pg_rails 7.0.8.pre.alpha.83 → 7.0.8.pre.alpha.84

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f13f3f371227ad2016ab3996077254555a2d258d2132b6c61e1dbb616cdabf48
-  data.tar.gz: 11206668b12f2acfc9f7878ab7049b27476f7984013a5a107a269ab8273aa8bd
+  metadata.gz: 9c61900d2d0b3a827718b84a3cab67f4851b2eb3087e7fbc1d313f0acf163bf3
+  data.tar.gz: bfca92cbb58ba292877ccb61b15b08049a0d800fdc13408f82647e9ea7c66ee9
 SHA512:
-  metadata.gz: b274dd6247c0d49ced832c8ad44c7bfb4c2916876b87921399c88468ee4297c0008ca2fd9a1a806db8477a7d9fada576b8b02faa19c48fe69298bb8a33bd32fe
-  data.tar.gz: 6a4dbbff767631ed6f1ee0cf9b1eea4a8e8ef7f61c015b900b3f6d4656481f9b74aecd77704bd65931884665230194bbec53d3710c64c27c8b32cde6d77309fb
+  metadata.gz: 2282deaa98881e20bd0b754c6496fc9da679214760ea45fd5f8c2f0b64a0903e1557cffb2f8d4c13b156d46e62b237113bf8f24bdba676436a404eb1e57e37c5
+  data.tar.gz: d9ece2e6b39c53169548c253afdb18fb9707d76bc762b0b86b7cc2656e563a4efea6d303f51814aac22926effd37ef1ec1d6c6a6d00bded153476864586f6b14

data/pg_engine/app/controllers/pg_engine/base_controller.rb

@@ -40,6 +40,9 @@ module PgEngine
           render turbo_stream: (turbo_stream.remove_all('.modal') + render_turbo_stream_flash_messages),
                  status: :internal_server_error
         end
+        format.any do
+          head :internal_server_error
+        end
       end
     end
 

data/pg_engine/app/controllers/public/webhooks_controller.rb

@@ -1,10 +1,77 @@
 module Public
   class WebhooksController < PublicController
+    skip_before_action :verify_authenticity_token
+
+    before_action :verify_signature, only: :mailgun
+
+    rescue_from StandardError do
+      pg_err 'webhook internal server error', request.body.read
+      head :internal_server_error
+    end
+
+    rescue_from ActionDispatch::Http::Parameters::ParseError do
+      pg_warn 'webhook parser error', request.body.read
+      head :bad_request
+    end
+
     def mailgun
-      # FIXME: verify signature
-      # params['signature']['timestamp']
-      PgEngine::Mailgun::LogSync.digest(params['event-data'])
+      if PgEngine::Mailgun::LogSync.digest(params['event-data'])
+        head :ok
+      else
+        # Si no se guardó el log es porque ya existía un log con ese ID
+        # Mando :not_acceptable (406) para que Mailgun no vuelva a intentar
+        # https://documentation.mailgun.com/docs/mailgun/user-manual/tracking-messages
+        pg_warn 'ya existía un log con ese id, raaaaro', params
+        head :not_acceptable
+      end
+    end
+
+    private
+
+    def used_tokens
+      Kredis.unique_list 'mailgun_webhook_used_tokens'
+    end
+
+    def not_used_token(token)
+      if used_tokens.elements.include?(token)
+        pg_warn 'Mailgun Webhook: refusing used token'
+        head :ok
+
+        false
+      else
+        used_tokens << token
+        true
+      end
+    end
+
+    def timestamp_not_too_far(timestamp)
+      if (Time.zone.at(timestamp.to_i) - Time.zone.now).abs > 1.hour
+        pg_warn 'Mailgun Webhook: refusing due to timestamp too far'
+        head :ok
+
+        false
+      else
+        true
+      end
+    end
+
+    def verify_signature
+      timestamp = params['signature']['timestamp']
+      token = params['signature']['token']
+      signature = params['signature']['signature']
+      hexdigest = encode(timestamp + token)
+
+      return unless not_used_token(token)
+      return unless timestamp_not_too_far(timestamp)
+      return unless hexdigest != signature
+
+      pg_warn 'Mailgun Webhook: refusing invalid signature'
       head :ok
     end
+
+    def encode(data)
+      webhook_secret_key = Rails.application.credentials.dig(:mailgun, :webhook_secret_key)
+      OpenSSL::HMAC.hexdigest('sha256', webhook_secret_key, data)
+    end
   end
 end

data/pg_engine/lib/pg_engine/mailgun/log_sync.rb

@@ -47,8 +47,6 @@ module PgEngine
           timestamp: item['timestamp'],
           message_id:
         )
-      rescue StandardError => e
-        pg_err e, item
       end
 
       def self.write_log(items)

data/pg_engine/lib/pg_engine/utils/check_invalid_records.rb

@@ -0,0 +1,39 @@
+# :nocov:
+module PgEngine
+  module Utils
+    class CheckInvalidRecords
+      def run
+        invalids = []
+        classes.each do |klass|
+          klass.find_each do |record|
+            invalids << record unless record.valid?
+          end
+        end
+        invalids.map do |r|
+          [
+            (r.account.to_s if r.respond_to?(:account)),
+            r.class.to_s,
+            r.id,
+            r.errors.full_messages
+          ]
+        end
+      end
+
+      def classes
+        ActiveRecord::Base.descendants - ignored_classes
+      end
+
+      def ignored_classes
+        [
+          ActiveStorage::Record,
+          PgEngine::BaseRecord,
+          ActiveAdmin::Comment,
+          Audited::Audit,
+          ActiveStorage::Blob,
+          ApplicationRecord
+        ]
+      end
+    end
+  end
+end
+# :nocov:

data/pg_engine/lib/pg_engine/utils/pg_logger.rb

@@ -37,6 +37,10 @@ end
 
 module PgEngine
   class PgLogger
+    def self.test_logged_messages
+      @test_logged_messages ||= []
+    end
+
     class << self
       def log(type, *args)
         notify_all(build_msg(*args), type)
@@ -48,6 +52,7 @@ module PgEngine
         send_to_logger(mensaje, type)
         send_to_rollbar(mensaje, type)
         send_to_stdout(mensaje, type) if ENV.fetch('LOG_TO_STDOUT', nil)
+        save_internal(mensaje, type) if Rails.env.test?
         nil
       end
 
@@ -68,6 +73,10 @@ module PgEngine
         Rails.logger.send(type, rainbow_wrap(mensaje, type))
       end
 
+      def save_internal(mensaje, type)
+        PgEngine::PgLogger.test_logged_messages << [type, mensaje]
+      end
+
       # Format
 
       # TODO: loguear time
@@ -117,7 +126,9 @@ module PgEngine
 
       def cleaner
         bc = ActiveSupport::BacktraceCleaner.new
-        bc.add_filter   { |line| line.gsub(%r{.*pg_rails/}, '') }
+        bc.remove_silencers!
+        pattern = %r{\A[^/]+ \([\w.]+\) }
+        bc.add_silencer { |line| pattern.match?(line) && !line.match?(/pg_contable|pg_rails/) }
         bc.add_silencer { |line| /pg_logger/.match?(line) }
         bc
       end

data/pg_engine/spec/controllers/pg_engine/base_controller_spec.rb

@@ -60,6 +60,17 @@ describe DummyBaseController do
         expect(response.body).to include '<turbo-stream action="remove" targets=".modal">'
       end
     end
+
+    context 'cuando acepta json' do
+      before do
+        request.headers['Accept'] = 'application/json'
+      end
+
+      fit do
+        subject
+        expect(response).to have_http_status(:internal_server_error)
+      end
+    end
   end
 
   describe 'not_authorized' do

data/pg_engine/spec/controllers/public/webhooks_controller_spec.rb

@@ -1,33 +1,47 @@
 require 'rails_helper'
 
-describe Public::WebhooksController do
+RSpec::Matchers.define_negated_matcher :not_change, :change
+
+def build_body(log_id, signature, timestamp)
+  <<~JSON
+    {
+      "signature": {
+        "timestamp": "#{timestamp}",
+        "token": "6fcc81a280a2458de8c83bf22dde8c71485be1d51333d3427e",
+        "signature": "#{signature}"
+      },
+      "event-data": {
+        "timestamp": 1715014542.2477064,
+        "ip": "66.102.8.333",
+        "event": "delivered",
+        "id": "#{log_id}",
+        "severity":"temporary",
+        "log-level": "info",
+        "message": {
+            "headers": { "message-id": "msgid@fakeapp2024.mail" }
+        },
+        "recipient": "natprobel@fakemail.com"
+      }
+    }
+  JSON
+end
+
+fdescribe Public::WebhooksController do
+  include ActiveSupport::Testing::TimeHelpers
+
+  before { travel_to Time.zone.at(1_716_564_587) }
+
   describe '#mailgun' do
     subject do
       post :mailgun, body:, as: :json
     end
 
+    let(:signature) { 'c524037907046276117758afae8a340e77a43a6e48eb35a9521426e7a3ff675b' }
+    let(:log_id) { 'log_2' }
+    let(:timestamp) { '1716564587' }
+
     let(:body) do
-      <<~JSON
-        {
-          "signature": {
-            "timestamp": "1529006854",
-            "token": "a8ce0edb2dd8301dee6c2405235584e45aa91d1e9f979f3de0",
-            "signature": "d2271d12299f6592d9d44cd9d250f0704e4674c30d79d07c47a66f95ce71cf55"
-          },
-          "event-data": {
-            "timestamp": 1715014542.2477064,
-            "ip": "66.102.8.333",
-            "event": "delivered",
-            "id": "log_2",
-            "severity":"temporary",
-            "log-level": "info",
-            "message": {
-                "headers": { "message-id": "msgid@fakeapp2024.mail" }
-            },
-            "recipient": "natprobel@fakemail.com"
-          }
-        }
-      JSON
+      build_body(log_id, signature, timestamp)
     end
 
     it do
@@ -38,5 +52,91 @@ describe Public::WebhooksController do
     it do
       expect { subject }.to change(EmailLog, :count).by(1)
     end
+
+    context 'cuando tira internal server error' do
+      let(:body) { '{ "este json": "no me sirve" }' }
+
+      it do
+        subject
+        expect(response).to have_http_status(:internal_server_error)
+      end
+
+      fit do
+        expect { subject }.to have_errored('internal server error')
+          .and(have_errored('no me sirve'))
+      end
+    end
+
+    context 'cuando no es un json' do
+      let(:body) { 'mal json' }
+
+      it do
+        subject
+        expect(response).to have_http_status(:bad_request)
+      end
+
+      fit do
+        expect { subject }.to have_warned('parser error').and(have_warned('mal json'))
+      end
+    end
+
+    context 'cuando ya existe un log con ese ID' do
+      before do
+        create(:email_log, log_id:)
+      end
+
+      it do
+        expect { subject }.to have_warned('ya existía un log con ese id')
+          .and(not_change(EmailLog, :count))
+      end
+    end
+
+    shared_context 'todo bien pero no guarda el log' do
+      it 'responds ok' do
+        subject
+        expect(response).to have_http_status(:ok)
+      end
+
+      it 'no guarda el log ;)' do
+        expect { subject }.not_to change(EmailLog, :count)
+      end
+    end
+
+    context 'si la signature no es válida' do
+      let(:signature) { 'no válida' }
+
+      it_behaves_like 'todo bien pero no guarda el log'
+
+      fit do
+        expect { subject }.to have_warned('refusing invalid signature')
+      end
+    end
+
+    context 'cuando ya se usó el token' do
+      subject do
+        post :mailgun, body: build_body('otro id', signature, timestamp), as: :json
+      end
+
+      before do
+        post :mailgun, body: build_body(log_id, signature, timestamp), as: :json
+      end
+
+      it_behaves_like 'todo bien pero no guarda el log'
+
+      fit do
+        expect { subject }.to have_warned('refusing used token')
+      end
+    end
+
+    context 'cuando la timestamp está muy lejos' do
+      let(:timestamp) { '1111111' }
+      let(:signature) { '869c06cea4be27321a6a7c6a8e3d0668bb9c2b5b3de5532f644dba181a157d9a' }
+
+      it_behaves_like 'todo bien pero no guarda el log'
+
+      fit do
+        expect { subject }.to have_warned('refusing due to timestamp')
+      end
+    end
   end
 end

data/pg_engine/spec/lib/pg_engine/mailgun/log_sync_spec.rb

@@ -92,7 +92,7 @@ describe PgEngine::Mailgun::LogSync, vcr: { cassette_name: 'mailgun/log_sync_dow
       end
 
       it do
-        expect { subject }.not_to change(EmailLog, :count)
+        expect { subject }.to raise_error(NoMethodError)
       end
     end
   end

data/pg_layout/app/views/layouts/pg_layout/base.html.slim

@@ -33,6 +33,17 @@ html
     - if @rollbar_token.present?
       meta name="rollbar-token" content="#{@rollbar_token}"
       meta name="rollbar-env" content="#{Rails.env}"
+
+    link rel="preconnect" href="https://fonts.googleapis.com"
+    link rel="preconnect" href="https://fonts.gstatic.com" crossorigin="crossorigin"
+    link href="https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap" rel="stylesheet"
+    css:
+      body {
+        font-family: "Ubuntu", sans-serif;
+        font-weight: 400;
+        font-style: normal;
+      }
+
   body
     = render partial: 'pg_layout/sidebar_mobile'
 

data/pg_rails/lib/pg_rails/rspec_logger_matchers.rb

@@ -0,0 +1,62 @@
+# :nocov:
+module PgEngine
+  module Matchers
+    module PgLogger
+      class Base < RSpec::Rails::Matchers::BaseMatcher
+        def initialize(text, level)
+          super()
+          @text = text
+          @level = level
+        end
+      end
+
+      class PgHaveLogged < Base
+        def matches?(proc)
+          msg = 'have_logged only support block expectations'
+          raise ArgumentError, msg unless proc.is_a?(Proc)
+
+          original_messages = Set.new(PgEngine::PgLogger.test_logged_messages)
+          proc.call
+          logged_messages = Set.new(PgEngine::PgLogger.test_logged_messages)
+
+          @new_messages = logged_messages - original_messages
+          @new_messages.any? do |level, message|
+            if @text.present? && @level.present?
+              level == @level && message.include?(@text)
+            elsif @text.present?
+              message.include? @text
+            elsif @level.present?
+              level == @level
+            else
+              true
+            end
+          end
+        end
+
+        def failure_message
+          msg = "expected to #{@level || log}"
+          msg << "with text: #{@text}" if @text.present?
+          return unless @new_messages.any?
+
+          msg << "\nLogged messages:"
+          @new_messages.each do |level, message|
+            msg << "\n  #{level}: #{message[0..200]}"
+          end
+        end
+
+        def supports_block_expectations?
+          true
+        end
+      end
+    end
+
+    def have_errored(text = nil) # rubocop:disable Naming/PredicateName
+      PgLogger::PgHaveLogged.new(text, :error)
+    end
+
+    def have_warned(text = nil) # rubocop:disable Naming/PredicateName
+      PgLogger::PgHaveLogged.new(text, :warn)
+    end
+  end
+end
+# :nocov:

data/pg_rails/lib/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PgRails
-  VERSION = '7.0.8-alpha.83'
+  VERSION = '7.0.8-alpha.84'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pg_rails
 version: !ruby/object:Gem::Version
-  version: 7.0.8.pre.alpha.83
+  version: 7.0.8.pre.alpha.84
 platform: ruby
 authors:
 - Martín Rosso
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-05-23 00:00:00.000000000 Z
+date: 2024-05-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -1066,6 +1066,7 @@ files:
 - pg_engine/lib/pg_engine/error.rb
 - pg_engine/lib/pg_engine/mailgun/log_sync.rb
 - pg_engine/lib/pg_engine/route_helpers.rb
+- pg_engine/lib/pg_engine/utils/check_invalid_records.rb
 - pg_engine/lib/pg_engine/utils/pdf_preview_generator.rb
 - pg_engine/lib/pg_engine/utils/pg_logger.rb
 - pg_engine/lib/tasks/auto_anotar_modelos.rake
@@ -1172,6 +1173,7 @@ files:
 - pg_rails/lib/pg_rails/current_attributes_support.rb
 - pg_rails/lib/pg_rails/dotenv_support.rb
 - pg_rails/lib/pg_rails/redis_support.rb
+- pg_rails/lib/pg_rails/rspec_logger_matchers.rb
 - pg_rails/lib/pg_rails/vcr_support.rb
 - pg_rails/lib/version.rb
 - pg_rails/scss/bootstrap_overrides.scss