gitlab-org--gitlab-foss/app/models/hooks/web_hook.rb

# == Schema Information
#
# Table name: web_hooks
#
#  id                      :integer          not null, primary key
#  url                     :string(2000)
#  project_id              :integer
#  created_at              :datetime
#  updated_at              :datetime
#  type                    :string           default("ProjectHook")
#  service_id              :integer
#  push_events             :boolean          default(TRUE), not null
#  issues_events           :boolean          default(FALSE), not null
#  merge_requests_events   :boolean          default(FALSE), not null
#  tag_push_events         :boolean          default(FALSE)
#  note_events             :boolean          default(FALSE), not null
#  enable_ssl_verification :boolean          default(TRUE)
#  build_events            :boolean          default(FALSE), not null
#

class WebHook < ActiveRecord::Base
  include Sortable
  include HTTParty

  default_value_for :push_events, true
  default_value_for :issues_events, false
  default_value_for :note_events, false
  default_value_for :merge_requests_events, false
  default_value_for :tag_push_events, false
  default_value_for :build_events, false
  default_value_for :enable_ssl_verification, true

  # HTTParty timeout
  default_timeout Gitlab.config.gitlab.webhook_timeout

  validates :url, presence: true, url: true

  def execute(data, hook_name)
    parsed_url = URI.parse(url)
    if parsed_url.userinfo.blank?
      response = WebHook.post(url,
                              body: data.to_json,
                              headers: {
                                  "Content-Type" => "application/json",
                                  "X-Gitlab-Event" => hook_name.singularize.titleize
                              },
                              verify: enable_ssl_verification)
    else
      post_url = url.gsub("#{parsed_url.userinfo}@", "")
      auth = {
        username: CGI.unescape(parsed_url.user),
        password: CGI.unescape(parsed_url.password),
      }
      response = WebHook.post(post_url,
                              body: data.to_json,
                              headers: {
                                  "Content-Type" => "application/json",
                                  "X-Gitlab-Event" => hook_name.singularize.titleize
                              },
                              verify: enable_ssl_verification,
                              basic_auth: auth)
    end

    [(response.code >= 200 && response.code < 300), ActionView::Base.full_sanitizer.sanitize(response.to_s)]
  rescue SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Net::OpenTimeout => e
    logger.error("WebHook Error => #{e}")
    [false, e.to_s]
  end

  def async_execute(data, hook_name)
    Sidekiq::Client.enqueue(ProjectWebHookWorker, id, data, hook_name)
  end
end
Annotated. schema updated 2012-11-19 13:24:05 -05:00			`# == Schema Information`
			`#`
			`# Table name: web_hooks`
			`#`
Annotate models Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-13 13:22:46 -05:00			`# id :integer not null, primary key`
Raise hook url limit 2015-12-01 15:47:23 -05:00			`# url :string(2000)`
Annotate models Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-13 13:22:46 -05:00			`# project_id :integer`
			`# created_at :datetime`
			`# updated_at :datetime`
Raise hook url limit 2015-12-01 15:47:23 -05:00			`# type :string default("ProjectHook")`
Annotate models Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-13 13:22:46 -05:00			`# service_id :integer`
			`# push_events :boolean default(TRUE), not null`
			`# issues_events :boolean default(FALSE), not null`
			`# merge_requests_events :boolean default(FALSE), not null`
			`# tag_push_events :boolean default(FALSE)`
			`# note_events :boolean default(FALSE), not null`
			`# enable_ssl_verification :boolean default(TRUE)`
Annotate models 2016-01-05 21:30:59 -05:00			`# build_events :boolean default(FALSE), not null`
Annotated. schema updated 2012-11-19 13:24:05 -05:00			`#`

Added web hooks functionality This commit includes: * Projects can have zero or more WebHooks. * The PostReceive job will ask a project to execute any web hooks defined for that project. * WebHook has a URL, we post Github-compatible JSON to that URL. * Failure to execute a WebHook will be silently ignored. 2011-12-14 11:38:52 -05:00			`class WebHook < ActiveRecord::Base`
Explicitly define ordering in models using default_scope 2015-02-05 17:20:55 -05:00			`include Sortable`
Added web hooks functionality This commit includes: * Projects can have zero or more WebHooks. * The PostReceive job will ask a project to execute any web hooks defined for that project. * WebHook has a URL, we post Github-compatible JSON to that URL. * Failure to execute a WebHook will be silently ignored. 2011-12-14 11:38:52 -05:00			`include HTTParty`

Default values for web hooks Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-02-27 08:56:35 -05:00			`default_value_for :push_events, true`
			`default_value_for :issues_events, false`
Add support for Webhook note events Closes https://github.com/gitlabhq/gitlabhq/issues/6745 2015-05-16 02:33:31 -04:00			`default_value_for :note_events, false`
Default values for web hooks Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-02-27 08:56:35 -05:00			`default_value_for :merge_requests_events, false`
Add tag_push_events to project hook api 2014-09-19 04:23:18 -04:00			`default_value_for :tag_push_events, false`
Migrate CI::Services and CI::WebHooks to Services and WebHooks 2015-12-07 07:23:23 -05:00			`default_value_for :build_events, false`
enable SSL by default 2015-09-15 09:19:32 -04:00			`default_value_for :enable_ssl_verification, true`
Default values for web hooks Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-02-27 08:56:35 -05:00
Added web hooks functionality This commit includes: * Projects can have zero or more WebHooks. * The PostReceive job will ask a project to execute any web hooks defined for that project. * WebHook has a URL, we post Github-compatible JSON to that URL. * Failure to execute a WebHook will be silently ignored. 2011-12-14 11:38:52 -05:00			`# HTTParty timeout`
Adding ability to configure webhook timeout via gitlab.yml 2014-09-12 11:38:14 -04:00			`default_timeout Gitlab.config.gitlab.webhook_timeout`
Added web hooks functionality This commit includes: * Projects can have zero or more WebHooks. * The PostReceive job will ask a project to execute any web hooks defined for that project. * WebHook has a URL, we post Github-compatible JSON to that URL. * Failure to execute a WebHook will be silently ignored. 2011-12-14 11:38:52 -05:00
Add custom UrlValidator 2015-12-01 18:45:36 -05:00			`validates :url, presence: true, url: true`
Added web hooks functionality This commit includes: * Projects can have zero or more WebHooks. * The PostReceive job will ask a project to execute any web hooks defined for that project. * WebHook has a URL, we post Github-compatible JSON to that URL. * Failure to execute a WebHook will be silently ignored. 2011-12-14 11:38:52 -05:00
Added X-GitLab-Event header for web hooks 2015-01-23 19:10:43 -05:00			`def execute(data, hook_name)`
make hooks respect http basic authentication 2012-08-01 22:48:46 -04:00			`parsed_url = URI.parse(url)`
			`if parsed_url.userinfo.blank?`
Handle and report SSL errors in Web hook test. Check for status 200 for success. If a Web hook test fails due to an SSL error or some other error, report the result back to the user instead of an Error 500. Closes #3656 Handle response 2015-12-01 19:15:01 -05:00			`response = WebHook.post(url,`
			`body: data.to_json,`
			`headers: {`
			`"Content-Type" => "application/json",`
			`"X-Gitlab-Event" => hook_name.singularize.titleize`
			`},`
			`verify: enable_ssl_verification)`
make hooks respect http basic authentication 2012-08-01 22:48:46 -04:00			`else`
cosmetical cleanup of models 2012-09-27 02:20:36 -04:00			`post_url = url.gsub("#{parsed_url.userinfo}@", "")`
Fix WebHook and special symbols in credentials When using web hook with credentials secured web resource, one needs to put the credentials in the hook URL. If the credentials contain special symbols (e.g. @ or #), it should be URL-quoted (e.g. %40 instead of @). But when Gitlab is making a request, it should unquote the symbols before base64-encoding them. 2013-02-22 11:03:59 -05:00			`auth = {`
Use CGI.escape instead of URI.escape, because URI is obsoleted. ref: https://github.com/ruby/ruby/commit/238b979f1789f95262a267d8df6239806f2859cc 2016-01-12 04:32:25 -05:00			`username: CGI.unescape(parsed_url.user),`
			`password: CGI.unescape(parsed_url.password),`
Fix WebHook and special symbols in credentials When using web hook with credentials secured web resource, one needs to put the credentials in the hook URL. If the credentials contain special symbols (e.g. @ or #), it should be URL-quoted (e.g. %40 instead of @). But when Gitlab is making a request, it should unquote the symbols before base64-encoding them. 2013-02-22 11:03:59 -05:00			`}`
Handle and report SSL errors in Web hook test. Check for status 200 for success. If a Web hook test fails due to an SSL error or some other error, report the result back to the user instead of an Error 500. Closes #3656 Handle response 2015-12-01 19:15:01 -05:00			`response = WebHook.post(post_url,`
			`body: data.to_json,`
			`headers: {`
			`"Content-Type" => "application/json",`
			`"X-Gitlab-Event" => hook_name.singularize.titleize`
			`},`
			`verify: enable_ssl_verification,`
			`basic_auth: auth)`
make hooks respect http basic authentication 2012-08-01 22:48:46 -04:00			`end`
Handle and report SSL errors in Web hook test. Check for status 200 for success. If a Web hook test fails due to an SSL error or some other error, report the result back to the user instead of an Error 500. Closes #3656 Handle response 2015-12-01 19:15:01 -05:00
Accept 2xx status codes for successful Web hook triggers Closes https://github.com/gitlabhq/gitlabhq/issues/9956 2016-01-07 09:28:24 -05:00			`[(response.code >= 200 && response.code < 300), ActionView::Base.full_sanitizer.sanitize(response.to_s)]`
Handle and report SSL errors in Web hook test. Check for status 200 for success. If a Web hook test fails due to an SSL error or some other error, report the result back to the user instead of an Error 500. Closes #3656 Handle response 2015-12-01 19:15:01 -05:00			`rescue SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Net::OpenTimeout => e`
Handle web hook exception Write to log if web hook cant be executed. This prevents 500 error when test web hook with invalid URL and prevent exceptions and retries in sidekiq Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-12-04 08:07:01 -05:00			`logger.error("WebHook Error => #{e}")`
Handle and report SSL errors in Web hook test. Check for status 200 for success. If a Web hook test fails due to an SSL error or some other error, report the result back to the user instead of an Error 500. Closes #3656 Handle response 2015-12-01 19:15:01 -05:00			`[false, e.to_s]`
Added web hooks functionality This commit includes: * Projects can have zero or more WebHooks. * The PostReceive job will ask a project to execute any web hooks defined for that project. * WebHook has a URL, we post Github-compatible JSON to that URL. * Failure to execute a WebHook will be silently ignored. 2011-12-14 11:38:52 -05:00			`end`
Updates project to process web hooks async via sidekiq. A new queue of "project_web_hook" is used to process web hooks asynchronously, allowing each to succeed/fail (and be retried) independently. (Basically, project web hooks now process the same as system hooks.) 2013-01-24 15:15:24 -05:00
Added X-GitLab-Event header for web hooks 2015-01-23 19:10:43 -05:00			`def async_execute(data, hook_name)`
			`Sidekiq::Client.enqueue(ProjectWebHookWorker, id, data, hook_name)`
Updates project to process web hooks async via sidekiq. A new queue of "project_web_hook" is used to process web hooks asynchronously, allowing each to succeed/fail (and be retried) independently. (Basically, project web hooks now process the same as system hooks.) 2013-01-24 15:15:24 -05:00			`end`
Added web hooks functionality This commit includes: * Projects can have zero or more WebHooks. * The PostReceive job will ask a project to execute any web hooks defined for that project. * WebHook has a URL, we post Github-compatible JSON to that URL. * Failure to execute a WebHook will be silently ignored. 2011-12-14 11:38:52 -05:00			`end`