class WebhookController < ActionController::Base
before_action :verify_signature!, only: :helpscout
def helpscout
email = params[:customer][:email].downcase
user = User.find_by(email: email)
gestionnaire = Gestionnaire.find_by(email: email)
administrateur = Administrateur.find_by(email: email)
html = []
if user
url = manager_user_url(user)
html << link_to_manager(user, url)
end
if gestionnaire
url = manager_gestionnaire_url(gestionnaire)
html << link_to_manager(gestionnaire, url)
end
if administrateur
url = manager_administrateur_url(administrateur)
html << link_to_manager(administrateur, url)
end
if html.empty?
head :not_found
else
render json: { html: html.join('
') }
end
end
private
def link_to_manager(model, url)
"#{model.model_name.human}##{model.id}"
end
def verify_signature!
if generate_body_signature(request.body.read) != request.headers['X-Helpscout-Signature']
request_http_token_authentication
end
end
def generate_body_signature(body)
Base64.strict_encode64(OpenSSL::HMAC.digest('sha1',
Rails.application.secrets.helpscout[:webhook_secret],
body))
end
end