@tiledesk/tiledesk-server 2.12.0 → 2.13.0

package/CHANGELOG.md

@@ -5,8 +5,48 @@
 🚀        IN PRODUCTION                        🚀
 (https://www.npmjs.com/package/@tiledesk/tiledesk-server/v/2.3.77) 
 
-# 2.11.0
+# 2.12.0
+- Updated: whatsapp module listener
+- Updated: whatsapp-connector to 1.0.0
+- Updated: tybot-connector to 2.0.26
+- Updated: vxml-connector to 0.1.77
+
+# 2.11.12 (deprecated)
+- Updated: whatsapp-connector to 0.1.87
+
+# 2.11.11 (deprecated)
+- Updated: whatsapp module listener
+- Updated: whatsapp-connector to 0.1.86
+
+# 2.11.10 (deprecated)
+- Updated: whatsapp module listener
+- Updated: whatsapp-connector to 0.1.85
+- Updated: tybot-connector to 2.0.26
+- Updated: vxml-connector to 0.1.77
+
+# 2.11.9
+- Changed: oauth2 endpoints in auth route
+- Updated: improved project users management (soft delete)
+
+# 2.11.8
+- Added: migration file to migrate namespace engine
+
+# 2.11.7
+- Hotfix: solved bug on findProjectUsersAllAndAvailableWithOperatingHours_group on searching group
+
+# 2.11.6
+- Added: possibility to enable/disable groups
+- Updated: delete project user endpoint to logical delete
+- Updated: tybot-connector to 2.0.23
+- Updated: get all namespace adding counter
+- Added: attributes field in groups model
+
+# 2.11.5
+- Added: log in requestService
+
+# 2.11.4
 - Added: authentication via Keycloak
+- Added: project settings fields for allowed_urls, allowed_urls_list, allow_send_emoji
 
 # 2.10.104
 - Update: standard/hybrid namespace management

package/Dockerfile

@@ -1,4 +1,4 @@
-FROM node:16
+FROM node:18-bullseye
 
 RUN sed -i 's/stable\/updates/stable-security\/updates/' /etc/apt/sources.list
 

package/Dockerfile-en

@@ -1,4 +1,4 @@
-FROM node:16
+FROM node:18-bullseye
 
 RUN sed -i 's/stable\/updates/stable-security\/updates/' /etc/apt/sources.list
 

package/Dockerfile-jobs

@@ -1,4 +1,4 @@
-FROM node:16
+FROM node:18-bullseye
 
 RUN sed -i 's/stable\/updates/stable-security\/updates/' /etc/apt/sources.list
 

package/Dockerfile-profiler

@@ -1,4 +1,4 @@
-FROM node:16
+FROM node:18-bullseye
 
 RUN sed -i 's/stable\/updates/stable-security\/updates/' /etc/apt/sources.list
 

package/middleware/recaptcha.js

@@ -1,11 +1,17 @@
 var winston = require('../config/winston');
 
-var Recaptcha = require('express-recaptcha').RecaptchaV3
-var recaptcha = new Recaptcha('6Lf1khcpAAAAABMNHJfnJm43vVTxFzXM7ADqDAp5', '6Lf1khcpAAAAAG6t7LuOfl9vThGPFOOJIiAoMIhs')
+var Recaptcha = require('express-recaptcha').RecaptchaV3;
 
-const RECAPTCHA_ENABLED =  false;
+const recaptcha_key = process.env.RECAPTCHA_KEY;
+const recaptcha_secret = process.env.RECAPTCHA_SECRET;
+
+winston.info("Recaptcha key: " + recaptcha_key + " and secret: " + recaptcha_secret );
+let recaptcha;
+
+let RECAPTCHA_ENABLED =  false;
 
 if (process.env.RECAPTCHA_ENABLED === true || process.env.RECAPTCHA_ENABLED ==="true") {
+    recaptcha = new Recaptcha(recaptcha_key, recaptcha_secret);
     RECAPTCHA_ENABLED = true;
 }
 
@@ -21,7 +27,7 @@ module.exports =
               next();
                 // success code
             } else {
-              winston.error("Signup recaptcha ko");
+              winston.error("Signup recaptcha ko: "+ error);
             //   next({status:"Signup recaptcha ko"});
                 res.status(403).send({success: false, msg: 'Recaptcha error.'});
 
@@ -29,4 +35,4 @@ module.exports =
             }
         })
        
-}
+}

package/migrations/1752742733903-namespace-engine-migration.js

@@ -0,0 +1,31 @@
+var winston = require('../config/winston');
+const { Namespace } = require('../models/kb_setting');
+
+async function up () {
+
+  if (!process.env.PINECONE_INDEX || !process.env.PINECONE_TYPE) {
+    winston.error("Namespace engine migration STOPPED. PINECONE_TYPE or PINECONE_INDEX undefined.");
+    return;
+  }
+
+  let engine = {
+    name: "pinecone",
+    type: process.env.PINECONE_TYPE,
+    apikey: "",
+    vector_size: 1536,
+    index_name: process.env.PINECONE_INDEX
+  };
+
+  try {
+    const updates = await Namespace.updateMany(
+      { engine: { $exists: false } },
+      { engine: engine }
+    );
+    winston.info("Schema updated for " + updates.nModified + " namespace");
+  } catch (err) {
+    winston.error("Error updating namespaces in migration:", err);
+    throw err;
+  }
+}
+
+module.exports = { up }; 

package/models/group.js

@@ -18,10 +18,18 @@ var GroupSchema = new Schema({
     index: true
     // required: true
   },
+  enabled: {
+    type: Boolean,
+    default: true,
+    index: true
+  },
   trashed: {
     type: Boolean,
     index: true
   },
+  attributes: {
+    type: Object,
+  },
   createdBy: {
     type: String,
     required: true

package/models/project_user.js

@@ -69,10 +69,16 @@ var TagSchema = require("../models/tag");
     },
     status: {
       type: String,
+      enum: ['active', 'disabled'],
       default: "active",
       index: true,
       required: true
     },
+    trashed: {
+      type: Boolean,
+      default: false,
+      required: false
+    }
   }, {
       timestamps: true,
       toJSON: { virtuals: true } //used to polulate messages in toJSON// https://mongoosejs.com/docs/populate.html
@@ -115,7 +121,24 @@ Project_userSchema.virtual('isAuthenticated').get(function () {
   Project_userSchema.index({ id_project: 1, role: 1, status: 1, createdAt: 1  }); 
 
 
-
+  Project_userSchema.pre('findOneAndUpdate', async function(next) {
+    // Get the update object
+    const update = this.getUpdate();
+
+    // Check if 'trashed' is being set to true
+    if (update && (
+        (update.trashed === true) ||
+        (update.$set && update.$set.trashed === true)
+      )) {
+      // Set status to "disabled"
+      if (!update.$set) {
+        update.$set = {};
+      }
+      update.$set.status = "disabled";
+      this.setUpdate(update);
+    }
+    next();
+  });
 
 
   module.exports = mongoose.model('project_user', Project_userSchema);;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@tiledesk/tiledesk-server",
   "description": "The Tiledesk server module",
-  "version": "2.12.0",
+  "version": "2.13.0",
   "scripts": {
     "start": "node ./bin/www",
     "pretest": "mongodb-runner start",
@@ -49,10 +49,10 @@
     "@tiledesk/tiledesk-rasa-connector": "^1.0.10",
     "@tiledesk/tiledesk-sms-connector": "^0.1.11",
     "@tiledesk/tiledesk-telegram-connector": "^0.1.14",
-    "@tiledesk/tiledesk-tybot-connector": "^2.0.21",
+    "@tiledesk/tiledesk-tybot-connector": "^2.0.26",
     "@tiledesk/tiledesk-voice-twilio-connector": "^0.1.22",
-    "@tiledesk/tiledesk-vxml-connector": "^0.1.76",
-    "@tiledesk/tiledesk-whatsapp-connector": "^0.1.84",
+    "@tiledesk/tiledesk-vxml-connector": "^0.1.77",
+    "@tiledesk/tiledesk-whatsapp-connector": "^1.0.0",
     "@tiledesk/tiledesk-whatsapp-jobworker": "^0.0.12",
     "amqplib": "^0.5.5",
     "app-root-path": "^3.0.0",

package/pubmodules/whatsapp/listener.js

@@ -28,6 +28,12 @@ class Listener {
         let graph_url = process.env.META_GRAPH_URL || config.graphUrl || "https://graph.facebook.com/v14.0/"
         winston.debug("Whatsapp graph_url: "+ password);
 
+        let fb_app_id = process.env.FB_APP_ID;
+        winston.debug("Whatsapp fb_app_id: "+ fb_app_id);
+
+        let configuration_id = process.env.CONFIGURATION_ID;
+        winston.debug("Whatsapp configuration_id: "+ configuration_id);
+
         let baseFileUrl = process.env.BASE_FILE_URL || apiUrl || "http://localhost:3000"
 
         let job_topic = process.env.JOB_TOPIC_EXCHANGE;
@@ -50,6 +56,8 @@ class Listener {
             API_URL: apiUrl,
             BASE_FILE_URL: baseFileUrl,
             GRAPH_URL: graph_url,
+            FB_APP_ID: fb_app_id,
+            CONFIGURATION_ID: configuration_id,
             BASE_URL: apiUrl + "/modules/whatsapp",                     
             APPS_API_URL: apiUrl + "/modules/apps",
             REDIS_HOST: host,

package/routes/auth.js

@@ -773,78 +773,73 @@ router.get("/google/callback", passport.authenticate("google", { session: false
 
 
 
-router.get("/oauth2", function(req,res,next){
-  winston.debug("redirect_url: "+ req.query.redirect_url );
+router.get("/oauth2", function (req, res, next) {
+  winston.debug("(oauth2) redirect_url: " + req.query.redirect_url);
   req.session.redirect_url = req.query.redirect_url;
 
-  winston.debug("forced_redirect_url: "+ req.query.forced_redirect_url );
+  winston.debug("(oauth2) forced_redirect_url: " + req.query.forced_redirect_url);
   req.session.forced_redirect_url = req.query.forced_redirect_url;
 
   passport.authenticate(
     'oauth2'
-  )(req,res,next);
+  )(req, res, next);
 });
 
 // router.get('/oauth2',
 //   passport.authenticate('oauth2'));
 
-router.get('/oauth2/callback',
-  passport.authenticate('oauth2', { session: false}),
-  function(req, res) {
-    winston.debug("'/oauth2/callback: ", req.query);
-    winston.debug("/oauth2/callback --> req.session.redirect_url", req.session.redirect_url);
-    winston.debug("/oauth2/callback --> req.session.forced_redirect_url", req.session.forced_redirect_url);
-
-    var user = req.user;
-    winston.debug("user", user);
-    winston.debug("req.session.redirect_url: "+ req.session.redirect_url); 
-    var userJson = user.toObject();
+router.get('/oauth2/callback', passport.authenticate('oauth2', { session: false }), function (req, res) {
+  winston.debug("'/oauth2/callback: ", req.query);
+  winston.debug("/oauth2/callback --> req.session.redirect_url", req.session.redirect_url);
+  winston.debug("/oauth2/callback --> req.session.forced_redirect_url", req.session.forced_redirect_url);
+
+  var user = req.user;
+  winston.debug("(/oauth2/callback) user", user);
+  winston.debug("(/oauth2/callback) req.session.redirect_url: " + req.session.redirect_url);
+  var userJson = user.toObject();
+
+  delete userJson.password;
+
+  var signOptions = {
+    issuer: 'https://tiledesk.com',
+    subject: 'user',
+    audience: 'https://tiledesk.com',
+    jwtid: uuidv4()
+
+  };
+
+  var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+  if (alg) {
+    signOptions.algorithm = alg;
+  }
+
+  var token = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt              
+
+  // return the information including token as JSON
+  // res.json(returnObject);
+
+  let dashboard_base_url = process.env.EMAIL_BASEURL || config.baseUrl;
+  winston.debug("(/oauth2/callback) Google Redirect dashboard_base_url: ", dashboard_base_url);
+
+  let homeurl = "/#/";
     
-    delete userJson.password;
-  
-  
-      var signOptions = {     
-        issuer:  'https://tiledesk.com',       
-        subject:  'user',
-        audience:  'https://tiledesk.com',
-        jwtid: uuidv4()
-  
-      };
-  
-      var alg = process.env.GLOBAL_SECRET_ALGORITHM;
-      if (alg) {
-        signOptions.algorithm = alg;
-      }
-  
-  
-    var token = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt              
-  
-  
-    // return the information including token as JSON
-    // res.json(returnObject);
-  
-    let dashboard_base_url = process.env.EMAIL_BASEURL || config.baseUrl;
-    winston.debug("Google Redirect dashboard_base_url: ", dashboard_base_url);
-  
-    let homeurl = "/#/";
-  
-    if (req.session.redirect_url) {
-      homeurl = req.session.redirect_url;
-    }
-  
-    var url = dashboard_base_url+homeurl+"?token=JWT "+token;
-  
-    if (req.session.forced_redirect_url) {
-      url = req.session.forced_redirect_url+"?jwt=JWT "+token;  //attention we use jwt= (ionic) instead token=(dashboard) for ionic 
-    }
-  
-    winston.debug("Google Redirect: "+ url);
-  
-    res.redirect(url);
+  const separator = homeurl.includes('?') ? '&' : '?';
+  var url = dashboard_base_url+homeurl+ separator + "token=JWT "+token;
   
+  if (req.session.redirect_url) {
+    const separator = req.session.redirect_url.includes('?') ? '&' : '?';
+    url = req.session.redirect_url+ separator + "token=JWT "+token;
+  }
 
-    
-  });
+  if (req.session.forced_redirect_url) {
+    const separator = req.session.forced_redirect_url.includes('?') ? '&' : '?';
+    url = req.session.forced_redirect_url+ separator + "jwt=JWT "+token;  //attention we use jwt= (ionic) instead token=(dashboard) for ionic 
+  }
+
+  winston.debug("(/oauth2/callback) Google Redirect: " + url);
+
+  res.redirect(url);
+});
 
 router.get(
   "/keycloak",

package/routes/group.js

@@ -3,6 +3,7 @@ var router = express.Router();
 var Group = require("../models/group");
 var groupEvent = require("../event/groupEvent");
 var winston = require('../config/winston');
+const departmentService = require('../services/departmentService');
 
 
 
@@ -44,6 +45,9 @@ router.put('/:groupid', function (req, res) {
   if (req.body.trashed!=undefined) {
     update.trashed = req.body.trashed;
   }
+  if (req.body.attributes!=undefined) {
+    update.attributes = req.body.attributes;
+  }
   
 
   Group.findByIdAndUpdate(req.params.groupid, update, { new: true, upsert: true }, function (err, updatedGroup) {
@@ -57,6 +61,49 @@ router.put('/:groupid', function (req, res) {
   });
 });
 
+router.put('/enable/:groupid', async (req, res) => {
+
+  let group_id = req.params.groupid;
+
+  Group.findByIdAndUpdate(group_id, { enabled: true }, { new: true, upsert: true }, (err, updatedGroup) => {
+    if (err) {
+      winston.error("Error enabling the group: ", err);
+      return res.status(500).send({ success: false, error: "Error enabling group" })
+    }
+
+    groupEvent.emit('group.update', updatedGroup);
+    res.status(200).send(updatedGroup);
+  })
+
+})
+
+router.put('/disable/:groupid', async (req, res) => {
+
+  let id_project = req.projectid;
+  let group_id = req.params.groupid;
+
+  const isInDepartment = await departmentService.isGroupInProjectDepartment(id_project, group_id).catch((err) => {
+    winston.error("Error checking if group belongs to the department: ", err);
+    return res.status(500).send({ success: false, error: "Unable to verify group-department association due to an error" })
+  })
+
+  if (isInDepartment) {
+    winston.verbose("The group " + group_id + " belongs to a department and cannot be disabled");
+    return res.status(403).send({ success: false, error: "Unable to disabled a group associated with a department" })
+  }
+
+  Group.findByIdAndUpdate(group_id, { enabled: false }, { new: true, upsert: true }, (err, updatedGroup) => {
+    if (err) {
+      winston.error("Error disabling the group: ", err);
+      return res.status(500).send({ success: false, error: "Error disabling group" })
+    }
+
+    groupEvent.emit('group.update', updatedGroup);
+    res.status(200).send(updatedGroup);
+  })
+
+})
+
 // router.put('/:groupid', function (req, res) {
 
 //   winston.debug(req.body);
@@ -79,21 +126,51 @@ router.put('/:groupid', function (req, res) {
 //   });
 // });
 
-router.delete('/:groupid', function (req, res) {
+router.delete('/:groupid', async (req, res) => {
 
-  winston.debug(req.body);
+  let id_project = req.projectid;
+  let group_id = req.params.groupid;
 
-  Group.findOneAndRemove({_id: req.params.groupid}, function (err, group) {
-    // Group.remove({ _id: req.params.groupid }, function (err, group) {
-    if (err) {
-      winston.error('Error removing the group ', err);
-      return res.status(500).send({ success: false, msg: 'Error deleting object.' });
-    }
-// nn funziuona perchje nn c'è id_project
-    groupEvent.emit('group.delete', group);
+  const isInDepartment = await departmentService.isGroupInProjectDepartment(id_project, group_id).catch((err) => {
+    winston.error("Error checking if group belongs to the department: ", err);
+    return res.status(500).send({ success: false, error: "Unable to verify group-department association due to an error" })
+  })
+
+  if (isInDepartment) {
+    winston.verbose("The group " + group_id + " belongs to a department and cannot be deleted");
+    return res.status(403).send({ success: false, error: "Unable to delete a group associated with a department" })
+  }
+
+  if (req.query.force === "true") {
+    
+    Group.findByIdAndRemove(group_id, function (err, group) {
+      if (err) {
+        winston.error('Error removing the group ', err);
+        return res.status(500).send({ success: false, msg: 'Error deleting group' });
+      }
+      winston.debug("Physically removed group", group);
+      // nn funziuona perchje nn c'è id_project
+      groupEvent.emit('group.delete', group);
+      res.status(200).send(group);
+    });
+
+  } else {
+
+    Group.findByIdAndUpdate(group_id, { enabled: false, trashed: true }, { new: true }, function (err, group) {
+        if (err) {
+          winston.error('Error removing the group ', err);
+          return res.status(500).send({ success: false, msg: 'Error deleting group' });
+        }
+
+        winston.debug("Group logical deleted", group);
+
+        groupEvent.emit('group.update', group);
+
+        res.status(200).send({ success: true, message: "Group successfully deleted"})
+      }
+    );
+  }
 
-    res.json(group);
-  });
 });
 
 

package/routes/kb.js

@@ -321,9 +321,8 @@ router.post('/qa', async (req, res) => {
 
   let ns = namespaces.find(n => n.id === data.namespace);
   data.engine = ns.engine || default_engine;
-  data.hybrid = ns.hybrid;
 
-  if (data.engine.type === 'serverless') {
+  if (ns.hybrid === true) {
     data.search_type = 'hybrid';
   }
 
@@ -463,7 +462,7 @@ router.get('/namespace/all', async (req, res) => {
 
   let project_id = req.projectid;
 
-  Namespace.find({ id_project: project_id }).lean().exec((err, namespaces) => {
+  Namespace.find({ id_project: project_id }).lean().exec( async (err, namespaces) => {
 
     if (err) {
       winston.error("find namespaces error: ", err);
@@ -500,7 +499,18 @@ router.get('/namespace/all', async (req, res) => {
 
     } else {
 
-      const namespaceObjArray = namespaces.map(({ _id, __v, ...keepAttrs }) => keepAttrs)
+      let namespaceObjArray = [];
+      if (req.query.count) {
+        namespaceObjArray = await Promise.all(
+          namespaces.map(async ({ _id, __v, ...keepAttrs }) => {
+            const count = await KB.countDocuments({ id_project: keepAttrs.id_project, namespace: keepAttrs.id });
+            return { ...keepAttrs, count };
+          })
+        );
+      } else {
+        namespaceObjArray = namespaces.map(({ _id, __v, ...keepAttrs }) => keepAttrs)
+      }
+        
       winston.debug("namespaceObjArray: ", namespaceObjArray);
       return res.status(200).send(namespaceObjArray);
     }
@@ -1528,10 +1538,12 @@ router.post('/sitemap', async (req, res) => {
 
   const sitemap = new Sitemapper({
     url: sitemap_url,
-    timeout: 15000
+    timeout: 15000,
+    debug: true
   });
 
   sitemap.fetch().then((data) => {
+    // TODO - check on data.errors to catch error
     winston.debug("data: ", data);
     res.status(200).send(data);
   }).catch((err) => {

package/routes/project.js

@@ -349,9 +349,6 @@ router.put('/:projectid', [passport.authenticate(['basic', 'jwt'], { session: fa
     update["settings.email.notification.conversation.pooled"] = req.body["settings.email.notification.conversation.pooled"];
   }
 
-
-
-
   if (req.body["settings.email.templates.assignedRequest"]!=undefined) {
     update["settings.email.templates.assignedRequest"] = req.body["settings.email.templates.assignedRequest"];
   }
@@ -380,7 +377,6 @@ router.put('/:projectid', [passport.authenticate(['basic', 'jwt'], { session: fa
     update["settings.email.templates.emailDirect"] = req.body["settings.email.templates.emailDirect"];
   }
 
-
   if (req.body["settings.email.from"]!=undefined) {
     update["settings.email.from"] = req.body["settings.email.from"];
   }
@@ -452,6 +448,18 @@ router.put('/:projectid', [passport.authenticate(['basic', 'jwt'], { session: fa
   if (req.body["settings.chatbots_attributes_hidden"]!=undefined) {
     update["settings.chatbots_attributes_hidden"] = req.body["settings.chatbots_attributes_hidden"];
   }
+
+  if (req.body["settings.allow_send_emoji"]!=undefined) {
+    update["settings.allow_send_emoji"] = req.body["settings.allow_send_emoji"];
+  }
+
+  if (req.body["settings.allowed_urls"]!=undefined) {
+    update["settings.allowed_urls"] = req.body["settings.allowed_urls"];
+  }
+
+  if (req.body["settings.allowed_urls_list"]!=undefined) {
+    update["settings.allowed_urls_list"] = req.body["settings.allowed_urls_list"];
+  }
   
   if (req.body.widget!=undefined) {
     update.widget = req.body.widget;
@@ -1051,6 +1059,11 @@ router.get('/:projectid/users/availables', async  (req, res) => {
         return res.status(404).send({ success: false, error: "Group " + group_id + " not found" })
       }
 
+      if (group.enabled === false) {
+        winston.error("(Users Availables) group disabled")
+        return res.status(403).send({ success: false, error: "Group " + group_id + " is currently disabled" })
+      }
+
       query.id_user = { $in: group.members.map(id => mongoose.Types.ObjectId(id) )}
     }
   } 

package/routes/project_user.js

@@ -12,176 +12,118 @@ var RoleConstants = require("../models/roleConstants");
 var ProjectUserUtil = require("../utils/project_userUtil");
 const uuidv4 = require('uuid/v4');
 
-
 var passport = require('passport');
 require('../middleware/passport')(passport);
 var validtoken = require('../middleware/valid-token')
 var roleChecker = require('../middleware/has-role');
 
 
-
-// NEW: INVITE A USER
 router.post('/invite', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('admin')], function (req, res) {
 
-  winston.debug('-> INVITE USER ', req.body);
+  winston.debug('Invite ProjectUser body ', req.body);
 
-  var email = req.body.email;
+  let id_project = req.projectid;
+  let email = req.body.email;
   if (email) {
     email = email.toLowerCase();
   }
 
-  winston.debug('»»» INVITE USER EMAIL', email);
-  winston.debug('»»» CURRENT USER ID', req.user._id);
-  winston.debug('»»» PROJECT ID', req.projectid);
-// authType
-  User.findOne({ email: email, status: 100
-    // , authType: 'email_password' 
-  }, function (err, user) {
-    if (err) throw err;
+  winston.debug('Invite ProjectUser with email ' + email + ' on project ' + req.projectid);
+  
+  User.findOne({ email: email, status: 100 }, (err, user) => {
+    
+    if (err) {
+      winston.error("Error in searching for a possible existing project user with email " + email);
+      return res.status(500).send({ success: false, error: "An error occurred during the invite process" });
+    }
 
     if (!user) {
-      /*
-       * *** USER NOT FOUND > SAVE EMAIL AND PROJECT ID IN PENDING INVITATION *** */
+      // User not registered on Tiledesk Platform -> Save email and project_id in pending invitation
       // TODO req.user.firstname is null for bot visitor
-      return pendinginvitation.saveInPendingInvitation(req.projectid, req.project.name, email, req.body.role, req.user._id, req.user.firstname, req.user.lastname)
-        .then(function (savedPendingInvitation) {      
-           
-            var eventData = {req: req, savedPendingInvitation: savedPendingInvitation};
-            winston.debug("eventData",eventData);
-            authEvent.emit('project_user.invite.pending', eventData);
-     
-          return res.json({ msg: "User not found, save invite in pending ", pendingInvitation: savedPendingInvitation });
-        })
-        .catch(function (err) {
-          return res.send(err);
-          // return res.status(500).send(err);
-        });
-      // return res.status(404).send({ success: false, msg: 'User not found.' });
+      return pendinginvitation.saveInPendingInvitation(req.projectid, req.project.name, email, req.body.role, req.user._id, req.user.firstname, req.user.lastname).then(function (savedPendingInvitation) {
+        var eventData = { req: req, savedPendingInvitation: savedPendingInvitation };
+        winston.debug("eventData", eventData);
+        authEvent.emit('project_user.invite.pending', eventData);
+        return res.json({ msg: "User not found, save invite in pending ", pendingInvitation: savedPendingInvitation });
+      }).catch(function (err) {
+        return res.send(err);
+      });
 
     } else if (req.user.id == user._id) {
-      winston.debug('-> -> FOUND USER ID', user._id)
-      winston.debug('-> -> CURRENT USER ID', req.user.id);
-      // if the current user id is = to the id of found user return an error:
-      // (to a user is not allowed to invite oneself) 
-
-      winston.debug('XXX XXX FORBIDDEN')
+      // If the current user id is = to the id of found user return an error. To a user is not allowed to invite oneself.
+      winston.debug('Invite User: found user ' + user._id + ' is equal to current user ' + req.user.id + '. Is not allowed to invite oneself.')
       return res.status(403).send({ success: false, msg: 'Forbidden. It is not allowed to invite oneself', code: 4000 });
 
     } else {
 
-      /**
-       * *** IT IS NOT ALLOWED TO INVITE A USER WHO IS ALREADY A MEMBER OF THE PROJECT *** 
-       * FIND THE PROJECT USERS FOR THE PROJECT ID PASSED BY THE CLIENT IN THE BODY OF THE REQUEST
-       * IF THE ID OF THE USER FOUND FOR THE EMAIL (PASSED IN THE BODY OF THE REQUEST - see above)
-       * MATCHES ONE OF THE USER ID CONTENTS IN THE PROJECTS USER OBJECT STOP THE WORKFLOW AND RETURN AN ERROR */
-
-      var role = [RoleConstants.OWNER, RoleConstants.ADMIN, RoleConstants.SUPERVISOR, RoleConstants.AGENT];     
-      winston.debug("role", role);
-    
-      // winston.debug("PROJECT USER ROUTES - req projectid", req.projectid);
+      let roles = [RoleConstants.OWNER, RoleConstants.ADMIN, RoleConstants.SUPERVISOR, RoleConstants.AGENT];
 
-        return Project_user.find({ id_project: req.projectid, role: { $in : role }, status: "active"}, function (err, projectuser) {
-
-      
-        winston.debug('PRJCT-USERS FOUND (FILTERED FOR THE PROJECT ID) ', projectuser)
+      Project_user.findOne({ id_project: id_project, id_user: user._id, role: { $in: roles }}, (err, puser) => {
         if (err) {
-          winston.error("Error gettting project_user for invite", err);
-          return res.status(500).send(err);
+          winston.error("Error inviting an already existing user: ", err);
+          return res.status(500).send({ success: false, msg: "An error occurred on inviting user " + email + " on project " + id_project })
         }
 
-        if (!projectuser) {
-          // winston.debug('*** PRJCT-USER NOT FOUND ***')
-          return res.status(404).send({ success: false, msg: 'Project user not found.' });
+        if (!roles.includes(req.body.role)) {
+          return res.status(400).send({ success: false, msg: 'Invalid role specified: ' + req.body.role });
         }
+        
+        let user_available = typeof req.body.user_available === 'boolean' ? req.body.user_available : true
 
-        if (projectuser) {
-          try {
-            projectuser.forEach(p_user => {
-              if (p_user) {
-                // winston.debug('»»»» FOUND USER ID: ', user._id, ' TYPE OF ', typeof (user._id))
-                // winston.debug('»»»» PRJCT USER > USER ID: ', p_user.id_user, ' TYPE OF ', typeof (p_user.id_user));
-                var projectUserId = p_user.id_user.toString();
-                var foundUserId = user._id.toString()
-
-                winston.debug('»»»» FOUND USER ID: ', foundUserId, ' TYPE OF ', typeof (foundUserId))
-                winston.debug('»»»» PRJCT USER > USER ID: ', projectUserId, ' TYPE OF ', typeof (projectUserId));
-
-                // var n = projectuser.includes('5ae6c62c61c7d54bf119ac73');
-                // winston.debug('USER IS ALREADY A MEMBER OF THE PROJECT ', n)
-                if (projectUserId == foundUserId) {
-                  // if ('5ae6c62c61c7d54bf119ac73' == '5ae6c62c61c7d54bf119ac73') {
-
-                    winston.debug('»»»» THE PRJCT-USER ID ', p_user.id_user, ' MATCHES THE FOUND USER-ID', user._id)
-                    winston.warn("User " + projectUserId+ " is already a member of the project: " + req.projectid)
-
-                  // cannot use continue or break inside a JavaScript Array.prototype.forEach loop. However, there are other options:
-                  throw new Error('User is already a member'); // break
-                  // return res.status(403).send({ success: false, msg: 'Forbidden. User is already a member' });
-                }
-              }
-            });
-          }
-          catch (e) {
-            winston.error('»»» ERROR ', e)
+        if (puser) {
+          if (puser.trashed !== true) {
+            winston.warn("Trying to invite an already project member user")
             return res.status(403).send({ success: false, msg: 'Forbidden. User is already a member', code: 4001 });
           }
 
-          winston.debug('NO ERROR, SO CREATE AND SAVE A NEW PROJECT USER ')
-
-          var user_available = true;
-          if (req.body.user_available!=undefined) {
-            user_available = req.body.user_available;
-          }
-          var newProject_user = new Project_user({
-            // _id: new mongoose.Types.ObjectId(),
-            id_project: req.projectid,
-            id_user: user._id,
-            role: req.body.role,           
-            user_available: user_available, 
-            createdBy: req.user.id,
-            updatedBy: req.user.id
-          });
-
-          return newProject_user.save(function (err, savedProject_user) {
+          Project_user.findByIdAndUpdate(puser._id, { role: req.body.role, user_available: user_available, trashed: false, status: 'active' }, { new: true}, (err, updatedPuser) => {
             if (err) {
-              winston.error('--- > ERROR ', err)
-              return res.status(500).send({ success: false, msg: 'Error saving object.' });
+              winston.error("Error update existing project user before inviting it ", err)
+              return res.status(500).send({ success: false, msg: "An error occurred on inviting user " + email + " on project " + id_project })
             }
 
+            emailService.sendYouHaveBeenInvited(email, req.user.firstname, req.user.lastname, req.project.name, id_project, user.firstname, user.lastname, req.body.role)
+
+            updatedPuser.populate({path:'id_user', select:{'firstname':1, 'lastname':1}},function (err, updatedPuserPopulated){
+              var pu = updatedPuserPopulated.toJSON();
+              pu.isBusy = ProjectUserUtil.isBusy(savedProject_userPopulated, req.project.settings && req.project.settings.max_agent_assigned_chat);
+              var eventData = {req:req, updatedPuserPopulated: pu};
+              winston.debug("eventData",eventData);
+              authEvent.emit('project_user.invite', eventData);
+            });
 
+            return res.status(200).send(updatedPuser);
+          })
 
-            winston.debug('INVITED USER (IS THE USER FOUND BY EMAIL) ', user);
-            winston.debug('EMAIL of THE INVITED USER ', email);
-            winston.debug('ROLE of THE INVITED USER ', req.body.role);
-            winston.debug('PROJECT NAME ', req.body.role);
-            winston.debug('LOGGED USER ID ', req.user.id);
-            winston.debug('LOGGED USER NAME ', req.user.firstname);
-            winston.debug('LOGGED USER NAME ', req.user.lastname);
+        } else {
 
+          let newProject_user = new Project_user({
+            id_project: id_project,
+            id_user: user._id,
+            role: req.body.role,
+            user_available: user_available,
+            createdBy: req.user.id,
+            updatedBy: req.user.id
+          })
 
-            var invitedUserFirstname = user.firstname
-            var invitedUserLastname = user.lastname
+          newProject_user.save((err, savedProject_user) => {
+            if (err) {
+              winston.error("Error saving new project user: ", err)
+              return res.status(500).send({ success: false, msg: "An error occurred on inviting user " + email + " on project " + id_project })
+            }
 
-            emailService.sendYouHaveBeenInvited(email, req.user.firstname, req.user.lastname, req.project.name, req.projectid, invitedUserFirstname, invitedUserLastname, req.body.role)
-            
-            // try {
-              //test it
-              savedProject_user.populate({path:'id_user', select:{'firstname':1, 'lastname':1}},function (err, savedProject_userPopulated){
-                var pu = savedProject_userPopulated.toJSON();
-                pu.isBusy = ProjectUserUtil.isBusy(savedProject_userPopulated, req.project.settings && req.project.settings.max_agent_assigned_chat);
-        
-                
-                  var eventData = {req:req, savedProject_userPopulated: pu};
-                  winston.debug("eventData",eventData);
-                  authEvent.emit('project_user.invite', eventData);
-              });
-            // } catch(e) {winston.error('Error emitting activity');}
-            
-            return res.json(savedProject_user);
+            emailService.sendYouHaveBeenInvited(email, req.user.firstname, req.user.lastname, req.project.name, id_project, user.firstname, user.lastname, req.body.role)
 
-  
-          });
+            savedProject_user.populate({path:'id_user', select:{'firstname':1, 'lastname':1}},function (err, savedProject_userPopulated){
+              var pu = savedProject_userPopulated.toJSON();
+              pu.isBusy = ProjectUserUtil.isBusy(savedProject_userPopulated, req.project.settings && req.project.settings.max_agent_assigned_chat);
+              var eventData = {req:req, savedProject_userPopulated: pu};
+              winston.debug("eventData",eventData);
+              authEvent.emit('project_user.invite', eventData);
+            });
 
+            return res.status(200).send(savedProject_user);
+          })
         }
       })
     }
@@ -248,28 +190,22 @@ router.put('/', [passport.authenticate(['basic', 'jwt'], { session: false }), va
     update.tags = req.body.tags;
   }
 
-
-
-
   Project_user.findByIdAndUpdate(req.projectuser.id, update,  { new: true, upsert: true }, function (err, updatedProject_user) {
     if (err) {
       winston.error("Error gettting project_user for update", err);
       return res.status(500).send({ success: false, msg: 'Error updating object.' });
     }
-      updatedProject_user.populate({path:'id_user', select:{'firstname':1, 'lastname':1}},function (err, updatedProject_userPopulated){    
-
-        var pu = updatedProject_userPopulated.toJSON();
-        pu.isBusy = ProjectUserUtil.isBusy(updatedProject_userPopulated, req.project.settings && req.project.settings.max_agent_assigned_chat);
-        
-        authEvent.emit('project_user.update', {updatedProject_userPopulated:pu, req: req});
-      });
     
-
+    updatedProject_user.populate({ path:'id_user', select: { 'firstname': 1, 'lastname': 1 }}, function (err, updatedProject_userPopulated) {    
+      var pu = updatedProject_userPopulated.toJSON();
+      pu.isBusy = ProjectUserUtil.isBusy(updatedProject_userPopulated, req.project.settings && req.project.settings.max_agent_assigned_chat);
+      authEvent.emit('project_user.update', {updatedProject_userPopulated:pu, req: req});
+    });
+    
     res.json(updatedProject_user);
   });
 });
 
-
 router.put('/:project_userid', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('admin', ['subscription'])], function (req, res) {
 
   winston.debug("project_userid update", req.body);
@@ -300,8 +236,9 @@ router.put('/:project_userid', [passport.authenticate(['basic', 'jwt'], { sessio
     update.attributes = req.body.attributes;
   }
 
-  if (req.body.status!=undefined) {
-    update.status = req.body.status;
+  const allowedStatuses = ['active', 'disabled'];
+  if (req.body.status !== undefined && allowedStatuses.includes(req.body.status)) {
+      update.status = req.body.status;
   }
 
   if (req.body["settings.email.notification.conversation.assigned.toyou"]!=undefined) {
@@ -338,28 +275,78 @@ router.put('/:project_userid', [passport.authenticate(['basic', 'jwt'], { sessio
   });
 });
 
-
-
 // TODO fai servizio di patch degli attributi come request
 // TODO  blocca cancellazione owner?
 router.delete('/:project_userid', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('admin')], function (req, res) {
 
+  const { hard, soft } = req.query;
+  const pu_id = req.params.project_userid;
+
   winston.debug(req.body);
 
-  Project_user.findByIdAndRemove(req.params.project_userid, { new: false}, function (err, project_user) {
-    if (err) {
-      winston.error("Error gettting project_user for delete", err);
-      return res.status(500).send({ success: false, msg: 'Error deleting object.' });
-    }
+  if (soft === "true") {
+    // Soft Delete
+    Project_user.findByIdAndUpdate(pu_id, { trashed: true }, { new: true }, (err, project_user) => {
+      if (err) {
+        winston.error("Error gettting project_user for soft delete", err);
+        return res.status(500).send({ success: false, msg: 'Error deleting Project User with id ' + pu_id });
+      }
+
+      winston.debug("Soft deleted project_user", project_user);
+      if (!project_user) {
+        winston.warn("Project user not found for soft delete with id " + pu_id);
+        return res.status(404).send({ success: false, error: 'Project user not found with id ' + pu_id });
+      }
+
+      // Event 'project_user.delete' not working - Check it and improve it to manage soft/hard delete
+      return res.status(200).send(project_user);
+
+    })
+  }
+  else if (hard === "true") {
+    // Hard Delete
+    Project_user.findByIdAndRemove(pu_id, { new: false }, (err, project_user) => {
+      if (err) {
+        winston.error("Error gettting project_user for hard delete", err);
+        return res.status(500).send({ success: false, msg: 'Error deleting Project user with id ' + pu_id });
+      }
+
+      if (!project_user) {
+        winston.warn("Project user not found for soft delete with id " + pu_id);
+        return res.status(404).send({ success: false, error: 'Project user not found with id ' + pu_id });
+      }
 
-    winston.debug("Removed project_user", project_user);
+      winston.debug("Hard deleted project_user", project_user);
 
-    project_user.populate({path:'id_user', select:{'firstname':1, 'lastname':1}},function (err, project_userPopulated){   
-      authEvent.emit('project_user.delete', {req: req, project_userPopulated: project_userPopulated});
+      if (project_user) {
+        project_user.populate({ path: 'id_user', select: { 'firstname': 1, 'lastname': 1 } }, function (err, project_userPopulated) {
+          authEvent.emit('project_user.delete', { req: req, project_userPopulated: project_userPopulated });
+        });
+      }
+
+      return res.status(200).send(project_user);
     });
-    
-    res.json(project_user);
-  });
+  }
+  else {
+    // Disable
+    Project_user.findByIdAndUpdate(pu_id, { status: "disabled", user_available: false }, { new: true }, (err, project_user) => {
+        if (err) {
+          winston.error("Error gettting project_user for disable user", err);
+          return res.status(500).send({ success: false, msg: 'Error disabling Project User with id ' + pu_id });
+        }
+
+        if (!project_user) {
+          winston.warn("Project user not found for soft delete with id " + pu_id);
+          return res.status(404).send({ success: false, error: 'Project user not found with id ' + pu_id });
+        }
+
+        winston.debug("Disabled project_user", project_user);
+
+        // Event 'project_user.delete' not working - Check it and improve it to manage disable project user
+        return res.status(200).send(project_user);
+      }
+    );
+  }
 });
 
 router.get('/:project_userid', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('agent', ['subscription'])], function (req, res) {
@@ -383,7 +370,6 @@ router.get('/:project_userid', [passport.authenticate(['basic', 'jwt'], { sessio
 
 });
 
-
 router.get('/users/search', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('user', ['subscription'])], async (req, res, next) => { //changed for smtp 
   // router.get('/users/search', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('agent', ['subscription'])], async (req, res, next) => {
   winston.debug("--> users search  ");
@@ -420,8 +406,6 @@ router.get('/users/search', [passport.authenticate(['basic', 'jwt'], { session:
 /**
  * GET PROJECT-USER BY PROJECT ID AND CURRENT USER ID 
 //  */
- 
-
 router.get('/users/:user_id', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('agent', ['subscription'])], function (req, res, next) {
   winston.debug("--> users USER ID ", req.params.user_id);
 
@@ -498,7 +482,7 @@ router.get('/', [passport.authenticate(['basic', 'jwt'], { session: false }), va
   }
   winston.debug("role", role);
 
-  var query =  {id_project: req.projectid, role: { $in : role } };
+  var query = { id_project: req.projectid, role: { $in : role }, trashed: { $ne: true } };
 
   if (req.query.presencestatus) {
     query["presence.status"] = req.query.presencestatus;
@@ -506,6 +490,10 @@ router.get('/', [passport.authenticate(['basic', 'jwt'], { session: false }), va
 
   winston.debug("query", query);
 
+  if (req.query.status) {
+    query["status"] = req.query.status;
+  }
+
   Project_user.find(query).
     populate('id_user').
     // lean().                   

package/routes/widget.js

@@ -188,7 +188,7 @@ router.get('/', async (req, res, next) => {
 
        //@DISABLED_CACHE .cache(cacheUtil.queryTTL, "projects:query:id:status:100:"+req.projectid+":select:-settings")            
       
-      Project.findOne({_id: req.projectid, status: 100}).select('-settings -ipFilter -ipFilterEnabled').exec(function(err, project) {
+      Project.findOne({_id: req.projectid, status: 100}).select('-ipFilter -ipFilterEnabled').exec(function(err, project) {
         // not use .lean I need project.trialExpired 
 
           if (err) {
@@ -198,6 +198,19 @@ router.get('/', async (req, res, next) => {
 
           winston.debug("project", project);
 
+          // This code filters the project settings to only include the properties
+          // 'allowed_urls', 'allowed_urls_list', and 'allowed_send_emoji', removing all others.
+          // Removed the "-settings" command from the query that excluded the entire "settings" field from the selection
+          if (project && project.settings) {
+            const { allowed_urls, allowed_urls_list, allow_send_emoji } = project.settings;
+            project.settings = {};
+            Object.assign(project.settings, 
+              allowed_urls !== undefined ? { allowed_urls } : {},
+              allowed_urls_list !== undefined ? { allowed_urls_list } : {},
+              allow_send_emoji !== undefined ? { allow_send_emoji } : {}
+            );
+          }
+
           // ProjectSetter project not found with id: 62d8cf8b2b10b30013bb9b99
           // Informazioni
           // 2022-07-27 14:32:14.772 CESTerror: Error getting widget. {"err":"Project Not Found"}

package/services/departmentService.js

@@ -359,8 +359,7 @@ getOperators(departmentid, projectid, nobot, disableWebHookCall, context) {
   var that = this;
 
   return new Promise(function (resolve, reject) {
-
-    return Group.find({ _id: department.id_group }).exec(function (err, group) {
+    return Group.find({ _id: department.id_group, $or: [ { enabled: true }, { enabled: { $exists: false } } ] }).exec(function (err, group) {
       if (err) {
         winston.error('D-2 GROUP -> [ FIND PROJECT USERS: ALL and AVAILABLE (with OH) ] -> ERR ', err)
         return reject(err);
@@ -603,6 +602,21 @@ getDefaultDepartment(projectid) {
   }
 }
 
+  /**
+   * Checks if the group belongs to a department of the project
+   * @param {String} projectId
+   * @param {String} groupId
+   * @returns {Promise<Boolean>} true if the group belongs to a department of the project, otherwise false
+   */
+  async isGroupInProjectDepartment(projectId, groupId) {
+    try {
+      const department = await Department.findOne({ id_project: projectId, id_group: groupId });
+      return !!department;
+    } catch (err) {
+      winston.error('Error in isGroupInProjectDepartment', err);
+      return false;
+    }
+  }
 
 
 }

package/services/requestService.js

@@ -1757,7 +1757,7 @@ class RequestService {
 
 
           if (err) {
-            winston.error("Error getting closing request ", err);
+            winston.error("Error getting closing request with request_id: " + request_id, err);
             return reject(err);
           }
           if (!request) {

package/test/kbRoute.js

@@ -3,9 +3,9 @@ process.env.NODE_ENV = 'test';
 process.env.GPTKEY = "fakegptkey";
 process.env.LOG_LEVEL = 'critical'
 process.env.KB_WEBHOOK_TOKEN = "testtoken"
-process.env.PINECONE_INDEX = "test_index";
+process.env.PINECONE_INDEX = "test-index";
 process.env.PINECONE_TYPE = "pod";
-process.env.PINECONE_INDEX_HYBRID = "test_index_hybrid";
+process.env.PINECONE_INDEX_HYBRID = "test-index-hybrid";
 process.env.PINECONE_TYPE_HYBRID = "serverless";
 process.env.ADMIN_EMAIL = "admin@tiledesk.com";
 
@@ -69,7 +69,7 @@ describe('KbRoute', () => {
 
                             res.should.have.status(200);
                             expect(res.body.length).to.equal(1);
-                            expect(res.body[0].engine.index_name).to.equal('test_index')
+                            expect(res.body[0].engine.index_name).to.equal('test-index')
 
                             let namespace_id = res.body[0].id;
 
@@ -1149,7 +1149,7 @@ describe('KbRoute', () => {
                         expect(res.body.name).to.equal('MyCustomNamespace');
                         should.exist(res.body.engine)
                         expect(res.body.engine.name).to.equal('pinecone');
-                        expect(res.body.engine.type).to.equal('pod');
+                        expect(res.body.engine.type).to.equal('serverless');
 
                         // Get again all namespace. A new default namespace should not be created.
                         chai.request(server)