refactor: improve webhook handling and validation, update installation instructions

Author: =

discord-webhooks/README.md

@@ -19,7 +19,7 @@ Send Discord webhook notifications for various server events in Pelican Panel.
 
 ## Installation
 
-1. Copy the `discord-webhooks` folder to your Pelican Panel plugins directory or import it with `https://github.com/jami100YT/pelican-plugins/archive/refs/tags/latest.zip`
+1. Copy the `discord-webhooks` folder to your Pelican Panel plugins directory
 2. Install the plugin
 
 ## Server Status Detection
@@ -28,7 +28,7 @@ Server start/stop detection works via a scheduled command that checks server sta
 
 **Manual check:**
 ```bash
-php artisan webhooks:check-status
+php artisan discord-webhooks:check-status
 ```
 
 ## Usage

discord-webhooks/database/migrations/001_create_webhooks_table.php

@@ -12,13 +12,13 @@ public function up(): void
             $table->increments('id');
             $table->string('name');
             $table->string('webhook_url');
-            $table->unsignedInteger('server_id')->nullable();
+            $table->foreignId('server_id')->nullable()->constrained('servers')->nullOnDelete();
             $table->json('events')->default('[]');
             $table->boolean('enabled')->default(true);
             $table->timestamp('last_triggered_at')->nullable();
             $table->timestamps();
 
-            $table->foreign('server_id')->references('id')->on('servers')->nullOnDelete();
+            // foreignId above handles FK constraint and nullOnDelete
         });
     }
 

discord-webhooks/src/Console/Commands/CheckServerStatus.php

@@ -42,10 +42,10 @@ public function handle(DaemonServerRepository $repository, DiscordWebhookService
 
                 $cacheKey = "webhook_server_status_{$server->id}";
                 $previousState = Cache::get($cacheKey, 'unknown');
+                // Always refresh the cache TTL, even if state hasn't changed
+                Cache::put($cacheKey, $currentState, now()->addHours(24));
 
                 if ($previousState !== $currentState) {
-                    Cache::put($cacheKey, $currentState, now()->addHours(24));
-
                     if ($previousState !== 'unknown') {
                         if ($currentState === 'running') {
                             $webhookService->triggerEvent(WebhookEvent::ServerStarted, $server);

discord-webhooks/src/Filament/Server/Resources/Webhooks/Pages/ManageWebhooks.php

@@ -2,8 +2,8 @@
 
 namespace Notjami\Webhooks\Filament\Server\Resources\Webhooks\Pages;
 
-use Notjami\Webhooks\Filament\Server\Resources\Webhooks\WebhookResource;
 use Filament\Resources\Pages\ManageRecords;
+use Notjami\Webhooks\Filament\Server\Resources\Webhooks\WebhookResource;
 
 class ManageWebhooks extends ManageRecords
 {

discord-webhooks/src/Filament/Server/Resources/Webhooks/WebhookResource.php

@@ -2,15 +2,10 @@
 
 namespace Notjami\Webhooks\Filament\Server\Resources\Webhooks;
 
-use App\Models\Server;
-use Notjami\Webhooks\Filament\Server\Resources\Webhooks\Pages\ManageWebhooks;
-use Notjami\Webhooks\Models\Webhook;
-use Notjami\Webhooks\Enums\WebhookEvent;
-use Notjami\Webhooks\Services\DiscordWebhookService;
+use Filament\Actions\Action;
 use Filament\Actions\CreateAction;
 use Filament\Actions\DeleteAction;
 use Filament\Actions\EditAction;
-use Filament\Actions\Action;
 use Filament\Forms\Components\Select;
 use Filament\Forms\Components\TextInput;
 use Filament\Forms\Components\Toggle;
@@ -20,7 +15,10 @@
 use Filament\Tables\Columns\IconColumn;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;
-
+use Notjami\Webhooks\Enums\WebhookEvent;
+use Notjami\Webhooks\Filament\Server\Resources\Webhooks\Pages\ManageWebhooks;
+use Notjami\Webhooks\Models\Webhook;
+use Notjami\Webhooks\Services\DiscordWebhookService;
 class WebhookResource extends Resource
 {
     protected static ?string $model = Webhook::class;
@@ -58,12 +56,29 @@ public static function table(Table $table): Table
                 TextColumn::make('webhook_url')
                     ->label('Webhook URL')
                     ->limit(30)
-                    ->tooltip(fn ($state) => $state),
+                    ->formatStateUsing(function ($state) {
+                        // Mask the URL: show scheme://host/...****
+                        if (empty($state)) return '';
+                        $parsed = parse_url($state);
+                        if (!$parsed || !isset($parsed['scheme'], $parsed['host'])) return '••••••';
+                        $last4 = substr($parsed['path'] ?? '', -4);
+                        $masked = $parsed['scheme'] . '://' . $parsed['host'] . '/...';
+                        if ($last4) {
+                            $masked .= $last4;
+                        }
+                        return $masked;
+                    })
+                    ->tooltip('••••••'),
                 TextColumn::make('events')
                     ->label('Events')
                     ->badge()
                     ->formatStateUsing(function ($state) {
-                        return collect($state)->map(fn ($event) => WebhookEvent::from($event)->getLabel())->join(', ');
+                        $events = is_array($state) ? $state : (array) $state;
+                        return collect($events)
+                            ->map(fn ($event) => WebhookEvent::tryFrom($event))
+                            ->filter()
+                            ->map(fn ($event) => $event->getLabel())
+                            ->join(', ');
                     }),
                 IconColumn::make('enabled')
                     ->label('Enabled')
@@ -123,6 +138,7 @@ public static function form(Schema $schema): Schema
                     ->placeholder('https://discord.com/api/webhooks/...')
                     ->required()
                     ->url()
+                    ->regex('/^https:\/\/discord\\.com\/api\/webhooks\/.+/')
                     ->maxLength(500)
                     ->columnSpanFull(),
                 Select::make('events')

discord-webhooks/src/Models/Webhook.php

@@ -2,6 +2,8 @@
 
 namespace Notjami\Webhooks\Models;
 
+use Illuminate\Database\Eloquent\Builder;
+
 use App\Models\Server;
 use Carbon\Carbon;
 use Illuminate\Database\Eloquent\Model;
@@ -50,31 +52,38 @@ public function server(): BelongsTo
         return $this->belongsTo(Server::class);
     }
 
-    public function hasEvent(WebhookEvent $event): bool
+    /**
+     * Check if the webhook has the given event.
+     *
+     * @param WebhookEvent|string $event
+     * @return bool
+     */
+    public function hasEvent(WebhookEvent|string $event): bool
     {
-        return in_array($event->value, $this->events);
+        $value = $event instanceof WebhookEvent ? $event->value : $event;
+        return in_array($value, $this->events, true);
     }
 
     public function appliesToServer(Server $server): bool
     {
         return $this->server_id === null || $this->server_id === $server->id;
     }
 
-    public function scopeEnabled($query)
+    public function scopeEnabled(Builder $query): Builder
     {
         return $query->where('enabled', true);
     }
 
-    public function scopeForEvent($query, WebhookEvent $event)
+    public function scopeForEvent(Builder $query, WebhookEvent $event): Builder
     {
         return $query->whereJsonContains('events', $event->value);
     }
 
-    public function scopeForServer($query, Server $server)
+    public function scopeForServer(Builder $query, Server $server): Builder
     {
         return $query->where(function ($q) use ($server) {
             $q->whereNull('server_id')
-              ->orWhere('server_id', $server->id);
+                ->orWhere('server_id', $server->id);
         });
     }
 }

discord-webhooks/src/Providers/WebhooksPluginProvider.php

@@ -41,33 +41,36 @@ protected function registerServerStatusListeners(): void
 
         // Server Installation Events
         Event::listen('eloquent.updating: App\Models\Server', function (Server $server) {
-            $service = app(DiscordWebhookService::class);
-
             // Check if status changed to installing
             if ($server->isDirty('status') && $server->status === 'installing') {
-                $service->triggerEvent(WebhookEvent::ServerInstalling, $server);
+                DB::afterCommit(function () use ($server) {
+                    app(DiscordWebhookService::class)->triggerEvent(WebhookEvent::ServerInstalling, $server);
+                });
             }
 
             // Check if installation completed (status changed from installing to null/running)
             if ($server->isDirty('status') && $server->getOriginal('status') === 'installing' && $server->status === null) {
-                $service->triggerEvent(WebhookEvent::ServerInstalled, $server);
+                DB::afterCommit(function () use ($server) {
+                    app(DiscordWebhookService::class)->triggerEvent(WebhookEvent::ServerInstalled, $server);
+                });
             }
         });
 
         // Try to listen for daemon status events if they exist
         $statusEvents = [
             'App\Events\Server\Started' => WebhookEvent::ServerStarted,
             'App\Events\Server\Stopped' => WebhookEvent::ServerStopped,
-            'App\Events\Server\Starting' => WebhookEvent::ServerStarted,
-            'App\Events\Server\Stopping' => WebhookEvent::ServerStopped,
         ];
 
         foreach ($statusEvents as $eventClass => $webhookEvent) {
             if (class_exists($eventClass)) {
                 Event::listen($eventClass, function ($event) use ($webhookEvent) {
                     $server = $event->server ?? null;
                     if ($server instanceof Server) {
-                        app(DiscordWebhookService::class)->triggerEvent($webhookEvent, $server);
+                        // Only update the cache/state, do not send webhook here
+                        $cacheKey = "webhook_server_status_{$server->id}";
+                        $state = $webhookEvent === WebhookEvent::ServerStarted ? 'running' : 'offline';
+                        \Illuminate\Support\Facades\Cache::put($cacheKey, $state, now()->addHours(24));
                     }
                 });
             }

discord-webhooks/src/Services/DiscordWebhookService.php

@@ -91,9 +91,10 @@ public function triggerEvent(WebhookEvent $event, Server $server): void
 
         foreach ($webhooks as $webhook) {
             try {
-                $this->sendServerEvent($webhook, $server, $event);
-                
-                $webhook->update(['last_triggered_at' => now()]);
+                $sent = $this->sendServerEvent($webhook, $server, $event);
+                if ($sent) {
+                    $webhook->update(['last_triggered_at' => now()]);
+                }
             } catch (\Exception $e) {
                 Log::error('Failed to send webhook', [
                     'webhook_id' => $webhook->id,
@@ -106,6 +107,14 @@ public function triggerEvent(WebhookEvent $event, Server $server): void
 
     protected function send(Webhook $webhook, array $payload): bool
     {
+        // Enforce Discord webhook URL pattern as a second layer of validation
+        if (!preg_match('/^https:\/\/discord\.com\/api\/webhooks\/.+/', $webhook->webhook_url)) {
+            Log::warning('Rejected non-Discord webhook URL', [
+                'webhook_id' => $webhook->id,
+                'url' => $webhook->webhook_url,
+            ]);
+            return false;
+        }
         try {
             $response = Http::timeout(10)
                 ->post($webhook->webhook_url, $payload);