Users can change their email from profile settings. They will be logged out immediately. Users can log in again with the updated email without verifying the same. This is a security problem.
So this change enforce the user to reconfirm the email after changing it. Users can log in with the updated email only after the confirmation.
Fixes: https://huntr.dev/bounties/7afd04b4-232e-4907-8a3c-acf8bd4b5b22/
- Initialize an "enterprise" folder that is copyrighted.
- You can remove this folder and the system will continue functioning normally, in case you want a purely MIT licensed product.
- Enable limit on the number of user accounts in enterprise code.
- Use enterprise edition injector methods (inspired from Gitlab).
- SaaS software would run enterprise edition software always.
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
At present, the websocket pubsub tokens are present at the contact objects in chatwoot. A better approach would be to have these tokens at the contact_inbox object instead. This helps chatwoot to deliver the websocket events targetted to the specific widget connection, stop contact events from leaking into other chat sessions from the same contact.
Fixes#1682Fixes#1664
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
- fix the wrong conversation status being sent in webhooks
- additional information in websocket events
- refactor activity messaging code
- move activity message generation to background job to stop the callback loop
Feat: Display out of office message based on business hours
Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com>
Co-authored-by: Sojan Jose <sojan@pepalo.com>
Automate conversation display_id generation with db triggers
Co-authored-by: Saurabh Mehta <saurabh1.mehta@airtel.com>
Co-authored-by: Sojan Jose <sojan@pepalo.com>
- feature to store contact IP for accounts
- IP lookup through geocoder gem
- ability to do IP lookup through external APIs
- add commit hook to prevent push to develop and master
- migrations to fix default values for jsonb columns
- Introduce models & migrations for portals, categories, folders and articles
- CRUD API for portals
- CRUD API for categories
Addresses: #714
Co-authored-by: Sojan <sojan@pepalo.com>
* Feature: Introduce Super Admins
- added new devise model for super user
- added administrate gem
- sample dashboards for users and accounts
Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com>
* Renamed concern from Feature to Featurable
* Feature: Installation config (#839)
* Added new model installtion config with corresponding migrations and specs
* Created an installation config yml (key value store model)
* Created a config loader module to load the installaltion configs
* Added this to the config loader seeder
* Changed the account before create hook for default feature enabling to use the feature values from installtion config
* Renamed the feature concern to Featurable to follow the naming pattern for concerns
* Added comments and specs for modules and places that deemed necessary
* Refactored config loader to reduce cognitive complexity (#839)
* Added POC for mail inbox reply email
* created mailbox and migratuion for the same
* cleaned up sidekiq queues and added the queues for action mailbox and active storage
* created conversation mailbox and functionlaity to create a message on the conversation when it's replied
* Added UUID to conversation to be used in email replies
* added migration to add uuid for conversation
* changed parsing and resource fetching to reflect matching uuid and
loading conversation alone
* cleaned up conversation mailbox.rb
* Added content type & attribute for message
* Added the new reply email to outgoing emails
* Added migration to accounts for adding domain and settings
* Modified seeds to reflect this changes
* Added the flag based column on account for boolean settings
* Added the new reply to email in outgoing conversation emails based on conditions
* Added dynamic email routing in application mailbox
* Added dynamic email routing in application mailbox
* Added a catch all deafult empty mailbox
* Added annotation for account
* Added the complete email details & attachments to the message
* Added the complete email details to the message in content_attributes, like subject, to, cc, bcc etc
* Modified the mail extractor to give a serilaized version of email
* Handled storing attachments of email on the message
* Added incoming email settings, env variables
* [#138] Added documentation regarding different email settings and variables
* Fixed the mail attachments blob issue (#138)
* Decoided attachments were strings and had to construct blobs out fo them to work with active storage
* Fixed the content encoding issue with mail body
* Fixed issue with Proc used in apllication mailbox routing
* Fixed couple of typos and silly mistakes
* Set appropriate from email for conversation reply mails (#138)
* From email was taken from a env variable, changed it to take from account settings if enabled
* Set the reply to email correctly based on conversation UUID
* Added commented config ind development.rb for mailbox ingress
* Added account settings for domain and support email (#138)
* Added the new attributes in accounts controller params whitelisting, api responses
* Added options for the the new fields in account settings
* Fixed typos in email continuity docs and warnings
* Added specs for conversation reply mailer changes (#138)
* Added specs for
* conversation reply mailer
* Accounts controller
* Account and Conversation models
* Added tests for email presenter (#138)
* Specs for inbound email routing and mailboxes (#138)
Addresses: #402
- migrations to split roles and other attributes from users table
- make changes in code to accommodate this change
Co-authored-by: Sojan Jose <sojan@pepalo.com>
Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com>
* Use conversationPage module for pagination
* Load more conversations
* Reset list if conversation status is changed
* Add specs to conversationPage
* Reset filter when page is re-mounted
* Update text
* Update text
* [#139] Delayed emails for conversations
* Added the setex and get methods to Redis wrapper
* Set the priorities for the sidekiq queues
* Was not able to use mailhog for testing email in local, switched back to letter opener and added comments on using the SMTP settings
* Added after create hood in messages to queue the sending of mail after 2 minutes using sidekiq worker and also set the redis key for the conversation to avoid the email sending for every message
* Added the sidekiq worker to send the email and delete the conversation redis key
* Added the mailer and mail template
* mailer sends the last 10 messages along with the new messages from the time it was queued
* Send email only in development or if smtp config is set
* Send email only in development or if smtp config is set
* Set the SMTP_PORT in production variable
* Adding redis to circle CI
* Specs for the conversation email changes
* Added specs for conversation email sidekiq worker
* Added specs for conversation mailer
* Added specs in message model for the after create hook for notify email
* Send emails only when there is a reply from agent
* set development to use mailhog
* Adding comments for using letter opener
* add sidekiq web view if the user is an administrator
* add sidekiq setup configuration and support
* update devise to use delivery_later method and update test
* update conversation to use deliver_later instead of deliver
* Update Routes
* Add Procfile for Heroku One-Click Start
* updating docs
* update concurrency and Procfile for supporting Heroku Free Dyno
* update Procfile.dev