Users can change their email from profile settings. They will be logged out immediately. Users can log in again with the updated email without verifying the same. This is a security problem.
So this change enforce the user to reconfirm the email after changing it. Users can log in with the updated email only after the confirmation.
Fixes: https://huntr.dev/bounties/7afd04b4-232e-4907-8a3c-acf8bd4b5b22/
At present, the websocket pubsub tokens are present at the contact objects in chatwoot. A better approach would be to have these tokens at the contact_inbox object instead. This helps chatwoot to deliver the websocket events targetted to the specific widget connection, stop contact events from leaking into other chat sessions from the same contact.
Fixes#1682Fixes#1664
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
This change allows the user to configure both IMAP and SMTP for an email inbox. IMAP enables the user to see emails in Chatwoot. And user can use SMTP to reply to an email conversation.
Users can use the default settings to send and receive emails for email inboxes if both IMAP and SMTP are disabled.
Fixes#2520
- fix the wrong conversation status being sent in webhooks
- additional information in websocket events
- refactor activity messaging code
- move activity message generation to background job to stop the callback loop
- Ability to configure line bots as a channel in chatwoot
- Receive a message sent to the line bot in chatwoot
- Ability to reply to line users from chatwoot
fixes: #2738
- Ability to configure telegram bots as a channel in chatwoot
- Receive a message sent to the telegram bot in chatwoot
- Ability to reply to telegram users from chatwoot
- Receive attachment messages in chatwoot
fixes: #1843
- API to fetch info of a single inbox
- Document passing custom_attributes in the API
- Ability to filter contacts with contact identifier in search API
* Delete inbox avatar
1) New API endpoint added for deleting inbox avatar.
2) Delete avatar button in the inbox settings page.
Co-authored-by: Sojan Jose <sojan@pepalo.com>
Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
- Add endpoint which lists inboxes through which a contact can be contacted
- Conversation creation API auto-creates contact_inbox for specific channels [ Twilio, email, api]
- Ability to send the initial message payload along with the conversation creation
- Fixes#1678 ( issue saving additional attributes for conversation )
* Chore: Feature lock email settings in UI
The email settings under account settings needed to be
feature locked in a way different from teh current way for it
to be enabled for accounts in a self hosted scenario.
Some refactorings were also done along with this change.
1. There was a feature flag defined in code in account model called
domain_emails_enabled was used to check if the inbound emails was
enabled for the account. But there was already a feature flag called
"inbound_emails" defined in features.yml. So changed to use this to
check if inbound emails are enabled for an account.
2. Renamed and re-purposed existing `domain_emails_enabled` to
`custom_email_domain_enabled` to use for feature toggling the UI
for email settings.
3. To enable & disable multiple features using the featurable concern
we were passing an array of values. Changed this to accept a comma
separated set of values.
* Chore: Feature lock email settings in UI
Fixed the specs for accounts controller & removed
unneccessary code from Account seetings component in UI
* Chore: Convert newlines to <br>s
Removed the layout used while sending replies in
conversation continuity.
Converted the newlines in the messages to <br/> tags
for the correct HTML rendering.
* Chore: Bug fix in reply email domain
Renamed the function custom_email_domain_enabled to
inbound_email_enabled.
Fixed bug on setting reply emails's domain.
* Feature: Introduce Super Admins
- added new devise model for super user
- added administrate gem
- sample dashboards for users and accounts
Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com>
* Added POC for mail inbox reply email
* created mailbox and migratuion for the same
* cleaned up sidekiq queues and added the queues for action mailbox and active storage
* created conversation mailbox and functionlaity to create a message on the conversation when it's replied
* Added UUID to conversation to be used in email replies
* added migration to add uuid for conversation
* changed parsing and resource fetching to reflect matching uuid and
loading conversation alone
* cleaned up conversation mailbox.rb
* Added content type & attribute for message
* Added the new reply email to outgoing emails
* Added migration to accounts for adding domain and settings
* Modified seeds to reflect this changes
* Added the flag based column on account for boolean settings
* Added the new reply to email in outgoing conversation emails based on conditions
* Added dynamic email routing in application mailbox
* Added dynamic email routing in application mailbox
* Added a catch all deafult empty mailbox
* Added annotation for account
* Added the complete email details & attachments to the message
* Added the complete email details to the message in content_attributes, like subject, to, cc, bcc etc
* Modified the mail extractor to give a serilaized version of email
* Handled storing attachments of email on the message
* Added incoming email settings, env variables
* [#138] Added documentation regarding different email settings and variables
* Fixed the mail attachments blob issue (#138)
* Decoided attachments were strings and had to construct blobs out fo them to work with active storage
* Fixed the content encoding issue with mail body
* Fixed issue with Proc used in apllication mailbox routing
* Fixed couple of typos and silly mistakes
* Set appropriate from email for conversation reply mails (#138)
* From email was taken from a env variable, changed it to take from account settings if enabled
* Set the reply to email correctly based on conversation UUID
* Added commented config ind development.rb for mailbox ingress
* Added account settings for domain and support email (#138)
* Added the new attributes in accounts controller params whitelisting, api responses
* Added options for the the new fields in account settings
* Fixed typos in email continuity docs and warnings
* Added specs for conversation reply mailer changes (#138)
* Added specs for
* conversation reply mailer
* Accounts controller
* Account and Conversation models
* Added tests for email presenter (#138)
* Specs for inbound email routing and mailboxes (#138)
* Chore: Webwidget Inbox Tech Debts
* Additional customization options creating Web Widget
* Changes to edit Page for Web Widget
* Remove the WebWidget API end points
* Minor chores
Address: #680, #502
Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com>
* Changes for the message to have multiple attachments
* changed the message association to attachments from has_one to has_many
* changed all the references of this association in building and fetching to reflect this change
* Added number of attachments validation to the message model
* Modified the backend responses and endpoints to reflect multiple attachment support (#737)
* Changing the frontend components for multiple attachments
* changed the request structure to reflect the multiple attachment structures
* changed the message bubbles to support multiple attachments
* bugfix: agent side attachment was not showing because of a missing await
* broken message was shown because of the store filtering
* Added documentation for ImageMagick
* spec fixes
* refactored code to reflect more apt namings
* Added updated message listener for the dashboard (#727)
* Added the publishing for message updated event
* Implemented the listener for dashboard
Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com>