@tiledesk/tiledesk-server 2.7.3 โ†’ 2.7.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. package/CHANGELOG.md +7 -0
  2. package/package.json +2 -2
  3. package/pubmodules/trigger/rulesTrigger.js +3 -3
  4. package/routes/auth.js +68 -18
  5. package/routes/project.js +0 -15
  6. package/test/authentication.js +251 -0
package/CHANGELOG.md CHANGED
@@ -5,6 +5,13 @@
5
5
  ๐Ÿš€ IN PRODUCTION ๐Ÿš€
6
6
  (https://www.npmjs.com/package/@tiledesk/tiledesk-server/v/2.3.77)
7
7
 
8
+ # 2.7.4
9
+ - Bug fix '\start' in rulesTrigger
10
+ - SSO fix
11
+ - Updated tybot-connector to 0.2.60
12
+ - Updated project profile call whit super admin token
13
+ - Updated user signup with super admin token
14
+
8
15
  # 2.7.3
9
16
  - Updated project profile call
10
17
  - Updated tybot-connector to 0.2.59
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@tiledesk/tiledesk-server",
3
3
  "description": "The Tiledesk server module",
4
- "version": "2.7.3",
4
+ "version": "2.7.4",
5
5
  "scripts": {
6
6
  "start": "node ./bin/www",
7
7
  "pretest": "mongodb-runner start",
@@ -48,7 +48,7 @@
48
48
  "@tiledesk/tiledesk-rasa-connector": "^1.0.10",
49
49
  "@tiledesk/tiledesk-telegram-connector": "^0.1.10",
50
50
  "@tiledesk/tiledesk-train-jobworker": "^0.0.7",
51
- "@tiledesk/tiledesk-tybot-connector": "^0.2.59",
51
+ "@tiledesk/tiledesk-tybot-connector": "^0.2.60",
52
52
  "@tiledesk/tiledesk-whatsapp-connector": "^0.1.64",
53
53
  "@tiledesk/tiledesk-whatsapp-jobworker": "^0.0.7",
54
54
  "amqplib": "^0.5.5",
package/pubmodules/trigger/rulesTrigger.js CHANGED
@@ -711,7 +711,7 @@ class RulesTrigger {
711
711
 
712
712
 
713
713
 
714
- var startText = "\start";
714
+ var startText = "/start";
715
715
  // var startText = "\\start";
716
716
  if (action.parameters && action.parameters.text) {
717
717
  startText = action.parameters.text;
@@ -788,7 +788,7 @@ class RulesTrigger {
788
788
  'system',
789
789
  'Bot',
790
790
  request_id,
791
- '\\start', // TODO CHANGE TO / start
791
+ '/start', // TODO CHANGE TO / start
792
792
  id_project,
793
793
  null,
794
794
  {subtype:'info', updateconversation : false}
@@ -1039,7 +1039,7 @@ class RulesTrigger {
1039
1039
  participants = eventAttributes.participants;
1040
1040
  if (participants[0].indexOf("bot_")>-1) {
1041
1041
  // TODO CHANGE TO /start
1042
- text = "\\start"; //if participants is passed than the bot reply to the first message "welcome" so I changed "welcome" with "\start"
1042
+ text = "/start"; //if participants is passed than the bot reply to the first message "welcome" so I changed "welcome" with "\start"
1043
1043
  }
1044
1044
  // status = RequestConstants.ASSIGNED;
1045
1045
  // console.log("eventAttributes.participants",eventAttributes.participants);
package/routes/auth.js CHANGED
@@ -75,26 +75,26 @@ router.post('/signup',
75
75
 
76
76
  winston.debug('-- >> -- >> savedUser ', savedUser.toObject());
77
77
 
78
- // let skipVerificationEmail = false;
79
- // if (req.headers.authorization) {
80
-
81
- // let token = req.headers.authorization.split(" ")[1];
82
- // let decode = jwt.verify(token, configSecret)
83
- // if (decode && (decode.email === process.env.ADMIN_EMAIL)) {
84
- // skipVerificationEmail = true;
85
- // winston.verbose("skip sending verification email")
86
- // }
87
- // }
78
+ let skipVerificationEmail = false;
79
+ if (req.headers.authorization) {
80
+
81
+ let token = req.headers.authorization.split(" ")[1];
82
+ let decode = jwt.verify(token, configSecret)
83
+ if (decode && (decode.email === process.env.ADMIN_EMAIL)) {
84
+ skipVerificationEmail = true;
85
+ winston.verbose("skip sending verification email")
86
+ }
87
+ }
88
88
 
89
- // if (!req.body.disableEmail){
90
- // if (!skipVerificationEmail) {
91
- // emailService.sendVerifyEmailAddress(savedUser.email, savedUser);
92
- // }
93
- // }
94
-
95
89
  if (!req.body.disableEmail){
90
+ if (!skipVerificationEmail) {
96
91
  emailService.sendVerifyEmailAddress(savedUser.email, savedUser);
92
+ }
97
93
  }
94
+
95
+ // if (!req.body.disableEmail){
96
+ // emailService.sendVerifyEmailAddress(savedUser.email, savedUser);
97
+ // }
98
98
 
99
99
 
100
100
  /*
@@ -295,7 +295,8 @@ router.post('/signinWithCustomToken', [
295
295
  winston.debug("id_project: " + id_project + " uuid_user " + req.user._id + " role " + role);
296
296
 
297
297
 
298
- Project_user.findOne({ id_project: id_project, uuid_user: req.user._id, role: role}).
298
+ Project_user.findOne({ id_project: id_project, uuid_user: req.user._id}).
299
+ // Project_user.findOne({ id_project: id_project, uuid_user: req.user._id, role: role}).
299
300
  exec(async (err, project_user) => {
300
301
  if (err) {
301
302
  winston.error(err);
@@ -312,7 +313,7 @@ router.post('/signinWithCustomToken', [
312
313
 
313
314
  if (role === RoleConstants.OWNER || role === RoleConstants.ADMIN || role === RoleConstants.AGENT) {
314
315
  createNewUser = true;
315
- winston.debug('role owner admin agent');
316
+ winston.debug('role owner or admin or agent');
316
317
  var newUser;
317
318
  try {
318
319
 
@@ -324,7 +325,43 @@ router.post('/signinWithCustomToken', [
324
325
  if (e.code = "E11000") {
325
326
  newUser = await User.findOne({email: req.user.email.toLowerCase(), status: 100}).exec();
326
327
  winston.debug('signup found')
328
+ // qui dovresti cercare pu sul progetto con id di newUser se c'รจ
329
+ var project_userUser = await Project_user.findOne({ id_project: id_project, id_user: newUser._id}).exec();
330
+ if (project_userUser) {
331
+ winston.debug('project user found')
332
+ if (project_userUser.status==="active") {
333
+ var signOptions = {
334
+ issuer: 'https://tiledesk.com',
335
+ subject: 'user',
336
+ audience: 'https://tiledesk.com',
337
+ jwtid: uuidv4()
338
+ };
339
+
340
+ var alg = process.env.GLOBAL_SECRET_ALGORITHM;
341
+ if (alg) {
342
+ signOptions.algorithm = alg;
343
+ }
344
+ winston.debug('project user found2')
345
+
346
+ //remove password //test it
347
+ let userJson = newUser.toObject();
348
+ delete userJson.password;
349
+ winston.debug('project user found3')
350
+
351
+ let returnToken = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt
352
+
353
+ winston.debug('project user found4')
354
+
355
+ if (returnToken.indexOf("JWT")<0) {
356
+ returnToken = "JWT " + returnToken;
357
+ }
358
+ winston.debug('project user found5')
327
359
 
360
+ return res.json({ success: true, token: returnToken, user: newUser });
361
+
362
+ }
363
+ }
364
+
328
365
  }
329
366
  }
330
367
 
@@ -334,6 +371,9 @@ router.post('/signinWithCustomToken', [
334
371
 
335
372
  winston.debug('userToReturn forced to newUser.', newUser)
336
373
  userToReturn=newUser;
374
+
375
+
376
+
337
377
  }
338
378
 
339
379
  var newProject_user = new Project_user({
@@ -411,6 +451,16 @@ router.post('/signinWithCustomToken', [
411
451
 
412
452
  if (project_user.status==="active") {
413
453
 
454
+ winston.debug('role.'+role)
455
+ winston.debug(' project_user.role', project_user)
456
+
457
+
458
+ if (role == project_user.role) {
459
+ winston.debug('equals role : '+role + " " + project_user.role);
460
+ } else {
461
+ winston.debug('different role : '+role + " " + project_user.role);
462
+ }
463
+
414
464
  if (req.user.role && (req.user.role === RoleConstants.OWNER || req.user.role === RoleConstants.ADMIN || req.user.role === RoleConstants.AGENT)) {
415
465
  let userFromDB = await User.findOne({email: req.user.email.toLowerCase(), status: 100}).exec();
416
466
 
package/routes/project.js CHANGED
@@ -21,20 +21,6 @@ var cacheUtil = require('../utils/cacheUtil');
21
21
  var orgUtil = require("../utils/orgUtil");
22
22
  var cacheEnabler = require("../services/cacheEnabler");
23
23
 
24
- /**
25
- * NEW
26
- */
27
- var jwt = require('jsonwebtoken');
28
- var config = require('../config/database');
29
-
30
- let configSecret = process.env.GLOBAL_SECRET || config.secret;
31
- var pKey = process.env.GLOBAL_SECRET_OR_PUB_KEY;
32
- if (pKey) {
33
- configSecret = pKey.replace(/\\n/g, '\n');
34
- }
35
- /**
36
- * End NEW
37
- */
38
24
 
39
25
  router.post('/', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken], async (req, res) => {
40
26
 
@@ -254,7 +240,6 @@ router.put('/:projectid', [passport.authenticate(['basic', 'jwt'], { session: fa
254
240
 
255
241
  var update = {};
256
242
 
257
- console.log("ADMIN EMAIL: ", process.env.ADMIN_EMAIL)
258
243
  if (req.body.profile) {
259
244
 
260
245
  if (req.user &&
package/test/authentication.js CHANGED
@@ -19,11 +19,18 @@ var expect = chai.expect;
19
19
  var assert = chai.assert;
20
20
  var jwt = require('jsonwebtoken');
21
21
 
22
+ var config = require('../config/database');
23
+
24
+ var mongoose = require('mongoose');
25
+ mongoose.connect(config.databasetest);
26
+
22
27
 
23
28
  chai.use(chaiHttp);
24
29
 
25
30
  describe('Authentication', () => {
26
31
 
32
+ // mocha test/authentication.js --grep 'signinOk'
33
+
27
34
  describe('/signin', () => {
28
35
 
29
36
 
@@ -257,6 +264,7 @@ describe('/signup', () => {
257
264
 
258
265
  });
259
266
 
267
+ // mocha test/authentication.js --grep 'signupkOWrongEmail'
260
268
 
261
269
  it('signupkOWrongEmail', (done) => {
262
270
 
@@ -696,6 +704,7 @@ it('signinWithCustomTokenKONoAud', (done) => {
696
704
 
697
705
 
698
706
 
707
+ // mocha test/authentication.js --grep 'signinWithCustomTokenOkTwoSigninWithCT'
699
708
 
700
709
  it('signinWithCustomTokenOkTwoSigninWithCT', (done) => {
701
710
 
@@ -788,6 +797,248 @@ it('signinWithCustomTokenOkTwoSigninWithCT', (done) => {
788
797
 
789
798
 
790
799
 
800
+ // mocha test/authentication.js --grep 'signinWithCustomTokenRoleNew'
801
+
802
+
803
+ it('signinWithCustomTokenRoleNew', (done) => {
804
+
805
+
806
+ var email = "test-signinWithCustomTokenRole-" + Date.now() + "@email.com";
807
+ var pwd = "pwd";
808
+
809
+
810
+ var emailToCheck = "emailrole"+ Date.now() +"@email.com";
811
+
812
+
813
+ userService.signup( email ,pwd, "Test Firstname", "Test lastname").then(function(savedUser) {
814
+ // create(name, createdBy, settings)
815
+ projectService.create("test-signinWithCustomTokenRole", savedUser._id).then(function(savedProject) {
816
+
817
+ chai.request(server)
818
+ .post('/'+ savedProject._id + '/keys/generate')
819
+ .auth(email, pwd)
820
+ .send()
821
+ .end((err, res) => {
822
+ //console.log("res", res);
823
+ console.log("res.body", res.body);
824
+ res.should.have.status(200);
825
+ res.body.should.be.a('object');
826
+ expect(res.body.jwtSecret).to.not.equal(null);
827
+
828
+ // 'E11000 duplicate key error collection: tiledesk-test.users index: email_1 dup key: { email: "email@email.com" }' }
829
+ var externalUserObj = {_id: "123", firstname:"andrea", lastname:"leo", email: emailToCheck, role:"admin"};
830
+
831
+ console.log("externalUserObj", externalUserObj);
832
+
833
+
834
+ var signOptions = {
835
+ subject: 'userexternal',
836
+ audience: 'https://tiledesk.com/projects/'+savedProject._id ,
837
+ };
838
+
839
+
840
+ var jwtToken = jwt.sign(externalUserObj, res.body.jwtSecret,signOptions);
841
+
842
+ console.log("jwtToken", jwtToken);
843
+
844
+
845
+ chai.request(server)
846
+ .post('/auth/signinWithCustomToken' )
847
+ .set('Authorization', 'JWT '+jwtToken)
848
+ //.send({ id_project: savedProject._id})
849
+ .send()
850
+ .end((err, res) => {
851
+ //console.log("res", res);
852
+ console.log("res.body", res.body);
853
+ res.should.have.status(200);
854
+ res.body.should.be.a('object');
855
+ expect(res.body.success).to.equal(true);
856
+ console.log("1");
857
+
858
+ expect(res.body.user.email).to.equal(emailToCheck);
859
+ console.log("2");
860
+ expect(res.body.user.firstname).to.equal("andrea");
861
+ // expect(res.body.user._id).to.not.equal("123");
862
+ console.log("3");
863
+
864
+
865
+ expect(res.body.token).to.not.equal(undefined);
866
+ // expect(res.body.token).to.equal('JWT '+jwtToken);
867
+
868
+ console.log("4");
869
+ done();
870
+ });
871
+ });
872
+ });
873
+ });
874
+
875
+ });
876
+
877
+
878
+
879
+
880
+
881
+ // mocha test/authentication.js --grep 'signinWithCustomTokenRole'
882
+
883
+
884
+ it('signinWithCustomTokenRoleEmailAlreadyUsed', (done) => {
885
+
886
+
887
+ var email = "test-signinWithCustomTokenRoleEmailAlreadyUsed-" + Date.now() + "@email.com";
888
+ var pwd = "pwd";
889
+
890
+
891
+ var emailToCheck = "emailrole"+ Date.now() +"@email.com";
892
+
893
+ userService.signup( emailToCheck ,pwd, "andrea", "leo").then(function(savedUserToCheck) {
894
+
895
+ userService.signup( email ,pwd, "Test Firstname", "Test lastname").then(function(savedUser) {
896
+ // create(name, createdBy, settings)
897
+ projectService.create("test-signinWithCustomTokenRoleEmailAlreadyUsed", savedUser._id).then(function(savedProject) {
898
+
899
+ chai.request(server)
900
+ .post('/'+ savedProject._id + '/keys/generate')
901
+ .auth(email, pwd)
902
+ .send()
903
+ .end((err, res) => {
904
+ //console.log("res", res);
905
+ console.log("res.body", res.body);
906
+ res.should.have.status(200);
907
+ res.body.should.be.a('object');
908
+ expect(res.body.jwtSecret).to.not.equal(null);
909
+
910
+ // 'E11000 duplicate key error collection: tiledesk-test.users index: email_1 dup key: { email: "email@email.com" }' }
911
+ var externalUserObj = {_id: "123", firstname:"andrea", lastname:"leo", email: emailToCheck, role:"admin"};
912
+
913
+ console.log("externalUserObj", externalUserObj);
914
+
915
+
916
+ var signOptions = {
917
+ subject: 'userexternal',
918
+ audience: 'https://tiledesk.com/projects/'+savedProject._id ,
919
+ };
920
+
921
+
922
+ var jwtToken = jwt.sign(externalUserObj, res.body.jwtSecret,signOptions);
923
+
924
+ console.log("jwtToken", jwtToken);
925
+
926
+
927
+ chai.request(server)
928
+ .post('/auth/signinWithCustomToken' )
929
+ .set('Authorization', 'JWT '+jwtToken)
930
+ //.send({ id_project: savedProject._id})
931
+ .send()
932
+ .end((err, res) => {
933
+ //console.log("res", res);
934
+ console.log("res.body", res.body);
935
+ res.should.have.status(200);
936
+ res.body.should.be.a('object');
937
+ expect(res.body.success).to.equal(true);
938
+ // console.log("1");
939
+
940
+ expect(res.body.user.email).to.equal(emailToCheck);
941
+ // console.log("2");
942
+ expect(res.body.user.firstname).to.equal("andrea");
943
+ // expect(res.body.user._id).to.not.equal("123");
944
+ // console.log("3");
945
+
946
+
947
+ expect(res.body.token).to.not.equal(undefined);
948
+ // expect(res.body.token).to.equal('JWT '+jwtToken);
949
+
950
+ // console.log("4");
951
+ done();
952
+ });
953
+ });
954
+ });
955
+ });
956
+ });
957
+ });
958
+
959
+
960
+
961
+
962
+
963
+
964
+
965
+ // mocha test/authentication.js --grep 'signinWithCustomTokenRoleSameOwnerEmail'
966
+
967
+
968
+ it('signinWithCustomTokenRoleSameOwnerEmail', (done) => {
969
+
970
+
971
+ var email = "test-sctrolesameowner-" + Date.now() + "@email.com";
972
+ var pwd = "pwd";
973
+
974
+
975
+ var emailToCheck = email;
976
+
977
+
978
+ userService.signup( email ,pwd, "Test Firstname", "Test lastname").then(function(savedUser) {
979
+ // create(name, createdBy, settings)
980
+ projectService.create("test-signinWithCustomTokenRoleEmailAlreadyUsed", savedUser._id).then(function(savedProject) {
981
+
982
+ chai.request(server)
983
+ .post('/'+ savedProject._id + '/keys/generate')
984
+ .auth(email, pwd)
985
+ .send()
986
+ .end((err, res) => {
987
+ //console.log("res", res);
988
+ console.log("res.body", res.body);
989
+ res.should.have.status(200);
990
+ res.body.should.be.a('object');
991
+ expect(res.body.jwtSecret).to.not.equal(null);
992
+
993
+ // 'E11000 duplicate key error collection: tiledesk-test.users index: email_1 dup key: { email: "email@email.com" }' }
994
+ var externalUserObj = {_id: "123", firstname:"andrea", lastname:"leo", email: emailToCheck, role:"admin"};
995
+
996
+ console.log("externalUserObj", externalUserObj);
997
+
998
+
999
+ var signOptions = {
1000
+ subject: 'userexternal',
1001
+ audience: 'https://tiledesk.com/projects/'+savedProject._id ,
1002
+ };
1003
+
1004
+
1005
+ var jwtToken = jwt.sign(externalUserObj, res.body.jwtSecret,signOptions);
1006
+
1007
+ console.log("jwtToken", jwtToken);
1008
+
1009
+
1010
+ chai.request(server)
1011
+ .post('/auth/signinWithCustomToken' )
1012
+ .set('Authorization', 'JWT '+jwtToken)
1013
+ //.send({ id_project: savedProject._id})
1014
+ .send()
1015
+ .end((err, res) => {
1016
+ //console.log("res", res);
1017
+ console.log("res.body", res.body);
1018
+ res.should.have.status(200);
1019
+ res.body.should.be.a('object');
1020
+ expect(res.body.success).to.equal(true);
1021
+ console.log("1");
1022
+
1023
+ expect(res.body.user.email).to.equal(emailToCheck);
1024
+ console.log("2");
1025
+ expect(res.body.user.firstname).to.equal("Test Firstname");
1026
+ // expect(res.body.user._id).to.not.equal("123");
1027
+ console.log("3");
1028
+
1029
+
1030
+ expect(res.body.token).to.not.equal(undefined);
1031
+ // expect(res.body.token).to.equal('JWT '+jwtToken);
1032
+
1033
+ console.log("4");
1034
+ done();
1035
+ });
1036
+ });
1037
+ });
1038
+ });
1039
+ });
1040
+
1041
+
791
1042
 
792
1043
 
793
1044