npm - @omnizap-system/omnizap - Versions diffs - 2.6.2 → 2.6.3 - Mend

@omnizap-system/omnizap 2.6.2 → 2.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (48) hide show

package/.env.example +24 -0
package/app/config/index.js +4 -0
package/app/configParts/adminIdentity.js +29 -0
package/app/configParts/baileysConfig.js +116 -0
package/app/configParts/groupUtils.js +221 -0
package/app/configParts/loggerConfig.js +185 -0
package/app/configParts/messagePersistenceService.js +169 -7
package/app/configParts/sessionConfig.js +85 -0
package/app/connection/baileysCompatibility.test.js +9 -0
package/app/connection/baileysDbAuthState.js +205 -9
package/app/connection/baileysLibsignalPatch.js +210 -0
package/app/connection/groupOwnerWriteStateResolver.js +53 -21
package/app/connection/socketController.js +95 -25
package/app/connection/socketController.multiSession.test.js +20 -0
package/app/controllers/messagePipeline/preProcessingMiddlewares.js +17 -3
package/app/controllers/messageProcessingPipeline.js +2 -0
package/app/controllers/messageProcessingPipeline.test.js +15 -13
package/app/services/multiSession/assignmentBalancerService.js +1 -6
package/app/services/multiSession/groupOwnershipRepository.js +9 -44
package/app/services/multiSession/groupOwnershipService.js +9 -90
package/app/services/multiSession/groupOwnershipService.test.js +12 -4
package/app/services/multiSession/sessionRegistryService.js +6 -60
package/app/utils/antiLink/antiLinkModule.js +54 -24
package/docs/security/omnizap-static-security-headers.conf +3 -3
package/package.json +3 -2
package/public/comandos/commands-catalog.json +1 -1
package/public/css/payments-react.css +478 -0
package/public/js/apps/homeReactApp.js +2 -2
package/public/js/apps/paymentsCancelReactApp.js +45 -0
package/public/js/apps/paymentsReactApp.js +399 -0
package/public/js/apps/paymentsSuccessReactApp.js +148 -0
package/public/pages/pagamentos-cancelado.html +21 -0
package/public/pages/pagamentos-sucesso.html +21 -0
package/public/pages/pagamentos.html +30 -0
package/scripts/deploy.sh +3 -0
package/scripts/new-whatsapp-session.sh +247 -0
package/server/controllers/admin/systemAdminController.js +4 -17
package/server/controllers/payments/paymentsController.js +731 -0
package/server/controllers/system/systemController.js +4 -30
package/server/email/emailAutomationRuntime.js +36 -1
package/server/email/emailAutomationService.js +42 -1
package/server/email/emailTemplateService.js +137 -31
package/server/http/httpRequestUtils.js +18 -14
package/server/middleware/securityHeaders.js +15 -2
package/server/routes/indexRouter.js +27 -7
package/server/routes/payments/paymentsRouter.js +47 -0
package/server/routes/static/staticPageRouter.js +3 -0
package/vite.config.mjs +3 -0

package/.env.example CHANGED Viewed

@@ -105,6 +105,7 @@ BAILEYS_GROUP_METADATA_CACHE_CHECKPERIOD_SECONDS=60
 BAILEYS_SEND_RETRY_ATTEMPTS=2
 BAILEYS_SEND_RETRY_BASE_DELAY_MS=600
 BAILEYS_SEND_MEDIA_UPLOAD_TIMEOUT_MS=0
+BAILEYS_SEND_PREFER_PN_FOR_LID=true
 BAILEYS_VERSION=
 BAILEYS_FETCH_LATEST_VERSION=false
 BAILEYS_LOGGER_MODE=child
@@ -128,11 +129,13 @@ BAILEYS_AUTH_SESSION_ID=default
 BAILEYS_SESSION_IDS=default
 BAILEYS_PRIMARY_SESSION_ID=default
 BAILEYS_SESSION_WEIGHTS=default=1
+BAILEYS_AUTH_KEYS_CACHE_ENABLED=true
 BAILEYS_AUTH_BOOTSTRAP_FROM_FILES=true
 BAILEYS_SINGLE_WRITER_LOCK_ENABLED=true
 BAILEYS_SINGLE_WRITER_LOCK_NAME=
 BAILEYS_SINGLE_WRITER_LOCK_TIMEOUT_SECONDS=2
 BAILEYS_SINGLE_WRITER_LOCK_RETRY_DELAY_MS=15000
+BAILEYS_LIBSIGNAL_RUNTIME_PATCH_ENABLED=true
 GROUP_OWNER_ENFORCEMENT_MODE=off
 GROUP_OWNER_LEASE_MS=120000
 GROUP_OWNER_HEARTBEAT_MS=30000
@@ -322,6 +325,7 @@ WEB_USER_PASSWORD_RECOVERY_HASH_SECRET=
 WEB_URL=https://omnizap.shop
 WEB_VISITOR_COOKIE_TTL_SECONDS=31536000
 WHATSAPP_COMMAND_REQUIRES_GOOGLE_LOGIN=true
+WHATSAPP_ALLOW_SELF_COMMANDS_ON_APPEND=true
 WHATSAPP_GOOGLE_LINK_CHECK_CACHE_TTL_MS=60000
 WHATSAPP_LOGIN_LINK_TTL_SECONDS=900
 WHATSAPP_LOGIN_REQUIRE_SIGNATURE=true
@@ -905,6 +909,26 @@ WIKI_SYNC_SOURCE_DIR=./docs/wiki
 WIKI_SYNC_TMP_DIR=/tmp/omnizap-wiki-sync
 STACK_NAME=omnizap
+# ==============================
+# PAYMENTS (STRIPE CHECKOUT + WEBHOOK)
+# ==============================
+STRIPE_PAYMENTS_ENABLED=true
+PAYMENTS_API_BASE_PATH=/api/payments
+PAYMENTS_WEB_PATH=/pagamentos
+STRIPE_SECRET_KEY=
+STRIPE_WEBHOOK_SECRET=
+STRIPE_PRICE_ID=
+STRIPE_CHECKOUT_MODE=subscription
+STRIPE_PLAN_NAME=Plano Premium
+STRIPE_PLAN_PRICE_LABEL=Assinatura recorrente
+STRIPE_CHECKOUT_SUCCESS_URL=https://omnizap.shop/pagamentos/sucesso?session_id={CHECKOUT_SESSION_ID}
+STRIPE_CHECKOUT_CANCEL_URL=https://omnizap.shop/pagamentos/cancelado
+STRIPE_API_BASE_URL=https://api.stripe.com/v1
+STRIPE_API_TIMEOUT_MS=10000
+STRIPE_ALLOW_PROMOTION_CODES=true
+STRIPE_WEBHOOK_TOLERANCE_SECONDS=300
+STRIPE_AUTO_REVOKE_ON_CANCELLATION=false
 # ==============================
 # EMAIL AUTOMATION (SMTP/OUTBOX)
 # ==============================

package/app/config/index.js CHANGED Viewed

@@ -1,3 +1,7 @@
+/**
+ * Barrel de configuração da aplicação.
+ * Reexporta utilitários de Baileys, grupos, identidade admin, logger e sessão.
+ */
 export * from '../configParts/baileysConfig.js';
 export * from '../configParts/groupUtils.js';
 export * from '../configParts/adminIdentity.js';

package/app/configParts/adminIdentity.js CHANGED Viewed

@@ -2,8 +2,17 @@ import { encodeJid, getJidUser, isSameJidUser, normalizeJid } from './baileysCon
 import { extractUserIdInfo, resolveUserId, resolveUserIdCached } from './baileysConfig.js';
 import { normalizePhoneDigits, resolveAdminIdentityRawFromEnv, resolveAdminPhoneFromEnv } from '../../utils/whatsapp/contactEnv.js';
+/**
+ * Retorna o valor bruto configurado para identidade de admin.
+ * @returns {string}
+ */
 export const getAdminRawValue = () => resolveAdminIdentityRawFromEnv();
+/**
+ * Resolve o JID do administrador com base no valor de ambiente.
+ * Aceita JID completo ou telefone numérico.
+ * @returns {string|null}
+ */
 export const getAdminJid = () => {
   const raw = getAdminRawValue();
   if (!raw) return null;
@@ -24,6 +33,11 @@ export const getAdminJid = () => {
   return normalizedResolved || candidate;
 };
+/**
+ * Resolve o telefone do administrador.
+ * Prioriza `ADMIN_PHONE` explícito e faz fallback para JID/identidade.
+ * @returns {string|null}
+ */
 export const getAdminPhone = () => {
   const explicitAdminPhone = resolveAdminPhoneFromEnv({ fallback: '' });
   if (explicitAdminPhone) return explicitAdminPhone;
@@ -38,6 +52,10 @@ export const getAdminPhone = () => {
   return digits || null;
 };
+/**
+ * Resolve o JID do admin consultando reconciliação LID/JID quando disponível.
+ * @returns {Promise<string|null>}
+ */
 export const resolveAdminJid = async () => {
   const cached = getAdminJid();
   if (!cached) return null;
@@ -50,6 +68,11 @@ export const resolveAdminJid = async () => {
   }
 };
+/**
+ * Verifica se um JID de remetente corresponde ao administrador.
+ * @param {string|null|undefined} senderJid
+ * @returns {boolean}
+ */
 export const isAdminSender = (senderJid) => {
   const adminJid = getAdminJid();
   if (!adminJid || !senderJid) return false;
@@ -60,6 +83,12 @@ export const isAdminSender = (senderJid) => {
   return isSameJidUser(normalizedSender, adminJid) || normalizedSender === adminJid;
 };
+/**
+ * Verifica se a identidade do remetente corresponde ao administrador.
+ * Considera candidatos `jid`, `lid`, `participantAlt` e resolução assíncrona.
+ * @param {unknown} senderIdentity
+ * @returns {Promise<boolean>}
+ */
 export const isAdminSenderAsync = async (senderIdentity) => {
   const senderInfo = extractUserIdInfo(senderIdentity);
   if (!senderInfo.raw && !senderInfo.jid && !senderInfo.lid && !senderInfo.participantAlt) return false;

package/app/configParts/baileysConfig.js CHANGED Viewed

@@ -78,15 +78,28 @@ import { getMultiSessionRuntimeConfig } from './sessionConfig.js';
  * }} SenderInfo
  */
+/**
+ * Versão local de fallback do Baileys.
+ * @type {number[]}
+ */
 const DEFAULT_BAILEYS_VERSION = [7, 0, 0];
 const multiSessionRuntimeConfig = getMultiSessionRuntimeConfig();
 const PRIMARY_BAILEYS_SESSION_ID = String(multiSessionRuntimeConfig?.primarySessionId || process.env.BAILEYS_AUTH_SESSION_ID || 'default').trim() || 'default';
+/**
+ * Normaliza ID de sessão com fallback para sessão primária.
+ * @param {string|null|undefined} sessionId
+ * @returns {string}
+ */
 const normalizeSessionId = (sessionId) => {
   const normalized = String(sessionId || '').trim();
   return normalized || PRIMARY_BAILEYS_SESSION_ID;
 };
+/**
+ * Mapa de sockets ativos por sessão.
+ * @type {Map<string, BaileysSocket>}
+ */
 const sessionSocketMap = new Map();
 let activeSocket = null;
@@ -265,6 +278,10 @@ export const WHATSAPP_USER_JID_SERVERS = new Set(['s.whatsapp.net', 'c.us', 'hos
  */
 export const LID_USER_JID_SERVERS = new Set(['lid', 'hosted.lid']);
+/**
+ * Decode de JID com cache simples do último valor.
+ * @type {(jid: string) => ({user?: string, server?: string, domainType?: number, device?: number}|null)}
+ */
 const decodeJidParts = (() => {
   let lastJid = null;
   let lastDecoded = null;
@@ -341,10 +358,20 @@ export const MEDIA_TYPE_MAPPING = {
  */
 export const BINARY_MEDIA_TYPES = new Set(['image', 'video', 'videoNote', 'audio', 'voice', 'document', 'sticker']);
+/**
+ * Aplica normalização nativa do Baileys no payload de mensagem.
+ * @param {Record<string, any>} message
+ * @returns {Record<string, any>}
+ */
 const normalizeMessage = (message) => normalizeMessageContent(message) || message;
 const MESSAGE_CONTENT_WRAPPER_KEYS = ['ephemeralMessage', 'viewOnceMessage', 'viewOnceMessageV2', 'viewOnceMessageV2Extension', 'deviceSentMessage', 'documentWithCaptionMessage', 'botInvokeMessage', 'editedMessage', 'keepInChatMessage'];
+/**
+ * Resolve wrapper de mensagem de um nó com chave única.
+ * @param {Record<string, any>} node
+ * @returns {Record<string, any>|null}
+ */
 const resolveSingleWrapperMessage = (node) => {
   if (!node || typeof node !== 'object') return null;
@@ -359,6 +386,12 @@ const resolveSingleWrapperMessage = (node) => {
   return null;
 };
+/**
+ * Remove camadas de wrappers (`ephemeral`, `viewOnce`, etc.) até o payload real.
+ * @param {Record<string, any>} message
+ * @param {number} [maxDepth=8]
+ * @returns {Record<string, any>}
+ */
 const unwrapMessageContent = (message, maxDepth = 8) => {
   let current = normalizeMessage(message);
   const visited = new Set();
@@ -392,6 +425,11 @@ const unwrapMessageContent = (message, maxDepth = 8) => {
   return current || message;
 };
+/**
+ * Verifica se uma mediaKey está presente e não vazia.
+ * @param {unknown} mediaKey
+ * @returns {boolean}
+ */
 const hasNonEmptyMediaKey = (mediaKey) => {
   if (!mediaKey) return false;
@@ -417,6 +455,15 @@ const hasNonEmptyMediaKey = (mediaKey) => {
   return Boolean(mediaKey);
 };
+/**
+ * Constrói entrada padronizada de mídia detectada.
+ * @param {string} mediaType
+ * @param {string} messageKey
+ * @param {Record<string, any>} value
+ * @param {boolean} isQuoted
+ * @param {Partial<MediaEntry>} [overrides={}]
+ * @returns {MediaEntry}
+ */
 const buildMediaEntry = (mediaType, messageKey, value, isQuoted, overrides = {}) => ({
   mediaType,
   mediaKey: value,
@@ -434,6 +481,12 @@ const buildMediaEntry = (mediaType, messageKey, value, isQuoted, overrides = {})
   ...overrides,
 });
+/**
+ * Coleta mídias do corpo principal e, opcionalmente, de mensagem citada.
+ * @param {BaileysMessage|{message?: Record<string, any>}|Record<string, any>} message
+ * @param {{includeQuoted?: boolean}} [options]
+ * @returns {MediaEntry[]}
+ */
 const collectMediaFromMessage = (message, { includeQuoted = true } = {}) => {
   if (!message || !message.message) {
     return [];
@@ -452,6 +505,12 @@ const collectMediaFromMessage = (message, { includeQuoted = true } = {}) => {
   return allMedia;
 };
+/**
+ * Filtra lista de mídia por tipo binário e inclusão de tipos desconhecidos.
+ * @param {MediaEntry[]} media
+ * @param {{includeAllTypes?: boolean, includeUnknown?: boolean}} [options]
+ * @returns {MediaEntry[]}
+ */
 const filterMedia = (media, { includeAllTypes = false, includeUnknown = false } = {}) => {
   let filtered = media;
@@ -466,6 +525,11 @@ const filterMedia = (media, { includeAllTypes = false, includeUnknown = false }
   return filtered;
 };
+/**
+ * Procura o campo `contextInfo.expiration` de forma recursiva no payload.
+ * @param {Record<string, any>} root
+ * @returns {number|null}
+ */
 const findExpiration = (root) => {
   if (!root || typeof root !== 'object') return null;
@@ -491,6 +555,11 @@ const findExpiration = (root) => {
   return null;
 };
+/**
+ * Resolve extensão padrão por tipo de mídia.
+ * @param {string} type
+ * @returns {string}
+ */
 const getMediaExtension = (type) => {
   if (type === 'image') return 'jpeg';
   if (type === 'video') return 'mp4';
@@ -498,6 +567,11 @@ const getMediaExtension = (type) => {
   return 'bin';
 };
+/**
+ * Detecta erros de decrypt inválido (OpenSSL).
+ * @param {any} error
+ * @returns {boolean}
+ */
 const isBadDecryptError = (error) => {
   if (!error || typeof error !== 'object') return false;
   if (error.code === 'ERR_OSSL_BAD_DECRYPT') return true;
@@ -1189,6 +1263,10 @@ const authReverseLidCache = new Map();
 let backfillPromise = null;
+/**
+ * Atualiza métrica de profundidade da fila `lid_map`.
+ * @returns {void}
+ */
 const updateLidQueueMetric = () => {
   setQueueDepth('lid_map', lidWriteBuffer.size);
 };
@@ -1199,20 +1277,40 @@ const updateLidQueueMetric = () => {
  */
 const now = () => __timeNowMs();
+/**
+ * Normaliza um identificador LID.
+ * @param {string|null|undefined} lid
+ * @returns {string|null}
+ */
 const normalizeLid = (lid) => {
   if (!lid || !isLidJid(lid)) return null;
   const normalized = normalizeJid(lid);
   return normalized || null;
 };
+/**
+ * Normaliza JID de usuário WhatsApp.
+ * @param {string|null|undefined} jid
+ * @returns {string|null}
+ */
 const normalizeWhatsAppJid = (jid) => {
   if (!jid || !isWhatsAppJid(jid)) return null;
   const normalized = normalizeJid(jid);
   return normalized || null;
 };
+/**
+ * Mantém apenas dígitos de um valor.
+ * @param {unknown} value
+ * @returns {string}
+ */
 const toDigits = (value) => String(value || '').replace(/\D+/g, '');
+/**
+ * Extrai telefone (dígitos) de payload reverso LID.
+ * @param {unknown} content
+ * @returns {string}
+ */
 const parseReverseMappingPhoneDigits = (content) => {
   const raw = String(content || '').trim();
   if (!raw) return '';
@@ -1228,6 +1326,11 @@ const parseReverseMappingPhoneDigits = (content) => {
   return digits.length >= 10 && digits.length <= 15 ? digits : '';
 };
+/**
+ * Resolve JID a partir de LID consultando auth state (MySQL/arquivos).
+ * @param {string} lid
+ * @returns {Promise<string|null>}
+ */
 const resolveAuthStoreJidByLid = async (lid) => {
   const normalizedLid = normalizeLid(lid);
   if (!normalizedLid) return null;
@@ -1519,6 +1622,11 @@ const resolveIdentityCandidates = ({ lid, jid, participantAlt } = {}) => {
   };
 };
+/**
+ * Monta SQL de upsert para lote do `lid_map`.
+ * @param {number} rows
+ * @returns {string}
+ */
 const buildLidUpsertSql = (rows) => {
   const placeholders = buildRowPlaceholders(rows, '(?, ?, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, ?)');
   return `
@@ -1768,6 +1876,10 @@ export const reconcileLidToJid = async ({ lid, jid, source = 'map' } = {}) => {
   return { updated };
 };
+/**
+ * Executa flush em lote do buffer de atualizações LID->JID.
+ * @returns {Promise<void>}
+ */
 const flushLidQueueCore = async () => {
   if (lidWriteBuffer.size === 0) return;
   const entries = Array.from(lidWriteBuffer.values());
@@ -1861,6 +1973,10 @@ export const extractUserIdInfo = (value) => {
     };
   }
+  /**
+   * @param {unknown} entry
+   * @returns {string|null}
+   */
   const readJid = (entry) => (typeof entry === 'string' ? normalizeJid(entry) || null : null);
   const participantAlt = readJid(value.participantAlt);