audit week 1: creator ID tracking, channel-queue migration, deprecation cleanup

QUAL-006 store ticket.creatorId on creation; legacy split-pop returned the message ID for discord-msg-* tickets, breaking transcript DM, close log, and channel rename for context-menu-created tickets. Adds the field to the Ticket schema and writes a one-shot backfill script (scripts/backfill-creatorId.js, dry-run by default). QUEUE-001 add enqueueOverwrite + enqueueTopic to services/channelQueue.js (chain on renameChains alongside enqueueMove). Migrate handleAdd / handleRemove / handleMove / handleTopic so permissionOverwrites, setParent, and setTopic no longer race pending renames or sends. handleMove now uses the existing enqueueMove. Initial overwrites in handleTicketModal stay inline; channel doesn't exist yet so no race. DISCORD-001 replace ephemeral: true with flags: MessageFlags.Ephemeral across broccolini-discord.js, handlers/sharedHelpers.js, handlers/buttons.js, handlers/commands.js. runDeferred opts now take { flags } directly. SEC-003 /gmailpoll min interval is 30s. Drop the 5s/10s slash-command choices and clamp Math.max(30000, ms) in handleGmailPoll for defense in depth. QUAL-001 upgrade silent .catch(() => {}) on the lastActivity updateOne in handlers/messages.js to log via logError, so transient Mongo errors surface in the debug channel instead of disappearing. QUAL-002 drop await from logError/logWarn calls in services/staffThread.js and services/pinMessage.js — fire-and-forget per CLAUDE.md hard rule. QUAL-003 wrap stray setTimeouts (handleConfirmCloseRequest force-close timer, runFinalClose channel-delete + overflow-cleanup, checkAutoClose delete-after-email) in trackTimeout via lazy require so they clear on shutdown.
2026-05-08 20:19:14 +00:00
parent e3b3b8d48c
commit cdf85f6364
12 changed files with 287 additions and 97 deletions
--- a/handlers/commands.js
+++ b/handlers/commands.js
@@ -12,6 +12,7 @@ const {
  ButtonStyle,
  AttachmentBuilder,
  EmbedBuilder,
+  MessageFlags,
  ModalBuilder,
  TextInputBuilder,
  TextInputStyle,
@@ -23,7 +24,7 @@ const { getPriorityEmoji, replaceVariables, isStaff } = require('../utils');
 const { makeTicketName, resolveCreatorNickname, getOrCreateTicketCategory, checkTicketCreationRateLimit } = require('../services/tickets');
 const { sendTicketNotificationEmail } = require('../services/gmail');
 const { getTicketActionRow } = require('../utils/ticketComponents');
-const { enqueueRename, enqueueMove, enqueueSend } = require('../services/channelQueue');
+const { enqueueRename, enqueueMove, enqueueOverwrite, enqueueTopic, enqueueSend } = require('../services/channelQueue');
 const { setNotifyDm } = require('../services/staffSettings');
 const { pinMessage } = require('../services/pinMessage');
 const { logError, logTicketEvent } = require('../services/debugLog');
@@ -49,7 +50,7 @@ async function requireStaffRole(interaction) {
  const roleMention = CONFIG.ROLE_ID_TO_PING ? `<@&${CONFIG.ROLE_ID_TO_PING}>` : 'support';
  await interaction.reply({
    content: `This command is only available to the support team (${roleMention}).`,
-    ephemeral: true
+    flags: MessageFlags.Ephemeral
  });
  return true;
 }
@@ -222,10 +223,10 @@ async function handleEscalate(interaction) {

  const currentTier = ticket.escalationTier ?? (ticket.escalated ? 1 : 0);
  if (currentTier >= 2) {
-    return interaction.reply({ content: 'This ticket is already at tier 3 support.', ephemeral: true });
+    return interaction.reply({ content: 'This ticket is already at tier 3 support.', flags: MessageFlags.Ephemeral });
  }
  if (nextTier <= currentTier) {
-    return interaction.reply({ content: 'Ticket is already at or past that tier.', ephemeral: true });
+    return interaction.reply({ content: 'Ticket is already at or past that tier.', flags: MessageFlags.Ephemeral });
  }

  const isDiscordTicket = ticket.gmailThreadId.startsWith('discord-');
@@ -236,7 +237,7 @@ async function handleEscalate(interaction) {
  if (!categoryId && !interaction.channel.isThread()) {
    return interaction.reply({
      content: `${configKey} is not configured for ${isDiscordTicket ? 'Discord' : 'email'} tickets.`,
-      ephemeral: true
+      flags: MessageFlags.Ephemeral
    });
  }

@@ -251,12 +252,12 @@ async function handleDeescalate(interaction) {

  const currentTier = ticket.escalationTier ?? (ticket.escalated ? 1 : 0);
  if (currentTier === 0) {
-    return interaction.reply({ content: 'This ticket is not escalated.', ephemeral: true });
+    return interaction.reply({ content: 'This ticket is not escalated.', flags: MessageFlags.Ephemeral });
  }

  await runDeferred(interaction, 'de-escalate',
    () => runDeescalation(interaction, ticket),
-    { ephemeral: true }
+    { flags: MessageFlags.Ephemeral }
  );
 }

@@ -266,11 +267,11 @@ async function handleNotifyDm(interaction) {
    await setNotifyDm(interaction.user.id, interaction.guildId, setting);
    await interaction.reply({
      content: `DM notifications ${setting ? 'enabled ✅' : 'disabled 🔕'}.`,
-      ephemeral: true
+      flags: MessageFlags.Ephemeral
    });
  } catch (err) {
    console.error('notifydm error:', err);
-    await interaction.reply({ content: 'Failed to update notification setting.', ephemeral: true }).catch(() => {});
+    await interaction.reply({ content: 'Failed to update notification setting.', flags: MessageFlags.Ephemeral }).catch(() => {});
  }
 }

@@ -280,8 +281,7 @@ async function handleAdd(interaction) {
  if (!ticket) return;

  try {
-    // TODO(queue-migrate): permissionOverwrites mutation bypasses channelQueue — could race a pending rename/send on the same channel.
-    await interaction.channel.permissionOverwrites.create(user.id, {
+    await enqueueOverwrite(interaction.channel, user.id, {
      ViewChannel: true,
      SendMessages: true,
      ReadMessageHistory: true
@@ -289,7 +289,7 @@ async function handleAdd(interaction) {
    await interaction.reply({ content: `Added ${user} to this ticket.`, allowedMentions: { parse: ['users'] } });
  } catch (err) {
    console.error('Add user error:', err);
-    await interaction.reply({ content: 'Failed to add user.', ephemeral: true });
+    await interaction.reply({ content: 'Failed to add user.', flags: MessageFlags.Ephemeral });
  }
 }

@@ -299,12 +299,11 @@ async function handleRemove(interaction) {
  if (!ticket) return;

  try {
-    // TODO(queue-migrate): permissionOverwrites mutation bypasses channelQueue — could race a pending rename/send on the same channel.
-    await interaction.channel.permissionOverwrites.delete(user.id);
+    await enqueueOverwrite(interaction.channel, user.id, null, 'delete');
    await interaction.reply({ content: `Removed ${user} from this ticket.`, allowedMentions: { parse: ['users'] } });
  } catch (err) {
    console.error('Remove user error:', err);
-    await interaction.reply({ content: 'Failed to remove user.', ephemeral: true });
+    await interaction.reply({ content: 'Failed to remove user.', flags: MessageFlags.Ephemeral });
  }
 }

@@ -318,7 +317,7 @@ async function handleTransfer(interaction) {
  const guildMember = await interaction.guild.members.fetch(member.id).catch(() => null);

  if (!guildMember || !guildMember.roles.cache.has(staffRoleId)) {
-    return interaction.reply({ content: 'The target member must have the staff role.', ephemeral: true });
+    return interaction.reply({ content: 'The target member must have the staff role.', flags: MessageFlags.Ephemeral });
  }

  try {
@@ -344,7 +343,7 @@ async function handleTransfer(interaction) {
    }
  } catch (err) {
    console.error('Transfer error:', err);
-    await interaction.reply({ content: 'Failed to transfer ticket.', ephemeral: true });
+    await interaction.reply({ content: 'Failed to transfer ticket.', flags: MessageFlags.Ephemeral });
  }
 }

@@ -354,8 +353,7 @@ async function handleMove(interaction) {
  if (!ticket) return;

  try {
-    // TODO(queue-migrate): setParent bypasses channelQueue (enqueueMove) — use enqueueMove so moves serialize with pending renames/sends.
-    await interaction.channel.setParent(category.id, { lockPermissions: true });
+    await enqueueMove(interaction.channel, category.id);
    await interaction.reply(`Moved ticket to **${category.name}**.`);

    const logChan = await fetchLoggingChannel(interaction.client);
@@ -366,7 +364,7 @@ async function handleMove(interaction) {
    }
  } catch (err) {
    console.error('Move error:', err);
-    await interaction.reply({ content: 'Failed to move ticket.', ephemeral: true });
+    await interaction.reply({ content: 'Failed to move ticket.', flags: MessageFlags.Ephemeral });
  }
 }

@@ -374,17 +372,17 @@ async function handleStaffThread(interaction) {
  const sub = interaction.options.getSubcommand();
  if (sub === 'toggle') {
    CONFIG.STAFF_THREAD_ENABLED = !CONFIG.STAFF_THREAD_ENABLED;
-    return interaction.reply({ content: `Staff threads are now **${CONFIG.STAFF_THREAD_ENABLED ? 'enabled' : 'disabled'}**.`, ephemeral: true });
+    return interaction.reply({ content: `Staff threads are now **${CONFIG.STAFF_THREAD_ENABLED ? 'enabled' : 'disabled'}**.`, flags: MessageFlags.Ephemeral });
  }
  if (sub === 'name') {
    const name = interaction.options.getString('thread_name').slice(0, 100);
    CONFIG.STAFF_THREAD_NAME = name;
-    return interaction.reply({ content: `Staff thread name set to **${name}**.`, ephemeral: true });
+    return interaction.reply({ content: `Staff thread name set to **${name}**.`, flags: MessageFlags.Ephemeral });
  }
  if (sub === 'autorole') {
    const enabled = interaction.options.getBoolean('enabled');
    CONFIG.STAFF_THREAD_AUTO_ADD_ROLE = enabled;
-    return interaction.reply({ content: `Auto-add role to staff thread is now **${enabled ? 'enabled' : 'disabled'}**.`, ephemeral: true });
+    return interaction.reply({ content: `Auto-add role to staff thread is now **${enabled ? 'enabled' : 'disabled'}**.`, flags: MessageFlags.Ephemeral });
  }
 }

@@ -393,28 +391,33 @@ async function handlePinMessages(interaction) {
  const enabled = interaction.options.getBoolean('enabled');
  if (sub === 'initial') {
    CONFIG.PIN_INITIAL_MESSAGE_ENABLED = enabled;
-    return interaction.reply({ content: `Auto-pin initial message is now **${enabled ? 'enabled' : 'disabled'}**.`, ephemeral: true });
+    return interaction.reply({ content: `Auto-pin initial message is now **${enabled ? 'enabled' : 'disabled'}**.`, flags: MessageFlags.Ephemeral });
  }
  if (sub === 'escalation') {
    CONFIG.PIN_ESCALATION_MESSAGE_ENABLED = enabled;
-    return interaction.reply({ content: `Auto-pin escalation message is now **${enabled ? 'enabled' : 'disabled'}**.`, ephemeral: true });
+    return interaction.reply({ content: `Auto-pin escalation message is now **${enabled ? 'enabled' : 'disabled'}**.`, flags: MessageFlags.Ephemeral });
  }
  if (sub === 'suppress') {
    CONFIG.PIN_SUPPRESS_SYSTEM_MESSAGE = enabled;
-    return interaction.reply({ content: `Suppress pin system message is now **${enabled ? 'enabled' : 'disabled'}**.`, ephemeral: true });
+    return interaction.reply({ content: `Suppress pin system message is now **${enabled ? 'enabled' : 'disabled'}**.`, flags: MessageFlags.Ephemeral });
  }
 }

 async function handleGmailPoll(interaction) {
-  const seconds = parseInt(interaction.options.getString('interval'), 10);
+  const requested = parseInt(interaction.options.getString('interval'), 10);
+  // Defense-in-depth: the slash command's addChoices already floors at 30s, but
+  // clamp the resolved ms here too so any future caller (or skewed input) can't
+  // drop below 30s and trip Gmail's per-user quota under sustained load.
+  const ms = Math.max(30000, requested * 1000);
+  const seconds = ms / 1000;
  // Lazy require — broccolini-discord re-exports this and we'd otherwise cycle.
  const { setGmailPollInterval } = require('../broccolini-discord');
-  setGmailPollInterval(seconds * 1000);
+  setGmailPollInterval(ms);
  logTicketEvent('Gmail poll interval updated', [
    { name: 'Interval', value: `${seconds}s` },
    { name: 'Set by', value: interaction.user.tag }
  ], interaction).catch(() => {});
-  return interaction.reply({ content: `Gmail poll interval set to ${seconds} seconds.`, ephemeral: true });
+  return interaction.reply({ content: `Gmail poll interval set to ${seconds} seconds.`, flags: MessageFlags.Ephemeral });
 }

 async function handleCloseTimer(interaction) {
@@ -424,13 +427,13 @@ async function handleCloseTimer(interaction) {
    { name: 'Duration', value: `${seconds}s` },
    { name: 'Set by', value: interaction.user.tag }
  ], interaction).catch(() => {});
-  return interaction.reply({ content: `Force-close timer set to ${seconds} seconds.`, ephemeral: true });
+  return interaction.reply({ content: `Force-close timer set to ${seconds} seconds.`, flags: MessageFlags.Ephemeral });
 }

 async function handleCancelClose(interaction) {
  const pending = pendingCloses.get(interaction.channel.id);
  if (!pending) {
-    return interaction.reply({ content: 'No pending close for this channel.', ephemeral: true });
+    return interaction.reply({ content: 'No pending close for this channel.', flags: MessageFlags.Ephemeral });
  }
  clearTimeout(pending.timeout);
  logTicketEvent('Force-close cancelled', [
@@ -439,7 +442,7 @@ async function handleCancelClose(interaction) {
    { name: 'Original setter', value: pending.username || 'Unknown' }
  ], interaction).catch(() => {});
  pendingCloses.delete(interaction.channel.id);
-  return interaction.reply({ content: 'Close cancelled.', ephemeral: true });
+  return interaction.reply({ content: 'Close cancelled.', flags: MessageFlags.Ephemeral });
 }

 async function handleForceClose(interaction) {
@@ -447,7 +450,7 @@ async function handleForceClose(interaction) {
  if (!ticket) return;

  if (pendingCloses.has(interaction.channel.id)) {
-    return interaction.reply({ content: 'A close is already pending for this ticket.', ephemeral: true });
+    return interaction.reply({ content: 'A close is already pending for this ticket.', flags: MessageFlags.Ephemeral });
  }

  const timerSeconds = CONFIG.FORCE_CLOSE_TIMER;
@@ -529,12 +532,11 @@ async function handleTopic(interaction) {
  if (!ticket) return;

  try {
-    // TODO(queue-migrate): setTopic bypasses channelQueue — could race a pending rename/send on the same channel.
-    await interaction.channel.setTopic(text);
+    await enqueueTopic(interaction.channel, text);
    await interaction.reply('Topic updated successfully.');
  } catch (err) {
    console.error('Topic error:', err);
-    await interaction.reply({ content: 'Failed to update topic.', ephemeral: true });
+    await interaction.reply({ content: 'Failed to update topic.', flags: MessageFlags.Ephemeral });
  }
 }

@@ -559,7 +561,7 @@ async function handleResponse(interaction) {
    if (interaction.deferred) {
      await interaction.editReply(errorMsg);
    } else {
-      await interaction.reply({ content: errorMsg, ephemeral: true });
+      await interaction.reply({ content: errorMsg, flags: MessageFlags.Ephemeral });
    }
  }
 }
@@ -568,7 +570,7 @@ async function handleResponseSend(interaction) {
  const name = interaction.options.getString('name');
  const tag = await Tag.findOne({ name }).lean();
  if (!tag) {
-    return interaction.reply({ content: `❌ Tag "${name}" not found.`, ephemeral: true });
+    return interaction.reply({ content: `❌ Tag "${name}" not found.`, flags: MessageFlags.Ephemeral });
  }

  const ticket = await Ticket.findOne({ discordThreadId: interaction.channel.id }).lean();
@@ -595,13 +597,13 @@ async function handleResponseCreate(interaction) {

  try {
    await Tag.create({ name, content, createdBy: interaction.user.id });
-    await interaction.reply({ content: `✅ Tag "${name}" created successfully.`, ephemeral: true });
+    await interaction.reply({ content: `✅ Tag "${name}" created successfully.`, flags: MessageFlags.Ephemeral });
  } catch (err) {
    if (err.code === 11000 || err.message?.includes('duplicate')) {
-      await interaction.reply({ content: `❌ Tag "${name}" already exists.`, ephemeral: true });
+      await interaction.reply({ content: `❌ Tag "${name}" already exists.`, flags: MessageFlags.Ephemeral });
    } else {
      logError('tag-create', err, interaction).catch(() => {});
-      await interaction.reply({ content: '❌ Failed to create tag.', ephemeral: true });
+      await interaction.reply({ content: '❌ Failed to create tag.', flags: MessageFlags.Ephemeral });
    }
  }
 }
@@ -613,13 +615,13 @@ async function handleResponseEdit(interaction) {
  try {
    const result = await Tag.updateOne({ name }, { $set: { content } });
    if (result.matchedCount === 0) {
-      await interaction.reply({ content: `❌ Tag "${name}" not found.`, ephemeral: true });
+      await interaction.reply({ content: `❌ Tag "${name}" not found.`, flags: MessageFlags.Ephemeral });
    } else {
-      await interaction.reply({ content: `✅ Tag "${name}" updated successfully.`, ephemeral: true });
+      await interaction.reply({ content: `✅ Tag "${name}" updated successfully.`, flags: MessageFlags.Ephemeral });
    }
  } catch (err) {
    logError('tag-edit', err, interaction).catch(() => {});
-    await interaction.reply({ content: '❌ Failed to edit tag.', ephemeral: true });
+    await interaction.reply({ content: '❌ Failed to edit tag.', flags: MessageFlags.Ephemeral });
  }
 }

@@ -641,12 +643,12 @@ async function handleResponseDelete(interaction) {
  return interaction.reply({
    content: `⚠️  Are you sure you want to delete the tag "${name}"? This action cannot be undone.`,
    components: [confirmRow],
-    ephemeral: true
+    flags: MessageFlags.Ephemeral
  });
 }

 async function handleResponseList(interaction) {
-  await interaction.deferReply({ ephemeral: true });
+  await interaction.deferReply({ flags: MessageFlags.Ephemeral });

  const tags = await Tag.find().sort({ useCount: -1 }).select('name useCount').lean();
  if (!tags || tags.length === 0) {
@@ -703,7 +705,7 @@ async function handleSignature(interaction) {
  } catch (err) {
    console.error('Signature command error:', err);
    if (!interaction.replied && !interaction.deferred) {
-      await interaction.reply({ content: 'Failed to open signature settings.', ephemeral: true }).catch(() => {});
+      await interaction.reply({ content: 'Failed to open signature settings.', flags: MessageFlags.Ephemeral }).catch(() => {});
    }
  }
 }
@@ -740,7 +742,7 @@ async function handleHelp(interaction) {
    ])
    .setFooter({ text: 'Click buttons on ticket messages to claim/close' });

-  await interaction.reply({ embeds: [embed], ephemeral: true });
+  await interaction.reply({ embeds: [embed], flags: MessageFlags.Ephemeral });
 }

 async function handlePanel(interaction) {
@@ -761,10 +763,10 @@ async function handlePanel(interaction) {

  try {
    await enqueueSend(channel, { embeds: [embed], components: [row] });
-    await interaction.reply({ content: `Panel created in ${channel}!`, ephemeral: true });
+    await interaction.reply({ content: `Panel created in ${channel}!`, flags: MessageFlags.Ephemeral });
  } catch (err) {
    console.error('Panel creation error:', err);
-    await interaction.reply({ content: 'Failed to create panel.', ephemeral: true });
+    await interaction.reply({ content: 'Failed to create panel.', flags: MessageFlags.Ephemeral });
  }
 }

@@ -815,7 +817,7 @@ function buildPanelButtonRow(panelType) {
 // ============================================================

 async function handleCreateTicketFromMessage(interaction) {
-  await interaction.deferReply({ ephemeral: true });
+  await interaction.deferReply({ flags: MessageFlags.Ephemeral });

  const rateLimit = checkTicketCreationRateLimit(interaction.user.id);
  if (!rateLimit.allowed) {
@@ -879,6 +881,7 @@ async function handleCreateTicketFromMessage(interaction) {
      ticketNumber,
      priority: 'normal',
      lastActivity: now,
+      creatorId: message.author.id,
      parentCategoryId: parentCategoryIdForTicket
    });

@@ -920,7 +923,7 @@ async function handleCreateTicketFromMessage(interaction) {
 }

 async function handleViewUserTickets(interaction) {
-  await interaction.deferReply({ ephemeral: true });
+  await interaction.deferReply({ flags: MessageFlags.Ephemeral });

  try {
    const targetUser = interaction.targetUser;