diff options
-rw-r--r-- | api4/webhook.go | 61 | ||||
-rw-r--r-- | api4/webhook_test.go | 166 | ||||
-rw-r--r-- | model/client4.go | 11 |
3 files changed, 238 insertions, 0 deletions
diff --git a/api4/webhook.go b/api4/webhook.go index 923f66ad3..feecdbd0f 100644 --- a/api4/webhook.go +++ b/api4/webhook.go @@ -18,6 +18,7 @@ func InitWebhook() { BaseRoutes.IncomingHooks.Handle("", ApiSessionRequired(createIncomingHook)).Methods("POST") BaseRoutes.IncomingHooks.Handle("", ApiSessionRequired(getIncomingHooks)).Methods("GET") BaseRoutes.IncomingHook.Handle("", ApiSessionRequired(getIncomingHook)).Methods("GET") + BaseRoutes.IncomingHook.Handle("", ApiSessionRequired(updateIncomingHook)).Methods("PUT") BaseRoutes.IncomingHook.Handle("", ApiSessionRequired(deleteIncomingHook)).Methods("DELETE") BaseRoutes.OutgoingHooks.Handle("", ApiSessionRequired(createOutgoingHook)).Methods("POST") @@ -60,6 +61,66 @@ func createIncomingHook(c *Context, w http.ResponseWriter, r *http.Request) { } } +func updateIncomingHook(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireHookId() + if c.Err != nil { + return + } + + hookID := c.Params.HookId + + updatedHook := model.IncomingWebhookFromJson(r.Body) + if updatedHook == nil { + c.SetInvalidParam("incoming_webhook") + return + } + + c.LogAudit("attempt") + + oldHook, err := app.GetIncomingWebhook(hookID) + if err != nil { + c.Err = err + return + } + + if updatedHook.TeamId != oldHook.TeamId { + c.Err = model.NewAppError("updateIncomingHook", "api.webhook.team_mismatch.app_error", nil, "user_id="+c.Session.UserId, http.StatusBadRequest) + return + } + + if !app.SessionHasPermissionToTeam(c.Session, updatedHook.TeamId, model.PERMISSION_MANAGE_WEBHOOKS) { + c.SetPermissionError(model.PERMISSION_MANAGE_WEBHOOKS) + return + } + + if c.Session.UserId != updatedHook.UserId && !app.SessionHasPermissionToTeam(c.Session, updatedHook.TeamId, model.PERMISSION_MANAGE_OTHERS_WEBHOOKS) { + c.LogAudit("fail - inappropriate permissions") + c.SetPermissionError(model.PERMISSION_MANAGE_OTHERS_WEBHOOKS) + return + } + + channel, err := app.GetChannel(updatedHook.ChannelId) + if err != nil { + c.Err = err + return + } + + if channel.Type != model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_READ_CHANNEL) { + c.LogAudit("fail - bad channel permissions") + c.SetPermissionError(model.PERMISSION_READ_CHANNEL) + return + } + + if incomingHook, err := app.UpdateIncomingWebhook(oldHook, updatedHook); err != nil { + c.Err = err + return + } else { + c.LogAudit("success") + w.WriteHeader(http.StatusCreated) + w.Write([]byte(incomingHook.ToJson())) + } +} + func getIncomingHooks(c *Context, w http.ResponseWriter, r *http.Request) { teamId := r.URL.Query().Get("team_id") diff --git a/api4/webhook_test.go b/api4/webhook_test.go index 2d8a1e8f9..b488f432c 100644 --- a/api4/webhook_test.go +++ b/api4/webhook_test.go @@ -418,3 +418,169 @@ func TestGetOutgoingWebhooks(t *testing.T) { _, resp = Client.GetOutgoingWebhooks(0, 1000, "") CheckUnauthorizedStatus(t, resp) } + +func TestUpdateIncomingHook(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks + enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations + defer func() { + utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks + utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks + utils.SetDefaultRolesBasedOnConfig() + }() + utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true + utils.SetDefaultRolesBasedOnConfig() + + hook1 := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id} + + createdHook, resp := th.SystemAdminClient.CreateIncomingWebhook(hook1) + CheckNoError(t, resp) + + t.Run("UpdateIncomingHook", func(t *testing.T) { + createdHook.DisplayName = "hook2" + createdHook.Description = "description" + createdHook.ChannelId = th.BasicChannel2.Id + + updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook) + CheckNoError(t, resp) + if updatedHook != nil { + if updatedHook.DisplayName != "hook2" { + t.Fatal("Hook name is not updated") + } + + if updatedHook.Description != "description" { + t.Fatal("Hook description is not updated") + } + + if updatedHook.ChannelId != th.BasicChannel2.Id { + t.Fatal("Hook channel is not updated") + } + } else { + t.Fatal("should not be nil") + } + }) + + t.Run("RetainCreateAt", func(t *testing.T) { + hook2 := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id, CreateAt: 100} + + createdHook, resp := th.SystemAdminClient.CreateIncomingWebhook(hook2) + CheckNoError(t, resp) + + createdHook.DisplayName = "Name2" + + updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook) + CheckNoError(t, resp) + if updatedHook != nil { + if updatedHook.CreateAt != createdHook.CreateAt { + t.Fatal("failed - hook create at should not be changed") + } + } else { + t.Fatal("should not be nil") + } + }) + + t.Run("ModifyUpdateAt", func(t *testing.T) { + createdHook.DisplayName = "Name3" + + updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook) + CheckNoError(t, resp) + if updatedHook != nil { + if updatedHook.UpdateAt == createdHook.UpdateAt { + t.Fatal("failed - hook updateAt is not updated") + } + } else { + t.Fatal("should not be nil") + } + }) + + t.Run("UpdateNonExistentHook", func(t *testing.T) { + nonExistentHook := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id} + + _, resp := th.SystemAdminClient.UpdateIncomingWebhook(nonExistentHook) + CheckNotFoundStatus(t, resp) + + nonExistentHook.Id = model.NewId() + _, resp = th.SystemAdminClient.UpdateIncomingWebhook(nonExistentHook) + CheckNotFoundStatus(t, resp) + }) + + t.Run("UserIsNotAdminOfTeam", func(t *testing.T) { + _, resp := Client.UpdateIncomingWebhook(createdHook) + CheckForbiddenStatus(t, resp) + }) + + utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true + + t.Run("OnlyAdminIntegrationsDisabled", func(t *testing.T) { + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false + utils.SetDefaultRolesBasedOnConfig() + + t.Run("UpdateHookOfSameUser", func(t *testing.T) { + sameUserHook := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id, UserId: th.BasicUser2.Id} + + sameUserHook, resp := Client.CreateIncomingWebhook(sameUserHook) + CheckNoError(t, resp) + + _, resp = Client.UpdateIncomingWebhook(sameUserHook) + CheckNoError(t, resp) + }) + + t.Run("UpdateHookOfDifferentUser", func(t *testing.T) { + _, resp := Client.UpdateIncomingWebhook(createdHook) + CheckForbiddenStatus(t, resp) + }) + }) + + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true + utils.SetDefaultRolesBasedOnConfig() + + Client.Logout() + UpdateUserToTeamAdmin(th.BasicUser2, th.BasicTeam) + th.LoginBasic2() + t.Run("UpdateByDifferentUser", func(t *testing.T) { + updatedHook, resp := Client.UpdateIncomingWebhook(createdHook) + CheckNoError(t, resp) + if updatedHook.UserId == th.BasicUser2.Id { + t.Fatal("Hook's creator userId is not retained") + } + }) + + t.Run("IncomingHooksDisabled", func(t *testing.T) { + utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false + _, resp := Client.UpdateIncomingWebhook(createdHook) + CheckNotImplementedStatus(t, resp) + CheckErrorMessage(t, resp, "api.incoming_webhook.disabled.app_error") + }) + + utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true + + t.Run("PrivateChannel", func(t *testing.T) { + privateChannel := th.CreatePrivateChannel() + Client.Logout() + th.LoginBasic() + createdHook.ChannelId = privateChannel.Id + + _, resp := Client.UpdateIncomingWebhook(createdHook) + CheckForbiddenStatus(t, resp) + }) + + t.Run("UpdateToNonExistentChannel", func(t *testing.T) { + createdHook.ChannelId = "junk" + _, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook) + CheckNotFoundStatus(t, resp) + }) + + team := th.CreateTeamWithClient(Client) + user := th.CreateUserWithClient(Client) + LinkUserToTeam(user, team) + Client.Logout() + Client.Login(user.Id, user.Password) + t.Run("UpdateToADifferentTeam", func(t *testing.T) { + _, resp := Client.UpdateIncomingWebhook(createdHook) + CheckUnauthorizedStatus(t, resp) + }) +} diff --git a/model/client4.go b/model/client4.go index 8f3328e80..2da69b6b4 100644 --- a/model/client4.go +++ b/model/client4.go @@ -1149,6 +1149,7 @@ func (c *Client4) ReloadConfig() (bool, *Response) { } } +// DatabaseRecycle will recycle the connections. Discard current connection and get new one. func (c *Client4) DatabaseRecycle() (bool, *Response) { if r, err := c.DoApiPost(c.GetDatabaseRoute()+"/recycle", ""); err != nil { return false, &Response{StatusCode: r.StatusCode, Error: err} @@ -1179,6 +1180,16 @@ func (c *Client4) CreateIncomingWebhook(hook *IncomingWebhook) (*IncomingWebhook } } +// UpdateIncomingWebhook updates an incoming webhook for a channel. +func (c *Client4) UpdateIncomingWebhook(hook *IncomingWebhook) (*IncomingWebhook, *Response) { + if r, err := c.DoApiPut(c.GetIncomingWebhookRoute(hook.Id), hook.ToJson()); err != nil { + return nil, &Response{StatusCode: r.StatusCode, Error: err} + } else { + defer closeBody(r) + return IncomingWebhookFromJson(r.Body), BuildResponse(r) + } +} + // GetIncomingWebhooks returns a page of incoming webhooks on the system. Page counting starts at 0. func (c *Client4) GetIncomingWebhooks(page int, perPage int, etag string) ([]*IncomingWebhook, *Response) { query := fmt.Sprintf("?page=%v&per_page=%v", page, perPage) |