head :unauthorized unless current_user
    return head :forbidden unless current_user.gte_member?
    force = bool?(:force)
    merge = bool?(:merge)
    return head :bad_request if force && merge
    base_version_no = parse_base_version_no
    return head :bad_request if !(force) && !(base_version_no)
    title = params[:title].presence
    tag_names = params[:tags].to_s.split
    original_created_from = params[:original_created_from]
    original_created_before = params[:original_created_before]
    parent_post_ids = parse_parent_post_ids
-    post = Post.find(params[:id].to_i)
+    post = nil
-    if post.update(title:, original_created_from:, original_created_before:)
+    conflict_json = nil
      tags = post.tags.where(category: 'nico').to_a +
             Tag.normalise_tags(tag_names, with_tagme: false)
      tags = Tag.expand_parent_tags(tags)
      sync_post_tags!(post, tags)
-      post.reload
+    ApplicationRecord.transaction do
-      json = post.as_json
+      post = Post.lock.find(params[:id].to_i)
-      json['tags'] = build_tag_tree_for(post.tags)
+
-      render json:, status: :ok
+      base_version = nil
-    else
+      base_snapshot = nil
-      render json: post.errors, status: :unprocessable_entity
+      current_snapshot = nil
      unless force
        base_version = post.post_versions.find_by!(version_no: base_version_no)
        base_snapshot = post_snapshot_from_version(base_version)
        current_snapshot = post_snapshot_from_record(post)
      end
      incoming_snapshot = post_incoming_snapshot(title:,
                                                 original_created_from:,
                                                 original_created_before:,
                                                 tag_names:,
                                                 parent_post_ids:)
      snapshot_to_apply =
          if force || post.version_no == base_version_no || current_snapshot == base_snapshot
            incoming_snapshot
          else
            changes = post_snapshot_changes(base_snapshot, current_snapshot, incoming_snapshot)
            conflicts = changes.select { |change| change[:conflict] }
            if merge && conflicts.empty?
              merge_post_snapshots(base_snapshot, current_snapshot, incoming_snapshot)
            else
              conflict_json = post_conflict_json(post:,
                                                 base_version_no:,
                                                 base_snapshot:,
                                                 current_snapshot:,
                                                 incoming_snapshot:,
                                                 changes:,
                                                 conflicts:)
              raise ActiveRecord::Rollback
            end
          end
      apply_post_snapshot!(post, snapshot_to_apply)
    end
    return render json: conflict_json, status: :conflict if conflict_json
    post.reload
    json = PostRepr.base(post, current_user)
    json['tags'] = build_tag_tree_for(post.tags)
    render json:, status: :ok
  rescue Tag::NicoTagNormalisationError
    head :bad_request
  rescue ArgumentError => e
    render json: { errors: [e.message] }, status: :unprocessable_entity
  rescue ActiveRecord::RecordInvalid => e
    render json: { errors: e.record.errors.full_messages }, status: :unprocessable_entity
  end
  def changes
    id = params[:id].presence
    tag_id = params[:tag].presence
    page = (params[:page].presence || 1).to_i
    limit = (params[:limit].presence || 20).to_i
@@ -202,8 +264,9 @@ class PostsController < ApplicationController
    pts = PostTag.with_discarded
    pts = pts.where(post_id: id) if id.present?
    pts = pts.where(tag_id:) if tag_id.present?
    pts = pts.includes(:post, :created_user, :deleted_user,
-                       tag: { tag_name: :wiki_page })
+                       tag: [:deerjikists, :materials, { tag_name: :wiki_page }])
    events = []
    pts.each do |pt|
@@ -245,19 +308,41 @@ class PostsController < ApplicationController
  end
  def filter_posts_by_tags tag_names, match_type
-    tag_names = TagName.canonicalise(tag_names)
+    literals = tag_names.map do |raw_name|
      { name: TagName.canonicalise(raw_name.sub(/\Anot:/i, '')).first,
        negative: raw_name.downcase.start_with?('not:') }
    end
-    posts = Post.joins(tags: :tag_name)
+    return Post.all if literals.empty?
    if match_type == 'any'
-      posts.where(tag_names: { name: tag_names }).distinct
+      literals.reduce(Post.none) do |posts, literal|
        posts.or(tag_literal_relation(literal[:name], negative: literal[:negative]))
      end
    else
-      posts.where(tag_names: { name: tag_names })
+      literals.reduce(Post.all) do |posts, literal|
-           .group('posts.id')
+        ids = tagged_post_ids_for(literal[:name])
-           .having('COUNT(DISTINCT tag_names.id) = ?', tag_names.uniq.size)
+        if literal[:negative]
          posts.where.not(id: ids)
        else
          posts.where(id: ids)
        end
      end
    end
  end
  def tag_literal_relation name, negative:
    ids = tagged_post_ids_for(name)
    if negative
      Post.where.not(id: ids)
    else
      Post.where(id: ids)
    end
  end
  def tagged_post_ids_for(name) =
      Post.joins(tags: :tag_name).where(tag_names: { name: }).select(:id)
  def sync_post_tags! post, desired_tags
    desired_tags.each do |t|
      t.save! if t.new_record?
@@ -323,4 +408,242 @@ class PostsController < ApplicationController
    root_ids.filter_map { |id| build_node.call(id, []) }
  end
  def parse_parent_post_ids
    raise ArgumentError, 'parent_post_ids は必須です．' unless params.key?(:parent_post_ids)
    params[:parent_post_ids].to_s.split.map { |token|
      id = Integer(token, exception: false)
      raise ArgumentError, "親投稿 Id. が不正です: #{ token }" if id.nil? || id <= 0
      id
    }.uniq
  end
  def sync_parent_posts! post, parent_post_ids
    if parent_post_ids.include?(post.id)
      post.errors.add(:base, '自分自身を親投稿にはできません．')
      raise ActiveRecord::RecordInvalid, post
    end
    existing_ids = Post.where(id: parent_post_ids).pluck(:id)
    missing_ids = parent_post_ids - existing_ids
    if missing_ids.present?
      post.errors.add(:base, "存在しない親投稿 ID があります: #{ missing_ids.join(' ') }")
      raise ActiveRecord::RecordInvalid, post
    end
    current_ids = post.parent_posts.pluck(:id)
    ids_to_add = parent_post_ids - current_ids
    ids_to_remove = current_ids - parent_post_ids
    PostImplication.where(post_id: post.id, parent_post_id: ids_to_remove).delete_all
    ids_to_add.each do |parent_post_id|
      PostImplication.create_or_find_by!(post_id: post.id, parent_post_id:)
    end
  end
  def parse_base_version_no
    version_no = Integer(params[:base_version_no], exception: false)
    if version_no&.positive?
      version_no
    else
      nil
    end
  end
  def post_snapshot_from_version version
    { title: version.title,
      original_created_from: snapshot_time(version.original_created_from),
      original_created_before: snapshot_time(version.original_created_before),
      tag_names: editable_tag_names_from_version(version),
      parent_post_ids: snapshot_parent_post_ids_from_version(version) }
  end
  def editable_tag_names_from_version version
    version.tags.to_s.split.reject { |name| name.downcase.start_with?('nico:') }.sort
  end
  def post_snapshot_from_record post
    { title: post.title,
      original_created_from: snapshot_time(post.original_created_from),
      original_created_before: snapshot_time(post.original_created_before),
      tag_names: editable_tag_names_from_post(post),
      parent_post_ids: post.parent_posts.order(:id).pluck(:id) }
  end
  def editable_tag_names_from_post post
    post.tags.not_nico.joins(:tag_name).order('tag_names.name').pluck('tag_names.name')
  end
  def post_incoming_snapshot title:, original_created_from:, original_created_before:,
                             tag_names:, parent_post_ids:
    { title:,
      original_created_from: snapshot_time(original_created_from),
      original_created_before: snapshot_time(original_created_before),
      tag_names: incoming_tag_names_for_snapshot(tag_names),
      parent_post_ids: parent_post_ids.sort }
  end
  def snapshot_parent_post_ids_from_version version
    if version.respond_to?(:parent_post_ids)
      version.parent_post_ids.to_s.split.map { |id| id.to_i }.sort
    elsif version.respond_to?(:parent_id) && version.parent_id
      [version.parent_id]
    else
      []
    end
  end
  def snapshot_time value
    return nil if value.blank?
    value = Time.zone.parse(value.to_s) if value in String
    value&.in_time_zone&.iso8601(6)
  rescue ArgumentError, TypeError
    value.to_s
  end
  def incoming_tag_names_for_snapshot raw_tag_names
    tags = Tag.normalise_tags!(raw_tag_names, with_tagme: false)
    Tag.expand_parent_tags(tags).map(&:name).uniq.sort
  end
  def post_conflict_json post:, base_version_no:, base_snapshot:,
                         current_snapshot:, incoming_snapshot:, changes:, conflicts:
    { error: 'conflict',
      message: '競合が発生しました．',
      post_id: post.id,
      base_version_no:,
      current_version_no: post.version_no,
      base: base_snapshot,
      current: current_snapshot,
      mine: incoming_snapshot,
      changes:,
      conflicts:,
      mergeable: conflicts.empty? }
  end
  def post_snapshot_changes base_snapshot, current_snapshot, incoming_snapshot
    [scalar_snapshot_change(:title, 'タイトル',
                            base_snapshot, current_snapshot, incoming_snapshot),
     scalar_snapshot_change(:original_created_from, 'オリジナルの作成日時（以降）',
                            base_snapshot, current_snapshot, incoming_snapshot),
     scalar_snapshot_change(:original_created_before, 'オリジナルの作成日時（より前）',
                            base_snapshot, current_snapshot, incoming_snapshot),
     set_snapshot_change(:tag_names, 'タグ',
                         base_snapshot, current_snapshot, incoming_snapshot),
     set_snapshot_change(:parent_post_ids, '親投稿',
                         base_snapshot, current_snapshot, incoming_snapshot)].compact
  end
  def scalar_snapshot_change field, label, base_snapshot, current_snapshot, incoming_snapshot
    base = base_snapshot[field]
    current = current_snapshot[field]
    mine = incoming_snapshot[field]
    return nil if current == base && mine == base
    { field:, label:, base:, current:, mine:,
      changed_by_current: current != base,
      changed_by_me: mine != base,
      conflict: scalar_snapshot_conflict?(base, current, mine) }
  end
  def scalar_snapshot_conflict? base, current, mine
    current != base && mine != base && current != mine
  end
  def set_snapshot_change field, label, base_snapshot, current_snapshot, incoming_snapshot
    base = base_snapshot[field].to_a
    current = current_snapshot[field].to_a
    mine = incoming_snapshot[field].to_a
    added_by_current = current - base
    removed_by_current = base - current
    added_by_me = mine - base
    removed_by_me = base - mine
    if (added_by_current.empty? &&
        removed_by_current.empty? &&
        added_by_me.empty? &&
        removed_by_me.empty?)
      return nil
    end
    { field:, label:, base:, current:, mine:, added_by_current:, removed_by_current:,
      added_by_me:, removed_by_me:,
      changed_by_current: added_by_current.present? || removed_by_current.present?,
      changed_by_me: added_by_me.present? || removed_by_me.present?,
      conflict: set_snapshot_conflict?(added_by_current:,
                                       removed_by_current:,
                                       added_by_me:,
                                       removed_by_me:) }
  end
  def set_snapshot_conflict? added_by_current:, removed_by_current:,
                             added_by_me:, removed_by_me:
    (added_by_current & removed_by_me).present? || (removed_by_current & added_by_me).present?
  end
  def apply_post_snapshot! post, snapshot
    PostVersionRecorder.ensure_snapshot!(post, created_by_user: current_user)
    post.update!(title: snapshot[:title],
                 original_created_from: snapshot[:original_created_from],
                 original_created_before: snapshot[:original_created_before])
    editable_tags = Tag.normalise_tags!(snapshot[:tag_names], with_tagme: false)
    TagVersioning.record_tag_snapshots!(editable_tags, created_by_user: current_user)
    readonly_tags = post.tags.nico.to_a
    tags = readonly_tags + editable_tags
    tags = Tag.expand_parent_tags(tags)
    sync_post_tags!(post, tags)
    sync_parent_posts!(post, snapshot[:parent_post_ids])
    PostVersionRecorder.record!(post:, event_type: :update, created_by_user: current_user)
  end
  def merge_post_snapshots base_snapshot, current_snapshot, incoming_snapshot
    [:title, :original_created_from, :original_created_before].map {
      [_1, merge_scalar_snapshot_value(base_snapshot[_1],
                                       current_snapshot[_1],
                                       incoming_snapshot[_1])]
    }.to_h.merge([:tag_names, :parent_post_ids].map {
      [_1, merge_set_snapshot_value(base_snapshot[_1],
                                    current_snapshot[_1],
                                    incoming_snapshot[_1])]
    }.to_h)
  end
  def merge_scalar_snapshot_value base, current, mine
    return mine if current == base
    return current if mine == base || current == mine
    raise ArgumentError, '競合してゐる項目はマージできません．'
  end
  def merge_set_snapshot_value base, current, mine
    base = base.to_a
    current = current.to_a
    mine = mine.to_a
    added_by_current = current - base
    removed_by_current = base - current
    added_by_me = mine - base
    removed_by_me = base - mine
    merged = base + added_by_current + added_by_me
    merged -= removed_by_current
    merged -= removed_by_me
    merged.uniq.sort
  end
 end
@@ -7,7 +7,16 @@ class TagChildrenController < ApplicationController
    child_id = params[:child_id]
    return head :bad_request if parent_id.blank? || child_id.blank?
-    Tag.find(parent_id).children << Tag.find(child_id) rescue nil
+    parent = Tag.find(parent_id)
    child = Tag.find(child_id)
    return head :bad_request if parent.nico? || child.nico?
    ApplicationRecord.transaction do
      TagVersioning.ensure_snapshot!(child, created_by_user: current_user)
      TagImplication.find_or_create_by!(parent_tag: parent, tag: child)
      TagVersionRecorder.record!(tag: child, event_type: :update, created_by_user: current_user)
    end
    head :no_content
  end
@@ -20,7 +29,16 @@ class TagChildrenController < ApplicationController
    child_id = params[:child_id]
    return head :bad_request if parent_id.blank? || child_id.blank?
-    Tag.find(parent_id).children.delete(Tag.find(child_id)) rescue nil
+    parent = Tag.find(parent_id)
    child = Tag.find(child_id)
    return head :bad_request if parent.nico? || child.nico?
    ApplicationRecord.transaction do
      TagVersioning.ensure_snapshot!(child, created_by_user: current_user)
      TagImplication.find_by(parent_tag: parent, tag: child)&.destroy!
      TagVersionRecorder.record!(tag: child, event_type: :update, created_by_user: current_user)
    end
    head :no_content
  end
@@ -0,0 +1,92 @@
 class TagVersionsController < ApplicationController
  def index
    tag_id = params[:id].presence
    page = (params[:page].presence || 1).to_i
    limit = (params[:limit].presence || 20).to_i
    page = 1 if page < 1
    limit = 1 if limit < 1
    offset = (page - 1) * limit
    q = TagVersion.joins(<<~SQL.squish)
          LEFT JOIN
            tag_versions prev
            ON
              prev.tag_id = tag_versions.tag_id
              AND prev.version_no = tag_versions.version_no - 1
        SQL
      .select('tag_versions.*', 'prev.name AS prev_name', 'prev.category AS prev_category',
              'prev.aliases AS prev_aliases', 'prev.parent_tag_ids AS prev_parent_tag_ids')
    q = q.where('tag_versions.tag_id = ?', tag_id) if tag_id
    count = q.except(:select, :order, :limit, :offset).count
    versions = q.order(Arel.sql('tag_versions.created_at DESC, tag_versions.id DESC'))
                .limit(limit)
                .offset(offset)
    render json: { versions: serialise_versions(versions), count: }
  end
  private
  def serialise_versions rows
    user_ids = rows.map(&:created_by_user_id).compact.uniq
    users_by_id = User.where(id: user_ids).pluck(:id, :name).to_h
    rows.map do |row|
      cur_aliases = split_values(row.aliases)
      prev_aliases = split_values(row.attributes['prev_aliases'])
      cur_parent_tag_ids = split_parent_tag_ids(row.parent_tag_ids)
      prev_parent_tag_ids = split_parent_tag_ids(row.attributes['prev_parent_tag_ids'])
      all_parent_tag_ids = (cur_parent_tag_ids | prev_parent_tag_ids)
      tags_by_id =
          Tag
          .includes(:tag_name, :materials, { tag_name: :wiki_page })
          .where(id: all_parent_tag_ids)
          .index_by(&:id)
      parent_tags =
          build_version_values(cur_parent_tag_ids, prev_parent_tag_ids, key: :tag_id)
          .map do |h|
            { tag: TagRepr.base(tags_by_id[h[:tag_id]]),
              type: h[:type] }
          end
      { tag_id: row.tag_id,
        version_no: row.version_no,
        event_type: row.event_type,
        name: { current: row.name, prev: row.attributes['prev_name'] },
        category: { current: row.category, prev: row.attributes['prev_category'] },
        aliases: build_version_values(cur_aliases, prev_aliases, key: :name),
        parent_tags:,
        created_at: row.created_at.iso8601,
        created_by_user: row.created_by_user_id &&
                         { id: row.created_by_user_id,
                           name: users_by_id[row.created_by_user_id] } }
    end
  end
  def build_version_values cur_values, prev_values, key:
    (cur_values | prev_values).map do |value|
      type =
          if cur_values.include?(value) && prev_values.include?(value)
            'context'
          elsif cur_values.include?(value)
            'added'
          else
            'removed'
          end
      { key => value, type: }
    end
  end
  def split_values(values) = values.to_s.split(/\s+/).reject(&:blank?)
  def split_parent_tag_ids(values) = split_values(values).map(&:to_i)
 end
@@ -1,24 +1,118 @@
 require 'net/http'
 require 'uri'
 class TagsController < ApplicationController
  def index
    post_id = params[:post]
-    tags =
+    name = params[:name].presence
    category = params[:category].presence
    post_count_between = (params[:post_count_gte].presence || -1).to_i,
                         (params[:post_count_lte].presence || -1).to_i
    post_count_between[0] = nil if post_count_between[0] < 0
    post_count_between[1] = nil if post_count_between[1] < 0
    created_between = params[:created_from].presence, params[:created_to].presence
    updated_between = params[:updated_from].presence, params[:updated_to].presence
    order = params[:order].to_s.split(':', 2).map(&:strip)
    unless order[0].in?(['name', 'category', 'post_count', 'created_at', 'updated_at'])
      order[0] = 'post_count'
    end
    unless order[1].in?(['asc', 'desc'])
      order[1] = order[0].in?(['name', 'category']) ? 'asc' : 'desc'
    end
    page = (params[:page].presence || 1).to_i
    limit = (params[:limit].presence || 20).to_i
    page = 1 if page < 1
    limit = 1 if limit < 1
    offset = (page - 1) * limit
    q =
        if post_id.present?
          Tag.joins(:posts, :tag_name)
        else
          Tag.joins(:tag_name)
        end
-        .includes(:tag_name, tag_name: :wiki_page)
+        .includes(:tag_name, :materials, tag_name: :wiki_page)
-    if post_id.present?
+    q = q.where(posts: { id: post_id }) if post_id.present?
      tags = tags.where(posts: { id: post_id })
    end
-    render json: TagRepr.base(tags)
+    q = q.where('tag_names.name LIKE ?', "%#{ name }%") if name
    q = q.where(category:) if category
    q = q.where('tags.post_count >= ?', post_count_between[0]) if post_count_between[0]
    q = q.where('tags.post_count <= ?', post_count_between[1]) if post_count_between[1]
    q = q.where('tags.created_at >= ?', created_between[0]) if created_between[0]
    q = q.where('tags.created_at <= ?', created_between[1]) if created_between[1]
    q = q.where('tags.updated_at >= ?', updated_between[0]) if updated_between[0]
    q = q.where('tags.updated_at <= ?', updated_between[1]) if updated_between[1]
    sort_sql =
        case order[0]
        when 'name'
          'tag_names.name'
        when 'category'
          'CASE tags.category ' +
          "WHEN 'deerjikist' THEN 0 " +
          "WHEN 'meme' THEN 1 " +
          "WHEN 'character' THEN 2 " +
          "WHEN 'general' THEN 3 " +
          "WHEN 'material' THEN 4 " +
          "WHEN 'meta' THEN 5 " +
          "WHEN 'nico' THEN 6 END"
        else
          "tags.#{ order[0] }"
        end
    tags = q.order(Arel.sql("#{ sort_sql } #{ order[1] }, tags.id #{ order[1] }"))
            .limit(limit)
            .offset(offset)
            .to_a
    render json: { tags: TagRepr.many(tags), count: q.size }
  end
  def with_depth
    parent_tag_id = params[:parent].to_i
    parent_tag_id = nil if parent_tag_id <= 0
    tag_ids =
        if parent_tag_id
          TagImplication.where(parent_tag_id:).select(:tag_id)
        else
          Tag.where.not(id: TagImplication.select(:tag_id)).select(:id)
        end
    tags =
        Tag
        .joins(:tag_name)
        .includes(:tag_name, :materials, tag_name: :wiki_page)
        .where(category: [:meme, :character, :material])
        .where(id: tag_ids)
        .order('tag_names.name')
        .distinct
        .to_a
    has_children_tag_ids =
        if tags.empty?
          []
        else
          TagImplication
              .joins(:tag)
              .where(parent_tag_id: tags.map(&:id),
                     tags: { category: [:meme, :character, :material] })
              .distinct
              .pluck(:parent_tag_id)
        end
    render json: tags.map { |tag|
      TagRepr.base(tag).merge(has_children: has_children_tag_ids.include?(tag.id), children: [])
    }
  end
  def autocomplete
-    q = params[:q].to_s.strip
+    q = params[:q].to_s.strip.sub(/\Anot:/i, '')
    return render json: [] if q.blank?
    with_nico = bool?(:nico, default: true)
    present_only = bool?(:present, default: true)
@@ -38,7 +132,7 @@ class TagsController < ApplicationController
    end
    base = Tag.joins(:tag_name)
-              .includes(:tag_name, tag_name: :wiki_page)
+              .includes(:tag_name, :materials, tag_name: :wiki_page)
    base = base.where('tags.post_count > 0') if present_only
    canonical_hit =
@@ -63,7 +157,7 @@ class TagsController < ApplicationController
  def show
    tag = Tag.joins(:tag_name)
-             .includes(:tag_name, tag_name: :wiki_page)
+             .includes(:tag_name, :materials, tag_name: :wiki_page)
             .find_by(id: params[:id])
    if tag
      render json: TagRepr.base(tag)
@@ -77,7 +171,7 @@ class TagsController < ApplicationController
    return head :bad_request if name.blank?
    tag = Tag.joins(:tag_name)
-             .includes(:tag_name, tag_name: :wiki_page)
+             .includes(:tag_name, :materials, tag_name: :wiki_page)
             .find_by(tag_names: { name: })
    if tag
      render json: TagRepr.base(tag)
@@ -92,7 +186,8 @@ class TagsController < ApplicationController
             .find_by(id: params[:id])
    return head :not_found unless tag
-    render json: DeerjikistRepr.many(tag.deerjikists)
+    render json: { tag: TagRepr.base(tag),
                   deerjikists: DeerjikistRepr.many(tag.deerjikists) }
  end
  def deerjikists_by_name
@@ -104,7 +199,97 @@ class TagsController < ApplicationController
             .find_by(tag_names: { name: })
    return head :not_found unless tag
-    render json: DeerjikistRepr.many(tag.deerjikists)
+    render json: { tag: TagRepr.base(tag),
                   deerjikists: DeerjikistRepr.many(tag.deerjikists) }
  end
  def update_deerjikists
    return head :unauthorized unless current_user
    return head :forbidden unless current_user.gte_member?
    tag = Tag.joins(:tag_name)
             .includes(:tag_name, tag_name: :wiki_page)
             .find_by(id: params[:id])
    return head :not_found unless tag
    ApplicationRecord.transaction do
      tag.deerjikists = []
      params[:_json].each do
        platform = _1[:platform]
        code = normalise_deerjikist_code(platform, _1[:code])
        deerjikist = Deerjikist.find_or_initialize_by(platform:, code:)
        deerjikist.tag = tag
        deerjikist.save!
      end
    end
    render json: DeerjikistRepr.many(tag.reload.deerjikists)
  end
  def materials_by_name
    name = params[:name].to_s.strip
    return head :bad_request if name.blank?
    tag = Tag.joins(:tag_name)
             .includes(:tag_name, :materials, tag_name: :wiki_page)
             .find_by(tag_names: { name: })
    return head :not_found unless tag
    render json: build_tag_children(tag)
  end
  def update_all
    return head :unauthorized unless current_user
    return head :forbidden unless current_user.gte_member?
    tag = Tag.find_by(id: params[:id])
    return head :not_found unless tag
    name = params[:name].to_s.strip
    category = params[:category].to_s.strip
    return head :unprocessable_entity if name.blank? || category.blank?
    if name != tag.name &&
        tag.in?([Tag.tagme, Tag.bot, Tag.no_deerjikist, Tag.video, Tag.niconico])
      return render json: { error: 'システム・タグの名称は変更できません．' },
                    status: :unprocessable_entity
    end
    if tag.nico? || category == 'nico'
      return render json: { error: 'ニコタグは変更できません．' },
                    status: :unprocessable_entity
    end
    alias_names = params[:aliases].to_s.split.uniq
    parent_names = params[:parent_tags].to_s.split.uniq
    ApplicationRecord.transaction do
      TagVersioning.ensure_snapshot!(tag, created_by_user: current_user)
      old_name = tag.name
      name_changed = name != old_name
      wiki_page = tag.tag_name.wiki_page if name_changed
      tag.update!(category:)
      tag.tag_name.update!(name:)
      alias_names << old_name if name_changed
      alias_names.delete(name)
      update_aliases!(tag, alias_names)
      update_parent_tags!(tag, parent_names)
      tag.reload
      record_tag_version!(
          tag,
          event_type: :update,
          created_by_user: current_user,
          name_changed:,
          wiki_page:)
    end
    render json: TagRepr.base(tag.reload)
  end
  def update
@@ -116,14 +301,140 @@ class TagsController < ApplicationController
    tag = Tag.find(params[:id])
-    if name.present?
+    if tag.nico? || (category.present? && category == 'nico')
-      tag.tag_name.update!(name:)
+      return render json: { error: 'ニコタグは変更できません．' },
                    status: :unprocessable_entity
    end
-    if category.present?
+    ApplicationRecord.transaction do
-      tag.update!(category:)
+      TagVersioning.ensure_snapshot!(tag, created_by_user: current_user)
      old_name = tag.name
      name_changed = name.present? && name != old_name
      wiki_page = tag.tag_name.wiki_page if name_changed
      tag.tag_name.update!(name:) if name.present?
      tag.update!(category:) if category.present?
      tag.reload
      record_tag_version!(
          tag,
          event_type: :update,
          created_by_user: current_user,
          name_changed:,
          wiki_page:)
    end
-    render json: TagRepr.base(tag)
+    render json: TagRepr.base(tag.reload)
  end
  private
  def build_tag_children tag
    material = tag.materials.first
    file = nil
    content_type = nil
    if material&.file&.attached?
      file = rails_storage_proxy_url(material.file, only_path: false)
      content_type = material.file.blob.content_type
    end
    TagRepr.base(tag).merge(
        children: tag.children.sort_by { _1.name }.map { build_tag_children(_1) },
        material: material.as_json&.merge(file:, content_type:))
  end
  def record_tag_version! tag, event_type:, created_by_user:, name_changed: false, wiki_page: nil
    if tag.nico?
      NicoTagVersionRecorder.record!(tag:, event_type:, created_by_user:)
      return
    end
    TagVersionRecorder.record!(tag:, event_type:, created_by_user:)
    return unless name_changed
    wiki_page ||= tag.tag_name.wiki_page
    return unless wiki_page&.wiki_versions&.exists?
    WikiVersionRecorder.record!(
        page: wiki_page,
        event_type: :update,
        created_by_user:)
  end
  def update_aliases! tag, alias_names
    alias_names = alias_names.uniq
    affected_tags = [tag]
    current_aliases = tag.tag_name.aliases.to_a
    current_aliases.each do |alias_tag_name|
      next if alias_names.include?(alias_tag_name.name)
      affected_tags << alias_tag_name.canonical&.tag
    end
    alias_names.each do |alias_name|
      alias_tag_name = TagName.find_undiscard_or_create_by!(name: alias_name)
      affected_tags << alias_tag_name.canonical&.tag
    end
    affected_tags.compact.uniq.each do |affected_tag|
      TagVersioning.ensure_snapshot!(affected_tag, created_by_user: current_user)
    end
    current_aliases.each do |alias_tag_name|
      next if alias_names.include?(alias_tag_name.name)
      alias_tag_name.update!(canonical: nil)
    end
    alias_names.each do |alias_name|
      alias_tag_name = TagName.find_undiscard_or_create_by!(name: alias_name)
      alias_tag_name.update!(canonical: tag.tag_name)
    end
    affected_tags.compact.uniq.each do |affected_tag|
      record_tag_version!(affected_tag, event_type: :update, created_by_user: current_user)
    end
  end
  def update_parent_tags! tag, parent_names
    parent_tags = Tag.normalise_tags!(parent_names, with_tagme: false,
                                                    with_no_deerjikist: false,
                                                    deny_nico: true)
    old_parent_tags = tag.parents.to_a
    TagVersioning.record_tag_snapshots!((old_parent_tags + parent_tags).uniq,
                                        created_by_user: current_user)
    tag.reversed_tag_implications.destroy_all
    parent_tags.each do |parent_tag|
      next if parent_tag == tag
      TagImplication.create!(tag:, parent_tag:)
    end
  end
  def normalise_deerjikist_code platform, code
    return code if platform != 'youtube' || code[0] != '@'
    url = "https://www.youtube.com/#{ code }"
    html = Net::HTTP.get(URI(url))
    canonical = html[
        /<link rel="canonical" href="https:\/\/www\.youtube\.com\/channel\/(UC[a-zA-Z0-9_-]{22})"/,
        1]
    return canonical if canonical
    html[/"channelId":"(UC[a-zA-Z0-9_-]{22})"/, 1] || html[/\bUC[a-zA-Z0-9_-]{22}\b/]
  rescue
    nil
  end
 end
@@ -0,0 +1,53 @@
 class TheatreCommentsController < ApplicationController
  def index
    limit = params[:limit].to_i
    limit = 20 if limit <= 0
    no_gt = params[:no_gt].to_i
    no_gt = 0 if no_gt < 0
    comments = TheatreComment
               .where(theatre_id: params[:theatre_id])
               .where('no > ?', no_gt)
               .order(no: :desc)
               .limit(limit)
    render json: comments.map {
      _1.as_json(include: { user: { only: [:id, :name] } })
          .merge(content: _1.discarded? ? nil : _1.content, deleted: _1.discarded?)
    }
  end
  def create
    return head :unauthorized unless current_user
    content = params[:content]
    return head :unprocessable_entity if content.blank?
    theatre = Theatre.find_by(id: params[:theatre_id])
    return head :not_found unless theatre
    comment = nil
    theatre.with_lock do
      no = theatre.next_comment_no
      comment = TheatreComment.create!(theatre:, no:, user: current_user, content:)
      theatre.update!(next_comment_no: no + 1)
    end
    render json: comment, status: :created
  end
  def destroy
    return head :unauthorized unless current_user
    theatre_id = params[:theatre_id].to_i
    no = params[:id].to_i
    comment = TheatreComment.find_by(theatre_id:, no:)
    return head :not_found unless comment
    comment.discard!
    head :no_content
  end
 end
@@ -0,0 +1,17 @@
 class TheatreProgrammesController < ApplicationController
  def index
    limit = params[:limit].to_i
    limit = 100 if limit <= 0
    position_gt = params[:position_gt].to_i
    position_gt = 0 if position_gt < 0
    programmes = TheatreProgramme
                 .where(theatre_id: params[:theatre_id])
                 .where('position > ?', position_gt)
                 .order(position: :desc).limit(100)
                 .limit(limit)
    render json: programmes.as_json(include: { post: PostRepr::BASE })
  end
 end
@@ -0,0 +1,57 @@
 class TheatresController < ApplicationController
  def show
    theatre = Theatre.find_by(id: params[:id])
    return head :not_found unless theatre
    render json: TheatreRepr.base(theatre)
  end
  def watching
    return head :unauthorized unless current_user
    theatre = Theatre.find_by(id: params[:id])
    return head :not_found unless theatre
    host_flg = false
    post_id = nil
    post_started_at = nil
    theatre.with_lock do
      TheatreWatchingUser.find_or_initialize_by(theatre:, user: current_user).tap {
        _1.expires_at = 30.seconds.from_now
      }.save!
      if (!(theatre.host_user_id?) ||
          !(theatre.watching_users.exists?(id: theatre.host_user_id)))
        theatre.update!(host_user_id: current_user.id)
      end
      host_flg = theatre.host_user_id == current_user.id
      post_id = theatre.current_post_id
      post_started_at = theatre.current_post_started_at
    end
    render json: {
        host_flg:, post_id:, post_started_at:,
        watching_users: theatre.watching_users.as_json(only: [:id, :name]) }
  end
  def next_post
    return head :unauthorized unless current_user
    theatre = Theatre.find_by(id: params[:id])
    return head :not_found unless theatre
    return head :forbidden if theatre.host_user != current_user
    ApplicationRecord.transaction do
      post = Post.where("url LIKE '%nicovideo.jp%'")
             .order('RAND()')
             .first
      theatre.update!(current_post: post, current_post_started_at: Time.current)
      position = (theatre.programmes.maximum(:position) || 0) + 1
      theatre.programmes.create!(position:, post:)
    end
    head :no_content
  end
 end
@@ -1,18 +1,22 @@
 class UsersController < ApplicationController
  def create
-    user = User.create!(inheritance_code: SecureRandom.uuid, role: 'guest')
+    user = nil
    User.transaction do
      user = User.create!(inheritance_code: SecureRandom.uuid, role: :guest)
      attach_ip_address!(user)
    end
    render json: { code: user.inheritance_code,
-                   user: user.slice(:id, :name, :inheritance_code, :role) }
+                   user: user.slice(:id, :name, :inheritance_code, :role) },
           status: :created
  end
  def verify
    ip_bin = IPAddr.new(request.remote_ip).hton
    ip_address = IpAddress.find_or_create_by!(ip_address: ip_bin)
    user = User.find_by(inheritance_code: params[:code])
    return render json: { valid: false } unless user
    return head :forbidden if user.banned?
-    UserIp.find_or_create_by!(user:, ip_address:)
+    attach_ip_address!(user)
    render json: { valid: true, user: user.slice(:id, :name, :inheritance_code, :role) }
  end
@@ -41,9 +45,18 @@ class UsersController < ApplicationController
    return head :bad_request if name.blank?
    if user.update(name:)
-      render json: user.slice(:id, :name, :inheritance_code, :role), status: :created
+      render json: user.slice(:id, :name, :inheritance_code, :role), status: :ok
    else
      render json: user.errors, status: :unprocessable_entity
    end
  end
  private
  def attach_ip_address! user
    ip_bin = IPAddr.new(request.remote_ip).hton
    ip_address = IpAddress.create_or_find_by!(ip_address: ip_bin)
    UserIp.create_or_find_by!(user:, ip_address:)
  end
 end
@@ -85,22 +85,24 @@ class WikiPagesController < ApplicationController
    return head :unauthorized unless current_user
    return head :forbidden unless current_user.gte_member?
-    name = params[:title]&.strip
+    title = params[:title].to_s.strip
    body = params[:body].to_s
    message = params[:message].presence
-    return head :unprocessable_entity if name.blank? || body.blank?
+    return head :unprocessable_entity if title.blank? || body.blank?
-    tag_name = TagName.find_or_create_by!(name:)
+    tag_name = TagName.find_undiscard_or_create_by!(name: title)
    page = WikiPage.new(tag_name:, created_user: current_user, updated_user: current_user)
    if page.save
      message = params[:message].presence
      Wiki::Commit.content!(page:, body:, created_user: current_user, message:)
-      render json: WikiPageRepr.base(page), status: :created
+    page =
-    else
+        Wiki::Commit.create_content!(
-      render json: { errors: page.errors.full_messages },
+            tag_name:,
-             status: :unprocessable_entity
+            body:,
-    end
+            created_by_user: current_user,
            message:)
    render json: WikiPageRepr.base(page), status: :created
  rescue ActiveRecord::RecordInvalid, ActiveRecord::RecordNotUnique
    head :unprocessable_entity
  end
  def update
@@ -113,19 +115,34 @@ class WikiPagesController < ApplicationController
    return head :unprocessable_entity if title.blank? || body.blank?
    page = WikiPage.find(params[:id])
-    base_revision_id = page.current_revision.id
+    base_revision_id = params[:base_revision_id].presence
-    if params[:title].present? && params[:title].strip != page.title
+    ApplicationRecord.transaction do
-      return head :unprocessable_entity
+      page.lock!
      old_title = page.title
      tag = Tag.find_by(tag_name_id: page.tag_name_id)
      if tag && title != old_title
        TagVersioning.ensure_snapshot!(tag, created_by_user: current_user)
      end
      page.tag_name.update!(name: title) if title != old_title
      message = params[:message].presence
      Wiki::Commit.content!(page:,
                            body:,
                            created_user: current_user,
                            message:,
                            base_revision_id:)
      if tag && title != old_title
        tag.reload
        TagVersionRecorder.record!(tag:, event_type: :update, created_by_user: current_user)
      end
    end
    message = params[:message].presence
    Wiki::Commit.content!(page:,
                          body:,
                          created_user: current_user,
                          message:,
                          base_revision_id:)
    head :ok
  end
@@ -1,6 +1,10 @@
 class IpAddress < ApplicationRecord
  validates :ip_address, presence: true, length: { maximum: 16 }
  validates :banned, inclusion: { in: [true, false] }
-  has_many :users
+  has_many :user_ips, dependent: :destroy
  has_many :users, through: :user_ips
  def banned? = banned_at.present?
  def ban! = banned? || update!(banned_at: Time.current)
  def unban! = update!(banned_at: nil)
 end
@@ -0,0 +1,39 @@
 class Material < ApplicationRecord
  include MyDiscard
  default_scope -> { kept }
  belongs_to :parent, class_name: 'Material', optional: true
  has_many :children, class_name: 'Material', foreign_key: :parent_id, dependent: :nullify
  belongs_to :tag, optional: true
  belongs_to :created_by_user, class_name: 'User', optional: true
  belongs_to :updated_by_user, class_name: 'User', optional: true
  has_one_attached :file, dependent: :purge
  validates :tag_id, presence: true, uniqueness: true
  validate :file_must_be_attached
  validate :tag_must_be_material_category
  def content_type
    return nil unless file&.attached?
    file.blob.content_type
  end
  private
  def file_must_be_attached
    return if url.present? || file.attached?
    errors.add(:url, 'URL かファイルのどちらかは必須です．')
  end
  def tag_must_be_material_category
    return if tag.blank? || tag.character? || tag.material?
    errors.add(:tag, '素材カテゴリのタグを指定してください．')
  end
 end
@@ -0,0 +1,24 @@
 module MyDiscard
  extend ActiveSupport::Concern
  included do
    include Discard::Model
    default_scope -> { kept }
  end
  class_methods do
    def find_undiscard_or_create_by! attrs, &block
      record = with_discarded.find_by(attrs)
      if record&.discarded?
        record.undiscard!
        record.update_columns(created_at: record.reload.updated_at)
      end
      record or create!(attrs, &block)
    rescue ActiveRecord::RecordNotUnique
      retry
    end
  end
 end
@@ -0,0 +1,7 @@
 class NicoTagVersion < ApplicationRecord
  include VersionRecord
  belongs_to :tag
  validates :name, presence: true
 end
@@ -1,7 +1,6 @@
 class Post < ApplicationRecord
  require 'mini_magick'
  belongs_to :parent, class_name: 'Post', optional: true, foreign_key: 'parent_id'
  belongs_to :uploaded_user, class_name: 'User', optional: true
  has_many :post_tags, dependent: :destroy, inverse_of: :post
@@ -11,9 +10,26 @@ class Post < ApplicationRecord
  has_many :user_post_views, dependent: :delete_all
  has_many :post_similarities, dependent: :delete_all
  has_many :post_versions
  has_many :parent_post_implications,
           class_name: 'PostImplication',
           foreign_key: :post_id,
           dependent: :destroy,
           inverse_of: :post
  has_many :parents, through: :parent_post_implications, source: :parent_post
  has_many :child_post_implications,
           class_name: 'PostImplication',
           foreign_key: :parent_post_id,
           dependent: :destroy,
           inverse_of: :parent_post
  has_many :children, through: :child_post_implications, source: :post
  has_one_attached :thumbnail
  attribute :version_no, :integer, default: 1
  before_validation :normalise_url
  validates :url, presence: true, uniqueness: true
@@ -21,15 +37,29 @@ class Post < ApplicationRecord
  validate :validate_original_created_range
  validate :url_must_be_http_url
  def parent_posts = parents
  def child_posts = children
  def sibling_posts
    parent_post_ids = parent_posts.order(:id).pluck(:id)
    parent_post_ids.to_h { [_1, PostImplication.where(parent_post: _1).map(&:post)] }
  end
  def as_json options = { }
-    super(options).merge({ thumbnail: thumbnail.attached? ?
+    super(options).merge(thumbnail: thumbnail.attached? ?
-                                      Rails.application.routes.url_helpers.rails_blob_url(
+                                    Rails.application.routes.url_helpers.rails_blob_url(
-                                          thumbnail, only_path: false) :
+                                        thumbnail, only_path: false) :
-                                      nil })
+                                    nil)
  rescue
    super(options).merge(thumbnail: nil)
  end
  def snapshot_tag_names = tags.joins(:tag_name).order('tag_names.name').pluck('tag_names.name')
  def snapshot_parent_post_ids = parents.order(:id).pluck(:id)
  def related limit: nil
    ids = post_similarities.order(cos: :desc)
    ids = ids.limit(limit) if limit
@@ -0,0 +1,19 @@
 class PostImplication < ApplicationRecord
  self.primary_key = :post_id, :parent_post_id
  belongs_to :post, inverse_of: :parent_post_implications
  belongs_to :parent_post, class_name: 'Post', inverse_of: :child_post_implications
  validates :post_id, presence: true, uniqueness: { scope: :parent_post_id }
  validates :parent_post_id, presence: true
  validate :parent_post_mustnt_be_itself
  private
  def parent_post_mustnt_be_itself
    if parent_post_id == post_id
      errors.add :parent_post_id, '親投稿に同じ投稿を設定することはできません．'
    end
  end
 end
@@ -0,0 +1,22 @@
 class PostVersion < ApplicationRecord
  include VersionRecord
  belongs_to :post
  belongs_to :parent, class_name: 'Post', optional: true
  validates :url, presence: true
  validate :validate_original_created_range
  private
  def validate_original_created_range
    f = original_created_from
    b = original_created_before
    return if f.blank? || b.blank?
    if f >= b
      errors.add :original_created_before, 'オリジナルの作成日時の順番がをかしぃです．'
    end
  end
 end
@@ -1,4 +1,9 @@
 require 'set'
 class Tag < ApplicationRecord
  include MyDiscard
  class NicoTagNormalisationError < ArgumentError
    ;
  end
@@ -27,10 +32,16 @@ class Tag < ApplicationRecord
           class_name: 'TagSimilarity', foreign_key: :target_tag_id, dependent: :delete_all
  has_many :deerjikists, dependent: :delete_all
  has_many :materials
  has_many :tag_versions
  has_many :nico_tag_versions
  belongs_to :tag_name
  delegate :wiki_page, to: :tag_name
  attribute :version_no, :integer, default: 1
  delegate :name, to: :tag_name, allow_nil: true
  validates :tag_name, presence: true
@@ -68,27 +79,20 @@ class Tag < ApplicationRecord
  def has_wiki = wiki_page.present?
-  def self.tagme
+  def material_id = materials.first&.id
    @tagme ||= find_or_create_by_tag_name!('タグ希望', category: :meta)
  end
-  def self.bot
+  def has_deerjikists = deerjikists.exists?
    @bot ||= find_or_create_by_tag_name!('bot操作', category: :meta)
  end
-  def self.no_deerjikist
+  def self.tagme = find_or_create_by_tag_name!('タグ希望', category: :meta)
-    @no_deerjikist ||= find_or_create_by_tag_name!('ニジラー情報不詳', category: :meta)
+  def self.bot = find_or_create_by_tag_name!('bot操作', category: :meta)
-  end
+  def self.no_deerjikist = find_or_create_by_tag_name!('ニジラー情報不詳', category: :meta)
  def self.video = find_or_create_by_tag_name!('動画', category: :meta)
  def self.niconico = find_or_create_by_tag_name!('ニコニコ', category: :meta)
  def self.youtube = find_or_create_by_tag_name!('YouTube', category: :meta)
-  def self.video
+  def self.normalise_tags! tag_names, with_tagme: true,
-    @video ||= find_or_create_by_tag_name!('動画', category: :meta)
+                                      with_no_deerjikist: true,
-  end
+                                      deny_nico: true
  def self.niconico
    @niconico ||= find_or_create_by_tag_name!('ニコニコ', category: :meta)
  end
  def self.normalise_tags tag_names, with_tagme: true, deny_nico: true
    if deny_nico && tag_names.any? { |n| n.downcase.start_with?('nico:') }
      raise NicoTagNormalisationError
    end
@@ -102,7 +106,7 @@ class Tag < ApplicationRecord
    end
    tags << Tag.tagme if with_tagme && tags.size < 10 && tags.none?(Tag.tagme)
-    tags << Tag.no_deerjikist if tags.all? { |t| !(t.deerjikist?) }
+    tags << Tag.no_deerjikist if with_no_deerjikist && tags.all? { |t| !(t.deerjikist?) }
    tags.uniq(&:id)
  end
@@ -130,39 +134,62 @@ class Tag < ApplicationRecord
  end
  def self.find_or_create_by_tag_name! name, category:
-    tn = TagName.find_or_create_by!(name: name.to_s.strip)
+    tn = TagName.find_undiscard_or_create_by!(name: name.to_s.strip)
    tn = tn.canonical if tn.canonical_id?
-    Tag.find_or_create_by!(tag_name_id: tn.id) do |t|
+    Tag.find_undiscard_or_create_by!(tag_name_id: tn.id) do |t|
      t.category = category
    end
  rescue ActiveRecord::RecordNotUnique
    retry
  end
-  def self.merge_tags! target_tag, source_tags
+  def self.merge_tags! target_tag, source_tags, created_by_user: nil
    target_tag => Tag
    affected_post_ids = Set.new
    Tag.transaction do
-      Array(source_tags).compact.uniq.each do |st|
+      TagVersioning.ensure_snapshot!(target_tag, created_by_user:)
        st => Tag
-        next if st == target_tag
+      Array(source_tags).compact.uniq.each do |source_tag|
        source_tag => Tag
-        st.post_tags.find_each do |pt|
+        next if source_tag == target_tag
-          if PostTag.kept.exists?(post_id: pt.post_id, tag_id: target_tag.id)
+
-            pt.discard_by!(nil)
+        TagVersioning.ensure_snapshot!(source_tag, created_by_user:)
-            # discard 後の update! は禁止なので DB を直に更新
+
-            pt.update_columns(tag_id: target_tag.id, updated_at: Time.current)
+        source_tag.post_tags.kept.find_each do |source_pt|
-          else
+          post_id = source_pt.post_id
-            pt.update!(tag: target_tag)
+          affected_post_ids << post_id
          source_pt.discard_by!(created_by_user)
          unless PostTag.kept.exists?(post_id:, tag: target_tag)
            PostTag.create!(post_id:, tag: target_tag)
          end
        end
-        tag_name = st.tag_name
+        source_tag_name = source_tag.tag_name
-        st.destroy!
+
-        tag_name.reload
+        if source_tag_name.wiki_page.present?
-        tag_name.update!(canonical: target_tag.tag_name)
+          raise ActiveRecord::RecordInvalid.new(source_tag_name)
        end
        TagVersioning.record!(source_tag, event_type: :discard, created_by_user:)
        source_tag.discard!
        if source_tag.nico?
          source_tag_name.discard!
        else
          source_tag_name.update_columns(canonical_id: target_tag.tag_name_id,
                                         updated_at: Time.current)
        end
        TagVersioning.record!(target_tag, event_type: :update, created_by_user:)
      end
      Post.where(id: affected_post_ids.to_a).find_each do |post|
        PostVersionRecorder.ensure_snapshot!(post, created_by_user:)
        PostVersionRecorder.record!(post:, event_type: :update, created_by_user:)
      end
      # 投稿件数を再集計
@@ -172,6 +199,14 @@ class Tag < ApplicationRecord
    target_tag.reload
  end
  def snapshot_aliases = tag_name.aliases.kept.order(:name).pluck(:name)
  def snapshot_parent_tag_ids = parents.order(:id).pluck(:id)
  def snapshot_linked_tag_names
    linked_tags.joins(:tag_name).order('tag_names.name').pluck('tag_names.name')
  end
  private
  def nico_tag_name_must_start_with_nico
@@ -1,4 +1,6 @@
 class TagName < ApplicationRecord
  include MyDiscard
  has_one :tag
  has_one :wiki_page
@@ -10,6 +12,7 @@ class TagName < ApplicationRecord
  validate :canonical_must_be_canonical
  validate :alias_name_must_not_have_prefix
  validate :canonical_must_not_be_present_with_tag_or_wiki_page
  validate :name_must_be_sanitised
  def self.canonicalise names
    names = Array(names).map { |n| n.to_s.strip }.reject(&:blank?)
@@ -39,4 +42,10 @@ class TagName < ApplicationRecord
      errors.add :canonical, 'タグもしくは Wiki の参照がある名前はエーリアスになれません．'
    end
  end
  def name_must_be_sanitised
    if name? && name != TagNameSanitisationRule.sanitise(name)
      errors.add :name, '名前に使用できない文字が含まれてゐます．'
    end
  end
 end
@@ -0,0 +1,58 @@
 class TagNameSanitisationRule < ApplicationRecord
  include Discard::Model
  self.primary_key = :priority
  default_scope -> { kept }
  validates :source_pattern, presence: true, uniqueness: true
  validate :source_pattern_must_be_regexp
  class << self
    def sanitise(name) =
        rules.reduce(name.dup) { |name, (pattern, replacement)| name.gsub(pattern, replacement) }
    def apply!
      TagName.find_each do |tn|
        name = sanitise(tn.name)
        next if name == tn.name
        TagName.transaction do
          existing_tn = TagName.find_by(name:)
          if existing_tn
            existing_tn = existing_tn.canonical || existing_tn
            next if existing_tn.id == tn.id
            existing_tag = Tag.find_by(tag_name_id: existing_tn.id)
            source_tag = Tag.find_by(tag_name_id: tn.id)
            if existing_tag
              Tag.merge_tags!(existing_tag, source_tag) if tn.tag
            elsif source_tag
              source_tag.update_columns(tag_name_id: existing_tn.id, updated_at: Time.current)
            end
            tn.discard!
            next
          end
          # TagName 側の自動サニタイズを回避
          tn.update_columns(name:, updated_at: Time.current)
        end
      end
    end
    private
    def rules = kept.order(:priority).map { |r| [Regexp.new(r.source_pattern), r.replacement] }
  end
  private
  def source_pattern_must_be_regexp
    Regexp.new(source_pattern)
  rescue RegexpError
    errors.add :source_pattern, '変な正規表現だね〜（笑）'
  end
 end
@@ -0,0 +1,15 @@
 class TagVersion < ApplicationRecord
  include VersionRecord
  belongs_to :tag
  enum :category, { deerjikist: 'deerjikist',
                    meme: 'meme',
                    character: 'character',
                    general: 'general',
                    material: 'material',
                    meta: 'meta' }, validate: true
  validates :name, presence: true
  validates :category, presence: true
 end
@@ -0,0 +1,15 @@
 class Theatre < ApplicationRecord
  include MyDiscard
  has_many :comments, class_name: 'TheatreComment'
  has_many :theatre_watching_users, dependent: :delete_all
  has_many :active_theatre_watching_users, -> { active },
           class_name: 'TheatreWatchingUser', inverse_of: :theatre
  has_many :watching_users, through: :active_theatre_watching_users, source: :user
  has_many :programmes, class_name: 'TheatreProgramme'
  belongs_to :host_user, class_name: 'User', optional: true
  belongs_to :current_post, class_name: 'Post', optional: true
  belongs_to :created_by_user, class_name: 'User'
 end
@@ -0,0 +1,8 @@
 class TheatreComment < ApplicationRecord
  include Discard::Model
  self.primary_key = :theatre_id, :no
  belongs_to :theatre
  belongs_to :user
 end
@@ -0,0 +1,6 @@
 class TheatreProgramme < ApplicationRecord
  self.primary_key = :theatre_id, :position
  belongs_to :theatre
  belongs_to :post
 end
@@ -0,0 +1,13 @@
 class TheatreWatchingUser < ApplicationRecord
  self.primary_key = :theatre_id, :user_id
  belongs_to :theatre
  belongs_to :user
  scope :active, -> { where('expires_at >= ?', Time.current) }
  scope :expired, -> { where('expires_at < ?', Time.current) }
  def active? = expires_at >= Time.current
  def refresh! = update!(expires_at: 30.seconds.from_now)
 end
@@ -4,7 +4,6 @@ class User < ApplicationRecord
  validates :name, length: { maximum: 255 }
  validates :inheritance_code, presence: true, length: { maximum: 64 }
  validates :role, presence: true, inclusion: { in: roles.keys }
  validates :banned, inclusion: { in: [true, false] }
  has_many :created_posts,
           class_name: 'Post', foreign_key: :uploaded_user_id, dependent: :nullify
@@ -19,5 +18,10 @@ class User < ApplicationRecord
           class_name: 'WikiPage', foreign_key: :updated_user_id, dependent: :nullify
  def viewed?(post) = user_post_views.exists?(post_id: post.id)
  def gte_member? = member? || admin?
  def banned? = banned_at.present?
  def ban! = banned? || update!(banned_at: Time.current)
  def unban! = update!(banned_at: nil)
 end
@@ -0,0 +1,19 @@
 module VersionRecord
  extend ActiveSupport::Concern
  def readonly? = persisted?
  included do
    belongs_to :created_by_user, class_name: 'User', optional: true
    enum :event_type, { create: 'create',
                        update: 'update',
                        discard: 'discard',
                        restore: 'restore' }, prefix: true, validate: true
    validates :version_no, presence: true, numericality: { only_integer: true, greater_than: 0 }
    validates :event_type, presence: true
    scope :chronological, -> { order(:version_no, :id) }
  end
 end
@@ -2,6 +2,8 @@ require 'set'
 class WikiPage < ApplicationRecord
  include MyDiscard
  has_many :wiki_revisions, dependent: :destroy
  belongs_to :created_user, class_name: 'User'
  belongs_to :updated_user, class_name: 'User'
@@ -11,8 +13,13 @@ class WikiPage < ApplicationRecord
           foreign_key: :redirect_page_id,
           dependent: :nullify
  has_many :wiki_versions
  attribute :version_no, :integer, default: 1
  belongs_to :tag_name
  validates :tag_name, presence: true
  validates :body, presence: true
  def title = tag_name.name
@@ -22,11 +29,6 @@ class WikiPage < ApplicationRecord
  def current_revision = wiki_revisions.order(id: :desc).first
  def body
    rev = current_revision
    rev.body if rev&.content?
  end
  def resolve_redirect limit: 10
    page = self
    visited = Set.new
@@ -0,0 +1,8 @@
 class WikiVersion < ApplicationRecord
  include VersionRecord
  belongs_to :wiki_page
  validates :title, presence: true
  validates :body, presence: true
 end
@@ -0,0 +1,24 @@
 # frozen_string_literal: true
 module MaterialRepr
  BASE = { only: [:id, :url, :created_at, :updated_at],
           methods: [:content_type],
           include: { tag: TagRepr::BASE,
                      created_by_user: UserRepr::BASE,
                      updated_by_user: UserRepr::BASE } }.freeze
  module_function
  def base material, host:
    material.as_json(BASE).merge(
        file: if material.file.attached?
                Rails.application.routes.url_helpers.rails_storage_proxy_url(
                    material.file, host:)
              end)
  end
  def many materials, host:
    materials.map { |m| base(m, host:) }
  end
 end
@@ -2,15 +2,20 @@
 module PostRepr
-  BASE = { include: { tags: TagRepr::BASE } }.freeze
+  BASE = { include: { tags: TagRepr::BASE, uploaded_user: UserRepr::BASE },
           methods: [:parent_posts, :child_posts, :sibling_posts] }.freeze
  module_function
-  def base post
+  def base post, current_user = nil
-    post.as_json(BASE)
+    json = post.as_json(BASE)
    return json.merge(viewed: false) unless current_user
    viewed = current_user.viewed?(post)
    json.merge(viewed:)
  end
-  def many posts
+  def many posts, current_user = nil
-    posts.map { |p| base(p) }
+    posts.map { |p| base(p, current_user) }
  end
 end
@@ -2,15 +2,15 @@
 module TagRepr
-  BASE = { only: [:id, :category, :post_count], methods: [:name, :has_wiki] }.freeze
+  BASE = { only: [:id, :category, :post_count, :created_at, :updated_at],
           methods: [:name, :has_wiki, :material_id, :has_deerjikists] }.freeze
  module_function
  def base tag
-    tag.as_json(BASE)
+    tag.as_json(BASE).merge(aliases: tag.snapshot_aliases,
                            parents: tag.parents.map { _1.as_json(BASE) })
  end
-  def many tags
+  def many(tags) = tags.map { |t| base(t) }
    tags.map { |t| base(t) }
  end
 end
@@ -0,0 +1,17 @@
 # frozen_string_literal: true
 module TheatreRepr
  BASE = { only: [:id, :name, :opens_at, :closes_at, :created_at, :updated_at],
           include: { created_by_user: { only: [:id, :name] } } }.freeze
  module_function
  def base theatre
    theatre.as_json(BASE)
  end
  def many theatre
    theatre.map { |t| base(t) }
  end
 end
@@ -0,0 +1,16 @@
 # frozen_string_literal: true
 module UserRepr
  BASE = { only: [:id, :name] }.freeze
  module_function
  def base user
    user.as_json(BASE)
  end
  def many users
    users.map { |u| base(u) }
  end
 end
@@ -0,0 +1,19 @@
 class NicoTagVersionRecorder < VersionRecorder
  def self.record! tag:, event_type:, created_by_user:
    new(tag:, event_type:, created_by_user:).record!
  end
  def initialize tag:, event_type:, created_by_user:
    super(record: tag, event_type:, created_by_user:)
  end
  private
  def version_class = NicoTagVersion
  def version_association = :nico_tag_versions
  def record_key = :tag
  def snapshot_attributes
    { name: @record.name, linked_tags: @record.snapshot_linked_tag_names.join(' ') }
  end
 end
@@ -0,0 +1,31 @@
 class PostVersionRecorder < VersionRecorder
  def self.record! post:, event_type:, created_by_user:
    new(post:, event_type:, created_by_user:).record!
  end
  def initialize post:, event_type:, created_by_user:
    super(record: post, event_type:, created_by_user:)
  end
  def self.ensure_snapshot! post, created_by_user:
    return if post.post_versions.exists?
    record!(post:, event_type: :create, created_by_user:)
  end
  private
  def version_class = PostVersion
  def version_association = :post_versions
  def record_key = :post
  def snapshot_attributes
    { title: @record.title,
      url: @record.url,
      thumbnail_base: @record.thumbnail_base,
      tags: @record.snapshot_tag_names.join(' '),
      parent_post_ids: @record.snapshot_parent_post_ids.join(' '),
      original_created_from: @record.original_created_from,
      original_created_before: @record.original_created_before }
  end
 end
@@ -0,0 +1,22 @@
 class TagVersionRecorder < VersionRecorder
  def self.record! tag:, event_type:, created_by_user:
    new(tag:, event_type:, created_by_user:).record!
  end
  def initialize tag:, event_type:, created_by_user:
    super(record: tag, event_type:, created_by_user:)
  end
  private
  def version_class = TagVersion
  def version_association = :tag_versions
  def record_key = :tag
  def snapshot_attributes
    { name: @record.name,
      category: @record.category,
      aliases: @record.snapshot_aliases.join(' '),
      parent_tag_ids: @record.snapshot_parent_tag_ids.join(' ') }
  end
 end
@@ -0,0 +1,38 @@
 class TagVersioning
  def self.record! tag, event_type:, created_by_user:
    if tag.nico?
      NicoTagVersionRecorder.record!(tag:, event_type:, created_by_user:)
    else
      TagVersionRecorder.record!(tag:, event_type:, created_by_user:)
    end
  end
  def self.ensure_snapshot! tag, created_by_user:
    if tag.nico?
      return if tag.nico_tag_versions.exists?
      NicoTagVersionRecorder.record!(tag:, event_type: :create, created_by_user:)
    else
      return if tag.tag_versions.exists?
      TagVersionRecorder.record!(tag:, event_type: :create, created_by_user:)
    end
  end
  def self.record_tag_snapshot! tag, created_by_user:
    event_type =
        if tag.nico?
          tag.nico_tag_versions.exists? ? :update : :create
        else
          tag.tag_versions.exists? ? :update : :create
        end
    record!(tag, event_type:, created_by_user:)
  end
  def self.record_tag_snapshots! tags, created_by_user:
    tags.each do |tag|
      record_tag_snapshot!(tag, created_by_user:)
    end
  end
 end
@@ -0,0 +1,87 @@
 class VersionRecorder
  EVENT_TYPES = ['create', 'update', 'discard', 'restore'].freeze
  def initialize record:, event_type:, created_by_user:
    @record = record
    @event_type = event_type.to_s
    @created_by_user = created_by_user
    validate_event_type!
  end
  def record!
    raise "#{ record_class.name } must be persisted" unless @record.persisted?
    ApplicationRecord.transaction do
      @record = record_class.unscoped.lock.find(@record.id)
      latest = latest_version
      validate_version_sequence!(latest)
      attrs = snapshot_attributes
      if @event_type == 'update' && latest && same_snapshot?(latest, attrs)
        return latest
      end
      version = version_class.create!(
          base_attributes(latest).merge(record_key => @record).merge(attrs))
      update_record_version_no!(version.version_no)
      version
    end
  end
  private
  def latest_version = versions.order(version_no: :desc).first
  def versions = @record.public_send(version_association)
  def base_attributes latest
    { version_no: (latest&.version_no || 0) + 1,
      event_type: @event_type,
      created_at: Time.current,
      created_by_user: @created_by_user }
  end
  def update_record_version_no! version_no
    @record.update_columns(version_no:)
    @record.version_no = version_no
  end
  def validate_version_sequence! latest
    if !(latest) && @event_type != 'create'
      raise "#{ version_class.name } first event must be create"
    end
    if @event_type == 'create' && latest
      raise "#{ version_class.name } create event already exists"
    end
    return unless latest
    if @record.version_no != latest.version_no
      raise ("#{ record_class.name }##{ @record.id } version_no is #{ @record.version_no }, " +
             "but latest #{ version_class.name } version_no is #{ latest.version_no }")
    end
  end
  def same_snapshot? version, attrs
    attrs.all? { |k, v| version.public_send(k) == v }
  end
  def validate_event_type!
    return if EVENT_TYPES.include?(@event_type)
    raise ArgumentError, "Invalid event_type: #{ @event_type }"
  end
  def version_class = raise NotImplementedError
  def version_association = raise NotImplementedError
  def record_key = raise NotImplementedError
  def snapshot_attributes = raise NotImplementedError
  def record_class = @record.class
 end
@@ -7,6 +7,31 @@ module Wiki
      ;
    end
    def self.create_content! tag_name:, body:, created_by_user:, message: nil
      normalised = normalise_body(body)
      page = WikiPage.new(tag_name:,
                          body: normalised,
                          created_user: created_by_user,
                          updated_user: created_by_user)
      if normalised.blank?
        page.errors.add(:body, :blank)
        raise ActiveRecord::RecordInvalid, page
      end
      ActiveRecord::Base.transaction do
        page.save!
        new(page:, created_user: created_by_user).content!(
            body: normalised,
            message:,
            base_revision_id: nil)
        page
      end
    end
    def self.content! page:, body:, created_user:, message: nil, base_revision_id: nil
      new(page:, created_user:).content!(body:, message:, base_revision_id:)
    end
@@ -21,7 +46,12 @@ module Wiki
    end
    def content! body:, message:, base_revision_id:
-      normalised = normalise_body(body)
+      normalised = self.class.normalise_body(body)
      if normalised.blank?
        @page.errors.add(:body, :blank)
        raise ActiveRecord::RecordInvalid, @page
      end
      lines = split_lines(normalised)
      line_shas = lines.map { |line| Digest::SHA256.hexdigest(line) }
@@ -37,10 +67,19 @@ module Wiki
          current_id = @page.wiki_revisions.maximum(:id)
          if current_id && current_id != base_revision_id.to_i
            raise Conflict,
-                "競合が発生してゐます（現在の Id.：#{ current_id }，ベース Id.：#{ base_revision_id }）．"
+                "競合が発生してゐます" +
                "（現在の Id.：#{ current_id }，ベース Id.：#{ base_revision_id }）．"
          end
        end
        @page.update!(body: normalised)
        WikiVersionRecorder.record!(
            page: @page,
            event_type: @page.wiki_versions.exists? ? :update : :create,
            reason: message,
            created_by_user: @created_user)
        rev = WikiRevision.create!(
            wiki_page:        @page,
            base_revision_id:,
@@ -54,65 +93,45 @@ module Wiki
        rows = line_ids.each_with_index.map do |line_id, pos|
          { wiki_revision_id: rev.id, wiki_line_id: line_id, position: pos }
        end
-        WikiRevisionLine.insert_all!(rows)
+        WikiRevisionLine.insert_all!(rows) if rows.any?
        rev
      end
    end
-    def redirect! redirect_page:, message:, base_revision_id:
+    def redirect!(redirect_page:, message:, base_revision_id:) = raise '廃止しました．'
      ActiveRecord::Base.transaction do
        @page.lock!
-        if base_revision_id.present?
+    def self.normalise_body body
-          current_id = @page.wiki_revisions.maximum(:id)
+      s = body.to_s
-          if current_id && current_id != base_revision_id.to_i
+      s.gsub!(/\r\n?/, "\n")
-            raise Conflict,
+      s.encode('UTF-8', invalid: :replace, undef: :replace, replace: '🖕')
-                "競合が発生してゐます（現在の Id.：#{ current_id }，ベース Id.：#{ base_revision_id }）．"
+      s.gsub(/\n+$/, '')
          end
        end
        WikiRevision.create!(
            wiki_page:        @page,
            base_revision_id:,
            created_user:     @created_user,
            kind:             :redirect,
            redirect_page:,
            message:,
            lines_count:      0,
            tree_sha256:      nil)
      end
    end
    private
-    def normalise_body body
+    def split_lines(body) = body.split("\n")
      s = body.to_s
      s.gsub!("\r\n", "\n")
      s.encode('UTF-8', invalid: :replace, undef: :replace, replace: '🖕')
    end
    def split_lines body
      body.split("\n")
    end
    def upsert_lines! lines, line_shas
      now = Time.current
      id_by_sha = WikiLine.where(sha256: line_shas).pluck(:sha256, :id).to_h
-      missing_rows = []
+      missing_by_sha = { }
      line_shas.each_with_index do |sha, i|
        next if id_by_sha.key?(sha)
        next if missing_by_sha.key?(sha)
-        missing_rows << { sha256:     sha,
+        missing_by_sha[sha] = {
-                          body:       lines[i],
+            sha256:     sha,
-                          created_at: now,
+            body:       lines[i],
-                          updated_at: now }
+            created_at: now,
            updated_at: now }
      end
-      if missing_rows.any?
+      if missing_by_sha.any?
-        WikiLine.upsert_all(missing_rows)
+        WikiLine.upsert_all(missing_by_sha.values)
        id_by_sha = WikiLine.where(sha256: line_shas).pluck(:sha256, :id).to_h
      end
@@ -0,0 +1,21 @@
 class WikiVersionRecorder < VersionRecorder
  def self.record! page:, event_type:, reason: nil, created_by_user:
    new(page:, event_type:, reason:, created_by_user:).record!
  end
  def initialize page:, event_type:, reason: nil, created_by_user:
    @reason = reason
    super(record: page, event_type:, created_by_user:)
  end
  private
  def version_class = WikiVersion
  def version_association = :wiki_versions
  def record_key = :wiki_page
  def snapshot_attributes = {
      title: @record.title,
      body: @record.body,
      reason: @reason }
 end
@@ -0,0 +1,73 @@
 require 'json'
 require 'net/http'
 require 'uri'
 module Youtube
  class ApiClient
    ENDPOINT = 'https://www.googleapis.com/youtube/v3'
    def initialize api_key: ENV.fetch('YOUTUBE_API_KEY')
      @api_key = api_key
    end
    def search_videos q:, published_after: nil, published_before: nil, page_token: nil
      get_json('/search', {
          part:           'snippet',
          type:           'video',
          q:,
          order:          'date',
          maxResults:     50,
          regionCode:     'JP',
          relevanceLanguage: 'ja',
          publishedAfter: published_after&.iso8601,
          publishedBefore: published_before&.iso8601,
          pageToken:      page_token }.compact)
    end
    def videos ids
      return { 'items' => [] } if ids.empty?
      get_json('/videos', part: 'snippet,status,contentDetails', id: ids.join(','))
    end
    def playlist_items playlist_id:, page_token: nil
      get_json('/playlistItems', {
          part:       'snippet,contentDetails,status',
          playlistId: playlist_id,
          maxResults: 50,
          pageToken:  page_token }.compact)
    end
    def channel id: nil, handle: nil
      raise ArgumentError, 'id or handle is required' if id.present? == handle.present?
      params = { part: 'snippet,contentDetails' }
      params[:id] = id if id.present?
      params[:forHandle] = handle if handle.present?
      get_json('/channels', params)
    end
    private
    def get_json path, params
      uri = URI(ENDPOINT + path)
      uri.query = URI.encode_www_form(params.merge(key: @api_key))
      response = Net::HTTP.start(uri.host,
                                 uri.port,
                                 use_ssl: true,
                                 open_timeout: 10,
                                 read_timeout: 30) do |http|
        http.get(uri)
      end
      unless response.is_a?(Net::HTTPSuccess)
        raise "YouTube API error: #{ response.code } #{ response.body }"
      end
      JSON.parse(response.body)
    end
  end
 end
@@ -0,0 +1,168 @@
 require 'open-uri'
 require 'set'
 require 'time'
 module Youtube
  class Sync
    def initialize client: ApiClient.new
      @client = client
    end
    def sync!
      video_ids = discover_video_ids
      return if video_ids.empty?
      video_ids.each_slice(50) do |ids|
        @client.videos(ids).fetch('items', []).each do |item|
          sync_video!(VideoItem.new(item))
        end
      end
    end
    private
    def discover_video_ids
      ids = Set.new
      query_terms.each do |q|
        response = @client.search_videos(q:, published_after: sync_since)
        response.fetch('items', []).each do |item|
          video_id = item.dig('id', 'videoId')
          ids << video_id if video_id.present?
        end
      end
      playlist_ids.each do |playlist_id|
        each_playlist_item(playlist_id) do |item|
          video_id = item.dig('contentDetails', 'videoId')
          video_id ||= item.dig('snippet', 'resourceId', 'videoId')
          ids << video_id if video_id.present?
        end
      end
      ids.to_a
    end
    def sync_video! video
      post = Post.where('url REGEXP ?', youtube_url_regexp(video.id)).first
      original_created_from = video.published_at.change(sec: 0)
      original_created_before = original_created_from + 1.minute
      post_created = false
      post_changed = false
      if post
        post.assign_attributes(title: video.title,
                               original_created_from:,
                               original_created_before:,
                               thumbnail_base: video.thumbnail_url)
        post_changed = post.changed?
        post.save! if post_changed
        attach_thumbnail_if_needed!(post, video.thumbnail_url)
      else
        post_created = true
        post = Post.create!(
            title: video.title,
            url: video.url,
            thumbnail_base: video.thumbnail_url,
            uploaded_user_id: nil,
            original_created_from:,
            original_created_before:)
        attach_thumbnail_if_needed!(post, video.thumbnail_url)
        sync_post_tags!(post, [Tag.tagme.id, Tag.bot.id, Tag.youtube.id, Tag.video.id])
      end
      kept_tag_ids = post.tags.pluck(:id).to_set
      desired_tag_ids = kept_tag_ids.to_a
      deerjikist = Deerjikist.find_by(platform: :youtube, code: video.channel_id)
      if deerjikist
        desired_tag_ids.delete(Tag.no_deerjikist.id)
        desired_tag_ids << deerjikist.tag_id
      elsif post.tags.where(category: :deerjikist).none?
        desired_tag_ids << Tag.no_deerjikist.id
      end
      desired_tag_ids.uniq!
      sync_post_tags!(post, desired_tag_ids, current_tag_ids: kept_tag_ids)
      if post_created
        PostVersionRecorder.record!(post:, event_type: :create, created_by_user: nil)
      elsif post_changed || kept_tag_ids != desired_tag_ids.to_set
        PostVersionRecorder.ensure_snapshot!(post, created_by_user: nil)
        PostVersionRecorder.record!(post:, event_type: :update, created_by_user: nil)
      end
    end
    def sync_post_tags! post, desired_tag_ids, current_tag_ids: nil
      current_tag_ids ||= PostTag.kept.where(post_id: post.id).pluck(:tag_id).to_set
      desired_tag_ids = desired_tag_ids.compact.to_set
      to_add = desired_tag_ids - current_tag_ids
      to_remove = current_tag_ids - desired_tag_ids
      Tag.where(id: to_add.to_a).find_each do |tag|
        begin
          PostTag.create!(post:, tag:)
        rescue ActiveRecord::RecordNotUnique
          ;
        end
      end
      PostTag.where(post_id: post.id, tag_id: to_remove.to_a).kept.find_each do |pt|
        pt.discard_by!(nil)
      end
    end
    def attach_thumbnail_if_needed! post, thumbnail_url
      return if post.thumbnail.attached?
      return if thumbnail_url.blank?
      post.thumbnail.attach(
          io:           URI.open(thumbnail_url),
          filename:     File.basename(URI.parse(thumbnail_url).path),
          content_type: 'image/jpeg')
      post.resized_thumbnail!
    end
    def youtube_url_regexp id
      escaped = Regexp.escape(id)
      "(youtube\\.com/watch\\?v=#{ escaped }|youtu\\.be/#{ escaped })([^A-Za-z0-9_-]|$)"
    end
    def query_terms = ['ぼざろクリーチャーシリーズ', '伊地知ニジカ', '伊地知虹鹿']
    def playlist_ids
      ['PLrOch4zHkI5vu29b-f9umUQQ4tQkuWLPX',
       'PLrOch4zHkI5vOK0RaytQq6PbucxQkkL0K',
       'PLrOch4zHkI5tdwm9vSegiDQJOM-hgpcOC']
    end
    def sync_since = 14.days.ago
    def each_playlist_item playlist_id
      page_token = nil
      loop do
        response = @client.playlist_items(playlist_id:, page_token:)
        response.fetch('items', []).each do |item|
          yield item
        end
        page_token = response['nextPageToken']
        break if page_token.blank?
      end
    end
  end
 end
@@ -0,0 +1,32 @@
 require 'time'
 module Youtube
  class VideoItem
    attr_reader :id, :title, :channel_id, :published_at, :thumbnail_url, :raw_tags
    def initialize item
      snippet = item.fetch('snippet')
      @id = item.fetch('id')
      @title = snippet['title']
      @channel_id = snippet['channelId']
      @published_at = Time.iso8601(snippet['publishedAt'])
      @thumbnail_url = pick_thumbnail(snippet['thumbnails'] || { })
      @raw_tags = snippet['tags'] || []
    end
    def url = "https://www.youtube.com/watch?v=#{ @id }"
    private
    def pick_thumbnail thumbnails
      ['maxres', 'standard', 'high', 'medium', 'default'].each do |key|
        url = thumbnails.dig(key, 'url')
        return url if url.present?
      end
      nil
    end
  end
 end
@@ -18,8 +18,7 @@ Rails.application.configure do
  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
  # config.asset_host = "http://assets.example.com"
-  # Store uploaded files on the local file system (see config/storage.yml for options).
+  config.active_storage.service = :r2
  config.active_storage.service = :local
  # Assume all access to the app is happening through a SSL-terminating reverse proxy.
  config.assume_ssl = true
@@ -50,4 +50,6 @@ Rails.application.configure do
  # Raise error when a before_action's only/except options reference missing actions.
  config.action_controller.raise_on_missing_callback_actions = true
  Rails.application.routes.default_url_options[:host] = 'www.example.com'
 end
@@ -6,18 +6,25 @@ Rails.application.routes.draw do
    delete ':child_id', action: :destroy
  end
-  resources :tags, only: [:index, :show, :update] do
+  resources :tags, only: [:index, :show] do
    collection do
      get :autocomplete
      get :'with-depth', action: :with_depth
      get :versions, to: 'tag_versions#index'
      scope :name do
        get ':name/deerjikists', action: :deerjikists_by_name
        get ':name/materials', action: :materials_by_name
        get ':name', action: :show_by_name
      end
    end
    member do
      put '', action: :update_all
      patch '', action: :update
      get :deerjikists
      put :deerjikists, action: :update_deerjikists
    end
  end
@@ -47,6 +54,7 @@ Rails.application.routes.draw do
    collection do
      get :random
      get :changes
      get :versions, to: 'post_versions#index'
    end
    member do
@@ -72,4 +80,16 @@ Rails.application.routes.draw do
      end
    end
  end
  resources :theatres, only: [:show] do
    member do
      put :watching
      patch :next_post
    end
    resources :comments, controller: :theatre_comments, only: [:index, :create, :destroy]
    resources :programmes, controller: :theatre_programmes, only: [:index]
  end
  resources :materials, only: [:index, :show, :create, :update, :destroy]
 end
@@ -1,12 +1,27 @@
 env :PATH, '/root/.rbenv/shims:/root/.rbenv/bin:/usr/local/bin:/usr/bin:/bin'
 set :path, '/var/www/btrc-hub/backend'
 set :environment, 'production'
 set :output, standard: '/var/log/btrc_hub_nico_sync.log',
             error:    '/var/log/btrc_hub_nico_sync_err.log'
-every 1.day, at: '3:00 pm' do
+job_type :rake,
         'cd :path && set -a && . /etc/btrc-hub/backend.env && set +a && ' \
         ':environment_variable=:environment bundle exec rake :task --silent :output'
 every 1.day, at: '11:00 am' do
  rake 'nico:sync', environment: 'production'
 end
 every 1.day, at: '0:00 am' do
  rake 'post_similarity:calc', environment: 'production'
  rake 'tag_similarity:calc', environment: 'production'
 end
 every 1.day, at: '7:50 am' do
  rake 'nico:export', environment: 'production'
 end
 every :hour do
  rake 'post:sync', environment: 'production'
 end
@@ -6,29 +6,11 @@ local:
  service: Disk
  root: <%= Rails.root.join("storage") %>
-# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+r2:
-# amazon:
+  service: S3
-#   service: S3
+  endpoint: <%= ENV['R2_ENDPOINT'] %>
-#   access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+  access_key_id: <%= ENV['R2_ACCESS_KEY_ID'] %>
-#   secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+  secret_access_key: <%= ENV['R2_SECRET_ACCESS_KEY'] %>
-#   region: us-east-1
+  bucket: <%= ENV['R2_BUCKET'] %>
-#   bucket: your_own_bucket-<%= Rails.env %>
+  region: auto
-
+  request_checksum_calculation: when_required
 # Remember not to checkin your GCS keyfile to a repository
 # google:
 #   service: GCS
 #   project: your_project
 #   credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
 #   bucket: your_own_bucket-<%= Rails.env %>
 # Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
 # microsoft:
 #   service: AzureStorage
 #   storage_account_name: your_account_name
 #   storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
 #   container: your_container_name-<%= Rails.env %>
 # mirror:
 #   service: Mirror
 #   primary: local
 #   mirrors: [ amazon, google, microsoft ]
@@ -0,0 +1,31 @@
 class CreateTagNameSanitisationRules < ActiveRecord::Migration[8.0]
  def up
    create_table :tag_name_sanitisation_rules, id: :integer, primary_key: :priority do |t|
      t.string :source_pattern, null: false
      t.string :replacement, null: false
      t.timestamps
      t.datetime :discarded_at
      t.index :source_pattern, unique: true
      t.index :discarded_at
    end
    now = ActiveRecord::Base.connection.quote(Time.current)
    execute <<~SQL
      INSERT INTO
        tag_name_sanitisation_rules(priority, source_pattern, replacement, created_at, updated_at)
      VALUES
        (10, '\\\\*',           '_',         #{ now }, #{ now })
      , (20, '\\\\?',           '_',         #{ now }, #{ now })
      , (25, '\\\\/',           '_',         #{ now }, #{ now })
      , (30, '_+',              '_',         #{ now }, #{ now })
      , (40, '_$',              '',          #{ now }, #{ now })
      , (45, '^([^:]+\\\\:)?_', '\\\\1',     #{ now }, #{ now })
      , (50, '^([^:]+\\\\:)?$', '\\\\1null', #{ now }, #{ now })
      ;
    SQL
  end
  def down
    drop_table :tag_name_sanitisation_rules
  end
 end
@@ -0,0 +1,6 @@
 class AddDiscardedAtToTags < ActiveRecord::Migration[8.0]
  def change
    add_column :tags, :discarded_at, :datetime
    add_index :tags, :discarded_at
  end
 end
@@ -0,0 +1,6 @@
 class AddDiscardedAtToTagNames < ActiveRecord::Migration[8.0]
  def change
    add_column :tag_names, :discarded_at, :datetime
    add_index :tag_names, :discarded_at
  end
 end
@@ -0,0 +1,6 @@
 class AddDiscardedAtToWikiPages < ActiveRecord::Migration[8.0]
  def change
    add_column :wiki_pages, :discarded_at, :datetime
    add_index :wiki_pages, :discarded_at
  end
 end
@@ -0,0 +1,17 @@
 class CreateTheatres < ActiveRecord::Migration[8.0]
  def change
    create_table :theatres do |t|
      t.string :name
      t.datetime :opens_at, null: false, index: true
      t.datetime :closes_at, index: true
      t.integer :kind, null: false, index: true
      t.references :current_post, foreign_key: { to_table: :posts }, index: true
      t.datetime :current_post_started_at
      t.integer :next_comment_no, null: false, default: 1
      t.references :host_user, foreign_key: { to_table: :users }
      t.references :created_by_user, null: false, foreign_key: { to_table: :users }, index: true
      t.timestamps
      t.datetime :discarded_at, index: true
    end
  end
 end
@@ -0,0 +1,12 @@
 class CreateTheatreComments < ActiveRecord::Migration[8.0]
  def change
    create_table :theatre_comments, primary_key: [:theatre_id, :no] do |t|
      t.references :theatre, null: false, foreign_key: { to_table: :theatres }
      t.integer :no, null: false
      t.references :user, foreign_key: { to_table: :users }
      t.text :content, null: false
      t.timestamps
      t.datetime :discarded_at, index: true
    end
  end
 end
@@ -0,0 +1,12 @@
 class CreateTheatreWatchingUsers < ActiveRecord::Migration[8.0]
  def change
    create_table :theatre_watching_users, primary_key: [:theatre_id, :user_id] do |t|
      t.references :theatre, null: false, foreign_key: { to_table: :theatres }
      t.references :user, null: false, foreign_key: { to_table: :users }, index: true
      t.datetime :expires_at, null: false, index: true
      t.timestamps
      t.index [:theatre_id, :expires_at]
    end
  end
 end
@@ -0,0 +1,34 @@
 class CreateMaterials < ActiveRecord::Migration[8.0]
  def change
    create_table :materials do |t|
      t.string :url
      t.references :parent, index: true, foreign_key: { to_table: :materials }
      t.references :tag, index: true, foreign_key: true
      t.references :created_by_user, foreign_key: { to_table: :users }
      t.references :updated_by_user, foreign_key: { to_table: :users }
      t.timestamps
      t.datetime :discarded_at, index: true
      t.virtual :active_url, type: :string,
                             as: 'IF(discarded_at IS NULL, url, NULL)',
                             stored: false
      t.index :active_url, unique: true
    end
    create_table :material_versions do |t|
      t.references :material, null: false, foreign_key: true
      t.integer :version_no, null: false
      t.string :url, index: true
      t.references :parent, index: true, foreign_key: { to_table: :materials }
      t.references :tag, index: true, foreign_key: true
      t.references :created_by_user, foreign_key: { to_table: :users }
      t.references :updated_by_user, foreign_key: { to_table: :users }
      t.timestamps
      t.datetime :discarded_at, index: true
      t.index [:material_id, :version_no],
              unique: true,
              name: 'index_material_versions_on_material_id_and_version_no'
    end
  end
 end
@@ -0,0 +1,203 @@
 require 'set'
 class CreatePostVersions < ActiveRecord::Migration[8.0]
  class Post < ActiveRecord::Base
    self.table_name = 'posts'
  end
  class PostTag < ActiveRecord::Base
    self.table_name = 'post_tags'
  end
  class PostVersion < ActiveRecord::Base
    self.table_name = 'post_versions'
  end
  def up
    create_table :post_versions do |t|
      t.references :post, null: false, foreign_key: true
      t.integer :version_no, null: false
      t.string :event_type, null: false
      t.string :title
      t.string :url, limit: 768, null: false
      t.string :thumbnail_base, limit: 2000
      t.text :tags, null: false
      t.references :parent, foreign_key: { to_table: :posts }
      t.datetime :original_created_from
      t.datetime :original_created_before
      t.datetime :created_at, null: false
      t.references :created_by_user, foreign_key: { to_table: :users }
      t.index [:post_id, :version_no], unique: true
      t.check_constraint 'version_no > 0',
                         name: 'post_versions_version_no_positive'
      t.check_constraint "event_type IN ('create', 'update', 'discard', 'restore')",
                         name: 'post_versions_event_type_valid'
    end
    PostVersion.reset_column_information
    say_with_time 'Backfilling post_versions' do
      Post.find_in_batches(batch_size: 500) do |posts|
        post_ids = posts.map(&:id)
        post_tag_rows_by_post_id =
            PostTag
            .joins('INNER JOIN tags ON tags.id = post_tags.tag_id')
            .joins('INNER JOIN tag_names ON tag_names.id = tags.tag_name_id')
            .where(post_id: post_ids)
            .pluck('post_tags.post_id',
                   'post_tags.created_at',
                   'post_tags.discarded_at',
                   'post_tags.created_user_id',
                   'post_tags.deleted_user_id',
                   'tag_names.name')
            .each_with_object(Hash.new { |h, k| h[k] = [] }) do |row, h|
              post_id, created_at, discarded_at, created_user_id, deleted_user_id, tag_name = row
              h[post_id] << { created_at:,
                              discarded_at:,
                              created_user_id:,
                              deleted_user_id:,
                              tag_name: }
            end
        rows = []
        posts.each do |post|
          post_tag_rows = post_tag_rows_by_post_id[post.id]
          events = post_tag_rows.flat_map do |post_tag_row|
            ary = [[post_tag_row[:created_at],
                    post_tag_row[:created_user_id],
                    :add,
                    post_tag_row[:tag_name]]]
            if post_tag_row[:discarded_at]
              ary << [post_tag_row[:discarded_at],
                      post_tag_row[:deleted_user_id],
                      :remove,
                      post_tag_row[:tag_name]]
            end
            ary
          end
          kind_order = { add: 0, remove: 1 }
          events.sort_by! do |event_at, user_id, kind, tag_name|
            [event_at, user_id || 0, kind_order.fetch(kind), tag_name]
          end
          event_buckets = bucket_events(events)
          active_tags = Set.new
          version_no = 0
          if event_buckets.empty?
            version_no += 1
            rows << build_row(post:,
                              version_no:,
                              event_type: 'create',
                              created_at: post.created_at,
                              created_by_user_id: post.uploaded_user_id,
                              tags: [])
            next
          end
          first_bucket = event_buckets.first
          merge_first_bucket_into_create = first_bucket[:first_at] <= post.created_at + 1.second
          if merge_first_bucket_into_create
            event_buckets.shift
            apply_bucket!(active_tags, first_bucket)
            version_no += 1
            rows << build_row(
                post:,
                version_no:,
                event_type: 'create',
                created_at: post.created_at,
                created_by_user_id: post.uploaded_user_id || first_bucket[:user_ids].compact.first,
                tags: active_tags.to_a.sort)
          else
            version_no += 1
            rows << build_row(
                post:,
                version_no:,
                event_type: 'create',
                created_at: post.created_at,
                created_by_user_id: post.uploaded_user_id,
                tags: [])
          end
          event_buckets.each do |bucket|
            apply_bucket!(active_tags, bucket)
            version_no += 1
            rows << build_row(
                post:,
                version_no:,
                event_type: 'update',
                created_at: bucket[:first_at],
                created_by_user_id: bucket[:user_ids].compact.first,
                tags: active_tags.to_a.sort)
          end
        end
        PostVersion.insert_all!(rows) if rows.any?
      end
    end
  end
  def down
    drop_table :post_versions
  end
  private
  def bucket_events events
    buckets = []
    events.each do |event_at, user_id, kind, tag_name|
      if buckets.empty? || event_at - buckets.last[:last_at] > 1.second
        buckets << { first_at: event_at,
                     last_at: event_at,
                     user_ids: [user_id],
                     events: [[kind, tag_name]] }
      else
        bucket = buckets.last
        bucket[:last_at] = event_at
        bucket[:user_ids] << user_id
        bucket[:events] << [kind, tag_name]
      end
    end
    buckets
  end
  def apply_bucket! active_tags, bucket
    bucket[:events].each do |kind, tag_name|
      if kind == :add
        active_tags.add(tag_name)
      else
        active_tags.delete(tag_name)
      end
    end
  end
  def build_row post:, version_no:, event_type:, created_at:, created_by_user_id:, tags:
    { post_id: post.id,
      version_no:,
      event_type:,
      title: post.title,
      url: post.url,
      thumbnail_base: post.thumbnail_base,
      tags: tags.join(' '),
      parent_id: post.parent_id,
      original_created_from: post.original_created_from,
      original_created_before: post.original_created_before,
      created_at:,
      created_by_user_id: }
  end
 end
@@ -0,0 +1,156 @@
 class CreateTagVersions < ActiveRecord::Migration[8.0]
  class Tag < ActiveRecord::Base
    self.table_name = 'tags'
  end
  class TagName < ActiveRecord::Base
    self.table_name = 'tag_names'
  end
  class TagImplication < ActiveRecord::Base
    self.table_name = 'tag_implications'
  end
  class TagVersion < ActiveRecord::Base
    self.table_name = 'tag_versions'
  end
  class NicoTagVersion < ActiveRecord::Base
    self.table_name = 'nico_tag_versions'
  end
  class NicoTagRelation < ActiveRecord::Base
    self.table_name = 'nico_tag_relations'
  end
  def up
    create_table :tag_versions do |t|
      t.references :tag, null: false, foreign_key: true, index: false
      t.integer :version_no, null: false
      t.string :event_type, null: false
      t.string :name, null: false
      t.string :category, null: false
      t.text :aliases, null: false
      t.text :parent_tag_ids, null: false
      t.datetime :created_at, null: false
      t.references :created_by_user, foreign_key: { to_table: :users }, index: false
      t.index [:tag_id, :version_no], unique: true
      t.index :created_at
      t.index [:tag_id, :created_at], order: { created_at: :desc }
      t.index [:created_by_user_id, :created_at], order: { created_at: :desc }
      t.check_constraint 'version_no > 0',
                         name: 'tag_versions_version_no_positive'
    end
    create_table :nico_tag_versions do |t|
      t.references :tag, null: false, foreign_key: true, index: false
      t.integer :version_no, null: false
      t.string :event_type, null: false
      t.string :name, null: false
      t.text :linked_tags, null: false
      t.datetime :created_at, null: false
      t.references :created_by_user, foreign_key: { to_table: :users }, index: false
      t.index [:tag_id, :version_no], unique: true
      t.index :created_at
      t.index [:tag_id, :created_at], order: { created_at: :desc }
      t.index [:created_by_user_id, :created_at], order: { created_at: :desc }
      t.check_constraint 'version_no > 0',
                         name: 'nico_tag_versions_version_no_positive'
    end
    TagVersion.reset_column_information
    say_with_time 'Backfilling tag_versions' do
      Tag.where(discarded_at: nil)
         .where.not(category: 'nico')
         .find_in_batches(batch_size: 500) do |tags|
        tag_ids = tags.map(&:id)
        tag_implication_rows_by_tag_id =
            TagImplication
            .where(tag_id: tag_ids)
            .pluck(:tag_id, :parent_tag_id)
            .each_with_object(Hash.new { |h, k| h[k] = [] }) do |row, h|
              h[row[0]] << row[1]
            end
        tag_name_rows_by_tag_id =
            TagName
            .joins('INNER JOIN tags ON tags.tag_name_id = tag_names.id')
            .where(tags: { id: tag_ids })
            .pluck('tags.id', 'tag_names.name')
            .each_with_object({ }) do |row, h|
              h[row[0]] = row[1]
            end
        tag_alias_rows_by_tag_id =
            TagName
            .joins('INNER JOIN tags ON tags.tag_name_id = tag_names.canonical_id')
            .where(tags: { id: tag_ids })
            .where(tag_names: { discarded_at: nil })
            .pluck('tags.id', 'tag_names.name')
            .each_with_object(Hash.new { |h, k| h[k] = [] }) do |row, h|
              h[row[0]] << row[1]
            end
        TagVersion.insert_all(tags.map { |tag|
          { tag_id: tag.id,
            version_no: 1,
            event_type: 'create',
            name: tag_name_rows_by_tag_id[tag.id],
            category: tag.category,
            aliases: tag_alias_rows_by_tag_id[tag.id].sort.join(' '),
            parent_tag_ids: tag_implication_rows_by_tag_id[tag.id].sort.join(' '),
            created_at: tag.created_at,
            created_by_user_id: nil }
        })
      end
    end
    NicoTagVersion.reset_column_information
    say_with_time 'Backfilling nico_tag_versions' do
      Tag.where(discarded_at: nil, category: 'nico')
         .find_in_batches(batch_size: 500) do |tags|
        tag_ids = tags.map(&:id)
        tag_name_rows_by_tag_id =
            TagName
            .joins('INNER JOIN tags ON tags.tag_name_id = tag_names.id')
            .where(tags: { id: tag_ids })
            .pluck('tags.id', 'tag_names.name')
            .each_with_object({ }) do |row, h|
              h[row[0]] = row[1]
            end
        nico_tag_relation_rows_by_tag_id =
            NicoTagRelation
            .joins('INNER JOIN tags nico_tags ON nico_tags.id = nico_tag_relations.nico_tag_id')
            .joins('INNER JOIN tags linked_tags ON linked_tags.id = nico_tag_relations.tag_id')
            .joins('INNER JOIN tag_names ON tag_names.id = linked_tags.tag_name_id')
            .where(nico_tags: { id: tag_ids })
            .where(linked_tags: { discarded_at: nil })
            .where(tag_names: { discarded_at: nil })
            .pluck('nico_tags.id', 'tag_names.name')
            .each_with_object(Hash.new { |h, k| h[k] = [] }) do |row, h|
              h[row[0]] << row[1]
            end
        NicoTagVersion.insert_all(tags.map { |tag|
          { tag_id: tag.id,
            version_no: 1,
            event_type: 'create',
            name: tag_name_rows_by_tag_id[tag.id],
            linked_tags: nico_tag_relation_rows_by_tag_id[tag.id].sort.join(' '),
            created_at: tag.created_at,
            created_by_user_id: nil }
        })
      end
    end
  end
  def down
    drop_table :nico_tag_versions
    drop_table :tag_versions
  end
 end
@@ -0,0 +1,91 @@
 class CreateWikiVersions < ActiveRecord::Migration[8.0]
  class WikiPage < ActiveRecord::Base
    self.table_name = 'wiki_pages'
  end
  class WikiRevision < ActiveRecord::Base
    self.table_name = 'wiki_revisions'
  end
  class WikiRevisionLine < ActiveRecord::Base
    self.table_name = 'wiki_revision_lines'
  end
  class WikiLine < ActiveRecord::Base
    self.table_name = 'wiki_lines'
  end
  class WikiVersion < ActiveRecord::Base
    self.table_name = 'wiki_versions'
  end
  class TagName < ActiveRecord::Base
    self.table_name = 'tag_names'
  end
  def up
    add_column :wiki_pages, :body, :text, after: :tag_name_id
    create_table :wiki_versions do |t|
      t.references :wiki_page, null: false, foreign_key: true
      t.integer :version_no, null: false
      t.string :event_type, null: false
      t.string :title, null: false
      t.text :body, null: false
      t.text :reason
      t.datetime :created_at, null: false
      t.references :created_by_user, foreign_key: { to_table: :users }
      t.index [:wiki_page_id, :version_no], unique: true
      t.check_constraint 'version_no > 0',
                         name: 'wiki_versions_version_no_positive'
      t.check_constraint "event_type IN ('create', 'update', 'discard', 'restore')",
                         name: 'wiki_versions_event_type_valid'
    end
    WikiPage.reset_column_information
    WikiVersion.reset_column_information
    say_with_time 'Backfilling wiki_versions' do
      WikiPage.find_each do |page|
        base_revision_id = nil
        version_no = 1
        title = TagName.find(page.tag_name_id).name
        body = nil
        loop do
          rev = WikiRevision.where(wiki_page_id: page.id).find_by(base_revision_id:)
          break unless rev
          body = WikiRevisionLine.where(wiki_revision_id: rev.id).order(:position).map { |wrl|
            WikiLine.find(wrl.wiki_line_id).body
          }.join("\n")
          WikiVersion.create!(
              wiki_page_id: page.id,
              version_no:,
              event_type: version_no == 1 ? 'create' : 'update',
              title:,
              body:,
              reason: rev.message,
              created_at: rev.created_at,
              created_by_user_id: rev.created_user_id)
          version_no += 1
          base_revision_id = rev.id
        end
        if body
          page.update!(body:)
        else
          page.destroy!
        end
      end
    end
    change_column_null :wiki_pages, :body, false
  end
  def down
    drop_table :wiki_versions
    remove_column :wiki_pages, :body
  end
 end
@@ -0,0 +1,24 @@
 class CreatePostImplications < ActiveRecord::Migration[8.0]
  def up
    create_table :post_implications, primary_key: [:post_id, :parent_post_id] do |t|
      t.references :post, null: false, foreign_key: true, index: false
      t.references :parent_post, null: false, foreign_key: { to_table: :posts }
      t.timestamps
      t.check_constraint 'post_id <> parent_post_id',
                         name: 'chk_post_implications_no_self'
    end
    add_column :post_versions, :parent_post_ids, :text, null: false, after: :parent_id
    remove_column :post_versions, :parent_id, :bigint
    remove_reference :posts, :parent, foreign_key: { to_table: :posts }
  end
  def down
    add_reference :posts, :parent, foreign_key: { to_table: :posts }, after: :thumbnail_base
    add_column :post_versions, :parent_id, :bigint, after: :post_id
    remove_column :post_versions, :parent_post_ids, :text
    drop_table :post_implications
  end
 end
@@ -0,0 +1,16 @@
 class RenameBannedToBannedAtInUsersAndIpAddresses < ActiveRecord::Migration[8.0]
  def up
    [:users, :ip_addresses].each do
      add_column _1, :banned_at, :datetime, after: :banned
      add_index _1, :banned_at
      remove_column _1, :banned
    end
  end
  def down
    [:ip_addresses, :users].each do
      add_column _1, :banned, :boolean, null: false, default: false, after: :banned_at
      remove_column _1, :banned_at
    end
  end
 end
@@ -0,0 +1,27 @@
 class AddVersionNoToPosts < ActiveRecord::Migration[8.0]
  def up
    add_column :posts, :version_no, :integer
    execute <<~SQL
      UPDATE
        posts
      SET
        version_no = (
          SELECT
            MAX(version_no)
          FROM
            post_versions
          WHERE
            post_id = posts.id)
    SQL
    change_column_null :posts, :version_no, false
    add_check_constraint :posts, 'version_no > 0', name: 'chk_posts_version_no_positive'
  end
  def down
    remove_check_constraint :posts, name: 'chk_posts_version_no_positive'
    remove_column :posts, :version_no
  end
 end
@@ -0,0 +1,37 @@
 class AddVersionNoToTags < ActiveRecord::Migration[8.0]
  def up
    add_column :tags, :version_no, :integer
    execute <<~SQL
      UPDATE
        tags
      SET
        version_no = (
          CASE category
          WHEN 'nico' THEN
            (SELECT
               MAX(version_no)
             FROM
               nico_tag_versions
             WHERE
               tag_id = tags.id)
          ELSE
            (SELECT
               MAX(version_no)
             FROM
               tag_versions
             WHERE
               tag_id = tags.id)
          END)
    SQL
    change_column_null :tags, :version_no, false
    add_check_constraint :tags, 'version_no > 0', name: 'chk_tags_version_no_positive'
  end
  def down
    remove_check_constraint :tags, name: 'chk_tags_version_no_positive'
    remove_column :tags, :version_no
  end
 end
@@ -0,0 +1,27 @@
 class AddVersionNoToWikiPages < ActiveRecord::Migration[8.0]
  def up
    add_column :wiki_pages, :version_no, :integer
    execute <<~SQL
      UPDATE
        wiki_pages
      SET
        version_no = (
          SELECT
            MAX(version_no)
          FROM
            wiki_versions
          WHERE
            wiki_page_id = wiki_pages.id)
    SQL
    change_column_null :wiki_pages, :version_no, false
    add_check_constraint :wiki_pages, 'version_no > 0', name: 'chk_wiki_pages_version_no_positive'
  end
  def down
    remove_check_constraint :wiki_pages, name: 'chk_wiki_pages_version_no_positive'
    remove_column :wiki_pages, :version_no
  end
 end
@@ -0,0 +1,10 @@
 class CreateTheatreProgrammes < ActiveRecord::Migration[8.0]
  def change
    create_table :theatre_programmes, primary_key: [:theatre_id, :position] do |t|
      t.references :theatre, null: false, foreign_key: true
      t.integer :position, null: false
      t.references :post, null: false, foreign_key: true
      t.datetime :created_at, null: false
    end
  end
 end
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
+ActiveRecord::Schema[8.0].define(version: 2026_05_14_221900) do
  create_table "active_storage_attachments", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.string "name", null: false
    t.string "record_type", null: false
@@ -50,12 +50,52 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
  create_table "ip_addresses", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.binary "ip_address", limit: 16, null: false
-    t.boolean "banned", default: false, null: false
+    t.datetime "banned_at"
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.index ["banned_at"], name: "index_ip_addresses_on_banned_at"
    t.index ["ip_address"], name: "index_ip_addresses_on_ip_address", unique: true
  end
  create_table "material_versions", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "material_id", null: false
    t.integer "version_no", null: false
    t.string "url"
    t.bigint "parent_id"
    t.bigint "tag_id"
    t.bigint "created_by_user_id"
    t.bigint "updated_by_user_id"
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.datetime "discarded_at"
    t.index ["created_by_user_id"], name: "index_material_versions_on_created_by_user_id"
    t.index ["discarded_at"], name: "index_material_versions_on_discarded_at"
    t.index ["material_id", "version_no"], name: "index_material_versions_on_material_id_and_version_no", unique: true
    t.index ["material_id"], name: "index_material_versions_on_material_id"
    t.index ["parent_id"], name: "index_material_versions_on_parent_id"
    t.index ["tag_id"], name: "index_material_versions_on_tag_id"
    t.index ["updated_by_user_id"], name: "index_material_versions_on_updated_by_user_id"
    t.index ["url"], name: "index_material_versions_on_url"
  end
  create_table "materials", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.string "url"
    t.bigint "parent_id"
    t.bigint "tag_id"
    t.bigint "created_by_user_id"
    t.bigint "updated_by_user_id"
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.datetime "discarded_at"
    t.virtual "active_url", type: :string, as: "if((`discarded_at` is null),`url`,NULL)"
    t.index ["active_url"], name: "index_materials_on_active_url", unique: true
    t.index ["created_by_user_id"], name: "index_materials_on_created_by_user_id"
    t.index ["discarded_at"], name: "index_materials_on_discarded_at"
    t.index ["parent_id"], name: "index_materials_on_parent_id"
    t.index ["tag_id"], name: "index_materials_on_tag_id"
    t.index ["updated_by_user_id"], name: "index_materials_on_updated_by_user_id"
  end
  create_table "nico_tag_relations", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "nico_tag_id", null: false
    t.bigint "tag_id", null: false
@@ -65,6 +105,30 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
    t.index ["tag_id"], name: "index_nico_tag_relations_on_tag_id"
  end
  create_table "nico_tag_versions", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "tag_id", null: false
    t.integer "version_no", null: false
    t.string "event_type", null: false
    t.string "name", null: false
    t.text "linked_tags", null: false
    t.datetime "created_at", null: false
    t.bigint "created_by_user_id"
    t.index ["created_at"], name: "index_nico_tag_versions_on_created_at"
    t.index ["created_by_user_id", "created_at"], name: "index_nico_tag_versions_on_created_by_user_id_and_created_at", order: { created_at: :desc }
    t.index ["tag_id", "created_at"], name: "index_nico_tag_versions_on_tag_id_and_created_at", order: { created_at: :desc }
    t.index ["tag_id", "version_no"], name: "index_nico_tag_versions_on_tag_id_and_version_no", unique: true
    t.check_constraint "`version_no` > 0", name: "nico_tag_versions_version_no_positive"
  end
  create_table "post_implications", primary_key: ["post_id", "parent_post_id"], charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "post_id", null: false
    t.bigint "parent_post_id", null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.index ["parent_post_id"], name: "index_post_implications_on_parent_post_id"
    t.check_constraint "`post_id` <> `parent_post_id`", name: "chk_post_implications_no_self"
  end
  create_table "post_similarities", primary_key: ["post_id", "target_post_id"], charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "post_id", null: false
    t.bigint "target_post_id", null: false
@@ -93,19 +157,39 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
    t.index ["tag_id"], name: "index_post_tags_on_tag_id"
  end
  create_table "post_versions", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "post_id", null: false
    t.integer "version_no", null: false
    t.string "event_type", null: false
    t.string "title"
    t.string "url", limit: 768, null: false
    t.string "thumbnail_base", limit: 2000
    t.text "tags", null: false
    t.text "parent_post_ids", null: false
    t.datetime "original_created_from"
    t.datetime "original_created_before"
    t.datetime "created_at", null: false
    t.bigint "created_by_user_id"
    t.index ["created_by_user_id"], name: "index_post_versions_on_created_by_user_id"
    t.index ["post_id", "version_no"], name: "index_post_versions_on_post_id_and_version_no", unique: true
    t.index ["post_id"], name: "index_post_versions_on_post_id"
    t.check_constraint "`event_type` in (_utf8mb4'create',_utf8mb4'update',_utf8mb4'discard',_utf8mb4'restore')", name: "post_versions_event_type_valid"
    t.check_constraint "`version_no` > 0", name: "post_versions_version_no_positive"
  end
  create_table "posts", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.string "title"
    t.string "url", limit: 768, null: false
    t.string "thumbnail_base", limit: 2000
    t.bigint "parent_id"
    t.bigint "uploaded_user_id"
    t.datetime "created_at", null: false
    t.datetime "original_created_from"
    t.datetime "original_created_before"
    t.datetime "updated_at", null: false
-    t.index ["parent_id"], name: "index_posts_on_parent_id"
+    t.integer "version_no", null: false
    t.index ["uploaded_user_id"], name: "index_posts_on_uploaded_user_id"
    t.index ["url"], name: "index_posts_on_url", unique: true
    t.check_constraint "`version_no` > 0", name: "chk_posts_version_no_positive"
  end
  create_table "settings", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
@@ -127,12 +211,24 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
    t.index ["tag_id"], name: "index_tag_implications_on_tag_id"
  end
  create_table "tag_name_sanitisation_rules", primary_key: "priority", id: :integer, charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.string "source_pattern", null: false
    t.string "replacement", null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.datetime "discarded_at"
    t.index ["discarded_at"], name: "index_tag_name_sanitisation_rules_on_discarded_at"
    t.index ["source_pattern"], name: "index_tag_name_sanitisation_rules_on_source_pattern", unique: true
  end
  create_table "tag_names", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.string "name", null: false
    t.bigint "canonical_id"
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.datetime "discarded_at"
    t.index ["canonical_id"], name: "index_tag_names_on_canonical_id"
    t.index ["discarded_at"], name: "index_tag_names_on_discarded_at"
    t.index ["name"], name: "index_tag_names_on_name", unique: true
  end
@@ -144,13 +240,91 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
    t.index ["target_tag_id"], name: "index_tag_similarities_on_target_tag_id"
  end
  create_table "tag_versions", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "tag_id", null: false
    t.integer "version_no", null: false
    t.string "event_type", null: false
    t.string "name", null: false
    t.string "category", null: false
    t.text "aliases", null: false
    t.text "parent_tag_ids", null: false
    t.datetime "created_at", null: false
    t.bigint "created_by_user_id"
    t.index ["created_at"], name: "index_tag_versions_on_created_at"
    t.index ["created_by_user_id", "created_at"], name: "index_tag_versions_on_created_by_user_id_and_created_at", order: { created_at: :desc }
    t.index ["tag_id", "created_at"], name: "index_tag_versions_on_tag_id_and_created_at", order: { created_at: :desc }
    t.index ["tag_id", "version_no"], name: "index_tag_versions_on_tag_id_and_version_no", unique: true
    t.check_constraint "`version_no` > 0", name: "tag_versions_version_no_positive"
  end
  create_table "tags", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "tag_name_id", null: false
    t.string "category", default: "general", null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.integer "post_count", default: 0, null: false
    t.datetime "discarded_at"
    t.integer "version_no", null: false
    t.index ["discarded_at"], name: "index_tags_on_discarded_at"
    t.index ["tag_name_id"], name: "index_tags_on_tag_name_id", unique: true
    t.check_constraint "`version_no` > 0", name: "chk_tags_version_no_positive"
  end
  create_table "theatre_comments", primary_key: ["theatre_id", "no"], charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "theatre_id", null: false
    t.integer "no", null: false
    t.bigint "user_id"
    t.text "content", null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.datetime "discarded_at"
    t.index ["discarded_at"], name: "index_theatre_comments_on_discarded_at"
    t.index ["theatre_id"], name: "index_theatre_comments_on_theatre_id"
    t.index ["user_id"], name: "index_theatre_comments_on_user_id"
  end
  create_table "theatre_programmes", primary_key: ["theatre_id", "position"], charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "theatre_id", null: false
    t.integer "position", null: false
    t.bigint "post_id", null: false
    t.datetime "created_at", null: false
    t.index ["post_id"], name: "index_theatre_programmes_on_post_id"
    t.index ["theatre_id"], name: "index_theatre_programmes_on_theatre_id"
  end
  create_table "theatre_watching_users", primary_key: ["theatre_id", "user_id"], charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "theatre_id", null: false
    t.bigint "user_id", null: false
    t.datetime "expires_at", null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.index ["expires_at"], name: "index_theatre_watching_users_on_expires_at"
    t.index ["theatre_id", "expires_at"], name: "idx_on_theatre_id_skip_expires_at_4c8de1dd42"
    t.index ["theatre_id", "expires_at"], name: "index_theatre_watching_users_on_theatre_id_and_expires_at"
    t.index ["theatre_id"], name: "index_theatre_watching_users_on_theatre_id"
    t.index ["user_id"], name: "index_theatre_watching_users_on_user_id"
  end
  create_table "theatres", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.string "name"
    t.datetime "opens_at", null: false
    t.datetime "closes_at"
    t.integer "kind", null: false
    t.bigint "current_post_id"
    t.datetime "current_post_started_at"
    t.integer "next_comment_no", default: 1, null: false
    t.bigint "host_user_id"
    t.bigint "created_by_user_id", null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.datetime "discarded_at"
    t.index ["closes_at"], name: "index_theatres_on_closes_at"
    t.index ["created_by_user_id"], name: "index_theatres_on_created_by_user_id"
    t.index ["current_post_id"], name: "index_theatres_on_current_post_id"
    t.index ["discarded_at"], name: "index_theatres_on_discarded_at"
    t.index ["host_user_id"], name: "index_theatres_on_host_user_id"
    t.index ["kind"], name: "index_theatres_on_kind"
    t.index ["opens_at"], name: "index_theatres_on_opens_at"
  end
  create_table "user_ips", primary_key: ["user_id", "ip_address_id"], charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
@@ -173,9 +347,23 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
    t.string "name"
    t.string "inheritance_code", limit: 64, null: false
    t.string "role", null: false
-    t.boolean "banned", default: false, null: false
+    t.datetime "banned_at"
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.index ["banned_at"], name: "index_users_on_banned_at"
  end
  create_table "wiki_assets", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "wiki_page_id", null: false
    t.integer "no", null: false
    t.string "alt_text"
    t.binary "sha256", limit: 32, null: false
    t.bigint "created_by_user_id", null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.index ["created_by_user_id"], name: "index_wiki_assets_on_created_by_user_id"
    t.index ["wiki_page_id", "no"], name: "index_wiki_assets_on_wiki_page_id_and_no", unique: true
    t.index ["wiki_page_id", "sha256"], name: "index_wiki_assets_on_wiki_page_id_and_sha256", unique: true
  end
  create_table "wiki_lines", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
@@ -188,13 +376,19 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
  create_table "wiki_pages", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "tag_name_id", null: false
    t.text "body", null: false
    t.bigint "created_user_id", null: false
    t.bigint "updated_user_id", null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.datetime "discarded_at"
    t.integer "next_asset_no", default: 1, null: false
    t.integer "version_no", null: false
    t.index ["created_user_id"], name: "index_wiki_pages_on_created_user_id"
    t.index ["discarded_at"], name: "index_wiki_pages_on_discarded_at"
    t.index ["tag_name_id"], name: "index_wiki_pages_on_tag_name_id", unique: true
    t.index ["updated_user_id"], name: "index_wiki_pages_on_updated_user_id"
    t.check_constraint "`version_no` > 0", name: "chk_wiki_pages_version_no_positive"
  end
  create_table "wiki_revision_lines", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
@@ -227,17 +421,47 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
    t.index ["wiki_page_id"], name: "index_wiki_revisions_on_wiki_page_id"
  end
  create_table "wiki_versions", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.bigint "wiki_page_id", null: false
    t.integer "version_no", null: false
    t.string "event_type", null: false
    t.string "title", null: false
    t.text "body", null: false
    t.text "reason"
    t.datetime "created_at", null: false
    t.bigint "created_by_user_id"
    t.index ["created_by_user_id"], name: "index_wiki_versions_on_created_by_user_id"
    t.index ["wiki_page_id", "version_no"], name: "index_wiki_versions_on_wiki_page_id_and_version_no", unique: true
    t.index ["wiki_page_id"], name: "index_wiki_versions_on_wiki_page_id"
    t.check_constraint "`event_type` in (_utf8mb4'create',_utf8mb4'update',_utf8mb4'discard',_utf8mb4'restore')", name: "wiki_versions_event_type_valid"
    t.check_constraint "`version_no` > 0", name: "wiki_versions_version_no_positive"
  end
  add_foreign_key "active_storage_attachments", "active_storage_blobs", column: "blob_id"
  add_foreign_key "active_storage_variant_records", "active_storage_blobs", column: "blob_id"
  add_foreign_key "material_versions", "materials"
  add_foreign_key "material_versions", "materials", column: "parent_id"
  add_foreign_key "material_versions", "tags"
  add_foreign_key "material_versions", "users", column: "created_by_user_id"
  add_foreign_key "material_versions", "users", column: "updated_by_user_id"
  add_foreign_key "materials", "materials", column: "parent_id"
  add_foreign_key "materials", "tags"
  add_foreign_key "materials", "users", column: "created_by_user_id"
  add_foreign_key "materials", "users", column: "updated_by_user_id"
  add_foreign_key "nico_tag_relations", "tags"
  add_foreign_key "nico_tag_relations", "tags", column: "nico_tag_id"
  add_foreign_key "nico_tag_versions", "tags"
  add_foreign_key "nico_tag_versions", "users", column: "created_by_user_id"
  add_foreign_key "post_implications", "posts"
  add_foreign_key "post_implications", "posts", column: "parent_post_id"
  add_foreign_key "post_similarities", "posts"
  add_foreign_key "post_similarities", "posts", column: "target_post_id"
  add_foreign_key "post_tags", "posts"
  add_foreign_key "post_tags", "tags"
  add_foreign_key "post_tags", "users", column: "created_user_id"
  add_foreign_key "post_tags", "users", column: "deleted_user_id"
-  add_foreign_key "posts", "posts", column: "parent_id"
+  add_foreign_key "post_versions", "posts"
  add_foreign_key "post_versions", "users", column: "created_by_user_id"
  add_foreign_key "posts", "users", column: "uploaded_user_id"
  add_foreign_key "settings", "users"
  add_foreign_key "tag_implications", "tags"
@@ -245,11 +469,24 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
  add_foreign_key "tag_names", "tag_names", column: "canonical_id"
  add_foreign_key "tag_similarities", "tags"
  add_foreign_key "tag_similarities", "tags", column: "target_tag_id"
  add_foreign_key "tag_versions", "tags"
  add_foreign_key "tag_versions", "users", column: "created_by_user_id"
  add_foreign_key "tags", "tag_names"
  add_foreign_key "theatre_comments", "theatres"
  add_foreign_key "theatre_comments", "users"
  add_foreign_key "theatre_programmes", "posts"
  add_foreign_key "theatre_programmes", "theatres"
  add_foreign_key "theatre_watching_users", "theatres"
  add_foreign_key "theatre_watching_users", "users"
  add_foreign_key "theatres", "posts", column: "current_post_id"
  add_foreign_key "theatres", "users", column: "created_by_user_id"
  add_foreign_key "theatres", "users", column: "host_user_id"
  add_foreign_key "user_ips", "ip_addresses"
  add_foreign_key "user_ips", "users"
  add_foreign_key "user_post_views", "posts"
  add_foreign_key "user_post_views", "users"
  add_foreign_key "wiki_assets", "users", column: "created_by_user_id"
  add_foreign_key "wiki_assets", "wiki_pages"
  add_foreign_key "wiki_pages", "tag_names"
  add_foreign_key "wiki_pages", "users", column: "created_user_id"
  add_foreign_key "wiki_pages", "users", column: "updated_user_id"
@@ -259,4 +496,6 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_03_122700) do
  add_foreign_key "wiki_revisions", "wiki_pages"
  add_foreign_key "wiki_revisions", "wiki_pages", column: "redirect_page_id"
  add_foreign_key "wiki_revisions", "wiki_revisions", column: "base_revision_id"
  add_foreign_key "wiki_versions", "users", column: "created_by_user_id"
  add_foreign_key "wiki_versions", "wiki_pages"
 end
@@ -0,0 +1,23 @@
 namespace :nico do
  desc 'ニコニコ DB 逆連携'
  task export: :environment do
    require 'open3'
    mysql_user = ENV.fetch('MYSQL_USER')
    mysql_pass = ENV.fetch('MYSQL_PASS')
    nizika_nico_path = ENV.fetch('NIZIKA_NICO_PATH')
    videos = Post.where('url LIKE ?', '%nicovideo.jp/watch/%').pluck(:url).filter_map {
      _1[%r{nicovideo\.jp/watch/([^/?#]+)}, 1]
    }.uniq
    next if videos.empty?
    _, stderr, status = Open3.capture3(
        { 'MYSQL_USER' => mysql_user, 'MYSQL_PASS' => mysql_pass },
        'python3', '-m', 'tracked_videos.put_bulk_upsert', *videos,
        chdir: nizika_nico_path)
    raise stderr unless status.success?
  end
 end
@@ -61,6 +61,9 @@ namespace :nico do
      original_created_from = original_created_at&.change(sec: 0)
      original_created_before = original_created_from&.+(1.minute)
      post_created = false
      post_changed = false
      if post
        attrs = { title:, original_created_from:, original_created_before: }
@@ -76,11 +79,13 @@ namespace :nico do
        end
        post.assign_attributes(attrs)
-        if post.changed?
+        post_changed = post.changed?
        if post_changed
          post.save!
          post.resized_thumbnail! if post.thumbnail.attached?
        end
      else
        post_created = true
        url = "https://www.nicovideo.jp/watch/#{ code }"
        thumbnail_base = fetch_thumbnail.(url) rescue nil
        post = Post.new(title:, url:, thumbnail_base:, uploaded_user: nil,
@@ -108,8 +113,12 @@ namespace :nico do
      desired_non_nico_tag_ids = []
      datum['tags'].each do |raw|
-        name = "nico:#{ raw }"
+        name = TagNameSanitisationRule.sanitise("nico:#{ raw }")
        tag = Tag.find_or_create_by_tag_name!(name, category: :nico)
        event_type = tag.nico_tag_versions.exists? ? :update : :create
        NicoTagVersionRecorder.record!(tag:, event_type:, created_by_user: nil)
        desired_nico_tag_based_ids << tag.id
        # 新たに記載される外部タグと連携される内部タグを記載
@@ -140,6 +149,13 @@ namespace :nico do
      desired_all_tag_ids.uniq!
      sync_post_tags!(post, desired_all_tag_ids, current_tag_ids: kept_tag_ids)
      if post_created
        PostVersionRecorder.record!(post:, event_type: :create, created_by_user: nil)
      elsif post_changed || kept_tag_ids != desired_all_tag_ids.to_set
        PostVersionRecorder.ensure_snapshot!(post, created_by_user: nil)
        PostVersionRecorder.record!(post:, event_type: :update, created_by_user: nil)
      end
    end
  end
 end
@@ -0,0 +1,6 @@
 namespace :post do
  desc '投稿同期（ニコニコ以外）'
  task sync: :environment do
    Youtube::Sync.new.sync!
  end
 end
@@ -0,0 +1,10 @@
 FactoryBot.define do
  factory :ip_address do
    ip_address { IPAddr.new('203.0.113.10').hton }
    banned_at { nil }
    trait :banned do
      banned_at { Time.current }
    end
  end
 end
@@ -1,12 +1,22 @@
 FactoryBot.define do
  factory :tag do
    transient do
      name { nil }
    end
    category { :general }
    post_count { 0 }
    association :tag_name
    after(:build) do |tag, evaluator|
      tag.name = evaluator.name if evaluator.name.present?
    end
    trait :nico do
      category { :nico }
-      tag_name { association(:tag_name, name: "nico:#{ SecureRandom.hex(4) }") }
+      transient do
        name { "nico:#{ SecureRandom.hex(4) }" }
      end
    end
  end
 end
@@ -0,0 +1,8 @@
 FactoryBot.define do
  factory :theatre_comment do
    association :theatre
    association :user
    sequence (:no) { |n| n }
    content { 'test comment' }
  end
 end
@@ -0,0 +1,11 @@
 FactoryBot.define do
  factory :theatre do
    name { 'Test Theatre' }
    kind { 1 }
    opens_at { Time.current }
    closes_at { 1.day.from_now }
    next_comment_no { 1 }
    association :created_by_user, factory: :user
  end
 end
@@ -1,15 +1,24 @@
 FactoryBot.define do
  factory :user do
-    name { "test-user" }
+    name { nil }
    inheritance_code { SecureRandom.uuid }
-    role { "guest" }
+    role { 'guest' }
    banned_at { nil }
    trait :guest do
      role { 'guest' }
    end
    trait :member do
-      role { "member" }
+      role { 'member' }
    end
    trait :admin do
      role { 'admin' }
    end
    trait :banned do
      banned_at { Time.current }
    end
  end
 end
@@ -3,5 +3,7 @@ FactoryBot.define do
    title { "TestPage" }
    association :created_user, factory: :user
    association :updated_user, factory: :user
    body { ' ' }
  end
 end
@@ -0,0 +1,51 @@
 require 'rails_helper'
 RSpec.describe PostImplication, type: :model do
  let!(:post_record) do
    Post.create!(
      title: 'post',
      url: 'https://example.com/post-implication-post'
    )
  end
  let!(:parent_post) do
    Post.create!(
      title: 'parent post',
      url: 'https://example.com/post-implication-parent'
    )
  end
  it 'is valid with post and parent_post' do
    implication = described_class.new(
      post: post_record,
      parent_post:
    )
    expect(implication).to be_valid
  end
  it 'does not allow same post as parent_post' do
    implication = described_class.new(
      post: post_record,
      parent_post: post_record
    )
    expect(implication).not_to be_valid
    expect(implication.errors[:parent_post_id]).to be_present
  end
  it 'does not allow duplicate pair' do
    described_class.create!(
      post: post_record,
      parent_post:
    )
    duplicate = described_class.new(
      post: post_record,
      parent_post:
    )
    expect(duplicate).not_to be_valid
    expect(duplicate.errors[:post_id]).to be_present
  end
 end
@@ -0,0 +1,41 @@
 require 'rails_helper'
 RSpec.describe PostVersion, type: :model do
  let!(:tag_name) { TagName.create!(name: 'post_version_spec_tag') }
  let!(:tag) { Tag.create!(tag_name: tag_name, category: :general) }
  let!(:post_record) do
    Post.create!(title: 'spec post', url: 'https://example.com/post-version-spec').tap do |post|
      PostTag.create!(post: post, tag: tag)
    end
  end
  let!(:post_version) do
    PostVersion.create!(
      post: post_record,
      version_no: 1,
      event_type: 'create',
      title: post_record.title,
      url: post_record.url,
      thumbnail_base: post_record.thumbnail_base,
      tags: post_record.snapshot_tag_names.join(' '),
      parent_post_ids: post_record.snapshot_parent_post_ids.join(' '),
      original_created_from: post_record.original_created_from,
      original_created_before: post_record.original_created_before,
      created_at: Time.current,
      created_by_user: nil
    )
  end
  it 'is read only after create' do
    expect do
      post_version.update!(title: 'changed')
    end.to raise_error(ActiveRecord::ReadOnlyRecord)
  end
  it 'cannot be destroyed' do
    expect do
      post_version.destroy!
    end.to raise_error(ActiveRecord::ReadOnlyRecord)
  end
 end
@@ -0,0 +1,101 @@
 require 'rails_helper'
 RSpec.describe TagNameSanitisationRule, type: :model do
  describe '.sanitise' do
    before do
      described_class.create!(priority: 10, source_pattern: '_', replacement: '')
      described_class.create!(priority: 20, source_pattern: 'ABC', replacement: 'abc')
    end
    it 'applies sanitisation rules sequentially in priority order' do
      expect(described_class.sanitise('A_B_C')).to eq('abc')
    end
    it 'does not fail when a rule does not match' do
      expect { described_class.sanitise('xyz') }.not_to raise_error
      expect(described_class.sanitise('xyz')).to eq('xyz')
    end
  end
  describe 'validations' do
    it 'is invalid when source_pattern is not a valid regexp' do
      rule = described_class.new(priority: 10, source_pattern: '[', replacement: '')
      expect(rule).to be_invalid
      expect(rule.errors[:source_pattern]).to be_present
    end
  end
  describe '.apply!' do
    before do
      described_class.create!(priority: 10, source_pattern: '_', replacement: '')
    end
    context 'when no conflicting tag_name exists' do
      let!(:tag_name) do
        TagName.create!(name: 'tmp').tap do |tn|
          tn.update_columns(name: 'foo_bar', updated_at: Time.current)
        end
      end
      it 'renames the tag_name' do
        described_class.apply!
        expect(tag_name.reload.name).to eq('foobar')
      end
    end
    context 'when a conflicting canonical tag_name exists' do
      let!(:existing) { TagName.create!(name: 'foobar') }
      let!(:source) do
        TagName.create!(name: 'tmp').tap do |tn|
          tn.update_columns(name: 'foo_bar', updated_at: Time.current)
        end
      end
      it 'deletes the source tag_name' do
        described_class.apply!
        expect(TagName.exists?(source.id)).to be(false)
        expect(existing.reload.name).to eq('foobar')
      end
    end
    context 'when the source tag_name has a tag and the existing one has no tag' do
      let!(:existing) { TagName.create!(name: 'foobar') }
      let!(:source_tag) { create(:tag, name: 'tmp', category: :general) }
      let!(:source_tag_name_id) { source_tag.tag_name_id }
      before do
        source_tag.tag_name.update_columns(name: 'foo_bar', updated_at: Time.current)
      end
      it 'moves the tag to the existing tag_name' do
        described_class.apply!
        expected_tag_name_id = existing.canonical_id || existing.id
        expect(source_tag.reload.tag_name_id).to eq(expected_tag_name_id)
        expect(TagName.exists?(source_tag_name_id)).to be(false)
      end
    end
    context 'when both source and existing tag_names have tags' do
      let!(:existing_tn) { TagName.create!(name: 'foobar') }
      let!(:existing_tag) { Tag.create!(tag_name: existing_tn, category: :general) }
      let!(:source_tn) { TagName.create!(name: 'tmp') }
      let!(:source_tag) { Tag.create!(tag_name: source_tn, category: :general) }
      let!(:source_tag_name_id) { source_tn.id }
      before do
        source_tn.update_columns(name: 'foo_bar', updated_at: Time.current)
      end
      it 'merges the source tag into the existing tag and deletes the source tag_name' do
        expect(TagName.find_by(name: 'foobar')&.tag&.id).to eq(existing_tag.id)
        expect(TagName.find_by(name: 'foo_bar')&.tag&.id).to eq(source_tag.id)
        described_class.apply!
        expect(Tag.exists?(source_tag.id)).to be(false)
        expect(TagName.exists?(source_tag.tag_name_id)).to be(false)
      end
    end
  end
 end
@@ -2,20 +2,31 @@ require 'rails_helper'
 RSpec.describe Tag, type: :model do
  describe '.merge_tags!' do
-    let!(:target_tag) { create(:tag) }
+    let!(:target_tag) { create(:tag, category: :general) }
-    let!(:source_tag) { create(:tag) }
+    let!(:source_tag) { create(:tag, category: :general) }
    let!(:source_tag_name) { source_tag.tag_name }
-    let!(:post_record) { Post.create!(url: 'https://example.com/posts/1', title: 'test post') }
+    let!(:post_record) do
      Post.create!(url: 'https://example.com/posts/1', title: 'test post')
    end
    context 'when merging a simple source tag' do
      let!(:source_post_tag) { PostTag.create!(post: post_record, tag: source_tag) }
-      it 'moves the post_tag, deletes the source tag, and aliases the source tag_name' do
+      it 'discards the source post_tag, creates an active target post_tag, discards the source tag, and aliases the source tag_name' do
        described_class.merge_tags!(target_tag, [source_tag])
-        expect(source_post_tag.reload.tag_id).to eq(target_tag.id)
+        source_pt = PostTag.with_discarded.find(source_post_tag.id)
-        expect(Tag.exists?(source_tag.id)).to be(false)
+        active_target = PostTag.kept.find_by(post_id: post_record.id, tag_id: target_tag.id)
-        expect(source_tag.tag_name.reload.canonical_id).to eq(target_tag.tag_name_id)
+
        expect(source_pt.discarded_at).to be_present
        expect(source_pt.tag_id).to eq(source_tag.id)
        expect(active_target).to be_present
        expect(Tag.with_discarded.find(source_tag.id)).to be_discarded
        expect(TagName.with_discarded.find(source_tag_name.id)).not_to be_discarded
        expect(source_tag_name.reload.canonical_id).to eq(target_tag.tag_name_id)
        expect(target_tag.reload.post_count).to eq(1)
      end
    end
@@ -23,38 +34,86 @@ RSpec.describe Tag, type: :model do
      let!(:target_post_tag) { PostTag.create!(post: post_record, tag: target_tag) }
      let!(:source_post_tag) { PostTag.create!(post: post_record, tag: source_tag) }
-      it 'discards the duplicate source post_tag and keeps one active target post_tag' do
+      it 'discards the source post_tag, keeps one active target post_tag, discards the source tag, and aliases the source tag_name' do
        described_class.merge_tags!(target_tag, [source_tag])
        source_pt = PostTag.with_discarded.find(source_post_tag.id)
        active = PostTag.kept.where(post_id: post_record.id, tag_id: target_tag.id)
        discarded_source = PostTag.with_discarded.find(source_post_tag.id)
        expect(source_pt.discarded_at).to be_present
        expect(source_pt.tag_id).to eq(source_tag.id)
        expect(active.count).to eq(1)
-        expect(discarded_source.discarded_at).to be_present
+        expect(active.first.id).to eq(target_post_tag.id)
-        expect(Tag.exists?(source_tag.id)).to be(false)
+
-        expect(source_tag.tag_name.reload.canonical_id).to eq(target_tag.tag_name_id)
+        expect(Tag.with_discarded.find(source_tag.id)).to be_discarded
        expect(TagName.with_discarded.find(source_tag_name.id)).not_to be_discarded
        expect(source_tag_name.reload.canonical_id).to eq(target_tag.tag_name_id)
        expect(target_tag.reload.post_count).to eq(1)
      end
    end
    context 'when source_tags includes the target itself' do
      let!(:source_post_tag) { PostTag.create!(post: post_record, tag: source_tag) }
-      it 'ignores the target tag in source_tags' do
+      it 'ignores the target in source_tags while still merging the source tag' do
        described_class.merge_tags!(target_tag, [source_tag, target_tag])
-        expect(Tag.exists?(target_tag.id)).to be(true)
+        source_pt = PostTag.with_discarded.find(source_post_tag.id)
-        expect(Tag.exists?(source_tag.id)).to be(false)
+        active_target = PostTag.kept.find_by(post_id: post_record.id, tag_id: target_tag.id)
-        expect(source_post_tag.reload.tag_id).to eq(target_tag.id)
+
        expect(Tag.find(target_tag.id)).to be_present
        expect(Tag.with_discarded.find(source_tag.id)).to be_discarded
        expect(source_pt.discarded_at).to be_present
        expect(source_pt.tag_id).to eq(source_tag.id)
        expect(active_target).to be_present
        expect(source_tag_name.reload.canonical_id).to eq(target_tag.tag_name_id)
        expect(target_tag.reload.post_count).to eq(1)
      end
    end
-    context 'when aliasing the source tag_name is invalid' do
+    context 'when the source tag_name is invalid under sanitisation rules' do
      let!(:source_post_tag) { PostTag.create!(post: post_record, tag: source_tag) }
      let!(:sanitisation_rule) do
        TagNameSanitisationRule.create!(
          priority: 99_999,
          source_pattern: 'INVALIDTOKEN',
          replacement: ''
        )
      end
      before do
        source_tag_name.update_columns(
          name: "#{ source_tag_name.name }INVALIDTOKEN",
          updated_at: Time.current
        )
      end
      it 'still merges, but discards the source tag_name instead of aliasing it' do
        described_class.merge_tags!(target_tag, [source_tag])
        source_pt = PostTag.with_discarded.find(source_post_tag.id)
        active_target = PostTag.kept.find_by(post_id: post_record.id, tag_id: target_tag.id)
        discarded_source_tag_name = TagName.with_discarded.find(source_tag_name.id)
        expect(source_pt.discarded_at).to be_present
        expect(source_pt.tag_id).to eq(source_tag.id)
        expect(active_target).to be_present
        expect(Tag.with_discarded.find(source_tag.id)).to be_discarded
        expect(target_tag.reload.post_count).to eq(1)
      end
    end
    context 'when the source tag_name has a wiki_page' do
      let!(:source_post_tag) { PostTag.create!(post: post_record, tag: source_tag) }
      let!(:wiki_page) do
-        WikiPage.create!(
+        admin = create_admin_user!
-            tag_name: source_tag.tag_name,
+
-            created_user: create_admin_user!,
+        Wiki::Commit.create_content!(
-            updated_user: create_admin_user!)
+            tag_name: source_tag_name,
            body: 'source wiki body',
            created_by_user: admin,
            message: 'init')
      end
      it 'rolls back the transaction' do
@@ -62,9 +121,95 @@ RSpec.describe Tag, type: :model do
          described_class.merge_tags!(target_tag, [source_tag])
        }.to raise_error(ActiveRecord::RecordInvalid)
-        expect(Tag.exists?(source_tag.id)).to be(true)
+        expect(Tag.with_discarded.find(source_tag.id)).not_to be_discarded
-        expect(source_post_tag.reload.tag_id).to eq(source_tag.id)
+        expect(TagName.with_discarded.find(source_tag_name.id)).not_to be_discarded
-        expect(source_tag.tag_name.reload.canonical_id).to be_nil
+        expect(PostTag.kept.find(source_post_tag.id).tag_id).to eq(source_tag.id)
        expect(PostTag.kept.find_by(post_id: post_record.id, tag_id: target_tag.id)).to be_nil
        expect(source_tag_name.reload.canonical_id).to be_nil
        expect(target_tag.reload.post_count).to eq(0)
      end
    end
    context 'when merging a nico source tag' do
      let!(:target_tag) { create(:tag, category: :nico, name: 'nico:foo') }
      let!(:source_tag) { create(:tag, category: :nico, name: 'nico:bar') }
      let!(:source_tag_name_id) { source_tag.tag_name_id }
      it 'discards the source tag_name instead of aliasing it' do
        described_class.merge_tags!(target_tag, [source_tag])
        discarded_source_tag = Tag.with_discarded.find(source_tag.id)
        discarded_source_tag_name = TagName.with_discarded.find(source_tag_name_id)
        expect(discarded_source_tag).to be_discarded
        expect(discarded_source_tag_name).to be_discarded
        expect(discarded_source_tag_name.canonical_id).to be_nil
        expect(target_tag.reload.post_count).to eq(0)
      end
    end
    def snapshot_tags(post)
      post.snapshot_tag_names.join(' ')
    end
    def create_post_version_for!(post, version_no: 1, event_type: 'create', created_by_user: nil)
      PostVersion.create!(
        post: post,
        version_no: version_no,
        event_type: event_type,
        title: post.title,
        url: post.url,
        thumbnail_base: post.thumbnail_base,
        tags: snapshot_tags(post),
        parent_post_ids: post.snapshot_parent_post_ids.join(' '),
        original_created_from: post.original_created_from,
        original_created_before: post.original_created_before,
        created_at: Time.current,
        created_by_user: created_by_user
      )
    end
    context 'when post versions are enabled' do
      let!(:source_post_tag) { PostTag.create!(post: post_record, tag: source_tag) }
      let!(:unaffected_post) do
        Post.create!(url: 'https://example.com/posts/2', title: 'unaffected post')
      end
      before do
        create_post_version_for!(post_record)
        create_post_version_for!(unaffected_post)
      end
      it 'creates an update post_version only for affected posts' do
        expect {
          described_class.merge_tags!(target_tag, [source_tag])
        }.to change(PostVersion, :count).by(1)
        affected_versions = post_record.reload.post_versions.order(:version_no)
        expect(affected_versions.pluck(:version_no)).to eq([1, 2])
        latest = affected_versions.last
        expect(latest.event_type).to eq('update')
        expect(latest.created_by_user).to be_nil
        expect(latest.tags).to eq(snapshot_tags(post_record.reload))
        expect(unaffected_post.reload.post_versions.count).to eq(1)
      end
    end
    context 'when the source tag has no active post_tags' do
      let!(:another_post) do
        Post.create!(url: 'https://example.com/posts/3', title: 'another post')
      end
      before do
        create_post_version_for!(another_post)
      end
      it 'does not create any post_version' do
        expect {
          described_class.merge_tags!(target_tag, [source_tag])
        }.not_to change(PostVersion, :count)
      end
    end
  end
@@ -0,0 +1,74 @@
 require 'rails_helper'
 RSpec.describe VersionRecord, type: :model do
  let!(:tag) { create(:tag, name: 'version_record_tag') }
  let!(:nico_tag) { create(:tag, :nico, name: 'nico:version_record_tag') }
  it 'makes TagVersion read only after create' do
    version = TagVersion.create!(
      tag: tag,
      version_no: 1,
      event_type: 'create',
      name: tag.name,
      category: tag.category,
      aliases: '',
      parent_tag_ids: '',
      created_at: Time.current,
      created_by_user: nil
    )
    expect {
      version.update!(name: 'changed')
    }.to raise_error(ActiveRecord::ReadOnlyRecord)
  end
  it 'prevents TagVersion destroy' do
    version = TagVersion.create!(
      tag: tag,
      version_no: 1,
      event_type: 'create',
      name: tag.name,
      category: tag.category,
      aliases: '',
      parent_tag_ids: '',
      created_at: Time.current,
      created_by_user: nil
    )
    expect {
      version.destroy!
    }.to raise_error(ActiveRecord::ReadOnlyRecord)
  end
  it 'makes NicoTagVersion read only after create' do
    version = NicoTagVersion.create!(
      tag: nico_tag,
      version_no: 1,
      event_type: 'create',
      name: nico_tag.name,
      linked_tags: '',
      created_at: Time.current,
      created_by_user: nil
    )
    expect {
      version.update!(name: 'nico:changed')
    }.to raise_error(ActiveRecord::ReadOnlyRecord)
  end
  it 'prevents NicoTagVersion destroy' do
    version = NicoTagVersion.create!(
      tag: nico_tag,
      version_no: 1,
      event_type: 'create',
      name: nico_tag.name,
      linked_tags: '',
      created_at: Time.current,
      created_by_user: nil
    )
    expect {
      version.destroy!
    }.to raise_error(ActiveRecord::ReadOnlyRecord)
  end
 end
@@ -0,0 +1,378 @@
 require 'rails_helper'
 RSpec.describe 'Materials API', type: :request do
  let!(:member_user) { create(:user, :member) }
  let!(:guest_user)  { create(:user) }
  def dummy_upload(filename: 'dummy.png', type: 'image/png', body: 'dummy')
    Rack::Test::UploadedFile.new(StringIO.new(body), type, original_filename: filename)
  end
  def response_materials
    json.fetch('materials')
  end
  def build_material(tag:, user:, parent: nil, file: dummy_upload, url: nil)
    Material.new(tag:, parent:, url:, created_by_user: user, updated_by_user: user).tap do |material|
      material.file.attach(file) if file
      material.save!
    end
  end
  describe 'GET /materials' do
    let!(:tag_a) { Tag.create!(tag_name: TagName.create!(name: 'material_index_a'), category: :material) }
    let!(:tag_b) { Tag.create!(tag_name: TagName.create!(name: 'material_index_b'), category: :material) }
    let!(:material_a) do
      build_material(tag: tag_a, user: member_user, file: dummy_upload(filename: 'a.png'))
    end
    let!(:material_b) do
      build_material(tag: tag_b, user: member_user, parent: material_a, file: dummy_upload(filename: 'b.png'))
    end
    before do
      old_time = Time.zone.local(2026, 3, 29, 1, 0, 0)
      new_time = Time.zone.local(2026, 3, 29, 2, 0, 0)
      material_a.update_columns(created_at: old_time, updated_at: old_time)
      material_b.update_columns(created_at: new_time, updated_at: new_time)
    end
    it 'returns materials with count and metadata' do
      get '/materials'
      expect(response).to have_http_status(:ok)
      expect(json).to include('materials', 'count')
      expect(response_materials).to be_an(Array)
      expect(json['count']).to eq(2)
      row = response_materials.find { |m| m['id'] == material_b.id }
      expect(row).to be_present
      expect(row['tag']).to include(
        'id' => tag_b.id,
        'name' => 'material_index_b',
        'category' => 'material'
      )
      expect(row['created_by_user']).to include(
        'id' => member_user.id,
        'name' => member_user.name
      )
      expect(row['content_type']).to eq('image/png')
    end
    it 'filters materials by tag_id' do
      get '/materials', params: { tag_id: material_a.tag_id }
      expect(response).to have_http_status(:ok)
      expect(json['count']).to eq(1)
      expect(response_materials.map { |m| m['id'] }).to eq([material_a.id])
    end
    it 'filters materials by parent_id' do
      get '/materials', params: { parent_id: material_a.id }
      expect(response).to have_http_status(:ok)
      expect(json['count']).to eq(1)
      expect(response_materials.map { |m| m['id'] }).to eq([material_b.id])
    end
    it 'paginates and keeps total count' do
      get '/materials', params: { page: 2, limit: 1 }
      expect(response).to have_http_status(:ok)
      expect(json['count']).to eq(2)
      expect(response_materials.size).to eq(1)
      expect(response_materials.first['id']).to eq(material_a.id)
    end
    it 'normalises invalid page and limit' do
      get '/materials', params: { page: 0, limit: 0 }
      expect(response).to have_http_status(:ok)
      expect(json['count']).to eq(2)
      expect(response_materials.size).to eq(1)
      expect(response_materials.first['id']).to eq(material_b.id)
    end
  end
  describe 'GET /materials/:id' do
    let!(:tag) { Tag.create!(tag_name: TagName.create!(name: 'material_show'), category: :material) }
    let!(:material) do
      build_material(tag:, user: member_user, file: dummy_upload(filename: 'show.png'))
    end
    it 'returns a material with file, tag, and content_type' do
      get "/materials/#{ material.id }"
      expect(response).to have_http_status(:ok)
      expect(json).to include(
        'id' => material.id,
        'content_type' => 'image/png'
      )
      expect(json['file']).to be_present
      expect(json['tag']).to include(
        'id' => tag.id,
        'name' => 'material_show',
        'category' => 'material'
      )
    end
    it 'returns 404 when material does not exist' do
      get '/materials/999999999'
      expect(response).to have_http_status(:not_found)
    end
  end
  describe 'POST /materials' do
    context 'when not logged in' do
      before { sign_out }
      it 'returns 401' do
        post '/materials', params: {
          tag: 'material_create_unauthorized',
          file: dummy_upload
        }
        expect(response).to have_http_status(:unauthorized)
      end
    end
    context 'when logged in' do
      before { sign_in_as(guest_user) }
      it 'returns 400 when tag is blank' do
        post '/materials', params: { tag: '   ', file: dummy_upload }
        expect(response).to have_http_status(:bad_request)
      end
      it 'returns 400 when both file and url are blank' do
        post '/materials', params: { tag: 'material_create_blank' }
        expect(response).to have_http_status(:bad_request)
      end
      it 'creates a material with an attached file' do
        expect do
          post '/materials', params: {
            tag: 'material_create_new',
            file: dummy_upload(filename: 'created.png')
          }
        end.to change(Material, :count).by(1)
          .and change(Tag, :count).by(1)
          .and change(TagName, :count).by(1)
        expect(response).to have_http_status(:created)
        material = Material.order(:id).last
        expect(material.tag.name).to eq('material_create_new')
        expect(material.tag.category).to eq('material')
        expect(material.created_by_user).to eq(guest_user)
        expect(material.updated_by_user).to eq(guest_user)
        expect(material.file.attached?).to be(true)
        expect(json['id']).to eq(material.id)
        expect(json.dig('tag', 'name')).to eq('material_create_new')
        expect(json['content_type']).to eq('image/png')
      end
      it 'returns 422 when the existing tag is not material/character' do
        general_tag_name = TagName.create!(name: 'material_create_general_tag')
        Tag.create!(tag_name: general_tag_name, category: :general)
        post '/materials', params: {
          tag: 'material_create_general_tag',
          file: dummy_upload
        }
        expect(response).to have_http_status(:unprocessable_entity)
      end
      it 'persists url-only material' do
        expect do
          post '/materials', params: {
            tag: 'material_create_url_only',
            url: 'https://example.com/material-source'
          }
        end.to change(Material, :count).by(1)
        expect(response).to have_http_status(:created)
        material = Material.order(:id).last
        expect(material.tag.name).to eq('material_create_url_only')
        expect(material.url).to eq('https://example.com/material-source')
        expect(material.file.attached?).to be(false)
      end
      it 'returns the original url for url-only material' do
        post '/materials', params: {
          tag: 'material_create_url_only_response',
          url: 'https://example.com/material-source'
        }
        expect(response).to have_http_status(:created)
        expect(json['url']).to eq('https://example.com/material-source')
      end
    end
  end
  describe 'PUT /materials/:id' do
    let!(:tag) { Tag.create!(tag_name: TagName.create!(name: 'material_update_old'), category: :material) }
    let!(:material) do
      build_material(tag:, user: member_user, file: dummy_upload(filename: 'old.png'))
    end
    context 'when not logged in' do
      before { sign_out }
      it 'returns 401' do
        put "/materials/#{ material.id }", params: {
          tag: 'material_update_new',
          file: dummy_upload(filename: 'new.png')
        }
        expect(response).to have_http_status(:unauthorized)
      end
    end
    context 'when logged in but not member' do
      before { sign_in_as(guest_user) }
      it 'returns 403' do
        put "/materials/#{ material.id }", params: {
          tag: 'material_update_new',
          file: dummy_upload(filename: 'new.png')
        }
        expect(response).to have_http_status(:forbidden)
      end
    end
    context 'when member' do
      before { sign_in_as(member_user) }
      it 'returns 404 when material does not exist' do
        put '/materials/999999999', params: {
          tag: 'material_update_missing',
          file: dummy_upload
        }
        expect(response).to have_http_status(:not_found)
      end
      it 'returns 400 when tag is blank' do
        put "/materials/#{ material.id }", params: {
          tag: '   ',
          file: dummy_upload
        }
        expect(response).to have_http_status(:bad_request)
      end
      it 'returns 400 when both file and url are blank' do
        put "/materials/#{ material.id }", params: {
          tag: 'material_update_no_payload'
        }
        expect(response).to have_http_status(:bad_request)
      end
      it 'updates tag, url, file, and updated_by_user' do
        old_blob_id = material.file.blob.id
        put "/materials/#{ material.id }", params: {
          tag: 'material_update_new',
          url: 'https://example.com/updated-source',
          file: dummy_upload(filename: 'updated.jpg', type: 'image/jpeg')
        }
        expect(response).to have_http_status(:ok)
        material.reload
        expect(material.tag.name).to eq('material_update_new')
        expect(material.tag.category).to eq('material')
        expect(material.url).to eq('https://example.com/updated-source')
        expect(material.updated_by_user).to eq(member_user)
        expect(material.file.attached?).to be(true)
        expect(material.file.blob.id).not_to eq(old_blob_id)
        expect(material.file.blob.filename.to_s).to eq('updated.jpg')
        expect(material.file.blob.content_type).to eq('image/jpeg')
        expect(json['id']).to eq(material.id)
        expect(json['file']).to be_present
        expect(json['content_type']).to eq('image/jpeg')
        expect(json.dig('tag', 'name')).to eq('material_update_new')
      end
      it 'purges the existing file when file is omitted and url is provided' do
        old_blob_id = material.file.blob.id
        put "/materials/#{ material.id }", params: {
          tag: 'material_update_remove_file',
          url: 'https://example.com/updated-source'
        }
        expect(response).to have_http_status(:ok)
        material.reload
        expect(material.tag.name).to eq('material_update_remove_file')
        expect(material.url).to eq('https://example.com/updated-source')
        expect(material.updated_by_user).to eq(member_user)
        expect(material.file.attached?).to be(false)
        expect(
          ActiveStorage::Blob.where(id: old_blob_id).exists?
        ).to be(false)
        expect(json['id']).to eq(material.id)
        expect(json['file']).to be_nil
        expect(json['content_type']).to be_nil
        expect(json.dig('tag', 'name')).to eq('material_update_remove_file')
        expect(json['url']).to eq('https://example.com/updated-source')
      end
    end
  end
  describe 'DELETE /materials/:id' do
    let!(:tag) { Tag.create!(tag_name: TagName.create!(name: 'material_destroy'), category: :material) }
    let!(:material) do
      build_material(tag:, user: member_user, file: dummy_upload(filename: 'destroy.png'))
    end
    context 'when not logged in' do
      before { sign_out }
      it 'returns 401' do
        delete "/materials/#{ material.id }"
        expect(response).to have_http_status(:unauthorized)
      end
    end
    context 'when logged in but not member' do
      before { sign_in_as(guest_user) }
      it 'returns 403' do
        delete "/materials/#{ material.id }"
        expect(response).to have_http_status(:forbidden)
      end
    end
    context 'when member' do
      before { sign_in_as(member_user) }
      it 'returns 404 when material does not exist' do
        delete '/materials/999999999'
        expect(response).to have_http_status(:not_found)
      end
      it 'discards the material and returns 204' do
        delete "/materials/#{ material.id }"
        expect(response).to have_http_status(:no_content)
        expect(Material.find_by(id: material.id)).to be_nil
        expect(Material.with_discarded.find(material.id)).to be_discarded
      end
    end
  end
 end
@@ -14,6 +14,7 @@ RSpec.describe 'NicoTags', type: :request do
  describe 'PATCH /tags/nico/:id' do
    let(:member) { create(:user, :member) }
    let(:admin) { create(:user, :admin) }
    let(:nico_tag) { create(:tag, :nico) }
    it '401 when not logged in' do
@@ -34,5 +35,59 @@ RSpec.describe 'NicoTags', type: :request do
      patch "/tags/nico/#{non_nico.id}", params: { tags: 'a b' }
      expect(response).to have_http_status(:bad_request)
    end
    it '200 and updates linked tags while recording tag versions' do
      sign_in_as(admin)
      nico_tag_name = TagName.create!(name: 'nico:nico_tags_spec_source')
      nico_tag = Tag.create!(tag_name: nico_tag_name, category: :nico)
      linked_a_name = TagName.create!(name: 'nico_linked_a')
      linked_a = Tag.create!(tag_name: linked_a_name, category: :general)
      linked_b_name = TagName.create!(name: 'nico_linked_b')
      linked_b = Tag.create!(tag_name: linked_b_name, category: :general)
      TagVersioning.ensure_snapshot!(nico_tag, created_by_user: admin)
      expect {
        patch "/tags/nico/#{nico_tag.id}", params: {
          tags: "  #{linked_a.name}\n#{linked_b.name}  "
        }
      }.to change(TagVersion, :count).by(2)
       .and change(NicoTagVersion, :count).by(1)
      expect(response).to have_http_status(:ok)
      names = json.map { |t| t['name'] }
      expect(names).to match_array(['nico_linked_a', 'nico_linked_b'])
      linked_versions = TagVersion.where(tag: [linked_a, linked_b]).order(:tag_id)
      expect(linked_versions.map(&:event_type)).to eq(['create', 'create'])
      expect(linked_versions.map(&:created_by_user_id)).to all(eq(admin.id))
      versions = nico_tag.reload.nico_tag_versions.order(:version_no)
      expect(versions.map(&:event_type)).to eq(['create', 'update'])
      expect(versions.last.linked_tags.split).to match_array([
        'nico_linked_a',
        'nico_linked_b'
      ])
      expect(versions.last.created_by_user_id).to eq(admin.id)
    end
    it '400 when linked tag normalises to nico tag' do
      sign_in_as(member)
      other_nico = create(:tag, :nico, name: 'nico:linked_ng')
      TagName.create!(name: 'linked_ng_alias', canonical: other_nico.tag_name)
      TagVersioning.ensure_snapshot!(nico_tag, created_by_user: member)
      expect {
        patch "/tags/nico/#{nico_tag.id}", params: { tags: 'linked_ng_alias' }
      }.not_to change(NicoTagVersion, :count)
      expect(response).to have_http_status(:bad_request)
    end
  end
 end
@@ -58,15 +58,47 @@ RSpec.describe "TagChildren", type: :request do
      end
    end
-    context "when Tag.find raises (invalid ids) it still returns 204" do
+    context "when Tag.find raises (invalid ids)" do
      before { stub_current_user(admin) }
      let(:parent_id) { -1 }
      let(:child_id) { -1 }
-      it "returns 204 (rescue nil)" do
+      it "returns 404" do
        do_request
-        expect(response).to have_http_status(:no_content)
+        expect(response).to have_http_status(:not_found)
      end
    end
    context 'when parent is nico' do
      before { stub_current_user(admin) }
      let!(:parent) { create(:tag, :nico, name: 'nico:parent_ng') }
      let(:parent_id) { parent.id }
      let(:child_id) { child.id }
      it 'returns 400 and does not create relation' do
        expect {
          do_request
        }.not_to change(TagImplication, :count)
        expect(response).to have_http_status(:bad_request)
      end
    end
    context 'when child is nico' do
      before { stub_current_user(admin) }
      let!(:child) { create(:tag, :nico, name: 'nico:child_ng') }
      let(:parent_id) { parent.id }
      let(:child_id) { child.id }
      it 'returns 400 and does not create relation' do
        expect {
          do_request
        }.not_to change(TagImplication, :count)
        expect(response).to have_http_status(:bad_request)
      end
    end
  end
@@ -116,17 +148,57 @@ RSpec.describe "TagChildren", type: :request do
        expect(response).to have_http_status(:no_content)
      end
      it 'records create and update versions for child tag' do
        expect {
          do_request
        }.to change(TagVersion, :count).by(2)
        expect(response).to have_http_status(:no_content)
        versions = child.reload.tag_versions.order(:version_no)
        expect(versions.map(&:event_type)).to eq(['create', 'update'])
        expect(versions.first.parent_tag_ids.split).to include(parent.id.to_s)
        expect(versions.second.parent_tag_ids).to eq('')
        expect(versions.second.created_by_user_id).to eq(admin.id)
      end
    end
-    context "when Tag.find raises (invalid ids) it still returns 204" do
+    context "when Tag.find raises (invalid ids)" do
      before { stub_current_user(admin) }
      let(:parent_id) { -1 }
      let(:child_id) { -1 }
-      it "returns 204 (rescue nil)" do
+      it "returns 404" do
        do_request
-        expect(response).to have_http_status(:no_content)
+        expect(response).to have_http_status(:not_found)
      end
    end
    context 'when parent is nico' do
      before { stub_current_user(admin) }
      let!(:parent) { create(:tag, :nico, name: 'nico:parent_ng_delete') }
      let(:parent_id) { parent.id }
      let(:child_id) { child.id }
      it 'returns 400' do
        do_request
        expect(response).to have_http_status(:bad_request)
      end
    end
    context 'when child is nico' do
      before { stub_current_user(admin) }
      let!(:child) { create(:tag, :nico, name: 'nico:child_ng_delete') }
      let(:parent_id) { parent.id }
      let(:child_id) { child.id }
      it 'returns 400' do
        do_request
        expect(response).to have_http_status(:bad_request)
      end
    end
  end
@@ -0,0 +1,248 @@
 require 'rails_helper'
 RSpec.describe 'TagVersions API', type: :request do
  let(:member) { create(:user, :member, name: 'version member') }
  let!(:tag) { create(:tag, name: 'tag_versions_target', category: :general) }
  let!(:other_tag) { create(:tag, name: 'tag_versions_other', category: :general) }
  let!(:parent_shared) { create(:tag, name: 'parent_shared', category: :general) }
  let!(:parent_old) { create(:tag, name: 'parent_old', category: :general) }
  let!(:parent_new) { create(:tag, name: 'parent_new', category: :general) }
  let!(:other_parent) { create(:tag, name: 'other_parent', category: :general) }
  let(:t_v1) { Time.zone.local(2020, 1, 1, 12, 0, 0) }
  let(:t_v2) { Time.zone.local(2020, 1, 2, 12, 0, 0) }
  let(:t_other) { Time.zone.local(2020, 1, 3, 12, 0, 0) }
  def create_tag_version!(
    tag:,
    version_no:,
    event_type:,
    name:,
    category:,
    aliases: [],
    parent_tags: [],
    created_by_user:,
    created_at:
  )
    version =
        TagVersion.create!(
            tag: tag,
            version_no: version_no,
            event_type: event_type,
            name: name,
            category: category,
            aliases: Array(aliases).join(' '),
            parent_tag_ids: Array(parent_tags).map(&:id).join(' '),
            created_by_user: created_by_user,
            created_at: created_at)
    tag.update_columns(version_no: version_no) if tag.has_attribute?(:version_no)
    tag.version_no = version_no if tag.respond_to?(:version_no=)
    version
  end
  let!(:v1) do
    create_tag_version!(
      tag: tag,
      version_no: 1,
      event_type: 'create',
      name: 'old_tag_name',
      category: 'general',
      aliases: ['alias_shared', 'alias_old'],
      parent_tags: [parent_shared, parent_old],
      created_by_user: member,
      created_at: t_v1
    )
  end
  let!(:v2) do
    create_tag_version!(
      tag: tag,
      version_no: 2,
      event_type: 'update',
      name: 'new_tag_name',
      category: 'meme',
      aliases: ['alias_shared', 'alias_new'],
      parent_tags: [parent_shared, parent_new],
      created_by_user: member,
      created_at: t_v2
    )
  end
  let!(:other_v1) do
    create_tag_version!(
      tag: other_tag,
      version_no: 1,
      event_type: 'create',
      name: 'other_tag_name',
      category: 'general',
      aliases: ['other_alias'],
      parent_tags: [other_parent],
      created_by_user: member,
      created_at: t_other
    )
  end
  describe 'GET /tags/versions' do
    it 'returns all versions in reverse chronological order when id is omitted' do
      get '/tags/versions'
      expect(response).to have_http_status(:ok)
      expect(json).to include('versions', 'count')
      expect(json.fetch('count')).to eq(3)
      versions = json.fetch('versions')
      expect(versions.map { |v| [v['tag_id'], v['version_no']] }).to eq([
        [other_tag.id, 1],
        [tag.id, 2],
        [tag.id, 1]
      ])
    end
    it 'returns versions for the specified tag with diffs' do
      get '/tags/versions', params: { id: tag.id }
      expect(response).to have_http_status(:ok)
      expect(json).to include('versions', 'count')
      expect(json.fetch('count')).to eq(2)
      versions = json.fetch('versions')
      expect(versions.map { |v| v['tag_id'] }.uniq).to eq([tag.id])
      expect(versions.map { |v| v['version_no'] }).to eq([2, 1])
      latest = versions.first
      expect(latest).to include(
        'tag_id' => tag.id,
        'version_no' => 2,
        'event_type' => 'update',
        'created_by_user' => {
          'id' => member.id,
          'name' => member.name
        }
      )
      expect(latest.fetch('name')).to eq(
        'current' => 'new_tag_name',
        'prev' => 'old_tag_name'
      )
      expect(latest.fetch('category')).to eq(
        'current' => 'meme',
        'prev' => 'general'
      )
      expect(latest.fetch('aliases')).to include(
        { 'name' => 'alias_shared', 'type' => 'context' },
        { 'name' => 'alias_new', 'type' => 'added' },
        { 'name' => 'alias_old', 'type' => 'removed' }
      )
      expect(latest.fetch('parent_tags')).to include(
        a_hash_including(
          'type' => 'context',
          'tag' => a_hash_including(
            'id' => parent_shared.id
          )
        ),
        a_hash_including(
          'type' => 'added',
          'tag' => a_hash_including(
            'id' => parent_new.id
          )
        ),
        a_hash_including(
          'type' => 'removed',
          'tag' => a_hash_including(
            'id' => parent_old.id
          )
        )
      )
      expect(latest.fetch('created_at')).to eq(t_v2.iso8601)
      first = versions.second
      expect(first).to include(
        'tag_id' => tag.id,
        'version_no' => 1,
        'event_type' => 'create',
        'created_by_user' => {
          'id' => member.id,
          'name' => member.name
        }
      )
      expect(first.fetch('name')).to eq(
        'current' => 'old_tag_name',
        'prev' => nil
      )
      expect(first.fetch('category')).to eq(
        'current' => 'general',
        'prev' => nil
      )
      expect(first.fetch('aliases')).to include(
        { 'name' => 'alias_shared', 'type' => 'added' },
        { 'name' => 'alias_old', 'type' => 'added' }
      )
      expect(first.fetch('parent_tags')).to include(
        a_hash_including(
          'type' => 'added',
          'tag' => a_hash_including(
            'id' => parent_shared.id
          )
        ),
        a_hash_including(
          'type' => 'added',
          'tag' => a_hash_including(
            'id' => parent_old.id
          )
        )
      )
      expect(first.fetch('created_at')).to eq(t_v1.iso8601)
    end
    it 'returns empty when the specified tag has no versions' do
      fresh_tag = create(:tag, name: 'no_versions_tag', category: :general)
      get '/tags/versions', params: { id: fresh_tag.id }
      expect(response).to have_http_status(:ok)
      expect(json.fetch('versions')).to eq([])
      expect(json.fetch('count')).to eq(0)
    end
    it 'clamps page and limit to at least 1' do
      get '/tags/versions', params: { id: tag.id, page: 0, limit: 0 }
      expect(response).to have_http_status(:ok)
      expect(json.fetch('count')).to eq(2)
      versions = json.fetch('versions')
      expect(versions.size).to eq(1)
      expect(versions.first['version_no']).to eq(2)
    end
    it 'does not create tag versions by wiki updates when tag has no versions yet' do
      wiki_tag_name = TagName.create!(name: 'tag_versions_from_wiki')
      wiki_tag = Tag.create!(tag_name: wiki_tag_name, category: :general)
      wiki_page =
          Wiki::Commit.create_content!(
              tag_name: wiki_tag_name,
              body: 'before',
              created_by_user: member,
              message: 'init')
      Wiki::Commit.content!(
          page: wiki_page,
          body: 'after',
          created_user: member,
          message: 'edit',
          base_revision_id: wiki_page.current_revision.id)
      get '/tags/versions', params: { id: wiki_tag.id }
      expect(response).to have_http_status(:ok)
      expect(json.fetch('versions')).to eq([])
      expect(json.fetch('count')).to eq(0)
    end
  end
 end
@@ -0,0 +1,160 @@
 require 'rails_helper'
 RSpec.describe 'Tag and wiki history integrity', type: :request do
  let(:member_user) { create(:user, role: 'member') }
  def stub_current_user user
    allow_any_instance_of(ApplicationController).to receive(:current_user).and_return(user)
  end
  def create_tag! name:, category: :general
    tag_name = TagName.create!(name:)
    Tag.create!(tag_name:, category:)
  end
  def create_wiki_for_tag! tag:, body: 'wiki body', user: member_user
    Wiki::Commit.create_content!(
        tag_name: tag.tag_name,
        body:,
        created_by_user: user,
        message: 'init')
  end
  before do
    stub_current_user(member_user)
  end
  describe 'PATCH /tags/:id' do
    it 'records wiki_version when tag name changes and tag has wiki' do
      tag = create_tag!(name: 'patch_tag_wiki_before')
      wiki_page = create_wiki_for_tag!(tag:, body: 'wiki body before')
      expect {
        patch "/tags/#{ tag.id }", params: {
          name: 'patch_tag_wiki_after',
        }
      }
          .to change(TagVersion, :count).by(2)
          .and change(WikiVersion, :count).by(1)
      expect(response).to have_http_status(:ok)
      tag.reload
      wiki_page.reload
      version = wiki_page.wiki_versions.order(:version_no).last
      expect(tag.name).to eq('patch_tag_wiki_after')
      expect(wiki_page.title).to eq('patch_tag_wiki_after')
      expect(version).to have_attributes(
        event_type: 'update',
        title: 'patch_tag_wiki_after',
        body: 'wiki body before',
        created_by_user_id: member_user.id
      )
    end
    it 'does not record wiki_version when only category changes' do
      tag = create_tag!(name: 'patch_tag_category_only')
      wiki_page = create_wiki_for_tag!(tag:, body: 'wiki body before')
      before_wiki_versions = wiki_page.wiki_versions.count
      expect {
        patch "/tags/#{ tag.id }", params: {
          category: 'meme',
        }
      }
          .to change(TagVersion, :count).by(2)
      expect(response).to have_http_status(:ok)
      tag.reload
      wiki_page.reload
      expect(tag.name).to eq('patch_tag_category_only')
      expect(tag.category).to eq('meme')
      expect(wiki_page.wiki_versions.count).to eq(before_wiki_versions)
    end
  end
  describe 'PUT /tags/:id' do
    it 'records wiki_version when tag name changes and tag has wiki' do
      tag = create_tag!(name: 'put_tag_wiki_before')
      wiki_page = create_wiki_for_tag!(tag:, body: 'wiki body before')
      expect {
        put "/tags/#{ tag.id }", params: {
          name: 'put_tag_wiki_after',
          category: 'general',
          aliases: '',
          parent_tags: '',
        }
      }
          .to change(TagVersion, :count).by(2)
          .and change(WikiVersion, :count).by(1)
      expect(response).to have_http_status(:ok)
      tag.reload
      wiki_page.reload
      version = wiki_page.wiki_versions.order(:version_no).last
      expect(tag.name).to eq('put_tag_wiki_after')
      expect(wiki_page.title).to eq('put_tag_wiki_after')
      expect(version).to have_attributes(
        event_type: 'update',
        title: 'put_tag_wiki_after',
        body: 'wiki body before',
        created_by_user_id: member_user.id
      )
    end
    it 'does not record wiki_version when only category changes' do
      tag = create_tag!(name: 'put_tag_category_only')
      wiki_page = create_wiki_for_tag!(tag:, body: 'wiki body before')
      before_wiki_versions = wiki_page.wiki_versions.count
      expect {
        put "/tags/#{ tag.id }", params: {
          name: 'put_tag_category_only',
          category: 'meme',
          aliases: '',
          parent_tags: '',
        }
      }
          .to change(TagVersion, :count).by(2)
      expect(response).to have_http_status(:ok)
      tag.reload
      wiki_page.reload
      expect(tag.name).to eq('put_tag_category_only')
      expect(tag.category).to eq('meme')
      expect(wiki_page.wiki_versions.count).to eq(before_wiki_versions)
    end
    it 'does not record wiki_version when only aliases change' do
      tag = create_tag!(name: 'put_tag_alias_only')
      wiki_page = create_wiki_for_tag!(tag:, body: 'wiki body before')
      before_wiki_versions = wiki_page.wiki_versions.count
      expect {
        put "/tags/#{ tag.id }", params: {
          name: 'put_tag_alias_only',
          category: 'general',
          aliases: 'put_tag_alias_only_alias',
          parent_tags: '',
        }
      }
          .to change(TagVersion, :count).by(2)
      expect(response).to have_http_status(:ok)
      expect(wiki_page.reload.wiki_versions.count).to eq(before_wiki_versions)
    end
  end
 end
@@ -8,23 +8,35 @@ RSpec.describe 'Tags deerjikists API', type: :request do
  let!(:tag) { create(:tag, category: :deerjikist) }
  let(:member) { create(:user, :member) }
  let(:guest) { create(:user, role: :guest) }
  before do
    # show_by_name / deerjikists_by_name 用に名前を固定
    tag.tag_name.update!(name: 'deerjika')
  end
  describe 'GET /tags/:id/deerjikists' do
    subject(:do_request) do
-      get "/tags/#{ tag_id }/deerjikists"
+      get "/tags/#{tag_id}/deerjikists"
    end
    let(:tag_id) { tag.id }
    context 'when tag exists and has no deerjikists' do
-      it 'returns 200 and empty array' do
+      it 'returns 200 with tag and empty deerjikists array' do
        do_request
        expect(response).to have_http_status(:ok)
-        expect(json).to eq([])
+
        expect(json).to be_a(Hash)
        expect(json['tag']).to be_a(Hash)
        expect(json['tag']['id']).to eq(tag.id)
        expect(json['tag']['name']).to eq('deerjika')
        expect(json['tag']['category']).to eq('deerjikist')
        expect(json['tag']['has_deerjikists']).to eq(false)
        expect(json['deerjikists']).to eq([])
      end
    end
@@ -34,17 +46,27 @@ RSpec.describe 'Tags deerjikists API', type: :request do
        Deerjikist.create!(platform: platform2, code: code2, tag: tag)
      end
-      it 'returns 200 and deerjikists array' do
+      it 'returns 200 with tag and deerjikists array' do
        do_request
        expect(response).to have_http_status(:ok)
-        expect(json).to be_a(Array)
+        expect(json).to be_a(Hash)
        expect(json.size).to eq(2)
-        expect(json.map { |h| [h['platform'], h['code']] }).to contain_exactly(
+        expect(json['tag']).to be_a(Hash)
-          [platform1, code1],
+        expect(json['tag']['id']).to eq(tag.id)
-          [platform2, code2],
+        expect(json['tag']['name']).to eq('deerjika')
-        )
+        expect(json['tag']['category']).to eq('deerjikist')
        expect(json['tag']['has_deerjikists']).to eq(true)
        expect(json['deerjikists']).to be_a(Array)
        expect(json['deerjikists'].size).to eq(2)
        expect(json['deerjikists'].map { |h| [h['platform'], h['code']] })
          .to contain_exactly(
            [platform1, code1],
            [platform2, code2],
          )
      end
    end
@@ -53,6 +75,7 @@ RSpec.describe 'Tags deerjikists API', type: :request do
      it 'returns 404' do
        do_request
        expect(response).to have_http_status(:not_found)
      end
    end
@@ -60,7 +83,7 @@ RSpec.describe 'Tags deerjikists API', type: :request do
  describe 'GET /tags/name/:name/deerjikists' do
    subject(:do_request) do
-      get "/tags/name/#{ name }/deerjikists"
+      get "/tags/name/#{name}/deerjikists"
    end
    let(:name) { 'deerjika' }
@@ -70,6 +93,7 @@ RSpec.describe 'Tags deerjikists API', type: :request do
      it 'returns 400' do
        do_request
        expect(response).to have_http_status(:bad_request)
      end
    end
@@ -79,23 +103,209 @@ RSpec.describe 'Tags deerjikists API', type: :request do
      it 'returns 404' do
        do_request
        expect(response).to have_http_status(:not_found)
      end
    end
    context 'when tag exists and has no deerjikists' do
      it 'returns 200 with tag and empty deerjikists array' do
        do_request
        expect(response).to have_http_status(:ok)
        expect(json).to be_a(Hash)
        expect(json['tag']).to be_a(Hash)
        expect(json['tag']['id']).to eq(tag.id)
        expect(json['tag']['name']).to eq('deerjika')
        expect(json['tag']['category']).to eq('deerjikist')
        expect(json['tag']['has_deerjikists']).to eq(false)
        expect(json['deerjikists']).to eq([])
      end
    end
    context 'when tag exists and has deerjikists' do
      before do
        Deerjikist.create!(platform: platform1, code: code1, tag: tag)
      end
-      it 'returns 200 and deerjikists array' do
+      it 'returns 200 with tag and deerjikists array' do
        do_request
        expect(response).to have_http_status(:ok)
-        expect(json).to be_a(Array)
+        expect(json).to be_a(Hash)
-        expect(json.size).to eq(1)
+
-        expect(json[0]['platform']).to eq(platform1)
+        expect(json['tag']).to be_a(Hash)
-        expect(json[0]['code']).to eq(code1)
+        expect(json['tag']['id']).to eq(tag.id)
        expect(json['tag']['name']).to eq('deerjika')
        expect(json['tag']['category']).to eq('deerjikist')
        expect(json['tag']['has_deerjikists']).to eq(true)
        expect(json['deerjikists']).to be_a(Array)
        expect(json['deerjikists'].size).to eq(1)
        expect(json['deerjikists'][0]['platform']).to eq(platform1)
        expect(json['deerjikists'][0]['code']).to eq(code1)
      end
    end
  end
  describe 'PUT /tags/:id/deerjikists' do
    subject(:do_request) do
      put "/tags/#{tag_id}/deerjikists", params: payload, as: :json
    end
    let(:tag_id) { tag.id }
    let(:payload) do
      [
        { platform: platform1, code: code1 },
        { platform: platform2, code: code2 },
      ]
    end
    context 'when not logged in' do
      it 'returns 401' do
        do_request
        expect(response).to have_http_status(:unauthorized)
      end
    end
    context 'when logged in but not member' do
      before do
        sign_in_as guest
      end
      it 'returns 403' do
        do_request
        expect(response).to have_http_status(:forbidden)
      end
    end
    context 'when tag does not exist' do
      let(:tag_id) { 9_999_999 }
      before do
        sign_in_as member
      end
      it 'returns 404' do
        do_request
        expect(response).to have_http_status(:not_found)
      end
    end
    context 'when logged in as member' do
      before do
        sign_in_as member
      end
      context 'when tag has no deerjikists' do
        it 'creates deerjikists and returns deerjikists array' do
          expect {
            do_request
          }.to change { Deerjikist.where(tag: tag).count }.from(0).to(2)
          expect(response).to have_http_status(:ok)
          expect(json).to be_a(Array)
          expect(json.map { |h| [h['platform'], h['code']] })
            .to contain_exactly(
              [platform1, code1],
              [platform2, code2],
            )
          expect(Deerjikist.where(tag: tag).map { |d| [d.platform, d.code] })
            .to contain_exactly(
              [platform1, code1],
              [platform2, code2],
            )
        end
      end
      context 'when tag already has deerjikists' do
        before do
          Deerjikist.create!(platform: platform1, code: 'old-code-1', tag: tag)
          Deerjikist.create!(platform: platform2, code: 'old-code-2', tag: tag)
        end
        it 'replaces deerjikists and returns deerjikists array' do
          do_request
          expect(response).to have_http_status(:ok)
          expect(Deerjikist.where(tag: tag).map { |d| [d.platform, d.code] })
            .to contain_exactly(
              [platform1, code1],
              [platform2, code2],
            )
          expect(Deerjikist.exists?(platform: platform1, code: 'old-code-1')).to eq(false)
          expect(Deerjikist.exists?(platform: platform2, code: 'old-code-2')).to eq(false)
          expect(json).to be_a(Array)
          expect(json.map { |h| [h['platform'], h['code']] })
            .to contain_exactly(
              [platform1, code1],
              [platform2, code2],
            )
        end
      end
      context 'when payload is empty array' do
        let(:payload) { [] }
        before do
          Deerjikist.create!(platform: platform1, code: code1, tag: tag)
          Deerjikist.create!(platform: platform2, code: code2, tag: tag)
        end
        it 'clears deerjikists and returns empty array' do
          expect {
            do_request
          }.to change { Deerjikist.where(tag: tag).count }.from(2).to(0)
          expect(response).to have_http_status(:ok)
          expect(json).to eq([])
        end
      end
      context 'when youtube code is handle' do
        let(:channel_id) { 'UCabcdefghijklmnopqrstuv' }
        let(:payload) do
          [
            { platform: 'youtube', code: '@deerjika' },
          ]
        end
        before do
          allow(Net::HTTP).to receive(:get).and_return(
            %(<link rel="canonical" href="https://www.youtube.com/channel/#{channel_id}">),
          )
        end
        it 'normalises youtube handle to channel id' do
          expect {
            do_request
          }.to change { Deerjikist.where(tag: tag).count }.from(0).to(1)
          expect(response).to have_http_status(:ok)
          expect(Net::HTTP).to have_received(:get)
          expect(Deerjikist.exists?(platform: 'youtube', code: channel_id, tag: tag))
            .to eq(true)
          expect(json).to be_a(Array)
          expect(json.size).to eq(1)
          expect(json[0]['platform']).to eq('youtube')
          expect(json[0]['code']).to eq(channel_id)
        end
      end
    end
  end
@@ -0,0 +1,150 @@
 require 'rails_helper'
 RSpec.describe 'TheatreComments', type: :request do
  def sign_in_as(user)
    allow_any_instance_of(ApplicationController).to receive(:current_user).and_return(user)
  end
  describe 'GET /theatres/:theatre_id/comments' do
    let(:theatre) { create(:theatre) }
    let(:other_theatre) { create(:theatre) }
    let(:alice) { create(:user, name: 'Alice') }
    let(:bob) { create(:user, name: 'Bob') }
    let!(:comment_3) do
      create(
        :theatre_comment,
        theatre: theatre,
        no: 3,
        user: alice,
        content: 'third comment'
      )
    end
    let!(:comment_1) do
      create(
        :theatre_comment,
        theatre: theatre,
        no: 1,
        user: alice,
        content: 'first comment'
      )
    end
    let!(:comment_2) do
      create(
        :theatre_comment,
        theatre: theatre,
        no: 2,
        user: bob,
        content: 'second comment'
      )
    end
    let!(:other_comment) do
      create(
        :theatre_comment,
        theatre: other_theatre,
        no: 1,
        user: bob,
        content: 'other theatre comment'
      )
    end
    it 'theatre_id で絞り込み、no_gt より大きいものを no 降順で返す' do
      get "/theatres/#{theatre.id}/comments", params: { no_gt: 1 }
      expect(response).to have_http_status(:ok)
      expect(response.parsed_body.map { |row| row['no'] }).to eq([3, 2])
      expect(response.parsed_body.map { |row| row['content'] }).to eq([
        'third comment',
        'second comment'
      ])
    end
    it 'user は id と name だけを含む' do
      get "/theatres/#{theatre.id}/comments", params: { no_gt: 1 }
      expect(response).to have_http_status(:ok)
      expect(response.parsed_body.first['user']).to eq({
        'id' => alice.id,
        'name' => 'Alice'
      })
      expect(response.parsed_body.first['user'].keys).to contain_exactly('id', 'name')
    end
    it 'no_gt が負数なら 0 として扱う' do
      get "/theatres/#{theatre.id}/comments", params: { no_gt: -100 }
      expect(response).to have_http_status(:ok)
      expect(response.parsed_body.map { |row| row['no'] }).to eq([3, 2, 1])
    end
  end
  describe 'POST /theatres/:theatre_id/comments' do
    let(:user) { create(:user, name: 'Alice') }
    let(:theatre) { create(:theatre, next_comment_no: 2) }
    before do
      create(
        :theatre_comment,
        theatre: theatre,
        no: 1,
        user: user,
        content: 'existing comment'
      )
    end
    it '未ログインなら 401 を返す' do
      expect {
        post "/theatres/#{theatre.id}/comments", params: { content: 'hello' }
      }.not_to change(TheatreComment, :count)
      expect(response).to have_http_status(:unauthorized)
    end
    it 'content が blank なら 422 を返す' do
      sign_in_as(user)
      expect {
        post "/theatres/#{theatre.id}/comments", params: { content: '   ' }
      }.not_to change(TheatreComment, :count)
      expect(response).to have_http_status(:unprocessable_entity)
    end
    it 'theatre が存在しなければ 404 を返す' do
      sign_in_as(user)
      expect {
        post '/theatres/999999/comments', params: { content: 'hello' }
      }.not_to change(TheatreComment, :count)
      expect(response).to have_http_status(:not_found)
    end
    it 'コメントを作成し、user を紐づけ、next_comment_no を進める' do
      sign_in_as(user)
      expect {
        post "/theatres/#{theatre.id}/comments", params: { content: 'new comment' }
      }.to change(TheatreComment, :count).by(1)
      expect(response).to have_http_status(:created)
      comment = TheatreComment.find_by!(theatre: theatre, no: 2)
      expect(comment.user).to eq(user)
      expect(comment.content).to eq('new comment')
      expect(theatre.reload.next_comment_no).to eq(3)
      expect(response.parsed_body.slice('theatre_id', 'no', 'user_id', 'content')).to eq({
        'theatre_id' => theatre.id,
        'no' => 2,
        'user_id' => user.id,
        'content' => 'new comment'
      })
    end
  end
 end
@@ -0,0 +1,307 @@
 require 'rails_helper'
 require 'active_support/testing/time_helpers'
 RSpec.describe 'Theatres API', type: :request do
  include ActiveSupport::Testing::TimeHelpers
  around do |example|
    travel_to(Time.zone.parse('2026-03-18 21:00:00')) do
      example.run
    end
  end
  let(:member) { create(:user, :member, name: 'member user') }
  let(:other_user) { create(:user, :member, name: 'other user') }
  let!(:youtube_post) do
    Post.create!(
      title: 'youtube post',
      url: 'https://www.youtube.com/watch?v=spec123'
    )
  end
  let!(:other_post) do
    Post.create!(
      title: 'other post',
      url: 'https://example.com/posts/1'
    )
  end
  let!(:theatre) do
    Theatre.create!(
      name: 'spec theatre',
      opens_at: Time.zone.parse('2026-03-18 20:00:00'),
      kind: 0,
      created_by_user: member
    )
  end
  describe 'GET /theatres/:id' do
    subject(:do_request) do
      get "/theatres/#{theatre_id}"
    end
    context 'when theatre exists' do
      let(:theatre_id) { theatre.id }
      it 'returns theatre json' do
        do_request
        expect(response).to have_http_status(:ok)
        expect(json).to include(
          'id' => theatre.id,
          'name' => 'spec theatre'
        )
        expect(json).to have_key('opens_at')
        expect(json).to have_key('closes_at')
        expect(json).to have_key('created_at')
        expect(json).to have_key('updated_at')
        expect(json['created_by_user']).to include(
          'id' => member.id,
          'name' => 'member user'
        )
      end
    end
    context 'when theatre does not exist' do
      let(:theatre_id) { 999_999_999 }
      it 'returns 404' do
        do_request
        expect(response).to have_http_status(:not_found)
      end
    end
  end
  describe 'PUT /theatres/:id/watching' do
    subject(:do_request) do
      put "/theatres/#{theatre_id}/watching"
    end
    let(:theatre_id) { theatre.id }
    context 'when not logged in' do
      it 'returns 401' do
        sign_out
        do_request
        expect(response).to have_http_status(:unauthorized)
      end
    end
    context 'when theatre does not exist' do
      let(:theatre_id) { 999_999_999 }
      it 'returns 404' do
        sign_in_as(member)
        do_request
        expect(response).to have_http_status(:not_found)
      end
    end
    context 'when theatre has no host yet' do
      before do
        sign_in_as(member)
      end
      it 'creates watching row, assigns current user as host, and returns current theatre info' do
        expect { do_request }
          .to change { TheatreWatchingUser.count }.by(1)
        expect(response).to have_http_status(:ok)
        theatre.reload
        watch = TheatreWatchingUser.find_by!(theatre: theatre, user: member)
        expect(theatre.host_user_id).to eq(member.id)
        expect(watch.expires_at).to be_within(1.second).of(30.seconds.from_now)
        expect(json).to include(
          'host_flg' => true,
          'post_id' => nil,
          'post_started_at' => nil
        )
        expect(json.fetch('watching_users')).to contain_exactly(
          {
            'id' => member.id,
            'name' => 'member user'
          }
        )
      end
    end
    context 'when current user is already watching' do
      let!(:watching_row) do
        TheatreWatchingUser.create!(
          theatre: theatre,
          user: member,
          expires_at: 5.seconds.from_now
        )
      end
      before do
        sign_in_as(member)
      end
      it 'refreshes expires_at without creating another row' do
        expect { do_request }
          .not_to change { TheatreWatchingUser.count }
        expect(response).to have_http_status(:ok)
        expect(watching_row.reload.expires_at)
          .to be_within(1.second).of(30.seconds.from_now)
      end
    end
    context 'when another active host exists' do
      before do
        TheatreWatchingUser.create!(
          theatre: theatre,
          user: other_user,
          expires_at: 10.minutes.from_now
        )
        theatre.update!(host_user: other_user)
        sign_in_as(member)
      end
      it 'does not steal host and returns host_flg false' do
        expect { do_request }
          .to change { TheatreWatchingUser.count }.by(1)
        expect(response).to have_http_status(:ok)
        expect(theatre.reload.host_user_id).to eq(other_user.id)
        expect(json).to include(
          'host_flg' => false,
          'post_id' => nil,
          'post_started_at' => nil
        )
        expect(json.fetch('watching_users')).to contain_exactly(
          {
            'id' => member.id,
            'name' => 'member user'
          },
          {
            'id' => other_user.id,
            'name' => 'other user'
          }
        )
      end
    end
    context 'when host is set but no longer actively watching' do
      let(:started_at) { 2.minutes.ago }
      before do
        TheatreWatchingUser.create!(
          theatre: theatre,
          user: other_user,
          expires_at: 1.second.ago
        )
        theatre.update!(
          host_user: other_user,
          current_post: youtube_post,
          current_post_started_at: started_at
        )
        sign_in_as(member)
      end
      it 'reassigns host to current user and returns current post info' do
        expect { do_request }
          .to change { TheatreWatchingUser.count }.by(1)
        expect(response).to have_http_status(:ok)
        theatre.reload
        expect(theatre.host_user_id).to eq(member.id)
        expect(json['host_flg']).to eq(true)
        expect(json['post_id']).to eq(youtube_post.id)
        expect(Time.zone.parse(json['post_started_at']))
          .to be_within(1.second).of(started_at)
      end
    end
  end
  describe 'PATCH /theatres/:id/next_post' do
    subject(:do_request) do
      patch "/theatres/#{theatre_id}/next_post"
    end
    let(:theatre_id) { theatre.id }
    context 'when not logged in' do
      it 'returns 401' do
        sign_out
        do_request
        expect(response).to have_http_status(:unauthorized)
      end
    end
    context 'when theatre does not exist' do
      let(:theatre_id) { 999_999_999 }
      it 'returns 404' do
        sign_in_as(member)
        do_request
        expect(response).to have_http_status(:not_found)
      end
    end
    context 'when logged in but not host' do
      before do
        theatre.update!(host_user: other_user)
        sign_in_as(member)
      end
      it 'returns 403' do
        do_request
        expect(response).to have_http_status(:forbidden)
      end
    end
    context 'when current user is host' do
      before do
        theatre.update!(host_user: member)
        sign_in_as(member)
      end
      it 'sets current_post to an eligible post and updates current_post_started_at' do
        expect { do_request }
          .to change { theatre.reload.current_post_id }
          .from(nil).to(youtube_post.id)
        expect(response).to have_http_status(:no_content)
        expect(theatre.reload.current_post_started_at)
          .to be_within(1.second).of(Time.current)
      end
    end
    context 'when current user is host and no eligible post exists' do
      before do
        youtube_post.destroy!
        theatre.update!(
          host_user: member,
          current_post: other_post,
          current_post_started_at: 1.hour.ago
        )
        sign_in_as(member)
      end
      it 'still returns 204 and clears current_post' do
        do_request
        expect(response).to have_http_status(:no_content)
        theatre.reload
        expect(theatre.current_post_id).to be_nil
        expect(theatre.current_post_started_at)
          .to be_within(1.second).of(Time.current)
      end
    end
  end
 end
@@ -1,110 +1,266 @@
-require "rails_helper"
+require 'rails_helper'
 RSpec.describe 'Users', type: :request do
  let(:remote_ip) { '203.0.113.10' }
-RSpec.describe "Users", type: :request do
+  before do
-  describe "POST /users" do
+    allow_any_instance_of(ActionDispatch::Request)
-    it "creates guest user and returns code" do
+      .to receive(:remote_ip)
-      post "/users"
+      .and_return(remote_ip)
-      expect(response).to have_http_status(:ok)
+  end
-      expect(json["code"]).to be_present
+
-      expect(json["user"]["role"]).to eq("guest")
+  def auth_headers(user)
    { 'X-Transfer-Code' => user.inheritance_code }
  end
  describe 'POST /users' do
    it 'creates guest user, IpAddress and UserIp, and returns code' do
      expect {
        post '/users'
      }.to change(User, :count).by(1)
        .and change(IpAddress, :count).by(1)
        .and change(UserIp, :count).by(1)
      expect(response).to have_http_status(:created)
      expect(json['code']).to be_present
      expect(json['user']['role']).to eq('guest')
      user = User.last
      ip_address = IpAddress.find_by(ip_address: IPAddr.new(remote_ip).hton)
      expect(user.role).to eq('guest')
      expect(ip_address).to be_present
      expect(UserIp.exists?(user:, ip_address:)).to eq(true)
    end
    it 'returns 403 and does not create user when current IP address is banned' do
      IpAddress.create!(
        ip_address: IPAddr.new(remote_ip).hton,
        banned_at: Time.current
      )
      expect {
        post '/users'
      }.not_to change(User, :count)
      expect(response).to have_http_status(:forbidden)
      expect(UserIp.count).to eq(0)
    end
  end
-  describe "POST /users/code/renew" do
+  describe 'POST /users/code/renew' do
-    it "returns 401 when not logged in" do
+    it 'returns 401 when not logged in' do
-      sign_out
+      post '/users/code/renew'
-      post "/users/code/renew"
+
      expect(response).to have_http_status(:unauthorized)
    end
    it 'returns 403 when current user is banned' do
      user = create(:user, :banned)
      post '/users/code/renew', headers: auth_headers(user)
      expect(response).to have_http_status(:forbidden)
    end
    it 'returns 403 when current IP address is banned' do
      user = create(:user)
      IpAddress.create!(
        ip_address: IPAddr.new(remote_ip).hton,
        banned_at: Time.current
      )
      post '/users/code/renew', headers: auth_headers(user)
      expect(response).to have_http_status(:forbidden)
    end
  end
-  describe "PUT /users/:id" do
+  describe 'PUT /users/:id' do
-    let(:user) { create(:user, name: "old-name", role: "guest") }
+    let(:user) { create(:user, name: 'old-name', role: 'guest') }
    it 'returns 401 when current_user id mismatch' do
      other_user = create(:user)
      put "/users/#{user.id}",
          params: { name: 'new-name' },
          headers: auth_headers(other_user)
    it "returns 401 when current_user id mismatch" do
      sign_in_as(create(:user))
      put "/users/#{user.id}", params: { name: "new-name" }
      expect(response).to have_http_status(:unauthorized)
    end
-    it "returns 400 when name is blank" do
+    it 'returns 400 when name is blank' do
-      sign_in_as(user)
+      put "/users/#{user.id}",
-      put "/users/#{user.id}", params: { name: "   " }
+          params: { name: '   ' },
          headers: auth_headers(user)
      expect(response).to have_http_status(:bad_request)
    end
-    it "updates name and returns 201 with user slice" do
+    it 'updates name and returns user slice' do
-      sign_in_as(user)
+      put "/users/#{user.id}",
-      put "/users/#{user.id}", params: { name: "new-name" }
+          params: { name: 'new-name' },
          headers: auth_headers(user)
-      expect(response).to have_http_status(:created)
+      expect(response).to have_http_status(:ok)
-      expect(json["id"]).to eq(user.id)
+      expect(json['id']).to eq(user.id)
-      expect(json["name"]).to eq("new-name")
+      expect(json['name']).to eq('new-name')
      user.reload
-      expect(user.name).to eq("new-name")
+      expect(user.name).to eq('new-name')
    end
    it 'returns 403 when current user is banned' do
      user.update!(banned_at: Time.current)
      put "/users/#{user.id}",
          params: { name: 'new-name' },
          headers: auth_headers(user)
      expect(response).to have_http_status(:forbidden)
      user.reload
      expect(user.name).to eq('old-name')
    end
    it 'returns 403 when current IP address is banned' do
      IpAddress.create!(
        ip_address: IPAddr.new(remote_ip).hton,
        banned_at: Time.current
      )
      put "/users/#{user.id}",
          params: { name: 'new-name' },
          headers: auth_headers(user)
      expect(response).to have_http_status(:forbidden)
      user.reload
      expect(user.name).to eq('old-name')
    end
  end
-  describe "POST /users/verify" do
+  describe 'POST /users/verify' do
-    it "returns valid:false when code not found" do
+    it 'returns valid:false when code not found' do
-      post "/users/verify", params: { code: "nope" }
+      post '/users/verify', params: { code: 'nope' }
      expect(response).to have_http_status(:ok)
-      expect(json["valid"]).to eq(false)
+      expect(json['valid']).to eq(false)
    end
-    it "creates IpAddress and UserIp, and returns valid:true with user slice" do
+    it 'returns 403 when current IP address is banned' do
-      user = create(:user, inheritance_code: SecureRandom.uuid, role: "guest")
+      user = create(:user, inheritance_code: SecureRandom.uuid, role: 'guest')
-      # request.remote_ip を固定
+      IpAddress.create!(
-      allow_any_instance_of(ActionDispatch::Request).to receive(:remote_ip).and_return("203.0.113.10")
+        ip_address: IPAddr.new(remote_ip).hton,
        banned_at: Time.current
      )
      expect {
-        post "/users/verify", params: { code: user.inheritance_code }
+        post '/users/verify', params: { code: user.inheritance_code }
      }.not_to change(UserIp, :count)
      expect(response).to have_http_status(:forbidden)
    end
    it 'returns 403 when verified user is banned' do
      user = create(
        :user,
        :banned,
        inheritance_code: SecureRandom.uuid,
        role: 'guest'
      )
      expect {
        post '/users/verify', params: { code: user.inheritance_code }
      }.not_to change(UserIp, :count)
      expect(response).to have_http_status(:forbidden)
    end
    it 'creates IpAddress and UserIp, and returns valid:true with user slice' do
      user = create(:user, inheritance_code: SecureRandom.uuid, role: 'guest')
      expect {
        post '/users/verify', params: { code: user.inheritance_code }
      }.to change(UserIp, :count).by(1)
        .and change(IpAddress, :count).by(1)
      expect(response).to have_http_status(:ok)
-      expect(json["valid"]).to eq(true)
+      expect(json['valid']).to eq(true)
-      expect(json["user"]["id"]).to eq(user.id)
+      expect(json['user']['id']).to eq(user.id)
-      expect(json["user"]["inheritance_code"]).to eq(user.inheritance_code)
+      expect(json['user']['inheritance_code']).to eq(user.inheritance_code)
-      expect(json["user"]["role"]).to eq("guest")
+      expect(json['user']['role']).to eq('guest')
-      # ついでに IpAddress もできてることを確認（ipの保存形式がバイナリでも count で見れる）
+      ip_address = IpAddress.find_by(ip_address: IPAddr.new(remote_ip).hton)
-      expect(IpAddress.count).to be >= 1
+      expect(ip_address).to be_present
      expect(UserIp.exists?(user:, ip_address:)).to eq(true)
    end
-    it "is idempotent for same user+ip (does not create duplicate UserIp)" do
+    it 'is idempotent for same user and same IP address' do
-      user = create(:user, inheritance_code: SecureRandom.uuid, role: "guest")
+      user = create(:user, inheritance_code: SecureRandom.uuid, role: 'guest')
      allow_any_instance_of(ActionDispatch::Request).to receive(:remote_ip).and_return("203.0.113.10")
-      post "/users/verify", params: { code: user.inheritance_code }
+      post '/users/verify', params: { code: user.inheritance_code }
      expect(response).to have_http_status(:ok)
      expect {
-        post "/users/verify", params: { code: user.inheritance_code }
+        post '/users/verify', params: { code: user.inheritance_code }
      }.not_to change(UserIp, :count)
      expect(response).to have_http_status(:ok)
-      expect(json["valid"]).to eq(true)
+      expect(json['valid']).to eq(true)
    end
    it 'creates another UserIp for same user and different IP address' do
      user = create(:user, inheritance_code: SecureRandom.uuid, role: 'guest')
      post '/users/verify', params: { code: user.inheritance_code }
      expect(response).to have_http_status(:ok)
      allow_any_instance_of(ActionDispatch::Request)
        .to receive(:remote_ip)
        .and_return('203.0.113.11')
      expect {
        post '/users/verify', params: { code: user.inheritance_code }
      }.to change(UserIp, :count).by(1)
      expect(response).to have_http_status(:ok)
      expect(json['valid']).to eq(true)
    end
  end
-  describe "GET /users/me" do
+  describe 'GET /users/me' do
-    it "returns 404 when code not found" do
+    it 'returns 404 when code not found' do
-      get "/users/me", params: { code: "nope" }
+      get '/users/me', params: { code: 'nope' }
      expect(response).to have_http_status(:not_found)
    end
-    it "returns user slice when found" do
+    it 'returns user slice when found' do
-      user = create(:user, inheritance_code: SecureRandom.uuid, name: "me", role: "guest")
+      user = create(:user, inheritance_code: SecureRandom.uuid, name: 'me', role: 'guest')
-      get "/users/me", params: { code: user.inheritance_code }
+
      get '/users/me', params: { code: user.inheritance_code }
      expect(response).to have_http_status(:ok)
-      expect(json["id"]).to eq(user.id)
+      expect(json['id']).to eq(user.id)
-      expect(json["name"]).to eq("me")
+      expect(json['name']).to eq('me')
-      expect(json["inheritance_code"]).to eq(user.inheritance_code)
+      expect(json['inheritance_code']).to eq(user.inheritance_code)
-      expect(json["role"]).to eq("guest")
+      expect(json['role']).to eq('guest')
    end
    it 'returns 403 when current IP address is banned' do
      user = create(:user, inheritance_code: SecureRandom.uuid)
      IpAddress.create!(
        ip_address: IPAddr.new(remote_ip).hton,
        banned_at: Time.current
      )
      get '/users/me', params: { code: user.inheritance_code }
      expect(response).to have_http_status(:forbidden)
    end
  end
 end
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
みてるぞ	09763982b5	#302	2026-05-17 21:09:43 +09:00
みてるぞ	dc54f9cbb5	Merge pull request 'フロントのテスト追加 (#155 )' (#350 ) from feature/155 into main Reviewed-on: #350	2026-05-13 22:03:05 +09:00
みてるぞ	78143363c9	#155	2026-05-13 21:49:40 +09:00
みてるぞ	0a13c00f37	#155	2026-05-13 20:42:25 +09:00
みてるぞ	add60cb413	#155	2026-05-11 03:32:47 +09:00
みてるぞ	fb761b199d	さらに修正 (#346 ) (#349 ) Merge remote-tracking branch 'origin/main' into feature/346 #346 #346 Merge remote-tracking branch 'origin/main' into feature/346 #346 #346 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #349	2026-05-11 02:46:08 +09:00
みてるぞ	73152f2934	ちょっと修正 (#346 ) (#348 ) #346 Merge remote-tracking branch 'origin/main' into feature/346 #346 #346 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #348	2026-05-11 02:43:08 +09:00
みてるぞ	2de7e13a8a	Codex 用ファイル追加 (#346 ) (#347 ) #346 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #347	2026-05-11 02:30:55 +09:00
みてるぞ	e03cc01109	投稿排他 (#171 ) (#345 ) #171 #171 #171 #171 #171 #171 #171 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #345	2026-05-10 11:16:49 +09:00
みてるぞ	b47cdc7ad7	BAN の実装 (#327 ) (#342 ) #327 #327 #327 #327 Merge remote-tracking branch 'origin/main' into feature/327 #327 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #342	2026-05-04 16:22:13 +09:00
みてるぞ	52aa1615b6	ニジラー詳細ページ作成 (#63 ) (#341 ) #63 #63 #63 #63 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #341	2026-05-04 03:37:12 +09:00
みてるぞ	dceed1caa1	親投稿機能 (#46 ) (#339 ) Merge remote-tracking branch 'origin/main' into feature/046 #46 #46 #46 #46 #46 #46 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #339	2026-05-03 03:21:35 +09:00
みてるぞ	5002859fc8	YouTube の自動同期 (#314 ) (#340 ) #314 #314 #314 #314 #314 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #340	2026-05-02 17:56:14 +09:00
みてるぞ	fcd3b87b2a	奪はれた別名の履歴追加 (#329 ) (#338 ) #329 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #338	2026-04-27 12:45:06 +09:00
みてるぞ	0ff7fdf78a	Wiki のバージョン管理 (#317 ) (#333 ) #317 #317 #317 #317 #317 #317 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #333	2026-04-26 22:17:25 +09:00
みてるぞ	b2c3e02ccc	ユーザ作成時に IP アドレス連携するやぅに (#323 ) (#326 ) Merge branch 'main' into feature/323 Merge branch 'main' into feature/323 Merge branch 'main' into feature/323 #323 #323 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #326	2026-04-25 21:00:22 +09:00
みてるぞ	c112576b11	ニコニコ DB 逆連携 (#200 ) (#331 ) #200 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #331	2026-04-25 20:46:49 +09:00
みてるぞ	6235b293f0	タグ履歴ページ (#321 ) (#330 ) #321 #321 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #330	2026-04-24 02:21:26 +09:00
みてるぞ	43cd38a216	タグ詳細 (#318 ) (#328 ) #318 #318 #318 #318 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #328	2026-04-23 00:06:49 +09:00
みてるぞ	8ff1819d5a	同期バグ修正 (#324 ) (#325 ) #324 Reviewed-on: #325	2026-04-19 23:04:15 +09:00
みてるぞ	bde7d33949	タグ履歴 (#309 ) (#319 ) #309 #309 #309 #309 #309 Merge remote-tracking branch 'origin/main' into feature/309 #309 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #319	2026-04-19 20:21:51 +09:00
みてるぞ	5c7580d571	ニコタグ連携バグ修正 (#294 ) (#316 ) #294 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #316	2026-04-19 16:44:20 +09:00
みてるぞ	48f823a7c8	履歴画面変更（#308） (#315 ) Merge branch 'main' into feature/308 #308 #308 #308 #308 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #315	2026-04-18 05:43:33 +09:00
みてるぞ	bd11e37fd3	緊急対応（#312） (#313 ) 'backend/config/storage.yml' を更新 Reviewed-on: #313	2026-04-15 20:21:51 +09:00
みてるぞ	e72ec608f4	利用規約（#95） (#311 ) #95 #95 #95 #95 #95 Merge remote-tracking branch 'origin/main' into feature/095 #95 #95 #95 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #311	2026-04-14 12:31:48 +09:00
みてるぞ	a3914fb22a	posts 履歴管理（RSpec 修正）（#264） (#310 ) Merge remote-tracking branch 'origin/main' into feature/264 Merge branch 'feature/264' of https://git.miteruzo.com/miteruzo/btrc-hub into feature/264 #264 Merge branch 'main' into feature/264 #264 #264 #264 #264 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #310	2026-04-11 22:13:19 +09:00
みてるぞ	c36b2c8a1b	投稿に対する履歴（#264） (#307 ) Merge branch 'main' into feature/264 #264 #264 #264 #264 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #307	2026-04-11 17:05:57 +09:00
みてるぞ	e021423904	スマホ・レーアウト・バグ（#304） (#305 ) #304 #304 #304 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #305	2026-04-11 16:58:41 +09:00
みてるぞ	7b15cb2c5a	素材管理（#99） (#303 ) #99 #99 #99 #99 #99 #99 #99 #99 #99 #99 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #303	2026-04-07 07:44:50 +09:00
みてるぞ	2adff3966a	上映会にコメント機能追加（#297） (#299 ) #297 #297 #297 #297 #297 Merge remote-tracking branch 'origin/main' into feature/297 #297 #297 #297 #297 #297 #297 #297 #297 #297 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #299	2026-03-26 23:01:54 +09:00
みてるぞ	ee93ff8ea0	タグ一覧ページの作成（#61） (#298 ) #61 #61 Merge remote-tracking branch 'origin/main' into feature/061 #61 #61 #61 #61 #61 #61 #61 #61 #61 #61 日づけ不詳の表示修正 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #298	2026-03-21 19:58:02 +09:00
みてるぞ	8cf7107445	上映会のし組み作り（#295） (#296 ) #295 #295 #295 #295 #295 #295 #295 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #296	2026-03-18 23:01:04 +09:00
みてるぞ	ffadd03c49	PostHistoryPage で重複サムネが表示されないバグ（#278） (#293 ) #278 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #293	2026-03-14 03:11:34 +09:00
みてるぞ	bcce7f2011	削除タグが履歴で取得されるとフロントが落ちるバグ（#290） (#292 ) #290 #290 'frontend/src/pages/posts/PostHistoryPage.tsx' を更新 'frontend/src/types.ts' を更新 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #292	2026-03-14 00:25:18 +09:00
みてるぞ	d772cceb5e	TagName サニタイズ（#281） (#289 ) #281 #281 Merge remote-tracking branch 'origin/main' into feature/281 #281 #281 テストまだ通ってないので要確認 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #289	2026-03-12 21:58:16 +09:00
みてるぞ	176519b929	tags の論理削除対応（#287） (#288 ) #287 #287 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #288	2026-03-11 22:55:57 +09:00
みてるぞ	238d236b2b	OR 検索と NOT 検索（#68） (#286 ) Merge remote-tracking branch 'origin/main' into feature/068 #68 テスト・ケース作成 #68 #68 まづは NOT に対応 Co-authored-by: miteruzo <miteruzo@naver.com> Reviewed-on: #286	2026-03-08 23:17:44 +09:00