@abtnode/core 1.17.4-beta-20251201-225048-b1682a09 → 1.17.4-beta-20251202-122551-267b614d

package/lib/api/team.js

@@ -1,6 +1,7 @@
 const { EventEmitter } = require('events');
 const axios = require('@abtnode/util/lib/axios');
 const pick = require('lodash/pick');
+const omit = require('lodash/omit');
 const defaults = require('lodash/defaults');
 const isEmpty = require('lodash/isEmpty');
 const throttle = require('lodash/throttle');
@@ -21,6 +22,7 @@ const {
   EVENTS,
   NOTIFICATION_SEND_CHANNEL,
   USER_SESSION_STATUS,
+  WEBHOOK_CONSECUTIVE_FAILURES_THRESHOLD,
 } = require('@abtnode/constant');
 const { isValid: isValidDid } = require('@arcblock/did');
 const { BlockletEvents, TeamEvents, BlockletInternalEvents } = require('@blocklet/constant');
@@ -857,6 +859,112 @@ class TeamAPI extends EventEmitter {
     }
   }
 
+  async createWebhookDisabledNotification({ teamDid, userDid, webhook, action = '', locale = 'en' }) {
+    const notification = {
+      en: {
+        title: 'Your webhook has been temporarily disabled',
+        description: `Your Webhook has been temporarily disabled after ${WEBHOOK_CONSECUTIVE_FAILURES_THRESHOLD} consecutive failed message delivery attempts. Please check its availability and you can click the button below to reactivate it if needed.`,
+        failureCount: 'Number of failures',
+        failureUrl: 'Failed Webhook URL',
+      },
+      zh: {
+        title: '您的 webhook 已被暂时禁用',
+        description: `您的 Webhook 在连续 ${WEBHOOK_CONSECUTIVE_FAILURES_THRESHOLD} 次消息投递失败后已被暂时禁用。请检查其可用性，如果需要重新激活，请点击下方按钮。`,
+        failureCount: '失败次数',
+        failureUrl: '失败的 Webhook URL',
+      },
+    };
+
+    try {
+      const nodeInfo = await this.node.read();
+      // server 的 webhook 页面地址
+      const actionPath = '/settings/integration';
+      let _action =
+        process.env.NODE_ENV === 'production' ? joinURL(nodeInfo.routing.adminPath, actionPath) : actionPath;
+      const channels = [NOTIFICATION_SEND_CHANNEL.WALLET, NOTIFICATION_SEND_CHANNEL.PUSH];
+      if (teamDid && !this.teamManager.isNodeTeam(teamDid)) {
+        channels.push(NOTIFICATION_SEND_CHANNEL.EMAIL);
+        _action = action || `${WELLKNOWN_SERVICE_PATH_PREFIX}/user/settings`; // 默认返回用户中心页面设置页面
+      }
+      await this.teamManager.createNotification({
+        title: notification[locale].title,
+        description: notification[locale].description,
+        attachments: [
+          {
+            type: 'section',
+            fields: [
+              {
+                type: 'text',
+                data: {
+                  type: 'plain',
+                  color: '#9397A1',
+                  text: notification[locale].failureUrl,
+                },
+              },
+              {
+                type: 'text',
+                data: {
+                  type: 'plain',
+                  color: '#9397A1',
+                  text: webhook.url,
+                },
+              },
+              {
+                type: 'text',
+                data: {
+                  type: 'plain',
+                  color: '#9397A1',
+                  text: notification[locale].failureCount,
+                },
+              },
+              {
+                type: 'text',
+                data: {
+                  type: 'plain',
+                  color: '#9397A1',
+                  text: `${WEBHOOK_CONSECUTIVE_FAILURES_THRESHOLD}`,
+                },
+              },
+            ],
+          },
+        ],
+        source: 'system',
+        severity: 'warning',
+        action: _action,
+        channels,
+        ...(teamDid ? { teamDid } : {}),
+        ...(userDid ? { receiver: userDid } : {}),
+      });
+    } catch (error) {
+      logger.error('Failed to create webhook disabled notification', { teamDid, userDid, webhook, error });
+    }
+  }
+
+  async updateWebHookState({ teamDid, userDids, webhook, enabled, consecutiveFailures }) {
+    const state = await this.getUserState(teamDid);
+    return Promise.all(
+      userDids.map(async (userDid) => {
+        const webhookParams =
+          consecutiveFailures === undefined
+            ? omit(
+                {
+                  ...webhook,
+                  enabled: enabled ?? webhook.enabled,
+                },
+                ['consecutiveFailures']
+              )
+            : {
+                ...webhook,
+                enabled: enabled ?? webhook.enabled,
+                consecutiveFailures,
+              };
+        await state.updateWebhook(userDid, webhookParams, (updated) => {
+          this.createWebhookDisabledNotification({ teamDid, userDid, webhook: updated });
+        });
+      })
+    );
+  }
+
   async updateUser({ teamDid, user }) {
     const state = await this.getUserState(teamDid);
     const exist = await state.getUserByDid(user.did);
@@ -2121,10 +2229,6 @@ class TeamAPI extends EventEmitter {
     return this.teamManager.updateStoreList(teamDid, storeList);
   }
 
-  getNotificationReceivers(payload) {
-    return this.teamManager.getNotificationReceivers(payload);
-  }
-
   createNotification = (payload) => {
     return this.teamManager.createNotification(payload);
   };

package/lib/blocklet/manager/disk.js

@@ -5148,15 +5148,6 @@ class DiskBlockletManager extends BaseBlockletManager {
     await forEachBlocklet(blocklet, hookFn, { parallel: true, concurrencyLimit: 4 });
   }
 
-  async getReceiverDids(teamDid) {
-    const receivers = await this.teamAPI.getNotificationReceivers({
-      teamDid,
-      roles: [ROLES.ADMIN, ROLES.OWNER],
-      selection: { did: 1 },
-    });
-    return receivers.map((r) => r.did);
-  }
-
   // 目前：Blocklet 的安装消息都会聚合在这里。
   async _createNotification(did, notification, { skipGetBlocklet = false } = {}) {
     if (isCLI()) {

package/lib/blocklet/migration-dist/migration.cjs

@@ -944,6 +944,7 @@ module.exports = Object.freeze({
     'status',
   ],
   USER_SESSION_STATUS,
+  WEBHOOK_CONSECUTIVE_FAILURES_THRESHOLD: 50,
 });
 
 

package/lib/blocklet/webhook/event-bus.js

@@ -19,8 +19,8 @@ const validateBlockletStatus = (blocklet, appDid) => {
   return true;
 };
 
-const init = ({ states, teamManager }) => {
-  const { webhookEventQueue } = endpointQueueInit.init({ states, teamManager });
+const init = ({ states, teamManager, teamAPI }) => {
+  const { webhookEventQueue } = endpointQueueInit.init({ states, teamManager, teamAPI });
 
   const handleEventBusEvent = async (data) => {
     logger.info('init webhook event bus');

package/lib/blocklet/webhook/index.js

@@ -20,7 +20,7 @@ const validatePaging = (paging = {}) => {
 const getUserDid = (context) => get(context, 'user.did', '');
 
 class WebhooksAPI extends EventEmitter {
-  constructor({ states, teamManager }) {
+  constructor({ states, teamManager, teamAPI }) {
     super();
 
     this.states = states;
@@ -28,7 +28,7 @@ class WebhooksAPI extends EventEmitter {
     this.cache = new Map();
     this.TTL = 5 * 60 * 1000;
 
-    const { webhookEndpointQueue } = endpointQueueInit.init({ states, teamManager });
+    const { webhookEndpointQueue } = endpointQueueInit.init({ states, teamManager, teamAPI });
     this.webhookEndpointQueue = webhookEndpointQueue;
   }
 

package/lib/blocklet/webhook/queues.js

@@ -1,3 +1,4 @@
+const { WEBHOOK_CONSECUTIVE_FAILURES_THRESHOLD, WELLKNOWN_BLOCKLET_ADMIN_PATH } = require('@abtnode/constant');
 const logger = require('@abtnode/logger')('@abtnode/core:webhook:queues');
 const axios = require('@abtnode/util/lib/axios');
 const { Op } = require('sequelize');
@@ -8,7 +9,42 @@ const { getWebhookJobId, STATUS } = require('./util');
 const MAX_RETRY_COUNT = 2; // 重试一次
 const AXIOS_TIMEOUT = 1000 * 60 * 3;
 
-const createWebhookEndpointQueue = ({ states, teamManager }) => {
+const createWebhookEndpointQueue = ({ states, teamManager, teamAPI }) => {
+  const updateWebhookEndpointState = async ({ webhook, teamDid, consecutiveFailures, webhookEndpointState }) => {
+    try {
+      if (!webhook.url) {
+        logger.warn('Webhook not found', { webhook });
+        return;
+      }
+
+      const updates = {
+        metadata: {
+          ...(webhook.metadata || {}),
+          consecutiveFailures,
+        },
+      };
+      if (consecutiveFailures >= WEBHOOK_CONSECUTIVE_FAILURES_THRESHOLD) {
+        updates.status = 'disabled';
+        teamAPI
+          .createWebhookDisabledNotification({
+            teamDid,
+            webhook: {
+              url: webhook.url,
+              enabled: false,
+              consecutiveFailures,
+            },
+            action: `${WELLKNOWN_BLOCKLET_ADMIN_PATH}/integrations/webhooks`,
+          })
+          .catch((err) => {
+            logger.error('create webhook disabled notification error', err);
+          });
+      }
+
+      await webhookEndpointState.updateWebhook(webhook.id, updates);
+    } catch (err) {
+      logger.error('update webhook endpoint state error', err, { consecutiveFailures, webhook });
+    }
+  };
   // https://stripe.com/docs/webhooks
   /**
    *
@@ -52,7 +88,16 @@ const createWebhookEndpointQueue = ({ states, teamManager }) => {
 
     try {
       // verify similar to component call, but supports external urls
-      const response = await axios.post(webhook.url, event.request, { timeout: AXIOS_TIMEOUT });
+      let response;
+      try {
+        response = await axios.post(webhook.url, event.request, { timeout: AXIOS_TIMEOUT });
+        updateWebhookEndpointState({ webhook, teamDid: job.appDid, consecutiveFailures: 0, webhookEndpointState });
+      } catch (err) {
+        // 需要更新 webhook 的 consecutiveFailures
+        const consecutiveFailures = (webhook.metadata?.consecutiveFailures || 0) + 1;
+        updateWebhookEndpointState({ webhook, teamDid: job.appDid, consecutiveFailures, webhookEndpointState });
+        throw err;
+      }
 
       if (job.attemptId) {
         await webhookAttemptState.update(
@@ -242,8 +287,8 @@ const createWebhookEventQueue = ({ states, teamManager }, webhookEndpointQueue)
 };
 
 module.exports = {
-  init: ({ states, teamManager }) => {
-    const webhookEndpointQueue = createWebhookEndpointQueue({ states, teamManager });
+  init: ({ states, teamManager, teamAPI }) => {
+    const webhookEndpointQueue = createWebhookEndpointQueue({ states, teamManager, teamAPI });
     const webhookEventQueue = createWebhookEventQueue({ states, teamManager }, webhookEndpointQueue);
 
     return { webhookEndpointQueue, webhookEventQueue };

package/lib/event/index.js

@@ -723,7 +723,7 @@ module.exports = ({
   events.handleBlockletEvent = handleBlockletEvent;
 
   if (daemon) {
-    const { handleEventBusEvent } = eventBusHandler({ states, teamManager });
+    const { handleEventBusEvent } = eventBusHandler({ states, teamManager, teamAPI });
     eventHub.on(EVENT_BUS_EVENT, (data) => {
       if (isInstanceWorker()) {
         return null;

package/lib/index.js

@@ -307,7 +307,7 @@ function ABTNode(options) {
   });
   blockletManager.setMaxListeners(0);
   const securityAPI = new SecurityAPI({ teamManager, blockletManager });
-  const webhookAPI = new WebhookAPI({ states, teamManager, blockletManager });
+  const webhookAPI = new WebhookAPI({ states, teamManager, teamAPI });
 
   const {
     handleBlockletWafChange,
@@ -653,8 +653,6 @@ function ABTNode(options) {
     disconnectFromEndpoint: blockletManager.disconnectFromEndpoint.bind(blockletManager),
     publishToEndpoint: blockletManager.publishToEndpoint.bind(blockletManager),
 
-    getNotificationReceivers: teamAPI.getNotificationReceivers.bind(teamAPI),
-
     // ServerBlocklet Notifications
     createNotification: teamAPI.createNotification.bind(teamAPI),
     getNotifications: teamAPI.getNotification.bind(teamAPI),
@@ -858,6 +856,7 @@ function ABTNode(options) {
     updateOAuthClient: teamAPI.updateOAuthClient.bind(teamAPI),
 
     updateBlockletSettings: blockletManager.updateBlockletSettings.bind(blockletManager),
+    createWebhookDisabledNotification: teamAPI.createWebhookDisabledNotification.bind(teamAPI),
 
     // migrate audit log
     migrateAuditLog: (dataDir) => {
@@ -888,7 +887,7 @@ function ABTNode(options) {
     webhookManager: webhookAPI,
   });
 
-  const webhook = WebHook({ events, dataDirs, instance, teamManager });
+  const webhook = WebHook({ events, dataDirs, instance });
 
   const initCron = async () => {
     if (isInstanceWorker()) {
@@ -982,6 +981,13 @@ function ABTNode(options) {
     getWebHooks: states.webhook.list.bind(states.webhook),
     createWebHook: webhook.create.bind(webhook),
     deleteWebHook: webhook.delete.bind(webhook),
+    updateWebHookState: (params) => {
+      const { isService, webhook: webhookParams, ...rest } = params;
+      if (isService) {
+        return teamAPI.updateWebHookState.call(teamAPI, { webhook: webhookParams, ...rest });
+      }
+      return webhook.updateWebHookState.call(webhook, { id: webhookParams?.id, url: webhookParams?.url, ...rest });
+    },
     getWebhookSenders: webhook.listSenders.bind(webhook),
     getMessageSender: webhook.getMessageSender.bind(webhook),
     sendTestMessage: webhook.sendTestMessage.bind(webhook),

package/lib/states/user.js

@@ -3,6 +3,7 @@ const pickBy = require('lodash/pickBy');
 const get = require('lodash/get');
 const pick = require('lodash/pick');
 const uniq = require('lodash/uniq');
+const isEqual = require('lodash/isEqual');
 const { isValid, toAddress } = require('@arcblock/did');
 const { PASSPORT_STATUS, USER_MAX_INVITE_DEPTH, ROLES } = require('@abtnode/constant');
 const { BaseState } = require('@abtnode/models');
@@ -17,6 +18,7 @@ const { validateOwner } = require('../util');
 const { loginSchema, disconnectAccountSchema } = require('../validators/user');
 const ExtendBase = require('./base');
 const { isInDashboard, isUserPrivacyEnabled, isAdminUser } = require('../util/verify-user-private');
+const { updateWebhookFailureState } = require('../util/webhook');
 
 const isNullOrUndefined = (x) => x === undefined || x === null;
 
@@ -454,7 +456,7 @@ SELECT did,inviter,generation FROM UserTree`.trim();
   }
 
   // eslint-disable-next-line require-await
-  async getUsersByDids({ dids, query }, context = {}) {
+  async getUsersByDids({ dids, query, paging }, context = {}) {
     const {
       approved,
       includeTags = false,
@@ -485,6 +487,20 @@ SELECT did,inviter,generation FROM UserTree`.trim();
       include.push(this.getConnectedInclude());
     }
 
+    // 如果提供了分页参数，使用分页查询
+    if (paging) {
+      const sorting = [['createdAt', 'DESC']];
+      selection.createdAt = 1;
+      const result = await this.paginate({ where: condition, include }, sorting, paging, selection);
+
+      if (includeFollowStatus && user?.did) {
+        result.list = await this._enrichWithFollowStatus(result.list, user.did, dids);
+      }
+
+      return result;
+    }
+
+    // 否则返回所有结果
     let result = await this.find({ where: condition, include }, selection);
 
     if (includeFollowStatus && user?.did) {
@@ -540,27 +556,39 @@ SELECT did,inviter,generation FROM UserTree`.trim();
    * get user by did
    * @param {string} did user's did
    */
-  async getUser(did, { enableConnectedAccount = false, includeTags = false } = {}) {
-    let user = await this.findOne({ where: { did }, include: includeTags ? [this.getTagInclude()] : [] });
-    let connectedAccounts = [];
-    let passports = [];
+  async getUser(
+    did,
+    {
+      enableConnectedAccount = false,
+      includeTags = false,
+      includePassports = true,
+      includeConnectedAccounts = true,
+      selection = {},
+    } = {}
+  ) {
+    let user = await this.findOne({ where: { did }, include: includeTags ? [this.getTagInclude()] : [] }, selection);
 
     // search in connected accounts
     if (!user && enableConnectedAccount) {
       const connectedAccount = await this.connectedAccount.findOne({ did });
       if (connectedAccount) {
-        user = await this.findOne({ did: connectedAccount.userDid });
+        user = await this.findOne({ did: connectedAccount.userDid }, selection);
       }
     }
 
     if (user) {
-      [connectedAccounts, passports] = await Promise.all([
-        this.connectedAccount.find({ userDid: user.did }),
-        this.passport.find({ userDid: user.did }),
-      ]);
-
-      user.connectedAccounts = connectedAccounts;
-      user.passports = passports;
+      if (includeConnectedAccounts && includePassports) {
+        const [connectedAccounts, passports] = await Promise.all([
+          this.connectedAccount.find({ userDid: user.did }),
+          this.passport.find({ userDid: user.did }),
+        ]);
+        user.connectedAccounts = connectedAccounts;
+        user.passports = passports;
+      } else if (includeConnectedAccounts) {
+        user.connectedAccounts = await this.connectedAccount.find({ userDid: user.did });
+      } else if (includePassports) {
+        user.passports = await this.passport.find({ userDid: user.did });
+      }
     }
 
     return user;
@@ -1330,6 +1358,51 @@ SELECT did,inviter,generation FROM UserTree`.trim();
       throw error;
     }
   }
+
+  async updateWebhook(userDid, webhook, createNotification = () => {}) {
+    const user = await this.getUser(userDid);
+    if (!user) {
+      throw new CustomError(404, `User with did ${userDid} not found`);
+    }
+    if (!webhook || !webhook.url) {
+      throw new CustomError(400, 'Invalid webhook');
+    }
+
+    if (
+      webhook.consecutiveFailures !== undefined &&
+      (!Number.isInteger(webhook.consecutiveFailures) || webhook.consecutiveFailures < 0)
+    ) {
+      throw new CustomError(400, 'consecutiveFailures must be a non-negative integer.');
+    }
+    const existWebhooks = user.extra?.webhooks ?? [];
+
+    let hasChanged = false;
+    const updatedWebhooks = existWebhooks.map((existing) => {
+      if (existing.url === webhook.url) {
+        const merged = { ...existing };
+        // 使用抽离的核心逻辑更新失败状态
+        updateWebhookFailureState(merged, webhook, createNotification);
+        // Check if this specific webhook has changed
+        if (!isEqual(existing, merged)) {
+          hasChanged = true;
+          return merged;
+        }
+        return existing;
+      }
+      return existing;
+    });
+
+    // Skip update if webhook data hasn't changed
+    if (!hasChanged) {
+      return user;
+    }
+
+    const [updatedRows, [updatedUser]] = await this.update({ did: userDid }, { extra: { webhooks: updatedWebhooks } });
+    if (updatedRows === 1) {
+      return updatedUser;
+    }
+    return user;
+  }
 }
 
 module.exports = User;

package/lib/states/webhook-endpoint.js

@@ -36,6 +36,7 @@ const updateWebhookEndpointSchema = Joi.object({
     )
     .optional(),
   status: Joi.string().valid('enabled', 'disabled').optional(),
+  metadata: Joi.object().optional(),
 });
 
 /**
@@ -64,6 +65,13 @@ class WebhookEndpointState extends BaseState {
     }
 
     await updateWebhookEndpointSchema.validateAsync(updates, { stripUnknown: true });
+    if (updates.metadata && updates.status && updates.status !== 'enabled') {
+      updates.metadata = {
+        ...(doc.metadata || {}),
+        ...(updates.metadata || {}),
+        consecutiveFailures: 0,
+      };
+    }
 
     await this.update({ id }, { $set: updates });
     return doc;

package/lib/states/webhook.js

@@ -1,7 +1,8 @@
 const logger = require('@abtnode/logger')('@abtnode/core:states:webhook');
-
+const { CustomError } = require('@blocklet/error');
 const BaseState = require('./base');
 const { validateWebhook } = require('../validators/webhook');
+const { updateWebhookFailureState } = require('../util/webhook');
 
 /**
  * @extends BaseState<import('@abtnode/models').WebHookState>
@@ -65,6 +66,69 @@ class WebhookState extends BaseState {
       throw new Error(`webhook with id ${id} not exist`);
     }
   }
+
+  /**
+   * 更新 webhook 状态（开启/关闭或连续失败次数）
+   * @param {string} id - webhook ID
+   * @param {object} options - 更新选项
+   * @param {string} [options.url] - 要更新的 URL，不传则更新所有 URL 类型的 param
+   * @param {boolean} [options.enabled] - 开启/关闭状态
+   * @param {number} [options.consecutiveFailures] - 连续失败次数，不传则默认+1，传入必须大于原有值或为0
+   * @throws {Error} 当同时提供 enabled 和 consecutiveFailures 时抛出错误
+   * @throws {Error} 当未提供任何更新参数时抛出错误
+   * @throws {Error} 当 consecutiveFailures 值无效时抛出错误
+   * @throws {Error} 当指定的 url 不存在时抛出错误
+   */
+  async updateWebhook(id, { url, enabled, consecutiveFailures } = {}, createNotification = () => {}) {
+    // 验证不能同时设置开启/关闭和连续失败次数
+    if (enabled !== undefined && consecutiveFailures !== undefined) {
+      throw new CustomError(400, 'Cannot update enabled and consecutiveFailures at the same time.');
+    }
+
+    // 验证至少提供一个更新参数
+    if (enabled === undefined && consecutiveFailures === undefined) {
+      throw new CustomError(400, 'Must provide either enabled or consecutiveFailures to update.');
+    }
+
+    // 获取当前 webhook 状态
+    const currentWebhook = await this.findOne(id);
+
+    if (!currentWebhook) {
+      throw new CustomError(404, `webhook with id ${id} not exist`);
+    }
+
+    // 确定匹配函数
+    const matcher = url ? (item) => item.value === url : (item) => item.name === 'url' && item.value;
+
+    // 验证是否有匹配的项
+    const hasMatchingItems = currentWebhook.params.some(matcher);
+    if (!hasMatchingItems) {
+      if (url) {
+        throw new CustomError(404, `URL ${url} not found in webhook params.`);
+      }
+      throw new CustomError(400, 'No valid URL params found to update.');
+    }
+
+    // 遍历并更新匹配的项（只复制需要修改的项）
+    const updatedParams = currentWebhook.params.map((item) => {
+      if (matcher(item)) {
+        const cloned = { ...item };
+        // 使用抽离的核心逻辑更新失败状态（webhook.js 需要验证递增）
+        updateWebhookFailureState(cloned, { enabled, consecutiveFailures }, createNotification, {
+          validateIncremental: true,
+        });
+        return cloned;
+      }
+      return item;
+    });
+
+    // 更新整个 params 数组
+    const [updatedRows, [updatedWebhook]] = await this.update({ id }, { params: updatedParams });
+    if (updatedRows === 1) {
+      return updatedWebhook;
+    }
+    return currentWebhook;
+  }
 }
 
 module.exports = WebhookState;

package/lib/team/manager.js

@@ -224,16 +224,38 @@ class TeamManager extends EventEmitter {
   /**
    * 判断 passport 是否已经过期
    */
-  isPassportExpired(passport) {
-    return passport.status !== 'valid' || (passport.expirationDate && dayjs(passport.expirationDate).isBefore(dayjs()));
+  isPassportExpired(passport, now) {
+    return passport.status !== 'valid' || (passport.expirationDate && dayjs(passport.expirationDate).isBefore(now));
+  }
+
+  /**
+   * 验证用户是否有效（是否存在、passport是否过期）
+   * @private
+   */
+  _filterValidUsers(users) {
+    const now = dayjs();
+    return users.filter((user) => {
+      if (!user) {
+        return false;
+      }
+      const { passports = [] } = user;
+      // 如果用户没有 passport，或者 有一个 passport 没有过期，则返回 true
+      if (!passports?.length || passports.some((x) => !this.isPassportExpired(x, now))) {
+        return true;
+      }
+      logger.warn(`user's passports are all expired: ${user.did}`);
+      return false;
+    });
   }
 
   async getNotificationReceivers(payload) {
-    const { teamDid, userDids = [], roles = [], selection = {}, includeConnectedAccounts = false } = payload;
+    const { teamDid, userDids = [], roles = [], selection = {}, includeConnectedAccounts = false, paging } = payload;
     // 会根据 teamDid 返回对应 state
     const userState = await this.getUserState(teamDid);
     if (!userDids.length && !roles.length) {
-      return [];
+      return paging
+        ? { list: [], paging: { total: 0, pageSize: paging.size || 20, pageCount: 0, page: paging.page || 1 } }
+        : [];
     }
     try {
       // 这些用户信息已经是 approved 的用户，不需要再次确认
@@ -245,7 +267,7 @@ class TeamManager extends EventEmitter {
       if (userDids.length > 0) {
         let queryUsers = [];
         if (userDids.includes('*')) {
-          queryUsers = await userState.getUsersByDids({
+          const result = await userState.getUsersByDids({
             dids: userDids,
             query: {
               approved: true,
@@ -253,45 +275,57 @@ class TeamManager extends EventEmitter {
               includeConnectedAccounts,
               includePassports: true,
             },
+            paging,
           });
+
+          // 如果是分页查询，处理分页结果
+          if (paging && result.list) {
+            const validUsers = this._filterValidUsers(result.list);
+            return {
+              list: users.concat(validUsers),
+              paging: result.paging,
+            };
+          }
+
+          queryUsers = result;
         } else {
           // 使用 getUser 查询的目的是为了避免传入的 receiver 不在user表中而存在于 connected_account 表中
           queryUsers = await Promise.all(
-            userDids.map((did) => userState.getUser(did, { includePassports: true, enableConnectedAccount: true }))
+            userDids.map((did) =>
+              userState.getUser(did, {
+                enableConnectedAccount: true,
+                includeConnectedAccounts: false,
+                selection,
+              })
+            )
           );
         }
 
-        const validUsers = queryUsers.filter((user, index) => {
-          if (!user) {
-            logger.warn('receiver is not exist: ', { userDid: userDids[index] });
-            return false;
-          }
-          const { passports = [] } = user;
-          // 如果用户没有 passport，或者 有一个 passport 没有过期，则返回 true
-          if (!passports?.length || passports.some((x) => !this.isPassportExpired(x))) {
-            return true;
-          }
-          logger.warn(`user's passports are all expired: ${user.did}`);
-          return false;
-        });
-
+        const validUsers = this._filterValidUsers(queryUsers);
         users = users.concat(validUsers);
       }
 
       return users;
     } catch (error) {
       logger.error('get receivers failed: ', error);
-      return [];
+      return paging
+        ? { list: [], paging: { total: 0, pageSize: paging.size || 20, pageCount: 0, page: paging.page || 1 } }
+        : [];
     }
   }
 
   async getAdminReceivers({ teamDid }) {
-    const receivers = await this.getNotificationReceivers({
-      teamDid: teamDid ?? this.nodeDid,
-      roles: [ROLES.ADMIN, ROLES.OWNER],
-      selection: { did: 1 },
-    });
-    return receivers.map((r) => r.did);
+    try {
+      const receivers = await this.getNotificationReceivers({
+        teamDid: teamDid ?? this.nodeDid,
+        roles: [ROLES.ADMIN, ROLES.OWNER],
+        selection: { did: 1 },
+      });
+      return receivers.map((r) => r.did);
+    } catch (error) {
+      logger.error('get admin receivers failed', { error });
+      return [];
+    }
   }
 
   /**
@@ -351,30 +385,65 @@ class TeamManager extends EventEmitter {
   }
 
   /**
-   * 获取接收者列表
+   * 获取接收者列表（支持分页）
    * @private
+   * @param {string} teamDid - 团队 DID
+   * @param {string|string[]} receiver - 接收者
+   * @param {boolean} isExist - 通知是否已存在
+   * @returns {AsyncGenerator<string[]>} 异步生成器，每次返回一页接收者的 DID 列表
    */
-  async _getReceiverList(teamDid, receiver, isExist) {
+  async *_getReceiverList(teamDid, receiver, isExist) {
+    // 1. 如果通知已存在，直接返回规范化后的接收者
+    // 这种情况 receiver 一定存在。
     if (isExist) {
-      return this._normalizeReceiver(receiver);
+      yield this._normalizeReceiver(receiver);
+      return;
     }
 
     const receivers = this._normalizeReceiver(receiver);
-    if (receivers) {
+
+    // 2. 如果传入的是具体的 DID 数组（不包含 *），不需要分页查询，直接拿来用
+    if (receivers && !receivers.includes('*')) {
+      yield receivers;
+      return;
+    }
+
+    // 3. 如果传入 receiver 包含 * 需要分页查询，返回一页的数据，开始执行一页
+    if (receivers && receivers.includes('*')) {
       try {
-        const users = await this.getNotificationReceivers({
-          teamDid,
-          userDids: receivers,
-          includeConnectedAccounts: true,
-        });
-        return users.map((u) => u.did);
+        const pageSize = 100; // 每页查询 100 个用户
+        let currentPage = 1;
+        let hasMore = true;
+
+        // eslint-disable-next-line no-await-in-loop
+        while (hasMore) {
+          // eslint-disable-next-line no-await-in-loop
+          const result = await this.getNotificationReceivers({
+            teamDid,
+            userDids: receivers,
+            selection: { did: 1 },
+            paging: { page: currentPage, pageSize },
+          });
+
+          const userDids = result.list.map((u) => u.did);
+
+          if (userDids.length > 0) {
+            yield userDids;
+          }
+
+          hasMore = currentPage < result.paging.pageCount;
+          currentPage += 1;
+        }
       } catch (error) {
-        logger.error('get receivers failed', { error });
-        return [];
+        logger.error('get receivers failed with pagination', { error });
+        yield [];
       }
+      return;
     }
 
-    return this.getAdminReceivers({ teamDid });
+    // 4. 如果没有传入 receiver，需要查询站点的 admin 相关的用户
+    const adminReceivers = await this.getAdminReceivers({ teamDid });
+    yield adminReceivers;
   }
 
   /**
@@ -432,11 +501,10 @@ class TeamManager extends EventEmitter {
    * 创建通知文档
    * @private
    */
-  async _createNotificationDoc(notificationState, payload, receivers, source, isServices, teamDid) {
+  async _createNotificationDoc(notificationState, payload, source, isServices, teamDid) {
     try {
       return await notificationState.create({
         ...payload,
-        receiver: receivers,
         source,
         ...(!isServices ? {} : { teamDid }),
       });
@@ -539,18 +607,16 @@ class TeamManager extends EventEmitter {
 
       // 检查通知是否已存在
       const isExist = await this._checkExistingNotification(notificationState, id || notification?.id);
-      // 获取接收者列表
-      const receivers = await this._getReceiverList(teamDid, receiver, isExist);
 
-      if (!receivers?.length && process.env.NODE_ENV !== 'test') {
-        logger.warn('No valid receivers', {
-          teamDid,
-          receiver,
-          notification: JSON.stringify(notification || payload || {}),
-        });
-        return undefined;
+      let doc = null;
+      const source = this._determineSource(teamDid, payload);
+      const isServices = teamDid && !this.isNodeTeam(teamDid);
+      if (!isExist && !payload.pushOnly) {
+        doc = await this._createNotificationDoc(notificationState, payload, source, isServices, teamDid);
+        logger.info('notification created successfully', { teamDid, notificationId: doc.id });
       }
 
+      // 获取 actor 信息
       const notificationActor = notification?.activity?.actor || payload.activity?.actor;
       let actorInfo = null;
       if (notificationActor) {
@@ -559,32 +625,53 @@ class TeamManager extends EventEmitter {
         actorInfo = pick(user, ['did', 'fullName', 'avatar']);
       }
 
-      if (payload.pushOnly || isExist) {
-        this.emit(EVENTS.NOTIFICATION_CREATE_QUEUED, {
-          channels: payload.channels || [NOTIFICATION_SEND_CHANNEL.WALLET],
-          notification: {
-            ...(notification || payload),
-          },
-          receivers: receivers ?? receiver,
-          teamDid: teamDid || this.nodeDid,
-          sender: payload.sender,
-          pushOnly: true,
-          isExist,
-          ...(actorInfo ? { actorInfo } : {}),
-          options: typeof payload.options === 'object' && payload.options !== null ? payload.options : {},
-        });
-        return undefined;
-      }
+      // 获取接收者列表（使用异步生成器逐页处理）
+      const receiverGenerator = this._getReceiverList(teamDid, receiver, isExist);
+      let hasReceivers = false;
 
-      const source = this._determineSource(teamDid, payload);
-      const isServices = teamDid && !this.isNodeTeam(teamDid);
+      for await (const receiversPage of receiverGenerator) {
+        if (!receiversPage?.length) {
+          continue;
+        }
 
-      const doc = await this._createNotificationDoc(notificationState, payload, receivers, source, isServices, teamDid);
+        hasReceivers = true;
 
-      logger.info('notification created successfully', { teamDid, notificationId: doc.id });
+        if (payload.pushOnly || isExist) {
+          this.emit(EVENTS.NOTIFICATION_CREATE_QUEUED, {
+            channels: payload.channels || [NOTIFICATION_SEND_CHANNEL.WALLET],
+            notification: {
+              ...(notification || payload),
+            },
+            receivers: receiversPage,
+            teamDid: teamDid || this.nodeDid,
+            sender: payload.sender,
+            pushOnly: true,
+            isExist,
+            ...(actorInfo ? { actorInfo } : {}),
+            options: typeof payload.options === 'object' && payload.options !== null ? payload.options : {},
+          });
+        } else {
+          const defaultChannel = this._getDefaultChannels(isServices, source);
+          await this._emitNotificationEvents(
+            doc,
+            payload,
+            receiversPage,
+            teamDid,
+            isServices,
+            defaultChannel,
+            actorInfo
+          );
+        }
+      }
 
-      const defaultChannel = this._getDefaultChannels(isServices, source);
-      await this._emitNotificationEvents(doc, payload, receivers, teamDid, isServices, defaultChannel, actorInfo);
+      if (!hasReceivers && process.env.NODE_ENV !== 'test') {
+        logger.warn('No valid receivers', {
+          teamDid,
+          receiver,
+          notification: JSON.stringify(notification || payload || {}),
+        });
+        return undefined;
+      }
 
       return doc;
     } catch (error) {

package/lib/util/webhook.js

@@ -0,0 +1,65 @@
+const { CustomError } = require('@blocklet/error');
+const { WEBHOOK_CONSECUTIVE_FAILURES_THRESHOLD } = require('@abtnode/constant');
+
+/**
+ * 更新 webhook 项的失败状态（直接修改传入的对象）
+ * @param {Object} item - webhook 对象（会被直接修改）
+ * @param {Object} updates - 更新参数
+ * @param {boolean} [updates.enabled] - 新的启用状态
+ * @param {number} [updates.consecutiveFailures] - 新的连续失败次数（如果不传则自动 +1）
+ * @param {Function} [createNotification] - 达到阈值时的通知回调
+ * @param {Object} [options] - 额外选项
+ * @param {boolean} [options.validateIncremental] - 是否验证 consecutiveFailures 必须递增（默认 false）
+ */
+function updateWebhookFailureState(item, updates, createNotification, options = {}) {
+  const { enabled, consecutiveFailures } = updates;
+  const { validateIncremental = false } = options;
+
+  // 处理 enabled 更新
+  if (enabled !== undefined) {
+    item.enabled = enabled;
+    // 如果关闭 webhook，自动将连续失败次数重置为 0
+    if (enabled === false) {
+      item.consecutiveFailures = 0;
+    }
+    return item;
+  }
+
+  // 处理 consecutiveFailures 更新
+  const currentFailures = item.consecutiveFailures || 0;
+
+  if (consecutiveFailures === undefined) {
+    // 未传入值，默认 +1
+    // 这么做的原因是由于，在队列中拿到的值不是最新的值，在外面进行 + 1 操作是不准确的
+    item.consecutiveFailures = currentFailures + 1;
+  } else {
+    // 验证必须是非负整数
+    if (!Number.isInteger(consecutiveFailures) || consecutiveFailures < 0) {
+      throw new CustomError(400, 'consecutiveFailures must be a non-negative integer.');
+    }
+
+    // 如果需要验证递增
+    if (validateIncremental && consecutiveFailures !== 0 && consecutiveFailures <= currentFailures) {
+      throw new CustomError(
+        400,
+        `consecutiveFailures must be greater than the current value (${currentFailures}) or equal to 0.`
+      );
+    }
+
+    item.consecutiveFailures = consecutiveFailures;
+  }
+
+  // 达到阈值则自动禁用并触发通知
+  if (item.consecutiveFailures >= WEBHOOK_CONSECUTIVE_FAILURES_THRESHOLD) {
+    item.enabled = false;
+    item.consecutiveFailures = 0;
+    if (createNotification) {
+      createNotification(item);
+    }
+  }
+  return item;
+}
+
+module.exports = {
+  updateWebhookFailureState,
+};

package/lib/webhook/index.js

@@ -77,10 +77,56 @@ const getSlackUrlInfo = async ({ blockletUrl, path: actionPath = '/notifications
 };
 
 // eslint-disable-next-line no-unused-vars
-module.exports = ({ events, dataDirs, instance, teamManager }) => {
+module.exports = ({ events, dataDirs, instance }) => {
   const nodeState = states.node;
   const webhookState = states.webhook;
 
+  const updateWebHookState = async ({ id, url, enabled, consecutiveFailures }) => {
+    try {
+      const updateRes = await webhookState.updateWebhook(
+        id,
+        {
+          url,
+          enabled,
+          consecutiveFailures,
+        },
+        (updated) => {
+          instance.createWebhookDisabledNotification({ webhook: updated });
+        }
+      );
+      return updateRes;
+    } catch (err) {
+      logger.error('update webhook state error', { err });
+      throw new Error(err.message);
+    }
+  };
+
+  /**
+   * 安全地更新 webhook 状态，不影响主流程
+   * @param {object} item - webhook item
+   * @param {number} consecutiveFailures - 连续失败次数
+   */
+  const safeUpdateWebhookState = (item, consecutiveFailures) => {
+    // 只处理需要跟踪状态的类型
+    if (item.type !== 'slack' && item.type !== 'api') {
+      return;
+    }
+
+    const urlParam = item.params.find((x) => x.name === 'url');
+    if (!urlParam || !urlParam.value) {
+      return;
+    }
+
+    // 异步更新，不等待结果，不影响主流程
+    updateWebHookState({
+      id: item.id,
+      url: urlParam.value,
+      consecutiveFailures,
+    }).catch((err) => {
+      logger.debug('safe update webhook state failed', { err, itemId: item.id, url: urlParam.value });
+    });
+  };
+
   const sendMessage = async ({ extra, isService, ...message } = {}) => {
     try {
       const webhookList = !isService ? await webhookState.list() : [];
@@ -97,6 +143,20 @@ module.exports = ({ events, dataDirs, instance, teamManager }) => {
       if (webhookList.length) {
         for (let i = 0; i < webhookList.length; i++) {
           const item = webhookList[i];
+          // 对于 slack 和 api 类型，检查是否启用
+          if (item.type === 'slack' || item.type === 'api') {
+            const urlParam = item.params.find((x) => x.name === 'url');
+            if (!urlParam || !urlParam.value) {
+              continue;
+            }
+            // 如果没有开启，则跳过发送
+            const isEnabled = urlParam.enabled ?? true;
+            if (!isEnabled) {
+              logger.debug('webhook is disabled, skip sending', { type: item.type, url: urlParam.value });
+              continue;
+            }
+          }
+
           if (typeof senderFns[item.type] !== 'function') {
             const senderInstance = WebHookSender.getMessageSender(item.type);
             senderFns[item.type] = senderInstance.send.bind(senderInstance);
@@ -134,8 +194,13 @@ module.exports = ({ events, dataDirs, instance, teamManager }) => {
           try {
             // eslint-disable-next-line
             await senderFns[item.type](item.params, options);
+            // 发送成功，重置失败次数
+            safeUpdateWebhookState(item, 0);
           } catch (err) {
             logger.error('webhook sender error', { error: err, item });
+            // 发送失败，增加失败次数
+            const currentFailures = item.consecutiveFailures || 0;
+            safeUpdateWebhookState(item, currentFailures + 1);
           }
         }
       }
@@ -269,6 +334,7 @@ module.exports = ({ events, dataDirs, instance, teamManager }) => {
     getMessageSender: WebHookSender.getMessageSender,
     create: createWebhook,
     delete: deleteWebhook,
+    updateWebHookState,
     sendTestMessage,
   };
 };

package/lib/webhook/sender/api/index.js

@@ -63,6 +63,8 @@ APISender.describe = () => ({
       validate: (x) => !!x,
       value: '',
       type: 'url',
+      enabled: true,
+      consecutiveFailures: 0,
       schema: Joi.string()
         .required()
         .uri({ scheme: [/https?/] }),

package/lib/webhook/sender/slack/index.js

@@ -187,6 +187,8 @@ SlackSender.describe = () => ({
       defaultValue: '',
       value: '',
       type: 'slack',
+      enabled: true,
+      consecutiveFailures: 0,
       schema: Joi.string()
         .required()
         .custom((v, helper) => {

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.17.4-beta-20251201-225048-b1682a09",
+  "version": "1.17.4-beta-20251202-122551-267b614d",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -17,21 +17,21 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/analytics": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/auth": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/certificate-manager": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/constant": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/cron": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/db-cache": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/docker-utils": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/logger": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/models": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/queue": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/rbac": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/router-provider": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/static-server": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/timemachine": "1.17.4-beta-20251201-225048-b1682a09",
-    "@abtnode/util": "1.17.4-beta-20251201-225048-b1682a09",
+    "@abtnode/analytics": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/auth": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/certificate-manager": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/constant": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/cron": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/db-cache": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/docker-utils": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/logger": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/models": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/queue": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/rbac": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/router-provider": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/static-server": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/timemachine": "1.17.4-beta-20251202-122551-267b614d",
+    "@abtnode/util": "1.17.4-beta-20251202-122551-267b614d",
     "@aigne/aigne-hub": "^0.10.10",
     "@arcblock/did": "^1.27.12",
     "@arcblock/did-connect-js": "^1.27.12",
@@ -43,15 +43,15 @@
     "@arcblock/pm2-events": "^0.0.5",
     "@arcblock/validator": "^1.27.12",
     "@arcblock/vc": "^1.27.12",
-    "@blocklet/constant": "1.17.4-beta-20251201-225048-b1682a09",
+    "@blocklet/constant": "1.17.4-beta-20251202-122551-267b614d",
     "@blocklet/did-space-js": "^1.2.6",
-    "@blocklet/env": "1.17.4-beta-20251201-225048-b1682a09",
+    "@blocklet/env": "1.17.4-beta-20251202-122551-267b614d",
     "@blocklet/error": "^0.3.3",
-    "@blocklet/meta": "1.17.4-beta-20251201-225048-b1682a09",
-    "@blocklet/resolver": "1.17.4-beta-20251201-225048-b1682a09",
-    "@blocklet/sdk": "1.17.4-beta-20251201-225048-b1682a09",
-    "@blocklet/server-js": "1.17.4-beta-20251201-225048-b1682a09",
-    "@blocklet/store": "1.17.4-beta-20251201-225048-b1682a09",
+    "@blocklet/meta": "1.17.4-beta-20251202-122551-267b614d",
+    "@blocklet/resolver": "1.17.4-beta-20251202-122551-267b614d",
+    "@blocklet/sdk": "1.17.4-beta-20251202-122551-267b614d",
+    "@blocklet/server-js": "1.17.4-beta-20251202-122551-267b614d",
+    "@blocklet/store": "1.17.4-beta-20251202-122551-267b614d",
     "@blocklet/theme": "^3.2.11",
     "@fidm/x509": "^1.2.1",
     "@ocap/mcrypto": "^1.27.12",
@@ -116,5 +116,5 @@
     "express": "^4.18.2",
     "unzipper": "^0.10.11"
   },
-  "gitHead": "150c52d552b8b2d8c3a5bae57818aabf90dfd115"
+  "gitHead": "58a5f7d49ccce973fdb214337aee262435704ec5"
 }