Tom Moor
GitHub
265
server/routes/api/hooks.js
Normal file
265
server/routes/api/hooks.js
Normal file
@ -0,0 +1,265 @@
|
||||
// @flow
|
||||
import Router from "koa-router";
|
||||
import { escapeRegExp } from "lodash";
|
||||
import { AuthenticationError, InvalidRequestError } from "../../errors";
|
||||
import {
|
||||
UserAuthentication,
|
||||
AuthenticationProvider,
|
||||
Document,
|
||||
User,
|
||||
Team,
|
||||
SearchQuery,
|
||||
Integration,
|
||||
IntegrationAuthentication,
|
||||
} from "../../models";
|
||||
import { presentSlackAttachment } from "../../presenters";
|
||||
import * as Slack from "../../slack";
|
||||
const router = new Router();
|
||||
|
||||
// triggered by a user posting a getoutline.com link in Slack
|
||||
router.post("hooks.unfurl", async (ctx) => {
|
||||
const { challenge, token, event } = ctx.body;
|
||||
if (challenge) return (ctx.body = ctx.body.challenge);
|
||||
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN) {
|
||||
throw new AuthenticationError("Invalid token");
|
||||
}
|
||||
|
||||
const user = await User.findOne({
|
||||
include: [
|
||||
{
|
||||
where: { providerId: event.user },
|
||||
model: UserAuthentication,
|
||||
as: "authentications",
|
||||
required: true,
|
||||
},
|
||||
],
|
||||
});
|
||||
if (!user) return;
|
||||
|
||||
const auth = await IntegrationAuthentication.findOne({
|
||||
where: { service: "slack", teamId: user.teamId },
|
||||
});
|
||||
if (!auth) return;
|
||||
|
||||
// get content for unfurled links
|
||||
let unfurls = {};
|
||||
for (let link of event.links) {
|
||||
const id = link.url.substr(link.url.lastIndexOf("/") + 1);
|
||||
const doc = await Document.findByPk(id);
|
||||
if (!doc || doc.teamId !== user.teamId) continue;
|
||||
|
||||
unfurls[link.url] = {
|
||||
title: doc.title,
|
||||
text: doc.getSummary(),
|
||||
color: doc.collection.color,
|
||||
};
|
||||
}
|
||||
|
||||
await Slack.post("chat.unfurl", {
|
||||
token: auth.token,
|
||||
channel: event.channel,
|
||||
ts: event.message_ts,
|
||||
unfurls,
|
||||
});
|
||||
});
|
||||
|
||||
// triggered by interactions with actions, dialogs, message buttons in Slack
|
||||
router.post("hooks.interactive", async (ctx) => {
|
||||
const { payload } = ctx.body;
|
||||
ctx.assertPresent(payload, "payload is required");
|
||||
|
||||
const data = JSON.parse(payload);
|
||||
const { callback_id, token } = data;
|
||||
ctx.assertPresent(token, "token is required");
|
||||
ctx.assertPresent(callback_id, "callback_id is required");
|
||||
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN) {
|
||||
throw new AuthenticationError("Invalid verification token");
|
||||
}
|
||||
|
||||
// we find the document based on the users teamId to ensure access
|
||||
const document = await Document.scope("withCollection").findByPk(
|
||||
data.callback_id
|
||||
);
|
||||
if (!document) {
|
||||
throw new InvalidRequestError("Invalid callback_id");
|
||||
}
|
||||
|
||||
const team = await Team.findByPk(document.teamId);
|
||||
|
||||
// respond with a public message that will be posted in the original channel
|
||||
ctx.body = {
|
||||
response_type: "in_channel",
|
||||
replace_original: false,
|
||||
attachments: [
|
||||
presentSlackAttachment(
|
||||
document,
|
||||
document.collection,
|
||||
team,
|
||||
document.getSummary()
|
||||
),
|
||||
],
|
||||
};
|
||||
});
|
||||
|
||||
// triggered by the /outline command in Slack
|
||||
router.post("hooks.slack", async (ctx) => {
|
||||
const { token, team_id, user_id, text = "" } = ctx.body;
|
||||
ctx.assertPresent(token, "token is required");
|
||||
ctx.assertPresent(team_id, "team_id is required");
|
||||
ctx.assertPresent(user_id, "user_id is required");
|
||||
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN) {
|
||||
throw new AuthenticationError("Invalid verification token");
|
||||
}
|
||||
|
||||
// Handle "help" command or no input
|
||||
if (text.trim() === "help" || !text.trim()) {
|
||||
ctx.body = {
|
||||
response_type: "ephemeral",
|
||||
text: "How to use /outline",
|
||||
attachments: [
|
||||
{
|
||||
text:
|
||||
"To search your knowledge base use `/outline keyword`. \nYou’ve already learned how to get help with `/outline help`.",
|
||||
},
|
||||
],
|
||||
};
|
||||
return;
|
||||
}
|
||||
|
||||
let user, team;
|
||||
|
||||
// attempt to find the corresponding team for this request based on the team_id
|
||||
team = await Team.findOne({
|
||||
include: [
|
||||
{
|
||||
where: {
|
||||
name: "slack",
|
||||
providerId: team_id,
|
||||
},
|
||||
as: "authenticationProviders",
|
||||
model: AuthenticationProvider,
|
||||
required: true,
|
||||
},
|
||||
],
|
||||
});
|
||||
|
||||
if (team) {
|
||||
const authentication = await UserAuthentication.findOne({
|
||||
where: {
|
||||
providerId: user_id,
|
||||
},
|
||||
include: [
|
||||
{
|
||||
where: { teamId: team.id },
|
||||
model: User,
|
||||
as: "user",
|
||||
required: true,
|
||||
},
|
||||
],
|
||||
});
|
||||
|
||||
if (authentication) {
|
||||
user = authentication.user;
|
||||
}
|
||||
} else {
|
||||
// If we couldn't find a team it's still possible that the request is from
|
||||
// a team that authenticated with a different service, but connected Slack
|
||||
// via integration
|
||||
const integration = await Integration.findOne({
|
||||
where: {
|
||||
settings: {
|
||||
serviceTeamId: team_id,
|
||||
},
|
||||
},
|
||||
include: [
|
||||
{
|
||||
model: Team,
|
||||
as: "team",
|
||||
},
|
||||
],
|
||||
});
|
||||
|
||||
if (integration) {
|
||||
team = integration.team;
|
||||
}
|
||||
}
|
||||
|
||||
// This should be super rare, how does someone end up being able to make a valid
|
||||
// request from Slack that connects to no teams in Outline.
|
||||
if (!team) {
|
||||
ctx.body = {
|
||||
response_type: "ephemeral",
|
||||
text:
|
||||
"Sorry, we couldn’t find an integration for your team. Head to your Outline settings to set one up.",
|
||||
};
|
||||
return;
|
||||
}
|
||||
|
||||
const options = {
|
||||
limit: 5,
|
||||
};
|
||||
|
||||
// If we were able to map the request to a user then we can use their permissions
|
||||
// to load more documents based on the collections they have access to. Otherwise
|
||||
// just a generic search against team-visible documents is allowed.
|
||||
const { results, totalCount } = user
|
||||
? await Document.searchForUser(user, text, options)
|
||||
: await Document.searchForTeam(team, text, options);
|
||||
|
||||
SearchQuery.create({
|
||||
userId: user ? user.id : null,
|
||||
teamId: team.id,
|
||||
source: "slack",
|
||||
query: text,
|
||||
results: totalCount,
|
||||
});
|
||||
|
||||
const haventSignedIn = `(It looks like you haven’t signed in to Outline yet, so results may be limited)`;
|
||||
|
||||
// Map search results to the format expected by the Slack API
|
||||
if (results.length) {
|
||||
const attachments = [];
|
||||
for (const result of results) {
|
||||
const queryIsInTitle = !!result.document.title
|
||||
.toLowerCase()
|
||||
.match(escapeRegExp(text.toLowerCase()));
|
||||
|
||||
attachments.push(
|
||||
presentSlackAttachment(
|
||||
result.document,
|
||||
result.document.collection,
|
||||
team,
|
||||
queryIsInTitle ? undefined : result.context,
|
||||
process.env.SLACK_MESSAGE_ACTIONS
|
||||
? [
|
||||
{
|
||||
name: "post",
|
||||
text: "Post to Channel",
|
||||
type: "button",
|
||||
value: result.document.id,
|
||||
},
|
||||
]
|
||||
: undefined
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
ctx.body = {
|
||||
text: user
|
||||
? `This is what we found for "${text}"…`
|
||||
: `This is what we found for "${text}" ${haventSignedIn}…`,
|
||||
attachments,
|
||||
};
|
||||
} else {
|
||||
ctx.body = {
|
||||
text: user
|
||||
? `No results for "${text}"`
|
||||
: `No results for "${text}" ${haventSignedIn}`,
|
||||
};
|
||||
}
|
||||
});
|
||||
|
||||
export default router;
|
||||
Reference in New Issue
Block a user