npm - @omnizap-system/omnizap - Versions diffs - 2.5.12 - Mend

@omnizap-system/omnizap 2.5.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (425) hide show

package/.clusterfuzzlite/Dockerfile +10 -0
package/.env.example +907 -0
package/.github/codeql/codeql-config.yml +10 -0
package/.github/dependabot.yml +35 -0
package/.github/workflows/ci.yml +73 -0
package/.github/workflows/codeql.yml +106 -0
package/.github/workflows/db-migration-check.yml +98 -0
package/.github/workflows/dependency-review.yml +22 -0
package/.github/workflows/deploy.yml +95 -0
package/.github/workflows/release.yml +106 -0
package/.github/workflows/security-attest-provenance.yml +51 -0
package/.github/workflows/security-gitleaks.yml +34 -0
package/.github/workflows/security-runner-hardening.yml +31 -0
package/.github/workflows/security-scorecard.yml +44 -0
package/.github/workflows/security-zap-baseline.yml +44 -0
package/.github/workflows/security-zap-full-scan.yml +43 -0
package/.github/workflows/security-zizmor.yml +36 -0
package/.github/workflows/wiki-sync.yml +44 -0
package/.gitleaks.toml +15 -0
package/.prettierrc +34 -0
package/CODE_OF_CONDUCT.md +114 -0
package/LICENSE +56 -0
package/README.md +110 -0
package/SECURITY.md +110 -0
package/app/config/index.js +4 -0
package/app/configParts/adminIdentity.js +92 -0
package/app/configParts/baileysConfig.js +1818 -0
package/app/configParts/groupUtils.js +692 -0
package/app/configParts/loggerConfig.js +394 -0
package/app/configParts/messagePersistenceService.js +305 -0
package/app/connection/baileysCompatibility.test.js +40 -0
package/app/connection/baileysDbAuthState.js +344 -0
package/app/connection/socketController.js +2243 -0
package/app/controllers/messageController.js +7 -0
package/app/controllers/messagePipeline/commandMiddleware.js +146 -0
package/app/controllers/messagePipeline/conversationMiddleware.js +183 -0
package/app/controllers/messagePipeline/messagePipelineMiddlewares.test.js +522 -0
package/app/controllers/messagePipeline/postProcessingMiddleware.js +41 -0
package/app/controllers/messagePipeline/preProcessingMiddlewares.js +166 -0
package/app/controllers/messageProcessingPipeline.js +699 -0
package/app/modules/adminModule/AGENT.md +4056 -0
package/app/modules/adminModule/adminAiHelpService.js +56 -0
package/app/modules/adminModule/adminConfigRuntime.js +177 -0
package/app/modules/adminModule/commandConfig.json +7122 -0
package/app/modules/adminModule/groupCommandHandlers.js +1823 -0
package/app/modules/adminModule/groupCommandHandlers.test.js +350 -0
package/app/modules/adminModule/groupEventHandlers.js +399 -0
package/app/modules/aiModule/AGENT.md +547 -0
package/app/modules/aiModule/aiAiHelpService.js +14 -0
package/app/modules/aiModule/aiConfigRuntime.js +135 -0
package/app/modules/aiModule/catCommand.js +967 -0
package/app/modules/aiModule/commandConfig.json +981 -0
package/app/modules/analyticsModule/messageAnalysisEventRepository.js +83 -0
package/app/modules/gameModule/AGENT.md +196 -0
package/app/modules/gameModule/commandConfig.json +366 -0
package/app/modules/gameModule/diceCommand.js +42 -0
package/app/modules/gameModule/gameAiHelpService.js +14 -0
package/app/modules/gameModule/gameConfigRuntime.js +68 -0
package/app/modules/menuModule/AGENT.md +205 -0
package/app/modules/menuModule/commandConfig.json +366 -0
package/app/modules/menuModule/common.js +316 -0
package/app/modules/menuModule/menuAiHelpService.js +14 -0
package/app/modules/menuModule/menuConfigRuntime.js +68 -0
package/app/modules/menuModule/menus.js +66 -0
package/app/modules/playModule/AGENT.md +321 -0
package/app/modules/playModule/commandConfig.json +584 -0
package/app/modules/playModule/playAiHelpService.js +14 -0
package/app/modules/playModule/playCommand.js +1417 -0
package/app/modules/playModule/playConfigRuntime.js +68 -0
package/app/modules/quoteModule/AGENT.md +199 -0
package/app/modules/quoteModule/commandConfig.json +366 -0
package/app/modules/quoteModule/quoteAiHelpService.js +14 -0
package/app/modules/quoteModule/quoteCommand.js +842 -0
package/app/modules/quoteModule/quoteConfigRuntime.js +68 -0
package/app/modules/rpgPokemonModule/AGENT.md +229 -0
package/app/modules/rpgPokemonModule/commandConfig.json +386 -0
package/app/modules/rpgPokemonModule/rpgBattleCanvasRenderer.js +795 -0
package/app/modules/rpgPokemonModule/rpgBattleService.js +2110 -0
package/app/modules/rpgPokemonModule/rpgBattleService.test.js +770 -0
package/app/modules/rpgPokemonModule/rpgEvolutionUtils.js +22 -0
package/app/modules/rpgPokemonModule/rpgPokemonAiHelpService.js +14 -0
package/app/modules/rpgPokemonModule/rpgPokemonCommand.js +174 -0
package/app/modules/rpgPokemonModule/rpgPokemonConfigRuntime.js +68 -0
package/app/modules/rpgPokemonModule/rpgPokemonDomain.js +192 -0
package/app/modules/rpgPokemonModule/rpgPokemonDomain.test.js +93 -0
package/app/modules/rpgPokemonModule/rpgPokemonEvolution.test.js +46 -0
package/app/modules/rpgPokemonModule/rpgPokemonMessages.js +746 -0
package/app/modules/rpgPokemonModule/rpgPokemonRepository.js +1847 -0
package/app/modules/rpgPokemonModule/rpgPokemonService.js +6839 -0
package/app/modules/rpgPokemonModule/rpgProfileCanvasRenderer.js +354 -0
package/app/modules/statsModule/AGENT.md +320 -0
package/app/modules/statsModule/commandConfig.json +540 -0
package/app/modules/statsModule/globalRankingCommand.js +64 -0
package/app/modules/statsModule/rankingCommand.js +41 -0
package/app/modules/statsModule/rankingCommon.js +1305 -0
package/app/modules/statsModule/statsAiHelpService.js +14 -0
package/app/modules/statsModule/statsConfigRuntime.js +68 -0
package/app/modules/stickerModule/AGENT.md +692 -0
package/app/modules/stickerModule/addStickerMetadata.js +239 -0
package/app/modules/stickerModule/commandConfig.json +1216 -0
package/app/modules/stickerModule/convertToWebp.js +367 -0
package/app/modules/stickerModule/stickerAiHelpService.js +14 -0
package/app/modules/stickerModule/stickerCommand.js +446 -0
package/app/modules/stickerModule/stickerConfigRuntime.js +68 -0
package/app/modules/stickerModule/stickerConvertCommand.js +159 -0
package/app/modules/stickerModule/stickerTextCommand.js +653 -0
package/app/modules/stickerPackModule/AGENT.md +215 -0
package/app/modules/stickerPackModule/autoPackCollectorRuntime.js +20 -0
package/app/modules/stickerPackModule/autoPackCollectorService.js +357 -0
package/app/modules/stickerPackModule/commandConfig.json +387 -0
package/app/modules/stickerPackModule/domainEventOutboxRepository.js +227 -0
package/app/modules/stickerPackModule/domainEvents.js +52 -0
package/app/modules/stickerPackModule/semanticReclassificationEngine.js +429 -0
package/app/modules/stickerPackModule/semanticReclassificationEngine.test.js +75 -0
package/app/modules/stickerPackModule/semanticThemeClusterService.js +544 -0
package/app/modules/stickerPackModule/stickerAssetClassificationRepository.js +400 -0
package/app/modules/stickerPackModule/stickerAssetRepository.js +400 -0
package/app/modules/stickerPackModule/stickerAssetReprocessQueueRepository.js +175 -0
package/app/modules/stickerPackModule/stickerAutoPackByTagsRuntime.js +3702 -0
package/app/modules/stickerPackModule/stickerClassificationBackgroundRuntime.js +559 -0
package/app/modules/stickerPackModule/stickerClassificationService.js +557 -0
package/app/modules/stickerPackModule/stickerDedicatedTaskWorkerRuntime.js +249 -0
package/app/modules/stickerPackModule/stickerDomainEventBus.js +65 -0
package/app/modules/stickerPackModule/stickerDomainEventConsumerRuntime.js +208 -0
package/app/modules/stickerPackModule/stickerMarketplaceDriftService.js +99 -0
package/app/modules/stickerPackModule/stickerObjectStorageService.js +285 -0
package/app/modules/stickerPackModule/stickerPackAiHelpService.js +14 -0
package/app/modules/stickerPackModule/stickerPackCommandHandlers.js +1148 -0
package/app/modules/stickerPackModule/stickerPackConfigRuntime.js +68 -0
package/app/modules/stickerPackModule/stickerPackEngagementRepository.js +152 -0
package/app/modules/stickerPackModule/stickerPackErrors.js +30 -0
package/app/modules/stickerPackModule/stickerPackInteractionEventRepository.js +101 -0
package/app/modules/stickerPackModule/stickerPackItemRepository.js +432 -0
package/app/modules/stickerPackModule/stickerPackMarketplaceService.js +313 -0
package/app/modules/stickerPackModule/stickerPackMessageService.js +268 -0
package/app/modules/stickerPackModule/stickerPackRepository.js +450 -0
package/app/modules/stickerPackModule/stickerPackScoreSnapshotRepository.js +179 -0
package/app/modules/stickerPackModule/stickerPackScoreSnapshotRuntime.js +271 -0
package/app/modules/stickerPackModule/stickerPackService.js +733 -0
package/app/modules/stickerPackModule/stickerPackServiceRuntime.js +32 -0
package/app/modules/stickerPackModule/stickerPackUtils.js +107 -0
package/app/modules/stickerPackModule/stickerStorageService.js +559 -0
package/app/modules/stickerPackModule/stickerWorkerPipelineRuntime.js +242 -0
package/app/modules/stickerPackModule/stickerWorkerTaskQueueRepository.js +242 -0
package/app/modules/systemMetricsModule/AGENT.md +193 -0
package/app/modules/systemMetricsModule/commandConfig.json +344 -0
package/app/modules/systemMetricsModule/pingCommand.js +399 -0
package/app/modules/systemMetricsModule/systemMetricsAiHelpService.js +14 -0
package/app/modules/systemMetricsModule/systemMetricsConfigRuntime.js +68 -0
package/app/modules/tiktokModule/AGENT.md +196 -0
package/app/modules/tiktokModule/commandConfig.json +366 -0
package/app/modules/tiktokModule/tiktokAiHelpService.js +14 -0
package/app/modules/tiktokModule/tiktokCommand.js +716 -0
package/app/modules/tiktokModule/tiktokConfigRuntime.js +68 -0
package/app/modules/userModule/AGENT.md +200 -0
package/app/modules/userModule/commandConfig.json +386 -0
package/app/modules/userModule/userAiHelpService.js +14 -0
package/app/modules/userModule/userCommand.js +1155 -0
package/app/modules/userModule/userConfigRuntime.js +68 -0
package/app/modules/waifuPicsModule/AGENT.md +431 -0
package/app/modules/waifuPicsModule/commandConfig.json +780 -0
package/app/modules/waifuPicsModule/waifuPicsAiHelpService.js +14 -0
package/app/modules/waifuPicsModule/waifuPicsCommand.js +586 -0
package/app/modules/waifuPicsModule/waifuPicsConfigRuntime.js +68 -0
package/app/observability/metrics.js +766 -0
package/app/services/ai/aiHelpResponseCacheRepository.js +280 -0
package/app/services/ai/aiLearningRepository.js +400 -0
package/app/services/ai/commandConfigEnrichmentRepository.js +769 -0
package/app/services/ai/commandConfigEnrichmentService.js +452 -0
package/app/services/ai/commandConfigValidationService.js +443 -0
package/app/services/ai/commandToolBuilderService.js +192 -0
package/app/services/ai/conversationRouterService.js +516 -0
package/app/services/ai/geminiService.js +115 -0
package/app/services/ai/geminiService.test.js +87 -0
package/app/services/ai/globalModuleAiHelpService.js +1412 -0
package/app/services/ai/globalToolCallingService.js +203 -0
package/app/services/ai/messageCommandExecutionService.js +391 -0
package/app/services/ai/moduleAiHelpCoreService.js +1099 -0
package/app/services/ai/moduleAiHelpWrapperFactory.js +65 -0
package/app/services/ai/moduleCommandConfigRuntimeService.js +113 -0
package/app/services/ai/moduleToolExecutorService.js +464 -0
package/app/services/ai/moduleToolRegistryService.js +178 -0
package/app/services/ai/toolCandidateSelectorService.js +781 -0
package/app/services/auth/googleWebLinkService.js +80 -0
package/app/services/auth/whatsappLoginLinkService.js +230 -0
package/app/services/external/pokeApiService.js +398 -0
package/app/services/group/groupMetadataService.js +311 -0
package/app/services/infra/dbWriteQueue.js +874 -0
package/app/services/infra/featureFlagService.js +131 -0
package/app/services/infra/queueUtils.js +55 -0
package/app/services/messaging/captchaService.js +491 -0
package/app/services/messaging/messagePersistenceService.js +1 -0
package/app/services/messaging/newsBroadcastService.js +347 -0
package/app/services/sticker/stickerFocusService.js +347 -0
package/app/services/sticker/stickerFocusService.test.js +43 -0
package/app/store/aiPromptStore.js +38 -0
package/app/store/conversationSessionStore.js +131 -0
package/app/store/groupConfigStore.js +58 -0
package/app/store/premiumUserStore.js +54 -0
package/app/utils/antiLink/antiLinkModule.js +700 -0
package/app/utils/http/getImageBufferModule.js +18 -0
package/app/utils/json/jsonSanitizer.js +113 -0
package/app/utils/json/jsonSanitizer.test.js +40 -0
package/app/utils/systemMetrics/systemMetricsModule.js +88 -0
package/app/workers/aiLearningWorker.js +605 -0
package/app/workers/commandConfigEnrichmentWorker.js +242 -0
package/database/index.js +2075 -0
package/database/init.js +151 -0
package/database/migrations/.gitkeep +0 -0
package/database/migrations/20260307_d0_hardening_down.sql +64 -0
package/database/migrations/20260307_d0_hardening_up.sql +79 -0
package/database/migrations/20260307_d1_terms_acceptance_down.sql +11 -0
package/database/migrations/20260307_d1_terms_acceptance_up.sql +37 -0
package/database/migrations/20260307_d2_auth_hardening_down.sql +75 -0
package/database/migrations/20260307_d2_auth_hardening_up.sql +100 -0
package/database/migrations/20260314_d7_canonical_sender_down.sql +53 -0
package/database/migrations/20260314_d7_canonical_sender_up.sql +114 -0
package/database/migrations/20260406_d30_security_analytics_down.sql +95 -0
package/database/migrations/20260406_d30_security_analytics_up.sql +292 -0
package/database/migrations/20260407_d31_web_google_session_token_hardening_down.sql +2 -0
package/database/migrations/20260407_d31_web_google_session_token_hardening_up.sql +17 -0
package/database/migrations/20260408_d32_ai_help_response_cache_down.sql +1 -0
package/database/migrations/20260408_d32_ai_help_response_cache_up.sql +22 -0
package/database/migrations/20260409_d33_ai_learning_tables_down.sql +4 -0
package/database/migrations/20260409_d33_ai_learning_tables_up.sql +52 -0
package/database/migrations/20260410_d34_command_config_enrichment_down.sql +3 -0
package/database/migrations/20260410_d34_command_config_enrichment_up.sql +48 -0
package/database/schema.sql +1186 -0
package/docker-compose.yml +104 -0
package/docs/audits/stickerCatalogController-out-of-scope.md +103 -0
package/docs/audits/stickerCatalogController-symbols.md +58 -0
package/docs/compliance/acceptable-use-policy-2026-03-07.md +35 -0
package/docs/compliance/dpa-b2b-standard-2026-03-07.md +80 -0
package/docs/compliance/monthly-compliance-checklist-2026-03-07.md +88 -0
package/docs/compliance/notice-and-takedown-policy-2026-03-07.md +34 -0
package/docs/compliance/privacy-policy-2026-03-07.md +75 -0
package/docs/compliance/subprocessors-inventory-2026-03-07.md +16 -0
package/docs/database/production-db-evolution-runbook-2026q1.md +365 -0
package/docs/security/dsar-lgpd-runbook-2026-03-07.md +86 -0
package/docs/security/incident-response-lgpd-anpd-runbook-2026-03-07.md +77 -0
package/docs/security/network-hardening-runbook-2026-03-07.md +137 -0
package/docs/seo/omnizap-seo-playbook-br-2026-02-28.md +238 -0
package/docs/seo/satellite-page-template.md +116 -0
package/docs/seo/satellite-pages-phase1.json +364 -0
package/docs/wiki/Home.md +120 -0
package/docs/wiki/pair-extraordinaire-2026-03-08.md +3 -0
package/docs/wiki/recent-changes-2026-03-08.md +47 -0
package/ecosystem.prod.config.cjs +135 -0
package/eslint.config.js +89 -0
package/index.js +488 -0
package/ml/clip_classifier/Dockerfile +18 -0
package/ml/clip_classifier/README.md +118 -0
package/ml/clip_classifier/adaptive_scoring.py +40 -0
package/ml/clip_classifier/classifier.py +654 -0
package/ml/clip_classifier/embedding_store.py +481 -0
package/ml/clip_classifier/env_loader.py +15 -0
package/ml/clip_classifier/llm_label_expander.py +144 -0
package/ml/clip_classifier/main.py +213 -0
package/ml/clip_classifier/requirements.txt +10 -0
package/ml/clip_classifier/similarity_engine.py +74 -0
package/new-logo.png +0 -0
package/observability/alert-rules.yml +60 -0
package/observability/grafana/dashboards/omnizap-mysql.json +136 -0
package/observability/grafana/dashboards/omnizap-overview.json +170 -0
package/observability/grafana/provisioning/dashboards/dashboards.yml +11 -0
package/observability/grafana/provisioning/datasources/datasources.yml +15 -0
package/observability/loki-config.yml +38 -0
package/observability/mysql-setup.sql +46 -0
package/observability/prometheus.yml +35 -0
package/observability/promtail-config.yml +84 -0
package/observability/sticker-catalog-slo.md +83 -0
package/observability/sticker-scale-hardening-rollout.md +128 -0
package/package.json +144 -0
package/public/apple-touch-icon.png +0 -0
package/public/assets/css/commands-react.input.css +71 -0
package/public/assets/css/create-pack-react.input.css +31 -0
package/public/assets/css/home-react.input.css +106 -0
package/public/assets/css/login-react.input.css +58 -0
package/public/assets/css/stickers-react.input.css +18 -0
package/public/assets/css/terms-react.input.css +115 -0
package/public/assets/css/user-react.input.css +57 -0
package/public/assets/images/brand-icon-192.png +0 -0
package/public/assets/images/brand-logo-128.webp +0 -0
package/public/assets/images/hero-banner-1280.jpg +0 -0
package/public/comandos/commands-catalog.json +4517 -0
package/public/css/api-docs.css +161 -0
package/public/css/stickers-admin.css +1288 -0
package/public/css/styles.css +679 -0
package/public/css/systemadm/admin.css +474 -0
package/public/css/systemadm/base.css +73 -0
package/public/css/systemadm/components.css +662 -0
package/public/css/systemadm/layout.css +229 -0
package/public/css/systemadm/tokens.css +56 -0
package/public/favicon-16x16.png +0 -0
package/public/favicon-32x32.png +0 -0
package/public/favicon.ico +0 -0
package/public/js/apps/apiDocsApp.js +235 -0
package/public/js/apps/commandsReactApp.js +528 -0
package/public/js/apps/createPackApp.js +1646 -0
package/public/js/apps/homeReactApp.js +942 -0
package/public/js/apps/loginReactApp.js +496 -0
package/public/js/apps/stickersAdminApp.js +1753 -0
package/public/js/apps/stickersApp.js +3797 -0
package/public/js/apps/termsReactApp.js +528 -0
package/public/js/apps/userApp.js +2540 -0
package/public/js/apps/userProfile/actions.js +66 -0
package/public/js/apps/userReactApp.js +547 -0
package/public/js/catalog.js +950 -0
package/public/pages/api-docs.html +40 -0
package/public/pages/aup.html +158 -0
package/public/pages/comandos.html +41 -0
package/public/pages/dpa.html +227 -0
package/public/pages/home.html +45 -0
package/public/pages/licenca.html +182 -0
package/public/pages/login.html +40 -0
package/public/pages/notice-and-takedown.html +234 -0
package/public/pages/politica-de-privacidade.html +251 -0
package/public/pages/seo-bot-whatsapp-para-grupo.html +350 -0
package/public/pages/seo-bot-whatsapp-sem-programar.html +350 -0
package/public/pages/seo-como-automatizar-avisos-no-whatsapp.html +350 -0
package/public/pages/seo-como-criar-comandos-whatsapp.html +350 -0
package/public/pages/seo-como-evitar-spam-no-whatsapp.html +350 -0
package/public/pages/seo-como-moderar-grupo-whatsapp.html +350 -0
package/public/pages/seo-como-organizar-comunidade-whatsapp.html +350 -0
package/public/pages/seo-melhor-bot-whatsapp-para-grupos.html +350 -0
package/public/pages/stickers-admin.html +31 -0
package/public/pages/stickers-create.html +41 -0
package/public/pages/stickers.html +45 -0
package/public/pages/suboperadores.html +237 -0
package/public/pages/termos-de-uso-texto-integral.html +241 -0
package/public/pages/termos-de-uso.html +41 -0
package/public/pages/user-password-reset.html +32 -0
package/public/pages/user-systemadm.html +508 -0
package/public/pages/user.html +39 -0
package/public/robots.txt +9 -0
package/public/site.webmanifest +24 -0
package/public/sitemap.xml +98 -0
package/schemas/command-config.schema.json +582 -0
package/scripts/baileys-compat-smoke.mjs +12 -0
package/scripts/cache-bust.mjs +142 -0
package/scripts/deploy.sh +916 -0
package/scripts/email-broadcast-terms-update.mjs +170 -0
package/scripts/enrich-command-discovery-fields.mjs +286 -0
package/scripts/generate-command-config-schema.mjs +273 -0
package/scripts/generate-commands-catalog.mjs +308 -0
package/scripts/generate-module-agents.mjs +631 -0
package/scripts/generate-seo-satellite-pages.mjs +400 -0
package/scripts/github-deploy-notify.mjs +174 -0
package/scripts/github-release-notify.mjs +219 -0
package/scripts/release.sh +599 -0
package/scripts/run-codeql-local.sh +116 -0
package/scripts/run-prettier-all.mjs +25 -0
package/scripts/security-smoketest.mjs +581 -0
package/scripts/sticker-catalog-loadtest.mjs +210 -0
package/scripts/sticker-worker-task.mjs +119 -0
package/scripts/sync-readme-snapshot.mjs +133 -0
package/scripts/validate-command-config-schema.mjs +130 -0
package/scripts/validate-command-configs.mjs +15 -0
package/scripts/wiki-sync.sh +191 -0
package/server/auth/googleWebAuth/googleWebAuthRuntime.js +62 -0
package/server/auth/googleWebAuth/googleWebAuthService.js +807 -0
package/server/auth/jwt/webJwtService.js +147 -0
package/server/auth/stickerCatalogAuthContext.js +165 -0
package/server/auth/termsAcceptance/termsAcceptanceHandler.js +189 -0
package/server/auth/userPassword/index.js +14 -0
package/server/auth/userPassword/userPasswordAuthService.js +422 -0
package/server/auth/userPassword/userPasswordCrypto.js +199 -0
package/server/auth/userPassword/userPasswordCrypto.test.js +76 -0
package/server/auth/userPassword/userPasswordRecoveryService.js +728 -0
package/server/auth/validation/authSchemas.js +236 -0
package/server/auth/webAccount/webAccountHandlers.js +1434 -0
package/server/controllers/admin/adminBanService.js +138 -0
package/server/controllers/admin/adminPanelHandlers.js +2083 -0
package/server/controllers/admin/stickerCatalogAdminContext.js +17 -0
package/server/controllers/admin/systemAdminController.js +201 -0
package/server/controllers/email/emailAutomationController.js +239 -0
package/server/controllers/metricsController.js +21 -0
package/server/controllers/seo/stickerCatalogSeoContext.js +514 -0
package/server/controllers/sticker/nonCatalogHandlers.js +303 -0
package/server/controllers/sticker/stickerCatalogController.js +4700 -0
package/server/controllers/system/contactController.js +115 -0
package/server/controllers/system/githubController.js +137 -0
package/server/controllers/system/stickerCatalogSystemContext.js +758 -0
package/server/controllers/system/storageController.js +154 -0
package/server/controllers/system/systemController.js +135 -0
package/server/controllers/system/systemMetricsController.js +156 -0
package/server/controllers/system/visitController.js +90 -0
package/server/controllers/userController.js +145 -0
package/server/email/emailAutomationRuntime.js +225 -0
package/server/email/emailAutomationService.js +125 -0
package/server/email/emailOutboxRepository.js +282 -0
package/server/email/emailTemplateService.js +480 -0
package/server/email/emailTransportService.js +156 -0
package/server/http/clientIp.js +95 -0
package/server/http/httpRequestUtils.js +262 -0
package/server/http/httpRequestUtils.test.js +80 -0
package/server/http/httpServer.js +180 -0
package/server/http/requestContext.js +20 -0
package/server/http/siteRoutingUtils.js +87 -0
package/server/index.js +1 -0
package/server/middleware/cachePolicy.js +26 -0
package/server/middleware/cachePolicyHelpers.js +1 -0
package/server/middleware/endpointRateLimit.js +181 -0
package/server/middleware/rateLimit.js +70 -0
package/server/middleware/requireAdminAuth.js +48 -0
package/server/middleware/securityHeaders.js +97 -0
package/server/routes/admin/systemAdminRouter.js +64 -0
package/server/routes/email/emailAutomationRouter.js +46 -0
package/server/routes/health/healthRouter.js +41 -0
package/server/routes/indexRouter.js +234 -0
package/server/routes/metrics/metricsRouter.js +58 -0
package/server/routes/static/staticPageRouter.js +134 -0
package/server/routes/sticker/catalogHandlers/catalogAdminHttp.js +105 -0
package/server/routes/sticker/catalogHandlers/catalogAuthHttp.js +77 -0
package/server/routes/sticker/catalogHandlers/catalogPublicHttp.js +120 -0
package/server/routes/sticker/catalogHandlers/catalogUploadHttp.js +83 -0
package/server/routes/sticker/catalogRouter.js +77 -0
package/server/routes/sticker/stickerApiRouter.js +84 -0
package/server/routes/sticker/stickerDataRouter.js +145 -0
package/server/routes/sticker/stickerSiteRouter.js +43 -0
package/server/routes/user/userApiPaths.js +66 -0
package/server/routes/user/userRouter.js +65 -0
package/server/utils/safePath.js +26 -0
package/utils/logger/loggerModule.js +35 -0
package/vite.config.mjs +38 -0

package/server/controllers/admin/stickerCatalogAdminContext.js ADDED Viewed

@@ -0,0 +1,17 @@
+import { createStickerCatalogAdminBanService } from './adminBanService.js';
+import { createStickerCatalogAdminHandlers } from './adminPanelHandlers.js';
+export const createStickerCatalogAdminBanContext = (dependencies = {}) => {
+  const service = createStickerCatalogAdminBanService(dependencies);
+  const { listAdminBans, createAdminBanRecord, revokeAdminBanRecord, assertGoogleIdentityNotBanned } = service;
+  return {
+    service,
+    listAdminBans,
+    createAdminBanRecord,
+    revokeAdminBanRecord,
+    assertGoogleIdentityNotBanned,
+  };
+};
+export const createStickerCatalogAdminHandlersContext = (dependencies = {}) => createStickerCatalogAdminHandlers(dependencies);

package/server/controllers/admin/systemAdminController.js ADDED Viewed

@@ -0,0 +1,201 @@
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { URL } from 'node:url';
+import logger from '#logger';
+const parseEnvBool = (value, fallback) => {
+  if (value === undefined || value === null || value === '') return fallback;
+  const normalized = String(value).trim().toLowerCase();
+  if (['1', 'true', 'yes', 'y', 'on'].includes(normalized)) return true;
+  if (['0', 'false', 'no', 'n', 'off'].includes(normalized)) return false;
+  return fallback;
+};
+const normalizeBasePath = (value, fallback) => {
+  const raw = String(value || '').trim() || fallback;
+  const withLeadingSlash = raw.startsWith('/') ? raw : `/${raw}`;
+  const withoutTrailingSlash = withLeadingSlash.length > 1 && withLeadingSlash.endsWith('/') ? withLeadingSlash.slice(0, -1) : withLeadingSlash;
+  return withoutTrailingSlash || fallback;
+};
+const LEGACY_STICKER_API_BASE_PATH = normalizeBasePath(process.env.STICKER_API_BASE_PATH, '/api/sticker-packs');
+const USER_API_BASE_PATH = normalizeBasePath(process.env.USER_API_BASE_PATH || process.env.AUTH_API_BASE_PATH, '/api');
+const SYSTEM_ADMIN_API_BASE_PATH = normalizeBasePath(process.env.SYSTEM_ADMIN_API_BASE_PATH || `${USER_API_BASE_PATH}/admin`, `${USER_API_BASE_PATH}/admin`);
+const SYSTEM_ADMIN_API_SESSION_PATH = `${SYSTEM_ADMIN_API_BASE_PATH}/session`;
+const LEGACY_SYSTEM_ADMIN_API_BASE_PATH = `${LEGACY_STICKER_API_BASE_PATH}/admin`;
+const LEGACY_SYSTEM_ADMIN_API_SESSION_PATH = `${LEGACY_SYSTEM_ADMIN_API_BASE_PATH}/session`;
+const STICKER_LOGIN_WEB_PATH = normalizeBasePath(process.env.STICKER_LOGIN_WEB_PATH, '/login');
+const STICKER_WEB_PATH = normalizeBasePath(process.env.STICKER_WEB_PATH, '/stickers');
+const STICKER_ADMIN_WEB_PATH = `${STICKER_WEB_PATH}/admin`;
+const USER_PROFILE_WEB_PATH = normalizeBasePath(process.env.USER_PROFILE_WEB_PATH, '/user');
+const USER_SYSTEMADM_WEB_PATH = `${USER_PROFILE_WEB_PATH}/systemadm`;
+const STICKER_ADMIN_REDIRECT_TO_USER = parseEnvBool(process.env.STICKER_ADMIN_REDIRECT_TO_USER, true);
+const SITE_ORIGIN = String(process.env.SITE_ORIGIN || 'https://omnizap.shop')
+  .trim()
+  .replace(/\/+$/, '');
+const USER_SYSTEMADM_TEMPLATE_PATH = path.join(process.cwd(), 'public', 'pages', 'user-systemadm.html');
+const LEGACY_STICKER_ADMIN_TEMPLATE_PATH = path.join(process.cwd(), 'public', 'pages', 'stickers-admin.html');
+let stickerCatalogControllerPromise = null;
+const loadStickerCatalogController = async () => {
+  if (!stickerCatalogControllerPromise) {
+    stickerCatalogControllerPromise = import('../sticker/stickerCatalogController.js');
+  }
+  return stickerCatalogControllerPromise;
+};
+const sendHtml = (req, res, html) => {
+  res.statusCode = 200;
+  res.setHeader('Content-Type', 'text/html; charset=utf-8');
+  res.setHeader('Cache-Control', 'no-store');
+  res.setHeader('X-Robots-Tag', 'noindex, nofollow');
+  if (req.method === 'HEAD') {
+    res.end();
+    return;
+  }
+  res.end(html);
+};
+const sendJson = (req, res, statusCode, payload) => {
+  const body = JSON.stringify(payload);
+  res.statusCode = statusCode;
+  res.setHeader('Content-Type', 'application/json; charset=utf-8');
+  res.setHeader('Cache-Control', 'no-store');
+  res.setHeader('X-Robots-Tag', 'noindex, nofollow');
+  if (req.method === 'HEAD') {
+    res.end();
+    return;
+  }
+  res.end(body);
+};
+const sendRedirect = (res, location) => {
+  res.statusCode = 302;
+  res.setHeader('Location', location);
+  res.setHeader('Cache-Control', 'no-store');
+  res.end();
+};
+const hasPathPrefix = (pathname, prefix) => pathname === prefix || pathname.startsWith(`${prefix}/`);
+const escapeHtmlAttribute = (value) =>
+  String(value || '')
+    .replace(/&/g, '&amp;')
+    .replace(/"/g, '&quot;')
+    .replace(/</g, '&lt;')
+    .replace(/>/g, '&gt;');
+const replaceDataAttribute = (html, attributeName, value) => String(html || '').replace(new RegExp(`(${attributeName}=")([^"]*)(")`, 'i'), `$1${escapeHtmlAttribute(value)}$3`);
+const remapUrlPathname = (url, pathname) => {
+  if (!url || !pathname) return url;
+  try {
+    const remappedUrl = new URL(String(url?.href || url));
+    remappedUrl.pathname = pathname;
+    return remappedUrl;
+  } catch {
+    return url;
+  }
+};
+const mapAdminApiPathToLegacy = (pathname) => {
+  if (hasPathPrefix(pathname, SYSTEM_ADMIN_API_BASE_PATH)) {
+    const suffix = pathname.slice(SYSTEM_ADMIN_API_BASE_PATH.length);
+    return `${LEGACY_SYSTEM_ADMIN_API_BASE_PATH}${suffix || ''}`;
+  }
+  if (hasPathPrefix(pathname, LEGACY_SYSTEM_ADMIN_API_BASE_PATH)) {
+    return pathname;
+  }
+  return null;
+};
+const renderUserSystemAdminHtml = async () => {
+  const template = await fs.readFile(USER_SYSTEMADM_TEMPLATE_PATH, 'utf8');
+  const dataAttributes = {
+    'data-api-base-path': USER_API_BASE_PATH,
+    'data-login-path': STICKER_LOGIN_WEB_PATH,
+    'data-stickers-path': STICKER_WEB_PATH,
+  };
+  let html = template;
+  for (const [attributeName, value] of Object.entries(dataAttributes)) {
+    html = replaceDataAttribute(html, attributeName, value);
+  }
+  return html;
+};
+export const getSystemAdminRouteConfig = () => ({
+  webPath: USER_SYSTEMADM_WEB_PATH,
+  legacyWebPath: STICKER_ADMIN_WEB_PATH,
+  apiAdminBasePath: SYSTEM_ADMIN_API_BASE_PATH,
+  apiAdminSessionPath: SYSTEM_ADMIN_API_SESSION_PATH,
+  legacyApiAdminBasePath: LEGACY_SYSTEM_ADMIN_API_BASE_PATH,
+  legacyApiAdminSessionPath: LEGACY_SYSTEM_ADMIN_API_SESSION_PATH,
+});
+export const maybeHandleSystemAdminRequest = async (req, res, { pathname, url }) => {
+  if (!['GET', 'HEAD', 'POST', 'PATCH', 'DELETE'].includes(req.method || '')) return false;
+  if (pathname === USER_SYSTEMADM_WEB_PATH || pathname === `${USER_SYSTEMADM_WEB_PATH}/`) {
+    if (!['GET', 'HEAD'].includes(req.method || '')) return false;
+    try {
+      const html = await renderUserSystemAdminHtml();
+      sendHtml(req, res, html);
+    } catch (error) {
+      if (error?.code === 'ENOENT') {
+        sendJson(req, res, 404, { error: 'Template da pagina system admin nao encontrado.' });
+        return true;
+      }
+      logger.error('Falha ao renderizar pagina system admin.', {
+        action: 'user_system_admin_page_render_failed',
+        path: pathname,
+        error: error?.message,
+      });
+      sendJson(req, res, 500, { error: 'Falha interna ao renderizar pagina system admin.' });
+    }
+    return true;
+  }
+  if (pathname === STICKER_ADMIN_WEB_PATH || pathname === `${STICKER_ADMIN_WEB_PATH}/`) {
+    if (!['GET', 'HEAD'].includes(req.method || '')) return false;
+    if (STICKER_ADMIN_REDIRECT_TO_USER) {
+      const requestUrl = new URL(req.url || `${STICKER_ADMIN_WEB_PATH}/`, SITE_ORIGIN);
+      const userUrl = new URL(`${USER_SYSTEMADM_WEB_PATH}/`, SITE_ORIGIN);
+      for (const [key, value] of requestUrl.searchParams.entries()) {
+        userUrl.searchParams.append(key, value);
+      }
+      sendRedirect(res, `${userUrl.pathname}${userUrl.search}`);
+      return true;
+    }
+    try {
+      const html = await fs.readFile(LEGACY_STICKER_ADMIN_TEMPLATE_PATH, 'utf8');
+      sendHtml(req, res, html);
+    } catch (error) {
+      if (error?.code === 'ENOENT') {
+        sendJson(req, res, 404, { error: 'Template do painel admin nao encontrado.' });
+        return true;
+      }
+      logger.error('Falha ao renderizar pagina admin legado.', {
+        action: 'legacy_sticker_admin_page_render_failed',
+        path: pathname,
+        error: error?.message,
+      });
+      sendJson(req, res, 500, { error: 'Falha interna ao renderizar painel admin.' });
+    }
+    return true;
+  }
+  if (hasPathPrefix(pathname, SYSTEM_ADMIN_API_BASE_PATH) || hasPathPrefix(pathname, LEGACY_SYSTEM_ADMIN_API_BASE_PATH)) {
+    const legacyPathname = mapAdminApiPathToLegacy(pathname);
+    if (!legacyPathname) return false;
+    const controller = await loadStickerCatalogController();
+    if (typeof controller?.maybeHandleStickerCatalogRequest !== 'function') return false;
+    return controller.maybeHandleStickerCatalogRequest(req, res, {
+      pathname: legacyPathname,
+      url: remapUrlPathname(url, legacyPathname),
+    });
+  }
+  return false;
+};

package/server/controllers/email/emailAutomationController.js ADDED Viewed

@@ -0,0 +1,239 @@
+import logger from '#logger';
+import { getEmailAutomationStatusSnapshot, queueAutomatedEmail } from '../../email/emailAutomationService.js';
+import { isEmailAutomationRuntimeEnabled, isEmailAutomationRuntimeRunning } from '../../email/emailAutomationRuntime.js';
+import { getEmailTransportMetadata } from '../../email/emailTransportService.js';
+const parseEnvBool = (value, fallback) => {
+  if (value === undefined || value === null || value === '') return fallback;
+  const normalized = String(value).trim().toLowerCase();
+  if (['1', 'true', 'yes', 'y', 'on'].includes(normalized)) return true;
+  if (['0', 'false', 'no', 'n', 'off'].includes(normalized)) return false;
+  return fallback;
+};
+const normalizeBasePath = (value, fallback) => {
+  const raw = String(value || '').trim() || fallback;
+  const withLeadingSlash = raw.startsWith('/') ? raw : `/${raw}`;
+  const withoutTrailingSlash = withLeadingSlash.length > 1 && withLeadingSlash.endsWith('/') ? withLeadingSlash.slice(0, -1) : withLeadingSlash;
+  return withoutTrailingSlash || fallback;
+};
+const EMAIL_AUTOMATION_API_BASE_PATH = normalizeBasePath(process.env.EMAIL_AUTOMATION_API_BASE_PATH, '/api/email');
+const EMAIL_AUTOMATION_API_KEY =
+  String(process.env.EMAIL_AUTOMATION_API_KEY || '')
+    .trim()
+    .slice(0, 255) || '';
+const EMAIL_AUTOMATION_REQUIRE_API_KEY = parseEnvBool(process.env.EMAIL_AUTOMATION_REQUIRE_API_KEY, true);
+const EMAIL_AUTOMATION_HEALTH_PUBLIC = parseEnvBool(process.env.EMAIL_AUTOMATION_HEALTH_PUBLIC, false);
+const sendJson = (req, res, statusCode, payload) => {
+  if (res.writableEnded) return true;
+  const body = JSON.stringify(payload);
+  res.statusCode = statusCode;
+  res.setHeader('Content-Type', 'application/json; charset=utf-8');
+  res.setHeader('Cache-Control', 'no-store');
+  if (req.method === 'HEAD') {
+    res.end();
+    return true;
+  }
+  res.end(body);
+  return true;
+};
+const readJsonBody = async (req, { maxBytes = 256 * 1024 } = {}) =>
+  new Promise((resolve, reject) => {
+    const chunks = [];
+    let total = 0;
+    req.on('data', (chunk) => {
+      total += chunk.length;
+      if (total > maxBytes) {
+        const error = new Error('Payload excedeu limite permitido.');
+        error.statusCode = 413;
+        reject(error);
+        req.destroy();
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on('end', () => {
+      const raw = Buffer.concat(chunks).toString('utf8').trim();
+      if (!raw) {
+        resolve({});
+        return;
+      }
+      try {
+        resolve(JSON.parse(raw));
+      } catch {
+        const error = new Error('JSON inválido.');
+        error.statusCode = 400;
+        reject(error);
+      }
+    });
+    req.on('error', (error) => reject(error));
+  });
+const resolveApiKeyFromRequest = (req) => {
+  const headerKey = String(req.headers?.['x-email-api-key'] || '').trim();
+  if (headerKey) return headerKey;
+  const authHeader = String(req.headers?.authorization || '').trim();
+  if (!authHeader.toLowerCase().startsWith('bearer ')) return '';
+  return authHeader.slice(7).trim();
+};
+const assertAuthorized = (req) => {
+  if (!EMAIL_AUTOMATION_REQUIRE_API_KEY) return;
+  if (!EMAIL_AUTOMATION_API_KEY) {
+    const error = new Error('EMAIL_AUTOMATION_API_KEY não configurada no servidor.');
+    error.statusCode = 503;
+    error.code = 'email_api_key_not_configured';
+    throw error;
+  }
+  const requestKey = resolveApiKeyFromRequest(req);
+  if (!requestKey || requestKey !== EMAIL_AUTOMATION_API_KEY) {
+    const error = new Error('Não autorizado.');
+    error.statusCode = 401;
+    error.code = 'email_api_key_invalid';
+    throw error;
+  }
+};
+export const getEmailAutomationRouteConfig = () => ({
+  apiBasePath: EMAIL_AUTOMATION_API_BASE_PATH,
+});
+export const maybeHandleEmailAutomationRequest = async (req, res, { pathname }) => {
+  if (!['GET', 'HEAD', 'POST'].includes(req.method || '')) return false;
+  const healthPath = `${EMAIL_AUTOMATION_API_BASE_PATH}/health`;
+  const statsPath = `${EMAIL_AUTOMATION_API_BASE_PATH}/stats`;
+  const enqueuePath = `${EMAIL_AUTOMATION_API_BASE_PATH}/enqueue`;
+  const testPath = `${EMAIL_AUTOMATION_API_BASE_PATH}/test`;
+  try {
+    if (pathname === healthPath) {
+      if (!['GET', 'HEAD'].includes(req.method || '')) {
+        return sendJson(req, res, 405, { error: 'Method Not Allowed' });
+      }
+      if (!EMAIL_AUTOMATION_HEALTH_PUBLIC) {
+        assertAuthorized(req);
+      }
+      const basePayload = {
+        ok: true,
+        runtime_enabled: isEmailAutomationRuntimeEnabled(),
+        runtime_running: isEmailAutomationRuntimeRunning(),
+        api_key_required: EMAIL_AUTOMATION_REQUIRE_API_KEY,
+      };
+      if (EMAIL_AUTOMATION_HEALTH_PUBLIC) {
+        return sendJson(req, res, 200, basePayload);
+      }
+      return sendJson(req, res, 200, {
+        ...basePayload,
+        api_base_path: EMAIL_AUTOMATION_API_BASE_PATH,
+        transport: getEmailTransportMetadata(),
+      });
+    }
+    if (pathname === statsPath) {
+      if (!['GET', 'HEAD'].includes(req.method || '')) {
+        return sendJson(req, res, 405, { error: 'Method Not Allowed' });
+      }
+      assertAuthorized(req);
+      const snapshot = await getEmailAutomationStatusSnapshot();
+      return sendJson(req, res, 200, {
+        ok: true,
+        ...snapshot,
+      });
+    }
+    if (pathname === enqueuePath) {
+      if (req.method !== 'POST') {
+        return sendJson(req, res, 405, { error: 'Method Not Allowed' });
+      }
+      assertAuthorized(req);
+      const body = await readJsonBody(req);
+      const queued = await queueAutomatedEmail({
+        to: body.to,
+        name: body.name,
+        templateKey: body.templateKey,
+        templateData: body.templateData,
+        subject: body.subject,
+        text: body.text,
+        html: body.html,
+        metadata: body.metadata,
+        priority: body.priority,
+        scheduledAt: body.scheduledAt,
+        maxAttempts: body.maxAttempts,
+        idempotencyKey: body.idempotencyKey,
+      });
+      return sendJson(req, res, 202, {
+        ok: true,
+        queued,
+      });
+    }
+    if (pathname === testPath) {
+      if (req.method !== 'POST') {
+        return sendJson(req, res, 405, { error: 'Method Not Allowed' });
+      }
+      assertAuthorized(req);
+      const body = await readJsonBody(req);
+      const testRecipient = String(body.to || '').trim();
+      const testName = String(body.name || 'Usuário OmniZap').trim();
+      const queued = await queueAutomatedEmail({
+        to: testRecipient,
+        name: testName,
+        templateKey: 'welcome',
+        templateData: {
+          name: testName,
+          loginUrl: body.loginUrl,
+          redirectUrl: body.redirectUrl,
+          homeUrl: body.homeUrl,
+          siteOrigin: body.siteOrigin,
+        },
+        metadata: {
+          trigger: 'email_api_test',
+        },
+        idempotencyKey: body.idempotencyKey,
+      });
+      return sendJson(req, res, 202, {
+        ok: true,
+        queued,
+      });
+    }
+    return false;
+  } catch (error) {
+    const statusCode = Number(error?.statusCode || 500);
+    if (statusCode >= 500) {
+      logger.error('Falha no controller de automação de e-mail.', {
+        action: 'email_automation_controller_failed',
+        path: pathname,
+        method: req.method,
+        error: error?.message,
+      });
+    }
+    return sendJson(req, res, statusCode, {
+      error: error?.message || 'Falha interna ao processar requisição de e-mail.',
+      code: error?.code || null,
+    });
+  }
+};

package/server/controllers/metricsController.js ADDED Viewed

@@ -0,0 +1,21 @@
+import logger from '#logger';
+import { getMetricsPayload } from '../../app/observability/metrics.js';
+export const sendMetricsResponse = async (res) => {
+  try {
+    const payload = await getMetricsPayload();
+    if (!payload) {
+      res.statusCode = 404;
+      res.end('Not Found');
+      return;
+    }
+    res.statusCode = 200;
+    res.setHeader('Content-Type', payload.contentType);
+    res.end(payload.body);
+  } catch (error) {
+    res.statusCode = 500;
+    res.end('Metrics error');
+    logger.error('Erro ao gerar /metrics', { error: error?.message });
+  }
+};