CodeCow/chatwoot
1
0
Fork 0
mirror of https://github.com/chatwoot/chatwoot.git synced 2026-06-13 21:01:16 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
debug/wider-generation
chatwoot/app/models/integrations/hook.rb
Aakash Bakhle 3253e863ed
fix: validate OpenAI hook credentials (#14068) 
# Pull Request Template

## Description

- Validates openai key while configuring hooks
- added backfill logic

Fixes # (issue)

## Type of change

- [x] New feature (non-breaking change which adds functionality)


## How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide
instructions so we can reproduce. Please also list any relevant details
for your test configuration.
locally

<img width="1710" height="1234" alt="CleanShot 2026-04-15 at 16 15
02@2x"
src="https://github.com/user-attachments/assets/3d319fe0-19f9-4fd0-9308-74987daac2e1"
/>

<img width="2884" height="1136" alt="CleanShot 2026-05-11 at 19 22
53@2x"
src="https://github.com/user-attachments/assets/5eae8650-985b-4c4a-af42-35f7175ff52d"
/>



## Checklist:

- [x] My code follows the style guidelines of this project
- [x] I have performed a self-review of my code
- [x] I have commented on my code, particularly in hard-to-understand
areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [x] I have added tests that prove my fix is effective or that my
feature works
- [x] New and existing unit tests pass locally with my changes
- [x] Any dependent changes have been merged and published in downstream
modules

---------

Co-authored-by: Vishnu Narayanan <iamwishnu@gmail.com>
2026-05-18 14:08:57 +05:30

136 lines
3.9 KiB
Ruby
Raw Permalink Blame History

# == Schema Information
#
# Table name: integrations_hooks
#
# id :bigint not null, primary key
# access_token :string
# hook_type :integer default("account")
# settings :jsonb
# status :integer default("enabled")
# created_at :datetime not null
# updated_at :datetime not null
# account_id :integer
# app_id :string
# inbox_id :integer
# reference_id :string
#
class Integrations::Hook < ApplicationRecord
include Reauthorizable
attr_readonly :app_id, :account_id, :inbox_id, :hook_type
before_validation :ensure_hook_type
after_create :trigger_setup_if_crm
# TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
encrypts :access_token, deterministic: true if Chatwoot.encryption_configured?
validates :account_id, presence: true
validates :app_id, presence: true
validates :inbox_id, presence: true, if: -> { hook_type == 'inbox' }
validate :validate_settings_json_schema
validate :ensure_feature_enabled
validate :validate_openai_api_key, if: :validate_openai_api_key?
validates :app_id, uniqueness: { scope: [:account_id], unless: -> { app.present? && app.params[:allow_multiple_hooks].present? } }
# TODO: This seems to be only used for slack at the moment
# We can add a validator when storing the integration settings and toggle this in future
enum status: { disabled: 0, enabled: 1 }
belongs_to :account
belongs_to :inbox, optional: true
has_secure_token :access_token
enum hook_type: { account: 0, inbox: 1 }
scope :account_hooks, -> { where(hook_type: 'account') }
scope :inbox_hooks, -> { where(hook_type: 'inbox') }
def app
@app ||= Integrations::App.find(id: app_id)
end
def slack?
app_id == 'slack'
end
def dialogflow?
app_id == 'dialogflow'
end
def openai?
app_id == 'openai'
end
def notion?
app_id == 'notion'
end
def disable
update(status: 'disabled')
end
def process_event(_event)
# OpenAI integration migrated to Captain::EditorService
# Other integrations (slack, dialogflow, etc.) handled via HookJob
{ error: 'No processor found' }
end
def feature_allowed?
return true if app.blank?
flag = app.params[:feature_flag]
return true unless flag
account.feature_enabled?(flag)
end
private
def ensure_feature_enabled
errors.add(:feature_flag, 'Feature not enabled') unless feature_allowed?
end
def ensure_hook_type
self.hook_type = app.params[:hook_type] if app.present?
end
def validate_settings_json_schema
return if app.blank? || app.params[:settings_json_schema].blank?
errors.add(:settings, ': Invalid settings data') unless JSONSchemer.schema(app.params[:settings_json_schema]).valid?(settings)
end
# TODO: When adding credential validation for other integrations (dialogflow, dyte, etc.),
# extract this into an app-level config flag in apps.yml instead of hardcoding app_id checks.
def validate_openai_api_key?
openai? && enabled? && (new_record? || openai_api_key_changed? || will_save_change_to_status?)
end
def openai_api_key_changed?
settings_api_key(settings) != settings_api_key(settings_in_database)
end
def validate_openai_api_key
return if Integrations::Openai::KeyValidator.valid?(settings_api_key(settings))
errors.add(:base, I18n.t('errors.openai.invalid_api_key'))
end
def settings_api_key(value)
value&.dig('api_key') || value&.dig(:api_key)
end
def trigger_setup_if_crm
# we need setup services to create data prerequisite to functioning of the integration
# in case of Leadsquared, we need to create a custom activity type for capturing conversations and transcripts
# https://apidocs.leadsquared.com/create-new-activity-type-api/
return unless crm_integration?
::Crm::SetupJob.perform_later(id)
end
def crm_integration?
%w[leadsquared].include?(app_id)
end
end
Reference in New Issue View Git Blame Copy Permalink