0
0
mirror of https://github.com/PostHog/posthog.git synced 2024-11-25 11:17:50 +01:00
posthog/ee/api/hooks.py

56 lines
1.6 KiB
Python
Raw Normal View History

from typing import cast
from urllib.parse import urlparse
Personal API keys and Zapier integration (#1281) * Add missing migration * Add generate_random_token() model util * Move PublicTokenAuthentication to utils * Make use of generate_random_token * Add User.personal_access_token field * Add PersonalAccessTokenAuthentication * Fix PublicTokenAuthentication * Fix migration and auth import * Add personal_access_token to user API * Update Setup.js * Support trailing slash in API * Improve PAT auth quality * Add django-rest-hooks requirement * Update settings.py for rest_hooks * Fix django-rest-hooks requirement * Bring back API routes with no double trailing slash * Rename posthog.api.team to team_user * Add API TODO * Ad PAT auth with X-PAT HTTP header * Replace User.personal_access_token with PersonalAPIKey model * Fix PersonalAPIKey max_lengths * Describe posthog.models.utils.generate_random_token better * Add personal_api_key to API * Add authenticate_header to PersonalAPIKeyAuthentication * Add hook API endpoint * Use django.utils.timezone in place of datetime.datetime * Add Personal API Keys to Setup * Sort personal_api_keys in ORM * Add Action.on_perform() * Remove requirements.txt comment * Add a * Add REST hook tasks * Optimize PersonalAPIKeyAuthentication query * Add a trailing slash version of /e endpoint * Add team field to PersonalAPIKey model * Add personal API key support to capture endpoint, get_cached_from_token * Reject personal API keys from inactive users * Add extra_properties_json field to /capture * Improve PAK auth header regex * Use custom hook model * Deliver hooks * Handle action.on_perform * Consolidate userLogic in userLogic.tsx * Update PersonalAPIKeys.js * Make PersonalAPIKey foreign keys read-only * Update requirements/dev.txt * Make PersonalAPIKeys TSX * Fix conflict * Fix migration * Fix minor mishaps * Update and fix tests * Use CharField of random 32 bits as hook.id * Fix conflicting migrations * Fix ValidationError in HookSerializer.validate_event * Use query param in /api/event/actions ID filtering * Rename endpoint `hook` to `hooks` * Satisfy mypy * Add tests * Use DRF serialization in action_defined and annotation_created triggers * Update migration leafs * Make mypy ignore rest_hooks * Update Django signal receiver names * Update TS dependencies * Revert "Update TS dependencies" This reverts commit 7fc26fefcdc16e630e1c8fd2c510fd323d97169f. * Add field user to Hook model * Update migration leafs * Fix circular import * Fix some code * Install git before running pip install in Dockerfiles * Improve personal API keys UI * Satisfy mypy * Reword key label placeholder * Add personal API key support to /api/user/* Unfortunately these endpoints are still limited by CSRF protections at the moment, so not accessible outside PostHog itself. * Improve PersonalAPIKeyAuthentication and add CsrfOrKeyViewMiddleware * Run collectstatic before test * Don't install dev dependencies in CI * Update dependency installation order in CI * Fix bug and describe PersonalAPIKeyAuthentication * Fix CI issues * Fix typing issues * Fix more typing issues * Use /api/personal_api_keys to list keys * Move REST hooks (and therefore Zapier) to ee/ * Refactor personal API logic with kea-loaders * Add "More about API authentication in PostHog docs." * Update PersonalAPIKeys.tsx * Use TestMixin * Fix "Authentication" that should've been "Authorization" * Add option to skip self.client.force_login in API tests * Include team_id and user_id in personal API key serialization * Update test_hooks.py * Add personal API key tests * Remove leftover * Make ee.settings override posthog.settings * Don't directly import from models * Remove unused imports * Fix mypy issues * Fix HOOK_DELIVERER * Use decorator for /api/user PAK auth * Don't fire REST hook if user doesn't have "zapier" feature * Import Optional * Reword to "premium Zapier" * Make mypy happy * Fix test_delete_personal_api_key * Fix misclick * Fix and test /capture with personal API key * Make mypy happy * Remove extra_properties_json * Resolve migrations * Remove apt-utils * Optimize and test PAK user.is_active filtering * Replace DEBUG true with 1 * Remove unused instance_id * Improve typing * Fix deletion toast * Refactor CopyToClipboard and use it in PAKs * Use toast.success * Update migrations * Fix migration * Fix migrations * Complete merge Co-authored-by: Tim Glaser <tim@glsr.nl>
2020-08-26 10:34:57 +02:00
from django.conf import settings
from rest_framework import exceptions, serializers, viewsets
from rest_framework.permissions import IsAuthenticated
Personal API keys and Zapier integration (#1281) * Add missing migration * Add generate_random_token() model util * Move PublicTokenAuthentication to utils * Make use of generate_random_token * Add User.personal_access_token field * Add PersonalAccessTokenAuthentication * Fix PublicTokenAuthentication * Fix migration and auth import * Add personal_access_token to user API * Update Setup.js * Support trailing slash in API * Improve PAT auth quality * Add django-rest-hooks requirement * Update settings.py for rest_hooks * Fix django-rest-hooks requirement * Bring back API routes with no double trailing slash * Rename posthog.api.team to team_user * Add API TODO * Ad PAT auth with X-PAT HTTP header * Replace User.personal_access_token with PersonalAPIKey model * Fix PersonalAPIKey max_lengths * Describe posthog.models.utils.generate_random_token better * Add personal_api_key to API * Add authenticate_header to PersonalAPIKeyAuthentication * Add hook API endpoint * Use django.utils.timezone in place of datetime.datetime * Add Personal API Keys to Setup * Sort personal_api_keys in ORM * Add Action.on_perform() * Remove requirements.txt comment * Add a * Add REST hook tasks * Optimize PersonalAPIKeyAuthentication query * Add a trailing slash version of /e endpoint * Add team field to PersonalAPIKey model * Add personal API key support to capture endpoint, get_cached_from_token * Reject personal API keys from inactive users * Add extra_properties_json field to /capture * Improve PAK auth header regex * Use custom hook model * Deliver hooks * Handle action.on_perform * Consolidate userLogic in userLogic.tsx * Update PersonalAPIKeys.js * Make PersonalAPIKey foreign keys read-only * Update requirements/dev.txt * Make PersonalAPIKeys TSX * Fix conflict * Fix migration * Fix minor mishaps * Update and fix tests * Use CharField of random 32 bits as hook.id * Fix conflicting migrations * Fix ValidationError in HookSerializer.validate_event * Use query param in /api/event/actions ID filtering * Rename endpoint `hook` to `hooks` * Satisfy mypy * Add tests * Use DRF serialization in action_defined and annotation_created triggers * Update migration leafs * Make mypy ignore rest_hooks * Update Django signal receiver names * Update TS dependencies * Revert "Update TS dependencies" This reverts commit 7fc26fefcdc16e630e1c8fd2c510fd323d97169f. * Add field user to Hook model * Update migration leafs * Fix circular import * Fix some code * Install git before running pip install in Dockerfiles * Improve personal API keys UI * Satisfy mypy * Reword key label placeholder * Add personal API key support to /api/user/* Unfortunately these endpoints are still limited by CSRF protections at the moment, so not accessible outside PostHog itself. * Improve PersonalAPIKeyAuthentication and add CsrfOrKeyViewMiddleware * Run collectstatic before test * Don't install dev dependencies in CI * Update dependency installation order in CI * Fix bug and describe PersonalAPIKeyAuthentication * Fix CI issues * Fix typing issues * Fix more typing issues * Use /api/personal_api_keys to list keys * Move REST hooks (and therefore Zapier) to ee/ * Refactor personal API logic with kea-loaders * Add "More about API authentication in PostHog docs." * Update PersonalAPIKeys.tsx * Use TestMixin * Fix "Authentication" that should've been "Authorization" * Add option to skip self.client.force_login in API tests * Include team_id and user_id in personal API key serialization * Update test_hooks.py * Add personal API key tests * Remove leftover * Make ee.settings override posthog.settings * Don't directly import from models * Remove unused imports * Fix mypy issues * Fix HOOK_DELIVERER * Use decorator for /api/user PAK auth * Don't fire REST hook if user doesn't have "zapier" feature * Import Optional * Reword to "premium Zapier" * Make mypy happy * Fix test_delete_personal_api_key * Fix misclick * Fix and test /capture with personal API key * Make mypy happy * Remove extra_properties_json * Resolve migrations * Remove apt-utils * Optimize and test PAK user.is_active filtering * Replace DEBUG true with 1 * Remove unused instance_id * Improve typing * Fix deletion toast * Refactor CopyToClipboard and use it in PAKs * Use toast.success * Update migrations * Fix migration * Fix migrations * Complete merge Co-authored-by: Tim Glaser <tim@glsr.nl>
2020-08-26 10:34:57 +02:00
from ee.models.hook import Hook
from posthog.api.routing import StructuredViewSetMixin
from posthog.models.user import User
from posthog.permissions import (
OrganizationMemberPermissions,
TeamMemberAccessPermission,
)
Personal API keys and Zapier integration (#1281) * Add missing migration * Add generate_random_token() model util * Move PublicTokenAuthentication to utils * Make use of generate_random_token * Add User.personal_access_token field * Add PersonalAccessTokenAuthentication * Fix PublicTokenAuthentication * Fix migration and auth import * Add personal_access_token to user API * Update Setup.js * Support trailing slash in API * Improve PAT auth quality * Add django-rest-hooks requirement * Update settings.py for rest_hooks * Fix django-rest-hooks requirement * Bring back API routes with no double trailing slash * Rename posthog.api.team to team_user * Add API TODO * Ad PAT auth with X-PAT HTTP header * Replace User.personal_access_token with PersonalAPIKey model * Fix PersonalAPIKey max_lengths * Describe posthog.models.utils.generate_random_token better * Add personal_api_key to API * Add authenticate_header to PersonalAPIKeyAuthentication * Add hook API endpoint * Use django.utils.timezone in place of datetime.datetime * Add Personal API Keys to Setup * Sort personal_api_keys in ORM * Add Action.on_perform() * Remove requirements.txt comment * Add a * Add REST hook tasks * Optimize PersonalAPIKeyAuthentication query * Add a trailing slash version of /e endpoint * Add team field to PersonalAPIKey model * Add personal API key support to capture endpoint, get_cached_from_token * Reject personal API keys from inactive users * Add extra_properties_json field to /capture * Improve PAK auth header regex * Use custom hook model * Deliver hooks * Handle action.on_perform * Consolidate userLogic in userLogic.tsx * Update PersonalAPIKeys.js * Make PersonalAPIKey foreign keys read-only * Update requirements/dev.txt * Make PersonalAPIKeys TSX * Fix conflict * Fix migration * Fix minor mishaps * Update and fix tests * Use CharField of random 32 bits as hook.id * Fix conflicting migrations * Fix ValidationError in HookSerializer.validate_event * Use query param in /api/event/actions ID filtering * Rename endpoint `hook` to `hooks` * Satisfy mypy * Add tests * Use DRF serialization in action_defined and annotation_created triggers * Update migration leafs * Make mypy ignore rest_hooks * Update Django signal receiver names * Update TS dependencies * Revert "Update TS dependencies" This reverts commit 7fc26fefcdc16e630e1c8fd2c510fd323d97169f. * Add field user to Hook model * Update migration leafs * Fix circular import * Fix some code * Install git before running pip install in Dockerfiles * Improve personal API keys UI * Satisfy mypy * Reword key label placeholder * Add personal API key support to /api/user/* Unfortunately these endpoints are still limited by CSRF protections at the moment, so not accessible outside PostHog itself. * Improve PersonalAPIKeyAuthentication and add CsrfOrKeyViewMiddleware * Run collectstatic before test * Don't install dev dependencies in CI * Update dependency installation order in CI * Fix bug and describe PersonalAPIKeyAuthentication * Fix CI issues * Fix typing issues * Fix more typing issues * Use /api/personal_api_keys to list keys * Move REST hooks (and therefore Zapier) to ee/ * Refactor personal API logic with kea-loaders * Add "More about API authentication in PostHog docs." * Update PersonalAPIKeys.tsx * Use TestMixin * Fix "Authentication" that should've been "Authorization" * Add option to skip self.client.force_login in API tests * Include team_id and user_id in personal API key serialization * Update test_hooks.py * Add personal API key tests * Remove leftover * Make ee.settings override posthog.settings * Don't directly import from models * Remove unused imports * Fix mypy issues * Fix HOOK_DELIVERER * Use decorator for /api/user PAK auth * Don't fire REST hook if user doesn't have "zapier" feature * Import Optional * Reword to "premium Zapier" * Make mypy happy * Fix test_delete_personal_api_key * Fix misclick * Fix and test /capture with personal API key * Make mypy happy * Remove extra_properties_json * Resolve migrations * Remove apt-utils * Optimize and test PAK user.is_active filtering * Replace DEBUG true with 1 * Remove unused instance_id * Improve typing * Fix deletion toast * Refactor CopyToClipboard and use it in PAKs * Use toast.success * Update migrations * Fix migration * Fix migrations * Complete merge Co-authored-by: Tim Glaser <tim@glsr.nl>
2020-08-26 10:34:57 +02:00
class HookSerializer(serializers.ModelSerializer):
class Meta:
model = Hook
fields = ("id", "created", "updated", "event", "target", "resource_id", "team")
read_only_fields = ("team",)
def validate_event(self, event):
if event not in settings.HOOK_EVENTS:
raise exceptions.ValidationError(detail=f"Unexpected event {event}")
return event
def validate_target(self, target):
if not valid_domain(target):
raise exceptions.ValidationError(detail=f"'hooks.zapier.com' is the only allowed target domain")
return target
Personal API keys and Zapier integration (#1281) * Add missing migration * Add generate_random_token() model util * Move PublicTokenAuthentication to utils * Make use of generate_random_token * Add User.personal_access_token field * Add PersonalAccessTokenAuthentication * Fix PublicTokenAuthentication * Fix migration and auth import * Add personal_access_token to user API * Update Setup.js * Support trailing slash in API * Improve PAT auth quality * Add django-rest-hooks requirement * Update settings.py for rest_hooks * Fix django-rest-hooks requirement * Bring back API routes with no double trailing slash * Rename posthog.api.team to team_user * Add API TODO * Ad PAT auth with X-PAT HTTP header * Replace User.personal_access_token with PersonalAPIKey model * Fix PersonalAPIKey max_lengths * Describe posthog.models.utils.generate_random_token better * Add personal_api_key to API * Add authenticate_header to PersonalAPIKeyAuthentication * Add hook API endpoint * Use django.utils.timezone in place of datetime.datetime * Add Personal API Keys to Setup * Sort personal_api_keys in ORM * Add Action.on_perform() * Remove requirements.txt comment * Add a * Add REST hook tasks * Optimize PersonalAPIKeyAuthentication query * Add a trailing slash version of /e endpoint * Add team field to PersonalAPIKey model * Add personal API key support to capture endpoint, get_cached_from_token * Reject personal API keys from inactive users * Add extra_properties_json field to /capture * Improve PAK auth header regex * Use custom hook model * Deliver hooks * Handle action.on_perform * Consolidate userLogic in userLogic.tsx * Update PersonalAPIKeys.js * Make PersonalAPIKey foreign keys read-only * Update requirements/dev.txt * Make PersonalAPIKeys TSX * Fix conflict * Fix migration * Fix minor mishaps * Update and fix tests * Use CharField of random 32 bits as hook.id * Fix conflicting migrations * Fix ValidationError in HookSerializer.validate_event * Use query param in /api/event/actions ID filtering * Rename endpoint `hook` to `hooks` * Satisfy mypy * Add tests * Use DRF serialization in action_defined and annotation_created triggers * Update migration leafs * Make mypy ignore rest_hooks * Update Django signal receiver names * Update TS dependencies * Revert "Update TS dependencies" This reverts commit 7fc26fefcdc16e630e1c8fd2c510fd323d97169f. * Add field user to Hook model * Update migration leafs * Fix circular import * Fix some code * Install git before running pip install in Dockerfiles * Improve personal API keys UI * Satisfy mypy * Reword key label placeholder * Add personal API key support to /api/user/* Unfortunately these endpoints are still limited by CSRF protections at the moment, so not accessible outside PostHog itself. * Improve PersonalAPIKeyAuthentication and add CsrfOrKeyViewMiddleware * Run collectstatic before test * Don't install dev dependencies in CI * Update dependency installation order in CI * Fix bug and describe PersonalAPIKeyAuthentication * Fix CI issues * Fix typing issues * Fix more typing issues * Use /api/personal_api_keys to list keys * Move REST hooks (and therefore Zapier) to ee/ * Refactor personal API logic with kea-loaders * Add "More about API authentication in PostHog docs." * Update PersonalAPIKeys.tsx * Use TestMixin * Fix "Authentication" that should've been "Authorization" * Add option to skip self.client.force_login in API tests * Include team_id and user_id in personal API key serialization * Update test_hooks.py * Add personal API key tests * Remove leftover * Make ee.settings override posthog.settings * Don't directly import from models * Remove unused imports * Fix mypy issues * Fix HOOK_DELIVERER * Use decorator for /api/user PAK auth * Don't fire REST hook if user doesn't have "zapier" feature * Import Optional * Reword to "premium Zapier" * Make mypy happy * Fix test_delete_personal_api_key * Fix misclick * Fix and test /capture with personal API key * Make mypy happy * Remove extra_properties_json * Resolve migrations * Remove apt-utils * Optimize and test PAK user.is_active filtering * Replace DEBUG true with 1 * Remove unused instance_id * Improve typing * Fix deletion toast * Refactor CopyToClipboard and use it in PAKs * Use toast.success * Update migrations * Fix migration * Fix migrations * Complete merge Co-authored-by: Tim Glaser <tim@glsr.nl>
2020-08-26 10:34:57 +02:00
class HookViewSet(StructuredViewSetMixin, viewsets.ModelViewSet):
Personal API keys and Zapier integration (#1281) * Add missing migration * Add generate_random_token() model util * Move PublicTokenAuthentication to utils * Make use of generate_random_token * Add User.personal_access_token field * Add PersonalAccessTokenAuthentication * Fix PublicTokenAuthentication * Fix migration and auth import * Add personal_access_token to user API * Update Setup.js * Support trailing slash in API * Improve PAT auth quality * Add django-rest-hooks requirement * Update settings.py for rest_hooks * Fix django-rest-hooks requirement * Bring back API routes with no double trailing slash * Rename posthog.api.team to team_user * Add API TODO * Ad PAT auth with X-PAT HTTP header * Replace User.personal_access_token with PersonalAPIKey model * Fix PersonalAPIKey max_lengths * Describe posthog.models.utils.generate_random_token better * Add personal_api_key to API * Add authenticate_header to PersonalAPIKeyAuthentication * Add hook API endpoint * Use django.utils.timezone in place of datetime.datetime * Add Personal API Keys to Setup * Sort personal_api_keys in ORM * Add Action.on_perform() * Remove requirements.txt comment * Add a * Add REST hook tasks * Optimize PersonalAPIKeyAuthentication query * Add a trailing slash version of /e endpoint * Add team field to PersonalAPIKey model * Add personal API key support to capture endpoint, get_cached_from_token * Reject personal API keys from inactive users * Add extra_properties_json field to /capture * Improve PAK auth header regex * Use custom hook model * Deliver hooks * Handle action.on_perform * Consolidate userLogic in userLogic.tsx * Update PersonalAPIKeys.js * Make PersonalAPIKey foreign keys read-only * Update requirements/dev.txt * Make PersonalAPIKeys TSX * Fix conflict * Fix migration * Fix minor mishaps * Update and fix tests * Use CharField of random 32 bits as hook.id * Fix conflicting migrations * Fix ValidationError in HookSerializer.validate_event * Use query param in /api/event/actions ID filtering * Rename endpoint `hook` to `hooks` * Satisfy mypy * Add tests * Use DRF serialization in action_defined and annotation_created triggers * Update migration leafs * Make mypy ignore rest_hooks * Update Django signal receiver names * Update TS dependencies * Revert "Update TS dependencies" This reverts commit 7fc26fefcdc16e630e1c8fd2c510fd323d97169f. * Add field user to Hook model * Update migration leafs * Fix circular import * Fix some code * Install git before running pip install in Dockerfiles * Improve personal API keys UI * Satisfy mypy * Reword key label placeholder * Add personal API key support to /api/user/* Unfortunately these endpoints are still limited by CSRF protections at the moment, so not accessible outside PostHog itself. * Improve PersonalAPIKeyAuthentication and add CsrfOrKeyViewMiddleware * Run collectstatic before test * Don't install dev dependencies in CI * Update dependency installation order in CI * Fix bug and describe PersonalAPIKeyAuthentication * Fix CI issues * Fix typing issues * Fix more typing issues * Use /api/personal_api_keys to list keys * Move REST hooks (and therefore Zapier) to ee/ * Refactor personal API logic with kea-loaders * Add "More about API authentication in PostHog docs." * Update PersonalAPIKeys.tsx * Use TestMixin * Fix "Authentication" that should've been "Authorization" * Add option to skip self.client.force_login in API tests * Include team_id and user_id in personal API key serialization * Update test_hooks.py * Add personal API key tests * Remove leftover * Make ee.settings override posthog.settings * Don't directly import from models * Remove unused imports * Fix mypy issues * Fix HOOK_DELIVERER * Use decorator for /api/user PAK auth * Don't fire REST hook if user doesn't have "zapier" feature * Import Optional * Reword to "premium Zapier" * Make mypy happy * Fix test_delete_personal_api_key * Fix misclick * Fix and test /capture with personal API key * Make mypy happy * Remove extra_properties_json * Resolve migrations * Remove apt-utils * Optimize and test PAK user.is_active filtering * Replace DEBUG true with 1 * Remove unused instance_id * Improve typing * Fix deletion toast * Refactor CopyToClipboard and use it in PAKs * Use toast.success * Update migrations * Fix migration * Fix migrations * Complete merge Co-authored-by: Tim Glaser <tim@glsr.nl>
2020-08-26 10:34:57 +02:00
"""
Retrieve, create, update or destroy REST hooks.
Personal API keys and Zapier integration (#1281) * Add missing migration * Add generate_random_token() model util * Move PublicTokenAuthentication to utils * Make use of generate_random_token * Add User.personal_access_token field * Add PersonalAccessTokenAuthentication * Fix PublicTokenAuthentication * Fix migration and auth import * Add personal_access_token to user API * Update Setup.js * Support trailing slash in API * Improve PAT auth quality * Add django-rest-hooks requirement * Update settings.py for rest_hooks * Fix django-rest-hooks requirement * Bring back API routes with no double trailing slash * Rename posthog.api.team to team_user * Add API TODO * Ad PAT auth with X-PAT HTTP header * Replace User.personal_access_token with PersonalAPIKey model * Fix PersonalAPIKey max_lengths * Describe posthog.models.utils.generate_random_token better * Add personal_api_key to API * Add authenticate_header to PersonalAPIKeyAuthentication * Add hook API endpoint * Use django.utils.timezone in place of datetime.datetime * Add Personal API Keys to Setup * Sort personal_api_keys in ORM * Add Action.on_perform() * Remove requirements.txt comment * Add a * Add REST hook tasks * Optimize PersonalAPIKeyAuthentication query * Add a trailing slash version of /e endpoint * Add team field to PersonalAPIKey model * Add personal API key support to capture endpoint, get_cached_from_token * Reject personal API keys from inactive users * Add extra_properties_json field to /capture * Improve PAK auth header regex * Use custom hook model * Deliver hooks * Handle action.on_perform * Consolidate userLogic in userLogic.tsx * Update PersonalAPIKeys.js * Make PersonalAPIKey foreign keys read-only * Update requirements/dev.txt * Make PersonalAPIKeys TSX * Fix conflict * Fix migration * Fix minor mishaps * Update and fix tests * Use CharField of random 32 bits as hook.id * Fix conflicting migrations * Fix ValidationError in HookSerializer.validate_event * Use query param in /api/event/actions ID filtering * Rename endpoint `hook` to `hooks` * Satisfy mypy * Add tests * Use DRF serialization in action_defined and annotation_created triggers * Update migration leafs * Make mypy ignore rest_hooks * Update Django signal receiver names * Update TS dependencies * Revert "Update TS dependencies" This reverts commit 7fc26fefcdc16e630e1c8fd2c510fd323d97169f. * Add field user to Hook model * Update migration leafs * Fix circular import * Fix some code * Install git before running pip install in Dockerfiles * Improve personal API keys UI * Satisfy mypy * Reword key label placeholder * Add personal API key support to /api/user/* Unfortunately these endpoints are still limited by CSRF protections at the moment, so not accessible outside PostHog itself. * Improve PersonalAPIKeyAuthentication and add CsrfOrKeyViewMiddleware * Run collectstatic before test * Don't install dev dependencies in CI * Update dependency installation order in CI * Fix bug and describe PersonalAPIKeyAuthentication * Fix CI issues * Fix typing issues * Fix more typing issues * Use /api/personal_api_keys to list keys * Move REST hooks (and therefore Zapier) to ee/ * Refactor personal API logic with kea-loaders * Add "More about API authentication in PostHog docs." * Update PersonalAPIKeys.tsx * Use TestMixin * Fix "Authentication" that should've been "Authorization" * Add option to skip self.client.force_login in API tests * Include team_id and user_id in personal API key serialization * Update test_hooks.py * Add personal API key tests * Remove leftover * Make ee.settings override posthog.settings * Don't directly import from models * Remove unused imports * Fix mypy issues * Fix HOOK_DELIVERER * Use decorator for /api/user PAK auth * Don't fire REST hook if user doesn't have "zapier" feature * Import Optional * Reword to "premium Zapier" * Make mypy happy * Fix test_delete_personal_api_key * Fix misclick * Fix and test /capture with personal API key * Make mypy happy * Remove extra_properties_json * Resolve migrations * Remove apt-utils * Optimize and test PAK user.is_active filtering * Replace DEBUG true with 1 * Remove unused instance_id * Improve typing * Fix deletion toast * Refactor CopyToClipboard and use it in PAKs * Use toast.success * Update migrations * Fix migration * Fix migrations * Complete merge Co-authored-by: Tim Glaser <tim@glsr.nl>
2020-08-26 10:34:57 +02:00
"""
queryset = Hook.objects.all()
ordering = "-created_at"
permission_classes = [
IsAuthenticated,
OrganizationMemberPermissions,
TeamMemberAccessPermission,
]
Personal API keys and Zapier integration (#1281) * Add missing migration * Add generate_random_token() model util * Move PublicTokenAuthentication to utils * Make use of generate_random_token * Add User.personal_access_token field * Add PersonalAccessTokenAuthentication * Fix PublicTokenAuthentication * Fix migration and auth import * Add personal_access_token to user API * Update Setup.js * Support trailing slash in API * Improve PAT auth quality * Add django-rest-hooks requirement * Update settings.py for rest_hooks * Fix django-rest-hooks requirement * Bring back API routes with no double trailing slash * Rename posthog.api.team to team_user * Add API TODO * Ad PAT auth with X-PAT HTTP header * Replace User.personal_access_token with PersonalAPIKey model * Fix PersonalAPIKey max_lengths * Describe posthog.models.utils.generate_random_token better * Add personal_api_key to API * Add authenticate_header to PersonalAPIKeyAuthentication * Add hook API endpoint * Use django.utils.timezone in place of datetime.datetime * Add Personal API Keys to Setup * Sort personal_api_keys in ORM * Add Action.on_perform() * Remove requirements.txt comment * Add a * Add REST hook tasks * Optimize PersonalAPIKeyAuthentication query * Add a trailing slash version of /e endpoint * Add team field to PersonalAPIKey model * Add personal API key support to capture endpoint, get_cached_from_token * Reject personal API keys from inactive users * Add extra_properties_json field to /capture * Improve PAK auth header regex * Use custom hook model * Deliver hooks * Handle action.on_perform * Consolidate userLogic in userLogic.tsx * Update PersonalAPIKeys.js * Make PersonalAPIKey foreign keys read-only * Update requirements/dev.txt * Make PersonalAPIKeys TSX * Fix conflict * Fix migration * Fix minor mishaps * Update and fix tests * Use CharField of random 32 bits as hook.id * Fix conflicting migrations * Fix ValidationError in HookSerializer.validate_event * Use query param in /api/event/actions ID filtering * Rename endpoint `hook` to `hooks` * Satisfy mypy * Add tests * Use DRF serialization in action_defined and annotation_created triggers * Update migration leafs * Make mypy ignore rest_hooks * Update Django signal receiver names * Update TS dependencies * Revert "Update TS dependencies" This reverts commit 7fc26fefcdc16e630e1c8fd2c510fd323d97169f. * Add field user to Hook model * Update migration leafs * Fix circular import * Fix some code * Install git before running pip install in Dockerfiles * Improve personal API keys UI * Satisfy mypy * Reword key label placeholder * Add personal API key support to /api/user/* Unfortunately these endpoints are still limited by CSRF protections at the moment, so not accessible outside PostHog itself. * Improve PersonalAPIKeyAuthentication and add CsrfOrKeyViewMiddleware * Run collectstatic before test * Don't install dev dependencies in CI * Update dependency installation order in CI * Fix bug and describe PersonalAPIKeyAuthentication * Fix CI issues * Fix typing issues * Fix more typing issues * Use /api/personal_api_keys to list keys * Move REST hooks (and therefore Zapier) to ee/ * Refactor personal API logic with kea-loaders * Add "More about API authentication in PostHog docs." * Update PersonalAPIKeys.tsx * Use TestMixin * Fix "Authentication" that should've been "Authorization" * Add option to skip self.client.force_login in API tests * Include team_id and user_id in personal API key serialization * Update test_hooks.py * Add personal API key tests * Remove leftover * Make ee.settings override posthog.settings * Don't directly import from models * Remove unused imports * Fix mypy issues * Fix HOOK_DELIVERER * Use decorator for /api/user PAK auth * Don't fire REST hook if user doesn't have "zapier" feature * Import Optional * Reword to "premium Zapier" * Make mypy happy * Fix test_delete_personal_api_key * Fix misclick * Fix and test /capture with personal API key * Make mypy happy * Remove extra_properties_json * Resolve migrations * Remove apt-utils * Optimize and test PAK user.is_active filtering * Replace DEBUG true with 1 * Remove unused instance_id * Improve typing * Fix deletion toast * Refactor CopyToClipboard and use it in PAKs * Use toast.success * Update migrations * Fix migration * Fix migrations * Complete merge Co-authored-by: Tim Glaser <tim@glsr.nl>
2020-08-26 10:34:57 +02:00
serializer_class = HookSerializer
def perform_create(self, serializer):
user = cast(User, self.request.user)
serializer.save(user=user, team_id=self.team_id)
def valid_domain(url) -> bool:
target_domain = urlparse(url).netloc
return target_domain == "hooks.zapier.com"