Merge pull request #680 from Hexastack/feat/zod-validation-message

feat: zod validation message

api/package-lock.json

@@ -35,7 +35,6 @@
         "dotenv": "^16.3.1",
         "ejs": "^3.1.9",
         "express-session": "^1.17.3",
-        "joi": "^17.11.0",
         "module-alias": "^2.2.3",
         "mongoose": "^8.0.0",
         "mongoose-lean-defaults": "^2.2.1",
@@ -3646,19 +3645,6 @@
         "@nestjs/core": "^10.x"
       }
     },
-    "node_modules/@hapi/hoek": {
-      "version": "9.3.0",
-      "resolved": "https://registry.npmjs.org/@hapi/hoek/-/hoek-9.3.0.tgz",
-      "integrity": "sha512-/c6rf4UJlmHlC9b5BaNvzAcFv7HZ2QHaV0D4/HNlBdvFnvQq8RI4kYdhyPCl7Xj+oWvTWQ8ujhqS53LIgAe6KQ=="
-    },
-    "node_modules/@hapi/topo": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/@hapi/topo/-/topo-5.1.0.tgz",
-      "integrity": "sha512-foQZKJig7Ob0BMAYBfcJk8d77QtOe7Wo4ox7ff1lQYoNNAb6jwcY1ncdoy2e9wQZzvNy7ODZCYJkK8kzmcAnAg==",
-      "dependencies": {
-        "@hapi/hoek": "^9.0.0"
-      }
-    },
     "node_modules/@humanwhocodes/config-array": {
       "version": "0.11.13",
       "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.13.tgz",
@@ -5329,24 +5315,6 @@
         "url": "https://ko-fi.com/killymxi"
       }
     },
-    "node_modules/@sideway/address": {
-      "version": "4.1.4",
-      "resolved": "https://registry.npmjs.org/@sideway/address/-/address-4.1.4.tgz",
-      "integrity": "sha512-7vwq+rOHVWjyXxVlR76Agnvhy8I9rpzjosTESvmhNeXOXdZZB15Fl+TI9x1SiHZH5Jv2wTGduSxFDIaq0m3DUw==",
-      "dependencies": {
-        "@hapi/hoek": "^9.0.0"
-      }
-    },
-    "node_modules/@sideway/formula": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/@sideway/formula/-/formula-3.0.1.tgz",
-      "integrity": "sha512-/poHZJJVjx3L+zVD6g9KgHfYnb443oi7wLu/XKojDviHy6HOEOA6z1Trk5aR1dGcmPenJEgb2sK2I80LeS3MIg=="
-    },
-    "node_modules/@sideway/pinpoint": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/@sideway/pinpoint/-/pinpoint-2.0.0.tgz",
-      "integrity": "sha512-RNiOoTPkptFtSVzQevY/yWtZwf/RxyVnPy/OcA9HBM3MlGDnBEYL5B41H0MTn0Uec8Hi+2qUtTfG2WWZBmMejQ=="
-    },
     "node_modules/@sinclair/typebox": {
       "version": "0.27.8",
       "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz",
@@ -13186,18 +13154,6 @@
         "url": "https://github.com/chalk/supports-color?sponsor=1"
       }
     },
-    "node_modules/joi": {
-      "version": "17.11.0",
-      "resolved": "https://registry.npmjs.org/joi/-/joi-17.11.0.tgz",
-      "integrity": "sha512-NgB+lZLNoqISVy1rZocE9PZI36bL/77ie924Ri43yEvi9GUUMPeyVIr8KdFTMUlby1p0PBYMk9spIxEUQYqrJQ==",
-      "dependencies": {
-        "@hapi/hoek": "^9.0.0",
-        "@hapi/topo": "^5.0.0",
-        "@sideway/address": "^4.1.3",
-        "@sideway/formula": "^3.0.1",
-        "@sideway/pinpoint": "^2.0.0"
-      }
-    },
     "node_modules/js-stringify": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/js-stringify/-/js-stringify-1.0.2.tgz",

api/package.json

@@ -70,7 +70,6 @@
     "dotenv": "^16.3.1",
     "ejs": "^3.1.9",
     "express-session": "^1.17.3",
-    "joi": "^17.11.0",
     "module-alias": "^2.2.3",
     "mongoose": "^8.0.0",
     "mongoose-lean-defaults": "^2.2.1",

api/src/chat/schemas/types/message.ts

@@ -6,14 +6,24 @@
  * 2. All derivative works must include clear attribution to the original creator and software, Hexastack and Hexabot, in a prominent location (e.g., in the software's "About" section, documentation, and README file).
  */
 
+/*
+ * Copyright © 2025 Hexastack. All rights reserved.
+ *
+ * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms:
+ * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission.
+ * 2. All derivative works must include clear attribution to the original creator and software, Hexastack and Hexabot, in a prominent location (e.g., in the software's "About" section, documentation, and README file).
+ */
+
+import { z } from 'zod';
+
 import { PluginName } from '@/plugins/types';
 
 import { Message } from '../message.schema';
 
-import { AttachmentPayload } from './attachment';
+import { attachmentPayloadSchema } from './attachment';
-import { Button } from './button';
+import { buttonSchema } from './button';
-import { ContentOptions } from './options';
+import { contentOptionsSchema } from './options';
-import { StdQuickReply } from './quick-reply';
+import { QuickReplyType, stdQuickReplySchema } from './quick-reply';
 
 /**
  * StdEventType enum is declared, and currently not used
@@ -41,6 +51,10 @@ export enum IncomingMessageType {
   unknown = '',
 }
 
+export const incomingMessageType = z.nativeEnum(IncomingMessageType);
+
+export type IncomingMessageTypeLiteral = z.infer<typeof incomingMessageType>;
+
 export enum OutgoingMessageFormat {
   text = 'text',
   quickReplies = 'quickReplies',
@@ -50,6 +64,12 @@ export enum OutgoingMessageFormat {
   carousel = 'carousel',
 }
 
+export const outgoingMessageFormatSchema = z.nativeEnum(OutgoingMessageFormat);
+
+export type OutgoingMessageFormatLiteral = z.infer<
+  typeof outgoingMessageFormatSchema
+>;
+
 /**
  * FileType enum is declared, and currently not used
  **/
@@ -61,6 +81,10 @@ export enum FileType {
   unknown = 'unknown',
 }
 
+export const fileTypeSchema = z.nativeEnum(FileType);
+
+export type FileTypeLiteral = z.infer<typeof fileTypeSchema>;
+
 export enum PayloadType {
   location = 'location',
   attachments = 'attachments',
@@ -68,85 +92,151 @@ export enum PayloadType {
   button = 'button',
 }
 
-export type StdOutgoingTextMessage = { text: string };
+export const payloadTypeSchema = z.nativeEnum(PayloadType);
 
-export type StdOutgoingQuickRepliesMessage = {
+export type PayloadTypeLiteral = z.infer<typeof payloadTypeSchema>;
-  text: string;
-  quickReplies: StdQuickReply[];
-};
 
-export type StdOutgoingButtonsMessage = {
+export const stdOutgoingTextMessageSchema = z.object({
-  text: string;
+  text: z.string(),
-  buttons: Button[];
+});
-};
 
-export type ContentElement = { id: string; title: string } & Record<
+export type StdOutgoingTextMessage = z.infer<
-  string,
+  typeof stdOutgoingTextMessageSchema
-  any
 >;
 
-export type StdOutgoingListMessage = {
+export const stdOutgoingQuickRepliesMessageSchema = z.object({
-  options: ContentOptions;
+  text: z.string(),
-  elements: ContentElement[];
+  quickReplies: z.array(stdQuickReplySchema),
-  pagination: {
+});
-    total: number;
-    skip: number;
-    limit: number;
-  };
-};
 
-export type StdOutgoingAttachmentMessage = {
+export type StdOutgoingQuickRepliesMessage = z.infer<
-  // Stored in DB as `AttachmentPayload`, `Attachment` when populated for channels relaying
+  typeof stdOutgoingQuickRepliesMessageSchema
-  attachment: AttachmentPayload;
+>;
-  quickReplies?: StdQuickReply[];
-};
 
-export type StdPluginMessage = {
+export const stdOutgoingButtonsMessageSchema = z.object({
-  plugin: PluginName;
+  text: z.string(),
-  args: { [key: string]: any };
+  buttons: z.array(buttonSchema),
-};
+});
 
-export type BlockMessage =
+export type StdOutgoingButtonsMessage = z.infer<
-  | string[]
+  typeof stdOutgoingButtonsMessageSchema
-  | StdOutgoingTextMessage
+>;
-  | StdOutgoingQuickRepliesMessage
-  | StdOutgoingButtonsMessage
-  | StdOutgoingListMessage
-  | StdOutgoingAttachmentMessage
-  | StdPluginMessage;
 
-export type StdOutgoingMessage =
+export const contentElementSchema = z
-  | StdOutgoingTextMessage
+  .object({
-  | StdOutgoingQuickRepliesMessage
+    id: z.string(),
-  | StdOutgoingButtonsMessage
+    title: z.string(),
-  | StdOutgoingListMessage
+  })
-  | StdOutgoingAttachmentMessage;
+  .catchall(z.any());
 
-type StdIncomingTextMessage = { text: string };
+export type ContentElement = z.infer<typeof contentElementSchema>;
 
-export type StdIncomingPostBackMessage = StdIncomingTextMessage & {
+export const stdOutgoingListMessageSchema = z.object({
-  postback: string;
+  options: contentOptionsSchema,
-};
+  elements: z.array(contentElementSchema),
+  pagination: z.object({
+    total: z.number(),
+    skip: z.number(),
+    limit: z.number(),
+  }),
+});
 
-export type StdIncomingLocationMessage = {
+export type StdOutgoingListMessage = z.infer<
-  type: PayloadType.location;
+  typeof stdOutgoingListMessageSchema
-  coordinates: {
+>;
-    lat: number;
-    lon: number;
-  };
-};
 
-export type StdIncomingAttachmentMessage = {
+export const stdOutgoingAttachmentMessageSchema = z.object({
-  type: PayloadType.attachments;
+  attachment: attachmentPayloadSchema,
-  serialized_text: string;
+  quickReplies: z.array(stdQuickReplySchema).optional(),
-  attachment: AttachmentPayload | AttachmentPayload[];
+});
-};
 
-export type StdIncomingMessage =
+export type StdOutgoingAttachmentMessage = z.infer<
-  | StdIncomingTextMessage
+  typeof stdOutgoingAttachmentMessageSchema
-  | StdIncomingPostBackMessage
+>;
-  | StdIncomingLocationMessage
+
-  | StdIncomingAttachmentMessage;
+export const pluginNameSchema = z
+  .string()
+  .regex(/-plugin$/) as z.ZodType<PluginName>;
+
+export const stdPluginMessageSchema = z.object({
+  plugin: pluginNameSchema,
+  args: z.record(z.any()),
+});
+
+export type StdPluginMessage = z.infer<typeof stdPluginMessageSchema>;
+
+export const blockMessageSchema = z.union([
+  z.array(z.string()),
+  stdOutgoingTextMessageSchema,
+  stdOutgoingQuickRepliesMessageSchema,
+  stdOutgoingButtonsMessageSchema,
+  stdOutgoingListMessageSchema,
+  stdOutgoingAttachmentMessageSchema,
+  stdPluginMessageSchema,
+]);
+
+export type BlockMessage = z.infer<typeof blockMessageSchema>;
+
+export const StdOutgoingMessageSchema = z.union([
+  stdOutgoingTextMessageSchema,
+  stdOutgoingQuickRepliesMessageSchema,
+  stdOutgoingButtonsMessageSchema,
+  stdOutgoingListMessageSchema,
+  stdOutgoingAttachmentMessageSchema,
+]);
+
+export type StdOutgoingMessage = z.infer<typeof StdOutgoingMessageSchema>;
+
+export const stdIncomingTextMessageSchema = z.object({
+  text: z.string(),
+});
+
+export type StdIncomingTextMessage = z.infer<
+  typeof stdIncomingTextMessageSchema
+>;
+
+export const stdIncomingPostBackMessageSchema =
+  stdIncomingTextMessageSchema.extend({
+    postback: z.string(),
+  });
+
+export type StdIncomingPostBackMessage = z.infer<
+  typeof stdIncomingPostBackMessageSchema
+>;
+
+export const stdIncomingLocationMessageSchema = z.object({
+  type: z.literal(PayloadType.location),
+  coordinates: z.object({
+    lat: z.number(),
+    lon: z.number(),
+  }),
+});
+
+export type StdIncomingLocationMessage = z.infer<
+  typeof stdIncomingLocationMessageSchema
+>;
+
+export const stdIncomingAttachmentMessageSchema = z.object({
+  type: z.literal(PayloadType.attachments),
+  serialized_text: z.string(),
+  attachment: z.union([
+    attachmentPayloadSchema,
+    z.array(attachmentPayloadSchema),
+  ]),
+});
+
+export type StdIncomingAttachmentMessage = z.infer<
+  typeof stdIncomingAttachmentMessageSchema
+>;
+
+export const stdIncomingMessageSchema = z.union([
+  stdIncomingTextMessageSchema,
+  stdIncomingPostBackMessageSchema,
+  stdIncomingLocationMessageSchema,
+  stdIncomingAttachmentMessageSchema,
+]);
+
+export type StdIncomingMessage = z.infer<typeof stdIncomingMessageSchema>;
 
 export interface IncomingMessage extends Omit<Message, 'recipient' | 'sentBy'> {
   message: StdIncomingMessage;
@@ -162,34 +252,149 @@ export interface OutgoingMessage extends Omit<Message, 'sender'> {
 
 export type AnyMessage = IncomingMessage | OutgoingMessage;
 
-export interface StdOutgoingTextEnvelope {
+export const stdOutgoingTextEnvelopeSchema = z.object({
-  format: OutgoingMessageFormat.text;
+  format: z.literal(OutgoingMessageFormat.text),
-  message: StdOutgoingTextMessage;
+  message: stdOutgoingTextMessageSchema,
-}
+});
 
-export interface StdOutgoingQuickRepliesEnvelope {
+export type StdOutgoingTextEnvelope = z.infer<
-  format: OutgoingMessageFormat.quickReplies;
+  typeof stdOutgoingTextEnvelopeSchema
-  message: StdOutgoingQuickRepliesMessage;
+>;
-}
 
-export interface StdOutgoingButtonsEnvelope {
+export const stdOutgoingQuickRepliesEnvelopeSchema = z.object({
-  format: OutgoingMessageFormat.buttons;
+  format: z.literal(OutgoingMessageFormat.quickReplies),
-  message: StdOutgoingButtonsMessage;
+  message: stdOutgoingQuickRepliesMessageSchema,
-}
+});
 
-export interface StdOutgoingListEnvelope {
+export type StdOutgoingQuickRepliesEnvelope = z.infer<
-  format: OutgoingMessageFormat.list | OutgoingMessageFormat.carousel;
+  typeof stdOutgoingQuickRepliesEnvelopeSchema
-  message: StdOutgoingListMessage;
+>;
-}
 
-export interface StdOutgoingAttachmentEnvelope {
+export const stdOutgoingButtonsEnvelopeSchema = z.object({
-  format: OutgoingMessageFormat.attachment;
+  format: z.literal(OutgoingMessageFormat.buttons),
-  message: StdOutgoingAttachmentMessage;
+  message: stdOutgoingButtonsMessageSchema,
-}
+});
 
-export type StdOutgoingEnvelope =
+export type StdOutgoingButtonsEnvelope = z.infer<
-  | StdOutgoingTextEnvelope
+  typeof stdOutgoingButtonsEnvelopeSchema
-  | StdOutgoingQuickRepliesEnvelope
+>;
-  | StdOutgoingButtonsEnvelope
+
-  | StdOutgoingListEnvelope
+export const stdOutgoingListEnvelopeSchema = z.object({
-  | StdOutgoingAttachmentEnvelope;
+  format: z.enum(['list', 'carousel']),
+  message: stdOutgoingListMessageSchema,
+});
+
+export type StdOutgoingListEnvelope = z.infer<
+  typeof stdOutgoingListEnvelopeSchema
+>;
+
+export const stdOutgoingAttachmentEnvelopeSchema = z.object({
+  format: z.literal(OutgoingMessageFormat.attachment),
+  message: stdOutgoingAttachmentMessageSchema,
+});
+
+export type StdOutgoingAttachmentEnvelope = z.infer<
+  typeof stdOutgoingAttachmentEnvelopeSchema
+>;
+
+export const stdOutgoingEnvelopeSchema = z.union([
+  stdOutgoingTextEnvelopeSchema,
+  stdOutgoingQuickRepliesEnvelopeSchema,
+  stdOutgoingButtonsEnvelopeSchema,
+  stdOutgoingListEnvelopeSchema,
+  stdOutgoingAttachmentEnvelopeSchema,
+]);
+
+export type StdOutgoingEnvelope = z.infer<typeof stdOutgoingEnvelopeSchema>;
+
+// is-valid-message-text validation
+export const validMessageTextSchema = z.object({
+  message: z.string(),
+});
+
+// is-message validation
+const MESSAGE_REGEX = /^function \(context\) \{[^]+\}/;
+
+export const messageRegexSchema = z.string().regex(MESSAGE_REGEX);
+
+export const textSchema = z.array(z.string().max(1000));
+
+const quickReplySchema = z
+  .object({
+    content_type: z.nativeEnum(QuickReplyType),
+    title: z.string().max(20).optional(),
+    payload: z.string().max(1000).optional(),
+  })
+  .superRefine((data, ctx) => {
+    // When content_type is 'text', title and payload are required.
+    if (data.content_type === QuickReplyType.text) {
+      if (data.title == null) {
+        ctx.addIssue({
+          code: z.ZodIssueCode.custom,
+          message: "Title is required when content_type is 'text'",
+          path: ['title'],
+        });
+      }
+      if (data.payload == null) {
+        ctx.addIssue({
+          code: z.ZodIssueCode.custom,
+          message: "Payload is required when content_type is 'text'",
+          path: ['payload'],
+        });
+      }
+    }
+  });
+
+// pluginBlockMessageSchema in case of Plugin Block
+export const pluginBlockMessageSchema = z
+  .record(z.any())
+  .superRefine((data, ctx) => {
+    if (!('plugin' in data)) {
+      ctx.addIssue({
+        code: z.ZodIssueCode.custom,
+        message: "The object must contain the 'plugin' attribute",
+        path: ['plugin'],
+      });
+    }
+  });
+
+// textBlockMessageSchema in case of Text Block
+const textBlockMessageSchema = z.string().max(1000);
+
+const buttonMessageSchema = z.object({
+  text: z.string(),
+  buttons: z.array(buttonSchema).max(3),
+});
+
+// quickReplyMessageSchema in case of QuickReply Block
+const quickReplyMessageSchema = z.object({
+  text: z.string(),
+  quickReplies: z.array(quickReplySchema).max(11).optional(),
+});
+
+// listBlockMessageSchema in case of List Block
+const listBlockMessageSchema = z.object({
+  elements: z.boolean(),
+});
+
+// attachmentBlockMessageSchema in case of Attachment Block
+const attachmentBlockMessageSchema = z.object({
+  text: z.string().max(1000).optional(),
+  attachment: z.object({
+    type: z.nativeEnum(FileType),
+    payload: z.union([
+      z.object({ url: z.string().url() }),
+      z.object({ id: z.string().nullable() }),
+    ]),
+  }),
+});
+
+// BlockMessage Schema
+export const blockMessageObjectSchema = z.union([
+  pluginBlockMessageSchema,
+  textBlockMessageSchema,
+  buttonMessageSchema,
+  quickReplyMessageSchema,
+  listBlockMessageSchema,
+  attachmentBlockMessageSchema,
+]);

api/src/chat/schemas/types/options.ts

@@ -1,42 +1,46 @@
 /*
- * Copyright © 2024 Hexastack. All rights reserved.
+ * Copyright © 2025 Hexastack. All rights reserved.
  *
  * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms:
  * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission.
  * 2. All derivative works must include clear attribution to the original creator and software, Hexastack and Hexabot, in a prominent location (e.g., in the software's "About" section, documentation, and README file).
  */
 
-import { Button } from './button';
+import { z } from 'zod';
-import { OutgoingMessageFormat } from './message';
 
-export interface ContentOptions {
+import { buttonSchema } from './button';
-  display: OutgoingMessageFormat.list | OutgoingMessageFormat.carousel;
-  fields: {
-    title: string;
-    subtitle: string | null;
-    image_url: string | null;
-    url?: string;
-    action_title?: string;
-    action_payload?: string;
-  };
-  buttons: Button[];
-  limit: number;
-  query?: any; // Waterline model criteria
-  entity?: string | number; // ContentTypeID
-  top_element_style?: 'large' | 'compact';
-}
 
-export interface BlockOptions {
+export const contentOptionsSchema = z.object({
-  typing?: number;
+  display: z.enum(['list', 'carousel']),
-  // In case of carousel/list message
+  fields: z.object({
-  content?: ContentOptions;
+    title: z.string(),
-  // Only if the block has next blocks
+    subtitle: z.string().nullable(),
-  fallback?: {
+    image_url: z.string().nullable(),
-    active: boolean;
+    url: z.string().optional(),
-    message: string[];
+    action_title: z.string().optional(),
-    max_attempts: number;
+    action_payload: z.string().optional(),
-  };
+  }),
-  assignTo?: string;
+  buttons: z.array(buttonSchema),
-  // plugins effects
+  limit: z.number().finite(),
-  effects?: string[];
+  query: z.any().optional(),
-}
+  entity: z.union([z.string(), z.number().finite()]).optional(),
+  top_element_style: z.enum(['large', 'compact']).optional(),
+});
+
+export type ContentOptions = z.infer<typeof contentOptionsSchema>;
+
+export const BlockOptionsSchema = z.object({
+  typing: z.number().optional(),
+  content: contentOptionsSchema.optional(),
+  fallback: z
+    .object({
+      active: z.boolean(),
+      message: z.array(z.string()),
+      max_attempts: z.number().finite(),
+    })
+    .optional(),
+  assignTo: z.string().optional(),
+  effects: z.array(z.string()).optional(),
+});
+
+export type BlockOptions = z.infer<typeof BlockOptionsSchema>;

api/src/chat/schemas/types/quick-reply.ts

@@ -9,7 +9,6 @@
 import { z } from 'zod';
 
 import { attachmentPayloadSchema } from './attachment';
-import { PayloadType } from './message';
 
 export enum QuickReplyType {
   text = 'text',
@@ -25,11 +24,11 @@ export const cordinatesSchema = z.object({
 
 export const payloadSchema = z.discriminatedUnion('type', [
   z.object({
-    type: z.literal(PayloadType.location),
+    type: z.literal('location'),
     coordinates: cordinatesSchema,
   }),
   z.object({
-    type: z.literal(PayloadType.attachments),
+    type: z.literal('attachments'),
     attachment: attachmentPayloadSchema,
   }),
 ]);

api/src/chat/services/block.service.ts

@@ -17,7 +17,7 @@ import { I18nService } from '@/i18n/services/i18n.service';
 import { LanguageService } from '@/i18n/services/language.service';
 import { LoggerService } from '@/logger/logger.service';
 import { PluginService } from '@/plugins/plugins.service';
-import { PluginName, PluginType } from '@/plugins/types';
+import { PluginType } from '@/plugins/types';
 import { SettingService } from '@/setting/services/setting.service';
 import { BaseService } from '@/utils/generics/base-service';
 import { getRandom } from '@/utils/helpers/safeRandom';
@@ -568,7 +568,6 @@ export class BlockService extends BaseService<
           contentBlockOptions,
           skip,
         );
-
         const envelope: StdOutgoingEnvelope = {
           format: contentBlockOptions.display,
           message: {
@@ -576,7 +575,6 @@ export class BlockService extends BaseService<
             options: contentBlockOptions,
           },
         };
-
         return envelope;
       } catch (err) {
         this.logger.error(
@@ -588,7 +586,7 @@ export class BlockService extends BaseService<
     } else if (blockMessage && 'plugin' in blockMessage) {
       const plugin = this.pluginService.findPlugin(
         PluginType.block,
-        blockMessage.plugin as PluginName,
+        blockMessage.plugin,
       );
       // Process custom plugin block
       try {

api/src/chat/validation-rules/is-message.ts

@@ -12,103 +12,40 @@ import {
   ValidatorConstraint,
   ValidatorConstraintInterface,
 } from 'class-validator';
-import Joi from 'joi';
 
-import { BlockMessage } from '../schemas/types/message';
+import {
+  BlockMessage,
+  blockMessageObjectSchema,
+  messageRegexSchema,
+  textSchema,
+} from '../schemas/types/message';
 
+/* eslint-disable no-console */
 export function isValidMessage(msg: any) {
   if (typeof msg === 'string' && msg !== '') {
-    // Custom code
+    const result = messageRegexSchema.safeParse(msg);
-    const MESSAGE_REGEX = /^function \(context\) \{[^]+\}/;
+    if (!result.success) {
-    if (!MESSAGE_REGEX.test(msg)) {
+      console.error('Block Model: Invalid custom code.', result.error);
-      // eslint-disable-next-line
-      console.error('Block Model : Invalid custom code.', msg);
       return false;
-    } else {
-      return true;
     }
+    return true;
   } else if (Array.isArray(msg)) {
-    // Simple text message
+    const result = textSchema.safeParse(msg);
-    const textSchema = Joi.array().items(Joi.string().max(1000).required());
+    if (!result.success) {
-    const textCheck = textSchema.validate(msg);
+      console.error('Block Model: Invalid text message array.', result.error);
-    return !textCheck.error;
-  } else if (typeof msg === 'object') {
-    if ('plugin' in msg) {
-      return true;
-    } else {
-      const buttonsSchema = Joi.array().items(
-        Joi.object().keys({
-          type: Joi.string().valid('postback', 'web_url').required(),
-          title: Joi.string().max(20),
-          payload: Joi.alternatives().conditional('type', {
-            is: 'postback',
-            then: Joi.string().max(1000).required(),
-            otherwise: Joi.forbidden(),
-          }),
-          url: Joi.alternatives().conditional('type', {
-            is: 'web_url',
-            then: Joi.string().uri(),
-            otherwise: Joi.forbidden(),
-          }),
-          messenger_extensions: Joi.alternatives().conditional('type', {
-            is: 'web_url',
-            then: Joi.boolean(),
-            otherwise: Joi.forbidden(),
-          }),
-          webview_height_ratio: Joi.alternatives().conditional('type', {
-            is: 'web_url',
-            then: Joi.string().valid('compact', 'tall', 'full'),
-            otherwise: Joi.forbidden(),
-          }),
-        }),
-      );
-      // Attachment message
-      const objectSchema = Joi.object().keys({
-        text: Joi.string().max(1000),
-        attachment: Joi.object().keys({
-          type: Joi.string()
-            .valid('image', 'audio', 'video', 'file', 'unknown')
-            .required(),
-          payload: Joi.object().keys({
-            url: Joi.string().uri(),
-            id: Joi.string().allow(null),
-          }),
-        }),
-        elements: Joi.boolean(),
-        cards: Joi.object().keys({
-          default_action: buttonsSchema.max(1),
-          buttons: buttonsSchema.max(3),
-        }),
-        buttons: buttonsSchema.max(3),
-        quickReplies: Joi.array()
-          .items(
-            Joi.object().keys({
-              content_type: Joi.string()
-                .valid('text', 'location', 'user_phone_number', 'user_email')
-                .required(),
-              title: Joi.alternatives().conditional('content_type', {
-                is: 'text',
-                then: Joi.string().max(20).required(),
-              }),
-              payload: Joi.alternatives().conditional('content_type', {
-                is: 'text',
-                then: Joi.string().max(1000).required(),
-              }),
-            }),
-          )
-          .max(11),
-      });
-      const objectCheck = objectSchema.validate(msg);
-      if (objectCheck.error) {
-        // eslint-disable-next-line
-        console.log('Message validation failed! ', objectCheck);
-      }
-      return !objectCheck.error;
     }
-  } else {
+    return result.success;
-    return false;
+  } else if (typeof msg === 'object' && msg !== null) {
+    const result = blockMessageObjectSchema.safeParse(msg);
+    if (!result.success) {
+      console.error('Block Model: Object validation failed!', result.error);
+    }
+    return result.success;
   }
+  console.log('Validation reached default false');
+  return false;
 }
+/* eslint-enable no-console */
 
 @ValidatorConstraint({ async: false })
 export class MessageValidator implements ValidatorConstraintInterface {

api/src/chat/validation-rules/is-valid-message-text.ts

@@ -1,5 +1,5 @@
 /*
- * Copyright © 2024 Hexastack. All rights reserved.
+ * Copyright © 2025 Hexastack. All rights reserved.
  *
  * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms:
  * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission.
@@ -11,6 +11,7 @@ import { registerDecorator, ValidationOptions } from 'class-validator';
 import {
   StdIncomingMessage,
   StdOutgoingTextMessage,
+  validMessageTextSchema,
 } from '../schemas/types/message';
 
 export function IsValidMessageText(validationOptions?: ValidationOptions) {
@@ -21,7 +22,7 @@ export function IsValidMessageText(validationOptions?: ValidationOptions) {
       options: validationOptions,
       validator: {
         validate(message: StdOutgoingTextMessage | StdIncomingMessage) {
-          return !!(message as StdOutgoingTextMessage).text;
+          return validMessageTextSchema.safeParse(message).success;
         },
       },
     });