@omnizap-system/omnizap 2.6.0 → 2.6.2

package/app/utils/antiLink/antiLinkModule.js

@@ -1,10 +1,11 @@
 import { URL } from 'node:url';
 import { isUserAdmin, updateGroupParticipants } from '../../config/index.js';
-import { getJidUser, isLidJid, isSameJidUser, isWhatsAppJid, normalizeJid } from '../../config/index.js';
+import { getJidUser, isGroupJid, isLidJid, isSameJidUser, isSocketOpen, isWhatsAppJid, normalizeJid, parseEnvInt, runActiveSocketMethod, getActiveSocket } from '../../config/index.js';
 import groupConfigStore from '../../store/groupConfigStore.js';
 import logger from '#logger';
 import { sendAndStore } from '../../services/messaging/messagePersistenceService.js';
 import { extractSenderInfoFromMessage, resolveUserId } from '../../config/index.js';
+import { executeQuery, TABLES } from '../../../database/index.js';
 
 /**
  * Base de redes conhecidas e seus domínios oficiais para permitir por categoria.
@@ -120,6 +121,13 @@ const URL_HINTS = ['https://', 'http://', 'www.'];
 const STRICT_TLD_SUFFIXES = new Set(['com', 'net', 'org', 'edu', 'gov', 'mil', 'io', 'me', 'tv', 'co', 'cc', 'gg', 'gl', 'ly', 'so', 'br', 'us', 'uk', 'eu', 'de', 'fr', 'es', 'pt', 'it', 'nl', 'be', 'ch', 'at', 'se', 'no', 'fi', 'dk', 'ie', 'pl', 'cz', 'sk', 'hu', 'ro', 'bg', 'gr', 'ru', 'ua', 'tr', 'il', 'ae', 'sa', 'qa', 'eg', 'ma', 'tn', 'dz', 'za', 'ng', 'ke', 'gh', 'in', 'pk', 'bd', 'lk', 'cn', 'jp', 'kr', 'tw', 'hk', 'sg', 'my', 'th', 'vn', 'ph', 'id', 'au', 'nz', 'ca', 'mx', 'ar', 'cl', 'pe', 'uy', 'py', 'bo', 'ec', 've', 'do', 'cu', 'pa', 'cr', 'gt', 'hn', 'ni', 'sv', 'pr', 'com.br', 'net.br', 'org.br', 'gov.br', 'edu.br', 'jus.br', 'mil.br', 'co.uk', 'org.uk', 'gov.uk', 'ac.uk', 'co.jp', 'ne.jp', 'or.jp', 'go.jp', 'ac.jp', 'com.au', 'net.au', 'org.au', 'edu.au', 'gov.au', 'com.mx', 'com.ar', 'com.co', 'com.pe', 'com.tr', 'com.sg', 'com.my', 'com.ph', 'co.in', 'firm.in', 'net.in', 'org.in', 'gen.in', 'ind.in', 'co.id', 'or.id', 'go.id', 'web.id', 'co.za', 'org.za', 'net.za', 'com.ng', 'com.gh', 'com.eg', 'com.sa', 'com.qa', 'com.ae', 'page.link', 'g.page']);
 const EXTRA_TLD_SUFFIXES = new Set(['ai', 'app', 'dev', 'xyz', 'site', 'online', 'store', 'shop', 'blog', 'tech', 'cloud', 'digital', 'live', 'media', 'news', 'one', 'top', 'club', 'vip', 'fun', 'games', 'game', 'space', 'world', 'today', 'agency', 'email', 'center', 'company', 'group', 'solutions', 'systems', 'services', 'network', 'social', 'design', 'studio', 'photo', 'video', 'audio', 'music', 'art', 'wiki', 'finance', 'capital', 'money', 'loans', 'insurance', 'legal', 'law', 'health', 'care', 'clinic', 'dental', 'academy', 'school', 'college', 'university', 'education', 'training', 'support', 'chat', 'forum', 'community', 'events', 'travel', 'tours', 'hotel', 'homes', 'house', 'auto', 'cars', 'bike', 'food', 'restaurant', 'cafe', 'bar', 'pizza', 'delivery', 'fashion', 'beauty', 'style', 'fit', 'fitness', 'sports', 'download']);
 const ANY_TLD_SUFFIXES = new Set([...STRICT_TLD_SUFFIXES, ...EXTRA_TLD_SUFFIXES]);
+const ANTILINK_DELETE_WINDOW_MS = parseEnvInt(process.env.ANTILINK_DELETE_WINDOW_MS, 5 * 60 * 1000, 60 * 1000, 30 * 60 * 1000);
+const ANTILINK_DELETE_MAX_MESSAGES = parseEnvInt(process.env.ANTILINK_DELETE_MAX_MESSAGES, 40, 1, 300);
+const ANTILINK_QUERY_MAX_CANDIDATES = 20;
+const ANTILINK_DELETE_REVALIDATION_ATTEMPTS = parseEnvInt(process.env.ANTILINK_DELETE_REVALIDATION_ATTEMPTS, 3, 1, 8);
+const ANTILINK_DELETE_REVALIDATION_DELAY_MS = parseEnvInt(process.env.ANTILINK_DELETE_REVALIDATION_DELAY_MS, 450, 100, 5000);
+const ANTILINK_DELETE_WINDOW_MINUTES = Math.max(1, Math.round(ANTILINK_DELETE_WINDOW_MS / (60 * 1000)));
+const wait = (ms) => new Promise((resolve) => setTimeout(resolve, Math.max(0, Number(ms) || 0)));
 
 /**
  * Tokeniza texto por espaço/quebra de linha sem regex.
@@ -591,6 +599,317 @@ const removeParticipantWithFallback = async (sock, remoteJid, candidates = []) =
   return '';
 };
 
+const resolveOperationalSocket = (sock) => {
+  if (isSocketOpen(sock)) return sock;
+  const activeSocket = getActiveSocket();
+  if (isSocketOpen(activeSocket)) return activeSocket;
+  return null;
+};
+
+const sendMessageWithFallback = async (sock, jid, content) => {
+  const operationalSocket = resolveOperationalSocket(sock);
+  if (operationalSocket) {
+    return sendAndStore(operationalSocket, jid, content);
+  }
+  return runActiveSocketMethod('sendMessage', jid, content);
+};
+
+const sendDeleteWithFallback = async (sock, remoteJid, messageKey) => {
+  const operationalSocket = resolveOperationalSocket(sock);
+  if (operationalSocket && typeof operationalSocket.sendMessage === 'function') {
+    return operationalSocket.sendMessage(remoteJid, { delete: messageKey });
+  }
+  return runActiveSocketMethod('sendMessage', remoteJid, { delete: messageKey });
+};
+
+const safeJsonParse = (value, fallback = null) => {
+  if (value === null || value === undefined) return fallback;
+  if (typeof value === 'object') return value;
+  if (Buffer.isBuffer(value)) {
+    return safeJsonParse(value.toString('utf8'), fallback);
+  }
+  if (typeof value !== 'string') return fallback;
+  try {
+    return JSON.parse(value);
+  } catch {
+    return fallback;
+  }
+};
+
+const toTimestampMs = (value) => {
+  if (value === null || value === undefined) return null;
+  if (value instanceof Date) {
+    const ms = value.getTime();
+    return Number.isFinite(ms) ? ms : null;
+  }
+
+  const numeric = Number(value);
+  if (Number.isFinite(numeric) && numeric > 0) {
+    if (numeric > 1e12) return numeric;
+    if (numeric > 1e10) return numeric;
+    if (numeric > 1e9) return numeric * 1000;
+  }
+
+  const parsed = Date.parse(String(value));
+  return Number.isFinite(parsed) ? parsed : null;
+};
+
+const normalizeMessageId = (value) => {
+  if (value === null || value === undefined) return '';
+  const normalized = String(value).trim();
+  if (!normalized || normalized.length > 255) return '';
+  return normalized;
+};
+
+const buildInClause = (items = []) => items.map(() => '?').join(', ');
+
+const isMissingCanonicalSenderColumnError = (error) => {
+  const code = String(error?.code || '')
+    .trim()
+    .toUpperCase();
+  if (code === 'ER_BAD_FIELD_ERROR') return true;
+  const errno = Number(error?.errno || 0);
+  if (errno === 1054) return true;
+  const message = String(error?.message || '').toLowerCase();
+  return message.includes('canonical_sender_id') && (message.includes('unknown column') || message.includes("doesn't exist"));
+};
+
+const isSenderInCandidates = (senderJid, senderCandidates = []) => {
+  const normalizedSender = normalizeOptionalJid(senderJid);
+  if (!normalizedSender) return false;
+
+  for (const candidate of senderCandidates) {
+    const normalizedCandidate = normalizeOptionalJid(candidate);
+    if (!normalizedCandidate) continue;
+    if (normalizedCandidate === normalizedSender) return true;
+    if (isSameUserSafe(normalizedCandidate, normalizedSender)) return true;
+  }
+  return false;
+};
+
+const normalizeAddressingMode = (value) => {
+  const normalized = String(value || '')
+    .trim()
+    .toLowerCase();
+  if (normalized === 'lid' || normalized === 'pn') return normalized;
+  return '';
+};
+
+const buildDeleteMessageKey = ({ sourceKey = {}, remoteJid, messageId, senderCandidates = [], fallbackParticipant = '' }) => {
+  const normalizedRemoteJid = normalizeOptionalJid(sourceKey?.remoteJid || remoteJid);
+  const normalizedGroupJid = normalizeOptionalJid(remoteJid);
+  if (!normalizedRemoteJid || !normalizedGroupJid || normalizedRemoteJid !== normalizedGroupJid) return null;
+
+  const normalizedMessageId = normalizeMessageId(sourceKey?.id || messageId);
+  if (!normalizedMessageId) return null;
+  if (sourceKey?.fromMe === true) return null;
+
+  const keyParticipant = normalizeOptionalJid(sourceKey?.participant || sourceKey?.participantAlt || fallbackParticipant);
+  if (!keyParticipant || !isSenderInCandidates(keyParticipant, senderCandidates)) return null;
+
+  const deleteKey = {
+    remoteJid: normalizedRemoteJid,
+    id: normalizedMessageId,
+    fromMe: false,
+    participant: keyParticipant,
+  };
+
+  const participantAlt = normalizeOptionalJid(sourceKey?.participantAlt);
+  if (participantAlt && participantAlt !== keyParticipant && isSenderInCandidates(participantAlt, senderCandidates)) {
+    deleteKey.participantAlt = participantAlt;
+  }
+
+  const addressingMode = normalizeAddressingMode(sourceKey?.addressingMode);
+  if (addressingMode) {
+    deleteKey.addressingMode = addressingMode;
+  }
+
+  return deleteKey;
+};
+
+const fetchRecentSenderMessages = async ({ remoteJid, senderCandidates = [], minimumTimestampMs, limit }) => {
+  const normalizedCandidates = uniqueNormalizedJids(senderCandidates).slice(0, ANTILINK_QUERY_MAX_CANDIDATES);
+  if (!normalizedCandidates.length) return [];
+
+  const inClause = buildInClause(normalizedCandidates);
+  const safeLimit = Math.max(1, Math.min(Number(limit) || ANTILINK_DELETE_MAX_MESSAGES, ANTILINK_DELETE_MAX_MESSAGES));
+  const queryParams = [remoteJid, new Date(minimumTimestampMs), ...normalizedCandidates, ...normalizedCandidates, safeLimit];
+  const fullQuery = `SELECT message_id, chat_id, sender_id, canonical_sender_id, raw_message, timestamp
+      FROM ${TABLES.MESSAGES}
+      WHERE chat_id = ?
+        AND timestamp IS NOT NULL
+        AND timestamp >= ?
+        AND (canonical_sender_id IN (${inClause}) OR sender_id IN (${inClause}))
+      ORDER BY timestamp DESC
+      LIMIT ?`;
+
+  try {
+    return await executeQuery(fullQuery, queryParams);
+  } catch (error) {
+    if (!isMissingCanonicalSenderColumnError(error)) {
+      throw error;
+    }
+
+    const fallbackParams = [remoteJid, new Date(minimumTimestampMs), ...normalizedCandidates, safeLimit];
+    const fallbackQuery = `SELECT message_id, chat_id, sender_id, NULL AS canonical_sender_id, raw_message, timestamp
+        FROM ${TABLES.MESSAGES}
+        WHERE chat_id = ?
+          AND timestamp IS NOT NULL
+          AND timestamp >= ?
+          AND sender_id IN (${inClause})
+        ORDER BY timestamp DESC
+        LIMIT ?`;
+
+    return executeQuery(fallbackQuery, fallbackParams);
+  }
+};
+
+const collectRecentDeleteKeysForSender = async ({ messageInfo, remoteJid, senderCandidates = [] }) => {
+  const normalizedRemoteJid = normalizeOptionalJid(remoteJid);
+  if (!normalizedRemoteJid || !isGroupJid(normalizedRemoteJid)) return [];
+
+  const normalizedCandidates = uniqueNormalizedJids(senderCandidates).slice(0, ANTILINK_QUERY_MAX_CANDIDATES);
+  if (!normalizedCandidates.length) return [];
+  const preferredParticipant = normalizedCandidates.find((candidate) => isWhatsAppJid(candidate)) || normalizedCandidates[0] || '';
+
+  const minimumTimestampMs = Date.now() - ANTILINK_DELETE_WINDOW_MS;
+  const keysById = new Map();
+
+  const currentMessageKey = buildDeleteMessageKey({
+    sourceKey: messageInfo?.key || {},
+    remoteJid: normalizedRemoteJid,
+    senderCandidates: normalizedCandidates,
+    fallbackParticipant: preferredParticipant,
+  });
+
+  if (currentMessageKey) {
+    keysById.set(currentMessageKey.id, currentMessageKey);
+  }
+
+  let recentRows = [];
+  try {
+    recentRows = await fetchRecentSenderMessages({
+      remoteJid: normalizedRemoteJid,
+      senderCandidates: normalizedCandidates,
+      minimumTimestampMs,
+      limit: ANTILINK_DELETE_MAX_MESSAGES,
+    });
+  } catch (error) {
+    logger.warn('Falha ao buscar mensagens recentes para limpeza de antilink.', {
+      action: 'antilink_recent_fetch_error',
+      groupId: normalizedRemoteJid,
+      senderCandidates: normalizedCandidates,
+      error: error?.message,
+    });
+  }
+
+  for (const row of recentRows) {
+    if (keysById.size >= ANTILINK_DELETE_MAX_MESSAGES) break;
+
+    const rowTimestampMs = toTimestampMs(row?.timestamp);
+    if (!rowTimestampMs || rowTimestampMs < minimumTimestampMs) continue;
+
+    const rawMessage = safeJsonParse(row?.raw_message, null);
+    const candidateKey = rawMessage?.key && typeof rawMessage.key === 'object' ? rawMessage.key : {};
+    const fallbackParticipant = normalizeOptionalJid(row?.canonical_sender_id || row?.sender_id || preferredParticipant);
+    const deleteKey = buildDeleteMessageKey({
+      sourceKey: candidateKey,
+      remoteJid: normalizedRemoteJid,
+      messageId: row?.message_id,
+      senderCandidates: normalizedCandidates,
+      fallbackParticipant,
+    });
+
+    if (!deleteKey) continue;
+    if (keysById.has(deleteKey.id)) continue;
+    keysById.set(deleteKey.id, deleteKey);
+  }
+
+  return Array.from(keysById.values());
+};
+
+const purgeRecentMessagesFromRemovedSender = async ({ sock, messageInfo, remoteJid, senderCandidates = [] }) => {
+  const totalRounds = Math.max(1, ANTILINK_DELETE_REVALIDATION_ATTEMPTS);
+  const seenMessageIds = new Set();
+  const deletedMessageIds = new Set();
+  let failedAttempts = 0;
+  let roundsWithDeletes = 0;
+
+  for (let round = 1; round <= totalRounds; round += 1) {
+    const deleteKeys = await collectRecentDeleteKeysForSender({
+      messageInfo,
+      remoteJid,
+      senderCandidates,
+    });
+
+    const pendingKeys = [];
+    for (const deleteKey of deleteKeys) {
+      const messageId = normalizeMessageId(deleteKey?.id);
+      if (!messageId) continue;
+      seenMessageIds.add(messageId);
+      if (deletedMessageIds.has(messageId)) continue;
+      pendingKeys.push(deleteKey);
+    }
+
+    let deletedInRound = 0;
+    for (const deleteKey of pendingKeys) {
+      try {
+        await sendDeleteWithFallback(sock, remoteJid, deleteKey);
+        const messageId = normalizeMessageId(deleteKey?.id);
+        if (messageId) {
+          deletedMessageIds.add(messageId);
+          deletedInRound += 1;
+        }
+      } catch (error) {
+        failedAttempts += 1;
+        logger.debug('Falha ao apagar mensagem durante limpeza do antilink.', {
+          action: 'antilink_delete_message_failed',
+          groupId: remoteJid,
+          messageId: deleteKey?.id,
+          participant: deleteKey?.participant || null,
+          round,
+          totalRounds,
+          error: error?.message,
+        });
+      }
+    }
+
+    if (deletedInRound > 0) {
+      roundsWithDeletes += 1;
+    }
+
+    if (round < totalRounds) {
+      await wait(ANTILINK_DELETE_REVALIDATION_DELAY_MS);
+    }
+  }
+
+  return {
+    requested: seenMessageIds.size,
+    deleted: deletedMessageIds.size,
+    failed: failedAttempts,
+    rounds: totalRounds,
+    roundsWithDeletes,
+  };
+};
+
+/**
+ * Limpa mensagens recentes (janela de segurança) de um participante alvo.
+ * Pode ser reutilizado por outros fluxos de moderação (ex.: comando ban).
+ * @param {Object} params
+ * @param {import('@whiskeysockets/baileys').WASocket} params.sock
+ * @param {Object|null|undefined} [params.messageInfo]
+ * @param {string} params.remoteJid
+ * @param {string[]} params.senderCandidates
+ * @returns {Promise<{requested:number, deleted:number, failed:number}>}
+ */
+export const purgeRecentMessagesForSenderCandidates = async ({ sock, messageInfo, remoteJid, senderCandidates = [] }) =>
+  purgeRecentMessagesFromRemovedSender({
+    sock,
+    messageInfo,
+    remoteJid,
+    senderCandidates,
+  });
+
 /**
  * Aplica a regra de antilink do grupo. Retorna true quando removeu e deve pular o restante.
  * @param {Object} params
@@ -604,7 +923,10 @@ const removeParticipantWithFallback = async (sock, remoteJid, candidates = []) =
  * @returns {Promise<boolean>}
  */
 export const handleAntiLink = async ({ sock, messageInfo, extractedText, remoteJid, senderJid, senderIdentity, botJid }) => {
-  const groupConfig = await groupConfigStore.getGroupConfig(remoteJid);
+  const normalizedRemoteJid = normalizeOptionalJid(remoteJid);
+  if (!normalizedRemoteJid || !isGroupJid(normalizedRemoteJid)) return false;
+
+  const groupConfig = await groupConfigStore.getGroupConfig(normalizedRemoteJid);
   if (!groupConfig || !groupConfig.antilinkEnabled) return false;
 
   const allowedDomains = getAllowedDomains(groupConfig.antilinkAllowedNetworks || [], groupConfig.antilinkAllowedDomains || []);
@@ -618,7 +940,7 @@ export const handleAntiLink = async ({ sock, messageInfo, extractedText, remoteJ
   });
   if (!senderContext.primarySenderId && senderContext.senderCandidates.length === 0) return false;
 
-  let isAdmin = await isUserAdmin(remoteJid, {
+  let isAdmin = await isUserAdmin(normalizedRemoteJid, {
     id: senderContext.primarySenderId || null,
     jid: senderContext.senderInfo?.jid || senderContext.primarySenderId || null,
     lid: senderContext.senderInfo?.lid || null,
@@ -628,7 +950,7 @@ export const handleAntiLink = async ({ sock, messageInfo, extractedText, remoteJ
   });
 
   if (!isAdmin && senderContext.primarySenderId) {
-    isAdmin = await isUserAdmin(remoteJid, senderContext.primarySenderId);
+    isAdmin = await isUserAdmin(normalizedRemoteJid, senderContext.primarySenderId);
   }
 
   const senderIsBot = isSenderBot(botJid, senderContext.senderCandidates);
@@ -637,37 +959,51 @@ export const handleAntiLink = async ({ sock, messageInfo, extractedText, remoteJ
     if (senderContext.removalCandidates.length === 0) {
       logger.warn('Antilink detectou link, mas não encontrou ID válido para remoção.', {
         action: 'antilink_no_removal_candidate',
-        groupId: remoteJid,
+        groupId: normalizedRemoteJid,
         senderCandidates: senderContext.senderCandidates,
       });
       return false;
     }
 
     try {
-      const removedParticipantId = await removeParticipantWithFallback(sock, remoteJid, senderContext.removalCandidates);
+      const removedParticipantId = await removeParticipantWithFallback(sock, normalizedRemoteJid, senderContext.removalCandidates);
       if (!removedParticipantId) {
         throw new Error('Nenhum candidato de participante pôde ser removido.');
       }
+
+      const deletionCandidates = uniqueNormalizedJids([removedParticipantId, ...senderContext.senderCandidates]);
+      const purgeResult = await purgeRecentMessagesFromRemovedSender({
+        sock,
+        messageInfo,
+        remoteJid: normalizedRemoteJid,
+        senderCandidates: deletionCandidates,
+      });
+
       const senderMention = senderContext.mentionJid || removedParticipantId || senderContext.primarySenderId;
       const senderUser = getJidUser(senderMention);
-      await sendAndStore(sock, remoteJid, {
-        text: `🚫 @${senderUser || 'usuario'} foi removido por enviar um link.`,
+      const recentDeleteLine = purgeResult.deleted > 0 ? `\n🧹 ${purgeResult.deleted} mensagem(ns) dos últimos ${ANTILINK_DELETE_WINDOW_MINUTES} minuto(s) foram apagadas.` : '';
+      await sendMessageWithFallback(sock, normalizedRemoteJid, {
+        text: `🚫 @${senderUser || 'usuario'} foi removido por enviar um link.${recentDeleteLine}`,
         mentions: senderMention ? [senderMention] : [],
       });
-      await sendAndStore(sock, remoteJid, { delete: messageInfo.key });
 
-      logger.info(`Usuário ${removedParticipantId || senderContext.primarySenderId} removido do grupo ${remoteJid} por enviar link.`, {
+      logger.info(`Usuário ${removedParticipantId || senderContext.primarySenderId} removido do grupo ${normalizedRemoteJid} por enviar link.`, {
         action: 'antilink_remove',
-        groupId: remoteJid,
+        groupId: normalizedRemoteJid,
         userId: removedParticipantId || senderContext.primarySenderId,
         senderCandidates: senderContext.senderCandidates,
+        deletedRecentMessages: purgeResult.deleted,
+        failedRecentMessageDeletes: purgeResult.failed,
+        requestedRecentMessageDeletes: purgeResult.requested,
+        deleteRevalidationRounds: purgeResult.rounds,
+        deleteRevalidationRoundsWithDeletes: purgeResult.roundsWithDeletes,
       });
 
       return true;
     } catch (error) {
       logger.error(`Falha ao remover usuário com antilink: ${error.message}`, {
         action: 'antilink_error',
-        groupId: remoteJid,
+        groupId: normalizedRemoteJid,
         userId: senderContext.primarySenderId,
         senderCandidates: senderContext.senderCandidates,
         error: error.stack,
@@ -677,19 +1013,19 @@ export const handleAntiLink = async ({ sock, messageInfo, extractedText, remoteJ
     try {
       const senderMention = senderContext.mentionJid || senderContext.primarySenderId;
       const senderUser = getJidUser(senderMention);
-      await sendAndStore(sock, remoteJid, {
+      await sendMessageWithFallback(sock, normalizedRemoteJid, {
         text: `ⓘ @${senderUser || 'admin'} (admin) enviou um link.`,
         mentions: senderMention ? [senderMention] : [],
       });
-      logger.info(`Admin ${senderContext.primarySenderId} enviou um link no grupo ${remoteJid} (aviso enviado).`, {
+      logger.info(`Admin ${senderContext.primarySenderId} enviou um link no grupo ${normalizedRemoteJid} (aviso enviado).`, {
         action: 'antilink_admin_link_detected',
-        groupId: remoteJid,
+        groupId: normalizedRemoteJid,
         userId: senderContext.primarySenderId,
       });
     } catch (error) {
       logger.error(`Falha ao enviar aviso de link de admin: ${error.message}`, {
         action: 'antilink_admin_warning_error',
-        groupId: remoteJid,
+        groupId: normalizedRemoteJid,
         userId: senderContext.primarySenderId,
         error: error.stack,
       });