Add webhook integration functionality and enhance project controller

Signed-off-by: Rafi <refaei.shikho@hotmail.com>

Author: refoo0

cmd/devguard/api/api.go

@@ -403,6 +403,8 @@ func BuildRouter(db core.DB) *echo.Echo {
 	policyRepository := repositories.NewPolicyRepository(db)
 	licenseOverwriteRepository := repositories.NewLicenseOverwriteRepository(db)
 
+	webhookRepository := repositories.NewWebhookRepository(db)
+
 	dependencyVulnService := vuln.NewService(dependencyVulnRepository, vulnEventRepository, assetRepository, cveRepository, orgRepository, projectRepository, thirdPartyIntegration, assetVersionRepository)
 	firstPartyVulnService := vuln.NewFirstPartyVulnService(firstPartyVulnRepository, vulnEventRepository, assetRepository)
 	projectService := project.NewService(projectRepository, assetRepository)
@@ -427,7 +429,7 @@ func BuildRouter(db core.DB) *echo.Echo {
 	policyController := compliance.NewPolicyController(policyRepository, projectRepository)
 	patController := pat.NewHTTPController(patRepository)
 	orgController := org.NewHTTPController(orgRepository, orgService, casbinRBACProvider, projectService, invitationRepository)
-	projectController := project.NewHTTPController(projectRepository, assetRepository, projectService)
+	projectController := project.NewHTTPController(projectRepository, assetRepository, projectService, webhookRepository)
 	assetController := asset.NewHTTPController(assetRepository, assetVersionRepository, assetService, dependencyVulnService, statisticsService)
 
 	scanController := scan.NewHTTPController(db, cveRepository, componentRepository, assetRepository, assetVersionRepository, assetVersionService, statisticsService, dependencyVulnService)
@@ -570,6 +572,10 @@ func BuildRouter(db core.DB) *echo.Echo {
 	projectRouter := organizationRouter.Group("/projects/:projectSlug", projectAccessControl(projectService, "project", core.ActionRead))
 	projectRouter.GET("/", projectController.Read)
 
+	projectRouter.POST("/integrations/webhook/test-and-save/", integrationController.TestAndSaveWebhookIntegration, neededScope([]string{"manage"}))
+	projectRouter.PUT("/integrations/webhook/test-and-save/", integrationController.UpdateWebhookIntegration, neededScope([]string{"manage"}))
+	projectRouter.DELETE("/integrations/webhook/:id/", integrationController.DeleteWebhookIntegration, neededScope([]string{"manage"}))
+
 	projectRouter.PUT("/policies/:policyID/", policyController.EnablePolicyForProject, neededScope([]string{"manage"}), projectScopedRBAC(core.ObjectProject, core.ActionUpdate))
 	projectRouter.DELETE("/policies/:policyID/", policyController.DisablePolicyForProject, neededScope([]string{"manage"}), projectScopedRBAC(core.ObjectProject, core.ActionDelete))
 

internal/core/common_interfaces.go

@@ -331,6 +331,7 @@ type WebhookIntegrationRepository interface {
 	FindByOrgIDAndProjectID(orgID uuid.UUID, projectID uuid.UUID) ([]models.WebhookIntegration, error)
 	Delete(tx DB, id uuid.UUID) error
 	GetClientByIntegrationID(integrationID uuid.UUID) (models.WebhookIntegration, error)
+	GetProjectWebhooks(orgID uuid.UUID, projectID uuid.UUID) ([]models.WebhookIntegration, error)
 }
 
 type GitlabIntegrationRepository interface {

internal/core/integrations/webhook/webhook_integration.go

@@ -68,8 +68,14 @@ func (w *WebhookIntegration) Update(ctx core.Context) error {
 	if err != nil {
 		return ctx.JSON(400, "invalid id format")
 	}
-	webhookIntegration := &models.WebhookIntegration{
 
+	oldWebhookIntegration, err := w.webhookRepository.GetClientByIntegrationID(uuidID)
+	if err != nil {
+		slog.Error("failed to get webhook integration by ID", "err", err)
+		return ctx.JSON(500, "failed to get webhook integration")
+	}
+
+	webhookIntegration := &models.WebhookIntegration{
 		Model: models.Model{
 			ID: uuidID,
 		},
@@ -79,7 +85,8 @@ func (w *WebhookIntegration) Update(ctx core.Context) error {
 		Secret:      &data.Secret,
 		SbomEnabled: data.SbomEnabled,
 		VulnEnabled: data.VulnEnabled,
-		OrgID:       core.GetOrg(ctx).GetID(),
+		OrgID:       oldWebhookIntegration.OrgID,
+		ProjectID:   oldWebhookIntegration.ProjectID,
 	}
 
 	if err := w.webhookRepository.Save(nil, webhookIntegration); err != nil {
@@ -104,7 +111,6 @@ func (w *WebhookIntegration) TestAndSave(ctx core.Context) error {
 		Secret      string `json:"secret"`
 		SbomEnabled bool   `json:"sbomEnabled"`
 		VulnEnabled bool   `json:"vulnEnabled"`
-		ProjectID   string `json:"projectId"` // Optional, can be empty if not associated with a project
 	}
 
 	if err := ctx.Bind(&data); err != nil {
@@ -115,12 +121,11 @@ func (w *WebhookIntegration) TestAndSave(ctx core.Context) error {
 	}
 
 	var projectID *uuid.UUID
-	if data.ProjectID != "" {
-		parsedProjectID, err := uuid.Parse(data.ProjectID)
-		if err != nil {
-			return ctx.JSON(400, "invalid project ID format")
-		}
-		projectID = &parsedProjectID
+
+	ok := core.HasProject(ctx)
+	if ok {
+		projID := core.GetProject(ctx).GetID()
+		projectID = &projID
 	}
 
 	webhookIntegration := &models.WebhookIntegration{

internal/core/project/project_controller.go

@@ -19,6 +19,7 @@ import (
 	"encoding/json"
 	"fmt"
 
+	"github.com/l3montree-dev/devguard/internal/common"
 	"github.com/l3montree-dev/devguard/internal/core"
 	"github.com/l3montree-dev/devguard/internal/database/models"
 	"github.com/l3montree-dev/devguard/internal/utils"
@@ -31,13 +32,15 @@ type controller struct {
 	projectRepository core.ProjectRepository
 	assetRepository   core.AssetRepository
 	projectService    core.ProjectService
+	webhookRepository core.WebhookIntegrationRepository
 }
 
-func NewHTTPController(repository core.ProjectRepository, assetRepository core.AssetRepository, projectService core.ProjectService) *controller {
+func NewHTTPController(repository core.ProjectRepository, assetRepository core.AssetRepository, projectService core.ProjectService, webhookRepository core.WebhookIntegrationRepository) *controller {
 	return &controller{
 		projectRepository: repository,
 		assetRepository:   assetRepository,
 		projectService:    projectService,
+		webhookRepository: webhookRepository,
 	}
 }
 
@@ -268,14 +271,44 @@ func (projectController *controller) Read(c core.Context) error {
 		return err
 	}
 
+	//get the webhooks
+	webhooks, err := projectController.getWebhooks(c)
+	if err != nil {
+		return echo.NewHTTPError(500, "could not fetch webhooks").WithInternal(err)
+	}
+
 	resp := projectDetailsDTO{
 		ProjectDTO: fromModel(project),
 		Members:    members,
+		Webhooks:   webhooks,
 	}
 
 	return c.JSON(200, resp)
 }
 
+func (projectController *controller) getWebhooks(c core.Context) ([]common.WebhookIntegrationDTO, error) {
+
+	orgID := core.GetOrg(c).GetID()
+	projectID := core.GetProject(c).GetID()
+
+	webhooks, err := projectController.webhookRepository.GetProjectWebhooks(orgID, projectID)
+	if err != nil {
+		return nil, fmt.Errorf("could not fetch webhooks: %w", err)
+	}
+
+	return utils.Map(webhooks, func(w models.WebhookIntegration) common.WebhookIntegrationDTO {
+		return common.WebhookIntegrationDTO{
+			ID:          w.ID.String(),
+			Name:        *w.Name,
+			Description: *w.Description,
+			URL:         w.URL,
+			Secret:      *w.Secret,
+			SbomEnabled: w.SbomEnabled,
+			VulnEnabled: w.VulnEnabled,
+		}
+	}), nil
+}
+
 func (projectController *controller) List(c core.Context) error {
 	// get all projects the user has at least read access to - might be public projects as well
 	projects, err := projectController.projectService.ListAllowedProjects(c)

internal/core/project/project_dto.go

@@ -18,6 +18,7 @@ package project
 import (
 	"github.com/google/uuid"
 	"github.com/gosimple/slug"
+	"github.com/l3montree-dev/devguard/internal/common"
 	"github.com/l3montree-dev/devguard/internal/core"
 	"github.com/l3montree-dev/devguard/internal/database/models"
 	"github.com/l3montree-dev/devguard/internal/utils"
@@ -128,7 +129,8 @@ type ProjectDTO struct {
 
 type projectDetailsDTO struct {
 	ProjectDTO
-	Members []core.User `json:"members"`
+	Members  []core.User                    `json:"members"`
+	Webhooks []common.WebhookIntegrationDTO `json:"webhooks"`
 }
 
 func fromModel(project models.Project) ProjectDTO {

internal/database/repositories/org_repository.go

@@ -68,7 +68,7 @@ func (g *orgRepository) Save(tx core.DB, org *models.Org) error {
 
 func (g *orgRepository) ReadBySlug(slug string) (models.Org, error) {
 	var t models.Org
-	err := g.db.Model(models.Org{}).Preload("GithubAppInstallations").Preload("JiraIntegrations").Preload("GitLabIntegrations").Preload("Webhooks").Where("slug = ?", slug).First(&t).Error
+	err := g.db.Model(models.Org{}).Preload("GithubAppInstallations").Preload("JiraIntegrations").Preload("GitLabIntegrations").Preload("Webhooks", "project_id IS NULL").Where("slug = ?", slug).First(&t).Error
 	return t, err
 }
 

internal/database/repositories/webhook_repository.go

@@ -27,7 +27,18 @@ func NewWebhookRepository(db core.DB) *webhookRepository {
 func (r *webhookRepository) FindByOrgIDAndProjectID(orgID uuid.UUID, projectID uuid.UUID) ([]models.WebhookIntegration, error) {
 	var integrations []models.WebhookIntegration
 
-	query := r.db.Where("organization_id = ? AND project_id IS NULL", orgID).Or("organization_id = ? AND project_id = ?", orgID, projectID)
+	query := r.db.Where("org_id = ? AND project_id IS NULL", orgID).Or("org_id = ? AND project_id = ?", orgID, projectID)
+
+	if err := query.Find(&integrations).Error; err != nil {
+		return nil, err
+	}
+
+	return integrations, nil
+}
+func (r *webhookRepository) GetProjectWebhooks(orgID uuid.UUID, projectID uuid.UUID) ([]models.WebhookIntegration, error) {
+	var integrations []models.WebhookIntegration
+
+	query := r.db.Where("org_id = ? AND project_id = ?", orgID, projectID)
 
 	if err := query.Find(&integrations).Error; err != nil {
 		return nil, err