2017-08-16 21:37:37 +00:00
|
|
|
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
|
2016-04-10 21:39:38 +00:00
|
|
|
// See License.txt for license information.
|
|
|
|
|
|
|
|
|
|
package model
|
|
|
|
|
|
|
|
|
|
import (
|
2016-06-23 18:28:05 +00:00
|
|
|
"bytes"
|
2016-04-10 21:39:38 +00:00
|
|
|
"encoding/json"
|
|
|
|
|
"io"
|
2017-08-16 21:37:37 +00:00
|
|
|
"net/http"
|
2016-06-23 18:28:05 +00:00
|
|
|
"regexp"
|
2016-04-10 21:39:38 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
DEFAULT_WEBHOOK_USERNAME = "webhook"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type IncomingWebhook struct {
|
2018-11-18 17:55:05 +00:00
|
|
|
Id string `json:"id"`
|
|
|
|
|
CreateAt int64 `json:"create_at"`
|
|
|
|
|
UpdateAt int64 `json:"update_at"`
|
|
|
|
|
DeleteAt int64 `json:"delete_at"`
|
|
|
|
|
UserId string `json:"user_id"`
|
|
|
|
|
ChannelId string `json:"channel_id"`
|
|
|
|
|
TeamId string `json:"team_id"`
|
|
|
|
|
DisplayName string `json:"display_name"`
|
|
|
|
|
Description string `json:"description"`
|
|
|
|
|
Username string `json:"username"`
|
|
|
|
|
IconURL string `json:"icon_url"`
|
|
|
|
|
ChannelLocked bool `json:"channel_locked"`
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type IncomingWebhookRequest struct {
|
2017-03-25 20:04:10 +00:00
|
|
|
Text string `json:"text"`
|
|
|
|
|
Username string `json:"username"`
|
|
|
|
|
IconURL string `json:"icon_url"`
|
|
|
|
|
ChannelName string `json:"channel"`
|
|
|
|
|
Props StringInterface `json:"props"`
|
|
|
|
|
Attachments []*SlackAttachment `json:"attachments"`
|
|
|
|
|
Type string `json:"type"`
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (o *IncomingWebhook) ToJson() string {
|
2018-11-18 17:55:05 +00:00
|
|
|
b, _ := json.Marshal(o)
|
|
|
|
|
return string(b)
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func IncomingWebhookFromJson(data io.Reader) *IncomingWebhook {
|
2018-11-18 17:55:05 +00:00
|
|
|
var o *IncomingWebhook
|
|
|
|
|
json.NewDecoder(data).Decode(&o)
|
|
|
|
|
return o
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func IncomingWebhookListToJson(l []*IncomingWebhook) string {
|
2018-11-18 17:55:05 +00:00
|
|
|
b, _ := json.Marshal(l)
|
|
|
|
|
return string(b)
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func IncomingWebhookListFromJson(data io.Reader) []*IncomingWebhook {
|
|
|
|
|
var o []*IncomingWebhook
|
2018-11-18 17:55:05 +00:00
|
|
|
json.NewDecoder(data).Decode(&o)
|
|
|
|
|
return o
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (o *IncomingWebhook) IsValid() *AppError {
|
|
|
|
|
|
|
|
|
|
if len(o.Id) != 26 {
|
2017-08-16 21:37:37 +00:00
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.id.app_error", nil, "", http.StatusBadRequest)
|
|
|
|
|
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if o.CreateAt == 0 {
|
2017-08-16 21:37:37 +00:00
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.create_at.app_error", nil, "id="+o.Id, http.StatusBadRequest)
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if o.UpdateAt == 0 {
|
2017-08-16 21:37:37 +00:00
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.update_at.app_error", nil, "id="+o.Id, http.StatusBadRequest)
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(o.UserId) != 26 {
|
2017-08-16 21:37:37 +00:00
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.user_id.app_error", nil, "", http.StatusBadRequest)
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(o.ChannelId) != 26 {
|
2017-08-16 21:37:37 +00:00
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.channel_id.app_error", nil, "", http.StatusBadRequest)
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(o.TeamId) != 26 {
|
2017-08-16 21:37:37 +00:00
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.team_id.app_error", nil, "", http.StatusBadRequest)
|
2016-04-10 21:39:38 +00:00
|
|
|
}
|
|
|
|
|
|
2016-05-15 21:02:30 +00:00
|
|
|
if len(o.DisplayName) > 64 {
|
2017-08-16 21:37:37 +00:00
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.display_name.app_error", nil, "", http.StatusBadRequest)
|
2016-05-15 21:02:30 +00:00
|
|
|
}
|
|
|
|
|
|
2018-11-18 17:55:05 +00:00
|
|
|
if len(o.Description) > 500 {
|
2017-08-16 21:37:37 +00:00
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.description.app_error", nil, "", http.StatusBadRequest)
|
2016-05-15 21:02:30 +00:00
|
|
|
}
|
|
|
|
|
|
2018-02-08 23:11:04 +00:00
|
|
|
if len(o.Username) > 64 {
|
|
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.username.app_error", nil, "", http.StatusBadRequest)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(o.IconURL) > 1024 {
|
|
|
|
|
return NewAppError("IncomingWebhook.IsValid", "model.incoming_hook.icon_url.app_error", nil, "", http.StatusBadRequest)
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-10 21:39:38 +00:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (o *IncomingWebhook) PreSave() {
|
|
|
|
|
if o.Id == "" {
|
|
|
|
|
o.Id = NewId()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
o.CreateAt = GetMillis()
|
|
|
|
|
o.UpdateAt = o.CreateAt
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (o *IncomingWebhook) PreUpdate() {
|
|
|
|
|
o.UpdateAt = GetMillis()
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-23 18:28:05 +00:00
|
|
|
// escapeControlCharsFromPayload escapes control chars (\n, \t) from a byte slice.
|
|
|
|
|
// Context:
|
|
|
|
|
// JSON strings are not supposed to contain control characters such as \n, \t,
|
|
|
|
|
// ... but some incoming webhooks might still send invalid JSON and we want to
|
|
|
|
|
// try to handle that. An example invalid JSON string from an incoming webhook
|
|
|
|
|
// might look like this (strings for both "text" and "fallback" attributes are
|
|
|
|
|
// invalid JSON strings because they contain unescaped newlines and tabs):
|
|
|
|
|
// `{
|
|
|
|
|
// "text": "this is a test
|
|
|
|
|
// that contains a newline and tabs",
|
|
|
|
|
// "attachments": [
|
|
|
|
|
// {
|
|
|
|
|
// "fallback": "Required plain-text summary of the attachment
|
|
|
|
|
// that contains a newline and tabs",
|
|
|
|
|
// "color": "#36a64f",
|
|
|
|
|
// ...
|
|
|
|
|
// "text": "Optional text that appears within the attachment
|
|
|
|
|
// that contains a newline and tabs",
|
|
|
|
|
// ...
|
|
|
|
|
// "thumb_url": "http://example.com/path/to/thumb.png"
|
|
|
|
|
// }
|
|
|
|
|
// ]
|
|
|
|
|
// }`
|
|
|
|
|
// This function will search for `"key": "value"` pairs, and escape \n, \t
|
|
|
|
|
// from the value.
|
|
|
|
|
func escapeControlCharsFromPayload(by []byte) []byte {
|
|
|
|
|
// we'll search for `"text": "..."` or `"fallback": "..."`, ...
|
|
|
|
|
keys := "text|fallback|pretext|author_name|title|value"
|
|
|
|
|
|
|
|
|
|
// the regexp reads like this:
|
|
|
|
|
// (?s): this flag let . match \n (default is false)
|
|
|
|
|
// "(keys)": we search for the keys defined above
|
|
|
|
|
// \s*:\s*: followed by 0..n spaces/tabs, a colon then 0..n spaces/tabs
|
|
|
|
|
// ": a double-quote
|
|
|
|
|
// (\\"|[^"])*: any number of times the `\"` string or any char but a double-quote
|
|
|
|
|
// ": a double-quote
|
|
|
|
|
r := `(?s)"(` + keys + `)"\s*:\s*"(\\"|[^"])*"`
|
|
|
|
|
re := regexp.MustCompile(r)
|
|
|
|
|
|
|
|
|
|
// the function that will escape \n and \t on the regexp matches
|
|
|
|
|
repl := func(b []byte) []byte {
|
|
|
|
|
if bytes.Contains(b, []byte("\n")) {
|
|
|
|
|
b = bytes.Replace(b, []byte("\n"), []byte("\\n"), -1)
|
|
|
|
|
}
|
|
|
|
|
if bytes.Contains(b, []byte("\t")) {
|
|
|
|
|
b = bytes.Replace(b, []byte("\t"), []byte("\\t"), -1)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return b
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return re.ReplaceAllFunc(by, repl)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func decodeIncomingWebhookRequest(by []byte) (*IncomingWebhookRequest, error) {
|
|
|
|
|
decoder := json.NewDecoder(bytes.NewReader(by))
|
2016-04-10 21:39:38 +00:00
|
|
|
var o IncomingWebhookRequest
|
|
|
|
|
err := decoder.Decode(&o)
|
|
|
|
|
if err == nil {
|
2016-06-23 18:28:05 +00:00
|
|
|
return &o, nil
|
2016-04-10 21:39:38 +00:00
|
|
|
} else {
|
2016-06-23 18:28:05 +00:00
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-08 23:11:04 +00:00
|
|
|
func IncomingWebhookRequestFromJson(data io.Reader) (*IncomingWebhookRequest, *AppError) {
|
2016-06-23 18:28:05 +00:00
|
|
|
buf := new(bytes.Buffer)
|
|
|
|
|
buf.ReadFrom(data)
|
|
|
|
|
by := buf.Bytes()
|
|
|
|
|
|
|
|
|
|
// Try to decode the JSON data. Only if it fails, try to escape control
|
|
|
|
|
// characters from the strings contained in the JSON data.
|
|
|
|
|
o, err := decodeIncomingWebhookRequest(by)
|
|
|
|
|
if err != nil {
|
|
|
|
|
o, err = decodeIncomingWebhookRequest(escapeControlCharsFromPayload(by))
|
|
|
|
|
if err != nil {
|
2018-11-18 17:55:05 +00:00
|
|
|
return nil, NewAppError("IncomingWebhookRequestFromJson", "model.incoming_hook.parse_data.app_error", nil, err.Error(), http.StatusBadRequest)
|
2016-06-23 18:28:05 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-08 23:11:04 +00:00
|
|
|
o.Attachments = StringifySlackFieldValue(o.Attachments)
|
2016-06-23 18:28:05 +00:00
|
|
|
|
2018-02-08 23:11:04 +00:00
|
|
|
return o, nil
|
2016-06-23 18:28:05 +00:00
|
|
|
}
|
2018-11-18 17:55:05 +00:00
|
|
|
|
|
|
|
|
func (o *IncomingWebhookRequest) ToJson() string {
|
|
|
|
|
b, err := json.Marshal(o)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ""
|
|
|
|
|
} else {
|
|
|
|
|
return string(b)
|
|
|
|
|
}
|
|
|
|
|
}
|
