[webhooks] add validation of webhook event

Author: capcom6

Diff for: go.mod

@@ -4,7 +4,7 @@ go 1.22.0
 
 require (
 	firebase.google.com/go/v4 v4.12.1
-	github.com/android-sms-gateway/client-go v1.0.2
+	github.com/android-sms-gateway/client-go v1.0.4
 	github.com/ansrivas/fiberprometheus/v2 v2.6.1
 	github.com/capcom6/go-helpers v0.0.0-20240521035631-865ee2879fa3
 	github.com/capcom6/go-infra-fx v0.0.2

Diff for: go.sum

@@ -28,6 +28,10 @@ github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEV
 github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk=
 github.com/android-sms-gateway/client-go v1.0.2 h1:kXWzVeSgBu2bM1yN4ac8tTEm0fX2Tqsn+yr9mMNjNfI=
 github.com/android-sms-gateway/client-go v1.0.2/go.mod h1:DQsReciU1xcaVW3T5Z2bqslNdsAwCFCtghawmA6g6L4=
+github.com/android-sms-gateway/client-go v1.0.3 h1:Q2pMI/1Lhsw7wu+I+nAaMD4yYvzhQPsP2py71HG7rVo=
+github.com/android-sms-gateway/client-go v1.0.3/go.mod h1:DQsReciU1xcaVW3T5Z2bqslNdsAwCFCtghawmA6g6L4=
+github.com/android-sms-gateway/client-go v1.0.4 h1:QZ72TRBJKm11WL/jim+ba7m2J5RLBaICMcy7f/RVfuQ=
+github.com/android-sms-gateway/client-go v1.0.4/go.mod h1:DQsReciU1xcaVW3T5Z2bqslNdsAwCFCtghawmA6g6L4=
 github.com/andybalholm/brotli v1.1.0 h1:eLKJA0d02Lf0mVpIDgYnqXcUn0GqVmEFny3VuID1U3M=
 github.com/andybalholm/brotli v1.1.0/go.mod h1:sms7XGricyQI9K10gOSf56VKKWS4oLer58Q+mhRPtnY=
 github.com/ansrivas/fiberprometheus/v2 v2.6.1 h1:wac3pXaE6BYYTF04AC6K0ktk6vCD+MnDOJZ3SK66kXM=

Diff for: internal/sms-gateway/handlers/webhooks/3rdparty.go

@@ -3,7 +3,7 @@ package webhooks
 import (
 	"fmt"
 
-	"github.com/android-sms-gateway/client-go/smsgateway"
+	dto "github.com/android-sms-gateway/client-go/smsgateway/webhooks"
 	"github.com/capcom6/sms-gateway/internal/sms-gateway/handlers/base"
 	"github.com/capcom6/sms-gateway/internal/sms-gateway/models"
 	"github.com/capcom6/sms-gateway/internal/sms-gateway/modules/auth"
@@ -64,13 +64,17 @@ func (h *ThirdPartyController) get(user models.User, c *fiber.Ctx) error {
 //
 // Register webhook
 func (h *ThirdPartyController) post(user models.User, c *fiber.Ctx) error {
-	dto := &smsgateway.Webhook{}
+	dto := &dto.Webhook{}
 
 	if err := h.BodyParserValidator(c, dto); err != nil {
 		return err
 	}
 
 	if err := h.webhooksSvc.Replace(user.ID, dto); err != nil {
+		if webhooks.IsValidationError(err) {
+			return fiber.NewError(fiber.StatusBadRequest, err.Error())
+		}
+
 		return fmt.Errorf("can't write webhook: %w", err)
 	}
 

Diff for: internal/sms-gateway/modules/webhooks/converters.go

@@ -1,9 +1,11 @@
 package webhooks
 
-import "github.com/android-sms-gateway/client-go/smsgateway"
+import (
+	"github.com/android-sms-gateway/client-go/smsgateway/webhooks"
+)
 
-func webhookToDTO(model *Webhook) smsgateway.Webhook {
-	return smsgateway.Webhook{
+func webhookToDTO(model *Webhook) webhooks.Webhook {
+	return webhooks.Webhook{
 		ID:    model.ExtID,
 		URL:   model.URL,
 		Event: model.Event,

Diff for: internal/sms-gateway/modules/webhooks/errors.go

@@ -0,0 +1,30 @@
+package webhooks
+
+import "fmt"
+
+type ValidationError struct {
+	Field string
+	Value string
+	Err   error
+}
+
+func (e ValidationError) Error() string {
+	return fmt.Sprintf("invalid `%s` = `%s`: %s", e.Field, e.Value, e.Err)
+}
+
+func (e ValidationError) Unwrap() error {
+	return e.Err
+}
+
+func newValidationError(field, value string, err error) ValidationError {
+	return ValidationError{
+		Field: field,
+		Value: value,
+		Err:   err,
+	}
+}
+
+func IsValidationError(err error) bool {
+	_, ok := err.(ValidationError)
+	return ok
+}

Diff for: internal/sms-gateway/modules/webhooks/models.go

@@ -1,7 +1,7 @@
 package webhooks
 
 import (
-	"github.com/android-sms-gateway/client-go/smsgateway"
+	"github.com/android-sms-gateway/client-go/smsgateway/webhooks"
 	"github.com/capcom6/sms-gateway/internal/sms-gateway/models"
 	"gorm.io/gorm"
 )
@@ -11,8 +11,8 @@ type Webhook struct {
 	ExtID  string `json:"id"   gorm:"not null;type:varchar(36);uniqueIndex:unq_webhooks_user_extid,priority:2"`
 	UserID string `json:"-"    gorm:"<-:create;not null;type:varchar(32);uniqueIndex:unq_webhooks_user_extid,priority:1"`
 
-	URL   string                  `json:"url"   validate:"required,http_url"   gorm:"not null;type:varchar(256)"`
-	Event smsgateway.WebhookEvent `json:"event" gorm:"not null;type:varchar(32)"`
+	URL   string             `json:"url"   validate:"required,http_url"   gorm:"not null;type:varchar(256)"`
+	Event webhooks.EventType `json:"event" gorm:"not null;type:varchar(32)"`
 
 	User models.User `gorm:"foreignKey:UserID;constraint:OnDelete:CASCADE"`
 

Diff for: internal/sms-gateway/modules/webhooks/service.go

@@ -3,7 +3,7 @@ package webhooks
 import (
 	"fmt"
 
-	"github.com/android-sms-gateway/client-go/smsgateway"
+	"github.com/android-sms-gateway/client-go/smsgateway/webhooks"
 	"github.com/capcom6/go-helpers/slices"
 	"github.com/capcom6/sms-gateway/internal/sms-gateway/modules/db"
 	"github.com/capcom6/sms-gateway/internal/sms-gateway/modules/devices"
@@ -46,7 +46,7 @@ func NewService(params ServiceParams) *Service {
 	}
 }
 
-func (s *Service) Select(userID string, filters ...SelectFilter) ([]smsgateway.Webhook, error) {
+func (s *Service) Select(userID string, filters ...SelectFilter) ([]webhooks.Webhook, error) {
 	filters = append(filters, WithUserID(userID))
 
 	items, err := s.webhooks.Select(filters...)
@@ -57,7 +57,11 @@ func (s *Service) Select(userID string, filters ...SelectFilter) ([]smsgateway.W
 	return slices.Map(items, webhookToDTO), nil
 }
 
-func (s *Service) Replace(userID string, webhook *smsgateway.Webhook) error {
+func (s *Service) Replace(userID string, webhook *webhooks.Webhook) error {
+	if !webhooks.IsValidEventType(webhook.Event) {
+		return newValidationError("event", string(webhook.Event), fmt.Errorf("enum value expected"))
+	}
+
 	if webhook.ID == "" {
 		webhook.ID = s.idgen()
 	}