RubyGems - bullet_train-outgoing_webhooks - Versions diffs - 1.0.2 → 1.0.5 - Mend

bullet_train-outgoing_webhooks 1.0.2 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

data/app/models/concerns/webhooks/outgoing/uri_filtering.rb ADDED Viewed

@@ -0,0 +1,149 @@
+require "resolv"
+require "public_suffix"
+module Webhooks::Outgoing::UriFiltering
+  extend ActiveSupport::Concern
+  # WEBHOOK SECURITY PRIMER
+  # =============================================================================
+  # Outgoing webhooks can be dangerous. By allowing your users to set
+  # up outgoing webhooks, you"re giving them permission to call arbitrary
+  # URLs from your server, including URLs that could represent resources
+  # internal to your company. Malicious actors can use this permission to
+  # examine your infrastructure, call internal APIs, and generally cause
+  # havok.
+  # This module attempts to block malicious actors with the following algorithm
+  #   1. Block anything but http and https requests
+  #   2. Block or allow defined hostnames, both regex and strings
+  #   3. Block if `custom_block_callback` returns true (args: self, uri)
+  #   4. Allow if `custom_allow_callback` returns true (args: self, uri)
+  #   5. Resolve the IP associated with the webhook"s host directly from
+  #      the authoritative name server for the host"s domain. This IP
+  #      is cached for the returned DNS TTL
+  #   6. Match the given IP against lists of allowed and blocked cidr ranges.
+  #      The blocked list by default includes all of the defined private address
+  #      ranges, localhost, the private IPv6 prefix, and the AWS metadata
+  #      API endpoint.
+  # If at any point a URI is determined to be blocked we call `audit_callback`
+  # (args: self, uri) so it can be logged for auditing.
+  # We resolve the IP from the authoritative name server directly so we can avoid
+  # certain classes of DNS poisoning attacks.
+  # Users of this gem are _strongly_ enouraged to add additional cidr ranges
+  # and hostnames to the appropriate lists and/or implement `custom_block_callback`.
+  # At the very least you should add the public hostname that your
+  # application uses to the blocked_hostnames list.
+  class AllowedUriValidator < ActiveModel::EachValidator
+    def validate_each(record, attribute, value)
+      uri = URI.parse(value)
+      unless record.allowed_uri?(uri)
+        record.errors.add attribute, "is not an allowed uri"
+      end
+    end
+  end
+  def resolve_ip_from_authoritative(hostname)
+    begin
+      ip = IPAddr.new(hostname)
+      return ip.to_s
+    rescue IPAddr::InvalidAddressError
+      # this is fine, proceed with resolver path
+    end
+    cache_key = "#{cache_key_with_version}/uri_ip/#{Digest::SHA2.hexdigest(hostname)}"
+    cached = Rails.cache.read(cache_key)
+    if cached
+      return cached == "invalid" ? nil : cached
+    end
+    begin
+      # This is sort of a half-recursive DNS resolver.
+      # We can't implement a full recursive resolver using just Resolv::DNS so instead
+      # this asks a public cache for the NS record for the given domain. Then it asks
+      # the authoritative nameserver directly for the address and caches it according
+      # to the returned TTL.
+      config = Rails.configuration.outgoing_webhooks
+      ns_resolver = Resolv::DNS.new(nameserver: config[:public_resolvers])
+      ns_resolver.timeouts = 1
+      domain = PublicSuffix.domain(hostname)
+      authoritative = ns_resolver.getresource(domain, Resolv::DNS::Resource::IN::NS)
+      authoritative_resolver = Resolv::DNS.new(nameserver: [authoritative.name.to_s])
+      authoritative_resolver.timeouts = 1
+      resource = authoritative_resolver.getresource(hostname, Resolv::DNS::Resource::IN::A)
+      Rails.cache.write(cache_key, resource.address.to_s, expires_in: resource.ttl, race_condition_ttl: 5)
+      resource.address.to_s
+    rescue IPAddr::InvalidAddressError, ArgumentError # standard:disable Lint/ShadowedException
+      Rails.cache.write(cache_key, "invalid", expires_in: 10.minutes, race_condition_ttl: 5)
+      nil
+    end
+  end
+  def allowed_uri?(uri)
+    unless _allowed_uri?(uri)
+      config = Rails.configuration.outgoing_webhooks
+      if config[:audit_callback].present?
+        config[:audit_callback].call(self, uri)
+      end
+      return false
+    end
+    true
+  end
+  def _allowed_uri?(uri)
+    config = Rails.configuration.outgoing_webhooks
+    hostname = uri.hostname.downcase
+    return false unless config[:allowed_schemes].include?(uri.scheme)
+    config[:blocked_hostnames].each do |blocked|
+      if blocked.is_a?(Regexp)
+        return false if blocked.match?(hostname)
+      end
+      return false if blocked == hostname
+    end
+    config[:allowed_hostnames].each do |allowed|
+      if allowed.is_a?(Regexp)
+        return true if allowed.match?(hostname)
+      end
+      return true if allowed == hostname
+    end
+    if config[:custom_allow_callback].present?
+      return true if config[:custom_allow_callback].call(self, uri)
+    end
+    if config[:custom_block_callback].present?
+      return false if config[:custom_block_callback].call(self, uri)
+    end
+    resolved_ip = resolve_ip_from_authoritative(hostname)
+    return false if resolved_ip.nil?
+    begin
+      config[:allowed_cidrs].each do |cidr|
+        return true if IPAddr.new(cidr).include?(resolved_ip)
+      end
+      config[:blocked_cidrs].each do |cidr|
+        return false if IPAddr.new(cidr).include?(resolved_ip)
+      end
+    rescue IPAddr::InvalidAddressError
+      return false
+    end
+    true
+  end
+end

data/app/models/webhooks/outgoing/delivery.rb ADDED Viewed

@@ -0,0 +1,20 @@
+class Webhooks::Outgoing::Delivery < BulletTrain::OutgoingWebhooks.base_class.constantize
+  include Webhooks::Outgoing::DeliverySupport
+  # 🚅 add concerns above.
+  # 🚅 add belongs_to associations above.
+  # 🚅 add has_many associations above.
+  # 🚅 add has_one associations above.
+  # 🚅 add scopes above.
+  # 🚅 add validations above.
+  # 🚅 add callbacks above.
+  # 🚅 add delegations above.
+  # 🚅 add methods above.
+end

data/app/models/webhooks/outgoing/delivery_attempt.rb ADDED Viewed

@@ -0,0 +1,20 @@
+class Webhooks::Outgoing::DeliveryAttempt < BulletTrain::OutgoingWebhooks.base_class.constantize
+  include Webhooks::Outgoing::DeliveryAttemptSupport
+  # 🚅 add concerns above.
+  # 🚅 add belongs_to associations above.
+  # 🚅 add has_many associations above.
+  # 🚅 add has_one associations above.
+  # 🚅 add scopes above.
+  # 🚅 add validations above.
+  # 🚅 add callbacks above.
+  # 🚅 add delegations above.
+  # 🚅 add methods above.
+end

data/app/models/webhooks/outgoing/endpoint.rb ADDED Viewed

@@ -0,0 +1,20 @@
+class Webhooks::Outgoing::Endpoint < BulletTrain::OutgoingWebhooks.base_class.constantize
+  include Webhooks::Outgoing::EndpointSupport
+  # 🚅 add concerns above.
+  # 🚅 add belongs_to associations above.
+  # 🚅 add has_many associations above.
+  # 🚅 add has_one associations above.
+  # 🚅 add scopes above.
+  # 🚅 add validations above.
+  # 🚅 add callbacks above.
+  # 🚅 add delegations above.
+  # 🚅 add methods above.
+end

data/app/models/webhooks/outgoing/event.rb ADDED Viewed

@@ -0,0 +1,3 @@
+class Webhooks::Outgoing::Event < BulletTrain::OutgoingWebhooks.base_class.constantize
+  include Webhooks::Outgoing::EventSupport
+end

data/app/models/webhooks/outgoing/event_type.rb ADDED Viewed

@@ -0,0 +1,13 @@
+class Webhooks::Outgoing::EventType < ApplicationHash
+  self.data = YAML.load_file("config/models/webhooks/outgoing/event_types.yml").map do |topic, events|
+    events.map { |event| event == "crud" ? ["created", "updated", "deleted"] : event }.flatten.map { |event| {id: "#{topic}.#{event}"} }
+  end.flatten
+  def label_string
+    name
+  end
+  def name
+    id
+  end
+end

data/app/models/webhooks/outgoing.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Webhooks::Outgoing
+  def self.table_name_prefix
+    "webhooks_outgoing_"
+  end
+end

data/app/models/webhooks.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Webhooks
+  def self.table_name_prefix
+    "webhooks_"
+  end
+end

data/app/serializers/api/v1/webhooks/outgoing/delivery_attempt_serializer.rb ADDED Viewed

@@ -0,0 +1,16 @@
+class Api::V1::Webhooks::Outgoing::DeliveryAttemptSerializer < Api::V1::ApplicationSerializer
+  set_type "webhooks/outgoing/delivery_attempt"
+  attributes :id,
+    :delivery_id,
+    :response_code,
+    :response_body,
+    :response_message,
+    :error_message,
+    :attempt_number,
+    # 🚅 super scaffolding will insert new fields above this line.
+    :created_at,
+    :updated_at
+  belongs_to :delivery, serializer: Api::V1::Webhooks::Outgoing::DeliverySerializer
+end

data/app/serializers/api/v1/webhooks/outgoing/delivery_serializer.rb ADDED Viewed

@@ -0,0 +1,14 @@
+class Api::V1::Webhooks::Outgoing::DeliverySerializer < Api::V1::ApplicationSerializer
+  set_type "webhooks/outgoing/delivery"
+  attributes :id,
+    :endpoint_id,
+    :event_id,
+    :endpoint_url,
+    :delivered_at,
+    # 🚅 super scaffolding will insert new fields above this line.
+    :created_at,
+    :updated_at
+  belongs_to :endpoint, serializer: Api::V1::Webhooks::Outgoing::EndpointSerializer
+end

data/app/serializers/api/v1/webhooks/outgoing/endpoint_serializer.rb ADDED Viewed

@@ -0,0 +1,14 @@
+class Api::V1::Webhooks::Outgoing::EndpointSerializer < Api::V1::ApplicationSerializer
+  set_type "webhooks/outgoing/endpoint"
+  attributes :id,
+    :team_id,
+    :name,
+    :url,
+    :event_type_ids,
+    # 🚅 super scaffolding will insert new fields above this line.
+    :created_at,
+    :updated_at
+  belongs_to :team, serializer: Api::V1::TeamSerializer
+end

data/app/views/account/webhooks/outgoing/deliveries/_menu_item.html.erb CHANGED Viewed

@@ -1,6 +1,6 @@
-<% if can? :read, Webhooks::Outgoing::Delivery.new(team: current_team) %>
+<% if can? :read, Webhooks::Outgoing::Delivery.new(BulletTrain::OutgoingWebhooks.parent_association => send(BulletTrain::OutgoingWebhooks.current_parent_method)) %>
   <%= render 'account/shared/menu/item', {
-    url: main_app.polymorphic_path([:account, current_team, :webhooks_outgoing_deliveries]),
+    url: main_app.polymorphic_path([:account, send(BulletTrain::OutgoingWebhooks.current_parent_method), :webhooks_outgoing_deliveries]),
     label: t('webhooks/outgoing/deliveries.navigation.label'),
   } do |p| %>
     <% p.content_for :icon do %>

data/app/views/account/webhooks/outgoing/delivery_attempts/_menu_item.html.erb CHANGED Viewed

@@ -1,6 +1,6 @@
-<% if can? :read, Webhooks::Outgoing::DeliveryAttempt.new(team: current_team) %>
+<% if can? :read, Webhooks::Outgoing::DeliveryAttempt.new(BulletTrain::OutgoingWebhooks.parent_association => send(BulletTrain::OutgoingWebhooks.current_parent_method)) %>
   <%= render 'account/shared/menu/item', {
-    url: main_app.polymorphic_path([:account, current_team, :webhooks_outgoing_delivery_attempts]),
+    url: main_app.polymorphic_path([:account, send(BulletTrain::OutgoingWebhooks.current_parent_method), :webhooks_outgoing_delivery_attempts]),
     label: t('webhooks/outgoing/delivery_attempts.navigation.label'),
   } do |p| %>
     <% p.content_for :icon do %>

data/app/views/account/webhooks/outgoing/endpoints/_breadcrumbs.html.erb CHANGED Viewed

@@ -1,5 +1,5 @@
 <% endpoint ||= @endpoint %>
-<% team ||= @team || endpoint&.team %>
+<% team ||= @parent || endpoint&.send(BulletTrain::OutgoingWebhooks.parent_association) %>
 <%= render 'account/teams/breadcrumbs', team: team %>
 <%= render 'account/shared/breadcrumb', label: t('.label'), url: [:account, team, :webhooks_outgoing_endpoints] %>
 <% if endpoint&.persisted? %>

data/app/views/account/webhooks/outgoing/endpoints/_form.html.erb CHANGED Viewed

@@ -1,4 +1,4 @@
-<%= form_with model: endpoint, url: (endpoint.persisted? ? [:account, endpoint] : [:account, @team, :webhooks_outgoing_endpoints]), local: true, class: 'form' do |form| %>
+<%= form_with model: endpoint, url: (endpoint.persisted? ? [:account, endpoint] : [:account, @parent, :webhooks_outgoing_endpoints]), local: true, class: 'form' do |form| %>
   <%= render 'account/shared/forms/errors', form: form %>
   <% with_field_settings form: form do %>
@@ -14,7 +14,7 @@
     <% if form.object.persisted? %>
     <%= link_to t('global.buttons.cancel'), [:account, endpoint], class: "button-secondary" %>
     <% else %>
-    <%= link_to t('global.buttons.cancel'), [:account, @team, :webhooks_outgoing_endpoints], class: "button-secondary" %>
+    <%= link_to t('global.buttons.cancel'), [:account, @parent, :webhooks_outgoing_endpoints], class: "button-secondary" %>
     <% end %>
   </div>

data/app/views/account/webhooks/outgoing/endpoints/_index.html.erb CHANGED Viewed

@@ -1,4 +1,4 @@
-<% team = @team || @team %>
+<% team = @parent %>
 <% context ||= team %>
 <% collection ||= :webhooks_outgoing_endpoints %>
 <% hide_actions ||= false %>
@@ -49,8 +49,8 @@
   <% p.content_for :actions do %>
     <% unless hide_actions %>
       <% if context == team %>
-        <% if can? :create, Webhooks::Outgoing::Endpoint.new(team: team) %>
-          <%= link_to t('.buttons.new'), [:new, :account, team, :webhooks_outgoing_endpoint], class: "#{first_button_primary(:webhooks_outgoing_endpoint)} new" %>
+        <% if can? :create, Webhooks::Outgoing::Endpoint.new(BulletTrain::OutgoingWebhooks.parent_association => @parent) %>
+          <%= link_to t('.buttons.new'), [:new, :account, @parent, :webhooks_outgoing_endpoint], class: "#{first_button_primary(:webhooks_outgoing_endpoint)} new" %>
         <% end %>
       <% end %>

data/app/views/account/webhooks/outgoing/endpoints/_menu_item.html.erb CHANGED Viewed

@@ -1,6 +1,6 @@
-<% if can? :read, Webhooks::Outgoing::Endpoint.new(team: current_team) %>
+<% if can? :read, Webhooks::Outgoing::Endpoint.new(BulletTrain::OutgoingWebhooks.parent_association => send(BulletTrain::OutgoingWebhooks.current_parent_method)) %>
   <%= render 'account/shared/menu/item', {
-    url: main_app.polymorphic_path([:account, current_team, :webhooks_outgoing_endpoints]),
+    url: main_app.polymorphic_path([:account, send(BulletTrain::OutgoingWebhooks.current_parent_method), :webhooks_outgoing_endpoints]),
     label: t('webhooks/outgoing/endpoints.navigation.label'),
   } do |p| %>
     <% p.content_for :icon do %>

data/app/views/account/webhooks/outgoing/endpoints/show.html.erb CHANGED Viewed

@@ -32,7 +32,7 @@
       <% p.content_for :actions do %>
         <%= link_to t('.buttons.edit'), [:edit, :account, @endpoint], class: first_button_primary if can? :edit, @endpoint %>
         <%= button_to t('.buttons.destroy'), [:account, @endpoint], method: :delete, class: first_button_primary, data: { confirm: t('.buttons.confirmations.destroy', model_locales(@endpoint)) } if can? :destroy, @endpoint %>
-        <%= link_to t('global.buttons.back'), [:account, @team, :webhooks_outgoing_endpoints], class: first_button_primary %>
+        <%= link_to t('global.buttons.back'), [:account, @parent, :webhooks_outgoing_endpoints], class: first_button_primary %>
       <% end %>
     <% end %>

data/config/routes.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 Rails.application.routes.draw do
   namespace :account do
     shallow do
-      resources :teams do
+      resources BulletTrain::OutgoingWebhooks.parent_resource do
         namespace :webhooks do
           namespace :outgoing do
             resources :events

data/db/migrate/20180420013127_create_webhooks_outgoing_endpoints.rb ADDED Viewed

@@ -0,0 +1,10 @@
+class CreateWebhooksOutgoingEndpoints < ActiveRecord::Migration[5.2]
+  def change
+    create_table :webhooks_outgoing_endpoints do |t|
+      t.references :team, foreign_key: true
+      t.text :url
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20180420013505_create_webhooks_outgoing_endpoint_event_types.rb ADDED Viewed

@@ -0,0 +1,10 @@
+class CreateWebhooksOutgoingEndpointEventTypes < ActiveRecord::Migration[5.2]
+  def change
+    create_table :webhooks_outgoing_endpoint_event_types do |t|
+      t.integer :endpoint_id
+      t.integer :event_type_id
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20180420013852_create_webhooks_outgoing_event_types.rb ADDED Viewed

@@ -0,0 +1,9 @@
+class CreateWebhooksOutgoingEventTypes < ActiveRecord::Migration[5.2]
+  def change
+    create_table :webhooks_outgoing_event_types do |t|
+      t.string :name
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20180420014623_create_webhooks_outgoing_events.rb ADDED Viewed

@@ -0,0 +1,12 @@
+class CreateWebhooksOutgoingEvents < ActiveRecord::Migration[5.2]
+  def change
+    create_table :webhooks_outgoing_events do |t|
+      t.integer :event_type_id
+      t.integer :subject_id
+      t.string :subject_type
+      t.jsonb :body
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20180420021016_create_webhooks_outgoing_deliveries.rb ADDED Viewed

@@ -0,0 +1,11 @@
+class CreateWebhooksOutgoingDeliveries < ActiveRecord::Migration[5.2]
+  def change
+    create_table :webhooks_outgoing_deliveries do |t|
+      t.integer :endpoint_id
+      t.integer :event_id
+      t.text :endpoint_url
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20180420022027_add_team_to_webhooks_outgoing_events.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddTeamToWebhooksOutgoingEvents < ActiveRecord::Migration[5.2]
+  def change
+    add_reference :webhooks_outgoing_events, :team, foreign_key: true
+  end
+end

data/db/migrate/20180420165345_create_webhooks_outgoing_delivery_attempts.rb ADDED Viewed

@@ -0,0 +1,11 @@
+class CreateWebhooksOutgoingDeliveryAttempts < ActiveRecord::Migration[5.2]
+  def change
+    create_table :webhooks_outgoing_delivery_attempts do |t|
+      t.integer :delivery_id
+      t.integer :response_code
+      t.text :response_body
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20180420172112_add_error_message_to_webhooks_outgoing_delivery_attempt.rb ADDED Viewed

@@ -0,0 +1,6 @@
+class AddErrorMessageToWebhooksOutgoingDeliveryAttempt < ActiveRecord::Migration[5.2]
+  def change
+    add_column :webhooks_outgoing_delivery_attempts, :response_message, :text
+    add_column :webhooks_outgoing_delivery_attempts, :error_message, :text
+  end
+end

data/db/migrate/20181012234232_add_name_to_webhooks_outgoing_endpoints.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddNameToWebhooksOutgoingEndpoints < ActiveRecord::Migration[5.2]
+  def change
+    add_column :webhooks_outgoing_endpoints, :name, :string
+  end
+end

data/db/migrate/20181013030208_add_delivered_at_to_webhooks_outgoing_deliveries.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddDeliveredAtToWebhooksOutgoingDeliveries < ActiveRecord::Migration[5.2]
+  def change
+    add_column :webhooks_outgoing_deliveries, :delivered_at, :datetime
+  end
+end

data/db/migrate/20181013165056_add_uuid_to_webhooks_outgoing_events.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddUuidToWebhooksOutgoingEvents < ActiveRecord::Migration[5.2]
+  def change
+    add_column :webhooks_outgoing_events, :uuid, :string
+  end
+end

data/db/migrate/20181013174539_add_payload_to_webhooks_outgoing_events.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddPayloadToWebhooksOutgoingEvents < ActiveRecord::Migration[5.2]
+  def change
+    add_column :webhooks_outgoing_events, :payload, :jsonb
+  end
+end

data/db/migrate/20181013192951_add_attempt_number_to_webhooks_outgoing_delivery_attempts.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddAttemptNumberToWebhooksOutgoingDeliveryAttempts < ActiveRecord::Migration[5.2]
+  def change
+    add_column :webhooks_outgoing_delivery_attempts, :attempt_number, :integer
+  end
+end

data/db/migrate/20210805060451_change_body_to_data_on_webhooks_outgoing_events.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class ChangeBodyToDataOnWebhooksOutgoingEvents < ActiveRecord::Migration[6.1]
+  def change
+    rename_column :webhooks_outgoing_events, :body, :data
+  end
+end

data/db/migrate/20211126230846_add_event_type_ids_to_webhooks_outgoing_endpoints.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddEventTypeIdsToWebhooksOutgoingEndpoints < ActiveRecord::Migration[6.1]
+  def change
+    add_column :webhooks_outgoing_endpoints, :event_type_ids, :jsonb, default: []
+  end
+end

data/db/migrate/20211126230847_migrate_event_type_ids_on_webhooks_outgoing_endpoints.rb ADDED Viewed

@@ -0,0 +1,8 @@
+class MigrateEventTypeIdsOnWebhooksOutgoingEndpoints < ActiveRecord::Migration[6.1]
+  def change
+    Webhooks::Outgoing::Endpoint.find_each do |endpoint|
+      event_type_ids = ActiveRecord::Base.connection.execute("SELECT * FROM webhooks_outgoing_endpoint_event_types JOIN webhooks_outgoing_event_types ON webhooks_outgoing_endpoint_event_types.event_type_id = webhooks_outgoing_event_types.id WHERE endpoint_id = #{endpoint.id}").to_a.map { |result| result.dig("name") }
+      endpoint.update(event_type_ids: event_type_ids)
+    end
+  end
+end

data/db/migrate/20211127013539_remove_event_type_from_webhooks_outgoing_events.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class RemoveEventTypeFromWebhooksOutgoingEvents < ActiveRecord::Migration[6.1]
+  def change
+    remove_reference :webhooks_outgoing_events, :event_type, null: false, foreign_key: false
+  end
+end

data/db/migrate/20211127013800_add_new_event_type_id_to_webhooks_outgoing_events.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddNewEventTypeIdToWebhooksOutgoingEvents < ActiveRecord::Migration[6.1]
+  def change
+    add_column :webhooks_outgoing_events, :event_type_id, :string
+  end
+end

data/db/migrate/20211127014001_migrate_event_types_on_webhooks_outgoing_events.rb ADDED Viewed

@@ -0,0 +1,10 @@
+class MigrateEventTypesOnWebhooksOutgoingEvents < ActiveRecord::Migration[6.1]
+  def up
+    Webhooks::Outgoing::Event.find_each do |event|
+      event.update_column(:event_type_id, event.payload.dig("event_type"))
+    end
+  end
+  def down
+  end
+end

data/db/migrate/20211127015712_drop_webhooks_outgoing_endpoint_event_types.rb ADDED Viewed

@@ -0,0 +1,9 @@
+class DropWebhooksOutgoingEndpointEventTypes < ActiveRecord::Migration[6.1]
+  def up
+    drop_table :webhooks_outgoing_endpoint_event_types
+  end
+  def down
+    raise ActiveRecord::IrreversibleMigration
+  end
+end

data/db/migrate/20211127015713_drop_webhooks_outgoing_event_types.rb ADDED Viewed

@@ -0,0 +1,9 @@
+class DropWebhooksOutgoingEventTypes < ActiveRecord::Migration[6.1]
+  def up
+    drop_table :webhooks_outgoing_event_types
+  end
+  def down
+    raise ActiveRecord::IrreversibleMigration
+  end
+end

data/lib/bullet_train/outgoing_webhooks/engine.rb CHANGED Viewed

@@ -1,6 +1,38 @@
 module BulletTrain
   module OutgoingWebhooks
     class Engine < ::Rails::Engine
+      config.before_configuration do
+        default_blocked_cidrs = %w[
+          10.0.0.0/8
+          172.16.0.0/12
+          192.168.0.0/16
+          100.64.0.0/10
+          127.0.0.0/8
+          169.254.169.254/32
+          fc00::/7
+          ::1
+        ]
+        config.outgoing_webhooks = {
+          blocked_cidrs: default_blocked_cidrs,
+          allowed_cidrs: [],
+          blocked_hostnames: %w[localhost],
+          allowed_hostnames: [],
+          public_resolvers: %w[8.8.8.8 1.1.1.1],
+          allowed_schemes: %w[http https],
+          custom_block_callback: nil,
+          custom_allow_callback: nil,
+          audit_callback: ->(obj, uri) { Rails.logger.error("BlockedURI obj=#{obj.persisted? ? obj.to_global_id : "New #{obj.class}"} uri=#{uri}") }
+        }
+      end
+      initializer "bullet_train.outgoing_webhooks.register_api_endpoints" do |app|
+        if Object.const_defined?("BulletTrain::Api")
+          BulletTrain::Api.endpoints << "Api::V1::Webhooks::Outgoing::EndpointsEndpoint"
+          BulletTrain::Api.endpoints << "Api::V1::Webhooks::Outgoing::DeliveriesEndpoint"
+          BulletTrain::Api.endpoints << "Api::V1::Webhooks::Outgoing::DeliveryAttemptsEndpoint"
+        end
+      end
     end
   end
 end

data/lib/bullet_train/outgoing_webhooks/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module BulletTrain
   module OutgoingWebhooks
-    VERSION = "1.0.2"
+    VERSION = "1.0.5"
   end
 end