Extract secret size constants in Webhook model (#35104)

2025-07-15 08:48:15 +00:00 · 2025-06-20 06:05:24 -04:00 · 2025-06-20 06:05:24 -04:00 · 54f9a1b43b
commit 54f9a1b43b
parent e9b1c1edfe
2 changed files with 12 additions and 3 deletions
--- a/app/models/webhook.rb
+++ b/app/models/webhook.rb
@ -25,12 +25,15 @@ class Webhook < ApplicationRecord
    status.updated
  ).freeze

+  SECRET_LENGTH_MIN = 12
+  SECRET_SIZE = 20
+
  attr_writer :current_account

  scope :enabled, -> { where(enabled: true) }

  validates :url, presence: true, url: true
-  validates :secret, presence: true, length: { minimum: 12 }
+  validates :secret, presence: true, length: { minimum: SECRET_LENGTH_MIN }
  validates :events, presence: true

  validate :events_validation_error, if: :invalid_events?
@ -41,7 +44,7 @@ class Webhook < ApplicationRecord
  before_validation :generate_secret

  def rotate_secret!
-    update!(secret: SecureRandom.hex(20))
+    update!(secret: random_secret)
  end

  def enable!
@ -93,6 +96,10 @@ class Webhook < ApplicationRecord
  end

  def generate_secret
-    self.secret = SecureRandom.hex(20) if secret.blank?
+    self.secret = random_secret if secret.blank?
+  end
+
+  def random_secret
+    SecureRandom.hex(SECRET_SIZE)
  end
 end
--- a/spec/models/webhook_spec.rb
+++ b/spec/models/webhook_spec.rb
@ -8,6 +8,8 @@ RSpec.describe Webhook do
  describe 'Validations' do
    subject { Fabricate.build :webhook }

+    it { is_expected.to validate_length_of(:secret).is_at_least(described_class::SECRET_LENGTH_MIN) }
+
    it { is_expected.to validate_presence_of(:events) }

    it { is_expected.to_not allow_values([], %w(account.invalid)).for(:events) }