mirror of
https://github.com/discourse/discourse.git
synced 2024-11-25 02:11:08 -06:00
37cc056c1b
Group user event webhooks filtered by group fail silently because the `group_ids` job arg wasn't being passed into the job. This change add's `group_ids` to the `EmitWebHookEvent` jobs queued for `user_added_to_group` and `user_removed_from_group` events.
718 lines
24 KiB
Ruby
718 lines
24 KiB
Ruby
# frozen_string_literal: true
|
||
|
||
RSpec.describe WebHook do
|
||
it { is_expected.to validate_presence_of :payload_url }
|
||
it { is_expected.to validate_presence_of :content_type }
|
||
it { is_expected.to validate_presence_of :last_delivery_status }
|
||
it { is_expected.to validate_presence_of :web_hook_event_types }
|
||
|
||
describe "#content_types" do
|
||
subject { WebHook.content_types }
|
||
|
||
it "'json' (application/json) should be at 1st position" do
|
||
expect(subject["application/json"]).to eq(1)
|
||
end
|
||
|
||
it "'url_encoded' (application/x-www-form-urlencoded) should be at 2st position" do
|
||
expect(subject["application/x-www-form-urlencoded"]).to eq(2)
|
||
end
|
||
end
|
||
|
||
describe "#last_delivery_statuses" do
|
||
subject { WebHook.last_delivery_statuses }
|
||
|
||
it "inactive should be at 1st position" do
|
||
expect(subject[:inactive]).to eq(1)
|
||
end
|
||
|
||
it "failed should be at 2st position" do
|
||
expect(subject[:failed]).to eq(2)
|
||
end
|
||
|
||
it "successful should be at 3st position" do
|
||
expect(subject[:successful]).to eq(3)
|
||
end
|
||
end
|
||
|
||
context "with web hooks" do
|
||
fab!(:post_hook) { Fabricate(:web_hook, payload_url: " https://example.com ") }
|
||
fab!(:topic_hook) { Fabricate(:topic_web_hook) }
|
||
|
||
it "removes whitespace from payload_url before saving" do
|
||
expect(post_hook.payload_url).to eq("https://example.com")
|
||
end
|
||
|
||
it "excludes disabled plugin web_hooks" do
|
||
web_hook_event_types = WebHookEventType.active.find_by(name: "solved")
|
||
expect(web_hook_event_types).to eq(nil)
|
||
end
|
||
|
||
it "includes non-plugin web_hooks" do
|
||
web_hook_event_types = WebHookEventType.active.where(name: "topic")
|
||
expect(web_hook_event_types.count).to eq(1)
|
||
end
|
||
|
||
it "includes enabled plugin web_hooks" do
|
||
SiteSetting.stubs(:solved_enabled).returns(true)
|
||
web_hook_event_types = WebHookEventType.active.where(name: "solved")
|
||
expect(web_hook_event_types.count).to eq(1)
|
||
end
|
||
|
||
describe "#active_web_hooks" do
|
||
it "returns unique hooks" do
|
||
post_hook.web_hook_event_types << WebHookEventType.find_by(name: "topic")
|
||
post_hook.update!(wildcard_web_hook: true)
|
||
|
||
expect(WebHook.active_web_hooks(:post)).to eq([post_hook])
|
||
end
|
||
|
||
it "find relevant hooks" do
|
||
expect(WebHook.active_web_hooks(:post)).to eq([post_hook])
|
||
expect(WebHook.active_web_hooks(:topic)).to eq([topic_hook])
|
||
end
|
||
|
||
it "excludes inactive hooks" do
|
||
post_hook.update!(active: false)
|
||
|
||
expect(WebHook.active_web_hooks(:post)).to eq([])
|
||
expect(WebHook.active_web_hooks(:topic)).to eq([topic_hook])
|
||
end
|
||
|
||
describe "wildcard web hooks" do
|
||
fab!(:wildcard_hook) { Fabricate(:wildcard_web_hook) }
|
||
|
||
it "should include wildcard hooks" do
|
||
expect(WebHook.active_web_hooks(:wildcard)).to eq([wildcard_hook])
|
||
|
||
expect(WebHook.active_web_hooks(:post)).to contain_exactly(post_hook, wildcard_hook)
|
||
|
||
expect(WebHook.active_web_hooks(:topic)).to contain_exactly(topic_hook, wildcard_hook)
|
||
end
|
||
end
|
||
end
|
||
|
||
describe "#enqueue_hooks" do
|
||
it "accepts additional parameters" do
|
||
payload = { test: "some payload" }.to_json
|
||
WebHook.enqueue_hooks(:post, :post_created, payload: payload)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.first["args"].first
|
||
|
||
expect(job_args["web_hook_id"]).to eq(post_hook.id)
|
||
expect(job_args["event_type"]).to eq("post")
|
||
expect(job_args["payload"]).to eq(payload)
|
||
end
|
||
|
||
context "when including wildcard hooks" do
|
||
fab!(:wildcard_hook) { Fabricate(:wildcard_web_hook) }
|
||
|
||
describe "#enqueue_hooks" do
|
||
it "enqueues hooks with ids" do
|
||
WebHook.enqueue_hooks(:post, :post_created)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.first["args"].first
|
||
|
||
expect(job_args["web_hook_id"]).to eq(post_hook.id)
|
||
expect(job_args["event_type"]).to eq("post")
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["web_hook_id"]).to eq(wildcard_hook.id)
|
||
expect(job_args["event_type"]).to eq("post")
|
||
end
|
||
end
|
||
end
|
||
end
|
||
end
|
||
|
||
describe "enqueues hooks" do
|
||
let(:user) { Fabricate(:user) }
|
||
let(:admin) { Fabricate(:admin) }
|
||
let(:topic) { Fabricate(:topic, user: user) }
|
||
let(:post) { Fabricate(:post, topic: topic, user: user) }
|
||
let(:topic_web_hook) { Fabricate(:topic_web_hook) }
|
||
let(:tag) { Fabricate(:tag) }
|
||
|
||
before { topic_web_hook }
|
||
|
||
describe "when there are no active hooks" do
|
||
it "should not generate payload and enqueue anything for topic events" do
|
||
topic_web_hook.destroy!
|
||
post = PostCreator.create(user, raw: "post", title: "topic", skip_validations: true)
|
||
expect(Jobs::EmitWebHookEvent.jobs.length).to eq(0)
|
||
|
||
WebHook.expects(:generate_payload).times(0)
|
||
PostDestroyer.new(admin, post).destroy
|
||
expect(Jobs::EmitWebHookEvent.jobs.length).to eq(0)
|
||
end
|
||
|
||
it "should not enqueue anything for tag events" do
|
||
tag = Fabricate(:tag)
|
||
tag.destroy!
|
||
expect(Jobs::EmitWebHookEvent.jobs.length).to eq(0)
|
||
end
|
||
end
|
||
|
||
it "should enqueue the right hooks for topic events" do
|
||
post = PostCreator.create(user, raw: "post", title: "topic", skip_validations: true)
|
||
topic_id = post.topic.id
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("topic_created")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(topic_id)
|
||
|
||
PostDestroyer.new(user, post).destroy
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("topic_destroyed")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(topic_id)
|
||
|
||
PostDestroyer.new(user, post).recover
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("topic_recovered")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(topic_id)
|
||
|
||
%w[archived closed visible].each do |status|
|
||
post.topic.update_status(status, true, topic.user)
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("topic_#{status}_status_updated")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(topic_id)
|
||
end
|
||
|
||
category = Fabricate(:category)
|
||
|
||
expect do
|
||
PostRevisor.new(post, post.topic).revise!(
|
||
post.user,
|
||
{ category_id: category.id },
|
||
{ skip_validations: true },
|
||
)
|
||
end.to change { Jobs::EmitWebHookEvent.jobs.length }.by(1)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("topic_edited")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(topic_id)
|
||
expect(payload["category_id"]).to eq(category.id)
|
||
|
||
expect do
|
||
successfully_saved_post_and_topic =
|
||
PostRevisor.new(post, post.topic).revise!(
|
||
post.user,
|
||
{ tags: [tag.name] },
|
||
{ skip_validations: true },
|
||
)
|
||
end.to change { Jobs::EmitWebHookEvent.jobs.length }.by(1)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("topic_edited")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(topic_id)
|
||
expect(payload["tags"]).to contain_exactly(tag.name)
|
||
end
|
||
|
||
describe "when topic has been deleted" do
|
||
it "should not enqueue a post/topic edited hooks" do
|
||
topic.trash!
|
||
post.reload
|
||
|
||
PostRevisor.new(post, topic).revise!(
|
||
post.user,
|
||
{ category_id: Category.last.id, raw: "#{post.raw} new" },
|
||
{},
|
||
)
|
||
|
||
expect(Jobs::EmitWebHookEvent.jobs.count).to eq(0)
|
||
end
|
||
end
|
||
|
||
it "should enqueue the right hooks for post events" do
|
||
Fabricate(:web_hook)
|
||
|
||
post =
|
||
PostCreator.create!(
|
||
user,
|
||
raw: "post",
|
||
topic_id: topic.id,
|
||
reply_to_post_number: 1,
|
||
skip_validations: true,
|
||
)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("post_created")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(post.id)
|
||
|
||
Jobs::EmitWebHookEvent.jobs.clear
|
||
|
||
# post destroy or recover triggers a moderator post
|
||
expect { PostDestroyer.new(user, post).destroy }.to change {
|
||
Jobs::EmitWebHookEvent.jobs.count
|
||
}.by(3)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs[0]["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("post_edited")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(post.id)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs[1]["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("post_destroyed")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(post.id)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs[2]["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("topic_destroyed")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(post.topic.id)
|
||
|
||
Jobs::EmitWebHookEvent.jobs.clear
|
||
|
||
expect { PostDestroyer.new(user, post).recover }.to change {
|
||
Jobs::EmitWebHookEvent.jobs.count
|
||
}.by(3)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs[0]["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("post_edited")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(post.id)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs[1]["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("post_recovered")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(post.id)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs[2]["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("topic_recovered")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(post.topic.id)
|
||
end
|
||
|
||
it "should enqueue the destroyed hooks with tag filter for post events" do
|
||
tag = Fabricate(:tag)
|
||
Fabricate(:web_hook, tags: [tag])
|
||
|
||
post =
|
||
PostCreator.create!(
|
||
user,
|
||
raw: "post",
|
||
topic_id: topic.id,
|
||
reply_to_post_number: 1,
|
||
skip_validations: true,
|
||
)
|
||
|
||
topic.tags = [tag]
|
||
topic.save!
|
||
|
||
Jobs::EmitWebHookEvent.jobs.clear
|
||
PostDestroyer.new(user, post).destroy
|
||
|
||
job = Jobs::EmitWebHookEvent.new
|
||
job.expects(:send_webhook!).times(2)
|
||
|
||
args = Jobs::EmitWebHookEvent.jobs[1]["args"].first
|
||
job.execute(args.with_indifferent_access)
|
||
|
||
args = Jobs::EmitWebHookEvent.jobs[2]["args"].first
|
||
job.execute(args.with_indifferent_access)
|
||
end
|
||
|
||
it "should enqueue the right hooks for user events" do
|
||
SiteSetting.must_approve_users = true
|
||
|
||
Fabricate(:user_web_hook, active: true)
|
||
|
||
user
|
||
Jobs::CreateUserReviewable.new.execute(user_id: user.id)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("user_created")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(user.id)
|
||
|
||
email_token = Fabricate(:email_token, user: user)
|
||
EmailToken.confirm(email_token.token)
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("user_confirmed_email")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(user.id)
|
||
|
||
admin
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("user_created")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(admin.id)
|
||
|
||
ReviewableUser.find_by(target: user).perform(admin, :approve_user)
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("user_approved")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(user.id)
|
||
|
||
UserUpdater.new(admin, user).update(username: "testing123")
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("user_updated")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(user.id)
|
||
|
||
user.logged_out
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("user_logged_out")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(user.id)
|
||
|
||
user.logged_in
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("user_logged_in")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(user.id)
|
||
|
||
email = user.email
|
||
user.reload
|
||
UserDestroyer.new(Discourse.system_user).destroy(user)
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("user_destroyed")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(user.id)
|
||
expect(payload["email"]).to eq(email)
|
||
|
||
# Reflects runtime change to user field
|
||
user_field = Fabricate(:user_field, show_on_profile: true)
|
||
user.logged_in
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
expect(job_args["event_name"]).to eq("user_logged_in")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["user_fields"].size).to eq(1)
|
||
end
|
||
|
||
it "should enqueue the right hooks for category events" do
|
||
Fabricate(:category_web_hook)
|
||
category = Fabricate(:category)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("category_created")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(category.id)
|
||
|
||
category.update!(slug: "testing")
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("category_updated")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(category.id)
|
||
expect(payload["slug"]).to eq("testing")
|
||
|
||
category.destroy!
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("category_destroyed")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(category.id)
|
||
end
|
||
|
||
it "should enqueue the right hooks for group events" do
|
||
Fabricate(:group_web_hook)
|
||
group = Fabricate(:group)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("group_created")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(group.id)
|
||
|
||
group.update!(full_name: "testing")
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("group_updated")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(group.id)
|
||
expect(payload["full_name"]).to eq("testing")
|
||
|
||
group.destroy!
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("group_destroyed")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["full_name"]).to eq("testing")
|
||
end
|
||
|
||
it "should enqueue the right hooks for tag events" do
|
||
Fabricate(:tag_web_hook)
|
||
tag = Fabricate(:tag)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("tag_created")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(tag.id)
|
||
|
||
tag.update!(name: "testing")
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("tag_updated")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(tag.id)
|
||
expect(payload["name"]).to eq("testing")
|
||
|
||
tag.destroy!
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("tag_destroyed")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(tag.id)
|
||
end
|
||
|
||
it "should enqueue the right hooks for notifications" do
|
||
Fabricate(:notification_web_hook)
|
||
notification = Fabricate(:notification)
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("notification_created")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(notification.id)
|
||
end
|
||
|
||
it "should enqueue the right hooks for reviewables" do
|
||
Fabricate(:reviewable_web_hook)
|
||
reviewable = Fabricate(:reviewable)
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("reviewable_created")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(reviewable.id)
|
||
|
||
reviewable.add_score(Discourse.system_user, ReviewableScore.types[:off_topic], reason: "test")
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("reviewable_score_updated")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(reviewable.id)
|
||
|
||
reviewable.perform(Discourse.system_user, :delete_user)
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
|
||
expect(job_args["event_name"]).to eq("reviewable_transitioned_to")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(reviewable.id)
|
||
end
|
||
|
||
it "should enqueue the right hooks for badge grants" do
|
||
Fabricate(:user_badge_web_hook)
|
||
badge = Fabricate(:badge)
|
||
badge.multiple_grant = true
|
||
badge.show_posts = true
|
||
badge.save
|
||
|
||
now = Time.now
|
||
freeze_time now
|
||
|
||
BadgeGranter.grant(badge, user, granted_by: admin, post_id: post.id)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
expect(job_args["event_name"]).to eq("user_badge_granted")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["badge_id"]).to eq(badge.id)
|
||
expect(payload["user_id"]).to eq(user.id)
|
||
expect(payload["granted_by_id"]).to eq(admin.id)
|
||
# be_within required because rounding occurs
|
||
expect(Time.zone.parse(payload["granted_at"]).to_f).to be_within(0.001).of(now.to_f)
|
||
expect(payload["post_id"]).to eq(post.id)
|
||
|
||
# Future work: revoke badge hook
|
||
end
|
||
|
||
it "should enqueue the right hooks for group user addition" do
|
||
Fabricate(:group_user_web_hook)
|
||
group = Fabricate(:group)
|
||
|
||
now = Time.now
|
||
freeze_time now
|
||
|
||
group.add(user)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
expect(job_args["event_name"]).to eq("user_added_to_group")
|
||
expect(job_args["group_ids"]).to contain_exactly(group.id)
|
||
|
||
payload = JSON.parse(job_args["payload"])
|
||
|
||
expect(payload["group_id"]).to eq(group.id)
|
||
expect(payload["user_id"]).to eq(user.id)
|
||
expect(payload["notification_level"]).to eq(group.default_notification_level)
|
||
expect(Time.zone.parse(payload["created_at"]).to_f).to be_within(0.001).of(now.to_f)
|
||
end
|
||
|
||
it "should enqueue the right hooks for group user deletion" do
|
||
Fabricate(:group_user_web_hook)
|
||
group = Fabricate(:group)
|
||
group_user = Fabricate(:group_user, group: group, user: user)
|
||
|
||
now = Time.now
|
||
freeze_time now
|
||
|
||
group.remove(user)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
expect(job_args["event_name"]).to eq("user_removed_from_group")
|
||
expect(job_args["group_ids"]).to contain_exactly(group.id)
|
||
|
||
payload = JSON.parse(job_args["payload"])
|
||
|
||
expect(payload["group_id"]).to eq(group.id)
|
||
expect(payload["user_id"]).to eq(user.id)
|
||
end
|
||
|
||
context "with user promoted hooks" do
|
||
fab!(:user_promoted_web_hook) { Fabricate(:user_promoted_web_hook) }
|
||
fab!(:another_user) { Fabricate(:user, trust_level: 2) }
|
||
|
||
it "should pass the user to the webhook job when a user is promoted" do
|
||
another_user.change_trust_level!(another_user.trust_level + 1)
|
||
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
expect(job_args["event_name"]).to eq("user_promoted")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["id"]).to eq(another_user.id)
|
||
end
|
||
|
||
it "shouldn’t trigger when the user is demoted" do
|
||
expect { another_user.change_trust_level!(another_user.trust_level - 1) }.not_to change {
|
||
Jobs::EmitWebHookEvent.jobs.length
|
||
}
|
||
end
|
||
end
|
||
|
||
context "with like created hooks" do
|
||
fab!(:like_web_hook) { Fabricate(:like_web_hook) }
|
||
fab!(:another_user) { Fabricate(:user) }
|
||
|
||
it "should pass the group id to the emit webhook job" do
|
||
group = Fabricate(:group)
|
||
group_user = Fabricate(:group_user, group: group, user: user)
|
||
post = Fabricate(:post, user: another_user)
|
||
like =
|
||
Fabricate(
|
||
:post_action,
|
||
post: post,
|
||
user: user,
|
||
post_action_type_id: PostActionType.types[:like],
|
||
)
|
||
now = Time.now
|
||
freeze_time now
|
||
|
||
DiscourseEvent.trigger(:like_created, like)
|
||
|
||
assert_hook_was_queued_with(post, user, group_ids: [group.id])
|
||
end
|
||
|
||
it "should pass the category id to the emit webhook job" do
|
||
category = Fabricate(:category)
|
||
topic.update!(category: category)
|
||
like =
|
||
Fabricate(
|
||
:post_action,
|
||
post: post,
|
||
user: another_user,
|
||
post_action_type_id: PostActionType.types[:like],
|
||
)
|
||
|
||
DiscourseEvent.trigger(:like_created, like)
|
||
|
||
assert_hook_was_queued_with(post, another_user, category_id: category.id)
|
||
end
|
||
|
||
it "should pass the tag id to the emit webhook job" do
|
||
tag = Fabricate(:tag)
|
||
topic.update!(tags: [tag])
|
||
like =
|
||
Fabricate(
|
||
:post_action,
|
||
post: post,
|
||
user: another_user,
|
||
post_action_type_id: PostActionType.types[:like],
|
||
)
|
||
|
||
DiscourseEvent.trigger(:like_created, like)
|
||
|
||
assert_hook_was_queued_with(post, another_user, tag_ids: [tag.id])
|
||
end
|
||
|
||
def assert_hook_was_queued_with(post, user, group_ids: nil, category_id: nil, tag_ids: nil)
|
||
job_args = Jobs::EmitWebHookEvent.jobs.last["args"].first
|
||
expect(job_args["event_name"]).to eq("post_liked")
|
||
payload = JSON.parse(job_args["payload"])
|
||
expect(payload["post"]["id"]).to eq(post.id)
|
||
expect(payload["user"]["id"]).to eq(user.id)
|
||
|
||
expect(job_args["category_id"]).to eq(category_id) if category_id
|
||
expect(job_args["group_ids"]).to contain_exactly(*group_ids) if group_ids
|
||
expect(job_args["tag_ids"]).to contain_exactly(*tag_ids) if tag_ids
|
||
end
|
||
end
|
||
end
|
||
|
||
describe "#payload_url_safety" do
|
||
fab!(:post_hook) { Fabricate(:web_hook, payload_url: "https://example.com") }
|
||
|
||
it "errors if payload_url resolves to a blocked IP" do
|
||
SiteSetting.blocked_ip_blocks = "92.110.0.0/16"
|
||
FinalDestination::SSRFDetector
|
||
.stubs(:lookup_ips)
|
||
.with { |h| h == "badhostname.com" }
|
||
.returns(["92.110.44.17"])
|
||
post_hook.payload_url = "https://badhostname.com"
|
||
post_hook.save
|
||
expect(post_hook.errors.full_messages).to contain_exactly(
|
||
I18n.t("webhooks.payload_url.blocked_or_internal"),
|
||
)
|
||
end
|
||
|
||
it "errors if payload_url resolves to an internal IP" do
|
||
FinalDestination::SSRFDetector
|
||
.stubs(:lookup_ips)
|
||
.with { |h| h == "badhostname.com" }
|
||
.returns(["172.18.11.39"])
|
||
post_hook.payload_url = "https://badhostname.com"
|
||
post_hook.save
|
||
expect(post_hook.errors.full_messages).to contain_exactly(
|
||
I18n.t("webhooks.payload_url.blocked_or_internal"),
|
||
)
|
||
end
|
||
|
||
it "doesn't error if payload_url resolves to an allowed IP" do
|
||
FinalDestination::SSRFDetector
|
||
.stubs(:lookup_ips)
|
||
.with { |h| h == "goodhostname.com" }
|
||
.returns(["172.32.11.39"])
|
||
post_hook.payload_url = "https://goodhostname.com"
|
||
post_hook.save!
|
||
end
|
||
end
|
||
end
|