Merge pull request huginn#999 from darrencauthon/webhook_gets

Webhook verbs
drives · Sep 2, 2015 · 71aa3a0 · 71aa3a0
2 parents 84d60e8 + 65ff919
commit 71aa3a0
Show file tree

Hide file tree

Showing 2 changed files with 173 additions and 7 deletions.
diff --git a/app/models/agents/webhook_agent.rb b/app/models/agents/webhook_agent.rb
@@ -20,6 +20,9 @@ class WebhookAgent < Agent
         * `payload_path` - JSONPath of the attribute in the POST body to be
           used as the Event payload.  If `payload_path` points to an array,
           Events will be created for each element.
+        * `verbs` - Comma-separated list of http verbs your agent will accept.
+          For example, "post,get" will enable POST and GET requests. Defaults
+          to "post".
       MD
     end
 
@@ -38,10 +41,14 @@ def default_options
     end
 
     def receive_web_request(params, method, format)
+      # check the secret
       secret = params.delete('secret')
-      return ["Please use POST requests only", 401] unless method == "post"
       return ["Not Authorized", 401] unless secret == interpolated['secret']
 
+      #check the verbs
+      verbs = (interpolated['verbs'] || 'post').split(/,/).map { |x| x.strip.downcase }.select { |x| x.present? }
+      return ["Please use #{verbs.join('/').upcase} requests only", 401] unless verbs.include?(method)
+
       [payload_for(params)].flatten.each do |payload|
         create_event(payload: payload)
       end

diff --git a/spec/models/agents/webhook_agent_spec.rb b/spec/models/agents/webhook_agent_spec.rb
@@ -38,12 +38,171 @@
       expect(out).to eq(['Not Authorized', 401])
     end
 
-    it "should only accept POSTs" do
-      out = nil
-      expect {
-        out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
-      }.to change { Event.count }.by(0)
-      expect(out).to eq(['Please use POST requests only', 401])
+    describe "receiving events" do
+
+      context "default settings" do
+
+        it "should not accept GET" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
+          }.to change { Event.count }.by(0)
+          expect(out).to eq(['Please use POST requests only', 401])
+        end
+
+        it "should accept POST" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
+          }.to change { Event.count }.by(1)
+          expect(out).to eq(['Event Created', 201])
+        end
+
+      end
+
+      context "accepting get and post" do
+
+        before { agent.options['verbs'] = 'get,post' }
+
+        it "should accept GET" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
+          }.to change { Event.count }.by(1)
+          expect(out).to eq(['Event Created', 201])
+        end
+
+        it "should accept POST" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
+          }.to change { Event.count }.by(1)
+          expect(out).to eq(['Event Created', 201])
+        end
+
+        it "should not accept PUT" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "put", "text/html")
+          }.to change { Event.count }.by(0)
+          expect(out).to eq(['Please use GET/POST requests only', 401])
+        end
+
+      end
+
+      context "accepting only get" do
+
+        before { agent.options['verbs'] = 'get' }
+
+        it "should accept GET" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
+          }.to change { Event.count }.by(1)
+          expect(out).to eq(['Event Created', 201])
+        end
+
+        it "should not accept POST" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
+          }.to change { Event.count }.by(0)
+          expect(out).to eq(['Please use GET requests only', 401])
+        end
+
+      end
+
+      context "accepting only post" do
+
+        before { agent.options['verbs'] = 'post' }
+
+        it "should not accept GET" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
+          }.to change { Event.count }.by(0)
+          expect(out).to eq(['Please use POST requests only', 401])
+        end
+
+        it "should accept POST" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
+          }.to change { Event.count }.by(1)
+          expect(out).to eq(['Event Created', 201])
+        end
+
+      end
+
+      context "accepting only put" do
+
+        before { agent.options['verbs'] = 'put' }
+
+        it "should accept PUT" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "put", "text/html")
+          }.to change { Event.count }.by(1)
+          expect(out).to eq(['Event Created', 201])
+        end
+
+        it "should not accept GET" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
+          }.to change { Event.count }.by(0)
+          expect(out).to eq(['Please use PUT requests only', 401])
+        end
+
+        it "should not accept POST" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
+          }.to change { Event.count }.by(0)
+          expect(out).to eq(['Please use PUT requests only', 401])
+        end
+
+      end
+
+      context "flaky content with commas" do
+
+        before { agent.options['verbs'] = ',,  PUT,POST, gEt , ,' }
+
+        it "should accept PUT" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "put", "text/html")
+          }.to change { Event.count }.by(1)
+          expect(out).to eq(['Event Created', 201])
+        end
+
+        it "should accept GET" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
+          }.to change { Event.count }.by(1)
+          expect(out).to eq(['Event Created', 201])
+        end
+
+        it "should accept POST" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
+          }.to change { Event.count }.by(1)
+          expect(out).to eq(['Event Created', 201])
+        end
+
+        it "should not accept DELETE" do
+          out = nil
+          expect {
+            out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "delete", "text/html")
+          }.to change { Event.count }.by(0)
+          expect(out).to eq(['Please use PUT/POST/GET requests only', 401])
+        end
+
+      end
+
     end
+
   end
 end