Accueil Explorer Aide
Inscription Connexion
J1X
/
huginn
Suivre 2
Voter 0
Embranchement 0
Problèmes 0 Pull Requests 0 Commissions 2513 Publications 0

Aucune description http://j1x-huginn.herokuapp.com

ZIP TAR.GZ

webhook_agent_spec.rb 11KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324 
  1. require 'rails_helper'
  3. describe Agents::WebhookAgent do
  4.   let(:agent) do
  5.     _agent = Agents::WebhookAgent.new(:name => 'webhook',
  6.                                       :options => { 'secret' => 'foobar', 'payload_path' => 'some_key' })
  7.     _agent.user = users(:bob)
  8.     _agent.save!
  9.     _agent
  10.   end
  11.   let(:payload) { {'people' => [{ 'name' => 'bob' }, { 'name' => 'jon' }] } }
  13.   describe 'receive_web_request' do
  14.     it 'should create event if secret matches' do
  15.       out = nil
  16.       expect {
  17.         out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  18.       }.to change { Event.count }.by(1)
  19.       expect(out).to eq(['Event Created', 201])
  20.       expect(Event.last.payload).to eq(payload)
  21.     end
  23.     it 'should be able to create multiple events when given an array' do
  24.       out = nil
  25.       agent.options['payload_path'] = 'some_key.people'
  26.       expect {
  27.         out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  28.       }.to change { Event.count }.by(2)
  29.       expect(out).to eq(['Event Created', 201])
  30.       expect(Event.last.payload).to eq({ 'name' => 'jon' })
  31.     end
  33.     it 'should not create event if secrets do not match' do
  34.       out = nil
  35.       expect {
  36.         out = agent.receive_web_request({ 'secret' => 'bazbat', 'some_key' => payload }, "post", "text/html")
  37.       }.to change { Event.count }.by(0)
  38.       expect(out).to eq(['Not Authorized', 401])
  39.     end
  41.     it 'should respond with customized response message if configured with `response` option' do
  42.       agent.options['response'] = 'That Worked'
  43.       out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  44.       expect(out).to eq(['That Worked', 201])
  46.       # Empty string is a valid response
  47.       agent.options['response'] = ''
  48.       out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  49.       expect(out).to eq(['', 201])
  50.     end
  52.     it 'should respond with `Event Created` if the response option is nil or missing' do
  53.       agent.options['response'] = nil
  54.       out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  55.       expect(out).to eq(['Event Created', 201])
  57.       agent.options.delete('response')
  58.       out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  59.       expect(out).to eq(['Event Created', 201])
  60.     end
  62.     it 'should respond with customized response code if configured with `code` option' do
  63.       agent.options['code'] = '200'
  64.       out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  65.       expect(out).to eq(['Event Created', 200])
  66.     end
  68.     it 'should respond with `201` if the code option is empty, nil or missing' do
  69.       agent.options['code'] = ''
  70.       out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  71.       expect(out).to eq(['Event Created', 201])
  72.       
  73.       agent.options['code'] = nil
  74.       out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  75.       expect(out).to eq(['Event Created', 201])
  77.       agent.options.delete('code')
  78.       out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  79.       expect(out).to eq(['Event Created', 201])
  80.     end
  82.     describe "receiving events" do
  84.       context "default settings" do
  86.         it "should not accept GET" do
  87.           out = nil
  88.           expect {
  89.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
  90.           }.to change { Event.count }.by(0)
  91.           expect(out).to eq(['Please use POST requests only', 401])
  92.         end
  94.         it "should accept POST" do
  95.           out = nil
  96.           expect {
  97.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  98.           }.to change { Event.count }.by(1)
  99.           expect(out).to eq(['Event Created', 201])
  100.         end
  102.       end
  104.       context "accepting get and post" do
  106.         before { agent.options['verbs'] = 'get,post' }
  108.         it "should accept GET" do
  109.           out = nil
  110.           expect {
  111.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
  112.           }.to change { Event.count }.by(1)
  113.           expect(out).to eq(['Event Created', 201])
  114.         end
  116.         it "should accept POST" do
  117.           out = nil
  118.           expect {
  119.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  120.           }.to change { Event.count }.by(1)
  121.           expect(out).to eq(['Event Created', 201])
  122.         end
  124.         it "should not accept PUT" do
  125.           out = nil
  126.           expect {
  127.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "put", "text/html")
  128.           }.to change { Event.count }.by(0)
  129.           expect(out).to eq(['Please use GET/POST requests only', 401])
  130.         end
  132.       end
  134.       context "accepting only get" do
  136.         before { agent.options['verbs'] = 'get' }
  138.         it "should accept GET" do
  139.           out = nil
  140.           expect {
  141.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
  142.           }.to change { Event.count }.by(1)
  143.           expect(out).to eq(['Event Created', 201])
  144.         end
  146.         it "should not accept POST" do
  147.           out = nil
  148.           expect {
  149.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  150.           }.to change { Event.count }.by(0)
  151.           expect(out).to eq(['Please use GET requests only', 401])
  152.         end
  154.       end
  156.       context "accepting only post" do
  158.         before { agent.options['verbs'] = 'post' }
  160.         it "should not accept GET" do
  161.           out = nil
  162.           expect {
  163.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
  164.           }.to change { Event.count }.by(0)
  165.           expect(out).to eq(['Please use POST requests only', 401])
  166.         end
  168.         it "should accept POST" do
  169.           out = nil
  170.           expect {
  171.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  172.           }.to change { Event.count }.by(1)
  173.           expect(out).to eq(['Event Created', 201])
  174.         end
  176.       end
  178.       context "accepting only put" do
  180.         before { agent.options['verbs'] = 'put' }
  182.         it "should accept PUT" do
  183.           out = nil
  184.           expect {
  185.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "put", "text/html")
  186.           }.to change { Event.count }.by(1)
  187.           expect(out).to eq(['Event Created', 201])
  188.         end
  190.         it "should not accept GET" do
  191.           out = nil
  192.           expect {
  193.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
  194.           }.to change { Event.count }.by(0)
  195.           expect(out).to eq(['Please use PUT requests only', 401])
  196.         end
  198.         it "should not accept POST" do
  199.           out = nil
  200.           expect {
  201.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  202.           }.to change { Event.count }.by(0)
  203.           expect(out).to eq(['Please use PUT requests only', 401])
  204.         end
  206.       end
  208.       context "flaky content with commas" do
  210.         before { agent.options['verbs'] = ',,  PUT,POST, gEt , ,' }
  212.         it "should accept PUT" do
  213.           out = nil
  214.           expect {
  215.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "put", "text/html")
  216.           }.to change { Event.count }.by(1)
  217.           expect(out).to eq(['Event Created', 201])
  218.         end
  220.         it "should accept GET" do
  221.           out = nil
  222.           expect {
  223.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "get", "text/html")
  224.           }.to change { Event.count }.by(1)
  225.           expect(out).to eq(['Event Created', 201])
  226.         end
  228.         it "should accept POST" do
  229.           out = nil
  230.           expect {
  231.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  232.           }.to change { Event.count }.by(1)
  233.           expect(out).to eq(['Event Created', 201])
  234.         end
  236.         it "should not accept DELETE" do
  237.           out = nil
  238.           expect {
  239.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "delete", "text/html")
  240.           }.to change { Event.count }.by(0)
  241.           expect(out).to eq(['Please use PUT/POST/GET requests only', 401])
  242.         end
  244.       end
  246.       context "with reCAPTCHA" do
  247.         it "should not check a reCAPTCHA response unless recaptcha_secret is set" do
  248.           checked = false
  249.           out = nil
  251.           stub_request(:any, /verify/).to_return { |request|
  252.             checked = true
  253.             { status: 200, body: '{"success":false}' }
  254.           }
  256.           expect {
  257.             out= agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  258.           }.not_to change { checked }
  260.           expect(out).to eq(["Event Created", 201])
  261.         end
  263.         it "should reject a request if recaptcha_secret is set but g-recaptcha-response is not given" do
  264.           agent.options['recaptcha_secret'] = 'supersupersecret'
  266.           checked = false
  267.           out = nil
  269.           stub_request(:any, /verify/).to_return { |request|
  270.             checked = true
  271.             { status: 200, body: '{"success":false}' }
  272.           }
  274.           expect {
  275.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload }, "post", "text/html")
  276.           }.not_to change { checked }
  278.           expect(out).to eq(["Not Authorized", 401])
  279.         end
  281.         it "should reject a request if recaptcha_secret is set and g-recaptcha-response given is not verified" do
  282.           agent.options['recaptcha_secret'] = 'supersupersecret'
  284.           checked = false
  285.           out = nil
  287.           stub_request(:any, /verify/).to_return { |request|
  288.             checked = true
  289.             { status: 200, body: '{"success":false}' }
  290.           }
  292.           expect {
  293.             out = agent.receive_web_request({ 'secret' => 'foobar', 'some_key' => payload, 'g-recaptcha-response' => 'somevalue' }, "post", "text/html")
  294.           }.to change { checked }
  296.           expect(out).to eq(["Not Authorized", 401])
  297.         end
  299.         it "should accept a request if recaptcha_secret is set and g-recaptcha-response given is verified" do
  300.           agent.options['payload_path'] = '.'
  301.           agent.options['recaptcha_secret'] = 'supersupersecret'
  303.           checked = false
  304.           out = nil
  306.           stub_request(:any, /verify/).to_return { |request|
  307.             checked = true
  308.             { status: 200, body: '{"success":true}' }
  309.           }
  311.           expect {
  312.             out = agent.receive_web_request(payload.merge({ 'secret' => 'foobar', 'g-recaptcha-response' => 'somevalue' }), "post", "text/html")
  313.           }.to change { checked }
  315.           expect(out).to eq(["Event Created", 201])
  316.           expect(Event.last.payload).to eq(payload)
  317.         end
  318.       end
  320.     end
  322.   end
  323. end