paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-05 14:35:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
778b7c0bdba036f8480832b118ab516c4171f3d8
zulip/zerver/lib/webhooks/common.py
YashRE42 778b7c0bdb links: Replace all references to Django docs to link to /3.2/ version. 
Previously, our codebase contained links to various versions of the
Django docs, eg https://docs.djangoproject.com/en/1.8/ref/
request-response/#django.http.HttpRequest and https://
docs.djangoproject.com/en/2.2/ref/settings/#std:setting-SERVER_EMAIL
opening a link to a doc with an outdated Django version would show a
warning "This document is for an insecure version of Django that is no
longer supported. Please upgrade to a newer release!".

Most of these links are inside comments.

Following the replacement of these links in our docs, this commit uses
a search with the regex "docs.djangoproject.com/en/([0-9].[0-9]*)/"
and replaces all matches with "docs.djangoproject.com/en/3.2/".

All the new links in this commit have been generated by the above
replace and each link has then been manually checked to ensure that
(1) the page still exists and has not been moved to a new location
(and it has been found that no page has been moved like this), (2)
that the anchor that we're linking to has not been changed (and it has
been found that no anchor has been changed like this).

One comment where we mentioned a Django version in text before linking
to a page for that version has also been changed, the comment
mentioned the specific version when a change happened, and the history
is no longer relevant to us.
2021-11-08 18:06:16 -08:00

231 lines
9.1 KiB
Python
Raw Blame History

import fnmatch
import importlib
from datetime import datetime
from typing import Any, Callable, Dict, List, Optional, Union
from urllib.parse import unquote
from django.http import HttpRequest
from django.utils.translation import gettext as _
from zerver.lib.actions import (
check_send_private_message,
check_send_stream_message,
check_send_stream_message_by_id,
send_rate_limited_pm_notification_to_bot_owner,
)
from zerver.lib.exceptions import ErrorCode, JsonableError, StreamDoesNotExistError
from zerver.lib.request import REQ, RequestNotes, has_request_variables
from zerver.lib.send_email import FromAddress
from zerver.lib.timestamp import timestamp_to_datetime
from zerver.lib.validator import check_list, check_string
from zerver.models import UserProfile
MISSING_EVENT_HEADER_MESSAGE = """\
Hi there! Your bot {bot_name} just sent an HTTP request to {request_path} that
is missing the HTTP {header_name} header. Because this header is how
{integration_name} indicates the event type, this usually indicates a configuration
issue, where you either entered the URL for a different integration, or are running
an older version of the third-party service that doesn't provide that header.
Contact {support_email} if you need help debugging!
"""
INVALID_JSON_MESSAGE = """
Hi there! It looks like you tried to set up the Zulip {webhook_name} integration,
but didn't correctly configure the webhook to send data in the JSON format
that this integration expects!
"""
SETUP_MESSAGE_TEMPLATE = "{integration} webhook has been successfully configured"
SETUP_MESSAGE_USER_PART = " by {user_name}"
# Django prefixes all custom HTTP headers with `HTTP_`
DJANGO_HTTP_PREFIX = "HTTP_"
def get_setup_webhook_message(integration: str, user_name: Optional[str] = None) -> str:
content = SETUP_MESSAGE_TEMPLATE.format(integration=integration)
if user_name:
content += SETUP_MESSAGE_USER_PART.format(user_name=user_name)
content = f"{content}."
return content
def notify_bot_owner_about_invalid_json(
user_profile: UserProfile, webhook_client_name: str
) -> None:
send_rate_limited_pm_notification_to_bot_owner(
user_profile,
user_profile.realm,
INVALID_JSON_MESSAGE.format(webhook_name=webhook_client_name).strip(),
)
class MissingHTTPEventHeader(JsonableError):
code = ErrorCode.MISSING_HTTP_EVENT_HEADER
data_fields = ["header"]
def __init__(self, header: str) -> None:
self.header = header
@staticmethod
def msg_format() -> str:
return _("Missing the HTTP event header '{header}'")
@has_request_variables
def check_send_webhook_message(
request: HttpRequest,
user_profile: UserProfile,
topic: str,
body: str,
complete_event_type: Optional[str] = None,
stream: Optional[str] = REQ(default=None),
user_specified_topic: Optional[str] = REQ("topic", default=None),
only_events: Optional[List[str]] = REQ(default=None, json_validator=check_list(check_string)),
exclude_events: Optional[List[str]] = REQ(
default=None, json_validator=check_list(check_string)
),
unquote_url_parameters: bool = False,
) -> None:
if complete_event_type is not None:
# Here, we implement Zulip's generic support for filtering
# events sent by the third-party service.
#
# If complete_event_type is passed to this function, we will check the event
# type against user configured lists of only_events and exclude events.
# If the event does not satisfy the configuration, the function will return
# without sending any messages.
#
# We match items in only_events and exclude_events using Unix
# shell-style wildcards.
if (
only_events is not None
and all([not fnmatch.fnmatch(complete_event_type, pattern) for pattern in only_events])
) or (
exclude_events is not None
and any([fnmatch.fnmatch(complete_event_type, pattern) for pattern in exclude_events])
):
return
client = RequestNotes.get_notes(request).client
assert client is not None
if stream is None:
assert user_profile.bot_owner is not None
check_send_private_message(user_profile, client, user_profile.bot_owner, body)
else:
# Some third-party websites (such as Atlassian's Jira), tend to
# double escape their URLs in a manner that escaped space characters
# (%20) are never properly decoded. We work around that by making sure
# that the URL parameters are decoded on our end.
if stream is not None and unquote_url_parameters:
stream = unquote(stream)
if user_specified_topic is not None:
topic = user_specified_topic
if unquote_url_parameters:
topic = unquote(topic)
try:
if stream.isdecimal():
check_send_stream_message_by_id(user_profile, client, int(stream), topic, body)
else:
check_send_stream_message(user_profile, client, stream, topic, body)
except StreamDoesNotExistError:
# A PM will be sent to the bot_owner by check_message, notifying
# that the webhook bot just tried to send a message to a non-existent
# stream, so we don't need to re-raise it since it clutters up
# webhook-errors.log
pass
def standardize_headers(input_headers: Union[None, Dict[str, Any]]) -> Dict[str, str]:
"""This method can be used to standardize a dictionary of headers with
the standard format that Django expects. For reference, refer to:
https://docs.djangoproject.com/en/3.2/ref/request-response/#django.http.HttpRequest.headers
NOTE: Historically, Django's headers were not case-insensitive. We're still
capitalizing our headers to make it easier to compare/search later if required.
"""
canonical_headers = {}
if not input_headers:
return {}
for raw_header in input_headers:
polished_header = raw_header.upper().replace("-", "_")
if polished_header not in ["CONTENT_TYPE", "CONTENT_LENGTH"]:
if not polished_header.startswith("HTTP_"):
polished_header = "HTTP_" + polished_header
canonical_headers[polished_header] = str(input_headers[raw_header])
return canonical_headers
def validate_extract_webhook_http_header(
request: HttpRequest, header: str, integration_name: str, fatal: bool = True
) -> Optional[str]:
assert request.user.is_authenticated
extracted_header = request.META.get(DJANGO_HTTP_PREFIX + header)
if extracted_header is None and fatal:
message_body = MISSING_EVENT_HEADER_MESSAGE.format(
bot_name=request.user.full_name,
request_path=request.path,
header_name=header,
integration_name=integration_name,
support_email=FromAddress.SUPPORT,
)
send_rate_limited_pm_notification_to_bot_owner(
request.user, request.user.realm, message_body
)
raise MissingHTTPEventHeader(header)
return extracted_header
def get_fixture_http_headers(integration_name: str, fixture_name: str) -> Dict["str", "str"]:
"""For integrations that require custom HTTP headers for some (or all)
of their test fixtures, this method will call a specially named
function from the target integration module to determine what set
of HTTP headers goes with the given test fixture.
"""
view_module_name = f"zerver.webhooks.{integration_name}.view"
try:
# TODO: We may want to migrate to a more explicit registration
# strategy for this behavior rather than a try/except import.
view_module = importlib.import_module(view_module_name)
fixture_to_headers = getattr(view_module, "fixture_to_headers")
except (ImportError, AttributeError):
return {}
return fixture_to_headers(fixture_name)
def get_http_headers_from_filename(http_header_key: str) -> Callable[[str], Dict[str, str]]:
"""If an integration requires an event type kind of HTTP header which can
be easily (statically) determined, then name the fixtures in the format
of "header_value__other_details" or even "header_value" and the use this
method in the headers.py file for the integration."""
def fixture_to_headers(filename: str) -> Dict[str, str]:
if "__" in filename:
event_type = filename.split("__")[0]
else:
event_type = filename
return {http_header_key: event_type}
return fixture_to_headers
def unix_milliseconds_to_timestamp(milliseconds: Any, webhook: str) -> datetime:
"""If an integration requires time input in unix milliseconds, this helper
checks to ensure correct type and will catch any errors related to type or
value and raise a JsonableError.
Returns a datetime representing the time."""
try:
# timestamps are in milliseconds so divide by 1000
seconds = milliseconds / 1000
return timestamp_to_datetime(seconds)
except (ValueError, TypeError):
raise JsonableError(_("The {} webhook expects time in milliseconds.").format(webhook))
Reference in New Issue View Git Blame Copy Permalink