loosen security a bit on mailgun's webhook

2025-05-22 22:43:33 +08:00 · 2016-06-08 22:38:38 +02:00
parent e38f17524b
commit 3e3538d603
2 changed files with 18 additions and 50 deletions
--- a/spec/controllers/webhooks_controller_spec.rb
+++ b/spec/controllers/webhooks_controller_spec.rb
@ -9,18 +9,17 @@ describe WebhooksController do

    it "works" do
      SiteSetting.mailgun_api_key = "key-8221462f0c915af3f6f2e2df7aa5a493"
-      token = "705a8ccd2ce932be8e98c221fe701c1b4a0afcb8bbd57726de"

+      message_id = "12345@il.com"
      user = Fabricate(:user, email: email)
-      email_log = Fabricate(:email_log, user: user, bounce_key: SecureRandom.hex)
-      return_path = "foo+verp-#{email_log.bounce_key}@bar.com"
+      email_log = Fabricate(:email_log, user: user, message_id: message_id)

      WebhooksController.any_instance.expects(:mailgun_verify).returns(true)

-      post :mailgun, "token" => token,
+      post :mailgun, "token" => "705a8ccd2ce932be8e98c221fe701c1b4a0afcb8bbd57726de",
                     "timestamp" => Time.now.to_i,
                     "event" => "dropped",
-                     "message-headers" => [["Return-Path", return_path]]
+                     "message-id" => message_id

      expect(response).to be_success