Merge pull request #25 from lukepatrick/v3

Update bitbucket uuid check to allow a non-specified uuid, similar to…
Update bitbucket uuid check to allow a non-specified uuid, similar to gitlab empty secret.
2018-02-23 05:10:58 -08:00 · 2018-02-22 15:27:54 -07:00 · 2018-02-15 07:22:55 -08:00 · 2018-02-14 12:45:52 -07:00
3 changed files with 140 additions and 71 deletions
@@ -80,11 +80,15 @@ func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
 	}
 	webhooks.DefaultLog.Debug(fmt.Sprintf("X-Hook-UUID:%s", uuid))
 	if len(hook.uuid) > 0 {
 		if uuid != hook.uuid {
-		webhooks.DefaultLog.Error(fmt.Sprintf("X-Hook-UUID does not match configured uuid of %s", hook.uuid))
+			webhooks.DefaultLog.Error(fmt.Sprintf("X-Hook-UUID %s does not match configured uuid of %s", uuid, hook.uuid))
 			http.Error(w, "403 Forbidden - X-Hook-UUID does not match", http.StatusForbidden)
 			return
 		}
 	} else {
 		webhooks.DefaultLog.Debug("hook uuid not defined - recommend setting for improved security")
 	}
 	event := r.Header.Get("X-Event-Key")
 	if event == "" {
@@ -813,6 +813,29 @@ func TestMergeRequestEvent(t *testing.T) {
      "username": "root",
      "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon"
    },
    "project": {
      "id": 1,
      "name":"Gitlab Test",
      "description":"Aut reprehenderit ut est.",
      "web_url":"http://example.com/gitlabhq/gitlab-test",
      "avatar_url":null,
      "git_ssh_url":"git@example.com:gitlabhq/gitlab-test.git",
      "git_http_url":"http://example.com/gitlabhq/gitlab-test.git",
      "namespace":"GitlabHQ",
      "visibility_level":20,
      "path_with_namespace":"gitlabhq/gitlab-test",
      "default_branch":"master",
      "homepage":"http://example.com/gitlabhq/gitlab-test",
      "url":"http://example.com/gitlabhq/gitlab-test.git",
      "ssh_url":"git@example.com:gitlabhq/gitlab-test.git",
      "http_url":"http://example.com/gitlabhq/gitlab-test.git"
    },
    "repository": {
      "name": "Gitlab Test",
      "url": "http://example.com/gitlabhq/gitlab-test.git",
      "description": "Aut reprehenderit ut est.",
      "homepage": "http://example.com/gitlabhq/gitlab-test"
    },
    "object_attributes": {
      "id": 99,
      "target_branch": "master",
@@ -823,15 +846,13 @@ func TestMergeRequestEvent(t *testing.T) {
      "title": "MS-Viewport",
      "created_at": "2013-12-03T17:23:34Z",
      "updated_at": "2013-12-03T17:23:34Z",
    "st_commits": null,
    "st_diffs": null,
      "milestone_id": null,
      "state": "opened",
      "merge_status": "unchecked",
      "target_project_id": 14,
      "iid": 1,
      "description": "",
-    "source":{
+      "source": {
        "name":"Awesome Project",
        "description":"Aut reprehenderit ut est.",
        "web_url":"http://example.com/awesome_space/awesome_project",
@@ -881,8 +902,50 @@ func TestMergeRequestEvent(t *testing.T) {
        "username": "user1",
        "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon"
      }
    },
    "labels": [{
      "id": 206,
      "title": "API",
      "color": "#ffffff",
      "project_id": 14,
      "created_at": "2013-12-03T17:15:43Z",
      "updated_at": "2013-12-03T17:15:43Z",
      "template": false,
      "description": "API related issues",
      "type": "ProjectLabel",
      "group_id": 41
    }],
    "changes": {
      "updated_by_id": [null, 1],
      "updated_at": ["2017-09-15 16:50:55 UTC", "2017-09-15 16:52:00 UTC"],
      "labels": {
        "previous": [{
          "id": 206,
          "title": "API",
          "color": "#ffffff",
          "project_id": 14,
          "created_at": "2013-12-03T17:15:43Z",
          "updated_at": "2013-12-03T17:15:43Z",
          "template": false,
          "description": "API related issues",
          "type": "ProjectLabel",
          "group_id": 41
        }],
        "current": [{
          "id": 205,
          "title": "Platform",
          "color": "#123123",
          "project_id": 14,
          "created_at": "2013-12-03T17:15:43Z",
          "updated_at": "2013-12-03T17:15:43Z",
          "template": false,
          "description": "Platform related issues",
          "type": "ProjectLabel",
          "group_id": 41
        }]
      }
    }
  }  
 }
 `
 	req, err := http.NewRequest("POST", "http://127.0.0.1:3011/webhooks", bytes.NewBuffer([]byte(payload)))
@@ -54,6 +54,8 @@ type MergeRequestEventPayload struct {
 	User             User             `json:"user"`
 	ObjectAttributes ObjectAttributes `json:"object_attributes"`
 	Changes          Changes          `json:"changes"`
 	Project          Project          `json:"project"`
 	Repository       Repository       `json:"repository"`
 }
 // PushEventPayload contains the information for GitLab's push event
Author	SHA1	Message	Date
Dean Karn	c271ec3e32	Merge pull request #25 from lukepatrick/v3 Update bitbucket uuid check to allow a non-specified uuid, similar to…	2018-02-23 05:10:58 -08:00
lukepatrick	0c4911f7f5	Update bitbucket uuid check to allow a non-specified uuid, similar to gitlab empty secret.	2018-02-22 15:27:54 -07:00
Dean Karn	3667088d60	Merge pull request #24 from lukepatrick/v3 update MergeRequestEvent payload with Project, Repo objects from the API	2018-02-15 07:22:55 -08:00
lukepatrick	9cafa895ff	update MergeRequestEvent payload with Project, Repo objects from the API	2018-02-14 12:45:52 -07:00