RubyGems - zendesk_apps_support - Versions diffs - 4.20.0 → 4.21.0 - Mend

zendesk_apps_support 4.20.0 → 4.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/zendesk_apps_support.rb +1 -0
data/lib/zendesk_apps_support/package.rb +4 -1
data/lib/zendesk_apps_support/validations/secure_settings.rb +37 -0
data/lib/zendesk_apps_support/validations/source.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 05fdb1c1548cd1f0788f3c4f4e4acae77159f191
-  data.tar.gz: d7d7384f09edcd3973c01e9a688120e0484974f9
+  metadata.gz: c8001c4cd49eb24e7d739b0f1e88298b4daa00b8
+  data.tar.gz: b8203d5cd03a24c44272a1fa24a325b0709407a5
 SHA512:
-  metadata.gz: d1bdb5b392048f13c25fd596d6e491322d516c8c063ef6da1a4bf4c9aaa685e3ff46e9ad5f872fa6f0973fa769676fe6dfa671eac918c8ce1a7d43405677a22d
-  data.tar.gz: 9cecde83aab2cd520ba65d21235577ce1f5dc67cf2bba7ee016fe35b2a3a20f4eafc509ee916967e5bd3a4fd3c6c4cbbce02a1fcd2bad635a1a4fcff512afbb3
+  metadata.gz: bf0e15df15ab5a27bee5642e8ab1436e1d745008f99cdd3ec62e8f91f5a04e0aaf531e7f57f14db528f6daab22177ca5e29dcb85a710eb54deb8589ae6206a7e
+  data.tar.gz: 629a738932279dd2c8bcfa07ddb4050ec6adfd6c17bb23bda086437a866f7ba91b7411bd5044eedf62836871a5b9999514fa2dcfdcffa3d2f10346015c74113b

data/lib/zendesk_apps_support.rb CHANGED

@@ -20,6 +20,7 @@ module ZendeskAppsSupport
   module Validations
     autoload :ValidationError,       'zendesk_apps_support/validations/validation_error'
     autoload :Manifest,              'zendesk_apps_support/validations/manifest'
+    autoload :SecureSettings,        'zendesk_apps_support/validations/secure_settings'
     autoload :Marketplace,           'zendesk_apps_support/validations/marketplace'
     autoload :Mime,                  'zendesk_apps_support/validations/mime'
     autoload :Secrets,               'zendesk_apps_support/validations/secrets'

data/lib/zendesk_apps_support/package.rb CHANGED

@@ -39,6 +39,9 @@ module ZendeskAppsSupport
         errors << Validations::Requirements.call(self)
         errors << Validations::Requests.call(self)
+        # only adds warnings
+        Validations::SecureSettings.call(self)
         unless manifest.requirements_only? || manifest.marketing_only? || manifest.iframe_only?
           errors << Validations::Templates.call(self)
           errors << Validations::Stylesheets.call(self)
@@ -49,7 +52,7 @@ module ZendeskAppsSupport
       errors << Validations::Svg.call(self) if has_svgs?
       errors << Validations::Mime.call(self)
-      # warning only validators
+      # only adds warnings
       Validations::Secrets.call(self)
       errors.flatten.compact

data/lib/zendesk_apps_support/validations/secure_settings.rb ADDED

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+module ZendeskAppsSupport
+  module Validations
+    module SecureSettings
+      SECURABLE_KEYWORDS = %w[token key pwd password].freeze
+      SECURABLE_KEYWORDS_REGEXP = Regexp.new(SECURABLE_KEYWORDS.join('|'), Regexp::IGNORECASE)
+      class << self
+        def call(package)
+          manifest_params = package.manifest.parameters
+          insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
+          package.warnings << secure_settings_warning if insecure_params_found
+        end
+        private
+        def insecure_param?(parameter)
+          parameter.name =~ SECURABLE_KEYWORDS_REGEXP && type_password_or_text?(parameter.type) && !parameter.secure
+        end
+        def type_password_or_text?(parameter_type)
+          parameter_type == 'text' || parameter_type == 'password'
+        end
+        def secure_settings_warning
+          I18n.t(
+            'txt.apps.admin.error.app_build.translation.insecure_token_parameter_in_manifest',
+            link: 'https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings'
+          )
+        end
+      end
+    end
+  end
+end

data/lib/zendesk_apps_support/validations/source.rb CHANGED

@@ -6,7 +6,7 @@ module ZendeskAppsSupport
       class << self
         def call(package)
           if app_doesnt_require_source?(package.manifest) && contain_source_files?(package)
-            ValidationError.new(:no_code_for_ifo_notemplate)
+            ValidationError.new(:no_source_required_apps)
           end
         end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: zendesk_apps_support
 version: !ruby/object:Gem::Version
-  version: 4.20.0
+  version: 4.21.0
 platform: ruby
 authors:
 - James A. Rosen
@@ -11,7 +11,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-07-24 00:00:00.000000000 Z
+date: 2019-07-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: i18n
@@ -279,6 +279,7 @@ files:
 - lib/zendesk_apps_support/validations/requests.rb
 - lib/zendesk_apps_support/validations/requirements.rb
 - lib/zendesk_apps_support/validations/secrets.rb
+- lib/zendesk_apps_support/validations/secure_settings.rb
 - lib/zendesk_apps_support/validations/source.rb
 - lib/zendesk_apps_support/validations/stylesheets.rb
 - lib/zendesk_apps_support/validations/svg.rb