457 lines
18 KiB
TypeScript
457 lines
18 KiB
TypeScript
/*****************************************************************************\
|
|
| █████ █████ ██ █ █████ █████ ████ ██ ████ █████ █████ ███ ® |
|
|
| ██ █ ███ █ █ ██ ██ ██ ██ ██ ██ █ ██ ██ █ █ |
|
|
| ██ ███ ████ █ ██ █ ████ █████ ██████ ██ ████ █ █ █ ██ |
|
|
| ██ ██ █ █ ██ █ █ ██ ██ ██ ██ ██ ██ █ ██ ██ █ █ |
|
|
| █████ █████ █ ███ █████ ██ ██ ██ ██ █████ ████ █████ █ ███ |
|
|
| |
|
|
| General Bots Copyright (c) pragmatismo.cloud. All rights reserved. |
|
|
| Licensed under the AGPL-3.0. |
|
|
| |
|
|
| According to our dual licensing model, this program can be used either |
|
|
| under the terms of the GNU Affero General Public License, version 3, |
|
|
| or under a proprietary license. |
|
|
| |
|
|
| The texts of the GNU Affero General Public License with an additional |
|
|
| permission and of our proprietary license can be found at and |
|
|
| in the LICENSE file you have received along with this program. |
|
|
| |
|
|
| This program is distributed in the hope that it will be useful, |
|
|
| but WITHOUT ANY WARRANTY without even the implied warranty of |
|
|
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
|
| GNU Affero General Public License for more details. |
|
|
| |
|
|
| "General Bots" is a registered trademark of pragmatismo.cloud. |
|
|
| The licensing of the program under the AGPLv3 does not imply a |
|
|
| trademark license. Therefore any rights, title and interest in |
|
|
| our trademarks remain entirely with us. |
|
|
| |
|
|
\*****************************************************************************/
|
|
|
|
/**
|
|
* @fileoverview General Bots server core.
|
|
*/
|
|
|
|
'use strict';
|
|
|
|
import crypto from 'crypto';
|
|
import urlJoin from 'url-join';
|
|
import { WaterfallDialog } from 'botbuilder-dialogs';
|
|
import { GBMinInstance, IGBDialog } from 'botlib';
|
|
import { GBDeployer } from '../../core.gbapp/services/GBDeployer.js';
|
|
import { GBImporter } from '../../core.gbapp/services/GBImporterService.js';
|
|
import { Messages } from '../strings.js';
|
|
import { GBAdminService } from '../services/GBAdminService.js';
|
|
import { CollectionUtil } from 'pragmatismo-io-framework';
|
|
import { SecService } from '../../security.gbapp/services/SecService.js';
|
|
import { GBConfigService } from '../../core.gbapp/services/GBConfigService.js';
|
|
|
|
/**
|
|
* Dialogs for administration tasks.
|
|
*/
|
|
export class AdminDialog extends IGBDialog {
|
|
public static isIntentYes(locale, utterance) {
|
|
return utterance.toLowerCase().match(Messages[locale].affirmative_sentences);
|
|
}
|
|
|
|
public static isIntentNo(locale, utterance) {
|
|
return utterance.toLowerCase().match(Messages[locale].negative_sentences);
|
|
}
|
|
|
|
/**
|
|
* Setup dialogs flows and define services call.
|
|
*
|
|
* @param bot The bot adapter.
|
|
* @param min The minimal bot instance data.
|
|
*/
|
|
public static setup(min: GBMinInstance) {
|
|
// Setup services.
|
|
|
|
const importer = new GBImporter(min.core);
|
|
const deployer = new GBDeployer(min.core, importer);
|
|
|
|
AdminDialog.setupSecurityDialogs(min);
|
|
|
|
min.dialogs.add(
|
|
new WaterfallDialog('/admin-auth', [
|
|
async step => {
|
|
if (step.context.activity.channelId !== 'msteams' && process.env.ENABLE_AUTH) {
|
|
return await step.beginDialog('/auth');
|
|
} else {
|
|
return await step.next(step.options);
|
|
}
|
|
},
|
|
async step => {
|
|
const locale = step.context.activity.locale;
|
|
const prompt = Messages[locale].authenticate;
|
|
|
|
return await min.conversationalService.prompt(min, step, prompt);
|
|
},
|
|
async step => {
|
|
const locale = step.context.activity.locale;
|
|
const sensitive = step.context.activity['originalText'];
|
|
|
|
if (sensitive === min.instance.adminPass) {
|
|
await min.conversationalService.sendText(min, step, Messages[locale].welcome);
|
|
|
|
return await step.endDialog(true);
|
|
} else {
|
|
await min.conversationalService.sendText(min, step, Messages[locale].wrong_password);
|
|
return await step.replaceDialog('/admin-auth');
|
|
}
|
|
}
|
|
])
|
|
);
|
|
|
|
min.dialogs.add(
|
|
new WaterfallDialog('/admin', [
|
|
async step => {
|
|
if (step.context.activity.channelId !== 'msteams' && process.env.ENABLE_AUTH) {
|
|
return await step.beginDialog('/auth');
|
|
} else {
|
|
return await step.next(step.options);
|
|
}
|
|
},
|
|
async step => {
|
|
const locale = step.context.activity.locale;
|
|
const prompt = Messages[locale].authenticate;
|
|
|
|
return await min.conversationalService.prompt(min, step, prompt);
|
|
},
|
|
async step => {
|
|
const locale = step.context.activity.locale;
|
|
const sensitive = step.context.activity['originalText'];
|
|
|
|
if (sensitive === min.instance.adminPass) {
|
|
await min.conversationalService.sendText(min, step, Messages[locale].welcome);
|
|
|
|
return await min.conversationalService.prompt(min, step, Messages[locale].which_task);
|
|
} else {
|
|
await min.conversationalService.sendText(min, step, Messages[locale].wrong_password);
|
|
|
|
return await step.endDialog();
|
|
}
|
|
},
|
|
async step => {
|
|
const locale: string = step.context.activity.locale;
|
|
// tslint:disable-next-line:no-unsafe-any
|
|
const text: string = step.context.activity['originalText'];
|
|
const cmdName = text.split(' ')[0];
|
|
|
|
await min.conversationalService.sendText(min, step, Messages[locale].working(cmdName));
|
|
let unknownCommand = false;
|
|
|
|
try {
|
|
if (text === 'quit') {
|
|
return await step.replaceDialog('/');
|
|
} else if (cmdName === 'setupSecurity') {
|
|
return await step.beginDialog('/setupSecurity');
|
|
} else {
|
|
unknownCommand = true;
|
|
}
|
|
|
|
if (unknownCommand) {
|
|
await min.conversationalService.sendText(min, step, Messages[locale].unknown_command);
|
|
} else {
|
|
await min.conversationalService.sendText(min, step, Messages[locale].finished_working);
|
|
}
|
|
} catch (error) {
|
|
await min.conversationalService.sendText(min, step, error.message ? error.message : error);
|
|
}
|
|
await step.replaceDialog('/ask', { isReturning: true });
|
|
}
|
|
])
|
|
);
|
|
|
|
min.dialogs.add(
|
|
new WaterfallDialog('/install', [
|
|
async step => {
|
|
if (step.context.activity.channelId !== 'msteams' && process.env.ENABLE_AUTH) {
|
|
return await step.beginDialog('/auth');
|
|
} else {
|
|
return await step.next(step.options);
|
|
}
|
|
},
|
|
async step => {
|
|
step.activeDialog.state.options.args = (step.options as any).args;
|
|
if (step.activeDialog.state.options.confirm) {
|
|
return await step.next('sim');
|
|
} else {
|
|
const locale = step.context.activity.locale;
|
|
return await min.conversationalService.prompt(min, step, Messages[locale].publish_type_yes);
|
|
}
|
|
},
|
|
async step => {
|
|
const locale = step.context.activity.locale;
|
|
|
|
// If the user says yes, starts publishing.
|
|
|
|
if (AdminDialog.isIntentYes(locale, step.result)) {
|
|
const list = min.core.getParam(min.instance, '.gbapp List', null);
|
|
const items = list ? list.split(';') : [];
|
|
|
|
step.activeDialog.state.options.args;
|
|
|
|
for (let i = 0; i < items.length; i++) {
|
|
for (let j = 0; j < min.appPackages.length; j++) {
|
|
if (items[i] === min.appPackages[j]['name']) {
|
|
const element = min.appPackages[i];
|
|
await element.onExchangeData(min, 'install', null);
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
await min.conversationalService.sendText(min, step, Messages[locale].publish_canceled);
|
|
}
|
|
}
|
|
])
|
|
);
|
|
|
|
|
|
min.dialogs.add(
|
|
new WaterfallDialog('/logs', [
|
|
async step => {
|
|
if (step.context.activity.channelId !== 'msteams' && process.env.ENABLE_AUTH) {
|
|
return await step.beginDialog('/auth');
|
|
} else {
|
|
return await step.next(step.options);
|
|
}
|
|
},
|
|
async step => {
|
|
const logs = await min.core['getLatestLogs']();
|
|
await min.conversationalService.sendText(min, step, logs);
|
|
return await step.replaceDialog('/ask', { isReturning: true });
|
|
}
|
|
]));
|
|
|
|
|
|
min.dialogs.add(
|
|
new WaterfallDialog('/publish', [
|
|
async step => {
|
|
if (step.context.activity.channelId !== 'msteams' && process.env.ENABLE_AUTH) {
|
|
return await step.beginDialog('/auth');
|
|
} else {
|
|
return await step.next(step.options);
|
|
}
|
|
},
|
|
|
|
async step => {
|
|
step.activeDialog.state.options.confirm = true; // Feature removed.
|
|
if (step.activeDialog.state.options.confirm || process.env.ADMIN_OPEN_PUBLISH === 'true') {
|
|
return await step.next('sim');
|
|
} else {
|
|
const locale = step.context.activity.locale;
|
|
return await min.conversationalService.prompt(min, step, Messages[locale].publish_type_yes);
|
|
}
|
|
},
|
|
async step => {
|
|
const locale = step.context.activity.locale;
|
|
|
|
// If the user says yes, starts publishing.
|
|
|
|
if (AdminDialog.isIntentYes(locale, step.result)) {
|
|
let from = step.context.activity.from.id;
|
|
|
|
let canPublish: Boolean;
|
|
if (step.activeDialog.state.options.firstTime) {
|
|
canPublish = true;
|
|
} else {
|
|
canPublish = AdminDialog.canPublish(min, from) || process.env.ADMIN_OPEN_PUBLISH === 'true';
|
|
}
|
|
|
|
if (!canPublish) {
|
|
await step.beginDialog('/admin-auth');
|
|
} else {
|
|
await step.next(true);
|
|
}
|
|
} else {
|
|
await min.conversationalService.sendText(min, step, Messages[locale].publish_canceled);
|
|
}
|
|
},
|
|
async step => {
|
|
const locale = step.context.activity.locale;
|
|
if (!step.result) {
|
|
await min.conversationalService.sendText(min, step, Messages[locale].publish_must_be_admin);
|
|
|
|
return step.endDialog();
|
|
}
|
|
|
|
const botId = min.instance.botId;
|
|
|
|
await min.conversationalService.sendText(min, step, Messages[locale].working('Publishing'));
|
|
|
|
step.activeDialog.state.options.args = (step.options as any).args;
|
|
const filename = step.activeDialog.state.options.args
|
|
? step.activeDialog.state.options.args.split(' ')[0]
|
|
: null;
|
|
|
|
const packages = [];
|
|
let skipError = false;
|
|
if (!filename || filename === '') {
|
|
await min.conversationalService.sendText(min, step, `Starting publishing for ${botId} packages...`);
|
|
packages.push(`${botId}.gbot`);
|
|
packages.push(`${botId}.gbtheme`);
|
|
packages.push(`${botId}.gbkb`);
|
|
packages.push(`${botId}.gbdialog`);
|
|
skipError = true;
|
|
} else {
|
|
packages.push(filename);
|
|
}
|
|
|
|
|
|
await CollectionUtil.asyncForEach(packages, async packageName => {
|
|
let cmd1;
|
|
|
|
if (
|
|
packageName.toLowerCase() === 'gbdialog' ||
|
|
packageName.toLowerCase() === 'gbkb' ||
|
|
packageName.toLowerCase() === 'gbot' ||
|
|
packageName.toLowerCase() === 'gbtheme'
|
|
) {
|
|
packageName = `${min.botId}.${packageName}`;
|
|
}
|
|
|
|
if (packageName.indexOf('.') !== -1) {
|
|
cmd1 = `deployPackage ${process.env.STORAGE_SITE} /${GBConfigService.get('STORAGE_LIBRARY')}/${botId}.gbai/${packageName}`;
|
|
} else {
|
|
cmd1 = `deployPackage ${packageName}`;
|
|
}
|
|
if (
|
|
(await (deployer as any).getStoragePackageByName(min.instance.instanceId, packageName)) !== null &&
|
|
!process.env.DONT_DOWNLOAD
|
|
) {
|
|
const cmd2 = `undeployPackage ${packageName}`;
|
|
await GBAdminService.undeployPackageCommand(cmd2, min);
|
|
}
|
|
let sec = new SecService();
|
|
const member = step.context.activity.from;
|
|
const user = await sec.ensureUser(
|
|
min,
|
|
member.id,
|
|
member.name,
|
|
'',
|
|
'web',
|
|
member.name,
|
|
null
|
|
);
|
|
|
|
await GBAdminService.deployPackageCommand(min, user, cmd1, deployer);
|
|
|
|
});
|
|
await min.conversationalService.sendText(min, step, `Training is finished.`);
|
|
|
|
if (!step.activeDialog.state.options.confirm) {
|
|
return await step.replaceDialog('/ask', { isReturning: true });
|
|
} else {
|
|
return await step.endDialog();
|
|
}
|
|
}
|
|
])
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Check if the specified phone can receive a message by running
|
|
* the /broadcast command with specific phone numbers.
|
|
* @param phone Phone number to check (eg.: +5521900002233)
|
|
*/
|
|
public static canPublish(min: GBMinInstance, phone: string): Boolean {
|
|
if (process.env.SECURITY_CAN_PUBLISH !== undefined) {
|
|
let list = process.env.SECURITY_CAN_PUBLISH.split(';');
|
|
|
|
const canPublish = min.core.getParam(min.instance, 'Can Publish', null);
|
|
if (canPublish) {
|
|
list = list.concat(canPublish.split(';'));
|
|
}
|
|
|
|
let result = list.includes(phone);
|
|
|
|
if (!result && min.instance.params) {
|
|
const params = JSON.parse(min.instance.params);
|
|
if (params) {
|
|
return list.includes(params['Can Publish']);
|
|
}
|
|
}
|
|
return result;
|
|
}
|
|
}
|
|
|
|
private static setupSecurityDialogs(min: GBMinInstance) {
|
|
min.dialogs.add(
|
|
new WaterfallDialog('/setupSecurity', [
|
|
async step => {
|
|
const tokenName = step.activeDialog.state.tokenName = step.options['args'];
|
|
if (tokenName) {
|
|
step.activeDialog.state.clientId = min.core.getParam<string>(min.instance, `${tokenName} Client ID`, null),
|
|
step.activeDialog.state.host = min.core.getParam<string>(min.instance, `${tokenName} Host`, null),
|
|
step.activeDialog.state.tenant = min.core.getParam<string>(min.instance, `${tokenName} Tenant`, null)
|
|
}
|
|
if (step.context.activity.channelId !== 'msteams' && process.env.ENABLE_AUTH) {
|
|
return await step.beginDialog('/auth');
|
|
} else {
|
|
return await step.next(step.options);
|
|
}
|
|
},
|
|
|
|
async step => {
|
|
if (step.activeDialog.state.tokenName) {
|
|
return await step.next(step.options);
|
|
}
|
|
|
|
const locale = step.context.activity.locale;
|
|
const prompt = Messages[locale].enter_authenticator_tenant;
|
|
|
|
return await min.conversationalService.prompt(min, step, prompt);
|
|
},
|
|
async step => {
|
|
if (step.activeDialog.state.tokenName) {
|
|
return await step.next(step.options);
|
|
}
|
|
step.activeDialog.state.authenticatorTenant = step.context.activity['originalText'];
|
|
const locale = step.context.activity.locale;
|
|
const prompt = Messages[locale].enter_authenticator_authority_host_url;
|
|
|
|
return await min.conversationalService.prompt(min, step, prompt);
|
|
},
|
|
async step => {
|
|
|
|
step.activeDialog.state.authenticatorAuthorityHostUrl = step.context.activity['originalText'];
|
|
|
|
const tokenName = step.activeDialog.state.tokenName;
|
|
|
|
if (!tokenName) {
|
|
min.instance.authenticatorAuthorityHostUrl = step.activeDialog.state.authenticatorAuthorityHostUrl;
|
|
min.instance.authenticatorTenant = step.activeDialog.state.authenticatorTenant;
|
|
|
|
|
|
await min.adminService.updateSecurityInfo(
|
|
min.instance.instanceId,
|
|
tokenName ? step.activeDialog.state.tenant : step.activeDialog.state.authenticatorTenant,
|
|
tokenName ? step.activeDialog.state.host : step.activeDialog.state.authenticatorAuthorityHostUrl
|
|
);
|
|
}
|
|
const locale = step.context.activity.locale;
|
|
const buf = Buffer.alloc(16);
|
|
const state = `${min.instance.instanceId}${crypto.randomFillSync(buf).toString('hex')}`;
|
|
|
|
min.adminService.setValue(min.instance.instanceId, `${tokenName}AntiCSRFAttackState`, state);
|
|
|
|
const redirectUri = urlJoin(process.env.BOT_URL, min.instance.botId,
|
|
tokenName ? `/token?value=${tokenName}` : '/token');
|
|
const scope = tokenName ? '' : 'https://graph.microsoft.com/.default';
|
|
const host = tokenName ? step.activeDialog.state.host : 'https://login.microsoftonline.com'
|
|
const tenant = tokenName ? step.activeDialog.state.tenant : min.instance.authenticatorTenant;
|
|
const clientId = tokenName ? step.activeDialog.state.clientId : (min.instance.marketplaceId ?
|
|
min.instance.marketplaceId : GBConfigService.get('MARKETPLACE_ID'));
|
|
const oauth2 = tokenName ? 'oauth' : 'oauth2';
|
|
const url = `${host}/${tenant}/${oauth2}/authorize?client_id=${clientId}&response_type=code&redirect_uri=${redirectUri}&scope=${scope}&state=${state}&response_mode=query`;
|
|
|
|
await min.conversationalService.sendText(min, step, Messages[locale].consent(url));
|
|
|
|
return await step.replaceDialog('/ask', { isReturning: true });
|
|
}
|
|
])
|
|
);
|
|
}
|
|
}
|