feat: AI moderation feature

[jcapphelix]

Description

Spammers have been spamming the edX forums in partner courses. This PR adds a feature of AI moderation. So manual efforts are reduced to remove the spam.

As of now it is just a MVP.

There are various changes supposed to be done on this.

Test Instructions

• Install this forum on your devstack / environment (Open edX is on forum==0.3.8, edx/forum is on forum == 0.3.9)
• Enable Ai Moderation waffle discussions.enable_ai_moderation
• Set following in your environment files

AI_MODERATION_API_URL: 'URL_FOR_AI'
AI_MODERATION_CLIENT_ID: 'AI_CLIENT_ID'
AI_MODERATION_USER_ID: USER_ID_OF_GLOBAL_MODERATOR

• Now try and create a spam / scam post, you should see it as reported (if you are a staff)
• ModerationAuditLog in Django admin will also show you the spammed post

Related PRs and order of merging:-

1. feat: AI moderation feature #1
2. fix: AI moderation fields in accessible_fields edx-platform#26
3. https://github.com/edx/sandbox-internal/pull/385
4. https://github.com/edx/edx-internal/pull/13562
5. https://github.com/edx/edx-internal/pull/13561

Needs Migration command to be run

This PR adds new migration files so migration commands need to run if not run automatically

./manage.py lms migrate forum

Verification

• To check if it's installed or not, you can go to your edxapp env in your desired environment and fire following :-

pip list | grep forum

This should list 0.3.9 as forum version

ToDo Check list:

• Version bump
• Documentation
• Fixup commits to be squashed
• Unit tests added/updated
• AI Moderation cleanup

Known issues :-

• https://2u-internal.atlassian.net/browse/COSMO2-770

Deadline :- ASAP

Jira Link

• https://2u-internal.atlassian.net/browse/COSMO2-738
• https://2u-internal.atlassian.net/browse/COSMO2-759

Apt GIF

[Copilot]

Pull Request Overview

This PR adds AI-powered spam moderation to the forum platform. The implementation introduces a waffle flag-controlled feature that automatically classifies new posts and comments as spam using an external AI service, and flags detected spam content for moderation.

• Adds is_spam field to Comment and CommentThread models with database migration
• Implements AI moderation service that integrates with an external API for spam classification
• Creates audit logging infrastructure via ModerationAuditLog model to track all AI moderation decisions

Reviewed Changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
forum/toggles.py	Adds new waffle flag namespace and toggle for AI moderation feature
forum/serializers/contents.py	Adds is_spam field to content serializer
forum/migrations/0005_comment_is_spam_commentthread_is_spam_and_more.py	Creates database migration for spam flag and audit log table
forum/backends/mysql/models.py	Adds is_spam field to Content model and creates ModerationAuditLog model
forum/backends/mysql/api.py	Implements MySQL backend methods for flagging/unflagging spam
forum/backends/mongodb/threads.py	Adds is_spam parameter to thread insert/update operations
forum/backends/mongodb/comments.py	Adds is_spam parameter to comment insert/update operations
forum/backends/mongodb/api.py	Implements MongoDB backend methods for flagging/unflagging spam
forum/api/threads.py	Integrates AI moderation into thread creation flow
forum/api/comments.py	Integrates AI moderation into comment creation flow
forum/ai_moderation.py	Core AI moderation service implementation with API integration
forum/admin.py	Adds admin interface for spam flag and moderation audit logs
forum/init.py	Version bump to 0.3.9

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[mraman-2U]

Test cases to be added for the new changes.

[mraman-2U]

Get both read timeout and connectiion timout from config use the same in the post request

[jcapphelix]

Updated

[mraman-2U]

Can we add None instead of taking test data as default values? Also keep None even for system message

[jcapphelix]

Updated

[mraman-2U]

For content volume or size validation, is the a max char validation while getting the input in forums? If not, we have check for the max. token validation before calling XPert API. The max. token is the configurable one

[jcapphelix]

Will take it post MVP, have added the point to https://2u-internal.atlassian.net/browse/COSMO2-770

[mraman-2U]

Update to API request to XPert Service

[jcapphelix]

Updated

[mraman-2U]

Can these be made as enum?

[jcapphelix]

Ideally yeah, but as of now we only have spam_or_scam and I kept spam as another option.

So when we do add more classification types we can make this as Enum. I'll add this as a note here :- https://2u-internal.atlassian.net/browse/COSMO2-770

[mraman-2U]

For missing AI MODERATION USER ID config, None is being used as user id, will the model support to take "None"?

[jcapphelix]

No, it won't support, hence the value error.

Posting of content will continue without any issue, just moderation won't happen if user is not defined.

[mraman-2U]

Are we not storing with "None" as user id in DB ?

[jcapphelix]

We can allow, but as flag abuse also needs a user, we raise a value error.

And allow the post flow to continue but not the AI moderation flow.

[mraman-2U]

For timeout, may need to build retry logic. It will be slowing down the synchronous request. Moving to async with retry will serve better.

[jcapphelix]

Yes, that's good point.

I've added connection and read timeouts for now.

Adding retry logic and adding the calls to async can be done post MVP, work is logged https://2u-internal.atlassian.net/browse/COSMO2-770

[mraman-2U]

Cache all the flagged messages such that there is no need to hit the XPert api for duplicate messages.

[jcapphelix]

That's a good point, it'll reduce our calls and overhead to Xpert API,

Have added this work item, https://2u-internal.atlassian.net/browse/COSMO2-770

[mraman-2U]

why don't this imported at the top?

[jcapphelix]

Importing forum.toggles at top will bring openedx imports written in toggles file in the picture.
Which will fail our test cases. Hence it's written over here. It is fairly common to do it for such imports. However not that common that it does make us relax about it being present here.

This is already known and we do plan to improve the toggle call in other place instead of here.

https://2u-internal.atlassian.net/browse/COSMO2-770

[mraman-2U]

is db indexing required for this attribute? Assess this with existing indexes

[jcapphelix]

added index

[Copilot]

Pull Request Overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 9 comments.

Comments suppressed due to low confidence (1)

forum/ai_moderation.py:1

• [nitpick] Comment in toggles.py mentions 'discussions' but the implementation refers to 'forum' content. The terminology should be consistent with the codebase.

"""

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.