Restricted Admins

configure.js

@@ -1,5 +1,7 @@
-const WickrIOBotAPI = require('wickrio-bot-api');
+const WickrIOBotAPI = require('wickrio-bot-api')
 const util = require('util')
+const fs = require('fs')
+const Proc = require('./processes.json')
 
 
 require("dotenv").config({
@@ -8,7 +10,7 @@ require("dotenv").config({
 
 var wickrIOConfigure;
 
-process.stdin.resume(); //so the program will not close instantly
+process.stdin.resume(); // so the program will not close instantly
 
 function exitHandler(options, err) {
   try {
@@ -172,10 +174,48 @@ async function main() {
   ];
 
 
-  var fullName = process.cwd() + "/processes.json";
-  wickrIOConfigure = new WickrIOBotAPI.WickrIOConfigure(tokenConfig, fullName, true, true);
-
-  await wickrIOConfigure.configureYourBot("WickrIO-Broadcast-Bot");
-  process.exit();
+  /*
+     1.  Configure all regular tokens the first time.
+     2.  Generate tokens for each administrator's security group access.
+     3.  Configure 2nd time with only the added tokens.
+   */
+  // 1.
+  const fullName = `${process.cwd()}/processes.json`
+  wickrIOConfigure = new WickrIOBotAPI.WickrIOConfigure(
+    tokenConfig,
+    fullName,
+    true,
+    true,
+    false,
+    false
+  )
+  await wickrIOConfigure.configureYourBot('WickrIO-Broadcast-Bot')
+  // 2.
+  const adminArray = wickrIOConfigure
+    .getCurrentValues()
+    .ADMINISTRATORS.split(',')
+  const tokenToAdd = []
+  let i
+  for (i = 0; i < adminArray.length; i += 1) {
+    const newToken = {
+      token: adminArray[i],
+      pattern: '',
+      type: 'string',
+      description: `Please enter a list of security groups (ID Numbers or ALL) ${adminArray[i]} has access to.`,
+      message: 'Cannot leave empty! Please enter a value',
+      required: false,
+    }
+    tokenToAdd.push(newToken)
+  }
+  // 3.
+  const alt = new WickrIOBotAPI.WickrIOConfigure(
+    tokenToAdd,
+    fullName,
+    false,
+    false,
+    false,
+    true
+  )
+  await alt.configureYourBot('WickrIO-Broadcast-Bot')
+  process.exit()
 }
-

src/broadcast-bot.js

@@ -296,7 +296,8 @@ async function listen(message) {
         '/version : Get the version of the integration\n' +
         '/cancel : To cancel the last operation and enter a new command\n' +
         '/files : To get a list of saved files available for the /send command\n' +
-        '/delete : To delete a file that was previously made available for the /send command\n'
+        '/delete : To delete a file that was previously made available for the /send command\n' +
+        '/groups : To get a list of security groups you can broadcast a message to\n'
       const reply = bot.getAdminHelp(helpString)
       logger.debug(`vgroupID in help:${vGroupID}`)
       // const sMessage = WickrIOAPI.cmdSendRoomMessage(vGroupID, reply);

src/commands/ask-for-ack.js

@@ -1,4 +1,5 @@
 import State from '../state'
+import Groups from './groups'
 
 class AskForAck {
   constructor(broadcastService) {
@@ -29,7 +30,10 @@ class AskForAck {
         state,
       }
     }
-    const securityGroupList = this.broadcastService.getAPISecurityGroups()
+    const securityGroupList = Groups.getSGs(
+      messageService.userEmail,
+      this.broadcastService.getAPISecurityGroups()
+    )
     let groupsString = ''
     for (let i = 0; i < securityGroupList.length; i += 1) {
       // Check if the securityGroup has a size

src/commands/choose-security-groups.js

@@ -1,4 +1,5 @@
 import State from '../state'
+import Groups from './groups'
 
 class ChooseSecurityGroups {
   constructor(broadcastService) {
@@ -16,8 +17,16 @@ class ChooseSecurityGroups {
   execute(messageService) {
     let reply
     let state
+    let groupsToSend = []
+    const securityGroupList = Groups.getSGs(
+      messageService.userEmail,
+      this.broadcastService.getAPISecurityGroups()
+    )
     if (messageService.getMessage() === 'all') {
-      this.broadcastService.setSecurityGroups([])
+      for (let i = 0; i < securityGroupList.length; i += 1) {
+        groupsToSend.push(securityGroupList[i].id)
+      }
+      this.broadcastService.setSecurityGroups(groupsToSend);
       reply = 'Would you like to repeat this broadcast message?'
       state = State.ASK_REPEAT
       return {
@@ -26,8 +35,6 @@ class ChooseSecurityGroups {
       }
     }
     const groups = messageService.getMessage().split(/[^0-9]/)
-    const securityGroupList = this.broadcastService.getAPISecurityGroups()
-    let groupsToSend = []
     let groupsString = ''
     let validInput = true
     let badInput = ''

src/commands/groups.js

@@ -0,0 +1,149 @@
+/*
+  This class is used to let the user know what security groups
+  they can send a broadcast message to and to provide functions
+  that limit an admin's security group access.
+*/
+
+import State from '../state'
+import { logger } from '../helpers/constants'
+import APIService from '../services/api-service'
+
+class Groups {
+  static shouldExecute(messageService) {
+    if (messageService.getCommand() === '/groups') {
+      return true
+    }
+    return false
+  }
+
+  /*
+
+    Execute gets the userEmail, gathers the security groups user has access to and then
+    prints to the user.
+
+    1. Check to see if username is in the JSON array
+    2. Check to see if there are no security groups for that user
+    3. Get the security groups for that user then return
+    3a. If 'ALL' return all security groups
+
+  */
+
+  static execute(messageService) {
+    const procjson = require('../../processes.json')
+    const username = messageService.userEmail
+    let reply = ''
+    let i
+    // 1.
+    if (
+      !procjson.apps[0].env.tokens.SECURITY_GROUP_ACCESS.hasOwnProperty(
+        username
+      )
+    ) {
+      reply += 'Error user was not found.'
+    } else {
+      //  2.
+      const size =
+        procjson.apps[0].env.tokens.SECURITY_GROUP_ACCESS[username].length
+      if (size === 0) {
+        reply += 'You do not have access to broadcast to any security groups.'
+      } else {
+        // 3.
+        reply += 'The security groups you can broadcast a message to are:\n'
+        // 3a.
+        if (
+          this.handleALL(
+            procjson.apps[0].env.tokens.SECURITY_GROUP_ACCESS[username]
+          ) === true
+        ) {
+          reply += this.getAllSGs()
+        } else {
+          for (i = 0; i < size; i += 1) {
+            reply += `${this.convertSGID(
+              procjson.apps[0].env.tokens.SECURITY_GROUP_ACCESS[username][i]
+            )}\n`
+          }
+        }
+      }
+    }
+    return {
+      reply,
+      state: State.NONE,
+    }
+  }
+
+  /*
+    Returns a list of security groups that a user has access to. 
+    Also checks to see and handle 'ALL' value. If true return list of all security groups.
+  */
+  static getSGs(username, allSGs) {
+    const procjson = require('../../processes.json')
+    const filteredList = []
+    let i
+    if (
+      this.handleALL(
+        procjson.apps[0].env.tokens.SECURITY_GROUP_ACCESS[username]
+      ) === true
+    ) {
+      for (i = 0; i < allSGs.length; i += 1) {
+        filteredList.push(allSGs[i])
+      }
+    } else {
+      for (i = 0; i < allSGs.length; i += 1) {
+        if (
+          procjson.apps[0].env.tokens.SECURITY_GROUP_ACCESS[username].includes(
+            allSGs[i].id
+          )
+        ) {
+          filteredList.push(allSGs[i])
+        }
+      }
+    }
+    return filteredList
+  }
+
+  /*
+    This function returns the name of a security group when given an id number for a security group.
+    If Security Group ID has a match return the name of that security group.
+    If not return error message.
+  */
+
+  static convertSGID(idNum) {
+    const sgList = APIService.getSecurityGroups()
+    logger.debug(sgList)
+    let i
+    for (i = 0; i < sgList.length; i += 1) {
+      if (sgList[i].id === idNum) {
+        return sgList[i].name
+      }
+    }
+    // DO WE WANT ADMIN TO BE ABLE TO SEE THE ID NUMBER?
+    return 'Error: Security Group ID number not found: (idNUM?)'
+  }
+
+  /*
+    This function is used to check if the admin has access to ALL Security groups.
+    This is determined if the array's only entry is 'ALL'.
+  */
+  static handleALL(array) {
+    if (array.length === 1 && array[0] === 'ALL') {
+      return true
+    }
+    return false
+  }
+
+  /*
+    Returns a string of all security group names.
+  */
+
+  static getAllSGs() {
+    let returnString = ''
+    const sgList = APIService.getSecurityGroups()
+    let i
+    for (i = 0; i < sgList.length; i += 1) {
+      returnString += `${sgList[i].name}\n`
+    }
+    return returnString
+  }
+}
+
+export default Groups

src/commands/initialize-broadcast.js

@@ -1,5 +1,6 @@
 import State from '../state'
 import { logger } from '../helpers/constants'
+import Groups from './groups'
 
 class InitializeBroadcast {
   constructor(broadcastService) {
@@ -22,17 +23,29 @@ class InitializeBroadcast {
     this.broadcastService.setBOR('')
     this.broadcastService.setSentByFlag(true)
     logger.debug(`Here are all the things: ${messageService.getArgument()}`)
-    let reply = 'Would you like to ask the recipients for an acknowledgement?'
-    let state = State.ASK_FOR_ACK
-    // TODO check for undefined??
-    if (
-      messageService.getArgument() === undefined ||
-      messageService.getArgument() === '' ||
-      messageService.getArgument().length === 0
-    ) {
+    const securityGroupList = Groups.getSGs(
+      messageService.userEmail,
+      this.broadcastService.getAPISecurityGroups()
+    )
+    let reply
+    let state
+    if (securityGroupList.length === 0) {
       reply =
-        'Must have a message or file to broadcast, Usage: /broadcast <message>'
+        'You have no access to any security groups and cannot broadcast a message.'
       state = State.NONE
+    } else {
+      reply = 'Would you like to ask the recipients for an acknowledgement?'
+      state = State.ASK_FOR_ACK
+      // TODO check for undefined??
+      if (
+        messageService.getArgument() === undefined ||
+        messageService.getArgument() === '' ||
+        messageService.getArgument().length === 0
+      ) {
+        reply =
+          'Must have a message or file to broadcast, Usage: /broadcast <message>'
+        state = State.NONE
+      }
     }
     return {
       reply,

src/factory.js

@@ -9,6 +9,7 @@ import DeleteFile from './commands/delete-file'
 import Help from './commands/help'
 import FilesCommand from './commands/files-command'
 import FileReceived from './commands/file-received'
+import Groups from './commands/groups'
 import InitializeBroadcast from './commands/initialize-broadcast'
 import InitializeSend from './commands/initialize-send'
 import Report from './commands/report'
@@ -99,6 +100,7 @@ class Factory {
       this.abort,
       this.cancel,
       this.deleteFile,
+      Groups,
       Help,
       this.filesCommand,
       this.fileReceived,