apitech
/
Rocket.Chat
mirror of https://github.com/RocketChat/Rocket.Chat
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[BREAK] Webhook will fail if user is not part of the channel (#23310)

Browse Source
pull/23317/head^2
Diego Sampaio 4 years ago committed by GitHub
parent 4bae47ddc9
commit fca74fa09c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 9 additions and 28 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      app/integrations/server/api/api.js
  2. 8
      app/integrations/server/lib/triggerHandler.js
  3. 23
      app/lib/server/functions/processWebhookMessage.js

6
app/integrations/server/api/api.js
Unescape View File

@ -11,9 +11,9 @@ import s from 'underscore.string';
import moment from 'moment';
import { incomingLogger } from '../logger';
import { processWebhookMessage } from '../../../lib';
import { processWebhookMessage } from '../../../lib/server';
import { API, APIClass, defaultRateLimiterOptions } from '../../../api/server';
import * as Models from '../../../models';
import * as Models from '../../../models/server';
import { settings } from '../../../settings/server';
const compiledScripts = {};
@ -239,7 +239,7 @@ function executeIntegrationRest() {
this.bodyParams.bot = { i: this.integration._id };
try {
const message = processWebhookMessage(this.bodyParams, this.user, defaultValues, this.integration);
const message = processWebhookMessage(this.bodyParams, this.user, defaultValues);
if (_.isEmpty(message)) {
return API.v1.failure('unknown-error');
}

8
app/integrations/server/lib/triggerHandler.js
Unescape View File

@ -9,9 +9,9 @@ import moment from 'moment';
import Fiber from 'fibers';
import Future from 'fibers/future';
import * as Models from '../../../models';
import { settings } from '../../../settings';
import { getRoomByNameOrIdWithOptionToJoin, processWebhookMessage } from '../../../lib';
import * as Models from '../../../models/server';
import { settings } from '../../../settings/server';
import { getRoomByNameOrIdWithOptionToJoin, processWebhookMessage } from '../../../lib/server';
import { outgoingLogger } from '../logger';
import { integrations } from '../../lib/rocketchat';
@ -192,7 +192,7 @@ export class RocketChatIntegrationHandler {
message.channel = `#${ tmpRoom._id }`;
}
message = processWebhookMessage(message, user, defaultValues, trigger);
message = processWebhookMessage(message, user, defaultValues);
return message;
}

23
app/lib/server/functions/processWebhookMessage.js
Unescape View File

@ -1,7 +1,6 @@
import { Meteor } from 'meteor/meteor';
import _ from 'underscore';
import s from 'underscore.string';
import mem from 'mem';
import { getRoomByNameOrIdWithOptionToJoin } from './getRoomByNameOrIdWithOptionToJoin';
import { sendMessage } from './sendMessage';
@ -9,14 +8,7 @@ import { validateRoomMessagePermissions } from '../../../authorization/server/fu
import { SystemLogger } from '../../../../server/lib/logger/system';
import { getDirectMessageByIdWithOptionToJoin, getDirectMessageByNameOrIdWithOptionToJoin } from './getDirectMessageByNameOrIdWithOptionToJoin';
// show deprecation warning only once per hour for each integration
const showDeprecation = mem(({ integration, channels, username }, error) => {
console.warn(`Warning: The integration "${ integration }" failed to send a message to "${ [].concat(channels).join(',') }" because user "${ username }" doesn't have permission or is not a member of the channel.`);
console.warn('This behavior is deprecated and starting from version v4.0.0 the following error will be thrown and the message will not be sent.');
SystemLogger.error(error);
}, { maxAge: 360000, cacheKey: (integration) => JSON.stringify(integration) });
export const processWebhookMessage = function(messageObj, user, defaultValues = { channel: '', alias: '', avatar: '', emoji: '' }, integration = null) {
export const processWebhookMessage = function(messageObj, user, defaultValues = { channel: '', alias: '', avatar: '', emoji: '' }) {
const sentData = [];
const channels = [].concat(messageObj.channel || messageObj.roomId || defaultValues.channel);
@ -87,18 +79,7 @@ export const processWebhookMessage = function(messageObj, user, defaultValues =
}
}
try {
validateRoomMessagePermissions(room, { uid: user._id, ...user });
} catch (error) {
if (!integration) {
throw error;
}
showDeprecation({
integration: integration.name,
channels: integration.channel,
username: integration.username,
}, error);
}
validateRoomMessagePermissions(room, { uid: user._id, ...user });
const messageReturn = sendMessage(user, message, room);
sentData.push({ channel, message: messageReturn });

Write Preview
Loading…
Cancel
Save