Merge branch 'release/1.22.0'

.codeclimate.yml

@@ -17,7 +17,11 @@ checks:
   method-count:
     enabled: true
     config:
-      threshold: 25
+      threshold: 30
+  file-lines:
+    enabled: true
+    config:
+      threshold: 300
 exclude_patterns:
   - "spec/"
   - "**/specs/"

.rubocop.yml

@@ -14,6 +14,7 @@ Metrics/ClassLength:
     - 'app/mailers/conversation_reply_mailer.rb'
     - 'app/models/message.rb'
     - 'app/builders/messages/facebook/message_builder.rb'
+    - 'app/controllers/api/v1/accounts/contacts_controller.rb'
 RSpec/ExampleLength:
   Max: 25
 Style/Documentation:

Gemfile

@@ -144,6 +144,8 @@ group :test do
   gem 'cypress-on-rails', '~> 1.0'
   # fast cleaning of database
   gem 'database_cleaner'
+  # mock http calls
+  gem 'webmock'
 end
 
 group :development, :test do
@@ -155,6 +157,7 @@ group :development, :test do
   gem 'active_record_query_trace'
   gem 'bundle-audit', require: false
   gem 'byebug', platform: :mri
+  gem 'climate_control'
   gem 'factory_bot_rails'
   gem 'faker'
   gem 'listen'
@@ -170,5 +173,4 @@ group :development, :test do
   gem 'simplecov', '0.17.1', require: false
   gem 'spring'
   gem 'spring-watcher-listen'
-  gem 'webmock'
 end

Gemfile.lock

@@ -133,6 +133,7 @@ GEM
       bundler (>= 1.2.0, < 3)
       thor (~> 1.0)
     byebug (11.1.3)
+    climate_control (1.0.1)
     coderay (1.1.3)
     commonmarker (0.23.2)
     concurrent-ruby (1.1.9)
@@ -657,6 +658,7 @@ DEPENDENCIES
   bullet
   bundle-audit
   byebug
+  climate_control
   commonmarker
   cypress-on-rails (~> 1.0)
   database_cleaner

app/builders/messages/instagram/message_builder.rb

@@ -38,6 +38,10 @@ def message_type
     @outgoing_echo ? :outgoing : :incoming
   end
 
+  def message_identifier
+    message[:mid]
+  end
+
   def message_source_id
     @outgoing_echo ? recipient_id : sender_id
   end
@@ -66,10 +70,6 @@ def message_content
     @messaging[:message][:text]
   end
 
-  def content_attributes
-    { message_id: @messaging[:message][:mid] }
-  end
-
   def build_message
     return if @outgoing_echo && already_sent_from_chatwoot?
 
@@ -103,22 +103,17 @@ def message_params
       account_id: conversation.account_id,
       inbox_id: conversation.inbox_id,
       message_type: message_type,
-      source_id: message_source_id,
+      source_id: message_identifier,
       content: message_content,
-      content_attributes: content_attributes,
       sender: @outgoing_echo ? nil : contact
     }
   end
 
   def already_sent_from_chatwoot?
     cw_message = conversation.messages.where(
-      source_id: nil,
-      message_type: 'outgoing',
-      content: message_content,
-      private: false,
-      status: :sent
+      source_id: @messaging[:message][:mid]
     ).first
-    cw_message.update(content_attributes: content_attributes) if cw_message.present?
+
     cw_message.present?
   end
 

app/controllers/api/v1/accounts/contacts/base_controller.rb

@@ -0,0 +1,9 @@
+class Api::V1::Accounts::Contacts::BaseController < Api::V1::Accounts::BaseController
+  before_action :ensure_contact
+
+  private
+
+  def ensure_contact
+    @contact = Current.account.contacts.find(params[:contact_id])
+  end
+end

app/controllers/api/v1/accounts/contacts/contact_inboxes_controller.rb

@@ -1,5 +1,4 @@
-class Api::V1::Accounts::Contacts::ContactInboxesController < Api::V1::Accounts::BaseController
-  before_action :ensure_contact
+class Api::V1::Accounts::Contacts::ContactInboxesController < Api::V1::Accounts::Contacts::BaseController
   before_action :ensure_inbox, only: [:create]
 
   def create
@@ -13,8 +12,4 @@ def ensure_inbox
     @inbox = Current.account.inboxes.find(params[:inbox_id])
     authorize @inbox, :show?
   end
-
-  def ensure_contact
-    @contact = Current.account.contacts.find(params[:contact_id])
-  end
 end

app/controllers/api/v1/accounts/contacts/conversations_controller.rb

@@ -1,8 +1,8 @@
-class Api::V1::Accounts::Contacts::ConversationsController < Api::V1::Accounts::BaseController
+class Api::V1::Accounts::Contacts::ConversationsController < Api::V1::Accounts::Contacts::BaseController
   def index
     @conversations = Current.account.conversations.includes(
       :assignee, :contact, :inbox, :taggings
-    ).where(inbox_id: inbox_ids, contact_id: permitted_params[:contact_id])
+    ).where(inbox_id: inbox_ids, contact_id: @contact.id)
   end
 
   private
@@ -14,8 +14,4 @@ def inbox_ids
       []
     end
   end
-
-  def permitted_params
-    params.permit(:contact_id)
-  end
 end

app/controllers/api/v1/accounts/contacts/labels_controller.rb

@@ -1,13 +1,13 @@
-class Api::V1::Accounts::Contacts::LabelsController < Api::V1::Accounts::BaseController
+class Api::V1::Accounts::Contacts::LabelsController < Api::V1::Accounts::Contacts::BaseController
   include LabelConcern
 
   private
 
   def model
-    @model ||= Current.account.contacts.find(permitted_params[:contact_id])
+    @model ||= @contact
   end
 
   def permitted_params
-    params.permit(:contact_id, labels: [])
+    params.permit(labels: [])
   end
 end

app/controllers/api/v1/accounts/contacts/notes_controller.rb

@@ -0,0 +1,32 @@
+class Api::V1::Accounts::Contacts::NotesController < Api::V1::Accounts::Contacts::BaseController
+  before_action :note, except: [:index, :create]
+
+  def index
+    @notes = @contact.notes.latest.includes(:user)
+  end
+
+  def create
+    @note = @contact.notes.create!(note_params)
+  end
+
+  def destroy
+    @note.destroy
+    head :ok
+  end
+
+  def show; end
+
+  def update
+    @note.update(note_params)
+  end
+
+  private
+
+  def note
+    @note ||= @contact.notes.find(params[:id])
+  end
+
+  def note_params
+    params.require(:note).permit(:content).merge({ contact_id: @contact.id, user_id: Current.user.id })
+  end
+end

app/controllers/api/v1/accounts/contacts_controller.rb

@@ -1,16 +1,18 @@
 class Api::V1::Accounts::ContactsController < Api::V1::Accounts::BaseController
   include Sift
-
   sort_on :email, type: :string
-  sort_on :name, type: :string
+  sort_on :name, internal_name: :order_on_name, type: :scope, scope_params: [:direction]
   sort_on :phone_number, type: :string
-  sort_on :last_activity_at, type: :datetime
+  sort_on :last_activity_at, internal_name: :order_on_last_activity_at, type: :scope, scope_params: [:direction]
+  sort_on :company, internal_name: :order_on_company_name, type: :scope, scope_params: [:direction]
+  sort_on :city, internal_name: :order_on_city, type: :scope, scope_params: [:direction]
+  sort_on :country, internal_name: :order_on_country_name, type: :scope, scope_params: [:direction]
 
   RESULTS_PER_PAGE = 15
 
   before_action :check_authorization
   before_action :set_current_page, only: [:index, :active, :search]
-  before_action :fetch_contact, only: [:show, :update, :destroy, :contactable_inboxes]
+  before_action :fetch_contact, only: [:show, :update, :destroy, :contactable_inboxes, :destroy_custom_attributes]
   before_action :set_include_contact_inboxes, only: [:index, :search]
 
   def index
@@ -50,11 +52,24 @@ def active
 
   def show; end
 
+  def filter
+    result = ::Contacts::FilterService.new(params.permit!, current_user).perform
+    contacts = result[:contacts]
+    @contacts_count = result[:count]
+    @contacts = fetch_contacts_with_conversation_count(contacts)
+  end
+
   def contactable_inboxes
     @all_contactable_inboxes = Contacts::ContactableInboxesService.new(contact: @contact).get
     @contactable_inboxes = @all_contactable_inboxes.select { |contactable_inbox| policy(contactable_inbox[:inbox]).show? }
   end
 
+  # TODO : refactor this method into dedicated contacts/custom_attributes controller class and routes
+  def destroy_custom_attributes
+    @contact.custom_attributes = @contact.custom_attributes.excluding(params[:custom_attributes])
+    @contact.save!
+  end
+
   def create
     ActiveRecord::Base.transaction do
       @contact = Current.account.contacts.new(contact_params)
@@ -91,10 +106,8 @@ def destroy
   def resolved_contacts
     return @resolved_contacts if @resolved_contacts
 
-    @resolved_contacts = Current.account.contacts
-                                .where.not(email: [nil, ''])
-                                .or(Current.account.contacts.where.not(phone_number: [nil, '']))
-                                .or(Current.account.contacts.where.not(identifier: [nil, '']))
+    @resolved_contacts = Current.account.contacts.resolved_contacts
+
     @resolved_contacts = @resolved_contacts.tagged_with(params[:labels], any: true) if params[:labels].present?
     @resolved_contacts
   end

app/controllers/api/v1/accounts/conversations_controller.rb

@@ -2,7 +2,7 @@ class Api::V1::Accounts::ConversationsController < Api::V1::Accounts::BaseContro
   include Events::Types
   include DateRangeHelper
 
-  before_action :conversation, except: [:index, :meta, :search, :create]
+  before_action :conversation, except: [:index, :meta, :search, :create, :filter]
   before_action :contact_inbox, only: [:create]
 
   def index
@@ -31,6 +31,12 @@ def create
 
   def show; end
 
+  def filter
+    result = ::Conversations::FilterService.new(params.permit!, current_user).perform
+    @conversations = result[:conversations]
+    @conversations_count = result[:count]
+  end
+
   def mute
     @conversation.mute!
     head :ok
@@ -60,9 +66,9 @@ def toggle_status
   def toggle_typing_status
     case params[:typing_status]
     when 'on'
-      trigger_typing_event(CONVERSATION_TYPING_ON)
+      trigger_typing_event(CONVERSATION_TYPING_ON, params[:is_private])
     when 'off'
-      trigger_typing_event(CONVERSATION_TYPING_OFF)
+      trigger_typing_event(CONVERSATION_TYPING_OFF, params[:is_private])
     end
     head :ok
   end
@@ -86,9 +92,9 @@ def set_conversation_status
     @conversation.snoozed_until = parse_date_time(params[:snoozed_until].to_s) if params[:snoozed_until]
   end
 
-  def trigger_typing_event(event)
+  def trigger_typing_event(event, is_private)
     user = current_user.presence || @resource
-    Rails.configuration.dispatcher.dispatch(event, Time.zone.now, conversation: @conversation, user: user)
+    Rails.configuration.dispatcher.dispatch(event, Time.zone.now, conversation: @conversation, user: user, is_private: is_private)
   end
 
   def conversation

app/controllers/api/v1/accounts/custom_attribute_definitions_controller.rb

@@ -25,9 +25,7 @@ def destroy
   private
 
   def fetch_custom_attributes_definitions
-    @custom_attribute_definitions = Current.account.custom_attribute_definitions.where(
-      attribute_model: permitted_params[:attribute_model] || DEFAULT_ATTRIBUTE_MODEL
-    )
+    @custom_attribute_definitions = Current.account.custom_attribute_definitions.with_attribute_model(permitted_params[:attribute_model])
   end
 
   def fetch_custom_attribute_definition

app/controllers/api/v1/accounts/inboxes_controller.rb

@@ -43,7 +43,11 @@ def update
     @inbox.update_working_hours(params.permit(working_hours: Inbox::OFFISABLE_ATTRS)[:working_hours]) if params[:working_hours]
 
     channel_attributes = get_channel_attributes(@inbox.channel_type)
-    @inbox.channel.update!(permitted_params(channel_attributes)[:channel]) if permitted_params(channel_attributes)[:channel].present?
+
+    # Inbox update doesn't necessarily need channel attributes
+    return if permitted_params(channel_attributes)[:channel].blank?
+
+    @inbox.channel.update!(permitted_params(channel_attributes)[:channel])
     update_channel_feature_flags
   end
 

app/controllers/api/v1/accounts_controller.rb

@@ -55,7 +55,7 @@ def account_params
   end
 
   def check_signup_enabled
-    raise ActionController::RoutingError, 'Not Found' if ENV.fetch('ENABLE_ACCOUNT_SIGNUP', true) == 'false'
+    raise ActionController::RoutingError, 'Not Found' if GlobalConfig.get_value('ENABLE_ACCOUNT_SIGNUP') == 'false'
   end
 
   def pundit_user

app/controllers/api/v1/widget/contacts_controller.rb

@@ -11,11 +11,19 @@ def update
     render json: contact_identify_action.perform
   end
 
+  # TODO : clean up this with proper routes delete contacts/custom_attributes
+  def destroy_custom_attributes
+    @contact.custom_attributes = @contact.custom_attributes.excluding(params[:custom_attributes])
+    @contact.save!
+    render json: @contact
+  end
+
   private
 
   def process_hmac
-    return if params[:identifier_hash].blank?
-    raise StandardError, 'HMAC failed: Invalid Identifier Hash Provided' unless valid_hmac?
+    return if params[:identifier_hash].blank? && !@web_widget.hmac_mandatory
+
+    render json: { error: 'HMAC failed: Invalid Identifier Hash Provided' }, status: :unauthorized unless valid_hmac?
 
     @contact_inbox.update(hmac_verified: true)
   end

app/controllers/dashboard_controller.rb

@@ -27,7 +27,9 @@ def set_global_config
       'ANALYTICS_TOKEN',
       'ANALYTICS_HOST'
     ).merge(
-      APP_VERSION: Chatwoot.config[:version]
+      APP_VERSION: Chatwoot.config[:version],
+      VAPID_PUBLIC_KEY: VapidService.public_key,
+      ENABLE_ACCOUNT_SIGNUP: GlobalConfigService.load('ENABLE_ACCOUNT_SIGNUP', 'false')
     )
   end
 

app/javascript/dashboard/api/attributes.js

@@ -6,8 +6,8 @@ class AttributeAPI extends ApiClient {
     super('custom_attribute_definitions', { accountScoped: true });
   }
 
-  getAttributesByModel(modelId) {
-    return axios.get(`${this.url}?attribute_model=${modelId}`);
+  getAttributesByModel() {
+    return axios.get(this.url);
   }
 }