@omnizap-system/omnizap 2.6.2 → 2.6.3

package/app/services/multiSession/groupOwnershipService.js

@@ -70,16 +70,7 @@ const cloneOutcome = (outcome = null) => {
   };
 };
 
-export const createGroupOwnershipService = ({
-  repository = groupOwnershipRepository,
-  sessionRegistry = sessionRegistryService,
-  withTransactionImpl = withTransaction,
-  nowImpl = () => Date.now(),
-  loggerImpl = logger,
-  defaultLeaseMs = DEFAULT_LEASE_MS,
-  cacheTtlMs = parsePositiveInt(process.env.GROUP_OWNER_CACHE_TTL_MS, DEFAULT_CACHE_TTL_MS, 250, 10_000),
-  cacheMaxEntries = DEFAULT_CACHE_MAX_ENTRIES,
-} = {}) => {
+export const createGroupOwnershipService = ({ repository = groupOwnershipRepository, sessionRegistry = sessionRegistryService, withTransactionImpl = withTransaction, nowImpl = () => Date.now(), loggerImpl = logger, defaultLeaseMs = DEFAULT_LEASE_MS, cacheTtlMs = parsePositiveInt(process.env.GROUP_OWNER_CACHE_TTL_MS, DEFAULT_CACHE_TTL_MS, 250, 10_000), cacheMaxEntries = DEFAULT_CACHE_MAX_ENTRIES } = {}) => {
   const ownerCache = new Map();
   const safeDefaultLeaseMs = parsePositiveInt(defaultLeaseMs, DEFAULT_LEASE_MS, 5_000, 15 * 60 * 1000);
   const safeCacheTtlMs = parsePositiveInt(cacheTtlMs, DEFAULT_CACHE_TTL_MS, 250, 10_000);
@@ -128,18 +119,7 @@ export const createGroupOwnershipService = ({
     return Number(assignment?.assignmentVersion || 1);
   };
 
-  const recordHistory = async (
-    {
-      groupJid,
-      previousSessionId = null,
-      newSessionId = null,
-      reason = null,
-      changedBy = 'system',
-      assignmentVersion = null,
-      metadata = null,
-    } = {},
-    connection = null,
-  ) => {
+  const recordHistory = async ({ groupJid, previousSessionId = null, newSessionId = null, reason = null, changedBy = 'system', assignmentVersion = null, metadata = null } = {}, connection = null) => {
     const safeGroupJid = repository.normalizeGroupJid(groupJid);
     const safePreviousSessionId = repository.normalizeSessionId(previousSessionId);
     const safeNewSessionId = repository.normalizeSessionId(newSessionId) || safePreviousSessionId;
@@ -213,14 +193,7 @@ export const createGroupOwnershipService = ({
     return `${safeGroupJid}:${safeOwnerSessionId}:${safeAssignmentVersion}`;
   };
 
-  const validateFenceToken = async (
-    {
-      groupJid,
-      sessionId,
-      assignmentVersion,
-      bypassCache = true,
-    } = {},
-  ) => {
+  const validateFenceToken = async ({ groupJid, sessionId, assignmentVersion, bypassCache = true } = {}) => {
     const safeGroupJid = repository.normalizeGroupJid(groupJid);
     const safeSessionId = repository.normalizeSessionId(sessionId);
     const safeAssignmentVersion = parseAssignmentVersion(assignmentVersion);
@@ -265,16 +238,7 @@ export const createGroupOwnershipService = ({
     };
   };
 
-  const tryAcquire = async (
-    {
-      groupJid,
-      sessionId,
-      leaseMs = safeDefaultLeaseMs,
-      reason = 'claim',
-      changedBy = null,
-      metadata = null,
-    } = {},
-  ) => {
+  const tryAcquire = async ({ groupJid, sessionId, leaseMs = safeDefaultLeaseMs, reason = 'claim', changedBy = null, metadata = null } = {}) => {
     const safeGroupJid = repository.normalizeGroupJid(groupJid);
     const safeSessionId = repository.normalizeSessionId(sessionId);
     if (!safeGroupJid || !safeSessionId) {
@@ -419,14 +383,7 @@ export const createGroupOwnershipService = ({
     return cloneOutcome(outcome);
   };
 
-  const renewLease = async (
-    {
-      groupJid,
-      sessionId,
-      leaseMs = safeDefaultLeaseMs,
-      reason = 'renew',
-    } = {},
-  ) => {
+  const renewLease = async ({ groupJid, sessionId, leaseMs = safeDefaultLeaseMs, reason = 'renew' } = {}) => {
     const safeGroupJid = repository.normalizeGroupJid(groupJid);
     const safeSessionId = repository.normalizeSessionId(sessionId);
     if (!safeGroupJid || !safeSessionId) {
@@ -480,17 +437,7 @@ export const createGroupOwnershipService = ({
     return cloneOutcome(outcome);
   };
 
-  const heartbeatOwnerSession = async (
-    {
-      sessionId,
-      leaseMs = safeDefaultLeaseMs,
-      reason = 'heartbeat',
-      botJid = undefined,
-      metadata = undefined,
-      currentScore = 0,
-      capacityWeight = 1,
-    } = {},
-  ) => {
+  const heartbeatOwnerSession = async ({ sessionId, leaseMs = safeDefaultLeaseMs, reason = 'heartbeat', botJid = undefined, metadata = undefined, currentScore = 0, capacityWeight = 1 } = {}) => {
     const safeSessionId = repository.normalizeSessionId(sessionId);
     if (!safeSessionId) {
       throw new Error('heartbeatOwnerSession requer sessionId valido.');
@@ -531,15 +478,7 @@ export const createGroupOwnershipService = ({
     };
   };
 
-  const release = async (
-    {
-      groupJid,
-      sessionId = null,
-      reason = 'release',
-      changedBy = null,
-      metadata = null,
-    } = {},
-  ) => {
+  const release = async ({ groupJid, sessionId = null, reason = 'release', changedBy = null, metadata = null } = {}) => {
     const safeGroupJid = repository.normalizeGroupJid(groupJid);
     const safeSessionId = repository.normalizeSessionId(sessionId);
     if (!safeGroupJid) {
@@ -620,17 +559,7 @@ export const createGroupOwnershipService = ({
     return cloneOutcome(outcome);
   };
 
-  const forceAssign = async (
-    {
-      groupJid,
-      sessionId,
-      leaseMs = safeDefaultLeaseMs,
-      reason = 'force_assign',
-      changedBy = null,
-      metadata = null,
-      pinned = undefined,
-    } = {},
-  ) => {
+  const forceAssign = async ({ groupJid, sessionId, leaseMs = safeDefaultLeaseMs, reason = 'force_assign', changedBy = null, metadata = null, pinned = undefined } = {}) => {
     const safeGroupJid = repository.normalizeGroupJid(groupJid);
     const safeSessionId = repository.normalizeSessionId(sessionId);
     if (!safeGroupJid || !safeSessionId) {
@@ -729,17 +658,7 @@ export const createGroupOwnershipService = ({
     return cloneOutcome(outcome);
   };
 
-  const setPinned = async (
-    {
-      groupJid,
-      pinned,
-      sessionId = null,
-      reason = null,
-      changedBy = null,
-      metadata = null,
-      leaseMs = safeDefaultLeaseMs,
-    } = {},
-  ) => {
+  const setPinned = async ({ groupJid, pinned, sessionId = null, reason = null, changedBy = null, metadata = null, leaseMs = safeDefaultLeaseMs } = {}) => {
     const safeGroupJid = repository.normalizeGroupJid(groupJid);
     if (!safeGroupJid) {
       throw new Error('setPinned requer groupJid valido.');

package/app/services/multiSession/groupOwnershipService.test.js

@@ -11,19 +11,27 @@ const createInMemoryRepository = () => {
   const history = [];
 
   const normalizeGroupJid = (value) => {
-    const normalized = String(value || '').trim().slice(0, 255);
+    const normalized = String(value || '')
+      .trim()
+      .slice(0, 255);
     return normalized || null;
   };
   const normalizeSessionId = (value) => {
-    const normalized = String(value || '').trim().slice(0, 64);
+    const normalized = String(value || '')
+      .trim()
+      .slice(0, 64);
     return normalized || null;
   };
   const normalizeReason = (value) => {
-    const normalized = String(value || '').trim().slice(0, 64);
+    const normalized = String(value || '')
+      .trim()
+      .slice(0, 64);
     return normalized || null;
   };
   const normalizeChangedBy = (value) => {
-    const normalized = String(value || 'system').trim().slice(0, 64);
+    const normalized = String(value || 'system')
+      .trim()
+      .slice(0, 64);
     return normalized || 'system';
   };
 

package/app/services/multiSession/sessionRegistryService.js

@@ -38,10 +38,7 @@ const normalizeStatus = (value, fallback = DEFAULT_STATUS) => {
 const normalizeBotJid = (value) => {
   if (value === undefined) return undefined;
   if (value === null) return null;
-  const normalized = String(value)
-    .trim()
-    .toLowerCase()
-    .slice(0, MAX_BOT_JID_LENGTH);
+  const normalized = String(value).trim().toLowerCase().slice(0, MAX_BOT_JID_LENGTH);
   return normalized || null;
 };
 
@@ -138,20 +135,7 @@ export const listSessions = async ({ status = null, limit = 100, connection = nu
   return (Array.isArray(rows) ? rows : []).map((row) => normalizeSessionRow(row));
 };
 
-export const upsertSession = async (
-  {
-    sessionId,
-    botJid = undefined,
-    status = DEFAULT_STATUS,
-    capacityWeight = DEFAULT_WEIGHT,
-    currentScore = 0,
-    metadata = undefined,
-    heartbeatAt = undefined,
-    connectedAt = undefined,
-    disconnectedAt = undefined,
-  } = {},
-  { connection = null } = {},
-) => {
+export const upsertSession = async ({ sessionId, botJid = undefined, status = DEFAULT_STATUS, capacityWeight = DEFAULT_WEIGHT, currentScore = 0, metadata = undefined, heartbeatAt = undefined, connectedAt = undefined, disconnectedAt = undefined } = {}, { connection = null } = {}) => {
   const safeSessionId = normalizeSessionId(sessionId);
   if (!safeSessionId) {
     throw new Error('upsertSession requer sessionId valido.');
@@ -187,17 +171,7 @@ export const upsertSession = async (
   return getSession(safeSessionId, { connection });
 };
 
-export const ensureSession = async (
-  sessionId,
-  {
-    status = 'online',
-    capacityWeight = DEFAULT_WEIGHT,
-    currentScore = 0,
-    metadata = undefined,
-    botJid = undefined,
-    connection = null,
-  } = {},
-) =>
+export const ensureSession = async (sessionId, { status = 'online', capacityWeight = DEFAULT_WEIGHT, currentScore = 0, metadata = undefined, botJid = undefined, connection = null } = {}) =>
   upsertSession(
     {
       sessionId,
@@ -210,17 +184,7 @@ export const ensureSession = async (
     { connection },
   );
 
-export const heartbeatSession = async (
-  sessionId,
-  {
-    status = 'online',
-    currentScore = 0,
-    metadata = undefined,
-    botJid = undefined,
-    capacityWeight = DEFAULT_WEIGHT,
-    connection = null,
-  } = {},
-) =>
+export const heartbeatSession = async (sessionId, { status = 'online', currentScore = 0, metadata = undefined, botJid = undefined, capacityWeight = DEFAULT_WEIGHT, connection = null } = {}) =>
   upsertSession(
     {
       sessionId,
@@ -234,16 +198,7 @@ export const heartbeatSession = async (
     { connection },
   );
 
-export const markSessionConnected = async (
-  sessionId,
-  {
-    botJid = undefined,
-    currentScore = 0,
-    metadata = undefined,
-    capacityWeight = DEFAULT_WEIGHT,
-    connection = null,
-  } = {},
-) =>
+export const markSessionConnected = async (sessionId, { botJid = undefined, currentScore = 0, metadata = undefined, capacityWeight = DEFAULT_WEIGHT, connection = null } = {}) =>
   upsertSession(
     {
       sessionId,
@@ -258,16 +213,7 @@ export const markSessionConnected = async (
     { connection },
   );
 
-export const markSessionDisconnected = async (
-  sessionId,
-  {
-    status = 'offline',
-    currentScore = 0,
-    metadata = undefined,
-    capacityWeight = DEFAULT_WEIGHT,
-    connection = null,
-  } = {},
-) =>
+export const markSessionDisconnected = async (sessionId, { status = 'offline', currentScore = 0, metadata = undefined, capacityWeight = DEFAULT_WEIGHT, connection = null } = {}) =>
   upsertSession(
     {
       sessionId,

package/app/utils/antiLink/antiLinkModule.js

@@ -965,50 +965,80 @@ export const handleAntiLink = async ({ sock, messageInfo, extractedText, remoteJ
       return false;
     }
 
+    let removedParticipantId = '';
     try {
-      const removedParticipantId = await removeParticipantWithFallback(sock, normalizedRemoteJid, senderContext.removalCandidates);
+      removedParticipantId = await removeParticipantWithFallback(sock, normalizedRemoteJid, senderContext.removalCandidates);
       if (!removedParticipantId) {
         throw new Error('Nenhum candidato de participante pôde ser removido.');
       }
+    } catch (error) {
+      logger.error(`Falha ao remover usuário com antilink: ${error.message}`, {
+        action: 'antilink_error',
+        groupId: normalizedRemoteJid,
+        userId: senderContext.primarySenderId,
+        senderCandidates: senderContext.senderCandidates,
+        error: error.stack,
+      });
+      return false;
+    }
 
-      const deletionCandidates = uniqueNormalizedJids([removedParticipantId, ...senderContext.senderCandidates]);
-      const purgeResult = await purgeRecentMessagesFromRemovedSender({
+    const deletionCandidates = uniqueNormalizedJids([removedParticipantId, ...senderContext.senderCandidates]);
+    let purgeResult = {
+      requested: 0,
+      deleted: 0,
+      failed: 0,
+      rounds: 0,
+      roundsWithDeletes: 0,
+    };
+    try {
+      purgeResult = await purgeRecentMessagesFromRemovedSender({
         sock,
         messageInfo,
         remoteJid: normalizedRemoteJid,
         senderCandidates: deletionCandidates,
       });
-
-      const senderMention = senderContext.mentionJid || removedParticipantId || senderContext.primarySenderId;
-      const senderUser = getJidUser(senderMention);
-      const recentDeleteLine = purgeResult.deleted > 0 ? `\n🧹 ${purgeResult.deleted} mensagem(ns) dos últimos ${ANTILINK_DELETE_WINDOW_MINUTES} minuto(s) foram apagadas.` : '';
-      await sendMessageWithFallback(sock, normalizedRemoteJid, {
-        text: `🚫 @${senderUser || 'usuario'} foi removido por enviar um link.${recentDeleteLine}`,
-        mentions: senderMention ? [senderMention] : [],
-      });
-
-      logger.info(`Usuário ${removedParticipantId || senderContext.primarySenderId} removido do grupo ${normalizedRemoteJid} por enviar link.`, {
-        action: 'antilink_remove',
+    } catch (error) {
+      logger.warn('Falha ao limpar mensagens recentes após remoção por antilink.', {
+        action: 'antilink_recent_delete_error',
         groupId: normalizedRemoteJid,
         userId: removedParticipantId || senderContext.primarySenderId,
         senderCandidates: senderContext.senderCandidates,
-        deletedRecentMessages: purgeResult.deleted,
-        failedRecentMessageDeletes: purgeResult.failed,
-        requestedRecentMessageDeletes: purgeResult.requested,
-        deleteRevalidationRounds: purgeResult.rounds,
-        deleteRevalidationRoundsWithDeletes: purgeResult.roundsWithDeletes,
+        error: error?.message,
       });
+    }
+
+    const senderMention = senderContext.mentionJid || removedParticipantId || senderContext.primarySenderId;
+    const senderUser = getJidUser(senderMention);
+    const recentDeleteLine = purgeResult.deleted > 0 ? `\n🧹 ${purgeResult.deleted} mensagem(ns) dos últimos ${ANTILINK_DELETE_WINDOW_MINUTES} minuto(s) foram apagadas.` : '';
 
-      return true;
+    try {
+      await sendMessageWithFallback(sock, normalizedRemoteJid, {
+        text: `🚫 @${senderUser || 'usuario'} foi removido por enviar um link.${recentDeleteLine}`,
+        mentions: senderMention ? [senderMention] : [],
+      });
     } catch (error) {
-      logger.error(`Falha ao remover usuário com antilink: ${error.message}`, {
-        action: 'antilink_error',
+      logger.warn('Falha ao enviar aviso de remoção por antilink.', {
+        action: 'antilink_remove_notice_error',
         groupId: normalizedRemoteJid,
-        userId: senderContext.primarySenderId,
+        userId: removedParticipantId || senderContext.primarySenderId,
         senderCandidates: senderContext.senderCandidates,
-        error: error.stack,
+        error: error?.message,
       });
     }
+
+    logger.info(`Usuário ${removedParticipantId || senderContext.primarySenderId} removido do grupo ${normalizedRemoteJid} por enviar link.`, {
+      action: 'antilink_remove',
+      groupId: normalizedRemoteJid,
+      userId: removedParticipantId || senderContext.primarySenderId,
+      senderCandidates: senderContext.senderCandidates,
+      deletedRecentMessages: purgeResult.deleted,
+      failedRecentMessageDeletes: purgeResult.failed,
+      requestedRecentMessageDeletes: purgeResult.requested,
+      deleteRevalidationRounds: purgeResult.rounds,
+      deleteRevalidationRoundsWithDeletes: purgeResult.roundsWithDeletes,
+    });
+
+    return true;
   } else if (isAdmin && !senderIsBot) {
     try {
       const senderMention = senderContext.mentionJid || senderContext.primarySenderId;

package/docs/security/omnizap-static-security-headers.conf

@@ -11,8 +11,8 @@
 #     include /etc/nginx/snippets/omnizap-static-security-headers.conf;
 #   }
 
-add_header Content-Security-Policy "default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; script-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.tailwindcss.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com https://cdnjs.cloudflare.com; connect-src 'self' https://accounts.google.com https://oauth2.googleapis.com https://api.github.com; frame-src 'self' https://accounts.google.com https://omnizap.shop; worker-src 'self' blob:; manifest-src 'self'" always;
-add_header Cross-Origin-Opener-Policy "same-origin" always;
+add_header Content-Security-Policy "default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self' https://accounts.google.com; script-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.tailwindcss.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com https://cdnjs.cloudflare.com; connect-src 'self' https://accounts.google.com https://oauth2.googleapis.com https://api.github.com; frame-src 'self' https://accounts.google.com https://omnizap.shop; worker-src 'self' blob:; manifest-src 'self'" always;
+add_header Cross-Origin-Opener-Policy "same-origin-allow-popups" always;
 add_header Cross-Origin-Resource-Policy "same-origin" always;
 add_header Referrer-Policy "no-referrer" always;
 add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
@@ -22,4 +22,4 @@ add_header X-Download-Options "noopen" always;
 add_header X-Frame-Options "SAMEORIGIN" always;
 add_header X-Permitted-Cross-Domain-Policies "none" always;
 add_header X-XSS-Protection "0" always;
-add_header Permissions-Policy "geolocation=(), microphone=(), camera=()" always;
+add_header Permissions-Policy "geolocation=(), microphone=(), camera=(), identity-credentials-get=(self)" always;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@omnizap-system/omnizap",
-  "version": "2.6.2",
+  "version": "2.6.3",
   "description": "Sistema profissional de automação WhatsApp com tecnologia Baileys",
   "main": "index.js",
   "publishConfig": {
@@ -34,7 +34,7 @@
     "build": "npm run build:all",
     "build:all": "npm run catalog:commands && npm run build:frontend",
     "build:frontend": "npm run build:css && npm run build:js",
-    "build:css": "npm run build:css:home && npm run build:css:user && npm run build:css:login && npm run build:css:terms && npm run build:css:api-docs && npm run build:css:stickers && npm run build:css:create-pack && npm run build:css:stickers-admin && npm run build:css:user-systemadm && npm run build:css:commands",
+    "build:css": "npm run build:css:home && npm run build:css:user && npm run build:css:login && npm run build:css:terms && npm run build:css:api-docs && npm run build:css:payments && npm run build:css:stickers && npm run build:css:create-pack && npm run build:css:stickers-admin && npm run build:css:user-systemadm && npm run build:css:commands",
     "build:js": "vite build --config ./vite.config.mjs",
     "build:js:home": "npm run build:js",
     "build:js:user": "npm run build:js",
@@ -51,6 +51,7 @@
     "build:css:terms": "tailwindcss -i ./public/assets/css/terms-react.input.css -o ./public/assets/css/terms-react.css --minify",
     "build:css:commands": "tailwindcss -i ./public/assets/css/commands-react.input.css -o ./public/assets/css/commands-react.css --minify",
     "build:css:api-docs": "cp ./public/css/api-docs.css ./public/assets/css/api-docs.css",
+    "build:css:payments": "cp ./public/css/payments-react.css ./public/assets/css/payments-react.css",
     "build:css:stickers": "tailwindcss -i ./public/assets/css/stickers-react.input.css -o ./public/assets/css/stickers-react.css --minify",
     "build:css:create-pack": "tailwindcss -i ./public/assets/css/create-pack-react.input.css -o ./public/assets/css/create-pack-react.css --minify",
     "build:css:stickers-admin": "cp ./public/css/stickers-admin.css ./public/assets/css/stickers-admin.css",

package/public/comandos/commands-catalog.json

@@ -1,6 +1,6 @@
 {
   "schema_version": "3.0.0",
-  "generated_at": "2026-03-23T01:52:25.085Z",
+  "generated_at": "2026-03-25T05:25:53.000Z",
   "totals": {
     "modules": 14,
     "categories": 10,