npm - @oneuptime/common - Versions diffs - 7.0.3621 → 7.0.3652 - Mend

@oneuptime/common 7.0.3621 → 7.0.3652

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (152) hide show

package/Models/DatabaseModels/WorkspaceUserAuthToken.ts ADDED Viewed

@@ -0,0 +1,312 @@
+import Project from "./Project";
+import User from "./User";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import AllowAccessIfSubscriptionIsUnpaid from "../../Types/Database/AccessControl/AllowAccessIfSubscriptionIsUnpaid";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import CurrentUserCanAccessRecordBy from "../../Types/Database/CurrentUserCanAccessRecordBy";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import IconProp from "../../Types/Icon/IconProp";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
+import WorkspaceType from "../../Types/Workspace/WorkspaceType";
+export interface MiscData {
+  [key: string]: any;
+}
+export interface SlackMiscData extends MiscData {
+  userId: string;
+}
+@TenantColumn("projectId")
+@AllowAccessIfSubscriptionIsUnpaid()
+@TableAccessControl({
+  create: [Permission.CurrentUser],
+  read: [Permission.CurrentUser],
+  delete: [Permission.CurrentUser],
+  update: [Permission.CurrentUser],
+})
+@CrudApiEndpoint(new Route("/workspace-user-auth-token"))
+@Entity({
+  name: "WorkspaceUserAuthToken",
+})
+@TableMetadata({
+  tableName: "WorkspaceUserAuthToken",
+  singularName: "Workspace User Auth Token",
+  pluralName: "Workspace User Auth Tokens",
+  icon: IconProp.Lock,
+  tableDescription: "Third Party Auth Token for the User",
+})
+@CurrentUserCanAccessRecordBy("userId")
+class WorkspaceUserAuthToken extends BaseModel {
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    title: "Auth Token",
+    required: true,
+    unique: false,
+    type: TableColumnType.VeryLongText,
+    canReadOnRelationQuery: true,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    unique: false,
+    nullable: false,
+  })
+  public authToken?: string = undefined;
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    title: "User ID in Service",
+    description: "User ID in the Workspace",
+    required: true,
+    unique: false,
+    type: TableColumnType.LongText,
+    canReadOnRelationQuery: true,
+  })
+  @Column({
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+    unique: false,
+    nullable: false,
+  })
+  public workspaceUserId?: string = undefined;
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    title: "Workspace Type",
+    description: "Type of Workspace - slack, microsoft teams etc.",
+    required: true,
+    unique: false,
+    type: TableColumnType.LongText,
+    canReadOnRelationQuery: true,
+  })
+  @Column({
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+    unique: false,
+    nullable: false,
+  })
+  public workspaceType?: WorkspaceType = undefined;
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    title: "Misc Data",
+    required: true,
+    unique: false,
+    type: TableColumnType.JSON,
+    canReadOnRelationQuery: true,
+  })
+  @Column({
+    type: ColumnType.JSON,
+    unique: false,
+    nullable: false,
+  })
+  public miscData?: MiscData = undefined;
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "user",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "Relation to User who this email belongs to",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "User ID",
+    description: "User ID who this email belongs to",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  @Index()
+  public userId?: ObjectID = undefined;
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "createdByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Created by User",
+    description:
+      "Relation to User who created this object (if this object was created by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "createdByUserId" })
+  public createdByUser?: User = undefined;
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Created by User ID",
+    description:
+      "User ID who created this object (if this object was created by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public createdByUserId?: ObjectID = undefined;
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    title: "Deleted by User",
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+}
+export default WorkspaceUserAuthToken;

package/Server/API/SlackAPI.ts ADDED Viewed

@@ -0,0 +1,368 @@
+import Express, {
+  ExpressRequest,
+  ExpressResponse,
+  ExpressRouter,
+} from "../Utils/Express";
+import Response from "../Utils/Response";
+import SlackAuthorization from "../Middleware/SlackAuthorization";
+import BadRequestException from "../../Types/Exception/BadRequestException";
+import logger from "../Utils/Logger";
+import { JSONObject } from "../../Types/JSON";
+import BadDataException from "../../Types/Exception/BadDataException";
+import {
+  AppApiClientUrl,
+  DashboardClientUrl,
+  SlackAppClientId,
+  SlackAppClientSecret,
+} from "../EnvironmentConfig";
+import SlackAppManifest from "../Utils/Slack/app-manifest.json";
+import URL from "../../Types/API/URL";
+import HTTPErrorResponse from "../../Types/API/HTTPErrorResponse";
+import HTTPResponse from "../../Types/API/HTTPResponse";
+import API from "../../Utils/API";
+import WorkspaceProjectAuthTokenService from "../Services/WorkspaceProjectAuthTokenService";
+import ObjectID from "../../Types/ObjectID";
+import WorkspaceUserAuthTokenService from "../Services/WorkspaceUserAuthTokenService";
+import WorkspaceType from "../../Types/Workspace/WorkspaceType";
+export default class SlackAPI {
+  public getRouter(): ExpressRouter {
+    const router: ExpressRouter = Express.getRouter();
+    router.get(
+      "/slack/app-manifest",
+      (req: ExpressRequest, res: ExpressResponse) => {
+        // return app manifest for slack app
+        return Response.sendJsonObjectResponse(req, res, SlackAppManifest);
+      },
+    );
+    router.get(
+      "/slack/auth/:projectId/:userId",
+      async (req: ExpressRequest, res: ExpressResponse) => {
+        if (!SlackAppClientId) {
+          return Response.sendErrorResponse(
+            req,
+            res,
+            new BadDataException("Slack App Client ID is not set"),
+          );
+        }
+        if (!SlackAppClientSecret) {
+          return Response.sendErrorResponse(
+            req,
+            res,
+            new BadDataException("Slack App Client Secret is not set"),
+          );
+        }
+        const projectId: string | undefined =
+          req.params["projectId"]?.toString();
+        const userId: string | undefined = req.params["userId"]?.toString();
+        if (!projectId) {
+          return Response.sendErrorResponse(
+            req,
+            res,
+            new BadDataException("Invalid ProjectID in request"),
+          );
+        }
+        if (!userId) {
+          return Response.sendErrorResponse(
+            req,
+            res,
+            new BadDataException("Invalid UserID in request"),
+          );
+        }
+        // if there's an error query param.
+        const error: string | undefined = req.query["error"]?.toString();
+        const slackIntegrationPageUrl: URL = URL.fromString(
+          DashboardClientUrl.toString() +
+            `/${projectId.toString()}/settings/slack-integration`,
+        );
+        if (error) {
+          return Response.redirect(
+            req,
+            res,
+            slackIntegrationPageUrl.addQueryParam("error", error),
+          );
+        }
+        // slack returns the code on successful auth.
+        const code: string | undefined = req.query["code"]?.toString();
+        if (!code) {
+          return Response.sendErrorResponse(
+            req,
+            res,
+            new BadRequestException("Invalid request"),
+          );
+        }
+        // get access token from slack api.
+        const redirectUri: URL = URL.fromString(
+          `${AppApiClientUrl.toString()}/slack/auth/${projectId}/${userId}`,
+        );
+        const requestBody: JSONObject = {
+          code: code,
+          client_id: SlackAppClientId,
+          client_secret: SlackAppClientSecret,
+          redirect_uri: redirectUri.toString(),
+        };
+        logger.debug("Slack Auth Request Body: ");
+        logger.debug(requestBody);
+        // send the request to slack api to get the access token https://slack.com/api/oauth.v2.access
+        const response: HTTPErrorResponse | HTTPResponse<JSONObject> =
+          await API.post(
+            URL.fromString("https://slack.com/api/oauth.v2.access"),
+            requestBody,
+            {
+              "Content-Type": "application/x-www-form-urlencoded",
+            },
+          );
+        if (response instanceof HTTPErrorResponse) {
+          throw response;
+        }
+        const responseBody: JSONObject = response.data;
+        logger.debug("Slack Auth Request Body: ");
+        logger.debug(responseBody);
+        let slackTeamId: string | undefined = undefined;
+        let slackBotAccessToken: string | undefined = undefined;
+        let slackUserId: string | undefined = undefined;
+        let slackTeamName: string | undefined = undefined;
+        let botUserId: string | undefined = undefined;
+        let slackUserAccessToken: string | undefined = undefined;
+        // ReponseBody is in this format.
+        //   {
+        //     "ok": true,
+        //     "access_token": "sample-token",
+        //     "token_type": "bot",
+        //     "scope": "commands,incoming-webhook",
+        //     "bot_user_id": "U0KRQLJ9H",
+        //     "app_id": "A0KRD7HC3",
+        //     "team": {
+        //         "name": "Slack Pickleball Team",
+        //         "id": "T9TK3CUKW"
+        //     },
+        //     "enterprise": {
+        //         "name": "slack-pickleball",
+        //         "id": "E12345678"
+        //     },
+        //     "authed_user": {
+        //         "id": "U1234",
+        //         "scope": "chat:write",
+        //         "access_token": "sample-token",
+        //         "token_type": "user"
+        //     }
+        // }
+        if (responseBody["ok"] !== true) {
+          return Response.sendErrorResponse(
+            req,
+            res,
+            new BadRequestException("Invalid request"),
+          );
+        }
+        if (
+          responseBody["team"] &&
+          (responseBody["team"] as JSONObject)["id"]
+        ) {
+          slackTeamId = (responseBody["team"] as JSONObject)["id"]?.toString();
+        }
+        if (responseBody["access_token"]) {
+          slackBotAccessToken = responseBody["access_token"]?.toString();
+        }
+        if (
+          responseBody["authed_user"] &&
+          (responseBody["authed_user"] as JSONObject)["id"]
+        ) {
+          slackUserId = (responseBody["authed_user"] as JSONObject)[
+            "id"
+          ]?.toString();
+        }
+        if (
+          responseBody["authed_user"] &&
+          (responseBody["authed_user"] as JSONObject)["access_token"]
+        ) {
+          slackUserAccessToken = (responseBody["authed_user"] as JSONObject)[
+            "access_token"
+          ]?.toString();
+        }
+        if (
+          responseBody["team"] &&
+          (responseBody["team"] as JSONObject)["name"]
+        ) {
+          slackTeamName = (responseBody["team"] as JSONObject)[
+            "name"
+          ]?.toString();
+        }
+        if (responseBody["bot_user_id"]) {
+          botUserId = responseBody["bot_user_id"]?.toString();
+        }
+        await WorkspaceProjectAuthTokenService.refreshAuthToken({
+          projectId: new ObjectID(projectId),
+          workspaceType: WorkspaceType.Slack,
+          authToken: slackBotAccessToken || "",
+          workspaceProjectId: slackTeamId || "",
+          miscData: {
+            teamId: slackTeamId || "",
+            teamName: slackTeamName || "",
+            botUserId: botUserId || "",
+          },
+        });
+        await WorkspaceUserAuthTokenService.refreshAuthToken({
+          projectId: new ObjectID(projectId),
+          userId: new ObjectID(userId),
+          workspaceType: WorkspaceType.Slack,
+          authToken: slackUserAccessToken || "",
+          workspaceUserId: slackUserId || "",
+          miscData: {
+            userId: slackUserId || "",
+          },
+        });
+        // return back to dashboard after successful auth.
+        Response.redirect(req, res, slackIntegrationPageUrl);
+      },
+    );
+    router.post(
+      "/slack/interactive",
+      SlackAuthorization.isAuthorizedSlackRequest,
+      (req: ExpressRequest, res: ExpressResponse) => {
+        return Response.sendJsonObjectResponse(req, res, {
+          response_action: "clear",
+        });
+      },
+    );
+    // options load endpoint.
+    router.post(
+      "/slack/options-load",
+      SlackAuthorization.isAuthorizedSlackRequest,
+      (req: ExpressRequest, res: ExpressResponse) => {
+        return Response.sendJsonObjectResponse(req, res, {
+          response_action: "clear",
+        });
+      },
+    );
+    router.post(
+      "/slack/command",
+      SlackAuthorization.isAuthorizedSlackRequest,
+      (req: ExpressRequest, res: ExpressResponse) => {
+        return Response.sendJsonObjectResponse(req, res, {
+          response_action: "clear",
+        });
+      },
+    );
+    router.post(
+      "/slack/events",
+      SlackAuthorization.isAuthorizedSlackRequest,
+      (req: ExpressRequest, res: ExpressResponse) => {
+        // respond to slack challenge
+        const body: any = req.body;
+        if (body.challenge) {
+          return Response.sendJsonObjectResponse(req, res, {
+            challenge: body.challenge,
+          });
+        }
+        // if event is "create-incident" then show the incident create modal with title and description and add a button to submit the form.
+        if (body.event && body.event.type === "create-incident") {
+          return Response.sendJsonObjectResponse(req, res, {
+            type: "modal",
+            title: {
+              type: "plain_text",
+              text: "Create Incident",
+            },
+            blocks: [
+              {
+                type: "input",
+                block_id: "title",
+                element: {
+                  type: "plain_text_input",
+                  action_id: "title",
+                  placeholder: {
+                    type: "plain_text",
+                    text: "Incident Title",
+                  },
+                },
+                label: {
+                  type: "plain_text",
+                  text: "Title",
+                },
+              },
+              {
+                type: "input",
+                block_id: "description",
+                element: {
+                  type: "plain_text_input",
+                  action_id: "description",
+                  placeholder: {
+                    type: "plain_text",
+                    text: "Incident Description",
+                  },
+                },
+                label: {
+                  type: "plain_text",
+                  text: "Description",
+                },
+              },
+              // button
+              {
+                type: "actions",
+                elements: [
+                  {
+                    type: "button",
+                    text: {
+                      type: "plain_text",
+                      text: "Submit",
+                    },
+                    style: "primary",
+                    value: "submit",
+                  },
+                ],
+              },
+            ],
+          });
+        }
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadRequestException("Invalid request"),
+        );
+      },
+    );
+    return router;
+  }
+}

package/Server/EnvironmentConfig.ts CHANGED Viewed

@@ -2,6 +2,7 @@ import {
   AccountsRoute,
   AdminDashboardRoute,
   DashboardRoute,
+  AppApiRoute,
 } from "Common/ServiceRoute";
 import BillingConfig from "./BillingConfig";
 import Hostname from "Common/Types/API/Hostname";
@@ -299,6 +300,8 @@ export const AdminDashboardClientURL: URL = new URL(
   AdminDashboardRoute,
 );
+export const AppApiClientUrl: URL = new URL(HttpProtocol, Host, AppApiRoute);
 export const DashboardClientUrl: URL = new URL(
   HttpProtocol,
   Host,
@@ -313,3 +316,10 @@ export const AccountsClientUrl: URL = new URL(
 export const DisableTelemetry: boolean =
   process.env["DISABLE_TELEMETRY"] === "true";
+export const SlackAppClientId: string | null =
+  process.env["SLACK_APP_CLIENT_ID"] || null;
+export const SlackAppClientSecret: string | null =
+  process.env["SLACK_APP_CLIENT_SECRET"] || null;
+export const SlackAppSigningSecret: string | null =
+  process.env["SLACK_APP_SIGNING_SECRET"] || null;