Skip to content
Appifire
Docs
33 — TestimonialModerationLog Model & Audit Workflow (Blueprint §5.10)

33 — TestimonialModerationLog Model & Audit Workflow (Blueprint §5.10)

Cursor-ready plan for implementing immutable moderation audit logging, write contracts, query patterns, and compliance-safe retention.

33 — TestimonialModerationLog Model & Audit Workflow (Blueprint §5.10)

Section titled “33 — TestimonialModerationLog Model & Audit Workflow (Blueprint §5.10)”

Source: 02-Implementation-Blueprint.md§5.10 New model: TestimonialModerationLog.

This document is a build spec only. No code changes are implied until a task references this file.

Related: 10 (submission detail actions), 11 (published actions), 12 (moderation settings), 08 (security/compliance), 20 (schema baseline).

0) Goal (one sentence)

Section titled “0) Goal (one sentence)”

Ensure every moderation or publication decision on testimonial content is captured in an immutable, tenant-scoped audit trail usable for support, compliance, and incident investigation.

1) Blueprint model recap

Section titled “1) Blueprint model recap”

Blueprint fields:

  • id String @id @default(uuid())
  • shopId String @map("shop_id")
  • submissionId String @map("submission_id")
  • action String // approve | reject | archive | unpublish | feature
  • reason String? @db.Text
  • actorType String @map("actor_type") // merchant | system
  • actorEmail String? @map("actor_email")
  • createdAt DateTime @default(now()) @map("created_at")

Index:

  • @@index([submissionId, createdAt])

2) Scope

Section titled “2) Scope”

In scope

Section titled “In scope”
  • Prisma model implementation and migration
  • Write-path integration for all moderation actions
  • Read/query usage for admin detail timeline
  • Immutability guarantees (application-level)

Out of scope

Section titled “Out of scope”
  • Full legal retention policy beyond app-level defaults
  • External SIEM export (optional future)

3) Action taxonomy (canonical)

Section titled “3) Action taxonomy (canonical)”

Start with blueprint actions:

  • approve
  • reject
  • archive
  • unpublish
  • feature

Recommended extensions (optional but useful):

  • publish
  • unfeature
  • reopen (move rejected back to pending)
  • auto_reject (system moderation rule)
  • auto_approve_photo

If extensions are added, keep a central action constants list.

4) Write contract (where logs must be created)

Section titled “4) Write contract (where logs must be created)”

Create one log row for each successful state-changing intent:

  1. Screen 6 detail actions (approve, reject, flag, publish, etc.)
  2. Screen 7 published management actions (unpublish, feature, reorder-related if needed)
  3. Screen 5 bulk moderation actions
  4. System actions from moderation automation (Screen 9 rules)

4.1 Transaction rule

Section titled “4.1 Transaction rule”

State change and log insertion must be in the same DB transaction:

  • If status update fails -> no log
  • If log insert fails -> rollback state update

This prevents audit drift.

5) Actor rules

Section titled “5) Actor rules”

5.1 actorType

Section titled “5.1 actorType”
  • merchant for admin UI actions
  • system for automatic rule-based actions

5.2 actorEmail

Section titled “5.2 actorEmail”
  • required for merchant when available from session
  • nullable for system

5.3 reason

Section titled “5.3 reason”
  • required for reject (UI enforce + server enforce)
  • optional for others

6) Immutability standard

Section titled “6) Immutability standard”

Treat this model as append-only:

  • No update endpoint
  • No delete endpoint
  • No “edit reason” after insert

If correction needed:

  • insert another log row with corrective action and reason.

This aligns with audit expectations from 08-security-compliance-and-privacy.md.

7) Query patterns

Section titled “7) Query patterns”

7.1 Submission detail timeline

Section titled “7.1 Submission detail timeline”

where: { submissionId, shopId } orderBy: { createdAt: "desc" } take: 20 (pagination optional)

7.2 Troubleshooting query

Section titled “7.2 Troubleshooting query”

Filter by:

  • shopId
  • action
  • date range
  • actorType

Optional admin support screen can be added later; not required now.

8) Privacy/compliance notes

Section titled “8) Privacy/compliance notes”
  • reason can include free text; avoid storing raw customer PII when possible.
  • For GDPR customer redaction:
    • do not break audit chain,
    • but sanitize reason if it accidentally contains personal data (policy decision in 08).

Do not expose moderation logs in storefront/public APIs.

9) Migration and index guidance

Section titled “9) Migration and index guidance”

9.1 Schema migration

Section titled “9.1 Schema migration”

Add model exactly with mapped snake_case columns.

9.2 Indexes

Section titled “9.2 Indexes”

Required:

  • @@index([submissionId, createdAt])

Recommended:

  • @@index([shopId, createdAt]) for support/reporting lookups.

10) Acceptance criteria

Section titled “10) Acceptance criteria”
  • Every moderation state mutation creates exactly one corresponding log row.
  • Reject action cannot complete without reason and log.
  • Bulk actions create one log row per submission id.
  • Log rows are never edited/deleted by application code.
  • Submission detail timeline displays logs in reverse chronological order.

11) Suggested implementation order (for Cursor)

Section titled “11) Suggested implementation order (for Cursor)”
  1. Add Prisma model + migration.
  2. Add constants for action values and actor types.
  3. Implement helper appendModerationLog(...).
  4. Integrate helper in all relevant route actions.
  5. Add timeline section in Screen 6 detail loader/UI.
  6. Add tests for transaction integrity and required reject reason.

12) References

Section titled “12) References”
  • 02-Implementation-Blueprint.md — §5.10
  • 10-submission-detail-screen-6.md
  • 11-published-content-screen-7.md
  • 12-moderation-settings-screen-9.md
  • 08-security-compliance-and-privacy.md

13) Note on numbering

Section titled “13) Note on numbering”

This folder already includes 05 through 32 plans. This file is 33-....

Home

01 Overview

AppiFire AI Chat — Product Plan & Architecture Options (A, B, C) Technology Overview & High-Level Tasks

01 Platform Foundation

Prerequisites (Detailed Plan) Shopify Setup — Partner Account, CLI, App, and Extension Shopify App Skeleton & Database (Detailed Plan)

02 Knowledge and RAG

Database Schema for RAG Product Sync & Ingestion RAG & Chat API RAG Data Sync (Products, Collections, Inventory, Blog Posts) + Order Lookup How the Codebase Uses Vector Information to Answer Users in Chat Website Knowledge from Web (GPT-4o Mini Search)

03 Billing and Usage

Billing & Usage Billing & Usage — Remaining Tasks Credits wallet: one-time purchases & subscription included credits Free Plan: Reply Cap and Monthly Reset Promo code functionality Shopify App Billing and Payments Tasks

04 Admin and Storefront

Admin Settings & Chat Widget Admin UI Design Plan — Bigger Font, Different Font, More Spacing, Styled Buttons AI Chats / Logs Screen Billing Screen Restructure Plan (Sales + Marketing Focus) Dashboard Plan — AppiFire AI Chat Design Guidelines and Styling System (Polaris + Tailwind Plan) Theme & Design System Timezone & Time Display Plan (Admin + Widget)

05 Chat Experience and Safety

Chat Guardrails Inspection Full Conversation History in OpenRouter Chat Order Lookup Reliability Guide Order Status Conversational Chat Flow Pre-Chat User Identity Form

06 Merchant Lifecycle

Register / Identify App Users (Paying Merchants) Uninstall: Record & Goodbye Email

07 Ops and Release

Deploy: Cloudflare Tunnel + Your Domain & App to appifire-ai-chat.appifire.com Launch & Publishing Guide Links Scheduled jobs, privacy & shop analytics Testing Up to Phase 2 (Product Sync & Ingestion)

08 Research and Ideas

App Names 20 Paid Feature Gaps — AppiFire AI Chat Roadmap Templates Shortlisted Top 30 Shopify App Ideas — High Demand, Buildable, Revenue Potential

09 Archive

100 AI Questions User Can Ask App Embed Settings Plan Chat Thread Identity and History Plan Plan: Free reply monthly reset & paid included credits delivery Future Todo List Promo Code Module Plan Reorganize Documents Support Feature Plan Talk to Human Flow Plan Welcome Email Plan (Brevo API)

10 Marketing and SEO

Article Writing Prompt Appifire SEO Topical Map Topical Map Prompt Appifire VS Pages VS Pages Prompt

11 Video Testimonial Collector

Post-Purchase Video Testimonial Collector — Detailed Product Plan Video Testimonial Collector - Implementation Blueprint Video Testimonial Collector - Pricing & Billing Options Delete All Existing Code and DB Tables (Boilerplate Cleanup) 05 — Storefront Widgets + Public Read API (Screen 8 & 8.1) 06 — Public Submission Page (Screen 13, `/t/:token`) 07 — Email/SMS Request Delivery Pipeline (Blueprint §4) 08 — Security, Compliance & Privacy (Blueprint §8) 09 — Submissions Inbox (Screen 5, `/app/testimonials`) 10 — Submission Detail & Moderation (Screen 6, `/app/testimonials/:id`) 11 — Published Content Manager (Screen 7, `/app/testimonials/published`) 12 — Moderation Settings (Screen 9, `/app/testimonials/moderation`) 13 — Requests Log (Blueprint Screen 10, `/app/testimonials/requests`) 14 — Analytics (Blueprint Screen 11, `/app/testimonials/analytics`) 15 — Billing & Usage (Blueprint Screen 12, `/app/testimonials/billing`) 16 — Templates (Screen 4, `/app/testimonial-templates`) 17 — Campaigns List (Screen 2, `/app/testimonial-campaigns`) 18 — Campaign Create/Edit (Screen 3, `/app/testimonial-campaigns/:id`) 19 — Dashboard (Screen 1, `/app`) 20 — Database Design & Migrations (Blueprint §5) 21 — Route & File Map Execution Plan (Blueprint §6) 22 — Integration & Processing Orchestration (Blueprint §7) 23 — Release Plan & Milestones (Blueprint §9) 24 — Build Notes Execution Standards (Blueprint §10) 25 — Core Modules Breakdown (Blueprint §2.2) 26 — Project Conventions Execution Guide (Blueprint §2.1) 27 — Product Scope Recommendation Execution (Blueprint §1) 28 — Admin Screens Information Architecture (Blueprint §3) 29 — Milestone 1 Delivery Plan (Blueprint §9.1) 30 — Milestone 2 Delivery Plan (Blueprint §9.2) 31 — Milestone 3 Delivery Plan (Blueprint §9.3) 32 — Email/SMS Operational Detail (Blueprint §4) 33 — TestimonialModerationLog Model & Audit Workflow (Blueprint §5.10) 34 — TestimonialDailyAnalytics Model & Rollup Jobs (Blueprint §5.11) 35 — TestimonialProductLink Model & Multi-Product Merchandising (Blueprint §5.9) 36 — TestimonialMediaAsset Model & Processing Pipeline (Blueprint §5.8) 37 — TestimonialSubmission Model & Lifecycle (Blueprint §5.7) 38 — TestimonialRequestEvent Model & Delivery Event Stream (Blueprint §5.6) 39 — TestimonialRequest Model & Scheduling Lifecycle (Blueprint §5.5) 40 — TestimonialTemplate Model & Resolution Rules (Blueprint §5.4) 41 — TestimonialCampaignProduct Model & Targeting Rules (Blueprint §5.3) 42 — TestimonialCampaign Model & Automation Rules (Blueprint §5.2) 43 — Shop Model Extension for Testimonials (Blueprint §5.1) 44 — Per-Product Collection Rule (Required) Implementation Plan 45 — Two Storefront Widgets (v1 Requirement, Screen 8.1)