BookStack Code Mirror - bookstack/blob - tests/Actions/WebhookCallTest.php

1 <?php

3 namespace Tests\Actions;

5 use BookStack\Activity\ActivityType;

6 use BookStack\Activity\DispatchWebhookJob;

7 use BookStack\Activity\Models\Webhook;

8 use BookStack\Activity\Tools\ActivityLogger;

9 use BookStack\Api\ApiToken;

10 use BookStack\Entities\Models\PageRevision;

11 use BookStack\Users\Models\User;

12 use Illuminate\Http\Client\Request;

13 use Illuminate\Support\Facades\Bus;

14 use Illuminate\Support\Facades\Http;

15 use Tests\TestCase;

17 class WebhookCallTest extends TestCase

18 {

19 public function test_webhook_listening_to_all_called_on_event()

20 {

21 $this->newWebhook([], ['all']);

22 Bus::fake();

23 $this->runEvent(ActivityType::ROLE_CREATE);

24 Bus::assertDispatched(DispatchWebhookJob::class);

25 }

27 public function test_webhook_listening_to_specific_event_called_on_event()

28 {

29 $this->newWebhook([], [ActivityType::ROLE_UPDATE]);

30 Bus::fake();

31 $this->runEvent(ActivityType::ROLE_UPDATE);

32 Bus::assertDispatched(DispatchWebhookJob::class);

33 }

35 public function test_webhook_listening_to_specific_event_not_called_on_other_event()

36 {

37 $this->newWebhook([], [ActivityType::ROLE_UPDATE]);

38 Bus::fake();

39 $this->runEvent(ActivityType::ROLE_CREATE);

40 Bus::assertNotDispatched(DispatchWebhookJob::class);

41 }

43 public function test_inactive_webhook_not_called_on_event()

44 {

45 $this->newWebhook(['active' => false], ['all']);

46 Bus::fake();

47 $this->runEvent(ActivityType::ROLE_CREATE);

48 Bus::assertNotDispatched(DispatchWebhookJob::class);

49 }

51 public function test_webhook_runs_for_delete_actions()

52 {

53 $this->newWebhook(['active' => true, 'endpoint' => 'https://wh.example.com'], ['all']);

54 Http::fake([

55 '*' => Http::response('', 500),

56 ]);

58 $user = $this->users->newUser();

59 $resp = $this->asAdmin()->delete($user->getEditUrl());

60 $resp->assertRedirect('/settings/users');

62 /** @var ApiToken $apiToken */

63 $editor = $this->users->editor();

64 $apiToken = ApiToken::factory()->create(['user_id' => $editor]);

65 $resp = $this->delete($editor->getEditUrl('/api-tokens/' . $apiToken->id));

66 $resp->assertRedirect($editor->getEditUrl('#api_tokens'));

67 }

69 public function test_failed_webhook_call_logs_error()

70 {

71 $logger = $this->withTestLogger();

72 Http::fake([

73 '*' => Http::response('', 500),

74 ]);

75 $webhook = $this->newWebhook(['active' => true, 'endpoint' => 'https://wh.example.com'], ['all']);

76 $this->assertNull($webhook->last_errored_at);

78 $this->runEvent(ActivityType::ROLE_CREATE);

80 $this->assertTrue($logger->hasError('Webhook call to endpoint https://wh.example.com failed with status 500'));

82 $webhook->refresh();

83 $this->assertEquals('Response status from endpoint was 500', $webhook->last_error);

84 $this->assertNotNull($webhook->last_errored_at);

85 }

87 public function test_webhook_call_exception_is_caught_and_logged()

88 {

89 Http::shouldReceive('asJson')->andThrow(new \Exception('Failed to perform request'));

91 $logger = $this->withTestLogger();

92 $webhook = $this->newWebhook(['active' => true, 'endpoint' => 'https://wh.example.com'], ['all']);

93 $this->assertNull($webhook->last_errored_at);

95 $this->runEvent(ActivityType::ROLE_CREATE);

97 $this->assertTrue($logger->hasError('Webhook call to endpoint https://wh.example.com failed with error "Failed to perform request"'));

99 $webhook->refresh();

100 $this->assertEquals('Failed to perform request', $webhook->last_error);

101 $this->assertNotNull($webhook->last_errored_at);

102 }

103

104 public function test_webhook_uses_ssr_hosts_option_if_set()

105 {

106 config()->set('app.ssr_hosts', 'https://*.example.com');

107 $http = Http::fake();

108

109 $webhook = $this->newWebhook(['active' => true, 'endpoint' => 'https://wh.example.co.uk'], ['all']);

110 $this->runEvent(ActivityType::ROLE_CREATE);

111 $http->assertNothingSent();

112

113 $webhook->refresh();

114 $this->assertEquals('The URL does not match the configured allowed SSR hosts', $webhook->last_error);

115 $this->assertNotNull($webhook->last_errored_at);

116 }

117

118 public function test_webhook_call_data_format()

119 {

120 Http::fake([

121 '*' => Http::response('', 200),

122 ]);

123 $webhook = $this->newWebhook(['active' => true, 'endpoint' => 'https://wh.example.com'], ['all']);

124 $page = $this->entities->page();

125 $editor = $this->users->editor();

126

127 $this->runEvent(ActivityType::PAGE_UPDATE, $page, $editor);

128

129 Http::assertSent(function (Request $request) use ($editor, $page, $webhook) {

130 $reqData = $request->data();

131

132 return $request->isJson()

133 && $reqData['event'] === 'page_update'

134 && $reqData['text'] === ($editor->name . ' updated page "' . $page->name . '"')

135 && is_string($reqData['triggered_at'])

136 && $reqData['triggered_by']['name'] === $editor->name

137 && $reqData['triggered_by_profile_url'] === $editor->getProfileUrl()

138 && $reqData['webhook_id'] === $webhook->id

139 && $reqData['webhook_name'] === $webhook->name

140 && $reqData['url'] === $page->getUrl()

141 && $reqData['related_item']['name'] === $page->name;

142 });

143 }

144

145 protected function runEvent(string $event, $detail = '', ?User $user = null)

146 {

147 if (is_null($user)) {

148 $user = $this->users->editor();

149 }

150

151 $this->actingAs($user);

152

153 $activityLogger = $this->app->make(ActivityLogger::class);

154 $activityLogger->add($event, $detail);

155 }

156

157 protected function newWebhook(array $attrs, array $events): Webhook

158 {

159 /** @var Webhook $webhook */

160 $webhook = Webhook::factory()->create($attrs);

161

162 foreach ($events as $event) {

163 $webhook->trackedEvents()->create(['event' => $event]);

164 }

165

166 return $webhook;

167 }

168 }