Issue#2650: Allow local network ips in gitlab and bitbucket ip filters

2015-06-25 17:06:29 +02:00 · 2015-06-25 17:06:29 +02:00 · fad37091e8
parent 6d33c7821d
commit fad37091e8
4 changed files with 43 additions and 4 deletions
--- a/taiga/hooks/bitbucket/api.py
+++ b/taiga/hooks/bitbucket/api.py
@ -24,7 +24,7 @@ from taiga.hooks.api import BaseWebhookApiViewSet
 from . import event_hooks

 from urllib.parse import parse_qs
-from ipware.ip import get_real_ip
+from ipware.ip import get_ip


 class BitBucketViewSet(BaseWebhookApiViewSet):
@ -60,7 +60,7 @@ class BitBucketViewSet(BaseWebhookApiViewSet):
        bitbucket_config = project.modules_config.config.get("bitbucket", {})
        valid_origin_ips = bitbucket_config.get("valid_origin_ips",
                                                settings.BITBUCKET_VALID_ORIGIN_IPS)
-        origin_ip = get_real_ip(request)
+        origin_ip = get_ip(request)
        if valid_origin_ips and (not origin_ip or origin_ip not in valid_origin_ips):
            return False

--- a/taiga/hooks/gitlab/api.py
+++ b/taiga/hooks/gitlab/api.py
@ -16,7 +16,7 @@

 from django.conf import settings

-from ipware.ip import get_real_ip
+from ipware.ip import get_ip

 from taiga.base.utils import json

@ -50,7 +50,7 @@ class GitLabViewSet(BaseWebhookApiViewSet):

        gitlab_config = project.modules_config.config.get("gitlab", {})
        valid_origin_ips = gitlab_config.get("valid_origin_ips", settings.GITLAB_VALID_ORIGIN_IPS)
-        origin_ip = get_real_ip(request)
+        origin_ip = get_ip(request)
        if valid_origin_ips and (not origin_ip or origin_ip not in valid_origin_ips):
            return False

--- a/tests/integration/test_hooks_bitbucket.py
+++ b/tests/integration/test_hooks_bitbucket.py
@ -73,6 +73,25 @@ def test_invalid_ip(client):
    assert response.status_code == 400


+def test_valid_local_network_ip(client):
+    project = f.ProjectFactory()
+    f.ProjectModulesConfigFactory(project=project, config={
+        "bitbucket": {
+            "secret": "tpnIwJDz4e",
+            "valid_origin_ips": ["192.168.1.1"]
+        }
+    })
+
+    url = reverse("bitbucket-hook-list")
+    url = "{}?project={}&key={}".format(url, project.id, "tpnIwJDz4e")
+    data = {'payload': ['{"commits": []}']}
+    response = client.post(url,
+                           urllib.parse.urlencode(data, True),
+                           content_type="application/x-www-form-urlencoded",
+                           REMOTE_ADDR="192.168.1.1")
+    assert response.status_code == 204
+
+
 def test_not_ip_filter(client):
    project = f.ProjectFactory()
    f.ProjectModulesConfigFactory(project=project, config={
--- a/tests/integration/test_hooks_gitlab.py
+++ b/tests/integration/test_hooks_gitlab.py
@ -78,6 +78,26 @@ def test_invalid_ip(client):
    assert response.status_code == 400


+def test_valid_local_network_ip(client):
+    project = f.ProjectFactory()
+    f.ProjectModulesConfigFactory(project=project, config={
+        "gitlab": {
+            "secret": "tpnIwJDz4e",
+            "valid_origin_ips": ["192.168.1.1"],
+        }
+    })
+
+    url = reverse("gitlab-hook-list")
+    url = "{}?project={}&key={}".format(url, project.id, "tpnIwJDz4e")
+    data = {"test:": "data"}
+    response = client.post(url,
+                           json.dumps(data),
+                           content_type="application/json",
+                           REMOTE_ADDR="192.168.1.1")
+
+    assert response.status_code == 204
+
+
 def test_not_ip_filter(client):
    project = f.ProjectFactory()
    f.ProjectModulesConfigFactory(project=project, config={