Add an authorization token to hooks

f3c73bd6 · Pietro Albini · c400d83f · f3c73bd6 · f3c73bd6 · f3c73bd6
Commit f3c73bd6 authored Dec 11, 2015 by Pietro Albini
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 3 deletions

README.md README.md +2 -0

managetests/__main__.py managetests/__main__.py +10 -0

managetests/frontend/__init__.py managetests/frontend/__init__.py +6 -3

No files found.
--- a/README.md
+++ b/README.md
@@ -45,6 +45,7 @@ file di configurazione `config.json` presente in essa, in questo modo:
    "gitlab-token": "YOUR-API-KEY",
    "gitlab-url": "http://code.ubuntu-it.org",
    "gitlab-project": "ubuntu-it-web/www",
+    "hooks-token": "RANDOM-TOKEN",
    "keep-branches": [
        "master"
    ]
@@ -56,6 +57,7 @@ I parametri in esso sono i seguenti:
 * `gitlab-token` è l'API key di GitLab del tuo account
 * `gitlab-url` è l'URL dell'istanza GitLab
 * `gitlab-project` è l'ID del progetto su GitLab
+* `hooks-token` è il token necessario per inviare hook a managetests
 * `keep-branches` è una lista di branch da caricare anche se non sono in una
  merge request (per esempio `master`)


--- a/managetests/__main__.py
+++ b/managetests/__main__.py
@@ -19,6 +19,8 @@ import os
 import sys
 import json
 import subprocess
+import random
+import string

 import click

@@ -32,6 +34,13 @@ def error(message, *format):
    sys.exit(1)


+def random_string(length):
+    """Generate a random string"""
+    rand = random.SystemRandom()  # Uses /dev/urandom
+    chars = string.ascii_letters+string.digits
+    return "".join(rand.choice(chars) for i in range(length))
+
+
 @click.group()
 @click.option("-r", "--root", help="The managetests root")
 @click.pass_context
@@ -70,6 +79,7 @@ def init_command(ctx, git_url):
            "gitlab-url": "http://code.ubuntu-it.org",
            "gitlab-project": "ubuntu-it-web/www",
            "gitlab-token": "abcdefghi",
+            "hooks-token": random_string(32),
            "keep-branches": [
                "master",
            ],

--- a/managetests/frontend/__init__.py
+++ b/managetests/frontend/__init__.py
@@ -62,9 +62,12 @@ def create_app(manager, processor):

        return flask.render_template("index.html", branches=branches)

-    @app.route("/+hook", methods=["POST"])
-    def hook():
+    @app.route("/+hook/<token>", methods=["POST"])
+    def hook(token):
+        if token != manager.config["hooks-token"]:
+            return "UNAUTHORIZED", 401
+
        processor.append(flask.request.json)
-        return "OK"
+        return "OK", 200

    return app