webhooks/zapier: Support authentication for the Zapier Zulip app.

If the user sets up a Zap using an incoming webhook bot's API key, the authentication goes through our webhook.
2019-03-08 20:50:46 -03:30 · 2019-03-08 20:50:46 -03:30 · 222966b6ba
parent 7b6a37780a
commit 222966b6ba
3 changed files with 26 additions and 0 deletions
--- a/zerver/webhooks/zapier/fixtures/zapier_zulip_app_auth.json
+++ b/zerver/webhooks/zapier/fixtures/zapier_zulip_app_auth.json
@ -0,0 +1,3 @@
+{
+    "type": "auth"
+}
--- a/zerver/webhooks/zapier/tests.py
+++ b/zerver/webhooks/zapier/tests.py
@ -20,3 +20,17 @@ class ZapierHookTests(WebhookTestCase):
        expected_topic = u"Here is your weather update for the day:"
        expected_message = u"Foggy in the morning.\nMaximum temperature to be 24.\nMinimum temperature to be 12"
        self.send_and_test_stream_message('weather_update', expected_topic, expected_message)
+
+class ZapierZulipAppTests(WebhookTestCase):
+    STREAM_NAME = 'zapier'
+    URL_TEMPLATE = "/api/v1/external/zapier?api_key={api_key}&stream={stream}"
+    FIXTURE_DIR_NAME = 'zapier'
+
+    def test_auth(self) -> None:
+        payload = self.get_body('zapier_zulip_app_auth')
+        result = self.client_post(self.url, payload,
+                                  content_type='application/json')
+        json_result = self.assert_json_success(result)
+        self.assertEqual(json_result['full_name'], 'Zulip Webhook Bot')
+        self.assertEqual(json_result['email'], 'webhook-bot@zulip.com')
+        self.assertIn('id', json_result)
--- a/zerver/webhooks/zapier/view.py
+++ b/zerver/webhooks/zapier/view.py
@ -13,6 +13,15 @@ from zerver.models import UserProfile
@has_request_variables
 def api_zapier_webhook(request: HttpRequest, user_profile: UserProfile,
                       payload: Dict[str, Any]=REQ(argument_type='body')) -> HttpResponse:
+    if payload.get('type') == 'auth':
+        # The bot's details are used by our Zapier app to format a connection
+        # label for users to be able to distinguish between different Zulip
+        # bots and API keys in their UI
+        return json_success({
+            'full_name': user_profile.full_name,
+            'email': user_profile.email,
+            'id': user_profile.id
+        })

    topic = payload.get('topic')
    content = payload.get('content')