Create Clear CloudFlare Cache Button #41

New issue

Open

opened 2024-01-14 14:41:43 -06:00 by jimmyb · 0 comments

jimmyb commented

2024-01-14 14:41:43 -06:00

Owner

Copy link

Cloudflare supports purging cached content by URL through its Cache API (POST /client/v4/zones/{zone_id}/purge_cache with a files payload), so the research portion of the original issue is confirmed. The current Laravel checkout already builds game boxart URLs from config('media.public_assets_url') plus config('media.games.boxart.path'), and the admin game edit page displays the current boxart preview next to the boxart upload field. This issue tracks adding the Cloudflare purge integration and a clear, authorized button on that edit page.

Scope

Cloudflare cache purge integration for a single game's current boxart URL.
Admin edit game page action/button for clearing cached boxart.
Configuration for Cloudflare zone ID and API token, without hard-coding secrets.
Server-side request handling that builds the same public boxart URL the site renders.
Success, failure, and not-configured feedback for staff.
Authorization limited to staff roles that can edit games or otherwise manage game assets.
Audit/activity logging for cache purge attempts and outcomes.
Tests using mocked HTTP responses rather than real Cloudflare calls.

Acceptance Criteria

Authorized staff can click a clear-cache button from admin.games.edit for a game with boxart.
The purge request targets the exact public boxart URL generated from the app's media configuration.
The integration calls Cloudflare's zone cache purge endpoint with the configured zone ID and bearer token.
The request purges only the affected boxart URL, not the entire Cloudflare zone.
A successful purge returns the user to the game edit page with clear success feedback.
A Cloudflare API failure returns the user to the game edit page with clear error feedback and does not modify the game record.
Missing Cloudflare configuration disables the action or returns a clear not-configured message rather than failing silently.
Games without boxart do not show an actionable purge button or return a clear no-boxart message.
Non-staff users and staff without the required game-management role cannot trigger the purge endpoint.
Purge attempts are logged with game ID, boxart URL, actor, result, and enough error context for troubleshooting without leaking secrets.
The button follows existing admin UI patterns, light/dark mode, and submit/loading-state conventions.

Test Coverage Required

Feature tests confirming authorized game admins can trigger a boxart cache purge.
HTTP fake tests asserting the Cloudflare request uses the expected endpoint, bearer token, zone ID, and files payload.
Feature tests confirming successful purges redirect back to the edit page with success feedback.
Feature tests confirming Cloudflare errors redirect back with error feedback and leave the game unchanged.
Tests confirming missing Cloudflare config is handled safely.
Tests confirming games without boxart cannot submit a misleading purge request.
Authorization tests confirming non-staff or insufficient-role users cannot access the purge route/action.
View tests or feature assertions confirming the button appears on the admin edit game page only when appropriate.
Logging/activity assertions where practical for successful and failed purge attempts.
Tests should use Pest and focused feature coverage with Laravel HTTP fakes.
Run the focused affected tests, then run vendor/bin/pint --dirty --format agent before closing the issue.

Progress Checklist

Cloudflare supports cache purge by URL through its API
Admin game edit page exists
Admin game edit page shows the current boxart preview
Admin game update flow uploads replacement boxart to S3-backed assets/boxart
Media config builds public boxart URLs from MVGL_PUBLIC_ASSETS_URL and MVGL_GAME_BOXART_PATH
Add Cloudflare cache configuration keys for zone ID and API token
Add a service/action for purging a single boxart URL through Cloudflare
Add an authorized route/controller action for game boxart cache purge
Add the clear-cache button to the admin edit game page
Handle success, failure, no-boxart, and not-configured states in the UI
Log purge attempts without exposing Cloudflare credentials
Add tests for HTTP payloads, authorization, UI visibility, success/failure feedback, and missing config
Confirm DB Administrators can verify newly uploaded boxart after clearing the cache

DB Administrators can upload new game boxart from the admin edit game page, but Cloudflare may continue serving the old cached image after the S3 object changes. Staff need a safe admin action that purges the relevant public boxart URL from Cloudflare so they can verify the new image without waiting for cache expiration. Cloudflare supports purging cached content by URL through its Cache API (`POST /client/v4/zones/{zone_id}/purge_cache` with a `files` payload), so the research portion of the original issue is confirmed. The current Laravel checkout already builds game boxart URLs from `config('media.public_assets_url')` plus `config('media.games.boxart.path')`, and the admin game edit page displays the current boxart preview next to the boxart upload field. This issue tracks adding the Cloudflare purge integration and a clear, authorized button on that edit page. ## Scope - Cloudflare cache purge integration for a single game's current boxart URL. - Admin edit game page action/button for clearing cached boxart. - Configuration for Cloudflare zone ID and API token, without hard-coding secrets. - Server-side request handling that builds the same public boxart URL the site renders. - Success, failure, and not-configured feedback for staff. - Authorization limited to staff roles that can edit games or otherwise manage game assets. - Audit/activity logging for cache purge attempts and outcomes. - Tests using mocked HTTP responses rather than real Cloudflare calls. ## Acceptance Criteria - Authorized staff can click a clear-cache button from `admin.games.edit` for a game with boxart. - The purge request targets the exact public boxart URL generated from the app's media configuration. - The integration calls Cloudflare's zone cache purge endpoint with the configured zone ID and bearer token. - The request purges only the affected boxart URL, not the entire Cloudflare zone. - A successful purge returns the user to the game edit page with clear success feedback. - A Cloudflare API failure returns the user to the game edit page with clear error feedback and does not modify the game record. - Missing Cloudflare configuration disables the action or returns a clear not-configured message rather than failing silently. - Games without boxart do not show an actionable purge button or return a clear no-boxart message. - Non-staff users and staff without the required game-management role cannot trigger the purge endpoint. - Purge attempts are logged with game ID, boxart URL, actor, result, and enough error context for troubleshooting without leaking secrets. - The button follows existing admin UI patterns, light/dark mode, and submit/loading-state conventions. ## Test Coverage Required - Feature tests confirming authorized game admins can trigger a boxart cache purge. - HTTP fake tests asserting the Cloudflare request uses the expected endpoint, bearer token, zone ID, and `files` payload. - Feature tests confirming successful purges redirect back to the edit page with success feedback. - Feature tests confirming Cloudflare errors redirect back with error feedback and leave the game unchanged. - Tests confirming missing Cloudflare config is handled safely. - Tests confirming games without boxart cannot submit a misleading purge request. - Authorization tests confirming non-staff or insufficient-role users cannot access the purge route/action. - View tests or feature assertions confirming the button appears on the admin edit game page only when appropriate. - Logging/activity assertions where practical for successful and failed purge attempts. - Tests should use Pest and focused feature coverage with Laravel HTTP fakes. - Run the focused affected tests, then run `vendor/bin/pint --dirty --format agent` before closing the issue. ## Progress Checklist - [x] Cloudflare supports cache purge by URL through its API - [x] Admin game edit page exists - [x] Admin game edit page shows the current boxart preview - [x] Admin game update flow uploads replacement boxart to S3-backed `assets/boxart` - [x] Media config builds public boxart URLs from `MVGL_PUBLIC_ASSETS_URL` and `MVGL_GAME_BOXART_PATH` - [ ] Add Cloudflare cache configuration keys for zone ID and API token - [ ] Add a service/action for purging a single boxart URL through Cloudflare - [ ] Add an authorized route/controller action for game boxart cache purge - [ ] Add the clear-cache button to the admin edit game page - [ ] Handle success, failure, no-boxart, and not-configured states in the UI - [ ] Log purge attempts without exposing Cloudflare credentials - [ ] Add tests for HTTP payloads, authorization, UI visibility, success/failure feedback, and missing config - [ ] Confirm DB Administrators can verify newly uploaded boxart after clearing the cache

jimmyb added the

component: backend

component: admin dashboard

type: feature

labels

2024-01-14 14:41:43 -06:00

~~jimmyb referenced this issue 2024-01-14 14:50:11 -06:00~~

Rebuild friends and friending in Laravel #55

jimmyb added this to the New Features - Part 1 project

2026-06-03 23:54:20 -05:00

No Branch/Tag specified