Initial commit: Add logistics and order_detail message types

- Add Logistics component with progress tracking
- Add OrderDetail component for order information
- Support data-driven steps and actions
- Add blue color scale to widget SCSS
- Fix node overflow and progress bar rendering issues
- Add English translations for dashboard components

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

app/models/channel/api.rb

@@ -0,0 +1,44 @@
+# == Schema Information
+#
+# Table name: channel_api
+#
+#  id                    :bigint           not null, primary key
+#  additional_attributes :jsonb
+#  hmac_mandatory        :boolean          default(FALSE)
+#  hmac_token            :string
+#  identifier            :string
+#  webhook_url           :string
+#  created_at            :datetime         not null
+#  updated_at            :datetime         not null
+#  account_id            :integer          not null
+#
+# Indexes
+#
+#  index_channel_api_on_hmac_token  (hmac_token) UNIQUE
+#  index_channel_api_on_identifier  (identifier) UNIQUE
+#
+
+class Channel::Api < ApplicationRecord
+  include Channelable
+
+  self.table_name = 'channel_api'
+  EDITABLE_ATTRS = [:webhook_url, :hmac_mandatory, { additional_attributes: {} }].freeze
+
+  has_secure_token :identifier
+  has_secure_token :hmac_token
+  validate :ensure_valid_agent_reply_time_window
+  validates :webhook_url, length: { maximum: Limits::URL_LENGTH_LIMIT }
+
+  def name
+    'API'
+  end
+
+  private
+
+  def ensure_valid_agent_reply_time_window
+    return if additional_attributes['agent_reply_time_window'].blank?
+    return if additional_attributes['agent_reply_time_window'].to_i.positive?
+
+    errors.add(:agent_reply_time_window, 'agent_reply_time_window must be greater than 0')
+  end
+end

app/models/channel/email.rb

@@ -0,0 +1,80 @@
+# == Schema Information
+#
+# Table name: channel_email
+#
+#  id                        :bigint           not null, primary key
+#  email                     :string           not null
+#  forward_to_email          :string           not null
+#  imap_address              :string           default("")
+#  imap_enable_ssl           :boolean          default(TRUE)
+#  imap_enabled              :boolean          default(FALSE)
+#  imap_login                :string           default("")
+#  imap_password             :string           default("")
+#  imap_port                 :integer          default(0)
+#  provider                  :string
+#  provider_config           :jsonb
+#  smtp_address              :string           default("")
+#  smtp_authentication       :string           default("login")
+#  smtp_domain               :string           default("")
+#  smtp_enable_ssl_tls       :boolean          default(FALSE)
+#  smtp_enable_starttls_auto :boolean          default(TRUE)
+#  smtp_enabled              :boolean          default(FALSE)
+#  smtp_login                :string           default("")
+#  smtp_openssl_verify_mode  :string           default("none")
+#  smtp_password             :string           default("")
+#  smtp_port                 :integer          default(0)
+#  verified_for_sending      :boolean          default(FALSE), not null
+#  created_at                :datetime         not null
+#  updated_at                :datetime         not null
+#  account_id                :integer          not null
+#
+# Indexes
+#
+#  index_channel_email_on_email             (email) UNIQUE
+#  index_channel_email_on_forward_to_email  (forward_to_email) UNIQUE
+#
+
+class Channel::Email < ApplicationRecord
+  include Channelable
+  include Reauthorizable
+
+  AUTHORIZATION_ERROR_THRESHOLD = 10
+
+  # TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
+  if Chatwoot.encryption_configured?
+    encrypts :imap_password
+    encrypts :smtp_password
+  end
+
+  self.table_name = 'channel_email'
+  EDITABLE_ATTRS = [:email, :imap_enabled, :imap_login, :imap_password, :imap_address, :imap_port, :imap_enable_ssl,
+                    :smtp_enabled, :smtp_login, :smtp_password, :smtp_address, :smtp_port, :smtp_domain, :smtp_enable_starttls_auto,
+                    :smtp_enable_ssl_tls, :smtp_openssl_verify_mode, :smtp_authentication, :provider, :verified_for_sending].freeze
+
+  validates :email, uniqueness: true
+  validates :forward_to_email, uniqueness: true
+
+  before_validation :ensure_forward_to_email, on: :create
+
+  def name
+    'Email'
+  end
+
+  def microsoft?
+    provider == 'microsoft'
+  end
+
+  def google?
+    provider == 'google'
+  end
+
+  def legacy_google?
+    imap_enabled && imap_address == 'imap.gmail.com'
+  end
+
+  private
+
+  def ensure_forward_to_email
+    self.forward_to_email ||= "#{SecureRandom.hex}@#{account.inbound_email_domain}"
+  end
+end

app/models/channel/facebook_page.rb

@@ -0,0 +1,68 @@
+# == Schema Information
+#
+# Table name: channel_facebook_pages
+#
+#  id                :integer          not null, primary key
+#  page_access_token :string           not null
+#  user_access_token :string           not null
+#  created_at        :datetime         not null
+#  updated_at        :datetime         not null
+#  account_id        :integer          not null
+#  instagram_id      :string
+#  page_id           :string           not null
+#
+# Indexes
+#
+#  index_channel_facebook_pages_on_page_id                 (page_id)
+#  index_channel_facebook_pages_on_page_id_and_account_id  (page_id,account_id) UNIQUE
+#
+
+class Channel::FacebookPage < ApplicationRecord
+  include Channelable
+  include Reauthorizable
+
+  # TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
+  if Chatwoot.encryption_configured?
+    encrypts :page_access_token
+    encrypts :user_access_token
+  end
+
+  self.table_name = 'channel_facebook_pages'
+
+  validates :page_id, uniqueness: { scope: :account_id }
+
+  after_create_commit :subscribe
+  before_destroy :unsubscribe
+
+  def name
+    'Facebook'
+  end
+
+  def create_contact_inbox(instagram_id, name)
+    @contact_inbox = ::ContactInboxWithContactBuilder.new({
+                                                            source_id: instagram_id,
+                                                            inbox: inbox,
+                                                            contact_attributes: { name: name }
+                                                          }).perform
+  end
+
+  def subscribe
+    # ref https://developers.facebook.com/docs/messenger-platform/reference/webhook-events
+    Facebook::Messenger::Subscriptions.subscribe(
+      access_token: page_access_token,
+      subscribed_fields: %w[
+        messages message_deliveries message_echoes message_reads standby messaging_handovers
+      ]
+    )
+  rescue StandardError => e
+    Rails.logger.debug { "Rescued: #{e.inspect}" }
+    true
+  end
+
+  def unsubscribe
+    Facebook::Messenger::Subscriptions.unsubscribe(access_token: page_access_token)
+  rescue StandardError => e
+    Rails.logger.debug { "Rescued: #{e.inspect}" }
+    true
+  end
+end

app/models/channel/instagram.rb

@@ -0,0 +1,75 @@
+# == Schema Information
+#
+# Table name: channel_instagram
+#
+#  id           :bigint           not null, primary key
+#  access_token :string           not null
+#  expires_at   :datetime         not null
+#  created_at   :datetime         not null
+#  updated_at   :datetime         not null
+#  account_id   :integer          not null
+#  instagram_id :string           not null
+#
+# Indexes
+#
+#  index_channel_instagram_on_instagram_id  (instagram_id) UNIQUE
+#
+class Channel::Instagram < ApplicationRecord
+  include Channelable
+  include Reauthorizable
+  self.table_name = 'channel_instagram'
+
+  # TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
+  encrypts :access_token if Chatwoot.encryption_configured?
+
+  AUTHORIZATION_ERROR_THRESHOLD = 1
+
+  validates :access_token, presence: true
+  validates :instagram_id, uniqueness: true, presence: true
+
+  after_create_commit :subscribe
+  before_destroy :unsubscribe
+
+  def name
+    'Instagram'
+  end
+
+  def create_contact_inbox(instagram_id, name)
+    @contact_inbox = ::ContactInboxWithContactBuilder.new({
+                                                            source_id: instagram_id,
+                                                            inbox: inbox,
+                                                            contact_attributes: { name: name }
+                                                          }).perform
+  end
+
+  def subscribe
+    # ref https://developers.facebook.com/docs/instagram-platform/webhooks#enable-subscriptions
+    HTTParty.post(
+      "https://graph.instagram.com/v22.0/#{instagram_id}/subscribed_apps",
+      query: {
+        subscribed_fields: %w[messages message_reactions messaging_seen],
+        access_token: access_token
+      }
+    )
+  rescue StandardError => e
+    Rails.logger.debug { "Rescued: #{e.inspect}" }
+    true
+  end
+
+  def unsubscribe
+    HTTParty.delete(
+      "https://graph.instagram.com/v22.0/#{instagram_id}/subscribed_apps",
+      query: {
+        access_token: access_token
+      }
+    )
+    true
+  rescue StandardError => e
+    Rails.logger.debug { "Rescued: #{e.inspect}" }
+    true
+  end
+
+  def access_token
+    Instagram::RefreshOauthTokenService.new(channel: self).access_token
+  end
+end

app/models/channel/line.rb

@@ -0,0 +1,47 @@
+# == Schema Information
+#
+# Table name: channel_line
+#
+#  id                  :bigint           not null, primary key
+#  line_channel_secret :string           not null
+#  line_channel_token  :string           not null
+#  created_at          :datetime         not null
+#  updated_at          :datetime         not null
+#  account_id          :integer          not null
+#  line_channel_id     :string           not null
+#
+# Indexes
+#
+#  index_channel_line_on_line_channel_id  (line_channel_id) UNIQUE
+#
+
+class Channel::Line < ApplicationRecord
+  include Channelable
+
+  # TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
+  if Chatwoot.encryption_configured?
+    encrypts :line_channel_secret
+    encrypts :line_channel_token
+  end
+
+  self.table_name = 'channel_line'
+  EDITABLE_ATTRS = [:line_channel_id, :line_channel_secret, :line_channel_token].freeze
+
+  validates :line_channel_id, uniqueness: true, presence: true
+  validates :line_channel_secret, presence: true
+  validates :line_channel_token, presence: true
+
+  def name
+    'LINE'
+  end
+
+  def client
+    @client ||= Line::Bot::Client.new do |config|
+      config.channel_id = line_channel_id
+      config.channel_secret = line_channel_secret
+      config.channel_token = line_channel_token
+      # Skip SSL verification in development to avoid certificate issues
+      config.http_options = { verify_mode: OpenSSL::SSL::VERIFY_NONE } if Rails.env.development?
+    end
+  end
+end

app/models/channel/sms.rb

@@ -0,0 +1,99 @@
+# == Schema Information
+#
+# Table name: channel_sms
+#
+#  id              :bigint           not null, primary key
+#  phone_number    :string           not null
+#  provider        :string           default("default")
+#  provider_config :jsonb
+#  created_at      :datetime         not null
+#  updated_at      :datetime         not null
+#  account_id      :integer          not null
+#
+# Indexes
+#
+#  index_channel_sms_on_phone_number  (phone_number) UNIQUE
+#
+
+class Channel::Sms < ApplicationRecord
+  include Channelable
+
+  self.table_name = 'channel_sms'
+  EDITABLE_ATTRS = [:phone_number, { provider_config: {} }].freeze
+
+  validates :phone_number, presence: true, uniqueness: true
+  # before_save :validate_provider_config
+
+  def name
+    'Sms'
+  end
+
+  # all this should happen in provider service . but hack mode on
+  def api_base_path
+    'https://messaging.bandwidth.com/api/v2'
+  end
+
+  def send_message(contact_number, message)
+    body = message_body(contact_number, message.outgoing_content)
+    body['media'] = message.attachments.map(&:download_url) if message.attachments.present?
+
+    send_to_bandwidth(body, message)
+  end
+
+  def send_text_message(contact_number, message_content)
+    body = message_body(contact_number, message_content)
+    send_to_bandwidth(body)
+  end
+
+  private
+
+  def message_body(contact_number, message_content)
+    {
+      'to' => contact_number,
+      'from' => phone_number,
+      'text' => message_content,
+      'applicationId' => provider_config['application_id']
+    }
+  end
+
+  def send_to_bandwidth(body, message = nil)
+    response = HTTParty.post(
+      "#{api_base_path}/users/#{provider_config['account_id']}/messages",
+      basic_auth: bandwidth_auth,
+      headers: { 'Content-Type' => 'application/json' },
+      body: body.to_json
+    )
+
+    if response.success?
+      response.parsed_response['id']
+    else
+      handle_error(response, message)
+      nil
+    end
+  end
+
+  def handle_error(response, message)
+    Rails.logger.error("[#{account_id}] Error sending SMS: #{response.parsed_response['description']}")
+    return if message.blank?
+
+    # https://dev.bandwidth.com/apis/messaging-apis/messaging/#tag/Messages/operation/createMessage
+    message.external_error = response.parsed_response['description']
+    message.status = :failed
+    message.save!
+  end
+
+  def bandwidth_auth
+    { username: provider_config['api_key'], password: provider_config['api_secret'] }
+  end
+
+  # Extract later into provider Service
+  # let's revisit later
+  def validate_provider_config
+    response = HTTParty.post(
+      "#{api_base_path}/users/#{provider_config['account_id']}/messages",
+      basic_auth: bandwidth_auth,
+      headers: { 'Content-Type': 'application/json' }
+    )
+    errors.add(:provider_config, 'error setting up') unless response.success?
+  end
+end

app/models/channel/telegram.rb

@@ -0,0 +1,171 @@
+# == Schema Information
+#
+# Table name: channel_telegram
+#
+#  id         :bigint           not null, primary key
+#  bot_name   :string
+#  bot_token  :string           not null
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  account_id :integer          not null
+#
+# Indexes
+#
+#  index_channel_telegram_on_bot_token  (bot_token) UNIQUE
+#
+
+class Channel::Telegram < ApplicationRecord
+  include Channelable
+
+  # TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
+  encrypts :bot_token, deterministic: true if Chatwoot.encryption_configured?
+
+  self.table_name = 'channel_telegram'
+  EDITABLE_ATTRS = [:bot_token].freeze
+
+  before_validation :ensure_valid_bot_token, on: :create
+  validates :bot_token, presence: true, uniqueness: true
+  before_save :setup_telegram_webhook
+
+  def name
+    'Telegram'
+  end
+
+  def telegram_api_url
+    "https://api.telegram.org/bot#{bot_token}"
+  end
+
+  def send_message_on_telegram(message)
+    message_id = send_message(message) if message.outgoing_content.present?
+    message_id = Telegram::SendAttachmentsService.new(message: message).perform if message.attachments.present?
+    message_id
+  end
+
+  def get_telegram_profile_image(user_id)
+    # get profile image from telegram
+    response = HTTParty.get("#{telegram_api_url}/getUserProfilePhotos", query: { user_id: user_id })
+    return nil unless response.success?
+
+    photos = response.parsed_response.dig('result', 'photos')
+    return if photos.blank?
+
+    get_telegram_file_path(photos.first.last['file_id'])
+  end
+
+  def get_telegram_file_path(file_id)
+    response = HTTParty.get("#{telegram_api_url}/getFile", query: { file_id: file_id })
+    return nil unless response.success?
+
+    "https://api.telegram.org/file/bot#{bot_token}/#{response.parsed_response['result']['file_path']}"
+  end
+
+  def process_error(message, response)
+    return unless response.parsed_response['ok'] == false
+
+    # https://github.com/TelegramBotAPI/errors/tree/master/json
+    message.external_error = "#{response.parsed_response['error_code']}, #{response.parsed_response['description']}"
+    message.status = :failed
+    message.save!
+  end
+
+  def chat_id(message)
+    message.conversation[:additional_attributes]['chat_id']
+  end
+
+  def business_connection_id(message)
+    message.conversation[:additional_attributes]['business_connection_id']
+  end
+
+  def reply_to_message_id(message)
+    message.content_attributes['in_reply_to_external_id']
+  end
+
+  private
+
+  def ensure_valid_bot_token
+    response = HTTParty.get("#{telegram_api_url}/getMe")
+    unless response.success?
+      errors.add(:bot_token, 'invalid token')
+      return
+    end
+
+    self.bot_name = response.parsed_response['result']['username']
+  end
+
+  def setup_telegram_webhook
+    HTTParty.post("#{telegram_api_url}/deleteWebhook")
+    response = HTTParty.post("#{telegram_api_url}/setWebhook",
+                             body: {
+                               url: "#{ENV.fetch('FRONTEND_URL', nil)}/webhooks/telegram/#{bot_token}"
+                             })
+    errors.add(:bot_token, 'error setting up the webook') unless response.success?
+  end
+
+  def send_message(message)
+    response = message_request(
+      chat_id(message),
+      message.outgoing_content,
+      reply_markup(message),
+      reply_to_message_id(message),
+      business_connection_id: business_connection_id(message)
+    )
+    process_error(message, response)
+    response.parsed_response['result']['message_id'] if response.success?
+  end
+
+  def reply_markup(message)
+    return unless message.content_type == 'input_select'
+
+    {
+      one_time_keyboard: true,
+      inline_keyboard: message.content_attributes['items'].map do |item|
+        [{
+          text: item['title'],
+          callback_data: item['value']
+        }]
+      end
+    }.to_json
+  end
+
+  def convert_markdown_to_telegram_html(text)
+    # ref: https://core.telegram.org/bots/api#html-style
+
+    # Escape HTML entities first to prevent HTML injection
+    # This ensures only markdown syntax is converted, not raw HTML
+    escaped_text = CGI.escapeHTML(text)
+
+    # Parse markdown with extensions:
+    # - strikethrough: support ~~text~~
+    # - hardbreaks: preserve all newlines as <br>
+    html = CommonMarker.render_html(escaped_text, [:HARDBREAKS], [:strikethrough]).strip
+
+    # Convert paragraph breaks to double newlines to preserve them
+    # CommonMarker creates <p> tags for paragraph breaks, but Telegram doesn't support <p>
+    html_with_breaks = html.gsub(%r{</p>\s*<p>}, "\n\n")
+
+    # Remove opening and closing <p> tags
+    html_with_breaks = html_with_breaks.gsub(%r{</?p>}, '')
+
+    # Sanitize to only allowed tags
+    stripped_html = Rails::HTML5::SafeListSanitizer.new.sanitize(html_with_breaks, tags: %w[b strong i em u ins s strike del a code pre blockquote],
+                                                                                   attributes: %w[href])
+
+    # Convert <br /> tags to newlines for Telegram
+    stripped_html.gsub(%r{<br\s*/?>}, "\n")
+  end
+
+  def message_request(chat_id, text, reply_markup = nil, reply_to_message_id = nil, business_connection_id: nil)
+    # text is already converted to HTML by MessageContentPresenter
+    business_body = {}
+    business_body[:business_connection_id] = business_connection_id if business_connection_id
+
+    HTTParty.post("#{telegram_api_url}/sendMessage",
+                  body: {
+                    chat_id: chat_id,
+                    text: text,
+                    reply_markup: reply_markup,
+                    parse_mode: 'HTML',
+                    reply_to_message_id: reply_to_message_id
+                  }.merge(business_body))
+  end
+end

app/models/channel/tiktok.rb

@@ -0,0 +1,45 @@
+# == Schema Information
+#
+# Table name: channel_tiktok
+#
+#  id                       :bigint           not null, primary key
+#  access_token             :string           not null
+#  expires_at               :datetime         not null
+#  refresh_token            :string           not null
+#  refresh_token_expires_at :datetime         not null
+#  created_at               :datetime         not null
+#  updated_at               :datetime         not null
+#  account_id               :integer          not null
+#  business_id              :string           not null
+#
+# Indexes
+#
+#  index_channel_tiktok_on_business_id  (business_id) UNIQUE
+#
+class Channel::Tiktok < ApplicationRecord
+  include Channelable
+  include Reauthorizable
+  self.table_name = 'channel_tiktok'
+
+  # TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
+  if Chatwoot.encryption_configured?
+    encrypts :access_token
+    encrypts :refresh_token
+  end
+
+  AUTHORIZATION_ERROR_THRESHOLD = 1
+
+  validates :business_id, uniqueness: true, presence: true
+  validates :access_token, presence: true
+  validates :refresh_token, presence: true
+  validates :expires_at, presence: true
+  validates :refresh_token_expires_at, presence: true
+
+  def name
+    'Tiktok'
+  end
+
+  def validated_access_token
+    Tiktok::TokenService.new(channel: self).access_token
+  end
+end

app/models/channel/twilio_sms.rb

@@ -0,0 +1,78 @@
+# == Schema Information
+#
+# Table name: channel_twilio_sms
+#
+#  id                             :bigint           not null, primary key
+#  account_sid                    :string           not null
+#  api_key_sid                    :string
+#  auth_token                     :string           not null
+#  content_templates              :jsonb
+#  content_templates_last_updated :datetime
+#  medium                         :integer          default("sms")
+#  messaging_service_sid          :string
+#  phone_number                   :string
+#  created_at                     :datetime         not null
+#  updated_at                     :datetime         not null
+#  account_id                     :integer          not null
+#
+# Indexes
+#
+#  index_channel_twilio_sms_on_account_sid_and_phone_number  (account_sid,phone_number) UNIQUE
+#  index_channel_twilio_sms_on_messaging_service_sid         (messaging_service_sid) UNIQUE
+#  index_channel_twilio_sms_on_phone_number                  (phone_number) UNIQUE
+#
+
+class Channel::TwilioSms < ApplicationRecord
+  include Channelable
+  include Rails.application.routes.url_helpers
+
+  self.table_name = 'channel_twilio_sms'
+
+  # TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
+  encrypts :auth_token if Chatwoot.encryption_configured?
+
+  validates :account_sid, presence: true
+  # The same parameter is used to store api_key_secret if api_key authentication is opted
+  validates :auth_token, presence: true
+
+  EDITABLE_ATTRS = [
+    :account_sid,
+    :auth_token
+  ].freeze
+
+  # Must have _one_ of messaging_service_sid _or_ phone_number, and messaging_service_sid is preferred
+  validates :messaging_service_sid, uniqueness: true, presence: true, unless: :phone_number?
+  validates :phone_number, absence: true, if: :messaging_service_sid?
+  validates :phone_number, uniqueness: true, allow_nil: true
+
+  enum medium: { sms: 0, whatsapp: 1 }
+
+  def name
+    medium == 'sms' ? 'Twilio SMS' : 'Whatsapp'
+  end
+
+  def send_message(to:, body:, media_url: nil)
+    params = send_message_from.merge(to: to, body: body)
+    params[:media_url] = media_url if media_url.present?
+    params[:status_callback] = twilio_delivery_status_index_url
+    client.messages.create(**params)
+  end
+
+  private
+
+  def client
+    if api_key_sid.present?
+      Twilio::REST::Client.new(api_key_sid, auth_token, account_sid)
+    else
+      Twilio::REST::Client.new(account_sid, auth_token)
+    end
+  end
+
+  def send_message_from
+    if messaging_service_sid?
+      { messaging_service_sid: messaging_service_sid }
+    else
+      { from: phone_number }
+    end
+  end
+end

app/models/channel/twitter_profile.rb

@@ -0,0 +1,68 @@
+# == Schema Information
+#
+# Table name: channel_twitter_profiles
+#
+#  id                          :bigint           not null, primary key
+#  tweets_enabled              :boolean          default(TRUE)
+#  twitter_access_token        :string           not null
+#  twitter_access_token_secret :string           not null
+#  created_at                  :datetime         not null
+#  updated_at                  :datetime         not null
+#  account_id                  :integer          not null
+#  profile_id                  :string           not null
+#
+# Indexes
+#
+#  index_channel_twitter_profiles_on_account_id_and_profile_id  (account_id,profile_id) UNIQUE
+#
+
+class Channel::TwitterProfile < ApplicationRecord
+  include Channelable
+
+  # TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
+  if Chatwoot.encryption_configured?
+    encrypts :twitter_access_token
+    encrypts :twitter_access_token_secret
+  end
+
+  self.table_name = 'channel_twitter_profiles'
+
+  validates :profile_id, uniqueness: { scope: :account_id }
+
+  before_destroy :unsubscribe
+
+  EDITABLE_ATTRS = [:tweets_enabled].freeze
+
+  def name
+    'Twitter'
+  end
+
+  def create_contact_inbox(profile_id, name, additional_attributes)
+    ::ContactInboxWithContactBuilder.new({
+                                           source_id: profile_id,
+                                           inbox: inbox,
+                                           contact_attributes: { name: name, additional_attributes: additional_attributes }
+                                         }).perform
+  end
+
+  def twitter_client
+    Twitty::Facade.new do |config|
+      config.consumer_key = ENV.fetch('TWITTER_CONSUMER_KEY', nil)
+      config.consumer_secret = ENV.fetch('TWITTER_CONSUMER_SECRET', nil)
+      config.access_token = twitter_access_token
+      config.access_token_secret = twitter_access_token_secret
+      config.base_url = 'https://api.twitter.com'
+      config.environment = ENV.fetch('TWITTER_ENVIRONMENT', '')
+    end
+  end
+
+  private
+
+  def unsubscribe
+    ### Fix unsubscription with new endpoint
+    unsubscribe_response = twitter_client.remove_subscription(user_id: profile_id)
+    Rails.logger.info "TWITTER_UNSUBSCRIBE: #{unsubscribe_response.body}"
+  rescue StandardError => e
+    Rails.logger.error e
+  end
+end

app/models/channel/web_widget.rb

@@ -0,0 +1,108 @@
+# == Schema Information
+#
+# Table name: channel_web_widgets
+#
+#  id                    :integer          not null, primary key
+#  allowed_domains       :text             default("")
+#  continuity_via_email  :boolean          default(TRUE), not null
+#  feature_flags         :integer          default(7), not null
+#  hmac_mandatory        :boolean          default(FALSE)
+#  hmac_token            :string
+#  pre_chat_form_enabled :boolean          default(FALSE)
+#  pre_chat_form_options :jsonb
+#  reply_time            :integer          default("in_a_few_minutes")
+#  website_token         :string
+#  website_url           :string
+#  welcome_tagline       :string
+#  welcome_title         :string
+#  widget_color          :string           default("#1f93ff")
+#  created_at            :datetime         not null
+#  updated_at            :datetime         not null
+#  account_id            :integer
+#
+# Indexes
+#
+#  index_channel_web_widgets_on_hmac_token     (hmac_token) UNIQUE
+#  index_channel_web_widgets_on_website_token  (website_token) UNIQUE
+#
+
+class Channel::WebWidget < ApplicationRecord
+  include Channelable
+  include FlagShihTzu
+
+  self.table_name = 'channel_web_widgets'
+  EDITABLE_ATTRS = [:website_url, :widget_color, :welcome_title, :welcome_tagline, :reply_time, :pre_chat_form_enabled,
+                    :continuity_via_email, :hmac_mandatory, :allowed_domains,
+                    { pre_chat_form_options: [:pre_chat_message, :require_email,
+                                              { pre_chat_fields:
+                                                [:field_type, :label, :placeholder, :name, :enabled, :type, :enabled, :required,
+                                                 :locale, { values: [] }, :regex_pattern, :regex_cue] }] },
+                    { selected_feature_flags: [] }].freeze
+
+  before_validation :validate_pre_chat_options
+  validates :website_url, presence: true
+  validates :widget_color, presence: true
+  has_many :portals, foreign_key: 'channel_web_widget_id', dependent: :nullify, inverse_of: :channel_web_widget
+
+  has_secure_token :website_token
+  has_secure_token :hmac_token
+
+  has_flags 1 => :attachments,
+            2 => :emoji_picker,
+            3 => :end_conversation,
+            4 => :use_inbox_avatar_for_bot,
+            :column => 'feature_flags',
+            :check_for_column => false
+
+  enum reply_time: { in_a_few_minutes: 0, in_a_few_hours: 1, in_a_day: 2 }
+
+  def name
+    'Website'
+  end
+
+  def web_widget_script
+    "
+    <script>
+      (function(d,t) {
+        var BASE_URL=\"#{ENV.fetch('FRONTEND_URL', '')}\";
+        var g=d.createElement(t),s=d.getElementsByTagName(t)[0];
+        g.src=BASE_URL+\"/packs/js/sdk.js\";
+        g.async = true;
+        s.parentNode.insertBefore(g,s);
+        g.onload=function(){
+          window.chatwootSDK.run({
+            websiteToken: '#{website_token}',
+            baseUrl: BASE_URL
+          })
+        }
+      })(document,\"script\");
+    </script>
+    "
+  end
+
+  def validate_pre_chat_options
+    return if pre_chat_form_options.with_indifferent_access['pre_chat_fields'].present?
+
+    self.pre_chat_form_options = {
+      pre_chat_message: 'Share your queries or comments here.',
+      pre_chat_fields: [
+        {
+          'field_type': 'standard', 'label': 'Email Id', 'name': 'emailAddress', 'type': 'email', 'required': true, 'enabled': false
+        },
+        {
+          'field_type': 'standard', 'label': 'Full name', 'name': 'fullName', 'type': 'text', 'required': false, 'enabled': false
+        },
+        {
+          'field_type': 'standard', 'label': 'Phone number', 'name': 'phoneNumber', 'type': 'text', 'required': false, 'enabled': false
+        }
+      ]
+    }
+  end
+
+  def create_contact_inbox(additional_attributes = {})
+    ::ContactInboxWithContactBuilder.new({
+                                           inbox: inbox,
+                                           contact_attributes: { additional_attributes: additional_attributes }
+                                         }).perform
+  end
+end

app/models/channel/whatsapp.rb

@@ -0,0 +1,96 @@
+# == Schema Information
+#
+# Table name: channel_whatsapp
+#
+#  id                             :bigint           not null, primary key
+#  message_templates              :jsonb
+#  message_templates_last_updated :datetime
+#  phone_number                   :string           not null
+#  provider                       :string           default("default")
+#  provider_config                :jsonb
+#  created_at                     :datetime         not null
+#  updated_at                     :datetime         not null
+#  account_id                     :integer          not null
+#
+# Indexes
+#
+#  index_channel_whatsapp_on_phone_number  (phone_number) UNIQUE
+#
+
+class Channel::Whatsapp < ApplicationRecord
+  include Channelable
+  include Reauthorizable
+
+  self.table_name = 'channel_whatsapp'
+  EDITABLE_ATTRS = [:phone_number, :provider, { provider_config: {} }].freeze
+
+  # default at the moment is 360dialog lets change later.
+  PROVIDERS = %w[default whatsapp_cloud].freeze
+  before_validation :ensure_webhook_verify_token
+
+  validates :provider, inclusion: { in: PROVIDERS }
+  validates :phone_number, presence: true, uniqueness: true
+  validate :validate_provider_config
+
+  after_create :sync_templates
+  before_destroy :teardown_webhooks
+  after_commit :setup_webhooks, on: :create, if: :should_auto_setup_webhooks?
+
+  def name
+    'Whatsapp'
+  end
+
+  def provider_service
+    if provider == 'whatsapp_cloud'
+      Whatsapp::Providers::WhatsappCloudService.new(whatsapp_channel: self)
+    else
+      Whatsapp::Providers::Whatsapp360DialogService.new(whatsapp_channel: self)
+    end
+  end
+
+  def mark_message_templates_updated
+    # rubocop:disable Rails/SkipsModelValidations
+    update_column(:message_templates_last_updated, Time.zone.now)
+    # rubocop:enable Rails/SkipsModelValidations
+  end
+
+  delegate :send_message, to: :provider_service
+  delegate :send_template, to: :provider_service
+  delegate :sync_templates, to: :provider_service
+  delegate :media_url, to: :provider_service
+  delegate :api_headers, to: :provider_service
+
+  def setup_webhooks
+    perform_webhook_setup
+  rescue StandardError => e
+    Rails.logger.error "[WHATSAPP] Webhook setup failed: #{e.message}"
+    prompt_reauthorization!
+  end
+
+  private
+
+  def ensure_webhook_verify_token
+    provider_config['webhook_verify_token'] ||= SecureRandom.hex(16) if provider == 'whatsapp_cloud'
+  end
+
+  def validate_provider_config
+    errors.add(:provider_config, 'Invalid Credentials') unless provider_service.validate_provider_config?
+  end
+
+  def perform_webhook_setup
+    business_account_id = provider_config['business_account_id']
+    api_key = provider_config['api_key']
+
+    Whatsapp::WebhookSetupService.new(self, business_account_id, api_key).perform
+  end
+
+  def teardown_webhooks
+    Whatsapp::WebhookTeardownService.new(self).perform
+  end
+
+  def should_auto_setup_webhooks?
+    # Only auto-setup webhooks for whatsapp_cloud provider with manual setup
+    # Embedded signup calls setup_webhooks explicitly in EmbeddedSignupService
+    provider == 'whatsapp_cloud' && provider_config['source'] != 'embedded_signup'
+  end
+end