~sircmpwn/meta.sr.ht

72548bd7545f78670878667674cc7645835a17bd — Drew DeVault 8 months ago 7ace4c6 webhooks 0.55.0
API: Updates per core-go auth changes
3 files changed, 6 insertions(+), 10 deletions(-)

M api/go.mod
M api/go.sum
M api/graph/schema.resolvers.go
M api/go.mod => api/go.mod +1 -1
@@ 3,7 3,7 @@ module git.sr.ht/~sircmpwn/meta.sr.ht/api
go 1.14

require (
	git.sr.ht/~sircmpwn/core-go v0.0.0-20210824141646-99671f85b661 // indirect
	git.sr.ht/~sircmpwn/core-go v0.0.0-20210825085627-2d9a547c395c // indirect
	git.sr.ht/~sircmpwn/dowork v0.0.0-20210820133136-d3970e97def3 // indirect
	git.sr.ht/~sircmpwn/go-bare v0.0.0-20210227202403-5dae5c48f917 // indirect
	github.com/99designs/gqlgen v0.13.0

M api/go.sum => api/go.sum +2 -0
@@ 48,6 48,8 @@ git.sr.ht/~sircmpwn/core-go v0.0.0-20210824124722-590c9c42037a h1:dhmRBQR1EE+Sqo
git.sr.ht/~sircmpwn/core-go v0.0.0-20210824124722-590c9c42037a/go.mod h1:dOzMmMQFPH0ztBhLFNo/hFLHqck1tbhgL3aNi1XnOsI=
git.sr.ht/~sircmpwn/core-go v0.0.0-20210824141646-99671f85b661 h1:PpCR0gF2Tghq9zIGGQIQTvXTBRhxfcvKGmGgWHA5+gM=
git.sr.ht/~sircmpwn/core-go v0.0.0-20210824141646-99671f85b661/go.mod h1:dOzMmMQFPH0ztBhLFNo/hFLHqck1tbhgL3aNi1XnOsI=
git.sr.ht/~sircmpwn/core-go v0.0.0-20210825085627-2d9a547c395c h1:FeNcbrefUbVNgZCbleaINWm2PcDNL7IC4h1NJjnQnoc=
git.sr.ht/~sircmpwn/core-go v0.0.0-20210825085627-2d9a547c395c/go.mod h1:dOzMmMQFPH0ztBhLFNo/hFLHqck1tbhgL3aNi1XnOsI=
git.sr.ht/~sircmpwn/dowork v0.0.0-20201013160733-35ca012e4dc8/go.mod h1:8neHEO3503w/rNtttnR0JFpQgM/GFhaafVwvkPsFIDw=
git.sr.ht/~sircmpwn/dowork v0.0.0-20201121170652-c2a771442daf h1:wRE9o+wlpTSuq/ucFJsfbglAobfGPIgFdaTtZXrk8P0=
git.sr.ht/~sircmpwn/dowork v0.0.0-20201121170652-c2a771442daf/go.mod h1:8neHEO3503w/rNtttnR0JFpQgM/GFhaafVwvkPsFIDw=

M api/graph/schema.resolvers.go => api/graph/schema.resolvers.go +3 -9
@@ 481,7 481,7 @@ func (r *mutationResolver) CreateWebhook(ctx context.Context, config model.Profi
		return nil, err
	}

	auth := auth.ForContext(ctx)
	user := auth.ForContext(ctx)
	ac, err := corewebhooks.NewAuthConfig(ctx)
	if err != nil {
		return nil, err


@@ 506,13 506,7 @@ func (r *mutationResolver) CreateWebhook(ctx context.Context, config model.Profi
		case model.WebhookEventSSHKeyAdded, model.WebhookEventSSHKeyRemoved:
			access = "SSH_KEYS"
		}
		// Note: corewebhooks.NewAuthConfig ensures that the auth context is
		// AUTH_OAUTH2, so the Access field is valid.
		if auth.Access == nil {
			// All permissions granted
			continue
		}
		if _, ok := auth.Access[access]; !ok {
		if !user.Grants.Has(access, auth.RO) {
			return nil, fmt.Errorf("Insufficient access granted for webhook event %s", ev.String())
		}
	}


@@ 542,7 536,7 @@ func (r *mutationResolver) CreateWebhook(ctx context.Context, config model.Profi
			ac.AuthMethod,
			ac.TokenHash, ac.Grants, ac.ClientID, ac.Expires, // OAUTH2
			ac.NodeID,                                        // INTERNAL
			auth.UserID)
			user.UserID)

		if err := row.Scan(&sub.ID, &sub.URL,
			&sub.Query, pq.Array(&sub.Events), &sub.UserID); err != nil {