Commit Graph

39 Commits

Author SHA1 Message Date
kolaente
a610ccbbac feat(api/v2): add user webhooks on /api/v2
Port the per-user webhook endpoints (/user/settings/webhooks) from /api/v1 to
the Huma-backed /api/v2: list, available events, create, update, delete. They
are the project-less sibling of the project webhooks (#2858) and share the
webhooks.enabled gate, checked inside the registrar.

Webhook.ReadAll is extended to serve the user-level list (scoped to the
authenticated user) so the v2 list handler can go through handler.DoReadAll like
the project list; the project branch is unchanged. Credentials are masked on
read via the model's existing maskCredentials, matching #2858.
2026-06-10 19:12:41 +00:00
kolaente
5855ccc1d4 docs(webhooks): version-qualify the events endpoint link in the events field doc
In the v2 OpenAPI context a bare /webhooks/events reads as /api/v2/webhooks/events,
which does not exist — the events listing endpoint lives only on /api/v1. Point the
doc string at the absolute v1 path so v2 clients are not misled.
2026-06-06 19:50:41 +00:00
kolaente
aac0322975 refactor(webhooks): mask write-only credentials in the model so create/update never echo them
Webhook.ReadAll already cleared the secret and basic-auth from responses,
but Create and Update did not, so the v2 handler patched the gap with a
maskWebhookCredentials helper. Centralize the masking in the model via a
maskCredentials helper called after every DB write (ReadAll, Create,
Update) and drop the v2 handler helper.

The credentials are client-provided, not server-generated: the DB row
keeps them and outgoing deliveries reload + HMAC-sign from the DB copy,
so clearing the returned in-memory struct is correct write-only handling.

Webhook is a shared model, so v1's create/update responses also stop
echoing the submitted secret/auth — intended, and approved by the
maintainer.
2026-06-06 19:50:41 +00:00
kolaente
3647551a79 docs(api/v2): tag Webhook fields for the v2 schema
Add doc tags to every exposed Webhook field, mark the server-controlled
ones (id, project_id, user_id, created_by, created, updated) readOnly,
and mark the secret and basic-auth credentials writeOnly. All three tags
are ignored by swaggo/XORM/govalidator, so v1 is unaffected.
2026-06-06 19:50:41 +00:00
kolaente
42b0f0ba77 fix(webhook): return error from sendWebhookPayload on non-2xx responses
Previously the HTTP response status was only logged, so retries never
triggered for failing webhooks and downstream fan-out bugs (#2569) were
impossible to exercise via tests. Returning an error lets the watermill
retry middleware do its job.
2026-04-09 09:26:04 +00:00
kolaente
75c9b753a8 fix: strip BasicAuth credentials from project webhook API responses 2026-03-23 16:35:47 +00:00
kolaente
e5a1c05771 refactor: use shared SSRF-safe HTTP client in webhook code 2026-03-23 16:34:22 +00:00
kolaente
212968cec4 chore(lint): suppress additional gosec false positives
Add #nosec comments for G703/G704 findings in db, doctor, webhooks,
gravatar, unsplash, and migration helper code.
2026-03-23 16:40:07 +01:00
kolaente
8d9bc3e65e feat(webhooks): add built-in SSRF protection using daenney/ssrf
Block webhook requests to non-globally-routable IP addresses by default.
Uses net.Dialer.Control hook to validate resolved IPs against IANA
Special Purpose Registries after DNS resolution, preventing DNS rebinding.

Configurable via webhooks.allownonroutableips (default: false).
2026-03-19 15:18:06 +01:00
kolaente
d4577c660f feat: add user_id to webhooks and user-directed event infrastructure
Add user_id column to webhooks table (nullable, for user-level webhooks
vs project-level). Extend webhook model, permissions, and listener to
support user-level webhooks that fire for user-directed events like
task reminders and overdue task notifications.

Add TasksOverdueEvent for dispatching overdue notifications via webhooks.
Update webhook permissions to handle both user-level and project-level
ownership. Add webhook test fixture and register webhooks table in test
fixture loader.
2026-03-08 19:45:53 +01:00
rhclayto
cf029cef0c feat: add option to send Basic Auth header with webhook requests (#2137)
Resolves https://github.com/go-vikunja/vikunja/issues/2136
Docs PR: https://github.com/go-vikunja/website/pull/284
2026-01-30 15:07:31 +01:00
kolaente
731b7c3001 fix: avoid mutating global http.DefaultClient in webhook proxy (#2145)
Fixes a bug where the webhook HTTP client was mutating `http.DefaultClient` (the global singleton), causing ALL HTTP requests in the application to use the webhook proxy. This broke OIDC authentication and other external HTTP calls when webhook proxy was configured.

Fixes #2144
2026-01-24 13:58:47 +01:00
kolaente
a81a3ee0e5 feat!: rename right to permission (#1277) 2025-08-13 11:05:05 +02:00
kolaente
a8025a9e36 fix: guard invalid user lookups (#1034) 2025-06-26 21:58:47 +00:00
Dominik Pschenitschni
296577a875 fix: correct license header references (#882)
See originals:
- https://www.gnu.org/licenses/agpl-3.0.txt
- https://www.gnu.org/licenses/gpl-3.0.txt
2025-06-10 12:18:38 +02:00
kolaente
333e35e648 feat: add expand property to read one task 2025-01-24 11:20:23 +01:00
kolaente
c252c8f0cd fix: reset id before creating 2024-09-17 10:46:14 +02:00
kolaente
2063da9eec chore(web): move web handler package to Vikunja 2024-08-29 16:15:28 +02:00
kolaente
a6fccfb908 fix(webhook): log errors in webhook response 2024-06-03 13:11:44 +02:00
kolaente
57bd5aca80 fix(webhooks): send application/json header 2023-12-06 14:09:49 +01:00
kolaente
55d345e236 feat(webhooks): validate events and target url 2023-10-20 12:42:28 +02:00
kolaente
61cd08fa13 fix(webhooks): add created by user object when creating a webhook 2023-10-18 22:18:45 +02:00
kolaente
72366a5b27 feat(webhooks): add created by user object when returning all webhooks 2023-10-18 20:06:07 +02:00
kolaente
b4e3d8ee47 fix(webhooks): lint 2023-10-17 20:40:09 +02:00
kolaente
7a74e491da fix(webhooks): lint 2023-10-17 20:35:14 +02:00
kolaente
2c84cec044 docs(webhooks): add swagger docs for all webhook endpoints 2023-10-17 20:35:14 +02:00
kolaente
fc0029eed7 fix(webhooks): don't send the proxy auth header to the webhook target 2023-10-17 20:35:14 +02:00
kolaente
1b82f26d3e chore(webhooks): simplify registering webhook events 2023-10-17 20:35:13 +02:00
kolaente
ec4aa606e2 chore(webhooks): reuse webhook client 2023-10-17 20:35:13 +02:00
kolaente
831aa4a014 feat(webhooks): add support for webhook proxy 2023-10-17 20:35:13 +02:00
kolaente
b38360c9a5 feat(webhooks): add timeout config option 2023-10-17 20:35:13 +02:00
kolaente
34a92b759e feat(webhooks): add setting to enable webhooks 2023-10-17 20:35:13 +02:00
kolaente
a0d8b28813 feat(webhooks): add hmac signing 2023-10-17 20:35:13 +02:00
kolaente
4253d14367 chore(webhooks): remove WebhookEvent interface 2023-10-17 20:35:13 +02:00
kolaente
96ccf6b923 feat(webhooks): add route to get all available webhook events 2023-10-17 20:35:13 +02:00
kolaente
57de44694c feat(webhooks): add index on project id 2023-10-17 20:35:13 +02:00
kolaente
c5de41f183 feat(webhooks): add event listener to send webhook payload 2023-10-17 20:35:12 +02:00
kolaente
e5b8d8bd2d feat(webhooks): register task and project events as webhook 2023-10-17 20:35:12 +02:00
kolaente
ad7d485eb5 feat(webhooks): add basic crud actions for webhooks 2023-10-17 20:35:12 +02:00