Skip to content

Commit

Permalink
Adds webhook format check for Slack (#814) (#944)
Browse files Browse the repository at this point in the history
* Microsoft teams (#676)

* Added feature support for microsoft teams webhoo



* Added feature support for microsoft teams webhook ,removed valid webhooks



* Added feature support for Microsoft teams webhook



* Refactored feature support for  ms teams and added unit and integTest



* fix build in core



* fix core-spi build



* fix notifications main code



* fix mappings, add IT



* add auto upgrade mapping logic



* put load mapping to initialize step



* add schema_version field



* add integ test



* adjust with auto upgrade mapping logic



* add bwc



* modify bwc



* modify bwc



* resolve  comments



* add license header



* fix microsoft teams sample url in IT to adapt url validation



---------






* Add microsoft teams validation error message (#746)

* add validation failure message for Microsoft Teams



* modify integtest



---------




* onboard system and hidden index (#742)




* Updates demo certs used in integ tests (#756)




* Add 2.10.0 release notes (#755)

* Add 2.10.0 release notes



* update release notes



* Update opensearch-notifications.release-notes-2.10.0.0.md



* fix wrong PR number



---------




* bump bwc version to 2.11 (#763)




* Add 2.11 release notes (#774)




* Fix integration test failure by allowing direct access to system index warning (#784)

* Fix integration test failure by allowing direct access to system index warning



* Fix bwc test failure of throwing direct access to system index when getting mapping



---------





* Re-enable detekt

Bumped version of `io.gitlab.arturbosch.detekt:detekt-gradle-plugin` to `1.23.0`





* bump bwc version to 2.12 (#793)





* Update dependency org.json:json to v20231013 (#795)





* Impove security plugin enabling check (#792)





* Add github workflow to auto bump bwc version  (#799)

* Adding bump bwc version github workflow



* revert app id



---------





* Replace the TestMailServer to GreenMail server (#801)

* Add 2.11 release notes (#774)




* Fix integration test failure by allowing direct access to system index warning (#784)

* Fix integration test failure by allowing direct access to system index warning



* Fix bwc test failure of throwing direct access to system index when getting mapping



---------




* Replace the TestMailServer to GreenMail server



* bump bwc version to 2.12 (#793)




* Update dependency org.json:json to v20231013 (#795)




* Re-enable detekt (#796)

Bumped version of `io.gitlab.arturbosch.detekt:detekt-gradle-plugin` to `1.23.0`





* Add assertion for retrieval of notification



* Update to stable version



* Update to stable version



* Update to suggested version



---------














* Onboard prod jenkins docker image to github actions (#809)

* Onboard prod jenkins docker image to github actions



* Add more



---------





* Added org.apache.logging.log4j:log4j-slf4j-impl to classpath (#791)

* Added slf4j-jdk14.jar to classpath

Adding binding for SLF4J that should fix StaticLoggerBinder being not loaded.
Followed instructions from warning messages that appear.



* Undid 80fc198

Removed slf4j-jdk14.jar from classpath



* Added org.apache.logging.log4j:log4j-slf4j-impl to classpath



---------






* Added Slack webhook URL validation regex




* Replaced wrongly formatted dummy Slack URL with properly formatted dummy Slack URL





* Replaced more wrongly formatted dummy Slack URL with properly formatted dummy Slack URL




* Replaced even more wrongly formatted dummy Slack URL with properly formatted dummy Slack URL




* Replace path of mock Slack URL with `sample_slack_url`




* Remove slackId from domainIds




* Replace wrongly formatted dummy Slack URL with properly formatted dummy Slack URL




* Add tests for wrong Slack URLs



* Add validation tests for Slack URL



* Format



* GovSlack apps can use the slack-gov.com domain



* Add validation for gov-slack.com domain



---------
























(cherry picked from commit 87109a0)

Signed-off-by: danielkyalo599 <[email protected]>
Signed-off-by: zhichao-aws <[email protected]>
Signed-off-by: Aniruddh <[email protected]>
Signed-off-by: Hailong Cui <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: yuye-aws <[email protected]>
Signed-off-by: gaobinlong <[email protected]>
Signed-off-by: Aniruddh Srivastava <[email protected]>
Signed-off-by: Aniruddh <[email protected]>
Signed-off-by: rdani <[email protected]>
Signed-off-by: Peter Zhu <[email protected]>
Signed-off-by: Noir <[email protected]>
Signed-off-by: Aniruddh Srivastava <[email protected]>
Signed-off-by: Aniruddh <[email protected]>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: zhichao-aws <[email protected]>
Co-authored-by: danielkyalo599 <[email protected]>
Co-authored-by: Hailong Cui <[email protected]>
Co-authored-by: Darshit Chanpura <[email protected]>
Co-authored-by: Yuye Zhu <[email protected]>
Co-authored-by: gaobinlong <[email protected]>
Co-authored-by: Rachana Dani <[email protected]>
Co-authored-by: rdani <[email protected]>
Co-authored-by: Peter Zhu <[email protected]>
  • Loading branch information
11 people authored Aug 23, 2024
1 parent e008360 commit 8203ad6
Show file tree
Hide file tree
Showing 12 changed files with 105 additions and 23 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,9 @@ object ConfigIndexingActions {

@Suppress("UnusedPrivateMember")
private fun validateSlackConfig(slack: Slack, user: User?) {
// TODO: URL validation with rules
require(slack.url.contains(Regex("https://hooks\\.(?:gov-)?slack\\.com/services"))) {
"Wrong Slack url. Should contain \"hooks.slack.com/services/\" or \"hooks.gov-slack.com/services/\""
}
}

@Suppress("UnusedPrivateMember")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ fun getCreateNotificationRequestJsonString(
.joinToString("")
val configObjectString = when (configType) {
ConfigType.SLACK -> """
"slack":{"url":"https://slack.domain.com/sample_slack_url#$randomString"}
"slack":{"url":"https://hooks.slack.com/services/sample_slack_url#$randomString"}
""".trimIndent()
ConfigType.CHIME -> """
"chime":{"url":"https://chime.domain.com/sample_chime_url#$randomString"}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ class SecurityNotificationIT : PluginRestTestCase() {
createUserWithCustomRole(user, password, NOTIFICATION_CREATE_CONFIG_ACCESS, "", ROLE_TO_PERMISSION_MAPPING[NOTIFICATION_CREATE_CONFIG_ACCESS])

// Create sample config request reference
val sampleSlack = Slack("https://domain.com/sample_slack_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
Expand Down Expand Up @@ -96,7 +96,7 @@ class SecurityNotificationIT : PluginRestTestCase() {
createUserWithCustomRole(user, password, NOTIFICATION_NO_ACCESS_ROLE, "", ROLE_TO_PERMISSION_MAPPING[NOTIFICATION_NO_ACCESS_ROLE])

// Create sample config request reference
val sampleSlack = Slack("https://domain.com/sample_slack_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
Expand Down Expand Up @@ -132,7 +132,7 @@ class SecurityNotificationIT : PluginRestTestCase() {
createUserWithCustomRole(user, password, NOTIFICATION_UPDATE_CONFIG_ACCESS, "", ROLE_TO_PERMISSION_MAPPING[NOTIFICATION_UPDATE_CONFIG_ACCESS])

// Create sample config request reference
val sampleSlack = Slack("https://domain.com/sample_slack_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
Expand Down Expand Up @@ -209,7 +209,7 @@ class SecurityNotificationIT : PluginRestTestCase() {
createUserWithCustomRole(user, password, NOTIFICATION_NO_ACCESS_ROLE, "", ROLE_TO_PERMISSION_MAPPING[NOTIFICATION_NO_ACCESS_ROLE])

// Create sample config request reference
val sampleSlack = Slack("https://domain.com/sample_slack_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
Expand Down Expand Up @@ -245,7 +245,7 @@ class SecurityNotificationIT : PluginRestTestCase() {
createUserWithCustomRole(user, password, NOTIFICATION_GET_CONFIG_ACCESS, "", ROLE_TO_PERMISSION_MAPPING[NOTIFICATION_GET_CONFIG_ACCESS])

// Create sample config request reference
val sampleSlack = Slack("https://domain.com/sample_slack_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
Expand Down Expand Up @@ -301,7 +301,7 @@ class SecurityNotificationIT : PluginRestTestCase() {
createUserWithCustomRole(user, password, NOTIFICATION_DELETE_CONFIG_ACCESS, "", ROLE_TO_PERMISSION_MAPPING[NOTIFICATION_DELETE_CONFIG_ACCESS])

// Create sample config request reference
val sampleSlack = Slack("https://domain.com/sample_slack_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ class NotificationsBackwardsCompatibilityIT : PluginRestTestCase() {
"description": "This is a sample config description $configId",
"config_type": "slack",
"is_enabled": true,
"slack": { "url": "https://slack.domain.com/sample_slack_url#$configId" }
"slack": { "url": "https://hooks.slack.com/services/sample_slack_url#$configId" }
}
}
""".trimIndent()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,7 @@ class ChimeNotificationConfigCrudIT : PluginRestTestCase() {
"description":"${referenceObject.description}",
"config_type":"chime",
"is_enabled":${referenceObject.isEnabled},
"slack":{"url":"https://dummy.com"}
"slack":{"url":"https://hooks.slack.com/services/sample_slack_url"}
"chime":{"url":"${(referenceObject.configData as Chime).url}"}
}
}
Expand Down Expand Up @@ -190,7 +190,7 @@ class ChimeNotificationConfigCrudIT : PluginRestTestCase() {
"description":"this is a updated config description",
"config_type":"slack",
"is_enabled":"true",
"slack":{"url":"https://updated.domain.com/updated_slack_url#0987654321"}
"slack":{"url":"https://hooks.slack.com/services/sample_slack_url"}
}
}
""".trimIndent()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ class CreateNotificationConfigIT : PluginRestTestCase() {

fun `test Create slack notification config`() {
// Create sample config request reference
val sampleSlack = Slack("https://domain.com/sample_slack_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -908,7 +908,7 @@ class EmailNotificationConfigCrudIT : PluginRestTestCase() {
"description":"${smtpAccountConfig.description}",
"config_type":"smtp_account",
"is_enabled":${smtpAccountConfig.isEnabled},
"slack": {"url": "https://dummy.com"},
"slack": {"url": "https://hooks.slack.com/services/sample_slack_url"},
"smtp_account":{
"host":"${sampleSmtpAccount.host}",
"port":"${sampleSmtpAccount.port}",
Expand Down Expand Up @@ -949,7 +949,7 @@ class EmailNotificationConfigCrudIT : PluginRestTestCase() {
"description":"${emailConfig.description}",
"config_type":"email",
"is_enabled":${emailConfig.isEnabled},
"slack":{"url": "https://dummy.com"},
"slack":{"url": "https://hooks.slack.com/services/sample_slack_url"},
"email":{
"email_account_id":"${sampleEmail.emailAccountID}",
"default_recipients":[
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -627,7 +627,7 @@ class QueryNotificationConfigIT : PluginRestTestCase() {
val urlIds = setOf(slackId, chimeId, microsoftTeamsId, webhookId)
val recipientIds = setOf(emailGroupId)
val fromIds = setOf(emailGroupId, smtpAccountId)
val domainIds = setOf(slackId, chimeId, microsoftTeamsId, webhookId, smtpAccountId)
val domainIds = setOf(chimeId, microsoftTeamsId, webhookId, smtpAccountId)
Thread.sleep(1000)

// Get notification configs using query=slack
Expand Down Expand Up @@ -702,7 +702,7 @@ class QueryNotificationConfigIT : PluginRestTestCase() {
val urlIds = setOf(slackId, chimeId, microsoftTeamsId, webhookId)
val recipientIds = setOf(emailGroupId)
val fromIds = setOf(emailGroupId, smtpAccountId)
val domainIds = setOf(slackId, chimeId, microsoftTeamsId, webhookId, smtpAccountId)
val domainIds = setOf(chimeId, microsoftTeamsId, webhookId, smtpAccountId)
Thread.sleep(1000)

// Get notification configs using text_query=slack should not return any item
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,16 @@
package org.opensearch.integtest.config

import org.junit.Assert
import org.opensearch.client.Request
import org.opensearch.client.RequestOptions
import org.opensearch.client.ResponseException
import org.opensearch.commons.notifications.model.ConfigType
import org.opensearch.commons.notifications.model.NotificationConfig
import org.opensearch.commons.notifications.model.Slack
import org.opensearch.core.rest.RestStatus
import org.opensearch.integtest.PluginRestTestCase
import org.opensearch.integtest.getResponseBody
import org.opensearch.integtest.jsonify
import org.opensearch.notifications.NotificationPlugin.Companion.PLUGIN_BASE_URI
import org.opensearch.notifications.verifySingleConfigEquals
import org.opensearch.rest.RestRequest
Expand All @@ -19,7 +24,7 @@ class SlackNotificationConfigCrudIT : PluginRestTestCase() {

fun `test Create, Get, Update, Delete slack notification config using REST client`() {
// Create sample config request reference
val sampleSlack = Slack("https://domain.com/sample_slack_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
Expand Down Expand Up @@ -67,7 +72,7 @@ class SlackNotificationConfigCrudIT : PluginRestTestCase() {
Thread.sleep(100)

// Updated notification config object
val updatedSlack = Slack("https://updated.domain.com/updated_slack_url#0987654321")
val updatedSlack = Slack("https://hooks.slack.com/services/updated_slack_url")
val updatedObject = NotificationConfig(
"this is a updated config name",
"this is a updated config description",
Expand Down Expand Up @@ -126,7 +131,7 @@ class SlackNotificationConfigCrudIT : PluginRestTestCase() {

fun `test Bad Request for multiple config data for Slack using REST Client`() {
// Create sample config request reference
val sampleSlack = Slack("https://domain.com/sample_slack_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
Expand Down Expand Up @@ -155,4 +160,40 @@ class SlackNotificationConfigCrudIT : PluginRestTestCase() {
RestStatus.BAD_REQUEST.status
)
}

fun `test create config with wrong Slack url and get error text`() {
val sampleSlack = Slack("https://webhook.slack.com/services/sample_slack_url")
val referenceObject = NotificationConfig(
"this is a sample config name",
"this is a sample config description",
ConfigType.SLACK,
isEnabled = true,
configData = sampleSlack
)
val createRequestJsonString = """
{
"config":{
"name":"${referenceObject.name}",
"description":"${referenceObject.description}",
"config_type":"slack",
"is_enabled":${referenceObject.isEnabled},
"slack":{"url":"${(referenceObject.configData as Slack).url}"}
}
}
""".trimIndent()
val response = try {
val request = Request(RestRequest.Method.POST.name, "$PLUGIN_BASE_URI/configs")
request.setJsonEntity(createRequestJsonString)
val restOptionsBuilder = RequestOptions.DEFAULT.toBuilder()
restOptionsBuilder.addHeader("Content-Type", "application/json")
request.setOptions(restOptionsBuilder)
client().performRequest(request)
fail("Expected wrong Slack URL.")
} catch (exception: ResponseException) {
Assert.assertEquals(
"Wrong Slack url. Should contain \"hooks.slack.com/services/\" or \"hooks.gov-slack.com/services/\"",
jsonify(getResponseBody(exception.response))["error"].asJsonObject["reason"].asString
)
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@ class WebhookNotificationConfigCrudIT : PluginRestTestCase() {
"description":"${referenceObject.description}",
"config_type":"webhook",
"is_enabled":${referenceObject.isEnabled},
"slack":{"url":"https://dummy.com"}
"slack":{"url":"https://hooks.slack.com/services/sample_slack_url"}
"webhook":{"url":"${(referenceObject.configData as Webhook).url}"}
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import org.junit.jupiter.api.BeforeAll
import org.junit.jupiter.api.Test
import org.opensearch.commons.authuser.User
import org.opensearch.commons.notifications.model.MicrosoftTeams
import org.opensearch.commons.notifications.model.Slack
import java.lang.reflect.Method
import kotlin.test.assertFails

Expand All @@ -28,8 +29,42 @@ class ConfigIndexingActionsTests {
assertFails { validateMicrosoftTeamsConfig.invoke(ConfigIndexingActions, microsoftTeams, user) }
}

@Test
fun `test validate slack`() {
val user = User()
var slack = Slack("https://hooks.slack.com/services/123456789/123456789/123456789")
validateSlackConfig.invoke(ConfigIndexingActions, slack, user)
slack = Slack("https://hooks.gov-slack.com/services/123456789/123456789/123456789")
validateSlackConfig.invoke(ConfigIndexingActions, slack, user)
slack = Slack("https://hooks.slack.com/services/samplesamplesamplesamplesamplesamplesamplesamplesample")
validateSlackConfig.invoke(ConfigIndexingActions, slack, user)
slack = Slack("https://hooks.gov-slack.com/services/samplesamplesamplesamplesamplesamplesamplesamplesample")
validateSlackConfig.invoke(ConfigIndexingActions, slack, user)
slack = Slack("http://hooks.slack.com/services/123456789/123456789/123456789/123456789")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
slack = Slack("http://hooks.gov-slack.com/services/123456789/123456789/123456789/123456789")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
slack = Slack("https://slack.com/services/123456789/123456789/123456789/123456789")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
slack = Slack("https://gov-slack.com/services/123456789/123456789/123456789/123456789")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
slack = Slack("https://hooks.slack.com/123456789/123456789/123456789/123456789/123456789")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
slack = Slack("https://hooks.gov-slack.com/123456789/123456789/123456789/123456789/123456789")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
slack = Slack("https://hook.slack.com/services/123456789/123456789/123456789/123456789/123456789")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
slack = Slack("https://hook.gov-slack.com/services/123456789/123456789/123456789/123456789/123456789")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
slack = Slack("https://hooks.slack.com/")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
slack = Slack("https://hooks.gov-slack.com/")
assertFails { validateSlackConfig.invoke(ConfigIndexingActions, slack, user) }
}

companion object {
private lateinit var validateMicrosoftTeamsConfig: Method
private lateinit var validateSlackConfig: Method

@BeforeAll
@JvmStatic
Expand All @@ -38,8 +73,12 @@ class ConfigIndexingActionsTests {
validateMicrosoftTeamsConfig = ConfigIndexingActions::class.java.getDeclaredMethod(
"validateMicrosoftTeamsConfig", MicrosoftTeams::class.java, User::class.java
)
validateSlackConfig = ConfigIndexingActions::class.java.getDeclaredMethod(
"validateSlackConfig", Slack::class.java, User::class.java
)

validateMicrosoftTeamsConfig.isAccessible = true
validateSlackConfig.isAccessible = true
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ internal class NotificationConfigDocTests {
createdTimeMs,
listOf("br1", "br2", "br3")
)
val sampleSlack = Slack("https://domain.com/sample_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val config = NotificationConfig(
"name",
"description",
Expand All @@ -47,7 +47,7 @@ internal class NotificationConfigDocTests {
createdTimeMs,
listOf("br1", "br2", "br3")
)
val sampleSlack = Slack("https://domain.com/sample_url#1234567890")
val sampleSlack = Slack("https://hooks.slack.com/services/sample_slack_url")
val config = NotificationConfig(
"name",
"description",
Expand All @@ -67,7 +67,7 @@ internal class NotificationConfigDocTests {
"description":"description",
"config_type":"slack",
"is_enabled":true,
"slack":{"url":"https://domain.com/sample_url#1234567890"}
"slack":{"url":"https://hooks.slack.com/services/sample_slack_url"}
},
"extra_field_1":["extra", "value"],
"extra_field_2":{"extra":"value"},
Expand Down

0 comments on commit 8203ad6

Please sign in to comment.