@omnizap-system/omnizap 2.6.1 → 2.6.2

package/scripts/clear-whatsapp-session.sh

@@ -0,0 +1,123 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+ENV_FILE="${ENV_FILE:-$PROJECT_ROOT/.env}"
+SESSION_ID_OVERRIDE=""
+CLEAR_AUTH_FILES=0
+
+log() {
+  printf '[clear-whatsapp-session] %s\n' "$*"
+}
+
+fail() {
+  printf '[clear-whatsapp-session] erro: %s\n' "$*" >&2
+  exit 1
+}
+
+require_cmd() {
+  if ! command -v "$1" >/dev/null 2>&1; then
+    fail "comando ausente: $1"
+  fi
+}
+
+resolve_db_name() {
+  local base_name="$1"
+  local node_env="${2:-development}"
+
+  if [[ "$base_name" == *_dev || "$base_name" == *_prod ]]; then
+    printf '%s' "$base_name"
+    return 0
+  fi
+
+  if [[ "$node_env" == "production" ]]; then
+    printf '%s_prod' "$base_name"
+  else
+    printf '%s_dev' "$base_name"
+  fi
+}
+
+usage() {
+  cat <<'EOF'
+Uso:
+  bash scripts/clear-whatsapp-session.sh [opcoes]
+
+Opcoes:
+  --session <id>        Forca um session_id especifico (padrao: BAILEYS_AUTH_SESSION_ID ou "default")
+  --clear-auth-files    Remove app/connection/auth/*.json tambem (evita rebootstrap da sessao antiga)
+  -h, --help            Mostra esta ajuda
+EOF
+}
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --session)
+      [[ $# -ge 2 ]] || fail "faltou valor para --session"
+      SESSION_ID_OVERRIDE="$2"
+      shift 2
+      ;;
+    --clear-auth-files)
+      CLEAR_AUTH_FILES=1
+      shift
+      ;;
+    -h|--help)
+      usage
+      exit 0
+      ;;
+    *)
+      fail "opcao invalida: $1 (use --help)"
+      ;;
+  esac
+done
+
+require_cmd mysql
+require_cmd base64
+
+if [[ ! -f "$ENV_FILE" ]]; then
+  fail "arquivo .env nao encontrado em: $ENV_FILE"
+fi
+
+set -a
+# shellcheck disable=SC1090
+source "$ENV_FILE"
+set +a
+
+DB_HOST="${DB_HOST:-}"
+DB_USER="${DB_USER:-}"
+DB_PASSWORD="${DB_PASSWORD:-}"
+DB_NAME="${DB_NAME:-}"
+NODE_ENV_VALUE="${NODE_ENV:-development}"
+SESSION_ID="${SESSION_ID_OVERRIDE:-${BAILEYS_AUTH_SESSION_ID:-default}}"
+
+[[ -n "$DB_HOST" ]] || fail "DB_HOST nao definido no .env"
+[[ -n "$DB_USER" ]] || fail "DB_USER nao definido no .env"
+[[ -n "$DB_PASSWORD" ]] || fail "DB_PASSWORD nao definido no .env"
+[[ -n "$DB_NAME" ]] || fail "DB_NAME nao definido no .env"
+[[ -n "$SESSION_ID" ]] || SESSION_ID="default"
+
+DB_REAL_NAME="$(resolve_db_name "$DB_NAME" "$NODE_ENV_VALUE")"
+SESSION_ID_B64="$(printf '%s' "$SESSION_ID" | base64 -w0)"
+
+log "Limpando sessao '$SESSION_ID' na tabela baileys_auth_state (database: $DB_REAL_NAME)..."
+
+mysql -h "$DB_HOST" -u "$DB_USER" "-p$DB_PASSWORD" "$DB_REAL_NAME" <<SQL
+SET @sid = CONVERT(FROM_BASE64('${SESSION_ID_B64}') USING utf8mb4);
+DELETE FROM baileys_auth_state WHERE session_id = @sid;
+SELECT ROW_COUNT() AS removed_rows, @sid AS session_id;
+SQL
+
+if [[ "$CLEAR_AUTH_FILES" == "1" ]]; then
+  AUTH_DIR="$PROJECT_ROOT/app/connection/auth"
+  if compgen -G "$AUTH_DIR/*.json" >/dev/null 2>&1; then
+    rm -f "$AUTH_DIR"/*.json
+    log "Arquivos legados removidos em: $AUTH_DIR/*.json"
+  else
+    log "Nenhum arquivo legado encontrado em: $AUTH_DIR"
+  fi
+fi
+
+if [[ "${BAILEYS_AUTH_BOOTSTRAP_FROM_FILES:-true}" == "true" && "$CLEAR_AUTH_FILES" != "1" ]]; then
+  log "Aviso: BAILEYS_AUTH_BOOTSTRAP_FROM_FILES=true. Considere usar --clear-auth-files para evitar restaurar sessao antiga."
+fi
+
+log "Concluido. Reinicie o bot para gerar novo QR Code."

package/scripts/core-ai-mode.mjs

@@ -0,0 +1,163 @@
+#!/usr/bin/env node
+
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { spawnSync } from 'node:child_process';
+
+const ENV_PATH = path.resolve(process.cwd(), '.env');
+const MANAGED_BLOCK_START = '# >>> CORE_AI_MODE_MANAGED >>>';
+const MANAGED_BLOCK_END = '# <<< CORE_AI_MODE_MANAGED <<<';
+
+const CORE_AI_FLAGS = ['AI_LEARNING_WORKER_ENABLED', 'AI_HELP_CONTINUOUS_LEARNING_ENABLED', 'COMMAND_CONFIG_ENRICHMENT_WORKER_ENABLED', 'GLOBAL_HELP_ENABLE_WRAPPER_LLM_FALLBACK', 'MODULE_AI_HELP_ENABLE_LLM', 'ADMIN_AI_HELP_ENABLE_LLM', 'AI_AI_HELP_ENABLE_LLM', 'GAME_AI_HELP_ENABLE_LLM', 'MENU_AI_HELP_ENABLE_LLM', 'PLAY_AI_HELP_ENABLE_LLM', 'QUOTE_AI_HELP_ENABLE_LLM', 'RPG_POKEMON_AI_HELP_ENABLE_LLM', 'STATS_AI_HELP_ENABLE_LLM', 'STICKER_AI_HELP_ENABLE_LLM', 'STICKER_PACK_AI_HELP_ENABLE_LLM', 'SYSTEM_METRICS_AI_HELP_ENABLE_LLM', 'TIKTOK_AI_HELP_ENABLE_LLM', 'USER_AI_HELP_ENABLE_LLM', 'WAIFUPICS_AI_HELP_ENABLE_LLM'];
+
+const parseArgs = (argv = []) => {
+  const args = [...argv];
+  let mode = 'status';
+  let restart = true;
+  let pm2Name = process.env.CORE_AI_PM2_NAME || 'omnizap-system-production';
+
+  if (args[0] && !args[0].startsWith('--')) {
+    mode = String(args.shift()).trim().toLowerCase();
+  }
+
+  for (const arg of args) {
+    if (arg === '--no-restart') {
+      restart = false;
+      continue;
+    }
+    if (arg.startsWith('--pm2-name=')) {
+      const value = String(arg.split('=').slice(1).join('=')).trim();
+      if (value) pm2Name = value;
+    }
+  }
+
+  return {
+    mode,
+    restart,
+    pm2Name,
+  };
+};
+
+const parseDotEnvEffectiveMap = (content) => {
+  const map = new Map();
+  const lines = String(content || '').split(/\r?\n/);
+  const keyRegex = /^([A-Za-z_][A-Za-z0-9_]*)=(.*)$/;
+
+  for (const line of lines) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith('#')) continue;
+    const match = line.match(keyRegex);
+    if (!match) continue;
+    map.set(match[1], String(match[2] || '').trim());
+  }
+
+  return map;
+};
+
+const removeManagedBlock = (content) => {
+  const lines = String(content || '').split(/\r?\n/);
+  const startIndex = lines.findIndex((line) => line.trim() === MANAGED_BLOCK_START);
+  if (startIndex < 0) return content;
+  const endIndex = lines.findIndex((line, index) => index > startIndex && line.trim() === MANAGED_BLOCK_END);
+  if (endIndex < 0) {
+    return `${lines.slice(0, startIndex).join('\n').trimEnd()}\n`;
+  }
+  const nextLines = [...lines.slice(0, startIndex), ...lines.slice(endIndex + 1)];
+  return `${nextLines.join('\n').trimEnd()}\n`;
+};
+
+const buildManagedBlock = (value) => {
+  const lines = [MANAGED_BLOCK_START, '# Gerenciado por scripts/core-ai-mode.mjs', ...CORE_AI_FLAGS.map((key) => `${key}=${value}`), MANAGED_BLOCK_END];
+  return `${lines.join('\n')}\n`;
+};
+
+const writeModeToEnv = async (modeValue) => {
+  const current = await fs.readFile(ENV_PATH, 'utf8');
+  const withoutManaged = removeManagedBlock(current);
+  const next = withoutManaged.trimEnd().length > 0 ? `${withoutManaged.trimEnd()}\n\n${buildManagedBlock(modeValue)}` : `${buildManagedBlock(modeValue)}`;
+  await fs.writeFile(ENV_PATH, next, 'utf8');
+};
+
+const computeStatus = async () => {
+  const content = await fs.readFile(ENV_PATH, 'utf8');
+  const map = parseDotEnvEffectiveMap(content);
+  const values = CORE_AI_FLAGS.map((key) => {
+    const raw = String(map.get(key) ?? '')
+      .trim()
+      .toLowerCase();
+    return {
+      key,
+      raw: raw || '(unset)',
+      bool: raw === 'true' || raw === '1' || raw === 'yes' || raw === 'on',
+      isSet: raw.length > 0,
+    };
+  });
+
+  const allFalse = values.every((item) => item.isSet && item.bool === false);
+  const allTrue = values.every((item) => item.isSet && item.bool === true);
+  const mode = allFalse ? 'deterministic_on' : allTrue ? 'ai_on' : 'custom';
+
+  return {
+    mode,
+    values,
+  };
+};
+
+const restartPm2Process = ({ pm2Name, modeValue }) => {
+  const envOverrides = Object.fromEntries(CORE_AI_FLAGS.map((key) => [key, modeValue]));
+  const result = spawnSync('pm2', ['restart', pm2Name, '--update-env'], {
+    env: {
+      ...process.env,
+      ...envOverrides,
+    },
+    encoding: 'utf8',
+  });
+
+  if (result.error) {
+    throw result.error;
+  }
+  if (result.status !== 0) {
+    throw new Error((result.stderr || result.stdout || `Falha ao reiniciar processo PM2: ${pm2Name}`).trim());
+  }
+};
+
+const printStatus = ({ mode, values }) => {
+  console.log(`core_ai_mode=${mode}`);
+  for (const item of values) {
+    console.log(`${item.key}=${item.raw}`);
+  }
+};
+
+const run = async () => {
+  const { mode, restart, pm2Name } = parseArgs(process.argv.slice(2));
+
+  if (!['on', 'off', 'status'].includes(mode)) {
+    console.error('Uso: npm run core:ai -- <on|off|status> [--no-restart] [--pm2-name=<processo>]');
+    process.exitCode = 1;
+    return;
+  }
+
+  if (mode === 'status') {
+    const status = await computeStatus();
+    printStatus(status);
+    return;
+  }
+
+  const modeValue = mode === 'on' ? 'false' : 'true';
+  await writeModeToEnv(modeValue);
+
+  if (restart) {
+    restartPm2Process({ pm2Name, modeValue });
+  }
+
+  const status = await computeStatus();
+  console.log(`core_ai_mode_updated=${mode}`);
+  console.log(`pm2_restart=${restart ? 'executed' : 'skipped'}`);
+  console.log(`pm2_process=${pm2Name}`);
+  printStatus(status);
+};
+
+run().catch((error) => {
+  console.error(`Erro ao alternar modo do core AI: ${error?.message || error}`);
+  process.exitCode = 1;
+});

package/scripts/deploy.sh

@@ -11,6 +11,9 @@ RESTART_PM2="${DEPLOY_RESTART_PM2:-1}"
 PM2_APP_NAME="${DEPLOY_PM2_APP_NAME:-omnizap-production}"
 BUILD_ID="${DEPLOY_BUILD_ID:-$(date -u +%Y%m%d%H%M%S)}"
 VERIFY_URL="${DEPLOY_VERIFY_URL:-https://omnizap.shop/}"
+WEB_SURFACE_VERIFY_ENABLED="${DEPLOY_VERIFY_WEB_SECURITY_SURFACE:-1}"
+WEB_SURFACE_VERIFY_BASE_URL="${DEPLOY_VERIFY_WEB_SECURITY_SURFACE_BASE_URL:-$VERIFY_URL}"
+WEB_SURFACE_VERIFY_REPORT_PATH="${DEPLOY_VERIFY_WEB_SECURITY_SURFACE_REPORT_PATH:-$PROJECT_ROOT/temp/security-web-surface-report.json}"
 DRY_RUN="${DEPLOY_DRY_RUN:-0}"
 GITHUB_NOTIFY="${DEPLOY_GITHUB_NOTIFY:-1}"
 GITHUB_ENVIRONMENT="${DEPLOY_GITHUB_ENVIRONMENT:-production}"
@@ -920,4 +923,11 @@ if command -v curl >/dev/null 2>&1; then
   fi
 fi
 
+if [ "$WEB_SURFACE_VERIFY_ENABLED" = "1" ]; then
+  log "Executando validacao web de seguranca em $WEB_SURFACE_VERIFY_BASE_URL"
+  SECURITY_WEB_SURFACE_BASE_URL="$WEB_SURFACE_VERIFY_BASE_URL" \
+  SECURITY_WEB_SURFACE_REPORT_PATH="$WEB_SURFACE_VERIFY_REPORT_PATH" \
+  node "$PROJECT_ROOT/scripts/security-web-surface-check.mjs"
+fi
+
 log "Deploy concluído com sucesso."