diff options
Diffstat (limited to 'lib/api/error_tracking_collector.rb')
-rw-r--r-- | lib/api/error_tracking_collector.rb | 26 |
1 files changed, 23 insertions, 3 deletions
diff --git a/lib/api/error_tracking_collector.rb b/lib/api/error_tracking_collector.rb index 08ff8d2e4d1..13e8e476808 100644 --- a/lib/api/error_tracking_collector.rb +++ b/lib/api/error_tracking_collector.rb @@ -13,6 +13,7 @@ module API before do not_found!('Project') unless project not_found! unless feature_enabled? + not_found! unless active_client_key? end helpers do @@ -21,8 +22,24 @@ module API end def feature_enabled? - ::Feature.enabled?(:integrated_error_tracking, project) && - project.error_tracking_setting&.enabled? + project.error_tracking_setting&.enabled? && + project.error_tracking_setting&.integrated_client? + end + + def find_client_key(public_key) + return unless public_key.present? + + project.error_tracking_client_keys.active.find_by_public_key(public_key) + end + + def active_client_key? + begin + public_key = ::ErrorTracking::Collector::SentryAuthParser.parse(request)[:public_key] + rescue StandardError + bad_request!('Failed to parse sentry request') + end + + find_client_key(public_key) end end @@ -46,7 +63,7 @@ module API begin parsed_request = ::ErrorTracking::Collector::SentryRequestParser.parse(request) rescue StandardError - render_api_error!('Failed to parse sentry request', 400) + bad_request!('Failed to parse sentry request') end type = parsed_request[:request_type] @@ -67,6 +84,9 @@ module API .execute end + # Collector should never return any information back. + # Because DSN and public key are designed for public use, + # it is safe only for submission of new events. no_content! end end |