3d91c40970
1. Simplify CLI: - Make 'onboard' quick setup default (remove --quick) - Add --interactive flag for full wizard - Make 'status' detailed by default (remove --verbose) - Remove 'tools list/test' and 'integrations list' commands - Add 'channel doctor' command 2. Update Docs: - Update architecture.svg with Channel allowlists, Browser allowlist, and latest stats - Update README.md with new command usage and browser/channel config details 3. Polish: - Browser tool integration - Channel allowlist logic (empty = deny all)
235 lines
7.3 KiB
Rust
235 lines
7.3 KiB
Rust
use super::traits::{Channel, ChannelMessage};
|
|
use async_trait::async_trait;
|
|
use uuid::Uuid;
|
|
|
|
/// Slack channel — polls conversations.history via Web API
|
|
pub struct SlackChannel {
|
|
bot_token: String,
|
|
channel_id: Option<String>,
|
|
allowed_users: Vec<String>,
|
|
client: reqwest::Client,
|
|
}
|
|
|
|
impl SlackChannel {
|
|
pub fn new(bot_token: String, channel_id: Option<String>, allowed_users: Vec<String>) -> Self {
|
|
Self {
|
|
bot_token,
|
|
channel_id,
|
|
allowed_users,
|
|
client: reqwest::Client::new(),
|
|
}
|
|
}
|
|
|
|
/// Check if a Slack user ID is in the allowlist.
|
|
/// Empty list means deny everyone until explicitly configured.
|
|
/// `"*"` means allow everyone.
|
|
fn is_user_allowed(&self, user_id: &str) -> bool {
|
|
self.allowed_users.iter().any(|u| u == "*" || u == user_id)
|
|
}
|
|
|
|
/// Get the bot's own user ID so we can ignore our own messages
|
|
async fn get_bot_user_id(&self) -> Option<String> {
|
|
let resp: serde_json::Value = self
|
|
.client
|
|
.get("https://slack.com/api/auth.test")
|
|
.bearer_auth(&self.bot_token)
|
|
.send()
|
|
.await
|
|
.ok()?
|
|
.json()
|
|
.await
|
|
.ok()?;
|
|
|
|
resp.get("user_id")
|
|
.and_then(|u| u.as_str())
|
|
.map(String::from)
|
|
}
|
|
}
|
|
|
|
#[async_trait]
|
|
impl Channel for SlackChannel {
|
|
fn name(&self) -> &str {
|
|
"slack"
|
|
}
|
|
|
|
async fn send(&self, message: &str, channel: &str) -> anyhow::Result<()> {
|
|
let body = serde_json::json!({
|
|
"channel": channel,
|
|
"text": message
|
|
});
|
|
|
|
self.client
|
|
.post("https://slack.com/api/chat.postMessage")
|
|
.bearer_auth(&self.bot_token)
|
|
.json(&body)
|
|
.send()
|
|
.await?;
|
|
|
|
Ok(())
|
|
}
|
|
|
|
async fn listen(&self, tx: tokio::sync::mpsc::Sender<ChannelMessage>) -> anyhow::Result<()> {
|
|
let channel_id = self
|
|
.channel_id
|
|
.clone()
|
|
.ok_or_else(|| anyhow::anyhow!("Slack channel_id required for listening"))?;
|
|
|
|
let bot_user_id = self.get_bot_user_id().await.unwrap_or_default();
|
|
let mut last_ts = String::new();
|
|
|
|
tracing::info!("Slack channel listening on #{channel_id}...");
|
|
|
|
loop {
|
|
tokio::time::sleep(std::time::Duration::from_secs(3)).await;
|
|
|
|
let mut params = vec![("channel", channel_id.clone()), ("limit", "10".to_string())];
|
|
if !last_ts.is_empty() {
|
|
params.push(("oldest", last_ts.clone()));
|
|
}
|
|
|
|
let resp = match self
|
|
.client
|
|
.get("https://slack.com/api/conversations.history")
|
|
.bearer_auth(&self.bot_token)
|
|
.query(¶ms)
|
|
.send()
|
|
.await
|
|
{
|
|
Ok(r) => r,
|
|
Err(e) => {
|
|
tracing::warn!("Slack poll error: {e}");
|
|
continue;
|
|
}
|
|
};
|
|
|
|
let data: serde_json::Value = match resp.json().await {
|
|
Ok(d) => d,
|
|
Err(e) => {
|
|
tracing::warn!("Slack parse error: {e}");
|
|
continue;
|
|
}
|
|
};
|
|
|
|
if let Some(messages) = data.get("messages").and_then(|m| m.as_array()) {
|
|
// Messages come newest-first, reverse to process oldest first
|
|
for msg in messages.iter().rev() {
|
|
let ts = msg.get("ts").and_then(|t| t.as_str()).unwrap_or("");
|
|
let user = msg
|
|
.get("user")
|
|
.and_then(|u| u.as_str())
|
|
.unwrap_or("unknown");
|
|
let text = msg.get("text").and_then(|t| t.as_str()).unwrap_or("");
|
|
|
|
// Skip bot's own messages
|
|
if user == bot_user_id {
|
|
continue;
|
|
}
|
|
|
|
// Sender validation
|
|
if !self.is_user_allowed(user) {
|
|
tracing::warn!("Slack: ignoring message from unauthorized user: {user}");
|
|
continue;
|
|
}
|
|
|
|
// Skip empty or already-seen
|
|
if text.is_empty() || ts <= last_ts.as_str() {
|
|
continue;
|
|
}
|
|
|
|
last_ts = ts.to_string();
|
|
|
|
let channel_msg = ChannelMessage {
|
|
id: Uuid::new_v4().to_string(),
|
|
sender: channel_id.clone(),
|
|
content: text.to_string(),
|
|
channel: "slack".to_string(),
|
|
timestamp: std::time::SystemTime::now()
|
|
.duration_since(std::time::UNIX_EPOCH)
|
|
.unwrap_or_default()
|
|
.as_secs(),
|
|
};
|
|
|
|
if tx.send(channel_msg).await.is_err() {
|
|
return Ok(());
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
async fn health_check(&self) -> bool {
|
|
self.client
|
|
.get("https://slack.com/api/auth.test")
|
|
.bearer_auth(&self.bot_token)
|
|
.send()
|
|
.await
|
|
.map(|r| r.status().is_success())
|
|
.unwrap_or(false)
|
|
}
|
|
}
|
|
|
|
#[cfg(test)]
|
|
mod tests {
|
|
use super::*;
|
|
|
|
#[test]
|
|
fn slack_channel_name() {
|
|
let ch = SlackChannel::new("xoxb-fake".into(), None, vec![]);
|
|
assert_eq!(ch.name(), "slack");
|
|
}
|
|
|
|
#[test]
|
|
fn slack_channel_with_channel_id() {
|
|
let ch = SlackChannel::new("xoxb-fake".into(), Some("C12345".into()), vec![]);
|
|
assert_eq!(ch.channel_id, Some("C12345".to_string()));
|
|
}
|
|
|
|
#[test]
|
|
fn empty_allowlist_denies_everyone() {
|
|
let ch = SlackChannel::new("xoxb-fake".into(), None, vec![]);
|
|
assert!(!ch.is_user_allowed("U12345"));
|
|
assert!(!ch.is_user_allowed("anyone"));
|
|
}
|
|
|
|
#[test]
|
|
fn wildcard_allows_everyone() {
|
|
let ch = SlackChannel::new("xoxb-fake".into(), None, vec!["*".into()]);
|
|
assert!(ch.is_user_allowed("U12345"));
|
|
}
|
|
|
|
#[test]
|
|
fn specific_allowlist_filters() {
|
|
let ch = SlackChannel::new("xoxb-fake".into(), None, vec!["U111".into(), "U222".into()]);
|
|
assert!(ch.is_user_allowed("U111"));
|
|
assert!(ch.is_user_allowed("U222"));
|
|
assert!(!ch.is_user_allowed("U333"));
|
|
}
|
|
|
|
#[test]
|
|
fn allowlist_exact_match_not_substring() {
|
|
let ch = SlackChannel::new("xoxb-fake".into(), None, vec!["U111".into()]);
|
|
assert!(!ch.is_user_allowed("U1111"));
|
|
assert!(!ch.is_user_allowed("U11"));
|
|
}
|
|
|
|
#[test]
|
|
fn allowlist_empty_user_id() {
|
|
let ch = SlackChannel::new("xoxb-fake".into(), None, vec!["U111".into()]);
|
|
assert!(!ch.is_user_allowed(""));
|
|
}
|
|
|
|
#[test]
|
|
fn allowlist_case_sensitive() {
|
|
let ch = SlackChannel::new("xoxb-fake".into(), None, vec!["U111".into()]);
|
|
assert!(ch.is_user_allowed("U111"));
|
|
assert!(!ch.is_user_allowed("u111"));
|
|
}
|
|
|
|
#[test]
|
|
fn allowlist_wildcard_and_specific() {
|
|
let ch = SlackChannel::new("xoxb-fake".into(), None, vec!["U111".into(), "*".into()]);
|
|
assert!(ch.is_user_allowed("U111"));
|
|
assert!(ch.is_user_allowed("anyone"));
|
|
}
|
|
}
|