From a263e79e390c9176010adaf5278052caee1e6ede Mon Sep 17 00:00:00 2001 From: Alejandro Alonso Date: Wed, 27 Jan 2016 12:48:38 +0100 Subject: [PATCH] Controlling blocked projects for github, gitlab and bitbucket hooks --- taiga/hooks/api.py | 3 +++ tests/integration/test_hooks_bitbucket.py | 21 +++++++++++++++++++++ tests/integration/test_hooks_github.py | 19 +++++++++++++++++++ tests/integration/test_hooks_gitlab.py | 21 +++++++++++++++++++++ 4 files changed, 64 insertions(+) diff --git a/taiga/hooks/api.py b/taiga/hooks/api.py index e2aea495..6590832e 100644 --- a/taiga/hooks/api.py +++ b/taiga/hooks/api.py @@ -64,6 +64,9 @@ class BaseWebhookApiViewSet(GenericViewSet): if not self._validate_signature(project, request): raise exc.BadRequest(_("Bad signature")) + if project.blocked_code is not None: + raise exc.Blocked(_("Blocked element")) + event_name = self._get_event_name(request) payload = self._get_payload(request) diff --git a/tests/integration/test_hooks_bitbucket.py b/tests/integration/test_hooks_bitbucket.py index 1dbf8ea2..f31a674d 100644 --- a/tests/integration/test_hooks_bitbucket.py +++ b/tests/integration/test_hooks_bitbucket.py @@ -11,6 +11,7 @@ from taiga.base.utils import json from taiga.hooks.bitbucket import event_hooks from taiga.hooks.bitbucket.api import BitBucketViewSet from taiga.hooks.exceptions import ActionSyntaxException +from taiga.projects import choices as project_choices from taiga.projects.issues.models import Issue from taiga.projects.tasks.models import Task from taiga.projects.userstories.models import UserStory @@ -80,6 +81,26 @@ def test_ok_signature_ip_in_network(client): assert response.status_code == 204 +def test_blocked_project(client): + project = f.ProjectFactory(blocked_code=project_choices.BLOCKED_BY_STAFF) + f.ProjectModulesConfigFactory(project=project, config={ + "bitbucket": { + "secret": "tpnIwJDz4e" + } + }) + + url = reverse("bitbucket-hook-list") + url = "{}?project={}&key={}".format(url, project.id, "tpnIwJDz4e") + data = json.dumps({"push": {"changes": [{"new": {"target": { "message": "test message"}}}]}}) + response = client.post(url, + data, + content_type="application/json", + HTTP_X_EVENT_KEY="repo:push", + REMOTE_ADDR=settings.BITBUCKET_VALID_ORIGIN_IPS[0]) + + assert response.status_code == 451 + + def test_invalid_ip(client): project = f.ProjectFactory() f.ProjectModulesConfigFactory(project=project, config={ diff --git a/tests/integration/test_hooks_github.py b/tests/integration/test_hooks_github.py index 5b832643..06133ac2 100644 --- a/tests/integration/test_hooks_github.py +++ b/tests/integration/test_hooks_github.py @@ -9,6 +9,7 @@ from taiga.base.utils import json from taiga.hooks.github import event_hooks from taiga.hooks.github.api import GitHubViewSet from taiga.hooks.exceptions import ActionSyntaxException +from taiga.projects import choices as project_choices from taiga.projects.issues.models import Issue from taiga.projects.tasks.models import Task from taiga.projects.userstories.models import UserStory @@ -53,6 +54,24 @@ def test_ok_signature(client): assert response.status_code == 204 +def test_blocked_project(client): + project = f.ProjectFactory(blocked_code=project_choices.BLOCKED_BY_STAFF) + f.ProjectModulesConfigFactory(project=project, config={ + "github": { + "secret": "tpnIwJDz4e" + } + }) + + url = reverse("github-hook-list") + url = "%s?project=%s" % (url, project.id) + data = {"test:": "data"} + response = client.post(url, json.dumps(data), + HTTP_X_HUB_SIGNATURE="sha1=3c8e83fdaa266f81c036ea0b71e98eb5e054581a", + content_type="application/json") + + assert response.status_code == 451 + + def test_push_event_detected(client): project = f.ProjectFactory() url = reverse("github-hook-list") diff --git a/tests/integration/test_hooks_gitlab.py b/tests/integration/test_hooks_gitlab.py index cc2f8e66..de53bff6 100644 --- a/tests/integration/test_hooks_gitlab.py +++ b/tests/integration/test_hooks_gitlab.py @@ -9,6 +9,7 @@ from taiga.base.utils import json from taiga.hooks.gitlab import event_hooks from taiga.hooks.gitlab.api import GitLabViewSet from taiga.hooks.exceptions import ActionSyntaxException +from taiga.projects import choices as project_choices from taiga.projects.issues.models import Issue from taiga.projects.tasks.models import Task from taiga.projects.userstories.models import UserStory @@ -79,6 +80,26 @@ def test_ok_signature_ip_in_network(client): assert response.status_code == 204 +def test_blocked_project(client): + project = f.ProjectFactory(blocked_code=project_choices.BLOCKED_BY_STAFF) + f.ProjectModulesConfigFactory(project=project, config={ + "gitlab": { + "secret": "tpnIwJDz4e", + "valid_origin_ips": ["111.111.111.111"], + } + }) + + url = reverse("gitlab-hook-list") + url = "{}?project={}&key={}".format(url, project.id, "tpnIwJDz4e") + data = {"test:": "data"} + response = client.post(url, + json.dumps(data), + content_type="application/json", + REMOTE_ADDR="111.111.111.111") + + assert response.status_code == 451 + + def test_invalid_ip(client): project = f.ProjectFactory() f.ProjectModulesConfigFactory(project=project, config={