Merge remote-tracking branch 'origin/develop' into dependabot/npm_and…

…_yarn/multi-44d73fd4e1
RocketChat · Nov 25, 2024 · 223ee12 · 223ee12
2 parents 3741cd1 + a27a9c4
commit 223ee12
Show file tree

Hide file tree

Showing 123 changed files with 1,785 additions and 653 deletions.
diff --git a/.changeset/lazy-avocados-whisper.md b/.changeset/lazy-avocados-whisper.md
@@ -0,0 +1,6 @@
+---
+"@rocket.chat/meteor": minor
+"@rocket.chat/i18n": minor
+---
+
+Improves thread metrics featuring user avatars, better titles and repositioned elements.
diff --git a/.changeset/three-dragons-brush.md b/.changeset/three-dragons-brush.md
@@ -0,0 +1,8 @@
+---
+'@rocket.chat/apps-engine': minor
+'@rocket.chat/livechat': minor
+'@rocket.chat/i18n': minor
+'@rocket.chat/meteor': minor
+---
+
+Prevent apps' subprocesses from crashing on unhandled rejections or uncaught exceptions
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -2,6 +2,8 @@ name: 'Code scanning - action'
 
 on:
   push:
+    branches-ignore:
+      - dependabot/**
   pull_request:
   schedule:
     - cron: '0 13 * * *'

diff --git a/apps/meteor/app/api/server/lib/users.ts b/apps/meteor/app/api/server/lib/users.ts
@@ -183,20 +183,22 @@ export async function findPaginatedUsersByStatus({
 		...(canSeeExtension ? { freeSwitchExtension: 1 } : {}),
 	};
 
-	match.$or = [
-		...(canSeeAllUserInfo ? [{ 'emails.address': { $regex: escapeRegExp(searchTerm || ''), $options: 'i' } }] : []),
-		{
-			username: { $regex: escapeRegExp(searchTerm || ''), $options: 'i' },
-		},
-		{
-			name: { $regex: escapeRegExp(searchTerm || ''), $options: 'i' },
-		},
-	];
+	if (searchTerm?.trim()) {
+		match.$or = [
+			...(canSeeAllUserInfo ? [{ 'emails.address': { $regex: escapeRegExp(searchTerm || ''), $options: 'i' } }] : []),
+			{
+				username: { $regex: escapeRegExp(searchTerm || ''), $options: 'i' },
+			},
+			{
+				name: { $regex: escapeRegExp(searchTerm || ''), $options: 'i' },
+			},
+		];
+	}
 	if (roles?.length && !roles.includes('all')) {
 		match.roles = { $in: roles };
 	}
 
-	const { cursor, totalCount } = await Users.findPaginated(
+	const { cursor, totalCount } = Users.findPaginated(
 		{
 			...match,
 		},

diff --git a/apps/meteor/app/api/server/v1/assets.ts b/apps/meteor/app/api/server/v1/assets.ts
@@ -1,6 +1,7 @@
 import { Settings } from '@rocket.chat/models';
 import { isAssetsUnsetAssetProps } from '@rocket.chat/rest-typings';
 
+import { updateAuditedByUser } from '../../../../server/settings/lib/auditedSettingUpdates';
 import { RocketChatAssets, refreshClients } from '../../../assets/server';
 import { notifyOnSettingChangedById } from '../../../lib/server/lib/notifyListener';
 import { settings } from '../../../settings/server';
@@ -36,7 +37,12 @@ API.v1.addRoute(
 
 			const { key, value } = await RocketChatAssets.setAssetWithBuffer(fileBuffer, mimetype, assetName);
 
-			const { modifiedCount } = await Settings.updateValueById(key, value);
+			const { modifiedCount } = await updateAuditedByUser({
+				_id: this.userId,
+				username: this.user.username!,
+				ip: this.requestIp,
+				useragent: this.request.headers['user-agent'] || '',
+			})(Settings.updateValueById, key, value);
 
 			if (modifiedCount) {
 				void notifyOnSettingChangedById(key);
@@ -68,7 +74,12 @@ API.v1.addRoute(
 
 			const { key, value } = await RocketChatAssets.unsetAsset(assetName);
 
-			const { modifiedCount } = await Settings.updateValueById(key, value);
+			const { modifiedCount } = await updateAuditedByUser({
+				_id: this.userId,
+				username: this.user.username!,
+				ip: this.requestIp,
+				useragent: this.request.headers['user-agent'] || '',
+			})(Settings.updateValueById, key, value);
 
 			if (modifiedCount) {
 				void notifyOnSettingChangedById(key);

diff --git a/apps/meteor/app/api/server/v1/chat.ts b/apps/meteor/app/api/server/v1/chat.ts
@@ -1,5 +1,5 @@
 import { Message } from '@rocket.chat/core-services';
-import type { IMessage } from '@rocket.chat/core-typings';
+import type { IMessage, IThreadMainMessage } from '@rocket.chat/core-typings';
 import { Messages, Users, Rooms, Subscriptions } from '@rocket.chat/models';
 import {
 	isChatReportMessageProps,
@@ -550,7 +550,7 @@ API.v1.addRoute(
 			};
 
 			const threadQuery = { ...query, ...typeThread, rid: room._id, tcount: { $exists: true } };
-			const { cursor, totalCount } = await Messages.findPaginated(threadQuery, {
+			const { cursor, totalCount } = await Messages.findPaginated<IThreadMainMessage>(threadQuery, {
 				sort: sort || { tlm: -1 },
 				skip: offset,
 				limit: count,

diff --git a/apps/meteor/app/api/server/v1/misc.ts b/apps/meteor/app/api/server/v1/misc.ts
@@ -20,6 +20,7 @@ import { v4 as uuidv4 } from 'uuid';
 
 import { i18n } from '../../../../server/lib/i18n';
 import { SystemLogger } from '../../../../server/lib/logger/system';
+import { resetAuditedSettingByUser, updateAuditedByUser } from '../../../../server/settings/lib/auditedSettingUpdates';
 import { getLogs } from '../../../../server/stream/stdout';
 import { passwordPolicy } from '../../../lib/server';
 import { notifyOnSettingChangedById } from '../../../lib/server/lib/notifyListener';
@@ -683,20 +684,32 @@ API.v1.addRoute(
 
 			settingsIds.push('Deployment_FingerPrint_Verified');
 
+			const auditSettingOperation = updateAuditedByUser({
+				_id: this.userId,
+				username: this.user.username!,
+				ip: this.requestIp,
+				useragent: this.request.headers['user-agent'] || '',
+			});
+
 			const promises = settingsIds.map((settingId) => {
 				if (settingId === 'uniqueID') {
-					return Settings.resetValueById('uniqueID', process.env.DEPLOYMENT_ID || uuidv4());
+					return auditSettingOperation(Settings.resetValueById, 'uniqueID', process.env.DEPLOYMENT_ID || uuidv4());
 				}
 
 				if (settingId === 'Cloud_Workspace_Access_Token_Expires_At') {
-					return Settings.resetValueById('Cloud_Workspace_Access_Token_Expires_At', new Date(0));
+					return auditSettingOperation(Settings.resetValueById, 'Cloud_Workspace_Access_Token_Expires_At', new Date(0));
 				}
 
 				if (settingId === 'Deployment_FingerPrint_Verified') {
-					return Settings.updateValueById('Deployment_FingerPrint_Verified', true);
+					return auditSettingOperation(Settings.updateValueById, 'Deployment_FingerPrint_Verified', true);
 				}
 
-				return Settings.resetValueById(settingId);
+				return resetAuditedSettingByUser({
+					_id: this.userId,
+					username: this.user.username!,
+					ip: this.requestIp,
+					useragent: this.request.headers['user-agent'] || '',
+				})(Settings.resetValueById, settingId);
 			});
 
 			(await Promise.all(promises)).forEach((value, index) => {

diff --git a/apps/meteor/app/api/server/v1/settings.ts b/apps/meteor/app/api/server/v1/settings.ts
@@ -17,6 +17,7 @@ import { Meteor } from 'meteor/meteor';
 import type { FindOptions } from 'mongodb';
 import _ from 'underscore';
 
+import { updateAuditedByUser } from '../../../../server/settings/lib/auditedSettingUpdates';
 import { hasPermissionAsync } from '../../../authorization/server/functions/hasPermission';
 import { disableCustomScripts } from '../../../lib/server/functions/disableCustomScripts';
 import { notifyOnSettingChanged, notifyOnSettingChangedById } from '../../../lib/server/lib/notifyListener';
@@ -200,9 +201,16 @@ API.v1.addRoute(
 					return API.v1.success();
 				}
 
+				const auditSettingOperation = updateAuditedByUser({
+					_id: this.userId,
+					username: this.user.username!,
+					ip: this.requestIp,
+					useragent: this.request.headers['user-agent'] || '',
+				});
+
 				if (isSettingColor(setting) && isSettingsUpdatePropsColor(this.bodyParams)) {
 					const updateOptionsPromise = Settings.updateOptionsById<ISettingColor>(this.urlParams._id, { editor: this.bodyParams.editor });
-					const updateValuePromise = Settings.updateValueNotHiddenById(this.urlParams._id, this.bodyParams.value);
+					const updateValuePromise = auditSettingOperation(Settings.updateValueNotHiddenById, this.urlParams._id, this.bodyParams.value);
 
 					const [updateOptionsResult, updateValueResult] = await Promise.all([updateOptionsPromise, updateValuePromise]);
 
@@ -214,7 +222,12 @@ API.v1.addRoute(
 				}
 
 				if (isSettingsUpdatePropDefault(this.bodyParams)) {
-					const { matchedCount } = await Settings.updateValueNotHiddenById(this.urlParams._id, this.bodyParams.value);
+					const { matchedCount } = await auditSettingOperation(
+						Settings.updateValueNotHiddenById,
+						this.urlParams._id,
+						this.bodyParams.value,
+					);
+
 					if (!matchedCount) {
 						return API.v1.failure();
 					}

diff --git a/apps/meteor/app/apps/server/bridges/settings.ts b/apps/meteor/app/apps/server/bridges/settings.ts
@@ -3,6 +3,7 @@ import type { ISetting } from '@rocket.chat/apps-engine/definition/settings';
 import { ServerSettingBridge } from '@rocket.chat/apps-engine/server/bridges/ServerSettingBridge';
 import { Settings } from '@rocket.chat/models';
 
+import { updateAuditedByApp } from '../../../../server/settings/lib/auditedSettingUpdates';
 import { notifyOnSettingChanged, notifyOnSettingChangedById } from '../../../lib/server/lib/notifyListener';
 
 export class AppSettingBridge extends ServerSettingBridge {
@@ -56,7 +57,15 @@ export class AppSettingBridge extends ServerSettingBridge {
 			throw new Error(`The setting "${setting.id}" is not readable.`);
 		}
 
-		(await Settings.updateValueById(setting.id, setting.value)).modifiedCount && void notifyOnSettingChangedById(setting.id);
+		if (
+			(
+				await updateAuditedByApp({
+					_id: appId,
+				})(Settings.updateValueById, setting.id, setting.value)
+			).modifiedCount
+		) {
+			void notifyOnSettingChangedById(setting.id);
+		}
 	}
 
 	protected async incrementValue(id: string, value: number, appId: string): Promise<void> {

diff --git a/apps/meteor/app/authentication/server/startup/index.js b/apps/meteor/app/authentication/server/startup/index.js
@@ -338,6 +338,7 @@ Accounts.insertUserDoc = async function (options, user) {
 		if (!roles.includes('admin') && !hasAdmin) {
 			roles.push('admin');
 			if (settings.get('Show_Setup_Wizard') === 'pending') {
+				// TODO: audit
 				(await Settings.updateValueById('Show_Setup_Wizard', 'in_progress')).modifiedCount &&
 					void notifyOnSettingChangedById('Show_Setup_Wizard');
 			}

diff --git a/apps/meteor/app/cloud/server/functions/getOAuthAuthorizationUrl.ts b/apps/meteor/app/cloud/server/functions/getOAuthAuthorizationUrl.ts
@@ -1,6 +1,7 @@
 import { Settings } from '@rocket.chat/models';
 import { Random } from '@rocket.chat/random';
 
+import { updateAuditedBySystem } from '../../../../server/settings/lib/auditedSettingUpdates';
 import { notifyOnSettingChangedById } from '../../../lib/server/lib/notifyListener';
 import { settings } from '../../../settings/server';
 import { userScopes } from '../oauthScopes';
@@ -9,7 +10,9 @@ import { getRedirectUri } from './getRedirectUri';
 export async function getOAuthAuthorizationUrl() {
 	const state = Random.id();
 
-	await Settings.updateValueById('Cloud_Workspace_Registration_State', state);
+	await updateAuditedBySystem({
+		reason: 'getOAuthAuthorizationUrl',
+	})(Settings.updateValueById, 'Cloud_Workspace_Registration_State', state);
 
 	void notifyOnSettingChangedById('Cloud_Workspace_Registration_State');
 

diff --git a/apps/meteor/app/cloud/server/functions/removeWorkspaceRegistrationInfo.ts b/apps/meteor/app/cloud/server/functions/removeWorkspaceRegistrationInfo.ts
@@ -1,6 +1,7 @@
 import { Settings, WorkspaceCredentials } from '@rocket.chat/models';
 
 import { retrieveRegistrationStatus } from './retrieveRegistrationStatus';
+import { updateAuditedBySystem } from '../../../../server/settings/lib/auditedSettingUpdates';
 import { notifyOnSettingChangedById } from '../../../lib/server/lib/notifyListener';
 
 export async function removeWorkspaceRegistrationInfo() {
@@ -24,10 +25,12 @@ export async function removeWorkspaceRegistrationInfo() {
 
 	const promises = settingsIds.map((settingId) => {
 		if (settingId === 'Show_Setup_Wizard') {
-			return Settings.updateValueById('Show_Setup_Wizard', 'in_progress');
+			return updateAuditedBySystem({
+				reason: 'removeWorkspaceRegistrationInfo',
+			})(Settings.updateValueById, 'Show_Setup_Wizard', 'in_progress');
 		}
 
-		return Settings.resetValueById(settingId, null);
+		return updateAuditedBySystem({ reason: 'removeWorkspaceRegistrationInfo' })(Settings.resetValueById, settingId, null);
 	});
 
 	(await Promise.all(promises)).forEach((value, index) => {

diff --git a/apps/meteor/app/cloud/server/functions/saveRegistrationData.ts b/apps/meteor/app/cloud/server/functions/saveRegistrationData.ts
@@ -2,6 +2,7 @@ import { applyLicense } from '@rocket.chat/license';
 import { Settings } from '@rocket.chat/models';
 
 import { syncCloudData } from './syncWorkspace/syncCloudData';
+import { updateAuditedBySystem } from '../../../../server/settings/lib/auditedSettingUpdates';
 import { notifyOnSettingChangedById } from '../../../lib/server/lib/notifyListener';
 import { settings } from '../../../settings/server';
 
@@ -59,15 +60,24 @@ async function saveRegistrationDataBase({
 		{ _id: 'Cloud_Workspace_Registration_Client_Uri', value: registration_client_uri },
 	];
 
-	const promises = [...settingsData.map(({ _id, value }) => Settings.updateValueById(_id, value))];
+	const promises = [
+		...settingsData.map(({ _id, value }) =>
+			updateAuditedBySystem({
+				reason: 'saveRegistrationDataBase',
+			})(Settings.updateValueById, _id, value),
+		),
+	];
 
 	(await Promise.all(promises)).forEach((value, index) => {
 		if (value?.modifiedCount) {
 			void notifyOnSettingChangedById(settingsData[index]._id);
 		}
 	});
 
-	// TODO: Why is this taking so long that needs a timeout?
+	// Question: Why is this taking so long that needs a timeout?
+	// Answer: we use cache that requires a 'roundtrip' through the db and the application
+	// we need to make sure that the cache is updated before we continue the procedures
+	// we don't actually need to wait a whole second for this, but look this is just a retry mechanism it doesn't mean that actually takes all this time
 	for await (const retry of Array.from({ length: 10 })) {
 		const isSettingsUpdated =
 			settings.get('Register_Server') === true &&

diff --git a/apps/meteor/app/cloud/server/functions/startRegisterWorkspace.ts b/apps/meteor/app/cloud/server/functions/startRegisterWorkspace.ts
@@ -5,6 +5,7 @@ import { buildWorkspaceRegistrationData } from './buildRegistrationData';
 import { retrieveRegistrationStatus } from './retrieveRegistrationStatus';
 import { syncWorkspace } from './syncWorkspace';
 import { SystemLogger } from '../../../../server/lib/logger/system';
+import { updateAuditedBySystem } from '../../../../server/settings/lib/auditedSettingUpdates';
 import { notifyOnSettingChangedById } from '../../../lib/server/lib/notifyListener';
 import { settings } from '../../../settings/server';
 
@@ -15,7 +16,6 @@ export async function startRegisterWorkspace(resend = false) {
 
 		return true;
 	}
-
 	(await Settings.updateValueById('Register_Server', true)).modifiedCount && void notifyOnSettingChangedById('Register_Server');
 
 	const regInfo = await buildWorkspaceRegistrationData(undefined);
@@ -48,7 +48,9 @@ export async function startRegisterWorkspace(resend = false) {
 		return false;
 	}
 
-	await Settings.updateValueById('Cloud_Workspace_Id', payload.id);
+	await updateAuditedBySystem({
+		reason: 'startRegisterWorkspace',
+	})(Settings.updateValueById, 'Cloud_Workspace_Id', payload.id);
 
 	return true;
 }
diff --git a/apps/meteor/app/cloud/server/functions/supportedVersionsToken/supportedVersionsToken.ts b/apps/meteor/app/cloud/server/functions/supportedVersionsToken/supportedVersionsToken.ts
@@ -12,6 +12,7 @@ import { supportedVersions as supportedVersionsFromBuild } from '../../../../uti
 import { buildVersionUpdateMessage } from '../../../../version-check/server/functions/buildVersionUpdateMessage';
 import { generateWorkspaceBearerHttpHeader } from '../getWorkspaceAccessToken';
 import { supportedVersionsChooseLatest } from './supportedVersionsChooseLatest';
+import { updateAuditedBySystem } from '../../../../../server/settings/lib/auditedSettingUpdates';
 
 declare module '@rocket.chat/core-typings' {
 	interface ILicenseV3 {
@@ -66,7 +67,15 @@ const cacheValueInSettings = <T extends SettingValue>(
 		SystemLogger.debug(`Resetting cached value ${key} in settings`);
 		const value = await fn();
 
-		(await Settings.updateValueById(key, value)).modifiedCount && void notifyOnSettingChangedById(key);
+		if (
+			(
+				await updateAuditedBySystem({
+					reason: 'cacheValueInSettings reset',
+				})(Settings.updateValueById, key, value)
+			).modifiedCount
+		) {
+			void notifyOnSettingChangedById(key);
+		}
 
 		return value;
 	};

diff --git a/apps/meteor/app/irc/server/irc-bridge/index.js b/apps/meteor/app/irc/server/irc-bridge/index.js
@@ -7,6 +7,7 @@ import { callbacks } from '../../../../lib/callbacks';
 import { afterLeaveRoomCallback } from '../../../../lib/callbacks/afterLeaveRoomCallback';
 import { afterLogoutCleanUpCallback } from '../../../../lib/callbacks/afterLogoutCleanUpCallback';
 import { withThrottling } from '../../../../lib/utils/highOrderFunctions';
+import { updateAuditedBySystem } from '../../../../server/settings/lib/auditedSettingUpdates';
 import { notifyOnSettingChangedById } from '../../../lib/server/lib/notifyListener';
 import * as servers from '../servers';
 import * as localCommandHandlers from './localHandlers';
@@ -22,7 +23,9 @@ const updateLastPing = withThrottling({ wait: 10_000 })(() => {
 	}
 
 	void (async () => {
-		const updatedValue = await Settings.updateValueById('IRC_Bridge_Last_Ping', new Date(), { upsert: true });
+		const updatedValue = await updateAuditedBySystem({
+			reason: 'updateLastPing',
+		})(Settings.updateValueById, 'IRC_Bridge_Last_Ping', new Date(), { upsert: true });
 		if (updatedValue.modifiedCount || updatedValue.upsertedCount) {
 			void notifyOnSettingChangedById('IRC_Bridge_Last_Ping');
 		}