@tiledesk/tiledesk-server 2.7.3 โ 2.7.4
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +7 -0
- package/package.json +2 -2
- package/pubmodules/trigger/rulesTrigger.js +3 -3
- package/routes/auth.js +68 -18
- package/routes/project.js +0 -15
- package/test/authentication.js +251 -0
package/CHANGELOG.md
CHANGED
@@ -5,6 +5,13 @@
|
|
5
5
|
๐ IN PRODUCTION ๐
|
6
6
|
(https://www.npmjs.com/package/@tiledesk/tiledesk-server/v/2.3.77)
|
7
7
|
|
8
|
+
# 2.7.4
|
9
|
+
- Bug fix '\start' in rulesTrigger
|
10
|
+
- SSO fix
|
11
|
+
- Updated tybot-connector to 0.2.60
|
12
|
+
- Updated project profile call whit super admin token
|
13
|
+
- Updated user signup with super admin token
|
14
|
+
|
8
15
|
# 2.7.3
|
9
16
|
- Updated project profile call
|
10
17
|
- Updated tybot-connector to 0.2.59
|
package/package.json
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
{
|
2
2
|
"name": "@tiledesk/tiledesk-server",
|
3
3
|
"description": "The Tiledesk server module",
|
4
|
-
"version": "2.7.
|
4
|
+
"version": "2.7.4",
|
5
5
|
"scripts": {
|
6
6
|
"start": "node ./bin/www",
|
7
7
|
"pretest": "mongodb-runner start",
|
@@ -48,7 +48,7 @@
|
|
48
48
|
"@tiledesk/tiledesk-rasa-connector": "^1.0.10",
|
49
49
|
"@tiledesk/tiledesk-telegram-connector": "^0.1.10",
|
50
50
|
"@tiledesk/tiledesk-train-jobworker": "^0.0.7",
|
51
|
-
"@tiledesk/tiledesk-tybot-connector": "^0.2.
|
51
|
+
"@tiledesk/tiledesk-tybot-connector": "^0.2.60",
|
52
52
|
"@tiledesk/tiledesk-whatsapp-connector": "^0.1.64",
|
53
53
|
"@tiledesk/tiledesk-whatsapp-jobworker": "^0.0.7",
|
54
54
|
"amqplib": "^0.5.5",
|
@@ -711,7 +711,7 @@ class RulesTrigger {
|
|
711
711
|
|
712
712
|
|
713
713
|
|
714
|
-
var startText = "
|
714
|
+
var startText = "/start";
|
715
715
|
// var startText = "\\start";
|
716
716
|
if (action.parameters && action.parameters.text) {
|
717
717
|
startText = action.parameters.text;
|
@@ -788,7 +788,7 @@ class RulesTrigger {
|
|
788
788
|
'system',
|
789
789
|
'Bot',
|
790
790
|
request_id,
|
791
|
-
'
|
791
|
+
'/start', // TODO CHANGE TO / start
|
792
792
|
id_project,
|
793
793
|
null,
|
794
794
|
{subtype:'info', updateconversation : false}
|
@@ -1039,7 +1039,7 @@ class RulesTrigger {
|
|
1039
1039
|
participants = eventAttributes.participants;
|
1040
1040
|
if (participants[0].indexOf("bot_")>-1) {
|
1041
1041
|
// TODO CHANGE TO /start
|
1042
|
-
text = "
|
1042
|
+
text = "/start"; //if participants is passed than the bot reply to the first message "welcome" so I changed "welcome" with "\start"
|
1043
1043
|
}
|
1044
1044
|
// status = RequestConstants.ASSIGNED;
|
1045
1045
|
// console.log("eventAttributes.participants",eventAttributes.participants);
|
package/routes/auth.js
CHANGED
@@ -75,26 +75,26 @@ router.post('/signup',
|
|
75
75
|
|
76
76
|
winston.debug('-- >> -- >> savedUser ', savedUser.toObject());
|
77
77
|
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
78
|
+
let skipVerificationEmail = false;
|
79
|
+
if (req.headers.authorization) {
|
80
|
+
|
81
|
+
let token = req.headers.authorization.split(" ")[1];
|
82
|
+
let decode = jwt.verify(token, configSecret)
|
83
|
+
if (decode && (decode.email === process.env.ADMIN_EMAIL)) {
|
84
|
+
skipVerificationEmail = true;
|
85
|
+
winston.verbose("skip sending verification email")
|
86
|
+
}
|
87
|
+
}
|
88
88
|
|
89
|
-
// if (!req.body.disableEmail){
|
90
|
-
// if (!skipVerificationEmail) {
|
91
|
-
// emailService.sendVerifyEmailAddress(savedUser.email, savedUser);
|
92
|
-
// }
|
93
|
-
// }
|
94
|
-
|
95
89
|
if (!req.body.disableEmail){
|
90
|
+
if (!skipVerificationEmail) {
|
96
91
|
emailService.sendVerifyEmailAddress(savedUser.email, savedUser);
|
92
|
+
}
|
97
93
|
}
|
94
|
+
|
95
|
+
// if (!req.body.disableEmail){
|
96
|
+
// emailService.sendVerifyEmailAddress(savedUser.email, savedUser);
|
97
|
+
// }
|
98
98
|
|
99
99
|
|
100
100
|
/*
|
@@ -295,7 +295,8 @@ router.post('/signinWithCustomToken', [
|
|
295
295
|
winston.debug("id_project: " + id_project + " uuid_user " + req.user._id + " role " + role);
|
296
296
|
|
297
297
|
|
298
|
-
Project_user.findOne({ id_project: id_project, uuid_user: req.user._id
|
298
|
+
Project_user.findOne({ id_project: id_project, uuid_user: req.user._id}).
|
299
|
+
// Project_user.findOne({ id_project: id_project, uuid_user: req.user._id, role: role}).
|
299
300
|
exec(async (err, project_user) => {
|
300
301
|
if (err) {
|
301
302
|
winston.error(err);
|
@@ -312,7 +313,7 @@ router.post('/signinWithCustomToken', [
|
|
312
313
|
|
313
314
|
if (role === RoleConstants.OWNER || role === RoleConstants.ADMIN || role === RoleConstants.AGENT) {
|
314
315
|
createNewUser = true;
|
315
|
-
winston.debug('role owner admin agent');
|
316
|
+
winston.debug('role owner or admin or agent');
|
316
317
|
var newUser;
|
317
318
|
try {
|
318
319
|
|
@@ -324,7 +325,43 @@ router.post('/signinWithCustomToken', [
|
|
324
325
|
if (e.code = "E11000") {
|
325
326
|
newUser = await User.findOne({email: req.user.email.toLowerCase(), status: 100}).exec();
|
326
327
|
winston.debug('signup found')
|
328
|
+
// qui dovresti cercare pu sul progetto con id di newUser se c'รจ
|
329
|
+
var project_userUser = await Project_user.findOne({ id_project: id_project, id_user: newUser._id}).exec();
|
330
|
+
if (project_userUser) {
|
331
|
+
winston.debug('project user found')
|
332
|
+
if (project_userUser.status==="active") {
|
333
|
+
var signOptions = {
|
334
|
+
issuer: 'https://tiledesk.com',
|
335
|
+
subject: 'user',
|
336
|
+
audience: 'https://tiledesk.com',
|
337
|
+
jwtid: uuidv4()
|
338
|
+
};
|
339
|
+
|
340
|
+
var alg = process.env.GLOBAL_SECRET_ALGORITHM;
|
341
|
+
if (alg) {
|
342
|
+
signOptions.algorithm = alg;
|
343
|
+
}
|
344
|
+
winston.debug('project user found2')
|
345
|
+
|
346
|
+
//remove password //test it
|
347
|
+
let userJson = newUser.toObject();
|
348
|
+
delete userJson.password;
|
349
|
+
winston.debug('project user found3')
|
350
|
+
|
351
|
+
let returnToken = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt
|
352
|
+
|
353
|
+
winston.debug('project user found4')
|
354
|
+
|
355
|
+
if (returnToken.indexOf("JWT")<0) {
|
356
|
+
returnToken = "JWT " + returnToken;
|
357
|
+
}
|
358
|
+
winston.debug('project user found5')
|
327
359
|
|
360
|
+
return res.json({ success: true, token: returnToken, user: newUser });
|
361
|
+
|
362
|
+
}
|
363
|
+
}
|
364
|
+
|
328
365
|
}
|
329
366
|
}
|
330
367
|
|
@@ -334,6 +371,9 @@ router.post('/signinWithCustomToken', [
|
|
334
371
|
|
335
372
|
winston.debug('userToReturn forced to newUser.', newUser)
|
336
373
|
userToReturn=newUser;
|
374
|
+
|
375
|
+
|
376
|
+
|
337
377
|
}
|
338
378
|
|
339
379
|
var newProject_user = new Project_user({
|
@@ -411,6 +451,16 @@ router.post('/signinWithCustomToken', [
|
|
411
451
|
|
412
452
|
if (project_user.status==="active") {
|
413
453
|
|
454
|
+
winston.debug('role.'+role)
|
455
|
+
winston.debug(' project_user.role', project_user)
|
456
|
+
|
457
|
+
|
458
|
+
if (role == project_user.role) {
|
459
|
+
winston.debug('equals role : '+role + " " + project_user.role);
|
460
|
+
} else {
|
461
|
+
winston.debug('different role : '+role + " " + project_user.role);
|
462
|
+
}
|
463
|
+
|
414
464
|
if (req.user.role && (req.user.role === RoleConstants.OWNER || req.user.role === RoleConstants.ADMIN || req.user.role === RoleConstants.AGENT)) {
|
415
465
|
let userFromDB = await User.findOne({email: req.user.email.toLowerCase(), status: 100}).exec();
|
416
466
|
|
package/routes/project.js
CHANGED
@@ -21,20 +21,6 @@ var cacheUtil = require('../utils/cacheUtil');
|
|
21
21
|
var orgUtil = require("../utils/orgUtil");
|
22
22
|
var cacheEnabler = require("../services/cacheEnabler");
|
23
23
|
|
24
|
-
/**
|
25
|
-
* NEW
|
26
|
-
*/
|
27
|
-
var jwt = require('jsonwebtoken');
|
28
|
-
var config = require('../config/database');
|
29
|
-
|
30
|
-
let configSecret = process.env.GLOBAL_SECRET || config.secret;
|
31
|
-
var pKey = process.env.GLOBAL_SECRET_OR_PUB_KEY;
|
32
|
-
if (pKey) {
|
33
|
-
configSecret = pKey.replace(/\\n/g, '\n');
|
34
|
-
}
|
35
|
-
/**
|
36
|
-
* End NEW
|
37
|
-
*/
|
38
24
|
|
39
25
|
router.post('/', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken], async (req, res) => {
|
40
26
|
|
@@ -254,7 +240,6 @@ router.put('/:projectid', [passport.authenticate(['basic', 'jwt'], { session: fa
|
|
254
240
|
|
255
241
|
var update = {};
|
256
242
|
|
257
|
-
console.log("ADMIN EMAIL: ", process.env.ADMIN_EMAIL)
|
258
243
|
if (req.body.profile) {
|
259
244
|
|
260
245
|
if (req.user &&
|
package/test/authentication.js
CHANGED
@@ -19,11 +19,18 @@ var expect = chai.expect;
|
|
19
19
|
var assert = chai.assert;
|
20
20
|
var jwt = require('jsonwebtoken');
|
21
21
|
|
22
|
+
var config = require('../config/database');
|
23
|
+
|
24
|
+
var mongoose = require('mongoose');
|
25
|
+
mongoose.connect(config.databasetest);
|
26
|
+
|
22
27
|
|
23
28
|
chai.use(chaiHttp);
|
24
29
|
|
25
30
|
describe('Authentication', () => {
|
26
31
|
|
32
|
+
// mocha test/authentication.js --grep 'signinOk'
|
33
|
+
|
27
34
|
describe('/signin', () => {
|
28
35
|
|
29
36
|
|
@@ -257,6 +264,7 @@ describe('/signup', () => {
|
|
257
264
|
|
258
265
|
});
|
259
266
|
|
267
|
+
// mocha test/authentication.js --grep 'signupkOWrongEmail'
|
260
268
|
|
261
269
|
it('signupkOWrongEmail', (done) => {
|
262
270
|
|
@@ -696,6 +704,7 @@ it('signinWithCustomTokenKONoAud', (done) => {
|
|
696
704
|
|
697
705
|
|
698
706
|
|
707
|
+
// mocha test/authentication.js --grep 'signinWithCustomTokenOkTwoSigninWithCT'
|
699
708
|
|
700
709
|
it('signinWithCustomTokenOkTwoSigninWithCT', (done) => {
|
701
710
|
|
@@ -788,6 +797,248 @@ it('signinWithCustomTokenOkTwoSigninWithCT', (done) => {
|
|
788
797
|
|
789
798
|
|
790
799
|
|
800
|
+
// mocha test/authentication.js --grep 'signinWithCustomTokenRoleNew'
|
801
|
+
|
802
|
+
|
803
|
+
it('signinWithCustomTokenRoleNew', (done) => {
|
804
|
+
|
805
|
+
|
806
|
+
var email = "test-signinWithCustomTokenRole-" + Date.now() + "@email.com";
|
807
|
+
var pwd = "pwd";
|
808
|
+
|
809
|
+
|
810
|
+
var emailToCheck = "emailrole"+ Date.now() +"@email.com";
|
811
|
+
|
812
|
+
|
813
|
+
userService.signup( email ,pwd, "Test Firstname", "Test lastname").then(function(savedUser) {
|
814
|
+
// create(name, createdBy, settings)
|
815
|
+
projectService.create("test-signinWithCustomTokenRole", savedUser._id).then(function(savedProject) {
|
816
|
+
|
817
|
+
chai.request(server)
|
818
|
+
.post('/'+ savedProject._id + '/keys/generate')
|
819
|
+
.auth(email, pwd)
|
820
|
+
.send()
|
821
|
+
.end((err, res) => {
|
822
|
+
//console.log("res", res);
|
823
|
+
console.log("res.body", res.body);
|
824
|
+
res.should.have.status(200);
|
825
|
+
res.body.should.be.a('object');
|
826
|
+
expect(res.body.jwtSecret).to.not.equal(null);
|
827
|
+
|
828
|
+
// 'E11000 duplicate key error collection: tiledesk-test.users index: email_1 dup key: { email: "email@email.com" }' }
|
829
|
+
var externalUserObj = {_id: "123", firstname:"andrea", lastname:"leo", email: emailToCheck, role:"admin"};
|
830
|
+
|
831
|
+
console.log("externalUserObj", externalUserObj);
|
832
|
+
|
833
|
+
|
834
|
+
var signOptions = {
|
835
|
+
subject: 'userexternal',
|
836
|
+
audience: 'https://tiledesk.com/projects/'+savedProject._id ,
|
837
|
+
};
|
838
|
+
|
839
|
+
|
840
|
+
var jwtToken = jwt.sign(externalUserObj, res.body.jwtSecret,signOptions);
|
841
|
+
|
842
|
+
console.log("jwtToken", jwtToken);
|
843
|
+
|
844
|
+
|
845
|
+
chai.request(server)
|
846
|
+
.post('/auth/signinWithCustomToken' )
|
847
|
+
.set('Authorization', 'JWT '+jwtToken)
|
848
|
+
//.send({ id_project: savedProject._id})
|
849
|
+
.send()
|
850
|
+
.end((err, res) => {
|
851
|
+
//console.log("res", res);
|
852
|
+
console.log("res.body", res.body);
|
853
|
+
res.should.have.status(200);
|
854
|
+
res.body.should.be.a('object');
|
855
|
+
expect(res.body.success).to.equal(true);
|
856
|
+
console.log("1");
|
857
|
+
|
858
|
+
expect(res.body.user.email).to.equal(emailToCheck);
|
859
|
+
console.log("2");
|
860
|
+
expect(res.body.user.firstname).to.equal("andrea");
|
861
|
+
// expect(res.body.user._id).to.not.equal("123");
|
862
|
+
console.log("3");
|
863
|
+
|
864
|
+
|
865
|
+
expect(res.body.token).to.not.equal(undefined);
|
866
|
+
// expect(res.body.token).to.equal('JWT '+jwtToken);
|
867
|
+
|
868
|
+
console.log("4");
|
869
|
+
done();
|
870
|
+
});
|
871
|
+
});
|
872
|
+
});
|
873
|
+
});
|
874
|
+
|
875
|
+
});
|
876
|
+
|
877
|
+
|
878
|
+
|
879
|
+
|
880
|
+
|
881
|
+
// mocha test/authentication.js --grep 'signinWithCustomTokenRole'
|
882
|
+
|
883
|
+
|
884
|
+
it('signinWithCustomTokenRoleEmailAlreadyUsed', (done) => {
|
885
|
+
|
886
|
+
|
887
|
+
var email = "test-signinWithCustomTokenRoleEmailAlreadyUsed-" + Date.now() + "@email.com";
|
888
|
+
var pwd = "pwd";
|
889
|
+
|
890
|
+
|
891
|
+
var emailToCheck = "emailrole"+ Date.now() +"@email.com";
|
892
|
+
|
893
|
+
userService.signup( emailToCheck ,pwd, "andrea", "leo").then(function(savedUserToCheck) {
|
894
|
+
|
895
|
+
userService.signup( email ,pwd, "Test Firstname", "Test lastname").then(function(savedUser) {
|
896
|
+
// create(name, createdBy, settings)
|
897
|
+
projectService.create("test-signinWithCustomTokenRoleEmailAlreadyUsed", savedUser._id).then(function(savedProject) {
|
898
|
+
|
899
|
+
chai.request(server)
|
900
|
+
.post('/'+ savedProject._id + '/keys/generate')
|
901
|
+
.auth(email, pwd)
|
902
|
+
.send()
|
903
|
+
.end((err, res) => {
|
904
|
+
//console.log("res", res);
|
905
|
+
console.log("res.body", res.body);
|
906
|
+
res.should.have.status(200);
|
907
|
+
res.body.should.be.a('object');
|
908
|
+
expect(res.body.jwtSecret).to.not.equal(null);
|
909
|
+
|
910
|
+
// 'E11000 duplicate key error collection: tiledesk-test.users index: email_1 dup key: { email: "email@email.com" }' }
|
911
|
+
var externalUserObj = {_id: "123", firstname:"andrea", lastname:"leo", email: emailToCheck, role:"admin"};
|
912
|
+
|
913
|
+
console.log("externalUserObj", externalUserObj);
|
914
|
+
|
915
|
+
|
916
|
+
var signOptions = {
|
917
|
+
subject: 'userexternal',
|
918
|
+
audience: 'https://tiledesk.com/projects/'+savedProject._id ,
|
919
|
+
};
|
920
|
+
|
921
|
+
|
922
|
+
var jwtToken = jwt.sign(externalUserObj, res.body.jwtSecret,signOptions);
|
923
|
+
|
924
|
+
console.log("jwtToken", jwtToken);
|
925
|
+
|
926
|
+
|
927
|
+
chai.request(server)
|
928
|
+
.post('/auth/signinWithCustomToken' )
|
929
|
+
.set('Authorization', 'JWT '+jwtToken)
|
930
|
+
//.send({ id_project: savedProject._id})
|
931
|
+
.send()
|
932
|
+
.end((err, res) => {
|
933
|
+
//console.log("res", res);
|
934
|
+
console.log("res.body", res.body);
|
935
|
+
res.should.have.status(200);
|
936
|
+
res.body.should.be.a('object');
|
937
|
+
expect(res.body.success).to.equal(true);
|
938
|
+
// console.log("1");
|
939
|
+
|
940
|
+
expect(res.body.user.email).to.equal(emailToCheck);
|
941
|
+
// console.log("2");
|
942
|
+
expect(res.body.user.firstname).to.equal("andrea");
|
943
|
+
// expect(res.body.user._id).to.not.equal("123");
|
944
|
+
// console.log("3");
|
945
|
+
|
946
|
+
|
947
|
+
expect(res.body.token).to.not.equal(undefined);
|
948
|
+
// expect(res.body.token).to.equal('JWT '+jwtToken);
|
949
|
+
|
950
|
+
// console.log("4");
|
951
|
+
done();
|
952
|
+
});
|
953
|
+
});
|
954
|
+
});
|
955
|
+
});
|
956
|
+
});
|
957
|
+
});
|
958
|
+
|
959
|
+
|
960
|
+
|
961
|
+
|
962
|
+
|
963
|
+
|
964
|
+
|
965
|
+
// mocha test/authentication.js --grep 'signinWithCustomTokenRoleSameOwnerEmail'
|
966
|
+
|
967
|
+
|
968
|
+
it('signinWithCustomTokenRoleSameOwnerEmail', (done) => {
|
969
|
+
|
970
|
+
|
971
|
+
var email = "test-sctrolesameowner-" + Date.now() + "@email.com";
|
972
|
+
var pwd = "pwd";
|
973
|
+
|
974
|
+
|
975
|
+
var emailToCheck = email;
|
976
|
+
|
977
|
+
|
978
|
+
userService.signup( email ,pwd, "Test Firstname", "Test lastname").then(function(savedUser) {
|
979
|
+
// create(name, createdBy, settings)
|
980
|
+
projectService.create("test-signinWithCustomTokenRoleEmailAlreadyUsed", savedUser._id).then(function(savedProject) {
|
981
|
+
|
982
|
+
chai.request(server)
|
983
|
+
.post('/'+ savedProject._id + '/keys/generate')
|
984
|
+
.auth(email, pwd)
|
985
|
+
.send()
|
986
|
+
.end((err, res) => {
|
987
|
+
//console.log("res", res);
|
988
|
+
console.log("res.body", res.body);
|
989
|
+
res.should.have.status(200);
|
990
|
+
res.body.should.be.a('object');
|
991
|
+
expect(res.body.jwtSecret).to.not.equal(null);
|
992
|
+
|
993
|
+
// 'E11000 duplicate key error collection: tiledesk-test.users index: email_1 dup key: { email: "email@email.com" }' }
|
994
|
+
var externalUserObj = {_id: "123", firstname:"andrea", lastname:"leo", email: emailToCheck, role:"admin"};
|
995
|
+
|
996
|
+
console.log("externalUserObj", externalUserObj);
|
997
|
+
|
998
|
+
|
999
|
+
var signOptions = {
|
1000
|
+
subject: 'userexternal',
|
1001
|
+
audience: 'https://tiledesk.com/projects/'+savedProject._id ,
|
1002
|
+
};
|
1003
|
+
|
1004
|
+
|
1005
|
+
var jwtToken = jwt.sign(externalUserObj, res.body.jwtSecret,signOptions);
|
1006
|
+
|
1007
|
+
console.log("jwtToken", jwtToken);
|
1008
|
+
|
1009
|
+
|
1010
|
+
chai.request(server)
|
1011
|
+
.post('/auth/signinWithCustomToken' )
|
1012
|
+
.set('Authorization', 'JWT '+jwtToken)
|
1013
|
+
//.send({ id_project: savedProject._id})
|
1014
|
+
.send()
|
1015
|
+
.end((err, res) => {
|
1016
|
+
//console.log("res", res);
|
1017
|
+
console.log("res.body", res.body);
|
1018
|
+
res.should.have.status(200);
|
1019
|
+
res.body.should.be.a('object');
|
1020
|
+
expect(res.body.success).to.equal(true);
|
1021
|
+
console.log("1");
|
1022
|
+
|
1023
|
+
expect(res.body.user.email).to.equal(emailToCheck);
|
1024
|
+
console.log("2");
|
1025
|
+
expect(res.body.user.firstname).to.equal("Test Firstname");
|
1026
|
+
// expect(res.body.user._id).to.not.equal("123");
|
1027
|
+
console.log("3");
|
1028
|
+
|
1029
|
+
|
1030
|
+
expect(res.body.token).to.not.equal(undefined);
|
1031
|
+
// expect(res.body.token).to.equal('JWT '+jwtToken);
|
1032
|
+
|
1033
|
+
console.log("4");
|
1034
|
+
done();
|
1035
|
+
});
|
1036
|
+
});
|
1037
|
+
});
|
1038
|
+
});
|
1039
|
+
});
|
1040
|
+
|
1041
|
+
|
791
1042
|
|
792
1043
|
|
793
1044
|
|