Files

419 lines
14 KiB
Go
Raw Permalink Normal View History

2016-12-06 23:36:28 -05:00
// Copyright 2016 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
2016-12-06 23:36:28 -05:00
package utils
import (
"net/http"
2023-12-31 12:31:50 +08:00
"strconv"
"strings"
"code.gitea.io/gitea/models/db"
2023-03-10 15:28:32 +01:00
user_model "code.gitea.io/gitea/models/user"
2021-11-10 13:13:16 +08:00
"code.gitea.io/gitea/models/webhook"
"code.gitea.io/gitea/modules/json"
2023-01-29 02:12:10 +08:00
"code.gitea.io/gitea/modules/setting"
2019-05-11 18:21:34 +08:00
api "code.gitea.io/gitea/modules/structs"
2020-12-25 09:59:32 +00:00
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/modules/validation"
2023-01-01 16:23:15 +01:00
webhook_module "code.gitea.io/gitea/modules/webhook"
"code.gitea.io/gitea/services/context"
2021-11-10 13:13:16 +08:00
webhook_service "code.gitea.io/gitea/services/webhook"
2016-12-06 23:36:28 -05:00
)
2023-03-10 15:28:32 +01:00
// ListOwnerHooks lists the webhooks of the provided owner
func ListOwnerHooks(ctx *context.APIContext, owner *user_model.User) {
2026-02-06 14:12:05 +01:00
listOptions := GetListOptions(ctx)
2023-03-10 15:28:32 +01:00
opts := &webhook.ListWebhookOptions{
2026-02-06 14:12:05 +01:00
ListOptions: listOptions,
2023-03-10 15:28:32 +01:00
OwnerID: owner.ID,
}
hooks, count, err := db.FindAndCount[webhook.Webhook](ctx, opts)
2023-03-10 15:28:32 +01:00
if err != nil {
2025-02-17 14:13:17 +08:00
ctx.APIErrorInternal(err)
2023-03-10 15:28:32 +01:00
return
}
apiHooks := make([]*api.Hook, len(hooks))
for i, hook := range hooks {
apiHooks[i], err = webhook_service.ToHook(owner.HomeLink(), hook)
if err != nil {
2025-02-17 14:13:17 +08:00
ctx.APIErrorInternal(err)
2023-03-10 15:28:32 +01:00
return
}
}
2026-03-08 15:35:50 +01:00
ctx.SetLinkHeader(count, listOptions.PageSize)
2023-03-10 15:28:32 +01:00
ctx.SetTotalCountHeader(count)
ctx.JSON(http.StatusOK, apiHooks)
}
// GetOwnerHook gets an user or organization webhook. Errors are written to ctx.
func GetOwnerHook(ctx *context.APIContext, ownerID, hookID int64) (*webhook.Webhook, error) {
w, err := webhook.GetWebhookByOwnerID(ctx, ownerID, hookID)
2016-12-06 23:36:28 -05:00
if err != nil {
2021-11-10 13:13:16 +08:00
if webhook.IsErrWebhookNotExist(err) {
2025-02-17 14:13:17 +08:00
ctx.APIErrorNotFound()
2016-12-06 23:36:28 -05:00
} else {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2016-12-06 23:36:28 -05:00
}
return nil, err
}
return w, nil
}
// GetRepoHook get a repo's webhook. If there is an error, write to `ctx`
// accordingly and return the error
2021-11-10 13:13:16 +08:00
func GetRepoHook(ctx *context.APIContext, repoID, hookID int64) (*webhook.Webhook, error) {
w, err := webhook.GetWebhookByRepoID(ctx, repoID, hookID)
2016-12-06 23:36:28 -05:00
if err != nil {
2021-11-10 13:13:16 +08:00
if webhook.IsErrWebhookNotExist(err) {
2025-02-17 14:13:17 +08:00
ctx.APIErrorNotFound()
2016-12-06 23:36:28 -05:00
} else {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2016-12-06 23:36:28 -05:00
}
return nil, err
}
return w, nil
}
2023-03-10 15:28:32 +01:00
// checkCreateHookOption check if a CreateHookOption form is valid. If invalid,
2016-12-06 23:36:28 -05:00
// write the appropriate error to `ctx`. Return whether the form is valid
2023-03-10 15:28:32 +01:00
func checkCreateHookOption(ctx *context.APIContext, form *api.CreateHookOption) bool {
2021-11-10 13:13:16 +08:00
if !webhook_service.IsValidHookTaskType(form.Type) {
2025-04-01 12:14:01 +02:00
ctx.APIError(http.StatusUnprocessableEntity, "Invalid hook type: "+form.Type)
2016-12-06 23:36:28 -05:00
return false
}
for _, name := range []string{"url", "content_type"} {
if _, ok := form.Config[name]; !ok {
2025-02-17 14:13:17 +08:00
ctx.APIError(http.StatusUnprocessableEntity, "Missing config option: "+name)
2016-12-06 23:36:28 -05:00
return false
}
}
2021-11-10 13:13:16 +08:00
if !webhook.IsValidHookContentType(form.Config["content_type"]) {
2025-02-17 14:13:17 +08:00
ctx.APIError(http.StatusUnprocessableEntity, "Invalid content type")
2016-12-06 23:36:28 -05:00
return false
}
if !validation.IsValidURL(form.Config["url"]) {
ctx.APIError(http.StatusUnprocessableEntity, "Invalid url")
return false
}
2016-12-06 23:36:28 -05:00
return true
}
2023-01-29 02:12:10 +08:00
// AddSystemHook add a system hook
func AddSystemHook(ctx *context.APIContext, form *api.CreateHookOption) {
hook, ok := addHook(ctx, form, 0, 0)
if ok {
h, err := webhook_service.ToHook(setting.AppSubURL+"/-/admin", hook)
2023-01-29 02:12:10 +08:00
if err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2023-01-29 02:12:10 +08:00
return
}
ctx.JSON(http.StatusCreated, h)
}
}
2023-03-10 15:28:32 +01:00
// AddOwnerHook adds a hook to an user or organization
func AddOwnerHook(ctx *context.APIContext, owner *user_model.User, form *api.CreateHookOption) {
hook, ok := addHook(ctx, form, owner.ID, 0)
2022-11-03 19:23:20 +01:00
if !ok {
return
}
2023-03-10 15:28:32 +01:00
apiHook, ok := toAPIHook(ctx, owner.HomeLink(), hook)
2022-11-03 19:23:20 +01:00
if !ok {
return
2016-12-06 23:36:28 -05:00
}
2022-11-03 19:23:20 +01:00
ctx.JSON(http.StatusCreated, apiHook)
2016-12-06 23:36:28 -05:00
}
// AddRepoHook add a hook to a repo. Writes to `ctx` accordingly
func AddRepoHook(ctx *context.APIContext, form *api.CreateHookOption) {
repo := ctx.Repo
hook, ok := addHook(ctx, form, 0, repo.Repository.ID)
2022-11-03 19:23:20 +01:00
if !ok {
return
}
apiHook, ok := toAPIHook(ctx, repo.RepoLink, hook)
if !ok {
return
}
ctx.JSON(http.StatusCreated, apiHook)
}
// toAPIHook converts the hook to its API representation.
// If there is an error, write to `ctx` accordingly. Return (hook, ok)
func toAPIHook(ctx *context.APIContext, repoLink string, hook *webhook.Webhook) (*api.Hook, bool) {
2023-01-01 16:23:15 +01:00
apiHook, err := webhook_service.ToHook(repoLink, hook)
2022-11-03 19:23:20 +01:00
if err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2022-11-03 19:23:20 +01:00
return nil, false
2016-12-06 23:36:28 -05:00
}
2022-11-03 19:23:20 +01:00
return apiHook, true
2016-12-06 23:36:28 -05:00
}
2020-03-05 23:10:48 -06:00
func issuesHook(events []string, event string) bool {
2023-01-11 13:31:16 +08:00
return util.SliceContainsString(events, event, true) || util.SliceContainsString(events, string(webhook_module.HookEventIssues), true)
2020-03-05 23:10:48 -06:00
}
func pullHook(events []string, event string) bool {
2023-01-11 13:31:16 +08:00
return util.SliceContainsString(events, event, true) || util.SliceContainsString(events, string(webhook_module.HookEventPullRequest), true)
2020-03-05 23:10:48 -06:00
}
func updateHookEvents(events []string) webhook_module.HookEvents {
if len(events) == 0 {
events = []string{"push"}
}
hookEvents := make(webhook_module.HookEvents)
hookEvents[webhook_module.HookEventCreate] = util.SliceContainsString(events, string(webhook_module.HookEventCreate), true)
hookEvents[webhook_module.HookEventPush] = util.SliceContainsString(events, string(webhook_module.HookEventPush), true)
hookEvents[webhook_module.HookEventDelete] = util.SliceContainsString(events, string(webhook_module.HookEventDelete), true)
hookEvents[webhook_module.HookEventFork] = util.SliceContainsString(events, string(webhook_module.HookEventFork), true)
hookEvents[webhook_module.HookEventRepository] = util.SliceContainsString(events, string(webhook_module.HookEventRepository), true)
hookEvents[webhook_module.HookEventWiki] = util.SliceContainsString(events, string(webhook_module.HookEventWiki), true)
hookEvents[webhook_module.HookEventRelease] = util.SliceContainsString(events, string(webhook_module.HookEventRelease), true)
hookEvents[webhook_module.HookEventPackage] = util.SliceContainsString(events, string(webhook_module.HookEventPackage), true)
hookEvents[webhook_module.HookEventStatus] = util.SliceContainsString(events, string(webhook_module.HookEventStatus), true)
2025-06-20 14:14:00 +02:00
hookEvents[webhook_module.HookEventWorkflowRun] = util.SliceContainsString(events, string(webhook_module.HookEventWorkflowRun), true)
hookEvents[webhook_module.HookEventWorkflowJob] = util.SliceContainsString(events, string(webhook_module.HookEventWorkflowJob), true)
// Issues
hookEvents[webhook_module.HookEventIssues] = issuesHook(events, "issues_only")
hookEvents[webhook_module.HookEventIssueAssign] = issuesHook(events, string(webhook_module.HookEventIssueAssign))
hookEvents[webhook_module.HookEventIssueLabel] = issuesHook(events, string(webhook_module.HookEventIssueLabel))
hookEvents[webhook_module.HookEventIssueMilestone] = issuesHook(events, string(webhook_module.HookEventIssueMilestone))
hookEvents[webhook_module.HookEventIssueComment] = issuesHook(events, string(webhook_module.HookEventIssueComment))
// Pull requests
hookEvents[webhook_module.HookEventPullRequest] = pullHook(events, "pull_request_only")
hookEvents[webhook_module.HookEventPullRequestAssign] = pullHook(events, string(webhook_module.HookEventPullRequestAssign))
hookEvents[webhook_module.HookEventPullRequestLabel] = pullHook(events, string(webhook_module.HookEventPullRequestLabel))
hookEvents[webhook_module.HookEventPullRequestMilestone] = pullHook(events, string(webhook_module.HookEventPullRequestMilestone))
hookEvents[webhook_module.HookEventPullRequestComment] = pullHook(events, string(webhook_module.HookEventPullRequestComment))
hookEvents[webhook_module.HookEventPullRequestReview] = pullHook(events, "pull_request_review")
hookEvents[webhook_module.HookEventPullRequestReviewRequest] = pullHook(events, string(webhook_module.HookEventPullRequestReviewRequest))
hookEvents[webhook_module.HookEventPullRequestSync] = pullHook(events, string(webhook_module.HookEventPullRequestSync))
return hookEvents
}
2023-03-10 15:28:32 +01:00
// addHook add the hook specified by `form`, `ownerID` and `repoID`. If there is
2016-12-06 23:36:28 -05:00
// an error, write to `ctx` accordingly. Return (webhook, ok)
2023-03-10 15:28:32 +01:00
func addHook(ctx *context.APIContext, form *api.CreateHookOption, ownerID, repoID int64) (*webhook.Webhook, bool) {
2023-12-31 12:31:50 +08:00
var isSystemWebhook bool
2023-03-10 15:28:32 +01:00
if !checkCreateHookOption(ctx, form) {
return nil, false
}
2023-12-31 12:31:50 +08:00
if form.Config["is_system_webhook"] != "" {
sw, err := strconv.ParseBool(form.Config["is_system_webhook"])
if err != nil {
2025-02-17 14:13:17 +08:00
ctx.APIError(http.StatusUnprocessableEntity, "Invalid is_system_webhook value")
2023-12-31 12:31:50 +08:00
return nil, false
}
isSystemWebhook = sw
}
2021-11-10 13:13:16 +08:00
w := &webhook.Webhook{
2023-12-31 12:31:50 +08:00
OwnerID: ownerID,
RepoID: repoID,
Name: strings.TrimSpace(form.Name),
2023-12-31 12:31:50 +08:00
URL: form.Config["url"],
ContentType: webhook.ToHookContentType(form.Config["content_type"]),
Secret: form.Config["secret"],
HTTPMethod: "POST",
IsSystemWebhook: isSystemWebhook,
2023-01-01 16:23:15 +01:00
HookEvent: &webhook_module.HookEvent{
2016-12-06 23:36:28 -05:00
ChooseEvents: true,
HookEvents: updateHookEvents(form.Events),
2019-09-09 08:48:21 +03:00
BranchFilter: form.BranchFilter,
2016-12-06 23:36:28 -05:00
},
2020-12-10 01:20:13 +08:00
IsActive: form.Active,
Type: form.Type,
2016-12-06 23:36:28 -05:00
}
2022-11-03 19:23:20 +01:00
err := w.SetHeaderAuthorization(form.AuthorizationHeader)
if err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2022-11-03 19:23:20 +01:00
return nil, false
}
2023-01-01 16:23:15 +01:00
if w.Type == webhook_module.SLACK {
2016-12-06 23:36:28 -05:00
channel, ok := form.Config["channel"]
if !ok {
2025-02-17 14:13:17 +08:00
ctx.APIError(http.StatusUnprocessableEntity, "Missing config option: channel")
2016-12-06 23:36:28 -05:00
return nil, false
}
2022-08-11 17:48:23 +02:00
channel = strings.TrimSpace(channel)
2022-08-11 17:48:23 +02:00
if !webhook_service.IsValidSlackChannel(channel) {
2025-02-17 14:13:17 +08:00
ctx.APIError(http.StatusBadRequest, "Invalid slack channel name")
return nil, false
}
2021-11-10 13:13:16 +08:00
meta, err := json.Marshal(&webhook_service.SlackMeta{
2022-08-11 17:48:23 +02:00
Channel: channel,
2016-12-06 23:36:28 -05:00
Username: form.Config["username"],
IconURL: form.Config["icon_url"],
Color: form.Config["color"],
})
if err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2016-12-06 23:36:28 -05:00
return nil, false
}
w.Meta = string(meta)
}
if err := w.UpdateEvent(); err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2016-12-06 23:36:28 -05:00
return nil, false
} else if err := webhook.CreateWebhook(ctx, w); err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2016-12-06 23:36:28 -05:00
return nil, false
}
return w, true
}
2023-01-29 02:12:10 +08:00
// EditSystemHook edit system webhook `w` according to `form`. Writes to `ctx` accordingly
func EditSystemHook(ctx *context.APIContext, form *api.EditHookOption, hookID int64) {
hook, err := webhook.GetSystemOrDefaultWebhook(ctx, hookID)
if err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2023-01-29 02:12:10 +08:00
return
}
if !editHook(ctx, form, hook) {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2023-01-29 02:12:10 +08:00
return
}
updated, err := webhook.GetSystemOrDefaultWebhook(ctx, hookID)
if err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2023-01-29 02:12:10 +08:00
return
}
h, err := webhook_service.ToHook(setting.AppURL+"/-/admin", updated)
2023-01-29 02:12:10 +08:00
if err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2023-01-29 02:12:10 +08:00
return
}
ctx.JSON(http.StatusOK, h)
}
2023-03-10 15:28:32 +01:00
// EditOwnerHook updates a webhook of an user or organization
func EditOwnerHook(ctx *context.APIContext, owner *user_model.User, form *api.EditHookOption, hookID int64) {
hook, err := GetOwnerHook(ctx, owner.ID, hookID)
2016-12-06 23:36:28 -05:00
if err != nil {
return
}
if !editHook(ctx, form, hook) {
return
}
2023-03-10 15:28:32 +01:00
updated, err := GetOwnerHook(ctx, owner.ID, hookID)
2016-12-06 23:36:28 -05:00
if err != nil {
return
}
2023-03-10 15:28:32 +01:00
apiHook, ok := toAPIHook(ctx, owner.HomeLink(), updated)
2022-11-03 19:23:20 +01:00
if !ok {
return
}
ctx.JSON(http.StatusOK, apiHook)
2016-12-06 23:36:28 -05:00
}
// EditRepoHook edit webhook `w` according to `form`. Writes to `ctx` accordingly
func EditRepoHook(ctx *context.APIContext, form *api.EditHookOption, hookID int64) {
repo := ctx.Repo
hook, err := GetRepoHook(ctx, repo.Repository.ID, hookID)
if err != nil {
return
}
if !editHook(ctx, form, hook) {
return
}
updated, err := GetRepoHook(ctx, repo.Repository.ID, hookID)
if err != nil {
return
}
2022-11-03 19:23:20 +01:00
apiHook, ok := toAPIHook(ctx, repo.RepoLink, updated)
if !ok {
return
}
ctx.JSON(http.StatusOK, apiHook)
2016-12-06 23:36:28 -05:00
}
// editHook edit the webhook `w` according to `form`. If an error occurs, write
// to `ctx` accordingly and return the error. Return whether successful
2021-11-10 13:13:16 +08:00
func editHook(ctx *context.APIContext, form *api.EditHookOption, w *webhook.Webhook) bool {
2016-12-06 23:36:28 -05:00
if form.Config != nil {
if url, ok := form.Config["url"]; ok {
if !validation.IsValidURL(url) {
ctx.APIError(http.StatusUnprocessableEntity, "Invalid url")
return false
}
2016-12-06 23:36:28 -05:00
w.URL = url
}
if ct, ok := form.Config["content_type"]; ok {
2021-11-10 13:13:16 +08:00
if !webhook.IsValidHookContentType(ct) {
2025-02-17 14:13:17 +08:00
ctx.APIError(http.StatusUnprocessableEntity, "Invalid content type")
2016-12-06 23:36:28 -05:00
return false
}
2021-11-10 13:13:16 +08:00
w.ContentType = webhook.ToHookContentType(ct)
2016-12-06 23:36:28 -05:00
}
2023-01-01 16:23:15 +01:00
if w.Type == webhook_module.SLACK {
2016-12-06 23:36:28 -05:00
if channel, ok := form.Config["channel"]; ok {
2021-11-10 13:13:16 +08:00
meta, err := json.Marshal(&webhook_service.SlackMeta{
2016-12-06 23:36:28 -05:00
Channel: channel,
Username: form.Config["username"],
IconURL: form.Config["icon_url"],
Color: form.Config["color"],
})
if err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2016-12-06 23:36:28 -05:00
return false
}
w.Meta = string(meta)
}
}
}
// Update events
w.HookEvents = updateHookEvents(form.Events)
2016-12-06 23:36:28 -05:00
w.PushOnly = false
w.SendEverything = false
w.ChooseEvents = true
2019-09-09 08:48:21 +03:00
w.BranchFilter = form.BranchFilter
2022-11-03 19:23:20 +01:00
err := w.SetHeaderAuthorization(form.AuthorizationHeader)
if err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2022-11-03 19:23:20 +01:00
return false
}
2016-12-06 23:36:28 -05:00
if err := w.UpdateEvent(); err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2016-12-06 23:36:28 -05:00
return false
}
if form.Active != nil {
w.IsActive = *form.Active
}
if form.Name != nil {
w.Name = strings.TrimSpace(*form.Name)
}
if err := webhook.UpdateWebhook(ctx, w); err != nil {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2016-12-06 23:36:28 -05:00
return false
}
return true
}
2023-03-10 15:28:32 +01:00
// DeleteOwnerHook deletes the hook owned by the owner.
func DeleteOwnerHook(ctx *context.APIContext, owner *user_model.User, hookID int64) {
if err := webhook.DeleteWebhookByOwnerID(ctx, owner.ID, hookID); err != nil {
2023-03-10 15:28:32 +01:00
if webhook.IsErrWebhookNotExist(err) {
2025-02-17 14:13:17 +08:00
ctx.APIErrorNotFound()
2023-03-10 15:28:32 +01:00
} else {
2025-02-18 04:41:03 +08:00
ctx.APIErrorInternal(err)
2023-03-10 15:28:32 +01:00
}
return
}
ctx.Status(http.StatusNoContent)
}