mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6771 Commits
17 Branches
Tree: v1.12.2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'v1.12.2'
${ noResults }
gitea/modules/webhook/webhook.go

webhook.go 5.3KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206 
  1. // Copyright 2019 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package webhook

  6. 

  7. import (

  8. 	"crypto/hmac"

  9. 	"crypto/sha256"

  10. 	"encoding/hex"

  11. 	"fmt"

  12. 	"strings"

  13. 

  14. 	"code.gitea.io/gitea/models"

  15. 	"code.gitea.io/gitea/modules/git"

  16. 	"code.gitea.io/gitea/modules/log"

  17. 	"code.gitea.io/gitea/modules/setting"

  18. 	api "code.gitea.io/gitea/modules/structs"

  19. 	"code.gitea.io/gitea/modules/sync"

  20. 	"github.com/gobwas/glob"

  21. )

  22. 

  23. // hookQueue is a global queue of web hooks

  24. var hookQueue = sync.NewUniqueQueue(setting.Webhook.QueueLength)

  25. 

  26. // getPayloadBranch returns branch for hook event, if applicable.

  27. func getPayloadBranch(p api.Payloader) string {

  28. 	switch pp := p.(type) {

  29. 	case *api.CreatePayload:

  30. 		if pp.RefType == "branch" {

  31. 			return pp.Ref

  32. 		}

  33. 	case *api.DeletePayload:

  34. 		if pp.RefType == "branch" {

  35. 			return pp.Ref

  36. 		}

  37. 	case *api.PushPayload:

  38. 		if strings.HasPrefix(pp.Ref, git.BranchPrefix) {

  39. 			return pp.Ref[len(git.BranchPrefix):]

  40. 		}

  41. 	}

  42. 	return ""

  43. }

  44. 

  45. // PrepareWebhook adds special webhook to task queue for given payload.

  46. func PrepareWebhook(w *models.Webhook, repo *models.Repository, event models.HookEventType, p api.Payloader) error {

  47. 	if err := prepareWebhook(w, repo, event, p); err != nil {

  48. 		return err

  49. 	}

  50. 

  51. 	go hookQueue.Add(repo.ID)

  52. 	return nil

  53. }

  54. 

  55. func checkBranch(w *models.Webhook, branch string) bool {

  56. 	if w.BranchFilter == "" || w.BranchFilter == "*" {

  57. 		return true

  58. 	}

  59. 

  60. 	g, err := glob.Compile(w.BranchFilter)

  61. 	if err != nil {

  62. 		// should not really happen as BranchFilter is validated

  63. 		log.Error("CheckBranch failed: %s", err)

  64. 		return false

  65. 	}

  66. 

  67. 	return g.Match(branch)

  68. }

  69. 

  70. func prepareWebhook(w *models.Webhook, repo *models.Repository, event models.HookEventType, p api.Payloader) error {

  71. 	for _, e := range w.EventCheckers() {

  72. 		if event == e.Type {

  73. 			if !e.Has() {

  74. 				return nil

  75. 			}

  76. 		}

  77. 	}

  78. 

  79. 	// If payload has no associated branch (e.g. it's a new tag, issue, etc.),

  80. 	// branch filter has no effect.

  81. 	if branch := getPayloadBranch(p); branch != "" {

  82. 		if !checkBranch(w, branch) {

  83. 			log.Info("Branch %q doesn't match branch filter %q, skipping", branch, w.BranchFilter)

  84. 			return nil

  85. 		}

  86. 	}

  87. 

  88. 	var payloader api.Payloader

  89. 	var err error

  90. 	// Use separate objects so modifications won't be made on payload on non-Gogs/Gitea type hooks.

  91. 	switch w.HookTaskType {

  92. 	case models.SLACK:

  93. 		payloader, err = GetSlackPayload(p, event, w.Meta)

  94. 		if err != nil {

  95. 			return fmt.Errorf("GetSlackPayload: %v", err)

  96. 		}

  97. 	case models.DISCORD:

  98. 		payloader, err = GetDiscordPayload(p, event, w.Meta)

  99. 		if err != nil {

  100. 			return fmt.Errorf("GetDiscordPayload: %v", err)

  101. 		}

  102. 	case models.DINGTALK:

  103. 		payloader, err = GetDingtalkPayload(p, event, w.Meta)

  104. 		if err != nil {

  105. 			return fmt.Errorf("GetDingtalkPayload: %v", err)

  106. 		}

  107. 	case models.TELEGRAM:

  108. 		payloader, err = GetTelegramPayload(p, event, w.Meta)

  109. 		if err != nil {

  110. 			return fmt.Errorf("GetTelegramPayload: %v", err)

  111. 		}

  112. 	case models.MSTEAMS:

  113. 		payloader, err = GetMSTeamsPayload(p, event, w.Meta)

  114. 		if err != nil {

  115. 			return fmt.Errorf("GetMSTeamsPayload: %v", err)

  116. 		}

  117. 	case models.FEISHU:

  118. 		payloader, err = GetFeishuPayload(p, event, w.Meta)

  119. 		if err != nil {

  120. 			return fmt.Errorf("GetFeishuPayload: %v", err)

  121. 		}

  122. 	case models.MATRIX:

  123. 		payloader, err = GetMatrixPayload(p, event, w.Meta)

  124. 		if err != nil {

  125. 			return fmt.Errorf("GetMatrixPayload: %v", err)

  126. 		}

  127. 	default:

  128. 		p.SetSecret(w.Secret)

  129. 		payloader = p

  130. 	}

  131. 

  132. 	var signature string

  133. 	if len(w.Secret) > 0 {

  134. 		data, err := payloader.JSONPayload()

  135. 		if err != nil {

  136. 			log.Error("prepareWebhooks.JSONPayload: %v", err)

  137. 		}

  138. 		sig := hmac.New(sha256.New, []byte(w.Secret))

  139. 		_, err = sig.Write(data)

  140. 		if err != nil {

  141. 			log.Error("prepareWebhooks.sigWrite: %v", err)

  142. 		}

  143. 		signature = hex.EncodeToString(sig.Sum(nil))

  144. 	}

  145. 

  146. 	if err = models.CreateHookTask(&models.HookTask{

  147. 		RepoID:      repo.ID,

  148. 		HookID:      w.ID,

  149. 		Type:        w.HookTaskType,

  150. 		URL:         w.URL,

  151. 		Signature:   signature,

  152. 		Payloader:   payloader,

  153. 		HTTPMethod:  w.HTTPMethod,

  154. 		ContentType: w.ContentType,

  155. 		EventType:   event,

  156. 		IsSSL:       w.IsSSL,

  157. 	}); err != nil {

  158. 		return fmt.Errorf("CreateHookTask: %v", err)

  159. 	}

  160. 	return nil

  161. }

  162. 

  163. // PrepareWebhooks adds new webhooks to task queue for given payload.

  164. func PrepareWebhooks(repo *models.Repository, event models.HookEventType, p api.Payloader) error {

  165. 	if err := prepareWebhooks(repo, event, p); err != nil {

  166. 		return err

  167. 	}

  168. 

  169. 	go hookQueue.Add(repo.ID)

  170. 	return nil

  171. }

  172. 

  173. func prepareWebhooks(repo *models.Repository, event models.HookEventType, p api.Payloader) error {

  174. 	ws, err := models.GetActiveWebhooksByRepoID(repo.ID)

  175. 	if err != nil {

  176. 		return fmt.Errorf("GetActiveWebhooksByRepoID: %v", err)

  177. 	}

  178. 

  179. 	// check if repo belongs to org and append additional webhooks

  180. 	if repo.MustOwner().IsOrganization() {

  181. 		// get hooks for org

  182. 		orgHooks, err := models.GetActiveWebhooksByOrgID(repo.OwnerID)

  183. 		if err != nil {

  184. 			return fmt.Errorf("GetActiveWebhooksByOrgID: %v", err)

  185. 		}

  186. 		ws = append(ws, orgHooks...)

  187. 	}

  188. 

  189. 	// Add any admin-defined system webhooks

  190. 	systemHooks, err := models.GetSystemWebhooks()

  191. 	if err != nil {

  192. 		return fmt.Errorf("GetSystemWebhooks: %v", err)

  193. 	}

  194. 	ws = append(ws, systemHooks...)

  195. 

  196. 	if len(ws) == 0 {

  197. 		return nil

  198. 	}

  199. 

  200. 	for _, w := range ws {

  201. 		if err = prepareWebhook(w, repo, event, p); err != nil {

  202. 			return err

  203. 		}

  204. 	}

  205. 	return nil

  206. }