Merge branch 'develop' into fix/apps-prevent-whole-update

Author: d-gubert

.changeset/chilly-sheep-cover.md

@@ -0,0 +1,8 @@
+---
+'@rocket.chat/rest-typings': minor
+'@rocket.chat/models': minor
+'@rocket.chat/i18n': minor
+'@rocket.chat/meteor': minor
+---
+
+Adds a new endpoint `rooms.hide` to hide rooms of any type when provided with the room's ID

.changeset/cool-coins-agree.md

@@ -0,0 +1,7 @@
+---
+"@rocket.chat/meteor": patch
+"@rocket.chat/model-typings": patch
+"@rocket.chat/models": patch
+---
+
+Fixes a bug that caused routing algorithms to ignore the `Livechat_enabled_when_agent_idle` setting, effectively ignoring idle users from being assigned to inquiries.

.changeset/happy-nails-fry.md

@@ -0,0 +1,7 @@
+---
+"@rocket.chat/meteor": minor
+"@rocket.chat/apps-engine": minor
+"@rocket.chat/apps": minor
+---
+
+Adds a new IPostSystemMessageSent event, that is triggered whenever a new System Message is sent

.changeset/light-yaks-drive.md

@@ -0,0 +1,6 @@
+---
+'@rocket.chat/i18n': minor
+'@rocket.chat/meteor': minor
+---
+
+Implements a modal to let users know about VoIP calls in direct messages and missing configurations.

apps/meteor/app/api/server/v1/channels.ts

@@ -1,5 +1,5 @@
 import { Team, Room } from '@rocket.chat/core-services';
-import type { IRoom, ISubscription, IUser, RoomType } from '@rocket.chat/core-typings';
+import { TEAM_TYPE, type IRoom, type ISubscription, type IUser, type RoomType } from '@rocket.chat/core-typings';
 import { Integrations, Messages, Rooms, Subscriptions, Uploads, Users } from '@rocket.chat/models';
 import {
 	isChannelsAddAllProps,
@@ -302,6 +302,10 @@ API.v1.addRoute(
 				...(pinned && pinned.toLowerCase() === 'true' ? { pinned: true } : {}),
 			};
 
+			if (!(await canAccessRoomAsync(findResult, { _id: this.userId }))) {
+				return API.v1.forbidden();
+			}
+
 			// Special check for the permissions
 			if (
 				(await hasPermissionAsync(this.userId, 'view-joined-room')) &&
@@ -453,6 +457,10 @@ API.v1.addRoute(
 
 			const findResult = await findChannelByIdOrName({ params });
 
+			if (!(await canAccessRoomAsync(findResult, { _id: this.userId }))) {
+				return API.v1.forbidden();
+			}
+
 			const moderators = (
 				await Subscriptions.findByRoomIdAndRoles(findResult._id, ['moderator'], {
 					projection: { u: 1 },
@@ -859,6 +867,10 @@ API.v1.addRoute(
 				checkedArchived: false,
 			});
 
+			if (!(await canAccessRoomAsync(findResult, { _id: this.userId }))) {
+				return API.v1.forbidden();
+			}
+
 			let includeAllPublicChannels = true;
 			if (typeof this.queryParams.includeAllPublicChannels !== 'undefined') {
 				includeAllPublicChannels = this.queryParams.includeAllPublicChannels === 'true';
@@ -904,12 +916,18 @@ API.v1.addRoute(
 	{ authRequired: true },
 	{
 		async get() {
+			const findResult = await findChannelByIdOrName({
+				params: this.queryParams,
+				checkedArchived: false,
+				userId: this.userId,
+			});
+
+			if (!(await canAccessRoomAsync(findResult, { _id: this.userId }))) {
+				return API.v1.forbidden();
+			}
+
 			return API.v1.success({
-				channel: await findChannelByIdOrName({
-					params: this.queryParams,
-					checkedArchived: false,
-					userId: this.userId,
-				}),
+				channel: findResult,
 			});
 		},
 	},
@@ -1058,6 +1076,10 @@ API.v1.addRoute(
 				checkedArchived: false,
 			});
 
+			if (!(await canAccessRoomAsync(findResult, { _id: this.userId }))) {
+				return API.v1.forbidden();
+			}
+
 			if (findResult.broadcast && !(await hasPermissionAsync(this.userId, 'view-broadcast-member-list', findResult._id))) {
 				return API.v1.forbidden();
 			}
@@ -1416,7 +1438,7 @@ API.v1.addRoute(
 
 API.v1.addRoute(
 	'channels.anonymousread',
-	{ authRequired: false },
+	{ authOrAnonRequired: true },
 	{
 		async get() {
 			const findResult = await findChannelByIdOrName({
@@ -1434,6 +1456,16 @@ API.v1.addRoute(
 				});
 			}
 
+			// Public rooms of private teams should be accessible only by team members
+			if (findResult.teamId) {
+				const team = await Team.getOneById(findResult.teamId);
+				if (team?.type === TEAM_TYPE.PRIVATE) {
+					if (!this.userId || !(await canAccessRoomAsync(findResult, { _id: this.userId }))) {
+						return API.v1.notFound('Room not found');
+					}
+				}
+			}
+
 			const { cursor, totalCount } = await Messages.findPaginated(ourQuery, {
 				sort: sort || { ts: -1 },
 				skip: offset,

apps/meteor/app/api/server/v1/rooms.ts

@@ -12,6 +12,7 @@ import {
 	isRoomsCleanHistoryProps,
 	isRoomsOpenProps,
 	isRoomsMembersOrderedByRoleProps,
+	isRoomsHideProps,
 } from '@rocket.chat/rest-typings';
 import { Meteor } from 'meteor/meteor';
 
@@ -21,6 +22,7 @@ import * as dataExport from '../../../../server/lib/dataExport';
 import { eraseRoom } from '../../../../server/lib/eraseRoom';
 import { findUsersOfRoomOrderedByRole } from '../../../../server/lib/findUsersOfRoomOrderedByRole';
 import { openRoom } from '../../../../server/lib/openRoom';
+import { hideRoomMethod } from '../../../../server/methods/hideRoom';
 import { muteUserInRoom } from '../../../../server/methods/muteUserInRoom';
 import { unmuteUserInRoom } from '../../../../server/methods/unmuteUserInRoom';
 import { canAccessRoomAsync, canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';
@@ -962,3 +964,31 @@ API.v1.addRoute(
 		},
 	},
 );
+
+API.v1.addRoute(
+	'rooms.hide',
+	{ authRequired: true, validateParams: isRoomsHideProps },
+	{
+		async post() {
+			const { roomId } = this.bodyParams;
+
+			if (!(await canAccessRoomIdAsync(roomId, this.userId))) {
+				return API.v1.unauthorized();
+			}
+
+			const user = await Users.findOneById(this.userId, { projections: { _id: 1 } });
+
+			if (!user) {
+				return API.v1.failure('error-invalid-user');
+			}
+
+			const modCount = await hideRoomMethod(this.userId, roomId);
+
+			if (!modCount) {
+				return API.v1.failure('error-room-already-hidden');
+			}
+
+			return API.v1.success();
+		},
+	},
+);

apps/meteor/app/apps/server/bridges/listeners.js

@@ -10,6 +10,7 @@ export class AppListenerBridge {
 		// eslint-disable-next-line complexity
 		const method = (() => {
 			switch (event) {
+				case AppInterface.IPostSystemMessageSent:
 				case AppInterface.IPreMessageSentPrevent:
 				case AppInterface.IPreMessageSentExtend:
 				case AppInterface.IPreMessageSentModify:

apps/meteor/app/apps/server/converters/messages.js

@@ -48,6 +48,7 @@ export class AppMessagesConverter {
 			attachments: getAttachments,
 			sender: 'u',
 			threadMsgCount: 'tcount',
+			type: 't',
 		};
 
 		return transformMappedData(message, map);
@@ -91,6 +92,7 @@ export class AppMessagesConverter {
 			groupable: 'groupable',
 			token: 'token',
 			blocks: 'blocks',
+			type: 't',
 			room: async (message) => {
 				const result = await cache.get('room')(message.rid);
 				delete message.rid;

apps/meteor/app/dolphin/client/hooks/useDolphin.ts

@@ -0,0 +1,31 @@
+import { useSetting } from '@rocket.chat/ui-contexts';
+import { useEffect } from 'react';
+
+import { CustomOAuth } from '../../../custom-oauth/client/CustomOAuth';
+
+const config = {
+	serverURL: '',
+	authorizePath: '/m/oauth2/auth/',
+	tokenPath: '/m/oauth2/token/',
+	identityPath: '/m/oauth2/api/me/',
+	scope: 'basic',
+	addAutopublishFields: {
+		forLoggedInUser: ['services.dolphin'],
+		forOtherUsers: ['services.dolphin.name'],
+	},
+	accessTokenParam: 'access_token',
+};
+
+const Dolphin = new CustomOAuth('dolphin', config);
+
+export const useDolphin = () => {
+	const enabled = useSetting('Accounts_OAuth_Dolphin');
+	const url = useSetting('Accounts_OAuth_Dolphin_URL') as string;
+
+	useEffect(() => {
+		if (enabled) {
+			config.serverURL = url;
+			Dolphin.configure(config);
+		}
+	}, [enabled, url]);
+};