@tiledesk/tiledesk-server 2.17.4 → 2.18.3

package/models/project_user.js

@@ -31,6 +31,10 @@ var TagSchema = require("../models/tag");
       index: true
       // required: true
     },
+    roleType: {
+      type: Number,  //1 for agents 2 for users
+      index: true
+    },
     user_available: {
       type: Boolean,
       default: true, 
@@ -63,6 +67,7 @@ var TagSchema = require("../models/tag");
       type: Object,
     },
     tags: [TagSchema],
+    permissions: [String],
     createdBy: {
       type: String,
       required: true
@@ -86,14 +91,16 @@ var TagSchema = require("../models/tag");
   );
 
  
-Project_userSchema.virtual('events', {
-    ref: 'event', // The model to use
-    localField: '_id', // Find people where `localField`
-    foreignField: 'project_user', // is equal to `foreignField`
-    justOne: false,
-    // options: { getters: true }
-    options: { sort: { createdAt: -1 }, limit: 5 } // Query options, see http://bit.ly/mongoose-query-options
-});
+
+  //TODO COMMENT IT unused. Now events are not saved to the db
+// Project_userSchema.virtual('events', {
+//     ref: 'event', // The model to use
+//     localField: '_id', // Find people where `localField`
+//     foreignField: 'project_user', // is equal to `foreignField`
+//     justOne: false,
+//     // options: { getters: true }
+//     options: { sort: { createdAt: -1 }, limit: 5 } // Query options, see http://bit.ly/mongoose-query-options
+// });
 
 Project_userSchema.virtual('isAuthenticated').get(function () {
   if (this.role === RoleConstants.GUEST ) {
@@ -103,6 +110,77 @@ Project_userSchema.virtual('isAuthenticated').get(function () {
   }
 });
 
+Project_userSchema.methods.getAllPermissions = function () {
+  // console.log("this", this);
+  winston.debug("this.permissions", this.permissions);
+
+  // console.log("this.rolePermissions", this.rolePermissions);
+  winston.debug("this._doc.rolePermissions", this._doc.rolePermissions);
+
+  let all = this.permissions;
+
+  if (this._doc.rolePermissions) {
+    all = [...new Set([...this.permissions, ...this._doc.rolePermissions])]; //https://medium.com/@rivoltafilippo/javascript-merge-arrays-without-duplicates-3fbd8f4881be
+  }
+  // const all = this.permissions.concat(this._doc.rolePermissions);
+  winston.verbose("getAllPermissions all", all);
+
+  return all;
+  
+}
+
+
+
+Project_userSchema.methods.hasPermissionOrRole = function (permission, roles) {
+  var all_permissions = this.getAllPermissions();
+  // var all_permissions = this.getAllPermissions();
+  // console.log("hasPermissionOrRole", all_permissions, permission,  this.role, roles)
+  if (all_permissions && all_permissions.length>0 ) {
+    if (all_permissions.includes(permission)) {
+      // console.log("hasPermissionOrRole found", permission)
+      return true;
+    } else {
+      return false;
+    }
+  }else {
+    if (roles instanceof Array) {
+      // console.log("hasPermissionOrRole roles instanceof Array");
+      for (var i = 0; i < roles.length; i++) {
+        if (roles[i]==this.role) {
+          return true;
+        }
+      }
+      return false;
+
+    } else {
+      // console.log("roles instanceof  ", roles instanceof );
+      // console.log("this.role instanceof  ", this.role instanceof );
+      
+      // console.log("hasPermissionOrRole role ", this.role, roles);
+      if (this.role==roles) {
+        // console.log("role ok");
+        return true;
+      } else {
+        // console.log("role ko");
+        return false;
+      }
+    }
+    
+    
+  }
+}
+
+Project_userSchema.methods.hasPermission = function (permission) {
+  if (this.permissions && this.permissions.length>0 ) {
+    if (this.permissions.includes(permission)) {
+      return true;
+    } else {
+      return false;
+    }
+  }else {
+    return false;
+  }
+}
 
 
   // var query = { id_project: req.params.projectid, id_user: req.user._id};

package/models/request.js

@@ -11,6 +11,7 @@ var ProjectUserSchema = require("../models/project_user").schema;
 var RequestStatus = require("../models/requestStatus");
 var LeadSchema = require("../models/lead").schema; //it's not used but i you run test like (mocha departmentService.js) it throws this not blocking exception: error: error getting requestSchema hasn't been registered for model "lead".
 var NoteSchema = require("../models/note").schema;
+
 var TagSchema = require("../models/tag");
 var LocationSchema = require("../models/location");
 var RequestSnapshotSchema = require("../models/requestSnapshot");

package/models/role.js

@@ -0,0 +1,31 @@
+var mongoose = require('mongoose');
+var Schema = mongoose.Schema;
+var winston = require('../config/winston');
+
+
+var RoleSchema = new Schema({
+  name: { 
+    type: String,
+    required: true,
+    index:true
+  },
+  permissions: [String],
+//   permissions: {
+//     type: String,
+//     required: true
+// },
+  id_project: {
+    type: String,
+    required: true,
+    index: true
+  },
+
+});
+var role = mongoose.model('role', RoleSchema);
+
+if (process.env.MONGOOSE_SYNCINDEX) {
+  role.syncIndexes();
+  winston.verbose("role syncIndexes")
+}
+
+module.exports = role;

package/models/roleConstants.js

@@ -1,4 +1,6 @@
 module.exports = {
+        TYPE_AGENTS : 1,
+        TYPE_USERS : 2,
         // SUPERADMIN : 'superadmin',
         OWNER : 'owner',
         ADMIN : 'admin',

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@tiledesk/tiledesk-server",
   "description": "The Tiledesk server module",
-  "version": "2.17.4",
+  "version": "2.18.3",
   "scripts": {
     "start": "node ./bin/www",
     "pretest": "mongodb-runner start",

package/pubmodules/analytics/analytics.js

@@ -1780,7 +1780,7 @@ router.get('/tags/:type', async (req, res) => {
     date: { $gte: startDate, $lte: endDate }
   }
 
-  console.log("analytics tags query: ", query)
+  winston.debug("analytics tags query: ", query)
 
   let result = await Analytics.find(query).catch((err) => {
     winston.error("Error finding Analytics: ", err);
@@ -1821,7 +1821,7 @@ router.get('/tags/:type', async (req, res) => {
   
   // Assembly final result
   let data = { dates, series };
-  console.log(data);
+  
 
   return res.status(200).send(data);
   

package/pubmodules/cache/mongoose-cachegoose-fn.js

@@ -10,6 +10,7 @@
 
  var triggerEventEmitter = require("../trigger/event/triggerEventEmitter");
  var subscriptionEvent = require("../../event/subscriptionEvent");   
+ var roleEvent = require("../../event/roleEvent");   
 
  var winston = require('../../config/winston');
 
@@ -837,7 +838,43 @@
                 });   
             });
         });
+
+
+        roleEvent.on('role.create', function(role) {   
+            setImmediate(() => {    
+                var key =role.id_project+":roles:"+role.name;
+                winston.verbose("Deleting cache for role.create with key: " + key);
+                winston.verbose("Creating cache for department.create with key: " + key);
+                client.set(key, role, cacheUtil.defaultTTL, (err, reply) => {
+                    winston.debug("Created cache for role.create",reply);
+                    winston.verbose("Created cache for role.create",{err:err});
+                });
+            
+            });
+        });
+
+         roleEvent.on('role.update', function(role) {   
+            setImmediate(() => {    
+                var key =role.id_project+":roles:"+role.name;
+                winston.verbose("Deleting cache for role.update with key: " + key);
+                client.set(key, role, cacheUtil.defaultTTL, (err, reply) => {
+                    winston.debug("Updated cache for role.update",reply);
+                    winston.verbose("Updated cache for role.update",{err:err});
+                });
+            });
+        });
     
+         roleEvent.on("role.delete", function(role) {     
+            setImmediate(() => {      
+                var key =role.id_project+":roles:"+role.name;
+                winston.verbose("Deleting cache for role.delete with key: " + key);
+                del(client._cache._engine.client, key, function (err, reply) {  
+                    winston.debug("Deleted cache for role.delete",reply);
+                    winston.verbose("Deleted cache for role.delete",{err:err});
+                });   
+            });
+        });
+        
     }
     
 

package/pubmodules/canned/cannedResponseRoute.js

@@ -3,6 +3,7 @@ var router = express.Router();
 var CannedResponse = require("./cannedResponse");
 var winston = require('../../config/winston');
 const RoleConstants = require('../../models/roleConstants');
+const roleConstants = require('../../models/roleConstants');
 // const CannedResponseEvent = require('../event/CannedResponseEvent');
 
 
@@ -16,13 +17,18 @@ router.post('/', function (req, res) {
     text: req.body.text,
     id_project: req.projectid,
     createdBy: req.user.id,
-    updatedBy: req.user.id
+    updatedBy: req.user.id,
+    shared: false
   });
 
   if (req.projectuser.role == 'owner' || req.projectuser.role == 'admin') {
     newCannedResponse.shared = true;
   } else {
-    newCannedResponse.shared = false;
+    if (req.projectuser.roleType === roleConstants.TYPE_AGENTS) {
+      if (req.body.shared && req.body.shared === true) {
+        newCannedResponse.shared = true;
+      }
+    }
   }
 
   newCannedResponse.save(function (err, savedCannedResponse) {
@@ -40,8 +46,8 @@ router.put('/:cannedResponseid', async function (req, res) {
   winston.debug(req.body);
   const canned_id = req.params.cannedResponseid;
   const id_project = req.projectid;
-  let user_role = req.projectuser.role;
-  
+  let user_role = req.projectuser?.role;
+  let roleType = req.projectuser?.roleType || null;
   var update = {};
 
   const allowedFields = ['title', 'text', 'attributes']
@@ -79,6 +85,12 @@ router.put('/:cannedResponseid', async function (req, res) {
       winston.warn("Not allowed. User " + req.user.id + " can't modify a canned response of user " + canned.createdBy);
       return res.status(403).send({ success: false, error: "Not allowed to modify a non administration canned response"})
     }
+  }
+  else if (roleType === RoleConstants.TYPE_AGENTS) {
+    if (canned.hasOwnProperty('shared') && canned.shared === false && canned.createdBy !== req.user.id) {
+      winston.warn("Not allowed. User " + req.user.id + " can't modify a canned response of user " + canned.createdBy);
+      return res.status(403).send({ success: false, error: "Not allowed to modify a non administration canned response"})
+    }
   } else {
     winston.warn("User " + req.user.id + "trying to modify canned with role " + user_role);
     return res.status(401).send({ success: false, error: "Unauthorized"})
@@ -100,6 +112,7 @@ router.delete('/:cannedResponseid', async function (req, res) {
   const canned_id = req.params.cannedResponseid;
   const id_project = req.projectid;
   let user_role = req.projectuser.role;
+  let roleType = req.projectuser?.roleType || null;
 
   let canned = await CannedResponse.findOne({ _id: canned_id, id_project: id_project }).catch((err) => {
     winston.error("Error finding canned response: ", err);
@@ -128,7 +141,14 @@ router.delete('/:cannedResponseid', async function (req, res) {
       winston.warn("Not allowed. User " + req.user.id + " can't delete a canned response of user " + canned.createdBy);
       return res.status(403).send({ success: false, error: "Not allowed to delete a non administration canned response"})
     }
-  } else {
+  } 
+  else if (roleType === RoleConstants.TYPE_AGENTS) {
+    if (canned.hasOwnProperty('shared') && canned.shared === false && canned.createdBy !== req.user.id) {
+      winston.warn("Not allowed. User " + req.user.id + " can't delete a canned response of user " + canned.createdBy);
+      return res.status(403).send({ success: false, error: "Not allowed to delete a non administration canned response"})
+    }
+  }
+  else {
     winston.warn("User " + req.user.id + "trying to delete canned with role " + user_role);
     return res.status(401).send({ success: false, error: "Unauthorized"})
   }
@@ -149,6 +169,7 @@ router.delete('/:cannedResponseid/physical', async function (req, res) {
   const canned_id = req.params.cannedResponseid;
   const id_project = req.projectid;
   let user_role = req.projectuser.role;
+  let roleType = req.projectuser?.roleType || null;
 
   let canned = await CannedResponse.findOne({ _id: canned_id, id_project: id_project }).catch((err) => {
     winston.error("Error finding canned response: ", err);
@@ -177,7 +198,14 @@ router.delete('/:cannedResponseid/physical', async function (req, res) {
       winston.warn("Not allowed. User " + req.user.id + " can't delete a canned response of user " + canned.createdBy);
       return res.status(403).send({ success: false, error: "Not allowed to delete a non administration canned response"})
     }
-  } else {
+  } 
+  else if (roleType === RoleConstants.TYPE_AGENTS) {
+    if (canned.hasOwnProperty('shared') && canned.shared === false && canned.createdBy !== req.user.id) {
+      winston.warn("Not allowed. User " + req.user.id + " can't delete a canned response of user " + canned.createdBy);
+      return res.status(403).send({ success: false, error: "Not allowed to delete a non administration canned response"})
+    }
+  }
+  else {
     winston.warn("User " + req.user.id + "trying to delete canned with role " + user_role);
     return res.status(401).send({ success: false, error: "Unauthorized"})
   }

package/pubmodules/routing-queue/listener.js

@@ -110,7 +110,13 @@ class Listener {
               var query = {id_project: operatorsResult.id_project, status: {$lt:1000}};      
               // asyncForEach(operatorsResult.available_agents, async (aa) => {
               for (const aa of operatorsResult.available_agents) {
-                query.participants = aa.id_user._id.toString();// attento qui
+                let user_id;
+                if (aa.id_user._id) {
+                  user_id = aa.id_user._id.toString();// attento qui
+                } else {
+                  user_id = aa.id_user;// attento qui
+                }
+                query.participants = user_id;
                 winston.debug("department operators query:" , query);
 
 

package/pubmodules/trigger/rulesTrigger.js

@@ -1164,11 +1164,8 @@ class RulesTrigger {
                       lead: createdLead, requester: puser
                     };
       
-                    //let t1 = Date.now();
+
                     return requestService.create(new_request).then(function (savedRequest) {                   
-                      //console.log("[Performance] (rulesTrigger) requestService.create time: " + (Date.now() - t1));
-                      // performance console log
-                      // console.log("************* request created trigger: "+new Date().toISOString());
 
                         if (attributes) {
                           attributes.sendnotification = false; //  sembra nn funzionae
@@ -1177,9 +1174,7 @@ class RulesTrigger {
                         var senderFullname = fullname || 'Guest'; // guest_here
 
                         // create(sender, senderFullname, recipient, text, id_project, createdBy, status, attributes, type, metadata, language) {
-                        //let t2 = Date.now();
                         return messageService.create( id_user, senderFullname , savedRequest.request_id, text, id_project, id_user,  MessageConstants.CHAT_MESSAGE_STATUS.SENDING, attributes, type, eventTrigger.event.metadata, language).then(function(savedMessage) {
-                          //console.log("[Performance] (rulesTrigger) messageService.create time: " + (Date.now() - t2));
                           return savedMessage;
                         });
                       }).catch(function (err) {

package/routes/answered.js

@@ -0,0 +1,227 @@
+const express = require('express');
+const router = express.Router();
+const { Namespace, AnsweredQuestion } = require('../models/kb_setting');
+const winston = require('../config/winston');
+
+// Add a new unanswerd question
+router.post('/', async (req, res) => {
+    try {
+        const { namespace, question, answer, tokens, request_id } = req.body;
+        const id_project = req.projectid;
+
+        if (!namespace || !question || !answer) {
+            return res.status(400).json({
+                success: false,
+                error: "Missing required parameters: namespace, question and answer"
+            })
+        }
+
+        // Check if namespae belongs to project
+        const isValidNamespace = await validateNamespace(id_project, namespace);
+        if (!isValidNamespace) {
+            return res.status(403).json({
+                success: false,
+                error: "Not allowed. The namespace does not belong to the current project."
+            })
+        }
+
+        const answeredQuestion = new AnsweredQuestion({
+            id_project,
+            namespace,
+            question,
+            answer,
+            tokens,
+            request_id,
+        });
+
+        const savedQuestion = await answeredQuestion.save();
+        res.status(200).json(savedQuestion);
+
+    } catch (error) {
+        winston.error('Error adding answered question:', error);
+        res.status(500).json({
+            success: false,
+            error: "Error adding answered question"
+        });
+    }
+})
+
+// Get all answered questions for a namespace
+router.get('/:namespace', async (req, res) => {
+
+    try {
+        const { namespace } = req.params;
+        const id_project = req.projectid;
+
+        if (!namespace) {
+            return res.status(400).json({
+                success: false,
+                error: "Missing required parameter: namespace"
+            })
+        }
+
+        // Check if namespace belongs to project
+        const isValidNamespace = await validateNamespace(id_project, namespace);
+        if (!isValidNamespace) {
+            return res.status(403).json({
+                success: false,
+                error: "Not allowed. The namespace does not belong to the current project."
+            })
+        }
+        
+        const page = parseInt(req.query.page) || 0;
+        const limit = parseInt(req.query.limit) || 20;
+        const sortField = req.query.sortField || 'created_at';
+        const direction = parseInt(req.query.direction) || -1;
+
+        const filter = { id_project, namespace };
+
+        let projection = undefined;
+
+        if (req.query.search) {
+            filter.$text = { $search: req.query.search };
+            // Add score to projection if it's a text search
+            projection = { score: { $meta: "textScore" } };
+        }
+
+        let sortObj;
+        if (projection && projection.score) {
+            sortObj = { score: { $meta: "textScore" } };
+        } else {
+            sortObj = { [sortField]: direction };
+        }
+
+        const questions = await AnsweredQuestion.find(filter, projection)
+            .sort(sortObj)
+            .skip(page * limit)
+            .limit(limit);
+
+        const count = await AnsweredQuestion.countDocuments(filter);
+
+        res.status(200).json({
+            count,
+            questions,
+            query: {
+                page,
+                limit,
+                sortField,
+                direction,
+                search: req.query.search || undefined
+            }
+        });
+        
+    } catch (error) {
+        winston.error('Error getting answered questions:', error);
+        res.status(500).json({
+            success: false,
+            error: "Error getting answered questions"
+        });
+    }
+
+})
+
+router.delete('/:id', async (req, res) => {
+    try {
+        const { id } = req.params;
+        const id_project = req.projectid;
+
+        const deleted = await AnsweredQuestion.findOneAndDelete({ _id: id, id_project });
+        if (!deleted) {
+            return res.status(404).json({
+                success: false,
+                error: "Question not found"
+            });
+        }
+
+        res.status(200).json({
+            success: true,
+            message: "Question deleted successfully"
+        });
+
+    } catch (error) {
+        winston.error('Error deleting answered question:', error);
+        res.status(500).json({
+            success: false,
+            error: "Error deleting answered question"
+        });
+    }
+})
+
+router.delete('/namespace/:namespace', async (req, res) => {
+    try {
+        const { namespace } = req.params;
+        const id_project = req.projectid;
+
+        // Check if namespace belongs to project
+        const isValidNamespace = await validateNamespace(id_project, namespace);
+        if (!isValidNamespace) {
+            return res.status(403).json({
+                success: false,
+                error: "Not allowed. The namespace does not belong to the current project."
+            });
+        }
+        
+        const result = await AnsweredQuestion.deleteMany({ id_project, namespace });
+        res.status(200).json({
+            success: true,
+            count: result.deletedCount,
+            message: "All questions deleted successfully"
+        });
+
+    } catch (error) {
+        winston.error('Error deleting answered questions:', error);
+        res.status(500).json({
+            success: false,
+            error: "Error deleting answered questions"
+        });
+    }
+})
+
+router.get('/count/:namespace', async (req, res) => {
+    try {
+        const { namespace } = req.params;
+        const id_project = req.projectid;
+
+        if (!namespace) {
+            return res.status(400).json({
+                success: false,
+                error: "Missing required parameter: namespace"
+            });
+        }
+
+        // Check if namespace belongs to project
+        const isValidNamespace = await validateNamespace(id_project, namespace);
+        if (!isValidNamespace) {
+            return res.status(403).json({
+                success: false,
+                error: "Not allowed. The namespace does not belong to the current project."
+            });
+        }
+
+        const count = await AnsweredQuestion.countDocuments({ id_project, namespace });
+        res.status(200).json({ count });
+
+    } catch (error) {
+        winston.error('Error counting answered questions:', error);
+        res.status(500).json({
+            success: false,
+            error: "Error counting answered questions"
+        });
+    }
+})
+
+// Helper function to validate namespace
+async function validateNamespace(id_project, namespace_id) {
+    try {
+        const namespace = await Namespace.findOne({
+            id_project: id_project,
+            id: namespace_id
+        });
+        return !!namespace;
+    } catch (err) {
+        winston.error('validate namespace error: ', err);
+        throw err;
+    }
+}
+
+module.exports = router;

package/routes/auth.js

@@ -197,6 +197,7 @@ function (req, res) {
       id_project: req.body.id_project, //attentoqui
       uuid_user: req.user._id,
       role: RoleConstants.GUEST,
+      roleType : RoleConstants.TYPE_USERS,
       user_available: true,
       createdBy: req.user._id,
       updatedBy: req.user._id
@@ -408,6 +409,7 @@ router.post('/signinWithCustomToken', [
               uuid_user: req.user._id,
               // id_user: req.user._id,
               role: role,
+              roleType : RoleConstants.TYPE_USERS, //RICONtROLLA QUIA 
               user_available: true,
               createdBy: req.user._id, //oppure req.user.id attento problema
               updatedBy: req.user._id
@@ -486,7 +488,7 @@ router.post('/signinWithCustomToken', [
              } else {
                winston.debug('different role : '+role + " " + project_user.role);
              }
-
+            // rolecheck
             if (req.user.role && (req.user.role === RoleConstants.OWNER || req.user.role === RoleConstants.ADMIN || req.user.role === RoleConstants.AGENT)) {
               let userFromDB = await User.findOne({email: req.user.email.toLowerCase(), status: 100}).exec();
 

package/routes/department.js

@@ -24,6 +24,7 @@ router.post('/', [passport.authenticate(['basic', 'jwt'], { session: false }), v
       default: req.body.default,
       status: req.body.status,
       id_group: req.body.id_group,
+      groups: req.body.groups,
       id_project: req.projectid,
       createdBy: req.user.id,
       updatedBy: req.user.id
@@ -79,7 +80,9 @@ router.put('/:departmentid', [passport.authenticate(['basic', 'jwt'], { session:
   if (req.body.status!=undefined) {
       update.status = req.body.status;
   }
-  
+  if (req.body.groups!=undefined) {
+    update.groups = req.body.groups;
+  }      
 
 
   Department.findByIdAndUpdate(req.params.departmentid, update, { new: true, upsert: true }, function (err, updatedDepartment) {
@@ -121,6 +124,9 @@ router.put('/:departmentid', [passport.authenticate(['basic', 'jwt'], { session:
     if (req.body.id_group!=undefined) {
         update.id_group = req.body.id_group;
     }    
+    if (req.body.groups!=undefined) {
+      update.groups = req.body.groups;
+    }      
   
   
     Department.findByIdAndUpdate(req.params.departmentid, update, { new: true, upsert: true }, function (err, updatedDepartment) {