Skip to content

Commit

Permalink
fix: Avoid destructuring connectionData when value is undefined (#3…
Browse files Browse the repository at this point in the history
  • Loading branch information
KevLehman authored and abhinavkrin committed Oct 25, 2024
1 parent 4baca37 commit 60e64c5
Show file tree
Hide file tree
Showing 3 changed files with 37 additions and 4 deletions.
5 changes: 5 additions & 0 deletions .changeset/brave-brooms-invent.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@rocket.chat/meteor": patch
---

Fixes a problem that caused visitor creation to fail when GDPR setting was enabled and visitor was created via Apps Engine or the deprecated `livechat:registerGuest` method.
8 changes: 6 additions & 2 deletions apps/meteor/app/livechat/server/lib/LivechatTyped.ts
Original file line number Diff line number Diff line change
Expand Up @@ -589,6 +589,10 @@ class LivechatClass {
}
}

isValidObject(obj: unknown): obj is Record<string, any> {
return typeof obj === 'object' && obj !== null;
}

async registerGuest({
id,
token,
Expand Down Expand Up @@ -654,10 +658,10 @@ class LivechatClass {
visitorDataToUpdate.status = status;
visitorDataToUpdate.ts = new Date();

if (settings.get('Livechat_Allow_collect_and_store_HTTP_header_informations')) {
if (settings.get('Livechat_Allow_collect_and_store_HTTP_header_informations') && Livechat.isValidObject(connectionData)) {
Livechat.logger.debug(`Saving connection data for visitor ${token}`);
const { httpHeaders, clientAddress } = connectionData;
if (httpHeaders) {
if (Livechat.isValidObject(httpHeaders)) {
visitorDataToUpdate.userAgent = httpHeaders['user-agent'];
visitorDataToUpdate.ip = httpHeaders['x-real-ip'] || httpHeaders['x-forwarded-for'] || clientAddress;
visitorDataToUpdate.host = httpHeaders?.host;
Expand Down
28 changes: 26 additions & 2 deletions apps/meteor/tests/end-to-end/api/livechat/09-visitors.ts
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
import { faker } from '@faker-js/faker';
import type { ILivechatVisitor } from '@rocket.chat/core-typings';
import { expect } from 'chai';
import { before, describe, it } from 'mocha';
import { before, describe, it, after } from 'mocha';
import moment from 'moment';
import { type Response } from 'supertest';

import { getCredentials, api, request, credentials } from '../../../data/api-data';
import { getCredentials, api, request, credentials, methodCallAnon } from '../../../data/api-data';
import { createCustomField, deleteCustomField } from '../../../data/livechat/custom-fields';
import {
makeAgentAvailable,
Expand Down Expand Up @@ -217,6 +217,30 @@ describe('LIVECHAT - visitors', () => {
expect(body.visitor).to.have.property('livechatData');
expect(body.visitor.livechatData).to.have.property(customFieldName, 'Not a real address :)');
});

describe('special cases', () => {
before(async () => {
await updateSetting('Livechat_Allow_collect_and_store_HTTP_header_informations', true);
});
after(async () => {
await updateSetting('Livechat_Allow_collect_and_store_HTTP_header_informations', false);
});

// Note: this had to use the meteor method because the endpoint used `req.headers` which we cannot send as empty
// method doesn't pass them to the func allowing us to create a test for it
it('should allow to create a visitor without passing connectionData when GDPR setting is enabled', async () => {
const token = `${new Date().getTime()}-test`;
const response = await request
.post(methodCallAnon('livechat:registerGuest'))
.send({ message: `{"msg":"method","id":"23","method":"livechat:registerGuest","params":[{ "token": "${token}"}]}` });

expect(response.body).to.have.property('success', true);
const r = JSON.parse(response.body.message);

expect(r.result).to.have.property('visitor');
expect(r.result.visitor).to.have.property('token', token);
});
});
});

describe('livechat/visitors.info', () => {
Expand Down

0 comments on commit 60e64c5

Please sign in to comment.