Commit Graph

20 Commits

Author SHA1 Message Date
Alex Vandiver cf6ebb9c8d webhooks: Rename api_key_only_webhook_view to webhook_view.
There are no other types of webhook views; this is more concise.
2020-09-10 17:47:21 -07:00
Steve Howell 6d65af1790 webhook tests: Remove needless get_body functions.
These all did essentially what the parent implementation
does, except for checking that it's valid json.
2020-08-24 12:34:46 -07:00
Steve Howell 388053db6b webhook tests: Rename main helper to check_webhook.
Almost all webhook tests use this helper, except a few
webhooks that write to private streams.

Being concise is important here, and the name
`self.send_and_test_stream_message` always confused
me, since it sounds you're sending a stream message,
and it leaves out the webhook piece.

We should consider renaming `send_and_test_private_message`
to something like `check_webhook_private`, but I couldn't
decide on a great name, and it's very rarely used.  So
for now I just made sure the docstrings of the two
sibling functions reference each other.
2020-08-24 12:34:46 -07:00
Anders Kaseorg 87f7874a79 CVE-2020-12759: Fix reflected XSS vulnerability in Dropbox webhook.
Also check the challenge argument’s presence before using it.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-16 22:46:16 -07:00
Mateusz Mandera 5b746b4128 docs: Add missing step to dropbox webhook instructions. 2020-06-05 10:21:25 -07:00
Anders Kaseorg c734bbd95d python: Modernize legacy Python 2 syntax with pyupgrade.
Generated by `pyupgrade --py3-plus --keep-percent-format` on all our
Python code except `zthumbor` and `zulip-ec2-configure-interfaces`,
followed by manual indentation fixes.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-09 16:43:22 -07:00
Tim Abbott c10cc24ee8 python: Sort webhooks imports with isort. 2020-01-14 13:07:47 -08:00
Anders Kaseorg e0cf3d0e76 zerver: Accept HEAD requests wherever GET requests are accepted.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-08-12 16:47:41 -07:00
Anders Kaseorg 39ac378220 webhooks: Remove unused imports.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-02-02 17:05:20 -08:00
Tim Abbott 2fb1e51d71 dropbox: Fix incorrect placement of notify_bot_owner_on_invalid_json.
This was an error I introduced in editing
b79213d260.
2018-11-20 18:45:43 -08:00
Eeshan Garg b79213d260 webhooks: Notify bot owner on invalid JSON.
There are only a handful of non-JSON webhooks that wouldn't
benefit from the notify_bot_owner_on_invalid_json feature.

Specifically, these are the webhooks where the third-party product
uses another format, whether it be HTML form-encoded, XML, or
something else.

Tweaked by tabbott to correc the list of excluded webhooks.
2018-11-20 15:59:09 -08:00
Steve Howell ced4d81856 Sweep tests for expected_subject -> expected_topic.
This is all in the webhooks tests, including some
docs for how to write those tests.
2018-11-12 15:47:11 -08:00
Yago González f6219745de users: Get all API keys via wrapper method.
Now reading API keys from a user is done with the get_api_key wrapper
method, rather than directly fetching it from the user object.

Also, every place where an action should be done for each API key is now
using get_all_api_keys. This method returns for the moment a single-item
list, containing the specified user's API key.

This commit is the first step towards allowing users have multiple API
keys.
2018-08-08 16:35:17 -07:00
Aditya Bansal 64ddfc6ac0 zerver/webhooks: Change use of typing.Text to str. 2018-05-10 14:19:49 -07:00
Preston Hansen e168f9938c tests: Refactor use of test and webhook data fixtures. 2018-04-19 21:50:29 -07:00
Eeshan Garg 8fbd8c68f4 webhooks: Update macros to specify custom topics and default PMs.
These changes are the result of migrating to
check_send_webhook_message.
2018-03-18 10:53:45 -07:00
Eeshan Garg 93678e89cd webhooks: Migrate 14 webhooks to use check_send_webhook_message.
These are the straightforward ones.

Note that there is a line in zerver.lib.test_classes.build_webhook_url
that lost test coverage. That's because most of our tests test using
stream messages so the webhook URLs being tested always have a query
parameter. So the line that accounts for there being no query
parameters never gets called, which is fine, but we should still
keep it.
2018-03-16 11:34:20 -07:00
Eeshan Garg fa1583bf45 webhooks/dropbox: Update text to conform to doc style guide. 2018-03-08 08:19:32 -08:00
Eeshan Garg 53ccbdcfd6 webhooks/dropbox: Update text and remove screenshots.
This commit modifies the text to:

1. Removes unnecessary screenshots.

2. Use the numbered-style format.

3. I also removed the instructions for generating an access token.
   I took a look at Dropbox's docs and you shouldn't need that
   for a webhook setup. The whole point behind a webhook is that
   one can get by without using OAuth.

4. Rearranges the instructions to only contain 4 steps. For
   uncomplicated instructions, that seems to be the ideal number.
2018-03-06 12:52:22 -08:00
Angelika Serwa 2f575cca72 Add Dropbox webhook integration.
This is just a basic Dropbox webhook integration. It just
notifies a user when something has changed, it does not
specify what changed. Doing so would require storing data,
as Dropbox API was created mainly for file managers, not
integrations like this.
Closes #5672
2017-12-22 10:36:21 -05:00