feat: api webhooks (#2543)

* dev: initiate external apis

* dev: external api

* dev: external public api implementation

* dev: add prefix to all api tokens

* dev: flag to enable disable api token api access

* dev: webhook model create and apis

* dev: webhook settings

* fix: webhook logs

* chore: removed drf spectacular

* dev: remove retry_count and fix api logging for get requests

* dev: refactor webhook logic

* fix: celery retry mechanism

* chore: event and action change

* chore: migrations changes

* dev: proxy setup for apis

* chore: changed retry time and cleanup

* chore: added issue comment and inbox issue api endpoints

* fix: migration files

* fix: added env variables

* fix: removed issue attachment from proxy

* fix: added new migration file

* fix: restricted wehbook access

* chore: changed urls

* chore: fixed porject serializer

* fix: set expire for api token

* fix: retrive endpoint for api token

* feat: Api Token screens & api integration

* dev: webhook endpoint changes

* dev: add fields for webhook updates

* feat: Download Api secret key

* chore: removed BASE API URL

* feat: revoke token access

* dev: migration fixes

* feat: workspace webhooks (#2748)

* feat: workspace webhook store, services integeration and rendered webhook list and create

* chore: handled webhook update and rengenerate token in workspace webhooks

* feat: regenerate key and delete functionality

---------

Co-authored-by: Ramesh Kumar <rameshkumar@rameshs-MacBook-Pro.local>
Co-authored-by: gurusainath <gurusainath007@gmail.com>
Co-authored-by: Ramesh Kumar Chandra <rameshkumar2299@gmail.com>

* fix: url validation added

* fix: seperated env for webhook and api

* Web hooks refactoring

* add show option for generated hook key

* Api token restructure

* webhook minor fixes

* fix build errors

* chore: improvements in file structring

* dev: rate limiting the open apis

---------

Co-authored-by: pablohashescobar <nikhilschacko@gmail.com>
Co-authored-by: LAKHAN BAHETI <lakhanbaheti9@gmail.com>
Co-authored-by: rahulramesha <71900764+rahulramesha@users.noreply.github.com>
Co-authored-by: Ramesh Kumar <rameshkumar@rameshs-MacBook-Pro.local>
Co-authored-by: gurusainath <gurusainath007@gmail.com>
Co-authored-by: Ramesh Kumar Chandra <rameshkumar2299@gmail.com>
Co-authored-by: Nikhil <118773738+pablohashescobar@users.noreply.github.com>
Co-authored-by: sriram veeraghanta <veeraghanta.sriram@gmail.com>
Co-authored-by: rahulramesha <rahulramesham@gmail.com>

apiserver/plane/db/models/__init__.py

@@ -54,7 +54,7 @@ from .view import GlobalView, IssueView, IssueViewFavorite
 
 from .module import Module, ModuleMember, ModuleIssue, ModuleLink, ModuleFavorite
 
-from .api_token import APIToken
+from .api import APIToken, APIActivityLog
 
 from .integration import (
     WorkspaceIntegration,
@@ -79,3 +79,5 @@ from .analytic import AnalyticView
 from .notification import Notification
 
 from .exporter import ExporterHistory
+
+from .webhook import Webhook, WebhookLog

apiserver/plane/db/models/api.py

@@ -0,0 +1,80 @@
+# Python imports
+from uuid import uuid4
+
+# Django imports
+from django.db import models
+from django.conf import settings
+
+from .base import BaseModel
+
+
+def generate_label_token():
+    return uuid4().hex
+
+
+def generate_token():
+    return "plane_api_" + uuid4().hex
+
+
+class APIToken(BaseModel):
+    # Meta information
+    label = models.CharField(max_length=255, default=generate_label_token)
+    description = models.TextField(blank=True)
+    is_active = models.BooleanField(default=True)
+    last_used = models.DateTimeField(null=True)
+
+    # Token
+    token = models.CharField(
+        max_length=255, unique=True, default=generate_token, db_index=True
+    )
+
+    # User Information
+    user = models.ForeignKey(
+        settings.AUTH_USER_MODEL,
+        on_delete=models.CASCADE,
+        related_name="bot_tokens",
+    )
+    user_type = models.PositiveSmallIntegerField(
+        choices=((0, "Human"), (1, "Bot")), default=0
+    )
+    workspace = models.ForeignKey(
+        "db.Workspace", related_name="api_tokens", on_delete=models.CASCADE, null=True
+    )
+    expired_at = models.DateTimeField(blank=True, null=True)
+
+    class Meta:
+        verbose_name = "API Token"
+        verbose_name_plural = "API Tokems"
+        db_table = "api_tokens"
+        ordering = ("-created_at",)
+
+    def __str__(self):
+        return str(self.user.id)
+
+
+class APIActivityLog(BaseModel):
+    token_identifier = models.CharField(max_length=255)
+
+    # Request Info
+    path = models.CharField(max_length=255)
+    method = models.CharField(max_length=10)
+    query_params = models.TextField(null=True, blank=True)
+    headers = models.TextField(null=True, blank=True)
+    body = models.TextField(null=True, blank=True)
+
+    # Response info
+    response_code = models.PositiveIntegerField()
+    response_body = models.TextField(null=True, blank=True)
+
+    # Meta information
+    ip_address = models.GenericIPAddressField(null=True, blank=True)
+    user_agent = models.CharField(max_length=512, null=True, blank=True)
+
+    class Meta:
+        verbose_name = "API Activity Log"
+        verbose_name_plural = "API Activity Logs"
+        db_table = "api_activity_logs"
+        ordering = ("-created_at",)
+
+    def __str__(self):
+        return str(self.token_identifier)

apiserver/plane/db/models/api_token.py

@@ -1,41 +0,0 @@
-# Python imports
-from uuid import uuid4
-
-# Django imports
-from django.db import models
-from django.conf import settings
-
-from .base import BaseModel
-
-
-def generate_label_token():
-    return uuid4().hex
-
-
-def generate_token():
-    return uuid4().hex + uuid4().hex
-
-
-class APIToken(BaseModel):
-    token = models.CharField(max_length=255, unique=True, default=generate_token)
-    label = models.CharField(max_length=255, default=generate_label_token)
-    user = models.ForeignKey(
-        settings.AUTH_USER_MODEL,
-        on_delete=models.CASCADE,
-        related_name="bot_tokens",
-    )
-    user_type = models.PositiveSmallIntegerField(
-        choices=((0, "Human"), (1, "Bot")), default=0
-    )
-    workspace = models.ForeignKey(
-        "db.Workspace", related_name="api_tokens", on_delete=models.CASCADE, null=True
-    )
-
-    class Meta:
-        verbose_name = "API Token"
-        verbose_name_plural = "API Tokems"
-        db_table = "api_tokens"
-        ordering = ("-created_at",)
-
-    def __str__(self):
-        return str(self.user.name)

apiserver/plane/db/models/webhook.py

@@ -0,0 +1,90 @@
+# Python imports
+from uuid import uuid4
+from urllib.parse import urlparse
+
+# Django imports
+from django.db import models
+from django.core.exceptions import ValidationError
+
+# Module imports
+from plane.db.models import BaseModel
+
+
+def generate_token():
+    return "plane_wh_" + uuid4().hex
+
+
+def validate_schema(value):
+    parsed_url = urlparse(value)
+    print(parsed_url)
+    if parsed_url.scheme not in ["http", "https"]:
+        raise ValidationError("Invalid schema. Only HTTP and HTTPS are allowed.")
+
+
+def validate_domain(value):
+    parsed_url = urlparse(value)
+    domain = parsed_url.netloc
+    if domain in ["localhost", "127.0.0.1"]:
+        raise ValidationError("Local URLs are not allowed.")
+
+
+class Webhook(BaseModel):
+    workspace = models.ForeignKey(
+        "db.Workspace",
+        on_delete=models.CASCADE,
+        related_name="workspace_webhooks",
+    )
+    url = models.URLField(
+        validators=[
+            validate_schema,
+            validate_domain,
+        ]
+    )
+    is_active = models.BooleanField(default=True)
+    secret_key = models.CharField(max_length=255, default=generate_token)
+    project = models.BooleanField(default=False)
+    issue = models.BooleanField(default=False)
+    module = models.BooleanField(default=False)
+    cycle = models.BooleanField(default=False)
+    issue_comment = models.BooleanField(default=False)
+
+    def __str__(self):
+        return f"{self.workspace.slug} {self.url}"
+
+    class Meta:
+        unique_together = ["workspace", "url"]
+        verbose_name = "Webhook"
+        verbose_name_plural = "Webhooks"
+        db_table = "webhooks"
+        ordering = ("-created_at",)
+
+
+class WebhookLog(BaseModel):
+    workspace = models.ForeignKey(
+        "db.Workspace", on_delete=models.CASCADE, related_name="webhook_logs"
+    )
+    # Associated webhook
+    webhook = models.ForeignKey(Webhook, on_delete=models.CASCADE, related_name="logs")
+
+    # Basic request details
+    event_type = models.CharField(max_length=255, blank=True, null=True)
+    request_method = models.CharField(max_length=10, blank=True, null=True)
+    request_headers = models.TextField(blank=True, null=True)
+    request_body = models.TextField(blank=True, null=True)
+
+    # Response details
+    response_status = models.TextField(blank=True, null=True)
+    response_headers = models.TextField(blank=True, null=True)
+    response_body = models.TextField(blank=True, null=True)
+
+    # Retry Count
+    retry_count = models.PositiveSmallIntegerField(default=0)
+
+    class Meta:
+        verbose_name = "Webhook Log"
+        verbose_name_plural = "Webhook Logs"
+        db_table = "webhook_logs"
+        ordering = ("-created_at",)
+
+    def __str__(self):
+        return f"{self.event_type} {str(self.webhook.url)}"