admin/bodyshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature/IO-3182-Phone-Number-Consent - Checkpoint

Browse Source
This commit is contained in:
Dave Richer
2025-05-20 18:19:39 -04:00
parent 83860152a9
commit 7bd5190bf2
17 changed files with 772 additions and 320 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
server/sms/send.js
View File

@@ -1,21 +1,16 @@
const twilio = require("twilio");
const { phone } = require("phone");
const { INSERT_MESSAGE } = require("../graphql-client/queries");
const logger = require("../utils/logger");
const { INSERT_MESSAGE, GET_PHONE_NUMBER_CONSENT } = require("../graphql-client/queries");
const client = twilio(process.env.TWILIO_AUTH_TOKEN, process.env.TWILIO_AUTH_KEY);
const gqlClient = require("../graphql-client/graphql-client").client;
/**
* Send an outbound SMS message
* @param req
* @param res
* @returns {Promise<void>}
*/
const send = async (req, res) => {
const { to, messagingServiceSid, body, conversationid, selectedMedia, imexshopid } = req.body;
const { to, messagingServiceSid, body, conversationid, selectedMedia, imexshopid, bodyshopid } = req.body;
const {
ioRedis,
ioHelpers: { getBodyshopRoom, getBodyshopConversationRoom }
logger,
ioHelpers: { getBodyshopRoom, getBodyshopConversationRoom },
sessionUtils: { getBodyshopFromRedis }
} = req;
logger.log("sms-outbound", "DEBUG", req.user.email, null, {
@@ -26,11 +21,11 @@ const send = async (req, res) => {
conversationid,
isoutbound: true,
userid: req.user.email,
image: req.body.selectedMedia.length > 0,
image_path: req.body.selectedMedia.length > 0 ? selectedMedia.map((i) => i.src) : []
image: selectedMedia.length > 0,
image_path: selectedMedia.length > 0 ? selectedMedia.map((i) => i.src) : []
});
if (!to || !messagingServiceSid || (!body && selectedMedia.length === 0) || !conversationid) {
if (!to || !messagingServiceSid || (!body && selectedMedia.length === 0) || !conversationid || !bodyshopid) {
logger.log("sms-outbound-error", "ERROR", req.user.email, null, {
type: "missing-parameters",
messagingServiceSid,
@@ -39,14 +34,38 @@ const send = async (req, res) => {
conversationid,
isoutbound: true,
userid: req.user.email,
image: req.body.selectedMedia.length > 0,
image_path: req.body.selectedMedia.length > 0 ? selectedMedia.map((i) => i.src) : []
image: selectedMedia.length > 0,
image_path: selectedMedia.length > 0 ? selectedMedia.map((i) => i.src) : []
});
res.status(400).json({ success: false, message: "Missing required parameter(s)." });
return;
}
try {
// Check bodyshop's enforce_sms_consent setting
const bodyShopData = await getBodyshopFromRedis(bodyshopid);
const enforceConsent = bodyShopData?.enforce_sms_consent ?? false;
// Check consent only if enforcement is enabled
if (enforceConsent) {
const normalizedPhone = phone(to, "CA").phoneNumber.replace(/^\+1/, "");
const consentResponse = await gqlClient.request(GET_PHONE_NUMBER_CONSENT, {
bodyshopid,
phone_number: normalizedPhone
});
if (!consentResponse.phone_number_consent?.length || !consentResponse.phone_number_consent[0].consent_status) {
logger.log("sms-outbound-error", "ERROR", req.user.email, null, {
type: "no-consent",
phone_number: normalizedPhone,
conversationid
});
return res.status(403).json({
success: false,
message: "Phone number has not consented to messaging."
});
}
}
const message = await client.messages.create({
body,
messagingServiceSid,
@@ -60,8 +79,8 @@ const send = async (req, res) => {
conversationid,
isoutbound: true,
userid: req.user.email,
image: req.body.selectedMedia.length > 0,
image_path: req.body.selectedMedia.length > 0 ? selectedMedia.map((i) => i.src) : []
image: selectedMedia.length > 0,
image_path: selectedMedia.length > 0 ? selectedMedia.map((i) => i.src) : []
};
try {