@tiledesk/tiledesk-server 2.3.5 → 2.3.7-1.1

package/deploy.sh

@@ -1,3 +1,4 @@
+git pull
 npm version patch
 version=`node -e 'console.log(require("./package.json").version)'`
 echo "version $version"
@@ -8,3 +9,4 @@ if [ "$version" != "" ]; then
     git push --tags
     npm publish --access public
 fi
+git push

package/event/messageEvent.js

@@ -7,7 +7,7 @@ var MessageConstants = require("../models/messageConstants");
 var message2Event = require("../event/message2Event");
 
 var cacheUtil = require('../utils/cacheUtil');
-
+var cacheEnabler = require("../services/cacheEnabler");
 
 
 class MessageEvent extends EventEmitter { 
@@ -34,13 +34,18 @@ function emitCompleteMessage(message) {
 }
 
 messageEvent.on('message.create', emitCompleteMessage);
-messageEvent.on('message.update', emitCompleteMessage);
+
+// messageEvent.on('message.update.simple', emitCompleteMessage);     //if populateMessageUpdate is disabled then you must forward message.update event from message.update.simple
+messageEvent.on('message.update', emitCompleteMessage);         // i must restore populateMessageWithRequest. see below
 
 function populateMessageCreate(message) {
   return populateMessageWithRequest(message, 'message.create');
 }
 function populateMessageUpdate(message) {
   return populateMessageWithRequest(message, 'message.update');
+  // return; // do not populate message.update it's not used by anyone. 
+        ///it is used by \agent interceptor. Without populateMessageWithRequest \agent sent by bot doesn't work. i must restore populateMessageWithRequest
+          //  Not used by webhook. populate for message.update is slow.
 }
 
 
@@ -48,32 +53,42 @@ function populateMessageWithRequest(message, eventPrefix) {
 
   
   winston.debug("populateMessageWithRequest "+eventPrefix, message.toObject());
+  winston.debug("populateMessageWithRequest "+eventPrefix +" "+ message.text);
   
   var messageJson = message.toJSON();
 
   
     // cacherequest      // requestcachefarequi populaterequired cacheveryhightpriority
     
-  Request.findOne({request_id:  message.recipient, id_project: message.id_project}).
+  let q = Request.findOne({request_id:  message.recipient, id_project: message.id_project}).
   populate('lead').
   populate('department').  
   populate('participatingBots').
   populate('participatingAgents').       
   populate({path:'requester',populate:{path:'id_user'}}).
-  lean()
+  lean();
+
+  
   //perche lean?
   // TODO availableAgentsCount nn c'è per il lean problema trigger
   // request.department._id DA CORREGGERE ANCHE PER REQUEST.CREATE
   // request.department.hasBot 
   // request.isOpen
-  //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, message.id_project+":requests:request_id:"+message.recipient)
-  .exec(function (err, request) {
+  winston.debug('message Event populate');
+  if (cacheEnabler.request) {
+    q.cache(cacheUtil.defaultTTL, message.id_project+":requests:request_id:"+message.recipient) //request_cache ma con lean????attento metti a parte
+    winston.debug('request cache enabled');
+  }
+  q.exec(function (err, request) {
 
     if (err) {
       winston.error("Error getting request on messageEvent.populateMessage",err );
       return messageEvent.emit(eventPrefix, message);
     }
 
+    winston.debug('message Event populate after query');
+
+
   if (request) {
       winston.debug("request is defined in messageEvent",request );
       
@@ -82,9 +97,14 @@ function populateMessageWithRequest(message, eventPrefix) {
     
       if (request.department && request.department.id_bot) {
         // if (request.department) {
-        Faq_kb.findById(request.department.id_bot)
-        //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, message.id_project+":faq_kbs:id:"+request.department.id_bot)
-        .exec(function(err, bot) {
+        let qbot = Faq_kb.findById(request.department.id_bot)
+
+        if (cacheEnabler.faq_kb) {
+          qbot.cache(cacheUtil.defaultTTL, message.id_project+":faq_kbs:id:"+request.department.id_bot)
+          winston.debug('faq_kb cache enabled');
+        }
+
+        qbot.exec(function(err, bot) {
           winston.debug('bot', bot);
           requestJson.department.bot = bot
           
@@ -159,4 +179,85 @@ messageEvent.on('message.create.simple', populateMessageCreate);
 messageEvent.on('message.update.simple', populateMessageUpdate);
 
 
+
+// // riattiva commentato per performance
+
+// // spostare su classe
+
+
+
+// var messageCreateKey = 'message.create';
+// if (messageEvent.queueEnabled) {
+//   messageCreateKey = 'message.create.queue';
+// }
+// winston.debug("messageEvent.queueEnabled: "+messageEvent.queueEnabled); 
+
+// winston.debug("messageCreateKey: "+messageCreateKey); 
+
+// messageEvent.on(messageCreateKey, function(message) {
+//   setImmediate(() => {      
+//     winston.debug("message.create before");
+//     if (!message.request) {
+//       return;
+//     }
+//     let request_id = message.request.request_id;
+//     let id_project = message.request.id_project;
+
+
+//     //update waiitng time if write an  agent (member of participants)
+//     let visitor_sent_last_message = false;
+//     // winston.info(" message.request.snapshot.lead.lead_id: "+  message.request.snapshot.lead.lead_id);
+//     // winston.info(" message.sender: "+  message.sender);
+
+//     if (message.request.snapshot && message.request.snapshot.lead.lead_id == message.sender) { 
+//       visitor_sent_last_message = true;
+//     }
+
+
+
+//     // don't work for recursive call
+//     // requestService.incrementMessagesCountByRequestId(message.request._id, message.request.id_project).then(function (savedRequest) {
+//     //   winston.info("incremented request", savedRequest);
+//     // });
+//     let clonedmessage = Object.assign({}, message);
+//     delete clonedmessage.request
+    
+    
+//     let data = {
+//       $push: {
+//         "snapshot.messages.data": {
+//               $each: [ clonedmessage ],
+//               $slice: -30
+//             }
+//       },
+//       $inc : {'snapshot.messages.messages_count' : 1},
+//       "snapshot.messages.visitor_sent_last_message": visitor_sent_last_message,
+//       "snapshot.messages.last_message_timestamp": message.createdAt
+//     };
+
+//     // db.getCollection('requests').find({"$expr": { "$gt": [ "$snapshot.messages.visitor_last_message_timestamp", "$snapshot.messages.agent_last_message_timestamp"]}})
+    
+    
+//     if (visitor_sent_last_message) {
+//       data["snapshot.messages.visitor_last_message_timestamp"]= message.createdAt;
+//     } else {
+//       data["snapshot.messages.agent_last_message_timestamp"]= message.createdAt;
+//     }
+//     // db.getCollection('requests').updateOne({"request_id":"support-group-630600bfaf7cd942116bc993-3da378ec63924bb9b4934b2835b37a7c"},{"$push":{"snapshot.messages.data":{"$each":["s"],"$slice":-5}}}}})
+//     winston.debug("data", data);
+
+//     return Request       
+//             .findOneAndUpdate({request_id: request_id, id_project: id_project}, data, {new: true, upsert:false}, function(err, updatedRequest) {
+//                 if (err) {
+//                   winston.error(err);
+//                   return reject(err);
+//                 }
+//                 winston.info("Message count +1");
+                
+//               });
+
+//   });
+// });
+
+
 module.exports = messageEvent;

package/jobs.js

@@ -0,0 +1,80 @@
+
+var dotenvPath = undefined;
+
+if (process.env.DOTENV_PATH) {
+  dotenvPath = process.env.DOTENV_PATH;
+  console.log("load dotenv form DOTENV_PATH", dotenvPath);
+}
+
+if (process.env.LOAD_DOTENV_SUBFOLDER ) {
+  console.log("load dotenv form LOAD_DOTENV_SUBFOLDER");
+  dotenvPath = __dirname+'/confenv/.env';
+}
+
+require('dotenv').config({ path: dotenvPath});
+
+
+var mongoose = require('mongoose');
+
+let winston = require('./config/winston');
+let JobsManager = require('./jobsManager');
+
+
+let geoService = require('./services/geoService');
+var config = require('./config/database');
+
+
+//override JOB_WORKER_ENABLED to false when you start jobs.js
+process.env.JOB_WORKER_ENABLED=false
+
+var databaseUri = process.env.DATABASE_URI || process.env.MONGODB_URI || config.database;
+var autoIndex = true;
+
+if (!databaseUri) { //TODO??
+  winston.warn('DATABASE_URI not specified, falling back to localhost.');
+}
+
+var connection = mongoose.connect(databaseUri, { "useNewUrlParser": true, "autoIndex": autoIndex }, function(err) {
+  if (err) { 
+    winston.error('Failed to connect to MongoDB on ' + databaseUri + " ", err);
+    process.exit(1);
+  }
+});
+
+// winston.info("mongoose.connection",mongoose.connection);
+// module.exports = jobsManager;
+
+
+
+async function main()
+{
+
+    require('./pubmodules/queue');     
+    // require('@tiledesk-ent/tiledesk-server-queue');     
+
+    let jobsManager = new JobsManager(undefined, geoService);
+
+    jobsManager.listen();
+
+
+    let emailNotification = require('./pubmodules/emailNotification');
+    jobsManager.listenEmailNotification(emailNotification);
+
+   
+    let activityArchiver = require('./pubmodules/activities').activityArchiver;    
+    jobsManager.listenActivityArchiver(activityArchiver);
+
+    winston.info("Jobs started"); 
+
+    await new Promise(function () {});
+    console.log('This text will never be printed');
+}
+
+function panic(error)
+{
+    console.error(error);
+    process.exit(1);
+}
+
+// https://stackoverflow.com/a/46916601/1478566
+main().catch(panic).finally(clearInterval.bind(null, setInterval(a=>a, 1E9)));

package/jobsManager.js

@@ -0,0 +1,47 @@
+
+var winston = require('./config/winston');
+
+class JobsManager {
+    constructor(jobWorkerEnabled, geoService) {
+        this.geoService = geoService;
+        this.emailNotificatio = undefined;
+        this.activityArchiver = undefined;
+
+        this.jobWorkerEnabled = jobWorkerEnabled;
+        // this.jobWorkerEnabled = false;
+        // if (process.env.JOB_WORKER_ENABLED=="true" || process.env.JOB_WORKER_ENABLED == true) {
+        //     this.jobWorkerEnabled = true;
+        // }
+        // winston.info("JobsManager jobWorkerEnabled: "+ this.jobWorkerEnabled);  
+    }
+
+
+    listen() {      
+        winston.info("JobsManager listener started");  
+        if ( this.jobWorkerEnabled == true) {
+           return winston.info("JobsManager jobWorkerEnabled is enabled. Skipping listeners");  
+        }
+        this.geoService.listen();
+    }
+
+    listenEmailNotification(emailNotification) {      
+        winston.info("JobsManager listenEmailNotification started");  
+        if ( this.jobWorkerEnabled == true) {
+            return winston.info("JobsManager jobWorkerEnabled is enabled. Skipping listener for Email Notification");  
+        }
+        this.emailNotification = emailNotification;
+        this.emailNotification.requestNotification.listen();
+    }
+
+    listenActivityArchiver(activityArchiver) {
+        winston.info("JobsManager listenActivityArchiver started"); 
+        if ( this.jobWorkerEnabled == true) {
+            return winston.info("JobsManager jobWorkerEnabled is enabled. Skipping listener for Activity Archiver");  
+        } 
+        this.activityArchiver = activityArchiver;
+        this.activityArchiver.listen();
+    }
+}
+
+
+module.exports = JobsManager;

package/middleware/has-role.js

@@ -4,6 +4,7 @@ var Subscription = require("../models/subscription");
 var winston = require('../config/winston');
 
 var cacheUtil = require('../utils/cacheUtil');
+var cacheEnabler = require("../services/cacheEnabler");
 
 class RoleChecker {
     
@@ -131,15 +132,21 @@ class RoleChecker {
 
           // JWT_HERE
           var query = { id_project: req.params.projectid, id_user: req.user._id, status: "active"};
+          let cache_key = req.params.projectid+":project_users:iduser:"+req.user._id
 
           if (req.user.sub && (req.user.sub=="userexternal" || req.user.sub=="guest")) {
             query = { id_project: req.params.projectid, uuid_user: req.user._id, status: "active"};
+            cache_key = req.params.projectid+":project_users:uuid_user:"+req.user._id
           }
           winston.debug("hasRoleOrType query " + JSON.stringify(query));
 
-          Project_user.findOne(query)
-            //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, req.params.projectid+":project_users:id:"+req.user.id) 
-            .exec(function (err, project_user) {
+          let q = Project_user.findOne(query);
+          if (cacheEnabler.project_user) { 
+            q.cache(cacheUtil.defaultTTL, cache_key);
+            winston.debug("cacheEnabler.project_user enabled");
+
+          }
+            q.exec(function (err, project_user) {
               if (err) {
                 winston.error("Error getting project_user for hasrole",err);
                 return next(err);

package/middleware/ipFilter.js

@@ -0,0 +1,220 @@
+const ipfilter = require('express-ipfilter').IpFilter
+var winston = require('../config/winston');
+var jwt = require('jsonwebtoken');
+
+
+var customDetection = function (req)  {
+    // const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;  
+    // const ip = (req.headers['x-forwarded-for'] || '').split(',').pop().trim() ||        //https://stackoverflow.com/questions/8107856/how-to-determine-a-users-ip-address-in-node
+    //   req.socket.remoteAddress
+  
+  
+    let ip = req.socket.remoteAddress;
+  
+      const xFor =  req.headers['x-forwarded-for'];
+      if (xFor ) {
+        const xForArr = xFor.split(',');
+        if (xForArr && xForArr.length>0) {
+          ip = xForArr.shift();
+        }
+      }
+      // const ip = 
+      // req.headers['x-forwarded-for']?.split(',').shift()
+      // || req.socket?.remoteAddress
+  
+    winston.info("standard ip: "+ip); // ip address of the user
+    return ip;
+}
+
+var getToken = function (headers) {
+  winston.debug("getToken",headers);
+  if (headers && headers.authorization) {
+    var parted = headers.authorization.split(' ');
+    if (parted.length === 2) {
+      return parted[1];
+    } else {
+      return null;
+    }
+  } else {
+    return null;
+  }
+};
+  
+
+class IPFilter {
+    
+
+    
+    constructor() {
+    }
+
+
+
+
+
+
+  
+  
+  
+projectIpFilter (req, res, next) {
+    var that = this;
+    // console.log("that", that)
+  
+    const nextIp = function(err) {
+      winston.debug("projectIpFilter next",err);
+    
+        if (err && err.name === "IpDeniedError") {
+          winston.info("IpDeniedError for projectIpFilter");
+          return res.status(401).json({ err: "error project ip filter" });
+          // next(err) 
+        } 
+    
+      next();
+    
+    }
+  
+  
+    if (!req.project) {
+      return next();
+    }
+    
+    var projectIpFilterEnabled = req.project.ipFilterEnabled;
+    winston.debug("project projectIpFilterEnabled: " +projectIpFilterEnabled)
+  
+    var projectIpFilter =  req.project.ipFilter
+    winston.debug("project ipFilter: " + projectIpFilter)
+    
+    if (projectIpFilterEnabled === true && projectIpFilter && projectIpFilter.length > 0) {
+      winston.debug("filtering project IpFilter with ", projectIpFilter );
+      var ip = ipfilter(projectIpFilter, { detectIp: customDetection, mode: 'allow' })
+      // var ip = ipfilter(projectIpFilter, { mode: 'allow' })
+       ip(req, res, nextIp);
+    } else {
+      next();
+    }
+  
+  }
+  
+   projectIpFilterDeny (req, res, next) {
+  
+    const nextIp = function(err) {
+      winston.debug("projectIpFilter next",err);
+    
+        if (err && err.name === "IpDeniedError") {
+          winston.info("IpDeniedError for projectIpFilterDeny");
+          return res.status(401).json({ err: "error project deny ip filter" });
+          // next(err) 
+        } 
+    
+      next();
+    
+    }
+  
+    if (!req.project) {
+      return next();
+    }
+    
+    var projectIpFilterDenyEnabled = req.project.ipFilterDenyEnabled;
+    winston.debug("project projectIpFilterDenyEnabled: " +projectIpFilterDenyEnabled)
+  
+    var projectIpFilterDeny =  req.project.ipFilterDeny
+    winston.debug("project IpFilterDeny: " + projectIpFilterDeny)
+  
+  
+    if (projectIpFilterDenyEnabled === true && projectIpFilterDeny && projectIpFilterDeny.length > 0) {
+      winston.debug("filtering project projectIpFilterDeny with ", projectIpFilterDeny );
+      var ip = ipfilter(projectIpFilterDeny, { detectIp: customDetection, mode: 'deny' })
+      ip(req, res, nextIp);
+    } else {
+      next();
+    }
+  
+  }
+  
+  
+  
+projectBanUserFilter(req, res, next) {
+  
+  winston.debug("projectBanUserFilter hereee*********** ")
+
+    const nextIp = function(err) {
+      winston.debug("projectBanUserFilter next",err);
+    
+        if (err && err.name === "IpDeniedError") {
+          winston.info("IpDeniedError for projectBanUserFilter");
+          return res.status(401).json({ err: "error projectBanUserFilter" });
+          // next(err) 
+        } 
+    
+      next();
+    
+    }
+  
+    if (!req.project) {
+      return next();
+    }
+    
+    var bannedUsers =  req.project.bannedUsers
+    winston.debug("project bannedUsers: " + bannedUsers)
+  
+    if (bannedUsers && bannedUsers.length > 0) {
+  
+      let bannedUsersArr = [];
+      let bannedUsersIdUserArr = [];
+      for (var i =0; i < bannedUsers.length; i++) {
+        bannedUsersArr.push(bannedUsers[i].ip);
+        bannedUsersIdUserArr.push(bannedUsers[i].id);
+      }
+    
+      winston.debug("project req.preDecodedJwt: ", req.preDecodedJwt)
+      // winston.debug("project req.preDecodedJwt._id: "+ req.preDecodedJwt._id)
+
+
+      if (req.preDecodedJwt && req.preDecodedJwt._id && bannedUsersIdUserArr.indexOf(req.preDecodedJwt._id) > -1) {
+        winston.info("filtering project bannedUsers with id: " + req.preDecodedJwt._id)
+        return res.status(401).json({ err: "error projectBanUserFilter by id" });
+      }
+
+
+      // winston.debug("filtering project bannedUsers with ", bannedUsersArr );
+      // var ip = ipfilter(bannedUsersArr, { detectIp: customDetection, mode: 'deny' })
+      // ip(req, res, nextIp);
+      next();
+    } else {
+      next();
+    }
+  
+  }
+  
+  
+
+  
+
+  decodeJwt(req, res, next) {
+  
+    let token = getToken(req.headers);
+    winston.debug("filtering token " + token); 
+
+    if (token) {
+
+      try {
+        var decoded = jwt.decode(token);
+        winston.debug("filtering decoded ", decoded);
+        req.preDecodedJwt = decoded;
+      }catch(e) {
+        winston.debug("Error decoding jwt");
+      }
+     
+    }
+   
+    
+    next();
+  }
+  
+  
+
+
+  
+}
+var iPFilter = new IPFilter();
+module.exports = iPFilter;

package/middleware/passport.js

@@ -77,8 +77,14 @@ module.exports = function(passport) {
               // winston.info("secretOrKeyProvider: "+request.project.name );
               // winston.info("secretOrKeyProvider: "+rawJwtToken );
               
-              var decoded = jwt.decode(rawJwtToken);
+              var decoded = request.preDecodedJwt
               winston.debug("decoded: ", decoded );
+              if (!decoded) { //fallback
+                winston.debug("load decoded after: ");
+                decoded = jwt.decode(rawJwtToken);
+              }
+              
+              winston.debug("decoded after: ", decoded );
 
               // qui arriva questo 
               // decoded:  {"_id":"5ce3ee855c520200176c189e","updatedAt":"2019-05-31T09:50:22.949Z","createdAt":"2019-05-21T12:26:45.192Z","name":"botext","url":"https://tiledesk-v2-simple--andrealeo83.repl.co","id_project":"5ce3d1ceb25ad30017274bc5","trashed":false,"createdBy":"5ce3d1c7b25ad30017274bc2","__v":0,"external":true,"iat":1559297130,"aud":"https://tiledesk.com","iss":"https://tiledesk.com","sub":"5ce3ee855c520200176c189e@tiledesk.com/bot"}
@@ -132,7 +138,7 @@ module.exports = function(passport) {
 
                       winston.debug("project id: "+ AudienceId );
                       Project.findOne({_id: AudienceId, status: 100}).select('+jwtSecret')
-                      //@DISABLED_CACHE .cache(cacheUtil.queryTTL, "projects:query:id:status:100:"+AudienceId+":select:+jwtSecret")
+                      //@DISABLED_CACHE .cache(cacheUtil.queryTTL, "projects:query:id:status:100:"+AudienceId+":select:+jwtSecret") //project_cache
                       .exec(function (err, project){
                         if (err) {
                           winston.error("auth Project err: ", {error:err, decoded: decoded} );

package/models/department.js

@@ -50,7 +50,7 @@ var DepartmentSchema = new Schema({
   tags: [TagSchema],
   status: {
     type: Number,
-    default: 1,
+    default: 1,     // 1: enabled; 0 hidden for widget; -1 hidden for the dashboard; 
     index: true
     // required: true
   },