From 54f9a1b43b6a56f497a79e303bed632173804494 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Fri, 20 Jun 2025 06:05:24 -0400 Subject: [PATCH] Extract secret size constants in `Webhook` model (#35104) --- app/models/webhook.rb | 13 ++++++++++--- spec/models/webhook_spec.rb | 2 ++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/app/models/webhook.rb b/app/models/webhook.rb index f9d6564c9..e3dff7636 100644 --- a/app/models/webhook.rb +++ b/app/models/webhook.rb @@ -25,12 +25,15 @@ class Webhook < ApplicationRecord status.updated ).freeze + SECRET_LENGTH_MIN = 12 + SECRET_SIZE = 20 + attr_writer :current_account scope :enabled, -> { where(enabled: true) } validates :url, presence: true, url: true - validates :secret, presence: true, length: { minimum: 12 } + validates :secret, presence: true, length: { minimum: SECRET_LENGTH_MIN } validates :events, presence: true validate :events_validation_error, if: :invalid_events? @@ -41,7 +44,7 @@ class Webhook < ApplicationRecord before_validation :generate_secret def rotate_secret! - update!(secret: SecureRandom.hex(20)) + update!(secret: random_secret) end def enable! @@ -93,6 +96,10 @@ class Webhook < ApplicationRecord end def generate_secret - self.secret = SecureRandom.hex(20) if secret.blank? + self.secret = random_secret if secret.blank? + end + + def random_secret + SecureRandom.hex(SECRET_SIZE) end end diff --git a/spec/models/webhook_spec.rb b/spec/models/webhook_spec.rb index 59b4212d6..a712d5e7f 100644 --- a/spec/models/webhook_spec.rb +++ b/spec/models/webhook_spec.rb @@ -8,6 +8,8 @@ RSpec.describe Webhook do describe 'Validations' do subject { Fabricate.build :webhook } + it { is_expected.to validate_length_of(:secret).is_at_least(described_class::SECRET_LENGTH_MIN) } + it { is_expected.to validate_presence_of(:events) } it { is_expected.to_not allow_values([], %w(account.invalid)).for(:events) }