Tiledesk
diff --git a/‎.env.sample‎
Lines changed: 6 additions & 0 deletions b/‎.env.sample‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 6 additions & 2 deletions b/‎.gitignore‎
Lines changed: 6 additions & 2 deletions
diff --git a/‎.vscode/launch.json‎
Lines changed: 26 additions & 0 deletions b/‎.vscode/launch.json‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 17 additions & 1 deletion b/‎CHANGELOG.md‎
Lines changed: 17 additions & 1 deletion
diff --git a/‎Dockerfile-en‎
Lines changed: 2 additions & 0 deletions b/‎Dockerfile-en‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎app.js‎
Lines changed: 40 additions & 20 deletions b/‎app.js‎
Lines changed: 40 additions & 20 deletions
diff --git a/‎channels/chat21/chat21Handler.js‎
Lines changed: 8 additions & 1 deletion b/‎channels/chat21/chat21Handler.js‎
Lines changed: 8 additions & 1 deletion
@@ -139,3 +139,9 @@ WIDGET_TEST_LOCATION=http://localhost:4200/assets/test_widget_page/index.html
 
 #NPM_TOKEN=XXXX
 #Enable enterprise module with npm private token
+
+# Analytics ingest sidecar (tiledesk-analytics)
+# Uncomment and set these to forward analytics events to the ingest service.
+# ANALYTICS_INGEST_URL is required; without it all analytics events are silently dropped.
+#ANALYTICS_INGEST_URL=http://localhost:3003
+#ANALYTICS_INGEST_API_KEY=
@@ -4,6 +4,10 @@ config/.firebase-key
 data
 .firebasekey-pre.json
 .firebasekey.json
-.env
+.env*
 copyfiles
-logs
+logs
+.idea
+**/.DS_Store
+CLAUDE.md
+.claude
@@ -0,0 +1,26 @@
+{
+    // Usare IntelliSense per informazioni sui possibili attributi.
+    // Al passaggio del mouse vengono visualizzate le descrizioni degli attributi esistenti.
+    // Per altre informazioni, visitare: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+    {
+        "name": "Attach",
+        "port": 9229,
+        "request": "attach",
+        "skipFiles": [
+            "<node_internals>/**"
+        ],
+        "type": "node"
+    },
+        {
+            "type": "node",
+            "request": "launch",
+            "name": "Avvia programma",
+            "skipFiles": [
+                "<node_internals>/**"
+            ],
+            "program": "${workspaceFolder}/bin/www"
+        }
+    ]
+}
@@ -14,9 +14,25 @@
 - Enabled Situated Context for enhanced Knowledge Base content indexing
 - Bumped tybot-connector version to 2.0.48
 
+# 2.18.4-rc35
+- Disabled Authentication in URL Preview
+- Added Max 10 URLs per request — returns 422 if exceeded
+- Added SSRF Validation
+
+# 2.18.4-rc32
+- Updated maxContentLength limit
+
+# 2.18.4-rc31
+- Updated url-preview service
+
+# 2.18.4-rc27
+- Added url-preview service
+
 # 2.18.3
 - Added permissions logic
 - Added custom roles support
+
+# 2.17.5
 - Add answered questions functionality
 - Added AnsweredQuestion schema with TTL index for automatic deletion.
 - Updated UnansweredQuestion schema to include additional fields and improved query handling for searching and sorting.
@@ -75,7 +91,7 @@
 - Added migration script to add the contact field in request object improving the search by phone number
 
 # 2.15.2
-- Updated GitHub actions
+- Updated GitHub actionsm
 
 # 2.15.1
 - Updated whatsapp-connector to 1.0.24
 
@@ -11,12 +11,14 @@ WORKDIR /usr/src/app
 ARG NPM_TOKEN
 ARG VOICE_TOKEN
 ARG VOICE_TWILIO_TOKEN
+ARG VOICE_ENGHOUSE_TOKEN
 
 COPY .npmrc_ .npmrc
 
 # Set environment variable based on build argument
 ENV VOICE_TOKEN=${VOICE_TOKEN}
 ENV VOICE_TWILIO_TOKEN=${VOICE_TWILIO_TOKEN}
+ENV VOICE_ENGHOUSE_TOKEN=${VOICE_ENGHOUSE_TOKEN}
 
 # Install app dependencies
 # A wildcard is used to ensure both package.json AND package-lock.json are copied
 
@@ -69,6 +69,7 @@ winston.info("DB AutoIndex: " + autoIndex);
 let useUnifiedTopology = process.env.MONGOOSE_UNIFIED_TOPOLOGY === 'true';
 winston.info("DB useUnifiedTopology: ", useUnifiedTopology, typeof useUnifiedTopology);
 
+
 var connection = mongoose.connect(databaseUri, { "useNewUrlParser": true, "autoIndex": autoIndex, "useUnifiedTopology": useUnifiedTopology }, function(err) {
   if (err) { 
     winston.error('Failed to connect to MongoDB on ' + databaseUri + " ", err);
@@ -77,11 +78,13 @@ var connection = mongoose.connect(databaseUri, { "useNewUrlParser": true, "autoI
   winston.info("Mongoose connection done on host: "+mongoose.connection.host + " on port: " + mongoose.connection.port + " with name: "+ mongoose.connection.name)// , mongoose.connection.db);
 });
 if (process.env.MONGOOSE_DEBUG==="true") {
+  winston.info("Mongoose log enabled");
   mongoose.set('debug', true);
 }
 mongoose.set('useFindAndModify', false); // https://mongoosejs.com/docs/deprecations.html#-findandmodify-
 mongoose.set('useCreateIndex', true);
 //mongoose.set('useUnifiedTopology', false); 
+//mongoose.set('useUnifiedTopology', useUnifiedTopology); 
 
 // CONNECT REDIS - CHECK IT
 const { TdCache } = require('./utils/TdCache');
@@ -93,6 +96,9 @@ let tdCache = new TdCache({
 
 tdCache.connect();
 
+var cacheManager = require('./utils/cacheManager');
+cacheManager.setClient(tdCache);
+
 // ROUTES DECLARATION
 var troubleshooting = require('./routes/troubleshooting');
 var auth = require('./routes/auth');
@@ -125,6 +131,7 @@ var widgets = require('./routes/widget');
 var widgetsLoader = require('./routes/widgetLoader');
 var openai = require('./routes/openai');
 var llm = require('./routes/llm');
+var urlPreview = require('./routes/urlPreview');
 var quotes = require('./routes/quotes');
 var integration = require('./routes/integration')
 var kbsettings = require('./routes/kbsettings');
@@ -153,6 +160,8 @@ var webhooks = require('./routes/webhooks');
 var roles = require('./routes/roles');
 var copilot = require('./routes/copilot');
 var mcp = require('./routes/mcp');
+var scheduler = require('./routes/scheduledJobs');
+var voice = require('./routes/voice');
 
 var bootDataLoader = require('./services/bootDataLoader');
 var settingDataLoader = require('./services/settingDataLoader');
@@ -267,6 +276,7 @@ app.set('chatbot_service', new ChatbotService())
 app.set('redis_client', tdCache);
 app.set('quote_manager', qm);
 app.set('rate_manager', rm);
+app.set('trust proxy', true);
 
 // TODO DELETE IT IN THE NEXT RELEASE
 if (process.env.ENABLE_ALTERNATIVE_CORS_MIDDLEWARE === "true") {  
@@ -349,32 +359,38 @@ if (process.env.DISABLE_SESSION_STRATEGY==true ||  process.env.DISABLE_SESSION_S
       // redisClient.connect().catch(console.error)
 
       let cacheClient = undefined;
-      if (pubModulesManager.cache) {
+      if (pubModulesManager.cache && pubModulesManager.cache._cache && pubModulesManager.cache._cache._cache) {
         cacheClient = pubModulesManager.cache._cache._cache;  //_cache._cache to jump directly to redis modules without cacheoose wrapper (don't support await)
       }
+
+      if (cacheClient) {
       // winston.info("Express Session cacheClient",cacheClient);
 
 
-      let redisStore = new RedisStore({
-        client: cacheClient,
-        prefix: "sessions:",
-      })
-
-      app.use(
-        session({
-          store: redisStore,
-          resave: false, // required: force lightweight session keep alive (touch)
-          saveUninitialized: false, // recommended: only save session when data exists
-          secret: sessionSecret,
-          cookie: {
-            secure: true,           // ✅ Use HTTPS
-            httpOnly: true,         // ✅ Only accessible by the server (not client-side JS)
-            sameSite: 'None'        // ✅ Allows cross-origin (e.g., Keycloak on a different domain)
-          }
+        let redisStore = new RedisStore({
+          client: cacheClient,
+          prefix: "sessions:",
         })
-      )
-      winston.info("Express Session with Redis enabled with Secret: " + sessionSecret);
 
+        app.use(
+          session({
+            store: redisStore,
+            resave: false, // required: force lightweight session keep alive (touch)
+            saveUninitialized: false, // recommended: only save session when data exists
+            secret: sessionSecret,
+            cookie: {
+              secure: true,           // ✅ Use HTTPS
+              httpOnly: true,         // ✅ Only accessible by the server (not client-side JS)
+              sameSite: 'None'        // ✅ Allows cross-origin (e.g., Keycloak on a different domain)
+            }
+          })
+        )
+        winston.info("Express Session with Redis enabled with Secret: " + sessionSecret);
+      } else {
+        winston.warn("ENABLE_REDIS_SESSION is true but Redis cache is not available (pubmodules cache not initialized). Using default in-memory session store.");
+        app.use(session({ secret: sessionSecret}));
+        winston.info("Express Session enabled with Secret: " + sessionSecret);
+      }
 
   } else {
     app.use(session({ secret: sessionSecret}));
@@ -634,8 +650,10 @@ app.use('/:projectid/emails',[passport.authenticate(['basic', 'jwt'], { session:
 app.use('/:projectid/properties',[passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('agent', ['bot','subscription'])], property);
 app.use('/:projectid/segments',[passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('agent', ['bot','subscription'])], segment);
 
-app.use('/:projectid/llm', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('admin', ['bot','subscription'])], llm);
+//app.use('/:projectid/llm', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('admin', ['bot','subscription'])], llm);
+app.use('/:projectid/llm', llm);
 app.use('/:projectid/openai', openai);
+app.use('/:projectid/url-preview', urlPreview);
 app.use('/:projectid/quotes', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('agent', ['bot','subscription'])], quotes)
 
 app.use('/:projectid/integration', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('admin', ['bot','subscription'])], integration )
@@ -650,7 +668,9 @@ app.use('/:projectid/kb', [passport.authenticate(['basic', 'jwt'], { session: fa
 app.use('/:projectid/logs', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('agent')], logs);
 
 app.use('/:projectid/webhooks', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('admin')], webhooks);
+app.use('/:projectid/scheduler', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRoleOrTypes('admin', ['bot','subscription'])], scheduler);
 app.use('/:projectid/copilot', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('agent')], copilot);
+app.use('/:projectid/voice', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('admin')], voice);
 app.use('/:projectid/roles', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken, roleChecker.hasRole('agent')], roles);
 
 app.use('/:projectid/files', filesp);
 
@@ -527,9 +527,15 @@ class Chat21Handler {
             requestEvent.on('request.create',  function(request) {          
 
                 winston.debug("chat21Handler requestEvent request.create called" , request);
+                console.log('[WELCOME_MSG_FLOW] chat21Handler: received request.create', { request_id: request.request_id, channelOutbound: request.channelOutbound?.name, first_text: request.first_text });
                 // setImmediate(() => {
 // perche nn c'è setImmedite? per performace
-                    if (request.channelOutbound.name === ChannelConstants.CHAT21) {
+                    if (request.channelOutbound && request.channelOutbound.name === ChannelConstants.CHAT21) {
+                        console.log('[WELCOME_MSG_FLOW] chat21Handler: channelOutbound is CHAT21, creating group');
+                    } else {
+                        console.log('[WELCOME_MSG_FLOW] chat21Handler: channelOutbound is NOT CHAT21, skipping group creation', { channelOutbound: request.channelOutbound, channelOutboundName: request.channelOutbound?.name, expected: ChannelConstants.CHAT21 });
+                    }
+                    if (request.channelOutbound && request.channelOutbound.name === ChannelConstants.CHAT21) {
 
                         chat21.auth.setAdminToken(adminToken);
 
@@ -619,6 +625,7 @@ class Chat21Handler {
                                 // performance console log
                                 // console.log("************* after request.support_group.created: "+new Date().toISOString()); 
 
+                                console.log('[WELCOME_MSG_FLOW] chat21Handler: emitting request.support_group.created', { request_id: request.request_id, id_project: request.id_project });
                                 requestEvent.emit('request.support_group.created', request);
 
                                 chat21Event.emit('group.create', data);