From 17a30e83926ba5e72cedb40328060e19ebbc02e2 Mon Sep 17 00:00:00 2001
From: Quaternions <krakow20@gmail.com>
Date: Fri, 28 Mar 2025 14:58:24 -0700
Subject: [PATCH 1/2] submissions: add AcceptedBy, UploadedBy fields to model

---
 pkg/model/submission.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/model/submission.go b/pkg/model/submission.go
index 11f1775..a01e1cd 100644
--- a/pkg/model/submission.go
+++ b/pkg/model/submission.go
@@ -40,6 +40,10 @@ type Submission struct {
 	CreatedAt     time.Time
 	UpdatedAt     time.Time
 	Submitter     int64 // UserID
+	// Who clicked the Accept button
+	AcceptedBy    int64 // UserID
+	// Who clicked the Upload button
+	UploadedBy    int64 // UserID
 	AssetID       int64
 	AssetVersion  int64
 	ValidatedAssetID       int64
-- 
2.47.1


From 126be5d90530405dec5a3727bbed94a50448a65c Mon Sep 17 00:00:00 2001
From: Quaternions <krakow20@gmail.com>
Date: Fri, 28 Mar 2025 15:28:20 -0700
Subject: [PATCH 2/2] submissions: log accepter and uploader

---
 pkg/service/submissions.go | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/pkg/service/submissions.go b/pkg/service/submissions.go
index 637fc7f..0ae7eeb 100644
--- a/pkg/service/submissions.go
+++ b/pkg/service/submissions.go
@@ -406,9 +406,16 @@ func (svc *Service) ActionSubmissionTriggerUpload(ctx context.Context, params ap
 		return ErrPermissionDeniedNeedSubmissionUpload
 	}
 
+	// track who is performing the upload action
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
 	// transaction
 	smap := datastore.Optional()
 	smap.Add("status_id", model.StatusUploading)
+	smap.Add("uploaded_by", userId)
 	submission, err := svc.DB.Submissions().IfStatusThenUpdateAndGet(ctx, params.SubmissionID, []model.Status{model.StatusValidated}, smap)
 	if err != nil {
 		return err
@@ -513,18 +520,20 @@ func (svc *Service) ActionSubmissionTriggerValidate(ctx context.Context, params
 		return err
 	}
 
-	has_role, err = userInfo.IsSubmitter(uint64(submission.Submitter))
+	// track who is performing the accept action
+	userId, err := userInfo.GetUserID()
 	if err != nil {
 		return err
 	}
 	// check if caller is NOT the submitter
-	if has_role {
+	if userId == uint64(submission.Submitter) {
 		return ErrAcceptOwnSubmission
 	}
 
 	// transaction
 	smap := datastore.Optional()
 	smap.Add("status_id", model.StatusValidating)
+	smap.Add("accepted_by", userId)
 	submission, err = svc.DB.Submissions().IfStatusThenUpdateAndGet(ctx, params.SubmissionID, []model.Status{model.StatusSubmitted}, smap)
 	if err != nil {
 		return err
-- 
2.47.1