huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Merge branch 'webhooks' of github.com:specklesystems/speckle-server into webhooks

Browse Source
This commit is contained in:
cristi8
2021-07-21 21:03:04 +03:00
parent d629133e41 706889f537
commit 30416effe9
2 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/server/modules/webhooks/graph/resolvers/webhooks.js
+10
View File
@@ -1,4 +1,6 @@
const appRoot = require( 'app-root-path' )
const { ForbiddenError } = require( 'apollo-server-express' )
const { authorizeResolver } = require( `${appRoot}/modules/shared` )
const { createWebhook, getWebhook, updateWebhook, deleteWebhook, getStreamWebhooks, getLastWebhookEvents, getWebhookEventsCount } = require( '../../services/webhooks' )
@@ -39,6 +41,10 @@ module.exports = {
async webhookUpdate( parent, args, context, info ) {
await authorizeResolver( context.userId, args.webhook.streamId, 'stream:owner' )
let wh = await getWebhook( { id: args.webhook.id } )
if ( args.webhook.streamId !== wh.streamId )
throw new ForbiddenError( 'The webhook id and stream id do not match. Please check your inputs.' )
let updated = await updateWebhook( { id: args.webhook.id, url: args.webhook.url, description: args.webhook.description, secret: args.webhook.secret, enabled: args.webhook.enabled !== false, triggers: args.webhook.triggers } )
return !!updated
@@ -46,6 +52,10 @@ module.exports = {
async webhookDelete( parent, args, context, info ) {
await authorizeResolver( context.userId, args.webhook.streamId, 'stream:owner' )
let wh = await getWebhook( { id: args.webhook.id } )
if ( args.webhook.streamId !== wh.streamId )
throw new ForbiddenError( 'The webhook id and stream id do not match. Please check your inputs.' )
let deleted = await deleteWebhook( { id: args.webhook.id } )
return !!deleted
packages/server/modules/webhooks/tests/webhooks.spec.js
+17
View File
@@ -179,6 +179,22 @@ describe( 'Webhooks @webhooks', () => {
expect( webhook.enabled ).to.equal( false )
} )
it( 'Should *not* update or delete a webhook if the stream id and webhook id do not match', async () => {
const res1 = await sendRequest( userOne.token, {
query: `mutation { webhookDelete(webhook: { id: "${webhookTwo.id}", streamId: "${streamOne.id}" } ) }`
} )
expect( res1.body.errors ).to.exist
expect( res1.body.errors[ 0 ].message ).to.equal( 'The webhook id and stream id do not match. Please check your inputs.' )
expect( res1.body.errors[ 0 ].extensions.code ).to.equal( 'FORBIDDEN' )
const res2 = await sendRequest( userOne.token, {
query: `mutation { webhookUpdate(webhook: { id: "${webhookTwo.id}", streamId: "${streamOne.id}", description: "updated webhook", enabled: false }) }`
} )
expect( res2.body.errors ).to.exist
expect( res2.body.errors[ 0 ].message ).to.equal( 'The webhook id and stream id do not match. Please check your inputs.' )
expect( res2.body.errors[ 0 ].extensions.code ).to.equal( 'FORBIDDEN' )
} )
it( 'Should delete a webhook', async () => {
const res = await sendRequest( userTwo.token, {
query: `mutation { webhookDelete(webhook: { id: "${webhookTwo.id}", streamId: "${streamTwo.id}" } ) }`
@@ -205,6 +221,7 @@ describe( 'Webhooks @webhooks', () => {
expect( res.body.errors[ 0 ].extensions.code ).to.equal( 'FORBIDDEN' )
} )
it( 'Should have a webhook limit for streams', async ( ) => {
let limit = 100
for ( let i = 0; i < limit - 1; i++ ) {