2019-08-09 17:11:24 +03:00
|
|
|
const models = require('../../models');
|
2021-10-06 13:53:40 +03:00
|
|
|
const tpl = require('@tryghost/tpl');
|
2020-05-22 21:22:20 +03:00
|
|
|
const errors = require('@tryghost/errors');
|
2021-09-17 10:11:23 +03:00
|
|
|
const getWebhooksServiceInstance = require('../../services/webhooks/webhooks-service');
|
|
|
|
|
2021-10-06 13:53:40 +03:00
|
|
|
const messages = {
|
|
|
|
resourceNotFound: '{resource} not found.',
|
|
|
|
noPermissionToEdit: {
|
|
|
|
message: 'You do not have permission to {method} this webhook.',
|
|
|
|
context: 'You may only {method} webhooks that belong to the authenticated integration. Check the supplied Admin API Key.'
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2021-09-17 10:11:23 +03:00
|
|
|
const webhooksService = getWebhooksServiceInstance({
|
|
|
|
WebhookModel: models.Webhook
|
|
|
|
});
|
2019-08-09 17:11:24 +03:00
|
|
|
|
|
|
|
module.exports = {
|
|
|
|
docName: 'webhooks',
|
|
|
|
|
|
|
|
add: {
|
|
|
|
statusCode: 201,
|
2020-09-14 13:33:37 +03:00
|
|
|
headers: {
|
|
|
|
// NOTE: remove if there is ever a 'read' method
|
|
|
|
location: false
|
|
|
|
},
|
2019-08-09 17:11:24 +03:00
|
|
|
options: [],
|
|
|
|
data: [],
|
|
|
|
permissions: true,
|
2020-09-24 04:55:25 +03:00
|
|
|
async query(frame) {
|
2021-09-17 10:11:23 +03:00
|
|
|
return await webhooksService.add(frame.data, frame.options);
|
2019-08-09 17:11:24 +03:00
|
|
|
}
|
|
|
|
},
|
|
|
|
|
|
|
|
edit: {
|
2020-07-08 07:54:31 +03:00
|
|
|
permissions: {
|
|
|
|
before: (frame) => {
|
2020-08-04 07:43:24 +03:00
|
|
|
if (frame.options.context && frame.options.context.integration && frame.options.context.integration.id) {
|
2020-07-08 07:54:31 +03:00
|
|
|
return models.Webhook.findOne({id: frame.options.id})
|
|
|
|
.then((webhook) => {
|
2020-08-03 14:08:47 +03:00
|
|
|
if (!webhook) {
|
|
|
|
throw new errors.NotFoundError({
|
2021-10-06 13:53:40 +03:00
|
|
|
message: tpl(messages.resourceNotFound, {
|
2020-08-03 14:08:47 +03:00
|
|
|
resource: 'Webhook'
|
|
|
|
})
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2020-08-04 07:43:24 +03:00
|
|
|
if (webhook.get('integration_id') !== frame.options.context.integration.id) {
|
2020-07-08 07:54:31 +03:00
|
|
|
throw new errors.NoPermissionError({
|
2021-10-06 13:53:40 +03:00
|
|
|
message: tpl(messages.noPermissionToEdit.message, {
|
2020-07-08 07:54:31 +03:00
|
|
|
method: 'edit'
|
|
|
|
}),
|
2021-10-06 13:53:40 +03:00
|
|
|
context: tpl(messages.noPermissionToEdit.context, {
|
2020-07-08 07:54:31 +03:00
|
|
|
method: 'edit'
|
|
|
|
})
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
2019-08-09 17:11:24 +03:00
|
|
|
data: [
|
|
|
|
'name',
|
|
|
|
'event',
|
|
|
|
'target_url',
|
|
|
|
'secret',
|
|
|
|
'api_version'
|
|
|
|
],
|
|
|
|
options: [
|
|
|
|
'id'
|
|
|
|
],
|
|
|
|
validation: {
|
|
|
|
options: {
|
|
|
|
id: {
|
|
|
|
required: true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
query({data, options}) {
|
|
|
|
return models.Webhook.edit(data.webhooks[0], Object.assign(options, {require: true}))
|
|
|
|
.catch(models.Webhook.NotFoundError, () => {
|
2020-05-22 21:22:20 +03:00
|
|
|
throw new errors.NotFoundError({
|
2021-10-06 13:53:40 +03:00
|
|
|
message: tpl(messages.resourceNotFound, {
|
2019-08-09 17:11:24 +03:00
|
|
|
resource: 'Webhook'
|
|
|
|
})
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
|
|
|
},
|
|
|
|
|
|
|
|
destroy: {
|
|
|
|
statusCode: 204,
|
|
|
|
headers: {},
|
|
|
|
options: [
|
|
|
|
'id'
|
|
|
|
],
|
|
|
|
validation: {
|
|
|
|
options: {
|
|
|
|
id: {
|
|
|
|
required: true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
2020-07-08 07:54:31 +03:00
|
|
|
permissions: {
|
|
|
|
before: (frame) => {
|
2020-08-04 07:43:24 +03:00
|
|
|
if (frame.options.context && frame.options.context.integration && frame.options.context.integration.id) {
|
2020-07-08 07:54:31 +03:00
|
|
|
return models.Webhook.findOne({id: frame.options.id})
|
|
|
|
.then((webhook) => {
|
2020-08-03 14:08:47 +03:00
|
|
|
if (!webhook) {
|
|
|
|
throw new errors.NotFoundError({
|
2021-10-06 13:53:40 +03:00
|
|
|
message: tpl(messages.resourceNotFound, {
|
2020-08-03 14:08:47 +03:00
|
|
|
resource: 'Webhook'
|
|
|
|
})
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2020-08-04 07:43:24 +03:00
|
|
|
if (webhook.get('integration_id') !== frame.options.context.integration.id) {
|
2020-07-08 07:54:31 +03:00
|
|
|
throw new errors.NoPermissionError({
|
2021-10-06 13:53:40 +03:00
|
|
|
message: tpl(messages.noPermissionToEdit.message, {
|
2020-07-20 11:05:56 +03:00
|
|
|
method: 'destroy'
|
2020-07-08 07:54:31 +03:00
|
|
|
}),
|
2021-10-06 13:53:40 +03:00
|
|
|
context: tpl(messages.noPermissionToEdit.context, {
|
2020-07-08 07:54:31 +03:00
|
|
|
method: 'destroy'
|
|
|
|
})
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
2019-08-09 17:11:24 +03:00
|
|
|
query(frame) {
|
|
|
|
frame.options.require = true;
|
2020-04-13 13:21:47 +03:00
|
|
|
|
|
|
|
return models.Webhook.destroy(frame.options)
|
|
|
|
.then(() => null)
|
|
|
|
.catch(models.Webhook.NotFoundError, () => {
|
2020-05-22 21:22:20 +03:00
|
|
|
return Promise.reject(new errors.NotFoundError({
|
2021-10-06 13:53:40 +03:00
|
|
|
message: tpl(messages.resourceNotFound, {
|
2020-04-13 13:21:47 +03:00
|
|
|
resource: 'Webhook'
|
|
|
|
})
|
|
|
|
}));
|
|
|
|
});
|
2019-08-09 17:11:24 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
};
|