wildduck/lib/api/autoreply.js

'use strict';

const Joi = require('joi');
const ObjectId = require('mongodb').ObjectId;
const tools = require('../tools');
const roles = require('../roles');
const { sessSchema, sessIPSchema, booleanSchema } = require('../schemas');
const { publish, AUTOREPLY_USER_DISABLED, AUTOREPLY_USER_ENABLED } = require('../events');

module.exports = (db, server) => {
    server.put(
        '/users/:user/autoreply',
        tools.asyncifyJson(async (req, res, next) => {
            res.charSet('utf-8');

            const schema = Joi.object().keys({
                user: Joi.string().hex().lowercase().length(24).required(),
                status: booleanSchema,
                name: Joi.string().allow('').trim().max(128),
                subject: Joi.string()
                    .allow('')
                    .trim()
                    .max(2 * 1024),
                text: Joi.string()
                    .allow('')
                    .trim()
                    .max(128 * 1024),
                html: Joi.string()
                    .allow('')
                    .trim()
                    .max(128 * 1024),
                start: Joi.date().empty('').allow(false),
                end: Joi.date().empty('').allow(false),
                sess: sessSchema,
                ip: sessIPSchema
            });

            const result = schema.validate(req.params, {
                abortEarly: false,
                convert: true
            });

            if (result.error) {
                res.status(400);
                res.json({
                    error: result.error.message,
                    code: 'InputValidationError',
                    details: tools.validationErrors(result)
                });
                return next();
            }

            // permissions check
            if (req.user && req.user === result.value.user) {
                req.validate(roles.can(req.role).updateOwn('autoreplies'));
            } else {
                req.validate(roles.can(req.role).updateAny('autoreplies'));
            }

            let user = new ObjectId(result.value.user);
            result.value.user = user;

            if (typeof result.value.status === 'boolean') {
                const r = await db.users.collection('users').updateOne({ _id: user }, { $set: { autoreply: result.value.status } });
                if (!r.matchedCount) {
                    res.status(404);
                    res.json({
                        error: 'Unknown user',
                        code: 'UserNotFound'
                    });
                    return next();
                }
                if (r.modifiedCount) {
                    await publish(db.redis, {
                        ev: result.value.status ? AUTOREPLY_USER_ENABLED : AUTOREPLY_USER_DISABLED,
                        user
                    });
                }
            } else {
                const userData = await db.users.collection('users').findOne({ _id: user }, { projection: { _id: true, autoreply: true } });
                if (!userData) {
                    res.status(404);
                    res.json({
                        error: 'Unknown user',
                        code: 'UserNotFound'
                    });
                    return next();
                }
            }

            const r = await db.database.collection('autoreplies').updateOne({ user }, { $set: result.value }, { upsert: true });

            res.json({
                success: true,
                id: ((r.upsertedId && r.upsertedId._id) || '').toString()
            });

            return next();
        })
    );

    server.get(
        '/users/:user/autoreply',
        tools.asyncifyJson(async (req, res, next) => {
            res.charSet('utf-8');

            const schema = Joi.object().keys({
                user: Joi.string().hex().lowercase().length(24).required(),
                sess: sessSchema,
                ip: sessIPSchema
            });

            const result = schema.validate(req.params, {
                abortEarly: false,
                convert: true
            });

            if (result.error) {
                res.status(400);
                res.json({
                    error: result.error.message,
                    code: 'InputValidationError',
                    details: tools.validationErrors(result)
                });
                return next();
            }

            // permissions check
            if (req.user && req.user === result.value.user) {
                req.validate(roles.can(req.role).readOwn('autoreplies'));
            } else {
                req.validate(roles.can(req.role).readAny('autoreplies'));
            }

            let user = new ObjectId(result.value.user);

            let entry = await db.database.collection('autoreplies').findOne({ user });

            entry = entry || {};
            res.json({
                success: true,
                status: !!entry.status,
                name: entry.name || '',
                subject: entry.subject || '',
                text: entry.text || '',
                html: entry.html || '',
                start: entry.start || false,
                end: entry.end || false
            });

            return next();
        })
    );

    server.del(
        '/users/:user/autoreply',
        tools.asyncifyJson(async (req, res, next) => {
            res.charSet('utf-8');

            const schema = Joi.object().keys({
                user: Joi.string().hex().lowercase().length(24).required(),
                sess: sessSchema,
                ip: sessIPSchema
            });

            const result = schema.validate(req.params, {
                abortEarly: false,
                convert: true
            });

            if (result.error) {
                res.status(400);
                res.json({
                    error: result.error.message,
                    code: 'InputValidationError',
                    details: tools.validationErrors(result)
                });
                return next();
            }

            // permissions check
            if (req.user && req.user === result.value.user) {
                req.validate(roles.can(req.role).deleteOwn('autoreplies'));
            } else {
                req.validate(roles.can(req.role).deleteAny('autoreplies'));
            }

            let user = new ObjectId(result.value.user);

            let r = await db.users.collection('users').updateOne({ _id: user }, { $set: { autoreply: false } });
            if (r.modifiedCount) {
                await publish(db.redis, {
                    ev: AUTOREPLY_USER_DISABLED,
                    user
                });
            }

            await db.database.collection('autoreplies').deleteOne({ user });

            res.json({
                success: true
            });

            return next();
        })
    );
};
added autoreply api 2017-07-30 23:07:35 +08:00			`'use strict';`

			`const Joi = require('joi');`
Upgrade Mongodb library from 3 to 4 update 2021-08-30 16:18:42 +08:00			`const ObjectId = require('mongodb').ObjectId;`
updated api permissions 2018-10-12 16:13:54 +08:00			`const tools = require('../tools');`
			`const roles = require('../roles');`
Upgraded joi to latest 2020-07-20 01:51:06 +08:00			`const { sessSchema, sessIPSchema, booleanSchema } = require('../schemas');`
first draft for webhooks 2020-10-09 16:08:33 +08:00			`const { publish, AUTOREPLY_USER_DISABLED, AUTOREPLY_USER_ENABLED } = require('../events');`
added autoreply api 2017-07-30 23:07:35 +08:00
			`module.exports = (db, server) => {`
updated api permissions 2018-10-12 16:13:54 +08:00			`server.put(`
			`'/users/:user/autoreply',`
			`tools.asyncifyJson(async (req, res, next) => {`
			`res.charSet('utf-8');`

			`const schema = Joi.object().keys({`
show validation errors in JSON response 2020-07-16 16:31:58 +08:00			`user: Joi.string().hex().lowercase().length(24).required(),`
updated API handling for autoreplies 2020-07-31 18:36:07 +08:00			`status: booleanSchema,`
			`name: Joi.string().allow('').trim().max(128),`
allow subjects up to 2048b 2022-03-29 20:36:07 +08:00			`subject: Joi.string()`
			`.allow('')`
			`.trim()`
			`.max(2 * 1024),`
updated api permissions 2018-10-12 16:13:54 +08:00			`text: Joi.string()`
updated API handling for autoreplies 2020-07-31 18:36:07 +08:00			`.allow('')`
updated api permissions 2018-10-12 16:13:54 +08:00			`.trim()`
			`.max(128 * 1024),`
			`html: Joi.string()`
updated API handling for autoreplies 2020-07-31 18:36:07 +08:00			`.allow('')`
updated api permissions 2018-10-12 16:13:54 +08:00			`.trim()`
			`.max(128 * 1024),`
show validation errors in JSON response 2020-07-16 16:31:58 +08:00			`start: Joi.date().empty('').allow(false),`
			`end: Joi.date().empty('').allow(false),`
Upgraded joi to latest 2020-07-20 01:51:06 +08:00			`sess: sessSchema,`
			`ip: sessIPSchema`
added autoreply api 2017-07-30 23:07:35 +08:00			`});`

Upgraded joi to latest 2020-07-20 01:51:06 +08:00			`const result = schema.validate(req.params, {`
updated api permissions 2018-10-12 16:13:54 +08:00			`abortEarly: false,`
			`convert: true`
			`});`
v1.0.109 2018-01-24 17:29:12 +08:00
updated api permissions 2018-10-12 16:13:54 +08:00			`if (result.error) {`
migrated API tests from icedfrisby to supertest 2019-07-31 21:05:59 +08:00			`res.status(400);`
updated api permissions 2018-10-12 16:13:54 +08:00			`res.json({`
			`error: result.error.message,`
show validation errors in JSON response 2020-07-16 16:31:58 +08:00			`code: 'InputValidationError',`
			`details: tools.validationErrors(result)`
updated api permissions 2018-10-12 16:13:54 +08:00			`});`
			`return next();`
			`}`
added autoreply api 2017-07-30 23:07:35 +08:00
updated api permissions 2018-10-12 16:13:54 +08:00			`// permissions check`
			`if (req.user && req.user === result.value.user) {`
			`req.validate(roles.can(req.role).updateOwn('autoreplies'));`
			`} else {`
			`req.validate(roles.can(req.role).updateAny('autoreplies'));`
			`}`

Upgrade Mongodb library from 3 to 4 update 2021-08-30 16:18:42 +08:00			`let user = new ObjectId(result.value.user);`
updated API handling for autoreplies 2020-07-31 18:36:07 +08:00			`result.value.user = user;`
updated autoreplies 2017-11-15 21:59:37 +08:00
updated API handling for autoreplies 2020-07-31 18:36:07 +08:00			`if (typeof result.value.status === 'boolean') {`
			`const r = await db.users.collection('users').updateOne({ _id: user }, { $set: { autoreply: result.value.status } });`
			`if (!r.matchedCount) {`
ensure non-200 response for errors 2021-05-20 19:47:20 +08:00			`res.status(404);`
updated API handling for autoreplies 2020-07-31 18:36:07 +08:00			`res.json({`
			`error: 'Unknown user',`
			`code: 'UserNotFound'`
			`});`
			`return next();`
updated api permissions 2018-10-12 16:13:54 +08:00			`}`
first draft for webhooks 2020-10-09 16:08:33 +08:00			`if (r.modifiedCount) {`
			`await publish(db.redis, {`
			`ev: result.value.status ? AUTOREPLY_USER_ENABLED : AUTOREPLY_USER_DISABLED,`
			`user`
			`});`
			`}`
updated API handling for autoreplies 2020-07-31 18:36:07 +08:00			`} else {`
			`const userData = await db.users.collection('users').findOne({ _id: user }, { projection: { _id: true, autoreply: true } });`
			`if (!userData) {`
ensure non-200 response for errors 2021-05-20 19:47:20 +08:00			`res.status(404);`
updated API handling for autoreplies 2020-07-31 18:36:07 +08:00			`res.json({`
			`error: 'Unknown user',`
			`code: 'UserNotFound'`
			`});`
			`return next();`
updated api permissions 2018-10-12 16:13:54 +08:00			`}`
added autoreply api 2017-07-30 23:07:35 +08:00			`}`
updated api permissions 2018-10-12 16:13:54 +08:00
updated API handling for autoreplies 2020-07-31 18:36:07 +08:00			`const r = await db.database.collection('autoreplies').updateOne({ user }, { $set: result.value }, { upsert: true });`
added autoreply api 2017-07-30 23:07:35 +08:00
updated api permissions 2018-10-12 16:13:54 +08:00			`res.json({`
			`success: true,`
Do not use _id in API response 2021-01-07 15:41:48 +08:00			`id: ((r.upsertedId && r.upsertedId._id) \|\| '').toString()`
added autoreply api 2017-07-30 23:07:35 +08:00			`});`
updated api permissions 2018-10-12 16:13:54 +08:00
			`return next();`
			`})`
			`);`
added autoreply api 2017-07-30 23:07:35 +08:00
updated api permissions 2018-10-12 16:13:54 +08:00			`server.get(`
			`'/users/:user/autoreply',`
			`tools.asyncifyJson(async (req, res, next) => {`
			`res.charSet('utf-8');`

			`const schema = Joi.object().keys({`
show validation errors in JSON response 2020-07-16 16:31:58 +08:00			`user: Joi.string().hex().lowercase().length(24).required(),`
Upgraded joi to latest 2020-07-20 01:51:06 +08:00			`sess: sessSchema,`
			`ip: sessIPSchema`
added autoreply api 2017-07-30 23:07:35 +08:00			`});`

Upgraded joi to latest 2020-07-20 01:51:06 +08:00			`const result = schema.validate(req.params, {`
updated api permissions 2018-10-12 16:13:54 +08:00			`abortEarly: false,`
			`convert: true`
			`});`
added autoreply api 2017-07-30 23:07:35 +08:00
updated api permissions 2018-10-12 16:13:54 +08:00			`if (result.error) {`
migrated API tests from icedfrisby to supertest 2019-07-31 21:05:59 +08:00			`res.status(400);`
added autoreply api 2017-07-30 23:07:35 +08:00			`res.json({`
updated api permissions 2018-10-12 16:13:54 +08:00			`error: result.error.message,`
show validation errors in JSON response 2020-07-16 16:31:58 +08:00			`code: 'InputValidationError',`
			`details: tools.validationErrors(result)`
added autoreply api 2017-07-30 23:07:35 +08:00			`});`
			`return next();`
			`}`

updated api permissions 2018-10-12 16:13:54 +08:00			`// permissions check`
			`if (req.user && req.user === result.value.user) {`
			`req.validate(roles.can(req.role).readOwn('autoreplies'));`
			`} else {`
			`req.validate(roles.can(req.role).readAny('autoreplies'));`
			`}`

Upgrade Mongodb library from 3 to 4 update 2021-08-30 16:18:42 +08:00			`let user = new ObjectId(result.value.user);`
updated api permissions 2018-10-12 16:13:54 +08:00
			`let entry = await db.database.collection('autoreplies').findOne({ user });`

added autoreply api 2017-07-30 23:07:35 +08:00			`entry = entry \|\| {};`
			`res.json({`
			`success: true,`
			`status: !!entry.status,`
v1.0.109 2018-01-24 17:29:12 +08:00			`name: entry.name \|\| '',`
added autoreply api 2017-07-30 23:07:35 +08:00			`subject: entry.subject \|\| '',`
updated autoreplies 2017-11-15 21:59:37 +08:00			`text: entry.text \|\| '',`
			`html: entry.html \|\| '',`
updated api permissions 2018-10-12 16:13:54 +08:00			`start: entry.start \|\| false,`
			`end: entry.end \|\| false`
added autoreply api 2017-07-30 23:07:35 +08:00			`});`

			`return next();`
updated api permissions 2018-10-12 16:13:54 +08:00			`})`
			`);`
added autoreply api 2017-07-30 23:07:35 +08:00
updated api permissions 2018-10-12 16:13:54 +08:00			`server.del(`
			`'/users/:user/autoreply',`
			`tools.asyncifyJson(async (req, res, next) => {`
			`res.charSet('utf-8');`

			`const schema = Joi.object().keys({`
show validation errors in JSON response 2020-07-16 16:31:58 +08:00			`user: Joi.string().hex().lowercase().length(24).required(),`
Upgraded joi to latest 2020-07-20 01:51:06 +08:00			`sess: sessSchema,`
			`ip: sessIPSchema`
added autoreply api 2017-07-30 23:07:35 +08:00			`});`

Upgraded joi to latest 2020-07-20 01:51:06 +08:00			`const result = schema.validate(req.params, {`
updated api permissions 2018-10-12 16:13:54 +08:00			`abortEarly: false,`
			`convert: true`
			`});`
added autoreply api 2017-07-30 23:07:35 +08:00
updated api permissions 2018-10-12 16:13:54 +08:00			`if (result.error) {`
migrated API tests from icedfrisby to supertest 2019-07-31 21:05:59 +08:00			`res.status(400);`
added autoreply api 2017-07-30 23:07:35 +08:00			`res.json({`
updated api permissions 2018-10-12 16:13:54 +08:00			`error: result.error.message,`
show validation errors in JSON response 2020-07-16 16:31:58 +08:00			`code: 'InputValidationError',`
			`details: tools.validationErrors(result)`
added autoreply api 2017-07-30 23:07:35 +08:00			`});`
			`return next();`
			`}`

updated api permissions 2018-10-12 16:13:54 +08:00			`// permissions check`
			`if (req.user && req.user === result.value.user) {`
			`req.validate(roles.can(req.role).deleteOwn('autoreplies'));`
			`} else {`
			`req.validate(roles.can(req.role).deleteAny('autoreplies'));`
			`}`
added autoreply api 2017-07-30 23:07:35 +08:00
Upgrade Mongodb library from 3 to 4 update 2021-08-30 16:18:42 +08:00			`let user = new ObjectId(result.value.user);`
added autoreply api 2017-07-30 23:07:35 +08:00
first draft for webhooks 2020-10-09 16:08:33 +08:00			`let r = await db.users.collection('users').updateOne({ _id: user }, { $set: { autoreply: false } });`
			`if (r.modifiedCount) {`
			`await publish(db.redis, {`
			`ev: AUTOREPLY_USER_DISABLED,`
			`user`
			`});`
			`}`

updated api permissions 2018-10-12 16:13:54 +08:00			`await db.database.collection('autoreplies').deleteOne({ user });`

			`res.json({`
			`success: true`
added autoreply api 2017-07-30 23:07:35 +08:00			`});`
updated api permissions 2018-10-12 16:13:54 +08:00
			`return next();`
			`})`
			`);`
added autoreply api 2017-07-30 23:07:35 +08:00			`};`