feat: require compliance confirmation for paid features

Gate payment, redemption, subscription, and invitation reward flows behind an audited compliance acknowledgement.
This commit is contained in:
CaIon
2026-05-13 22:18:46 +08:00
parent aa56667b8f
commit 0526a22643
57 changed files with 1806 additions and 216 deletions
+9
View File
@@ -18,6 +18,7 @@ For commercial licensing, please contact support@quantumnous.com
*/
import { api } from '@/lib/api'
import type {
ConfirmPaymentComplianceResponse,
DeleteLogsResponse,
FetchUpstreamRatiosRequest,
SystemOptionsResponse,
@@ -37,6 +38,14 @@ export async function updateSystemOption(request: UpdateOptionRequest) {
return res.data
}
export async function confirmPaymentCompliance() {
const res = await api.post<ConfirmPaymentComplianceResponse>(
'/api/option/payment_compliance',
{ confirmed: true }
)
return res.data
}
export async function deleteLogsBefore(targetTimestamp: number) {
const res = await api.delete<DeleteLogsResponse>('/api/log/', {
params: { target_timestamp: targetTimestamp },
@@ -66,6 +66,11 @@ const defaultBillingSettings: BillingSettings = {
PayMethods: '',
'payment_setting.amount_options': '',
'payment_setting.amount_discount': '',
'payment_setting.compliance_confirmed': false,
'payment_setting.compliance_terms_version': '',
'payment_setting.compliance_confirmed_at': 0,
'payment_setting.compliance_confirmed_by': 0,
'payment_setting.compliance_confirmed_ip': '',
StripeApiSecret: '',
StripeWebhookSecret: '',
StripePriceId: '',
@@ -71,6 +71,10 @@ const BILLING_SECTIONS = [
settings['quota_setting.enable_free_model_pre_consume'],
},
}}
complianceConfirmed={
(settings['payment_setting.compliance_confirmed'] ?? false) &&
settings['payment_setting.compliance_terms_version'] === 'v1'
}
/>
),
},
@@ -187,6 +191,13 @@ const BILLING_SECTIONS = [
WaffoPancakeUnitPrice: settings.WaffoPancakeUnitPrice ?? 1,
WaffoPancakeMinTopUp: settings.WaffoPancakeMinTopUp ?? 1,
}}
complianceDefaults={{
confirmed: settings['payment_setting.compliance_confirmed'] ?? false,
termsVersion:
settings['payment_setting.compliance_terms_version'] ?? '',
confirmedAt: settings['payment_setting.compliance_confirmed_at'] ?? 0,
confirmedBy: settings['payment_setting.compliance_confirmed_by'] ?? 0,
}}
/>
),
},
@@ -21,6 +21,7 @@ import * as z from 'zod'
import type { Resolver } from 'react-hook-form'
import { zodResolver } from '@hookform/resolvers/zod'
import { useTranslation } from 'react-i18next'
import { Alert, AlertDescription } from '@/components/ui/alert'
import { Button } from '@/components/ui/button'
import {
Form,
@@ -57,10 +58,12 @@ type QuotaFormValues = z.infer<typeof quotaSchema>
type QuotaSettingsSectionProps = {
defaultValues: QuotaFormValues
complianceConfirmed?: boolean
}
export function QuotaSettingsSection({
defaultValues,
complianceConfirmed = true,
}: QuotaSettingsSectionProps) {
const { t } = useTranslation()
const updateOption = useUpdateOption()
@@ -97,6 +100,16 @@ export function QuotaSettingsSection({
>
<FormNavigationGuard when={isDirty} />
{!complianceConfirmed ? (
<Alert variant='destructive'>
<AlertDescription>
{t(
'Non-zero invitation rewards require compliance confirmation in Payment Gateway settings.'
)}
</AlertDescription>
</Alert>
) : null}
<Form {...form}>
<form onSubmit={handleSubmit} className='space-y-6'>
<FormDirtyIndicator isDirty={isDirty} />
@@ -20,8 +20,17 @@ import * as React from 'react'
import * as z from 'zod'
import { useForm } from 'react-hook-form'
import { zodResolver } from '@hookform/resolvers/zod'
import { Code2, Eye } from 'lucide-react'
import { useMutation, useQueryClient } from '@tanstack/react-query'
import { Code2, Eye, ShieldAlert } from 'lucide-react'
import { useTranslation } from 'react-i18next'
import { toast } from 'sonner'
import { cn } from '@/lib/utils'
import {
Alert,
AlertAction,
AlertDescription,
AlertTitle,
} from '@/components/ui/alert'
import { Button } from '@/components/ui/button'
import {
Form,
@@ -36,6 +45,8 @@ import { Input } from '@/components/ui/input'
import { Separator } from '@/components/ui/separator'
import { Switch } from '@/components/ui/switch'
import { Textarea } from '@/components/ui/textarea'
import { RiskAcknowledgementDialog } from '@/components/risk-acknowledgement-dialog'
import { confirmPaymentCompliance } from '../api'
import { SettingsSection } from '../components/settings-section'
import { useUpdateOption } from '../hooks/use-update-option'
import { AmountDiscountVisualEditor } from './amount-discount-visual-editor'
@@ -125,18 +136,30 @@ const paymentSchema = z.object({
type PaymentFormValues = z.infer<typeof paymentSchema>
const CURRENT_COMPLIANCE_TERMS_VERSION = 'v1'
type PaymentComplianceDefaults = {
confirmed: boolean
termsVersion: string
confirmedAt: number
confirmedBy: number
}
type PaymentSettingsSectionProps = {
defaultValues: PaymentFormValues
waffoDefaultValues: WaffoSettingsValues
waffoPancakeDefaultValues: WaffoPancakeSettingsValues
complianceDefaults: PaymentComplianceDefaults
}
export function PaymentSettingsSection({
defaultValues,
waffoDefaultValues,
waffoPancakeDefaultValues,
complianceDefaults,
}: PaymentSettingsSectionProps) {
const { t } = useTranslation()
const queryClient = useQueryClient()
const updateOption = useUpdateOption()
const initialRef = React.useRef(defaultValues)
const defaultsSignature = React.useMemo(
@@ -151,6 +174,81 @@ export function PaymentSettingsSection({
React.useState(true)
const [creemProductsVisualMode, setCreemProductsVisualMode] =
React.useState(true)
const [showComplianceDialog, setShowComplianceDialog] = React.useState(false)
const complianceStatements = React.useMemo(
() => [
t(
'You have legally obtained authorization for the connected model APIs, accounts, keys, and quotas.'
),
t(
'You commit to using upstream APIs, accounts, keys, quotas, and service capabilities only within the scope of lawful authorization obtained from upstream service providers, model service providers, or relevant rights holders, and will not conduct unauthorized resale, trafficking, distribution, or other non-compliant commercialization.'
),
t(
'If you provide generative AI services to the public in mainland China, you will fulfill legal obligations including filing, security assessment, content safety, complaint handling, generated content labeling, log retention, and personal information protection.'
),
t(
'You commit not to use this system to implement, assist with, or indirectly implement acts that violate applicable laws and regulations, regulatory requirements, platform rules, public interests, or the lawful rights and interests of third parties.'
),
t(
'You understand and independently bear legal responsibility arising from deployment, operation, and charging behavior.'
),
t(
'You understand this compliance reminder is only for risk notice and does not constitute legal advice, a compliance review conclusion, or a guarantee of the legality of your use of this system; you should consult professional legal or compliance advisors based on your actual business scenario.'
),
],
[t]
)
const complianceRequiredText = t(
'I have read and understood the above compliance reminder, acknowledge the related legal risks, and confirm that I bear legal responsibility arising from deployment, operation, and charging behavior.'
)
const complianceRequiredTextParts = React.useMemo(
() => [
{
type: 'input' as const,
text: t('I have read and understood the above compliance reminder'),
},
{ type: 'static' as const, text: t('') },
{
type: 'input' as const,
text: t('acknowledge the related legal risks'),
},
{ type: 'static' as const, text: t('and ') },
{
type: 'input' as const,
text: t(
'confirm that I bear legal responsibility arising from deployment'
),
},
{ type: 'static' as const, text: t('、') },
{
type: 'input' as const,
text: t('operation and charging behavior'),
},
],
[t]
)
const complianceConfirmed =
complianceDefaults.confirmed &&
complianceDefaults.termsVersion === CURRENT_COMPLIANCE_TERMS_VERSION
const confirmComplianceMutation = useMutation({
mutationFn: confirmPaymentCompliance,
onSuccess: (data) => {
if (data.success) {
toast.success(t('Compliance confirmed successfully'))
setShowComplianceDialog(false)
queryClient.invalidateQueries({ queryKey: ['system-options'] })
} else {
toast.error(data.message || t('Failed to confirm compliance'))
}
},
onError: (error: Error) => {
toast.error(error.message || t('Failed to confirm compliance'))
},
})
const form = useForm({
resolver: zodResolver(paymentSchema),
@@ -562,11 +660,77 @@ export function PaymentSettingsSection({
'Configure recharge pricing and payment gateway integrations'
)}
>
{!complianceConfirmed ? (
<Alert variant='destructive' className='mb-6'>
<ShieldAlert className='h-4 w-4' />
<AlertTitle>{t('Compliance confirmation required')}</AlertTitle>
<AlertDescription>
<div className='space-y-3'>
<p>
{t(
'Payment, redemption codes, subscription plans, and invitation rewards are locked until the root administrator confirms the compliance terms.'
)}
</p>
<ol className='list-decimal space-y-1 pl-5'>
{complianceStatements.map((statement) => (
<li key={statement}>{statement}</li>
))}
</ol>
</div>
</AlertDescription>
<AlertAction>
<Button
type='button'
size='sm'
variant='destructive'
onClick={() => setShowComplianceDialog(true)}
>
{t('Confirm compliance')}
</Button>
</AlertAction>
</Alert>
) : (
<Alert className='mb-6'>
<AlertTitle>{t('Compliance confirmed')}</AlertTitle>
<AlertDescription>
{t('Confirmed at {{time}} by user #{{userId}}', {
time: complianceDefaults.confirmedAt
? new Date(
complianceDefaults.confirmedAt * 1000
).toLocaleString()
: '-',
userId: complianceDefaults.confirmedBy || '-',
})}
</AlertDescription>
</Alert>
)}
<RiskAcknowledgementDialog
open={showComplianceDialog}
onOpenChange={setShowComplianceDialog}
title={t('Confirm compliance terms')}
description={t(
'This confirmation unlocks payment, redemption code, subscription plan, and invitation reward features. Please read the statements carefully.'
)}
items={complianceStatements}
requiredText={complianceRequiredText}
requiredTextParts={complianceRequiredTextParts}
inputPrompt={t('Please type the following text to confirm:')}
inputPlaceholder={t('Type the confirmation text here')}
mismatchHint={t('The entered text does not match the required text.')}
confirmText={t('Confirm and enable')}
isLoading={confirmComplianceMutation.isPending}
onConfirm={() => confirmComplianceMutation.mutate()}
/>
{/* eslint-disable react-hooks/refs */}
<Form {...form}>
<form
onSubmit={form.handleSubmit(onSubmit)}
className='space-y-8'
className={cn(
'space-y-8',
!complianceConfirmed && 'pointer-events-none opacity-40'
)}
data-no-autosubmit='true'
>
<div className='space-y-4'>
+16
View File
@@ -39,6 +39,17 @@ export type UpdateOptionResponse = {
message: string
}
export type ConfirmPaymentComplianceResponse = {
success: boolean
message: string
data?: {
confirmed: boolean
terms_version: string
confirmed_at: number
confirmed_by: number
}
}
export type DeleteLogsResponse = {
success: boolean
message: string
@@ -215,6 +226,11 @@ export type BillingSettings = {
PayMethods: string
'payment_setting.amount_options': string
'payment_setting.amount_discount': string
'payment_setting.compliance_confirmed': boolean
'payment_setting.compliance_terms_version': string
'payment_setting.compliance_confirmed_at': number
'payment_setting.compliance_confirmed_by': number
'payment_setting.compliance_confirmed_ip': string
StripeApiSecret: string
StripeWebhookSecret: string
StripePriceId: string