diff options
author | Carlos Tadeu Panato Junior <ctadeu@gmail.com> | 2017-03-23 12:02:42 +0100 |
---|---|---|
committer | George Goldberg <george@gberg.me> | 2017-03-23 11:02:42 +0000 |
commit | 78e5b803cc0817e1b5d58ca27a7ad8ad22616602 (patch) | |
tree | 4c0eeb601dc590901801936c3727b14c0bfb547e /api4 | |
parent | 0326177253bd3b4a2933e084a8759473998b60c0 (diff) | |
download | chat-78e5b803cc0817e1b5d58ca27a7ad8ad22616602.tar.gz chat-78e5b803cc0817e1b5d58ca27a7ad8ad22616602.tar.bz2 chat-78e5b803cc0817e1b5d58ca27a7ad8ad22616602.zip |
add implementation to get outgoing webhook for apiv4 (#5827)
Diffstat (limited to 'api4')
-rw-r--r-- | api4/webhook.go | 30 | ||||
-rw-r--r-- | api4/webhook_test.go | 39 |
2 files changed, 69 insertions, 0 deletions
diff --git a/api4/webhook.go b/api4/webhook.go index aaaf6f396..8d2c4874f 100644 --- a/api4/webhook.go +++ b/api4/webhook.go @@ -24,6 +24,7 @@ func InitWebhook() { BaseRoutes.OutgoingHooks.Handle("", ApiSessionRequired(createOutgoingHook)).Methods("POST") BaseRoutes.OutgoingHooks.Handle("", ApiSessionRequired(getOutgoingHooks)).Methods("GET") BaseRoutes.OutgoingHook.Handle("", ApiSessionRequired(updateOutcomingHook)).Methods("PUT") + BaseRoutes.OutgoingHook.Handle("", ApiSessionRequired(getOutgoingHook)).Methods("GET") BaseRoutes.OutgoingHook.Handle("/regen_token", ApiSessionRequired(regenOutgoingHookToken)).Methods("POST") } @@ -333,6 +334,35 @@ func getOutgoingHooks(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(model.OutgoingWebhookListToJson(hooks))) } +func getOutgoingHook(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireHookId() + if c.Err != nil { + return + } + + hook, err := app.GetOutgoingWebhook(c.Params.HookId) + if err != nil { + c.Err = err + return + } + + c.LogAudit("attempt") + + if !app.SessionHasPermissionToTeam(c.Session, hook.TeamId, model.PERMISSION_MANAGE_WEBHOOKS) { + c.SetPermissionError(model.PERMISSION_MANAGE_WEBHOOKS) + return + } + + if c.Session.UserId != hook.CreatorId && !app.SessionHasPermissionToTeam(c.Session, hook.TeamId, model.PERMISSION_MANAGE_OTHERS_WEBHOOKS) { + c.LogAudit("fail - inappropriate permissions") + c.SetPermissionError(model.PERMISSION_MANAGE_OTHERS_WEBHOOKS) + return + } + + c.LogAudit("success") + w.Write([]byte(hook.ToJson())) +} + func regenOutgoingHookToken(c *Context, w http.ResponseWriter, r *http.Request) { c.RequireHookId() if c.Err != nil { diff --git a/api4/webhook_test.go b/api4/webhook_test.go index 20ff859ac..80b03c5aa 100644 --- a/api4/webhook_test.go +++ b/api4/webhook_test.go @@ -419,6 +419,45 @@ func TestGetOutgoingWebhooks(t *testing.T) { CheckUnauthorizedStatus(t, resp) } +func TestGetOutgoingWebhook(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks + enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations + defer func() { + utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks + utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks + utils.SetDefaultRolesBasedOnConfig() + }() + utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true + utils.SetDefaultRolesBasedOnConfig() + + hook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, CallbackURLs: []string{"http://nowhere.com"}} + + rhook, resp := th.SystemAdminClient.CreateOutgoingWebhook(hook) + CheckNoError(t, resp) + + getHook, resp := th.SystemAdminClient.GetOutgoingWebhook(rhook.Id) + CheckNoError(t, resp) + if getHook.Id != rhook.Id { + t.Fatal("failed to retrieve the correct outgoing hook") + } + + _, resp = Client.GetOutgoingWebhook(rhook.Id) + CheckForbiddenStatus(t, resp) + + nonExistentHook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id} + _, resp = th.SystemAdminClient.GetOutgoingWebhook(nonExistentHook.Id) + CheckNotFoundStatus(t, resp) + + nonExistentHook.Id = model.NewId() + _, resp = th.SystemAdminClient.GetOutgoingWebhook(nonExistentHook.Id) + CheckInternalErrorStatus(t, resp) +} + func TestUpdateIncomingHook(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer TearDown() |