finga/webhookey
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases Wiki Activity

Add HeaderFilter for filter based on the header

Browse source 
This extends filtering to filter also on the received http header.
This commit is contained in:
finga 2021-11-17 15:13:12 +01:00
parent 0d9c5f650f
commit 8c9d9e63f2
2 changed files with 52 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/main.rs
View file

@ -199,7 +199,7 @@ impl Hooks {
let mut data: serde_json::Value =
serde_json::from_slice(&buffer).map_err(WebhookeyError::Serde)?;
match hook.filter.evaluate(&data) {
match hook.filter.evaluate(request, &data) {
Ok(true) => match hook.get_command(hook_name, request, &mut data) {
Ok(command) => {
info!("Filter for `{}` matched", &hook_name);
@ -483,7 +483,7 @@ async fn main() -> Result<()> {
#[cfg(test)]
mod tests {
use super::*;
use crate::webhooks::{AddrType, JsonFilter};
use crate::webhooks::{AddrType, HeaderFilter, JsonFilter};
use rocket::{
http::{ContentType, Header},
local::asynchronous::Client,
@ -850,8 +850,8 @@ hooks:
- json:
pointer: /ref
regex: refs/heads/master
- json:
pointer: /after
- header:
field: X-Gitea-Signature
regex: f6e5fe4fe37df76629112d55cc210718b6a55e7e"#,
)
.unwrap();
@ -889,8 +889,8 @@ hooks:
pointer: "/ref".to_string(),
regex: "refs/heads/master".to_string(),
}),
FilterType::JsonFilter(JsonFilter {
pointer: "/after".to_string(),
FilterType::HeaderFilter(HeaderFilter {
field: "X-Gitea-Signature".to_string(),
regex: "f6e5fe4fe37df76629112d55cc210718b6a55e7e".to_string(),
}),
]),

52
src/webhooks.rs
View file

@ -2,6 +2,7 @@ use anyhow::Result;
use ipnet::IpNet;
use log::{debug, error, trace};
use regex::Regex;
use rocket::{http::HeaderMap, Request};
use serde::{Deserialize, Serialize};
use std::net::IpAddr;
use thiserror::Error;
@ -56,6 +57,39 @@ impl IpFilter {
}
}
#[derive(Debug, Deserialize, Serialize)]
pub struct HeaderFilter {
pub field: String,
pub regex: String,
}
impl HeaderFilter {
pub fn evaluate(&self, headers: &HeaderMap) -> Result<bool, WebhookeyError> {
trace!(
"Matching `{}` on `{}` from received header",
&self.regex,
&self.field,
);
let regex = Regex::new(&self.regex).map_err(WebhookeyError::Regex)?;
if let Some(value) = headers.get_one(&self.field) {
if regex.is_match(value) {
debug!("Regex `{}` for `{}` matches", &self.regex, &self.field);
return Ok(true);
}
}
debug!(
"Regex `{}` for header field `{}` does not match",
&self.regex, &self.field
);
Ok(false)
}
}
#[derive(Debug, Deserialize, Serialize)]
#[serde(deny_unknown_fields)]
pub struct JsonFilter {
@ -82,7 +116,7 @@ impl JsonFilter {
}
debug!(
"Regex `{}` for `{}` does not match",
"Regex `{}` for json field `{}` does not match",
&self.regex, &self.pointer
);
@ -96,20 +130,26 @@ pub enum FilterType {
Not(Box<FilterType>),
And(Vec<FilterType>),
Or(Vec<FilterType>),
#[serde(rename = "header")]
HeaderFilter(HeaderFilter),
#[serde(rename = "json")]
JsonFilter(JsonFilter),
}
impl FilterType {
pub fn evaluate(&self, data: &serde_json::Value) -> Result<bool, WebhookeyError> {
pub fn evaluate(
&self,
request: &Request,
data: &serde_json::Value,
) -> Result<bool, WebhookeyError> {
match self {
FilterType::Not(filter) => Ok(!filter.evaluate(data)?),
FilterType::Not(filter) => Ok(!filter.evaluate(request, data)?),
FilterType::And(filters) => {
let (mut results, mut errors) = (Vec::new(), Vec::new());
filters
.iter()
.map(|filter| filter.evaluate(data))
.map(|filter| filter.evaluate(request, data))
.for_each(|item| match item {
Ok(o) => results.push(o),
Err(e) => errors.push(e),
@ -130,7 +170,7 @@ impl FilterType {
filters
.iter()
.map(|filter| filter.evaluate(data))
.map(|filter| filter.evaluate(request, data))
.for_each(|item| match item {
Ok(o) => results.push(o),
Err(e) => errors.push(e),
@ -146,7 +186,7 @@ impl FilterType {
Err(WebhookeyError::InvalidFilter)
}
}
// FilterType::HeaderFilter(filter) => todo!(),
FilterType::HeaderFilter(filter) => filter.evaluate(request.headers()),
FilterType::JsonFilter(filter) => filter.evaluate(data),
}
}