feat: add endpoints for webhooks

Add endpoints on /projects/<RID>/webhooks:
- GET endpoint returns a list of webhooks configured on the repo
- POST endpoint creates a new webhook for a repo
- DELETE endpoint deletes webhook(s) for a repo, optionally based on the url

Author: JChrist

src/api.rs

@@ -31,7 +31,7 @@ mod v1;
 
 use crate::api::error::Error;
 use crate::cache::Cache;
-use crate::session::store::{DbSession, SessionStoreError};
+use crate::store::{DbStore, DbStoreError, DbStoreTrait, WebhookDb};
 use crate::Options;
 
 pub const RADICLE_VERSION: &str = env!("RADICLE_VERSION");
@@ -91,7 +91,7 @@ impl Context {
     }
 
     /// Get a repository by RID, checking to make sure we're allowed to view it.
-    pub fn repo(&self, rid: RepoId) -> Result<(Repository, DocAt), error::Error> {
+    pub fn repo(&self, rid: RepoId) -> Result<(Repository, DocAt), Error> {
         let repo = self.profile.storage.repository(rid)?;
         let doc = repo.identity_doc()?;
         // Don't allow accessing private repos.
@@ -101,20 +101,32 @@ impl Context {
         Ok((repo, doc))
     }
 
-    pub fn open_session_db(&self) -> Result<DbSession, error::Error> {
-        Ok(DbSession::open(self.get_session_db_path()?)?)
+    pub fn open_session_db(&self) -> Result<DbStore, Error> {
+        Ok(DbStore::open(self.get_session_db_path()?)?)
     }
 
-    pub fn read_session_db(&self) -> Result<DbSession, error::Error> {
-        Ok(DbSession::reader(self.get_session_db_path()?)?)
+    pub fn read_session_db(&self) -> Result<DbStore, Error> {
+        Ok(DbStore::reader(self.get_session_db_path()?)?)
     }
 
-    fn get_session_db_path(&self) -> Result<std::path::PathBuf, SessionStoreError> {
+    fn get_session_db_path(&self) -> Result<std::path::PathBuf, DbStoreError> {
         let dir = self.profile.home.path().join(HTTPD_DIR);
         if !dir.exists() {
             fs::create_dir_all(&dir)?;
         }
-        Ok(dir.join(crate::session::store::SESSIONS_DB_FILE))
+        Ok(dir.join(crate::store::SESSIONS_DB_FILE))
+    }
+
+    pub fn open_webhooks_db(&self) -> Result<WebhookDb, Error> {
+        Ok(WebhookDb::open(self.get_webhook_db_path()?)?)
+    }
+
+    fn get_webhook_db_path(&self) -> Result<std::path::PathBuf, DbStoreError> {
+        let dir = self.profile.home.path().join(HTTPD_DIR);
+        if !dir.exists() {
+            fs::create_dir_all(&dir)?;
+        }
+        Ok(dir.join(crate::store::WEBHOOKS_DB_FILE))
     }
 
     #[cfg(test)]

src/api/auth.rs

@@ -10,7 +10,7 @@ use radicle::node::Alias;
 
 use crate::api::error::Error;
 use crate::api::Context;
-use crate::session::store::SessionStoreError;
+use crate::store::DbStoreError;
 
 pub const UNAUTHORIZED_SESSIONS_EXPIRATION: Duration = Duration::seconds(60);
 pub const DEFAULT_AUTHORIZED_SESSIONS_EXPIRATION: Duration = Duration::weeks(1);
@@ -82,14 +82,14 @@ impl Session {
         &mut self,
         expiry: Duration,
         current_time: OffsetDateTime,
-    ) -> Result<(), SessionStoreError> {
+    ) -> Result<(), DbStoreError> {
         // zero or negative expiration duration means that the session does not expire
         self.expires_at = if expiry.is_zero() || expiry.is_negative() {
-            OffsetDateTime::from_unix_timestamp(0).map_err(SessionStoreError::InvalidTimestamp)?
+            OffsetDateTime::from_unix_timestamp(0).map_err(DbStoreError::InvalidTimestamp)?
         } else {
             current_time
                 .checked_add(expiry)
-                .ok_or(SessionStoreError::InvalidTimestampOperation)?
+                .ok_or(DbStoreError::InvalidTimestampOperation)?
         };
 
         Ok(())

src/api/error.rs

@@ -100,7 +100,7 @@ pub enum Error {
 
     /// Session store error.
     #[error(transparent)]
-    SessionStore(#[from] crate::session::store::SessionStoreError),
+    SessionStore(#[from] crate::store::DbStoreError),
 
     /// Session expiration time error
     #[error(transparent)]

src/api/json.rs

@@ -152,7 +152,7 @@ pub(crate) fn patch(
                     patch_comment(id, c, aliases)
                 }).collect::<Vec<_>>(),
                 "timestamp": rev.timestamp().as_secs(),
-                "reviews": rev.reviews().into_iter().map(move |(_, r)| {
+                "reviews": rev.reviews().map(move |(_, r)| {
                     review(r, aliases)
                 }).collect::<Vec<_>>(),
             })

src/api/v1.rs

@@ -5,6 +5,7 @@ mod profile;
 mod projects;
 mod sessions;
 mod stats;
+mod webhooks;
 
 use axum::extract::State;
 use axum::response::{IntoResponse, Json};
@@ -27,7 +28,8 @@ pub fn router(ctx: Context) -> Router {
         .merge(oauth::router(ctx.clone()))
         .merge(delegates::router(ctx.clone()))
         .merge(projects::router(ctx.clone()))
-        .merge(stats::router(ctx));
+        .merge(stats::router(ctx.clone()))
+        .merge(webhooks::router(ctx));
 
     Router::new().nest("/v1", routes)
 }

src/api/v1/projects.rs

@@ -1217,7 +1217,7 @@ mod routes {
     async fn test_search_projects() {
         let tmp = tempfile::tempdir().unwrap();
         let app = super::router(seed(tmp.path()));
-        let response = get(&app, format!("/projects/search?q=hello")).await;
+        let response = get(&app, "/projects/search?q=hello".to_string()).await;
 
         assert_eq!(response.status(), StatusCode::OK);
         assert_eq!(
@@ -1257,7 +1257,7 @@ mod routes {
     async fn test_search_projects_pagination() {
         let tmp = tempfile::tempdir().unwrap();
         let app = super::router(seed(tmp.path()));
-        let response = get(&app, format!("/projects/search?q=hello&perPage=1")).await;
+        let response = get(&app, "/projects/search?q=hello&perPage=1".to_string()).await;
 
         assert_eq!(response.status(), StatusCode::OK);
         assert_eq!(

src/api/v1/sessions.rs

@@ -172,7 +172,7 @@ async fn session_delete_handler(
 }
 
 #[cfg(test)]
-mod sessions {
+mod sessions_tests {
     use crate::api::auth;
     use axum::body::Body;
     use axum::http::StatusCode;

src/api/v1/webhooks.rs

@@ -0,0 +1,210 @@
+use crate::api;
+use crate::api::error::Error;
+use crate::api::Context;
+use crate::axum_extra::{Path, Query};
+use crate::store::Webhook;
+use axum::extract::State;
+use axum::response::IntoResponse;
+use axum::routing::post;
+use axum::{Json, Router};
+use axum_auth::AuthBearer;
+use radicle::identity::RepoId;
+use serde::{Deserialize, Serialize};
+use serde_json::json;
+
+pub fn router(ctx: Context) -> Router {
+    Router::new()
+        .route(
+            "/projects/:repo_id/webhooks",
+            post(webhooks_post_handler)
+                .delete(webhooks_delete_handler)
+                .get(webhooks_get_handler),
+        )
+        .with_state(ctx)
+}
+
+/// Return the webhooks for the repo.
+/// `GET /projects/:repo_id/webhooks`
+async fn webhooks_get_handler(
+    State(ctx): State<Context>,
+    AuthBearer(token): AuthBearer,
+    Path(repo_id): Path<RepoId>,
+) -> impl IntoResponse {
+    api::auth::validate(&ctx, &token).await?;
+    let (_, _) = ctx.repo(repo_id)?;
+    let mut db = ctx.open_webhooks_db()?;
+    let webhooks = db.get(repo_id.to_string())?;
+    Ok::<_, Error>(Json(json!(webhooks)))
+}
+
+/// Creates a webhook for the repo.
+/// `POST /projects/:repo_id/webhooks`
+async fn webhooks_post_handler(
+    State(ctx): State<Context>,
+    AuthBearer(token): AuthBearer,
+    Path(repo_id): Path<RepoId>,
+    Json(mut webhook): Json<Webhook>,
+) -> impl IntoResponse {
+    api::auth::validate(&ctx, &token).await?;
+    let (repo, _) = ctx.repo(repo_id)?;
+    webhook.repo_id = repo.id.to_string();
+    let mut db = ctx.open_webhooks_db()?;
+    db.insert(&webhook)?;
+    Ok::<_, Error>(Json(json!(webhook)))
+}
+
+#[derive(Serialize, Deserialize, Clone)]
+#[serde(rename_all = "camelCase")]
+pub struct QueryUrl {
+    pub url: Option<String>,
+}
+
+/// Deletes the webhooks for the repo, or the webhook with the specific url, if-provided
+/// `DELETE /projects/:repo_id/webhooks`
+async fn webhooks_delete_handler(
+    State(ctx): State<Context>,
+    AuthBearer(token): AuthBearer,
+    Path(repo_id): Path<RepoId>,
+    Query(qs): Query<QueryUrl>,
+) -> impl IntoResponse {
+    api::auth::validate(&ctx, &token).await?;
+    let (_, _) = ctx.repo(repo_id)?;
+    let mut db = ctx.open_webhooks_db()?;
+    db.remove(repo_id.to_string(), qs.url)?;
+    // returning OK without checking if we actually deleted anything
+
+    Ok::<_, Error>(Json(json!({"repo_id": repo_id})))
+}
+
+#[cfg(test)]
+mod webhooks_api_tests {
+    use crate::store::Webhook;
+    use crate::test::{create_session, delete, get_auth, post, seed, Response, RID, SESSION_ID};
+    use axum::body::Body;
+    use axum::http::StatusCode;
+    use axum::Router;
+    use serde_json::json;
+
+    #[tokio::test]
+    async fn test_webhooks() {
+        let tmp = tempfile::tempdir().unwrap();
+        let ctx = seed(tmp.path());
+        let app = super::router(ctx.to_owned());
+
+        create_session(ctx).await;
+
+        let webhook = gen_webhook(1);
+
+        let response = create_webhook(&app, &webhook).await;
+        assert_eq!(response.status(), StatusCode::OK);
+
+        // get webhooks, we should find the one created
+        let mut get_whs = get_webhooks(&app).await;
+        assert_eq!(get_whs.as_array_mut().unwrap().len(), 1);
+        assert_eq!(get_whs.as_array_mut().unwrap()[0], json!(webhook));
+
+        // delete all under repo
+        let del_resp = delete(
+            &app,
+            format!("/projects/{RID}/webhooks"),
+            None,
+            Some(SESSION_ID.to_string()),
+        )
+        .await;
+        assert_eq!(del_resp.status(), StatusCode::OK);
+
+        // get should return empty array now
+        let mut get_whs = get_webhooks(&app).await;
+        assert_eq!(get_whs.as_array_mut().unwrap().len(), 0);
+    }
+
+    #[tokio::test]
+    async fn test_multiple_webhooks() {
+        let tmp = tempfile::tempdir().unwrap();
+        let ctx = seed(tmp.path());
+        let app = super::router(ctx.to_owned());
+
+        create_session(ctx).await;
+
+        let webhook1 = gen_webhook(1);
+        let response = create_webhook(&app, &webhook1).await;
+        assert_eq!(response.status(), StatusCode::OK);
+
+        let webhook2 = gen_webhook(2);
+        let response = create_webhook(&app, &webhook2).await;
+        assert_eq!(response.status(), StatusCode::OK);
+
+        // get webhooks, we should find both created
+        let mut get_whs = get_webhooks(&app).await;
+        assert_eq!(get_whs.as_array_mut().unwrap().len(), 2);
+
+        // add webhook with same url as webhook1 again, it should be "ignored"
+        let response = create_webhook(&app, &webhook1).await;
+        assert_eq!(response.status(), StatusCode::OK);
+
+        let mut get_whs = get_webhooks(&app).await;
+        assert_eq!(get_whs.as_array_mut().unwrap().len(), 2);
+
+        // delete by url
+        let url1 = webhook1.url;
+        let del_resp = delete(
+            &app,
+            format!("/projects/{RID}/webhooks?url={url1}"),
+            None,
+            Some(SESSION_ID.to_string()),
+        )
+        .await;
+        assert_eq!(del_resp.status(), StatusCode::OK);
+
+        //verify we only have webhook2 now
+        let mut get_whs = get_webhooks(&app).await;
+        assert_eq!(get_whs.as_array_mut().unwrap().len(), 1);
+        assert_eq!(get_whs.as_array_mut().unwrap()[0], json!(webhook2));
+
+        // add multiple other webhooks again
+        for i in 0..5 {
+            let wh = gen_webhook(10 + i);
+            create_webhook(&app, &wh).await;
+        }
+
+        // we should have webhook2 + the 5 new ones
+        let mut get_whs = get_webhooks(&app).await;
+        assert_eq!(get_whs.as_array_mut().unwrap().len(), 1 + 5);
+
+        // delete all webhooks in repo
+        let del_resp = delete(
+            &app,
+            format!("/projects/{RID}/webhooks"),
+            None,
+            Some(SESSION_ID.to_string()),
+        )
+        .await;
+        assert_eq!(del_resp.status(), StatusCode::OK);
+
+        // verify we have 0 webhooks now
+        let mut get_whs = get_webhooks(&app).await;
+        assert_eq!(get_whs.as_array_mut().unwrap().len(), 0);
+    }
+
+    fn gen_webhook(id: u64) -> Webhook {
+        Webhook {
+            repo_id: RID.to_string(),
+            url: format!("test_url_{id}"),
+            secret: "test_secret".to_string(),
+            content_type: "content type".to_string(),
+        }
+    }
+
+    async fn create_webhook(app: &Router, webhook: &Webhook) -> Response {
+        let body = Some(Body::from(json!(webhook).to_string()));
+        let s = Some(SESSION_ID.to_string());
+        post(app, format!("/projects/{RID}/webhooks"), body, s).await
+    }
+
+    async fn get_webhooks(app: &Router) -> serde_json::Value {
+        let s = Some(SESSION_ID.to_string());
+        let get_resp = get_auth(app, format!("/projects/{RID}/webhooks"), s).await;
+        assert_eq!(get_resp.status(), StatusCode::OK);
+        get_resp.json().await
+    }
+}

src/lib.rs

@@ -3,7 +3,7 @@
 #![recursion_limit = "256"]
 pub mod api;
 pub mod error;
-pub mod session;
+pub mod store;
 
 use std::collections::HashMap;
 use std::net::SocketAddr;