apitech
/
Rocket.Chat
mirror of https://github.com/RocketChat/Rocket.Chat
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The communications platform that puts data protection first.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19170 Commits
704 Branches
1176 Tags
2.1 GiB
 
 
 
 
 
Tag: Branch: Tree: apps/e2e-testing
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'apps/e2e-testing'
${ noResults }
Rocket.Chat/ee/app/auditing/server/methods.js

146 lines
4.1 KiB
Raw Permalink Blame History

import { Meteor } from 'meteor/meteor';
import s from 'underscore.string';
import { check } from 'meteor/check';
import { DDPRateLimiter } from 'meteor/ddp-rate-limiter';
import { TAPi18n } from 'meteor/rocketchat:tap-i18n';
import AuditLog from './auditLog';
import { LivechatRooms, Rooms, Messages, Users } from '../../../../app/models/server';
import { escapeRegExp } from '../../../../lib/escapeRegExp';
import { hasPermission } from '../../../../app/authorization/server';
const getValue = (room) => room && { rids: [room._id], name: room.name };
const getUsersIdFromUserName = (usersName) => {
const user = usersName && Users.findByUsername({ $in: usersName });
return user.map((userId) => userId._id);
};
const getRoomInfoByAuditParams = ({ type, roomId, users, visitor, agent }) => {
if (roomId) {
return getValue(Rooms.findOne({ _id: roomId }));
}
if (type === 'd') {
return getValue(Rooms.findDirectRoomContainingAllUsernames(users));
}
if (type === 'l') {
console.warning('Deprecation Warning! This method will be removed in the next version (4.0.0)');
const rooms = LivechatRooms.findByVisitorIdAndAgentId(visitor, agent, { fields: { _id: 1 } }).fetch();
return rooms && rooms.length && { rids: rooms.map(({ _id }) => _id), name: TAPi18n.__('Omnichannel') };
}
};
Meteor.methods({
auditGetOmnichannelMessages({ startDate, endDate, users, msg, type, visitor, agent }) {
check(startDate, Date);
check(endDate, Date);
const user = Meteor.user();
if (!hasPermission(user._id, 'can-audit')) {
throw new Meteor.Error('Not allowed');
}
const rooms = LivechatRooms.findByVisitorIdAndAgentId(visitor, agent !== 'all' && agent, { fields: { _id: 1 } }).fetch();
const roomsData = rooms && rooms.length && { rids: rooms.map(({ _id }) => _id), name: TAPi18n.__('Omnichannel') };
const { rids, name } = roomsData;
const query = {
rid: { $in: rids },
ts: {
$gt: startDate,
$lt: endDate,
},
};
if (msg) {
const regex = new RegExp(s.trim(escapeRegExp(msg)), 'i');
query.msg = regex;
}
const messages = Messages.find(query).fetch();
// Once the filter is applied, messages will be shown and a log containing all filters will be saved for further auditing.
AuditLog.insert({ ts: new Date(), results: messages.length, u: user, fields: { msg, users, rids, room: name, startDate, endDate, type, visitor, agent } });
return messages;
},
auditGetMessages({ rid: roomId, startDate, endDate, users, msg, type, visitor, agent }) {
check(startDate, Date);
check(endDate, Date);
const user = Meteor.user();
if (!hasPermission(user._id, 'can-audit')) {
throw new Meteor.Error('Not allowed');
}
let rids;
let name;
const query = {
ts: {
$gt: startDate,
$lt: endDate,
},
};
if (type === 'u') {
const usersId = getUsersIdFromUserName(users);
query['u._id'] = { $in: usersId };
} else {
const roomInfo = getRoomInfoByAuditParams({ type, roomId, users, visitor, agent });
if (!roomInfo) {
throw new Meteor.Error('Room doesn`t exist');
}
rids = roomInfo.rids;
name = roomInfo.name;
query.rid = { $in: rids };
}
if (msg) {
const regex = new RegExp(s.trim(escapeRegExp(msg)), 'i');
query.msg = regex;
}
const messages = Messages.find(query).fetch();
// Once the filter is applied, messages will be shown and a log containing all filters will be saved for further auditing.
AuditLog.insert({ ts: new Date(), results: messages.length, u: user, fields: { msg, users, rids, room: name, startDate, endDate, type, visitor, agent } });
return messages;
},
auditGetAuditions({ startDate, endDate }) {
check(startDate, Date);
check(endDate, Date);
if (!hasPermission(Meteor.userId(), 'can-audit-log')) {
throw new Meteor.Error('Not allowed');
}
return AuditLog.find({
// 'u._id': userId,
ts: {
$gt: startDate,
$lt: endDate,
},
}).fetch();
},
});
DDPRateLimiter.addRule({
type: 'method',
name: 'auditGetAuditions',
userId(/* userId*/) {
return true;
},
}, 10, 60000);
DDPRateLimiter.addRule({
type: 'method',
name: 'auditGetMessages',
userId(/* userId*/) {
return true;
},
}, 10, 60000);