codebot 1.2.0

data/lib/codebot/cryptography.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'openssl'
+require 'securerandom'
+
+module Codebot
+  # This module provides convenience methods for performing cryptographic
+  # operations.
+  module Cryptography
+    # Generates a random name for an integration endpoint.
+    #
+    # @return [String] the generated name
+    def self.generate_endpoint
+      SecureRandom.uuid
+    end
+
+    # Generates a random webhook secret.
+    #
+    # @return [String] the generated secret
+    def self.generate_secret(len = nil)
+      SecureRandom.base64(len || 32)
+    end
+
+    # Verifies a webhook signature.
+    #
+    # @param body [String] the webhook body
+    # @param secret [String] the correct secret
+    # @param signature [String] the signature to verify
+    # @return [Boolean] whether the signature is correct
+    def self.valid_signature?(body, secret, signature)
+      return false if signature.nil?
+
+      digest = OpenSSL::Digest.new 'sha1'
+      good_signature = 'sha1=' + OpenSSL::HMAC.hexdigest(digest, secret, body)
+      Rack::Utils.secure_compare good_signature, signature
+    end
+  end
+end

data/lib/codebot/event.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module Codebot
+  # This module provides methods for processing webhook events.
+  module Event
+    # The currently supported events.
+    VALID_SYMBOLS = %i[
+      commit_comment
+      fork
+      gollum
+      issue_comment
+      issues
+      ping
+      public
+      pull_request
+      pull_request_review_comment
+      push
+      watch
+
+      gitlab_push_hook
+      gitlab_tag_push_hook
+      gitlab_job_hook
+      gitlab_build_hook
+      gitlab_pipeline_hook
+      gitlab_issue_hook
+      gitlab_note_hook
+      gitlab_merge_request_hook
+      gitlab_wiki_page_hook
+    ].freeze
+    # TODO: Support for create
+    # TODO: Support for delete
+    # TODO: Support for deployment
+    # TODO: Support for deployment_status
+    # TODO: Support for installation
+    # TODO: Support for installation_repositories
+    # TODO: Support for label
+    # TODO: Support for marketplace_purchase
+    # TODO: Support for member
+    # TODO: Support for membership
+    # TODO: Support for milestone
+    # TODO: Support for organization
+    # TODO: Support for org_block
+    # TODO: Support for page_build
+    # TODO: Support for project_card
+    # TODO: Support for project_column
+    # TODO: Support for project
+    # TODO: Support for pull_request_review
+    # TODO: Support for repository
+    # TODO: Support for release
+    # TODO: Support for status
+    # TODO: Support for team
+    # TODO: Support for team_add
+
+    # Converts a webhook event to its corresponding symbol.
+    #
+    # @param str [String] the event string
+    # @return [Symbol, nil] the symbol, or +nil+ if the event is not supported
+    def self.symbolize(str)
+      VALID_SYMBOLS.find { |sym| sym.to_s.casecmp(str).zero? }
+    end
+  end
+end

data/lib/codebot/ext/cinch/ssl_extensions.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+require 'cinch'
+
+module Codebot
+  # Extensions
+  module Ext
+    # Cinch extensions
+    module Cinch
+      # Cinch SSL extensions
+      module SSLExtensions
+        # Patch the OpenSSL::SSL::SSLContext#ca_path= method to set cert_store
+        # to the default certificate store, which Cinch does not currently do.
+        #
+        # @param path [String] the path to the CA certificate directory
+        def ca_path=(path)
+          if caller(1..1).first.include?('/lib/cinch/')
+            puts 'Codebot: patching Cinch to use the default certificate store'
+            self.cert_store = OpenSSL::X509::Store.new.tap(&:set_default_paths)
+          end
+          super
+        end
+      end
+    end
+  end
+end
+
+# Patch module OpenSSL
+module OpenSSL
+  # Patch module OpenSSL::SSL
+  module SSL
+    # Patch class OpenSSL::SSL::SSLContext
+    class SSLContext
+      prepend Codebot::Ext::Cinch::SSLExtensions
+    end
+  end
+end

data/lib/codebot/formatter.rb

@@ -0,0 +1,242 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'uri'
+
+module Codebot
+  # This class formats events.
+  class Formatter # rubocop:disable Metrics/ClassLength
+    # @return [Object] the JSON payload object
+    attr_reader :payload
+
+    # Initializes a new formatter.
+    #
+    # @param payload [Object] the JSON payload object
+    def initialize(payload, shortener)
+      @payload = payload
+      @shortener = shortener
+    end
+
+    # Formats IRC messages for an unknown event.
+    #
+    # @return [Array<String>] the formatted messages
+    def format
+      ['An unknown event occurred']
+    end
+
+    # Shortens the summary URL. If this method is used, the child class must
+    # implement the +#summary_url+ method.
+    #
+    # @return [String] the shortened summary URL
+    def url
+      shorten_url summary_url
+    end
+
+    def gitlab_url
+      summary_url
+    end
+
+    # Formats a repository name.
+    #
+    # @param repository [String] the name
+    # @return [String] the formatted name
+    def format_repository(repository)
+      ::Cinch::Formatting.format(:pink, repository.to_s)
+    end
+
+    # Formats a branch name.
+    #
+    # @param branch [String] the name
+    # @return [String] the formatted name
+    def format_branch(branch)
+      ::Cinch::Formatting.format(:purple, branch.to_s)
+    end
+
+    # Formats a commit hash.
+    #
+    # @param hash [String] the hash
+    # @return [String] the formatted hash
+    def format_hash(hash)
+      ::Cinch::Formatting.format(:grey, hash.to_s[0..6])
+    end
+
+    # Formats a user name.
+    #
+    # @param user [String] the name
+    # @return [String] the formatted name
+    def format_user(user)
+      ::Cinch::Formatting.format(:silver, user.to_s)
+    end
+
+    # Formats a URL.
+    #
+    # @param url [String] the URL
+    # @return [String] the formatted URL
+    def format_url(url)
+      ::Cinch::Formatting.format(:blue, :underline, url.to_s)
+    end
+
+    # Formats a number.
+    #
+    # @param num [Integer] the number
+    # @param singular [String, nil] the singular noun to append to the number
+    # @param plural [String, nil] the plural noun to append to the number
+    # @return [String] the formatted number
+    def format_number(num, singular = nil, plural = nil)
+      bold_num = ::Cinch::Formatting.format(:bold, num.to_s)
+      (bold_num + ' ' + (num == 1 ? singular : plural).to_s).strip
+    end
+
+    # Formats the name of a potentially dangerous operation, such as a deletion
+    # or force-push.
+    #
+    # @param text [String] the text to format
+    # @return [String] the formatted text
+    def format_dangerous(text)
+      ::Cinch::Formatting.format(:red, text.to_s)
+    end
+
+    # Formats the name of a webhook event.
+    #
+    # @param name [String] the name to format
+    # @return [String] the formatted name
+    def format_event(name)
+      ::Cinch::Formatting.format(:bold, name.to_s)
+    end
+
+    # Constructs a sentence from array elements, connecting them with commas
+    # and conjunctions.
+    #
+    # @param ary [Array<String>] the array
+    # @param empty_sentence [String, nil] the sentence to return if the array
+    #                                     is empty
+    # @return [String] the constructed sentence
+    def ary_to_sentence(ary, empty_sentence = nil)
+      case ary.length
+      when 0 then empty_sentence.to_s
+      when 1 then ary.first
+      when 2 then ary.join(' and ')
+      else
+        *ary, last_element = ary
+        ary_to_sentence([ary.join(', '), last_element])
+      end
+    end
+
+    # Sanitize the given text for delivery to an IRC channel. Most importantly,
+    # this method prevents attackers from injecting arbitrary commands into the
+    # bot's connection by ensuring that the text does not contain any newline
+    # characters. Any IRC formatting codes in the text are also removed.
+    #
+    # @param text [String] the text to sanitize
+    # @return [String] the sanitized text
+    def sanitize(text)
+      ::Cinch::Formatting.unformat(text.to_s.gsub(/[[:space:]]+/, ' ')).strip
+    end
+
+    # Truncates the given text, appending a suffix if it was above the allowed
+    # length.
+    #
+    # @param text [String] the text to truncate
+    # @param suffix [String] the suffix to append if the text is truncated
+    # @param length [Integer] the maximum length including the suffix
+    # @yield [String] the truncated string before the ellipsis is appended
+    # @return short [String] the abbreviated text
+    def abbreviate(text, suffix: ' ...', length: 200)
+      content_length = length - suffix.length
+      short = text.to_s.lines.first.to_s.strip[0...content_length].strip
+      yield text if block_given?
+      short << suffix unless short.eql? text.to_s.strip
+      short
+    end
+
+    # Abbreviates the given text, removes any trailing punctuation except for
+    # the ellipsis appended if the text was truncated, and sanitizes the text
+    # for delivery to IRC.
+    #
+    # @param text [String] the text to process
+    # @return [String] the processed text
+    def prettify(text)
+      pretty = abbreviate(text) { |short| short.sub!(/[[:punct:]]+\z/, '') }
+      sanitize pretty
+    end
+
+    # Extracts the repository name from the payload.
+    #
+    # @return [String, nil] the repository name
+    def repository_name
+      extract(:repository, :name)
+    end
+
+    # Extracts the repository URL from the payload.
+    #
+    # @return [String, nil] the repository URL
+    def repository_url
+      extract(:repository, :html_url)
+    end
+
+    def gitlab_repository_url
+      extract(:repository, :homepage)
+    end
+
+    # Extracts the action from the payload.
+    #
+    # @return [String, nil] the action
+    def action
+      extract(:action).to_s
+    end
+
+    def gitlab_action
+      extract(:object_attributes, :action).to_s
+    end
+
+    # Checks whether the action is 'opened'.
+    #
+    # @return [Boolean] whether the action is 'opened'.
+    def opened?
+      action.eql? 'opened'
+    end
+
+    # Checks whether the action is 'closed'.
+    #
+    # @return [Boolean] whether the action is 'closed'.
+    def closed?
+      action.eql? 'closed'
+    end
+
+    def gitlab_opened?
+      gitlab_action.eql? 'open'
+    end
+
+    # Checks whether the action is 'closed'.
+    #
+    # @return [Boolean] whether the action is 'closed'.
+    def gitlab_closed?
+      gitlab_action.eql? 'close'
+    end
+
+    # Extracts the user name of the person who triggered this event.
+    #
+    # @return [String, nil] the user name
+    def sender_name
+      extract(:sender, :login)
+    end
+
+    # Safely extracts a value from a JSON object.
+    #
+    # @param path [Array<#to_s>] the path to traverse
+    # @return [Object, nil] the extracted object or +nil+ if no object was
+    #                       found at the given path
+    def extract(*path)
+      node = payload
+      node if path.all? do |sub|
+        break unless node.is_a? Hash
+
+        node = node[sub.to_s]
+      end
+    end
+
+    def shorten_url(url)
+      @shortener.shorten_url(url)
+    end
+  end
+end

data/lib/codebot/formatters.rb

@@ -0,0 +1,109 @@
+# frozen_string_literal: true
+
+require 'cinch'
+require 'codebot/formatter'
+require 'codebot/formatters/commit_comment'
+require 'codebot/formatters/fork'
+require 'codebot/formatters/gollum'
+require 'codebot/formatters/issue_comment'
+require 'codebot/formatters/issues'
+require 'codebot/formatters/ping'
+require 'codebot/formatters/public'
+require 'codebot/formatters/pull_request'
+require 'codebot/formatters/pull_request_review_comment'
+require 'codebot/formatters/push'
+require 'codebot/formatters/watch'
+require 'codebot/formatters/gitlab_push_hook'
+require 'codebot/formatters/gitlab_issue_hook'
+require 'codebot/formatters/gitlab_job_hook'
+require 'codebot/formatters/gitlab_pipeline_hook'
+require 'codebot/formatters/gitlab_note_hook'
+require 'codebot/formatters/gitlab_merge_request_hook'
+require 'codebot/formatters/gitlab_wiki_page_hook'
+require 'codebot/shortener'
+
+module Codebot
+  # This module provides methods for formatting outgoing IRC messages.
+  module Formatters
+    # Formats IRC messages for an event.
+    #
+    # @param event [Symbol] the webhook event
+    # @param payload [Object] the JSON payload object
+    # @param color [Boolean] whether to use formatting codes
+    # @return [Array<String>] the formatted messages
+    def self.format(event, payload, integration, color = true)
+      messages = format_color(event, payload, integration).to_a
+      messages.map! { |msg| "\x0F" + msg }
+      messages.map! { |msg| ::Cinch::Formatting.unformat(msg) } unless color
+      messages
+    rescue StandardError => e
+      STDERR.puts e.message
+      STDERR.puts e.backtrace
+      url = ::Cinch::Formatting.format(:blue, :underline, FORMATTER_ISSUE_URL)
+      ['An error occurred while formatting this message. More information ' \
+       "has been printed to STDERR. Please report this issue to #{url}."]
+    end
+
+    def self.shortener(inte)
+      Shortener::Custom.new(inte.shortener_url, inte.shortener_secret)
+    end
+
+    def self.create_formatter(event, payload, integration) # rubocop:disable Metrics/LineLength, Metrics/MethodLength, Metrics/CyclomaticComplexity, Metrics/AbcSize
+      case event
+      when :commit_comment
+        Formatters::CommitComment.new(payload, Shortener::Github.new)
+      when :fork
+        Formatters::Fork.new(payload, Shortener::Github.new)
+      when :gollum
+        Formatters::Gollum.new(payload, Shortener::Github.new)
+      when :issue_comment
+        Formatters::IssueComment.new(payload, Shortener::Github.new)
+      when :issues
+        Formatters::Issues.new(payload, Shortener::Github.new)
+      when :ping
+        Formatters::Ping.new(payload, Shortener::Github.new)
+      when :public
+        Formatters::Public.new(payload, Shortener::Github.new)
+      when :pull_request
+        Formatters::PullRequest.new(payload, Shortener::Github.new)
+      when :pull_request_review_comment
+        Formatters::PullRequestReviewComment.new(payload, Shortener::Github.new)
+      when :push
+        Formatters::Push.new(payload, Shortener::Github.new)
+      when :watch
+        Formatters::Watch.new(payload, Shortener::Github.new)
+      when :gitlab_push_hook
+        Formatters::Gitlab::PushHook.new(payload, shortener(integration))
+      when :gitlab_tag_push_hook
+        Formatters::Gitlab::PushHook.new(payload, shortener(integration))
+      when :gitlab_job_hook
+        Formatters::Gitlab::JobHook.new(payload, shortener(integration))
+      when :gitlab_build_hook
+        Formatters::Gitlab::JobHook.new(payload, shortener(integration))
+      when :gitlab_pipeline_hook
+        Formatters::Gitlab::PipelineHook.new(payload, shortener(integration))
+      when :gitlab_issue_hook
+        Formatters::Gitlab::IssueHook.new(payload, shortener(integration))
+      when :gitlab_note_hook
+        Formatters::Gitlab::NoteHook.new(payload, shortener(integration))
+      when :gitlab_merge_request_hook
+        Formatters::Gitlab::MergeRequestHook.new(payload,
+                                                 shortener(integration))
+      when :gitlab_wiki_page_hook
+        Formatters::Gitlab::WikiPageHook.new(payload,
+                                             shortener(integration))
+      else "Error: missing formatter for #{event.inspect}"
+      end
+    end
+
+    # Formats colored IRC messages. This method should not be called directly
+    # from outside this module.
+    #
+    # @param event [Symbol] the webhook event
+    # @param payload [Object] the JSON payload object
+    # @return [Array<String>] the formatted messages
+    def self.format_color(event, payload, integration) # rubocop:disable Metrics/LineLength
+      create_formatter(event, payload, integration).format
+    end
+  end
+end