Allow creating and editing system webhooks.

Fixes #23139, hopefully.

Also, allow creating/editing (but not viewing) the _secret_ associated with each hook.

Author: kousu

models/webhook/webhook_system.go

@@ -46,6 +46,19 @@ func GetSystemWebhooks(ctx context.Context, isActive util.OptionalBool) ([]*Webh
 		Find(&webhooks)
 }
 
+// GetSystemOrDefaultWebhooks returns all admin webhooks.
+func GetSystemOrDefaultWebhooks(ctx context.Context, isActive util.OptionalBool) ([]*Webhook, error) {
+	webhooks := make([]*Webhook, 0, 5)
+	if isActive.IsNone() {
+		return webhooks, db.GetEngine(ctx).
+			Where("repo_id=? AND org_id=?", 0, 0).
+			Find(&webhooks)
+	}
+	return webhooks, db.GetEngine(ctx).
+		Where("repo_id=? AND org_id=? AND is_active = ?", 0, 0, isActive.IsTrue()).
+		Find(&webhooks)
+}
+
 // DeleteDefaultSystemWebhook deletes an admin-configured default or system webhook (where Org and Repo ID both 0)
 func DeleteDefaultSystemWebhook(ctx context.Context, id int64) error {
 	return db.WithTx(ctx, func(ctx context.Context) error {

modules/structs/hook.go

@@ -24,6 +24,7 @@ type Hook struct {
 	Events              []string          `json:"events"`
 	AuthorizationHeader string            `json:"authorization_header"`
 	Active              bool              `json:"active"`
+	IsSystemWebhook     bool              `json:"is_system_webhook"`
 	// swagger:strfmt date-time
 	Updated time.Time `json:"updated_at"`
 	// swagger:strfmt date-time
@@ -48,7 +49,8 @@ type CreateHookOption struct {
 	BranchFilter        string                 `json:"branch_filter" binding:"GlobPattern"`
 	AuthorizationHeader string                 `json:"authorization_header"`
 	// default: false
-	Active bool `json:"active"`
+	Active          bool `json:"active"`
+	IsSystemWebhook bool `json:"is_system_webhook"`
 }
 
 // EditHookOption options when modify one hook
@@ -57,6 +59,7 @@ type EditHookOption struct {
 	Events              []string          `json:"events"`
 	BranchFilter        string            `json:"branch_filter" binding:"GlobPattern"`
 	AuthorizationHeader string            `json:"authorization_header"`
+	IsSystemWebhook     *bool             `json:"is_system_webhook"`
 	Active              *bool             `json:"active"`
 }
 

routers/api/v1/admin/hooks.go

@@ -36,7 +36,7 @@ func ListHooks(ctx *context.APIContext) {
 	//   "200":
 	//     "$ref": "#/responses/HookList"
 
-	sysHooks, err := webhook.GetSystemWebhooks(ctx, util.OptionalBoolNone)
+	sysHooks, err := webhook.GetSystemOrDefaultWebhooks(ctx, util.OptionalBoolNone)
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, "GetSystemWebhooks", err)
 		return

routers/api/v1/utils/hook.go

@@ -170,12 +170,13 @@ func addHook(ctx *context.APIContext, form *api.CreateHookOption, ownerID, repoI
 		form.Events = []string{"push"}
 	}
 	w := &webhook.Webhook{
-		OwnerID:     ownerID,
-		RepoID:      repoID,
-		URL:         form.Config["url"],
-		ContentType: webhook.ToHookContentType(form.Config["content_type"]),
-		Secret:      form.Config["secret"],
-		HTTPMethod:  "POST",
+		OwnerID:         ownerID,
+		RepoID:          repoID,
+		URL:             form.Config["url"],
+		ContentType:     webhook.ToHookContentType(form.Config["content_type"]),
+		Secret:          form.Config["secret"],
+		IsSystemWebhook: form.IsSystemWebhook,
+		HTTPMethod:      "POST",
 		HookEvent: &webhook_module.HookEvent{
 			ChooseEvents: true,
 			HookEvents: webhook_module.HookEvents{
@@ -324,6 +325,9 @@ func editHook(ctx *context.APIContext, form *api.EditHookOption, w *webhook.Webh
 			}
 			w.ContentType = webhook.ToHookContentType(ct)
 		}
+		if secret, ok := form.Config["secret"]; ok {
+			w.Secret = secret
+		}
 
 		if w.Type == webhook_module.SLACK {
 			if channel, ok := form.Config["channel"]; ok {
@@ -386,6 +390,10 @@ func editHook(ctx *context.APIContext, form *api.EditHookOption, w *webhook.Webh
 		return false
 	}
 
+	if form.IsSystemWebhook != nil {
+		w.IsSystemWebhook = *form.IsSystemWebhook
+	}
+
 	if form.Active != nil {
 		w.IsActive = *form.Active
 	}

services/webhook/general.go

@@ -251,6 +251,7 @@ func ToHook(repoLink string, w *webhook_model.Webhook) (*api.Hook, error) {
 		Type:                w.Type,
 		URL:                 fmt.Sprintf("%s/settings/hooks/%d", repoLink, w.ID),
 		Active:              w.IsActive,
+		IsSystemWebhook:     w.IsSystemWebhook,
 		Config:              config,
 		Events:              w.EventsArray(),
 		AuthorizationHeader: authorizationHeader,

templates/swagger/v1_json.tmpl

@@ -15903,6 +15903,10 @@
           },
           "x-go-name": "Events"
         },
+        "is_system_webhook": {
+          "type": "boolean",
+          "x-go-name": "IsSystemWebhook"
+        },
         "type": {
           "type": "string",
           "enum": [
@@ -16914,6 +16918,10 @@
             "type": "string"
           },
           "x-go-name": "Events"
+        },
+        "is_system_webhook": {
+          "type": "boolean",
+          "x-go-name": "IsSystemWebhook"
         }
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
@@ -18067,6 +18075,10 @@
           "format": "int64",
           "x-go-name": "ID"
         },
+        "is_system_webhook": {
+          "type": "boolean",
+          "x-go-name": "IsSystemWebhook"
+        },
         "type": {
           "type": "string",
           "x-go-name": "Type"