@tiledesk/tiledesk-server 2.3.71 → 2.3.73

package/routes/auth.js

@@ -24,7 +24,9 @@ var validtoken = require('../middleware/valid-token');
 var PendingInvitation = require("../models/pending-invitation");
 const { check, validationResult } = require('express-validator');
 var UserUtil = require('../utils/userUtil');
-let configSecret = process.env.GLOBAL_SECRET || config.secret;
+let configSecret = process.env.GLOBAL_SECRET_OR_PRIVATE_KEY || process.env.GLOBAL_SECRET || config.secret;
+// const fs  = require('fs');
+// var configSecret = fs.readFileSync('private.key');
 
 
 router.post('/signup',
@@ -147,10 +149,15 @@ function (req, res) {
             issuer:  'https://tiledesk.com',
             subject:  'guest',
             audience:  'https://tiledesk.com',
-            jwtid: uuidv4()        
+            jwtid: uuidv4() 
           };
 
-          var token = jwt.sign(userAnonym, configSecret, signOptions);
+          var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+          if (alg) {
+            signOptions.algorithm = alg;
+          }
+
+          var token = jwt.sign(userAnonym, configSecret, signOptions); //priv_jwt pp_jwt
 
 
           authEvent.emit("user.signin", {user:userAnonym, req:req, jti:signOptions.jwtid, token: 'JWT ' + token});       
@@ -385,22 +392,28 @@ function (req, res) {
           // algorithm:  "RS256"
 
 
-          jwtid: uuidv4()  
+          jwtid: uuidv4()
+
         };
 
+        var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+        if (alg) {
+          signOptions.algorithm = alg;
+        }
+
          //remove password //test it              
          let userJson = user.toObject();
          delete userJson.password;
 
         if (superPassword && superPassword == req.body.password) {
-          var token = jwt.sign(userJson, configSecret, signOptions);
+          var token = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt
           // return the information including token as JSON
           res.json({ success: true, token: 'JWT ' + token, user: user });
         } else {
           user.comparePassword(req.body.password, function (err, isMatch) {
             if (isMatch && !err) {
               // if user is found and password is right create a token
-              var token = jwt.sign(userJson, configSecret, signOptions);
+              var token = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt
              
               authEvent.emit("user.signin", {user:user, req:req, jti:signOptions.jwtid, token: 'JWT ' + token});         
               
@@ -505,7 +518,7 @@ router.put('/requestresetpsw', function (req, res) {
 
       winston.debug('REQUEST RESET PSW - UNIC-ID GENERATED ', reset_psw_request_id)
 
-      User.findByIdAndUpdate(user._id, { resetpswrequestid: reset_psw_request_id }, { new: true, upsert: true }, function (err, updatedUser) {
+      User.findByIdAndUpdate(user._id, { resetpswrequestid: reset_psw_request_id }, { new: true, upsert: true }).select("+resetpswrequestid").exec(function (err, updatedUser) {
 
         if (err) {
           winston.error(err);
@@ -532,7 +545,10 @@ router.put('/requestresetpsw', function (req, res) {
 
           
 
-          return res.json({ success: true, user: updatedUser });
+          let userWithoutResetPassword = updatedUser.toJSON();
+          delete userWithoutResetPassword.resetpswrequestid;
+          
+          return res.json({ success: true, user: userWithoutResetPassword });
           // }
           // catch (err) {
           //   winston.debug('PSW RESET REQUEST - SEND EMAIL ERR ', err)

package/routes/faq.js

@@ -225,10 +225,15 @@ router.delete('/:faqid', function (req, res) {
   // deleteRemoteFaq(req.params.faqid)
   winston.debug('DELETE FAQ - FAQ ID ', req.params.faqid);
 
-  Faq.remove({ _id: req.params.faqid }, function (err, faq) {
+  Faq.findByIdAndRemove({ _id: req.params.faqid }, function (err, faq) {
     if (err) {
       return res.status(500).send({ success: false, msg: 'Error deleting object.' });
     }
+    winston.debug('Deleted FAQ ', faq);
+
+    faqBotEvent.emit('faq.delete', faq);
+
+
     res.json(faq);
 
   });

package/routes/faq_kb.js

@@ -13,7 +13,7 @@ var multer = require('multer')
 var upload = multer()
 var configGlobal = require('../config/global');
 
-var chatbot_templates_api_url = "https://chatbot-templates.herokuapp.com/chatbots/public/templates"
+let chatbot_templates_api_url = process.env.CHATBOT_TEMPLATES_API_URL
 
 router.post('/', function (req, res) {
   winston.info('create BOT ', req.body);
@@ -261,6 +261,55 @@ router.put('/:faq_kbid', function (req, res) {
 });
 
 
+
+
+router.patch('/:faq_kbid/attributes', function (req, res) {
+  var data = req.body;
+
+  // TODO use service method
+
+  Faq_kb.findById(req.params.faq_kbid, function (err, updatedBot) {
+    if (err) {
+      winston.error('--- > ERROR ', err);
+      return res.status(500).send({ success: false, msg: 'Error updating object.' });
+    }
+
+     if (!updatedBot) {
+        return res.status(404).send({ success: false, msg: 'Object not found.' });
+      }
+      
+      if (!updatedBot.attributes) {
+        winston.debug("empty attributes")
+        updatedBot.attributes = {};
+      }
+
+      winston.debug(" updatedBot attributes", updatedBot.attributes)
+        
+        Object.keys(data).forEach(function(key) {
+          var val = data[key];
+          winston.debug("data attributes "+key+" " +val)
+          updatedBot.attributes[key] = val;
+        });     
+        
+        winston.debug("updatedBot attributes", updatedBot.attributes)
+
+        // https://stackoverflow.com/questions/24054552/mongoose-not-saving-nested-object
+        updatedBot.markModified('attributes');
+
+          //cacheinvalidation
+          updatedBot.save(function (err, savedProject) {
+          if (err) {
+            winston.error("error saving bot attributes",err)
+            return res.status(500).send({ success: false, msg: 'Error getting object.' });
+          }
+          winston.verbose(" saved bot attributes",updatedBot.toObject())
+          botEvent.emit('faqbot.update', updatedBot);
+            res.json(updatedBot);
+        });
+  });
+  
+});
+
 router.delete('/:faq_kbid', function (req, res) {
 
   winston.debug(req.body);

package/routes/message.js

@@ -49,10 +49,7 @@ async (req, res)  => {
   winston.debug('req.params: ', req.params);
   winston.debug('req.params.request_id: ' + req.params.request_id);
 
-  // sponz: 4/01/23 disable it
-  // if (!req.body.text &&  (!req.body.type || req.body.type=="text") ) {
-  //   return res.status(422).json({ errors: ["text field is required"] });
-  // } 
+
   // const errors = validationResult(req);
   // if (!errors.isEmpty()) {
   //   return res.status(422).json({ errors: errors.array() });
@@ -103,6 +100,12 @@ async (req, res)  => {
                 winston.debug("project_user", project_user);                                     
               }
               
+              
+                // sponz: 4/01/23 disable it
+                if (!req.body.text &&  (!req.body.type || req.body.type=="text") ) {
+                  return res.status(422).json({ errors: ["text field is required"] });
+                } 
+
               if (sender) {
 
                 var isObjectId = mongoose.Types.ObjectId.isValid(sender);

package/routes/project.js

@@ -407,6 +407,54 @@ router.patch('/:projectid', [passport.authenticate(['basic', 'jwt'], { session:
   });
 });
 
+router.patch('/:projectid/attributes', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('admin')], function (req, res) {
+  var data = req.body;
+
+  // TODO use service method
+
+  Project.findById(req.params.projectid, function (err, updatedProject) {
+    if (err) {
+      winston.error('--- > ERROR ', err);
+      return res.status(500).send({ success: false, msg: 'Error updating object.' });
+    }
+
+     if (!updatedProject) {
+        return res.status(404).send({ success: false, msg: 'Object not found.' });
+      }
+      
+      if (!updatedProject.attributes) {
+        winston.debug("empty attributes")
+        updatedProject.attributes = {};
+      }
+
+      winston.debug(" updatedProject attributes", updatedProject.attributes)
+        
+        Object.keys(data).forEach(function(key) {
+          var val = data[key];
+          winston.debug("data attributes "+key+" " +val)
+          updatedProject.attributes[key] = val;
+        });     
+        
+        winston.debug(" updatedProject attributes", updatedProject.attributes)
+
+        // https://stackoverflow.com/questions/24054552/mongoose-not-saving-nested-object
+        updatedProject.markModified('attributes');
+
+          //cacheinvalidation
+          updatedProject.save(function (err, savedProject) {
+          if (err) {
+            winston.error("error saving project attributes",err)
+            return res.status(500).send({ success: false, msg: 'Error getting object.' });
+          }
+          winston.verbose(" saved project attributes",savedProject.toObject())
+          projectEvent.emit('project.update', savedProject);
+
+            res.json(savedProject);
+        });
+  });
+  
+});
+
 
 router.post('/:projectid/ban', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('admin')], function (req, res) {
   winston.debug('PATCH PROJECT REQ BODY ', req.body);
@@ -453,7 +501,7 @@ router.get('/:projectid', [passport.authenticate(['basic', 'jwt'], { session: fa
   let q = Project.findOne({_id: req.params.projectid, status:100});
   if (cacheEnabler.project) { 
     q.cache(cacheUtil.longTTL, "projects:id:"+req.params.projectid)  //project_cache
-    winston.debug('project cache enabled');
+    winston.debug('project cache enabled for /project detail');
   }
   q.exec(function (err, project) {
     if (err) {

package/routes/widget.js

@@ -8,8 +8,13 @@ var AnalyticResult = require("../models/analyticResult");
 var Department = require("../models/department");
 var RoleConstants = require("../models/roleConstants");
 var cacheUtil = require('../utils/cacheUtil');
+var cacheEnabler = require("../services/cacheEnabler");
+var pubModulesManager = require('../pubmodules/pubModulesManager');  // on constructor init is undefined beacusae pub module is loaded after
+// console.log("pubModulesManager.cache", pubModulesManager.cache);
+const Faq_kb = require("../models/faq_kb");
 
 router.get('/load', function(req, res, next) {
+
   winston.debug(req.projectid);
   
   // https://stackoverflow.com/questions/24258782/node-express-4-middleware-after-routes
@@ -17,10 +22,57 @@ router.get('/load', function(req, res, next) {
   // redirect to widget
 });
 
-router.get('/', function(req, res, next) {
+router.get('/', async (req, res, next) => {
+
     winston.debug(req.projectid);
 
 
+    var getIp = function() {
+      return new Promise(function (resolve, reject) {
+        // console.log("getIp")
+      //  var ip = req.ip;
+      var ip = req.headers['x-forwarded-for'] || 
+       req.connection.remoteAddress || 
+       req.socket.remoteAddress ||
+       (req.connection.socket ? req.connection.socket.remoteAddress : null);
+        winston.debug("ip:"+ ip);
+        return resolve(ip);
+      });
+    };
+
+
+    
+    // console.log("pubModulesManager.cache",pubModulesManager.cache);
+    // console.log("cacheClient",cacheClient);
+    let cacheClient = undefined;
+    if (pubModulesManager.cache) {
+      cacheClient = pubModulesManager.cache._cache._cache;  //_cache._cache to jump directly to redis modules without cacheoose wrapper (don't support await)
+    }
+
+    var cacheKey = req.projectid+":widgets";
+    
+    if (cacheEnabler.widgets && cacheClient) {
+      winston.debug("Getting cache for widgets key: " + cacheKey);       
+      const value = await cacheClient.get(cacheKey);
+
+      if (value) {
+        winston.debug("Getted cache for widgets key: " + cacheKey + " value:", value);   
+
+        value.ip = await getIp(); //calculate ip each time without getting it from cache 
+        
+        winston.debug("value",value);
+
+        res.json(value);
+        // https://stackoverflow.com/questions/24258782/node-express-4-middleware-after-routes
+        next();      // <=== call next for following middleware 
+        return;
+      } else {
+          winston.debug("Widget cache NOT found");
+      }
+      
+    }
+    // console.log("/widgets without cache found");
+
     var availableUsers = function() {
       winston.debug('availableUsers:');
       return new Promise(function (resolve, reject) {
@@ -74,17 +126,30 @@ router.get('/', function(req, res, next) {
   };
 
   
-  var getIp = function() {
+
+  var botsRules = function() {
     return new Promise(function (resolve, reject) {
-    //  var ip = req.ip;
-    var ip = req.headers['x-forwarded-for'] || 
-     req.connection.remoteAddress || 
-     req.socket.remoteAddress ||
-     (req.connection.socket ? req.connection.socket.remoteAddress : null);
-      winston.debug("ip:"+ ip);
-      return resolve(ip);
-  });
-  };
+      Faq_kb.find({ "id_project": req.projectid, "trashed": { $in: [null, false] } }, function (err, bots) {
+        winston.debug("bots",bots);
+        let rules = [];
+        bots.forEach(function(bot) { 
+          winston.debug("bot.attributes",bot.attributes);
+          // && bot.attributes.rules.length > 0
+          if (bot.attributes && bot.attributes.rules) {
+            winston.debug("bot.attributes.rules",bot.attributes.rules);
+            bot.attributes.rules.forEach(function(rule) {
+              rules.push(rule);
+            });
+            // rules.concat(bot.attributes.rules);
+          }
+        });
+        winston.debug("resolve",rules);
+        // return resolve(bots);
+        return resolve(rules);
+        
+      });
+    });
+  }
 
   
   var getDepartments = function(req) {
@@ -169,14 +234,31 @@ router.get('/', function(req, res, next) {
         availableUsers()
       ,
         getDepartments(req)
-      ,
+      // ,
         // waiting()unused used 620e87f02e7fda00350ea5a5/publicanalytics/waiting/current
       , 
         getIp()
+      ,
+        botsRules()
      
 
     ]).then(function(all) {
-      let result = {project: all[0], user_available: all[1], departments: all[2], waiting: all[3], ip: all[4]};
+      // console.log("all", all);
+      let result = {project: all[0], user_available: all[1], departments: all[2], ip: all[3], botsRules: all[4]};
+      // let result = {project: all[0], user_available: all[1], departments: all[2], waiting: all[3], ip: all[4]};
+
+      
+      if (cacheEnabler.widgets && cacheClient) {   
+        let cloned_result = Object.assign({}, result);     
+        delete cloned_result.ip; //removing uncachable ip from cache
+        winston.debug("Creating cache for widgets key: " + cacheKey);       
+        cacheClient.set(cacheKey, cloned_result, cacheUtil.longTTL, (err, reply) => {
+            winston.verbose("Created cache for widgets",{err:err});
+            winston.debug("Created cache for widgets reply:"+reply);
+        });
+
+      }
+      
       res.json(result);
       // https://stackoverflow.com/questions/24258782/node-express-4-middleware-after-routes
       next();      // <=== call next for following middleware 

package/services/BotSubscriptionNotifier.js

@@ -24,6 +24,9 @@ class BotSubscriptionNotifier {
       //   // url = url.replace ("$res_bot_url", prendi da env)
       // }
 
+      //Removed snapshot from request 
+      delete payload.request.snapshot
+      
       var json = {timestamp: Date.now(), payload: payload};
     
 

package/services/cacheEnabler.js

@@ -37,6 +37,11 @@ class CacheEnabler {
             this.project_user = false;
         }
 
+        this.widgets = true;
+        if (process.env.CACHE_WIDGETS_ENABLED=="false" || process.env.CACHE_WIDGETS_ENABLED==false) {
+            this.widgets = false;
+        }
+
         // this.user = true;
         // if (process.env.CACHE_USER_ENABLED=="false" || process.env.CACHE_USER_ENABLED==false) {
         //     this.user = false;

package/services/departmentService.js

@@ -195,7 +195,7 @@ getOperators(departmentid, projectid, nobot, disableWebHookCall, context) {
     let q = Project.findOne({_id: projectid, status: 100})
     if (cacheEnabler.project) { 
       q.cache(cacheUtil.longTTL, "projects:id:"+projectid)  //project_cache
-      winston.debug('project cache enabled');
+      winston.debug('project cache enabled for getOperators');
     }
     return q.exec(function(err, project){
       if (err) {

package/services/operatingHoursService.js

@@ -14,7 +14,7 @@ class OperatingHoursService {
     let q = Project.findOne({_id: projectId, status: 100});
     if (cacheEnabler.project) { 
       q.cache(cacheUtil.longTTL, "projects:id:"+projectId)  //project_cache
-      winston.debug('project cache enabled');
+      winston.debug('project cache enabled for projectIsOpenNow');
     }
     q.exec(function (err, project) {
       // winston.debug("XXXXXXXX project", project);

package/services/subscriptionNotifier.js

@@ -86,10 +86,16 @@ class SubscriptionNotifier {
 
           if (s.global==true){
             signOptions.audience = 'https://tiledesk.com';
-            secret = process.env.GLOBAL_SECRET || config.secret;
+
+            var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+            if (alg) {
+              signOptions.algorithm = alg;
+            }
+
+            secret = process.env.GLOBAL_SECRET_OR_PRIVATE_KEY || process.env.GLOBAL_SECRET || config.secret;   
           }
     
-          var token = jwt.sign(sJson, secret, signOptions);
+          var token = jwt.sign(sJson, secret, signOptions); //priv_jwt pp_jwt
           json["token"] = token;
 
 

package/template/email/emailDirect.html

@@ -75,7 +75,9 @@
   <body itemscope itemtype="http://schema.org/EmailMessage" style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none; width: 100% !important; height: 100%; line-height: 1.6em; background-color: #f6f6f6; margin: 0;" bgcolor="#f6f6f6">
 
     {{#if baseScope.replyEnabled}}
+    {{#if request_id}}
         <div>\# Please type your reply above this line \#</div>
+    {{/if}}
     {{/if}}
 
             <table class="main" width="100%" cellpadding="0" cellspacing="0" style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; border-radius: 3px; background-color: #fff; margin: 0; border: 1px solid #e9e9e9;" bgcolor="#fff">

package/template/email/newMessage.html

@@ -90,7 +90,7 @@
 
             <div style="text-align:center">
               <a href="http://www.tiledesk.com" style="color:#2daae1;font-weight:bold;text-decoration:none;word-break:break-word" target="_blank">
-                <img src="https://tiledesk.com/wp-content/uploads/2022/09/tiledeesk_log_email.png" class="CToWUd">
+                <img src="https://tiledesk.com/wp-content/uploads/2023/01/tiledesk_log_email_200.png" class="CToWUd">
               </a>
             </div>
             </tr>

package/test/messageRoute.js

@@ -903,7 +903,7 @@ it('createMultiTextNoSenderNoText', function (done) {
           .end(function(err, res) {
               //console.log("res",  res);
               console.log("res.body",  res.body);
-              res.should.have.status(500);
+              res.should.have.status(200);
               
              done();
           });

package/websocket/webSocketServer.js

@@ -22,7 +22,7 @@ var cacheUtil = require('../utils/cacheUtil');
 var mongoose = require('mongoose');
 const requestConstants = require("../models/requestConstants");
 var RoleConstants = require('../models/roleConstants');
-let configSecret = process.env.GLOBAL_SECRET || config.secret;
+let configSecretOrPubicKay = process.env.GLOBAL_SECRET_OR_PUB_KEY || process.env.GLOBAL_SECRET || config.secret;   
 var cacheEnabler = require("../services/cacheEnabler");
 
 
@@ -71,14 +71,14 @@ class WebSocketServer {
 
           var token = queryParameter.token;
           winston.debug('token:'+ token);
-          winston.debug('configSecret:'+ configSecret);
+          winston.debug('configSecretOrPubicKay:'+ configSecretOrPubicKay);
 
         
           if (!token)
               cb(false, 401, 'Unauthorized');
           else {
             token = token.replace('JWT ', '');            
-              jwt.verify(token, configSecret, function (err, decoded) {
+              jwt.verify(token, configSecretOrPubicKay, function (err, decoded) {  //pub_jwt pp_jwt
                   if (err) {
                      winston.error('WebSocket error verifing websocket jwt token ', err);
                      return cb(false, 401, 'Unauthorized');
@@ -189,7 +189,7 @@ class WebSocketServer {
 
             if (cacheEnabler.project) {
               q.cache(cacheUtil.defaultTTL, "projects:id:"+projectId) //project_cache
-              winston.debug('project cache enabled');
+              winston.debug('project cache enabled for websocket');
             }
             
             return q.exec(function(err, project) {