Sutty/panel
5
0
Fork 0
mirror of https://0xacab.org/sutty/sutty synced 2024-11-17 04:36:23 +00:00
Code Issues Projects Releases Wiki Activity

fix: add documentation and fix typos #13903
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse source
This commit is contained in:
jazzari 2023-08-15 16:59:16 -03:00
parent a098e1baa7
commit c5406acb26
2 changed files with 56 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

99
app/controllers/api/v1/webhooks_controller.rb
View file

@ -1,60 +1,69 @@
# frozen_string_literal: true # frozen_string_literal: true
module Api module Api
module V1 module V1
# Recibe webhooks y lanza un PullJob # Recibe webhooks y lanza un PullJob
class WebhooksController < BaseController class WebhooksController < BaseController
rescue_from ActiveRecord::RecordNotFound, with: :platforms_answer # responde con forbidden si falla la validación del token
rescue_from ActiveRecord::RecordNotFound, with: :platforms_answer
# Trae los cambios a partir de un post de Webhooks: # Trae los cambios a partir de un post de Webhooks:
# (Gitlab, Github, Guitea, etc) # (Gitlab, Github, Gitea, etc)
def pull def pull
message = I18n.with_locale(site.default_locale) do message = I18n.with_locale(site.default_locale) do
I18n.t('webhooks.pull.message') I18n.t('webhooks.pull.message')
end
GitPullJob.perform_later(site, usuarie, message)
platforms_answer
end end
private GitPullJob.perform_later(site, usuarie, message)
head :ok
end
def site private
@site ||= Site.find_by_name!(params[:site_id])
end
# valida el token que envía la plataforma del webhook # encuentra el sitio a partir de la url
def token def site
@token ||= @site ||= Site.find_by_name!(params[:site_id])
begin end
# Gitlab
if request.headers['X-Gitlab-Token'] # valida el token que envía la plataforma del webhook
request.headers["X-Gitlab-Token"] #
# Github # @return [String]
elsif request.headers['X-HUB-SIGNATURE-256'] def token
signature(request.env['HTTP_X_HUB_SIGNATURE_256']) @token ||=
# Guitea begin
else # Gitlab
signature(request.env['HTTP_X_GITEA_SIGNATURE']) if request.headers['X-Gitlab-Token']
end request.headers['X-Gitlab-Token']
# Github
elsif request.headers['X-HUB-SIGNATURE-256']
request.env['HTTP_X_HUB_SIGNATURE_256']
# Gitea
else
request.env['HTTP_X_GITEA_SIGNATURE']
end end
end
def token_from_signature(signature)
payload = request.body.read
site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token|
new_signature = hash_mac(OpenSSL::Digest.new('sha256'), token, payload)
@token ||= Rack::Utils.secure_compare(new_signature, signature)
end end
end end
def usuarie # valida token a partir de firma de webhook
@usuarie = site.roles.find_by!(temporal: false, rol: 'usuarie', token: token).usuarie #
end # @return [String]
def token_from_signature(signature)
def platforms_answer payload = request.body.read
head :ok site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token|
new_signature = 'sha256=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload)
ActiveSupport::SecurityUtils.secure_compare(new_signature, signature)
end end
end end
# encuentra le usuarie
def usuarie
@usuarie ||= site.roles.find_by!(temporal: false, rol: 'usuarie', token: token).usuarie
end
# respuesta de error a plataformas
def platforms_answer
head :forbidden
end
end end
end
end end

2
config/locales/es.yml
View file

@ -476,7 +476,7 @@ es:
message: 'Actualización del esqueleto' message: 'Actualización del esqueleto'
webhooks_controller: webhooks_controller:
pull: pull:
message: 'Pull de webhooks' message: 'Traer los cambios a partir de un evento remoto'
footer: footer:
powered_by: 'es desarrollada por' powered_by: 'es desarrollada por'
i18n: i18n: