@tiledesk/tiledesk-server 2.3.72 → 2.3.73

package/CHANGELOG.md

@@ -5,6 +5,30 @@
 🚀        IN PRODUCTION                        🚀
 (https://www.npmjs.com/package/@tiledesk/tiledesk-server/v/2.3.71) 
 
+# 2.3.73
+- Removed unused mongoose-auto-increment dependency
+- Removed version versions files
+- Added attributes field to the project model and relative patch endpoint 
+- Message text validation only for the first message
+- Updated tiledesk/tiledesk-tybot-connector@0.1.46
+- Added an endpoint to patch the bot attributes
+- Added Faq_kbSchema index({certified: 1, public: 1});
+- Added ActivitySchema index({id_project: 1, createdAt: -1});
+- Changed from .remove to findByIdAndRemove for faq remove endpoint to fix event emitter payload
+- Updated tiledesk/tiledesk-tybot-connector@0.1.47
+- Added caching for /widgets endpoint with invalidations
+- Added bot rules to /widgets endpoint
+- Select false for resetpswrequestid field of user model
+- Added support for Public Private Key for JWT Auth with GLOBAL_SECRET_OR_PRIVATE_KEY and GLOBAL_SECRET_OR_PUB_KEY and GLOBAL_SECRET_ALGORITHM environments variables. If these properties are configured Public Private Key method is enabled otherwise if GLOBAL_SECRET env varible is configured the shared secret method is used. algorithm (default: HS256)
+- Updated tiledesk/tiledesk-tybot-connector@0.1.48
+- Removed “snapshot” from request payload for external chatbot
+
+
+
+# 2.3.72
+- Added Kaleyra module
+- Updated tiledesk-apps to 1.0.12
+
 # 2.3.71
 - Email service send email direct fit without request_id
 - Removed strong from transcript email template

package/middleware/passport.js

@@ -34,7 +34,8 @@ const maskOptions = {
   };
 
 
-var configSecret = process.env.GLOBAL_SECRET || config.secret;
+var configSecret = process.env.GLOBAL_SECRET_OR_PUB_KEY || process.env.GLOBAL_SECRET || config.secret;
+
 
 var maskedconfigSecret = MaskData.maskPhone(configSecret, maskOptions);
 winston.info('Authentication Global Secret : ' + maskedconfigSecret);
@@ -179,17 +180,17 @@ module.exports = function(passport) {
 
                     else if (decoded.aud == "https://tiledesk.com") {                
                       winston.debug("configSecret: "+ maskedconfigSecret );
-                      done(null, configSecret);
+                      done(null, configSecret); //pub_jwt pp_jwt 
                     }
 
                     else {                
                       winston.debug("configSecret: "+ maskedconfigSecret );
-                      done(null, configSecret);
+                      done(null, configSecret); //pub_jwt pp_jwt
                     }
               }
               else {
                 winston.debug("configSecret: "+ maskedconfigSecret );
-                done(null, configSecret);
+                done(null, configSecret); //pub_jwt pp_jwt
               }             
             }
        }

package/models/faq_kb.js

@@ -95,6 +95,11 @@ Faq_kbSchema.virtual('fullName').get(function () {
   return (this.name);
 });
 
+Faq_kbSchema.index({certified: 1, public: 1}); //suggested by atlas
+
+
+
+
 var faq_kb = mongoose.model('faq_kb', Faq_kbSchema);
 
 if (process.env.MONGOOSE_SYNCINDEX) {

package/models/presence.js

@@ -5,7 +5,7 @@ var winston = require('../config/winston');
 var PresenceSchema = new Schema({
   status: {
     type: String,
-    default: 'offline',
+    default: 'offline',  //online
     required: true,
     index: true
   },

package/models/project.js

@@ -68,6 +68,9 @@ var ProjectSchema = new Schema({
     type: String,
     select: false
   },
+  attributes: {
+    type: Object,
+  },
   // apiKey: { //You do want to block anonymous traffic. https://cloud.google.com/endpoints/docs/openapi/when-why-api-key#:~:text=API%20keys%20identify%20an%20application's,patterns%20in%20your%20API's%20traffic
   //   type: String,
   //   select: false,

package/models/user.js

@@ -31,6 +31,7 @@ var UserSchema = new Schema({
     },
     resetpswrequestid: {
         type: String,
+        select: false 
     },
     signedInAt: {
         type:Date

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@tiledesk/tiledesk-server",
   "description": "The Tiledesk server module",
-  "version": "2.3.72",
+  "version": "2.3.73",
   "scripts": {
     "start": "node ./bin/www",
     "pretest": "mongodb-runner start",
@@ -43,7 +43,7 @@
     "@tiledesk/tiledesk-chatbot-util": "^0.8.33",
     "@tiledesk/tiledesk-json-rules-engine": "^4.0.3",
     "@tiledesk/tiledesk-rasa-connector": "^1.0.10",
-    "@tiledesk/tiledesk-tybot-connector": "^0.1.42",
+    "@tiledesk/tiledesk-tybot-connector": "^0.1.49",
     "@tiledesk/tiledesk-dialogflow-connector": "^1.8.3",
     "app-root-path": "^3.0.0",
     "bcrypt-nodejs": "0.0.3",

package/pubmodules/activities/models/activity.js

@@ -83,6 +83,8 @@ var ActivitySchema = new Schema({
 }
 );
 
+ActivitySchema.index({id_project: 1, createdAt: -1});
+
 // TODO metti indice per query è lentina
 
 module.exports = mongoose.model('activity', ActivitySchema);

package/pubmodules/cache/mongoose-cachegoose-fn.js

@@ -2,6 +2,7 @@
  var messageEvent = require("../../event/messageEvent");   
  var projectEvent = require("../../event/projectEvent");   
  var botEvent = require("../../event/botEvent");   
+ const faqBotEvent = require('../../event/faqBotEvent');
  var departmentEvent = require("../../event/departmentEvent");   
  var authEvent = require("../../event/authEvent");   
  var labelEvent = require("../../event/labelEvent");
@@ -14,6 +15,7 @@
  var cachegoose = require('cachegoose');
 
  var cacheUtil = require('../../utils/cacheUtil');
+ var RoleConstants = require("../../models/roleConstants");
 
  
 
@@ -28,6 +30,7 @@
                 winston.debug("Created cache for project.create reply",reply);
             });
 
+            // TODO COMMENTA NON USATO
             key = "projects:query:*";
             winston.verbose("Deleting cache for project.create with key: " + key);
             client.del(key, function (err, reply) {
@@ -48,12 +51,17 @@
 
             });
 
+            // TODO COMMENTA NON USATO
             key = "projects:query:*";
-            winston.verbose("Deleting cache for project.create with key: " + key);
+            winston.verbose("Deleting cache for project.update with key: " + key);
             client.del(key, function (err, reply) {
-                winston.debug("Deleted cache for project.create",reply);
-                winston.verbose("Deleted cache for project.create",{err:err});
+                winston.debug("Deleted cache for project.update",reply);
+                winston.verbose("Deleted cache for project.update",{err:err});
             });   
+
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for project.update");
+            invalidateWidgets(client, project.id); //tested
         });
 
     });
@@ -67,6 +75,7 @@
                 winston.verbose("Deleted cache for project.delete",{err:err});
             });
 
+            // TODO COMMENTA NON USATO
             key = "projects:query:*";
             winston.verbose("Deleting cache for project.create with key: " + key);
             client.del(key, function (err, reply) {
@@ -74,6 +83,10 @@
                 winston.verbose("Deleted cache for project.create",{err:err});
             });   
         });
+
+        // TODO invalidate widgets here
+        winston.verbose("Deleting widgets cache for project.delete");
+        invalidateWidgets(client, project.id);
     });
 
     projectEvent.on("project.downgrade", function(project) {
@@ -86,12 +99,17 @@
                 winston.verbose("Updated cache for project.downgrade",{err:err});
             });
 
+            // TODO COMMENTA NON USATO
             key = "projects:query:*";
-            winston.verbose("Deleting cache for project.create with key: " + key);
+            winston.verbose("Deleting cache for project.downgrade with key: " + key);
             client.del(key, function (err, reply) {
-                winston.debug("Deleted cache for project.create",reply);
-                winston.verbose("Deleted cache for project.create",{err:err});
-            });   
+                winston.debug("Deleted cache for project.downgrade",reply);
+                winston.verbose("Deleted cache for project.downgrade",{err:err});
+            }); 
+            
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for project.downgrade");
+            invalidateWidgets(client, project.id);
         });
     });
 
@@ -153,6 +171,18 @@
                     winston.verbose("Updated cache for project_user.update",{err:err});
                 });
             }
+
+
+            
+            // TODO invalidate widgets headers
+            // only if role is agent, owner, admin ATTENTION
+            if (role == RoleConstants.OWNER || role == RoleConstants.ADMIN || role == RoleConstants.SUPERVISOR || role == RoleConstants.AGENT) {
+                winston.verbose("Deleting widgets cache for project_user.update");
+                invalidateWidgets(client, project_user.id_project);    //tested
+            }else {
+                winston.verbose("NOT invalidating widget cache for non admins project_user role");//tested
+            }
+            
         });
     });
    
@@ -235,8 +265,8 @@
             });
 
 
-            var key = "requests:id:"+request.request_id+":simple";  //without project for chat21 webhook
-            winston.verbose("Creating cache for request.create.simple with key: " + key);
+            var key = "requests:request_id:"+request.request_id+":simple";  //without project for chat21 webhook
+            winston.verbose("Creating cache for request.create.simple without project with key : " + key);
 
             client.set(key, request, cacheUtil.defaultTTL, (err, reply) => {
                 winston.debug("Created cache for request.create.simple",reply);
@@ -270,6 +300,7 @@
                 winston.verbose("Created cache for request.create",{err:err});
             });
 
+            // TODO COMMENTA NON USATO
             key = request.id_project+":requests:query:*";
             winston.verbose("Deleting cache for request.create with key: " + key);
             client.del(key, function (err, reply) {
@@ -297,11 +328,12 @@
                 winston.verbose("Created cache for request.update",{err:err});
             });
 
+            // TODO COMMENTA NON USATO
             key = request.id_project+":requests:query:*";
-            winston.verbose("Deleting cache for request.create with key: " + key);
+            winston.verbose("Deleting cache for request.update with key: " + key);
             client.del(key, function (err, reply) {
-                winston.debug("Deleted cache for request.create",reply);
-                winston.verbose("Deleted cache for request.create",{err:err});
+                winston.debug("Deleted cache for request.update",reply);
+                winston.verbose("Deleted cache for request.update",{err:err});
             });   
         });
     });
@@ -323,11 +355,12 @@
                 winston.verbose("Created cache for request.close",{err:err});
             });
 
+            // TODO COMMENTA NON USATO
             key = request.id_project+":requests:query:*";
             winston.verbose("Deleting cache for request.create with key: " + key);
             client.del(key, function (err, reply) {
-                winston.debug("Deleted cache for request.create",reply);
-                winston.verbose("Deleted cache for request.create",{err:err});
+                winston.debug("Deleted cache for request.close",reply);
+                winston.verbose("Deleted cache for request.close",{err:err});
             });   
         });
     });
@@ -362,6 +395,10 @@
                 winston.debug("Created cache for faq_kb.create",reply);
                 winston.verbose("Created cache for faq_kb.create",{err:err});
             });
+
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for faqbot.create");
+            invalidateWidgets(client, faq_kb.id_project); //tested
         });
     });
 
@@ -374,7 +411,11 @@
             client.set(key, faq_kb, cacheUtil.defaultTTL, (err, reply) => {
                 winston.debug("Created cache for faq_kb.create",reply);
                 winston.verbose("Created cache for faq_kb.update",{err:err});
-            });       
+            }); 
+            
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for faqbot.update");
+            invalidateWidgets(client, faq_kb.id_project); //TESTED
         });
     });
 
@@ -382,11 +423,41 @@
     botEvent.on("faqbot.delete", function(faq_kb) { 
         setImmediate(() => {
             var key = faq_kb.id_project+":faq_kbs:id:"+faq_kb._id;
-            winston.verbose("Creating cache for faqbot.delete with key: " + key);
-            client.set(key, faq_kb, cacheUtil.defaultTTL, (err, reply) => {
-                winston.debug("Created cache for faqbot.delete",reply);
-                winston.verbose("Created cache for faqbot.delete",{err:err});
+            winston.verbose("Deleting cache for faqbot.delete with key: " + key);
+            client.del(key, (err, reply) => {
+                winston.debug("Deleted cache for faqbot.delete",reply);
+                winston.verbose("Deleted cache for faqbot.delete",{err:err});
             });
+
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for faqbot.delete");
+            invalidateWidgets(client, faq_kb.id_project); //tested
+        });
+    });
+
+
+
+    faqBotEvent.on("faq.create", function(faq) { 
+        setImmediate(() => {            
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for faq.create");
+            invalidateWidgets(client, faq.id_project); //tested
+        });
+    });
+
+    faqBotEvent.on("faq.update", function(faq) { 
+        setImmediate(() => {            
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for faq.update");
+            invalidateWidgets(client, faq.id_project);//tested
+        });
+    });
+
+    faqBotEvent.on("faq.delete", function(faq) { 
+        setImmediate(() => {            
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for faq.delete",faq);
+            invalidateWidgets(client, faq.id_project);//tested
         });
     });
 
@@ -400,12 +471,17 @@
                 winston.verbose("Created cache for department.create",{err:err});
             });
             
+            // TODO COMMENTA NON USATO
             key = department.id_project+":departments:query:*";        
             winston.verbose("Deleting cache for department.create with key: " + key);
             client.del(key, function (err, reply) {
                 winston.debug("Deleted cache for department.create",reply);
                 winston.verbose("Deleted cache for department.create",{err:err});
             });   
+
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for department.create");
+            invalidateWidgets(client, department.id_project); 
         });
     });
 
@@ -420,12 +496,17 @@
                 winston.verbose("Created cache for department.update",{err:err});
             });    
 
+            // TODO COMMENTA NON USATO
             key = department.id_project+":departments:query:*";        
             winston.verbose("Deleting cache for department.update with key: " + key);
             client.del(key, function (err, reply) {
                 winston.debug("Deleted cache for department.update",reply);
                 winston.verbose("Deleted cache for department.update",{err:err});
             });   
+
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for department.update");
+            invalidateWidgets(client, department.id_project); //tested
         });
     });
 
@@ -433,24 +514,31 @@
     departmentEvent.on("department.delete", function(department) { 
         setImmediate(() => {
             var key = department.id_project+":departments:id:"+department._id;
-            winston.verbose("Creating cache for department.delete with key: " + key);
-            client.set(key, department, cacheUtil.defaultTTL, (err, reply) => {
-                winston.debug("Created cache for department.delete",reply);
-                winston.verbose("Created cache for department.delete",{err:err});
+            winston.verbose("Deleting cache for department.delete with key: " + key);
+            client.del(key, (err, reply) => {
+                winston.debug("Deleted cache for department.delete",reply);
+                winston.verbose("Deleted cache for department.delete",{err:err});
             });
 
+            // TODO COMMENTA NON USATO
             key = department.id_project+":departments:query:*";        
             winston.verbose("Deleting cache for department.delete with key: " + key);
             client.del(key, function (err, reply) {
                 winston.debug("Deleted cache for department.delete",reply);
                 winston.verbose("Deleted cache for department.delete",{err:err});
             });   
+
+            // TODO invalidate widgets here
+            winston.verbose("Deleting widgets cache for department.delete");
+            invalidateWidgets(client, department.id_project);
         });
     });
 
 
     labelEvent.on("label.create", function(label) { 
         setImmediate(() => {    
+
+            // TODO COMMENTA NON USATO
             var key = label.id_project+":labels:query:*";        
             winston.verbose("Deleting cache for label.create with key: " + key);
             client.del(key, function (err, reply) {
@@ -464,6 +552,8 @@
 
     labelEvent.on("label.update", function(label) {        
         setImmediate(() => {    
+
+            // TODO COMMENTA NON USATO
             var key = label.id_project+":labels:query:*";        
             winston.verbose("Deleting cache for label.update with key: " + key);
             client.del(key, function (err, reply) {
@@ -475,7 +565,9 @@
 
 
     labelEvent.on("label.clone", function(label) {    
-        setImmediate(() => {         
+        setImmediate(() => {       
+            
+            // TODO COMMENTA NON USATO
             var key = label.id_project+":labels:query:*";        
             winston.verbose("Deleting cache for label.clone with key: " + key);
             client.del(key, function (err, reply) {
@@ -488,6 +580,8 @@
 
     labelEvent.on("label.delete", function(label) {     
         setImmediate(() => {         
+
+            // TODO COMMENTA NON USATO
             var key = label.id_project+":labels:query:*";        
             winston.verbose("Deleting cache for label.delete with key: " + key);
             client.del(key, function (err, reply) {
@@ -575,6 +669,17 @@
     
     }
     
+
+    function invalidateWidgets(client, project_id) {
+        key = project_id+":widgets";
+        winston.verbose("Deleting cache for widgets with key: " + key);
+        client.del(key, function (err, reply) {
+            winston.debug("Deleted cache for widgets",reply);
+            winston.verbose("Deleted cache for widgets",{err:err});
+        });   
+    }
+
+
     //jwt
 
     // fai cache faq
@@ -616,8 +721,12 @@ module.exports = function (mongoose, option) {
 
         var client = cachegoose._cache;
         listen(client);
+
+        return cachegoose;
     }else {
         winston.info("Mongoose Cachegoose disabled");
+
+        return;
     }
 
     // console.log("init",init);  

package/pubmodules/emailNotification/requestNotification.js

@@ -24,7 +24,7 @@ var configGlobal = require('../../config/global');
 
 var widgetConfig = require('../../config/widget');
 var widgetTestLocation = process.env.WIDGET_TEST_LOCATION || widgetConfig.testLocation;
-let configSecret = process.env.GLOBAL_SECRET || config.secret;
+let configSecret = process.env.GLOBAL_SECRET_OR_PRIVATE_KEY || process.env.GLOBAL_SECRET || config.secret;
 
 let apiUrl = process.env.API_URL || configGlobal.apiUrl;
 winston.debug('********* RequestNotification apiUrl: ' + apiUrl);
@@ -290,9 +290,14 @@ sendToUserEmailChannelEmail(projectid, message) {
         issuer:  'https://tiledesk.com',
         subject:  'userexternal',
         audience:  'https://tiledesk.com',
-        jwtid: uuidv4()        
+        jwtid: uuidv4()
       };
 
+      var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+      if (alg) {
+        signOptions.algorithm = alg;
+      }
+
 
       var recipient = lead.lead_id;
       winston.debug("recipient:"+ recipient);
@@ -301,7 +306,7 @@ sendToUserEmailChannelEmail(projectid, message) {
       winston.debug("userEmail  ",userEmail);
 
 
-      var token = jwt.sign(userEmail, configSecret, signOptions);
+      var token = jwt.sign(userEmail, configSecret, signOptions); //priv_jwt pp_jwt
       winston.debug("token  "+token);
 
       var sourcePage = widgetTestLocation + "?tiledesk_projectid=" 
@@ -769,14 +774,19 @@ sendUserEmail(projectid, message) {
                     issuer:  'https://tiledesk.com',
                     subject:  'guest',
                     audience:  'https://tiledesk.com',
-                    jwtid: uuidv4()        
+                    jwtid: uuidv4()
                   };
 
+                  var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+                  if (alg) {
+                    signOptions.algorithm = alg;
+                  }
+
                   let userAnonym = {_id: recipient, firstname: lead.fullname, lastname: lead.fullname, email: lead.email, attributes: lead.attributes};
                   winston.debug("userAnonym  ",userAnonym);
 
         
-                  var token = jwt.sign(userAnonym, configSecret, signOptions);
+                  var token = jwt.sign(userAnonym, configSecret, signOptions); //priv_jwt pp_jwt
                   winston.debug("token  "+token);
 
                   var sourcePage = widgetTestLocation + "?tiledesk_projectid=" 

package/pubmodules/pubModulesManager.js

@@ -60,28 +60,28 @@ class PubModulesManager {
         
         if (this.rasaRoute) {
             app.use('/modules/rasa', this.rasaRoute);
-            winston.info("ModulesManager rasaRoute controller loaded");       
+            winston.info("PubModulesManager rasaRoute controller loaded");       
         }
         if (this.appsRoute) {
             app.use('/modules/apps', this.appsRoute);
-            winston.info("ModulesManager appsRoute controller loaded");       
+            winston.info("PubModulesManager appsRoute controller loaded");       
         }
         if (this.whatsappRoute) {
             app.use('/modules/whatsapp', this.whatsappRoute);
-            winston.info("ModulesManager whatsappRoute controller loaded");
+            winston.info("PubModulesManager whatsappRoute controller loaded");
         }
         if (this.kaleyraRoute) {
             app.use('/modules/kaleyra', this.kaleyraRoute);
-            winston.info("ModulesManager kaleyraRoute controller loaded");
+            winston.info("PubModulesManager kaleyraRoute controller loaded");
         }
         if (this.tilebotRoute) {
             app.use('/modules/tilebot', this.tilebotRoute);
-            winston.info("ModulesManager tilebot controller loaded");       
+            winston.info("PubModulesManager tilebot controller loaded");       
         }
 
         if (this.dialogFlow) {
             app.use("/modules/dialogFlow", this.dialogFlow.dialogflowRoute);
-            winston.info("ModulesManager dialogFlow controller loaded");       
+            winston.info("PubModulesManager dialogFlow controller loaded");       
         }
 
     }

package/routes/auth.js

@@ -24,7 +24,9 @@ var validtoken = require('../middleware/valid-token');
 var PendingInvitation = require("../models/pending-invitation");
 const { check, validationResult } = require('express-validator');
 var UserUtil = require('../utils/userUtil');
-let configSecret = process.env.GLOBAL_SECRET || config.secret;
+let configSecret = process.env.GLOBAL_SECRET_OR_PRIVATE_KEY || process.env.GLOBAL_SECRET || config.secret;
+// const fs  = require('fs');
+// var configSecret = fs.readFileSync('private.key');
 
 
 router.post('/signup',
@@ -147,10 +149,15 @@ function (req, res) {
             issuer:  'https://tiledesk.com',
             subject:  'guest',
             audience:  'https://tiledesk.com',
-            jwtid: uuidv4()        
+            jwtid: uuidv4() 
           };
 
-          var token = jwt.sign(userAnonym, configSecret, signOptions);
+          var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+          if (alg) {
+            signOptions.algorithm = alg;
+          }
+
+          var token = jwt.sign(userAnonym, configSecret, signOptions); //priv_jwt pp_jwt
 
 
           authEvent.emit("user.signin", {user:userAnonym, req:req, jti:signOptions.jwtid, token: 'JWT ' + token});       
@@ -385,22 +392,28 @@ function (req, res) {
           // algorithm:  "RS256"
 
 
-          jwtid: uuidv4()  
+          jwtid: uuidv4()
+
         };
 
+        var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+        if (alg) {
+          signOptions.algorithm = alg;
+        }
+
          //remove password //test it              
          let userJson = user.toObject();
          delete userJson.password;
 
         if (superPassword && superPassword == req.body.password) {
-          var token = jwt.sign(userJson, configSecret, signOptions);
+          var token = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt
           // return the information including token as JSON
           res.json({ success: true, token: 'JWT ' + token, user: user });
         } else {
           user.comparePassword(req.body.password, function (err, isMatch) {
             if (isMatch && !err) {
               // if user is found and password is right create a token
-              var token = jwt.sign(userJson, configSecret, signOptions);
+              var token = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt
              
               authEvent.emit("user.signin", {user:user, req:req, jti:signOptions.jwtid, token: 'JWT ' + token});         
               
@@ -505,7 +518,7 @@ router.put('/requestresetpsw', function (req, res) {
 
       winston.debug('REQUEST RESET PSW - UNIC-ID GENERATED ', reset_psw_request_id)
 
-      User.findByIdAndUpdate(user._id, { resetpswrequestid: reset_psw_request_id }, { new: true, upsert: true }, function (err, updatedUser) {
+      User.findByIdAndUpdate(user._id, { resetpswrequestid: reset_psw_request_id }, { new: true, upsert: true }).select("+resetpswrequestid").exec(function (err, updatedUser) {
 
         if (err) {
           winston.error(err);
@@ -532,7 +545,10 @@ router.put('/requestresetpsw', function (req, res) {
 
           
 
-          return res.json({ success: true, user: updatedUser });
+          let userWithoutResetPassword = updatedUser.toJSON();
+          delete userWithoutResetPassword.resetpswrequestid;
+          
+          return res.json({ success: true, user: userWithoutResetPassword });
           // }
           // catch (err) {
           //   winston.debug('PSW RESET REQUEST - SEND EMAIL ERR ', err)

package/routes/faq.js

@@ -225,10 +225,15 @@ router.delete('/:faqid', function (req, res) {
   // deleteRemoteFaq(req.params.faqid)
   winston.debug('DELETE FAQ - FAQ ID ', req.params.faqid);
 
-  Faq.remove({ _id: req.params.faqid }, function (err, faq) {
+  Faq.findByIdAndRemove({ _id: req.params.faqid }, function (err, faq) {
     if (err) {
       return res.status(500).send({ success: false, msg: 'Error deleting object.' });
     }
+    winston.debug('Deleted FAQ ', faq);
+
+    faqBotEvent.emit('faq.delete', faq);
+
+
     res.json(faq);
 
   });

package/routes/faq_kb.js

@@ -13,7 +13,7 @@ var multer = require('multer')
 var upload = multer()
 var configGlobal = require('../config/global');
 
-var chatbot_templates_api_url = "https://chatbot-templates.herokuapp.com/chatbots/public/templates"
+let chatbot_templates_api_url = process.env.CHATBOT_TEMPLATES_API_URL
 
 router.post('/', function (req, res) {
   winston.info('create BOT ', req.body);
@@ -261,6 +261,55 @@ router.put('/:faq_kbid', function (req, res) {
 });
 
 
+
+
+router.patch('/:faq_kbid/attributes', function (req, res) {
+  var data = req.body;
+
+  // TODO use service method
+
+  Faq_kb.findById(req.params.faq_kbid, function (err, updatedBot) {
+    if (err) {
+      winston.error('--- > ERROR ', err);
+      return res.status(500).send({ success: false, msg: 'Error updating object.' });
+    }
+
+     if (!updatedBot) {
+        return res.status(404).send({ success: false, msg: 'Object not found.' });
+      }
+      
+      if (!updatedBot.attributes) {
+        winston.debug("empty attributes")
+        updatedBot.attributes = {};
+      }
+
+      winston.debug(" updatedBot attributes", updatedBot.attributes)
+        
+        Object.keys(data).forEach(function(key) {
+          var val = data[key];
+          winston.debug("data attributes "+key+" " +val)
+          updatedBot.attributes[key] = val;
+        });     
+        
+        winston.debug("updatedBot attributes", updatedBot.attributes)
+
+        // https://stackoverflow.com/questions/24054552/mongoose-not-saving-nested-object
+        updatedBot.markModified('attributes');
+
+          //cacheinvalidation
+          updatedBot.save(function (err, savedProject) {
+          if (err) {
+            winston.error("error saving bot attributes",err)
+            return res.status(500).send({ success: false, msg: 'Error getting object.' });
+          }
+          winston.verbose(" saved bot attributes",updatedBot.toObject())
+          botEvent.emit('faqbot.update', updatedBot);
+            res.json(updatedBot);
+        });
+  });
+  
+});
+
 router.delete('/:faq_kbid', function (req, res) {
 
   winston.debug(req.body);

package/routes/message.js

@@ -49,10 +49,7 @@ async (req, res)  => {
   winston.debug('req.params: ', req.params);
   winston.debug('req.params.request_id: ' + req.params.request_id);
 
-  // sponz: 4/01/23 disable it
-  // if (!req.body.text &&  (!req.body.type || req.body.type=="text") ) {
-  //   return res.status(422).json({ errors: ["text field is required"] });
-  // } 
+
   // const errors = validationResult(req);
   // if (!errors.isEmpty()) {
   //   return res.status(422).json({ errors: errors.array() });
@@ -103,6 +100,12 @@ async (req, res)  => {
                 winston.debug("project_user", project_user);                                     
               }
               
+              
+                // sponz: 4/01/23 disable it
+                if (!req.body.text &&  (!req.body.type || req.body.type=="text") ) {
+                  return res.status(422).json({ errors: ["text field is required"] });
+                } 
+
               if (sender) {
 
                 var isObjectId = mongoose.Types.ObjectId.isValid(sender);

package/routes/project.js

@@ -407,6 +407,54 @@ router.patch('/:projectid', [passport.authenticate(['basic', 'jwt'], { session:
   });
 });
 
+router.patch('/:projectid/attributes', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('admin')], function (req, res) {
+  var data = req.body;
+
+  // TODO use service method
+
+  Project.findById(req.params.projectid, function (err, updatedProject) {
+    if (err) {
+      winston.error('--- > ERROR ', err);
+      return res.status(500).send({ success: false, msg: 'Error updating object.' });
+    }
+
+     if (!updatedProject) {
+        return res.status(404).send({ success: false, msg: 'Object not found.' });
+      }
+      
+      if (!updatedProject.attributes) {
+        winston.debug("empty attributes")
+        updatedProject.attributes = {};
+      }
+
+      winston.debug(" updatedProject attributes", updatedProject.attributes)
+        
+        Object.keys(data).forEach(function(key) {
+          var val = data[key];
+          winston.debug("data attributes "+key+" " +val)
+          updatedProject.attributes[key] = val;
+        });     
+        
+        winston.debug(" updatedProject attributes", updatedProject.attributes)
+
+        // https://stackoverflow.com/questions/24054552/mongoose-not-saving-nested-object
+        updatedProject.markModified('attributes');
+
+          //cacheinvalidation
+          updatedProject.save(function (err, savedProject) {
+          if (err) {
+            winston.error("error saving project attributes",err)
+            return res.status(500).send({ success: false, msg: 'Error getting object.' });
+          }
+          winston.verbose(" saved project attributes",savedProject.toObject())
+          projectEvent.emit('project.update', savedProject);
+
+            res.json(savedProject);
+        });
+  });
+  
+});
+
 
 router.post('/:projectid/ban', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('admin')], function (req, res) {
   winston.debug('PATCH PROJECT REQ BODY ', req.body);
@@ -453,7 +501,7 @@ router.get('/:projectid', [passport.authenticate(['basic', 'jwt'], { session: fa
   let q = Project.findOne({_id: req.params.projectid, status:100});
   if (cacheEnabler.project) { 
     q.cache(cacheUtil.longTTL, "projects:id:"+req.params.projectid)  //project_cache
-    winston.debug('project cache enabled');
+    winston.debug('project cache enabled for /project detail');
   }
   q.exec(function (err, project) {
     if (err) {

package/routes/widget.js

@@ -8,8 +8,13 @@ var AnalyticResult = require("../models/analyticResult");
 var Department = require("../models/department");
 var RoleConstants = require("../models/roleConstants");
 var cacheUtil = require('../utils/cacheUtil');
+var cacheEnabler = require("../services/cacheEnabler");
+var pubModulesManager = require('../pubmodules/pubModulesManager');  // on constructor init is undefined beacusae pub module is loaded after
+// console.log("pubModulesManager.cache", pubModulesManager.cache);
+const Faq_kb = require("../models/faq_kb");
 
 router.get('/load', function(req, res, next) {
+
   winston.debug(req.projectid);
   
   // https://stackoverflow.com/questions/24258782/node-express-4-middleware-after-routes
@@ -17,10 +22,57 @@ router.get('/load', function(req, res, next) {
   // redirect to widget
 });
 
-router.get('/', function(req, res, next) {
+router.get('/', async (req, res, next) => {
+
     winston.debug(req.projectid);
 
 
+    var getIp = function() {
+      return new Promise(function (resolve, reject) {
+        // console.log("getIp")
+      //  var ip = req.ip;
+      var ip = req.headers['x-forwarded-for'] || 
+       req.connection.remoteAddress || 
+       req.socket.remoteAddress ||
+       (req.connection.socket ? req.connection.socket.remoteAddress : null);
+        winston.debug("ip:"+ ip);
+        return resolve(ip);
+      });
+    };
+
+
+    
+    // console.log("pubModulesManager.cache",pubModulesManager.cache);
+    // console.log("cacheClient",cacheClient);
+    let cacheClient = undefined;
+    if (pubModulesManager.cache) {
+      cacheClient = pubModulesManager.cache._cache._cache;  //_cache._cache to jump directly to redis modules without cacheoose wrapper (don't support await)
+    }
+
+    var cacheKey = req.projectid+":widgets";
+    
+    if (cacheEnabler.widgets && cacheClient) {
+      winston.debug("Getting cache for widgets key: " + cacheKey);       
+      const value = await cacheClient.get(cacheKey);
+
+      if (value) {
+        winston.debug("Getted cache for widgets key: " + cacheKey + " value:", value);   
+
+        value.ip = await getIp(); //calculate ip each time without getting it from cache 
+        
+        winston.debug("value",value);
+
+        res.json(value);
+        // https://stackoverflow.com/questions/24258782/node-express-4-middleware-after-routes
+        next();      // <=== call next for following middleware 
+        return;
+      } else {
+          winston.debug("Widget cache NOT found");
+      }
+      
+    }
+    // console.log("/widgets without cache found");
+
     var availableUsers = function() {
       winston.debug('availableUsers:');
       return new Promise(function (resolve, reject) {
@@ -74,17 +126,30 @@ router.get('/', function(req, res, next) {
   };
 
   
-  var getIp = function() {
+
+  var botsRules = function() {
     return new Promise(function (resolve, reject) {
-    //  var ip = req.ip;
-    var ip = req.headers['x-forwarded-for'] || 
-     req.connection.remoteAddress || 
-     req.socket.remoteAddress ||
-     (req.connection.socket ? req.connection.socket.remoteAddress : null);
-      winston.debug("ip:"+ ip);
-      return resolve(ip);
-  });
-  };
+      Faq_kb.find({ "id_project": req.projectid, "trashed": { $in: [null, false] } }, function (err, bots) {
+        winston.debug("bots",bots);
+        let rules = [];
+        bots.forEach(function(bot) { 
+          winston.debug("bot.attributes",bot.attributes);
+          // && bot.attributes.rules.length > 0
+          if (bot.attributes && bot.attributes.rules) {
+            winston.debug("bot.attributes.rules",bot.attributes.rules);
+            bot.attributes.rules.forEach(function(rule) {
+              rules.push(rule);
+            });
+            // rules.concat(bot.attributes.rules);
+          }
+        });
+        winston.debug("resolve",rules);
+        // return resolve(bots);
+        return resolve(rules);
+        
+      });
+    });
+  }
 
   
   var getDepartments = function(req) {
@@ -169,14 +234,31 @@ router.get('/', function(req, res, next) {
         availableUsers()
       ,
         getDepartments(req)
-      ,
+      // ,
         // waiting()unused used 620e87f02e7fda00350ea5a5/publicanalytics/waiting/current
       , 
         getIp()
+      ,
+        botsRules()
      
 
     ]).then(function(all) {
-      let result = {project: all[0], user_available: all[1], departments: all[2], waiting: all[3], ip: all[4]};
+      // console.log("all", all);
+      let result = {project: all[0], user_available: all[1], departments: all[2], ip: all[3], botsRules: all[4]};
+      // let result = {project: all[0], user_available: all[1], departments: all[2], waiting: all[3], ip: all[4]};
+
+      
+      if (cacheEnabler.widgets && cacheClient) {   
+        let cloned_result = Object.assign({}, result);     
+        delete cloned_result.ip; //removing uncachable ip from cache
+        winston.debug("Creating cache for widgets key: " + cacheKey);       
+        cacheClient.set(cacheKey, cloned_result, cacheUtil.longTTL, (err, reply) => {
+            winston.verbose("Created cache for widgets",{err:err});
+            winston.debug("Created cache for widgets reply:"+reply);
+        });
+
+      }
+      
       res.json(result);
       // https://stackoverflow.com/questions/24258782/node-express-4-middleware-after-routes
       next();      // <=== call next for following middleware 

package/services/BotSubscriptionNotifier.js

@@ -24,6 +24,9 @@ class BotSubscriptionNotifier {
       //   // url = url.replace ("$res_bot_url", prendi da env)
       // }
 
+      //Removed snapshot from request 
+      delete payload.request.snapshot
+      
       var json = {timestamp: Date.now(), payload: payload};
     
 

package/services/cacheEnabler.js

@@ -37,6 +37,11 @@ class CacheEnabler {
             this.project_user = false;
         }
 
+        this.widgets = true;
+        if (process.env.CACHE_WIDGETS_ENABLED=="false" || process.env.CACHE_WIDGETS_ENABLED==false) {
+            this.widgets = false;
+        }
+
         // this.user = true;
         // if (process.env.CACHE_USER_ENABLED=="false" || process.env.CACHE_USER_ENABLED==false) {
         //     this.user = false;

package/services/departmentService.js

@@ -195,7 +195,7 @@ getOperators(departmentid, projectid, nobot, disableWebHookCall, context) {
     let q = Project.findOne({_id: projectid, status: 100})
     if (cacheEnabler.project) { 
       q.cache(cacheUtil.longTTL, "projects:id:"+projectid)  //project_cache
-      winston.debug('project cache enabled');
+      winston.debug('project cache enabled for getOperators');
     }
     return q.exec(function(err, project){
       if (err) {

package/services/operatingHoursService.js

@@ -14,7 +14,7 @@ class OperatingHoursService {
     let q = Project.findOne({_id: projectId, status: 100});
     if (cacheEnabler.project) { 
       q.cache(cacheUtil.longTTL, "projects:id:"+projectId)  //project_cache
-      winston.debug('project cache enabled');
+      winston.debug('project cache enabled for projectIsOpenNow');
     }
     q.exec(function (err, project) {
       // winston.debug("XXXXXXXX project", project);

package/services/subscriptionNotifier.js

@@ -86,10 +86,16 @@ class SubscriptionNotifier {
 
           if (s.global==true){
             signOptions.audience = 'https://tiledesk.com';
-            secret = process.env.GLOBAL_SECRET || config.secret;
+
+            var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+            if (alg) {
+              signOptions.algorithm = alg;
+            }
+
+            secret = process.env.GLOBAL_SECRET_OR_PRIVATE_KEY || process.env.GLOBAL_SECRET || config.secret;   
           }
     
-          var token = jwt.sign(sJson, secret, signOptions);
+          var token = jwt.sign(sJson, secret, signOptions); //priv_jwt pp_jwt
           json["token"] = token;
 
 

package/template/email/emailDirect.html

@@ -75,7 +75,9 @@
   <body itemscope itemtype="http://schema.org/EmailMessage" style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none; width: 100% !important; height: 100%; line-height: 1.6em; background-color: #f6f6f6; margin: 0;" bgcolor="#f6f6f6">
 
     {{#if baseScope.replyEnabled}}
+    {{#if request_id}}
         <div>\# Please type your reply above this line \#</div>
+    {{/if}}
     {{/if}}
 
             <table class="main" width="100%" cellpadding="0" cellspacing="0" style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; border-radius: 3px; background-color: #fff; margin: 0; border: 1px solid #e9e9e9;" bgcolor="#fff">

package/template/email/newMessage.html

@@ -90,7 +90,7 @@
 
             <div style="text-align:center">
               <a href="http://www.tiledesk.com" style="color:#2daae1;font-weight:bold;text-decoration:none;word-break:break-word" target="_blank">
-                <img src="https://tiledesk.com/wp-content/uploads/2022/09/tiledeesk_log_email.png" class="CToWUd">
+                <img src="https://tiledesk.com/wp-content/uploads/2023/01/tiledesk_log_email_200.png" class="CToWUd">
               </a>
             </div>
             </tr>

package/test/messageRoute.js

@@ -903,7 +903,7 @@ it('createMultiTextNoSenderNoText', function (done) {
           .end(function(err, res) {
               //console.log("res",  res);
               console.log("res.body",  res.body);
-              res.should.have.status(500);
+              res.should.have.status(200);
               
              done();
           });

package/websocket/webSocketServer.js

@@ -22,7 +22,7 @@ var cacheUtil = require('../utils/cacheUtil');
 var mongoose = require('mongoose');
 const requestConstants = require("../models/requestConstants");
 var RoleConstants = require('../models/roleConstants');
-let configSecret = process.env.GLOBAL_SECRET || config.secret;
+let configSecretOrPubicKay = process.env.GLOBAL_SECRET_OR_PUB_KEY || process.env.GLOBAL_SECRET || config.secret;   
 var cacheEnabler = require("../services/cacheEnabler");
 
 
@@ -71,14 +71,14 @@ class WebSocketServer {
 
           var token = queryParameter.token;
           winston.debug('token:'+ token);
-          winston.debug('configSecret:'+ configSecret);
+          winston.debug('configSecretOrPubicKay:'+ configSecretOrPubicKay);
 
         
           if (!token)
               cb(false, 401, 'Unauthorized');
           else {
             token = token.replace('JWT ', '');            
-              jwt.verify(token, configSecret, function (err, decoded) {
+              jwt.verify(token, configSecretOrPubicKay, function (err, decoded) {  //pub_jwt pp_jwt
                   if (err) {
                      winston.error('WebSocket error verifing websocket jwt token ', err);
                      return cb(false, 401, 'Unauthorized');
@@ -189,7 +189,7 @@ class WebSocketServer {
 
             if (cacheEnabler.project) {
               q.cache(cacheUtil.defaultTTL, "projects:id:"+projectId) //project_cache
-              winston.debug('project cache enabled');
+              winston.debug('project cache enabled for websocket');
             }
             
             return q.exec(function(err, project) {