github.com/mattermosttest/mattermost-server/v5@v5.0.0-20200917143240-9dfa12e121f9/app/webhook.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package app 5 6 import ( 7 "errors" 8 "io" 9 "net/http" 10 "regexp" 11 "strings" 12 "unicode/utf8" 13 14 "github.com/mattermost/mattermost-server/v5/mlog" 15 "github.com/mattermost/mattermost-server/v5/model" 16 "github.com/mattermost/mattermost-server/v5/store" 17 "github.com/mattermost/mattermost-server/v5/utils" 18 ) 19 20 const ( 21 TRIGGERWORDS_EXACT_MATCH = 0 22 TRIGGERWORDS_STARTS_WITH = 1 23 24 MaxIntegrationResponseSize = 1024 * 1024 // Posts can be <100KB at most, so this is likely more than enough 25 ) 26 27 func (a *App) handleWebhookEvents(post *model.Post, team *model.Team, channel *model.Channel, user *model.User) *model.AppError { 28 if !*a.Config().ServiceSettings.EnableOutgoingWebhooks { 29 return nil 30 } 31 32 if channel.Type != model.CHANNEL_OPEN { 33 return nil 34 } 35 36 hooks, err := a.Srv().Store.Webhook().GetOutgoingByTeam(team.Id, -1, -1) 37 if err != nil { 38 return model.NewAppError("handleWebhookEvents", "app.webhooks.get_outgoing_by_team.app_error", nil, err.Error(), http.StatusInternalServerError) 39 } 40 41 if len(hooks) == 0 { 42 return nil 43 } 44 45 var firstWord, triggerWord string 46 47 splitWords := strings.Fields(post.Message) 48 if len(splitWords) > 0 { 49 firstWord = splitWords[0] 50 } 51 52 relevantHooks := []*model.OutgoingWebhook{} 53 for _, hook := range hooks { 54 if hook.ChannelId == post.ChannelId || len(hook.ChannelId) == 0 { 55 if hook.ChannelId == post.ChannelId && len(hook.TriggerWords) == 0 { 56 relevantHooks = append(relevantHooks, hook) 57 triggerWord = "" 58 } else if hook.TriggerWhen == TRIGGERWORDS_EXACT_MATCH && hook.TriggerWordExactMatch(firstWord) { 59 relevantHooks = append(relevantHooks, hook) 60 triggerWord = hook.GetTriggerWord(firstWord, true) 61 } else if hook.TriggerWhen == TRIGGERWORDS_STARTS_WITH && hook.TriggerWordStartsWith(firstWord) { 62 relevantHooks = append(relevantHooks, hook) 63 triggerWord = hook.GetTriggerWord(firstWord, false) 64 } 65 } 66 } 67 68 for _, hook := range relevantHooks { 69 payload := &model.OutgoingWebhookPayload{ 70 Token: hook.Token, 71 TeamId: hook.TeamId, 72 TeamDomain: team.Name, 73 ChannelId: post.ChannelId, 74 ChannelName: channel.Name, 75 Timestamp: post.CreateAt, 76 UserId: post.UserId, 77 UserName: user.Username, 78 PostId: post.Id, 79 Text: post.Message, 80 TriggerWord: triggerWord, 81 FileIds: strings.Join(post.FileIds, ","), 82 } 83 a.Srv().Go(func(hook *model.OutgoingWebhook) func() { 84 return func() { 85 a.TriggerWebhook(payload, hook, post, channel) 86 } 87 }(hook)) 88 } 89 90 return nil 91 } 92 93 func (a *App) TriggerWebhook(payload *model.OutgoingWebhookPayload, hook *model.OutgoingWebhook, post *model.Post, channel *model.Channel) { 94 var body io.Reader 95 var contentType string 96 if hook.ContentType == "application/json" { 97 body = strings.NewReader(payload.ToJSON()) 98 contentType = "application/json" 99 } else { 100 body = strings.NewReader(payload.ToFormValues()) 101 contentType = "application/x-www-form-urlencoded" 102 } 103 104 for i := range hook.CallbackURLs { 105 // Get the callback URL by index to properly capture it for the go func 106 url := hook.CallbackURLs[i] 107 108 a.Srv().Go(func() { 109 webhookResp, err := a.doOutgoingWebhookRequest(url, body, contentType) 110 if err != nil { 111 mlog.Error("Event POST failed.", mlog.Err(err)) 112 return 113 } 114 115 if webhookResp != nil && (webhookResp.Text != nil || len(webhookResp.Attachments) > 0) { 116 postRootId := "" 117 if webhookResp.ResponseType == model.OUTGOING_HOOK_RESPONSE_TYPE_COMMENT { 118 postRootId = post.Id 119 } 120 if len(webhookResp.Props) == 0 { 121 webhookResp.Props = make(model.StringInterface) 122 } 123 webhookResp.Props["webhook_display_name"] = hook.DisplayName 124 125 text := "" 126 if webhookResp.Text != nil { 127 text = a.ProcessSlackText(*webhookResp.Text) 128 } 129 webhookResp.Attachments = a.ProcessSlackAttachments(webhookResp.Attachments) 130 // attachments is in here for slack compatibility 131 if len(webhookResp.Attachments) > 0 { 132 webhookResp.Props["attachments"] = webhookResp.Attachments 133 } 134 if *a.Config().ServiceSettings.EnablePostUsernameOverride && hook.Username != "" && webhookResp.Username == "" { 135 webhookResp.Username = hook.Username 136 } 137 138 if *a.Config().ServiceSettings.EnablePostIconOverride && hook.IconURL != "" && webhookResp.IconURL == "" { 139 webhookResp.IconURL = hook.IconURL 140 } 141 if _, err := a.CreateWebhookPost(hook.CreatorId, channel, text, webhookResp.Username, webhookResp.IconURL, "", webhookResp.Props, webhookResp.Type, postRootId); err != nil { 142 mlog.Error("Failed to create response post.", mlog.Err(err)) 143 } 144 } 145 }) 146 } 147 } 148 149 func (a *App) doOutgoingWebhookRequest(url string, body io.Reader, contentType string) (*model.OutgoingWebhookResponse, error) { 150 req, err := http.NewRequest("POST", url, body) 151 if err != nil { 152 return nil, err 153 } 154 155 req.Header.Set("Content-Type", contentType) 156 req.Header.Set("Accept", "application/json") 157 158 resp, err := a.HTTPService().MakeClient(false).Do(req) 159 if err != nil { 160 return nil, err 161 } 162 163 defer resp.Body.Close() 164 165 return model.OutgoingWebhookResponseFromJson(io.LimitReader(resp.Body, MaxIntegrationResponseSize)) 166 } 167 168 func SplitWebhookPost(post *model.Post, maxPostSize int) ([]*model.Post, *model.AppError) { 169 splits := make([]*model.Post, 0) 170 remainingText := post.Message 171 172 base := post.Clone() 173 base.Message = "" 174 base.SetProps(make(map[string]interface{})) 175 for k, v := range post.GetProps() { 176 if k != "attachments" { 177 base.AddProp(k, v) 178 } 179 } 180 181 if utf8.RuneCountInString(model.StringInterfaceToJson(base.GetProps())) > model.POST_PROPS_MAX_USER_RUNES { 182 return nil, model.NewAppError("SplitWebhookPost", "web.incoming_webhook.split_props_length.app_error", map[string]interface{}{"Max": model.POST_PROPS_MAX_USER_RUNES}, "", http.StatusBadRequest) 183 } 184 185 for utf8.RuneCountInString(remainingText) > maxPostSize { 186 split := base.Clone() 187 x := 0 188 for index := range remainingText { 189 x++ 190 if x > maxPostSize { 191 split.Message = remainingText[:index] 192 remainingText = remainingText[index:] 193 break 194 } 195 } 196 splits = append(splits, split) 197 } 198 199 split := base.Clone() 200 split.Message = remainingText 201 splits = append(splits, split) 202 203 attachments, _ := post.GetProp("attachments").([]*model.SlackAttachment) 204 for _, attachment := range attachments { 205 newAttachment := *attachment 206 for { 207 lastSplit := splits[len(splits)-1] 208 newProps := make(map[string]interface{}) 209 for k, v := range lastSplit.GetProps() { 210 newProps[k] = v 211 } 212 origAttachments, _ := newProps["attachments"].([]*model.SlackAttachment) 213 newProps["attachments"] = append(origAttachments, &newAttachment) 214 newPropsString := model.StringInterfaceToJson(newProps) 215 runeCount := utf8.RuneCountInString(newPropsString) 216 217 if runeCount <= model.POST_PROPS_MAX_USER_RUNES { 218 lastSplit.SetProps(newProps) 219 break 220 } 221 222 if len(origAttachments) > 0 { 223 newSplit := base.Clone() 224 splits = append(splits, newSplit) 225 continue 226 } 227 228 truncationNeeded := runeCount - model.POST_PROPS_MAX_USER_RUNES 229 textRuneCount := utf8.RuneCountInString(attachment.Text) 230 if textRuneCount < truncationNeeded { 231 return nil, model.NewAppError("SplitWebhookPost", "web.incoming_webhook.split_props_length.app_error", map[string]interface{}{"Max": model.POST_PROPS_MAX_USER_RUNES}, "", http.StatusBadRequest) 232 } 233 x := 0 234 for index := range attachment.Text { 235 x++ 236 if x > textRuneCount-truncationNeeded { 237 newAttachment.Text = newAttachment.Text[:index] 238 break 239 } 240 } 241 lastSplit.SetProps(newProps) 242 break 243 } 244 } 245 246 return splits, nil 247 } 248 249 func (a *App) CreateWebhookPost(userId string, channel *model.Channel, text, overrideUsername, overrideIconUrl, overrideIconEmoji string, props model.StringInterface, postType string, postRootId string) (*model.Post, *model.AppError) { 250 // parse links into Markdown format 251 linkWithTextRegex := regexp.MustCompile(`<([^\n<\|>]+)\|([^\n>]+)>`) 252 text = linkWithTextRegex.ReplaceAllString(text, "[${2}](${1})") 253 254 post := &model.Post{UserId: userId, ChannelId: channel.Id, Message: text, Type: postType, RootId: postRootId} 255 post.AddProp("from_webhook", "true") 256 257 if strings.HasPrefix(post.Type, model.POST_SYSTEM_MESSAGE_PREFIX) { 258 err := model.NewAppError("CreateWebhookPost", "api.context.invalid_param.app_error", map[string]interface{}{"Name": "post.type"}, "", http.StatusBadRequest) 259 return nil, err 260 } 261 262 if metrics := a.Metrics(); metrics != nil { 263 metrics.IncrementWebhookPost() 264 } 265 266 if *a.Config().ServiceSettings.EnablePostUsernameOverride { 267 if len(overrideUsername) != 0 { 268 post.AddProp("override_username", overrideUsername) 269 } else { 270 post.AddProp("override_username", model.DEFAULT_WEBHOOK_USERNAME) 271 } 272 } 273 274 if *a.Config().ServiceSettings.EnablePostIconOverride { 275 if len(overrideIconUrl) != 0 { 276 post.AddProp("override_icon_url", overrideIconUrl) 277 } 278 if len(overrideIconEmoji) != 0 { 279 post.AddProp("override_icon_emoji", overrideIconEmoji) 280 } 281 } 282 283 if len(props) > 0 { 284 for key, val := range props { 285 if key == "attachments" { 286 if attachments, success := val.([]*model.SlackAttachment); success { 287 model.ParseSlackAttachment(post, attachments) 288 } 289 } else if key != "override_icon_url" && key != "override_username" && key != "from_webhook" { 290 post.AddProp(key, val) 291 } 292 } 293 } 294 295 splits, err := SplitWebhookPost(post, a.MaxPostSize()) 296 if err != nil { 297 return nil, err 298 } 299 300 for _, split := range splits { 301 if _, err := a.CreatePostMissingChannel(split, false); err != nil { 302 return nil, model.NewAppError("CreateWebhookPost", "api.post.create_webhook_post.creating.app_error", nil, "err="+err.Message, http.StatusInternalServerError) 303 } 304 } 305 306 return splits[0], nil 307 } 308 309 func (a *App) CreateIncomingWebhookForChannel(creatorId string, channel *model.Channel, hook *model.IncomingWebhook) (*model.IncomingWebhook, *model.AppError) { 310 if !*a.Config().ServiceSettings.EnableIncomingWebhooks { 311 return nil, model.NewAppError("CreateIncomingWebhookForChannel", "api.incoming_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 312 } 313 314 hook.UserId = creatorId 315 hook.TeamId = channel.TeamId 316 317 if !*a.Config().ServiceSettings.EnablePostUsernameOverride { 318 hook.Username = "" 319 } 320 if !*a.Config().ServiceSettings.EnablePostIconOverride { 321 hook.IconURL = "" 322 } 323 324 if hook.Username != "" && !model.IsValidUsername(hook.Username) { 325 return nil, model.NewAppError("CreateIncomingWebhookForChannel", "api.incoming_webhook.invalid_username.app_error", nil, "", http.StatusBadRequest) 326 } 327 328 webhook, err := a.Srv().Store.Webhook().SaveIncoming(hook) 329 if err != nil { 330 var invErr *store.ErrInvalidInput 331 var appErr *model.AppError 332 switch { 333 case errors.As(err, &appErr): 334 return nil, appErr 335 case errors.As(err, &invErr): 336 return nil, model.NewAppError("CreateIncomingWebhookForChannel", "app.webhooks.save_incoming.existing.app_error", nil, invErr.Error(), http.StatusBadRequest) 337 default: 338 return nil, model.NewAppError("CreateIncomingWebhookForChannel", "app.webhooks.save_incoming.app_error", nil, err.Error(), http.StatusInternalServerError) 339 } 340 } 341 342 return webhook, nil 343 } 344 345 func (a *App) UpdateIncomingWebhook(oldHook, updatedHook *model.IncomingWebhook) (*model.IncomingWebhook, *model.AppError) { 346 if !*a.Config().ServiceSettings.EnableIncomingWebhooks { 347 return nil, model.NewAppError("UpdateIncomingWebhook", "api.incoming_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 348 } 349 350 if !*a.Config().ServiceSettings.EnablePostUsernameOverride { 351 updatedHook.Username = oldHook.Username 352 } 353 if !*a.Config().ServiceSettings.EnablePostIconOverride { 354 updatedHook.IconURL = oldHook.IconURL 355 } 356 357 if updatedHook.Username != "" && !model.IsValidUsername(updatedHook.Username) { 358 return nil, model.NewAppError("UpdateIncomingWebhook", "api.incoming_webhook.invalid_username.app_error", nil, "", http.StatusBadRequest) 359 } 360 361 updatedHook.Id = oldHook.Id 362 updatedHook.UserId = oldHook.UserId 363 updatedHook.CreateAt = oldHook.CreateAt 364 updatedHook.UpdateAt = model.GetMillis() 365 updatedHook.TeamId = oldHook.TeamId 366 updatedHook.DeleteAt = oldHook.DeleteAt 367 368 newWebhook, err := a.Srv().Store.Webhook().UpdateIncoming(updatedHook) 369 if err != nil { 370 return nil, model.NewAppError("UpdateIncomingWebhook", "app.webhooks.update_incoming.app_error", nil, err.Error(), http.StatusInternalServerError) 371 } 372 a.invalidateCacheForWebhook(oldHook.Id) 373 return newWebhook, nil 374 } 375 376 func (a *App) DeleteIncomingWebhook(hookId string) *model.AppError { 377 if !*a.Config().ServiceSettings.EnableIncomingWebhooks { 378 return model.NewAppError("DeleteIncomingWebhook", "api.incoming_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 379 } 380 381 if err := a.Srv().Store.Webhook().DeleteIncoming(hookId, model.GetMillis()); err != nil { 382 return model.NewAppError("DeleteIncomingWebhook", "app.webhooks.delete_incoming.app_error", nil, err.Error(), http.StatusInternalServerError) 383 } 384 385 a.invalidateCacheForWebhook(hookId) 386 387 return nil 388 } 389 390 func (a *App) GetIncomingWebhook(hookId string) (*model.IncomingWebhook, *model.AppError) { 391 if !*a.Config().ServiceSettings.EnableIncomingWebhooks { 392 return nil, model.NewAppError("GetIncomingWebhook", "api.incoming_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 393 } 394 395 webhook, err := a.Srv().Store.Webhook().GetIncoming(hookId, true) 396 if err != nil { 397 var nfErr *store.ErrNotFound 398 switch { 399 case errors.As(err, &nfErr): 400 return nil, model.NewAppError("GetIncomingWebhook", "app.webhooks.get_incoming.app_error", nil, nfErr.Error(), http.StatusNotFound) 401 default: 402 return nil, model.NewAppError("GetIncomingWebhook", "app.webhooks.get_incoming.app_error", nil, err.Error(), http.StatusInternalServerError) 403 } 404 } 405 406 return webhook, nil 407 } 408 409 func (a *App) GetIncomingWebhooksForTeamPage(teamId string, page, perPage int) ([]*model.IncomingWebhook, *model.AppError) { 410 return a.GetIncomingWebhooksForTeamPageByUser(teamId, "", page, perPage) 411 } 412 413 func (a *App) GetIncomingWebhooksForTeamPageByUser(teamId string, userId string, page, perPage int) ([]*model.IncomingWebhook, *model.AppError) { 414 if !*a.Config().ServiceSettings.EnableIncomingWebhooks { 415 return nil, model.NewAppError("GetIncomingWebhooksForTeamPage", "api.incoming_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 416 } 417 418 webhooks, err := a.Srv().Store.Webhook().GetIncomingByTeamByUser(teamId, userId, page*perPage, perPage) 419 if err != nil { 420 return nil, model.NewAppError("GetIncomingWebhooksForTeamPage", "app.webhooks.get_incoming_by_user.app_error", nil, err.Error(), http.StatusInternalServerError) 421 } 422 423 return webhooks, nil 424 } 425 426 func (a *App) GetIncomingWebhooksPageByUser(userId string, page, perPage int) ([]*model.IncomingWebhook, *model.AppError) { 427 if !*a.Config().ServiceSettings.EnableIncomingWebhooks { 428 return nil, model.NewAppError("GetIncomingWebhooksPageByUser", "api.incoming_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 429 } 430 431 webhooks, err := a.Srv().Store.Webhook().GetIncomingListByUser(userId, page*perPage, perPage) 432 if err != nil { 433 return nil, model.NewAppError("GetIncomingWebhooksPageByUser", "app.webhooks.get_incoming_by_user.app_error", nil, err.Error(), http.StatusInternalServerError) 434 } 435 436 return webhooks, nil 437 } 438 439 func (a *App) GetIncomingWebhooksPage(page, perPage int) ([]*model.IncomingWebhook, *model.AppError) { 440 return a.GetIncomingWebhooksPageByUser("", page, perPage) 441 } 442 443 func (a *App) CreateOutgoingWebhook(hook *model.OutgoingWebhook) (*model.OutgoingWebhook, *model.AppError) { 444 if !*a.Config().ServiceSettings.EnableOutgoingWebhooks { 445 return nil, model.NewAppError("CreateOutgoingWebhook", "api.outgoing_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 446 } 447 448 if len(hook.ChannelId) != 0 { 449 channel, errCh := a.Srv().Store.Channel().Get(hook.ChannelId, true) 450 if errCh != nil { 451 var nfErr *store.ErrNotFound 452 switch { 453 case errors.As(errCh, &nfErr): 454 return nil, model.NewAppError("CreateOutgoingWebhook", "app.channel.get.existing.app_error", nil, nfErr.Error(), http.StatusNotFound) 455 default: 456 return nil, model.NewAppError("CreateOutgoingWebhook", "app.channel.get.find.app_error", nil, errCh.Error(), http.StatusInternalServerError) 457 } 458 } 459 460 if channel.Type != model.CHANNEL_OPEN { 461 return nil, model.NewAppError("CreateOutgoingWebhook", "api.outgoing_webhook.disabled.app_error", nil, "", http.StatusForbidden) 462 } 463 464 if channel.Type != model.CHANNEL_OPEN || channel.TeamId != hook.TeamId { 465 return nil, model.NewAppError("CreateOutgoingWebhook", "api.webhook.create_outgoing.permissions.app_error", nil, "", http.StatusForbidden) 466 } 467 } else if len(hook.TriggerWords) == 0 { 468 return nil, model.NewAppError("CreateOutgoingWebhook", "api.webhook.create_outgoing.triggers.app_error", nil, "", http.StatusBadRequest) 469 } 470 471 if allHooks, err := a.Srv().Store.Webhook().GetOutgoingByTeam(hook.TeamId, -1, -1); err != nil { 472 return nil, model.NewAppError("CreateOutgoingWebhook", "app.webhooks.get_outgoing_by_team.app_error", nil, err.Error(), http.StatusInternalServerError) 473 } else { 474 475 for _, existingOutHook := range allHooks { 476 urlIntersect := utils.StringArrayIntersection(existingOutHook.CallbackURLs, hook.CallbackURLs) 477 triggerIntersect := utils.StringArrayIntersection(existingOutHook.TriggerWords, hook.TriggerWords) 478 479 if existingOutHook.ChannelId == hook.ChannelId && len(urlIntersect) != 0 && len(triggerIntersect) != 0 { 480 return nil, model.NewAppError("CreateOutgoingWebhook", "api.webhook.create_outgoing.intersect.app_error", nil, "", http.StatusInternalServerError) 481 } 482 } 483 } 484 485 webhook, err := a.Srv().Store.Webhook().SaveOutgoing(hook) 486 if err != nil { 487 var appErr *model.AppError 488 var invErr *store.ErrInvalidInput 489 switch { 490 case errors.As(err, &appErr): 491 return nil, appErr 492 case errors.As(err, &invErr): 493 return nil, model.NewAppError("CreateOutgoingWebhook", "app.webhooks.save_outgoing.override.app_error", nil, invErr.Error(), http.StatusBadRequest) 494 default: 495 return nil, model.NewAppError("CreateOutgoingWebhook", "app.webhooks.save_outgoing.app_error", nil, err.Error(), http.StatusInternalServerError) 496 } 497 } 498 499 return webhook, nil 500 } 501 502 func (a *App) UpdateOutgoingWebhook(oldHook, updatedHook *model.OutgoingWebhook) (*model.OutgoingWebhook, *model.AppError) { 503 if !*a.Config().ServiceSettings.EnableOutgoingWebhooks { 504 return nil, model.NewAppError("UpdateOutgoingWebhook", "api.outgoing_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 505 } 506 507 if len(updatedHook.ChannelId) > 0 { 508 channel, err := a.GetChannel(updatedHook.ChannelId) 509 if err != nil { 510 return nil, err 511 } 512 513 if channel.Type != model.CHANNEL_OPEN { 514 return nil, model.NewAppError("UpdateOutgoingWebhook", "api.webhook.create_outgoing.not_open.app_error", nil, "", http.StatusForbidden) 515 } 516 517 if channel.TeamId != oldHook.TeamId { 518 return nil, model.NewAppError("UpdateOutgoingWebhook", "api.webhook.create_outgoing.permissions.app_error", nil, "", http.StatusForbidden) 519 } 520 } else if len(updatedHook.TriggerWords) == 0 { 521 return nil, model.NewAppError("UpdateOutgoingWebhook", "api.webhook.create_outgoing.triggers.app_error", nil, "", http.StatusInternalServerError) 522 } 523 524 allHooks, err := a.Srv().Store.Webhook().GetOutgoingByTeam(oldHook.TeamId, -1, -1) 525 if err != nil { 526 return nil, model.NewAppError("UpdateOutgoingWebhook", "app.webhooks.get_outgoing_by_team.app_error", nil, err.Error(), http.StatusInternalServerError) 527 } 528 529 for _, existingOutHook := range allHooks { 530 urlIntersect := utils.StringArrayIntersection(existingOutHook.CallbackURLs, updatedHook.CallbackURLs) 531 triggerIntersect := utils.StringArrayIntersection(existingOutHook.TriggerWords, updatedHook.TriggerWords) 532 533 if existingOutHook.ChannelId == updatedHook.ChannelId && len(urlIntersect) != 0 && len(triggerIntersect) != 0 && existingOutHook.Id != updatedHook.Id { 534 return nil, model.NewAppError("UpdateOutgoingWebhook", "api.webhook.update_outgoing.intersect.app_error", nil, "", http.StatusBadRequest) 535 } 536 } 537 538 updatedHook.CreatorId = oldHook.CreatorId 539 updatedHook.CreateAt = oldHook.CreateAt 540 updatedHook.DeleteAt = oldHook.DeleteAt 541 updatedHook.TeamId = oldHook.TeamId 542 updatedHook.UpdateAt = model.GetMillis() 543 544 webhook, err := a.Srv().Store.Webhook().UpdateOutgoing(updatedHook) 545 if err != nil { 546 return nil, model.NewAppError("UpdateOutgoingWebhook", "app.webhooks.update_outgoing.app_error", nil, err.Error(), http.StatusInternalServerError) 547 } 548 549 return webhook, nil 550 } 551 552 func (a *App) GetOutgoingWebhook(hookId string) (*model.OutgoingWebhook, *model.AppError) { 553 if !*a.Config().ServiceSettings.EnableOutgoingWebhooks { 554 return nil, model.NewAppError("GetOutgoingWebhook", "api.outgoing_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 555 } 556 557 webhook, err := a.Srv().Store.Webhook().GetOutgoing(hookId) 558 if err != nil { 559 var nfErr *store.ErrNotFound 560 switch { 561 case errors.As(err, &nfErr): 562 return nil, model.NewAppError("GetOutgoingWebhook", "app.webhooks.get_outgoing.app_error", nil, nfErr.Error(), http.StatusNotFound) 563 default: 564 return nil, model.NewAppError("GetOutgoingWebhook", "app.webhooks.get_outgoing.app_error", nil, err.Error(), http.StatusInternalServerError) 565 } 566 } 567 568 return webhook, nil 569 } 570 571 func (a *App) GetOutgoingWebhooksPage(page, perPage int) ([]*model.OutgoingWebhook, *model.AppError) { 572 return a.GetOutgoingWebhooksPageByUser("", page, perPage) 573 } 574 575 func (a *App) GetOutgoingWebhooksPageByUser(userId string, page, perPage int) ([]*model.OutgoingWebhook, *model.AppError) { 576 if !*a.Config().ServiceSettings.EnableOutgoingWebhooks { 577 return nil, model.NewAppError("GetOutgoingWebhooksPageByUser", "api.outgoing_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 578 } 579 580 webhooks, err := a.Srv().Store.Webhook().GetOutgoingListByUser(userId, page*perPage, perPage) 581 if err != nil { 582 return nil, model.NewAppError("GetOutgoingWebhooksPageByUser", "app.webhooks.get_outgoing_by_channel.app_error", nil, err.Error(), http.StatusInternalServerError) 583 } 584 585 return webhooks, nil 586 } 587 588 func (a *App) GetOutgoingWebhooksForChannelPageByUser(channelId string, userId string, page, perPage int) ([]*model.OutgoingWebhook, *model.AppError) { 589 if !*a.Config().ServiceSettings.EnableOutgoingWebhooks { 590 return nil, model.NewAppError("GetOutgoingWebhooksForChannelPage", "api.outgoing_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 591 } 592 593 webhooks, err := a.Srv().Store.Webhook().GetOutgoingByChannelByUser(channelId, userId, page*perPage, perPage) 594 if err != nil { 595 return nil, model.NewAppError("GetOutgoingWebhooksForChannelPage", "app.webhooks.get_outgoing_by_channel.app_error", nil, err.Error(), http.StatusInternalServerError) 596 } 597 598 return webhooks, nil 599 } 600 601 func (a *App) GetOutgoingWebhooksForTeamPage(teamId string, page, perPage int) ([]*model.OutgoingWebhook, *model.AppError) { 602 return a.GetOutgoingWebhooksForTeamPageByUser(teamId, "", page, perPage) 603 } 604 605 func (a *App) GetOutgoingWebhooksForTeamPageByUser(teamId string, userId string, page, perPage int) ([]*model.OutgoingWebhook, *model.AppError) { 606 if !*a.Config().ServiceSettings.EnableOutgoingWebhooks { 607 return nil, model.NewAppError("GetOutgoingWebhooksForTeamPageByUser", "api.outgoing_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 608 } 609 610 webhooks, err := a.Srv().Store.Webhook().GetOutgoingByTeamByUser(teamId, userId, page*perPage, perPage) 611 if err != nil { 612 return nil, model.NewAppError("GetOutgoingWebhooksForTeamPageByUser", "app.webhooks.get_outgoing_by_team.app_error", nil, err.Error(), http.StatusInternalServerError) 613 } 614 615 return webhooks, nil 616 } 617 618 func (a *App) DeleteOutgoingWebhook(hookId string) *model.AppError { 619 if !*a.Config().ServiceSettings.EnableOutgoingWebhooks { 620 return model.NewAppError("DeleteOutgoingWebhook", "api.outgoing_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 621 } 622 623 if err := a.Srv().Store.Webhook().DeleteOutgoing(hookId, model.GetMillis()); err != nil { 624 return model.NewAppError("DeleteOutgoingWebhook", "app.webhooks.delete_outgoing.app_error", nil, err.Error(), http.StatusInternalServerError) 625 } 626 627 return nil 628 } 629 630 func (a *App) RegenOutgoingWebhookToken(hook *model.OutgoingWebhook) (*model.OutgoingWebhook, *model.AppError) { 631 if !*a.Config().ServiceSettings.EnableOutgoingWebhooks { 632 return nil, model.NewAppError("RegenOutgoingWebhookToken", "api.outgoing_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 633 } 634 635 hook.Token = model.NewId() 636 637 webhook, err := a.Srv().Store.Webhook().UpdateOutgoing(hook) 638 if err != nil { 639 return nil, model.NewAppError("RegenOutgoingWebhookToken", "app.webhooks.update_outgoing.app_error", nil, err.Error(), http.StatusInternalServerError) 640 } 641 642 return webhook, nil 643 } 644 645 func (a *App) HandleIncomingWebhook(hookId string, req *model.IncomingWebhookRequest) *model.AppError { 646 if !*a.Config().ServiceSettings.EnableIncomingWebhooks { 647 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.disabled.app_error", nil, "", http.StatusNotImplemented) 648 } 649 650 hchan := make(chan store.StoreResult, 1) 651 go func() { 652 webhook, err := a.Srv().Store.Webhook().GetIncoming(hookId, true) 653 hchan <- store.StoreResult{Data: webhook, NErr: err} 654 close(hchan) 655 }() 656 657 if req == nil { 658 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.parse.app_error", nil, "", http.StatusBadRequest) 659 } 660 661 text := req.Text 662 if len(text) == 0 && req.Attachments == nil { 663 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.text.app_error", nil, "", http.StatusBadRequest) 664 } 665 666 channelName := req.ChannelName 667 webhookType := req.Type 668 669 var hook *model.IncomingWebhook 670 if result := <-hchan; result.NErr != nil { 671 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.invalid.app_error", nil, result.NErr.Error(), http.StatusBadRequest) 672 } else { 673 hook = result.Data.(*model.IncomingWebhook) 674 } 675 676 uchan := make(chan store.StoreResult, 1) 677 go func() { 678 user, err := a.Srv().Store.User().Get(hook.UserId) 679 uchan <- store.StoreResult{Data: user, Err: err} 680 close(uchan) 681 }() 682 683 if len(req.Props) == 0 { 684 req.Props = make(model.StringInterface) 685 } 686 687 req.Props["webhook_display_name"] = hook.DisplayName 688 689 text = a.ProcessSlackText(text) 690 req.Attachments = a.ProcessSlackAttachments(req.Attachments) 691 // attachments is in here for slack compatibility 692 if len(req.Attachments) > 0 { 693 req.Props["attachments"] = req.Attachments 694 webhookType = model.POST_SLACK_ATTACHMENT 695 } 696 697 var channel *model.Channel 698 var cchan chan store.StoreResult 699 700 if len(channelName) != 0 { 701 if channelName[0] == '@' { 702 if result, err := a.Srv().Store.User().GetByUsername(channelName[1:]); err != nil { 703 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.user.app_error", nil, "err="+err.Message, http.StatusBadRequest) 704 } else { 705 if ch, err := a.GetOrCreateDirectChannel(hook.UserId, result.Id); err != nil { 706 return err 707 } else { 708 channel = ch 709 } 710 } 711 } else if channelName[0] == '#' { 712 cchan = make(chan store.StoreResult, 1) 713 go func() { 714 chnn, chnnErr := a.Srv().Store.Channel().GetByName(hook.TeamId, channelName[1:], true) 715 cchan <- store.StoreResult{Data: chnn, NErr: chnnErr} 716 close(cchan) 717 }() 718 } else { 719 cchan = make(chan store.StoreResult, 1) 720 go func() { 721 chnn, chnnErr := a.Srv().Store.Channel().GetByName(hook.TeamId, channelName, true) 722 cchan <- store.StoreResult{Data: chnn, NErr: chnnErr} 723 close(cchan) 724 }() 725 } 726 } else { 727 var err error 728 channel, err = a.Srv().Store.Channel().Get(hook.ChannelId, true) 729 if err != nil { 730 var nfErr *store.ErrNotFound 731 switch { 732 case errors.As(err, &nfErr): 733 return model.NewAppError("HandleIncomingWebhook", "app.channel.get.existing.app_error", nil, nfErr.Error(), http.StatusNotFound) 734 default: 735 return model.NewAppError("HandleIncomingWebhook", "app.channel.get.find.app_error", nil, err.Error(), http.StatusInternalServerError) 736 } 737 } 738 } 739 740 if channel == nil { 741 result := <-cchan 742 if result.NErr != nil { 743 var nfErr *store.ErrNotFound 744 switch { 745 case errors.As(result.NErr, &nfErr): 746 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.channel.app_error", nil, nfErr.Error(), http.StatusNotFound) 747 default: 748 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.channel.app_error", nil, result.NErr.Error(), http.StatusInternalServerError) 749 } 750 } else { 751 channel = result.Data.(*model.Channel) 752 } 753 } 754 755 if hook.ChannelLocked && hook.ChannelId != channel.Id { 756 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.channel_locked.app_error", nil, "", http.StatusForbidden) 757 } 758 759 var user *model.User 760 if result := <-uchan; result.Err != nil { 761 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.user.app_error", nil, "err="+result.Err.Message, http.StatusForbidden) 762 } else { 763 user = result.Data.(*model.User) 764 } 765 766 if a.Srv().License() != nil && *a.Config().TeamSettings.ExperimentalTownSquareIsReadOnly && 767 channel.Name == model.DEFAULT_CHANNEL && !a.RolesGrantPermission(user.GetRoles(), model.PERMISSION_MANAGE_SYSTEM.Id) { 768 return model.NewAppError("HandleIncomingWebhook", "api.post.create_post.town_square_read_only", nil, "", http.StatusForbidden) 769 } 770 771 if channel.Type != model.CHANNEL_OPEN && !a.HasPermissionToChannel(hook.UserId, channel.Id, model.PERMISSION_READ_CHANNEL) { 772 return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.permissions.app_error", nil, "", http.StatusForbidden) 773 } 774 775 overrideUsername := hook.Username 776 if req.Username != "" { 777 overrideUsername = req.Username 778 } 779 780 overrideIconUrl := hook.IconURL 781 if req.IconURL != "" { 782 overrideIconUrl = req.IconURL 783 } 784 785 _, err := a.CreateWebhookPost(hook.UserId, channel, text, overrideUsername, overrideIconUrl, req.IconEmoji, req.Props, webhookType, "") 786 return err 787 } 788 789 func (a *App) CreateCommandWebhook(commandId string, args *model.CommandArgs) (*model.CommandWebhook, *model.AppError) { 790 hook := &model.CommandWebhook{ 791 CommandId: commandId, 792 UserId: args.UserId, 793 ChannelId: args.ChannelId, 794 RootId: args.RootId, 795 ParentId: args.ParentId, 796 } 797 798 savedHook, err := a.Srv().Store.CommandWebhook().Save(hook) 799 if err != nil { 800 var invErr *store.ErrInvalidInput 801 var appErr *model.AppError 802 switch { 803 case errors.As(err, &invErr): 804 return nil, model.NewAppError("CreateCommandWebhook", "app.command_webhook.create_command_webhook.existing", nil, invErr.Error(), http.StatusBadRequest) 805 case errors.As(err, &appErr): 806 return nil, appErr 807 default: 808 return nil, model.NewAppError("CreateCommandWebhook", "app.command_webhook.create_command_webhook.internal_error", nil, err.Error(), http.StatusInternalServerError) 809 } 810 811 } 812 return savedHook, nil 813 } 814 815 func (a *App) HandleCommandWebhook(hookId string, response *model.CommandResponse) *model.AppError { 816 if response == nil { 817 return model.NewAppError("HandleCommandWebhook", "app.command_webhook.handle_command_webhook.parse", nil, "", http.StatusBadRequest) 818 } 819 820 hook, nErr := a.Srv().Store.CommandWebhook().Get(hookId) 821 if nErr != nil { 822 var nfErr *store.ErrNotFound 823 switch { 824 case errors.As(nErr, &nfErr): 825 return model.NewAppError("HandleCommandWebhook", "app.command_webhook.get.missing", map[string]interface{}{"hook_id": hookId}, nfErr.Error(), http.StatusNotFound) 826 default: 827 return model.NewAppError("HandleCommandWebhook", "app.command_webhook.get.internal_error", nil, nErr.Error(), http.StatusInternalServerError) 828 } 829 } 830 831 cmd, cmdErr := a.Srv().Store.Command().Get(hook.CommandId) 832 if cmdErr != nil { 833 var appErr *model.AppError 834 switch { 835 case errors.As(cmdErr, &appErr): 836 return appErr 837 default: 838 return model.NewAppError("HandleCommandWebhook", "web.command_webhook.command.app_error", nil, "err="+cmdErr.Error(), http.StatusBadRequest) 839 } 840 } 841 842 args := &model.CommandArgs{ 843 UserId: hook.UserId, 844 ChannelId: hook.ChannelId, 845 TeamId: cmd.TeamId, 846 RootId: hook.RootId, 847 ParentId: hook.ParentId, 848 } 849 850 if nErr := a.Srv().Store.CommandWebhook().TryUse(hook.Id, 5); nErr != nil { 851 var invErr *store.ErrInvalidInput 852 switch { 853 case errors.As(nErr, &invErr): 854 return model.NewAppError("HandleCommandWebhook", "app.command_webhook.try_use.invalid", nil, invErr.Error(), http.StatusBadRequest) 855 default: 856 return model.NewAppError("HandleCommandWebhook", "app.command_webhook.try_use.internal_error", nil, nErr.Error(), http.StatusInternalServerError) 857 } 858 } 859 860 _, err := a.HandleCommandResponse(cmd, args, response, false) 861 return err 862 }