From 69cac604e09c139845d2f63ac95fb702fb5a9fe1 Mon Sep 17 00:00:00 2001 From: Joram Wilander Date: Tue, 21 Feb 2017 19:42:34 -0500 Subject: Implement create and get incoming webhook endpoints for APIv4 (#5407) * Implement POST /hooks/incoming endpoint for APIv4 * Implement GET /hooks/incoming endpoint for APIv4 * Updates per feedback --- api4/webhook.go | 85 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 api4/webhook.go (limited to 'api4/webhook.go') diff --git a/api4/webhook.go b/api4/webhook.go new file mode 100644 index 000000000..9efab6ae2 --- /dev/null +++ b/api4/webhook.go @@ -0,0 +1,85 @@ +// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package api4 + +import ( + "net/http" + + l4g "github.com/alecthomas/log4go" + "github.com/mattermost/platform/app" + "github.com/mattermost/platform/model" + "github.com/mattermost/platform/utils" +) + +func InitWebhook() { + l4g.Debug(utils.T("api.webhook.init.debug")) + + BaseRoutes.IncomingHooks.Handle("", ApiSessionRequired(createIncomingHook)).Methods("POST") + BaseRoutes.IncomingHooks.Handle("", ApiSessionRequired(getIncomingHooks)).Methods("GET") +} + +func createIncomingHook(c *Context, w http.ResponseWriter, r *http.Request) { + hook := model.IncomingWebhookFromJson(r.Body) + if hook == nil { + c.SetInvalidParam("webhook") + return + } + + channel, err := app.GetChannel(hook.ChannelId) + if err != nil { + c.Err = err + return + } + + c.LogAudit("attempt") + + if !app.SessionHasPermissionToTeam(c.Session, channel.TeamId, model.PERMISSION_MANAGE_WEBHOOKS) { + c.SetPermissionError(model.PERMISSION_MANAGE_WEBHOOKS) + return + } + + if channel.Type != model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_READ_CHANNEL) { + c.LogAudit("fail - bad channel permissions") + c.SetPermissionError(model.PERMISSION_READ_CHANNEL) + return + } + + if incomingHook, err := app.CreateIncomingWebhookForChannel(c.Session.UserId, channel, hook); err != nil { + c.Err = err + return + } else { + c.LogAudit("success") + w.Write([]byte(incomingHook.ToJson())) + } +} + +func getIncomingHooks(c *Context, w http.ResponseWriter, r *http.Request) { + teamId := r.URL.Query().Get("team_id") + + var hooks []*model.IncomingWebhook + var err *model.AppError + + if len(teamId) > 0 { + if !app.SessionHasPermissionToTeam(c.Session, teamId, model.PERMISSION_MANAGE_WEBHOOKS) { + c.SetPermissionError(model.PERMISSION_MANAGE_WEBHOOKS) + return + } + + hooks, err = app.GetIncomingWebhooksForTeamPage(teamId, c.Params.Page, c.Params.PerPage) + } else { + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_WEBHOOKS) { + c.SetPermissionError(model.PERMISSION_MANAGE_WEBHOOKS) + return + } + + hooks, err = app.GetIncomingWebhooksPage(c.Params.Page, c.Params.PerPage) + } + + if err != nil { + c.Err = err + return + } + + w.Write([]byte(model.IncomingWebhookListToJson(hooks))) +} -- cgit v1.2.3-1-g7c22