apitech
/
Rocket.Chat
mirror of https://github.com/RocketChat/Rocket.Chat
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into develop

Browse Source
pull/21579/head
Diego Sampaio 4 years ago
parent da6b34f39e 5e9f4bc424
commit 7f2d924743
7 changed files with 452 additions and 111 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 9
      .github/history-manual.json
  2. 398
      .github/history.json
  3. 106
      HISTORY.md
  4. 7
      app/api/server/helpers/parseJsonQuery.js
  5. 29
      app/api/server/lib/cleanQuery.ts
  6. 9
      app/livechat/server/methods/loadHistory.js
  7. 5
      server/methods/getPasswordPolicy.js

9
.github/history-manual.json
Unescape View File

@ -79,5 +79,14 @@
"KevLehman",
"matheusbsilva137"
]
}],
"3.13.2": [{
"title": "[FIX] Security Hotfix (https://docs.rocket.chat/guides/security/security-updates)",
"userLogin": "sampaiodiego",
"contributors": [
"sampaiodiego",
"KevLehman",
"renatobecker"
]
}]
}

398
.github/history.json
Unescape View File

@ -15363,6 +15363,14 @@
]
},
"HEAD": {
"node_version": "12.21.0",
"npm_version": "6.14.8",
"apps_engine_version": "1.24.1",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"0.66.0-rc.0": {
@ -56635,6 +56643,108 @@
}
]
},
"3.8.9": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.19.0",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.10.7": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.21.0-alpha.4235",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.11.3": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.22.2",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.12.1": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.23.0",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": [
{
"pr": "21020",
"title": "[FIX] Missing spaces on attachment ",
"userLogin": "dougfabris",
"milestone": "3.12.1",
"contributors": [
"dougfabris",
"tassoevan",
"web-flow"
]
},
{
"pr": "21004",
"title": "[IMPROVE] Close Call contextual bar after starting jitsi call.",
"userLogin": "yash-rajpal",
"description": "After jitsi call is started, if the call is started in a new window then we should close contextual tab bar.\r\nSo, when 'YES' is pressed on modal, we call handleClose function if openNewWindow is true, as call doesn't starts on tab bar, it starts on new window.",
"milestone": "3.12.1",
"contributors": [
"yash-rajpal",
"tassoevan",
"web-flow"
]
},
{
"pr": "20973",
"title": "[FIX] Stopping Jitsi reload",
"userLogin": "yash-rajpal",
"description": "The Function where Jitsi call is started gets called many times due to `room.usernames` dep of useMemo, this dep triggers reloading of this function many times.\r\nSo removing this dep from useMemo dependencies",
"milestone": "3.12.1",
"contributors": [
"yash-rajpal",
"tassoevan",
"web-flow"
]
}
]
},
"3.12.2": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.23.0",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.12.3": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.23.0",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.13.0-rc.0": {
"node_version": "12.21.0",
"npm_version": "6.14.8",
@ -56645,6 +56755,41 @@
"4.0"
],
"pull_requests": [
{
"pr": "21020",
"title": "[FIX] Missing spaces on attachment ",
"userLogin": "dougfabris",
"milestone": "3.12.1",
"contributors": [
"dougfabris",
"tassoevan",
"web-flow"
]
},
{
"pr": "21004",
"title": "[IMPROVE] Close Call contextual bar after starting jitsi call.",
"userLogin": "yash-rajpal",
"description": "After jitsi call is started, if the call is started in a new window then we should close contextual tab bar.\r\nSo, when 'YES' is pressed on modal, we call handleClose function if openNewWindow is true, as call doesn't starts on tab bar, it starts on new window.",
"milestone": "3.12.1",
"contributors": [
"yash-rajpal",
"tassoevan",
"web-flow"
]
},
{
"pr": "20973",
"title": "[FIX] Stopping Jitsi reload",
"userLogin": "yash-rajpal",
"description": "The Function where Jitsi call is started gets called many times due to `room.usernames` dep of useMemo, this dep triggers reloading of this function many times.\r\nSo removing this dep from useMemo dependencies",
"milestone": "3.12.1",
"contributors": [
"yash-rajpal",
"tassoevan",
"web-flow"
]
},
{
"pr": "20881",
"title": "[FIX] Follow thread action on threads list ",
@ -56661,6 +56806,7 @@
"pr": "20966",
"title": "[NEW] Teams",
"userLogin": "gabriellsh",
"description": "## Teams\r\n\r\n\r\n\r\nYou can easily group your users as Teams on Rocket.Chat. The feature takes the hassle out of managing multiple users one by one and allows you to handle them at the same time efficiently.\r\n\r\n\r\n- Teams can be public or private and each team can have its own channels, which also can be public or private.\r\n- It's possible to add existing channels to a Team or create new ones inside a Team.\r\n- It's possible to invite people outside a Team to join Team's channels.\r\n- It's possible to convert channels to Teams\r\n- It's possible to add all team members to a channel at once\r\n- Team members have roles\r\n\r\n\r\n![image](https://user-images.githubusercontent.com/70927132/113421955-4f56b680-93a2-11eb-80dc-9b70a3f09b3e.png)\r\n\r\n\r\n\r\n**Quickly onboard new users with Autojoin channels**\r\n\r\nTeams can have Auto-join channels – channels to which the team members are automatically added, so you don’t need to go through the manual process of adding users repetitively\r\n\r\n![image](https://user-images.githubusercontent.com/70927132/113419284-81194e80-939d-11eb-9fff-aeb05cbc8089.png)\r\n\r\n**Instantly mention multiple members at once** (available in EE)\r\n\r\nWith Teams, you don’t need to remember everyone’s name to communicate with a team quickly. Just mention a Team — @engineers, for instance — and all members will be instantly notified.",
"milestone": "3.13.0",
"contributors": [
"matheusbsilva137",
@ -57124,9 +57270,9 @@
{
"pr": "21000",
"title": "[IMPROVE] Make debug logs of Apps configurable via Log_Level setting in the Admin panel",
"userLogin": "meomay503",
"userLogin": "cuonghuunguyen",
"contributors": [
"meomay503",
"cuonghuunguyen",
"web-flow"
]
},
@ -57253,53 +57399,6 @@
}
]
},
"3.12.1": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.23.0",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": [
{
"pr": "21020",
"title": "[FIX] Missing spaces on attachment ",
"userLogin": "dougfabris",
"milestone": "3.12.1",
"contributors": [
"dougfabris",
"tassoevan",
"web-flow"
]
},
{
"pr": "21004",
"title": "[IMPROVE] Close Call contextual bar after starting jitsi call.",
"userLogin": "yash-rajpal",
"description": "After jitsi call is started, if the call is started in a new window then we should close contextual tab bar.\r\nSo, when 'YES' is pressed on modal, we call handleClose function if openNewWindow is true, as call doesn't starts on tab bar, it starts on new window.",
"milestone": "3.12.1",
"contributors": [
"yash-rajpal",
"tassoevan",
"web-flow"
]
},
{
"pr": "20973",
"title": "[FIX] Stopping Jitsi reload",
"userLogin": "yash-rajpal",
"description": "The Function where Jitsi call is started gets called many times due to `room.usernames` dep of useMemo, this dep triggers reloading of this function many times.\r\nSo removing this dep from useMemo dependencies",
"milestone": "3.12.1",
"contributors": [
"yash-rajpal",
"tassoevan",
"web-flow"
]
}
]
},
"3.13.0-rc.1": {
"node_version": "12.21.0",
"npm_version": "6.14.8",
@ -57320,50 +57419,6 @@
}
]
},
"3.8.9": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.19.0",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.10.7": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.21.0-alpha.4235",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.11.3": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.22.2",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.12.2": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.23.0",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.13.0-rc.2": {
"node_version": "12.21.0",
"npm_version": "6.14.8",
@ -57494,17 +57549,6 @@
}
]
},
"3.12.3": {
"node_version": "12.18.4",
"npm_version": "6.14.8",
"apps_engine_version": "1.23.0",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": []
},
"3.13.0-rc.3": {
"node_version": "12.21.0",
"npm_version": "6.14.8",
@ -58045,7 +58089,151 @@
"3.6",
"4.0"
],
"pull_requests": []
"pull_requests": [
{
"pr": "21437",
"title": "Release 3.13.0",
"userLogin": "sampaiodiego",
"contributors": [
"sampaiodiego",
null,
"fcecagno",
"web-flow",
"yash-rajpal",
"MartinSchoeler",
"dougfabris",
"KevLehman",
"r0zbot",
"tiagoevanp",
"cuonghuunguyen",
"lucassartor",
"rodrigok",
"PriyaBihani",
"shrinish123"
]
}
]
},
"3.13.1": {
"node_version": "12.21.0",
"npm_version": "6.14.8",
"apps_engine_version": "1.24.1",
"mongo_versions": [
"3.4",
"3.6",
"4.0"
],
"pull_requests": [
{
"pr": "21486",
"title": "Release 3.13.1",
"userLogin": "sampaiodiego",
"contributors": [
"rafaelblink",
"sampaiodiego",
"renatobecker",
"graywolf336",
"KevLehman",
"gabriellsh"
]
},
{
"pr": "21465",
"title": "[FIX] Header component breaking if user is not part of teams room.",
"userLogin": "gabriellsh",
"milestone": "3.13.1",
"contributors": [
"gabriellsh",
"web-flow"
]
},
{
"pr": "21469",
"title": "[FIX] Admin Users list pagination",
"userLogin": "KevLehman",
"description": "- Fix Administration/Users pagination",
"milestone": "3.13.1",
"contributors": [
"KevLehman"
]
},
{
"pr": "21470",
"title": "[FIX] App installation from marketplace not correctly displaying the permissions",
"userLogin": "graywolf336",
"description": "Fixes the marketplace app installation not correctly displaying the permissions modal.",
"milestone": "3.13.1",
"contributors": [
"graywolf336",
"d-gubert",
"web-flow",
"thassiov"
]
},
{
"pr": "21485",
"title": "[FIX] Omnichannel queue manager returning outdated room object",
"userLogin": "renatobecker",
"description": "The Omnichannel Queue Manager is returning outdated room object when delegating the chat to an agent, hence, our Livechat widget is affected and the agent assigned to the chat is not displayed on the widget, only after refreshing/reloading.",
"milestone": "3.13.1",
"contributors": [
"renatobecker"
]
},
{
"pr": "21481",
"title": "[FIX] Close chat button is not available for Omnichannel agents",
"userLogin": "rafaelblink",
"milestone": "3.13.1",
"contributors": [
"rafaelblink",
"renatobecker",
"web-flow"
]
},
{
"pr": "21476",
"title": "[FIX] Make Omnichannel's closing chat button the last action in the toolbox",
"userLogin": "rafaelblink",
"milestone": "3.13.1",
"contributors": [
"rafaelblink",
"renatobecker",
"web-flow"
]
},
{
"pr": "21450",
"title": "[FIX] Error when editing Omnichannel rooms without custom fields",
"userLogin": "rafaelblink",
"milestone": "3.13.1",
"contributors": [
"rafaelblink",
"renatobecker",
"web-flow"
]
},
{
"pr": "21453",
"title": "[FIX] Wrong useMemo on Priorities EE field.",
"userLogin": "rafaelblink",
"milestone": "3.13.1",
"contributors": [
"rafaelblink",
"renatobecker",
"web-flow"
]
},
{
"pr": "21462",
"title": "[FIX] Add tag input to Closing Chat modal",
"userLogin": "rafaelblink",
"milestone": "3.13.1",
"contributors": [
"rafaelblink"
]
}
]
}
}
}

106
HISTORY.md
Unescape View File

@ -1,6 +1,75 @@
# 3.13.2
`2021-04-14 · 1 🐛 · 3 👩💻👨💻`
### 🐛 Bug fixes
- Security Hotfix (https://docs.rocket.chat/guides/security/security-updates)
### 👩💻👨💻 Core Team 🤓
- [@KevLehman](https://github.com/KevLehman)
- [@renatobecker](https://github.com/renatobecker)
- [@sampaiodiego](https://github.com/sampaiodiego)
# 3.13.1
`2021-04-08 · 9 🐛 · 1 🔍 · 8 👩💻👨💻`
### Engine versions
- Node: `12.21.0`
- NPM: `6.14.8`
- MongoDB: `3.4, 3.6, 4.0`
- Apps-Engine: `1.24.1`
### 🐛 Bug fixes
- Add tag input to Closing Chat modal ([#21462](https://github.com/RocketChat/Rocket.Chat/pull/21462))
- Admin Users list pagination ([#21469](https://github.com/RocketChat/Rocket.Chat/pull/21469))
- Fix Administration/Users pagination
- App installation from marketplace not correctly displaying the permissions ([#21470](https://github.com/RocketChat/Rocket.Chat/pull/21470))
Fixes the marketplace app installation not correctly displaying the permissions modal.
- Close chat button is not available for Omnichannel agents ([#21481](https://github.com/RocketChat/Rocket.Chat/pull/21481))
- Error when editing Omnichannel rooms without custom fields ([#21450](https://github.com/RocketChat/Rocket.Chat/pull/21450))
- Header component breaking if user is not part of teams room. ([#21465](https://github.com/RocketChat/Rocket.Chat/pull/21465))
- Make Omnichannel's closing chat button the last action in the toolbox ([#21476](https://github.com/RocketChat/Rocket.Chat/pull/21476))
- Omnichannel queue manager returning outdated room object ([#21485](https://github.com/RocketChat/Rocket.Chat/pull/21485))
The Omnichannel Queue Manager is returning outdated room object when delegating the chat to an agent, hence, our Livechat widget is affected and the agent assigned to the chat is not displayed on the widget, only after refreshing/reloading.
- Wrong useMemo on Priorities EE field. ([#21453](https://github.com/RocketChat/Rocket.Chat/pull/21453))
<details>
<summary>🔍 Minor changes</summary>
- Release 3.13.1 ([#21486](https://github.com/RocketChat/Rocket.Chat/pull/21486))
</details>
### 👩💻👨💻 Core Team 🤓
- [@KevLehman](https://github.com/KevLehman)
- [@d-gubert](https://github.com/d-gubert)
- [@gabriellsh](https://github.com/gabriellsh)
- [@graywolf336](https://github.com/graywolf336)
- [@rafaelblink](https://github.com/rafaelblink)
- [@renatobecker](https://github.com/renatobecker)
- [@sampaiodiego](https://github.com/sampaiodiego)
- [@thassiov](https://github.com/thassiov)
# 3.13.0
`2021-04-03 · 7 🎉 · 11 🚀 · 36 🐛 · 60 🔍 · 38 👩💻👨💻`
`2021-04-04 · 7 🎉 · 11 🚀 · 36 🐛 · 61 🔍 · 38 👩💻👨💻`
### Engine versions
- Node: `12.21.0`
@ -77,6 +146,35 @@
- Teams ([#20966](https://github.com/RocketChat/Rocket.Chat/pull/20966))
## Teams
You can easily group your users as Teams on Rocket.Chat. The feature takes the hassle out of managing multiple users one by one and allows you to handle them at the same time efficiently.
- Teams can be public or private and each team can have its own channels, which also can be public or private.
- It's possible to add existing channels to a Team or create new ones inside a Team.
- It's possible to invite people outside a Team to join Team's channels.
- It's possible to convert channels to Teams
- It's possible to add all team members to a channel at once
- Team members have roles
![image](https://user-images.githubusercontent.com/70927132/113421955-4f56b680-93a2-11eb-80dc-9b70a3f09b3e.png)
**Quickly onboard new users with Autojoin channels**
Teams can have Auto-join channels – channels to which the team members are automatically added, so you don’t need to go through the manual process of adding users repetitively
![image](https://user-images.githubusercontent.com/70927132/113419284-81194e80-939d-11eb-9fff-aeb05cbc8089.png)
**Instantly mention multiple members at once** (available in EE)
With Teams, you don’t need to remember everyone’s name to communicate with a team quickly. Just mention a Team — @engineers, for instance — and all members will be instantly notified.
### 🚀 Improvements
@ -120,7 +218,7 @@
**Old UI:**
![before](https://user-images.githubusercontent.com/49413772/111685897-375e2f00-8807-11eb-814e-cb8060dc1830.PNG)
- Make debug logs of Apps configurable via Log_Level setting in the Admin panel ([#21000](https://github.com/RocketChat/Rocket.Chat/pull/21000) by [@meomay503](https://github.com/meomay503))
- Make debug logs of Apps configurable via Log_Level setting in the Admin panel ([#21000](https://github.com/RocketChat/Rocket.Chat/pull/21000) by [@cuonghuunguyen](https://github.com/cuonghuunguyen))
- Re-design Omnichannel Room Info Panel ([#21199](https://github.com/RocketChat/Rocket.Chat/pull/21199))
@ -500,6 +598,8 @@
- Regression: When only 'teams' type is provided, show only rooms with teamMain on `rooms.adminRooms` endpoint ([#21322](https://github.com/RocketChat/Rocket.Chat/pull/21322))
- Release 3.13.0 ([#21437](https://github.com/RocketChat/Rocket.Chat/pull/21437) by [@PriyaBihani](https://github.com/PriyaBihani) & [@cuonghuunguyen](https://github.com/cuonghuunguyen) & [@fcecagno](https://github.com/fcecagno) & [@shrinish123](https://github.com/shrinish123) & [@yash-rajpal](https://github.com/yash-rajpal))
- Update Apps-Engine version ([#21398](https://github.com/RocketChat/Rocket.Chat/pull/21398))
</details>
@ -513,11 +613,11 @@
- [@Tirieru](https://github.com/Tirieru)
- [@aKn1ghtOut](https://github.com/aKn1ghtOut)
- [@aditya-mitra](https://github.com/aditya-mitra)
- [@cuonghuunguyen](https://github.com/cuonghuunguyen)
- [@cyberShaw](https://github.com/cyberShaw)
- [@fcecagno](https://github.com/fcecagno)
- [@im-adithya](https://github.com/im-adithya)
- [@m-shreyansh](https://github.com/m-shreyansh)
- [@meomay503](https://github.com/meomay503)
- [@reda-alaoui](https://github.com/reda-alaoui)
- [@shrinish123](https://github.com/shrinish123)
- [@sumukhah](https://github.com/sumukhah)

7
app/api/server/helpers/parseJsonQuery.js
Unescape View File

@ -2,8 +2,14 @@ import { Meteor } from 'meteor/meteor';
import { EJSON } from 'meteor/ejson';
import { hasPermission } from '../../../authorization';
import { clean } from '../lib/cleanQuery';
import { API } from '../api';
const pathAllowConf = {
'/api/v1/users.list': ['$or', '$regex', '$and'],
def: ['$or', '$and', '$regex'],
};
API.helperMethods.set('parseJsonQuery', function _parseJsonQuery() {
let sort;
if (this.queryParams.sort) {
@ -54,6 +60,7 @@ API.helperMethods.set('parseJsonQuery', function _parseJsonQuery() {
if (this.queryParams.query) {
try {
query = EJSON.parse(this.queryParams.query);
query = clean(query, pathAllowConf[this.request.route] || pathAllowConf.def);
} catch (e) {
this.logger.warn(`Invalid query parameter provided "${ this.queryParams.query }":`, e);
throw new Meteor.Error('error-invalid-query', `Invalid query parameter provided: "${ this.queryParams.query }"`, { helperMethod: 'parseJsonQuery' });

29
app/api/server/lib/cleanQuery.ts
Unescape View File

@ -0,0 +1,29 @@
type Query = { [k: string]: any };
const denyList = ['constructor', '__proto__', 'prototype'];
const removeDangerousProps = (v: Query): Query => {
const query = Object.create(null);
for (const key in v) {
if (v.hasOwnProperty(key) && !denyList.includes(key)) {
query[key] = v[key];
}
}
return query;
};
export function clean(v: Query, allowList: string[] = []): Query {
const typedParam = removeDangerousProps(v);
if (v instanceof Object) {
/* eslint-disable guard-for-in */
for (const key in typedParam) {
if (/^$/.test(key) && !allowList.includes(key)) {
delete typedParam[key];
} else {
clean(typedParam[key], allowList);
}
}
}
return typedParam;
}

9
app/livechat/server/methods/loadHistory.js
Unescape View File

@ -1,7 +1,7 @@
import { Meteor } from 'meteor/meteor';
import { loadMessageHistory } from '../../../lib';
import { LivechatVisitors } from '../../../models';
import { LivechatVisitors, LivechatRooms } from '../../../models';
Meteor.methods({
'livechat:loadHistory'({ token, rid, end, limit = 20, ls }) {
@ -12,7 +12,12 @@ Meteor.methods({
const visitor = LivechatVisitors.getVisitorByToken(token, { fields: { _id: 1 } });
if (!visitor) {
return;
throw new Meteor.Error('invalid-visitor', 'Invalid Visitor', { method: 'livechat:loadHistory' });
}
const room = LivechatRooms.findOneByIdAndVisitorToken(rid, token, { fields: { _id: 1 } });
if (!room) {
throw new Meteor.Error('invalid-room', 'Invalid Room', { method: 'livechat:loadHistory' });
}
return loadMessageHistory({ userId: visitor._id, rid, end, limit, ls });

5
server/methods/getPasswordPolicy.js
Unescape View File

@ -1,10 +1,13 @@
import { Meteor } from 'meteor/meteor';
import { check } from 'meteor/check';
import { Users } from '../../app/models';
import { passwordPolicy } from '../../app/lib';
Meteor.methods({
getPasswordPolicy(params) {
getPasswordPolicy(params = {}) {
check(params, { token: String });
const user = Users.findOne({ 'services.password.reset.token': params.token });
if (!user && !Meteor.userId()) {
throw new Meteor.Error('error-invalid-user', 'Invalid user', {

Write Preview
Loading…
Cancel
Save