From f3f714ef8ff1e54783405fb03efdc9443905cad3 Mon Sep 17 00:00:00 2001
From: Gintautas Miselis <gintautas@miselis.lt>
Date: Wed, 3 Jul 2019 18:47:43 +0300
Subject: [PATCH] Don't add activity and reference fields to outgoing message
Previous activity check was incorrect and allowed falsy values to be added to channelData.
Reference fields weren't checked at all so they were sent to client.
---
packages/botkit/src/botworker.ts | 74 ++++++++++++++++++--------------
1 file changed, 42 insertions(+), 32 deletions(-)
diff --git a/packages/botkit/src/botworker.ts b/packages/botkit/src/botworker.ts
index 3bf7d580b..f338bbebc 100644
--- a/packages/botkit/src/botworker.ts
+++ b/packages/botkit/src/botworker.ts
@@ -300,45 +300,55 @@ export class BotWorker {
* @returns a properly formed Activity object
*/
public ensureMessageFormat(message: Partial<BotkitMessage> | string): Partial<Activity> {
- let activity: Partial<Activity> = {};
if (typeof (message) === 'string') {
- activity = {
+ return {
type: 'message',
text: message,
channelData: {}
};
- } else {
- // set up a base message activity
- activity = {
- type: message.type || 'message',
- text: message.text,
-
- attachmentLayout: message.attachmentLayout,
- attachments: message.attachments,
-
- suggestedActions: message.suggestedActions,
-
- speak: message.speak,
- inputHint: message.inputHint,
- summary: message.summary,
- textFormat: message.textFormat,
- importance: message.importance,
- deliveryMode: message.deliveryMode,
- expiration: message.expiration,
- value: message.value,
- channelData: {
- ...message.channelData
- }
- };
+ }
- // Now, copy any additional fields not in the activity into channelData
- // This way, any fields added by the developer to the root object
- // end up in the approved channelData location.
- for (var key in message) {
- if (key !== 'channelData' && !activity[key]) {
- activity.channelData[key] = message[key];
- }
+ // set up a base message activity
+ const activity = {
+ type: message.type || 'message',
+ text: message.text,
+
+ attachmentLayout: message.attachmentLayout,
+ attachments: message.attachments,
+
+ suggestedActions: message.suggestedActions,
+
+ speak: message.speak,
+ inputHint: message.inputHint,
+ summary: message.summary,
+ textFormat: message.textFormat,
+ importance: message.importance,
+ deliveryMode: message.deliveryMode,
+ expiration: message.expiration,
+ value: message.value,
+ channelData: {
+ ...message.channelData
+ }
+ };
+
+ const internalFields = [
+ 'channelData',
+ 'channelId',
+ 'serviceUrl',
+ 'conversation',
+ 'from',
+ 'recipient',
+ 'replyToId'
+ ];
+
+ // Now, copy any additional fields not in the activity into channelData
+ // This way, any fields added by the developer to the root object
+ // end up in the approved channelData location.
+ for (const key in message) {
+ // Don't copy activity and reference fields
+ if (!activity.hasOwnProperty(key) && internalFields.indexOf(key) === -1) {
+ activity.channelData[key] = message[key];
}
}
return activity;