From 114fe4b2d5dce83874735cf1de97af6e89b925d5 Mon Sep 17 00:00:00 2001 From: jazzari Date: Wed, 16 Aug 2023 15:43:57 -0300 Subject: [PATCH 1/5] fix: fix in es.yml & en.yml and missing end #13903 --- app/controllers/api/v1/webhooks_controller.rb | 11 ++++++----- config/locales/en.yml | 2 +- config/locales/es.yml | 2 +- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/app/controllers/api/v1/webhooks_controller.rb b/app/controllers/api/v1/webhooks_controller.rb index 3af9abee..8ef943be 100644 --- a/app/controllers/api/v1/webhooks_controller.rb +++ b/app/controllers/api/v1/webhooks_controller.rb @@ -38,12 +38,12 @@ module Api request.headers['X-Gitlab-Token'] # Github elsif request.headers['X-HUB-SIGNATURE-256'] - token_from_signature(request.env['HTTP_X_HUB_SIGNATURE_256']) + token_from_signature(request.env['HTTP_X_HUB_SIGNATURE_256'], 'sha256=') # Gitea elsif request.headers['HTTP_X_GITEA_SIGNATURE'] token_from_signature(request.env['HTTP_X_GITEA_SIGNATURE']) else - raise ActiveRecord::RecordNotFound + raise ActiveRecord::RecordNotFound, 'proveedor no soportado' end end end @@ -51,10 +51,10 @@ module Api # valida token a partir de firma de webhook # # @return [String, Boolean] - def token_from_signature(signature) + def token_from_signature(signature. prepend = '') payload = request.body.read site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token| - new_signature = 'sha256=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload) + new_signature = prepend + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload) ActiveSupport::SecurityUtils.secure_compare(new_signature, signature) end.tap do |t| raise ActiveRecord::RecordNotFound, 'token no encontrado' if t.nil? @@ -69,7 +69,8 @@ module Api # respuesta de error a plataformas def platforms_answer(exception) head :forbidden - ExceptionNotifier.notify_exception(exception, data: { params: params.to_h }) + ExceptionNotifier.notify_exception(exception, env: request.env) + end end end end \ No newline at end of file diff --git a/config/locales/en.yml b/config/locales/en.yml index 8ae8cce5..c9a723bc 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -466,7 +466,7 @@ en: success: 'Site upgrade has been completed. Your next build will run this upgrade :)' error: "There was an error when trying to upgrade your site. This could be due to conflicts that couldn't be solved automatically. A report of the issue has already been sent to our admins. Sorry for the inconvenience! :(" message: 'Skeleton upgrade' - webhooks_controller: + webhooks: pull: message: 'Webhooks pull' footer: diff --git a/config/locales/es.yml b/config/locales/es.yml index 7a83483f..857217ec 100644 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -474,7 +474,7 @@ es: success: 'Ya se incorporaron los cambios en el sitio, se aplicarán en la próxima compilación que hagas :)' error: 'Hubo un error al incorporar los cambios en el sitio. Esto puede deberse a conflictos entre cambios que no se pueden resolver automáticamente. Hemos enviado un reporte del problema a les administradores de Sutty para que estén al tanto de la situación. ¡Lo sentimos! :(' message: 'Actualización del esqueleto' - webhooks_controller: + webhooks: pull: message: 'Traer los cambios a partir de un evento remoto' footer: From 5ef601139fab2f99952dcda124a6a06bd10dc054 Mon Sep 17 00:00:00 2001 From: f Date: Wed, 16 Aug 2023 16:21:48 -0300 Subject: [PATCH 2/5] fix: eliminar espacio en blanco --- app/controllers/api/v1/webhooks_controller.rb | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/app/controllers/api/v1/webhooks_controller.rb b/app/controllers/api/v1/webhooks_controller.rb index 8ef943be..fb4a710c 100644 --- a/app/controllers/api/v1/webhooks_controller.rb +++ b/app/controllers/api/v1/webhooks_controller.rb @@ -11,7 +11,7 @@ module Api # (Gitlab, Github, Gitea, etc) # # @return [nil] - def pull + def pull message = I18n.with_locale(site.default_locale) do I18n.t('webhooks.pull.message') end @@ -20,17 +20,17 @@ module Api head :ok end - private + private # encuentra el sitio a partir de la url - def site + def site @site ||= Site.find_by_name!(params[:site_id]) end # valida el token que envía la plataforma del webhook # # @return [String] - def token + def token @token ||= begin # Gitlab @@ -45,14 +45,14 @@ module Api else raise ActiveRecord::RecordNotFound, 'proveedor no soportado' end - end + end end # valida token a partir de firma de webhook # # @return [String, Boolean] def token_from_signature(signature. prepend = '') - payload = request.body.read + payload = request.body.read site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token| new_signature = prepend + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload) ActiveSupport::SecurityUtils.secure_compare(new_signature, signature) @@ -61,10 +61,10 @@ module Api end end - # encuentra le usuarie + # encuentra le usuarie def usuarie @usuarie ||= site.roles.find_by!(temporal: false, rol: 'usuarie', token: token).usuarie - end + end # respuesta de error a plataformas def platforms_answer(exception) @@ -73,4 +73,4 @@ module Api end end end -end \ No newline at end of file +end From 690efe329c571c0d8c601645735d186b7890a572 Mon Sep 17 00:00:00 2001 From: f Date: Wed, 16 Aug 2023 16:22:57 -0300 Subject: [PATCH 3/5] fix: llamar a los headers consistentemente --- app/controllers/api/v1/webhooks_controller.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controllers/api/v1/webhooks_controller.rb b/app/controllers/api/v1/webhooks_controller.rb index fb4a710c..1d1258fd 100644 --- a/app/controllers/api/v1/webhooks_controller.rb +++ b/app/controllers/api/v1/webhooks_controller.rb @@ -37,11 +37,11 @@ module Api if request.headers['X-Gitlab-Token'] request.headers['X-Gitlab-Token'] # Github - elsif request.headers['X-HUB-SIGNATURE-256'] - token_from_signature(request.env['HTTP_X_HUB_SIGNATURE_256'], 'sha256=') + elsif request.headers['X-Hub-Signature-256'] + token_from_signature(request.headers['X_Hub_Signature_256'], 'sha256=') # Gitea - elsif request.headers['HTTP_X_GITEA_SIGNATURE'] - token_from_signature(request.env['HTTP_X_GITEA_SIGNATURE']) + elsif request.headers['X_Gitea_Signature'] + token_from_signature(request.headers['X_Gitea_Signature']) else raise ActiveRecord::RecordNotFound, 'proveedor no soportado' end From a99e03ce15d13122f36e2aab976fd5229156300e Mon Sep 17 00:00:00 2001 From: f Date: Wed, 16 Aug 2023 16:23:39 -0300 Subject: [PATCH 4/5] feat: enviar los headers en el reporte --- app/controllers/api/v1/webhooks_controller.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/controllers/api/v1/webhooks_controller.rb b/app/controllers/api/v1/webhooks_controller.rb index 1d1258fd..6be6c2dc 100644 --- a/app/controllers/api/v1/webhooks_controller.rb +++ b/app/controllers/api/v1/webhooks_controller.rb @@ -68,8 +68,9 @@ module Api # respuesta de error a plataformas def platforms_answer(exception) + ExceptionNotifier.notify_exception(exception, env: request.env, data: { headers: request.headers.to_h }) + head :forbidden - ExceptionNotifier.notify_exception(exception, env: request.env) end end end From 42e6a0b6eb5432773d2337ed33ac154defd2c042 Mon Sep 17 00:00:00 2001 From: f Date: Wed, 16 Aug 2023 16:24:33 -0300 Subject: [PATCH 5/5] fix: typo --- app/controllers/api/v1/webhooks_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/api/v1/webhooks_controller.rb b/app/controllers/api/v1/webhooks_controller.rb index 6be6c2dc..ab2fce6b 100644 --- a/app/controllers/api/v1/webhooks_controller.rb +++ b/app/controllers/api/v1/webhooks_controller.rb @@ -51,7 +51,7 @@ module Api # valida token a partir de firma de webhook # # @return [String, Boolean] - def token_from_signature(signature. prepend = '') + def token_from_signature(signature, prepend = '') payload = request.body.read site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token| new_signature = prepend + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload)