renkar/tipibot
1
0
Fork 0
forked from sass/tipibot
Code Pull Requests Activity

Compare commits

base: renkar:master
Branches Tags
renkar:master renkar:fienta sass:rewrite-v2 sass:rewrite sass:master
..
compare: renkar:fienta
Branches Tags
renkar:master renkar:fienta sass:rewrite-v2 sass:rewrite sass:master

3 Commits
master ... fienta

Author SHA1 Message Date
rene arumetsa
4abc367faf Fixed 2026-04-29 19:57:43 +00:00
AlacrisDevs
691f160a09 Merge branch 'master' of https://git.lapikud.ee/renkar/tipibot into fienta 2026-04-29 22:39:43 +03:00
AlacrisDevs
3c2b4342a2 Added Fienta integration 2026-04-29 22:38:47 +03:00
25 changed files with 2507 additions and 740 deletions
Expand all files Collapse all files

14
.dockerignore Normal file
View File

@@ -0,0 +1,14 @@
.git
.gitignore
.env
.env.*
*.pyc
__pycache__
data/
logs/
*.log
*.md
.dockerignore
Dockerfile
compose.yaml
credentials.json

14
.env.example
View File

@@ -2,12 +2,15 @@
# Profile-specific Discord bot tokens (from https://discord.com/developers/applications)
DISCORD_TOKEN_DEV=your-dev-bot-token-here
DISCORD_TOKEN_ECONOMY=your-economy-bot-token-here
DISCORD_BOT_LAN=your-lan-bot-token-here
# Legacy fallback token (optional, backward compatibility)
DISCORD_TOKEN=
# Google Sheets spreadsheet ID (the long string in the sheet URL)
SHEET_ID=your-google-sheet-id-here
SHEET_ID_DEV=
SHEET_ID_LAN=1cYEI2EmQDMZdVOarbOkVw7IHsnfqtYbWhA-6zC_r-zw
# Path to Google service account credentials JSON
GOOGLE_CREDS_PATH=credentials.json
@@ -15,6 +18,7 @@ GOOGLE_CREDS_PATH=credentials.json
# Profile-specific guild (server) IDs - right-click your server with dev mode on
GUILD_ID_DEV=your-dev-guild-id-here
GUILD_ID_ECONOMY=your-economy-guild-id-here
GUILD_ID_LAN=1301145356750426192
# Legacy fallback guild ID (optional, backward compatibility)
GUILD_ID=
@@ -39,6 +43,16 @@ PB_ADMIN_PASSWORD=your-pb-admin-password
# Profile-specific PocketBase collections
PB_ECONOMY_COLLECTION_DEV=economy_users_dev
PB_ECONOMY_COLLECTION_ECONOMY=economy_users_prod
PB_ECONOMY_COLLECTION_LAN=economy_users_lan
PB_FIENTA_COLLECTION_LAN=fienta_registrations_lan
# Legacy fallback collection name (optional, backward compatibility)
PB_ECONOMY_COLLECTION=
# Fienta LAN registration sync
# Fienta production URLs:
# https://veebikonks.tipilan.ee/fienta/purchase
# https://veebikonks.tipilan.ee/fienta/registration
FIENTA_WEBHOOK_SECRET=optional-secret-for-/fienta/webhook
FIENTA_WEBHOOK_PORT=8090
FIENTA_ADMIN_ALERT_CHANNEL_ID=1478302279894302812

30
.gitea/workflows/deploy.yml
View File

@@ -1,17 +1,17 @@
name: Deploy
name: Deploy
on:
push:
branches: [master]
on:
push:
branches: [master]
jobs:
deploy:
runs-on: linux
steps:
- name: Deploy
run: |
cd ~/tipibot
git pull
source .venv/bin/activate
pip install -r requirements.txt
sudo systemctl restart tipibot
jobs:
deploy:
runs-on: linux
steps:
- name: Deploy
run: |
cd ~/tipibot
git pull
source .venv/bin/activate
pip install -r requirements.txt
systemctl restart tipibot

15
Dockerfile Normal file
View File

@@ -0,0 +1,15 @@
FROM python:3.13-slim
WORKDIR /app
# Install dependencies
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
# Copy application code
COPY . .
# Create data and logs directories
RUN mkdir -p data logs
CMD ["python", "bot.py"]

95
README.md
View File

@@ -88,14 +88,18 @@ cp .env.example .env
| Variable | Description |
|---|---|
| `BOT_PROFILE` | Runtime profile: `dev` or `economy` |
| `BOT_PROFILE` | Runtime profile: `dev`, `economy`, or `lan` |
| `DISCORD_TOKEN_DEV` | Dev bot token from Discord Developer Portal |
| `DISCORD_TOKEN_ECONOMY` | Economy bot token from Discord Developer Portal |
| `DISCORD_BOT_LAN` | LAN bot token from Discord Developer Portal |
| `DISCORD_TOKEN` | Legacy fallback token (optional) |
| `SHEET_ID` | ID from the Google Sheet URL |
| `SHEET_ID_DEV` | Optional dev/member sheet override |
| `SHEET_ID_LAN` | LAN public registration sheet ID |
| `GOOGLE_CREDS_PATH` | Path to `credentials.json` (default: `credentials.json`) |
| `GUILD_ID_DEV` | Dev bot guild ID |
| `GUILD_ID_ECONOMY` | Economy bot guild ID |
| `GUILD_ID_LAN` | LAN bot guild ID |
| `GUILD_ID` | Legacy fallback guild ID (optional) |
| `BIRTHDAY_CHANNEL_ID_DEV` | Channel for birthday `@here` pings in dev profile |
| `BIRTHDAY_CHANNEL_ID_ECONOMY` | Optional birthday channel in economy profile |
@@ -106,7 +110,12 @@ cp .env.example .env
| `PB_ADMIN_PASSWORD` | PocketBase superuser password |
| `PB_ECONOMY_COLLECTION_DEV` | PocketBase collection used by `BOT_PROFILE=dev` |
| `PB_ECONOMY_COLLECTION_ECONOMY` | PocketBase collection used by `BOT_PROFILE=economy` |
| `PB_ECONOMY_COLLECTION_LAN` | PocketBase economy collection used by `BOT_PROFILE=lan` |
| `PB_FIENTA_COLLECTION_LAN` | PocketBase collection for LAN Fienta registration records |
| `PB_ECONOMY_COLLECTION` | Legacy fallback collection (optional) |
| `FIENTA_WEBHOOK_SECRET` | Optional secret path token for `/fienta/webhook/<secret>` testing |
| `FIENTA_WEBHOOK_PORT` | LAN Fienta webhook listen port (default: `8090`) |
| `FIENTA_ADMIN_ALERT_CHANNEL_ID` | Discord channel for LAN Fienta sync alerts |
### 6. Install & Run
@@ -222,7 +231,7 @@ If a member joins and their birthday is within `BIRTHDAY_WINDOW_DAYS` days, a bi
## TipiCOIN Economy
All economy data is stored in **PocketBase** (`economy_users` collection - see `core/pb_client.py`). The currency is **TipiCOIN** (⬡), displayed as a custom Discord emoji configured in `core/economy.py → COIN`.
All economy data is stored in **PocketBase** (`economy_users` collection - see `pb_client.py`). The currency is **TipiCOIN** (⬡), displayed as a custom Discord emoji configured in `economy.py → COIN`.
---
@@ -279,17 +288,17 @@ Every successful economy action awards EXP:
| `/rob` success | +15 |
| Gambling win (`/roulette`, `/slots`, `/blackjack`) | Scaled by bet: <10⬡ = 0, 1099⬡ = +5, 100999⬡ = +10, 1 0009 999⬡ = +15, 10 00099 999⬡ = +20, 100 000+⬡ = +25 |
| `/beg` completed | +5 |
| `/fish` catch | +2 to +25 (varies by rarity: common 23, uncommon 67, rare 10, epic 1415, legendary 25) |
| `/fish` catch | +3 to +15 (varies by rarity) |
**Level formula:** `level = max(1, floor(√(total_exp ÷ 6)))`
**Level formula:** `level = floor(√(total_exp ÷ 10))`
| Level | EXP required | Milestone |
|---|---|---|
| 1 | 0 | TipiNOOB role |
| 5 | 150 | TipiGRINDER role |
| 10 | 600 | TipiHUSTLER role · **T2 shop unlocks** |
| 20 | 2 400 | TipiCHAD role · **T3 shop unlocks** |
| 30 | 5 400 | TipiLEGEND role |
| 1 | 10 | TipiNOOB role |
| 5 | 250 | TipiGRINDER role |
| 10 | 1 000 | TipiHUSTLER role · **T2 shop unlocks** |
| 20 | 4 000 | TipiCHAD role · **T3 shop unlocks** |
| 30 | 9 000 | TipiLEGEND role |
Use `/rank` to see your current EXP, level, progress bar to the next level, and leaderboard position.
@@ -448,7 +457,7 @@ All items are **permanent** once purchased **except Anticheat**, which expires a
Commands that accept a coin amount (`/give`, `/roulette`, `/rps`, `/slots`, `/blackjack`) accept `"all"` as the amount to wager your entire balance.
### Custom emoji
Change `COIN` in `core/economy.py` to any Discord emoji string:
Change `COIN` in `economy.py` to any Discord emoji string:
```python
COIN = "<:tipicoin:YOUR_EMOJI_ID>"
```
@@ -457,12 +466,12 @@ COIN = "<:tipicoin:YOUR_EMOJI_ID>"
## Logging
Logs are written under `logs/<BOT_PROFILE>/` (auto-created on startup), so dev and economy profiles keep separate log streams.
All logs are written to the `logs/` directory (auto-created on startup).
| File | Rotation | Contents |
|---|---|---|
| `logs/<profile>/bot.log` | 5 MB x 5 backups | All INFO+ events: commands, errors, member sync |
| `logs/<profile>/transactions.log` | Daily, 30 days | Economy transactions only: every balance change with user, amount, new balance |
| `logs/bot.log` | 5 MB x 5 backups | All INFO+ events: commands, errors, member sync |
| `logs/transactions.log` | Daily, 30 days | Economy transactions only: every balance change with user, amount, new balance |
The terminal output is **colour-coded** by log level (green = INFO, yellow = WARNING, red = ERROR).
@@ -473,44 +482,28 @@ Every slash command invocation is logged with the user ID, display name, and all
## Project Structure
```
├── bot.py # Discord client, event handlers, shared helpers; wires command modules together
├── strings.py # All user-facing strings (command descriptions, help text, errors)
├── config.py # Environment variable loader
├── core/
│ ├── economy.py # TipiCOIN business logic, constants (SHOP, COOLDOWNS, EXP_REWARDS, ...)
│ ├── pb_client.py # Async PocketBase REST client (auth + CRUD for economy_users)
│ ├── sheets.py # Google Sheets read/write + in-memory cache
│ └── member_sync.py # Role/nickname/birthday sync logic
├── commands/
│ ├── dev_member_commands.py # /check, /member (dev profile)
│ ├── dev_member_runtime.py # on_member_join + birthday daily task helpers
│ ├── economy_admin_commands.py # /admincoins, /adminexp, /adminitem, /adminjail, ...
│ ├── economy_extra_commands.py # /heist, /jailbreak, /reminders, /request, ...
│ ├── economy_fish_commands.py # /fish, /fishbook, /fishsell
│ ├── economy_games_commands.py # /roulette, /slots, /blackjack, /rps
│ ├── economy_income_commands.py # /daily, /work, /beg, /crime, /rob
│ ├── economy_prestige_commands.py# /prestige, /prestigeshop, /prestigebuy
│ ├── economy_profile_commands.py # /balance, /rank, /stats, /cooldowns, /leaderboard
│ ├── economy_support_commands.py # /shop, /buy, /give, /economysetup
│ ├── info_commands.py # /patchnotes, /help auxiliaries
│ ├── ops_admin_commands.py # /sync, /restart, /shutdown, /pause, /send, /status
│ └── ops_channel_commands.py # channel allowlist gating
├── bot.py # Discord client, all slash commands, event handlers
├── economy.py # TipiCOIN business logic, constants (SHOP, COOLDOWNS, etc.)
├── pb_client.py # Async PocketBase REST client (auth + CRUD for economy_users)
├── strings.py # All user-facing strings, command descriptions, help text
├── member_sync.py # Role/nickname/birthday sync logic
├── sheets.py # Google Sheets read/write + in-memory cache
├── config.py # Environment variable loader
├── requirements.txt # Python dependencies
├── .env.example # Template for secrets
├── .env # Your secrets (gitignored)
├── credentials.json # Google service account key (gitignored)
├── docs/
│ ├── DEV_NOTES.md # Developer reference (architecture, checklists, constants)
│ ├── PATCHNOTES.md # Player-facing patch notes (surfaced via /patchnotes)
│ └── POCKETBASE_SETUP.md # PocketBase collection schema + setup instructions
│ ├── DEV_NOTES.md # Developer reference (architecture, checklists, constants)
│ ├── CHANGELOG.md # Version history
│ └── POCKETBASE_SETUP.md # PocketBase collection schema + setup instructions
├── scripts/
│ ├── migrate_to_pb.py # One-time legacy migration: economy.json → PocketBase
── add_stats_fields.py # Schema migration: add new fields to economy_users collection
│ └── reset_pb_collections.py # Destructive: deletes & recreates economy collections (--confirm required)
├── requirements.txt # Python dependencies
├── .env.example # Template for secrets
── .env # Your secrets (gitignored)
├── credentials.json # Google service account key (gitignored)
├── data/<BOT_PROFILE>/
│ └── birthday_sent.json # Birthday dedup log (auto-created per profile)
├── pb_data/ # PocketBase database files (auto-created, gitignored)
└── logs/<BOT_PROFILE>/
├── bot.log # General rotating log (auto-created)
└── transactions.log # Daily economy transaction log (auto-created)
│ ├── migrate_to_pb.py # One-time migration: economy.json → PocketBase
── add_stats_fields.py # Schema migration: add new fields to economy_users collection
├── data/
│ └── birthday_sent.json # Birthday dedup log (auto-created)
├── pb_data/ # PocketBase database files (auto-created, gitignored)
── logs/
├── bot.log # General rotating log (auto-created)
└── transactions.log # Daily economy transaction log (auto-created)
```

98
bot.py
View File

@@ -18,10 +18,11 @@ from discord.ext import tasks
import colorlog
import psutil
from aiohttp import web
import config
import strings as S
from core import economy, pb_client, sheets
from core import economy, lan_fienta, pb_client, sheets
from core.member_sync import SyncResult
from commands.dev_member_commands import register_dev_member_commands
from commands.dev_member_runtime import handle_member_join, run_birthday_daily
@@ -33,9 +34,9 @@ from commands.economy_income_commands import register_economy_income_commands
from commands.economy_prestige_commands import register_prestige_commands
from commands.economy_profile_commands import register_economy_profile_commands
from commands.economy_support_commands import register_economy_support_commands
from commands.lan_fienta_commands import register_lan_fienta_commands
from commands.ops_channel_commands import register_ops_channel_commands
from commands.ops_admin_commands import register_ops_admin_commands
from commands.info_commands import register_info_commands
# ---------------------------------------------------------------------------
# Logging
@@ -95,6 +96,7 @@ tree = app_commands.CommandTree(bot)
GUILD_OBJ = discord.Object(id=config.GUILD_ID)
IS_DEV_PROFILE = config.BOT_PROFILE == "dev"
IS_LAN_PROFILE = config.BOT_PROFILE == "lan"
TALLINN_TZ = ZoneInfo("Europe/Tallinn")
_start_time = datetime.datetime.now()
_process = psutil.Process()
@@ -113,6 +115,8 @@ _RESTART_FILE = _DATA_DIR / "restart_channel.json"
_BOT_CONFIG = _DATA_DIR / "bot_config.json"
_PAUSED = False # maintenance mode: blocks non-admin commands when True
_DEV_ONLY_COMMANDS: tuple[str, ...] = ("birthdays", "check", "member")
_LAN_ONLY_COMMANDS: tuple[str, ...] = ("fientasync",)
_FIENTA_RUNNER: web.AppRunner | None = None
def _apply_profile_command_filters() -> None:
@@ -162,6 +166,64 @@ def _member_cache_size() -> int:
return len(sheets.get_cache())
# ---------------------------------------------------------------------------
# Fienta webhook server (LAN profile)
# ---------------------------------------------------------------------------
async def _fienta_health(_: web.Request) -> web.Response:
return web.json_response({"ok": True, "profile": config.BOT_PROFILE})
async def _process_fienta_payload(payload: dict, source: str) -> None:
try:
summary = await lan_fienta.process_payload(bot, payload)
log.info("Fienta %s webhook processed: %s", source, summary.short())
except Exception as exc:
log.exception("Fienta %s webhook processing failed: %s", source, exc)
async def _accept_fienta_payload(request: web.Request, source: str) -> web.Response:
try:
payload = await request.json()
except Exception:
return web.json_response({"ok": False, "error": "invalid JSON"}, status=400)
asyncio.create_task(_process_fienta_payload(payload, source))
return web.json_response({"ok": True, "accepted": True, "source": source})
async def _handle_fienta_secret_webhook(request: web.Request) -> web.Response:
if not config.FIENTA_WEBHOOK_SECRET:
return web.json_response({"ok": False, "error": "webhook secret not configured"}, status=503)
if request.match_info.get("secret") != config.FIENTA_WEBHOOK_SECRET:
return web.json_response({"ok": False, "error": "not found"}, status=404)
return await _accept_fienta_payload(request, "secret")
async def _handle_fienta_purchase(request: web.Request) -> web.Response:
return await _accept_fienta_payload(request, "purchase")
async def _handle_fienta_registration(request: web.Request) -> web.Response:
return await _accept_fienta_payload(request, "registration")
async def _start_fienta_webhook() -> None:
global _FIENTA_RUNNER
if not IS_LAN_PROFILE or _FIENTA_RUNNER is not None:
return
app = web.Application(client_max_size=5 * 1024 * 1024)
app.router.add_get("/health", _fienta_health)
app.router.add_post("/fienta/purchase", _handle_fienta_purchase)
app.router.add_post("/fienta/registration", _handle_fienta_registration)
app.router.add_post("/fienta/webhook/{secret}", _handle_fienta_secret_webhook)
runner = web.AppRunner(app)
await runner.setup()
site = web.TCPSite(runner, "0.0.0.0", config.FIENTA_WEBHOOK_PORT)
await site.start()
_FIENTA_RUNNER = runner
log.info("LAN Fienta webhook listening on 0.0.0.0:%s", config.FIENTA_WEBHOOK_PORT)
# ---------------------------------------------------------------------------
# EXP / Level role helpers
# ---------------------------------------------------------------------------
@@ -386,10 +448,17 @@ async def on_ready():
# Pull sheet data into cache
if IS_DEV_PROFILE:
try:
data = await sheets.refresh()
data = sheets.refresh()
log.info("Loaded %d member rows from Google Sheets", len(data))
except Exception as e:
log.error("Failed to load sheet on startup: %s", e)
elif IS_LAN_PROFILE:
try:
created = await lan_fienta.ensure_storage()
if created:
log.info("Created LAN Fienta PocketBase collection '%s'", config.PB_FIENTA_COLLECTION_LAN)
except Exception as e:
log.error("Failed to prepare LAN Fienta storage: %s", e)
# Sync slash commands to the guild only; wipe any leftover global registrations
tree.copy_global_to(guild=GUILD_OBJ)
@@ -408,6 +477,10 @@ async def on_ready():
_rotate_presence.start()
log.info("Rich presence rotation started")
# Start Fienta webhook for LAN registration sync
if IS_LAN_PROFILE:
await _start_fienta_webhook()
# Re-schedule any reminder tasks lost on restart
await _restore_reminders()
@@ -437,6 +510,11 @@ async def on_resumed():
@bot.event
async def on_member_join(member: discord.Member):
"""When someone joins, look them up in the sheet and sync."""
if IS_LAN_PROFILE:
summary = await lan_fienta.sync_member_join(bot, member)
if summary.roles_synced or summary.alerts:
log.info("LAN join Fienta sync for %s: %s", member, summary.short())
return
if not IS_DEV_PROFILE:
return
await handle_member_join(
@@ -461,6 +539,9 @@ if IS_DEV_PROFILE:
mark_announced_today=_mark_announced_today,
)
if IS_LAN_PROFILE:
register_lan_fienta_commands(tree, bot, log)
register_ops_admin_commands(
tree,
bot,
@@ -484,8 +565,6 @@ register_ops_channel_commands(
set_allowed_channels=_set_allowed_channels,
)
register_info_commands(tree, bot, log)
@tree.command(name="ping", description=S.CMD["ping"])
async def cmd_ping(interaction: discord.Interaction):
@@ -497,6 +576,7 @@ async def cmd_ping(interaction: discord.Interaction):
# ---------------------------------------------------------------------------
_HELP_PAGE_SIZE = 10
_DEV_ONLY_HELP_TOKENS: tuple[str, ...] = tuple(f"/{name}" for name in _DEV_ONLY_COMMANDS)
_LAN_ONLY_HELP_TOKENS: tuple[str, ...] = tuple(f"/{name}" for name in _LAN_ONLY_COMMANDS)
def _visible_help_fields(category_key: str) -> list[tuple[str, str]]:
@@ -509,6 +589,8 @@ def _visible_help_fields(category_key: str) -> list[tuple[str, str]]:
blob = f"{name}\n{value}".lower()
if any(tok in blob for tok in _DEV_ONLY_HELP_TOKENS):
continue
if not IS_LAN_PROFILE and any(tok in blob for tok in _LAN_ONLY_HELP_TOKENS):
continue
visible.append((name, value))
return visible
@@ -884,7 +966,11 @@ def _asyncio_exception_handler(loop: asyncio.AbstractEventLoop, context: dict) -
if __name__ == "__main__":
if not config.DISCORD_TOKEN:
profile_key = "DISCORD_TOKEN_ECONOMY" if config.BOT_PROFILE == "economy" else "DISCORD_TOKEN_DEV"
profile_key = {
"dev": "DISCORD_TOKEN_DEV",
"economy": "DISCORD_TOKEN_ECONOMY",
"lan": "DISCORD_BOT_LAN",
}[config.BOT_PROFILE]
raise SystemExit(
f"{profile_key} pole seadistatud profiilile '{config.BOT_PROFILE}'. "
"Kopeeri .env.example failiks .env ja täida see."

8
commands/dev_member_commands.py
View File

@@ -157,7 +157,7 @@ def register_dev_member_commands(
await interaction.response.defer()
try:
await sheets.refresh()
sheets.refresh()
except Exception as e:
await interaction.followup.send(S.ERR["sheet_error"].format(error=e), ephemeral=True)
return
@@ -177,7 +177,7 @@ def register_dev_member_commands(
return
try:
data = await sheets.refresh()
data = sheets.refresh()
except Exception as e:
await interaction.followup.send(S.ERR["sheet_error"].format(error=e), ephemeral=True)
return
@@ -195,7 +195,7 @@ def register_dev_member_commands(
guild.members,
)
if guild_member:
await sheets.set_user_id(discord_name, guild_member.id)
sheets.set_user_id(discord_name, guild_member.id)
ids_filled += 1
data = sheets.get_cache()
@@ -243,7 +243,7 @@ def register_dev_member_commands(
if sync_updates:
try:
await sheets.batch_set_synced(sync_updates)
sheets.batch_set_synced(sync_updates)
except Exception as e:
log.error("/check batch_set_synced failed: %s", e)

8
commands/dev_member_runtime.py
View File

@@ -23,7 +23,7 @@ async def run_birthday_daily(
return
try:
data = await sheets.refresh()
data = sheets.refresh()
except Exception as e:
log.error("Birthday task: sheet refresh failed: %s", e)
data = sheets.get_cache()
@@ -68,13 +68,13 @@ async def handle_member_join(
log.info("Member joined: %s (ID: %s)", member, member.id)
if not sheets.get_cache():
await sheets.refresh()
sheets.refresh()
result = await sync_member(member, member.guild)
if result.not_found:
try:
await sheets.add_new_member_row(member.name, member.id)
sheets.add_new_member_row(member.name, member.id)
log.info(
"%s not in sheet, added new row (Discord=%s, ID=%s)",
member,
@@ -86,7 +86,7 @@ async def handle_member_join(
return
log_sync_result(member, result)
await sheets.set_synced(member.id, result.synced)
sheets.set_synced(member.id, result.synced)
if result.birthday_soon and not has_announced_today(member.id):
await announce_birthday(member, bot)

66
commands/economy_games_commands.py
View File

@@ -276,16 +276,18 @@ def register_economy_games_commands(
bet_line_a = bet_line_b = ""
if self.bet > 0:
if winner == "a":
await economy.do_rps_pvp_payout(self.player_a.id, self.bet)
bet_line_a = f"\n+{coin(self.bet)}"
bet_line_b = f"\n-{coin(self.bet)}"
res = await economy.do_give(self.player_b.id, self.player_a.id, self.bet)
elif winner == "b":
await economy.do_rps_pvp_payout(self.player_b.id, self.bet)
bet_line_a = f"\n-{coin(self.bet)}"
bet_line_b = f"\n+{coin(self.bet)}"
res = await economy.do_give(self.player_a.id, self.player_b.id, self.bet)
else:
await economy.do_rps_pvp_refund(self.player_a.id, self.bet)
await economy.do_rps_pvp_refund(self.player_b.id, self.bet)
res = {"ok": True}
if self.bet > 0 and winner is not None:
if res.get("ok"):
bet_line_a = f"\n{'+' if winner == 'a' else '-'}{coin(self.bet)}"
bet_line_b = f"\n{'+' if winner == 'b' else '-'}{coin(self.bet)}"
else:
bet_line_a = bet_line_b = S.RPS_UI["duel_broke"]
data_a = await economy.get_user(self.player_a.id)
data_b = await economy.get_user(self.player_b.id)
@@ -373,9 +375,6 @@ def register_economy_games_commands(
if self.game._resolved:
return
self.game._resolved = True
if self.game.bet > 0:
await economy.do_rps_pvp_refund(self.game.player_a.id, self.game.bet)
await economy.do_rps_pvp_refund(self.game.player_b.id, self.game.bet)
active_games.discard(self.game.player_a.id)
active_games.discard(self.game.player_b.id)
for item in self.children:
@@ -432,33 +431,21 @@ def register_economy_games_commands(
active_games.add(self.game.player_b.id)
if self.game.bet > 0:
deposit_a = await economy.do_rps_pvp_deposit(self.game.player_a.id, self.game.bet)
if not deposit_a.get("ok"):
embed = discord.Embed(
title=S.TITLE["rps_duel_cancel"],
description=S.RPS_UI["duel_insufficient"].format(mention=self.game.player_a.mention),
color=0xED4245,
)
await interaction.response.edit_message(embed=embed, view=None)
async with self.game._lock:
self.game._resolved = True
active_games.discard(self.game.player_a.id)
active_games.discard(self.game.player_b.id)
return
deposit_b = await economy.do_rps_pvp_deposit(self.game.player_b.id, self.game.bet)
if not deposit_b.get("ok"):
await economy.do_rps_pvp_refund(self.game.player_a.id, self.game.bet)
embed = discord.Embed(
title=S.TITLE["rps_duel_cancel"],
description=S.RPS_UI["duel_insufficient"].format(mention=self.game.player_b.mention),
color=0xED4245,
)
await interaction.response.edit_message(embed=embed, view=None)
async with self.game._lock:
self.game._resolved = True
active_games.discard(self.game.player_a.id)
active_games.discard(self.game.player_b.id)
return
data_a = await economy.get_user(self.game.player_a.id)
data_b = await economy.get_user(self.game.player_b.id)
for player, data in ((self.game.player_a, data_a), (self.game.player_b, data_b)):
if data["balance"] < self.game.bet:
embed = discord.Embed(
title=S.TITLE["rps_duel_cancel"],
description=S.RPS_UI["duel_insufficient"].format(mention=player.mention),
color=0xED4245,
)
await interaction.response.edit_message(embed=embed, view=None)
async with self.game._lock:
self.game._resolved = True
active_games.discard(self.game.player_a.id)
active_games.discard(self.game.player_b.id)
return
bet_str = S.RPS_UI["duel_active_bet"].format(bet=coin(self.game.bet)) if self.game.bet > 0 else ""
embed = discord.Embed(
@@ -492,9 +479,6 @@ def register_economy_games_commands(
if dm_failed:
async with self.game._lock:
self.game._resolved = True
if self.game.bet > 0:
await economy.do_rps_pvp_refund(self.game.player_a.id, self.game.bet)
await economy.do_rps_pvp_refund(self.game.player_b.id, self.game.bet)
active_games.discard(self.game.player_a.id)
active_games.discard(self.game.player_b.id)
embed = discord.Embed(

148
commands/info_commands.py
View File

@@ -1,148 +0,0 @@
from __future__ import annotations
import logging
import re
from pathlib import Path
import discord
from discord import app_commands
import strings as S
_PATCHNOTES_PATH = Path(__file__).resolve().parent.parent / "docs" / "PATCHNOTES.md"
_VERSION_RE = re.compile(r"^##\s+(.+?)\s*$")
_EMBED_DESC_MAX = 4096
_SELECT_OPTIONS_MAX = 25
def _load_versions() -> list[tuple[str, str]]:
try:
text = _PATCHNOTES_PATH.read_text(encoding="utf-8")
except FileNotFoundError:
return []
versions: list[tuple[str, str]] = []
cur_header: str | None = None
cur_body: list[str] = []
for line in text.splitlines():
m = _VERSION_RE.match(line)
if m:
if cur_header is not None:
versions.append((cur_header, "\n".join(cur_body).strip()))
cur_header = m.group(1).strip()
cur_body = []
elif cur_header is not None:
cur_body.append(line)
if cur_header is not None:
versions.append((cur_header, "\n".join(cur_body).strip()))
return versions
def _build_embed(versions: list[tuple[str, str]], idx: int) -> discord.Embed:
header, body = versions[idx]
if len(body) > _EMBED_DESC_MAX:
body = body[: _EMBED_DESC_MAX - 1] + ""
embed = discord.Embed(
title=S.PATCHNOTES_UI["title"].format(version=header),
description=body or S.PATCHNOTES_UI["empty_version"],
color=0x5865F2,
)
embed.set_footer(
text=S.PATCHNOTES_UI["footer"].format(idx=idx + 1, total=len(versions))
)
return embed
def register_info_commands(
tree: app_commands.CommandTree,
bot: discord.Client,
log: logging.Logger,
) -> None:
@tree.command(name="patchnotes", description=S.CMD["patchnotes"])
async def cmd_patchnotes(interaction: discord.Interaction):
versions = _load_versions()
if not versions:
await interaction.response.send_message(
S.PATCHNOTES_UI["empty_file"], ephemeral=True
)
return
invoker_id = interaction.user.id
class PatchNotesView(discord.ui.View):
def __init__(self, idx: int = 0):
super().__init__(timeout=180)
self.idx = idx
self._rebuild()
def _rebuild(self):
self.clear_items()
newer_btn = discord.ui.Button(
label=S.PATCHNOTES_UI["btn_newer"],
style=discord.ButtonStyle.secondary,
disabled=self.idx <= 0,
)
older_btn = discord.ui.Button(
label=S.PATCHNOTES_UI["btn_older"],
style=discord.ButtonStyle.secondary,
disabled=self.idx >= len(versions) - 1,
)
newer_btn.callback = self._make_step_cb(-1)
older_btn.callback = self._make_step_cb(+1)
self.add_item(newer_btn)
self.add_item(older_btn)
opts: list[discord.SelectOption] = []
for i, (hdr, _) in enumerate(versions[:_SELECT_OPTIONS_MAX]):
opts.append(
discord.SelectOption(
label=hdr[:100],
value=str(i),
default=(i == self.idx),
)
)
if len(opts) > 1:
select = discord.ui.Select(
placeholder=S.PATCHNOTES_UI["select_placeholder"],
options=opts,
min_values=1,
max_values=1,
)
select.callback = self._make_select_cb(select)
self.add_item(select)
def _make_step_cb(self, delta: int):
async def _cb(interaction: discord.Interaction):
if interaction.user.id != invoker_id:
await interaction.response.send_message(
S.ERR["not_your_menu"], ephemeral=True
)
return
self.idx = max(0, min(len(versions) - 1, self.idx + delta))
self._rebuild()
await interaction.response.edit_message(
embed=_build_embed(versions, self.idx), view=self
)
return _cb
def _make_select_cb(self, select: discord.ui.Select):
async def _cb(interaction: discord.Interaction):
if interaction.user.id != invoker_id:
await interaction.response.send_message(
S.ERR["not_your_menu"], ephemeral=True
)
return
self.idx = int(select.values[0])
self._rebuild()
await interaction.response.edit_message(
embed=_build_embed(versions, self.idx), view=self
)
return _cb
view = PatchNotesView(0)
await interaction.response.send_message(
embed=_build_embed(versions, 0), view=view, ephemeral=True
)
log.info("/patchnotes by %s (%d versions)", interaction.user, len(versions))

28
commands/lan_fienta_commands.py Normal file
View File

@@ -0,0 +1,28 @@
from __future__ import annotations
import logging
import discord
from discord import app_commands
from core import lan_fienta
import strings as S
def register_lan_fienta_commands(
tree: app_commands.CommandTree,
bot: discord.Client,
log: logging.Logger,
) -> None:
@tree.command(name="fientasync", description=S.CMD["fientasync"])
@app_commands.guild_only()
@app_commands.default_permissions(manage_guild=True)
async def cmd_fientasync(interaction: discord.Interaction):
await interaction.response.defer(ephemeral=True)
try:
summary = await lan_fienta.resync_all(bot)
except Exception as exc:
log.exception("/fientasync failed")
await interaction.followup.send(f"❌ Fienta sync failed: `{exc}`", ephemeral=True)
return
await interaction.followup.send(f"✅ Fienta sync done: `{summary.short()}`", ephemeral=True)

35
compose.yaml Normal file
View File

@@ -0,0 +1,35 @@
services:
pocketbase:
image: ghcr.io/muchobien/pocketbase:latest
container_name: tipibot-pocketbase
restart: unless-stopped
volumes:
- pb_data:/pb_data
ports:
- "8090:8090"
healthcheck:
test: ["CMD", "wget", "-q", "--spider", "http://localhost:8090/api/health"]
interval: 10s
timeout: 5s
retries: 3
bot:
build: .
container_name: tipibot
restart: unless-stopped
depends_on:
pocketbase:
condition: service_healthy
env_file:
- .env
environment:
- PB_URL=http://pocketbase:8090
expose:
- "8090"
volumes:
- ./data:/app/data
- ./logs:/app/logs
- ./credentials.json:/app/credentials.json:ro
volumes:
pb_data:

47
config.py
View File

@@ -4,8 +4,8 @@ from dotenv import load_dotenv
load_dotenv()
BOT_PROFILE = os.getenv("BOT_PROFILE", "dev").strip().lower() or "dev"
if BOT_PROFILE not in {"dev", "economy"}:
raise SystemExit("BOT_PROFILE must be either 'dev' or 'economy'.")
if BOT_PROFILE not in {"dev", "economy", "lan"}:
raise SystemExit("BOT_PROFILE must be either 'dev', 'economy', or 'lan'.")
def _env_int(name: str, default: int) -> int:
@@ -18,17 +18,31 @@ def _env_int(name: str, default: int) -> int:
_LEGACY_DISCORD_TOKEN = os.getenv("DISCORD_TOKEN", "")
DISCORD_TOKEN_DEV = os.getenv("DISCORD_TOKEN_DEV", "")
DISCORD_TOKEN_ECONOMY = os.getenv("DISCORD_TOKEN_ECONOMY", "")
DISCORD_TOKEN = (
DISCORD_TOKEN_ECONOMY if BOT_PROFILE == "economy" else DISCORD_TOKEN_DEV
) or _LEGACY_DISCORD_TOKEN
DISCORD_BOT_LAN = os.getenv("DISCORD_BOT_LAN", "")
DISCORD_TOKEN = {
"dev": DISCORD_TOKEN_DEV,
"economy": DISCORD_TOKEN_ECONOMY,
"lan": DISCORD_BOT_LAN,
}[BOT_PROFILE] or _LEGACY_DISCORD_TOKEN
SHEET_ID = os.getenv("SHEET_ID")
SHEET_ID_DEV = os.getenv("SHEET_ID_DEV", "").strip()
SHEET_ID_LAN = os.getenv("SHEET_ID_LAN", "").strip()
SHEET_ID = (
SHEET_ID_LAN
if BOT_PROFILE == "lan"
else SHEET_ID_DEV or os.getenv("SHEET_ID")
)
GOOGLE_CREDS_PATH = os.getenv("GOOGLE_CREDS_PATH", "credentials.json")
_LEGACY_GUILD_ID = _env_int("GUILD_ID", 0)
GUILD_ID_DEV = _env_int("GUILD_ID_DEV", _LEGACY_GUILD_ID)
GUILD_ID_ECONOMY = _env_int("GUILD_ID_ECONOMY", _LEGACY_GUILD_ID)
GUILD_ID = GUILD_ID_ECONOMY if BOT_PROFILE == "economy" else GUILD_ID_DEV
GUILD_ID_LAN = _env_int("GUILD_ID_LAN", 0)
GUILD_ID = {
"dev": GUILD_ID_DEV,
"economy": GUILD_ID_ECONOMY,
"lan": GUILD_ID_LAN,
}[BOT_PROFILE]
_LEGACY_BIRTHDAY_CHANNEL_ID = _env_int("BIRTHDAY_CHANNEL_ID", 0)
BIRTHDAY_CHANNEL_ID_DEV = _env_int("BIRTHDAY_CHANNEL_ID_DEV", _LEGACY_BIRTHDAY_CHANNEL_ID)
@@ -55,6 +69,21 @@ PB_ECONOMY_COLLECTION_ECONOMY = (
os.getenv("PB_ECONOMY_COLLECTION_ECONOMY", "").strip()
or (_LEGACY_PB_COLLECTION if _LEGACY_PB_COLLECTION else "economy_users_prod")
)
PB_ECONOMY_COLLECTION = (
PB_ECONOMY_COLLECTION_ECONOMY if BOT_PROFILE == "economy" else PB_ECONOMY_COLLECTION_DEV
PB_ECONOMY_COLLECTION_LAN = (
os.getenv("PB_ECONOMY_COLLECTION_LAN", "").strip()
or (_LEGACY_PB_COLLECTION if _LEGACY_PB_COLLECTION else "economy_users_lan")
)
PB_ECONOMY_COLLECTION = {
"dev": PB_ECONOMY_COLLECTION_DEV,
"economy": PB_ECONOMY_COLLECTION_ECONOMY,
"lan": PB_ECONOMY_COLLECTION_LAN,
}[BOT_PROFILE]
PB_FIENTA_COLLECTION_LAN = (
os.getenv("PB_FIENTA_COLLECTION_LAN", "").strip()
or "fienta_registrations_lan"
)
FIENTA_WEBHOOK_SECRET = os.getenv("FIENTA_WEBHOOK_SECRET", "").strip()
FIENTA_WEBHOOK_PORT = _env_int("FIENTA_WEBHOOK_PORT", 8090)
FIENTA_ADMIN_ALERT_CHANNEL_ID = _env_int("FIENTA_ADMIN_ALERT_CHANNEL_ID", 0)

221
core/economy.py
View File

@@ -6,7 +6,6 @@ All public async functions are the single source of truth for mutations.
from __future__ import annotations
import asyncio
import logging
import math
import random
@@ -16,13 +15,17 @@ from typing import TypedDict
import aiohttp
from . import pb_client
from .pb_client import DatabaseError
import strings
_txn_log = logging.getLogger("tipiCOIN.txn")
class DatabaseError(Exception):
"""Raised when PocketBase is unreachable or returns an error."""
pass
def _txn(event: str, **fields) -> None:
"""Log a single economy transaction to the transactions logger."""
body = " ".join(f"{k}={v}" for k, v in fields.items())
@@ -317,16 +320,16 @@ LEVEL_ROLES: list[tuple[int, str]] = [
def get_level(exp: int) -> int:
"""Level = max(1, floor(sqrt(exp/6))).
Level 5 @ 150 EXP, 10 @ 600, 20 @ 2400, 30 @ 5400."""
return max(1, int(math.sqrt(max(0, exp) / 6)))
"""Level = max(1, floor(sqrt(exp/10))).
Level 5 @ 250 EXP, 10 @ 1000, 20 @ 4000, 30 @ 9000."""
return max(1, int(math.sqrt(max(0, exp) / 10)))
def exp_for_level(level: int) -> int:
"""Minimum cumulative EXP to reach this level. level^2 * 6."""
"""Minimum cumulative EXP to reach this level."""
if level <= 1:
return 0
return level * level * 6
return level * level * 10
def level_role_name(level: int) -> str:
@@ -686,19 +689,18 @@ async def do_season_reset(top_n: int = 10) -> list[tuple[str, int, int]]:
# Internal write helper
# ---------------------------------------------------------------------------
async def _commit(user_id: int, user: UserData) -> None:
record_id = user.get("_pb_id") # type: ignore[typeddict-item]
clean = {k: v for k, v in user.items() if k != "_pb_id"}
clean["user_id"] = str(user_id)
try:
record_id = user.get("_pb_id") # type: ignore[typeddict-item]
clean = {k: v for k, v in user.items() if k != "_pb_id"}
clean["user_id"] = str(user_id)
if record_id:
await pb_client.update_record(record_id, clean)
else:
_log.warning("_commit for user %s had no _pb_id; creating new record", user_id)
created = await pb_client.create_record(clean)
user["_pb_id"] = created["id"] # type: ignore[typeddict-unknown-key]
except (aiohttp.ClientError, asyncio.TimeoutError, RuntimeError) as exc:
except Exception as exc:
_log.error("_commit failed for user %s: %s", user_id, exc)
raise DatabaseError(f"Failed to persist user {user_id}: {exc}") from exc
# ---------------------------------------------------------------------------
@@ -949,13 +951,9 @@ async def do_fish_sell(user_id: int, indices: list[int] | None = None) -> dict:
to_sell = inv
remaining = []
else:
sell_idx = {
(i if i >= 0 else len(inv) + i)
for i in indices
}
sell_idx = {i for i in sell_idx if 0 <= i < len(inv)}
to_sell = [inv[i] for i in sorted(sell_idx)]
keep_idx = set(range(len(inv))) - sell_idx
valid_indices = [i if i >= 0 else len(inv) + i for i in indices]
to_sell = [inv[i] for i in sorted(set(valid_indices)) if 0 <= i < len(inv)]
keep_idx = set(range(len(inv))) - set(indices)
remaining = [inv[i] for i in sorted(keep_idx)]
if not to_sell:
@@ -1302,32 +1300,12 @@ async def do_rob(robber_id: int, target_id: int) -> dict:
pct = random.uniform(0.10, 0.25)
stolen = max(10, min(int(target["balance"] * pct), target["balance"]))
target["balance"] -= stolen
prev_lifetime_earned = robber.get("lifetime_earned", 0)
prev_biggest_win = robber.get("biggest_win", 0)
prev_peak_balance = robber.get("peak_balance", 0)
robber["balance"] += stolen
robber["lifetime_earned"] = prev_lifetime_earned + stolen
robber["biggest_win"] = max(prev_biggest_win, stolen)
robber["peak_balance"] = max(prev_peak_balance, robber["balance"])
try:
await _commit(robber_id, robber)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
try:
await _commit(target_id, target)
except DatabaseError:
robber["balance"] -= stolen
robber["lifetime_earned"] = prev_lifetime_earned
robber["biggest_win"] = prev_biggest_win
robber["peak_balance"] = prev_peak_balance
try:
await _commit(robber_id, robber)
except DatabaseError as exc2:
_log.critical(
"do_rob rollback failed for robber %s after target commit failed: %s",
robber_id, exc2,
)
return {"ok": False, "reason": "db_error"}
robber["lifetime_earned"] = robber.get("lifetime_earned", 0) + stolen
robber["biggest_win"] = max(robber.get("biggest_win", 0), stolen)
robber["peak_balance"] = max(robber.get("peak_balance", 0), robber["balance"])
await _commit(robber_id, robber)
await _commit(target_id, target)
_txn("ROB_WIN", robber=robber_id, victim=target_id, stolen=f"+{stolen}", jackpot=jackpot, robber_bal=robber["balance"], victim_bal=target["balance"])
return {"ok": True, "success": True, "stolen": stolen, "balance": robber["balance"], "jackpot": jackpot}
else:
@@ -1416,66 +1394,6 @@ async def do_game_bet(user_id: int, bet: int, outcome: str) -> dict:
return {"ok": True, "balance": user["balance"]}
# ---------------------------------------------------------------------------
# /rps PvP escrow (deposit/payout/refund)
# ---------------------------------------------------------------------------
async def do_rps_pvp_deposit(user_id: int, bet: int) -> dict:
"""Hold `bet` coins from a player as escrow for a PvP RPS duel."""
try:
user = await get_user(user_id)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
if user.get("eco_banned"):
return {"ok": False, "reason": "banned"}
if jail := _is_jailed(user):
return {"ok": False, "reason": "jailed", "remaining": jail}
if user["balance"] < bet:
return {"ok": False, "reason": "insufficient"}
user["balance"] -= bet
user["total_wagered"] = user.get("total_wagered", 0) + bet
try:
await _commit(user_id, user)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
_txn("RPS_PVP_DEPOSIT", user=user_id, bet=bet, bal=user["balance"])
return {"ok": True, "balance": user["balance"]}
async def do_rps_pvp_payout(winner_id: int, bet: int) -> dict:
"""Credit the duel winner with 2*bet (their stake back + opponent's)."""
try:
user = await get_user(winner_id)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
payout = bet * 2
user["balance"] = user.get("balance", 0) + payout
user["lifetime_earned"] = user.get("lifetime_earned", 0) + bet
user["biggest_win"] = max(user.get("biggest_win", 0), bet)
user["peak_balance"] = max(user.get("peak_balance", 0), user["balance"])
try:
await _commit(winner_id, user)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
_txn("RPS_PVP_PAYOUT", user=winner_id, payout=f"+{payout}", bal=user["balance"])
return {"ok": True, "balance": user["balance"]}
async def do_rps_pvp_refund(user_id: int, bet: int) -> dict:
"""Refund a previously escrowed bet (tie / timeout / cancel)."""
try:
user = await get_user(user_id)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
user["balance"] = user.get("balance", 0) + bet
user["total_wagered"] = max(0, user.get("total_wagered", 0) - bet)
try:
await _commit(user_id, user)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
_txn("RPS_PVP_REFUND", user=user_id, bet=bet, bal=user["balance"])
return {"ok": True, "balance": user["balance"]}
# ---------------------------------------------------------------------------
# /slots
# ---------------------------------------------------------------------------
@@ -1581,23 +1499,8 @@ async def do_give(giver_id: int, receiver_id: int, amount: int) -> dict:
receiver["balance"] += amount
giver["total_given"] = giver.get("total_given", 0) + amount
receiver["total_received"] = receiver.get("total_received", 0) + amount
try:
await _commit(giver_id, giver)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
try:
await _commit(receiver_id, receiver)
except DatabaseError:
giver["balance"] += amount
giver["total_given"] = max(0, giver.get("total_given", 0) - amount)
try:
await _commit(giver_id, giver)
except DatabaseError as exc2:
_log.critical(
"do_give rollback failed for giver %s after receiver commit failed: %s",
giver_id, exc2,
)
return {"ok": False, "reason": "db_error"}
await _commit(giver_id, giver)
await _commit(receiver_id, receiver)
_txn("GIVE", from_=giver_id, to=receiver_id, amount=amount, from_bal=giver["balance"], to_bal=receiver["balance"])
return {
@@ -1851,41 +1754,23 @@ async def do_heist_check(user_id: int) -> dict:
async def do_heist_resolve(user_ids: list[int], success: bool) -> dict:
"""Apply heist outcome to all participants. On win, steals from house.
Per-user commit failures attempt to compensate the house so the economy
stays balanced. If compensation also fails, a CRITICAL log is emitted.
"""
"""Apply heist outcome to all participants. On win, steals from house."""
now = _now()
payout_each = 0
failed_users: list[int] = []
if success and HOUSE_ID is not None:
try:
house = await get_user(HOUSE_ID)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
house = await get_user(HOUSE_ID)
pct = random.uniform(0.20, 0.55)
total = max(300, int(house["balance"] * pct))
payout_each = total // len(user_ids)
house["balance"] = max(0, house["balance"] - total)
try:
await _commit(HOUSE_ID, house)
except DatabaseError:
return {"ok": False, "reason": "db_error"}
await _commit(HOUSE_ID, house)
_txn("HEIST_HOUSE", change=f"-{total}", house_bal=house["balance"])
for uid in user_ids:
try:
user = await get_user(uid)
except DatabaseError:
failed_users.append(uid)
if success and payout_each > 0:
await _refund_house_safe(payout_each, "heist_win_compensate", uid)
continue
user = await get_user(uid)
user["last_heist"] = now.isoformat()
user["heists_joined"] = user.get("heists_joined", 0) + 1
fine_credited = False
if success:
user["balance"] += payout_each
user["heists_won"] = user.get("heists_won", 0) + 1
@@ -1901,51 +1786,7 @@ async def do_heist_resolve(user_ids: list[int], success: bool) -> dict:
user["lifetime_lost"] = user.get("lifetime_lost", 0) + fine
_txn("HEIST_FAIL", user=uid, fine=f"-{fine}", jailed_until=user["jailed_until"], bal=user["balance"])
if fine > 0:
try:
await _credit_house(fine)
fine_credited = True
except DatabaseError:
pass # user commit will still be attempted; if both fail, no economy effect
try:
await _commit(uid, user)
except DatabaseError:
failed_users.append(uid)
if success and payout_each > 0:
await _refund_house_safe(payout_each, "heist_win_compensate", uid)
elif not success and fine_credited:
await _refund_user_safe(HOUSE_ID, fine if 'fine' in locals() else 0, "heist_fail_compensate", uid)
await _credit_house(fine)
await _commit(uid, user)
return {"ok": True, "payout_each": payout_each, "success": success, "failed_users": failed_users}
async def _refund_house_safe(amount: int, context: str, related_uid: int) -> None:
"""Best-effort refund of `amount` to the house. Logs critical if it fails."""
if HOUSE_ID is None or amount <= 0:
return
try:
house = await get_user(HOUSE_ID)
house["balance"] = house.get("balance", 0) + amount
await _commit(HOUSE_ID, house)
except DatabaseError as exc:
_log.critical(
"House compensation failed (%s, related uid %s, amount %s): %s",
context, related_uid, amount, exc,
)
async def _refund_user_safe(_unused_house_id, amount: int, context: str, uid: int) -> None:
"""Best-effort debit of `amount` from the house (compensates a failed user fine).
Reads house, subtracts amount, commits. Logs critical if it fails.
"""
if HOUSE_ID is None or amount <= 0:
return
try:
house = await get_user(HOUSE_ID)
house["balance"] = max(0, house.get("balance", 0) - amount)
await _commit(HOUSE_ID, house)
except DatabaseError as exc:
_log.critical(
"House debit compensation failed (%s, related uid %s, amount %s): %s",
context, uid, amount, exc,
)
return {"ok": True, "payout_each": payout_each, "success": success}

868
core/lan_fienta.py Normal file
View File

@@ -0,0 +1,868 @@
"""Fienta registration sync for the LAN bot profile.
The module keeps Fienta data in PocketBase, assigns Discord roles, and mirrors
public tournament teams into the LAN live registration sheet.
"""
from __future__ import annotations
import asyncio
import datetime as dt
import logging
import re
import unicodedata
from dataclasses import dataclass, field
from typing import Any
import discord
import gspread
from google.oauth2.service_account import Credentials
import config
from . import pb_client
log = logging.getLogger("tipilan.fienta")
SCOPES = [
"https://www.googleapis.com/auth/spreadsheets",
"https://www.googleapis.com/auth/drive",
]
CS2_GENERAL_ROLE_ID = 1498736834656604251
LOL_GENERAL_ROLE_ID = 1498736949706490017
LANGUAGE_GENERAL_ROLE_ID = 1416417344984715366
CS2_CAPTAIN_ROLE_ID = 1498738332316860426
CS2_MANAGER_ROLE_ID = 1498738500558655679
EXISTING_LANGUAGE_ROLE_IDS = {
"EE": 1425781026482950245,
"LV": 1425781129528606740,
"FI": 1425781429618348073,
}
CONFIRMED_TEXT = "Kinnitatud"
PENDING_TEXT = "Kinnitamisel"
CANCELLED_STATUSES = {"CANCELLED", "REFUNDED", "EXPIRED", "VOIDED"}
BLOCKED_COUNTRY_CODES = {"BY", "RU"}
BLOCKED_COUNTRY_NAMES = {
"belarus",
"russia",
"russian federation",
"valgevene",
"venemaa",
"vene föderatsioon",
"vene foderatsioon",
}
TICKET_TYPES: dict[str, dict[str, Any]] = {
"595507": {
"game": "cs2",
"kind": "participant",
"sheet_public": True,
"main": True,
},
"595509": {
"game": "cs2",
"kind": "reserve",
"sheet_public": False,
"main": False,
},
"595510": {
"game": "cs2",
"kind": "manager",
"sheet_public": False,
"main": False,
},
"595912": {
"game": "lol",
"kind": "participant",
"sheet_public": True,
"main": True,
},
}
SHEET_CONFIG = {
"cs2": {"worksheet": "CS2", "start_row": 6, "end_row": 37, "cols": 6},
"lol": {"worksheet": "LoL", "start_row": 6, "end_row": 17, "cols": 5},
}
COUNTRY_CODE_BY_NAME = {
"afghanistan": "AF",
"albaania": "AL",
"albania": "AL",
"andorra": "AD",
"armeenia": "AM",
"armenia": "AM",
"austria": "AT",
"austria vabariik": "AT",
"azerbaijan": "AZ",
"aserbaidžaan": "AZ",
"belgia": "BE",
"belgium": "BE",
"bosnia ja hertsegoviina": "BA",
"bosnia and herzegovina": "BA",
"bulgaaria": "BG",
"bulgaria": "BG",
"canada": "CA",
"kanada": "CA",
"croatia": "HR",
"eesti": "EE",
"estonia": "EE",
"est": "EE",
"denmark": "DK",
"taani": "DK",
"finland": "FI",
"soome": "FI",
"france": "FR",
"prantsusmaa": "FR",
"georgia": "GE",
"gruusia": "GE",
"germany": "DE",
"saksamaa": "DE",
"greece": "GR",
"kreeka": "GR",
"hungary": "HU",
"ungari": "HU",
"iceland": "IS",
"island": "IS",
"ireland": "IE",
"iirimaa": "IE",
"italy": "IT",
"itaalia": "IT",
"japan": "JP",
"jaapan": "JP",
"kazakhstan": "KZ",
"kasahstan": "KZ",
"latvia": "LV",
"läti": "LV",
"lati": "LV",
"liechtenstein": "LI",
"lithuania": "LT",
"leedu": "LT",
"luxembourg": "LU",
"luksemburg": "LU",
"malta": "MT",
"moldova": "MD",
"montenegro": "ME",
"netherlands": "NL",
"holland": "NL",
"madalmaad": "NL",
"norway": "NO",
"norra": "NO",
"poland": "PL",
"poola": "PL",
"portugal": "PT",
"romania": "RO",
"rumeenia": "RO",
"serbia": "RS",
"slovakia": "SK",
"slovakkia": "SK",
"slovenia": "SI",
"sloveenia": "SI",
"spain": "ES",
"hispaania": "ES",
"sweden": "SE",
"rootsi": "SE",
"switzerland": "CH",
"šveits": "CH",
"sveits": "CH",
"turkey": "TR",
"türgi": "TR",
"ukraine": "UA",
"ukraina": "UA",
"united kingdom": "GB",
"suurbritannia": "GB",
"great britain": "GB",
"united states": "US",
"usa": "US",
"ameerika ühendriigid": "US",
"ameerika uhendriigid": "US",
"belarus": "BY",
"valgevene": "BY",
"russia": "RU",
"russian federation": "RU",
"venemaa": "RU",
}
COUNTRY_ROLE_COLOURS = {
"EE": 0x0072CE,
"LV": 0x9E3039,
"FI": 0x003580,
"LT": 0xFDB913,
"SE": 0x006AA7,
"DE": 0xDD0000,
"PL": 0xDC143C,
"UA": 0x0057B7,
"GB": 0x012169,
"US": 0x3C3B6E,
}
_client: gspread.Client | None = None
_spreadsheet: gspread.Spreadsheet | None = None
_sync_lock = asyncio.Lock()
@dataclass
class SyncSummary:
saved: int = 0
created: int = 0
updated: int = 0
roles_synced: int = 0
unmatched: int = 0
sheet_rows: int = 0
alerts: list[str] = field(default_factory=list)
def short(self) -> str:
return (
f"saved={self.saved}, created={self.created}, updated={self.updated}, "
f"roles={self.roles_synced}, unmatched={self.unmatched}, sheet_rows={self.sheet_rows}, "
f"alerts={len(self.alerts)}"
)
def _text_field(name: str, required: bool = False) -> dict:
return {
"name": name,
"type": "text",
"required": required,
"options": {"min": None, "max": None, "pattern": ""},
}
def _bool_field(name: str) -> dict:
return {"name": name, "type": "bool", "required": False}
def fienta_collection_payload() -> dict:
fields = [
_text_field("registration_key", required=True),
_text_field("order_id"),
_text_field("ticket_code"),
_text_field("order_status"),
_text_field("order_url"),
_text_field("payment_time"),
_text_field("game"),
_text_field("kind"),
_text_field("ticket_type_id"),
_text_field("ticket_title"),
_text_field("ticket_group_title"),
_text_field("team_name"),
_text_field("discord_username"),
_text_field("nickname"),
_text_field("country"),
_text_field("country_code"),
_text_field("riot_id"),
_text_field("steam64_id"),
_text_field("vrs_ranking"),
_bool_field("is_main"),
_bool_field("is_reserve"),
_bool_field("is_manager"),
_bool_field("is_captain"),
_bool_field("sheet_public"),
_bool_field("blocked_country"),
_bool_field("active"),
_bool_field("roles_synced"),
_text_field("last_sync_error"),
_text_field("updated_at"),
]
return {
"name": config.PB_FIENTA_COLLECTION_LAN,
"type": "base",
"fields": fields,
"listRule": None,
"viewRule": None,
"createRule": None,
"updateRule": None,
"deleteRule": None,
}
async def ensure_storage() -> bool:
"""Create the LAN Fienta collection when it does not exist."""
return await pb_client.ensure_collection(
config.PB_FIENTA_COLLECTION_LAN,
fienta_collection_payload(),
)
def _strip_accents(value: str) -> str:
normalized = unicodedata.normalize("NFKD", value)
return "".join(ch for ch in normalized if not unicodedata.combining(ch))
def _norm(value: Any) -> str:
return re.sub(r"\s+", " ", str(value or "")).strip()
def _norm_key(value: Any) -> str:
return _strip_accents(_norm(value)).casefold()
def _discord_key(value: Any) -> str:
return _norm(value).lstrip("@").casefold()
def _country_code(country: str) -> str:
raw = _norm(country)
if not raw:
return ""
key = _norm_key(raw)
if key in COUNTRY_CODE_BY_NAME:
return COUNTRY_CODE_BY_NAME[key]
for name, code in COUNTRY_CODE_BY_NAME.items():
if _norm_key(name) == key:
return code
upper = raw.upper()
if re.fullmatch(r"[A-Z]{2}", upper):
return upper
letters = re.sub(r"[^A-Z]", "", _strip_accents(upper))
return (letters[:2] or "XX").upper()
def _is_blocked_country(country: str, code: str) -> bool:
country_key = _norm_key(country)
return code in BLOCKED_COUNTRY_CODES or any(
_norm_key(name) == country_key for name in BLOCKED_COUNTRY_NAMES
)
def _role_safe_name(name: str) -> str:
cleaned = re.sub(r"\s+", " ", _norm(name)).strip("@# ")
return cleaned[:90] or "Unknown"
def _team_role_name(game: str, team_name: str) -> str:
prefix = "CS2" if game == "cs2" else "LoL"
return f"[{prefix}] {_role_safe_name(team_name)}"[:100]
def _language_role_name(code: str) -> str:
return f"[{code.upper()}]"
def _role_colour_for_country(code: str) -> discord.Color:
if code in COUNTRY_ROLE_COLOURS:
return discord.Color(COUNTRY_ROLE_COLOURS[code])
seed = sum(ord(ch) for ch in code)
hue = seed % 6
colours = [0x5865F2, 0x57F287, 0xFEE75C, 0xEB459E, 0xED4245, 0x00A8FC]
return discord.Color(colours[hue])
def _now_iso() -> str:
return dt.datetime.now(dt.timezone.utc).isoformat()
def _ticket_rows(payload: dict[str, Any]) -> list[dict[str, Any]]:
order = payload.get("order") or {}
order_id = _norm(order.get("id"))
status = _norm(order.get("status")).upper()
payment = order.get("payment") or {}
payment_time = _norm(payment.get("time"))
order_url = _norm(order.get("order_url"))
results: list[dict[str, Any]] = []
for ticket in order.get("tickets") or []:
ticket_code = _norm(ticket.get("code"))
for idx, row in enumerate(ticket.get("rows") or []):
ticket_type = row.get("ticket_type") or {}
ticket_type_id = _norm(ticket_type.get("id"))
mapping = TICKET_TYPES.get(ticket_type_id)
if not mapping:
continue
attendee = row.get("attendee") or {}
country = _norm(attendee.get("country"))
code = _country_code(country)
kind = str(mapping["kind"])
nickname = (
_norm(attendee.get("nickname_134815"))
or _norm(attendee.get("nickname_134816"))
or _norm(attendee.get("full_name"))
)
captain_raw = _norm(attendee.get("tiimi_kapten_134872")).casefold()
registration_key = f"{order_id}:{ticket_code}:{idx}"
results.append(
{
"registration_key": registration_key,
"order_id": order_id,
"ticket_code": ticket_code,
"order_status": status,
"order_url": order_url,
"payment_time": payment_time,
"game": mapping["game"],
"kind": kind,
"ticket_type_id": ticket_type_id,
"ticket_title": _norm(ticket_type.get("title")),
"ticket_group_title": _norm((ticket_type.get("ticket_type_group") or {}).get("title")),
"team_name": _norm(attendee.get("team_name_134821")),
"discord_username": _norm(attendee.get("discord_username_134871")),
"nickname": nickname,
"country": country,
"country_code": code,
"riot_id": _norm(attendee.get("riot_id_134870")),
"steam64_id": _norm(attendee.get("steam64_id_134819")),
"vrs_ranking": _norm(attendee.get("team_vrs_ranking_134825")),
"is_main": bool(mapping["main"]),
"is_reserve": kind == "reserve",
"is_manager": kind == "manager",
"is_captain": captain_raw in {"jah", "yes", "true", "1"},
"sheet_public": bool(mapping["sheet_public"]),
"blocked_country": _is_blocked_country(country, code),
"active": status == "COMPLETED",
"roles_synced": False,
"last_sync_error": "",
"updated_at": _now_iso(),
}
)
return results
async def process_payload(bot: discord.Client, payload: dict[str, Any]) -> SyncSummary:
"""Store a Fienta webhook payload and resync LAN roles/sheets."""
async with _sync_lock:
summary = SyncSummary()
await ensure_storage()
rows = _ticket_rows(payload)
if not rows:
summary.alerts.append("Fienta webhook did not contain any known tournament ticket rows.")
await _send_alerts(bot, summary.alerts)
return summary
for row in rows:
_, created = await pb_client.upsert_record_by_field(
config.PB_FIENTA_COLLECTION_LAN,
"registration_key",
row["registration_key"],
row,
)
summary.saved += 1
if created:
summary.created += 1
else:
summary.updated += 1
resync = await resync_all(bot, send_alerts=False)
summary.roles_synced += resync.roles_synced
summary.unmatched += resync.unmatched
summary.sheet_rows += resync.sheet_rows
summary.alerts.extend(resync.alerts)
await _send_alerts(bot, summary.alerts)
return summary
async def resync_all(bot: discord.Client, send_alerts: bool = True) -> SyncSummary:
"""Re-apply all stored Fienta registrations to Discord and Sheets."""
summary = SyncSummary()
await ensure_storage()
records = await _all_registration_records()
await _sync_roles(bot, records, summary)
sheet_rows, sheet_alerts = await asyncio.to_thread(_sync_public_sheets, records)
summary.sheet_rows += sheet_rows
summary.alerts.extend(sheet_alerts)
if send_alerts:
await _send_alerts(bot, summary.alerts)
return summary
async def sync_member_join(bot: discord.Client, member: discord.Member) -> SyncSummary:
"""Apply any stored registrations that match a newly joined member."""
if member.guild.id != config.GUILD_ID:
return SyncSummary()
summary = SyncSummary()
await ensure_storage()
target = _discord_key(member.name)
records = [
record
for record in await _all_registration_records()
if _discord_key(record.get("discord_username")) == target
]
if not records:
return summary
await _sync_roles(bot, records, summary, preloaded_member=member)
await _send_alerts(bot, summary.alerts)
return summary
async def count_records() -> int:
await ensure_storage()
return await pb_client.count_records_in(config.PB_FIENTA_COLLECTION_LAN)
async def _all_registration_records() -> list[dict[str, Any]]:
return await pb_client.list_all_records_in(config.PB_FIENTA_COLLECTION_LAN)
async def _sync_roles(
bot: discord.Client,
records: list[dict[str, Any]],
summary: SyncSummary,
preloaded_member: discord.Member | None = None,
) -> None:
guild = bot.get_guild(config.GUILD_ID)
if guild is None:
summary.alerts.append(f"LAN guild {config.GUILD_ID} is not available to the bot.")
return
if preloaded_member is None:
await _ensure_member_cache(guild)
captain_counts: dict[tuple[str, str], int] = {}
for record in records:
if (
record.get("game") == "cs2"
and record.get("is_main")
and record.get("is_captain")
and record.get("active")
):
key = ("cs2", _norm_key(record.get("team_name")))
captain_counts[key] = captain_counts.get(key, 0) + 1
for (_, team_key), count in captain_counts.items():
if count > 1:
team = next(
(_norm(r.get("team_name")) for r in records if _norm_key(r.get("team_name")) == team_key),
team_key,
)
summary.alerts.append(f"Multiple CS2 captains marked for team `{team}` ({count}).")
for record in records:
error = await _sync_record_roles(guild, record, summary, preloaded_member)
try:
await pb_client.update_record_in(
config.PB_FIENTA_COLLECTION_LAN,
record["id"],
{
"roles_synced": not bool(error),
"last_sync_error": error,
"updated_at": _now_iso(),
},
)
except Exception as exc:
summary.alerts.append(
f"Could not update sync state for `{record.get('registration_key')}`: {exc}"
)
async def _sync_record_roles(
guild: discord.Guild,
record: dict[str, Any],
summary: SyncSummary,
preloaded_member: discord.Member | None = None,
) -> str:
team_name = _norm(record.get("team_name"))
username = _norm(record.get("discord_username"))
game = _norm(record.get("game"))
status = _norm(record.get("order_status")).upper()
country = _norm(record.get("country"))
country_code = _norm(record.get("country_code"))
if status in CANCELLED_STATUSES:
summary.alerts.append(
f"Registration `{record.get('registration_key')}` is {status}; no automatic role removal was done."
)
return "inactive order"
if not record.get("active"):
summary.alerts.append(
f"Registration `{record.get('registration_key')}` is `{status or 'UNKNOWN'}`; roles not assigned yet."
)
return "order not completed"
if record.get("blocked_country"):
summary.alerts.append(
f"Blocked country registration skipped: `{username}` / `{team_name}` / `{country}`."
)
return "blocked country"
if not username:
summary.unmatched += 1
summary.alerts.append(f"Registration `{record.get('registration_key')}` has no Discord username.")
return "missing Discord username"
if not team_name:
summary.alerts.append(f"Registration `{record.get('registration_key')}` has no team name.")
return "missing team name"
member = preloaded_member or _find_member_by_username(guild, username)
if member is None:
summary.unmatched += 1
summary.alerts.append(f"No Discord member found for `{username}` ({game.upper()} `{team_name}`).")
return "Discord member not found"
roles: list[discord.Role] = []
general_role_id = CS2_GENERAL_ROLE_ID if game == "cs2" else LOL_GENERAL_ROLE_ID
general_role = guild.get_role(general_role_id)
if general_role is None:
return f"general role {general_role_id} not found"
roles.append(general_role)
team_role = await _get_or_create_role(
guild,
_team_role_name(game, team_name),
anchor=general_role,
colour=general_role.color if general_role.color.value else discord.Color.default(),
)
roles.append(team_role)
language_general = guild.get_role(LANGUAGE_GENERAL_ROLE_ID)
if language_general:
roles.append(language_general)
if country_code:
country_role = await _get_or_create_country_role(guild, country_code, language_general)
roles.append(country_role)
else:
summary.alerts.append(f"Missing country for `{username}` ({game.upper()} `{team_name}`).")
else:
summary.alerts.append(f"Language general role {LANGUAGE_GENERAL_ROLE_ID} not found.")
if game == "cs2" and record.get("is_main") and record.get("is_captain"):
captain_role = guild.get_role(CS2_CAPTAIN_ROLE_ID)
if captain_role:
roles.append(captain_role)
else:
summary.alerts.append(f"CS2 Captain role {CS2_CAPTAIN_ROLE_ID} not found.")
if game == "cs2" and record.get("is_manager"):
manager_role = guild.get_role(CS2_MANAGER_ROLE_ID)
if manager_role:
roles.append(manager_role)
else:
summary.alerts.append(f"CS2 Manager role {CS2_MANAGER_ROLE_ID} not found.")
missing = [role for role in _unique_roles(roles) if role not in member.roles]
if missing:
try:
await member.add_roles(*missing, reason="Fienta LAN registration sync")
except discord.Forbidden:
return "bot lacks permission to add roles"
except discord.HTTPException as exc:
return f"Discord role add failed: {exc}"
summary.roles_synced += 1
return ""
async def _ensure_member_cache(guild: discord.Guild) -> None:
try:
if not guild.chunked:
await guild.chunk(cache=True)
except Exception as exc:
log.warning("Could not chunk guild members for Fienta sync: %s", exc)
def _find_member_by_username(guild: discord.Guild, username: str) -> discord.Member | None:
target = _discord_key(username)
if not target:
return None
for member in guild.members:
candidates = [member.name, getattr(member, "global_name", None), member.display_name]
if any(_discord_key(candidate) == target for candidate in candidates if candidate):
return member
return None
def _unique_roles(roles: list[discord.Role]) -> list[discord.Role]:
seen: set[int] = set()
result: list[discord.Role] = []
for role in roles:
if role.id not in seen:
seen.add(role.id)
result.append(role)
return result
async def _get_or_create_country_role(
guild: discord.Guild,
country_code: str,
anchor: discord.Role,
) -> discord.Role:
code = country_code.upper()
existing_id = EXISTING_LANGUAGE_ROLE_IDS.get(code)
if existing_id:
role = guild.get_role(existing_id)
if role:
return role
return await _get_or_create_role(
guild,
_language_role_name(code),
anchor=anchor,
colour=_role_colour_for_country(code),
)
async def _get_or_create_role(
guild: discord.Guild,
name: str,
anchor: discord.Role,
colour: discord.Color,
) -> discord.Role:
role = discord.utils.get(guild.roles, name=name)
if role is None:
role = await guild.create_role(name=name, color=colour, reason="Fienta LAN registration sync")
await _move_role_under(guild, role, anchor)
return role
async def _move_role_under(guild: discord.Guild, role: discord.Role, anchor: discord.Role) -> None:
if role.position == max(anchor.position - 1, 1):
return
try:
await guild.edit_role_positions(positions={role: max(anchor.position - 1, 1)})
except discord.Forbidden:
log.warning("No permission to move role %s under %s", role.name, anchor.name)
except discord.HTTPException as exc:
log.warning("Could not move role %s under %s: %s", role.name, anchor.name, exc)
def _get_spreadsheet() -> gspread.Spreadsheet:
global _client, _spreadsheet
if _spreadsheet is not None:
return _spreadsheet
creds = Credentials.from_service_account_file(config.GOOGLE_CREDS_PATH, scopes=SCOPES)
_client = gspread.authorize(creds)
_spreadsheet = _client.open_by_key(config.SHEET_ID)
return _spreadsheet
def _sync_public_sheets(records: list[dict[str, Any]]) -> tuple[int, list[str]]:
alerts: list[str] = []
rows_written = 0
spreadsheet = _get_spreadsheet()
for game in ("cs2", "lol"):
cfg = SHEET_CONFIG[game]
try:
worksheet = spreadsheet.worksheet(cfg["worksheet"])
except gspread.WorksheetNotFound:
alerts.append(f"Worksheet `{cfg['worksheet']}` not found in LAN live sheet.")
continue
teams = _public_teams(records, game)
rows_written += _write_game_sheet(worksheet, game, teams, alerts)
return rows_written, alerts
def _public_teams(records: list[dict[str, Any]], game: str) -> list[dict[str, Any]]:
by_team: dict[str, dict[str, Any]] = {}
for record in records:
status = _norm(record.get("order_status")).upper()
if record.get("game") != game or not record.get("sheet_public"):
continue
if record.get("blocked_country") or status in CANCELLED_STATUSES:
continue
team_name = _norm(record.get("team_name"))
if not team_name:
continue
key = _norm_key(team_name)
team = by_team.setdefault(
key,
{
"team_name": team_name,
"lineup": [],
"vrs": "",
"payment_time": _norm(record.get("payment_time")),
"confirmed": True,
},
)
team["lineup"].append(
{
"nickname": _norm(record.get("nickname")),
"country": _norm(record.get("country")),
"country_code": _norm(record.get("country_code")),
}
)
if not team["vrs"] and record.get("vrs_ranking"):
team["vrs"] = _norm(record.get("vrs_ranking"))
if _norm(record.get("payment_time")) < team["payment_time"]:
team["payment_time"] = _norm(record.get("payment_time"))
if status != "COMPLETED":
team["confirmed"] = False
return sorted(by_team.values(), key=lambda t: (t["payment_time"], _norm_key(t["team_name"])))
def _write_game_sheet(
worksheet: gspread.Worksheet,
game: str,
teams: list[dict[str, Any]],
alerts: list[str],
) -> int:
cfg = SHEET_CONFIG[game]
start_row = int(cfg["start_row"])
end_row = int(cfg["end_row"])
capacity = end_row - start_row + 1
existing = worksheet.get(f"B{start_row}:B{end_row}")
by_name: dict[str, int] = {}
empty_rows: list[int] = []
for offset in range(capacity):
row_num = start_row + offset
value = ""
if offset < len(existing) and existing[offset]:
value = _norm(existing[offset][0])
if value:
by_name[_norm_key(value)] = row_num
else:
empty_rows.append(row_num)
rows_written = 0
for team in teams:
key = _norm_key(team["team_name"])
row_num = by_name.get(key)
if row_num is None:
if not empty_rows:
alerts.append(f"{game.upper()} live sheet is full; `{team['team_name']}` was not added.")
continue
row_num = empty_rows.pop(0)
by_name[key] = row_num
no = row_num - start_row + 1
lineup = "\n".join(_lineup_entry(player) for player in team["lineup"])
timestamp = _format_sheet_time(team["payment_time"])
status = CONFIRMED_TEXT if team["confirmed"] else PENDING_TEXT
if game == "cs2":
values = [[no, team["team_name"], lineup, team["vrs"], timestamp, status]]
worksheet.update(values, f"A{row_num}:F{row_num}", value_input_option="USER_ENTERED")
else:
values = [[no, team["team_name"], lineup, timestamp, status]]
worksheet.update(values, f"A{row_num}:E{row_num}", value_input_option="USER_ENTERED")
rows_written += 1
return rows_written
def _lineup_entry(player: dict[str, str]) -> str:
nickname = player.get("nickname") or "?"
country = player.get("country") or player.get("country_code") or "?"
return f"{nickname}, {country}"
def _format_sheet_time(raw: str) -> str:
if not raw:
return ""
try:
parsed = dt.datetime.fromisoformat(raw)
except ValueError:
return raw
return parsed.strftime("%d.%m.%Y %H:%M")
async def _send_alerts(bot: discord.Client, alerts: list[str]) -> None:
if not alerts or not config.FIENTA_ADMIN_ALERT_CHANNEL_ID:
return
try:
channel = bot.get_channel(config.FIENTA_ADMIN_ALERT_CHANNEL_ID)
if channel is None:
channel = await bot.fetch_channel(config.FIENTA_ADMIN_ALERT_CHANNEL_ID)
except Exception as exc:
log.warning("Could not fetch Fienta alert channel: %s", exc)
return
if not hasattr(channel, "send"):
return
header = "**Fienta LAN sync alerts**"
chunks: list[str] = []
current = header
for alert in alerts:
line = f"\n- {alert}"
if len(current) + len(line) > 1900:
chunks.append(current)
current = header + line
else:
current += line
chunks.append(current)
for chunk in chunks:
try:
await channel.send(chunk)
except Exception as exc:
log.warning("Could not send Fienta alert: %s", exc)
break

4
core/member_sync.py
View File

@@ -126,12 +126,12 @@ async def sync_member(
# --- Backfill User ID if missing ---
raw_id = str(row.get("User ID", "")).strip()
if not raw_id or raw_id == "0":
await sheets.set_user_id(member.name, member.id)
sheets.set_user_id(member.name, member.id)
# --- Update Discord username in sheet if it changed ---
sheet_username = str(row.get("Discord", "")).strip()
if sheet_username.lower() != member.name.lower():
await sheets.update_username(member.id, member.name)
sheets.update_username(member.id, member.name)
# --- Nickname (Nimi = real name, formatted as first name + last initial) ---
nimi = str(row.get("Nimi", "")).strip()

220
core/pb_client.py
View File

@@ -7,7 +7,7 @@ Environment variables (set in .env):
PB_URL Base URL of PocketBase (default: http://127.0.0.1:8090)
PB_ADMIN_EMAIL PocketBase admin e-mail
PB_ADMIN_PASSWORD PocketBase admin password
PB_ECONOMY_COLLECTION_DEV / PB_ECONOMY_COLLECTION_ECONOMY
PB_ECONOMY_COLLECTION_DEV / PB_ECONOMY_COLLECTION_ECONOMY / PB_ECONOMY_COLLECTION_LAN
"""
from __future__ import annotations
@@ -21,11 +21,6 @@ import aiohttp
import config
class DatabaseError(Exception):
"""Raised when PocketBase is unreachable or returns an error."""
pass
_log = logging.getLogger("tipiCOIN.pb")
PB_URL = config.PB_URL
@@ -62,20 +57,17 @@ async def _ensure_auth() -> str:
if time.monotonic() < _token_expiry:
return _token
session = _get_session()
try:
async with session.post(
f"{PB_URL}/api/collections/_superusers/auth-with-password",
json={"identity": PB_ADMIN_EMAIL, "password": PB_ADMIN_PASSWORD},
) as resp:
if resp.status != 200:
text = await resp.text()
raise DatabaseError(f"PocketBase auth failed ({resp.status}): {text}")
data = await resp.json()
_token = data["token"]
_token_expiry = time.monotonic() + 13 * 24 * 3600 # refresh well before expiry
_log.debug("PocketBase admin token refreshed")
except (aiohttp.ClientConnectorError, asyncio.TimeoutError) as e:
raise DatabaseError(f"Database unavailable: {e}") from e
async with session.post(
f"{PB_URL}/api/collections/_superusers/auth-with-password",
json={"identity": PB_ADMIN_EMAIL, "password": PB_ADMIN_PASSWORD},
) as resp:
if resp.status != 200:
text = await resp.text()
raise RuntimeError(f"PocketBase auth failed ({resp.status}): {text}")
data = await resp.json()
_token = data["token"]
_token_expiry = time.monotonic() + 13 * 24 * 3600 # refresh well before expiry
_log.debug("PocketBase admin token refreshed")
return _token
@@ -83,35 +75,8 @@ async def _hdrs() -> dict[str, str]:
return {"Authorization": await _ensure_auth()}
def _invalidate_token() -> None:
global _token_expiry
_token_expiry = 0.0
# ---------------------------------------------------------------------------
# Request helper with auth-retry and error wrapping
# ---------------------------------------------------------------------------
async def _request(method: str, url: str, **kwargs: Any) -> Any:
"""Make an authenticated request, retrying once on 401/403 by re-authing.
Returns the parsed JSON body. Raises DatabaseError on connection issues or
non-2xx responses after retrying.
"""
session = _get_session()
for attempt in range(2):
kwargs["headers"] = await _hdrs()
try:
async with session.request(method, url, **kwargs) as resp:
if resp.status in (401, 403) and attempt == 0:
_invalidate_token()
continue
if not resp.ok:
text = await resp.text()
raise DatabaseError(f"Database unavailable: {resp.status}, {text}")
return await resp.json()
except (aiohttp.ClientConnectorError, asyncio.TimeoutError) as e:
raise DatabaseError(f"Database unavailable: {e}") from e
def _escape_filter_value(value: str) -> str:
return value.replace("\\", "\\\\").replace('"', '\\"')
# ---------------------------------------------------------------------------
@@ -120,55 +85,156 @@ async def _request(method: str, url: str, **kwargs: Any) -> Any:
async def get_record(user_id: str) -> dict[str, Any] | None:
"""Fetch one economy record by Discord user_id. Returns None if not found."""
data = await _request(
"GET",
f"{PB_URL}/api/collections/{ECONOMY_COLLECTION}/records",
params={"filter": f'user_id="{user_id}"', "perPage": 1},
return await get_first_record(
ECONOMY_COLLECTION,
f'user_id="{_escape_filter_value(user_id)}"',
)
items = data.get("items", [])
return items[0] if items else None
async def get_first_record(collection: str, filter_expr: str) -> dict[str, Any] | None:
"""Fetch one record from any collection by a PocketBase filter expression."""
session = _get_session()
async with session.get(
f"{PB_URL}/api/collections/{collection}/records",
params={"filter": filter_expr, "perPage": 1},
headers=await _hdrs(),
) as resp:
resp.raise_for_status()
data = await resp.json()
items = data.get("items", [])
return items[0] if items else None
async def get_record_by_field(collection: str, field: str, value: str) -> dict[str, Any] | None:
"""Fetch one record where `field` exactly equals `value`."""
escaped = _escape_filter_value(value)
return await get_first_record(collection, f'{field}="{escaped}"')
async def create_record(record: dict[str, Any]) -> dict[str, Any]:
"""Create a new economy record. Returns the created record (includes PB id)."""
return await _request(
"POST",
f"{PB_URL}/api/collections/{ECONOMY_COLLECTION}/records",
return await create_record_in(ECONOMY_COLLECTION, record)
async def create_record_in(collection: str, record: dict[str, Any]) -> dict[str, Any]:
"""Create a new record in any collection. Returns the created record."""
session = _get_session()
async with session.post(
f"{PB_URL}/api/collections/{collection}/records",
json=record,
)
headers=await _hdrs(),
) as resp:
if resp.status not in (200, 201):
text = await resp.text()
raise RuntimeError(f"PocketBase create failed ({resp.status}): {text}")
return await resp.json()
async def update_record(record_id: str, data: dict[str, Any]) -> dict[str, Any]:
"""PATCH an existing record by its PocketBase record id."""
return await _request(
"PATCH",
f"{PB_URL}/api/collections/{ECONOMY_COLLECTION}/records/{record_id}",
return await update_record_in(ECONOMY_COLLECTION, record_id, data)
async def update_record_in(collection: str, record_id: str, data: dict[str, Any]) -> dict[str, Any]:
"""PATCH an existing record in any collection by its PocketBase record id."""
session = _get_session()
async with session.patch(
f"{PB_URL}/api/collections/{collection}/records/{record_id}",
json=data,
)
headers=await _hdrs(),
) as resp:
resp.raise_for_status()
return await resp.json()
async def count_records() -> int:
"""Return the total number of records in the collection (single cheap request)."""
data = await _request(
"GET",
f"{PB_URL}/api/collections/{ECONOMY_COLLECTION}/records",
return await count_records_in(ECONOMY_COLLECTION)
async def count_records_in(collection: str) -> int:
"""Return the total number of records in any collection."""
session = _get_session()
async with session.get(
f"{PB_URL}/api/collections/{collection}/records",
params={"perPage": 1, "page": 1},
)
return int(data.get("totalItems", 0))
headers=await _hdrs(),
) as resp:
resp.raise_for_status()
data = await resp.json()
return int(data.get("totalItems", 0))
async def list_all_records(page_size: int = 500) -> list[dict[str, Any]]:
"""Fetch every record in the collection, handling PocketBase pagination."""
return await list_all_records_in(ECONOMY_COLLECTION, page_size=page_size)
async def list_all_records_in(collection: str, page_size: int = 500) -> list[dict[str, Any]]:
"""Fetch every record in any collection, handling PocketBase pagination."""
results: list[dict[str, Any]] = []
page = 1
session = _get_session()
hdrs = await _hdrs()
while True:
data = await _request(
"GET",
f"{PB_URL}/api/collections/{ECONOMY_COLLECTION}/records",
async with session.get(
f"{PB_URL}/api/collections/{collection}/records",
params={"perPage": page_size, "page": page},
)
batch = data.get("items", [])
results.extend(batch)
if len(batch) < page_size:
return results
page += 1
headers=hdrs,
) as resp:
resp.raise_for_status()
data = await resp.json()
batch = data.get("items", [])
results.extend(batch)
if len(batch) < page_size:
break
page += 1
return results
async def upsert_record_by_field(
collection: str,
field: str,
value: str,
data: dict[str, Any],
) -> tuple[dict[str, Any], bool]:
"""Create or update a record. Returns (record, created)."""
existing = await get_record_by_field(collection, field, value)
if existing:
return await update_record_in(collection, existing["id"], data), False
return await create_record_in(collection, data), True
async def get_collection(collection: str) -> dict[str, Any] | None:
"""Fetch collection metadata, returning None if it doesn't exist."""
session = _get_session()
async with session.get(
f"{PB_URL}/api/collections/{collection}",
headers=await _hdrs(),
) as resp:
if resp.status == 404:
return None
resp.raise_for_status()
return await resp.json()
async def create_collection(payload: dict[str, Any]) -> dict[str, Any]:
"""Create a PocketBase collection from a full collection payload."""
session = _get_session()
async with session.post(
f"{PB_URL}/api/collections",
json=payload,
headers=await _hdrs(),
) as resp:
if resp.status not in (200, 201):
text = await resp.text()
raise RuntimeError(f"PocketBase collection create failed ({resp.status}): {text}")
return await resp.json()
async def ensure_collection(collection: str, payload: dict[str, Any]) -> bool:
"""Create `collection` when missing. Returns True if created."""
if await get_collection(collection):
return False
await create_collection(payload)
return True

72
core/sheets.py
View File

@@ -1,12 +1,4 @@
"""Google Sheets integration - read/write member data via gspread.
Public network-hitting functions are async and delegate the blocking gspread
work to `asyncio.to_thread` so the discord.py event loop is not stalled
(stalled loops drop gateway heartbeats and can disconnect the bot).
Pure-cache helpers (get_cache, find_*) remain sync.
"""
import asyncio
"""Google Sheets integration - read/write member data via gspread."""
import gspread
from google.oauth2.service_account import Credentials
@@ -77,7 +69,11 @@ def _ensure_headers(ws: gspread.Worksheet) -> None:
ws.update_cell(1, col_idx, header)
def _refresh_sync() -> list[dict]:
def refresh() -> list[dict]:
"""Pull all rows from the sheet into the in-memory cache.
Returns the cache (list of dicts keyed by header names).
"""
global _cache
ws = _get_worksheet()
_ensure_headers(ws)
@@ -87,11 +83,6 @@ def _refresh_sync() -> list[dict]:
return _cache
async def refresh() -> list[dict]:
"""Pull all rows from the sheet into the in-memory cache (non-blocking)."""
return await asyncio.to_thread(_refresh_sync)
def get_cache() -> list[dict]:
"""Return the current in-memory cache without re-querying."""
return _cache
@@ -131,12 +122,16 @@ def _row_index_for_member(discord_id: int | None = None, username: str | None =
return None
def _update_cell_for_member_sync(
def update_cell_for_member(
discord_id: int | None,
username: str | None,
column_name: str,
value: str,
) -> bool:
"""Write a value to a specific column for a member row.
Returns True if the write succeeded.
"""
ws = _worksheet or _get_worksheet()
row_idx = _row_index_for_member(discord_id=discord_id, username=username)
if row_idx is None:
@@ -150,6 +145,7 @@ def _update_cell_for_member_sync(
ws.update([[value]], gspread.utils.rowcol_to_a1(row_idx, col_idx),
value_input_option="USER_ENTERED")
# Keep cache in sync
cache_idx = row_idx - 3
if 0 <= cache_idx < len(_cache):
_cache[cache_idx][column_name] = value
@@ -157,19 +153,8 @@ def _update_cell_for_member_sync(
return True
async def update_cell_for_member(
discord_id: int | None,
username: str | None,
column_name: str,
value: str,
) -> bool:
"""Write a value to a specific column for a member row (non-blocking)."""
return await asyncio.to_thread(
_update_cell_for_member_sync, discord_id, username, column_name, value
)
def _batch_set_synced_sync(updates: list[tuple[int, bool]]) -> None:
def batch_set_synced(updates: list[tuple[int, bool]]) -> None:
"""Batch-write 'Discordis synced?' for multiple members in a single API call."""
ws = _worksheet or _get_worksheet()
col_idx = EXPECTED_HEADERS.index("Discordis synced?") + 1
cells = []
@@ -185,14 +170,9 @@ def _batch_set_synced_sync(updates: list[tuple[int, bool]]) -> None:
ws.update_cells(cells, value_input_option="USER_ENTERED")
async def batch_set_synced(updates: list[tuple[int, bool]]) -> None:
"""Batch-write 'Discordis synced?' for multiple members (non-blocking)."""
await asyncio.to_thread(_batch_set_synced_sync, updates)
async def set_user_id(username: str, discord_id: int) -> bool:
def set_user_id(username: str, discord_id: int) -> bool:
"""Write a Discord user ID for a row matched by Discord username."""
return await update_cell_for_member(
return update_cell_for_member(
discord_id=None,
username=username,
column_name="User ID",
@@ -200,9 +180,9 @@ async def set_user_id(username: str, discord_id: int) -> bool:
)
async def set_synced(discord_id: int, synced: bool) -> bool:
def set_synced(discord_id: int, synced: bool) -> bool:
"""Mark a member as synced (TRUE) or not (FALSE)."""
return await update_cell_for_member(
return update_cell_for_member(
discord_id=discord_id,
username=None,
column_name="Discordis synced?",
@@ -210,9 +190,9 @@ async def set_synced(discord_id: int, synced: bool) -> bool:
)
async def update_username(discord_id: int, new_username: str) -> bool:
def update_username(discord_id: int, new_username: str) -> bool:
"""Update the Discord column for a member (keeps sheet in sync with Discord)."""
return await update_cell_for_member(
return update_cell_for_member(
discord_id=discord_id,
username=None,
column_name="Discord",
@@ -220,17 +200,17 @@ async def update_username(discord_id: int, new_username: str) -> bool:
)
def _add_new_member_row_sync(username: str, discord_id: int) -> None:
def add_new_member_row(username: str, discord_id: int) -> None:
"""Append a new row to the sheet with Discord username and User ID pre-filled.
All other columns are left empty for manual entry by an admin.
"""
ws = _worksheet or _get_worksheet()
row = [""] * len(EXPECTED_HEADERS)
row[EXPECTED_HEADERS.index("Discord")] = username
row[EXPECTED_HEADERS.index("User ID")] = str(discord_id)
row[EXPECTED_HEADERS.index("Discordis synced?")] = "FALSE"
ws.append_row(row, value_input_option="USER_ENTERED")
# Add to local cache so subsequent find_member() calls work in the same session
new_entry = {h: row[i] for i, h in enumerate(EXPECTED_HEADERS)}
_cache.append(new_entry)
async def add_new_member_row(username: str, discord_id: int) -> None:
"""Append a new row pre-filled with Discord username and User ID (non-blocking)."""
await asyncio.to_thread(_add_new_member_row_sync, username, discord_id)

904
docs/CHANGELOG.md Normal file
View File

@@ -0,0 +1,904 @@
## v0.36.7
- Fixed high memory usage with large file uploads ([#7572](https://github.com/pocketbase/pocketbase/discussions/7572)).
- Updated the rate limiter reset rules to follow a more traditional fixed window strategy _(aka. to be more close to how it is presented in the UI - allow max X user requests under Ys)_ since several users complained that the older algorithm was not intuitive and not suitable for large intervals.
_Approximated sliding window strategy was also suggested as a better compromise option to help minimize traffic spikes right after reset but the additional tracking could introduce some overhead and for now it is left aside until we have more tests._
- Updated `modernc.org/sqlite` to v1.46.2 and SQLite 3.51.3.
_⚠️ SQLite 3.51.3 fixed a [database corruption bug](https://sqlite.org/wal.html#walresetbug) that is very unlikely to happen (with PocketBase even more so because we queue on app level all writes and explicit transactions through a single db connection), but still it is advised to upgrade._
- Updated other minor Go and npm deps.
_The min Go version in the go.mod of the package was also bumped to Go 1.25.0 because some of the newer dep versions require it._
## v0.36.6
- Set `NumberField.OnlyInt:true` for the generated View collection schema fields when a view column expression is known to return int-only values ([#7538](https://github.com/pocketbase/pocketbase/issues/7538)).
- Documented the `unmarshal` JSVM helper ([#7543](https://github.com/pocketbase/pocketbase/issues/7543)).
- Added extra read check after the `Store.GetOrSet` write lock to prevent races overwriting an already existing value.
- Added empty records check for the additional client-side filter's ListRule constraint that was introduced in v0.32.0 ([presentator#206](https://github.com/presentator/presentator/issues/206)).
- Set a fixed `routine.FireAndForget()` debug stack trace limit to 2KB.
- Bumped min Go GitHub action version to 1.26.1 because it comes with some [minor bug and security fixes](https://github.com/golang/go/issues?q=milestone%3AGo1.26.1).
- Typos and other minor doc fixes.
## v0.36.5
- Disabled collection and fields name normalization while in IME mode ([#7532](https://github.com/pocketbase/pocketbase/pull/7532); thanks @miaopan607).
- Updated `modernc.org/sqlite` to v1.46.1 _(resets connection state on Tx.Commit failure)_.
## v0.36.4
- Made the optional `Bearer` token prefix case-insensitive ([#7525](https://github.com/pocketbase/pocketbase/pull/7525); thanks @benjamesfleming).
- Enabled `$filesystem.s3(...)` and `$filesystem.local(...)` JSVM bindings ([#7526](https://github.com/pocketbase/pocketbase/issues/7526)).
## v0.36.3
- Added `Accept-Encoding: identity` to the S3 requests per the suggestion in [#7523](https://github.com/pocketbase/pocketbase/issues/7523).
_This should help fixing the 0-bytes file response when S3 API compression is enabled._
- Bumped min Go GitHub action version to 1.26.0 _(it comes with minor [GC performance improvements](https://go.dev/doc/go1.26#runtime))_.
- Other minor fixes _(updated `modernc.org/sqlite` to v1.45.0, updated `goja_nodejs` adding `Buffer.concat`, updated the arguments of `app.DeleteTable(...)`, `app.DeleteView(...)` and other similar methods to make it more clear that they are dangerous and shouldn't be used with untrusted input, etc.)_.
## v0.36.2
- Updated `modernc.org/sqlite` to v1.44.3 _(race check fix)_, `goja` _(circular references fix)_ and other go deps.
- Other minor fixes _(updated tests to silence some of the race detector errors, updated `FindFirstRecordByData` with more clear error message when missing or invalid key is used, etc.)_.
## v0.36.1
- Reverted the `DISTINCT` with `GROUP BY` replacement optimization from v0.36.0 as it was reported to negatively impact the indexes utilization for some queries
and the minor performance boost that you may get when used on large records is not enough to justify the more common use ([#7461](https://github.com/pocketbase/pocketbase/discussions/7461)).
_A better generic deduplication optimization for large records (aka. records with large `text`/`json` fields or many small ones) will be researched but there are no ETAs._
- Updated `modernc.org/sqlite` to v1.44.2 _(SQLite 3.51.2)_.
- Fixed code comment typos.
## v0.36.0
- List query and API rules optimizations:
- Removed unnecessary correlated subquery expression when using back-relations via single `relation` field.
- Replaced `DISTINCT` with `GROUP BY id` when rows deduplication is needed and when deemed safe.
_This should help with having a more stable and predictable performance even if the collection records are on the larger side._
For some queries and data sets the above 2 optimizations have shown significant improvements but if you notice a performance degradation after upgrading,
please open a Q&A discussion with export of your collections structure and the problematic request so that it can be analyzed.
- Added [`strftime(format, timevalue, modifiers...)`](https://pocketbase.io/docs/api-rules-and-filters/#strftimeformat-time-value-modifiers-) date formatting filter and API rules function.
It works similarly to the [SQLite `strftime` builtin function](https://sqlite.org/lang_datefunc.html)
with the main difference that NULL results will be normalized for consistency with the non-nullable PocketBase `text` and `date` fields.
Multi-match expressions are also supported and works the same as if the collection field is referenced, for example:
```js
// requires ANY/AT-LEAST-ONE-OF multiRel records to have "created" date matching the formatted string "2026-01"
strftime('%Y-%m', multiRel.created) ?= '2026-01'
// requires ALL multiRel records to have "created" date matching the formatted string "2026-01"
strftime('%Y-%m', multiRel.created) = '2026-01'
```
- ⚠️ Minor changes to the `search.ResolverResult` struct _(mostly used internally)_:
- Replaced `NoCoalesce` field with the more explicit `NullFallback` _(`NullFallbackDisabled` is the same as `NoCoalesce:true`)_.
- Replaced the expression interface of the `MultiMatchSubQuery` field with the concrete struct type `search.MultiMatchSubquery` to avoid excessive type assertions and allow direct mutations of the field.
- Updated `modernc.org/sqlite` to v1.44.1 _(SQLite 3.51.1)_.
- Bumped min Go GitHub action version to 1.25.6 because it comes with some [minor security fixes](https://github.com/golang/go/issues?q=milestone%3AGo1.25.6).
## v0.35.1
- Updated `modernc.org/sqlite` to v1.43.0 _(query cancellation race fix)_.
- Other minor UI fixes (normalized relations picker selection and confirmation message when `maxSelect=0/1`, updated node deps).
## v0.35.0
- Added `nullString()`, `nullInt()`, `nullFloat()`, `nullBool`, `nullArray()`, `nullObject()` JSVM helpers for scanning nullable columns ([#7396](https://github.com/pocketbase/pocketbase/issues/7396)).
- Store the correct `image/png` as attrs content type when generating a thumb fallback _(e.g. for `webp`)_.
- Trimmed custom uploaded file name and extension from leftover `.` characters after `filesystem.File` normalization.
_This was done to prevent issues with external files sync programs that may have special handling for "invisible" files._
- Updated `modernc.org/sqlite` _(v1.41.0 includes prepared statements optimization)_ and other minor Go deps.
## v0.34.2
- Bumped JS SDK to v0.26.5 to fix Safari AbortError detection introduced with the previous release ([#7369](https://github.com/pocketbase/pocketbase/issues/7369)).
## v0.34.1
- Added missing `:` char to the autocomplete regex ([#7353](https://github.com/pocketbase/pocketbase/pull/7353); thanks @ouvreboite).
- Added "Copy raw JSON" collection dropdown option ([#7357](https://github.com/pocketbase/pocketbase/issues/7357)).
- Updated Go deps and JS SDK.
- Bumped min Go GitHub action version to 1.25.5 because it comes with some [minor security fixes](https://github.com/golang/go/issues?q=milestone%3AGo1.25.5).
_The runner action was also updated to `actions/setup-go@v6` since the previous v5 Go source seems [no longer accessible](https://github.com/actions/setup-go/pull/665#issuecomment-3416693714)._
## v0.34.0
- Added `@request.body.someField:changed` modifier.
It could be used when you want to ensure that a body field either wasn't submitted or was submitted with the same value.
Or in other words, if you want to disallow a field change the below 2 expressions would be equivalent:
```js
// (old)
(@request.body.someField:isset = false || @request.body.someField = someField)
// (new)
@request.body.someField:changed = false
```
- Added `MailerRecordEvent.Meta["info"]` property for the `OnMailerRecordAuthAlertSend` hook.
- Updated the backup restore popup with a short info about the performed restore steps.
- Updated Go deps.
## v0.33.0
- Added extra `id` characters validation in addition to the user specified regex pattern ([#7312](https://github.com/pocketbase/pocketbase/issues/7312)).
_The following special characters are always forbidden: `./\|"'``<>:?*%$\n\r\t\0 `. Common reserved Windows file names such as `aux`, `prn`, `con`, `nul`, `com1-9`, `lpt1-9` are also not allowed._
_The list is not exhaustive but it should help minimizing eventual filesystem compatibility issues in case of wildcards or other loose regex patterns._
- Added `{ALERT_INFO}` placeholder to the auth alert mail template ([#7314](https://github.com/pocketbase/pocketbase/issues/7314)).
_⚠️ `mails.SendRecordAuthAlert(app, authRecord, info)` also now accepts a 3rd `info` string argument._
- Updated Go deps.
## v0.32.0
- ⚠️ Added extra List/Search API rules checks for the client-side `filter`/`sort` relations.
This is continuation of the effort to eliminate the risk of information disclosure _(and eventually the side-channel attacks that may originate from that)_.
So far this was accepted tradeoff between performance, usability and correctness since the solutions at the time weren't really practical _(especially with the back-relations as mentioned in ["Security and performance" section in #4417](https://github.com/pocketbase/pocketbase/discussions/4417))_, but with v0.23+ changes we can implement the extra checks without littering the code too much, with very little impact on the performance and at the same time ensuring better out of the box security _(especially for the cases where users operate with sensitive fields like "code", "token", "secret", etc.)_.
Similar to the previous release, probably for most users with already configured API rules this change won't be breaking, but if you have an _intermediate/junction collection_ that is "locked" (superusers-only) we no longer will allow the client-side relation filter to pass through it and you'll have to set its List/Search API rule to enable the current user to search in it.
For example, if you have a client-side filter that targets `rel1.rel2.token`, the client must have not only List/Search API rule access to the main collection BUT also to the collections referenced by "rel1" and "rel2" relation fields.
Note that this change is only for the **client-side** `filter`/`sort` and doesn't affect the execution of superuser requests, API rules and `expand` - they continue to work the same as it is.
An optional environment variable to toggle this behavior was considered but for now I think having 2 ways of resolving client-side filters would introduce maintenance burden and can even cause confusion (this change should actually make things more intuitive and clear because we can simply say something like _"you can search by a collection X field only if you have List/Search API rule access to it"_ no matter whether the targeted collection is the request's main collection, the first or last relation from the filter chain, etc.).
If you stumble on an error or extreme query performance degradation as a result of the extra checks, please open a Q&A discussion with the failing request and export of your collections configuration as JSON (_Settings > Export collections_) and I'll try to investigate it.
- Increased the default SQLite `PRAGMA cache_size` to ~32MB.
- Fixed deadlock when manually triggering the `OnTerminate` hook ([#7305](https://github.com/pocketbase/pocketbase/pull/7305); thanks @yerTools).
- Fixed some code comment typos, regenerated the JSVM types and updated npm dependencies.
- Updated `modernc.org/sqlite` to 1.40.0.
## v0.31.0
- Visualize presentable multiple `relation` fields ([#7260](https://github.com/pocketbase/pocketbase/issues/7260)).
- Support Ed25519 in the optional OIDC `id_token` signature validation ([#7252](https://github.com/pocketbase/pocketbase/issues/7252); thanks @shynome).
- Added `ApiScenario.DisableTestAppCleanup` optional field to skip the auto test app cleanup and leave it up to the developers to do the cleanup manually ([#7267](https://github.com/pocketbase/pocketbase/discussions/7267)).
- Added `FileDownloadRequestEvent.ThumbError` field that is populated in case of a thumb generation failure (e.g. unsupported format, timing out, etc.), allowing developers to reject the thumb fallback and/or supply their own custom thumb generation ([#7268](https://github.com/pocketbase/pocketbase/discussions/7268)).
- ⚠️ Disallow client-side filtering and sorting of relations where the collection of the last targeted relation field has superusers-only List/Search API rule to further minimize the risk of eventual side-channel attack.
_This should be a non-breaking change for most users, but if you want the old behavior, please open a new Q&A discussion with details about your use case to evaluate making it configurable._
_Note also that as mentioned in the "Security and performance" section of [#4417](https://github.com/pocketbase/pocketbase/discussions/4417) and [#5863](https://github.com/pocketbase/pocketbase/discussions/5863), the easiest and recommended solution to protect security sensitive fields (tokens, codes, passwords, etc.) is to mark them as "Hidden" (aka. make them non-API filterable)._
- Regenerated JSVM types and updated npm and Go deps.
## v0.30.4
- Fixed `json` field CSS regression introduced with the overflow workaround in v0.30.3 ([#7259](https://github.com/pocketbase/pocketbase/issues/7259)).
## v0.30.3
- Fixed legacy identitity field priority check when a username is a valid email address ([#7256](https://github.com/pocketbase/pocketbase/issues/7256)).
- Workaround autocomplete overflow issue with Firefox 144 ([#7223](https://github.com/pocketbase/pocketbase/issues/7223)).
- Updated `modernc.org/sqlite` to 1.39.1 (SQLite 3.50.4).
## v0.30.2
- Bumped min Go GitHub action version to 1.24.8 since it comes with some [minor security fixes](https://github.com/golang/go/issues?q=milestone%3AGo1.24.8+label%3ACherryPickApproved).
## v0.30.1
- ⚠️ Excluded the `lost+found` directory from the backups ([#7208](https://github.com/pocketbase/pocketbase/pull/7208); thanks @lbndev).
_If for some reason you want to keep it, you can restore it by editing the `e.Exclude` list of the `OnBackupCreate` and `OnBackupRestore` hooks._
- Minor tests improvements (disabled initial superuser creation for the test app to avoid cluttering the std output, added more tests for the `s3.Uploader.MaxConcurrency`, etc.).
- Updated `modernc.org/sqlite` and other Go dependencies.
## v0.30.0
- Eagerly escape the S3 request path following the same rules as in the S3 signing header ([#7153](https://github.com/pocketbase/pocketbase/issues/7153)).
- Added Lark OAuth2 provider ([#7130](https://github.com/pocketbase/pocketbase/pull/7130); thanks @mashizora).
- Increased test tokens `exp` claim to minimize eventual issues with reproducible builds ([#7123](https://github.com/pocketbase/pocketbase/issues/7123)).
- Added `os.Root` bindings to the JSVM ([`$os.openRoot`](https://pocketbase.io/jsvm/functions/_os.openRoot.html), [`$os.openInRoot`](https://pocketbase.io/jsvm/functions/_os.openInRoot.html)).
- Added `osutils.IsProbablyGoRun()` helper to loosely check if the program was started using `go run`.
- Various minor UI improvements (updated collections indexes UI, enabled seconds in the datepicker, updated helper texts, etc.).
- ⚠️ Updated the minimum package Go version to 1.24.0 and bumped Go dependencies.
## v0.29.3
- Try to forward Apple OAuth2 POST redirect user's name so that it can be returned (and eventually assigned) with the success response of the all-in-one auth call ([#7090](https://github.com/pocketbase/pocketbase/issues/7090)).
- Fixed `RateLimitRule.Audience` code comment ([#7098](https://github.com/pocketbase/pocketbase/pull/7098); thanks @iustin05).
- Mocked `syscall.Exec` when building for WASM ([#7116](https://github.com/pocketbase/pocketbase/pull/7116); thanks @joas8211).
_Note that WASM is not officially supported PocketBase build target and many things may not work as expected._
- Registered missing `$filesystem`, `$mails`, `$template` and `__hooks` bindings in the JSVM migrations ([#7125](https://github.com/pocketbase/pocketbase/issues/7125)).
- Regenerated JSVM types to include methods from structs with single generic parameter.
- Updated Go dependencies.
## v0.29.2
- Bumped min Go GitHub action version to 1.23.12 since it comes with some [minor fixes for the runtime and `database/sql` package](https://github.com/golang/go/issues?q=milestone%3AGo1.23.12+label%3ACherryPickApproved).
## v0.29.1
- Updated the X/Twitter provider to return the `confirmed_email` field and to use the `x.com` domain ([#7035](https://github.com/pocketbase/pocketbase/issues/7035)).
- Added Box.com OAuth2 provider ([#7056](https://github.com/pocketbase/pocketbase/pull/7056); thanks @blakepatteson).
- Updated `modernc.org/sqlite` to 1.38.2 (SQLite 3.50.3).
- Fixed example List API response ([#7049](https://github.com/pocketbase/pocketbase/pull/7049); thanks @williamtguerra).
## v0.29.0
- Enabled calling the `/auth-refresh` endpoint with nonrenewable tokens.
_When used with nonrenewable tokens (e.g. impersonate) the endpoint will simply return the same token with the up-to-date user data associated with it._
- Added the triggered rate rimit rule in the error log `details`.
- Added optional `ServeEvent.Listener` field to initialize a custom network listener (e.g. `unix`) instead of the default `tcp` ([#3233](https://github.com/pocketbase/pocketbase/discussions/3233)).
- Fixed request data unmarshalization for the `DynamicModel` array/object fields ([#7022](https://github.com/pocketbase/pocketbase/discussions/7022)).
- Fixed Dashboard page title `-` escaping ([#6982](https://github.com/pocketbase/pocketbase/issues/6982)).
- Other minor improvements (updated first superuser console text when running with `go run`, clarified trusted IP proxy header label, wrapped the backup restore in a transaction as an extra precaution, updated deps, etc.).
## v0.28.4
- Added global JSVM `toBytes()` helper to return the bytes slice representation of a value such as io.Reader or string, _other types are first serialized to Go string_ ([#6935](https://github.com/pocketbase/pocketbase/issues/6935)).
- Fixed `security.RandomStringByRegex` random distribution ([#6947](https://github.com/pocketbase/pocketbase/pull/6947); thanks @yerTools).
- Minor docs and typos fixes.
## v0.28.3
- Skip sending empty `Range` header when fetching blobs from S3 ([#6914](https://github.com/pocketbase/pocketbase/pull/6914)).
- Updated Go deps and particularly `modernc.org/sqlite` to 1.38.0 (SQLite 3.50.1).
- Bumped GitHub action min Go version to 1.23.10 as it comes with some [minor security `net/http` fixes](https://github.com/golang/go/issues?q=milestone%3AGo1.23.10+label%3ACherryPickApproved).
## v0.28.2
- Loaded latin-ext charset for the default text fonts ([#6869](https://github.com/pocketbase/pocketbase/issues/6869)).
- Updated view query CAST regex to properly recognize multiline expressions ([#6860](https://github.com/pocketbase/pocketbase/pull/6860); thanks @azat-ismagilov).
- Updated Go and npm dependencies.
## v0.28.1
- Fixed `json_each`/`json_array_length` normalizations to properly check for array values ([#6835](https://github.com/pocketbase/pocketbase/issues/6835)).
## v0.28.0
- Write the default response body of `*Request` hooks that are wrapped in a transaction after the related transaction completes to allow propagating the transaction error ([#6462](https://github.com/pocketbase/pocketbase/discussions/6462#discussioncomment-12207818)).
- Updated `app.DB()` to automatically routes raw write SQL statements to the nonconcurrent db pool ([#6689](https://github.com/pocketbase/pocketbase/discussions/6689)).
_For the rare cases when it is needed users still have the option to explicitly target the specific pool they want using `app.ConcurrentDB()`/`app.NonconcurrentDB()`._
- ⚠️ Changed the default `json` field max size to 1MB.
_Users still have the option to adjust the default limit from the collection field options but keep in mind that storing large strings/blobs in the database is known to cause performance issues and should be avoided when possible._
- ⚠️ Soft-deprecated and replaced `filesystem.System.GetFile(fileKey)` with `filesystem.System.GetReader(fileKey)` to avoid the confusion with `filesystem.File`.
_The old method will still continue to work for at least until v0.29.0 but you'll get a console warning to replace it with `GetReader`._
- Added new `filesystem.System.GetReuploadableFile(fileKey, preserveName)` method to return an existing blob as a `*filesystem.File` value ([#6792](https://github.com/pocketbase/pocketbase/discussions/6792)).
_This method could be useful in case you want to clone an existing Record file and assign it to a new Record (e.g. in a Record duplicate action)._
- Other minor improvements (updated the GitHub release min Go version to 1.23.9, updated npm and Go deps, etc.)
## v0.27.2
- Added workers pool when cascade deleting record files to minimize _"thread exhaustion"_ errors ([#6780](https://github.com/pocketbase/pocketbase/discussions/6780)).
- Updated the `:excerpt` fields modifier to properly account for multibyte characters ([#6778](https://github.com/pocketbase/pocketbase/issues/6778)).
- Use `rowid` as count column for non-view collections to minimize the need of having the id field in a covering index ([#6739](https://github.com/pocketbase/pocketbase/discussions/6739))
## v0.27.1
- Updated example `geoPoint` API preview body data.
- Added JSVM `new GeoPointField({ ... })` constructor.
- Added _partial_ WebP thumbs generation (_the thumbs will be stored as PNG_; [#6744](https://github.com/pocketbase/pocketbase/pull/6744)).
- Updated npm dev dependencies.
## v0.27.0
- ⚠️ Moved the Create and Manage API rule checks out of the `OnRecordCreateRequest` hook finalizer, **aka. now all CRUD API rules are checked BEFORE triggering their corresponding `*Request` hook**.
This was done to minimize the confusion regarding the firing order of the request operations, making it more predictable and consistent with the other record List/View/Update/Delete request actions.
It could be a minor breaking change if you are relying on the old behavior and have a Go `tests.ApiScenario` that is testing a Create API rule failure and expect `OnRecordCreateRequest` to be fired. In that case for example you may have to update your test scenario like:
```go
tests.ApiScenario{
Name: "Example test that checks a Create API rule failure"
Method: http.MethodPost,
URL: "/api/collections/example/records",
...
// old:
ExpectedEvents: map[string]int{
"*": 0,
"OnRecordCreateRequest": 1,
},
// new:
ExpectedEvents: map[string]int{"*": 0},
}
```
If you are having difficulties adjusting your code, feel free to open a [Q&A discussion](https://github.com/pocketbase/pocketbase/discussions) with the failing/problematic code sample.
- Added [new `geoPoint` field](https://pocketbase.io/docs/collections/#geopoint) for storing `{"lon":x,"lat":y}` geographic coordinates.
In addition, a new [`geoDistance(lonA, lotA, lonB, lotB)` function](https://pocketbase.io/docs/api-rules-and-filters/#geodistancelona-lata-lonb-latb) was also implemented that could be used to apply an API rule or filter constraint based on the distance (in km) between 2 geo points.
- Updated the `select` field UI to accommodate better larger lists and RTL languages ([#4674](https://github.com/pocketbase/pocketbase/issues/4674)).
- Updated the mail attachments auto MIME type detection to use `gabriel-vasile/mimetype` for consistency and broader sniffing signatures support.
- Forced `text/javascript` Content-Type when serving `.js`/`.mjs` collection uploaded files with the `/api/files/...` endpoint ([#6597](https://github.com/pocketbase/pocketbase/issues/6597)).
- Added second optional JSVM `DateTime` constructor argument for specifying a default timezone as TZ identifier when parsing the date string as alternative to a fixed offset in order to better handle daylight saving time nuances ([#6688](https://github.com/pocketbase/pocketbase/discussions/6688)):
```js
// the same as with CET offset: new DateTime("2025-10-26 03:00:00 +01:00")
new DateTime("2025-10-26 03:00:00", "Europe/Amsterdam") // 2025-10-26 02:00:00.000Z
// the same as with CEST offset: new DateTime("2025-10-26 01:00:00 +02:00")
new DateTime("2025-10-26 01:00:00", "Europe/Amsterdam") // 2025-10-25 23:00:00.000Z
```
- Soft-deprecated the `$http.send`'s `result.raw` field in favor of `result.body` that contains the response body as plain bytes slice to avoid the discrepancies between Go and the JSVM when casting binary data to string.
- Updated `modernc.org/sqlite` to 1.37.0.
- Other minor improvements (_removed the superuser fields from the auth record create/update body examples, allowed programmatically updating the auth record password from the create/update hooks, fixed collections import error response, etc._).
## v0.26.6
- Allow OIDC `email_verified` to be int or boolean string since some OIDC providers like AWS Cognito has non-standard userinfo response ([#6657](https://github.com/pocketbase/pocketbase/pull/6657)).
- Updated `modernc.org/sqlite` to 1.36.3.
## v0.26.5
- Fixed canonical URI parts escaping when generating the S3 request signature ([#6654](https://github.com/pocketbase/pocketbase/issues/6654)).
## v0.26.4
- Fixed `RecordErrorEvent.Error` and `CollectionErrorEvent.Error` sync with `ModelErrorEvent.Error` ([#6639](https://github.com/pocketbase/pocketbase/issues/6639)).
- Fixed logs details copy to clipboard action.
- Updated `modernc.org/sqlite` to 1.36.2.
## v0.26.3
- Fixed and normalized logs error serialization across common types for more consistent logs error output ([#6631](https://github.com/pocketbase/pocketbase/issues/6631)).
## v0.26.2
- Updated `golang-jwt/jwt` dependency because it comes with a [minor security fix](https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp).
## v0.26.1
- Removed the wrapping of `io.EOF` error when reading files since currently `io.ReadAll` doesn't check for wrapped errors ([#6600](https://github.com/pocketbase/pocketbase/issues/6600)).
## v0.26.0
- ⚠️ Replaced `aws-sdk-go-v2` and `gocloud.dev/blob` with custom lighter implementation ([#6562](https://github.com/pocketbase/pocketbase/discussions/6562)).
As a side-effect of the dependency removal, the binary size has been reduced with ~10MB and builds ~30% faster.
_Although the change is expected to be backward-compatible, I'd recommend to test first locally the new version with your S3 provider (if you use S3 for files storage and backups)._
- ⚠️ Prioritized the user submitted non-empty `createData.email` (_it will be unverified_) when creating the PocketBase user during the first OAuth2 auth.
- Load the request info context during password/OAuth2/OTP authentication ([#6402](https://github.com/pocketbase/pocketbase/issues/6402)).
This could be useful in case you want to target the auth method as part of the MFA and Auth API rules.
For example, to disable MFA for the OAuth2 auth could be expressed as `@request.context != "oauth2"` MFA rule.
- Added `store.Store.SetFunc(key, func(old T) new T)` to set/update a store value with the return result of the callback in a concurrent safe manner.
- Added `subscription.Message.WriteSSE(w, id)` for writing an SSE formatted message into the provided writer interface (_used mostly to assist with the unit testing_).
- Added `$os.stat(file)` JSVM helper ([#6407](https://github.com/pocketbase/pocketbase/discussions/6407)).
- Added log warning for `async` marked JSVM handlers and resolve when possible the returned `Promise` as fallback ([#6476](https://github.com/pocketbase/pocketbase/issues/6476)).
- Allowed calling `cronAdd`, `cronRemove` from inside other JSVM handlers ([#6481](https://github.com/pocketbase/pocketbase/discussions/6481)).
- Bumped the default request read and write timeouts to 5mins (_old 3mins_) to accommodate slower internet connections and larger file uploads/downloads.
_If you want to change them you can modify the `OnServe` hook's `ServeEvent.ReadTimeout/WriteTimeout` fields as shown in [#6550](https://github.com/pocketbase/pocketbase/discussions/6550#discussioncomment-12364515)._
- Normalized the `@request.auth.*` and `@request.body.*` back relations resolver to always return `null` when the relation field is pointing to a different collection ([#6590](https://github.com/pocketbase/pocketbase/discussions/6590#discussioncomment-12496581)).
- Other minor improvements (_fixed query dev log nested parameters output, reintroduced `DynamicModel` object/array props reflect types caching, updated Go and npm deps, etc._)
## v0.25.9
- Fixed `DynamicModel` object/array props reflect type caching ([#6563](https://github.com/pocketbase/pocketbase/discussions/6563)).
## v0.25.8
- Added a default leeway of 5 minutes for the Apple/OIDC `id_token` timestamp claims check to account for clock-skew ([#6529](https://github.com/pocketbase/pocketbase/issues/6529)).
It can be further customized if needed with the `PB_ID_TOKEN_LEEWAY` env variable (_the value must be in seconds, e.g. "PB_ID_TOKEN_LEEWAY=60" for 1 minute_).
## v0.25.7
- Fixed `@request.body.jsonObjOrArr.*` values extraction ([#6493](https://github.com/pocketbase/pocketbase/discussions/6493)).
## v0.25.6
- Restore the missing `meta.isNew` field of the OAuth2 success response ([#6490](https://github.com/pocketbase/pocketbase/issues/6490)).
- Updated npm dependencies.
## v0.25.5
- Set the current working directory as a default goja script path when executing inline JS strings to allow `require(m)` traversing parent `node_modules` directories.
- Updated `modernc.org/sqlite` and `modernc.org/libc` dependencies.
## v0.25.4
- Downgraded `aws-sdk-go-v2` to the version before the default data integrity checks because there have been reports for non-AWS S3 providers in addition to Backblaze (IDrive, R2) that no longer or partially work with the latest AWS SDK changes.
While we try to enforce `when_required` by default, it is not enough to disable the new AWS SDK integrity checks entirely and some providers will require additional manual adjustments to make them compatible with the latest AWS SDK (e.g. removing the `x-aws-checksum-*` headers, unsetting the checksums calculation or reinstantiating the old MD5 checksums for some of the required operations, etc.) which as a result leads to a configuration mess that I'm not sure it would be a good idea to introduce.
This unfornuatelly is not a PocketBase or Go specific issue and the official AWS SDKs for other languages are in the same situation (even the latest aws-cli).
For those of you that extend PocketBase with Go: if your S3 vendor doesn't support the [AWS Data integrity checks](https://docs.aws.amazon.com/sdkref/latest/guide/feature-dataintegrity.html) and you are updating with `go get -u`, then make sure that the `aws-sdk-go-v2` dependencies in your `go.mod` are the same as in the repo:
```
// go.mod
github.com/aws/aws-sdk-go-v2 v1.36.1
github.com/aws/aws-sdk-go-v2/config v1.28.10
github.com/aws/aws-sdk-go-v2/credentials v1.17.51
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.48
github.com/aws/aws-sdk-go-v2/service/s3 v1.72.2
// after that run
go clean -modcache && go mod tidy
```
_The versions pinning is temporary until the non-AWS S3 vendors patch their implementation or until I manage to find time to remove/replace the `aws-sdk-go-v2` dependency (I'll consider prioritizing it for the v0.26 or v0.27 release)._
## v0.25.3
- Added a temporary exception for Backblaze S3 endpoints to exclude the new `aws-sdk-go-v2` checksum headers ([#6440](https://github.com/pocketbase/pocketbase/discussions/6440)).
## v0.25.2
- Fixed realtime delete event not being fired for `RecordProxy`-ies and added basic realtime record resolve automated tests ([#6433](https://github.com/pocketbase/pocketbase/issues/6433)).
## v0.25.1
- Fixed the batch API Preview success sample response.
- Bumped GitHub action min Go version to 1.23.6 as it comes with a [minor security fix](https://github.com/golang/go/issues?q=milestone%3AGo1.23.6+label%3ACherryPickApproved) for the ppc64le build.
## v0.25.0
- ⚠️ Upgraded Google OAuth2 auth, token and userinfo endpoints to their latest versions.
_For users that don't do anything custom with the Google OAuth2 data or the OAuth2 auth URL, this should be a non-breaking change. The exceptions that I could find are:_
- `/v3/userinfo` auth response changes:
```
meta.rawUser.id => meta.rawUser.sub
meta.rawUser.verified_email => meta.rawUser.email_verified
```
- `/v2/auth` query parameters changes:
If you are specifying custom `approval_prompt=force` query parameter for the OAuth2 auth URL, you'll have to replace it with **`prompt=consent`**.
- Added Trakt OAuth2 provider ([#6338](https://github.com/pocketbase/pocketbase/pull/6338); thanks @aidan-)
- Added support for case-insensitive password auth based on the related UNIQUE index field collation ([#6337](https://github.com/pocketbase/pocketbase/discussions/6337)).
- Enforced `when_required` for the new AWS SDK request and response checksum validations to allow other non-AWS vendors to catch up with new AWS SDK changes (see [#6313](https://github.com/pocketbase/pocketbase/discussions/6313) and [aws/aws-sdk-go-v2#2960](https://github.com/aws/aws-sdk-go-v2/discussions/2960)).
_You can set the environment variables `AWS_REQUEST_CHECKSUM_CALCULATION` and `AWS_RESPONSE_CHECKSUM_VALIDATION` to `when_supported` if your S3 vendor supports the [new default integrity protections](https://docs.aws.amazon.com/sdkref/latest/guide/feature-dataintegrity.html)._
- Soft-deprecated `Record.GetUploadedFiles` in favor of `Record.GetUnsavedFiles` to minimize the ambiguities what the method do ([#6269](https://github.com/pocketbase/pocketbase/discussions/6269)).
- Replaced archived `github.com/AlecAivazis/survey` dependency with a simpler `osutils.YesNoPrompt(message, fallback)` helper.
- Upgraded to `golang-jwt/jwt/v5`.
- Added JSVM `new Timezone(name)` binding for constructing `time.Location` value ([#6219](https://github.com/pocketbase/pocketbase/discussions/6219)).
- Added `inflector.Camelize(str)` and `inflector.Singularize(str)` helper methods.
- Use the non-transactional app instance during the realtime records delete access checks to ensure that cascade deleted records with API rules relying on the parent will be resolved.
- Other minor improvements (_replaced all `bool` exists db scans with `int` for broader drivers compatibility, updated API Preview sample error responses, updated UI dependencies, etc._)
## v0.24.4
- Fixed fields extraction for view query with nested comments ([#6309](https://github.com/pocketbase/pocketbase/discussions/6309)).
- Bumped GitHub action min Go version to 1.23.5 as it comes with some [minor security fixes](https://github.com/golang/go/issues?q=milestone%3AGo1.23.5).
## v0.24.3
- Fixed incorrectly reported unique validator error for fields starting with name of another field ([#6281](https://github.com/pocketbase/pocketbase/pull/6281); thanks @svobol13).
- Reload the created/edited records data in the RecordsPicker UI.
- Updated Go dependencies.
## v0.24.2
- Fixed display fields extraction when there are multiple "Presentable" `relation` fields in a single related collection ([#6229](https://github.com/pocketbase/pocketbase/issues/6229)).
## v0.24.1
- Added missing time macros in the UI autocomplete.
- Fixed JSVM types for structs and functions with multiple generic parameters.
## v0.24.0
- ⚠️ Removed the "dry submit" when executing the collections Create API rule
(you can find more details why this change was introduced and how it could affect your app in https://github.com/pocketbase/pocketbase/discussions/6073).
For most users it should be non-breaking change, BUT if you have Create API rules that uses self-references or view counters you may have to adjust them manually.
With this change the "multi-match" operators are also normalized in case the targeted collection doesn't have any records
(_or in other words, `@collection.example.someField != "test"` will result to `true` if `example` collection has no records because it satisfies the condition that all available "example" records mustn't have `someField` equal to "test"_).
As a side-effect of all of the above minor changes, the record create API performance has been also improved ~4x times in high concurrent scenarios (500 concurrent clients inserting total of 50k records - [old (58.409064001s)](https://github.com/pocketbase/benchmarks/blob/54140be5fb0102f90034e1370c7f168fbcf0ddf0/results/hetzner_cax41_cgo.md#creating-50000-posts100k-reqs50000-conc500-rulerequestauthid----requestdatapublicisset--true) vs [new (13.580098262s)](https://github.com/pocketbase/benchmarks/blob/7df0466ac9bd62fe0a1056270d20ef82012f0234/results/hetzner_cax41_cgo.md#creating-50000-posts100k-reqs50000-conc500-rulerequestauthid----requestbodypublicisset--true)).
- ⚠️ Changed the type definition of `store.Store[T any]` to `store.Store[K comparable, T any]` to allow support for custom store key types.
For most users it should be non-breaking change, BUT if you are calling `store.New[any](nil)` instances you'll have to specify the store key type, aka. `store.New[string, any](nil)`.
- Added `@yesterday` and `@tomorrow` datetime filter macros.
- Added `:lower` filter modifier (e.g. `title:lower = "lorem"`).
- Added `mailer.Message.InlineAttachments` field for attaching inline files to an email (_aka. `cid` links_).
- Added cache for the JSVM `arrayOf(m)`, `DynamicModel`, etc. dynamic `reflect` created types.
- Added auth collection select for the settings "Send test email" popup ([#6166](https://github.com/pocketbase/pocketbase/issues/6166)).
- Added `record.SetRandomPassword()` to simplify random password generation usually used in the OAuth2 or OTP record creation flows.
_The generated ~30 chars random password is assigned directly as bcrypt hash and ignores the `password` field plain value validators like min/max length or regex pattern._
- Added option to list and trigger the registered app level cron jobs via the Web API and UI.
- Added extra validators for the collection field `int64` options (e.g. `FileField.MaxSize`) restricting them to the max safe JSON number (2^53-1).
- Added option to unset/overwrite the default PocketBase superuser installer using `ServeEvent.InstallerFunc`.
- Added `app.FindCachedCollectionReferences(collection, excludeIds)` to speedup records cascade delete almost twice for projects with many collections.
- Added `tests.NewTestAppWithConfig(config)` helper if you need more control over the test configurations like `IsDev`, the number of allowed connections, etc.
- Invalidate all record tokens when the auth record email is changed programmatically or by a superuser ([#5964](https://github.com/pocketbase/pocketbase/issues/5964)).
- Eagerly interrupt waiting for the email alert send in case it takes longer than 15s.
- Normalized the hidden fields filter checks and allow targetting hidden fields in the List API rule.
- Fixed "Unique identify fields" input not refreshing on unique indexes change ([#6184](https://github.com/pocketbase/pocketbase/issues/6184)).
## v0.23.12
- Added warning logs in case of mismatched `modernc.org/sqlite` and `modernc.org/libc` versions ([#6136](https://github.com/pocketbase/pocketbase/issues/6136#issuecomment-2556336962)).
- Skipped the default body size limit middleware for the backup upload endpoint ([#6152](https://github.com/pocketbase/pocketbase/issues/6152)).
## v0.23.11
- Upgraded `golang.org/x/net` to 0.33.0 to fix [CVE-2024-45338](https://www.cve.org/CVERecord?id=CVE-2024-45338).
_PocketBase uses the vulnerable functions primarily for the auto html->text mail generation, but most applications shouldn't be affected unless you are manually embedding unrestricted user provided value in your mail templates._
## v0.23.10
- Renew the superuser file token cache when clicking on the thumb preview or download link ([#6137](https://github.com/pocketbase/pocketbase/discussions/6137)).
- Upgraded `modernc.org/sqlite` to 1.34.3 to fix "disk io" error on arm64 systems.
_If you are extending PocketBase with Go and upgrading with `go get -u` make sure to manually set in your go.mod the `modernc.org/libc` indirect dependency to v1.55.3, aka. the exact same version the driver is using._
## v0.23.9
- Replaced `strconv.Itoa` with `strconv.FormatInt` to avoid the int64->int conversion overflow on 32-bit platforms ([#6132](https://github.com/pocketbase/pocketbase/discussions/6132)).
## v0.23.8
- Fixed Model->Record and Model->Collection hook events sync for nested and/or inner-hook transactions ([#6122](https://github.com/pocketbase/pocketbase/discussions/6122)).
- Other minor improvements (updated Go and npm deps, added extra escaping for the default mail record params in case the emails are stored as html files, fixed code comment typos, etc.).
## v0.23.7
- Fixed JSVM exception -> Go error unwrapping when throwing errors from non-request hooks ([#6102](https://github.com/pocketbase/pocketbase/discussions/6102)).
## v0.23.6
- Fixed `$filesystem.fileFromURL` documentation and generated type ([#6058](https://github.com/pocketbase/pocketbase/issues/6058)).
- Fixed `X-Forwarded-For` header typo in the suggested UI "Common trusted proxy" headers ([#6063](https://github.com/pocketbase/pocketbase/pull/6063)).
- Updated the `text` field max length validator error message to make it more clear ([#6066](https://github.com/pocketbase/pocketbase/issues/6066)).
- Other minor fixes (updated Go deps, skipped unnecessary validator check when the default primary key pattern is used, updated JSVM types, etc.).
## v0.23.5
- Fixed UI logs search not properly accounting for the "Include requests by superusers" toggle when multiple search expressions are used.
- Fixed `text` field max validation error message ([#6053](https://github.com/pocketbase/pocketbase/issues/6053)).
- Other minor fixes (comment typos, JSVM types update).
- Updated Go deps and the min Go release GitHub action version to 1.23.4.
## v0.23.4
- Fixed `autodate` fields not refreshing when calling `Save` multiple times on the same `Record` instance ([#6000](https://github.com/pocketbase/pocketbase/issues/6000)).
- Added more descriptive test OTP id and failure log message ([#5982](https://github.com/pocketbase/pocketbase/discussions/5982)).
- Moved the default UI CSP from meta tag to response header ([#5995](https://github.com/pocketbase/pocketbase/discussions/5995)).
- Updated Go and npm dependencies.
## v0.23.3
- Fixed Gzip middleware not applying when serving static files.
- Fixed `Record.Fresh()`/`Record.Clone()` methods not properly cloning `autodate` fields ([#5973](https://github.com/pocketbase/pocketbase/discussions/5973)).
## v0.23.2
- Fixed `RecordQuery()` custom struct scanning ([#5958](https://github.com/pocketbase/pocketbase/discussions/5958)).
- Fixed `--dev` log query print formatting.
- Added support for passing more than one id in the `Hook.Unbind` method for consistency with the router.
- Added collection rules change list in the confirmation popup
(_to avoid getting anoying during development, the rules confirmation currently is enabled only when using https_).
## v0.23.1
- Added `RequestEvent.Blob(status, contentType, bytes)` response write helper ([#5940](https://github.com/pocketbase/pocketbase/discussions/5940)).
- Added more descriptive error messages.
## v0.23.0
> [!NOTE]
> You don't have to upgrade to PocketBase v0.23.0 if you are not planning further developing
> your existing app and/or are satisfied with the v0.22.x features set. There are no identified critical issues
> with PocketBase v0.22.x yet and in the case of critical bugs and security vulnerabilities, the fixes
> will be backported for at least until Q1 of 2025 (_if not longer_).
>
> **If you don't plan upgrading make sure to pin the SDKs version to their latest PocketBase v0.22.x compatible:**
> - JS SDK: `<0.22.0`
> - Dart SDK: `<0.19.0`
> [!CAUTION]
> This release introduces many Go/JSVM and Web APIs breaking changes!
>
> Existing `pb_data` will be automatically upgraded with the start of the new executable,
> but custom Go or JSVM (`pb_hooks`, `pb_migrations`) and JS/Dart SDK code will have to be migrated manually.
> Please refer to the below upgrade guides:
> - Go: https://pocketbase.io/v023upgrade/go/.
> - JSVM: https://pocketbase.io/v023upgrade/jsvm/.
>
> If you had already switched to some of the earlier `<v0.23.0-rc14` versions and have generated a full collections snapshot migration (aka. `./pocketbase migrate collections`), then you may have to regenerate the migration file to ensure that it includes the latest changes.
PocketBase v0.23.0 is a major refactor of the internals with the overall goal of making PocketBase an easier to use Go framework.
There are a lot of changes but to highlight some of the most notable ones:
- New and more [detailed documentation](https://pocketbase.io/docs/).
_The old documentation could be accessed at [pocketbase.io/old](https://pocketbase.io/old/)._
- Replaced `echo` with a new router built on top of the Go 1.22 `net/http` mux enhancements.
- Merged `daos` packages in `core.App` to simplify the DB operations (_the `models` package structs are also migrated in `core`_).
- Option to specify custom `DBConnect` function as part of the app configuration to allow different `database/sql` SQLite drivers (_turso/libsql, sqlcipher, etc._) and custom builds.
_Note that we no longer loads the `mattn/go-sqlite3` driver by default when building with `CGO_ENABLED=1` to avoid `multiple definition` linker errors in case different CGO SQLite drivers or builds are used. You can find an example how to enable it back if you want to in the [new documentation](https://pocketbase.io/docs/go-overview/#github-commattngo-sqlite3)._
- New hooks allowing better control over the execution chain and error handling (_including wrapping an entire hook chain in a single DB transaction_).
- Various `Record` model improvements (_support for get/set modifiers, simplfied file upload by treating the file(s) as regular field value like `record.Set("document", file)`, etc._).
- Dedicated fields structs with safer defaults to make it easier creating/updating collections programmatically.
- Option to mark field as "Hidden", disallowing regular users to read or modify it (_there is also a dedicated Record hook to hide/unhide Record fields programmatically from a single place_).
- Option to customize the default system collection fields (`id`, `email`, `password`, etc.).
- Admins are now system `_superusers` auth records.
- Builtin rate limiter (_supports tags, wildcards and exact routes matching_).
- Batch/transactional Web API endpoint.
- Impersonate Web API endpoint (_it could be also used for generating fixed/nonrenewable superuser tokens, aka. "API keys"_).
- Support for custom user request activity log attributes.
- One-Time Password (OTP) auth method (_via email code_).
- Multi-Factor Authentication (MFA) support (_currently requires any 2 different auth methods to be used_).
- Support for Record "proxy/projection" in preparation for the planned autogeneration of typed Go record models.
- Linear OAuth2 provider ([#5909](https://github.com/pocketbase/pocketbase/pull/5909); thanks @chnfyi).
- WakaTime OAuth2 provider ([#5829](https://github.com/pocketbase/pocketbase/pull/5829); thanks @tigawanna).
- Notion OAuth2 provider ([#4999](https://github.com/pocketbase/pocketbase/pull/4999); thanks @s-li1).
- monday.com OAuth2 provider ([#5346](https://github.com/pocketbase/pocketbase/pull/5346); thanks @Jaytpa01).
- New Instagram provider compatible with the new Instagram Login APIs ([#5588](https://github.com/pocketbase/pocketbase/pull/5588); thanks @pnmcosta).
_The provider key is `instagram2` to prevent conflicts with existing linked users._
- Option to retrieve the OIDC OAuth2 user info from the `id_token` payload for the cases when the provider doesn't have a dedicated user info endpoint.
- Various minor UI improvements (_recursive `Presentable` view, slightly different collection options organization, zoom/pan for the logs chart, etc._)
- and many more...
#### Go/JSVM APIs changes
> - Go: https://pocketbase.io/v023upgrade/go/.
> - JSVM: https://pocketbase.io/v023upgrade/jsvm/.
#### SDKs changes
- [JS SDK v0.22.0](https://github.com/pocketbase/js-sdk/blob/master/CHANGELOG.md)
- [Dart SDK v0.19.0](https://github.com/pocketbase/dart-sdk/blob/master/CHANGELOG.md)
#### Web APIs changes
- New `POST /api/batch` endpoint.
- New `GET /api/collections/meta/scaffolds` endpoint.
- New `DELETE /api/collections/{collection}/truncate` endpoint.
- New `POST /api/collections/{collection}/request-otp` endpoint.
- New `POST /api/collections/{collection}/auth-with-otp` endpoint.
- New `POST /api/collections/{collection}/impersonate/{id}` endpoint.
- ⚠️ If you are constructing requests to `/api/*` routes manually remove the trailing slash (_there is no longer trailing slash removal middleware registered by default_).
- ⚠️ Removed `/api/admins/*` endpoints because admins are converted to `_superusers` auth collection records.
- ⚠️ Previously when uploading new files to a multiple `file` field, new files were automatically appended to the existing field values.
This behaviour has changed with v0.23+ and for consistency with the other multi-valued fields when uploading new files they will replace the old ones. If you want to prepend or append new files to an existing multiple `file` field value you can use the `+` prefix or suffix:
```js
"documents": [file1, file2] // => [file1_name, file2_name]
"+documents": [file1, file2] // => [file1_name, file2_name, old1_name, old2_name]
"documents+": [file1, file2] // => [old1_name, old2_name, file1_name, file2_name]
```
- ⚠️ Removed `GET /records/{id}/external-auths` and `DELETE /records/{id}/external-auths/{provider}` endpoints because this is now handled by sending list and delete requests to the `_externalAuths` collection.
- ⚠️ Changes to the app settings model fields and response (+new options such as `trustedProxy`, `rateLimits`, `batch`, etc.). The app settings Web APIs are mostly used by the Dashboard UI and rarely by the end users, but if you want to check all settings changes please refer to the [Settings Go struct](https://github.com/pocketbase/pocketbase/blob/develop/core/settings_model.go#L121).
- ⚠️ New flatten Collection model and fields structure. The Collection model Web APIs are mostly used by the Dashboard UI and rarely by the end users, but if you want to check all changes please refer to the [Collection Go struct](https://github.com/pocketbase/pocketbase/blob/develop/core/collection_model.go#L308).
- ⚠️ The top level error response `code` key was renamed to `status` for consistency with the Go APIs.
The error field key remains `code`:
```js
{
"status": 400, // <-- old: "code"
"message": "Failed to create record.",
"data": {
"title": {
"code": "validation_required",
"message": "Missing required value."
}
}
}
```
- ⚠️ New fields in the `GET /api/collections/{collection}/auth-methods` response.
_The old `authProviders`, `usernamePassword`, `emailPassword` fields are still returned in the response but are considered deprecated and will be removed in the future._
```js
{
"mfa": {
"duration": 100,
"enabled": true
},
"otp": {
"duration": 0,
"enabled": false
},
"password": {
"enabled": true,
"identityFields": ["email", "username"]
},
"oauth2": {
"enabled": true,
"providers": [{"name": "gitlab", ...}, {"name": "google", ...}]
},
// old fields...
}
```
- ⚠️ Soft-deprecated the OAuth2 auth success `meta.avatarUrl` field in favour of `meta.avatarURL`.

128
docs/DEV_NOTES.md
View File

@@ -2,75 +2,37 @@
## File Structure
The codebase is split into **`core/`** (domain logic), **`commands/`** (Discord slash command handlers), and a thin **`bot.py`** that wires everything together.
### Top level
| File | Purpose |
|---|---|
| `bot.py` | Discord client, event handlers (`on_ready`, `on_member_join`, ...), background tasks (presence rotation, daily birthday loop), shared helpers (`_award_exp`, `_maybe_remind`, `_parse_amount`, `_PAUSED`), and `register_*_commands(...)` wiring for every command module |
| `bot.py` | All Discord commands, views (UI components), event handlers, reminder system |
| `economy.py` | All economy logic, data model, constants (SHOP, COOLDOWNS, LEVEL_ROLES, etc.) |
| `pb_client.py` | Async PocketBase REST client - auth token cache, CRUD on `economy_users` collection |
| `strings.py` | **Single source of truth for all user-facing text.** Edit here to change any message. |
| `sheets.py` | Google Sheets integration (member sync) |
| `member_sync.py` | Birthday/member sync background task |
| `config.py` | Environment variables (TOKEN, GUILD_ID, PB_URL, etc.) |
### `core/` - domain logic, no Discord coupling
| File | Purpose |
|---|---|
| `core/economy.py` | All economy business logic (`do_daily`, `do_work`, ...), data model, constants (SHOP, COOLDOWNS, LEVEL_ROLES, EXP_REWARDS, JAIL_DURATION, ...) |
| `core/pb_client.py` | Async PocketBase REST client - auth token cache, CRUD on `economy_users` collection |
| `core/sheets.py` | Google Sheets integration (member sync) |
| `core/member_sync.py` | Birthday/member sync helpers |
### `commands/` - one slash-command group per file
Each file exposes a `register_<group>_commands(tree, bot, ...)` function. `bot.py` calls them all once on startup, passing in shared helpers (`coin`, `cd_ts`, `award_exp`, `maybe_remind`, `parse_amount`, ...).
| File | Commands / Responsibility |
|---|---|
| `commands/dev_member_commands.py` | `/check`, `/member` (dev profile only) |
| `commands/dev_member_runtime.py` | `on_member_join` flow + `birthday_daily` task body |
| `commands/economy_income_commands.py` | `/daily`, `/work`, `/beg`, `/crime`, `/rob` |
| `commands/economy_games_commands.py` | `/roulette`, `/slots`, `/blackjack`, `/rps` |
| `commands/economy_extra_commands.py` | `/heist`, `/jailbreak`, `/reminders`, `/request`, ... |
| `commands/economy_fish_commands.py` | `/fish`, `/fishbook`, `/fishsell` |
| `commands/economy_profile_commands.py` | `/balance`, `/rank`, `/stats`, `/cooldowns`, `/leaderboard` |
| `commands/economy_support_commands.py` | `/shop`, `/buy`, `/give`, `/economysetup` |
| `commands/economy_prestige_commands.py` | `/prestige`, `/prestigeshop`, `/prestigebuy` |
| `commands/economy_admin_commands.py` | `/admincoins`, `/adminexp`, `/adminitem`, `/adminjail`, `/adminban`, `/adminreset`, `/adminview` |
| `commands/ops_admin_commands.py` | `/sync`, `/restart`, `/shutdown`, `/pause`, `/send`, `/status` |
| `commands/ops_channel_commands.py` | Channel allowlist commands |
| `commands/info_commands.py` | `/patchnotes` and other lightweight info commands |
### `scripts/`
| File | Purpose |
|---|---|
| `scripts/migrate_to_pb.py` | One-time legacy migration: `data/economy.json` → PocketBase. Only relevant if you still have a pre-PB JSON store. |
| `scripts/add_stats_fields.py` | Schema migration: adds new fields to the `economy_users` collection. Idempotent. |
| `scripts/reset_pb_collections.py` | **Destructive** - deletes and recreates the dev + economy collections. Requires `--confirm`. Use only in dev. |
| `scripts/migrate_to_pb.py` | One-time utility: migrate `data/economy.json` → PocketBase |
---
## Adding a New Economy Command
Pick the `commands/economy_*_commands.py` file that matches the new command's category (income, games, profile, ...) and add the handler inside its `register_*_commands` function. If none fit, create a new module and register it from `bot.py`.
Checklist - do all of these, in order:
1. **`core/economy.py`** - add the `do_<cmd>` async function with cooldown check, logic, `_commit`, and `_txn` logging
2. **`core/economy.py`** - add the cooldown to `COOLDOWNS` dict if it has one
3. **`core/economy.py`** - add the EXP reward to `EXP_REWARDS` dict
1. **`economy.py`** - add the `do_<cmd>` async function with cooldown check, logic, `_commit`, and `_txn` logging
2. **`economy.py`** - add the cooldown to `COOLDOWNS` dict if it has one
3. **`economy.py`** - add the EXP reward to `EXP_REWARDS` dict
4. **`strings.py` `CMD`** - add the slash command description
5. **`strings.py` `OPT`** - add any parameter descriptions
6. **`strings.py` `TITLE`** - add embed title(s) for success/fail states
7. **`strings.py` `ERR`** - add any error messages (banned, cooldown uses `CD_MSG`, jailed uses `CD_MSG["jailed"]`)
8. **`strings.py` `CD_MSG`** - add cooldown message if command has a cooldown
9. **`strings.py` `HELP_CATEGORIES["tipibot"]["fields"]`** - add the command to the help embed
10. **`commands/economy_<group>_commands.py`** - inside `register_*_commands`, add `@tree.command(name="<cmd>", ...)` `cmd_<name>`; handle all `res["reason"]` cases
11. **`commands/economy_<group>_commands.py`** - call `maybe_remind(user_id, "<cmd>")` if the command has a cooldown and reminders make sense (the helper is passed in via the `register_*` signature)
12. **`commands/economy_<group>_commands.py`** - call `await award_exp(interaction, economy.EXP_REWARDS["<cmd>"])` on success
10. **`bot.py`** - implement the `cmd_<name>` function, handle all `res["reason"]` cases
11. **`bot.py`** - call `_maybe_remind` if the command has a cooldown and reminders make sense
12. **`bot.py`** - call `_award_exp(interaction, economy.EXP_REWARDS["<cmd>"])` on success
13. **`strings.py` `REMINDER_OPTS`** - add a reminder option if the command needs one
14. **`bot.py` `_maybe_remind`** - if the command has an item-modified cooldown, add an `elif` branch (this helper still lives in `bot.py` and is shared across all command modules)
14. **`bot.py` `_maybe_remind`** - if the command has an item-modified cooldown, add an `elif` branch
---
@@ -78,21 +40,21 @@ Checklist - do all of these, in order:
Checklist:
1. **`core/economy.py` `SHOP`** - add the item dict `{name, emoji, cost, description: strings.ITEM_DESCRIPTIONS["key"]}`
2. **`core/economy.py` `SHOP_TIERS`** - add the key to the correct tier list (1/2/3)
3. **`core/economy.py` `SHOP_LEVEL_REQ`** - add minimum level if it is T2 (≥10) or T3 (≥20)
1. **`economy.py` `SHOP`** - add the item dict `{name, emoji, cost, description: strings.ITEM_DESCRIPTIONS["key"]}`
2. **`economy.py` `SHOP_TIERS`** - add the key to the correct tier list (1/2/3)
3. **`economy.py` `SHOP_LEVEL_REQ`** - add minimum level if it is T2 (≥10) or T3 (≥20)
4. **`strings.py` `ITEM_DESCRIPTIONS`** - add the item description (Estonian flavour + English effect)
5. **`strings.py` `HELP_CATEGORIES["shop"]["fields"]`** - add display entry (sorted by cost)
6. If the item modifies a cooldown:
- **`core/economy.py`** - add the `if "item" in user["items"]` branch in the relevant `do_<cmd>` function
- **`economy.py`** - add the `if "item" in user["items"]` branch in the relevant `do_<cmd>` function
- **`bot.py` `_maybe_remind`** - add `elif cmd == "<cmd>" and "<item>" in items:` branch with the new delay
- **`commands/economy_profile_commands.py` `cmd_cooldowns`** - add the item annotation to the relevant status line
- **`bot.py` `cmd_cooldowns`** - add the item annotation to the relevant status line
---
## Adding a New Level Role
1. **`core/economy.py` `LEVEL_ROLES`** - add `(min_level, "RoleName")` in descending level order (highest first)
1. **`economy.py` `LEVEL_ROLES`** - add `(min_level, "RoleName")` in descending level order (highest first)
2. **`bot.py` `_ensure_level_role`** - no changes needed (uses `LEVEL_ROLES` dynamically)
3. Run **`/economysetup`** in the server to create the role and set its position
@@ -102,7 +64,7 @@ Checklist:
1. **`strings.py` `CMD`** - add `"[Admin] ..."` description
2. **`strings.py` `HELP_CATEGORIES["admin"]["fields"]`** - add the entry
3. **`commands/economy_admin_commands.py`** (or `commands/ops_admin_commands.py` for non-economy ops) - add the handler with `@app_commands.default_permissions(manage_guild=True)` and `@app_commands.guild_only()`
3. **`bot.py`** - add `@app_commands.default_permissions(manage_guild=True)` and `@app_commands.guild_only()`
---
@@ -110,7 +72,7 @@ Checklist:
### Storage
All economy state is stored in **PocketBase** (`economy_users` collection). `core/pb_client.py` owns all reads/writes. Each `do_*` function in `core/economy.py` calls `get_user()` → mutates the local dict → calls `_commit()`. `_commit` does a `PATCH` to PocketBase.
All economy state is stored in **PocketBase** (`economy_users` collection). `pb_client.py` owns all reads/writes. Each `do_*` function in `economy.py` calls `get_user()` → mutates the local dict → calls `_commit()`. `_commit` does a `PATCH` to PocketBase.
### Currency & Income Sources
@@ -141,10 +103,8 @@ Commands that accept a coin amount (`/give`, `/roulette`, `/rps`, `/slots`, `/bl
- `/jailbreak`: 3 dice rolls, need doubles to escape free. On fail - bail = 20-30% of balance, min 350⬡. If balance < 350⬡, player stays jailed until timer.
- **Blocked while jailed**: `/work`, `/beg`, `/crime`, `/rob`, `/give` (checked in `do_*` functions via `_is_jailed`)
### EXP Rewards (from `EXP_REWARDS` in `core/economy.py`)
EXP is awarded on every successful command use. Level formula: `level = max(1, floor(sqrt(exp / 6)))` (see `get_level` / `exp_for_level`). Thresholds: Level 5 = 150 EXP, Level 10 = 600, Level 20 = 2 400, Level 30 = 5 400.
Gambling EXP is bet-scaled via `gamble_exp(bet)`; fish EXP is per-species in `FISH` (common 23, uncommon 67, rare 10, epic 1415, legendary 25).
### EXP Rewards (from `EXP_REWARDS` in economy.py)
EXP is awarded on every successful command use. Level formula: `floor(sqrt(exp / 10))`, so Level 5 = 250 EXP, Level 10 = 1000, Level 20 = 4000, Level 30 = 9000.
---
@@ -179,30 +139,27 @@ Role assignment:
| T3 | 20 | monitor_360, karikas, gaming_tool |
Shop display is sorted by cost (ascending) within each tier.
The `SHOP_LEVEL_REQ` dict in `core/economy.py` controls per-item lock thresholds.
The `SHOP_LEVEL_REQ` dict in `economy.py` controls per-item lock thresholds.
---
## strings.py Organisation
Imported as `import strings as S` everywhere. Dicts are read from `bot.py` and from every `commands/*.py` module.
| Section | Dict | Typical usage |
| Section | Dict | Usage in bot.py |
|---|---|---|
| Flavour text | `WORK_JOBS`, `BEG_LINES`, `CRIME_WIN`, `CRIME_LOSE` | Randomised descriptions |
| Command descriptions | `CMD["key"]` | `@tree.command(description=S.CMD["key"])` |
| Parameter descriptions | `OPT["key"]` | `@app_commands.describe(param=S.OPT["key"])` |
| Help embed | `HELP_CATEGORIES["cat"]` | `cmd_help` (in `bot.py`) |
| Help embed | `HELP_CATEGORIES["cat"]` | `cmd_help` |
| Banned message | `MSG_BANNED` | All banned checks |
| Maintenance mode | `MSG_MAINTENANCE` | Shown when `_PAUSED=True` in `bot.py` (toggled by `/pause` in `commands/ops_admin_commands.py`) |
| Maintenance mode | `MSG_MAINTENANCE` | Shown when `_PAUSED=True` in bot.py (toggled by `/pause`) |
| Reminder options | `REMINDER_OPTS` | `RemindersSelect` dropdown |
| Slots outcomes | `SLOTS_TIERS["tier"]``(title, color)` | `cmd_slots` (in `commands/economy_games_commands.py`) |
| Slots outcomes | `SLOTS_TIERS["tier"]``(title, color)` | `cmd_slots` |
| Embed titles | `TITLE["key"]` | `discord.Embed(title=S.TITLE["key"])` |
| Error messages | `ERR["key"]` | `send_message(S.ERR["key"])` - use `.format(**kwargs)` for dynamic parts |
| Cooldown messages | `CD_MSG["cmd"].format(ts=cd_ts(...))` | Cooldown responses (`cd_ts` helper passed in by `bot.py`) |
| Shop UI | `SHOP_UI["key"]` | `_shop_embed` (in `commands/economy_support_commands.py`) |
| Item descriptions | `ITEM_DESCRIPTIONS["item_key"]` | `core/economy.py` `SHOP[key]["description"]` |
| Patch notes UI | `PATCHNOTES_UI["key"]` | `commands/info_commands.py` (`/patchnotes`) |
| Cooldown messages | `CD_MSG["cmd"].format(ts=_cd_ts(...))` | Cooldown responses |
| Shop UI | `SHOP_UI["key"]` | `_shop_embed` |
| Item descriptions | `ITEM_DESCRIPTIONS["item_key"]` | `economy.SHOP[key]["description"]` |
---
@@ -210,18 +167,17 @@ Imported as `import strings as S` everywhere. Dicts are read from `bot.py` and f
| Constant | File | Description |
|---|---|---|
| `SHOP` | `core/economy.py` | All shop items (name, emoji, cost, description) |
| `SHOP_TIERS` | `core/economy.py` | Which items are in T1/T2/T3 |
| `SHOP_LEVEL_REQ` | `core/economy.py` | Min level per item |
| `COOLDOWNS` | `core/economy.py` | Base cooldown per command |
| `JAIL_DURATION` | `core/economy.py` | How long jail lasts |
| `LEVEL_ROLES` | `core/economy.py` | `[(min_level, "RoleName"), ...]` highest first |
| `ECONOMY_ROLE` | `core/economy.py` | Name of the base economy participation role |
| `EXP_REWARDS` | `core/economy.py` | EXP per command |
| `FISH` | `core/economy.py` | Fish species table (rarity, weight, coins, exp) |
| `HOUSE_ID` | `core/economy.py` | Bot's user ID (house account for /rob) |
| `MIN_BAIL` | `core/economy.py` | Minimum bail payment (350⬡) |
| `COIN` | `core/economy.py` | The coin emoji string |
| `SHOP` | `economy.py` | All shop items (name, emoji, cost, description) |
| `SHOP_TIERS` | `economy.py` | Which items are in T1/T2/T3 |
| `SHOP_LEVEL_REQ` | `economy.py` | Min level per item |
| `COOLDOWNS` | `economy.py` | Base cooldown per command |
| `JAIL_DURATION` | `economy.py` | How long jail lasts |
| `LEVEL_ROLES` | `economy.py` | `[(min_level, "RoleName"), ...]` highest first |
| `ECONOMY_ROLE` | `economy.py` | Name of the base economy participation role |
| `EXP_REWARDS` | `economy.py` | EXP per command |
| `HOUSE_ID` | `economy.py` | Bot's user ID (house account for /rob) |
| `MIN_BAIL` | `economy.py` | Minimum bail payment (350⬡) |
| `COIN` | `economy.py` | The coin emoji string |
| `_PAUSED` | `bot.py` | In-memory maintenance flag; toggled by `/pause`; blocks all non-admin commands |
---

79
docs/LAN_FIENTA_SETUP.md Normal file
View File

@@ -0,0 +1,79 @@
# LAN Fienta Setup
This profile runs the same codebase as a separate Discord bot process:
```powershell
$env:BOT_PROFILE="lan"
python bot.py
```
## Environment
Required `.env` values:
```env
BOT_PROFILE=lan
DISCORD_BOT_LAN=...
GUILD_ID_LAN=1301145356750426192
SHEET_ID_LAN=1cYEI2EmQDMZdVOarbOkVw7IHsnfqtYbWhA-6zC_r-zw
PB_ECONOMY_COLLECTION_LAN=economy_users_lan
PB_FIENTA_COLLECTION_LAN=fienta_registrations_lan
FIENTA_WEBHOOK_SECRET=<optional-long-random-secret>
FIENTA_WEBHOOK_PORT=8090
FIENTA_ADMIN_ALERT_CHANNEL_ID=1478302279894302812
```
The LAN bot must be invited to the LAN server and to the dev server that owns
the alert channel.
## Fienta Webhooks
Use these URLs in Fienta:
```text
Ostu sooritamisel:
https://veebikonks.tipilan.ee/fienta/purchase
Registreerimisvormi täitmisel peale ostu:
https://veebikonks.tipilan.ee/fienta/registration
```
Leave `Pileti valideerimisel` empty for now.
The old secret-token endpoint is still supported for testing:
```text
https://veebikonks.tipilan.ee/fienta/webhook/<FIENTA_WEBHOOK_SECRET>
```
## Caddy
If Caddy is on the same Docker network as the bot service:
```caddyfile
veebikonks.tipilan.ee {
reverse_proxy /fienta/* bot:8090
}
```
If Caddy runs on the host, make sure `localhost:8090` points to the bot webhook,
not PocketBase. The current compose file publishes PocketBase on host port
`8090`, so host-level Caddy cannot also proxy that same host port to the bot
unless PocketBase is moved or the bot is exposed through a different host route.
## Ticket Mapping
- `595507` - CS2 participant, public sheet row, CS2/team/language roles
- `595509` - CS2 reserve, roles only
- `595510` - CS2 manager, CS2/team/language/Manager roles
- `595912` - LoL participant, public sheet row, LoL/team/language roles
Public sheet rows:
- `CS2`: rows `6` through `37`
- `LoL`: rows `6` through `17`
## Admin Command
Use `/fientasync` in the LAN server to re-apply stored Fienta registrations to
Discord roles and the public sheet.

14
docs/PATCHNOTES.md
View File

@@ -1,14 +0,0 @@
# TipiBOT changelog
Here you'll find an overview of TipiBOT updates. Latest changes are at the top.
Format each version with a `## ` header (e.g. `## v0.1.0 — 2026-05-03`).
## v0.1.0 — 2026-05-03
- Added `/patchnotes`
- Fixed silent swallowing of database write errors — failed saves now show the user an error instead of appearing to succeed
- Fixed fish-sell bug that let the last fish be duplicated (sold and kept in inventory)
- Fixed RPS PvP duels having no bet escrow — bets are now held when the duel is accepted, paid out to the winner, and refunded on tie / timeout / cancel (previously the loser could spend their balance before the duel resolved and the winner would get nothing)
- Fixed multi-party transfers leaving coins in limbo on partial failures — `/give` and `/rob` now roll back the first commit if the second fails; heists try to refund the house when a participant payout fails
- Fixed Google Sheets I/O blocking the Discord gateway — sheet reads/writes now run in a worker thread so heartbeats stay alive during slow API calls
- Fixed migration script overwriting accumulated PocketBase state on re-run — fields not present in the legacy JSON are now preserved instead of being clobbered with defaults

36
scripts/migrate_to_pb.py
View File

@@ -42,32 +42,26 @@ async def main() -> None:
total = len(raw)
print(f"Found {total} user(s) in {DATA_FILE}")
created = updated = errors = 0
created = skipped = errors = 0
for uid, user in raw.items():
try:
record = dict(user)
record["user_id"] = uid
record.setdefault("balance", 0)
record.setdefault("exp", 0)
record.setdefault("items", [])
record.setdefault("item_uses", {})
record.setdefault("reminders", ["daily", "work", "beg", "crime", "rob"])
record.setdefault("eco_banned", False)
record.setdefault("daily_streak", 0)
existing = await pb_client.get_record(uid)
if existing:
# Merge JSON fields *onto* the existing record so values that have
# accumulated in PB (items, daily_streak, reminders, etc.) are not
# clobbered by JSON defaults on a re-run. JSON values take
# precedence only for keys that are actually present.
merged: dict = {k: v for k, v in existing.items() if not k.startswith("_") and k != "id"}
merged.update(user)
merged["user_id"] = uid
await pb_client.update_record(existing["id"], merged)
await pb_client.update_record(existing["id"], record)
print(f" [UPDATE] {uid}")
updated += 1
skipped += 1 # reuse skipped counter as "updated"
else:
record = dict(user)
record["user_id"] = uid
record.setdefault("balance", 0)
record.setdefault("exp", 0)
record.setdefault("items", [])
record.setdefault("item_uses", {})
record.setdefault("reminders", ["daily", "work", "beg", "crime", "rob"])
record.setdefault("eco_banned", False)
record.setdefault("daily_streak", 0)
await pb_client.create_record(record)
print(f" [CREATE] {uid}")
created += 1
@@ -75,9 +69,7 @@ async def main() -> None:
print(f" [ERROR] {uid}: {exc}")
errors += 1
print(f"\nDone. Created: {created} Updated: {updated} Errors: {errors}")
if errors:
sys.exit(1)
print(f"\nDone. Created: {created} Skipped: {skipped} Errors: {errors}")
if __name__ == "__main__":

78
scripts/reset_pb_collections.py
View File

@@ -1,4 +1,4 @@
"""Destructively recreate economy PocketBase collections for dev + economy profiles.
"""Destructively recreate TipiBOT PocketBase collections.
Usage:
python scripts/reset_pb_collections.py --confirm
@@ -6,6 +6,8 @@ Usage:
This will DELETE and recreate the collections configured by:
- PB_ECONOMY_COLLECTION_DEV
- PB_ECONOMY_COLLECTION_ECONOMY
- PB_ECONOMY_COLLECTION_LAN
- PB_FIENTA_COLLECTION_LAN
"""
from __future__ import annotations
@@ -114,6 +116,51 @@ def _collection_payload(name: str) -> dict:
}
def _fienta_collection_payload(name: str) -> dict:
fields = [
_text_field("registration_key", required=True),
_text_field("order_id"),
_text_field("ticket_code"),
_text_field("order_status"),
_text_field("order_url"),
_text_field("payment_time"),
_text_field("game"),
_text_field("kind"),
_text_field("ticket_type_id"),
_text_field("ticket_title"),
_text_field("ticket_group_title"),
_text_field("team_name"),
_text_field("discord_username"),
_text_field("nickname"),
_text_field("country"),
_text_field("country_code"),
_text_field("riot_id"),
_text_field("steam64_id"),
_text_field("vrs_ranking"),
_bool_field("is_main"),
_bool_field("is_reserve"),
_bool_field("is_manager"),
_bool_field("is_captain"),
_bool_field("sheet_public"),
_bool_field("blocked_country"),
_bool_field("active"),
_bool_field("roles_synced"),
_text_field("last_sync_error"),
_text_field("updated_at"),
]
return {
"name": name,
"type": "base",
"fields": fields,
"listRule": None,
"viewRule": None,
"createRule": None,
"updateRule": None,
"deleteRule": None,
}
async def _auth_token(session: aiohttp.ClientSession) -> str:
async with session.post(
f"{PB_URL}/api/collections/_superusers/auth-with-password",
@@ -138,8 +185,12 @@ async def _delete_if_exists(session: aiohttp.ClientSession, headers: dict[str, s
print(f"[DELETE] {name}")
async def _create_collection(session: aiohttp.ClientSession, headers: dict[str, str], name: str) -> None:
payload = _collection_payload(name)
async def _create_collection(
session: aiohttp.ClientSession,
headers: dict[str, str],
name: str,
payload: dict,
) -> None:
async with session.post(f"{PB_URL}/api/collections", json=payload, headers=headers) as resp:
if resp.status not in (200, 201):
raise RuntimeError(f"Create failed for {name} ({resp.status}): {await resp.text()}")
@@ -154,10 +205,17 @@ async def main() -> None:
if not args.confirm:
raise SystemExit("Refusing to run without --confirm (this operation deletes collections).")
targets = []
for name in [config.PB_ECONOMY_COLLECTION_DEV, config.PB_ECONOMY_COLLECTION_ECONOMY]:
if name and name not in targets:
targets.append(name)
targets: list[tuple[str, dict]] = []
for name in [
config.PB_ECONOMY_COLLECTION_DEV,
config.PB_ECONOMY_COLLECTION_ECONOMY,
config.PB_ECONOMY_COLLECTION_LAN,
]:
if name and all(existing != name for existing, _ in targets):
targets.append((name, _collection_payload(name)))
fienta_name = config.PB_FIENTA_COLLECTION_LAN
if fienta_name and all(name != fienta_name for name, _ in targets):
targets.append((fienta_name, _fienta_collection_payload(fienta_name)))
if not targets:
raise SystemExit("No target collections configured.")
@@ -167,12 +225,12 @@ async def main() -> None:
token = await _auth_token(session)
headers = {"Authorization": token}
for name in targets:
for name, payload in targets:
await _delete_if_exists(session, headers, name)
await _create_collection(session, headers, name)
await _create_collection(session, headers, name, payload)
print("\nDone. Collections recreated:")
for name in targets:
for name, _ in targets:
print(f" - {name}")

17
strings.py
View File

@@ -171,7 +171,7 @@ CMD: dict[str, str] = {
"fish": "Mine kalastama (interaktiivne mäng, 2min ooteaeg)",
"fishbook": "Vaata oma kalakogu ja kogutud kalaliike",
"fishsell": "Müü kalu oma inventarist",
"patchnotes": "Vaata TipiBOTi viimaseid muudatusi ja uuendusi",
"fientasync": "[Admin] Sünkroniseeri LAN Fienta registreeringud uuesti",
}
# ---------------------------------------------------------------------------
@@ -307,6 +307,7 @@ HELP_CATEGORIES: dict[str, dict] = {
("/channels", "Näita lubatud kanalite nimekirja"),
("/adminseason [top_n]", "Lõpeta võistlus, teavita võitjaid ja lähtesta EXP"),
("/economysetup", "Loo ja sea korda majandussüsteemi rollid (ECONOMY + taseme rollid) boti rolli alla"),
("/fientasync", "Sünkroniseeri LAN Fienta registreeringute rollid ja avalik tabel uuesti"),
],
},
}
@@ -753,20 +754,6 @@ SEND_UI: dict[str, str] = {
"forbidden": "❌ Mul pole õigust kanalisse {channel} kirjutada.",
}
# ---------------------------------------------------------------------------
# /patchnotes UI strings
# ---------------------------------------------------------------------------
PATCHNOTES_UI: dict[str, str] = {
"title": "📝 Muudatuste logi — {version}",
"footer": "Versioon {idx}/{total}",
"btn_newer": "◀ Uuem",
"btn_older": "Vanem ▶",
"select_placeholder": "Vali versioon…",
"empty_file": " Muudatuste logi on hetkel tühi.",
"empty_version": "_(selle versiooni kohta märkmeid pole)_",
}
# ---------------------------------------------------------------------------
# /allowchannel /denychannel /channels UI strings
# ---------------------------------------------------------------------------