feat: implement realtime scrims chat

Author: Bulletdev

app/jobs/discord_scrim_message_job.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+# Sends a scrim chat message notification to the ProStaff Discord bot webhook.
+#
+# Runs in the background so Action Cable broadcasts are never delayed by
+# outbound HTTP. Failures are retried up to 3 times with exponential backoff.
+class DiscordScrimMessageJob < ApplicationJob
+  queue_as :default
+
+  # Only retry on network-layer failures, not programming errors.
+  retry_on Faraday::Error, wait: :polynomially_longer, attempts: 3
+
+  ALLOWED_SCHEMES = %w[http https].freeze
+  BLOCKED_HOSTS   = %w[169.254.169.254 metadata.google.internal].freeze
+
+  def perform(message_id)
+    message = ScrimMessage.includes(:scrim, :user, :organization).find_by(id: message_id)
+    return unless message
+
+    url    = DiscordWebhookService::WEBHOOK_URL
+    secret = DiscordWebhookService::WEBHOOK_SECRET
+    guild  = DiscordWebhookService::GUILD_ID
+
+    return unless url.present? && guild.present?
+
+    validated_url = validate_webhook_url!(url)
+    payload = build_payload(message, guild, secret)
+    post_to_bot(validated_url, payload)
+  end
+
+  private
+
+  # Validates that the webhook URL is an http/https URL and not a known internal
+  # cloud metadata address, protecting against SSRF from a misconfigured env var.
+  def validate_webhook_url!(url)
+    parsed = URI.parse(url)
+
+    unless ALLOWED_SCHEMES.include?(parsed.scheme)
+      raise ArgumentError, "[DiscordScrimMessageJob] Invalid webhook URL scheme: #{parsed.scheme}"
+    end
+
+    if BLOCKED_HOSTS.include?(parsed.host)
+      raise ArgumentError, "[DiscordScrimMessageJob] Blocked webhook host: #{parsed.host}"
+    end
+
+    url
+  rescue URI::InvalidURIError => e
+    raise ArgumentError, "[DiscordScrimMessageJob] Malformed webhook URL: #{e.message}"
+  end
+
+  def build_payload(message, guild_id, secret)
+    scrim    = message.scrim
+    opponent = scrim.opponent_team&.name || 'Opponent'
+
+    payload = {
+      guild_id: guild_id,
+      scrim_id: scrim.id.to_s,
+      scrim_opponent: opponent,
+      message: {
+        content: message.content,
+        user: { full_name: message.user.full_name },
+        organization: { name: message.organization.name }
+      }
+    }
+    payload[:secret] = secret if secret.present?
+    payload
+  end
+
+  def post_to_bot(url, payload)
+    conn = Faraday.new(url: url) do |f|
+      f.request :json
+      f.response :raise_error
+      f.adapter Faraday.default_adapter
+    end
+    conn.post('/webhooks/scrim-message', payload)
+  end
+end

app/models/scrim_message.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+# Model representing a chat message sent within a scrim session.
+#
+# ScrimMessage supports cross-organization communication between the two teams
+# participating in a scrim. Each message is scoped to a specific scrim and
+# retains the sender's organization for display purposes.
+#
+# Soft-deletion is used so that the conversation history remains consistent
+# for other participants after a message is removed.
+#
+# @example Create a message
+#   ScrimMessage.create!(
+#     scrim: scrim,
+#     user: current_user,
+#     organization: current_user.organization,
+#     content: 'gg wp'
+#   )
+class ScrimMessage < ApplicationRecord
+  MAX_CONTENT_LENGTH = 1000
+
+  # Associations
+  belongs_to :scrim
+  belongs_to :user
+  belongs_to :organization
+
+  # Validations
+  validates :content, presence: true, length: { maximum: MAX_CONTENT_LENGTH }
+
+  # Scopes
+  scope :active, -> { where(deleted: false) }
+  scope :chronological, -> { order(created_at: :asc) }
+
+  # Callbacks
+  after_create_commit :broadcast_to_scrim
+
+  # Marks the message as deleted without removing the record from the database.
+  #
+  # @return [void]
+  def soft_delete!
+    update!(deleted: true, deleted_at: Time.current)
+  end
+
+  private
+
+  def broadcast_to_scrim
+    broadcast_via_action_cable
+    notify_discord
+  end
+
+  def broadcast_via_action_cable
+    stream = if scrim.scrim_request_id.present?
+               "scrim_request_chat_#{scrim.scrim_request_id}"
+             else
+               "scrim_chat_#{scrim_id}"
+             end
+    ActionCable.server.broadcast(stream, cable_payload)
+  rescue StandardError => e
+    Rails.logger.error "[ScrimMessage] Action Cable broadcast failed for scrim=#{scrim_id}: #{e.message}"
+  end
+
+  def notify_discord
+    DiscordWebhookService.notify_new_message(self)
+  rescue StandardError => e
+    Rails.logger.warn "[ScrimMessage] Discord notification failed for scrim=#{scrim_id}: #{e.message}"
+  end
+
+  def cable_payload
+    {
+      type: 'new_message',
+      message: {
+        id: id,
+        content: content,
+        created_at: created_at.iso8601,
+        user: { id: user.id, full_name: user.full_name },
+        organization: { id: organization_id, name: organization.name }
+      }
+    }
+  end
+end

app/modules/scrims/channels/scrim_chat_channel.rb

@@ -0,0 +1,131 @@
+# frozen_string_literal: true
+
+# ScrimChatChannel — Real-time cross-organization chat for scrim sessions.
+#
+# Allows members of both participating organizations to exchange messages
+# during a scrim. Authorization is based on the scrim's owner org and its
+# linked ScrimRequest, which carries both organization IDs.
+#
+# Subscription params:
+#   scrim_id [String] — UUID of the scrim to subscribe to
+#
+# Actions:
+#   subscribed   — validates access, opens the scrim-scoped stream
+#   speak        — persists a message; broadcast is handled by the model callback
+#   unsubscribed — stops all streams (cleanup)
+#
+# @example Frontend subscription
+#   consumer.subscriptions.create(
+#     { channel: 'ScrimChatChannel', scrim_id: 'uuid' },
+#     { received: (data) => console.log(data) }
+#   )
+class ScrimChatChannel < ApplicationCable::Channel
+  MAX_CONTENT_LENGTH = 1000
+
+  def subscribed
+    scrim = find_authorized_scrim
+    unless scrim
+      logger.warn "[ScrimChat] Rejected subscription — user=#{current_user.id} scrim_id=#{params[:scrim_id]}"
+      reject
+      return
+    end
+
+    @scrim = scrim
+    stream_name = canonical_stream_name(@scrim)
+    stream_from stream_name
+    logger.info "[ScrimChat] subscribed user=#{current_user.id} scrim=#{@scrim.id} stream=#{stream_name}"
+  end
+
+  def unsubscribed
+    stop_all_streams
+    logger.info "[ScrimChat] user=#{current_user.id} unsubscribed"
+  end
+
+  # Receives a message from the client and persists it.
+  # Broadcasting is triggered by ScrimMessage's after_create_commit callback.
+  #
+  # @param data [Hash] { "content" => "message text" }
+  def speak(data)
+    return unless @scrim
+
+    content = validate_content(data['content'])
+    return unless content
+
+    ScrimMessage.create!(scrim: @scrim, user: current_user,
+                         organization: current_user.organization, content: content)
+  rescue ActiveRecord::RecordInvalid => e
+    logger.error "[ScrimChat] Failed to persist message for scrim=#{@scrim.id}: #{e.message}"
+    transmit({ error: 'Failed to send message' })
+  end
+
+  private
+
+  def validate_content(raw)
+    content = raw.to_s.strip
+    if content.blank?
+      transmit({ error: 'Message content cannot be blank' })
+      return nil
+    end
+    if content.length > MAX_CONTENT_LENGTH
+      transmit({ error: "Message exceeds #{MAX_CONTENT_LENGTH} characters" })
+      return nil
+    end
+    content
+  end
+
+  # Finds the scrim and verifies the current user's org is a participant.
+  #
+  # Checks owner org first, then falls back to ScrimRequest cross-org check.
+  # Always returns nil for both "not found" and "not a participant" cases so
+  # that foreign scrim UUIDs are not leaked via subscription rejection messages.
+  #
+  # @return [Scrim, nil]
+  def find_authorized_scrim
+    scrim_id = params[:scrim_id]
+    return nil unless scrim_id.present?
+
+    # ActionCable context doesn't go through authenticate_request!, so
+    # Current.organization_id must be set manually for OrganizationScoped models.
+    Current.organization_id = current_user.organization_id
+
+    # Owner org — most common path
+    scrim = current_user.organization.scrims.find_by(id: scrim_id)
+    return scrim if scrim
+
+    # Cross-org participant via ScrimRequest
+    cross_org_scrim(scrim_id)
+  end
+
+  # Returns the scrim if the current user's org is the opposing participant
+  # in the linked ScrimRequest. Returns nil otherwise.
+  def cross_org_scrim(scrim_id)
+    # Bypass OrganizationScoped — the scrim may belong to the opponent's org
+    scrim = Scrim.unscoped_by_organization.find_by(id: scrim_id)
+    return nil unless scrim
+
+    request = scrim_request_for(scrim)
+    return nil unless request
+
+    org_id = current_user.organization_id
+    return scrim if request.requesting_organization_id == org_id ||
+                    request.target_organization_id == org_id
+
+    nil
+  end
+
+  def scrim_request_for(scrim)
+    return nil unless scrim.scrim_request_id.present?
+
+    ScrimRequest.find_by(id: scrim.scrim_request_id)
+  end
+
+  # Uses ScrimRequest ID as canonical stream so both orgs share the same channel.
+  # Falls back to per-scrim stream when no request is linked (manual scrims).
+  def canonical_stream_name(scrim)
+    if scrim.scrim_request_id.present?
+      "scrim_request_chat_#{scrim.scrim_request_id}"
+    else
+      "scrim_chat_#{scrim.id}"
+    end
+  end
+end